#ubuntu-server 2006-06-05
<J_P> hi all
<edneymatias> hi!
<antares79> hi everybody
<edneymatias> hi!
<jonesssss> how do i configure my ubuntu server to have the users on the box chrooted into their home directory, and have there files hosted from their home dir and not /var/www/
<schimmi2> looking for ways to use fastcgi with PHP5. only found howtos for sarge which require to compile PHP5 myself. is it any different with the php5 binaries of ubuntu?
<mgalvin> jonesssss: well hosting files for users is easy, install apache, make sure userdir is enabled, create a dir called "public_html" in their home dir and those file will be accessible via http://yourserver/~user/
<mgalvin> (i think userdir is turned on by default anyway, iirc)
<mgalvin> schimmi2: haven't tried but, the php5 packages are available in dapper, the binaries should work
<schimmi2> trying right now. it was reported that sarge's php4 does not support it
<schimmi2> let's see
<jsgotangco> userdir is enabled and works with php
<jonesssss> is there a way to have ssh only for me (webmaster) and not anyone else?
<jsgotangco> give the others /bin/false
<jonesssss> ?
<spike> jonesssss: look into sshd_config for group/user whitelist
<jonesssss> alright
<jonesssss> i am so lost
<spike> get yourself a tomtom
<jonesssss> wtf?
<_ac_chan_> hello
<jonesssss> hello
<_ac_chan_> what version of PHP / MYsql is installed with dapper server ?
<jsgotangco> 5
<_ac_chan_> oh cool for both then.... i will install it on my dev server then
#ubuntu-server 2006-06-06
<edneymatias> hi all!
<lionelp> Hi edneymatias
<systest> Is any version of  the SPARC release of 6.06 available yet?
<fabbione> systest: no, as the announce said, we are validating on the hw
<fabbione> the hw arrived late, due to some custom issues
<systest> saw that in the release notes.  Thought an alpha or such might be available.
<systest> Thanks for the info.
<fabbione> oh yeah
<fabbione> sure
<fabbione> alpha and beta are around
<fabbione> hmm no
<fabbione> images haven't been published
<fabbione> you can use netboot/netinstal
<systest> ok, didn't see them at the mirrors so thought I would ask.
<fabbione> they are not on cdimage either
<fabbione> i *think* it's because they need to be relased later.. i don't remember all the black magic
<systest> OK, thanks.  I'll wait for the official release.
<fabbione> http://archive.ubuntu.com/ubuntu/dists/dapper/main/installer-sparc/current/images/sparc64/netboot/2.6/
<fabbione> netboot image ^^
<fabbione> you can still test and report bugs
<fabbione> that's always good
<systest> Even better.  Rather try out a new release than go to another, pointless mtg.  Thanks.
<Vaske_Car> Just installed LAMP and SSH. Where can I see directory structure and how to access apache directory to upload site?
<Vaske_Car> For example if I try to access /etc directory i can not... no such file or directory
<gpd> Vaske_Car: this is a development channel - but your DocumentRoot is set to /var/www
<gpd> you won't be able to [and shouldn't be able to]  see /etc or any other part of the filesystem
<Vaske_Car> gpd, just tell me what to do to be able to access server from FTP so i can continue..
<Vaske_Car> Like when you purchase hosting and you can access your root directory with FTP
<infinity> Vaske_Car: Please take these sort of questions to #ubuntu...
<infinity> Vaske_Car: This is a development channel, and generally doesn't take kindly to providing tech support.
<infinity> Vaske_Car: The short answer is "install an FTP daemon".  You don't have one by default.
<Vaske_Car> Thanks! I am seeking for somebody who can answer me several question in 5 minutes rather than spend 10 days to find it online... Cya dream team :)
<brmiller> so is this why ubuntu-server is oft quiet?  developers only?  #ubuntu is pretty noisy--with all them support questions!
<infinity> brmiller: Yes, it's quiet intentionally, so that when we want to get some work done, we can. :)
<infinity> The rest of the time, I'm happy to see the channel idle.  There's no law against quiet IRC channels.
<brmiller> congratulations--that makes perfect sense--I am a developer too (only not for ubuntu!)
<brmiller> it's too bad there is only one "help me" channel, although that is not your problem. :)
<brmiller> keep up the good work
* infinity wishes people wouldn't take "this is not a support channel" as an invitation to continue their support requests in /msg
<infinity> Vaske_Car: If I wasn't busy working and wanted to provide tech support, I'd be in #ubuntu, or responding to mailing list posts on ubuntu-users.
<gpd> [a community supported ubuntu-server support channel might be useful] 
<infinity> Perhaps.  You're welcome to start one.
<gpd> well my experience is that you are better off making the dev channel /more/ obscure and having the default be the support channel - however, that would require shuffling
<gpd> I just started #ubuntu-server on oftc - i'll see how many ppl find it :O
<infinity> I generally expect channels on freenode and oftc to have the same focus if they have the same name.
<gpd> ubuntu-server-support ?
<infinity> I'd be all for idling in #ubuntu-server-devel, but then I wouldn't be here (and a lot of other people wouldn't be), and I suspect folk would just come to the new channel to ask the same questions.  <shrug>
<gpd> probably right - so are you happy if we [non-devs]  answer support questions in here...
<infinity> We get so few support requests here, and most of them aren't really all that server-related anyway (OMG, I JUST INSTALLED THE SERVER CD AND I DON'T HAVE A GUI, HOW DO I GET A GUI?!), so I don't feel too bad sending them to #ubuntu.
<gpd> true
* gpd maintains status-quo
<infinity> And the few really clued-up users woh ask random questions in here often find that they get answered anyway, because INTRIGUING questions that make me go research the answers are kinda fun.
* gpd goes away to find intriguing questions
<kermitX_> infinity: how's this one:  howto run mysql 5 & 4.1 on same box?
<infinity> kermitX_: Don't.
<infinity> kermitX_: If you think you need to, you're almost certainly wrong.
<infinity> kermitX_: If you REALLY need to, then you've done enough research to know why, and therefore have also done enough research to know how.
<kermitX_> infinity: i have a couple scripts requires 5 and a couple that requires 4.1; in production environment they're on different servers, but i am looking at my test server.
<kermitX_> infinity, best to run a bare install in a virtual machine of some sort to get the 'other' version?
<infinity> kermitX_: I've never seen anything that will run on 4.1 that won't run on 5.x.
<infinity> kermitX_: Virtualisation may be a bit extreme, chroots would be fine.
<infinity> kermitX_: Or, you can hack the 4.1 source to have it install to non-standard filesystem locations.
<infinity> Either way, I'm still betting on the "you don't actually need both" scenario.
<kermitX_> infinity, it may be that i don't "need" both -- those are just the versions supported by the companies who made the scripts.
#ubuntu-server 2006-06-07
<nictuku> We need a mailing list for nwu, where do you guys think I can host it?
<lionelp> hi nictuku
<nictuku> hi lionelp
<lionelp> Why not trying to do nwu a sourceforge project and get a ML from sourceforge ?
<lionelp> It is for developement or for users your ML ?
<nictuku> nevermind, I'm hosting it in a personal machine
<nictuku> I mean, a paid hosting
<nictuku> tenta via jabber
<nictuku> oops
<Vaske_Car> I can not install PhPMyAdmin by using sudo aptitude install phpmyadmin, http://paste.ubuntu-nl.org/15230
<ajmitch> enable universe
<gpd> what does it take for a package to be promoted to main?
<ajmitch> a main inclusion report needs to be written up, and it gets reviewed
<Vaske_Car> enabled universe http://paste.ubuntu-nl.org/15232
<gpd> phpmyadmin is my equivalent to apt-get install lamp ;)
<Vaske_Car> result http://paste.ubuntu-nl.org/15233
<ajmitch> and you did sudo aptitude update?
<ajmitch> gpd: it's had a few security holes lately
<gpd> so a friend of mine has been having issues with NFS under debian sarge - I suggested he give Dapper Server a try - is there likely to be any difference?  His NFS is on a 12G RAID device and it randomly fails under load
<gpd> s/12G/12T/ cough
<ajmitch> there may be some difference, given it's a newer kernel & utils
<ajmitch> random failures may get random bugfixes :)
<gpd> k - that is what i assumed also
<Vaske_Car> ajmitch, tx
<Intruder> Morning
<edneymatias> hi!
<erchache> hi
<erchache> i want to get a sun t2000 offered by sun to testing it and install ubuntu dapper
<ajmitch> hello
<erchache> i have a server with 50000 diary users and wants to know performance of T2000
<erchache> anybody has a T2000 or know somebody which do this before?
<ajmitch> yes
<ajmitch> well, I've installed dapper
<erchache> who?
<ajmitch> I haven't done performance testing on that scale :)
<erchache> on a sun T2000 rack server?
<ajmitch> yes
<erchache> and goes on?
<erchache> has problem with NIC's or similar?
<ajmitch> no, it works fine
<erchache> all hardware are recognize?
<erchache> T2000 doesnt have ILO no?
<ajmitch> ALOM
<erchache> yepa :-P
<erchache> http://enciclopedia.us.es/estadisticas
<ajmitch> using the installer via ALOM is fairly slow
<erchache> this is one of my servers....is on a sun fire v65
<ajmitch> but that's more a 'feature' of the hardware
<erchache> one person of ubuntu server team said to me :-D
<erchache> cd its the best and fast way to install ubuntu on T2000
<ajmitch> yes, I installed from cd
<erchache> i dont call to SUN yet for ask details of this but on my company has contracts and contacts with sun
<erchache> but its a good oportunity to kill 2 birds on one shot
<erchache> see T2000 performance and stability of ubuntu dapper on a highload server
<erchache> but 8000  are the problem :-P
<erchache> i bought a hp dl 145 g2 and is a shit
<erchache> i install ubuntu under preasure
<erchache> con calzador :-P
<erchache> because sun sparc machines wasnt support by ubuntu last summer
<erchache> ajmitch: do you use T2000 with ubuntu diary?
<ajmitch> diary?
<erchache> every day
<erchache> on production
<erchache> ajmitch
<ajmitch> no, we have the servers for testing & development
<ajmitch> which is a little held up until we move them to another server room :)
<erchache> uhmmm
* jsgotangco wish he had access to ajmitch toys
<erchache> im too :-P
<ajmitch> jsgotangco: nice, shiny toys...
* ajmitch should rename them pony-1 & pony-2
<erchache> jejejeje
<erchache> well...im waiting for notices for ask sun T2000 machine test it program
* ajmitch wishes he had some bandwidth so he could rebuild the archive or something
<usual> I see the alt iso for ubuntu server mentions RAID config, do I need the alt iso to use ubuntu server with a raid controller??
<neuralis> usual: no.
<usual> ok, I want to toss it on a DL140G2
<usual> and the debian installers are actin funky
<neuralis> funky?
<usual> well, the stable iso doesn't seem to want to deal with partitioning and the daily builds DNS is borked, so it's a lose lose
<usual> so I will try ubuntu server
<neuralis> the d-i paritioning logic is the same in ubuntu as it is in debian.
<neuralis> what do you mean by "doesn't seem to want to deal with partitioning"?
<usual> yeah, but the differences in the debian installers, it works in one and not the other
<usual> maybe the kernel modules or something I dn't know
<usual> so where the partitioning works, the DNS doesn't and vice versa
<neuralis> ah.
<neuralis> well, usually it should Just Work[TM]  if you have a hardware raid controller.
<usual> I like ubuntu and respect the project so I will give the server aa run
<usual> yeah, it's all pretty standard HP stuff. servers like a week old
<usual> debian see's it all...but the differences between installers kinda sucks
<usual> I like the LAMP feature as well
<usual> I'm going to use the box for cacti and maybe a few other things
<usual> may work out well for me
* neuralis grins at how many people like the LAMP install thingie.
<usual> so many people use linux for amp
<usual> so...i'm glad someone stepped up and said hey..heres an idea
<usual> about time heh
<neuralis> infinity: well done. and here i was thinking it was a totally useless addition :-D
<usual> it's just a meta package or something?
<usual> is that the correct term
<usual> task package
<neuralis> it just installs the right individual packages, yes.
<usual> cool
<usual> apt-get blah blah blah-dev blah03 gets annoying
<usual> :D
<usual> are universe packages recieving security updates?
<neuralis> solely at the convenience and discretion of their community maintainers.
<usual> ok
<usual> well that sucks, the ubuntu installer seems to not like the raid card or something
<maswan> usual: cciss?
<usual> HP SAS sata
<usual> not sure whats up with the broadcom nics either
<usual> it see's them but that act weird
<usual> not detecting dhcp one minute and detecting it the next...
<Vaske_Car> I installed LAMP and forum but just first page can be displayed to others, it they access any other part of the forum script can not be dispyaled
<Vaske_Car> what is the problem
<uniq> vaske_car: this is not a support channel, don't expect to get help here. you should try #ubuntu
#ubuntu-server 2006-06-08
<usual> Anyone happen to run ubuntu-server on a HP server with a SATA raid card?
<usual> maybe if I try 2.4 instead of 2.6
<xnull> hi i want to install ubuntu as a server
<jonesssss> hey
<xnull> what does it have? for a server
<jonesssss> have you installed ubuntu yet?
<xnull> yes
<jonesssss> LAMP, linuc, apache mysql and php
<jonesssss> linux*
<xnull> i want something hardened
<jonesssss> such as?
<xnull> lets say kernel+grsecurity php+hardening-Patch etc..
<jonesssss> lol
<jonesssss> well
<xnull> does apt knows about that?:)
<jonesssss> im not sure what you mean, im guessing you just want security
<xnull> yep.
<jonesssss> is the pc going to be a perminat server or one you install on your everyday use pc?
<xnull> server apache+mailserver
<xnull> brb
<infinity> xnull: "hardened PHP" is complete useless wank.
<infinity> xnull: As for grsecurity, if you want it, you get to compile your own kernel.  No big deal, I tend to compile my own kernels for all my servers too.  *shrug*
<xnull> infinity: me 2, but why hardened php sux?
<infinity> It changes the behaviour of PHP enough that the few slight benefits you get from it seem to be outweighed by the "it doesn't work how the manual says it does, and 3rd party PHP apps all break" factor.
<xnull> hmm
<infinity> It also just seems to be a wonderful way for the Hardened PHP folk to get press when there are PHP vulns discovered (which Ubuntu fixes anyway, so...)
<infinity> Anyhow, to each their own, I suppose.  I'll never ship the "hardened" patch in Ubuntu, though.
<neuralis> personally, i find most php applications to be amazing exercises in human idiocy from a security and code quality point of view. but that's just me.
<infinity> Yes, that they are.
<infinity> "Input validation, what's that?"
<infinity> But it annoys me, as the PHP maintainer, that PHP "programmers" blame the language for their lousy programming, rather than blaming themselves.
<infinity> 99% of our security releases for PHP are programmer error (input validation being a big one).
<infinity> We don't do glibc security releases to build in input validation into every function you may abuse there, but apparently, PHP is supposed to hold your hand.
<neuralis> well, it's a non-trivial issue. php is a language ghetto, and it lowered the bound to entry for programming to an IQ of 70. then a lot of people with neighboring IQs went and started programming in it, which promptly turned away the vast majority of smart people who wanted to use the language.
<neuralis> nowadays, php has very strong community value -- it keeps most of these people away from other languages.
<neuralis> </hate>
* infinity snickers.
<infinity> Keeping idiots away from Perl and Python is a noble goal.
<infinity> The real shame is that PHP /is/ useful, despite the thousand of people who make it look like it isn't.
<neuralis> aye.
<ajmitch> I've seen some good things written with php
<ajmitch> & some shockers
<infinity> ajmitch: I try not to admit to it often, but I can bang out rapid prototyping in PHP about twice as fast as Perl (and Perl about twice as fast as Python)
<infinity> I full admit that the latter is due to a lack of experience in Python.
<infinity> But the former is just because PHP really is *that* quick for prototyping.
<neuralis> ajmitch: a good hacker will write good code regardless of the language, so that there exists some good stuff in PHP isn't surprising.
<neuralis> infinity: for people who know the value of using the right tool for the job, PHP has some excellent uses.
<neuralis> oh, and you can definitely get to the point of producing python as quickly as perl. i'm a convert after reaching stage 6 of nat torkington's seven stages of a perl programmer.
<infinity> neuralis: I expect that one day I'll be proficient in Python, but currently it's a painful affair compared to Perl.
<infinity> With PHP, though, the great this is that half the time when I want to do Radnom Thing X, I realise it's already been implemented in C, and it's literally a single function call to make it go in PHP.
<infinity> In Perl or Python, that tends to translate to at least 5-10 lines of code, even if the functionality exists in an extension, and many, many more if it doesn't.
<infinity> PHP's "make it all C" approach tends to lead to the unfortunate acceptance by idiots, but it also makes it very, very quick to "get shit done".. A horrible double-edged sword.
<neuralis> that it is.
<neuralis> i'm trying to see if i still have some of my more amusing perl snippets around
<neuralis> oh, here's a fun one: http://pastebin.com/766666 is a full-blown interpreter for an obscure flavor of simple assembly, with the target being brevity. the next shortest solution was about 5 times the length :)
<infinity> And that's precisely why most people hate Perl. :)
<infinity> Mine tend to aim for readability.
<neuralis> infinity: i wrote ~100kloc of relatively pretty, easy-to-maintain perl code for "serious" uses. this wasn't one of those :)
<infinity> Obviously not. :)
<infinity> For maximum unreadability, write a brainfuck interpreter in Perl.  Even if you TRY to make it readable, it won't be.
<neuralis> haha i actually never tried that
<infinity> (And if you try to make it unreadable, it'll be hell)
<neuralis> didn't a recent ioccc go to a brainfuck interpreter?
* neuralis looks
<xnull> I installed qemu .. how do I start him ?
<neuralis> xnull: you need an image to start it with.
<xnull> neuralis: i have.. but I don`t have a meniu or something ?
<infinity> neuralis: I intended at one point to write a brainfuck variant (my current favourite is "whitespace") calles "escapes", which would use ',",\ etc as the keywords.  Wouldn't make the code any less readable than brainfuck, but it would make interpreters nearly impossible to understand.
<neuralis> xnull: no menu. qemu -hda <imgfile>, man qemu for detailed options
<neuralis> infinity: http://laptop.org/~krstic/timwi-bf.c (2005 winner by arne heizmann)
<infinity> Oh, that's pretty.
<neuralis> cracks me up.
<neuralis> infinity: you should write an escapes spec for edgy.
<infinity> Only if the spec includes rewriting core infrastructure in Escape.
<maswan> a "port all init.d scripts to escapes" spec?
<infinity> Ed Zachary. :)
<maswan> :)
<neuralis> infinity: why the hell not? linspire is switching everything to haskell, and what better way to one-up them.
<ajmitch> infinity: what interesting -server stuff do you have ideas about?
<infinity> I have no ideas, cause I've been flat out on "closing dapper" and "opening edgy".
<infinity> \o/
<infinity> Haven't had the time to be creative.
<infinity> neuralis: How about you?
<ajmitch> right :)
<ajmitch> currently I've just got the network auth & am hopeful about selinux
<ajmitch> I'll try & dream up new ideas by tomorrow, though I won't be there to discuss them in person
<infinity> I'd like to see some SEL stuff, but I'm doubting that "good end-to-end SELinux policies" is a realistic goal for edgy.
<infinity> For edgy+1, it's totally doable, because the SELinux effort in Debian is awaking from its slumber as well.
<ajmitch> I think it's fairly likely to get some in for edgy - comprehensive coverage isn't the initial goal
<ajmitch> basic tools & a modular reference policy that covers common cases will help
<infinity> I'm all for trying for "something less crap than what we have".
<infinity> Bordering on "useable", even.
<infinity> Are you in contact much with Russel?
<ajmitch> manoj has packaged up the latest reference policy for sid
<ajmitch> I talk to him form time to time
<infinity> He's left RedHat recently and is back on the Debian/SELinux warpath.
<ajmitch> yes, I saw that
<infinity> His goal is to do for Debian what he did for Fedora.
<ajmitch> which is great news for us
<ajmitch> he's keen to see it happening in Ubuntu as well
<infinity> If he'd like to work directly with us to push it in faster (especially if what he wants to do is too agressive to make the Etch release), then that's awesome.
<infinity> Otherwise, I'm happy to inherit from Debian.
<ajmitch> to my great surprise, we can do 0-day NMUs to get selinux functionality in debian
<ajmitch> apart from that, I've got some sparc toys to play with for now
<ajmitch> & I have to find out what's happening with the hypervisor & virtualisation
<ajmitch> though that falls more under the kernel area
<trs80> ajmitch: network auth?
<ajmitch> yes
<trs80> what does that actually mean?
<ajmitch> client/server authentication using ldap & kerberos for some sort of single sign-on
<trs80> cool. does this mean lib{pam,nss}-ldap will hit main?
<ajmitch> using pam_krb5 for this
<ajmitch> but possibly :)
<trs80> what will you be using for network filesystem? nfs 3, 4 or cifs?
<ajmitch> I'm just focusing on the authentication part here
* trs80 nods
<neuralis> infinity: saw the -meeting notice, i'm considering myself poked re: specs (they've been on the todo list for a while, hoping to get around to them late this weekend.)
<edneymatias> morning!
<lionelp> hi edneymatias
<Linuturk> where is the php.ini file?
<Linuturk> I need to install the GD Library for my LAMP server. what is the easiest way to do this?
<kermitX_> Linuturk, gd for php? try php5-gd
<Linuturk> yeah
<Linuturk> i installed the default LAMP install
<Linuturk> how would I upgrade to the gd?
<kermitX_> just install that package.
<Linuturk> i'm not seeing it in synaptic
<Linuturk> nvm
<Linuturk> found it
<Linuturk> anything I need to do to configure it?
<kermitX_> Linuturk, nope.
<Linuturk> i'll need to restart apache before it will take effect?
<gpd> [synaptic in the default LAMP install o_O] 
<kermitX_> ;)
<niallobroin> I'm trying to do a dapper install with RAID1 disk setup, but when it comes time to configure the MD devices, one of the partitions I've setup on one disk isn't offered in the list. All partitions are correctly marked as type fd. Any ideas?
<J_P> hi all
<J_P> people, I have my ubunu-server and I would like change de locales, so i try do "dpkg-reconfigure locales", but this not works (but in debian works), this command does not open dialog to change locales, onde generate locales up-to-date. Anyone know How I change the locales ?
<gpd> you probably need to change the dpkg query level (can't remember the flag right now)
<gpd> dpkg-reconfigure -plow
<J_P> ok :_0
<J_P> :_)
<J_P> trying...
<J_P> gpd: "dpkg-reconfigure -plow locales"  right ?
<J_P> gpd: dpkg-reconfigure -plow locales  result is equal as dpkg-reconfigure  locales :-(
<J_P> gpd: decobriu algo como fazer p usar o dpkg-reconfigure locales ?
<mystamax> anyone around?
<gpd> J_P: install localeconf
<J_P> hi all
<gpd> J_P: install localeconf
<J_P> gpd: ufa!! trying!
<J_P> gpd: yes, after dpkg-reconfigure localeconf works.. :-)
#ubuntu-server 2006-06-09
<nemster> hi! anyone knows how i can do an online resize of my ext3 / fs?
<gpd> when you say 'online' do you mean 'currently mounted as /' - not sure if that is possible/advised - a LiveCD and Parted is the normal method
<gpd> if you have no other choice / partitions you could create a small boot image in your swap partition, boot into that and then resize the other partition
<nemster> yup i mean a mounted /
<nemster> it IS possible and worked fine when i tried fedora core 5
<nemster> since what i read i need to apply a patch for my kernel
<nemster> i never compiled a kernel in ubuntu,it seems to be somewhat different from what i am used from gentoo ;)
<usual> is it possible that having acpi enabled during an install that nics may be identified but not function properly?
<TTT_Travis> how do I downgrade from mysql-server-5.0 to mysql-server-4.1?
<TTT_Travis> it keeps failing when I try
<TTT_Travis> Aborting downgrade from (at least) 5.0 to 4.1.
<gpd> do you have data in the tables?
<gpd> you could mysqldump the data out --- purge the mysql-server package and reinstall the lower one
<Linuturk> hey fellas
<Linuturk> i got caught on something
<Linuturk> http://superb-east.dl.sourceforge.net/sourceforge/epayroll/INSTALL.txt << step 3
<Linuturk> that line doesn't work
<Linuturk> can someone help?
<Linuturk> basically, they provide a .sql file to configure the new mysql database I've created
<Linuturk> and I need to tell mysql to use that file
<Linuturk> but, it won't :(
<kermitX_> Linuturk, change this: /usr/local/mysql/bin/mysql payrolldb -uusernamae -ppassword<payroll.sql
<kermitX_> to just: mysql payrolldb -uusernamae -ppassword<payroll.sql
<kermitX_> Linuturk, mysql is not located in /usr/local/mysql/bin/ it's in your path
<kermitX_> Linuturk, aka /usr/bin/ so just using mysql will run it.
<Linuturk> i get error 1067
<Linuturk> when I ran that line
<kermitX_> use mysqladmin not mysql, sorry.
<kermitX_> Linuturk, or do you have the db created?
<Linuturk> unknown command 'payrolldb'
<Linuturk> i already created the database
<Linuturk> mysqladmin payrolldb -uusernamae -ppassword<payroll.sql
<Linuturk> produced
<Linuturk> unknown command 'payrolldb'
<Linuturk> and, the database is pre-existing
<kermitX_> Linuturk, mysql payrolldb -uusername -ppassword < payroll.sql
<kermitX_> Linuturk, there is a -u and a -p before the user and pass, respectively. try a space after your password like above.
<Linuturk> tried that
<kermitX_> Linuturk, does username have privs on the db?
<Linuturk> i get error 1067 (42000) at line 18: Invalid default value for 'bonusid'
<Linuturk> kermitX, using root
<kermitX_> Linuturk, and you're using mysql 5?
<Linuturk> yep
<kermitX_> how big is that sql file?
<Linuturk> auto LAMP server
<kermitX_> Linuturk, can you pastebin it?
<Linuturk> 11.7 kB
<Linuturk> uhhh, hold on
<Linuturk> !paste
<Linuturk> where is pastebin again?
<kermitX_> ubuntu.pastebin.com works.
<Linuturk> http://ubuntu.pastebin.com/769016
<Linuturk> think there is something wrong with their .sql file?
<kermitX_> Linuturk, get the same thing on mysql 4.1 -- hang on gonna try phpmyadmin, since that's what they dumped it from.
<Linuturk> mmk
<Linuturk> wierd it doesn't work, don't you think?
<kermitX_> Linuturk, it's a little lacking in documentation, don't you think?
<Linuturk> yeah, i'd say so
<Linuturk> do you know of a better time clock thing? i'd really like to see this working though
<kermitX_> Linuturk, trying mysql 4.0 on sarge
<Linuturk> :-/, i'm running ubuntu 6.06 LAMP install though. crap.
<kermitX_> Linuturk, worked in mysql 4.0.24
<Linuturk> ok, anyway to export that to mysql 5.0?
<kermitX_> Linuturk, as far as timeclock keepers go.. this was the most recent project you found on sourceforge? it's 4 years old.
<Linuturk> yeah :-/
<Linuturk> well, the first on the list
<Linuturk> can you find a more recent one?
<Linuturk> wait, i found one
<Linuturk> let me play with this one
<Linuturk> how do I remove a database from mysql?
<infinity> drop databsase foo
<kermitX_> Linuturk, is this the error you got? ERROR 1067 (42000) at line 18: Invalid default value for 'bonusid'
<Linuturk> yeah
<kermitX_> infinity, do you know why that would happen on a import of a < 4.1 dump into v5 mysql?
<kermitX_> scroll up for the paste
<kermitX_> infinity, it imports fine on my sarge box with 4.0, but not on dapper w/ 4.1 or Linuturk's 5
<infinity> Because that SQL is broken?
<kermitX_> infinity, it's a phpmyadmin dump out of mysql 3.22.32
<kermitX_> infinity, perhaps just not compatible? or maybe even the php  script he was trying wont be?
<infinity> You can't have a default value for an auto_increment column.  By definition, auto_increment columns are UNIQUE.
<Linuturk> is there a quick reference for mysql commands? i found a different, better documented time clock application
<infinity> (And generally, unless you explicitely say otherwise, they get set up as the primary key)
<Linuturk> i need to add a database again, and grant a user access to that database
<kermitX_> infinity, they're all like that.. would be some code cleanup on mysql's part rejecting that syntax now?
<Linuturk> well, i remembered how to add a database
<infinity> "create database foo; grant all on foo.* to user@localhost identified by 'mynewpassword';"
<infinity> kermitX_: yeah, 4.1 and 5.0 are more strict about accepting broken SQL.
<kermitX_> infinity, that would explain why i've had to edit some dumps like that in the past. i just couldn't remember *what*
<infinity> kermitX_: I wouldn't call that a bug, per se. :)  If phpmyadmin is still creating such broken syntax, that's a bug.
<infinity> (mysqldump certainly wouldn't)
<kermitX_> infinity, well, it *is* an equally old version of phpmyadmin that was used. ;)
<kermitX_> infinity, thx for the help.
<infinity> Linuturk: The mysql.com website has a comprehensive manual.
<infinity> Linuturk: http://www.mysql.com/doc
<kermitX_> extremely comprehensive ;)
<kermitX_> Linuturk, meet me in #ubuntu-offtopic if you want to discuss other timeclock scripts.
<edneymatias> morning!
<adri> anyone awake in here?
<adri> how do I make my default home, /home/ubotu
<adri> because whenver I log in, the dir I'm at is /
<adri> but it's okay i guess
<gpd> etc /etc/passwd
<gpd> edit even
<adri> gpd, okay thanks
<kermitX_> adri, use sudo vipw
<kermitX_> adri, to edit that file.
<adri> okay, thanks
<adri> sudo vipw /etc/passwd ?
<kermitX_> adri, no, just:   sudo vipw
<adri> kermitX_, oh okay
<kermitX_> adri, you'd be looking for a line like this: username:x:1000:1000:Full Name,,,:/home/username:/bin/bash
<adri> oh okay thanks kermitX_ !
<kermitX_> adri, by default, users' homes are already set. but if you're logged in as 'username' you won't see 'username' at a console prompt. you see ~ which is a shortcut to your homedir.
<adri> kermitX_, ah okay
<timmower_> Hi there, my samba file sharing is refusing to work.
<timmower_> I have tried a config that I know worked with gentoo, I have switched to a static IP and I have tried with encrypted and normal passwords
<timmower_> can anyone help?
<ubotu_> what's up
<blanky> heh
<blanky> named my server ubotu :)
<blanky> whatever!
#ubuntu-server 2006-06-10
<Rennen> http://paste.ubuntu-nl.org/15477 - anything I am missing in here to get webmin?
<Rennen> http://paste.ubuntu-nl.org/15476 - error I get trying to install webmin
<usual> has anyone successfuly installed ubuntu server on an HP DL140 G2?
<neuralis> usual: do you have a url with the specs?
<usual> neuralis: I can get one. the problem seem's to be with the broadcom nics
<usual> neuralis: I have tried every possible install of debian and now the ubuntu server install...centos installs like a dream and works great...but i would prefer debian or ubuntu
<neuralis> that's strange. if you can track down what makes it work in redhat but not in debian and file the appropriate bugs, that'd be most helpful
<usual> http://h20000.www2.hp.com/bizsupport/TechSupport/Home.jsp?&lang=en&cc=us&prodTypeId=15351&prodSeriesId=455149&submit.y=0&submit.x=0&lang=en&cc=us
<neuralis> there are no specs on that page.
<usual> neuralis: debian/ubuntu detect the nic's but they act very flakey...working one minute and not the next...and then one time i actually got debian to install...and it booted up...shows the volume name and everything looked great and it said...waiting for root filesystem
<usual> sorry
<neuralis> usual: what's the kernel version on the centos that works fine?
<usual> neuralis: I will check. it's all at work and i am home so I will just check cent os's page
<neuralis> in general, this sounds like centos has a more recent kernel that has better support for your hardware, and there isn't much we can do about that.
<usual> sure. someone in #debian just told me the problem witht he nics is a limitation of support in the debian kernel because of licensing...so I have to install the tg3 module from broadcom's site
<usual> i'll try it monday
<usual> now if that works, all thats left is the raid problem...installer see's it..i partition it...bootup shows it...mounting root fs...loading modules...then bam..hangs at waiting for root fs
<neuralis> fwiw, i have a bunch of HP DL380s running perfectly with their tg3 nics for ~16 months now
<usual> neuralis: this si the first problem i have had with ubuntu/debian...even hp's..just this one dl140
<usual> neuralis: and I so want to just hit that LAMP install and watchit all work heh
<neuralis> yeah, not sure what to tell you. i don't have a DL140 on hand.
<usual> neuralis: no worries. I appreciate your help either way
<linuxmonkey> hey guys I just installed the Ubuntu server and on my other pc I got the kubuntu desktop, anyways, I installed the NFS Server and can connect no problem, however my issue is that when transfering files I only get 300KB/s over a 100Mbit link between the 2 computers
<lwizardl> hi
<linuxmonkey> can anyone help me with my issue?
<lwizardl> I just did a ubuntu 6.06 lts lamp install and I having problems with configuring vhosts and allowing multiple sites
<lwizardl> anyone ? i can't seem to get anything besides the first site in the config to work
<neuralis> lwizardl: this is not a support channel; please take your question to #ubuntu
<neuralis> lwizardl: in fact, that's not even an ubuntu question, so i recommend reading the apache documentation.
<lwizardl> neuralis, don't that and they say that debian/ubuntu handles apache weird and makes the configuration hard
<lwizardl> i'll just try gentoo they seem to be more helpful
<neuralis> awesome.
#ubuntu-server 2006-06-11
<lucasvo> is there a non-gui update-manager for servers?
<lucasvo> I am still running breezy
<lucasvo> and I'd like to update to dapper
<lucasvo> or do it manually?
<spike> lucasvo: see the topic, this channel is for ubuntu development discussions only, not for general help. besides, your question is not even server related. said so, such update is just a matter of change mirrors to dapper in /etc/apt/sources.list and running apt-get dist-upgrade
<Mysta_> hello guys
<Mysta_> anyone around?
<neuralis> Mysta_: what's up?
<Mysta_> I tried to change my hostname, and cannot restart my machine
<Mysta_> i receive an error stating, 'sudo: unable to lookup atl-vmware01 via gethostbyname()"
<neuralis> add the requisite entry to /etc/hosts, and please use #ubuntu for general questions in the future
<Mysta_> even if Im running dapper-server?
<neuralis> Mysta_: yes. see the /topic.
<Mysta_> neuralis: gotcha
<Mysta_> i see it
<Mysta_> im not sure i understand your response.
<neuralis> if you look at /etc/hosts, you'll find your old hostname in the 127.0.0.1 line. replace it with the new hostname.
<Mysta_> neuralis: i cannot run sudo, I'll get that same error
<Mysta_> ah well, i wont take up your time, i'll go back to #ubuntu, thanks anyway
<neuralis> Mysta_: see http://ubuntuforums.org/showpost.php?p=1045047&postcount=3
<Mysta_> neuralis: lookin now thx
<fireloard> does ne1 know about setting up cvs in ubuntu server?
<neuralis> he does. unfortunately, ne1 is not here right now.
<neuralis> vacation in paris.
<neuralis> fireloard: http://sanatio.blogspot.com/2005/12/cvs-server-on-ubuntu.html
<fireloard> lol thats the guide i used.. i still get a "unrecognized auth response fromlocalhost: pam failed to release authenticator"
<spike> why would anybody use cvs in the first place?
<spike> besides sadomasochism of course
<fireloard> ha
<fireloard> i just wanted a source control program... i thought cvs was the major player in that area?
<neuralis> fireloard: no. everyone's abandoning it left and right.
<neuralis> fireloard: take a look at http://www.selenic.com/mercurial/wiki/index.cgi and http://bazaar-vcs.org/ for two good, simple version control systems.
<neuralis> fireloard: the latter is produced by the same company that does ubuntu.
<neuralis> fireloard: the former is fast. :)
<neuralis> packages for both are in ubuntu as mercurial and bzr, respectively, though mercurial is an older version. if you choose it, don't use the package, grab it from the site, or i can give you a 0.9 package.
<ajmitch> yeah, we were talking about sticking 0.9 in dapper-backports last night
<ajmitch> since it builds simply from sid
<ajmitch> just waiting for edgy to open up & get 0.9 so we've got somewhere to backport from
<neuralis> yeah
<neuralis> [root@pedal board-internal] # cat /etc/redhat-release
<neuralis> Red Hat Enterprise Linux AS release 4 (Nahant Update 3)
<neuralis> need to fix that.
<Mysta_> neuralis: that worked wonders, thanks alot!
<neuralis> Mysta_: sure.
<edneymatias> hi!
<edneymatias> hello again
<edneymatias> bye!
<visik7> does ubuntu server has xen ?
<spike> kinda
<spike> visik7: see ubutu-devel for a recent thread on the topic
<spike> basically packets from debian sid does work
<neuralis> visik7: not officially.
<spike> as a general rule there are some problems because of the way xen guys release patches and ubuntu kernel version
<spike> ie, they're not quick enough
<visik7> but do I need to use a vanilla kernel in dom0 ?
<neuralis> not an ubuntu vanilla kernel, no; it doesn't support xen.
<visik7> for vanilla I mean the one on kernel.org
<neuralis> well, you can certainly take the ubuntu server kernel, patch it with xen, and roll your own packages.
<neuralis> or you can go the vanilla route (be sure to match the udev version, however.)
<Pupeno> Hello.
<Pupeno> I can't get php to work. Whenever I try to access a php files it just downloads it. Apache doesn't interpret it.
<Pupeno> I've installed libapache2-mod-php5, enabled the module, checked the mime types. Apache shows PHP 5 in the signature.
<Pupeno> any ideas ?
<st_iron> hello
#ubuntu-server 2007-06-04
<benlake> I am attempting to follow the LVMOnRAID wiki page to setup RAID1 with md/lvm obviously. I am using the 6.06 LTS alternative CD and with some fiddling have managed to get the md device created and LVM lv's setup. The system began the installation per normal but is failing on the installation of LILO. It just says "installation failed on /target/"
<benlake> I'v perused the forums, and ideas?
<benlake> hmm, this page https://help.ubuntu.com/community/FileServerOnLVMOnRAID1 seems to say you can safely ignore this problem
<benlake> guess I'll see what happens
<benlake> well that seem to work
<benlake> I ripped a drive out and md reported the failure appropriately
<benlake> fyi 6.06 needs help rescanning the scsi bus before you can use the re-added/new drive. apt-get scsiadd, use that to tell the kernel about the device and then you can mdadm --manage /md# -a /dev/newdevice to get your array rebuilding
<PanzerMKZ> 7.04 better on this then?
<benlake> I wanted to be running an LTS version so that's what I get :) I think anything over kernel version 2.6.18 has better support for hot swappable stuff
<benlake> which would include 7.04
<Tinned_Tuna> heya, i've installed postgresql in place of MySQL, but I don't know the default user name or passwd for the admin/root user in pgsql, does any one know what this is?
<thedeviantone> has anyone seen this install error "i20 iop0: could not activate controller"
<thedeviantone> or "Could not stat device B-00RA0 - No such file or directory"
* Starting logfile irclogs/ubuntu-server.log
<dballester> hi to all
<dballester> sorry for this question: Time ago i read how to propose new applications or features but i can't remeber/find the steps to do it, can you give me any link to read about it? TIA
<gejr> what's the best way to stream music from my ubuntu-server to my winxp computer at work?
<gejr> i'd like it to have some kind of interface so i can switch songs easily, rather than setting up some kind of shoutcast server
<ivoks> icecast-server
<gejr> how would i be able to administer that? i'd have to ssh to the server to change song right?
<fernando> moin all
<ivoks> gejr: there are web based interfaces
<gejr> are they nice? in your opinion..:)
<gejr> i know that question is quite subjective
<ivoks> well, if it subjective, then you'll have to test it, right?
<gejr> indeed..i was just curious if it's worth testing ;)
<shawarma> gejr: I've used libapache2-mod-musicindex once. It worked pretty well back then.
<gejr> is that a frontend for icecast server?
<ivoks> yes
<shawarma> No.
<gejr> ok thanks..i'll check it out
<ivoks> or it works on its own? i thing it's a frontend
<gejr> has it nothing to do with icecast at all?
<ivoks> http://ubuntuforums.org/showthread.php?t=34359
<gejr> i found a guide on ubuntuforums for this..and it doesn't say anything about icecast
<gejr> yea..that's the one :)
<shawarma> ivoks: It's pretty much just a fancy frontend for Apache. It works by generating a .m3u file with http links in it which looks like streaming to the client.
<ivoks> right...
<ivoks> example:
<ivoks> http://www.parisc-linux.org/~varenet/musicindex/
<shawarma> Precisely
<gejr> it looks pretty nice..well..no, but the functionality looks nice :)
<shawarma> It looked really shiny 5 years ago when I used it.
<shawarma> :)
<shawarma> It looked exactly the same back then, but it seemed more shiny at the time.
<gejr> i can't get it to work..i only get "Forbidden"
<gejr> when i try to access my http://localhost/musicindex/
<gejr> i've followed the manual and done pretty much exactly what it said
<gejr> i've tried different chmods on /usr/share/mod_musicindex/ too
<gejr> to no avail
<mh_le> where can I find init scripts for clamav?
<dballester> sorry for this question: Time ago i read how to propose new applications or features but i can't remeber/find the steps to do it, can you give me any link to read about it? thanks
<mralphabet> launchpad perhaps?
<shawarma> dballester: https://blueprints.launchpad.net/ubuntu/
<dballester> shawarma, thanks
<shawarma> dballester: np
#ubuntu-server 2007-06-05
* Starting logfile irclogs/ubuntu-server.log
* #ubuntu-server  [freenode-info]  channel flooding and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
<citybird> anyone have experience installing nagios?
<fernando> moin all
<necrite_> hi all
<necrite_> anyone here knows how to mount (or see) one SAN partition?
<mralphabet> how does the san have it exported?
<mralphabet> nfs? iscsi? smb?
<necrite_> mhh i hace one "Fibre Channel: QLogic"
<necrite_> so i must see it as scsi device
<mralphabet> is the san physically connected to the ubuntu box?
<necrite_> yes.. with the fiber channel card
<necrite_> do i have to install open-iscsi ?
<necrite_> package?
<mralphabet> if you do a 'cat /proc/partitions' does it show up?
<necrite_> only my local devices
<necrite_> my lsmod say
<necrite_> scsi_mod              174136  4 libata,cciss,qla2xxx,scsi_transport_fc
<necrite_> qla2xxx id the module of my fiber chanel card
<necrite_> mralphabet, r u there ? :D
<necrite_> there is any place to read about it?
<mralphabet> necrite_: it's not something I have done myself
<mralphabet> http://ubuntuforums.org/archive/index.php/t-24022.html
<mralphabet> that's what I come up with when I google for qla2xxx+ubuntu
<mralphabet> not sure if it does you any good
<mralphabet> from other pages I am reading, I would have to say fabbione is the one to track down
<fabbione> just one minute that i need to finish one email
<necrite_> k :)
<necrite_> going for more coffe
<necrite_> :D
<fabbione> re
<fabbione> necrite_: 3 things... version of ubuntu? qlogic model?
<fabbione> and if you can post dmesg somewhere
<necrite_>  2.6.20-16-server
<necrite_> ubuntu server 7.04
<necrite_>  Fibre Channel: QLogic Corp. ISP2432-based 4Gb Fibre Channel to PCI Express HBA (rev 02)
<necrite_> dmsg of ?
<fabbione> of the machine booting
<fabbione> just run dmesg command and save the output somewhere
<fabbione> slam it somewhere i can grab and read it
<necrite_> yes.. but dmesg of one sections or all dmesg?
<fabbione> all of it
<fabbione> i think i have the same exact controller in one of my machines and it works
<fabbione> 4Gb PCI-E
<fabbione> ISP24** but i can't remember the last 2 digits
<necrite_> how can i check it?
<fabbione> check what?
<necrite_> access to the san 
<necrite_> can i send u the file?
<necrite_> from here?
<fabbione> if you can give me the dmesg i can see what is wrong.. or should be able to 
<necrite_> oks 
<fabbione> can you send an email?
<necrite_> yes
<fabbione> fabbione@ubuntu.com 
<necrite_> OMG :S
<fabbione> mail the all dmesg there
<necrite_> ^ ^
<necrite_> done
<fabbione> [   62.668935]  qla2xxx 0000:13:00.0: LOOP UP detected (4 Gbps).
<fabbione> so the controller can see the SAN
<fabbione> and it did scan for disks
<fabbione> some SAN's require you to export disks to specific hosts.. did you do that?
<necrite_> didnt know. the san is managed from other person.. 
<fabbione> can you paste me here in private msg the output of lsmod ?
<necrite_> but i have to be sure there is no export in the san
<fabbione> well the LOOP is up.. it means the controller is talking to at least the SAN switch
<fabbione> i assume somebody already tested the SAN on another machine
<fabbione> if so, you need to sit with the SAN dude and get him to export something for you and check if the SAN can see your machine
<necrite_> oks
<necrite_> thanks fabbione 
<fabbione> oh hmmm
<fabbione> that's weird
<fabbione> modprobe sd_mod ?
<fabbione> it's missing the sd_mod from that list
<fabbione> and that does the scan on the scsi bus
<necrite_> did i have to restart the server?
<fabbione> no
<fabbione> just modprobe sd_mod
<necrite_> done
<fabbione> wait a few seconds
<fabbione> and then check both /proc/partitions and dmesg
<fabbione> should be good by now
<fabbione> any change?
<necrite_> nop
<fabbione> ok .. that's the only thing that was not loaded in that kernel
<fabbione> next is to check with the SAN guy
<fabbione> the OS is ok
<necrite_> oks :D
<fabbione> and i know 100% that the driver work
<necrite_> exelent ..
<necrite_> i ll call him
<necrite_> :)
<necrite_> do i need the open-iscsi package?
<fabbione> are you using an iscsi device?
<fabbione> i saw you also loaded a gazillion modules for IB..
<necrite_> :S dont know. i am a noob with SAN and this staff
<fabbione> do you actually have an IB backplane?
<fabbione> FC-HBA is scsi_transport_fc
<fabbione> you don't need iscsi 
<necrite_> IB = blades ?
<fabbione> InfiniBand
<necrite_> nop .. i dont have IB
<fabbione> so you don't need half of the modules you loaded
<fabbione> anyway
<fabbione> you will figure that out eventually
<necrite_> fabbione, where can i read about this
<fabbione> SAN or IB?
<necrite_> bouth
<fabbione> www.google.com ?
<necrite_> SAN and linux
<fabbione> same as above :)
<necrite_> :P
<necrite_> k :)
<ivoks> hello admins
<slackwarelife> ivoks: hello
#ubuntu-server 2007-06-06
<necrite_> ppl.. what is the best option to file sharing between 2 linux server? nfs?
<Administrator_> hi
<Dasc> anyone home? :D
<Burgundavia> nope
<Dasc> I'm trying to setup a linux server to share my internet connection with load balancing, can someone point me to the right direction?
<Dasc> everyone's asleep? :X
<Burgundavia> load balancing/
<Burgundavia> ?
<Dasc> ya
<Burgundavia> network load balancing?
<Dasc> yup yup
<Dasc> have 2 internet connections
<Dasc> and a house full of downloaders >_X
<Dasc> want to setup the server to automatically use both internet connections
<Burgundavia> right
<Burgundavia> get two network cards, and plug them both in
<Dasc> have 3 network cards
<Dasc> ;x
<Burgundavia> http://lartc.org/howto/lartc.rpdb.multiple-links.html
<Dasc> ooooo was sort of looking at that earlier
<Dasc> will give it a go and see what happens :x
<Dasc> but definately looks like the diagram I need ^_^
<Dasc> thanks burgundavia :D
<Burgundavia> no worries
<Burgundavia> I have never tested that, however
<Dasc> hehe that was one of the reasons why I wanted to ask around and get confirmation before I try it :p
<thedeviantone> I'm trying to install  Ubuntu 6.06 LTS on an AMD650 with a PERC2/SC SCSI Controller and i always get a "Kernel Panic Error" VFS: Could not Mount root device use correct root= boot option
<thedeviantone> can anyone helpme with server install
<shawarma> Do you happen to know the name of the driveR?
<shawarma> ...for the SCSI controller.
<thedeviantone> not sure
<thedeviantone> im also getting an Bufer I/O error on device hda logical block 1
<thedeviantone> and i2o: iop0: could not activate controller
<thedeviantone> if i switch to console tty4 it says tail /var/log/syslog no such file or directory
<thedeviantone> it repeats over and over again
<shawarma> Um..
<shawarma> I thought you said it didn't boot?
<thedeviantone> right after it starts uncompressing the kernel i get these messages and it stalls
<thedeviantone> sorry i got past this error Kernel Panic Error" VFS: Could not Mount root device use correct root= boot option
<shawarma> Ok. The installation went just fine?
<thedeviantone> no 
<thedeviantone> i can't get past the " linux decompressing . . . . " then blank screen 
<shawarma> Oh, that's in the installation?
<thedeviantone> after a few seconds two lines are displayed
<thedeviantone> yes
<thedeviantone> im also getting an Bufer I/O error on device hda logical block 1
<thedeviantone> and i2o: iop0: could not activate controller
<shawarma> Is your cd drive the only ide device in the box?
<thedeviantone> nope the CD drive is hdc
<thedeviantone> i have 160GB ATA100 EIDE drive on hda
<shawarma> Ok..
<thedeviantone> do i need to disable the scsi card bios?
<shawarma> If you don't need it, it won't hurt.
<thedeviantone> plus i'm not to sure about the write policy and read and cache policy settings
<thedeviantone> I dont need raid I just want separate disk 
<shawarma> I don't know that particular controller, I'm afraid.
<thedeviantone> have u seen the first error before?
<thedeviantone> Bufer I/O error on device hda logical block 1
<shawarma> Yes, when the disk is broken.
<shawarma> :)
<thedeviantone> seriously :(
<shawarma> Other than that I could probably happen if the controller is acting strangely.
<shawarma> Is it a new server?
<thedeviantone> no
<shawarma> Alright. To be honest, i don't entirely remember what the Dapper install looked like. Isn't there and option on there to not switch to graphical mode or something so that you can see what goes on?
<thedeviantone> i've tried everything
<thedeviantone> server boot optons
<shawarma> Could you try with a newer installation CD?
<shawarma> Feisty, perhaps?
<thedeviantone> now I get as far as instaling net card then when trying to detec hardware i get error
<thedeviantone> "could not stat device B-00RA0 - no such file or directory
<shawarma> With Feisty CD?
<thedeviantone> nope 6.06
<shawarma> Um... What have you changeD?
<thedeviantone> im downloading feisty now
<thedeviantone> noting, just waited for a half hour
<thedeviantone> now I can hit rety or cancel and same thing, brings me to thi scre
<shawarma> thedeviantone: Sounds.. "interesting".
<shawarma> thedeviantone: What's on the server now?
<thedeviantone> it brings me to the partition disk screen, but no matter how i try to partition the 160 IDE drive it returns to the same screen asking me to repartition
<thedeviantone> it doesn;t even see the scsi
<shawarma> I mean what was on the server before you started installing Ubuntu on it?
<thedeviantone> windows 2000 but that was on another hard drive
<thedeviantone> i'm basically throwing parts together to get a small server running
<shawarma> Is the ide disk connected to a special controller?
<thedeviantone> no
<thedeviantone> just the mobo nothing special set to msater and cd on secondary set to master\
<[miles] > guys, does anyone know the command that would allow me to reconfigure the nic's in ncurse menu please?
<shawarma> [miles] : I realise it doesn't really answer your question, but (most of) the config is in /etc/network/interfaces.
<[miles] > yeah
<[miles] > but the guy im showing, does not want to touch the raw files :-\
<[miles] > so I wanted him to use the ncurse menu
<Kamping_Kaiser> afaik there is none
<[miles] > no?
<[miles] > what about the menu thats given on installation?
<[miles] > that can't be recalled?
<Kamping_Kaiser> debian-installer? no
<shawarma> [miles] : currently, no.
<[miles] > ohh
<[miles] > ok
<[miles] > erm, is there a package for mouse support in console?
<[miles] > iirc there was in SUSE
<Kamping_Kaiser> gpm
<Kamping_Kaiser> *shudder*
<[miles] > thats it
<[miles] > Kamping_Kaiser: whats up with it?
<Kamping_Kaiser> i find it increadably annoying
<[miles] > htf do I start it?
<[miles] > no init script
<Kamping_Kaiser> no idea
<[miles] > ok np
<lionel> [miles] : there is an init script in gpm
<[miles] > in SuSE , yes
<lionel> in Dapper also
<[miles] > mmmm
<[miles] > I'm going crazy then
<lionel> http://packages.ubuntu.com/cgi-bin/search_contents.pl?searchmode=filelist&word=gpm&version=dapper&arch=i386
<[miles] > cos I can't find it
<lionel>  /etc/init.d/gpm
<[miles] > odd
<[miles] > on my server it dont find it
<[miles] > nope
<[miles] > finds the libgpm
<[miles] > but not the gpm packag
<lionel> [miles] : universe is not activated on your server I think
<nofxx> hello there, Ive installed some pci lan cards... they are listed on lspci.... and use the same chipset as the onboard, how to bring them up? only the onboard is showing
<lionel> nofxx: you see them with ifconfig -a ?
<nofxx> lionel: nope... only on lspci
<lionel> so your new lan cards probabily not used the same kernel modules :-(
<nofxx> damn... the working one is 8139C ... the new ones are 8139D .... all realtek
<nofxx> update my kernel? 2.6.20-16 ... ubuntu 7.04
<shawarma> nofxx: No hints from dmesg?
<nofxx> shawarma: nothing like pci error... sorry for the naiveness...im not a network guy, i m doing this job just to help a charity organization... as they network is so well configured that when internet goes down, the LAN goes down too.... incredible heh
<fernando> moin all
#ubuntu-server 2007-06-07
<goofey> how do i recreate /etc/apache2 and all it's subdirs and files?
<peanutb> sudo apt-get apache2 remove
<olem> apt-get remove and reinstall... or grab your last backups :)
<goofey> i removed and resintalled - for some reason that doesn't restore the config files....
<goofey> i also tried a purge
<goofey> same result
<olem> man apt-get for usefull option regarding config files (that are anyway contained in the package's tarball)
<goofey> i'm wondering if the files from from some other package?
<goofey> olem: ok, will do - thanks
<olem> additionnaly, dpkg -S /path/to/a/file will reveal you from which package the file comes
<olem> and /etc/apache2 hierarchy comes from apache2-common package
<olem> (see 'dpkg -L apache2-common')
<goofey> olem: - ahh - perfect!  apache2-common
<goofey> olem: dumb questions - shouldn't sudo apt-get install --reinstall apache2-common work?
<goofey> nm - reverse --reinstall and install and it works....
<goofey> thanks for all the help!
<olem> you're welcome
<goofey> would someone mind running a "dpkg -S" on any php5 files in /etc/apache/mods-available/ - i need to know what package creates these files - thanks!
<goofey> would someone mind running a "dpkg -S" on any php5 files in /etc/apache/mods-available/ - i need to know what package creates these files - thanks!
<goofey> wait, make that /etc/apache2/mods-available
<goofey> and i think the file is pgp5.load
<goofey> er, php5.load
<goofey> no apache2/ubuntu/php5 users here?
<Burgundavia> probably part of the default apache2-php5 package, or whatever it is called
<goofey> ok, thanks - someone in #apache found it for me
<foo> goofey: oh, hey :)
<foo> That was me
<foo> :)
<goofey> it was!!!!
<Shaddox> Hello everyone. I need help setting up my server for use as an e-mail server step-by-step.
<Shaddox> Can anyone help me out with this? I'm new to this.
<Shaddox> Hello everyone. I need help setting up my server for use as an e-mail server step-by-step. I already have the website built, and need to set up my e-mail for it.
<Pumpernickel> Documentation is usually a better resource than IRC for something as possibly complicated as a mail server.
<Pumpernickel> e.g; http://www.postfix.org/documentation.html
<olem> Shaddox, additionnaly and specifically for ubuntu, you should have a look at : http://ubuntuforums.org/showthread.php?t=40047
<Shaddox> Pumpernickel: The postfix docs were extremely confusing, and thank you olem for that link.
<olem> you're welcome
<illusion-1> hi
<illusion-1> plz any tuto to install and configure openvpn in ubuntu server ?
<olem> illusion-1, https://help.ubuntu.com/community/VPNServer
<illusion-1> olem, thnx
<olem> illusion-1, please, have a google search and a wiki.ubuntu.com search before asking here. You'll probably save you're time :)
<olem> anyway, you're welcome
<illusion-1> ok thnx
<[miles] > morning
<[miles] > guys, can I easily install Xubuntu 6.06 but with a server kernel?
<lionel> Hi [miles] 
<lionel> sudo apt-get install xubuntu-destop on a server install
<[miles] > yo lionel
<lionel> sudo apt-get install linux-server on a Xubuntu install :)
<[miles] > ahh ok
<[miles] > lionel: but from install boot line, can I select server kernel is installed
<[miles] > ?
<lionel> not at installation
<[miles] > oh no
<lionel> (btw, it is linux-image-server)
<[miles] > :)
<ivoks> hi
<lionel> hi ivoks
<[miles] > I'd also like to avoid installing openoffice and extra shite
<[miles] > yo ivoks
<[miles] > the end user just needs basic X and FireWall Builder
<ivoks> oo.org doesn't come with ubuntu-server
<lionel> [miles] : openoffice does not come with xubuntu
<ivoks> (last time i looked, this is #ubuntu-server :)
<[miles] > well, I installed ubuntu server yesterday, and installed XFCE4
<[miles] > and it put OOo
<ivoks> s/is/was/
<[miles] > :)
<lionel> [miles] : lionel@ouessant:~$ apt-cache rdepends openoffice.org | grep desktop
<lionel>   meta-ul-desktop-base
<lionel>   ichthux-desktop
<lionel>   education-desktop-other
<lionel>   ubuntu-desktop
<lionel>   edubuntu-desktop
<lionel> no xubuntu-desktop
<[miles] > maybe its cos I did an install on xfce4
<[miles] > not xubuntu-desktop
<[miles] > damn this box has a via processor
<[miles] > so, lionel xubuntu installs with no OO etc... really minimal X install?
<shawarma> xubuntu is xfce. I don't know if that qualifies as "really minimal". Perhaps. :)
<[miles] > jeje
<lionel> fluxbox or openbox would be minimal I think
<lionel> I shawarma
<shawarma> But it uses abiword/gnumeric etc. instead of oo.o, afair.
<ivoks> nope, fvwm would be minimal :)
<lionel> crongrats for your new job :)
<shawarma> evilwm ftw!
<shawarma> lionel: Thanks. :)
<ivoks> ok, let's stop - this is CLI-channel only :)
* lionel hit Ctrl+Alt+F1 :)
<[miles] > server kernel is noooooo go with via cpu
<ivoks> could be... i think you need -386 kernel
<[miles] > yep
<[miles] > just gonna install xubuntu 386
<ivoks> install CLI version of xubuntu
<ivoks> and then add missing components :)
<Deepshock> anyone have a suggestion for what lightweight gui i should run ontop of ubuntu server? fluxbox or xfce?
<[miles] > Deepshock: exactly what im doing atm
<[miles] > Deepshock: for a clients box
<[miles] > Deepshock: XFCE
<[miles] > [11:15]  <lionel> sudo apt-get install xubuntu-destop on a server install
<Deepshock> its just something lightweight on top of a dev test box
<[miles] > Deepshock: blackbox
<Deepshock> does XFCE just come with some extras?
<[miles] > Deepshock: I see that is available
<[miles] > I used XFCE for the first time yesterday
<[miles] > and I personally find it very very good
<Deepshock> lol im instalilng it as we speak
<Deepshock> hhehe
<Deepshock> say.. miles u wouldn't happen to know how to get a hardware probe in terminal would u?
<Deepshock> because my network card wasn't picking up
<Deepshock> and i had to add it via /network/interfaces.. 
<Deepshock> but is there a better way to do it?
<[miles] > depmod
<[miles] > check your lspci
<[miles] > what card is it?
<[miles] > also check dmesg
<Deepshock> its not an uncommon card
<Deepshock> its just i didn't set it up during install
<Deepshock> and theres no new hardware detection in the boot up process
<Deepshock> so it never got configured
<Deepshock> so depmod
<Deepshock> miles, so i have in my lspci the wireless card i see.. but in my network-admin area its not there
<Deepshock> how can i add that device?
<[miles] > sorry back now
<[miles] > Deepshock: it must be there
<[miles] > Deepshock: pastebin.ca me the lspci please
<Deepshock> miles: thx 
<Deepshock> http://pastebin.ca/547368
<`6og> Deepshock, whats your question
<Deepshock> 60g: well basically i hace this atheros card and i think i downloadd the resticted driver thing from synaptics... but how do i configure my wireless card now? or get it to detect with the thing i downloaded
<Deepshock> wait nm
<Deepshock> got it all working
<Deepshock> ! yay
<`6og> :)
<`6og> no worries ;)
<Deepshock> thx for the offer tho
<[miles] > Deepshock: sorry, everythings going Pete Tong here
<[miles] > Deepshock: which card u having problems with?
<Deepshock> hey miles np
<Deepshock> well while u were gone i figured out some stuff
<[miles] > Deepshock: I use wifi cards with Atheros chipset
<Deepshock> thats what i ahve
<[miles] > ok
<Deepshock> i downloaded these linux restricted drivers
<[miles] > good
<Deepshock> things from synaptics i think i have some progress
<[miles] > what version of ubuntu u using?
<Deepshock> ubuntu server newest one
<Deepshock> well i'm actually in xubuntu
<Deepshock> right now
<Deepshock> on top of the ubuntu-server
<[miles] > ok sweet
<[miles] > well, you could use wlassistant
<[miles] > http://wlassistant.sourceforge.net/
<Deepshock> hmm lemme see if i ahve that
<[miles] > it's in the repo
<Deepshock> hmm how to i use the repo
<Deepshock> apt-get wlassistant
<[miles] > in console
<Deepshock> ?
<[miles] > sudo aptitude install wlassistant
<Deepshock> weird
<Deepshock> its asking me for server cd
<Deepshock> which is in the cd rom
<[miles] > disable it in the sources
<Deepshock> how does one that do
<Deepshock> sorry =( kinda new still
<Deepshock> wait nm think i i got it
<[miles] > Deepshock: edit the /etc/apt/sources.list file
<[miles] > and comment out the line saying cdrom
<[miles] > then do an aptitude update
<[miles] > then aptitude install wlassistant
<Deepshock> I'm having issues getting my system to work with the wlassistant, does anyone have a sec to help me?
<shawarma> Deepshock: Um... this is #ubuntu-server ?
<Deepshock> i am running it, and i'm having issues gtting my wirelesscard to work with it
<Deepshock> work with ubuntu-server
<shawarma> Dude. wlassistant is a kde app, no?
<Deepshock> how can i find what the kernel path is?
<shawarma> Kernel path?
<shawarma> the running kernel image? The source?
<necrite> hi all
<necrite> i have some problems with nfs . i have this in my exports
<necrite>  /usr/local/materials/ 192.168.128.5(rw,nohide,no_subtree_check,sync)
<necrite> and in my fstab i have
<necrite> 192.168.128.3:/usr/local/materials /usr/local/remote/materials nfs rw 0   0
<necrite> when i see how is mounted i see is mounted as rw
<necrite> but when i try to write i get Operation not permitted
<Deepshock> how do i configure the kernel to allow wireless extensions?
<mralphabet> it's not?
<Deepshock> nay
<mralphabet> and what do you mean by "extensions"?
<Deepshock> i'm trying to install madwfif
<Deepshock> and i'm going to the make part of it
<Deepshock> and then it says checking kernel config.. failed please enable wifi extension
<mralphabet> cat /boot/config-`uname -r` | grep -i wireless
<mralphabet> CONFIG_WIRELESS_EXT=y
<shawarma> Deepshock: This is *still* #ubuntu-server
<Deepshock> shwarma i'm asking for help on how to config wireless on an ubuntu server install
<Deepshock> where am i suppose to go? ubuntu-server-wireless?
<mralphabet> Deepshock: just because you are *using* server does not make this a *server* question
<Deepshock> and i understand that is the possibility, but i personally don't know if the wireless issue is one that includes the server distro or not
<mralphabet> this is more of "how can I get xyz non standard package to work", which may be better answered in whatever support channels madwifi has
<mralphabet> because I can guarantee you that none of us are experts in "madwifi"
<Deepshock> well i won't argue with you there, lemme try to find a more specific source for this
<Deepshock> what questions would be more pertaining to this channel? i guess for my future ref
* mralphabet points at shawarma 
<Deepshock> i mean if u think about it any lamp question
<Deepshock> could be pointed to apache, mysql or php channels
<shawarma> Deepshock: Questions about server hardware or software.
<shawarma> Deepshock: Madwifi is neither.
<shawarma> Deepshock: No, apache, php and mysql is on-topic here.
<Deepshock> madwifi is the bridge between the wireless hardware and software to get it going
<Deepshock> and i'm running it on the server distro
<Deepshock> i mean so far everything i've asked isn't specific to mad wifi, i asked how to enable the wireless extension in the kernel
<Deepshock> the kernel specific to this linux source
<Deepshock> isn't that valid? i mean i'm not out here to prove anyone wrong i just need some self clarification so i can prevent asking anymore out of topic q's
<mralphabet> Deepshock: according to the kernel I am running, wireless ext is enabled
<Deepshock> alright, then i must hae done something weird to disable it.. let me check what you wrote
<mralphabet> you can run the same test
<Deepshock> alrighty, appreciate the direction mralphabet.. let me see where it goes
<mralphabet> Deepshock: are you trying to compile this from source?
<mralphabet> sudo apt-get install madwifi-tools
<mralphabet> found that package from 'sudo apt-cache search mad'
<Deepshock> let me gvie that a shot
<Deepshock> mralphabet... alright.. how do i just rebuild the kernel
<Deepshock> i think i messed with it too muhc
<mralphabet> you touched the kernel?
<Deepshock> mmm idk... maybe =P
<Deepshock> i maen i deleted some files added somethings and now its weird..
<mralphabet> . . .
<mralphabet> apt-cache search linux-image
<mralphabet> that gets you the packages
<Deepshock> alrighty
<Deepshock> i'll do that
<mralphabet> apt-get reinstall <some package> should do what you want
<coNP> Any exim4 experts here? The exim4-config utility says to delimit the hosts in the config file with semicolons (;). Does it work this way? I use colons (:) and I think this is the working solution (for me ; gives errors). Can any of you confirm if I am right (both that colon is ':' and semicolon ';' and that this is a bug in the configuration utility)?
<[miles] > anyone know where the acinclude command comes from?
<ivoks> dpkg -S `which acinclude`
<necrite> anyone can help me with some nfs isues ?
<ivoks> maybe :)
<necrite>  i have some problems with nfs . i have this in my exports
<necrite> /usr/local/materials/ 192.168.128.5(rw,nohide,no_subtree_check,sync)
<necrite> and in my fstab i have
<necrite> 192.168.128.3:/usr/local/materials /usr/local/remote/materials nfs rw 0   0
<necrite>  when i see how is mounted i see is mounted as rw
<necrite> but when i try to write i get Operation not permitted
<[miles] > ivoks: nope, can't locate it at all
<necrite> [miles] , ldpkg -S `ocate 
<necrite> ops
<coNP> [miles] : apt-file update && apt-file search acinclude ?
<necrite> locate acinclude
<ivoks> [miles] : do you have it installed or not?
<necrite> and then dpkg -S file
<[miles] > nope, it does exist
<ivoks> necrite: who is the owner of the /usr/local/materials/ on server?
<[miles] > apparently its part of autoconf
<ivoks> [miles] : then apt-file is the only way
<necrite> ivoks, root
<ivoks> and you are trying to write on it as a root or as a user?
<necrite> as root
<ivoks> necrite: no_root_squash?
<ivoks> that's bad way to solve the issue...
<necrite> oks but i can cheange the owner
<ivoks> better way would be to chown it as nobody, and add anonuid=65534
<ivoks> and then add all_squash
<necrite> ivoks, oks i ll try..  
<necrite> thanks
<ivoks> np
<ivoks> [miles] : there is no such binary in dapper
<ivoks> necrite: be carefull, everybody will be able to write to that share then
<[miles] > nod
<[miles] > ivoks: weird, ... I'm building fwbuilder source atm
<[miles] > np tho
<[miles] > http://ac-archive.sourceforge.net/doc/acinclude.html
<necrite> ivoks, i whont www-data be the owner of this directory
<necrite> i change it
<ivoks> ok
<necrite> so.. if i export this directory i have to set the id of ww-data
<necrite> ?
<ivoks> anonid, yes
<ivoks> anonuid
<necrite> i have to add this (all_squash,anonuid=www-dataid,anongid=www-datagid
<necrite> ?
<ivoks> yes
<necrite> ivoks, it work ! tks a looot man
<ivoks> np
<gloin> Question: the tftpd-hpa that comes with server 6.06 seems to be broken, in the sense that I can connect to it but any GET times out.  Also, there doesn't seem to be _any_ syslogging happening to help me figure out what broke.  Is this a known issue?  Google didn't lend any help.
<ivoks> eh?
<ivoks> i use it daily
<ivoks> on 100 computers
<ivoks> there is /etc/default/tftpd-hpa
<ivoks> under OPTIONS put "-l -s /var/lib/tftpboot"
<ivoks> RUN_DAEMON=ye
<ivoks> s
<ivoks> and that's it, put images in /var/lib/tftpboot and you are done
<gloin> yeah, that's my setup
<gloin> I'm beginning to suspect managed switch issues though
<gloin> we've got kind of a complex network
<gloin> I tried a different tftpd, same exact result
<ivoks> but... could be a bug :)
<gloin> in two different tftp implementations?
<ivoks> it was a joke :)
<gloin> arglbargl
<gloin> I should probably eat lunch before attempting to converse further.
* mralphabet thinks he just learned a new swear word
<shawarma> gloin: Just because your tftp clint shows a prompt, it doesn't mean you're connected..
<shawarma> gloin: No communication actually takes place before you *do* something.
<gloin> shawarma: I was able to get it to log
<gloin> it shows the attempted GET
<shawarma> gloin: ah, ok then.
<gloin> but only when I do it by hand
<gloin> hmm
<shawarma> gloin: I'd say you're connected, then :)
<shawarma> I remember having difficulties with it too at some point.
<shawarma> I think I ended up running it under strace to see what it actually tried to fetch. 
<shawarma> And I think I remember that I seconds later had one of those "OH!"-experiences. :)
<fabbione> gloin: what are you trying to netboot?
<fabbione> can it be the client rather than the server?
<gloin> fabbione: I would wonder that, except that I can't get the file manually either
<gloin> hrm
<gloin> strace isn't telling me anything
<fabbione> gloin: afair tftp-hpa has a limitation to not understand requests coming to a broadcast address
<shawarma> It's not open()'ing anything at all?
<fabbione> for example the NIagara T2000 tftp code attempts by default to netboot using a broadcast 
<gloin> shawarma: it's opening libs
<fabbione> that doesn't work
<fabbione> you need to specify the tftp server address
<fabbione> not sure what tests you are doing but slam a sniffer and check for that too
<fabbione> anyway i am pretty sure the server works
<fabbione> i use it here too as ivoks
<fabbione> since like.. warty?
<fabbione> time for bed...
<fabbione> night
<gloin> hmm
<gloin> nothing at all
<gloin> shawarma: trying a GET with strace following the server
<gloin> and nothing
<gloin> zilch
<gloin> oh
<gloin> I have to get strace to follow forks, don't I?
<shawarma> You said it logged something?
<shawarma> gloin: Possibly.
<shawarma> gloin: (that's -f)
<gloin> no change
<gloin> exactly same output
<gloin> the only place I see it even listing /var/lib/tftpboot is in the args section right at the beginning
<shawarma> I don't quite get it. You say it logs things, but you don't see that in the strace?
<gloin> can't get it to log right now either
<shawarma> Are you attaching strace to the running server or spawning a new one?
<gloin> killing all the old ones and spawning a new one
<shawarma> As root?
<gloin> with plenty of -vv
<gloin> as root
<shawarma> Hm.. And it's got a socket in LISTEN ?
<shawarma> I'm an idiot.
<gloin> ?
<shawarma> Does it have a udp socket open?
<shawarma> (udp sockets have no concept of LISTEN state)
<gloin> dammit
<gloin> it _should_ but I don't see it 
<gloin> argh
<shawarma> netstat -an | grep 69 gives you nothing?
<gloin> lsof -i showed me zilch for tftp
<gloin> perhaps netstat is more useful
<gloin> udp        0      0 0.0.0.0:69              0.0.0.0:*
<gloin> oho
<gloin> it logs again
<gloin> Jun  7 14:26:00 amys00741 in.tftpd[4250] : recvfrom: Socket operation on non-socket
<gloin> and now lsof shows a whole mess of entries for tftpd
* gloin sees why that is
<gloin> oh hell
<gloin> shawarma: now I'm the idiot
<shawarma> Oh?
<gloin> the machine I was testing with manually
<gloin> iptables...
<gloin> -F -X -Z change policies it works perfectly
<shawarma> \o/
<gloin> haha
<gloin> ok
<gloin> so tftp server is working correctly
<gloin> client is an NTAVO from devonit.com
<gloin> and that must be the problem
<gloin> occam's razor
<gloin> occzam*
* gloin throws up his hands in disgust and goes to rom-o-matic
<shawarma> Have fun.
* shawarma -> bed
#ubuntu-server 2007-06-08
<netrat> hello i'm installing ubuntu 7.04 server and i'd like for the boot partition to be RAID 1. is this possible with the installer?
<sahafeez> yes
<sahafeez> there are docs for it that i have read in the past
<netrat> sahafeez: would you happen to have any links?
<sahafeez> google.com
<sahafeez> or ubuntu.org
<netrat> sahafeez: okay i'll search away
<netrat> thanks
<sahafeez> Results 1 - 10 of about 232,000 for ubuntu install to raid1
<sahafeez> http://users.piuha.net/martti/comp/ubuntu/raid.html
<netrat> sweet, going to try it now
<ivoks> 'morning
<gejr> I'm trying to add a user to my apache conf. I'd like something like http://myserver/~username/
<gejr> what should i search up?
<ivoks> mkdir ~/public_html
<ivoks> and add your page in it
<ivoks> there is nothing you should do except that
<gejr> i already have my documentroot at /var/www
<gejr> and it would've been nicer to have something like ~/username/public_html
<shawarma> Um.. What? :)
<gejr> yea i know..i'm useless
<shawarma> for user foo, you want to use /home/foo/foo/public_html ?
<gejr> oh yea...my mistake
<gejr> /home/foo/public_html of course
<shawarma> That's the default already.
<gejr> i managed now
<shawarma> ah, ok. :)
<gejr> i had to enable the userdir module
<gejr> now www.server.com/~user/ works fine
<gejr> wonder if the php will work too
<necrite> hi
<shawarma> If it does in /var/ww then probably.
<shawarma> necrite: hello
<necrite> there is any wat to limit the bandwith to one rsync over ssh?
<gejr> yea it worked. nice.
<shawarma> necrite: --bwlimit=25
<gejr> Now..how can i setup an alias so that www.server.com/~user/ could just become www.server.com/user/ ? is it possible?
<shawarma> necrite: limits it to 25 kbytes/sec.
<necrite> sure? OMG too easy ^^
<shawarma> gejr: Hmm..
<shawarma> gejr: The quick'n'dirty way would be to create symlinks from the webroot to the user's public_html dir, but that doesn't scale very well.
<gejr> hehe..that would probably show up as ~user anyway
<gejr> but..yea, decent suggestion
<shawarma> Um.. no.
<shawarma> Well, yes, *also*.
<gejr> it would just redirect /user/ to /~user/ wouldn't it? hence the url in the address bar would probably change
<shawarma> If you webroot is /var/www/company.com, you can make a symlink /var/www/company.com/foo pointing to /home/foo/public_html.
<shawarma> that would expose that directory both as company.com/~foo and company.com/foo
<shawarma> gejr: No, symlinks dont' cause redirects.
<gejr> and it wouldn't behave like i just described? Then it would probably be perfect..:)
<gejr> great
<[miles] > weird, I've suddenly lost the ability to hit tab and auto complete commands in console
<[miles] > :-\
<r00tintheb0x> anyone awake yet?
<shawarma> r00tintheb0x: It's 13:26. What do you expect? :)
<r00tintheb0x> ha, its ACTUALLY 6:26am.
<shawarma> Not in the real world. :/
<shawarma> r00tintheb0x: Were you just checking up on us, or did you have a question? :)
<r00tintheb0x> question... anyone have experience with NFS / NIS / SAMBA / WINBIND / Windows 2k3 AD?
<shawarma> although a question, it's not a very good one. :)
<shawarma> Assume "yes" and then ask the real question :)
<r00tintheb0x> haha
<r00tintheb0x> Ok, im trying to make a NIS/NFS/Samba server.. im trying to have NIS tied to the windows active directory.
<r00tintheb0x> when i use the winbind tool wbinfo i can "wbinfo -u" from the NIS server and pull  back a group of users.
<r00tintheb0x> NIS is working, as is NFS... but i cant connect to a samba share from a win client
<J_P> hi all
<mralphabet> r00tintheb0x_: I'm going to say that your samba user list doesn't match the AD user list and/or permissions on your shares aren't correct
<aeon17x> Is it possible to install ubuntu server using the desktop Feisty CD? Or do I have to use the Ubuntu Server installer to have it all installed and configured correctly?
<shawarma> aeon17x: The server install is just like a regular installation with much less packages installed and a different kernel. That's it. 
<r00tintheb0x> Does anyone in here have any experience with Samba, Winbind, and Windows Active Directory and using it so that a NIS server can authenticate from the Windows AD server??
<disposable> on feisty-server, i followed help.ubuntu.com and tried to set up apache2 with SSL. when i finally restarted apache, i got SSLOptions: Illegal option 'CompatEnvVars'. i googled around but no answers, just questions. any help? my /etc/apache2/sites-available/default is at http://pastebin.ca/539769
<shawarma> r00tintheb0x: Are you sure that's even possible?
<shawarma> disposable: Have you tried removing it?
<disposable> shawarma, i'm not sure what it'd do. i dont want to break compatibility with browsers
<shawarma> disposable: Just remove it. It should be safe.
<disposable> shawarma, it works, i'm going to try it from all possible browsers now. tnx
<shawarma> disposable: np
<r00tintheb0x> I believe it is shawarma 
<shawarma> r00tintheb0x: Possibly. It'd have to involve some serious tweaking though.
<shawarma> r00tintheb0x: NIS provides a means for distributing the password files (well, not the files as such, but you get the idea).. It doesn't actually do the authentication itself, so I can't really see how it'd pass on the authentication stuff to anything else..
<r00tintheb0x> i know... it binds to the Windows Domain controller or the LDAP server.
<r00tintheb0x> shawarma, http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html
<shawarma> r00tintheb0x: Just taking a quick peek at that page seems to only compare winbind to NIS, not say anything about them working together in the way you suggest.
<r00tintheb0x> hmm
<r00tintheb0x> shawarma, this is a better example: http://www.debian-administration.org/articles/395
<shawarma> r00tintheb0x: How is that better?
<shawarma> r00tintheb0x: the only place it mentions NIS is in parentheses saying that what it's doing is unlike NIS/NIS+.
<shawarma> r00tintheb0x: I think you need to restate your problem/question.
<shawarma> r00tintheb0x: In its current form, I suspect it cannot be answered.
<shawarma> r00tintheb0x: Especially, if you find that any of the above links are a stab at an answer for your question, you have not conveyed said question very well here. :)
<r00tintheb0x> okay.
<r00tintheb0x> Thanks!
<shawarma> r00tintheb0x: the way I understand your question: You want a NIS server to do certain things so that its NIS clients somehow authenticate against a windows AD.
<shawarma> r00tintheb0x: If that is indeed your question, my answer remains "I don't think that's possible".
<shawarma> r00tintheb0x: If you kick NIS out the window and replace it with winbind, that's an entirely different issue, problem and question.
<shawarma> r00tintheb0x: Interestingly, a question that is in fact answered by the two links you posted above.
<shawarma> r00tintheb0x: (or so it would seem. I didn't look that closely)
<r00tintheb0x> windows ad/dc-------------------------->NIS server-------------------------------->NIS clients
<r00tintheb0x> shawarma, the 1st paragraph of this http://www.debian-administration.org/articles/340 page explains exactly what i want to do.
<r00tintheb0x> This article will show you how to install Samba 3.X on Debian Linux 3.1 (Sarge) and make it authenticate against a Windows server running Active Directory. 
<shawarma> r00tintheb0x: You will notice that said paragraph does not mention nis, but your drawing includes a NIS server. ?
<r00tintheb0x> OOOOH i see what you're saying
<r00tintheb0x> NIS & NFS are just on the same server.
<r00tintheb0x> Samba Winbind & AD are a seperate thing.
<r00tintheb0x> lol, sorry shawarma 
<coNP> how can I make a 
<coNP> Linux router that masquerades everything but forbids http
<coNP> I want to use a proxy for all http traffic
<ivoks> easy
<ivoks> you can redirect http port
<coNP> I guess it is only a --destination-port ! 80 in the appropriate line
<ivoks> but that's not ultimate solution
<ivoks> iptables -t nat -A PREROUTING -m iprange -i [local interface]  -p tcp --dport 80 -j REDIRECT --to-port 3128
<shawarma> r00tintheb0x: I'm sorry, I've got to run now. I can help you again on monday, if you haven't sorted it out yet by then.
<ivoks> shawarma: did you look at mysql root password? :)
<shawarma> ivoks: Yes, i did. I have to disagree about setting a random password.
<shawarma> ivoks: It's a bad idea, I think.
<ivoks> i agree it isn't great, but is better than empty pass
<shawarma> ivoks: The server is useless if you don't know the password, so the user friendly choice is definitely *not* to stow it away somewhere in a file the user has to find by himself.
<ivoks> user doesn't have to find it
<ivoks> he only has to know how to set it up
<shawarma> The kind of user inclined to just hit return (thus skipping the password setting) is the exact same kind of user that is inclined to not be able to find said password afterwords if it's only to be found in a file somewhere.
<ivoks> we can say that mysql is unusable untill password is set
<shawarma> I vote that whatever happens during installation, the mysql server should be usable afterwards.
<shawarma> If that involves asking the user over and over again for a password or having an empty password, so be it.
<shawarma> That said, there should be an easier way to reset the password.
<ivoks> that's breaking ubuntu policy
<shawarma> I know.
<ivoks>  /etc/init.d/mysqld reset_password - this is very easy to do
<shawarma> But forcing the user to dig out a password from an obscure file is worse.
<shawarma> ivoks: If you know about it.
<ivoks> no... user will never do that
<shawarma> yes.
<ivoks> like this:
<ivoks> check out /etc/mysql/debian.cnf
<shawarma> I'm familiar with it.
<ivoks> just replace debian-sys-maint with root
<ivoks> and you get mysql with root pass
<ivoks> which can be changed with single command
<ivoks> mysqladmin --config-file=/etc/mysql/debian.cnf password 'newpassword'
<ivoks> bleh... --defaults-file
<ivoks> mysql is secured; there is root pass
<shawarma> Right.
<ivoks> and it is easy to change it
<shawarma> I'll toss in a few comments (and do something about it) on Monday.
<shawarma> We can discuss it then. Cool?
<ivoks> sure
<shawarma> Cool. See you!
<ivoks> bye
<coNP> do someone have ubuntu icons for nagios?
#ubuntu-server 2007-06-09
<cheeseboy> hi
<cheeseboy> why cant i ping my server?
<cheeseboy> but it can ping other pcs
<cheeseboy> and other pcs can ping other pcs
<cheeseboy> internet is working
<cheeseboy> anyone there
<olem> yap
<cheeseboy> cal u help
<cheeseboy> can*
<olem> beg you pardon? 
<olem> have you got any problem/issue?
<cheeseboy> <cheeseboy> why cant i ping my server?
<cheeseboy> <cheeseboy> but it can ping other pcs
<cheeseboy> <cheeseboy> and other pcs can ping other pcs
<cheeseboy> <cheeseboy> internet is working
<olem> netmask issue?
<cheeseboy> how i check?
<olem> I mean, perhaps you set a incorrect netmask value on your server, for example:
<olem>  . you're on (V)LAN /26
<olem>  . you set a /24 netmask on your server
<olem>  . so your server can ping others
<olem>  . while other cannot
<cheeseboy> i dont rember setting that
<cheeseboy> ever
<cheeseboy> put it can ping others
<olem> see your network admin, he will probably help you better than I (I dunno you network plan)
<cheeseboy> im network admin
<olem> yes. you can if you've got a broader netmask (and are in the same wire)
<olem> ah.
<olem> so you're sure about your netmask on your server?
<cheeseboy> no
<olem> I mean, sure to be the correct one?
<cheeseboy> dunno how to check or change
<olem> to check, see /etc/network/interfaces
<olem> for example, a valid entry could be:
<olem> iface eth0 inet static
<olem>  address 192.168.1.2
<olem>  network 192.168.1.0
<olem>  netmask 255.255.255.0
<olem>  broadcast 192.168.1.255
<olem>  gateway 192.168.100.1
<cheeseboy> eth1 is set
<cheeseboy> but supposed to be eth0
<cheeseboy> olem so if i change to eth0 think thayll fix it?
<olem> can you issue an 'sudo mii-tool' to see what iface is connected out there ?
<cheeseboy> i usally dhclient eth0 to bring internet up
<olem> can you copy/paste here your /etc/network/interfaces ?
<cheeseboy> how?
<cheeseboy> i have no x
<olem> ah... then... manually copy past it :-)
<olem> (albeith you have mouse support of course)
<cheeseboy> X(
<cheeseboy> ??
<olem> so, what you're /etc/network/interfaces tells us about eth0 and eth1 ?
<cheeseboy> auto lo
<cheeseboy> iface lo inet loopback
<olem> ok - fine
<olem> next
<cheeseboy> that all u want?
<olem> next : eth0 and eth1
<olem> lo is the loopback iface (lo0/127.0.0.1)
<cheeseboy> iface eth0 inet static
<cheeseboy> i just changed from eth1
<cheeseboy> adress 192.168.1.102
<cheeseboy> netmask 255.255.0
<cheeseboy> gateways wrong too
<cheeseboy> h/o
<cheeseboy> gateway 192.168.1.1
<cheeseboy> auto eth0
<cheeseboy> thats it
<olem> ok. I see the following error: s/adress/address/
<cheeseboy> ??
<olem> and, are you sure to be on a Class B network (/16) ? not in a Class C (/24) ?
<cheeseboy> no i dont even know what that means
<olem> I guess your in a Class C. If so, your issue is 'netmask 255.255.0' which should be 'netmask 255.255.255.0'
<olem> Class B network are 'large' network from 16xxx addresses.
<cheeseboy> oh yea it is that
<cheeseboy> typo my bad
<cheeseboy> how i reset all my internet on ubuntu?
<olem> Class C are 'tiny' networks (even if your may subnet them in tinier ones) for 255 addresses
<olem> what do you mean by "resetting all my internet"?
<cheeseboy> disconnect reconnect w/ new settings
<olem> If you want to 'restart your network' to apply new parameters, you just have to issue 'sudo /etc/init.d/networking restart'
<olem> but be sure of your parameters prior to network restart... if you're teleworking :-)
<cheeseboy> failed to bring up eth0
<olem> sudo tail -f /var/log/messages ?
<olem> could inform you about why
<cheeseboy> not much info there
<olem> ok. so, you should issue an 'sudo mii-tool'
<olem> to see to what physical iface you've got a jack plugged in.
<olem> (to be sure about eth0 and eth1)
<cheeseboy> fails on both
<olem> for example, on my laptop, I don't use eth0 and when I issue 'sudo mii-tool', it returns me something like :
<olem> olem@lembox:~$ sudo mii-tool 
<olem> eth0: no link
<olem> SIOCGMIIPHY on 'eth1' failed: Operation not supported
<cheeseboy> yes
<olem> to tell me:
<olem>  . hey dude, no cable in eth0 ('no link')
<cheeseboy> cept  oppisite eth0 and eth 1
<cheeseboy> eth1 no link
<cheeseboy> eth0 that other error
<olem>  . hey dude, I cannot stat about your eth1 (cause it's the wireless iface, and don't support this interrogation)
<olem> what does eth0 tells?
<olem> exactly
<cheeseboy> yes its wireless
<olem> So, you'r mii-tool reports that :
<olem>  . eth1 is a wired interface, with no link (no cable in)
<olem>  . eth0 ??? (I did not understand)
<olem> ?
<cheeseboy> no..
<cheeseboy> <olem> eth0: no link
<cheeseboy> <olem> SIOCGMIIPHY on 'eth1' failed: Operation not supported
<cheeseboy> cept switch et1 w/ eth0
<olem> so you're mii-tool tells you that:
<olem>  . SIOCGMIIPHY on 'eth0' failed: Operation not supported
<olem>  . eth1: no link
<olem> ?
<cheeseboy> yes
<olem> and your /etc/network/interfaces is configured this way:
<olem> auto lo0
<olem> oups...
<olem> auto lo
<olem> iface lo inet loopback
<olem> # wireless
<olem> iface eth0 inet dhcp
<olem> # wired
<olem> iface eth1 inet static
<olem> address 192.168.1.102
<cheeseboy> eth0 and eth1 are wireless
<cheeseboy> but eth1 doesnt work
<cheeseboy> and i have eth0 configures as static
<cheeseboy> so i can rember ip easier
<olem> hum... strange mii-tools returned a eth1 with 'no link' if it's a wireless iface... but, well, who knows (perhaps some drivers support this PHy...)
<olem> anyway, can you please spell me the /etc/network/interfaces relating to eth0, to be sure there is no issue?
<cheeseboy> auto lo
<cheeseboy> iface lo inet loopback
<cheeseboy> iface eth0 inet static
<cheeseboy> adress 192168.1.102
<cheeseboy> netmask 255.255.2550
<olem>   ==> be sure to have exactly : address 192.168.1.102
<cheeseboy> ya typos here
<olem> (2 'd' to address)
<olem> ok. 
<olem> and netmask 255.255.255.0 :)
<cheeseboy> gateway 192.168.1.1
<cheeseboy> auto eth0
<olem> add (before auto eth0) :
<olem>  network 192.168.1.0
<olem>  broadcast 192.168.1.255
<olem> and /etc/init.d/networking restart again
<olem> (after saving the file of course :)
<cheeseboy> olem
<cheeseboy> failed to bring up eth0
<olem> ok :(
<olem> can you comment all the declarative parts for you eth0 and try these ones:
<olem> iface eth0 inet dhcp
<olem> auto eth0
<olem> and (save) /etc/init.d/networking restart ?
<cheeseboy> ya h/o
<olem> just to see
<cheeseboy> dhclient brings it up
<olem> what does your ifconfig (or ip addr show) returns?
<olem> regarding eth0 of course
<cheeseboy> 192.168.1.102 wen i use dhclient
<olem> netmask/broadcast/ ?
<cheeseboy> ??
<olem> 'ip addr show' should returns you something like that, relating to eth1 :
<olem> inet 192.168.1.102/24 brd 192.168.1.255 scope global eth1
<olem> s/eth1/eth0 :) 
<olem> In fact, if you can negociate an @IP via DHCP and ping outside, you are sure you wireless conf is okay (wpa_supplicant.conf I suppose)
<cheeseboy> i nvr touched it
<olem> So, if your /etc/network/interfaces configured in static mode (iface eth0 inet static, and all the stuff) does not bring up your iface, the problem is in the /etc/network/interfaces : a typo error or something like that
<Burgundavia> olem: can you pastebin your /etc/network/interfaces?
<olem> From my point of view, with what I understand of your network topology, your /etc/network/interfaces should be exactly this one :
<olem> # loopback
<olem> auto lo
<Burgundavia> olem: ahh, pastebin
<olem> iface lo inet loobpack
<olem> # eth0 - wireless but static
<olem> auto eth0
<cheeseboy> Burgundavia, olem is helping me w/ the problem
<olem> iface eth0 inet static
<Burgundavia> right, sorry
<olem>  address 192.168.1.102
<olem>  network 192.168.1.0
<olem>  netmask 255.255.255.0
<olem>  broadcast 192.168.1.255
<cheeseboy> i had those but in different order
<olem>  gateway 192.168.1.XXX (I dunno what is your gw, but you should)
<Burgundavia> olem: please use pastebin next time
<olem> place them in that order (I'm not sure this will impact)
<Burgundavia> you also will want a auto eth0 before the iface line
<cheeseboy> thats what it said
<olem> Burgundavia, why do you want me to c/p my /etc/network/interfaces with all my gory comments in there? :)
<Burgundavia> olem: because I thought you were cheeseboy
<Burgundavia> cheeseboy can you pastebin that file?
<cheeseboy> no
<cheeseboy> no x
<olem> Burgundavia, I dunno what the hell you're drinking, but I'm okay for the same thing ;)
<olem> uh... 4:20 AM! I'm gonna go to bed... 
<cheeseboy> where i put auto eth0?
<cheeseboy> wait olem
<cheeseboy> i need help :(
<olem> you can put 'auto eth0' before, or after the declaration segment for an iface.
<olem> usually, I place them in the begining of my /etc/network/interfaces
<olem> like: 
<olem> auto lo
<olem> auto eth0
<olem> auto eth1
<olem> and then, I declare those interfaces (lo, eth0 and eth1)
<olem> but, well, you can in fact place the 'auto' directive anywhere in you file, excepted in a declarative bloc
<olem> (man interfaces for more
<olem> ok. I'm gonna go to bed. 
<cheeseboy> X(
<olem> cheeseboy, cross check your /etc/network/interfaces with Burgundavia 
<cheeseboy> it broke worst
<cheeseboy> now says network is down
<Burgundavia> cheeseboy: can you pm me that file then?
<olem> I' pretty sure you've got an error in it. It's trivial to correct, if you repeat _exactly_ your /etc/network/interfaces here.
<olem> thx Burgundavia :)
<olem> seeya
<cheeseboy> Burgundavia, how?
<cheeseboy> Burgundavia, i have to type it all :(
<cheeseboy> Burgundavia, wait it just magically fixed
<cheeseboy> X(
<cheeseboy> how i add samba user and pass?  
<foo> w22
<massctrl> hi all, does ubuntu server have xen packages?
<necrite_> hi all
<lionel> hi necrite_
<lionel> massctrl: yes, xen packages are in ubuntu server. 
<massctrl> tnx lionel
<massctrl> I have found a link meanwhile
<massctrl> k I'm not familiar with ubuntu-server, what's the default mailserver ?
<massctrl> is it exim like Debian's ?
<lionel> massctrl: no one is installed by default
<massctrl> lionel: ok good to know, docs are talking about postfix,... https://help.ubuntu.com/ubuntu/serverguide/C/email-services.html 
<massctrl> my fav anyway ;-)
<massctrl> by the way anyone knows if there are any hardware vendors that will support ubuntu server ?
<lionel> I would also advice postfix, but you're free to choose :)
<massctrl> I mean Hp is offering commercial debian support, which is kind of nice, ... but i'm not that keen on debian,...
<lionel> massctrl: I use Dell, HP is also well supported (as used in Canonical DC :))
<Ali_ix> hi
<Ali_ix> does apt-pinning work on ubuntu at all?
<Ali_ix> how do i get it working on feisty?
<shawarma> It just does.
<shawarma> If that's all the detail you're going to give, all I can say is: it already works.
<Ali_ix> thanks shawarma,
<Ali_ix> shawarma: i want to exclude linux-headers and linux-image package to being updated with auto update,
<Ali_ix> how can i do this? which priority  to set?
<shawarma> Ali_ix: Just put them on hold.
<shawarma> Ali_ix: Much easier.
<shawarma> Ali_ix: Heck, it's even easier than that. :)
<Ali_ix> shawarma: on hold? ho to do this?
<shawarma> Ali_ix: Just remove linux-image.
<shawarma> Ali_ix: Not linux-image-2.6.whatever, but linux-image and either linux-image-server or linux-image-generic.
<shawarma> Ali_ix: Those are the packages that depend on the newest and hence it's them that take care of having your kernel uptodate.
<shawarma> Ali_ix: Why do you want to do this?
<Ali_ix> shawarma: i have some good and stable config with 2.6.20-13 kernel on ubuntu, and dont need any kernel update now :}
<Ali_ix> shawarma: i want to exclude kernel-related packages fro auto update
<shawarma> Ali_ix: Um.. Ok.
<Ali_ix> shawarma: some one advised to use pinning
<shawarma> Ali_ix: There's no need.
<shawarma> Ali_ix: You using the server images?
<Ali_ix> shawarma: no, desktop images on feisty
<shawarma> Ali_ix: Ok. "apt-get remove linux-image-generic"
<shawarma> Ali_ix: That should do it.
<shawarma> Ali_ix: I'm curious why you're asking here, though?
<Ali_ix> shawarma: isnt it nessecary for later?
<Ali_ix> *necessary 
<Ali_ix> shawarma: what is within linux-image-generic-* package? just linux headers and sources? :)
<shawarma> Ali_ix: Well.. Yes, in the same sense as the kernel updates are necessary, but it's those you don't want?
<shawarma> Ali_ix: linux-image-generic-* are the actual kernels.
<shawarma> Ali_ix: The headers are in linux-headers-generic-*
<shawarma> Ali_ix: You should *not* remove linux-image-generic-*.
<shawarma> Ali_ix: Only linux-image-generic.
<shawarma> (no suffix)
<Ali_ix> oh, got it :d
<Ali_ix> thanks shawarma :)
<Ali_ix> shawarma: this is a virtual package to the latest apackage build, isnt it?
<shawarma> Ali_ix: Yes. That's how we make sure people get kernel updates.
<shawarma> Ali_ix: Well.. Kernel updates when there are ABI changes, anyway.
<shawarma> Ali_ix: If you want to be completely sure nothing updates your kernel without asking, you should do:
<shawarma> Ali_ix: "echo linux-image-generic-`uname -r` hold | sudo dpkg --set-selections"
<shawarma> Ali_ix: Gotta run!
<Ali_ix> :D some strange command :D
<Ali_ix> shawarma: thanks very much 
<Ali_ix> shawarma: thanks again, and bye ;)
#ubuntu-server 2007-06-10
<Emanon> I'm looking for alpha-testers for a backup package I'm writing (supposed to work a little like Apple's TimeMachine): http://ubuntuforums.org/showthread.php?t=469049
<Emanon> It uses rsnapshot at the lower level, and mounts the backups readonly using unsionfs. A nautilus extension is written that allows users to right-click on a file and review previously saved versions.
<h4wk0> Is there anything i can change so when i make a new user that i can 'mkdir public_html'
<h4wk0> Like automatically
<leonel> h4wk0: create a directory  public_html  in  /etc/skel
<leonel> h4wk0: the next time you add a user with  useradd -m  user  
<leonel> h4wk0: you will have  /home/user  and   /home/user/public_html
<leonel> h4wk0: created
<h4wk0> Thanks
<h4wk0> What about permissions thouh
<h4wk0> *though
<leonel> h4wk0: make the  public_html with the permissions you need  and it will be created  like that
<leonel> h4wk0: that in  /etc/skel
<Shaddox> Hello everyone. How do I create a new init.d script that runs on startup? I know the commands I want to run to start it, and just want to kill the process to stop it.
<maulik> hello... is this the place to find answers about mod-python complaining about the version of python?
<okaratas> hello
<massctrl> When I enable dma on my ide disks in ubuntu-xen, ... the partitions can't be read anymore,... when I disable dma, they can be read, .... anyone knows how to troubleshoot this ?
<massctrl> where can I find the kernel config file used to make ubuntu kernels?  I want to change just a small thing and stay as close as possible to the origanal one,..
<shawarma> massctrl: It's in /boot
<shawarma> massctrl: The running config is in /boot/config-`uname -r`
<Skaag> hey guys, what's an easy to use tape backup utility?
<okaratas> Skaag, bacula is backup management tool http://www.bacula.org
<okaratas> mt -f /dev/st0
<okaratas> what is your tape model?
<Skaag> it's some HP tape
<Skaag> I just discovered flexbackup
<Skaag> it seems simple to use
<Skaag> but now my /dev/st0 is busy...
<Skaag> I think I made a mistake asking the tape to erase
<Skaag> this could take hours
<Zabikten> hai.
#ubuntu-server 2008-06-02
<bimberi> The_Kernel: Yes, Ubuntu installs with no root password set so logins to it are disabled.
<bimberi> The_Kernel: Not sure about the denied login.  It could be in the sshd configuration on that server.  Or /etc/hosts.[allow|deny]
<Kamping_Kaiser> The_Kernel, try with -vv you might have been blacklisted
<christefano> has anyone known ssl-blacklist to have false positives?
<Kamping_Kaiser> i've heard of it, but not with any sort of proof
<christefano> hmm.
<christefano> how do I test my SSL certificate against the openssh-blacklist?
<Kamping_Kaiser> openssl-vulnkey ?
<christefano> I'm not sure how to pass a certificate to openssh-vulnkey. it seems to only check SSH keys
<Kamping_Kaiser> ssl. not ssh
<christefano> ah, I don't have that.
<Kamping_Kaiser> hm.
<Kamping_Kaiser> openssl-blacklist: /usr/sbin/openssl-vulnkey
<Kamping_Kaiser>   Installed: 0.1-0ubuntu0.7.10.4
<emgent> morning
<m11> hello
<Litefire> morning all
<Litefire> i am having a little trouble with my server instal recognizing a sata2 hd
<Litefire> i have an ibm 330 server i installed ubuntu on  and cant seem to figure it out when i start it up i get  ata2: srst failed errno-16  for the data hd
<Litefire> the raid that ubuntu is installed on starts up fine but the sata2 drive i have attached to a pci card isnt discoverable from what i can figure out
<osmosis> anyone know if it is possible to do a raid 10 with software raid?
<_ruben> osmosis: yes .. there's a raid10 kmod .. or you could do it 'manually' with raid1 and raid0
<osmosis> _ruben: is it reliable?
<osmosis> _ruben: can you recommend some instructions ?
<_ruben> the basics are as simple as : sudo mdadm --build /dev/md0 --level=10 -- raid-devices=4 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1
<_ruben> oops, kill the space between -- and raid-devices
<_ruben> the installer doesnt support raid10, so if you want to install the system to raid10, you'll have to drop down to a shell during the install to give that command
<_ruben> and reliable, well, the raid10 kmod is one of there newer raid kmods, so hasnt aged as much as plain raid1+0, but offers some nice enhancements as well (like doing raid10 over 3 disks for example)
<_ruben> http://cgi.cse.unsw.edu.au/~neilb/01093607424
<NineTeen67Comet> Hello, is there a way to get aptitude to install smartmontools w/out exim4, mailx etc etc etc?
 * NineTeen67Comet sudo aptitude install smartmontools = exim4 exim4-base exim4-config exim4-daemon-light liblockfile1 mailx
<ikonia> nealmcb: it just needs an mta
<ikonia> oops
<ikonia> NineTeen67Comet: it just needs an mta
<NineTeen67Comet> aha .. no mail on this server, but I guess it can just use it as it pleases ..
 * NineTeen67Comet would have e-mail if me isp would crack the ports open ..
<ikonia> NineTeen67Comet: let it install exim and then use local mail only
<NineTeen67Comet> ikonia: prolly what I'll do ..
<ikonia> NineTeen67Comet: make it easy on yourself
<cjsstables> hello all.  I can't resolve internal names on my network.  I'm able to resolve external names.  If I do a lookup on my internal nameserver I get an SOA record for prisoner.iana.org.  Can someone help here
<cjsstables> btw I used lookup with an ip address of my name server
<ikonia> cjsstables: ok - so if your domain is "domain1" your saying you can't resolve box1.domain1
<cjsstables> that's correct
<cjsstables> but I can resolve anything on the outside
<ikonia> cjsstables: ok - so have you setup your own domain zone file ?
<ikonia> cjsstables: are you using anything like views ?
<cjsstables> no views.  I have dns forwarding zone
<ikonia> cjsstables: so where is the domain your wanting to resolve kept
<cjsstables> dns server addy is 192.168.0.1,  lynksys router is 192.168.0.2
<ikonia> ok - but where is your domain zone file ?
<cjsstables> it is kept on 192.168.0.1 / srv1.soho.cjs
<cjsstables> internal private network
<ikonia> cjsstables: ok, so if you do nslookup server=192.168.0.1 then "box1.soho.cjs" does it respond ?
<ikonia> cjsstables: do you have "ns" lines in your one file ?
<ikonia> zone
<cjsstables> hold on
<cjsstables> nslookup srv1.soho.cjs
<cjsstables> Server:         192.168.0.1
<cjsstables> Address:        192.168.0.1#53
<cjsstables> ** server can't find srv1.soho.cjs: NXDOMAIN
<ikonia> cjsstables: no - type nslookup
<ikonia> cjsstables: then do server=192.168.0.1
<ikonia> cjsstables: then do serv1.soho.cjs
<ikonia> oops srv1.soho.cjs
<ikonia> just want to check it step by step
<ikonia> (I appriciate thats the same as your output)
<cjsstables> server=192.168.0.1
<cjsstables> Server:         192.168.0.1
<cjsstables> Address:        192.168.0.1#53
<cjsstables> ** server can't find server=192.168.0.1: NXDOMAIN
<cjsstables> > srv1.soho.cjs
<cjsstables> Server:         192.168.0.1
<ikonia> cjsstables: does your zone file contain ns records, does it have an entry for srv1
<cjsstables> Address:        192.168.0.1#53
<cjsstables> ** server can't find srv1.soho.cjs: NXDOMAIN
<cjsstables> yes it has an entry for srv1
<ikonia> server=192.168.0.1 ; ** server can't find server=192.168.0.1: NXDOMAIN
<ikonia> thats worrying
<ikonia> does your zone file have ns lines ?
<cjsstables> what are ns lines?
<ikonia> cjsstables: the say the name servers for the zone
<cjsstables> I can't answer that i'll have to look.
<cjsstables> where do I look at?
<cjsstables> I have webmin installed to administer the name server
<ikonia> ughhh webmin
<ikonia> and this is me backing away
<cjsstables> its ok. i can use command line also
<ikonia> cjsstables: I can't support products with webmind - it's the devils tool
<ikonia> cjsstables: webmin changes the way things can work
<cjsstables> so do you want me to open bind.conf
<ikonia> not really
<ikonia> I wanted you to look at your zone file for "NS" entries
<ikonia> but it certainly wouldn't hurt to look if your bind.conf file contains an entry for your domain either
<ikonia> that way you can see where it expects the zone file to be
<cjsstables> ok.
<cjsstables> brb
<cjsstables> exit
<cjsstables> oops.. sorry
<cjsstables> ikonia:  my named conf doesn't point to any zones.  looks like the zones are included through named.conf.options
<ikonia> cjsstables: ok - so follow that through
<cjsstables> k brb
<cjsstables> ok.  in my named.conf.local I have the following zone
<cjsstables> zone "soho.cjs" {
<cjsstables>         type master;
<cjsstables>         file "/etc/bind/soho.cjs.hosts";
<cjsstables>         };
<sommer> morning all
<jjesse> morning sommer
<ikonia> cjsstables: ok, do you have /etc/bind/soho.cjs.hosts
<cjsstables> ikonia:  inside my soho.cjs.hosts file I have a SOA record for srv1.soho.cjs
<ikonia> cjsstables: ok, I suggest you put an NS line in
<ikonia> cjsstables: I'm worried at why nslookup; server=192.168.0.1 tried to resolve server= rather than set the server to be used
<cjsstables> ok .  there is an ns line for srv1.soho.cjs and an A record for 192.168.0.1
<cjsstables> what bothers me is this line.....soho.cjs.       IN      SOA     srv1.soho.cjs. cjsadmin.soho.cjs. (
<cjsstables> because there is no machine anywhere called cjsadmin.soho.cjs
<cjsstables> cjsadmin is actually a username on the server
<cjsstables> ikonia: can I instant message you?
<ikonia> cjsstables: I'm not signed into one at the moment, sorry
<ikonia> cjsstables: don't worry about the cjsadmin.soho.cjs. line
<cjsstables> ok
<ikonia> cjsstables: can you pastebin the zone file please ?
<cjsstables> youl'll have to re-instruct me on using pastebin.  i forget how to use it.
<cjsstables> is it pastbin.org or com
<cjsstables> actually.  I'll paste all of my bind config files
<cjsstables> ikonia: ok named.conf...http://pastebin.com/m648cf8b9
<ikonia> no - the zone file
<cjsstables> which one would that be?
<ikonia> the one with cjsadmin.soho.cjs line in it
<cjsstables> ok...
<cjsstables> Ikonia:  http://pastebin.com/d4728359f
<ikonia> cjsstables: did you incriment the serial when you changed it ?
<cjsstables> yes
<cjsstables> I sent a whole new pastebin
<ikonia> cjsstables: no the serial on the zone file
<cjsstables> then no I didn't.  I haven't changed it at all
<ikonia> but you did add the "NS" line ?
<cjsstables> no.  those ns  and a records were already there
<ikonia> oh right
<ikonia> thats odd
<ikonia> cjsstables: I suggest you restart bind, look at the file /var/log/messages and check out if it loadds your file ok
<cjsstables> ok
<cjsstables> brb
<cjsstables> ikonia:  looking at the message log I show no messages since last boot at7:22 am.  (Oh I did restart the bind9 server like you said)
<cjsstables> is there any other log that I can look at for bind errors?
<ikonia> you see no updates on restarting bind ?
<cjsstables> nope.  none
<ikonia> thats worrying you should at least see bind shutdown / start time stamps
<cjsstables> ok I'll look again
<cjsstables> ikonia: sorry...  I thought messages were listed latest first.  hold on while I page to the bottom of the file
<ikonia> no problem
<cjsstables> ikonia:  believe it or not there are no other entries in the log after June 2 08:45
<ikonia> I do believe it, but that is quite worrying
<cjsstables> why?
<ikonia> there should be a time stamp for bind stopping and starting
<cjsstables> .  I have rebooted multiple times since 8:45 also.  no of those are in there either
<cjsstables> unless Jun  2 08:45:53 srv1 -- MARK --  is a valid entry for reboot
<cjsstables> I'll restart bind again and see if the messages is updated
<cjsstables> ikonia: I did a restart on bind, and there was no new entry....
<ikonia> cjsstables: one moment
<cjsstables> k
<ikonia> cjsstables: thats my mistake - bind in ubuntu doesn't log
<ikonia> cjsstables: I may log that as an enchancment
<cjsstables> wheh...  I was worrying
<cjsstables> it is funny.  I am ssh'ing into the server with ssh cjsadmin@192.168.0.1,  I then sudo su, and my terminal window from my client shows root@srv1.soho.cjs
<ikonia> cjsstables: sudo su  ???
<ikonia> cjsstables: you shouldn't be doing that
<ikonia> cjsstables: your client name is probably being picked up form your host file resoution
<cjsstables> I know, but I'm not on a production environment yet and also on a private net right now
<cjsstables> one other bit of info when logged onto the server, I can ping srv1 and get resulst returned.
<cjsstables> ping soho.cjs
<cjsstables> returns no host found
<cjsstables> ping srv1.soho.cjs returns good results
<cjsstables> so the server itself is resolving names to ip's
<cjsstables> but my clients cannot resolve names to ip on the local net
<ikonia> cjsstables: and your using the FQD on your clients ?
<cjsstables> yes
<ikonia> cjsstables: have you setup the recersive permissions correctly (they should be ok by default for SOA zones)
<cjsstables> I don't think there is a reverse zone ...I don't know what recursive permissions are
<ikonia> you don't need reverse zone
<cjsstables> ikonia:  should I have a file called soho.cjs.db in my /etc/bind/ directory?  because I don't.  the only thing I have is a db.0
<ikonia> cjsstables: thats normally a cache file (I don't have an ubuntu server to hand to verify this, hence why I'm working from memory)
<cjsstables> ah ok.
<cjsstables> ikonia:  I found a how to to manually create a caching name server in ubuntu.  I'm going to stop dns and rebuild using that.
<cjsstables> hopefully that works
<ikonia> caching name server isn't for hosting zones
<cjsstables> no but it will still allow me to resolve local IP's won't it?
<cjsstables> oops local names...
<_ruben> no, only non-local ones
<ikonia> cjsstables: your problem is that your box doesn't seem aware that it's hosting the domain
<cjsstables> it looks as though this how to has a revers lookup file that has named.conf.local that specifies the zone
<cjsstables> and then referes to a reverse zone
<cjsstables> also has the forwarders in it
<ikonia> cjsstables: ahhhhh I have it
<cjsstables> ok...
<ikonia> cjsstables: your server can do it because it's doing the lookup locally
<cjsstables> ok
<cjsstables> makes sense
<ikonia> your clients hit the box - get forwarded on, but the NS record is 192.168.0.1, which is non-routable so routes to no-where
<Libertine-> hi
<ikonia> cjsstables: take the forward of that zone
<cjsstables> you mean remove the forwarding part
<ikonia> on that domain
<ikonia> so that it knows its local to the box
<cjsstables> hold on I gotta think though this a sec....
<cjsstables> and recall what file holds the forarder
<cjsstables> ikonia:  Ok I'm lost.
<ikonia> cjsstables: one moment
<ikonia> I'm going to see if I can gain access to an ubuntu box from where I am
<cjsstables> ok
<cjsstables> ikonia:  I have to go outside for a minute...  smoke break..  LOL.  I'll be back
<cjsstables> ikonia:  back now
<cyris|> morning everyone
<zul> jdstrand: ping
<jdstrand> zul: pong
<zul> jdstrand: you were the last one to touch openldap2.3 in hardy do you mind if I take the merge off your hands?
<jdstrand> zul: that would be very much appreciated :)
<zul> jdstrand: consider it done :)
<jdstrand> \o/
<jdstrand> thanks
<emgent> heya :)
<uvirtbot> New bug: #236830 in samba (main) "cifs does not support kerberos authentication" [Undecided,New] https://launchpad.net/bugs/236830
<afief_> Could someone tell me what's wrong with the following crontab? 53 18	* * *	root	mysqldump --all-databases -uroot -pmightyrhapsody | bzip2 > /media/backup/mysql/`date \+%d-%m-%y`.bz2
<InsomniaCity> you might be better off moving the commands out into a script somewhere
<afief_> InsomniaCity, thanks, I'll try that
<InsomniaCity> also, my crontab doesn't have usernames in it
<delcoyote> hi all
<delcoyote> have an issue to connect lan server through putty or ssh, server has monitor, mouse,keyboard, through a kvm switch(4 pc's) if its connected it connects, if its disconnected from monitor, mouse, keyboard, can't connect to it, and if keyboard and mouse(not monitor) are connected I can connect also, what is wrong, what I shold be looking for?
<hackeron> hey, I'm trying to text kexec to boot another kernel on kernel panic, the documentation says to echo c > /proc/sysrq-trigger but it isn't causing a kernel panic on my ubuntu server - how do I cause a kernel panic?
<hackeron> err, I mean I'm trying to get kexec to boot another kernel on kernel panic
<spiekey_> Hi
<spiekey_> is anyone here using some tool to monitor the CPU, Harddrive and motherboard teperature?
<mathiaz> sommer: is there anything about nss-ldap and how to setup an ubuntu client to use an ldap server instead of NIS in the docs ?
<sommer> mathiaz: nope, not in the serverguide, but there are some good guides in help.u.c
<timboy> ssh stopped working on my my main computer... when I try to connect it says connection refused...
<sommer> mathiaz: expanding the LDAP section is on the list for Intrepid though :)
<timboy> i removed it with apt-get remove and reinstalled it but still no go... is there something else I should look at?
<sommer> timboy: is the sshd service running?
<timboy> sommer, in /etc/init.d/ there is no ssh there is ssh though
<timboy> i restarted it and it said ok but still says refused
<sommer> timboy: try ps -ef | grep sshd, and see if it gives you some process numbers
<sommer> timboy: you could also try ssh -vvv hostname, to give more debugging output
<timboy> root 25684 1 10:50 ? 00:00:00 /usr/sbin/sshd
<timboy> same message. connection refused no more useful data
<timboy> not running a firewall
<sommer> timboy: did you use the -vvv option?  you might also check /var/log/auth.log on the server
<timboy> sommer, in /var/lob/auth.log it says error: bind to port 22 on 0.0.0.0 failed: address already in use. I'm sure that's from when I restarted ssh
<timboy> so something is already using ssh port?
<sommer> timboy: you might have another service running on that port then
<timboy> ok how do I tell
<blue-frog> mathiaz: very simple. install ldap-auth-client, make sure you enter the ldap admin passord during conf, run: sudo auth-client-config -a -p lac_ldap, change bind_policy hard by bind_policy soft in /etc/ldap.conf and off you go
<sommer> timboy: I'd try sudo /etc/init.d/ssh stop, and then ps -ef | grep ssh to make sure all the process are stopped
<timboy> 6583 6545 0 may 30 ? 00:00:00 /usr/bin/ssh-agent x-session-manager
<timboy> sommer, what's that mean?
<timboy> can someone help me troubleshoot my ssh issues?
<timboy> something appears to be hogging port 22...
<sommer> timboy: is that ssh-agent running on the server?
<timboy> i don't know... it's in my init.d directory
<timboy> ok nevermind it's not in my init.d directory
<sommer> timboy: which machine did you run find the process on?  the one you're trying to connect to or the machine you're trying to connect from?
<sommer> timboy: I'd try restarting ssh on the machine you're trying to connect to
<timboy> the one i'm trying to connect to
<timboy> i've done that several times though...
<sommer> timboy: are there any errors in /var/log/syslog after you restart ssh?
<timboy> no just the error I get in auth.log
<timboy> i just purged the ssh and openssh-server programs with aptitude and reinstalled them and no go. so there is something else using port 22
<ScottK> timboy: Does netstat list anything?
<sommer> can you pastebin the output of ssh -vvv servername ?  replacing servername with the host you're trying to connect to
<timboy> sommer, http://rafb.net/p/2yFLIv70.html
<sommer> timboy: have you upgraded both the server and the client... it may be because of the week sshkey issue
<timboy> not upgraded client but have upgraded server...
<timboy> sommer, I can't even do ssh localhost
<sommer> timboy: as ScottK said try netstat -a and see what is listening
<timboy> sommer, doesn't appear that anything is...
<sommer> and you still get the error about something already listening on port 22?
<timboy> yes
<timboy> weird
<sommer> hrrmmm, maybe try restarting... that'll be sure and stop all the services
<timboy> ok...
<sommer> timboy: you might also try setting the LogLevel attribute in /etc/ssh/sshd_config to DEBUG, to produce more output
<timboy> sommer, still no go
<timboy> ssh localhost is working but in my auth.log i still get the error about binding to port 22
<timboy> sommer, took so long because i had the joyous fsck check
<sommer> timboy: you might also try setting the LogLevel attribute in /etc/ssh/sshd_config to DEBUG, to produce more output
<sommer> timboy: netstat -nlp may reveal more about which process are using which ports
<timboy> sommer, shows nothing with port 22 in netstat
<timboy> actually now it's showing up hold on
<sommer> timboy: and sshd is running?  you should see output from ps -ef | grep sshd listing a proces number
<timboy> sommer, ok purged it again!@ and now it doesn't show up...
<sommer> timboy: so try starting it again (/etc/init.d/ssh start)
<sommer> timboy: can you pastebin the output of ps -ef ?  after trying to start ssh
<timboy> i'll need to install it again
<sommer> yep you'll need openssh-server installed in order to connect
<timboy> root     14604     1  0 12:02 ?        00:00:00 /usr/sbin/sshd
<timboy> Jun  2 12:02:25 ubuntu sshd[14604]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
<timboy> is this because i'm installing both ssh and openssh-server?
<timboy> what's weird is that it says it is running but at the same time tells me that it can't bind to port 22. same PID
<timboy> I can do ssh localhost now though
<dena_> sommer, about to reformat...
<nealmcb> . o O (timboy needs to run sudo netstat -ltp to find out who has the port open)
<genii> Is there some CLI update-notifier? Aside from the obvious way of just running something like apt-get update or such that is.
<blue-frog> genii: what is your need?
<InsomniaCity> genii: I'd imagine apt has exit codes or something for non-interative operation
<InsomniaCity> *interactive
<genii> blue-frog: Basically to have the CLI equivelent of update-notifier feauture which exists otherwise.
<genii> When run unattended perhaps to email admin of which are available
<blue-frog> as I don't know if it exits (certainly es) I would use a workaround myself, apt-get update && apt-get -s dist-upgrade and email the result (or log)
<blue-frog> email upon conditions, only if one of the result has something else than 0 in (0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded)
<blue-frog> well at least 0 upgraded in fact
<osmosis> whats the alternative CD for ?
<blue-frog> install GUI Ubuntu
<osmosis> blue-frog: for server ?
<blue-frog> well if you want a GUI server
<blue-frog> but more for desktop
<blue-frog> genii: have a look at man apt-get. what about the -u option?
<Erosion> Just installed ubuntu server, is there a guide about what I should install when I first get it?
<blue-frog> I would say that only you know what service you want.
<blue-frog> genii: or maybe  apt-show-versions -u
<genii> Hmm, perhaps download-only with -u then pipe that to a file which emails off
<genii> You'd think there might be a simpler way though
<blue-frog> in that case -s would be enough, no need to download
<Erosion> Isn't there a guide, showing the best software for FTP, Web Server, Mail Server etc
<Erosion> In ubuntu server when I hit the <-- KEY, (backspace), it treats it like I've hit the DEL Key, and removes the character infront (instead of behind)
<blue-frog> genii: apt-show-versions from universe looks nice
<genii> blue-frog: I'm formulating a plan in which if already downloaded, a return email may be parsed and packages indicated there upgraded
<blue-frog> yes yes understood, apt-show-versions -u will list all the upgradeable packages
<blue-frog> and apprently exit 0 if none
<lukehasnoname> erosion:
<lukehasnoname> During install you should have been prompted on what type of server you wanted, then it would install the latest supported software for that task
<lukehasnoname> It's possible to bring up that menu again, but I don't know the command.
<blue-frog> tasksel
<lukehasnoname> boosh
<Erosion> Is there any way of getting into my remote ubuntu-server located in the US, from my iMac in the UK?
<Erosion> Apart from SSH.
<blue-frog> magic?
<nealmcb> erosio
<JanC> Erosion: there are a zillion ways, but you have to prepare them before you leave of course  ã
<nealmcb> ...oops
<Erosion> JanC: You cannot do it in SSH?
<Erosion> I have root SSH access to it from here
<JanC> so, then you can install anything you want I guess, but what's the problem if SSH works ?
<nealmcb> look at the options available with the "tasksel" command
<Erosion> JanC: I'd like to be able to view the desktop, so I get the full environment.
<nealmcb> vnc?
<Erosion> What's the quickest way?
<Erosion> Through an iMac?
<nealmcb> !servergui
<ubottu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<blue-frog> Erosion: have you installed a server or desktop?
<Erosion> Server
<Erosion> I run OSX here though
<Erosion> Is it possible?
<JanC> run X through ssh -X / ssh -Y or run VNC through ssh or ssl ?
<blue-frog> then to do what you want you would need to install a GUI first
<JanC> well, at least the X libs...
<blue-frog> otherwise with ssh you already see the the full environment
<JanC> and some X client programs
<Erosion> OK
<JanC> Erosion: why do you need a GUI?
<Erosion> Was just a thought, it's not necessary, JanC
<Erosion> What does this mean?: Package libmysqlclient12-dev is not available, but is referred to by another package.
<JanC> it means what it says...
<lukehasnoname> Does Xen have any sort of GUI for administration or any formal manual that discusses remote administration?
<JanC> libmysqlclient12 is actually pretty old ?
<nealmcb> lukehasnoname: virt-manager does xen
<Erosion> JanC: Just got it from a guide.
<lukehasnoname> k
<JanC> Erosion: I guess that's a guide tah twasn't updated for Ubuntu 8.04
<lukehasnoname> nealmcb thanks
<kirkland> kees: hey, you around?
<kees> kirkland: yup, what's goin' on?
<JanC> 'libmysqlclient12-dev' was in dapper & edgy
<kirkland> kees: hey, was wondering if you might give another spec a once-over
<kees> sure, url?
<JanC> Erosion: you can probably just use the latest libmysqlclient library?
<kirkland> kees: https://wiki.ubuntu.com/EncryptedPrivateDirectory
<kirkland> kees: I tried to follow your use case examples more closely in this spec
<lukehasnoname> sounds interesting
<lukehasnoname> I don't know enough to judge how complicated it would be to implement an encrypted fs like that
<kees> kirkland: on a nit-pick, use case 3 seems entirely addressed by DAC (remote users).  Not sure how to improve that one, since case 4 seems more compelling (local users).  Also, I would recommend discussion of how it relates to the xdg-user-dirs package (see /etc/xdg/user-dirs.defaults).  Does it perhaps belong in there?  I'd like to see (maybe with another use-case) the option for people to NOT have to have an encrypt ~/Private (i.e. I trust DAC e
<lukehasnoname> I've always thought that at minimum a 700 folder should be in each uer's dir
<kirkland> kees: so the only difference between 3 and 4 I intended (in my mind anyway) was SSH logins versus Desktop logins
<kirkland> kees: and by Desktop, I even mean Remote Desktop or VNC connections
<kirkland> kees: graphical vs. command line only
<kirkland> lukehasnoname: thanks.
<emgent> heya
<kirkland> kees: so with respect to 3 & 4, this gives you some cryptographic protection of your data (in addition to DAC) when you're not logged into the system, and a whole lot of protection if someone steals the physical hardware and it's powered off
<kees> kirkland: perhaps add the "stolen hardware" bit?  just to help defend it.  :)
<kees> kirkland: what do you think of the "allow people to not have an encrypted mount point" option?
<kirkland> kees: physical abduction of a server is of course unlikely in any major corporate environment; but small to medium business, say a mom-and-pop shop or a dentist office....
<kirkland> kees: yeah, i think that's a good idea
<kirkland> kees: i will definitely add that one
<kirkland> kees: give me a moment to think on that one.........
<kees> kirkland: cool.  yeah, for theft, I think it's a valuable use-case, so it's good to highlight it.  :)
<kirkland> kees: so i was planning on handling this as an "Opt-In" in adduser
<kirkland> "Do you want an encrypted ~/Private directory for this user?"
<kees> kirkland: oh! even better.
<kees> I'd like to see ~/Private added to xdg-user-dirs regardless
<kees> (and to see the ~/Desktop perms changed for that too)
<kirkland> kees: perhaps what would be useful is an "undo" operation.  basically a reverse of ecryptfs-setup-confidential
<kirkland> kees: i need to research xdg-user-dirs as I'm not familiar
<kees> kirkland: yeah, it was provides ~/Desktop, Documents, Templates etc
<kirkland> kees: cool
<kirkland> kees: if you think it's necessary (or if someone else requests it), i can add an option to ecryptfs-setup-confidential --reverse
<kirkland> which would kill the entry in /etc/fstab, copy the cleartext data to ~/Private, remove the encrypted .Private directory, and remove the entries from .bash_profile, .bash_logout, and .config/autostart
<kees> it might be nice, yeah.  It would certainly make it more complete.
<kirkland> kees: actually, that would be useful for my testing
<kirkland> kees: i've been doing that schtuff by hand every time I fvt my scripts :-)
<kirkland> kees: okay, i added a blanket statement about physical theft and crypto+DAC below the Use Cases, since it actually applies to all of the Use Cases
<kirkland> kees: i'll add a bit about undoing the cryptographic mountpoint of ~/Private
<kees> cool
<kirkland> wiki is so painfully sloooooooow :-/
<kirkland> kees: fyi, use case 7 added (undo ~/Private encryption), as well as a note below all Use Cases regarding physical theft
<kirkland> kees: https://wiki.ubuntu.com/EncryptedPrivateDirectory
<kirkland> kees: I'm going to push it onto ubuntu-server@ for comments
<kees> kirkland: sounds good.  :)
<kirkland> kees: i even found  (in retrospect) a bug report supporting this BluePrint: https://bugs.edge.launchpad.net/bugs/210179
<uvirtbot> Launchpad bug 210179 in ecryptfs-utils "encrypting part of a file system is way too hard" [Wishlist,In progress]
<kees> haha, nice.
<nijaba> nealmcb, ajmitch: thanks a lot for your support on my ubuntu membership!
<hackeron> hey, I'm trying to get kexec to boot another kernel on kernel panic, the documentation says to echo c > /proc/sysrq-trigger to trigger a kernel panic to test if kexec starts another kernel, but it isn't causing a panic :( - how do I cause a kernel panic to test if kexec is working?
<uvirtbot> New bug: #236931 in openssh (main) "openssh-server does not find dsa keys authorized_keys file" [Undecided,New] https://launchpad.net/bugs/236931
<ajmitch> nijaba: not that I really helped :)
<mathiaz> nijaba: congrats !
 * nealmcb appreciates nijaba
#ubuntu-server 2008-06-03
<slimjim8094> hey guys, quick question
<slimjim8094> ehlo from slimjim8094
<slimjim8094> bah, say my name when (if) you come back
<InsomniaCity> why not just ask the question?
<slimjim8094> ok, fair enough
<InsomniaCity> then when they come back, they'll answer the question too
<slimjim8094> ok - well i'm running bind9 and dhcp3-server
<slimjim8094> on the same bodx
<slimjim8094> box*
<slimjim8094> i'm using this as a router/server/samba/nfs/squid/firewall/awesomebox
<slimjim8094> and it's been working great
<slimjim8094> but i haven't been able to get ddns-updates to work, from dhcp-server to bind9
<slimjim8094> my main question is - do I *need* security (key) if I don't want one?
<slimjim8094> because i'd prefer to not use one... I trust my network
<InsomniaCity> Deeps knows about dhcp+bind9, IIRC
<slimjim8094> ok well holla if/when you come back
<slimjim8094> my irc beeps at me if you say my name :)
 * kees ponders try to S-O-S slimjim8094's irc client.  ;)
<kees> *trying
<slimjim8094> DoS? or SOS?
<kees> like, playing out "deet deet deet  deet   deet   deet   deet deet deet"
<slimjim8094> rofl
<slimjim8094> kees
<slimjim8094> kees
<slimjim8094> kees
<kees> :)
<slimjim8094> kees
<slimjim8094> kees
<slimjim8094> kees
<kees> mine just highlights ;)
<slimjim8094> kees
<slimjim8094> kees
<slimjim8094> kees
<slimjim8094> how about that?
<slimjim8094> oh
<slimjim8094> mine does both XD
<ray_> hi any one here
<ray_> how you set up dns so i can use it with my routor and isp on my own on ubuntu 8
<ray_> ?
<slimjim8094> ray_
<slimjim8094> oh
<slimjim8094> well he's gone...
<pteague> ok, this isn't good...  i'm getting something like "no journal on filesystem md0"...  there should be, it's a 1.2tb with only about 100gb free
<mathiaz> dendrobates-: Could you modify https://blueprints.launchpad.net/ubuntu/+spec/easy-ldap-server to set me as the drafter ?
 * ajmitch wouldn't mind being removed as assignee from these as well
<ajmitch> while I'm starting to get back into ubutnu development where possible, I don't think I'll be taking care of these specs
<mathiaz> ajmitch: could you change that information ?
<pteague> http://pastebin.com/m715d8c43
<ajmitch> mathiaz: no, I tried the other day
 * ajmitch will try again with this spec
<ajmitch> nope, forbidden
<ajmitch> dendrobates is a member of ubuntu-drivers, I'm not
 * ajmitch wishes he could help with that raid problem
<pteague> http://pastebin.com/m715d8c43 :(
<ajmitch> yeah, I saw
<pteague> oops, sorry for repost... carrying on multiple convos in diff channels
<ajmitch> does dumpe2fs tell you any thing useful?
<pteague> can i run that directly on /dev/md0 cause it won't let me mount it at all
<ajmitch> afik you can, and it shouldn't modify the filesystem on there that I'm aware of
<mathiaz> ajmitch: ok - thanks - I'll ping dendrobates- about this spec.
 * ajmitch is glad to see things moving ahead with the server team though
<pteague> k, running dumpe2fs... it's a 1.2tb raid5 so may take a while... does it output to 1 or 2? i figured i'd dump the output to txt
<ajmitch> so it's getting somewhere?
<pteague> seems to be... red light is blinking on the 1st drive
 * ajmitch probably isn't the best person to help with filesystem intricacies
<ajmitch> since for me, things generally just work & I don't dig deeper :)
<pteague> yeah, i usually don't have problems, but there was a power outage today... i shutdown the server, but i don't know if it finished shutting down before or after the ups went down
<pteague> the output file is about 2.7mb & i couldn't paste the entire thing to pastebin so i just pasted a part of it - http://pastebin.com/m4f7e26fb
<ajmitch> certainly still looks like a valid FS with metadata
<pteague> somebody in tulsa lug was able to help me out... after a bunch more debugging ended up having to run `tune2fs -j /dev/md0`
<ajmitch> a bit painful
<ajmitch> and surprising that the journal could just disappear
<pteague> yeah, i think what happened was ups died in the middle of shutdown earlier... had a tree fall on a power line 2 blocks south of here
<ca_dsl> hi all
<ca_dsl> I need some help with installing ubuntu 8.04 server
<ca_dsl> anyone there that can help
<soren> ca_dsl: That's hard to say. You haven't asked a question yet.
<ca_dsl> o right
<ca_dsl> trying to install ubuntu 8 on a hpt374 raid 5 array
<ca_dsl> but the partition manager won't see the array
<ca_dsl> it only sees the individual disks
<ca_dsl> I am sure I am missing something simple here
<ca_dsl> but I cant seem to find any info on the web on how to do this
<ca_dsl> any ideas?
<soren> Your raid-crontroller is probably not a "real" raid controller. It's quite comon.
<soren> common,even.
<ca_dsl> what do you mean by that?
<soren> It just gives you a way to configure your raid arrays in a bios-ish configuration thing, and then the operating system is supposed to do software raid based on that information.
<ca_dsl> I don't think that is the case with the Hiphpoint Rocket Raif
<ca_dsl> err raid cards
<ca_dsl> but I honestly don't know
<ca_dsl> how can one tell?
<soren> Real RAID card are *really* expensive.
<ca_dsl> nm I just googled it and it turns out it is indeed a "Bios assisted"
<ca_dsl> card
<ca_dsl> that explains why I see the individual drives
<ca_dsl> so how do I make them work as a RAID 5 on a cleam install?
<soren> Actually... I'm not sure.
<ca_dsl> ahh
<ca_dsl> apparently ubuntu is loading the standard hpt366 driver (standard ide)
<ca_dsl> so the question becomes how do I manually tell the installer to load a different driver for the hdd controller?
<soren> You don't want to use a different driver.
<ca_dsl> apparently the propiertary driver will see the array
<ca_dsl> I found a howto on the install once the system is up and running
<Koon> ca_dsl: yes, Highpoint Rocket raid cards are usually hardware raid cards, so I think your problem is more that it's not properly recognized
<Koon> ca_dsl: which one is your model exactly ?
<ca_dsl> Rocket Raid 454
<ca_dsl> w/ the HPT374 chip
<ca_dsl> Koon: any ideas then?
<ca_dsl> I tried hitting F6 but nothing happened *grins*
<Koon> ca_dsl: I'm looking... it should have loaded the right module
<ca_dsl> ok
<Koon> ca_dsl: http://stefan.freyr.org/?page_id=6
<Koon> you apparently aren't the first one
<ca_dsl> thats a change
<ca_dsl> normally my problems get a response of "thats a first" or "no one else seems to have that problem"
<ca_dsl> o thats the howto I foind
<ca_dsl> err found
<ca_dsl> it assumes a system is allready up and running
 * rgl waves
<ca_dsl> and is for x64
<ca_dsl> I am running the x86 version
<ca_dsl> and I am trying to install onto the array (no more space for extra drives)
<Koon> ca_dsl: yes, I'm not so sure how you can blacklist a module and load another one soon enough in the install
<ca_dsl> the installer has a shell
<ca_dsl> but darned if I know what to do with it
<ca_dsl> could I use the shell and compile the driver for the install?
<Koon> no, you'd need a more complete system to compile things
<ca_dsl> hmm
<ca_dsl> there is no liveCD version of server is there?
<Koon> ca_dsl: no
<ca_dsl> hmm
<ca_dsl> yet another wall
<ca_dsl> i seem to have a nack with stumping the experts
<Koon> I suppose you could compile the hpt374 module on another system, copy it somehow when you drop to the shell, rmmod hpt366 and insmod hpt374... but I couldn't tell you the exact steps
<Koon> the easiest would be to have one disk outside the array
<Koon> install on it
<ca_dsl> yeah rmmod is not a shell command on the install
<ca_dsl> I am thinking you are right about using another disk
<ca_dsl> it would keep the system seperated from the data
<ca_dsl> and the howto would then work...
 * ca_dsl stares at the case and wonders how to install another drive
 * ca_dsl grabs hit hot glue and another drive
<Koon> ca_dsl: good luck !
<ca_dsl> thnx
<ca_dsl> is 7 drives in a mid tower too many :D
<ca_dsl> frankenserver, in fact I think that will be its name
<ca_dsl> wonder where I can hire an Igor
<soren> :*)
<ca_dsl> koon and soren thanks for the help
<soren> np :)
 * ca_dsl bows spins and is gone
<Furom> Does anyone in here comprehend how SMTP works? I need insight to this subject. For example, lets say that I have an SMTP server running, it should recieve emails from something like, ANYTHING@my.ip.ad.dre.ss, right? Or is there extra steps I have to take to make it work? My situation is, that I'm using a ruby server that I'm programming myself, to store text emails in mysql. I don't want an over complicated system that enables
<Furom> transfer of files and such. I just need to be able to receive emails.
<hads> Furom: It's not really #ubuntu-server related. Probably the best way would be to setup a standard MTA and have your mail delivered to your script via pipe.
<Furom> hads: Ah, I figured it would be, since technically, it's an SMTP server setup that I'm trying to accomplish. Well, guess I better get back to googling.
<kraut> moin
<daffy> hi all
<daffy> somebody use egroupware software ?
<daffy> i've a problem with it :(
<soren> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<daffy> i use egroupware with ldap authentification, and "felamimail" don't use the correct user for connect to the imap server, egroupware use UID for authentification on egrouware and felamimail use this login but my configuration on ldap for mail adress is not the same as UID
<soren> Whu... PHP seriously doesn't have an execve function?
<daffy> this is for me ?
<soren> No.
<soren> For me.
<daffy> oki ^^
<soren> And presto! The first stab at a web-enabled version of ubuntu-vm-builder is now functional.
<frippz> soren: sounds cool. so where's the Sourceforge page? :D
<ogra> sourceforge ... pffft .... thats so 90s ...
 * soren shudders at the mere thought of dealing with sourceforge again.
<Kamping_Kaiser> hehe
<frippz> fine.... so what's the hot stuff these days? google code? :P
<soren> I liked their build farm, but the web interface? NEver again..
<soren> launchpad, dude!
<frippz> of course... silly me :)
<soren> That's where it's at. All the cool kids use it.
<Kamping_Kaiser> funny that :P
<frippz> as soon as I can get my boss to hock up the â¬200 for a new rack server, I'll get into virtualization as well :)
<frippz> and a web interface would be nice
<frippz> heh, meant â¬2000
<frippz> I'd like to see the rack server you get for â¬200
<dthacker> well the storm woke me up, I might as well go to work.
<pschulz01> Kamping_Kaiser: ping
<Kamping_Kaiser> pschulz01, pong
<pschulz01> Kamping_Kaiser: We have some deadlines :-(
<pschulz01> Kamping_Kaiser: re. bugzilla3
<pschulz01> Kamping_Kaiser: :-)
<zul> monkeys!
<Kamping_Kaiser> pschulz01, :/ thats bad what sort of deadline?
<pschulz01> Kamping_Kaiser: Friday week.. get everyone using new bugzilla (cutover).
<Kamping_Kaiser> pschulz01, i might come in extra day/s next week then.
<sommer> morning all
<pschulz01> Kamping_Kaiser: I might just install it.. as we have it now.
<pschulz01> Kamping_Kaiser: The we will have a week to sort out the data migration.
<pschulz01> Kamping_Kaiser: SSL should just work (touch wood).
<Kamping_Kaiser> pschulz01, i expect its close. i'll find out how its going thursday i guess ;)
<pschulz01> Kamping_Kaiser: Ok.
<Kamping_Kaiser> afk. sleep :)
<sommer> jdstrand: I was playing with the smbd apparmor profile in the apparmor-profiles package, and I think there a couple more directories that should be added by default:
<sommer>   /var/spool/samba/** rw,
<sommer>   /var/run/utmp rwk,
<sommer> just an fyi :)
<Asad2005> can someone help me set up my wireless NIC wlan0 as access point, my eth0 is currently set up as DHCP server hardy64
<jdstrand> sommer: thanks! can you file a bug against apparmor-profiles?
<sommer> jdstrand: sure will do
<emgent> heya
<cjsstables> Morning.  Have a problem with a user logging into ldap network server.  User can log in with a windows client but cannot log in with a linux client.  other users are not affected.  where do I begin my search to remedy this issue
<mathiaz> Koon: well - it's hard to find a time that would fit almost everyone.
<mathiaz> Koon: http://timeanddate.com/worldclock/meetingtime.html?month=6&day=4&year=2008&p1=196&p2=69&p3=43&p4=224
<Koon> mathiaz: yes, looks like the less worse time on that table
<zul> mathiaz: do you want to do the mysql merge?
<mathiaz> zul: Not in the next few hours - go ahead
<rgl> any of you guys using powerdns?
<Asad2005> can someone help me set up my wireless NIC wlan0 as access point, my eth0 is currently set up as DHCP server hardy64
<gladk> Asad2005: what access point do zou have_
<gladk> ?
<gladk> sorry, Deutsch keyboard :
<gladk> :)
<slimjim8094> sup
<slimjim8094> listen - i have a question about ddns-updates
<slimjim8094> can anyone give me a hand?
<mathiaz> jdstrand: ok - I'll join #ubuntu-meeting now - ping me when you're about to be up
<spiekey_> hi
<mathiaz> sommer: is auth-client-config documented in the Server Guide ?
<sommer> mathiaz: I don't think so
<sommer> mathiaz: nopers, currently the serverguide covers setting up services, not necessarily configuring clients to use them
<sommer> mathiaz: that can be added though :-)
<mathiaz> sommer: right - it may be worth adding about a section about this
<mathiaz> sommer: or a section about how-to integrate your ubuntu server in an existing infrastructure
<sommer> mathiaz: sure, I'll add it to the list
<mathiaz> sommer: that would cover likewise-open, nss and pam
<mathiaz> sommer: I've just updated a spec about this topic - https://wiki.ubuntu.com/NameServicesIntegration
<sommer> mathiaz: just added a note to the serverguide spec as well: https://wiki.ubuntu.com/IntrepidServerGuide
<mathiaz> dendrobates: could you update this blueprint https://blueprints.launchpad.net/ubuntu/+spec/network-authentication ?
<mathiaz> dendrobates: and make me the drafter ?
<ledmushroom> Ok lets say that I have multi users on this pc ubuntu 8 and I was wondering is there away to limit there ability  to d/l anything with out a password, I mean let them on the net but no d/l of any kind. thats it
<ledmushroom> Ok lets say that I have multi users on this pc ubuntu 8 and I was wondering is there away to limit there ability  to d/l anything with out a password, I mean let them on the net but no d/l of any kind. thats it
<ledmushroom> dont know what happened to the first post
<soren> What do you mean by "on the net but no d/l of any kind"?
<ledmushroom> they would be allowed to surf but not download anything with out a password or something
<soren> Surfing and downloading is the same thing.
<soren> (in this context)
<Deeps> sounds like the guy wants a browser in kiosk mode
<nealmcb> yeah - like it is hard to tell the difference between listening to music and recording it....  but tell that to the DRM fanatics
<ledmushroom>  so what you mean is no unless i take away the net all together
<nealmcb> ledmushroom: what do you want to prevent - changes to the system?
<ledmushroom> right
<ledmushroom> i guess
<nealmcb> like a kiosk mode?
<Deeps> 20:38:31 < Deeps> sounds like the guy wants a browser in kiosk mode
<ledmushroom> i guess if i knew what that was
<nealmcb> Deeps: right - I was just doing it in conversational style :)
<Deeps> where you can surf the net, but not do anything else
<Deeps> like at a cybercafe, or a internet point at an airport
<nealmcb> kiosk mode == where the computer is supposed to remain the same for the next user - can't install programs or change preferences?
<ledmushroom> i guess but havent been to any of those i suppose so
<ledmushroom> hehe
<Deeps> or download files
<ledmushroom> yes
<nealmcb> well, "download" is too overloaded in meaning to make much sense here
<Deeps> write files to disk and/or run random applications
<CyberKing> question: can i install ubuntu server in GUI mode?
<nealmcb> is it a server or a desktop with a gui?
<ledmushroom> yes deeps
<nealmcb> (my question was for ledmushroom...)
<nealmcb> !servergui | CyberKing
<ubottu> CyberKing: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<ledmushroom> desktop
<ledmushroom> sorry was lost for a min
<nealmcb> ledmushroom: then you'll probably get better help in #ubuntu or another channel - the folks here don't do much with guis
<Deeps> although if you insist on a gui, installing ubuntu desktop and tasksel -i ubuntu-server would be the same as installing ubuntu server and tasksel -i ubuntu-desktop
<ledmushroom>  they told me to ask in here
<ledmushroom> lol
<nealmcb> Deeps: well, you'd have a slightly different kernel, but yeah
<Deeps> point
<CyberKing> thanks, nealmcb
<nealmcb> :)
<nealmcb> ledmushroom: this is dated, but may give some ideas: http://ubuntuforums.org/showthread.php?t=338980&highlight=kiosk+cafe
<ledmushroom> ty
<CyberKing> nealmcb, so when i install it, it'll be all text mode too, right?
<nealmcb> CyberKing: installing ubuntu-server provides a command-line interface.  ebox provides a web gui interface
<nealmcb> ..as noted in that page...
<CyberKing> got it now... thanks again nealmcb
<slimjim8094> ehlo from slimjim8094
<slimjim8094> anyone know anything about BIND + dhcp-server ddns?
<sergevn> until when are there updates for gutsy server?
<nealmcb> gutsy is supported for 18 months - until next spring
<sergevn> nealmcb: ok cool thx :)
<sergevn> I have my production server running on gutsy ( i know bad idea )
<sergevn> I dont know if it's safe to upgrade to hardy on the fly?
<nealmcb> not necessarily a bad idea - there are lots of scenarios out there...
<sergevn> only running apache, php, mysql, postfix, dovecot
<nealmcb> well, "safe" as in "no one will die", but most folks test the upgrade on a non-production box first....
 * nealmcb considers heart attacks and revises his answer....
<ph4mp573r> hey, I keep getting a "file to large" bounce back on email. I checked /etc/postfix/main.cf & master.cf and couldn't find a size limit. Any ideas? Ubuntu Server 8.04 LTS
<sergevn> nealmcb: hehe :), well postfix en dovecot depend on mysql
<sergevn> nealmcb: im not worrying about apache, but about dovecot/postfix
<nealmcb> ph4mp573r: you're running the server that is sending the bounce message?
<ph4mp573r> yes
 * soren hugs jdstrand 
<soren> jdstrand: Congratulations, dude!
<ph4mp573r> any idea where the size limit is set?
<nealmcb> what does this say:  postconf -d
<nealmcb> cheers for jdstrand - new core-dev:  https://lists.ubuntu.com/archives/motu-council/2008-May/001101.html
<jdstrand> thanks nealmcb!
<ph4mp573r> bounce_size_limit = 50000
<ph4mp573r> bounce_size_limit = 50000
<ph4mp573r> it says bounce_size_limit = 50000
<ph4mp573r> where is that set?
<JanC> sergevn: just try the upgrade in a virtual machine
<ScottK> nealmcb: Not yet.  He still has to go in front of the tech board.
<nealmcb> ScottK - this was from #ubuntu-meeting - but maybe I missed something - cc meeting now?
<JanC> make sure that you have the same software running in the VM before you start upgrading in it
<ScottK> Ah
 * ScottK was reading the mail, not the IRC channel.
<Deeps> or just use something like partimage to copy your current machine to a virtual disk and do the upgrade that way
<Deeps> (in the vm)
<nealmcb> ScottK - yeah - I meant to also reference the meeting channel - but I haven't read all of what is going on...
<nealmcb> ScottK - can you answer ph4mp573r's question on setting size limits?  ^^
<ScottK> Yes.
<ScottK> Bounce size limit isn't it.  Give me a sec.
<ph4mp573r> k thank you
<sparky01> I have a question about the recent kernel patch...
<ScottK> ph4mp573r:
<sergevn> JanC: yes ill try this next week, thanks
<ScottK> ph4mp573r: What does postconf | grep message_size_limit produce?
<sparky01> why would it not download and install on server. It says packages held back... ?
<sergevn> Does this also count for security updates? the support limit of next spring?
<ScottK> sergevn: Yes.
<ph4mp573r> 10240000
<ph4mp573r> Scottk: 10240000
<ScottK> ph4mp573r: That's the default.
<ScottK> ~ 10MB
<ScottK> ph4mp573r: How big a message do you want to send?
<ph4mp573r> yeah, the emails that he's complaining on bouncing are each 10.1MB lol.
<sparky01> why would the server report that it kept back server security patches?
<ScottK> Also don't forget to allow some extra for 8 bit / 7 bit conversion.
<ScottK> sparky01: It's the same as for any new kernel update.
<sparky01> ?
<ph4mp573r> so where is the size limit set Scott?
<nealmcb> sparky01: perhaps you need to dist-upgrade?
<ScottK> ph4mp573r: Add something like message_size_limit = 15360000 in main.cf and then reload postfix.
<sparky01> ScottK, are they kept back until they are more fully tested or something?  please help me understand
<ScottK> sparky01: Every kernel upgrade has a new package with is so you have to dist-upgrade to get it.  The fact that it's from security is no different.
<sparky01> ScottK, thanks so much. i got it
<ScottK> If you dist-upgrade and it's still held back, it means not all the packages are published yet and you should wait.
<ph4mp573r> ScottK: so I just have to add it, even if it's not there?
<ScottK> Yes.  The default, message_size_limit = 10240000, is implicitly there.
<mathiaz> ogra: is there reason to use nss_ldap in an LTSP infrastructure ?
<ph4mp573r> thanks ScottK that worked
<karlito>  anyone got experience setting Bind9 : I got everything set for my local network. I can dig, ntlookup and ping. but where do I set the address seen from the outside world. my static ip given by my ISP. Any doc ?
<sommer> karlito: check out the DNS section of the server guide: https://help.ubuntu.com/8.04/serverguide/C/dns-configuration.html#dns-caching-configuration
<karlito> the guide use private address that are not routable over the internet, but for my need I should substitute those address for one given by my ISP ? thank for the link.
<sommer> karlito: correct you'll want the fowarder addresses to be the ones from your ISP
<karlito> why the guide do not include real life exemple ? got any idea ?
<Deeps> because everyone can use those private ips, if it uses public ips it'll be specific to one person's configuration only
<sommer> yep yep
<karlito> got it. thank
<sommer> np
<maw_> has anyone successfully install VMware tools on 8.04 guest?
<x0r-> Anyone familiar with OpenLDAP and StartTLS? I have an issue starting TLS * TLS: warning: cacertdir not implemented for gnutls *
<Overand> Thesse days, should I be doing apt-get upgrade or aptitude upgrade?
<maw_> I was just reading the man about that, apparently apt-get is the quick method and not dependancy friendly
<maw_> quote from man:  under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed
<kirkland>  zul: a bunch of people are asking for php5-5.2.6 to be backported to Hardy, citing the unusually high number of security fixes (kees, ding ding) in the release
<kirkland> zul: see Bug #227464
<uvirtbot> Launchpad bug 227464 in php5 "PHP 5.2.6 fixes important security bugs" [Undecided,Fix released] https://launchpad.net/bugs/227464
<maw_> Overand: it seems apt-get dist-upgrade is best suited to handle current packages and any dependencies
<hads> apt-get or aptitude will be fine.
<ScottK> maw_: dist-upgrade is only needed if a new package is pulled in (as is normally the case for kernel updates).
<kees> kirkland: I'd like to get those fixed backported to all the stable releases... just haven't had time yet.
<kirkland> kees: backport of each patch is preferred over a merge of 5.2.6 ?
<kirkland> kees: one user is reporting that his schools network is blocking servers running php < 5.2.6
<kees> we don't do version bumps for PHP -- we backport fixes.
<kees> it's not a "merge" if it's to hardy.  :)
<kirkland> gotcha.
<kirkland> kees: well, at first glance, it looks like a *sizable* debdiff.......
<kirkland> (by my nascent standards)
<Overand> wow.  go 7zip - 9600megs of log files down to 145megs, heh
<kees> kirkland: well, you already found all the security bug fixes.  that'll be small.  It just needs some time and attention.
<kirkland> kees: ah, right, that detective work you sent me on a few weeks ago.... i hadn't made the connection until now  (light bulb)
<kees> :)
<maw_> ScottK: I was making my comment based on 'man apt-get' which defines upgrade as not being dependency friendly and dist-upgrade resolving dependency issues
<mathiaz> kees: pam modules are related to authentication - how would call the general domain that nss deals with ? authorization ?
<kees> mathiaz: hmm
<kees> mathiaz: they're really just directory lookup systems.
<kees> looking up lists of hosts, people, groups, etc.
<mathiaz> kees: right - I'm trying to find a good term for that role, but haven't got one yet
<mindframe->  is there anything that should be backed up in /var/ besides /var/log?
<ScottK> maw_: The practical distinction is will install a new package if needed
<mindframe-> this would be for a system restore situation
<kees> mindframe-: everything in /var is important.  :P
<nijaba> mindframe-: quite a bit, yes
<kees> mathiaz: "name service", though that's confusing with DNS
<kees> directory service?
<kees> that's confusing for LDAP
<ph8> Hi all, i'm trying to find a way of replicating filesystems across machines, for redundancy/resilience - i want to have two machines in failover and the files on each should match exactly if possible - is there a better way than an rsync crontab'ed every minute? Seems a bit messy
<nijaba> mathiaz: what are you trying to name?
<kees> nijaba: the role that nss fills
<mathiaz> nijaba: pam -> authentication; nss -> ?
<ScottK> ph8: If you want bi-directional replication you might want to look at unison
<nijaba> mathiaz: directory lookup service is what comes to my mind
<nijaba> ph8: what about a shared block device such as DRBD?
<kees> in addition to drbd, there's also clustered file systems, but I've never worked with them.
<slimjim8094> hey guys - trying to do a ddns-update  between my dhcp-server and bind (same box)
<kees> doing a md raid1 on top of physical + drbd was what I wanted to try, but it required that the machines never mounted it at the same time.
<slimjim8094> it's not working - anybody know what's up?
<kees> slimjim8094: I'm not much help, I haven't used ddns :(
<slimjim8094> i think i get errors...
<slimjim8094> i was just about to muck around with it for a bit more
<ph8> sounds ideal nijaba and ScottK, i'll probably try DRBD, thanks
<mathiaz> nijaba: what do you think about this: http://people.ubuntu.com/~mathiaz/network_auth_integration.png ?
 * nijaba looking
<mathiaz> nijaba: I've tried to summarize the option for network authentication scenarii
<nijaba> mathiaz: I think you summarized quite well the options we cant to cover for interepid :)
<mathiaz> nijaba: cant ?
<nijaba> errr. s/cant/can
<nijaba> errr... x 2 s/cant/want
<nijaba> duh
<mathiaz> nijaba: I was asking about the nss role in order to qualify the components in blue
<mathiaz> nijaba: the components in red deal with authentication, the blue deal with ?
<nijaba> mathiaz: so that's what I call the directory lookup phase
<mathiaz> nijaba: right - often this is part of the authorization phase
<nijaba> authentication has 2 phase: directory lookup and credential checking
<nijaba> authorization has 2 phases: directory lookup and right computation
<nijaba> note that in order to authenticate someone using only its cn, for example, you will first need to search for it's dn, this is what the directory lookup stands for
<nijaba> in the authorization phase, you will do a directory lookup to see what objects are linked to your dn and acculate right inherited by it
<nijaba> you then check it against your rules to see if anything matches (or not)
<nijaba> mathiaz: does this help?
<mathiaz> nijaba: yes - thnaks
<ph8> If i read 'failover to seperate location over fiber-optic ring' - does the fibre-optic mean anything? Should i just approach the application like it's got a normal internet connection or is there some super-secret ring language i'm likely to need to talk? (i.e. making a pair of failover machines, i'd probably have them act as primary+secondary NSes, so if one fails - the other is active)
<nijaba> ph8: where is this sentence coming from?
<nijaba> ph8: I would say that it just means that if you want to have two systems in failover that are not within Ethernet reach, a fiber optic link is highly recommended to avoid latency problems
<ph8> It's what I was told to design, a 'resilient FTP cluster of two machines' with Fail-over to separate location over fibre-optic ring
<ph8> ah i see, so the machine would have two connected ethernet ports essentially
<ph8> and i'd somehow have to confirm DRBD to use the fibre
<nijaba> ph8: so the 2 machines are not in the same location?  or the separate location has another set of machines?
<infinity> Not ethernet, FDDI.
<ph8> since that's uber-fast
<ph8> one machine in each DC yep
<infinity> (There are differences...)
<ph8> oo neve rheard of one of those
<ph8> thanks
<infinity> But, I suppose, for a point-to-point connection, the differences are meaningless to most people. :)
<infinity> A "ring" of two machines isn't much of a ring.
<ph8> indeed :p
<hads> heh
<ph8> ok so that's not actually too complicated
<nijaba> infinity: one could argue that the minimal expression of a ring
<ph8> that's good
<ph8> (or is it? :p)
<infinity> nijaba: Well, it's still technically a token ring network.  The "token" bit being the key here.  But I might argue the "ring" aspect a bit. :)
<nijaba> infinity: you win ;)
<infinity> (And the practical differences between token ring and carrier detect/select are miniman when it's a point-to-point connection)
<infinity> minimal, too.
<nijaba> ph8: people that have experience building such architecture are generally well paid, if that helps define "complicated"
<infinity> Neat, I'm well-paid.
<nijaba> I would hope you are, infinity
<RoAkSoAx> lol.. i wanna be well paid when i start working :P
<infinity> nijaba: If you could be so kind as to convey this information to my bank account, I'd appreciate it.
 * nijaba googling for your bank acount number :P
 * nijaba talk to him -> said to see with your employer ;)
<nijaba> ok, enough fun for tonight, time to go to bed
<infinity> G'night. :)
 * RoAkSoAx has to wait like 6 more hours to go to bed :P
<ph8> I think i'm getting the architecture, just got to make the machines :-)
<ph8> Should be a good summer project
<RoAkSoAx> ph8: what's your summer project?
<ph8> see above
<ph8> nn
<LeChacal> hello, with the new kernel update that came out i for the desktop was going to upgrade my server but i only have remote access right now and i was wondering if it would be smart to update remotely and if i can how should i do it? because will take about 20+ min to download the update and by that time my ssh session will have timed out does that matter?
<RoAkSoAx> a ftp server in master/slave with DRBD data replication?
<hads> LeChacal: Use screen
<LeChacal> hads: that is what i was going to do but wondered if that was a safe thing to do
<hads> and your server must have a really slow connection.
<LeChacal> hads: thank you i will do that
#ubuntu-server 2008-06-04
<zul> kirkland: im not wild about it (php backport for hardy)
<ajmitch> zul: too many changes?
<infinity> New PHP versions always mean new bugs.  And broken interfaces.
<zul> kirkland: gimme half an hour we can discuss I need to put liam to bed
<infinity> Never a good candidate for a stable release.
<zul> kirkland: its seems like a flimsey excuse to backport 5.2.6 besides the security fixes will be applied eventually and he could always build it himself as well
<kirkland> zul: okey doke.
<kirkland> zul: let the security-fix-backporting begin ;-)
<zul> kirkland: yep
<zul> and what infinity mentioned as well
<kirkland> fyi, i chased those down for kees a few weeks back, i have them in my changelogs somewhere
<kirkland> s/changelogs/irclogs/
<kirkland> soren has me thinking 'changelogs' at the moment ;-)
<kirkland> zul: cool, could you add comments to that bug to that effect?
<zul> kirkland: sure
<kirkland> zul: i'll add my irclog research as a comment to
<kirkland> zul: basically, a stack of urls to the precise php commit messages
<kirkland> zul: of those security issues
<Filefly> i'm running a small fileserver with two identical drives in raid 1... is it possible to copy data from a drive that was previously in a raid 1 array, for example if i formatted one of the two drives and wanted to copy some data from the second one?
<slimjim8094> yes
<slimjim8094> could i tell you how? no :)
<slimjim8094> but that's the point of mirror-raid, so i imagine it's doable...
<slimjim8094> i mean, imagine you had a drive crash and had to replace the drive...
<slimjim8094> the point of raid-1 is that there's no interruption and you lose no data...
<slimjim8094> i think it's called 'rebuilding the raid'
<slimjim8094> but
<slimjim8094> i couldn't tell you how... :(
<Filefly> okay
<Filefly> here's my situation
<Filefly> i am running the raid1 array and i would like to reinstall the OS without having to back up everything, as i don't have enough room anywhere else
<slimjim8094> is the os on your raids?
<Filefly> i want to install the OS on one drive, copy my data from the other mirrored drive, then format that drive as well and add it back to the array
<slimjim8094> well i imagine you could probably
<slimjim8094> de-raid and remove disk 2
<slimjim8094> install os like normal
<slimjim8094> install second disk and say that it's part of a raid - and that it has the data
<slimjim8094> ...twiddle your thumbs...
<slimjim8094> you're done
<Filefly> basically my question is... is there a special procedure for mounting a drive that was once part of a raid1 array?
<slimjim8094> i don't think so
<Filefly> okay
<slimjim8094> but again, i've never even done a raid
<slimjim8094> so you shouldn't be listening to me
<Filefly> so in theory, in order to pull my data, (i'm guessing) i can just mount hdb1 as usual
<Filefly> okay, not listening :)
<slimjim8094> yeah
<slimjim8094> mount -o ro
<slimjim8094> to be safe
<Filefly> fantastic, that's a BIG help
<slimjim8094> but you're not listening to me
<slimjim8094> oh god damn
<Filefly> lol
<slimjim8094> you're not listening to me, right?
<slimjim8094> good
<Filefly> no sir.
<slimjim8094> very nice
<kirkland> Filefly: definitely mount -o ro
<slimjim8094> i'd say, mount it read-only
<slimjim8094> and see what happens
<slimjim8094> alright, i gotta go
<slimjim8094> see ya
<Filefly> thanks
<Filefly> kirkland: can i mount the partition as if it was never part of the array?
<kirkland> Filefly: is the partition marked "Linux RAID" ?
<Filefly> i'm afraid i'm a bit of a noob
<Filefly> how do i check?
<kirkland> Filefly: and is the md device formatted directly to a filesystem?  ie, you're not running LVM on top of RAID, are you?
<Filefly> no, no LVM
<kirkland> Filefly: fdisk -l /dev/hd?
<Filefly> okay one moment
<kirkland> Filefly: okay, then, yeah, mounting the RAID1 is very straight-forward
<kirkland> Filefly: i can't stress enough, though, the importance of mounting it readonly -o ro
<Filefly> here's this, too
<Filefly> md0 : active raid1 sda2[0] sdb2[1]
<Filefly>       116238208 blocks [2/2] [UU]
<Filefly> i assume i can format and install the os, then mount sdb2 and pull my data from it
<kirkland> Filefly: right
<Filefly> can you explain why it needs to be ro?
<Filefly> i will do it of course.. just curious
<kirkland> Filefly: safety measure
<Filefly> okay
<kirkland> Filefly: in the case that you wanted to boot your old system, you could using sdb
<Filefly> okay
<Filefly> that's a big help
<kirkland> Filefly: if you (accidentally) muck with the meta-data on sdb, then it wouldn't be bootable
<kirkland> Filefly: i should say "might not be bootable"
<Filefly> right, that i get
<Filefly> i'm computer-savvy, but i only rudimentarily understand the workings of raid... that definitely answers my question
<zul> kirkland: http://pastebin.com/d25280947
<Filefly> thanks very much for your help
<kirkland> zul: works for me
<kirkland> zul: i previously offered to put one in my PPA...  i can do this if people really start griping (unsupported, of course)
<zul> kirkland: they could always ask for a backport from the backports team but I dont know what state that team is, but yeah thats a choice
<kirkland> zul: right, well, it might help the backports team if something is in my ppa, right?
<zul> kirkland: yep
<kirkland> zul: since I already did the work merging for intrepid, it seems incremental for me to just build the package for hardy, no?  (supporting it, obviously, is a hugely different ordeal)
<zul> kirkland: its your ppa but it depends if the build-depends have changed
<kirkland> zul: those were minimal, i'll try a local build
<zul> but you already built it before for hardy so that doesn even matter :)
<nxvl> zul: ping
<zul> nxvl: yo
<zul> nxvl: whats up?
<nxvl> did you make any changes to my patch on the reload bug
<nxvl> on nagios?
<zul> nxvl: I believe I did
<nxvl> you remember what changes
<nxvl> just to know
<zul> yeah the init script
<nxvl> but i mean
<zul> and the maintainer field
<nxvl> to my patch
<nxvl> Bug #236373
<uvirtbot> Launchpad bug 236373 in nagios2 "'/etc/init.d/nagios2 reload' causes nagios to exit (sends SIGTERM not SIGHUP)" [Low,Fix released] https://launchpad.net/bugs/236373
<zul> nxvl: im not getting you and Im about to leave for tonight can you send me an email
<nxvl> i mean...
<nxvl> ok, doesn't matter
<nxvl> i can run debdiff later
<nxvl> when i get my ubuntu machine
<nxvl> :D
<nxvl> thnx
<nxvl> btw
<nxvl> zul: you haven't send me an e-mail of the SRU you wanted me to test
<SpaceBass> hey folks
<SpaceBass> I upgraded from 7.10 to 8.04 and am having some authentication issues ... I need to reconfigure libnss-LDAP but when I run dpkg-reconfigure libnss-ldap   nothing happens
<SpaceBass> is just returns a bash prompt
<sommer> SpaceBass: just to double check... are you doing sudo dpkg-reconfigure ?
<SpaceBass> sommer, i am
<SpaceBass> sorry for omitting that :)
<sommer> hrmm, strange
<SpaceBass> i know, right?  ... wonder if there is a verbose mode
<sommer> SpaceBass: you can always edit the /etc/ldap.conf file by hand :)
<SpaceBass> sommer - no opposed ...but which one? /etc/ldap/ldap.conf or /etc/ldap.conf
<SpaceBass> s/no/not
<sommer> SpaceBass: for authenticating to ldap /etc/ldap.conf is the main one... it replaced /etc/libnss-ldap.conf (or whatever the old file was)
<sommer> and I believe the dpkg-reconfigure simply changes settings in that file
<SpaceBass> which I suspect is why broke my authentication to OpenDirectory in the first place
<SpaceBass> the replacement of those two files
<sommer> SpaceBass: I could be wrong about that though
<nxvl> dpkg-reconfigure simply calls debconf rutines
<nxvl> maybe that package doesn't have any
<sommer> SpaceBass: nope that's the file I was thinking of /etc/ldap.conf, heh
<SpaceBass> when its first installed, there are prompts
<nxvl> you can always apt-get remove --purge and reinstall :S
<SpaceBass> ahhh purge
<SpaceBass> didnt try it that way
<nxvl> but keep a backup of your files before
<nxvl> if you have make some changes
<sommer> SpaceBass: ah, I think you're looking for sudo dpkg-reconfigure ldap-auth-config
<nxvl> oh yes, you need to use sudo
<SpaceBass> actually I'm using root - I know, I know...but until I can get auth working again, I cannot log in as anynone else...had to drop to recovery just to get a root shell
<sommer> SpaceBass: yep, dpkg-reconfigure ldap-auth-config... will give you the prompts
<SpaceBass> sommer, thats it! thanks!
<sommer> np
<sommer> the packages were reconfigured so things are slightly different from 7.10 to 8.04, but hopefully better for the long run
<SpaceBass> seems like easier management, from what I've read
<SpaceBass> alright! at least getent passwd works
<SpaceBass> thanks guys
<sommer> SpaceBass: party!
<SpaceBass> the new /etc/ldap.conf doesnt replace the pam.d/common-* files does it?
<sommer> nope just the files needed to configure libnss-ldap
<SpaceBass> just double checking
<sommer> you should still see an entry for ldap.so (or whatever) in those files
<cjsstables> evening all.  anyone want to work with me on file permissions issues?
<cjsstables> Doesn't look like my last message went through
<cjsstables> oh ther eit is
<cjsstables> I have 3 directories set up to share on my server.  Sharing is exported with nfs and Samba.  the three directories are /public (completely open, any user can read write or execute. this includes windows users /ldap/users/or any unauthenticated client
<cjsstables> the second directory is /business.  also a nfs share and samba share.   only persons from LDAP authentication can access this share and they must belong to the businness group.  the should have complete control over anything in the share.  anything they creat in the share can be controlled by anyone else that has access to the share.
<cjsstables> the third share is /private.  this is an nfs and samba share with only one user having access and no other user can do anything in the share.
<cjsstables> can someone out there help me to get this set up correctly
<SpaceBass> does 8.04 not use  /etc/fstab?
<hads> It does
<SpaceBass> appears my raid did not start after the upgrade to 8.04
<SpaceBass> thinks theres only 2 devices
<ajmitch> check what devices are being looked at in mdadm.conf?
<SpaceBass> thats what is odd...no devices listed ARRAY /dev/md0 level=raid5 num-devices=4 UUID=7b94174d:9827fba7:9d356db8:2532e22e
<ajmitch> right, apparantly it defaults to looking at all partitions if no DEVICES line is there
<ajmitch> (from a quick look at man mdadm.conf)
<SpaceBass> odd - all the partitions appear to be present
<ajmitch> it's been awhile since I looked at it, but does mdadm --assemble /dev/md0 bring up the array now with all devices?
<SpaceBass> says theres only 2 (out of 4) devices
<ajmitch> odd
<SpaceBass> yeah, b/c they are all there
<SpaceBass> trying to figure out how to manually sepcify them
<ajmitch> I thought it ccould possibly have been that the devices weren't known in time for mdadm to run at bootup, not that it should possibly happen now
<SpaceBass> yeah, dmesg shows some errors like that might have been the case...but it should assemble now
 * SpaceBass smells a downgrade 
<ajmitch> what sort of errors?
<SpaceBass>  484.709354] md: unbind<sdd1>
<SpaceBass> [  484.709359] md: export_rdev(sdd1)
<SpaceBass> [  484.709368] md: unbind<sdb1>
<SpaceBass> [  484.709370] md: export_rdev(sdb1)
<SpaceBass> [  484.709376] md: unbind<sde1>
<SpaceBass> [  484.709379] md: export_rdev(sde1)
<SpaceBass> [  484.709383] md: unbind<sdc1>
<SpaceBass> [  484.709386] md: export_rdev(sdc1)
<SpaceBass> [  484.757276] md: bind<sdc1>
<ScottK> SpaceBass: When you upgraded how did you do it?
<SpaceBass> the built in distro upgrade command
<ScottK> SpaceBass: You mean do-release-upgrade or using apt?
<SpaceBass> do-release-upgrade
<ScottK> OK.  There's one set of problems that can happen if you use apt (I know), so that's ruled out.
 * ajmitch hasn't played around with raid problems for a year or so, so is rusty
<SpaceBass> i am too...b/c its just worked
<ajmitch> since I was fortunate to have mdadm & lvm just work on upgrade
<SpaceBass> haven't had the need to play around
<SpaceBass> i guess I can re-create ...but that scares the crap out of me
<ajmitch> and it really shouldn't be necessary
<ajmitch> unless somehow the raid metadata disappeared from those other devices, or was corrupted
 * ajmitch knows that you can use mdadm to examine each partition & print out what the metadata is
<ajmitch> just can't recall the command
<SpaceBass> mdadm --examine
<SpaceBass> but I'm in "assemble" mode so it won't let me
<ajmitch> ah, mdadm --misc --examine?
<ajmitch> unsure if both are required
<ajmitch> from what --help says, it's not
<SpaceBass> hummm...no subperblock detected
<SpaceBass> according to the verbose output...they all have the wrong uuid
<ajmitch> strange, to say the least
<SpaceBass> yeah
<SpaceBass> I'm fairly concerned ...to say the least
 * SpaceBass thinks he's lost 2TB of data
<hads> Na surely not.
<SpaceBass> how can I fund the uuids of each partition manually? then use them to update mdadm.conf?
<SpaceBass> ^^is googleing now
<uvirtbot> SpaceBass: Error: "^is" is not a valid command.
<hads> Have you tried assembling the array specifying the devices?
<SpaceBass> interesting ...each of the 4 partitions has the same uuid ... the same uuid that is in mdadm.conf
<SpaceBass> hads, I cannot find how to do that...that was my first instinct
<SpaceBass> hads, I tried simply listing them:
<SpaceBass> mdadm --assemble /dev/md0 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1
<SpaceBass> but I get: mdadm: /dev/md0 assembled from 2 drives - not enough to start the array.
<hads> That looks right from memory, not that I know that much about mdadm
<SpaceBass> and since we're quiet tonight...here's the verbose output...even more strange
<SpaceBass> mdadm: looking for devices for /dev/md0
<SpaceBass> mdadm: /dev/sdb1 is identified as a member of /dev/md0, slot 3.
<SpaceBass> mdadm: /dev/sdc1 is identified as a member of /dev/md0, slot 0.
<SpaceBass> mdadm: /dev/sdd1 is identified as a member of /dev/md0, slot 1.
<SpaceBass> mdadm: /dev/sde1 is identified as a member of /dev/md0, slot 2.
<SpaceBass> mdadm: added /dev/sdc1 to /dev/md0 as 0
<SpaceBass> mdadm: added /dev/sde1 to /dev/md0 as 2
<SpaceBass> mdadm: added /dev/sdb1 to /dev/md0 as 3
<SpaceBass> mdadm: added /dev/sdd1 to /dev/md0 as 1
<SpaceBass> mdadm: /dev/md0 assembled from 2 drives - not enough to start the array.
<SpaceBass> sorry for the flood
<ajmitch> from what I see in the mdadm help, it looks at both UUID & superblock information
<hads> Does `mdadm --examine /dev/sd{b,c,d,e}1 | grep UUID` show the same UUID?
<SpaceBass> hads, duno...let me try that
<SpaceBass> yeah, all the same uuid (same result as vol_id /dev/sd.... )
<hads> As I said, I don't know mdadm that well so don't know how much help I can be sorry.
<SpaceBass> you both have helped me troubleshoot - thats the most anyone can ask for...thanks!
<SpaceBass> interestingly ... the results for mdadm --examine /dev/sdd1 and sde1 are slightly different than sdb1 and sdc1
<hads> Perhaps you could assemble with --update
<ajmitch> how slightly different? superblock?
<ajmitch> there is the --force option as well, but I don't know if that's safe
<SpaceBass> yeah...see that...but doesnt feel safe :)
<SpaceBass> guessing I have to recreate and hope the data is there
<ajmitch> that's probably the least safe option :)
<SpaceBass> not sure what else to do :(
<SpaceBass> seems to think sdd1 and sde1 have no superbloks
<hads> Well update looks like it should fix that
<SpaceBass> well I gotta take a break and call it a night
<SpaceBass> thanks again for the help
<ajmitch> bye, sorry we couldn't help enough
<SpaceBass> troubleshooting help is great
<SpaceBass> tried to recreate it (as some blogs suggest its non destructive) and sdd1 and sde1 report as "too small" ....very odd indeed
<SpaceBass> might run spinrite against them to make sure they are not damaged
<SpaceBass> but cannot fathom how the upgrade to 8.04 would have hosed physicial disks
<SpaceBass> anyway....night all!
<_CitizenKane_> Is it possible to change the size of the varrun filesystem?  Mostly right now I have a server where it is completely full, and it's causing some problems
<ajmitch> what is being stored on /var/run that is takin so much space?
<_CitizenKane_> ajmitch: it seems that mysql is storing binary logs there
<hads> That would be odd.
<hads> They should be in /var/log
<_CitizenKane_> well, maybe i'm incorrect with this, the filenames are like this, mysqld-relay-bin.000004
<hads> Well nothing should be stored in /var/run except pid files and sockets etc. as it's tmpfs
<_CitizenKane_> hads: ya, i know that, this mysql server is just replicating from another one, but I don't know why there would be binary logs in /var/run
<hads> grep "/var/run" /etc/mysql/my.cnf
<_CitizenKane_> socket          = /var/run/mysqld/mysqld.sock
<_CitizenKane_> socket          = /var/run/mysqld/mysqld.sock
<_CitizenKane_> pid-file        = /var/run/mysqld/mysqld.pid
<_CitizenKane_> socket          = /var/run/mysqld/mysqld.sock
<_CitizenKane_> sorry, should have done a pastebin, i got a little lazy
<hads> Well I don't know that much about mysql replication but there should be a log_bin directive in my.cnf which it should honor
<ajmitch> especially as /var/run is on a tmpfs usually
<_CitizenKane_> hads: turns out its a bug
<_CitizenKane_> http://arjen-lentz.livejournal.com/115899.html
<ajmitch> though the linked bug says it's foxed in hardy
<ajmitch> s/fox/fix/
<_CitizenKane_> ajmitch: this server is on feisty, so no fix yet i guess
 * ajmitch wonders if it'll be a candidate for fixing in earlier releases
<_CitizenKane_> ajmitch: I hope so, but at least there is a work around
<ajmitch> thankfully so
<_CitizenKane_> because this bug is breaking nearly everything on this server =/
<ajmitch> with /var/run full, not much else is going to start if it fails on storing pid files
<_CitizenKane_> ajmitch: ya, that was the problem I was having, samba started acting up out of nowhere
<hads> Ah that's a bummer, at least you found info relating.
<hads> Easy workaround
<_CitizenKane_> hads: yep, and thanks for the help
<hads> No problem, didn't actually help :)
<_CitizenKane_> hads: it's the thought that counts ;)
 * ajmitch thinks hard about beer & hopes it counts
<ajmitch> getting closer to that time of day :)
<hads> It's nearly middle-of-the-week-beer-o'clock :)
<hads> heh
<Ashfire908> Are the Magic SysRq keys enabled for the server kernel?
<kraut> moin
<spiekey> hi
<spiekey> does anyone know how i can get the refresh time with dig?
<InsomniaCity> by refresh time, do you mean TTL?
<catalao> Hi
<catalao> I need some help
<catalao> who can help me?
<catalao> :)
<InsomniaCity> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<catalao> ok, sorry :). I'm a school teacher and i'm configuring a ubuntu server with PDC - samba and Ldap, and I need to get redirect the "My Documents" to go direct to the home folder of my server
<catalao> i have the netlogon script
<catalao> and i have a file shortcut.vbs . I think maybe it's here where i have to put the code??
<catalao> I'm not english, sorry for my write
<cjsstables> morning all.  trying to resolve the following issue.  when a authenticated network user writes a file to an exported NIS share the following permission and ownships result.     -rw-r--r--  userxxx Domain Users.  This is the default.  how do I change the default save the file with -rwxrwxr-x Domain Users Domain Users
<soren> Change your umask
<soren> ...to 002.
<soren> /etc/login.defs
<cjsstables> ok.  I'm not familiar with umask  what would the umask number be?
<soren> 11:49:37 < soren> ...to 002.
<Kamping_Kaiser> cjsstables, umask is the oposite to the file permissions numeric value you want to finish with
<cjsstables> thanks soren,  you have benn quite a help for me.  I have an excellent server so far. and now just finishing it up with network shares..
<soren> cjsstables: :)
<Kamping_Kaiser> soren, is the umask set on nfs server or client?
 * Kamping_Kaiser found a rather nice way of setting umask via pam today (and was happy when it worked)
<cjsstables> next question.  do I modify the /etc/login.defs on the server side or client side?
<soren> Kamping_Kaiser: client.
<soren> cjsstables: client :)
<Kamping_Kaiser> nod. ta. :)
<cjsstables> ok.  next question.  is it possible to only specify the umask for specific directories or will it apply to all directories
<Kamping_Kaiser> all dirs. you'd have to do seperate one differently
<soren> It's used by the open(2) and mkdir(2) system calls, which are invoked on the client.
<cjsstables> my concern is that my /ldaphome directory would end up having files witten with the wrong permissions.  that directory and the writes are working perfectly rite now and don't want to mess it up
<cjsstables> soren:  looks as though I may not want to do that.  the login.defs narrative recommends not to use UMASK.  Am I better off not using an nfs share and only use a samba share with samba configured to force the permissions and groups on writes?
<soren> It's an option, sure.
<Kamping_Kaiser> you can export nfs with a mask per export cant you?
<Kamping_Kaiser> annyway. night
<cjsstables> ok.  next question.  all linux clients use an xfce desktop that doesn't have a means to browse smb shares.  Also is there a way to automount those smb shares based on the user login?
<ikonia> cjsstables: look at nis maps ?
<ikonia> cjsstables: autmounter ?
<cjsstables> kamping_keiser...  can you explain that further
<ikonia> Kamping_Kaiser: sure, in the exports file under the options you can set mask
<cjsstables> ahhh...  thats it.  thats what I needed.
<cjsstables> ikonia.  right now all clients have the export automounted through /etc/fstab.  I was looking for a solution to do that with samba, but I have seen you have to have a user and password to get them mounted.  That isn't convienient for me
<ikonia> cjsstables: well you can do it in the export section and use a mask, or look at tools like automount
<cjsstables> ok.  I'm going to go and research that.  thanks for the help guys
<cjsstables> bye
<Kelerion> hey hey guys
<Kelerion> quick question... i have just got a t2000 sparc back from storage and am playing about with it... when i got it originally i managed to put 6.06 on it... which is now obviously out of date... which version should I look at putting on it with a fresh install? I tried 8.04 last night but its giving problems... is it the officially supported version for these sparcs?
<ikonia> sparc is dead
<ikonia> it's a community distro now
<ikonia> the T2000 is also the latest Sun chip so generic sparc stuff doesn't work properly on it unless done through solaris (%100 binary compatability )
<Kelerion> which is why it is now in ports?
<Kelerion> but there is still an 8.04 image... so someone must be still maintaining it
<ikonia> http://drwetter.org/coolthreads/t2000.Ubuntu_vs_Solaris10_3.html
<ikonia> Kelerion: sorry, didn't mean to miss-lead, most of it gets auto built from the repo, and there are "people" maintaining it
<Kelerion> ah
<Kelerion> ok..reading that page :)
<ikonia> Kelerion: its a tad dated, but does give you an idea
<Kelerion> ok...
<Kelerion> well hmph... lol
<Kelerion> makes me wonder though... if the SAS controller driver was implemented in edgy...  wouldn't it still be in hardy?
<Kelerion> anyways... not important
<Kelerion> doesn't seem to leave me with my options... mainly, go back to solaris...
<lukehasnoname> opensolaris?
<Kelerion> i don't know solaris *at all*.. to be honest...
<Kelerion> might be a good time to learn a new OS.. lol
<lukehasnoname> http://www.nexenta.org/os
<lukehasnoname> kelerion check it
<lukehasnoname> nvmd
<lukehasnoname> not sparc
<Kelerion> well damn...that was looking promising too.. lol
<Kelerion> it's ok... i don't mind playing around with a new OS.. its all in the learning, right...
<lukehasnoname> OpenSolaris would be interesting to toy with
<lukehasnoname> so would OpenBSD
<\sh> opensolaris is nice
<\sh> actually the zfs thing...
<lukehasnoname> ya, that sounds really cool
<lukehasnoname> not that I'm a filesystem guru
<Bom> hello, I am new to ubuntu and want to setup a media server that can be accessed from my LAN and remotely.
<Bom> would it be best to use standard ubuntu or the server edition
<Bom> I have an old Proliant ML330 that I would like to use. Is this machine sufficient or???
<lukehasnoname> You probably wouldn't use standard ubuntu
<lukehasnoname> Don't go on my word alone, but check out Ubuntu Studio, Mythbuntu, and Ubuntu Server.
<mok0> Hm, new kernel today.
<lukehasnoname> -18?
<mok0> lukehasnoname: yes
<lukehasnoname> Is the "-18" part an Ubuntu specific edition?
<lukehasnoname> the 2.6.24-xx
<mok0> lukehasnoname: yes, that's the build number
<fbc> are there any good router guides that will show you how to prioritize traffic or apply bandwidth limits to certain machines(or both) by mac address??
<lukehasnoname> Isn't that called QoS (Quality of Service)?
<fbc> maybe even with a gui? do I hear laughter?
<fbc> lukehasnoname, yeah...
<lukehasnoname> as far as by mac address, I don't kow
<lukehasnoname> know
<lukehasnoname> All I see so far is iptables
<arakthor> is it ebtables that uses MAC addys?
<fbc> arakthor, don't know... but weren't you the guy that deleted his samba config files??  that was pretty funny.
<fbc> arakthor, I'll look into ebtables...
<fbc> What I'm trying to get is close to the same effect as this product http://www.softperfect.com/products/bandwidth/
<fbc> You can turn on/off, and limit bandwidth by mac and prioritize traffic. So I think the QOS is pretty well documented, but the other stuff it seems near impossible to find.
<arakthor> no, I didn't delete my samba config files :)
<pschulz01> fbc: Greetings.. I'm interested in somethign like that as well.
<fbc> pschulz01, hehehe,, you want the winning lotto numbers too?
<pschulz01> fbc: Useful diagram.. http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png
<pschulz01> fbc: Do you have them?
<fbc> pschulz01, nope. sorry...:-P
<pschulz01> fbc: I used to work for these guys.. http://netpriva.com/
<pschulz01> fbc: We worked on somethign that does exactly what you're after. I left 2 years ago, and was thinking that there should be a way to do exactly the same thing, but in the FOSS world.
<fbc> pschulz01, cool, yeah I would like guide that would walk you through it. Maybe even throw a little squid config in there...
<pschulz01> fbc: I was thinking of something along the lines of a 'config file' that then get's converted into the low level ip/eb tables commands.
<danshearer> fbc: one way of doing this is to set up traffic shaping using tc
<pschulz01> danshearer: Howdy :-)
<fbc> pschulz01, I figure that kind of setup is what 95% of businesses need.. somethign that can control and limit like that, and I'm trying to replace the windows server at my workplace with ubuntu, but the boss says it needs to do everything the old server did.
<danshearer> fbc: and then using iptables to stamp packets depending on the user or other criteria
<danshearer> fbc: A template for doing this and with stamping code but not discrimination by user can be found at
<danshearer> fbc: http://shearer.org/Linux_Shaping_Template
<fbc> danshearer, tc?? cool.. I'll look into it...
<danshearer> pschulz01:  you again! g'day :-)
<pschulz01> danshearer: The problem with tc as I was aware, was that whatever you came up with (rate limiting) it had to be redone when you wanted to add an additional service.
<danshearer> pschulz01: what does "redone" mean here?
<pschulz01> re-done.. the tc setup required various parameters for bucket sizes (token buckets) etc.
<pschulz01> I need to revisit tc and see if there have been new developements.
<fbc> danshearer, Is there a high level tool that will create all those config files for you? maybe even a gnome gui?(try not to laugh)
<danshearer> pschulz01: well, you don't have to "tc qdisc del dev  eth0 root" every time
 * lukehasnoname laughs in spite
<danshearer> pschulz01: but even if you did, is that a major problem? like re-running your iptables script, it's very quick and the kernel
<danshearer> pschulz01: doesn't drop packets or anything although I guess the QOS for some few packets might be slightly indeterminate
<pschulz01> danshearer: probably not.. the idea was to be able to add additional channels incrumentally.
<danshearer> pschulz01: ah, you mean, if you have already allocated your full bandwidth among 3 classes and
<pschulz01> danshearer: Some of the queuing disciplines will drop packets when you remove the queue.
<danshearer> pschulz01: then you want to add a 4th class?
<danshearer> pschulz01: but not HTB, I think? Which, unless you are pretty specialised, should be ok for most people?
<pschulz01> danshearer: Well.. I would like to have a pool of channels (eg. for voice)
<danshearer> pschulz01: Hey, but you're the one whose run a firewall company not me so what would I know :-)
<pschulz01> danshearer: .. and be able to allocated them as required.
<pschulz01> danshearer: I have some pretty wallpaper.
<Deeps> lartc.org
<danshearer> pschulz01: Right, so you're getting into hairy tc-foo. As I say on the web page, tc filters are complex and yukky
<danshearer> Deeps: lartc.org can be as much of a hinderance as a help (unless they have updated docs recently. Beware the 2.4 kernel docs.)
<danshearer> Depps: some of the diagrams really help though
<fbc> danshearer, pschulz01 , ok so what direction do I go in? I have kids here on campus using bittorrent(that needs to stop). I have kids using school computers for internet access, which should only be used for learning.(those need to have internet access removed totally). So this is why I need to be able to turn internet access on and off by mac, and limit bandwidth for others, and restrict certain other machines to only certain ports.
<danshearer> fbc: if you are comfortable starting with a partial solution today, and then building on that, I'd be surprised if
<danshearer> fbc: the tc template I gave you wasn't a fairly low-pain way of solving your most pressing problems first
<danshearer> fbc: it deliberately doesn't use anything very clever or complicated
<fbc> danshearer, Yeah, for sure.
<danshearer> fbc: because otherwise I'd just confuse myself worse than usual
<danshearer> fbc: stopping bt can be just an iptables thing
<danshearer> fbc: there's a fairly simple firewall script up there too somewhere
<danshearer> fbc: ah yes, in the comments: http://shearer.org/Linux_Firewall_Template
<lukehasnoname> hey, fbc, might I ask what university you work for? If that's confidential, I understand.
<lukehasnoname> nvmd, I'll PM you
<danshearer> fbc: think of this as the not-very-clever-way of doing firewalling and bandwidth shaping
<pschulz01> They are just about to activate the new toilet pump on the International Space Station
<fbc> nope, it's unives, here in guadalajara, Mexico...
<danshearer> fbc: there are people present who can give much more complete answers
<fbc> Small startup
<danshearer> pschulz01: You mean they will be able to boldly go once again?
<pschulz01> The words 'high pressure' and 'toilet' are not words that you'd like to hear in the same sentance.
<pschulz01> danshearer: Yep.
<danshearer> pschulz01: You obviously haven't spoken to any submariners. Wander down to Port Adelaide mate
<fbc> yeah, is it a toilet or an enima machine?
<pschulz01> Not recently.
<lukehasnoname> Adelaide? Mate? Are you from Ireland?
<lukehasnoname> <_<
<danshearer> fbc: they cracked that one in WW2
<fbc> danshearer, meant enema
<danshearer> fbc: sorry, got lost in the flow
<lukehasnoname> too much pressure? lol
<fbc> danshearer, lol
<fbc> danshearer, which part of that script turns off internet access... what what little I can understand from reading the syntax there doesn't seem to be anything there for that.
<fbc> it would probably be helpful for most people to compartmentalize the script maybe into smaller files. like apache2 does..
<fbc> like /etc/tc/macs.allowed and /etc/tc/ports.allowed or something similar you automatically know where to look for something and where to put it.
<fbc> and just add INCLUDE /etc/tc/macs.allowed in the main script.
<danshearer> coffeedude: g'day
<coffeedude> hey danshearer
<danshearer> fbc: that's what I meant about iptables, you'd do that over on your firewall
<danshearer> fbc: these two things work in concert
<danshearer> fbc: the firewall disallows everything and you selectively allow things you want
<danshearer> fbc: and then you stamp packets you want shaped particularly
<danshearer> fbc: all other packets get shaped according to the default policy
<danshearer> what pschulz01 said is quite right, tc has its limitations but this is one way to get you going
<jambooda> Hey does anyone have any experience with Ubuntu Server on a Dell PowerEdge R805
<danshearer> fbc: as to splitting it up, nearly all of those two files are comments showing you what to modify and when
<danshearer> fbc: so I can't quite see what the thousand little files approach would add here :-)
<jambooda> I'm particular just looking for info on compatibility.  Any snags on getting it installed and configured
<danshearer> fbc: sure that stuff is very helpful for automated administration and so on. and if you were creating a managed facility
<danshearer> fbc: on debian or something.
<fbc> danshearer, yeah, I guess it's just my stab at not having one humongous config file. My mac addess of allowed machines might hit 300 lines.. so that's was why the compartmentalizing for me was important.
<danshearer> fbc: wow! I hadn't thought of putting them all in a file
<danshearer> fbc: you're right, that's painful. The thing is you then have to generate that file and rerun the script each time it changes
<danshearer> fbc: there are other ways of getting yes/no answers for iptables rules
<danshearer> fbc: for example, hooking into an rbl
<danshearer> fbc: its called packetbl iirc
<fbc> danshearer, ok... I'm gonna setup a small lab this afternoon and see what i can get done..
<jambooda> Anyone?
<danshearer> fbc: if you happen to be running your own dynamic router you can drop packets on the floor there too
<danshearer> fbc: but there was also a specific package I remember trying out for just this use case, hang on
<danshearer> fbc: ah yes, this was a couple of years ago I tried this and I didn't put it into production, but it looked good
<danshearer> fbc: http://www.dessent.net/linblock/
<fbc> jambooda, it's a pretty straight forward install.. there should be no special tricks
<fbc> jambooda, got xeon.. use 64-bit version... to take advantage
<jambooda> fbc, so you have ubuntu server installed on a poweredge r805?
<jambooda> I know installing the OS is straightforward.  I've installed it many times but I want to make sure there are no issues with this particular server
<danshearer> fbc: if you get a chance it would be good if you wrote down a log of your experiences, and any improvements to my scripts
<zul> soren: \sh asked if we could bump up the php memory from 16 to 32 I dont have a problem with it
<fbc> danshearer, sure.... It would be nice... to publish a howto guide for the rest of the world. And if I ever get a round to learning to program in C, I'll create a gtk+ app to create the syntax..
<pschulz01> fbc: perlgtk is another option, with glade.
<pschulz01> danshearer: What was the other idea you floated recently?
<kirkland> zul: did you see that I put an (untested) php5-5.2.6 package in my PPA for hardy?
<danshearer> pschulz01: can I have a little context?
<zul> kirkland: nope but good
<kirkland> zul: it built just fine, no changes necessary
<zul> kirkland: sweet I didnt expect any changes were necessary since you already built it locally
<kirkland> zul: right
<kirkland> zul: i figured we'd let it bake there for a little while, and if people find it useful, they can try to push it through the -backports process
<zul> kirkland: ok by me :)
<fbc> pschulz01, I'll have to learn pearl. I'm limited to batch,basic,php,mysql,html,some java.
<danshearer> fbc: great ideas, but at the least if I could have some fixed scripts to publish that would be good
<danshearer> fbc: and as to your list of 300 addresses, if you have to write them all in iptables rules something is probably wrong
<fbc> providing a zip file or something of a basic config might not be bad.
<danshearer> fbc: and iirc a while back you mentioned ebtables, that's at a lower level than anything else we've discussed here
<uvirtbot`> New bug: #237391 in openssh (main) "ssh-keygen should default to dsa not rsa" [Undecided,New] https://launchpad.net/bugs/237391
<spiekey> how can i add a script to the startup of ubuntu?
<spiekey> is there some tool for the runlevels?
<spiekey> (i would like to run my firewall script when my box is starting up)
<nealmcb> spiekey: you can put it in /etc/rc.local
<nealmcb> or you can make a script for /etc/init.d
<spiekey> thanks
<mathiaz> kirkland: re bug 237391
<uvirtbot`> Launchpad bug 237391 in openssh "ssh-keygen should default to dsa not rsa" [Undecided,Confirmed] https://launchpad.net/bugs/237391
<mathiaz> kirkland: why ?
<nealmcb> mathiaz: indeed - aren't dsa keys, e.g., more vulnerable to problems with random number generators :(
<nealmcb> e.g. http://www.schneier.com/blog/archives/2008/05/random_number_b.html#c271308
<danshearer> <spiekey>
<danshearer> <spiekey> update-rc.d will make the links for you.
<kirkland> mathiaz: sorry....
<kirkland> mathiaz: i just updated my reply to that bug
<kirkland> mathiaz: I completely misread it
 * kirkland goes looking for more coffee
 * nealmcb is beaten by kirkland by 5 seconds in commenting on the bug....
<kirkland> nealmcb: :-)
<kirkland> nealmcb: I think the "X seconds/minutes ago" on Launchpad bug comments should be javascript
<kirkland> nealmcb: give the unix epoch time, and put a javascript counter in each of those
<kirkland> nealmcb: 1/2/3/4/5/6/7/8/9/10 seconds ago :-p
<mathiaz> jdstrand: do you have more ideas about auth-client-config ?
<jdstrand> mathiaz: that is a pretty open ended question...
<mathiaz> jdstrand: I was wondering if we could add automatic package installation to it
<jdstrand> mathiaz: I do plan to add netgroup support, there is a patch for it
<mathiaz> jdstrand: so that if you want to configure an ldap profile, it pulls in nss_ldap
<jdstrand> mathiaz: oh-- you mean for the user auth integration stuff
<mathiaz> jdstrand: user auth integration ?
<jdstrand> mathiaz: automatic package installation-- hmm
<jdstrand> mathiaz: I always envisioned it the other way around
<jdstrand> openldap/clients/etc
<mathiaz> jdstrand: well - I was wondering if we could turn auth-client-config into an equivalent to domain-join from likewise-open
<jdstrand> the intrepid integration work discussed at UDS
<lukehasnoname> Isn't RSA pretty easy to crack nowadays?
<soren> Er... No.
<lukehasnoname> hmm...
<jdstrand> mathiaz: well, auth-client-config on it's own is just a tool to do profile switching
<mathiaz> jdstrand: the use case would be - to setup your ubuntu client to use your ldap server run: auth-client-config ldap
<jdstrand> lukehasnoname: not with sufficient bits
<jdstrand> mathiaz: yes-- that is the intent of the program
<jdstrand> mathiaz: difference being, there might be a different program, say ubuntu-ldap-client, that would provide the profile, then call auth-client-config from postinst
<mathiaz> jdstrand: right - but the end user still has to figure out that the nss-ldap and pam-ldap packages have to be installed in order to make it work correctly
<jdstrand> mathiaz: the idea being that the package maintainer knows more about configuring this stuff than auth-client-config
<soren> lukehasnoname: You can't crack it. You can brute force it. And even if you could check 100 trillion keys in a second, it would still take you 10^286 years to go through the 1024 bit keyspace.
<jdstrand> mathiaz: ubuntu-ldap-client would Depends on whatever is needed
<soren> lukehasnoname: A.k.a. "a very long time".
<jdstrand> soren: uh, I am not sure your math is right there
<mathiaz> jdstrand: hmm.. and ubuntu-ldap-client would drop a profile for auth-client-config
<jdstrand> mathiaz: exactly
<soren> jdstrand: It does sound a bit high.
<soren> (2^1024/100000000000000)/(60*60*24*265)
<jdstrand> mathiaz: there could be all kinds of these things-- ubuntu-ldap-client, ubuntu-kerberos-client, etc, etc
<danshearer> soren: but it's still "universe getting chilly" sort of timeframe. And hello
<soren> jdstrand: Er... Ok, that should clearly have been 365 days in a year.
<mathiaz> jdstrand: well - I only see two of them - ubuntu-ldap-client and ubuntu-kerberos-client
<soren> danshearer: Ahoy there :)
<mathiaz> jdstrand: I was wondering if likewise-open could provide a profile to auth-client-config too
<jdstrand> mathiaz: IMO, auth-client-config should be very dumb, and is simply a tool for maintainer scripts and administrators
<soren> Changing the number of days in a year only changed the fourth most significant digit (base 10).
<jdstrand> mathiaz: absolutely-- the more the merrier :)
<mathiaz> jdstrand: agreed
<jdstrand> mathiaz: while ubuntu may only have 2 or 3 of these packages-- an administrator may have site-profiles for ease of maintenance
<mathiaz> jdstrand: in the example of ubuntu-kerberos-client, there needs to be more work done to join a client to the realm
<mathiaz> jdstrand: do you think auth-client-config could be extended to do that work ?
<mathiaz> jdstrand: this is the other part in domain-join IIUC
<jdstrand> mathiaz: well, auth-client-config is technically just pam and nss, I guess you are talking about krb5.conf?
<mathiaz> jdstrand: you need to configure your local system (pam and nss),  plus do some other work on the server side ('register' the machine)
<jdstrand> mathiaz: oh yes
<jdstrand> mathiaz: OTOH, seems the server side stuff should maybe have an addkerbhost script of something
<mathiaz> jdstrand: I'm trying to figure out if we can provide the equivalent of domain-join for ubuntu-ldap-client and ubuntu-kerberos-client
<jdstrand> s/of/or/
<mathiaz> jdstrand: http://people.ubuntu.com/~mathiaz/network_auth_integration.png
<mathiaz> jdstrand: ^^ this is a big picture of network authentication from the client POV
<jdstrand> yes
<mathiaz> jdstrand: I'd like to see if we can provide a single command to handle all of the three scenario
 * jdstrand is thinking
<mathiaz> jdstrand: auth-client-config IIUC can handle the pam/nss configuration
<jdstrand> mathiaz: yes, that is all it does. it safely updates nss and pam based on the profile specified
<mathiaz> jdstrand: but we need to add some infrastructure to configure other parts of the system (krb5.conf or lwidentidy.conf or /etc/ldap.conf)
<jdstrand> mathiaz: I definitely see it as a component of this, but update these other .conf files seems out of scope for a-c-c
<jdstrand> mathiaz: but maybe not
<mathiaz> jdstrand: and do the right thing to register the machine in the infrastructure
<mathiaz> jdstrand: do you think this is out of the scrope of auth-client-config ?
<jdstrand> I don't want to unnecessarily limit my thinking
<soren> jdstrand: If you think my maths is wrong... What do you get if you do the maths?
<jdstrand> mathiaz: my gut feeling is it is out of scope, as what you are suggesting is ubuntu-specific, whereas administrators use it for other things
<soren> For reference, this is what I asked bc:
<soren> l(((2^1024)/(100*10^12))/(60*60*24*365))/l(10)
<soren> For maximum clarity.
<soren> The result is the power to which I need to raise 10 to get the number of years I'd need to sit around waiting for my supercomputer to finish.
<jdstrand> mathiaz: however, auth-client-config does seem to be an important component of your design
<jdstrand> (as is)
 * soren goes to dinner
<jdstrand> mathiaz: mind you, I am just thinking out loud
 * mathiaz doesn't hear jdstrand 
<lsal> did anyone got openldap with tls working on ubuntu8
<mathiaz> jdstrand: what about adding a check to auth-client-config to make sure that the librarys it's about to setup for pam and nss are available, and if not, list the packages that should be installed ?
<mathiaz> jdstrand: /librarys/libraries/
<nealmcb> soren: well, 1024 bit rsa keys can be brute-forced much more easily than that, given other smarts in the algorithm, but it is still awfully hard for the time being
<nealmcb> ... since you don't need to check all the possible values...
<jdstrand> mathiaz: what is the end result you would like to see. rather than saying the executable is auth-client-config, lets call it uauth. eg:
<jdstrand> uath ldap ...
<jdstrand> can you give an example of the command and what the result should be, and let's go from there
<mathiaz> jdstrand: uauth --ldap-cert=/etc/ca.cert ldap-profile dc=example,dc=com
<mathiaz> hmm
<mathiaz> jdstrand: uauth --ldap-cert=/etc/ca.cert ldap-profile dc=example,dc=com ldap.example.com
<jdstrand> mathiaz: well, some of those smarts are already in the libnss-ldap and libpam-ldap packages
<mathiaz> jdstrand: configure your system to use ldap.example.com to perform authentication and nss lookups
<jdstrand> mathiaz: gotcha
<mathiaz> jdstrand: uauth krb5-profile example.com
<mathiaz> jdstrand: updates the krb5.conf file and gets the host keytab (somehow)
<jdstrand> mathiaz: what if the 'uauth' package provided your three profiles? uauth the executable could then be smart enough to update /etc/krb5.conf, /etc/ldap.conf or whatever, and then call auth-client-config
<mathiaz> jdstrand: yeah - that's what I was thinking of
<jdstrand> mathiaz: this keeps the high level stuff out of auth-client-config (so other admins/packages/users/distros can use it)
<mathiaz> jdstrand: the same design as auth-client-config, but you'd have to provide some code to create the configuration on the host
<jdstrand> mathiaz: exactly-- and this is ubuntu integration specific
<mathiaz> jdstrand: auth-client-config uses just a declarative langage for profiles
 * mathiaz nods
<jdstrand> mathiaz: I haven't used likewise yet-- does it do more than pam?
<mathiaz> jdstrand: yes - AFAICT it does nss also (ie winbind function)
<jdstrand> (other than the equivalent of ldap.conf, etc)
<mathiaz> jdstrand: and the domain-join commands makes sure that your system is setup properly (krb5.conf, etc...)
<mathiaz> jdstrand: domain-join support 100s of platform
<jdstrand> mathiaz: ok good-- then a-c-c can be used here as well
<mathiaz> jdstrand: it also does the right thing to create your machine account in AD
<mathiaz> jdstrand: that's what I was thinking.
<mathiaz> jdstrand: so to be more specific about auth-client-config, I was suggesting to improve error detection
<mathiaz> jdstrand: such as libraries that are supposed to be used are not available
<mathiaz> jdstrand: and improve logging to support syslog (for automated installation)
<jdstrand> mathiaz: since we inherit a lot of debconf from debian for this stuff, it might be weird to have uauth Depends on all these packages
<jdstrand> mathiaz: I have no problem with syslog
<mathiaz> jdstrand: oh - I wasn't suggesting that auth-client-config depends on packages
<jdstrand> mathiaz: simple .so checks for pam probably would not be a bad idea
<jdstrand> mathiaz: no, I didn't think you were-- I was thinking about the new 'uauth' package
<mathiaz> jdstrand: just that libraries that it's about to setup are available - if not, give pointers to where they can be found
<mathiaz> jdstrand: well the uauth package wouldn't depend on this
<jdstrand> mathiaz: uauth could be-- uauth-common, uauth-ldap, uauth-kerberos, uauth-likewise
<mathiaz> jdstrand: the profiles would specify what packages are needed when installing - and debconf answers could be preseeded
<jdstrand> just OTOH
<mathiaz> lsal: have you checked in LP for bugs ? IIRC there was some bug about TLS/SSL for openldap on hardy
<lsal> no i didnt.. let me check
<jdstrand> mathiaz: yeah-- there are some variations on this theme, but something like this
<mathiaz> jdstrand: right - uauth-common would be the command and the glue to setup the profiles provided by uauth-ldap
 * jdstrand nods
<jdstrand> mathiaz: I'm still thinking that the dependencies should be done in these packages though (as opposed to a-c-c)
<mathiaz> jdstrand: great - thanks for your input - I'll update my spec with your uauth package suggestion
<mathiaz> jdstrand: these packages == uauth-{ldap,krb5,...} ?
<jdstrand> mathiaz: yes
<mathiaz> jdstrand: agreed.
<jdstrand> uauth-ldap needs libpam-ldap and libnss-ldap, etc
<mathiaz> jdstrand: auth-client-config is just one component used to manage the pam/nss configuration
 * mathiaz nods
<jdstrand> mathiaz: agreed
<nealmcb> soren: where does your dc "l" (log?) function come from?
<mathiaz> jdstrand: and providing plugins/scripts to modify configuration files should not be against the debian policy
<mathiaz> jdstrand: wrt to configuration files
<jdstrand> mathiaz: the idea of checking for the .so pam lib is interesting-- I'll need to think about how to do this in a distibution agnostic way
<jdstrand> mathiaz: not at all-- if you provide a tool to update configuration files, that is ok
<jdstrand> mathiaz: what gets sticky is updating configuration files from maintainer scripts
<jdstrand> whether via a tool or not
<jdstrand> mathiaz: eg, I thought a-c-c could be used to manage common-auth, common-password, etc
<jdstrand> mathiaz: but in order to do that, either pam needs to depends on a-c-c, or a-c-c needs to own those
<jdstrand> mathiaz: you can see that a-c-c could end up owning a lot of files if you go the second route and more and more programs use it, so the former was decided
<jdstrand> (even though ultimately it was decided pam wouldn't use a-c-c)
<nealmcb> soren, your formula suggests that it would take 10^178 years to find rsa-200 (663 bits).  But that was found back in 2005....  http://en.wikipedia.org/wiki/RSA_Factoring_Challenge
<jdstrand> mathiaz: but that is neither here not there
<jdstrand> mathiaz: even if you do no configuration directly in the maintainer scripts, being able to do 'uauth <opts> ...' is a *big* improvement
<nealmcb> 1024-bit keys don't have an adequate margin for many purposes now...
<jdstrand> soren, nealmcb: I think the problem in the formula is that the 2^1024 is simple how many numbers there are. however, breaking rsa is about finding the two prime numbers p and q that equal 'n'. there are far fewer than 2^1024 prime numbers in a 1024 bit key
<jdstrand> specifically, we don't need to check 2, 4, 6, 8, 9, ... so the 'brute-force' can be much more intelligent
<nealmcb> jdstrand: right, among many other things.  the attacks are really sophisticated these days
<jdstrand> nealmcb: absolutely
<jdstrand> nealmcb: I was in no way trying to brainstorm a way to crack rsa :)
<nealmcb> what default key size are we generating now?
<jdstrand> nealmcb: default? you mean via openssl or ssl-cert?
<nealmcb> probably should be at least 2048
<nealmcb> yeah, and ssh
<jdstrand> nealmcb: ssh is 2048, ssl-cert (for snakeoil) is 1024, and IIRC openssl with specifying '-b' is still 512
<jdstrand> nealmcb: the man page for openssl (req) says 512 bits if default_bits is not specified, but debian/ubuntu specifies 1024 bits in /etc/ssl/openssl.cnf, so openssl without specifiying '-b' is 1024
<jdstrand> (which makes much more sense as 512 is pretty much worthless now)
 * nealmcb shivers at 512 and looks around
<nealmcb> yeah - I just found that default_bits - ouch.  shouldn't we change the 1024 to 2048 in openssl.cnf?
<jdstrand> probably should...
<jdstrand> I'm sure there has been discussion in Debian on that
<nealmcb> hopefully in openssl themselves also
 * jdstrand makes a note to look into this further
<nealmcb> :)
<jdstrand> though really, I always specify the bits so I know what I am getting
<jdstrand> but that doesn't help ssl-cert any
 * nealmcb nominates jdstrand to be sysadmin everywhere
<jdstrand> heh
<nealmcb> :)
<jdstrand> kees: off-hand, can you think of any objections to setting default_bits in openssl.cnf to 2048? it is currently 1024, which affects things like ssl-cert. If you can't think of anything, I've made a note to look into it more.
<jdstrand> (and this would be a 'get Debian involved' kind of thing)
<nealmcb> ...and upstream!...
<nealmcb> (or is that our package/file from the start?)
<jdstrand> nealmcb: I'm not sure, but point taken
<nealmcb> i.e. what package is that openssl.cnf in?
<jdstrand> $ dpkg -S /etc/ssl/openssl.cnf
<jdstrand> openssl: /etc/ssl/openssl.cnf
<nealmcb> thanks
<kees> jdstrand: I don't see any reason it'd be a problem.
<kees> jdstrand: sort of follows our general goal of increasing bit sizes of encryption in pam, e.g.
 * jdstrand nods
<kees> we need to close 237391 -- rsa needs to stay.
<nealmcb> coffeedude: yo dude!
<jdstrand> kees: uh-- I'm going to slap that down right now if you haven't already
<nealmcb> you missed a great time in prague.  Put Mountain View on your calendar....
 * Kelerion just sits there and cries
<Kelerion> I've spent the last 4 hours trying to figure out why alom won't update its firmware from my tftp server
<nealmcb> Kelerion: alom?
<Kelerion> sun bios
<Kelerion> and then i figure it out... it doesn't use tftp... it uses regular ftp...
<kees> Kelerion: d'oh!
<Kelerion> i want to kick something... lol
<kirkland> kees: yeah, agreed on rsa...  i read that bug title pre-coffee :-S  sorry.
<kees> hehe
<zul> soren: any objections to bumping up the memory limit for php5 to 32?
<soren> jdstrand: Good point.
<soren> nealmcb: "bc -l" gives you l() which is a logarithm function. I always forget the base, so I just stick a /l(the base I want) at the end.
<nealmcb> soren: ah - cool.  I just went with python....
<coffeedude> hey nealmcb
<nealmcb> coffeedude: so how is likewise rolling along?
<soren> zul: Er... Yes, probably :)
<soren> zul: Why?
<zul> soren: \sh asked on #-devel this morning and I said I would ask around
<zul> I know we been through this before :)
<soren> Why does he want to raise it?
<zul> no idea
<soren> Then I'm even more opposed to it :)
 * nealmcb appreciates soren's perennial focus on the underlying problem
<soren> :)
<coffeedude> nealmcb:  Things are going well.  Pretty busy these days.  Kind of falling behind on email though :-)
<jdstrand> re php5> how many times does that horse have to be beaten anyway?
<kees> a few more times, I guess.  keeps kicking.
<jdstrand> *slap*
<jdstrand> *kapow*
<jdstrand> we'll see if that does it
<zul> jdstrand: repeatedly until its dead
<ghaleb> hello, I would like to install a radio server, for streaming , any ideas ?
<kirkland> ghaleb: apt-cache search icecast
<kirkland> ghaleb: there are a few options there
<ghaleb> kirkland, thank you ,, this is what I want , a starting point
<kirkland> ghaleb: you're welcome.  i've barely played with icecast-server, so i won't be of much more help.
<Koon> kirkland: about your comment @ https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/129789/comments/8
<uvirtbot`> Launchpad bug 129789 in openssh "sshd seems to be run multiple times at startup" [Undecided,Incomplete]
<ghaleb> :)
<Koon> kirkland: the issue is that by default, both ipv4 and ipv6 are enabled -- so by default our sshd_config makes it noisy at start
<kirkland> Koon: right
<Koon> I still don't get why it would restart though
 * Koon digs further
<Koon> hhmmm... does a DHCP lease renewal trigger if-up.d scripts ?
<Koon> answer:no
<Furom> answer = yes; do{ answer = yes; }while(true);
<Furom> lmao
<nealmcb> server team meeting in #ubuntu-meeting in 4 minutes...
<zul> no 3 minutes :)
<nealmcb> https://wiki.ubuntu.com/ServerTeam/Meeting
 * nealmcb finds that his finely-tuned clock (see adjtimex and ntpdate)  has let the workstation drift by only 0.08 seconds over the last month, and smiles
<lukehasnoname> Can Virtualbox do live migration?
<danshearer> lukehasnoname: nope
<lukehasnoname> so why, if I may ask, do I always hear about VB on IRC and ubuntuforums, and not Xen?
<lukehasnoname> Not trying to sound snobbish
<danshearer> lukehasnoname: no idea, because I'm new around here. But the kind of people that find VB really
<danshearer> attractive are often repelled by Xen because it is usually more trouble to set up
<danshearer> And Xen hasn't got a really long lifetime ahead of it anyway. To paraphrase the old saying: Xen is the question,
<lukehasnoname> hm... well I've talked to some sysadmins and they use VMware ESX for all of it's GUI administration tasks and its live migration (I work as intern at "HugeCorp")
<danshearer> the answer is 'no'. And I've done quite a bit of Xen that's stable and scaleable and all that good stuff.
<lukehasnoname> Do you mean it's going to die; it's not maintained?
<danshearer> That I can't say, after all there are still a lot of people working on it. But it is a very large piece of code that has to
<danshearer> be in the kernel but never will be in the official kernel, so it has to have an out-of-tree maintenance effort. And it is very much larger
<danshearer> than it needs to be as other projects have demonstrated.
<lukehasnoname> because I've read up on its capabilities, and it's pretty advanced. well, you said it "hasn't got a long lifetime ahead of it"
<danshearer> So, in my personal opinion, if you are making a strategic bet for the next 3-5 years on a kernel technology that everyone
<danshearer> agrees will never be in the kernel, and where we have a fast-moving kernel so this technology has to be maintained out of tree, and
<captbaritone> I just installed three new SATA drives on a new pci sata expansion card. "ls /dev/sd*" lists sda, sdb, sdc as I expected. When I try to fdisk sda one I get "Unable to read /dev/sda" but the other two work.
<danshearer> where kernel decisions are being made regularly without any regard to how hard it might make life for this out-of-tree code, then
<danshearer> there are some pretty serious questions to look at.
<danshearer> There is also the issue of completeness. The level of polish in Xen scripts and so on isn't all that high (not hard to get
<danshearer> Python errors that are truly obscure) and after all this time if a thorough job can't be done of this level of packaging, what's going to
<danshearer> suddenly make it better? Finally, the company behind it seems to have mostly settled on a business model that relies on the
<danshearer> open source version being less manageable than the closed-soure enterprise versions. So where's the incentives to fix the OSS version? :-)
<ScottK> danshearer: You might want to join us in #ubuntu-meeting as we're having an Ubuntu Server Team meeting now.
<danshearer> So, that's the reasoning behind my claim there, and I don't think it is very original reasoning either.
<danshearer> Ah!
<danshearer> ScottK: timezones, timezones.. coming and thanks
<Furom> Is installing ruby on rails covered in the server chat? I've tried following tutorials, and guides, and even documentation, but I can't get it to work. I've installed the debian package for rails and I have ruby installed with gems and all, but when I go to access "ruby test.rb" from a web browser, I just get plain text. If it's anything that anyone may need to know, I'm running apache2, with php and I even tried installed
<Furom> mod_fgid, but it did nothing.
<owh> Furom: After enabling the module, did you reload the web-server?
<Furom> owh, yeah, I've reloaded, and restarted, still "puts 'Hello'" shows in text format.
<Furom> owh, would I happen to be using the wrong file extention or something?
<owh> Furom: Does the module show as enabled in the logs or in the server identity string?
<Furom> owh, how do I check that? I've not gotten into how to read my logs yet, I'm just trying to setup my environment.
<uvirtbot`> New bug: #237460 in open-iscsi (main) "Root on iscsi is not supported" [Undecided,New] https://launchpad.net/bugs/237460
<owh> Furom: Check /var/log/apache2/*
<Furom> Nah, I don't see nothing about rails or mod_fgid
<Furom> owh, thanks, time to go google about how to enable it all. At least now I know that they're not enabled.
<owh> Furom: a2enmod is the command.
<Furom> owh, thanks =D
<nijaba> Kees verified the new version of Limesurvey: unfortunately not all issues that he reported have been solved (or correctly solved) in the latest version...
<nijaba> As we are clearly running out of time, here are a few possibilities:
<nijaba> 1/ run it on proprietary software Canonical has paid for (would not be running on ubuntu.com, has a limited feature set compared to limesurvey)
<nijaba> 2/ run it on survey monkey (would not be on ubuntu.com, not fully evaluated)
<nijaba> 3/ run limesurvey on an isolated server I would rent for the occasion (with a few calculated risk that kees could help me identify)
<nijaba> 4/ See with elmo  if it possible to run limesurvey on an isolated server
<nijaba> (or other proposals I may not have not thought about).
<nijaba> Note that 1 and 2 would cause us to post the logic and retest everything.
<nealmcb> (note - we're continuing the conversation from #ubuntu-meeting....)
<kees> there's a lot of code in limesurvey, much of it intertwined with SQL, so getting it all sorted will take a while, I think.
<kees> the places where it can be abused are relatively small, though
<kees> but they're not zero
<kees> which is why I'm still not able to recommend it.  (sorry, I know that's a bit troublesome)
<jdstrand> kees: sorry that I am not up to date on limesurvey-- but does it use something like adodb?
<nijaba> jdstrand: yes, mostly
<kees> it does, but not in a reliably safe way
<kees> too much of things like:
<kees> tkquery = "SELECT COUNT(*) FROM ".db_table_name('tokens_'.$surveyid)." WHERE token='".db_quote($token)."' AND (completed = 'N' or
<owh> Crap
<kees> and db_quote adds quotes
<kees> so you get  WHERE token=''$token''   oops
<jdstrand> hmmm...
<owh> kees: And that's in production? Yuk
<kees> I'd like to see proper WHERE token=?  ....   execute($query, @args)   etc
<kees> and then there is at least 1 scary looking eval that comes from the database:
<owh> kees: What language is it written in?
<kees> if (eval('if (trim($cfieldname)'. $row['method'].' trim($cvalue)) return true; else return false;'))
<nijaba> PHP
<kees> owh: PHP
<owh> Crap, I can't even hide. Have you got a list of issues kees?
<jdstrand> eek
<kees> anyway, the eval risks seem to require either an evil admin, SQL injections, or both.  but it's hard to audit due to the heavy use of globals, SQL strings, etc
 * danshearer is away: moving computers
<nijaba> kees: but if admin is limited to trusted individuals, is the risk fading?
<kees> owh: my recommendations remain the same as the original email I sent.  if I itemized the lines that needed fixing, it might take days
<kees> nijaba: yeah, but again, if SQL injections are possible, a random user could potentially make themselves an admin, etc.
<kees> it's all unlikely, but imaginable
<nijaba> kees: oh, you mean you found SLQ injections in the user part?
<owh> kees: I didn't see the original email, but I'm an experienced PHP developer. If I spend two days cleaning it up will that get us there, or is it going to be a waste of time?
<kees> and since the code isn't consistent with its SQL usage and the global vars, and alternating sanitization, it's very hard to be sure without really really careful examination of every line, which makes it also fragile for future updates
<nijaba> owh: limesurvey is 12Mo
<owh> nijaba: Surely that is not all PHP code.
<kees> $ find . -type f -name '*.php' | xargs wc -l
<kees> ...
<nijaba> owh: there is a LOT of code, trust me, or have a look at it
<kees>  136754 total
<kees> (though that includes the many embedded modules)
 * owh stops contemplating working on it for two days.
<soren> whuh...?
<owh> To me that indicates that nijaba's option 3 and 4 are out.
<kees> owh: I think it's possible to fix it, yes.  It just requires redesigning how SQL it used and being more careful with output
<jdstrand> it embeds adodb and others?
<kees> they're already on their way to fix it, it's just not really done yet
<nijaba> jdstrand: yes
<owh> kees: Yes, but fixing it won't likely be in time for our survey to be useful.
<nijaba> jdstrand: but I have "fixed" that in my package
<kees> owh: that might be true yeah.   options 3 and 4 seem reasonable since it would isolate the risks, and the risks are in the "unlikely" category.
<ajmitch> kees: sounds like a bit of a nightmare
<owh> kees: Other than that the database can be compromised, cleared, altered and the results becoming meaningless, yes :)
<kees> ajmitch: I'm seen much worse.  limesurvey is certainly working to be safe.  they're just not all the way there yet.
<kees> owh: right, vandalism may be possible.  but again, I think it's an unlikely situation (but not impossible)
<owh> kees: Can we mitigate, by doing database replication/backups?
<kees> owh: probably possible.  just more admin work.
<owh> I think that the risks don't outweigh the benefits.
 * kees leaves that up to nijaba and elmo
<kees> I'm just giving my opinion on the code safety.  :)
<nijaba> elmo: really your call: do we go to option 1 or 2?
<elmo> (1) and (2) are proprietary and/or survey monkey?
<nijaba> elmo: yes
<owh> If we're going to redo it, I'd go for option 1 - it's in-house.
<nijaba> elmo: my worst fear would be for the data to be stolen
<elmo> err, I'm confused are you asking 'should we do option (1, 2) or something else' or 'should we do option (1) or option (2)?
<elmo> 'cos if you're not running survey software on my servers, it's not really my (professional ;-) business :)
<nijaba> elmo: I am asking you if we should rule out option 1 and 4
<nijaba> sorry 3 and 4
<elmo> right, wel
<elmo> argh, I don't really know
<elmo> if a) you guys genuinely think upstream are making progress and it will one day be a sane codebase
<elmo> and b) you're super keen to get whatever offers limesurvey offers you and benefit from whatever work you've put into it
<elmo> then, we can run it, I guess
<kees> I don't think it'll be fixed within the year unless someone is dedicated to doing the redesign.
<nijaba> kees: can we rule out the possibility for the data to be stolen? only vandalize at worst?
<elmo> (but all things being equal, I'd rather not )
<jdstrand> well, there is an assumption in 1 and 2 that it is actually better than limesurvey-- I don't know any of it, but am not sure that assumption is true
<kees> nijaba: I can't say we can rule it out, no.
<nijaba> jdstrand: good point
<owh> jdstrand: I did consider that also, which is why I lean toward option 1.
<kees> nijaba: if one can inject, one can likely extract.  and if they actually gain shell access, game over for data
<nijaba> owh: sure, security by obfuscation?
<owh> nijaba: No, security by hitting the supplier.
<nijaba> :)
<jdstrand> nijaba: I guess with adodb it doesn't care if it's mysql or postgresql?
<nijaba> jdstrand: normally not, but not tested with pgsql
<jdstrand> kees: well, if we run it on an isolated surver with mysql, then we have apparmor
<jdstrand> (on hardy)
<jdstrand> I think that would pretty well mitigate non-db access
<kees> jdstrand: it could -- just more admin work.
<nijaba> kees: not really, the profile is there already
 * nealmcb agrees with jdstrand - who knows how secure the proprietary option is (what is it?) or surveymonkey
<owh> Also, from memory you can log all MySQL queries to syslog.
<jdstrand> nijaba: more work because of the isolated server
<kees> nijaba: well, isolating the web server really.
<nijaba> jdstrand: my plan was to run it in a KVM...
<nijaba> I mean, for option 3
<owh> If we can mitigate access and we can log all queries, are we not able to roll?
<nijaba> elmo: given that the survey should only run for a couple month this round, I'd be ok to go for option 3 and take the admin on my shoulders if you want.  Would you be ok to moint some serversurvey.ubuntu.com record to it?
<nijaba> point, too
<elmo> nijaba: the loco server debacle showed us that if it has the ubuntu name outsourcing doesn't help us PR wise
 * kees has to go afk, back in a bit.
<elmo> if we're going to do this, I'd rather it be (4) than (3)
<nijaba> elmo: right. and your feeling on 4 at this point (and we'll close the subject after that).
<elmo> nijaba: hasn't really changed from what I said before.  if (a) and (b) are true, we can do it
<nijaba> elmo: I beleive they are.  owh, do you agree on (b)?
<owh> nijaba: Depends on what I'm agreeing to putting in.
<nijaba>  b) you're super keen to get whatever offers limesurvey offers you and benefit from whatever work you've put into it
<nijaba> owh: pasting from elmo ^^
<owh> nijaba: I understood that, what I mean is, what expectations does ubuntu-server - ie, you - have that I do with/to limesurvey?
<nijaba> limesurvey itself: not much
<nijaba> the test we have done on the survey we prepared: a lot
<nijaba> and you were a big part of that
<nijaba> together with faulkes-
<owh> WFM
<owh> nijaba: If you turn on the General Query Log: http://dev.mysql.com/doc/refman/5.1/en/query-log.html on the database - log to a remote syslog server, then we can rebuild if the shit hits the fan.
<nijaba> elmo: I think we have a plan, then
<owh> Excellent, next topic :)
<mathiaz> so the plan is: 18:02 < nijaba> 4/ See with elmo  if it possible to run limesurvey on an isolated server
<mathiaz> ?
<nijaba> mathiaz: yep
<mathiaz> nijaba: ok - great !
<mathiaz> I think we running late
<nijaba> elmo and I will work out the details in the next few days, I guess
<mathiaz> and most of the people are not around anymore - so last topic:
<owh> mathiaz: Only 33 minutes thus far :)
<mathiaz> #
<mathiaz> Agree on next meeting date and time.
<nijaba> 15:00 UTC next week?
<nealmcb> (tuesday?)
<owh> Yeah, saw the post to the list, what day did you say again?
<mathiaz> tuesday
<mathiaz> works for me
<owh> I'll have to have a nanna-nap before the meeting :)
<nealmcb> works for me
<mathiaz> excellent - so next meeting: next tuesday, 15:00 UTC in #ubuntu-meeting
<nijaba> owh; we'll sponsor an ubuntu pillow then ;)
<owh> nijaba: Excellent, email it to me :)
<InsomniaCity> owh: so what happened about your ex-client with the ssh vulnerability?
<nijaba> owh: sure thing
<owh> nijaba: If you know which exact version of limesurvey you're going to run, and you can send me kees' comments, I can have a look at the code.
<owh> InsomniaCity: I sent a security notice and heard nothing. I sent several to other clients and fixed theirs.
<InsomniaCity> owh: I thought it'd be a non-issue :)
<nijaba> owh: thanks for the offer
<owh> InsomniaCity: At least I can look in the mirror and sleep well.
<InsomniaCity> yup
<owh> nijaba: Sure.
<owh> InsomniaCity: I'm glad I asked though. It helped formulate a plan - so thanks for your input at the time.
 * nijaba need to go get some sleep.  Thanks everyone!
<InsomniaCity> owh: np :)
<owh> Thanks mathiaz for chairing another wonderful meeting.
<nijaba> and thanks to mathiaz for hosting the meeting once more
<owh> #endmeeting :)
#ubuntu-server 2008-06-05
<soulc> can someone help with an vsftpd problem?  error @ http://pastebin.ubuntu.com/17028/
<soulc> I get no love
<JanC> soulc: sounds like something is wrong with your PAM configuration
<soulc> any suggestion on fixing it?
<ahasenack> soulc: perhaps something as simple as a too restrictive permission
<soulc> can you point to docs maybe?
<ahasenack> soulc: check the permissions of /etc/pam.d/vsftpd
<soulc> -rw-r--r--  1 root root  334 2008-05-25 17:05 vsftpd
<ahasenack> soulc: and the /etc/pam.d directory?
<soulc> should the dir be exicutable?
<ahasenack> yes, 0755 in that case
<soulc> drwxr-xr-x   2 root root     4096 2008-05-25 22:38 pam.d
<zul> sommer: the openldap in my ppa should be built if you want to test it out
<ahasenack> soulc: looks fine, I don't have any more immediate ideas
<kgoetz> hi all. anyone written a patch for logwatch to report the number of blocked keys/the keys (like failed logins/illegal users).
<soulc> thansk
<soulc> er
<soulc> thanks for the effort.. |-)
<ahasenack> perhaps the file is empty, or has some bogus content
<soulc> http://pastebin.ubuntu.com/17038/
<ScottK> dendrobates: I don't see a spec for the different flavors of server (e.g. the mail gateway) that we discussed at UDS.
<ahasenack> soulc: no immediate clue, sorry
<ahasenack> soulc: I would enable debugging somewhere, vsftpd probably
<soulc> thanks anyway it is kinda strange
<soulc> ok
<ahasenack> or add some pam_warn.so lines in the pam file to see up to where it is getting
<soulc> the error message is saying that it can't load the vsftpd file in /etc/pam.d
<kgoetz> soulc: pastebin the error
<soulc> http://pastebin.ubuntu.com/17028/
<kgoetz> soulc: does the file exist? whats its perms?
<soulc> -rw-r--r-- 1 root root 334 2008-05-25 17:05 /etc/pam.d/vsftpd
<kgoetz> was it created by you or something else?
<soulc> something else
<kgoetz> i'm sure i've seen the error before, just dont remember the context
<kgoetz> (eg, how i fixed it)
<soulc> ha ha ha
<soulc> isn't that always the way
<kgoetz> yeah :/ it was 10 months ago in a different country :P
<soulc> I just can't login
<soulc> it is weird
<kgoetz> does your /etc/ftpusres (or whatever it was called) exist?
<soulc> yes
<soulc> http://pastebin.ubuntu.com/17043/ conf file
<slimjim8094> guys - anybody know how to set up a ddns-update scheme?
<slimjim8094> between bind9 and dhcp-server
 * danshearer is away: Zzzz
<sommer> zul: sweet
<jjesse_> evening
<sommer> hey jjesse_
<jjesse> thats better
<jjesse> hello sommer
<ScottK> kirkland: Would you please add licensing/copyright info to your ubuntu-vm-builder parameter generator script?  It's be useful for me possibly to reuse it.
<kirkland> ScottK: sure, i'm planning on adding it to ubuntu-vm-builder, soren-permitting
<kirkland> ScottK: would be licensed under the same as that package
<kirkland> ScottK: I'm glad to hear you find it useful ;-)
<kirkland> ScottK: I'll prepare a debdiff/branch for soren tomorrow, okay?
<ScottK> kirkland: All i need is for you to add it to your .html file on p.u.c.  I plan to modify it.
<kirkland> ScottK: okay....
 * kgoetz respams channel with his question - anyone written a patch for logwatch to report the number of blocked sshkeys by ssh-vulnkey (like failed logins/illegal users)
<kirkland> ScottK: see how that looks....
<ScottK> kirkland: THanks.
<kirkland> ScottK: no prob, enjoy.
<ca_dsl> hi all
<ca_dsl> I need some help with compiling a driver
<ca_dsl> specifically how the heck I get all the headers needed
<hads> What are you compiling?
<ca_dsl> highpoint "open source" drivers
<ca_dsl> for the rocket raid 454
<ca_dsl> I am trying to follow this howto: http://stefan.freyr.org/?page_id=6
<ca_dsl> but am stuck at the make section
<ca_dsl> it is obvious I am missing headers
<ca_dsl> but I have no idea wich ones or how to get them
<hads> It's not obvious to me without an error message.
<hads> :)
<ca_dsl> there are alot of them
<hads> Pastebin them.
<ca_dsl> how do I do that?
<ca_dsl> I have been trying to pipe to an output file
<ca_dsl> with no success
<hads> Are you in an SSH terminal or at the console? If a SSH terminal just copy and paste.
<ca_dsl> at the terminal
<kgoetz> ca_dsl: try 'upstream-dev' (it may still be in the repos)
<hads> You should be able to `command > output_file`
<ca_dsl> kgoetz: "Could not find package upstream-dev"
<kgoetz> ls
<kgoetz> oops. (ls wasa meant for my terminal)
<ca_dsl> hads: i did that but the output did not match what was on the screen
<kgoetz> pity. it would be handy right now
<hads> Well it may be stderr, try `command &> output_file`
<kgoetz> ca_dsl: you might need 2> as well (stderr)
<ca_dsl> ahh
<ca_dsl> okay
<ca_dsl> says that I don't have config.h
<hads> Do you have the kernel headers installed?
<ca_dsl> I believe I do
<ca_dsl> yes
<hads> pastebin the output from `uname -r` and `dpkg -l | grep linux-`
<ca_dsl> "/usr/src/linux-headers-2.6.24-16-server exists
<ca_dsl> hads: trying now
<ca_dsl> hds: does not come up with anything
<ca_dsl> but I am sure I did an apt-get install linux-2.6.24-16-server
<hads> Impossible. type; uname -r
<ca_dsl> uname-r = 2.6.24-16-server
<ca_dsl> ?
<ca_dsl> I am running Hardy
<hads> OK now type dpkg -l | grep linux-header
<ca_dsl> 2 things
<ca_dsl> header files related to Linux kernal version
<hads> The package name...
<ca_dsl> linux-headers-2.6.24-16
<ca_dsl> and linux-headers-2.6.24-16-server
<hads> OK good
<nealmcb> ca_dsl: did you 'sudo apt-get build-dep <package>?'
<ca_dsl> am running all these commands after a sudo su
<ca_dsl> I never did a build-dep
<ca_dsl> could that be the prob
<ca_dsl> simply apt-get install <package>
 * nealmcb nods
<hads> Sounds like the source is too old for the kernel you are running.
<nealmcb> that's what its for
<ca_dsl> *sigh*
<ca_dsl> figures
<kgoetz> your also using your own environment, just be aware that when you switch back to your user some of your files may be owend by root
<ca_dsl> hmm, did not know that but is good to know
<ca_dsl> if I could build the driver then install it the file ownership is not too important
<ca_dsl> I would think any way
<ca_dsl> I need this driver for the rocket raid card as
<ca_dsl> I intend to use the raid 5 array to store the network data
<hads> http://www.archlinux.org/pipermail/arch/2006-December/012952.html
 * ca_dsl goes to url
<ca_dsl> *ponders*
<ca_dsl> could I copy autoconf.h to config.h
<ca_dsl> since i have no idea where the reference is for me to change it
<ca_dsl> nm
<ca_dsl> so if I understand that
<ca_dsl> I simply edit the .c file and change config.h to autoconf.h
<ca_dsl> well that took care of the first error
<ca_dsl> but there are a whole bunch of others
<ca_dsl> hads: I can send you the file
<ca_dsl> the output that is
<ca_dsl> ahh
<ca_dsl> hads you were right
<ca_dsl> the source code it too old for the kernal
<ca_dsl> http://ohioloco.ubuntuforums.org/showthread.php?t=777848
<ca_dsl> so basically this card is a 4 channel ide card for me
<ca_dsl> with no raid support
<ca_dsl> if I could download a pre-compiled driver for ubuntu 7 would it work on 8?
<ca_dsl> ie compile it on 7 and copy it my server (8)
<ca_dsl> ?
<ca_dsl> well i guess compile it on a previous kernel
<ca_dsl> and use it on the new kernerl
<ca_dsl> err kernel?
<ca_dsl> anyone?
<kgoetz> i doubt it would
<kgoetz> (read: it wont)
<fyrestrtr> does the server kernel have PAE support?
<thatguyisjames> heylow
<thatguyisjames> i have a handfull of qestions... that im shur any of you can easly anwser
<kgoetz> !ask | thatguyisjames
<ubottu> thatguyisjames: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<thatguyisjames> ok... i wanted to wait to make shur you all where alive..
<thatguyisjames> i have just installed the 8.04 ubuntu server on a older pc i have siting around. im just goofing around to basicly see what i can do, i want to learn more about web services and servers. now i have a ok knolage of command line, i can get around in CLI, but... i dont know much about servers. i know enuff about IP addresses to setup a small network. but i dont understand how i can get my dommain name to work and stuff..
<thatguyisjames> i have currently a static ip address setup... and the server is named \\server  ... the catch is how do i get it so i can go to the firefox addie..and type http://server and it load the page
<thatguyisjames> not just load the page... but load a html page that i made... i dont even know what folder to ftp into ..or if i can even ftp it...
<kgoetz> you need a dns server of some sort
<kgoetz> and an httpd i guess
<kgoetz> use scp to copy files around
<thatguyisjames> over the network?
<thatguyisjames> see im making the webpages on this desktop...and im going to ftp over to it.. or was... cuz thats all ive ever messed with is ftp
<kgoetz> use scp to copy files around
<thatguyisjames> the webserver is working.... when i type in the IP it conects and gives me LAMP's defualt of 'its working!'
<thatguyisjames> so syntax would be somthign like ' scp ~/site http://server/site
<thatguyisjames> or is scp the protacol
<kgoetz> scp is the tool. man scp
<kgoetz> (ssh is the protool)
<kgoetz> *protocol
<thatguyisjames> ok thats easy enuff so the syntax is pretty simple i omost had it right...
<thatguyisjames> scp thatguy@server ~/file.html
<kgoetz> almost
<kgoetz> scp ~/myfile login@server:
<kgoetz> and you'll probably want to make a public_html in your home on the server, and enable usermod
<thatguyisjames> oks.. now..where do i put that on the server..
<thatguyisjames> so in the home folder.. i need to make AH HA.. so the home folder is like the main index
<thatguyisjames> so make a dir  . then do a chmod 777 on it?
<thatguyisjames> i just dont get how the computer takes the ip address and turns it into a webpage
<thatguyisjames> i get that apache dose it.. i just dont get what its thinking and like how its ya works
<kgoetz> did you bother to read what i said :/
<thatguyisjames> yes... make a folder that is public and enable usermod...
<thatguyisjames> i made a folder named ... public...
<thatguyisjames> and i ran chmod 777
<kgoetz> you dont need or want to
<kgoetz> you want ~/public_html to be 755
<kgoetz> and your ~ to be 701
<thatguyisjames> ok
<thatguyisjames> now how do i view a hosted webpage, i just made a html doc on the server a simple one in nano, and i saved it test.html inside public
<thatguyisjames> is that where i should save the file... what i dont you understand is i am completly dumbfounded on how apache is hosting this i dont understand the background workings...so everything else is magic cuz i dont know the workings
<kgoetz> it would be easier to work with you if you used english.
<thatguyisjames> and i cant find crap online thats helpful... everything is telling you how to install apache .. bla bla ..but isnt explaing where to store the files.
<thatguyisjames> (my apologies for bad spelling and punctuation.) i will try and type slower so that its clearer, its just i am geting frustrated. all im looking for is a short explination on where to store my html files so that i can go to firefox, and type http://www.server.net/index.html  and get a page i made
<kgoetz> if you visit http://server.net/~yourusername/index.html you will see the index.html in ~/public_html on the server
<kgoetz> if you visit http://server.net/index.html you will see index.html in /var/www/ on the server (thats its default location at least)
<kgoetz> to get server.net to resolv to an IP address you will either need to add it to your clients hosts file, or setup a dns server of some sort
<thatguyisjames> ok and is that the /etc/resolv.conf (somone elses wrote a readme on how to setup LAMP) they mentioned this.
<thatguyisjames> http://onlyubuntu.blogspot.com/2007/05/ubuntu-704-feisty-fawn-lamp-server.html
<thatguyisjames> thats what i followed
<kgoetz> no its not. its the hosts file ( /etc/hosts) for static configuration, or a dns server
<thatguyisjames> ok i found host.conf it says
<thatguyisjames> order host,bind
<thatguyisjames> multi on
<kgoetz> did you find /etc/hosts?
<thatguyisjames> yes.. its /etc/host.conf
<kgoetz> NO ITS NOT
<thatguyisjames> oks.. i did ls |home so i can see it all....
<thatguyisjames> i have host.conf hostname hosts
<thatguyisjames> cat hostname prints out server
<thatguyisjames> should i change that to server.net or .com?
<kgoetz> no. server is fine
<thatguyisjames> oks now with the home dir it dont seem to be working, i cant accsess the server trew the name yet. ive just been doing http:// ip address/ and it brings up the index.html that is in /var/www
<kgoetz> have you done this? : (17:07:28) kgoetz: to get server.net to resolv to an IP address you will either need to add it to your clients hosts file, or setup a dns server of some sort
<thatguyisjames> 'add to your clients host file' that means on this comptuer .. i have to add server to the hosts file?
<kgoetz> yes
<uvirtbot`> New bug: #237557 in openssh (main) "chroot fails if compiled with SELinux support" [Undecided,New] https://launchpad.net/bugs/237557
<kgoetz> thatguyisjames: pastebin the contents of your hosts file and i'll give you an example
<kgoetz> !pastebin | thatguyisjames
<ubottu> thatguyisjames: pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<thatguyisjames> dude i got it... just add the ip and then add the name server
<kgoetz> no, then the servers name
<thatguyisjames> yep, in my case the name of the server is server
<kgoetz> "name server" means something else again :)
<thatguyisjames> yep http://server/ now gives me the it index page ... found in /var/www on the server
<kgoetz> woot :)
<thatguyisjames> oks thats a pretty simple fix, this is just a 'in house' fix tho... for small networks. my desktop is the only comptuer that knows to think of 192.168.1.2 as server every one else just sees the ip address
<thatguyisjames> now ... if i type http://server/thatguy/index.html i get a not found error
<kgoetz> needs to be http://server/~thatguy/
<kgoetz> (notice tilda)
<thatguyisjames> yep.. i noticed it..but i figured it was a typo
<thatguyisjames> still gives me a error saying not found on server
<thatguyisjames> do i need to chmod 755 the html file too?
<kgoetz> 644 should do
<thatguyisjames> still its not finding it
<thatguyisjames> do i need to do a link in the /var/www/ folder or dosnt apache need to know what folders to share to the 'net'
<kgoetz> sounds like the module isnt enabled properly (without knowing the error your getting)
<thatguyisjames> its a 404 error
<thatguyisjames> ' the reqested url was not found on this server
<kgoetz> how did you enable the userdir module?
<thatguyisjames> ... i installed LAMP... http://onlyubuntu.blogspot.com/2007/05/ubuntu-704-feisty-fawn-lamp-server.html
<thatguyisjames> i fallowed this read me exactly down to the static ip...
<thatguyisjames> look this whole thing is a learning experiance. im just trying to learn how all this works.i dont know anything about any of this. i know linux, i dont know web or server info at all
<kgoetz> right. so having installed a lamp server, you have to work out how to enable userdir
<kgoetz> btw, have you looked at https://help.ubuntu.com/community/ApacheMySQLPHP ?
<thatguyisjames> yes? ... as in i havnt done it yet
<thatguyisjames> i have googled everything i can thing of and cant find any good resorces ... just to explain the software...
<thatguyisjames> ok so it tells me to make a new file called 'mysite' inside of /etc/apache2/sites-available/ and point it to my home/user/public_html
<thatguyisjames> ive done this... now the name defualt means this is the defualt page loaded when the server is reached... how do i make it view the 'mysite' option?
<thatguyisjames> ahh.. im done for the night.. ill bug you peeps later. thank you for the link, that was very helpful, and you did help me understand alittle bit more then i did.
<kraut> moin
<mnemo> i installed windows server 2008 a while back, then I booted the hardy live cd and used gparted to resize my main NTFS and create a small ext2 fs as well.... when I rebooted the machine it failed to boot because gparted has overwritten tbe MBR... this is NOT good because tons of people will never install linux ever again if this happens
<mnemo> (I was able to restore the MBR with dd etc but most windows users won't have a chance to recover from such an error)
<mnemo> i believe this is a new bug which happens only with windows server 2008 because I did the same thing at home with my vista home premium and there everything worked fine
<bimberi> mnemo: Please report a bug at https://bugs.edge.launchpad.net/ubuntu/+source/gparted/+filebug
<mnemo> i dont have access to the windows server 2008 machine any more so I can't provide any detailed info on it
<mnemo> i posted a bug now anyway --> https://bugs.launchpad.net/ubuntu/+source/gparted/+bug/237585
<uvirtbot`> Launchpad bug 237585 in gparted "gparted makes MBR unreadable by win2008" [Undecided,New]
<danshearer> hello all
<danshearer> I want to create my first test blueprint. Any clues how to associate it with Ubuntu Server?
<danshearer> I went to https://blueprints.launchpad.net/specs/+new
<danshearer> Then searched for a project: ubuntu-server, ubuntuserver, serverteam....
<danshearer> ?
<danshearer> ah ha, I found this via the wiki: https://blueprints.launchpad.net/~ubuntu-server/
<kouta> experience with hardy on dell m1000e enclosure and m600 blades anyone?
<bimberi> mnemo: thanks :)
<uvirtbot`> New bug: #237587 in samba (main) "crash application before upgrade" [Undecided,New] https://launchpad.net/bugs/237587
<nijaba> danshearer: you just have to subscribe "ubuntu-server" to the blueprint. use "Subscribe someone else" on the left side. Also it is a good idea to mark Rick Clark/dendrobates as the approver.
<cjsstables> ikonia:  I have an ubutu client authenticated to my network server but the client cannot play sound from a cd rom.  Client does have access to the cd but just no sound.  I have verified that nothing is muted.  Any help here?
<cjsstables> ikonia:  umm.. I'm authenticated using ldap
<ikonia> cjsstables: hello, what's up
<ikonia> just reading
<ikonia> cjsstables: the cdrom is not local ?
<cjsstables> yes cdrom is local on the client.  it is playing fine.  just no sound on the client
<ikonia> how can it be playing fine on the client, but have no sound on the client ?
<ikonia> can you be a bit more specific
<cjsstables> What I mean is the I have rhythem box running.  IT accesses the cdrom just fine. and begins playing the Audio CD,  but I have no sound output
<ikonia> cjsstables: ok, can anything else work/play sound ?
<cjsstables> no
<ikonia> cjsstables: is your user in the audio group ?
<cjsstables> If I log on to the client with a local user (non network authentication) sound plays just fine.  Also on boot up I get the ubuntu drum roll...
<ikonia> ok, so it looks like your central authenticated user is not in the audio gorup
<ikonia> group
<ikonia> (at a guess)
<cjsstables> my guess is no the user is not in the audion group since the user is an ldap authenticated user
<ikonia> ok, so make a ldap audio group
<cjsstables> ok.  I know how to make an ldap group, but I don't know the ins and outs of making a specific audio group
<ikonia> on your local box the sound stuff is controlled via a group called "audio" with a gid of 30 (I think) easy think to do is to match that up in ldap
<ikonia> you can do it in am ore awkward way, but thats the easy way
<cjsstables> ok.  I use phpldapadmin to edit groups after I create them, so once created then use phpldapadmin to change gid to 30 right
<ikonia> call it audio too to keep it simple, but the key is the gid
<ikonia> see how that effects your client
<ikonia> (I now see why you where pointing out it was authed against ldap)
<cjsstables> ok I can do that...  how can I verify that the local client uses gid30 for audio?
<ikonia> cjsstables: look in /etc/group at the adutio group
<ikonia> audio
<ikonia> or do "id" on your local user
<ikonia> (the one that works)
<ikonia> or "groups"
<spiekey> hello
<cjsstables> ok.  I gotta switch users and be back....  thanks
<spiekey> could anyone please give me a dns server ip (anything but a german dns)
<Nafallo> 208.67.222.222
<ikonia> errr, most dns servers will be locked down from public use
<spiekey> Nafallo: thanks!
<Nafallo> also 208.67.220.220
<cjsstables> ikonia:  guess I have a problem with the local client.  I get the drum roll at the login screen, but no sound after a local login.
 * nijaba bbl
<cjsstables> so I guess I'll hold off on doing the audio group at the server and try to figure out why local sopund doesn't work
<cjsstables> anyone know of a good sound diagnostic wiki?
<ogra> https://wiki.ubuntu.com/DebuggingSoundProblems ?
<cjsstables> orga:  Thanks..  got that debugged...
<cjsstables> ikonia:  i did smbldap-groupadd -g 30 Audio and got error adding group
<mohamed_> hello all, i have ubuntu-server installed but alsa not installed by default, what package  i need to install for alsa to get sound working ?
<soren> mohamed_: For general (not server specific) support visit #ubuntu
<mohamed_> thanks soren i'll do now
<soren> :)
<mohamed_> i only because i installed ubuntu-server :)
<jjesse> morning
<sommer> morning jjesse
<zul> sommer: thanks for testing
<jjesse> how are you sommer?
<sommer> zul: no problem, I'm going to update my test production machine this morning to check for regressions, but so far looks good :)
<sommer> jjesse: I'm good, need some more sleepy time, heh
<jjesse> sommer: don't we all, was up watching the red wings game instead of going to bed
<sommer> ya that looked like a good game, but I missed it
<jjesse> recorded it and saved it to my dvr
<milestone> hi all
<milestone> is it no longer possible to configure software raid through the server installer?
<zul> sommer: sweetness
<zul> sommer: let me know as soon as possible if anything goes wrong
<milestone> i have to say software root raid
<milestone> as far as i remember it is possible with the etch installer
<saltedlight> hi. can anyone point me to a good tutorial to make a network server?
<sommer> saltedlight: https://help.ubuntu.com/8.04/serverguide/C/index.html
<stickystyle> In your ~/public_html folder you can put your files, php is supported.
<stickystyle> sorry, wrong #
<lukehasnoname> saltedlight: what sort of "networked server"
<lukehasnoname> web, ftp, file, etc
<lukehasnoname> router
<lukehasnoname> well sommer covered it.
<melter> is there a proper way to remove old kernels from /boot?
<lukehasnoname> yes
<lukehasnoname> I don't know it >_>
<saltedlight> i have a system that is connected to internet using pppoe on eth0. what i wanna do is to share the internet connection with other computers. for this i have the second network card, eth1, wich is connected to a switch. other computers should just be pluged in to the switch and they should get an local ip and get connected to internet
<saltedlight> i'm not shure if is the proper way to do that, but i just remove the old kernels from /boot/grub/menu.lst and then delete each of them from /boot
<\sh> melter, apt-get remove linux-image-<version> ?
<uvirtbot`> New bug: #237630 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.51a-3ubuntu5.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1 - fails due to AppArmor" [Undecided,New] https://launchpad.net/bugs/237630
<lukehasnoname> http://mibbit.com/pb/BYl9df
<lukehasnoname> saltedlight look at that
<lukehasnoname> not sure if it will help
<tomsh> is there some howto for ubuntu server 8.04 and raid installation?
<zul> jdstrand: can you look at that new mysql bug?
<heno> Hi soren. Filed a qemu bug for you, complete with screenshot and patch :) bug 237635
<uvirtbot`> Launchpad bug 237635 in qemu "qemu mouse and keyboard grab is an accessibility problem" [Medium,Triaged] https://launchpad.net/bugs/237635
<jdstrand> zul: responded
<zul> jdstrand: thanks..
<soren> heno: Heh.. thanks.
<tomsh> is it possible having /boot partition on a ubuntu server raid installation?
<_ruben> sure
<tomsh> when i try with installer it fails
<_ruben> /dev/md0 on /boot type ext3 (rw)
<_ruben> works like a charm
<_ruben> didnt do anything special to make it work either
<tomsh> i create only one raid device
<tomsh> #0
<soren> so where's your root partition?
<tomsh> i try o use only one raid device with all partition on it
<tomsh> and i have boot and / partition on the same software raid device
<tomsh> partman fails with this error
<tomsh> Error running tune2fs -l dev/md/0
<ikonia> errr, most dns servers will be locked down from public use
<ikonia> cjsstables: how did you get on
<ikonia> (oops, ignore the first line)
<_ruben> tomsh: you cant create multiple partitions on a md device, you need a single md device for each partition
<_ruben> but im out .. bbl
<tomsh> ok
<tomsh> thanks
<soren> tomsh: Er..
<soren> tomsh: How would you put more than one filesystem on a single block device?
<soren> LVM?
<tomsh> no
<Ali_ix> Hi, i need a web-based GUI for an ubuntu server running apache and some ftp server (proftpd maybe) to do the accounting and general monitoring. any suggestions or recommendation?
<tomsh> soren: you are right but installer permits this way
<soren> tomsh: How?
<tomsh> soren: installer fails during partitioning but permit to put more than one filesystem using menu
<soren> how`
<soren> ?
<tomsh> after creating raid device
<tomsh> if i use guided partitioning
<tomsh> it put / and swap on the same raid device
<soren> The guided partitioning did?
<tomsh> yes
<tomsh> i'm tryng with a virtual server now
<soren> I'd talk to the good folks in #ubuntu-installer about this, if I were you.
<tomsh> i have to do other test
<tomsh> now grub fails...
<tomsh> coffee break now... :)
<jjesse> any way to get official cds of the ubuntu server?
<Guiri> Hey guys. I've implemented an icecast2 server, but using ffmpeg2theora with oggfwd renderse horribly out of sync videos. I'm working on an mplayer hack right now that'll encode from raw streams sitting in a buffer. In the meantime, any other ideas for a small streaming server for 5 people?
<zul> jjesse: shipit.ubuntu.com is what you are probably looking for
<jjesse> zul: can i get official server cds from there?  i know i can get official ubuntu cds but didn't know if i can get official server cds
<zul> jjesse: I believe so but if you download the iso thats offical as well
<jjesse> i know  was hoping for something shiny and nice like i got at UDS Boston
<zul> jjesse: yes you can get an offical server cds fom shipit
<jjesse> zul thanks
<jjesse> zul: thanks for the info always used shipit.kubuntu instead of shipit.ubntu
<Guiri> any idea why permission to copy files would be denied to the Darwin Streaming Server ./Install? I'm running as sudo and tried as root.
<sixstone> hi all, is there anyone who have tried heartbeat in hardy using IPaddr2 as clone resource?
<Guiri> anyone on permissions problem above?
<zul> mathiaz: ping
<zul> mathiaz: so I went through all of the upstream openldap bugs and divided them into crashers/hangs, syncrepl bugs, and other ran the openldap testsuites, sommer is running it on his test servers without any problems so far and I just have to file all the SRU paperwork and do the upload to proposed
<mathiaz> zul: awesome !
<mathiaz> zul: which bug number ?
<zul> mathiaz: still writing up the bug :)
<zul> mathiaz: bug #237688
<uvirtbot> Launchpad bug 237688 in openldap2.3 "[SRU] openldap 2.4.9 from 8.04.1." [Undecided,New] https://launchpad.net/bugs/237688
<babolat> A newbie here. just got LAMP working. I was wondering if there was a way to assign my IP a public hostname when I have dynamic service. i'd love a live test/demo site for this little project im doing..
<zul> babolat: dyndns.org
 * danshearer is away: blah
<mathiaz> zul: where the two test run sucessful ?
<zul> mathiaz: yep
<mathiaz> zul: hm - were qa-regression and upstream tests sucessful ?
<mathiaz> zul: did some of them failed in 2.4.7 ?
<zul> mathiaz: yeah there are two tests that are know to fail
<zul> s/know/known/g
<mathiaz> zul: known to fail in 2.4.7 and 2.4.9 ?
<mathiaz> zul: or only 2.4.7 ?
<zul> mathiaz: known to fail in 2.4.7 and 2.4.9 because of the way we build openldap I believe
<uvirtbot> New bug: #237688 in openldap2.3 (main) "[SRU] openldap 2.4.9 from 8.04.1." [Undecided,New] https://launchpad.net/bugs/237688
<mathiaz> zul: I'd update the bug description to specify that both test suites are sucessful
<mathiaz> zul: and that the tests that fail, also failed on 2.4.7
<mathiaz> zul: ie no regression were introduced as far as tests are concerned
<lsal> i may joined the discussion a bit late and I dont know what you guys were talking about but i just gave up on openldap yesterday since i could not implement tls
<zul> mathiaz: grr its complaining about a bad md5sum
<mathiaz> lsal: would this be your problem: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5360;selectid=5360 ?
<mathiaz> lsal: could you try openldap 2.4.9 for hardy - it's available in zul PPA - https://launchpad.net/~zulcss/+archive
<lsal> i will scratch the whole thing and start it now. I am following this procedure for the certificates http://www.openldap.org/faq/data/cache/185.html
<lsal> is anything else to add in the slapd.conf or ldap.conf
<kees> kirkland: random thought while review my TODO list, can you add to the "Private directory" blueprint the need to document the adduser configuration files better so that admins can set home dirs to 700 by default if they want to?
<kirkland> kees: sure
<kees> thx :)
<zul> mathiaz: uploaded to hardy-proposed
<ryoohki> test
<kirkland> kees: done, added to "Outstanding Issues" -- https://wiki.ubuntu.com/EncryptedPrivateDirectory
<kees> perfect
<franco81> I'm having trouble with a new install of mysql whereby I cannot log in as the root user, only as user mysql, and in which case I cannot access the mysql db and edit the users table...any help appreciated
<kees> can we add http://sourceware.org/systemtap/wiki/utrace/tests to a checklist somewhere for kernel testing once the intrepid kernel is out?
<zul> kees: we should start a wiki page on u.c that lists how to run test suites on our packages
<ctx144k> hello all
<ctx144k>  iam using ubuntu8.04 (server)
<ctx144k>  is there a way to set default-grub-parameters in a config. so that after an update they will allways use automaticly
<ctx144k> i mean grub-parameter like  ro quiete splash
<kees> ctx144k: edit your /boot/grub/menu.lst line '# defoptions=...'  changing "..." to whatever you want, and then "sudo update-grub"
<ctx144k> kees, one moment, ill look for it
<ctx144k> nice, ill try
<ctx144k> kees, that is not what i mean
<ctx144k> after a kernel-update grub is reconfigure the menu.lst
<ctx144k> i need lang=de_DE for the new kernel
<JanC> ctx144k: did you read 'man update-grub' ?
<JanC> and the comments in the default menu.lst ?
<slimjim8094> sup guys
<slimjim8094> anyone there?
<mathiaz> !ask | slimjim8094
<ubottu> slimjim8094: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<kirkland> kees: regarding EncryptedPrivateDirectory, I'm going to need to get ecryptfs-utils from universe into main, so we'll probably need to have a code review of it at some point, right?
<slimjim8094> ubuntu server 8.04 with bind9 authoratative for my domain and dhcp3-server on the same computer. need dhcp3-server (or alternately the dhcp client) to update the ddns records in bind
<kirkland> kees: can we set aside some time for that during our July sprint?
<kees> kirkland: sure, that sounds good
<kees> kirkland: it might be a good idea to start the MIR process for it now anyway, since there is more than just the audit to do.
<kirkland> kees: you bet, i'm capturing that in the outstanding issues in the spec, at the moment
<kees> eeeexcellent</burns>
<emgent> heya people :)
<kees> heya emgent
<slimjim8094> regex n00b help: " named\[.(computer|192.168.1.100)"
<slimjim8094> never mind
<kirkland> zul: debdiff uploaded to https://bugs.edge.launchpad.net/ubuntu/+source/apache2/+bug/235294
<uvirtbot> Launchpad bug 235294 in apache2 "[SRU] apache2 mpm-worker segmentation fault." [Undecided,Confirmed]
<mathiaz> kees: is there any reason to keep the logic and dependencie on openssl-blacklist in ssl-cert in intrepid ?
<mathiaz> kees: IIUC we don't need to check that the snakeoil cert has been generated with a vulnerable openssl since we'd only upgrade from hardy
<kees> mathiaz: hm, well, I'm unsure.  What about hardy-to-LTS+1?
<mathiaz> kees: hm.. we support upgrade from LTS to LTS+2 ?
<kees> dunno, but since hardy was affected, I'd guess we'd want to keep it.
<mathiaz> kees: hardy has an updated version of ssl-cert - and before starting a dist-upgrade, end user are supposed to run an update
<kees> "supposed to" is the key there.  I'm certainly on the fence about it.
<mathiaz> kees: keeping around means we'd support from hardy that haven't installed the ssl-cert update
<kees> yeah, I think perhaps not then -- double check with jdstrand, though.  he spent much more time on the ssl cert part of the problems.
<uvirtbot> New bug: #237768 in krb5 (main) "Please sync krb5 1.6.dfsg.3-2 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/237768
<ajmitch> if they've still got bad ssl certificates by the time they go to upgrade, they've got issues
<soren> mathiaz, kees: I'd prefer to keep it.
<mathiaz> soren: why ? it's the only diff with debian.
<soren> There's a difference between which upgrades paths are supported and which upgrade paths we'll accept might leave you with a highly vulnerable system.
<soren> mathiaz: What has debian done to combat the ssl problem in ssl-cert? Nothing?
<mathiaz> soren: AFAICT yes
<soren> I'd much rather work towards getting the cool stuff into Debian and then keep it.
<soren> I for one sometimes upgrade from odd versions of Ubuntu to whatever is current.
<mathiaz> soren: right - that's the another option
<soren> ...because I'm perfectly fine with the "if it breaks, I get to keep both pieces" policy.
<soren> I'm not so much fine with the "if you don't do exactly what we say, your system will be horribly, horribly insecure" idea :)
<shelbyscates> hey guys
<shelbyscates> i just installed ubuntu server hardy on a new server i got hold of
<shelbyscates> im 13 and im a unix "user" but very new to ubuntu
<shelbyscates> and i know how all nice you guys are to n00bs... :P
<shelbyscates> so i was wondering if i could ask for a bit of help
<kirkland> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
#ubuntu-server 2008-06-06
<shelbyscates> i want to set up my ssh authorized keys and i also want to install a gui if im in a tight spot with the command line
<shelbyscates> well, its my first time here,.. sorry
<shelbyscates> so could someone help me 1. install a little gui, or 2. help me set up my ssh authorized keys?
<kirkland> shelbyscates: 2) https://help.ubuntu.com/community/AdvancedOpenSSH
<kirkland> shelbyscates: 1) do you want a full graphical interface, like the Ubuntu Desktop?  or something lighter weight?
<shelbyscates> thanks a ton mate :)
<shelbyscates> well, im thinking fluxbox or xfce
<shelbyscates> i have plenty of power, but nobody ever complianed about speed.
<kirkland> shelbyscates: you might find this documentation search useful, http://people.ubuntu.com/~kirkland/search.html
<kirkland> shelbyscates: apt-cache search fluxbox
<kirkland> shelbyscates: apt-cache search xfce4
<kirkland> shelbyscates: that'll show you the packages available
<kirkland> shelbyscates: you can install fluxbox by "apt-get install fluxbox"
<shelbyscates> oh, ok
<shelbyscates> so after i install it, how do i start it?
<kirkland> shelbyscates: reboot, and it should start right up
<shelbyscates> so after i install xfce  how do i start it?
<kirkland> shelbyscates: otherwise, "startx" maybe?
<shelbyscates> oh thanks
<kirkland> shelbyscates: startx usually starts the xwindow system
<shelbyscates> yup it does
<kirkland> shelbyscates: i haven't used xfce in that manner in a while, though
<shelbyscates> so also, if it does start right up, how do i get back to my friendly command line?
<shelbyscates> oh, could i install ubuntu-desktop on top of my server gui and boot server or desktopp fom the command line?
<shelbyscates> and if i installed ubuntu desktop would i be able to manage my server with the gui?
<shelbyscates> and one more thing
<erichammond> shelbyscates: Sure, apt-get install ubuntu-desktop
<shelbyscates> im setting up ssh, and when i try to ssh into my server from my laptop, it always redirects to my old server even though i have everything configured correctly
<shelbyscates> thanks erichammond :D
<shelbyscates> nevermmind on the ssh question, it was my router :D
<shelbyscates> thanks all of you guys! :)
<shelbyscates> ( i hope thanking isnt looked down upon ) ;)
<mesaynaysayer> ok yet another one
<mesaynaysayer> i just installed ubuntu server and i need to know start to finish how to get a working mail server set up
<mesaynaysayer> and running) lol
<erichammond> mesaynaysayer: TMTOWTDI but perhaps https://help.ubuntu.com/community/PostfixBasicSetupHowto
<mesaynaysayer> hey guys i installed ubuntu-desktop on top of ubuntu server, and now theres no way to get my command line back, plz help :(
<mesaynaysayer> oh wait i have an idea
<slimjim8094> mesaynaysayer
<slimjim8094> i'll try and give you a hand
<slimjim8094> mesaynaysayer - you there?
<mesaynaysayer> thats ok, i got iut thanks :)
<mesaynaysayer> you guys are awesome :)
<mesaynaysayer> i got wmii working great, and now im ready :)
<mesaynaysayer> i must say, you guys really did a good job!
<mesaynaysayer> you all deserver a high five :D
<mesaynaysayer> XD deserver - wonder whats on my mind :P
<mesaynaysayer> but you guys really did a great job with making ubuntu and helping everyone else :)
<mesaynaysayer> id be really lost without you :)
<slimjim8094> hey - is anybody a dns genius here?
<slimjim8094> i'm at my wit's end
<slimjim8094> bind9 + dhcp-server - want to do dynamic dns updates so my dynamically-assigned hostnames are in DNS
<slimjim8094> no errors, it just doesn't work
<slimjim8094> keep getting a NXDOMAIN
<mesaynaysayer> hey, could anyone help me set up my mail server?
<mesaynaysayer> sorry,im a n00b
<erichammond> mesaynaysayer: Gotta run, but perhaps the "Email Services" section here has relevant info: https://help.ubuntu.com/8.04/serverguide/C/index.html
<erichammond> mesaynaysayer: (I'm a Postfix fan)
<mesaynaysayer> ok i got it :D
<mesaynaysayer> thanks so much
<mesaynaysayer> can someone tell me how to use "mail" lol XD
<mesaynaysayer> when you type mail in the com,mand line, does it bring up postfix?
<malakhi> as in typing the command 'mail' ?
<bimberi> mesaynaysayer: no, you need to install 'mailx' to get the mail command
<mesaynaysayer> well, for some reason my mailbox works and i can send and recieve mail
<mesaynaysayer> but i have no idea how to write a message when i enter the command 'mail'
<mesaynaysayer> it brings up something and it lists messages i can send to myself
<mesaynaysayer> but i dont know how to reply :(
<owh> mesaynaysayer: "man mail" will give you all the answers. Alternatively install another mail client, like elm for example.
<lamont> mesaynaysayer: postfix is a mail transport, not a mail user agent.  mailx, elm, mutt, thunderbird, evolution, etc are mail user agents
<mesaynaysayer> oh ok
<mesaynaysayer> well, sorry to be such a n00b, but all i know is that when i type mail it gives me a usage and it'd sure be nifty to know how to use it ;)
<mesaynaysayer> oh, thanks owh :)
<owh> I'm needing to implement a google search for a team mailing list on the team wiki page, but I'm unsure how best to achieve that in such a way that I get an input box and a search button, rather than just a link to a google page. Any suggestions where I might ask this question?
<ajmitch> can that be done on the wiki we use?
 * ajmitch imagines that the doc team or related groups may know best
 * owh asks in #ubuntu-doc :)
<nealmcb> !mta | mesaynaysayer:
<ubottu> mesaynaysayer:: A Mail Transfer Agent (MTA) is the server software that sends and queues mail. The default MTA (and !MDA) on Ubuntu is !postfix ("exim" is also officially supported). See also !MailServer and !MUA
<nealmcb> !mailserver
<ubottu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/7.10/server/C/email-services.html
<nealmcb> !mua
<ubottu> A Mail User Agent (MUA) is the application you use to read email messages. Examples include Evolution, !Thunderbird and mutt. MUA's are required to read mail on your system and could be compared to the mail functions of Microsoft Outlook.
<owh> !factoids
<ubottu> I am ubottu, the all-knowing infobot, standing in for ubotu while he's getting his haircut done, nose powdered, updated and transitioned to his new gorgeous looks in the near future ;)
 * nealmcb lol
<owh> That was useful :)
<nealmcb> !help
<ubottu> I am ubottu, the all-knowing infobot, standing in for ubotu while he's getting his haircut done, nose powdered, updated and transitioned to his new gorgeous looks in the near future ;)
<nealmcb> blah blah blah
<ajmitch> !nealmcb
<ubottu> Factoid nealmcb not found
<ajmitch> how unfortunate
 * nealmcb is insulted
 * nealmcb is not a bot!
<ajmitch> I'm sure we can get that changed
<nealmcb> :)
<nealmcb> the singularity is near!
<owh> ubottu: nealmcb is a semi humorous individual.
<nealmcb> lol
<nealmcb> lo
<dr_dasos> i'm a bit new to this aspect of computing, but if i wanted tocreate LAMP servers for my friends, i would have 1 base computer running ubuntu server + vmware server, and create a master image based off jeos, and just load them up each time, correct?
<owh> Hmm, that was forwarded to ubuntu-ops :-|
<nealmcb> dr_dasos: we prefer kvm, and it is faster and easier to build with ubuntu-vm-builder
<nealmcb> but otherwise, sure - have a go at it
<nealmcb> !kvm
<ubottu> Factoid kvm not found
<nealmcb> oh dear....
<nealmcb> !virtualization
<ubottu> There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications
<nealmcb> !qemu
<ubottu> qemu is an emulator you can use to run another operating system - see https://help.ubuntu.com/community/WindowsXPUnderQemuHowTo
<dr_dasos> hmm, kvm? i'm barely familiar with vmware as it is =P  but could you give me a quick point or two on why kvm over vmware?
<owh> dr_dasos: Because vmware is not yet supported under hardy and kvm is Ubuntu's virtualisation tool of choice at this time.
<nealmcb> ubottu: kvm is the preferred virtualization approach in Ubuntu.  For more information see https://help.ubuntu.com/community/KVM
<dr_dasos> cool, thanks for the links, gonna read up on it
 * owh wonders how to tell ubot*u how to forget the new factoid about nealmcb
<ajmitch> heh
<nealmcb> owh: well, ubottu ignored it, and the folks in #ubuntu-ops will probably ignore it also, and demote you from all Ubuntu responsibilities at the same time
<nealmcb> :)
<ajmitch> cast out into the outer darkness & all
<owh> nealmcb: Excellent, will that leave me more hours in my day?
<nealmcb> and we'll all end up in front of the CC in no time
<nealmcb> :)
<ajmitch> hat in hands, pleading our case?
<owh> CC?
<nealmcb> community council
<owh> Ah
 * owh goes to fetch an Acubra.
<owh> (For holding in hand.)
<ScottK> It's pretty well established they won't actually do anything.  I shouldn't worry to much.
<dr_dasos> quick question already, for kvm do i need certain capability in my hardware, or is that something it will automatically detect and optimize for?
<owh> ScottK: The CC or the ops :)
<dr_dasos> because i think both amd and intel have on chip virtualization these days
<nealmcb> dr_dasos: you need the bits as described in that help page
<ScottK> owh: CC.
<ScottK> Ops are inconsistent.
<ajmitch> </bitter>
<nealmcb> or you can use qemu, but it is much slower, but that may not matter for a simple web server
<lamont> owh: interesting... I'm running vmware on hardy..
<owh> lamont: How did you do that?
<lamont> then again "works" is slightly different from "supported"
<lamont> owh: how do you mean?
 * owh gets ready to wrestle the keys from lamont.
<nealmcb> the ops have been very helpful to me when I do mean to add factoids to ubottu
<owh> lamont: Well, did you package it, use an existing package, or install from source?
<lamont> or was that another one of those where I had to fix a build failure in vmware-config.pl...
<lamont> source tarball from vmware
<lamont> 6.0.3
<owh> Yuk
<lamont> and it quite possibly has a diff
 * owh wants apt-get support or nothing :)
<lamont> owh: it's how I've installed it since vmware 2.
<owh> lamont: Fair enough. I've been using it since Workstation 3.2, but installing from source is not my favorite activity.
<owh> lamont: The installer leaves crap everywhere.
<nealmcb> ubottu: virtualization is <reply> There are several solutions for running other operating systems (or their programs) inside Ubuntu, while using the native CPU as much as possible: !kvm is the preferred approach in Ubuntu.  See also !QEmu (with !KQemu), !VirtualBox, !VMWare, as well as !WINE and !Cedega for Windows applications
<lamont> owh: well, I do admit that I drop things into /usr/bin, rather than /usr/local/bin :-)
 * owh shudders
<lamont> it made my life easer for the 20 minutes that there were debs in ubuntu
<owh> ROTFL
 * owh hasn't yet transitioned from Gutsy because of VMware and also not migrated to kvm yet.
<lamont> sadly, my primary use of vmware is a windoze XP instance
<lamont> and I cannot adequately express how much that pains and offends me.
<nealmcb> lamont: what is the critical app/use case?
<lamont> nealmcb: quickbooks.
<lamont> and the singular critical decision factor that overrides any other app?  "my accountant uses quickbooks"
<nealmcb> lamont: so let me guess - your association with Ubuntu and Canonical leads you to need financial accounting software that leads you to Windows?
<owh> lamont: Funny you should say that, for me it's WinNT and MYOB.
<lamont> so, baring a linux port of quickbooks?  windoze+quickbooks/windoze
<nealmcb> Macos?
<ScottK> nealmcb: The ops have a widely varying definition of what consitutes abusive behavior.  The predominate view seems to vary significantly from mine.
<lamont> nealmcb: heh
<lamont> doing some small business books (which goes back 10 years) leads me to needing financial software
<ScottK> lamont: I pretty stunning amount of stuff that never worked on WINE before works now (in Hardy).  It might be worth a try.
<owh> lamont: Same here.
 * ScottK had iTunes 7 working for a while.
 * owh cannot get the data out of MYOB.
 * ajmitch thankfully doesn't deal with that stuff
 * owh confesses that choosing MYOB was the worst business decision ever made.
<ScottK> dendrobates: https://blueprints.launchpad.net/ubuntu/+spec/server-flavors
<lamont> ScottK: hrm...  OTOH, finances + hackish software reimplementing the code that redmond tested into existance in the first place?  maybe not so much.
<ScottK> iTunes 7 is a critical use case for my teenagers
<ajmitch> owh: I've only briefly seen it, is it that bad?
<owh> lamont: You mean, worse than the abomination that is GNUcash?
<owh> ajmitch: The software was written by accountants and uses a single file database of some or other format.
<owh> ajmitch: Do I need to tell you more?
<ajmitch> the first part was enough
<owh> ajmitch: That's why I mentioned it :)
<nealmcb> soren, sommer: note a few quick shots at virtualization factoids for ubottu above.  we should do a more comprehensive job though...
 * owh wanders off to feed face.
<lamont> owh: runing my finances under wine is something I figure I might do on (1) test data, or (2) when intuit tells me that's their linux support strategyu
<lamont> quickbooks is actually pretty good, as far as accounting software goes.
<lamont> remember that the primary objective of accounting software is to keep your accountant happy.
<lamont> because happy accountants spend less time on your books, and therefore charge you less money.
 * ScottK thought the primary purpose of accountants was to haul off my box of receipts and invoices and turn it into sensible reports to the government.
<lamont> ScottK: that's another approach..  it costs more.
<lamont> I generally pay for 1-2 hours of accountant time at tax time
 * ScottK pays more
<lamont> of course, the vmware engine does come in handy for tossing ubuntu isos at, as well
<lamont> the fan on the 1U test box is a bit noisy, you see...
 * lamont never heard of MYOB
<lamont> generally, for small business finance, the only question is "Quickbooks, or PeachTree?"
<owh> lamont: In Oz, it's MYOB or QuickBooks.
<lamont> ok
 * nealmcb finds an old, unpatched, vulnerable webmin 1.170 on a machine at a local nonprofit....   wonders if proper packaging with security updates would be better than ignoring these things....
<ajmitch> same for NZ, naturally
 * owh initially started running the business with FileMaker and Excel.
<owh> ajmitch: Dunno.
<owh> nealmcb: No, packaging just gives you the feeling of security :)
<lamont> nealmcb: it's webmin... is it even possible to package it properly, other than with a trashbag?
<nealmcb> somebody else to blame....
<lamont> kewl.  bandwidth quota numbers integrated into cricket.  win
<owh> lamont: You could package it using /dev/null as the target ;)
<lamont> owh:  device files are not allowed in the archive as debs....
<owh> lamont: Hmm, shame really :)
<nealmcb> lamont: we're looking for current webmin issues that are architectural flaws, not bugs.  but they are hard to find.  telling the world to become savvy command-line sysadmins doesn't fit well with the ubuntu mission....  same with ebox, etc....
<lamont> *** glibc detected *** /usr/games/kobodl: double free or corruption (fasttop): 0x082d11f0 ***
<lamont> kobodelux FTW!
<dr_dasos> cool, thanks for all theinfo guys, it seems that kvm is the way i will go, just to make sure, there's no way to use kvm with windows as the host os, correct?
<lamont> nealmcb: yeah
<lamont> OTOH, administering a machine without acquiring clue is also fraught with peril
<nealmcb> well, looking for architectural flaws that are bad enough to refuse to package and suffer the consequences....  plain old architectural flaws are a dime a dozen :)
<owh> lamont: It's happening more every day. Just because you can, doesn't mean you should. We should have learnt that with PageMaker and a LaserWriter :)
<nealmcb> so is walking across the street
<nealmcb> our mission, should we choose to accept it, is to make common things easy and safe
<lamont> owh: it happens.  the only question is whether it's better to enable them, or discourage them.  the mission statement makes the answer crystal clear.
<lamont> hence the pain of trying to implement clue in the gui
<nealmcb> :)
<owh> nealmcb: You do realise that this is really Mission Impossible don't you? Just because you make a wrapper around a complex process doesn't mean that you are actually making common things easy and safe. Think for example, a company that can easily and safely install MySQL and run a Tb of data. Then they find out there is no backup.
<thatguyisjames> ok. i got my ubuntu-server setup. i have ssh, samba, and LAMP... now i just want to learn about servers and stuff.. im picking up pretty quick... qestion is .. what can i make my server do that will help me.. or serve me with anything
<owh> ROTFL
<thatguyisjames> sersly .. like i have no use for this.. execpt learning purposes.. but whats next...
<thatguyisjames> i have a hand full of webpages hosted ... and i setup apache to host my home dir... and samba to share directorys..
<thatguyisjames> and im doing this all trew remote login in x-term .. with ssh
<dr_dasos> i dunno, check and make sure it works fine as a file/print server for the rest of you network, give small hosting accounts to friends and have them screw it up and start fixing it
<owh> thatguyisjames: Just because my ROTFL came after your question doesn't mean I was laughing at you. In case of fact, we were just discussing your exact type of scenario and I laughed out loud because you illustrated my point exactly.
<nealmcb> thatguyisjames: it really depends on what sorts of things you want to do....
<thatguyisjames> see i get that you need a a problem ..befor you can come up with a solution...
<thatguyisjames> and as of right now... im trying to make a solution... when there realy isnt a problem... i just want to learn more about servers and how they work..
<thatguyisjames> thats somthing im intrested in .. the log in trew xdrm isnt it.. or w/e its called.. where you log on to a remote acount ...
<nealmcb> thatguyisjames: in that case, make it redundant and scalable :)
<thatguyisjames> lol ... i do happen to have 3 older dells laying in the garage ...that are perfect for that.. they even fit on a rack perfect!
<dr_dasos> and get them to turn off and turn on based on whatever criteria you need, 4 computers chugging can eat up a lot of watts
<nealmcb> thatguyisjames: then implement virtualization to aggregate them into one machine at night, and make soren happy
<thatguyisjames> ok... soo.. i need to run what command.... sudo nano /etc/imposable.conf ?
<dr_dasos> what's the process called where VMs are handed between computers
<thatguyisjames> i mean edit what file*
<nealmcb> dr_dasos: migration
<thatguyisjames> i say im a noob to servers .. and your talking clusters... gaaa...
<dr_dasos> sounds interesting, though i guess mentally i can't see how it can be migrated seamlessly
<dr_dasos> those VMs can get kinda big
<nealmcb> thatguyisjames: you've established that you learn quickly, but can't decide what practical benefit you want to acheive, so this is the obvious direction to lead you in.  some day you'll get a boss who will pay you to tell you what to do....
<nealmcb> :)
<thatguyisjames> so ill tell myself what to do ?
<thatguyisjames> and ill get money.. for telling myself what to do
 * lamont declares bedtime
<lamont> g'night y'a;;
<lamont> y'all, to
<lamont> o
<spiekey> Morning
<mesaynaysayer> hey guys i have an ubuntu mail server and i can recieve messages but not send them what do i do to be able to send messages?
<mesaynaysayer> im using mutt on wmii
<mesaynaysayer> ubuntu server hardy
<mesaynaysayer> just the default mail server
<spiekey> does anyone know a ubutnu admin service you can pay for? :)
<bimberi> Canonical!  Let me find the link...
<\sh> spiekey, ubuntu admin service?
<bimberi> spiekey: http://www.ubuntu.com/support/paid
<\sh> you need sysadmins?
 * \sh should reopen his business 
 * bimberi drafts his commission claim ;p
<\sh> bimberi, this is not admin service...it's support ;)
<bimberi> \sh ssssh!
<spiekey> we need some help with confixx, php, apache, etc...
<spiekey> so its not really that ubuntu specific
<kraut> moin
<spiekey> moin moin
<spiekey> so, yes. We need some sysadmin knowhow :)
<\sh> oh jehova...da confixx
<\sh> solution: just delete it, pay some bucks for a guy who knows his job ;)
<\sh> ah german ;)
<\sh> 1&1 ?
<spiekey> no :)
<\sh> strato?
<\sh> hetzner?
<spiekey> no :)
<\sh> don't tell me you bought the crap
<spiekey> well, right now we pay ~110â¬/Month for Manageing, Backups and the hardware
<spiekey> find a admin for that!
<spiekey> i bet once its set up it does not take much care though...
<\sh> spiekey, you talk about confixx...I had a couple of customers who had this...one update.and nothing worked again
<spiekey> hehe, yes. sounds like confixx :P
<\sh> in the past...confixx had the worst sechole ever...added a mysql user, with bash shell but no password, just because confixx wanted this
<spiekey> we dont really care...we just want a confixx like interface for the end customer.
<\sh> most of the 1&1 server housing park had to be updated and before that they were all vulnerable
<spiekey> if we move away from confixx we would also need some export/import solution :)
<spiekey> thats why i asked for confixx
<\sh> spiekey, i think you should try this forum for rootserver in .de ... I think you find some people dealing with this confixx crap...and some of them are cheap too
<spiekey> okay, thanks
<\sh> spiekey, but beware...you can't trust people you pay only a couple of bucks...when you have to pay 150â¬/h it's ok.. or around 600 to 750â¬/day excl. mwst...and a good freelancing contract..then you get quality...below that...don't trust those people..
<spiekey> year, thats something wich gives me a headace :)
<spiekey> gotta go, be back in a while
<\sh> normal prices for freelancing sysadmins in .de
<\sh> and that's even cheap :)
<Kapli> Does the ubuntu server cd come with a desktop or do i have to install it manually after installation?
<Nephelauxetic> since the latestes openssh server updates X11 forwarding is slow. does anyone know why and what to do?
<\sh> Kapli, as server implies, no desktop for -server flavour
<Nephelauxetic> ssh -X is slow. xhost/telnet with DISPLAY set not. Who knows a solution?
<_ruben> get faster hardware? encryption requires more power than plain X
<Nephelauxetic> that's not the problem
<Nephelauxetic> it use to be very fast on even older machines
<Nephelauxetic> also compression is not the problem
<Nephelauxetic> it was fast in gutsy but is slow in hardy
<_ruben> its not a server specific problem either most likely
<Nephelauxetic> it was fast in debian etch but after some updates it go slow
<Nephelauxetic> you think it's the ssh client?
<Nephelauxetic> I doubt because I tried different verions of openssh and  sun's ssh client
<_ruben> no, i think its not an ubuntu-server problem
<_ruben> since X isnt an ubuntu-server feature
<Nephelauxetic> so where to discuss openssh-server?
<Nephelauxetic> it's not an X server problem. it's an ssh server problem
<Rommy02> Hello all, I'm trying to install Ubuntu-Server on a pc with no cdrom, and my only option seems to be a USB thumbdrive I have (2gigs). However, When i try to write the ubuntu-server iso to the disk using dd if=/dev/sdb of=/path/to/ubuntu-server-image.iso bs=512 it seems to produce an unbootable usb drive... is there some other step i'm missing? Thanks.
<InsomniaCity> yeah - that won't work afaik
<InsomniaCity> you'll need to have a look for instructions on producing a bootable USB drive
<Rommy02> Ok, so my next approach would be to get a bootable usb drive, and then use another one to store the actual files for the install and run it like that then eh?
<primski> e
<primski> or sry, wrong paste :p got link, just a sec
<primski> https://help.ubuntu.com/community/Installation/FromUSBStick
<primski> check the isotostick.sh script section, very easy
<primski> just run the script and it will make ur usb key bootable, and extract the iso on it
<Rommy02> cool - thanks primski
<primski> np
<Rommy02> Well, I've gotten the usb thumb drive to boot properly, according to this guide I now need to boot the thumb drive (sda1) as the cdrom. It has me going about this in a rather roundabout way ... (linking /dev/sda1 to /dev/cdroms/cdrom0) however, when I mount this with the format I specified when making it (ext2) i get no such device ...
<Rommy02> is there some way I can verify what this drive is showing up as besides dmesg? (because that shows sda)
<primski> mounting? where? if you mount, upon reboot, those get lost
<primski> you need to set up in your bios to boot from usb, should it support it
<Rommy02> well, i ran the setup, and it got to the phase where it's looking for the cdrom and fails
<primski> aha
<primski> oh
<primski> i think the fs on usb is fat16, try that instead of ext2
<primski> or do a fdisk -l to see what fs its
<Rommy02> well, when i formatted the usb disk, i did specify ext2
<primski> aha
<Rommy02> i wasnt sure how to format it in dos as fat16, heh
<primski> hm, dont know really, i used my SD card with that and it worked ouf of the box
<Rommy02> err, in linux, rather
<primski> i though that script makes fat automaticly
<primski> well, sry, no more ideas :s
<Rommy02> ah, well thanks for your help so far, i'll see what i can drudge up
<primski> np and good luck
<Rommy02> worst case scenario i stick with my faithful slackware =)
<primski> :d
<primski> does your bios support net boot ?
<Rommy02> if it does .. i haven't found the option for it, and it doesnt happen automatically ...
<Rommy02> I actually have a PXEboot already setup for slack ...
<primski> hm, there arent many options left yes, if it doenst
<Rommy02> i'll try it again as fat16 - i just found the format command for that partition type
<primski> grat, gl
<primski> great*
<Rommy02> i do get 1 error when running the script that i'm not sure what it means yet though, cp: cannot stat /media/cdtmp.b20990/casper: no such file or directory
<Rommy02> i'm reading the script to see what it does ..
<cjsstables> ikonia:  good morning
<Rommy02> well, i think i've spotted the problem, the usb drive has a hidden partition that is being mounted as the cd, and i havent found a way around it =/
<mrkofee> hi, i want to authenticate some users using mysql in apache, but since 2.2 mod-auth-mysql is depracted and doesnt work any longer (according to a guy on the apache list). mod-dbd should be used instead, but i cant find it in the repo. do i have to compile apache myself?
<\sh> libapache2-mod-auth-mysql ? still in the hardy archives
<mrkofee> \sh: ye, but they told me its depracted since 2.0. and it doesnt work for me, thats why i asked on the apache list
<cjsstables> Hey all.  currently running ubuntu network server with ldap authentication.  My next issue that I have is the annoying keyring password request when accessing samba shares.  does anyone know how to stop this request in an ldap environment?
<ctx144k> hello all.. which program should i install unter ubuntu8.04-server to correct my date/time permamently (as daemon, not cron)
<mrkofee> ctx144k: openntpd
<ctx144k> i already installed a time-server on another mashine
<ctx144k> ok
<mohamed_> hello all, i run ubuntu-server at home as home and media server , the question is that i need Apparmor, if i disable it this will affect the system ?
<ScottK> mohamed_: It will increase the potential security risk with the system.  Why do you think you need to disable it?
<mohamed_> ScottK-> because it make some troubles with Squeezecenter
<mohamed_> and i don't need security for this server
<ScottK> Security is all it affects.
<mohamed_> it will behind firewall
<ScottK> I don't agree that that means you don't need security, but your choice.
<mohamed_> ScottK-> iit will be for home media inside home
<ScottK> It's your network.  It's your choice.  You don't need to convince me.  Only yourself.
<mohamed_> my question if i diable it this will not affect the system ?
<mohamed_> disable
<ScottK> Except for security, no.
<mohamed_> thanks ScottK
<cjsstables> ikonia:  are you on?
<ikonia> cjsstables: I am yes
<cjsstables> you know anything about this annoying keyring program.  On my network authenticated users/clients, before I can mount a samba share I have to put in a keyring password.  Is there a way to stop that
<cjsstables> my ultimate goal is to automatically mount samba shares but this keyring password is in the way
<cjsstables> If network manager is the culprit I can remove that safely if my clients network ip's are manually configed right?
<ikonia> cjsstables: there are docs for that, let me see if I can dig them out
<cjsstables> ikonia:  i followed one of the doc's about an hour ago and unfortunately was locked out of my linux box.  had to restore original files.  Maybe the one I was following was not correct
<ikonia> let me see what I can find for you
<cjsstables> ok cool
<Vlet> So, I'm using dhcpd and iptables masquerading to set up a router gateway system; all is working well, but if the system restarts, I need to re-enter the iptables rules to re-establish the masquerading; How can I have them loaded at startup?
<zul> put them in rc.local perhaps?
<Vlet> zul: duh - that was easy :p
<_ruben> or put them in a nice script in /etc/init.d/ and use update-rc.d to have it executed automagically .. just a tad "cleaner" than (ab)using rc.local imo :)
<_ruben> and you'd want firewall rules to be started prior to bringing any interfaces up
<Vlet> _ruben: right. That does seem cleaner. Thankya
<uvirtbot> New bug: #237892 in dhcp3 (main) "/var/lib/dhcp3/dhcpd.leases file is empty" [Undecided,New] https://launchpad.net/bugs/237892
<uvirtbot> New bug: #237894 in openssh (main) "I cannot connect to any server. Conection hangs up at "channel 0: open confirm rwindow 0 rmax 32768"" [Undecided,New] https://launchpad.net/bugs/237894
<dana_good> one of my client's servers detected errors on their disk and somehow the root partition got mounted RO, is there a way to remount the disk RW?
<primski> im having some problems with vsftpd+firewall setup. i'm using ssl only, port 990 and when i enable ufw, i no longer get directory listing, authorization works ok, but disconects after there is no directory listing returned. i opened ports 990, 20, 21 tcp and udp. any ideas?
<zul> have tried putting you client in passive mode?
<primski> yes, im using filezilla on ubuntu desktop.
<primski> i thought it could be due to passive mode, but filezilla doesnt solve it, perhaps a bug there, will try another client
<Vlet> _ruben (or others :): What would be the apropriate runlevel for such a script?
<_ruben> most common runlevel would be 3 .. and 39 as sequence number (since networking has sequence number of 40)
<Vlet> Thanks again
<nealmcb> Vlet: or use ufs?
<nealmcb> oops - ufw...
<Vlet> nealmcb: uh, that's a gui thing, right?
<\sh> nope...ufw is cli
<Vlet> oh.. hmm
 * Vlet does some reading
<nealmcb> I should have a gui some day, but we like cli too
<nealmcb> !ufw
<ubottu> Factoid ufw not found
<nealmcb> !firewall
<ubottu> Ubuntu, like any other linux distribution, has firewall capabilities built-in. The firewall is managed using the 'iptables' command (see https://help.ubuntu.com/community/IptablesHowTo), or GUI applications such as Firestarter (Gnome) or Guarddog (KDE).
<Vlet> Well, that's just the thing - I'm not planning on installing X on this box )
<nealmcb> Vlet: good
<nealmcb> jdstrand: we should set up a factoid for ufw and add it to !firewall
<ScottK> nealmcb: Personally I've never heard of Guarddog before.  Kmyfirewall is the KDE front end I see mentioned.  That could do with an update too.
<nealmcb> Vlet: https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<Vlet> nealmcb: Thanks - now the tricky bit is getting this working in one swipe, as the system in question is currently acting as the gatway for my workstation ;)
<nealmcb> Vlet: yeah - I know the issues there....  another program that helps with that and does lots more is shorewall
<nealmcb> it has some nice auto-fall-back features
<Vlet> I think I'll survive =D
<cyris|> friday!
<Vlet> It seems that the ubuntu.media.mit.edu repomirror is not being updated o_O
<jjesse> yay friday
<nealmcb> hmm - the ufw man page doesn't say what the default policy is.  default deny or default allow....  but the comment on remote management implies that perhaps it is default deny?
<nijaba> jdstrand: ^^
<ScottK> Default is nothing at all.
<dsdg> hello, I have got a server with ubuntu 64 bit 8.04 i have two discs but need to raid1 them while the server is live.. does any one have a good working howto I can use?
<ScottK> You want to convert to a raid array on a live server?
<dsdg> hi ScottK i have a live server with sda and sdb  currently the system is booted on sda - i want to raid1 /dev/sda2 and /dev/sdb2 - /dev/md0 - so the server is live and I have created tghe md0 with sdb2 added and sda2 as missing - just having some sticky with grub and thought while i am at it might as well pick up a good proper howto..
<ScottK> A how-to I was writing would start with configuring the server before it was live.
<dsdg> ScottK, hehe yea, it's a hetzner thing man...they didnt want to.. so now i have a live syhstem with two discs and no raid...
<dsdg> done it before in  gentoo but cant find a solid howto for ubuntu,
<dsdg> can i not download a live cd and "boot it" or run it..and get to the environmetn where i can do a remote live install?
<dsdg> think i can ask hetzner to put in a live cd and give it access to the net? maybe i can then do the raid1 easy?
<ScottK> It's been long enough since I set one up I'm reluctant to give advice.
<dsdg> it's all good :)
<dsdg> thanks anyhow, and enjoy a great weekend!
<dsdg> i keep on forgetting it's friday :) almost pub and stella time
<jdstrand> nealmcb: it is default deny, but disabled
<jdstrand> nealmcb: it can be changed with 'ufw default ...'
<nealmcb> jdstrand: thats what it seemed.  want a bug for the man page?
<jdstrand> nealmcb: if you want-- I've made a note to fix it
<nealmcb> :)
<nealmcb> more info about logging would be nice also - default, where it goes, etc
 * nealmcb hoped sudo ufw --dry-run logging off would tell me whether it changed or not, but it doesn't seem to
<jdstrand> nealmcb: noted
<jdstrand> nealmcb: it is syslog facility 'kern' (ie where iptables logs)
<nealmcb> jdstrand: thanks.  the sysctl stuff is also a bit mysterious.  for the uninitiated, what are the implications of all those rules in /etc/ufw/sysctl.conf ? - how do they compare to normal system defaults?
 * nealmcb knows he is about 5 months late on these questions :/
<jdstrand> nealmcb: rp_filter, accept_source-route and accept_redirects are non-defaults
<nealmcb> jdstrand: would it make sense to comment out all the defaults or something?
 * nealmcb wonders if sysctl rules are set in other packages like that
<jdstrand> nealmcb: well, I was doing that, then things started changing between releases and so I just said "I am setting this up the way it needs to be'
<nealmcb> :)
<jdstrand> I don't know about other packages, but /etc/sysctl.conf seems to be a mixture-- you can read it for what some of that stuff is
<nealmcb> hmm - procps owns /etc/sysctl.conf - which takes priority?
<jdstrand> nealmcb: ufw-- S17procps vs. S39ufw
<nealmcb> scary
<jdstrand> nealmcb: lots of firewall scripts do this sort of thing, they just don't have a file called 'sysctl.conf' (meaning they embed all this stuff in their code)
<jdstrand> nealmcb: you can also adjust ufw to use /etc/sysctl.conf if you prefer
<jdstrand> /etc/default/ufw
<jdstrand> nealmcb: while it is 'Uncomplicated' for the average user, it tries not to take away any configurability from an admin who needs it
<kirkland> zul: hey, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484800
<uvirtbot> Debian bug 484800 in apache2 "apache2 mpm-worker segmentation fault (Launchpad #235294)" [Important,Open]
<kirkland> zul: I linked that to https://bugs.edge.launchpad.net/debian/+source/apache2/+bug/235294
<uvirtbot> Launchpad bug 235294 in apache2 "[SRU] apache2 mpm-worker segmentation fault." [Undecided,Fix committed]
<nealmcb> Scary is the wrong term - I just think it will confuse folks to have competing by-default sysctl config files, so good documentation on that seems important
 * nealmcb wonders if the debian packaging rules would or should apply there
<jdstrand> nealmcb: I can't make change to /etc/sysctl.conf automatically (policy violation)
<jdstrand> s/change/changes/
<jdstrand> which why I did it this way
<zul> kirkland: cool
<kirkland> zul: I'm reviewing tormod's debdiff for the php5-5.2.6 security changes backport to hardy
<emgent> hello there
<zul> kirkland: cool you might want to let kees and jdstrand now
<zul> s/now/know/g
<mathiaz> dendrobates: http://people.ubuntu.com/~mathiaz/network_auth_integration.png
<nealmcb> jdstrand: I don't really know much about debian policy, but it seems worse to just override another config file in a way that is less clear to the users.  I guess they at least have to do something to turn ufw on, but still...
 * nealmcb knows this is close to the heart of the difficult stuff about package management and being "uncomplicated" like ubuntu wants :)
<jdstrand> nealmcb: I am making a change in /etc/ufw/sysctl.conf to make this clear
<nealmcb> what would the consequences of not changing the default sysctl stuff be?  I haven't looked at what those rules do, but perhaps it would be better to just advise the user to change the defaults.  or why should those not be changes to procps?
<jdstrand> nealmcb: ufw needs rp_filter for one, and part of the 'uncomplicated' bits is unifying sysctl, iptables, etc
<jdstrand> nealmcb: like I said-- this is really no different from installing a packaged firewall application that makes some assumptions (and overrides this stuff anyway)
<nealmcb> hmm - rp_filter is the same in my two sysctl.conf files
<jdstrand> nealmcb: many of those do so internally-- ufw just happens to expose that and gives the possibility to use /etc/sysctl.conf if desired
<jdstrand> nealmcb: yes, but it seems to change from release to release, eg gutsy didn't have it
<jdstrand> nealmcb: put simply-- 'ufw enable' is supposed to work without having to do any more fiddling
<kirkland> jdstrand: hey, procedure question for you....
<kirkland> jdstrand: https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/227464
<uvirtbot> Launchpad bug 227464 in php5 "Please backport security fixes from PHP 5.2.6" [Undecided,Fix released]
<kirkland> jdstrand: I subscribed ubuntu-security to that bug
 * jdstrand nods
<jdstrand> what's the procedure question?
<kirkland> jdstrand: these are the php5.2.6 fixes that I chased down in CVS, someone else attached a debdiff
<kirkland> jdstrand: i gave the debdiff a look over, applied it (cleanly), build it (cleanly)
<kirkland> jdstrand: i figured you/kees would want to look over it next?
<kirkland> jdstrand: before zul/me prepare an SRU?
<jdstrand> kirkland: we will get to it for -security, but that shouldn't prevent you from doing SRU if desired
<kirkland> jdstrand: "is that the standard procedure?"  ^
<jdstrand> kirkland: the standard procedure is-- patch, test, supply debdiff, assign security team
<jdstrand> kirkland: so yes
<kirkland> jdstrand: cool, thanks.
<kirkland> zul: what do you think?  SRU time for bug 227464?
<jdstrand> kirkland: we take it from there-- if it contains other fixes, then feel free to do the SRU
<uvirtbot> Launchpad bug 227464 in php5 "Please backport security fixes from PHP 5.2.6" [Undecided,Fix released] https://launchpad.net/bugs/227464
<kirkland> jdstrand: oh, okay
<kirkland> jdstrand: so a separate SRU is not required?
<jdstrand> kirkland: I don't have a timeline on when we will process it though
<kirkland> jdstrand: nothing but security fixes in that debdiff
<kirkland> jdstrand: i don't either
<jdstrand> kirkland: no-- if it is just security fixes, kees and I just upload to -security
<kirkland> jdstrand: cool, thanks, i think my work on this one is done, then.
<kirkland> jdstrand: thanks!
<jdstrand> kirkland: on a gnarly patch set, we may do a 'simulated SRU' where we upload to -proposed and ask for feedback before committing to -security
<kirkland> jdstrand: okay, this one is non-trivial, but i wouldn't call it "gnarly" either
<jdstrand> heh
<jdstrand> kirkland: well, kees and I will take a look at it and make that decision
<kirkland> jdstrand:  7 files changed, 128 insertions(+)
<kirkland> jdstrand: okey doke, thanks for the answers
<jdstrand> kirkland: do you know off-hand if anyone has done any of the regression testing in qa-regression-tests?
<kirkland> jdstrand: for php?
<jdstrand> kirkland: I know there is some built test info in there-- I haven't looked at the php specific stuff in a while
<kirkland> jdstrand: there's a set of php tests are are bundled with PHP itself
<kirkland> jdstrand: those run as part of the php debuild
<kirkland> jdstrand: i'll build an unpatched (stock) hardy php and compare the differences
<jdstrand> kirkland: yes, and kees documented what fails and what doesn't, so new builds can be compared against the old (eg expected failures are ok, but no new failures)
<kirkland> jdstrand: actually, a file test-results.txt gets generated by the build, and installed when you install php5
<kirkland> jdstrand: so i may not need to rerun
<kirkland> jdstrand: just install what's currently in hardy
<jdstrand> kirkland: I don't know the php5 packaging, but like I said, kees documented some of this stuff for all the releases
<kirkland> jdstrand: documented where?
<jdstrand> qa-regression-testing
<kirkland> jdstrand: that's a package?
<jdstrand> https://code.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master
<jdstrand> kirkland: ^
<jdstrand> (no package)
<kirkland> jdstrand: ah, launchpad project, sorry, /me was confused
<jdstrand> nealmcb: http://bazaar.launchpad.net/~jdstrand/ufw/trunk/revision/149
<kirkland> jdstrand: doesn't look to me like qa-regression-testing has hardy's php5 results
<kirkland> jdstrand: latest are 5.2.3-1ubuntu6.1
<jdstrand> kirkland: ok-- feel free to add them if desired (or post the results somewhere so we can add them)
<jdstrand> (ie unpatched hardy)
<kirkland> jdstrand: okay
<jdstrand> kirkland: don't feel like you have to-- but if you want to contribute, great :)
<kirkland> jdstrand: it's no problem, i have all the data and branch right in front of me ;-)
<kirkland> jdstrand: i must say, though....
<kirkland> jdstrand:  that it seems to me marginally valuable to collect php's results in this project, since a test-results.txt.gz is shipped with every php5*.deb we build
<jdstrand> kirkland: feel free to branch qa-regression-testing and make whatever changes you want
<jdstrand> we'll pull them in
<kirkland> jdstrand: :-)
<kirkland> jdstrand: okay, i'll think on it some
<jdstrand> they are for everyone to enjoy :)
<kirkland> woohoo!
<ashelbysctes> hey guys i have an ubuntu server box running hardy with gnome and wmii, i configured some custom keyboard commands so when i press F1 or F2 certain scripts should run, and they work fine in gnome but not in wmii, could someone please help me make it work in wmii?
<ashelbysctes> i tried going back in wmii and redoing it, but its already set correctly and to no avail
<ashelbysctes> my script is:
<ashelbysctes> #!bin/bash
<ashelbysctes> gksudo /etc/init.d/ssh start
<ashelbysctes> just those two lines
<ashelbysctes> and its not working :(
<ashelbysctes> is there a different kind of sudo i need to be using or what? :\
<ashelbysctes> all i wanna do is start and stop ssh with a hit of a key :S
<jdstrand> ashelbysctes: this is really more a question for #ubuntu
<jdstrand> ashelbysctes: I haven't even heard of wmii until you mentioned it
<ashelbysctes> yeah, i tried ubuntu, they are sure a lot more busy than they are at 1am ;)
<ashelbysctes> but thats allright :)
<ashelbysctes> i can bother you with a server related question...
<ashelbysctes> i can recieve mail with just my standard default mail agent
<ashelbysctes> but i cant send it
<ashelbysctes> i think it might be a problem with my isp (charter communications)
<ashelbysctes> but this might be a common fixable problem ;)
<jdstrand> ashelbysctes: is this sending it from a mail client like evolution, or your mail server (eg postfix)?
<ashelbysctes> from a server (postfix)
<jdstrand> ashelbysctes: many ISPs block port 25
<jdstrand> ashelbysctes: try using tcpdump or similar
<jdstrand> (or nmap)
<ashelbysctes> oh, its port 25? kul, ill try something and if that dosent work you can bet im gonna ask for help with installing tcpdump or something ;)
<ashelbysctes> btw - i can never thank you guys enough :)
<ashelbysctes> you guys are like heros to me - i want to be just like you in a few years :)
<ashelbysctes> before i go to college :)
<ashelbysctes> OH HOT IT WORKED :D
<ashelbysctes> thanks soooo much!
<ashelbysctes> i thought it was my router prot forwarding - but i wasnt sure what port to let pass through
<ashelbysctes> so i let 25 through and now it works!
<ashelbysctes> thank you so much!!! :)
<ashelbysctes> you guys deserve a lot more thanks than you get, a lot of you work harder than most people get paid for ;)
<ashelbysctes> and i really appreciate it :)
<jdstrand> np :)
<ashelbysctes> hey -  it worked once, but now gmail is fussing at me: it told me to use SMTP 550-5.7.1 relay at my isp instead cause my ip wasnt applicable to send mail directly to their servers :\
<ashelbysctes> ok it says that dynamic ip's are unaccepted to send unidentified smtp mail to an internet email serve r
<ashelbysctes> could i fix one of those things? make my ip NOT dynamic, o send authenticated mail?
<ashelbysctes> cause i rly needz a mail server :(
<nealmcb> ashelbysctes: it is generally recommended to use the smtp submission port (I forget the number), not 25, for using an isp as a smarthost, as I recall
<ashelbysctes> oh, okey dokey then
<ashelbysctes> if i could find out what port it is could you help me use it to suubmit it, or is it just a matter of configuring my router so?
<nealmcb> running a mail server from a dynamic ip is likely to cause you lots of headaches - I'd stick with the submission port...
<ashelbysctes> ok, but theres nothing i could change just to make mail servers "trust
<nealmcb> ...and even that takes care and feeding....  fun to learn from, but using a good email service (e.g. fastmail.fm) can be a lot easier
<ashelbysctes> " me?
<ashelbysctes> ok then
<nealmcb> they won't trust dynamic ips...
<ashelbysctes> i need something free is all
<ashelbysctes> thats ok
<nealmcb> and shouldn't....
<nealmcb> I went thru all that years ago...
<ashelbysctes> yup, im a pretty *sniff* shady character after all? :P
<kees> kirkland, jdstrand: I would like to compare patch sets against what seanius did in Debian, too.
<kees> (for php50
<kees> s/0/)/
<nealmcb> dkim and perhaps the dns policy stuff would help in some cases but probably not nearly enough
<kees> kirkland, jdstrand: see svn://svn.debian.org/pkg-php/php5/branches/etch/debian
<kirkland> kees: okay, i posted a diff showing now test regressions
<kirkland> i was also just about to add test results for hardy's php5
<kirkland> to qa-regression-testing
<kees> kirkland: cool.  we should not have any regressions. ;)
<kirkland> kees: jdstrand: okay, pushed results 5.2.4-2ubuntu5.1 to lp:~ubuntu-bugcontrol/qa-regression-testing/master
<kirkland> (missing hardy results)
<mathiaz> nealmcb: ogra: what do you think about http://augeas.net/ ?
<mathiaz> isn't that what we've talked about the right way to implement configuration management ?
<ashelbysctes> what if i were to sign up for http://www.senderscorecertified.com/ ?
<ashelbysctes> would that alow me to send maail without being ignored?
<cameronh> for some reason, my Ubuntu Server install seems to be hanging when apache starts at boot time
<cameronh> actually it just seems to be hanging at startup when starting a service, but it tends to be near apache
<cameronh> any idea what's happening? no debug messages are being spewed out
<cyris|> anything failing to start?
<cameronh> only cleaning /tmp
<cameronh> i just did a recovery start and this time it crashed when i did ls /etc/rc6.d, but i don't think that's what caused it.. think maybe it's the clutch transmission daemon?
<ashelbysctes> hey, about my mail server, if i set it up as a mx record isnted of simple ip forwarding, would those servers accept it?
<ashelbysctes> i can do email forwarding, user (mx record) and user simplified ip so far i just had user siplified ip, but by the way you tell me it sounds like i could use an mx record and it would work
<ashelbysctes> would an mx record work cause its not a simplified ip address or dynamic any more?
<cameronh> nope this computer seems to be randomly hanging at startup now, even beore it's started loading things like transmission and apache
<cameronh> it was working fine before
<ashelbysctes> i have a server runninx postfix and i need to send mail but before my dns was configured to dynamic ip so things like hotmail bounced the mail so would it work if i alternatively configured my dns to an mx record???
<ashelbysctes> cause i really think that would work
<ashelbysctes> http://screencast.com/t/terADXkph could someone please tell me how to configure that? my website name is sudoshelby.com and my username is shelby
<ashelbysctes> i just wanna know what to fill in cause i think it will work i really do
<Vlet> So, I've been playing with ufw, and with port 53 allowed and ufw defaulting to drop, I can't seem to resolve hosts (via dnsmasq)... Any suggestions for what other ports or settings should be applied?
<mathiaz> kees: is the repository module enable in apparmor ?
<mathiaz> kees: I remember that we disabled the xmlrpc code at some during gutsy
<psufan> how do I make sure a line gets added to the command line/grub whatever in a kickstart install script for 6.06lts
<kees> mathiaz: Yeah, I'd just seen that bug about "ubuntu-gutsy" too.  I thought it was disabled, but I haven't checked lately.
<psufan> wtf did you guys do to the kernel so it ignores console=
<SpaceBass> hey folks
<SpaceBass> I've got a problem with a raid5 sooftware array after upgrading from 7.10 to 8.04
<SpaceBass> specifically, it broke and would not assemble due to bad super blocks on a few drives ... I zeroed out the superblocks and created the array...its active and hopefully intact...
<SpaceBass> but when I try and mount it, I get a wrong file system type error
<SpaceBass> it thinks its ext4
<psufan> wtf
<mathiaz> dendrobates: have you looked at https://wiki.ubuntu.com/FeistyNetworkAuthentication ?
<mathiaz> dendrobates: that seems to cover the uauth tool we've discussed earlier
<dendrobates> mathiaz: yes, I am familiar with it.
<ashelbysctes> hey you guys i set some custom keyboard scripts to run on command of a key, and they un fine in gnome, but not in wmii, how would i make them run in wmii?
<Asad2005> I have set up bridge between wireless wlan0 and eth0 fore access point, the client can connect but doesnot ping WAN while the server can connect when i route add default gw. Can some one help. i have my config files in http://paste.ubuntu.com/17651/
<stickystyl> anyone know of some pre written server monitor scripts that i can put on a machine external to my office to monitor my websites?  I have nagios internally, but the server that i have external doesn't allow a cgi-bin.
<stickystyl> no sense in me writing some script if there is already one out there.
<bamed> stickystyl: what are you wanting to monitor?  uptime?  if that's all nagios should be all you need
<stickystyl> I want to monitor that my sites are reachable from the outside world, hence the external server monitoring it.  but this is just a simple shell account that does not have access to a cgi-bin that would be needed to install nagios on the external machine.
<kees> jdstrand: say, I'm using the test-samba.py and it's ... not happy with me (or my kvm)
<kees> jdstrand: http://pastebin.osuosl.org/7817
 * kees goes digging
<jdstrand> kees: boy I'd say
<jdstrand> kees: which release?
<kees> this is gutsy
<kees> I did a purge/reinstall hoping there was some goofed config, but smbclient seems to still hate me
<jdstrand> kees: let me take a look at it-- I tested dapper and hardy after the commit and then got distracted by evolution
<jdstrand> s/after/before/
<kees> okay, cool.  I'll go try it in Dapper.
<kees> heh, works on dapper.  :P
<slimjim8094> sup guys - got a question
<jdstrand> kees: it actually is working on gutsy
<jdstrand> kees: sudo ./test-samba.py -v
<slimjim8094> bind9 + dhcp-server - i want a dynamic dns update so my local machine's hostnames are in DNS for my domain
<slimjim8094> anyone got any ideas?
<jdstrand> kees: I see you did 'sudo ./test-samba.py localhost -v'
<kees> jdstrand: yeah, tried both.  hmm
<jdstrand> kees: that is not valid
<jdstrand> kees: at least, it isn't tested
<kees> slimjim8094: same audience here -- don't think anyone knows.
<jdstrand> (and wouldn't mean anything, as 'localhost' is supposed to be for network browsing
<kees> jdstrand: ah, okay, trying it again..
<jdstrand> )
<jdstrand> kees: eg:
<jdstrand> sudo ./test-samba.py 192.168.122.10 -v
<jdstrand> where 192.168.122.10 is some host running samba
<jdstrand> (eg, another vm)
<jdstrand> kees: all tests passed on gutsy (skipped client browsing)
<slimjim8094__> crap... stupid internet
<kees> jdstrand: weird.  I wonder how my VM is busted.
<jdstrand> kees: do you have any stray smbd or nmbd processes running?
 * kees checks
<kees> it's okay if I have other smb running on separate hosts, right?
<jdstrand> kees: separate hosts absolutely-- that is the point of client browsing ;)
<jdstrand> kees: I meant in the gutsy vm
<kees> jdstrand: for the  $host -v   case, right?  but for just -v, it'll use the local machine?
<jdstrand> kees: in fact, I know that 10.0.0.63 is running samba :)
<kees> jdstrand: heh, but that's the machine I'm testing.
<jdstrand> (though that may be your gutsy vm...)
<kees> yeah
<kees> okay, so, to back up... if I just install samba out of the box, this should work: smbclient -N -L $(hostname)
<jdstrand> kees: is this i386?
<kees> jdstrand: amd64
<jdstrand> kees: ok, all my testing was amd64
<jdstrand> kees: smbclient -N -L localhost should work
<kees> wild.
<kees> Anonymous login successful
<kees> Domain=[MSHOME] OS=[Unix] Server=[Samba 3.0.26a]
<kees> tree connect failed: NT_STATUS_LOGON_FAILURE
<kees> that's a result of   purge, install, smbclient.
 * kees switches to his i386
<jdstrand> that there is yer prawblum
<kees> hehe
<ashelbysctes> hey can someone point me in the direction of a mysql tutorial pls? i have to learn how to use and make databases and im a n00b :(
<ashelbysctes> nevermind its ok :)
<jdstrand> kees: I don't know, I might just take 15 minutes and generate a new vm
<kees> samba and I have never gotten along.  :P
<jdstrand> I'm not sure it's in samba's nature to get along
<kees> haha
<kees> trying feisty as long as I'm here...
<LMJ> hi
<jdstrand> kees: yeah, me too
<LMJ> is there a way to activate "conntrack_rtsp" on Ubuntu hardy ?
<jdstrand> kees: tip for ya-- if you specify a host to test-samba.py, make sure that samba is actually running on that host ;)
<kees> jdstrand: heh, it is!  I swear.  :P
<kees> yup, feisty is fine for me too.
<jdstrand> (several times I forgot to restart it after a test-samba.py run)
<kees> (SambaGeneric) Client browsing ... skipped
<kees> ok
<kees> er.. where is that "ok" coming from?  :P
<jdstrand> kees: it is because the test didn't FAIL-- not sure how to get rid of that
<kees> ah! heh
<jdstrand> kees: I just return True on skip
<kees> maybe: print "(skipped)",      i'll see if that makes the output cleaner
<jdstrand> kees: oh-- yes, that would do it-- I'd prefere no 'ok', but please make the change
<kees> oh wait... feisty started to fail.
<jdstrand> kees: while your at it, can you update it to mention that specifying localhost to test-samba.py doesn't really make sense?
<kees> IOError: [Errno 13] Permission denied: '/etc/samba/smb.conf.autotest'
<kees> *boggle*
<jdstrand> sudo?
<kees> I have entered some kind of anti-coffee zone.  *sigh*
<jdstrand> kees: feisty passed here (even with client browsing)
<jdstrand> kees: there are to places for 'skipped' in test_client_browsing-- can you fix both?
<kees> jdstrand: yeah, saw that and got them updated now.  (haven't pushed yet)
<kees> oh... yeah, no... that won't work.  it seems that the lack of flush means it doesn't appear in output.  :P
<jdstrand> kees: and don't feel bad about sudo-- I *just* did the same thing 1 minute before and had the same reaction :)
<kees> haha
<kees> *whew*
<kees> feisty is working correctly.
<kees> I wonder why my gutsy VM is bad...
<jdstrand> ah, well clearly that was why I didn't use ','
<jdstrand> :P
<AnRkey> how do i share something with ebox?
<kees> heheh
<AnRkey> i have looked everywhere
<kees> AnRkey: I would cut something in half, and let ebox choose which piece it wants.  (sorry, couldn't help myself.  I don't know ebox)
 * AnRkey slaps kees
<AnRkey> :D
<kees> heh :)
<kees> jdstrand: haha:
<jdstrand> LMJ: I haven't used conntrack_rtsp-- but it doesn't appear to be compiled in hardy
<kees> Ran 14 tests in 221.628s
<kees> OK
<kees> (skipped)
<jdstrand> kees: oh, haha
<kees> I'm trying it with a sys.stdout.flush()
<jdstrand> I was like-- '(skipped)', wha?
<AnRkey> found it
<AnRkey> create a new group and add a path for the share for that group. strange that it's in the groups section
<kees> jdstrand: ah-HA! something in the conf was staying.  I wasn't purging samba-common (only samba)
<kees> I'll be it was from earlier attempts to reproduce the kernel bug.
<jdstrand> \m/
<kees> and flush() worked.  wheee
<jdstrand> ah cool
<jdstrand> I have 'skip' in a few other scripts too, if you're feeling industrious :)
<kees> jdstrand: okay, thanks for the attention -- it's all working happily again. *whew*
<jdstrand> np
<kees> oh, maybe I'll add testlib.skipped()  and we can call   return testlib.skipped()
<jdstrand> kees: that is a great idea
<AnRkey> aaaahhh!!! i was wrong
<AnRkey> it creates a whole new directory
<slimjim8094> guys - anybody a bind / dhcp-server guy? got a question about ddns-updates
<gatewayer> whats the problem slimjim8094
<slimjim8094> i can't get ddns-updates working - bind9 and dhcp-server running on the same machine
<slimjim8094> dhcp-server (or the client themselves) is supposed to be able to update the DNS entry for the client
<gatewayer> where you get stuck?
<slimjim8094> no errors, but no success messages either
<slimjim8094> it's just not working
<gatewayer> hmmm really tricky to help you without error message ^^
<slimjim8094> how about NXDOMAIN :P
<slimjim8094> ive got my default dns suffix set properly
<slimjim8094> i had some errors re. permission denied
<slimjim8094> but they're gone...
<gatewayer> hmmm
<gatewayer> maybe anyone else has more expirience and knows what to do ^^
<gatewayer> i have no idea what you need ^^
<gatewayer> i thought it is a specific error ^^
<slimjim8094> haha, unfortunately it's not
<slimjim8094> errors i can google ^.^
<gatewayer> of course ^^
<gatewayer> but without error you need someone who had this problem already
<slimjim8094> ya
<slimjim8094> or knows how i'm doing something stupid
<gatewayer> jepp
 * nealmcb heads off for the weekend....
<a13x>  I am trying to install ubuntu server but when i run CD checking tool it tells me that some random file is corrupted and it is different every time.  i tried different cds, cd recorders, cd roms but nothing helps.  i even tried to redownload few times.
<a13x>  I am trying to install ubuntu server but when i run CD checking tool it tells me that some random file is corrupted and it is different every time.  i tried different cds, cd recorders, cd roms but nothing helps.  i even tried to redownload few times.
<ScottK2> a13x: Did you try burning at a slower speed?
<a13x> interesting idea
<a13x> however, why would it matter
<infinity> a13x: When you say it's a "different file every time", do you mean it's different with each burn, or that the very same CD gives different errors on each check?
<infinity> a13x: If the same CD is giving different errors each time, your CD drive or cabling to the drive might have issues.
<a13x> i put in the cd and start the computer
<a13x> in the bootloader i choose check cd
<a13x> every time i do this
<ScottK2> a13x: If your media is marginal or something other issue, it could be more apparent at higher data rates.
<a13x> files are sometimes different
<a13x> i replaced the cabling
<a13x> also replaced cd rom
<ScottK2> What brand of CD blanks?
<a13x> tried regular cd and cd-rw
<a13x> and recorded on two different computers
<a13x> same result
<a13x> brand
<a13x> TDK for my regular cds
<a13x> i am not sure about my RWs
<a13x> next, i will run checks on my recording software
<ScottK2> IIRC some of those are made in marginal factories and some are made in good ones, but if you've got the same problem with the RW, it's not just a bad spindle of CDs.
<a13x> and try recording at slower speeds
<a13x> right now i am downloading the dvd
<a13x> i even ran memory tests, no errors
#ubuntu-server 2008-06-07
<nxvl> mathiaz: around?
<a13x> summary of my problem: i am trying to install ubuntu server.  i run check CD for defects multiple times and every time it tells me some random file is corrupted (different files most of the time).  Here are the things I tried to do: redownload and burn new cd, burn the cd on another computer, burn a rewritable cd on both computers, replace the cd rom, replace the cd rom cable, vertify data on burning software after recording (passed).  nothing seems to h
<a13x> elp
<ScottK2> Are you using the same burning software every time?
<a13x> no
<nxvl> mathiaz: i update the wu-ftpd debdiff, are this the changes you wanted? i'm kind of confused about the Vcs-* fields
<a13x> k3b on my linux machine, cdburnerxp on windows vista
<mathiaz> nxvl: yeah - I've asked around and changing the Vcs-* are not mandatory
<mathiaz> nxvl: there was discussion about how to handle them, but no final decision has been taken
<mathiaz> nxvl: so for now, I'd leave them as is (ie not change them).
<a13x> i also tested memory which was fine
<nxvl> mathiaz: i have already change them
<nxvl> :S
 * nxvl reverts the change & uploads
<nxvl> mathiaz: done
<mathiaz> nxvl: ok - sorry for the trouble - I'll have a look at your diff later
 * nxvl HUGS mathiaz 
<nxvl> btw
<nxvl> did you see the augeas thing?
<nxvl> i find it really usefull
<nxvl> i will try to package it and include it
<Wicky656> is there a way to make likewise-open use /etc/skel for the .profile and such for new user directories?
<a13x> I am trying to install ubuntu server.  I ran check CD for defects # of times and every time it tells me some random file is corrupted (different files most of the time).  I've tried to: redownload and burn new cd, burn the cd on another computer, burn a rewritable cd on both computers (k3b and CDBurnerXP), replace the cd rom, replace the cd rom cable, vertify data on burning software after recording (passed), ran memory test (passed), download dvd, burn
<a13x> (rw), check (passed).  nothing helps
<slimjim8094> do a md5sum on the file (iso)
<a13x> doing md5sum...
<a13x> there something interesting which i didn't mention: i have a raid card that supposed to create a raid 1 out of two hard drives
<a13x> and i have created it in its bios util
<a13x> but ubuntu still shows 2 hard drives
<a13x> # md5sum ubuntu-8.04-server-i386.iso
<a13x> c3162b21757746c64a0a22cdd060b164  ubuntu-8.04-server-i386.iso
<soulc> is there a way to upgrade to 8.04 server using apt-get?  I did it on my desktop
<a13x> not sure, it i am sure i will shoot myself very soon
<a13x> it almost seems like there is a bug in ubuntu that makes it read corrupt files
<a13x> random on-the-fly corruption
<erichammond> soulc: Did you see this? http://www.ubuntu.com/getubuntu/upgrading#head-e059d5452a24b50d09c64df48058ef2d834eb197
<Jberg88> hello anyone still awake?
<hads> Yes, it's the middle of the afternoon :)
<Jberg88> ah great sorry about that... I need help installing mysql on my server
<hads> `sudo aptitude install mysql-server` :)
<Jberg88> everytime i run it sudo aptitude install mysql-server everything goes fine and then when it is time to start it up it [fail]
<hads> Look in the log files, there's quite possibly an error there.
<Jberg88> i dont know how to do that?
<hads> Well traditionally logs are in /var/log
<Jberg88> ok thanks
<Jberg88> brb
<ergyJB> looked into the mysql.err and mysql.log they are blank
<ergyJB> hello?
<ergyJB> sorry hads my name changed
<hads> How about syslog
<ergyJB> ok looking
<ergyJB> I don't know what I am looking for in here
<hads> Open a console session and run `tail -f /var/log/syslog`
<ergyJB> done
<hads> Then open another one and run sudo /etc/init.d/mysql start
<hads> You should hopefully get some output in the syslog
<ergyJB> yeah that worked
<hads> Pastebin the output so we can take a look
<hads> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<Jberg88> i keep getting booted off http://paste.ubuntu.com/17796/
<Jberg88> hads?
<Jberg88> hello ?
<Jberg88> anyone
<RoAkSoAx> !hi Jberg88
<ubottu> Factoid hi jberg88 not found
<RoAkSoAx> !hello Jberg88
<ubottu> Factoid hello jberg88 not found
<RoAkSoAx> !hello | Jberg88
<ubottu> Jberg88: Hi! Welcome to #ubuntu-server!
<RoAkSoAx> finally xD
<Jberg88> lol
<Jberg88> hi
<RoAkSoAx> lol
<RoAkSoAx> hi
<Jberg88> not sure what happened to hads but i need help getting mysql to install on my server
<jber1> http://paste.ubuntu.com/17796/
<Jberg88> RoAkSoAx: that is the link ^
<RoAkSoAx> Jberg88, that is showed when you try to start mysql daemon?
<Jberg88> ummm I don't know much about what it is saying
<Jberg88> :-/
<RoAkSoAx> Jberg88, when was it showed that message?
<Jberg88> I don't understand?
<RoAkSoAx> Jberg88, what where you doing when the message appeared?
<RoAkSoAx> or what did you do... that you got that message?
<Jberg88> Oh i was started mysql
<Jberg88> i was told to do it to see what was causing mysql to fail
<RoAkSoAx> Jberg88, and how did you installed it?? after installation was that message showed?
<Jberg88> it never finished installing there was some problem with mysql-server-5
<Jberg88> after everytime i try to install it says there is an error processing and it stops
<SeaPhor> i want to build a proxy caching server/firewall for internal network, but also be a proxy for authenticated wan ppl too, any help?
<RoAkSoAx> Jberg88, sudo apt-get remove --purge mysql-server-5.0
<RoAkSoAx> and install it again
<Jberg88> RoAkSoAx: it failed :-(
<jber1> http://paste.ubuntu.com/17799/
<Jberg88> this is what happened^
<RoAkSoAx> Jberg88, uninstallit again
<RoAkSoAx> and show me your repos file
<Jberg88> repos? i forgot how to get those /etc/something/source.list?
<RoAkSoAx> Jberg88, /etc/apt/sources.list
<Jberg88> ok I am sorry but gedit won't open it from command line and i don't know how to copy all from nano
<RoAkSoAx> Jberg88, gksudo gedit /etc/apt/sources.list
<jber1> http://paste.ubuntu.com/17800/
<Jberg88> RoAkSoAx: thank you for being so patient with me
<RoAkSoAx> Jberg88, haha no prob, could you change us to it??
<RoAkSoAx> in the repos?? instead of us.archive, change it to it.archive etc etc
<Jberg88> ok
<Jberg88> done
<SeaPhor> i was sent here from #ubuntu by Flannel because i asked a server based question, if no one here can answer the question i asked, where do i go? or should i be more patient?
<Jberg88> SeaPhor: this is the place to be for server questions but it doesn't seem like there are enough helpers here
<SeaPhor> Jberg88, then i will learn more and offer he;p where i can, thank you for the reply
<SeaPhor> *help
<Jberg88> SeaPhor: no problem man.
<RoAkSoAx> Jberg88, sudo apt-get update and try to install mysql againg
<specialKevin> SeaPhor: you might want to check out squid for the proxy and iptables for the firewall
<specialKevin> SeaPhor: what kind of authentication do you have on the wan currently
<specialKevin> SeaPhor: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/squid.html that might be helpful for squid
<Jberg88> RoAkSoAx: it failed yet again :-(
<SeaPhor> well thats what i'm looking at,, seems i only know how to protect the local and deny the wan, but if its a wan connection as a proxy,,, cant wrap my head around both at same time?
<specialKevin> SeaPhor: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/firewall-configuration.html
<specialKevin> that might help with the firewall
<RoAkSoAx> Jberg88, could you show me please?
<SeaPhor> i know how to set up for a local, had 350 boxes to go thru 1 machine,,, but then to allow any from wan (non local) that would have to be ,,, well different, almost a vpn?
<jber1> http://paste.ubuntu.com/17804/
<RoAkSoAx> Jberg88, sudo apt-get remove --purge mysql-server-5.0 then: sudo apt-get autoremove and then sudo apt-get autoclean
<RoAkSoAx> Jberg88, also try sudo /etc/init.d/apparmor stop just in case... and then install it again.. and it should download mysql again and not install it from the cache
<Jberg88> ok
<Jberg88> I already started on the first
<Jberg88> RoAkSoAx: I think I might have to do a fresh install again. it didn't work
<jber1> E: Sub-process /usr/bin/dpkg returned an error code (1)
<RoAkSoAx> Jberg88, could you show the complete log please?
<jber1> RoAkSoAx: http://paste.ubuntu.com/17805/
<RoAkSoAx> Jberg88, ok frist, sudo apt-get remove --purge mysql-server-5.0 then,sudo apt-get autoremove, then: sudo apt-get autoclean then verify that /var/cache/apt/archives is clean... if not erase all the .debs from there... and then install it again.. the thing is that apt-get should download mysql-server again instead of installing it from the cache
<Jberg88> oh ok
<Jberg88> woah var/cache/apt/archives is full! delete everything, i tried rm *.deb but they didn't work
<RoAkSoAx> Jberg88, sudo rm *.deb
<Jberg88> oh ok thanks that's done
<RoAkSoAx> ok now try installing mysql-server-5.0 again
<specialKevin> SeaPhor: yea a VPN would probably be your best bet
<RoAkSoAx> Jberg88, it should download it again now
<Jberg88> RoAkSoAx: yeah it is I am putting in the password for mysql
<Jberg88> it is continuing now
<SeaPhor> can that connect to a proxy caching server /firewall ?if si,,, the acl's would have to be ,,, tough?
<specialKevin> SeaPhor: not sure, I haven't setup a proxy or anything like that before
<SeaPhor> specialKevin, can that connect to a proxy caching server /firewall ?if si,,, the acl's would have to be ,,, tough?
<Jberg88> RoAkSoAx: :-( it is not working at all
<Jberg88> same error as before
<RoAkSoAx> Jberg88, can you show it to me again
<Jberg88> yes
<SeaPhor> specialKevin, ok, well at least thank you for the response,,, i have built internal proxy cache server/firewalls, and have heard of proxy ip servers, but never heard of how to combine the 2
<jber1> ï»¿RoAkSoAx: ï»¿http://paste.ubuntu.com/17807/
<RoAkSoAx> Jberg88, try invoke.rc-d mysql-server
<Jberg88> don't know how to do that
<Jberg88> that command by itself did not work
<RoAkSoAx> sudo invoke-rc.d --force mysql-server
<Jberg88> nope
<Jberg88> syntax error
<Jberg88> and his gone
<Jberg88> hi RoAkSoAx, there was a syntax error
<RoAkSoAx> Jberg88, which none
<RoAkSoAx> one
<jber1> invoke-rc.d: syntax error: missing required parameter
<RoAkSoAx> Jberg88, sudo invoke-rc.d --force mysql-server start
<jber1> invoke-rc.d: unknown initscript, /etc/init.d/mysql-server not found.
<RoAkSoAx> Jberg88, sudo invoke-rc.d --force mysql start then :P
<Jberg88> yeah sorry i figured that a little too late
<jber1> invoke-rc.d: initscript mysql, action "start" failed
<Jberg88> if there is nothing else you can think of I'll just do a complete reinstall tomorrow
<RoAkSoAx> Jberg88, sorry i wasn't able to help ya
<Jberg88> RoAkSoAx: you helped me a lot! thank you
<Jberg88> I am going to sleep now I spent a lot of time on these computers good night :-p
<jber1> thanks again hehe
<AnRkey> why would my 8.04 server take nearly a minute to authenticate my password when i login?
<InsomniaCity> AnRkey: I had that on a fedora box with a dying hard drive, there was a bad sector where auth.log was being stored
<InsomniaCity> (so the login was successful, but it didn't run my shell until it finished writing the log entry, which meaned waiting for the drive to timeout)
<AnRkey> crap it's my ebox trying to integrate ldap
<AnRkey> it eventually authenticates from the unix account
<AnRkey> InsomniaCity, i have had some strange hdd problems before too
<AnRkey> about three months ago i had a server that was making me lose hair
<AnRkey> it turned out that the one drive had a fault and only the seagate tools would show it
<AnRkey> InsomniaCity, i find the fedora # very unhelpful and rude sometimes
 * _delcoyote hi
<n6rej> I can't figiure out why /tmp says its full :(
<XpoMa> hi. When I type df -a it tells me df: `none`: No such file or directory. Any thoughts on this one plaesE?
<dstagg> Question Please: I have modified the control-alt-delete file to prevent that and it logs to syslog but it doesn't display the message to the console. How do I make that happen?
<dstagg> the logger man page says : -s but it doesn't see to work!
<lamont> ScottK: I'm looking at debian bug 311812 and wondering if I care enough anymore...  if I just stop chrooting postfix by default, then I can close that bug...
<uvirtbot> Debian bug 311812 in postfix "postfix: syslog reconnection" [Grave,Open] http://bugs.debian.org/311812
<lamont> and ubuntu we can fix the syslog daemon, and postfix can stay chrooted
<lamont> thoughts?
<lamont> now that's just funny
<lamont> ScottK-laptop: you have scrollback there, or shall I paste you the last 4 lines before you joined?
<ScottK-laptop> Please paste it.
<ScottK-laptop> Scrollback is at home and I'm not.
<lamont> ScottK-laptop: and here is fine for the continuing discussion
<ScottK-laptop> Thanks.
<ScottK-laptop> There's always file a serious bug on syslog for not providing the right API and make that bug block yours.
<lamont> given that debian isn't going to fix syslog to do what I need for the postfix fix, I'm inclined to just make that a slightly larger ubuntu-fork
<ScottK-laptop> That or play chicken and dare them to remove it from Testing.
<ScottK-laptop> You could unchroot it in Debian and then I could file a grave bug about security regression from Etch?
<lamont> that'd be debian bug 462739
<uvirtbot> Debian bug 462739 in inetutils-syslogd "postfix: syslog reconnection" [Grave,Fixed] http://bugs.debian.org/462739
<lamont> heh.  which is closed
<lamont> OTOH, syslogd comes from sysklogd on my system
<lamont> ScottK-laptop: yeah, that was my thinking (regression from etch)
<ScottK-laptop> There was some discussion about switching the default syslog for Lenny.
<lamont> I'll fix postfix to deliver the hook file, and then file a bug against sysklogd for not doing things right.
<ScottK-laptop> I don't recall how it came out
<lamont> (for the new definition of "right" :)
<ScottK-laptop> lamont: Sounds like a plan.
<lamont> ok.  plan for the evening is complete. :)
<lamont> any other postfix bugs you want to see dead in lenny?  the current 2.5.2-2 upload is nothing but debconf translations atm
<ScottK-laptop> So I just spent 5 hours driving to Pittsburgh, PA to deliver my wifew and 3 daughters to a baby shower with the promise of no men allowed, go have fun while we're there.
<lamont> lol
<lamont> feel free to dump here or /query for several hours - I'll poke you when I get permission to be online again.
<ScottK-laptop> I'm just getting settled in with my free WiFi at Panera Bread when I get a call that there's a separate party for the men that I have to go to.
<ScottK-laptop> Ugh.
<lamont> LOL
<ScottK-laptop> I should be back home before I get online again.
<lamont> "have to" is a bit of a strong term..
<ScottK-laptop> Yes, but only a bit.
<lamont> and what if any choice have we made about sysklogd vs inetutils-syslog for intrepid, I wonder?
<lamont> and afk.  enjoy the party
<ScottK-laptop> I doubt we've thought about it.
<ScottK-laptop> I got a few minutes grace to finish my sandwich before I must depart.
<Mater_TuX> hi, hola
<slimjim8094> sup guys - ddns update question
<slimjim8094> i want my dhcp-server (or the dhcp-client) to be allowed/instructed to update my bind9 dns server
<slimjim8094> it's not working - the names aren't there, but there's no error
<slimjim8094> any ideas?
<Konam> is there an easy way to add information and directories to a LDAP server?
<Konam> I was looking for a graphical client to do that but haven't found any
<\sh> Konam: apache directory studio
<\sh> Konam: embedded as eclipse plugin or standalone
<\sh> Konam: http://directory.apache.org/studio/
<Konam> \sh thanks :)
<\sh> Konam: welcome
<Konam> \sh but are there people that memorize all that comes with the LDAP server? I mean, the Apache Directory Studio isn't the standard or anything (AFAIK) for LDAP clients...
<XpoMa> hi. I've got an ubuntu server and several domains with pointed to it (reverse also). Any info on how can I make some vhosts please?
<Konam> \sh but are there people that memorize all that comes with the LDAP server? I mean, the Apache Directory Studio isn't the standard or anything (AFAIK) for LDAP clients...
<emgent> heya
<XpoMa> hi. I've got an ubuntu server and several domains with pointed to it (reverse also). Any info on how can I make some vhosts please?
<nijaba> XpoMa: what server?  Apache?
<XpoMa> nijaba: yeah, Apache. but the questions is not about apache virtual hosts, but about IRC virtual hosts
<slimjim8094__> sure - gimme a min
<slimjim8094__> apache?
<nijaba> XpoMa: for irc, I'm afraid I have no clue
<XpoMa> neither do I :)
<XpoMa> Apache is easy
<slimjim8094__> oh
<slimjim8094__> never mind then... :P
<XpoMa> thanks anyway :)
<nijaba> XpoMa: in fact I do not think irc support any "host" header on connection, so I do not see how itwould to vhosts
<slimjim8094> hey guys - got a question about ddns-updates (bind9 and dhcp-server)
<slimjim8094> anybody know anything about that?
<XpoMa> nijaba: when if you have a reverse DNS set up, after you connect to the IRC, your host will appear like user@the-reversed-domain.com
<sploozer> I'm having some major issues with BIND....i can't nslookup anything for my local DNS server
<sploozer> iptables is turned off and named is running
<sploozer> and named is listening on 53
<sploozer> i 've got two boxes and i tried to repro it on the other which it is working and i could but that setting that I adjusted is there on the problem box so I don't believe thats the issue
<sploozer> nslookup : connection timed out unable to contact the server
#ubuntu-server 2008-06-08
<Jberg88> Hey guys I just installed a 7.10 server because i couldn't download and install the 8.04 one. is it safe if i upgrade to 8.04
<Jberg88> hello?
<ergyJB> damn
<unewbie> anybody installed liferay-glassfish-501?
<babolat> can anyone recommend their preferred mail servers?
<unewbie> !liferay
<ubottu> Factoid liferay not found
<InsomniaCity> unewbie: you might want to check out #glassfish ?
<FuRom> Is anyone here familiar with how to configure eruby? I'm having issues with the load feature. It has a security thing that wont allow users to include each other's files, and it's problematic, because I'm creating my files as "samuel", so the owner is "samuel", while apache uses the user "www-data".
 * delcoyote hi
<ScottK> lamont: I'm tossing you the last commet in Bug 81242.  I've no idea if he's right, but I think it'd be worth looking into.  That'd be a really good bug to solve if we can.
<uvirtbot> Launchpad bug 81242 in postfix "postfix-ldap is linked against gnuTLS" [Medium,Incomplete] https://launchpad.net/bugs/81242
<ScottK> commet/comment
<\sh> it's da sunday...and european championship ;)
<seldom123456> hi everyone
<keymoo> hi, i'm copying files from a single disk (436Gb of data) to a LVM, size (531Gb). when i copy all the files from the source, the LVM fills up - do you know why this might be?
<keymoo> a little more detail here: http://ubuntuforums.org/showpost.php?p=5141756&postcount=9
<nijaba> keymoo: that must be due to varying block sizes.  If you have a lot of small files, they will each use at least one block of actual space on your destination volume, thus "wasting" the difference between the block size and the actual data in the file.
<Bhavesh> setup: Dual PIII, 1GB memory, promise FastTrak lite raid card, with 20G WD identical drive in mirror mode, without raid disk, operating system installed on a seperate 40G drive, when i boot without raid drive it works fine, with raid, i get kernel panic as it is booting up
<keymoo> thanks nijaba how do i check the block sizes on each filesystem? if i make the filesystems the same with the same block size it should work right? i'm amazed at the 100Gb difference though
<nijaba> keymoo: it depends on the file system type. for ext: sudo dumpe2fs /dev/ccc | grep "Block size"
<nijaba> replace ccc by the device you want to check
<keymoo> my filesystem is reiserfs - i notice that LVM has an allocation block size of 4MB - do you know what that is?
<nijaba> sorry, not from the top of my head, but I sure it is quite well documented somewhere
 * popey hugs soren 
<popey> how is it that I only just discovered ubuntu-vm-builder?
 * popey climbs out from under a rock
<Jessica> Hey folks, can anyone offer any tips for getting acpi to shut down my display on server?  I'm not running any desktop
<Jessica> i've loaded the os on to an old laptop.  after timeout, the display goes blank, but the backlight remains on.
<industrialbs> Hey errr I have a question
<InsomniaCity> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<industrialbs> Can I enable a GUI for the server edition
<industrialbs> or at the very least how do I enable Open SSh and FTP I screwed up installing and didn't select it.
<Deeps> apt-get install ssh
<Deeps> to install ssh
<Jessica> Hey folks, can anyone offer any tips for getting acpi to shut down my display on server?  I'm not running any desktop
<Deeps> Jessica: i've never managed it without having X running, lemme know if you work it out though
<Jessica> ugh.  does x have to be running, or just installed?
<Jessica> and are you running gnome or kde?
<Deeps> running, and neither
<Jessica> ok
<Jessica> thx
<Deeps> at the time, i was running a fairly minimal window manager as the gui was only used for playback of media controlled from remote
<Deeps> industrialbs: also look at tasksel --list-tasks (and tasksel -h for how it works) if there were any other tasks you may have wanted installed
<Deeps> industrialbs: as for ftp, apt-cache search ftp and take your pick for which you want to install
<stickystyle> Humm, I don't have any bits of X on my servers, yet the display is always off when I go into the server room so i just hit enter to wake it up.
<Jessica> thx deeps.  I'll get it a go.  i'll bb after to let you know.
<industrialbs> Deeps: Thank you.
#ubuntu-server 2009-06-01
<superfirelord42> :) wizardslovak, better than what i am going threw...
<superfirelord42> *through
<genii> storrgie: md0_d0p1 will be for instance disk0 of the array, partition1 within that disk
<superfirelord42> genii, so far irqpoll is the only thing that has shown results, except for the crashing issue, should i try manually setting the irqs?
<superfirelord42> in the BIOS
<storrgie> genii: I have never had it do this before, I can create the array just fine but when I restart I get a bunch of silly md devices
<genii> superfirelord42: Some bios have PNP on/off settings. (sometimes they have PNP types like win98 win2000 , etc as well) When PNP is set off, usually it then specifically will set IRQs for all attached devices
<superfirelord42> Hmm, PNP, i will take a look. i didnt see it a bit ago, but i sorta rushed through it
<storrgie> genii: any idea?
<poseidon> Anyone know how I could install a driver for the d-link dwa-130 wireless usb card?
<genii> storrgie: If result of: mount          just shows md0 mounted where you wanted it, don't worry about the component devices
<superfirelord42> genii, didnt see that option, saw an IRQ routing option for PCI, currently set to smart, other option is fixed. disabled IRQ sharing on slot 4 which was being shared with the card on 5, booting now
<storrgie> noo
<storrgie> the array wont even initialize when I reboot
<storrgie> it tries to mount the array to another device and fails
<storrgie> its a 5x1tb array
<storrgie> it will grab 1 or two of the drives and then fail
<genii> storrgie: Were these disks previously in a *BSD box?
<storrgie> so I am dd'ing all the drives to zero
<storrgie> nope
<storrgie> but dding is taking forever
<genii> storrgie: I usually use fdisk to set the partition type to raid autodetect
<storrgie> never heard of that...
<storrgie> I usually just make a each drive have a ext partition then add them to the array
<storrgie> im dding them to zero to see if i can erase the superblock
<arrrghhh> anyone use ebox?  it's only looking at / and /home... i'd like it to look at other devices!
<superfirelord42> anyone know how to tell the kernel not to mess with ata devices? when irqpoll tries to detect ata, it causes a kernel panic...
<storrgie> genii: any idea on chunk size? its a 5tb array
<storrgie> i was thinking 128
<storrgie> i know 64 is default
<genii> storrgie: I usually make the chunks same as block sizes
<storrgie> how can I check the block sizes?
<genii> storrgie: I usually take the line like: Units = cylinders of 16065 * 512 = 8225280 bytes       from result of : sudo fdisk -l       and use that. So 512 in this case
<storrgie> I hear the rule of thumb is big I/0 = small chunk sizes
<storrgie> this is a fileserver with files ranging from 4m to 10GiB
<Alex_21> Hi, all,
<Alex_21> How do you mount an HD that is HFS+
<Alex_21> ?
<Alex_21> Please
<Alex_21> How do you mount a FW drive that doesn't show up in /Media/
<Alex_21> ?
<genii> Alex_21: packages hfsplus, hfsprogs, and hfsutils need to be installed. You will also need the hfs kernel module loaded. For regular hfs, the module is named hfs. For hfs+ the module is named hfsplus. To load the module use: sudo modprobe hfsplus    ..if the modulename is put in /etc/modules then the system should be able to auto-mount the drive after next boot.
<genii> Alex_21: For write access to HFS+ drives, journalling for it needs to be turned off from within MacOS
<Alex_21> Oh No.
<Alex_21> I'll just replace the drive for now
<Alex_21> I need to recover data from it
<pygmalion> \leave
<arrrghhh> anyone use funambol on ubuntu-server?
<superfirelord42> genii, just fyi, i gave up on the box, to much time, we are going to use it for parts, we believe a raid channel has an issue anyways. thanks for your help.
<genii> superfirelord42: No problem. Sorry to hear it's too much a pain in the a** to bother with now though
<Alex_21> Hi,
<Alex_21> What do you recomend for a production server as far as drive setup?
<Alex_21> Please
<genii> raid1 for boot, raid5 for data
<genii> Although others will likely have other preferences
<arrrghhh> Alex_21, it really depends on what you need to achieve.  raid5 so you can swap disks
<Alex_21> But my only problem is that I can't do that because I need To continually add drives. Or can I?
<arrrghhh> i think you can.  you may have to build another array, i'm not certain.
<arrrghhh> there's raid6, but that just allows for 2 disk removals w/o breaking the array.
<Alex_21> I wanted to use LVM. Is this recomended?
<Alex_21> I'll try to explain. I have a production server that has hourly backups to a low-power server using RSnapshot. What is recomended for a system where disks are constantly added
<Alex_21> ?
<Alex_21> Please
<arrrghhh> raid1 would probably be the easiest in terms of adding disks.  1 disk just clones to another.
<arrrghhh> but you have to break the array to replace a disk
<arrrghhh> Alex_21, i think you would be able to add disks to either, but raid1 would probably be easier to add disks too.
<Alex_21> Hmmmmmmmmmm
<arrrghhh> just keep in mind you have to break the array to replace faulty disks
<Alex_21> Is LVM possible then?
<arrrghhh> i don't see why not.  unfortunately i don't have experience with that, just hardware raid.
<arrrghhh> or are you talking about using LVM to do software raid?
<Alex_21> I think I have hardware raid. I just want to be able to continually add disks.
<Alex_21> I am constantly aquiring disks. I can fit six in this box, ... but I constantly have to add and upgrade the disks
<Alex_21> Plus after six, ... the next will be FW and then USB
<Alex_21> I want to do a Hiarchy where the most used disks are fastest and the rest are slower with less used data
<arrrghhh> hrm
<arrrghhh> i dunno about putting usb/fw disks into a raid array.
<arrrghhh> just sounds like a baaaad idea.
<arrrghhh> if it's even possible.
<Alex_21> I don't care if they are in Aray on the FW/USB because there is backups of that stuff. I basically want all of them to show up as /archive/
<arrrghhh> hrm
<Alex_21> I basically have a VM that I want on the FW/USB drives. Each one is an acrive of sites. Backup Apache servers if you will
<Alex_21> I just want to be able to fix thengs when they break
<Alex_21> On another note, ... Can you use scp to copy folders? If so, ... How
<Alex_21> ?
<Alex_21> Please
<Alex_21> I need to backup a drive
<Alex_21> Never Mind
<Alex_21> I figured that one out
<Alex_21> How best to do the drives then?
<jmarsden> Alex_21: scp -pr folder user@host:/path/to/destinationfolder/
<Alex_21> Ok
<Alex_21> Thanks
<Alex_21> Does this keep the file structure?
<jmarsden> Drives?  LVM sounds like what you need to add a bunch of drives and make them one huge partition.
<Alex_21> Just curious
<jmarsden> Yes, the -r is recursive, just like cp -r is for straight copying.
<Alex_21> Ok Thanks
<jmarsden> No problem.
<Alex_21> About drives. I am just afraid of losing data. I'm told Raid is fairly safe. Idon't know if the two solutions can be combined
<jmarsden> Sounds complicated... I don't know either.  Can you just mount each drive as /archive/2008 /archive/2009 and so forth (or whatever scheme you want)?  If so maybe you can simply always create two drives for each subset of the data (/archive/2008 and /archive/2008-2 ) and then copy one to the other.  if this is an archive and the data won't be changing, you can even umount the 2008-2 drive later so noone can accidental
<jmarsden> ly delete it?  No need for lvm that way.
<Alex_21> But for the current Data, ... What is the best. Drives need to constantly be added and all I currently have for backup is a mirror using Rsnapshot
<jmarsden> "The best" might be a RAID10 array, and make new RAID10 arrays (adding 4 disks at a time) when you need more space.  How many Terabytes/month is the dataset growing by??
<jmarsden> I need to go... apparently we're going out to eat... sorry... bad timing :)
<Alex_21> No problem
<Alex_21> No idea how much it will grow by. I currently have four 320 GB drives
<arrrghhh> raid10 huh
<arrrghhh> Alex_21, this isn't so much a room for raid... wikipedia has a great article on it.  it's a good starting point for terms and what the different features, pros/cons of the different types.
<Alex_21> I'm expanding by a lot though. This is just my starter set
<Alex_21> I plan to have close to 10 TB by the end of the summer
<arrrghhh> i'd say either raid1 or raid5/6
<arrrghhh> i would imagine adding disks is possible with any, but raid1 would probably be the easiest to add disks to.
<Alex_21> But then how can I add disks as parto f the same File System?
<Alex_21> I'm not sure :(
<arrrghhh> Alex_21, i'm not sure what you mean "part of the same file system"...
<arrrghhh> you can format your drives in any file system, i'd probably recommend ext3 if it's a pure linux server/
<arrrghhh> if you want the drives to appear as one drive, then RAID would not be what you want.
<Alex_21> Ok. Then how do I get started with Raid 1? I want to continually add drive?
<arrrghhh> JBOD is what you would want, and is NOT for data redundancy.
<arrrghhh> you'd add drives in pairs Alex_21
<arrrghhh> one disk for data, the other disk has a mirrored copy for data redundancy.
<Alex_21> Can this be combined with ZFS or something to make it one big happy drive?
<Alex_21> Or LVM?
<arrrghhh> dude
<arrrghhh> one big drive = no data redundancy.
<arrrghhh> are you an admin?  what do you mean "production system"?
<Alex_21> It is a production server. I'm an admin. I'm fairly confident with web server administration. Just not Data Redundancy
<twb> There is no point using RAID1 unless you have exactly two disks.
<arrrghhh> well maybe you shouldn't be the admin of this side of things...
<twb> If you have more than two disks, RAID5 is better in every way.
<arrrghhh> yea, raid1 goes in pairs
<Alex_21> And I'm running out of ways to keep from loosing a VM or two if a drive goes
<arrrghhh> raid5 is nice as you can have a drive fail and not need to break the array.
<Alex_21> I agree I shouldn't be doing this. I'm however the only admin currently in the employ of my organization
<arrrghhh> but you must replace that drive or data corruption will occur.
<Alex_21> I have two drives but I plan to add six or so more
<arrrghhh> you can't do raid5 with 2 drives
<arrrghhh> you need at least 3.
<arrrghhh> please read the wikipedia article on raid, or something like that.  you need to do some research and LEARN about what the terms mean and advantages/disadvantages of the different types.
<twb> Alex_21: if you're going to buy another four drives, you can set up RAID5 on that quartet, then copy the data from the original two, and finally merge the original two into the new RAID5 array.
<arrrghhh> the two most commonly used are raid1 and raid5.
<arrrghhh> correct.  but with two drives you can only do raid0/1
<arrrghhh> sooooo any funambol users :D
<thierry_> hi
<arrrghhh> i can't get it to start.  the installation seems super easy, but it just won't run.
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<twb> arrrghhh: did you install it via apt?
<twb> arrrghhh: or is this one of those ridiculous cowboy PHP things?
<arrrghhh> twb, i didn't think it was in apt.  i installed it via the bin file on their website.
<arrrghhh> lmao, doesn't seem like a ridiculous cowboy php thing.  torrentflux-b4rt was that and i was able to get that working.
<thierry_> hello, I'm able to use ssh/http locally on my server but can't get it to work remotely, my iptables is empty and I'm pretty sure my port forwarding works properly
<twb> Ah, it's a dual-licensed Java thingy for blackberrys.
<giovani> thierry_: were you the one here yesterday?
<arrrghhh> blackberry's and everything else that does syncML.
<thierry_> giovani : yes :) got my server up locally but remotely is still a mess
<arrrghhh> thierry_, you need to setup firewall rules.  i use ufw, cuz it's a heckuva lot easier than iptables.
<giovani> arrrghhh: no, he doesn't
<arrrghhh> and then if it's setup in your router you're good
<arrrghhh> giovani, oh?
<giovani> he doesn't need a firewall
<arrrghhh> ok...
<giovani> his router has one, that's fine ... that's not the issue
<arrrghhh> i have ufw and a hardware firewall, so what.
<thierry_> k, so how can I find the source of my problem?
<giovani> and that's fine ... but it has nothing to do with his problem, and will only complicate things
<arrrghhh> hrm
<arrrghhh> if you say so.
<giovani> thierry_: this is a networking problem
<giovani> if you have truly cleared your firewall
<giovani> please pastebin "sudo iptables -L"
<thierry_> giovani : http://pastebin.com/d40f1e76a
<thierry_> my iptables is clean
<giovani> indeed
<thierry_> I tought it my be my router firewall stopping connections even with the port forward but I'm not sure
<giovani> that's very possible
<giovani> some firewalls suck
<giovani> I assure you that if the port is listening, and you have no local firewall, this is an external problem
<giovani> so it's either a networking issue on your LAN, or a firewall issue at your router
<giovani> or your ISP is blocking the connection
<thierry_> I checked the doc of my router and it says the firewall blocks all incoming connections from the outside but I can use a DMZ to allow the connections to one specific computer on my network (which I did) and nothing changed
<arrrghhh> you could try dmz just for troubleshooting but not recommended for extended use.
<arrrghhh> and yes, your ISP could be blocking the traffic.  who is your ISP?
<thierry_> videotron (Canada, Quebec province)
<arrrghhh> thierry_, dmz puts that machine outside of the firewall completely.  do you have a static IP on the server?
<giovani> thierry_: mind sending me the IP you're trying and isn't working (in a pm if you prefer)?
<arrrghhh> hrm, i wouldn't know.
<giovani> videotron does do some filtering
<giovani> I don't remember what, exactly
<giovani> blocking port 22 (ssh) is extremely uncommon
<thierry_> giovani : yes no problem, but it simply times out
<giovani> thierry_: ok, well let me test it out myself
<Alex_21> I think I'll do Raid 5. However, ... is their a Howto specific for a new install of Ubuntu?
<Alex_21> Hardy of course
<Alex_21> Please
<giovani> Alex_21: you'll need a minimum of 3 drives
<giovani> the install is self-explanatory, I think
<arrrghhh> Alex_21, if you do hardware raid it's independent of os.
<Alex_21> I have four
<arrrghhh> i wouldn't recommend software raid for this very reason.
<twb> Alex_21: RAID5 is a little tedious to set up in the installer, but not hard.
<giovani> there's nothing wrong with software raid, honestly
<thierry_> giovani : I'm retarted with irc, how could I open a PM?
<twb> arrrghhh: and if you use software raid it's independent of hardware!
<giovani> thierry_: depending on your client /msg giovani yourmessagehere
<Alex_21> I don't know. I think I'll do software raid
<twb> arrrghhh: which are you more likely to replace?  Linux, or your raid controller?
<arrrghhh> twb, well that's if he's just running linux... and my raid controller is onboard.
<twb> arrrghhh: that's fake raid.
<giovani> twb: hardware raid controllers have components that fail regularly ... good luck recovering that
<arrrghhh> what if he wants to run multiple oses?
<twb> arrrghhh: you should never ever use fakeraid.
<pmatulis> thierry_: i'm familiar with videotron, i know they block incoming port 80 and 25
<arrrghhh> twb, i'm not using fakeraid, thank you.
<twb> giovani: exactly, so you're looking at 2Ã$300 or so, for the spare controller.
<giovani> twb: not if it breaks the raid array when it fails
<giovani> which happens regularly
<twb> giovani: aha, yes.
<giovani> software and hardware raid each have advantages
<twb> I am very glad that we accidentally bought our last IBM with the wrong BIOS, and so went with software raid.
<Alex_21> So is there a software raid install proceedure?
<thierry_> pmatulis : no kidding? but I'm also stuck with ssh so I don't think the problem is the isp
<arrrghhh> the PERCs we run at work have been great.  the netware crap we run on top, not so much.
<thierry_> giovani : th-server.dynalias.net point to my ip
<giovani> Alex_21: yes, it's self-explanatory in the installer
<giovani> thierry_: yes, I got it
<twb> IMO the chief advantage of hardware raid is that it's faster -- so really it's only valuable for large enterprises.
<thierry_> giovani : k great, so what's your opinion?
<giovani> on modern cpus
<Alex_21> I rather not use hardware radi
<giovani> the speed difference is minor
<Alex_21> Raid
<PhotoJim> twb: s/faster/usually faster/ :)
<giovani> thierry_: give me a few minutes
<twb> giovani: exactly.
<giovani> twb: exactly, so speed is rarely a gain with hardware these days
<twb> I guess it's also useful if your server is runing w2k3 or something instead of Linux.
<Alex_21> I am still stuck here with my Alternate installer CD and no instructions
<Alex_21> Waiting, ... :(, ... Lol
<giovani> thierry_: this is very annoying ...
<twb> Alex_21: you want to install RAID now?
<giovani> your SSH port is completely accessible, and accepting connections
<twb> Alex_21: how many disks do you have *right now*?
<giovani> there is NO problem whatsoever
<Alex_21> Three that can go into the machine at this moment
<giovani> xxx@lithium:~$ ssh 96.23.224.10
<giovani> The authenticity of host '96.23.224.10 (96.23.224.10)' can't be established.
<giovani> RSA key fingerprint is 7c:01:c0:d6:50:f4:23:70:7a:1e:bc:88:ca:bf:ec:44.
<twb> Alex_21: are they all the same size?
<giovani> thierry_: there's nothing wrong, so I'm not sure what you're complaining about
<giovani> your port 80 is being filtered, this is typical with residential ISPs
<Alex_21> Which ISP
<twb> arrrghhh: actually, you can make a RAID5 with two drives initially -- you just make it with zero parity disks (i.e. start in a degraded state) :-)
<giovani> videotron
<Alex_21> I think they are all 320 GB
<thierry_> giovani : mmm wait, does trying so ssh th-server.dynalis.net from my local network could be the problem?
<arrrghhh> twb, lol well then you really aren't getting raid5 are you?
<giovani> thierry_: of course ...
<giovani> your local network doesn't use an internet IP
<giovani> and that DNS name resolves to an internet IP
<arrrghhh> thierry_, lol how could you have remote problems if you're not testing it remotely?
<giovani> sigh
 * arrrghhh facepalms
<giovani> people should not be running servers who haven't gone through networking 101
<twb> Alex_21: are you installing with the ubuntu server CD?
<Alex_21> Well, ... I have two ready to go in the machine. I can install a third if need be but I rather not.
<arrrghhh> pretty much.
<thierry_> giovani : OMG I'm so sorry to have bugged you, I tought ssh-ing to the thw web adress was the same as remotely
<giovani> thierry_: no, your router likely doesn't handle looped connections like that
<giovani> thierry_: if you want to rest remote connections, you'll have to be remote ... as in ... not internal
<Alex_21> I have the problem that I noticed that one of my SATA cables is missing
<giovani> if you want to test internal connections, use the server's LAN IP
<thierry_> giovani : wow, probably the most stupid problem I ever had
<giovani> thierry_: however, as I said, your web server on port 80 IS being blocked by your ISP
<giovani> so you'll have to move it to another port
<arrrghhh> hrm i can ssh from a machine on my local network to my externally reachable dyndns address... were you trying to ssh from the local machine back into the local computer?
<Alex_21> So I have two drives. I plan to expand to ten or eight. However, ... I think the other six or four will be 1.5 TB
<giovani> arrrghhh: your router handles looped connections
<giovani> arrrghhh: many do not
<arrrghhh> fancy
<thierry_> giovani : k, while reading for my problem I've encountered doc on that so I should be able to do it :)
<twb> Alex_21: you don't really want to have ten or eight drives in one machine.
<twb> Alex_21: apart from anything else, you'll have airflow issues.
<arrrghhh> Alex_21, unless you have the freakin room sheesh.
<Alex_21> Why?
<giovani> arrrghhh: the solution to this is to run an internal dns server where you resolve that same address to an internal ip
<arrrghhh> giovani, meh
<giovani> so that when you're external, it resolves to the external ip, and when you're internal, it resolves to the internal ip
<twb> Alex_21: RAID5 requires all disks in the array to be the same size; extra size in some drives will just be thrown away.
<giovani> most companies do this
<thierry_> anyway I'm off to bed thanks for all the all and patience
<Alex_21> Ok.
<arrrghhh> Alex_21, and i told you, putting the usb/firewire drives into the array, if even possible just seems like a bad idea.
<Alex_21> I won't put FW and USB. That is seperate
<arrrghhh> giovani, yea, i think we do.  we have a proxy server tho, it bypasses local stuff.
<giovani> arrrghhh: what do you mean it bypasses local stuff?
<Alex_21> I have six bays. I'm going to try and add at least two drives
<Alex_21> I mean two more bays
<giovani> your proxy server is not likely to proxy ssh connections ...
<arrrghhh> giovani, the proxy is bypasses if the site is local... nvm doesn't really matter anyways.
<twb> It is possible to put external drives into an array.  It is extremely nightmarish.
<arrrghhh> twb, wow.  yea, just sounds like a horrible idea.
<Alex_21> What should I do with my server?
<Alex_21> I am going to need to be able to run all my virtual machines off this space
<twb> Alex_21: OK, if you plan to end up with â¥3 drives (of identical size), you should put three in and do a RAID5 install using the ubuntu server CD.
<Alex_21> How should I partition it
<Alex_21> How about two drives.
<Alex_21> I need to get the machine back online by midnight and I'm missing a SATA jumper
<arrrghhh> lmao
<twb> You could make a RAID1 now, and then later buy four 1.5TiB drives and replace the RAID1 with a RAID5 of those new four drives.
<twb> That is probably what I'd do if I didn't need the space up-front.
<Alex_21> Ok. How do I do a Raid 1?
<twb> Alex_21: in all cases, go through the server install until you get to the partitioner.  Then we'll talk.
<Alex_21> Ok. I'm there
<giovani> arrrghhh: you mean YOU bypass the proxy if the destination is local ... of course, why would you proxy internal connections?
<giovani> the proxy doesn't bypass :)
<Alex_21> Virtually anyways
<twb> Alex_21: OK, now decide if you're making a RAID1 or RAID5.
<giovani> heh
<twb> Alex_21: btw, it's easier for me to pay attention if you preface remarks to me with "twb: ".
<Alex_21> I guess Raid 1 for now
<Alex_21> I'll upgrade later when I get the TB drives
<twb> Alex_21: OK, choose "manually partition", then select each drive and choose to create a new partition table.
<Alex_21> I may just get six or eight TB drives and replace all the 320 GB drives
<Alex_21> Ok
<Alex_21> I have
<Alex_21> Virtually
<twb> Alex_21: then, create a single partition on each, the whole size of the disk.  Choose "use as RAID volume".
<Alex_21> Ok.
<Alex_21> Next
<Alex_21> Please
<twb> Now at the top of the partition screen, is "configure raid".
<Alex_21> Which screen?
<twb> The one where you see the partitions of all drives listed.
<Alex_21> The main one that says to Guided use entire disk, ... ETC?
<Alex_21> Ok.
<twb> No, we have already passed that to choose "manually partition"
<Alex_21> I virtually clicked that
<twb> Pick "configure RAID", then choose to create a RAID array, level 1, 2 disks, 0 parity disks.
<Alex_21> Ok.
<Alex_21> Then what?
<twb> Then select the two partitions you just created and click next.
<Alex_21> What about Boot?
<twb> Alex_21: it's a RAID1, so you don't need a separate /boot.
<Alex_21> How do you select two?
<twb> They'll be check boxes.
<Alex_21> Ok.
<Alex_21> then what?
<twb> OK, then you'll be taken back to the main screen, and there's be a new partition listed.
<twb> Select it, and choose "use as LVM physical volume".
<Alex_21> Ok.
<Alex_21> Then what?
<twb> Then again back to the main screen, and choose "configure LVM" at the top of the screen.
<twb> Create an LVM volume group using the one physical volume.
<twb> Then create logical volumes for root, swap, and anything else you want (e.g. a separate /home and /srv).
<Alex_21> Then what?
<twb> Finally, go back to the main screen and you will see these logical volumes listed like partitions.  Make each one ext3 (except for swap), and choose where to mount them.
<Alex_21> Ok.
<Alex_21> That is it?
<twb> That's it.
<Alex_21> Thanks a million
<twb> You should also grab a copy of the install guide while you're at it, as it covers a lot of this.
<Alex_21> Where?
<twb> I dunno, on Ubuntu's website somewhere.
<Alex_21> Thanks for all the help
<Alex_21> Good night
<genii> !ssh
<ubottu> SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSHHowto for client usage. Putty is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. For setting up the SSH server, please see: https://help.ubuntu.com/9.04/serverguide/C/openssh-server.html . Advanced SSH uses: https://help.ubuntu.com/community/SSH/OpenSSH/Advanced . See also !scp (Secure CoPy)
<twb> Why isn't there an ubuntu-server metapackage?
<ScottK> It's done through tasksel, IIRC.
<twb> Any particular reason it's different from ubuntu-standard and friends?
<twb> I guess a "base" server basically *is* just ubuntu-standard...
<ScottK> Because of that number of options, also.
<oh_noes> I just addded "local1.info    /var/log/out.log" (with a tab) to my syslog.conf -- but it's not working
<oh_noes> logger -p local1.info test
<oh_noes> am I doing something wrong?  I CAN however see it go into the default /var/log/syslog
<twb> Maybe you have to restart syslog?
<twb> Are you using syslogd, or rsyslog?
<oh_noes> Yep, no luck
<oh_noes> syslog-ng
<twb> syslog-ng doesn't read syslog.conf
<twb> But I'd recommend rsyslog over it, because it has been adopted by Debian.
<oh_noes> hrmm, your right.  Weird that I have syslog-ng actively running, but /etc/syslog.conf
<twb> oh_noes: that would be because something like base-files fucked up
<twb> Or because sysklogd is still configured, though not installed.
<twb> i.e. you removed it instead of purging it.
<oh_noes> ta
<oh_noes> why would I have a /etc/init.d/syslog-ng script, even though apt-get remove syslog-ng stays its not installed?
<rags> any one know how I can check the amout of data trnsfered through ssh? I am using Unison to sync data between two machines. Unisons doesn't provide any switch for tht.
<jmarsden> rags: I think unison logs statistics like that if you give it the -log and -logfile options??
<jmarsden> I've not used it for a while, but... I *think* unison can be made to tell you how much work it did :)
<rags> jmarsden: ya I do have a log file, but no data tranfer info..:(. It just gives the list of coflicts and the files trnsfered.
<jmarsden> Then there's a another switch that adds them to that log... let me look for it... did you read /usr/share/doc/unison/unison-manual.txt.gz for info about this?
<rags> I just raed the online manual...although my version is older.
<rags> I have just used teh logfile switch...not -log...should I use both..-log as well as -logfile?
<rags> maybe tht would make a diff...but I think -log is implicit when I mention -logfile
<jmarsden> Wouldn't hurt to try both.  Also you could try debug, although that might get you too much info :)
<rags> ya...I'll try them...thx.
<jmarsden> No problem.  You can try adding -v or -vv or -vvv to the ssh command too, but I think getting unison to tell you the info is better if you can do it :)
<twb> rsync, at least, has summary options.
<twb> But obviously unison/rsync won't include the ssh overhead.
<twb> Any idea why 9.04, unlike 8.04, tries to read /proc/modules repeatedly when creating a ramdisk?
<twb> I'm inside a chroot; there is no /proc.
<twb> I wish Ubuntu would stop shipping CDs with broken /vmlinuz and /initrd.img symlinks in the squashfs.
<twb> WTF is vmcoreinfo-2.6.28-11-generic
<twb> Hmm, apparently no kernel in there.
<bubba> good evening fellow. I need help in setting up a virtual host. any one?
<bubba> anybody out here?
<twb> bubba: no
<bubba> i c
<bubba> how do you change channels?
<twb> I am busy trying to get JEDGAR to accept my mail-order anthrax business.
<twb> bubba: /join #foo
<bubba> how?
<subchee> hello everybody
<dazman> Hi
 * dazman is in and out at the moment
<sczgilae> hello everybody
<sczgilae> i have an installation with LDAP configured. Now im configuring the users profile. i want to configure the "K" panel to all users and lock the desktop, but i dont know where is the file to configure that. anoybody knows?
<sczgilae> anybody?
<genii> sczgilae: Since this is also a KDE question you may want to enquire in #kde
<sczgilae> genii: thanks
<BrixSat> hello ;:)
<sczgilae> hi
<BrixSat> is there any torrent client with web interface?
<sczgilae> utorrent?
<BrixSat> i dont have gui
<BrixSat> it need to be shell
<BrixSat> rtorrent ;d
<SuperRoach> I've got a vps setup remotely with ubuntu server 8. When I ssh in as root, ls shows all area's as empty. Is that normal behaviour? I was expecting to see at least the var and www folders.
<mdz> kirkland: your related_packages call picks up ikvm, which (afaik) is unrelated to kvm
<mdz> and libikvm-native
<mdz> kirkland: kvm* rather than *kvm* might give you what you want with less noise
<mathiaz> jdstrand: what's the state of auth-client-config?
<mathiaz> jdstrand: is it still maintained and should its usage be pushed/recommended?
<jdstrand> mathiaz: I do maintain it, but I am not actively developing it
<jdstrand> (it does what it needs to for those who want it)
<mathiaz> jdstrand: IIRC you've added support for the new pam-auth-update that landed in interpid
<jdstrand> mathiaz: generally, people should be using pam-auth-update, and when that doesn't work, can consider auth-client-config
<jdstrand> mathiaz: I did not add support-- I made sure to get out of pam-auth-update's way
<mathiaz> jdstrand: ok - however pam-auth-update only deals with the pam stack
<mathiaz> jdstrand: the nss stack still needs to be taken care of separately.
<jdstrand> mathiaz: that is correct. slangasek mentioned at one point that he might do something similar with nss, but I don't know the status of that
<jdstrand> the last I talked to him about it was UDS for Jaunty, and IIRC, you were present
<mathiaz> jdstrand: ok.
<mathiaz> jdstrand: considering that configuration a system to leverage a directory requires both modification to pam and nss I'm considering using auth-client-config
 * jdstrand nods
<mathiaz> jdstrand: *configuring* a system
<mathiaz> jdstrand: ok - so dropping profiles in /etc/auth-client-config/profiles.d/ and then using auth-client-config is the best option for karmic
<jdstrand> I can't speak to the 'best option' part, but it will work
<kirkland> mdz: k
<mdz> kirkland: not a big deal, just a suggestion to keep it clean and readable
<kirkland> mdz: right, thanks
<Max007> Is there something special to configure bind9 as a caching dns server ?
<applex> helo
<kirkland> mdz: fix uploaded to karmic, cheers
<RoAkSoAx> ttx, ping
<zoopster> Max007: no...a standard bind install is caching - just need to setup forwarders
<Max007> zoopster: should I use the root servers or forwarders ? Which is quicker ?
<zoopster> Max007: never use them as forwarders...use your local isp's servers
<Max007> zoopster: i dont use them as forwarder... bind uses them by default
<zoopster> Max007: not sure who "them" is, but a forwarder is who you pass requests to initially...it should NEVER be direct to root servers
<Max007> Max007: by default, bind uses root servers (them
<Max007> Max007: by default, bind uses root servers (them) to resolve. There's no forwarders. Should I keep it that way or use ISP dns as forwarder ?
<jmedina> Max007: dont use root servers, they are a few, if you can use your ISP, or opends,.org
<zoopster> Max007: forwarders by default are blank afaik, use a local ISP or opendns as jmedina mentions...you want your initial forward to be as close as possible to you or you will notice slowness in browsing
<Max007> okay
<Max007> thanks
<sczgilae> i have an installation with LDAP configured. Now im configuring the users profile. i want to configure the "K" panel to all users and lock the desktop, but i dont know where is the file to configure that
<jmedina> sczgilae: have you look at kde kiosk?
<sczgilae> what's that?
<sczgilae> jmedina: could you help me compaÃ±ero?
<jmedina> sczgilae: I thinks this questions go in #kde channel
<jmedina> this is server channel
<TJ`> hey guys im wondering if anyone can help me out with pptpd
<TJ`> basically ive installed and it connects fine and registers on the network ok too
<TJ`> only thing is it disconnects when i try to request a web page on the same server? (apache + pptpd are on the same box)
<TJ`> any idea why?
<TJ`> anyone?
<uvirtbot> New bug: #377555 in mysql-dfsg-5.0 (main) "MySQL lacks IPv6 support" [Wishlist,Confirmed] https://launchpad.net/bugs/377555
<phoenixz> I need to know the *name* of a process that every now and then is changing a file.. How can I monitor that file to get that process name?I need to know the *name* of a process that every now and then is changing a file.. How can I monitor that file to get that process name?
<sczgilae> phoenixz maybe if you install "iotop" can you see
<phoenixz> sczgilae: well, the change is very quick.. a rewrite actually.. the file is a small config file and is copied over.. I need to know what process does this..
<simplexio> phoenixz: fuser could be one you are looing for
<BrixSat> any one here uses rtorrent?
<phaidros> BrixSat: I used to
<giovani|work> BrixSat: yes
<BrixSat> [phaidros]: why dont you use anymoere?
<BrixSat> im having problems setting it up :S
<giovani|work> be more specific
<giovani|work> BrixSat: did you use the ubuntu package, first of all?
<phaidros> not doing torrent on server anymore, took it back on dektop, hm, doing not much torrent lately
<BrixSat> giovani|work:yes
<giovani|work> BrixSat: then be specific about "having problems setting it up"
<BrixSat> apt-get install rtorrent
<BrixSat> i wanted to use wtorrent (web interface for rtorrent)
<BrixSat> but i cant connect booth
<giovani|work> ok, wtorrent is not "setting up rtorrent" though
<giovani|work> is rtorrent functioning on its own?
<giovani|work> it needs to be functioning before you add other things on
<BrixSat> it runs
<giovani|work> ok, so there is no problem with rtorrent?
<giovani|work> contrary to what you said initially
<BrixSat> but the directive scgi_port = localhost:5000 is not making efect on rtorrent.rc
<BrixSat> that is why i say the problem is in rtorrent
<giovani|work> consult #rtorrent
<BrixSat> i never knew the had a channel
<giovani|work> rtorrent is functioning properly in the ubuntu sense -- it sounds like you need help on a specific wtorrent configuration
<giovani|work> the vast majority of open source projects do ...
<BrixSat> :D
<hollman> hello all, i have a problem trying to update my Ubuntu Server
<hollman> http://ubuntu.pastebin.com/m64f3ce88
<hollman> someone can help me ?
<phaidros> hollman: that's a sources.list, I can see no problem with it
<zoopster> hollman: what is the question/problem?
<hollman> phaidros, zoopster excuseme
<hollman> http://ubuntu.pastebin.com/m7c82f2d0
<jbernard__> kirkland: have you seen the recent dpkg-divert error in byobu?
<jbernard__>  http://ubuntu.pastebin.com/d70298c9a
<hollman> phaidros, zoopster any idea ?
<zoopster> hollman: in spanish? looks like an invalid request?
<hollman> yes in spanish, im Colombian :P
<uvirtbot> New bug: #382501 in samba (main) "CIFS File Transfer from Ubuntu to Windows Share results in 0 Bytes File ! The File is LOST" [Undecided,New] https://launchpad.net/bugs/382501
<kirkland> jbernard__: ?
<kirkland> jbernard__: what error is that?
<RoAkSoAx> kirkland, I have a quick question :) that i'm sure you can help me with. I'm merging openvpn. Should I drop lsb-base from debian/control if debian has dropped it too?? Or it needs to be there to support status_of_proc()
<jbernard__> kirkland:  http://ubuntu.pastebin.com/d70298c9a
<kirkland> RoAkSoAx: probably the latter
<kirkland> jbernard__: i'm on it
<jbernard__> kirkland: awesome, quick fix? or shall i file a bug?
<RoAkSoAx> kirkland, cool thanks :)
<kirkland> jbernard__: already there
<kirkland> Bug 382462
<uvirtbot> Launchpad bug 382462 in byobu "byobu 2.6 fails to install" [Undecided,Confirmed] https://launchpad.net/bugs/382462
<darkpixel> hi there, im looking for a php-based webmail but i need the users to logging in without a email account, i need to have users, like user1, pass user1, and once logged in they would access to a preconfigured email account. Is there something like this out there?
<kirkland> jbernard__: okay, i just uploaded a fix
<kirkland> jbernard__: could you test byobu-2.7 when its available?
<kirkland> jbernard__: ie, when the build completes?
<kirkland> jbernard__: btw, had a good discussion at uds about update-motd and inotify
<kirkland> jbernard__: keybuk is adding inotify watch capability to upstart very soon
<kirkland> jbernard__: we'll use that as soon as he finishes it
<kirkland> jbernard__: then we won't have to deal with MIR'ing one of the inotify daemons
<kirkland> jbernard__: and we won't need an init script;  just a config file that upstart would process
<W8TAH> can ubuntu server boot from an LVM partition?
<giovani|work> W8TAH: I haven't tested -- I presume not
<giovani|work> that's a (relatively) modern feature of grub
<jbernard__> kirkland: im on it
<jbernard__> kirkland: update went smooth, no failures
<jbernard__> kirkland: for byobu, all looks well
<W8TAH> ok - thanks - i ended up going with an ext3 boot partition and / on a raid 5
<giovani|work> W8TAH: ext2 for /boot, sir
<giovani|work> journaling is a waste of space on /boot
<giovani|work> W8TAH: just fyi, 9.04 worked fine with an LVM /boot
<giovani|work> I guess 9.04 went to lilo without me realizing?
<[DeViL_KiLLs]> Hello ! i need some file from ubuntu 9.04 /desktop edition/ apache /etc/apache2/sites-enabled/default
<[DeViL_KiLLs]> Please help me
#ubuntu-server 2009-06-02
<[DeViL_KiLLs]> exit
<MianoSM> ?
<MianoSM> you need the file sites-enabled/default?
<Clusty> hey
<Clusty> i installed my new ubuntu and was foolish enough to enable encrypted home dirs
<Clusty> any way I can disable it somehow?
<MagicFab> Clusty, assuming you have a backup, yadda yadda... rm ~/.encryptfs
<Clusty> MagicFab: I don;t care of what's inside the home. the problem is that this stupid mechanism blocks ssh authentication by keys
<Clusty> will try now :D
<Clusty> fingers crossed :D
<MagicFab> Clusty, and you're very welcome!
<Gorfy00> hello!
<Gorfy00> please help: ubuntu 9.4 (jaunty). When creating a samba share from this PC, another PC (same distro) receives "Unable to mount location, failed to receive share list from server". Cause?
<Clusty> MagicFab: does not work
<Clusty> MagicFab: the encryptedfs thing gets regenerated
<uvirtbot> New bug: #382601 in php5 (main) "php5 does not build" [Undecided,New] https://launchpad.net/bugs/382601
<jmarsden> Clusty, there is a way to have encrypted home dir and SSH working... I think info is on Dustin Kirkland's blog??
<jmarsden> Oh, he's gone... never mind :)
<oh_noes> Has the next LTS server version had a date/version set?
<kirkland> jmarsden: not really
<kirkland> jmarsden: well, i mean yes, it works, but you have to use password authentication
<kirkland> jmarsden: it's your password that's required to mount your home dir
<jmarsden> Can't you set things up so the ssh config files are outside your home dir, or something like that... didn't I see a discussion about this somewhere a few weeks back??  Maybe I'm mis-remembering it.
<kirkland> jmarsden: yes, you can, and you will be able to login
<kirkland> jmarsden: i mean, you can get onto the system, with a shell
<kirkland> jmarsden: but you won't have a home dir mounted until you enter a password
<jmarsden> Ah, yes, OK.  Makes sense.  So whether that is worth it depends on whether your activities on the remote host need access to stuff in your home dir.
<oh_noes> *sigh*, I can't believe open-vm-tools is 138MB
<oh_noes> stupid vmware
<jmarsden> oh_noes: Vote with your keyboard... use KVM instead?
<oh_noes> Business decision, not IT
<oh_noes> and how big is KVM's 'tools' implementation?
<snth> Has anyone used AppArmor audit tool?
<bobwhoops> Hi all, I've got a machine running ubuntu server 7.04. Is there any way to still install packages since its support has ended?
<ScottK> bobwhoops: Look in old-releases.ubuntu.com (I think).
<twb> Though obviously 7.04 won't receive security updates
<bobwhoops> ScottK: What am I looking or, backports?
<ScottK> That has the final 7.04 package archive in it.
<ScottK> If you change your sources.list from archive.ubuntu.com to old-releases.ubuntu.com you should be able to install packages.
<bobwhoops> Thanks, it worked
<ScottK> bobwhoops: My next suggestion is upgrade.  You're two releases out of support.
<bobwhoops> Yeah, but I'm lazy. I guess I should do it for security, but can't think of any other reason to do so
<ajmitch> security is a fairly good reason to do so
<ScottK> If you're going to be lazy, at least do it where there is security support (I still have a Dapper desktop I really need to upgrade this month).
<NCommander> ScottK, you've had that dapper desktop since before I knew you :-/
<ScottK> Yep.
<U2GB> I've a freshinstall ubuntu server 8.04 that stop booting from raid1 with message "Freeing initrd memory: ...". I created the raid twice and get the same error. Anybody know what mean thats error?
<a_ok> when I install linux-server on a 64bit installation of ubuntu will i get the 64bit kernel?
<twb> a_ok: either the entire install is 64-bit, or none of it is.
<a_ok> twb: ok
<twb> If you install ubuntu-server from the amd64 CD, you'll get 64-bit linux (and userland).
<twb> If you install from the i386 CD, you won't get any 64 bit stuff.
<a_ok> twb: i was just confused because pre 8.04 there it was in the name but it makes sence this way
<twb> Yes, well.  Ubuntu have their own way of doing kernels, different from Debian, so you have to expect Ubuntu's silliness to creep in
<uvirtbot> New bug: #382649 in mysql-dfsg-5.1 (universe) "package mysql-server-5.1 5.1.31-1ubuntu2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/382649
<uvirtbot> New bug: #381246 in nagios-plugins (universe) "check_http adds Port to Host Header (which is a violation of RFC) leading to problems checking certain hosts; current official nagios plugin sources fixes the problem" [Wishlist,Confirmed] https://launchpad.net/bugs/381246
<rags>  I have two AdSL lines and I need a way to balance my internet traffic between them. Is it possible?
<rags> Right now, If a line drops I have to change my gateway to the second router.
<simplexio> rags: its possible, but noe trivial
<rags> simplexio: Does it involve bonding the interfaces into one or something like tht?.
<rags> I found e-box and shorewall having the feature of wan load balncing. but I wanted to see if I could do it witout any other s/w
<simplexio> rags: that would be first thing i would try
<_ruben> the lartc document has some limited info on it .. for it to work properly (detect dead gateways in a nice way) you'd need kernel patches though
<simplexio> rags: and shorewall is just interface for iptables and tc so you can do it without it
<simplexio> _ruben: are sure you need kernel stuff, i thought that all neded stuff is in 2.6 series kernel
<rags> _ruben: Ya lartc shows tht it can be accomplished using a "TEQL" device but it has some caveats.
<_ruben> simplexio: proper dead gateway detection still requires some patches, last i checked that is, which has been a while
<rags> I was thinking of application specific routing ( if possible). Like my voip traffic going one interface and downloads going thro the other line.
<_ruben> rags: no, there's a section on multiple gateways, doesnt involve any special devices
<_ruben> that's even easier, and explained in the lartc doc :)
<_ruben> failover & "real" loadbalancing is much harder
<rags> _ruben: application specific routing is easier??
<_ruben> well .. application level perhaps not, but ip/port level is
<simplexio> rags: just forward http, https, ftp, email, downloads etc to one and voip and similiar stuff to another
<rags> simplexio: can you tell me how?
<rags> simplexio: by suing shorewall or iptables?
<simplexio> rags: it need iptables magick, i dont howto, because i havent done it newer, but i know that it works
<ssm> simplexio: a google for "shorewall dual dsl" gives a good list of howtos for that
<rags> simplexio: thx..I found a very good how-to: http://blog.taragana.com/index.php/archive/how-to-load-balancing-failover-with-dual-multi-wan-adsl-cable-connections-on-linux/..if anyones is interested
<quizme> hi, i created a user, but when i login as that user I get: Could not chdir to home directory /home/tempuser: Permission denied
<quizme> -bash: /home/tempuser/.bash_profile: Permission denied
<quizme> does anybody know why that happens ?
<simplexio> quizme: no permissions to read its homw dir
<soren> quizme: How did you create the new user?
<soren> quizme: Also, please provide the output of: "ls -ld / /home /home/tempuser"
<quizme> i figured it out...... it's cuz i had 700 the directory above.
<soren> In pastebin
<quizme> thank you guys
<soren> Sure.
<quizme> sorry for the false alarm
<uvirtbot> New bug: #382677 in openldap (main) "crash with SQL backend on search with empty attributes" [Undecided,New] https://launchpad.net/bugs/382677
<a_ok> the only thing changed on our server is an upgrade from 7.10 to 8.04 now apache seems to leak memory (getting a sizelimit restart about every 4 days since upgrade) is this known problem?
<a_ok> we use modperl btw
<soren> Which mod_perl specifically?
<TJ`> can anyone help me out with PPTPD? It only disconnects when the user asks it to do something extremely strange. The connection is stable until you make a request, be it http, ssh or rdp the connection dies on anything other than a ping
<uvirtbot> New bug: #382713 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess post-installation script returned error exit status 126" [Undecided,New] https://launchpad.net/bugs/382713
<uvirtbot> New bug: #382727 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 1" [Undecided,New] https://launchpad.net/bugs/382727
<stanman1> hi, i want to create a mail relay server so our sbs 03 domain's mail have disclaimers, anyone done something similar before?
<Niels_> Hi folks!Has anyone of you experience using KVM on Jaunty?
<stanman1> anyone did the spamsnake tutorial on how to forge?
<SpaceBass> hey folks
<SpaceBass> anyone had success connecting to a MS SQL db via ODBC?
<giovani|work> SpaceBass: never had a need, but, plenty of people on google seem to have
<SpaceBass> giovani|work: been searching there for a while - not a new question for me ... most of them seem to be using openoffice Base, looking to do something at the ODBC level
<uvirtbot> New bug: #382746 in php5 (main) "php-pgsql 5.2.4-2ubuntu5.6 depends from php-db but not installed automatically" [Undecided,New] https://launchpad.net/bugs/382746
<Niels_> Hi folks!Has anyone of you experience using KVM on Jaunty?
<Niels_> ghostlines, Hi and thanks for your reply. However I am thinking about to set up just now a KVM Server based on Jaunty. Here is what I'd like to realize:
<Niels_> 1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server
<Niels_> I have two physical NIC's and each Server should have its own IP. So, I will need 4IP's -- right?
<Niels_> to my understanding I have to built virtual NIC's but I haven't found as yet a HowTo which explains briefly howto configure virtual NIC's
<Niels_> or will I have to do something different?
<Niels_> ghostlines, the next question that is on my mind is: some say the best way to set up and configure new Guest OS'es is using virt-manager, some say oVirt and others say the best way would be using the given params by KVM. which way would be the easiest for one who hasn't got much experience using virtualisation techniques?
<ghostlines> I believe there is documentation on bridging for virtual machines at the ubuntu server guide
<ghostlines> https://help.ubuntu.com/9.04/serverguide/C/network-configuration.html#bridging
<ghostlines> is that of some help maybe?
<denisesballs> hey guys, anyone know of a way with apt to show what repository a package is downloaded from
<ghostlines> I had a KVM server running fedora and ws2008 and each had it's own ip, and i configured it with a network bridge
<denisesballs> ?
<Niels_> ghostlines, have you got your old /etc/network/interfaces on hand
<Niels_> ghostlines, so, I set up KVM with its tools, such as bridging-utils, then I install virt-manager and virt viewer, etc pp and than I should be able to connect via VNC ??? onto the host to get things started? is that right?
<Niels_> no worries...will get /e/n/interfaces somehow working -- i hope ;-)
<Niels_> brb
<Niels_> re
<ghostlines> Niels_, : yeah, that's how it works
<Niels_> ghostlines, how will I start virt-mananegr or viewer remotely? Haven't found anything as yet? So I connect via VNC to lets say 192.168.200.120 which is the Ubuntu Server
<Niels_> correctÃ
<Niels_> Ã=?
<soren> No.
<ghostlines> Niels_, I have the old disk images from my old vm's and want to get them running again so I'll be going through the same thing later tonight
<soren> You connect to the libvirtd process.
<soren> Using libvirt.
<soren> It's much easier to answer your questions if they're specific. What *exactly* are you trying to do?
<soren> Niels_: ^
<Niels_> 1 PDC using Win2008StandardServer, 1 Exchange2007 and one Application Server
<Niels_> soren, they should run on a Jaunty Server using KVM
<Niels_> so, basically I wnat to set up a KVM environment for these 3 Servers
<soren> Right, but what specifically are you trying to do *right* now? What do you expect to do with the aforementioned VNC connection?
<Niels_> soren, I read a few statements regarding setup, configuring and managing VM's with tools such as virt-manager, oVirt, etc pp
<Niels_> Which kernel btw should I use the standard 2.6.28-11-server or the virtual one?
<Niels_> soren, I haven't got yet any experience with virtualisation, though I need some help
<Niels_> hope you don't mind me and my noob questions
<soren> Probably the -virtual one.
<ivoks> the standard one
<soren> Why?
<ivoks> virtual is for guests, isn't it?
<Niels_> soren, I would have thought so, but wasn't quite sure
<soren> ivoks: Oh, that's not what he's asking?
<soren> Niels_: For the host, you want the -server kernel.
<ivoks> soren: he wants windows guests
<soren> ivoks: Heh... Good point.
 * ivoks got new laptop - thinkpad x200s
<soren> ivoks: It'll be another year before I get a new laptop  :(
<ivoks> soren: oh?
<Niels_> soren, the virtual was for a guest ;-)
<Niels_> for the host I've chosen the server one
<soren> Niels_: I thought you were running Windows guests?
<Niels_> soren, yes and one debian guest for me ;-)
<soren> ivoks: Yeah.. Next time I can get my employer to pay some of it will be a year from now.
<soren> Niels_: A.
<soren> Ah, even.
<Niels_> soren, so, how, once I have the system up, will I connect from my worksation onto the KVM-Virt-Gui?
<soren> Have it connect to qemu+ssh://name_of_your_host/system
<soren> Assuming you're using the qemu:///system hypervisor on the host.
<Niels_> soren, yes, I will use the qemu hypervisor on that system
<soren> qemu:///system? Or qemu:///session ?
<Niels_> I read that all I need to install is: kvm and qemu and libvirtd, virt-manager and virt-viewervia apt or aptitude.Is that correct?
<soren> On the host?
<Niels_> yes, on the host
<soren> You don't need virt-manager nor virt-viewer on the host. Nor qemu for that matter.
<Niels_> not?
<soren> Who took notes for the confconsole talk at UDS?
<Niels_> What will I need?Just kvm and libvirt?
<soren> Yes.
<Niels_> and bridge-utils?
<soren> I only have my own notes, which are.. ermm.. Not very extensive. Luckily, I think I still remember most of it, but still I'd like to see the "official" notes to see if I missed anything.
<soren> Niels_: Sure. It's a dependency of libvirt-bin.
<Niels_> soren, okay so I start with putty, lets say the server has the ip 192.168.200.100
<Niels_> thats wrong, isnt it?
<Niels_> soren, would you mind giving me a bit more help?
<RoAkSoAx> ivoks, heya!! how's it going
<ivoks> RoAkSoAx: good, you?
<RoAkSoAx> ivoks, good too. Hey, Heartbeat 2.99.x has been accepted to debian experimental
<soren> Niels_: Err.. Putty? Your client is running windows?
<Niels_> yep
<soren> Then I have no idea.
<ivoks> RoAkSoAx: great; what's the name of the package?
<Niels_> soren...but I can quickly install beside that xp a *buntu
<Niels_> I'll just download an actual iso, burn it and be back then.
<Niels_> afterI have installed it -- I meant ;-)
<RoAkSoAx> ivoks, http://packages.debian.org/experimental/heartbeat
<ivoks> RoAkSoAx: so, it's hearbeat?
<RoAkSoAx> ivoks, they have also have included a new package called corosync which works with openais
<ivoks> i was hoping for heartbeat-3 or something
<ivoks> right, corosync is part of this new cluster structure
<RoAkSoAx> ivoks, yes that's the heartbeat which will have to work with pacemaker.. though pacemaker it's not yet in debian experimental
<Niels_> soren, so, the download just started.
<ivoks> RoAkSoAx: maybe we should help them
<RoAkSoAx> ivoks, would be nice. we should ask them what kind of help they need.. I guess you going to speak about the cluster stack today at the server team meeting?
<ivoks> RoAkSoAx: i'll probably mention it
<RoAkSoAx> ok
<RoAkSoAx> ivoks, btw.. do you have some time to review a package update I've made?
<ivoks> RoAkSoAx: i'll check it problably today
<RoAkSoAx> ivoks, Ok. this is the one: https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/382539
<uvirtbot> Launchpad bug 382539 in passenger "Please upgrade passenger from 2.0.3 to 2.2.2" [Undecided,In progress]
<ivoks> RoAkSoAx: ok
<soren> Niels_: ok
<RoAkSoAx> ivoks, so when do you have a little time to continue to work on the mentorship ?
<ttx> Server team meeting, soon on #ubuntu-meeting... waiting for TB meeting end first
<RoAkSoAx> o/ ttx
<ivoks> RoAkSoAx: i'm waiting for email from christophe; he'll have some instructions on next steps
<RoAkSoAx> ivoks, ok cool :)
<ttx> server team meeting, starting now in #ubuntu-meeting
<uvirtbot> New bug: #382789 in mysql-dfsg-5.0 (main) "During update, a crash was reported" [Undecided,New] https://launchpad.net/bugs/382789
<jjshoe> apache2 is segfaulting for me when I enable python, here's just some basic details, if anyone has any idea, I would love input: http://pastebin.com/d780ab72
<ttx> alex_muntada, snth: welcome :)
<alex_muntada> ttx: thanks! :-)
<ttx> alex_muntada, snth: there wasn't so much to discuss on that meeting, we're still recovering from UDS :)
<alex_muntada> me too ;-)
<snth> I missed half of it .. but I am glad that it is recorded. But, I am really excited about getting involved.
<hvn> Can anyone say if running 8.04 server kernel instead of JeOS kernel in a VMware virtual machine is bad idea?
<hvn> The reason I am askin is that for some reason JeOS kernel does not have IPv6 netfilter modules
<hvn> https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/244272
<uvirtbot> Launchpad bug 244272 in linux-meta "ipv6 netfilter modules not available" [Undecided,New]
<uvirtbot> New bug: #382826 in mysql-dfsg-5.0 (main) "package mysql-server 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/382826
<tomsdale> when do you think the next ubuntu-server LTS will be released.
<hvn> 2010 April seems to be what Wikipedia's sources indicate. Every two years, in other words.
<tomsdale> hvn: thx. Regarding JeOS. I'm actually just doing an install for a vmware server. I used the server CD though. Can I not replace the kernel later with the JeOS version?
<tomsdale> hvn, sorry I highjacked your question. So you want to know what the performance hit is when you install a server kernel instead of the JeOS kernel on VMWare
<hvn> I think kernel can be replaced. However, I have not looked at the best way of doing it. I would probably first try installing JeOS (-*virtual-*) kernel and boot it via grub. Then proceeding to purge the server kernel if it works.
<hvn> That is, just install the virtual kernel and try booting with it
<hvn> About the performance hit, that might be one thing to note. Since I have two options, 1) try to get IPv6 netfilter modules into virtual kernel, or 2) switch to server kernel, I was thinking which one would be the best choice
<hvn> Getting IPv6 modules into virtual (JeOS) kernel would probably help others too, since IPv6 landscape will probably be an quite different when 8.04 LTS has still many more years left
<tomsdale> has the JeOS kernel in 8.10 the same issue? How did they decide there?
<hvn> Good question, I have not checked the later releases since we have tried to stay with LTS releases.
<tomsdale> yeah - me too. But I realized that the install size has increased between 8.04 and 8.10
<tomsdale> 300MB vs 380.
<hvn> this Debian unstable I'm currently using has ipv6/netfilter/ modules, but they seem to be only 145KB, so I guess it is not a space issue
<JordiGH> How do you configure whether date(1) shows UTC or local time?
<jmedina> date
<jmedina> and date -u
 * JordiGH just set the timezone to UTC in tzdata.
<alex_muntada> JordiGH: sudo dpkg-reconfigure tzdata
<JordiGH> alex_muntada: Yeah, yeah, that's what I said. ;-)
<alex_muntada> JordiGH: then was jmedina response what you were looking for?
<JordiGH> alex_muntada: No. It's ok, I still have a problem, probably unrelated to Ubuntu, but to my own code.
<alex_muntada> JordiGH: okay, good luck :-)
<frojnd> Hello there
<frojnd> It looks like I have to edit some user groups and permissions for applications... WHen I try to use screen with primary user (also root) I get this: Directory '/var/run/screen' must have mode 777.
<frojnd> How can I tell screen that can be used by this user and some other user? But not for every usesr?
<frojnd> Can someone give me a clue what should I look at to fix this?
<alex_muntada> frojnd: $ ls -ld /var/run/screen/
<alex_muntada> drwxrwxr-x 2 root utmp 40 2009-05-26 07:19 /var/run/screen/
<alex_muntada> what about yours?
<frojnd> drwxrwxr-x 2 root utmp 40 2009-06-02 19:31 /var/run/screen/
<JordiGH> Aha, had to restart MySQL to make the new time zone change kick in.
<JordiGH> Weird.
<frojnd> so that mean only root taht only user root that is in a utmp group can access screen alex_muntada ?
<frojnd> I'd also that users "frojnd"  and "thor" could use screen
<frojnd> I would also like ...
<alex_muntada> frojnd: screen is a shell script that execs a suid binary /usr/bin/screen.real
<alex_muntada> so the user running screen.real changes his effective gid to utmp and has permission to write there
<frojnd> I have no /usr/bin/screen.real
<alex_muntada> oops! what ubuntu version are you running on? try lsb_release -a
<frojnd> 8.4
<alex_muntada> let me find a server
<alex_muntada> ok, so in 8.04 /usr/bin/screen is the sgid
<alex_muntada> but it should work the same way
<alex_muntada> -rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
<frojnd> 20:10 alex_muntada > ok, so in 8.04 /usr/bin/screen is the sgid
<frojnd> screen isn't a directory
<frojnd> I also don't have any sgid if I /usr/bin/screen[tab]
<frojnd> just screendump
<alex_muntada> what does ls -l /usr/bin/screen say?
<jthomas_sb> I cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?
<frojnd> -rwxr-x--- 1 root ris 308228 2007-10-23 18:02 /usr/bin/screen alex_muntada
<alex_muntada> so here you have the problem
<alex_muntada> first, it's no sgid and group is not utmp
<frojnd> alex_muntada: groups is "ris"
<frojnd> hm
<alex_muntada> but second and most important, other has no permission to run screen
<frojnd> so I have to add frojnd to a group ris?
<alex_muntada> did you change that group?
<frojnd> alex_muntada: yes long time a go
<frojnd> untill power went off :D
<frojnd> Now I have to do some cronjobs and first fix those permissions..
<alex_muntada> i'd set the original group and sgid
<frojnd> alex_muntada: why?
<alex_muntada> so screen can run how it's supposed to under /var/run/screen
<alex_muntada> if you want to limit who can run screen remove the other perms and setup sudo
<frojnd> alex_muntada: first steps first
<frojnd> How can I restore the screen settings?
<alex_muntada> chgrp -h utmp /usr/bin/screen && chmod g+s,o+rx /usr/bin/screen
<frojnd> alex_muntada: so it assing utmp to screen
<frojnd> and than make 0755 to screen?
<frojnd> alex_muntada: u mentioned to setup sudo, can you tell me what should I rad to limit the access for a screen?
<frojnd> andol: alex_muntada whie ur here can you do ls -l /usr/bin/rtorrent ?
<frojnd> I also have group for rtorrent
<alex_muntada> frojnd: sorry, no torrent on my servers
<frojnd> alex_muntada: ok what about sudo setup?
<alex_muntada> frojnd: can you show me current permissions for screen?
<frojnd> alex_muntada: ls -ld /var/run/screen ?
<alex_muntada> frojnd: ls -ld /usr/bin/screen
<alex_muntada> the /var/run/screen too, just in case
<frojnd> alex_muntada: -rwxr-sr-x 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
<frojnd> and drwxrwxr-x 3 root utmp 60 2009-06-02 20:18 /var/run/screen/
<alex_muntada> okay, that how screen permissions are by default
<alex_muntada> now, to restrict screen to everyone but root do... chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
<frojnd> ok
<frojnd> alex_muntada: no.. not the root, well root too, but a few other users
<alex_muntada> s/to/for/
<alex_muntada> follow me on this ;-)
<frojnd> ok :)
<andol> frojnd: me? :)
<frojnd> ^ ^
<uvirtbot> frojnd: Error: "^" is not a valid command.
<frojnd> alex_muntada: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
<frojnd> done
<frojnd> what's with the s/to/for ?
<alex_muntada> sorry, i meant restrict screen for everyone instead _to_ everyone
<alex_muntada> s/// is a sed/perl string substitution
<alex_muntada> so now screen should'nt work for anybody except root, is it?
<frojnd> alex_muntada: yes except but root
<frojnd> alex_muntada: except root, pardon me.
<alex_muntada> ok, so now the way to grant permission to group ris without touching screen group is via sudoers
<alex_muntada> take a look at /etc/sudoers and see that %admin ... line
<jthomas_sb> I cannot seem to find OpenOffice.org-headless in my 9.04 apt listings, what am I missing?  Nor can I find jodconverter
<frojnd> alex_muntada: it's set to ALL=(ALL) ALL
<alex_muntada> %admin ALL=(ALL) ALL means group admin on all hosts grants to (ALL) users run ALL commands
<alex_muntada> so, you have to edit sudoers by running sudo visudo
<alex_muntada> and then add... %ris ALL=(ALL) /usr/bin/screen
<frojnd> alex_muntada: I did but I still not able to open screen with user frojnd
<frojnd> alex_muntada: If I type vigr and search for ris, I find this line: ris:x:1004:thor,frojnd
<frojnd> which meanns users frojnd and thor are in a group ris
<frojnd> Or am I wrong?
<alex_muntada> you're right
<jthomas_sb> at the prompt just rnu 'groups' (as frojnd) to see what groups frojnd is in
<alex_muntada> maybe you added the group and didn't logout and login again?
<frojnd> adm dialout cdrom floppy audio dip video plugdev fuse lpadmin admin thor ris
<jthomas_sb> yes, did you log out and in?
<frojnd> jthomas_sb: yes
<frojnd> when I do scree[tab] it gives me screendump and not screen
<frojnd> Any ideas?
<alex_muntada> can you show us screen perms again?
<frojnd> ls -ld /usr/bin/screen -rwxr-s--- 1 root utmp 308228 2007-10-23 18:02 /usr/bin/screen
<frojnd> ls -ld /var/run/screen drwxrwxr-x 4 root utmp 80 2009-06-02 20:30 /var/run/screen
<frojnd> that's odd
<frojnd> I wrote: chmod o= /usr/bin/screen && ls -ld /usr/bin/screen
<alex_muntada> that's right then
<alex_muntada> can you... sudo grep %ris /etc/sudoers ?
<frojnd> %ris ALL=(ALL) /usr/bin/screen
<alex_muntada> if you try sudo screen, does it work?
<alex_muntada> i'm afraid that right now will open a root shell on screen
<frojnd> alex_muntada: yes as sudo, root I can run screen
<alex_muntada> does it work for the other user too? it may work for you since you're on group admin anyway
<frojnd> alex_muntada: no frojnd has no enough permissions
<frojnd> alex_muntada: also thor, no enough permissions
<alex_muntada> but do you run sudo screen or screen only?
<frojnd> alex_muntada: screen only
<alex_muntada> if you run only screen you don't have permissions since you've performed chmod o= on screen
<alex_muntada> the idea is that sudo screen will work, but screen won't
<frojnd> alex_muntada: yes but didn't the visudo %ris ALL=(ALL) /usr/bin/screen do it's work?
<frojnd> frojnd is in ris group
<alex_muntada> that enables screen for group ris under sudo
<alex_muntada> without sudo it won't work
<frojnd> alex_muntada: so only super user can run screen
<frojnd> I'd like thor that has no rights to run screen
<alex_muntada> you don't follow
<alex_muntada> try to run sudo screen ad user thor
<alex_muntada> ... as user thor
<frojnd> alex_muntada: huh
<alex_muntada> what happened?
<frojnd> alex_muntada: I typed in thor's password when it asked mee for super user password. And now It's: root@ubuntko:/home/thor#
<frojnd> user thor mustn't be root
<alex_muntada> ok, that's true
<alex_muntada> let me ask you something, you want only those users to be able to run screen but preserving their uid, right?
<alex_muntada> e.g. thor runs screen and has a shell as thor
<frojnd> alex_muntada: yes
<alex_muntada> let's try a different approach, wait 1 sec
<frojnd> I thought that I would create a group "ris" which is already created and whoever is in this group can use e.g. screen, irssi, rtorrent
<alex_muntada> frojnd: okay, sudoers doesn't work (at least not that I know) to solve your case, I'm sorry
<alex_muntada> so, please remove that %ris ... line from sudoers by running visudo
<frojnd> alex_muntada: done
<alex_muntada> i didn't like to change the default group and perms of screen command and /var/run/screen because they may change on future upgrades and you'll have to recheck your setup
<alex_muntada> but now I think that there's no other way
<alex_muntada> frojnd: do chgrp -h ris /usr/bin/screen /var/run/screen
<frojnd> done
<alex_muntada> make sure that sgid is still there, and add it otherwise... chmod g+s /usr/bin/screen
<alex_muntada> now, instead of becoming of group utmp people running screen will have egid ris
<alex_muntada> since perms for other should still be --- then only group ris will have perms to run screen
<frojnd> alex_muntada: the way I wannted
<alex_muntada> can you try for both users?
<frojnd> alex_muntada: yes
<alex_muntada> one last thing
<alex_muntada> note that there's a screen-something under /etc/init.d
<frojnd> alex_muntada: yes?
<frojnd> alex_muntada: screen-cleanup
<alex_muntada> $grep utmp /etc/init.d/screen-cleanup
<alex_muntada>         chown root:utmp $SCREENDIR
<frojnd> /etc/init.d/screen-cleanup
<alex_muntada> you'll have to fix the group there too
<alex_muntada> otherwise on next boot it will be reset to utmp
<frojnd> rep utmp /etc/init.d/screen-cleanup bash: utmp: command not found
<alex_muntada> sorry, it's grep utmp ...
<frojnd> alex_muntada: yep it shows: chown root:utmp $SCREENDIR
<alex_muntada> so you'll have to change it
<alex_muntada> the only problem i see right now by changing group utmp by ris is that you'll probably be loosing accounting information about those shells in /var/log/*tmp
<frojnd> alex_muntada: rhe group of /etc/init.d/screen-cleanup
<alex_muntada> frojnd: you have to edit /etc/init.d/screen-cleanup search for utmp and change it by ris
<frojnd> alex_muntada: I see
<alex_muntada> make sure you make a copy before editing, just in case... cp -pi /etc/init.d/screen-cleanup /etc/init.d/screen-cleanup.bak
<frojnd> alex_muntada: thank you so much, u've been very helpful and it's nice to see someone that knows security issues beside :)
<alex_muntada> glad to help :-) though i missed my first shot going through sudoers
<frojnd> alex_muntada: I wasn't very claear what I wannt :)
<alex_muntada> jthomas_sb: http://packages.ubuntu.com/search?keywords=openoffice.org-headless shows that it isn't available on jaunty
<frojnd> alex_muntada: to tell server after it boots up to run screen under user thor and than while screen is up to run rtorren in it I'd have to use crontab -e
<frojnd> alex_muntada: I know how to add cronjob for screen: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent
<frojnd> is his secure?
<jthomas_sb> alex_muntada figured that out eventually.  why wouldn't package releases be the same from one version to the next?  how well can an upgrade from one release to the next go if the packages aren't there?
<frojnd> alex_muntada: Is it secure and how can this achieve for user thor?
<alex_muntada> jthomas_sb: changes happen, though I don't know why this change happened though
<alex_muntada> frojnd: where did you add that line?
<frojnd> sudo -s
<frojnd> crontab -e
<frojnd> add line
<alex_muntada> frojnd: that meaning that screen is run as root
<frojnd> alex_muntada: ok
<alex_muntada> why don't you crontab -e while on a thor shell?
<frojnd> alex_muntada: I got it :) thanx
<frojnd> alex_muntada: but I know only @reboot
<frojnd> what if power goes off
<frojnd> in bios I've setup to power on server while power comes on, will @reboot still work in this case?
<alex_muntada> man 5 crontab says... @reboot Run once, at startup.
<frojnd> I'm trying to tell server that when it comes up no matter what stance it was before to run screen and rtorrent
<alex_muntada> so, i guess it'll work
<tomsdale> How do I sudo aptitude install the JeOS kernel to replace the standart server kernel on a 8.04 server install? I want a kernel optimized for VMWare.
<tomsdale> sry - please remove "sudo aptitude install". makes sort of sense there but I erroneously middle clicked ...
<frojnd> alex_muntada: it works, but while in screen
<frojnd> when I make a new isntance: ctro + a + c
<frojnd> I only see $ and not thor@ubuntko:~$
<frojnd> alex_muntada: while in crontab: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent
<frojnd> is there a modification to this that when in screen I'd have shell and not $
<alex_muntada> frojnd: default shell in screen is /bin/sh
<alex_muntada> if you want to change that you can add a different shell in ~/.screenrc
<frojnd> alex_muntada: ~/.screenrc doesn't exist so I don't know whow it should look like
<alex_muntada> alternatively, you can run screen -d -m -s /bin/bash /usr/bin/rtorrent
<alex_muntada> man screen for the details
<frojnd> -s is for shell I guess?
<alex_muntada> yeah
<frojnd> olrajti
<frojnd> Now I need to read something about making backups
<frojnd> alex_muntada: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent
<frojnd> won't start screen
<mdunlap> Whats the best way to stream video from a server to the internet, Ive messed around with Jinzora
<alex_muntada> frojnd: it should, i don't have rtorrent but it works for me if i do... /usr/bin/screen -d -m -s /bin/bash /bin/sleep 3600
<alex_muntada> please, note that screen is executed undetached (-d -m) so you'll have to screen -r to see rtorrent working
<frojnd> alex_muntada: is this maybe because I don't have ~/.screenrc for user thor?
<alex_muntada> no .screenrc needed by default
<frojnd> so this isn't the issue
<frojnd> alex_muntada: @reboot /usr/bin/screen -d -m /usr/bin/rtorrent This works but it when crateing a new window with sscreen I won't have bash...
<alex_muntada> thus the -s /bin/nash
<alex_muntada> sorry, -s /bin/bash
<frojnd> /bin/sleep 3600 means that it waits 60mins before what happens?
<frojnd> alex_muntada: I do have like this: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent
<alex_muntada> the /bin/sleep is an example since i cannot try rtorrent
<frojnd> alex_muntada: ok
<alex_muntada> you don't expect cron to run this command unless you reboot, do you?
<frojnd> alex_muntada: that's what I've been asking before..
<frojnd> I'd like cron to run this everytime server boots up
<alex_muntada> no, you asked a different thing
<frojnd> alex_muntada: that too :)
<alex_muntada> @reboot tells cron to run this only 1 time _after_ rebooting or powering up
<alex_muntada> but you didn't reboot recently, did you?
<frojnd> alex_muntada: the second tiem I did it didn't came up (screen)
<frojnd> tiem==time
<frojnd> maybe I should try without @reboot
<alex_muntada> no, it will be a syntax error
<alex_muntada> so, to make things clear
<frojnd> yep it makes a syntax error
<alex_muntada> did you reboot after adding @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent as user thor?
<frojnd> alex_muntada: first I add @reboot /usr/bin/screen -d -m  /usr/bin/rtorrent I rebooted for the first time, screen came uo. Then I add: @reboot /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent and rebooted for the second time and screen didn't came up
<alex_muntada> what happens when you run /usr/bin/screen -d -m -s /bin/bash /usr/bin/rtorrent from thor's shell?
<frojnd> alex_muntada: screen starts
<frojnd> alex_muntada: also if I create a new window within screen it has bash
<alex_muntada> then, maybe you mistyped the crontab line? look for errors in /var/log/syslog
<frojnd> alex_muntada: no errors there
<alex_muntada> sorry then, I don't know what else suggest
<frojnd> alex_muntada: hm
<frojnd> I tried to copy this last command to the crontab and now screen is up
<frojnd> looks like I did misstype, but it still wasn't enough for an error
<uvirtbot> New bug: #382911 in mysql-dfsg-5.0 (main) "unable to complete update" [Undecided,New] https://launchpad.net/bugs/382911
<glen1> hey
<glen1> anyone know anything about backup to remote encrypted server haha
<m33600> where is the start button? not a clue on start it up
<m33600> no X, no wellcome
<m33600> ans no list of commands
<m33600> talking about ub server jaunty
<m33600> is there any other server as simples as to share innternet at home?
<altd78>  buenas tardes, tenia un archivo abierto html en ext4 (ubuntu jaunty) y se interrumpiÃ³ la electricidad en el equipo, cuando volvÃ­ a ver el archivo, estaba en 0KB, es esto normal?  se podrÃ¡ recuperar?
<PastorKarr> I just instsalled xfce4 on my server, but how to do I start it now?
<altd78>  Hello!.  I'm at ubuntu jaunty with ext4 , I was working on a html file an saving my work  for about  2 days and I had a power outage, when i came back to see my file it was 0KB,  is this normal?  can I recover something?
<altd78> PastorKarr:  You may want join channel #ubuntuforums, you'll get  an answer faster there
#ubuntu-server 2009-06-03
<wizardslovak> hello people
<wizardslovak> so is here anyone who can help me with postfix-dovecot ?
<benc2> after editing a boot-script, do I need to do something?
<wizardslovak> restart
<benc2> thanks
<benc2> and how do I deactivate a boot-script?
<wizardslovak> that i dont know
<benc2> ok
<wizardslovak> i am newbie in all this
<storrgie> just formatted, now I dont get any autocomplete in the terminal.... why?
<wizardslovak> how to install SASL?
<twb> sasl support for what?
<maek> I copied a vmware image of ubuntu server. it has a new mac address but when It boots up it fails to see eth0? any idea. is there a file some place that tied to the old mac?
<maek> sorry google
<jmarsden> maek: Well, you *can* put a mac address into /etc/network/interfaces, but I don't think that is done by default.
<maek> jmarsden: I read something about /etc/iftab but thats gone
<maek> ah
<jmarsden> Maybe   grep -ril mac /etc   # would find a relevant file?
<maek> oh, didnt know about recursive grep, thats cool. no more find . | xargs
<maek> thanks
<jmarsden> :)  No problem.  I think that's a GNU grep extension; it's been there for at least a decade or so, maybe longer.
<maek> haha, ive been living under the Sun
<jmarsden> That would explain it :)
<maek> it was in /etc/udev/rules.d/*net.rules
<maek> it was holding onto the mac from the cloned image
<jmarsden> Good, I'm glad you found it ... Googling for ubuntu mac address didn't get me much beyond pages explaining you to find out your own mac address...
<maek> I did "vmware ubuntu copy no network" 3rd hit
<boredandblogging> dendrobates: ping
<maek> jmarsden: thanks for the help and the grep -ril :) have a good night
<jmarsden> No problem.  Goodnight.
<oh_noes> Maybe a long shot ... but anyone know a Supermicro Motherboard (S775) which isn't FakeRAID in Ubuntu Server?
<twb> ALL raid found on a motherboard is fakeraid
<twb> And fakeraid is always fakeraid -- it doesn't matter what OS you run.
<twb> jmarsden: I really hate that rule where it learns MACs
<twb> It causes me no end of trouble when dealing with bootable removable media
<oh_noes> (12:22:57 PM) twb: ALL raid found on a motherboard is fakeraid <- that's not entirely true.   Maybe for Desktop boards.
<jmarsden> twb: Isn't there some way to disable the rule generation script that creates those rules?  Feels like their should be.
<oh_noes> My question is, for a Supermicro SERVER board, what RAID chipset should I be looking at that isnt FakeRAID to Ubuntu
<oh_noes> I have a few IBM x3550's, which work perfectly as proper RAID.  Because they are true Hardware RAID, just built on with the board
<twb> jmarsden: there is, but it's totally obtuse
<twb> jmarsden: on a modern system, you can't just delete the entry that generates it -- because that's now in /usr
<twb> jmarsden: instead, you have to make an EMPTY file with the same name in /etc/udev/rules.d
<oh_noes> Another way to ask my same question, how can I find out if a  LSI 1068E Controller will be detected as FakeRAID to ubuntu?
<jmarsden> Hmmm... this should at least be documented somewhere easy to find... is there a page on wiki.ubuntu.com about it or something similar?
<twb> oh_noes: I dunno about server boards, but AFAIK the IBM server we got used fakeraid.
<jmarsden> oh_noes: There might be a way to grep through the kernel sources looking for its PCI ID and see what gets done with it. but that feels... harder than it should be.
<twb> *I dunno *much* about server boards, I should've said
<oh_noes> the IBM x3550 we have here installed without an issue as real RAID
<oh_noes> let me ask in a different way, how do I find a controller (even if its seperate PCIe) that will not be dected as FakeRAID by Ubuntu?
<twb> oh_noes: how do you know it's real raid?
<jmarsden> I'm not sure.  There is info on that contrioller and Ubuntu and RAID in http://ubuntuforums.org/archive/index.php/t-973912.html
<oh_noes> twb: because it appears as a single disk to Ubuntu installation.   (and it's a $6000 x3550 SAS IBM ServRAID RAID 1 Mirror)
<twb> oh_noes: that doesn't mean it's hardware raid
<twb> When fakeraid is actually working, it will appear as a single disk to ubuntu.
<oh_noes> Then what's the definition of hardware raid
<twb> It's only the lowest end of fakeraid that doesn't even manage that.
<twb> oh_noes: no, hardware raid does raid using a coprocessor -- fakeraid does it using the main, general-purpose GPU.
<jmarsden> oh_noes: That the controller chip does the work rather than pushing it off onto the host CPU
<twb> s/GPU/CPU/
<oh_noes> well.... to tell my truth, my main concern is to have the RAID handled by the Board.  So hotswap and instant rebuild is handled by the controller
<oh_noes> whether IOPS are handled by the CPU isn't my major concern
<oh_noes> the box we're building, we need the physical hotswap port to work with the controller to rebuild
<twb> oh_noes: it also means you need to shut down your OS to manage the array
<oh_noes> there is no array management, we're building predefined boxes (w/ RAID1) then thats it
<twb> oh_noes: or run binary vendor blobs that will probably break randomly when you perform security updates.
<oh_noes> theres no changing things etc
<twb> oh_noes: well, lucky you, I guess...
<jmarsden> oh_noes: One way to check controllers could be to read the kernel documentation for the various real RAID drivers such as aacraid, they list what controllers they support...
<twb> FWIW: http://linux-ata.org/faq-sata-raid.html
<twb> 12:48 <russm> but anyway, grovel through the kernel logs for raid-type controllers is the best answer I've got...
<oh_noes> twb: ta for the link, jst what i was looking for
<twb> Looking at this IBM poster here, I guess you are using the "IBM ServeRAID controller".
<twb> Google implies this is fakeraid
<twb> Specifically, that it's a rebadged Adaptec HostRAID
<twb> BTW, as you claim don't need to manage the array... how do you plan to be notified when the array becomes degraded?
<jmarsden> In case it helps, in the kernel sources Documentation/scsi/aacraid.txt mentions that controller, and aacraid is (I think) a "real" RAID driver, so how fake it is may be somewhat open to interpretation?
<twb> jmarsden: I suppose the internet could be wrong :-)
<jmarsden> twb: If aacraid sees the array the way it sees other Adaptec RAID controllers, I'd expect it to handle the degradation notification in the same way too...
<twb> jmarsden: righto!
<oh_noes> Hrmm, it looks like the "3ware 8006-2LP" will suit me needs as well.  True 2 port SATA Hardware RAID1.
<oh_noes> how do I find out 100% that its supported as true hardware RAID in Ubuntu?
<oh_noes> 3ware.com says: "Linux 2.6.x kernel includes a driver for the 8000 series controller" -- doesnt say if its FakeRAID though
<jmarsden> I don't think many vendors will advertize "our controllers are fakeraid" -- not a good marketing tactic :)
<twb> I've never seen a vendor mention fakeraid :-)
<oh_noes> According to http://linuxmafia.com/faq/Hardware/sata.html, it's real Hardware RAID
<twb> 3ware traditionally make hardware raid, AFAIK
<twb> That doesn't mean ALL their stuff is necessarily hardware raid, though...
<oh_noes> the page i linked above is really helpful, seems to list most controllers and if they are real/fake raid
<oh_noes> twb: http://linuxmafia.com/faq/Hardware/sata.html#ibm :)
<jmarsden> I'd say a 3ware controller that Rick Moen says is hardware RAID is *very* likely to be hardware RAID.  If you need 100%... you'd have to read the kernel driver sources, I think.
<twb> jmarsden: nice one
<twb> If Rick Moen says something, it is probably true
<twb> To be 100% certain you'd have to visually inspect the board and find the coprocessor, then watch the electrons travel to and from it
<jmarsden> And it seems "ServeRAID" is a meaningless marketing term for "whatever IBM rebadges", so some are hardware and some are not.  So maybe twb's ServRAID is fakeraid and oh_noes' ServeRAID is hardware RAID...
<twb> Actually I never used my IBM RAID becaue $boss accidentally bought the one without RAID5 support :-/
<twb> But it didn't bother me so much, because I love md RAID.
<TimReichhart> could anybody tell me the code for forwarding emails inside of mysql?
<niels_> I just installed Jaunty Server and I had to choose Lilo as a BootLoader, cause GRUB couldn't get installed. Now, if I boot the server all I get are tons of 99 on the screen.Has anyone got an idea what went wrong and how to solve that?
<twb> niels_: that happens if you try to put /boot inside LVM
<twb> Or inside RAID5
<twb> You're getting 99s on screen because LILO hasn't work, either.
<niels_> twb: I haven't configured LVM at all...
<niels_> Ahhh...the RAID might be Prob, though
<niels_> twb: Thx
<twb> You must make a separate RAID1 array for /boot
<niels_> hmm...I have a Hardware RAID-6 here...
<twb> There's no such thing as RAID6.
<jmarsden> twb: Says who?  It's defined as RAID5 plus an extra parity drive so it tolerates two simultaneous disk failures, if I remember rightly...
<twb> jmarsden: no, that's still RAID5.
<niels_> twb: well there is - at least you can configure your array in the Adaptec RAID Utility as a RAID-6
<twb> But vendors call RAID5 with two parity drives "RAID6" sometimes, in an effort to confuse and annoy me, personally.
<jmarsden> http://en.wikipedia.org/wiki/RAID also defines RAID6...  another personal attack on you, I assume...
<twb> Oops, apparently I'm wrong
<twb> Neevr mind.
<niels_> ;-)
<twb> But I stand by RAID10 being nonsense
<sammy> okay, just in case I'm missing something: 9.04 shipped with 2.6.28. there's a bug in 2.6.28 that halts my box on boot. its (supposedly!) fixed in 2.6.29. I'd like to install 9.04 onto this box. I should install 8.10, build the 2.6.29 kernel, then do a dist-update to 9.04? if there was a 2.6.29 package, I *could* create a custom install CD. but that seems like much more work
<sammy> I can't see any other way to get 9.04 installed. I certainly can't use this nice pretty cd I just burned :P btw the bug is with my drive controller, the one I need to use to install 9.04. otherwise I could use some kernel command line magic to keep the offending module from loading, I bet.
<jmarsden> sammy: Boot from LiveCD, tweak so relevant module does not load, install from there... maybe???
<tv7497> guys is there a way to monitor what files are uploaded and download from my server well i have a lamp and openssh server , well most of my friends use filezilla sftp protocol to access my server and download files is it possible to monitor these transaction? i use jaunty on a 64bit system
<tv7497> guys anyone ?
<niels_> how ill I get rid of Grub not being installed on my system. It fails with the error code 1. What else is seen on the tty is that ext2fs and ext3fs wont be found...what an unreal suprise
<niels_> If I would finish the install without having grub installed how will I boot the server?
<niels_> LILO isn't an alternate choice as LILO has got major probs, as far as I know, with RAID systems
<jmarsden> tv7497: Try turning up the logging level of your sshd?  man 5 sshd_config
<tv7497> jmarsden: how do i do it well i am really new to this
<jmarsden> niels_: You'll want to figure out why GRUB is failing to install and fix that; as a temporary approach you might be able to boot from some other media, such as a CD or usb stick, but it is going to be awkward.
<jmarsden> tv7497: Did you read that man page?
<jmarsden> Type the command man 5 sshd_config and read it... :)
<tv7497> jmarsden: thanks :)
<jmarsden> I'm about to go to bed, I can't handhold you through actually editing the config file, but basically you'll just want to edit /etc/ssh/sshd_config appropriately (to set a more verbose logging level) and restart sshd.  Then look in the log files under /var/log for the resulting log entries.
<niels_> jmarsden: I can't get that far on the server :-(
<jmarsden> niels_: You can't boot it from a LiveCD and specify root=/dev/whatever to use the hard drive's root partition...?
<jmarsden> Anyway, I'm off to sleep... goodnight all :)
<niels_> cu jmarsden
<niels_> have a decent sleep, though and thaks again
<niels_> thats kinda weird now: If I say stop the installation without having a bootloader installed I'm getting told that the partioning setup of the harddrives haven't been made.Well I have made the partitioning of the drives...What's going on here?Anyone an idea?
<bubba> myphpadmin wouldnt install on my windows box..any advice?
<niels_> bubba: what's got phpmyadmin and $$$XP to do with ubuntu servers?
<bubba> i want to administer my ubuntu server using my windows box remotely.  Am I doing something wrong?
<niels_> bubba: if you would have asked $searchengine you would have come across that Tut http://www.sebastiansulinski.co.uk/web_design_tutorials/tutorial/8/how_to_install_phpmyadmin_on_windows_xp
<niels_> does that help?
<bubba> i will try that but mainly none of my php ext are opening up in my windows browser?
<niels_> ask in a Win Forum then, its got nothing do with Ubuntu
<bubba> thx
<stanman1> hi, could anyone help me a bit with rsync? I get read permission errors on some paths (/var/www)
<stanman1> do i need to add the rsyncinguser to www-data?
<tv7497> jmarsden: well i don't seem getting any thing of that :( well i tried reading logs of what are the last transaction happened from (/var/log/auth.log) but i wasnt able to understand anything , could you help me with any simple kinda of thing that would let me know whats happening in my server and
<niels_> stanman1: maybe you should see 1st what the permissions on /var/ww/ are and than you might want to change them...
<niels_> stanman1: another thing nice to have,if xou want help, is to tell us what exactly you are doing
<stanman1> niels_: am a bit afraid to do so, as i run ispconfig on the machine hosting several shared site
<stanman1> i want to move from one machine to another, using openvz containers
<stanman1> i can ssh into both boxes and start rsync, but in the end i get some errors
<tv7497> niels_: is there a way to monitor what files are uploaded and download from my server well i have a lamp and openssh server , well most of my friends use filezilla sftp protocol to access my server and download files is it possible to monitor these transaction? i use jaunty on a 64bit system
<stanman1> should i run rsync as root?
<niels_> can't you just use the vzmigrate command?
<niels_> vzmigrate --online <user@host>
<stanman1> i did the vzdump an moved it all to the new server, all port 80 traffic is running to the new one
<stanman1> but to move the Maildirs i need to rsync first before routing mail to the new server
<niels_> I guess vzmigrate would've been the better choice, but I'm not sure as I am not quite familiar with OpneVZ
<niels_> That might be a good place for your probs, too. At least i would try to find someone there If you want to talk to the OpenVZ users and sometimes developers live, we can usually be found on the #openvz channel on irc.freenode.net.
<sammy> jmarsden: if youre still around, thats a good suggestion, but the offending module is the ide controller the drive I want to install 9.04 on is connected to :P so disabling it wont help.
<niels_> sorry, that i cant give you any better advice
<stanman1> no probs niels, thanks for the info anyway.
<sammy> how would I go about finding how long it should be until 2.6.29 has a package? I used to compile my own kernel for years, but one of the whole reasons of using ubuntu now is so I don't have to :P
<niels_> sammy: jmarsden went already to bed :-)
<sammy> it must already have a package in debian somewhere
<sammy> sorry niels_, I didn't go through everything I missed. I think I'm just stuck with installing 8.10, compiling the kernel, then doing a dist-upgrade
<niels_> No worries ;-)
<sammy> though maybe the udma66 just doesn't matter that much
<niels_> I dont even remember what you are trying or to fix...I ended up with reinstalling Jaunty Server and I hope that he'll now writes the Grub Bootloader into the NBR
<niels_> Actually the system is still formatting, well 6TB may take a while ;-)
<sammy> oh. my second onboard IDE controller's driver is borked in 2.6.28, which means I can't install server 9.04 using udma66 since the first controller only does udmda33
<niels_> Thats unreal...kind of
<sammy> whats great is 2.6.29 supposedly has it fixed. so I can install 8.10, compile 2.6.29 by hand (or using whatever little CLI scripts or GUI ubuntu has) and then do a dist-upgrade to 9.04 :P
<sammy> and at this point I might just use the #$^*#* udma33 controller, install 9.04, and wait until the 2.6.29 package reaches jaunty-um... not backports. whatever the 'unless you enable this repository, you wont see this until karmic koala' one is.
<sammy> maybe I'll get one of my linux newb friends to compile the kernel by hand. if I wanted to do it, I'd stick with gentoo :)
<sammy> I've done my time learning how to hand compile things. i've earned pre-compiled binaries! though, HA it's a p3, so, I should probably compile my own kernel anyway, for the sake of every bit of free memory
<sammy> okay I'm just going on by myself now. I'm going to move that drive to the udma3 controller and install 9.04 :) I have two jabber servers, an apache server, asterisk and openldap to migrate. cheers, and have fun waiting for your 6tb to format :P
<niels_> sammy: have fun as well
<niels_> I might go for a smoke and a coffee
<sammy> oh a smoke! good idea.
<niels_> yep ;-)
<niels_> cu soonish
<uvirtbot> New bug: #383062 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourn? a status error outpur 1 (une erreur de sortie d'Ã©tat 1)" [Undecided,New] https://launchpad.net/bugs/383062
<tty> hi all. i have some php files using odbc_connect. i cannt get them working under ubuntu server with lamp. i tried freetds unsuccesfully
<tty> any tips?
<tty> :)
<CrummyGummy> run now! Simple dist-upgrade today on a firewall box has left my server down. Its incredible.
<simplexio> tty: just a quess, but should you get unic odbc working before using odbc connections
<huats> Hello everyone
<huats> soren: hey
<huats> I am currently lookig at the virstinst merge
<soren> o/
<huats> I have noticed that (in the current ubuntu  version) you switched from python-support to python-central, any reason ?
<huats> Do I need to do the same switch, while from my understanding python-support is prefered right now
<tty> simplexio: what do you mean by that? these php files are already workign under xampp in a windowz box. some of them using mssql_connect and some of them using odbc_connect. and i want to tranfer there file to a linux box. however. although the first (using mssql_connect) work just fine, the latter (usign odbc_connect) dont
<soren> huats: When I first looked at the package, it didn't use neither python-support nor python-central. I preferred python-central, so I used that. Later, it started using python-support in Debian.
<soren> huats: Since then, I tried switching to python-support, but the upgrades failed horribly.
<soren> huats: and I just couldn't be bothered to fix that.
<huats> soren:  ok
<huats> :)
<soren> huats: It's because all the upgrade magic is put into the maintainer scripts depending on which of python-{central,support} you're using to build the package, so if you suddenly switch, you need to maintain all of that yourself, which is a major pain.
<huats> sure
<huats> soren: so I'll keep using python-central. I just wanted to understand :)
<huats> thanks !
<angelleye34> I'm having an issue with timestamps matching up when I sync from my local files to my test server
<angelleye34> it always thinks every single file in my site needs to be uploaded even though it's not changed.
<angelleye34> i'm working with a local ubuntu server
<soren> huats: Sure thing.
<uvirtbot> New bug: #383087 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 1" [Undecided,New] https://launchpad.net/bugs/383087
<a_ok> dpkg -l also show me packages that are no longer installed how do I list the packages that are installed?
<a_ok> can i also list wetter its pulled in as a dep or by user request?
<_ruben> `dpkg -l | grep ^ii` will list all currently installed ones
<Jeeves_> Who here knows Damian Ondore?
<_ruben> not that im aware of ;)
<soren> Jeeves_: For some values of "know", I do.
<soren> a_ok: I don't know how to query it, but the "whether it's manually installed or pulled in as a dep" is in /var/lib/apt/extended_states
<soren> Jeeves_: Why?
<Jeeves_> soren: I am wondering if someone can ask him if he can respond on my email.
<Jeeves_> Appearantly, emailing works only once for him.
<a_ok> thanks soren/_ruben
<Jeeves_> I am trying to buy stuff from Canonical, but this is the third time that the sales department refuses to reply.
<soren> -> /msg
<soren> a_ok: "aptitude show name_of_package" will show you whether it's automatically or manually installed.
<a_ok> soren yeah but i want a list of manually installed not check them all
<_ruben> little bit of shell scripting would do the trick ;)
<a_ok> i know working on it
<a_ok> soren: well /var/lib/apt/extended_states missing most files
<_ruben> perhaps it only lists the auto installed ones (as all are marked as 1 on the box i checked)
<Niels_> Howdy!
<Niels_> To all those who are thinking of getting a new server with an Adaptec5805 -- make sure that the newest Firmware is installed otherwise you may run in real trouble just as like as I just didi
<\sh> Niels_: who builds servers with adaptec, still? Dell? IBM?
<Niels_> \sh, Supermicro
<dinger1986> might be worth looking at this as well http://drbl.sourceforge.net/
<dinger1986> sorry wrong place
<\sh> Niels_: I don't think it's supermicro but some small hardware manufacture who uses supermicro boards...
<Niels_> \sh, yes, you're right -- sorry
<Niels_> However it's been a pain with that Adaptec and a firmware which was alsmost 1yr old
<Niels_> Adaptec had released in these months 3 major Updates
<uvirtbot> New bug: #380219 in samba (main) "Regression: Samba Read/Write Causes System Freeze" [Undecided,Incomplete] https://launchpad.net/bugs/380219
<\sh> Niels_: buy standard hardware...not those self assembled stuff..sometimes it can be cheaper to pay a bit more in the beginning
<uvirtbot> New bug: #379715 in bind9 (main) "bin9 and apparmor problem" [Undecided,Invalid] https://launchpad.net/bugs/379715
<Niels_> \sh, well the server wasn't cheap at all -- at least I think that almost 4.500Euros isn't cheap
<ogra> thats only 4 digits :P
<twb> Why are universe and multiverse -- unsupported categories! -- in the default sources.list during ubuntu-server installation?
<cjwatson> twb: because lots and lots and lots and lots and lots of people asked for it. In any case that's all going to be rearranged in the not too distant future
<cjwatson> https://blueprints.launchpad.net/ubuntu/+spec/enabling-additional-components
<cjwatson> (which was more desktop-focused than server-focused but it's a pain to have separate handling there and I didn't see a particular need)
<cjwatson> basically the very first thing that every single piece of third-party Ubuntu documentation said was "go and turn on universe and multiverse"
<twb> cjwatson: I guess I would've preferred it to be a question during install, even though you try to avoid that
<twb> cjwatson: just from the perspective of Canonical not going insane :-)
<cjwatson> we don't find that this causes us to go insane
<twb> That's just want insane people WOULD say
<cjwatson> people with firm requirements can always preseed it off or whatever
<twb> Nod.
<twb> I've another question, which I'll take to -install...
<cjwatson> but we find that this actually decreases the pressure on us to support absolutely everything just so that it can be available by default
<\sh> Niels_: depends :)
<Niels_> \sh, sure it does ;-)
<tv7497> guys is there a way to to log all the sftp transaction in an openssh server well the auth.log file doesnt say much about what are the files that are transferred . is there a way to know what files are being downloaded or uploaded ?
<Niels_> tv7497, maybe that link helps http://www.unix.com/unix-dummies-questions-answers/30238-logging-sftp-details-log-file.html
<simplexio>  /last simplexio
<eolo999> hi, i'm up to this point: after a fight with bridging/dhcp/networking i know have running vms with a reachable ip. the problem, now, is that the machines do not accept my private key for root login. First it told me that my permission were wrong so i chmodded 400 the key. After that i do not receive the error but still asks me for the root password! any hints?
<eolo999> sorry: i'm talking about eucalyptus in jaunty
<zoopster> eolo999: machines=hosts? cc's, nc, or are you referring to vm's
<zoopster> eolo999: and any reason you want root vs using a user via sudo (recommended)
<twb> ubuntu-server should install molly-guard by default :-/
 * soren concurs
<dendrobates> boredandblogging: sup
<boredandblogging> dendrobates: sent you an email last night
<boredandblogging> about server team blogging about UDS
<dendrobates> boredandblogging: ok, I'll get to it in a few minutes.
<boredandblogging> dendrobates: thanks
<eolo999> zoopster: i just ec2-run-instance and i have to login to the newly created vm. I think that first access can only be done with root keys, correct me if i'm wrong
<eolo999> zoopster: i'm using the ubuntu jaunty images i found at eucalyptus site.
<dendrobates> boredandblogging: I'll ask them today.
<boredandblogging> dendrobates: appreciate it
 * eolo999 is not clear enough?
<twb> I wish I had the confidence to tell grub to fuck off, and use extlinux or something equally straightforward, everywhere.
<twb> This whole grub-install "I'll detect what you're doing" voodoo unsettles me
<alterlaszlo> oops: lost connection
 * alterlaszlo should really change ISP
<alterlaszlo> alterlaszlo = eolo999
<alterlaszlo> zoopster: if you replied me, can you do it again as i lost connection?
<lamont> ScottK: any feedback you might have on the postfix 2.6.1-0 in experimental would be good... then I'll push -1 to sid and we can sync it
<huats> soren: me again :) Do you agree that I add karmic in the available distro (likewise it was the case with the patch to enable intrepid and jaunty) ?
<soren> Certainly.
<huats> soren: I was quite sure but I'd rather asked you first :)
<madler> good day everyone ... is there any way apart from compiling myself to get a newer version of samba on a hardy install? I am having massive problems with samba 3.0 and remote subnet domain joins ... and upgrading seems to only be the last thing which I have not checked
<Sam-I-Am> madler: well...
<Sam-I-Am> i built a debian package for hardy of samba of 3.3.2
<Sam-I-Am> er, of samba 3.3.2
<Sam-I-Am> it was the jaunty package, but its backported
<madler> 3.3.4 is afaik current stable ... but seems new enough to me ... is there a repository for it?
<Sam-I-Am> no, its sitting on my local machine
<Sam-I-Am> but if you have a place i can send it to... it also has a few dependencies
<Sam-I-Am> i'm planning to put a bunch of backports up on my PPA but i havent gotten there yet
<Sam-I-Am> or if you want i have detailed instructions on building it yourself
<Sam-I-Am> including building the dependencies
<madler> Sam-I-Am: that would be much appreciated
<madler> the build instructions
<Sam-I-Am> sure... lemmie send them to pastebin
<Sam-I-Am> (and see how they look first)
<madler> do you think this would apply to 3.2.11 aswell ... as this seems a bit more tested (at least from the version numbers)
<Sam-I-Am> well, these instructions use the jaunty package and make it work on hardy... compiling from upstream source you'd need to do a bit more work to make a debian package... however you could just build and install in /usr/local, but that gets messy.
<madler> hmmm
<madler> so frustrating
<madler> yes ... smbldap open connection; check_ntlm_passwd success ... one error which I see quite often is  "read_data: read failure for 4 bytes to client 192.168.10.117. Error = Connection reset by peer" ... but this happens on all machines ... I can't pin-point this either
<madler> I am pulling my hair out meanwhile
<Sam-I-Am> hmm
<Sam-I-Am> have you tried a tcpdump on the windows machine to see if the traffic getting sent from samba is making it back?
<Sam-I-Am> you should see the same traffic on both ends if the connection is clear
<madler> will try that now
<Sam-I-Am> sounds like somethings getting lost
<Sam-I-Am> and windows just isnt good at returning useful errors
<madler> amen
<uvirtbot> New bug: #383156 in sysstat (universe) "iostat stack overflow" [Undecided,Confirmed] https://launchpad.net/bugs/383156
* You're now known as ubuntulog
<ScottK> lamont: I'm in -0700 and working in a place with no net access this week and next, so don't block on me looking at it, but I'll try ....
<Sam-I-Am> no net access for almost 2 weeks? what will you do...
<lamont> ScottK: ok.  I may just upload it in a day or so if debian doesn't bitch
<tv7497>  guys was trying to patch sftp transaction entries into auth.log well had followed this tutorial http://ubuntuforums.org/showthread.php?t=241188 and i get like this http://paste.ubuntu.com/187421/  openssh server was working pretty well before this any idea guys ?
<Sam-I-Am> yeah so your key changed
<Sam-I-Am> go delete the old one from .ssh/known_hosts
<tv7497> Sam-I-Am: thanks mate !
<LeChacal> hello, I am looking at buying an HP workstation/server that has a LSI 8888ELP RAID controller card in it, the HP site doesn't have any Linux drives for it so i think HP is assuming that drives are natively available (HP only support RHE4, RHE5, and Suse Enterprise 11). Now on the LSI site they have Linux drives for the controller but for RHE3/4/5, Suse Ent9/10/11, CentOS 5.2, and Fedora 9. My question is can I get a driver out of one of these that 
<Sam-I-Am> if its open source it should just be in the kernel
<LeChacal> Sam-I-Am:what do you mean by if its open source it should be in the kernel?
<Sam-I-Am> if lsi is just releasing its drivers as open source it'll probably be in most kernels
<Sam-I-Am> have you googled?
<LeChacal> Sam-I-Am: and are you saying in the server kernel or in the desktop?
<LeChacal> yes i googled the card with linux behind it and nothing really comes up as people having problems with it or anything but I also dont see anyone else talking about drives for it
<Sam-I-Am> either one... they're more or less the same driver-wise
<Sam-I-Am> if you downloaded the redhat driver or .tar.gz, can you figure out the module name?  if so, you can see if its in the ubuntu kernel
<LeChacal> let me look and see if i can find the module name, but the file they provide for the drive is a zip archive with an rmp, img, and tgz in it, and the tgz look like just normal source that i can compile
<huats> soren: bug 383184
<uvirtbot> Launchpad bug 383184 in virtinst "Please merge virtinst 0.400.3-3 (main) from debian unstable" [Wishlist,In progress] https://launchpad.net/bugs/383184
<soren> huats: Lovely. I don't have time to look today, but tomorrow for sure.
<huats> soren: no problem at all. It fixes the keymap issue
<huats> (just so that you know)
<LeChacal> Sam-I-Am: I found what i think is the module name but how would i got about seeing if it is in the kernel?
<huats> soren: don't do the upload... a new debian version is out :(
<huats> I'll take care of merging with it
<huats> it is not a big deal...
<Sam-I-Am> LeChacal: look in /boot/config-*
<Sam-I-Am> theres a config file for that kernel
<Sam-I-Am> search for the module name
<LeChacal> Sam-I-Am: ok thanks the module is listed in there
<huats> soren: it is good this time on the bug... you can take the stuff (well tomorrow :))
<troglobyte> is a properly configured UFW setup secure enough to not necessitate a hardware firewall in front?
<Sam-I-Am> sure
<troglobyte> this is a personal server with ports 22 and 80 open.  default deny everywhere else.
<troglobyte> nice!
<jmedina> of course ufw wont protect your ssh and http server
<jmedina> most server penetrations I know are because insecure web applications (PHP)
<Sam-I-Am> jmedina: still working on those packages btw... almost done
<Sam-I-Am> jmedina: built some chroot silos to separate builds
<jmedina> Sam-I-Am: good, tell me when whey are done
<jmedina> Sam-I-Am: or if you want I can help with the building process
<jmedina> Sam-I-Am: 32o 64bits?
<Sam-I-Am> amd64 for now
<jmedina> good
<Sam-I-Am> i think i got it... getting very close
<jmedina> I only use 64 for servers
<Sam-I-Am> i have the dependencies built in their own silos
<Sam-I-Am> grabbed a few libs from jaunty that Just Work on hardy
<Sam-I-Am> so this stuff is all for hardy amd64
<Sam-I-Am> will also start building openldap-cvs for debian-unstable or karmic soon
<Sam-I-Am> but i gotta do this first
<bogeyd6> !help
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi - Usage info: http://wiki.ubuntu.com/UbuntuBots
<uvirtbot> New bug: #382785 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,Confirmed] https://launchpad.net/bugs/382785
<giovani|work> anyone know how to control which monitor (presuming you have multiple) rdeskop displays onto?
<maek> what kind of magic is being used to create the super cool motd in 9.04 please?
<sommer> maek: the update-motd package
<maek> sommer: thanks
<sommer> np
<Sam-I-Am> hmmm
<billybigrigger> hi all
<billybigrigger> i just acquired an old pentium box, i haven't had a chance to look inside it yet, but my plans for it are to make a server out of it...right now my only box is dual purposing as a desktop/web/mail/ftp server...what is the best way i can migrate the server side of my current box over to this new server?
<billybigrigger> or is my only option to just manually reconfigure everything again on the new box?
<gcleric> billybigrigger: are you dual booting?
<uvirtbot> New bug: #383318 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/383318
<billybigrigger> gcleric::: no
<gcleric> if you are you could image the server side with something like dd and restore it to the old box.  then using the LiveCD modify the fstab to change the drive it's pointing at to sda.
<billybigrigger> gcleric::: i just have jaunty desktop installed, but also apache/mysql/php/proftpd packages installed on top
<billybigrigger> i don't think that will work
<billybigrigger> hmmm
<billybigrigger> ill just have to reconfigure i imagine eh?
<gcleric> then I'd build a new  box from scratch and migrate services to the new box.
<gcleric> just tgz up the data and configs and restore them to the new box
<gcleric> that is after you install the servives on the new box.
<gcleric> billybigrigger: once you get your server up and running consider imaging it for backup.... if the size of your data allows it.
<gcleric> here's a howto I wrote for imaging linux systems. http://ubuntuforums.org/showthread.php?t=581680
<dinger1986> or use mondo
<giovani|work> dinger1986: what advantages does that offer?
<billybigrigger> gcleric::: thanks
<billybigrigger> also...i just found the two usb inputs are not working...this box was made in '97 according to the sticker on the back and im wondering if my newer usb dongle for keyboard and mouse are too new for it...now i don't have a ps2 kb/mouse
<giovani|work> billybigrigger: no, there's no such thing as "too new" in USB
<dinger1986> or remondo makes an image
<billybigrigger> so is there anyway to do a networked install? probably not eh? like the only thing i plan on doing with this box is hooking up power and wire it...
<gcleric> giovani|work: unless he's refering to USB 1.1
<giovani|work> billybigrigger: USB 2.0 works with USB 1.x -- however, your mouse/keyboard are likely not USB 2.0 anyway
<giovani|work> dinger1986: I'm unclear on how that's better than using dd ... mind explaining?
<billybigrigger> giovani|work::: i thought they were backwards compatible...
<giovani|work> billybigrigger: they are, I just said that
<billybigrigger> giovani|work::: well ill just have to open it up, and see if there's something visibly wrong with the inputs then
<dinger1986> none over using dd
<billybigrigger> giovani|work::: ya, and i said i thought they were, thanks for confirming
<giovani|work> billybigrigger: however, a system as old as 97 might not support USB for keyboard input
<giovani|work> in the bios, etc
<billybigrigger> ahh
<dinger1986> they wont
<giovani|work> should work with an OS that has drivers, though
<dinger1986> do you have anyusb to ps2 adapterS?
<billybigrigger> giovani|work::: so will i have usb kb/mouse during ubuntu install? or no because the bios won't support it
<giovani|work> billybigrigger: I can't say for sure
<billybigrigger> negative on the usb-ps2 adapter
<giovani|work> billybigrigger: any problem with just trying it and rolling with the punches?
<billybigrigger> fuck, im gonna have to look through a bunch of shit stored away in the storage room, and even then i might not find the old kb/mouse i had...i think i chucked it a long time ago
<billybigrigger> giovani|work::: nothing wrong with rolling with the punchs
<giovani|work> billybigrigger: I said try it ...
<billybigrigger> s/punchs/punches
<giovani|work> did you try it first?
<billybigrigger> IM TRYING! :P
<giovani|work> trying? it either works ir not
<giovani|work> or*
<giovani|work> billybigrigger: and yes, network-booted installs (PXE) do absolutely work, we do dozens of them a week here
<giovani|work> so that's an option if you want to set it up
<billybigrigger> so i can install without a kb/mouse if i HAVE to
<billybigrigger> nice...
<giovani|work> but it's probably more work to set that up than it is to find a PS2 keyboard, if in fact the USB keyboard doesn't work
<billybigrigger> ahh
<billybigrigger> bummer...
<giovani|work> I'm not sure who doesn't have a PS2 keyboard
<dinger1986> why nt install on another machine then take it across?
<dinger1986> and repair network cards etc
<giovani|work> that's a horrible solution
<giovani|work> please don't recommend that to users
<dinger1986> ok
<giovani|work> billybigrigger: so you have or have not tested the usb keyboard in the ubuntu installer?
<billybigrigger> downloading install cd as we speak
<billybigrigger> i used to have a ps2 keyboard/mouse but i think its long gone
<giovani|work> honestly, you should ALWAYS have one
<giovani|work> USB is a far too complex protocol to rely on for something as simple as a keyboard
<billybigrigger> well i used to have 3 box's in my comp room so instead of running kb's/mice to all of them i bought a usb kb/mouse with a dongle and they all had usb, and it worked great....now that was years ago and i've clean house a bit and downsized to 1 machine, which was a dumb idea, i should have kept my old server box in the first place
<billybigrigger> i really don't feel like going through the boxes in my storage room to find that kb though...if i can get it to work some other way i will :P
<billybigrigger> well i don't know how i can enter bios a set boot to cd
<billybigrigger> i need a kb
<billybigrigger> this sucks
<billybigrigger> giovani|work::: how do i net install?
<giovani|work> billybigrigger: it's far more complex than finding a PS2 keyboard, I assure you
<giovani|work> if you've never done it before ... good luck
<giovani|work> this look like a relatively complete guide, but I can't vouch for it -- I'd do it without a guide: https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
<giovani|work> looks*
<giovani|work> you'll want to automate the install
<giovani|work> so that you don't need a keyboard
<giovani|work> I don't think the guide covers that
<uvirtbot> New bug: #380272 in samba (main) "/etb/mtab shows cifs mount options usernames and password" [Undecided,Confirmed] https://launchpad.net/bugs/380272
<billybigrigger> umm...well i dont even know if this thing is worth using as a server
<billybigrigger> 9.04 cd wont even boot
<billybigrigger> i need to update the bios on it for 9.04 server 386 to boot....went into bios and found that its an old p1 166mhz with 98mb ram...
<billybigrigger> i found my ps2 kb btw
<billybigrigger> i dont have a floppy to update the bios...this thing is ancient...
<ewook> billybigrigger: easier to just go with the general kernelbuild.
<ewook> or build your own.
<billybigrigger> would i be better off checking out debian lenny?
<jeiworth> hi guys, i am looking for a decent groupware for a heterogenouus environment (win, mac + linux), so far kolab and perhaps obm sprung to my mind, does anyone here have a recommendation?
<billybigrigger> ewook::: should i try the general kernel build or try debian?
<billybigrigger> ewook::: and where can i download find more info on this general kernel build you speak of
<ewook> billybigrigger: I am talking about the same build that ubuntu uses, you can apt-get it.
<ewook> debian's standardkernels might be even nicer, but, well. dunno.
<billybigrigger> oh, your talking about building my own kernel
<ewook> nah
<ewook> not really
<ewook> if you don't wanna.
<ewook> but, I wanna sleep :P laters.
<billybigrigger> ahh haha thanks :P
<billybigrigger> is there anyway to pass boot options to the install cd before the actual installer?
<billybigrigger> i got an error saying i couldnt boot the install cd because i needed to update my bios, is there anyway around this? like passing acpi=off
<giovani|work> billybigrigger: if you couldn't boot the installcd, how did you determine if the USB keyboard didn't work?
<giovani|work> and yes, you can modify the cd's default boot line
<giovani|work> edit it
<billybigrigger> but i get the error right after booting cd.....the isolinux runs for 1 sec and gives me that error
<uvirtbot> New bug: #383300 in cyrus-sasl2 (main) "cyrus-sasl2 buffer overflow vulnerability: CVE-2009-0688" [Unknown,Fix released] https://launchpad.net/bugs/383300
#ubuntu-server 2009-06-04
<uvirtbot> New bug: #383399 in mysql-dfsg-5.0 (main) "mysql-server 5.1.30 failed to upgrade" [Undecided,New] https://launchpad.net/bugs/383399
<quizme> hi, what's so great about 9.04?  Is it worth switching to?
<giovani> quizme: haha
<giovani> newer packages
<giovani> as always
<Rafael__> what is better for connecting my windows computer to my ubuntu server...i have samba installe and i read that you can do either smb or cifs?
<jmedina> Rafael__: smb is the old protocol
<jmedina> cifs is the smb evolution
<giovani> CIFS > SMB, essentially
<giovani> they're the same product, just a newer revision
<quizme> what's CIFS ?
<quizme> and SMB ?
<giovani> google
<giovani> they're file protocols
<Rafael__> Any of you guys know a good how to to coneect my windows client to ubuntu server?
<giovani> Rafael__: when in doubt, check the ubuntu.com website: https://help.ubuntu.com/community/MountWindowsSharesPermanently
<Rafael__> giovani: Thanks for the link. any godd or easy to follow instructions?
<giovani> Rafael__: huh?
<Rafael__> giovani: sorry ....i was just asking if you knew any good and easy how to so i can follow ...
<giovani> I linked you to one ... obviously
<Rafael__> i saw it but do not knwo if this is what i need..evidently as you can see i am a newby
<Rafael__> do you mind if i make some question andif you think is rigth for that link then i will follo it?
<giovani> nope sorry, no time
<Rafael__> ok..thank..
<stevert> Rafael__
<stevert> what is it you need help with ?
<Rafael__> stevert: i am trying to connect my windows client computer (4) to my ubuntu server. i did installed SAMBA a long time ago, but had really not use it
<stevert> well
<stevert> Rafael__
<stevert> run
<stevert> atp-get purge samba just so we can start fresh
<Rafael__> let me ask you..i was confuse about the cisf and smb..are this two part of samba?
<Rafael__> rgotten
<stevert> here look
<stevert> Rafael__
<stevert> just follow this
<stevert> http://www.howtogeek.com/howto/ubuntu/install-samba-server-on-ubuntu/
<Rafael__> stevert: so what will be the difrrence on cisf and smb?
<stevert> not exactley surer, ive used smb and it works fine
<Rafael__> Stevert: i also need to understand the following..if on server i have restricted areas to some computers and other to be accesible by everybody..were do you do this?
<stevert> Rafael__
<stevert> well
<stevert> not sure,
<stevert> lol
<quizme> should i use ubuntu 8.04 for my server? or 9.04 ?
<giovani> that's up to you
<oh_noes> is there a doc on installing Ubuntu Server on a LVM Software RAID1?
<oh_noes> i tried to do it in the 8.04 Installer, creating an LVM on each disk, then creating / and swap on the new logical volumes
<oh_noes> but now I'm in the OS, and mdadm isnt installed so query it ... so I'm not sure whats actually doing the RAID1
<oh_noes> that ... and it installed LILO as the boot loader, which is causing it to take +2 minutes to extract and boot
<Sam-I-Am> did you make an xfs boot partition?
<Sam-I-Am> grub cant boot xfs
<Sam-I-Am> and possibly other filesystems
<oh_noes> no, ext3
<oh_noes> so did the installer create me a DM LVM?
<oh_noes> and im assuming I don't have RAID yet?
<oh_noes> Im confused, all I wanted was Ubuntu Server installed on both system disks as RAID1 ...
<twb> d-i will use lilo if it decides that your /boot isn't accessible to grub.
<twb> In particular, that is the case if you put /boot inside RAID5 and/or LVM.
<twb> You can put /boot on a RAID1; I typically have a separate 3-node RAID1 /boot, and the rest as RAID5.
<Sam-I-Am> or you can just mirror two disks completely
<twb> (Oh, and real hardware raid ought to be fine.  I speak above of md software raid)
<oh_noes> so whats the current status of my system?  Was I wrong to create a two DM's in LVM for / and swap
<twb> Sam-I-Am: right.
<oh_noes> I dont have mdadm atm, so I'm assuming I dont actually have RAID1 running atm?
<Sam-I-Am> were you running the installer at the time?
<twb> oh_noes: if /proc/mdstat is gone/empty, you are not using md software raid.
<Sam-I-Am> or doing this later...
<oh_noes> I dont have real hardware raid, It's an Intel chip.  I want to use software RAID1
<oh_noes> no mdstat ... i dont understand then ... I told the install to create an LVM with 2 disks.
<oh_noes> so the installer is so dumb that its created me an LVM of 2 disks mapped, without any RAID?
<Sam-I-Am> well, if you're doing software raid + lvm, i believe you create raid partitions on each disk, tie them together for mirroring, and drop the lvm on
<Sam-I-Am> its a few layers
<nick58b> oh_noes: software raid 1 install docs: https://help.ubuntu.com/9.04/serverguide/C/advanced-installation.html
<oh_noes> is there one for 8.04?
<nick58b> i'm not aware of official 8.04 docs, but i have a couple 8.04 servers running on it
<nick58b> i don't remember what i followed
<oh_noes> I think I found a doc to do it
<oh_noes> seems as if in my instlaled, I used "use device for LVM"
<oh_noes> assuming LVM = Mirror, when I should have used "Use this device for RAID"
<oh_noes> Can someone explain to me why someone would use a device for LVM and NOT want it for RAID?
<nick58b> resizing with lvm is easier than resizing regular partitions
<giovani> oh_noes: LVM is far more flexible
<giovani> far
<giovani> resizing is the main reason
<twb> If you want LVM on md RAID, you currently need to hold d-i partman's hand through the whole process.
<twb> There is no guided recipe for it.
<twb> giovani: and migrating LVs to a new PV when changing disks, and making snapshots for backup, etc.
<oh_noes> twb: is it easier to just installed the OS on the first disk as normal, then mirror into the 2nd disk?
<oh_noes> post install
<twb> oh_noes: no, certainly not
<oh_noes> that's pretty aweful then, hopefully partman improve on this
<twb> Patches welcome!
<oh_noes> youd like to think it's pretty standard to create a raid1 os mirror at install
<twb> I would certainly appreciate "Use RAID1 and LVM on all my disks" and "Use RAID5 and LVM on all my disks" guided partitioning choices.
<twb> The details get a bit hairy, though, because sysadmins are more likely to be picky about layout than someone choosing "just blow away my laptop's hard disk".
<ScottK> lamont: It'd be nice to get Bug #348990 fixed (patch included).
<uvirtbot> Launchpad bug 348990 in postfix "Deinstallation doesn't delete all files" [Low,Confirmed] https://launchpad.net/bugs/348990
<ScottK> lamont: There are also quiet some bugs with ErrorMessage: subprocess post-installation script returned error exit status 75 in common.
<ScottK> I haven't had a chance to look into that one at all, but it seems to be a not entirely unusual problem.
<oh_noes> twb: they would definitely be nice additions to partman
<lamont> ScottK: 348990 is fixed
<ScottK> lamont: Cool.
<lamont> mind you, nfc when
<lamont> for the status 75 - I'd love to understand that bug
<lamont> since I can't seem to reproduce it
<lamont> EX_TEMPFAIL FTL
<uvirtbot> New bug: #383430 in mysql-dfsg-5.0 (main) "MySQL does not upgrade correctly for 5.1.30really5.0.75-0ubuntu10.2" [Undecided,New] https://launchpad.net/bugs/383430
<uvirtbot> New bug: #383050 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourne une erreur de sortie d'etat 1" [Undecided,Incomplete] https://launchpad.net/bugs/383050
<uvirtbot> New bug: #379748 in squid (main) "Please import a fix for Debian bug 513102 (resolvconf integration)" [Undecided,Fix released] https://launchpad.net/bugs/379748
<axisys> how do I see the grub menu and os console prompt on sun x4100's alom ?
<axisys> on solaris i just have to set the screen and kbd to ttya using eeprom
<axisys> https://help.ubuntu.com/community/SerialConsoleHowto should this work for ALOM? i know it works for serial console
<billybigrigger> can someone help me out here, i can't get php enabled in apache2, i looked in mods-enabled and php5.conf and php5.load are there
<billybigrigger> but viewing my test.php file just asks to save the file
<jmarsden> billybigrigger: sudo a2enmod php5 && sudo /etc/init/d/apache2 restart   # should be all that is needed?
<billybigrigger> the mod is already enabled
<jmarsden> billybigrigger: OK, I'll test here on a fresh apache2 and php5 install and see what else I have to do...
<niels_> Howdy ;-)
<jmarsden> Hi niels_
<niels_> Hi jmarsden!How are things going?
<jmarsden> Fine.  My updated sword package is in Debian unstable, soon to be followed by a couple of apps ... I'm finally seeing my packaging end up in Debian and Ubuntu, which is exciting :)
<niels_> Good on ya, mate! I figured out yesterday, while installing Jaunty Server, that the RAID-Controller wasn't likely to work flawlessly and guess what the prob was...
<rcsheets> that's really cool, jmarsden
<jmarsden> niels_: It's FakeRAID after all?
<niels_> jmarsden: nope, it's been a HW-RAID-6, BUT the Controller had a buggy Firmware, which was almost 1yr old and the manufacturer forgot to update the Firmware to the latest stable one. Grrr...we just bought the server 4weeks ago
<jmarsden> rcsheets: Thanks!  Yes... one package I did (bibledit) is all the way into Debian testing and Ubuntu Karmic already... I'm starting to wonder about trying for UCD (Ubuntu Contributing Developer) status and then maybe MOTU... we'll see.
<jmarsden> niels_: sigh.  Well, at least the fix is easy -- download and update the firmware, and then rebuild the array all over again... right?
<niels_> yep...
<niels_> I am just rebuilding the array...and my boss is quite happy ;-)
<jmarsden> billybigrigger: OK, I duplicated the behaviour you are seeing... nwo to figure out what I change to make PHP work as expected... I've done this before... and it is something simple.
<jmarsden> billybigrigger: Found it at last.  You need to enable ExecCGI in the Options line
<jmarsden> Apparently Ubuntu defaults for /var/www/html are reasonably secure :)
<error404notfound> anybody ever installed google site map generator here?
<thefish> anyone know of a way to keep 2 directories in sync in close to real time? ie rsync/unison on a cron is not quick enough..
<henkjan> use central storage
<owh> I have a hair brained idea that I'd like to discuss. A small start-up client needs file and print services. They have 5 employees who are mostly on the road. I'm entertaining the idea of providing them with a virtual server which runs a VPN which when connected allows the employees to connect to samba where their files live...
<owh> While the client hopes to grow to 20 employees in the next 24 months, I cannot justify advising them to buy a server, buy bandwidth, ups, etc and have a person on call to maintain a physical box. Any comments?
<_ruben> owh: how'd print services workout while being on the road? :P
<owh> I asked that question - they didn't much care :)
<owh> The actual response was: "Why would we want to print if we're not going to be able to pick it up from the printer?"
<_ruben> so they do want to print at the office i guess, so they'd need a print server there
<_ruben> and if the fileserver isnt at the office, and the office is on low-bandwidth, their fileserver will be slow @ the office as well
<owh> There is a network printer in the office. As for slow network speed in the office. It won't be LAN speeds, sure -- but as more and more users start using it remotely, their internet connectivity bill will keep going up.
<owh> Not to mention hardware costs, infrastructure, etc.
<owh> I suppose I'm trying to get a feel for if this is a really smart way of solving their problem, or if my name is going to be mud because I've chosen a solution that makes every man and their dog scratch their head.
<_ruben> aside from the (possible) performance issues, the setup you described sounds fair enough :)
<owh> I figure that if they host a VPS, I can also backup their data to another VPS within the hosting server, rather than needing to come up with an off-site backup solution.
<owh> s/hosting server/hosting provider/
<owh> There is one snake in the grass...
<_ruben> that's what you for living down-under ;)
<_ruben> +get
<owh> One of their "must have" applications is a windows application. I am contemplating running a terminal server/vnc to a virtual machine that runs that application for the users that need it. It's their accounting software.
<owh> I'm not liking that much, but I cannot think of any other way of doing it.
<_ruben> it needs to be on a central place?
<owh> I've made plenty of vmware terminal servers, you connect, it fires up a vmware instance of windows, launches the application, magic.
<owh> Yes, it needs to be central.
<owh> The application is really pretty poor in terms of network access. I wouldn't want it to talk to its database across a vpn.
<owh> I could rsync the database, but that's hardly "live".
<_ruben> and wouldnt work (well) for large db combined with low bandwidth
<owh> Yeah, my datafile for that application is 23Mb for 10 years of data. Not too huge, but not trivial either.
<owh> Even if we put a server on their LAN, the access to that application still needs to be remote.
<owh> I really, really don't want to put in a windows sbs with terminal services.
<owh> If it comes to that, I'll hand it to a Windows mob to do the work and run away.
<_ruben> windows 2008's terminal server features are kinda nice ;)
<owh> Sure, all except for the Windows part of it.
<_ruben> true ;)
<_ruben> wine + vnc then ;)
<owh> I mean, I could make a full-time job just understanding and applying windows patches. I have better things to do.
<jmarsden> If they can live with "one user at a time" access to that app, you could put a Windows desktop in their office and allow RDP to it over a VPN.  Maybe?  Do they *need* true multiuser accounting for a 5 person company?
<owh> Haven't tried wine lately, but last time I tried, about 12 months ago, it was crap with that application.
<owh> That's an interesting idea jmarsden.
<simplexio> owh: wine has come a long way sincce last year
<jmarsden> Saves cost, and if the whole virtual world falls down, they still have an office windows box with their accounting on it :)
<owh> jmarsden: Mind you, then I have to maintain a VPN into the office and all the associated paraphernalia.
<owh> simplexio: That's an astute observation.
<jmarsden> Well, you're maintaining a VPN to every single travelling user anyway...
<owh> Yeah, but you're suggesting an *additional* VPN.
<owh> Imagine the confusion :)
<owh> I mean, they don't even have AV software at present :)
<jmarsden> Yes.  So you need a monowall router for maybe US$200 at the office?  Or give people remote access to that windows box via the server-in-the-sky... then it is only one VPN, the office is one moer client connecting (constantly!) to the server??
 * owh shudders.
<owh> That could work.
<owh> It's not very scalable though.
<jmarsden> No, but by the time they have 20 or whatever users they may have more $$ for a windows server, or Wine may be good enough to run the app up on the server by then...
<owh> It does give real-time speed access to the local user though.
<jmarsden> And the bookkeeper may be the one who travels the least?
<owh> It's not that they don't have money for a windows server, it's that it didn't seem to make sense to go down that path given that they're going to be on the road for 1/3 of the time all around the globe.
<owh> The company secretary is remote.
<owh> The only local user would be the receptionist who would make about 10 transactions a week. The rest of the access is remote access reporting.
<owh> wine + vnc sounds like a really interesting idea. Less heavy than running a whole windows environment in a vps.
<jmarsden> Sounds like you now have some feasibility experiments to conduct :)
<owh> I figure, $500 or so for a VPS, $1k for my time, they're done for about $1.5k -- if it grows, add $500. Going down the windows path is $2k for a server, $1k for licenses, $1k for me, $1k for Internet.
<owh> Feasibility indeed. Testing is in order.
<owh> I wonder if anyone already has a turnkey one :)
<owh> In my fantasy I can use google sso to manage users and access, but I suspect I'm dreaming :)
<BrixSat> Hi :)
<BrixSat> i have installed using tasksel the xubuntu desktop, and how can i disable it from autostart?
<owh> BrixSat: How is this related to a ubuntu server?
<_ruben> ask the xubuntu ppl
<BrixSat> :)
<_ruben> x != server
<owh> _ruben: That's only true if server != osx :)
<_ruben> hehe
<BrixSat> thanks guys :)
<_ruben> but update-rc.d is probably what you are looking for .. and/or possibly some entry in /etc/defaults/
<owh> So, if I run samba on the VPS, I'm thinking that I bind it to the lo interface and only provide access via eth0 internally - ie, authenticate via VPN of choice, map internally to lo?
<owh> Or am I thinking wrong?
<_ruben> depending on the vpn software of choice, you might have a tun/tap/etc interface to bind to .. and with proper firewalling, the binding doesnt really matter all that much
<BrixSat> _ruben,  Are those files in /etc ?
<owh> I'm going to be having XP and Vista clients mostly, though I suspect I'll need to connect via my Ubuntu desktop :)
<_ruben> update-rc.d is a command
<_ruben> owh: openvpn comes to mind as first .. which would have a nice tun/tap device to bind to ;)
<owh> _ruben: Does Doze already natively talk to openvpn, or do they need to install stuff?
<NorthByNorthWest> Hi! I have a ubuntu server running with a SMB-shared folder. The desktop-ubuntu have two users that mount that folder to a local directory in the fstab. I need both users to have full access to edit, add and remove each others files in that share. Can I do that with chown g+s by ssh in that server? How?
<NorthByNorthWest> (Win-clients will also access that folder... so thats why the smb-share)
<_ruben> owh: install's required .. if you want to use the built-in vpn stuff, you need pptp or l2tp-over-ipsec
<owh> _ruben: I'm guessing I'm going to have to do some reading :)
<_ruben> or something like sslexplorer, which is a browser based thingie
<owh> From a usability perspective, a bog-standard windows installation being able to connect would be a good thing. Even if there is pain for me.
 * owh is very grateful for all the comments and advice. Much appreciated. When I've come up with a workable solution, I'll put it on the 'net for others to use. Tah.
<owh> Oh crap, just looked at the clock -- gotta run, thanks all!
<jovaro> is someone else also having problems with mysql after the latest update? I have 100% cpu usage from mysqld_safe
<jmarsden> jovaro: That is a known issue... there's a bug in launchpad with tons of comments...
<jovaro> aha, thanks. I'll have a look at that
<jmarsden> jovaro: https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/105457
<uvirtbot> Launchpad bug 105457 in mysql-dfsg-5.0 "mysqd_safe high cpu usage" [Low,Triaged]
<brixsat> how can i put ubuntu tu autoupdate all packages?
<jovaro> ty jmarsden
<jmarsden> jovaro: No problem.
<NorthByNorthWest> still need help with chmod g+s for my server if anyone feels up to it!
<jmarsden> brixsat: sudo apt-get install unattended-upgrades   # Also see https://help.ubuntu.com/9.04/serverguide/C/automatic-updates.html
<jmarsden> NorthByNorthWest: I think you just want to create a group, chmod 4770 the directory concerned, chown :thegroup the directory concerned,  and add the relevant users to that group ?
<NorthByNorthWest> jmarsden: so i ssh into the server, create the group, chmod 4470 the shared directory, then 'chown :thegroup /the/directory'
<NorthByNorthWest> jmarsden: and then create the same group on the desktop, add the users and then were good to go?
<jmarsden> Ummm... add the same group on the desktop?  I don't follow.  The files are on the server and the users have account there, right?
<jmarsden> You could, but I don't know that it is necessary.  and ity is 2:30am here so I should get some sleep and may be missing something about what you are trying to do... :)
<NorthByNorthWest> well... the users have their accounts locally on the desktop... the server have a shared directory, working lika a NAS, basically...
<jmarsden> Sounds reasonable, though I'm not sure what the group on the desktop(s) will buy you.  Try it and see :)
<NorthByNorthWest> well... basically i need to make so that the shared server folder, mounted in fstab, acts like a shared folder for all users on this desktop... with unrestriced access to all files added to that folder...
<NorthByNorthWest> should I do this by editing fstab instead?
<jmarsden> I don't think so; you could tell samba to always write files in that folder as user X in its config file, if you need to.
<NorthByNorthWest> by 'sudo nano /etc/samba/smb.conf'   ?
<jmarsden> Sure.
<jmarsden> And ... goodnight :)
<NorthByNorthWest> ok... there seems to be pretty good explanatins embedded into that file!
<NorthByNorthWest> thanks!
<NorthByNorthWest> sweet dreams! :)
<NorthByNorthWest> after editing /etc/samba/smb.conf i need to restart samba? How? can find anything that looks right in /etc/init.d/
<SirStan> Whats the best way to backup to a remote host?
<highvoltage> SirStan: put it in reverse and release the clutch slightly
<highvoltage> SirStan: for desktops to a server, backuppc is nice
<highvoltage> SirStan: I guess it depends what you want, if it's once-off you could use rsync
<highvoltage> SirStan: backula is quite powerful if you need it
<uvirtbot> New bug: #383473 in mysql-dfsg-5.0 (main) "package mysql-server 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess pre-installation script returned error exit status 1 (dup-of: 153868)" [Undecided,Incomplete] https://launchpad.net/bugs/383473
<uvirtbot> New bug: #383636 in likewise-open5 (universe) "DDNS updates aren't automated" [Undecided,New] https://launchpad.net/bugs/383636
<jbernard> kirkland: around?
<kirkland> jbernard: yo
<jbernard> kirkland: got a sec to talk about upstart/inotify? I've got some questions and thoughts
<kirkland> jbernard: yessir
<kirkland> jbernard: i'm working on a few things in parallel
<kirkland> jbernard: we should bounce over to ubuntu-devel, in case we need keybuk
<frojnd> After the build of kernel is complete, can I delte some files? Building the kernel has consequences, eating my space
<al_paun> Hi there
<al_paun> How do I know if my kernel is compiled with EXT3 XATTR option?
<jmedina> al_paun: are you using default kernel?
<jmedina> $ grep -i ext3 /boot/config-`uname -r`
<jmedina> it returns something like this:
<jmedina> CONFIG_EXT3_FS_XATTR=y
<jmedina> anyone using php5 ever got a error like this:
<jmedina> ALERT - linked list corrupt on efree() - heap corruption detected (attacker x.x.x.x...
<jmedina> Im instaling vtiger CRM via the webinstaller, it fails whith that error
<jmedina> am using hardy with apache2/apache2-mpm-prefork  and libapache2-mod-php5
<resno> it sounds like you should contact vtiger.
<jmedina> it installs in any other distro without problems :S
<jmedina> I never saw that message about attacker
<SirStan> jmedina: are you running suhosin?
<jmedina> Im not sure if is related to hardened
<jmedina> SirStan: I think so, I just installed libapache2=mod-php5
<SirStan> thats a suhosin error
<SirStan> not sure what the fix is thought
<SirStan> -t
<jmedina> SirStan: mmmmmm, do you know any workaround, I never had suhosin problems :S
<jmedina> ok, I found somthing
<SirStan> oh?
<jmedina> php_admin_value suhosin.request.max_vars 500
<jmedina> php_admin_value suhosin.post.max_vars 500
<jmedina> SirStan: that problem did apache to use 99.9% cpu
<jmedina> my sistem was at 100%us
<jmedina> I did stop apache, but that specific child didnt die
<jmedina> it worked
<jmedina> Â¬Â¬
<frojnd> Hello there
<frojnd> anyone here that has in a life time configured the kernel before build it?
<frojnd> I'm the first timer here and as I look throgh those settings I think I won't be able to start building it since next week.. I have no idea what some stuff mean :S
<frojnd> I know lspci tells me what hardware I have but I can't find any connection from xconfig
<frojnd> ajaj
<simplexio> frojnd: well.. you sont need to know all stuff thats is there, just things you want to change
<simplexio> s/sont/dont
<frojnd> simplexio: there is a lot of thigs already checked..
<frojnd> I've already build it but then the build folder was like 3.3gb big
<frojnd> and I only have 2.3gb after that left
<frojnd> not enough for installing the modules and installing the kernel..
<frojnd> simplexio: If  Ido lspci, there  I only have 21 things
<frojnd> ok ISDN  I don't need
<frojnd> that's I'm quite sure
<simplexio> intresting.. havent notice before that ready compiled kernel source dir takes 4.7G
<simplexio> that probably explains where all my lost disk space is
<frojnd> aha :D
<frojnd> What is Virtualization used for?
<simplexio> not 100% sure, but is for guest kernels
<frojnd> so I don't need it
<simplexio> or its host part support for some faster stuff
<jmedina> frojnd: there is a lot of reasons, principally server consolidation, and maximum resource usage
<simplexio> its a server ? , then you dont need oss/alsa stuff
<frojnd> it's not a server (this one is a destkop) but I'm asking here since I had good experience while configuring the server
<frojnd> and because of good guys here :P
<simplexio> and a lot less people than in #ubuntu
<frojnd> simplexio: yep :)
<simplexio> frojnd: you can do stuff like remove all 100Mb network support if you have gigabit cards etc
<frojnd> simplexio: actually I have 100mb card
<frojnd> which is currently fried.. so instead I just use usb card
<frojnd> sub ethernet card
<frojnd> and integrated wifi card
<frojnd> but maybe I'll buy also usb wifi card with external antena
<frojnd> so for network I'm pretty sure I d on't need a bunch of sruff..
<frojnd> ...what's bothering me is that I don't know how big is some driver..
<frojnd> arh
<simplexio> not that big, but i think every supported card is compiled as module if you use standart ubuntu config as base
<frojnd> cp /boot/config-$(uname -r) .config && yes "" | make oldconfig
<frojnd> while I'm in /usr/src/linux-2.6.29.4/ directory
<frojnd> so it copies the old config
<frojnd> from old one to the new..
<frojnd> and I don't need so much of a old one
<simplexio> its little bloat way to make config
<frojnd> if my processor is core duo
<frojnd> intel
<frojnd> I don't have to had all the settings enabled yes?
<frojnd> just support for more than one cpus
<frojnd> and I need to select the right model
<frojnd> right?
<frojnd> Hm..
<frojnd> how can I determine processor familly if I have vendor_id: GenuineIntel, cpu cores: 2, model name: Genuine Intel(R) CPU           T2250  @ 1.73GHz ?
<frojnd> Currently is set to: 586/K5/5x86/6x86/6x86MX (M586)
<simplexio> uu
<simplexio> its is there anything newer ?
<simplexio> i think there selection for code duo
<frojnd> If I cat /proc/cpuinfo I get cpu family 6
<frojnd> simplexio: current settings is ok?
<frojnd> 586/K5/5x86/6x86/6x86MX (M586)
<frojnd> 586/K5/5x86/6x86/6x86MX (M586)
<simplexio> i have no idea whats is right for your processor, i run opteron
<frojnd> ups
<frojnd> hm
<frojnd> Ok.. where can I get info what chipset is using my cpu? what intel chip is using my cpu?
<jmedina> frojnd: probably with hwinfo
<jmedina> or dmidecode
<frojnd> let me check
<frojnd> Family: Pentium M
<uvirtbot> New bug: #383710 in openssh (main) "GSSAPIAuthentication enabled by default contrary to /etc/ssh/ssh_config implication" [Undecided,New] https://launchpad.net/bugs/383710
<frojnd> Hm.. I'm at the PCI support. What laptops usualy have for PCI access mode: bios, mmconfig, direct, or olpc ?
<jbernard> kirkland: after talking with Keybuk, I think it might be a good idea to implement the cron @reboot option so we have a solution for karmic
<jbernard> that way we can make the choice to integrate with upstart depending the remaining time
<jcastro> mathiaz: any burning issues for today? I am still catching up from UDS.
<jcastro> mathiaz: if you could send along those profiles you were going through at the session that would be great
<mathiaz> jcastro: hey - nope
<mathiaz> jcastro: sure - I'll probably update the ServerTeam wiki pages
<mathiaz> jcastro: I've already posted the notes in the blueprint
<jcastro> oh ok, checking, thanks!
<mathiaz> jcastro: the next step is to update one of the wiki page (either GettingInvolved or KnowledgeBase)
<mathiaz> jcastro: (probably the latter - as it may be overwhelming information for a newcommer)
<jcastro> nod
<mathiaz> jcastro: I've got nothing else to report/discuss
<jcastro> nor me
<jcastro> hugs!
<mathiaz> jcastro: :) - we'll catch next week
<mathiaz> jcastro: :) - we'll catch *up* next week
<jcastro> sure
<ajmitch> hi mathiaz, jcastro :)
<jcastro> hi ajmitch!
<GullyFoyle> wtf? i just discovered my version ov vi doesn't have syntax highlighting
<ajmitch> install vim-full
<ajmitch> or at least vim instead of vim-tiny
 * ajmitch can't remember if -full drags in the gtk/gnome versions
<GullyFoyle> are you saying my "vim" is tiny?
<ajmitch> I am
<ajmitch> Sorry
<greenfly> it's how you use vim that matters
<GullyFoyle> so vim-full is all those versions like vim-perl, vim-python etc. rolled inti ine?
<GullyFoyle> *into one
<jcastro> you want "vim"
<GullyFoyle> ah ok that worked. ajmitch was right, i had a tiny vim.
<jcastro> isn't there enough room on the server cd for normal vim?
<frojnd> How can I get info if I have IDE cables or SCSI in my laptop. dmidecode doesn't say anything about IDE or SCSI ?
<frojnd> Any ideas?
<giovani|work> frojnd: SCSI? laptops don't use SCSI
<giovani|work> do you mean SATA or IDE? the kernel will detect that
<frojnd> giovani|work: I'm ocnfiguring custom kernel, that's why I'm asking...
<frojnd> so no SCSI enabled in custom kernel
<frojnd> giovani|work: does latptops have PCMCIA SCSI adapters?
<frojnd> or SCSI device handlers?
<Sam-I-Am> frojnd: why are you compiling a custom kernel?
<frojnd> Sam-I-Am: since mac80211 is supported under 2.6.29 kernel....
<frojnd> I'm at the Device drivers-> Network Device support -> Wireless LAN. My wireless card is broadcom bcm43xx integrated into laptop. Can I safe enable just for this card or any other? Can I then still put into my laptop usb/wifi cards? And they would be recognized? Or I have to check under Wilerelss LAN section for usb wifi cards?
<Sam-I-Am> you'd need to add everything you might need as a module
<Sam-I-Am> so here's a thought
<Sam-I-Am> grab the config from the latest ubuntu kernel
<Sam-I-Am> make oldconfig in the new source
<Sam-I-Am> then add the one driver you need
<Sam-I-Am> whole lot easier than trying to figure out whats all going on in the kernel... especially with laptops.
<frojnd> Sam-I-Am: hm..
<Sam-I-Am> i think karmic uses .29
<Sam-I-Am> so you can just grab that kernel
<frojnd> cp /boot/config-$(uname -r) .config && yes "" | make oldconfig
<frojnd> this copies the old settings into new kernel I've downloaded right?
<Sam-I-Am> pretty much
<frojnd> if I'm in /usr/src/linux-2.6.29.4/
<frojnd> but when I do xconfig
<frojnd> Man I tell you... most of the things are enabled..
<frojnd> so ubuntu by default enables tons of thing that I don't need
<Sam-I-Am> eh
<Sam-I-Am> you're better off not screwing with that stuff
<Sam-I-Am> unless you really know what you're doing
<frojnd> Sam-I-Am: if I build this kernel...
<frojnd> It's like 3.3gb big..
<Sam-I-Am> most everything is modular these days... completely unused unless its needed
<Sam-I-Am> the kernel is probably a few megs when its done
<frojnd> I don't know from where if original or factory kernel is about few MB...
<Sam-I-Am> the source tree is huge, yes
<Sam-I-Am> but the compiled kernel is small
<Sam-I-Am> karmic is at .30
<Sam-I-Am> http://packages.ubuntu.com/karmic/linux-image
<Sam-I-Am> you can dpkg -i one of those
<frojnd> Sam-I-Am: wait...
<MTecknology> I have a problem... The Drupal repo is horribly out of date...
<frojnd> if I do du -hs du -hs /usr/src/linux-2.6.29.4/
<frojnd> sorry
<frojnd> just du -hs /usr/src/linux-2.6.29.4/
<frojnd> I get a size of 3.3gb
<Sam-I-Am> and so thats the source and perhaps objects if you compiled it
<frojnd> Sam-I-Am: this is the new kernel right?
<frojnd> or it's not? :S
<Sam-I-Am> that would be the source code for the kernel
<Sam-I-Am> whether or not you turn things on and off does not change that size
<Sam-I-Am> it just changes what gets compiled into the kernel
<MTecknology> Anyone know of an up-to-date ppa for drupal in ubuntu?
<frojnd> Sam-I-Am: but I still need it...
<Sam-I-Am> still need what?
<frojnd> Sam-I-Am: I mean it eat's my space
<frojnd> I only have 8gb
<Sam-I-Am> you dont need the source after you're done compiling
<Sam-I-Am> you should follow the ubuntu/debian way of building the kernel otherwise you'll lose the headers and whatnot... then you cant add modules later
<Sam-I-Am> which is why in the end its just better to use the prepackaged kernel
<frojnd> Sam-I-Am: no in my case not..
<frojnd> Sam-I-Am: I build the kernel I only have 1.5gb left
<frojnd> then I try to install the modules..
<frojnd> on my surprise I can't since no space left...
<frojnd> is it a way to isntallem somwhere else?
<Sam-I-Am> well, thats a problem
<frojnd> or can I build a kernel somwere else than on / ?
<Sam-I-Am> sure
<Sam-I-Am> it doesnt care
<frojnd> really?
<Sam-I-Am> but i still cant figure out why you're building a kernel
<frojnd> I mean can I mount a partition?
<Sam-I-Am> sure
<Sam-I-Am> or symlink it
<frojnd> Sam-I-Am: let say /dev/sda5 has 20gb left...
<Sam-I-Am> is it already mounted somewhere?
<frojnd> no but  Ican mount it right away
<Sam-I-Am> so copy all the junk in /usr/src/linux-* to it, then mount it on /usr/src
<Sam-I-Am> or some variant
<frojnd> Sam-I-Am: wait..
<frojnd> I mounted /dev/sda5 to /mnt
<frojnd> it's not empty partition...
<frojnd> now I have to copy /usr/src/linux-* to /mnt/new_dir/ ?
<Sam-I-Am> yes
<frojnd> ok done
<frojnd> now I have to type make in that folder?
<Sam-I-Am> uh
<Sam-I-Am> you should really be using the debian way to build a kernel so you get packages
<frojnd> erm..
<frojnd> but I'm not :)
<Sam-I-Am> i noticed
<Sam-I-Am> and you're going to have a mess
<frojnd> so how can I build kernel in this new direcoty?
<Sam-I-Am> the same way you would in the other directory
<frojnd> and after it's complete
<Sam-I-Am> then you install it
<frojnd> can I install modules in that directory?
<Sam-I-Am> no
<Sam-I-Am> the installation goes in /
<Sam-I-Am> in various places
<Sam-I-Am> but that part is small
<frojnd> Sam-I-Am: ok.. but how can I tell the linux to do that
<frojnd> or it will figure it out
<frojnd> and from /mnt/new_dir install it into / ?
<Sam-I-Am> should
<jmedina> frojnd: did you read the README file in sources tree?
<frojnd> jmedina: no
<jmedina> there is an example how to build a kernel in another directory
<jmedina> frojnd: that is the fist place :P
<kirkland> jbernard: yes, definitely
<kirkland> jbernard: definitely -> cron @reboot
<frojnd> jmedina: readme in source file
<frojnd> let me check
<jbernard> kirkland: ok cool, otherwise we'd be at the mercy of Keybuk's time schedule ;)
<kirkland> jbernard: heh ;-)  yeah
<kirkland> jbernard: i'll take a look at it this week or next
<kirkland> jbernard: sorry, my focus has been very divided today
<jbernard> no worries
<jbernard> you mean the cron update?
<jbernard> i can hack that out if you like
<kirkland> jbernard: yeah, that would be great
<jbernard> so, here's a thought...
<kirkland> jbernard: btw, do you have any outstanding merge proposals that I've missed?
<jbernard> if we integrate with upstart, the essentially precludes debian from including this package in their distros unless they make the leap to upstart
<jbernard> prehaps we should have a cron/@reboot option in addition to upstart integration
<kirkland> jbernard: fair enough
<jbernard> no merge proposals pending
<jbernard> kirkland: ok cool, ill try and get the cron stuff in there as soon as i can carve out some time, hopefully this weekend
<kirkland> jbernard: sounds great
<FFForever> what is a good ftp server?
<billybigrigger> im trying out scp
<FFForever> i am thinking of proftpd with the mysql mod
<billybigrigger> i've been told its alot more secure than ftp
<FFForever> billybigrigger, this is for a client not me personally
<billybigrigger> ahh
<FFForever> and yes it is...
<billybigrigger> i used proftpd
<billybigrigger> ahh maybe you can help me then
<billybigrigger> do you use scp?
<FFForever> yeah
<FFForever> ;)
<billybigrigger> im trying to move a file from my desktop "alixandra" to my server "cabo" the file is located in /var/www/www.tgz and im trying to put it on my server's /var/www
<billybigrigger> but get this errror
<billybigrigger> billybigrigger@alixandra:/var/www$ scp -p 2222 billybigrigger@cabo:/var/www/www.tgz /var/www/www.tgz
<billybigrigger> /var/www/www.tgz: No such file or directory
<FFForever> i cheat i use gnome to do all of my scp ;)
<billybigrigger> cheater :P
<ajmitch> billybigrigger: it's scp <source> <destination>, so swap them round
<ajmitch> assuming that you have write access to /var/www on the server as billybigrigger
<billybigrigger> ahh maybe thats the prob
<billybigrigger> write perms, duh
<ajmitch> "no such file or directory" was because you were trying to fetch www.tgz from your server, not copy to it
<billybigrigger> i still get that error
<billybigrigger> scp -p 2222 billybigrigger@cabo:/var/www/www.tgz /home/billybigrigger/www.tgz
<billybigrigger> tying to put the file in my ~/ on the server
<ajmitch> cabo is the server?
<billybigrigger> yes
<billybigrigger> look, i tried both ways
<billybigrigger> billybigrigger@alixandra:/var/www$ scp -p 2222 billybigrigger@cabo:/var/www/www.tgz /home/billybigrigger/www.tgz
<billybigrigger> /home/billybigrigger/www.tgz: No such file or directory
<billybigrigger> billybigrigger@alixandra:/var/www$ scp -p 2222 billybigrigger@cabo:/home/billybigrigger/www.tgz /var/www/www.tgz
<billybigrigger> /var/www/www.tgz: No such file or directory
<ajmitch> if so, and you have /var/www/www/tgz on the local computer, scp -p2222 /var/www/www.tgz billybigrigger@cabo:/home/billybigrigger/www.tgz
<billybigrigger> ahhh
<billybigrigger> my bad :P
<oh_noes> If i was shuttdown Ubuntu server to image it (for Ghost like deployment) .. what things should I clean up on the first reboot?
<billybigrigger> wtf
<oh_noes> I have a script which runs once then deletes itself, which cleans out the local ssh host keys
<billybigrigger> ssh: connect to host cabo port 22: No route to host
<adaptr> oh_noes: /etc/network/interfaces, /root, /var/log, and any stuff lying around /home
<oh_noes> it's DHCP, so thats identical
<oh_noes> how do I clear out all files including hidden files from /root?
<billybigrigger> anyone aware of what file or directory i need to copy a mysql db?
<billybigrigger> i setup a new box last night, it has apache/mysql/php setup right now
<billybigrigger> i have copied over my /var/www from this machine to the new machine, now i just need to copy the db info over, how would i go about that?
<fbc-mx> billybigrigger, I would do a command-line export then scp them all to the new machine.
<fbc-mx> billybigrigger, then of course do command line import..
<ajmitch> mysqldump, then create a new db on the server with mysqladmin, import with mysql
<fbc-mx> billybigrigger, there is a way from the mysql command line to tell it to include the create DB line in the export file.
 * ajmitch doesn't find it too onerous to use mysqladmin to create one
<fbc-mx> ajmitch, importing DB does not work very well with phpmyadmin when they are over like 20 megs which is why I highly recommend learning and using the command line mysql.
<ajmitch> fbc-mx: which is what I'm suggesting as well
 * ajmitch never mentioned phpmyadmin
 * fbc-mx opps
<billybigrigger> the db's aren't that big
<billybigrigger> very small, i have 1 setup for roundcube which is my webmail, and also drupal, but both are very young
<fbc-mx> billybigrigger, then you might get away with using phpmyadmin.. but like I said I've run into problems before with it...
<billybigrigger> no biggy, i'd loose my current emails and have to re-config drupal...
<billybigrigger> ahh, i didn't even think about getting dovecot/postfix going first...
<billybigrigger> geez...what a pita
#ubuntu-server 2009-06-05
<fbc-mx> billybigrigger, oohh oohhh I like pita...
<fbc-mx> billybigrigger, and pumpernickel too.
<billybigrigger> lol what the hell is pumpernickel?
<fbc-mx> billybigrigger, type of German bread traditionally made with coarsely ground rye
 * fbc-mx rolls his eye..
<billybigrigger> hmm
<billybigrigger> sounds good
<billybigrigger> i like rye bread
<billybigrigger> if they are at all similar :P
<orudie> question. is there a way to make it so that when the message is rejected by either amavisd-new , spamassassin, or clamAV the error was returned to the sender ??
<racecar56> can someone help me with a hp mediasmart ex475? i havent been able to get this thing to work since december 2008
<racecar56> i want to get ubuntu server on it
<racecar56> is anyone here?
<fbc-mx> how can I SU ROOT? or whatever the equivalent is in ubuntu
<ajmitch> if you really really need to, sudo -i
<fbc-mx> ajmitch, ahh....
 * fbc-mx marvels
<twb> Actually sudo -i is equivalent to su -
<twb> If you want su without the -, you need sudo -H -s.  But usually you want sudo -i / su -, and just don't know it.
<fbc-mx> twb, yeah sudo -i was what I was looking for... There are some directories that EBOX sets up as shares, and you can't get to them unless your root.
<fbc-mx> twb doing sudo cd <dir name> was kinda dumb.. might as well become root.
<fbc-mx> how do I prevent the gdm from loading when the computer boots up?
<twb> cd is not a command.
<twb> It's a sh builtin.
<twb> Ideally, you should not have gdm installed in the first place, on a server.
<twb> But you can use update-rc.d (or rcconf, for a GUI) to disable it
<fbc-mx> twb, I had to, due to the it was requirement for the adoption of the linux platform as a server.
<twb> Oh, I fucking hate that.
<fbc-mx> twb, I have other administrators here that couldn't use a command line to save their life.
<twb> I have to put it on servers, too, because "customers expect to log into the server directly; it's what they are used to on Windows"
<fbc-mx> twb, exactly
<twb> fbc-mx: IMO servers should be headless; if you want a GUI then use remote X or VNC
<fbc-mx> twb, that's been my biggest issue.. I'm used to just using a command line.
<fbc-mx> twb, I agree it should be headless... However my skills are not sufficiently honed that I could setup a server with remote x or vnc.
<fbc-mx> twb, I'm actually quite happy with the command line.
<fbc-mx> twb, maybe I'll find a remote x HOWTO  one day.
<fbc-mx> gotta run guys
<M4d3L> hi. after update to 9.04, phpmyadmin give me this error : Connection for controluser as defined in your configuration failed.
<slestak_> please humor me, i think this question is better asked here than in teh desktop room, even though it is abt desktop.
<slestak_> i always considered dnsmasq to be a server soln, and I am trying to figure out the rationale for it being included in the jaunty desktop?
<slestak_> what is it being used for, not a dhcp server, and you done need a local dns cache for every desktop, wouldnt you want one per lan?
<twb> slestak_: as a DNS cacher
<slestak_> in the past i have kept a dnsmasq instance running to provide local name resolution for a small home lan.  I dont think this complicates or changes anything now that 4 of the machines on teh lan are all running dnscache (for a different reason).
<slestak_> is it stupid to consider using the wap for dhcp, but dnsmasq on only local dns?  bind seems overkill for my needs.
<slestak_> i see the ubu community docs for dnsmasq, but it really deals with dhcp services, nothing relly abt my need for local dns
<slestak_> maybe bind is the better tool for me.
<billybigrigger> anyone have a good howto on dovecot-postfix?
<slestak_> pdnsd looks interesting
<slestak_> i think the forum has some decent ones
<megra> does someone have a good knowledge on php/apache with suexec/fastcgi ? i have some questions
<megra> some questions on the security it brings
<megra> is there anybody ?
<ScottK> !ask | megra
<ubottu> megra: Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<megra> fine
<megra> most of the documentations are saying "execute your php-code with CGI because executeing it as an apache module make executed by www-data"
<megra> however, executing php from apache allow to create a php.ini the user won't be able to change
<megra> with CGI, the user ca change it's php.ini ...
<megra> it can be done that way: "export PHPRC=/directory/"
<megra> is there a way to prevent user from having its own customized php.ini ?
<megra> i really don't won't users to be able to modify the max_execution_time or memory_limit
 * billybigrigger just realised this old pentium 166mhz should have stayed in my dad's basement
<billybigrigger> 98mb ram is not the greatest for running web/mysql/mail :P
<billybigrigger> does ebox require gnome or something?
<billybigrigger> i thought it was a web based admin tool?
<billybigrigger> why does it install libgtk2.0 and libxfont, xfonts...basically a bunch of x crap, a web based admin tool should run on this headless server a see that it's headless and not install a bunch of junk
<megra> what do you think of mounting its /tmp on a tmpfs ?
<ScottK> billybigrigger: IIRC it requires gconf which recommends a bunch of stuff.  If you install without recommends, it should be OK.
<billybigrigger> too late :P i started my rant after i looked at what it installed :P
<billybigrigger> hmm
<billybigrigger> http://imagebin.ca/view/FLue_5r6.html
<billybigrigger> i get that on a fresh ebox install
<billybigrigger> why does my server have an invalid certificate? afaik i didn't create any certs, so is that something fubar'd on the ebox install?
<MTecknology> How do I enable automatic security updates for Ubuntu?
<megra> MTecknology, for the server ? no idea
<megra> MTecknology, but there has to be a package for that ;)
<megra> MTecknology, found it !
<megra> MTecknology, cron-at
<megra> MTecknology, cron-apt
<MTecknology> thanks
<MTecknology> :)
<megra> MTecknology, it could have been done easily .. cronjob + apt-get
<jmarsden> MTecknology: sudo apt-get unattended-upgrades  # see https://help.ubuntu.com/9.04/serverguide/C/automatic-updates.html
<MTecknology> jmarsden: thanks
<jmarsden> No problem :)
<pteague> anybody here familiar with lftp? i'm having issues with it trying to set the wrong timestamp when uploading files & i'm not sure why
<twb> MTecknology: apt-get install cron-apt
<twb> MTecknology: edit /etc/apt/apt.conf (creating it if necessary) as described in /etc/cron.daily/apt's comments.
<twb> You may also want to install unattended-upgrades
<MTecknology> twb: yup, I got that - thanks :)
<twb> But obviously u-u does nothing if you don't configure apt.conf
<MTecknology> hrm - missed that :P
<MTecknology> twb: and now I'm lost
<MTecknology> /etc/apt/apt.conf is empty and /etc/cron.daily/apt isn't making things simple
<twb> man 5 apt.conf?
<MTecknology> twb: thanks :)
<uvirtbot> New bug: #383839 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/383839
<tonyyarusso> twb: For future reference, it would have been way easier to tell him to read /usr/share/doc/unattended-upgrades/README - seems easier to follow.  (And doesn't put anything in /etc/apt/apt.conf, but rather properly follows the Debian config model of /etc/apt/apt.conf.d/ files.)
<Appiah> I'm having problems logging into a server (SSH) , I get to enter username , then it takes a really long time before password prompt shows up , and when im entering the password it timesout
<tonyyarusso> Appiah: Do you have an out-of-band way of accessing said server?
<tonyyarusso> Appiah: Sounds like some form of resource overload to me.  Either CPU or memory mostl likely.
<Appiah> either that or some dns issue
<tonyyarusso> Easy way to test that theory.  Do you know the IP address?
<Appiah> I'm trying both from here (vpn) and from a server is which is in the same network
<Appiah> yupp
<tonyyarusso> Using the IP address from something on the same subnet won't go anywhere near DNS stuff.
<Appiah> i thought it might have to do with the reverse
<tonyyarusso> I mean, there *could* be some other form of a network issue, but my money's on a runaway process.
<Appiah> hmm
<tonyyarusso> Does it take a long time to get to the username prompt as well?
<Appiah> nope
<tonyyarusso> Okay, now that is slightly odd.
<tonyyarusso> I don't suppose you have any machines set up to do SSH key auth on this server?
<Appiah> nah
<Appiah> I'm gonna get some to check the console
<Appiah> someone*
<tonyyarusso> Also, is the server still fulfilling its normal functions okay?
<Appiah> well it's not in production so :D
<tonyyarusso> ah, cool
<tonyyarusso> Yeah, console access will be needed.
<tonyyarusso> What's it running?
<tonyyarusso> (services-wise)
<Appiah> hmm
<tonyyarusso> (We're in blatant curiosity territory now, so don't think too hard.)
<Appiah> SSH and Webmin should be on
<Appiah> cant reach the webmin though >_>
<Appiah> feels like a reboot should be all
 * tonyyarusso guesses a script going OOM, sits back to wait for someone to prove him right
<tonyyarusso> Or, you know, otherwise.
<Appiah> oom?
<tonyyarusso> out of memory
<Appiah> haha
<Appiah> same thing happend at console,  asked him to just reboot
<tonyyarusso> Now we'll never know :(
<Appiah> no way to find out really >_>
<Appiah> if it happends again I have to find out what's happening
<Appiah> tonyyarusso: even after reboot it does the same >_>
<Appiah> maybe the pam is screwed up
<Appiah> or nsswitch
<Appiah> anyway to reset all pam changes?
<Appiah> nvm it was the nsswitch
<a_ok> when i put ulimit -m 800; in /etc/profile will programmes started by init (init.d scripts) adhere to this?
<Alex_21> Hi, all,
<Alex_21> I have two disks that were previously set up as RAID1 with lvm. How can I reinstall Ubuntu onto these disks and reclaim them?
<Alex_21> I tried to delete the md0 device but it failed
<Alex_21> Please help
<iulianpojar> Alex_21: try to install from ubuntu alternate disk
<Alex_21> Why?
<Alex_21> I used the Server CD
<Alex_21> Or should I say I am using the Ubuntu Server CD at the moment
<Alex_21> I'm stuck on the partitioning screen
<Alex_21> Also, ... when making partitions for RAID 1, ... Do I have to set the bootable flag to "ON"
<Alex_21> ? Please
<huats> Hi everyone !
<Alex_21> Hi,
<Alex_21> I can't delete RAID 1 device MD0 from the SErver installer. How can this be done
<_ruben> Alex_21: you dont care about any data on it ?
<_ruben> and is the raid using partitions or complete disks?
<Alex_21> There is a partition that is the full size of the disk
<Alex_21> In question
<_ruben> hit enter on the disk itself, it'll ask if you want to create a new disklabel .. that might wipe out the raid traces .. if that doesnt help .. then you might need to wipe out the first few K of the disk using dd
<Alex_21> DD?
<Alex_21> I am a bit of a Noob at this
<Alex_21> I am a bit of a Noob at thisRC
<Alex_21> I need guidance
<dthacker> Alex_21: This may help, use at your own risk.  http://www.linuxquestions.org/questions/linux-newbie-8/learn-the-dd-command-362506/
<Alex_21> I see this, ... but I don't see how to use it to wipe out sections of the disk to remove the traces of RAID 1
<Alex_21> Please help
<ghostlines> I have a nfs server, but I can share all directories except /media/
<ghostlines> I can see the folders in /media/ but I can go into any of them
<ghostlines> this looks like a permission issue but i chmod 777'ed the whole directory
<_ruben> can a local user enter those dirs?
<ghostlines> can anyone help me with this? I'm running jaunty 64bit
<ghostlines> yep, a local user can enter them
<ghostlines> *sorry I can see the folders in /media/ but can't enter them
<ghostlines> when I enter them i see nothing
<ghostlines> I'm allowed to go in but see nothing
<_ruben> so you can enter the directories, but cant list its contents.. that's an odd one
<_ruben> did you chmod recursively?
<ghostlines> I believe i did do it with the -R switch
<ghostlines> I'll try again
<ghostlines> nope still no dice
<ghostlines> I got it to work now, but the recursive chmod wasn't the solution
<ghostlines> in my /etc/exports i had /media/   instead of /media/sdb2
<kwork> what was it then
<ghostlines> i thought /media/ was enough to go into the child directories
<ghostlines> I find that strange though, does anyone know why this may be?
<Sam-I-Am> because /media is a dynamic mount point for removable media
<Sam-I-Am> i'd avoid using it for permanent mounts
<Sam-I-Am> use /srv instead
<ghostlines> ahh k thanks
<ghostlines> but my /media/sdb2 is a harddrive partition i thought it should stay in /media/
<ghostlines> so it's advisable to just edit my fstab then
<Sam-I-Am> sure
<Sam-I-Am> its a fine mount point if you're not exporting over nfs
<ghostlines> ahh k thanks alot man, one other thing do you think making a symbolic link to my /media/sdb2 would work
<ghostlines> so does nfs follow symbolic links?
<Sam-I-Am> on the same FS, yes
<Sam-I-Am> otherwise no
<ghostlines> ahh k cool
<Sam-I-Am> if you want /media/sdb2 to appear somewhere else for NFS exporting, bind mount it
<uvirtbot> New bug: #383926 in openssh (main) "ssh-aggent stopped accepting connections" [Undecided,New] https://launchpad.net/bugs/383926
<ghostlines> hmmm, never heard about bind mount I'll look into ti
<ghostlines> *it
<Sam-I-Am> it allows you to mount a filesystem to more than one place
<Sam-I-Am> for example, to /home on the local machine, but also /srv/home for nfs exporting
<ghostlines> damn, that's handy
<ghostlines> can I then edit fstab to mount -bind directories at boot
<Sam-I-Am> yes
<Sam-I-Am> its a mount option
<ghostlines> cool, I'm going to try it now
<Sam-I-Am> or type...
<moonpup> does ubuntu server have a bind-chroot package like red hat to set this environment up automatically?
<FFForever> what is the latest kernel?
<triden01> hello all.  I've looked around and can't find the answer to this..  Where is the proper place to ask questions regarding Sparc support for 8.04 server
<triden01> I know its now been downgraded to a "port" for 8.04
<triden01> hello all.  I've looked around and can't find the answer to this..  Where is the proper place to ask questions regarding Sparc support for 8.04 server
<triden01> I know its now been downgraded to a "port" for 8.04
<genii> triden01: http://ubuntuforums.org/forumdisplay.php?f=146
<minesh> hi ppl
<billybigrigger> anyone here use ebox?
<billybigrigger> is it normal for it to have firefox complain about ebox's security certificate right out of a fresh ebox install?
<oruwork> question. how can i lock the user in his home directory ?
<highvoltage> so that he can't navigate to any other directory!?
<highvoltage> that would be close to impossible, users need to be able to read things in /usr, /etc, among other things
<Mip5> Hey Gang - I'm trying to have my ltsp clients bind to an osx ldap server (10.5). Would it be the same process to have a single jaunty client bind to the mac osx ldap server?
<oruwork> highvoltage-> its for sftp
<oruwork> i want to disable everything but sftp
<oruwork> for that user
<SirStan> billybigrigger: of crouse.
<SirStan> course*
<billybigrigger> roger
<highvoltage> oruwork: ah, iirc there's a shell that's caused sftponly which you can install which would allow that
<oruwork> hmmm
<oruwork> so i just created a user for my sftp account
<oruwork> and generated a new ssh key for him
<oruwork> should I manually create .ssh directory in his home directory ?
<oruwork> so to allow my new user to connect with ssh key, is it normal to manually create .ssh directory in his home ?
<SirStan> oruwork: What else would create the directory?
<oruwork> i dont know
<oruwork> for some reason its not working :P
<oruwork> meaning..., the new key doesnt work for my new user :P
<oruwork> i'll try to put my existing key in there that works for testing purpose
<FFForever> Hi
<FFForever> when using du -s /home/chris what size format does it output?
<jmedina> FFForever: man du
<jmedina> you can change the output format, for kb, mb, etc
<MK-ubuntu> hi, I was wondering if there is a way of reinstalling distro over romotely.
<MK-ubuntu> I have a server in IDC but they installed Desktop edition instead of server edition, thats ehy.
<oruwork> can someone help me to configure sshd_config with ForceCommand, Subsystem, and ChrootDirectory ?
<oruwork> trying lock my ftp user account in home directory
<billybigrigger> ftp user?
<billybigrigger> what ftp deamon?
<billybigrigger> why don't you configure chroot in your ftpd's config?
<pteague> is there some way to get a fixed version of subversion? 1.5.x has borked merging... need 1.4 or 1.6
<oruwork> billybigrigger-> thats exactly what i'm trying to do , chroot
<oruwork> billybigrigger-> just not sure how to do it
<billybigrigger> and i asked you....
<billybigrigger> <billybigrigger> why don't you configure chroot in your ftpd's config?
<billybigrigger> are you using vsftpd? proftpd? pureftpd?
<oruwork> billybigrigger-> not sure , just ssh
<oruwork> never isntalled any ftp daemons
<billybigrigger> hehe
<oruwork> i was looking at http://www.debian-administration.org/articles/590
<billybigrigger> setup an ftp deamon
<giovani|1ork> what do you need an ftpd for?
<billybigrigger> then in the ftpd's config setup user chroot
<billybigrigger> sftp is different than ftp :P
<giovani|1ork> sftp isn't related to ftp, yeah
<giovani|1ork> let's not confuse the two
<billybigrigger> iirc sftp is built into ssh
<giovani|1ork> yes, it's not FTP
<billybigrigger> yeah
<billybigrigger> oruwork::: ok what's your problem?
<oruwork> well.. just trying to figure out how to make my ftp user locked in home directory thats all
<giovani|work> oruwork: what ftpd are you using?
<oruwork> none, ssh
<Hecate> so, are you using an ftp-server or do you wanna do it using your ssh-server?
<oruwork> just ssh
<oruwork> ssh server i guess
<giovani|work> oruwork: then you're not using FTP ... you just said "my ftp user"
<oruwork> oh
<oruwork> ok
<Hecate> yeah, it confused the shit outta some ppl ;)
<billybigrigger> oruwork::: seriously, whats the problem? that guide seems pretty simple
<Hecate> if this is not the guide you're talking about, it's pretty good: http://www.debian-administration.org/articles/590
<oruwork> yes that
<oruwork> lol
<giovani|work> so what's the problem?
<oruwork> just confused with the group
<Hecate> oruwork, if you persist on logging the users file transfer action, chrooted sftp is gonna make it very difficult
<billybigrigger> Hecate::: that's the exact guide he's talking about
<oruwork> Match group sftponly
<Hecate> well, from time to time i happen to have a lucky shot
<oruwork> do i need to create a group before i modify sshd_config ?
<Hecate> depending on your sshd_config
<Hecate> if you do it the match way (as you posted above), then: yes
<oruwork> well the only thing that i modified in sshd_config is disabled password logins
<Hecate> now you're confusing me, too
<Hecate> if you didn't modify your sshd_config, how do you expect it to do the chrooted sftp?
<Hecate> brb
<heath|work> I need to make an NFS server for Xen.  Any suggestions as to what file system to format the drives that will be holding the virts?
<Hecate> fat16
<Hecate> ;)
<diffred> hi, I've installed apache2 module, what modules I need to run cgi scripts in my localhost?
<deviantintegral> hi all. does anyone know of a way to modify default routes on a per process or per user level? I want the default route to be one destination, but have specific applications go over openvpn (their destination IP's are unknown)
<deviantintegral> it seems like firehol might be able to do it, but it's hard to tell
<oruwork> does order matter in sshd_config ?
<deviantintegral> oruwork: I don't think so
<oruwork> how can i assign a user to a group ?
<Bullterd> Hey All :)
<Bullterd> Im having really hastle trying to setup bonding with ubuntu server 8.10
<Bullterd> ive followed a buttload of tutorials on the web to no avail.
<Bullterd> Switch: http://www.usr.com/support/product-template.asp?prod=7724a
<Bullterd> NIC's: http://www.tenda.cn/product/show.php?productid-226.html
<Bullterd> im trying for bond mode 4.
<Bullterd> Ive also setup the coresponding ports on the router to be a "trunk"
<jbernard> oruwork: adduser <user> <group>
<jbernard> oruwork: check the adduser manpage, lots of good stuff in there
<oruwork> ok when i do sftp user@host how can i specify the port
<oruwork> i tried sftp -p "port number" user@host and it didnt work
<Hecate> oruwork, sftp -o Port=12345 user@host
<uvirtbot> New bug: #372405 in samba4 (universe) "ldb_module.h and associated files not included in package" [Medium,Triaged] https://launchpad.net/bugs/372405
<uvirtbot> New bug: #384102 in samba4 (universe) "Please merge samba4 from debian experimental" [Undecided,New] https://launchpad.net/bugs/384102
<JorgeJorgesson> Where is a good place to go for free online LPIC training course.  Something I can do at my own pace?
<JorgeJorgesson> I always thought IBM offered one at some point.
<zoopster> JorgeJorgesson: http://www.ibm.com/developerworks/linux/lpi/
<JorgeJorgesson> zoopster: Exactly what I was trying to find, thanks a bunch!
<zoopster> np
<zoopster> JorgeJorgesson: it's pretty good...helped me a ton
<JorgeJorgesson> zoopster: I found it quite some time ago but lost track of it.  I really mean to take the full thing one day!
#ubuntu-server 2009-06-06
<billybigrigger> quick question
<billybigrigger> setting up dovecot/postfix here...now my isp blocks outbound port 25 on me, so i am using postfix and a relay server to send my mail out via my ISP's smtp server...do i need to setup sasl/tls on this setup since i will be using my isp for smtp?
<billybigrigger> i doubt my isp will accept encrypted outbound mail
<billybigrigger> errr...not encrypted...wrong word
<billybigrigger> or will it matter if it set it up? i'd rather not spend the time to figure out if it works or not....
<hggdh> billybigrigger, email can be encrypted, the headers are clear-text
<hggdh> and if your ISP needs SSL/TLS for SMTP... depends on the ISP. Rule of thumb is it should probablymatch your direct contact to the SMTP server.
<Fenix|home> Greetings
<Fenix|home> I'm in a pickle and need some help
<Fenix|home> I'm having difficulties with dmraid
<Fenix|home> my upgrade to jaunty went fine, then 2 weeks later everything died
<Fenix|home> I'm trying to use dmraid to mount my volume so I can fix it all, but I'm getting a crapload of spaces at the end and my partitions won't activate
<Fenix|home> I think the spaces are screwing everything up... anyone know how to rename my raid?
<bthompson> hey guys i am setting up a second webserver for failover...what would be the best way to ensure that each server stays configured the same exact way...active/active...also i am going to allow the firewalls to load balance accross the 2 as well..
<Fenix|home> Greetings.  Anyone active?
<jmarsden> Fenix|home: Most of us are sitting down in front of a keyboard and screen...
<Fenix|home> w00t
<Fenix|home> I'm personally ripping my hair out.
<Fenix|home> dmraid has busted my machine :(
<twb> That's what fakeraid is for
<jmarsden> You used fakeraid?  Why?  Just use software RAID, it works better and is portable across different machines?
<Fenix|home> jmarsden: well it's a bit late for that :)
<Fenix|home> fakeraid was working fine...
<Fenix|home> then it stopped working.
<jmarsden> Why ... you now have super valuable data on your machine that you didn't back up?
<Fenix|home> I upgraded to jaunty and all was fine for about 2 weeks.
<Fenix|home> now my fakeraid name has changed and my server won't boot
<jmarsden> If you boot from a LiveCD can you then see the fakerad partition and mount it?
<Fenix|home> it used to be /dev/mapper/asr_1, but now it's /dev/mapper/asr_OS             1
<Fenix|home> jmarsden: partially
<jmarsden> You can partially mount it? :)  Please explain ...
<twb> jmarsden: it's very confusing when you put a question mark at the end of statements.
<Fenix|home> RAID set "asr_OS             " was activated
<Fenix|home> RAID set "asr_OS             1" was not activated
<Fenix|home> RAID set "asr_OS             5" was not activated
<Fenix|home> the volume became available, but the partitions won't
<jmarsden> OK... I don't use fakeraid, but I'm guessing the old /dev/mapper/asr_1 name may still be in some config files.  if so, (and if you can mount your old / partition at least) you could try changing them to the new name(s) and see if that helps.
<Fenix|home> jmarsden: I agree... but how do I deal with the name of "asr_OS\ \ \ \ \ \ \ \ \ \ \ \ \ 1"?
<jmarsden> Hmmm.  It's going to depend on the syntax of the config file concerned... you can try quoting it, or try backslashing the spaces.  Probably easier to try stuff than to read the code of whatever the config file is for to determine its rules for handling spaces in strings!
<jmarsden> Do you know if there was a kernel update you picked up just before it broke?
<Fenix|home> I don't think it was a kernel update as all my kernels no longer boot
<Fenix|home> I have 2.6.28 and 2.6.27 , both -11
<Fenix|home> I think it's dmraid-1.0.0
<Fenix|home> I believe I was using dmraid-0.9.9
<jmarsden> OK.  So dmraid got updated and that broke the world.  Let me download its source and read the changelog...
<jmarsden> Hmmm.  dmraid went to 1.0.0.rc13-1 in October 2006... if you were running Intrepid, logically you'd have been using something at least that recent...
<Fenix|home> ok, so what changed?
<jmarsden> Since then?  Tons and tons of patches... none I can see in the changelog that look obviously relevant to your situation, but there is so much it is hard to tell.
<jmarsden> There have been 23 1.0.* releases since then !
<jmarsden> I don't see anything in the changelog that looks a likely culprit, at all.
<Fenix|home> grr
<jmarsden> And launchpad shows 0 open bugs...
<Fenix|home> bug 381514 has my problem
<uvirtbot> Launchpad bug 381514 in dmraid "Jaunty not Booting with dmraid Active" [Undecided,New] https://launchpad.net/bugs/381514
<Fenix|home> except my raid has renamed itself :)
<jmarsden> Yes, I was about to say, but he doesn't mention the naming issue at all, so it's perhaps not the same issue... hard to say.
<jmarsden> The last couple of updates to dmraid in Ubuntu were done by Luke Yelavich <themuso@ubuntu.com>  -- maybe you could seek him out here on IRC or send him email?
<azazel`> WHY ubuntu server
<azazel`> and why not debian
<azazel`> pitch your distro
<Fenix|home> jmarsden: messages shows :: device-mapper: ioctl: error adding target to table
<Fenix|home> I think this is kernel related.
<Fenix|home> how do I go about an older kernel?
<Fenix|home> kern.log shows the following
<Fenix|home> Jun  6 05:22:28 ubuntu kernel: [ 3872.998802] device-mapper: table: 252:1: linear: dm-linear: Device lookup failed
<Fenix|home> Jun  6 05:22:28 ubuntu kernel: [ 3872.998811] device-mapper: ioctl: error adding target to table
<jmarsden> Fenix|home: Well, booting from a Jaunty LiveCD will get you the Jaunty kernel as at time of release...
<jmarsden> But you already tried that and it only half works... so I'm not sure how much it will help.
<Fenix|home> jmarsden: live cd is
<jmarsden> WIth the live CD, can you see all of your data?
<jmarsden> If you cn. I'd back it up to a spare single drive, then rebuild the server using software RAID and put your data back...
<Fenix|home> I'm having hit and miss with mounting the partitions
<jmarsden> Can you mount the one(s) you care about for long enough to back them up?
<Fenix|home> no
<jmarsden> :(
<jmarsden> I think you need someone who understands dmraid better than either of us do.
<jmarsden> It is not a support channel, but Luke (themuso) is currently in the #ubuntu-motu channel... whether his is physically present or just logging I don't know...
<Fenix|home> thanks
<erik78se> Nu Ã¤r din chans att gÃ¶ra skillnad! RÃ¶sta pÃ¥ Pirapartiet i morgon den 7:e juni och sÃ¤nd en chockvÃ¥g genom Bryssel! Din rÃ¶st gÃ¶r skillnad!
<^andrea^> Hi everyone... I just installed ubuntu server 8.04 and I want to connect it to a router via wireless...
<^andrea^> doing "sudo iwlist wlan0 scan" I see my network...
<^andrea^> but it has a WPA-PSK ecrypted password and I don't know how to access it...
<^andrea^> can anyone suggest me the right path to follow?
<waswas> Hi. I'm having trouble with ssh
<waswas> It's disconnecting me all the time
<waswas> and then refuses to let me connect
<waswas> If i wait like  0-5mins its working again
<waswas> ubuntu 9.04 server
<fbc-mx> waswas during that down time are your rying to ping the server to see it you still have connectivity?
<fbc-mx> waswas, You may actually be losing connectivity to your server for 5 minutes or so.
<waswas> hmm
<waswas> it seems tha i havent
<waswas> but i need to check, if its responsing when its working
<fbc-mx> waswas, When you lose ssh, ping the server to make sure you or the server haven't lost connectivity.
<waswas> it seems that firewall is blocking ping when its working
<waswas> i have to disable firewall
<fbc-mx> waswas, yeah just for testing purposes...
<waswas> Yep
<fbc-mx> waswas, is your server exposed to the internet?? on a DMOZ or collocated?
<waswas> I disconnected pppoe connection for testing
<waswas> This is kinda pain in my ass, because problem is happening random time :P
<waswas> it doesnt answer my pings, even when firewall is off
<fbc-mx> waswas, maybe it's happening when pppoe goes down, because the server need to reconfigure networking everytime the pppoe goes down. Not sure because I don't use pppoe.
<waswas> Well actually i'm connecting using LAN
<waswas> So the problem isnt pppoe, at least i dont think so
<fbc-mx> it your on a local lan, why are you running firewall unless you are on DMOZ?  Any ways, did the ping work??
<waswas> I'm running firewall, because normally its connected to the internet
<fbc-mx> waswas, I would keep a constant ping going in a terminal window so I can tell when it goes down.
<waswas> hmm
<waswas> I could try that
<fbc-mx> waswas, right... pppoe
<waswas> hmm its answering my ping when i'm using my laptop (ubuntu)
<fbc-mx> Does anyone know how to see/set BIOS settings from the command line?
<waswas> but now when i'm using my main computer what runs xp
<waswas> Heh... Of course its not disconnecting when i'm trying to find the problem :>
<waswas> hmm
<waswas> Maybe it was hardware problem ;P
<waswas> At least i hope so
<waswas> nope. It answers the ping. But ssh is crashing
<waswas> Damn, i cannot but this piece of s*** into closet, before ssh is working correctly
<waswas> maybe i should reinstall whole thing -_-
<fbc-mx> waswas, dunno, I've never had a problem with mine... Maybe the whole machine freezes for while.
<waswas> fbc-mx yeah, this is first time for me also
<waswas> If i recall right, this problem started when i used ssh pipe
<waswas> But i installed OS yesterday, so i dont know if it's the reason
<fbc-mx> waswas, ohh then uninstall ssh pipe.
<philsturgeon> Anyone know how to enable RTMP access through the iptables?
<philsturgeon> im new to messing with firewalls. i have set up a flash server from these directions: http://scottmotte.com/archives/208.html. i set it up without following the firewall steps at the top and port 80 was running fine with its built-in web server. i have followed those rules and i have an empty firewall with no rules...
<philsturgeon> i have re-enabled port 80 from the ubuntu how-to but not sure how to get RTMP live and kicking
<philsturgeon> think i got the rules
<philsturgeon> is there a way to restart iptables without a reboot?
<giovani> why would you need to "restart iptables"?
<philsturgeon> was wondering if ithat was needed to get the rules working
<giovani> ... no
<philsturgeon> seems they are not :( just manually ran all of the rules listed in that article, still no joy
<giovani> if you truly have no firewall rules ... then this is not a firewall problem
<giovani> the firewall by default doesn't block anything
<asdf-> hi, i have an old laptop that i installed xubuntu on... it is a little sluggish... i'm thinking about installing ubuntu server edition and install a window manager... does the server edition recognize hardware and auto install like regular ubuntu?
<giovani> asdf-: have you tried fluxbuntu?
<giovani> it's more lightweight than xubuntu
<giovani> but if you want to use the server install, just swap out the kernel for the desktop kernel, and you'll have the same hardware support as everyone else
<giovani> or ... simply install flux/xubuntu and then remove the window manager -- same deal, really
<asdf-> ok
<asdf-> i don't need printer support
<asdf-> so i uninstalled cups
<giovani> so remove it
<asdf-> and now everything was removed
<giovani> oh, yeah, you'll break some dependencies doing that stuff
<giovani> of xubuntu-desktop or something
<asdf-> yeah, so i thought the server edition would be a slimmer install
<asdf-> yes, exactly
<giovani> yeah, there are ways around that
<giovani> but install the server version and replace the kernel if you want
<asdf-> will it give me that option during install?
<giovani> absolutely not
<giovani> you're installing a server
<giovani> why would it offer to install a desktop kernel?
<asdf-> just curious if it prompt you for each part of the install
<giovani> it will prompt you for things
<giovani> but it's installing a server
<giovani> so it will not prompt you for anything desktop-related
<asdf-> makes sense
<asdf-> thank you for your help
<jeiworth> well well, got my / on a 60gb disc and i have a 500gb raid1, so i was thinking mounting 50gb of the raid as /var and the rest as /home, /tmp/ might also be a good idea but how big should i make it? and any other tipps are welcome
<jeiworth> ah, and it will be a file and mysql db sevrer
<jeiworth> server, even
<docc> make tmp and var independent partitions
<jeiworth> ok, but how large should i make the tmp?
<docc> if you have the space, take 20g
<docc> so you can copy a dvd in there and uncompress eg
<docc> it depends on how you use the sever
<jeiworth> yeah, i was thinking something between 10 and 50gb
<docc> single user?
<jeiworth> well, it will be fileserver and db-server for the erp and crm system of the company
<jeiworth> nono
<jeiworth> this is for a 5 man company
<jeiworth> but noone will actually be logged on directly, except for me to manage it
<docc> so make var large, about 250-300g, and split the rest
<docc> dedicated partitions keep the system running if one is taking too much space
<jeiworth> hmm doesnt leave enough for all the network shares which i will put in /home
<jmarsden> jeiworth: if you don't know how the space will be used, you could / should use LVM so you can resize things later with minimal effort.  If you do know, then ignore random advice from people who don
<jmarsden> t know your specific needs and do what works for your company :)
<jeiworth> jmarsden: hehe good point, lets see if i can configure raid partitions within an lvm with the setup tool
<jeiworth> nope
<docc> you can build lvm on top of raid
<jeiworth> hmm i guess the best thing would be to install everything on the 60gb disk and then configure the raid1-partitions manually
<jeiworth> docc: true, but with the setup i can only do a raid1 with partitions and not with the physical device, i think the way to go is to start with / on the single disk and when the system is installed create the raid1 on device level, then i would be able to create more than one lvm partition
<jeiworth> on the same raid1, that is
<jeiworth> with the setup here i have to create raid partitions and on top of them lvm partitions, but what use is that since i would have to resize the raid-partitions too if i wanted to resize an lvm partition
<jmarsden> jeiworth: ?  Create one big 500Gb RAID1 and then lvm that to divide it up however you want...
<guntbert> jeiworth: I'd say you create physical volumes on your raid partitions, then you add those into a volume group and from this vg you create your logical volumes
<jeiworth> <jmarsden> jeiworth: ?  Create one big 500Gb RAID1 and then lvm that to divide it up however you want... <-- yes, that is the idea but not possible in the server setup, i can create the raid1 and then an lvm, but i cant further create any partitions within this lvm so i cant configure mount points, hence i will have to install everything on the 60gb disk and then, after install, i can partition the lvm and set the mount points in the fstab
<jmarsden> jeiworth: OK, sure.  Sounds like the way to go then.
<jmarsden> The "partitions within lvm" are logical volumes, by the way, not technically partitions
<jeiworth> aight, thanks all
<jeiworth> jmarsden: ok, check
<jeiworth> makes sence since its the logical volume manager(tm) ;)
<drbobb> well, I recently discovered a slightly disturbing weakness in the debian packaging system, when my server crashed in the middle of an upgrade, leaving the metadata files of several packages in a corrupted state
<drbobb> (several rather important binaries, like /bin/sh, turned out to be corrupted as well)
<drbobb> some packages had corrupted postinstall scripts, and some - the pre and postremoval
<drbobb> and there seemed to be no way to configure, reinstall or remove them
<adaptr> drbobb: unless dpkg is corrupt, you can force a re-install
<adaptr> download the debs for the corrupt packages and use dpkg to force a re-install
<drbobb> well I tried, but dpkg seemed to be using the corrupted copies of the scripts in /var/lib/dpkg/info anyway
<drbobb> I finally replaced the corrupted scripts with "#!/bin/sh\nexit 0", and then succeeded in reinstalling
#ubuntu-server 2009-06-07
<Alberta> hola
<Alberta> hi
<FFForever> how do i upload a file via scp?, scp user@host /path/to/file
<FFForever> nvm...
<giovani> FFForever: man pages are your friend
<FFForever> giovani, when you have the documents installed i kinda removed them ;)
<FFForever> saving space one file at a time XD
<jmarsden> FFForever: See http://manpages.ubuntu.com/
<jmarsden> BTW, you must be working on a tiny embedded machine to be that short of space, right?
<giovani> any embedded device that's that limited on space is HIGHLY unlikely to be x86 ...
<giovani> so somehow I doubt it
<amego> hi
<johny__> hi
<johny__> what's the different between view "localhost_resolver" , view "internal" and view "external" in named.conf
<jmarsden> system_V: view internal and view external are what clients see depending on whether they are internal (local to your LAN, usually) or external (everyone else)...
<jmarsden> You will need to look for the match_clients paragraph and teh corresponding acl definitions to determine what clients each refers to in your specific case.
<system_V> thanks jmarsden
<system_V> and what's view localhost_resolver ?
<system_V> because i was trying to run caching only server
<system_V> but it seems im the only person in the netwok who can dig my self
<jmarsden> I'm not sure... maybe a view that is just for the local machine?  I've not used that one myself.  You may need to read the "BIND 9 Administrator Reference Manual" for the full story.
<system_V> do you know any good manuals
<system_V> ok
<system_V> i will google it
<system_V> http://www.bind9.net/manuals
<system_V> that one
<jmarsden> Yes.  See http://www.bind9.net/manual/bind/9.3.2/Bv9ARM.ch06.html#id2562349 for the part you probably need
<raidy_NYC> thanks (K)
<Rafael_> Need help configuring cifs to connect windows client to ubuntu server..have review man samba and other sites but have questions?
<jaypur_mb> hi can someone tell me a good monitor for my server???
<jmarsden> jaypur_mb: What are you hoping to monitor exactly?  nagios3 is one general purpose monitoring framework you could try.
<jaypur_mb> jmarsden, i am kind of new at ubuntu-server, but i'm runnnig an open arena server, so i'd like to have a monitor that could monitor, lol, temperature, cpu, and internet badwith
<jaypur_mb> bandwith *
<jmarsden> You could set up nagios to do that, I think, although there will be some work involved in configuring it.
<jaypur_mb> jmarsden, more work more learning... :D
<jmarsden> Indeed :)
<jaypur_mb> jmarsden, i've already set ssh
<jmarsden> Two other packages to check out would be munin and (for checking services are still running, etc) monit
<jaypur_mb> jmarsden, hmm to install nagios i think i'll need to get mysql on and... apache maybe...
<jmarsden> Apache yes, mysql no.   sudo apt-get nagios3 nagios-plugins-basic nagios-doc  # should do the install for you.
<jmarsden> if you can't run Apache on the server being monitored you could set up nagios on another machine and have the one you want to monitor send moitoring into to it using nrpe ... but if you are new to this that's a lot of learning!
<jaypur_mb> jmarsden, yeah thats for sure!
<jaypur_mb> jmarsden, so can i sudo apt-get from here, my laptop, and monitor my server without installing nothing???
<jmarsden> Not really.  But you can install just a few things on the server and have the pretty web interface etc on your laptop (assuming the laptop is going to be connected 24x7...
<jaypur_mb> aaah i got it...
<jaypur_mb> but what i really need is, like my friend did... like a website, with all the stats of the server...
<jaypur_mb> and i can access from anywhere...
<jmarsden> Yes, so what machine will run that web server?  Your laptop, or your main server, or some other machine?
<jmarsden> It is your choice.
<jaypur_mb> main server for sure
<jmarsden> If your friend has already done this, why aren't you asking *him* for help setting it up??
<jaypur_mb> because, i think he is sleeping
<jaypur_mb> and its like  +5hours from here
<jaypur_mb> :D
<jaypur_mb> he helped me with ssh :D
<jmarsden> :)  And a few hours is too long to wait...  long term it will be better to ask your friend, because then when you have questions he will know how to help you further...
<jaypur_mb> yeah
<jmarsden> But if you want to try installing nagios on the main server, go ahead and do the command I gave you earlier.
<jaypur_mb> but jmarsden thanks a lot
<jmarsden> Sure, no problem.
<jaypur_mb> i really love all the ubuntu support
<jaypur_mb> and i'm always helping my friends with my blog posts and at college
<jaypur_mb> so i'll ask him later
<jaypur_mb> thanks a lot
<jmarsden> Me too... I'm just a Ubuntu user like you are.  I've just been running Unix/Linux/Ubuntu for longer than you have :)
<jaypur_mb> yeah, this year i'll make 1 year of linux
<jaypur_mb> and i'm so proud of myself
<jmarsden> It will be (I think) 17 years of Linux for me later this year :)
<jaypur_mb> it's like, my life got better, and all the people i knew, all the things i did... made me a better person
<jaypur_mb> jmarsden, congratulations man, i'm happy to talk to someone is that long on the linux world
<jmarsden> Thanks :)
<gaveen> jmarsden, so you started using Linux in late 92? Wow! :)
<jaypur_mb> i'd like to make some questions to you guys...
<jmarsden> Yes, the first kernel arrived in late 1991... in late 1992 Linux fit onto two flopy disks...
<jaypur_mb> because i tell i have a server at my house, but is it really "a server"?
<jmarsden> Well, if it is running Ubuntu Server and it runs 24x7 and you use it to provide services to other people/other computers, then it's a server...
<jaypur_mb> jmarsden, damn, so i have a real server... this is a dream come true for real...
<jmarsden> :)
<jaypur_mb> i'm in this "server" thing since 2005... studying and learning...
<jaypur_mb> jmarsden, my first server was a counter-strike 1.6 dedicated from steam...
<Rafael_> anybody can help me with a guide for samba and cifs?
<jaypur_mb> and now on 2009 i've just set a ubuntu server dedicated... full time
<jmarsden> Rafael_: https://help.ubuntu.com/community/SettingUpSamba
<Rafael_> jmarsden: i have read this but have some questions?
<jmarsden> Rafael_: You can ask them and see who answers.  I used samba years ago but am not at all up to date on the details of it now.
<Rafael_> jmarsden: windwos computer store data on ubuntu server, i would like some folders to be able to access by everybody and some folder only by some users..i have read sama setup but can not understand who to do this users and groups?
<jmarsden> Rafael_: Hmm, he left already? OK.
<Guest83126> hi
<Bullterd> Hey All.
<Bullterd> I have two NIC's in the same machine, each configured to there own IP
<Bullterd> when I ping one IP, I get act lights on the one nic
<Bullterd> but when i ping the other IP I get act lights on the same nic?!
<Bullterd> Am I correct in saying its routing all traffic through the first NIC for both IP's ?
<tonyyarusso> Bullterd: Are both NICs plugged into the same switch, as well as the machine you're pinging from?
<Bullterd> yep
<tonyyarusso> What happens if you unplug the blinking one and ping again?
<lukehasnoname> Ubuntu Server needs documentation on Nagios
<lukehasnoname> I've installed the Nagios3 package, and only by searching other websites do I know that it has created its own directory link in apache. However, I do not know the default password to the 'nagiosadmin' htpasswd user, etc.
<lukehasnoname> even the community documentation is dated to feisty
 * tonyyarusso thinks proper documentation should be a requirement for acceptance into main
<twb> tonyyarusso: then you wouldn't have a kernel
<tonyyarusso> hehe
<jmazaredo> can i use the default postfix restart script and put it in crontab?
<yellabs> hello there you all
<yellabs> what are some good web based / or other gui interfaces to administer our ubuntu servers?
<yellabs> it would be for print / file share, and one web server...
<yellabs> would webmin , or ebox be any good, or are there better options?
<yellabs> any one , who has some expirience with this?
<jmazaredo> webmin
<jmazaredo> im using it for a couple of years
<yellabs> ok, seems like the best option, have you also worked with ebox?
<yellabs> is it any good?
<jmazaredo> dunno what is ebox
<jmazaredo> whats that :D
<yellabs> hehe
<jmazaredo> game console?
<jmazaredo> sorry im a beat ancient in technology
<yellabs> http://www.desktoplinux.com/files/misc/ebox_components.jpg
<yellabs> here you see an screenshot
<yellabs> its basicly also an web based gui frontend for configuring your server
<jmazaredo> ah i see
<jmazaredo> well i havent seen that :D webmin is easy "for me"
<yellabs> i am just trying to find the easiest one to use, since i am really a beginner in this
<jmazaredo> hahaha its Xbox im thinking
<yellabs> that is running an ubuntu webserver..
<jmazaredo> im using a desktop version for server
<jmazaredo> im a newbie too
<yellabs> xbox for administering your webserver, now that would bring great joy to the ict workers...:P
<jmazaredo> you can also in webmin
<twb> jmazaredo: webmin is not supported on Ubuntu
<jmazaredo> adding virtual websites
<jmazaredo> really?
<twb> webmin is basically like syphlis.  It breaks everything, and encourages you to force it on others.
<yellabs> twb is ebox supported?
<twb> yellabs: theoretically.
<jmazaredo> maybe it breaks some
<yellabs> or maybe i should ask, what web based gui might i use with ubuntu server?
<jmazaredo> all breaks
<jmazaredo> nothing is perfect
<jmazaredo> :D
<twb> Indeed; unfortunately AFAICT all web-based administrative tools for GNU/Linux systems are abysmal monstrosities that will shit all over your system.
<twb> But AIUI ebox is what Ubuntu recommends
<yellabs> did you ever see clarkconnect?
<jmazaredo> if you use gui the %tage of break is up
<yellabs> it has a very decent gui for the server admin
<twb> yellabs: isn't that a router distro?
<twb> It's logo is a thin upright triangle with a dot over it, or something
<jmazaredo> ya saw clarkconnet
<yellabs> it say's Provides core server applications
<yellabs> - mail, web, VPN, backup, file and print services...
<jmazaredo> havent tried it though ubuntu also provide that
<jmazaredo> im a newbie i don't know if this is a good advise to use the gnome for server since in takes up memory
<yellabs> uses dashboard as gui frontend
<yellabs> but afcause i am looking for something that works with ubuntu 9.04 server
<yellabs> thats the point
<twb> jmazaredo: whereas PHP takes up marshmallows?
<jmazaredo> dunno where php got its mallows :D
<yellabs> so i thought , lets ask the professionals
<yellabs> :)
<twb> "professionals" being the people you find in IRC on a Sunday?
<jmazaredo> im no pro
<twb> I'd have thought that was "execrable losers"
<jmazaredo> im a newbie
<jmazaredo> just another guy in the neigboorhod
<twb> FWIW I'm paid to babysit CentOS and Ubuntu servers, and unfortunately most of them have webmin installed.
<yellabs> hmm, you are right, sunday is not a good day for this
<twb> I know enough about webmin to STRONGLY urge you to stay well away from it.
<jmazaredo> got your point
<yellabs> yes, but whats the alternetive,
<jmazaredo> :D
<twb> Other web admin interfaces I have not studied so closely, but my impression is that they're all sucky.
<yellabs> hmm, so back to the bash eh?
<jmazaredo> no
<twb> To the point where what I have recommended we give to customers is Xvnc exporting a single-app session running the gnome-server-tools dialogues.
<twb> And if they need anything more complex, they can call us to do it from the CLI.
<twb> Unfortunately management wasn't too keen on that plan.
<twb> (Oh, and gnome-system-tools is shit.  But it's a different level of shit, IMO.)
<yellabs> i hope not that the end of this story would be to recommend windows server 2003...
<twb> Nah, the end of the story is "suck it up, twb.  You *will* install webmin, though I agree it's shit."
<jmazaredo> But for me still learning things. How twb learned the shit on webmin? you checked, from time to time he learned that its a shit
<jussi01> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<jussi01> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<yellabs> ah , now thats clear info
<twb> jmazaredo: for example, the webmin package has over one hundred errors that are *automatically* detected by the quality assurance tools.  Of those, three are severe.
<jussi01> :)
<twb> Webmin modules are of varying quality, but it's typical for them to simply delete comments or configuration they don't understand.
<jmazaredo> they have their own world :D
<twb> And while not on the same scale, it pisses me off that the default webmin interface shows *all* modules -- even the ones not applicable to the current system.
<jmazaredo> yep correct at that
<jmazaredo> all modules har har har
<jmazaredo> i thank webmin for today
<twb> Those modules whose source I have inspected also had about as many security holes as a PHP app
<yellabs> any thoughts on ebox then?
<twb> Oh, and webmin will by default listen to all interfaces and accept password-based authentication, so if you put it on a gateway server without knowing that, you'll get cracked quickly.
<twb> Most Debian services will only listen to localhost by default.
<twb> yellabs: I haven't tried it, personally, but I heard that it was badly broken in 8.10 (and 8.04?), though it may be OK in 9.04.
<yellabs> hmm, okey
<jmazaredo> all is broken :D
<yellabs> can i install virtual machine host on a normal machine ? without kvm extensions in the processor...
<yellabs> hmm, never mind, i am installing it already , we will see if its possible..
<n0de> Hi can anyone help me, I've set up a working postfix etc setup, but I cant for the life of me get SPAM to be sent through to the client (not deleted/dropped) and to show the X-SPAM-STATUS header in emails.. thx !
<jmazaredo> u using rbls?
<jmazaredo> well i don't really understand the question :)
<n0de> jmazaredo: you asking me?
<jmazaredo> ya
<n0de> oh
<jmazaredo> :(
<jmazaredo> there's someone alive at #postfix
<jmazaredo> well gtg
<n0de> I'm just running a standard ubuntu with postfix + av/anti-spam etc.. but I dont know how to set it so spamassassin doesn't delete spam, just to forward it on to the mailbox and set X-spam-status flag to yes
<jmazaredo> check spam assassin
<jmazaredo> maybe this will help http://www.debuntu.org/postfix-and-pamassassin-how-to-filter-spam
<NativeAngels> hello im building a webbased control panel but am stuck when it comes to executing root commands
<NativeAngels> can someone help
<rainer_> hi all... is there a way to get a karmic vm using vmbuilder?
<rainer_> i'd like to try karmic, but without screwing up my system ;)
<philsturgeon> anyone here set up red5 on ubuntu?
<MTecknology> How do I check what's listening on a port?
<MTecknology> I used netstat -a and I see this tcp        0      0 localhost:smtp          *:*                     LISTEN
<MTecknology> I have no idea what app that is though
<jmarsden> MTecknology: sudo netstat -ntlp   # will show you the process that is doing the listening
<MTecknology> thanks :)
<jmarsden> No problem.
<jmarsden> MTecknology: Note that it is listening only on localhost, so there is no network security risk from that.
<MTecknology> jmarsden: I'm trying to figure out why mail isn't being sent through it
<MTecknology> http://ubuntu.pastebin.com/d5558db03
<jmarsden> well, it seems there is outbound mail in your mail queue, so the listening part is not the issue.
<jmarsden> It listened well enough to accept that mail and queue it up.
<MTecknology> can I flush the queue at all?
<jmarsden> I'm not at all knowledgeabel about exim, but you'll want to ask it to try those delivery attempts to your smarthost (you did configure a suitable smarthost, right?) with some level of debug turned on and see why it is not delivering them, I think.
<jmarsden> http://wiki.exim.org/TroubleShooting   # may be handy
<MTecknology> exim can send the mail, right?
<jmarsden> Yes, it will once it is set up correctly -- looks to me like there is soemthing you did not configure quite right yet.
<MTecknology> I'll run dpkg-reconfigure exim4-config
<MTecknology> mail sent by smarthost; no local mail
<MTecknology> IP address or host name of the outgoing smarthost:
<MTecknology> I bet I did that wrong
<MTecknology> What should it be? localhost?
<jmarsden> No :)  The smarthost, the remote machine that you have permission to send out your email through.  A mailserver out there on the Internet somewhere... your ISPs mailserver, perhaps.
<MTecknology> would smtp.gmail.com work if that's it's final destination?
<MTecknology> I thought exim could send the mail out itseld
<MTecknology> itself*
<jmarsden> It can... you chose to use a smarthost... so it needs to have one... why di dyou choose to use a smarthost if you don't knwo what a smarthost is??
<MTecknology> because I apparently didn't read the first option in the list
<jmarsden> :)  OK!
<MTecknology> lol... exim is REALLY happy now
<MTecknology> and now messages from 3 days ago arrive
<jmarsden> :)
<MTecknology> thanks :)
<jmarsden> No problem.
<Rafael_> have 5 windows computer and ubuntu server, i want all of them to be able to access for example Folder A, only 2 of them to see folder B, only 1 of them to be able to write and read Folder A..how do id o all this groups and users..i am confuse..also i see that the way to go now is cisf compare to smb..were can i find help for this?
<phoenixz>  Is there a program that can create a customized ubuntu install CD with the packages that I want and some commands automatically executed? I need to have a non-interactive install CD that I can just copy 50 times, shove one in each new server that I get and when the server boots it will automatically install ubuntu, reboot and leave the server ready to run...
<steffan> phoenixz: isn't that possible installing over a network?
<phoenixz> steffan: yeah, looking into PXE booting now actually..
<victorbrca> Hello, I need to install inetd on a 8.10 server to share a scanner over the network. Anyone know if by installing inetd would create problems on already running apps, like vmware?
<phoenixz> victorbrca: AFAIK, it should not cause a problem.. just for curiosity.. sharinng a scanner over the network, how would you do that?
<victorbrca> phoenixz: https://help.ubuntu.com/community/ScanningHowTo
<phoenixz> victorbrca: Im asking because at or office, we have one of those all in one printer scanner copiers.. Its connected directly to the network.. I can print to the thing but scanning, no way..
<phoenixz> thanks!
<victorbrca> phoenixz: I was thinking about buying an HP and use HPLIP to share printer and scaner, but looks like HPLIP does not support scanning over the net.
<phoenixz> victorbrca: this thing is also an HP
<victorbrca> phoenixz: I'm waiting for a reply from them to be sure before I buy it...
<victorbrca> phoenixz: https://answers.launchpad.net/hplip/+question/73447
<victorbrca> phoenixz: But for now I'm going to try and share a canon scanner that I already have
<steffan> /4/7
<phoenixz> steffan: would it be possible to have a "virgin" server (no os yet) boot from PXE and have it automatically download and execute an ubuntu installer?
<steffan> phoenixz: PXE can boot using a network interface, I'm not sure about grabbing the installer from elsewhere and installing though
<steffan> phoenixz: That's probably not a question for #ubuntu-server, try looking at some PXE support groups
<steffan> phoenixz: I don't have much experience with automating installations (but it is possible as far as I know), I only have experience with network installations
<phoenixz> steffan: well, it is related to ubuntu-server since thats what needs to be installed.. :) the PXE part is not a problem
<steffan> phoenixz: You're asking that PXE automatically downloads and executes a Ubuntu installer, correct? If so, that's nothing to do with #ubuntu-server, it's a query on PXE's regard
<phoenixz> steffan: https://help.ubuntu.com/community/Installation#Server%20and%20network%20installations I think this is it..
<steffan> phoenixz: If PXE can do that, then I'm sure it is possible
<steffan> phoenixz: Your probably looking for https://help.ubuntu.com/community/Installation/LocalNet. It might be worth looking at https://help.ubuntu.com/community/Installation/LocalNet#Pile%20of%20PXE%20related%20links too.
<phoenixz> steffan: thanks!
<mrvdv> anyone know how i can set a certain shell user to only download so much and then his account is automatically stoped for over the limit of d/l?
<jaypur_mb> hi, i opened all the ports to apache and ssh, but people outsite my network cant acess...
<jaypur_mb> any ideia?
<Bullterd> Hey All
<Bullterd> My server keep loosing internet connectivity
<Bullterd> if i ping it, i get about 10 good pings, then it drops out for 30 second
<Bullterd> then back available again
<Bullterd> would this suggest hardware driver issues ?
<giovani> Bullterd: driver, modem failure, switch failure, lots of things are potential causes
<Bullterd> Can anyone recommend a gigabit PCI NIC that's uber ubuntu compatable ?
<giovani> intel NICs work nicely
<Bullterd> intel pro ?
<giovani> anything using a solid intel chipset
<Bullterd> http://cgi.ebay.co.uk/Intel-PRO-1000-MT-Desktop-Adaptor-PWLA8390MTBLK20_W0QQitemZ110347822644QQcmdZViewItemQQptZUK_Computing_Networking_SM?hash=item19b13e2634&_trksid=p3286.c0.m14&_trkparms=65%3A15|66%3A2|39%3A1|240%3A1318|301%3A1|293%3A1|294%3A50
<Bullterd> ?
<giovani> sure
 * Nafallo 've'd good success with 3Coms in the past.
<Bullterd> I got some cheap ass ones at the mo
<Bullterd> hoping thats the cause of my network issues full stop
<giovani> I wouldn't presume that that's the cause
<giovani> unless you swap out the NIC and it stops
<giovani> you don't have a spare nic of a different chipset around to test?
<Bullterd> not gig unfortunatly
<giovani> why do you need gig to TEST?
<Bullterd> 1080p doesnt stream so well over 100mb :p
<giovani> this is a test ...
<giovani> who cares if something streams ...
<giovani> you're testing if the nic/driver is the cause
<giovani> period
<Bullterd> true.
<Bullterd> Also
<Bullterd> When i boot the machine it hangs on "Loading Hardware Drivers" for like, 30 seconds
<Bullterd> and then randomly after a few reboots it decided to rename eth1 to eth1_rename
<Bullterd> would that also point to hardware / software incompatability ?
<victorbrca> phoenixz: got the scanner working... but it took me a while.
<pmatulis> Bullterd: has this problem always been with you?
<Bullterd> Yeah
<NativeAngels> can anyone tell me if you setup a cronjob, and the process is already running when the cronjob runs will it restart the process or check if its already running ?
<pmatulis> Bullterd: what release are you using?
<NativeAngels> im not yey
<NativeAngels> yet
<Bullterd> 8.10 x64
<NativeAngels> its just a questin i have
<NativeAngels> 8.04
<NativeAngels> server ed
<pmatulis> Bullterd: do you have multiple network cards?
<NativeAngels> no
<pmatulis> NativeAngels: can't you see that i'm not pre-pending your name to my comments?
<Bullterd> hmm.
<Bullterd> So I swapped NIC's
<Bullterd> been streaming and pinging, no loss so far
<pmatulis> Bullterd: i was going to suggest you to rename /etc/udev/rules.d/70-persistent-net.rules and reboot.  it may not be the card itself
<jmarsden> NativeAngels: The cron job will run even if the previous instance of it is still running... if course you can check for that in the script that is being run by cron and take whateevr action you desire...
<pmatulis> rename to .bak and have it be re-created
<Bullterd> pmatulis: Its the fact it hangs for about 30 secs on "Loading Hardware Drivers" at startup.
<Bullterd> Together with the random interface renames
<Bullterd> and constant packet loss / loosing IP connectivity
<pmatulis> Bullterd: yes, i know
<Bullterd> I mean, that sounds like hardware / software issues with the NIC, right ?
<pmatulis> Bullterd: not necessarily
<Bullterd> what about the fact it works perfectly with a replacment nic ?
<pmatulis> Bullterd: yes, it's still possible b/c the udev rule file sucks in MAC addresses (hardware related)
<pmatulis> Bullterd: you may want to try my suggestion, at least just out of curiosity
<Bullterd> so, put the old NIC back in, boot, rename that file, reboot ?
<pmatulis> yeah
<Bullterd> kk
<jaypur_mb> hi
<ieem> ubuntu-9.04 server + HPT370 = love ?
<bhajankirtan> can anybody help setting up home server accessible through WAN ip
<bhajankirtan> hello there
<ScottK> bhajankirtan: That's a very broad topic.  Generally it's better to ask specific questions.
<JackB21> It's not difficult
<quizme> how do i compile in mod_userdir into apache on ubuntu ?
<soren> quizme: Why would you want to do that?
<quizme> so that i can use it
<bhajankirtan> i m totally new to linux server
<bhajankirtan> i want to setup my home server which i can access it outside of home network
<soren> quizme: Just enable the module. No need to compile anything.
<bhajankirtan> is there any site for how to
<soren> quizme: sudo a2enmd userdir
<soren> quizme: IIRC
<ajmitch> I believe userdir is enabled by default
<bhajankirtan> setup my home server
<soren> ajmitch: Might very well be.
<ajmitch> hm, looks like I'm wrong, it's not enabled on this recent install :)
<uvirtbot> New bug: #384607 in bacula (universe) "bacula did not accept my password during installation" [Undecided,New] https://launchpad.net/bugs/384607
<quizme> soren: got it thank you.
<bhajankirtan> anybody can help me or give the link to setting up home server accessible from outside network
<uvirtbot> New bug: #384609 in samba (main) "package winbind 2:3.3.2-1ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/384609
<quizme> soren: http://pastie.org/503911
<soren> quizme: Look in /var/log/apache/error.log
<CoinBR> I can't limit port 80 on Shaper/CBQ... could anyone help-me?
<CoinBR> could anyone help me with shaper?
<CoinBR> "CBQ"
<quizme> mod_userdir is not compatible with mod_rails, which my server depends on.  Is there another module like mod_userdir that will allow me to access some web files via my ip address?
<Alex_21> Hi, ... I am trying to erase disks from the Ubuntu Server CD in the prompt.
<Alex_21> How can I do this.
<Alex_21> I tried Code: "dd if=/dev/zero of=/dev/sda bs=4k conv=notrunc"
<Alex_21> But nothing is happening. Any ideas? Please
<Nafallo> Alex_21: install wipe for proper removal of data
<Alex_21> Remember I am on the CD, ... I haven't installed yet
<Alex_21> How can I install then?
<Alex_21> Also, ... I just want to wipe out enough to prevent the installer seeing the disks as the RAID aray they once were
<Alex_21> Please
<Nafallo> ah. dd should work then.
<Alex_21> So my command Code: "# dd if=/dev/zero of=/dev/sda bs=4k conv=notrunc" is still nagning. Is this normal
<Alex_21> Or am I doing something wrong
<Alex_21> I eman what is DD doing?
<Alex_21> Is it writing zero's to my drive? I am trying to clean the drive that is 320 GB. How long should this take?
<Nafallo> Alex_21: depends on the speed of the disk really.
<Alex_21> It is a Sata drive
<Alex_21> But roughly how long?
<Nafallo> hours.
<Alex_21> Ok
<Alex_21> Thanks
<Alex_21> That is a relief.
<Alex_21> I have two disks. Do they automatically show up as sda and sdb?
<Alex_21> They are the only ones in the machine
<Alex_21> Besides a sata CD/DVD drive
<Alex_21> It's working I think
<Alex_21> So I'll be back. But one more question. I am setting up a raid aray with RAID1 and two disks. Do I have toset the bootable flag to true if this disk is to be the startup disk?
<Alex_21> Please
<Alex_21> I'll stay untile i get this response
<billybigrigger> can someone help me out here?
<dthacker> billybigrigger: you know the drill,  ask and see.
<billybigrigger> im trying to setup my mailserver...i can send mail out no problem...now i have setup thunderbird to use my mailserver, and forwarded port 143 to my mailserver...i tried sending a test mail from hotmail to my user@mydomain.com
<billybigrigger> all while watching /var/log/mail.err and mail.info
<billybigrigger> no errors...but i don't even see the incoming connection from hotmail
<billybigrigger> the reason i can send mail out is because im using my isp's smtp server...
<NativeAngels> how can i generate someoutput from a crontab in the form of a pop or message to a shell
<Alex_21> Make it compose an E-mail and send it maybe
<Alex_21> Using Perl or something to write the message to Zimbra or Postfix
<PhotoJim> Alex_21: commandthatgeneratesoutput | mail -s Subject\ Here person@domain.com
<Alex_21> Oh.
<Alex_21> I didn't know about that one..
<Alex_21> Thanks
#ubuntu-server 2010-06-07
<diago> mdadm is screwed from an install...
<t3chkommie> hey guys, i need some help with the system email my server trys to email out.
<t3chkommie> when i log in the server tells me i have new emails, but i have no diea how to see these, or forward them to my email account on my imap server
<shanezilla> anyone use SSH server
<shanezilla> CLEAR -all
<shanezilla> soory all new to irssi
<shanezilla> sorry that is : )
<lukehasnoname`> I wonder if Microsoft has an internal IRC server
<shanezilla> windows dose not supply an installed IRC client
<shanezilla> or an IRC server
<myk_> No, it doesn't.
<lukehasnoname`> they just use messenger and outlook, I suppose
<myk_> What do i need to do to have an unattended setup/installation? Is there a special instal media, or a boot argument?
<ccheney> my wife is now predicting she will be at the hospital within 24hr, heh
<unewbie1> ccheney: why is that?
<lukehasnoname`> I'm assuming baby, given the chuckle at the end
<uvirtbot> New bug: #590600 in libcommons-jxpath-java (main) "Please merge libcommons-jxpath-java  (1.3-3) from Debian unstable" [Undecided,New] https://launchpad.net/bugs/590600
<ccheney> unewbie1, baby was due on last friday but the doctor wasn't sure when it would actually come
<shanezilla> disconnect
<ccheney> the doctor thought it wouldn't come until induction which was scheduled for june 17
<MTecknology> ccheney: gettin' close then?
<MTecknology> ccheney: I wish you the best of luck on a happy healthy baby
<ccheney> MTecknology, yea any day now :)
<MTecknology> ccheney: congrats - you an ubuntu member? - if so - make sure to put that on the planet
<ccheney> MTecknology, yea ubuntu core dev
<MTecknology> ccheney: heh... i shoulda known that actually :P
<ccheney> heh :)
<MTecknology> not like i haven't read email from you
<MTecknology> you should grab the hostmask though - then I can know for sure jsut from a whois :P
<ccheney> MTecknology, yea i have one for my old nick, need to get an updated one
<unewbie1> ccheney: is it a boy or girl?
<ccheney> boy
<unewbie1> how do you know if he is not born yet? :D
<ccheney> ultrasound :)
<unewbie1> yeah
<unewbie1> i didn't know until my son was born
<unewbie1> i don't trust usg
<unewbie1> i try kvm on ubuntu 10.04 but it's keep complaining for error pci_add_option_rom: failed to find romfile "pxe-rtl8139.bin"
<unewbie1> Could not initialize SDL - exiting
<unewbie1> it's my first virtualization :D
<unewbie1> and not work
<MTecknology> unewbie1: odd..
<MTecknology> unewbie1: do virsh list --all
<MTecknology> unewbie1: do you see anything listed and if so, pastebin what you see
<unewbie1> no
<unewbie1> i try to create my first guest os
<MTecknology> pastebin the command you use and output
<unewbie1> http://pastebin.com/fQuh2C1K
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<MTecknology> unewbie1: check out this page - https://help.ubuntu.com/community/KVM/CreateGuests
<unewbie1> ok
<MTecknology> unewbie1: personally - the kvm command is kind of a pain and i only use it if i'm not making an ubuntu guest
<unewbie1> actually i dont understand virtualisation. i installed 10.04 yesterday and put a 400GB LVM partition. should i do this? :)
<unewbie1> this partition created for the guests os
<MTecknology> depends what you want to achieve :P
<MTecknology> don't make a partition for just one guest
<unewbie1> i made that 1 partition for 3 os
<unewbie1> is that ok?
<MTecknology> ya
<MTecknology> I have a partition that's nearly 1TB on LVM for all guests at /virt
<unewbie1> the partition was data and i create virt folder inside
<unewbie1> is that ok?
<MTecknology> depends if that's what you want
<MTecknology> if that's what you want - then it's ok
<unewbie1> i don't know what i want :D
<unewbie1> i'm new
<MTecknology> you want to play with virtualization - you know that much
<unewbie1> i only want ubuntu servers in my machine
<MTecknology> doing that mkes life much easier
<unewbie1> i have few servers with no virtualisation so i wanna try
<MTecknology> it's fun once you get the hang of it
<MTecknology> libvirt is an interesting beast - your entire config is xml too
<unewbie1> can i have web interface also? :D
<MTecknology> You can.. but imo - you're much better off not doing that
<unewbie1> why? isn't that easier?
<MTecknology> My personal opinion is that you get a lot further learning to do things on cli - you're much more efficient most of the time if you can do something on cli as opposed to gui
<MTecknology> in the case of libvirt - if you want gui I'd say get virt-manager
<unewbie1> can i create my guest with libvirt too?
<MTecknology> ya
<MTecknology> just need to setup your storage pools correctly
<unewbie1> how to setup the size? here https://help.ubuntu.com/10.04/serverguide/C/libvirt.html#libvirt-virt-install, i see: -s 4
<unewbie1> what's that mean?
<unewbie1> 4 GB?
<MTecknology> yup
<unewbie1> i made the file with dd command earlier for 100 GB. should i put -s 100?
<MTecknology> ya
<MTecknology> wait
<MTecknology> you want to use an existing system?
<MTecknology> -s will be part of making a new disk
<unewbie1> i want to use the existing
<MTecknology> I haven't don that ever - it's easily possible but I probably can't help you short of google
<unewbie1> then create new disk is fine
<unewbie1> Starting install...
<unewbie1> Creating storage file bar 100% |=========================| 100 GB    00:00
<unewbie1> Creating domain...                                                 0 B 00:00
<unewbie1> Domain installation still in progress. You can reconnect to
<unewbie1> the console to complete the installation process.
<MTecknology> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<unewbie1> what is that mean?
<unewbie1> sorry :D
<MTecknology> ya know what i'd do.....
<unewbie1> http://paste.ubuntu.com/445899/
<MTecknology> make a vm that has a single 4GB disk - then swap that disk with the one you made - then you have everything else setup
<unewbie1> where is the guest?
<unewbie1> dont understand
<MTecknology> it's in files
<MTecknology> virsh list --all
<MTecknology> do you see anything there yet?
<unewbie1> Id Name                 State
<unewbie1> ----------------------------------
<unewbie1>   1 barracuda            running
<MTecknology> your vm is running
<unewbie1> and what to do then?
<MTecknology> ssh into it
<unewbie1> ssh? i don't even installed the os yet?
<unewbie1> what is the ip then?
<MTecknology> from your system you can do virt-viewer -c qemu+ssh://192.168.1.4/system barracuda     where 192.168.1.4 is the host ip - not the vm
<unewbie1> how do you know my ip? :)
<MTecknology> call it a good guess
<unewbie1> i'll try
<unewbie1> virt-viewer is not installed yet
<unewbie1> 50MB to download
<unewbie1> http://paste.ubuntu.com/445903/
<unewbie1> error
<MTecknology> you caught the part where you run this on your system, right?
<unewbie1> dont understand
<MTecknology> your system = what you're typing on now
<unewbie1> yes
<unewbie1> the host
<MTecknology> no
<unewbie1> o
<MTecknology> use another system with X
<unewbie1> another ubuntu?
<MTecknology> yes
<unewbie1> i dont have any ubuntu desktop
<MTecknology> did you use virt-install to make the vm?
<unewbie1> yes
<MTecknology> you're going to need to recreate the vm and build it with --add-pkg openssh-server
<unewbie1> http://paste.ubuntu.com/445915/ that's how i create the vm
<MTecknology> ya.. you need a desktop system in order to complete that install
<unewbie1> i dont have desktop
<unewbie1> any alternative?
<unewbie1> how to recreate to vm?
<MTecknology> virsh destroy barracuda && virsh undefine barracuda
<MTecknology> lemme give you a magical command
<unewbie1> Domain barracuda destroyed
<unewbie1> Domain barracuda has been undefined
<MTecknology> !enter
<ubottu> Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<MTecknology> How much ram do you wantto give it?
<unewbie1> 1 GB
<MTecknology> how much swap?
<unewbie1> dont understand
<MTecknology> !swap
<ubottu> swap is used to move unused programs and data out of main memory to make your system faster. It can also be used as extra memory if you don't have enough. See https://help.ubuntu.com/community/SwapFaq for more info
<MTecknology> oh, and how many CPU's?
<unewbie1> 2 GB swap and 1 cpu
<unewbie1> the server only have 1 processsor
<unewbie1> quad core
<MTecknology> that means you can give it up to 4 procs
<unewbie1> ok, lets give it 4
<MTecknology> 2GB swap is insane.. but ok
<unewbie1> insane?
<unewbie1> not enough?
<MTecknology> very high
<unewbie1> make it just enough
<unewbie1> how much it should be?
<MTecknology> I use 256MB on all of mine
<blue-frog> on prod servers, the higher the better
<unewbie1> it's for production
<blue-frog> for desktop for people who are just playing witht their computers 256 is enough
<MTecknology> blue-frog: not if it's a vm - then you just start thrashing the host
<blue-frog> ah vm
<blue-frog> hum
<blue-frog> dunno about vm. sorry fr my talkings
<unewbie1> ok let it 256
<MTecknology> unewbie1: what's your full name and what do you want for a user name?
<MTecknology> didi for a username?
<MTecknology> Looks like you're from Indonesia - are there any package mirrors near there?
<MTecknology> unewbie1: I'm trying to rig up a command for you that you can reuse over and over and over
<MTecknology> you still exist?
<uvirtbot> New bug: #590629 in dbconfig-common (main) "Please sync dbconfig-common 1.8.46 (main) from Debian unstable (main)." [Wishlist,New] https://launchpad.net/bugs/590629
<unewbie1> sorry
<unewbie1> a phone call
<unewbie1> that's ok
<unewbie1> let's make didi
<MTecknology> and full name?
<unewbie1> supriyadi
<MTecknology> that's not a full name but ok
<unewbie1> that's a fullname here :)
<MTecknology> you don't have last names?
<unewbie1> nope
<unewbie1> that's the culture here
<MTecknology> odd
<MTecknology> there... you ready for your magic command
<MTecknology> http://pastebin.ubuntu.com/445921/
<MTecknology> enjoy
<unewbie1> the longest command i've ever seen
<MTecknology> lol... that's the trimmed version
<MTecknology> the one I use is MUCH longer - and if I'm adding static IP's... - but I know EXACTLY what I'm getting
<unewbie1> is this vmbuilder should be installed first?
<MTecknology> ya.. if you don't install the app you're trying to use you can't use it
<unewbie1> ok
<unewbie1> E: Couldn't find package vmbuilder
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<MTecknology> sudo aptitude install kvm libvirt-bin ubuntu-vm-builder bridge-utils
<unewbie1> waiting for installation
<unewbie1> how do you know everything? :D
<MTecknology> i don't know that much
<unewbie1> i have to configure email?
<MTecknology> hm?
<unewbie1> i got that screen here
<unewbie1> i dont remember installing postfix
<unewbie1> looks like postfix is coming with the aptitude
<unewbie1> should i cancel it?
<MTecknology> no
<MTecknology> dependencies
<unewbie1> ok
<unewbie1> and?
<unewbie1> how can i configure this postfix?
<unewbie1> are you sure we need this postfix?
<MTecknology> just let it install with defaults
<unewbie1> no configuration?
<MTecknology> no
<unewbie1> or internet site?
<unewbie1> or local only?
<MTecknology> whatever was selected by default
<unewbie1> i don't remember :D
<unewbie1> i played around with the cursor
<MTecknology> usually the default selected is the first in the list
<unewbie1> that means no configuration
<unewbie1> ok
<unewbie1> is that ok?
<MTecknology> press enter..
<unewbie1> ok
<unewbie1> ok it's done
<unewbie1> now it is the guest installation
<unewbie1> another error message
<unewbie1> http://pastebin.ubuntu.com/445927/
<unewbie1> it's already exist
<MTecknology> !enter
<ubottu> Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<MTecknology> delete the existing disk image
<unewbie1> ok
<unewbie1> it's quiet now
<unewbie1> is it going to take a long time?
<MTecknology> yup
<unewbie1> ok
<MTecknology> when it finishes it will start and you can ssh into it because openssh-server will be installed
<MTecknology> the timezone should be setup - and I set what I perceived to be the fastest package mirror for you
<unewbie1> is it installing the os now?
<MTecknology> yes
<Yosi> hi All, I've been using Ubuntu Server as an Apache for the server for the last week, and was thing about using it for a production machine.  all my friends at work are telling me to only use RHEL or CentOS in prodcution, is ubuntu server no stabl;e enough?
<MTecknology> and that command i gave you - i hate vim-tiny so i removed it and installed the full vim for ya
<MTecknology> Yosi: lol... it's a matter of flavor - I use Ubuntu on all of my production servers
<unewbie1> i only understand nano :D
<unewbie1> yeah me too
<unewbie1> and yes my friend said the same thing to me
<Yosi> do i need a firewall in front of the default install?  or are all the major security ports locked by default
<MTecknology> I know the centos community and they're great- so the OS choice really comes down to what you like better - for me i like the amazing usability of ubuntu
<Yosi> performance wise, I'm assuming ubuntu is as fast as rhel or cent for apache?
<Yosi> yes, new to linux, and ubuntu seems easier than cent
<MTecknology> Yosi: in most linux distros there's nothing being listened to by default - I always use ufw which is amazingly easy - just makes sure nothing else is sneaking in
<unewbie1> Yosi: me too
<Yosi> fair enough..
<MTecknology> I would always put a firewall in front (pfsense by choice) - that just makes routing much easier
<unewbie1> it's my first distro actually
<Yosi> my raid tools are made for cent/rhel etc.. from LSI (9260-8i card), but I can just configure it by the RAID bios, and apparently kernel 2.6 has the lsi drivers build in...  i just lose the management tools, but once the raid is established, i dont really need them
<naiad2> I'm wondering if it's possible to have apparmor restrict the output of ps like the grsecurity kernel module does.  limit ps to only pids that the user owns?
<qman__> Yosi, ubuntu server is most definitely secure by default
<qman__> there is nothing listening on any ports on a default install
<MTecknology> naiad2: I highly doubt it
<Yosi> qman__: thanks...
<Yosi> what i don't understand is why, big sites like ebay etc.. have problems with DOS attacks... can't most firewalls block a DOS attack?
<MTecknology> no
<Yosi> can't they just block that IP from spamming them?
<MTecknology> nope
<MTecknology> if you have 10GB traffic running through a 1GB pipe; you're plugged up - even if you block all that traffic - you still have to process that other 9GB
<qman__> yes
<qman__> the problem is DDoS
<qman__> it comes from many IPs, all over the world
<qman__> they run a public site, they can't just shut down all connections
<MTecknology> the only way to deal with it is to have more resources than your attacker
<qman__> you can configure your firewall to dynamically slow single-poing DoS attacks, but DDoS is nearly impossible to stop that way
<qman__> single-point*
<X-Sleepy-X> Easy solution: Compose a fake letter where it says it's terrorists behind the attack and send it to Pentagon. They will have those hackers nuked sooner than you can say "Wake up it's a beautiful morning!"
<qman__> the usual approach is just that, get more bandwidth, and try to find the source of the attacks
<X-Sleepy-X> :P
<qman__> the person running the botnet
<qman__> and get the botnet shut down that way
<MTecknology> X-Sleepy-X: little offtopic for this channel
<Yosi> back, got some water...
<MTecknology> I wonder if that's why it's so hard to purchase upload speed in the states...
<X-Sleepy-X> MTecknology: Kind of, yeah. But it was my way of saying good morning. ;)
<MTecknology> I can get 30mbit download for cheap enough - getting >1mbit upload gets to be insane
<qman__> the problem stateside is that the telcoms have government-backed monopolies
<qman__> no accountability, so they are way behind on upgrading their lines and tech
<Yosi> in Canada 20mbs fiber provisioned over E100 service is about $1400 a month
<qman__> when my connection doesn't work the way it's supposed to, I don't have any resolution
<qman__> there is only one ISP
<MTecknology> ouch
<qman__> if they don't perform, I'm SOL
<MTecknology> burn
<X-Sleepy-X> I pay about 300 euros for 10/10 Mbit/s but I get about 15/30 Mbit/s.
<qman__> US connections are the opposite
<qman__> you pay for 10/2, and get 6/1.5 in off-hours
<MTeck-ricer> pretty much
<MTeck-ricer> Actually.. I get what i pay for
<Yosi> i think the US is the cheapest I've seen for bw, cheaper than canada
<MTeck-ricer> I get 15/1
<unewbie1> MTeck-ricer: installation is finish
<rayvtirx> are these ordinary home connections
<MTeck-ricer> $30/mo
<unewbie1> now how to ssh?
<qman__> business connections too
<rayvtirx> im from uk and my upload is disproportinately slower
<qman__> DSL and cable
<qman__> unless you pay $300+ for a T1, you won't get your advertised speeds
<MTeck-ricer> unewbie1: 'nmap -sP 172.16.88.0/24' - figure out which new node popped up
<qman__> (per month)
<qman__> at least, you can't count on getting your advertised speeds
<rayvtirx> i get around 8 Mbit down and 512 kbits up
<qman__> some areas are better than others
<MTeck-ricer> I pay ~$45/mo for 15/1 on cable
<MTeck-ricer> I get what i paid for and that makes me happy
<X-Sleepy-X> I pay 38,58 for my connection. I get 15/30.
<X-Sleepy-X> :)
<unewbie1> another package to be installed
<Yosi> x-sleepy-x: where are u from?
<X-Sleepy-X> Sweden
<Yosi> nice
<qman__> my cable is $70/mo, for 8/1.5
<X-Sleepy-X> I could order 100/100
<Yosi> I pay $60 for 8/1 at home
<X-Sleepy-X> But that's a bit more expensive
<qman__> but it's only gotten that fast in the last month
<X-Sleepy-X> I only pay for 10/10 but I get a bit more... ;)
<qman__> I was paying the same rate for 5/512k
<unewbie1> what am i looking for here?
<MTeck-ricer> I switched ISP's - I was getting 1/256k
<MTeck-ricer> same into price
<X-Sleepy-X> That's not good.
<qman__> only one option here, the cable company
<MTeck-ricer> this new intro price lasts about 8mo longer - and after the change this new one is cheaper
<qman__> no DSL available, satellite and cell is a joke
<X-Sleepy-X> Start a ISP company...
<X-Sleepy-X> an*
<Yosi> i hope ubuntu sees my raid array..   i have 4 intel ssd's x25-m 160gb comming tomorrow... pluggin them into my lsi 9260 6 gb/s raid card and going to load ubuntu on that as my apache server...
<Yosi> would be fun to start a datacenter...  lol
<MTeck-ricer> qman__: gah... theyr website is horrible too
<qman__> Yosi, you might look into the different versions of apache available
<qman__> the default one is a bit slower in favor of the biggest feature set
<qman__> mpm-prefork
<MTeck-ricer> or just use nginx
<qman__> with a system like that, you're obviously concerned with performance
<MTeck-ricer> nginx > apache | stop abusing resources
<qman__> so try the different options out
<Yosi> thanks qman, i will check into that
<qman__> see what works
<twb> prefork isn't the default
<twb> It's only pulled in if you ask for PHP
<Yosi> qman: exactly, I want hi IOPs.....    its apache, php and mysql
<qman__> which you ask for if you use LAMP
<MTeck-ricer> qman__: wow.... their website is BAD
<qman__> charter? yeah
<qman__> you should try using their webmail
<qman__> it's an event
<qman__> their DNS servers are useless too, I run my own
<twb> bah, tasksel blows
<MTeck-ricer> qman__: if i buy now i can get phone/email/phone for only $130/mo :P
<MTeck-ricer> why not opendns?
<qman__> opendns didn't exist at the time
<qman__> when I set it up
<MTeck-ricer> twb: I used to like it - but i no long er use it - not tasksel fullfills what i want anymore :P
<qman__> so I learned BIND, and set up local DNS to address windows being completely retarded about network names
<qman__> and just stuck with it
<MTeck-ricer> qman__: mine - http://www.midco.net/
<twb> I wouldn't use BIND to resolve hosts on a private network.
<twb> dnsmasq is prettier for that
<unewbie1> MTeck-ricer is there another way to find where is my guest os?
<Yosi> is it faster to resolve dns on the same box as the webserver or better performance have dns handled by a seperate company?
<MTeck-ricer> unewbie1: twb how can you figure out the ip that a guest virt instance has?
<qman__> well, if performance is an issue, I'd just disable name resolution on the web server itself
<MTeck-ricer> s/unewbie1: twb/twb:/
<twb> MTeck-ricer: erm, ask your virtualization infrastructure?
<unewbie1> :D
<unewbie1> that's me
<MTeck-ricer> twb: if it were me i would have checked the mac against dhcp leases in the firewall :P
<MTeck-ricer> hm..
<MTeck-ricer> unewbie1: do you have access to your dhcp server so you can s
<MTeck-ricer> unewbie1: do you have access to your dhcp server so you can see the dhcp leases? *
<Yosi> qman, so u wouldn't run bind on the LAMP server...   my upstream provider that does our server colocation, has dns we've been using for now...  just wasn't sure if it would be faster to have godaddy pointed to BIND on my LAMP server or to my upstream provdider DNS then to my LAMP server without BIND
<qman__> handling DNS requests for clients, let another server do the job
<qman__> whether it's yours or the ISP's doesn't matter, but not on the web server
<qman__> I thought you meant looking up names for firewalling or log viewing
<Yosi> ahhh
<Yosi> no just for the clients
<qman__> which should be disabled on the web server, and handled in the firewall or your log viewer
<Yosi> fair enough, makes sense
<MTeck-ricer> unewbie1: virsh dumpxml barracuda   that'll give you teh mac addy the system is using
<Yosi> got disconnected
<unewbie1> MTeck-ricer:http://paste.ubuntu.com/445936/
<uvirtbot> New bug: #590639 in apache2 (main) "apache exit with signal Segmentation fault (11) on access to https:// if php5-curl enabled" [Undecided,New] https://launchpad.net/bugs/590639
<Yosi> i need a simple backup solution for ubuntu server LAMP config.. tht if it crashes its fast and simple to restore..  like an image backup
<MTeck-ricer> unewbie1: now you have the mac addy - find the ip that is assigned to it
<unewbie1> i don't see such mac address after nmap
<qman__> the config is all in /etc, apache2, php, mysql
<MTeck-ricer> unewbie1: use either your dhcp server of cli tools
<MTeck-ricer> unewbie1: I need to head to sleep now
<qman__> the tough part to back up is the mySQL database
<MTeck-ricer> unewbie1: you should be able to pretty easily get the rest on your own
<Yosi> qman - will it backup live?
<unewbie1> ok thanks
<Yosi> mysql
<qman__> the config, yes
<qman__> and you can set up a slave server for mysql if yo uwant
<qman__> which would effectively be a live backup
<Yosi> it would be easier if i just ran ESXi on the server, then i could snapshot the drive...  but then i lose performance
<qman__> a mysql slave server is a one-way relationship, the master updates the slave, the slave cannot update the master
<qman__> so it would make an effective realtime backup of your database
<Yosi> qman - interesting
<qman__> but if the master starts spewing corrupt data, that would forward to the slave
<Yosi> but then i need to setup anothe mysql server
<Yosi> true..
<qman__> so it would only be effective against failure
<Yosi> there must be some backup software with plugins to support mysql live backup
<qman__> however
<qman__> you could have the slave run periodic mysqldumps
<qman__> there probably is
<Yosi> oy, too much work
<qman__> but I don't know much about it
<twb> Maybe google for "mysql replication"
<qman__> using a mysql slave with whatever backup solution you choose might also be a good idea, performance wise
<qman__> but only if the master slave relationship takes less resources than the backup
<qman__> something you'd have to test
<Yosi> have u heard of this
<Yosi> http://www.zmanda.com/
<qman__> mysql isn't exactly known for its scalability
<Yosi> how does it compare against mssql?
<qman__> in my experience, MSSQL is a joke
<qman__> I've only ever seen it used in conjunction with other microsoft software, which requires it
<Yosi> fair enough
<Yosi> have u had much experience with vmware?
<qman__> only in the 1.x versions
<qman__> I didn't care for 2.0 and haven't paid much attention to it since
<Yosi> ilike how simple it is to backup stuff in vmware with the snapshots, just don't liek the performance loss of virtualization
<twb> Presumably you consider "simple" to mean "can be done with a mouse"
<Yosi> one file backup restorre
<Yosi> i don't mind cli, if i can backup the server live including mysql, and 1 file to restore the server
<qman__> the problem I had with snapshots in 1.x was the fact that it had to pause operation to take them
<qman__> they may have addressed that since, but when I was using it, that meant your server was missing for anywhere from a few seconds to a few minutes
<Yosi> yeah in ESX 4.0, snapshots are  and can be scheduled as backups...
<qman__> not an issue with one person tinkering on their desktop, but in a production environment, that matters
<Yosi> live*
<unewbie> test
<twb> I have an 8.04 server and a bunch (say, 100) 8.04 workstations, running something along the lines of LTSP5.
<twb> In the last six months, I've seen seven errors of the form:
<twb> [7254]:  WARNING: gdm_slave_session_start: User passed auth but getpwnam (p97661) failed!
<twb> Which is because the client can't see the LDAP server (nscd: nss_ldap: could not search LDAP server - Server is unavailable)
<twb> Why would the server very occasionally by inaccessible to freshly-booted workstations?  AFAICT the server isn't rebooting or restarting slapd at the time.
<ScottK> How's network loading?
<twb> Well, the workstations PXE boot, then run casper, which runs a second dhclient
<twb> I'm *pretty* sure I've scrapped NM on the workstations
<azteech1> for some, this may be a dumb ? but, if I forget to select a server package to install, one can still access the base server, and then set up the packages after install; at least I am hoping that is the case ...
<kaushal> hi
<kaushal> I have issues on compiling ipp2p on Ubuntu server 10.04, can i seek help here ?
<twb> kaushal: don't ask the same question simultaneously in multiple channels.
<kaushal> twb: apologies
<twb> ipp2p appears to be part of the xtables-addons-common package.
<kaushal> twb: Thanks
<kaushal> twb: when i run iptables -m ipp2p --help
<kaushal> i get iptables v1.4.4: Couldn't load match `ipp2p':/usr/local/libexec/xtables/libipt_ipp2p.so: cannot open shared object file: No such file or directory
<ScottK> azteech: Yes.  sudo tasksel should do it.
<twb> kaushal: did you install xtables-addons-common?
<kaushal> yes
<twb> Then at least one of xtables-addons-common, iptables, or the kernel is too old.
<twb> Consider migrating to a newer release of Ubuntu.
<kaushal> twb: I am on 10.04
<twb> Then file a bug against xtables-addons-common
<twb> You're doing something wrong, because lucid has ipp2p in that package:
<twb> http://packages.ubuntu.com/lucid/amd64/xtables-addons-common/filelist
<twb> Wait, /usr/local?
<twb> Did you compile iptables by hand?  Don't do that.
<kaushal> twb: ok
<mase_home> hey guys, there is a package which has given me the option of manual configuration later. ...which i chose..however now it has marked that package as not fully installed
<mase_home> how can i mark it as such ?
<nijaba> Hello. Anyone seen ivoks?
<uvirtbot> New bug: #590704 in libcommons-jxpath-java (main) "Sync libcommons-jxpath-java 1.3-3 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/590704
<\sh> ScottK, do you think it would be a good idea to ask Christoph Haas of http://workaround.org/ispmail/lenny <- to adjust his howto for ubuntu or should we work on a similar documentation for ISP Mail setup ?
<ScottK> \sh: I'd talk to sommer about it.  See if he wants to support it in the server guide.
<kaushal> hi again
<\sh> ScottK, will do :)
<RoyK> how can I change text console resolution in lucid?
<kaushal> ScottK: hi
<kaushal> Thanks for your reply
<kaushal> Still i have issues
<kaushal> I did removed /usr/local/libexec/xtables
<kaushal> when i ran iptables -m ipp2p --help it worked
<kaushal> I mean it didnot worked
<cloakable> ...
<kaushal> cloakable: are you referring to me ?
<cloakable> no
<kaushal> ScottK: you around ?
<cloakable> for 10.04, kernel devs have compiled in EVERY cpufreq driver.
<cloakable> Thus resulting in my centrino laptop using acpi-cpufreq and not speedstep-centrino
<sanderj_> Anyone have a document describing what the diffrence on VPS and IaaS is.. and the downsides of using both?
<kaushal> checking in again for my query ?
<pthsWork> Anyone know of a page that really explains the new Samba idmap system? Haven't found any that explains in a "For Dummies" style :p
<proxee> hi... where should I go with a question about apache config on ubuntu 9.10?
<soren> here, probably
<proxee> thanks... I've got a server with a virtualhost that uses ProxyPass and ProxyPassReverse. I'm seeing lots of random traffic and it seems I've got an open proxy.
<proxee> I've tried following all the documentation I can find, but the problem persists.
<proxee> So, I guess two questions: first, how can I check that the proxy is open/closed. And second, how to close it?
<proxee> Am I in the right place for these questions?
<spronk> hi guys - any ideas on what log files I should be inspecting to find out why fsck gives me a clean report on boot, then booting stalls?
<sanderj_> Anyone know what kinda functionality ubuntu elastic cloud have?
<proxee> i guess i'm in the wrong place for apache/unbuntu questions... where should I go?
<Jeeves_> proxee: Sometimes there aren't that many people online :)
<Jeeves_> The sun doesn't light the entire earth at the same time :)
<proxee> i see.. ok... I saw a long list... should I wait and ask my Q again later? (noob here)
<Jeeves_> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#access
<proxee> I've read the documenation... problem persists
<Jeeves_> Then you've misinterpreted the documentation :)
<Jeeves_> Can you paste your config on pastebin?
<Jeeves_> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<proxee> probably, yeah
<proxee> ok.. let me try pastebin
<RoyK> hi all. trying to setup authentication against AD fails - seems bindpw is ignored in libnss-ldap.conf
<RoyK> anyone here using ldap auth?
<proxee> Jeeves_: thanks, here's the part of my apache config: http://paste.ubuntu.com/446061/
<proxee> Jeeves_: I have a server running on a different port, and I'm using a proxy to route the traffic there
<proxee> I've tried a bunch of different variations, I still see tons of random requests in my other_vhosts_access.log file
<sanderj_> I wonder what the key diffrences between a virtual private server and a IaaS, infrastructure as a service..
<sanderj_> VPS vs. IaaS.
<zul> morning
<cloakable> sanderj_: the differences between a computer and infrastructure? :)
<cloakable> You could probably define VPS as CaaS :)
<sanderj_> cloakable, And the C means?
<Jeeves_> proxee: I can't browse via your proxy
<cloakable> sanderj_: Computer :P
<Jeeves_> I just get the site metraspace
<proxee> so it's closed for you?
<Jeeves_> as far as I can see...
<Jeeves_> But i'm no expert on this :)
<failover> proxee, there is not wrong with your conf, probably you got bots trying to look for a openproxy !
<sanderj_> cloakable, can you explain what kinda infrastructure IaaS gives me, compeard to CaaS/VPS ?
<proxee> yes, I see lots of junk in my log files
<RoyK> hi all. no idea if this is the right place to ask, but trying... I'm trying to configure linux to authenticate to an MS AD server, but it seems libnss ignores binddn/bindpw and just does a 'simple' bind. this is what I see when sniffing the traffic. any idea how to force it to authenticate?
<cloakable> sanderj_: no, because I run a home server :P
<proxee> Jeeves_: more expert than me, for sure... how can I test whether it's open or not?
<spronk> how can i enter like.. an extra verbose boot mode?
<cloakable> I provide all my infrastructure myself :)
<Jeeves_> proxee: I'm installing scanssh now
<failover> Roky, i think you don't need a dn/pw at ldap conf to authenticate.
<RoyK> failover: you do if anonymous browsing isn't allowed, which is the case with M$ AD
<failover> makes sense...
<Jeeves_> proxee: 95.142.161.84:80 <error: response code>
<proxee> Jeeves_: ...means it's okay, or not okay? :?
<Jeeves_> What do you see in your logs from 213.154.238.23 ?
<Jeeves_> proxee: It looks ok
<proxee> hard to say what's in my log from your address... the log file is growing by 10K bytes every few seconds :)
<proxee> i have a suspicion something is still wrong... and here's why...
<proxee> if I telnet to the http server and enter "GET http://www.yahoo.com/ HTTP/1.1", then hit return twice, I get some HTML back from yahoo.com. That seems wrong.
<Jeeves_> No, you get
<Jeeves_> <p>Your browser sent a request that this server could not understand.<br />
<Jeeves_> And if you do:
<Jeeves_> GET / HTTP/1.1
<Jeeves_> host: www.yahoo.com
<proxee> true, but I also get: <address>Apache/2.2.12 (Ubuntu) Server at www.yahoo.com Port 80</address>
<Jeeves_> You get a redirect from location: http://www.yahoo.com/main.ssp
<Jeeves_> Yes, that's your server, using the hostname you enter in the request
<Jeeves_> (usecanonical, or something, in httpd.conf)
<proxee> oh... that's not very obvious :D
<proxee> ok, so that's progress... is there something else I can do to keep my log files from growing like crazy as bots are hammering on the door?
<incorrect> I need to sign up for a bunch of ubuntu VPS providers around the world, can people suggest their fav?
<Jeeves_> proxee: Can you pastebin some loglines?
<proxee> incorrect: I tried gandi.net in France. They have ubuntu and a one-month refundable trial offer.
<proxee> Jeeves_: yes, just a sec
<Jeeves_> incorrect: You mean people supplying Ubuntu VM's/VPS's?
<incorrect> i just wanted to know of the provider and if they used it personally
<incorrect> thanks proxee
<Jeeves_> incorrect: xlshosting.nl, works fine
<proxee> incorrect: it was real easy to set up and they answered quickly to support/billing questions
<proxee> Jeeves_: here's some log file http://paste.ubuntu.com/446079/
<incorrect> thanks :D i have to sign up for a ton around the world
<Jeeves_> proxee: Those are all failing requests
<proxee> Jeeves_: i see... how do I read that they fail?
<proxee> oh.. duh.. 404
<Jeeves_> proxee: You can tell by the http response code .. :)
<proxee> and what's the garbage url with "\xcf\xf2" after the response code and length?
<proxee> I think what happened is that I had "ProxyRequests On", and some bots found my site. I figured out that was a boo boo, switched it to "Off", but the bots are still trying my site.
<proxee> The log files are still growing like crazy, eventually overflowing the disk
<proxee> If many requests are coming from a few addresses, is there some way I can block them and keep that from being logged?
<Jeeves_> proxee: You might try fail2ban
<Jeeves_> but that's kinda ugly
<sommer> mornings
<proxee> ok... less ugly approaches?
<proxee> or... if I just wait, maybe they'll go away?
<proxee> ...since I no longer have an open proxy? :D
<ItalicBold> in a shell script, is there a way to format a command and its arguments over multiple lines?
<Jeeves_> proxee: Probably, yes
<Jeeves_> ItalicBold: \
<ItalicBold> ta
<Jeeves_> \<newline> that is :)
<proxee> ok... I'll keep wiping the log files and hope they give up. Thanks a million for your help!!
<ccheney> good morning
<zul> hey ccheney
<zul> Daviey: can you check out #590201 for me
<lumaphyte> hi.  i have a computer that, after a reboot, suddenly is broken.  all that is displayed is  a normal fsck message for the root filesystem, after which point it simply hangs with a blinking cursor.  how can i troubleshoot this further?
<jdstrand> naiad2: re apparmor and pids> no, but apparmor does disallow things like ptrace and access to files in /proc, as well as any tools that use them
<jdstrand> naiad2: more specifically, if you have an apparmor profile for an application, you have to grant it permissions to do those things
<uvirtbot> New bug: #271546 in clamav (main) "[hardy] Multiple unfixed CVEs" [Undecided,Fix released] https://launchpad.net/bugs/271546
<nealmcb> lumaphyte: fscks can be very slow in lucid with ext4 - see Bug #571707 - so it could be the next fsck taking a LONG time
<uvirtbot> Launchpad bug 571707 in mountall "fsck progress stalls at boot, plymouthd/mountall eats CPU" [High,Fix released] https://launchpad.net/bugs/571707
<lumaphyte> oh, hmm.
<lumaphyte> nealmcb: thanks.  i'll let it sit and see what happens.
<lumaphyte> nealmcb: oh, it's not running fsck - the filesystem is marked as clean.
<spineau> ttx: ping
<ttx> spineau: pong
<spineau> ttx: I need your help regarding a kvm potential issue with my cloud
<spineau> ttx: instance fails to launch with the following msg in the nc.log :
<ttx> spineau: I'll help if I can. Daviey and hallyn may also answer ^
<hggdh> spineau: heh. exactly about that -- what machines are running what there?
<hggdh> spineau: i.e., who runs CLC, Walrus, CC, SC, and NCs?
<spineau> hggdh: a frontend with CLC,W,CC,SC and a separate NC
<hggdh> tamarillos is the frontend, then?
<spineau> ttx: libvirt: Failed to add tap interface to bridge '': No such device (code=38)
<spineau> hggdh: yes
<ttx> hm
<spineau> hggdh: pricklypear the NC
<spineau> ttx: I 've looked at the eucalyptus.conf on the NC and the VNET_BRIDGE is still empty even if I write "br0"
<ttx> spineau: is the bridge set up on the NC ?
<spineau> ttx: I wonder who is erasing this parameter
<spineau> ttx: How can I check that ?
<ttx> ifconfig should show a br0 bridge
<spineau> ttx: yes, It shows br0
<ttx> hm
<ttx> spineau: so you change /etc/eucalyptus/eucalyptus.conf... stop eucalyptus CLEAN=1
<ttx> is the setting still there ?
<ttx> start eucalyptus CLEAN=1
<ttx> is the setting still there ?
 * spineau is doing the steps
<spineau> ttx: staring eucalyptus erases the value
<spineau> ttx: starting
<ttx> spineau: in /etc/eucalyptus/eucalytpus.conf ? hmmm....
<ttx> that's bad, considering we created  /etc/eucalyptus/eucalytpus.conf.local so that euca_conf avoids changing that conffile
 * ttx grumbles
<ttx> spineau: which mode are you using ? SYSTEM ?
<spineau> ttx: I talk about the eucalyptus.conf on the node
<spineau> ttx: managed-nvlan
<spineau> ttx: novlan
 * ttx greps in the code
<ttx> spineau: what happens if you just do stop eucalyptus-nc / start eucalyptus-nc ?
<spineau> ttx: I've got the same result, br0 values deleted from eucalyptus.conf
<ttx> spineau: looks like something is running euca_conf -bridge
<ttx> but that should not even modify /that/ file
<hggdh> Daviey: on bug 588861 -- you reverted the UEC kernel back to lucid, and it works, or you reverted the Maverick kernel?
<uvirtbot> Launchpad bug 588861 in linux "Instances block in pending state, and don't start" [Undecided,New] https://launchpad.net/bugs/588861
<ttx> spineau: just to be sure: comment out the euca_test_nc line in /etc/init/eucalyptus-nc.conf
<spineau> ttx: this NC has been rebooted 2 times and nothing (I mean a test) is running since start
<ttx> and try restarting again
<spineau> ttx: ok
<ttx> if that still deletes it, I suspect something would show in the logs, so please pastebin the NC logs
<spineau> ttx: value deleted
 * spineau 's doing several scp to pastebin
<ccheney> Daviey, i resubmitted the merge proposal with the fixes mathiaz mentioned
<spineau> ttx: Does the whole nc.log is needed ?
<spineau> ttx: 11 AM
<spineau> ttx: 11 mb
<ttx> spineau: I need the startup, until you see the VNET_BRIDGE being rewritten
<ttx> I /hope/ that in th emiddle of those 11Mb it would mention that it rewrites a configuration file
<ttx> spineau: but I'm puzzled as I see no reference in the code doing that. It's 1.6.2 / Lucid, right ?
<spineau> ttx: yes
<spineau> ttx: https://pastebin.canonical.com/33073/ for the part you wanted
<ttx> spineau: Is this eucalyptus-nc.log on the NC ? you have the SC running on the same host ?
<spineau> ttx: log comes from the NC. the SC is part of the frontend, another machine
<ttx> spineau: strange line mentioning the SC there, but I don't have a running local cloud to compare
<spineau> ttx: I have my own local cloud at home, what do you want to compare ?
<ttx> why the logs mentions the SC
<Daviey> ccheney: Great.. only changing debian/changelog ?
<ttx> but the source should answer that question
<Daviey> hggdh: Maverick install, installed the lucid kernel.. otherwise Maverick vanilla alpha 1 with updates
<spineau> ttx: I find the same SC sentence in my nc logs
<ttx> looks like node goes through storage.c after all
<d1b> does anyone maintain xen packages?
<d1b> like ppa
<ttx> spineau: I'd suggest filing a bug... I never reproduced that and I don't get why the NC startup would rewrite that config file
<spineau> ttx: ok, what do I need to join with such a bug ?
<ZenMasta> I tried to isntall some packages but got an error about not locating the files or generate a list f packages http://pastie.org/995051
<ttx> spineau: symptoms
<ttx> topology
<ttx> installed versions
<ttx> Just concentrate on the startup part. You should get bridge=br0 in that vnetInit line at startup
<ttx> something rewrites it before that... and I can't find the code in the NC that would do that.
<ttx> spineau: I mean, you should get bridgedev=br0
<spineau> ttx: ok, thanks a lot for your help
<ccheney> Daviey, yea and adding the sru info to the bugs but that wasn't part of the bzr
<Daviey> ccheney: Oh cool, you've done the SRU part aswell?
<ccheney> Daviey, yea, still need to do the test for the SC loopback part
<ccheney> Daviey, but already written up
<Daviey> ccheney: Ok, i'm just about to do a quick test of your branch here.. if it turns out dandy, i'll ack the merge..  If you do need to go afk in a hurry, we'll sort out what is left.
<ccheney> Daviey, do i just do a bunch of euca-create-volume for that?
<ccheney> Daviey, ok
<Daviey> ccheney: which bug #?
<ccheney> 586134
<Daviey> bug #586134
<uvirtbot> Launchpad bug 586134 in eucalyptus "SC: Maximum number of loop devices should be configurable" [High,Triaged] https://launchpad.net/bugs/586134
<Daviey> thanks uvirtbot
<Daviey> ccheney: yeah, that should test that
<ccheney> looks like euca-create-volume is what i need but wasn't certain if that is 'SC'
<ccheney> ok
 * zul lunches
<ccheney> apparently this is invalid syntax, but i am not sure what i am missing
<ccheney> euca-create-volume --config -z cluster1 -s 1
<ccheney> ah --config not needed
<ccheney> ok seems to work fine for me
<ccheney> Daviey, once i got to 50 i started getting errors on the SC test
<ccheney> "1. Your proposed upload exceeds the maximum allowed object size. (edu.ucsb.eucalyptus.cloud.EntityTooLargeException)"
<Daviey> hmmmpf
<ccheney> i'll copy the relevant bits out of my logs
<bogeyd6> this ubuntu desktop could do with some huge bug fixes
<binBASH> Hi, I tried to migrate a KVM machine however it doesn't work.
<binBASH> virsh # migrate db2 qemu+ssh://foo.bar/system
<binBASH> Error: monitor socket did not show up.: Connection refused
<binBASH> someone knows what could be wrong?
<uvirtbot> New bug: #590843 in bind9 (main) "bind9 with dlz-mysql doesn't start at boot" [Undecided,New] https://launchpad.net/bugs/590843
<binBASH> I'm on lucid 10.04lts
<bogeyd6> binBASH, same
<bogeyd6> x64 of cos
<binBASH> yup ;)
<ccheney> Daviey, etienne mentioned there is a config option in web ui for reserved space for volumes
<ccheney> Daviey, its set to 50GB
<uvirtbot> New bug: #590846 in eucalyptus (main) "VNET_BRIDGE deleted from node config file after eucalyptus-nc restart" [Undecided,New] https://launchpad.net/bugs/590846
<ccheney> Daviey, it seems to fail later, tracking down the reason now, it failed at 194 for me, it also looks like it might eat loopback files on failure
<Daviey> ccheney: ahh.. interesting
<Daviey> oh suck.
<ccheney> "Your proposed upload exceeds the maximum allowed object size.
<ccheney> com.eucalyptus.util.EucalyptusCloudException: Your proposed upload exceeds the maximum allowed object size"
<ccheney> wtf
<Daviey> ccheney: Okay.. i'm going to try this here also.. but personally.. blocking out at 194 doesn't sound too promising for a medium or large cloud
<ccheney> Daviey, i'm going to nuke all volumes and try again after verifying the sc is empty
<linxeh> Hi there - how do I go about setting up SSL client certificate authentication with LDAP authorisation in Apache? I've done the certificate but, but struggling to see how to combine it with LDAP
<ccheney> Daviey, well on my test box i had it set to 200GB due to laptop disk limit, but i expected to hit at least 199
<Daviey> linxeh: client side certificates?
<linxeh> Daviey: yeah; I've got full mututal certificate authentication set up at the moment
<linxeh> ie, all valid client certificates can access resources, but I want to restrict it to group information stored in an LDAP server
<Daviey> linxeh: using mod_authz_ldap?
<linxeh> thats what I was hoping to use yeah
<axisys> after upgrading ubuntu from 9.04 to 9.10 proftpd is not starting anymore.. it is setup to start standalone.. is it something due to upstart ?
<ccheney> oh no
<axisys> need help with starting proftpd
<Daviey> linxeh: read http://authzldap.othello.ch/mod_authz_ldap.HOWTO ?
<ccheney> Daviey, i think, not 100% certain yet, but that when you create an unavailable/failed volume it does not get cleaned on euca-delete-volume
<Daviey> ccheney: *sigh*
<ccheney> Daviey, after deleting all volumes i still have 42 loops and 34 files in the volume dir
<Daviey> ccheney: perhaps leave it 20 mins to see if it cleans itself up
<linxeh> Daviey: that sounds like exactly what I want - thanks
<ccheney> Daviey, ok
<axisys> /usr/sbin/proftpd is missing
<Daviey> linxeh: This is not something that is documented for Ubuntu Server.. it would be awesome if you could do a write up of how you did it for the docs and or ubuntu wiki.
<Daviey> linxeh: Would you be able to do that, as you go?
<Daviey> ccheney: I haven't read the cleanup code.. i don't know if it will do anything.. but as you've encountered, sometimes euca' has a delay on other cleanup things
<ccheney> Daviey, ok, yea it cleaned up most of them immediately probably the ones that were working properly
<bogeyd6> axisys, isnt proftpd an xinetd service?
<axisys> /usr/sbin/proftpd is missing after the upgrade.. i needed to install proftpd-basic
<Daviey> axisys: Would you mind raising a bug.. something hasn't happend that should have happend
<linxeh> Daviey: yeah, I'll write it up (I need to do this anyway for the company wiki)
<axisys> bogeyd6: so installing proftpd-basic was the fix
<linxeh> Daviey: I'm pretty sure the server guide instructions for openldap are broken too
<axisys> Daviey: asking me or linxeh ?
<Daviey> linxeh: That is GREAT!  Really appreciated.. If you ping me, i'll certainly help point you in the direction of where to put it.
<linxeh> Daviey: some bits work, others dont
<Daviey> linxeh: And you'll be left with the warm feeling, knowing others will be able to find their way - based on your work \o/
<Daviey> axisys: You, if you upgraded and proftpd isn't working as it should.. it sounds like a potential bug
<linxeh> Daviey: yeah, I've contributed things in the past (though not always as myself, if that makes sense)
<linxeh> :)
<Daviey> linxeh: oh aye :)
<dassouki> although this is not a strictly server question, but if you have chronlogical data, how can i find where queues occured?
<ccheney> Daviey, i think the timeout isn't going to happen
<ccheney> Daviey, at least not after ~ 10m or so anyway
<ccheney> i'm going to reboot and see if they just go away
<ccheney> it shouldn't be hard to reproduce the issue if it is what i think it is
<Daviey> ccheney: agreed
<ccheney> ok so rebooting didn't help the volumes are still all attached to loops
<uvirtbot> New bug: #590862 in samba (main) "nmbd not started at boot time" [Undecided,New] https://launchpad.net/bugs/590862
<ccheney> so it doesn't know its a volume but it registers it as one anyway
<ccheney> gar
<ccheney> hmm i just noticed euca-describe-addresses that will be helpful to look at when i try to replicate the ip exhaustion issue again
<ccheney> Daviey, should volumes created show up under /dev/mapper ? i see where it appears to use lvm on them
<ccheney> it seems nothing is using them losetup lets me delete them manually
<sommer> mathiaz: had a chance to review the openldap-dit branch?
<mathiaz> sommer: not yet
<sommer> mathiaz: okay no problem
<axisys> Daviey: ok
<ccheney> how do i properly delete a volume that is not showing up in euca?
<ccheney> isn't it something like /etc/init.d/eucalyptus start CLEAN=1 ?
<kaushal> what does ipp2p mean
<hggdh> ccheney: euca-describe-volumes does not show it?
<kaushal> I know p2p means peer to peer
<kaushal> what does ip mean in ipp2p ?
<ccheney> hggdh, yea
<ccheney> hggdh, i think i found a bug
<ball> p2p over ip?
<hggdh> ccheney: there is bug on it already opened...
<ccheney> hggdh, i ended up removing the /var/lib/eucalyptus/db/storage.script
<ccheney> hggdh, oh do you happen to know the number?
<kaushal> ball, what does that exactly mean ?
<hggdh> ccheney: just a sec
<ball> kaushal: It does what it says on the box.
<ccheney> hggdh, thanks
<hggdh> ccheney: bug 517086
<uvirtbot> Launchpad bug 517086 in eucalyptus "euca-create-volume fails at times with Error communicating with Storage Controller" [Medium,Incomplete] https://launchpad.net/bugs/517086
<kaushal> ball, Thanks
<panfist> does ubuntu-server have any kind of network manager like the desktop edition?
<ccheney> hggdh, yea i bet that is at least part of the problem
<malchias> I am trying to setup basic email sending (not an smtp server, or relay).  I want scripts to be able to use something to send email.... can someone direct me to a tutorial on something simple, and secure?
<ccheney> hggdh, i don't see any error communicating when creating the volumes but that might be why they don't get deleted properly
 * ccheney looking into why they don't get created
<hggdh> ccheney: I think this is part of the issue -- I had a quick test some days ago on the Dell rig -- created 512 volumes, and then deleted them all
<hggdh> ccheney: I was left with 70 VGs hanging
<ccheney> hggdh, yea, i created 200 and only 179 were created
<ccheney> hggdh, before when i then removed them a lot were left behind, which may be the error communicating issue
<ccheney> hggdh, something else appears to be going wrong with it not letting me create the volumes initially
<hggdh> ccheney: what euca version? One of the issues I found there was OOM
<ccheney> hggdh, i seem to be getting an exception on vgcreate
<hggdh> ccheney: Java OutOfMemory, the Dell rig was not running 30.1, so it did not have a larger -xmms at start
<hggdh> ccheney: this is different
<ccheney> hggdh, i'm running the lucid update plus fixes i made for the new sru
<uvirtbot> New bug: #590887 in bacula "btraceback utility doesn't work" [Undecided,New] https://launchpad.net/bugs/590887
<hggdh> ccheney: what will be 30.2?
<hggdh> or whatever
<ccheney> yea
<ccheney> hggdh, http://pastebin.ubuntu.com/446228/
<ccheney> hggdh, thats an example of a failed creation
<ccheney> see the pool-10-thread-4
<ccheney> hggdh, is there some way to make it show what vgcreate returned?
<hggdh> ccheney: not to my knowledge. But this is indeed a different error
<ccheney> hggdh, ok
<hggdh> ccheney: if you still have the allocation... what happens if you run the vgcreate by hand?
<ccheney> it looked like it ellipsed a bit but i can try to see what happens
<ccheney>   Volume group "vg-6E6tMQ.." successfully created
<ccheney> apparently the ellipse really is part of it
<ccheney> i didn't just run vgcreate i ran exactly the same code it tried
<ccheney> /usr/lib/eucalyptus/euca_rootwrap vgcreate vg-6E6tMQ.. /dev/loop93
<ccheney> which was what returned the above
<hggdh> time to see exactly what rootwrap does with stderr/stdout, I guess...
<ccheney> i'm deleting all volumes now to see if i can get the other bug to show up
<ccheney> it left 60
<ccheney> so far no results for grep -i "commun"
<ccheney> so maybe another failure case as well
<ccheney> hmm and it doesn't even log it didn't work
<ccheney> there are 40 vg's relating to the volumes still active
<hggdh> heh. rootwrap fires off a execv
<sourcode> à¸à¸²à¹à¸­à¸² iphoneeeeee
<ccheney> hggdh, it let me run losetup -d on all but a few
<ccheney> hggdh, which then made the vg's disappear
<ccheney> left 5
 * ccheney looking at those 5 in the log now
<uvirtbot> New bug: #541077 in bacula "mysql installs after bacula-mysql" [Undecided,New] https://launchpad.net/bugs/541077
<ccheney> hggdh, ah it also failed to lvremove later
<ccheney> hggdh, when i ran the same command again it works fine
<hggdh> ??
<hggdh> this is weird
<ccheney> eg: /usr/lib/eucalyptus/euca_rootwrap lvremove -f /dev/vg-qJp0gg../lv-XL682g..
<ccheney> maybe i should run memtest on my boxes to make sure they aren't flaky, unless you also see this problem?
<hggdh> ccheney: I do not have enough space to test :-(
<hggdh> and the Dell rig is busy now
<ccheney> ok
<uvirtbot> New bug: #590894 in bacula "bacula-director crashes when nsswitch uses wins for hosts" [Undecided,New] https://launchpad.net/bugs/590894
 * ccheney lunch
<RoyK> does ext[234] have anything like zfs in the means of SSD buffering?
<ccheney> hggdh, it seems to setup them up sparse, so doesn't use any space until you actually use it
<hggdh> ccheney: yes, they are set sparse... let me try
<ccheney> it seemed to not take any space for 200 1GB files for me :)
<hggdh> ccheney: did you just loop creating the volumes?
<ccheney> hggdh, yea
 * hggdh wants to replay as much as possible
<hggdh> ccheney: roj
<ccheney> for i in `seq 1 200` ; do euca-create-volume $i ; done
<ccheney> er not exactly that
<ccheney> for i in `seq 1 200` ; do euca-create-volume -z cluster1 -s 1 ; done
<hggdh> ccheney: yeap, pretty much the same I am running. Oh lack of imagination... ;-)
<ccheney> i don't put any sleep in there, not sure if it is a timing issue if so it still needs fixing :)
<hggdh> mine is for i in $(seq 1 200); do euca-create-volume --config=/home/ubuntu/eucarc -s 1 -z UEC-TEST1; done
<hggdh> ccheney: do you notice that euca-describe-volumes takes a long time to process?
<ccheney> hggdh, i don't remember if it did or not
<ccheney> hggdh, probably was a little slow
<hggdh> ccheney: mine time-ed at 31 secs to show 200 volumes (in a mix of created/creating/failed)
<ccheney> ah ok, i didn't actually time it, it might have been a while i was looking in another window while running it
<hggdh> sorry, creating/available/failed
<hggdh> 52 secs second run
<hggdh> ccheney: 70 failures, so far
<ccheney> ok
<ccheney> i'll file a bug once we can reproduce it properly on your box
<ccheney> i just noted the issues in the sc loop bug up til now
<Yosi> hi all
<Yosi> whats the comman to install the latest webadmin in a fresh copy of ubuntuserver
<Yosi> commdn*
<Yosi> command*
<Pici> !webmin | Yosi
<ubottu> Yosi: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Pici> (there isn't one)
<hggdh> ccheney: weird. I am getting thousands of cloud-debug.log:14:32:20 ERROR [SystemUtil:pool-10-thread-5] com.eucalyptus.util.ExecutionException: ///usr/lib/eucalyptus/euca_rootwrap losetup -f
<Yosi> ahhh, darn, i tried it before and it seemed to work fine....
<ccheney> hggdh, do you have the 30.2 patches to allow over 32?
<Yosi> how does ebox compare?
<ccheney> hggdh, https://code.launchpad.net/~ccheney/ubuntu/lucid/eucalyptus/lucid-sru/
<hggdh> ccheney: ccheney oh crap. I reinstalled, and forgot to manually set it
<ccheney> hggdh, ah ok :)
<ccheney> hggdh, the loopback part is easy to manually do
<hggdh> ccheney: yeah, will get it done now, and bounce the SC
<hggdh> ccheney: OK, done & restarted, will test again
<ccheney> ok
<ccheney> you might want to make sure the vg's are gone, etc
<ccheney> otherwise they seem to stick around, which i think is part of the bug :-\
<Pici> Yosi: I've never really used either of them, so I can't compare, sorry.
<mathiaz> Daviey: https://ubuntumathiaz.wordpress.com/2008/09/18/automate-ubuntu-server-iso-testing/
<mathiaz> Daviey: ^^ this is one of my blog post about my workflow
<zul> mathiaz: hi https://code.edge.launchpad.net/~zulcss/+junk/server-sru-tracker
<mathiaz> zul: cool - thanks
<zul> np
<hggdh> ccheney: for reference: no volumes -- time euca-describe-volumes clocks at .15s
<ccheney> ok
<hggdh> I am now creating 200 vols of 1G
<hggdh> ccheney: 200 vols created, 11 failures. Looking at them now
<ccheney> ok
<hggdh> ccheney: http://pastebin.ubuntu.com/446252/
<ccheney> hggdh, looks the same as mine
<hggdh> yup
<ccheney> vgcreate fails for unknown reasons (or euca thinks it did anyway)
<hggdh> yes. Now... let me see if the VG was (or was not) actually created
<hggdh> no, it does not exist (at least as far as vgdisplay is concerned
<ccheney> maybe we actually found some sort of race in vgcreate
<hggdh> yes
<hggdh> now, the second test -- removing all volumes
<Yosi> just tried ebox and it sucks!  is there anyway to make webadmin work with server 10.04
<Yosi> ?
<ccheney> hggdh, i wonder if lvm fails if you are currently running another lvm command (not sure if that is what we are seeing though)
<hggdh> a race in lvm?
<hggdh> ccheney: I just tried to remove all volumes, was left with 8 vgs
<ccheney> yea
<ccheney> hggdh, and you can probably manually remove all of them using the same command that euca tried to do
<hggdh> ccheney: oh yes, nothing that a losetup -d, etc could not resolve
<hggdh> ccheney: but the point is euca-describe-volumes shows *NO* volumes
<hggdh> and there are still 8 VG/loop/files there
<ccheney> hggdh, yes, it appears it knows that it failed to remove but then forgets about it in euca-describe-volume
<ccheney> btw if you did not remove them manually then euca would set them back up in the backend somehow after restarting but still not show them in euca-describe-volume
<ccheney> i noticed that when doing testing earlier
<ccheney> it notes that it is doing it in the log files
<hggdh> yes. This, I think, is bug 517086 (or realted to it)
<uvirtbot> Launchpad bug 517086 in eucalyptus "euca-create-volume fails at times with Error communicating with Storage Controller" [Medium,Incomplete] https://launchpad.net/bugs/517086
<ccheney> hggdh, did you see any of the 'Error communicating' messages? i don't recall seeing them on my box
<hggdh> let me search
<hggdh> no, I do not see it
<hggdh> hum
<hggdh> Yet Another Bug?
<ccheney> probably :-\
<ccheney> so i'll file the bug and you can add whatever you want to it, i'll note it seems similar to the other bug but doesn't appear to be the same issue
<ccheney> i'll file it against eucalyptus until we can figure out why lvm is causing problems
<ccheney> bug 590929
<uvirtbot> Launchpad bug 590929 in eucalyptus "eucalyptus create and delete volumes sometimes fail on lvm commands" [Undecided,New] https://launchpad.net/bugs/590929
<ccheney> added part about it not showing up when delete fails
<hggdh> ccheney: and I just confirmed/Medium it
<ccheney> ok
<ccheney> added it for lucid also
<hggdh> (and subscribed mesself)
<ccheney> ok
<TuxIce> Anyone got an idea why this is happening? "Permission denied (publickey).". I'm thinking its a public key permissions issue, server side. My public key is copied to the server under files authorized_keys and id_rsa.pub, permissions 0600 owned by my server user. id_rsa.pub is not in my home folder on my client.
<TuxIce> ssh adam.delvecchio@server.tld -p 8022 -v produces: http://pastebin.com/SBmbycLQ
<Yosi> is there a simple Hard Disk/SSD benchmark took that i can run from the cli in ubuntu server
<Yosi> tool*
<sjm> TuxIce: not sure right now, but using "server.tld" doesn't hide much when the information is in the pastebin :)
<Hypnoz> this doesnt seem to work huh :(  tar -C /home/ -xvf http://10.1.1.1/pxe/net.tar
<qman__> Yosi, hdparm -tT
<amstan> hey guys, i'm trying to get suexec/suphp working, none of them seem to work
<amstan> do you guys know of any good guides? besides that perfect server one
<uvirtbot> New bug: #590952 in tasksel (main) "mysql-client-5.1 should depend on mysql-client-core-5.1" [Undecided,New] https://launchpad.net/bugs/590952
<ccheney> seems my wife's contractions just stopped happening, they were happening regularly for over 12 hours and vanished, very weird
<lifeless> ccheney: good luck
<ccheney> lifeless, thanks :) i now have no idea when we will be going to the hospital i was sure it was going to be sometime this afternoon, heh
<sentabi> how to fix this error : http://pastebin.com/3azNXCWD
<amstan> sentabi: what are you trying to do? on what version of ubuntu?
<SpamapS> amstan: on your suexec/suphp question .. i'd say (and I know this sucks) that its one of the worst ideas ever.. and you're better off with virtualization. :)
<SpamapS> sentabi: I just installed bin9, same version, worked fine (on maverick)
<amstan> SpamapS: virtualization?? are you crazy?
<amstan> what i'm trying to do here is making sure none of my clients can use php to read/modify other's files
<amstan> for example, right now i can just use php to read the config.inc.php from another site and find out the passwords
<amstan> i have like 40 clients, with very simple sites
<amstan> no way i'm getting 40 virtual machines
<sentabi> amstan : ubuntu server 10.04
<sentabi> installing bind9
<amstan> weird..
<amstan> i just installed the same thing today, do you have any special setups that might make that not work?
<sentabi> no, i dont
<amstan> sentabi: try redownloading it
<sentabi> let me try to reinstall the OS :) thanks
<amstan> it seems like the the init script is missing when the installer wants to execute it
<amstan> sentabi: check the cd first then
<SpamapS> amstan: Nah its not that crazy these days. Virtualization is easy and lets you not care so much about the little things. ;)
<amstan> SpamapS: still.. 40 VMs is not a pretty sight
<SpamapS> amstan: maybe if you're hand rolling Xen. ;)
<amstan> SpamapS: how much time would it take to setup such a thing?
<amstan> i only have like 2 days
<SpamapS> amstan: should be very quick if you go with UEC .. but you'll have to devote a large swath of IPs, which you may not have. ;)
<amstan> oh yeah.. this all needs to be done using virtual hosts
<amstan> so... 1ip/vm is not cool
<SpamapS> amstan: you can still do that, with a simple reverse proxy.
<SpamapS> and that makes them portable, which is nice.. you can spawn a new instance on another machine and move it without the client knowing. ;)
<amstan> if suphp/suexec would of been working i would of been done in 10 minutes
<amstan> with my current setup
<SpamapS> yeah, I've never seen suphp/suexec work right
<SpamapS> I've seen it "work"
<SpamapS> but not without a lot of duct tape
<amstan> there must be a way, there's tons of webhosts out there, and i really don't believe they have 1 ip per custommer
<SpamapS> no, it works, but its a constant headache because it breaks some assumptions
<amstan> SpamapS: oh, of course, i noticed this first hand
<SpamapS> and you can always, very easily, run a reverse proxy to unify them all under 1 ip.
<amstan> but those assumptions are way less important than getting security done
<ccheney> hggdh, i'm not completely sure but it looks like euca_rootwrap should be causing the error if any from lvm to be displayed, it calls perror() at the end after running the command
<hggdh> ccheney: I thought perror() would just return the errno
<ccheney> hggdh, actually hmm it seems it just prints the output of errno, which wouldn't be sufficient for this i think
<hggdh> if any
<ccheney> hggdh, yea i just realized that :)
<ccheney> i guess i could wrap the calls with a script that logs itself
<hggdh> ccheney: I did not see anywhere where stdout/err is saved -- and the thing is execv-ed off :-(
<ccheney> yea
<ccheney> so i could move lvremove to lvremove.real and have a script log it all i think?
<hggdh> er
<hggdh> yeah, it might work
<ccheney> do i need to do something to have a script return the code from the thing i am calling?
 * hggdh was worried on being root, but permissions should be maintained there
<ccheney> exit $var ?
<ccheney> and save $? to var while doing any processing in between?
<hggdh> probably easiest would be to write a small shell hack to save it to a log
<hggdh> append to the log
<ccheney> hmm its return $var for shell, exit is c
<ccheney> ok
<ccheney> i'll set that up and see how it does
<hggdh> cool. I am curious
 * ccheney goes to find a snack before running the test
<hggdh> oh. Good idea. This is what is probably causing this strange feeling of emptyness on self
<ccheney> i didn't end up eating anything for lunch and forgot to actually do so due to my med side effect
<ccheney> hggdh, as its all one real binary i can catch all lvm calls with the same test
<ccheney> :)
<hggdh> yes!
<SpamapS> anybody have a good suggestion for a really low power low footprint piece of hardware I could put in my home office to plug a couple of giant USB drives into for the purpose of running a local archive mirror?
<qman__> SpamapS, probably a netbook
<SpamapS> interesting.. but.. so uninspired. ;)
<qman__> you can build an atom machine, too, but they're a lot bigger
<SpamapS> I was thinking more like converting a wrt54g or something
<SpamapS> you know, something *crazy*
<qman__> routers with USB are quite expensive
<qman__> and finding one that works with dd-wrt is a crapshoot
<SpamapS> I wonder if one can still find xbox's cheaply? I bet that would owrk.
<SpamapS> but probably not low power
<qman__> not exactly low power
<qman__> it's a pentium 3 system
<qman__> but it would work
<qman__> but they're not exactly small either
<qman__> might as well just dumpster dive for a P3 rig and put the drives inside it
<ccheney> grr i messed up euca-desribe-volumes somehow
<ccheney> my script was a bit buggy and then i fixed it
<ccheney> but now euca-describe-volumes just hangs :-\
 * ccheney hopes rebooting will fix whatever went wrong
<ccheney> hggdh, ugh replacing the file is a bit more complicated than i thought
<ccheney> hggdh, because when you do that it messes up lvm's idea of what $0 is
<ccheney> hggdh, i may have to change all the symlinks to be the script
<hggdh> ccheney: ugh
<hggdh> ccheney: OTOH, this will catch all errors, and right now I am not sure where else we are failing
<ccheney> i don't know of way to convince lvm.real that its $0 is something else inside a script at least
<hggdh> shift?
<hggdh> then call lvm.real with the rest of the arguments
<hggdh> no
<ccheney> yea not sure if that will work
<ccheney> hmm actually it may be slightly more complicated than i thought
<ccheney> gah
<ccheney> stupid thing
<ccheney> lvm vgscan won't work unless the vgscan symlink is pointing at the right binary
<incorrect> is ebox any good?
<ccheney> it probably reexecs itself
 * ccheney thinks to see if there is any way to hook into the calls
<ccheney> erg, i can't think of a way to make this work due to the crazy lvm thing :-\
<mjmac> has anyone had much luck with installing 10.04 from a USB stick?  i've done it, but it required a lot of ugliness and beatings with a wrench.  wondering if i'm failing to see an easier way to do it.
<mjmac> 10.04 server, that is
 * ccheney tries one file to see if it does anything
<funkyHat> Hi, this is my smb.conf http://pastebin.com/cfELhvNe -- I've set it up to allow access to home dirs (I thought after supplying a password), but it appears I only have to have the right username on the host and I can access the corresponding ~... anyone able to spot what I've got wrong?
<funkyHat> My config for the "homes" share starts at line 236
<mjmac> i did it before by extracting the ISO contents onto the USB stick and using grub1 to boot the installer...  thought i'd try grub2 and a loopback mount of the ISO.  i can boot into the installer and get things going after manually loopback-mounting the ISO in the initrd, but that's ugly
<hggdh> ccheney: all hail security ;-)
<hggdh> there must be a way...
<NG_> sup guys?! how can i change an ubuntu server kernel to the latest version w/o restarting the whole system?
<hggdh> NG_: you cannot.
<lifeless> you can't
<NG_> hggdh, i'm fucked :>
<NG_> :<
<lifeless> we don't generate live-patches
<hggdh> NG_: you might be, but please mind your language
<ng_> soz
<ng_> :/
<kees> ng_: if you want, see www.ksplice.com
<mjmac> ng_: there's ksplice, but it ain't free
<ng_> read about it on google
<ng_> running a server w/o x
<ng_> so not what i'm looking for, as far as i saw
<mjmac> why do you need x to update the kernel?
<kees> ng_: it doesn't need x.
<mathiaz> zul: looking that the sru-report branch
<mathiaz> zul: I've generated a report:
<ccheney> kees: do you know of any way to make a binary think its running as a different program name when running it, besides the symlink trick?
<mathiaz> zul: http://people.canonical.com/~mathiaz/report.html
<mathiaz> zul: so all the rows are in red - which is not really useful
<ng_> kees, looking deeper into it, thanks =)
<kees> ccheney: depends on the method it looks at itself.  what is the specific issue?
<mathiaz> zul: I've updated the Spec page to outline what the output should look like
<kees> ng_: http://www.ksplice.com/pricing  ubuntu is free
<mathiaz> zul: https://wiki.ubuntu.com/ServerMaverickSruProcess#preview
<kees> ng_: (well, desktop is free, but you can try it)
<ccheney> kees, i need to log lvm output and its being called with execv in eucalyptus, i tried using a wrapper script and moving lvm to lvm.real but that obviously wouldn't work
<mathiaz> zul: could you update the scripts to generate a page using the format outlined in the specification (under the SRU Tracking page section)?
<ccheney> kees, lvm seems to randomly not work when i am doing volume manipulation so i need to see what exactly it says for each lvm command run
<kees> ccheney: why doesn't the lvm -> lvm.real thing work?
<ccheney> kees, maybe i just don't know how to run lvm and have it work right?
<kees> oh, lvm re-writes its stuff based on the calling name.
 * kees ponders
<ccheney> pastebin's his script
<ccheney> kees, http://pastebin.ubuntu.com/446318/
<kees> ccheney: doesn't euca use a wrapper to call lvm?  you could hook that?
<ccheney> the wrapper is a c program that calls execv directly to lvm
<ccheney> when i call lvm.real in my script it loses its $0 identity as eg vgscan
<mjmac> so, i'm guessing by the deafening silence that no one watching this channel has done server installs from USB...  :)  kinda surprised, it's so handy to install from USB when messing with stuff.  i guess i'll set up netboot.
<kees> ccheney: but it reads commands to run from /etc/euca/something.conf
<ccheney> and calling lvm.real with eg vgscan doesn't help
<kees> ccheney: you could change the "lvm" target to be lvm-logger and then call lvm from lvm-logger
<kees> ccheney: /etc/eucalyptus/wrappers.conf and change "/sbin/lvm" to point to your script, and have your script call /sbin/lvm
<ccheney> kees, yea i think that will work, just need a symlink to the script for each lvm related binary call (i think)
<hggdh> ccheney: what if you mv /sbin/lvm /bin/lvm?
<kees> ccheney: (you'll have to change all them, though)
<hggdh> forget, kees has the answer
<ccheney> hggdh, yea
<ccheney> kees, yea ok, will do that seems easier than finding and implementing any alternative to that :)
<ascheel> Quick question.  Upgraded Karmic server to Lucid server and I now can no longer boot.  No questions were ever asked regarding my boot order or fstab, so it should have ran unmodified.  Any ideas on recovery?
<SpamapS> I just love rebuilding php5 .. 45 minutes now.. :-P
<ZenMasta> my computer is not getting an ip, when I view ifconfig it just shows 127.0.0.1. If I try to edit /et/network/interfaces and restart it says error...no such device failed to bring up eth0
<SpamapS> ZenMasta: maybe your network interface wasn't detected.
<SpamapS> ZenMasta: is this a hardwired connection?
<ZenMasta> SpamapS well that's what I'm assuming, it is a wired connection. The thing is though, I have used live cd's and other distros on this box before without problems
<ZenMasta> btw this is a new install of 10.04
<ZenMasta> well maybe I shouldn't go as far and say problems in general, just not this problem
<funkyHat> huh. browsable is spelt wrong in my smb.conf
<SpamapS> ZenMasta: how about 'grep eth0 /var/log/dmesg' ?
<funkyHat> Or at least differently to how it is in the samba docs
<SpamapS> ZenMasta: should produce something like [    2.947822] e1000: eth0: e1000_probe: Intel(R) PRO/1000 Network Connection
<ZenMasta> lemme try, gotta reconnect monitor to try
<SpamapS> ZenMasta: also while you're at it 'lspci | grep Ethernet'
<ZenMasta> its running... is there supposed to be an apostrpohe after dmesg
<ccheney> kees: cjwatson pointed me at exec -a NAME which works also :)
<ccheney> hggdh, see ^
<SpamapS> ZenMasta: no
<ZenMasta> oh okay hehe
<ccheney> apparently its a bashism but is good enough for my hack
<hggdh> heh
<SpamapS> ZenMasta: if it didn't show anything, then there's no driver most likely.
<SpamapS> ZenMasta: lspci should show your network card though
<SpamapS> 02:01.0 Ethernet controller: Intel Corporation 82545EM Gigabit Ethernet Controller (Copper) (rev 01)
<ZenMasta> they both say stuff.. looks kinda standardish
<SpamapS> something like that
<ZenMasta> the first one though, grep dmesg that one says renamed eth0 to eth1
<SpamapS> ZenMasta: ding ding ding
<SpamapS> ZenMasta: maybe try eth1? ;)
<ZenMasta> I don't understand... shouldn't it just auto detect? I just installed so the default interfaces file says auto eth0
<SpamapS> well does it give a reason for renaming eth0 to eth1?
<ZenMasta> lemme check again
<hggdh> zul: on the samba apport hook all we need is *not* to open a bug if /etc/samba/smb.conf is missing, correct?
<mathiaz> hggdh: well - if /etc/samba/smb.conf is missing *and* the package has been removed (but not purged)
<mathiaz> hggdh: if the package is removed, configuration files are *not* removed
<mathiaz> hggdh: if the smb.conf file is deleted by hand, upon *reinstallation* of the package smb.conf will *not* be reinstalled
<ccheney> still having some weird issue but maybe reboot will fix it this time
<mathiaz> hggdh: which leads to smb not starting, which means that the package fails to install correclty and thus opens a bug
<ZenMasta> SpamapS no reason but I edited the interfaces file to auto eth1 instead of eth0 and it has now obtained an ip
<ZenMasta> its not showing up as an attached device on my router and I can't ssh into it yet though :/
<mathiaz> ZenMasta: has the MAC address of the interface changed in between?
<mathiaz> ZenMasta: if eth0 doesn't work but eth1 works then it usually means that the mac address has changed somehow
<ZenMasta> mathiaz possibly i installed it on one computer and then moved the hd to another (exactly same processor mobo ram etc
<hggdh> mathiaz: please let me read it slowly ;-)
<mathiaz> ZenMasta: see /etc/udev/rules.d/70-persistent-net.rules
<mathiaz> ZenMasta: for the mapping of mac address <-> ethX
<mathiaz> ZenMasta: right - the mac address is different then
<mathiaz> ZenMasta: which is why the new network interface is showing up as eth1
<ZenMasta> I see. Well I've never encountered that before. I've done the hard drive switcheroo thing a couple of times and has not presented this problem before
<SpamapS> mathiaz: I didn't know we did that.. bleh.
<mathiaz> SpamapS: yeah - I've run into that issue when cloning vms
<hggdh> mathiaz: so, pretty much, smb.conf will *only* not exist in this scenario?
<kees> ccheney: ah!
<SpamapS> RHEL 5 introduced it to the RH world and by 5.1 it was no longer the default behavior.
<SpamapS> Bites too many people when they do exactly as ZenMasta has done.. move the drives to another machine.
<SpamapS> In fact, thats a pretty standard thing to do when you've lost something on the motherboard.. move the disks to identical cold hardware and boot.
<hggdh> mathiaz: and the solution is, also pretty much, apt-get purge samba && apt-get install samba?
<ZenMasta> I'm still not sure it is working though. ifconfig shows an ip now, but I still can't ssh into it, nor do I see it in my router backend
<Yosi> basic question:  how do i shutdown ubuntu server, if i use the "shutdown now" command it brings me to a recovery menu
<SpamapS> Yosi: right, you need to use shutdown -h now, or 'halt'
<Yosi> ahh... why halt?
 * Ng eyes NG_ suspiciously
<mathiaz> hggdh: yes
<hggdh> mathiaz: thank you
<ZenMasta> SpamapS is it possible that I have to configure the firewall to allow ssh? I still can't connect or see the computer on my router
<mathiaz> hggdh: make sure to get your apport hook reviewed by zul or ttx
<hggdh> mathiaz: roger wilco
<SpamapS> Yosi: because thats how 'shutdown' works.. its shutting down the system for maintenance/whatever .. not necessarily halting it.
<SpamapS> ZenMasta: quit possible yes
<ZenMasta> SpamapS how can I check and if its not enabled how do I do so?
<Yosi> ahh thanks!
<ccheney> this script was way too complicated, needed several bash specific features to make it work :-\
<ZenMasta> hmm, ssh wasn't installe.d I coulda sworn I marked it during install
<ccheney> hggdh, my logging is a bit messed up (i think i can fix it) but i think i see why it fails
<ccheney>   /var/lock/lvm/P_orphans: flock failed: Resource temporarily unavailable
<ccheney>   Can't get lock for orphan PVs
 * ccheney wonders if this is somehow related to the reason uec-testing doesn't hit 100%
<hggdh> ccheney: I do not believe it is why we cannot get 100% on UEC, since we were not testing volumes, and the lock -- by the name -- relates to LVM
<hggdh> ccheney: but it sounds like resource starvation
<ccheney> ok
<ccheney> i think i fixed my logging i am going to run it again and see how it goes
<hggdh> cool. If you need, I can play with it also
<hggdh> ccheney: it may be that the man page is out of date, but man 2 flock does not list this errno
<IPNixon> hey, i've got 10.04 server installed, and i'd like to run a command at startup.  what are the steps i have to take to get a shell script to run automatically at startup?
<ccheney> hggdh, yea my logging might be corrupt atm
<ccheney> hggdh, something is returning err 5
<panfist> does anyone know where the dhcp server logs activity?
<hggdh> ccheney: input/output err??
<ccheney> hggdh, multi threaded logging into one file :)
<hggdh> ccheney: oooohhh, fun...
<ccheney> i think i know how to make it work or at least less likely to mix but running into an issue
#ubuntu-server 2010-06-08
<ccheney> http://pastebin.ubuntu.com/446338/  <- somehow the echo status line gets eaten
<hggdh> ccheney: which of the echo lines?
<ccheney> the echo "status = $?" doesn't appear
<ccheney> i think maybe exec causes it to not be printed
<panfist> i am configuring a new ubuntu server hiwch is working as a dhcp server (i think) but i can't ping it, ssh it, or get samba shares off it. is there anything obvious i'm missing? is it firewalled by default or something like that?
<hggdh> another option is to write the logs to individual files
<sCOTTo> hey guys, has anyone here installed Open-Xchange on teh new Ubuntu 10 ?
<ccheney> nm this idea isn't well thought out
<ccheney> i think it won't work period
<ccheney> i think the only easy way to make it work properly will be to log into a directory with full timestamp in the filename
<hggdh> ccheney: yes, I agree
<panfist> my sshd config file says i'm listening on port 22, the service says it's running OK, but netstat doesn't report i'm listening on 22
<ccheney> hggdh, ok i think i have a script that will log everything properly now :)
<ccheney> i got one status 5 so far
<ccheney> /sbin/vgcreate vg-1n2UFQ.. /dev/loop60
<ccheney>   /var/lock/lvm/P_orphans: flock failed: Resource temporarily unavailable
<ccheney>   Can't get lock for orphan PVs
<ccheney> status = 5
<panfist> another thing....service smbd status says it'
<ccheney> cool i think this might actually be useful
<panfist> says it's running, but sevice --statusall shows a ?
<hggdh> ccheney: maybe we are using all lock memory
<hggdh> ?
<ccheney> hggdh, hmm maybe so how does that work?
<hggdh> ccheney: good Q, I do not remember anymore...
 * hggdh goes back to RTFM
<panfist> i've upgrading this server from karmic to lucid and the only thing that's running is dhcpd...my old config files are intact...i'm lost
<ccheney> hggdh, this is weird i'm seeing what appears to be euca trying to force remove active pv's
<hggdh> ccheney: you mean some other pv (and not the one that would be removed?
<ccheney> oh i see why now
<ccheney> hggdh, my grep was a bit faulty and matched too widely
<hggdh> oh, OK
<ccheney> hggdh, so now i see how it is working
<hggdh> ccheney: is there contention for the lock?
<ccheney> it calls eg, lvremove that works, then calls vgremove and it fails, then calls pvremove without caring it failed
<ccheney> without caring vgremove failed
<ccheney> vgremove failed due to
<ccheney> /sbin/vgremove vg-g7thcw..
<ccheney>   /var/lock/lvm/P_orphans: flock failed: Resource temporarily unavailable
<ccheney>   Can't get lock for orphan PVs
<ccheney> status = 5
<ccheney> so maybe contention for lvm lock
<hggdh> I had a feeling euca was not worried about failures when I was cleaning up the mess I was left with
<ccheney> but since euca doesn't check its return codes and continues on like nothing is wrong it dies horribly
<ccheney> ok, well got to run and pick up food for my wife, bbia 30-45m
<hggdh> k
<ccheney> i wouldn't be surprised at all if the losing ip issue is the same type of problem, not checking error codes
<ccheney> i'll follow up to the bug report when i get back
<hggdh> this is sooo wrong...
<zul> mathiaz: acked on the format change
<hggdh> mathiaz (or zul): the samba apport hook should be initially packaged for Maverick or Lucid?
<zul> there is already one for lucid
<zul> hggdh: so patches accepted
<hggdh> zul: yes, I am adding the test for /etc/samba/smb.conf
<zul> hggdh: cool
<hggdh> zul: I submitted a merge request for maverick (and added you as reviewer to my branch). I *think* this is what I should have done, but I am not sure
<zul> hggdh: actually no...the right thing to do in this case is to  open up a bunch in launchpad with the patch and then nag me to death ;)
<hggdh> zul: a bug, you mean?
<hggdh> darn!
<zul> hggdh: yep
<hggdh> zul: doing it right now. And please consider yourself being nagged to death ;-)
<zul> hggdh: ok thanks
<zul> hggdh: <meek>yay!</meek>
<hggdh> :-)
<SpamapS> oooo
<SpamapS> elinks has pretty colored build scripts
<hggdh> zul: bug 591043 opened, can you please review?
<uvirtbot> Launchpad bug 591043 in samba "merge request: changing source_samba.py" [Undecided,New] https://launchpad.net/bugs/591043
<zul> hggdh: yep first thing tomorrow
<hggdh> zul: thank you. Please correct me as needed
<hekevintran> I am running Ubuntu Server on VirtualBox. I am not using X Windows, only the command line. It looks like it is redrawing the screen for every line that causes the screen to shift down. In other words if there is empty space on the screen below the current line, it works normally, but if the current line is at the bottom of the screen, when the system moves to the next line it refreshes the whole screen line by line. This causes 
<hekevintran> Why does Ubuntu Server redraw the screen for each line? Is there a way to make this behaviour go away?
<hekevintran> is it related to the framebuffer?
 * ccheney back
<uvirtbot> New bug: #591043 in samba (main) "merge request: changing source_samba.py" [Undecided,New] https://launchpad.net/bugs/591043
<ccheney> wtf
<ccheney>                                 returnValue = removeVolumeGroup(vgName);
<ccheney>                                 returnValue = removePhysicalVolume(loDevName);
<ccheney> yea... store the returnValue and then just ignore it
<ccheney> and lvm does not appear to document the return codes it uses
<hggdh> heh
<hggdh> ccheney: good chances of getting it better there. I really cannot understand you errors are not orked on
<ccheney> i posted an unspecified rant about this mess, heh
<hggdh> ccheney: care to give the link?
<hekevintran> Why does Ubuntu Server redraw the screen for each line? Is there a way to make this behaviour go away?
<ccheney> http://chrischeney.wordpress.com/2010/06/07/error-handling/
<ccheney> heh :)
<hggdh> dammit, how can I have so many errors in one single line?
<ccheney> hggdh, can't parse your comment as it had too many errors :)
<hggdh> ccheney: there you go... bloody dixlexia, plus a glass of wine :-(
<hggdh> dammit! again
<ccheney> hggdh, once i dig around in lvm and determine what kind of error code 5 is i will try to fix up the euca code
<hggdh> ccheney: roj. Glad to have you working with us :-)
<ccheney> hggdh, :)
<ccheney> hggdh, i worked for several years at a place that was pedantic about checking every error code even if it was near impossible to actually ever see the error
<ccheney> iirc some of the errors we checked for would have likely never gotten to the code path due to major system failure if it actually happened
<hggdh> ccheney: that helps, indeed. I worked on a *lot* of places where errors were only important if management saw them
<ccheney> heh
<hggdh> that's it. I am out for the night
<unewbie> my first guess os is create, how can i access it?
<ccheney> hggdh, oh yea and better, we had to document our functions
<ccheney> hggdh, so people actually knew what they were supposed to do and return, etc :-\
 * ccheney looking at lvm and has no clue what it is doing with its return values, weird crap
<ccheney> ah i think i found where the error codes are, but they aren't actually useful
<ccheney> lib/commands/errors.h
<unewbie> anyone using libvirt?
<unewbie> how to access my new guest os?
<mathiaz> unewbie: look at virt-viewer
<unewbie> mathiaz: do i need a desktop for that?
<unewbie> can i just ssh?
<hggdh> ccheney: I will look at this tomorrow, done for today/night
<ccheney> ok
<ccheney> have a good night
<hggdh> ccheney: you too. Please call it a day also, otherwise I will feel guity ;-)
<ccheney> hggdh, ok :)
 * ccheney just noticed its 9pm here already, heh
<unewbie> it's 9 am here :D
<Yosi> hi
<Yosi> all
<Yosi> what is the command to update the system...  everytime i turn in on it says there are 27 updates availabale..  how do i run them/
<unewbie> how can i connect my guest os with kvm
<unewbie> apt-get update
<unewbie> apt-get upgrade
<unewbie> Yosi: may be that's what you need
<twb> Do SATA optical drives work in 8.04?
<twb> I remember that 8.04 d-i doesn't handle them, but I don't remember if the installed system will.
<Mgamerz> ahhh
<Mgamerz> !
<Mgamerz> anyone here?
<unewbie> many people here
<Mgamerz> !
<unewbie> just ask :D
<Mgamerz> alright i tried to ask this in the ubuntu channel but it got washed away
<Mgamerz> so
<Mgamerz> i'm trying to follow this guide here:
<Mgamerz> err... accidentally copied another link just a moment
<Mgamerz> http://www.debuntu.org/how-to-set-up-a-serial-console-on-ubuntu
<Mgamerz> ERR... no not that one either
<Mgamerz> http://derrick-caluag.blogspot.com/2006/10/how-to-setup-dial-in-server-on-linux.html
<Mgamerz> that one. i need to be able to connect to my headless server box at any time
<Mgamerz> and the only connection it has is wireless
<Mgamerz> and sometimes it fails to start
<Mgamerz> so since it's headless and if wifi goes down... well i can't do anything really. i can try to do it blind but sometimes that doesn't work :/. So I want to be able to dial into it. both pc's have modems
<Mgamerz> and its running 32bit server lucid
<Mgamerz> but /etc/inittab doesn't exist in these versions, nor does /etc/event.d apparently
<Mgamerz> so im not even sure how to do this...
<Mgamerz> so if i could have some help with that guide that would be excellent
<twb> Mgamerz: /etc/event.d because /etc/init for no good reason
<Mgamerz> ?
<twb> Sorry, predictive text
<twb> Mgamerz: /etc/event.d became /etc/init for no good reason
<Mgamerz> hmm
<Mgamerz> inittab is gone and its supposed to bind to an interface
<Mgamerz> im not sure what the dial up/telnet terminal would be labeled
<Mgamerz> although since it is a 'LAN' connection (of sorts), I assume telnet would work fine.
<Mgamerz> just having to bind a listener to the ubuntu side
<twb> I have a router running 10.04 that has a serial interface.  I can dig out the /etc/init/ttyS0.conf entry if you want.
<Mgamerz> that'd be great :)
<twb> But I'm a bit confused because you're talking about serial and wifi, which is unrelated.
<Mgamerz> although is a modem (with phone line) the same as serial?
<Mgamerz> Well
<Mgamerz> the thing here is:
<twb> No, a modem is different.
<Mgamerz> ... -_-
<Mgamerz> I have a server
<Mgamerz> and i don't have access to the router from where i can put it
<Mgamerz> so i have to use wifi
<Mgamerz> but occasionally the wifi... eh just dies
<Mgamerz> and since the server is headless, i can't just do ifdown ifup
<Mgamerz> well i can but if i mistype something then well... i dont wanna have to move this monitor again and again
<fluvvell> Mgamerz, you probably wont have telnet, but if it is server install you should have ssh
<twb> http://pastebin.com/qxBYPwHK
<Mgamerz> so if i could just dial into the server
<Mgamerz> and use a terminal that'd be excellent
<fluvvell> Mgamerz, so are you on the network or not?
<Mgamerz> yes.
<Mgamerz> I am
<twb> telnet is also unrelated to serial lines, modems, and wifi.
<fluvvell> Mgamerz, does the machine have an ip address and do you know it ?
<Mgamerz> i can access the server right now
<Mgamerz> im vnc'ed to it (have tightvncserver)
<azteech> mgamerz .. take a look at this link ... the issue will be in finding all the pieces to get wvdial to work properly ...
<azteech> http://ubuntu-virginia.ubuntuforums.org/showthread.php?t=1374108
<twb> Mgamerz: to clarify: are you talking about a dialup (56k) modem?  i.e. not ADSL, ATM, etc. modems?
<Mgamerz> yea
<Mgamerz> a pci modem card
<Mgamerz> one of the ones from the 90's hehe
<Mgamerz> too cheap to buy a null cable
<twb> A null cable is likely to work
<twb> How much is your time worth?
<Mgamerz> well i have a ton of time
<fluvvell> Mgamerz, just to verify, the server has access to the internet - but you have no access to its router? Are you trying to access it from a remote spot with no internet ?
<Mgamerz> so not much
<Mgamerz> the server can access the internet
<Mgamerz> it can access everything i want it to
<Mgamerz> BUT!!!
<Mgamerz> sometimes the wifi that connects it to the network dies
<Mgamerz> and since it is headless, i have NO way to make it come back up without forcing a power off (not shutdown)
<twb> fluvvell: I think he has a headless box with a wifi NIC, a serial port on the motherboard, and a PCI 56k modem card.
<azteech> what is the distance between where your remoted computer is and where the server is?
<fluvvell> Mgamerz, and there is no way to wire it to the router; I think I understand
<Mgamerz> about 5 feet
<Mgamerz> my telephone wire is barely long enough to reach that far
<Mgamerz> and I'm using my ethernet port on my remoted machine
<twb> He wants to connect to it over a RJ11 cable or something
<Mgamerz> I have a mini wifi router here that also acts as a passive wifi adapter
<fluvvell> Mgamerz, What about using a reverse network patch lead?
<azteech> all you need then is a 10' (foot) cable to connect to the router then .. you don't need to worry about hooking up to wireless ..
<Mgamerz> noooo
<Mgamerz> my box is wireless too
<Mgamerz> the router is like 40 feet away
<fluvvell> azteech, my thoughts too.
<twb> Yeah, BY FAR the easiest solution is to put in a $10 100baseT ethernet card and run a cat5 cable.
<Mgamerz> ...
<azteech> then all you really need is a hub ... to connect the server and the remote unit ... and you can run cat5 cable up to 150 feet ... with no problem ...
<Mgamerz> i don't have access to the router itself
<twb> If you can't do that, the next easiest is to buy a nullmodem cable and talk serial between two serial ports.
<Yosi> Hi All, I hav two drives in my system.. a single sata drive on the internal controller and a RAID on a controller card.... when i installed ubuntu on the raid, i think it put the bootloader/grub on my single sata drive, is that a problem?  everything seems to work fine..
<Mgamerz> and if i want to not spend money i could get this to work
<twb> Yosi: yes, it's a problem.
<twb> Yosi: if either drive dies, you won't be able to boot
<Yosi> true...
<Yosi> better having the bootloader on the raid...
<Mgamerz> i do not feel the need to spend $10 on something that i could do for free with a bit of work :l
<Yosi> twb: any easy way to move it over, or can i have the bootloader on both?
<twb> Yosi: first, confirm your diagnosis by trying to boot without sda
<twb> i.e. with it unplugged
<twb> Yosi: then, you will want to install grub on all drives.  Google for the phrase "setup (hd1)".  There should be adequate documentation online somewhere.
<Yosi> i disabled the internal controller that its on, any nothing worked..  but maybe it better if i just unplug the drive
<azteech> why don't you have access to the router? distance, or is it someone's elses hardware?
<twb> (You could also try "grub-install /dev/sdb", but I don't trust that.)
<Mgamerz> it is ours
<Mgamerz> but the router is a long ways away
<Mgamerz> and we have no power outlets that are open next to it
<Mgamerz> it's in our living room, and this server is... well... 'ugly'
<Mgamerz> as my parents say
<Mgamerz> so it lives in my room
<Yosi> twb:  is there an easy way to check where the bootloader is located, i can't unplug the drive easily, i forgot the case is now locked...
<Mgamerz> i have looked on the internet and everywhere i go people always just say do this do that instead of just helping with the person's questions
<Mgamerz> so i guess
<Mgamerz> where can i find ubuntu's version of /etc/inittab?
<twb> Yosi: it's difficult to check, but it should be easy to blow it away with something you think is correct
<twb> Mgamerz: you can't.
<Mgamerz> would be the answer i am looking for
<Mgamerz> ...
<azteech> okay ... then what you need to do work on, is how to get wv to work on lucid ... like I said above, and what has been said in the link I pointed you to, is to get all the pieces together ... and set up wvdial to make it work for you ....
<twb> Mgamerz: in all current versions of Ubuntu, inittab support is negligible.
<Mgamerz> i know it is
<Yosi> thanks, brb
<Mgamerz> i just need to know the thing it turned into
<twb> Mgamerz: it turned into /etc/init.
<Mgamerz> like how can i initialize this on boot
<Mgamerz> hmmm
<twb> There is no direct analogue of the old inittab
<azteech> the problem is you are using a how-to that was done in 2006 .. there has been a lot of changes made since then ... recommend looking at the man page for wvdial . and google for wvdial to see what the latest is for lucid ...
<Mgamerz> k
<azteech> believe twb is correct .. all that is now /etc/init ..
<Mgamerz> i'll see about that
<Mgamerz> yea that is the only guide i could find
<Mgamerz> i figured it had probably changed but it's the only one i could find about a dialin server
<twb> I *know* I'm correct, because it has pissed me off several times before
<azteech> google for wvdial lucid .. or ubuntu 9.xx and see what you get, and look at the man pages for it ... you might get a lot closer to the answer your looking for, than a 4 year old how-to ...
<azteech> lol twb ...
<fluvvell> Mgamerz, sorry to bludgeon on with an idea you've discarded, but if money is an issue what about scavenging an old patch lead and wiring in an extension to it? You say you have access to network ports on both the server and the router could it not be wired somehow ?
<fluvvell> or maybe you should figure out why the wireless is dropping out?
<fluvvell> if you have so much time on your hands.  You will find dial up networking speeds unbearable.
<twb> Or just call up your local luv and ask them if they have a spare 100baseT card
<Mgamerz> no
<Mgamerz> i am not using dial up to access the internet
<Mgamerz> !!!
<twb> Er s/LUV/LUG/
<Mgamerz> i am using it to access the terminal
<Mgamerz> terminal does not require copious amounts of bandwidth
<azteech> which 802.x wireless dongle are you using .. a b, g or n type?
<Mgamerz> g
<Mgamerz> it has always done it to ubuntu
<Mgamerz> when it was on this box before the HD died it killed it as well
<fluvvell> whereas you may find many people with the knowledge to help solve your wireless troubles.  [no not heaps of bandwidth, but you also said you were using vnc]
<twb> fluvvell: he wants to run a serial line between a server and a serial console, except he wants to somehow do it using two modems instead of a nullmodem serial cable.
<Mgamerz> i am using vnc right now over the wireless.
<Mgamerz> i use vnc over the wireless, when it is up
<fluvvell> twb, yes - not a wise choice in my book as I've worked with pci modems and frankly nowadays they are a huge pain.
<Mgamerz> and when it goes down (which is occasional), i cannot access the box at all
<Mgamerz> and
<Mgamerz> fluvvell
<fluvvell> Mgamerz, what phone system is between these computers?
<Mgamerz> a single cable
<Mgamerz> i'll take a picture it'll just be easier to show
<fluvvell> two wires?
<fluvvell> or four ?
<Mgamerz> 4 wire phone line
<Mgamerz> cat3
<Mgamerz> err
<Mgamerz> gotta find my phone...
<Mgamerz> brb
<azteech> with 'g' you should have a issue maintaining a connection .. unless there is a lot of walls/electronics/ or something else running in the house that is in the same freq range as that dongle ... have you tried to switch channels on it .. and see if you get a clearer signal?
<Mgamerz> yep
<Mgamerz> this is the best setup i can get on chan6
<Mgamerz> my phone is somewhere near this pc as my monitor has fuzzed up once cause of the interference.
<Mgamerz> but where
<fluvvell> and you have no cat5 patch leads that you could wire onto them? A reverse network patch lead only uses four wires. 40' would probably still work ok.
<fluvvell> monitor ? Interference ? from what ? the wifi ???
<Mgamerz> no
<Mgamerz> my phone
<Mgamerz> i have a CRT
<Mgamerz> and when it gets a call (and sometimes not) the monitor will F up
<fluvvell> Mgamerz, my understanding of phone frequencies is that they overlap at the lower end of the wifi spectrum, therefore using channel 11 or higher if possible is desirable.  Sounds like the phone is the cause of most of your problems.
<azteech> fluvvell: hei is getting freq interference ... from electronics around him ... that limit him to getting best connection on channel 6 .. but he said that somewhere close to where he has his unit, something else is also causing interference with his monitor from time to time as well ... almost sounds like a grounding issue ...
<Mgamerz> no
<Mgamerz> ffs
<Mgamerz> my phone has nothing to do with this
<fluvvell> ie wifi greater than channel 10
<Mgamerz> alright
<Mgamerz> so to imageshack i go
<fluvvell> Mgamerz, sry we're just trying to help. Sometimes people can be fixated on a solution which has many repercussions
<azteech> but troubleshooting that is not gonna solve his request .. he needs/wants to set up wvdial on lucid ....we shouldn't be guessing him, or trying to talk him out of it ...
<fluvvell> azteech, you're quite right of course.
<Mgamerz> yea i know
<fluvvell> Mgamerz, what type of pci modem?
<Mgamerz> umm
<Mgamerz> lemme pull it up
<Mgamerz> i have scanmodem on the vnc window right now
<fluvvell> <groans> scanmodem !
<Mgamerz> Conexant Systems HSF
<fluvvell> do you physically know the chipset ?
<Mgamerz> HSF...
<azteech> just tell us it isn't a wintel modem ... cause if it is .. will be more issues to try to correct ..
<fluvvell> ie have you eyeballed the card - believe me it helps
<fluvvell> of course it is.
<twb> I'm just gonna go ahead and plonk this modem thread, mmmmkay?  You're not gonna get anywhere.
<Mgamerz> didn't see anything about wintel in the info
<Mgamerz> yea its Conexant
<fluvvell> azteech, that was the angle I was trying to come from.
<Mgamerz> alright
<Mgamerz> so... http://yfrog.com/3dimage1813j
<Mgamerz> on the right is my computer that i am talking to you from, this is my main pc
<Mgamerz> the monitor is hooked up to it
<Mgamerz> on the left bottom is the server
<Mgamerz> and you probably can't see it, but there is a telephone line going between them directly
<Mgamerz> via pc modems
<Mgamerz> pci*
<azteech> sort of figured it was ... :)
<Mgamerz> i want to have my server act as a dial up server '(like an ISP), NOT DO CONNECTION SHARING, and just use the terminal to do stuff
<Mgamerz> that way i have an 'always on terminal' if stuff goes south
<fluvvell> any chance of a high res photo of the actual pci cards ?
<Mgamerz> eh... they are already installed
<Mgamerz> but
<Mgamerz> the one in the server (ubuntu) is a conextant
<Mgamerz> when i looked at them earlier today that is about all i could gather from the sticker
<Mgamerz> the one in the windows is... well the one that was in the server originally
<Mgamerz> didn't think i'd ever use a modem again
<Mgamerz> also didn't realize how serial and modems are painfully intertwined
<Mgamerz> I have 2 spare ethernet pci cards
<Mgamerz> BUT
<Mgamerz> i don't have any pci room in my home PC.
<Mgamerz> I have my Graphics card which is ginormous (and sucks), a fan for it (cause my pc overheats... its like spilling its guts out)
<Mgamerz> and well... that takes up 4 slots O_o
<fluvvell> Mgamerz, the motherboards don't have built in network ports?
<Mgamerz> they do.
<Mgamerz> But.
<Mgamerz> I have this
<Mgamerz> uh
<Mgamerz> i'll give yo uthe page it'll explain better than me
<Mgamerz> i pulled out the cable by accident reading the name
<Mgamerz> http://www.trendnet.com/products/proddetail.asp?prod=175_TEW-654TR&cat=77
<Mgamerz> its that thingamagic
<Mgamerz> i can never spell ma-gij
<Mgamerz> ...
<Mgamerz> anyays
<Mgamerz> anyways*
<Mgamerz> it also acts as a passive client for wifi.
<Mgamerz> It's way better than dealing with the setup of windows, plus i can plug it into anything without any driver hassle.
<Mgamerz> I would use it on my server... but im greedy and use it for my pc instead.
<Mgamerz> WAIT
<Mgamerz> hmmmm
<azteech> Connexant HSF 56 K Fax/modem .. is that the modem you have?
<Mgamerz> yep
<fluvvell> gotta go, bfn.
<Mgamerz> i jsut had an idea
<Mgamerz> bfn?
<Mgamerz> I have TWO extra ethernet pci cards
<azteech> fyi .. it is a windows soft modem ... meaning to make it work you will need to find a windows driver that will be compatible for linux ...
<Mgamerz> i just realized
<Mgamerz> haha i am stupid
<Mgamerz> if i can install the pci modem then i can swap it out and instead use the pci ethernet adapters and just do...
<Mgamerz> ah damnit! I don't have a crossover cable
<azteech> the only one that I know of that is available .. is from linuxant .. and they charge for it ..
<Mgamerz> man linux was not made for dial up eh?
<azteech> yep ... that would be the way to go ...
<Mgamerz> i need a crossover cable...
<azteech> not really ...
<Mgamerz> i wish there was software based MDIX
<azteech> was back in the day when all there was, was dial-up .. but even then it was a pain to set up ..
<Mgamerz> i remember when the internet used to be free
<Mgamerz> had yahoo internet
<Mgamerz> back in 96
<Mgamerz> was the slowest pos ever
<twb> azteech: I still use dial-back modems for remote access to a secure facility.
<Mgamerz> I use dial up occasionally to telnet/console into a cisco router.
<twb> Mgamerz: and yet you still live with your parents
<Mgamerz> well
<azteech> twb .. didn't say they aren't being used ... just said for him .. his situation is almost impossible unless he can find a windows driver that can be installed ...
<Mgamerz> im 17
<Mgamerz> will be 18 in a month.
<twb> azteech: oh, I thought we were getting into a retro tech pissing match :-P
<azteech> providing one has the right hardware, dial-up can be, and is still used today ...
<Mgamerz> I could make a crossover cable
<Mgamerz> but i don't have crimpers
<azteech> nope, being a old mil comm tech .. I know better ... lol
<Mgamerz> or a cable... whateveryoucallit ends
<azteech> would recommend cutting and splicing the cable .. but that is a pain .. and unless you have a solder gun, probably not the right solution ...
<Mgamerz> i have a coupler so i do in fact have a cable long enough to reach the router itself
<Mgamerz> but having a cable run through the house is not really an option
<Mgamerz>  iwas thinking of using bluetooth serial
<Mgamerz> then i was like nahh
<Mgamerz> bluetooth on ubuntu is a pain in the rear anyways
<azteech> your better off ...going down to the local second hand shop, getting a older 10baseT hub for $5 buck .. and run cable .. at this point ...
<Mgamerz> heh
<Mgamerz> well
<Mgamerz> where i live it probably won't have it
<Mgamerz> i don't live in that big of a city
<twb> Mgamerz: you don't need a crossover if at least one NIC supports autonegotiation of same, which is a requirement of the 1000baseT spec.
<Mgamerz> yea... i don't have a gigabit.
<Mgamerz> only 10/100
<twb> Many 100baseT card provide it, too.
<Mgamerz> i'll look up if it has MDIX
<azteech> twb .. true ...
<twb> Admiteddly, not any of the shitty ones that *I* get... :-/
<Mgamerz> ehhh wtf... where'd the card go
<Mgamerz> oh
<Mgamerz> man my orom is a disaster since i dismantled some old machines
<Mgamerz> 2001 D:
<azteech> sounds like it is time for a yard sale ... lol ...
<Mgamerz> lol
<Mgamerz> i just took out a AMD K6 processor
<Mgamerz> 233
<twb> Or just give it to your local hardware recycling group.
<Mgamerz> mainly so i could remember my first computer
<Mgamerz> which was a pentium that ran on the same socket...
<Mgamerz> well
<azteech> don't worry .. have the same issue here .. trying to marry two households together .. that are both geek based ....
<twb> They spruce it up, install xubuntu, then sell the machines for like $10 to poor people.
<Mgamerz> until i accidentally ran over the processor with this chair here <_<
<Mgamerz> was busy screwing with it and i bent some pins
<Mgamerz> wow this card i can't find a serial fro
<Mgamerz> for*
<Mgamerz> hmm
<Mgamerz> perhaps the cisco one
<Mgamerz> LNE100TX
<Mgamerz> v 4.1
<Mgamerz> doesn't seem to have MDIX
<Mgamerz> but perhaps if i can find a firmware for it
<azteech> good luck in your endeavors ...
<Mgamerz> hopefully
<azteech> mgamerz .. your out of boise and they don't have second hand computer shops?
<Mgamerz> kind of
<Mgamerz> i don't know what you mean by second hand relaly
<Mgamerz> really*
<Mgamerz> I know of some computer shops, but I doubt they'd sell a cheap hub (eww hubs) or a switch for less than $30
<Mgamerz> omg
<Mgamerz> i cannot find out who the maker of this card is
<azteech> basically one that takes in computers, fixes them, upgrades them, etc ... and the parts they don't use, or older stock they sell at heavily, used parts pricing ..
<Mgamerz> yea they have some here
<Mgamerz> like... 2
<Mgamerz> i can't find the maker of this card.. the whole thing seems unbranded
<Mgamerz> Pulse H1012 google search shows someone with the same query but it's not the card maker
<azteech> those would be the ones that would most likely have the older hubs dirt-cheap .. if they still have any left ...
<Mgamerz> well i'll try this one first
<azteech> also, sometime thrift shops have them as well .. just have to look around ...
<Mgamerz> yep
<azteech> see if the cared has a pn on it .. and google for the part number ...
<azteech> card ..
<Mgamerz> theres a
<Mgamerz> circuit? or chip idk soder(ed?) (??) onto it
<azteech> and, sometimes you can find info about the card by doing a fcc id search ...
<Mgamerz> but it comes up with nothing useful
<Mgamerz> and theres on other one
<Mgamerz> it looks like
<Mgamerz> atmel?
<azteech> no, the pn would be printed on the circuit board ...
<Mgamerz> theres a lot printed on this card
<azteech> sometimes though, manufs use stickers/labels .. and if that is not present .. you may have issue id'ing the card ..
<Mgamerz> the cisco one is much better
<azteech> amtel is the chip maker ...
<Mgamerz> there is a sticker but it's just a serial number... not like a id
<azteech> nothing that may look like a p/n: or pn: or pn# ..
<Mgamerz> i'll punch some into google
<Mgamerz> theres a huge amount of numbers on this one
<Mgamerz> eh wtf
<Mgamerz> it comes up as a intel motherboard
<azteech> probably a old intel nic then .... that was coupled with a intel mobo ...
<Mgamerz> yea
<Mgamerz> its relatively... unbranded
<Mgamerz> all that is there is the text that you find on the circuitboard
<Mgamerz> all the tiny R1's and stuff
<azteech> nas, what you need to find is a pn or mdl # ...
<Mgamerz> it is indeed an intel card
<azteech> can't type this evening
<azteech> see anything that says fccid on it?
<Mgamerz> yea
<Mgamerz> im tracing it
<Mgamerz> comes up as a intel server card
<azteech> type that in as fccid and the number
<Mgamerz> pila8460b
<azteech> well, that is getting you closer ...
<Mgamerz> is the id... i think
<Mgamerz> 	
<Mgamerz> Intel PRO/100plus Management (PILA8460B) Network Adapter
<azteech> probably a 8460b based nic card then ...
<Mgamerz> eh... good/bad?
<azteech> there you go ... now you have info .. and can search ferther ...
<azteech> probably better than the cisco one you have, but also probably older ...
<Mgamerz> it is older
<Mgamerz> the cisco one is from like
<Mgamerz> 2004
<azteech> may or may not have the mdix ... have to research it and see ...
<Mgamerz> or i could just plug it in
<Mgamerz> seeing as i'm not finiding much info about this
<azteech> you could ... would suggest that intel site might have the best info on the card ..
<Mgamerz> Intel 82559 Fast Ethernet controller
<Mgamerz> its not on their site
<Mgamerz> all it shows is a discontinuation
<azteech> http://www.latestdriversupdate.com/driver/34635.html
<azteech> http://www.intel.com/support/network/sb/cs-006103.htm
<azteech> dis a search in google for what you listed the card as  ... and came up with lots of reviews .. sales locations .. the the above two links ...
<azteech> and am sure there is more ..
<Mgamerz> hmmm
<Mgamerz> trying to see if nayone has hacked the firmware
<Mgamerz> doubtful they could add mdix
<Mgamerz> PILA8460B (PBA# 721383-xxx).
<Mgamerz> that is my card
<Mgamerz> my card is 007 :P
<Mgamerz> i've noticed on the end of the ethernet card there is 3 pins
<Mgamerz> the same as the cisco one
<azteech> there you go ... see, if you look, sometimes ye shall find ...
<azteech> look at the intel link ^ ... and am sure there is additional info you can find out about the card, besides the one ^ ...
<azteech> now, will leave you to your research ... and escapades/endeavors ... have fun ....
<Mgamerz> imma just install it
<Mgamerz> lol
<azteech> hopefully tonight was a learning experience for you ...
<Yosi> Hi all, question:  everythime, I "shutdown -h now" the next bootup i get the following error "fsck from util-linux-ng 2.12.2"
<Mgamerz> i'll put the linksys in this machine and the intel in the unix
<Yosi> and the screen locks up
<Mgamerz> i (L) webmin
<Yosi> anyone know why i;m getting this fsck error
<Yosi> ?
<azteech> yosi .. sounds like you might have a hd that may be starting to flake out ... or, is not getting enough time to complete write cycle before it is powered off ... and it is corrupting the data somehow ...
<Mgamerz> smart test :)
<Yosi> they are brand new SSD's in a RAID 5 setup..
<azteech> Mgamerz: good luck bud ...
<Yosi> i just installed them all today
<azteech> doesn't mean thay can't be bad out of the box ....
<Yosi> true...
<Yosi> is there a way of slowing down the shutdown process..
<Yosi> cause when i trype shutdown -h now, its like instant
<Mgamerz> azteech
<Mgamerz> why do you always have ...'s after your lines if i may ask
<azteech> just the way I type is all ...
<azteech> and a way to seperate parts sometimes ...
<Yosi> is there any other ways to shutdown
<Yosi> ?
<Mgamerz> press the power button...?
<Mgamerz> on mine it shut down
<Mgamerz> well
<Mgamerz> after i set it to do that
<Mgamerz> whew man my hard drives are arm
<Mgamerz> warm
<azteech> Yosi:  you can always try doing a halt instead of a power down ... option and then power it down manually ...
<Yosi> how would i do that?
<Yosi> I just googled my issue, and lots of ppl with SSD's and ext4 have this issue
<azteech> sudo shutdown --help and man shutdown should point you in the right direction ...
<Yosi> some ppl recomend movinback to ext32 filesystem
<Yosi> typo
<Yosi> ext2
<azteech> lot of folks are having isses with ext4 as a whole .. not just with the new ssd's ...
<Yosi> fair enough
<azteech> ext4 IMHO .. is still too new to trust my data to it ... so I stick with ext3 ..
<azteech> Mgamerz: try running systems with temps up in the 105+ range .. and see how well they do heat wise .. when they aren't in a heavy a/c'd data center ...
<Mgamerz> oo fun
<Mgamerz> what i don't get
<Mgamerz> is how do pc manufactuers ever think you can clean the heat sink in a pc without taking the heatsink out
<azteech> I have 120 fans in my cases ... plus a/c going, and a fan blowing on the case .. and they still run 40-50C ...
<Mgamerz> lol i have a fan on my case too!!
<Mgamerz> well
<Mgamerz> i did
<Mgamerz> like 3 days ago
<Mgamerz> until i bought a fan cable splitter
<Mgamerz> now i have like
<Mgamerz> 5 fans in my pc case
<Mgamerz> so
<Mgamerz> im going to log into here with my tablet
<qman__> Mgamerz, canned air
<azteech> they expect you to take it out, clean it once in a while ... and re-apply temp cream between the plate of the HS and the cpu ...
<Mgamerz> bad for the environment
<qman__> I even do it powered on sometimes
<bastrian> hi to all :-)
<qman__> but I guess I just live dangerously ;)
<Mgamerz> yea... i didn't use any thermal compound
<Mgamerz> so it probably overheats cause of that lol..
<Mgamerz> wait a minute
<Mgamerz> OH DANGIT
<Mgamerz> i installed the wrong card
<Mgamerz> wait
<Mgamerz> no i didn
<Mgamerz> t
<Mgamerz> this boot rom chip area of the linksys card has this huge spaced contacts that makes it appear super old
<Mgamerz> alright
<azteech> unless you buy coolers with the silver compound on it already in place, you should ALWAYS use thermal compound ...
<Mgamerz> meh
<Mgamerz> quote 'i live dangerously'
<Mgamerz> no not really i awnt a new pc and if it died i'd have reason to get a better one than this hunk of junk
<qman__> that was fairly sarcastic
<qman__> I've worked on computers for years, never once used ESD straps
<qman__> and I work on systems live somewhat frequently
<DivineLight> ello!
<azteech> lol gman, we were talking aobut static issues ...
<DivineLight> die mgamerz
<twb> As long as you're holding the case and aren't a frail old woman, it's TOTALLY SAFE
<azteech> s/were/weren't ...
<qman__> never fried anything
<qman__> just get some canned air, aim the straw at the heatsink, and blow
<qman__> cleans it right up, never even have to shut down if you don't want to
<azteech> the issue was to use thermal paste or not ... between the cooler and the cpu ...
<qman__> it's compressed CO2, doesn't conduct electricity
<qman__> you should always use a thermal compound
<azteech> and how to properly clean it ... and your right canned air can be used ... but some folks don't like using it ...
<DivineLight> i have 2 power supplies...
<qman__> not using one voids warranties
<qman__> and fries chips
<DivineLight> does that prove my pc's terribleness
<DivineLight> my graphics card is sooooooo power hungry
<DivineLight> a 2004 server graphics card at a gis workstation
<qman__> I would never remove a heatsink from a chip to clean it
<qman__> that's just silly
<qman__> if anything, I'd shut down and use an air compressor
<DivineLight> well to blow out the heatsink i had to pull out the thing.
<qman__> or be careful with a vacuum
<DivineLight> if you could access the level and keep both toether that'd be great
<azteech> actually, removing the heatsink from a cpu isn't silly ... did it several times ... and today was the worst ... dust caked so thick under the base and around the cpu ... that had to be scraped loose ...
<qman__> yes, it is
<twb> Or just replace your server every five years
<qman__> the only time you should ever remove it is if you want to use a new heatsink or compound, or replace the chip
<qman__> it's somewhat risky and each time you do it you have to clean the chip with alcohol and use more compound
<azteech> removed the sink to do through cleaning .. and re-apply new compound ... hadn't been done in 5 years ...
<qman__> unless you used really, really cheap compound, you don't have to redo it at all
<azteech> qman ... it was factory ...
<qman__> factory is designed to last for decades
<azteech> I would agree, but in this case, the dust was so bad of a build up .. that getting to it .. meant also getting the old off ... and put on new ..
<azteech> chip was getting to the point of total burn-up .. and unless something was done it was gonna be gone ...
<qman__> nothing a blast of air won't clear
<azteech> the place where the dust was really bad was at the base up under it .. and around the chip itself ... had to remove the sink to get it out ... therefore breaking the seal on the paste ...
<azteech> and it was onle of the older style P4 fan systems that are both hooked and pressure ...
<azteech> so couldn't just blow it out ..
<qman__> don't have to get that out, as long as the fins are clear and getting airflow, it'll work
<azteech> been done several times .. and temps kept rising ... so, today ... took it totally apart and cleaned it good ... now temps are back to decent range ...
<azteech> okay ... let me get off here ... will see you all later ..night ...
<DivineLight> hhh
<DivineLight> this is pissing me off
<DivineLight> where'd the screw go
<uvirtbot> New bug: #591128 in lm-sensors (universe) "sensord cannot RRD log with multiple chips" [Undecided,New] https://launchpad.net/bugs/591128
<soren> Whuh? No ttx?
<kaushal> twb: hi
<kaushal> Thanks and appreciate it
<kaushal> I could resolve the ipp2p match module on iptables
<twb> kaushal: unless you want something specific, please don't greet me by name.
<kaushal> twb: ok
 * RoyK greets twb by his name
<twb> RoyK: plonk
 * RoyK has just decided to finally give up the attempt to use opensolaris for a host for virtual machines
 * RoyK gets out a CD to burn ubuntu lucid server
<kaushal> Are there good books to learn about ubuntu-server ?
<twb> The Ubuntu Server Guide
<kaushal> is it https://help.ubuntu.com/10.04/serverguide/C/index.html ?
<RoyK> yes
<ccheney> at hospital, wife having baby
<RoyK> with a laptop, chatting_
<RoyK> ?
<Daviey> ccheney: Awesome!
<Daviey> ccheney: If it's suitable, are you avaliable to upload your euca lucid sru.. or would you rather someone else sponsors it?
<Daviey> hmm.. it must be silly o'clock in the morning for ccheney?
<ccheney> yea no sleep for me  irc from iphone
<ccheney> this is one app the extra resoluyion would be helpful
<Daviey> ccheney: debuild from the iphone.. there MUST be an app for that :P
<Daviey> ccheney: Okay, is it ok to get your current branch sponsored?
<Daviey> ccheney: I'm guessing you are going to be afky for a while from today.
<ccheney> yea that is fine  the prob i was having yesterday appears to  e bad error hNdling in euca
<Daviey> :/
<ccheney> i filed a bug with most the findings
<Daviey> I read!  Good work
<ccheney> thanks i found a spot where to fix it i think but i dont know java well, so i
<ccheney> might have misread the code
<ccheney> ttyl
<e-DIO-t> hi there: does anybody knows why eth0.10 cointinues going UP at networking reboot [http://paste.ubuntu.com/446554/ < /etc/network/interfaces]?
<twb> e-DIO-t: you probably have NetworkManager installed.
<twb> It's designed to royally screw up any network you might have.
<e-DIO-t> guess nope: its a server install
<e-DIO-t> btw, on server reboot no more "cached" vlan interface...
<twb> e-DIO-t: is this a VM?
<e-DIO-t> yep
<e-DIO-t> Vbox
<e-DIO-t> so guess, it's a known-one is it?
<twb> Does vbox a persistent MAC across reboots?
<twb> udev will assign a different interface name if the MAC changes.
<e-DIO-t> ^_^ tnx
<uvirtbot> e-DIO-t: Error: "_^" is not a valid command.
<twb> Oh, ew.
<twb> So for the first time, I happened to boot 10.04 on a machine that actually had a GPU supported by this new fedora splash crap
<twb> It's all... magenta
<twb> Come on, man, I only just got used to 8.04 and you change the splash and GTK theme and colour pallette again?
<jpds> 8.04 was years ago.
<twb> My users are prisoners, so I don't bother to give them shiny/broken non-LTS releases.
<jpds> I meant years to get used to.
<twb> You know, Knuth only upgrades *his* system once a decade
<twb> So compared to that a two-year window is pretty small.
<twb> That and most of my gear doesn't run X, so it's not like it's in my face every day
<X-Sleepy-X> I have this laptop with wireless connection and I've installed LAMP on it. Now I would like for web server to be able to get online through the wireless without me having to login. Is this possible if I select "Available for all users" in the settings for the wireless network in the network manager?
<X-Sleepy-X> Or is there another way?
<twb> X-Sleepy-X: sorry, I don't support hosts running Network Manager
<X-Sleepy-X> :)
<twb> If it wasn't there, the normal way would be to configure /etc/network/interfaces with a plain roaming wpa-supplicant configuration, but that'll break your normal NM usage
<mase_home> isn't this ubuntu-server ?
<X-Sleepy-X> twb: ok
<twb> Erm, I'm assuming your laptop is a wifi client, not an AP
<X-Sleepy-X> yea
<X-Sleepy-X> it's just annoying having to login in order for apache to go online
<twb> The good news is you can probably get support for NM in another channel.
<twb> The bad news is that channel is probably #ubuntu
<X-Sleepy-X> twb: ok thx
<X-Sleepy-X> :)
<mase_home> heh
<X-Sleepy-X> twb: I've tested around a bit and the solution were to select "Available to all users".
<X-Sleepy-X> twb: So I though I would share that information... ;)
<twb> X-Sleepy-X: and did that work?
<X-Sleepy-X> twb: Yes.
<twb> Oh, I assumed it didn't, since you mentioned that early on
<X-Sleepy-X> twb: I just didn't know a way of testing.
<X-Sleepy-X> twb: But I then realized that I could try to connect with SSH by my cell phone.
<X-Sleepy-X> :)
<X-Sleepy-X> Anyhow, I'm off for yet another restart....
<zul> morning
<panfist> ubuntu-desktop's synaptic gui has a function to 'generate package download script'; is there something similar available in a terminal?
<remix_tj> while trying to install  lucid server on a xSeries 225 i get kernel panic... any suggest?
<panfist> did you verify the iso after you downloaded and burned it?
<twb> panfist: jigdo?
<twb> panfist: apt-walkabout?
<panfist> apt-walkabout sounds about right
<twb> Personally I found it a massive pain in the arse
<twb> It was easier to just post weekly rsyncdiff files of the mirror.
<panfist> what's your use case like...i'm trying to configure a server that's on the private side of an airgap
<twb> I have secure facilities that aren't allowed to be networked
<panfist> i think that means the same thing
<twb> I need to apply security updates to the servers and hundreds of workstations behind them
<twb> If there's only one host, it might simply be easier to do
<twb> apt-get install foo
<twb> ...then collect the failures into a list of URLs, wget them, put them in /var/cache/apt/archives, then re-issue the command.
<panfist> but isn't that only going to show you one level of dependencies? for example in my case, sudo apt-get install mediawiki depends on php5 and php5-cli...but what do those depend on?
<panfist> oh i guess it does show all dependencies...
<twb> Assuming you've got an accurate package listing on the offline side, it'll attempt to fetch all deps
<twb> It boils down to: is this a one-off, or a regular thing?
<panfist> i don't think it will happen too often, and if it does i'll probably just do a private repository (i think you suggested that before)
<panfist> maybe i'm being picky and i should just do it, but i'm trying to find a command that outputs the full url of a package, instead of the something like this "foo (1.1.1-ubuntu4.2 Ubuntu:10.04/lucid-updates)"
<panfist> something like http://us.archive.ubuntu.com/.../foo_1.1.1-ubuntu4.2.deb would be nicer
<panfist> got it
<panfist> nope nevermind
<JanC> panfist/twb: apt-get has an option --print-uris that will give you a list of download-uris instead of downloading & installing packages
<twb> I was just trying to find that one :-)
<JanC> it includes file sizes & hashes too, so should be easy to write a nice script around it (or one probably exists already)
<panfist> i was trying that and it wasn't working...it didn't work like this: '--print-uris install foo'; but it worked like this: '--print-uris --yes install foo'
<panfist> i guess it needed a little extra encouragement?
<JanC> you can run it as a normal user
<sommer> morning
<JanC> panfist, try: apt-get --print-uris -qq install foo
<JanC> then you only get the lines with the URLs
<ccheney> hggdh, headed off to bed, was up all night due to delivery, it appears that eucalyptus does not catch errors on creating volumes, at least if i understand the code correctly
<ccheney> hggdh, or rather it might catch it but does not do so correctly and does not appear to clean up afterwards
<ccheney> hggdh, getting to actually retry on transient locking issue seems rather hard due to the fact that lvm sucks
<ccheney> hggdh, it appears lvm always returns error code 5 for any kind of error, so you can't actually check the return code to do something sane
<ccheney> hggdh, i'm on paternity leave until june 18, but will probably be around and will also be available via email if needed for anything
<ccheney> Daviey, see above comments to hggdh also
<hallyn> if anyone has a bored moment and experience with half-failed (?) builds on launchpad, I'm trying to figure out the deal with http://launchpadlibrarian.net/49925137/buildlog_ubuntu-lucid-amd64.atlas_3.6.0-24ubuntu1%2Bregressiontest20100608_FAILEDTOBUILD.txt.gz
<hallyn> it claims debian/control failed, but I see nofailure in the log, and it did get uploaded to the ppa
<hallyn> (and a local build succeeded)
<panfist> ...after all the trouble, us.archive.ubuntu.com is down.
<diago> I'm trying to setup shared storage for KVM and am having issues finding good documentation on how to do so. Is the correct approach LVM used for guest hard drives over NFS or iSCSI?
<mase_home> diago, i guess you would probably want a SAN
<mase_home> rather than NFS
<mase_home> iSCSI would do that
<mase_home> so LVM should work
<mase_home> or ATAOE
<mase_home> with rather than or
<diago> Yeah, I can't see how NFS would work in this situation
<mase_home> or was in relation to iscsiu
<diago> hmmm not familiar with ATAOE I will look into it. Thanks
<diago> I think I'll stick to iSCSI though it appears ATAOE is faster. It seems more standardized.
<amstan> hello, does anyone have any guide that was tested on how to setup suphp or suexec in ubuntu?
<X-Sleepy-X> So I get the error message that apache could not determine the fqdn when it starts and I've used to solve this by entering something in my /etc/hosts file but I think I read something somewhere that suggested another solution so now I'm confused. What is the correct way to solve this error message?
<amstan> X-Sleepy-X: http://www.howtoforge.com/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-2-p3
<amstan> do the 4 lines starting with echo server1.example.com > /etc/hostname
<amstan> actually.. follow pretty much everything on that page that's related to network config and hostnames
<X-Sleepy-X> amstan: thanks :)
<kpettit> anybody noticing slow ubuntu package repository servers today?
<Pici> Yes. You're not the first to report such an issue.
<kpettit> any recommended mirrors?
<T3CHKOMMIE> hey guys...
<T3CHKOMMIE> got a quick question about virtual box and ubuntu server
<pmatulis> kpettit: closest to you
<kpettit> :)  thanks.  Seeing what I can find online.  I'm in USA, Houston
<DBeets> T3CHKOMMIE: what's the question?
<Pici> kpettit: Check https://launchpad.net/ubuntu/+archivemirrors
<T3CHKOMMIE> i have nightmares of my server crashing....
<kpettit> thanks Pici
<T3CHKOMMIE> my hardware doesnt support hypervysors.. but... could i run server from VB and back up the vdi?
<T3CHKOMMIE> would that be a decent practice?
<T3CHKOMMIE> anyone?
<DBeets> T3CHKOMMIE: i'm not sure what you're trying to accomplish. are you teying to run vb on ubuntu server?
<diago> T3CHKOMMIE: you can't back up the vdi while running
<T3CHKOMMIE> no,
<diago> if you use LVM you could take snapshots
<kpettit> what is "VB"
<diago> virtual box
<T3CHKOMMIE> so im trying to get accurate fast recoverys... we have an OLD server
<kpettit> oh, with virtualbox I do snapshots nightly
<kpettit> snapshots are nice, they are very quick
<T3CHKOMMIE> let say i run ubuntu on my servers hard ware...
<kpettit> then I do full-backup one weekend
<T3CHKOMMIE> then i run ubuntu server from virtualbox, and back up the HOLE vdi
<diago> kpettit: are VB snapshots the entire system?
<diago> I thought that was only for recoverable errors
<kpettit> snapshots are whatever is changed.  kind of like a diff
<T3CHKOMMIE> then... system crashes... reinstall ubuntu.. install VB... upload server .vdi
<T3CHKOMMIE> any ideas?
<kpettit> diago, I use snapshots alot for windows dev stuff.  I set a snapshot, load lots of crap software and go back to snapshot to get prestine system
<T3CHKOMMIE> as far as i understand ubuntu VB and all that, i think it would work.. but im still new at this :S
<kpettit> I do snapshots before I load anything basically.  Works nice to go back quickly
<diago> kpettit: right to go back, but I think he wants full backups of the system
<T3CHKOMMIE> diago, thats correct.. like copies of the Virtual Disk Image.
<kpettit> I'm not sure the best way to do full backup's.  The best way I've found is to pause then copy VB setup
<T3CHKOMMIE> kinda like making a swappable hdd backup? i guess?
<diago> T3CHKOMMIE: the only way to do it live is LVM snapshots
<diago> for what I understand
<kpettit> I know trying to copy a running system doesn't work to well.  But you can do snapshots to get a live system or pause it to do the full backup's
<DBeets> is that possible whi
<T3CHKOMMIE> gm. LVM im trying to learn that stuff...
<kpettit> Have a SAN or filesystem take care of backing up the files is the only other option I can think of to get a good copy of a running system
<T3CHKOMMIE> is LVM kinda like volume shadow copy?
<kpettit> http://en.wikipedia.org/wiki/Logical_Volume_Manager_(Linux)
<kpettit> I haven't done much with LVM stuff myself though, always drove me nuts
<T3CHKOMMIE> im trying to do a whole system backup... so in the event of a catastrophic failure, i can simply upload a file.. boom, everything back where its supposed to be, and everything still configured.
<T3CHKOMMIE> any ideas?
<T3CHKOMMIE> i dont mind taking the system down for an hour or two on the weekend and doing a back up.
<kpettit> if the system you are wanting to backup is a VirtualBox server that's pretty easy then
<kpettit> Just pause it, copy the files to where you want them to go.  That's it.
<T3CHKOMMIE> and thats going to be the entire system?
<T3CHKOMMIE> right?
<kpettit> The entire VirtualBox image.  Just make sure you get all it's files.  Each server can have multiple disks.
<kpettit> Usually the config files are in $HOME/.VirtualBox and those files will show the disk images it's using and their locations
<kpettit> For me, I do snapshots nightly, then do a full-backup using rsync on the weekend's
<T3CHKOMMIE> and its pretty reliable? our server here gives me nightmares.
<kpettit> it has been for me.  I moved to VirtualBox becuase I couldn't get VMWare to work consistentaly.  VirtualBox has been very good for me.  Snapshots have been awsome.
<T3CHKOMMIE> sweet
<T3CHKOMMIE> and what host are you running it from?
<kpettit> My big problem child one is a Win2003 server that I used vmware tools to convert from a real server to a vmware image.  But vmware itself couldn't run it for more than a couple hours at a time without crashing.
<kpettit> But virtualbox worked great with it.
<kpettit> it's been running in production now for 3-4 months now.  no problems.
<T3CHKOMMIE> ah... that sucks. im thinking of running vb on my 2003 server.. then slowly making everything a vdi and running it virtually from the same hardware...
<T3CHKOMMIE> so good to hear kpettit. thanks!
<kpettit> I haven't used VB server on windows so much, but on linux it's great
<diago> we run KVM and VB here. VB for winblows KVM everything else
<diago> VB on windows is weird but it seems to work fine
<kpettit> Windows's guest OS"s work great.  I use Win7, WinXP, and WIn2003 quit a bit.  Like I mentioned I converted a real running win2003 server to a guest os that now runs inside of Virtualbox
<T3CHKOMMIE> how easy is kvl to implement and deploy?
<T3CHKOMMIE> kpettit, how did you convert a real imaged to a vdi?
<diago> KVM? You need virt technology on your CPU to use KVM
<kpettit> there was a vmware free tool to do it.
<T3CHKOMMIE> ah gotchya.
<kpettit> http://www.vmware.com/products/converter/  is what I used.
<kpettit> funny thing was is the image it created didn't work reliably on vmware server, but did in virtualbox.
<T3CHKOMMIE> kpettit, thanks! ive messed things up accidentaly too any times, and i really need to learn snapshot stuff and recovering... doing a full reimage after i chmod the wrong folder is really starting to get old :S
<kpettit> for learning it's I'd recommend doing a image, copying it around.  Doing snapshots and such just to understand it all.
<T3CHKOMMIE> kpettit, thanks, im setting up my virtual server right now.
<kpettit> Takes a bit to learn the way they do things.  Ohhhh I realy love there cli remote desktop though.  Lets you RDP into any system you run
<aurigus> I've been running VirtualBox Win2008 server guest (CentOS host) for about a year, its been really stable
<T3CHKOMMIE> aurigus, thats awsome! how do you back it up?
<aurigus> backups! what backups!
<aurigus> this is just an experimental server so I dont have backups
<T3CHKOMMIE> ah ok
<aurigus> but I imagine I would do a snapshot daily
<alket> I have set up a local server but i want to create ssh users like alket@myip.com how to do that ?
<aurigus> although it would use a lot of space and generate a lot of transfer
<aurigus> VBoxHeadless is great though
<kpettit> alket, https://help.ubuntu.com/community/AddUsersHowto
<T3CHKOMMIE> vboxheadless?
<aurigus> Its a centos box w/o gui, so you use that to control the VM
<alket> thank you kpettit
<kpettit> T3CHKOMMIE, vboxheadless is it.  You can start a image from the cli, the RDP into it.
<kpettit> very nice, lets you see if there are any bootup problems.
 * T3CHKOMMIE is confused now.
<aurigus> yes its nice to have rdp for emergencies
<kpettit> Normally on a remote windowsw machine you can only RDP into it if it's up and running correctly.  Network is setup right, etc.
<T3CHKOMMIE> i love CLI, and thats why ive been sticking with ubuntu so much. but how do you opperate vb in cli?
<kpettit> with virtualboxheadless it basically wraps RDP arround it.  So you can RDP into the booting up image and see it bootup.  So even if there were network issues with your image, or some boot issue (checkdisk) or whateve ryou can see what's going on
<aurigus> yes, you are basically RDPing into the 'server' and not the 'OS'
<T3CHKOMMIE> AH... like when its taking 50+min to checkdsk and you think you killed your server
<aurigus> that is the method you can use to do the install too, since you don't have an OS yet
<T3CHKOMMIE> aurigus, ah, i see rdping into the "server" not the os.. so will it show the slash screen as well?
<aurigus> yup
<T3CHKOMMIE> and im assuming that this is benificial cus you dont have to run the vb gui to see it all happen?
<aurigus> right, so you save on overhead of running xwindows
<aurigus> also in theory you could script everything out and make automated deployment
<T3CHKOMMIE> awsome.
<aurigus> but if you are just getting into it, just experiment with it to see how you like it
<kpettit> T3CHKOMMIE, yes.  And if you are doing this remotly it still allows you to see the guest OS gui, even if network is hosed or other bootup problems exist on the guest
<T3CHKOMMIE> man, i gota learn more of this. you know of any good wikis or tutorials on that stuff?
<kpettit> trying to find the cli referance for ya
<aurigus> the VirtualBox website has a nice reference on it
<T3CHKOMMIE> is it possible to ssh -x11 with vbox headless?
<T3CHKOMMIE> or are those two different beasts?
<kpettit> http://www.ubuntugeek.com/how-to-control-virtual-machines-virtualbox-using-vboxmanage.html
<kpettit> They are different, but you can ssh -X then start VirtualBox to see the normal GUI
<T3CHKOMMIE> thanks kpettit
<T3CHKOMMIE> awsome
<aurigus> Here is the 'manual' http://www.virtualbox.org/manual/ch07.html
<T3CHKOMMIE> awesome thanks so much for the help!
<T3CHKOMMIE> gotta love the opensource community!
<T3CHKOMMIE> well, looks like ive got some reading to do. thank again, ill probably be back on here soon!
<corporatecookie> im looking for Ubuntu's equivalent of the failure function found in Redhat's /etc/init.d/functions anyone know where it could be hiding ? : )
<sterz> hi
<sterz> how can i check if my ethernet is gigabit?
<sterz> with lspci
<uvirtbot> New bug: #591286 in php5 (main) "PHP Deprecated:  Comments starting with '#' are deprecated in[...] on line 1 in Unknown on line 0" [Undecided,New] https://launchpad.net/bugs/591286
<hggdh> spineau: ping
<jdstrand> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
 * kpettit likes webmin  :(
<nxvl> mathiaz: ping
<spineau> hggdh: pong
<corporatecookie> looks like I found my answer! log_failure_msg : )
<hggdh> spineau: how are things going now?
<spineau> hggdh: good since I'm now able to launch instances
<mathiaz> nxvl: hi - o/
<hggdh> spineau: :-) how did end the issue you were discussing with ttx?
<nxvl> mathiaz: does puppet has a web interface? it doesn't right?
<mathiaz> nxvl: look up puppet dashboard
<mathiaz> nxvl: or the foreman
<mathiaz> nxvl: http://theforeman.org/
<spineau> hggdh: the nc log were plenty of errors, one mentioned kvm but vt extensions were enabled
<spineau> hggdh: and finally it was not this error msg that breaks the starting process of my instances
<nxvl> mathiaz: great, thanks!
<spineau> hggdh: my eucalyptus.conf (on the NC) was corruptus each time I restarted eucalyptus
<hggdh> spineau: ?? how? Did you find out?
<spineau> hggdh: I found a sed command in this file acting on the value VNET_BRIDGE
<spineau> hggdh: I cleaned the file and now its working (again)
<hggdh> spineau: weird. Let me check mine
<hggdh> spineau: in /etc/eucalyptus/eucalyptus.conf?
<spineau> hggdh: yes on the NC
<spineau> hggdh: I still wonder if it's a process or a user that was doing this
<hggdh> spineau: weird. I do not have it, I do not think this is created by install
<hggdh> spineau: euca logs a *lot* of error messages, most do not impact us
<hggdh> spineau: *why* log an useless error, I do not know
<zul> ttx: ping have you uploaded something for the krb5 sru?
<ttx> zul: yes
<zul> ttx: has it been accepted yet?
<ttx> I don't think so, lemme check
<ttx> Fix uploaded to lucid-proposed, ACKed from ubuntu-sru
<zul> k
<ttx> not AA-processed yet
 * hggdh gntly nag zul re. the samba apport hook
<zul> hggdh: yep its on my radar for today
<hggdh> roj
<spineau> hggdh: I'm trying to get camucamu up but it seems (according to IS) that eucalyptus is blocking eth0 at startup and finally it is not pingable
<spineau> hggdh: I have no idea what because I'm not familiar with eucalyptus. There's a bridge configured in interfaces and something is firing ifconfig to bring up a firewall, but I can't find what's firing ifconfig.
<hggdh> spineau: do you have access via a serial console?
<spineau> hggdh: via kvm
<hggdh> spineau: is camucamu another box in the test rig (I did not know about it)?
<spineau> hggdh: yes, normally it's another nc, according to tasksel menu
<hggdh> spineau: what is the IP address? I am adding it in my .ssh/config
<spineau> hggdh: 10.189.84.154
<kaushal> hi
<incorrect> hi i know i keep asking, but would people suggest their favourite local ubuntu VPS provider
<hggdh> spineau: give me 5, have to reboot
<spineau> hggdh: oups
<diago> I configured an iSCSI target and have a client that sees the drive as /dev/sde . I want my KVM machine to use those as the drives. Is it safe to use them as /dev/sde or should I be using UUIDs?
<pmatulis> diago: you should use iSCSI the way you use any block device IMO
<diago> I just read "Paths like /dev/sda, /dev/sdb, etc are not a good choice because they are not stable across reboots, or across machines in a cluste"
<pmatulis> diago: if it makes you feel better, i use UUIDs for iSCSI devices.  never had a problem
<diago> pmatulis: ok, I think I may be going about this wrong anyway. Ultimately it's for KVM but it looks like KVM can manage iSCSI itself
<pmatulis> diago: iSCSI targets are exposed locally as block devices, just like your internal drives
<diago> Right, but how would I configure a KVM .xml file to use a UUID?
<pmatulis> diago: do you use UUIDs in other xml files?
<diago> pmatulis: currently I am using qcow2 images and that is all I have ever used
<diago> it looks like (from reading anyway) I just use /dev/disk/by-path
<pmatulis> diago: http://www.libvirt.org/formatstorage.html
<kpettit> can anybody recommend a good FTP server that will let me specify virtual users in a text file?
<diago> oh cool, thanks pmatulis
<kaushal> hi
<kaushal> just curious to know about searching on ubuntu server mailings lists archives
<kaushal> how do i search any topic ?
<kaushal> https://lists.ubuntu.com/archives/ubuntu-server/
<corpse> is it possible to download from a web browser to a folder on a fileserver?
<webPragmatist> we have landed a man on the moon
<webPragmatist> so I could see that being possible
<webPragmatist> unless you think that's a conspiracy...
<kaushal> can someone comment on https://lists.ubuntu.com/archives/ubuntu-server/2010-June/004297.html ?
<pmatulis> the flag wasn't waving!
<pmatulis> sorry, it *was*
<webPragmatist> woh
<corpse> i think the conspiracy of it being a conspiracy is a conspiracy...
<corpse> brb black hellicopter flying by
<pmatulis> black helicopter???  another conspiracy thing?
<corpse> lol yeah
<linxeh> is there any CA management software in the repos? eg webbased that can issue certs from a CA etc ?
<corpse> so how could i go about mounting my fileserver so i can see it when browsing for a download location? It shows it as mounted in my window sidebar but i can not find the folder when i try to browse to it
<corpse> i am also trying to mark it as a shared folder for a vm OS
<mathiaz> linxeh: xca is an option I use sometime - it's not webased though
<linxeh> hmm
<linxeh> I need something that is relatively easy to use for a non-unix person to be able to issue new server and user certs, and probably remotely too
<linxeh> eBox has a CA module, but I dont want to install that if I can help it
<kaushal> checking in again for my query ?
<ZenMasta> I have a clean install of 10.04 and when I use aptitude I get a segmentation faulty tree. I've searched the forums but the suggestion to clean the cache does not work
<X-Sleepy-X> ZenMasta: do you get it with apt-get aswell?
<pmatulis> there was a lot of aptitude segfaults during beta
<ZenMasta> Sleepy it does not give the segmentation fault but gives a similar message about dpkg was interrupted
<kaushal> checking in again for my query ?
<alex88> hi guys, i want to install a http proxy... what software can i use?
<alex88> *should
<jpds> alex88: Squid?
<alex88> jpds: isn't it a socks server? :/
<alex88> or can i set as http server?
<alex88> i'm talking about the firefox proxy settings
<zul> hggdh: ping i did the review and it looks ok. I just had to fix up the changelog just a bit
<jcastro> zul: do you have a list somewhere of everything you're making nightlies of?
<zul> jcastro: the daily-vcs-builds for spec for lucid
<jcastro> ta
<zul> jcastro: but right now they are disabled because im switching them over to launchpad eventually
<jcastro> right
<jcastro> I am just putting them all on a list
<hggdh> zul: thank you. What should I do now?
<jcastro> zul: and you name all the ppa's "edgers" right?
<hggdh> ccheney: ping
<zul> jcastro: correct
<zul> hggdh: nothing...im uploading as we speak
<hggdh> zul: thank you
<hggdh> ccheney: by default the maximum space one can allocate on euca is 50G. You can change it on the web interface
<hggdh> zul: btw, should I prepare also a Lucid branch?
<zul> hggdh: do you think its worth while to do an sru for it?
<hggdh> zul: I am not sure. I think it is possible a lot of people have not upgraded yet, and this would mostly target new upgraders
<zul> hggdh: bring it up at the SRU part of the meeting today
<hggdh> zul: ack
<ccheney> hggdh: yep i found that out, the problem i saw (i think) was that createLogicalVolume can throw but it is not try'd
<ccheney> hggdh: and if it does fail euca does not unwind the changes (i believe that is proper term) in any case it does not clean up after itself
<hggdh> ccheney: so the plot thickens :-(
<smoser> hggdh, regarding "butterfly", i thought your ~o~ looked like : http://www.zimbio.com/pictures/fDpxr74q8-g/Olympic+Team+Trials+Swimming+Day+3
<smoser> Daviey, what is "doesn't work"
<ccheney> hggdh: i think createLogicalVolume probably needs to have try catch blocks inside its own function and then another try catch in the function calling it as well
<hggdh> smoser: it is actually freestyle, you can see my left arm in front
<smoser> is this just the kvm kernel regression from lucid of last week ?
<ccheney> hggdh: because each call inside createLogicalVolume can also throw
<hggdh> ccheney: ack. I wonder why the developers did not do it -- it should be quite obvious errors could happen
<Daviey> smoser: kernel bug with a Java library
<Daviey> Image doesn't get transfered to the NC
<ccheney> hggdh: yea, also on top of all of this mess is the fact that lvm executables return very poor error codes, it seems pretty much "5" or nothing
<ccheney> hggdh: and it returns a 5 for transient issues as well
<ccheney> hggdh: redhat is working on liblvm to resolve some of that mess i believe
<ccheney> hggdh: which is in lvm2 source and packaged by debian in the current version in sid
<hggdh> ccheney: yes, sa your posts earlier today
<ccheney> hggdh: http://pastebin.ubuntu.com/446758/
<smoser> Daviey, so this is a kernel bug ?
<Daviey> smoser: yah
<ccheney> hggdh: each of those functions can throw executionException but it is not in try blocks
<smoser> what bug number ? i'm just curious now
<smoser> java and kernel bug
<Daviey> smoser: changing pc, one mo
<ccheney> hggdh: and if i understand the caller function correctly it only cleans up after itself if the next function after createLogicalVolume fails, but i believe if this one does it bombs out and doesn't clean up
<hggdh> ccheney: this is really bad, each step depends on the previous, and any can fail
<Daviey> smoser: bug #588861
<uvirtbot> Launchpad bug 588861 in linux "Instances block in pending state, and don't start" [High,Triaged] https://launchpad.net/bugs/588861
<Daviey> Impossible to start ANY instance
<ccheney> hggdh: i'm a bit rusty on java and exception handling in general but i think i remember how it works :)
<Daviey> so UEC is quite, er, wet in maverick atm
<hggdh> ccheney: if you are rusty you are better than I am... hated the whole java thingie ;-)
<ccheney> hggdh: iirc a function which throws immediately interrupts the execution of the rest of the code after it and it goes to the nearest catch block it is inside (more or less)
<ccheney> hggdh: if that is correct then yea they don't handle this issue at all
<Daviey> smoser: Following up on the kernel teams triaging status later today
<ccheney> hggdh: it does catch executionException but in a useless way for the bug we are seeing
<hggdh> ccheney: this is how I remember it. But, still, we are left with pieces
<zul> hggdh: uploaded thanks
<ccheney> hggdh: this is one of the catch blocks it is in: http://pastebin.ubuntu.com/446761/
<ccheney> hggdh: if it failed at exportVolume it would be cleaned up, but they forget to do anything about it if createLogicalVolume fails
<ccheney> hggdh: what is somewhat odd is the error message I get doesn't match up with that string at the bottom, it might get overwrite before it goes to the log file though, i'm not sure
<hggdh> ccheney: two different exceptions
<ccheney> hggdh: what i actually see in the log is:
<ccheney> 22:29:24 ERROR [BlockStorage:pool-10-thread-1] com.eucalyptus.util.EucalyptusCloudException: Unable to create volume group vg-ZR5Pvg.. for /dev/loop10
<hggdh> ccheney: probably because of the throw at the end of the block?
<ccheney> hggdh: that is the proper exception message from createLogicalVolume but not sure why the "Unable to run command:" is not in the log
<ccheney> hggdh: yea
<ZenMasta> I get a Segmentation faulty tree 50% when I use aptitude/apt-get (new install of 10.04)
<hggdh> ccheney: I think ExecutionException would only be thrown if the command failed to execv
<ccheney> hggdh: maybe so i haven't looked closely enough to determine how its getting caught
<ccheney> hggdh: actually you are probably right that it isn't going to that catch block, BlockStorage has a generic catch block after running the code that would log it
<ccheney> hggdh: http://pastebin.ubuntu.com/446764/
<hggdh> ccheney: yeah, and this is a generic catch
<ccheney> hggdh: if no one tries to fix it before me i may work on it when bored on my leave :)
<hggdh> ccheney: you *are* on leave, right?
<ccheney> hggdh: yea i think the generic catch would probably cause it to show up right in the log
<ccheney> hggdh: yea
<ccheney> at the moment i'm just sitting at home after being woke up by a severe storm in the area
 * ccheney will be back up to the hospital in a few hours
 * ccheney thinks he may try right now, nothing else to do, heh
<hggdh> ccheney: OK. Take care of the family :-)
<ccheney> what is the proper way to update a branch that has been integrated, eg lucid-proposed vs my lucid-sru branch for euca
<ccheney> should i bzr pull --overwrite or bzr merge?
<ccheney> it looks like overwrite might be the proper way since its not listed as a merge on lucid-proposed
 * ccheney just did an overwrite, probably not a big issue
<ccheney> hmm no that is not the right answer, heh
<mathiaz> SpamapS: what's a bug number you're asking for sponsorship (one of your sync/merge)?
 * ccheney found the right way :)
<SpamapS> bug #589566
<uvirtbot> Launchpad bug 589566 in mongodb "Please merge mongodb 1.4.3-1 (universe) from Debian unstable (main)" [Undecided,Confirmed] https://launchpad.net/bugs/589566
<SpamapS> also bug#586613
<RoyK> sorry if this is an faq, but is there a gui to view KVM-based VMs?
<soren> RoyK: Sure.
<soren> RoyK: virt-manager or virt-viewer.
<RoyK> ah, virt-manager
<RoyK> forgot about that
<soren> Or virt-viewer.
<RoyK> just reinstalled my box from opensolaris to something useful (lucid)
<RoyK> bloody vbox was crashing osol so often the people hosting my server got tired of restarting it
<RoyK> so moving to something real open now
<RoyK> replaced a pair of 320gig drives with two 1,5TB drives, connected the 3ware card, installed Lucid and testing now - this better be a wee better than osol and vbox (and xen, which is horrible to configure for anything but hvm, which sucks I/O-wise)
 * ccheney thinks he is missing part of the puzzle on this euca bug
<smoser> mathiaz, ScottK, I was following the -backports (I think).  I opened bug 589214 and bug 589211 .  Do either of you see anthing that i've done wrong, or know what to expect next ? I think i've done as much of https://help.ubuntu.com/community/UbuntuBackports#Backport Process as I really could.
<uvirtbot> Launchpad bug 589214 in lucid-backports "backport maverick ec2-ami-tools to lucid" [Undecided,New] https://launchpad.net/bugs/589214
<uvirtbot> Launchpad bug 589211 in karmic-backports "backport maverick ec2-ami-tools to karmic" [Undecided,New] https://launchpad.net/bugs/589211
<EtienneG> I have the nagging feeling i already asked, but here it is again: in UEC, to register an SC, you need to run "euca_conf --register-nc ..." on the CLC.  This mean the CLC has to be able to reach the SC, right?  Collateral: the SC, unlike the NC cannot be on a private network (along with the NC and the private interface of the CC) that is not reachable from the outside; ie, not reachable from the CLC?
<EtienneG> mathiaz, ^^^ perhaps you know about that
<mathiaz> EtienneG: isn't the SC only dealing with the CC?
<EtienneG> mathiaz, that is my understanding, but you need to register it from the CLC
<EtienneG> hence it needs to be reachable from the CLC, at least for the registration
<mathiaz> EtienneG: if the CLC needs to know about the SC then yes the CLC and the SC need to be able to talk to each other :)
<EtienneG> mathiaz, ok ...
<EtienneG> I am perplexed
<EtienneG> mathiaz, thanks for the info
<hggdh> EtienneG: why
<webPragmatist> is it possible to just delete all the crm resources and start over :(
<EtienneG> hggdh, because I have to implement a topology where the SC is on a private network with the NC and a the private CC interface
<hggdh> hum
<EtienneG> hggdh, and it just do not make any sense to me
 * hggdh goes digging
<EtienneG> that the CLC would need to talk to the SC
<hggdh> no, it does not make much sense
<ZenMasta> I get a Segmentation faulty tree 50% when I use aptitude/apt-get (new install of 10.04)
<EtienneG> perhaps we can manually exchnage keys, but then, how do make the CC notice that it need to make use of the SC?
<hggdh> EtienneG: yes, the SC needs to be reachable by the CLC
<EtienneG> hggdh, well then, so be it.  what make you so confident in the answer?
<EtienneG> is it documented somewhere, ro somesuch
<hggdh> EtienneG: man euca_conf ;-)
<EtienneG> hggdh, I see you have jedi power!
<EtienneG> I am actually shocked euca_conf has a man page at all :)
<hggdh> EtienneG: http://pastebin.ubuntu.com/446793/
<EtienneG> hggdh, that is about the CC
<hggdh> heh. I *remember* having to manually register an SC when I missed setting up the keys
<hggdh> EtienneG: no, you *need* a CC also (because the CC/SC are the ones to actually talk with the NCs)
<hggdh> this is about CLC and SCs
<hggdh> EtienneG: bloody hell
<hggdh> EtienneG: yes, you are right
<hggdh> the SC registration is done at the CLC, but it is the CC that talks with the SC
<EtienneG> hggdh, yep, there we are
<EtienneG> ok then
<hggdh> so it should work
 * hggdh makes a note to read the whole thing before announcing it
 * ccheney is about to test if euca is as screwed up as he thinks :)
<DecryptedChaos> i got a big issue, this is a unusual request. but for some reason i can't get to SSH on my ubuntu server anymore the router is blocking the port for some reason, so my question can i easily exploit a service to gain root and change the ssh port
<pmatulis> DecryptedChaos: no
<DecryptedChaos> so theirs nothing i can do?
<uvirtbot> New bug: #591413 in ipmitool (universe) ".diff file leaves doesn't change timegm to gmtime on line 6782" [Undecided,New] https://launchpad.net/bugs/591413
<pmatulis> DecryptedChaos: i would investigate why suddenly the connection is no longer possible
<DecryptedChaos> well the portscan show that 22 is no longer open but that dosen't make sence because that machine is phyically open to the interent all ports
<DecryptedChaos> 80, 53, 21, 3306 all remain open
<pmatulis> DecryptedChaos: and who manages this router/firewall?
<DecryptedChaos> its my equipment but its located far away and im trying to avoid going to phyically fix it
<pmatulis> DecryptedChaos: someone either changed the f/w rules or turned off the ssh daemon on the server.  seems weird if it's your equipment
<hggdh> ttx: ping
<ttx> hggdh: pong -- but on a call
<DecryptedChaos> the werid part is that i lost access to the router at the same time as ssh it still works i just can't get into either of them for management
<hggdh> ttx: when you can -- why did you put the samba apport hook back in progress?
<ttx> hggdh: we changed the blueprint at the same time
<RoyK> damn - installing a vm on kvm now - looking good - looks FAST
<diago> KVM rules
<hggdh> ttx: ah, OK.
<ttx> hggdh: I just switched assignee to zulcss so that the spec shows up on our tracker
<DecryptedChaos> i guess my only option is get either go to the site or get someone thats on-site to open a vpm for me to get access to the network?
<RoyK> hm...
<RoyK> I installed kvm and all - it seems to have created a virbr0 interface - is this usable for bridging?
<soren> RoyK: sort of.
<RoyK> sort of?
<soren> RoyK: It's a bridge libvirt uses to connect NAT'ed VM's to the network.
<RoyK> ok, so for bridged networking, I need to do it manually?
<soren> RoyK: fsvo manually, yes.
<RoyK> fsvo?
<soren> For some values of.
<RoyK> as in edit /etc/network/interfaces etc?
<DecryptedChaos> i have another question.. why did ubuntu rip xen dom0 support my server dosen't have VT support and i tried to get xen dom0 running without luck because ubuntu removed dom0 i have been forced to use VMware Server and its terioble
<soren> RoyK: Yes.
<soren> DecryptedChaos: Because Xen is an absolute nightmare to maintain.
<DecryptedChaos> works loads better than VMware server and in that account i belive it was worth keeping
<DecryptedChaos> if not then kvm guys need to implementy PV
<soren> Not going to happen.
<DecryptedChaos> well thats redicilus
<soren> It's really not.
<soren> Xen is not a nightmare to maintain because their developers are idiots. Because they're not. It's a nightmare to maintain because it does what it does. Making someone else do the same, but starting from scratch is also going to be a nightmare.
<DecryptedChaos> im my prospective it is, because it forces guys like me with slightly older hardware to either use some crappy platform or pay thousands upgrading my hardware
<wng-> Guys, i followed the instructions in the Ubuntu server guide in 10.04 to enable IP Masquerading, now I can't ssh into my machine? how can i enable this?
<soren> Yes. That was the case before as well. The crappy platform was just Xen instead of vmware.
<DecryptedChaos> let me ask you this about xen though the only problem i ever had with it. ( i installed it on top of CentOs jut to test) the vms ran great however would spike up to 20,000ms ping why did that happen?
<wng-> okay, well i figured out using ufw allow 22 worked
<wng-> but now i can't ssh within my local network
<soren> DecryptedChaos: Because it's a nightmare to maintain.
<soren> Probably.
<soren> Or a corrollary of that.
<RoyK> ok, got the bridge up (serial console is nice when not on-site)
<soren> or ssh.
<RoyK> ssh when configuring a bridge can be troublesome if you do something bad
<DecryptedChaos> i wish i could FTP as root by default because i could edit the ssh config problem solved
<webPragmatist> uh
<soren> RoyK: Ah, point.
<webPragmatist> who's in charge of this v
<webPragmatist> https://wiki.ubuntu.com/ClusterStack/LucidTesting#Overview
<soren> webPragmatist: You are now, because you asked.
<webPragmatist> "resource-stickines="100"
<webPragmatist> stickines?
<webPragmatist> okay
<RoyK> works like a dream :)
<soren> adhesiveness?
<webPragmatist> typo?
<soren> webPragmatist: Does it not work?
<RoyK> damn - kvm rocks - ubuntu rocks
<soren> webPragmatist: And does it work if you correct the spelling?
<wng-> Can someone give me some pointers, I have a headnode running dnsmasq acting as a dns/dhcp server to 8 nodes, i had them all up, but they werent going out so I enabled IP Masquerading, following the server guide, now I can't ssh within my nodes...
<RoyK> I've been trying to run this shit on opensolaris for some time just to have zfs snapshotting etc, and this is a wee bit easier
<soren> webPragmatist: If you can answer affirmatively to both questions, then yes, it's likely a typo.
<webPragmatist> you are smart
 * soren does try
<soren> webPragmatist: I assume you're asking because it doesn't work?
<webPragmatist> no actually i'm asking because i noticed it
<DecryptedChaos> why does this room have no ops at all lol i just noticed that
<webPragmatist> DecryptedChaos: it probably does just not "opped"
<RoyK> no reason to have visible ops around - they op when they need to
<soren> DecryptedChaos: ChanServ managed channels rarely have people who are OP'ed all the time.
<soren> DecryptedChaos: We get OP'ed when we need it and drop them again. It's like sudo for irc :)
<wng-> Can someone give me some pointers, I have a headnode running dnsmasq acting as a dns/dhcp server to 8 nodes, i had them all up, but they werent going out so I enabled IP Masquerading, following the server guide, now I can't ssh within my nodes...
<DecryptedChaos> lol yeah. im a old school irc admin irc has changed a lot since i was big in it
<STF> hi
<STF> how can i create a startup for any programm?
<RoyK> create a startup?
<STF> autorstart
<STF> sry
<RoyK> se /etc/init.d/skel
<DecryptedChaos> your gonna probably need to write some bash script to execute it
<RoyK> see, even
<RoyK> copy the skeleton script to /etc/init.d/yourprogram, link to it from /etc/rc2.d
<webPragmatist> it's also mispelled here http://clusterlabs.org/wiki/Dual_Primary_DRBD_%2B_OCFS2
<webPragmatist> huh?
<webPragmatist> poop
<RoyK> and of course, change the yourprogram file
<STF> okay
<STF> hm
<ccheney> hggdh: i see why i was confused, they call the exit value of a process in SystemUtil.run() 'pid'
<STF> i try it
<hggdh> ccheney: er, what? a pid is not a pid but the RC?
<ccheney> hggdh: yea brain damage
<wng-> Can someone tell me how to enable ip masquerading on a local network without disabling ssh within the network?
<ccheney> hggdh: i had to lookup the java lang ref to see what it should be returning
<hggdh> heh
<ccheney> hggdh: http://pastebin.ubuntu.com/446805/
<ccheney> hggdh: pid there is rc
<RoyK> wng-: it should be trivial - just google for iptables masquarding
<wng-> RoyK: each time i follow the server guide it disables ssh within my nodes
<DecryptedChaos> anyone here use ClearOs Enterprise?
<soren> webPragmatist: I don't know if it's misspelled. Try it. :)
<ccheney> hggdh: which made sense considering they threw execution exception, but i was wondering why how a pid could be non zero and bad :)
<RoyK> wng-: just don't turn on ip filtering
<RoyK> at least for a start
<hggdh> ccheney: yeah. OTOH, it *does* throw an ExecutionException
<hggdh> which -- IIRC -- we did not see
<mushroomblue> so I have SSH setup with key-based authentication. copied the ssh key to the remote server, and was able to ssh into it. once I reboot the remote server, I get "permission denied (publickey)" until I restart sshd. any ideas?
<hggdh> ccheney: so, I wonder what, exactly, are the returns from Process.waitFor()
<ccheney> hggdh: on top of that it appears to call the stdout returnValue if i understand what it is doing
<wng-> RoyK: hmm, i think it actually screwed with my NFS mounted home, so the sshd's on the nodes don't see authorized_keys
<ccheney> hggdh: http://java.sun.com/javase/6/docs/api/java/lang/Process.html
<Hypnoz> has anyone ever tried to tar -x a file with http path like http://ip/file.tar?
<ccheney> hggdh: return of waitFor() is exit value
<ccheney> hggdh: so basically $?
<Hypnoz> seems i have to wget first, then tar -x...
<hggdh> ccheney: yeah, OK, but what is output.getReturnValue()? A local method?
<hggdh> ccheney: and error does not seem used at all
<ccheney> hggdh: yea its not afaict, i'm not sure what that returns yet, I am going to add debug logging to see
<ZenMasta> I get a Segmentation faulty tree 50% when I use aptitude/apt-get (new install of 10.04)
<ccheney> hggdh: i think i can remove the returnValue.length crap in createLogicalVolume entirely
<hggdh> ccheney: I do not remember the code you pastebin-ed, but a zero-leght would mark success
<ccheney> hggdh: hmm not sure what is going on then, it checks if 0 length and considers that an error
<ccheney> hggdh: once i determine what it is i might have to add it back, maybe its there is no error but no output from the command either
<mathiaz> SpamapS: https://launchpad.net/~mathiaz/+archive/bzr-git/
<ccheney> perhaps just a sanity check
<mathiaz> SpamapS: ^^ this is an example
<hggdh> ccheney: this is indeed confusing. The run() method has only two returns, one with getReturnValue(), and one with an empty string
<hggdh> ccheney: and -- if I am reading it correctly -- the empty string is succecss
<hggdh> ccheney: but on createLogicalVolume(), the empty return is an error
<hggdh> WTF?
<SpamapS> mathiaz: Thanks. I've got a couple of PPA's that I've been using thus far.. its really quite an awesome technology. :)
<ccheney> hggdh: yep, odd stuff
<ccheney> hggdh: will know in a few minutes, i rewrote the createLogicalVolume function to do proper error checking (i hope) and then will add logging of the value from run()
<hggdh> ccheney: so the other create*() methods must do something
<ccheney> hggdh: 35 line change for one function, heh
<hggdh> :-)
<ccheney> still with no docs, lol
<ccheney> might not be the most pretty way to do the change, i'm not really a java coder
<ccheney> and its still not perfect by any means due to the lvm2 return code problems itself
<wng-> Ok so I have a mailserver that is also a dhcp/dns server. ip is 192.168.50.155, but also 192.168.1.1 for the local network. I have 3ware 3dm2 on each node attached to the 192.168.1.* network, but email notification is not working
<hggdh> ccheney: if you look at losetup() -- it does errorCode = proc.waitFor()
<hggdh> so it was just a Real Bad Naming issue
<ccheney> hggdh: yea
<Ng> how would I force ubuntu-vm-builder to use a particular filesystem type for the root partition it makes?
<soren> Ng: You can't right now, I'm afraid.
<Ng> soren: fair enough, I'll just hack it :)
<Ng> looks easy enough to make a new suite with the overrides I want
<Ng> I'm getting some odd filesystem errors with ext4, so I want to try a guest with ext3 to see if the same thing happens
<soren> Ng: It's surprisingly difficult.
<soren> Ng: Actually.
<soren> Ng: Grab a bzr checkout and run from that.
<smoser> mathiaz, did you see well above i asked about -backports ?
<smoser> soren, find . -type f | xargs 'sed -i s,ext3,ext4,'
<smoser> that should do it
<smoser> :)
<Ng> haha
<bpgoldsb> Do most peopel have the universe repository enabled on their server?  I'm concerned about the bit about no security review or updates.
<soren> smoser: Certainly. Adding another suite is just less fun that it should be.
<smoser> agreed.
<Ng> it'd be ace to be able to construct a suite somewhere in a local part of pythonpath and have it be available
<kees> bpgoldsb: there are updates to universe for security.
<soren> Ng: Hmm.. Yes.
<soren> Ng: Yes, it would.
 * soren ponders
<kees> bpgoldsb: it's just community-driven, so only more popular stuff gets attention.
<bpgoldsb> kees: So most stuff in it gets updated, just not by the Ubuntu Sec Team?
<yosi> i spent the last 4 hours tring to get stupid Modo Rescue to work under 10.04 smoothly with little luck..any other simple single file image backup program out there that supports ext4?
<yosi> or and can run on a live system
<smoser> jdstrand, around ?
<smoser> have you seen http://ubuntuforums.org/showthread.php?t=1468882
<smoser> i'm seeing similar output of 'udevadm' command.  under some circumstances i get "custom logging function 0xb9237008 registered" as stdoutput
<smoser> or "in stdout" rather.
<Italian_Plumber> I run my own internal DNS at home with bind on hardy.  Can I use DNS to redirect queries from certain domain names to a bogus IP?  For instance, if I wanted to block cnn.com for everyone on my internal network, I could just change its DNS IP to 192.168.0.2 or something.  Is there a better way to do this or am I on the right track?
<jdstrand> smoser: hey. I have not. I *think* kees may have seen something similar, but his issue may have been different
<kees> bpgoldsb: well, universe is very large, but it gets attention.  it's best to be aware of what you've got installed from universe and keep an eye on it.
<jdstrand> kees: ^ ?
<smoser> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/570692 is also a hit for that string.
<uvirtbot> Launchpad bug 570692 in linux "Ubuntu 10.04 Can't open RFCOMM device: Permission denied" [Medium,Confirmed]
<smoser> i had thought it might be coming from apparmour or something
<smoser> but one way or antoher, that output gets sent, and the tool that parses it is not expecting it.
<kees> jdstrand, smoser: sorry, never seen that before.
<bpgoldsb> kees: Do USN's get generated for Universe?
<smoser> never mind.
<smoser> its from udev
<kees> bpgoldsb: no, there there is a very early effort to publish "community usns"
<kees> bpgoldsb: bit it hasn't really gotten off the ground beyond a pilot announcement for clamav.  :)
<mathiaz> smoser: hi - I think both bugs are good
<mathiaz> smoser: bug 589214
<uvirtbot> Launchpad bug 589214 in lucid-backports "backport maverick ec2-ami-tools to lucid" [Undecided,New] https://launchpad.net/bugs/589214
<smoser> mathiaz, so as in what do i need to do
<mathiaz> smoser: 589211
<mathiaz> smoser: hm - I'm not so sure about the versioning though
<mathiaz> smoser: as it's a no-source-change backport
<mathiaz> smoser: given that it builds in your PPA, I'd test it
<mathiaz> smoser: if it works set the state to Confirmed
<smoser> i've tested, it works fine.
<smoser> but it wasn't clear to me that i was allowed to move it to confirmed.
<mathiaz> smoser: ok - so I'd move it to In Progress and subscribe ubuntu-archive
<mathiaz> smoser: as outlined in https://help.ubuntu.com/community/UbuntuBackports#Backport%20Process
<mathiaz> smoser: hm - I'm not sure though - I haven't done -backports for a long time
<mathiaz> smoser: so you may wanna ask ScottK about it
<smoser> thanks mathiaz
<mathiaz> SpamapS: around?
<SpamapS> mathiaz: yes still here. :)
<SpamapS> just enjoying the irony that the Velocity conference website is slow
<soren> SpamapS: :)
<hggdh> jiboumans: ping re. the internal UEC
<jiboumans> hggdh: otp, will get back to you shortly
<SpamapS> https://blueprints.launchpad.net/bugs/589566
<uvirtbot> Launchpad bug 589566 in mongodb "Please merge mongodb 1.4.3-1 (universe) from Debian unstable (main)" [Undecided,Confirmed]
<mathiaz> SpamapS: http://qa.ubuntu.com/reports/sponsoring/
<smoser> jdstrand, kees if you care... i just opened https://bugs.launchpad.net/ubuntu/+source/udev/+bug/591460
<uvirtbot> Launchpad bug 591460 in udev "udevd daemon run with --debug affects output of 'udevadm info'" [Undecided,New]
<smoser> it hopefully describes the issue i was seeing above.
<sveinse> Hi guys, I have an urgent thing here: I dist-upgraded lucid where linux-image(-2.6.32-22) was upgraded. update-grub however threw this at me: "error: unknown LVM metadata header.". I'm requested to reboot the server, however I'm unsure if its safe. Is it?
<SpamapS> sveinse: have you seen this yet: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/452350 ?
<uvirtbot> Launchpad bug 452350 in grub2 "Unknown LVM metadata header" [Undecided,New]
<SpamapS> sveinse: and this https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/385428 , specifically comments #3 and #6
<uvirtbot> Launchpad bug 385428 in grub2 "grub2 boot from lvm Auto-detection of a filesystem module failed" [Undecided,Incomplete]
<sveinse> hmmm. #3 of bug 385428 didnt do it for me...
<uvirtbot> Launchpad bug 385428 in grub2 "grub2 boot from lvm Auto-detection of a filesystem module failed" [Undecided,Incomplete] https://launchpad.net/bugs/385428
<ccheney> hggdh: i think i may have fixed the issue, but i'm starting to hit the other communicating one now
<ccheney> hggdh: actually nm i seem to have lost the setting for 200GB cluster
<ccheney> not sure how that happened
<hggdh> ccheney: you mean the CLC reconfigured itself back to 50G?
<sveinse> SpamapS: Well at least I see the same as the two bugreports you sent me. Thanks.
<sveinse> SpamapS: I just hope rebooting doesnt offline the server....
<ccheney> hggdh: i think so, unless i did it and forgot i had
<sveinse> vgck and pvscan all reports lvm header checksum error
 * sveinse dont like to be in this fix: To reboot or not to reboot...
<ccheney> hggdh: grr
<ccheney> hggdh: it seems to lose its setting when you restart euca
<ccheney> hggdh: is that supposed to just be a runtime config option?
<sveinse> AAAhhh! Got it. pvremove /dev/sda1 (the boot/ part) did it
<sveinse> Thanks SpamapS
<SpamapS> sveinse: you may want to add a comment that the workaround worked for you. :)
<sveinse> Will do
<SpamapS> sveinse: good luck on your reboot. :)
<ccheney> hggdh: hmm my patch isn't completely working for some reason
<ZenMasta> I get a Segmentation faulty tree 50% when I use aptitude/apt-get (new install of 10.04) any ideas how to fix this?
 * ccheney notices his own typo/braindamage is the cause, lol
<ccheney> i'm somewhat surprised this didn't just completely explode
<ccheney> copy/paste gone awry
<hggdh> heh
<hggdh> ccheney: I would expect that changes in the web would be maintained
<hggdh> ccheney: I will restart the rig -- completely cycle it -- and test (since I also changed it)
<hggdh> mathiaz, smoser: any of you using the UEC test rig?
<mathiaz> hggdh: nope - you can knock it out!
<hggdh> UEC rig is leaving the building...
<hggdh> UEC rig has left the building
<ccheney> hggdh: oh i think i know what might be causing it
<hggdh> ZenMasta: you mean you get a SIGSEGV in APT/aptitude?
<ccheney> hggdh: i'm having to nuke the storage db file, which probably has it in there
<hggdh> ccheney: why nuke it?
<ccheney> hggdh: since euca gets wedged reloading volumes that it doesn't know about
<hggdh> hum
<ccheney> hggdh: euca has a nice 'feature' of reloading volumes that don't show up in euca-describe-volumes
<ccheney> hggdh: so if they get partially removed they still get reloaded
<hggdh> ccheney: is this good?
<ccheney> hggdh: but still never show up in the euca-describe-volumes since they are in partial removed state
<ccheney> no a bad thing
<hggdh> definitely bad, then
<ccheney> yea :\
<ZenMasta> hggdh no i mean I get a segmentation fault
<Ng> soren: oddly I ran it from a bzr checkout, made my own suite which set preferred_filesystem to ext3 and it still made an ext4 root, so I just fudged the meaning of ext4 to TYPE_EXT3 ;)
<ccheney> rerunning test now with the proper reversion calls (no more typos i think)
<Ng> and no filesystem errors yet
<hggdh> ZenMasta: which Ubuntu version?
<Ng> is there some known badness with kvm/virtio and ext4? I wondered if it wasn't getting to do a final flush before being "powered" off
<ZenMasta> hggdh 10.04 http://pastie.org/997027
<hggdh> ZenMasta: it sounds more like apt was happily loading the tables, and got hit by a seg fault -- so it is not "segmentation faulty tree", but "segmentation fault"
<ccheney> hggdh: i think my new code fixes the create side at least
<hggdh> ZenMasta: which overwrote the line
<hggdh> ZenMasta: your best bet is to open a bug for that
<soren> Ng: Which bzr branch
<Ng> soren: oh hrm, I just blithely branched lp:vmbuilder
<ccheney> hggdh: i now don't have any partials left after creation
<ZenMasta> hggdh this is a clean install two, happened on desktop and server iso
<soren> Ng: That's fine.
<ZenMasta> *too, even
<hggdh> ZenMasta: even more reason to open a bug ;-)
<ZenMasta> where do I do that?
<soren> Ng: I can't guess why that would be. I'd be happy to look at your patch and commandline and find out. Tomorrow :)
<hggdh> ccheney: are you going to publish it?
<hggdh> ZenMasta: sudo ubuntu-bug apt-get
<ccheney> hggdh: will once i get it working well, i still need to do something about deletes
<ccheney> hggdh: i'm pretty sure deletes are still broken
<ZenMasta> hggdh what does that do... because I got a segmentation fault on that too
<Ng> soren: k :)
<hggdh> ccheney: I am 100% sure, I got to clean up the pieces when I ran the delete
<hggdh> ZenMasta: this is rather strange. You installed clean, or upgraded?
<ZenMasta> hggdh installed clean, no dual boot etc
<hggdh> ZenMasta: another option -- if you have GDB installed -- is to run apt-get under GDB
<hggdh> of course it would help a lot to have the debugging symbols
<ZenMasta> hggdh unless that came with the default server iso then its not installed
<hggdh> ZenMasta: dpkg -l gdb\*
<ZenMasta> i'll run that but pretty sure that's a neg
<ZenMasta> nope, no package matching
<ccheney> hggdh: yep delete is still broken with my code too
<hggdh> ccheney: heh
<ccheney> hggdh: its going to take some more thinking about what to do to fix the clean part
<ccheney> hggdh: i may have to regex the output from the command if its available in the right place
<hggdh> ccheney: no prob... we are already much better because of your patch
<yosi> hrey all
<ccheney> hggdh: so if it shows as waiting on lock to retry until it removes it
<yosi> any other people with suggestions of software such as Acronis for backup in linux, about to give up
<hggdh> ccheney: OK.
<ccheney> hggdh: i'll push what i have to my lucid-sru branch for now, but my patch probably will need a full rewrite to be inside the functions to do each thing itself instead of the ones calling them, eg i think createLogicalVolume probably should clean up itself and then throw instead of making createVolume do it
<hggdh> ccheney: this will be more invasive, but sounds much more correct
<ccheney> hggdh: right now my patch has the calling function doing all the cleanup with is bit messy
<hggdh> ccheney: well, they will still have to cater for failures
<hggdh> ZenMasta: I am stumped
<ccheney> yea but a bit more clean than currently
<ccheney> well i need to look at the code more and think about it, will do that later tonight
 * ccheney has to run to dinner and over to the hospital to relieve his mother in law
<mrlemao> Why cpu.out is empty when running this command "top bd1 -p 15436 | grep 15436 > cpu.out"  but I see results when running this:  "top bd1 -p 15436 | grep 15436
<mrlemao> I just dont get it
<uvirtbot> New bug: #591481 in tftp-hpa (main) "package tftpd-hpa 0.49-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/591481
<EtienneG> hggdh, another funny one (which I will not report; out of time): after manually installing the eucalyptus-nc package, you can register the service no problem and it will will report resource no problem.  However, it will fail running an instance with the infamous "libvirt: hvm not supported" error.  You reboot the NC, and then it works just fine.
<EtienneG> this thing is driving me insane
<hggdh> EtienneG: this is weird
<hggdh> EtienneG: and ccheney has been working hard on getting volumes to behave nicely
<smoser> hggdh, i'm not using rig
<EtienneG> hggdh, thanks $deity for his work on that!
<hggdh> smoser: too late, already rebooted them ;-)
<EtienneG> hggdh, anyway, not a show-stopper so I will move on, but we can keep that in the back of our brain
<hggdh> EtienneG: this is the Dell rig?
<hggdh> and my brain is frying...
<Insyte> On Hardy, when I create a new logical volume, why is it not automatically added to /dev/disk/by-uuid by udev?
<Insyte> Do I need to poke something?
<Insyte> It appears the 60-persistent-storage.rules specifically skips all "dm-" devices.
<SpamapS> Insyte: you still get the /dev/vgname/lvname link though right?
<Insyte> Yep.
<SpamapS> Insyte: shouldn't present any issues then.
<Insyte> You're right, of course.  I can certainly use those.  I'm just curious why the LVs I created when I installed the box are getting the UUID symlinks, but not new ones.
<Insyte> I can't find any udev rules that would create them, nor anything in init.d.  Yet they exist...
<SpamapS> Insyte: maybe the LVM metadata is pulled from the wrong location, which hasn't been updated since installation.
<Insyte> It seems to be consistent across all of my Hardy boxes...
#ubuntu-server 2010-06-09
<Insyte> I know I haven't changed any core LVM configs; just added/removed volumes.
<ccheney> ugh the hospital blocks social networking sites even on their guest network
<a3ist> tunnel your way to freedom
<ccheney> a3ist: whats the easiest way to do that, i assume something involving ssh forwarding?
<a3ist> set up one of your own computers elsewhere as a proxy
<a3ist> then tunnel to it and forward the traffic over ssh for security
<linxeh> ccheney: sounds good to me
<linxeh> or do you mean as a visitor/outpatient ?
<ccheney> any suggestions for a good simple proxy to run?
<ccheney> linxeh: visitor, my wife had our son this morning
<linxeh> and they have internet access ?
<ccheney> linxeh: yea :)
<a3ist> its not as uncommon as you'd think
<linxeh> here we have to turn off all wifi and mobile devices
<ccheney> but they run websense on the http
<linxeh> I hate websense
<linxeh> webnonsense
<linxeh> it miscategorises sites bigtime
<a3ist> oh cheney as a side note when you run the ssh tunnel you can add compression as well to help with latency
 * ajmitch has used corkscrew for setting that up before
<ccheney> a3ist: oh ok, thanks, the last time i had to run a tunneled proxy was nearly 10 years ago and i have forgotten most of how to do it :)
<ajmitch> ccheney: and congratulations :)
<ccheney> ajmitch: thanks
<a3ist> ssh -C -L port:localhost:port hostname
<a3ist> there are a ton of guides and stuff out there too for reference
<ccheney> i think i don't need corkscrew as they don't block other ports outbound at least not 22 anyway
<ccheney> a3ist: ok will take a look, thanks
<ajmitch> then forwarding to a squid proxy on a remote host might work well
<a3ist> yup
<ajmitch> it works for me for getting to the US music store for U1 :)
<ccheney> heh
<ccheney> there
<ccheney> there is a way to tunnel a full ipv4 network over ssh iirc, right?
<ccheney> if i did that i wouldn't need to change any configuration on any of my apps
<SpamapS> ccheney: openvpn is the easiest way
<ScottK> smoser: As long as you can say it builds, installs, and run in the bug and it's not avoiding doing a proper SRU, I can approve it.
<ScottK> Give me a ping when it's ready.
<SpamapS> ccheney: though you can do pppd + ssh too
<ccheney> SpamapS: ok
<ruben23> hi guys i have 60 client pc any apps that can help me deploy the installation of operating system- like ubuntu desktop..diskless and server base..?
<ccheney> SpamapS: does openvpn do the server side as well as client?
<ccheney> SpamapS: i installed it and it seems like a client, but maybe i misunderstand how it works
<SpamapS> ccheney: yeah its a peer to peer connection
<a3ist> ccheney you can do vpn with NetworkManager but you need the extra plugin for the right type
<a3ist> like networkmanager-pptp
<SpamapS> ccheney: its just a cmdline option whether to listen or conncet
<a3ist> from the client side, that is
<a3ist> not the host side
<ccheney> ok
<SpamapS> ruben23: so these are NFS root?
<ruben23> SpamapS: the client pc are all empty newly purchase..i want to deploy ubuntu desktop or Ubuntu netbook editon using the server side..
<SpamapS> ruben23: but you said they are diskless, so how will they load their applications?
<SpamapS> ruben23: you may want LTSP
<ruben23>  SpamapS: sorry i mena disc less no DVD-Rom or cdrom..
<ruben23> there are storage in every PC
<SpamapS> ruben23: ah, are they all the same model PC?
<SpamapS> ruben23: if so, SystemImager might work for you
<ruben23> SpamapS:there 30 units the same and the other batch same model also, but the 2 catergory are diffrent.
<SpamapS> ruben23: anyway, good luck, I must be going
<SpamapS> ruben23: right so you can make two "golden images" and then use systemimager to install them all
<ruben23> SpamapS:any how to do it..?
<ruben23> with sysmanager.
<ruben23> i mena sysimager
<smoser> ScottK, i commented at https://bugs.launchpad.net/lucid-backports/+bug/589214 .
<uvirtbot> Launchpad bug 589214 in lucid-backports "backport maverick ec2-ami-tools to lucid" [Undecided,New]
<ScottK> Looking
<smoser> will try to get the other tested soon, but really, the changes are very minimal over the previous versions (the essentially add a string 'ap-southeast-1').
<ScottK> smoser: Approved.
<ScottK> Now it just needs an archive admin to execute the backport.
<smoser> ScottK, so what is the appropriate version number ?
<ScottK> 1.3.49953-0ubuntu1~lucid1
<smoser> ok. what i got from https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation
<smoser> thanks.
<ScottK> smoser: Yes.  That's for security/updates.  Backports uses a different numbering scheme.
<smoser> right. and the ~ is reasonable.
<uvirtbot> New bug: #591517 in mysql-dfsg-5.1 (main) "package libmysqlclient16 5.1.41-3ubuntu12.1 failed to install/upgrade: ErrorMessage: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 2" [Undecided,New] https://launchpad.net/bugs/591517
<unewbie> i can't connect my guest os after install
<unewbie> do know how
<twb> unewbie: what virtualization technology are you using?
<unewbie> kvm
<unewbie> twb: kvm
<twb> unewbie: are you using libvirt?
<unewbie> yes
<unewbie> vmbuilder when create guest os
<twb> OK, then you would access it via libvirt somehow.
<unewbie> how is that?
<twb> I don't know.
<unewbie> :D
<unewbie> any other way?
<twb> That would depend how kvm is invoked by libvirt
<unewbie> what's your suggestion
<twb> Normally when I use kvm directly, I just connect its text console to stdio.
<unewbie> it's my first virtualisation
<unewbie> what's text console?
<twb> Er, the bit without the pictures.
<unewbie> do i have to manage directly on the host server?
<unewbie> may be that's what i want
<unewbie> the text console
<unewbie> i don't want graphic
<unewbie> i only want to use ssh from my xp desktop
<twb> Yeah, so I would ssh in, and run kvm -curses -hda foo.img
<unewbie> -hda? the harddisk?
<twb> I think you should just read the libvirt documentation.
<unewbie> where?
<twb> I don't know.
<twb> Did you try reading the ubuntu server guide?
<unewbie> yes
<unewbie> but don't understand
<unewbie> i'm seeing the serialconsolehowto page is this what you mean?
<unewbie> i thought it was the serial port behind the server
<unewbie> not the text console
<twb> The serial console is a text console.
<twb> Probably libvirt is just shit and can't directly export a VGA text console via curses.
<twb> Most virtualization systems can't, so the libvirt people probably haven't added that into libvirt, even though your kvm backend supports it
<unewbie> what are using using for virtualisation
<unewbie> may be i cant switch to your way
<unewbie> can
<Mgamerz> so
<Mgamerz> if i have the 64 bit mini.iso
<Mgamerz> and idk if i have 64 bit and it loads
<Mgamerz> do i have 64bit?
<Mgamerz> cause all it says is semperon, but online it says 64bit...
<qman__> what socket
<unewbie> twb: from that page, i have edit ttyS0.conf but i can't locate the file
<twb> What release is the VM running?
<twb> Unless you *install* using the serial console, you won't have a ttyS0.conf
<qman__> if it's socket A, it is most definitely not
<qman__> if it's socket 754, it's about a 70/30 chance
<unewbie> how to find the vm release?
<unewbie> kvm --version
<unewbie> QEMU PC emulator version 0.12.3 (qemu-kvm-0.12.3), Copyright (c) 2003-2008 Fabrice Bellard
<unewbie> is that?
<Mgamerz> err
<Mgamerz> back
<Mgamerz> I have
<Mgamerz> eh
<Mgamerz> lemme see
<Mgamerz> err
<Mgamerz> cnet says sixty four bit computing yes
<Mgamerz> it does not say the socket...
<Mgamerz> and since its in use im stuck on this slow tablet
<SpamapS> Mgamerz: if the kernel boots, you have a 64bit capable chip
<Mgamerz> this pc was made in 05
<Mgamerz> perhaps they did not label it as 64 as 64 was still semi new
<SpamapS> First opterons were around '04 IIRC
<Mgamerz> 03
<Mgamerz> wikipedia'd
<Mgamerz> :)
<SpamapS> Opteron 1401.4 GHz1 MB800 MHz7x1.5584.7WSocket 940June 30, 2003[1]OSA140CCO5AG (B3)
<SpamapS> :)
<SpamapS> same link I had
<Mgamerz> i thought the pc server i had sucked
<Mgamerz> now really looking at the specs
<SpamapS> no wonder its fuzzy in my head.. my first son was 3 months old.. probably hadn't slept for a few days when they announced. ;)
<Mgamerz> my pc sucks :(
<SpamapS> Mgamerz: its ok, everybody's PC sucks now.. thats why we have the cloud. :)
<Mgamerz> but do you have the weed to support the cloud?
<Mgamerz> :)
 * SpamapS coughs
<Mgamerz> aghhh
<Mgamerz> red screen of doom
<Mgamerz> step failed!!
<SpamapS> oh the humanity
<Mgamerz> OMG
<Mgamerz> NO
<Mgamerz> UBUNTU NO
<Mgamerz> YOU DID NOT JUST DIE WHILE INSTALLING
<unewbie> :D
<SpamapS> Mgamerz: red screen sounds odd
<Mgamerz> it said install step failed
<Mgamerz> :/
<Mgamerz> i re-ssh'ed in
<panfist> i have an installation of ubuntu server behind a private network. i have a staging server on the public network; what's the easiest way to push package updates to the private server?
<Mgamerz> webmin :P
<panfist> for a start, i have copied all the packages from /var/cache/apt/archives to the private server
<panfist> so i have a copy of all the packages i would need to update. i guess i also have to sync whatever info is downloaded when i do apt-get update on the staging server
<Mgamerz> eh
<Mgamerz> im not a guru...
<Mgamerz> so... i can't help you :s
<SpamapS> panfist: "easiest" is probably to mirror the updates apt source to a USB drive and then sneakernet it over. ;)
<Mgamerz> lol sneakernet
<panfist> yeah lol at least my ubuntu didn't just die :P
<Mgamerz> actually
<Mgamerz> i recoovered it
<Mgamerz> by resshing
<Mgamerz> manually installing stuff in miniiso killed the interface
<panfist> it's either a.) sneakernet or b.) become an expert in linux firewalls overnight + lock down windows workstations or c.) say fuck it and just leave proprietary information
<panfist> on the internet
<Mgamerz> C
<panfist> i think the "lock down windows workstations" part is the scariest and most impossible
<Mgamerz> support open source
<SpamapS> panfist: you don't need to be an expert to poke a hole in a firewall.
<Mgamerz> and piss off the rest :P
<panfist> spamaps no i need to be an expert to make sure no one can poke a hole in mine
<Mgamerz> disable the network adapters... nobody will get in then
<Mgamerz> i can guarantee you
<Mgamerz> no wait
<Mgamerz> bet money on it
<panfist> and that if anyone compromises a windows box operated by grandmothers they can't use that to poke a hole in my firewall
<SpamapS> panfist: uh wha?
<Mgamerz> O_o
<panfist> mgamerz so in other words, sneakernet
<Mgamerz> eh
<Mgamerz> sure
<Mgamerz> 85% installed
<Mgamerz> ok so
<panfist> spamaps what?
<SpamapS> panfist: the offline updating thing though, its a common issue for high security requirements. I'd say your best bet is to use something like 'apt-mirror' onto a disk and then just expose it like a cdrom in sources.list
<Mgamerz> i am installing 64 bit and i want to install a nvidia propriety driver (i need for video recording to server)
<Mgamerz> so i need the kernel source
<Mgamerz> i looked it up earlier and it was hella scary
<Mgamerz> on desktop version it was all preinstalled...
<SpamapS> Mgamerz: you shouldn't need to do anything crazy for that.
<Mgamerz> git
<Mgamerz> the web page was scary long
<SpamapS> Mgamerz: well that pre-installed version on the desktop is just a package ( I believe from the partners repository ) .. so should be easy enough to just apt-get install
<Mgamerz> the server doesn't have the hardware drivers... thing
<Mgamerz> jockey?
<Mgamerz> i couldn't find out the name of it
<Mgamerz> karmic was jockey
<Mgamerz> hmmm
<Mgamerz> grub 2 b or grub not2b
<Mgamerz> grub 2 is a nightmare
<Mgamerz> but it has ext4 support...
<Mgamerz> such hard decisions
<Mgamerz> finishing installation
<Mgamerz> here we go
<Mgamerz> linux takes security miles ahead of windows
<Mgamerz> wiping swap space for security
<Mgamerz> ....
<Mgamerz> this is taking a long time
<Mgamerz> here we go!!
<Mgamerz> ....
<Mgamerz> you cannot be serious.
<Mgamerz> damnit grub!!!!
<Mgamerz> it randomly does not work
<Mgamerz> and i cannot get it to load a burned cd unless i use the miniiso on my sd card grrrr
<Mgamerz> oh ffs
<Mgamerz> it wants me to reinstall it all
<Mgamerz> screw that
<Mgamerz> its floppy disk time
<Mgamerz> ERRR
<Mgamerz> ... it figures this is the one computer without a floppy drive
<Mgamerz> grub2 is so lame
<Mgamerz> ... it fails to lload
<Mgamerz> completely
<Mgamerz> i hate this :l
<Mgamerz> and it wont mount the cd
<Mgamerz> this is just lovely
<rcsheets> are TLER disks (like western digital raid edition, for instance) better suited for use in a softraid mirror than standard desktop-oriented sata disks?
<Mgamerz> rcsheets
<rcsheets> Mgamerz
<Mgamerz> what do you mean by softward raid vs sata
<Mgamerz> like sata in a raid?
<Mgamerz> or just standalone
<twb> !enter
<ubottu> Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<rcsheets> oh, sorry, i didn't realize my question was ambiguously phrased.
<Mgamerz> twb
<Mgamerz> i have installed ubuntu like 4 times today
<Mgamerz> grub is a pos
<rcsheets> let me try again. for use in a softraid raid1 mirror setup, are RAID Edition drives (like WD RE3, etc.) better suited than standard desktop sata disks are?
<lifeless> rcsheets: softraid doesn't care
<lifeless> you might, if you need specific MTBF or other criteria to be met
<rcsheets> lifeless: i'm asking only with regard to the disk's firmware giving up faster when it can't quickly perform a requested operation
<Mgamerz> i'd just use normal sata
<Mgamerz> it'd be cheaper and probably not cost you much time... but thats my opinion
<rcsheets> i'm not sure how it would cost me any time
<Mgamerz> so...........
<Mgamerz> there you go?
<twb> rcsheets: "raid edition" might simply mean the firmware does different block alignment or such.  Write the vendor and ask.
<Mgamerz> this is taking ridiculously forever
<rcsheets> twb: i'm sure the vendor will tell me to buy the more expensive disks. the feature i'm referring to is meant to avoid a disk dropping completely out of an array just because it's taking a long time to repeatedly retry an operation.
<Mgamerz> grub2 better work or i am going to throw something
<Mgamerz> oh...
<Mgamerz> hmm O-o
<Mgamerz> im not a linux expert
<Mgamerz> so... you shouldn't trust me linux softraid
<twb> rcsheets: I wouldn't know about that.
<rcsheets> the theory, as i understand it, being that if the disk is in an array, a failure to (say) read a single sector isn't such a big deal, but if the disk tries for a long time to do that read and the (hardware) raid controller gives up waiting on it, then it will fail the whole disk
<rcsheets> unnecessarily degrading the array
<lifeless> rcsheets: that might appliy to hardware raid arrays
<rcsheets> i wasn't sure if the same logic applied to softraid as well
<Mgamerz> but wouldn't a mirror array just read the other disk?
<lifeless> frankly, if I have a disk that can't read data it wrote, anywhere on it, I want it to be removed immediately
<twb> +1
<Mgamerz> then you must replace a lot of disks lifeless
<lifeless> rcsheets: its going to depend on what you're doing with it, there isn't a 'best' answer we can give you.
<lifeless> Mgamerz: no, MTBF is pretty high
<lifeless> Mgamerz: usually a batch goes at once though
<rcsheets> ok, fair enough.
<Mgamerz> i have a karmic hard drive with 277 bad sectors
<Mgamerz> its... disconnected because of that :)
<Mgamerz> karmic was a nightmare for me :/
<rcsheets> lifeless: i'd rather have the disk continue operating in the array, rather than the array being degraded, personally. if i choose to replace the disk, i'll do that at a convenient time. meanwhile, i'd rather it just remap that sector.
<lifeless> rcsheets: well, as I say, it depends on your needs/config etc
<rcsheets> sure. alright, thanks.
<twb> Sigh.
<Mgamerz> so... slow...
<twb> So I'm upgrading my workstation SOE from a 8.04 to 10.04 base.
<Mgamerz> i have spent 3 hours getting this pos to work
<twb> Now I get to deal with a whole NEW bag of places where Ubuntu-specifc postinst code assumes it's not a chroot.
<Mgamerz> should not have F'ed with it in the first place...
<Mgamerz> !
<Mgamerz> is there a way to run a command if im like in rescue mode
<Mgamerz> as a user from a machine i have mounted a hard disk on?
<Mgamerz> like if i needed to update grub via rescue
<twb> Mgamerz: go talk to #grub and get them to explain how to fix your bootloader.
<twb> Mgamerz: reinstalling over and over won't help, nor will complaining
<Mgamerz> it worked last time <_<
<rcsheets> if anyone happens to be interested, there is some discussion of a similar nature to my question here. http://arstechnica.com/civis/viewtopic.php?p=1144188
<Mgamerz> i hate this installer
<Mgamerz> i cannog go to the partitioner to see the disk mounts and then go back to grub without it complaining to do it again.
<Mgamerz> eh
<Mgamerz> so
<Mgamerz> this is one of those rescue mode moments...
<holmser_> I was gifted an older dual xenon server, and I have been trying to install 10.04 server on it without any success.  It won't boot from a known good CD.
<holmser_> anyone feel like helping me troubleshoot this?
<Q_Continuum> Won't be able to do a ton, but I presume you've checked BIOS for boot order?
<holmser_> yeah.  I actually just disabled everything but the CD ROM
<Q_Continuum> and it comes up 'no boot media' or something?
<holmser_> boot failure, system halted
<Q_Continuum> hrm, 'system halted' sounds like Linux, not BIOS...
<Mgamerz> me either
<Mgamerz> mine does that as well.
<Q_Continuum> if you boot it without the CD in it, does it give the 'boot failure, system halted' message?
<Mgamerz> It just spins up and down
<Q_Continuum> or something different?
<holmser_> lemme try
<Q_Continuum> That will narrow it down to BIOS or CD.  Might be the CD doesn't like some piece of hardware its seeing :-D
<Mgamerz> I have tried like 4 cd's
<Mgamerz> i think my drive is just dying.
<holmser_> the cd status light blinks on and off when the server first boots, but nothing after the intel screen
<holmser_> same deal
<Mgamerz> yep thats post blinking it
<Q_Continuum> holmser_, ok so then we know it is booting, but at least its reading the CD
<Mgamerz> Q: isn't that just post?
<Q_Continuum> Mgamerz, have a spare drive you can rob from another box, even temporarily?
<Mgamerz> eh
<holmser_> yeah, its just post.
<Mgamerz> well im using mini.iso
<Mgamerz> and loading the iso from flash from there.
<Q_Continuum> Mgamerz, 'system halted' is something I know Linux uses...usually its 'BOOT MEDIA FAILURE insert disk' or something
<Mgamerz> except grub neverworks it seems...
<holmser_> I know its looking for a network boot, but I don't know how to do one
<Mgamerz> just hangs the system
<Q_Continuum> Hrm.
<Mgamerz> can your box support usb boot?
<Mgamerz> i booted from an SD card
<Mgamerz> 128MB :P
<Q_Continuum> Any other OS CDs either of you have laying around to test, make sure its making it past BIOS?  (Don't need one you'll install, just to get up to a loading screen to confirm its disk and not hardware)
<Mgamerz> well mine will spin up and down and up and down for like 4 mins
<Mgamerz> then it will give up
<holmser_> I am positive the CD is good.  I just installed on a different server not 2 hours ago
<Mgamerz> it reads it when mini iso mounts is... well used to, now it doesnt. i think its just dying
<Q_Continuum> Mgamerz, since you're booting funny I don't know on yours, never tried that method.  (I like the idea, but the config always looks like a PITA)
<Q_Continuum> holmser_, ok so is the CD aborting/kernel panic'ing, or is the hardware having issues?  That's what the second CD will help test.
<holmser_> it never checks the
<holmser_> CD
<holmser_> it checks it on post, then nothing
<holmser_> it doesn't even try to boot from the CD
<Q_Continuum> So it IS hardware then.  Any idea if CD drive is IDE or SATA, and if you have a similar drive to try s wapping in?
<Mgamerz> not to jump in on a thread
<Mgamerz> but
<Mgamerz> which kernel is best to pick?
<Mgamerz> generic server virtual image-gen...
<Q_Continuum> I just run with defaults, I don't do too much messing around. *shrugs*
<Mgamerz> then the linux-image-#######-generic
<SpamapS> Mgamerz: probably generic for your purposes
<Mgamerz> :S
<Mgamerz> K
<Mgamerz> include all drivers
<Mgamerz> yes... alright thanks
<Q_Continuum> but yeah unless you're doing something weird or have limited hardware I'd just do generic
<Mgamerz> is a pos considered limited
<Q_Continuum> well for server you don't need much.
<Q_Continuum> as a base system, anyway
<Q_Continuum> how much RAM?  (Usually the limiting factor)
<Mgamerz> 768
<Mgamerz> -32 shared
<Q_Continuum> that should be plenty, unless you're using it as a huge VM host.
<Mgamerz> lol vm
<Mgamerz> yeah right
<Q_Continuum> for a dumb console server you should be able to drop that shared to 8MB
<Q_Continuum> if no GUI
<Q_Continuum> if possible, probably via BIOS
<Mgamerz> i want to record tv with this...
<Mgamerz> at least try
<Q_Continuum> well that doesn't require a GUI
<Mgamerz> it doesn't?
<Q_Continuum> not generally
<Mgamerz> with a tv tuner ?
<Q_Continuum> can be remotely controlled, IIRC
<Mgamerz> i had tightvncserver going for a while
<Q_Continuum> Unless it'll use your (likely onboard) GPU for processing, no.
<Mgamerz> yep geforce 6100
<Q_Continuum> tightvnc to the host console, or a virtual one?
<Mgamerz> virtual X display
<Mgamerz> so i could config a few things from gui
<Mgamerz> other than that X never ran
<Mgamerz> mediatomb pisses me off tho...
<Mgamerz> it's database dies randomly
<MTecknology> What was the name of the package for UEC?
<Q_Continuum> yeah virtual you're not using the "GPU" at all, IIRC
<twb> OK, so I have a 10.04 desktop chroot on an 8.04 server.  wget works, apt-get hangs and permanently fucks up all processes that attempt to do I/O on the underlying filesystem until I reboot.
 * Ng looks for a PPA with qemu-kvm 0.12.4
<twb> What gives?
<Q_Continuum> had a windows box anyway set up that way...console ran like crud, remote ran smooth as silk.
<twb> There's nothing in dmesg, either.
<Mgamerz> what is... chroot?
<Mgamerz> im still linux nubcake :/
<twb> Mgamerz: don't worry about it; you don't know enough to help.
<Ng> twb: strace the apt-get, see what it's hanging on?
<Mgamerz> ...
<twb> Ng: yup, that's the plan (waiting for it to reboot again :-/)
<twb> Ng: also, to try without first mounting /proc and /sys within the chroot (which you need to do if you want apt-get to work.)
<Q_Continuum> Mgamerz, its a very funny way of doing basically a VM.  Really weird, roundabout way of doing it...but it "works" (for a better description, I'd hit up wikipedia)
<twb> Q_Continuum: that's something of a modernist interpretation :-)
<MTecknology> Ng: sounds fun - should i put that on my production system?
<Mgamerz> rescue shell?
<Ng> MTecknology: hmm?
<MTecknology> Ng: 01:44  * Ng looks for a PPA with qemu-kvm 0.12.4
<MTecknology> !info qemu-kvm
<ubottu> qemu-kvm (source: qemu-kvm): Full virtualization on i386 and amd64 hardware. In component main, is optional. Version 0.12.3+noroms-0ubuntu9 (lucid), package size 2496 kB, installed size 7056 kB (Only available for i386 amd64 powerpc s390 lpia all armel sparc)
<Q_Continuum> twb, not having looked at it in a long time myself it was the best description I could come up with for someone who doesn't know it :-D
<Ng> MTecknology: ah right. I'm doing it specifically because I hit a memory leak bug in testing 0.12.3 and I want to see if it's fixed (a least one leak bug was fixed in .4)
<Ng> MTecknology: I have no idea how people are using kvm in production, I've been running it seriously for less than 48 hours and I'm having nothing but problems ;)
<MTecknology> Ng: I've had an enjoyable time actually :P
<twb> Ng: what host, and what guest?
<Ng> twb: amd64 lucid
<MTecknology> Ng: I notice high mem usage on server - but it's nearly all cached
<twb> Ng: both headless?
<twb> MTecknology: at least historically, qemu would allocate the guest's memory up-front
<Ng> twb: both are ubuntu-minimal installs with a few things added, but libvirt/kvm are starting a vnc server for each guest's console, but I'm not really using that
<twb> Ng: surprising; I run a lot of qemu instances like that, and I generally don't have problems.
<Ng> MTecknology: I was trying to figure out why the first guest I made was showing ext4 filesystem errors on every boot so I fired up 4 VMs overnight running spew to see what would happen and 3 died this morning from OOM ;)
<MTecknology> Ng: http://pastebin.ubuntu.com/447043/
<unewbie1> MTecknology: my new guest os installed and i can ssh
<MTecknology> unewbie1: great
<unewbie1> thanks for the advices
<unewbie1> but i have to stop the apparmor of the host
<Ng> twb: it certainly is surprising. I think tonight I'll leave the machine running memtest for 8 hours or so to rule that out
<MTecknology> unewbie1: glad you have it working
<Yosi> hi all
<Yosi> newbie question..
<Yosi> Question:   Can I have Ubuntu Server 10.04, at 4am each moning (i'm guessing using cron), reboot the server, enter Clonzilla (available in my GRUB menu), bootup the Clonezilla, execute a backup image of my main RAID to a large drive (I know I can do this part by command line and it work) then when complete, reboot the system again and run Ubuntu Server (from GRUB)?  Can all these reboots etc and selection opti
<MTecknology> Yosi: better question - what are you trying to achieve?
<Yosi> i want to automate the entire process
<Yosi> right now it all works but manually
<Yosi> have to be at the cpu at 4am
<Yosi> rebbot, backup, then reboot again into the system
<MTecknology> ewe ..
<MTecknology> offline backups?
<MTecknology> By chance - you ever look into rsnapshot?
<Yosi> i want a cron job to execute a reboot, then select the grub item, lauch a command line and when done, reboot and lauch the system again
<Yosi> tried them all
<Yosi> only thing that works well is clonezilla
<Yosi> nothin in linux unfortunately works well with live databases and 100 %
<MTecknology> mysql databases?
<Yosi> my EMC SAN does great LUN snapshots, but cost me a TON to license that feature for every host
<Yosi> my sql, php, apache
<MTecknology> there are no apache databases..
<MTecknology> or php
<Yosi> the data gets corrupt with most options i tried, too many transactions per second
<Yosi> true
<Yosi> sorry
<Yosi> thats what i meant
<Yosi> just mysql
<Yosi> only luck with clonzilla when everything is offline or online with Snapshots on the SAN
<Mgamerz> thats what mediatomb does
<Mgamerz> it dies with transaction within transaction
<Yosi> I tried zmanda
<MTecknology> doing an offline backup just for mysql makes no sense... with mysql you can copy the entire db files and only lose current transactions
<Yosi> all sorts of things.. nothing works well when the database is heavily accessed
<MTecknology> Yosi: http://pastebin.ubuntu.com/447046/
<Yosi> onjly other thing that worked without corruption is a mysql replication server
<Yosi> i will take a look at that thanks..  any way of automating wwhat i got now?
<Yosi> can CRON launch all these sequence of events
<MTecknology> not without risk of breaking things - you'd have to script editing the files
<Yosi> at 4am, we offline so i don't mind being down
<Yosi> we are not a 24.7 shop
<MTecknology> You'd have to alter the grub menu entires via a script - which is bad
<Yosi> what do u mean by breaking things?
<Yosi> ahhh
<MTecknology> Just learn how to efficiently backup your database - I'd restored many times using that script I gave you - you only ever lose current transactions which are not yet in the files
<MTecknology> Then no breaking :)
<MTecknology> I'm gonna head to sleep though - Just trust me... changing a config, rebooting, changing a config, rebooting - you will break things
<Yosi> thanks
<Yosi> i will test it out
<MTecknology> likely result in not rebooting
<twb> Ng: busted!  /proc/6542/status: No such file or directory
<Yosi> fair enough
<MTecknology> To test it out... take the outut it produces - and restore to a blank server
<Yosi> thanks
<Yosi> i will
<MTecknology> g'night
<Yosi> night
<Ng> Daviey: hey?
<twb> OK, now I think it's aufs' fault
<Mgamerz> chroot: cannot execute /bin/network-console: No such file or directory
<eagles0513875> hey guys
<eagles0513875> question what port do accessing the repositories use?
<twb> Mgamerz: that's caused by your parent shell being some kind of retarded thing
<twb> eagles0513875: apt-get typically uses HTTP
<eagles0513875> twb: talk about strange ok
<eagles0513875> thanks twb
<Daviey> Ng: \o
<Ng> Daviey: you're king of virtualisation these days, right? ;)
<Daviey> Ng: I'm no longer physical in this world, i'm a virtual Daviey.. yes :)
<Ng> awesome
<CppIsWeird> sweet
<CppIsWeird> how did you ascend?
<Ng> Daviey: I was just curious how much we fancy SRUing kvm - I've found a memory leak that (subject to some testing proving the case) I think is fixed upstream
<Daviey> Ng: funny you say that, Serge is wanting to get an upload of kvm today
 * Daviey checks if it was maverick or an sru
<Daviey> Ng: i can't find the email.. he must have said verbally.. Do you have a .patch or branch?
<Ng> Daviey: I do not. I filed bug #591610 and linked it to the upstream bug, but they don't indicate which commit fixed it, just that it's fixed in 0.12.4
<uvirtbot> Launchpad bug 591610 in kvm "memory leak" [Undecided,New] https://launchpad.net/bugs/591610
<Ng> so I've built that and am re-running my test (4 1GB VMs, some virtio some not, running spew(1) --read-after-write for about 8 hours)
<Daviey> hmm
<Ng> Daviey: while I'm pestering you - I'm guessing you use ubuntu-vm-builder, so you're building VMs with ext4 by default? Have you seen any odd fs errors? the first VM I made was spitting out a few ext4 errors each boot
<Daviey> Ng: TBH.. mainly using ext3 atm
<Mgamerz> ubuntu 10.10 maverick mccain
<Ng> Daviey: interesting. I had to hack vmbuilder to make an ext3 one, at soren's suggestion ;)
<Daviey> Ng: the fsync changes in dpkg make it so slow.. most of the testing i'm doing is on ext3 because of that
<Daviey> Ng: whilst that certainly sounds like a potential candidate for SRU.. The upstream bug doesn't give any indication where it was fixed.. Seems like someone might need to check the vcs logs between 0.12.3 and 0.12.4 :(
<Ng> I only quickly skimmed the changelog for the 0.12.4 release and it seemed like it was all bug fixes
<Ng> hrm, can I poke libvirt into running kvm with "-cpu host" or am I forced to specify an exact model?
<Mgamerz> alright
<Mgamerz> so i got the server working
<Mgamerz> but i dont have any repos.
<soren> Ng: What's the use case (for the "-cpu host" question)?
<Ng> soren: well by default I'm just getting the lowest-common-denominator CPU for easier migration. I have no need of migration so I'd rather that all the interesting CPU flags were exposed to the guests for their optimal enjoyment
<soren> Ng: Makes sense.
<soren> Ng: This is using the <cpu match=[...]> notation?
<soren> Ng: Or are you referring to the machine attribute of the os->type tag?
<Ng> soren: I guess the <cpu> stuff. I'll set it to whichever pre-defined model is closest to an i7, I was just curious if there was a way to make it just set whatever flags/models are present in the host
<alabd> Good day all , would someone explain this
<alabd> Amazon EC2 fits perfectly with Ubuntu Enterprise Cloud's modularity, virtualisation capabilities, range of applications and optimised performance.
<Mgamerz> omg
<Mgamerz> no
<alabd> UEC is package of softwares ?
<Mgamerz> i dont have nano installed
<Mgamerz> NOa
<SpamapS> alabd: UEC allows you to build a private cloud on your own hardware
<alabd> SpamapS: thanks is it pack of softwares ? how to install it ?
<Ng> alabd: https://help.ubuntu.com/community/UEC
<alabd> NG thanks what does this mean ? Amazon EC2 fits perfectly with Ubuntu Enterprise Cloud's modularity, virtualisation capabilities, range of applications and optimised performance.
<soren> alabd: Where do you see this?
<Mgamerz> my password is wrong
<alabd> soren: http://www.ubuntu.com/cloud/public
<alabd> an not get if EC2 is an image or is a software or is a concept
<soren> If you're not familiar with EC2, you probably don't need UEC.
<Mgamerz> wtf...
<Mgamerz> i can log in but my sudo password is different?
<Ng> alabd: EC2 is Amazon's public cloud service. UEC has some of the same APIs, which is why they can be a useful match to people who need both types of cloud
<Daviey> Ng: Whilst i'm not "suggesting" this.. i have previously made a kvm wrapper script to work with libvirt, to inject more switches :)
<Ng> hah
<twb> I found the problem with my chroot
<twb> aufs is happy if my script is fed an .iso, but not if it's fed a directory.
<twb> I haven't done that for twelve months, so I'd forgotten that aufs had this bug.
<twb> Solution: don't feed it a directory.
<Mgamerz> errr
<Mgamerz> how the heck do you use vi
<Grum> you take time to learn it and then use it and cry when anything isn't vi :D
<Mgamerz> i need it since my sources list has only cdrom and my cd drive died
<Mgamerz> i need to get nano!!
<Grum> Mgamerz: use cat > file (and make no typos!)
<twb> ED, MAN!  MAN ED!
<twb> IT IS THE STANDARD UNIX EDITOR
<Mgamerz> nano>vi
<rcsheets> false
<Mgamerz> we can all agree on that
<Mgamerz> truths
<eagles0513875> !iptables
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/UFW), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<twb> Mgamerz: that won't work; nano needs stdout to be a controlling tty
<Grum> Mgamerz: holywar in the making!
<soren> Ng: /usr/share/libvirt/cpu_map.xml has the list of cpu models libvirt accepts.
<Mgamerz> i should not have to use google to figure out how to type in a terminal
<Mgamerz> this is outrageous
<Jordan_U> Mgamerz: vimtutor
<twb> http://www.gnu.org/fun/jokes/ed.msg.html
<Ng> soren: hmm, I guess I'll just pick the greatest/closest to the host CPU then :)
<soren> Ng: Or add one that matches your host CPU.
<Ng> soren: editing files in /usr makes me sad, but sure
<Mgamerz> i have no repos
<soren> Ng: It should :)
<Mgamerz> so iam serverly limited in abilities
<Mgamerz> oh
<Mgamerz> lovely
<Mgamerz> i ruined my sources.list
<Jordan_U> Mgamerz: http://repogen.simplylinux.ch/
<hadoop> how do I disable the post-login message that tells the system load, documentation links, etc.?
<Mgamerz> i mounted the iso and insgalled nano
<Mgamerz> thank goodness!!
<blinkiz> Hi. I would like to redirect a port internal from port 4285 to port 443 with only iptables. Is it possible to do this with IPv6?
<TREllis> hadoop: It's generated by pam_motd (https://help.ubuntu.com/10.04/serverguide/C/pam_motd.html)
<TREllis> hadoop: you can disable it completely by reconfiguring the landscape client, by running sudo dpkg-reconfigure landscape-common then selecting 'Do not display sysinfo on login'
<hadoop> TREllis: thank you, that worked :)
<TREllis> hadoop: or you can customise it yourself by modifying the files in /etc/update-motd.d/ or silence it for one use by creating a ~/.hushlogin
<TREllis> user*
<hadoop> oh, I think I'll do it per user, no idea when I may require such info in future
<uvirtbot> New bug: #591642 in javassist (main) "Sync javassist 1:3.12-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/591642
<alabd> Good day all, is this true > UEC provide us easy cloud computing deployment and management  on ubuntu
<alabd> and does "Ubuntu is hugely popular on Amazon's EC2" mean ubuntu is installed  on amazon servers ???
<alabd> NG^
<alabd> alabd^
<alabd> ng ^
<Ng> alabd: I don't think amazon have publically stated what their servers run, but what that quote means is that people are running Ubuntu inside EC2 - you can run whatever you choose and people are choosing Ubuntu :)
<alabd> NG thanks does "Ubuntu is hugely popular on Amazon's EC2" mean ubuntu is installed  on amazon servers ???
<alabd> sorry
<alabd> ng and when they choose ubuntu they should use install UEC on their ubuntu yes ng ?
<c13> Hallo,
<c13> setting up a cyber in Togo. Set up a nfs-server and i want do control the access of some folder. How can i realize this?
<alabd> and is this sentence true ? is this true > UEC provide us easy cloud computing deployment and management  on ubuntu
<Ng> alabd: choosing ubuntu on EC2 is perfectly valid instead of installing UEC on their own hardware - not many people have the same amount of hardware that Amazon has ;)
<Ng> but being able to do either is a great choice
<Ng> I suggest you read some more background articles about what EC2 and UEC are :)
<alabd> see am humble true ?we can have cloud computing on ubuntu with UEC ok ? so when they choose their host on EC2 to be ubuntu , will amazon install UEC for them ? ng
<binBASH> alabd: people can install the images provided by amazon themselves
<alabd> yes but before installing UEC do they can use amazon images on ubuntu ? binBASH
<binBASH> I dunno what virtualization amazon is using.
<binBASH> I don't have an EC2 account either
<alabd> binBASH: UEC is virtualization ?
<alabd> it make ubuntu a cloud server yes ?
<binBASH> alabd: With UEC you can build your own private cloud which is compatible to the Amazon EC2 api
<alabd> so when we choose Ubuntu on amazon
<binBASH> so you have several servers, you can set them up as cloud. And let your users run virtual machines on them.
<alabd> it means then we can use ec2 images on ubuntu
<alabd> on those virtual machines ubuntu will be host or guest or both ?
<binBASH> a virtual machine appears just like a real server
<binBASH> so you can install what you want on your virtual machine
<binBASH> even windows for example
<binBASH> it's just like a real server.
<alabd> see vm itself is installed on a server
<binBASH> yup
<alabd> is that server a cloud server ?
<binBASH> yup
<alabd> and UEC is installed on this server yes ?
<binBASH> right
<alabd> so this server is ubuntu
<alabd> thanks a lot binBASH now want to know amazon EC2 is instead of which part ?
<alabd> instead of ubuntu server ?
<alabd> instead of vm guest ?
<binBASH> alabd: Amazon EC2 is the same like Ubuntu UEC
<binBASH> a plattform to run virtual machines
<binBASH> ;)
<binBASH> ... on many many real servers
<alabd> but UEC is not a platform to run vm , it is a platform to make ubuntu a cloud server , isn't ? binBASH
<binBASH> With UEC you can put servers with hypervisors (xen/kvm) together into a cloud.
<binBASH> so a user requests to run a virtual machine in the cloud.
<binBASH> UEC will set it up and run it on a random server in your cloud
<RoyK> is it possible to use virtblk with 8.04? I guess this is faster than hardware virtualising to /dev/sda?
<binBASH> RoyK: For me virtio has the same speed
<alabd> binBASH:   humble thought UEC make a ubuntu server to be cloud server then we can connect to our app from client , we need more than one server to have cloud computing ? and why we need vm on server ?
<RoyK> binBASH: ok
<RoyK> alabd: cloud computing is really just virtual computing gone large - same thing
<alabd> humble thought UEC make a ubuntu server to be cloud server then we can connect to our app from client , we need more than one server to have cloud computing ? and why we need vm on server ?  RoyK
<RoyK> read the docs - you can do UEC on one server, but it's not recommended
<alabd> thanks a RoyK binBASH God give you peace bye 4 now
<binBASH> Maybe he wanted something like google appengine
<binBASH> :p
<ttx> Daviey: around ?
<Daviey> ttx: \o
<ttx> Got a few minutes for a mumble talk ?
<Daviey> ttx: sure
<ttx> zul: around ?
<zul> zul: yep
<ttx> You're next on Mumble.
<zul> okies gimme a sec
<zul> ttx: just staring up my laptop
<ttx> hggdh, hallyn: ping me when you are around
<sommer> morning
<RoyK> binBASH: seems slow here
<binBASH> are you using kvm or xen?
<RoyK> or, that is, it's rather fast, but the system isn't very responsive
<RoyK> kvm
<binBASH> qcow2 file I guess?
<RoyK> yes
<binBASH> did you allocate the whole space?
<binBASH> or is it growing file?
<RoyK> hm.. seems like it's a holey file
<binBASH> that's good already
<RoyK> no, a file with holes
<RoyK> not allocated
<binBASH> so called spare file
<RoyK> but another VM seems way faster, and that's running 10.04
<binBASH> ahh, I'm running 10.04 as well
<RoyK> hm. I weren't using the -virtual kernel
<RoyK> seems virtblk is in 8.04-virtual :)
<RoyK> hm. not that it helps much
<soren> binBASH: No, qcow2 images are not sparse.
<binBASH> soren: yeah, because sparse would be slower
<soren> A sparse file is a file that is sparsely allocated, ie not their entire size has been allocated on the filesystem. qcow2 images' size increases as needed.
<soren> binBASH: Uh.. No.
<binBASH> Not?
<soren> binBASH: Au contraire.
<binBASH> inside my vms I have same speed like on the real server for hdd
<binBASH> also on qcow2
<a_m_y> hi, wanted to know if ubuntu will not be supporting Xen as like in Red Hat? tnx in advance
<soren> binBASH: How is that an argument in this discussion?
<soren> a_m_y: Depends on what you mean.
<binBASH> soren: Well I read somewhere once that qcow2 should be slowest.
<binBASH> But I dunno if it's true
<soren> And that's mostly correct.
<a_m_y> saw about the what RH that they will not be supporting or including Xen on their latest distro,
<a_m_y> wanted to know if it is the same in ubuntu
<a_m_y> tnx
<soren> "slowest" != "too slow for what someone is trying to do"
<soren> a_m_y: The question remains: What do you mean?
<soren> a_m_y: Ubuntu does not run as a Xen dom0. It does, however, run as a Xen domU.
<binBASH> soren: Well I am no virtualization specialist yet. Just started to use KVM two months ago :)
<a_m_y> planning to use Xen and will be using ubuntu lts 10.04. worried that in future, ubuntu will be doing the same in Xen
<a_m_y> as like RH that will not be including or support Xen
<a_m_y> tnx  in advance
<soren> I give up.
<a_m_y> sorry soren, dont know if am throwing the right question or am asking a stupid question. sorry
<soren> a_m_y: Well, you just keep repeating the same thing.
<soren> a_m_y: that's not going to clarify anything.
<hallyn> how weird.  I pushed a .changes for qemu-kvm to my private ppa, got a response saying the right one was accepted - qemu-kvm for maverick.  But then I got notification of failure to build:  of atlas (blas/lapack HPC libs stuff) on lucid!
<soren> hallyn: You don't usually get those?
<diago> I've install iSCSI target and exported an lv, is it safe to mount the lv and us it as a standard partition also?
<hallyn> soren: no
<hallyn> soren: even if it were a valid dependency, a build for lucid ought not be related to a maverick build of qemu :)
<hallyn> it sounds like a complete snafu on build system...
<soren> hallyn: No no, I mean..
<soren> hallyn: Every night, we build a bunch of packages.
<soren> hallyn: for regression testing.
<soren> hallyn: atlas is one of them.
<soren> hallyn: A bunch of us get build failure e-mails.
<hallyn> Oh, I see
<soren> hallyn: the PPA's are way behind today, so these uploads from last night are just finishing now.
<hallyn> oops.  then i shouldn't have re-dput
<soren> hallyn: Won't matter.
<hallyn> ok, then, got it :)  off to look at altas build
<soren> You got the atlas build e-mail becuase you're an indirect member of ubuntu server qa.
<zul> *sigh* http://paste.ubuntu.com/447201/
<soren> What's vscan?
<hggdh> ttx: ping as requested
<ttx> hggdh: on a call -- will pong you back in a few
<zul> soren: vscan is a virus checker for samba
<soren> Neat.
<jdstrand> hallyn, ttx, mdeslaur: re bug #591423> I don't see anything that indicates the original problem is an apparmor issue. sure, when he used a wrapper to work around the issue the wrapper was (appropriately) blocked by apparmor, but that is a different issue. I commented in the bug
<uvirtbot> Launchpad bug 591423 in libvirt "qemu -drive boot=on flag causes boot to hang." [Low,Incomplete] https://launchpad.net/bugs/591423
<ttx> jdstrand: I agree with that
<jdstrand> oh yes, I see now that you said as much in the bug
 * jdstrand wipes the sleepies from his eyes
<ttx> jdstrand: eh
<ttx> hggdh: got 5 min for a quick Mumble check ?
<hggdh> ttx: yes, but one caveat: smoser and kirkland told me I sound like a chipmunk (sounds issues on my laptop)
<hggdh> ttx: we can try, though
<ttx> let's try chipmunk
<ttx> I hear a distant voice
<ttx> hggdh: let's try IRC pm instead
<alabd> Good day all , is this true > UEC provide us easy cloud computing deployment and management  on ubuntu
<hallyn> jdstrand: duh, i see.  i hadn't noticed he ran that by hand.
<alabd> binBASH:  hi ^
<binBASH> alabd: Hi
<alabd> is this true > UEC provide us easy cloud computing deployment and management  on ubuntu
<binBASH> you asked that already some mins ago?
<alabd> yeah
<alabd> "Ubuntu Enterprise Cloud setting the standard for easy deployment and management"  is written http://www.ubuntu.com/project/about-ubuntu , so can we say regard to that , UEC provide us easy cloud computing deployment and management  on ubuntu
<binBASH> http://www.ubuntu.com/cloud
<huats> I am having a hard time configuring a simple kvm guest for a bridge network. I think everything looks good (both on the vm creation and the bridge config), but once the vm is started  the new IP (the one of the guest) never get attached to the bridged interface. Any idea ?
<binBASH> alabd: If you want to setup your own private cloud environment it's probably easiest way
<huats> the vm was created using vmbuildr
<huats> +e
<alabd> binBASH: no no humble wrote that sentence want to see if it is true if it is then can be written in a book
<binBASH> a book?
<alabd> yeah am writting a ubuntu book in persian
<binBASH> ahh ;)
<alabd> that's why ...
<ttx> hallyn: got 5 minutes to Mumble ?
<binBASH> alabd: better ask kirkland about that
<alabd> don't require to setup cloud but rather require to know something about it
<alabd> binBASH: you mean you don't know if that sentence is true or not
<binBASH> alabd: I'm not using UEC
<alabd> also humble don;t want use it
<binBASH> I don't need it ;)
<alabd> also humble don't need it
<ikonia> alabd: I find it very important to understand the technology your writing about
<ikonia> alabd: it's clear you don't - so I would not advise asking people's advice then basing a book on this as I've told you in the 10 other channels you constantly ask about this stuff in
<Pici> alabd: That seems like a paraphrase of the previous sentence, you shouldnt need a support channel to tell you that.
<binBASH> alabd: For me simple virtualization not in a cloud is sufficient
<hallyn> ttx: oh, sorry, yeah - need 1 min to set up headset
<Daviey> hallyn: Did you see Ng's bug earlier.. Are you doing KVM sru's or just Maverick atm?
<hallyn> Daviey: is that the boot=on one?
<hallyn> ttx: metacity must have messed with my settings.  it works when i'm in dwm
<alabd> ikonia:  you see that am not writing about UEC , but rather am writing similar sentence that is written here about uec in 1 sentence  http://www.ubuntu.com/project/about-ubuntu this sentence "Ubuntu Enterprise Cloud setting the standard for easy deployment and management" but humble don't wan copy it in book but rather want to rephrase it , so humble rephrased it to UEC provide us easy cloud computing deployment and management  on ubuntu , now , wan
<Daviey> hallyn: hmm, no... a mystery memory leak that is fixed in later release
<ikonia> alabd: have you spoke to the translations team ?
<Ng> hallyn: it was bug #591610
<uvirtbot> Launchpad bug 591610 in kvm "memory leak" [Undecided,Triaged] https://launchpad.net/bugs/591610
<DirtyD> Hi! vmbuilder script is broken in lucid.
<Daviey> DirtyD: How so?
<DirtyD> --firstboot and --firstlogin options are not recognized. "no such option"
<huats> did the launch of a kvm guest should fire /etc/qemu-ifup ? I think  it should right ?
<DirtyD> but --firstboot is still broken in vmbuilder(lucid) I can launch nadda.
<alabd> binBASH: thanks a lot God peace you bye
<webPragmatist> would you guys implement active/active just "because" â¦ it seems that there's little to lose and in the future you wouldn't have to switch file systems
<nimrod10> can anyone point me to a webpage containing the kickstart package groups ? There's not a lot of info on these :(
<jmazaredo> basically ubuntuserver and ubuntu desktop just the same right? just desktop has gui and server has server apps?
<jmazaredo> if i put server apps like apache mysql in ubuntu desktop and remove gnome its like the server release and vice versa to server if i put gnome and open office
<alvin> jmazaredo: They are similar, but not completely the same. I don't know all differences, but there are other kernel settings (like the I/O scheduler) in the versions.
<jmazaredo> but in laymans term they are the same right?
<jmazaredo> just some tweaks to the kernel and some little stuff
<dasunsrule32> Hi, I am having trouble with likewise-open5 and ubuntu server 10.04, I have installed the latest version from the likewise-open ppa and the default repo version with the same issues.. I have problems with dcerpcd, lsassd, lwiod, and lwregd not starting on boot. Also, I have set the default_realm=mydomain.local and it is still requiring that I type domain\user to login via ssh. Any help with this would be appreciated. Thank you!
<nimrod10> have you guys ever encountered this situation? After an install of ubuntu server 9.10 I don't have the admin group and the sudoers file setup for the admin group.  Am I missing a package when I install ?
<nimrod10> I'm doing the install using kickstart by the way , and I'm not removing any package, just adding openssh-server and vim
<RoyK> wierd
<RoyK> never seen that
<RoyK> that is, I've never installed using kickstart
<RoyK> in the normal install, you get prompted for a username+password
<RoyK> that user is added to the admin group
<RoyK> can you have skipped that somehow?
<nimrod10> aaaa, maybe this could be because I enabled only the root account
<nimrod10> I think that is why
<nimrod10> ><
<RoyK> just boot on an install cd or a usb stick
<RoyK> mount the installed root, change the root password
<RoyK> or even, boot into single
<nimrod10> I'll rework that kickstart file to add a regular user
<RoyK> it should give you root access without problems
<RoyK> ok
<nimrod10> i can nuke the server no problem
<RoyK> :)
<nimrod10> thank you very much for pointing this silly mistake
<RoyK> np :)
<dasunsrule32> Hi, I am having trouble with likewise-open5 and ubuntu server 10.04, I have installed the latest version from the likewise-open ppa and the default repo version with the same issues. I have problems with dcerpcd, lsassd, lwiod, and lwregd not starting on boot. Also, I have set the default_realm=mydomain.local and it is still requiring that I type domain\user to login via ssh. Any help with this would be appreciated. Thank you!
<zul> ttx: ping...so maverick already has the virus checker built in we just have to add man pages basically
<ttx> zul: slacker
<zul> ttx: yeah so sue me :)
<DirtyD> vmbuilder is broke?
<hallyn> if I uploaded a pkg to ppa:serge-hallyn/virt, is a bzr-accessible source automatically created?  (I'm looking at https://wiki.ubuntu.com/DistributedDevelopment/Documentation/GettingTheSource as it seems i have to go through bzr to get sponsorship?)
<hallyn> i.e. so after I dput ppa:serge-hallyn/virt package.changes, can i do bzr branch lp:serge-hallyn/virt/package or something as an equiv to apt-get source ?
<huats> really I don't understand
<huats> eerything seems to be well configured
<uvirtbot> New bug: #591802 in tomcat6 (main) "tomcat fails to start using a security manager" [Undecided,New] https://launchpad.net/bugs/591802
<huats> but I don't have a bridged connection
<hallyn> mathiaz: hey
<zul> hey mathiaz
<hallyn> question on sponsorship if you dont' mind
<mathiaz> hallyn: o/
<mathiaz> hallyn: go ahead
<huats> hello mathiaz
<hallyn> if I uploaded a pkg to ppa:serge-hallyn/virt, is a bzr-accessible source automatically created?  (I'm looking at https://wiki.ubuntu.com/DistributedDevelopment/Documentation/GettingTheSource as it seems i have to go through bzr to get sponsorship?)
<mathiaz> good morning folks!
<hallyn> i.e. so after I dput ppa:serge-hallyn/virt package.changes, can i do bzr branch lp:serge-hallyn/virt/package or something as an equiv to apt-get source ?
<mathiaz> hallyn: nope - I don't think so
<hallyn> perhaps my first q shoudl be:
<mathiaz> hallyn: however you can push your own branch to LP before doing an upload
<mathiaz> hallyn: so instead of starting by apt-get source package-name
<mathiaz> hallyn: start with bzr branch lp:ubuntu/maverick/kvm
<mathiaz> hallyn: hack on the kvm src branch
<mathiaz> hallyn: bzr push lp:~hallyn/ubuntu/maverick/kvm/fix-for-bug-123
<hallyn> and requesting sponsorship for my package is done with a keyword in the branch (automatically) right?  so i must do that?
<mathiaz> hallyn: and then dput ppa:serge-hallyn/virt,
<mathiaz> hallyn: you must create a merge request
<mathiaz> hallyn: by going to the LP page of the branch you've just created
<mathiaz> hallyn: there you can create a merge request
<hallyn> ok, thanks
<shanezilla> anyone use SSH, and would like to direct me to a great tutorial??
<hallyn> mathiaz: hm, so...  I had created my package by doing uscan.  that doesn't seem to play nicely with using bzr
<Mgamerz> =
<hallyn> mathiaz: im' tempted to rm -rf *; rsync -va ~/original_source .
<Mgamerz> ssh is easy
<hallyn> and then bzr push that
<shanezilla> ok
<mathiaz> hallyn: hm - is it a brand new package?
<Mgamerz> just install openssh-server
<shanezilla> then point me in a great direction
<Mgamerz> if you are connecting to it
<mathiaz> hallyn: which package are you working on?
<shanezilla> already done that
<Mgamerz> alright so you have an ssh client like putty or openssh-client on another
<Mgamerz> it goes
<shanezilla> have SSH running between two machines richt now
<Mgamerz> ssh username@ipaddress
<hallyn> mathiaz: it's qemu-kvm
<Mgamerz> and thats all there is to it
<dasunsrule32> Hi, I am having trouble with likewise-open5 and ubuntu server 10.04, I have installed the latest version from the likewise-open ppa and the default repo version with the same issues. I have problems with dcerpcd, eventlogd, lsassd, lwiod, and lwregd not starting on boot. Also, I have set the default_realm=mydomain.local and it is still requiring that I type domain\user to login via ssh. Any help with this would be appreciated. Thank you!
<Mgamerz> well... assuming its a lan
<hallyn> I'm updating from 0.12.3 to 0.12.4
<mathiaz> hallyn: ok
<mathiaz> hallyn: IIUC 0.12.4 is a new upstream release
<shanezilla> im trying to figure out how to transfer files between the two machine
<mathiaz> hallyn: with a new tarball?
<Mgamerz> ah.
<hallyn> yes
<Mgamerz> is one of the computers windows?
<mathiaz> hallyn: ok - thanks for outlining the background
<hallyn> oh so i need to just start a new bzr alrogether?
<shanezilla> yep
<Mgamerz> use winscp
<Mgamerz> it uses ssh
<shanezilla> winscp
<mathiaz> hallyn: so this is what I would do to get started:
<hallyn> mathiaz: sorry i assumed that was always the case...
<Mgamerz> and you can read both local and remote director
<Mgamerz> y
<mathiaz> hallyn: bzr init-repo qemu-kvm/
<Mgamerz> i use it all the time
<mathiaz> hallyn: cd qemu-kvm/
<mathiaz> hallyn: bzr co lp:ubuntu/qemu-kvm maverick/
<mathiaz> hallyn: bzr branch maverick update-to-0.12.4
<c13> hallo i want to use Openlanhouse (http://trac.openlanhouse.org/wiki) for an internet access room in Togo. The problem is that i can not register any machine on the server, but when i start the program there is always are windows with the clients to register, but it does not work! Does anyone have an idea???
<mathiaz> hallyn: so you end up with the current package in maverick in the maverick branch and you're working branch in update-to-0.12.4
<mathiaz> hallyn: and all the work will be done in update-to-0.12.4/
<Mgamerz> i cant find a page on wireless options for /etc/netowrk/interfaces
<Mgamerz> like wepkey no power management :/
<mathiaz> hallyn: now how to update to 0.12.4 you need to import the new upstream release tarball
<mathiaz> hallyn: let me look up some documentation
<shanezilla> im using Cygwin right now as my SSH server on my windows machine.
<hallyn> mathiaz: well the process of updating, ignoring bzr, I've got down I think
<hallyn> so if I can just rsync the source into my new branch that would rock
<shanezilla> I see that winscp is a Sftp/Ftp client
<shanezilla> Im looking to have this windows machine as my ssh server
<mathiaz> hallyn: well - importing an new upstream release tarball should actually be done with bzr itself
<mathiaz> hallyn: there is one command that does that
<mathiaz> hallyn: I'm searching for the command
<Mgamerz> oh.
<Mgamerz> it says scp stfp
<Mgamerz> but it still works over ssh
<Mgamerz> hmmm
<Mgamerz> i beleive
<Mgamerz> if you have an ssh daemon running
<shanezilla> yep but is it not just the client and not the server
<mathiaz> hallyn: ok - it's merge-upstream
<hallyn> <grumble>  I liked the uscan+debuild approach :)
<hallyn> thanks, i'll look up merge-upstream and give it a shot
<Mgamerz> i have done it from the desktop not the server but under places/connect to a server/
<mathiaz> hallyn: well in that case s/uscan/merge-upstream/
<Mgamerz> i could connect to an ssh server... bjt it was linux tablet
<Mgamerz> never tried to a linux box
<shanezilla> coolio
<mathiaz> hallyn: you need to upstream tarball (which is automatically covered by uscan)
<Mgamerz> although, if you aren't using X i don't know how to.
<Mgamerz> im still newish to linux :/
<mathiaz> hallyn: and you run something like: bzr merge-upstream --version 0.12.4 ../qemu-kvm-0.12.4.tar.gz
<hallyn> ok, thanks mathiaz
<Mgamerz> google winscp ubuntu alternative or the like
<mathiaz> hallyn: oh - you need to have the bzr-builddeb package installed
<mathiaz> hallyn: as this package provides all the commands used to build packages with bzr branches
<Mgamerz> brb
<Mgamerz> eh
<Mgamerz> my wireless keeps saying link is not ready
<Mgamerz> any ideas why?
<shanezilla> I found out how to do the file transfers with in a terminal enviroment.... thanks Mgamerz
<T3CHKOMMIE> hey guys, im in a bit of a pinch, i was wondering if i could get some help with an accidental install of server
<RoyK> an accidental install?
<T3CHKOMMIE> ya, ill explain
<T3CHKOMMIE> wanted to run apache as a back end on my desktop.
<T3CHKOMMIE> sude tasksel added LAMP
<T3CHKOMMIE> rebooted... desktop gone... only ubuntu server cli
<RoyK> oh
<RoyK> wierd
<T3CHKOMMIE> everything is still there.. and if i try going to tasksel again and installing "ubuntu desktop" says apptidude failed 100
<mushroomblue> apt-get install ubuntu-desktop
<T3CHKOMMIE> mushroomblue ive tried that a few dosen times.. it failes to get files
<T3CHKOMMIE> i dont know where its trying to get them from.. but its not getting them.
<RoyK> T3CHKOMMIE: is this a desktop or server install?
<mushroomblue> it's either trying to look in /var/cache/apt for existing packages, or trying to connect to the network for more packages.
<T3CHKOMMIE> its originally a desktop install.
<T3CHKOMMIE> but now its server boot screen and everything.
<T3CHKOMMIE> my home folder is still the same
<T3CHKOMMIE> nothing has been formatted. but i cant xstart or anything.
<RoyK> strange - the LAMP install shouldn't do that - next time, just install apache2, modphp etc - tasksel might have done something nasty
<T3CHKOMMIE> apt-get update failes to get stuff as well.
<RoyK> but for now, try to start gdm at hand
<T3CHKOMMIE> gdm?
<RoyK> gdm is the one starting X in the first place
<RoyK> just type gdm<cr> as root
<T3CHKOMMIE> ok so, sudo /etc/init.d/gdm start?
<RoyK> yeah, that should work too
<T3CHKOMMIE> ok, what should this gdm do>?
<RoyK> it should start X
<RoyK> login window and so on
<T3CHKOMMIE> ok so sudo xstart isnt the same then?
<RoyK> that won't start the login window
<RoyK> use gdm
<T3CHKOMMIE> ok
<T3CHKOMMIE> thanks a ton RoyK
<T3CHKOMMIE> im giong to give that a go and hopfully recover... i know my way around server cli... but i dont have the time to dink around with it now.. im at work.. cant do work :S blah.
<T3CHKOMMIE> gotta reboot thanks for the help. see yall in a bit.
<RoyK> T3CHKOMMIE: did it work?
<RoyK> it won't help to reboot - you have to re-enable gdm first
<T3CHKOMMIE> machines dualbooted im in windows right now ;)
<RoyK> ah
<RoyK> :)
<T3CHKOMMIE> brb
<T3CHKOMMIE> how do i re-anable gdm for giggles?
<RoyK> don't remember - they changed that on lucid
<T3CHKOMMIE> crap
<RoyK> or which version is this?
<T3CHKOMMIE> 10.04
<RoyK> k
<RoyK> http://ubuntuforums.org/showthread.php?t=1477439
<T3CHKOMMIE> thanks!
<T3CHKOMMIE> brb
<T3CHKOMMIE> im back
<T3CHKOMMIE> i changed that gdm.conf file...
<T3CHKOMMIE> rebooted.
<T3CHKOMMIE> as root did gdm<cr>
<T3CHKOMMIE> said it didnt exists...
<T3CHKOMMIE> did a ifconfig... etho doesnt exist... so thats my program.
<T3CHKOMMIE> problem*
<RoyK> pastebin ifconfig -a
<T3CHKOMMIE> whats that for RoyK
<T3CHKOMMIE> ?
<T3CHKOMMIE> not familiar with pastebin
<Mgamerz> you just paste something there
<Mgamerz> and give us the link
<Mgamerz> pastebin.com
<Mgamerz> its a code site of sorts
<T3CHKOMMIE> oh
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<T3CHKOMMIE> i dont think thats going to work :/ my ubuntu partition cant get on the net work period.
<RoyK> does ifconfig -a show any other interfaces?
<T3CHKOMMIE> ifconfig shoes my Lo
<T3CHKOMMIE> thats it.
<RoyK> ifconfig -a ?
<T3CHKOMMIE> didnt do that -a
<T3CHKOMMIE> :S
<Mgamerz> what about your /etc/network/interfaces
<T3CHKOMMIE> AH thats how i get to it. i couldnt remember how to do that one.
<T3CHKOMMIE> ok, im giong to give that one a shot. ill be back.
<RoyK> also, ubuntu links eth0 to a mac address
<RoyK> see /etc/udev/rules.d/70-persistent-net.rules
<Mgamerz> is there a page on wireless options in that file?
<RoyK> in what file?
<RoyK> the udev one?
<Mgamerz> no
<Mgamerz> network interfaces
<Mgamerz> im in server and gotta set up wireless
<RoyK> dunno - never used wireless on servers
<Mgamerz> also need to turn wireless-power off
<RoyK> that is, I have, but that was sime time ago
<Ng> Daviey: fyi, I've had the 4-way kvm spew test running for 9 hours and 48 minutes, which is at least an hour longer than the leaking run last night and there is no leaking going on :)
<Ng> now back to investigating why I'm getting ext4 corruption in a couple of the guests
<saycheeze> Hey guys, I guess I'll go ahead and ask. I just got fowarded to this channel from #ubuntu-devel, so maybe somebody here can point me in the right direction. The thread I posted yesterday should sum up what I'm wanting to know. http://ubuntuforums.org/showpost.php?p=9432432&postcount=1
<guntbert> !here | saycheeze
<ubottu> saycheeze: Please give at least an overview of your problem *here* (all in one line) - you will get a much greater audience. If you have to use more than 3 lines, please use http://paste.ubuntu.com
<saycheeze> Basically, I want to get involved in the development of Ubuntu. The thread explains my skills and weaknesses.
<guntbert> saycheeze: and they sent you *here*? this is a support channel -- did you see https://wiki.ubuntu.com/UbuntuDevelopment ?
<saycheeze> Yep, that's exactly what I was thinking.
<saycheeze> And yeah, I have. I'm just trying to figure out where to go from here (having all the tools and such)
<saycheeze> I might have missed something in documentation that would explain things properly, there's no telling. I'll check it out again, anyways.
<guntbert> saycheeze: try #ubuntu-devel, its a channel with 324 users
<Pici> 24
<saycheeze> Yeah, I got sent here by those guys
<Pici> er, oops.
<saycheeze> Go figure
<Pici> saycheeze: I think they may not have read your actual post. -devel is really the best place to start for this sort of thing.
<saycheeze> haha Yeah, that's exactly what I was thinking
<saycheeze> It makes sense to talk about development in the development channel haha
<saycheeze> Alright, guys. Thanks for the help, I'll see ya around!
<gswain> how do you build a software raid 10 manually and mount it to /var.
<_ruben> wasnt this the original -server development channel? i heard rumours it being more and more about -devel than -support :)
<_ruben> gswain: man mdadm .. there's quite some options to choose from
<gswain> i only found out about this in the server guide... so not according to the server guide
<_ruben> *confused*
<gswain> i tried it with the installer several times and though it looks good when it boots up it complains about a degraded array and says its inactive. which makes sense because there is no way that i 20 minute install builds, syncs a 4x500gb raid ten array and formats it
<_ruben> syncing doesnt have to be completed prior to formating/installing/rebooting/etc
<gswain> huh weird
<gswain> even still it seems formatting should take longer than the 2 minutes the installer gives it
<gswain> *shrug*
<mgamerz> alright
<mgamerz> so i am trying to install the proprietary nVidia driver for my chipset
<mgamerz> and it keeps saying that it failed
<mgamerz> I downloaded the 64bit linux GeForce 6 series (it says this is a GeForce 6100)
<mgamerz> and it keeps failing
<Pici> mgamerz: As Ubuntu Server doesn't use a gui, you'd probably be better off asking in #ubuntu
<mgamerz> i'm going to install a gui
<mgamerz> well
<mgamerz> i need the driver because i'm going to use this to record TV
<RoyK> mgamerz: then install ubuntu desktop and add the needed services
<ScottK> GUI stuff is off topic here.
<mgamerz> oh
<RoyK> ubuntu desktop and server are about the same thing
<RoyK> but people in here, don't use GUIs for their servers
<mgamerz> well i won't mainly
<mgamerz> i just want to have the driver
<mgamerz> beause i need to have hardware acceleration for some features im using
<RoyK> it's easily installable from the ubuntu desktop gui
<RoyK> but that's a desktop thing, not a server thing
<shanezilla> it should alreeady have the propriatory nividia driver from the install of the desktop install
<RoyK> if not, apt-get install ubuntu-restricted-extras
<gswain> going through the install again and it lets me create mirrors just fine and i have 4 partitions left all the same size i can see them all and they are unassigned to any raid devices
<shanezilla> yes
<gswain> when i go into create raid 10
<gswain> it only shows me 3 of them
<RoyK> are they visible in /proc/partitions?
<gswain> any chance the raid 10 in the server install cd is a little buggy
<gswain> lemme check
<gswain> no sdc doesnt appear to be partitioned
<gswain> however
<gswain> in the ui installer it shows it
<gswain> as being partitioned in 2, a 10 gig and a 490.1 gig
<RyanP> gswain: Is that software RAID?
<gswain> RyanP: yea
<gswain> i know these drives are good because the raid 10 setup works fine for centos10
<gswain> same schema
<gswain> also i dont get why sdc isnt partitioned as it shows in the ui as part of md1 which is a mirror for swap
<gswain> is there something like mdadm --detail --scan that actually shows which partitions each array is using
<uvirtbot> New bug: #591875 in mysql-dfsg-5.1 (main) "mysql_install_db run without --user in postinst" [Undecided,New] https://launchpad.net/bugs/591875
<RoyK> gswain: cat /proc/mdstat ?
<zul> mathiaz: http://www.debian.org/volatile/
<mathiaz> zul: oh cool
<mathiaz> zul: thanks for the update
<mathiaz> zul: feel free to jump into the conversation next time
<zul> mathiaz: sorry for eavesdropping
<mathiaz> zul: well - you're not eavesdropping
<MTecknology> I am
<MTecknology> oops
<mathiaz> zul: if we have the conversation in the channel it's meant to be public :)
<mathiaz> zul: like IRC anyone can jump into
<zul> heh
<zul> im still getting use to it
<MTecknology> zul: you basically maintain php for debian/ubuntu - right?
<zul> mathiaz: i have basically two earphones on right now
<zul> MTecknology: basically yes
<MTecknology> zul: That's amazing. I tried tweaking it some and about shot myself. That is really a beast of a package.
<zul> MTecknology: yes it is...its caused me to miss many AA meetings
<MTecknology> lol
<MTecknology> zul: at least you're not a quitter
<MTecknology> zul: Managing that best is amazing. Good work on it. If I had a clue I would have of3fered to try to help.
<zul> MTecknology: thanks
<gswain> is there anyway to create partitions using MB/GB in fdisk.. ive no idea how many sectors or block i want a given partition to be
<MTecknology> gswain: +3G
<MTecknology> gswain: start cylindad = default; end cylindar = +20G   -  gives you a 20GB partition
<gswain> oh sweet thanks
<bventura> hello channel, I have a noobish question.. .when I run aptitude update, sometimes I get a positive or negative value in brackets at the end like this "Current status: 8 updates [+6]"  ... what exactly does that value in the [ ] mean?
<guntbert> bventura: the change in the count during the last action
<bventura> aha
<bventura> thanks, i see
<guntbert> bventura: it took me some time to see the connection
<bventura> yeah I've been wondering this.. it's a hard thing to articulate to google hehee
<guntbert> bventura: :)
<T3CHKOMMIE> RoyK, you still there?
<RoyK> yep
<T3CHKOMMIE> ok i check out /etc/network/interfaces eth0 didnt exhist... so i created it and set it to dhcp.
<T3CHKOMMIE> i got an ip and was able to tasksel and install ubuntu desktop.
<T3CHKOMMIE> unfortunatly, i cant get the desktop to load, even if i reboot
<T3CHKOMMIE> any ideas?
<T3CHKOMMIE> gdm<cr> doesnt get anything going either
<T3CHKOMMIE> :(
<RoyK> type gdm and press enter
<T3CHKOMMIE> yup i did that too
<T3CHKOMMIE> gave me some sort of display warning... flickered then back to cli
<T3CHKOMMIE> i dont think there is much hope for me on this one
<RoyK> T3CHKOMMIE: if you can reinstall and then add apache with 'apt-get install apache2' and so on instead of using tasksel, it'll probably clean up things
<RoyK> I really don't have too much experience with using desktops as servers or the other way around
<T3CHKOMMIE> reinstall like, boot from a cd install partition.. format?
<RoyK> if you're not really into linux, debugging this will take longer than a reinstall
<T3CHKOMMIE> ive been doing this for a while... i just didnt want to have to reconfigure everythign...
<RoyK> check the X logs
<T3CHKOMMIE> but thats ok. ill just burn myself another cd and get on with it. thanks for the help tho! i  appriciate it.
<RoyK> it's probably failing on something
<T3CHKOMMIE> ok ill give that a shot.
<T3CHKOMMIE> thanks again guys! i really appricate the help!
<gswain> im seeing reports of xfs running a little buggy on lucid? is anyone running it in production successfully here?
<gswain> or have anything to add
<tyska> hi guys, someone know how to solve the problem of connection refused for ssh in instances of UEC?
<gswain> openssh installed?
<gswain> port 22 open?
<hggdh> tyska: might be a good idea to euca-get-console-output for the instance
<gswain> is ext4 generally considered safe now since its the default fs in ubuntu server?
<hggdh> gswain: yes
<hggdh> but, of course, it is your decision on which FSs to run
<gswain> i was wondering if xfs might be a better option for storing vms on since it seems to excel at large files but im not sure how stable it is
<tyska> hggdh: i have changed the public IP of my CC, im thinking could be this the cause of my error, before the change of the IP address everything was fine
<hggdh> tyska: it might be related, yes (routing?)
<tyska> hggdh: yeah, but i have a private interface on my CC that i use to communicate with nodes, and the public interface (CLC) to have Internet Access
<tyska> all CLC and CC in the same server
<hggdh> tyska: can you access the instance from the CLC?
<hggdh> using either of the IPs?
<tyska> no, im trying to access from the CLC/CC server
<tyska> i can ping but i cant connect with ssh
<hggdh> tyska: (1) euca-get-console-output; (2) ssh -vv to it, and check the output; sudo traceroute -T -p 22
<tyska> hggdh: i deregistered the node, reboot the servers, and know the error changed
<tyska> hggdh: now its Permission denied (publickey).
<Brian_H> I'd like to use kickstart to pre-seed installations, however I need to be able to have an encrypted / partition.  I've tried the options listed on the fedora page for kickstart, but they are not working
<Brian_H> anyone know how to encrypt / via the kickstart file?
<gswain> Brian_H have you checked the kickstart known limitations in the server guide?
<gswain> i think i recall that feature not being implemented as of yet
<Brian_H> gswain, looking now
<gswain> id love to use kickstart to preseed but it has some pretty bunk limitations thus far
<Brian_H> its much easier and cleaner, at least from what I can see, than using preseed :/
<84XAAGJVC> has anybody install Livezilla as server in ubuntu?
<rgotten> has anybody install Livezilla as server in ubuntu?
<rottenrecords> is it reasonable to expect a P4 with 512MB of RAM to be able to run Ubuntu Server 10.04 smoothly?
<incorrect> rottenrecords, depends what you do with the server
<rottenrecords> incorrect: well, I just want to use it as a development web server (so MySQL + Apache + SVN)
<a3ist> rottenrecords, it depends entirely upon what services you're trying to run on it
<rottenrecords> we have it up and running, but it's been really, _really_ slow
<a3ist> doing what?
<incorrect> i am sure it will be just fine
<incorrect> being idle
<a3ist> some tasks are cpu heavy (database queries), some are ram heavy, hd heavy, etc
<rottenrecords> i'm just talking about logging into it over ssh
<a3ist> from elsewhere on the lan or remotely
<rottenrecords> after i type in my username, it takes about 5 seconds for it to prompt for password
<incorrect> maybe you have balls DNS
<incorrect> that is nothing to do with cpu or memory
<rottenrecords> on the lan, from a computer 2 feet away
<a3ist> yeah
<a3ist> also, blacklist IPv6 if you don't use it
<incorrect> that is because ssh is looking up your host entry i bet
<incorrect> there is something you can do to turn that off
<incorrect> but you will find it only irritating once
<a3ist> a lot of those kind of ssh login authentication delays have to do with timeouts related to IPv6 lookups
<rottenrecords> i see
<rottenrecords> i will look into that
<rottenrecords> the other thing is, the temp installed Gnome of the server
<incorrect> however its not anything to do with how well a p4 can run you php code
<a3ist> also, depending on what you're trying to do remotely, you can run ssh with compression using the -C parameter
<a3ist> makes it easier when trying to do a graphical session remotely with something like vnc or x11 forwarding
<rottenrecords> now that i think about it, maybe dns/host lookup is the issue
<rottenrecords> because the php code is only taking 24-120ms to run
<rottenrecords> and most of that is due to the mysql queries
<incorrect> if you can't configure a working dns server just hack your hosts file
<rottenrecords> that's what i'll probably do
<rottenrecords> but should Gnome run very slowly on a server with these specs?
<rottenrecords> because it takes about 2 seconds just to open up a terminal window
<incorrect> depends if its out of ram
<rottenrecords> i have all visual effects disabled btw
 * incorrect shrugs
<incorrect> i've not run a P4 for years
<incorrect> but i don't suppose its unusable
<a3ist> rottenrecords, doing gnome remotely isn't the best choice, but it can be done with certain servers if you do things like setting up server-side caching and limit colors from the client side
<rottenrecords> a3ist: i'm not doing it remotely
<a3ist> rottenrecords, in that context I meant "remotely" as any connection that's not a monitor/keyboard physically plugged into it
<rottenrecords> i only use Gnome when I'm on the workstation hooked up to the kvm the server is connected to
<a3ist> oh
<a3ist> well, try a lightweight DE like xfce (low reqs) or lxde (even lower)
<a3ist> both are full desktop environments
<rottenrecords> thanks, i'll check those out
<a3ist> going to even lower requirements, check out tiling window managers like awesome (I use it, and it is indeed awesome), dwii, xmonad, icewm, etc
<a3ist> this link isn't *technically* for ubuntu but a lot of the items are in the repos:  http://wiki.archlinux.org/index.php/Comparison_of_Tiling_Window_Managers
<a3ist> these don't usually come with things like file managers or panels and stuff (some do) but can still run them
<a3ist> so you can pick and choose which components you want, to keep things lightweight
<a3ist> and since they're still running on x, you can still use graphical apps like gtk apps
<rottenrecords> hrmm
<a3ist> for context, I think the "awesome" window manager is about 4 megabytes altogether with a memory footprint of like 300kb
<a3ist> they're that lightweight
<rottenrecords> yea, i think that'd be a huge improvement over gnome
<rottenrecords> which doesn't really work right on this server anyway
<rottenrecords> like the user/groups admin GUI wont even open
<rottenrecords> and before it was locking us out whenever the system resumed from hibernate or whatever
<a3ist> well, you can turn that off in the screensaver panel in gnome
<a3ist> but I think ditching gnome on a computer with those specs would be your biggest priority :)
<rottenrecords> heh
<rottenrecords> well, thanks for your guys' help. i'm gonna get started on removing gnome off of here.
<a3ist> if you want to stick with a "normal" desktop environment instead of a tiling WM, like I use, lxde has the lowest overhead of any of the "full" DE's
<a3ist> up to you of course
<a3ist> good luck
<rottenrecords> thanks
<rottenrecords> peace
#ubuntu-server 2010-06-10
<tyska> hello someone, im having the following error when trying to connect into a instance through ssh: Permisson Denied (public key). What must i do?
<a3ist> did you already transfer your key to the server with ssh-copy-id
<a3ist> or even set up a key in the first place
<jamesch> hi, anyone around to answer my question about my FTP server/client config.
<gilson> need help with openldap..
<jo-erlend> jamesch, this channel is _NOT DEAD_. But some times, you need to wait a little for people to notice your question.
<jo-erlend> do you know the difference between ftp, sftp and ftps and is there a reason why you need ftp, or could you use sftp instead?
<jamesch> jo-erlend: I have a basic idea of the difference between ftp and sftp, not ftps. I'm using ftp because it's easy to setup? And I don't feel that I actually need sftp.
<jo-erlend> it's much easier to setup sftp, and it's much safer. All you need, is to install openssh-server. It will give you shell access as well.
<jamesch> jo-erlend: ok, but will it solve the problem I have at the moment with permissions?
<jo-erlend> ... pardon?
<jamesch> jo-erlend: well, that's what my actual question was. I don't know how to set what the permissions on files that are uploaded will be. So at the moment they're being uploaded with the wrong permissions. I don't know where to change that.
<jo-erlend> you log in with your normal user, and the permissions will be the same as if you saved them locally.
<jo-erlend> that is, if you use sftp.
<jamesch> jo-erlend: and with ftp?
<jo-erlend> I don't know. I haven't used ftp in ten years.
<jamesch> oh
<jo-erlend> telnet and ftp should have been buried a while ago.
<rgotten> who can help me with the error on http://pastebin.com/iwEqYvv4 i do use XINETD
<jo-erlend> that's why I asked that question before; unless you _have to_, you shouldn't use ftp, but sftp. Try it. Having SSH access to your system is useful in any case.
<jamesch> jo-erlend: I have ssh, just trying to find out how to setup the sftp server
<jo-erlend> jamesch, if you have an openssh server, you already do have sftp.
<jamesch> ok, where do I do the config?
<jo-erlend> jamesch, what do you want to configure?
<jamesch> jo-erlend: the sftp server?
<jo-erlend> jamesch, man sshd_config
<jamesch> thanks
<jo-erlend> there normally isn't much to configure though.
<jamesch> nope, I noticed that. Thanks, it seems to be working.
<pyther> Hello
<pyther> Am I going to get a gui interface with ubuntu server?
<a3ist> not by default
<a3ist> its not that hard to add one though
<jo-erlend> pyther, anything you can do with Ubuntu Server, you can do with Ubuntu Desktop, and vice versa.
<pyther> ok, so then what do I need to do to add gnome?
<pyther> apt-get update && apt-get install gnome ?
<a3ist> gnome-desktop
<jo-erlend> depends on what you want. ubuntu-desktop gives you the normal desktop environment.
<a3ist> oh that's it
<a3ist> ubuntu-desktop not gnome-desktop
<pyther> what are my other options?
<a3ist> unless you really need it, you might want to try one with a lower footprint
<a3ist> got a TON of options out there
<jo-erlend> pyther, you can use a plain ubuntu desktop install and just add the services you want. I do that for almost all of my servers.
<a3ist> for a "normal" desktop environment, check out XFCE and LXDE.
<pyther> ahh ok, nah gnome should be good
<jo-erlend> depends, depends, depends. What is it you're trying to do?
<a3ist> pyther, gnome is pretty resource heavy
<pyther> I am already installing ubuntu-server so I'll add ubuntu-desktop
<a3ist> I'd really recommend lxde or xfce for a server
<jo-erlend> if it's a home server or a small network server, then using a desktop install and add services is much faster than vice versa.
<pyther> yah I know, but I need to make this as easy as possible for my boss
<a3ist> oh
<pyther> I was using centos, but it was just too old to support the new hardware I have
<a3ist> well, what I do is I have ubuntu-desktop on my server but its only for hosting sessions occasionally for family members, and the sessions are created on demand by vnc4server.  For my own sessions I either go straight CLI or use the "awesome" tiling window manager
<pyther> Yah I use cli on my archlinux home server
<pyther> put for this server at work we are putting freeghost on it
<a3ist> I'm on arch right now, but I made the server ubuntu-server so I wouldn't have to do as much configuring to get it up and workin
<pyther> Hehe
<a3ist> and its brand new hardware so I'm not worried about the extra footprint
<a3ist> already unlocked an extra core on the amd cpu, and gonna tweak it more to try and get the fourth unlocked
<a3ist> 4x 3.1ghz cores....mmmmm.....
<pyther> I got 4GB ram, AMD Tri-Core 630, and a 1.5TB raid
 * jo-erlend wins. :)
<a3ist> I have the 550 x2, with a third core unlocked; gonna try raising the voltage a tiny bit to try and get the fourth core stable
<pyther> Can someone point me to a guide on how to configure what services startup
<pyther> or tell me what command ubuntu/debian uses?
<pyther> Grr stupid thing failing to boot
<pyther> Never mind it booted, just took a long time and sat at a '_' for 30 seconds or more
<a3ist> I've been digging through xmodmap wiki articles and man pages for a while now...anyone know how I can block mouse move (MotionNotify) events unless a certain key is held?  IE, prevent the mouse from moving the pointer/cursor unless a specific button is being held down
<jo-erlend> a3ist, sounds like a desktop to me. :)
<a3ist> jo-erlend, its actually ubuntu-server running xbmc with a wiimote for controlling it :)
<a3ist> just don't want the motion sensors to keep movin the cursor and possibly break out of full screen modes when trying to set it down
<rgotten> anybody know what is the MasqueradeAddress
<pyther> ubuntu-desktop install everything literally
<gbear14275> anyone gotten pci passthrough to work with kvm on ubuntu 10.04?
<monokrome> hey
<monokrome> Does anyone here know how to fix my server's TTY text rendering off the screen on my monitor?
<monokrome> It's a 9:15 ratio resolution monitor, so I think that's related.
<monokrome> Oh well, I'll just set up SSH and wont need to worry about it
<hggdh> ccheney: I am running a 2,000 instances on 30.2 right now
<gondim> j #ubuntu-server-br
<gondim> ops
<gondim> sorry
<hggdh> gondim: no prob, and I will go there also ;-)
<gondim> hggdh: rsrsr ok. :)
<hggdh> er. gondim, there is no such channel :-(
<gondim> hggdh: are you brazilian?  :D
<hggdh> gondim: born there, yes
<gondim> hggdh: cool :D
<gondim> hggdh: I'm thinking about migrating my servers CentOS to Ubuntu 10.04 LTS.
<hggdh> gondim: if that helps any, I upgraded two of mine to 10.04 already, no problems
<gondim> hggdh: thanks :)
<Yosi> hi all, question
<Yosi> my box can run 10.04 for days no prob, reboot as many times as i want no prob... but when i shutdown, and start it up again i get a psck that runs, screen locks and nothing happens..  if i do a reboot, everything comes up fine...  I'm new to linux and 10.04... any idea of whats up
<twb> Yosi: ITYM "fsck".
<Yosi> sorry new to the ling... but what does itym mean
<twb> I Think You Mean
<Yosi> lingo
<Yosi> oh
<Yosi> yes!  LOL
<Yosi> yes, thanks...   :)
<twb> A fsck is performed after an unclean shutdown, and for ext[234] filesystems, after every thirty mounts or so.
<Yosi> I checked the raid many times and everything is fine with it.. always says Optimal condition
<twb> The system should not freeze, but for a large (say, 1TB) filesystem, the fsck might take an hour or two.
<Yosi> oh... see I'm running all SSD drives in my raid array, with no activity indicators on them (don't ask)..so for all i know they could be running, not freezing..  just seems to not do anything for a while, appears to be locked up....   the array is 450GB, and is ext4
<twb> Do a normal boot and then leave it for an hour.
<twb> If it's still screwy, you will need to investigate.
<Yosi> why is it running all the time....  or do u think it may be just the once, and i keep on interupting it..so it does it next time   and next time?
<twb> It's running all the time because you keep interrupting it.
<twb> That, or you aren't doing a clean shutdown.
<Yosi> ahhh... one sec, let me do a shutdown and normal boot now and see if it clears up the issue...
<Yosi> I issue Shutdown -H Now
<twb> Good.  That is the Right Thing.
<Yosi> fresh install of 10.04, LSI Raid array, LAMP installed
<Yosi> just shutsdown so fast, cause of the ssd raid...
<Yosi> let me try it now...see what happens, one sec..
<Yosi> btw - b4 I shut it down is there a fsck log that i can see if its actually trying to do anything that i keep on interupting
<twb> Yosi: yes, it should just be /var/log/fsck IIRC
<Yosi> i just checked, but in that fsck folder there is only two files checkfs and checkroot and when i try to read them they both say "Nothing has been logged yet"
<Yosi> so i will do a normal boot now and see what happens
<twb> Well, it can't write to the filesystem until the root filesystem has been fscked
<Yosi> got dsiconnected
<Yosi> twb: also on thwe next line it says "init: unreadahead other process (722) terminated with status 4"
<Yosi> and now it seems frozen, but for all i know it could be reading the SSD array?
<Yosi> just cursor blinking
<twb> ureadahead is just there to make things faster; you shouldn't need to care if it fails.
<twb> Yosi: what was the last message printed?
<Yosi> ahh, thanks...makes sense..
<Yosi> that was the last msg printed
<twb> Hmph.
<Yosi> nothing after that just a blinking cursor on the next line
<twb> Did it start a fsck before that?
<Yosi> first line says fsck from until-linux-ng 2.7....
<Yosi> then next line was the /dev/sdb1: clean
<Yosi> thats my main array
<twb> That means the fsck of sdb1 finished.
<qman__> so I got a new CF card and adapter for an old laptop, and hooked it up, but it won't let me create a partition table
<Yosi> what ever that mean?  i assume its good news, maybe
<qman__> I can write data to the disk with cat > /dev/sda, but fdisk will not write a partition table
<qman__> always shows
<twb> qman__: why are you using fdisk?
<qman__> invalid flag 0x0000 of partition table
<qman__> because the installer failed, as did a windows installer
<qman__> and fdisk is what I know how to use
<twb> You should be using cfdisk, gparted or GNU fdisk.
<qman__> I use whatever 'fdisk' is on ubuntu
<twb> But try writing zeroes to the first block.
<a_m_y> wanted to use mod_evasive in ubuntu for apache2. tnx
<twb> qman__: Ubuntu uses util-linux's unmaintained fdisk by default.
<qman__> ok
<Yosi> twb:  I'lll let it go for a while and come back to it...   I wish the stupid SSD's had a light so i would know if there was any activity...  one day i will have to wire up a LED to the raid controller to know whats going on...
<Yosi> twb: does fsck display anything on the screen when its running
<twb> Yosi: that depends how it is run.
<Yosi> faair ebnough
<twb> Yosi: I suspect your fsck run is finishing correctly, and something else is failing to start, or is hanging before it prints anything.
<qman__> cfdisk has the same problem
<twb> Yosi: you probably want to drop to a busybox shell and debug the boot process, but I can't be bothered talking you through that.
<qman__> when I open it up again, I get "Unknown partition table type"
<twb> qman__: did you zero the first block?
<qman__> yes
<qman__> well, provided cat /dev/zero > /dev/sda does that
<twb> It should
<twb> I would normally do dd if=/dev/zero of=/dev/sda bs=512 count=1
<Yosi> twb:  maybe i'll just let it run for a while..
<Yosi> maybe its doing something
<qman__> worth a try
<twb> qman__: if nothing else works, bounce the box after zeroing
<twb> qman__: but "parted /dev/sda mklabel msdos" should also DTRT
<qman__> it did the same thing with cfdisk, and for some reason parted is missing in my environment
<twb> qman__: it's not installed by default.  Install it.
<qman__> one moment, need to find another network cable
<ccheney> hggdh: ok
 * ccheney was gone most of the day to the hospital
<qman__> it's doing the same thing
<qman__> unrecognized disk label, fdisk still shows invalid partition table
<twb> 14:00 <twb> qman__: but "parted /dev/sda mklabel msdos" should also DTRT
<qman__> it does, but for some reason it doesn't get written to the disk correctly or at all
<twb> What size is this drive?
<qman__> 3.8GB
<twb> Is it connected using a CF-to-SATA bridge?
<qman__> 3753MB to be more exact
<qman__> no, CF to IDE
<qman__> 2.5:
<qman__> 2.5"
<qman__> I would suspect the hardware but I can actually write data to it and retrieve it, using cat
<twb> Try another bridge
<qman__> so I'm guessing it's some kind of compatibility problem
<qman__> I only have the one
<twb> Also, tell me the output of: parted -s /dev/sda <<<$'print\nmklabel msdos\nprint'
<pogidude> how do i stop an upstart-job from running during boot?
<twb> Go buy another one; it's the cheapest part to swap out.
<twb> pogidude: do you want to disable it forever, or just from starting at boot?
<pogidude> @twb just from starting at boot
<pogidude> ex. smbd
<twb> Edit the .conf someone
<twb> Edit the .conf someHOW
<pogidude> where is that?
<twb> pogidude: /etc/init/smb.conf
<qman__> syntax error, redirection unexpected
<twb> qman__: are you using bash?
<qman__> oh, nope, hang on
<twb> Silly zsh users...
<pogidude> hmmm..
<pogidude> description "SMB/CIFS File Server"
<pogidude> author      "Steve Langasek <steve.langasek@ubuntu.com>"
<pogidude> start on local-filesystems
<pogidude> stop on runlevel [!2345]
<pogidude> respawn
<pogidude> pre-start script
<pogidude>         RUN_MODE="daemons"
<pogidude>         [ -r /etc/default/samba ] && . /etc/default/samba
<pogidude>         [ "$RUN_MODE" = inetd ] && { stop; exit 0; }
<pogidude>         install -o root -g root -m 755 -d /var/run/samba
<pogidude> end script
<twb> pogidude: stop
<pogidude> exec smbd -F
<pogidude> stop on runlevel?
<twb> No, stop with the noise.
<qman__> useless recovery environment, /bin/bash not found
<twb> !pastebin > pogidude
<ubottu> pogidude, please see my private message
<pogidude> oh sorry
<twb> qman__: OK, one moment
<qman__> I'll have to burn a desktop CD
<twb> qman__: printf 'print\nmklabel msdos\nprint\n' | parted -s /dev/sda
<qman__> lack of functional backspace is a pain
<qman__> ok
<twb> qman__: that's sh portable
<qman__> returned nothing
<twb> Hmph
<twb> Try removing the -s
<qman__> both before and after mklabel msdos, unrecognized disk label
<twb> That's royally fucked.
<twb> Does /proc/partitions look sane?
<twb> Does dmesg say anything suspicious?
<twb> I'm running out of ideas here.
<qman__> yeah, looks fine
<qman__> 8    0    3665592  sda
<pogidude> twb: http://paste.ubuntu.com/447571/
<qman__> I do have another CF card I can try, but not another adapter
<qman__> I guess I'll do that just to narrow it down
<twb> pogidude: try commenting out the "start on" line
<pogidude> ok
<pogidude> so all upstart jobs are in /etc/init ?
<twb> Yes.
<twb> Except older systems which used /etc/event.d/ instead
<pogidude> how old?
<qman__> hardy
<qman__> maybe intrepid
<pogidude> ok thanks..
<twb> You either have /etc/init or /etc/event.d/
<LowValueTarget> question.... im making a deb package that requires another package but its in a repo I am trying to add in the preinst script.
<LowValueTarget> Can i even do that
<gondim> twb: sysv-rc-conf not work in 10.04?
<qman__> the other card's doing the same thing, so it's either the laptop or the adapter
<qman__> I'm going to try and create a partition table on the card from a card reader
<twb> gondim: is that the wanky curses GUI?
<twb> I don't know anything about it.  On Debian I normally use "update-rc.d foo disable", but I doubt that will work with upstart.
<gondim> twb: yes rsrsrsrs
<twb> I haven't had to care about upstart yet because I'm still using 8.04.
<gondim> twb: ah ok :)
<twb> I used to like rcconf, but it's totally broken now.
<CppIsWeird> im trying to boot a box to install ubuntu-server via PXE network booting.
<CppIsWeird> the tftp server is going to be on a windows box
<CppIsWeird> the only guide ive found is how to do everything with two ubuntu boxes
<CppIsWeird> do i just put the ubuntu-server iso in the tftp directory and it will find it?
<gondim> twb: ummm I'll look better upstart confs
<twb> CppIsWeird: PXE does not use an ISO at all
<qman__> ok, I plugged it into another system via USB, and now I have a totally different disk size
<twb> The best reference for PXE installation is the Debian Install Guide, because Ubuntu uses debian-installer for all its install media except the "desktop" CD (which still uses d-i, but wraps it in ubiquity).
<qman__> same CF adapter though
<twb> qman__: is it a reputable CF card?
<qman__> CF -> IDE 2.5" -> IDE 3.5" -> USB
<qman__> kingston, 133x
<uvirtbot> New bug: #592018 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: el subproceso script pre-removal nuevo devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/592018
<qman__> the other one I have is a patriot
<Yosi> twb:  nothing happened after 30 mins or so, i googled the hang on fck, and apparently it a knowen bug in 10.04, a workaround is hitting a Arrow key, so i did that and now a screen comes up saying "Ubuntu 10.04" and 4 flashing/cycling dots below it, any idea?
<qman__> http://paste.ubuntu.com/447579/
<qman__> odd cylinders and heads
<qman__> but I don't know what it should be
<LowValueTarget> How can i call apt-get from within a deb package installer script
<LowValueTarget> for instance postinst or prerm
<panfist> my first how-to, comments appreciated: http://frontiertechnologist.blogspot.com/2010/06/ubuntu-getting-packages-through-air-gap.html
<twb> Yosi: nope
<twb> qman__: C/H/S has been gibberish for years
<twb> LowValueTarget: why do you want to do that?
<qman__> well, over USB it works fine
<qman__> so it must be something with the laptop
<qman__> thanks for the help
<LowValueTarget> twb: first off I would like to add a source as a dependency
<LowValueTarget> is that possible
<Yosi> twb: how long would u guess a fsck of a 500gb drive would take?
<twb> Yosi: maybe half an hour?
<Yosi> fair enough
<Yosi> dioes fsck write anything to the disk or mostly reads?
<panfist> man fsck
<Yosi> good point, thanks, brb
<twb> A typical fsck run will attempt to repair simple problems, which will generally not add files, but may move files into lost+found
<LowValueTarget> twb: basically i want to add a package as a dependency, but auto-install the source that its on.
<twb> What do you mean "auto-install the source"?
<LowValueTarget> twb: so basically my package will depend on packagex for instance. But package x is only avail on repox. I want to add repox to sources.list.d/ and run an update so the user doesnt have to manually add it
<twb> LowValueTarget: that's just wrong.
<LowValueTarget> i FAIL?
<ScottK> LowValueTarget: If the respository is signed, you'll also have to add the repository key to their keyring and if it's not, it's a security risk.
<twb> You shouldn't be calling apt from a pre/post-inst/rm script.
<ScottK> In addition to being just wrong.
<LowValueTarget> twb: that makes sense
<LowValueTarget> i have the key logic already with apt-eky
<LowValueTarget> *apt-key
<LowValueTarget> twb: how should I go about it?
<twb> I have been thinking about a similar thing, and the Best Practice solutions I can think of are: 1) provide a README.Debian that tells the user what additional commands to run; or 2) provide a puppet/chef manifest instead of a deb.
<twb> Where my use case is wanting to define an SOE that can be upgraded in-the-field, which also allows me to apply Ubuntu security updates in-the-field and is generally as unintrusive and well-integrated as possible.
<qman__> gah
<qman__> there's a BIOS update that addresses disk geometry issues
<qman__> but said BIOS update is an EXE that creates a floppy
<qman__> and said EXE is a 16-bit windows program
<qman__> wish I could afford to just throw this thing away and buy a netbook
<twb> On my asus systems, there's a BIOS option to boot the BIOS update ROM that's on the board
<twb> It just looks for a file FOO.ROM in a FAT16 USB key, and installs it.
<twb> MUCH easier than the old way where you'd need a temporary windows install
<qman__> I don't even know if the USB floppy will work on it
<qman__> it has a proprietary floppy connector, and I don't have one of those drives
<Mgamerz> how do i remove the boot splash?
<Mgamerz> I installed uh... xfce or whatever
<Mgamerz> and now the splash F's up my loader
<twb> Mgamerz: you don't get a splash if you do a server install.
<Mgamerz> I installed uh... xfce or whatever
<twb> Mgamerz: don't do that, then.
<Mgamerz> ...
<Mgamerz> wow thanks
<qman__> ugh
<qman__> the upgrade to lucid on my file server put a boot logo over top of the system messages
<qman__> so now I just have to wait 3 hours to see if it's fscking or what
<Jordan_U> Mgamerz: sudo apt-get remove xubuntu-plymouth-theme
<qman__> not having a good day :(
<Mgamerz> i just uninstalled the gui
<Mgamerz> qman
<Mgamerz> thats what mine is doing i think
<qman__> just says "Ubuntu 10.04" in the center of the screen with four blinking dots
<qman__> hiding any useful information
<Mgamerz> exactly what mine did
<Mgamerz> purple and orange?
<qman__> no
<qman__> "Ubuntu 10.04" is console font
<qman__> the dots are white and orange
<Mgamerz> yea... so is mine
<Mgamerz> yea on a purpleish background?
<qman__> no, black
<Mgamerz> hmm
<Mgamerz> mine is the same as that but purply
<Mgamerz> i just did esc, and if that didnt work i did alt f2
<Mgamerz> (or is it ctrl alt f2)
<Mgamerz> not on server atm so cant remember
<crazed__> <3 Ubuntu
<Yosi> twb: are u online?
<Yosi> I let fsck run for 2 hours and no luck....  just stays frozon on the boot screen...
<Yosi> anyone else have the problem... that after a full shutdown, next time u boot up.. fsck run and freezes
<twb> Yosi: sorry, I don't care about your problem.  Find someone else.
<twb> Yosi: probably getting someone physically in front of the box, they'll be able to solve it much faster.
<Yosi> k, fair enopugh
<Mgamerz> oh man... the situational irony of all the hype for longhorn
<NowhereBoy> hi all
<NowhereBoy> i need some advice.
<NowhereBoy> is ne1 around?
<Mgamerz> yep
<Mgamerz> but im not that experienced so...
<NowhereBoy> hi Mgamerz
<Mgamerz> hi
<Mgamerz> i can only help with very basic stuff still
<NowhereBoy> i am a newbie.. and I want to know how can I setup a small dev server on VMWare running on Windows Host?
<NowhereBoy> ohh.. ok!
<Mgamerz> i cant help ya there
<NowhereBoy> ok thnx neway :)
<Mgamerz> all my machines are over 5 years old
<NowhereBoy> :O
<Mgamerz> vmware was vaporware back then (figuratively)
<NowhereBoy> okey!
<a_m_y> coulnd't din the xen-tools in repo. tnx
<NowhereBoy> ?
<Mgamerz> no idea
<Mgamerz> perhaps drunk :o
<a_m_y> coulnd't install ubuntu-xen-server cause it depends on xen-tools
<NowhereBoy> ohh!!
<Mgamerz> perhaps not drunk
<NowhereBoy> lol
<a_m_y> coulnd't find the xen-tools in repo, even uncomment all in the sources.list
<Mgamerz> lets see if mediatomb works...
<Mgamerz> go canola
<NowhereBoy> i am really new too all this..
<Mgamerz> wtf
<NowhereBoy> so have very lil idea..
<Mgamerz> canola killed itself
<a_m_y> appreciate for the help. tnx in advance
<NowhereBoy> :)
<Mgamerz> linux you never really understand
<Mgamerz> you just learn it
<NowhereBoy> it's fun thou!
<Mgamerz> not if you are running maemo diablo
<Mgamerz> bugssss!
<NowhereBoy> i found a post.. to setup a dev server with Ubuntu-Server as guest and Windows as host.. on virtual box!
<Mgamerz> whats the date?
<NowhereBoy> of the post?
<Mgamerz> yes
<NowhereBoy> wait.. lemme look it up
<Mgamerz> ubuntu has changed a lot since most posts
<Mgamerz> 2008 is about the current threshhold for most items
<NowhereBoy> Oct 27, 09
<Mgamerz> you going to use lucid?
<Mgamerz> i installed ubuntu into a win 7 box vmware
<NowhereBoy> ohh nice
<NowhereBoy> yeah will be using Lucid
<NowhereBoy> i installed Mac on VMWare
<Mgamerz> all i did was mount the iso as the cd drive from vmware setup
<Mgamerz> and did the install
<NowhereBoy> cool
<Mgamerz> then it runs like normal
<NowhereBoy> did u install the server ed?
<NowhereBoy> or the desktop one!
<Mgamerz> albeit much more latency
<Mgamerz> no i had desktop then
<NowhereBoy> ok
<Mgamerz> but im running a server of lucid now
<NowhereBoy> what' r u working on these days!?
<Mgamerz> my 5 year old pos XP
<NowhereBoy> ok great.. maybe u can help if I'm stuck smwhr!
<NowhereBoy> i just want a web/app server on my virtual server box..
<NowhereBoy> will work on coldfusion and java
<NowhereBoy> also maybe.. i'm thinking.. will install MySQL
<Mgamerz> mmhm
<NowhereBoy> for app server.. i am thinking of iPlanet(Sun Web Server)
<Mgamerz> i don't know about the reliability of web hosting in vmware
<Mgamerz> mainly cause i don't use it
<NowhereBoy> ok
<NowhereBoy> vmware!!?
<NowhereBoy> or web hosting!?
<Mgamerz> combined
<NowhereBoy> ok
<NowhereBoy> what are other channels i can visit on freenode?
<NowhereBoy> u know.. linux/java/coldfusion related!?
<Mgamerz> theres #ubuntu, but its super busy
<Mgamerz> #linux
<Mgamerz> probably #java
<Mgamerz> #coldfusion is rather empty
<Mgamerz> errr
<Mgamerz> coldfusion is invite only
<Mgamerz> ##coldfusion
<NowhereBoy> nice
<NowhereBoy> this is a fun server :)
<Mgamerz> I used to use rizon
<Mgamerz> i was a mod for a ds homebrew channel... i quit after too many noobs
<Mgamerz> i do not like freenots hostname and vmask options
<Mgamerz> freenodes*
<NowhereBoy> ohh.. u planin to start nething new?
<Mgamerz> nope. I quit IRC for a while.
<Mgamerz> Only back for linux assistance.
<Mgamerz> have you ever used linux?
<NowhereBoy> yes..
<NowhereBoy> very little..
<Mgamerz> how little
<NowhereBoy> i am a newbie.. in this linux world.. so still in the process of learning
<NowhereBoy> few months
<Mgamerz> i see
<NowhereBoy> i want a nice tutorial.. with load's of excersises.. to play wid..
<NowhereBoy> could'nt find any
<twb> Why is #ubuntu-server suddenly getting all these noisy idiots?
<Mgamerz> well im not sure if you've installed ubuntu before, but server install is much more complex than desktop
<Mgamerz> but nothing too serious
<Mgamerz> i used the mini iso however... it may differ from the original cd installer
<NowhereBoy> ohh.. is there a mini ISO?
<NowhereBoy> man .. i am dldng the full blown version
<NowhereBoy> what is the difference?
<Mgamerz> mini iso is a 14MB iso
<Mgamerz> instead of having a cd full of packages it downloads them instead
<Mgamerz> trust me do not do it
<Mgamerz> it takes way longer
<NowhereBoy> ok..
<Mgamerz> but my cd drive died and i had a 128MB sd card so i used that. i also could load the cd's iso from another flash drive (that i did not want to erase)
<Mgamerz> so i didnt have to download all of it, but it was still slower
<Mgamerz> and it F'ed up grub
<a_m_y> coulnd't find the xen-tools in repo, even uncomment all in the sources.list and do apt-get update. Afterwards, did aptitude search xen, counlnd't find xen-tools
<NowhereBoy> so what do u suggest.. is the normal version doable!?
<NowhereBoy> what are XEN-tools?
<Mgamerz> yea.
<Mgamerz> I can't see the server cd being more difficult than expert install from mini iso.
<Mgamerz> fyi you're gonna see a hell of a lot of terminal
<Mgamerz> on server
<Mgamerz> so if you are used to gui then have some ice water
<NowhereBoy> lol
<NowhereBoy> ice water.. good one :P
<NowhereBoy> no i'll stick to gui
<Mgamerz> eh... im serious
<Mgamerz> just make sure you install nano not vi
<NowhereBoy> brb
<Mgamerz> vi is outrageous
<NowhereBoy> i am comfortable wid vi
<NowhereBoy> nano.. is good too
<Mgamerz> ugh i hate vi
<Mgamerz> i can't even type
<NowhereBoy> brb
 * NowhereBoy is back
<NowhereBoy> ok..
<Mgamerz> my media server workssss
<NowhereBoy> why a media server?
<Mgamerz> listening to Just Surrender - Burning Up (Acoustic)
<Mgamerz> cause its 5 years old
<NowhereBoy> can u share some books on linux?
<NowhereBoy> or can u point me to a site.. frm where i can dld some!?
<Mgamerz> all i have is command shell and scripting bible
<Mgamerz> and i torrented that one
<NowhereBoy> ok
<NowhereBoy> what is it fr?
<NowhereBoy> scripting in linux?
<Mgamerz> yep
<Mgamerz> terminal scripting
<NowhereBoy> yeah.. that is vry imp i guess
<Mgamerz> i ran sudo apt-get purge plymouth-themes* but it stillhas that damned splash
<Mgamerz> even after the grub defaults too
<NowhereBoy> hey man.. thanks for all the advice.. will catch you later.. i hv to go..fr now.. peace :)
<Mgamerz> kbai
<Mgamerz> that guy is going to have a heck of time with server edition...
<a_m_y> coulnd't find the xen-tools in repo, even uncomment all in the sources.list and do apt-get update. Afterwards, did aptitude search xen, counlnd't find xen-tools
<elnur> I've installed ruby1.9.1 and to use it I have to run `ruby1.9.1`. How can I run it as just `ruby`? Must I make a symlink by myself or there is a less hackish way?
<spezticle> hey does anybody know where i can find the default /etc/apache2/sites-available/default-ssl file?
<Masshuu> So i have a vps(openVZ) that runs 9.04
<Masshuu> Is it worth it to run sudo apt-get dist-upgrade and get it to 10.04 or should i just wipe and start with a clean base
<Masshuu> im thinkin just wipe due to possible issues from upgrading
<twb> !do-release-upgrade
<twb> Grr, stupid bot
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<Masshuu> i have a bunch of noob hacks and backports due to 9.04 packages not hacing certin things
<Masshuu> which is why i like wiping
<twb> Maybe you shouldn't install shitty kludges in the first place
<uvirtbot> New bug: #592058 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/592058
<CVirus> How can I display grub's menu in ubuntu server ?
<CVirus> ubuntu 9.10 here
<Russnix> How often does Ubuntu (and most other distros, I suppose) need to be rebooted with and without desktop packages?
<CVirus> Russnix: no need to do that
<Russnix> So a kernel patch doesn't require a reboot?
<CVirus> unless you want to switch kernels
<soren> Russnix: Sure.
<CVirus> but this is irrelevant to your question
<Russnix> Hmm.
<Russnix> I grow tired of having to reboot my workstation every month.
<Russnix> (Windows 7)
<CVirus> my friend here has an uptime of 500 days with his laptop .. he's using it as a home server
<twb> Russnix: then leave it turned off
<CVirus> twb: good answer :-D
<Russnix> twb: I tried that once.
<Russnix> It still needed a reboot.
<CVirus> haha
<Russnix> Anyway.
<Russnix> Someone just told me you should reboot after kernel updates.
<CVirus> Russnix: off course
<Russnix> You just told me a kernel patch doesn't require a reboot unless you want to switch kernels.
<Russnix> Windows doesn't *require* a reboot either. It just doesn't apply the patches until you start the reboot process.
<twb> On GNU/Linux, an upgrade affects files on the filesystem.
<twb> Running processes are usually copies of the old files, and so continue to run the old version.
<twb> New processes will get the new version from the filesystem.
<twb> If you upgrade the kernel, you need to restart the kernel process to get the new version, either by rebooting or by kexec'ing.
<twb> This need not be done immediately, but if it was a security update than it's advisable to do it sooner rather than later.
<Russnix> Ah.
<Russnix> "<twb> Running processes are usually copies of the old files, and so continue to run the old version." <-- what's the technical term for this?
<twb> Because Windows doesn't use inodes, it can't update open files, which is why you HAVE TO reboot more often when upgrading various things.
<Russnix> This is a facility Windows doesn't have.
<twb> Russnix: erm, Windows certainly has processes, and they'll still start out as executables copied into memory.
<Russnix> Vista and later supposedly fully support rebootless non-kernel hot patching.
<twb> There's a crowd that provides that for Linux, with the caveat that data structures remain unchanged.
<Russnix> twb: but wouldn't the executable on the disk be locked as in use?
<twb> Russnix: I wouldn't think so, but I'm not a Windows sysadmin.
<Masshuu> well i have my windows server(08) set up to automaticly patch, and i only hear it reboot once every 3-4 months
<Masshuu> though it could obiously reboot more often,
<twb> I get the impression that Microsoft batch up their patches into big blobs, though
<twb> Maybe they only release a patch once per quarter
<Masshuu> when i look at it, theres possibly 1-3 patches(which are run at 4 in the morning)
<Masshuu> so they could group big patches and kernal ones per quarter
<ljungk> what do i have to do to enable sound on an ubuntu server machine? I
<Masshuu> uuuh
<ljungk> ...have installed alsa but aplay -l says aplay: device_list:223: no soundcards found..
<Masshuu> i always assumed sound was coupled with a gui, but im just a noob
<ljungk> well you can have a music player server
<ljungk> like mpd
<twb> ljungk: alsa-base should be sufficient
<twb> ljungk: perhaps your card is unsupported?
<huats> I know I have asked that already yesterday, but since I got no answer ans since I haven't progessed I am asking again...
<huats> I have used vmbuilder to create a lucid guest on a lucid host.
<huats> I want to have a bridge connection between them.
<huats> And it is not working. The xml configuation is OK, the route seems OK, the brctl output too. And the guest is well configured I think.
<huats> Does anyone have a idea where I can look ?
<ljungk> twb: I do have alsa-base, and I'm sure it's supported as it worked perfectly on jaunty desktop
<ljungk> I suspect it has something to do with which module is loaded
<twb> ljungk: pastebin amixer scontrols -c0, for values from 0 up until you get an error
<twb> ljungk: also pastebin lspci -nn | grep Audio
<ljungk> twb: actually it was pretty easily solved. I only had to add my user to the audio group
<ljungk> thanks anyway
<trapmax> i'm updating our server from 8.04 -> 10.04. how can i download all updates without installing them?
<Russnix> Um. Download the ISO and upgrade?
<uvirtbot> New bug: #592076 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/592076
<corpse> philly
<corpse> sorry mt
<corpse> Is there anything i can do on my fileserver to make streaming video work smoother?
<X-Sleepy-X> so if i wanna secure apache a bit i should install fail2ban?
<X-Sleepy-X> or is there any other solution?
<twb> trapmax: aptitude full-upgrade --download-only
<Omahn> Anybody know if a FAQ page exists for converting init scripts to upstart jobs?
<twb> Omahn: is it a simple init script, or a horrible complicated one?
<Omahn> twb: nis
<twb> ypserv or some other part?
<twb> Yeah, there are a few separate daemons
<twb> I would probably split them out into separate upstart .confs
<Omahn> Bug #569757 is a complete show stopper for Ubuntu 10.04 server for us
<uvirtbot> Launchpad bug 569757 in nis "NIS upstart dependancy broken for lucid" [Wishlist,Confirmed] https://launchpad.net/bugs/569757
<twb> Omahn: I'm glad I'm not rolling out my lucid NIS server yet, then :-)
<twb> Omahn: I think #upstart and the upstart wiki should be sufficient for you to write yp{bind,serv,passwd,xfrd}.conf jobs.
<Omahn> We're just interested in the client part.
<Omahn> twb: So the recommended route would be to split them up then. I'll have a look into it, without an upstart job for NIS we're pretty stuffed unless we use some ugly hacks.
<twb> Omahn: oh, I notice that there are also parts in /etc/network/if-up.d/.  You would need to fold that in, too.
<twb> Not that I know a hell of a lot about upstart, other than fighting it.
<Omahn> twb: Thanks, you're filling me with confidence ;-)
<twb> Omahn: please be sure to publish whatever you work out (to launchpad or whatever)
<Omahn> twb: I'll be pushing it back on that bug report, assuming I can get something workable.
<twb> Thanks.
<trapmax> twb: thanks
<rahman> Hi, I need to setup kvm on my ubuntu server. But there is one thing that I don't understand in wiki pages, that about bridging networks. Real machines interface is eth0 and I want the real server is accesible from outside with one ip (like xxx.xxx.xxx.50) and also the kvm machine should be accessible from outside with ip xxx.xxx.xxx.51. How can I achieve this?
<halvors> Hi!
<rahman> Wiki pages says to make eth0 manual mode and bridge br0 to eth0 but this doesn't give me two ip's
<halvors> I have a problem with mysql server, i can't connect from localhost also mysql socket. Here is my log: http://pastebin.com/WTCJnkN2
<halvors> ?
<halvors> No ideas?
<twb> rahman: are you using libvirt?
<huats> I cannot find any configuation file for dnsmasq by default , on lucid, is it normal ?
<twb> huats: did you install dnsmasq, or dnsmasq-base?
<rahman> twb: didn't setup kvm yet but if it will help me I can use
<twb> rahman: libvirt should Just Work wrt. networking, I think.
<huats> twb, I haven't installed anything :) so there is just the dnsmas-base installed
<twb> rahman: if you aren't using libvirt, I suggest you use kvm's built-in userspace NAT.
<twb> huats: the config file and init script are in the "dnsmasq" package, which is in universe.
<huats> twb, so how can I disable it ?
<twb> huats: disable what?
<huats> or at least the dhcp stuffs it provides
<twb> huats: I think you have not installed Ubuntu Server.
<rahman> twb: If I use NAT, can I access to virtual machine with its ip from my network?
<twb> rahman: well, supposing you needed only SSH, you would tell KVM to connect your host's port 2022 to your VM's port 22, and then you could "ssh -p2022 <host IP>"
<rahman> twb: as wiki says I need to use bridging to access vm from outside
<twb> The VM wouldn't have its own IP, but the beneft is that it's a lot simpler to set up.
<halvors> I have a problem with mysql server, i can't connect from localhost also mysql socket. Here is my log: http://pastebin.com/WTCJnkN2'
<twb> halvors: try 127.0.0.1 instead of "localhost"
<twb> halvors: mysql treats the string "localhost" specially, because they are idiots.
<huats> twb, indeed... it is on a remote server so I haven't done the install myself...
<huats> and I haven't the ubuntu-server package installed (I have just checked)
<twb> huats: ubuntu-server isn't a package.  It's install media that don't install broken desktop crap like Network Manager.
<huats> twb, I know the concept of meta package :)
<huats> but in my opinion there was still a ubuntu-server meta
<twb> huats: you'll need to purge whatever desktop stuff is there; probably anything that the {,x,k}ubuntu-desktop metapackages ask for.
<huats> twb, there is nothing like that installed
<huats> I have already checked
<twb> huats: is network-manager installed?
<huats> twb, nope
<twb> huats: aptitude why dnsmasq-base
<halvors> ok
<huats> twb, libvirt is recommending it
<halvors> it doesn't work...
<huats> (and I need libvirt)
<twb> huats: ah, of course.
<twb> huats: OK, I don't know anything about libvirt, but that'll be what's invoking dnsmasq.
<twb> You could always just try breaking the recommendation
<huats> ok so in my case I need to install dnsmasq to stop the dhcp to answer I think :)
<twb> huats: wrong.
<huats> I'll try to break the recommends then
<twb> libvirt is invoking dnsmasq directly -- adding an init script that also starts dnsmasq at boot won't stop libvirt invoking dnsmasq
<halvors> What shoul di do whit this? http://pastebin.com/WTCJnkN2
<huats> twb, in fact it is a depends ... :(
<twb> huats: then you need to talk to someone who understands libvirt.  Wait here, and/or try #virt (#libvirt?)
<huats> twb, I am sure soren might help :)
<twb> huats: he's probably been scared away by all the young punks that flooded in here this week
<huats> twb, thanks !
<huats> twb, well he is not scared of me we have met many times IRL :)
<huats> (well I hope)
<rahman> twb: do you have any idea if it helps me if I bridge eth0 with br0 and eth0.1 with br0.1 ? Do you have any experince with subinterfaces?
<twb> Some, but they're really BORING
<twb> The brctl package has either a manpage or a README in /usr/share/doc/btrctl, I forget which.
<rahman> twb: Thanks, I will look into it
<halvors> What shoul di do whit this? http://pastebin.com/WTCJnkN2
<halvors> Also a mysql problem...
<twb> halvors: I don't know; ask #mysql.
<RoyK> halvors: google is nice http://bugs.mysql.com/bug.php?id=15559
<twb> Hm.  Why does my proxy think that URL is an ad?
<twb> Because it matches "/bug\.php\?"
<twb> Stupid adblockplus.
<soren> huats: Sorry, what was the problem again?
<soren> huats: Something about dnsmasq?
<uvirtbot> New bug: #592140 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/592140
<huats> soren, yep
<ttx> huats: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/231060 ?
<uvirtbot> Launchpad bug 231060 in libvirt "packages dnsmasq and libvirt-bin conflict with each other" [Low,In progress]
<huats> soren, I am using libvirt to manage a vm
<huats> (I have built it using vmbuilder)
<soren> huats: Ok.
<huats> and some informations are given to the guest (like gw)
<huats> (I have setup it as bridge)
<soren> Ok.
<huats> but the gw is not the good one
<soren> Not understood.
<huats> :)
<soren> What does "gw is not the good one" mean?
<huats> the gateway that receive the guest is not the correct one
<huats> so I'd like to disable the dhcp settings from the dnsmasq-base
<soren> Ok.
<huats> but I couldn't find any configuration for dnsmasq-base and since it is a depends from the  libvirt-bin I am a bit annoyed
<soren> You could just make the guest not use dhcp, couldn't you?
<huats> soren, it is not using dhcp that is the weird stuff :(
<soren> huats: sorry, then I don't understand.
<huats> I don't understand how the guest gets that gateway information
<soren> huats: You're saying it "gets the wrong gateway"?
<soren> huats: Can I see the output of: "cat /etc/network/interfaces ; ps -ef | grep dhc" in the guest, please?
<huats> sure
<huats> soren, let me reput everything like it was since I have shanged some stuff in order to fix it :)
<soren> anyways, to disable the dnsmasq instance libvirt started, you just disable dhcp in libvirt's network configuration. Try "virsh net-edit default" and it should be fairly obvious.
<soren> Oh, hang on.
<soren> If you're bridging, that dnsmasq instance does not come into play at all.
<huats> then I don't understand :(
<huats> the guest is getting a gateway from somewhere. and of course it is not correct...
<linxeh> is it possible to configure IP level router failover fairly easily? eg if router a.b.c.d stops routing packets (but the physical layer is still active) switch to using e.f.g.h ?
<huats> soren, right now my configuration is messed up, I cannot anymore ping my guest from the host
<huats> :(
<huats> I'll ping you once I have fixed it up
<twb> linxeh: try #netfilter.
<zul> morning
<zul> remember kids grape isnt funny
<linxeh> twb: those channels normally scare me :)
<a_ok> I want a minimum installation (will only be running KVM) how much diskspace would I need?
<alvin> a_ok: 1.5 GB, but I'd go for a bit more.
<Omahn> a_ok: Remember to leave enough room for downloading + installing system updates. :-)
<a_ok> alvin: since we use a SAN I can always scale it up when needed. although I might want to have some extra so files wont be fragmented to badly
<a_ok> thank
<twb> a_ok: a truly minimal install would be around 256MiB
<twb> Give or take 64MiB
<a_ok> twb: but that would mean that I have to strip down a lot and not do a default instalation right?
<twb> Depends how you do the install
<_ruben> a default -server install on a 2GB flashdisk is already pretty tight when you want to do-release-upgrade (depending on partitioning)
<twb> I'm not counting Priority: standard, or a kernel, *buntu-desktop, ubuntu-standard, or language-base-*
<twb> The easiest way to find out would be to debootstrap or d-i an install and then du the tree.
<twb> If you use casper, you can get it down a lot smaller -- a kernel, ramdisk, and filesystem.squashfs for a minimal system is 80MiB.
<twb> I leave such an image in my /boot/ in case my root filesystem gets hosed, to save me having to find a live CD
<a_ok> twb: well it's not that importand to me. I just don't want to waste 7GiB if I don't need it
<Omahn> a_ok: A couple of gigs should be fine, particularly if you're using a SAN backend and you can just grow the LUN if required.
<twb> 7GiB is enough for xubuntu-desktop AND kubuntu-desktop AND ubuntu-desktop
<a_ok> Omahn: that is exactly what I am using. I'll go with 2 Gig for now
<Omahn> a_ok: That's sensible :-)
<twb> On real servers, I normally allocate two to four gig for the root filesystem, since I can online grow it if I need to.
<a_ok> twb: Omahn: That will do fine than thanks for the advice
<Omahn> No problem.
<Omahn> Can anyone think of a valid reason why install Emacs on ubuntu server pulls down libasound2?
<a_ok> Omahn: because emacs can play audio files?
<Omahn> a_ok: Really? Fair enough. Seems a bit silly on a server.
<a_ok> I have to agree on that
<a_ok> unless its a sound server (but than you would still not use emacs for that purpose)
<Omahn> Agreed :-)
<twb> Omahn: install emacs23-nox
<twb> The default "emacs23" is a GTK version, and pulls in lots of silly things
<Omahn> twb: I did, or at least emacs-snapshot-nox
<twb> Hm.
<twb> You're right, -nox still depends on libasound (i.e. ALSA).
<twb> I don't know why.
<twb> Report it as a bug if you want to save that 200kB
<Omahn> Yeah, I found an early bug report in debian saying that -nox had ALSA disabled but that doesn't appear to be the case in Ubuntu.
<Omahn> 400kB ;-)
<Omahn> Not that I care about that, it's the questions that will arise from the other admins when they ask why ALSA libs are getting installed for a text editor.
<twb> Easy: Emacs isn't a *text* editor
<Omahn> It's an OS :-)
<twb> It's more of a desktop environment than an OS
<twb> It provides a set of libraries and a set of applications and utilities that use those libraries to provide a consistent look-and-feel.
<twb> Just like GNOME or KDE.
<cloakable> heh
<twb> Whereas an OS would need to provide hardware drivers.
<cloakable> Short: want a text editor? Get vim :P
<twb> cloakable: ITYM mg
<cloakable> ?
<twb> even nvi is TWICE the size of mg
<twb> and vim is like 8MB
<cloakable> heh
 * Omahn dips out - not getting involved in this one ;-)
<twb> Of course, busybox-static might still include its vi applet, in which case you get it for free with your ramdisk support.
<sommer> morning
<soren> Why, oh why, is it so bloody difficult for people to understand that reporting a bug is a way of asking for help, and asking for help by calling people idiots and shouting and screaming at them for no good reason is really, really unlikely to give good results?
<zul> soren: i know i know
<soren> case in point: https://bugs.edge.launchpad.net/ubuntu/+source/netcat-openbsd/+bug/590925
<elb0w> how can I disable unattended-upgr
<TeTeT> elb0w: sudo dpkg-reconfigure unattended-upgrades
<elb0w> will this hurt anything?
<elb0w> it is a production machine
<lukass> I've built a media server running ubuntu server lucid yesterday. Problem: the hard drives won't spin down.
<TeTeT> elb0w: AFAIK not, the unattended-upgrades are only run by the nightly apt cron job
<elb0w> ok
<elb0w> cron.daily/apt?
<lukass> possibly related, the raid5 process md0_raid5 is constantly running at about 25-30%
<Omahn> lukass: I would say highly related :-)
<lukass> Omahn: So it isn't normal, good to know :)
<Omahn> lukass: md0_raid5 running at 25-30% could be normal, depends on how loaded those disks are or if they're currently scrubbing.
<lukass> Omahn: they aren't doing anything. Or shouldn't be anyway.
<Omahn> lukass: What's the output from 'mdadm --detail /dev/md0' ?
<uvirtbot> New bug: #592249 in mysql-dfsg-5.0 (universe) "package mysql-server None [modified: /var/lib/dpkg/info/mysql-server.list] failed to install/upgrade: å­è¿ç¨ pre-installation script è¿åäºéè¯¯å· 1" [Undecided,New] https://launchpad.net/bugs/592249
<Omahn> lukass: '/usr/share/mdadm/checkarray -s /dev/md0' will show if the array is currently undergoing a sanity check
<Omahn> lukass: An active check will show something like this in the output of 'cat /proc/mdstat':
<Omahn> d2 : active raid1 sdb5[1] sda5[0] 69685184 blocks [2/2] [UU] [>....................]  check =  0.9% (629056/69685184) finish=21.9min speed=52421K/sec
<lukass> /dev/md0:
<lukass>         Version : 00.90
<lukass>   Creation Time : Wed Jun  9 19:24:53 2010
<lukass>      Raid Level : raid5
<lukass>      Array Size : 4395411264 (4191.79 GiB 4500.90 GB)
<lukass>   Used Dev Size : 1465137088 (1397.26 GiB 1500.30 GB)
<lukass>    Raid Devices : 4
<lukass>   Total Devices : 4
<lukass> Preferred Minor : 0
<lukass>     Persistence : Superblock is persistent
<lukass>     Update Time : Thu Jun 10 16:16:34 2010
<lukass>           State : active, resyncing
<lukass>  Active Devices : 4
<lukass> Working Devices : 4
<lukass>  Failed Devices : 0
<lukass>   Spare Devices : 0
<lukass>          Layout : left-symmetric
<lukass>      Chunk Size : 64K
<lukass>  Rebuild Status : 48% complete
<lukass>            UUID : 81da332e:2d66582c:69b0e654:86e38bd9
<lukass>          Events : 0.26
<lukass>     Number   Major   Minor   RaidDevice State
<lukass>        0       8       17        0      active sync   /dev/sdb1
<lukass>        1       8       33        1      active sync   /dev/sdc1
<lukass>        2       8       49        2      active sync   /dev/sdd1
<lukass>        3       8       65        3      active sync   /dev/sde1
<Omahn> lukass: It's currently undergoing a rebuild, have you recently replaced a disk?
<Omahn> lukass: Or had an unscheduled reboot?
<lukass> Omahn: I've only built the system yesterday, and no, no sudden reboots
<Omahn> lukass: Ok, in that case it's probably just building the array.
<Omahn> lukass: It can take a long time, particularly with 4.5TB :-)
<lukass> Omahn: That's a relief, thought something was wrong with it. Thanks a bunch :)
<Omahn> lukass: Nothing wrong, perfectly normal :-)
<Omahn> lukass: RAID builds are limited to a certain bandwidth, you can increase the limit if you don't mind the machine becoming *very* slow until it finishes.
<uvirtbot> New bug: #316257 in lm-sensors (universe) "[wishlist] merge amd  k10 (phemon) support" [Wishlist,Fix committed] https://launchpad.net/bugs/316257
<lukass> Omahn: how do I go about this?
<Omahn> lukass: http://www.ducea.com/2006/06/25/increase-the-speed-of-linux-software-raid-reconstruction/
<bjor> any good with ldap?
<bjor> anyone*
<bjor> more specifically using openldap as a central user authentication server?
<MTecknology> I wish there was a php5-cgi-lite
<MTecknology> and a mysql-server-lite
<uvirtbot> New bug: #592272 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/592272
<zul> MTecknology: lite?
<lukass> Omahn: Thanks again. Learnt a bit about RAID today. Changing the minimum didn't do much unfortunately, 28000K/s is the maximum for rebuilding. I just hope it's not the maximum write speed :).
<MTecknology> zul: yup
<MTecknology> zul: Some really really light weight version of those that's just as powerful but but faster and lighter :D
<zul> k
<MTecknology> zul: sorry, I was just thinking about how I switched from Apache to Nginx and things were much lighter with all the power I needed - There's not really an option like that for the other two
<JackTO> After GRUB, I see a blinking cursor and nothing happens in 10.04.  The Live CD works, but not my new installation... any easy way to debug and troubleshoot the bootup process, see what is causing the freeze?
<bjor> ctrl-alt-F7
<bjor> i think
<bjor> doesnt that pull up a terminal
<bjor> or F6 i forget
<JackTO> when it freeze, should i hit that sequence?
<bjor> idk
<bjor> can you get to a login screen?
<JackTO> no, before login screen, after grub
<bjor> try it
<bjor> idk anything else to do
<JackTO> let me try
<JackTO> nothing happs
<JackTO> just stuck there... is there a safe mode or a step by step/line by line loading like windows?
<bjor> Im not sure
<bjor> try using the install disk to check ur ram or disks
<JackTO> already did both:(
<bjor> Is it a particular old system or something?
<bjor> sounds like it might be hanging on some drivers
<bjor> Something with the kernel
<bjor> Try unplugging all your unneeded USB devices?
<JackTO> odd enough, in my GRUB menue ther is two versions of the system "Ubuntu, with Linux 2.6.32.22-server" and "Ubuntu, with Linux 2.6.32.21-server"... just tried the older one and it loads fine!
<JackTO> when i did an update, does it make two copies of the entire system, of is that just the kernel
<bjor> I have no idea
<bjor> But it would have to make a temporary copy
<bjor> Cause it can't update files currently being used
<bjor> Sounds like it might be time for a fresh format and install
<monokrome> ]/me just finished two of those
<mathiaz> zul: great!
<uvirtbot> New bug: #592326 in apache2 (main) "BUG: soft lockup - CPU#3 stuck for 11s! [apache2:22615]" [Undecided,New] https://launchpad.net/bugs/592326
<uvirtbot> New bug: #592327 in qemu-kvm (main) "KVM becomes unresponsive due to waiting for aio threads" [Undecided,New] https://launchpad.net/bugs/592327
<mathiaz> zul: could two pages be generated instead/in addition?
<zul> mathiaz: probably
<mathiaz> zul: so that someone that wants to work on SRU can just look at one page and get the whole list from there
<mathiaz> zul: or may be add a links to the top of the page
<zul> mathiaz: good idea, ill do that next
<mathiaz> zul: and put the unassigned SRU first
<baddassmutha> Hi. Does anyone know of a case study where a Windows Server domain with Windows PC connecting to that domain has been replaced completely by an Ubuntu Server with Ubuntu Desktops connecting and authenticating against that server. I know how to joing an Ubuntu desktop to a windows domain with AD and Samba shares etc to a windows server/PC, but I would like to know the answer to my question 'if possible', thank you.
<hggdh> jiboumans: ping
<jiboumans> hggdh: pong
<cloakable> baddassmutha: not that I know of
<cloakable> I'll let you know when I get my network up :)
<DirtyD> vmbuilder is complaining to me:  unmet dependency: ubuntu-minimal: Depends: lsb-release but it is not installed   - any ideas about cause?
<ScottK> baddassmutha: Samba 3 can't do PDC for Win2K or later AD.  Samba 4 is not released yet (it's an alpha grade system)
<spat> I (or the installer) installed grub stage one on the wrong disk how can I get it on the second disk asap?
<spat> never mind found it size of the code area :)
<ne7work> hello all
<ne7work> how can i install gnome on my ubuntu server edition 9.04?
<bjor> apt-get ubuntu-desktop?
<bjor> or w/e
<godzirra> Howdy folks.   I installed Ubuntu Enterprise Cloud edition and it didn't give me the information to log into the UEC when I installed.  How do I login?
<godzirra> I got to the login page, but the user I created doesn't let me login.
<godzirra> Anyone know?
<bjor> narp
<godzirra> I just need to know how to log into the UEC panel.
<godzirra> Well darnit.
<Pici> godzirra: Be patient, this channel isn't nearly as busy as #ubuntu
<godzirra> I've noticed.  Its all good.
<godzirra> I've setup my original linux box as a cloud controller (I think)... but it chose an IP address based on dhcp.  any reason I can't change that to static?  And forgive me if my questions are basic, i've never played with a cloud setup before.
<bjor> always use static IPs for server
<godzirra> Okee dokee.  It didn't give me an option during setup.  Although I may have missed it.
<mathiaz> SpamapS: hey - re bug 491685
<uvirtbot> Launchpad bug 491685 in memcached "memcached doesn't correctly daemonize" [Low,In progress] https://launchpad.net/bugs/491685
<mathiaz> SpamapS: in the patch a file reopen before the second fork
<mathiaz> SpamapS: shouldn't the file be reopen *after* the second fork?
<mathiaz> SpamapS: http://launchpadlibrarian.net/50080362/lp_491685.patch
<SpamapS> mathiaz: I know it seems weird
<SpamapS> mathiaz: but that will result in the tty staying attached
<SpamapS> mathiaz: I took the method directly from Proc::Daemon
<mathiaz> SpamapS: is this due to the way reopen_logfile works?
<SpamapS> mathiaz: reorienting my mind.. let me re-read it
<SpamapS> mathiaz: no that is correct. reopen_logfile closes stdin/stdout and reopens to the correct place. If you do that after the fork, you still are "attached" to your tty.
<mathiaz> SpamapS: ok - thanks
<SpamapS> mathiaz: I tested it the way you suggest, and it kept the tty. though re-reading 'perldoc Proc::Daemon', it does suggest that it closes files before the second fork. Hrm.
<mathiaz> SpamapS: ok - it may be better to wait for upstream's response to the patch
<mathiaz> SpamapS: I've opened a bug task against the upstream project in bug 491685
<uvirtbot> Launchpad bug 491685 in memcached "memcached doesn't correctly daemonize" [Low,In progress] https://launchpad.net/bugs/491685
<mathiaz> SpamapS: as you've pasted the link into the bug comment - I just cliked on also affect project
<SpamapS> mathiaz: err, I already did that?
<mathiaz> SpamapS: ah - you've opened a bug in the *upstream* bug tracker
<mathiaz> SpamapS: I've setup a bug watch in LP
<SpamapS> Remote bug watches
<SpamapS> auto-code.google.com-79 #139
<SpamapS> Bug watches keep track of this bug in other bug trackers.
<uvirtbot> New bug: #539328 in dhcp3 (main) "apparmor-messages in syslog" [Undecided,Won't fix] https://launchpad.net/bugs/539328
<mathiaz> SpamapS: hm - right
<SpamapS> mathiaz: is there a difference?
<mathiaz> SpamapS: hm...
<SpamapS> mathiaz: one thing that really annoys people is that Launchpad projects get created for their projects without their involvement.
<SpamapS> Though this would appear to have Brian Aker's seal of approval, sort of.. so thats probably no big deal. ;)
<mathiaz> SpamapS: :) - that's one of the goal of LP
<SpamapS> Though they only have 1.2.8 on their.. and 1.4.5 is the latest upstream.
<mathiaz> SpamapS: well - I think that opening a task for the upstream project enables you to track the bug status as well
<mathiaz> SpamapS: so if upstream closes the bug we can get notified about it
<SpamapS> s/their/there/
<mathiaz> SpamapS: I'm not sure if you'd get notified if you're *not* opening an upstream bug task
<SpamapS> mathiaz: back to LP .. what is one of the goals of LP? To have a LP project listed for every project?
<panfist> i was hoping someone could help me understand the default postfix configuration options...'local only' says "will not accept any mail from the network",
<mathiaz> SpamapS: to be a central hub for open source projects
<panfist> so which option do i want if i just want a mail server for sending and receiving mail between LAN users only
<mathiaz> SpamapS: to enable collaboration between projects
<mathiaz> SpamapS: bug watches is one such example
<SpamapS> panfist: no outside email at all?
<panfist> well the network doesn't even have internet access, so nope
<mathiaz> SpamapS: if you use LP you can have one central place to monitor the status of bugs accross multiple projects/distors
<SpamapS> mathiaz: yeah I like the bug watch thing, but it seems like you can do that w/o a project page.
<mathiaz> SpamapS: true - now there are other things such bzr branches
<mathiaz> SpamapS: where you can import remote upstream repositories
<mathiaz> SpamapS: (even if upstream repositories are in git, svn, cvs)
<mathiaz> SpamapS: and have them available as bzr branch via LP
<SpamapS> panfist: you probably want internet site then. Use a domain now, so that you don't have to re-do contacts later when you realize that email w/o internet is kind of silly. ;)
<SpamapS> mathiaz: that I've done, and like. :)
<panfist> well, don'
<mathiaz> SpamapS: which is getting more interesting for ubuntu as we'd like to link the upstream repository with the package branches at some point
<panfist> email w/o internet is silly. hum. i suppose we should all just kill ourselves at our sight then.
<panfist> i mean site.
<SpamapS> panfist: no, but you might want to wear giant shoes and red noses. ;)
<mathiaz> SpamapS: so given that you've got bug watches, code imports - it starts to be interesting to group them under a project
<mathiaz> SpamapS: thus - creating projects in LP
<mathiaz> SpamapS: to be able to have a quick view of the project ressources - even if it's just links towards external ressources (bug trackers, code repository)
<SpamapS> panfist: I kid.. you can certainly have offline email. I'd suggest running it like an internet site. If you want, you can certainly run it as 'local only'.. your users will need to set their To: to just the username then.. like To: panfist
<panfist> spamaps what if you were a small business that depended entirely on owning a few important trade secrets, and if those trade secrets were leaked, a larger competitor could crush you in weeks
<SpamapS> panfist: I've worked with people who have to maintain two computers on their desks at work.. 1 with internet, and 1 without. I was really joking. :)
<Todd> "N
<panfist> sorry if i kinda snapped...i'm stressed
<SpamapS> panfist: I would be too if I was afraid the competitors were going to crush me in weeks. ;)
<panfist> anyway, i'm trying to set up services and web apps like request tracker and a wiki that traditionally rely on email notifications
<SpamapS> panfist: that can all work, just set it up as an internet site.
<panfist> ok.
<SpamapS> panfist: nobody says you have to have root servers to make DNS work. :)
<Todd> http://wiki.uberprivateserver.local  panfist@uberprivateserver.local
<Todd> seems easy enough
<panfist> ok so i just paste that into a config file...?
<panfist> just kidding!
<blackxored> my gwibber post message pane is gray, anyone knows why??
<blackxored> sorry, bad channel ;)
 * SpamapS pastes ASCII art of a huge trout slapping panfist around in a config file
<ne7work> how to install gnome on ubuntu server edition 9.10
<panfist> you probably want to do- sudo apt-get install ubuntu-desktop
<SpamapS> ne7work: you might also look at tasksel
<ne7work> panfist, I don't want to install ubuntu-desktop
<ne7work> i want to install only gnome enviorment
<panfist> if you have to ask about how to install gnome, then you are better off installing ubuntu-desktop. ubuntu-desktop is a high-level package that depends on other packages that set up an environment just like you'd get if you installed ubuntu desktop edition
<panfist> can you answer the question: what part of ubuntu-desktop do you not want? if you don't know exactly, just install ubuntu-desktop, you'll save yourself some pain later
<Todd> *cough*LXDE*coughcough*
<Todd> although.. definitely still has a learning curve
<ne7work> i need very simple server edition without any programs only with graphic enviorment
<Todd> LXDE sounds perect for that application
<panfist> then you don't even want gnome, because gnome is a complete desktop environment
<ne7work> well
<ne7work> what i need
<ne7work> i need to play counter-strike 1.6
<panfist> on your server?
<ne7work> and run half life dedicated server, apache2, mysql-server, php5-mysql, phpmyadmin
<ne7work> yes
<ne7work> when I install my nvidia driver..
<ne7work> i need only wine
<ne7work> and graphic enviorment
<SJr> Hmmmm at 6:30 this morning my mysql server stopped with a normal shutdown, and I'm not sure why.
<ne7work> :X
<ne7work> and now
<ne7work> how can I install only gnome not ubuntu-desktop on my server
<ne7work> and what is the different between ubuntu server edition with ubuntu-desktop and ubuntu desktop edition?
<panfist> i'm pretty sure server edition with ubuntu-desktop is about the same as desktop edition with ubuntu-server
<SpamapS> ne7work: Todd's right, give lxde a try
<SpamapS> SJr: /var/log/syslog have any information about it?
<panfist> nevermind
<panfist> yeah, lxde is probably the best combination between easy and light
<SJr> no Spamaps, just that the shutdown occured
<SpamapS> ne7work: you know though, ubuntu desktop isn't exactly "heavy" .. its actually pretty lean for all the crazy stuff it does. ;)
<SpamapS> SJr: like 'mysqld is shutting down...' ?
<SJr> mysqld[2743]: 100610  6:39:49 [Note] /usr/sbin/mysqld: Normal shutdown
<SJr> mysqld[2743]: 100610  6:39:49 [Note] /usr/sbin/mysqld: Normal shutdown
<SJr> mysqld[2743]: 100610  6:39:49 [Note] /usr/sbin/mysqld: Normal shutdown
<SJr> WHOOPS sorry
<SpamapS> SJr: I'd make sure that nobody has super user access.
<SpamapS> meaning mysql super user
<SJr> hmmmmm
<SJr> there shouldn't be
<SJr> only two people logged into the system according to last
<SpamapS> select * from mysql.user where super_priv = 'Y'\G
<SJr> Oh you think it happened in MySQL
<SJr> hmmm didn't think of that.
<SJr> 5 users
<SJr> hmmmm and Phpmyadmin, perhaps brute forced
<SJr> actually I wonder, is my syslog in current time or UTC?
<SJr> probably local time it looks like
<azlon> i am having problems with one of my drives in an mdadm RAID-5
<azlon> when i do cat /proc/mdstat it says my /dev/sdd1 is missing
<azlon> when i do ls -l /dev/disk/by-id it shows up
<azlon> what can i do?
<corpse> ok, im having a hell of a time connecting to my seedbox via lftp. its an sftp server so i use lftp sftp://username.site.adress.com:port  and i will be prompted for my password which i enter. Then when i !ls i just get the output of the directory i was in before i ran lftp, i.e servers /home
<JackTO> can anyone help me debug my bootup issue... 50% of the time it lock on bootup with a blinking cursor...
<JackTO> after grub
<MrWise> is the ubuntu server install using GUI setup?
<JackTO> nope..
<JackTO> just the AMD64 bit server edition
<JackTO> working on this 3 days now with no luck
<JackTO> half the time it boots fine, and half the time it locks
<guntbert> JackTO: did you look into the log files?
<JackTO> i did, i read the dmesg log, and the boo log
<JackTO> but not sure how to detect if something is messing up the dmsg file is HUGE
<JackTO> and the boot.log is useless..
<guntbert> JackTO: the log files have time stamps - so on the next lockup remember the time - then you have an anchor point in the logs
<SpamapS> JackTO: is there any pattern? Like, does it lock if you soft reboot, but not if you hard boot from poweroff?
<JackTO> mostly from hardboot, softboot rarly cause the lockup
<MrWise> system hangs shortly after I choose install ubuntu server, I see one line of text flash by and then around 12 blinks of an underscore, then it just stops
<MrWise> that's from CD install, from usb it hangs even before that menu
<MrWise> anyone know what's up? :(
<MrWise> I've installed winXP on this machine without any problems from CD earlier, also have a fully working XP install on it that boots fine
<guntbert> !md5sum | MrWise did you check?
<ubottu> MrWise did you check?: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<habanany> windows channel address please
<Todd> ???
<guntbert> habanany: ##windows
<habanany> I have question about windows
<habanany> thanks
<JackTO> I JUST noticed, something...my system locked up again..off a hard boot..  nothing works, BUT when I hit (Ctrl-Alt-F1), i gte the login prompt?  what does ctrl-alt-f1 do??
<MrWise> guntbert; yeah md5sum checks out fine
<Todd> JackTO: sounds like you're switching to a different TTY.
<JackTO> Todd: is that solving my problem?  seems to bypass the hanging issue on startup
<habanany> ##windows
<Todd> JackTO: Do you have X installed?
<JackTO> todd: no, no x installed
<Todd> JackTO: Weird. Whatever TTY you're booting up to is freezing, but TTY1 is not? Above my head.
<JackTO> but after gub, the scren flashes a few time before the hanging or before the login
<guntbert> MrWise: at that time it tries to enable the frame buffer, you could set fb=false in the command line, also you *should* be able to switch to another virtual console with alt+left or alt+right
<JackTO> after grub*
<MrWise> guntbert; mind explaining in more detail how I set fb=false and in which command line?
<MrWise> also, when should I switch virtual console, just before it hangs?
<guntbert> MrWise: in the start menu press F6, then ESC (to get rid of the pop up menu, then you see the command line, I ussually remove "quiet" too
<guntbert> MrWise: you could try to switch when you have the impression that it hangs and see if there is something happening on another console
<MrWise> ah
<panfist> regarding postfix configuration, there is a step that asks if you want to use procmail to deliver local mail. i'm a complete email noob. what are the implications of using procmail or not?
<Delemas> Is anyone here familiar with UEC and specifically how the node controller caching works?
<MrWise> guntbert; oh and do I add set fb=false or just fb=false?
<guntbert> panfist: a severe warning : don't run a publicly reachable mail server if you don't really know what you are doing -- keep it strictly confined to your llocal network
<JackTO> does anyone here know if CentOS is more stable, less buggy than Ubuntu server.. its my first week of working with ubunto and already encountered many bugs from not working with webmin, to random lokups on startup etc...
<guntbert> MrWise: just fb=false (press F1, then F8 to get help on that)
<MrWise> guntbert; with just fb=false, and removnig quiet, it still hangs
<guntbert> !webmin | JackTO
<ubottu> JackTO: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<panfist> guntbert it is strictly confined, no physical access to the internet
<MrWise> guntbert; but now it shows switching to color frame buffer before it hangs
<guntbert> panfist: in that case it doesn't really matter, keep to the default
<JackTO> ubottu - tried ebox and it SUXS!   webmin is 100% better...
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<panfist> alrighty then
<guntbert> JackTO: it doesn't matter that it is better - it may play havoc with your configuration
<MrWise> grantbow; [Â Â Â Â 1.867660] Console: switching to colour frame buffer device 80x30
<guntbert> MrWise: and the neighboring consoles?
<MrWise> nothing happens
<MrWise> when I hit alt+left or alt+right
<JackTO> guntbert: maybe since i loaded webmin, my system has been freezing on boot?....  mmmmmmmmmmmm
<guntbert> JackTO: installing webmin won't hurt, using it can and will ...
<guntbert> MrWise: then I'm out of ideas - sorry, it seems your system really hangs  :-(
<JackTO> which is the most stable linux for a webserver out there? rhel? centos? suse?   i can't stand this constant hanging and crashing..
<godzirra> howdy folks.  Looks like I have my cluster going... sort of.
<bjor> JackTO: Ive never had problems with ubuntu server hanging..
<MrWise> guntbert; can't I just not make it switch to colour frame buffer device?
<MrWise> make it not*
<godzirra> When I run this command to start my ubuntu instance, it tells me I don't have enough resources... what am I doing wrong?
<godzirra> shawn@jomamma:~$ sudo euca-run-instances $EMI -k mykey -t m1.large emi-E11E1088
<JackTO> bjor: both my physical box and my virtual box both hang on random boots...
<guntbert> MrWise: that was the point of fb=false -- please compare what you typed with the help message
<bjor> JackTO: have you ruled the possibility of hardware faults?
<JackTO> bjor: tried for 3 days to track any hardware faults down with no luck, but then again i'm new to linux, so maybe there are places i'm not checking
<hallyn> mathiaz: https://code.launchpad.net/~serge-hallyn/+activereviews   uh, did i do that right?
<bjor> JackTO: Well just double check the usual suspects, RAM, HDDs, and USB Devices
<hallyn> should i have listed you specifically?
<godzirra> So what am I doing wrong?
<MrWise> guntbert; so is the setup ignoring my command line input? :S or maybe it's hanging on something that's directly after that
<MrWise> help file says fb=false
<MrWise> so it should be right
<godzirra> Even sudo "euca-run-instances -k mykey emi-E11E1088" gives me "not enough resources"
<godzirra> oops.  Quote in the wrong place.
<MrWise> is there any way I can install ubuntu server from within windows? or could I perhaps put the harddrive in another computer, install ubuntu and then put it back?
<bjor> Just format and fresh install it
<guntbert> MrWise: I just checked, it still activates a vga16fb, but I don't know why or how to prevent that
<MrWise> bjor; so you think it's the windows install on this harddrive that's causing these problems?
<EtienneG> repost from #eucalyptus, in case someone has a clue:
<EtienneG> <EtienneG> Q.: in 1.6.2 (UEC), does the NC honor the VNET_PRIVINTERFACE configuration?  Ie, can you have the SC listen on PUBINTERFACE for registration and communication with Walrus, but serve EBS volume on PRIVINTERFACE?
<EtienneG> <EtienneG> I am talking about a standalone SC, CC service is running on another machin
<bjor> mrWise: I am not sure of your problem but formatting usually solves alot of problems with Windows ;)
<MrWise> I have no problem with windows though
<MrWise> it installed fine, it boots fine
<MrWise> it's ubuntu that I'm having problems with, bjor
<bjor> What is the problem
<MrWise> bjor; system hangs shortly after the message [Â Â Â Â 1.867660] Console: switching to colour frame buffer device 80x30
<bjor> no idea what that is lol
<MrWise> lol!
<bjor> Google it, otherwise I have no idea
<bjor> Gunna have to do some webcrawling
<bjor> format it
<bjor> Just reinstall it
<habanany> ##windows
<guntbert> bjor: please don't give random "advice"
<guntbert> habanany: type /join ##windows
<bjor> I wouldn't say it is random advice, if you waste more than 30 minutes troubleshooting an issue that most likely can be solved by a format
<MrWise> it is random advice as it's not related to the issue
<bjor> Throw a frisbee at your computer, it might fix it.
<bjor> That is random.
<MrWise> that's just as random
<MrWise> in this specific instance
<bjor> Where a format could actually fix it, I am just trying to help you solve the problem in the quickest way
<MrWise> a lot of things could fix it
<MrWise> a LOT of things
<MrWise> there are many things I would try that have actual explanations behind them, before I try those with none
<godzirra> Hrm.  Its not showing my nodes when I do "euca_conf --list-nodes".  Why would it not show up?  If I manually do "sudo euca_conf --deregister-nodes 192.168.1.99" it deregisters just fine.
<Undeon> Hey guys. I'm having a weired problem with my squid.. My server has 2 NICs, static IP. From server, I can access the internet without problem... And I can ping the client too.. But the client can't access the internet...
<guntbert> Undeon: the client browser is configured to use tha proxy?
<Undeon> guntbert: Well... I've tryied with configuration and without by using "transparent" on the squid.conf
<guntbert> Undeon: I never used transparent, so no idea, what error do you get when you try with configuration?
<Undeon> guntbert: It appears that the client can't "understand" that the server are a proxy server... The IE8 says "connectivity lost or site offline or DNS not accessible, typo error" etc...
<guntbert> Undeon: in IE deselect "friendly error messages" - so that you get the real error and see if it comes from your squid, are you certain that the port is correct?
<godzirra> If I have a cluster and a node, why does euca-describe-availability-zones verbose still show only 1/1/2/2/4 for cpus, and all of my free/max  slots are listed as 0?
<godzirra> euca_conf --list-nodes/cluster show both the node and cluster
<Undeon> guntbert: I've deselected "friendly error messages", but still showing the same error page... And I'm certain about the configuration on port
<guntbert> Undeon: it really seems that you client doesn't know about the proxy, try the following (on command line) : telnet <yourproxy> <yourport>  -- if it connects the page stays black, then type get http://some.url, you *should get an answer from squid
<MrWise> the threads I'm reading seems to suggest it has something to do with my graphics card being an ATi radeon card (onboard)
<guntbert> *your client
<MrWise> anyone have any experience with this problem then?
<MrWise> like
<MrWise> can I slipstream the proprietary drivers for the graphics card into the install maybe?
<Undeon> guntbert: He cant connect... "It's impossible to open conection with host on port 3128: Connection failed
<godzirra> Bleh.  I'm getting ready to scrap this all and start completely over.
<godzirra> I don't know what I'm doing wrong because I don't understand most of what I'm doing =p
<wieshka> QUESTION: is there way how to migrate from debian 5 to ubuntu 8.04. yes, i know, it is old version already, but i have specific software. Running virtual host
<wieshka> lat night stupid questions ... :)
<godzirra> Can anyone recommend a good howto?
<e_t_> godzirra: a good howto for doing what?
<ScottK> wieshka: Which release code name was Debian 5?
<wieshka> lenny
<wieshka> if i remmebre correctly
<ScottK> Lenny is actually newer than 8.04.
<wieshka> aha
<wieshka> 8.04 is debian 4 based
<wieshka> its mean i need downgradinf
<ScottK> In any case, the boot systems are fundamentally different.  The odds of a successful cross-grade between Debian and Ubuntu are low.
<ScottK> Sarge -> Dapper was quite doable, but that was the last one.
<wieshka> ScottK: it is clean debian 5 install
<ScottK> I wouldn't try it.
<wieshka> i just ordered today debian 5 64 bit virtual machine
<godzirra> e_t_: Setting everything up.  I've installed ubuntu and thought I was close to done setting it up, but now whneever I try and start an instance it tells me I don't have enough resources.
<ScottK> I'd reinstall.
<wieshka> but in the end - software supports says that they do not provide support for debian
<wieshka> 5
<wieshka> and i need to migrate ubuntu 8.04
<godzirra> ScottK: Was that to me?
<ScottK> Why not 10.04?
<wieshka> ScottK: i have only access to virtual machine
<ScottK> godzirra: No.
<godzirra> Oh.  not to me.
<ScottK> wieshka: Oh.  I'd run it as Debian then.
<wieshka> ScottK: the virtualhost is for zimbra collabration tool network edition only
<e_t_> godzirra: What processor? How much RAM? How much hard drive?
<wieshka> my mistake is that it checked out open source edition support list
<wieshka> there is debian 5
<wieshka> yee , cool, better then ubuntu for virtual host
<godzirra> e_t_: An old AMD64 with a gig of ram.
<godzirra> I may just not have enough ram.
<wieshka> but network edition does not have it
<godzirra> Although all of my free/max pool listed under euca-describe-availability-zones verbose is listed as 0000
<e_t_> godzirra: A gigabyte should be more than sufficient for Ubuntu Server. What are you trying to use the computer for?
<jethro_> If I move my server (ubuntu, nginx, mysql, ffmpeg) from 32 bit to 64 bit platform is that going to wreak havoc?
<Undeon> Well.. I've solve the problem about the client cant connect... From DOS, I can ping any site, but I cant connect by name (I'm using Google's DNS), and some sites cant conect by IP too.... =(
<uvirtbot> New bug: #592434 in openssh (main) "ssh -X user@machine hangs when using exit to terminate" [Undecided,New] https://launchpad.net/bugs/592434
<Undeon> Every time I start my squid, it goes down a few seconds latter... Can anyone help me?
<_holmser_> I finally got my postfix server up and running, but my mail keeps getting rejected by spam filters because I have a dynamic IP
<lzantal> hi all
<_holmser_> how can I set up postfix to route through another smtp server, but still show as coming from my server's email address?
<lzantal> Installed ubuntu 9.10 server on raid5 When I boot it I get this error and drop to shell "Alert! /dev/md0 does not exist
<T3CHKOMMIE> hey everyone!
<T3CHKOMMIE> I was wondering, does webmin work with 10.04 now?
<T3CHKOMMIE> im looking for a program that will email me with information/ warnings about the server any ideas?
<_holmser_> I was under the impression that webmin didn't like ubuntu's package system.  could be wrong though
<_holmser_> you can still install it from source if you want too
<T3CHKOMMIE> _holmser_, i was reading that the perl packages it uses are now depricated ?
<_holmser_> could be... last time I messed around with webmin was a couple months before 10.04 dropped
<T3CHKOMMIE> _holmser_, do you know of something i could run on my server that will email me if i have a crashed program or the server goes down?
<T3CHKOMMIE> preffurably something in the repository?
<_holmser_> not off the top of my head... although I should really look into that.  there has to be a bunch out there.
<_holmser_> I'm leaving work right now, but when I get home I'll google for one
<King_of_Metal> hi, I'm following the UEC/CDInstall tutorial on 9.10 but there is no uec-component-listener command. Is this relevant?
<SpamapS> mathiaz: ping
<Rafael> hgas anybody use livezilla to ftp to ubuntu
<uvirtbot> New bug: #592442 in php5 (main) "fopen fails on some SSL urls" [Undecided,New] https://launchpad.net/bugs/592442
<Undeon> Every time I start my squid, it goes down a few seconds latter... Can anyone help me?
<godzirra> Darnit, e_t_ left.
<godzirra> I had to rubn for my kids t-ball game.
<therian> hey guys, so i installed 10.04 on a new computer and then installed windows 7 after it, which deleted the boot loader (damn windows) so now i cant get to my ubuntu install. is there an easy way to reinstall the bootloader?
<JackTO> hi all
<King_of_Metal> therian http://www.howtogeek.com/howto/ubuntu/reinstall-ubuntu-grub-bootloader-after-windows-wipes-it-out/
<therian> thanks King_of_Metal idk why i didnt find this with my google search...
<King_of_Metal> therian it happens...
<JackTO> I got the wierdest thing going on....   for the last 3 days, I'm learning ubuntu server and linux, and 50% of the times i bootup the system after the grub and after fsck run, i get a unreadahead error, and the screen, locks up with a blinking cursor (50% of the time).  Well, I just tried to SSH into the box, and I can perfectly, loin as root not prob, but on ther server screeen its all locked up...  what do 
<JackTO> is there an easy fix?
<therian> can i do it with any livecd or does it have to match the os? aka 10.04 64bit vs 32 bit
#ubuntu-server 2010-06-11
<JackTO> anyone know what this means in the debug log: Resume from disk failed.
<JackTO> exact line is:    Jun 10 18:48:13 cs1 kernel: [    1.988767] PM: Resume from disk failed.
<JackTO> this is on system bootup
<godzirra> Can anyone take a look at this and tell me why I'm getting "Not enough resources" when I try and start my instance?  The paste is at http://pastebin.com/6quhxphh
<godzirra> Hrm.
<godzirra> i'm lagging out I think.
<godzirra> Can anyone take a look at this and tell me why I'm getting "Not enough resources" when I try and start my instance?  The paste is at http://pastebin.com/6quhxphh
<Undeon> Hey guys.. I'm almost finishing my squid... The client can ping anysite, but I can't connect using name or IP...
<godzirra> What should "virsh list" show on my node controller?
<Undeon> Hey guys.. I'm almost finishing my squid... The client can ping anysite, but I can't connect using name or IP...
<godzirra> Can anyone take a look at this and tell me why I'm getting "Not enough resources" when I try and start my instance?  The paste is at http://pastebin.com/6quhxphh
<corpse> does anyone run xbmc in server, or recommend a good command line media server?
<AndChat|> Is there a floppy image I could use to try and boot an ubuntu cd on my server?
<AndChat|> For some reason my cd rom won't even try and read the ubuntu cd
<AndChat|> This is really driving me nuts.
<holmser> Anyone in here?
<godzirra> Can anyone take a look at this and tell me why I'm getting "Not enough resources" when I try and start my instance?  The paste is at http://pastebin.com/6quhxphh
<AndChat|> I got booted, did anyone have any input on the boot disk?
<corpse> If i have a download going in a SSH connection, how can i get a new command line without stoping the download?
<godzirra> AndChat|: No one has said anything.
<godzirra> corpse: SSH in again? :p
<corpse> =P
<corpse> thought there would be a more convient way
<pmatulis> corpse: you can interrupt the download and then put it in the background
<corpse> pmatulis: yeah i suppose that would work as well. Thank you
<godzirra> corpse: I run screen.
<godzirra> corpse: Screen lets you open up additional ... well.. screens.
<godzirra> So I ssh back into a box, just run "screen -x" and it reconnects my screen.
<godzirra> I've got irssi on 2 servers, a bot running in the background, a few edit windows, etc.
<godzirra> Can anyone take a look at this and tell me why I'm getting "Not enough resources" when I try and start my instance?  The paste is at http://pastebin.com/6quhxphh
<uvirtbot> New bug: #592493 in libnss-ldap (main) "runlevel arguments (2 3 4 5) do not match LSB Default-Start values (none)" [Undecided,New] https://launchpad.net/bugs/592493
<uvirtbot> New bug: #592491 in kvm (main) "Problems to autostart a VM with kvm on 10.04" [Undecided,New] https://launchpad.net/bugs/592491
<jturek> greetings all
<jturek> quick question,  I have a VirtualBox Guest with Lernid, Virtualboxt host is Karmic.  Headless setup, where I remote into the guest via ssh only -  I am finding there is lag in my Lucid, that i don't see in my karmic guest, same settings default install
<holmser_> anyone have experience with pxe installs?
<jturek> Was wondering if anybody had suggestions of places to look to figure out where this "lag" is coming from.  CPU looks ok with htop
<jturek> its a notible delay as  i type into the session that i don't see with karmic doing same app/function
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<jturek> thanks twb lo
<twb> jturek: that was for holmser_.
<jturek> twb: oh ok!  i said "anybody" too i guess haha
<twb> jturek: pastebin the output of "ps auxf" within the guest.
<twb> Does Ubuntu have an HCL somewhere?
<jturek> twb: http://paste.ubuntu.com/448045/  for the lag issue
<twb> jturek: that all looks fine.
<jturek> twb: not much runnong on the box :)
<twb> I would next look at the host OS, e.g. if the niceness or ioniceness is different for one host to the other.
<twb> Re. HCL: https://wiki.ubuntu.com/HardwareSupport
<jturek> twb: i'll check, but same host for both karmic and lucid guest :)
<godzirra> how do I get mykey.priv to copy to my image before starting it?
<twb> godzirra: what is a mykey.priv?
<godzirra> twb: in this doc, it says to create a keypair and use it to start your VM.  mykey.priv is the file it says to write it to, but mine says "mykey already exists"
<godzirra> and I'm not sure how to get the correct version
<godzirra> http://open.eucalyptus.com/wiki/EucalyptusGettingStarted_v1.5.2 is the url I'm reading from
<rgotten> how hard or easy is to use a webserver
<bc> rgotten: nginx should be easy to set up. Apache, not too much more difficult.
<rgotten> bc: i know i have php, apache and other stuff installed, but from here to place and make my we  up and running?
<bc> rgotten: service apache start, then open localhost in your browser
<bc> rgotten: sorry, make that apache2, probably
<rgotten> bc: i use webmin to manage the ubuntu server ( i know people dont like it) but is easy for me to manage the server...i cansee ther i have apache installed and i see i have a default server and a virtual sever..which i have to use
<bc> rgotten: I have no experience with webmin. I've never used it.
<bc> rgotten: by default I believe apache binds to 0.0.0.0:80, which will probably just work if you start it up.
<rgotten> ok but if i use he terminal..any easy how to?
<bc> rgotten: in terminal, sudo /etc/init.d/apache2 start
<rgotten> bc: it says already running
<bc> rgotten: surf to the IP of the web server and you should see an apache page.
<rgotten> bc...you mean the ip of the computer..like 192.168.1.11
<bc> rgotten: yes sir
<rgotten> what about to be seen by people outside of my network..i mean with my static ip
<rgotten> by the internet
<bc> rgotten: if your webserver is 192.168.1.11, and it is behind a router, then you may have to forward port 80 to 192.168.1.11 from the router.
<bc> rgotten: if your provider blocks 80, then you will have to use another port, like 8000. E.g. http://192.168.1.11:8000
<rgotten> bc: can this expose my server to hackers or this is pretty safe
<bc> rgotten: that entirely depends on what you host with Apache.
<bc> rgotten: if you host just .html files.. pretty safe. close to fort knox safe, at least if you keep up with apt updates.
<CppIsWeird> i just tried to install ubuntu-server on a computer using a usb flash drive. i downloaded the normal ubuntu-server iso and put it on the pen drive with unetboot. the installation stops because it cant find the ubuntu cd in the cdrom.
<bc> rgotten: if you host something like wordpress or phpbb or phpgallery, you have to watch it like a hawk.
<rgotten> bc: on hich folders of ubuntu shuld i download the folders of the website to be safe?
<bc> rgotten: I don't understand
<panfist> is there any sort of backup ability included in ubuntu server?
<bc> panfist: there's a couple options listed on help.ubuntu.com
<bc> rgotten: grep -R DocumentRoot /etc/apache2
<rgotten> bc: well i am new..so sorry if i sound dum....i am using a software call webplus x2...thia will upload the folder to the web server..i gues i havere to find a place were to uploaded?
<bc> rgotten: the grep above should show the location of the web directory
<panfist> there seems to be a lot of specific documentation available for the last LTS but not lucid yet, or am i not looking in the right palce?
<bhavamitra> hello, at ubuntu 10.04 server install, i've created two lvm volumes encrypted and one not encrypted. the not encrypted one i could successfully set it to mount at /boot, but the encrypted ones i couldn't as it just flashed the screen and kept on the same menu portion. anything wrong?
<bc> panfist: most of the tools exist in all of them
<bhavamitra> hello, at ubuntu 10.04 server install, i've created two lvm volumes encrypted and one not encrypted. the not encrypted one i could successfully set it to mount at /boot, but the encrypted ones i couldn't as it just flashed the screen and kept on the same menu after activation. anything wrong?
<bc> panfist: I use rsnapshot. It has no pretty GUI, but the hard linking and ease of getting at the files was a winner to me. I've been using it for years and years.
<bc> panfist: single config file
<bc> panfist: to illustrate the hard linking benefit, currently my backups are 514G, and that's a couple of high traffic web servers combined.
<mathiaz> hallyn: re https://code.launchpad.net/~serge-hallyn/ubuntu/maverick/qemu-kvm/update-to-12.4/+merge/27293
<mathiaz> hallyn: almost - I've requested a review from the ubuntu-sponsors team
<mathiaz> hallyn: which is the way to ask for sponsorship
<mathiaz> SpamapS: (late) pong
<holmser_> I am really confused right now... I just installed ubuntu 10.04 on my server, but it still rebooted to windows server 2003
<holmser_> I don't know how the hell to get it off my server.
<holmser_> I just want to erase the damn thing and start from scratch
<e_t_> holmser_: when you installed Ubuntu, did you select the option for 'use entire disk' (or similar)? That is what will wipe out WS2003.
<holmser_> yeah... I did.
<holmser_> I selected "guided, use entire disk"
<holmser_> and when it installed grub it said that ubuntu was the only operating system
<twb> holmser_: boot a live image and write zeroes to the entire disk, then confirm that you have no other disks or ROMs on the system.
<holmser_> is there that option on a pxe boot?
<twb> Sure, just go to a shell and use dd
<holmser_> whats the dd command to zero the disk?
<e_t_> dd if=/dev/zero of=/dev/sda
<twb> dd if=/dev/zero of=<whatever the disk is>
<holmser_> thanks
<twb> e_t_: it won't be /dev/sda in d-i, it'll be something horrid like /dev/discs/scsi/lun/0/0/1/part/0
<twb> It should be listed in /proc/partitions
<e_t_> Only if he's go a SAN.
<twb> e_t_: er, no, for SATA, too.
<twb> At least, that's my experience
<e_t_> My laptop's SATA drive is /dev/sda.
<twb> e_t_: *in d-i*?
<e_t_> I don't know what that means.
<twb> Which is rather my point.
<e_t_> Care to educate me?
<twb> holmser_: "cat /proc/partitions", which should list every disk and partition the kernel can see.  The largest one is likely your largest drive.  Have dd target that.
<twb> e_t_: d-i is the debian-installer, a kernel and ramdisk used for all installs of Ubuntu other than the desktop CD.
<mopi> Does anybody know how to use windows group policies with samba server
<twb> !anybody > mopi
<ubottu> mopi, please see my private message
<mopi> twb: thanks you are a big help
<holmser_> he likes to do that
<holmser_> he's done that to me 2x so far
<twb> I like people to contribute to the signal, not the noise.
<holmser_> he is also very helpful though....
<bc> ubottu: what are you?
<ubottu> I am only a bot, please don't think I'm intelligent :)
<bc> ubottu: what kind of bot are you?
<bc> supybot?
<twb> ubottu: version
<ubottu> To find out what version of Ubuntu you have, type Â« lsb_release -a Â» in a !shell - To know the available version of a package, Â« apt-cache policy <package> Â»
<twb> Bah.
<bc> !ubottu
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi - Usage info: http://wiki.ubuntu.com/IRC/Bots
<bc> Ah, it is supybot, or based upon it.
<mopi> !bye
<ubottu> Au revoir!
<holmser_> is there an easy way to give dd a progress bar?
<bc> holmser_: maybe pv
<twb> holmser_: pkill -HUP dd
<twb> Recent dd should respond to a HUP signal by emitting progress information to stderr
<twb> Sorry, usr1
<twb> Don't use HUP, it'll stop dd
<twb> holmser_: In *theory* you should only need to blow away the first 512 bytes or so, but since that happens during install and didn't appear to work, you're blowing away the entire disk.
<holmser_> This server is a hand me down, and its the first actual server I have ever played with, so there are some things I am a little unclear about
<holmser_> when I run the cat /proc/partitions it gives me sda and sda1, both 75 or so gigs
<holmser_> I know previously it was set up as a raid 1
<holmser_> when
<holmser_> when I was in the install, it showed 1 drive with 140+ gigs
<twb> Huh, how about that.
<holmser_> but when I look inside the box, there are 3 drives
<twb> holmser_: it's probably hardware RAID5, then.
<qman__> if it successfully booted 2003, I'm guessing ubuntu only wiped one of the disks
<qman__> and the RAID decided that was wrong
<twb> Yeah, that's possible
<twb> But then I'd expect him to be able to see all the drives
<qman__> yeah
<twb> holmser_: do you WANT to have a RAIDed ubuntu?
<holmser_> Sure
<holmser_> I don't really care.  I just want to be able to boot at this point
<holmser_> I've gone through so much damn trouble with this machine
 * ball sighs
<twb> holmser_: if you just want to boot, unplug two of the three drives
<twb> But note that it's not easy to turn a raidless install into a raided install; if you want raid later, you'll have to reinstall
<holmser_> could it possibly be my raid settings?
<twb> We don't even know if you're using raid
<holmser_> I just looked at the raid settings, and apparently I have 2 147 gig drives
<holmser_> so now I'm really confused
<holmser_> I know the server 2003 install is using raid
<twb> You said there were three drives.  Where does the third come in?
<ball> Perhaps you've got one array of three drives partitioned into two spaces?
<twb> Who knows
<twb> I'd wanna check if it was a fakeraid card, too
<ball> I'd wanna set fire to it, but that's just me.
<twb> Never trust a machine you can lift
 * ball nods
<twb> So is auth-client-config supposed to be broken in 10.04?
<twb> http://pastebin.com/qjEnTzBi
<twb> No, it's my coworker's fault for being an ass
<twb> He created a new auth-client-conf profile and didn't do it properly.
<holmser_> ok... I just reset the raid config to defaults, and now the installer recognizes a 140 gig raid 5 disk
<ball> holmser_: how large are your individual drives?
<holmser_> I have 2 140 gig and 1 80 gig
<holmser_> I think
<ball> holmser_: I wouldn't try RAID 5 on those then
<ball> ...especially not hardware RAID5
<holmser_> it freezes when I don't activate the raid, and it doesn't boot when I install to the 80 gig, so I'm kind of stuck
<ball> holmser_: Can you build a RAID 1 mirror from the two 140 Gbyte drives?
<twb> There is little point raiding disks of varying sizes
<ball> twb: at least with a hardware RAID controller.
<ball> twb: with software RAID it's possible.
<twb> It's *possible* with anything
 * ball nods
<ball> s/possible/possibly useful/
<twb> s/disks/partitions/ and the same applies to md raid
<ball> What is "md raid"?
<twb> The RAID that is implemented by the kernel's multiple disk driver, "md".
<ball> Ah, so Linux software RAID then?
<twb> As opposed to software raid that is fakeraid
<twb> md raid = mdadm = linux software raid
<ball> Thanks.
 * ball <- limited Linux experience.
<twb> I try to avoid the term "software raid" because it could mean md raid OR fakeraid
<holmser_> I have never configured raid before, this is a gift server from a law office that I want to use as a file server
<ball> holmser_: Why do you (think you) need three drives in there?
<twb> holmser_: we can help you if you're using md raid.  If you're using hardware raid, you need to talk to your hardware vendor.
<twb> holmser_: you need to look at the raid card and determine if it's hardware or fake raid.
<ball> twb: Would lspci or dmesg help him or her figure that out?
<holmser_> If it was me, I would use one disk for OS and the raid array for a database
<twb> ball: possibly.
<ball> holmser_: I'd take out the 80 Gbyte drive and just run on a mirror of the two 140 Gbyte drives.
<twb> holmser_: well, it IS you.
<holmser_> I didn't realize that this would be a literal crash course in server admin
<holmser_> I couldn't even get it to boot from a cd, so I had to configure a pxe boot
<holmser_> this thing has been a pain in the ass since the minute I brought it home
<twb> I'm actually impressed that you got PXE working on your own
<ball> holmser_: It's good to figure these things out during (or shortly prior to) installation.
<ball> holmser_: set fire to it.
<holmser_> and it sounds like there is a damn jet engine in my living room
<holmser_> my wife is pissed :)
<ball> holmser_: They tend to be.
<holmser_> luckily I had my web server in the closet that I could configure as the pxe hose
<holmser_> host*
<holmser_> I was really surprised that pxe worked too.
<twb> holmser_: maybe you should reconsider putting this crappy box in your home
<twb> A new, small-form-factor unit with two 500GiB drive would cost maybe $400 to $800.
<holmser_> I'm a broke ass college student
<holmser_> not really much choice
<holmser_> I am stuck with hand me downs
<twb> Do you pay for the power and A/C in your place? ;-)
<holmser_> yeah.... but once I get it up and running I am gonna throw it in my detached garage.  its on seperate power that the landlord pays for :)
<ball> Does the detached garage have crickets in it?
<holmser_> I don't think so
<holmser_> do crickets like servers?
<twb> snakes do
<holmser_> I believe it
 * ScottK knows cockroaches like televisions.  Not sure about servers.
<ball> Some people I know had roaches crawl out of a desktop PC recently (not their own, thankfully)
<uvirtbot> New bug: #592523 in ethtool (main) "Please sync ethtool 1:2.6.34-2 (main) from Debian unstable (main)." [Wishlist,New] https://launchpad.net/bugs/592523
 * bc killed one of the biggest "outside" roach bugs I've ever seen in my life yesterday trying to summit the ceiling.
<bc> I'm guessing it's the 90F heat
<bc> He had to be 2"x0.5"
<jo-erlend> I have a local apt mirror. How do I make the installer use that mirror instead of accessing the default ones?
<twb> jo-erlend: d-i or ubiquity?
<jo-erlend> d-i?
<jo-erlend> ah. d-i, yes.
<twb> d-i should prompt you to select a mirror during the install.
<jo-erlend> it doesn't. It does ask if I need to use a http proxy though.
<twb> I suppose if canonical have gotten too "helpful" again, you will need to either do an "expert" install or manually supply it on the boot: prompt or in a preseed file.
<twb> There is an appendix to the Debian Install Guide that covers these.
<jo-erlend> thanks.
<criminy> is there a hook for any of the linux ftp servers to delete a file once a client has downloaded it?
<criminy> I've solved it by cludging together awk, sed, bash, cron, and lsof but I'd like a more integrated approach that doesn't rely on log file analysis and such
<twb> criminy: http://mywiki.wooledge.org/FtpMustDie
<criminy> that doesn't really help me. nor will it load. We are working with a lazy vendor. We typically use webservices over HTTPS but this vendor demanded a non-secure FTP in a DMZ
<holmser_> well, it doesn't boot to windows server 2003 anymore
<holmser_> but it just freezes on boot after post
<holmser_> I am starting to think that lighting it on fire is a viable option
<criminy> ask a valid question and I get snark. fml
 * ball nods, enthusiastically.
<ball> holmser_: take out the 80, configure your array and install your OS>
<ball> brb, pop
<twb> holmser_: the fact that it hung is progress
<twb> holmser_: now you can be confident that when you install ubuntu, it won't boot into windows afterward.
<bc> ball: pop? soda?
 * ball nods
<bc> ball: North east? :)
<bc> ball: Penn?
<ball> bc: of what now?
<bc> ball: when you wrote pop, do you mean, for instance, pepsi/coca-cola?
<ball> I think this one's some sort of odd cherry pepsi thing.
<twb> I thought they had it in cans now
<twb> You wouldn't need to leave your terminal to go to the fountain
<ball> twb: Some days, walking to the fridge is the only exercise I get. ;-)
<bc> ball: you must be originally east of Missouri and north of Virginia
 * ball thinks about it.
<bc> ball: heh
<ball> I suppose technically you're correct.
<ball> ...though perhaps not in the way you imagine.
<bc> ball: were you born in the area I described?
<ball> bc: I was born and raised in England.
<bc> ball: yikes, way off, by about an Atlantic
<twb> "England, Kentucky or England, Ottawa?"
<twb> \end{usian}
<ball> twb: :-)
<bc> I'm out before my mind explodes. G'night, foreigners. ;)
<ball> bc: I live in Illinois now though.
<bc> ball: What is the termin people in England use? Do they use "pop"?
<bc> s/termin/term/
<ball> bc: I don't know.  I'm not in England.
<ball> bc: It may vary by region.
<ball> "Soda" sounds American though.
<ball> ...so perhaps it's just "pop".
<bc> ball: no doubt it varies. OK, 'night.
<uvirtbot> New bug: #592529 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/592529
<rahman> Hi, is it possible to setup a kvm machine on a remote host via ssh? I need to install and configure a vm on our server but Its out of my reach and it also headless linux server without X. the guest system will alse be plain linux without X. So any hint?
<unewbie> rahman have you installed the guest os?
<qman__> rahman, I don't have experience with it, but I see no reason why that wouldn't work
<unewbie> i have to stop apparmor to be able to manage my guest os
<rahman> unewbie: Nope, As I try to say, I need to install it but I have only ssh access to host os. I used to use graphical tools to manage VMs. So I realy don't know how will I manage the VM when I start it up. Will it redirect its output to my current ssh console? Or Will I need to connect another port of the Host OS?
<unewbie> no
<unewbie> install the vm with ip
<unewbie> then ssh as usual
<unewbie> i just installed vm 2 days ago
<unewbie> i'm new too
<rahman> unewbie: I figured out that I need to use virt-manager on my desktop to connect and see the output of the VM guest after I do "virt-install --connect qemu:///system -n vm10 -r 128 --vcpus=2 -f ~/vm10.qcow2 -s 2 -c archlinux-2010.05-core-x86_64.iso --vnc --noautoconsole --os-type linux --accelerate --network=bridge:br0 --hvm" So I am trying it know . Thanks
<unewbie> good
<CppIsWeird> i cant seem to install ubnutu-server through usb. i've tried using unetboot and this http://www.pendrivelinux.com/run-ubuntu-9-10-server-edition-installer-from-usb/ it all gets stuck wanting files from the CD rom
<Jordan_U> CppIsWeird: Easiest way is to just use the mini.iso (netboot). Everything needed to boot is contained in the kernel and initrd
<huats> morning
<twb> *Technically*, I think the 12MB mini.iso is distinct from the 120MB-ish netboot .iso.
<twb> Just to make things confusing
<twb> Never mind, that's "netinst", not "netboot"
<huats> soren, sorry for giving anwers to your questions yesterday (questions that you asked to hep me)... I was struggling with  my host and guest configuration and at the end it was the time to get my son...
<huats> soren, in the server mailing list you mention that you had configured an host as a router (in a datacenter), I would be really interested to hear a little more about that
<NineTeen67Comet> Hi all; I'm running 8.04 (since it came out of beta/rc) on my server (mainly a web server with a little extra mysql help around the network). My question is; to weather I should go ahead and update to 10.04 yet, or hang on until the end of the life cycle of 8.04? It's been working great; upgrading would mean I could jump in and clean it out at the same time.
<twb> NineTeen67Comet: wait for 10.04.1
<NineTeen67Comet> I've tried a few odds and end on it over the years (Nagios 2 and some others) that failed .. as well as several different e-mail server tutorials gone bad. So I know there are some dead config files laying around in there.
<NineTeen67Comet> twb: good idea; I always forget the small updates and their security/stability improvements.
<soren> huats: There's not much to it, really. Let me look it up.
<eagles0513875> !iptables
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist.
<soren> huats: These days, it should be even easier. That box is still running Hardy, and libvirt in Hardy didn't support this very well.
<soren> eagles0513875: Can you please do stuff like that in private?
<eagles0513875> sry
<soren> Don't be sorry. Be better :)
<soren> huats: You can create a network in libvirt that isn't NAT'ed, but just routed.
<soren> huats: It was added to support this very use case.
<huats> soren, that was my idea since apparently I have read in many places that the dataceter where the server is does not really support bridge
<huats> so I'll continue that way
<soren> huats: http://www.libvirt.org/formatnetwork.html under "Connectivity"
<huats> thanks soren
<soren> huats: You set <forward mode="route">
<leander> btw, is ipv6 addressing syntax already properly supported in libvirt?
<soren> huats: ...and that's pretty much it. Of course your firewall needs to allow the traffic to pass through and all that, but otherwise, that's it.
<huats> soren, ok I'll try that way
<huats> I'll let you know more during the day
<soren> huats: sure thing.
<baddassmutha> Apart from the Ubuntu main site, does any body know of a resource where I can find out about real world ubuntu server / desktop implimentations? i.e. someone who has installed from new or replaced a windows server / desktop domain with Linux (not just adding a Linux PC to a Win AD). Thank you all in advance!!
<optikfluffel> hey guys.. i try to get a pptp vpn running on my ubuntu vserver.. could anyone help me with this, cause i'm getting some error and googling arround didn't fixed it..
<corpse> quick noob question, once i have a iso mounted how can i go about installing the application?
<corpse> or is that not possible from command line?
<uvirtbot> New bug: #592579 in bind9 (main) "bind9 crash at resolver.c:3093: REQUIRE((((fctx->queries).head == ((void *)0)) ? isc_boolean_true : isc_boolean_false)) " [Undecided,New] https://launchpad.net/bugs/592579
<jussi> How does one create a new ssl certificate?
<cicatrix> Hey guys. Looking for something like similar to supervisord. I found that supervisord rarely works properly on 9.10, not sure I want to try again with 10.04. Suggestions?
<angelete2> how can i install xen on my 10.4?
<soren> angelete2: You can't.
<angelete2> and is it planed to add xen capabilities for newer versions=?
<soren> No.
<jussi> angelete2: kvm is the way to go now, iirc.
<soren> If someone wants to maintain Xen, they're welcome to, but as it stands, noone does.
<soren> Ubuntu works fine as a Xen guest, though.
<angelete2> thank you
<cicatrix> Nobody knows any alternatives to supervisor then?
<rahman> Here is my kvm guest xml: http://pastebin.com/uLeeQ5US  virsh reports its running but I cant connect to it via virt-viewer, KRDC (kde remote desktop for vnc and rdp) how can I connect to the vm and setup a guest os?
<a_ok> I am trying to do a iSCSI boot with ubuntu 10.4 but i'm getting the following error
<a_ok> ipconfig: eth0: SIOCGIFINDEX: No such device
<mac_nibblet> Anyone alive?
<RoyK>  
<mac_nibblet> got a question about hardware compability
<RoyK> just ask
<mac_nibblet> does ubuntu server take full use of multiple processors on the motherboard
<soren> Of course.
<soren> Dude. It's 2010.
<mac_nibblet> yeah i know but i read on google about some issues
<soren> Even Windows does SMP these days.
<mac_nibblet> the company is going to buy 3 dell poweredge 2850 servers
<mac_nibblet> and i know im going to be the one the configurate them
<a_ok> mac_nibblet: I have a few R510 here with two Intel Xeon E5520
<mac_nibblet> oki
<mac_nibblet> and u didn't have any major issues?
<a_ok> as long as the program is multitreaded all 8 cores are utilized and no issues at all
<a_ok> mac_nibblet: well I do have an issue but not cpu related
<a_ok> iSCSI boot is a pain and I don't know wether its simply a missing driver in the initram or some config thingy
<soren> rahman: ...but it's ok in here.
<soren> rahman: that screenshot doesn't help at all. You need to explain what you're doing.
<rahman> soren: thanks, so #kvm  is for only developer chats?
<soren> rahman: No, it's for kvm.
<soren> rahman: You're not having problems with kvm.
<soren> Probably, at least.
<rahman> soren: thanks, never mind I give up to setup kvm, and will try VBoxHeadless instead
<soren> Have fun.
<uvirtbot> New bug: #592610 in samba (main) "Shared folders (through Samba) when following instructions sometimes does not work correctly" [Undecided,New] https://launchpad.net/bugs/592610
<eagles0513875> !bind9 | eagles0513875
<a_ok> what modules do I need for a broadcom netxtreme2
<thefish> a_ok: bnx2 ifaik
<a_ok> ok thanks
<thefish> a_ok: been having wierd problems on a dell blade with that here, are you having issues?
<a_ok> thefish: iSCSI boot not working so I want to make sure the driver is in the initram
<thefish> ah k
<eagles0513875> is anyone having strange issues with ssh on a non standard port with iptables as a firewall
<eagles0513875> for some reason for me unless i restart ssh i cant connect to my server via ssh
<eagles0513875> the port im using instead of port 22 is 2200
<eagles0513875> iptables is set to allow connections on that port
<thefish> eagles0513875: unless you restart ssh?
<thefish> so you cant connect, then you restart ssh and you can connect?
<eagles0513875> ya
<eagles0513875> basically
<eagles0513875> the operation either times out or is refused
<thefish> this is after some time passes?
<eagles0513875> this is on a vps
<thefish> you say it works after you restart ssh
<eagles0513875> thefish: ya
<eagles0513875> ya
<eagles0513875> since this is a vps i have a java consol on this panel and i can access the server from there to restart ssh
<thefish> did you change your sshd_config to listen on 2200?
<eagles0513875> yes
<eagles0513875> first thing i did
<eagles0513875> iptables -L shows 2200 is allowed
<thefish> so to reproduce, you restart sshd, login sucsessfully with ssh, then wait a while for it to stop working again?
<eagles0513875> thefish: yes it seems to also happen if the server closes the remote connection from its end then the problem also arises
<eagles0513875> if i enter the password im fine
<eagles0513875> also happens after a reboot of the server
<eagles0513875> thefish: http://pastebin.com/xzqQhLCk <-- iptables -vL from a bit earlier shows that the port is open
<eagles0513875> it seems like a massive delay though before it asks me for my password thefish
<eagles0513875> seems to be fine now O_o
<thefish> heh
<jdstrand> unewbie: please file a bug if you have to disable the apparmor profile when using libvirt
<jdstrand> unewbie: file it against libvirt and state all the steps to reproduce
<_ruben> eagles0513875: sounds dns-problem'ish
<uvirtbot> New bug: #592639 in samba (main) "[Master] Update-alternatives problems " [Undecided,New] https://launchpad.net/bugs/592639
<sommer> morning
<diago> Is it possible to install and setup DRBD on a system that is already in use?
<Snadder> Does ubuntu server 64bit have an dvd with all packages? I only see the cd on ubuntu.com.
<a_ok> I am trying to build a cpio archive but keep ending up with doubles... can someone please tell me whats the correct way to build a cpio archive?
<a_ok> arg never mind messed up my find command
<eagles0513875> _ruben: its not dns is fine
<phretor> hi, I have a number of dbus-daemon open for almost every user. Is it normal?
<zul> ttx: what do you think of bug #342056?
<uvirtbot> Launchpad bug 342056 in samba "Samba automatic account creation assumes local accounts" [Wishlist,Triaged] https://launchpad.net/bugs/342056
<dassouki> what is the best way to give a user access to their home and /var/www/their_url ... I'm adding a developer to what pretty much was a solo project
<Snadder> Hi.. I installed ubuntu 10.04 with grub2 (previously had debian lenny with grub1).. Now I booted to a grub 15 error.. Anyone know how to fix it?
<uvirtbot> New bug: #592660 in libezmorph-java (main) "Sync libezmorph-java 1.0.6-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/592660
<uvirtbot> New bug: #592667 in libjson-java (main) "Sync libjson-java 2.3-2 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/592667
<Omahn> Anyone fancy reviewing some upstart scripts for NIS?
<dassouki> awesome .. /wc 4
<dassouki> oops
<zul> Omahn: yeah that would be cool...if you open up a bug in launchpad that would be great!
<Omahn> zul: I'll upload to bug #569757
<uvirtbot> Launchpad bug 569757 in nis "NIS upstart dependancy broken for lucid" [Wishlist,Confirmed] https://launchpad.net/bugs/569757
<zul> Omahn: thanks
<Omahn> zul: Done. This is my first attempt with writing upstart scripts. I've tested the client side (ypbind) and that works fine on our test machines. I haven't tested the server parts as comprehensively, but they appear to work ok. I might of course be heading in completely the wrong direction. Looking forward to some feedback :-)
<zul> Omahn: gotcha
<Omahn> zul: Thanks.
<Omahn> I understand that nis is no longer in main but the fact that nis doesn't reliably come up in Lucid has completely stopped the roll out of Ubuntu at our site. Hopefully we can get it sorted sooner rather than later. :-)
<ttx> Daviey: you didn't send me the euca merge to review ?
<Daviey> ttx: No.. i'm trying to establish why only the CC works at the moment
<ttx> Daviey: ok
<Daviey> I was unable to even touch it yesterday
<Omahn> Bit stuck now. What's the correct way of installing an upstart job when building a package?
<a_ok> can someone tell me how I add something to the initrd image? so far all my attempts end in a kernel panic (eg my initrd file is not accepted)
<uvirtbot> New bug: #560182 in php5 (main) "php5-cgi crashed with SIGSEGV in php_log_err()" [Low,Incomplete] https://launchpad.net/bugs/560182
<leonel-vaio> hello ... is there an estimated time for python-django 1.2.1 gets merged from debian unstable to maveric?
<ScottK> leonel-vaio: It's when someone gets to it.
<leonel-vaio> ScottK: any one ?
<leonel-vaio> even me ?
<ScottK> You could prepare a merge and propose it for a developer to review.
<ScottK> Absolutely.
<leonel-vaio> Great .. squeesing my schedule to make time ..
<mathiaz> hggdh: hi!
<mathiaz> hggdh: what's the state of the ubuntu10.2 eucalyptus SRU verification process?
<hggdh> mathiaz: I tested it, and marked the bugs verification-done (yesterday)
<hggdh> mathiaz: and hi ;-)
<mathiaz> hggdh: awesome - so ubuntu10.2 should be pushed to -updates soon?
<MTecknology> I have a server that has everything sitting on a single HD. (and it's hosting 4 vm's) I'm going to get pretty read/write heavy (hdparm tells me I'm getting anywhere from 4 to 90 mb/s on the guests and ~150 on the host). I'm hitting my head here and my guess is that the only way to alleviate this is to get more drive i/o available. I'm not sure what the best way to do this is, but I know cheap is extremely important. I was thinking of ge
<uvirtbot> New bug: #592728 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.5 failed to install/upgrade: subprocess post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/592728
<hggdh> mathiaz: hold on. I think I misunderstood you
<hggdh> mathiaz: I tested euca 1.6.2-0ubuntu30.2. What is Ubuntu 10.2?
<mathiaz> hggdh: oh no - you were correct
<mathiaz> hggdh: I mistyped
<mathiaz> hggdh: I was referring to 1.6.2-0ubuntu30.2.
<hallyn> mathiaz: i'm still failing to see exactly how the bzr qemu-kvm tree relates to the package i built.  In particular, I can see pretty trivially how I would base on a custom +noroms tgz by editing the .dsc file by hand.  But where under debian/ would I do the change to be reflected in .dsc?
<mathiaz> hallyn: hm
<mathiaz> hallyn: here is the process I would follow to update to the new upstream release
<mathiaz> hallyn: 1. download the upstream tarball
<mathiaz> hallyn: 2. unpack and remove the binary roms
<mathiaz> hallyn: to create +noroms.orig.tar.gz
<mathiaz> hallyn: 3. import the +noroms.orig.tar.gz:
<mathiaz> hallyn: bzr merge-upstream +noroms.orig.tar.gz
<mathiaz> hallyn: 4. Update the package and rebuild the debian src package
<mathiaz> hallyn: bzr bd -S
<hallyn> mathiaz: thanks!
<mathiaz> hallyn: does that answer your question?
<hallyn> (i'll have to look into how merge-usptream is coded)
<hallyn> yup!
<mathiaz> hallyn: bzr help merge-upstream
<mathiaz> hallyn: with the bzr-builddeb plugin installed
<mathiaz> hallyn: with the bzr-builddeb *package* installed
<hallyn> mathiaz: thanks, i'll go try, hopefully i won't be bugging you any more
 * hallyn off
<mathiaz> hallyn: if you run into other issues don't hesitate to ask around
<mathiaz> hallyn: I would actually ask in #ubuntu-devel instead
<mathiaz> hallyn: since more people may be able to answer there
<mathiaz> SpamapS: hi!
<mathiaz> SpamapS: I've finished up the mongodb merge you've asked for sponsoring
<hallyn> mathiaz: ah, ok
<BrixSat> hello how do i enable "Tun" module?
<mathiaz> hallyn: you can still ping me from #ubuntu-devel (I'm there...) - doing it there will increase your chances to have an answer if/when I'm not around
<mathiaz> SpamapS: I'd suggest you quickly review the whole diff
<mathiaz> SpamapS: as I've added some things
<SpamapS> mathiaz: I took a look last night .. I think I understand everything. :)
<SpamapS> mathiaz: I got side tracked when I accidentally deleted my entire /home when trying to remove schroots. ;)
<mathiaz> SpamapS: great - so now we can work on the other bugs I looked at yesterday
<mathiaz> SpamapS: oh....
 * SpamapS is thankful for hourly backups. :)
<SpamapS> I lost nothing.. amazingly enough
<Shinhan> How can I change resolution in command line mode? Everything I google about changing resolution CLI talks about various commands for X server, while this installation of ubuntu server doesnt even have X. It just has too high resolution so the letters are really small. (its a 19" CRT)
<hggdh> mathiaz: then all is good -- 30.2 was already in the -proposed, should now go to backports
<mathiaz> hggdh: hm - s/backports/-updates/?
<hggdh> mathiaz: duh. Indeed, sorry
<BrixSat> hello how do i enable "Tun" module?
<Shinhan> I found something that might help me, http://ubuntuforums.org/showthread.php?t=682377 but I dont have a menu.lst file in /boot/grub/ Am I safe to create menu.lst with only contents being "vga=792"?
<Shinhan> or is that some other file that I should change? or is that file elsewhere?
<SpamapS> mathiaz: wait, I didn't realize what you were saying. Where can I get your .dsc for 1.4.3-2ubuntu1?
<SpamapS> mathiaz: never mind, found it on launchpad :)
<mathiaz> SpamapS: I'd suggest to use bzr pkg branches
<mathiaz> SpamapS: bzr branch lp:ubuntu/mongodb
<mathiaz> SpamapS: and you'll get the unpack source code
<SpamapS> mathiaz: I've been using apt-get source only.. though just because thats "the way I learnt it" ;)
<SpamapS> that or 'dpkg-source -x' ..
<mathiaz> SpamapS: right - bzr pkg branches in the new cool thing in Ubuntu
<mathiaz> SpamapS: https://wiki.ubuntu.com/DistributedDevelopment/
<mathiaz> SpamapS: nowadays I rarely do apt-get source ....
<mathiaz> SpamapS: instead I usually start with:
<mathiaz> SpamapS: bzr init-repo src-pkg-name
<mathiaz> SpamapS: cd src-pkg-name/
<mathiaz> SpamapS: bzr co lp:ubuntu/src-pkg-name/ maverick
<mathiaz> SpamapS: that way I get the complete source
<mathiaz> SpamapS: If I need to have the debian source:
<mathiaz> SpamapS: bzr co lp:debian/sid/src-pkg-name/ sid/
<mathiaz> SpamapS: and when I plan to work on a fix:
<mathiaz> SpamapS: bzr branch maverick fix-bug-XXXX
<mathiaz> SpamapS: to merge a package from debian:
<mathiaz> SpamapS: bzr branch maverick m-merge-from-debian
<mathiaz> SpamapS: cd m-merge-from-debian/
<mathiaz> SpamapS: bzr merge-package ../sid
<hallyn> mathiaz: so 'bzr branch' pretty much works like git checkout?  i can do unlimited cheap branching?
<SpamapS> mathiaz: I like it if for no other reason than I can use launchpad's collborative features for branches. :)
<SpamapS> mathiaz: given that, can I use merge proposals instead of sponsorship queued bugs? ;)
<BrixSat> how do i enable "Tun" module?
<mathiaz> SpamapS: yes - that's the goal of the project
<mathiaz> SpamapS: I'll happily review merge proposal
<mathiaz> SpamapS: as it's easier than bug and patch attachements
<mathiaz> hallyn: yes - kind of
<mathiaz> hallyn: I haven't enough knowledge from git though
<mathiaz> hallyn: but I usually start by setting up a shared repository
<mathiaz> hallyn: (bzr init-repo src-pkg-name)
<mathiaz> hallyn: and then get the pkg branch from lp
<mathiaz> hallyn: IIRC git checkout will do the checkout of the branch in the directory you're in
<mathiaz> hallyn: where as with bzr you still have one directory per branch
<hallyn> mathiaz: yup
<mathiaz> hallyn: but the .bzr/ directory is shared amongst all of them
<mathiaz> hallyn: http://paste.ubuntu.com/448341/
<mathiaz> hallyn: ^^ this is what I created while reviewing your qemu-kvm branch
<mathiaz> hallyn: I started by get the maverick branch
<mathiaz> hallyn: and then got your own branch
<mathiaz> hallyn: as they're using a shared repository (the .bzr/) getting your branch from LP is much faster
<hallyn> to be honest the git branches "feel" cheaper since they don't take up extra directories :)
<mathiaz> hallyn: agreed
<mathiaz> hallyn: you're not changing directories
<hallyn> but that's just a perceived diff...
<mathiaz> hallyn: for bzr you can still refer to other branches
<mathiaz> hallyn: so given the directory structure above I diff your contentn with:
<mathiaz> hallyn: update-to-12.4/$ bzr diff --old ../maverick
<mathiaz> hallyn: and when working with merges the best trick is to use the ancestor: option when doing diff
<mathiaz> hallyn: maverick/$ bzr diff -rancestor:../sid
<mathiaz> SpamapS: ^^
<mathiaz> hallyn: SpamapS: using -rancestor:../other-branch you can easily review what has changed in Debian,Ubuntu since the last point of merge
<SpamapS> mathiaz: I like it, but its going to take me a few times to get used ot it. ;)
<mathiaz> SpamapS: yeah - it took me a while to figure it out
<SpamapS> mathiaz: ppa question.. if I upload things into the PPA first, can they be used as build deps for other things that I upload to the PPA? (hoping YES)
<mathiaz> SpamapS: yes!
<mathiaz> SpamapS: it's one of the advantage of using PPAs
<mathiaz> SpamapS: it's like mini-archive
<mathiaz> SpamapS: it will use the Ubuntu archive by default
<mathiaz> SpamapS: but also the PPA itself
<mathiaz> SpamapS: which is useful when you need to add dependencies
<SpamapS> mathiaz: right.. have to do that for the Cassandra debs
<mathiaz> SpamapS: this is what I did for the backport of bzr-git in https://launchpad.net/~mathiaz/+archive/bzr-git/
<mathiaz> SpamapS: I *think* you can upload everything and LP will take care of building the build dependencies correclty
<mathiaz> SpamapS: but I haven't tested it yet
<mathiaz> SpamapS: for the PPA above I took care of the ordering by myself
<SpamapS> mathiaz: I'm ok with having to upload the build deps first, waiting for them to build, then uploading main package
<mathiaz> SpamapS: first uploading the dependency, waiting for it to be build and then uploading the other package
<mathiaz> SpamapS: right - IIRC LP takes care of that in ubuntu
<mathiaz> SpamapS: I guess it may do the same thing for PPA
<diago> is there a way to shrink a qcow2 image. I made a 500GB image and only about 50GB is being used. I want to shrink it so I can transfer it to an lv
<BrixSat> how do i fiz this "FATAL: Module tun not found." ?
<SpamapS> BrixSat: when do you see that?
<BrixSat> SpamapS:  sudo modprobe tun
<BrixSat> SpamapS:  any ideia how to enable mod tun?
<SpamapS> BrixSat: it may be built into the kernel
<SpamapS> BrixSat: try 'ifconfig tun0'
<zul> mathiaz: ping is the weelky accepted SRU suppose to be sent to ubuntu-server ml?
<BrixSat> tun0: error fetching interface information: Device not found
<hggdh> smoser: around?
<smoser> here.
<smoser> que pasa?
<hggdh> when you were testing, you saw a series of instances that did not get a public IP address, correct?
<smoser> i'm not certain.
<smoser> i believe when you look at the logs, you will see that all those failures do not have IP addresses.
<smoser> that said, i think (this is fuzzy memory), that the logs only show the final 'describe-images' output
<smoser> err... describe-instances
<hggdh> may be. I see many of them now with both IPs set to the private
<smoser> my experience is that instances can lose their public ip address
<smoser> so its possible it got one, and then lost it.
<hggdh> weird
<smoser> hggdh, right.
<hggdh> well, Ã§a va sans dire, I guess
<smoser> i'm just not certain that that was *always* the case for a given instance.
<hggdh> k
<hggdh> I will try to zero in that
<hggdh> wait
<hggdh> the metadata issue, when it happens (at least all my last tests) it shows an internal IP address -- 169.something
<hggdh> meaning there was no response from the DHCP server
<hggdh> I wonder if their fix will also affect this error
<hggdh> ('this' meaning no public IP)
<SpamapS> BrixSat: something in the back of my mind is telling me there is a commandl ike 'tunctl' that needs to create the tun device
 * hggdh meanwhile pushes a series of small adjustments to the uec testing scripts
<BrixSat> SpamapS:  installed the tunctl
<BrixSat> SpamapS:  should i install the tunctl?
<newbie> Hey can someone recommend me a program that is able to attempt a internet/ network trace rout and provides more network information then the default installed unbuntu one
<kpettit> newbie, mtr
<kpettit> it's kind of like a ping but shows you a updated route with info about those routes.  helps spot problem spots
<SpamapS> BrixSat: you're trying to create an IP-IP tunnel, right?
<newbie> Would that help me identify why I can connect to the internet and yet my network is fine?
<BrixSat> SpamapS:  yes for (coovachilli)
<SpamapS> BrixSat: after 'modprobe tun' what is the next instruction you're supposed to follow?
<newbie> Internet worked perfectly when I installed unbuntu 2 days ago and installed tor yesterday which fine and today nothing
<kpettit> it might.  It will let you know how far you can get.  So if you try to do  "mtr google.com"
<kpettit> if you don't go anywhere that lets you know you probally have a settings issue
<newbie> Think running it off a pen drive could make a difference? such as the settings not saving right after a shutdown?
<BrixSat> SpamapS:  the problem is that altought i have a tun0 i dont see any trafic on it
<zul> mathiaz: ping
<bventura> hello!  ? for a dovecot expert is it possible to automate deleting messages in a dovecot installation using Maildir format?  IE, trashing junk mail in a specific folder after it's been run thru the spamassassin filter with a script?
<bventura> "run thru sa-learn" i should have said to be precise
<bc> bventura: you may be able to use crontab -e -u <user> to simplify things.
<bventura> sure, but what I'm missing is how to delete the messages from a command line?
<bc> bventura: I'm not sure if it keeps some kind of journal of messages, but you may be able to just rm -f files from a cronjob at a specific interval. Or wrap sa-learn in a script that rm -f's after, then call that from crontab.
<oru_work> greetings. how can I go about backing up entire filesystem ?
<bc> bventura: however, depending on the scope, you might be able to automate the deletions from your mail client if this is only for you.
<bventura> bc: i was thinking the same thing but am hesitant because I thought Maildir also maintians a database of the messages and I dont want to jack up my DB
<bc> bventura: yes, that's what I was uncertain about.
<Adylas> Hello ! Ubuntu 10-04 server at host. Ubuntu 10.04 as guest. As soon as I start using the VM (read, using all the memory) I got a kernel panic. The Guest seems to never write to swap. Any idea ?
<mathiaz> zul: hey - asupz?
<zul> mathiaz: for the weekly accepted sru should it be sent to the ubuntu-server list?
<oru_work> anyone ?
<mathiaz> zul: the weekly *nominated* sru
<mathiaz> zul: the accepted will be listed somewhere else
<zul> mathiaz: ok
<SpamapS> mathiaz: just getting the build-deps for cassandra is turning out to be *almost* as hard as the runtime deps
<mathiaz> SpamapS: :)
<mathiaz> SpamapS: it usually is the hardest part actually
<hggdh> oru_work: dd works
<SpamapS> mathiaz: yeah ... dep dep dep.. I'm just putting the jars in lib since we're giving up on doing this "the right way" :-/
<mathiaz> SpamapS: yeah
<mathiaz> SpamapS: that's probably the easiest way
<mathiaz> SpamapS: put all the binary jars into the .orig.tarball
<SpamapS> mathiaz: maven-debian-helper, btw, is failing me now.. the first thing I did with it worked fine, but ever since it hasn't worked, and most of the time for mysterious reasons. :-/
<oru_work> hggdh, will that work in virtual envirenment ? I"m payinb for VPS from linode
<SpamapS> mathiaz: oohh.. I was going to put them in debian.. no?
<mathiaz> SpamapS: hm - you could put them there
<mathiaz> SpamapS: it may be better - I've never done that
<Pici> oru_work: Theres no reason why it wouldn't work.
<oru_work> Pici, so with dd i can copy an "image" of my entire disk over ssh ? am I understanding it right ?
<Pici> oru_work: sure.
<oru_work> Pici, what would be the command ?
<Pici> oru_work: That, I do not know, sorry :(
<prodcutnews1> asking ubuntu Q in ubuntu room.... whatz best  internet download manager for ubuntu 9.04 ?
<guntbert> prodcutnews1: the same rule applies here: try them - nobody can tell what is "best" for you :-)
<SpamapS> ERROR [pool-1-thread-1] 2010-06-11 12:35:40,452 CassandraDaemon.java (line 78) Fatal exception in thread Thread[pool-1-thread-1,5,main]
<SpamapS> java.lang.OutOfMemoryError: Java heap space
<SpamapS> ahh... java.. so sweet... so bloated.. ;)
<prodcutnews1> ont get me wrong ...i dont even started with any IDM in ubuntu, im not trying for poll here,  the use of word 'BEST' is a crime in the room
<guntbert> !crosspost | prodcutnews1
<ubottu> prodcutnews1: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<oru_work> I remember in 9.04 by default when using screen it first gave you a choice which screen profile to use, and one of them on the bottom showed system time, version and some other very useful info. How would i go about using that in 9.10 or 10.04 ?
<SpamapS> oru_work: byobou
<SpamapS> oru_work: specifically, apt-get install byobou, and then if you want to enable it by default, 'dpkg-reconfigure byobou'
<SpamapS> oru_work: sorry, byobu
<hallyn> then run dvtm in byobu :)
<oru_work> dvtm ?
<hallyn> tiling terminal manager.  if you have a big screen it can be useful
<hallyn> (like splitvt of old)
<hggdh> SpamapS: byobou... like couscous? ;-)
<Omahn> Could anyone tell me what the correct way of including an upstart job in a source package is?
<oru_work> SpamapS, what would be the proper way of exiting from putty with byobu ?
<oru_work> to detach ?
<oru_work> and then logout
<oru_work> ?
<guntbert> oru_work: if you want to keep the byobou session, yes
<oru_work> guntbert, hmm on one of my servers dpkg-reconfigure byobu worked, on the other diddn't
<oru_work> :(
<oru_work> just returned an empty line
<oru_work> didn't go into config
<kirkland> oru_work: to exit all windows, you can use ctrl-a-\
<kirkland> oru_work: to detach, and leave your stuff running, use F6
<guntbert> oru_work: you don't need to use byobou - screen has the same capabilities, only no bottom line with help
<oru_work> how can I enable byubu for all users ?
<guntbert> oru_work: if you installed it anyone can use it
<oru_work> its installed. I'm trying to make it enabled by default for all users
<oru_work> sudo dpkg-reconfigure byobu
<oru_work> that apparantly does nothing
<kirkland> oru_work: cat /etc/issue
<guntbert> oru_work: sorry, I never use it myself
<kirkland> oru_work: the "sudo dpkg-reconfigure byobu" was added in 10.04
<oru_work> kirkland, 9.10
<kirkland> oru_work: okay, there you go ...
<kirkland> oru_work: any chance you can upgrade to 10.04?
<oru_work> uhu
<kirkland> oru_work: otherwise, each user needs to run "byobu-launcher-install"
<kirkland> oru_work: or, if you're an admin, perhaps you can run that on behalf of each user
<oru_work> kirkland, yup, after scheduled backup at 17:00 my time today
<oru_work> kirkland, "byobu-launcher-install" ? I don't get it
<kirkland> oru_work: byobu-launcher-install (and byobu-launcher-uninstall) are two commands that any user can run to toggle on/off byobu to launch automatically at login
<kirkland> oru_work: those two commands exist on both 9.10 and 10.04
<kirkland> oru_work: while 10.04 introduced the "sudo dpkg-reconfigure byobu" method of always launching byobu for all users
<oru_work> byobu-launcher-install
<oru_work> byobu-launcher-install: command not found
<kirkland> oru_work: so, if you want to upgrade 9.10 to 10.04, you can use the dpkg-reconfigure method
<oru_work> kirkland, ^^
<kirkland> oru_work: ls /usr/bin/byobu-* for me
<oru_work> http://pastebin.org/325192
<oru_work> kirkland, ^^
<kirkland> oru_work: one sec ...
<kirkland> oru_work: okay, found it ... /usr/share/byobu/byobu-launcher-install (and -uninstall)
<kirkland> oru_work: so in 9.10, you can ask each user to run that command
<kirkland> oru_work: or, if you can su - to those users, you can run it for them
<kirkland> oru_work: alternatively, you can upgrade to 10.04
<kirkland> oru_work: or, you can install byobu from this PPA: https://edge.launchpad.net/~byobu/+archive/ppa
<kirkland> oru_work: actually, if you install from that PPA, you'll get the latest/greatest byobu will new features too
<oru_work> kirkland, i just ran /usr/share/byobu/byobu-launcher-install which returned nothing, should i trying to re-login ?
<kirkland> oru_work: yup
<oru_work> worked but when I hit F9 and select change colors, here is what I get  Error: /home/paul/.byobu/profile file exists, but is not
<oru_work> is not ..... nothing
<kirkland> oru_work: okay ... do this ...
<kirkland> oru_work: your setup sounds buggered
<kirkland> oru_work: mv your .byobu out of the way entirely
<kirkland> oru_work: and remove the line in your ~/.byobu/profile that says anything about byobu
<kirkland> oru_work: then run "byobu"
<kirkland> oru_work: then press F9, and Toggle Byobu to launch by default
<oru_work>  sec
<larsemil> arent there any jeos with 10.04?
<oru_work> kirkland, should i try apt-get remove byobu instead ?
<kirkland> oru_work: no
<oru_work> so then mv /usr/bin/byobu/ /usr/bin/byobu.bak ?
<kirkland> oru_work:
<kirkland> oru_work: no
<kirkland> oru_work: mkdir /tmp/foo
<kirkland> oru_work: mv ~/.byobu ~/.screen /tmp/foo
<kirkland> oru_work: byobu
<kirkland> oru_work: F9
<kirkland> oru_work: configure away
<oru_work> sec
<sbeattie> larsemil: the server install offers a minimal install for virtual environments under the F4 menu option.
<oru_work> kirkland, mv: cannot stat `/home/paul/.screen': No such file or directory
<oru_work> kirkland, you know lets not worry about this for now
<oru_work> kirkland, thanks for help, i'm about to start the backup and then just upgrade to 10.04
<oru_work> kirkland, thanks for help and have a great weekend i'm out here :)
<dazman> Was just about to say ~/.screenrc too.
<larsemil> sbeattie: found it thanks alot
<larsemil> i have heard libvirt + kvm is slower in 10.04 then earlier, is that the case?
<malchias> I tried a dpkg --get-selections > out.deb and on another server dpkg --set-selections && apt-get -f install.   Isn't this supposed to copy the package configuration so the 2 machines have the same base install?   if not, how do I do that?
<malchias> I meant dpkg --set-selections < out.deb ....sorry
<webPragmatist> RoAkSoAx: you aroundâ¦ have a question about http://roaksoax.wordpress.com/2008/06/20/cluster-sinchronization-tool-csync2/
<webPragmatist> or anyone know what the point of the certificates are if you are doing -k
<webPragmatist> on that link
<ziesemer_> What is the easiest way to create a new partition to fill a disk on gpt that is "properly aligned"?
<ziesemer_> I made sure both the start and the end size were evenly divisible by 512 (matching reported 512B sector size), and parted still complains that it isn't aligned.
<ziesemer_> Guess I needed to align to cylinders, not just sectors...
<larsemil> last
<larsemil> help commands
<larsemil> sry!
<webPragmatist> man
<webPragmatist> hey guys
<webPragmatist> i'm trying to use csync2 but get Identification failed
<webPragmatist> i had to recreate the keys a few timesâ¦ i deleted the old sqllite db
<webPragmatist> is there something else ih ave to do?
<webPragmatist> http://archives.free.net.ph/message/20071128.125839.683b1eae.en.html
<webPragmatist> thats the exact same pickle i'm in
<webPragmatist> oooh idea
<webPragmatist> nope
<webPragmatist> dammit what the heck
<malchias> how do I make sure one server is the same as another as far as packages installed is concerned?
<jpds> malchias: dpkg --get-selections > packages.txt on both and diff the output.
<webPragmatist> ooh got it
<malchias> jpds: can I --set-selections too?
<jpds> Yep.
<malchias> it didn't do anything when I did, and I did a apt-get -f install too
<jpds> dpkg --set-selections < packages.txt && sudo apt-get dselect-upgrade
<malchias> ah, ok I will try that, thank you
<malchias> jpds: perfect, thank you  - it showed me the diff in a cut and paste apt-get install too so I can document it quick.  Thank you
<jpds> malchias: No worries.
<cybrocop> Hi all. I got a question about Eucalyptus on 10.04.   eucalyptus-cc is not automatically starting upon system boot. I don't think this is normal behavior as all other euca* services start properly. When I manually start it, it works.
<cybrocop> Is it possible that eucalyptus-cc is not enabled to start by default for some reason?
<hggdh> cybrocop: no, it is not normal behaviour
<SpamapS> hrm.. I really do need to build an apt mirror on this 500G USB drive I bought... starbucks 2Mbit connection just isn't enough for installing 40MB of dependencies 5 times.. :-P
<linxeh> SpamapS: better than my home connection :p
<SpamapS> linxeh: heh... at home I have AT&T U-verse .. 6Mbit is the low end... can get 30Mbit down/5Mbit up pretty cheap.
<malchias> for security, how should apache logs be group & permission?   Actually how should all of the web directories be?  assume the group is www-data.   Can anyone recommend an article that spells it out for me?
<SpamapS> malchias: not necessarily.. its up to you on what strategy you want to use. It may be better to make it an alternate user/group from the webserver, and world readable. That way you can give multiple users write access w/o allowing the web server scripts to change the content.
<malchias> is there a best practices document somewhere?
<malchias> I don't feel like I know enough to choose a proper strategy
#ubuntu-server 2010-06-12
<SpamapS> malchias: there is a wealth of information out there for how to setup a web dir.. not sure if one specific to ubuntu exists.
<SpamapS> malchias: my personal preference is for services to never be able to write to scripts... so thats why I frown on having things group-owned by www-data.
<SpamapS> But at the same time, if you're careful about never using g+w .. then its ok.
<malchias> SpamapS: can you recommend a "standard" or "best practices" document on apache security for permissions & group ownership on debian/ubuntu (or anything really)
<guntbert> malchias: try to ask in #httpd too
<SpamapS> malchias: I'm sorry but I don't know of any such document... most of it is in my head from experience.
<SpamapS> I try not to think of it in such detailed terms either
<SpamapS> "secure by default" is the thing I chant to myself. ;)
<qman__> yeah
<qman__> there's a couple of settings I change
<qman__> but all in all, the default setup is very well done
<SpamapS> agreed... but..
<SpamapS> the first thing you do when you setup a web server, is start dumping stuff in the docroot
<SpamapS> and, to malchias point, whats the best way to do that and not shoot yourself in the foot. :)
<qman__> I take away all the permissions, then give them back as necessary to make it work
<qman__> and yeah, www-data doesn't have write access to the scripts
<malchias> so soemthing like 740 for files and 700 for directories?  then for the specific scripts that need it increase permissions and keep all files at someuser.www-data ?
<qman__> I usually make them root:root, world readable
<qman__> unless they have config data
<qman__> scripts would be root:root 644
<qman__> directories root:root 755
<qman__> excepting where you need to tighten it further
<qman__> such as config.php or what have you
<qman__> or an includes directory
<qman__> that would be root:root 644
<SpamapS> qman__: why should scripts be root:root ?
<qman__> so no one without root can change them
<SpamapS> qman__: I usually make them owned by some user that is responsible for publishing
<SpamapS> giving root to publishing scripts is a bad idea IMO. ;)
<qman__> including the web server
<SpamapS> I set the publisher and the web server on the same level. One feeds the other. Root is above them.
<qman__> a good plan
<SpamapS> Also if you're using something like tarballs to disribute source code, you don't want it to have UID==0 anywhere in there.. as thats very suspicious. ;)
<SpamapS> There's this weird thing that is knocking around in my head right now though..
<SpamapS> Ever since I heard the term "devops" .. I've been thinking that its really not dev vs. ops vs. devops ... but a third category of thing ...
<linxeh> SpamapS: I'm in the UK, I'm in a highly populated area but 2.5 miles from my exchange. my ADSL typically gets just under 2mbit
<linxeh> SpamapS: I'm also in a highly affluent town
<malchias> if I script is 644, how does it execute?
<SpamapS> linxeh: I'm in metro-Los Angeles.. they dumped fiber on the street 2 blocks away and I have about a 50m run of copper I think.
<SpamapS> malchias: its not being exec()'d .. its being run by the scripting engine
<linxeh> SpamapS: :(
<linxeh> SpamapS: there is cable fibre in the street. I cant get it though, even though the fibre is less than 100 yards from me
<SpamapS> linxeh: yeah thats what they used to have in the US too.. but Verizon and AT&T laid so much dark fiber they realized they had a huge opportunity to overcharge people. ;)
<SpamapS> Still... its the only system that can record 2 HD channels at once that I know of. :)
 * SpamapS disappears
<uvirtbot> New bug: #592899 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.1 failed to install/upgrade: ErrorMessage: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/592899
<bastid_raZor> i'm having some fail2ban errors/warning in /var/log/fail2ban.log   ail2ban.server : ERROR  Unexpected communication error
<bastid_raZor> using the stock jail.conf and fail2ban.conf .. the only thing i have changed was ban time and ignoreip
<mopi> question: is there a way to use windows group policies with a samba server?
<webPragmatist> no
<mopi> ubottu: /msg
<ubottu> Please ask your questions in the channel so that other people can help you, benefit from your questions and answers, and ensure that you're not getting bad advice. Please note that some people find it rude to be sent a PM without being asked for permission to do so first.
<mopi> !ubottu >mopi
<ubottu> mopi, please see my private message
<nginxx> wutup ubottu
<hlx> Question: Would like to set up a Ubuntu Server and use it as a Domain Controller for a Windows (Perhaps Linux?) Environment. Would like to be pointed in the right direction so I can set up a test network and educate myself
<mopi> hlx: I would start by using virtual machines (I use virtualbox) so that way you can take snapshots in case you mess up. document all of your steps
<nginxx> your not going to be able to have a linux server act as a windows domain controller
<mopi> nginxx: why not, I'm doing it?
<hlx> Why not? I don't require group policy.
<hlx> mopi: I have a dedicated machine running xenserver for playing with random servers at the moment :P
<mopi> hlx: that works :)
<mopi> hlx: I would say to start out with ebox and see how that works for you.
<hlx> I do like how Ebox looks, I think I will.
<mopi> hlx: if you do need any group polices you can configure that on the local workstation and make yourself an image
<hlx> how does
<hlx> er.
<mopi> configure group polices by going start - run - gpedit.msc
<hlx> How does Ebox/Samba do authentication? if I configure one machine and image them over, do I need to change the SID? or the DID? As long as I image them before I join the domain I should be fine?
<mopi> hlx: correct
<mopi> hlx: also FOG will auto add windows to the domain if configured that way
<hlx> so this fog is somewhat of an Acronis or norton ghost program, just open source
<mopi> hlx: correct, but I would say better. It is administered through a web browser. You can even deploy snapin software that you make yourself. It is very powerful
<mopi> hlx: I use it on a network with 700 workstations
<mopi> hlx: it runs as your dhcp server too
<hlx> interesting. Are there any sort of incremental backup servers? Or does this do something akin? I'm more or less looking for something like a WHS (Windows Home Server) equivalent. I have dabbled with Rsync and don't mind that, but am wondering what else is out there
<mopi> hlx: I'm sorry, I can't help you there. I don't work with backups much.
<hlx> mopi mind if i pm?
<mopi> hlx: go ahead
<nginxx> btw, ebox bends the space/time fabric ... it is pretty awesome
<hlx> it does look pretty robust
<nginxx> sorry about the comment earlier, my definition of a DC is that it can hold the global catalog, etc
<nginxx> yea, authentication services is a synch
<hlx>     excellent
<hlx> yeah the last win server 2k8 solution i sold was a 70 workstation solution, server os, 1u harware and licensing = ~$30,000 , plus the workstations and labor = probably another $80,000, not too many businesses in a small town have that muc hto spend
<nginxx> any virtualization on that bare metal?
<hlx> thats just straight server 2k8 domain controller, 12GB system running DC, and SQL
<hlx> so DNS, DHCP, all that fun
<hlx> no WSUS or anything
<nginxx> ah
<elnur> There is no /etc/hostname files. How should I change the hostname?
<elnur> *file
<nginxx> you might want to touch it and put a hostname in it
<nginxx> and change /etc/hosts
<elnur> isn't changing hosts only enough? why would my system not have hostname file?
<nginxx> what release are you using, is it a new install?
<elnur> yea, new minimal install of ubuntu 10.04 server
<elnur> on Xen VPS
<MTecknology> elnur: linode by change?
<MTecknology> chance*
<elnur> no, it's a russian hosting company
<elnur> is default hostname "ubuntu"?
<MTecknology> just curious..
<MTecknology> I think so
<MTecknology> elnur: /etc/hostname should be the fqdn
<MTecknology> elnur: http://pastebin.ubuntu.com/448545/
<elnur> MTecknology, the interesting thing is that there is no /etc/hostname file. Yea, I can create it, but I wonder, why it's not there by default. Maybe something has changes I the system uses another way of storing hostname, not /etc/hostname
<MTecknology> elnur: lsb_release -a && uname -a
<MTecknology> see if it's been tweaked
<elnur> MTecknology, http://pastebin.ubuntu.com/448548/
<MTecknology> you running on an amazon cloud??
<elnur> I doubt that.
<elnur> How can I check it?
<MTecknology> I have no idea - but the kernel you're running is for Amazon EC2
<MTecknology> and the latest 10.04 kernel for a server is 2.6.31-16-server
<elnur> whoa :)
<elnur> my kernel is for Xen server
<MTecknology> ah.. nevermind - there is linux-image-2.6.32-306-ec2
<MTecknology> xen must be injecting that
<elnur> injecting what?
<MTecknology> the kernel version - or they configured it to run that which would be odd
<MTecknology> I just haven't encountered that ever - kind of a wtf moment
<elnur> there are special linux presets for Xen servers and those presets ship with special kernel optimized for xen
<nginxx> you could try changing the hostname with the hostname command
<MTecknology> Linux panther 2.6.35-rc1 #52 SMP PREEMPT Sun May 30 19:21:30 CDT 2010 x86_64 GNU/Linux
<MTecknology> ^^ my kernel version
<uvirtbot> MTecknology: Error: "^" is not a valid command.
<MTecknology> heh.. seems I stumbled into uvirtbot's prefix character
<elnur> aha. after issuing hostname command /etc/hostname was created
<elnur> MTecknology, are you on edge? :)
<nginxx> ah
<MTecknology> elnur: git source and compiled - I tried to package it but it really really doesn't want to be pacakged.
<MTecknology> nginxx: so.. I'ma guessin' you runnin' nginx
<elnur> MTecknology, heh
<nginxx> i have some moodle servers running on nginx
<MTecknology> I don't use apache anymore :P
<nginxx> heh, i was sold on the memory footprint on nginx
<elnur> nginxx, MTecknology, since /etc/hostname is in its place now, i've edited it and the hostname is changes. thanks for the help :)
<MTecknology> elnur: yay
<nginxx> good to hear elnur
<elnur> now to setup bind...
<MTecknology> nginxx: same here, nailed by head on a ceiling with apache and now I have room
<elnur> what hostname is used for, anyway?
<elnur> the only change i see in the shell prefix, like elnur@hostname
<MTecknology> local name resolution
<nginxx> http://en.wikipedia.org/wiki/Hostname
<elnur> so, is it recommended to assign my hostname to my main domain name ?
<nginxx> yes
<nginxx> and put your other names in /etc/hosts
<elnur> okay. thanks
<MTecknology> nginxx: you should join #nginx
<robinyahu> askum
<elnur> why select-editor doesn't work?
<elnur> must I install debconf and run dpkg-reconfigure to select the default editor?
<elnur> ah, it's already installed
<elnur> heh
<elnur> it couldn't be otherwise. i just misspelled it and wrote dkpg...
<elnur> ah. wrong command
<elnur> i need update-alternatives
<elnur> i thought i had enough sleep this night :P
<MTecknology> elnur: heh- I knew I got too (WAY TOO) little sleep. I had to deal with a disk getting <1 MB/s read time...
<elnur> MTecknology, i don't get about disk :) what's the problem?
<MTecknology> elnur: hm?
<elnur> MTecknology, I don't get this: I had to deal with a disk getting <1 MB/s read time... My English is not really good. I don't get it. :)
<MTecknology> elnur: hdparm -t /dev/sda was reporting read times of less than 1 megabyte per second - that should easily be up over 100 megabytes and realistically capable of more than 250
<elnur> MTecknology, and how does that relate to your sleep? :D
<MTecknology> elnur: ~2.5 hours sleep makes that very hard to deal with
<elnur> MTecknology, omg, 2.5 hours is really bad. I can't concentrate properly even if I sleep 5-6 hours
<MTecknology> elnur: websites had more than 1 minute load time per page - people were angry - I was angry
<MTecknology> elnur: indeed - it's hard
<elnur> MTecknology, and how you solved that?
<MTecknology> elnur: adjust memory allocated to virtual systems - remove swap from virtual systems - drop_cache's - couple little tweaks
<elnur> MTecknology, i see
<elnur> Now I'm striving to sleep 7-8 hours every day :)
<MTecknology> sounds amazing
<MTecknology> 5 hours per night is about my best
<elnur> sleeping less doesn't win in the long run
<MTecknology> I've been starting a company with a couple guys and it's really really really hard to keep up on school and the company
<elnur> MTecknology, heh. having a company is really cool. i'm starting to do my own little my little :)
<elnur> what is the thing your company does? hosting?
<MTecknology> website development and hosting
<MTecknology> right now we're drupal exclusively
<elnur> MTecknology, heh. i have some xp with drupal â like a year
<MTecknology> it's fun stuff
<elnur> i hated it because drupal doesn't allow a programmer to have fun :)
<MTecknology> how so?
<elnur> maybe it's subjective
<elnur> but i like developing on Zend Framework much more
<MTecknology> from developing a theme - it sucked - it's much better now
<elnur> drupal is a ready CMS and it restricts what you can or should do
<MTecknology> building modules is great
<elnur> i'd been building modules and it was rly boring for me :
<elnur> * :P
<MTecknology> but that's good :P
<MTecknology> I like it
<MTecknology> I got to doing some really fun stuff
<elnur> drupal is good for small sites. not for things like social networks
<MTecknology> umm... gotta disagree
<elnur> it's your right :)
<MTecknology> My company is contracted to build a VERY massive website for networking - in drupal
<elnur> Any success?
<MTecknology> ya, we're doing great
<elnur> That's good. :)
<MTecknology> full interactive api, bidding system, 70% of the functionality is there
<elnur> MTecknology, i'm not saying that it's not possible to do that with Drupal. I'm saying that it's not the best tool for the task.
<elnur> you can develop website on C, but that's not optimal
<MTecknology> what makes drupal bad for it?
<elnur> because it imposes a particular structure on your system, and that structure sucks
<elnur> sucks for serious things
<MTecknology> how so?
<elnur> You can't, for instance, have a nice database schema with FKs all over the place.
<elnur> Because Drupal already gave to you its shitty DB schema.
<MTecknology> I like it's schema :P
<MTecknology> to me it makes pretty good sense - especially when you hook multiple modules into each other
<elnur> Drupal follow that lame approach which uses DB as a brainless data storage
<elnur> s/follow/follows
<elnur> In serious projects serious programmers use DB as a single point of truth, and data is forces to be correct on the DB level, not on app level.
<elnur> s/forces/forced
<MTecknology> that can be subject to flaw too
<elnur> even if can, it's much much better than brainless-data-storage approach :P
<MTecknology> maybe :P - I guess it depends on what you learn
<MTecknology> db should always have most serious tasks such as joins, views, w/e offloaded to it
<MTecknology> no reason the programmer can't verify things
<elnur> yea, views and whatsnot
<MTecknology> I have views in my drupal schema :P
<holmser_> just tried to install 10.04 on my server.  installed correctly, and now I'm getting a "Geom error" on boot.  what the hell is that?
<elnur> anyways, if drupal works for, that's good :)
<elnur> holmser_, yea, wtf is that? :P
<elnur> *works for YOU
<MTecknology> elnur: you should watch the language some ;)
<elnur> MTecknology, is wtf bad? :)
<MTecknology> elnur: ya
<nginxx> geometry error
<MTecknology> "obfuscated swearing"
<holmser_> Its gotta be a grub error
<elnur> MTecknology, then don't use it too :P
<nginxx> holmser_: try reseting your bios to default settings
<nginxx> *yawn*  getting tired
<holmser_> any idea why when I have my disks set as a raid 0 ubuntu installer can't write to them?
<nginxx> what brand/model controller is it?
<holmser_> nm... adaptec hostraid
<holmser_> I guess ubuntu doesn't like fakeraid?
<nginxx> it sees the HDs individually
<nginxx> and needs a windows driver to funcion
<jmarsden> See https://help.ubuntu.com/community/FakeRaidHowto for some info that might be relevant.
<holmser_> Its fine... I don't need raid.  I just wish I hadn't wasted 8 hours.  lesson learned
<eagles0513875> jpds: did i catch ya at a bad time
<red2kic> Hello, I'm trying to set up postfix to use my Gmail account. Now, I'm attempting to test it. I'm stuck at Subject: Whatever You Desire. How do I go to body or next part?
<red2kic> !mail
<ubottu> Mail is another medium to communicate. Ubuntu mailing lists can be found at http://lists.ubuntu.com
<red2kic> !postfix
<ubottu> postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer
<uvirtbot> New bug: #592975 in libaio (main) "package libaio1 0.3.107-3ubuntu2 failed to install/upgrade: il pacchetto libaio1 Ã¨ giÃ  installato e configurato" [Undecided,New] https://launchpad.net/bugs/592975
<uvirtbot> New bug: #592976 in mailman (main) "package mailman 1:2.1.13-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/592976
<MasterZuFu> is there any way to tell what time my server is running at? for some reason my tasks aren't running at the right time on my mybb forum even though mysql is set to my current actual time.
<GNUtoo|laptop> hi,
<GNUtoo|laptop> I'd like to use bind as a caching + local Master server(for the local network)
<GNUtoo|laptop> but I don't want bind to use the ISP's cache server
<GNUtoo|laptop> I want to be like the ISP cache server
<GNUtoo|laptop> so that it doesn't use the ISP's cache
<GNUtoo|laptop> I got old config from FreeBSD achieving that
<GNUtoo|laptop> but many things don't work anymore
<GNUtoo|laptop> even simple directives like listen-on
<GNUtoo|laptop> should I try to import the "." root.slave files?
<JackTO> Hey All
<JackTO> I'm setting up a LAMP server, I selected that when i installed ubuntu server... but now ehn i type php, it says that its not installed.. is that normal?   there is a php5 folder inside of /etc, but not much in iy
<JackTO> is there an easy way to check if its there or not?
<bc> JackTO: does /usr/bin/php exist?
<JackTO> npe
<JackTO> just check
<JackTO> just checked
<bc> JackTO: dpkg -l php5-cli
<JackTO> what si the difference between doing a apt-get install php5-cli and the dpkg?
<bc> JackTO: dpkg -l is just quering the database to see if you have it installed.
<JackTO> oh, ok, one sec, let me try
<bc> JackTO: apt-get actually uses dpkg though.
<JackTO> says no matching packages
<bc> JackTO: if you want the command line binaries, then install php5-cli. You probably already have libapache2-mod-php5
<JackTO> guess i don't have it, odd... i slected LAMP durring install and I have apache and mysql
<bc> JackTO: you probably just have the Apache module. php5-cli isn't required unless you plan on using, I think, CGIs and scripting outside of Apache.
<JackTO> ahh, interesting...so i may be able to run php, but not be able to manually do anything with it
<bc> JackTO: you may want php-pear also, if you don't already have it.
<bc> JackTO: from the command line, no, but Apache yes
<bc> JackTO: you might double check this too: dpkg -l php5-mysql
<JackTO> looks like i have that
<JackTO> | Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
<JackTO> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
<JackTO> ||/ Name           Version        Description
<JackTO> +++-==============-==============-============================================
<JackTO> ii  php5-mysql     5.3.2-1ubuntu4 MySQL module for php5
<JackTO> sorry
<JackTO> thats what I got wheni issued the last dpkg command
<bc> JackTO: I can't believe a bot didn't kick you :P
<JackTO> LOL
<JackTO> i guess that means thats installed...
<bc> JackTO: ii = installed
<JackTO> thanks
<JackTO> new to linux suff
<bc> JackTO: well you picked an easy one
<JackTO> so I guess technically LAMP is installed....
<JackTO> but i guess to controll php, i need to have php5-cli?
<bc> JackTO: probably so. L, check. A, dpkg -l apache*. M, dpkg -l mysql*, P, check.
<bc> JackTO: if you only plan on using PHP through a web site, you're probably good to go (in most cases).
<JackTO> what about configuring php features....?
<bc> JackTO: apt-cache search php, or edit the files in /etc/php5/apache2
<JackTO> ahh yes, there are only a few files in that di, i guess there isn't that much to configure
<bc> JackTO: you generally want to install extensions via apt, e.g. php5-memcache
<bc> JackTO: they should be enabled for you when you do that, and settings placed somewhere in /etc/php5/apache2, for the apache module version of PHP.
<JackTO> mmmmm... i guess there are all sorts of stuff like that to help with performance etcc...
<JackTO> is there one package ex. php5-cli that insclude all those other modules or are they all seperate packages
<bc> JackTO: just search for something using `apt-get update && apt-cache search <foo>`
<JackTO> thanks, i will try...
<JackTO> is there a webmin moducle for php? I can control apache and mysqwl that way very nicely....   I know its not offically support, but is there one?
<bc> JackTO: the most popular / most used extensions are included. When you get a site up, use phpinfo() in a file to display what it already has.
<bc> JackTO: probably so. search for with apt-cache. I have no experience with webmin.
<JackTO> hpw is apt-cache diff from apt-get (remeber newbie here, sorry)
<bc> JackTO: apt-cache works on the database of packages it already knows about. `apt-get update` updates that database. `apt-get install` installs packages. https://help.ubuntu.com/8.04/serverguide/C/package-management.html
<JackTO> ahh, that makes sense....and all thei stuff it gets from the database on the repositories, right?
<bc> JackTO: in a round about way
<JackTO> dpkg -i, is used when i manually get .deb files and want to install them, right?
<JackTO> aside from being easier to use apt-get, is there any advantage over manually dpkg... do they automatically update etc...?
<bc> JackTO: I'd use another method, like apt-get or aptitude
<bc> JackTO: I'd follow the suggestions on that link
<JackTO> fair enough, i will read that stuff
<bc> JackTO: help.ubuntu.com has tons of good information -- you'll like it.
<JackTO> in tutorial videos they always talk about RPM and YUM, but I have a feeling that stuff is for RHEL or CentOS, right, not Ubuntu?
<JackTO> thanks, i will read that stuff
<bc> JackTO: right, Debian based distributions use .deb and dpkg. rpms are used in Red Hat based systems.
<JackTO> yeah the rpm stuff, looks more complicated... all sorts of dependecy stuff etc..
<bc> JackTO: rpms = SuSE, Fedora, Red Hat, CentOS to name, probably, a few
<JackTO> is there more software available for RHEL, Cet etc... than ubuntu, since its newer?
<bc> JackTO: yum is similar to apt-get, not so complicated.
<JackTO> cent*
<bc> JackTO: I think Debian based systems probably have more software available. Its rare that I haven't been able to find a package I looked for.
<bc> JackTO: back later, happy configuring :)
<JackTO> thanks again
<wisecrypt> hi.. is anyone know where i can find ebox-trafficshaping module for lucid server
<wisecrypt> ?
<JackTO> wise, how does ebox compare to wbmin, just curious?
<wisecrypt> its better
<wisecrypt> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<wisecrypt> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<JackTO> i will try it on my tests system... when i looked at the manual before, it didnt seem to have support for much Apache, mysql stuff
<wisecrypt> ye it does if you using the stable one
<wisecrypt> its 1.4
<wisecrypt> the module name ebox-webserver
<bc> JackTO: I'd get your hands dirty on the command line. You'll gain some useful experience probably.
<JackTO> fair enough
<bc> JackTO: since you said you don't have much experience, for editing files you'll find nano really easy to use.
<JackTO> yes, i've been using nano
<wisecrypt> bc what do you suggest for traffic shaping ? ufw ?
<JackTO> i like it better than the vi thing
<bc> wisecrypt: I have no experience with traffic shaping
<wisecrypt> hmm ...
<bc> JackTO: vim is great if you ever decide to go down that road
<JackTO> is there a module or software u can get for traffic shapping, in the windows works, as a former it admin, i would use hardware boxes..
<JackTO> world*
<JackTO> http://www.bluecoat.com/products/packetshaper
<wisecrypt> i prefer ubuntu to do that thank
<bc> http://lartc.org/howto/
<wisecrypt> bc http://webhtb.nethd.ro/
<wisecrypt> http://webhtb.nethd.ro/ << i dont like it ask a root shell login in ssh
<JackTO> .ro?  I wouldn't trust it
<JackTO> lol
<SuperLag> vim++
<wisecrypt> but i powerful app
<wisecrypt> *a
<bc> SuperLag: <3
<SuperLag> Didn't know about the webmin thing.
<SuperLag> that's good info
<bc> JackTO: I think there are some romanian ubuntu mirrors. Not everyone outside the US is evil :)
<JackTO> haha
<JackTO> fair enough
<wisecrypt> JackTO, would you trust http://sourceforge.net/projects/webhtb/
<JackTO> my dad is romanian, i don't trust him... (just jking, but he is romanian)
<SuperLag> at work, I have better luck with pointing to non-US mirrors... for download speed
<SuperLag> and I'm in the US :)
 * wisecrypt will patiently wait for the release instead
<JackTO> just curious, now that we are talking about traffic shapping, would using a computer toshape the traffic cause a fair bit of latency as opposed to a ASIC designed for that?
<JackTO> like a hardware based solution
<wisecrypt> nvr use a hardware to do that
<wisecrypt> they all pain
<JackTO> i never had a problem with packeteer and we had 55,000 people on it...
<bc> probably completely closed too, but I have no idea
<JackTO> the idea is to achieve close to wire speed, and that hard to do with out an asic..
<wisecrypt> tell your isp about it
<JackTO> we were the ISP
<wisecrypt> that nothing to do with ingression
<JackTO> anyhow, i'm sure there are many linux solutions for that...  just dont know any..
<JackTO> new to linux
<JackTO> :)
<JackTO> checkpoint software may have something?  have u checked
<JackTO> or do u want a free solution
<bc> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<JackTO> on my test server, i tried, apt-get install ebox-webserver, but it said no matching packages
<uvirtbot> New bug: #593118 in openssh (main) "authorized_keys will not accept no-pty option on a per-key basis" [Undecided,New] https://launchpad.net/bugs/593118
<bc> uvirtbot: version
<uvirtbot> bc: The current (running) version of this Supybot is 0.83.3.  The newest version available online is 0.83.4.1.
<bc> uvirtbot: source
<uvirtbot> bc: My source is at http://supybot.com/
<bc> soren: I'm assuming you wrote a plugin for the bug tracking. Is the source in a repo?
<JackTO> i just tried EBOX, what a piece of crap... not exen close to webmin...  its like a toy
<J_5> how do i give myself permission to view apache log files? I get access denied. I can only access them when logged in as root
<JackTO> why do ppl recommend it as a replacement owebmin, its not even 1/10 of webmin..
<cfelectro> maybe some people dont need all that webmin has to offer
<tyler_d|werkin> I have set up 2 nic's on one server, and hard-coded the ip's for some reason they are non-functioning with 2 statics.. even the one static is not getting on the interweb on boot
<tyler_d|werkin> the configuration is http://pastebin.com/pUKnLvga
<nginxx> why are there 2 auto eth0 statements in that
<nginxx> and move auto eth1 to line 10 on the pastebin
<JackTO> hi
<cipher421> I'm having major boot problems with 10.04 fresh install
<cipher421> it freezes after "ureadahead exists with status 4"
<deslector> hi, what is the preferred method to create a firewall on Ubuntu Server for a machine that is going to be a gateway?
<cipher421> which i now know has nothing to do with it
<deslector> the doc talks about ufw, but it says is better used as a host firewall
<cipher421> that nat is a firewall by itself
<cipher421> you don't really need ufw
<bc> deslector: under IP Masquerading: https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<deslector> bc, but then, is still considered a good practice to use ufw ?
<deslector> even on  a gateway machine?
<bc> deslector: sure, why not. it's just a translator for netfilter rules, I believe. You could write rules from scratch, too. Another alternative is shorewall.
<deslector> bc, the thing is... I'm replacing an old debian etch machine
<deslector> and it uses an old init.d script created manually to input the rules to netfilter
<cipher421> no one can help me with booting problems?
<bc> deslector: if it was already configured, you could also just bring the iptables rules with you to the new machine.
<deslector> bc, how could I do that? IIRC, ubuntu uses upstart now
<bc> deslector: I just put mine in a file called pf and added it to /etc/init.d, then ran update-rc.d. It can be as simple as that really.
<deslector> bc, wow... I'll give it a try, thanks!
<bc> deslector: also check out iptables-save
<bc> deslector: .. and iptables-restore
<bc> cipher421: there are a couple of open bugs filed under ureadahead, but I can't help with any solution.
<deslector> bc, ok, I'll look for them... thanks again!
<cipher421> i know the unreadahead is not actually a problem
<cipher421> just the last message i see before freeze
<nginxx> how do you figure that
<cipher421> because i researched what status 4 is
<cipher421> and it just means that it didn't find anything on the hard drive that needed to be loaded into memory
<bc> deslector: update-rc.d can be a tad cryptic, though just check the man page
<deslector> bc, yep, I've used it before... thanks! :-)
<uvirtbot> New bug: #593145 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/593145
<JackTO> if ubuntu is sittingidle for hours, is there any drive activity?  any reading or writing?
<JackTO> in windows theere seems to be contatnt bit of drive activity
<peturi> How can i access the grub menu in server 10.04 ?
<guntbert> peturi: during boot press <shift>
<peturi> ahh thanks guntbert
<guntbert> peturi: you're welcome :-) (sometimes I had to use <right shift>)
<peturi> shift worked, i thougt it was the tab key and got fustrated
<guntbert> nice :)
<peturi> Damn, i forgot my passwd, so i rebooted with init=/bin/bash
<peturi> And then i did "passwd myUser"
<peturi> it asks for the new pass etc. but fails
<peturi> Authendication token manipulation error
<peturi> wtf is this?
<peturi> https://help.ubuntu.com/community/LostPassword
<peturi> seams its the right way with ubuntu.. but does not work
<peturi> ahh read only fs
<guntbert> peturi: you missed on change ro -> rw
<guntbert> *one
<peturi> yea i got it, thanks all works now
<diago> Hello, is it possible to attach a disk to a running guest without a power off?
<diago> sorry, wrong channel
<uvirtbot> New bug: #593176 in php5 (main) "php segmentation fault" [Undecided,New] https://launchpad.net/bugs/593176
<Rafael_>  hi...i need some help on how to upload a website..i have installed php, apache, etc...have no clue how to upload the website ?
<diago> Rafael_: it's on your local machine?
<Rafael_> diego: no
<Rafael_> diego: i finishid with a software called webplusx2..and i know that for publishing it you use the ftp..but do i need to do anyhting with apache?
<ruben23>  hi great ubuntu-server guys, how are you all:-D
#ubuntu-server 2010-06-13
<Masshuu> http://pastebin.com/G0fCNr03
<Masshuu> uuh now what
<Psi-Jack> I understand that OpenVZ support has been long since removed from Ubuntu since after Ubuntu 8.04, but word around says it was being replaced with LXC. Does Ubuntu 10.04 have LXC support to run LXC containers?
<JanC> Psi-Jack: I haven't tried it, and I don't think there is official support, but I suppose it has the necessary bits for LXC in the kernel and in userspace
<JanC> maybe somebody else knows more about it
<sdfoj8>  hello gys, sorry for disturbing, i am trying to accomplish a project, a file storage system like rapidshare . what clustering open source software do you recommend me ? so i can setup my private cloud ? otherwise, i have to store files distributed to servers but those servers wont be able to handle huge traffic. so i need to make it clustered.
<jmarsden> sdfoj8: Maybe read https://help.ubuntu.com/community/UEC
 * sdfoj8 hello gys, sorry for disturbing, i am trying to accomplish a project, a file storage system like rapidshare . what clustering open source software do you recommend me ? so i can setup my private cloud ? otherwise, i have to store files distributed to servers but those servers wont be able to handle huge traffic. so i need to make it clustered.
<sdfoj8> jmarsden
<sdfoj8> instead of ubuntu itself
<sdfoj8> i want to install a cluster version
<jmarsden> ?  UEC is developed by and part of Ubuntu...
<sdfoj8> to be honest
<jmarsden> Did you actually read the info?
<sdfoj8> when i see
<sdfoj8> "ec2" somewhere
<sdfoj8> i run away from it
<sdfoj8> and what i got from ubuntu-cloud site was ec2
<jmarsden> So you want a cloud, but not EC2.  Ubuntu has chosen EC2 compatibility, so that means you are on your own, basically.
<sdfoj8> why do i need amazon services if i want to setup my own cloud
<sdfoj8> didnt get the point
<jmarsden> You don't.  UEC runs on your own computers and is 100% free.
<sdfoj8> cloud world is not based on amazon on amazon s3/ec2
<sdfoj8> so why i see amazon in that site ?
<jmarsden> It is your PRIVATE cloud and does not need or use Amazon anything.  It just uses cpmpatible protocols
<sdfoj8> https://help.ubuntu.com/community/UEC/PackageInstallSeparate
<jmarsden> Because you are not reading carefully enough.
<jmarsden> Read, instead of skimming for keywords.
<sdfoj8> hmm i saw it now.
<sdfoj8> jmarsden
<sdfoj8> i am realyl confused
<sdfoj8> next semester i am going to take distributed systems course
<sdfoj8> and i wish i learn more about cloud thing
<sdfoj8> what comes strage to me is, there has been never a really working open source cloud service
<sdfoj8> i saw open source projects like glusterfs and others
<sdfoj8> but those are not cloud as i know.
<jmarsden> There is now, it is called UEC.  WHich is why I pointed you at it.
<sdfoj8> they dont have automatic intelligen replication
<sdfoj8> do you know what i am talkn about ?
<sdfoj8> suppose, i got a video on 124123servernode.mysite.com/stream/birthday.avi
<sdfoj8> and i am sending this video to my friends
<sdfoj8> and suddenly 10000 of my friends want to watch hat video
<sdfoj8> and they open the url, but since the server has 1gbit, which means 12.5MB per sec. and each user will get only 12.5KB per sec.
<sdfoj8> 12.5Kb per sc.
<sdfoj8> KB i mean.
<sdfoj8> so the server should understand and track the files, if there is a hude demand to a file, then it should replicate that file through other nodes before streaming it
<sdfoj8> and it shouldnt replicate all the files as well.
<sdfoj8> so jmarsden what do you say
<sdfoj8> hello ?
<sdfoj8> anyone can talk about UEC ?
<MTecknology> !enter > sdfoj8
<ubottu> sdfoj8, please see my private message
<sdfoj8> MTecknology
<sdfoj8> sorr.
<diago> does a drive have to have a partition? I mean, can I just mkfs.ext3 /dev/sda
<diago> It seems to work fine
<MTecknology> diago: it works - but it's easier to break things if you forget that you put an fs on the whole drive
<sdfoj8> anyone has experience with glusterfs, mogilefs ?
<MTecknology> !ask | sdfoj8
<ubottu> sdfoj8: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<MTecknology> diago: in unix there's a drive, partition, and slice - that gets fun..
<sdfoj8> anyone has experience with glusterfs, mogilefs ? can u compare them?
<diago> MTecknology: my thoughts: It's a logical volume for a virt guest
<diago> I could then lvextend and resize2fs when I need to increase
<diago> if I start adding partitions I'm not sure how this will work
<diago> if that makes any since
<MTecknology> sounds like you're going to have a heck of an interesting time oif you do that.. why not make the drive use lvm, then put a volume on that, then when you need to grow what the guest has, you can follow any of the millions of guides out there?
<MTecknology> let the guest use that partition which can easily grow as opposed to the whole drive which you can't grow
<diago> I don't think I explained it right...
<MTecknology> diago: I may have just understood it wrong - i think if it works for you then there's no issues with doing it that way :P - yay linux
<diago> I just tested and it's pretty easy.  shut the virt down, on the KVM machine do lvextend -L+5g /dev/vol/drive
<diago> start the virt and resize2fs /dev/vda
<diago> BAM!
<diago> awesome... I love linux
<MTecknology> diago: :P
<MTecknology> diago: you might actually be able to grow before even shutting down and just not be able to use the additional space until you reboot
<diago> You're probably right, LVM is awesome... over iSCSI at that!
<MTecknology> :)
<deslector> hi, I'm trying to use smb_auth with squid on lucid server but it is not working
<deslector> it used to work with the same config on a debian etch system
<deslector> the original page of the smb_auth author doesn't exist anymor
<deslector> any ideas?
<mcarse> I am trying to get my drobo with multiple luns running again in Ubuntu 10.04, apparently I need to load scsi_mod, but when I try "modprobe scsi_mod" i get "FATAL: Module scsi_mod not found" where do I find it?
<mcarse> any thoughts?
<tyler_d|werkin> whats a 64 bit alternative to linux-generic?
<amstan> hey guys
<amstan> i'm having some speed issues with my ssh
<amstan> i recently upgraded my network to gigabit, i can download stuff from the http server at 60MB/s, but any sftp transfer to the same server is still at 3MB/s
<amstan> how could i speed up the ssh connections?
<pwnguin> amstan: can you download via https?
<amstan> well.. i would also like to upload
<amstan> it's a home server
<pwnguin> ssh has encryption which slows thing down
<amstan> ok, how can i disable it?
<amstan> like.. an ondemand thing, i don't care about encryption within my lan
<pwnguin> maybe there's an identity cipher
<pwnguin> but this is just a theory without evidence
<pwnguin> if you monitor CPU usage durting ssh transfer
<amstan> ok, on it
<pwnguin> my theory might be validated if your CPU spikes
<amstan> yep, my server is getting 100% cpu
<amstan> on one of the cores
<pwnguin> ideas
<pwnguin> 1 turn off compression
<pwnguin> 2 weaken the cipher
<pwnguin> http://serverfault.com/questions/125610/is-there-a-way-to-make-scp-run-faster-on-a-mac-os-x
<pwnguin> amstan: one last idea might be to try out webdav
<amstan> pwnguin: http://serverfault.com/questions/116875/how-can-i-disable-encryption-on-openssh
<amstan> pwnguin: see that first post? what file is that to be edited?
<joebob> How can I get grub2 on two raid 1 drives. It's only on one currently...
<Callum__> joebob: so that is a single RAID 1 array consisting of two drives?
<ChrisRut> When might Kernel 2.6.34 be available for Lucid?
<jo-erlend> I setup a server yesterday. It has four disks, which I setup in a raid5. I used two partitions; one for swap and one for root. The installation seemed to go well, but when I rebooted, it dropped to an initramfs, with an error that the disk with a certain uuid wasn't available.
<jo-erlend> I'm fairly certain that I did everything correct. Is this a known bug in lucid server? It's 64bit btw.
<jo-erlend> how do I fix it?
<jo-erlend> It's really annoying that ubuntu server doesn't display the grub menu by default. I have a USB keyboard, and it seems it's too slow to load that I can use shift to display the menu. And since I can't boot without changing the parameters, I'm having difficulties.
<jo-erlend> I think I'll install karmic server instead, and attempt an upgrade afterwards.
<ruben23> hi guys im installing a ubuntu server with 1 terabyte HDD, is it ok to set on default one partition all--> 999.9Gb this wont affect performance..?
<ruben23> any idea guys
<larsemil> ruben23: why do you want to do that?
<ruben23> larsemil:i just a 1 ter byte hdd, i ahve install just a default, just want to know if it will affect server perfomance.
<larsemil> ruben23: i would say that 99% of the time you would want to seperate root partition and datapartition.
<ruben23> hmm ok
<ruben23> for backup purpose right..?
<ruben23> any suggested partion scheme..?
<ruben23> i mean the division of hdd, i dont have in particular, any deafult settings can do
<larsemil> ruben23: i always use something like /boot 200mb /10-15gb and then depending on use /usr or /home for alot of data. i like using /home. also if it is for files sometimes i just use a /stuff that can be shared in the network.
<jo-erlend_> dammit... Karmic has the same problems. I'm installing from a USB stick. Might that be the cause?
<RoyK> http://pastebin.com/mUmPu6Sw <-- I get these errors from my vm
<jo-erlend_> this was the tenth time in two days I've installed Ubuntu 10.04 Server 64bit without any success. I've setup software raid and formatted using a swap area and an ext4 partition. When I reboot after the installation, it complains about a disk with a uuid doesn't exist.
<jo-erlend_> I then check /dev/disk, and find that there are no /dev/disk/by-uuid directory at all.
<ruben23>  hi guys, how fo i configure my network on my ubuntu server having a PPPoE DSL connection but its not username/pass , it automatic IP detection form the ISP...any suggestion..?
<jo-erlend_> I think there is an application called pppoeconfig or something
<jo-erlend_> pppoeconf
<ruben23>  jo-erlend_: sorry im wrong, the connecyion of my DSL is auto assigneing of publci IP so it like DHCP.
<ruben23> my setup is like this : internet---->modem---->ubuntu server
<jo-erlend_> that shouldn't have anything to do with pppoe. You'll configure your interface to use dhcp in /etc/network/interfaces.
<ruben23>  jo-erlend_: yes i have set it to DHCP but the porblem, my linux server get this IP address, 192.168.1.10 (whihc is a private IP) why not a publci IP..?
<jo-erlend_> then you have router in your network. Your router gets the public ip and has its own dhcp server which your server obtains an IP from.
<ruben23>  jo-erlend_: why is it preivate IP not public..?
<ruben23>  jo-erlend_: so your saying that my modem is in a router mode not on bridge mode..?
<jo-erlend_> looks like it, yes.
<ruben23> jo-erlend_: how do i make my linux server, be accessible with SSH..? over the internet..?
<jo-erlend_> by setting up port forwarding in your router.
<ruben23>  jo-erlend_: hmmmm but its a modem not a router, which my ISP owned it..
<ruben23> i cant touch..
<jo-erlend_> then you'll have to talk to them. It doesn't have anything to do with Ubuntu.
<ruben23> jo-erlend_: thanks, for pointing mer to a clearer path now..
<ruben23>  jo-erlend_: i can used DDNS tobe able to connect always even do the Public IP changes right..?
<ruben23> hi
<jo-erlend_> ruben23, it can be set to update a domain name, yes. It has nothing to do with actual connections.
<jo-erlend_> is it possible that ubuntu cannot boot from a software raid?
<ruben23> hi what is the preempt kernel of the ne ubuntu-server 10.04
<Guest50155> how can I grow ext3 filesystem on a raid device? I've upgraded from 320GB to 1.5TB raid 1
<jo-erlend_> if you have free space on the disks, then you should be able to use resize2fs as usual, I think?
<jo-erlend_> you'll have to resize the partition first, of course. If you're using lvm, that's easy. If you're not, it's not so easy.
<jo-erlend_> but a raid1 cannot be bigger than your smallest disk. Perhaps you should provide more details?
<Guest50155> The partitions are already bigger. running resize2fs /dev/md1 now
<Guest50155> it wasn't too bad to upgrade drives individually without lvm. i've never used lvm and it scares me to try to start ;)
<Guest50155> jo-erlend_, working thanks!
<Guest50155> another issue I have is my cdrom drive just never mounts properly and if I run mount /media/cdrom0 the light never comes on and after about 20 seconds I get mount: no medium found on /dev/sr0
<Guest50155> other people have had the same cd issue as me: http://ubuntuforums.org/showthread.php?t=1235151
<jo-erlend_> I have no idea about that as I stopped using cd and dvd a while ago.
<Guest50155> yeah me too but it's not my box...
<sdfoj8> what is the command line that i can test my speed with speedtest.net do you know ?
<jo-erlend_> what amazes me, is that nobody in the entire world seems to know how to install ubuntu to boot from a raid partition.
<jo-erlend_> but in order to preserve my sanity, I think I'll leave it for today and have another go tomorrow.
<RoyK> hi all. I keep getting hangs on an ubuntu guest (ubuntu lucid kvm host, ubuntu lucid guest)
<RoyK> this bug is a bitch https://bugs.launchpad.net/ubuntu/+source/linux/+bug/579276
<uvirtbot> Launchpad bug 579276 in linux "Lost network in KVM VM / virtio_net page allocation failure" [Medium,Triaged]
<RoyK> "medium" my arse - my boxes hang after a few minutes with normal nfs  traffic
<ChrisRut> When might Kernel 2.6.34 be available for Lucid?
<uvirtbot> New bug: #593406 in mysql-5.1 "Mysql ssl connection fail on lucid after compiling with openssl" [Undecided,New] https://launchpad.net/bugs/593406
<_ruben> ChrisRut: you could the mainline kernel packages provided by the kernel team, ubuntu releases usualy don't get new upstream kernels, just (security) backports
<ChrisRut> _ruben: is there a PPA i can use to get 2.6.34 on lucid? or would I have to build it manually?
<_ruben> http://kernel.ubuntu.com/~kernel-ppa/mainline/
<uvirtbot> New bug: #593414 in vsftpd (main) "FTP server does not work if the root user does not login" [Undecided,New] https://launchpad.net/bugs/593414
<ChrisRut> _ruben: Thanks
<chewbranca> so I'm trying to get eucalyptus up and running with UEC, I'm using the CDInstall guide on the ubuntu help site for UEC, I've verified that my node is registering, but when I do euca-describe-availability-zones verbose, it shows 0000 for all free/max options
<chewbranca> any ideas?
<sdfoj8> chewbranca
<sdfoj8> ca i ask why you use eucalyptus with uec ?
<sdfoj8> why dont you use normal ubuntu with mogilfs ?
<chewbranca> because I'm trying to build a eucalyptus based EC2 cluster
<sdfoj8> on amazon ?
<sdfoj8> may i ask why do you do that ?
<chewbranca> why not?
<sdfoj8> why dont you build in other hosting ? and you do it on ec2 ? i am little confused
<sdfoj8> coz ec2 is already a cluster
<sdfoj8> and you are building a cloud server on a cloud already ?
<chewbranca> I need to use EC2, and I want a local dev environment, eucalyptus seems like a good way to go
<chewbranca> no on a local box
<sdfoj8> so is it like that
<sdfoj8> you got 3-4 instances with amazon ec2
<MTecknology> how can I specify no swap with vmbuilder?
<sdfoj8> but when you connect to one server, all the servers are same ?
<sdfoj8> ?
<chewbranca> I'm not even using this with EC2 yet, I've got a master controller and a node server here at home, trying to get them up and running, but the node server is not showing up in the availability zone
<sdfoj8> sorry bo bother but i am asking to learn
<sdfoj8> why do do that.
<sdfoj8> when you install UEC what will be the difference
<chewbranca> the difference of what?
<chewbranca> I'm just trying to build a dev environment that emulates EC2, I don't want to have to pay for everything I do on EC2
<MTecknology> sdfoj8: since you're back - I wanted to mention that it's considering spamming if you ask the same question in many channels
<chewbranca> I've got a lot of work to do with deploy management and provisioning, so I want a local version I can use to test
<sdfoj8> MTecknology i dont know but i think you are tracking me :) i didnt ask same quest.
<sdfoj8> i mean what if you install normal ubuntu server instead of that
<MTecknology> sdfoj8: last time you were asking questions you were asking the same thing in #ubuntu, #ubuntu-server, #red5, and a couple others.
<chewbranca> sdfoj8, if you want to install normal ubuntu server go for it, I'm trying to build a local version of EC2, not understanding what is complicated about understanding that
<MTecknology> chewbranca: I can give you a pretty nifty command I use for creating vm's
<sdfoj8> i did it one time MTecknology
<chewbranca> MTecknology, nice, that would be cool
<MTecknology> chewbranca: http://paste.ubuntu.com/449355/
<MTecknology> sdfoj8: I was just informing you that you should not do that.
<sdfoj8> ok.
<chewbranca> MTecknology, oh niiiiiiiiiiiiiiice, that's slick
<sdfoj8> using vm is doing and sharing the cpu right ? using virtual boxes on a same machine.
<sdfoj8> vps
<MTecknology> chewbranca: I modify it a little different almost every time I use it - but that's the base I use
<chewbranca> MTecknology, yeah that's definitely handy
<MTecknology> glad you enjoy :)
<chewbranca> MTecknology, cool, just saved that
<MTecknology> chewbranca: oh! word of caution- be careful with allocating swap. I had two vm's start hammering swap, got into swap death, vm's couldn't get over 1MB/s disk read
<MTecknology> I just dealt with that last week
<chewbranca> so I'm definitely having some trouble figuring out the debugging path with UEC and eucalyptus, I mean I've got the cloud controller and node up and running, but the node isn't showing up in the availability zones, and I just don't know where to go next
<chewbranca> MTecknology, oh ouch, that's rough, did you just allocate too much swap? or was the vm using too much ram and just hitting swap?
<MTecknology> The solution was to add a little ram to each vm, and remove its swap. Simple solution that brought disk read from <1MB/s to >120MB/s
<MTecknology> it was hammering swap too hard
<MTecknology> I'm gonna head to do homework though
<chewbranca> yeah hitting swap is rarely good
<MTecknology> chewbranca: best of luck - blog and link me when you finish that
<chewbranca> ok cool, thanks for sharing that provisioning script
<chewbranca> MTecknology, will do!
<JackTO> hey all
<JackTO> I have a remote KVM, and its an older Avocent Witchview, that doesn't support the latest refresh rates.   Even though I'm not running any X/Gui, the default refresh rate seems to be too high, how do i change it from the CLI?
<qman__> I'm pretty sure the console is locked at 60Hz
<JackTO> hmmm... someon told me to disable a framebuffer?
<qman__> I'm also fairly sure that would require recompiling the kernel
<qman__> you could try removing 'quiet splash' from the boot line, see if that solves your problem
<JackTO> what does that do?
<qman__> unhides the kernel messages
<JackTO> like in recovery mode?
<qman__> what version of ubuntu is it?
<qman__> yeah, only without starting the recovery process
<JackTO> hmmm... let me see if even the BIOS hsow up ok, through the KVM, b4 ubuntu starts...
<JackTO> maybe its an issue with the graphics card
<JackTO> let me see
<qman__> I don't really get why they do that on ubuntu server anyway
<qman__> I can see wanting to hide that stuff for desktops or whatever
<qman__> but on my server, I want to know what's going on
<JackTO> darn, i get flashing, eratic lines even b4 grusg load...  the bios shows up all messed up
<JackTO> i agree, why do they hide the boot process, so odd... anyone using a server wants to see whats going on
<JackTO> gurb*
<qman__> I upgraded one of my servers to lucid due to a hardware issue
<qman__> and now it has a boot splash screen
<qman__> yech
<chewbranca> wow... finally fixed the issues with getting eucalyptus working proplery thanks to this thread: http://open.eucalyptus.com/forum/problem-node-registration
<chewbranca> had the exact same issues
<JackTO> is there a difference in VGA signals from 2003 and now.. isn't vga, vga...   my Avocent KVM used to work perfectly... now all i get is flashing lines
<qman__> ugh, nvidia.com now has a flash intro page on it
<qman__> what is wrong with these people
<qman__> JackTO, 2003 isn't that old
<qman__> it should 'just work' even with the framebuffer
<qman__> linux framebuffers only support VGA, SVGA type resolutions
<qman__> no widescreen, no special refresh rates
<soren> bc: It's the (old) ubottu code.
<MTecknology> I create a disk with "qemu-img create -f qcow2 data1.qcow2 100" Then I added this to my libvirt xml  <disk type='file' device='disk'><source file='/virt/ext/images/pifio/data1.qcow2'/><target dev='hdb' bus='ide'/></disk>  Then defined it and rebooted the vm. I can see /dev/sdb in trhe vm but when I do fdisk /dev/sdb I get Unable to read /dev/sdb  -  Any ideas what I'm doing wrong?
<jo-erlend_> MTecknology, libvirt has a channel on oftc. kvm has a channel on this network, and Ubuntu has #Ubuntu-virt, which is supposed to handle these kinds of questions.
<MTecknology> jo-erlend_: a new channel - thanks
<stork> hi, i'm still running gutsy on my server, what's the best way to upgrade it?
<soren> hastily
<stork> indeed :]
<stork> will i need to do a clean reinstall? i don't mind but i do have a lot of stuff on a RAID array that would be a pain in the arse if i lost it
<soren> You should never need to reinstall an ubuntu system.
<MTecknology> stork: I would assume sudo aptitude update && sudo aptitude full-upgrade && reboot && do-release-upgrade  <- should work fine
<chewbranca> how long does it normally take for a new instance to go from pending to running?
<stork> no luck i don't think, gutsy isn't even supported anymore
<jo-erlend_> how do you boot a software raid array if the first disk fails?
<stork> none of my repos work
<jo-erlend_> soren, you're an advanced one. If you know this, please let me know so I can sleep! :)
<jo-erlend_> setting up / on raid5 doesn't work, but I've read that's because grub2 doesn't support booting from a raid5. I've also setup a raid1 for /boot, using four disks, and that doesn't work either. People are telling me I cannot use raid for the boot device, but this cannot be the case?
<qman__> gutsy is too old, the repositories have been down a long time
<jo-erlend_> gutsy is dead.
<soren> jo-erlend_: raid1 for /boot is fine and supported.
<qman__> you will probably have to reinstall from scratch
<soren> No.
<soren> 22:34 < soren> You should never need to reinstall an ubuntu system.
<jo-erlend_> no, you can upgrade.
<jo-erlend_> soren, what about raid1 with more than two disks?
<soren> jo-erlend_: Doesn't matter.
<soren> jo-erlend_: Not sure why you want to, but it's perfectly valid.
<jo-erlend_> soren, I have four hotswappable disks. If either fails, I'd like to be able to just replace it, resync and feel calm. I have four disks and they have lots of space. Why would I not want to spend a few hundred megabytes on giving me extra redundancy?
<soren> Why stop there?
<soren> You could have an extra partition on each disk to mirror the /boot partition.
<soren> It's just a few hundred MBs, after all.
<jo-erlend_> what would you do?
<soren> Precisely.
<jo-erlend_> ?
<soren> I'm using your own argument against you.
<soren> See?
<jo-erlend_> I don't understand. People are telling me to make one disk responsible for boot, but that would mean if one disk fails, the system cannot reboot.
<jo-erlend_> I want at least _some_ redundancy.
<soren> Sure, sure.
<soren> That's fine. I get that.
<qman__> I wouldn't do that, that's quite a waste
<soren> i'm just not sure why you feel you need 4 copies.
<jo-erlend_> sommer, the disks are equal in size. Why would I leave unpartitioned space instead of using it for extra redundancy for /boot?
<qman__> use it as swap instead
<jo-erlend_> no, swap is partitioned on the raid5.
<jo-erlend_> I really don't want swap without redundancy either.
<JackTO> Question:  Is there any benifit of running VNC os a server?  or is SSH sufficient?
<JackTO> on*
<jo-erlend_> JackTO, absolutely.
<qman__> only if you run X
<jo-erlend_> no.
<soren> jo-erlend_: I think I've missed what your question is. Sorry :)(
<soren> jo-erlend_: Yes, mirroring /boot is supported.
<soren> jo-erlend_: even across eleventy disks.
<JackTO> jo: you are saying SSH is sufficient?
<jo-erlend_> soren, I need a redundant /boot partition. I've tried setting it up on RAID5 and I've tried setting it on on RAID1 (though only using four disks). Nothing works.
<soren> jo-erlend_: raid5 will not work.
<qman__> JackTO, I wouldn't run VNC on a server unless I needed X, and even then, it would only allow connections tunneled through SSH
<soren> jo-erlend_: raid1 should.
<jo-erlend_> I eventually found out.
<jo-erlend_> soren, it doesn't. Not with four disks, at least.
<soren> jo-erlend_: I wan't work with "nothing works".
<JackTO> qman: thanks....
<soren> jo-erlend_: My only useful response to that is "don't do it wrong".
<jo-erlend_> soren, can you please have a look at this page and tell me what I'm doing wrong? https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<soren> Besides, it's waaaay past my bed time. Feel free to catch me either during (European) business hours tomorrow or between 1900 and 2100 UTC.
<soren> jo-erlend_: No.
<soren> jo-erlend_: Because that page says how to do it. It doesn't say how you did it.
<jo-erlend_> because I'm following the steps very closely, except for using four disks instead of two, which shouldn't make any difference?
<JackTO> qman: Since my remote IP based KVM, is not working with my new equipment, do I really need it on a server sitting in a colo/datacenter...   i guess only if the system lokcs up, and i need access to the bios i need it...?
<soren> jo-erlend_: ...and you still haven't said /how/ it doesn't work.
<qman__> JackTO, VNC would not let you access the BIOS
<jo-erlend_> soren, I have. It was a while ago though. I get an initramfs, complaning that /dev/disk/by-uuid/<uuid here> doesn't exist. In fact, the directory doesn't exist at all.
<JackTO> qman: true... i'm starting to realli like SSH... much better than the windows world i came from
<soren> What kind of controller are they hooked up to?
<soren> jo-erlend_: Ã
<soren> ^
<soren> sheesh. Typing is hard.
<jo-erlend_> I get almost the same results when I do it in a virtual machine, btw. The errors are not identical though. In the VM, it sais: no such disk.
<qman__> JackTO, indeed, SSH is the swiss army knife of the networking world :)
<soren> jo-erlend_: Let's look at it tomorrow. I need sleep.
<jo-erlend_> soren, I've had disks on this machine before, although not in a software raid, but mdadm shouldn't be specially affected by the controller, should it?
<soren> jo-erlend_: no.
<JackTO> I'm just amazing in linux, i don't have to Reboot the server every time i install or change something... i like that a lot...
<jo-erlend_> soren, I do too. I'll sleep well if you promise to help me with this tomorrow :>
<JackTO> amazed*
<soren> jo-erlend_: but being sure that the devices are around in initrams depends on drivers being loaded and  that depends on which controller etc.
<jo-erlend_> I've spent more than sixteen hours trying to install ubuntu server on that damned box.
 * soren wanders off
<jo-erlend_> soren, all the devices are there, except for the md-ones.
<jo-erlend_> but you're right. It's time to get some sleep. :)
<soren> jo-erlend_: but /dev/disk/by-uuid/ doesn't exist?
<jo-erlend_> right.
<jo-erlend_> only by-path and by-id
<soren> jo-erlend_: that's messed up.
 * soren falls over, sleeping
<jo-erlend_> it's identical in karmic.
<jo-erlend_> but sleep tight. I'll tap you on the shoulder in the morning. :)
#ubuntu-server 2011-06-06
<patdk-lap> depends on who you ask
<juniorbisono> I think its best you play with it... read what your doing test the changes and move on!
<patdk-lap> webmin is a tool that I feel no one should be using
<juniorbisono> you can make your box run like a porche or lock it down so bad that you have to reimage it!
<juniorbisono> its really your call! what are you trying to do?
<sw0rdfish> i'm using an auto install script
<sw0rdfish> to setup rutorrent
<juniorbisono> what is the script going to do?
<sw0rdfish> its got a bunch of things in it
<sw0rdfish> which are unrelated
<sw0rdfish> lol
<sw0rdfish> one of them being
<juniorbisono> hmm... I never played with rutorrent...
<sw0rdfish> webmin
<juniorbisono> your trying to run a torrent server?>
<juniorbisono> or is that the client?
<sw0rdfish> a friend just yelled/advised me against it though, think i won't do it, cuz he's right if i wanna learn linux i shouldn't use fanci GUI's
<sw0rdfish> a client
<sw0rdfish> grrrr its just that i've been wanting to install webmin for so long, it eats me up to say no
<sw0rdfish> to this script lol
<patdk-lap> dont worry, it's the same with drugs, so hard to say no
<juniorbisono> Yeah.... I think you need to get networking in good order learn some commands and just read, read and do some more reading! :D
<juniorbisono> no its not! just say NO!
<patdk-lap> but then I wont be *cool* :)
<sw0rdfish> read and read and read, huh? :)
<juniorbisono> fuck being cool! excuse my french! FEED YA BRAIN!
<sw0rdfish> lol
<sw0rdfish> uhhh what kind of reading do you mean juniorbisono
<juniorbisono> hmm... well for one Linux unleashed! start there.
<juniorbisono> get use to your box... learn everything via console... there is not need for no GUI on a linux box... well I dont like to use it! I rather do all my stuff via console..
<patdk-lap> a gui is kind of nice, for all the ssh windows
<juniorbisono> run your servers, create your php or html code via a console mod your config files start up and kill your services all via console..
<sw0rdfish> you talkin about the book linux unleashed?
<juniorbisono> Yes!
<juniorbisono> or any book via Linux!
<sw0rdfish> my question meant, should I be doing book reading or manual reading?
<juniorbisono> watch the documentary via netflix  :D
<sw0rdfish> as in the manual of commands/programs
<juniorbisono> physical book reading with chapters or PDF's
<juniorbisono> :D
<sw0rdfish> thats the name of this book you talk about? nothing else in its name? just "Linux Unleashed"
<sw0rdfish> i'll get it if its worth it
<juniorbisono> sw0rdfish, do your research.... but get a book that shows you what Linux's about!
<juniorbisono> its worth the reading... then get into networking..... and so on!
<juniorbisono> then run your servers.. apache, ssh, MySQL, samba anything so you can get an idea of what its all about....
<sw0rdfish> YAY! i just typed in NO and hit enter
<sw0rdfish> its GONE now
<sw0rdfish> got it over with :)
<sw0rdfish> haha my friend is saying, Atta boy!
<sw0rdfish> hesitated for 20 minutes lol asking around googling around
<juniorbisono> go get a book.. goto a book store read it, write it highlight it... make notes test what thier talking about... then pass it on :D
<juniorbisono> its better than reading a PDF.... force your self you use only the console your first time around... not saying that you can tweak your console!
<sw0rdfish> i mean hey webmin is just for installing stuff right? and monitoring your system
<patdk-lap> only browse the web using lynx and pine for email :)
<sw0rdfish> i bet there is a cli way to monitor system hardware and software activity
<juniorbisono> view the directories... view the files look in them and then ask questions like,.. what does this do..  and so on!....
<patdk-lap> the issue with webmin and things like it is
<juniorbisono> pine! wow thats awesome!
<sw0rdfish> "free -m" and "top" being one of them :)
<juniorbisono> patdk-lap, I havent used that in years... but true!
<patdk-lap> you are forced to use it, and if you grow beyond what it can do, you must NOT use it, or it will mess with your customizations
<juniorbisono> forget WEBMIN! goto your TTY1 and stay there! :D
<sw0rdfish> :D
<juniorbisono> all jokes aside READ! its your best bet!
<patdk-lap> the other huge issue with webmin
<patdk-lap> is if something breaks, you have no idea how to fix it
<patdk-lap> and if you don't use a *webmin* approved fix, your likely to break webmin, when you do fix it
<juniorbisono> no WEBMIN for sw0rdfish  :D
<sw0rdfish> hehe :)
<sw0rdfish> that doesn't sound good patdk-lap
<juniorbisono> do this: create a few directories, create a few users reset thier accounts, creat some files, and move and copy file to those users home directories....
<juniorbisono> play with that..
<juniorbisono> also for a good epxlorer type for the console try Midnight Commander... I have used for at least 7 years!
<juniorbisono> you can do all that and more with that app..
<juniorbisono> apt-get install mc
<juniorbisono> brb!
<sw0rdfish> epxlorer
<juniorbisono> I'm back! sw0rdfish
<sw0rdfish> juniorbisono, welcome back
<sw0rdfish> you were saying epxlorer?
<sw0rdfish> and what is mc?
<krux> mc - Midnight Commander - a powerful file manager
<juniorbisono> Yes! mc
<juniorbisono> sw0rdfish, google it  :D
<juniorbisono> its what you need to play in the console :D
<sw0rdfish> google both of them you mean
<sw0rdfish> oh nvm
<sw0rdfish> lol
<sw0rdfish> console file manager sounds neatg
<sw0rdfish> neat*
<juniorbisono> its really nice.. google image mc linux explorer
<uvirtbot> New bug: #793314 in clamav (main) "package clamav-daemon 0.96.5 dfsg-1ubuntu1.10.04.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/793314
<twister004> hi guys.... is it possible to enter a dns name instead of an IP on the IPSEC setup on my ubuntu server?
<twb> What IPSEC setup?
<twister004> twb, it consists of setkey and racoon... and shorewall as the firewall
<twister004> twb, in the 'psk.txt' file... I have to enter the public IP of the distination VPN endpoint and the corresponding PSK... can I enter a DNS name instead?
<twb> So this is on IPv4?
<twister004> twb.. yes
<twb> No idea, sorry
<twister004> no probs.. thanks for checking anyways
<Avi> I am able to login to an ubuntu server via ssh within the local network. But when I do so from a different location, I am unable to connect even if port forwarding is enabled. "nmap <ip> -p 22" shows port 22 as "filtered". How to change the status to "open"?
<twb> Avi: this is through a NAT?
<Avi> twb: yes
<twb> On the NATting router, you need to both DNAT -p tcp --dport ssh --to-destination <ip> in mangle *and* ACCEPT -d <ip> -p tcp --dport 22 in FORWARD
<twb> Er, in *filter :FORWARD
<twb> That's assuming the most common/obvious issue; there might be some other problem
<jmarsden> twister004: From a slightly fading memory (!), usually IPSEC needs actual static IPs for endpoints, there is a special "road warrior" mode for handling connections from roaming client machines, I think...  if the racoon docs say "IP address" then they mean an IP address, not a DNS name.
<twister004> jmarsden.... is it possible to have a DNS name in a road warior mode?.. also, any idea what openswan is all about?
<Avi> twb: I cannot find any DNAT setting in the router page.
<twb> DNAT is the netfilter (linux) term
<twb> If it's not a linux router, or you don't have a root shell on it, then you'll have to translate accordingly
<twb> Or, obviously, deploy ubuntu or similar as your router :-)
<jmarsden> twister004: Well, as long as the central server is at a static known IP, the road warriors can all connect into it from anywhere, so no DNS name needed for that... openswan is another IPSEC stack, I have not heard that mentioned for several years, I don't know its current state of usefulness.
<twister004> jmarsden... so, road warrior is client-server model.. I need a site-to-site implementation that is rock solid even if one side does not have a static IP.
<jmarsden> twister004: You're going to have to read the docs.  I know commercial routers can do that these days, I do not know whether the free software IPSEC code can.
<twb> Presumably he has l2tp in there somewhere, too?
<Avi> twb: Can this be done: http://www.issociate.de/board/post/186915/iptables_port_forwarding_-_port_is_filtered,_needs_to_be_open.html ?
<Avi> twb: the command at the 4th post?
<twb> Avi: ask #netfilter
<Avi> twb: ok
<uvirtbot> New bug: #251795 in krb5 (main) "/etc/environment PATH should not have quotes" [Undecided,New] https://launchpad.net/bugs/251795
<cocoa117> does Ubuntu lucid server have xen_pcifront module configured by default? grep -i xen_ /boot/configure*** don't show anything
<cocoa117> i have to download the source code and compile the kernel to get it? right?
<hallyn> Daviey: kim0: do you guys feel that the info at https://wiki.ubuntu.com/ServerTeam/GettingInvolved is still mostly right?
<hallyn> it seems to me the task force and mentor bits might not be active right now?
<kim0> hallyn: It is becoming reactivated very soon :)
<hallyn> What I was actually going to first ask was whether you guys felt it might be worthwhile to add a list of specific work items people who want to develop, not bug triage, could do.  (Just so I could put 'port netcf to debian on there :)
<hallyn> kim0: ah, ok
<hallyn> i hadn't heard about that
<kim0> I should have a call with Daviey this week in order to identify specific bite-sized bugs people can work on, as well as other tasks
<kim0> hallyn: I'm sure you will hehe :)
<kim0> hallyn: thanks for the ping though
<hallyn> cool, i'll leave it in your capable hands then :)
<hallyn> thx, ttyl
<kim0> later
<Daviey> hallyn: Yeah, the task force thing was mostly canned.. sadly
<Daviey> There wasn't the activity to make it worthwhile
<Daviey> Outstanding merges that we really care about BTW, http://pb.daviey.com/T8KO/raw/
<Daviey> there are a few that would suite you well hallyn :)
<hallyn> Daviey: since my impending leave jsut refuses to arrive (grrr), over the weekend i started on the userns kernel code.  lots to be done with that.
<hallyn> hm, elinks merge
<hallyn> what's with the multiple links-ssl entries?
<Daviey> hallyn: the name and version was changed.. so it's barfed with the changelog
<hallyn> Daviey: all right, so with multipath we're hoping to get 7 old bugs SRU'd.  Once that is straightened out, I'm going to try my hand at a merge
<hallyn> hopefully cmagina will help me test :)  but I'm thinking I may merge even if there are some failures
<Daviey> it jumped from 0.96.20020711-1 'up to' 0.12~pre5-3
<hallyn> heh, weird
<Daviey> hallyn: I'll fix the processing now :P
<hallyn> maybe i'll do the multipath-tools merge in dublin, in fact, so ppetraki can look over my shoulder and punch me when i do something stupid
<Daviey> hallyn: You are a rock star. you don't do stupid stuff, right, right? :)
<hallyn> Daviey: i'm no rock star, but i'd point to a few rock stars who... aren't the brightest bulbs in the package
<hallyn> (at least they're no politicians)
<hallyn> Daviey: the libvirt merge *is* being finalized by jdstrand
<hallyn> think i'll have ensemble set up a jenkins server to compile my userns patches from the weekend
 * hallyn gets giddy
<sveinse> I'm trying to reduce an lvm lv, and I've run resize2fs to reduce the fs, but are yet to run lvresize. How can I ensure the size of the fs and the lv match?
<sveinse> lvresize --size 6G is a bit blunt... Can I specify number of sectors here or something more accurate?
<hallyn> well you can do megabytes, but i don't think it could possibly know about sectors
<hallyn> suppose i'd just make sure to leave a bit more in the lv than in the fs
<sveinse> So the safest way would be to reduce the partition a bit more than required, then reduce the lv, and then finally expand the fs to fill the lv
<hallyn> uh.  which partition?
<hallyn> the partition forming the basis of the pv?
<sveinse> No, the partition *in* the pg, i.e. the lv partition
<soren> How's that different from "reduce the lv"?
<hallyn> there's the pv and vg (which have no size per se), and the lv itself.  I'm not understanding your difference of 'lv' vs 'lv partition'
<sveinse> You need to reduce the filesystem (using resize2fs) prior to reducing the lv in order not to lose any data
<hallyn> so if you skip that part, i'd agree :)
<hallyn> right
<sveinse> Both resize2fs and lvresize needs a size specification, and the question was how to align them
<hallyn> oh so your steps 1 and 3 were about fs, and 2 about lv?  then that sounds good
<soren> I agree with hallyn. Shrink the fs slightly more than you need to, shrink the lv, then expand the fs.
<sveinse> I guess you cannot assume a size, like 6G, will be interpreted to the same size in their respective unit format
<sveinse> Yes, my point as well
<soren> lvm deals in extents and it rounds up.
<soren> Not sure what resize2fs does.
<mncl-core> anyone around and have a bit of time to assist me?
<patdk-wk> mncl-core, how would we know?
<mncl-core> :)
<mncl-core> this is my question....
<mncl-core> where can i find information on how I can use Ubuntu Server as an Application Server for Multiple-Users connecting over WAN via VNC or RDP.
<mncl-core> Essentially for example, I would like to have Eclipse IDE for example; and have users connecting into a Ubuntu Session, and have access to Eclipse only for example...
<pmatulis> mncl-core: that's a lot of examples
<mncl-core> sorry pretty tired lol, been up like 48 hours
<pmatulis> mncl-core: could you do that over an SSH tunnel?  not sure
<mncl-core> ok allow me to rephrase
 * patdk-wk would just go vnc or nx
<Daviey> hallyn: solved: http://pb.daviey.com/jowm/
<Daviey> err, http://pb.daviey.com/jowm/raw/ is probably easier
<hallyn> cool
<mncl-core> What about the Server Side? What would I need to do to setup Ubuntu as a Multi-User / App Server?
<pmatulis> mncl-core: create users, install app?
<Daviey> SpamapS: Did https://launchpad.net/ubuntu/+source/elinks/0.12~pre5-2ubuntu2 get pushed upstream?
<hallyn> i'll claim ipsec-tools for starters
<uvirtbot> New bug: #793494 in jug (main) "Sync jug 2.0.0-2 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/793494
<sommer> morning all, happy Monday!
<hggdh> jamespage, good morning
<jamespage> hey hggdh
<hggdh> jamespage, jenkins is getting hit by OoM on startup
<jamespage> good morning to you as well
<jamespage> bah
<jamespage> time to up the size of the instance for the time being
<jamespage> I think we'll have to go m1.large as its a 64bit t1.micro
<hggdh> jamespage, I thought something like that
<hggdh> :-)
<hallyn> jamespage: hey, when you have a moment, I'm still having trouble with the jenkins git plugin.  I can make a job which does git by hand, but when I use git plugin to fetch the tree, it always fails.  I've seen bug reports of similar behavior, though that was from windows
<jamespage> hallyn: I'm around
<jamespage> so it could be that you need to install the Maven plugin;  the upstream distribution comes with this installed by default
<jamespage> however I could not fulfill all the required dependencies for packaging (needs Maven 3) so its not included in the jenkins package ATM
<jamespage> you can install it through the UI.
<cmagina> hallyn: just point me at the packages and i'll toss them on a system for som basic testing
<jamespage> hggdh: I'm assuming that the jenkins instance is broke at the moment so I'll upgrade it once I get an ack
<hallyn> cmagina: ok, in that case, when i finish testing ipsec-tools merge, i'll try multipath-tools again.
<hallyn> cmagina: thanks
<cmagina> hallyn: np
<hallyn> jamespage: i'll try that, thanks
<jamespage> hallyn - just giving it a test as well
<hallyn> jamespage: I'm trying the git tree at http://kernel.ubuntu.com/git?p=serge/natty-userns.git right now
<hallyn> jamespage: i'm not seeing which exact plugin (of the hundreds on the available list :) you'd mean
<jamespage> Maven 2 Plugin
<hallyn> enabling 'maven 2 project plugin'
<jamespage> hallyn: what does your error look like?
<jamespage> I seem to be able to clone git repo's OK but its then trying to tag a build for me (and its a ro URL)
<mncl-core> What would be the most appropriate solution to lockdown a Ubuntu Desktop; allowing VNC Remote Control/or/RDP to the Desktop; Allowing the Logged-In User to ONLY Work in Eclipse and Save Data in his home directory, while disallowing the User to do ANYTHING else.
<jamespage> hggdh: back up and running on a larger instance size
<hallyn> hm, i can't get configure to recognize ldap2-dev...
<sean_w> Has anyone had any luck getting suPHP to work in 10.10?
<smoser> can some python foo master explain http://bazaar.launchpad.net/~ubuntu-branches/debian/sid/offlineimap/sid/view/head:/offlineimap/imaplibutil.py to me ?  I'm confused by lines 177 to 204.
<smoser> it looks to me like a 'try..except NameError..else:'
<smoser> which i didn't realize could be done
<smoser> hmm... i guess same question as http://stackoverflow.com/questions/855759/python-try-else
<Pici> smoser: http://www.python.org/dev/peps/pep-0341/
<Pici> Well, not exactly, but it does say that try/except/else blocks are valid.
<RoAkSoAx> zul: ping
<zul> RoakSoAx: whats up?
<RoAkSoAx> zul: do you mind if I assign to myself a couple cobbler work items?
<zul> RoakSoAx: please
<RoAkSoAx> zul: k thanks ;)
<hallyn> RoAkSoAx: i don't midn if you assign yourself to a few lxc, userns, kvm, or libvirt work items, fwiw.
<hallyn> :)
<RoAkSoAx> hallyn: hehe I'll see what I can help you with later this week ;)
<smoser> Pici, thanks for the response.. the stackoverflow was pretty good.  i'd just never seen that before.
<smoser> zul, or anyone else, see my query in ubuntu-devel about how to get info from a user on a failed 'apt-get upgrade'
<zul> smoser: /var/log/apt/history /var/log/apt/term.log might have some info in it
<smoser> isn't there some tool to collec tthat ?
<CharlieSu> Does anyone have a suggestion on a good OpenID server(provider) ?  I'd like to run one behind a load balancer for HA.
<zul> smoser: apport i think
<_storrgie_> when I log into my 10.04 servers I get the MOTD where it says I need to update packages... however that never goes away even after I update the packages
<patdk-wk> cause the motd updater isn't running
<_storrgie_>  patdk-lap why did it stop?
<patdk-wk> heh? I'm not your server, don't ask me
<slicslak> how do i find out what package a binary comes from?
<ScottK> slicslak: apt-cache show $BINARYNAME will give you that information.
<slicslak> ScottK, looks like that shows info for a package, rather than a binary (executable)
<ScottK> Sorry.  I thought you meant binary package.
<ScottK> slicslak: dpkg -S binary
<ScottK> e.g.  dpkg -S /usr/bin/python
<slicslak> sweet, thx
<slicslak> gar, my sysadmin is lying to me.  or more likely just doesn't know wht they are talking about.  sigh...
<jMCg> dpkg -S /path/to/binary -- but if the package isn't installed: apt-file search /path/to/binary
<jMCg> slicslak: ^
<slicslak> thanks, stumbled accross http://wiki.debian.org/WhereIsIt while googling for this stuff.
<slicslak> I'm told that the ffmpeg I have on the server was built from source.  There's not source directory sittin around however.  I did find a ffmpeg .deb file.  dpkg -s tells me that it isn't installed however.  dpkg -S and apt-file search say that the package for /usr/bin/ffmpeg is ffmpeg.  so i assume that it's not lying and it's the standard ffmpeg from whatever repository that is installed.
<slicslak> does that sound right to you guys?
<reeve> hey all - with ubuntu server install (11.04) during the partitioning section, I'm trying to use LVM but it won't let me select the size of the swap partition that I want, it automatically sets it for me. Any ideas?
<hallyn> Daviey: fwiw, ipsec-tools merge "pretty much done", but it fails to build from source, even in debian sid.  emailed the maintainer.  so if anyone asks, it's in progress
<hallyn> Daviey: how is the spice package push to universe going?
<hallyn> SpamapS: you are working on elinks merge, is that right?
<Daviey> hallyn: Where is the spice package at the moment?
<Daviey> hallyn: FTBFS is mere detail :).  Nice work tho.
<hallyn> uh, same place.  people.canonical.com
<jorenl_> Hey, I have a (noob) question. I'd like to create a drop directory for everyone to access in our windows network (using samba) but where should I create that directory on my server?
<hallyn> http://people.canonical.com/~serge/qemu-kvm-spice-0.14.0+noroms-0ubuntu4.tgz  spice-gtk_0.5-1ubuntu2-debs.tgz  spice-gtk-debs.tgz
<hallyn> hm
<hallyn> Daviey: no, that's not it
<hallyn> Daviey: they're in ppa:serge-hallyn/spice2  :-)
<ScottK> kirkland: Which package is used for full disk encryption?  An upstream developer for Amarok that uses Kubuntu is having full disk encryption trouble at work (some machines only boot every other time) and I'd like to see if there are existing bugs on this.
<hallyn> Daviey: i'm looking at etckeeper next.  (then multipath-tools)
<Daviey> ScottK: kirkland is out of the office this week, but if you accept answers from other people - perhaps LUKS ?
<hallyn> Daviey: etckeeper is uptodate, not ure why it's on your list
<ScottK> Daviey: Definitely.  Thanks.
<Daviey> hallyn: it was sync'd 2 hours ago :)
<Daviey> merged rather
<Daviey> by zul
<Jasonn> Hey :) Here is the problem. I got a VPS from a server company, and a customer needs it in like an hour. The thing is, its not accepting connections from external IPs
<Daviey> Jasonn, In that instance, you'd probably be better speaking with the provider.  I imagine it's a common issue with their setup that they can quickly answer.
<Daviey> (hunch is malconfigured networking, firewall (iptables / ufw) or hey miscofigured IP allocation within their network)
<Jasonn> Iv had experience with their support, and they usually take hours if not more than a day to answer. The customer is paying $50/mo for this box, and I need to get it set up right now
<Jasonn> I can ssh into the box from their special SSH login
<Daviey> seriously?! 50 USD per month, and they take days to respond?!
<Jasonn> $20 *
<Jasonn> Sorry, I hit the wrong number
<Daviey> ah
<Jasonn> I mean, its $20 on my ass
<Jasonn> Think you can take a look at it?
<Daviey> special ssh login is probably equivilant to serial console which bypasses networking
<Jasonn> yes
<Jasonn> it is
<hallyn> Daviey: d'oh!
<hallyn> :)
<Daviey> Jasonn: Have you tried connecting from an additional place?
<Jasonn> From another IP?
<Jasonn> No
<Daviey> ie, just to check that the IP you are connecting from hasn't been blockd.
<Jasonn> Hmm
<Jasonn> ill try, give me a min
<Daviey> Jasonn: What is the IP address of the VPS?
<Daviey> Jasonn: can you ping outwards from the VPS?
<SpamapS> Daviey: re elinks, I don't recall.
<SpamapS> hallyn: no I haven't been working on an elinks merge its definitely up for grabs
 * SpamapS wonders if this is all spelled out in the 500 emails he has to get through :-P
<Jasonn> Daviey: No, I cannot ping outwards either
<hallyn> i don't think so.  i'm still behind on emails myself though
<hallyn> SpamapS: ^
<Daviey> Jasonn, raise a support ticket :)
<Jasonn> :(
<Jasonn> Can you SSH into it with the dets I gave you in PM
<Jasonn> ?
<Jasonn> the serial console
<uvirtbot> New bug: #793632 in puppet (main) "puppetmaster and puppet have clashing logrotate configs" [Undecided,New] https://launchpad.net/bugs/793632
<Daviey> Jasonn, networking isn't configured, see ifconfig and /etc/network/interfaces
<Jasonn> Can you configure it?
<Jasonn> Pleasee <333
<Daviey> Jasonn: I really can't trial and error to get the correct values.
<Jasonn> I can copy the values from another VPS on the same provider
<Jasonn> would that work?
<Daviey> possibly.
<lynxman> RoAkSoAx ping
<RoAkSoAx> lynxman: pong
<lynxman> hey o/
 * Daviey waits for < RoAkSoAx> ho o/
<Jasonn> Daviey: Can I pastebin a copy of the interfaces file on my personal box and can you tell me if it would work if I put it on the other one?
<lynxman> Daviey: :>
<RoAkSoAx> Daviey: o/
<reeve> anyone have experience installing w/LVM and being able to select partitioning sizes?
<Jasonn> What text editor is preinstalled on ubuntu?
<Jasonn> other than nano ?
<Pici> vim-tiny
<Daviey> Jasonn: go for it/
<Jasonn> How do i exit vim?
<Jasonn> this always pisses me off
<hallyn> :q
<lynxman> hallyn: you can't quit irc :P
<Jasonn> What if it types into the actual file?
<hallyn> heh
<hallyn> Jasonn: hit escape
<Pici> Jasonn: press escape first
<hallyn> then :q
<Jasonn> does that save it?
<Jasonn> Pici: How do I save something in vim?
<Pici> Jasonn: :w
<Jasonn> thanks
<Jasonn> :)
<Jasonn> When you restart the computer, new changes to the interfaces file should take effect, right?
<patdk-wk> depends on if you rstarted it truely, or just hibernated/sleep
<Jasonn> Dear Customer.The internet connection to which your seedbox is connected has suffered a failure due to unknown reasons. Our technical team if working non-stop to resolve the issue. Keep in mind, that when the problem has been resolved, you will be refunded for time that your seedbox was unavailable for.
<Jasonn> D:
<Jasonn> Had to send that email
<Daviey> heh
<hallyn> Daviey: mind sponsoring http://people.canonical.com/~serge/elinks_0.12~pre5-3.2ubuntu1-package.tgz  for oneiric?  (tests fine here)
<Daviey> hallyn: you and your tgz's!
<hallyn> <shrug>  got a pref?
<hallyn> tbz?  :)
<Daviey> hallyn: if you just push it in native format, i can run one command to grab and extract it :)
<Daviey> ie, give me the dsc url
<Daviey> grabbing it now
<hallyn> Daviey: good point
 * RoAkSoAx can sponsor main uploads as well now :)
<hallyn> RoAkSoAx: oh, cool.  i'll remember that :)
<Daviey> RoAkSoAx, \o/ Well done :)
<RoAkSoAx> hallyn: hehye
<RoAkSoAx> Daviey: :D
<Daviey> hallyn, looks good, http://pb.daviey.com/XEJ3/raw/ .. Can you forward the imdb patch?
<Daviey> uploading.
 * hallyn curses whoever didn't do so in the first place
<Daviey> heh
<hallyn> Daviey: well, it was sent upstream actually
<SpamapS> I just love yum .. needs 200MB of RAM to resolve 100 dependencies. :-P
<zul> why are you using yum?
<RoAkSoAx> smoser: ping
<smoser> howdy
<RoAkSoAx> smoser: howdy!! I
<RoAkSoAx> smoser: howdy!! I'm merging new upstream release of nut
<RoAkSoAx> and I saw debian/patches/debian-changes-2.6.0-1: remove that accidental file
<RoAkSoAx> smoser: so i was wondering if this is the same you saw there:  debian/patches/debian-changes-2.6.0-1: remove that accidental file
<RoAkSoAx> argh
<RoAkSoAx> smoser: http://paste.ubuntu.com/620109/
<smoser> i think so, yes
<smoser> how did that get back there?
<RoAkSoAx> smoser: alright I guess I'll just drop it
<smoser> well you should drop it.
<smoser> it should not be there.
<RoAkSoAx> smoser: the thing is that if you erase it from debian/patches it won't be dropped becuase it is applied in .pc/
<RoAkSoAx> smoser: so you have to do quilt pop -a first
<smoser> as all changes should be accounted for in the debian/patches/series
<RoAkSoAx> and then erase the change
<RoAkSoAx> s/change/patch
<smoser> its possible i missed that... but i know that i built ones locally that did not have that change.
<smoser> versioned .pc is a freaking mess
<RoAkSoAx> smoser: yeah I just end up cleaning it up by unapplying all the patches and erasing it so it creates a new one
<RoAkSoAx> smoser: cause I've encountered that in many cases where the patch gets applied, and sometimes the info is not in .pc so if you end up dropping from debian/patches/series, then it automatically gets created because it detected changes in the source that are put into a patch
<RoAkSoAx> smoser: to fix, in reality, is simply un-applying the patches
<smoser> so, please, get that crap out of there.
<RoAkSoAx> once that one is created
<RoAkSoAx> and then, once you un-apply, then remove it
<smoser> quilt 3.0 and a debian-changes file shouldn't ever exist together
<RoAkSoAx> smoser: yeah well... Its a mess even with branches... :)
<Daviey> that isn't necessarily correct.
<Daviey> a debian-changes*.patch isn't inherently bad.
<smoser> it is with quilt 3.0
<Daviey> No.. I don't like it... :P, but does Debian Maintainers seem to be quite happy using them.
<smoser> *with* quilt 3.0 ?
<RoAkSoAx> Daviey: yeah the creation of it is not bad because it actually makes you realize that there's something wrong there and something is applied to the source without a proper patch
<RoAkSoAx> Daviey: but carrying that over and over is a mess
<smoser> it seems counter productive.
<Daviey> smoser, the text in the header of the patch was made to be less rude so people could use them.
<smoser> RoAkSoAx, the same would have been better acheieved by the build failing
<smoser> "you have changes you didn't expect" FAIL
<Daviey> it used to sound like, "The last uploader was a plum, maybe you can work out what the hell they were smoking when they did it based on this changelog entry"
<Daviey> it's a little more polite now
<smoser> then, chuck woulnd't hvae had those changes in it, and i would not hvae failed to remove them, and we would not be having this conversation (if the build failed)
<Daviey> true.
<Daviey> I image that can be made to work.. it does produce a warning if you edit the upstream files
<smoser> or some marker in debian/ that says "FAIL_ON_DEBIAN_CHANGES"
<RoAkSoAx> if you use grab-merge.sh it does fail because there's a patch in debian/patches but when it tries to apply the patch, the patch is already applied for some weird bug in the script... because the .pc didn't kept track of the patch being applied and as a result, when you debuild, it fails with a patch failing to apply
<smoser> RoAkSoAx, sorry for wasting your time.
<Daviey> smoser, what was the contents of the auto' patch btw?
<smoser> i banged my head on .pc directory for quite a while on a busybox merge
<smoser> quilt pop -a
<smoser> quilt push -a
<smoser> that will *work* if you have a .pc directory versioned
<smoser> even if hte patches do not apply
<RoAkSoAx> smoser: no worries... you didn't :) it is not your fault anyway
<smoser> Daviey, its in that pastebin above link from RoAkSoAx
<RoAkSoAx> smoser: I was also banging my head due to that... until i figured what was wrong
<smoser> it looks to me like its a result of a build
<smoser> (ie, make-doc)
<smoser> or some such
<Duvrazh> Hello, does anyone know how to set TwonkyServer to start as a foreground application on boot for transcoding purposes?
<Daviey> smoser, is that patch generated at source package build time?
<Daviey> 'build'
<RoAkSoAx> Daviey: debuild
<Daviey> RoAkSoAx, Ah.. in that case....
<Daviey> smoser, extend-diff-ignore is your friend.
<RoAkSoAx> Daviey: here's the deal, you apply changes directly to the source, when you debuild -S, then source format 3.0 separates those changes into a patch
<Daviey> maybe the Debian Maintainer might want to start using it
 * Daviey googles
<Daviey> http://raphaelhertzog.com/2010/09/14/how-to-customize-dpkg-sources-behaviour-in-your-debian-source-package/
<RoAkSoAx> Daviey: is the same issue as discussed before when applying patches in bzr with edit-patch if you recall our conversation
<Daviey> yah
<Daviey> BTW - updated farbehind list http://pb.daviey.com/cG8S/raw/
<hallyn> Daviey: someone actually owned the bug which SpamapS had created for that one-line trivial bug.  NO action since june last year.  I emailed the bug owner...
<SpamapS> hallyn: Hey, I just accepted qemu-kvm 0.12.3+noroms-0ubuntu9.8 before noticing that there was already a version in lucid-proposed .. so the update that was already there will have to wait for the new one. :-P
<hallyn> you accepted one from security?
<SpamapS> No
<hallyn> oh, 9.7 was in -proposed?  (I hope)
<SpamapS> hallyn: I accepted your fix for bug #790145, but the fix for bug# 786941 is already there.. unverified.
<uvirtbot> Launchpad bug 790145 in qemu-kvm "kvm husb: ctrl buffer too small" [Medium,In progress] https://launchpad.net/bugs/790145
<SpamapS> bug #786941
<uvirtbot> Launchpad bug 786941 in qemu-kvm "Cannot boot from non-existent NIC" [Low,Fix committed] https://launchpad.net/bugs/786941
<SpamapS> hallyn: they're both small so its ok.. its just that it resets the timer for how long it has been in -proposed.
<hallyn> oh, ok.  that'll happen...
<hallyn> if they didn't care enough to verify, <shrug>
<SpamapS> Realistically its probably better if two small fixes arrive on peoples' system together instead of two separate updates.
<SpamapS> hallyn: yeah, thats the problem with -proposed.. people get it, and then get busy and move on w/o saying its fixed.
<Daviey> SpamapS: Ahh... we can slip small changes through SRU without issue now? :)
<hallyn> ppetraki: around?
<jdstrand> hallyn: btw, sorry for the delay on the libvirt merge. you are not forgotten. it will be uploaded this week
<hallyn> jdstrand: np, thanks.
<ppetraki> hallyn, dude
<SpamapS> Daviey: indeed, it appears they've let a cowboy coder review SRU's now. Yee-haw! ;)
<Daviey> jdstrand: R-O-C-K-I-N-G
<Daviey> SpamapS: hell yeah!
<Daviey> http://imgur.com/y7Hm9
<hallyn> ppetraki: well, i was going to ask how you felt about going back to init script in place of udev rules for multipath
<SpamapS> Daviey: lols.. twitted
<hallyn> ppetraki: particularly as I just can't really tell from changelog or bzr tree what the motivation was
<hallyn> but i think i'll keep the udev rules for now
<hallyn> ppetraki: opinion?
<SpamapS> hallyn: so with the multipath update.. do I need to wait for Colin's grub stuff to clear before accepting that?
<ppetraki> hallyn, the udev fix seems to complicate things, but it is working
<hallyn> SpamapS: nope
<ppetraki> hallyn, id have to take a closer look at it to have a real opinion, leave it the way it is in the meanwhile
<hallyn> all right
<hallyn> the biggest bonus to going back would be simplification of merges
 * ppetraki adds action item
<hallyn> SpamapS: the grub thing is broken with or without the multipath-tools updates :)
<SpamapS> hallyn: ack
<ppetraki> hallyn, this tree right?    lp:ubuntu/multipath-tools
<hallyn> ppetraki: I'm starting a fresh merge, but into there, yes
<SpamapS> hallyn: why are there 6 fixes in your upload to lucid-proposed ?
<SpamapS> thats like, a total nightmare to review! ;)
 * SpamapS will need more coffee for this one
<hallyn> SpamapS: that's why i was talking to you last week
<hallyn> ppetraki: cmagina: the last two rules in kpartx.udev, it'd be worth testing whether the debian ones work for us now.  Something to consider in dublin maybe
<ppetraki> hallyn, agreed
<hallyn> especially cause i notice debian has changed what they use...  dunno if it's significant or not
<Delemas> I've got a dell 1950 w/ a DRAC5 which is having corrupted remote console issues. I need to reduce the fb resolution. What is the correct way of doing this? I've tried grub options and vga= kernel option. No love...
<patdk-wk> delemas, what version of ubuntu?
<Delemas> 10.04 LTS
<patdk-wk> issue in grub? or after its booted?
<Delemas> I'm just trying a video=radeonfb:vesa:... line now. *fingers crossed*
<Delemas> After it is booted
<Delemas> Just before the login prompt it switches to this huge 1280 pitch console which the remote console in the DRAC is corrupting... Or it's simply a bad screen mode...
<Delemas> It's 160x64...
<Delemas> carp.... still resets to that crazy fb...
<Delemas> I'm not running X...
<RoyK> Delemas: vga16.modeset=0 is a good friend
<RoyK> or even
<RoyK> vga16fb.modeset=0
<raubvogel> Is there a backport for samba4 stuff from 10.10 (and later) to 10.04 LTS?
<Delemas> That would be nice...
<RoyK> raubvogel: doubt it - it's not released yet
<RoyK> but shouldn't be very hard to install from source
<Delemas> RoyK, was that a kernel option? Adding it to GRUB_CMDLINE_LINUX_DEFAULT doesn't do anything... Should it be radeonfb.modeset=0 instead?
<raubvogel> Royk, probably not. The alpha in 10.10 is just new enough to have what I need, which the one in 10.04 is way too old
<RoyK> Delemas: try both, an extra kernel option won't hurt
<RoyK> raubvogel: didn't know samba4 was in there at all
<raubvogel> RoyK, here is where I found that out: http://packages.ubuntu.com/search?keywords=samba4
<RoyK> raubvogel: then just apt-get source samba4 and copy the debian/ dir into the new source dir and you should be able to make new packages without much problems
<raubvogel> Now that is a nice idea
<Delemas> No, it still insists on a broken 1280 8 bit resolution... fruit....
<hallyn> cmagina: http://people.canonical.com/~serge/multipath-tools_0.4.9-2ubuntu1-debs.tgz  has proposed merge packages ready to test.  debdiff from debian is pretty minimal at this point.
 * hallyn crosses his fingers
 * Delemas beats radeondrmfb with a clue bat.
<cmagina> hallyn: ok, i'll give it a shot when i get a chance.
<hallyn> cmagina: cool, thanks
<hallyn> the source, fwiw, is at 'dget http://people.canonical.com/~serge/multipath-tools_0.4.9-2ubuntu1/multipath-tools_0.4.9-2ubuntu1.dsc'
<uvirtbot> New bug: #793694 in samba (main) "Format string bug in parselog.pl" [Undecided,New] https://launchpad.net/bugs/793694
 * Delemas sighs as clue bat breaks...
<Delemas> OMG I finally stopped it from loading by confusing the drm module with an unknown parameter...
<alamar> for receiving snmp traps I only need snmptrapd (not snmpd) right?
<sean_w> listen 80 should make apache listen on IPv4 and IPv6, right?
<remix_tj> yes it should... netstat -ln what shows?
<SinnerNyx> I read that Ubuntu-server keeps a blacklist of terminal resolutions. I'd like to comment one of these out.. any idea where I can do that?
<SpamapS> +# Sync waiting for storage.
<SpamapS> +{ rmmod scsi_wait_scan ; modprobe scsi_wait_scan ; rmmod scsi_wait_scan ; } >/dev/null 2>&1
<SpamapS> hallyn: ^^ .. this seems rather strange.. but maybe I'm not up on normal practice during initramfs ... how does removing/installing/removing the module "sync waiting for storage" ?
 * RoAkSoAx almost breaks his back unpacking a UPS
<Pici> I think thats why the boxes usually have pictures of two people picking those up.
<SpamapS> RoyK: there's a picture of two little androgenous people on that box for a reason. ;)
<SpamapS> hahaha JINX
<SpamapS> IIRC the 2500kva UPS we had at my last employer was ~100lbs
<SpamapS> hallyn: Other than that weird rmmod/insmod thing, it all looks straight forward and I think should be acceptable, BUT.. I would urge you guys to get heavy testing by multiple users promptly, as changing so much at once seems fraught with regression potential.
<SpamapS> ppetraki: ^^
<SpamapS> dannf: ^^^
<SpamapS> SinnerNyx: I believe thats in the grub configuration
<hallyn> SpamapS: the whole reason we've gotten into this mess is that there's little to no hardware to test it on, and not many users to test
<hallyn> SpamapS: ppetraki tested yesterday, hopefully someone else can too
<SpamapS> hallyn: indeed. ;) Ok, well.. get the few users we know about to test it. :)
<SpamapS> Please hold off testing until its actually in proposed
<SpamapS> PPA's are usually reliable enough.. but.. ;)
<SpamapS> hallyn: can you explain the rmmod thing?
<hallyn> no
<hallyn> but maybe after i go look :)
<hallyn> SpamapS: oh, the scsi_wait_scan?
<SpamapS> hallyn: yeah
<SpamapS> hallyn: if its just me, being unaware of how scsi_wait_scan is intended to be used, then thats a fair explanation.. just tell me to RTFM. ;)
<hallyn> SpamapS: it forces all scsi devices to be found before proceeding.  It's explained btter in the bug description than I can do in irc probably
<hallyn> SpamapS: that initramfs hook gets called before we mount the root device
<hallyn> SpamapS: so we're basically brute-forcing the root device being available
<SpamapS> hallyn: the bug report does not mention scsi_wait_scan
<hallyn> hm
<hallyn> well, without that, 'udevadm settle' will do nothing if udev hasn't already *started* processing a scsi device
<hallyn> so if root device is slow (which for us it often was) to start, we can get past the udevadm settle without having root device
<hallyn> then mount_root fails
<SpamapS> hallyn: there's a binary, wait-for-root, that, IIRC, runs early and watches for a udev event on the device configured as root.
<uvirtbot> New bug: #793647 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/793647
<SpamapS> hallyn: of course, that one also fails for software RAID, so I can understand if multipath shares this trouble
<hallyn> SpamapS: debian does the scsi_wait_scan thing in udev, btw
<SpamapS> ahh.. well I can accept that as a precedent..
<SpamapS> As I said, I've just never seen anything like that
<hallyn> i suppose one might ask why we don't.  i think someone did
<hallyn> i'll go ask pitti again in devel
<pcperini> so, mysql crashed on me, and now won't restart. i'm getting the following error dump: http://pastie.org/2029021Â any ideas?
<guntbert> pcperini: silly question: how did you try to start it?
<pcperini> guntbert: no question is silly. sudo service mysql start
<guntbert> pcperini: ok, standard, next step : try to increase verbosity (I don't know how atm)
<SinnerNyx> SpamapS: sorry was afk there.
<pcperini> guntbert: huhâ¦ i wouldn't know how. trying to start the service makes it hang, and gives no output other than those errors...
<FernandoTertius> how does a person disable a ping command?
<FernandoTertius> haha
<SinnerNyx> SpamapS: I can't find it anywhere in grub. I know how to set the grub resolution and it's no problems working. but I have a resolution that doesn't appear in vbeinfo and I'd like to force the resolution. However when I set grub to 1440x900 it just goes to some default (640x480 from what I can tell)
<guntbert> pcperini: look into /etc/mysql/my.cnf - make a copy of that file and play :)
<pcperini> ok
<pcperini> guntbert: if this helps any (http://pastie.org/2029087). it's pretty standard
<guntbert> pcperini: it was meant as a place to increase verbosity, but look at http://www.freeopenbook.com/mysqlcookbook/mysqlckbk-CHP-1-SECT-29.html
<SpamapS> SinnerNyx: not sure. :-P I tend to just accept whatever works on a server. ;)
<SinnerNyx> SpamapS, ok, thx :)
<sw0rdfish> uhh i forgot to put in the -m argument when adding a user via useradd, so how do i create a home dir for my accoutn
<sw0rdfish> just use mkdir?
<SpamapS> sw0rdfish: you'll want to copy /etc/skel to it actually
<sw0rdfish> in that case i'll jsut
<SpamapS> sw0rdfish: and then chown it appropriately
<sw0rdfish> just
<hallyn> SpamapS: are you intending to grab my jenkins formula?
<sw0rdfish> userdel the account and do it again with -m argument
<sw0rdfish> to avoid conflicts which i don't want
<SpamapS> hallyn: I haven't seen it yet. I don't even know how we should "propose" new formulas.
<SpamapS> hallyn: been thinking of establishing a simple "new" tag for bug reports and then you can attach the branch to it
<hallyn> SpamapS: yes, i was wondering if htat had been thought about
<SpamapS> in fact
<SpamapS> do that
<SpamapS> new-formula
<SpamapS> I'll see if I can find a wiki page to work that out
<hallyn> against what project?
<SpamapS> principia
<hallyn> oh
<hallyn> will do, thx
<hallyn> done
<sw0rdfish> uhhhhhhhh
<sw0rdfish> instead of showing sw0rdfish@mycomputer:~$ its only showing $?
<sw0rdfish> i just formated the server
<sw0rdfish> i added my user account and su'd into it
<smw> sw0rdfish, cp /etc/skel/.* ~
<smw> sw0rdfish, maybe use -v :-)
<sw0rdfish> hmmmmmmm about earlier i did do userdel
<sw0rdfish> and added it again with -m argument so it has
<sw0rdfish> its own directory
<sw0rdfish> knowing that, you still want me to do that?
<smw> sw0rdfish, do you have permission to access your home folder?
<sw0rdfish> btw its not bash, its using sh, RoyK did show me how to move it to bash once
<sw0rdfish> uhhh
<sw0rdfish> yeah
<sw0rdfish> oh i got it in the logs :)
<smw> sw0rdfish, does anything show up when you ls -a ~
<smw> sw0rdfish, why not use bash btw?
<sw0rdfish> yeah i want that
<sw0rdfish> i'm changing it now
<sw0rdfish> yay! now its cool
<sw0rdfish> lol
<sveinse> Are there any security measures set in place for chroot or alternate binfmt execution in natty server?
<sveinse> I'm not understanding why I get the response I get when running "chroot armel-rootfs /bin/bash" (which is chroot: failed to run command `/bin/bash': No such file or directory ). But the file /is/ present...
<sveinse> However it's a armel executable, so it should go via qemu
<sw0rdfish> service apache2 start and /etc/init.d/apache2 start, are the same thing right?
<sw0rdfish> whats the safe way to reboot a server
<sw0rdfish> sudo reboot?
<sw0rdfish> does that kill the programs running and shutdown immediately? or "carefuly"
<RoyK> sw0rdfish: dash is the default, not as powerful as bash, but far lighter cpu-wise
<sw0rdfish> RoyK, welcome back
<sw0rdfish> heh, yeah i took a look at the log
<sw0rdfish> found the line you gave me :)
<sw0rdfish> chsh or something
<RoyK> chsh -s /bin/bash username
<sw0rdfish> yep!
<sw0rdfish> that one
<sw0rdfish> used it
<sw0rdfish> well i screwed up apache2
<sw0rdfish> so i had to format the server lol
<RoyK> hehe
<uvirtbot> New bug: #793749 in bacula (main) "bacula-director-mysql and bacula-director-pgsql have db server packages as a requirement" [Undecided,New] https://launchpad.net/bugs/793749
<uvirtbot> New bug: #793750 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/793750
<sveinse> Could apparmour be interfering with chroot and/or binfmt?
<raubvogel> what do I need to do to completely remove all samba-related config files?
<raubvogel> join #ubuntu
<sw0rdfish> does irssi come automatically installed in 10.04?
<Pici> sw0rdfish: No.
<sw0rdfish> pici thanks
<Ddorda> hey guys, is it dangerous to change /bin/sh from dash to bash?
<Ddorda> i want to have autocompletion by default, and I know bash has it. so maybe switching between dash and bash might be good for me. the question is, if it won't break anything
<sw0rdfish> heh
<sw0rdfish> i just did that a while ago
<sw0rdfish> Ddorda, i'm not sure what kind of installation you have, mine was a clean new one
<sw0rdfish> so it definitely didn't break anything
<Ddorda> sw0rdfish: okay :)
<Ddorda> thanks
<sw0rdfish> and i don't think that it does, in general but i'm just a rookie too so wait
<sw0rdfish> for someone to tell you though
<sw0rdfish> what kind of installation is yours? is it a newly formated server?
<sw0rdfish> Ddorda?
<Ddorda> sw0rdfish: linodes one
<Ddorda> but yea, it's brand new one
<sw0rdfish> see i don't even know what that means, i just started using linux not so long ago...
<sw0rdfish> do you know how to change it
<Ddorda> sw0rdfish: i guess it's just a simlink...
<Ddorda> symlink*
<sw0rdfish> new to linux too?
<sw0rdfish> well i'd wait till one of the guys answers you :P
<Ddorda> sw0rdfish: not really
<Ddorda> about 6 years with linux
<sw0rdfish> WoW!
<sw0rdfish> well you'd have to know chsh is the right command to change it :P
<Pici> Most people don't have sh or dash as their login shell, you shouldn't have to use chsh.
<Pici> Its not part of update-alternatives, just change the symlink.
<sw0rdfish> oh
<sw0rdfish> well i dunno it worked fine for me, but yeah.... its not a big deal :)
<Ddorda> well, i'm scared doing such a move on a production
<sw0rdfish> production1
<sw0rdfish> just symlink it then :)
<sw0rdfish> mine is just a personal server :)
<Ddorda> mine is too, but it's my production personal server :P
<Ddorda> "just symlink it then"?
<Ddorda> sw0rdfish: after looking, using bash instead of dash as default may cause things to brake
<Ddorda> so i use it only on my user
<Ddorda> + I installed bash-completion
<Ddorda> works like charm :)
<sw0rdfish> oh
<sw0rdfish> bash-completion for dash?
<sw0rdfish> Ddorda, what production ya mean, mate?
<Ddorda> sw0rdfish: i don't speak weirdo pirates language
<Ddorda> :D
<sw0rdfish> pirates?
<sw0rdfish> weirdo?
<sw0rdfish> over "what production ya mean, mate?"
<sw0rdfish> heh
<sw0rdfish> well i don't speak Ddorda language :P
<sw0rdfish> sawwy!
<Ddorda> sw0rdfish: if you want me to answer that you'll have to explain me what the heck it suppose to mean
<Ddorda> :P
<sw0rdfish> hehe
<sw0rdfish> i'm gone off to practice my php mate
<sw0rdfish> cya in a bit :)
<sw0rdfish> oh and I meant what kind of production you talkin about?....
<sw0rdfish> Ddorda,
<Ddorda> sw0rdfish: i'm having some sites on it
<sw0rdfish> cool
<Aison> are there packages for isc dhcp server 4.2.1? (http://www.isc.org/software/dhcp)
<Aison> somehow ldap support really sucks on 4.1, so I would like to test 4.2.1
#ubuntu-server 2011-06-07
<m_tadeu> hi everyone....what's the best way to guarantie that a service runs no matter what? like if it dies, something to run it again, get notification for that, etc
<Ryan_Lane> I'm trying to install libactiverecord-ruby1.8 on ubuntu 10.04 server, but apt says it doesn't exist...
<Ryan_Lane> it's supposed to be in the universe repo, but doesn't seem to be
<genii-around> !info libactiverecord-ruby
<ubottu> libactiverecord-ruby (source: rails): ORM database interface for ruby. In component universe, is optional. Version 2.3.5-1.2ubuntu1 (natty), package size 4 kB, installed size 36 kB
<genii-around> Hm
<Ryan_Lane> is it just missing? it definitely seems like it should be there
<jeremy_c> I just upgraded my remote server that I have no console access to, i.e. ssh only. At the end of the upgrade it said "Upgrade complete but some errors occurred." This is 8.04 -> 10.04. I do not have the ability to scroll back and see the errors. What now?
<twb> jeremy_c: /var/log/apt, /var/log/dpkg
<twb> I don't follow the official upgrade procedure, so there may be other fancy-pants d-r-u logs that I don't know about.
<jeremy_c> twb: thanks.
<jeremy_c> twb: it doesn't seem to include anything about the do-release-upgrade. Last log entry is from early this morning when I did an apt-get install links
<twb> jeremy_c: no dpkg/term.log ?
<twb> dru may bypass apt :-/
<jeremy_c> there is /var/log/dpkg.log which shows install of packages from the dru but no error information.
<jeremy_c> no /var/log/dpkg dir though.
 * jeremy_c is afraid to reboot :-)
<ScottK> I would check /boot/grub/menu.lst and make sure it's set to boot a kernel that's installed (and for Lucid)
<twb> Wait, doesn't d-r-u manually run its own screen session now?
<twb> So he should be able to ^A[ to get to scrollback
<ScottK> Not that I noticed.
<ScottK> Certainly not in Lucid it didn't.
<twb> ok
<twb> I thought it did
<sbeattie> twb: not in lucid, but in maverick it does.
<ScottK> I'd also make sure sources.list points a lucid, apt-get update and then apt-get dist-upgrade.
<ScottK> That'll make sure all the package upgrades are done.
<ScottK> If you've got all the packages upgraded and grub is set to boot the correct kernel, odds of it coming up post-boot are reasonably good.
<sparc> Is there a way to detect the architecture of DHCP clients from ISC DHCPD ?
<sparc> I don't see anything in the man pages, but I figure there must be a way.  I'm trying to send different 'filename' options to PXE clients, so they get the right PXELinux boot code.
<jeremy_c> menu.lst shows kernel 2.6.24-26 w/date/time about the time dru was run.
<jeremy_c> ScottK: in regards to Lucid, how do I tell? The titles still say "Ubuntu 8.04.4 LTS" ... I did a apt-get update && apt-get upgrade this morning in prep for this dist-upgrade tonight. The kernel versions didn't actually change from this morning.
<ScottK> 2.6.24 is a hardy kernel.
<ScottK> Does your sources.list say lucid?
<jeremy_c> sources.list show lucid
<jeremy_c> all hardy references are commented out in sources.list
<twb> jeremy_c: as root, run "apt-get dist-upgrade --dry-run" and pastebin the output.
<twb> jeremy_c: that should tell us what (if any) outstanding upgrades exist
<jeremy_c> not by me, seems that they were ones that existed and were commented out prior to upgrade, i.e. hardy partner, hardy main restricted.
<jeremy_c> http://pastie.org/2030377   ... apt-get dist-upgrade --dry-run
<ScottK> Do you have a kernel metapackage (e.g. linux-image, linux-image-generic, linux-generic-pae) installed?
<ScottK> If the kernel metapackage got removed from some reason that would explain having the old kernel still
<jeremy_c> http://pastie.org/2030381   ... dpkg -l | grep linux
<jeremy_c> http://pastie.org/2030387   ... ls /boot -l
<twb> ScottK: so spamassassin is preventing him installing a newer perl (I think), but everything else is OK?
<twb> as far as apt is concerned, I mean
<ScottK> Wrong kernel
<jeremy_c> should I do a apt-get -f install ?
<twb> Dunno
<ScottK> Yes.
<ScottK> Best case it fixes stuff, it won't break things worse.
<twb> If it was me, I would do it, but I can handle whatever it throws at me
<ScottK> Read what it says it's going to do before you say yes
<twb> +1
<jeremy_c> seems pretty benign
<ScottK> Can you pastebin it?
<jeremy_c> hm, already started it.
<ScottK> OK.
<jeremy_c> apt-get --dry-run dist-upgrade now shows: 524 upgraded, 165 newly installed, 6 to remove and 0 not upgraded.   linux-image-2.6.32-32-server being one of them.
<twb> zoiks
<twb> So it sounds like something perl-y broke down, and now it is fixed you can carry on
<jeremy_c> so dru or apt-get dist-upgrade?
<twb> Not sure
<twb> I don't trust dru to do the right thing, but I get yelled at if I tell newbies that it's junk
<ScottK> At this point apt-get dist-upgrade
<jeremy_c> twb: :-D
<jeremy_c> ScottK: OK.
<ScottK> dru works fine but it's not designed to start from the middle.
<jeremy_c> only has to download 1.2mb out of 622mb, so dru must have gotten most things.
<ScottK> What are the 6 to remove?
<jeremy_c> forget, but they were things I don't use, realized they were of no concern and just went on.
<jeremy_c> I can tell you in a sec, I have it in a log, but it's unpacking/installing right now.
<jeremy_c> libcupsys2 libdatrie0 libgems-ruby1.8 librpm4.4 python-psycopg texlive-base-bin
<ScottK> Agreed.
<ScottK> Should all be fine.
<JoeCoder_> I did a rm /var/log/mail.*
<JoeCoder_> and now the mail logs aren't recreated whenever something happens.
<JoeCoder_> I can recreate them, but user/group/permissions should they have?
<JoeCoder_> even after chmod 777'ing it, nothing is written
<ScottK> -rw-r----- 1 syslog adm 1456 2011-06-06 13:58 /var/log/mail.log
<JoeCoder_> thanks
<JoeCoder_> I had tried that once already
<JoeCoder_> I'll reboot--the fixall for the novice!
<JoeCoder_> and now it works, and the permissions for those files ar eset
<jeremy_c> I am down to this error installing procps: http://pastie.org/2030485
<jeremy_c> ScottK: twb any ideas about http://pastie.org/2030485 ?
<twb> That's weird
<twb> Knee-jerk reaction is to blame LSM (e.g. apparmor)
<jeremy_c> Any ideas on fixing it?
<ScottK> You didn't run out of space did you?
<ScottK> If not, I'd check and see if the backup symlink already exists.
<jeremy_c> nope.
<jeremy_c> 62% use is the highest use disk mounted.
<jeremy_c> I think I am done. forcing it made it pass.
<jeremy_c> ScottK: twb: 2.6.32-32-server sound OK for the kernel? They are in menu.lst as Ubuntu 10.04.2 LTS
<ScottK>  linux | 2.6.32.32.38 | lucid-updates | amd64, i386
<ScottK> Yes.
<Nafai> Hey ScottK, ltns!
<jeremy_c> ScottK: twb: Thanks! The server reboot just fine. Now reports 10.04
<ScottK> jeremy_c: Congratulations.
<jeremy_c> now I guess we should continue to 11.04 :-/ I hate dist upgrades :-/
<twb> Bah
<twb> non-LTS can FOAD IMO
<jeremy_c> FOAD?
<twb> "go away"
<jeremy_c> hm, 11.04 isn't LTS?
<twb> It is not
<jeremy_c> I guess I am a bit confused, is LTS software that is outdated but continuting to be supported?
<qman__> LTS releases are supported longer than normal ones
<qman__> normal releases are on a 6 month cycle, which is too fast for most production environments
<qman__> LTS releases are on a two year cycle
<twb> Canonical nominally provides support to its customers for releases.  Certain packages in LTS releases get substantially longer support than they otherwise would.
<twb> Even if you aren't paying for Canonical support, some of that benefit rubs off because they issue e.g. security updates to everyone
<twb> So in short: yes, except instead of "outdated" we say "stable"
<jeremy_c> so, in a production env I should stick w/10.04 then is what you are saying?
<rewt> it's up to 10.04.2
<twb> Yes
<Daviey> lynxman, Hah!  I had no idea you had created a meta data service for orchestra.  Nice one :)
<lynxman> Daviey: yeah it's just a very limited easy one
<Daviey> well yeah, but it's *something* :)
<lynxman> Daviey: definitely =)
<amitk> newbie ec2 question: How does one make the instance of ubuntu ec2 images persistent? i.e. If I install some apps, then terminate my instance I want to be able to restart the instance and find the apps installed.
<lynxman> amitk: you have a couple of ways for that, you can use EBS as your root fs (there's AMIs that implement that) or you can just make an AMI once you're happy with how the server looks and be able to spawn new instances
<lynxman> amitk: both have different usage scenarios so make sure the one you choose fits what you need
<amitk> lynxman: I've already downloaded the ubuntu 10.04 EBS image to use with the free AWS offer. Can I customize that and make it peristent?
<lynxman> amitk: that is already persistent, if you terminate the instance your disk remains as an EBS volume, you just need to start a new instance pointing at that ebs vol
<amitk> lynxman: hmm, how do I point to the ebs volume?
<lynxman> amitk: a quick Google showed up this http://serverfault.com/questions/234061/re-gaining-root-access-to-an-ec2-ebs-boot-image
<amitk> lynxman: aah thanks. I've been googling for an hour with no result. I was missing the right language (keywords) to google.
<lynxman> amitk: no worries =)
<amitk> and how does 'snapshots' figure into this? I thought I had to snapshot the instance to be able to persist
<lynxman> amitk: a snapshot is your base image for the AMI
<lynxman> amitk: so an AMI will always use a snapshot to spawn an EBS volume to boot from
<laen> When i initiate an apt-get upgrade, and it upgrades apache, it _changes_ the permissions on the already available /var/www folder. It shouldn't, and it's a bad practice of doing so. Even though Ubuntu developers apparently can't be trusted with creating proper packages, what other ways are there to prevent permission changes on folder /var/www?
<lynxman> laen: as far as I know it's bad practice to change the permissions of a directory created by a package :)
<laen> I'm looking for a generic solution, not a per-server btw.
<laen> Cause apt-get is always right, right?
<laen> I didn't make up the permissions, we're talking about a professional environment i have to suppoirt, and didn't create.
<soren> laen: What exactly changed?
<soren> (Although I do wonder why you're asking advice from people you don't trust)
<laen> Ow apparently, i head now, it was the permissions on /var/log/httpd
<laen> Cause i have to support Ubuntu, even though i don't want to.
<soren> /var/log/httpd ?
<soren> We don't use /var/log/httpd
<lynxman> soren: I think he means /var/log/apache2
<soren> Then he should say that instead.
<soren> laen: Which is it? httpd or apache2?
<laen> Right, something like that. It was indeed log files beeing stored in /var/log/apache2 by the customer.. (and that is bad practice as well, i know, not my idea, and don't agree).. once the permissions change the customer apache instance can't store apache2 log files anymore.
<soren> Well, the generic, not per-server solution is to fix the problem, not the symptoms.
<soren> Hence, I'd like to know exactly what changed so that I can try to work out why it happened.
<soren> Looking at apache's postinst, it should only be setting ownership on initial installs, never on upgrades.
<soren> Or not.
<soren> *shrug*
<TheAshMan> I recently changed the IP of one of my servers and whenever I log in it displays two versions of the "welcome" screen. The second version has the old IP on it. How do I remove it?
<TheAshMan> the second one also says "System information as of Fri May 13 15:32:01 BST 2011"
<xampart> TheAshMan: possibly /etc/motd.tail
<TheAshMan> do I just empty the file?
<TheAshMan> apparently so
<TheAshMan> Thanks :)
<amitk> is this the right way to mount an EBS volume as the root device? ec2-run-instances ami-2ec83147 --instance-type t1.micro --region us-east-1 --key amit -b '/dev/sda=snap-foobar'
<amitk> it mounts /dev/sda and creates another /dev/sda1 EBS for me
<amitk> I'm trying to figure out the simplest way to have my Ubuntu 10.04 64-bit instance kept up to date (persistent)
<amitk> lynxman: ^
<TeTeT> amitk: I believe you need to use a special EBS root AMI that you can stop rather than terminate if not needed
<TeTeT> amitk: the EBS space will cost some money, but the instance can be stopped and started at will
<lynxman> amitk: TeTeT is right, you need to start the instance from an EBS AMI, then stop, detach the created image and attach yours, I know its not the most elegant but... that's the only way I know
<amitk> TeTeT: aah, so I shouldn't be terminating. Only starting and stopping?
<TeTeT> amitk: try this one, not sure if it's lucid, but should be ebs backed: ami-9d4ba5f4
<TeTeT> amitk: yes, regular instances can only be started and terminated and rebooted, ebs root instances can also be stopped
<amitk> EBS space is free (10Gb) with the AWS free tier
<TeTeT> didn't know that
<amitk> all documentation points to terminate
<amitk> TeTeT: I believe that ami-2ec83147 is an official Ubuntu 10.04 64-bit EBS-backed AMI
<iam3fun> hello
<iam3fun> ;]]]
<amitk> so I'm only trying to get my changes to be persistent
<laen> soren: sorry was in a meeting, but i'll find a solution, thanks though
<sveinse> I have added "manual" to a service in /etc/init, but after this, upstart wont recognize the service at all. Does anyone have any examples of how to use a manual service?
<sommer> morning all
<zul> lynxman: this one? mcollective-server-provisioner
<lynxman> zul: yessir
<zul> lynxman: ok first it should be in a bzr branch again
<lynxman> zul: there's one :)
<zul> lynxman: can you use quilt for the patch
<lynxman> zul: hm?
<zul> lynxman: you modified the source can we have a clean source and then you apply the patch again
<lynxman> zul: that'll be fairly difficult :/
<lynxman> zul: the changes are enormous
<zul> lynxman: why?
<lynxman> zul: and they'll be merged upstream next week
<zul> lynxman: k
<lynxman> zul: would it be possible to get this one rolling and then I'll generate a new version as soon as the changes are in?
<zul> lynxman: yeah
<lynxman> zul: thanks ^^
<zul> lynxman: also the plugins dont work with out the mcollectiver-server-provisioner do they?
<lynxman> zul: they do, there's a plugin for the provisioner in the package
<lynxman> zul: but all the rest are operationally independent
<zul> lynxman: ok just making sure
<lynxman> zul: each agent should be able to stand on its own, and each have its own Requires
<zul> lynxman: for the postinst you probably want service mcollective restart || true
<zul> lynxman: get rid of the watch file
<lynxman> zul: cool, same as always :) doing those changes nao
<zul> lynxman: in the upstart put the start on, stop on repsawn before the pre-start block
<kickar> hey guys can someone assist me to convert mysql from latin1 to utf8?
<kickar> and very wierd one of my ubuntu servers is actually reading the database good
<kickar> the other one is messed up
<kickar> anyone can help me?
<Pici> kickar: #mysql might be a better place to ask if you anre't getting help here. also, try to be patient, you just ask your question.
<kickar> it is weird
<kickar> maybe it is a apache setting?
<kickar> cause my one machine is OK, but theother one not
<lynxman> zul: changes in repo, new package building
<zul> k
<teaforthecat> hello I am trying to create a raid1 from a single disk. after $ sfdisk -d /dev/sda | sfdisk /dev/sdb  /dev/sdb2 has only one block so I can't format it. thanks.
<teaforthecat> am I doing the right thing to create a raid1?
<pmatulis> teaforthecat: raid1 on one disk is questionable
<pmatulis> teaforthecat: hm, ok, you mean 2-disk array based on a single non-raided disk
<teaforthecat> yes
<teaforthecat> I understand I create a degraded array first, copy the data over, then add the original disk to the array
<Ddorda> where phpmyadmin keep its logs?
<teaforthecat>  Ddorda: Open /etc/php.ini file and find error_log
<teaforthecat> I created a gist that shows the confounding error at the bottom: https://gist.github.com/1012330
<uvirtbot> New bug: #792713 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/792713
<m_tadeu> I need something to start services if they go down, and get notification when that happens....what do you guys suggest?
<koolhead11> m_tadeu, check monit
<axisys> what updates the following files ?
<axisys> /var/lib/apt/update_success /var/lib/apt/periodic/update-stamp /var/lib/apt/lists/lock
<axisys> and I have this script  http://pastebin.com/q81uZk7X  that alerts if they are newer than 7 days.. trying to find out what is the significance of that
<axisys> s/that alerts if they are newer than 7 days/that alerts if they are older than 7 days/
<RoAkSoAx> zul: ping?
<zul> RoAkSoAx: whats up?
<RoAkSoAx> zul: so wanted to discuss some cobbler stuff with you, free?
<zul> RoAkSoAx: sure
<RoAkSoAx> zul: 1st: When we import the mini.iso it will create a Repo for main/universe, and another one for security
<zul> RoAkSoAx: okies
<RoAkSoAx> zul: the repos by default are disabled so if we run cobbler reposyng it will not sync the archives
<RoAkSoAx> zul: so anyways, I'm guessing that the behaviour is desired, correct?
<zul> i believe so
<RoAkSoAx> zul: ok, so now, the thing is how can I automatically determine the country and stuff to set the repo
<RoAkSoAx> zul: if we are in the us, use us.archive if we are in Italy, us it.archive
<RoAkSoAx> etc etc
<RoAkSoAx> any ideas?
<zul> RoAkSoAx: iirc there is a way to determine which mirror you can use with apt, check with mvo
<RoAkSoAx> zul: cool
<RoAkSoAx> zul: 2nd: TYo be able to use the repo and stuff, we need to tweak the preseed... should we just document that or should we make that happen automatically?
<zul> document it for now
<RoAkSoAx> zul: ok thanks ;)
<RoAkSoAx> zul: ahh I think we cannot use apt to determine which archive repo to use in case we submit it upstream, otherwise it wouldn't work on non-debian machines
<zul> RoAkSoAx: assuming that they have /etc/apt/sources.list setup properly on the cobbler server why not gleeem it from there
<tdelam> hi guys, is jaunty 9.04 no longer supported? my apt-get update gives me all 404's
<zul> tdelam: its not
<tdelam> zul: Hm, what could the reason for those 404's be?
<adam_g> /win/j #ubuntu-meeting
<zul> tdelam: its not supported
<tdelam> oh
<tdelam> how can I upgrade now that apt is dead?
<RoAkSoAx> zul: ok
<jdstrand> tdelam: http://old-releases.ubuntu.com/releases/
<tdelam> ah :/
<jdstrand> tdelam: I would recommend using: 'sudo do-release-upgrade' and upgrade to 9.10. then do it again to get to 10.04. both 9.04 and 9.10 are not supported (but 10.04 is because it is an LTS)
<tdelam> no easy way to do this I guess. Server is 4000 miles from me serving about 200 web sites.
<tdelam> oh
<jdstrand> tdelam: 9.10 hasn't been moved to old-releases yet. you should be able to upgrade in the manner I described
<tdelam> An upgrade from 'jaunty' to 'lucid' is not supported with this tool.
<jdstrand> tdelam: no. LTS to LTS is supported or release to the next release. jaunty wa not LTS, so you must go through 9.10 (karmic)
<tdelam> jdstrand: Oh I see, can I specify that with this command?
<jdstrand> tdelam: it can detect it. 'sudo do-release-upgrade' is all you need to do. you'll do that (it is cli) and it will upgrade, then reboot. then you'll do it again
<jdstrand> tdelam: it should be stated that doing this has an element of risk
<tdelam> jdstrand: Yea, that's what i did and got back that error message.
<jdstrand> tdelam: with you being 4000 miles away, if something goes wrong or the system is unbootable, then you are in trouble
<jdstrand> tdelam: you got the 404 message?
<tdelam> jdstrand: http://pastie.org/2033024
<jdstrand> hmm
<jdstrand> it didn't like that karmic is eol too
<jdstrand> tdelam: you have to do jaunty -> karmic the hard way
<tdelam> jdstrand: can you direct me to how to it the hard way without apt?
<jdstrand> tdelam: update /etc/apt/sources.list to substitute all occurences of 'jaunty' with 'karmic'. then do 'sudo apt-get update && sudo apt-get dist-upgrade'
<tdelam> oh
<tdelam> thats not so hard :)
<jdstrand> tdelam: please note, this method of upgrading is not at all as well tested and that 'do-release-upgrade' has special logic to make sure that things go smoothely
<tdelam> ok
<jdstrand> tdelam: there is more risk with this method. you may want to start sshd manually to listen on a different port, then login via that port and do 'sudo -i' before the upgrade so you have a root prompt
<jdstrand> tdelam: in case anything goes wrong
<jdstrand> tdelam: once you upgrade to karmic, reboot, then you can use do-release-upgrade
<tdelam> ok
<jdstrand> tdelam: good luck (and make backups if possible)
<tdelam> Di have automated ones, for years now
<tdelam> in /mnt/disk2 :)
<jdstrand> tdelam: you know
<jdstrand> tdelam: you should probably do the 'sudo apt-get  update && sudo apt-get dist-upgrade
<jdstrand> ' in the speciall sshd
<tdelam> alright
<tdelam> i am getting that going now
<jdstrand> in cause the one that is upgraded goes down
<jdstrand> s/cause/case/
<jdstrand> tdelam: good luck :)
<tdelam> thanks :D
<tdelam> note to self -- stay on top of upgrades
<tdelam> jdstrand: on karmic now do-release-upgrade started.
<jdstrand> \o/
<tdelam> so far so good. I don't want to jinx myself though
<tdelam> all webservices are running smoothly too.
<tdelam> minus the mini downtime for rebooting :)
<tdelam> had to be done though
<m_tadeu> koolhead11|afk: thanx a lot
<j1mc> sommer: i should have a test build of the server docs in that new layout available within the next few days.
<sommer> j1mc: sweet that'd be awesome
<j1mc> i'll let you know when it's ready. :)
<sommer> j1mc: sounds good, thanks for your help!
<j1mc> you are very welcome! : )
<j1mc> sommer: we have a docs team meeting set for this sunday at 20:00 UTC. just an FYI in case it is convenient for you.
<j1mc> it's 3:00pm central time
<sommer> j1mc: ya, I'll try to be there, but I'm not sure what I have going this weekend.
<j1mc> no worries
<j1mc> :)
<maccam94> i'm trying to enable TLS secured replication in openldap, following the ubuntu 10.04 server guide. when i try to modify the ldap config to add the certificates on the slave, i get the following error: ldap_modify: Inappropriate matching (18) additional info: modify/add: olcTLSCACertificateFile: no equality matching rule
<maccam94> i'm getting the error on step 6 here: https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html#openldap-tls-replication
<sommer> maccam94: what command are you entering?
<maccam94> it's on step 6 in the section of the page i linked, it's a slapd command followed by adding stuff to the tree
<maccam94> sommer: i can paste what i'm running to pastebin, but it looks almost exactly the same as what's on page
<maccam94> i just changed the hostname for the keys
<sommer> maccam94: so you have the olcTLSCACertificateFile setup?
<maccam94> i have the files in /etc/ssl/certs and /etc/ssl/private, yes
<maccam94> it doesn't look like it's even trying to load them though
<sommer> maybe try adding the CA entry by itself, then try adding the entries for the server's cert and key
<maccam94> i had a problem with permissions on the master initially, where slapd wouldn't start because it didn't have permissions to read them, but this error occurs right when i commit the change, it won't accept it
<maccam94> sommer: and it fails when i enter just that first section
<sommer> maccam94: strange, I've never seen that particular error... on sec
<maccam94> i feel like i must be missing something in my tree
<sommer> maccam94: can you do replication without TLS?
<maccam94> sommer: yes, it is currently replicating
<sommer> maccam94: that's good :-)
<maccam94> though i'm not sure it was configured following the same methods as in the server guide
<sommer> are you using natty or maverick?
<maccam94> lucid
<sommer> should work for both... oh one sec
<maccam94> the guide page is for lucid as well
<sommer> right, should work for lucid too, heh
<sommer> maccam94: maybe try adding "TLS_REQCERT allow" to your /etc/ldap/ldap.conf file (no quotes)
<sommer> then do the modify command
<maccam94> sommer: i did it and restarted slapd and now it works
<maccam94> thanks!
<sommer> no prob... it's an issue with self-signed certs I guess
<maccam94> ah
<sommer> might need to make a note of that in the docs :-)
<maccam94> :-)
<SpamapS> smoser: re bug #765843 .. you said you pulled it into your upstream branch.. are you planning to upload that to oneiric soon?
<uvirtbot> Launchpad bug 765843 in cloud-initramfs-tools "Intermittent mount failure after growroot" [Undecided,Confirmed] https://launchpad.net/bugs/765843
<maccam94> how can i confirm that my two ldap servers are indeed communicating via TLS/SSL?
<sommer> maccam94: I use wireshark to snoop ldap traffic then do a change on the master
<maccam94> :-( that's not really feasible for me...
<maccam94> sommer: should they be communicating on port 636?
<sommer> maccam94: nope 636 is for SSL, using TLS uses 389... at least that's my understanding
<maccam94> ok
<sommer> maccam94: you could also use tcpdump to capture traffic
<maccam94> actually i guess i don't need promiscuous mode for that...
<maccam94> (it's a vm)
<jcastro> SpamapS: a bunch of server related videos are just now hitting the youtube channel if you wanna tweet some of that action
<hggdh> smoser: hardy current amd64 ran fine
<hggdh> smoser: I think we are good to go
<maccam94> now that i have starttls enabled, will my ldap servers allow non-TLS/SSL connections?
<sommer> maccam94: yeppers, you can connect both ways
<maccam94> hm, i probably want to restrict it to SSL/TLS only. will all of the clients need keys/certs to be able to connect securely?
<sommer> I think you can do that via ACLs, but I've never implemented it myself.  Don't think the clients will need certs, but they may have to adjust the TLS settings to allow a self-signed one from the server
<maccam94> k
<maccam94> thanks for the help, sommer
<sommer> maccam94: you're welcome :-)
<codi> Anyone able to help me out with some preseeding i'm trying to do? Not having any luck recreating an iso for use in virtualbox with a preseed.cfg.
<codi> Specifically for the 11.04 server install.
<RoAkSoAx> !ask | codi
<ubottu> codi: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<RoAkSoAx> zul: I guess I'll do some python-apt stuff to get the mirror automatically, if not, just hardcode one
<zul> RoAkSoAx: cool...i have a half assed gpxe thing going on
<RoAkSoAx> zul: hehe good luck w/that
<earthworm> hello,
<earthworm> does somebody know how to start into runlevel 3, not into runlevel 5?
<earthworm> is this possible ? there is no inittab at /etc ?
<Pici> !upstart | earthworm
<ubottu> earthworm: Upstart is meant to replace the old Sys V Init system with an event-driven init model.  For more information please see: http://upstart.ubuntu.com/
<earthworm> @pici so upstart is the parent of all processses... interesting...
<earthworm> @pici do you mean i should remove S from init.d/
<earthworm> @pici or would this be the wrong way...
<Pici> earthworm: I believe that upstart will still fire scripts in /etc/init.d/
<earthworm> okay
<earthworm> @pici okay
<earthworm> @pici i found a script called : rc-sysinit.conf
<earthworm> @pici i'm on the right way... ?
<Pici> earthworm: Indeed.
<earthworm> @pici you're a fine tutor ... aren't you ;) thx
<earthworm> gonna reboot and see ...
<earthworm> thx
<codi> Ok, my question is. I have the server iso downloaded from ubuntu.com and a preseed.cfg. Should that preseed.cfg just go in the root of the disc image?
<earthworm> @pici ;)
<earthworm> there is an entry with runlevel = 2
<earthworm> i tried to change this to 3 but nothing happens, everything is as before
<RoyK> eagles0513875: standard runlevel is 2
<RoyK> why would you change that?
<Pici> RoyK: Yes gone.
<Pici> er, Hes.
<RoyK> oh
<RoyK> yes
 * RoyK wants native zfs on linux
<Guest24499> hi - just installed natty server.  how come ctrl-alt-f2 through f6 don't work?  what can I do to make it work?
<Guest24499> if I start X, even ctrl-alt-f1 don't work (can't get to a text console)
<RoyK> does anyone use X on a server?
<Guest24499> X server :P
<RoyK> that's for workstations
<Guest24499> i know
<Guest24499> I wanted to start from a minimal install.  but basic question is still - how come ctrl-alt-f2 don't work?
<RoyK> alt+left/right should work well
<RoyK> or alt+f[1-6]
<RoyK> ctrl+alt is only needed if on X
<RoyK> which you usually don't do on a server
<Guest24499> alt-f2 doesn't work.
<Guest24499> alt-right arrow does work (thanks!)
 * RoyK doesn't use non-LTS releases for server installs
<Guest24499> this is not a real server.  I'm doing a minimal install so that I can pull down lxde (don't like gnome)
<RoyK> ok
<Guest24499> so, any idea why alt-f2 wouldn't work, but alt-right arrow would?
<eagles0513875> RoyK: think u highlighted wrong person
<raubvogel> Does anyone know why there are missing releases in http://archive.ubuntu.com/ubuntu/dists ?
<Pici> raubvogel: What releases are 'missing'?
<ajmitch> raubvogel: releases that are end-of-life go to http://old-releases.ubuntu.com/ubuntu/dists/
<raubvogel> Pici, I do not know their names, but it goes from hardy to karmic
<raubvogel> or dapper to hardy
<Pici> raubvogel: Then read what ajmitch just said.
<Pici> !edgy
<ubottu> Ubuntu 6.10 (Edgy Eft) was the fifth release of Ubuntu. End Of Life: April 25th, 2008. See !eol for more details.
<Pici> !feisty
<ubottu> Ubuntu 7.04 (Feisty Fawn) was the sixth release of Ubuntu. End Of Life: October 19th, 2008. See !eol and !upgrade for more details.
<Pici> EOL releases are no longer housed on the normal archives.
<Pici> Minus 1 release though, so Karmic is still there even though it is EOL.
<ajmitch> mostly because the mirror space required would be excessive, old-releases doesn't get mirrored afaik
<raubvogel> So, if I have a 8.04 LTS machine, how to upgrade it?
<Pici> raubvogel: You can upgrade from one LTS to the next, so you can go directly to 10.04 LTS
<raubvogel> Ok
<ajmitch> the command 'do-release-upgrade' should manage that for you
<ajmitch> you may need to install update-manager-core first, details are on http://www.ubuntu.com/download/ubuntu/upgrade
<queso> Where is the log for openssh-server?
<SpamapS> queso: /var/log/syslog and/or /var/log/auth.log
<SpamapS> queso: there's an awesome program called 'logwatch' that will summarize it daily for you.
<queso> SpamapS: nice, thank you
<JasonnAWAY> Hi, how can I raid 2 servers together with ubuntu (program)
<SpamapS> JasonnAWAY: "RAID" is "Redundant Array of (Inexpensive|Independent) Disks" ..
<JasonnAWAY> Hmmm
<SpamapS> JasonnAWAY: do you want to replicate data accross two servers?
<JasonnAWAY> No
<JasonnAWAY>  I want to put 2 hdds together so they act as 1
<SpamapS> Ah, but on one server?
<JasonnAWAY> yes
<SpamapS> https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
#ubuntu-server 2011-06-08
<RoAkSoAx> kirkland: ping?
<geekbri> If you've got a wildcard entry in your Bind server but you want your domain without a host (say google.com instead of www.google.com) to have an entry that doesn't redirect to the same place as the wildcard, how would you go about doing that?
<s0rserer> anyone know where i can find help with an ms exchange server?
<twb> s0rserer: ##windows?
<twb> Or your support vendor, of course
<s0rserer> thanks ill give that a shot
<jonesst1> evolution to exchange?
<hackeron> hey, how do I go back to the previous grub behaviour? - from time to time grub detects a boot failure and shows the grub menu - I don't want this to ever happen as it involves driving 40 miles to plug in a keyboard and press enter :/
<twb> hackeron: dunno; I use hpa's bootloader
<hackeron> twb: what's that?
<twb> isolinux
<twb> The same bootloader you already use on CDs and USB keys, works on hard disks, too
<hackeron> what are the advantages to grub?
<twb> It's not a huge crufty monstrosity of unnecessary complexity
<hackeron> does it support software raid?
<twb> For example, it doesn't autodetect "modules" to compile into the MBR
<hackeron> probably won't work with software raid then
<twb> It supports linux md RAID 1.  Not sure about 5.
<twb> I would not put /boot on RAID5 anyway
<hackeron> hmm
<twb> In fact the last straw for me with grub was that it *didn't* work properly with RAID1
<hackeron> :/ - I use it with md raid on all my ubuntu server boxes
<hackeron> some raid1 some raid5
<twb> Some motherboards will detect hda is dead and "rename" hdb to hda, so grub's device.list breaks and you can't boot
<hackeron> huh? - grub's device.list uses UUIDs
<twb> And for me, it wasn't a 40 mile drive -- the machines were in mines in .za
<twb> hackeron: maybe it uses UUIDs now, it didn't in 8.04
<twb> Actually, those boxes would've been RHEL4
<twb> Er, RHEL5
<twb> In any case, syslinux doesn't have that problem, because it boots off the disk that's there, end of story.
<hackeron> well, this is just ubuntu's latest "feature" - far as I can tell the problem is ubuntu no longer has a time out to press esc for the grub menu - instead if instantly boots and if it fails, it marks a failboot flag and shows the grub menu on next boot - not what you want on a server :/
<Sakara> Has anyone had issues getting user_dir and apache working when homes are mounted from another server?
<twb> hackeron: instead of a timeout, you have to hit Shift at exactly the time between when the BIOS hands control to grub, and grub hands control to the kernel
<twb> hackeron: which IME is impossible on some fast systems :-/
<hackeron> twb: well, that wouldn't be a problem if it didn't force the grub menu on boot failure
<twb> syslinux also fixes that -- you can use Scroll Lock instead, which stays "stuck" down, so you can hit it while still in the BIOS
<twb> Sakara: mounted how, NFSv3?
<Sakara> twb: NFSv4
<hackeron> twb: how do I "switch" to syslinux?
<twb> Sakara: I haven't tried that, sorry
<twb> http://paste.debian.net/119165/
<twb> hackeron: those are some notes I made for two-disk RAID1 systems back in the hardy days
<Sakara> twb: Hopefully someone else has done it
<twb> hackeron: unfortunately Ubuntu isn't interested in making it an install-time option, though the Debian people are working on that I believe.
<twb> Sakara: could your problem simply be root_squash?  Oh, are you using kerberized NFS?
<Sakara> yes
<Sakara> twb: that is what is happening
<twb> Sakara: ah, OK, so does the apache process have the necessary krb tickets?
<Sakara> I am unsure about how to authenticate and authorise the www-data user
<twb> Sakara: yeah, that kind of headache is why I'm not using krb yet :-)
<twb> Sakara: you might want to ask the #kerberos channel as well
<Sakara> what other ways are there to centralise user accounts?
<twb> I use LDAP
<Sakara> ok LDAP only?
<twb> And SSHFS for end users's network filesystems.
<twb> NFS is there, but only on systems where I strictly control who has root, because obviously without krb, root on every system is fully trusted by the NFS server
<Sakara> ok that does seem like a more appriopriate way to handle users too
<owh> On a hardy server how do I implement SMTP rate control so that the number of outgoing messages to an smtp relay do not exceed 1000 per hour. I don't want to drop the excess messages on the floor or bounce them, I just want them to be queued and delivered in the next and subsequent hours. I'm using postfix to relay the mail.
<Sakara> ahh ok yes tha twould be a problem
<twb> Consider: even with root_squash, root can simply "su - twb -c 'cat /home/twb/.netrc'" or so
<twb> owh: I don't know; you could also ask #postfix.  I would probably run "postconf" and look for likely-looking options, then look them up in the reference docs.
<|rt|> I've always been under the impression that kerbose doesn't really centralize users...it just provides a secure authentication framework
<twb> |rt|: it can do both
<owh> twb, I've been doing that for hours now. #postfix suggest using policyd which appears to be postfix-policyd, but the documentation I can find is for v2.x, not the one that comes with hardy, v1.x
<jmarsden> owh: postfix-policyd is 1.82-* in everything from hardy to oneiric ... are you sure you need 2.x of it?
<owh> jmarsden: I'm happy to stay with 1.82-*, but the documentation on www.policyd.org is for v2.* -- I cannot find docs/howtos for 1.82-*
<owh> Unless I missed something somewhere?
<jmarsden> /usr/share/doc/postfix-policyd/README.gz
<jmarsden> owh: The docs that come in the postfix-policyd package should be sufficient... I think?
<owh> jmarsden: I've read that document several times - but I might have missed something - I'm needing to limit the number of messages to a relayhost, not by sender, not by recipient, not by domain, etc.
<jmarsden> Can't you just do the 'netblock' example, and make the 'netblock' match string be '%' so it matches all netblocks?
<jmarsden> I have not tried it, but it looks like it ought to work for you.
<owh> jmarsden: That sounds interesting. I'm also trying to track down using transport_destination_rate_delay, which appears to work within postfix, but it's unclear how it's supposed to work, since `transport` needs to be changed to the name of your transport, which would be smtp, but I cannot find how my relayhost is linked to smtp.
<owh> Hmm, unless this line in master.cf is the culprit:
<owh> relay     unix  -       -       n       -       -       smtp
<jmarsden> Worst case, set both smtp_destination_rate_delay and relay_destination_rate_delay and see which one works :)
<owh> ROTFL
<owh> Thank you, I needed that.
<owh> Let me remove postfix-policyd and see if that keeps my email still working :)
<Sakara> twb: Isssue with authorization and the www-data uid was resovled by creating an associated kerberos principal
<twb> Sakara: nice
<Sakara> ty for your input it really help crack that one
<twb> Sakara: I thought it would be harder than just an addprin
<Sakara> I'd overlooked adding it because its not a real uid I think about alot becuase its only really used on the one machine (the web server)
<Sakara> cheers  again
<twb> np
<shadow42085> I am following the doc on mail server setup at https://help.ubuntu.com/community/PostfixBasicSetupHowto i can recieve mail but I can't send any ideas?
<trimeta> My server is doing the thing where landscape has its information repeated twice, and the second copy refuses to update or go away no matter how out of date it gets.
<trimeta> Which file did I need to delete to force it to refresh the information?
<twb> trimeta: landscape as in canonical's proprietary puppet analogue?
<jonesst1> anybody used kerberos/ldap cleints on ubuntu?
<uvirtbot> New bug: #781283 in mysql-5.1 (main) "mysqlreport crashed with SIGSEGV in malloc_consolidate()" [Medium,New] https://launchpad.net/bugs/781283
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<jonesst1> ok so where does kerberos failures get dumped?
<jonesst1> messages?
<jonesst1> cd /var/log/
<jonesst1> oops
<jonesst1> hehehe
<jonesst1> ls -l
<trimeta> twb: Landscape as in the thing that collects system information into /etc/motd.
<trimeta> Is there another name for that?
<twb> trimeta: er, no, it isn't
<owh> jmarsden: FYI, I've added smtp_destination_rate_delay to main.cf and reloaded postfix and it appears to be working. What I don't know is what side-effects this might have, but at least I've gotten one step closer -- thanks!
<twb> trimeta: try :>/etc/motd and then log in again
<jmarsden> owh: You're welcome :)
<twb> trimeta: that's how I fixed that specific symptom on my lucid boxes (which definitely DON'T have landscape)
<trimeta> Does that command replace /etc/motd with an empty file?
<twb> Yes
<twb> Back it up first if you don't trust me
<trimeta> Right now /etc/motd is a symlink to /var/run/motd, which (according to the manpages) is created by runpart'ing /etc/update-motd.d/
<trimeta> I tried moving /var/run/motd to /var/run/motd.bad, but a new /var/run/motd was created identical to the first (with the same badness).
<twb> Hum
<twb> Sorry, brain fart
<twb> I meant :>/etc/motd.tail
<trimeta> OK, that fixed it. Why does the spurious tail file get created?
<shadow42085> does anybody know how to fix this I am following the doc on mail server setup at https://help.ubuntu.com/community/PostfixBasicSetupHowto i can recieve mail but I can't send any ideas?
<uvirtbot> New bug: #604593 in libpam-ldap (main) "pam_unix "account" returns success on a user with an invalid shadow password." [Undecided,Confirmed] https://launchpad.net/bugs/604593
<kickar> hey guys I have a database in cirilyc with encoding latin1. On my ubuntu machine it looks ok, but on my other ubuntu machine is all messed up. can anyone help me?
 * negronjl is calling it a night
<kickar> hey guys, can you help me change the default charset of mysql server
<uvirtbot> New bug: #794443 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/794443
<nigelb> Is it the update-motd package which updates the message saying X number of packages need updating and System needs reboot and all that?
<twb> nigelb: try :>/etc/motd.tail
<nigelb> twb: I found that file, but I'm trying to figure out what updates it
<twb> I mean run the command ":>/etc/motd.tail" and the issue where you get two copies of motd will disappear
<nigelb> twb: oh, ah!
<nigelb> twb: hrm, I still have one file, but that's not up-to-date
<twb> Damn
<twb> That worked for me
<twb> Try logging in again
<dfgdfg> hi
<dfgdfg> i belive that this is not the right channel but anyway i need helt with an easy htaccess question
<xilentares> could somebody help me ? it hast to do with url rewriting
<xilentares> or recommend me another channel ?
<xampart> try #apache
<xilentares> i dont know why but i cant join it ive already tried it
<xilentares> come on guys nobody ?
<soren> You will never find answers to questions you never ask.
<xampart> true dat
<xilentares> hmm okay.i have a gallery that generates a link like that index.php?id=gallery&album=test know i want that the output is /gallery/test for the user. the rest of the page is already seo optimized
<xilentares> my idea was : RewriteRule ^/(a-zA-Z0-9)/(a-zA-Z0-9)$ /index.php?id=$1&album=$2 [L]
<xilentares> but this dosnt worked :S
<xilentares> is that because the url is generated internal ?
<Siekacz1> hi all! I've got a strange problem with DHCP and DNS - DHCP server (ubuntu server) doesn't send DNS addresses to windows workstations
<Siekacz1> there is option domain-name-servers line in dhcpd.conf, but no workstations received DNS IPs
<Siekacz1> connection works
<Siekacz1> problems with bind9?
<soren> xilentares: Your regexes are wrong.
<soren> xilentares: You'll only ever match this url: "/a-zA-Z0-9/a-zA-Z0-9"
<mncl-core> Good Day!
<soren> xilentares: You want something like: RewriteRule ^/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)$ /index.php?id=$1&album=$2 [L]
<xilentares> hmm thanks soren but it dosnt work for me :( i will experiment a bit more with it^^
<soren> xilentares: It works for me.
<soren> I just tested it.
<xilentares> The requested URL /gallery/test/ was not found on this server.
<xilentares> if i visit localhost/gallery/test it opens internal localhost/index.php?id=gallery?album=test ,right ?
<uvirtbot> New bug: #636480 in postfix (main) "Postfix and PowerDNS cannot bind to IPv6-IPs on boot" [Undecided,New] https://launchpad.net/bugs/636480
<xilentares> soren : thanks got in know :)
<seicherlbob> hi! I'm running a server with ubuntu Lucid (server edition). On this server, there is a VM i use for testing and development. Now i wanted to simulate a loss of network connection for a program, i am developing and I closed the tap device of the guest VM on the host server (ifdown tap02). Now i can not bring it up again. ifup tap02 tells me "TUNSETIFF: Device or resource busy". Any suggestions?
<seicherlbob> i think there was a tcp connection open when i teared down the interface. maybe that tcp connection keeps the device busy, although its said to be down. Is there a way to flush and close this connection manually? Rebooting is not an option.
<seicherlbob> ok. got it: you can not bring up the connection, when the VM behind it is up. The VM needs to be down/stopped - then you can bring up the connection again.
<sommer> good morning internets
<cocoa117> if ubuntu domU can't see the newly assigned memory (e.g. free -m), what's the point having the ability to do it in dom0?
<cocoa117> i am using Ubuntu 10.04, and the ballon=y in the kernel
<cocoa117> even after i assigned more RAM to domU ubuntu, the free -m can't see it, so i am using it won't use it
<zul> Daviey: http://people.canonical.com/~chucks/gpxe-cobbler.patch
<hallyn> cmagina: after pushing multipath-tools to oneiric last night, it occurred to methat the 'add|change' rule in kpartx.udev is idiotic - it just modprobes dm-multipath.  Which doesn't exist.
<hallyn> think i'll open a bug to remove all dm-multipath references, which should amount to changes to 3 files
<cmagina> hallyn: sounds like a good idea.  i haven't looked at all those bits, but if you want another set of eyes on any of this, just toss it my way
<hallyn> cmagina: cool, thanks.  more eyes++
<tyreza> hello there
<tyreza> how to perform a complete hardware check on a server ?
<patdk-wk> flashlight and paper pad?
<tyreza> ?
<Pici> tyreza: What exactly were you hoping to accomplish?
<tyreza> i simply want to make a complete hardware check
<Pici> I don't know what that means.
<Pici> What are you checking?
<tyreza> my system reboot automatically
<tyreza> when i m working on it
<tyreza> so i need to make a complete check
<tyreza> so my question how ?
<tyreza> ? anyone there
<tyreza> i can't see the difficulty on my question ?
<guillemhs> hi!
<guillemhs> it is easier to speak directly to a person
<greppy> guillemhs: just ask your question, if someone knows, they'll respond.
<kaushal> Hi
<pmatulis> hi
<kaushal> pmatulis: Any idea about the availability of JAVA6 U26 ?
<kaushal> on Ubuntu Server 10.04 LTS
<pmatulis> kaushal: i'm sorry, i don't know what JAVA6 U26 is
<kaushal> ok
<hallyn> cmagina: nm, i guess we should support custom kernels :)  leaving that alone
<cmagina> hallyn: ah, yeah, didn't think about that
<cmagina> hallyn: good catch
<uvirtbot> New bug: #656421 in samba (main) "No DNS Updates on Domain-Registered Server in Win2k8R2 enviroment" [Undecided,New] https://launchpad.net/bugs/656421
<cthompson> hello, how can I show what partition / is on? it doesn't show up in df or fstab.
<genii-around> cthompson: mount       ?
<cthompson> well, it looks like I had to edit fstab to allow the kernel to mount / on a raid partition /dev/md0, after that: df: /dev/md0 on /   (all good)
<cthompson> thanks though
 * genii-around sips his coffee and ponders if cthompson has raid modules in his initrd
<Daviey> ho.
<RoAkSoAx> Daviey: hu
<Daviey> RoAkSoAx: o/
<RoAkSoAx> Daviey: o/ how's it going today man?
<Daviey> RoAkSoAx: not so good.. primary laptop power cable busted.
<Daviey> Yourself sir?
<lynxman> Daviey: darn :/
<TREllis> doo-do-be-do
<TREllis> afternoon
<lynxman> TREllis, RoAkSoAx, zul, negronjl
<lynxman> talk is about squid-deb-proxy + cobbler on orchestra
<lynxman> orchestra has some cobbler snippets and a mini.iso importer for new distros
<lynxman> RoAkSoAx: you were saying? :)
<lynxman> zul: you pointed it needed to work with debian and d-i instead of kickstart, right?
<lynxman> hey Daviey o/
<zul> right because thats what we use
<TREllis> cobbler uses debmirror to do repository mirroring, at the moment we use deb-squid-proxy as a cache instead
<RoAkSoAx> TREllis: debmirror works now
 * zul lunches
<RoAkSoAx> TREllis: the only thing, is you want to install anything using that local mirror
<lynxman> zul: bon appetit!
<RoAkSoAx> s/is/if
<RoAkSoAx> you need to tell the preseed that the mirror is there
<TREllis> RoAkSoAx: yeah you'd need to tweak the preseed
<RoAkSoAx> TREllis: yeah, so using snippets we can do that automatically, but we need to find a way of doing so :)
<RoAkSoAx> TREllis: that's why I was saying, whenever there's a local mirror for a profile, use that snippet/preseed/wathever
<TREllis> RoAkSoAx: so basically, we need a snippet that checks if a mirror is present and uses it if it is, otherwise use the proxy
<RoAkSoAx> TREllis: if there's not, and we now that we are using squid-deb-proxy, use the preseed for that purpose
<RoAkSoAx> TREllis: correct
<TREllis> my working with cheetah is quite limited, you can probably do it though
<lynxman> RoAkSoAx: you want to take that as an action item?
<lullabud> got a weird problem with ubuntu 11 and vmware fusion. after upgrading to 11, my terminal does not work at all.  i can still ssh in, but the local terminal is just blank.
<lullabud> no X.  the VM has been upgraded through a few versions of ubuntu.
<lullabud> oh, wait, there's simply a blinking cursor up in the top left now.  sometimes it's there, sometimes it's not.
<lynxman> RoAkSoAx: where are we keeping track of the actions items for this btw :>
<lullabud> ok, now i see that it's simply defaulting to tty7, which is blank.
<RoAkSoAx> lynxman: sure, I'm currently finishing the repository thing when adding an ubuntu mini.iso.... and checking the debmirror stuff is working well
<lynxman> RoAkSoAx: excellent :)
<RoAkSoAx> then I'll document the preseed changes needed to use the local mirror
<RoAkSoAx> lynxman: and we can get the snippets after that
<TREllis> sounds good
<lynxman> RoAkSoAx: sounds good, you're the best... arooound
<lynxman> RoAkSoAx: sorry, grew up in the 80ies
<RoAkSoAx> other than that, mini.iso import detection should be done automatically this cycle, as cjwatson agreed on providing us with something to allow detection
<RoAkSoAx> so we can drop having to manually specify breed, os version, etc
<lynxman> RoAkSoAx: that would mean submitting a patch for cobbler, the way it's detected now is through the directory structure
<lynxman> RoAkSoAx: it's easy to patch, I can do that even :)
<RoAkSoAx> lynxman: yeah I'll take care of that too
<lynxman> RoAkSoAx: rocking
<RoAkSoAx> lynxman: the idea is to submit to upstream most of the stuff we do here
<RoAkSoAx> off course, not the orchestra part but cobbler itself
<lynxman> RoAkSoAx: that's always the idea :)
<RoAkSoAx> lynxman: what else is worrying you?
<RoAkSoAx> :)
<lynxman> RoAkSoAx: we decided at UDS that we would use a bit more the cobbler API in order to store somewhere hardware profiles for the hardware in the orchestra server network
<SpamapS> lynxman: +1 .. have you guys had a chance to see if thats even feasible ?
<lynxman> RoAkSoAx: would like to get your initial ideas about how to attack that, I know this is a long term project thinking, but wanted to know your ideas
<RoAkSoAx> lynxman: i believe that would be using the "System" concept in cobbler
<lynxman> SpamapS: not yet, we're knee deep into making all the parts work well for our demo at Structure in 2 weeks :)
<SpamapS> indeed
<RoAkSoAx> lynxman: have you guys looked into the "Systems"
<lynxman> RoAkSoAx: not yet, that's why I wanted your initial ideas, so I know where to look in ;)
<RoAkSoAx> lynxman: http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/5.3/html/Reference_Guide/s1-cobbler-addsystem.html
<RoAkSoAx> provides a brief, understandable introduction to it :)
<lynxman> RoAkSoAx: thanks :)
<lynxman> *bookmarks it*
<TREllis> lynxman: system profiles in general are cool, as long as you have the mac address of a system, you can assign a kickstart/preseed for it to use
<RoAkSoAx> TREllis: you cannot use cobbler deploy though to deploy a machine AFAIK
<Daviey> hey lynxman o/
<lynxman> TREllis: the idea was to have a specialized mini boot image that would just boot up, compile system information and report back then shut down
<TREllis> RoAkSoAx: yeah, uses the fence tools right?
<TREllis> lynxman: that's a neat idea, I've seen a similar thing used in a bank before
<RoAkSoAx> oh btw.. fence-agents have been already uploaded and are in the NEW queue
<RoAkSoAx> so we should see them next week
<lynxman> then once we got the info we can just install the basic image and from there take a logical decision towards what kind of application can be fit in the hardware
<RoAkSoAx> TREllis: yes and no... the "deploy" feature has been disabled upstream
<RoAkSoAx> TREllis: "This feature was removed from Cobbler 2.0 and may be present in a future release. It is not yet implemented in the code as I wanted to revisit and rewrite much of the core implementation -- Michael"
<TREllis> lynxman: is there going to be somewhere to store that data in orchestra then?
<RoAkSoAx> in https://fedorahosted.org/cobbler/wiki/DeployFeature
<TREllis> RoAkSoAx: fair enough
<lynxman> TREllis: that's another different dimension :)
<lynxman> TREllis: I reckon we'll store it in mysql or such, but at some point we want that to evolve into the metadata service
<Daviey> lynxman: if the debmirror local mirror is presented over http... squid-deb=proxy could use that as it's upstream mirror.  Perhaps wasteful.. but easier to implement, and the autodiscovery magic would still work.
<TREllis> RoAkSoAx: and since that was michael, we can assume it's been disabled for a while then and hasn't been looked at
<RoAkSoAx> TREllis: indeed!
<lynxman> Daviey: very good point!
<TREllis> Daviey: duplicate data though?
<RoAkSoAx> Daviey lynxman yeah but that would be using snippets to tweak it anyway
<TREllis> Daviey: ie you need twice the storage, once for the mirror once for the cache
<Daviey> lynxman: I have a python script for adding new hardware to cobbler btw
<Daviey> i need to add facter output to it.
<lynxman> Daviey: oooh, can we see it somewhere?
<RoAkSoAx> TREllis: yeah
<RoAkSoAx> Daviey: if we have a local mirror, then ew don't really need squid-deb-proxy
<TREllis> RoAkSoAx: well, unless you are doing deployments over long distance links, mirror in one DC, cache in the other
<lynxman> RoAkSoAx: what we like about squid-deb-proxy is proxy auto discovery
<RoAkSoAx> lynxman: yeah
<Daviey> lynxman: it's only simple atm, i was using it to experiement with the RPC api.  Seems to work well.  It's for the auto discovery WI
<RoAkSoAx> TREllis: yeah but AFAIK, for that reason you;d have a second cobbler server/mirror
<RoAkSoAx> TREllis: that's the whole point of having a local mirror :)
<RoAkSoAx> not use long distance links :)
<TREllis> RoAkSoAx: you'd only get the hit on the cache once :)
<TREllis> I know plenty of people who do that
<Daviey> TREllis: in that example, the squid-deb-proxy cache size could be tweaked to be very minimal.. perhaps 0.  However, TBH, for a base install - we are not talking about that much TBH.
<TREllis> Daviey: yeah, very true
<lynxman> calling mvo into this, maybe he has some good ideas
<Daviey> I think we should have a call about this soon..
<Daviey> ideally this week.
<Daviey> who wants to be on it?
<RoAkSoAx> TREllis: right, but in that case we have a server for solely be a mirror cache
<lynxman> Daviey: me :)
<TREllis> RoAkSoAx: true. I like the idea of the snippet determining if you have a mirror or cache setup
<RoAkSoAx> TREllis: yeah
<lynxman> TREllis: indeed, it should be smart enough
<lynxman> now my main concern is the cobbler mirroring + squid-deb-proxy integration
<lynxman> or if we should just scratch squid-deb-proxy from orchestra and go straight for cobbler mirroring
<SpamapS> If cobbler is a local mirror, why do you need s-d-p ?
<TREllis> Daviey: would love to listen in, but heading to the IoW festival :-)
<SpamapS> s-d-p is for when you don't want a local mirror
<lynxman> SpamapS: exactly what I was asking :)
<lynxman> TREllis: that's what you cool kids call it now? :D
<Daviey> TREllis: slack.
<lynxman> Daviey: he totally is
<TREllis>  /part
<TREllis> :-)
<lynxman> TREllis: you had one space in front of that part
<Daviey>  /kick TREllis too slack for here.
<TREllis> SpamapS: agreed, guess that leaves it up to the snippet then: if debmirror is installed, point to it; else use s-d-p
<lynxman> TREllis: yeah but s-d-p is installed by default on the client side, how we can take a smartz decision like that from the package?
<TREllis> Daviey: it's a hard live, but someone has to do it
<Daviey> I'd like to hear mvo's view.. but i'd like to experiement with have s-d-p as the primary interface.. With either a local mirror (debproxy) or primary external mirror providing it.
<Daviey> TREllis: indeed.
<TREllis> s/debproxy/debmirror ?
<TREllis> since that's what cobbler uses by default
<lynxman> Daviey: messaged mvo, I think it's doable...
<Daviey> lynxman: can you ask him to join here, so we can all jump on him?
<Daviey> :)
<RoAkSoAx> Daviey: right, but using s-d-p when we have a local mirror doesn't really make sense
<lynxman> Daviey: I did that 10 mins ago, I guess he's afraid... or having dinner. I'll go with afraid
<TREllis> are we pulling in debmirror 2.7 to oneiric? has a kickass feature --debmarshal
<RoAkSoAx> cause you'd be cashing, what we already have "cached" locally
<SpamapS> Why would I want to go  ->squid->debmirror ?
<Daviey> RoAkSoAx: no.. it doesn't make lots of sense.. but if it's our primary interface it should be investigated IMO.
<lynxman> SpamapS: it's just that we install s-d-p-client as default on the orchestra client, we were seeing a smart way to be able to use either debmirror or s-d-p as required
<Daviey> TREllis: don't complicate things with asking for debmarshal support :)
<lynxman> Daviey: we want debmarshal support *hides*
<negronjl> I agree with the keeping it simple part.
<lynxman> negronjl: +1
<TREllis> Daviey: hehe, <3 debmarshal
<Daviey> Grr.
<TREllis> Daviey: although I moved my local mirror to reprepro anyway
<zul> lynxman: about the hardware profiles cobbler has couchdb support but its not secure at all ust yet
<Daviey> TREllis: sane here :)
<Daviey> Ahhhhhhhhhhhhhhhhhhhhhhhhhhhhh!
<lynxman> zul: maybe it would just be easier to have a mysql plugin? it's extra easy
<lynxman> TREllis: stop scaring Daviey please
<zul> lynxman: ergh...
<Daviey> couchdb keeps me awake at night.
<SpamapS> Since cobbler is going to seed the thing.. s-d-p client is actually, IMO, kind of unnecessary.
<lynxman> zul: I know you like it, but couchdb... bleh
<negronjl> zul, lynxman:  mysql +1
<zul> lynxman: sqlite database would be easier
<Daviey> i swear there is a couchdb hiding under my bed.
<SpamapS> The advantage of s-d-p is just that its specifically only allowing proxying of ubuntu.
<lynxman> zul: don't get me started on sqlite
<RoAkSoAx> Daviey: but that's the thing, whenever someone doesn't want to have the local mirror in full... there's no need to do so and we can use s-d-p for that
<lynxman> SpamapS: exactly
<negronjl> adding couchdb would add more complexity plus pretty much everyone already knows mysql
<RoAkSoAx> Daviey: but if someone *wants* to have their own local mirror
<lynxman> zul: just trying to think 2 steps forward towards the metadata service
<RoAkSoAx> Daviey: then they should be able to without having the hasle of installing s-d-p client
<SpamapS> And why again aren't we just using the data storage capabilities built into cobbler?
<zul> thats what i said
<Daviey> RoAkSoAx: it's installed by default via the client package.
<Daviey> SpamapS: have you used that?
<negronjl> What is the *main* reason for having s-d-p/debmirror in orchestra ?
<lynxman> negronjl: not having n-hundred machines pulling packages
<RoAkSoAx> Daviey: I know :) but still if someone wants to sync the whole mirror for one release, they should be able to do so
<lynxman> negronjl: so reduce bandwidth consumption drastically
<negronjl> ok....so, find the simplest way to accomplish *that*
<RoAkSoAx> Daviey: but if they do so and use it, s-d-p client has no point
<negronjl> it seems that the conversation is going in multiple directions at the same time :/
<lynxman> negronjl: *g*
<Daviey> RoAkSoAx: ack, i'm not disagreeing with that
<SpamapS> Daviey: IIRC, it is just json files on disk. But the point is that its already got a database of machines that I am provisioning. To have two databases of machines I'm provisioning, instead of enhancing the first.. seems a bit failure prone.
<lynxman> negronjl: it is
<RoAkSoAx> Daviey: yeah that';s why we should keep both as options and make sure they both work well :)
<Daviey> SpamapS: hmm. i'm not sure i follow.
<SpamapS> I agree with negronjl
<lynxman> SpamapS: Daviey: So how about we see the different approach scenarios for the hardware database and we all decide which one is the one we should proceed forward with?
<SpamapS> two conversations are intermingled
<SpamapS> a) proxying/mirroring
<SpamapS> b) metadata
<SpamapS> lets just wrap up the a) before talking about b
<zul> c) hardware database and then c
<SpamapS> zul: thats the same thing as metadata
<Daviey> Okay.. I am proposing that we investigate always using squid-deb=proxy.  The parent mirror can either be a local archive, or a public shared one.
<Daviey> Yes, there is potentially a wasteful extra layer in the stack.
<Daviey> However it should make things simplier to construct.
<lynxman> Daviey: could this be useful you think in order to let the user decide if they want s-d-p or a full mirror?
<Daviey> lynxman: Well i am proposing that we always using s-d-p, regardless of what feeds it.
<SpamapS> I can see an advantage where the clients will pull updates from any s-d-p on the network going forward too.
<SpamapS> And we're basically just talking about the *default* seed .. it will be highly configurable.
<Daviey> Chaps.. i need to stop for food right now.  I'll catch up on scrollback on my return.
<lynxman> SpamapS: I do agree that keeping s-d-p in the loop is a good idea, I like s-d-p and mvo has done some amazing work
<RoAkSoAx> Daviey: right, but if we do so.. we end up having a local mirror + local cache = double storage usage
<RoAkSoAx> Daviey: one of the reasons debmirror was not specifically used as the *only* solution is because it consumes much more storage space than using s-d-p
<lynxman> RoAkSoAx: I'm pretty sure mvo knows a way where s-d-p will just read the local mirror if needed
<SpamapS> its squid
<SpamapS> land of 1000 config options
<lynxman> RoAkSoAx: so we can just use a debconf to say "use local mirror" or "use cache"
<lynxman> SpamapS: exactly, it can do whatever we want :)
<tucemiux> hey anyone here use apcupsd ?
<RoAkSoAx> lynxman: yeah
<SpamapS> So, disable caching of the local mirror on disk (still put it in RAM, should speed things up)..
<SpamapS> that should be pretty easy.
<lynxman> SpamapS: yeah, I think that's easily doable through debconf, we've started to introduce debconf hooks to s-d-p
<lynxman> tucemiux: ask your question and see if someone can answer, fishing will just take longer :)
<negronjl> should we just have a separate orchestra-caching server where all of these config questions can be asked?
<lynxman> negronjl: that's part of the provisioning server
<lynxman> negronjl: I would rather not make a caching server tbh, makes no sense to make it in a different machine than the provisioner
<negronjl> lynxman:  it is now, but with n-hundred servers pulling off of it, it could become overwhelmed
<lynxman> negronjl: you think so? hmm
<negronjl> lynxman:  it could yes
<lynxman> negronjl: I'd rather jump that hurdle when we get to it
<TREllis> negronjl: possibily, of course those systems would only be pulling at the same time for updates, not building (unless you enjoy building 100 servers at once o_O)
<lynxman> negronjl: since if we start observing that scenarios now, we can say the same for the monitoring, for the logging, etc
<SpamapS> squid can take thousands of concurrent requests
<lynxman> SpamapS: that is also true
<SpamapS> I'd suspect cobbler would have a harder time serving up the pre-seeds before a single squid instance would have any trouble
<SpamapS> at the point where you need to install more than say, 500 machines at once, you can figure out the load balancing yourself
<SpamapS> orchestra is "make it easy to install ubuntu server" not "make it easy to build skynet"
<SpamapS> thats ensemble ;)
<lynxman> SpamapS: it's even on the roadmap
<TREllis> lol
 * TREllis --> food
<lynxman> SpamapS: in all fairness, skynet is also on the orchestra roadmap for the P cycle
<lynxman> :)
 * SpamapS orders another pallet of canned food for his bunker
<SpamapS> noted
<lynxman> rofl
<negronjl> SpamapS, lynxman:  we can then have both Skynet bots battle it out like the old computer chess programs used to do.
<lynxman> negronjl: I see it more as "two skynets going to Jeopardy" scenario
<SpamapS> Hah yeah, Orchestra's hardware vs. Ensemble's endless scalability
<lynxman> "I'll take doomsday scenarios caused by computers for $200 Alex"
<tucemiux> i'm wondering if it's safe to install apcupsd and configure it remotely with the UPS connected ?
<SpamapS> hopefully world domination isn't I/O bound or ensemble is *SCREWED*
<lynxman> tucemiux: you need to be very very careful of course, but you can try :)
<lynxman> tucemiux: I would personally not do it unless you have someone at the other side
<shauno> ditto.  I've not had a problem with it, but wouldn't want to tempt fate
<tucemiux> lynxman: i dont have anyone in the other side, I guess I'll wait until i'm next to the server then :-(
<lynxman> shauno: my experience with it is very good as well
<lynxman> tucemiux: would be the careful thing to do, specially if your job/money/girlfriend/dog depends on the server running
<tucemiux> lynxman: its my own server where I keep my hilton videos, I'm just worried I'll burn the house down or something
<lynxman> tucemiux: worst case scenario the APC will shot down the server, no burning house down scenario
<lynxman> s/shot/shut/
<lynxman> Daviey: so let's schedule a call for next week? TREllis, SpamapS, negronjl, RoAkSoAx, zul okay with it?
<zul> yep
<tucemiux> lynxman: ahhh in that case I can go ahead and do it, if the server shut down my irssi connection goes down, no biggie, no trades or email messages will be lost o.O
<Daviey> Chaps... i was just thinking.  If the avahi support is added to debmirror, -provisioning-server could Recommend: squid-deb-proxy <pipe> debmirror-avahi
<Daviey> (forgive the <pipe>, not sre where it is on this whizzy keyboard)
<tucemiux> I'm ok with it !
<lynxman> Daviey: | <-- cut and paste
<Daviey> lol
<lynxman> tucemiux: have fun then :)
<tucemiux> lynxman: thanks! let me get to it, have you ever configured an apcupsd ?
<lynxman> tucemiux: yes, but it was with a very very very old APC, one of those that had a lever and a horse running in circles around it
<lynxman> Daviey: I think that would be a very cool and scalable solution
<tucemiux> lynxman: well too bad I didnt have the pleasure to have a lever on mines :-(
<Daviey> lynxman: make it so :)
<RoAkSoAx> zul: how does hits looks to you: http://paste.ubuntu.com/621892/ basically, if the host is a debian/ubuntu it should obtain the mirror from python-apt and create the repo pointing to that mirror when importin mini.iso
<lynxman> tucemiux: the problem wasn't the lever, it was the horse
<zul> checking
<zul> RoAkSoAx: looks good
<RoAkSoAx> zul: cool. It's ubuntu specific for now, but once I get the change to install debian I'll test it as well so that we cna forward that upstream
<zul> cool beans
<Daviey> RoAkSoAx: Why not just check the python-apt stuff before assuming the dist is ubuntu?
<RoAkSoAx> Daviey: technically it should work with bot debian/ubuntu, but I need to test it in debian first before I assume that it works with it as well
<tdelam> I've been hacked, I fixed some of the issues but I still see a lot of outgoing network traffic from various Ukraine IP's using nethogs. How can I dig even deeper to see what this traffic is and where it is coming from on my server?
<RoAkSoAx> Daviey: note that this only happens to set the same archive that the host uses foreach repo created when importin a mini.iso
<tucemiux> lynxman: hey, I just configured my apcupsd, do I have to reboot or something ?
<lynxman> tucemiux: if the service is running, it's all done and sweet
<tucemiux> lynxman: how do I check to see if the server is running? lsmod?
<lynxman> tucemiux: service apcupsd status i guess
<lynxman> tucemiux: check the logs as well
<tucemiux> lynxman: Error contacting apcupsd @ localhost:3551: Connection refused
<lynxman> tucemiux: then it's not running, check logs and see why
<lynxman> tucemiux: rinse, repeat
<RoAkSoAx> lynxman: do you have a cobbler server running atm?
<lynxman> RoAkSoAx: I think negronjl does
<lynxman> RoAkSoAx: but not on my side
<lynxman> RoAkSoAx: although if you want one, apt-add-repository ppa:orchestra/ppa then install ubuntu-orchestra-server
<RoAkSoAx> lynxman: i do have one already :)
<RoAkSoAx> lynxman: just wanted to check something but no worries :)
<lynxman> RoAkSoAx: you hogger :P
<RoAkSoAx> zul: when you hvae the time, could you try importing a debian ISO? I think it's not adding a distro/profile when doing so
<tucemiux> lynxman: how do I add acpdusbd to my /etc/hosts.allow ??
<tucemiux> lynxman: sudo service apcupsd start
<tucemiux> service apcupsd status
 * RoAkSoAx lunches
 * Daviey ponders what RoAkSoAx is having.
<tucemiux> how do I check what services are scheduled to be runned automatically ?
<SpamapS> tucemiux: if its installed, it will be started
<SpamapS> tucemiux: unless you manually disabled it
<tucemiux> SpamapS:  well I just installed apcupsd and I'm trying to figure out if it's scheduled to run at boot up time,I had to manually start it
<RoyK> SpamapS: the ones using upstart, I don't know, perhaps service --status-all - the ones not using upstart will be listed under /etc/rc2.d
<RoyK> tucemiux: wrong answer - the ones running aren't necessarily the ones scheduled for start - in case something goes wrong and a service fails to start
<SpamapS> tucemiux: sometimes a service needs to be configured/enabled .. but usually they should just start
 * SpamapS hates that we have two init systems. :-P
<tucemiux> RoyK: yeah, i figured that much, if I manually start a service it doesnt mean it will automatically start at boot up, how do I check if a service is scheduled to start at boot up?
 * SpamapS is trying to type a succinct answer and there isn't one. :-P
<SpamapS> tucemiux: if there's a /etc/init/apcupsd.conf , look in there for any reasons it might not have started. Otherwise /etc/init.d/apcupsd
<SpamapS> tucemiux: you may have a file, /etc/default/apcupsd that you have to edit to enable it at boot time.
<SpamapS> tucemiux: this info *should* be documented in /usr/share/doc/apcupsd/README.Debian
<tucemiux> SpamapS: so basically, services that run at boot up are configured in "/etc/default/[]"
<SpamapS> tucemiux: its not that simple
<SpamapS> tucemiux: SOME services are disabled because they require you to configure them before starting automatically.
<tucemiux> SpamapS: so that's why ISCONFIGURED needs to say yes, is that how a service is enabled/disabled in /etc/default/?
<SpamapS> tucemiux: they're all different unfortunately.
<SpamapS> would be really nice if they weren't
<tucemiux> SpamapS: ok well at least I got apcupsd up and running, I'll reboot my server when I get home to find out if the service repawns on a reboot
<tucemiux> hey is it safe to test a UPS by unplugging it from the outlet ?
<SpamapS> tucemiux: many of them have test buttons ;)
<SpamapS> tucemiux: but if it doesn't, then yes
<SpamapS> tucemiux: just make sure its charged
<tucemiux> SpamapS: yeah, it's charged, I was setting up the thing and wanted to place it somewhere else, I unplugged it and the thing was still on with plenty of juice so I'm like... ok well at least I know that works he he he
<adam_g> lynxman: ping
<MrBIOS> hey folks, ogra over in #ubuntu-arm just sent me this way. I'm looking for anybody who considers themselves part of the "arm server team"
<kirkland> RoAkSoAx: pong
<adam_g> kirkland: hey, maybe you know.. do the orchestra mcollective plugins need anything special in terms of puppet class paramters to get things deployed via the 'role' fact?
<adam_g> would something like this work, or would it need to be simplified? http://paste.ubuntu.com/621948/
<SpamapS> MrBIOS: there's no "ARM server team".. just "server team". :)
<MrBIOS> SpamapS, understood, then "people interested in ARM who are on the server team"
<SpamapS> MrBIOS: Lots of us. Did you have some hardware for us? ;)
<kirkland> adam_g: really a question for negronjl and lynxman
<negronjl> adam_g:  looking at your pastebin....can you elaborate a bit on what you are trying to do here?
<RoAkSoAx> kirkland: o/ what do you think: http://paste.ubuntu.com/621958/
<kirkland> RoAkSoAx: nice
<kirkland> RoAkSoAx: looks good
<RoAkSoAx> kirkland: though, just realized that it does not handle reconfiguration
<adam_g> negronjl: openstack on a single node
<Daviey> MrBIOS: can we help?
<RoAkSoAx> Daviey: i had "Aji de Gallina" typical plate from Peru
<Daviey> RoAkSoAx: sounds tasty!
 * RoAkSoAx , lucky him... he found a peruvian restaurant right accross the street!
<RoAkSoAx> Daviey: yeah it is :D
<Daviey> adam_g: I assume those values won't be put into a apackage?
<adam_g> Daviey: no, that would be an upper level class that someone can construct to make use of the nova module
<Daviey> adam_g: ok, super
<adam_g> negronjl: https://github.com/gandelman-a/puppetlabs-nova/tree/dev/nova if you are interested in looking at the entire module
<Daviey> github makes me cry
<adam_g> yeah. :(
<negronjl> adam_g:  what's the name of the file you pasted on pastebin ?
<Daviey> /nova/test/ubuntu/* ?
<adam_g> negronjl: nova/tests/ubuntu/all.pp
<negronjl> Daviey, adam_g:  thx.  reading now
<zul> adam_g: you know we are using kvm on nova right? :)
<adam_g> zul: yes, why do you ask?
<zul> adam_g: it seems to be using xen
<adam_g> no, it uses kvm/libvirt default
<negronjl> adam_g:  I don't see anything that seems wrong ( didn't test the regexes in puppetlabs-nova / nova / lib / puppet / provider / nova_config / parsed.rb though )
<adam_g> zul: one of the other people working on it is going to be using xenserver for compute.  there are some optional config parameters for that.
<negronjl> adam_g:  all.pp seems to be right as well.
<zul> ok cool..thats probably going to be an ubuntu patch ;)
<adam_g> zul: the module should support both just fine wihtout patches
<zul> good good
<adam_g> that reminds me
<adam_g> http://blog.xen.org/index.php/2011/06/05/xcp-on-ubuntu/
<adam_g> zul: ^ we'll probably have xenserver on ubuntu as compute nodes at some point in the future.
<zul> adam_g: the community xen.org version probably yes
<adam_g> its the bleeding edge of the commercial version. or has something changed since citrix opensourced it last year? i haven't followed too closely
<RoyK> adam_g: we have a xenserver setup - five nodes - I haven't gotten around to find out how to easly setup a pvm on that with ubuntu yet
<zul> adam_g: i havent really looked at the xenserver bits its kind of like fedora
<adam_g> zul: right
<zul> adam_g: we are focusing on xen.org bits though
<adam_g> in any case, XCP/xenserver on ubuntu rather than centos 5.4 would be great.
<RoyK> kvm works well too
 * RoyK just setup his first kvm vm in production at work
<RoyK> some idiot at ittvis.com found that redhat was the perfect linux platform for IDL, so IDL didn't install on ubuntu, so I setup a CentOS VM for it :P
 * negronjl is getting food
<Daviey> SpamapS: Have you been able to find a sponsor for txzookeeper into Debian?
<queso> Is there a way to search all cron jobs (in /etc/ and for all users) at once?
<RoyK> queso: user's cronjobs are under /var/spool/cron/cronjobs
<RoyK> users', even
<tucemiux> ok im still a nuub, im just wondering how to ban china, I see failed login attempts from 111.178.*
<remix_tj> tucemiux: i can suggest you to do this
<remix_tj> whois 111.178.xyz.abc
<remix_tj> (the ip with failed logins)
<remix_tj> in the whois you can find the net you need to ban
<remix_tj> with
<littlebearz> tucemiux: just deny ALL:ALL and allow certain IPs
<remix_tj> iptables -A INPUT -s 111.178.xyz.abc -j DROP
<remix_tj> (for example)
<Pici> remix_tj: It might be more prudent to install something like fail2ban, so that multiple failed login attempts are automaically blocked, from any ip.
<tucemiux> ahhh so I hav to do it with iptables? I cant do it with fail2ban or some other utility?
<remix_tj> or use the littlebearz solution. but is pretty difficult if you want to connect from dynamic ip
<remix_tj> Pici: good idea :-)
<remix_tj> tucemiux: install fail2ban, it will iptable for you :-)
<Pici> tucemiux: ^
<Pici> Sorry, I missed who was actually asking the question ther.e
<tucemiux> Pici: it was mua
<littlebearz> remix_tj: i never knew about fail2ban, I was thinking of putting the ip into a mysql and send it to my cellphone for verification
<tucemiux> someone from 111.178.146.* tried to login as root, how can I check if fail2ban blocked him?
<littlebearz> tucemiux: log file
<littlebearz> tucemiux: erm I mean from iptables
<tucemiux> littlebearz: which one? there's a bunch of them o.O
<remix_tj> tucemiux: logfile or iptables -L
<remix_tj> littlebearz: you can set fail2ban to execute something other instead of banning with iptables
<Pici> tucemiux: /var/log/fail2ban.log
<tucemiux> i guess im going to have to learn iptables then
<littlebearz> tucemiux: i usually use firestarter or somesort of GUI for it, it's too much typing
<tucemiux> and im going to have to learn how to use SASL-tor if I want to use freenode on my server
<tucemiux> Pici: you have a server that's alwyas logged on to freenode?
<jcastro> kirkland: nice interview
<kirkland> jcastro: thanks dude
<jcastro> kirkland: is there a PPA for orchestra, or is it all oneiric-only?
<Pici> tucemiux: Yes. My VPS (Linode) is always connected. I'm running irssi within screen.
<kirkland> jcastro: ppa:orchestra/ppa
<jcastro> ta
<kirkland> jcastro: moving quickly, but if you get around to testing it, let us know
<jcastro> you might want to put the PPA link on lp.net/orchestra
<kirkland> jcastro: where are the UDS videos?
<kirkland> jcastro: ta
<tucemiux> WARNING [ssh] Ban 111.178.146.*
<jcastro> kirkland: I'm looking for something to do this weekend
<kirkland> jcastro: heh, cool
<tucemiux> WARNING [ssh] Unban 111.178.146.*
<jcastro> kirkland: http://www.youtube.com/user/ubuntudevelopers
<tucemiux> jcastro: you can be my singer, im looking for a singer :-)
<kirkland> jcastro: hmm, the interviews with the novacut guys and akgraner?
<jcastro> they're in there
<kirkland> jcastro: got 'em, thanks
<littlebearz> anyone can test if http://xxw.ca/texting-for-free/ gives ssl warning?
<lynxman> adam_g: pong :)
<adam_g> lynxman: hi, i was just trying to find out if orchestra/mcollective plugins have any requirements in terms of class paramters for the classes it deploys
<lynxman> adam_g: hmm they're not related at all, they can (by choice) get facts from facter, but that's it, nothing else
<lynxman> adam_g: unless I don't get what you're talking about :)
<RoAkSoAx> lynxman: ok. so here's the deal, when we import an ubuntu server iso for example, we need to do something similar to the preseed: http://paste.ubuntu.com/622033/ (between #mirror comments)
<lynxman> RoAkSoAx: sounds like a good move :) very awesome stuff
 * lynxman likes cobbler more each day
<RoAkSoAx> lynxman: the IP in the hostname is the cobbler server IP, and the directory is where the archive is
<RoAkSoAx> lynxman: so we need to adapt that for when we have a repo's synced
<adam_g> lynxman: i was looking at orchestra-puppet-recipes/puppet/manifests/node.pp  .. where are the $1, $2, etc. arguments coming from? i had assumed an mcollective agent?
<RoAkSoAx> lynxman: or for when we import a full server iso
<lynxman> adam_g: ah that's not related to mcollective, that's parameters from the role fact from facter
<adam_g> lynxman: ah, i see. thanx
<lynxman> RoAkSoAx: let's try to go that way and see how it ends up, I think it's quite good
<MrBIOS> Daviey back at my desk now
<MrBIOS> SpamapS I had a question about apache performance on ARM, seems like I may be hitting an SMP bug or something odd
<RoAkSoAx> lynxman: yep, so yes we need to have a separate preseed for when we have a mirror, and one for when we have the full server iso, and one more for when we have repositories... though all will be handled via de snippets
<lynxman> RoAkSoAx: sounds amazing, it's further than where we got, we just decided to go with the mini iso
<jcastro> kirkland: all the mcollective-server- stuff appears uninstallable
<lynxman> RoAkSoAx: I would like to keep that logical decision up to some point though
<lynxman> jcastro: hey Jorge *waves*
<lynxman> jcastro: it's in the Queue, waiting to be uploaded
<jcastro> hi!
<lynxman> jcastro: you're looking for mcollective-plugins-*
<lynxman> jcastro: the only server is the provisioner :)
<jcastro> ok
<lynxman> jcastro: but yeah, waiting on the Oneiric queue still :)
<jcastro> wow, he wasn't kidding when he said fast moving
<lynxman> jcastro: we try to :)
<SpamapS> MrBIOS: What sort of ARM are you running on?
<kirkland> jcastro: i know; blocking on jdstrand's review of the new queue :-/
 * jdstrand not the only archive admin which could review it
<jdstrand> I've made a note to look at it, but I won't get to it today (patch piloting)
<g-hennux> hi!
<g-hennux> i'm on ubuntu 10.04 lts and i wonder why installing the solr-jetty package pulls that many dependencies, in particular some X packages, e.g. x11-common xfonts-encodings xfonts-utils
<g-hennux> i'm actually not willing to install X libraries on my database machine; any suggestions from you?
<g-hennux> ok, so solr-common depends on java6-runtime-headless (note: headless) and libcommons-csv-java, among others. now libcommons-csv-java depends on openjdk-6-jre or java2-runtime (note: no headless)
<g-hennux> and this in turn pulls libgtk, libcairo, libxinerama, ...
<g-hennux> now: does anyone use libxinerama on his solr server? ;-)
<zaclnxnewb> how do I purge all of the configuration and settings that a program has over my server?
<zaclnxnewb> I want to reinstall samba, but the settings from the previous installation remain
<zaclnxnewb> ??
<g-hennux> something like dpkg --purge or so
<zaclnxnewb> I tried that
<zaclnxnewb> sudo apt-get purge samba
<g-hennux> no, that will fail if samba is not installed ;)
<zaclnxnewb> tried it to begin with
<g-hennux> ah ok, then apt-get --purge remove
<g-hennux> or apt-get --purge --reinstall install samba
<zaclnxnewb> I'll try them, thank you
<zaclnxnewb> finally logged back into the server
<bencc> do I need to reboot after changing /etc/security/limits.confg and /etc/pam.d/su ?
<bencc> I'm raising the file descriptors limit for a server
<zaclnxnewb> samba was also providing the "computer name" to the router, which was being used to route ip and similar
<zaclnxnewb> made it much harder, very suddenly to log back into ZACSERVER lol
<bencc> not sure if it's enough to restart a service to use the new fd limit: /etc/init.d/nginx restart
<zaclnxnewb> g-hennux:  unfortunately, no that didn't work
<zaclnxnewb> g-hennux:  all configurations remain
<g-hennux> did you reinstall or remove?
<zaclnxnewb> reinstall
<g-hennux> and it's really the old configuration you're seeing, not the newly installed one?
<zaclnxnewb> g-hennux:  my same note #ZAC to denote changes I made to the defaults.
<g-hennux> can you --purge remove and check what remains?
<g-hennux> does the config maybe belong to a different package, like smb-common or so?
<zaclnxnewb> g-hennux: I ah, I see
<zaclnxnewb> for some reason smbd worked but not samba
<zaclnxnewb> g-hennux:  sudo apt-get purge smbd
<g-hennux> isn't it apt-get --purge remove?
<zaclnxnewb> I'm having one more problem
<zaclnxnewb> permissions in samba
<zaclnxnewb> I have a torrenting daemon that downloads various files
<zaclnxnewb> and then I have the files available on the network via samba share
<zaclnxnewb> problem is that files created by deluge (torrenting) aren't deletable by myself through samba
<virusuy> zaclnxnewb:
<virusuy> create mask = 777
<virusuy> on smb.conf,
<virusuy> where is defined your shared folder
<virusuy> that means, apply 777 to any files or folder in shared folder
<zaclnxnewb> virusuy: is create mask = 0777 alright?
<virusuy> it's
<virusuy> zaclnxnewb: worked ?
<zaclnxnewb> one moment sorry, distracted by something important
<zaclnxnewb> virusuy:  the deluge torrentor is a daemon on the same server
<virusuy> that doesn't matter
<zaclnxnewb> it doesn't put files into the samba share through the samba daemon, thus the files aren't changed to 777?
<zaclnxnewb> well, the folders all belong to owner "deluge"
<zaclnxnewb> and I can't delete them
<zaclnxnewb> from within samba
<virusuy> no matter who puts those files in it.. samba will change permissions to 777
<zaclnxnewb> virusuy:  even if they aren't put there through samba?
<virusuy> zaclnxnewb: yeap
<zaclnxnewb> samba just shares the already made folder, I can see the daemon changing permissions as files are sent to it, but deluge basically puts files into the folder under it directly through the os
<zaclnxnewb> alright
<virusuy> oh, obviously deluge must have permissions on that folder
<virusuy> IMO, if is a home share, just change folder's permission to 777
<virusuy> and comment create mask line in smb.conf
<zaclnxnewb> virusuy: How do I change the folder permissions?
<zaclnxnewb> chmod?
<virusuy> chmod -R 777 FOLDER
<WMP> hello
<WMP> i have compilled my own kernel and i havent file include/linux/autoconf.h
<WMP> how to make this file?
#ubuntu-server 2011-06-09
<rich__> what do people use as a replacement for jeos and vmbuilder?
<rich__> I was using that script and those binaries quite happily a year ago, but it appears they are no longer actively developed?
<rich__> what is the quickest way to get a minimal kvm ubuntu machine up these days?
<zaclnxnewb> virusuy: it worked by the way
<zaclnxnewb> virusuy: thanks
<chazz_tsc> Good evening. It would seem I have a badly misconfigured sendmail. Is there someone who would be willing to help a n00b?
<uvirtbot> New bug: #794820 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.9 failed to install/upgrade:, Curses lost keyboard; Command line distro upgrade -> via Putty -> SSH -> Screen" [Undecided,New] https://launchpad.net/bugs/794820
<isnoop> What is the most commonly used means of creating an apt mirror with "blessed" versions of code for a server group?
<twb> I don't know about "common"
<isnoop> I'm seeing talk about apt-cacher-ng, approx, apt-proxy and others...
<twb> Are you talking about a local mirror of someone else's archive, or are you talking about creating your own archive of your own in-house packages?
<isnoop> A mirror of someone else's archive.
<twb> A full mirror or an on-demand mirror?
<isnoop> Essentially, a subset of only the software we need and only the versions we've approved.
<lifeless> custom repository
<twb> That is, do you want to fetch all of, say, lucid main up front, or do you want to fetch packages from upstream only when someone actually tries to install them?
<twb> The former is IME *far* more reliable, but requires an up-front gigabytes download and ongoing hundreds-megabyte/week downloads
<isnoop> Close...  Fetch all of lucid main of front but then only update, say, Apache when we're ready for a bump.
<twb> For that there is debmirror (which I use), and IIRC another one that is about as good
<sbeattie> twb: debmirror (which I also use) doesn't really let you pick and choose versions of stuff from -updates, though.
<isnoop> Looks pretty handy!  I think we can run with that.  Thanks.
<twb> sbeattie: granted
<twb> sbeattie: what I planned to do (haven't yet), is to have two mirrors
<twb> sbeattie: one pulls from upstream, and you test that.  Then, you pull from THAT mirror into the "stable" one that your production machines pull from
<twb> I think apt-mirror was the other one
<isnoop> sbeattie: Aah, I'm just realizing the same thing.
<Xano> My Ubuntu htpc is connected to the network using a WPA2 protected network, which means it needs the keyring to be unlocked every time the machine boots. However, as it also doubles as a server, I need the machine to be able to boot and start all services (including wifi) without any action of my part. I am looking for a way to remove the need for logging in to the keyring.
<twb> Remove the passphrase from the cert, then
<twb> Wait, is this WPA2-EAP or WPA2-PSK?
<Xano> twb: psk
<twb> So put the PSK in your wpa_supplicant.conf
<uvirtbot> New bug: #794894 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/794894
<koolhead11> TeTeT, hey
<Xano> twb: thanks. I'll try that
<TeTeT> hi koolhead11
<BuenGenio> hello
<BuenGenio> are there any builds of dovecot 2.0 for Natty?
<uvirtbot> New bug: #794916 in openvpn (main) "initscript wrongly sets --script-security" [Undecided,New] https://launchpad.net/bugs/794916
<BuenGenio> !
<BuenGenio> ~help
<BuenGenio> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<BuenGenio> !apt
<ubottu> APT is the Advanced Package Tool, which together with dpkg forms the basic Ubuntu package management toolkit. Short apt-get manual: https://help.ubuntu.com/community/AptGetHowto - Also see !Synaptic (Gnome), !Adept (KDE) or !KPackageKit (KDE)
<BuenGenio> !search
<ubottu> Search factoids for term: !search <term>
<BuenGenio> !search dovecot
<ubottu> Found: dovecot, mda, mailprotocols
<uvirtbot> New bug: #794994 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 75" [Undecided,New] https://launchpad.net/bugs/794994
<raul> w
<raul> Hello everyone, I need to monitorize a class C network, I have a pretty old computer with ubuntu 6.06 and 250MB, which network monitor program could be fine and light for my purpose? any help or experience form you will be really apreciated
<raul> I tried to install the newest ntop release from the scratch but trying to compile it takes lots of time because dependences and I finally gave up
<raul> no helps today... :P
<_ruben> raul: what exactly are your monitoring requirements/needs/wishes/etc?
<_ruben> also, remember this is irc, a place where patience is a requirement
<raul> _ruben Hi, I would like to monitor traffic load, which Ip access where , amount of downloads, basically whe are experiencing problems wiht our network and I think ther is someona doing nasty things or maybe a virus , that's more or less what I expect
<_ruben> that's a lot of data, depending on the traffic volume
<patdk-wk> hopefully you have a monitored layer2 switch?
<_ruben> i use a homegrown system based on pmacct, but i only care about my own ip addresses, not the addreses they connect to/from
<patdk-wk> that will tell you how much traffic from each port
<patdk-wk> that is normally how I can track down evil stuff easily, a port that suddently increases a lot
<raul> _ruben, I used to use ntop, but on my local computer, ntop does what I would like to monitorize but the machine I have to put close to the CPD has only 250MB I don't care about nice graphs but want to have some details
<_ruben> put more mem in it :)
<raul> patdk-wk Hi well I want to monitorize a Intelligent Switch (label2 and 3) I have a trunk port ready
<patdk-wk> hmm? trunk port?
<raul> _ruben estamos en crissi
<patdk-wk> you use snmp to monitor a switch
<patdk-wk> there is no way your going to monitor all traffic that goes over a switch
<raul> patdk-wk it is a Cisco Label3 switch, which is our gateway
<patdk-wk> ah, so you wanted to setup like a mirror port to monitor your internet side?
<raul> patdk-wk and a trunk port allows to see all trafic from any VLAN
<sommer> hi hi
<raul> patdk-wk exactlly
<_ruben> trunk port != mirror port in my book :)
<_ruben> unless this switch is actually a hub
<patdk-wk> ya, defently not the same things
<raul> _ruben well I don't care about the mirror port and such details it just works what I wanted to know is if anybody could suggest me a light and powerfull network monitor
<_ruben> pmacct has some ready to use frontends to use i think
<patdk-wk> there is no such thing as light when talking about traffic
<_ruben> patdk-wk: depends on the traffic :)
<patdk-wk> heh, we wheren't talking dialup modems :)
<_ruben> and then there's fiber... also kinda light :)
<xampart> =)
<patdk-wk> not when it's a 3" bundle :)
<raul> patdk-wk yes, it looks like, then the only way is just find a more powerfull computer
<_ruben> patdk-wk: that'd be a lot of light! :)
<patdk-wk> raul, ram normally isn't required too much
<patdk-wk> it's normally bus speed and cpu
<raul> patdk-wk, I know... I did not mention that my toy computer is an old dell laptop
<raul> anyway which network monitors do you use in case of whole network monitoring? any favorite tool?
<Daviey> RoAkSoAx, I love rev25... :)  https://code.launchpad.net/~ubuntu-branches/ubuntu/oneiric/cobbler/oneiric-201106090005/+merge/63942
<_ruben> raul: like i said, i use pmacct myself, but a quite common solution is the various netflow/sflow/etc based stuff
<Daviey> RoAkSoAx,  Your commit and upload were different, therefore your commit was popped and a merge request created.
<raul> _ruben, thanks I will take an eye on it
<RoAkSoAx> Daviey ah?
<orudie>  I downloaded a program which is .run extension. How can I install it ?
<luite> orudie: bash file.run
<m_tadeu> should start-stop-daemon create the pid file by itself?
<RoAkSoAx> Daviey was this done automatically?
<orudie> I just copied over some files to the wrong place, is there a way to undo this copy operation ?
<greppy> orudie: move them to the correct location?
<Daviey> RoAkSoAx, yeah.. if the package-importer disagrees with your commit it pops it and raises a merge proposal
<Daviey> james_w confuses the effort by the bot doing it under his launchpad-id.
<RoAkSoAx> Daviey right snd how can i compraeDaviey right and how.can I compare in what they differ cause I'm pretty sure they don't....
<RoAkSoAx> Daviey i'd even say that there was something wrong going as the upload took too much time to.get processed when it shouldnt have caise i pushed the branch way after i made the upload and seconds later and announcement in lp saying that there would be.maintenance appeared
<Daviey> RoAkSoAx, did you push patches applied?
<RoAkSoAx> or is bzr no longer sllowjng pushing branches without .pc
<RoAkSoAx> Daviey no.... the .pc wasnt even created when i created the source
<Daviey> RoAkSoAx, I don't think /not/ pushing .pc was supported for deb src 3 branches
<RoAkSoAx> Daviey: i've done this before with deb src 3 branches with no issues whatsoever
<RoAkSoAx> Daviey: but regardless of whether the branch was pushed, the dput should have been processed regardless of the branch been uploaded or not
<RoAkSoAx> Daviey: but it wasn't until several hours later
<RoAkSoAx> Daviey: and I'm guessing this was due to maintenance in LP
<RoAkSoAx> Daviey: i guess we'll have to try it again in next upload
<zul> i just uploaded the gpxe stuff for cobbler
<RoAkSoAx> Daviey: even edit-patch leaves the branch with patches un-applied
<RoAkSoAx> Daviey: which is why I found surprising why this happened
<RoAkSoAx> zul: yay!
<Daviey> hmm
<Daviey> <RoAkSoAx> Daviey: but regardless of whether the branch was pushed, the dput should have been processed regardless of the branch been uploaded or not
<Daviey> ^^ i don't understand that
<uvirtbot> Daviey: Error: "^" is not a valid command.
<RoAkSoAx> Daviey: i uploaded the package with dput cobbler_baklblabla_source.changes
<RoAkSoAx> Daviey: and it took like 4 hours for it to be processed
<Daviey> Hmm.. i've been finding processing of incoming to be really fast lately.
<RoAkSoAx> Daviey: yes that's why I was surprised yesterday, and that's why I think it was LP's issue as right after I uploaded, a message showing that there was gonna be maintenance appeared
<RoAkSoAx> Daviey: so I guess that's why everything ended up being a mess :)
<Daviey> RoAkSoAx: the divergence would have happend regardless
<Daviey> RoAkSoAx: The auto merge proposal would only happen if there is a diff between what you uploaded and what is in the branch.
<Daviey> RoAkSoAx: What you uploaded, as in if you do a diff between dpkg-source x cobbler*dsc and the bzr branch
<RoAkSoAx> Daviey: but there wasn't... as I said the changes in the source package do not include patch applied nor the .pc dir
<Daviey> dpkg-source -x rather
<RoAkSoAx> Daviey: when you do a dpkg-source -x it applies the patches
<RoAkSoAx> Daviey: but as I said, even edit-patch leaves patches un-applied
<Daviey> RoAkSoAx: Hmm.. the .pc is created as part of the package extraction - not what you uplload
<RoAkSoAx> Daviey: so for example, we edit-patch a branch, it will leave patches un-applied, then you build de source, upload, then debcommit the branch with patches un-applied, then divergence
<RoAkSoAx> ?
<RoAkSoAx> cuase the branch has patches un-applied while dpkg-source -x will apply the patches on extraction
<Daviey> RoAkSoAx: Yeah, edit-path isn't perfect
<Daviey> for example, it offers to commit whilst leaving boilerplate patch headers
<Daviey> I think edit-patch needs fixing in that regard.
<RoAkSoAx> Daviey: well I agree with edit-patch on leaving patches un-applied as applying patches in a branch leaves with diff's that are useless IMHO
<Daviey> RoAkSoAx: Actually, a pre-commit bzr hook should check if it is deb src 3 and apply before commit IMO.
<RoAkSoAx> Daviey: yeah maybe :)
<Daviey> The bzr team are cracking through a fix to beter handle the deb src 3 (quilt) mess
<RoAkSoAx> Daviey: yeah that's really what we need... but IMO updating a patch leaves lot of useless diff in the branch which we don't really need
<RoAkSoAx> and for that reason, I believe patches should not be applied in the branch
<RoAkSoAx> because every single time that we edit a new patch, a huge diff with not relevant stuff will be created
<RoAkSoAx> and that causes confusion
<RoAkSoAx> Daviey: but either way, I'll always find a solution for that :)
<Daviey> RoAkSoAx: i entirelly agree, i think having patches applied on extraction was a mistake :)
<RoAkSoAx> Daviey: i always have to quilt pop -a after extraction
<Daviey> RoAkSoAx: well if i'm honestly, i do the same... but you shouldn't need to..
<RoAkSoAx> Daviey: indeed
<BuenGenio> anyone know how to get sed to replace a whole line that matches a certain substring?
<ADEX> hola buen dia busco ayuda
<ADEX> quiero implementar un server
<ADEX> con ubuntu 10.04
<RoAkSoAx> !es | ADEX
<ubottu> ADEX: En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<ADEX> [RoAkSoAx] de hay me mandaron a esta sal
<ADEX> no me puede ayudar nadie
<jamespage> SpamapS: around?
<RoAkSoAx> ADEX: que necesitaS?
<queso> When I do a dpkg -l package* the full package name isn't displayed in the results, it's cut off by the width of the column that lists the names.  Is there a way to see the full names?
<ADEX> ayuda
<RoAkSoAx> ADEX: por eso te pregunto :).. en que te puedo ayudar... no preguntas si puedes preguntar o si alguien te puede ayudar, solo has tu pregunta
<ADEX> quiero montar el server ubuntu 10.04
<ADEX> para poner un proxy cache
<RoAkSoAx> ADEX: ok...
<RoAkSoAx> ADEX: y cual es la ayuda que necesitas entonceS?
<ADEX> como montarlo orientacion y pues soy novato
<RoAkSoAx> ADEX: pues en realidad no te vamos a decir como montor un proxy cache desde cero, sino mas bien vas a tener que investigarlo tu mismo, y de paso asi aprendes. En lo que te podemos ayudar es a resolver problemas o orientarte con documentacion
<RoAkSoAx> ADEX: https://help.ubuntu.com/10.04/serverguide/C/squid.html
<ADEX> eso quieroexactamente
<ADEX> donde leer
<RoAkSoAx> ADEX: http://www.tutoriales-ubuntu.com/archives/configurar-un-proxy-transparente-con-squid
<RoAkSoAx> ADEX: y google te puede ayudar tb :)
<ADEX> uuuuu
<ADEX> pues entonses para q son estas salas
<RoAkSoAx> ADEX: y tambien tienes www.howtoforge.com
<RoAkSoAx> ADEX: estas sala en especifico es para desarrollo de Ubuntu server (programacion) asi como tambien ayudar a resolver problemas, pero lo que no podemos hacer es decirte como configurar un proxy cache desde cero mas bien te podemos orientar en donde puedes aprenderlo..., es por esa razon que te he enviado los enlaces para que tu
<RoAkSoAx> argh..
<RoAkSoAx> ADEX: para que tu puedas leer y hacerlo
<ADEX> si gracias
<ADEX> puedo platicarles un proyecto
<RoAkSoAx> ADEX: http://beginlinux.com/blog/2010/04/ubuntu-10-04-squid-proxy/
<RoAkSoAx> ADEX: en realidad si buscas un poquito en google vas a encontrar bastante informacion de como hacer un proxy
<ADEX> en mi pueblo estoi implementando una red inalambrica de oni direccional de 15 km
<ADEX> y el proxy chace para eso lo quiero
<ADEX> que negativo eres
<RoAkSoAx> ADEX: entonces necesitas un proxy transparente
<ADEX> nop
<ADEX> por q si es trasparente
<ADEX> lo q quiero es tener las paginas pre cargadas
<ADEX> para q no tengan q estar lenta las paginas cuando las carguen
<RoAkSoAx> ADEX: ahi arriba te he puesto bastante informacion en donde puesde leer y aprender de squid.. lamentablemente yo no te puedo hacer el proxy, ni decirte como configurarlo desde cero y no es por ser negativo, porque no lo soy, sino simplemente porque yo tambien trabajo asi como tu y tengo cosas que hacer ...
<RoAkSoAx> ADEX: para eso funciona un proxy, no importa si es transparente o no transparent
<ADEX> si si lo se
<RoAkSoAx> ADEX: transparente signifca que tus clientes no sabran que hay un proxy, mientras que NO transparente significa que tendras que configurar en tus clientes el Proxy
<RoAkSoAx> ADEX: pero al final, los dos tiene el mismo objetivo
<RoAkSoAx> ADEX: te recomiendo que veas http://www.tutoriales-ubuntu.com/archives/configurar-un-proxy-transparente-con-squid ya que ahi te explica detalladamente como montar un proxy transparent
<SpamapS> jamespage: here now whats up?
<jamespage> hey SpamapS: I have a licensing question - do you have time?
<RoAkSoAx> kirkland: ping?
<kirkland> RoAkSoAx: pong (in a meeting, though)
<RoAkSoAx> kirkland: quick thingy... how are you testing how much time a set of code is taking to execute?
<RoAkSoAx> kirkland: python code
<kirkland> RoAkSoAx: using the shell "time" command
<RoAkSoAx> kirkland: k thanks
<jamespage> SpamapS: did I lose you there?
<SpamapS> yes sorry
<SpamapS> 8 conversations all started at once
<SpamapS> jamespage: also I don't get highlights unless its "^SpamapS: "
<SpamapS> something I proably should change
<jamespage> ah-ha
<jamespage> so are you OK to chat now (or do you need to finish the other 7?
<SpamapS> jamespage: yeah just fire away
<nigelb> what's the channel for ensemble and orchestra stuff?
<SpamapS> nigelb: #ubuntu-ensemble for ensemble. Here is a good place for Orchestra.
<nigelb> SpamapS: ensemble is the one where we can have recipies right?
<SpamapS> nigelb: s/recipes/formulas/ ;)
<nigelb> SpamapS: Right :)
<ADEX> una pregunta ya instale ubuntu server 10.04 y me pide el login cuando quiero ponerlo las letras escrive mu estraÃ±o pongo luis y meescribemrhk
<SpamapS> ADEX: puedes hablar en Ã­ngles por favor? No hay muchos habladeros de espaÃ±ol aquÃ­.
 * SpamapS should write a google translator plugin for irssi
<Delemas> I've got a 10.04 server with openssh 5.3p1-3ubuntu6 setup with sftponly chroots. It stopped working two days ago. i.e. transfers just hang with nothing useful in max debug output on client/server. Has anyone else had similar problems?
<SpamapS> Delemas: whats your NIC driver?
<Delemas> It should be virtio_net in the VM the underlying server is a Intel 82576 GbE.
<ADEX> [SpamapS] el problema que no hablo ingles
<Delemas> The failure seems to have started happening only with chrooted sftp users and after these packages were updated: snmp man-db subversion libc-bin sysv-rc sysvinit-utils initscripts libsvn1
<RoAkSoAx> kirkland: http://paste.ubuntu.com/622738/ -> port ranges for TCPMonitor
<kirkland> RoAkSoAx: neat
<kirkland> RoAkSoAx: is it backwards compatible?
<RoAkSoAx> kirkland: yes
<RoAkSoAx> kirkland: will work either for 1 or a range of ports in the way 1-10
<RoAkSoAx> or 1 - 10
<Delemas> Weird attempting to do apt-get installl libc-bin=2.11.1-0ubuntu7.7 (a minor downgrade) wants to remove most of the packages on the server...
 * RoyK guesses dependencies, broken or too strict
<Delemas> Well that version was happily installed three days ago :/
<RoyK> duh
<bsg_kwolf> Hello... Anyone have any tips or tricks to get NIC bonding and bridging to work on Natty for kvm guests?
<RoAkSoAx> ScottK: ping?
<bsg_kwolf> Having all kinds of problems.  Have tried all the interfaces recommendations I could find, but so far haven't had much luck.
<RoyK> bsg_kwolf: never done it myself, but I guess it's just a matter of setting up a LA group and tying the bridge to that
<bsg_kwolf> I've gotten them to work for a bit but as soon as I restart the server, it comes back up in a bad state.
<bsg_kwolf> from what I can tell when the system comes up, the bridge isn't picking up bond0... I think.
<aliverius> how can i change the name of the nic? i changed a nic and now instead of it being eth0 it is eth2
<Delemas> aliverius, hmm I've had that issue before. There is a hardware address to device name mapping cached somewhere and you need to delete the file. I'm not finding the path at the moment though...
<Delemas> Ah there it is.... To fix this clear our all the
<Delemas>    eth entries in /etc/udev/rules.d/70-persistent-net.rules and reboot.
<ScottK> RoyK: Pong.
<ScottK> Oops
<ScottK> RoAkSoAx: Pong
<RoAkSoAx> ScottK: howdy! I seek your advice!
<RoyK> ScottK: pang
<RoAkSoAx> ScottK: I change one package from pycentral to dh7 and dh_python2
<RoAkSoAx> ScottK: however, now that I did that, whenever I remove --purge the package, it fails to remove the *.pyc files
<RoAkSoAx> ScottK: debian/rules: http://paste.ubuntu.com/622771/
<RoAkSoAx> ScottK: debian/control: http://paste.ubuntu.com/622774/
<RoAkSoAx> ScottK: install file: http://paste.ubuntu.com/622775/
<RoAkSoAx> ScottK: any ideas of why this might be happening?
<RoAkSoAx> ScottK: this is how it used to be: http://bazaar.launchpad.net/~powernap/powernap/trunk/revision/236
<ScottK> RoAkSoAx: I'd look at pyspf.  It uses dh_python2 and has an install file that installs to pyshared.
<ScottK> I don't see anything obvoius
<RoAkSoAx> ScottK: I seem to be doing mpretty much the same thing, though 'm pretty much doing the same but
<RoAkSoAx> ScottK: I seem to be doing mpretty much the same thing, though the pyc's are not cleaned in my case, causing the removal to not be completely clean
<ScottK> RoAkSoAx: See pyyaml for what I did to override clean
 * RoAkSoAx looks
<econdudeawesome> howdy all. Is there a utility to change my default repository to ftp.utexas.edu where I don't have to directly edit the repository file?
<zul> jdstrand: have you done the upload for libvirt yet?
<RoAkSoAx> ScottK: ok so If the application that uses the modules are not executed, then remove --purge the package will remove it correctly because there's no *.pyc's... I don't think it would make any difference if i override dh_clean right?
<incidence> can I set "default" virtual host for IRC-connections? With oidentd or something
<aliverius> i have  a problem with a recent atom board. i cannot load module kvm-intel
<zoopster> aliverius: does that atom board support vt?
<aliverius> i just found out it doesnt
<aliverius> this means i am doomed
<aliverius> i used to run an ubuntu server containing the router for the whole house inside a kvm
<aliverius> now no router...
<WinstonSmith> aliverius: virtualbox?
<aliverius> mmmmm not a bad idea
<Delemas> it will be chunky without vt...
<SpamapS> aliverius: try lxc
<SpamapS> VB and KVM and Xen will all suck w/o vt
<aliverius> vmware?
<SpamapS> LXC won't provide you quite the same amount of isolation, but you get the management at least.
<Daviey> hmm.. Xen doesn't suck if you have a modified guest to avoid HVM.
<SpamapS> Daviey: you're still ultimately taxing hardware that really isn't capable of doing what you're asking it to do.
<Daviey> SpamapS: i /really/ disagree.
<SpamapS> I guess I don't understand Xen well enough to speak strongly about it. My experience with Xen before VT was 20% loss of performance.
<Daviey> wow.
<SpamapS> Xen 2.x .. on CentOS 5.0 .. long time ago. They probably figured a lot of that out.
<Daviey> I understood xen only used VT extensions if you were using HVM.
<Daviey> 20% loss is massive.
<SpamapS> Daviey: hence my reservation about ever suggesting its use. ;)
<Daviey> I don't blame you.
<Daviey> SpamapS: My experience wasn't the same tho.
<SpamapS> It was still quite useful for what we were doing, which was running a simulated parallel environment for unit testing.
<Daviey> pah, who tests?
<SpamapS> To be able to duplicate our 90 machine setup on 3 cheap machines was quite useful.
<SpamapS> Today, I'd use LXC tho
<aliverius> so far i have been using pfsense inside kvm. now that i dont have kvm, would opwnert at least do?
<giovani> openwrt is meant to run on embedded hardware
<giovani> do they have an x86 release?
<giovani> I don't know why you'd want to ...
<bsg_kwolf> natty seems to be ignoring 'mtu 9000' on a bridge interface on boot.
<bsg_kwolf> Anyone else seen this?
<bsg_kwolf> just comes up with a default 1500 mtu.
<ScottK> RoAkSoAx: Right.  It shouldn't.
<bsg_kwolf> known issue?
<RoAkSoAx> ScottK: this is exactly what happens when purging, which didn't happen when I was using dh_pycentral: http://pastebin.ubuntu.com/622813/
<ScottK> RoAkSoAx: Pleae ask #POX on #debian-python on OFTC.
<ScottK> ..s..
<RoAkSoAx> ScottK: ok, thanks!
<Delemas> aliverius, setup pfsense on a separate box...
<bsg_kwolf> Alright, so to get mtu 9000 to stick it seems I have to do this:  http://pastebin.ubuntu.com/622829/  That doesn't seem right.
<bsg_kwolf> Otherwise after a reboot, it goes back to 1500.
<bsg_kwolf> still can't seem to get bonding in the mix.
<thisismygame> I've installed minimal ubuntu on 2 computers in the last 24hrs. They both install fine, reboot and get to Grub, where after that they have nothing but a blank black screen. Am I missing something here?
<raubvogel> Quick samba4 on ubuntu question: I see /var/lib/samba/private/krb5.conf is already nicely configured. Does the kerberos server knows to use that config file?
<raubvogel> s/knows/know/
<raubvogel> And is it installed with samba4?
<zul> jamespage: i editted your wiki page
#ubuntu-server 2011-06-10
<joren> Hey, so I recently did an ubuntu server install which kept failing on "installing software"  I have a bootable system with apt and everything, but does anyone know if there's a package or virtual package that installes all the extra ubuntu goodies?
<joren> it was failing on the "select and install software" step, so whatever software gets installed there, without any of the checkboxes checked
<uvirtbot> New bug: #795312 in bacula (main) "package bacula-server 2.2.8-5ubuntu7.2 failed to install/upgrade: problemi con le dipendenze - lasciato non configurato" [Undecided,New] https://launchpad.net/bugs/795312
<Delemas> Eventually I solved the issue by upgrading to Openssh 5.5p1.
<Runeg> Ubuntu 10.04 (EC2). MySQL Server 5.1, Followed steps here: http://www.lornajane.net/posts/2008/Logrotate-Error-on-Ubuntu for this error: /etc/cron.daily/logrotate: error running shared postrotate script for '/var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log ' run-parts: /etc/cron.daily/logrotate exited with return code 1. Still having this error occur on cron.daily runs.
<uvirtbot> New bug: #795315 in apache2 (main) "unknown protocol speaking not SSL to HTTPS port on apache2 reload/restart" [Undecided,New] https://launchpad.net/bugs/795315
<uvirtbot> New bug: #795328 in openssh (main) "package openssh-server 1:5.8p1-1ubuntu3 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/795328
<uvirtbot> New bug: #795336 in dovecot (main) "dovecot-postfix always overwrites main.cf" [Undecided,New] https://launchpad.net/bugs/795336
<BuenGenio> morning
<BuenGenio> anyone know if there is a port of dovecot 2.0 to natty?
<BuenGenio> would the dovecot 2.0 from Oneiric work on Natty?
<twb> maybe
<twb> Depends on the complexity of the package and its deps
<twb> For example, backporting nvi would probably just work, whereas backporting gnome-panel would probably be a nightmare
<twb> I don't know where dovecot falls on the scale
<toddnine_> Hey guys.  I know that I can check if something is executed /var/log/syslog.  However I can't seem to find if the script I'm executing succeeds.  If it fails will it be in the syslog?
<xampart> how do i edit crontab script so, that if it succeeds it doesn't send mail?
<MrPPS> xampart: when you're editing the script, instead of piping/outputting it to mail, direct the output to /dev/null
<twb> xampart: cron will not send email unless it emits output
<twb> xampart: so fix your script to emit output only on error
<xampart> twb: k. thanks
<acidflash> hi all
<acidflash> i am attempting to mv a folder to another location but its not working
<acidflash> there is no -r switch now
<acidflash> how does one go about doing it in 11.04 ubuntu server?
<twb> mv doesn't have an -r
<twb> What is the error message?
<acidflash> i got it to work twb
<eagles0513875> !GQDN
<eagles0513875> !FQDN
<BuenGenio> is there a CLI tool to configure network interfaces ?
<greppy> BuenGenio: edit /etc/network/interfaces, man interfaces for documentation
<BuenGenio> thanks
<BuenGenio> another excuse to use vi then! ;)
<twb> That's a funny way to spell TECO
<BuenGenio> also, is there a way to bring up a Wireless interface on boot?
<BuenGenio> with maybe a list of preferred networks to connect to
<greppy> wpa_supplicant or maybe wicd-curses or wicd-cli
<twb> You can do it with wpa_supplicant alone
<twb> http://paste.debian.net/119415/
<twb> BuenGenio: ^^
<BuenGenio> greppy, found that the settings for ethX are actually stored in /etc/NetworkManager/system-connections
<greppy> BuenGenio: if you are using network manager, yes.  I assumed that you weren't using X windows, since you asked for cli in a server channel :)
<twb> BuenGenio: don't use NM
<BuenGenio> use what?
<greppy> BuenGenio: network manager
<uvirtbot> New bug: #795427 in libvirt (main) "Upgrade Libvirt up to 0.9.1 generates new bug with Virt-Manager" [Undecided,New] https://launchpad.net/bugs/795427
<uvirtbot> New bug: #681774 in nova (universe) "nova_sudoers is brittle, often out of date, and too permissive" [Wishlist,Confirmed] https://launchpad.net/bugs/681774
<RoyK> http://xkcd.org/910/ <-- good one :)
<BuenGenio> i meant what should I use instead
<BuenGenio> sorry for the brevity
<BuenGenio> (hear it's the sister of talent....)
<greppy> BuenGenio: configure /etc/network/interfaces and then do an ifup eth0 or ifup eth1, etc
<BuenGenio> ah
<BuenGenio> lah
<sommer> Morning all :-)
<Daviey> morning sommer o/
<Daviey> jdstrand: Would you believe it... Debian has had two uploads since hallyn's merge. :)
<Daviey> Interesting patch.. New patch security-plug-regression-introduced-in-disk-probe-lo.patch
<uvirtbot> New bug: #795506 in excalibur-logkit (main) "Sync excalibur-logkit 2.0-5 (main) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/795506
<thisismygame> Does anyone know how to make an ubuntu minimal install boot to something other than a blank black screen?
<jdstrand> Daviey: well, upstream did release 0.9.2-1 within the last week-- I knoew it would be coming. the good news is the qrt testing is back in shape as of yesterday, so hallyn or anyone should be able to use it
 * jdstrand wonders why save/restore is in constant flux
<Daviey> jdstrand, hallyn is mostly going to be afk for the next 2 weeks fyi.
<jdstrand> Daviey: regarding the extra patch-- yeah, I plan on adding that with whatever fix I come up with
<jdstrand> I think natty may need it too
<Daviey> jdstrand, ok, super
<zul> jdstrand: if you want to change libxen3-dev to libxen-dev in libvirt be my guest or i could do it
<jdstrand> zul: my upload is unlikely to happen today. if you need it before early next week, feel free
<zul> ok just one less item on my wi todo list ;)
<uvirtbot> New bug: #795531 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/795531
<Dynamit> W: Misslyckades med att hÃ¤mta http://se.archive.ubuntu.com/ubuntu/dists/jaunty-updates/multiverse/source/Sources 404 Not Found [IP: 130.239.18.163 80] so i need to change the source file but to what
<jpds> Dynamit: No, you need to move off an unsupported release.
<Dynamit> but if i can't upgrade?
<jpds> You should, regardless.
<Dynamit> i want to upgrade but how
<Dynamit> i never upgrade the server edition
<Dynamit> the desktop is easy but i don't know how to do whit the server edition
<Daviey> Dynamit: https://help.ubuntu.com/community/EOLUpgrades/Jaunty
<Dynamit> thx man
<Daviey> Dynamit: I would sugegst going to 10.04 :)
<Daviey> Dynamit: So you need to go to 9.10 (Karmic) -> 10.04 (Lucid).. so a two stage upgrad
<Daviey> +e
<Dynamit> okey
<Dynamit> man
<Dynamit> what im out of date
<Daviey> Dynamit: Non-LTS (Long term support) releases are only support for 18 Months from release.  LTS releases are supported for 5 years on the server
<Daviey> Dynamit: 10.04 is supported until 2015. :)
<Dynamit> An upgrade from 'jaunty' to 'lucid' is not supported with this tool. wtf i follow the source in the url
<Dynamit> i have Ubuntu 9.04 Jaunty
<genii-around> Dynamit: If your current version is not a Long Term Support release, like 8.04 Hardy, you can only upgrade to next version directly above... so in your situation, 9.10 Karmic Koala
<Dynamit> how will i do?
<Dynamit> is there any way to upgrade to LTS when i uprade?
<genii-around> Dynamit: After you go 9.04 to 9.10, you can use same method to go 9.10 to 10.04 ( which is an LTS release)
<queso> If I add a ppa that has a package I need, but also includes packages that I don't need, and some of those packages that I don't need have the same name as an ubuntu-supported package that I need, how do I get the ubuntu-supported package?   aptitude keeps telling me that the package is from an untrusted source, so it's obviously defaulting to the ppa source.
<Dynamit> how to go from the 9.04 to 9.10 i know that's noob ? but i have forgot the moste
<genii-around> Dynamit: First make sure you have 9.04 the most current it can be with: sudo apt-get update && sudo apt-get upgrade        then: sudo do-release-upgrade
<Dynamit> An upgrade from 'jaunty' to 'lucid' is not supported with this tool.
<Dynamit> it was i get as answer
<genii-around> Dynamit: You may need to change the repositories to be also like: old-releases.ubuntu  at the front as well
<Dynamit> it is
<Dynamit> that's the wierd
<Dynamit> / jaunty main restricted
<Dynamit> #deb cdrom:[Ubuntu-Server 9.04 _Jaunty Jackalope_ - Release amd64 (20090421.1)]/ jaunty main restricted
<Dynamit> # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
<Dynamit> # newer versions of the distribution.
<Dynamit> deb http://old-releases.ubuntu.com/ubuntu/ jaunty main restricted universe multiverse
<Dynamit> deb http://old-releases.ubuntu.com/ubuntu/ jaunty-updates main restricted universe multiverse
<Dynamit> sorry i forgot now source past
<Dynamit> deb http://old-releases.ubuntu.com/ubuntu/ jaunty-security main restricted universe multiverse
<Dynamit> ## Major bug fix updates produced after the final release of the
<Dynamit> ## distribution.
<Dynamit> deb http://se.archive.ubuntu.com/ubuntu/ jaunty-updates main restricted
<Dynamit> deb-src http://se.archive.ubuntu.com/ubuntu/ jaunty-updates main restricted
<Dynamit> ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
<Dynamit> ## team. Also, please note that software in universe WILL NOT receive any
<genii-around> Dynamit: Firstly, please use pastebin and not directly into the channel here
<Dynamit> i say im sorry
<Dynamit> 16:29 | <<Dynamit>> sorry i forgot now source past
<genii-around> Dynamit: You have to edit the file /etc/update-manager/release-upgrades  and change the line: Prompt=lts  into: Prompt=normal
<genii-around> Dynamit: Then additionally, change all the lines in your /etc/apt/sources.list  which start with:  http://se.archive.ubuntu.com   into  http://old-releases.ubuntu.com
<Dynamit> ok thx
<Dynamit> i will go and eat now
<genii-around> !pinning | queso  ..  This might work for you
<ubottu> queso  ..  This might work for you: pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<uvirtbot> New bug: #795428 in nova "Unable to remove a LVM volume (dd not in nova_sudoers)" [High,Triaged] https://launchpad.net/bugs/795428
<Dynamit> the releas-upgrades is normal it say any how jaunty to lucid is not supported
<Daviey> Dynamit: Jaunty to Lucid is not supported
<queso> genii-around: Does that apply to two packages that have the same name coming from two different sources?
<Daviey> Dynamit: Hence why i said it was a two stage process..
<Daviey> Upgrade to Karmic... then from Karmic upgrade to Lucid.
<m_tadeu> hi...I'm using monit to monitor certain services. But I only want monit to restart a service(if it has to), during the night....is this possible?
<Dynamit> but how
<Dynamit> i understand if you being *devil* becuse i not understand
<smb> zul, soren If I want to get to a point where I can play with newer dom0 kernels on Oneiric. Should I go with xen-hypervisor-3.3 or 4.1 (and why does 4.1 (guessing 4.1) only exist as amd64 (not that it matters as the host is 64bit...))
<zul> 41
<zul> er...4.1
<smb> zul, ok, thanks. lets see how far I get
<Dynamit> i found it
<Dynamit> sorry
<Dynamit> thx Daviey
<queso> genii-around: thx, that might be what I want
<genii-around> queso: You're welcome
<Dynamit> i have change the source to https://help.ubuntu.com/community/EOLUpgrades/Jaunty but it say any how same thing
<Dynamit> i have run update commands
<jeremy_c> join #c#
<jeremy_c> opps, sorry.
<smb> zul, Despite some warnings in some places and the weird "placeholder" in grub.cfg this went reasonably well for a Friday afternoon. :)
 * RoyK is off for the weekend - later, guys
<slyboots> Hi
<slyboots> Ran into a problem haha, Power-cut brought down my home-server.  But at reboot it no-longer comes back on-line.  Ran recovery mode and its complaining that it cant mount /
<slyboots> So, ran mount and the problem seems to be that the drive that / is on appears to. chagne drive-ID from either /dev/sda to /dev/sdc
<slyboots> But I cant fix it as its complaining that / is mounted read-only.  But I cant seem to use mount -o rw since it thinkgs / is /dev/sdc5 instead of /dev/sda5
<slyboots> If that makes sense
<slyboots> But in /etc/fstab its using the UUID of the correct disk
<momelod> greetings channel.  I have two VMs sharing an iSCSI disk.  Im trying to setup fencing with Stonith.  All the documentation i can find online seems redhat specific and always tells me to configure SBD via /etc/sysconfig/sbd
<momelod> greetings channel.  I have two VMs sharing an iSCSI disk.  Im trying to setup fencing with Stonith.  All the documentation i can find online seems redhat specific and always tells me to configure SBD via /etc/sysconfig/sbd
<momelod> but on a ubuntu system, that file and folder doesnt exist
<momelod> where is the sbd configuration found in Ubuntu?
<momelod> the specific config i am referring to is: http://linux-ha.org/wiki/SBD_Fencing#Start_the_sbd_daemon
<queso> What is the /etc/passwd- file (and other filename- files) in /etc ?  Are those backups from before changes?
<e_t_> No. /etc/passwd keeps a record of user accounts on the system and various information about them. /etc/shadow actually stores the encrypted passwords.
<patdk-wk> s/encrypted/hashed/
<slyboots> Okay, I've no idea why this server isnt booting
<uvirtbot> New bug: #795612 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/795612
<raubvogel> Is there a package for samba4 that includes all the parts to set it up as a DC?
<rawfodog> I'm gonna go full noob here, I just installed 11 server, and I can't connect to it's ip address via ftp. Do I need to download something ? During the install I checked off the LAMP packages.
<adam_g> ivoks: ping
<Runeg> Currently running Ubuntu 10.04 (EC2). MySQL Server 5.1, Followed steps here: http://www.lornajane.net/posts/2008/Logrotate-Error-on-Ubuntu for this error: /etc/cron.daily/logrotate: error running shared postrotate script for '/var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql/mysql-slow.log ' run-parts: /etc/cron.daily/logrotate exited with return code 1. Still having this error occur on cron.daily runs. Any suggestions?
<RoAkSoAx> s/y/and//win 2
<RoAkSoAx> argh
<zul> smb: sweet
 * RoAkSoAx lunch
<jevidl> I am working on a project to setup centrally managed public SSH keys. I had hoped to declare multiple files in the AuthorizedKeysFile statement, but this does not appear possible on most linux implementations, and may only be available on OpenBSD. Does anyone know how to use multiple AuthorizedKeysFile's in Ubuntu, or is this simply not possible?
<SpamapS> jevidl: is that maybe a new feature that hasn't found its way to the version you're using?
<jevidl> SpamapS: it's quite possible. I didn't see it on *anything* other than openbsd, so that's the most likely answer. it'd just help me out quite a bit, so I figured I'd ask about it just in case someone had found a way, or knew of another way.
<jevidl> Unfortunately google hasn't been a lot of help. I'm well aware that I can have multiple public keys in my .ssh/authorized_keys file, thank you very much.  :)
<SpamapS> jevidl: you might look into the new project 'dotdee' that kirkland has been working on .. its good for squishing files together when a program doesn't have a '.d' capability. :)
<jevidl> It's not the end of the world if I have to change it, it's just one more thing to change on a number of systems.
<jevidl> SpamapS: thanks. I'll take a look at that!
<SpamapS> jevidl: also in Ubuntu we have ssh-import-id (ssh-import-lp-id in old releases I think) that pulls one's launchpad keys into .ssh/authorized_keys .. it would be *awesome* if your service was added to that.
<jevidl> I'll probably try to do some kind of write up on it, though i am not sure if it will fit in with the way I envision doing it.
<jevidl> At the moment I'm looking at using an read only NFS share pushed out to each system that contains public keys for each person. Since it's the *public* key I'm not too worried about the insecurity of it, and it'd let us manage public keys in just one location. Additionally, we could probably write something that triggers when a blacklisted key is used, etc.
<jevidl> If I decide that I really want to try to secure it more, I'll probably just look at setting up ipsec between the boxes.
<jevidl> So I don't think that'd probably be too helpful with the launchpad stuff. It's meant more for a local environment than for a widely distributed set of users over the internet
<TheInfinity> hi everyone ... since a (longer) while i have some problems with samba transfer speed using a lucid server + samba. its as slow as 2 minutes for 15 MB. the previous system (debian lenny) did not have this prob. same smb.conf. any hints what to do?
<jevidl> TheInfinity: Let me dig up the link...
<SpamapS> jevidl: NFS for security tokens? Are you sure you want to do that?
<SpamapS> jevidl: thats.. not exactly "safe" ;)
<TheInfinity> my smb.conf: http://paste.pocoo.org/show/404146/
<SpamapS> Think about the case where a mitm just puts their own keys in and then can login as anybody.
<jevidl> SpamapS: :) well, all it is going to be putting out there is the public key portion of SSH. Unless I have a gross misunderstanding of how that key is used, I think it should be ok since it is by nature the portion that is shared out and is dependent on the private key on someone's local system
<jevidl> SpamapS: and that's what brought me to the thought of using IPSec as well
<SpamapS> jevidl: why not just use a proven technology like kerberos?
<TheInfinity> I dont have a ralink network chipset (i found this bug @ ubuntu forums) - its an Atheros Communications Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller (rev b0)
<jevidl> SpamapS: We do that currently. I was trying to find a way to make it more convenient, and still safe. It's not a perfect idea yet, but I'm trying to find ways to make it better.
<jevidl> TheInfinity: http://www.samba.org/samba/docs/man/Samba3-HOWTO/speed.html#id2690596
<jevidl> TheInfinity The Socket Options section might have some useful tuning parameters for you
<TheInfinity> jevidl: but its the same smb.conf as used in debian lenny?
<TheInfinity> jevidl: and i already use several recommendet socket options
<jevidl> TheInfinity: as far as I know the options listed there should work fine. If those tuning things don't help, how does performance look for other TCP based protocols like FTP or even SCP?
<TheInfinity> jevidl: i'll have a look ... (installing winscp - just windows clients ... its a network 400 km away :) )
<jevidl> SpamapS: I had considered the possibility of mitm using NFS. Off hand, do you see any other major problems?
<jevidl> TheInfinity: sure :) The idea is to try to narrow down the problem to either just SAMBA, or to the systems network connection in general
<TheInfinity> jevidl: yea, the idea is great. :)
<SpamapS> jevidl: kerberos has always made things *more* convenient when I've used it....
<jevidl> TheInfinity: There's a bit of overhead on SCP since you have encryption/decryption operations happening in addition to just pushing bits around, but if there's a big difference between SMB and SCP then there's a good chance it's a smb setting that's slowing things down.
<jevidl> SpamapS: So, in my situation we use a centrally managed KRB service. I am not sure I can get ticket sharing working, which if I am not mistaken would allow SSO on systems. Is that where you're going with KRB? I know it's possible, but currently we have to sign in to each system individually.
<SpamapS> jevidl: thats basically the only reason to use kerberos, yes, SSO
<TheInfinity> jevidl: doh. 200 KiB/s
<jevidl> SpamapS: k. I will do some reading on that too. It may be an easier solution than what I'm looking at. I will say that our current setup, even without SSO, is easier than forcing each user to manage their password on every machine. :)
<TheInfinity> jevidl: uh. okay. that seems to be a driver problem.
<jevidl> TheInfinity: is that about what you were getting on SMB?
<TheInfinity> jevidl: yea
<TheInfinity> thats bad. because i dont have local access atm. -.-
<jevidl> TheInfinity: ok, Yeah, it sounds like it's possibly a driver issue, it could be a kernel tuning issue (though this would suprrise me) or it could be an issue residing in your connection between you and the remote site
<SpamapS> jevidl: are you sure it doesn't already work? try 'kinit' on your local machine, then ssh -v remote_machine and see if it uses the kerberos credentials
<TheInfinity> jevidl: its a local network. i access there via ssh. all copies are made just inside the local network.
<jevidl> SpamapS: I didn't think it did, though I'll try that :)
<jevidl> TheInfinity: gotcha. Yeah, it might be a driver problem. Is the slowness limited to this machine, or do other machines with a similar configuration also have problems? if it's limited to this machine, it might be a bad cable or switch port, something like that
<TheInfinity> jevidl: and i use -server default kernel
<TheInfinity> jevidl: its the only server there. but i can try coping from one windows maschine to another, yea.
<jevidl> TheInfinity: just something easy to check, and might save you some time
<jevidl> SpamapS: I'll look at this more. There's a GSS failure when I try to connect, so it might be something that can be remedied.
<TheInfinity> jevidl: huh! downloads just work with 200 KiB/s although its a 6000 mbit line Oo
<jevidl> a 6Gbit line?
<TheInfinity> urgh
<TheInfinity> 6 mbit. sorry :)
<SpamapS> jevidl: probably need service principals on the servers.
<TheInfinity> 6000 kbit
<TheInfinity> router says its online @ 6 mbit, 5,5 mbit usable
<jevidl> SpamapS: i'll keep that in mind. It's also quite possible that our config is out of date or misconfigured to allow that on the client side. I'll look at that side of things first, since it'll be easier work than trying to deal with the centralized IT to find out about the servers. Thanks for the suggestion though, this may save me some time.
<SpamapS> jevidl: http://www.allgoodbits.org/articles/view/24
<TheInfinity> replacing the switch could be an interesting test ...
<SpamapS> jevidl: https://help.ubuntu.com/10.04/serverguide/C/kerberos.html might be even better. :)
<jevidl> SpamapS: Thanks! I'll be sure to check out both those articles
<TheInfinity> jevidl: thanks for your support :)
<jevidl> TheInfinity: No problem at all. remember that 6Mbit is about 768 KBytes
<TheInfinity> jevidl: yea, but 200 is exacly the value which is transferred by samba / scp.
<jevidl> TheInfinity: if you're going over the internet, you might not actually reach that
<TheInfinity> jevidl: i tried ubuntu iso download :)
<jevidl> TheInfinity: yeah, it may be something in the middle throttling it down then :)
<TheInfinity> jevidl: to get sure i'll try to transfer something between 2 windows boxes
<TheInfinity> jevidl: but thats no ubuntu problem at all :)
<uvirtbot> New bug: #794337 in postfix (main) "package postfix (not installed) failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 75" [Undecided,New] https://launchpad.net/bugs/794337
<uvirtbot> New bug: #795106 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/795106
<uvirtbot> New bug: #795673 in memcached (main) "init.d restart operation can fail without proper notice if the memcached process takes a long time (> 1s) to shut down" [Undecided,New] https://launchpad.net/bugs/795673
<RoAkSoAx> /win/win 17
<RoAkSoAx> argh
<RoyK> :%s/RoAkSoAx/master_of_typos/g
<RoAkSoAx> hehe
 * slyboots needs a better understanding of the ubuntu boot process
<slyboots> My server fails to reboot correctly, but its not giving me anything helpful as to why
<slyboots> If I boot into recovery mode, it fails with "Unable to mount /" but as far as I can tell it works fine if I drop into recovery and enter teh command mount /dev/sda1 /
<jevidl> slyboots: the first thing (and probably weak theory) that comes to mind is that fstab may have an error in it?
<jevidl> slyboots: perhaps a messed up UUID for /dev/sda1?
<jevidl>  </shot in the dark>
<slyboots> jevidl: Nah I already checked that, its refercing the correct UUID for the disks
<jevidl> slyboots: sorry. It was worth a try.
<jevidl> slyboots: the only other thing I can think of is perhaps a module that's not being loaded during a normal boot, but that seems a bit far fetched.
<slyboots> aye, Since recovery mode works OK and its the samel kernel
<jevidl> slyboots: recovery fails until you manually mount it though, right? I wonder why that is
<slyboots> Not sure, according to mtab its mounting a disk that.. doesnt exist
<slyboots> "/dev/sdc5 mounted as / ext2"
<slyboots> But I dont have /dev/sdc5 :P
<jevidl> slyboots: and no reference to sdc5 in fstab? I wonder where it's getting the idea that it should be using that
<slyboots> Not a clue, /dev/sdc is part of a RAID array so there is no 5th partition on it
<slyboots> Both boot and / and mounted by their UUID's and the rest are part of a LVM
<jevidl> so /dev/sda is your boot hdd, and sdb,sdc in an LVM configuration?
<slyboots> Well b,c,d,e,f,g..
<slyboots> But yes, all the critical OS fiels are stored on /dev/sda
<jevidl> sure
<jevidl> Grub is installed on sda?
<slyboots> Yup
<Runeg> Has anyone experienced the log rotation error with MySQL on 10.04?
<jevidl> slyboots: I'm sorry, I don't have a lot of other ideas. It sounds like the drivers for your hdd controller are loading fine, and it can already use the disk by the time it's booting. As long as UUID is right, and fstab is correct, it certainly seems like it should be able to boot. More longshots might include making sure that your disk partitions labels are correct. I'd almost be tempted to suggest udev/hal, but these aren't even loaded at the point 
<jevidl> failing
<slyboots> mmm..
<slyboots> bugger
<jevidl> slyboots: sorry, I wish I had more ideas for you, but you've checked most of what I'd know to check.
<slyboots> Ok :) thanks anyway though
<jevidl> you might try asking about it in here later, there's plenty of people that are way better at this than I :)
<slyboots> heh, okay
<jevidl> btw, Runeg , saw your question but have not run into that
<jevidl> I probably should go check some SQL servers though...
<jevidl> slyboots: gotta run, good luck sorting it out
<uvirtbot> New bug: #509865 in open-vm-tools (multiverse) "Weird dependency satisfaction in open-vm-dkms with JeOS style (linux-virtual) kernel installed" [Low,Fix released] https://launchpad.net/bugs/509865
<uvirtbot> New bug: #511579 in open-vm-tools (multiverse) "Mouse cursor position missmatch with VMware" [Undecided,Won't fix] https://launchpad.net/bugs/511579
<uvirtbot> New bug: #545903 in open-vm-tools (multiverse) "Initscript does not enable timesync, misses status option" [Wishlist,Confirmed] https://launchpad.net/bugs/545903
<uvirtbot> New bug: #572335 in open-vm-tools (multiverse) "Typos in manpage for vmhgfs" [Low,Confirmed] https://launchpad.net/bugs/572335
<uvirtbot> New bug: #604998 in open-vm-tools (multiverse) "open-vm-tools (CLI tools) recommends gui tools" [Wishlist,Confirmed] https://launchpad.net/bugs/604998
<uvirtbot> New bug: #795714 in cheetah (main) "Please merge cheetah 2.4.4-2 (main) from debian unstable (main)" [Low,In progress] https://launchpad.net/bugs/795714
<uvirtbot> New bug: #626475 in open-vm-tools (multiverse) "package open-vm-toolbox 2009.07.22-179896-2 failed to install/upgrade: trying to overwrite '/usr/lib/open-vm-tools/plugins/vmusr/libresolutionSet.so', which is also in package open-vm-tools 0:2009.07.22-179896-2" [Undecided,Invalid] https://launchpad.net/bugs/626475
<RoAkSoAx> zul: ping?
<uvirtbot> New bug: #785346 in gcc-4.5 (main) "package open-vm-dkms 2011.03.28-387002-0ubuntu1.1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/785346
<uvirtbot> New bug: #787265 in open-vm-tools (multiverse) "package open-vm-dkms 2011.03.28-387002-0ubuntu1.1 failed to install/upgrade: open-vm-tools kernel module failed to build (dup-of: 776103)" [Undecided,New] https://launchpad.net/bugs/787265
<soren> smb: Did zul answer your question?
<soren> smb: If not, forget all about xen-3.3. 4.1 is where it's at these days.
<soren> smb: As for the only having an -amd64 flavour: That's because you're on 64-bit, so you have no use for the -i386 one, so it doesn't get built for amd64.
<soren> smb: The -amd64 one gets built on i386 as well, because that will let you run 64 bit domU even though your dom0 (which is where you'll install the hypervisor package) is i386.
<soren> smb: ...provided that you're actually on amd64 iron.
<raubvogel> How do you start/stop the heimdal kerberos server?
<raubvogel> I was looking for, say, stuff like heimdal-kdc but can't find it in 10.10
#ubuntu-server 2011-06-11
<jdstrand> zul: not uploading til next week, but I have done the libxen-dev for libvirt locally
<jdstrand> zul: actually scratch that-- it is still in universe
<Runeg> Has anyone experienced the log rotation error with MySQL on 10.04? "error: error running shared postrotate script for '/var/log/mysql.log /var/log/mysql/mysql.log /var/log/mysql/mysql-slow."
<Patrickdk> heh, the stock mysql on 10.04 is always crashing for me, so I use my own builds
<Slyboots> Hm, seems my proble has.. gotten worse
<Slyboots> Rebooted my server, now it just drops to a initramfs without error messages
<Slyboots> So.. no idea what the heck is wrong
<Slyboots> And I've no idea how to actually owrk initramfs
<Slyboots> OK, this is getitng somwhere now
<Slyboots> "Running /scripts/init-bottom :... Mount: mounting /dev on /root/dev failed : no such file or directory
<Slyboots> then again for /sys and /proc
<Slyboots> Target fielsystem doesnt' have requested /sbin/init
<Slyboots> no init found.
<virusuy> night all
<Slyboots> Oh this is tiresome
<warzauwynn> Slyboots: have you tried booting to a livecd, doing chroot and fixing it from there?
<Slyboots> I tinkered with grub, and managed to get the system to boot..
<Slyboots> But its not working correclty, it fails to mount / and.. well its showing data on "mount" that doesnt make sense
<Slyboots> Drives that dont exist mounted to locations and whatnot
<warzauwynn> no backups?
<Slyboots> not of the entire OS
<warzauwynn> well, just /boot
<Slyboots> Well as far as I can tell /boot is fine
<warzauwynn> ah, that sucks.  probably some corrupted libs or something huh?
<Slyboots> It just seems to be fsking up when it is mounting disks at boot
<Slyboots> but I cant figure out why
<warzauwynn> what i've done in a situation like that, assuming that the partitions are solid and the disks aren't failing, is move everything into a new folder, say /root/old-system
<warzauwynn> then re-install on the same partition.
<warzauwynn> then move shizz back into place as needed.
<Slyboots> So wipe and reinstall
<Slyboots> how very windows :P
<warzauwynn> no
<warzauwynn> haha
<warzauwynn> it's "move the system aside and re-install", which is actually very appley
<Slyboots> Either way that'll take hours
<warzauwynn> the thing is, if it's an ubuntu server, you can be back on a running system in like 15 minutes, then you'll have the tools readily available to fix the problem.
<Slyboots> And means I have to reconfnigre the entire server
<warzauwynn> yeah, well... depending on how complicated your setup is it could be a bad idea.
<warzauwynn> anyhow, just thought i'd offer a suggestion of how i've gotten myself out of a similar situation.
<Slyboots> And since I dont know what caused the problem in the first place, whats to say it wont happen again
<Slyboots> For example, if I type in "mount"
<Slyboots> /dev/sda5 on / type ext2
<Slyboots> I dopnt have a /dev/sda5, I have /dev/sdC5..
<Slyboots> And /dev/sdg1 on /media/disk type ext4 - God only knows what THAT is about
<warzauwynn> try lshw -class disk -class storage
<Slyboots> Is there a way to resize the terminal screen
<warzauwynn> at boot, yes.
<Slyboots> For some reason about 1/5 of it is OFF the edge of my monitor
<warzauwynn> oh damn, that's odd.
<Slyboots> it makes using the local terminal.. ... annoying
<warzauwynn> hmm... i used to know a tool for doing it on-the-fly...
<warzauwynn> can't remember, can't find it.  it was a long time ago...
<Slyboots> Well I ran that command anyway
<Slyboots> Its showing all the disks I have attafched with their UUID's
<Slyboots> No /dev/sdg either
<warzauwynn> weird
<Slyboots> #not really, I dont have a /dev/sdg, at least not SUPPOSED to
<warzauwynn> right
<Slyboots> Okay, Im going to walk through this.. see if anyhting comes ot mind
<warzauwynn> what about: file /dev/sd* ?
<Slyboots> the machine starts up.. rns bios.. then lauches grub
<Slyboots> so that far.. /boot/ must be mounted right?
<warzauwynn> well... so far grub knows where it is on the disk and can access it.
<Slyboots> Does the system look AYNWHERE else other than /etc/fstab for partition information
<warzauwynn> partition table
<Slyboots> Which is fine according to fdisk
<warzauwynn> i'd check sfdisk -l /dev/sd* and file /dev/sd*
<Slyboots> I can mount everything manually without any problems
<Slyboots> sfdisk only works on MBR disks, I have to use GPT
<warzauwynn> you might have real files in place of your old dev files.
<warzauwynn> damn
<warzauwynn> i didn't know that, haven't done GPT in linux yet.
<Slyboots> Oh hold on.
<Slyboots> My / and /boot are mbr
<Slyboots> okay, sfdisk shows the partition table, file lists it as "Block special"
<warzauwynn> so it shows /dev/sdg for block special, but nothing listed for sda or sdb?
<Slyboots> Well for /dev/sdg its No such file or directory
<warzauwynn> well that's Æ weird.
<warzauwynn> isn't /dev/sdg mounted on /media?
<Slyboots> According to mtab
<warzauwynn> lol
<Slyboots> There ISNT a /dev/sdg though
<Slyboots> There SHOULDNT be
<Slyboots> I dont have that many disks
<Slyboots> I dont know where the hell its getting this disk from
<warzauwynn> how'd this all happen?
<Slyboots> AHHH FUCK IT!
<Slyboots> The power went out x.x
<Slyboots> It was working 101% for weeks
<Slyboots> Powercut, turned it back on "AGGGH! PANIC STATIONS!"
<Slyboots> Im just going to nuke it
<Slyboots> If I have to rebuild that Raid6 again though...... *exhale*
<warzauwynn> =/
<Slyboots> Might try Arch or something
<Slyboots> Rather fed up with ubuntu now :D
<warzauwynn> try centos
<Slyboots> Whats that?
<warzauwynn> it's a redhat based distro.  rpm package format managed through yum.
<Slyboots> I would love to try FreeNAS, but I dont know enough about FreeBSD to work it
<Slyboots> Eh.. I realy like apt
<warzauwynn> i gave it another go recently, after years of using debian and ubuntu, and was pleasantly surprised.
<warzauwynn> technically your'e not supposed to use the cli on freenas though
<warzauwynn> freenas 8 is great though, if you have a 64 bit system.
<warzauwynn> i have two freenas boxes running 8 on zfs.  64-bit has been solid as a rock.
 * Slyboots uses his sever for dhcp and dns though
<Slyboots> and irc :D
<warzauwynn> well, zfs is Æ awesome.  i don't think it'd be too hard to get irc, dhcp and dns running on freebsd.
<warzauwynn> plus, freebsd has some neat tools that are handy to know.
<Slyboots> But I cant damange the LVM x.x
<Slyboots> Although I might be able to mount it and do a backup, but christ almighty rebuilding its a pain in the butt
<warzauwynn> bleh.  lvm is over-rated unless you have a huge linux installation.  that's my opinion anyway... i'm sure a lot of people love it, but i'm happier without it.
<Slyboots> warzauwynn, 10tb?
<warzauwynn> zfs will do 10tb
<Slyboots> Nah U'll stick with linux
<warzauwynn> i can't wait for linux to get a more modern implementation of zfs. :)
<Slyboots> Need other stuff like Sabnzbd, rtorrent..
<Slyboots> Too much stuff that I dont wan tto  spend weeks refaffing about
<warzauwynn> yeah
<Slyboots> back to ubutnu.. x.x
<warzauwynn> or centos
<Slyboots> I dont wana risk trashing the mdadm array
<warzauwynn> ah
<Slyboots> With a fresh install I should be able to simply say "remount it"
<Slyboots> And should work
<Slyboots> .. in theroy
<warzauwynn> try it from a livecd
<warzauwynn> the desktop livecd, i mean.
<warzauwynn> i'm really happy that ubuntu has kept a reliable livecd, they're so useful.  i just wish it had vim on it.
<Slyboots> Aye, will.. faff around with it some
<Slyboots> Got to get the backup network online to restort net connectivy before the natives get restless without their facebook fix :P
<warzauwynn> haha
<sarthor> HI, i am not able to run my dhcp, my configuration is here, please guide me if some friend afford to give a little time,  http://pastebin.com/geuNCfLf using ubuntu server 11.04
<smw> sarthor, first result on google. looks like what you want. http://www.linuxquestions.org/questions/linux-networking-3/no-subnet-declaration-for-eth0-when-runnig-dhcpd-632686/
<sarthor> smw, i read you given link, and i already googled also, but no success for me, and I really first do googling, after that i use to come here for asking seniors,  Any more help?
<smw> sarthor, sorry, I don't know much about dhcp... I let the router do it :-P.
<sarthor> ok
<sarthor> Hi, the old commands of starting / stoping squid, dhcpd, commands are not wroking in my Natty, even service dhcpd restart or service squid restart is also not working, how to do that in Natty?
<bobobobbobob> I am creating a Ubuntu VM server and want to move a bare metal server to a VM.  Any late night reading I should do before I get started?  I was going to try to make a clonezilla copy of the ubuntu bm server and then use clonezilla.iso to put it in the VM.
<uvirtbot> New bug: #776103 in open-vm-tools (multiverse) "package open-vm-dkms 2011.03.28-387002-0ubuntu2 fails to build against 2.6.39 kernels, due to missing linux/smp_lock.h" [High,Triaged] https://launchpad.net/bugs/776103
<owen1> can someone hit my wiki and tell me if he can see it? http://76.172.9.207:3000/
<uuser123> i have installed KVM on ubuntu 10.04 and i was able to installed windows 7 on that and was able to boot/reboot/shutdown many time but when i remove the dvd of windows 7 from dvd drive i am not able to load windows 7
<uuser123> Error starting domain: unable to open disk path /dev/sr0: No medium found
<RoyK> uuser123: check boot options - is the vm set to boot from the harddisk?
<uuser123> ok
<uuser123> sorry had a phone call
<uuser123> RoyK: can u please tell me how do i check that
<uuser123> yes its harddisk
<Jeeves_> You sometimes need to really stop the domain before it starts using new settings
<Jeeves_> also, if there is still a disk 'connected' to the virtual cdrom
<Jeeves_> you should disconnect it first
<uuser123> yes
<uuser123> thankssssssssss
<Jeeves_> :)
<uuser123> that fix the problem
<Jeeves_> Good
<uuser123> i have 3 nics on this ubuntu server 10.04 i want to configure them using GUI how do i do that ?
<Jeeves_> No clue. I don't use the GUI for that
<uuser123> i am planning to install software utm (unified thread mgmt ) software on that and later windows
<Jeeves_> I just create bridge interfaces and work like that
<uuser123> i want utm to be configure as a INTERNAL network ,EXTERNAL network ,and DMZ network
<uuser123> gateway will be utm
<uuser123> at present i am doing this but i have to use two differant system ,i am planning to do it with kvm or xen
<uuser123> has any one install ubuntu server on dell insparion 15r -2nd gen laptop
<Jeeves_> No, but i'd expect it to work fine
<uuser123> ok
<uuser123> Jeeves_: is it true ,i was told to use 10.04 instead of 11.04 as 10 is more stable
<Jeeves_> 11.04 sucks as a desktop (imho)
<Jeeves_> Don't know about the server
<Jeeves_> Ubuntu is going downhill on the Desktop. Unfortunatly
<uuser123> ic
<Jeeves_> 10.04 is an LTS, which might be more interesting for servers
<Jeeves_> however, for KVM and virtualization stuff, the newer versions might be more stable and more advanced
<uuser123> ok
<uuser123> i had problem with 11 on kvm there was some known bug
<uuser123> i am able to ping from dos terminal from windows 7 but i am not able to access internet what wrong i am doing ?
<floown> hi
<floown> I'm just change the MX in my control panel to point to my dedicated server, I can't receive mail trough my gmail account. Should I wait the dns propagation?
<floown> the error Gmain return is : The error that the other server returned was: 550 550 sorry, no mailbox here by that name (#5.1.1) (state 14)
<floown> I have made a dig MX mydomain.tld it seems good (I have adapt to match myanotherdomain.tld)
<RoyK> floown: check the server log files
<floown> RoyK: in /var/log ?
<RoyK> yeah
<floown> RoyK: what file ? ^^ sorry
<floown> cat mail.err is empty
<RoyK> what about mail.info?
<RoyK> or mail.log
<RoyK> the returned mail says "no mailbox here", meaning it reached a server and was returned
<RoyK> floown: what's the domainname?
<RoyK> floown: thanks, and btw, it's not very insecure to post a domainname on irc - bots around the globe will be trying to break in as soon as the MX is registered :P
<floown> ^^
<uvirtbot> floown: Error: "^" is not a valid command.
<floown> uvirtbot: oO :p
<uvirtbot> floown: Error: "oO" is not a valid command.
<floown> â¦
<RoyK> floown: it's one of the fundamental laws of the internet - once a host is known, such as for google or listed as an MX, something or someone will try to break in
<RoyK> btw, I can reach the server
<RoyK> 220 giseh.amipicto.com ESMTP Postfix (Ubuntu)
<RoyK> if that's the right one, that is
<floown> so what's wrong ? We can send mails truth the command line to the new account. But if I send a mail truth my gmail account it return The error that the other server returned was: 550 550 sorry, no mailbox here by that name (#5.1.1) (state 14)""
<floown> RoyK:
<RoyK> floown: can you create a test user to which I can try to send an email?
<RoyK> floown: check that email address - and btw, it's another fundamental law of the internet - even if you never paste an email address or give it away, the chances are immense some spambot will find it anyway ;)
<RoyK> I mean, check the inbox to that one
<floown> RoyK: ok Roy I have your mail ^^
<floown> thx
<RoyK> floown: if the mx was set to something else earlier, it may take a few hours before the new settings are propagated throughout the net
<floown> in fact I have change the imap.domain.tld to the another one
<RoyK> dns is cached in many levels
<floown> ah ok !
<floown> so I have just to wait!
<floown> :p
<RoyK> the test I did was looking up in dns and manually telnetting into port 25, as you could see from the pastebin
<RoyK> that's testing if things work
<RoyK> without caching
<RoyK> or perhaps 'bypassing all sorts of caching'
<RoyK> from 'dig soa grundmann.pro' I can see the 'retry' timer is set to 3600, 1 hour
<RoyK> so it shouldn't take too long
<floown> thank a lot for your lesson and advices, I will do a report to my futur blog for share it with another
<floown> * thanks
<floown> RoyK: do you have a book to advice to understand more about sys admin on Debian or Ubuntu?
<RoyK> floown: there are several out there - ubuntu has its server guide, which covers the basics
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<RoyK> floown: apart from that, unix systems in general are something you have to learn to deal with - use them often and you'll learn
<floown> omg this page seems to be rich!
 * RoyK didn't understand much when he first installed his initial Linux machine either, back in 1994 :P
<floown> ^^
<uvirtbot> floown: Error: "^" is not a valid command.
<floown> bookmarked
 * RoyK slaps uvirtbot 
<floown> :p
<RoyK> btw, if you want an easy-to-use mail service, and you have sufficient to setup a VM with 1-2GB RAM and some disk space, zimbra is an excellent choice (imho)
<RoyK> it'll require a dedicated server or a virtual machine, though
<RoyK> floown: how much memory do you have on the box?
<RoyK> or /in/ the box, even
<floown> RoyK: on my dedicated server?
<floown> (sorry I'm just learn what is Zimbra)
<RoyK> http://www.zimbra.com/
<floown> http://pastebin.com/6Nfv9kGv RoyK
<RoyK> ok, forget about a zimbra VM, then
<floown> ^^
<uvirtbot> floown: Error: "^" is not a valid command.
<RoyK> zimbra is nice, but a bit on the heavy side
<RoyK> 2GB is ok for a Zimbra machine, but it's a dedicated install, so running other services will be troublesome
<RoyK> 1GB might do as well, though - try setting up a VM for it if you're curious
<RoyK> apt-get install kvm virt-manager
<RoyK> and just run virt-manager :)
<floown> in two month we will change our server, http://www.kimsufi.com/fr/ ------> Kimsufi 24G seems to be a good choice
<A-KO> any word/updates on a patch for http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-1938.html ?
<uvirtbot> A-KO: Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938)
<RoyK> ouch - that was an ugly one
<RoyK> floown: 24GB should be sufficient for a *lot* :)
<RoyK> floown: 16GB too
<RoyK> floown: with 16GB, you should be able to run 10+ VMs
<RoyK> or a lot more, depending on how much each will need
<RoyK> btw, for that i7 setup, hyperthreading probably won't help much unless the server only runs apache/mailserver or other tasks that won't use much memory - hyperthreading effectually cuts the amount of cache memory available per core in two, so for memory intensive jobs, it'll slow things down
<RoyK> (if using all threads, that is)
<RoyK> and btw, find a good backup solution when you're at it :)
<Xago> Hi people...wherever you are ;)
<Xago> I'm installing a server with ubuntu obviously ;) but my primary question is: what gui client should I install and configure to run multiple OS's?
<Xago> I'd installed from repository vmware....s and xen...s. I still don't get run anything. Why? :(
<rewt> they way it's set up sometimes is that the server itself does not have a gui, but you can connect from another pc via vnc or similar to see the desktop of the vm
<rewt> desktop/console of the vm
<Xago> I connect to server via RDP, but I need to install at least to VM's into this server
<T3CHKOMMIE> hey guys i was wondering if anyone knew of a way to serve up free bsd and ubuntu server on the same box at the same time.?
<Xago> as ubuntu desktop...I use Virtualbox OSE...but in server....is the same thing?
<T3CHKOMMIE> Xago, im looking for kinda a hypervisor type deal, but im trying to run it on some atom hardware.
<RoyK> Xago: virt-manager is good
<RoyK> Xago: install that and kvm
<RoyK> works like a dream
<Xago> virt-manager is GUI?
<RoyK> yes
<Xago> are into reps?
<RoyK> apt-get install ...
<RoyK> just enable ssh x11 forwarding and it'll work well
<T3CHKOMMIE> RoyK, i have heard of kvm but dont have any exprience, im trying to run pfsense and ubuntu server on an atom board for home server and router box. you think kvm can do that? is it easy to set up?
<RoyK> if your workstation is a windows box, you'll need an x server, something like x-ming
<RoyK> T3CHKOMMIE: it's trivial to set that up
<T3CHKOMMIE> RoyK, trivial?
<RoyK> yes, trivial
<RoyK> as in easy, non-problematic, a stroll in the park
<T3CHKOMMIE> ok, i just dont want to deal with freeBSD i like bash and ubuntu server alot more. unfortuatly my router softare is bsd and i rather be hosting bds from ubuntu. if thats even possible.
<RoyK> T3CHKOMMIE: it should be quite easy
<Xago> RoyK, you said "just enable ssh x11 forwarding and it'll work well"...how should I do that? thanks
<RoyK> Xago: what's the OS on your workstation?
<Xago> ubuntu
<RoyK> then just ssh into the server and start virt-manager
<RoyK> x forwarding should be enabled by default
<Xago> but I have a colegue
<Xago> with Windows
<RoyK> if not, ssh -X machinename
<RoyK> Xago: then use x-ming and enable x11 forwarding with putty
<Xago> last one is for Windows user, right?
<RoyK> yes
<Xago> RoyK, ok...I'll see now
<Xago> RoyK, I'd installed virt-manager....now I'm connected to my ubuntu server...good on this step...but...when I try to use my local CD to install another OS, this doesn't recognize the unit.
<Xago> RoyK, when I try to use ISO image, appears a window pop-up but does not allow me search into my machine :(
<RoyK> upload the iso file to the server
<RoyK> scp or pscp or ftp or something
<Xago> ok...I got it ;)
<Xago> RoyK, is it possible to virtualize a server already working, I mean convert to VM and mount into this Ubuntu?
<RoyK> there are some p2v tools around, but I don't know about bsd
<Xago> not only as a new OS and start configuring it?
<RoyK> google for p2v kvm
<Xago> bsd?
<Xago> ok ;)
<RoyK> Xago: oh - thought you were the one using bsd...
<RoyK> anyway - p2v tools exist, but mostly, I just reinstall and reconfigure unless it's a windoze machine
<RoyK> windows tools for p2v are available from mickysoft
<Xago> Mickysoft ....hahahahaha cool ;)
<Xago> I don't use Mickysoft :P
<Xago> except some specific proprietary servers  ;)
<Xago> I'm using Xenserver, but not really happy with this solution yet. Additionally, if we want this tool really works to make p2v, we have to purchase PRO version. :P
<RoyK> Xago: kvm is better than xen imho
<Xago> OK....that's why I'm trying to learn and use Linux directly with virtualization
<Xago> and grateful with your help and tips ;)
<Xago> RoyK, I don't know what I am doing wrong :(
<Xago> I cannot create a new virtual machine...not reading cdrom or iso, anyway
<Xago> nor local neither remote
<Xago> in fact, local does not connect...says smoething is not running
<RoyK> start kvm then
<Xago> kvm is associated to aqemu
<Xago> RoyK, back soon
<uvirtbot> New bug: #795983 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: el subproceso script pre-installation nuevo devolviÃ³ el cÃ³digo de salida de error 128" [Undecided,New] https://launchpad.net/bugs/795983
<Xago> RoyK, I'd rebooted virt-manager....and now connected locally...anyway, when I try to start CD into the server appears an error: "Checking installer location failed: Could not find media '/dev/sr0'"
<Xago> RoyK, I see the drive on that option as reading correctly. what's wrong?
<Gerd_Rogling> Hello i have Ubuntu server 9.04 and upgrading to ubuntu 9.10 but i have install the desktop in the server edition to be able to upgrade to 9.10. Is it to use sudo apt-get remove ubuntu-desktop to remove the desktop function?
<Gerd_Rogling> - //Dynamit
<Xago> why installed gnome to upgrade version?
<Xago> and why you want remove it now?
<Dynamit> im not allowed to use the sudo do-release-upgrade becuse the ubuntu is to old for upgrade to the newest
<Dynamit> and i want a clean ubuntu server
<Xago> why server version should not have GUI running?
<Xago> it is faster to manage
<Dynamit> is mutch slower boot
<Dynamit> as one example
<Xago> linux works independently of gui
<Dynamit> but my server take about 7 sec whitout the gui to start the web server it take about 17 sec more whit the gui
<Xago> oooopssss...
<Dynamit> yes that's why
<Xago> diff: 10 secs
<Dynamit> im running web server's and it need to load the sql and apache as fast as it can
<guntbert> Dynamit: ubuntu-desktop is only a meta-package, removing it will not remove anything
<guntbert> nox | Dynamit
<Dynamit> i will use tasksel later i got help from the swedish channel
<guntbert> Dynamit: don't use tasksel to remove anything, it *will* damage your system!!!
<guntbert> !tasksel | Dynamit
<ubottu> Dynamit: Tasksel is a Debian/Ubuntu tool that installs multiple related packages as a co-ordinated "task" onto your system, see https://help.ubuntu.com/community/Tasksel for more information. Use tasksel only to INSTALL tasks, not to remove them. It will remove every package listed within the removed task! see https://launchpad.net/bugs/574287
<uvirtbot> Launchpad bug 574287 in tasksel "tasksel: forcefully removes packages when tasks overlap" [Undecided,Confirmed]
<Dynamit> how to remove the desktop easy then becuse i want a clean ubuntu server not dam gui in it
<guntbert> !nox | Dynamit (sorry, I mistyped before)
<ubottu> Dynamit (sorry, I mistyped before): To start your system in text-only mode append 'text' (without the quotes) to the kernel line in the grub menu. You can access the grub menu by pressing Esc (Grub legacy) or Shift (Grub2) during boot. For more info see https://help.ubuntu.com/community/BootOptions#Text%20Mode
<Dynamit> thx
<Dynamit> as I said would have removed ubuntu-desktop due. I want to have clean ubuntu server
<guntbert> Dynamit: see http://ubuntuforums.org/showthread.php?t=1062261
<uvirtbot> New bug: #785171 in samba (main) "Samba works or may not work quite random" [Undecided,New] https://launchpad.net/bugs/785171
<crohakon> Anyone here able to give me some help with jailkit (using ISP Config 3.) I need to allow a user to use the java command in ssh.
<cladd> hey, could someone give me a hand with a server 11.04 install problem?
<guntbert> cladd: just ask your question and see if someone bites
<cladd> i verified the disc from the boot menu, and i can boot the desktop live cd just fine
<cladd> after i choose my keyboard layout it scans the disc for some things, loads some other things, and then promptly does nothing
<cladd> goes to a blank purple screen
<cladd> i can switch consoles, so i know it's not panicked, but the install just hangs
<guntbert> cladd: do you get a kind of log on any of the consoles?
<cladd> when i switch over all it says is something to the tune of press enter to activate this console
<guntbert> cladd: then do it, there is already a running linux
<cladd> ok, watched it try one more time
<cladd> stops after enabling the NIC
<cladd> and i did a tail on /var/log/syslog and i get something to the tune of can't load the NIC firmware
<cladd> brb, grabbing the model number
<cladd> it's a realtek r8169
<cladd> it says that, then has a few lines about I/O on the floppy drive (which doesn't exist), then a quick message about the raid controller
<guntbert> cladd: sorry, I'm obviously not able to really help - just for the future: it helps putting the nick of a person you are speaking to into the line, so they will be alerted to your answer/question
<cladd> guntbert ok, thanks
<guntbert> cladd: no problem :) and Good luck :-)
<cladd> http://blog.grumblesmurf.org/2011/05/fixing-realtek-networking-on-ubuntu.html - "hope for the 8168, the 8169 driver doesn't even compile without the changes this guy details"
<cladd> it doesn't look good.
<cladd> disabled the onboard NIC in the BIOS and the setup goes on, complaining about no NIC card
<cladd> looks like that's the issue
<guntbert> cladd: so at least you found the culprit
<cladd> guntbert yeah, i'm hopeful i can get it installed, and work out the NIC issues from there
<guntbert> Good luck :-)
<cladd> guntbert as far as installing the root FS to a flash drive, do you know what FS is recommended? will ext3 work?
<guntbert> cladd: sorry, no idea -- I'd have to google myself and am a little too lazy for that right now :)
<cladd> guntbert thanks, i'll keep on digging :)
<jmarsden> cladd: I'm not an expert on solid state drives, but from memory, ext2 (no journalling) is often preferred because journalling can lead to high wear on one part of the device (the journal file), theoretically leading to early failure of the device.
<cladd> guntbert ah, that makes sense
<cladd> guntbert i went ahead and formatted it ext4 :\
<cladd> guntbert ever heard of backing a filesystem down from ext4 to 2 or 3?
<luite> recent ssd's have very good wear leveling
<luite> so no need for that
<luite> unless you have a very low cost or embedded ssd that doesn't have this
<cladd> it's not an SSD, unfortunately
<cladd> just a cheap flash drive
<luite> oh right, then it can make a difference :)
<cladd> maybe i should invest in a small SSD
<guntbert> cladd: please use the nick of the person you are talking to :)  - loss free conversion 4->3(3) is not possible I believe
<cladd> luite i originally was going to just install ESXi on a flash drive, and use the RAID array entirely for VMs
<cladd> luite but had some compatibility problems so i decided to go ubuntu
<luite> yeah a small sata ssd would make things easier
<luite> otherwise maybe ext4 for / and logfs for /var
<cladd> luite logfs?
<luite> cladd: yeah there are a few filesystems optimized for flash drives
<cladd> luite wow, never heard of them before
<luite> it only really matters if you do a lot of writes, so if you mount / with the noatime option, I think ext4 should be fine. you should check though :)
<cladd> yeah, i'll definitely have to make sure noatime is on
<cladd> luite to be honest, i probably wouldn't be too heartbroken if my $8 flash drive died, though
<cladd> luite probably wouldn't enjoy re-building the system, though
<luite> hehe
#ubuntu-server 2011-06-12
<T3CHKOMMIE> hello all!
<T3CHKOMMIE> is anyone here?
<lullabud> i'm here.  partly.
<T3CHKOMMIE> lullabud, thanks for responding.
<T3CHKOMMIE> im testing some software and i was worried it was blocking me from IRC
<Lobo29> Trying to install 8.04 on HP DL360 G3, flashes the ubuntu logo and then blank screen, any way to force other boot options ?
<lullabud> Lobo29: i've got 8 running on that machine, didn't have any trouble.  you sure your media works?  cdrom works fine?
<lullabud> Lobo29: one alternative would be to mount the ISO via the iLO card, if you have that option.
<lullabud> also you could try booting from a usb key.
<Lobo29> lullabud, well, not 100% sure  about the cd, just made it, could try it on this laptop i guess
<lullabud> Lobo29: when in doubt, burn slower.
<T3CHKOMMIE> Lobo29, is the cd a cd Rw?
<Lobo29> i'm using cd-r
<lullabud> well, i have several DL360's and i've never had problems with any cdr i've thrown at them.
<malev> friends! I'm setting up an Ubuntu server to host 2 php websites wiht mysql. I have 512Mb of RAM. What do you thing I'm short with it or will work fine? I'm not planning to have many visits, 200 at most per day
<Lobo29> i loaded 11.04 on this once, but it has issues on bootup, so i'm trying 8.04
<T3CHKOMMIE> Lobo29, ok good, ive had like 100% failure booting off my crappy cheap RW's ive also downloaded a fair share of corrupted ISO's did you boot into disk check?
<T3CHKOMMIE> malev, id shoot for more ram.
<Lobo29> t3chkommie; did not boot into check disk
<malev> T3CHKOMMIE, what about 1Gb?
<lullabud> Lobo29: i wouldn't expect that, they're not exactly new machines, and ubuntu is good about getting hardware support for most hardware, so even if you don't have the same hw setup as mine i'd expect it to work.  are you sure it's not a hardware problem?
<lullabud> malev: if you're just running LAMP, no java or X, that might be fine.  more ram is always good.  just keep an eye on your memory and pages
<malev> lullabud, no java or X, just LAMP. oks, thanks!!
<T3CHKOMMIE> malev, ive run the crap outa a webserver serving ampache and 5 websites, but its only a family site so not nearly 200 ppl/ aday. that machine had 2 gb and ran really smooth. 1gb i think would be safe aslong as you dont install a gui and keep the services to a minimal. ive never run ubuntuer server on less than 2 gb. but i know it can be done.
<Lobo29> lullabud, well, this is my first server attempt and i'm somewhat noob at linux.  did more unix years ago.  tried 11.04 on Dell 1650, didn't work out either
<malev> T3CHKOMMIE, thanks dude!!
<T3CHKOMMIE> malev, yw
<T3CHKOMMIE> :)
<Lobo29> i'm hoping i can make 8.04 work on this to make a clonezilla server i need desperately
<lullabud> yeah?  i rather like 11.04, even as a desktop.  9 was a solid release too.
<Lobo29> 11.04  works very well overall on this latitude d510
<lullabud> haha, i've got it running on nearly the same laptop
<lullabud> i'm really happy with the 11 gui.  first linux distro in years where the GUI didn't drive me crazy within minutes.
<Lobo29> i've got 500 toshiba nb505 and 500  lenovo x120e i have to image with 11.04
<T3CHKOMMIE> ive got me a XBMC install running on an atom board also serving up zoneminder, ampache, apache2 with drupal all in an aquarium filled with mineral oil :) soooo quiet!
<lullabud> holy hell dude
<lullabud> pictures?
 * lullabud is diggin' the frisky radio selection this afternoon
<T3CHKOMMIE> http://t3chkommie.com/?q=first_case_mod
<Lobo29> T3chkommie must be speaking russian, didn't catch one word of that :P
<T3CHKOMMIE> doesnt get above 140 deg F. doesnt make a sound i run it 24/7
<T3CHKOMMIE> lullabud, check out the above link. i only have one photo so far, but ive got tons more i just havnt uploaded yet.
<lullabud> damn, that is seriously awesome
<Lobo29> Dude thats just crazy
<T3CHKOMMIE> lullabud,  thanks its my baby :)
<lullabud> use a tripod without the flash next time, long exposure.  it'll make the photo look better, show off the glow of the LED's on the motherboard and stuff.
<Lobo29> i need to grab an ac strip
<T3CHKOMMIE> eventually im going to rip out the rom and put in BD
<T3CHKOMMIE> lullabud, good idea, i took it with my HTC evo just before running to class. ive got some better ones at night, they are just really dark and kinda blurry.
<T3CHKOMMIE> everything is in that box, psu inlcuded! ive been running it since feb. so far so good :)
<T3CHKOMMIE> i love ubuntu server! great stuff. suppoer is awsome and i love linux. unix, not so much. still having a hard time with some firewall oses. but i love my ubuntu server :)
<lullabud> yeah man, ubuntu is pretty Æ awesome
<lullabud> been using it in production since 05
<T3CHKOMMIE> nice
<T3CHKOMMIE> im really digging the new natty ui too. but my heart still rests with cli.
 * lullabud concurs
<Lobo29> ok guys, here's just another one of my quirks that has been happening
<Lobo29> I have a dell monitor that works great, until finish install and then reboot, at os start i get "can't display this video mode" so
<Lobo29> then i switch to my sony monitor, it sees past the  os start, but then the 11.04 has errors
<lullabud> Lobo29: i think you're talking to the wrong guys, two self professed CLI junkies.
<lullabud> i, for one, know nearly nothing about configuring X.
<T3CHKOMMIE> Lobo29,  are you isntalling 11.04 server?
<Lobo29> so, now i'm back to my dell monitor and my 8.04 install is staring ok
<Lobo29> t3chkommie, i wanted to, but had issues, so was trying 8.04, hoping it would go better
<lullabud> Lobo29: have you tried 9?
<T3CHKOMMIE> i bet you have bad ram.
<lullabud> or 10?
<lullabud> there's always the memtest option at boot...
<Lobo29> i'm jumping from 11.04 to 8, cause reviews seemed to be good about 8 working with this hardware
<T3CHKOMMIE> i had to pull a ram stick out of my box this morning cus it went band and everything would go great untill the os started loating... then BAM blurry screen freezes, lockups. spent about and hour thinking it was a bad onboard gpu... then i started to pull ram one by one. and found that bad one.
<Lobo29> this was function fine as a windows server taken from our data center
<Lobo29> it booted fine to windows this morning before i started the ubuntu install
<T3CHKOMMIE> are you installing via wubi?
<Lobo29> from ced
<Lobo29> cd
<Lobo29> reconfiged to raid 0
<Lobo29> is only change i made
<T3CHKOMMIE> oh you got a raid card on that bad boy?
<lullabud> it's a proliant rackmount
<Lobo29> right
<Lobo29> and the raid my be my issue also
<Lobo29> altho, it doesn't explain my video issues
<lullabud> Lobo29: one thing i dislike about the proliant's is that you have to license the functions of their iLO, whereas with dell once you buy the DRAC you just get all the functions for free.
<lullabud> i've used DRAC to load up the OS off an ISO mounted from another machine, but I went to do the same thing on HP and it was like "buy a license for iLO remote media!"
<lullabud> $#!T licenses....
<T3CHKOMMIE> Lobo29, ive only delt with powerEdge and home pcs, dont have any exprience with proliant, but i would redownload the iso and try installing it on a VM first, that way you can narrow it down to hardware or software.
<Lobo29> well, i know what your talking about, altho its a bit over my head
<Lobo29> t3chkommie, i have a dell pe 1650, that had issues with the 11.04
<T3CHKOMMIE> really?
<T3CHKOMMIE> oh, i guess everything i was running on my pe was ontop ot ESXi so maybe thats why? thats strange man, are you comfortable with the VM thing? i can probbaly walk you through it if you got the time.
<lullabud> Lobo29: with dell, you just drop the ISO on another machine, run racvmcli -r dracIP -u user -p password -c ./media.iso
<Lobo29> t3chkommie,  i don't have any vm software atm
<lullabud> then power on the dell and it boots over the network from the ISO as if it were a cd in the drive.
<Lobo29> what are some options i can get for vmware ?
<T3CHKOMMIE> virtual box ;) free fast, and a great way to do some testing. i use it ALL the time.
<lullabud> really Æ sweet.  you can do the same thing with HP, but you have to pay. =/
<lullabud> Lobo29: esxi is free
<T3CHKOMMIE> esxi rocks!!!!!
<lullabud> kvm on linux.
<T3CHKOMMIE> XenServer (citrix_
<lullabud> check out eucalyptus, it's integrated with ubuntu.
<T3CHKOMMIE> virt-manager
<T3CHKOMMIE> i head thats pretty nice... kinda like VB but cli. i was thinking about using that next week.
<lullabud> T3CHKOMMIE: there are gui tools to interface with it
<lullabud> something like eucalyptus would be better in this situation because in order to admin ESXi, you need windows.  le suck.
<Lobo29> K, i'll check those things out, TY
<patdk-lap> you don't need windows :)
<patdk-lap> but windows makes it so you don't need command line
<lullabud> patdk-lap: well, you can't get a virtual console to mount local media to do an OS install from the CLI.
<Lobo29> and i'm sucko at cli
<Lobo29> working on it
<patdk-lap> lullabud, ya, no console
<patdk-lap> and if you use vcenter, it's worse
<lullabud> man, i was looking at how solaris zones work in conjunction with zfs snapshots.  that shizz is sliiiiick
<lullabud> ...not that i'm a solaris fan, but i love me some zfs.
<lullabud> and zones is an interesting way to "virtualize"... if it's even considered that.
<T3CHKOMMIE> apparently freebsd flavors have integreated zfs
<T3CHKOMMIE> so no more open solaris ;)
<lullabud> yeah man, shizz is hot
<lullabud> they're catching up to solaris quickly too.
<lullabud> anxiously awaiting freebsd9
<lullabud> the zfs in 8 doesn't support de-dupe, but 9 will
<T3CHKOMMIE> hu, good to know, im still not all that great with freeBSD. its a bit different that Ubunter Server.
<lullabud> zfs is incredibly memory hungry though, mostly good for a dedicated fileserving box, or a box with limited other roles.  sun recommends 1gb ram per 1tb disk.
<lullabud> T3CHKOMMIE: check out freenas, it runs on freebsd8 off a usb stick and turns a system into a zfs server.
<lullabud> web-based interface.  cli is available but not recommended.
<T3CHKOMMIE> lullabud, ya i was reading about that last night, im trying to get into freeBSD more so im looing at all the neat stuff out there. i got a nass at home running freebsd just not sure what flavor... its a anchient intel nas from tiger direct (barf)
<lullabud> supports auto snapshots, hot-adding disks to the raid, smb, nfs, afp
<lullabud> huh
<lullabud> hack it!
<T3CHKOMMIE> oh man i love hot swapping me some drives!
<T3CHKOMMIE> lullabud,  already looked into it ;) not really worth it now. hardware is only sata 1.5 compliant so write speeds in a RAID-5 are attocious!
<lullabud> T3CHKOMMIE: the swapping is still rough in freenas, unfortunately.  you can remove a drive, but getting a replacement back in its place is tough.  i was testing that out two weeks ago and had success, but a rough time.
<lullabud> meh.  oh well.
<T3CHKOMMIE> oh bummer.
<T3CHKOMMIE> i guess thats what raid cards are for hu?
<lullabud> honestly, software raid is pretty good in sata.
<lullabud> for instance, zfs raid mirroring allows you to get increased read speed by reading from both disks
<lullabud> so you get the read speed of a stripe, but the write speed of a mirror.
<T3CHKOMMIE> oh man i had a soft raid on a 6 ht 1 tb raid 5 tank on me... absolute night mare to try to rebuild!
<lullabud> see? that's the other big bullshit
<lullabud> repairing raid is such a pain in the ass
<T3CHKOMMIE> oh yeah.
<lullabud> i'd rather forget the individual hardware configs for different raid cards and have one familiar CLI to do repairs from.  <3 ZFS
<lullabud> raid cards are great for when you have 100 of the same exact machine, but for small IT shops with cobbled hardware, what a nightmare.
<T3CHKOMMIE> i was rebuilding the array cus a member failed... (soft intel raid) second hdd "failed" but didnt really... the HOLE raid was degreaded and i was trying to recover 1tb of data from it cus the DB that i replaced wasnt backing up anything important for our "backup solution" longest 4 days and 4 nights w/o sleep  in my life!
<lullabud> oh man, that sucks.
<T3CHKOMMIE> ya it did.
<lullabud> that'll make you invest in a full-system backup solution.
<T3CHKOMMIE> and EVERYONE in the company was asking " when do we get email back..." like every 10 minutes... its like.... i havnt slept in 4 days! leave me alone!!!!!
<T3CHKOMMIE> never left the server closet man.....
<lullabud> ugh
<lullabud> i had a situation not as bad as that... 24 hours in a data center.
<T3CHKOMMIE> oh yeah they were crap and they were so cheap i had to bend over backwards and kiss alota ass to get my replacement pe2790.... it was only $3000!!!!
<lullabud> shortly afterwards my team was decimated and i was the last man standing...
<lullabud> and shortly after that i was on a two month vacation to asia with no job. :)
<T3CHKOMMIE> oh man dude, nightmares!
<T3CHKOMMIE> ah, asia is nice :)
<lullabud> i said "screw this!" and quit, hahaha
<T3CHKOMMIE> yup as soon as i got their dell up and running i GTFO'ed
<lullabud> T3CHKOMMIE: man, yeah...
<lullabud> if your boss doesn't get your back in the disaster scenarios, you gotta get your own back.
<T3CHKOMMIE> wasnt worth it trying to keep their sinking servers alive... i was the only IT guy and the stress was killing me.
<lullabud> yup.  been there.
<lullabud> i worry that i might be there right now, haha
<lullabud> keeping a watchful eye...
<T3CHKOMMIE> yup, he was being a uber douche. kept calling in  "friends" that had no diea what was going on "o0h ya your raid tanked cus you got a virus in your bios"... wHAat?!
<T3CHKOMMIE> lol
<lullabud> lol
<T3CHKOMMIE> stupid guy... they paid him like $200 / hour to tell me my bios had a virus
<lullabud> no, the real problem, probably, was that your BLT drive went AWOL.
<T3CHKOMMIE> i cant be around that much stupidity.... it just drains you.
<T3CHKOMMIE> lol
<Lobo29> Ok, got the 8.04 to finish, *crosses fingers*
<T3CHKOMMIE> that was a nightmare, i was also going to school part time. missed all of my classes because they wouldnt let me leave at a time we agreed i could leave to attend class...
<T3CHKOMMIE> Lobo29, good luck!
 * T3CHKOMMIE crossing fingers.
<lullabud> yeah, shit like that sucks.
<T3CHKOMMIE> faild classes, couldnt get tuition rembused.... waste of time and money.. :( wont ever do that again. good learning experience tho.
<T3CHKOMMIE> got to play with some hardware i couldnt buy myself ;)
<lullabud> i try to live my life like i won't have a job tomorrow, either because i got laid off, or because i got pissed off.  either way, you have to look out for yourself, and the tech field can be pretty vicious.
<Lobo29> omg, i got a "clonezilla1 login: "
<T3CHKOMMIE> sweet!
<Lobo29> hmmm
<T3CHKOMMIE> what is this clonezilla i hear of?
<T3CHKOMMIE> sounds like server farm stuff?
<lullabud> T3CHKOMMIE: it's a disk cloning tool
<Lobo29> yes
<T3CHKOMMIE> oh yeah... clonsezilla... duh.
<lullabud> really useful when you need it.  it can clone over the network, disk-to-disk, disk-to-image
<lullabud> it'll even do multi-cast imaging.  i've never needed that feature, but it sure sounds awesome!
<T3CHKOMMIE> kinda like norton ghost.
<lullabud> T3CHKOMMIE: exactly.
<T3CHKOMMIE> oh man free stuff?
<lullabud> it's the FOSS norton ghost
<Lobo29> gonna try to use it to clone those 1100  notebooks i got
<Lobo29> or no kiddies are gonna  have internet access when school starts up again
<T3CHKOMMIE> is it an ubuntu live os? whats it based on?
<Lobo29> works on any linux os
<lullabud> Lobo29: lol, when you said 1100 i thought that was a model number
<lullabud> haha
<T3CHKOMMIE> Lobo29, awsome! what do you guys used for firewall?
<T3CHKOMMIE> me too lullabud
<Lobo29> m86 for  firewall
<lullabud> T3CHKOMMIE: see for yourself - http://clonezilla.org/
<Lobo29> we had a citrix farm, we just shut it down after 10 years
<lullabud> i used it the other day to p2v a server that didn't have X
<virusuy> Clonezilla Rulzzzzz
<T3CHKOMMIE> ah Lobo29 ive been trying out pfsense. its pretty awsome. but i dont have any expreience with m86 to compari it to.
<virusuy> anyone used Endian as firewall ?
<virusuy> not even compare to PFsense, but it's okay for small and medium office
<Lobo29> T3chkommie, i'm sorry, m86 is filter,  we have watchguard for  firewall
<T3CHKOMMIE> never heard of endian accept for the memory notion.
<Lobo29> and baracuda spam filter
<T3CHKOMMIE> Lobo29, ah, right on. how many nodes are your network over there? you guys an "enterprise" or more medium buisness?
<T3CHKOMMIE> Lobo29, ah baracuda ive heard good things about those.
<Lobo29> school domain
<virusuy> T3CHKOMMIE: google it, it's an italian FW...
<Lobo29> 2500 kids
<lullabud> barracuda is nice, especially when integrated with exchange so spam scoring is done as a group rather than individually.
<Lobo29> 7 campus,  fiber links to each, near 2000 devices
<T3CHKOMMIE> Lobo29, thats a fair ammount of users. you guys use AD or RADIUS? how do you manage all them kids?
<Lobo29> AD
<T3CHKOMMIE> ah, ya thats alot of users to manage.
<Lobo29> but, cutting back on that now
<lullabud> you know, AD is pretty rad.
<lullabud> i really wish that MS had some better management tools though...
<Lobo29> M86 filter makes user log in at internet access, and kids will use google apps and other "cloud" resources from now on
<T3CHKOMMIE> well gents, its been fun geekin out. the mrs will be home soon from grocery shopping and ill have to give her my undivided attention. Lobo29  good luck with the cloneing and lullabud nice chattin in up with ya! ill be talking to you all later!
<Lobo29> so kids won't even be in the domain any more
<Lobo29> T3chkommie, lullabud,  Thanks much for your help, i also gotta cut out for dinner now,  L8R
<T3CHKOMMIE> sounds like a plan. later!
<lullabud> i guess i should head off too
<lullabud> good luck with the HP load Lobo29
<Lobo29> quit
<Logos01> Hello...  Anyone willing to help me figure out why I can't install VMs on a default 11.04 server instance?  Using the default virtualization package selected during install.
<Logos01> http://pastebin.com/NBj25Qa0
<luite> Logos01: have you added your user account to the libvirtd group?
<Logos01> Is that necessary for root?
<luite> oh then it shouldn't be necessary
<luite> but maybe the scripts are made to be run as a regular user (in the libvirtd group)?
<luite> Logos01: you're sure that libvirt-bin is installed in libvirtd is running?
<Logos01> Yup.
<Logos01> I'm using virt-manager.
<Logos01> Just tried adding my default user to the libvirtd and kvm groups... running virt-manager as my default user.
<Logos01> No dice.
<luite> hmm, it wants to create and bind a socket there. maybe check mount options for the /var filesystem, or have you installed some extra security things like selinux? check /var/log/kern.log for messages
<Logos01> ...
<Logos01> I did symlink the /var/lib/libvirt/images directory to a NAS mount.
<luite> oh but that's a different dir
<julian_c> Is there anything in AppArmor that might need adjustment...?
<julian_c> (re: libvirt)
<luite> how can you temporarily dissable apparmor by the way, but still log messages? (like enforcing=0 for selinux)
<Logos01> Looks like it is an apparmor thing.
<Logos01> And lookit that, apparmor_status reports /usr/sbin/libvirtd is in "enforce" mode.
<Logos01> Disabled the libvirt apparmor profiles and it's still giving the same error.
<Logos01> So it's something else.
<Logos01> ... deleted and re-created virbr0 using virt-manager, and am now installing a VM. Don't know why that would cause the issue, but... hey.
<Xago> RoyK, Thanks for your tips...I'm going forward for myself now...but I think will need more tips later ;)
<Logos01> So... now I've got myself a working VM on my KVM/Qemu hypervisor -- but while it claims to have a working internet connection it's pings are timing out and it itself can't be pinged from outside.
<uvirtbot> New bug: #796150 in mysql-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 255" [Undecided,New] https://launchpad.net/bugs/796150
<uvirtbot> New bug: #796200 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/796200
<RoyK> hm... john the ripper has gotten MPI support :)
<delinquentme> so it seems that editing the /etc/environment does not create a environment variable that shows up in printenv ? anyone know what i might be doing wrong here?
<DeadEnd> I cannot read my logs due to spamming a message from the kernel  "pwrdown, 0x6(BIT6)=f1", is there a way to tell the kernel or syslog to stop printing that message?
<superfrogger79> hi everyone, im setting up an ubuntu dev server and im running into some problems, anyone here able to spare a few minutes?
<ikonia> just ask
<ikonia> lets see what we can do
<superfrogger79> ok well its a long one, so here goes...
<ikonia> try to keep it short and to the point, and lets work it out
<superfrogger79> im setting up an ubuntu server which ive connected to my pc with a crossover cable. i did a fresh install and selected the LAMP and SSH options at install...
<superfrogger79> ... and now i cant seem to ssh into there at all...
<superfrogger79> ive got the right ip and i can see the servers running fine, but i keep on getting connection refused in putty
<ikonia> superfrogger79: install openssh-server on the machine first, make sure it's there, installed and running
<superfrogger79> ok am i right in thinking the defauly port for ssh is 22?
<ikonia> correct, you shouldn't have to specify a port, it should use the default, which as you say is 22
<superfrogger79> ok thanks, ill back in a minute, just gonna check its installed and running
<superfrogger79> ok, i just ran sudo aptitude ssh and i got loads of terminal spam, like it wasnt installed in the first place... im a bit confused as i thought i checked the ssh option during install?
<superfrogger79> *sorry sudo aptitude install ssh
<Xago> Good morning guys, I have a doubt about RDP access to a server. Every time I access, the first time once reboot machine I can open RDP session, but if I close tsclient and re-open again I cannot access again. Why?
<Xago> I need necessarily reboot the server to get access again :(
<Xago> How should I resolve this issue?
<Xago> the server has gnome gui, this is my way to work with comfort
<Xago> I have configured remote desktop to access and additionally installed xrdp
<Xago> I have had removed xrdp and doesn't allow to connect via GUI, even installed Remmina RDP
<Xago> :(
<Xago> re installed xrdp and got into again
<TECHX> hey can anyone here help with my ubuntu server problems?
<vooze> Anyone tried that Ubuntu server 11.04 could not find your harddrive?? I just tryed to install (currently running debian 6.0 with no problems) but ubuntu server 11.04 can only see my external harddrive, not the one "in the computer" any ideas?
<TECHX> im using the ubuntu 10.4
<TECHX> server
<jtiss546> hi
<jtiss546> I'm hoping to get some help with apache2
<TECHX> well this room isent the right place
<TECHX> as no one here fucking talks
<TECHX> lol
<TECHX> and the #ubuntu room is full of nobheads
<jtiss546> no? this is where I was sent.
<IdleOne> TECHX: same language rules apply here
<TECHX> oh
<jtiss546> I see there are 264 users.
<TECHX> now you decide to talk
<IdleOne> !guidelines > TECHX
<ubottu> TECHX, please see my private message
<TECHX> done
<TECHX> so is anyone here going to help or just throw around links to "guidelines"
<IdleOne> TECHX: if you ask an actual question maybe
<TECHX> scrole up smart one
<TECHX> [17:58] <TECHX> hey can anyone here help with my ubuntu server problems?
<stgraber> 16:58 < TECHX> hey can anyone here help with my ubuntu server problems?
<stgraber> that's not a question
<IdleOne> all I see you is asking if someone can help
<TECHX> are you stupid?
<IdleOne> but not with what
<stgraber> that's a "Is anyone around?" kind of question
<uvirtbot> New bug: #796276 in openldap (main) "package slapd 2.4.21-0ubuntu5.4 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/796276
<TECHX> and it is a question
<TECHX> hence the "?"
<stgraber> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<TECHX> Ok SOME ONE tell me how to sort out this server
<TECHX> Please
<TECHX> better?
<IdleOne> TECHX: you have a very poor attitude and I recommend the ops get rid of you
<TECHX> good for you dude
<IdleOne> !details
<ubottu> Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<TECHX> ubuntu server 11.04 and its not allowing me to install GUI or connect via port 23 or 21 any idears oh smart ones?
<IdleOne> drop the attitude. I know the answer but you are such a tool I refuse to help you. good luck.
<TECHX> good for you dickhead
<TECHX> its twats like you that make it so much more of a pain in the ass to get answers
<TECHX> i hope you enjoy beeing the way that you are
<Xago> calm down guys
<TECHX> anyone going to help or not
<TECHX> ?
<TECHX> guess not
<RoAkSoAx> SpamapS: ping
<Pr0zoid> TECHX: what is your issue.... that's all they are asking
<TECHX> [18:27] <TECHX> ubuntu server 11.04 and its not allowing me to install GUI or connect via port 23 or 21 any idears
<Pr0zoid> yes.. but what error messages
<TECHX> keeps screen scrolling with failed to fetch
<Pr0zoid> is it connected to the net?
<Pr0zoid> can you ping and address?
<TECHX> yes
<TECHX> i can ping portscan and telnet to other computers on the network
<TECHX> so i know its working
<Pr0zoid> no i mean outside the network... ping 8.8.8.8
<Pr0zoid> something like that
<TECHX> yes
<TECHX> it works
<Pr0zoid> my linux skills are limited.....
<TECHX> 53 packets sent received 33
<Pr0zoid> if you chillax a bit and stop being rude to everyone else... you may get an answer... but you have to consider that most ppl idle here and will respond if / when they see your message.
<TECHX> true, but being the fact i had asked 2 questions and even after i had got a reply it was a shitty reply telling me one to follow guidelines and 2 to ask a question witch i had done in the first place so basically what happens happens hence freedom of speech thank you for your help tho
<Pr0zoid> PPTP VPN Server - Hey guys i'm trying to run a pptp vpn server but i need something with a little more of a user management engine ... (plain text passwords in txt files just isn't all that secure)... anyoen have any suggestions of something else i could use?  (it would be great if it stored user data in a DB like mysql).
<IdleOne> TECHX: You are not in a democracy here. Help is given on a volunteer basis, your bad attitude and lack of detail makes it so those of us who can help probably wont. So get off your high horse cause nobody here owes you anything.
<IdleOne> in fact you owe us an apology
<TECHX> 	HAHAHAHA
<TECHX> Jog on
<stgraber> Pr0zoid: hmm, I really haven't played with that in a long long time but you may want to look into freeradius for the authentication part. I seem to remember there's a way of having the pptp vpn server use that for authentication.
<stgraber> Pr0zoid: then freeradius supports pam auth, mysql, ldap, ... pretty much anything you may want
<jeeves_moss> how do I configure SA to MOVE all marked e-mails to the spam folder for my VIRTUAL users?  I'm running postfix/dovecot and I'm lost
<uvirtbot> New bug: #796296 in augeas (main) "augeas FTBFS on oneiric (test-readlink failed)" [Undecided,New] https://launchpad.net/bugs/796296
<Doonz> can anyone recoomend a idiots guide to setting up an open vpn server and client
<julian_c> Perhaps start with the Ubuntu Server Guide.
<julian_c> https://help.ubuntu.com/11.04/serverguide/C/openvpn.html
<julian_c> (adjust the URL for your particular Ubuntu release)
<Pr0z0id> Doonz: there's a chan for openvpn
<Pr0z0id> they have tons of resources
<Pr0z0id> and the howto is pretty good
<Pr0z0id> got mine setup with no probs
<uvirtbot> New bug: #796329 in openldap (main) "package slapd 2.4.23-6ubuntu6 failed to remove: subprocess installed pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/796329
#ubuntu-server 2012-06-04
<kalkin-> ahh i got it
<veebull> hey all
<mrrothhcloud__> what is your morning habits
<mrrothhcloud__>  and or workflow
<blendedbychris> hey guysâ¦ i have snmp setup but my monitoring software is reporting the incorrect interface speedâ¦ any ideas how to fix this?
<SpamapS> blendedbychris: have you tried 'snmpwalk your.boxes.hostname' to see if snmpd is reporting the wrong speed?
 * SpamapS really wishes snmp would die in a fire :-P
<patdk-lap> sad it's about the only thing there is though
<blendedbychris> bleh i'm too lazy to figure out how to snmp walk again on this other machine
<blendedbychris> i'll just deal with it for now heh
<blendedbychris> what's the pacakge called that has the oid descriptions?
<blendedbychris> mib or something?
<blendedbychris> SpamapS: any idea what the mib would be?
<blendedbychris> i see stuff like IP-MIB::ipAddressType.ipv4."10.36.172.194" = INTEGER: unicast(1)
<SpamapS> blendedbychris: thats a fully resolved MIB
<blendedbychris> no ya i found the downlaoder thing
<blendedbychris> guessing it's this IF-MIB::ifHighSpeed.1 = Gauge32: 10
<blendedbychris> or IF-MIB::ifSpeed.1 = Gauge32: 10000000
<blendedbychris> which is 10 :|
<blendedbychris> seems like an issue with lucid onlyâ¦ my precise boxes seem to report the proper link sepeed
<blendedbychris> http://www.mail-archive.com/ubuntu-server-bugs@lists.ubuntu.com/msg42778.html
<blendedbychris> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/250549 rather
<uvirtbot> Launchpad bug 250549 in linux "Wrong interface speed from snmpd running as snmp user" [Undecided,Fix released]
<Adonis> Hello, Ive installed ubuntu-server and once thats finished i install ubuntu-desktop, but when i install ubuntu-desktop it gets half way thru and goes blank...... anyone had this prob before?
<Adonis> also its a VM
<Adonis> anyone in here?
<koolhead17> Adonis: How much memory you ahve allocated to the VM?
<Adonis> approx 1gb
<ea1het> morning...
<esko_> anyone experienced with keystone and euca2ools?
<koolhead17> esko_: keystone i have
<koolhead17> and in essex i have used nova tools
<esko_> when we run euca- commands, all we get is unauthorized.. with the credentials what we got from dashboard
<koolhead17> esko_: if you are using euca-commands you need to modify nova.conf accordingly
<koolhead17> esko_: what do u get when u run nova-list
<koopa58> Hi everyone! I'm wondering, what do I need to do to let the script run I put in /etc/cron.hourly/ ? I've found things about anacron, I don't have this program, do I need this?
<esko_> koolhead17: nova list is empty
<koolhead17> nova --debug list
<esko_> koolhead17: http://pastebin.com/dzY1Epws
<koolhead17> esko_: it means its fine :)
<koolhead17> now try playing with nova commands :)
<Destero> hey i just installed ubuntu server and its gotten to a screen thats white and i can enter text has it fully completed the install yet?
<esko_> nova commands work fine, however our keystone log says EC2 signature not provided when using euca commands
<koolhead17> esko_: am no ec2 expert so can`t help. sorry :(
<uvirtbot> New bug: #1008373 in postfix (main) "problem" [Undecided,Invalid] https://launchpad.net/bugs/1008373
<uvirtbot> New bug: #1008475 in samba (main) "winbindd nsswitch fails with RID backend on 12.04" [Undecided,New] https://launchpad.net/bugs/1008475
<uvirtbot> New bug: #1008203 in dhcp3 (main) "dhclient3 sends wrong discover packets on changed MAC addr" [Undecided,Incomplete] https://launchpad.net/bugs/1008203
<uvirtbot> New bug: #1008225 in vm-builder (universe) "vmbuilder fails using tmpfs due to upstart restarting cron in the tmpfs" [Undecided,Incomplete] https://launchpad.net/bugs/1008225
<uvirtbot> New bug: #1008313 in clamav (main) "package clamav-base 0.97.3+dfsg-2.1ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Low,Incomplete] https://launchpad.net/bugs/1008313
<uvirtbot> New bug: #1007980 in nis (universe) "package nis 3.17-32ubuntu1.2 failed to install/upgrade: subprocess new pre-installation script returned error exit status 100 (dup-of: 993291)" [Undecided,New] https://launchpad.net/bugs/1007980
<uvirtbot> New bug: #1008007 in backuppc (main) "package backuppc 3.2.1-2ubuntu1.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/1008007
<uvirtbot> New bug: #1007829 in nova (main) "AttributeError: 'str' object has no attribute 'register_opts' when upgrading" [Medium,Confirmed] https://launchpad.net/bugs/1007829
<uvirtbot> New bug: #1007837 in dpkg (main) "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/1007837
<uvirtbot> New bug: #1007510 in vsftpd (main) "vsftpd does not allow upload to chroot root" [Undecided,Invalid] https://launchpad.net/bugs/1007510
<uvirtbot> New bug: #1007736 in samba (main) "package samba-common 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,Invalid] https://launchpad.net/bugs/1007736
<ea1het> buenos dias hay alguien online?
<ea1het> necesitaria charlar con alguien acerca del dimensionamiento de servidores para un proyecto
<ea1het> teniendo en cuenta el ratio de usuarios concurrentes
<ea1het> alguien puede echar un cable/Charlar??
<abra>  noaXess abra dv310p3r ahasenack TomasBrincil yaboo orated Deathvalley122 koolhead17 heller_barde niemeyer tmclaugh VivekVC DavidLevin blitzkrieg3 dzragon Wolfsherz Jare gary_poster Skaag_ robher__ railsraider jonconley ogra_ txomon|home fij0 palt benji Facefox ZenMaster JanC draven kir IdleOne elleuca kforbz virtuose vrturbo shang Gallomimia felimwhiteley Razique zyga-afk Leseb frankban
<abra> we invite you to join /server irc.open-pages.com new network away from rushy channels. staff needed.
<abra>  ea1het dob_ glebihan__ jacalvo greppy EMKO stiv2k tyhicks mack1e cedr grmpy` rickspencer3 Ursinha` jetole daker ignarps stlsaint ph8 stgraber doctorZeus sander__ k299 mgw jjohansen Qten freesbie bitfury micahg Ruetobas Iceman_B pgraner Adri2000 smb funkyHat milner erichammond zul pretec Spanky_ freeflying three18ti txwikinger MatBoy kthomas_vh_ AlfE_ apetrescu juicy mysteriousdarren
<abra> loremattei oCean toabctl jgoss fwereade schmidtm OZ8AAZ|2 pdtpatrick
<abra> classix veebull marut MrPPS jumpercable nihe marass_ mdeslaur kraut
<abra> we invite you to join /server irc.open-pages.com new network away from rushy channels. staff needed.
<abra>  slide dan64 jibel m_3 mmm AlanBell kermit Muska thesheff17 jandrusk Lcawte|Away OZ8AAZ danchou linlin Corey StevenR lionel Tzunamii kyconquers huats flacoste negronjl utlemming baggar11 hggdh melter bastidrazor xcrracer patdk-lap ihashacks iclebyte caveat- beerbro ahs3 HazRPG lambda_engineer jhobbs shauno hotswaphdd2 andol sbeattie pjdc ewook bctrainers LordOfTime Ztane MikaT TREllis
<abra> akoumjian n0c giovani Malediction fraterm ed1703 ppetraki jeremydei
<abra> we invite you to join /server irc.open-pages.com new network away from rushy channels. staff needed.
<abra>  lifeless gabrtv Nolar ScottK ikonia apw Bilge Jeeves_ cwillu_at_work duckydan lamont PatrickDK patdk-wk charlieS` claude2 jamespage allenap sw0rdfish quique ahxcjb Tm_T Myrtti tuf8 AntORG nkv bencer sixstone KristianDK Soekris esuave mjeanson klaas ssureshot1 Pici flebel Lisimba3 Thermionix G ppyhd spurkis sirdeiu roaksoax SuperLag smw kirkland qman__ fysics h00k sauce RobertLaptop LMJ
<heller_barde> abra: sounds legit. stop spamming the channel!
<abra> alamar lickalott lynxman cwillu jimbaker jMCg DigitalFlux NCommander
<abra> we invite you to join /server irc.open-pages.com new network away from rushy channels. staff needed.
<zyga-afk> abra, meh, get lost
<Tzunamii> Go molest a goat
<Myrtti> Tzunamii: that was uncalled for
<pretec> Thanks, Myrtti
<heller_barde> Tzunamii: leave the poor goat in peace
 * patdk-wk feels mistreated by abra
<Tzunamii> Myrtti: If you say so, sir
<Tm_T> !coc | Tzunamii
<ubottu> Tzunamii: The Ubuntu Code of Conduct is a community etiquette document to which we ask all Ubuntu users to adhere | http://www.ubuntu.com/community/conduct/ | For information on how to electronically sign the CoC, see https://help.ubuntu.com/community/SigningCodeofConduct | Watch http://static.screencasts.ubuntu.com/videos/2010/12/22/004-SigningCoC.ogv
<Tzunamii> Thank you
<Tm_T> FYI it's not optional, it must be followed on our irc channels even if you haven't signed it personally
<Tzunamii> I get the message. No need to go overboard
<gry> hehe the signing being optional is a bit confusing there indeed
<hggdh> if you opt to be here, you also opt to abide by the CoC
<patdk-wk> if you opt to submit messages here atleast
<hggdh> patdk-wk: indeed. I stand corrected
<ogra_> yeah, you are allowed to read without obeying to the CoC :P
<patdk-wk> unless your reading hggdh's posts :)
<hggdh> heh
 * NCommander notes its rare when the spambots come to #ubuntu-*
<NCommander> Also, exceedingly annoying
<ea1het> Anyone who has idea about the infrastructure behind a job portal systems or similar service
<ea1het> i need to dimensionate a new development and need inputs.
<drecute> please did anyone get Likewise-open to work on Ubuntu server 11.10?
<uvirtbot> New bug: #1007966 in samba (main) "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1007965)" [Undecided,New] https://launchpad.net/bugs/1007966
<fraterm> weird, spambots.
<three18ti> someone say my name?
<uvirtbot> New bug: #1007293 in nis (universe) "nis doesn't work anymore after upgrade to 12.04" [High,Incomplete] https://launchpad.net/bugs/1007293
<uvirtbot> New bug: #998403 in ntp (main) "ntp in precise has disabled crypto" [High,Fix released] https://launchpad.net/bugs/998403
<uvirtbot> New bug: #998712 in dnsmasq (main) "dnsmasq integration into name resolution broken" [Undecided,Incomplete] https://launchpad.net/bugs/998712
<uvirtbot> New bug: #990742 in openldap (main) "slapd fails to upgrade: requires libsasl2-2 (>= 2.1.24) installed" [High,Fix released] https://launchpad.net/bugs/990742
<uvirtbot> New bug: #1007433 in zookeeper (main) "circular dependency causes zookeeperd to not be running after installation of zookeeperd" [Medium,Triaged] https://launchpad.net/bugs/1007433
<uvirtbot> New bug: #963056 in keystone "Object references not validated (returning 500 instead of 404)" [Medium,Confirmed] https://launchpad.net/bugs/963056
<mgw> What's involved in getting a project into Ubuntu's apt repository?
<patdk-wk> get it into debians
<ogra_> preferably you try to get it into debian ans ubuntu can just sync from there
<ogra_> *and
<mgw> do you know the process for getting into debian's repo?
<patdk-wk> it's detailed on debians website
<mgw> patdk-wk: thanks
<patdk-wk> have to commit it to like expemental
<patdk-wk> have people test it, then write off on your behalf it's ok
<patdk-wk> in a simplified version
<mgw> do you have a link?
<mgw> actually, the one i was thinking of adopting is in debian testing
<mgw> http://packages.qa.debian.org/libs/libssh.html
<patdk-wk> http://wiki.debian.org/DebianMentorsFaq
<mgw> patdk-wk: thanks
<hallyn> well this is annoying.  when I do execlp("lxc-create", "-t", "busybox", "-f", "/etc/lxc/test-busybox.conf", "-n", MYNAME, NULL);  it doesn't actually run the template.  running it by hand froma root shell, it does.
<hallyn> aaah.  of course.
<hallyn> how many times am i gonna trip over that one
<akoumjian> Anyone here know of a service watcher such as supervisord or circusd that watches its own configuration files for changes and restarts or reloads automatically?
<wizardslovak> hello people
<wizardslovak> i am having trouble settup static ip on 12.04
<wizardslovak> "sudo /etc/init.d/networking restart " comes with "running /etc/init.d/networking restart is deprecated because it may not enable again some interfaces"
<wizardslovak> i tried ifup and ifdown
<wizardslovak> and nothing
<ikonia> wizardslovak: service networking
<stgraber> hallyn: hehe, implementing lxc support into the auto-dist-upgrader I'm finding myself writting yet another python wrapper around lxc ;) trying to have this one match the proposed python API so I can simply transition to the official one once it's done
<hallyn> stgraber: depending on how soon you need that, did you want to just start implementing the python wrappers around lp:~serge-hallyn/+junk/lxcwithapi?
<hallyn> I've got a funky bug with c->start(), but other than that it seems to be working with the limited bits i've got
<hallyn> alas, i have to go duel with a drill-wielding savage, so out for the rest of this afternoon.  but talk to you tomorrow
<stgraber> hallyn: well, I kind of told jibel I'd have that stuff done today ;) but I'm certainly planning on using it as the base of the official python module and will transition the subprocess calls to proper C calls to the api ASAP
<stgraber> so I'll probably try to rebase that on the C API from your branch later this week (depending on how busy alpha1 keeps me)
<adam_g> roaksoax: hey, around?
<roaksoax> adam_g: here
<adam_g> roaksoax: ah, nvm. trying to get a work around going for quantal support in MAAS but hit some unrelated firmware issue
<roaksoax> adam_g: ok :)
<uvirtbot> New bug: #1000344 in open-vm-tools (multiverse) "open-vm-dkms 2011.12.20-562307-0ubuntu1: open-vm-tools kernel module failed to build [error: implicit declaration of function âd_alloc_rootâ]" [Medium,Confirmed] https://launchpad.net/bugs/1000344
<thebwt> The documentation at https://wiki.ubuntu.com/ServerTeam/MAAS isn't quite completle. They tell how to do the set up if you own the network, but leave off the part on how to set up if you cannot takeover DHCP.
<thebwt> Anywhere I can find documentation on a non dhcp setup for maas?
<rockets_> Does Ubuntu server log for Cronjobs anywhere besides /var/log/syslog?
<PatrickDK> they go where every you configure your logging daemon (rsyslog by default) to log them
<rockets_> PatrickDK, and I have done no configuration.
<rockets_> But doesn't cron have some control over where it logs to?
<rockets> wrong nick. heh
<uvirtbot> New bug: #1006189 in net-snmp (main) "Changelogs not visible for recent updates" [Undecided,New] https://launchpad.net/bugs/1006189
<sbattey_> Can anyone provide me with some resources for securing a php installation that can write to the file system?
<uvirtbot> New bug: #997641 in facter (main) "Could not run Puppet configuration client: Could not retrieve local facts: bad URI" [High,Triaged] https://launchpad.net/bugs/997641
<nsbig> Hello All!
<uvirtbot> New bug: #1007533 in euca2ools (main) "euca2ools in precise (probably also quanta) breaks openssl when installed first" [High,Fix committed] https://launchpad.net/bugs/1007533
<fraterm> hi hi.
<fraterm> SSL setup tomorrow!!!
<fraterm> self-signed but hey.
<Scottyob> hey guys.  I've got an old Ubuntu 8 image here.  I dd'd the ext3 system out of a kvm instance, replaced the kernel with standard 64 bit (was xen) and installed grub.  Problem now is it looks like it gets past the init scripts and hangs.  I've disabled all init scripts in this run level but it looks like it hangs.  I can only get this thing to boot in single user mode.  Any ideas?
<qman__> Scottyob, remove quiet splash from the boot line in grub
<qman__> should give you a better idea of where it hangs
<Scottyob> qman__: No splash screen on it.  It finishes all the scripts in the rc3.d run level then hangs
<thebwt> Any pointers for un'owned' netowrk \maas documentation
#ubuntu-server 2012-06-05
<pmatulis> thebwt: huh?
<ScottK> thebwt: You mean MaaS on a public network?
<ScottK> If so, the only documentation you need is "Don't do it".
<engkur> hi all
<uvirtbot> New bug: #995523 in squid3 (main) "squid3 is killed by /etc/resolvconf/update-libc.d/squid3 in Precise" [Undecided,Incomplete] https://launchpad.net/bugs/995523
<uvirtbot> New bug: #1003138 in juju (universe) "python process hogged the cpu in 12.04" [Undecided,New] https://launchpad.net/bugs/1003138
<Womkes> Is there a php5- package to install ioncube loader?
<_johnny> hi, i'm running 12.04 and trying to add a redirect from port 8080 to 80 in iptables. the rule is saved but doesn't appear to have any effect. not being an expert in iptables, but isn't this "right" http://pastebin.com/nVms8wti ?
<_ruben> PREROUTING isn't used for local packets
<_ruben> do you want to redirect from anywhere, or just the local machine?
<_johnny> it is just for my local machine
<_ruben> try OUTPUT instead of PREROUTING
<_johnny> works! thanks _ruben :)
<Qu310> hi all, anyone using ataoe in production with zfs?
<koolhead17> Daviey: ping
<uvirtbot> New bug: #1005440 in openssh (main) ""Could not load host key: /etc/ssh/ssh_host_ecdsa_key" when connecting" [Low,New] https://launchpad.net/bugs/1005440
<uvirtbot> New bug: #1000355 in drbd8 (main) "[SRU] drbd fence-peer breaks when using kernel 2.6.32-41" [Undecided,Fix committed] https://launchpad.net/bugs/1000355
<smb> stgraber, I think I found a fix for bug 1006937. I linked a branch with my fix to it.
<uvirtbot> Launchpad bug 1006937 in isc-dhcp "dhclient does not send hostname to dhcp-server" [Undecided,Confirmed] https://launchpad.net/bugs/1006937
<stgraber> smb: thanks! I'll try to remember to have a look post-alpha1
<smb> stgraber, Somehow its amazon how well the client works without finding its config file... :-P
<smb> amazing I meant
<smb> bah
<stgraber> smb: ;)
<uvirtbot> New bug: #962615 in nova "Unable to list volumes after building from snapshot" [Undecided,In progress] https://launchpad.net/bugs/962615
<smb> btw, what is the bzr equivalent to "git checkout -f"? (reset the working tree to what is checked in and dropping any other modifications)
<stgraber> smb: bzr revert? (not sure exactly what git checkout -f does...)
<stgraber> smb: did you manage to build isc-dhcp with that change? I remember trying CFLAGS=$(CFLAGS) before going with the really ugly hack of just hardcoding the one I needed and it failed for some weird reason
<stgraber> though I didn't think of export ;) maybe export does something slightly different that makes it magically work
<smb> stgraber, maybe. tried to explain above (get rid of any changes uncommited) I did build with sbuild in a quantal chroot. Yeah it seems odd that export is needed now but looking at the failures without it no CFLAGS defined in rules seemed to be passed on.
<smb> And yes, tried the CFLAGS="$(CFLAGS)" road, too but unsuccessful
<smb> Problem is passing all the quotes through shell ...
<smb> stgraber, Ah, revert seems to be the command I was looking for
<uvirtbot> New bug: #1003842 in network-manager (main) "dnsmasq sometimes fails to resolve private names in networks with non-equivalent nameservers" [Medium,Confirmed] https://launchpad.net/bugs/1003842
<stgraber> smb: uploading isc-dhcp now as we'll be respinning everything and I'm not sure of all the possible side effects of not using dhclient.conf and the dhclient script
<smb> stgraber, Ah ok. Yeah, I only noticed the not sending the hostname part because I grumbled about my quantal VMs not registering with my dhcp server.
<stgraber> I'm pretty sure not using our dhclient.conf will break dhcpv6 at least
<obelus> Is this for the new package in quantal?
<smb> obelus, The discussion the isc-dhcp package, yes, quantal
<Error404NotFound> I am running an Ubuntu server and its facing quite high load. http://pastebin.com/sqT9ZFNE As you se i have much of free ram, cpu is mostly idle, no i/o wait and very less % of cpu in used state. Any ideas?
<Jeeves_> 92.0%id !
<Error404NotFound> Jeeves_: yes, and how does that ring a bell? I would have assume an I/O problem but 0.0%wa. I can't comprehend the reason for high load when we have 7.0%us,  0.8%sy,  0.0%ni, 92.0%id,  0.0%wa,  0.0%hi,  0.1%si,  0.0%st, seems like stats of well behaving system.
<patdk-wk> load has nothing to do with cpu usage
<Error404NotFound> patdk-wk: true, but usually cpu util stats have some indication. In this case i fail to see that. Enough free ram, enough free swap, no misbehaving process, enough free cpu, no i/o issues....
<patdk-wk> well, in this case, I see a load of 4
<patdk-wk> cpu of 7%
<patdk-wk> how many cores does that machine have?
<Error404NotFound> 8
<Error404NotFound> Intel(R) Xeon(R) CPU E5506  @ 2.13GHz
<patdk-wk> single cpu? or dual?
<patdk-wk> well, should say, single socket?
<Error404NotFound> sorry?
<patdk-wk> how many E5506's?
<patdk-wk> oh, must be 2, no hyperthreading support
<Error404NotFound> this one is actually c1.xlarge instance, /proc/cpuinfo = http://pastebin.com/fTuFMmQR
<Error404NotFound> i am gonna be right back in 15 minutes, have to run to attend to something real quick before i get back to this stupid issue.
<patdk-wk> hmm, atleast it's 0% st
<hallyn> smb: re quantal kvm blueprint - the qemu-kvm merge hasn't been done yet :)
<hallyn> smb: waiting for debian to merge qemu-kvm 1.1
<smb> hallyn, Oops? I was thinking this is related to the ipxe update
<smb> hallyn, Hm, maybe you are talking of something different...
<smb> hallyn, No, probably it is me setting the workitem to done. So will qemu-kvm have an impact on ipxe/kvm-ipxe? Since that were the places which had a problem with the prom names.
<thebwt> ScottK: re:maas on public network. I am trying to set up a test environment for my department.  Are there any diagrams that specify the network topologys? Our department 'owns' everything on our network except DHCP... So I need a clear grasp of things before I can start a meeting on the changes needed.
<thebwt> onlive linux
<thebwt> oops
<Error404NotFound> back
<Error404NotFound> so any thoughts on what would be hammering cpu load?
<hallyn> smb: oh maybe you're right.  that was probably what we were worried about :)
<hallyn> smb: thanks
<smb> hallyn, Yeah I believe. :) Though who can be sure with so much multi-tasking. ;)
<uvirtbot> New bug: #1009081 in samba (main) "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/1009081
<ahasenack> hi, is there an easy way to find out the ip address that an lxc container grabbed?
<ahasenack> I used to check the lease file from dnsmasq, but it seems to keep it all in ram at least in the lxc case
<ahasenack> ah, nm, found the lease file
<Error404NotFound> http://pastebin.com/FLzP7Eqv contains bit more information. CPU, RAM, I/O everything seems fine.
<Daviey> koolhead17: hey
<ribo> so uhh, what's this:
<ribo> whoopsie   744  0.0  0.2 187580  4024 ?        Ssl  17:07   0:00 whoopsie
<ribo> creash reporter.
<thebwt> how does one go about compiling libxxx:i386 on a x64 machine?
<ribo> ok so this is annoying. I have scripts to automatically deploy ubuntu server VMs, but now, apt-get -y --force-yes dist-upgrade right after install upgrades grub-pc which prompts for a decision on using maintainer/keep/merge /etc/default/grub, pretty much making automated build outs impossible
<ribo> how do I get debconf grub-pc to obey --force-yes or some other unattended mode?
<veebull> having some problems with postgresql 9.1 on ubuntu 12.04...
<veebull> basically I used 'GRANT ALL PRIVILEGES ON DATABASE bpsimple TO nuk;'
<veebull> but when I log in as 'nuk' and try running 'SELECT * FROM items;'
<veebull> I get: 'ERROR:  permission denied for relation customer'
<veebull> what am I missing?
<sveinse> Hi. I'm about to setup an older barebone PC as 4-disk NAS (with mdadm). I'm curios to a wise partitioning scheme. Boot in raid0 thats more or less given. a) One big RAID5 partition for the rest or b) One system partition with RAID0 perhaps, and a large data storage part with raid5
<sveinse> Any thoughts, please
<sveinse> bummer. s/raid0/raid1/...
<ScottK> thebwt: What problem are you having that you think maas will solve?
<uvirtbot> New bug: #754900 in nova/essex "[SRU] Nova-manage network delete does not delete from fixed_ips" [Undecided,In progress] https://launchpad.net/bugs/754900
<uvirtbot> New bug: #971640 in nova/essex "[SRU] public key  injection should be configurable" [Undecided,Fix committed] https://launchpad.net/bugs/971640
<uvirtbot> New bug: #988615 in nova "[SRU] xen: destroy_vdi breaks because session is not passed in" [Undecided,In progress] https://launchpad.net/bugs/988615
<uvirtbot> New bug: #975043 in nova "[SRU] Cloudpipe VPN instance can loose connectivity after starting openvpn" [Undecided,In progress] https://launchpad.net/bugs/975043
<uvirtbot> New bug: #987335 in nova "[SRU] libvit/connection.py missing console_log variable" [Undecided,In progress] https://launchpad.net/bugs/987335
<uvirtbot> New bug: #1009206 in krb5 (main) "krb5-user  deinstalled because of unmet dependencies" [Undecided,New] https://launchpad.net/bugs/1009206
<sbeattie> adam_g: around? have you seen anything like http://paste.ubuntu.com/1025828/ before?
 * sbeattie finds bug 981111
<uvirtbot> Launchpad bug 981111 in glance "New database is not under version_controll" [Undecided,Confirmed] https://launchpad.net/bugs/981111
<adam_g> sbeattie: yeah
<adam_g> sbeattie: the handling of migrations in glance was broken at time of (our) release. i added a patch to require un-version controlled databases to be put under VC before running any migrations. so, new databases need 'glance-manage version_control 0 && glance-manage db_sync'.
<adam_g> upgrades of un-VC'd diablo db's: glance-manage version_control 9 && glance-manage db_sync
<sbeattie> thanks
<uvirtbot> New bug: #981111 in glance (main) "New database is not under version_controll" [Undecided,Confirmed] https://launchpad.net/bugs/981111
<koolhead17> Daviey, hi again :)
<uvirtbot> New bug: #1008845 in bind9 (main) "(CVE-2012-1667) <bind9-1:9.8.3-p1 : Handling of zero length rdata can cause named to terminate unexpectedly (CVE-2012-1667)" [Undecided,Fix released] https://launchpad.net/bugs/1008845
#ubuntu-server 2012-06-06
<uvirtbot> New bug: #1009265 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009265
<uvirtbot> New bug: #1009274 in puppet (main) "package puppetmaster 2.7.11-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009274
<Demosthenes> so i have a lucid server, i'm trying to use the BIOS serial over LAN support, but I must disable ALL the font/mode setting... grub's console setting isn't enough. suggestions? i'm trying to stay in text mode on the console, no fonts, no changes.
<qman__> add 'nomodeset' to your boot line
<Demosthenes> that didn't seem to help
<Demosthenes> the initrd set it anyway
<Demosthenes> i even removed console-setup, but console-setup-min seems to set these anyway
<twb> Demosthenes: oh that one.  It's bloody annoying.
<twb> Demosthenes: blacklist vga16fb in /etc/modprobe.d/thingo.conf
<twb> Demosthenes: also note that due to a bug in the installer, there is absolutely no way to disable the framebuffer during install
<twb> (in lucid that is)
<twb> Don't forget to update-initramfs -u -k all after you edit the modprobe.d
<Demosthenes> hey twb, i think we've met before.
<Demosthenes> i just tried the nomodeset again, no dice
<twb> I also routinely purge plymouth packages as much as possible, then try to manually disable the plymouth upstart jobs that the upstart package has hard dependencies on
<twb> I don't know if that's necessary or if it just makes me feel better
<twb> >hate plymouth hate hate hate<
<Demosthenes> twb: i can tell
<Demosthenes> i edited /etc/modules.d/blacklist-framebuffer.conf and added vga, and my init has been updated.. no dice
<twb> vga16fb
<twb> There is no driver "vga"
<twb> # Make the machine-room KVM usable.  --twb, Jul 2011
<twb> blacklist vga16fb
<Demosthenes> god i miss aix :P
<Demosthenes> all this just to get an intel box i can remotely manage
<twb> Demosthenes: still got that bottle in the bottom drawer?
<Demosthenes> i didn't update the initrd after changing modules.
<Demosthenes> i need one. i hate pc hardware
<Demosthenes> this "server" failed while i was travelling. couldn't walk a user through booting it on a kvm, they eventually had to plug a usb kbd into the MB...
<Demosthenes> *sigh*
<Demosthenes> so i bought a whole new MB, CPU, and ECC RAM...
<Demosthenes> with a MB with IPMI support
<Demosthenes> and now to get SOL access via IPMI i have to disable the fonts on the console
<twb> It's unlikely to be the fonts, it's very likely to be something forcibly loading stupid non-80x25 console
<Demosthenes> well, but font-setting does that
<twb> It drove me insane when I was using kvm -curses, for the same reason
<twb> Demosthenes: no it doesn't, at least not IME
<Demosthenes> right. it did it again. nomodeset and i added the blacklist and updated initrds, it STILL did it
<twb> So just to be clear, you have "blacklist vga16fb" in /etc/modprobe.d/blacklist-framebuffer.conf, and /boot/initrd.img-... is newer than that .conf file?
<twb> And after editing /etc/default/grub you ran update-grub?
<twb> http://paste.debian.net/173073/ is my /etc/default/grub
<twb> Also, can you tell how far it gets before it trashes your display?
<Demosthenes> yeah, the kernel starts, and it starts the initrd..
<Demosthenes> i've also tried adding "text", "textonly", and a few others to the kernel line
<twb> You can't just guess those things
<twb> Is there a GUI installed?
<Demosthenes> nope.
<Demosthenes> this was intended to be a headless server
<twb> IMO better to use serial for headless boxes
<twb> But I'm stumped, I can't think what else coudl be happening
<Demosthenes> the last line i see on serial is "Loading initial ramdisk ...", and the dmesg output begins after the mode sets
<Demosthenes> so before the frist [0000000] Linux message it has changed
<twb> Are you booting with "quiet" ?
<twb> Also on serial, don't forget you will need to create /etc/init/ttyS0.conf
<Demosthenes> no, this is serial bios.
<twb> Ugh
<Demosthenes> if i stay in text mode, the bios bumps the vga text out as serial over lan
<Demosthenes> so for instance, i can get into the BIOS no problem.
<twb> You should tell it to stop doing that bullshit, and to just hand the serial back to the OS as soon as it loads the bootloader
<Demosthenes> if i just dont' change the video mode at boot, it'd work fine.
<twb> IMO what should happen is the BIOS allows you to use serial to configure itself, but ignores the VGA head and you then simply tell grub, the kernel and the getty to talk to ttyS0
<twb> Having IPMI reexport a vga console over serial instead of just talking over serial, is bloody stupid
<twb> (I'm ranting at the vendor, not you)
<Demosthenes> well, if i don't do it that way, i can't set bios settings remotely
<twb> Yeah I realize that
<Demosthenes> so no editing the bootlist, etc.
<Demosthenes> wtf, mountall and cryptsetup require plymouth?
<twb> *EXACTLY*
<twb> It's bullshit
<twb> I bitched to cjwatson about it and he said something "everyone stop bitching, plymouth is more than just a splash screen, you need it or else"
<Demosthenes> *sigh*
<Demosthenes> i just butchered the hooks for initrd
<Demosthenes> no more kbd, framebuffer, console-setup.
<qman__> I agree completely
<qman__> I don't understand how it can be required when if I simply nuke the upstart scripts, everything still works and works the way I want it to
<twb> qman__: it doesn't tho
<Demosthenes> what about 12.04?
<twb> qman__: specifically if fsck fails, mountall will just hang forever if plymouth isn't doing its  thing
<twb> qman__: you can't recover unless you have a live CD
<qman__> hmm, haven't run into that situation
<qman__> but one of my servers where I didn't do that, I never get to see my fsck anyway
<twb> Also this happens if you tell LVM to make a LV read-only, because the boot-time fsck *always writes to ext partitions* -- WTF
<twb> qman__: well OK maybe that is not plymouth being broken, it's just ubuntu being broken
<Demosthenes> ok, i give. it must be compiled into the kernel
<qman__> yeah, I know it's not broken in general, just my case
<twb> All you need to know about plymouth being stupid is it came from fedora, like pulseaudio and systemd
<qman__> but it still pisses me off
<twb> qman__: agreed
<twb> It also pisses me off that nobody lets you just ^C init jobs that have hung anymore
<twb> Long ago, before debian got startpar, if something like postfix hung during boot, yo could just hit ^C to skip it and plough blindly on
<twb> e.g. if the DNS server was cactus that was useful
<qman__> I've run into that postfix hanging during boot problem, but only on fedora
<twb> Well I can't remember which daemon exactly
<twb> I do remember I ran into a really AWESOME feature of centos4 in that it uses ls to list files in /etc/sysconfig/networking to find out which ifaces to raise
<qman__> postfix wasn't configured out of the box, but it'd try to start it anyway and just sit for about ten minutes before moving on
<twb> And because it uses ls, and because this happens before the network is up (obviously) and thus the LDAP server is not accessible, if you put an extra file in there, say eth0-up.bak, it will take an extra TWENTY MINUTES to boot while ls tries to list it
<qman__> heh
<twb> And this issue would be completely bypassed if RH engineers had a flipping clue about how to write sh scripts...
<twb> i.e. you do not bloody do for i in $(ls *.conf)
<twb> Incidentally you can work around that by telling libldap to bind softly.
<uvirtbot> New bug: #1009291 in samba (main) "Samba doesn't start automatically in Ubuntu 12.04 LTS" [Undecided,New] https://launchpad.net/bugs/1009291
<Demosthenes> further hacking apart initfs
<Demosthenes> did they fix this in 12.04?
<twb> TBH I don't know, the only host I'm running precise on has no dsub port at all
<twb> (yaaaay)
<rockets> Is it just me, or is rsnapshot trying to do the same thing three times here:  https://gist.github.com/2879531
<twb> I agree with your analysis.  pastebin your .conf
<twb> Ah, no, /media/nas/admin &c are different
<twb> It is more obvious if you unwrap the lines
<rockets> twb, yeah I just noticed that
<rockets> thanks
<rockets> do you think it's safe for me to copy hourly.7, say, to hourly.{0-6}, just so the all the hourlies are populated and i can have the dailies actually run??
<rockets> or will that break everything
<twb> dailies should not know or care about hourlies...
<twb> AFAIK they're totally independent runs as far as rsnapshot is concerned
<twb> (I may be misremembering...)
<captbaritone> Any idea why "sudo chmod -R 0777" would return "chmod: getting new attributes of `â¦': No such file or directory"
<captbaritone> (file names omitted)
<twb> Because the file doesn't exist.
<twb> DO NOT EVER run that chmod command.  BAD USER!  No biscuit!
 * LordOfTime agrees with twb
<twb> If you just ran that over a directory like /, /etc or /usr, you have permanently broken your system and you should reinstall from scratch right now.
<LordOfTime> indeed
<twb> Also please thump the idiot that told you to run it
<captbaritone> <thumps self>
<captbaritone> It was run on a sub directory
<LordOfTime> its still the last command you'll ever want to run
<LordOfTime> so if you dont mind me being perfectly outright with my question asking:
<LordOfTime> why the hell did you run that command
<twb> At absolute worst you probably want to use something like a+rwX, which will only set x if x was already set
<LordOfTime> what came over you to chmod recursively with 0777 :/
<captbaritone> Sure.
<LordOfTime> twb:  indeed
<captbaritone> I have a HUGE collection of files on my personal machine which I need to be accessible by the user that runs my torrent deamon, the user that runs my web server, and myself
<captbaritone> I had them chmodded 772
<twb> chmod -Rv go-rwx /srv/tftp | sed -e '/mode of .* retained as/d'
<LordOfTime> well doing anything more than 744 is just wrong
<twb> ^^ that is a more normal use of chmod -R
<uvirtbot> twb: Error: "^" is not a valid command.
<captbaritone> with them owned by a custom user and group (to which all three belonged)
<LordOfTime> shut up virtbot
<twb> LordOfTime: 644 or 755 (ref. +X above), not 744
<captbaritone> My problem was that new files were being owned by the user/group of the user that created them
<LordOfTime> twb:  mistyped
<LordOfTime> meant 755
<captbaritone> rather than the user/group that would allow access to all three users.
<LordOfTime> (had to divert to another channel)
<twb> captbaritone: add all three users to a group (probably creating that group) then make the parent directory  setgid that group
<captbaritone> I see. Have all my scripts run setgid before they touch the files?
<twb> If you intend to continue uploading new files in a broken way (e.g. scp -p), you may also wish to write e.g. an @hourly cron job that will chgrp -R over the dir in question
<twb> captbaritone: no, setgid is a property of a directory
<captbaritone> okay, I guess I'm confused by the man page
<twb> If a directory is setgid and grouped to, say, www-data, then all new files created in that dir will default to group www-data
<twb> setgid means something completely different for files, so do not set it on files, only the dirs in question
<captbaritone> that makes sense (and is what I wanted!)
<captbaritone> okay
<captbaritone> (thanks by the way)
<twb> sudo install -dm2775 -unobody -gwww-data /srv/www
<twb> Something like that
<captbaritone> So every time a script creates a directory, it should setgid that, or will the new directories inherit it?
<captbaritone> I suppose I could just test that myself.
<twb> setgid isn't inherited by new subdirs
<twb> Also you will probably need root privileges to add setgid to a dir
<captbaritone> Hmm
<captbaritone> so my cron job which moves files into this deeply nested directory structure will need to run as root?
<captbaritone> Seems a bit silly
<captbaritone> I really should not have to do that
<captbaritone> (the cron job moves files AND creates these directories)
<captbaritone> So, is the gid different than the first digit of the four digit "mode"
<captbaritone> ?
<captbaritone> err
<captbaritone> poorly worded
<captbaritone> Here is a better way of getting at what I want to know: Is the purpose of using "install" over "chown" in the suggestion you made to make sure it only acts on directories?
<twb> captbaritone: once the directories exist, files created in them will have the appropriate group by default
<captbaritone> What about directories created in them?
<twb> It's not recursive
<captbaritone> Should I simply chown them after I create them?
<twb> If you can't create the directories in advance, there is little point using setgid dirs.
<koolhead17> hi all
<twb> Yes, just using chgrp -R is probably the least silly.
<captbaritone> why -R ?
<captbaritone> oh
<captbaritone> to get the files too
<captbaritone> So that would take the place of setgid altogether
<twb> Yes
<captbaritone> Or I could just chgrp each file and directory imediatly after I create it (which would be a bit cleaner)
<ihashacks> captbaritone: incron is something you could try using to autotmatically chgrp any folder that is created
<ihashacks> I only caught the tail end of the conversation though so something like that might be overkill for your goal.
<twb> ihashacks: summary is: he wants to drop a directory tree onto a new box, such that his user, www-data and the torrent user can all access those files
<oasisbob> hi all, I'm still seeing 403 forbidden errors when trying to update from us-east-1.ec2.archive.ubuntu.com
<oasisbob> according to @utlemming, the issue was thought to have been resolved
<twb> oasisbob: how about this one http://paste.debian.net/173091/
<oasisbob> twb: not sure about that one, but if I fall back to us.archive.ubuntu.com it works as expected
<twb> OK
<twb> Wasn't sure if you wanted to fix the mirror or just have apt-get working
<oasisbob> just trying to get apt-get functional, we don't run our own mirror (yet)
<oasisbob> ...but when the EC2 mirror goes has difficulties, it sure wreaks havoc with cloud-init, auto-scaling and the like
<twb> That paste ought to pick a nearby mirror
<twb> Ah, OK.  I don't do cloud stuff.
<oasisbob> heh, thanks though. that works -- wasn't aware of that trick.
<twb> I'd prefer cdn.ubuntu.com but that hasn't happened yet
<twb> That's how debian does it.
<twb> e.g. apt-file doesn't understand the stupid mirror:// syntax
<oasisbob> the wrinkle with the mirrors:// would be in additional bandwidth charges, unpredictable latency, &c
<twb> Yeah granted
<twb> I'm not pushing it as a solution, just an option
<oasisbob> but i'm assuming one could use the same thing, but with the EC2 mirror, then fall back to whatever... i need to understand how apt-get handles failure scenarios better.
<twb> apt uses the order inw hich they appear in sources.list
<twb> So if the same content is in ec2 and mirror://, just put ec2 first
<twb> It should fall back on 4xx
<twb> In fact that's exactly what I do here: http://paste.debian.net/173092/
<oasisbob> hmmm, will it still exit without errors? (eg, a 100 exit code will abort cloud-init)
<twb> file:///srv/apt is a local debmirror, i.e. we are not billed for I/O to it
<twb> oasisbob: not sure
<twb> oasisbob: usually I run apt-get by hand so I don't care, or I use something like debootstrap which can only take one mirror
<oasisbob> yeah, sadly, I have to care about such things. easy enough to test though.
<twb> If I were doing that cloud crap I would probably be rolling images in the same way
<twb> Oh, I see, cloud-init does broadly the same job as live-config
<twb> Or say oem-config
<twb> The actual initialization of the image is already assumed to be done (presumably pre-rolled images from Ubuntu)
<oasisbob> yup -- exactly.
<oasisbob> to each their own -- but I really enjoy not having to seal images &c -- use an official image, cloud-init, then hand off to puppet or chef
<twb> Why bother with cloud-init in the first place then?
<twb> Just prepare an image that has puppet in it from the get-go
<twb> http://paste.debian.net/
<oasisbob> it handles the really low-level stuff like node identity, etc. when you initialize a VM in EC2, you can pass off the user-data which cloud-init picks up on
<twb> Gah
<twb> oasisbob: why doesn't that stuff just arrive via DHCP?
<oasisbob> don't run the DHCP server. :)
<twb> Humph
<oasisbob> yup -- the universe comes in w/ 16k (32k?) max of data, and the instance goes from there. it's an attitude adjustment, to say the least
<twb> 16k of what?
<twb> bytes ?
<oasisbob> yeah. there's a limit on the amount of what AWS calls user data that's passed to their API when you initialize the instance.
<twb> It sounds like some of it is just workarounds for amazon being stupid
<oasisbob> vs PXE/TFTP? :) to be honest, this part has never really bothered me.
<Syria> Hello there, OpenVpn AS is installed and configured on my ubuntu 10.04 LTS server, Could you please let me know how can I view the accounts and configure it?
<oasisbob> there's plenty of entropy in the system after your instances come up that make the bootstrapping seem downright peaceful
<oasisbob> ... as long as you have a reliable apt repo, that is.
<oasisbob> twb: thanks for the pointers
<twb> Well you need the entropy to generate SSH host keys and TLS keys
<twb> Does amazon host ARMv7 images yet, or only x86 / x86-64?
<Demosthenes> *sigh* ok, i give up on why the hell i can't use the SOL function with this MB. i'll just open WINDOWS to run the java applet to administer my linux box.
<Demosthenes> 'cause though it's java, javaws crashes with it in linux.
<twb> SOL?
<twb> Is that yet another acronym for "getting to the BIOS without plugging a monitor and keyboard directly into it" ?
<twb> And yeah, IME they are all RFB under the hood, but wrapped inside a broken java layer that needs windows and is non-trivial to simply spoof by hand.
<Demosthenes> serial over lan
<Demosthenes> great acronym though to use with intels
<twb> Ah right
<Demosthenes> just one more reason they should never be servers, even at home.
<twb> Well fungibility is a pretty good sales pitch
<twb> I have not dealt much with power or sparc, but IME even tier 1 enterprise x86 gear absolutely sucks at doing stuff like ipmi or hw raid in any remotely sane way
<Zanzacar> I am trying to use a dyndns for the cname in enom. It keeps having issues with this has anyone been successful with this?
<Zanzacar> nm for some reason it works now
<twb> CNAME can only direct to another name
<twb> IPs go in A RRs
<Demosthenes> twb: i have. multiple types. thats why i can't recommend intel for any mission critical systems.
<Demosthenes> with prejudice
<twb> But the point is I cannot just ring up a vendor three doors down from me and buy a 3U server running sparc or power for $1200
<twb> Obviously if my hardware budget was $12,000 that would be less of an issue
<twb> I wish I could, even if only to avoid the onrushing EFI clusterfck
<remix_tj> uhm, anyone using winbind on precise to authenticate a client to an AD domain? i need always to restart winbind before logging in
<uvirtbot> New bug: #1009347 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009347
<uvirtbot> New bug: #1009351 in squid3 (main) "package squid3 3.1.19-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009351
<uvirtbot> New bug: #1009357 in munin (main) "Ran out of children: No child processes" [Undecided,New] https://launchpad.net/bugs/1009357
<muhqu1> hey guys, just wanted to let you know that us-east-1.ec2.archive.ubuntu.com is throwing 403 Forbidden on one of its IPs
<twb> muhqu1: file a bug on launchpad
<ivoks> i've noticed that too just now
<muhqu1> ivoks: this describes the problemâ¦ https://gist.github.com/2880501
<ivoks> yes, i'm working on workaround right now
<jibel> jamespage, good morning
<jamespage> jibel, morning
<jibel> jamespage, all quantal server ec2 tests failed
<jamespage> jibel, yes - thats me
<jamespage> jibel, I just ran the job with the image for a1 - but its not published yet so all the test bombed.
<ivoks> ec2 archive is broken
<jibel> jamespage, ok, it's under control then  :)
<jamespage> ivoks, I see issues in one region from the smoke I did for quantal this morning - what are you seeing?
<jamespage> ivoks, https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/quantal-server-ec2-daily/
<ivoks> jamespage: archive httpd is returning 403; it's being worked on
<jamespage> ivoks, great - I'll not go an poke people then
<jamespage> jibel: yep - under control - just waiting for the images to spin out of production
<jamespage> jibel, hows everything else looking
<jamespage> ?
<jibel> jamespage, everything else is looking good, as good as it can be with an A1.
<jamespage> jibel, marvellous
<ivoks> jamespage: it looks like it's solved
<ivoks> muhqu1: try now :)
<muhqu1> thanks a bunch, works
<jamespage> ivoks, thanks - just waiting for the alpha1 images to finish production now.....
<Daviey> jamespage: that was a grub typo?
<jamespage> Daviey, what was a grub typo?
<jamespage> the requirement for a re-spin
<Daviey> jamespage: ec2 rebuild?
<Daviey> (question, not a statement :)
<jamespage> Daviey: looking at the email trail it was a requirement for a new kernel
<Daviey> jamespage: just noted, http://bazaar.launchpad.net/~ubuntu-on-ec2/vmbuilder/automated-ec2-builds/revision/482
<Daviey> jamespage: email trail?
<jamespage> Daviey, I don't think that is related
<jamespage> Daviey, between smoser, utlemming and I re testing of a1 images....
<Daviey> jamespage: Is there anything documented publicly ?
<Daviey> jamespage: Do you know why vmbuilder and live-build processes are being maintained for Quantal?
<jamespage> Daviey, I thought we had moved over the live-build so no
<lynxman> morning o/
<uvirtbot> New bug: #1009399 in freeradius (main) "freeradius initscript fails silently" [Undecided,New] https://launchpad.net/bugs/1009399
<Adonis> does anyone no a command to see what services are running on my ubuntu server?
<uvirtbot> New bug: #1009419 in samba (main) "enabling winbind offline logon doesn't authenticate on windows shares" [Undecided,New] https://launchpad.net/bugs/1009419
<zul> good morning
<LordOfTime> any of you ever heard of PHP needing root to run python scripts with shell_exec() or exec()?
<LordOfTime> (in Ubuntu)
<smoser> Daviey, where do you see that we are maintining both processes?
<Daviey> smoser: seeing commits to both trees
<smoser> (i would not argue against that by any means, but i would actually be surprised if the vmbuilder path works. that said, clearly we dont intentionally do things to break it.)
<smoser> link?
<Daviey> https://code.launchpad.net/~ubuntu-on-ec2/vmbuilder/automated-ec2-builds , smoser
<smoser> yes, i know where the code is :)
<Daviey> smoser: then why are you asking?
<smoser> because i dont see what you are seeing.
<smoser> you're probalby assuming that 'vmbuilder-cloudimg-fixes' is only relevant to vmbuilder.
<smoser> whihc is a reasonable guess, but is incorrect
<Daviey> i'm probably assuming that being under the vmbuilder project, it is vmbuilder based :)
<Daviey> and lp:~ubuntu-on-ec2/live-build/cloud-images is live-build based
<Daviey> I guess i'm just old fashioned thinking that code under one project, is for that project.
<smoser> well, you know what happens when you assume.
<smoser> automated-ec2-builds clearly started as a vmbuilder project.
<smoser> now it does more than that.
<Daviey> shouldn't it be switched to be under ubuntu-on-ec2 project, at least?
<smoser> ubuntu-on-ec2 project is gone.
<smoser> it is historic only. ubuntu on ec2, is "just ubuntu".
<uvirtbot> New bug: #1009514 in bind9 (main) "Lucid hangs during update of bind9-host" [Undecided,New] https://launchpad.net/bugs/1009514
 * ogra_ sighs ... so my mailserver gets 501 errors from some servers it talks to since a few days
<ogra_> does anyone else experience that under lucid ?
<Jeeves_> Did you change your reverse dns?
<ogra_> i never had reverse DNS on this machine ...
<ogra_> it worked for the last 4 years like that ...
<maxmahem> A lot of mail servers will reject you w/our rDNS. Including AOL and Yahoo I believe.
<ogra_> maxmahem, well, as i said, it worked for the last 4 yeras and its only the web.de server that suddenly refuses
<smoser> jamespage, you spent time doing i386 tests?
<jamespage> smoser: a little
<smoser> you, sir, are a king.
<smoser> (although it might have been more useful to spend that time on amd64)
 * smoser starts to do some testing there.
<jamespage> smoser: actually that ISO downloaded first - hence why I did some
<jamespage> (iscsi is automated btw)
 * Daviey is so glad that one is automated
<smoser> ivoks, if i upload https://code.launchpad.net/~ivoks/ubuntu/lucid/glib2.0/887946/+merge/81703 will you test it?
<kayakyakr> Network guys hard-powered my server this morning to replace a UPS battery and now it won't come back up. The error message I'm seeing is identical to this one: http://jhonjairoroa87.blogspot.com/2011/01/ubuntu-boot-error-no-init-found-try.html
<ivoks> smoser: will do
<kayakyakr> when i'm dumped into busybox, i can mount that volume, without change, as long as I provide arguments: mount -t ext4 -f /dev/mapper/ubuntu-root /root
<kayakyakr> already booted into the live cd, ran fsck on /dev/sda1 and /dev/ubuntu/root (the LVM partition)
<kayakyakr> haven't yet tried to rewrite initramfs with update-initramfs. would that be your next suggestion?
<uvirtbot> New bug: #1009555 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1009347)" [Undecided,New] https://launchpad.net/bugs/1009555
<patdk-wk> kayakyakr, sounds like it's mounting the wrong filesystem as root
<kayakyakr> patdk-wk i think that might be the case. any suggestions on where I might be able to modify that setting?
<patdk-wk> in grub
<kayakyakr> well, it is mounting the correct volume, I don't think grub really cares about the type?
<kayakyakr> we get past grub, get to initramfs before it blows
<patdk-wk> kayakyakr, who said grub cares at all?
<patdk-wk> hmm, so it mounts the correct root?
<kayakyakr> yes
<kayakyakr> patdk-wk it's trying to mount /dev/ubuntu/root which is the correct root. it fails when it actually tries to mount that.
<patdk-wk> then you need to figure out what went wrong. lvm failed?
<patdk-wk> I don't do lvm much myself
<RoyK> kayakyakr: /dev/ubuntu/root is probably the lvm device, not the mount point...
<RoyK> s/lvm device/lvm logical disk device/
<kayakyakr> royk: yes. the mount point is /root (in initramfs). once the system starts /dev/ubuntu/root is mounted to /
<AnGrYfUrBy> hey guys is anyone having issue's with atftp not loading on ubuntu 12.04
<ihashacks> AnGrYfUrBy: https://bugs.launchpad.net/ubuntu/+source/atftp/+bug/972834
<uvirtbot> Launchpad bug 972834 in atftp "atftpd: invalid IP address" [Undecided,Confirmed]
<ihashacks> Like that?
<AnGrYfUrBy> exactly like that
<AnGrYfUrBy> is der a fix for us n00bs
<ihashacks> add "--port 69" to the OPTIONS section in /etc/default/atftpd
<ihashacks> also, if you are in launchpad, please mark that the bug affects you too :)
<kayakyakr> fixed it.
<kayakyakr> note: If you have an LVM partition as your root and an active snapshot of said partition, your system will not boot.
<kayakyakr> simple fix. lvremove /dev/ubuntu/rootsnapshot
<kayakyakr> *headdesk*
<AnGrYfUrBy> ihashacks, it works how did you do it !!!
<patdk-wk> kayakyakr, heh, I never snapshotted root before
 * patdk-wk isn't sure he ever put root on lvm before either
<kayakyakr> it was a very nice way to make a backup. loving the hell out of LVM in general... but lordy lordy that was a huge gotcha.
<patdk-wk> I used to, but my disk i/o is too high for lvm snapshots
<kayakyakr> i could see that
<ihashacks> AnGrYfUrBy: patience and diagnostic skills
<AnGrYfUrBy> ihashacks, very wise and true words
<pseudo> Hi guys - As I understand it, ubuntu can be setup to use SELinux as well as kvm/libvirt - My question is, how easy is it to use sVirt on ubuntu?
<hallyn> stgraber: would it be more useful to you to have a lxc package made with the lxcapi, or just the modified upstream lxc tree?
<hallyn> pseudo: there is an apparmor plugin for svirt which is enabled by default in ubuntu.  that obviously is easy to use.  To use it with selinux, there'd be much for you to do.
<stgraber> hallyn: if the package has liblxc in a public path and has a -dev package with the header and .so, then I prefer a package as it's easier to have other people test. Otherwise upstream lxc tree is fine
<hallyn> stgraber: I've not yet made a package, so it would have whatever you like, subject to my incompetence
<stgraber> hallyn: ok, IIRC lxc-dev already exists and ships the .h, what needs changing is the location of the .so.* from /usr/lib/<multi arch>/lxc to /usr/lib/<multi arch>
<hallyn> but the current -dev package depends on lxc, rather than vice versa
<hallyn> stgraber: why move to /usr/lib/<multiarch>?  that's just the norm?
<stgraber> hallyn: lxc-dev depending on lxc is fine. lxc ships the .so.x.x and lxc-dev ships the .so and .h
<hallyn> ok but i assume nwo we'll want people to have liblxc.so without having all of lxc installed
<stgraber> hallyn: yeah, I don't think we need to have a whole namespace for us when we only ship one library. That made sense when it was private, but if we start making it a public library, we probably should move it to the a path that ld actually knows
<hallyn> ok
<hallyn> i'll get a package into ppa
<hallyn> (then i'd like to get the hooks done, then be done with lxc for a bit)
<stgraber> hallyn: hmm, good point, I guess at some point people may want liblxc without lxc itself, though it'll be easy enough to split the packages to lxc, liblxc1 and liblxc-dev and make lxc depend on liblxc1 and liblxc-dev just depend on liblxc1
<hallyn> ok, thx, ttyl
<zapotah> hi anyone have any tips for compiling the e1000 driver on 12.04
<zapotah> not too much experience compiling drivers
<zapotah> propably missing some library but which one
<smoser> zapotah, i'd suspect 'apt-get install build-essential linux-headers'
<zapotah> nope
<zapotah> already got those
<smoser> well, what is going wrong then?
<smoser> what are you doing?
<zapotah> trying to compile the e1000 V8 driver from intel
<zapotah> for lacp bonding
<smoser> zapotah, that doesn't mean anything to me, sorry.
<smoser> i'm guessing you downloaded a tar.gz file from somewhere (that i dont know where)
<zapotah> from intel
<smoser> extracted it, then did something, and got some errors.
<zapotah> yes
<zapotah> about to get to that :)
<smoser> what errors
<zapotah> http://pastebin.com/eDDffD96
<zapotah> wrong one
<zapotah> heres the complete output
<zapotah> http://pastebin.com/7RtmTk1F
<smoser> zapotah, it would seem to me that their kernel driver is looking for files that do not exist in more recent kernels.
<zapotah> could be
<smoser> ie, those files were in 3.0 headers, but do not exist in 3.2
<smoser> "those files" == pm_qos_params.h
<zapotah> i even tried symlinking the pm_qos.h to pm_qos_params.h
<zapotah> which is found in /usr/src/longheaderdir/include/linux
<smoser> where did you download this thing?
<zapotah> but apparently something has changed noticeably since the drivers came out
<zapotah> intel driver site
<smoser> link?
<zapotah> here you go: http://downloadmirror.intel.com/9180/eng/e1000-8.0.35.tar.gz
<smoser> zapotah, http://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=9180
<smoser> "NOTE: The e1000 driver is scheduled to change to a kernel only support model on/around Q2 of 2012.  If you have open issues you would like to see resolved, please submit them through http://sourceforge.net/projects/e1000/ as soon as possible."
<smoser> it is around Q2 of 2012.
<smoser> i'd suspect you might re-compile the driver from the kernel source instead.
<zapotah> hmm
<zapotah> wish i knew more about how to do this stuff... Frankly i have to ask, how do i compile the e1000 from the kernel source?
<zapotah> i never suspected this would be so complicated :)
<zapotah> im more of a networking guy and everything else is configured and tested working, and making the lacp bonding on the server side is the last thing that still needs to be done.
<patdk-wk> heh?
<zapotah> but apparently the old V7 e1000 driver that ships with 12.04 does not support lacp with the 82541PI nic
<patdk-wk> yuk, that is a desktop chip, and limited to pci bus speeds
<zapotah> i know :P
<zapotah> but it should serve its purpose
<patdk-wk> oh, I just found it odd lacp wasn't supported, but then I never tried it with a pci based nic
<zapotah> probly with a newer card with e1000e it would work
<zapotah> however...
<zapotah> :)
<zapotah> this problem was stupid beyond belief
<zapotah> ill blame it on the 14hr workday
<zapotah> it works now
<zapotah> as it should
<zapotah> as it did from the beginning if i had paid attention
<zapotah> now off to sleep, and sorry for the undue troubles :)
<uvirtbot> New bug: #1009695 in backuppc (main) "package backuppc 3.2.1-2ubuntu1.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/1009695
<uvirtbot> New bug: #972829 in juju "maas-server setting requires port even when using http default" [Low,Fix released] https://launchpad.net/bugs/972829
<JonEdney> Are there any memory monitoring apps out there for servers?  I have a server monitoring app monitoring my system, and the memory increases everyday and nothing is on it but Apache, PHP, MySQL and is not being used.
<hallyn> stgraber: lxc-init should technically be under libexec, right?
<hallyn> hm, i see, that doesn't exist :)  nm
<guntbert> JonEdney: for a quick look use top (or htop)
<JonEdney> Thanks guntbert, not familair ill check it out
<stgraber> hallyn: right ;) I actually have a libexec on my system but that was a workaround I used when packaging lttng (system tracing) where they need to run one daemon per architecture, spawned by their library (so wanted it out of the path and in a multi-arch path)
<stgraber> but yeah, usually debian/ubuntu don't have libexec
<guntbert> JonEdney: both show actually the same things, htop is "nicer" and better adjustable to your needs
<JonEdney> Is it common to have multiple mysqld and apache processes?
<bctrainers> how many is multiple to you? :p
<bctrainers> Mine range from five upwards to 25+ depending on server :)
<JonEdney> 10-15 of each?
<JonEdney> Alright.
<JonEdney> I installed a RevealCloud app on the server to monitor, it's running like 15-20 processes also, that may be eating my memory more and more.
<bctrainers> just depends on your my.cnf and apache config settings for how many little workers it spawns in :p
<uvirtbot> New bug: #1009717 in samba (main) "package samba-common 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009717
<uvirtbot> New bug: #1009727 in samba (main) "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009727
<erichammond> What's the (relatively new) technical term used for a one time use token that is provided to a user to allow them to perform an action?
<erichammond> They used to be called "cookies" a couple decades ago (before the web took this over)
<jkyle> I'd like to install the 3.4.x kernel on 12.04
<jkyle> I found these debs: http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.4-precise/
<jkyle> is that the recommended method? I could roll my own
<Daviey> jkyle: Probably better to ask in ubuntu-kernel.. they are backporting 3.4 to Precise officially.
<adam_g> w/in 5
<Daviey> adam_g: l/ose 5 :)
 * RoyK says hi from 79ÂºN
<adam_g> :(
<jkyle> Daviey:thanks! going to take that open vswitch module for a spin
<Daviey> jkyle: It's in the Precise version.. What issues are you seeing?
<Daviey> jkyle: BTW, i'd really like to hear your thoughts and plans on what you plan to do with openvswitch.
#ubuntu-server 2012-06-07
<randomDude> is sssd or pam_ldap (and pam_creds) the preferred(new) way to provided cached ldap login when a laptop is "out on the road"
<twb> NFI.  I just let users manager their own laptops and do LDAP auth in each respective service
<Fidelix> Did anyone update bind today?
<Fidelix> Looks like the update is broken
<Fidelix> Does anyone have a fix?
<pmatulis> Fidelix: details of the breakage would be nice
<Fidelix> pmatulis, http://paste2.org/p/2047526
<pmatulis> Fidelix: did you upgrade bind9 today?
<Fidelix> pmatulis, yes
<pmatulis> Fidelix: what release are you running?
<Fidelix> 12.04, upgraded from 11.10
<twb> Since resolvconf, I would guess preicse
<pmatulis> true dat
<Fidelix> Running /etc/resolvconf/update-libc.d/sendmail manually also gives me that error.
<pmatulis> Fidelix: i recommend you open a bug on it.  it's fairly serious if bind does not run on an LTS
<Fidelix> pmatulis, do you have any workarounds to suggest?
<Fidelix> I don't want my apt locked for other updates
<pmatulis> Fidelix: disable resolvconf
<pmatulis> Fidelix: make /etc/resolv.conf a regular file instead of a symlink
<Fidelix> Now I have another error
<Fidelix> debconf: DbDriver "config": /var/cache/debconf/config.dat is locked
<hallyn> zul: I wonder if bug 1009727 could be due to 'apt-get upgrade' vs 'apt-get dist-upgrade'
<uvirtbot> Launchpad bug 1009727 in samba "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009727
<pmatulis> Fidelix: is that after trying to disable r/c?
<Fidelix> pmatulis, I moved the symlink to a backup, then copied the real resolv.conf to /etc/resolv.conf
<pmatulis> Fidelix: ok, and how does the 2nd error happen?
<Fidelix> apt-get -f install
<pmatulis> Fidelix: hm
<pmatulis> Fidelix: some lingering process due to your recent upgrade?
<Fidelix> Okay, I ran some mojo to fix that
<Fidelix> But now I have another error
<Fidelix> resolvconf: Error: /etc/resolv.conf isn't a symlink, not doing anything.
<Fidelix>    ...done.
<Fidelix> Apparently apt-get is no longer locked.
<Fidelix> Thanks.
<pmatulis> Fidelix: now restart bind?
<Fidelix> It gave this same error twice on restart
<Fidelix> But apparently it is running
<pmatulis> Fidelix: and do explain the mojo when you get a chance
<Fidelix> fuser -cuk /var/cache/apt/archives/lock, then rm -fr /var/cache/apt/archives/lock
<Fidelix> Although the first command will throw you away from ssh, so it needs to be run in the same line
<pmatulis> ok, good to know
<Fidelix> Thank you for the help pmatulis. You have my gratitude.
<pmatulis> Fidelix: you're welcome
<Fidelix> I will pay it forward.
<Fidelix> Good bye.
<pmatulis> 'gnight
<hnasarat_> I'm having trouble getting any sort of networking running on my laptop server with an ethernet cable or wpa_supplicant. Searching the web proved useless, as did trying what works in arch to get networking running. Any suggestions?
<hnasarat_> Similarly the ubuntu support website has nothing related to my problem, and neither does the server guide.
<Rthomso5> Hi anybody able to help with a squirt issue with sguil0.7 on Ubuntu server
<Rthomso5> Squert issue
<Rthomso5> Is there a an issue with using squert0.9.2 with the older sguil0.7
<jasef> Hey, I'm just adding the debian-installer images to my ubuntu mirror, and wondering if the normal netboot will install ubuntu server or if it just installs desktop?
<jasef> I have a machine that I can only use network to install, and it needs to be server
<SpamapS> jasef: netboot only installs a minimal system
<SpamapS> jasef: you'll get asked about what extra stuff to install. I'd recommend OpenSSH Server, but otherwise.. leave the other sutff off :)
<jasef> SpamapS: Awesome, so it won't install a desktop system?
<jasef> If it doesn't I'm cool with that.
<jasef> Oh, and another question, is it worth switching to linux-image-server or is -generic just as good for servers?
<SpamapS> jasef: linux-image-server is just a meta package for linux-image-*-generic
<SpamapS> at least, in 12.04
<jasef> So identical to just using linux-image then?
<SpamapS> jasef: as far as I can tell, yes
<SpamapS> but I've never looked deeply into this
<mgw> how does one figure out what device names partman auto has created?
<mgw> e.g., /dev/sda1,2,5,99
<mgw> they're not sequential, i know
<jasef> Well, if anyone wanted to know, my mirror is currently functioning and the netinstall is working fine. almost done the base install step
<Ormie> Hi, My hardware doesn't support ubuntu server.
<Ormie> 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8188CE 802.11b/g/n WiFi Adapter (rev 01)
<Ormie> What to do?
<Ormie> I can't use iwconfig with that.
<Ormie> FAQ: Q: You use ubuntu server on a laptop that has wireless card?
<Ormie> A: Yes.
<Ormie> good bye, then
<greppy> Too bad Ormie didn't use google... a search of 'RTL8188CE linux' returned several hits for getting that working.
<acidflash> hello all
<acidflash> I have a crontab parameter @reboot /usr/bin/start-scheduler which is no longer working on ubuntu-server 12.04
<acidflash> was @reboot removed from cron?
<ikonia> not that I can see
<acidflash> ikonia: any idea why it would stop working after a release upgrade?
<ikonia> acidflash: sounds silly, but can you do it manually ?
<ikonia> see if there is an error with the actual command on your setup
<acidflash> run the script manually you mean? for sure
<acidflash> works fine
<KrizOne> hi guys, is anyone able to link me to a good article about installing imagemagick to work with php? i have tried googling and the ones im finding dont seem to be working, when i try to do "sudo pecl install imagemagick" it says that the version i have is wrong :S
<KrizOne> sorry, disregard that, it is installed, im just a nub XD
<ikonia> I was just typing.....
<ikonia> pecl ?
<ikonia> you install it using the ubuntu package manager, it's installed as an ubuntu package
<KrizOne> i found this, http://bloke.org/linux/install-imagemagick-imagick-for-php-on-ubuntu/
<KrizOne> thats the one that advised me to use pecl
<ikonia> KrizOne: just open the package manager, search for image magic
<ikonia> you'll see the imagemagic php component, install it
<ikonia> KrizOne: a good tip is to not blindly follow external sites, there is no rating system to show if it's good advice/bad advice
<ikonia> KrizOne: (as you can also see that guide is over 4 years old - things will/may have changed)
<KrizOne> ahh i see
<KrizOne> i didnt check that
<KrizOne> thanks =]
<KrizOne> its actually working fine in php, it turns out its an issue between phpThumb and it
<KrizOne> but we are fixing that now =] thats for the responses
<ikonia> no problem
<Daviey> smoser: hey, can you confirm when bug 1009294 fix lands in cloud build branch?
<uvirtbot> Launchpad bug 1009294 in grub2 "Grub update breaks automated dist-upgrade scripts on AMI images" [High,In progress] https://launchpad.net/bugs/1009294
<Daviey> (Confirmed that running that one line on a fresh instance, then upgrading makes world peace
<zul> Daviey: for the openstack SRU, if we dont have a way to test it (ie: bug #992916) ill explain how it is fixed in the stable tree but not offer a testcase
<uvirtbot> Launchpad bug 992916 in nova "nova.tests.test_nova_rootwrap fails on Fedora 17" [Undecided,In progress] https://launchpad.net/bugs/992916
<jamespage> smb, around?  have a question about the kernel rejigs with regards to -virtual
<jsmith-argotec> anyone have a bit of time to help me try to figure out what changed/broke in Logwatch between 10.04 and 12.04?
<jsmith-argotec> logwatch is very sparse in 12.04 (no customizations except log level medium) as compared to 10.04
<jsmith-argotec> this was an upgrade
<Daviey> zul: probably comment why the regression potential of having that changeset is low.
<jsmith-argotec> I found a bunch of log settings in rsyslog that are now commented out in 12.04 and changed them back to match 10.04... that added some logging
<zul> Daviey: ack
<jsmith-argotec> which didn't make sense to me but it's still not right
<jsmith-argotec> anyone? :-) or maybe a better channel to ask the question?
<ironm> hello. I have prepared MariaDB 5.5.24 repositories for ubuntu-server 12.04 for off-line installations (see links below). They include also libreadline5 so after fresh installation of ubuntu-server it is very easy to install MariaDB 5.5.24 ... http://rsync.it-infrastrukturen.org/mariadb/ubuntu/mariadb-ubuntu-local-repo.pdf
<ironm> Link to the repo: http://rsync.it-infrastrukturen.org/mariadb/ubuntu/mariadb5.5.24-precise-repo.tgz
<ironm> and the bigger one with tests: http://rsync.it-infrastrukturen.org/mariadb/ubuntu/mariadb5.5.24-test-precise-repo.tgz
<ironm> ...
<ironm> I have also prepared some description how to setup master-slave and master-master replications for MariaDB5.5.24 on ubuntu-server ... http://rsync.it-infrastrukturen.org/mariadb/ubuntu/mariadb-ubuntu-replication-cluster.pdf
<rbasak> ironm: looks good! This sounds like just the sort of thing that a charm would be perfect for.
<ironm> thank you rbasak :)
<rbasak> ironm: any chance you could charm this? Then others would be able to use your description automatically. There is an existing mysql charm though, so I'm not sure if it would be best to integrate this with that charm or have a separate one.
<CloudDev> Where i can find a configuration guide to security and tuning for Ubuntu ?
<VivekVC> CloudDev: Ubuntu Server Guide 12.04
<ironm> rbasak, I am not sure if I can interpret your last sentence correctly ... At least for me is MariaDB the further development of MySQL
<rbasak> ironm: sure, but the repository will have MySQL for a long time to come, as well as MariaDB
<rbasak> We need to be able to support both
<rbasak> So one approach is to have two separate charms, one for MySQL and one for MariaDB. The other approach is to have support for both in one charm with a configuration option to decide which is to be used. I'm not familiar enough with charming or with MariaDB to understand which would be better, though I can point you to the right people if you're interested in charming MariaDB.
<CloudDev> ViveKC thanks, i'm not have experience with Ubuntu Server, have you used Ubuntu Server to high traffic web server ?
<ironm> rbasak, I afraid that MySQL will die in long term (or to be to difficult to use due to some habits if the current *owner*)
<ironm> s/if/of/
<rbasak> ironm: sure. I don't disagree. But it'll be available as long as it is in Debian, which is currently indefinite. 12.04 includes it and is supported for five years.
<ironm> rbasak, to stay on the safe "side" I prefer to use MariaDB from now
<rbasak> ironm: that's absolutely fine. I'm sure many others want to do that too, which is why MariaDB charm support would be awesome :)
<CloudDev> yum works well in ubuntu ?
<rbasak> CloudDev: the debian/ubuntu equivalent of yum is apt
<rbasak> !apt | CloudDev
<ubottu> CloudDev: APT is the Advanced Package Tool, which together with dpkg forms the basic Ubuntu package management toolkit. Short apt-get manual: https://help.ubuntu.com/community/AptGetHowto - Also see !Synaptic (Gnome), !Adept (KDE) or !KPackageKit (KDE)
<Pici> !yum
<ubottu> Uh, don't you mean !apt ?
<ironm> rbasak, I would be happy if I could install ubuntu-server with MariaDB (instead of MySQL)  ... LAMP
<ironm> or just only the DB software
<ironm> like PostgreSQL
<CloudDev> Ubuntu Server works well in high traffic web server in Amazon EC2 ?
<rbasak> ironm: it is being discussed. You may be interested in this thread: https://lists.ubuntu.com/archives/ubuntu-server/2012-February/006073.html
<ironm> thank you very much rbasak
<smoser> Daviey, i'll update the bug when i land that change to bug 1009294. i did some testing here, and so far it looks like it will work.
<uvirtbot> Launchpad bug 1009294 in grub2 "Grub update breaks automated dist-upgrade scripts on AMI images" [High,In progress] https://launchpad.net/bugs/1009294
<ironm> rbasak, that is exactly the point ... "It has been brought to my attention that MySQL may have gone this way
<ironm> as well, but in a much more subtle way. This started about a year ago,
<ironm> and has only recently really become obvious.
<ironm> "
<Daviey> smoser: yeah, i validated it from a running instance.
<Daviey> super
<ironm> rbasak, I follow Oracle's activities for dozen of years
<smoser> anyone want to help me copy results from jenkens to iso tracker?
<smoser> jamespage, hggdh, roaksoax ? you've all helped iwth this before...
<smoser> we need to copy https://jenkins.qa.ubuntu.com/view/Quantal/view/All%20Quantal/job/quantal-server-ec2/2/ to http://iso.qa.ubuntu.com/qatracker/milestones/221/builds
<hggdh> smoser: on it
<Daviey> smoser: no, i'd rather it was left blank and time spent on writing a damn tool to do this :)
<Daviey> Each milestone, copy and pasting results.. do you realise how daft that sounds? :)
<smoser> hggdh, you copy the happy ones (green)
<smoser> and, hggdh i will investigate anything else.
<hggdh> smoser: :-)
<smoser> Daviey, i realize that. yes. its stupid.
<hggdh> I am getting a lot of happy pills
<smoser> hggdh, thank you.
<smoser> Daviey, stop talking, and start writing your tool
<hggdh> Daviey: me daft ;-)
<Daviey> smoser / hggdh  : do you want to take the action of syncing with stgraber on how to make sure we don't have to do this next cycle?>
<hggdh> Daviey: IIRC, stgraber added API to the iso.qa. I will check with him later)
<Daviey> hggdh: he did.. i think i started writing the tool last cycle.. but long since lost
<hggdh> Daviey/smoser: apparently jibel already did it
<stgraber> hggdh: jibel gave some instructions on how to use the API to jamespage in #ubuntu-testing
<hggdh> stgraber: ah, cool. I think this then explains the deleted entry in one of the ec2
<jibel> hggdh, it's me, I tested that the script worked with ec2 as well.
<hggdh> jibel: cool. I guess james is on it, then?
<Daviey> superb
<hggdh> smoser: I need 20 min to get to a pharmacy; I will keep on when I am back
<smoser> hggdh, thanks. i'll poke at using jibels script though.
<smoser> jamespage, https://jenkins.qa.ubuntu.com/view/Quantal/view/All%20Quantal/job/quantal-server-ec2/2/ARCH=amd64,REGION=us-west-2,STORAGE=ebs,TEST=simple-user-data,label=ubuntu-server-ec2-testing/console
<smoser> what failed there?
<WeissLehrer> What do I do when /proc/sys/net/ip_forward dows not exist? <o>
<jkyle> I'm curious why mdadm has a dependency on postfix
<ikonia> jkyle: for alerting
<ikonia> it's a dependency on an mta, not postfix
<lamont> jkyle: Recommends: default-mta | mail-transport-agent, module-init-tools
<lamont> it's a recommends
<jkyle> I figured, but I wouldn't consider that a hard dependency
<lamont> default-mta Depends: postfix
<ikonia> it's optional
<rbasak> WeissLehrer: you use /proc/sys/net/ipv4/ip_forward which is where it's supposed to be :-)
<jkyle> when I do: apt-get install mdadm, it says "The following NEW packages will be installed: mdadm postfix"
<rbasak> jkyle: use apt-get --no-install-recommends mdadm
<jkyle> good to know, thanks
<WeissLehrer> rbasak: oh, thank you ^^"
<jamespage> smoser: INFO:root:Instance i-0b36c238 not responding after 1200 seconds - rebooting
<jamespage> failed initial boot
<smoser> jamespage, gah. sorry. it'd be nice if that was prefixed with 'error' or 'fail' :)
<jamespage> smoser, thats a good point
<smoser> yeah, and https://jenkins.qa.ubuntu.com/view/Quantal/view/All%20Quantal/job/quantal-server-ec2/2/ARCH=amd64,REGION=us-west-2,STORAGE=ebs,TEST=simple-user-data,label=ubuntu-server-ec2-testing/artifact/None/amd64/m1.large/ebs/i-0b36c238/uec2-20120606-1016-3870cf4090ef4a-running.console.txt confirms.
<smoser> cloud-init-nonet waiting 120 seconds for a network device.
<smoser> cloud-init-nonet gave up waiting for a network device.
<jamespage> yep
<jamespage> I still don't really understand whether that is a ec2 error or something wrong with our images
<WeissLehrer> still my other pc is not able to access internet
<WeissLehrer> im trying to configure my server as a router
<smoser> jamespage, i'm pretty convinced its an ec2 error.
<jamespage> smoser, that was my hunch
<smoser> dhcp failed
<smoser> but i have not hard evidence of it.
<smoser> and it could clearly be a race condition in udev or something that missed the device.
<ttx> smoser: there is nothing like an ec2 error. Amazon is flawless.
<smoser> -ENOENT
<jamespage> ttx: I found it amusing that they don't have instance state 'ERROR'
<ttx> jamespage: if you think it fails, it's just that you're not smart enough to understand :)
<hggdh> smoser: where can I find results for Europe and HVM?
<jamespage> ttx, lol
<smoser> we do not do hvm in automated testing.
<smoser> hggdh, dont worry about copying
<smoser> i'll play with jibel's scripts and try to get something worked up.
<smoser> skaet, can you not worry about having no ISO tracker results posted for a bit? ie, lets not hang the release on that?
<hggdh> smoser: most are already done -- only missing Europe and HVM
<smoser> oh.
<smoser> well, i still might do it.
<smoser> but, europe shoudl be there
<hggdh> it is still worth it
<smoser> (europe is eu-west-1)
<hggdh> ah crap
<hggdh> I read 'eu' as 'us'.
<hggdh> duh
<hggdh> done
<skaet> smoser,   ok.   Just want to get them recorded on there before we archive the milestone.
<Daviey> smoser / skaet: Looking at the current results, i don't see anything that would potentially delay A1.
<skaet> Daviey,  yes,  we'll go forward with publishing.   Just want to make sure that the results are tracked, so we can refer back to if needed.
<Daviey> super
<endzYme> Hey all, had my boss recently ask us to move away from using repositories for things like MongoDB and Cassandra as they someday could be down and we wouldn't be able to deploy machines. Are these concerns unfounded?
<hallyn> stgraber: ok, latest push re-adds patches we need, so lxc-start works with lxc2 package.
<WeissLehrer> I wonder why does my server takes more than 2 min waiting for network configuration at boot... and boot without full network configuration...
<smoser> jamespage, i'm really sorry..
<smoser> but https://jenkins.qa.ubuntu.com/view/Quantal/view/All%20Quantal/job/quantal-server-ec2/2/ARCH=amd64,REGION=us-west-2,STORAGE=ebs,TEST=simple-user-data,label=ubuntu-server-ec2-testing/console
<smoser> what is wrong there?
<smoser> gah!
<smoser> you told me already.
<smoser> sorry
<hallyn> WeissLehrer: sounds like devices specified in /etc/network/interfaces are not coming up right.  dhcp server problems?  bad interface file?
<WeissLehrer> hallyn: network just works after /etc/init.d/networking restart
<Daviey> zul: hey, can you propose a MP to lp:~ubuntu-archive/+junk/sync-blacklist .. with anything openstack related which debian is not the upstream of, please?
<WeissLehrer> but works fine after that
<zul> Daviey: sure
<Daviey> zul: thanks!
<Daviey> zul: i'm going to make delta.html respect the blacklist
<WeissLehrer> hallyn: but there is message coming up when I do that: cannot create /run/network/ifup.eth0: Directory nonexistent
<WeissLehrer> but network and routing is working fine
<zul> Daviey: gotcha
<WeissLehrer> i have a /run/ folder but there is no /run/network/ <o>
<WeissLehrer> it seems I fixed it by creating a symlink from /run/network/ to /var/run/network/ (trying to reboot to see if it works on boot)
<bitfury> hey guys, when configuring exim4 to send an email out is it required to have an outgoing smarthost set up?
<WeissLehrer> hallyn: when I type 'start networking' i get:  netorking stop/waiting
<WeissLehrer> and it does start correctly when I restart networking
<bananapie> Is there a command similar to lsof that will log all accessed files by a command that I execute ? ( I want to capture open files when the command is launched )
<jmedina> bananapie: yeap, use the audit sistema
<jmedina> system
<WeissLehrer> i can't solve it
<reisi> hi everyone, does anyone have experience with simple sata hba pcie cards and using linux md with them? right now i'm looking at for example adaptec 1430sa, wondering if it'll expose all drives to linux or is there just one large combined drive
<WeissLehrer> Well, for some reason my network won't start on boot and I need it to start on boot.... can anyowne help me?
<WeissLehrer> oh, just fixed it making a symlynk in /var/ to /run/
<hallyn> WeissLehrer: meaning the /var/run -> /run symlink did not exist?  that's definately a bug, probably in initscripts package
<WeissLehrer> hallyn: exacly, it was a folder in /var/run/ nor a symlynk
<WeissLehrer> symlink*
<WeissLehrer> i had to move it
<WeissLehrer> hallyn: now /etc/init.d/dhcp3-server does not exist though dhcp3-server is installed
<ubergeek42> hi everyone; I periodically am getting kernel panics in 4 of my ubuntu 12.04 VM's(esxi5).  I installed linux-crashdump, but upon testing it with 'echo c | sudo tee /proc/sysrq-trigger' I don't appear to get any crash dump/autoreboot in /var/crash(system just hangs with the kernel panic on screen).  Any thoughts on how to get a crashdump? or tips to see more of the kernel panic message(keyboard locks
<ubergeek42> up, shift+pgup doesn't work)
<WeissLehrer> I'm trying to set up a dhcp server and for some reason it is not in /etc/int.d  isn't it a service?
<jmedina> WeissLehrer: did you read the ubuntu server guide specific for you version?
<jmedina> https://help.ubuntu.com/12.04/serverguide/dhcp.html
<WeissLehrer> jmedina: im following it
<smoser> jamespage, did you change 'blue.png' to be green ? on jenkins?
<WeissLehrer> now dhcpd says: can't create PID file /var/run/dhcpd.pid: Permission denied.
<adam_g> hallyn: is there anything i need todo to authorize new device nodes into a container (apparmor?) other than setting 'lxc.cgroup.devices.allow' in config or setting that manually via sysfs?
<adam_g> stgraber: ^
<stgraber> adam_g: depends what you do after that, if it's a block device you want to mount somewhere, then yes
<adam_g> stgraber: well, trying to get /dev/loop-control (character dev) to show up before doing anything else, not much luck though
<stgraber> adam_g: could be that udev was never told to create it (as we don't run udevadm trigger)
<stgraber> you might have to do a good old mknod or run udevadm trigger (which will cause a udev event flood)
<adam_g> stgraber: doh, ya.. a manual mknod did it.
 * adam_g goes back to taking udev for granted
<hallyn> adam_g: that should be it
<hallyn> i see, it was already answered, nm :)
<adam_g> hallyn: but! if i wanted to create that node automatically at container creation, where would that be configured?
<adam_g> i suppose i could create it manually in /dev of the template
<hallyn> adam_g: i think this cycle we were going to introduce a hook that can run after container creation.  then you could do it there
<hallyn> for now, yes, you can tweak the lxc-ubuntu{,-cloud} template to do it for you in configure(0
<adam_g> zul: https://jenkins.qa.ubuntu.com/view/Openstack%20Testing/view/Openstack%20Precise/view/Overview/job/precise-openstack-essex-test/559/
<adam_g> zul: this is a test run against a deployment of stable/essex using whats current in our packaging branches.  assuming they all reflect the proposed SRU, should be okay to point the bugs to that as verification?
<zul> adam_g: effing sweet...yes imho
<adam_g> ill run a few more through and see if i can get some better output in the test run as to what packages are actually installed
<adam_g> from the test run, theres no way of determining whats actually ebing tested
 * adam_g lunch
<smw_> hi all, I am trying to quick and dirty get php to work with apache. I installed php5 and enabled it but I still end up downloading the php file instead of executing
<smw_> $ sudo a2enmod php5
<smw_> Module php5 already enabled
<patdk-lap> did you restart apache?
<patdk-lap> and did you test with a deferent browser, to make sure it wasn't cached
<smw_> interesting. http://localhost/marketing/ runs php, but going to / it does not. / is defined by RewriteRule ^/$ %{DOCUMENT_ROOT}/marketing/$1/index.php [NC,QSA,L]
 * patdk-lap notes cache
<smw_> patdk-lap, cache did it :-)
<smw_> thanks
 * smw_ curses chromium for lying to him
<stgraber> hallyn: not sure you saw that:
<stgraber> hallyn: 21:13 < kees> stgraber: I've uploaded the first pass of libseccomp to debian. it'll be in NEW soon...
<stgraber> hallyn: that was a couple of days ago
<hallyn> stgraber: oh, cool
<hallyn> i'll go change that :)
<hallyn> stgraber not showing up yet in rmadison -u debian
<stgraber> hallyn: yeah, probably still in the new queue on debian's side
<roasted> hello!
<roasted> anybody here use lighttpd? I'm beginning to tinker with it but a feature I REALLY want I'm having difficulty finding. Does lighttpd support sorting by date modified within the directory listing like apache?
<smw_> I just installed mysql on my system, it may have had mysql before. I did a purge and then reinstalled. Now I run sudo mysql_secure_installation and I get:
<smw_> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<smw_> any ideas?
<smw__> anyone know what is wrong here? http://fpaste.org/M7mP/ . Starting mysql hangs for a while then says it succeeded, but mysql is not actually running.
<yeats> smw__: the logs should have something to say about why it's not starting
<smw__> yeats, /var/log/mysql.err is empty
<smw__> ah... wrong location
<smw__> 120607 14:19:53 [ERROR] Fatal error: Can't open and lock privilege tables: Table 'mysql.host' doesn't exist
<yeats> there you go
<smw__> yeats, how do I start from scratch?
<smw__> I want to wipe the current DB, pretend it is a new install
<smw__> actually... I already wiped the current db pretty good ;-)
<yeats> smw__: I'm more familiar with postgresql, but I would assume that deleting the data directory and initializing a new database would be what I would try
<smw__> yeats, I deleted the data dir
<smw__> now idea how to initialize a new db
<smw__> yeats, got it!
<smw__> thanks
<smw__> you gave me the right words to google
<yeats> heh - happy to help
<hallyn> stgraber: i figure i'll wait until there are python bindings before emailing lxc-devel.  Were you thinking SWIG?  I know you're really busy, so shall I give that a shot, or were you going to do it?
<stgraber> hallyn: my initial try was without using any of the automated binding generators. liblxc is simple enough that doing the mapping by hand should be easy
<hallyn> excellent, you have an initial try :)
<hallyn> eh forget it i'll send an email and get comments on the api :)
<stgraber> hallyn: http://paste.ubuntu.com/963659/ is the basic structure to create an "lxc" class with a "stop" function taking a single string parameter
<hallyn> stgraber: but i guess the c->stop(c) bit may actually be tougher to do
<hallyn> seemed clean in c, but looking at swig docs i'm not sure it's the best choice :)
<stgraber> hallyn: yeah, mapping the python class to the C structure will be fun, haven't started looking at that yet
<stgraber> will nag barry if I can't figure it out :)
<hallyn> oh good.  i'll be curious to see how it's done
<Spanky_> Does anybody know why a file with a "#" sign in the file name is invisible to clients using FileZilla?
<Spanky_> Also files with "#" in them somewhere shows up as a directory in AjaxPlorer.
<Spanky_> These are files stored on a Zentyal server  (10.04 LTS ubuntu server base)
<stgraber> hallyn: where's the branch again and did you push the package to a ppa yet? (LP is timing out like crazy here, can't even look at the branch list...)
<stgraber> hallyn: nevermind, got your e-mail :)
<hallyn> stgraber: d'oh, no, i never pushed to ppa
<hallyn> i'm about to run out for dinner.  can push to a new ppa when i get back.
<danley> Hi! I'm having trouble with my ubuntu server. My /etc/apt/sources.list looks like this: http://pastebin.com/yLceG357 when I try to do apt-get install wine it tells me it will REMOVE packets, including coreutils which I do not want. this problem doesn't seem to happen on my desktop version. Any ideas what causes this? A quick google for coreutils and wind etc didn't help me.
<Daviey> hallyn: hey, are you tackling the ipxe merge?
<Daviey> hallyn: and libcgroup?
<Daviey> stgraber: are you tackling nbd merge?
<Daviey> zul: can you investigate if we should sync python-jsonschema (ubuntu native, now in sid)
<stgraber> Daviey: has been a while I haven't looked at my merges, but yeah, I'll do it when I have the time. nbd is an easy one anyway
<Daviey> stgraber: no hurry, was just doing a quick scan through the merges we care for.
#ubuntu-server 2012-06-08
<fosterdv> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<fosterdv> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<fosterdv> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<docmur> Is there a virtualization program that I can install on the ubuntu will will act like vShpere and allow me to create virtual machines onto of ubuntu accessible remotely?
<patdk-lap_> kvm
<patdk-lap_> I think it even comes preinstalled
<adam_g> zul: added some versioning info to the test runs, should help with verification later: https://jenkins.qa.ubuntu.com/view/Openstack%20Testing/view/Openstack%20Precise/view/Overview/job/precise-openstack-essex-test/561/console
<hallyn> Daviey: the ipxe merge is done.
<hallyn> we're not merging from debian.  i took the fix we needed, and (per discussions here ) we're not merging from upstream eitehr
<hallyn> as for libcgroup, the discussion is not whether to merge, but wehther to drop it from universe
<hallyn> we were chatting with jbernard about perhaps having some cgroup management utilities like libcgroup's in cgroup-bin,
<hallyn> but the daemons which are the core of libcgroup are not really salvagable
<mgw> is there any reason my ulimit won't pick up changes in /etc/security/limits.conf?
<twb> Did you log out and back in?
<mgw> yeah, i just figured that out
<acidflash> Hello all, I have recently seen a change in cron which states that @reboot is now under some sort of limitation due to start up sequence (ubuntu-server 12.04)
<acidflash> does anyone know of a workaround for @reboot in cron? I really need this script to launch @reboot _after_ everything is initiated
<twb> acidflash: use rc.local?
<twb> Instead of @reboot I mean
<acidflash> twb: It doesnt start it at the appropriate time.
<acidflash> twb: rc.local boots during boot, not at the end of boot
<twb> acidflash: rc.local runs at the *end* of the sysvinit boot sequence.
<twb> When do you want @reboot to run?
<twb> if you want to run a script after "everything", because it's upstart you will need to create an upstart job that lists each thing in everything individually, by event name
<acidflash> twb: rc.local doesnt run at the end of sysinit, ie: it runs BEFORE security limits are assigned
<acidflash> twb: if I wanted a program to have greater than 1024 file descriptors, it needs to launch AFTER the security limits are assigned
<acidflash> @reboot did that great, all I did was add a delay of 3 minutes,
<acidflash> didnt work in rc.local, but maybe a delay increaase might?
<twb> security limits as in /etc/security/limits.conf ?
<acidflash> twb: yes
<acidflash> twb: one script worked fine in rc.local as replacement, other diddnt, debugging why now
<acidflash> the first one doesnt need the < 1024 FD
<twb> I should think that would be enforced from the get-go
<acidflash> second one does
<twb> Except probably root user is not subject to those limits or something
<acidflash> twb: when running process as root, if its in rc.local you wont get the 1M FD's
<acidflash> only 1024
<acidflash> twb: but when you do crontab, and EVERYTHING loads, you get 1M FD's
<twb> Uh... I don't think that's limits.conf
<twb> I thought you were trying to restrict the program, not give it increased limits
<twb> limits.conf doesn't, by default, include any limits
<acidflash> twb: right, it doesnt, the OS does, 1024 per process
<acidflash> twb: by default
<acidflash> twb: limits.conf ALLOWS you to overcome that
<twb> Hum.
<twb> I don't suppose you can just fix your flipping program to be less stupid
<twb> 1k fds should be enough for any proc
<Exopaladin> I wish it was, we have some horrible 'enterprise' grade software that does things like connect to a bunch of grid servers, leaving 5 fds open per server on a permanent basis >.>
<acidflash> twb: Not when you are a server that needs to server 5k+ users, each one account for serveral TCP connections
<acidflash> twb: anyhow, just increasing delay in start-up script and adding to rc.local DID work
<twb> Adding a delay won't help you because the amount of delay will change wrt. hardware and other constraints, e.g. if DNS is slow during one bootup your 3min might not be enough, etc.
<twb> Which is the whole reason for these stupid event-based start rules
<twb> I should say: a hard-coded delay is a workaround rather than a solution
<acidflash> twb: yes, a work-around, which might fail is things are delayed (correct)
<twb> I had to do one in lucid to get NFS working -- because there was a cyclic dependency in upstart (stupid upstart!) I replaced one of the jobs with a simple script that ignores all deps and simply tells mountall to try to mount NFS every tenth of a second :-(
<acidflash> twb: what you could do, is first sleep for a bit, then check if its mounted (through PID) if not, then mount
<acidflash> twb: it wont rape your resources,
<twb> That's called a spinlock
<twb> pkill -USR1 mountall is not a big deal resource-wise
<acidflash> quick q, WITHOUT making a script, can I grep something with spaces? double and single quotes are both not working
<acidflash> new dates are like "June 7"
<acidflash> in ls -la
<acidflash> I need to search and sort by date
<twb> acidflash: #bash
<twb> In particular, /msg greybot ls
<twb> Perhaps you want the stat(1) command.
<jamespage> Daviey, do you have the URL for the server related merges to hand? want to see how we are doing....
<feisar> hi, after an update to 12.04 from 11.10 I am missing some scripts in /etc/update-motd.d/ can I just copy them from a clean 12.04 install or should I be adding them in another way?
<Daviey> jamespage: http://people.canonical.com/~davewalker/delta.html .. based on ubuntu server package set, and the packages we are subscriber for.
<Daviey> I need to make it respect the sync blacklist i think.. for the openstack stuff.
<twb> feisar: try aptitude reinstall <package name>
<twb> Actually they'll be conffiles, so that won't work
<twb> feisar: try purging and then installing the package in question
<twb> feisar: note that obviously this will lose any other site-local customizations you've made to that package's conffiles.  Suggest etckeeper.
<twb> I'm assuming this has happened because you've somehow deleted the conffiles and as a result that's considered a deliberate configuration change so dpkg will preserve it across upgrades / reinstalls.
<jamespage> Daviey, I wanted to check on timing of the updated I need to make to the tomcat-server seed for quantal
<jamespage> Daviey: should I get tomcat7 into main first and then update the seed?
<jamespage> (only ever done one seed update...)
<Daviey> jamespage: either way is valid.. note that main packages are slightly more compressed than universe.
<Daviey> cruft from binary deb removal
<lynxman> morning o/
<feisar> twb: thanks, you don't know what package these confic files are linked to do you?
<twb> Ask dpkg -S / dlocate
<Womkes> Am I correct to assume that Dovecot is de default imap server for ubuntu server?
<twb> It is the one the Ubuntu Server Guide documents.
<jamespage> rbasak, do you have time to work on the apache2 merge still?  just been reviewing and it needs a bit more work
<rbasak> jamespage: as of today, yes
<jamespage> rbasak, marvellous - PM
<rbasak> jamespage: I'd like some guidance here though. There are a multitude of ways to do the merge. I used bzr because merges reported a conflict. Is there a better way?
<jamespage> rbasak, sure
<jamespage> so I would recommend one of two ways to merge:
<rbasak> instructions in https://merges.ubuntu.com/a/apache2/REPORT ok?
<jamespage> 1) bzr branch ubuntu:apache2; cd apache2; bzr merge lp:debian/sid/apache2; quilt push -a; dch -i (and update the changelog)
<jamespage> or
<jamespage> 2) grab-merge apache2 (which uses merges.ubuntu.com)
<jamespage> update the changelog with the delta ...
<rbasak> I did more or less the first method, but the result looked very difficult to review. Not sure about the issue zul reported, I'll look at that now.
<jamespage> rbasak, you can still use merges.ubuntu.com even with a conflict - but you will have to resolve it either way
<jamespage> rbasak, the issue zul reported was a missing 'quilt push -a && bzr add .pc'
<jamespage> rbasak, but the changelog is also missing the last ubuntu entry as well - so it may be that the branch is not up-to-date in bzr
<rbasak> I just tried a bzr branch from my merge proposal and bzr bd -S works on that
<rbasak> ah so the changelog might be me
<rbasak> when I resolve a changelog conflict, I'm supposed to keep the last ubuntu entry?
<jamespage> rbasak, for a merge the changelog should be the combined history from Debian and Ubuntu
<rbasak> OK. I had been taking the debian changelog with only one new ubuntu entry at the top. I'll stop doing that then :)
<jamespage> rbasak, actually I'm not sure what zul did either - bzr bd -S works for me as well
<rbasak> I didn't like my merge proposal though. I used bzr merge and then fixed the conflict in debian/control, but I have no idea how anyone is supposed to be able to review that because it's a mess
<jamespage> rbasak, do you want to take another run at it?
<rbasak> please
<rbasak> Shall I use grab-merge this time? :)
<jamespage> it should target quantal as well BTW (:-))
<rbasak> oops :-/
<jamespage> rbasak, yes - if you like!
<jamespage> just post the debdiff to the bug report
<jamespage> or direct to me if you like
<rbasak> "It looks like this package is maintained in revision control"..."You almost certainly don't want to continue without investigating."
<rbasak> Is that normal?
<jamespage> rbasak, Vcs-Bzr: http://code.launchpad.net/ubuntu/+source/apache2 causes that
<jamespage> its completely superflous IMHO
<jamespage> thats the implicit branch for Ubuntu
<rbasak> OK
<jamespage> if I was doing the merge I would probably drop the VCS related delta - its not really required
<jamespage> but don't worry about that for the time being
<rbasak> OK will do
<rbasak> That's where the conflict is anyway
<rbasak> So debian has Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-apache/apache2.git
<rbasak> Vcs-Git: git://git.debian.org/git/pkg-apache/apache2.git
<rbasak> I want to change these to XSBC-Original-Vcs-Browser etc. but not add a Vcs-Bzr?
<jamespage> rbasak, I'd leave the VCS field from debian intact and drop the VCS-Bzr
<rbasak> jamespage: OK, so no XSBC-Original- as there was previously?
<jamespage> rbasak, spot on
<rbasak> well that conflict's easy to resolve then, thanks :)
<jamespage> rbasak, once you have something you are happy with use the merge-debuild script to generate a source package - and then you can debdiff between debian->ubuntu and ubuntu->ubuntu to check your changes
<rbasak> jamespage: ok, done and tested. What do I submit a debdiff against? The debian package?
<jamespage> rbasak, I'd attach both to the bug report
<rbasak> jamespage: both? Which is the other?
<jamespage> rbasak: debian->ubuntu debdiff and ubuntu->ubuntu debdiff
<rbasak> OK
<jamespage> make sense?
<twb> The former is on the Debian PTS page, surely?
<twb> Oh, before you upload it
<rbasak> jamespage: done. I'm not sure how to use the ubuntu->ubuntu debdiff for anything useful, but I did compare the old ubuntu debdiff against the new one to verify that I'm happy with it.
<rbasak> jamespage: so that's quantal. I'm not sure about how to SRU this though, since the fix to the apache2 package might be a bit invasive. I commented on the options in https://bugs.launchpad.net/debian/+source/apache2/+bug/988819/comments/6
<uvirtbot> Launchpad bug 988819 in modsecurity-apache "wrong path to libxml2.so.2 in mod_security" [High,Fix released]
<jamespage> rbasak, I think that the backported patch is probably appropriate for the SRU IMHO
<jamespage> the other options feel a bit hacky
<jamespage> just reviewing you debdiff now
<jamespage> rbasak, uploaded - I made one minor tweak to the changed to say we dropped the Vcs-Bzr delta but aside from that all good
<jamespage> rbasak, changed->changelog
<jamespage> rbasak, OK if I assign you the SRU tasks for that bug?  That way it appear in the right part of my SRU report :-)
<martinphone> hi i've sent here from xubuntu channel, the OS I use, in search for an app that changes the proxy settings systemwide. IN synaptic there is a ubuntu-system-service package I have installed for said end, but I dont see any new icon, nor alt+f2 works with that name, tips?
<martinphone> i've been sent*
<twb> martinphone: what kind of proxy?  http?
<martinphone> twb, for every connection: wget, torrents, radio...
<martinphone> 127.0.0.1:8118
<twb> Um, diffierent protocols have different proxis.
<twb> *proxies
<martinphone> this proxy worked well with ubuntu, because they have a systemwide proxy settings, something not present in xubuntu, thats why I installed that package I mentioned
<twb> If you edit something like /etc/environment, and add something like http_proxy=http://127.0.0.1:8118/, new processes should inherit that environment.
<twb> However almost all GUI apps will ignore that environment because they are stupid GUI programs
<martinphone> so you are saying that the only way of doing so is from the shell...
<martinphone> I need a fast an easy way to change systemwide proxy settings (college)
<twb> This is a server channel.  We don't do GUIs as a rule.
<twb> The approach I suggested will certainly work for wget and curl and so on
<martinphone> I believe I have edited that file already....
<twb> Note that you will obvioulsy need to log out and back in for a change to environment variables to take effect.
<zul> good morning
<martinphone> twb, im so noob I didnt know that
<twb> For GNOME apps there is dconf/gconf stuff, but AFAIK XFCE doesn't have a centralized mechanism to set or enforce proxy settings.  And obviously, non-XFCE apps like firefox and thunderbird require you to set it somewhere entirely different, lke /usr/share/firefox/prefs.js
<martinphone> twb, can you confirm that if I do that, ALL connections from my machine will be routed through that proxy, and that if I re edit back to default and restart, proxy settings will change accordingly?
<twb> (Which isn't a conffile, so a security update will eat your changes to that file)
<martinphone> no problems with FF
<martinphone> and yes, XFCE doesnt have a centralized...
<twb> martinphone: I cannot confirm that, because it is wrong.
<twb> martinphone: only apps that honour $http_proxy will be affected
<martinphone> mmrmmr
<twb> Most CLI apps (inc. wget, curl, w3m) honour it; most GUI apps do not (inc. ff)
<twb> IIRC opera does, epiphany doesn't, midori usually does but some versions don't.
<martinphone> twb, chromium doesnt, does it?
<twb> If you need to enforce ALL traffic, you might look at a transparent proxy
<rbasak> jamespage: thanks! And happy to have the SRU tasks.
<twb> I cannot comment on chromium.
<martinphone> yes ALL traffic, its for a travel to china
<twb> martinphone: then you are better off setting up a VPN link
<martinphone> trip*
<jamespage> rbasak, are you OK on the SRU process?
<rbasak> jamespage: yes thanks. I've done a few before.
<jamespage> rbasak, marvellous
<twb> martinphone: https://help.ubuntu.com/12.04/serverguide/vpn.html
<jamespage> rbasak, give me a ping when you have branches proposed for merge and the SRU information documented and I'll review
<rbasak> will do
<jamespage> rbasak, just forwarded you an email re changes to SRU process as well  - just in case you have not see it
<rbasak> ok thanks
<martinphone> twb, Is VPN like torbox?
<twb> No.
<reisi> does anyone know of a wrapper or native implementation of paraller whole file hierarchy sha1sum/md5sum utility? (i've got hundredths of thousands of files)
<rbasak> reisi: use xargs with the -n and -P options?
<rbasak> reisi: (and find)
<reisi> rbasak: nice, not optimal but still great; good thing that i didn't start writing one myself :)
<rbasak> why not optimal?
<reisi> i thought i had a small-file optimization in mind but this saturates all IO nicely even with the small files; works great, thanks
<reisi> actually no, this does not work properly if i just redirect stdout to a file
<reisi> there are already some splitted lines after 90k files
<reisi> xargs would need to provide some kind of per-child line buffering here for this to work
<reisi> apparently there's gnu's "paraller"
<reisi> ... which is apparently a perl script
<reisi> http://www.gnu.org/software/parallel/
<ironm> hello. Yesterday I have successfully tested adding a second mariaDB instance on ubuntu-server and wrote down my steps: second-mariadb-instance.txt ... http://paste.debian.net/173497/
<ironm> I would be glad if you could have a look and give me some feedback in case I am missing some things ... thank you in advance
<rbasak> reisi: GNU parallel has now been packaged and will be in 12.10.
<rbasak> (in universe)
<reisi> rbasak: great; installation is dead simple though but it always feels a bit strange when you cannot find it with apt-get
<rbasak> jamespage: I've added SRU debdiffs to bug 988819 and added the SRU information
<uvirtbot> Launchpad bug 988819 in modsecurity-apache "wrong path to libxml2.so.2 in mod_security" [High,Fix released] https://launchpad.net/bugs/988819
<jamespage> rbasak, marvellous - let me just clear this samba SRU I'm working on and I'll take a look
<jamespage> rbasak, fixes look good but the changelog entries need more information
<rbasak> OK. I'm never quite sure what to put in a changelog. I try and avoid writing an essay in the hope that referring to the bug will do.
<jamespage> rbasak, OK so the trick for SRU changelogs is that someone should be able to understand what its fixing without referring to the bug report
 * rbasak pokes at the changelogs
<rbasak> jamespage: how about http://paste.ubuntu.com/1030468/ and http://paste.ubuntu.com/1030469/ ?
<jamespage> rbasak, beautiful
<rbasak> jamespage: can you grab from there or would you like new debdiffs?
<rbasak> (this is where a merge proposal would have been better, right?)
 * rbasak could do that too
<jamespage> rbasak, pls stick debdiffs on the bug report - but yes a MP is better in this case I think
<rbasak> Now I'm confused? What would you like me to do - debdiffs or MP?!
<jamespage> rbasak, if you have them in a branch already do MP's - if not then just upload the debdiff's
<rbasak> jamespage: https://code.launchpad.net/~racb/ubuntu/precise/modsecurity-apache/988819/+merge/109378 and https://code.launchpad.net/~racb/ubuntu/precise/apache2/988819/+merge/109379
<jamespage> rbasak, looking now
<jamespage> ah - the drawback of a branch - full history of apache2 :-)
<jamespage> zul: is there any action required for swift to resolve bug 920197? or is webob enough?
<uvirtbot> Launchpad bug 920197 in swift "[SRU] webob last stable version 1.1.1 response header bug" [Undecided,Confirmed] https://launchpad.net/bugs/920197
<zul> webob is enough
<SpamapS> jamespage: use shared repo's .. at least you only have to get it once :)
<jamespage> SpamapS, normally do that
<SpamapS> 97M	.bzr
<jamespage> SpamapS, congrats BTW
<SpamapS> jamespage: thanks :)
<jamespage> SpamapS, did not expect to see you this week (hence why I just nicked your ceph merge....)
<SpamapS> looks like Debian delayed apache 2.4 for wheezy btw.. definitely makes me feel better about rejecting it for 12.04
<SpamapS> jamespage: I'm just poking my head in.. will not be active till Monday
<jamespage> SpamapS, good!
<SpamapS> jamespage: feel free to MIR libfcgi and reinstate radosgw too :)
<jamespage> SpamapS, yeah - I was just getting to know the package a bit better whilst I documented that blueprint in a bit more detail
<SpamapS> The next big merge challenge for quantal is php5 .. since we have to revive suhosin and the 5.4 patch is still just barely working
<jamespage> lol
<jamespage> ceph was not to bad - had to cherry pick one upstream commit to get it to build....
<SpamapS> jamespage: Debian is really far behind ...
<SpamapS> jamespage: we should grab 0.47.1 from upstream
<jamespage> SpamapS, yeah - I was considering doing a new upstream release
<jamespage> snap
<jamespage> !
<SpamapS> jamespage: they made some changes specifically to make it easier to deploy w/ juju/chef
<SpamapS> I believe said changes landed in 0.47
<jamespage> SpamapS, do you know the Debian maintainer?
<SpamapS> anyway, time to return to the baby fueled madness
<SpamapS> jamespage: we email from time to time, but I don't know him all that well
<SpamapS> jamespage: upstream incorporates most of his changes and mine into their own packaging repo... makes things pretty easy to maintain. :)
<SpamapS> anyway, out
<jamespage> zul: once this set of openstack updates goes through when is the next lot planned for?
<zul> jamespage: lemme check the blueprint
 * jamespage wonders whether these should be targetted to12.04.1 even though they will land well before then
<zul> week 12
<zul> they should i think
<jamespage> zul, yes - please - are you OK todo that?
<zul> jamespage: yep
<jamespage> zul: ta muchly
<zul> mmm...beeers :)
<jamespage> rbasak, just uploaded both of those SRU packages - thanks for doing that.
<rbasak> No problem. Thanks for the guidance!
<arooni-mobile> how do i get how many MB of memory a particular process is using.  i'm using htop and i'm guessing the value is under the VIRT/RES columns.. but i'm not sure what either means.
<zul> Daviey: i need a +1 please: https://review.openstack.org/#/c/8344/
<Sandro_> hi
<Sandro_> i'm looking for some help #xubuntu users told me to come here ^^
<patdk-wk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Sandro_> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<Sandro_> My Amazon server has an issue with 100% inode, >>> we are looking to supress a directory which contain thousand of files in it ... but rm-rf * doesn't respond atm
<hallyn> heh, i forgot linux-virtual doesn't really exist any more in quantal.  was wondering why my amazon images were ru nning -generic
<AceFace> hello all! :)
<hallyn> stgraber: given the last comment in bug 947617, I think we should probably add a rule to allow a container to mount procfs to its /proc
<uvirtbot> Launchpad bug 947617 in lxc "After update, lxc does not start" [High,Fix released] https://launchpad.net/bugs/947617
<stgraber> hallyn: yeah, I supposed it won't cause any harm, what we don't want is allowing procfs somewhere else than /proc
<stgraber> hallyn: we probably should do the same thing with sysfs then
<hallyn> agreed
<hallyn> shoudl we ask for a new bug for this?
<hallyn> i don't really want to pollute that bug report with another fix :)
<hallyn> i'll just open it
<adam_g> zul: around?
<zul> adam_g: yeah
<adam_g> zul: school me.  if we're commiting changes to our -proposed and server-dev branches for these SRUs, but the packages in Ubuntu branches have had updates applied to them in the meantime, when do those merge with what we're proposing for the SRU?
<adam_g> do we need to sync the -proposed branches with the packaging from -updates ?
<adam_g> Daviey: ^
<zul> adam_g: the lp:ubuntu branches?
<adam_g> zul: yes, glance and nova are a couple of examples of packages that were updated already in ubuntu.
<zul> adam_g: they should be done automatically
<adam_g> zul: how are conflicts handled?
<zul> adam_g: script i think
<adam_g> hmm
<Daviey> hmm
<Daviey> So.
<Daviey> if i dput something to precise-proposed right now... once accepted, it should be auot committed into that branch
<Daviey> once it passes validation and promoted to -updates
<Daviey> it will hit that bzr branch
<Daviey> There shouldn't ever be conflicts
<adam_g> so its up to us/whoever to resolve those conflicts before building the source package that gets dput'd?
<Daviey> adam_g: well, what conflicts are you expecting ?
<adam_g> Daviey: there have been security fixes applied to some of the packages that also were applied to stable branches upstream.
<stgraber> hallyn: I just finished validating the lxc SRU, everything looks good this time, so expecting it to land later today or (more likely) on Monday
<adam_g> i'm just wondering whether or not we should be actively sync'ing our CI -proposed branches with the ubuntu branches, to make things easier when its finally time to upload (and avoid the potential for error)
<hallyn> stgraber: cool.  and that's the end of waht we have queued up now right?
<hallyn> (so i can re-fill on monday :)
<hallyn> working on the newest userns kernel right now
<Daviey> adam_g: i'd actually so no
<Daviey> adam_g: I think that Ubuntu branches currently suck big style for SRU's
<Daviey> adam_g: there are other issues to solve before that
<stgraber> hallyn: yeah, haven't looked at the fixes in quantal, might have a few more to pick for the next SRU. These apparmor fixes sound like good candidates too
<stgraber> jjohansen: are you around?
<zul> adam_g: i think it would have proposed branches when it gets processed by the sru team
<jjohansen> stgraber: yep
<hallyn> (lunch, bbl)
<stgraber> jjohansen: cool. Are you aware of any remaining apparmor bug affecting lxc that'd trigger some silent rejects?
<jjohansen> stgraber: hrmmm, maybe one in the network path if you are using denied network rules where the quiet masking isn't being applied correctly
<jjohansen> that one got pointed out to me yesterday
<jjohansen> stgraber: do have a bug or failure to point me at
<stgraber> jjohansen: I'm looking into the /usr/lib/locale/locale-archive issue I mentioned a while ago, for some reason it's still happening and I'm trying to figure out exactly what's going on there
<jjohansen> stgraber: hrmmm, did I miss that one or am I just not remembering it?
<stgraber> jjohansen: well, I'm currently trying to figure out whether it's lxc's fault or apparmor's ;) I first saw it when we were in the middle of these apparmor bugs, so just blamed it on apparmor and went to do something else
<jjohansen> stgraber: fair enough :)
<jjohansen> stgraber: do you want me to start poking at it as well?
<stgraber> jjohansen: hmm, I just finished running a first test and it looks like it's lxc's fault :)
<stgraber> jjohansen: will poke you if it turns out to involve apparmor in some way...
<jjohansen> stgraber: okay, sounds good
<zdunn> Does anyone have any experience with Cloud-init and chef?
<zdunn> I have had good luck up until the point i try to use initial_attributes values
<zdunn> They jus dont ever seem to get picked up
<Plizzo> Hi, I installed Ubuntu Server 11.10 64-bit a couple of months back, and I've been getting some help from people here to set things up
<Plizzo> Although, I seem to have downgraded my kernel to a generic 32-bit one, and now I can't manage to install the 64-bit linux-image-server one
<Plizzo> It's installed and all, but I can't choose it as my default kernel anywhere
<Plizzo> And when I search apt-cache I can only find 32-bit ones
<Plizzo> I want the x64, not the x86 ones :(
<guntbert> !crosspost | Plizzo (but I cannot help, sorry)
<ubottu> Plizzo (but I cannot help, sorry): Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<Plizzo> guntbert: Sorry
<discopatrick> hello. i'm connecting to a https server on my ubuntu server (webmin on port 10000) but i don't have an SSL certificate. instead i want to verify manually that i'm connecting to the right server by checking the sha1 fingerprint that firefox shows me against the fingerprint of my server. how do i see the fingerprint on my server?
<CrypticSquared> discopatrick: does this help? http://blog.scottlowe.org/2009/03/25/next-gen-stuff-verifying-the-sha-1-fingerprint/
<discopatrick> CrypticSquared, possibly... that's telling me to find the ssl certificate on my machine and then check the fingerprint, but the thing is, i dont think i have an ssl certificate... but firefox is giving me two fingerprints from somewhere, sha1 and md5
<discopatrick> oh, hang on... i actually have a self-signed certificate
<discopatrick> maybe webmin installs one by default, or maybe it's in ubuntu by default
<discopatrick> ok, now i need to get it's sha1 fingerprint!
<discopatrick> hmm, this isn't really the same as checking the fingerprint of host keys
<discopatrick> looks like i just have to trust that this really is my server, and add a security exception to firefox
#ubuntu-server 2012-06-09
 * lamont is looking for a squeeze equivalent of ubuntu-12.04-server-cloudimg-amd64-disc1.img
<patdk-nb> lamont, ubuntu-server-12.04-amd64?
<lamont> patdk-nb: I was more looking for squeeze, I have precise already
<lamont> I may just have to roll my own, but was kind of hoping not to have to
<pehden> any one know how to make apache2 not log one ip address
<pehden> or at least one user agent
<blackthund3r> Hi there
<blackthund3r> I was wondering if anybody here can confirm for me that the guide at https://help.ubuntu.com/community/PXEInstallServer will work for 12.04 Server?
<blackthund3r> I have an old desktop I want to use as an ubuntu server and I want to install it via PXE completely headlessly if possible
<blackthund3r> I assume there's no problem with using apache as described as opposed to nfs?
<pehden> any one know how to make apache2 not log one ip address
<pehden-away> or at least one user agent
<pehden-away> any one know how to make apache2 not log one ip address
<marenostrum> Hello. On an Ubuntu server (I'm experiencing in on a AWS EC2 instance, probably its the same for all servers), I see an update notification when I ssh login. Its something like "n packages can be updated. n updates are security updates." where n is zero or more. What package, setting is responsible for that notification?
<pehden> any one know how to make apache2 not log one ip address
<Womkes> Can somebody help a partitioning problem, I've made 6 LV in the LVM manager but only 3 of them show up in the partitioner
<Womkes> http://imgur.com/a/51A0x
<Womkes> dont know what I'm doing wrong I can only parition 3 of the 6
<Womkes> anybody :(
<Womkes> ?
<RoyK> Womkes: maybe the installer is buggy...
<RoyK> Womkes: I'd start with installing on a few partitions and then add the rest later - just rsync the data
<RoyK> Womkes: and btw, tmp is normally no tmpfs these days, so no reason for a dedicated partition
<RoyK> s/no tmps/on tmpfs/
<Womkes> ok
<Womkes> thanks
<Womkes> Anybody got any ideas on how to configure nameservers in /etc/resolv.conf it keep getting overwritter the chattr +i doest work and I already tried adding prepend and option domain-name-servers in /etc/dhcp some.conf file
<Womkes> nothing works
<yeats> Womkes: are you using dhcp to get your address?
<qman__> if you're running 12.04 it's resolvconf
<qman__> and in order to make resolvconf work you have to add the nameservers to /etc/network/interfaces
<qman__> or, you can remove the symlink /etc/resolv.conf and create a file, and it'll leave it alone
<RoyK> Womkes: http://paste.ubuntu.com/1032333/
<RoyK> Womkes: that's an example from one of my servers, this one running 10.04, same applies to 12.04
<Womkes> yeah 12.04
<Womkes> ah, I havent tried adding them to /etc/network/interfaces
<Womkes> lemme give that a shot
<ClientAlive> Can anyone help? I'm having a problem verifying that nfs server is set up and running. When I do a "rpcinfo quota" I get the error printed to the screen: "rpcinfo: can't contact rpcbind: RPC: (unknown error code)"  I verify that it is indeed installed with a "install rpcbind" and get a line in the output "rpcbind is already the newest version."  I'm running ubuntu 12.04 server and going off of https://help.ubuntu.com/community/Sett
<ClientAlive> ingUpNFSHowTo#NFS_Server   suplemented with  http://nfs.sourceforge.net/nfs-howto/ar01s03.html  to perform the install/ setup. Can anyone please help me resolve this issue?
<ClientAlive> back in a few min, but if anyone can help I would sincerely appreciate it - the only relevant info I see by googling: "rpcinfo: can't contact rpcbind: RPC: (unknown error code)" is involving suse not ubuntu. There are no results displayed from googlubuntu.com so I'm stuck
<ironm> may I ask what you would "roll out"? ... <lamont> I may just have to roll my own, but was kind of hoping not to have to
<ClientAlive> that's funny, I roll my own (cigarettes that is)    :>
<ClientAlive> I have to grab something to eat but be back in about 20 in case anyone shows up. thx
<ironm> ClientAlive, it is unhealthy to smoke *g*
<railsraider> what is AIF:UNPRIV connect attempt: IN=eth0 is that always mean attack?
<docmur> I've been trying to setup a mail server on Ubuntu using the following link http://www.pixelinx.com/2010/10/creating-a-mail-server-on-ubuntu-using-postfix-courier-ssltls-spamassassin-clamav-and-amavis/   I get the server "setup" and when I try to connect a email client to it I get this  http://pastebin.com/SAqMmweW Does anyone see the issue?
<ClientAlive> ironm: but it's yummy! And it makes me fell all giddy inside...   :>   lol
<ironm> ClientAlive, not really :p
<ClientAlive> ironm: what do I do man? I don't know enough about where things are on the system or how they work. I was just following tutorials when I ran into this snag.
<ironm> ClientAlive, it takes a bit time to get familiar with the linux stuff ;)
<ironm> ClientAlive, you can check if a nfs-server runs on the server
<ironm> ps -efa | grep nfs
<ironm> ClientAlive, you should see something like:
<ironm> root      2514     2  0 Jun02 ?        00:00:00 [nfsd4]
<ClientAlive> from that I see 12 lines emerge containing nfs (one of them does say nfsd4). Also, I just found that I can run rpcinfo and get results but not rpcinfo quota
<ironm> ClientAlive, and: netstat -a | grep LISTEN
<ClientAlive> there's a column from the ps -efa | grep nfs output that contains question marks all down it
<ClientAlive> ok
<rwb> I used apt-get to install apache2 on Ubuntu 10.04LTS. Is there an easy way to recompile it with a custom suexec?
<ironm> rwb, you need sources to create your customized package
<ClientAlive> lots of output from netstat -a | grep LISTEN  rpcbind is an item in the list; but, other than that, nothing with "nfs" in it. If I had to guess I would think all is well and the install/ setup went fine. The only thing that makes me wonder is why rpcinfo quota gives me complaints
<ironm> rwb, it is quite a lot of a bit complicated work
<ironm> ClientAlive, you should see like:
<ironm> tcp        0      0 *:nfs                   *:*                     LISTEN
<RoyK> rwb: apt-get source apache2
<ClientAlive> yeah, i have that
<ClientAlive> so I'm good to go then?
<ClientAlive> isn't there one of the deamons with the word "quota" in it? quotad or something like that? Could that be why I get the error when I try to run rpcinfo quota?
<ironm> ClientAlive, 1. you have to check your nfs-server config / 2. you need a nfs-client to mount some directories on the nfs-server
<ClientAlive> 2. right. I was just about to move onto that part (setting up a client) but in this http://nfs.sourceforge.net/nfs-howto/ar01s03.html  they show something about checking to see that nfs server is helthy/ everything went well. The command they give is rpcinfo quota and show example output.
<ClientAlive> 1. I'll recheck but I thought there was only a few pieces of info needed there: directory to share     host(or ip address)     options
<ClientAlive> well, anyhoo... Thanks so much for your help ironm. You saved me a tremendous amount of frustration.
<ironm> ClientAlive, have you got it working?
<ClientAlive> I assume as much but I'm just guessing from my limited ability to interpret the output. Now, when I ran the commands you gave me, it was under the conditions where /etc/hosts.deny and /etc/hosts.allow were in default state (nothing added as per tutorial instructions). I just replaced those files with the modified versions and rebooted the computer. I figure I'll run the commands again and see if it looks the same (again, limited un
<ClientAlive> derstanding to interpret the output).
<ClientAlive> how can I check if rquotad is running? I thought egrep rquotad but just seems to hang when I run that
<ClientAlive> ps -efa | grep quota reveals on line but egrep quota just seems to hang
<ClientAlive> not sure what the line from the previous indicates one way or the other though
<lamont> ironm: I was hoping for just a single disk image like the ubuntu ones, but I need something totally debian for some other stuff (specifically upstream debian work).  I may just see how scriptable it is
<ironm> lamont, for testing and some upstream work I use debian-live images ..
<ClientAlive> if I do a "service rpc.rquotad start" I get "rpc.rquotad: unrecognized service"
<ironm> lamont, like: http://rsync.it-infrastrukturen.org/debian-live/binary-hybrid-wheezy-amd64-syslinux-awesome.iso
<ironm> or http://rsync.it-infrastrukturen.org/debian-live/binary-hybrid-wheezy-amd64-syslinux-lxde.iso
<Womkes> Is it possible to mirror already existing /home and /srv with DRBD ? Do I have to unmount then first remove the file system so they are empty paritions and then create the drbd devices, recreate the file systems and mount them again to /home and /srv ?
<ironm> ClientAlive, service --status-all; man service
<ClientAlive> ok
<ClientAlive> also - only 4 things from the list of deamons that are supposed to be involved show up in the output of "rpcinfo" (portmapper, nfs, nlockmanager, and mountd)
<ClientAlive> I looked at the man page from what you said (and ran that command before that). The man page does not seem to indicate what the question marks mean in the leftmost column (most of the entries contain them).
<ClientAlive> there isn't much in the list (maybe 20 entries) and some of the things I would guess ought to show up don't
<ClientAlive> oh wait, there's some stuff I see now.
<ClientAlive> I think I'm good. May never understand why rpcinfo quota doesn't work for me but I think stuff is working correctly
<smw> Womkes, mirroring /home with DRBD sounds wrong to me
<smw> Womkes, and mirroring /srv seems wrong too, but I guess it depends on what is in it
<smw> Womkes, but yes, you would need to have them on another partition that is a drbd device
<patdk-nb> Womkes, yes, you have to reformat them with drbd
<Womkes> smb`, they will be used for my mail and website
<Womkes> /home via Maildir my e-mail and some other accounts
<Womkes> and /srv for some websites
<Womkes> I have two servers on which I installed vmware and setup two identical vm's
<Womkes> with ubuntu 12.04 server
<Womkes> I want to sync my important data between them with drbd
<Womkes> and also backup the data to a third server
<Womkes> i've thought about setting up the two servers with ubuntu + kvm and mirror the image files for the kvm vm's with drbd but I could not get kvm to work for me
<Womkes> was to diffcult
<Womkes> would you recommend the kvm setup layered ontop of DRBD devives backed by LVM volumes over my vmware setup  smw ?
<Womkes> maybe I can give it another try but I have a difficult time understanding the network bridging and kvm part
<Womkes> which is pretty important ^-^ :p
<n2deep> hi is anyone here using lxc on 12.04?
<n2deep> I'm using the default lxc install from the package repo
<n2deep> it launches a dnsmasq daemon for the containers.
<n2deep> a private subnet, that is NAT'ed
<n2deep> how can I setup a contanier for "passthrough" networking, so the container is on the same subnet as the host?
<ClientAlive> I almost have my nfs client set up, but, when it comes to adding a line to fstab to mount it I tried using the ip address and that doesn't work. The tutorial shows the example line: "servername:dir /mntpoint nfs rw,hard,intr 0 0" but what is "servername"?  The part I see on the command line after the @ symbol??
<ClientAlive> yeah, I count mount it via running the mount command; but, when I try to add to fstab to get it to mount automatically, it's not mounting
<ClientAlive> darn it
<JayWalker_> is there a quick and easy way to set up server 12.04 to be able to send mail via php contact forms?
<ClientAlive> got it
<n2deep> well I figured out the lxc question
<n2deep> I just needed to give interface lxcbr0 a static address in /etc/network/interfaces
<n2deep> now when I start my containers, they get addresses on the same subnet as the host
<n2deep> and ipv6 is working now too for the contaniers, since the network supports v6
<JonEdney> n2deep, awesome.  You should consider posting something in the Ubuntu Forums for others who may be having the same problems, since you were able to get it working.
<n2deep> I found this page which pointed me in the right direction
<n2deep> http://comments.gmane.org/gmane.linux.kernel.containers.lxc.general/2652
<n2deep> I had to change the interface name in the example on that page (br0) to lxcbr0, as that is what lxc package in ubuntu names the interface
<n2deep> I should still put something on the forums
<n2deep> hardware virtualization is super cool and all, but depending on your use case containers seem so much better!
<JonEdney> n2deep, I would put something on the forums, but thats just my opinion.  You never know who is going to run into the problem you did, and if they don't go straight to the forums, Google search brings the forums up first most of the time (at least for my searches).
<n2deep> JonEdney: I will put something up
<n2deep> I now have 2 ubuntu server systems (doing nothing at the moment) using a total of 80MB RAM
<n2deep> LXC rocks!
<JonEdney> wow nice.
<JonEdney> I run my Ubuntu server w/ 1 GB RAM, just because that's whats on my spare PC.  I did have it in a VM running with 128MB, but it crawled.
<n2deep> this test setup I have is quite layered:
<n2deep> I'm running virtualbox 4 on OpenIndiana bare metal
<n2deep> Ubuntu Server is a virtualbox guest there with 2GB ram
<n2deep> now I have a Ubuntu minimal/server LXC contanier in that vbox Ubuntu Server
<n2deep> I wonder if the Ubuntu for Android project is using LXC containers
<n2deep> they have mentioned in all the videos I've seen that they are using the same kernel instance as Android
#ubuntu-server 2012-06-10
<n2deep> and as far as I know that is what LXC does
<RoyK> n2deep: why virtualbox when kvm is so cool?
<RoyK> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<RoyK> btw, lxc is ok, too, but I prefer isolating VMs properly so that if something happens, it happens to that VM alone
<uvirtbot> New bug: #981130 in ceph (main) "[SRU] python-ceph Depends on librgw1, which is no longer built" [High,In progress] https://launchpad.net/bugs/981130
<uvirtbot> New bug: #994781 in maas "removing a node when it has failed commissioning is not possible from the UI" [Undecided,Confirmed] https://launchpad.net/bugs/994781
<uvirtbot> New bug: #997978 in qemu-kvm (main) "KVM images lose connectivity with bridged network" [High,Confirmed] https://launchpad.net/bugs/997978
<uvirtbot> New bug: #999996 in mcollective (universe) "package mcollective 1.2.1+dfsg-2ubuntu1 failed to install/upgrade: mcollective triggers failed when installing mcollective-plugins" [Medium,Fix released] https://launchpad.net/bugs/999996
<uvirtbot> New bug: #1009974 in nova ""nova live-migration" fails silently" [High,Invalid] https://launchpad.net/bugs/1009974
<uvirtbot> New bug: #1010598 in lxc (universe) "apparmor should allow mounting /proc and /sys" [High,Fix released] https://launchpad.net/bugs/1010598
<uvirtbot> New bug: #1010891 in tftp-hpa (main) "package tftpd-hpa 5.2-1ubuntu1 failed to install/upgrade: Unterprozess installiertes post-removal-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/1010891
<uvirtbot> New bug: #996839 in lxc (universe) "conflict between inetutils-ping and iputils-ping during bootstrapping phase" [Medium,Fix committed] https://launchpad.net/bugs/996839
<uvirtbot> New bug: #1000678 in munin (main) "[SRU] munin-memory plugin doesn't work on 64-bit 12.04 LTS" [Medium,Fix committed] https://launchpad.net/bugs/1000678
<uvirtbot> New bug: #1003583 in lxc (universe) "make the "--close-all-fds" option in lxc-start on by default" [Low,Fix committed] https://launchpad.net/bugs/1003583
<uvirtbot> New bug: #1004069 in lxc (universe) "lxc-start-ephemeral doesn't fully work when started as non-root" [Undecided,Fix committed] https://launchpad.net/bugs/1004069
<uvirtbot> New bug: #1008126 in dnsmasq (main) "Install resolvconf listener for dnsmasq into /etc/resolvconf/update-libc.d, not update.d" [Undecided,Invalid] https://launchpad.net/bugs/1008126
<uvirtbot> New bug: #1010602 in logwatch (main) "samba logs are not being reported in logwatch" [Undecided,New] https://launchpad.net/bugs/1010602
<uvirtbot> New bug: #1010625 in logwatch (main) "named logs are not being reported in logwatch" [Undecided,New] https://launchpad.net/bugs/1010625
<uvirtbot> New bug: #967931 in nova "[SRU] killfilter should handle updated/deleted executables" [Undecided,In progress] https://launchpad.net/bugs/967931
<uvirtbot> New bug: #968843 in nova "[SRU] connection leak in rpc connection pool" [Undecided,In progress] https://launchpad.net/bugs/968843
<uvirtbot> New bug: #977759 in nova "[SRU] With QuantumManager,  nova-network does not start dnsmasq during initialization" [Undecided,In progress] https://launchpad.net/bugs/977759
<uvirtbot> New bug: #978907 in glance "[SRU] capture-output fails in glance-control" [Low,Fix released] https://launchpad.net/bugs/978907
<uvirtbot> New bug: #980872 in glance "[sru] 'unhashable type' when sending notifications via  Qpid" [High,Fix released] https://launchpad.net/bugs/980872
<uvirtbot> New bug: #989764 in nova "[SRU] timeout on EC2 CreateImage action is 60 hours instead of 1 hour" [Undecided,In progress] https://launchpad.net/bugs/989764
<uvirtbot> New bug: #1000174 in lxc (universe) "lxc-net fails to start with bash" [Undecided,Fix committed] https://launchpad.net/bugs/1000174
<uvirtbot> New bug: #1007493 in lxc (universe) "Broken logic in lxc-ubuntu causes lxc.devttydir to be set to 'lxc' only on releases that do NOT support it" [Undecided,Fix committed] https://launchpad.net/bugs/1007493
<uvirtbot> New bug: #952176 in nova "[SRU] Cannot associate a second network/vlan to a tenant with "nova-manage network modify"" [Undecided,In progress] https://launchpad.net/bugs/952176
<uvirtbot> New bug: #973194 in nova "[SRU] Parallel VM creation fails when nova-computes share the disks and each nova-compute node has no cached images." [Undecided,In progress] https://launchpad.net/bugs/973194
<uvirtbot> New bug: #990237 in nova "[sru] libvirt get_console_output:  'instance_name' is not defined" [Medium,Fix released] https://launchpad.net/bugs/990237
<uvirtbot> New bug: #992916 in nova "[SRU] nova.tests.test_nova_rootwrap fails on Fedora 17" [Undecided,In progress] https://launchpad.net/bugs/992916
<uvirtbot> New bug: #997014 in nova "[SRU] Memory is not correctly computed for Xen+libvirt" [High,Fix released] https://launchpad.net/bugs/997014
<uvirtbot> New bug: #1000261 in nova "newer `qemu-img info` causes in exception when finding the backing file for qcow2 images" [Undecided,In progress] https://launchpad.net/bugs/1000261
<uvirtbot> New bug: #1010473 in nova (main) "[SRU] Tracker for 12.04 Openstack Updates" [Undecided,New] https://launchpad.net/bugs/1010473
<uvirtbot> New bug: #1010571 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1010571
<uvirtbot> New bug: #1000403 in nova "[SRU] multi scheduler does not handle capabilities updates correctly" [Low,Fix released] https://launchpad.net/bugs/1000403
<uvirtbot> New bug: #1010110 in nagios-plugins (main) "check_ntp_time sometimes report Offset unknown" [Undecided,In progress] https://launchpad.net/bugs/1010110
<uvirtbot> New bug: #1010501 in samba (main) "samba starts before cups in ubuntu 12.04" [Undecided,New] https://launchpad.net/bugs/1010501
<uvirtbot> New bug: #1010504 in tftp-hpa (main) "package tftpd-hpa 5.2-1ubuntu1 failed to install/upgrade: subprocess installed post-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1010504
<uvirtbot> New bug: #888984 in mvel (universe) "mvel2 version 2.0.18-1ubuntu1 failed to build with openjdk-7" [Medium,Fix released] https://launchpad.net/bugs/888984
<uvirtbot> New bug: #992075 in maas (main) "Commissioning status persists with cloud-init 0.6.3-0ubuntu1" [Undecided,Confirmed] https://launchpad.net/bugs/992075
<uvirtbot> New bug: #1010331 in samba (main) "package samba 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1009698)" [Undecided,New] https://launchpad.net/bugs/1010331
<uvirtbot> New bug: #1010367 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1010367
<uvirtbot> New bug: #1010193 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1010193
<uvirtbot> New bug: #1010295 in samba (main) "samba  libthread_db" [Undecided,New] https://launchpad.net/bugs/1010295
<uvirtbot> New bug: #1010115 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1010115
<uvirtbot> New bug: #983206 in nova "[SRU] nova errors when keypair starts with 0XG using EC2 API" [Undecided,In progress] https://launchpad.net/bugs/983206
<uvirtbot> New bug: #981039 in glance (main) "Glance package upgrade problem" [Undecided,Incomplete] https://launchpad.net/bugs/981039
<uvirtbot> New bug: #1006509 in autofs (main) "Please merge from debian autofs 5.0.6-2" [Wishlist,In progress] https://launchpad.net/bugs/1006509
<uvirtbot> New bug: #1007060 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,Incomplete] https://launchpad.net/bugs/1007060
<uvirtbot> New bug: #1007916 in bind9 (main) "dig doesn't resolve domain hostnames" [Undecided,Invalid] https://launchpad.net/bugs/1007916
<uvirtbot> New bug: #996233 in python-novaclient "nova and python-novaclient disagree on  volumes API URLs" [Undecided,Confirmed] https://launchpad.net/bugs/996233
<uvirtbot> New bug: #1001088 in nova "iSCSI targets are not restored following a reboot" [High,Confirmed] https://launchpad.net/bugs/1001088
<uvirtbot> New bug: #1008205 in samba (main) "package samba 2:3.6.3-2ubuntu2.1 failed to install/upgrade: dpkg-deb --fsys-tarfile alfolyamat 2 hibakÃ³ddal kilÃ©pett" [Low,Incomplete] https://launchpad.net/bugs/1008205
<n2deep> RoyK: I'm waiting for KVM on OpenIndiana to level off a little bit before I explore that deeply.
<n2deep> RoyK: I've explored zones on OS/OI, now I'm exploring LXC on Linux, since LXC seems to have matured recently.
<SpamapS> n2deep: LXC still has a long way to go to catch up with things like OpenVZ.. but its quite cool and quite useful right now. :)
<JoeCoder> Hello.  I used certtools to create a private key and certificate request, traded the request with my ssl provider for a cert and chain file; all this works great with apache.  but when I modify /etc/postfix/main.cf to point to the private-key and cert files, it acts like it doesn't even read them.  Inspecting the cert in thunderbird shows Organization=Courier Mail Server
<JoeCoder> this is my main.cf:  https://gist.github.com/589c9e2d23617b4230c0
<JoeCoder> my changes are at the very bottom
<JoeCoder> the paths are valid
<JoeCoder> mail.log records these errors:
<JoeCoder> imapd: couriertls: read: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
<JoeCoder> any ideas?
<JoeCoder> wait, duh.  Those settings are for smtp
<JoeCoder> thunderbird complains about the cert on opening the inbox, not on sending.
<JoeCoder> so I think I need to be configuring courier and not postfix?
<JoeCoder> one wonders how i got this far and am still asking questions like that.
<JoeCoder> can I use one private key / certificate request to get certificates for multiple domains?
<qman__> only if you get a wildcard cert, which costs a small fortune
<qman__> you can use the same key but you have to buy a separate cert for each domain, and each needs its own request
<JoeCoder> so far, startssl has been giving me certs for multiple domains for free
<JoeCoder> but each one needs a different request--that's what I wanted to know.
<qman__> yeah, I got one through them too
<qman__> a little difficult to get set up compared to others, but free is free, and they've definitely got security in mind
<JoeCoder> I thought it was difficult too; but it was the first time I setup a cert with anyone.
<qman__> most of the difficulty is in the fact that most browsers don't have client certificates implemented properly / well
<qman__> and client certificates have been around for ages, most people just don't use them
<JoeCoder> IE still complains that the domain name doesn't match the common name, but other browsers work
<uvirtbot> New bug: #1011048 in python-boto (main) "python-boto sqs commands error with access denied" [Undecided,New] https://launchpad.net/bugs/1011048
<axisys> how do I improve this mount command to give www-data (uid=33/gid=33) the full privilege? ``mount -t ext4 /dev/sdb1 /storage'' ?
<axisys> mount -t ext4 -o uid=33,gid=33 /dev/sdb1 /storage did not work.. aparently not valid option for ext4 per man page
<axisys> how to mount ext fs as non-root user?
<andol> axisys: Why would you want to do that, instead of actually setting the permission within the mounted filesystem?
<axisys> andol: because I was not thinking.. sorry
<andol> axisys: Common mistake :)
<blendedbychris> any idea how to fix a server that simply powers down after a reboot command instead of powering back on
<uvirtbot> New bug: #1011089 in postfix (main) "package postfix 2.9.1-5 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1011089
<ironm> Hello. does anyone run mysqld_multi on MariaDB 5.5.24 / ubuntu-server 11.10 or 12.04?
<uvirtbot> New bug: #1010772 in amavisd-new (main) "E: changelog for this version is not (yet) available;" [Undecided,New] https://launchpad.net/bugs/1010772
<uvirtbot> New bug: #1011184 in nagios3 (main) "package nagios3-cgi 3.2.3-3ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1011184
<uvirtbot> New bug: #1011206 in openldap (main) "package slapd 2.4.28-1.1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 990759)" [Undecided,New] https://launchpad.net/bugs/1011206
<smw> Is there any type of ubuntu server certification?
<uvirtbot> New bug: #1011227 in openldap (main) "package slapd 2.4.28-1.1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1011227
<njin> Hallo, can you tell if this is a bug ?  https://bugs.launchpad.net/ubuntu/+bug/1010786
<uvirtbot> Launchpad bug 1010786 in ubuntu "search results do not work once a terminal log off is done on ubuntu server" [Undecided,New]
<njin> I cannot understand what is meaning
<djdan2k8> Hi im looking for some advice i need to downgrade my version of php from 5.3 to 5.2 on my Ubuntu vps using plesk any help would be great
<sergevn> hi
<pmatulis> djdan2k8: normally you get one version per ubuntu release.  otherwise you need to use a PPA or have some kind of hybrid release config in sources.list
<LordOfTime> djdan2k8:  you'd need a PPA with the lower version, why does 5.3 not work for you?
<LordOfTime> (5.2 is old and has security flaws)
<njin> bug 1007371
<uvirtbot> Launchpad bug 1007371 in ubuntu "Precise - bonding without link aggregation" [Undecided,New] https://launchpad.net/bugs/1007371
<LordOfTime> njin:  is this your bug?
<njin> no, are reports without package assigned
<LordOfTime> ah
<LordOfTime> well this one doesnt seem to be a bug report
 * LordOfTime si on bug sqwuad
<LordOfTime> is*
<njin> and i don't know server side
<LordOfTime> squad*
 * LordOfTime grabs a few bugcontrol people
<djdan2k8> it is because of a joomla plugin i need to use dosnt support 5.3
<LordOfTime> djdan2k8:  so find a newer plugin?
<LordOfTime> djdan2k8:  i dont think Joomla supports 5.2.x after a while
<djdan2k8> there isnt one
<LordOfTime> did you make sure Joomla itself supports 5.2.x still?
<LordOfTime> afaik they were planning on phasing out 5.2.x support
<docmur> My email server can send email but not receive email, when I try to send email from google to my server I get 554 5.7.1  ( as the error code ).
<docmur> I don't know what to check
<guntbert> docmur: are you experienced with managing mail servers?
<docmur> not at all
<docmur> this is my first time trying to set one up
<guntbert> docmur: then don't try with a publicly available one!!   just do it in a private network to get your feet wet
<docmur> I'm just using gmail to see if my mail server can receive emails, which is what the issue is, I can send them fine but I can't get them in
<docmur> well I'm getting the same error if I try to send a message from a computer on the same network
<guntbert> docmur: please stop the server - open mail relays can get you in serious trouble - they are the tool for spammers
<shauno> docmur: there should be more text in that error message that'd tell you.  usually 'client access denied' (the receiving server didn't accept connections), or 'relay access denied' (which is a good thing, you're just denying one destination too many)
<docmur> This is the section of the log where I send the mail out and can't get a message back from gmail http://pastebin.com/07cCejCM
<shauno> that reads like (line 20) you're not either authorative or allowing relaying for kw-flipcup.ca  (which is a sensible default.  out of the box you want to accept nothing, and then allow the bare minimum)
<docmur> I figure thats the issue, I just don't know what to change,  I know in /etc/postfix/main.cf there is relay_host but every guide I find never sets that value
<guntbert> shauno: don't you share my view that is is a bad idea â¢  for an inexperienced person to set up a publicly available mail server?
<shauno> if you're the only server accepting mail for that domain, it'd be mydestination = I believe (but google that)
<docmur> How is it publically available??  You still have to get to the mail server to even make an account
<docmur> which is behind the firewall
<docmur> you can't just access it openly
<shauno> guntbert: he appears to have a sane default to work from.  it's not accepting *any* inbound, which is a sane place to start from
<docmur> so do this:   relay_host=$my_destination
<guntbert> docmur: how do you expect gmail to send any mails to your server when it is behind a firewall?
<docmur> you open the required ports and only the required ports
<docmur> this is my main.cf file ( edited of course ) http://pastebin.com/FNbcHaAa
<guntbert> docmur: if you open the required port (25) then your server is publicly available - keep that in mind
<guntbert> shauno: you are right, but a sane default doesn't necessarily stay sane when someone fiddles with the config
<docmur> well in either case nothing can get to the server right now so no harm
<shauno> he's right to worry.  if you start accepting relaying for anyone you're not authorative for, you end up on dns blacklists.  which is a pain for you, and your upstream host
<uvirtbot> New bug: #1011307 in bind9 (main) "dig(1) says that dig queries servers listed in resolv.conf, but this is not always the case" [Undecided,New] https://launchpad.net/bugs/1011307
<uvirtbot> New bug: #1006715 in python-pika (universe) "[MIR] python-pika" [Undecided,Incomplete] https://launchpad.net/bugs/1006715
<pacci> !list
<ubottu> pacci: No warez here! This is not a file sharing channel (or network); read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â». If you're looking for a channel, see Â« /msg ubottu !alis Â».
<Womkes> been working for 3 days now on how to get KVM working with DRBD block device under ubuntu
<Womkes> cant find any tutorials on this matter
<Womkes> ive tried vmbuilder and virt-manager
<Womkes> nothign works
<RoyK> Womkes: dunno, but with VMs, wouldn't it be better to setup the redundancy on the VM side instead of using DRBD, which, IMHO is meant for iron?
 * RoyK is off to slee
 * RoyK is off to sleep
#ubuntu-server 2013-06-03
<tohuw> What would be the most simple/correct entry in an OpenLDAP DIT for an account that will be used by third party software to bind, search, create and modify objects in a certain base? objectClass=simpleSecurityObject?
<mardraum> hallyn: virsh migrate is broken in saucy, but it's apparently a known issue with libvirt that will be fixed in 1.0.6 - http://libvirt.org/git/?p=libvirt.git;a=commit;h=d6670a64e1067f29da3c3e032739e140280b763d
<arrrghhh> qman__, you there?  I was thinking about how I can solve this... is there a way to "force" ssh or port 22 to always use eth0 or my 192.168 IP?
<tohuw> Given that Ubuntu Server 12.04 uses the slapd-config (RTC) configuration method, should I still change ACLs via slapd.conf, or is there some other way to modify them?
<tohuw> arrrghhh: You can specify listening interfaces in /etc/ssh/sshd_config
<arrrghhh> tohuw, what about for the response out?  I have openvpn running as a client, and that is the "preferred" route in my table when that is up
<tohuw> SSH itself transceives on a single port. If you have a route redirecting traffic on port 22 from the host to a destination, you'll need to rework this route appropriately to make it do what you want to do.
<arrrghhh> well I don't have any specific routes yet
<arrrghhh> when the tunnel is up, I see a new default route and my "normal" default route is given a metric of 100
<arrrghhh> which is fine, I would prefer all the traffic go over the VPN... except for ssh haha :)
<tohuw> Ah. Then make a route for SSH.
<arrrghhh> hm.  I found a tip on using iptables to "mangle" the packet
<mike00> how do i change run levels to boot into a window manager or console mode when system starts
<tohuw> mike00: it's set in /etc/init/rc-sysinit.conf. See man init(5) for more information.
<mike00> awesome. thanks.
<Katafalkas> Hey, I am trying to list all environmental variables. with commands like printenv and end, I can see majority of them. But I do not see the variables I set pyself. Lets say i have a " export MY_ENV=development ", but it is not listed in the env or printenv command
<Katafalkas> myself **
<ball> Katafalkas: have you tried "set"?
<Katafalkas> just did
<Katafalkas> it does not show the varieble either
<ball> I don't know whether that works on Ubuntu Server.  It may depend on your shell.
<Katafalkas> i also tried echo $MY_ENV
<Katafalkas> it prints nothing eithert
<tohuw> Katafalkas: printenv displays all variables present (when called with no arguments) If it isn't there, it is not set.
<mike00> anyone familiar with cups and lpr in here?
<tohuw> !anyone | mike00
<ubottu> mike00: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<ball> Katafalkas: Hang on, I'll try it on my daughter's PC
<Katafalkas> if I do it in terminal - export MYENV=dev - it shows up in all of the commands. But when I do it in a script.sh - it does not seem to work ... kinda wierd
<Katafalkas> cheers ball
<mike00> So on my server 13.04 i have it auto login to a user and have a .xession loads window manager and browser. works great. Now how would I have ubuntu desktop read my .xession and load window manager/browser? it seems to boot into normal window manager.
<ball> Katafalkas: Ah, I know why that is.
<ball> Katafalkas: Try ". script.sh"
<ball> ...instead of just "script.sh"
<ball> Katafalkas: I think you're spawning a subshell in which to run your script.
<ball> Katafalkas: in which case the environment variable might die with your child shell.
<Katafalkas> ok. got it.
<Katafalkas> how do I set it globally got the entire machine ?
 * ball shrugs
<ball> Katafalkas: Did that work though?
<Katafalkas> sec. will try in a moment
<Katafalkas> it did work. That is coool.
<Katafalkas> cheers
<ball> ". script.sh" asks your shell to run the script in your current shell.
<ball> ...without spawning a subshell.
<Katafalkas> awesome.
<arrrghhh> Katafalkas, to add it permanently, put the variable in ~/.bashrc for your user
<arrrghhh> then restart that terminal, environment var sticks :)
<Katafalkas> arrrghhh: cheers. I just read to add it to /etc/environment.
<Katafalkas> whcih is better ?
<arrrghhh> cool
<arrrghhh> I think /etc/environment would be the machine
<arrrghhh> my method is user-based
<arrrghhh> I've always done .bashrc myself, but that is interesting, applying it to the whole machine
<Katafalkas> ok. so it worked like a charm system-wide in /etc/environment
<Katafalkas> cheers all for help
<arrrghhh> np, thx for the tip actually on /etc/environment
<arrrghhh> there's some things I would like global haha ;)
<tohuw> How can I be certain a conf file in /etc/apache2/conf.d is loading and being used?
<rbasak> jamespage: re: mongodb 2.4 patch - I emailed you the quilt patch
<jamespage> rbasak, yeah - I found it in the end :-)
<jamespage> (see last upload to saucy)
<rbasak> Great - thanks!
<rbasak> jamespage: do you think SRUs for bug 1185908 might be an idea? My though is that people using slapcat for backups may be getting inadvertent data loss.
<uvirtbot> Launchpad bug 1185908 in openldap "slapd: slapcat output truncated every now and then" [Undecided,Fix released] https://launchpad.net/bugs/1185908
<rbasak> jamespage: perhaps the submitter could prepare the SRUs?
<yolanda> jamespage, saw the failure on freeradius, what is causing that?
<jamespage> yolanda, 'chroot problem'
 * jamespage hits the retry button
<jamespage> rbasak, blimey
<jamespage> rbasak, yes
<jamespage> rbasak, do you do patch piloting yet? you should btw
<jamespage> rbasak, bug 1185573
<uvirtbot> Launchpad bug 1185573 in mysql-5.5 "apparmor profile denies read access to /run/mysqld/mysqld.pid" [Low,Triaged] https://launchpad.net/bugs/1185573
<jamespage> I think the proposed change sounds sane to me - but would appreciated your opinion as well
<rbasak> jamespage: it seems entirely sane that mysql should be able to read its own pid file. Perhaps the original profile was generated in a way or at a time that mysql didn't read it.
<jamespage> rbasak, more that likely
<rbasak> jamespage: I'm not a developer yet, so no patch piloting yet. My application meeting is 1 July
<jamespage> rbasak, that does not preclude you from piloting - comments and review are helpful for the proposers/reporters and for pilots with upload access
<rbasak> Hmm, OK
<hxm> hi
<hxm> someone told me a tutorial about create a git server
<hxm> does anyone remember a tutorial for get that or just something where i can get started
<hxm> also exists a git server which doesnt publish the code?
<daya> Hello guys, Could we make ubuntu 10.04 server iso, using 3.0 kernel?
<jamespage> zul: whats the status on your python3 updates -> Debian?
<jamespage> see bug 1185739
<uvirtbot> Launchpad bug 1185739 in python-json-patch "setup.py stumbles about an umlaut in jsonpatch.py when running under Python 3" [Undecided,New] https://launchpad.net/bugs/1185739
<jamespage> (just sponsored the fix)
<zul> delayed will be pushing them this week
<jamespage> zul, okay
<zul> jamespage:  i backported a bunch of packages for the cloud archive on friday however i left ceph for you since you are more familar than i am with it
<jamespage> zul, yeah - looking at that now - needs libunwind and google-perftools for arm support now
<hallyn> mardraum: feh, it was just fixed in 1.0.5 :)  do you need the fix cherrypicked into saucy today, or can you wait for the merge?
<mardraum> hallyn: it's no worries, thanks, I can wait
<mardraum> I'm only using saucy to test vm's
<carleeno> I'm having an issue with excessive performance lost when running more than 1 vm using libvirt in 12.04. Both VMs are running 12.04 as well. When I ssh into them, the terminal constantly freezes and losses connection if I have more than 1 vm running. Anybody have any ideas?
<carleeno> ...addition info on the setup, I'm not having the VMs process anything when the performance loss happens. Each vm is getting 2gb of ram (out of 16gb total on the host) and each vm gets 2 cores (out of 4)
<carleeno> ...I'm wondering if it might be a disk access or network issue, but not sure where to start. I'm using RAW img files for the virtual drives, parted and formatted ext4. Using virtio for the network, bridged to the host's adapter
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/
<jamespage> I've run them through the backport_package in the lab - all built OK
<jamespage> libunwind -> gperftools -> ceph
<zul> jamespage:  +1
<jamespage> zul, also had some response on ovs 1.10 from upstream/quantum
<jamespage> general +1 that 1.10 was the right way to go
<zul> coolness
<jamespage> just looking at the patches required for the 3.9 kernel now
<zul> jamespage:  this is foobared pbr and 2to1 have been backported to precise but it still ftbfs since it cant find pbr
<yolanda> jamespage, zul: https://code.launchpad.net/~yolanda.robla/keystone/havana/+merge/167038
<yolanda> and https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/nova/dep-8-tests/+merge/166995
<zul> jamespage:  do you want to have a look: ^^^ (i dont want to duplicate work)
<jamespage> zul, I will do after I look at ovs
<jamespage> zul, if you do keystone I'll do nova
<zul> ack
<zul> jamespage:  i think i figured out the precise-pbr stuff though
<jamespage> zul, good-oh - what was the problem?
<zul> jamespage:  well the clients work because it has the ">=" but nova etc doesnt so i think thats foobared (ill have a patch to test it first)
<zul> also we need a newer subunit for precise
<zul> just a theory first i think
<jamespage> yolanda, nova branch has a changelog conflict
<yolanda> let me see
<yolanda> ok, let me correct it
<zul> yolanda:  commented on keystone as well
<yolanda> ok
<yolanda> jamespage: https://code.launchpad.net/~yolanda.robla/nova/havana/+merge/167041
<jamespage> yolanda, one more tweak for nova I'm afraid
<yolanda> no problem
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/nova/nova-fix-setup-deps/+merge/167048
<jamespage> yolanda, +1
<yolanda> great! first autopkgtests for openstack!
<yolanda> i missed one test,the spice proxy because it was failing because of websockify dependency
<jamespage> yolanda, nice work btw
<jamespage> if we can get that level of base testing across all packages that would be great
<yolanda> simple tests, not testing any functionality but at least the basic things
<jamespage> yeah - but that is really important
<yolanda> yes, i will be focusing on it these days
<jamespage> we are moving from 'does it build' to 'does it build and at least run from packages'
<yolanda> yes, sometimes it wasn't like that :)
<hallyn> jamespage: hey - so i have a test qemu package with the rbd async flush patch.
<hallyn> jamespage: you wanted to try and sru this for raring right?  it's purely for performance, is that right?
<jamespage> hallyn, yes - I think so
<hallyn> do you have a test setup where you could easily do a comparative perftest?
<hallyn> Daviey: sgabios is in debian's NEW queue.  we'll want that in ubuntu so smoser can use it with qemu asap :)
<smoser> daviey is out.
<smoser> this week.
<hallyn> ah. thanks
<jamespage> hallyn, I don't - I can poke the reporter - I'm sure he will have/be able to test
<hallyn> jamespage: the packages are in http://people.canonical.com/~serge/qemu-rbd-async/
<rbasak> smoser: for bug 1134036, the third possibility I'm alluding to is that it's our responsibility to make sure that the locale is not broken - in which case I'm suggesting that cloud-init fix the problem, eg. by arranging to reset an invalid locale to C (or C.UTF-8), or perhaps by generating the correct locale on login (tricky!) or something.
<uvirtbot> Launchpad bug 1134036 in maas "Failure when using ssh with a locale that is not configured on the server" [Medium,Confirmed] https://launchpad.net/bugs/1134036
<smoser> rbasak, impossible to ensure that locale not broken
<smoser> and its not cloud-init's job to do so if you think it should be done.
<smoser> ie, this problem is by no means specific to "cloud" systems
<rbasak> cloud-init warns you though, doesn't it? Whatever the solution, it should be aligned with that warning.
<smoser> rbasak, right. cloud-init does warn you.
<smoser> and basically that was all i ben and I decided to do after considering other options.
<smoser> anything more than that warning, immo really is probably something "policy" for debian and or ubuntu (and work for foundations).
<smoser> not something that *shouldn't* be fixed, but not something i wanted to dive into and fix right.
<rbasak> smoser: OK. I'll start a thread on ubuntu-devel.
<smoser> but there should be a clear definition that says "that is not a bug"
<rbasak> I imagined that we'd need to go there anyway - but wanted to know your opinion first.
<smoser> (pitti pretty clearly said that, closing postgres bug as invalid, but that is not dfinitive)
<bigbrovar> Hi guys.. I noticed dhclient for renewing an IP lease nolonger works with Ubuntu 12.04 servers. not even service networking restart works. How is one suppose to renew an IP with ubuntu 12.04
<smoser> it should "just work".
<smoser> the dhclient daemon should handle it.
<zul> hallyn:  ill do 1.0.6 today
<bigbrovar> smoser: well like I said it doesnt work. I ran dhclient (like I have always done with previous LTS server versions) and it just returned me to my prompt
<patdk-wk> define, no longer works, cause it works for me :)
<hallyn> zul: awesome!
<bigbrovar> ifconfig showed I still have same IP
<hallyn> zul: there's qemu 1.5-3, but i'm going to wait on that for a few things.
<zul> such as?
<smoser> bigbrovar, you should have a pid like this running.
<smoser> dhclient -1 -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases eth0
<bigbrovar> smoser: and this was a vannila installation... just freshly booted up after a pxe install. the only way I was able to get a renewal was after restarting the server.
<smoser> i'm geussing that pid died if it isnt working.
<bigbrovar> smoser: this is what I get when I do a sudo dhclient RTNETLINK answers: File exists
<patdk-wk> you aren't suppost to run dhclient yourself
<bigbrovar> patdk-wk: ok. But how am I suppose to renew and IP lease?
<patdk-wk> you don't, dhclient running in the background will do it, at the times it was told to, by your dhcp server
<patdk-wk> now, if like smoser said, if dhclient died/crashed, it won't
<bigbrovar> patdk-wk: so the who process is suppose to just happen without user input (on a server) and if I changed the IP allocation on to a system from the dhcp server.. I either have to wait for dhclient to reflect the change or just reboot?
<hallyn> zul: sgabios to hit universe, and actually for 1.5-4 with a low prio cve fix
<zul> cool
<patdk-wk> bigbrovar, if you change the allocation on the dhcp server, you should know what your doing
<patdk-wk> normally the dhcp server says what it gives out, is valid for like 1 to 7 days
<patdk-wk> if it told your client that, the client won't check for a new ip till that 1 to 7 days is up
<bigbrovar> patdk-wk: this would not work for a setup where dhcp listens to ldap for ip address allocation using systems mac address .. if the IP were to change in Ldap then the only way to reflect the change in the machine is a reboot
<patdk-wk> it doesn't matter how you want it to work
<patdk-wk> understand the protocols and set the options correctly
<patdk-wk> if you want ip address changes to take effect imidently, set the dhcp lifetime to like 1second
<smoser> bigbrovar, you dont have to reboot.
<patdk-wk> and understand that your dhcp server will be very busy
<smoser> if you did: sudo sh -c 'ifdown eth0; rm -Rf /var/lib/dhcp/leases*; ifup eth0'
<smoser> it would probably work
<smoser> (the rm i'm not sure of, i just typed it, so i'd be careful:)
<bigbrovar> patdk-wk: different network have different configurations. removing the ability to renew lease from a client is not.. wise
<bigbrovar> smoser: thanks .. *you* at lease helped
<patdk-wk> heh? who said anyone removed the ability
<patdk-wk> it's just simple dhcp server options
<patdk-wk> dhcp was not made to have instant changes
<bigbrovar> patdk-wk: u assume I have control of the dhcp server
<smoser> bigbrovar, if the client was told that its lease was good for 7 days, and you restart networking, its "doing the right thing" if it says "oh look, a valid lease, I'll use that"
<smoser> deleting its cache is just forcing it to forget that.
<patdk-wk> bigbrovar, if you have no control, it's a non-issue, cause no matter what you do, it's going be an issue
<bigbrovar> smoser: live was just much better when dhclient did what it always did. anyway thanks
<smoser> i really doubt anything changed here in 12.04
<smoser> it may have, though.
<gray--> hi all, is there a non-cobbler deployment method that ubuntu recommend for bare-metal provisioning?
<gray--> (not MaaS either please!)
<roaksoax> gray--: nope, only MAAS is the recommended remote deployment method
<roaksoax> gray--: why don't you like maas?
<gray--> gah
<roaksoax> gray--: you can setup your own tftp/pxe server + dhcp server to do remote deployments, but that's too much work when you have maas
<gray--> i can't seem to find a deployment method whereby ubuntu will accept an IP and hostname properly.  if i hand-roll dhcpd, kickstart and preseed, then i need to make a preseed file for each host i want to install
<gray--> just feelsâ¦ 'incomplete'
<roaksoax> gray--: MAAS sets hostnames properly, but uses DHCP for the hosts
<roaksoax> yo would need to configure MAAS to manage DHCP/DNS though
<gray--> perhaps make the dhcp server give it its name, and then if i can make it use that hostname in the kernel options to select the preseed fileâ¦ that could work
<qman__> smoser, the only thing that's changed in dhclient is now it isn't verbose by default; it still does the same thing, and you just add -v to see it
<gray--> (haven't tried maas on raring btw)
<roaksoax> gray--: maas tells the hostname to use on the kernel options
<gray--> cobbler does seem to be unloved from an ubuntu perspective
<gray--> aha, so it wasn't the weirdest idea i've ever had :)
<smoser> gray--, you should give maas on raring a chance.
<roaksoax> gray--: we used to use cobbler for 'orchestra', but we decided to move on
<smoser> with managed dhcp, it is pretty reasonable.
<roaksoax> indeed
<gray--> and it uses some sort of apache outputfilter to spit the preseed back or something?
<gray--> i will give it a go, thank you
<gray--> and i'll report back
<gray--> :)
<smoser> gray--, well, it renders template files. (which, unfortunately aren't really easily user-editable)
<gray--> preseed files you mean?
<smoser> it renders django template files into preseed files
<roaksoax> gray--: yeah, so the preseeds are tempita based templates
<gray--> oo, sounds interesting
<smoser> yeah, s/django/tempita/ sorry.
<gray--> wonder if i can write that as an apache output filter in, perhaps, perl
<gray--> old skool
<gray--> thanks for the advice guys, will give maas a go over the next 24 hours, appreciated
<smoser> roaksoax, do we have usage of the dhcp nouid patch in maas in raring ?
<smoser> looks like no
<smoser> https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1069570
<uvirtbot> Launchpad bug 1069570 in isc-dhcp "1 MAC Address, two IPs - DNS is "out of sync" with DHCP leases databases, I think..." [Undecided,Fix released]
<gray--> 1 mac, 2 ips, sounds like a interweb viral vid waiting to happen
<jamespage> hallyn, my reporter sucks at raising bugs - so I raised bug 1187046
<uvirtbot> Launchpad bug 1187046 in qemu "rbd driver uses sync flush which blocks qemu thread/causes guest latency" [Undecided,New] https://launchpad.net/bugs/1187046
<jamespage> I've asked him to comment with a test case and try out your packages (mikedawson on #ceph @ OFTC irc)
<hallyn> jamespage: thanks
<hallyn> jamespage: i'll wait until he does that before i mark it fix released and finish the sru details
<marshall> hey ubuntu
<roaksoax> win 2
<marshall> how do I set the default permissions for a user on my system? every file they create has rw-r--r--. I've tried setting UMASK 002 in /etc/login.defs but when I 'sudo -u <username>' I'm still creating files with the old permissions.
<Pupeno> How do I specify a custom command for stop in an upstart job?
<Pupeno> I mean a task.
<RoyK> marshall: umask
<RoyK> oh
<RoyK> marshall: in su, there's su - user to get the user's environment
<marshall> ok
<marshall> so when i do "sudo -u <user> bash" what am I doing?
<qman__> running bash as that user with your existing environment, I think
<sarnold> marshall: try sudo -i -u username
<qman__> take note also of sudo -i and sudo -s
<jamespage> rbasak, as a special treat can I ask you to take a look at https://launchpad.net/ubuntu/+source/golang/2:1.1-1/+build/4578681
<jamespage> I *think* its doing something odd with sf/hf but I'm not 100% sure
<zul> hallyn:  wow...most painless one yet http://paste.ubuntu.com/5729918/
<hallyn> sweet
<rbasak> jamespage: oooh, my favourite type of treat! I'll look at it tomorrow.
<jamespage> rbasak, thanks v much
<hallyn> zul: strict monthly releases should hopefully make it easier, yeah
<zul> hallyn:  ill swing it up to my ppa so you can test it out
<hallyn> hm, will need to find a box
<marshall> I have a supervisor conf that runs as "user=mcn", and it seems that everything created by this process has the permissions 644, when I'd like it to have 664. How should I make it so? here is a paste of my supervisor.conf http://pastebin.com/AF8CT4BF
<sarnold> marshall: can you edit start_gunicorn.sh to add 'umask 0002'?
<zul> jamespage:  i think i narrowed it down to subunit
<zul> xnox:  ping
<zul> hallyn:  https://launchpad.net/~zulcss/+archive/libvirt
<hallyn> zul alrighty
<hallyn> will set that up soon as i finish testing loopback driver in lxc
<hallyn> oh no, no zul
<adam_g> jamespage, all charms merged except glance, which required some non-trivial changes to resolve conflicts. see comments on https://code.launchpad.net/~openstack-charmers/charms/precise/glance/ha-support/+merge/166335
<lunaphyte_> hi.  i'm attempting to update from 12.10 to 13.04 with do-release-upgrade, but getting an error:  http://dpaste.com/1209938/
<lunaphyte_> i'm trying to figure out what i can do to further troubleshoot this
<lunaphyte_> aha, figured it out.  python-apt is needed, but i guess there's some deficiency in dependency handling and it was allowed to be removed
<sarnold> lunaphyte_: nice, thanks
<sarnold> lunaphyte_: can you file a bugreport? :)
<lunaphyte_> well, that's actually where i found the reference :)  https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/994152
<uvirtbot> Launchpad bug 994152 in ubuntu-release-upgrader "do-release-upgrade says it can not run the upgrade" [Undecided,New]
<lunaphyte_> i didmark it as affecting me though
<lunaphyte_> *did mark
<lunaphyte_> it's too bad that python-apt drags in old versions of python though
<sarnold> hunh
<cppCzar> Can anyone give me some server help?
<cppCzar> when attempting to run "sudo apt -get install mmap" I'm getting error messages such as "Failed to fetch http://us.archive.ubuntu.com/..."
<sarnold> cppCzar: 'apt' isn't a command... perhaps you should pastebin what you typed and what happened..
<enraged> Has anyone got OpenSSh6.2 for Ubuntu12.04?
<cppCzar> http://pastebin.com/28sB49MD
<cppCzar> sarnold: http://pastebin.com/28sB49MD
<lunaphyte_> sounds like dns problems to me
<lunaphyte_> what does dig us.archive.ubuntu.com say?
<lunaphyte_> pastebin input and output
<sarnold> cppCzar: hrm. I can resolve us.archive.ubuntu.com just fine..
<cppCzar> do you have a static ip address?
<cppCzar> Oh okay
<lunaphyte_> just pastebin the command and output
<cppCzar> connection timed out, no servers could be reached
<cppCzar> paste binning
<sarnold> oh man :/
<lunaphyte_> also pastebin cat /etc/resolv.conf
<sarnold> cppCzar: perhaps the DNS servers in your /etc/resolv.conf are dead / missing
<cppCzar> lunaphyte_: http://pastebin.com/RWSVi2xk
<sarnold> cppCzar: if you're responsible for those, you'll have more work to fix them. if you're not responsible for those, perhaps you can just put "nameserver 8.8.8.8" into the file and continue your work today..
<cppCzar> lunaphyte_: http://pastebin.com/0ZceGr20
<lunaphyte_> oh, heh.
<cppCzar> It's just a server at home I'm trying to set up for a project
<lunaphyte_> empty.
<lunaphyte_> are you running a gui?
<cppCzar> no
<cppCzar> I also don't have a static ip address
<cppCzar> and don't know if that has anything to do with it
<lunaphyte_> if it were me, i'd just remove resolvconf, and put my nameservers in resolv.conf
<cppCzar> lunaphyte_: I don't know what that would do
<resno> lunaphyte_: doesnt resolv.conf reseton reboot
<cppCzar> lunaphyte_: Do you have a static ip address?
<sarnold> resno: if the resolvconf package is installed, yes
<lunaphyte_> oh, yeah, if you're a dhcp client, then you'd [likely] want to make sure that the dhcp client software was properly populating resolv.conf
<cppCzar> I don't know how to set up my network configuration
<cppCzar> meaning change it to dhcp
<cppCzar> I tried to get a static ip address and it didn't work- my iso doesn't do that
<cppCzar> so now I have to do dhcp
<lunaphyte_> your iso?
<lunaphyte_> oh, isp?
<lunaphyte_> heh
<cppCzar> yeah
<cppCzar> isp*
<lunaphyte_> well, dhcp should work fine.
<cppCzar> okay, well I'm changing it back to dhcp
<cppCzar> in the /etc/network/interfaces file
<lunaphyte_> it wasn't?
<lunaphyte_> i thought you said you were using dhcp.
<cppCzar> I had tried to change it to static
<cppCzar> my apologies
<lunaphyte_> oh.  well that would likely explain why resolv.conf was empty, unless you had included provisions for its configuration in /etc/network/interfaces
<cppCzar> It's working this time
<cppCzar> :D
<cppCzar> Now I've gotta get it connected to the outside world using dhcp
<cppCzar> is that possible?
<cppCzar> Meaning that I'll be able to ssh into it from wherever?
<sarnold> cppCzar: if you're behind a NAT firewall (most consumer routers..) then you'll need to configure port forwarding on your router / firewall
<cppCzar> sarnold:Okay
<cppCzar> sarnold: do I need to install a Dynamic Update Client?
<sarnold> cppCzar: if your ISP changes your publicly routable IP address often, yes
<lunaphyte_> well, you don't *have* to :)
<sarnold> yeah. in theory my ISP changes my IP address on occasion, but I'm content to just change my /etc/hosts file before travelling, if needed :)
<swaT30> is it known when Quantum 2013.1.1 will be released in the Ubuntu Cloud Archive?
<roaksoax> zul: ^^
<zul> adam_g: ^^^
<adam_g> swaT30, waiting for the correpsonding ubuntu SRU to be released. its been verified, just waiting for SRU team to release it. once it has, it will be promptly backported to cloud archive
<adam_g> swaT30, subscribe to  https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1179626 if you're interested in tracking
<uvirtbot> Launchpad bug 1179626 in quantum "Meta bug for tracking Openstack 2013.1.1 Stable Update" [Undecided,Fix committed]
<swaT30> adam_g: great, thanks for the info! is there an approximate ETA? will subscribe for sure
<roaksoax> swaT30: we are hopping that the SRU will be released this week
<adam_g> swaT30, in the next day or two i hope
<swaT30> great, so we should be good to go next week?
<adam_g> Daviey, ^^ FYI verification-done on both openstack SRUs, if you can help move along  before they get trumped by another security update. :)
<adam_g> swaT30, ideally, yes. its a matter of someone releasing the update via ubuntu SRU. currently quantum (and the other openstack point releases) are sitting in queue with other ubuntu updates waiting to be released (http://people.canonical.com/~ubuntu-archive/pending-sru.html)
<adam_g> swaT30, the cloud archive packages are aligned with those in ubuntu, so as it progresses in ubuntu it will in the cloud archive
<roaksoax> swaT30: so in order words, it is just matter of administrative processing
<swaT30> adam_g: ahh, gotcha. so once the SRU for Raring is out, it will be ported into the cloud archive?
<adam_g> swaT30, yup
<swaT30> adam_g: great, thanks for the insight. still getting my head wrapped around all of the release cycle stuff
<swaT30> roaksoax, adam_g: appreciate the info guys
<adam_g> swaT30, np :) i'll be packaging up the 2013.1.2 update when it is out friday, so ideally the 2013.1.1 will have been released by then
<kobrien> any idea why my encrypted home directory unmounts itself after every logout and I have to "ecrypt-mount-private everytime I login?
<swaT30> adam_g: great! hard to keep up with those OpenStack folks eh ;)
<germanstudent> Hey. Does anyone know a good ressource what could cause slow network speed with an ubuntu-server. I have a new root server, I did not change touch anything and the bandwith is really low. When I boot the same server in the resque system speed is as it should be. interfaces looks right to me
<jdstrand> adam_g: which openstack SRUs are you referring to? I have keystone for quantal and raring I am trying to get out today?
<adam_g> jdstrand, jeez, yah. both raring and quantal still have SRUs waiting to be released
<adam_g> jdstrand, everything has verification-done so they should be good to go
<jdstrand> I wanted to have these out last week, but the testsuite was all messed up so it took me forever to get it to work
<jdstrand> crap
<jdstrand> so I have to rebase on this? I am all tested *and* on holiday all week
<jdstrand> I guess the updates will have to wait til next week
<adam_g> jdstrand, hmm. this seems like a good enough reason to pester someone to get the verified releases out. any ideas who i should ping?
<jdstrand> well, not really, I will have to redo all my testsuite fixes and I can't do that and test before I don't have internet access anymore so it doesn't matter
<jdstrand> the security fix will just have to wait
<adam_g> jdstrand, is the security issue public?
<jdstrand> yes
<jdstrand> bug #1179615
<uvirtbot> Launchpad bug 1179615 in keystone/folsom "[OSSA 2013-014] auth_token middleware neglects to check expiry of signed token" [Critical,Fix committed] https://launchpad.net/bugs/1179615
<jdstrand> it seem like a simple fix, except ssl certs expired and have to be regenerated and there are year 2038 bugs in the upstream testsuite
<adam_g> jdstrand, if im reading that correctly, it is a security update for keystone folsom/quantal and python-keystoneclient raring?  python-keystoneclient is not part of our MRE updates, so that should be okay
<jdstrand> you read that correct. ok so raring could go out
<jdstrand> raring is the more important one, since PKI is enabled by default there
<adam_g> jdstrand, also, i hit the same expired certs and had it fixed upstream, see https://review.openstack.org/#/c/30147/
<adam_g> year 2038 bugs are new to me, tho
<jdstrand> adam_g: yes, that uses the year 2112
<jdstrand> I saw either that patch or some variation on it
<jdstrand> if I build it locally in and amd64 schroot, it works, if I do in an i386 schroot, it does not
<jdstrand> if change the year to 2037, it works fine
<jdstrand> there is also the year 2999 in tests/test_auth_token_middleware.py that needs to be fixed
<adam_g> jdstrand, that patch fixed cert related FTBFS issues for me . keystone 2012.2.4-0ubuntu3 in quantal-proposed has it applied
<jdstrand> I don't know why it is working on the buildd
<adam_g> jdstrand, is there a bug somewhere i can bring to the attention of upstream? the maintainer was very quick to get those certs updated
<jdstrand> not yet, I was going to file it after I had everything published
<jdstrand> it's just testsuite data, so I figured that was best
<adam_g> ah
<jdstrand> but then, well, I'm on holiday
<jdstrand> (and still testing)
<adam_g> jdstrand :|
<adam_g> i need to run out, back in a bit.
<jdstrand> I guess I'll finish raring and then just do quantal next week
<xnox> zul: heya.
<xnox> zul: what's up?
<zul> xnox:  do the shebang stuff in subunit makes it really difficult to backport it to precise :(
<xnox> zul: it shouldn't.... the shebang stuff only matter for python3 and there aren't that many python3 modules on precise anyway..... unless that's what you are after?!
<xnox> zul: I would revert back to python2-only package if I was to backport to precise.
<zul> http://paste.ubuntu.com/5730751/
<xnox> zul: do something like http://paste.ubuntu.com/5730757/
<xnox> call it "normally" and ignore with shebang. Or simply remove the shebang arg.
<xnox> the only difference is "#!/usr/bin/python3" (with this option, more correct) vs "#!/usr/bin/python3.2" (without the option, needlessly strict)
<zul> xnox:  ok cool
<Nadja> I'm about to switch from FreeBSD to Ubuntu as my router OS. The box connects to the INET via PPPoE and is an accesspoint. What I cannot get to work is bridging between the wlan and the lan. I can ping and stuff, but large packets from wlan to internet seem to "hang". How can I debug what happens to these packets?
<lifeless> you've got an pMTUd blackhole going on . I suggest reading up on that.
<sarnold> Nadja: can you find the packet sizes that stop working with ping -s ?
<Nadja> sarnold: I haven't tried yet, good idea. A bit of a pain on a mobile phone, but let's see
<Nadja> ping -s 1396 goes well, 1397 doesn't
<Nadja> lifeless: Can I assume that using iptables with clamp-mss-to-pmtu isn't gonna solve my problem?
<ruben231> hi guys i always lost my name server evry reboot where do i exactly put the nameserver 8.8.8.8 on Ubutnu serevr 12.04 LTS
<jacobw> ruben231: man resolvconf
<ruben231> jacobw: where shoudl i put this can you give a hint somehow
<ruben231> directly
<sarnold> ruben231: a hint about manpages; most have a FILES section near the bottom that can help speed up answering those kinds of questions
<jacobw> ruben231: tldr; `sudo echo 'nameserver 8.8.8.8' >> /etc/resolvconf/resolv.conf.d/base`
<sarnold> heh, sudo and >> don't mix
<ruben231> jacobw: thanks
<ruben231>  hi guys i have problme with my NSF share when i mount it manully ti works great but when i reboot it dissapear even i put ti on fstab like this ---> 172.16.0.205:/volume1/NewMP3Recordings /var/spool/asterisk/monitorDONE/MP3 nfs 0 0
<ruben231>  it wont mount after reboot, what could be the problem with that commadn on fstab
<sarnold> ruben231: I believe you forgot the fourth fstab field, fs_mntops
<ruben231> sarnold: what is that field..?
<sarnold> ruben231: that field describes the mount options -- read only, read-write, if devices, executables, or setuid files are allowed on the mount point, and, most important to you right now :), if the filesystem should be automatically mounted at boot
<sarnold> ruben231: most people use 'defaults' most of the time, but be sure to read the fstab manpage and make sure the defaults are right for you
#ubuntu-server 2013-06-04
<tohuw> Does anyone have a working SOGo implementation who can shed light on how they configured Postfix and Dovecot? I am unclear on how much and what configuration needs to be done in the respective configuration files to allow SOGo to use them.
<patdk-lap> SOGo?
<patdk-lap> oh, no more than the normal minimal setup required
<sarnold> wow, this sogo actually looks tolerable :)
<hallyn> zul: virsh -c qemu:///session list hangs in 1.0.6
<hallyn> (keeps trying to access /run/user/1000/libvirt/libvirt-sock
<tohuw> patdk-lap: Can you elaborate a bit? Do I need to configure Dovecot and Postfix to look to LDAP, for example?
<tohuw> patdk-lap: Right now, I can send mail, but not save drafts (because no mail folders exist and it can't seem to create them), and I can't receive mailâ¦ I am unclear on what configuration I need to provide postfix and dovecot. Telnet mail tests to the server on 25 returns "Recipient address rejected: User unknown in local recipient table"
<sarnold> tohuw: are there any errors in the logs?
<tohuw> sarnold: Yes, sorry, should have mentioned that. One moment...
<sarnold> yay errors in logs are a concrete thing to work with :)
<zul> hallyn:  shit
<tohuw> sarnold: In sogo.log I get several entries like: Jun 03 20:01:44 sogod [7677]: [ERROR] <0x0x7f49b9099e90[NGImap4ConnectionManager]> IMAP4 login failed: host=localhost, user=tohuw, pwd=yes url=imap://tohuw@localhost/ base=(null) base-class=(null)) = <0x0x7f49b91d4a40[NGImap4Client]: login=tohuw(pwd) socket=<NGActiveSocket[0x0x7f49b8b86990]: mode=rw address=<0x0x7f49b8b86a30[NGInternetSocketAddress]: host=isaac.tohuw.net port=59137>
<tohuw> connectedTo=<0x0x7f49b91d4ba0[NGInternetSocketAddress]: host=localhost port=143>>>
<tohuw> I find it odd it would try "tohuw@localhost", as I set a public domain for the server when I installed postfix, and configured this same domain in sogo.conf
<sarnold> tohuw: did your imap client know about the domain?
<tohuw> sarnold: meaning dovecot? That's a good question
<sarnold> tohuw: well, I meant mutt or thunderbird or whatever..
<tohuw> sarnold: You, mean just try to set up an IMAP account with a client and see what happens?
<sarnold> tohuw: ah. I thought that's what you'd done so far.
<sarnold> I mean, 'tohuw' got in the logs somehow.. :)
<tohuw> Oh, that's sogo trying to connect me because I logged into the web interface, I expect.
<sarnold> aha :)
<cppCzar> If I installed the Dynamic updater from noip after registering on noip, how do I make my server sshable from across the internet?
<hallyn> zul: though it's possible i'm having kernel issues...
<zul> ill double check tomorrow but the tests paast
<hallyn> zul: lp:qa-regression-testing scripts/test-libvirt.py passed?
<zul> havent ran that one yet
<hallyn> if so then yeah must be my kernel.  i'll set up a new vm
<Syria> Hello, I have a problem with apache service, please see this link http://paste.ubuntu.com/5731767/
<Tex_Nick> Syria : if you don't get an answer here, you might ask in #httpd
<tohuw> Can anyone with a working SOGo implementation shed some light on how they configured Dovecot or Cyrus? I am receiving errors like "sogod [15890]: [ERROR] <0x0x7fe1825f18d0[NGImap4ConnectionManager]> IMAP4 login failed:*
<Senor> what is the node for usb device?
<Senor> under /dev
<rbasak> Depends on the type of device. Not all USB devices necessarily have nodes in /dev
<xlaire> hello good morning
<Senor> rbasak:How can I look the files in usb device ?
<MrQuist> Senor, you mean view?
<RoyK> Senor: what sort of usb device is this?
<xlaire> what are difference between ubuntu server and the ubuntu cloud
<MrQuist> the one is a server the other is a cloud
<xlaire> ok still don't understand
<MrQuist> .w
<MrQuist> heheh
<MrQuist> A 'cloud' is a lot of servers combined
<RoyK> cloud is more foggy, obviously
<MrQuist> a 'server' is a stand-alone machine
<MrQuist> Check out SkyNet, Matrix. That's all cloud-based.
<xlaire> ty
<Senor> MrQuist:yes
<MrQuist> Rain is cloudbased as well.
<xlaire> i think i understand it now
<MrQuist> Great!
<MrQuist> Also, google helps a lot.
<xlaire> k thx MrQuist
<MrQuist> xlaire, http://goo.gl/CBvR0
<xlaire> :P
<Senor> RoyK:removable parallel usb
<yolanda> zul, jamespage: https://code.launchpad.net/~yolanda.robla/quantum/havana/+merge/167230
<RoyK> Senor: parallel usb?!?
<Senor> parallel bus
<RoyK> url?
<bicyus> hello everyone!
<Daviey> adam_g: If the publish isn't done in a few hours, i will
<Daviey> hallyn: Does sgabios still need review?
<bicyus> Hi! has any of you get to deploy OpenStack with MAAS+JuJu on 12.04 ? i'm getting mad!
<gray--> hi all, a few chaps from here recommended i use maas for deployment, so giving that a go today (roaksoax, you here? :) ).  I've come across this error on a vanilla 13.04 server install, with an 'apt-get install maas maas-dns maas-dhcp'
<gray--> http://pastebin.com/Wkguv4Fg
<gray--> reproducable via 'dpkg  --configure maas-region-controller'
<gray--> but sadly, no more debug is given by -D2000
<gray--> any suggestions? :)
<gray--> (or smoser, if you're around pal?)
<jamespage> adam_g, did you poke any SRU folks about the folsom and grizzly sru's pending?
<jamespage> (before I go nag as well)
<hallyn> Daviey: i don't think so.  it's in debian NEW, just waiting at this point
<smoser> gray--, here now.
<gray--> hey, how's it going?
<smoser> its a wonderful day.
<gray--> sure is!
<smoser> let me look at that real quick. i suspect something in the configure script is confused by your network setup
<gray--> doesn't happen very often in lonon!
<gray--> london even
<gray--> i had hoped there'd be enough debug to tell me what was calling that scriptâ¦ but alas, none
<gray--> i''m actually reinstalling the server to make sure nothing funky happened first time round
<bicyus> gray--: "dpkg-reconfigure maas-region-controller"  ?
<gray--> hey bicyus, 2 mins, just reinstalling to see if it comes back
<bicyus> ;-)
<bicyus> i've tryed maas+juju on 12.04 with PPAs...
<bicyus> installing a fress 13.04 now...
<jamespage> bicyus, what problems are you having?
<LargePrime> Dear server Gurus
<LargePrime> i have ssh to my server
<LargePrime> I want to ftp or rsync a dir on a SECOND remote server to My server
<LargePrime> actualy the dir and all the sub dir
<gray--> rsync -avP -e 'ssh -c blowfish' user@remotepc:/dir/ /var/tmp/localdir
<gray--> blowfish, because it's lightweight
<patdk-wk> gray--, only if you using OLD cpu's
<patdk-wk> aes is so much faster
<gray--> well there ya go :)
<LargePrime> 1) i dont want -a cause all perms are changing
<gray--> smoser: next errorâ¦.  mod_wsgi (pid=9561): Target WSGI script '/usr/share/maas/wsgi.py' cannot be loaded as Python module.
<patdk-wk> man rsync?
<gray--> pesky, pesky maas
<gray--> (at the bottom of the stack trace: DBusException: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory)
<LargePrime> ok um sorry and i thank you all i think i no read good
<LargePrime> yes a man rsync as it is a one of
<rbasak> LargePrime: you might find the "A Better Way" section on http://sshmenu.sourceforge.net/articles/transparent-mulithop.html helpful. Then you can get to the far host via ssh in a simple way, at which point rsync becomes trivial.
<LargePrime> i only have ftp credentials for the far host
<LargePrime> rbasak:  reading now
<patdk-wk> if your stuck with ftp, then you will just have to do ftp then
<LargePrime> rsync cant use ftp?
<LargePrime> on the close host i have proper ssh
<patdk-wk> rsync can only use rsync
<patdk-wk> ssh can only use ssh, scp can only use scp, sftp can only use sftp
<LargePrime> so i have rsync on the close host.  i thought rsync could use the ftp credentals to do its magic
<LargePrime> so i have rsync on the close host.  i thought rsync could use the ftp credentials for the far host  to do its magic
<LargePrime> is that incorrect
<LargePrime> ?
<patdk-wk> is there anywhere in the rsync manual that says, supports ftp
<smoser> gray--, shoot. sorry. forgot about you.
<smoser> let me look at that first one again.
<smoser> gray--,
<smoser> sh -c 'while read Iface Destination Gateway Flags RefCnt Use Metric Mask MTU Window IRTT; do [ "$Mask" = "00000000" ] && break; done < /proc/net/route ; echo iface="$Iface"'
<smoser> what does that show for you?
<smoser> i suspect 'iface=""'
<smoser> in which case i will also ask for your 'cat /proc/net/route'
<smoser> LargePrime, i dont hink that rsync can use ftp . it can go over ssh though.
<smoser> rsync user@host:/path/1/ ./target-dir/
<smoser> gray--, i'll ask you to hop into #maas also. and continue this there.
<gray--> smoser: sure, iface=rth0
<gray--> eth0 even
<smoser> odd.
<AtuM> Hi! I'm trying to set up an access point.. I think I'm having issues with driver - I'm using ralink's rt2870 firmware with rt5572sta driver compiled from source.. "iw list" shows nothing at all, whereas "iwlist scan" shows some SSID info on ra0 interface..
<yolanda> zul, any idea why ceilometer dbsync isn't working on testbed? i just install ceilometer-common, but ceilometer-dbsync doesn't create the sqlite database
<yolanda> running it from a saucy chroot works
<zul> yolanda:  nope
<yolanda> i tried running ceilometer-dbsync manually and it seems to connect to database, but it doesn't execute the queries
<LargePrime> ok so let me back up.  I need to get a directory, recursivly from a ftp server to my local server.  what is best practice.  I have ssh to my dedicated, but my connection my interupt
<LargePrime> may inturupt
<smoser> LargePrime, i might try lftp and its 'mirror'
<smoser> there are ftp mirror programs
<bicyus> gray--: after a fresh install of MAAS while installing from CD
<bicyus> it seems there is some python wsgi package missing.
 * zul grumbles
<zul> smoser:  people still use ftp/
<lunaphyte_> failed transfer protocol
<zul> jamespage:  yay we need a newer subunit
<jamespage> zul, unsurprised
<yolanda> zul: http://paste.ubuntu.com/5732671/
<yolanda> running ceilometer-collector
<zul> yolanda:  looks like it needs a new dep
<smoser> bicyus, you can reproduce that ?
<smoser> roaksoax, ^
<yolanda> do you want me to handle this?
<zul> yolanda:  please im fighting regressions right now
<yolanda> ok
<bicyus> smoser: actualy i'm trying to fix it... isn't working
<smoser> roaksoax, ^
<zul> jamespage:  luckily debian has the one we need
<roaksoax> smoser: what do you wnt me to take care of?
<bicyus> Woops!
<jamespage> adam_g, roaksoax: I think that aside from rabbitmq-server all the HA work is now landed
<jamespage> (nice work guys!)
<roaksoax> bicyus: what wsgi python package again? there's no wsig python package
<roaksoax> jamespage: awesome!
<smoser> roaksoax, bicyus and gray-- seem to be having issues with installing maas.
<bicyus> roaksoax: there is a error related to mod_wsig
<bicyus> i'm trying to determine what is it
<LargePrime> smoser: I cant find a good lftp guide.  what should i google
<roaksoax> bicyus: check if the wsgi module has been enabled in apache2
<roaksoax> that might be the issue
<bicyus> i've "sudo apt-get install --reinstall  maas-region-controller"
<bicyus> going to check mod enable
<smoser> LargePrime, http://www.cyberciti.biz/faq/lftp-mirror-example/
<LargePrime> thank you sir
<roaksoax> bicyus: is this raring?
<bicyus> fresh 13.04
<bicyus> maas install from cd instalation process
<roaksoax> let's see
<roaksoax> installed from CD right?
<bicyus> woops again
<bicyus> do you know any copy&Paste webpage?
<bicyus> can't remenber any
<bicyus> to paste apache error log
<bicyus> [error] mod_wsgi (pid=3671): Target WSGI script '/usr/share/maas/wsgi.py' cannot be loaded as Python module.
<roaksoax> bicyus: that might be an error with apache2 other than maas
<roaksoax> bicyus: did you check that mod_wsgi was enabled in apache2?
<bicyus> yes it is
<roaksoax> bicyus: paste.ubuntu.com
<bicyus> ;-)
<roaksoax> rvba: ^^
<roaksoax> rvba: [error] mod_wsgi (pid=3671): Target WSGI script '/usr/share/maas/wsgi.py' cannot be loaded as Python module.
<bicyus> http://paste.ubuntu.com/5732733/
<rvba> bicyus: can you please make sure dbus is started and then restart it? sudo service dbus restart
<roaksoax> yeah that seems to be dbus
<bicyus> sudo service dbus status
<bicyus> dbus stop/waiting
<roaksoax> butchlugrobithat's the reason then
<roaksoax> bicyuthat's the reason then
<roaksoax> the log says it right rhthere :)
<smoser> bicyus, just fyi, 'pastebin' is a wonderful program.
<smoser> oops
<smoser> pastebinit
<smoser>  pastebinit /some/file
<smoser>  some-command | pastebinit
<LargePrime> smoser:  can i bug you
<bicyus> smoser: now your a bug! ;-)
<LargePrime> heh
<smoser> LargePrime, i'm sorry, i dont really have time to help you with general lftp usage. I've used it at times in the past. probalby not in the past couple years though.
<bicyus> new error after dbus service start, http://paste.ubuntu.com/5732755/
<bicyus> rvba: it's working after a reboot, but it's weird dbus had stopped. loking at my command history, i've restarted networking with diferent IPs... maybe that caused the problem ;-
<bicyus> )
<ccssnet> hi all. quick question, will the 701mb iso burn to a cd? or am i stuck using a dvd
<ccssnet> i suppose ill just edit the iso with isomaster and remove 1mb of crap
<ccssnet> ;)
<ccssnet> by all
<ccssnet> bye*
<enraged> Does anyone have OpenSSH 6.2 for Ubuntu 12.04?
<henkjan> enraged: i have 6.1 packaged for precise
<henkjan> http://obit.bit.nl/ubuntu/precise/openssh/
<enraged> ty, I'll give it a look
<henkjan> you could also try to install a deb from http://nl.archive.ubuntu.com/ubuntu/pool/main/o/openssh/
<enraged> Hekjan: Thankyou for this but could you clairfy; This isn't the repositories, so what am I looking at?
<enraged> Henkjan *
<henkjan> enraged: 6.2 is packaged for new releases. i guess you can download the debs and dpkg -i them
<enraged> Henkjan: I meant, what is this storage for/called? Just packages ready for future versions of Ubuntu?
<adam_g> jamespage, i have not pinged anyone re openstack SRU yet
<jamespage> adam_g, okay
<jamespage> smoser, sorry missed the meeting - power went off for 30 mins
<smoser> convenient.
<jamespage> smoser, indeed
<smoser> :). i'll email you your ACTION items.
<daya> can we debootstrap ubuntu amd64 10.04
<enraged> I want to install OpenSSH 6.2 on a server I ssh to running Ubuntu 12.04. Can anyone help me identify which of these packages is appropriate? http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/
<sarnold> enraged: why do you need a specific version?
<enraged> What do you mean a specific version?
<enraged> Sarnold - I just need sshd which I understand has client dependencies, so I want to know which package will work.
<mdeslaur> enraged: the only version that's appropriate is 5.9p1 that came with 12.04
<sarnold> enraged: what's wrong with the version you get with "apt-get install openssh-server" ?
<enraged> Sarnold: Oh, I see what you mean; I want 6.2 for it's new authenticationmethods configuration option.
<enraged> Sarnold: Right now I'm just trying to figure out which of these packages/tarballs is appropriate for my server.
<parallel21> I've updated the path variable in /etc/environment to include an additional path and I've restarted the machine, but I'm still not seeing the path variable being updated
<enraged> Sarnold: Since sshd has the client dependency, I'm guessing I have to install both client and server versions, but then I am not sure if it's openssh_6.2.... or ssh_6.2... I need.
<henkjan> enraged: obit.bit.nl is the repo from my employer :)
<sarnold> enraged: hrm, that configuration option does not seem particularly useful on a PAM-based system.. couldn't you configure the same thing with /etc/pam.d/sshd ?
<enraged> I use ssh keys to login; keys bypass pam.
<sarnold> hrm.
<sarnold> enraged: for 12.04 LTS, only 5.9p1 is supported; you could try recompiling saucy's 6.2p2 version, but it wouldn't be supported..
<enraged> Could you explain to me what the hell the numbers after the p represent?
<enraged> I never understood this
<enraged> Because there's an openssh_6.2p2-3 and an openssh_6.2.p2
<sarnold> enraged: the 'p' versions are 'portable' -- all the stuff needed for non-openbsd (e.g. pam support) -- I believe the versions after the p are which release the 'portable' people have made
<sarnold> enraged: .. the -3 represents the third version of the package from Debian -- though there's nothing that says -1 or -2 were released..
<enraged> Sarnold: Ah, thankyou very much
<enraged> sarnold: So to be absolutely clear, I'm after openssh or ssh from this pool?
<enraged> sarnold: And yeah, as you have pointed out, I almost never download unsupported, non repository software, which is why I am annoying you so much with this.
<sarnold> enraged: perhaps the thing to do is ask the backports team to prepare a backport of 6.2 for 12.04 LTS; that'd get you the archive and the version.. though it might be a while, I understand they have some backlog..
<rbasak> jamespage: is there a bug on the golang armhf FTBFS?
<jamespage> rbasak, nope
<rbasak> OK. I'll create one in the morning with details.
<rbasak> We need a dpkg task.
<parallel21> How does one update the global path variable on the machine and not just locally. I've updated /etc/environment but the change does not seem to be taking
<sarnold> parallel21: a fair number of shell startup scripts may override what is set by pam_env; check /etc/*rc /etc/*profile* and ~/.*rc ~/.*profile and so on...
<yolanda> zul, found one of the problems with ceilometer, config settings have changed, now connection is under a [database] section
<yolanda> dep-8-tests rocks!
<yolanda> i can take care of it tomorow
<parallel21> sarnold: I've been running /bin/sh sudo'd as a user with no home folder and then echoing out the PATH variable. That should allow me to get around any startup scripts and view just generally inherited global variables, right?
<adam_g> jamespage, just noticed some of the security bugs we referenced in our rebase might be throwing off SRU tracking of the openstack stuff for nova + keystone in quantal.  http://people.canonical.com/~ubuntu-archive/pending-sru.html
<adam_g> jamespage, i added ubuntu tasks to those bugs and closed them, hopefully that'll drop em from the tracker
<sarnold> parallel21: depends upon how you started the shell that you used to start your sudo command
<parallel21> sarnold: shucksâ¦ how do I know what global variables are set?
<adam_g> zul, http://people.canonical.com/~agandelman/ca/folsom/python-keystoneclient_0.2.3-0ubuntu2.2~cloud0/
<jamespage> roaksoax, is there a good way to see the hardware data that maas collects?
<jamespage> some of my tags are not working as expected for larger nodes
<roaksoax> jamespage: i guess check in the DB
<roaksoax> jamespage: it's one of the plans to get this info easily readeable
<roaksoax> rvba: i don't take you are still around?
<Nolar2> anybody else having issues with ubuntu ec2 natty apt repo?
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/natty-security/main/source/Sources  404  Not Found [IP: 91.189.92.190 80]
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/natty-security/universe/source/Sources  404  Not Found [IP: 91.189.92.190 80]
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/natty-security/main/binary-amd64/Packages  404  Not Found [IP: 91.189.92.190 80]
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/natty-security/universe/binary-amd64/Packages  404  Not Found [IP: 91.189.92.190 80]
<Nolar2> Err http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ natty/main libgomp1 amd64 4.5.2-8ubuntu4
<Nolar2> ec2-54-224-245-242.compute-1.amazonaws.com   403  Forbidden
<Nolar2> etc....
<Nolar2> Failed to fetch http://us-east-1.ec2.archive.ubuntu.com/ubuntu/pool/main/g/gcc-4.5/libgomp1_4.5.2-8ubuntu4_amd64.deb  403  Forbidden
<sarnold> Nolar2: natty was end-of-lifed six months ago. natty's replacement was end-of-lifed one month ago. Time to upgrade. :)   https://wiki.ubuntu.com/Releases
<Nolar2> ya, doesnt mean the repo is deleted
<Nolar2> was working fine yesterday
<sarnold> Nolar2: perhaps the space has finally been reclaimed..
<smoser> sarnold, yeah, you need to upgrade. i'm surprised it worked yesterday.
<zul> adam_g:  +1
<smoser> http://old-releases.ubuntu.com/ubuntu/ is your friend.
<zul> rbasak:  still with us?
<keithzg> Why are all my machines that I've upgraded to 13.04 still telling me I should update to 13.04? That seems . . . sloppy.
<sarnold> keithzg: I think I saw a bug for that..
<keithzg> Aha, yeah: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1173209
<uvirtbot> Launchpad bug 1173209 in ubuntu-release-upgrader "Prompted about New Release for 13.04 again after dist-upgrade and a restart" [Low,Fix committed]
<bitbyte> hey random question
<bitbyte> any of you guys work in a datacenter
<patdk-wk> someone working in a datacenter wouldn't be in this channel
<patdk-wk> the last thing they would worry about is ubuntu, more concerned with physical security, power, routing
<sarnold> and hearing protection? :)
<bitbyte> \just asking
<patdk-wk> :)
<bitbyte> I'm applying for a job and have phone interview and was wondering what theirs might have been like :)
<pmatulis_> i wouldn't say that the average person in this channel is "worried" about ubuntu.  anyone can be in here, no matter what their job is
<oblivian> I want apache2 to be default restrictive so I added <Directory /> deny from all... etc. in httpd.conf. That's the correct file if I want the directive to be global for alle vhosts, etc?
<oblivian> Also Options None in the same directive.
<oblivian> I see the default server config file has the same directive, but I am not 100% sure that will propagate to all vhosts since it's in a VirtualHost directive.
<oblivian> I'd rather allow access and options on vhost basis and deny all and everything by default.
<SpamapS> oblivian: if you put it outside the vhost it is a "server config"
<SpamapS> oblivian: http://httpd.apache.org/docs/2.2/mod/core.html#directory
<oblivian> Well, I want it to be a "server default". Where do I put the directive to make in "global"?
<oblivian> I've put it in httpd.conf for now. But it also in the default server config file. But it is in a VirtualHost directive, so I am not sure it will propagate to additional vhosts as default...
<oblivian> OK, I read the link. From what I gather httpd.conf is the place to put the directive to make it a global default.
#ubuntu-server 2013-06-05
<CaptainShiner> Can anybody recommend a fast/stable RDP client for Ubuntu?
<sarnold> CaptainShiner: 'remmina' is in main, that's gotta count for something, but there's a handful of questions like this at askubuntu.com, so perhaps it isn't best for everything :)  http://askubuntu.com/questions/148159/remmina-remoteapp-over-rdp
<CaptainShiner> Thanks for your help sarnold
<CaptainShiner> I did try it, wasn't impressed with performance. I'm forcing myself to use ONLY  Ubuntu to become more familiar, but I still have to connect to some Windows VM's and whatnot
<CaptainShiner> I'll live though. Isn't 'unuseable', just not as buttery smooth as the native RDP in Windows.
<keithzg> CaptainShiner: Personally I quite like KRDC, but then again, I run KDE :)
 * keithzg may be biased...never entirely like GNOME-style apps. Of course, the upside of Linux is that you can run whatever app you want in whatever desktop environment you want, and the worst that's likely to happen is it might look a bit ugly ;)
<keithzg> s/like/liked
<cheese1756> How to I run the btsync Ubuntu server package as a non-root user?
<sarnold> I can't find any information about btsync in any supported ubuntu distribution..
<cheese1756> The packages are only unofficial for now
<sarnold> cheese1756: you'd need to set the listening port to something above 1024
<sarnold> cheese1756: and store the pidfile someplace you have write privileges
<cheese1756> sarnold, Ah, thank you
<sarnold> reminds me a bit of tahoe-lafs .. wonder how well it'll work out
<Senor> How can i install vedio card for ubuntu-server version 12.04
<Senor> How can i install vedio card driver for ubuntu-server version 12.04
<PryMar56> Senor, my ubuntu-server uses uvesafb
<Senor> uvesafb?
<Senor> PryMar56: I need dowload uvesafb from somewhere ,then install it ?
<Senor> PryMar56:Is it for text command line mode?
<PryMar56> yes
<PryMar56> Senor, install ubuntu-server, then run tasksel and choose one of the desktops
<PryMar56> if you want a full GUI
<PryMar56> Senor, ubuntu-server runs very sweet and stable in text mode with 300-500 packages
<Senor> I do not want a GUI,just command line is ok
<Senor> PryMar56:Is there manual for that?
<PryMar56> Senor, did you start with the ISO called ubuntu-server? its a very easy install
<PryMar56> I think I put `text` on my grub cmdline
<PryMar56> yea, `cat /proc/cmdline ` shows that
<Senor> PryMar56:yes,I have installed it use ubuntu-server iso
<Senor> PryMar56:If I only need command mode ,no gui, need I install driver for vedio card ?
<PryMar56> Senor, no driver needed.. it will use a frame buffer driver which is provided
<Senor> PryMar56: well
<PryMar56> /lib/modules/3.0.0-17-server/kernel/drivers/video/uvesafb.ko
<sarnold> Senor: try adding vga=ask to your kernel command line, if the framebuffer stuff doesn't work
<Senor> PryMar56 : the problem is my command line is in disorder ,not regular
<Senor> sarnold:it just put the command line at the middle of one line?
<sarnold> Senor: somewhere in the kernel command line where it cannot be mis-parsed.. middle, beginning, end, whatever :)
<sarnold> just be careful where you put..
<Senor> I mean the shell command line ,not kenel boot command line
<zipper> I suppose this is less of an Ubuntu-specific question, but it couldn't hurt to ask if someone here knows. If I have a dial-out modem on my computer, would it be possible, in theory, to use it to extract caller-ID data from my home phone line?
<xlaire> hello
<xlaire> is ubuntu server can be installed on usb?
<zipper> Yes, but it might require some tinkering if your computer's BIOS doesn't support booting from a USB device
<xlaire> it does support
<xlaire> ty for answering my question
<Senor> continue with my topic
<zipper> xlaire: A quick search on Google will bring up some guides on how to "burn" an .iso file to a flash drive
<xlaire> no install the OS ubuntu server on USB instead on a hard drive
<zipper> Oh, I see
<zipper> Just a moment, I'll find a link for you
<xlaire> nice
<zipper> xlaire: http://www.debuntu.org/how-to-installing-ubuntu-linux-on-a-usb-pendrive/
<xlaire> ty
<zipper> Not a problem
<xlaire> how come to find this and i didnt find
<xlaire> lol again ty
<zipper> I can find things on Google better than most
<Senor> why it  now prompt at the middle of one line?
<Senor> like this :                                              localhost~:
<xlaire> lol
<xlaire> try clear screen
<broken_stack> having trouble installing lampp stack on 13.04 desktop: http://pastebin.com/XvTDqktZ
<SpamapS> broken_stack: do you have a web proxy between you and the archive?
<SpamapS> WARNING: The following packages cannot be authenticated! libaio1 mysql-server-core-5.5 mysql-server-5.5 libapache2-mod-php5 php5-gd php5-mysql php5-xsl apache2
<mike00> im going to be deploying a few ubuntu servers on different networks behind customer firewalls without access to port forward. what are some says I can get access to these machines to trouble shoot remotely?
<ruben231> hi guys i have mount nfs manually and set it on my fstba, but during reboot my nfs mount disappear, any idea..
<sarnold> ruben231: did you ever add 'defaults' to your fstab?
<ruben231> http://pastebin.com/QPRbeZm1
<broken_stack> mike00: no i just have something wrong with my gpg keys for a few of the offificial repos. no ones been able to help me with that beyound "remove PPAs and any other sources you have added" i have added nothing. it has errored out on apt-get update since fresh install
<mike00> wrong person
<broken_stack> mike00: Remote Desktop Viewer should work (or other apps like teamviewer)
<mike00> im not using X
<broken_stack> SpamapS: no i just have something wrong with my gpg keys for a few of the offificial repos. no ones been able to help me with that beyound "remove PPAs and any other sources you have added" i have added nothing. it has errored out on apt-get update since fresh install
<ruben231> sarnold: ..?
<sarnold> ruben231: you still don't have the correct fourth field in your fstab... check man 5 fstab for details.
<AtuM> Hi! Can anyone tell me how to check if my usb wifi adapter can perform as access point?
<broken_stack> i cant imagine why it couldnt
<sarnold> 'cause wireless is annoying at best :)
<daya> I am preparing lucid live CD from scratch using debootstrap, is it possible to use kernel 3.0 for it?
<Senor> why commnd line prompt at the middle of one line?
<jamespag`> roaksoax, smoser: I see this bug alot in the HP lab - bug 1187704
<uvirtbot> Launchpad bug 1187704 in maas "Juju/MAAS provider interaction fails with "ERROR Nonce already used"" [Undecided,New] https://launchpad.net/bugs/1187704
<yolanda> jamespage: https://code.launchpad.net/~yolanda.robla/ceilometer/refresh-db-patch/+merge/167493
<bicyus> ;-) hello hello!
<hackeron> hey, I have this in my /etc/init/myserver.conf file < http://pastie.org/8009349 - but for some reason, when I run service myserver stop it says stopped but the puma process remains running. Any ideas?
<rbasak> jamespag`: I've filed bug 1187722.
<uvirtbot> Launchpad bug 1187722 in golang "dpkg-shlibdeps fails on armhf ELF binaries that do not define architecture specific information" [High,Confirmed] https://launchpad.net/bugs/1187722
<jamespag`> rbasak, thanks for investigating that issue
<jamespag`> had me stumped
<Senor> my wireless nic is not lighting ,is this due to no driver found for it?
<rbasak> I'm not sure server people will really be able to help you with wireless NICs. Try #ubuntu?
<ShapeShifter499> hi
<yolanda> zul, we are having a problem with ceilometer and kombu, our kombu version is updated, and makes ceilometer crash, should we refresh the kombu package?
<zul> yolanda:  whats the problem first?
<yolanda> zul, take a look at openstack-metering, conversation there
<zul> yolanda:  er...ok ill have a look
<yolanda> great
<yolanda> i did a fix also for connection, they changed the database parameter in config
<zul> k
<bicyus> guys, have MAAS server on 13.04 and 5 nodes ready to be deployed with 12.04.
<bicyus> if i want to use Ubuntu Cloud Archive on these nodes, do i need to ssh in and add the repository manualy?
<zul> bicyus:  yes for now
<bicyus> ok
<bicyus> i thought maybe it was done with  "source: 'cloud:precise-updates/grizzly'" on juju openstack.conf
<bicyus> thanks zul ;-)
<Psi|4ward> anyone have apache 2.4 running on 13.04?
<yolanda> jamespage, zul: https://code.launchpad.net/~yolanda.robla/glance/havana/+merge/167555
<hXm> hi
<hXm> after a apt-get upgrade it says i should reboot
<hXm> what can happen if i dont?
<Pici> hXm: You normally see that after a kernel upgrade. If you don't reboot you'll just be running on the older kernel.
<hXm> else updated packages will be run up to date?
<Pici> Yes.
<hXm> ah, i have fear of reboot
<hXm> is a dedicated server and not sure if it will run again
<hXm> self paranoia
<Pici> Thats a lot of paranoia.
<hXm> haha yes :)
 * genii ponders ksplice
<RoyK> hXm: if glibc is updated, it should be rebooted as well. see /var/run/reboot-required.pkgs
<mgriffin> did someone see sinnernyx asking about unattended install of mysql-server-5.5 packages? the problem was he didn't set DEBIAN_FRONTEND=noninteractive
<jamespag`> smoser, are you aware of any odd issues with cloud-config not running on raring?
<jamespag`> I've just seen it happen on 5 nodes out of 6
<jamespag`> all big hardware
<jamespag`> the 12 virtual machines worked just fine
<smoser> jamespag`, no.
<jamespag`> smoser, logging into the machine and running start cloud-config fixed it up
<smoser> can i see a failed system ?
<jamespag`> smoser, yes
<smoser> jamespage, it seems to me that this just has to be a upstart bug
<smoser> :-(
<smoser> cloud-config just isn't starting
<smoser> and it is:
<smoser> start on (filesystem and started rsyslog)
<smoser> and rsyslog is : rsyslog start/spawned, process 1656
<smoser> and rsyslog upstart job is: start on filesystem
<smoser> so if rsyslog is running, then 'filesystem' has to have occurred, and rsyslog is 'started'
<jamespage> smoser, bah humbug
<jamespage> it sometimes starts
<jamespage> seems OK on smaller hardware (maybe less race potential)
<smoser> i'm asking slangasek
<smoser> in ubuntu-devel
<smoser> but that little snippet above seems logic-error free to me
<smoser> jamespage, well, we found the root of the issue (i think)
<railsmagnet> If my server has more than 1 IP address available .... do I need to those IP addresses to the network interface ... to be able to use them ?
<RoyK> railsmagnet: why more IPs?
<railsmagnet> multi IP hosting .... I have multiple rails app running
<railsmagnet> for example myapp.com  points to an IP
<railsmagnet> and my anotherapp.com points to 2nd IP
<RoyK> if it's just web, you can use virtualhosts in apache
<RoyK> otherwise, just assign multiple IPs to the same NIC
<RoyK> "up ip addr add x.x.x.x/y dev eth0"
<RoyK> in the interfaces file
<sarnold> railsmagnet: that's mostly useful if you're hosting TLS secured sites..
<RoyK> sarnold: TLS/SSL traffic can be used over same-ip connections as well with HTTP
<railsmagnet> oh okay. so should I just add the line  "up ip addr add x.x.x.x/y dev eth0"  to the interfaces file
<railsmagnet> and then do ifup -a ?
<sarnold> RoyK: yeah, but SNI support isn't ubiquitous (yet)
<RoyK> afaik it works on most stuff except elderly IE versions
<RoyK> railsmagnet: no, just run the command as written without the "up"
<railsmagnet> what is Y ? netmask ?
<jcastro> roaksoax: hi! http://askubuntu.com/questions/288681/juju-with-maas-error-file-provider-state-not-found
<railsmagnet> RoyK, I had 2 NIC on the machine so I add the additional IP to eth1
<railsmagnet> is that a bad idea ?
<RoyK> should work
<RoyK> but no need to complicate things if the bandwidth on eth0 is sufficient to handle the load
<RoyK> y is the number of bits in the netmask, as for 255.255.255.0, y=24
<railsmagnet> ah okay. thanks
<roaksoax> jcastro: done
<SpamapS> utlemming: most annoying thing about automated cloud image updates it that they are _WAY_ too frequent.
<SpamapS> utlemming: I am downloading a new cloud image every 3 days. :p
<utlemming> SpamapS: that's a better problem than six months for a new image
<SpamapS> utlemming: agree that up to date automated images are good. Not sure if 3 days is the right interval tho. :-P
<SpamapS> it would help if my connection to cloud-images.ubuntu.com wasn't suffering 91% packet loss
<jcastro> I thought it was ~3 weeks not 3 days
<jcastro> following the kernel releases no?
<utlemming> SpamapS: it shouldn't be three days...last week was an anomoly. There was a bug in the testing framework that I fixed which caused a set to be promoted and then the set that happend this week. That shouldn't happen again. What was happening is that one of the tests was time out waiting on EC2 to fire up 40 instances.
<utlemming> jcastro: that is correct, it should be about ~3 weeks. This set is an anonomoly.
<SpamapS> utlemming: I have been seeing them every few days for a few weeks now... certainly once per week.
<SpamapS> http://paste.openstack.org/show/38150
<SpamapS> perhaps pass that along to IS? seems quite unhealthy.
<jcastro> hey lodgeit!
<jcastro> we have a charm for that!
<sarnold> lol
<utlemming> SpamapS: done
<SpamapS> jcastro: do you have your IRC client programmed to do that?
 * SpamapS tests
<SpamapS> mediawiki
<SpamapS> nyancat
<jcastro> hey! We have a charm for that!
<SpamapS> yourmom
<jcastro> SpamapS: this will make you laugh. IS updated the nyancat charm to include the tarball instead of pulling from git.
<SpamapS> jcastro: well it has to be stable!
<jcastro> that thing needs to be _predictable_!
<SpamapS> we can't just run rough shod over the pillars of good system administration
<utlemming> SpamapS: IS says that Level3 treats ICMP traffic as unimportant, so your packet loss isn't trust-worthy.
<SpamapS> makes sense
<SpamapS> utlemming: well I got about 600kbit and I have 20Mbit available here.
<SpamapS> errr
<SpamapS> thats kBps so ignore me
<SpamapS>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
<SpamapS>                                  Dload  Upload   Total   Spent    Left  Speed
<SpamapS> 100  189M  100  189M    0     0   441k      0  0:07:19  0:07:19 --:--:--  637k
<utlemming> SpamapS: I have 20MB and I am getting 1.5-2.5MB/s
<SpamapS> I've always had shoddy access to the london hosted things
<utlemming> SpamapS: you must have comcast or some other shady ISP that does traffic shaping.
<SpamapS> utlemming: time warner, and sometimes I download the cloud images in 60s
<TechIsCool> Hey everyone I am trying to get iperf to work with -r and I can't seem to get it to work. Anyone know why it just crashes the server or timesout
<Broken_Stack> help? I have installed lamp_server and apparently curl is installed but the php script i am trying to run says "curl library not enabled"
<sarnold> Broken_Stack: did you install php5-curl, too?
<Broken_Stack> apparently not
<Broken_Stack> yup that fixed it. thanx sarnold
<sarnold> Broken_Stack: woot. :)
#ubuntu-server 2013-06-06
<halvors> Hi! Seems like AppArmor is blocking bind, anyone know how to fix that?
<halvors> Jun  6 01:03:58 s2 kernel: [ 4787.970523] type=1400 audit(1370473438.770:18): apparmor="DENIED" operation="link" parent=1 profile="/usr/sbin/named" name="/var/lib/bind/db-leUm8nfK" pid=5161 comm="named" requested_mask="l" denied_mask="l" fsuid=0 ouid=0 target="/var/lib/bind/drommelan.com.hosts"
<sarnold> hey halvors
<halvors> sarnold: Hi! :)
<halvors> I'm trying to sync from master dns server to slave dns server.
<halvors> Syncing works, but seems like apparmor is blocking BIND to save the zones to disk :(
<sarnold> halvors: in /etc/apparmor.d/usr.sbin.named you'll need to add a line like "link /var/lib/bind/db-* /var/lib/bind/*.hosts,"
<sarnold> sigh
<sarnold> halvors: in /etc/apparmor.d/usr.sbin.named you'll need to add a line like "link /var/lib/bind/db-* -> /var/lib/bind/*.hosts,"
<sarnold> (note the '->')
<halvors> sarnold: Thank you very much :) That works like a charm :D
<sarnold> halvors: excellent; would you mind filing a bug against bind with this?
<cellofellow> I'm setting up an email hosting service. Main customer uses Mail.app on Mac OS X, which when you add an account tries to connect to autodiscover.example.com. Currently that will just serve up a redirect webpage.
<cellofellow> Question: how do find docs on implementing this autodiscover magic?
<qman___> said autodiscover is an MS exchange thing
<qman___> so unless you have MS exchange or an exchange compatible server, it won't do you any good
<cellofellow> ok
<cellofellow> Dumb thing is we have *.mydomain.com resolving in DNS, so it still hits something when it looks for autodiscover instead of just moving along.
<cellofellow> so, there's no way to implement that exchange thing?
<qman___> yeah, that's just one of many reasons that wildcard DNS is a pain
<qman___> you'd need an MS exchange compatible server such as zimbra or openchange
<qman___> and then you'd have to make autodiscover point at it
<cellofellow> hm
<qman___> (that assumes those support autodiscover, I don't know if they do(
<cellofellow> hey, thanks
<cellofellow> Gonna stick to dovecot+postfix, and let Mail.app be painful I think.
<qman___> easiest workaround would be to make autodiscover point to an unresolvable location
<cellofellow> true
<sarnold> can you add a rule just for that to aim for 127.0.0.1? or add something in your webserver to handle that location with a 404 or 403? perhaps some combination would make it not so painful..
<qman___> right, if you set up a public A record for it pointing to 127.0.0.1 it would fail quickly
<qman___> or if you're concerned about people having local web servers, 127.255.255.255
<qman___> since pretty much nothing is going to bind to that
<sarnold> heh, nice
<halvors> sarnold: I don't know if it's a bug, i've been using Webmin, and the zones are saved in a different place than usual on Ubuntu. So i don't think it actually should be fixed? :)
<qman___> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<qman___> that's why
<halvors> Or, wait? Does it save them in the actual right place?
<sarnold> halvors: sadly I don't know enough BIND to know ..
<halvors> qman_: I know, and thats whay there shouldn't be any bug reports...
<sarnold> halvors: but at least a bug report might save the next guy a bit of trouble
<sarnold> .. and get the problem in front of someone who probably knows bind better than I do :)
<qman___> that's really all it is, webmin is saving things in a different location
<qman___> the apparmor profile is really strict on bind, due to its long history of exactly that sort of exploit
<sarnold> oh right, qman___ knows bind :) hehe
<qman___> people have been chrooting bind for a decade
<qman___> so, in order of preference, don't use webmin, modify the apparmor profile, or turn off apparmor
<halvors> qman___: :)
<halvors> qman___: I know Webmin isn't supported, but i've been using it for years, never had a problem like this. The only reason i asked is that i don't actually knows AppArmor :)
<qman___> problems like this one are exactly why we have that bot message
<halvors> So Webmin is working well, even if its not supported :) There is actually nothing like it out there (As far as i know) :)
<qman___> webmin does silly things that leave nasty surprises under some circumstances
<halvors> qman___: But it's easy to modify webmins default configuration so that it works :)
<halvors> This is an example of that, it's not a crash :)
<mgw> smoser: just read http://ubuntu-smoser.blogspot.co.uk/2013/02/using-ubuntu-cloud-images-without-cloud.html
<mgw> In relation to this, I have a question about how one would use a custom cloud-init data source (with the api described here: https://cloudinit.readthedocs.org/en/latest/topics/datasources.html) instead of a data source file.
<mgw> does anybody know how to do that?
<sarthor> Hi, what software or package I will need that my ubuntu-server can translate pdf files to postscrip for my network dot matrix printer
<sarnold> sarthor: ghostscript has a pdf2ps tool
<sarthor> sarnold: ghostscrip-cups installed already and my printer is printing raw text, any Idea?
<sarthor> sarnold: using frontaccounting software on ubunter-server and printer is shared on win7 pc. using lpr protocal
<sarnold> sarthor: perhaps the printers.conf (iirc) from cups lets you specify a filter for certain file types..?
<sarthor> sarnold: here is one image https://www.dropbox.com/sh/e8390d5gbqbolb9/Tihn1su5l-#f:Front-Accounting-Network-printer.png
<sarthor> that 192.168.1.148 is winodws 7 machine and printer is installed and shared on that pc.
<sarthor> sarnold: as I am not an expert, but I think it will not need any cups or translator?
<sarnold> sarthor: no idea there, I've not done windows printing since NT 4 ..
<sarthor> sarnold: great, Thanks brother, Googling.
<sarnold> sarthor: good luck :)
<resno> hey yall. i need some suggestions about things to install.
<resno> i've got monitoring setup, should i be aggregating logs?
<Chunky56> can anyone help me with a raid issue?
<mgw> What's the best way to take a prebuilt cloud image and add some more packages to it?
<Chunky56> I'm not sure anyone is here to answer questions
<Patrickdk> chunky, it helps if a relevent question is asked
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Patrickdk> since you failed to ask a proper question, I cant answer you
<Patrickdk> and since I'm going to bed now, good luck
<Chunky56> oh sorry
<Chunky56> I was away from this window for a sec
<Chunky56> Well if anyone is reading and can help, I have a software RAID5 array on Ubuntu Server and one of my hard drives died. I got a new one and was trying to add it, but accidentally set faulty one of my OTHER hard drives, and now cannot add this other hard drive back into the array
<Chunky56> How do I manually add this other hard drive that still has the raid data and still knows it was part of the array back into the array?
<qman___> Chunky56, relevant to you: http://www.linuxquestions.org/questions/linux-server-73/mdadm-raid-5-single-drive-failure-644325/
<qman___> basically you force assemble
<qman___> then add the new drive and it rebuilds
<Chunky56> I see the command at that link--do I use the existing /dev/md127 (which is what my raid is called) or do I specify a new one?
<Chunky56> The mdadm --assemble --force /dev/md0 <device 1> <device 2> ... <device N> command I mean
<Chunky56> I want to make sure the command I run is correct--so if I have 3 devices currently connected (my new fourth hard drive is not plugged in yet), called /dev/sdb1, /dev/sdc1, /dev/sdd1 and my raid array is /dev/md127, then is the command i use 'sudo mdadm --assemble --force /dev/md127 /dev/sdb1 /dev/sdc1 /dev/sdd1'?
<Chunky56> qman___, I tried to force assemble but it says 'mdadm: cannot open device /dev/sdb1: Device or resource busy'--does this mean I should stop the array first or something?
<qman___> yes
<Senor> iwlist wlan1  scanning, it output many IE:unknown ......
<Senor> Is this output normal?
<Chunky56> qman___, thank you so much--it's at least back to its degraded state!
<sgrover> Need help.  12.04-lts server.  /boot filled up and an upgrade failed.  I've purged all older kernels.  apt-get -f install still fails with an unmet dependency for linux-image-3.2.0-41-generic-pae not being installed.  I can't get around this and am beginning to not trust a reboot...
<sgrover> I've tried all the tricks mentioned here http://askubuntu.com/questions/296578/i-have-purged-the-current-kernel - but when they say to run the apt-get -f install command, it still fails for me.
<sgrover> (that page is a decent summary of the tricks I've seen posted....)
<sarnold> sgrover: compare your ls /boot  against  dpkg -l | grep linux-image  -- you'll need to make sure at least one kernel image is left in /boot and that specific package is still installed..
<sgrover> I have linux-image-3.2.0-45-generic-pae (and related files) in /boot, and it is marked as "ii" in the dpkg -l.
<sgrover> But there are others listed in the dpkg -l as well...  Do I need to purge those?
<sgrover> er, others with ii
<sarnold> sgrover: you ought to delete whichever ones no longer have corresponding kernels on disk
<sgrover> except for the virutal one.. (linux-image-generic-pae) - working on it.
<sgrover> k, I only have linux-image-3.2.0-45-generic-pae and linux-image-generic-pae listed in the dpkg -l, and only the -45 files in /boot.  the apt-get -f install still fails with "linux-image-generic-pae depends on linux-image-3.2.0-41-generic-pae"
<sgrover> (btw, thanks for the suggestions sarnold!)
<sarnold> sgrover: hrm. maybe.. delete linux-image-generic-pae as well, get the rest of your package database happy, then re-install linux-image-generic-pae after another apt-get update
<sarnold> sgrover: (my 12.04 LTS schroot shows linux-image-generic-pae depends upon -45. I wonder why yours is -41...)
<sgrover> guess I can't really hurt things worse... :)  was worried that purging the generic would make things unstable...
<sarnold> hehe
<sgrover> If worse comes to worse, I can recover the drive in other ways (new install/setup/etc... time consuming, but do-able...)
<sgrover> hmm.. in the dpkg -l, it says right there that linux-image-generic-pae wants 3.2.0.41.49, whereas linux-image-3.2.0-45-generic-pae wants 3.2.0-45.70... you may be on to something...
<sgrover> no joy.  it tries to re-add the linux-generic-pae package, but that is depending on 3.2.0.41.49.  And I just did an apt-get update...  I'll check for rogue repositories....
<sarnold> sgrover: hrm.
<sgrover> My sources.list file is the default, and my extra repositories is only the pitti-postgresql repo.  I've removed those for now.
<sgrover> (the pitti files seem to be marked for "maverick", so could be referring to older packages even...)
<sarnold> sgrover: aha, probably it would be worth to try to move those to precise
<sarnold> sgrover: .. but they probably aren't involved
<sgrover> shouldn't need them anymore - they were only so PostgreSQL 9.1 could be installed at the time...
<sarnold> ah
<sgrover> BUT, I *may* be fixed.
<sgrover> linux-generic-pae was also depending on 3.2.0.41.49.  Purged that and the apt-get -f install *seems* to be working - not reporting the same error at least.
<sgrover> now it is reporting that it is ignoring the 'pitti-posgresql' files in /etc/apt/sources.list.d  (I renamed em with a .bkup extension, so now apt doesn't know what to do with em.)
<sgrover> I think I'm fixed.  apt-get upgrade is running now....
<sarnold> sgrover: excellent!
<sarnold> sgrover: now try adding back the linux-generic-pae once it's done, so you get upgrades in the future..
<sgrover> done already.  And dpkg -l nicely reports it depends on -45.x now...
<sgrover> Thanks bunches for the support/assistance/encouragement... :)
<sarnold> sgrover: glad it worked out :)
<sgrover> Oh and I'll need to make sure PostgreSQL will be handled properly without the PPAs.
<sarnold> should be, pitti takes care of the package for the distribution as well :)
<sgrover> yep, it looks like it's going to be fine without the PPAs, but I don't want to just toss em quite yet...
<sgrover> sarnold: k. I'm calling it a night (1:13am here...).  Thanks again and have a great night/day!
<sarnold> sgrover: thanks, goodnight
<adam_g> jamespage, w00t both folsom and grizzly point releases got released to -updates. both CA -proposed pockets should be good to move to -updates
<adam_g> jamespage, actually i lied, precise-folsom proposed keystone is lagging behind our last rebase: http://people.canonical.com/~agandelman/ca/folsom/keystone_2012.2.4-0ubuntu3/
<jamespage> adam_g, yeah - but we have exactly the same code in the CA
<jamespage> that last update just fixes a ftbfs
<jamespage> adam_g, I'll process that today
<abhi_> Hi there everyone. I recently got a pdf file with a cert file (PFX). I even got a "key" to open the "PFX file". I can successfully install the pfx file in MS Windows 7 and open the PDF file there. I am "super new" to Ubuntu. Can anyone please tell me how to install/import PFX into Ubuntu ? I am currently using Ubuntu 13.04. Please help...
<rbasak> abhi_: sounds like you want #ubuntu for help, rather than this server-specific channel. Try there?
<yolanda> hi, anyone knows about vgs command? which package provides it? i'm unable to find it
<Enich> Hello Nagios guys, i am installing a Nagios3 server  on a ubuntu, it promts me for the Password for the NagiosAdmin when i install.  Would anyone know a clever way to install without promting for the password?  i was thinking either by defining it before installation in a variable of sorts, or installing it without a password and then doing a htpasswd -b nagiosadmin $password.   I am doing unattended installations (for non production educational environ
<Enich> ments)
<Enich> yolanda,  lvm2 ?
<Enich> $vgs   tells me that you need to install lvm2
<yolanda> damn, i tried "lvm" without the 2
<rbasak> yolanda: it's lvm2
<yolanda> thx
<rbasak> yolanda: I used "apt-file find vgs" - it needs setting up first but is really helpful for this kind of query.
<Enich> yolanda, if you fire up a command that isnt installed or isnt present, you will often be told which package it is part of :)
<abhi_> I log into my ubuntu 13.04 and click on the PFX file. It (CERT_SYSTEM_STORE_CURRENT_USER_My_0_Pushpendra.pfx) says The contents of 'CERT_SYSTEM_STORE_CURRENT_USER_My_0_Pushpendra.pfx' are locked. In order to view the contents, enter the correct password.. I enter the password for the PFX key  and click "Ulock" . I dont have any idea as to what to do next. PLEASE HELP HELP HELP...
<yolanda> yes, with apt-search i was unable to find it
<Enich> Unattended Nagios3 installation anyone ?
<rbasak> abhi_: did you see my message? If you're clicking on something, you're in the wrong channel. This is a server channel. Please go to #ubuntu for help with your desktop.
<yolanda> jamespage, zul: https://code.launchpad.net/~yolanda.robla/cinder/havana/+merge/167726
<Siebjee> Does any one has experianced performance differences with Ubutntu 12.04 LTS and Dell Poweredge M610
<bicyus> op... op... op... op-op!
<linocisco> hi
<yolanda> jamespage, zul, i'm working on squid3 tests. I have a problem, that the squid3 has been converted to upstart. And now i have to use the start/stop squid3 commands. But a stop without any started process gives error. What should be the better way to only stop the service if it was running? Checking with a pidof?
<zul> yes
<sarthor> Need help. when I send print to my printer,the error logs say,  +0300] Unable to encrypt connection from localhost - An unexpected TLS packet was received
<codepython777> update-rc.d nginx defaults â> Tells me â> System start/stop links for /etc/init.d/nginx already exists â> But nginx does not start at boot
<codepython777> anyone running nginx ?
<tohuw> codepython777: If you don't get a response for some time, try repeating your question rather than asking an "anyone" question. Regarding your original question: is nginx trying to start? Anything in syslog or so?
<codepython777> tohuw: nothing in syslog
<codepython777> I added a separate line in /etc/rc.local that starts nginx now. Still have no clue why it wont start automatically
<tohuw> codepython777: Are the links actually there in /etc/rcX.d (where x is the desired runlevel)?
<tohuw> (see man update-rd.d for more about the links)
<yolanda> zul, did you have a change to look at the kombu version bug?
<zul> yolanda:  not yet im getting the builds working again and then will have a look
<yolanda> great
<codepython777> tohuw: in rc2.d -> lrwxrwxrwx  1 root root   15 2013-05-09 17:08 S20nginx -> ../init.d/nginx
<tohuw> codepython777: you mentioned you dropped into rc.local, but can you verify /etc/init.d/nginx start works?
<codepython777> it complains
<tohuw> of?
<codepython777>  * Starting nginx nginx                                                                                                                                                                                     nginx: invalid option: "/var/run/nginx.pid"
<tohuw> Well, there's your problem. When nginx is running correctly, where does it maintain a pid file? Also, did nginx provide that init.d file?
<codepython777> tohuw: i installed nginx and ran it
<tohuw> Regardless, look at its content and decide why it is providing and invalid option
<codepython777> i dont know where the default pid is supposed to be located
<tohuw> Check what it does when running with strace or so. It sounds like there is a bug in the nginx package if the init.d script doesn't work out of the box. File a bug appropriately, which may give you some better insight.
<tohuw> (as it is likely to be replied to with a correction or explanation)
<phretor> I found this old bug ticket https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/629242 about vmbuilder ignoring the --mac option - I still see the bug and I haven't found any workaround. Anyone?
<uvirtbot> Launchpad bug 629242 in vm-builder "vmbuilder 0.12.4-0ubuntu fails to consider MAC address (dup-of: 392097)" [Low,New]
<uvirtbot> Launchpad bug 392097 in vm-builder "vmbuilder ignores mac option when using bridge network" [Low,Fix released]
<codepython777> is there a backup tool on ubuntuserver that backs up a directory with data-deduplication?
<sarnold> codepython777: rsnapshot can use hardlinks if files are -identical-
<sarnold> codepython777: .. though, now that I say it, I'm not confident it _discovers_ the duplication if the files aren't already hardlinked. nevermind.
<sarnold> codepython777: git has some kind of intelligence there, but it might also be magical
<codepython777> ah that sucks- rsnapshot that is
<codepython777> so no scripts for a backup that wont copy the same file twice?
<zul> roaksoax:  https://code.launchpad.net/~zulcss/python-keystoneclient/test-fbtfs-drop/+merge/167822
<roaksoax> zul: done
<zul> roaksoax:  thank
<zul> roaksoax:  https://code.launchpad.net/~zulcss/keystone/keystone-refresh-ftbfs/+merge/167825
<sarnold> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<zul> adam_g:  ping can we push that cinder patch we are carrying upstream?
<adam_g> zul, which?
<zul> the paramiko patch
<adam_g> zul, they set the version requirement, why would they revert it?
<zul> so we dont have to carry it and rediff it but yeah
<adam_g> zul, i assume the reasons it was set  are still valid. theres a new upstream paramiko package coming to debian soon, so we should be able to drop the patch when we sync that
<zul> adam_g:  awesome
<zul> roaksoax:  last one https://code.launchpad.net/~zulcss/cinder/refresh-ftbfs/+merge/167831
<zul> roaksoax:  hey did you +1 my cinder branch?
<LinuxAdmin> hi guys
<LinuxAdmin> i need your help with grub on ubuntu server 12.04
<LinuxAdmin> I'm trying to install ubuntu with raid1 but after installation i reboot and get grub rescue prompt
<LinuxAdmin> software raid, i mean
<LinuxAdmin> after this I tried to restore grub, with a live cd but had no result
<LinuxAdmin> I reinstalled ubuntu from scratch and the same thing happened once again
<LinuxAdmin> I tried installation with a dedicated partition for /boot, without raid, but get the same result
<LinuxAdmin> what is happening with ubuntu? I've already did the same setup in the past and I didn't get this problems
<LinuxAdmin> I tried supergrubdisk, but couldn't solve my problem
<LinuxAdmin> can some one give me some ideas, I'm really considering change to another distro, this is not acceptable with a server version
<LinuxAdmin> I loved ubuntu and I've got several ubuntu boxes running on my company, but now I'm really desapointed
<LinuxAdmin> disappointed
<LinuxAdmin> can some on help?
<LinuxAdmin> can someone help with my issue?
<SpamapS> LinuxAdmin: help in here is usually a bit slow
<SpamapS> LinuxAdmin: give it some tieme
<SpamapS> LinuxAdmin: as far as your error with raid1.. can you take a picture of the error you get?
<SpamapS> LinuxAdmin: software raid, unfortunately, is really broken in Ubuntu and needs some love. :-/
<LinuxAdmin> SpamapS: I get grub prompt after reboot, is everything I get
<henkjan> SpamapS: mdadm software raid is not usable in ubuntu?
<LinuxAdmin> SpamapS: do Debian suffer from the same problem?
<SpamapS> henkjan: it is usable, but it breaks boot sometimes. :-/
<SpamapS> no
<SpamapS> debian fixed all of this
<SpamapS> but for years Ubuntu diverged from Debian
<SpamapS> And thus far, nobody has really had time to reconcile.
<henkjan> SpamapS: i use it on lots of serveers
<SpamapS> I tried a little bit
<henkjan> the only issue i see sometimes on lucid based servers
<LinuxAdmin> I'm really thinking about move to another distro because of this
<henkjan> with sw raid 10
<SpamapS> henkjan: it works ok for most use cases, but it often detects a broken RAID and fails when it could just recover.
<LinuxAdmin> Debian is a good choice because it's the same of ubuntu
<henkjan> the raidset doesnt get assembled quick enough
<SpamapS> LinuxAdmin: grub prompt, or initrd prompt?
<SpamapS> LinuxAdmin: Debian is not the same as Ubuntu
<henkjan> and you'll get dropped in initramfs
<SpamapS> LinuxAdmin: Debian has only one supported release at a time (stable).
<LinuxAdmin> SpamapS: grub prompt
<henkjan> powercycle helps in most of the cases
<LinuxAdmin> I loved ubuntu server and I thought that because ubuntu has Canonical on behalf, it should be more stable and didn't suffer for problems like this
<LinuxAdmin> I'm really disappointed with ubuntu
<LinuxAdmin> I've got some friend that are always saying to me that if I want to sleep well I should use Debian, now I'm starting to give them all the reason
<jcastro> SpamapS: I thought we resolved the mdadm problem in the point release?
<SpamapS> jcastro: we resolved many problems
<SpamapS> https://bugs.launchpad.net/ubuntu/+source/mdadm
<SpamapS> shows 55 untriaged bugs, 5 High importance.. and lots of WTF's
<SpamapS> there's also a lot of _RAGE_ in that page
<jcastro> I share the rage, I won't touch mdadm anymore. :)
<SpamapS> I'm kind of surprised no concerned community person has stepped up to fix it
<SpamapS> Every once in a while a Canonical employee wades in but then the rage starts up again and they run away screaming.
<jcastro> I am spent from the maas SRU
<jcastro> but I suppose I could bring it up on the list
<SpamapS> With raid controllers costing $100 .. I'm kind of meh on the whole idea.
<SpamapS> All of the reasons to use software raid are to save nickels and dimes.
<ScottK> http://netsplit.com/2012/10/30/goodbye-ubuntu/
<jcastro> I am pretty much a fan of RAID built into the FS, but asking people to use btrfs is probably a bridge too far
<SpamapS> jcastro: I feel like btrfs is slipping away. :-/
<SpamapS> it has no champion
<SpamapS> ScottK: yeah, thats one way to go.
<SpamapS> Another is to go buy a $100 3ware SATA raid card, and have better performance. But who wants that? :-P
 * SpamapS goes afk
<soy_el_pulpo> be aware that some cards are like the old "winmodems", they only provide Win drivers...
<maswan> SpamapS: It is far from true that that's all the reasons, there are a few more. Like freedom of having a documented on-disk format with free implementations, being able to read your data from another host when the raidcard breaks, etc.
<maswan> SpamapS: Oh, and performance too. For a fair chunk of cases, MD performs better than most HW raid cards. Depends on your workload.
<roaksoax> zul: sorry was caught up with some maas work
<roaksoax> zul: cinder approved
<zul> roaksoax:  thanks
<maswan> SpamapS: And as a third point, a $100 raid card would add about 20% to the cost of a server.
<maswan> I honestly don't have a good plan for what to do with my server once lucid starts nearing EOL in a couple of years.
<maswan> Probably either ZFS on Ubuntu, or switching to Debian for software raid.
<maswan> Would kind of suck though, since work is all Ubuntu all day long since breezy
<oblivian> An arbitrary header info look up on misc web server that leaped to mind shows that 9/10 servers "leak" system info. Server brand, major and minor release, x-powered by and system it's running on, mostly Ubuntu and CentOS. I thought "best practice" is to hide that kind of information?!
<ScottK> Not really.
<ScottK> There are enough other ways to tell that for someone dedicated to finding out it's not hard and it doesn't really add to security anyway.
<oblivian> Well, from the fact that one server was running Apache2 2.2.14 (Ubuntu) I guickly found out that the system is running Ubuntu 10.04.
<SpamapS> maswan: you could invest time in mdadm...
<ScottK> Sure.
<SpamapS> maswan: or even pay a consultant to fix it.
<SpamapS> maswan: boggles my mind that people get mad at a free distro for breaking things. :-P
<oblivian> And since I know it is running 10.04 I can find out what version of MySQL is running, at least most likely.
<oblivian> So you are saying there's ways to tell what system you are running on, major and minor versions? I.e. Nessus, etc?
<ScottK> oblivian: That's all true, but ultimately, "meh".
<oblivian> But most attacks these days starts with robots scanning the net for info like that. If you are looking to exploit vuln a found in version x.x.x of server x, you have saved some ppl alot of work.
<SpamapS> oblivian: what you're talking about is hardening. There are plenty of strategies for stopping information leakage.
<ScottK> Yes, but since we backport security patches and don't bump upstream version numbers as a rule the version string tells you less than you think it would.
<maswan> SpamapS: I'm not mad, I'm disappointed though, because I expected better.
<SpamapS> maswan: from who?
<maswan> SpamapS: From Ubuntu as a project.
<SpamapS> maswan: Canonical takes care of Ubuntu, and mdadm is just lower in priority than, say, OpenStack or good EC2 images. Just a fact of life. :-P
<SpamapS> maswan: Ubuntu is all of us. So be disappointed in yourself first. :)
<oblivian> SkottK: Yes, but I don't think it is "good practice" to show any visitor what versions your system is running on.
<maswan> SpamapS: Yeah, I can't fix everything though, and I prefer to spend the time I have for things on the parts where I am most useful.
<maswan> SpamapS: But yes, I include myself in that community
<maswan> SpamapS: And it is too bad so much time gets eaten by things that are useless to me, like openstack and ec2, compared to proper useful things like mdadm :)
<ScottK> oblivian: There are fingerprinting techniques out there that make it essentially impossible to hide it, so if you think you're hiding anything, you're fooling yourself.
<ScottK> SpamapS: There are quite a few people that find Canonical's abandonment of servers troubling.  Quite reasonably so, IMO.
<maswan> Of course, if I get the impression that noone cares about ubuntu servers anymore, maybe my time is better spent brushing up on my Debian
<oblivian> SkottK: Sure, if it is a targeted attack yes. I stil don't see why I shouldn't hide most system info. It takes 30 seconds.
<oblivian> SkottK: - Canonical's abandonment of servers troubling. What?!?!?!?
<ScottK> If it's not cloud, they don't really care.
<ScottK> By servers, I mean the things that people traditionally think of when you think of a server.
<ScottK> It's directly related to the mdadm question (see Scott Remnant's blog post).
<oblivian> Is Canonical abandoning servers?
<maswan> not formally, just not spending any effort on supporting them
<oblivian> Do you have a link to Scott Remnant's blog?
<ScottK> http://netsplit.com/2012/10/30/goodbye-ubuntu/
<oblivian> Thanks Scott, just read it.
<oblivian> I am running Soft RAID on 12.04 just fine. Was it the upgrading that went bad?
<oblivian> But I've ran into problems before when using disks w/o TLER.
<oblivian> In fact, this weekend I am going to set up a Soft RAID10 w/ 4 4TB HDD for running BackUpPC. Been running BackUpPC on Ubuntu servers with Soft RAID for years w/o problems, what so ever. Hope I am not running into trouble now. Takes forever to stripe...
<sarnold> oblivian: you may not want to .. RoyK's got a bug open about those not being detected / assembled at boot
<sarnold> (nested raids, that is..)
<oblivian> I am already running a RAID10 setup on Ubuntu 12.04. No problems there. It's 4 2TB HDD's though... But two years ago I had to scrap a setup since the disks didn't support TLER. Everey reboot degraded the RAID. And I was running RAID5, which I will never do again.
<sarnold> hrm.
<RoyK> sarnold: nested raids work on lucid, but not with presice
<sarnold> RoyK: oblivian says he's got one that works..
<RoyK> doubt it
<RoyK> raid10 isn't nested raid
<sarnold> it isn't?
<RoyK> no, it's a raid level
<oblivian> Yes, running RAID10. Standard, not nested.
<sarnold> .. and it's implemented somehow differently than 1 on top of 0?..
<RoyK> sarnold: the problem is nesting
<oblivian> Nested is mixing RAID levels, isn't it?
<RoyK> oblivian: nesting is like putting raid-0 on top of raid-5 sets
<RoyK> or other mixtures
<RoyK> raid10 is just another raid level (badly written)
<oblivian> OK, running RAID 0 on top of RAID5 is nested RAID?
<RoyK> yes
<RoyK> or mirroring raid-5 sets
<RoyK> or whatever
<sarnold> RoyK: heh, I alwaysthought 10 was implemented by simply nesting. why re-write when you could re-use..?
<RoyK> raid-upon-raid is nesting
<sarnold> sigh
<oblivian> But why would you want to nest? RAID10 is the best of both worlds, redundancy and speed. :)
<RoyK> sarnold: it should have been - if the developers did it the way I think is right, but then, I may be wrong :P
<RoyK> oblivian: no, it doesn't have the flexibility of other levels
<RoyK> oblivian: you can't grow a raid10
<oblivian> OK, for me that's not an issue, luckily. But the blog didn't seem to be related to nested RAID, was it?
<oblivian> The one Scott refered to...
<sarnold> oblivian: if it did, he didn't say..
<oblivian> But what nested configs are we talking about?
<oblivian> JBOD+0?
<sarnold> oblivian: in RoyK's case, 5+0: https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1171945
<uvirtbot> Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed]
<mdeslaur> oblivian: hiding the server banner is security by obscurity...you don't need to know the version to run your exploit on it...worst case, it doesn't work
<mdeslaur> oblivian: the practical side to having the banner is you can now get audited properly and know if some of your infrastructure is out of date
<oblivian> sarnold: Hmm, from the comments it seems a lot of users has problems with normal RAID levels too
<mdeslaur> oblivian: so having a banner actually improves security
<mdeslaur> software raid is only currently broken for some configurations, a lot of people run it properly
<mdeslaur> one of the scenarios that is broken is having drives on different types of controllers I believe
<mdeslaur> the userbase for software raid is quite limited
<mdeslaur> in fact, nobody has stepped up to fix it
<mdeslaur> or even open a support case with canonical I assume
<mdeslaur> it's mostly used by home users, or very small businesses with small servers
<oblivian> Hmm, we are the exception then. :)
<mdeslaur> oblivian: yes, you are
<oblivian> Weird.
<mdeslaur> oblivian: what kind of servers are you running? even the small dell, hp, and ibm servers are available with hardware raid...
<kees> mdeslaur: under what conditions is md broken?
<oblivian> Yes, our "main" servers are running HW RAID. It's Dell servers actually. But the backup servers and file servers are Ubuntu 12.04 with Soft RAID10.
<mdeslaur> kees: I don't exactly know, I haven't seen it myself...did you see keybuk's rant?
<mdeslaur> kees: I've seen bug reports about raid trying to come up when some of the disks on a different controller aren't ready yet
<mdeslaur> kees: but I don't know how to reproduce it reliably
<mdeslaur> (well, I don't have the hardware to try, anyway)
<sarnold> kees: RoyK reports any nested configuration is broken in precise and newer
<oblivian> mdeslaur: so you are saying it is more secure to expose your system info than not? (server banner).
<mdeslaur> oblivian: hiding your server banner doesn't prevent an exploit from working on your server
<mdeslaur> oblivian: all it does is prevent a security scanner from seeing what versions are installed
<mdeslaur> the question is debatable, but hiding your banner isn't likely to affect your security
<mdeslaur> it's a matter of preference
<mdeslaur> especially since we don't put exact package versions in the banner
<oblivian> mdslaur: OK, I see your point. But I disagree. You are in control of your audits, so when scanning using i.e. Nessus or other enable server banners temporarily. And you underestimate security by obscurity. It is a well founded "securoty mechanism". It is a problem if you only base your security on obscurity of course.
<lifeless> oblivian: well founded? !cite please
<oblivian> mdslaur: security by obscurity = on a need to know basis.
#ubuntu-server 2013-06-07
<shodan45> I just installed 12.04.02 on brand new hardware that has UEFI. I used custom partitioning (always do), and it doesn't boot. Now I see that I need a UEFI partition?
<sarnold> shodan45: iirc, you need something like 100 megabyte FAT partition right up front
<shodan45> right, that's what I'm reading now.... but is that absolutely needed?
<shodan45> it's the only OS on the box
<sarnold> i think it is, unless you can convince your bios to boot in a compatibility mode
<shodan45> hmm, I think I could do that, but I'd rather figure out UEFI
<sarnold> if you've got the time, that sounds like a good idea
<sarnold> it's not going away, anyway :)
<SpamapS> ScottK: re "abandoning servers" .. Thats not just Canonical. The entire industry is changing.
<SpamapS> ScottK: and its not just giant IT shops. Small shops, < 20 server shops, are finding it useful to have a self service "cloud" rather than angry gray beards watching over all the resources.
<SpamapS> ScottK: But really, Canonical is following the money. If there was money in SMB servers, they'd be there.
 * sarnold . . o o O O ("It took a lot of anger to get my beard this grey")
<mdeslaur> the whole industry is facing a big change right now, not just Canonical. Chasing the future is way better than attempting to catch up to the past.
<sarthor> I have a printer problem, details are here http://www.linuxquestions.org/questions/linux-software-2/fa-printing-shared-printer-win7-output-like-php-or-html-or-the-paper-4175465040/
<ScottK> SpamapS: sure, but the stuff on the metal has to work for the cloud to be viable, so it's in many cases a false, short sighted choice to assume that basic infrastructure will continue to support the cloud stuff even though it's ignored.  That'll be true for awhile, but not forever.
<sarthor> I have a printer problem, details are here http://www.linuxquestions.org/questions/linux-software-2/fa-printing-shared-printer-win7-output-like-php-or-html-or-the-paper-4175465040/
<sarthor> I have a printer problem, details are here http://www.linuxquestions.org/questions/linux-software-2/fa-printing-shared-printer-win7-output-like-php-or-html-or-the-paper-4175465040/
<hxm> what is correct, file or archive?
<Senor> what is the relation or difference between cluster and cloud ?
<imanc> I'm creating some users on a new server with default shell /bin/bash, but there's no directory/file colours. How can I enable this?
<hxm> you may want to paste this in .bashrc http://pastebin.com/3iUWgC0D
<imanc> hxm: great, thanks
<hxm> np
<imanc> is it possible to create an initial directory structure with /etc/skel ?
<imanc> i want to put the .ssh/authorised_keys in by default
<mardraum> for every user?
<imanc> yep .. every user added with useradd
<mardraum> sounds kinky
<imanc> ha ha
<jacobw> authorised_keys â  authorized_keys
<jacobw> en_GB â  en_US
<yolanda> zul: https://code.launchpad.net/~yolanda.robla/python-novaclient/havana/+merge/168021
<yolanda> https://code.launchpad.net/~yolanda.robla/cinder/havana/+merge/167726
<sarthor> I have a printer problem, details are here http://www.linuxquestions.org/questions/linux-software-2/fa-printing-shared-printer-win7-output-like-php-or-html-or-the-paper-4175465040/
<sarthor> I have a printer problem, details are here http://www.linuxquestions.org/questions/linux-software-2/fa-printing-shared-printer-win7-output-like-php-or-html-or-the-paper-4175465040/
<zul> jamespage:  ping
<jamespage> zul: morning
<zul> jamespage:  good morning! so ceilometer needs a newer kombu, which is find and dandy
<zul> but the new version of kombu depends on a fork of amqplib
<zul> so im not sure how to go about this
<antihero> hey, I'm trying to upgrade a ubuntu server but the kernel is too old
<antihero> if i do
<antihero> linux-image-3.2.0-45-generic-pae
<antihero> apt-get install !!
<antihero> then I get a message telling me to apt-get -f install
<antihero> but that needs to install libc6
<antihero> whicH I can't do because kernel is too old
<antihero> help!
<antihero> I need to basically "undo" the upgrade
<antihero> anyone?
<zul> jamespage: http://people.canonical.com/~chucks/ca/
<yolanda> zul: https://code.launchpad.net/~yolanda.robla/python-keystoneclient/havana/+merge/168077
<ShapeShifter499> hi
<ShapeShifter499> in case someone here has an answer to my question I post this link to my policyd question http://askubuntu.com/q/305282/136822
<plars> something bad going on with the ubuntu-server image today, looking at it now
<yolanda> zul: https://code.launchpad.net/~yolanda.robla/quantum/havana/+merge/167230
<yolanda> https://code.launchpad.net/~yolanda.robla/heat/havana/+merge/168098
<mgw> does anyone know why qemu-nbd -c successfully mounts a qcow image, but after qemu-nbd -d (which responds with "disconnected"), the qemu-nbd -c proc is still in the process list?
<tohuw> ShapeShifter499: While unfortunately I don't have much helpful input on your question, please do post full questions in the channel, as it improves the quality of the channel logs and lessens reliance on outside resources that may not necessarily be immutable links or readily viewable by all users. (An obvious exception, of course, is when it is appropriate to use a pastebin for configurations files, logs, etc.)
<tohuw> (Do feel free to include a link to the question as well, of course)
<zul> adam_g:  ping
<adam_g> zul, hey
<zul> adam_g:  can you take a look http://people.canonical.com/~chucks/ca/
<adam_g> zul, ya
<zul> adam_g:  thanks
<adam_g> zul, +1
<zul> adam_g:  thanks
<Womkes> Is it possible to bind the ports needed for NFS server to fixed number? I cannot firewall my setup. There is nothing about this in the community wiki article
<sarnold> Womkes: hrm, I thought in practice 2049 was used nearly exclusively?
<Womkes> Well there are two fixed ports
<Womkes> 111 and 2049
<Womkes> then there are a few ports that are assigned randomly
<Womkes> for nlockmgr and mountd
<Womkes> these I need to fix so I can firewall them
<Womkes> I could also whitelist the source IP
<Womkes> but I don't prefer to do that
<Womkes> I like to be very specific with the firewall rules
<shodan45> why is apt telling me that it "kept back" quantal kernel packages on a fresh install of 12.04.2?
<plars> hi, trying to sort out something in the precise server image today
<plars> http://cdimage.ubuntu.com/ubuntu-server/precise/daily/pending/report.html shows that there were some uninstallable binaries for maas
<plars> but shouldn't those show up in http://people.canonical.com/~ubuntu-archive/testing/precise_probs.html?
<plars> maybe a timing glitch between when those were generated, seems to work ok now
<plars> but maas package is updated
<mgw> In case anyone is interested, the company I work for is looking for a full-time devops/sysadmin in Seattle. PM me if interested and I'll send you the job description.
<zul> adam_g:  http://people.canonical.com/~chucks/ca/
<adam_g> zul, +1
<lotia> greeting all. Is there any equivalent to /proc/mdstat in the sysfs world?
<lotia> I know that /proc is being deprecated so I wanted to use the appropriate sysfs resource instead.
<baniir> a file was deleted from one of our servers via a 3rd party ftp program. the file appears to be gone, but the disk usage doesn't reflect this. is there anything i can do to trigger a refresh without rebooting the server, or some other thing to consider
<sarnold> baniir: check ls -l /proc/*/fd/* -- perhaps a process still has the file open
<sarnold> baniir: if the file had multiple hard links, perhaps only one link has been removed
<baniir> sarnold: yep, thanks; just ran lsof | grep deleted and found my file. it appears several times. do you know how to close these properly
<sarnold> baniir: well... your programs may be leaking file descriptors, in which case this problem should be fixed. but if they legitimately have it open and you just want the disk space back, you could kill the process. when the last process holding it open dies, the disk space will be reaped
<baniir> sarnold: you mean the program that was used to open the file? a colleague used mac os transmit for thatâ¦ looks like apache is keeping the file open (it's a log file)
<sarnold> baniir: here's how you can get apache to rotate log files; the important part is 'apachectl graceful': http://httpd.apache.org/docs/2.2/logs.html#rotation
<baniir> sarnold: thank you. attempting that command, i get "Internal error: Error retrieving pid file run/httpd.pid"
<sarnold> baniir: hrm. I wonder if you can do "service apache graceful", or if 'reload' or 'restart' is tied to a graceful restart...
<baniir> sarnold: i have /var/run/httpd/httpd.pid
<mgw> any suggestions on how to deal with a mount gone bad? kill â9 won't kill it, ctr-alt-del won't reboot
<GH0> I was trying to find a help channel for smartmontools, but was unable to find one so I suppose the next best place is here. Anyways, I am trying to setup smartd to run, and scan my devices, and then e-mail me when or if there is an error or some other issue. However, I have a MegaRAID controller, and I am not sure what to do with the /etc/smartd.conf file when those come into play. Does
<GH0> anyone here use smartd in their setup?
#ubuntu-server 2013-06-08
<atrius`> silly question time... it is possible to install ubuntu _server_ via nfs/PXE, right?
<sarnold> atrius`: PXE should be possible though I've not tried. NFS, no idea.
<atrius`> sarnold: i can get it to boot just fine.. but it then promptly ignores the netboot=nfs bits and complains it can't mount the CD. if i use the initrd.gz from the netboot directory on the iso it ignores the NFS argument again and wants to load everything from the internet
<atrius`> lots of google hits for doing this on the desktop install, which works fine, but largely nothing for the server image
<sarnold> atrius`: hrm, indeed, my quick searches turn up the same results.
<atrius`> sarnold: and it is looking worse.. pulling apart the netboot initrd for server is starting to make it look like it doesn't support NFS installs at all
<sarnold> atrius`: for some (many? all?) releases, the server installer has been the debian installer.. it might be done differently..
<atrius`> checking that
<sarnold> atrius`: this page seems to suggest it is possible.. it also describes ftp and http. http feels more likely to work than ftp, but that's just me.. :)  http://www.tldp.org/HOWTO/Network-Install-HOWTO-8.html
<atrius`> suggest yes.. but no deatils
<atrius`> details even
<sarnold> indeed. this page also suggests HTTP or FTP: http://www.debian.org/releases/stable/amd64/ch02s04.html.en#idp5637360
<atrius`> which probably means setting up an entire mirror
<atrius`> which negates the rather extensive work already done on my PXE boot/NFS install server
<atrius`> which installs everything else in the universe just fine
 * atrius` kicks ubuntu server
<sarnold> :(
<atrius`> can't imagine why they don't use the same installer for both Desktop and Server :(
<sarnold> atrius`: you might be able to configure a preseed file that leaves out all the gui and network-manager pieces... (not saying that's awesome, but it might get you where you want.)
<atrius`> i suppose it would be better than nothing
<atrius`> i'm searching the initrd file for any references to NFS
<atrius`> lovely.. the only references are via kickseed
<atrius`> well.. it appears that so far installing _server_ via NFS isn't possible. one guy even resorted to using squid to cache files from an HTTP source on the internet
<atrius`> if this is true that's pretty bloody lame since pretty much every other distro supports NFS install easily
<sarnold> atrius`: if you choose to go down the squid route rather than http, there's a squid-deb-proxy package that may help.
<sarnold> atrius`: please also file a bug.
<atrius`> sarnold: i'll probably file a bug after i'm less upset and less likely to write something like "lack of NFS install ability is retarded" :D
<sarnold> atrius`: heh, that's kind :) but once in a great while, an anger-induced bug report can do great good: https://jira.mongodb.org/browse/PYTHON-532
<atrius`> lol
<tohuw> sarnold: That bug report was a thoroughly entertaining read. Thanks.
<sarnold> tohuw: happy to make your friday night / saturday morning :)
<tohuw> For awhile, I was wondering if "Jibbers" was actually someone on the pymongo team!
<genii> I was asked by work to see if there is a way to not have the Symantec PGP Universal Server in between a Blackberry Enterprise Server and an MS Server 2008 with Exchange. So the idea I'm entertaining currently is 13.04 with hockeypuck or sks for keyserver then something like either make some procmail rules to encrypt and forward to the MS box, or perhaps something like Google's gpg-mailgate app with postfix to accomplish that part. Is anything
<genii> like this feasible?
<samglover> Hey all. I'm trying to set up BitTorrent Sync on an Amazon EC2 Ubuntu server instance.
<samglover> I've provisioned a new Ubuntu server, installed btsync, and run it. Now, I just need to figure out how to connect to the web UI.
<samglover> Anyone able to help me figure this out?
<sarnold> samglover: there's probably a few things to keep track of ...
<samglover> I'm sure.
<sarnold> samglover: there's the AWS security groups.. and then whatever address the gui server binds to.. and then whatever access controls the GUI server might impose itself
<sarnold> samglover: if you forward http over ssh, your connections will appear to come from localhost (from the perspective of the GUI server), so it can bind to localhost and allow only localhost -- and not require any new AWS security groups
<samglover> Okay, I'm already lost. Is there a tutorial you can point me to? I don't want you to waste your time walking me through it if I can try on my own with some guidance.
<sarnold> samglover: if you want to connect directly to it with a web browser, that'd require configuring it to listen publicly, setting up security groups to allow it, and maybe configuring some access controls to limit access to you and yuou alone..
<sarnold> ah, good thing, it's dinner time ;) hehe
<samglover> Or maybe some keywords I can use to find a tutorial? I don't even know what I'm looking for.
<sarnold> samglover: ssh -L and -R are probably the things to start with. here's a guide, but I don't love what I see so far.. https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding
<sarnold> samglover: oh, my fault, there's a <host> argument at the end of the examples of "local port forwarding". they're tolerable examples. :)
<sarnold> good luck :)
<samglover> Thanks. I'll come back if I can't figure it out (which will probably be the case). But hopefully with more-informed questions.
<samglover> Okay, so my btsync process is listening:
<samglover> Here's what netstat -lp shows:
<samglover> tcp        0      0 *:8888                  *:*                     LISTEN      951/btsync
<samglover> And the btsync manual says: WebUI is the default way of accessing BitTorrent Sync. It can be reached at: YourLocalIP:8888/gui
<samglover> But when I try it with my EC2 instance, like this, I get nothing: ec2-##-###-##-##.us-west-2.compute.amazonaws.com:8888/gui
<samglover> The private DNS doesn't work, either.
<samglover> So what I gather from sarnold's comments are that I could access it using local port forwarding. But wouldn't I need to insert my key pair somewhere in the command, in order to make it work?
<qman__> that netstat line means that it should be listening from any address, so it sounds to me like an AWS problem
<qman__> I don't know enough about AWS to tell you how to fix it, though
<qman__> to SSH with an arbitrary key, use the -i parameter
<samglover> FWIW, it's a clean Ubuntu 12.04 server, updated, with btsync.
<qman__> e.g. ssh -i /path/to/private_key -L 8888:127.0.0.1:8888 youramazonserver.com
<samglover> Cool. I'll try that.
<qman__> if establishing that connection works, you'd then browse to your local host on 8888 to get to it
<samglover> You mean I'd enter 127.0.0.1:8888/gui in my web browser?
<qman__> yes
<qman__> this also assumes you're running linux on your local computer, or at least a system with openssh client
<qman__> if you're on windows you'll need to use putty and configure the port forwarding the GUI way
<samglover> It's a Mac, so I think I'm good.
<samglover> The Ubuntu PC is at my office, but I'll need to connect that, too, at some point.
<samglover> Holy shit, that worked!
<jacksonka> Hello
<jacksonka> My port 5060 is open filtered but will not allow SIP registration.  Anyone had this problem with Ubuntu Server 12.04?
<jacksonka> I changed the ports to 5070 and presto everything registered.
<qman__> the port can't be open and filtered, it's either open, closed, or filtered
<samglover> You guys rock. Thanks! Now I'm rolling my own Dropbox.
<qman__> which corresponds to Accept, Reject, or Drop respectively
<samglover> Up yours, NSA.
<qman__> samglover, neat, I'll have to check out that software
<samglover> I'll post a tutorial shortly. How do I turn off the local port forwarding? I want to make sure it keeps working.
<jacksonka> ok here it comes
<jacksonka> small flood
<jacksonka> only way
<jacksonka> 6.00 ( http://nmap.org ) at 2013-06-07 23:42 EDT
<jacksonka> Nmap scan report for cinsolar.com (69.61.144.14)
<jacksonka> Host is up (0.0011s latency).
<jacksonka> PORT     STATE  SERVICE
<jacksonka> 5058/udp closed unknown
<jacksonka> MAC Address: F4:CE:46:0F:44:74 (Hewlett-Packard Company)
<jacksonka> Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
<jacksonka> jacksonkirka@jacksonkirka-HP-ProBook-4520s:~$ sudo nmap -p 5060 -sU cinsolar.com
<jacksonka> Starting Nmap 6.00 ( http://nmap.org ) at 2013-06-07 23:42 EDT
<jacksonka> Nmap scan report for cinsolar.com (69.61.144.14)
<jacksonka> Host is up (0.0011s latency).
<jacksonka> PORT     STATE  SERVICE
<qman__> please use a pastebin
<jacksonka> Sorry about the small flood
<qman__> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jacksonka> Thanks
<qman__> samglover, exit from the SSH session, and the tunnel goes away
<jacksonka> Why is my port 5060 closed?
<qman__> jacksonka, it means either nothing is listening there or the firewall is filtering it
<samglover> Hm, that doesn't seem to have done it. I can still access the server using my browser.
<samglover> I assume if the tunnel goes away, I shouldn't be able to access the web UI, at least.
<jacksonka> After I disabled ufw it still blocks this port although my router is from Cincinnati Bell and the router may be blocking the port.
<qman__> you can check on the server side with netstat -tulanp | grep 5060
<jacksonka> k, logging in using ECDSA 521 ssh.
<qman__> if you find that is listening on udp 5060 on the correct interfaces, then it's probably a firewall somewhere down the line
<jacksonka> no
<jacksonka> UDP ports do not listen.
<jacksonka> ONly tcp ports listen
<qman__> so it means you don't have anything listening, which answers the question
<jacksonka> Using nmap with -p 5060 -sU
<jacksonka> -sU with nmap specifies udp
<qman__> yes, which is why I said UDP
<qman__> while UDP is stateless the software still needs to bind to the port
<qman__> and will remain bound to that port in order to accept connections
<jacksonka> Notice in the print nestat printout the udp ports don't say listen
<qman__> if netstat does not show any software bound to 5060 then that is your problem
<jacksonka> Port 5070 is bound
<jacksonka> No I can use 5070 and the phones work
<jacksonka> Why would 5060 be closed if Asterisk sip.conf is configured for 0.0.0.0:5060?
<jacksonka> I disabled ufw.
<jacksonka> I changed the port to 5070
<qman__> it's closed because you're not using 5060 right now
<qman__> you will need to change it back in order to trace down the issue
<jacksonka> Addr->IP     : 192.168.200.126:5060
<jacksonka> This is text from Asterisk cntl
<jacksonka> It is shows my phone at home on 5060 but it works and Asterisk PBX is configured for 5070.
<jacksonka> Like you say 5060 isn't accepting data.
<jacksonka> I have the phone Polycom 321 expressly configured to use port 5070.
<jacksonka> It matches the port in Asterisk.
<jacksonka> So the phone works but it reports its still on 5060.
<qman__> what device is 192.168.200.126?
<jacksonka> Some party I am associated with Ubuntu, Asterisk, Yaai, Cincinnati Bell or other is intentionally blocking my ports.
<qman__> does that IP belong to the asterisk server or to the polycom?
<jacksonka> The Polycom 321 TCP/IP parameters
<jacksonka> .......................................................
<jacksonka> IP: 192.168.200.126
<qman__> ok
<qman__> what that output is telling you is that the polycom's sip port is still 5060, that is not telling you about asterisk's sip port, which should be 5070 based on what you've said
<qman__> both ends have a sip port set up
<jacksonka> What I am saying is I used 5070 when I discovered that 5060 was being intentionally block and not by me because it was working for a long time.
<qman__> well, if it worked before, it's a simple matter of finding out what changed
<jacksonka> No sir, I have the phone expressly set up on the line as port 5070
<qman__> if you didn't change server config for it to break, it wasn't your server
<jacksonka> Absolutely
<qman__> no, you have the phone set up to connect to asterisk on 5070, which is a separate setting
<qman__> the phone still has a sip port on it configured elsewhere, which that output says is 5060
<jacksonka> Oh, I don't know or have info to confirm this.
<qman__> it may not even be changeable depending on the device
<jacksonka> I will double check everything on the phone.
<qman__> it shouldn't need to be changed
<jacksonka> If I change it to 5060 it will not work because that port is closed.
<jacksonka> I have the sip server Asterisk in /etc/asterisk/sip.conf set up on 99.99.99.99:5070
<jacksonka> actual server address left out
<qman__> yes, and we cannot troubleshoot it unless you change it back to 5060
<jacksonka> It is absolutely changeable
<qman__> that is not what I was referring to
<jacksonka> OK
<jacksonka> I will
<jacksonka> edting /etc/asterisk/sip.conf now.....
<qman__> ok
<qman__> also pastebin the output of iptables -nvL | grep 5060
<jacksonka> done
<qman__> assuming there is any
<jacksonka> My address is 69.61.144.14
<jacksonka> so udpbindaddress: 69.61.144.14:5060
<qman__> ok
<qman__> it's showing as open from here
<jacksonka> rebooting asterisk
<jacksonka> restarting daemon
<jacksonka> Changing extenion 101 to port 5060
<qman__> ok\
<jacksonka> Ok furthermore, my router is 69.61.144.13 and server is 69.61.144.14  configured on the internet as public interface /etc/network/interfaces.
<jacksonka> I could log on physically near the server on lan but not from wan or public internet infrastructure
<qman__> ok, that is a separate issue
<qman__> SIP and NAT don't get along well at either end, you have to configure your phone device to play nice with NAT, and make sure the routers at both ends don't break anything
<jacksonka> I can log on now on 5060 as before but have to wait until I get to work to test with I can from public infrastructure log on thru 5060.  See, when I changed the port to 5070 I could log in thru public internet without being on lan.
<jacksonka> I don't use port forward to 192.168.200.100 server address but configure my server on Cincinnati Bell's public IP4 address.
<qman__> correct
<qman__> I am referring to the client side
<jacksonka> Yes, client side ok on 5060 lan.
<qman__> the phone which you are connecting with at work is behind a NAT router
<qman__> so the phone itself must be configured in a NAT friendly mode
<jacksonka> Yes and configured as nat=yes and qualify=yes
<qman__> ok
<jacksonka> It has worked for a long time.
<jacksonka> After some event, the port 5060 status changed.  I will check status of 5060 now.
<qman__> you may also be running into UPnP causing you trouble
<jacksonka> Oh, I saw a post about this.  Can you explain further.
<jacksonka> Do you have a link?
<qman__> UPnP is basically a dynamic port forwarding system
<qman__> so if some other device requested 5060 be forwarded somewhere, it may have interfered with your ability to connect
<jacksonka> Port 5060 appears to be ready.
<jacksonka> via nestat
<jacksonka> via netstat
<qman__> due to the dynamic nature of UPnP, this failure would have been temporary and difficult to diagnose
<qman__> and yes, 5060 appears to be working from where I'm sitting as well
<jacksonka> Nmap reports :   5060/udp open|filtered sip
<jacksonka> Do you have a sip phone
<jacksonka> Do you have a sip phone?  Softphone would do.
<qman__> yes, if you would like to /msg me an account I can test it for you
<jacksonka> sudo apt-get install ekiga
<jacksonka> thans
<jacksonka> thanks
<jacksonka> editing sip.conf to add
<jacksonka> k.  Try login 105 passwd 3593
<jacksonka> qman you there?
<qman__> yes, trying now
<jacksonka> Its ok I can delete the account afterward.
<qman__> I get a request timeout
<jacksonka> correct
<jacksonka> Now, sudo apt-get install nmap
<qman__> yes, I have nmap, it shows as open
<qman__> if you open the asterisk console, do you see me attempting to register?
<jacksonka> Use sudo nmap -p 5060 -sU 69.61.144.14
<qman__> also, was the output of iptables -nvL | grep 5060    blank?
<jacksonka> logging back in
<jacksonka> I restarted asterisk a second time just to make sure.
<jacksonka> sip show peers
<jacksonka> 105 is (unspecified)
<qman__> yes, it still has not registered
<jacksonka> checking iptables....
<qman__> ok
<qman__> ufw is just a front end to iptables, so this will check if there is anything at that level interfering
<qman__> you will also need to check the policy, you should probably not actually grep it and just read it
<jacksonka> sudo iptables -nvL shows only labels with no output when logged in to the server.
<qman__> ok
<qman__> are they all accept?
<jacksonka> No there is no output at all
<jacksonka> sudo iptables -nvL
<jacksonka> only header with no data
<qman__> you should at least have something along the lines of "Chain INPUT (policy ACCEPT)"
<jacksonka> policy ACCEPT 4331 packets, 404k bytes
<qman__> ah, ok
<jacksonka> I have no expertise with iptables.
<jacksonka> Sorry for the ignorance.
<qman__> don't need to, that's what I was looking for
<qman__> so it's not being blocked there, and it works from LAN so the server is working
<qman__> the next step in the chain is your router
<jacksonka> You bet.
<jacksonka> I believe that Cincinnati Bell is intentionally block incoming 5060 because they are a phone company.
<qman__> the exact steps for it can vary wildly based on model and ISP, so I can't really tell you exactly
<jacksonka> Checking router....
<qman__> that's entirely possible, you may want to call customer support and ask
<jacksonka> Westell router
<qman__> however, they normally only apply such restrictions to residential, non-static customers
<qman__> they meaning ISPs in general
<jacksonka> Firewall is set to low only known security holes are protected.
<qman__> SIP may have been added as a "known" security hole
<qman__> I would recommend turning it off/allow all at least for the testing phase
<jacksonka> I am static and have both a residential and commercial ip account with Cincinnati Bell.
<jacksonka> k
<jacksonka> I will allow one minute.
<jacksonka> go
<jacksonka> The firewall is down
<jacksonka> at the router
<qman__> ok
<jacksonka> All traffic is allowed.
<qman__> timed out again
<jacksonka> It said the outbound ports were all available but inbound it says may be configured via port forwarding.
<jacksonka> I get nothing in port forwarding tab
<qman__> ok, it should be blank, as your server should have its own address
<jacksonka> so they are clearly block the incoming port on the wan router
<qman__> maybe, one way to test for sure
<qman__> install tcpdump on the server
<jacksonka> at the nearest station to my house.
<qman__> and run it with these parameters
<jacksonka> doing it
<qman__> tcpdump -n udp dst port 5060
<qman__> by doing this, it should log all incoming SIP connections to the screen
<jacksonka> already have it.
<qman__> all attempts
<jacksonka> udp as well
<qman__> I will attempt to connect a few times and you should see me
<qman__> if you don't, it's being blocked
<jacksonka> no suitable device found
<qman__> ah, add -i eth0 where eth0 is your network card that has your external IP configured
<qman__> in front, so like
<qman__> tcpdump -i eth0 -n udp dst port 5060
<jacksonka> ok go
<qman__> ok
<jacksonka> wait I need -v option
<jacksonka> It is listening now.
<qman__> ok, I just attempted
<qman__> did you see any output?
<jacksonka> yes
<qman__> from 66.188.36.22?
<jacksonka> tcpdump: eth0: You don't have permission to capture on that device
<jacksonka> (socket: Operation not permitted)
<jacksonka> jacksonkirka@hpm110g6:~$ sudo tcpdump -i eth0 -n udp dst port 5060
<jacksonka> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
<jacksonka> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
<jacksonka> 00:59:16.827851 IP 69.61.144.14.5060 > 38.100.174.200.5060: SIP, length: 658
<jacksonka> 00:59:16.890484 IP 38.100.174.200.5060 > 69.61.144.14.5060: SIP, length: 440
<jacksonka> Sorry
<qman__> hmm, that's odd
<qman__> is 38.100.174.200 work?
<jacksonka> Yes that is Geils in New York
<jacksonka> It is my trunk
<qman__> oh, ok
<qman__> makes sense
<qman__> but you don't see any from me
<jacksonka> This is my expertise.
<jacksonka> I trunk to geils and deploy Asterisk PBX on port 5060 along with many other services.
<qman__> if you don't have anything coming from 66.188.36.22 then it looks to me like an issue on your router or futher upstream stopping the traffic from getting there
<qman__> and you may need ISP support to get that resolved
<samglover> Here's my BTSync on Amazon tutorial: http://samglover.net/bittorrent-sync-amazon-ec2/
<samglover> Tell me if I screwed anything up.
<qman__> I'm also seeing other open ports so I'm pretty sure your IP setup works, which leads me to believe that 5060 is explicitly blocked
<jacksonka> Thanks qman I will contact Cincinnati Bell because they are the only culprit left.
<qman__> sure, glad I could help
<jacksonka> With your permission I will delete exten 105
<qman__> yeah
<jacksonka> How do I stop tcpdump
<qman__> ctrl+c
<jacksonka> Wait -vvv
<jacksonka> ok I increased the verbosity
<jacksonka> the account is still good
<qman__> ok, I sent a few more packets that way
<jacksonka> qman I cannot see your IP at all
<qman__> ok, that further confirms the diagnosis, 5060 is being blocked somewhere
<qman__> most likely the ISP or router, and since you don't have any config saying it's blocked, you will probably have to contact them about it
<Chunky56> I have a RAID 5 array in ubuntu server where one of the hard drives died--I got a replacement under warranty and am now trying to add it to the array and have it resync, but using mdadm --manage /dev/md127 --add /dev/sdd1 is not working or giving any response (I verified sdd1 is the new hard drive)
<imanc> I'm trying to install a backport of cacti and despite following instructinos to add the ppa, et.c it's still consistently installing the version i don't want. If I prefix the package with the version number in apt-get, it says that the version is not found
<imanc> does anyone have any ideas how to solve this?
<dassouki> this morning I had a high I/O rate. I checked it out and it was high. my httpd server is still running but my sql is not. I'm assuming it's something with fake accounts creating wiki comments on mysql and blocking it or something of that sort
<dassouki> when i go to any website htat has a db i get an "error conencting to database" and when i do "mysql" in terminal, I get the following error "ERROR 2003 (HY000): Can't connect to MySQL server on '127.0.0.1' (111)"
<daya> any one have tried the ubuntu from scratch, https://help.ubuntu.com/community/LiveCDCustomizationFromScratch
<daya> I am able to make the Live CD, but could not add installer,
<demonoid_me> hello i have a problem with openvpn
<demonoid_me> when i write command ./build-ca
<demonoid_me> this is the log http://paste.ubuntu.com/5745114/
<demonoid_me> pls hellp me
<demonoid_me> :)
<demonoid_me> can you help me please?!?!?!
<demonoid_me> exooooooooooooo
<demonoid_me> hijos de puta
<e_t_> !language
<ubottu> Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<aarcane> I have an ubuntu server where a bunch of stuff is suspect now.  I don't have the time to do a reinstall completely, is there some way to tell apt or aptitude to verify every installed file against the version from repos?
<shauno> debsums does what you're describing, but I fear it'll just lead you to misplaced trust.  it's nothing close to a proper audit, just one tool in the box
<aarcane> shauno, I can manually verify my configuration if I can verify the binaries.  The only issue then is the dying disk, which I've replaced.
<gyre007> guys I need to export PATH globally on the server...so I thought sticking a script into /etc/profile.d/ with export PATH="$PATH:/foo/path" would do it but it doesnt seem to do the job...
<gyre007> anyone ideas how to do this ?
<nineteen67comet> G'day everyone .. I was wondering; can I have a startup script on a headless server box that'll run a rsync command and shut-back-down? (I can have the bios start the box; and the script shut it down).
<nineteen67comet> It's an old computer that I don't want running all the time; just startup/backup via rsync to my media box and shut back down.
 * nineteen67comet I'd love it if Ubuntu-Server worked on Raspberry pi
<OiCory_> Hi guys, I'm trying to install OpenVPN on my Ubuntu server 12.10 using an offcial guide from Ubuntu.com and I'm hanging on this one command
<yousaf> hi all
<yousaf> at the moment my webserver default home is at /var/www/ how can I change this to /var/www/laravel/public_html?
<ScatterBrain> How do I add multiple IP addresses to one NIC?  (I want a block of say 5 addresses on the same physical card).
<ScatterBrain> I can still do eth1:1, eth1:2, etc...right?
<beneter> so much activity here ^^
#ubuntu-server 2013-06-09
<ClientAlive> What is the best way to align partitions across multiple disks? Is there a way to do it that doesn't involve creating partitions on the other disks just as spacers? My problem is, I'll have a raid array but not everything on this systeam can be in a raid array (the uefi system partition for instance). I still want the partitions in the raid array to lign up on the physical platters across all disks though.
<soy_el_pulpo> I guess you can copy the partition of the disk you want to be the source to the other targets, assuming they are exactly the same
<soy_el_pulpo> and only add to the raid the ones you need, excluding those that can't be RAIDed
<soy_el_pulpo> you can use "sfdisk -d /dev/sda | sfdisk /dev/sdb" to copy the partition form sda to sdb
<soy_el_pulpo> ClientAlive: hope this helps
<ClientAlive> thx man
<ClientAlive> it does :)
<jacksonka> Anyone aware of an encryption algorithm stronger than ECDSA
<jacksonka> Anyone aware of an encryption algorithm stronger than Elliptic Curve Digital Signature Algorithm?
<jacksonka> Specifically ECDSA 521
<jacksonka> I am attempting to deploy Jabber has anyone done it on Ubuntu 12.04?
<madprops> hi, I was wondering what the justifications for forking apache are
<madprops> some folks at httpd seem to be appalled by this
<andol> madprops: what fork are you refering to?
<madprops> andol, http://wiki.apache.org/httpd/DebianDeb0rkification
<andol> Wouldn't call that so much a fork, as providing a different set of default configuration.
<andol> My personal opinion is that I do appreciate this split into include files, but agree with the wiki page on some not-optimal default. From what I have understood that is at least partly done in regards to backward compability, not breaking upgrades for packages which depend on Apache2, etc
<balachmar> Hi, I am installing postfix as a mailserver on a vps and it is working with ufw disabled. But when I enable it it blocks port 587 even when in the status it allows udp and tcp from Anywhere
<sarnold> balachmar: can you pastebin your ufw status output somewhere?
<sarnold> balachmar: have you manually added any rules that would prevent it from working?
<sarnold> balachmar: does netstat -tnlp | grep :587  show it listening? is it listening on the interfaces you expect?
<sarnold> s/interfaces/addresses/
<balachmar> @sarnold: http://pastebin.com/uwV47Dr6 for ufw status verbose
<sarnold> balachmar: hrm, I see an explicit DENY on 25; how are you testing that 587 doesn't work?
<balachmar> sarnold: I am using thunderbird. and it works fine with ufw disabled
<balachmar> sarnold: iptables output: http://pastebin.com/BKSjcCzd
<sarnold> oof, I'm once again reminded that I need to study iptables more. :)
<balachmar> sarnold: and netstat: http://pastebin.com/rZNyT7yx
<sarnold> balachmar: and you're confident thunderbird isnt using 25?
<balachmar> sarnold: yes, that was what I was thinking as well, with all that chaining, I am a bit abffled
<balachmar> sarnold: well, it is telling me it uses 587 with STARTTLS
<balachmar> But I can allow 25 for now
<sarnold> balachmar: can you try something like openssl s_client -connect mailserver.foo.example.com:587   ? I think that should work..
<balachmar> sarnold: even with 25 open (according to ufw) no luck
<balachmar> openssl s_client -connect mail.wligtenberg.nl:587
<balachmar> CONNECTED(00000003)
<balachmar> mmm, I could have ubfoscated the server name there :)
<sarnold> CONNECTED is actually encouraging..
<sarnold>    16  2272 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:587
<sarnold> that shows some 16 packets accepted through to port 587, right?
<sarnold> (line 73)
<balachmar> sarnold: http://pastebin.com/695FdJc7 full thing from openssl
<sarnold> balachmar: can you check the postfix logs? thjere might be something else oging on..
<sarnold> balachmar: aha, add a -starttls smtp to that openssl command line; I just got a nice SMTP session with your server
<balachmar> @sarnold: you were able to send mail?
<balachmar> @sarnold: I don't know :)
<sarnold> balachmar: hehe :)
<balachmar> @sarnold: aah I know why it whines about that
<sarnold> balachmar: well, there's lots of reasons why it might fail to relay.. hopefully the logs say _why_
<balachmar> @sarnold: you need to login to do that
<balachmar> @sarnold: do you know how I can login using the openssl command?
<sarnold> balachmar: oh man, it looks complicated :)  http://tools.ietf.org/html/rfc2554
<balachmar> maybe I can use this: http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet
<sarnold> balachmar: ooh. worth a shot.
<balachmar> @sarnold: ok, authenticated :)
<balachmar> @sarnold: and seemingly able to send an e-mail
<sarnold> balachmar: nice :) can you send...
<sarnold> woo.
<balachmar> @sarnold: but it didn't arrive yet...
<balachmar> @sarnold: mmm, it didn't work
<balachmar> So, as soon as I turn off ufw, I can send e-mail
<balachmar> sarnold: I think it is actually about sending it, not receiving the task of sending mail
<balachmar> sarnold: yes, it is unable to resolve google.com hostname
<balachmar> sarnold: I can't ping on that machine either when I turn on ufw
<balachmar> sarnold: I just don't know which ports are required for that
<sarnold> balachmar: ping is different, that uses icmp rather than tcp or udp
<balachmar> @sarnold, ok and which port is used for DNS?
<sarnold> balachmar: resolving google.com would require probably allowing input from port 53 back to your server on any ephemeral port...
<sarnold> balachmar: (the request is probably made from an ephemeral port rather than a well-known port..)
<sarnold> balachmar: .. is there a connection tracking module required / available for dns?
<balachmar> sarnold: don't know
<balachmar> sarnold: I know that ping google.com doesn't work as soon as I enable ufw and that postfix also complains about not knowing where to send the mail
<sarnold> balachmar: hrm, I don't see one on my system anyway..
<sarnold> balachmar: 'ufw allow proto icmp' would probably fix that...
<sarnold> (fix ping, that is. dunno about the rest. :)
<balachmar> sarnold: ERROR: Need 'to' or 'from' clause ... (I forgot to mention this thing is running 8.04...)
<sarnold> balachmar: aha, my shiny 13.04 laptop has them both optional :)
<sarnold> .. though maybe that's just a shotrhand in the manpage.
<balachmar> sarnold: and since it is a vps on openvz upgrading I cannot upgrade it
<sarnold> balachmar: maybe 'to 0.0.0.0'?
<balachmar> sarnold:ERROR: Unsupported protocol 'icmp'
<sarnold> balachmar: try 'proto 1' ?  (I found it via grep icmp /etc/protocols)
<balachmar> sarnold:ERROR: Unsupported protocol '1'
<balachmar> :)
<balachmar> sarnold: Aah, there seem to be issues with ufw using non stock ubuntu kernels (which vps companies do)
<balachmar> sarnold: so, fixing that first
<sarnold> balachmar: oooof. :/ it's bedtime for me, I hope you get something working to your liking. :)
<sarnold> balachmar: if you wind up fixing it, I'd be curious to know what the end result is. :) good luck
<balachmar> sarnold: I will let you know via a pm
<_dreamer> Hello, I am installing a webserver with apache mysql and php. I ran into some trouble while trying to connect to my mysql server (from a local machine that's not the server). I get the Can't connect to [local] MySQL server error and I do not understand how to fix it even after reading this, http://dev.mysql.com/doc/refman/5.6/en/can-not-connect-to-server.html. Can anyone help me?
<_dreamer> Hello, I am installing a webserver with apache mysql and php. I ran into some trouble while trying to connect to my mysql server (from a local machine that's not the server). I get the Can't connect to [local] MySQL server error and I do not understand how to fix it even after reading this, http://dev.mysql.com/doc/refman/5.6/en/can-not-connect-to-server.html. Can anyone help me?
<_dreamer> nvm, gonna use phpmyadmin...
<balachmar> Hi, I'm installing my own mail server, and I can send mail, and connect to imap. But I don't receive mails that I send from my gmail account to my new mail address.
<balachmar> I am not sure how I can check that
<e_t_> balachmar: do you have an MX record pointing to the mail server you set up?
<balachmar> e_t_: yes, I now found this website that allowed me to check to which server it is pointing
<balachmar> e_t_: http://mxtoolbox.com/SuperTool.aspx and that was fine
<balachmar> e_t_: however when I did an smtp check, it failed. Now I allow port 25 as well, I didn't know if that was required
<balachmar> e_t_: and that seemed to fix it :) I didn't really want to open 25, because I am sending over ssl, but apparently I also need it to receive mails :D
<e_t_> Port 25 has to be open on a mail server. Otherwise, it's like welding your mailbox shut.
<balachmar> e_t_: yep, kind of got that now :D
<liri> hey guys
<liri> I've got an Ubuntu natty server, where all of my repositories are configured to use us.archive.ubuntu.com. When I issue an apt-get update, I get 404 Not Found on many of the configured repositories.
<liri> Should I fix up the repositories configuration some how or should I just go about doing a dist-upgrade?
<mardraum> personally I would upgrade, otherwise, look for a mirror that still holds that ancient release.
<liri> yeah I think I found a way
<liri> just convert the source.list file from us.archive.ubuntu.com to old-releases.ubuntu.com
<liri> should do it for the basic stuff
<liri> thanks though
<garrettkajmowicz> Greetings! I just upgraded my server from 10.04 LTS to 12.04 LTS and the newly-installed kernels will not boot. Specifically, I get dumped to a busybox shell. If I boot a kernel from 10.04, everything comes up fine. The funny thing is that if I am in the busybody shell, the root volume isn't mounted, but "mount /dev/md0 /root" works just fine. Any thoughts?
<qman__> garrettkajmowicz, try creating/recreating /etc/mdadm/mdadm.conf
<qman__> backing up any existing files of course
<qman__> the 10.04 kernel may be doing autodetection that the 12.04 kernel isn't doing
<garrettkajmowicz> qman__: I can buy that (working on the file now). However, simply running "mount /dev/md0 /root" works flawlessly once I'm in busybox - the RAID set has been automatically assembled.
<garrettkajmowicz> qman__: I've checked the mdadm.conf file and updated it with a few bits. Next reboot (which will disable this connection) I will see if anything works better.
<qman__> ok, just an idea
<qman__> one other thing, check to make sure /boot didn't fill up
<qman__> if it did you may have gotten partial/broken files on your new kernels or new initramfs files
<lenny__> Hello this may be the wrong place for this question so I am sorry in advanced. I have set up my own server and have configured the DNS to point to it when I arrive at the page the page displays webpagename.com but when I go to any link it shows my server name. Is doing a mod rewrite the best way to handle this or is their a better way to do this?
<lenny__> sorrry server IP not name
<qman__> lenny__, that means you need to reconfigure your web application's settings
<qman__> most web applications have a configuration file which has a setting for your site URL - where it is will depend on that application
<lenny__> ok so for instance this is a wordpress install I should be looking their?
<balachmar> I am trying to install roundcube, installed package form repos, but server/roundcube/installer/ doesn't exist
<qman__> yes, wordpress should have a configuration file with a setting that is currently set to your server's IP, and that should be changed to your site name
<lenny__> ok thank you very much qman__
<andol> Seem to recall that wordpress has that setting in the database? (Commonly modified from /wp-admin/)
<lenny__> I think wp-config.php should have it if not ill check the database. myserver is locked down to only allow shell access from my network though so I will check in an hour when I get back.
<codepython777> anyone using vagrant / puppet / chef here?
<codepython777> I was thinking of provisioning using bash, and was wondering if someone had any luck with that?
<madprops> is there much difference between CentOS and Ubuntu Server when it comes to security?
<qman__> yes, the two take different approaches on a number of issues
<qman__> if you're really asking if one is more secure than the other though, the answer is no
<qman__> security isn't about selecting one product over another, it's about strategy and behavior, you're only as strong as your weakest link
#ubuntu-server 2014-06-02
<Atttwww> I have an ubuntu server 14.04 VM image I setup with 512ram and I noticed it is running zero swap. Is that something I did, or is that normal now? My thought is to at least match the ram size with swap just in case.
<ikonia> what do you mean running zero swap
<ikonia> as in swap assigned but not in use
<ikonia> or no swap assigned
<Atttwww> running 'top', it shows zero assigned.
<ikonia> swapon -s
<ikonia> top does not show assigned swap
<ikonia> please show me the output
<ancaster> Hi. I'm running 12.04. Is there a nice way to have autofs show wildcard nfs subdirectories
<ikonia> show or mount
<ancaster> show
<ikonia> what do you mean by "show", can you give an example
<ancaster> before a user explictly tries to access it
<ancaster> e.g. show /home/ancaster
<ikonia> there is no such command
<ancaster> and then mount /home/ancaster when I cd /home/ancaster
<ancaster> no, eh?
<ancaster> well, worth an ask. thanks ikonia.
<Atttwww> ikonia I have two VMs running, my old 12.04 LTS, and my new test 14.04 that I had my question about. On the 14.04 "swapon -s" is blank accross the line, the 12.04 shows a "/dev/mapper/cryptswap1" file for comparison sake. I'm wondering if I didn't set it up right on install.
<ikonia> Atttwww: swapon -s shows a blank line, nothing at all
<Atttwww> just headers, "Filename Type Size Used Priority"
<ikonia> Atttwww: ok, so that sounds like you have no swap device assigned
<ikonia> Atttwww: you can confirm this in your /etc/fstab
<Atttwww> thats what I'm saying
<PryMar56> ikonia, inside the VM run blkid
<ikonia> PryMar56: why ?
<PryMar56> ikonia, if there is a swap device it will ID itself
<ikonia> PryMar56: that doesn't change anything
<ikonia> there is currently no swap device assigned
<Macer> is there a webmin repo for ubuntu anywhere?
<Macer> or does it have to be installed via their .deb?
<Macer> oh. seems like there is a repo
<Macer> wonder if it has a trusty dir
<Macer> guess not
<Macer> only a debian sarge
<pmatulis> Macer: webmin isn't great on ubuntu
<pmatulis> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Macer> pmatulis: yeah seems so
<Macer> i was playing around with it.. doesn't seem stable
<Macer> decided to uninstall it
<Macer> i was hoping to find more of a monitoring tool
<Macer> that will email me if say.. the power goes down or zfs detects an error
<Macer> is there something good for that?
<makara> hi. How do i set the DNS servers to use with my ubuntu server?
<mardraum> makara: man resolvconf
<mardraum> for a machine with a static address, the "ifup" section
<makara> since I can't edit /etc/resolv.conf directly
<jpds> makara: Put it into /etc/network/interfaces
<jpds> makara: With: "dns-nameservers 8.8.8.8 ..."
<makara> jpds, thanks. stupid mistake dns-servers not dns-nameservers
<saban> hi. is there a way to see what ip address is ussing what directory in smbstatus?
<rbasak> saban: try #samba maybe?
<saban> ok
<stetho> Hi. I have a network problem that's making my head hurt. Therefore it's something obvious :-) . I have a machine 10.24.21.65. I can SSH to it and from it, I can telnet from it to 10.24.21.253 which is a switch and I can ping 10.24.16.0/21 (my network) expect one address. That address is 10.24.21.254 - my router. So this server has no internet access. The router is "obviously" working because I'm on Freenode using IRC. And the machine I'm using can
<stetho>  ping 10.24.21.254. Somewhere on this server though there's a setting that's stopping it getting to the router. I've checked iptables -L, ip route, route -n - they're all as they should be.
<catphish> has anyone run a dell bios update on ubuntu? the installers they provide seem to want rpm, wasn't sure how hacky i want to be with a solution :)
<catphish> found an old repo for it that i think will work :)
<hallyn_> ahs3: did you find any time this weekend to look at netcf?
<zul> hallyn_:  starting on 1.2.5
<hallyn_> zul: cool
 * hallyn_ hands zul a helmet and a pickaxe
<med_> utlemming, smoser gaughen : are dailies for trusty broken?  Seeing weirdness at http://cloud-images.ubuntu.com/trusty/ with PPC only builds and not the latest amd64 in current
<zul> hallyn_:  do we really need patch-qemuMonitorTextGetMigrationStatus-to-intercept.patch anymore?
<zul> med_:  didnt you know we are doing ppc only these days..
<med_> zul, ah, that explains it.
<zul> med_:  im joking
 * med_ buys a bunch of power gear and gives the commish to zul
<med_> zul, I knew you were joking. I do have a horrid humor filter but that one was obvious.
<hallyn_> zul: i shouldn't think so
<med_> :-)
<smoser> med_, i'll push on that. there does seem to be some issus there.
<zul> hallyn_:  dropping it
<med_> zul, and don't go spending that commission until the check clears. :^)
<med_> smoser, grazie.
<zul> hallyn_:  if anyone complains...welll...my bad
<hallyn_> zul: kvm up to versions 72.  time to move on
<smoser> med, http://cloud-images.ubuntu.com/trusty/current/ is still good
<smoser> med_, and also the streams data looks correct
<utlemming> med, smoser: what happened with the daily is that the EC2 publisher got hung up over the weekend
<med_> smoser, there appears to be a two day newer version o trusty in 31.1
<utlemming> med, smoser: this should be fixed shortly
<med_> utlemming, cool
<utlemming> med_: right, the publisher broke
<med_> gotcha
<smoser> med_, but thats not necessarily an issue.
 * med_ pinged utlemming before he was here and then he arrived... that power will go to my head.
<smoser> thats not a promise. 'current' should point to the latest "good" build for sure.
<med_> smoser, ack.
 * med_ puerges 31.1 and goes for current
<smoser> and simplestreams should have the right data.
<med_> smoser, I'm trying to use simplestreams but I'm not there yet. (It's on my work backlog list though.)
<smoser> but i dont particularly care if a numeric string in rendered output of an apache directory listing seems to look like a build-id to you.
<zul> hallyn_:  do you want me to include cgmanager patch?
<hallyn_> zul: which one is that?
<hallyn_> if you mean the one to make libvirt work with cgmanager, then no, i'm still working on that
<hallyn_> but maybe i'm forgetting about another patch?
<med_> smoser, is there a datestamp of the build somewhere exposed/obvious in the cloud-image?
<med_> (once I say launch a given cloud-iamge)?
<utlemming> med_: loko at /etc/cloud/build.info
<med_> danke
<zul> hallyn_:  im just going through the libvirt bugs
<hallyn_> zul: bug#?
<zul> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1322677
<uvirtbot> Launchpad bug 1322677 in libvirt "Please use cgmanager" [High,In progress]
<hallyn_> zul: ok!  yeah please do wait.  i'm going to get containers working first, which requires two more things to be fixed (cgroups mounting in containers, and the virCgroupTaskKill stuff)
<hallyn_> though what's there now *might* be enough for xnox
<hallyn_> xnox: you ust want to be able to run libvirt with qemu vms inside a container/
<xnox> hallyn_: i don't even want to run anything =) just want to drop cgroup-lite from the archive completely.
<zul> hallyn_:  ack
<hallyn_> ok, thanks, i'll just aim to do tha tnext week
<zul> hallyn_:  ill put it in a  ppa for you to test
<hallyn_> ahs3: of course i really should apply for DM for netcf so i can quit bothering you
<smoser> med_, fwiw, http://paste.ubuntu.com/7574300/ is a simple thing that you can probably follow.
<smoser> gives output of some data that you can probably read and securly got the latest image url and the sha256 sum for that.
<med_> thanks smoser
 * med_ has been watching old design summit videoa
<med_> yep, that's pretty simple (simple enough for me)
<zul> hallyn_:  it will be here https://launchpad.net/~zulcss/+archive/libvirt-testing when it builds if it builds etc
<hallyn_> zul: ok, thx
<No_one_at_all> So we're upgrading our dedi from 13.10 to 14.04 LTS, and we're running a RAID 1 (I believe?)
<No_one_at_all> We got this error: GRUB failed to install to the following devices: /dev/md1
<No_one_at_all> are we totally boned?
<No_one_at_all> ...anybody?
<rostam> HI I am trying to port our systems to ubuntu 14.04. One think I see very odd and different between 14.04 and prior ubuntu releases is the network interface names. There is no eth0 or eth1. The result of the ifconfig has two interfaces: lo (local loopback) and  p6p1 (with IPv4 address). We have developed lot us of scripts based on eth0 and eth1 on older ubuntu.... thx
<rberg_> No_one_at_all: you need to install grub to the disks that make up the md  not the md array its self
<No_one_at_all> rberg_: right, but ...how do I do that?
<No_one_at_all> oh, wait.
<No_one_at_all> rberg_: gee why can't ubuntu handle that itself. >_<
<rberg_> No_one_at_all: it should be able to handle it correctly.. check out whats set in debconf for "grub-pc/install_devices"
<zul> hallyn_:  ftbfs :(
<No_one_at_all> rberg_: we've got RAID1 going. Installing would just involve grub-install /dev/sda, and grub-install /dev/sdb, and then update-grub, right? (/me crosses fingers)
<rberg_> that sounds right.. if thats how many drives you have
<No_one_at_all> rberg_: yeah, raid1 on two drives.
<No_one_at_all> I just don't understand why the upgrade didn't frickin' handle itself
<rberg_> dont know.. I bet if you ran echo "grub-pc  grub-pc/install_devices                 multiselect  /dev/sda /dev/sdb"| debconf-set-selections would get it doing the right thing
<sudormrf> hey guys.  I am trying to troubleshoot an issue with two VMs I have setup.  One is the server the other a client.  The server is acting as the primary DHCP and DNS server.  The server IS providing an IP address to the client, but it is not pushing down the nameserver and search domain info.  I have been looking over the dhcpd.conf and dhclient.conf files looking for a mistake, but I think I have hit a wall and submit to your good graces :
<sudormrf> D.
<sudormrf> am I looking in the right files?  why wouldn't this information be pushed out to the clients?
<TJ-> sudormrf: without seeing the config it's impossible to know what the issue is
<sudormrf> TJ-, let me post them.  hold please :D
 * TJ- hums along to the musak
<rostam> HI I am trying to port our systems to ubuntu 14.04. One think I see very odd and different between 14.04 and prior ubuntu releases is the network interface names. There is no eth0 or eth1. The result of the ifconfig has two interfaces: lo (local loopback) and  p6p1 (with IPv4 address). We have developed lot us of scripts based on eth0 and eth1 on older ubuntu.... thx
<TJ-> rostam: "Predictable network interface names" ... see http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<tgm4883> Running a Mysql server on 12.04, Friday night, all of our wordpress instances couldn't connect to the DB, and required me to restart the mysql service to get them connected again (wordpress and mysql are on different hosts). I see a few empty mysql logs in /var/log/ and an empty /var/log/mysql/ directory. Is there somewhere else I should be looking for logs
<tgm4883> or did a previous admin disable mysql logging
<sudormrf> TJ-, http://paste.ubuntu.com/7575692
<TJ-> sudormrf: On the client, does "/var/log/syslog" or the dhclient log, show the options being received?
<sudormrf> TJ-, let me check the client.
<TJ-> sudormrf: My first step would be to run tcpdump and see if the options are coming in... that way you know where to focus your attention
<sudormrf> TJ-, dhclient log is server side, correct?
<mwhudson> how can i give data to cloud-init when not in an actual cloud-type environment?
<TJ-> sudormrf: no, its client-side... it can, if you configure it, record the conversation with the server in terms of options received, even if they are ignored
<Pupeno> How do you reset ufw without having it wait for you to type yes?
<sudormrf> TJ-, hmm.  /var/lib/dhcp/dhclient.leases is blank
<sudormrf> hang on
<mwhudson> ah http://foss-boss.blogspot.co.nz/2010/12/cloud-instance-with-cloud-init-on-kvm.html appears relevant to my interests
<rostam> TJ: thanks
<sudormrf> TJ-, you still around
#ubuntu-server 2014-06-03
<Sachiru> Anyone using shadow copies on samba on ubuntu with Windows 8/8.1 clients?
<Sachiru> Shadow copies for Win8/8.1 clients crash on open, yet (strangely) succeed on copy/restore
<armenb> hello...I have a question regarding resolvconf and dnsmasq on ubuntu 12.04: do i need to install the ubuntu network manager if i want these two to play well together? my system is a server sitting in a rack.
<Guest67771> Hi I have a relatively new install of Ubuntu 12.04 server (home). Most of the tools from the left hand bar don't work. I'd like to setup some new users, but can't access the tools. ANy advice?
<cfhowlett> Guest67771 use the command line
<Guest67771> ok....but what about fixing the underlying prob?
<owh> Guest67771: A normal server install doesn't have a "left hand bar"
<cfhowlett> Guest67771 as the server channel would say : real servers don't HAVE a gui.  Which is where the confusion comes from.  ^^^
<cfhowlett> !server| Guest67771
<ubottu> Guest67771: Ubuntu Server Edition is a release of Ubuntu designed especially for server environments, including a server specific !kernel and no !GUI. The install CD contains many server applications. Current !LTS version is !Trusty (Trusty Tahr 14.04) - More info: http://www.ubuntu.com/products/whatisubuntu/serveredition - Guide: https://help.ubuntu.com/12.04/serverguide/C/ - Support in #ubuntu-server
<YamakasY> guys, how large would a precise/trusty mirror be only 64 bit ?
<owh> Guest67771: What cfhowlett is trying to tell you is that it looks to us like you don't have a normal server installation.
<Guest67771> good point...I know it's not normal. I installed a GUI. Just asking how to fix it?
<owh> YamakasY: https://wiki.ubuntu.com/Mirrors
<YamakasY> owh: uhm yes but that is quite unclear
<YamakasY> and trusty is not listed yet
<owh> Guest67771: Well, that becomes a much larger problem, since you told us: "Most of the tools ... don't work." which indicates that there is likely something else going on, since a "normal gui" installation would normally just work.
<owh> YamakasY: That's all the information I know about, but I am *guessing* that if you put aside 10G, it would be enough.
<cfhowlett> Guest67771 you could always install vanilla ubuntu, i.e. with gui, and then run a server from that.  If you NEED a gui an all ...
<Guest67771> Is there a command to determine whic desktop it's running...so I can go and search help files/
<owh> Guest67771: In a server environment we generally don't like to waste cpu cycles and disk space on tools that are rarely used. If this is a server, I'd be recommending a server installation. If this is for home use, just install a plain copy of Ubuntu and use that as a "server".
<owh> Guest67771: You could run lsb_release -a
<YamakasY> owh: but do we need the archives ?
<cfhowlett> owh doesn't display the desktop environment ...
<Guest67771> thanks
<owh> cfhowlett: Bugger, just had a look at a server and a desktop, same output ;-(
<cfhowlett> owh if there's a command to display the DE, I sure don't know what it is.  gotta ask the ##linux
<owh> YamakasY: That depends on what you're trying to mirror. The Release stats on that wiki page show that Quantal took 6.9G, so I'm making a WAG, WileAssGuess that 10G is going to be enough, which is why I said that I was *guessing* that it would be enough.
<owh> Guest67771: How did you install the GUI?
<Guest67771> apt-get install. I documented most of my install, but forget the DE
<owh> Guest67771: You can check the apt logs in /var/log
<muhqu> hi everyone, is there any comprehensive guide on using an ubuntu cloud-img (AMI) as a basis for bundling your own AMIs? â¦I'm particularly interested to known what should be excluded from bundlingâ¦ e.g. /var/lib/cloud/instance/
<cfhowlett> !cloud
<ubottu> Ubuntu Cloud Infrastructure is a ready to deploy Infrastructure-as-a-Service (IaaS) based on OpenStack. See https://help.ubuntu.com/community/UbuntuCloudInfrastructure for further details.
<owh> muhqu: I'm confused. Generally as I understand it, you fire up the AMI, fiddle with it, take a snap-shot and publish the snapshot as a new AMI.
<muhqu> owh, I'm bundling s3-based instances rather than EBS-based
<owh> YamakasY: apt-mirror seems to report how big it's going to be before it actually does the download: http://askubuntu.com/questions/21605/what-is-the-size-of-ubuntu-repository
<Guest67771> xubuntu was the DE. Thanks...I'll google some repairs
<cfhowlett> Guest67771 technically, xfce4 is the DE - xubuntu would the ubuntu distro which uses xfce4
<owh> muhqu: That makes even less sense to me. An AMI exists somewhere. You fire it up. You connect to it and do stuff to it. You take a snap-shot of the running machine, you store the snap-shot where you want it to be, that becomes the basis of your "new" AMI. Unless I have no idea what you're talking about, in which case YMMMV.
<muhqu> for s3-based AMI's there is not snapshotability â¦. u use ec2-bundle-vol command to create an image from within the running VM, and upload it then to s3.
<owh> muhqu: Right, so when you do that, you're still creating a "snapshot", even if it's not from the outside of the machine.
<YamakasY> owh: yes that's true
<YamakasY> I'm on 130GB now instead of 400
<YamakasY> only 64 bits download
<owh> YamakasY: That seems excessive.
<muhqu> owh: do you know of any written gudie/how-to to build custom AMI's from the ubuntu cloud-img AMIs? â¦I was having trouble especially re-bundling an HVM s3-based AMI. couldn't get it booting
<YamakasY> owh: 130GB ?
<muhqu> I already skimmed throu http://bazaar.launchpad.net/~ubuntu-on-ec2/vmbuilder/automated-ec2-builds but I have not yet found the right bits
<YamakasY> I wonder, do we need backports ?
<owh> YamakasY: Is there any reason that you're concerned about the size? It's basically going to be a single once off download, followed by incremental downloads. If size is a concern, why not download the DVD ISO file and use that as your local starting point? I am struggling to understand your use case.
<YamakasY> owh: I don't want to have a 400GB mirror as VM :)
<YamakasY> owh: is backports needed actually ?
<owh> YamakasY: backports use depends on those using your mirror. If they need that functionality, then yes. If not, then no. A better question is, who is going to use this mirror for what purpose?
<owh> YamakasY: You could also implement a caching proxy server and only download the bits that are actually used by those using your proxy. That way only the data that gets asked for is mirrored. If a second request comes for the same data, it doesn't get downloaded a second time.
<YamakasY> owh: yeah true, but we need them internally
<YamakasY> owh: I wonder if backports are really needed, I wonder if I actually use them :)
<funkyHat> YamakasY: have you considered something like apt-cacher NG, so you don't actually mirror the entire repo, just the bits you're actually using? Or is this for some non-internet connected network?
<YamakasY> funkyHat: no it's a network where we host all stuff ourself
<YamakasY> funkyHat: we also run our own repo's on our mirror
<funkyHat> YamakasY: Fair enough. I still think it's worth considering a caching proxy, could save you heaps of bandwidth, unless you're doing full-archive install tests or something. The way I'd probably approach it is with an acng instance which your systems use as a proxy for the main ubuntu archives as well as your own repos. That way you only download each version of each package into your network
<funkyHat> once, and you can pin your internal repo higher than the regular repos or whatever you need to do.
<funkyHat> But I'll stop bugging you now câ¢
<YamakasY>  funkyHat yes true, but I don't wan to wait on caches to download
<YamakasY> uhm, does apache need .conf files for it's vhosts on 14.04 ?
<gry> I don't personally expect apache to have changed much but I'm not sure
<No_one_at_all> YamakasY yes
<No_one_at_all> YamakasY all files in /etc/apache2/sites-available need to end in .conf, if that's what you mean.
<No_one_at_all> found that out the hard way.
<No_one_at_all> So uhh... question. I have an OVH dedicated server which I recently upgraded to 14.04, but there's no linux-image package installed (apparently). Does this mean it's using a custom kernel which was not upgraded?
<No_one_at_all> (btw, it is /not/ a VPS, in case "dedicated" didn't make that clear.)
<joe_dm> Hi All, Without using the words "Don't" or "It's a bad idea" does anyone know if there is a speical trick to enable root ssh login on Ubuntu 14?
<joe_dm> I've done passwd root and passwd -u root so far an can login locally just not via ssh
<No_one_at_all> joe_dm don't, it's a bad idea. and you'd need to edit the settings in /etc/ssh/sshd_config as per this article (maybe): http://www.cyberciti.biz/faq/allow-root-account-to-use-ssh-openssh/
<joe_dm> nvm, found it in /etc/ssh/sshd_config as # PermitRootLogin without-password
<dasjoe> joe_dm: look at /etc/ssh/sshd_config, if you absolutely want to enable it. I'd recommend setting it to "PermitRootLogin without-password" and adding your SSH keys to /root/.ssh/authorized_keys
<joe_dm> No_one_at_all thanks, It's just a test server so I want to make sure user accounts don't mess up any scripts, etc... Wouldnt enable root in production ;-)
<No_one_at_all> ok
<No_one_at_all> joe_dm: by the way, what's the output of sudo dpkg -l | grep "linux-image" for you? (completely unrelated to your issue)
<joe_dm> http://pastebin.com/c76m6EQR
<joe_dm> clean install
<No_one_at_all> huh
<No_one_at_all> thanks, man
<No_one_at_all> ...so (if I'm right) you've got two separate kernels installed?
<joe_dm> Not sure I understand this all correctly but looks like two kernels, maybe rescue boot environment or something.
<joe_dm> Clean install so this is all out of the box.
<No_one_at_all> ok. our box has... zero kernels installed.
<No_one_at_all> o.0
<joe_dm> ...
<joe_dm> not sure that is possible :P
<No_one_at_all> it is. Apparently the current one was installed directly, without using apt
<joe_dm> I think you can name your kernel whatever you want especially if it is custom built
<joe_dm> maybe it just doesn't have linux-image in its name?
<No_one_at_all> possibly.
<No_one_at_all> i mean, there's a kernel in /boot, but dpkg has no knowledge of it, so it didn't get upgraded, and so GRUB's upgrade failed
<dasjoe> No, that's just one kernel. linux-image is a meta package, No_one_at_all
<No_one_at_all> dasjoe: oh, ok.
<dasjoe> No_one_at_all: "dpkg --get-selections linux-image*" will tell you about installed kernels
<No_one_at_all> dasjoe "dpkg: no packages found matching linux-image"
<No_one_at_all> ...*
<dasjoe> No_one_at_all: if you have a kernel in /boot/ you can ask dpkg which package owns those files: dpkg -S /boot/vmlinuz-*
<No_one_at_all> right, right.
<No_one_at_all> I totally knew that, i did. Funny how my brain loses important things.
<No_one_at_all> dasjoe: still, "dpkg-query: no path found matching pattern /boot/bzImage-3.2.13-xxxx-grs-ipv6-64"
<dasjoe> No_one_at_all: see http://help.ovh.com/KernelMethods :)
<No_one_at_all> dasjoe: i did, but it's incomplete. >_<
<dasjoe> No_one_at_all: it tells you OVH netboots its dedicated servers, so you don't require a local kernel
<No_one_at_all> dasjoe: I am aware of that, yeah. It's what we're doing at the moment. I believe we wanted to use a non-ovh-fiddled kernel, though, which you totally have the option of doing.
<No_one_at_all> I guess my question now is, can i just use apt-get to install a generic (or other) kernel, then use grub-install?
<dasjoe> No_one_at_all: installing linux-generic or any other kernel metapackage should trigger an update-grub, too.
<No_one_at_all> ok.
<No_one_at_all> dasjoe: thanks for answering my questions patiently. As you (probably) can tell, I'm new to upgrading headless servers.
<No_one_at_all> And, as of this current moment, I am afwaid of them. Vewwy vewwy afwaid.
<dasjoe> No_one_at_all: don't be afraid. Check your /boot/grub/grub.cfg when you've installed the kernel, the netboot method may still be set as the default
<No_one_at_all> dasjoe: they offer a control panel for switching between hardware and netboot, so that's easily done, at least.
<Sachiru> I like this phrase that I just heard from HR: "The demand for sysadmins who know what they're doing has never been higher."
<andol> Sachiru: While I tend to agree, I had no idea that that insight had reached HR :-)
<Sachiru> Well, it was stated in response to an applicant telling us that the reason for his leaving his former job was an I.T. slump and a general lack of demand for sysadmins.
<No_one_at_all> "sysadmins who know what they're doing"
<No_one_at_all> great, I'm NEVER getting a job.
<patdk-wk> hmm? the work of a sysadmin is never ending
<patdk-wk> as you get better and better at scripting away your job
<patdk-wk> there is more stuff for you to do, or get better at
<rbasak> rcj: bug 1325943 is a dupe, I'm guessing? Looks like a Precise DKMS build failure on 3.8.
<uvirtbot> Launchpad bug 1325943 in open-vm-tools "open vm tools cannot be installed" [Undecided,New] https://launchpad.net/bugs/1325943
<zul> jamespage:  im updating a whole bunch of openstack deps this morning fyi
<rcj> rbasak, That's tricky because bug #1275656 requires an HWE kernel of Saucy or Trusty.  So if they can't move from the Raring HWE kernel up to either of those it's not a dupe (right?)
<uvirtbot> Launchpad bug 1275656 in open-vm-tools "open-vm-dkms 2011.12.20-562307-0ubuntu1: open-vm-tools kernel module failed to build" [Critical,Confirmed] https://launchpad.net/bugs/1275656
<rcj> rbasak, now after 14.04.5 when the support for a raring hwe kernel for precise ends the migration path is the trusty kernel which can use the package from 1275656
<rbasak> rcj: that sounds reasonable
<rcj> I'll make a note in the bug
<rbasak> Thanks!
<rcj> rbasak, there's a duplicate here somewhere anyhow
<rbasak> rcj: I'll let you resolve it - I think you follow this far better than I do.
<rcj> Looks like it's bug #1083719
<uvirtbot> Launchpad bug 1083719 in open-vm-tools "open-vm-dkms 2011.12.20-562307-0ubuntu1: open-vm-tools kernel module failed to build [error: implicit declaration of function âd_alloc_rootâ]" [High,Confirmed] https://launchpad.net/bugs/1083719
<rcj> rbasak, np
<jamespage> zul, is there likely to be a swift at juno1?
<zul> jamespage:  probably
<zul> jamespage:  ill ask ttx when he gets online
<jamespage> zul, any guess on version? doing the charm-helpers update atm
<RoyK> why is it linux shows the md as healthy during a reshape (grow), but won't change its size before reshape is finished? http://paste.ubuntu.com/7580561/
<ikonia> you can't resize something thats not in sync
<zul> jamespage:  not sure
<cfhowlett> RoyK cuz it doesn't monitor ongoing changes.
<zul> jamespage:  possibly 1.13.2
<zul> jamespage:  uh scratch that
<arcsky> i have installed ubuntu server with just openssh as service, how can i get more info regarding: tcp 0 0 localhost:6010 *:* LISTEN
<Pici> arcsky: sudo netstat -tanp    should show what process is listening
<mardraum> arcsky: google "ssh port 6010"
<mardraum> arcsky: TLDR - client specified X11 forwarding.
<arcsky> mardraum: i havent enable any x11 forwarding
<arcsky> ist a sshd setting?
<RandLAT> how do I get syslog to show both the start and end of a cron job? the start line shows "CMD", and I believe a log line showing the end of a cron job would show "END". Thanks in advance.
<jcastro> does anyone know where the ppc64el ISOs are?
<jcastro> http://releases.ubuntu.com/14.04/
<jcastro> I could have sworn we had them there before
<jcastro> aha! http://cdimage.ubuntu.com/releases/14.04/release/
<zul> hallyn_:  im not sure why 1.2.5 is failling want to take a look?
<hallyn_> zul: my laptop won't stop crashing.  i'll take a look this afternoon after the irc meeting
<zul> hallyn_:  k thanks
<hallyn_> zul: where is it?
<zul> hallyn_:  hold on
<hallyn_> (meanwhile i'm going to set up another laptop with trusty;  not sure whether it's utopic or hardware problem here)
<zul> hallyn_:  https://launchpad.net/~zulcss/+archive/libvirt-testing
<zul> hallyn_:  its always a hardware problem for you ;)
<hallyn_> zul: all of the failures are due to firewall tests
<zul> hallyn_:  uhh..
<sudormrf> hey guys.  I seem to have sorted the DHCP issue I was having yesterday, but now I seem to be having an issue with BIND.  I am using a view statement and it says that all zones must be in views.  as I see it, all of them have been entered, but it is still throwing this error.  I am flummoxed.  Suggestions?
<hallyn_> zul: I assume commit 3ba789ccd59d1c9088f525e2353841e339add90d was the start of your troubles.
<zul> hallyn_:  probably
<smoser> rbasak, did you help with awscli ? or do you have any idea on it ?
<smoser> seems compltely DOA https://bugs.launchpad.net/ubuntu/+source/awscli/+bug/1326039
<uvirtbot> Launchpad bug 1326039 in awscli "awscli stack traces when run" [Undecided,New]
<sudormrf> TJ-, you around? :D
<lordievader> Good evening
<sudormrf> anyone around that can help me out with bind9?
<pmatulis> !ask | sudormrf
<ubottu> sudormrf: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<sudormrf> pmatulis, I did ask.  no one responded
<sudormrf> hey guys.  I seem to have sorted the DHCP issue I was having yesterday, but now I seem to be having an issue with BIND.  I am using a view statement and it says that all zones must be in views.  as I see it, all of them have been entered, but it is still throwing this error.  I am flummoxed.  Suggestions?
<pmatulis> ok
<pmatulis> sudormrf: pastebin the error as well as your config
<sudormrf> hold please
<rbasak> smoser: no, I didn't in the end. I should've filed an ITP first. Someone else beat me to it, so I left it.
<smoser> rbasak, yeah, i always get really upset when other people do work for me.
<rbasak> :)
<VonUber> it is my understanding that ubuntu makes and ntpdate call as it boots to set the time from ntp.ubuntu.com, I would like to change that ntp server to me an internal one, does anyone know where that can be set? Is it just /etc/ntp.conf? Thanks
<bekks> VonUber: It is just there.
<VonUber> bekks, cool
<sudormrf> pmatulis, almost done.  having to do some things
<sudormrf> pmatulis, error and conf can be found here http://paste.ubuntu.com/7581708/
<phunyguy> sudormrf, the error is not in that file
<phunyguy> sudormrf, the error is probably in another file that is included, which contains the default zones
<phunyguy> named.conf.default-zones
<sudormrf> phunyguy, ok, let me PB the default-zones file
<phunyguy> PB?
<sudormrf> pastebin :D
<phunyguy> well, that file contains zones...
<phunyguy> and you probably don't need it
<sudormrf> hmm.
<phunyguy> so comment out the include statement for it in /etc/named.conf
<phunyguy> err /etc/bind/named.conf
<sudormrf> that is a good point.
<sudormrf> hadn't tried that yet
<sudormrf> I did try copying and pasting stuff from that file into the named.conf.local
<sudormrf> and vice versa
<sudormrf> neither worked.
<sudormrf> let me comment it out, see how that goes
<phunyguy> but if you end up needing them, just put the contents into the view statement for internal
<sudormrf> any reason why I would need them?
<phunyguy> they just contain the stuff for localhost
<phunyguy> probably the bare minimum for a working install
<sudormrf> phunyguy, commenting it out did the trick
<sudormrf> it started
<sudormrf> wee
<phunyguy> sudormrf, :) glad it worked
<sudormrf> phunyguy, getting a different error now
<sudormrf> lol
<sudormrf> ahh...fun
<sudormrf> this looks to be a permissions issue
<sudormrf> hmm
<phunyguy> the permissions with bind are indeed funny
<phunyguy> bind needs rwx on the dir containing the zone files, and write access to the zone files themselves
<phunyguy> and if you put the zone files in a non standard dir, you need to let apparmor know about it.
<sudormrf> fixed
<sudormrf> YAY :D
<sudormrf> yeah I just did chmod g+r on the files in the zones directory
<sudormrf> now it is working as it should
<sudormrf> well, so it would appear.
<phunyguy> yes but try to update a zone with nsupdate
<phunyguy> make sure that works too
<phunyguy> it needs to be able to create the .jnl files...
<phunyguy> and if the changes don't show up right away in the zone file, you can use the rndc command to force the process to dump the cache to the zone file
<smoser> stgraber, around ?
<smoser> rcj proposed https://code.launchpad.net/~rcj/ubuntu/precise/libdumbnet/sru/+merge/221919
<stgraber> smoser: yep, I asking him to do that.
<smoser> and 'debuild -S' doesn't liekt he maintainer.  should we change that ?
<rcj> stgraber, smoser: I get a warning (not an error like smoser) but it looks like this for me... http://paste.ubuntu.com/7582080/
<smoser> must have changed from warning to error in utopic
<stgraber> ah sure, run update-maintainer
<smoser> ah. i didn't know of update-maintainer. nice.
<smoser> i just manuall did that.
<stgraber> nah, it's just that it didn't have an ubuntu version number before, now that it does, lintian complains if the right maintainer isn't already set
<stgraber> yeah, it's handy because it does the orig-maintainer stuff for you too and I'm bad at remembering the exact name of that option :)
<smoser> yeah
<smoser> so i'm gonna upload that as it is  unless you want to stgraber (as it is with the update-maintainer ran)
<smoser> and s/precise/precise-proposed/ debian/changelog
<smoser> http://paste.ubuntu.com/7582104/
<stgraber> smoser: uploading to precise would work too, LP rewrites them to precise-proposed anyway. Feel free to upload that yourself, that way I won't have to feel bad about reviewing my own upload once it hits the queue (which is why I recommended rcj contacts you for this) :)
<smoser> i like the -proposed
<stgraber> yeah, I still set it myself all the time but I know some people stopped doing that so that it can be uploaded to a PPA without change
<ekaj> Has anyone had problems setting static addresses in ubuntu 14.04? I can't get the address to take after doing "ifconfig eth0 down && ifconfig eth0 up" or "/etc/init.d/networking restart"
<smoser> i just like explicitly seeing the change from this-version-in-precise to this-version-was-an-update
<smoser> but that is lost too as some people upload to utopic-proposed now.
<smoser> ekaj, if you manually 'ifconfig' then that doesn't really have much to do with /etc/init.d/networking (don't know what i would expect out of that).
<rcj> smoser, thank you for the review
<sudormrf> phunyguy, will try
<ekaj> smoser: I set it in /etc/network/interfaces
<smoser> then 'ifup' and 'ifdown'. not 'ifconfig'
<smoser> and yes, if you do: ifup DEVICE; # change /etc/network/interfaces; ifdown DEVICE, it doesn't like it.
<ekaj> smoser: :ifup and ifdown don'
<ekaj> don't work, I've had trouble with the interface. It's actually called p4p1 and I had to add it manually, I just said eth0 so more questions wouldn't be raised
<ekaj> it'll say "interface p4p1 not configured"
<ekaj> but it works in setting an address through dhcp when I add it to the /interfaces file and do ifconfig down & up
<smoser> i'm sorry, i dont really understand. basically 'ifconfig' has nothing to do with 'ifup' or /etc/network/interfaces.  and the two robably wont' play nicely together.
<smoser> but i'm not sure as to exactly how they play together.
<ekaj> I see, I tried to set it through ifconfig, lemme see if it works
<ekaj> It works, but I lose the config and the interface after rebooting. I can't get p4p1 to stay
<ekaj> man this is turning out to be a pain. Would help if I knew a little more =p
<sudormrf> phunyguy, well spoke too soon.  rebooted both the server and client and now the client isn't receiving anything
<sudormrf> boo
<sudormrf> no errors on the server
<sudormrf> lol these sort of things drive me bonkers
<sudormrf> intermittent issues
<ekaj> any idea smoser?
<smoser> well, you can do stuff entirely manually with 'ifconfig' (or 'ip') and 'route' or you can do it via /etc/network/interfaces and 'ifup'  and 'ifdown' . it wouldnt surprise me if your '/etc/init.d/network restart' was not being nice to your ifconfig'd interfaces.
<smoser> and i'd suggest /etc/network/interfaces
<sudormrf> I made no changes beyond what I have outlined.  any suggestions guys?
<sudormrf> client is not getting name server or search domain info
<sudormrf> it got it
<sudormrf> I restarted
<sudormrf> and it lost it
<ekaj> ./etc/network/interfaces was my first way, but I can't get the address to stay that way. It did work, however, with the "ifconfig <address>..." but no internet
<ekaj> and it keeps forgetting my damn interface after reboots so I have to do "ifconfig p4p1 up"
<sudormrf> going to tweak the settings in a bit.  see what happens.
<ekaj> smoser: That helped me, thanks
<roaksoax> smoser: join #maas please
<roaksoax> smoser: 15:50 < designated> blake_r, I'm getting an OAUTH error during commissioning with a difference of 6 hours.  during commisioning, the node is using UTC for some reason,  but my maas server is set to local time.  I resolved the issue in the preseed by setting an NTP server but commissioning is failing now.  Any idea  how to resolve this?
<hallyn_> ahs3: .
<ahs3> hallyn_: d'oh.  right.  not yet :(.  getting the house fixed from hail damage instead...
<hallyn_> d'oh
<hallyn_> ahs3: hope yo'uve got insurance for that.
<hallyn_> ahs3: would you like me to contact someone else, or are you ok getting to this when you can?
<ahs3> hallyn_: i'm fine getting to it when i can
<hallyn_> ahs3: ok, thanks.  good luck!
<ahs3> hallyn_: thx.  nothing horribly broken, just the Pure Joy of working with insurance companies :)
<sudormrf> well so far it looks like the tweak I made fixed it
<hallyn_> zul: so 3 of the failures are solved by doign apt-get install ebtables
<hallyn> zul: I was wrong, installing ebtables fixes all the failures
<hallyn> zul: it's in main, so i think a new dep is fine
<hallyn> new build-dep that is
<zul> hallyn:  ok ill add it
<sudormrf> is there a way to increase the timeout time for resolving a source when doing an update via apt-get update?
<tgm4883> Anyone used an analog VGA+KM to USB adapter and/or know of any software that works for it in linux? I have a couple of these, but apparently the software only works on old kernels from 12.04   http://www.startech.com/Server-Management/KVM-Switches/Portable-USB-PS-2-KVM-Console-Adapter-for-Notebook-PCs~NOTECONS01
<tgm4883> Also, I'm not a fan of whoever decided to name virtualization software KVM
<xeno_> Okay, so I went foolishly forward and destroyed my site, apparently, by doing this: http://askubuntu.com/questions/261858/the-phpmyadmin-configuration-storage-is-not-completely-configured
<xeno_> It's just a local vm, but still...
<xeno_> Funny, it works fine on my Debian server vm.
<RandLAT> How do I get (r)syslog to show both the start and end of a cron job? (Ubuntu 12.04.4 LTS, thanks in advance.)
<Joe_DM2> RandLAT Not sure if there is an official way, Could you maybe just create a customer log entry with logger and just feed it the current time?
<RandLAT> Joe_DM2: It's specially frustrating because I had it working before (see this log entry from last week: https://gist.github.com/anonymous/f931c8ac9d6a5f05546c) The syslog line where the script start is marked with CMD, while END denotes when it ends and frankly was the more interesting entry since it helps me show how long the script took.
<RandLAT> Joe_DM2: This is either an option from (r)syslog or crontab, but after hours of searching online I haven't been able to recreate it
<RandLAT> It's definitely not from my scripts
<RandLAT> Found it! sudo cron -L 3
<sarnold> nice
<sarnold> searching for CRON_LOG_JOBEND isn't very useful :) hehe
<RandLAT> Only if I knew what to look for in the first place, in which case I wouldn't have lost half a day on this <hides>
<bannaapie> top says my load is between 25-30, but none of the processes are using more than about 10% CPU. How do I find which process is causing trouble ?
<sarnold> bannaapie: load average is a tricky thing; as a single snapshot reading it may not be as useful as the name implies
<sarnold> bannaapie: are you experiencing actual difficulties on this machine?
<bannaapie> ok, I am running top -bi -d1 -n7000 > /tmp/load right now.
<bannaapie> hopefully during the next spike, I'll see what happens
<sarnold> oh that's cool, thanks :)
<sudormrf> well...I spoke too soon.  this thing is really slippery
<sudormrf> make a change, things appear to work, restart server, things break
<sudormrf> :S
<sudormrf> I am out of my league here
<sudormrf> considering just letting the router handle the DHCP and DNS and having the server do ddns
<bannaapie> now that I am running top, the load is staying low
<bannaapie> arg
<sarnold> figures :)
<bannaapie> murphey's law right ?
<sarnold> .. or an easy way to make the problem go away :) also good, asking a co-worker to take a look. 99% gauaranteed to make the problem go away.
<bannaapie> trouble is, my coworker doesn't know shut about linux
<bannaapie> no matter how much I've tried to teach him
<bannaapie> shit*
#ubuntu-server 2014-06-04
<bannaapie> but at least he keeps the windows users away from my office
<sudormrf> hey guys!  anyone around to help out with a BIND and/or DHCP setup?  I have been working on it quite a bit and things don't seem to be working quite right.
<Armadillos> sudormrf: What's the issue?
<sudormrf> Armadillos, thanks.
<sudormrf> I am working on setting up a new server at home.  I am starting off by setting things up in VMs to test things out before pulling the trigger.  Most of the other things should go fine, but I seem to be having issues with dhcp/bind (not sure which is causing the problem).  I have a server and client VM setup, both using host only for their network.  The server is providing ip addresses to the client via DHCP and the client is getting and u
<sudormrf> sing that address, however the info in the resolv.conf for the client is not populating correctly.  It is not receiving the nameserver or search domain from the server.  Looking in syslog I am seeing an error that says "forwardmap from servertest.mydomain.local to 172.16.30.128 FAILED:  Has an address record but no DHCID, not mine."  sort of flummoxed at this point
<Armadillos> Hmm...
<sudormrf> Armadillos, the strange thing is the client has occassionally gotten the correct info.
<sudormrf> then I shut the server down and shut the client down
<sudormrf> start the server back up
<sudormrf> then the client
<sudormrf> and it stops getting the right info
<Armadillos> O.o
<sudormrf> yeah.  it's strange
<Armadillos> Can you paste your dhcp config file so I can take a look?
<sudormrf> Armadillos, sure.  give me a sec.  the vm doesn't let me copy and paste to and from it to the host, so it will take a sec.
<Armadillos> NP.  Make sure you use a paste website, and not drop it all into IRC. :)
<sudormrf> heh.  of course :D.  sec.
<sudormrf> Armadillos, can you think of any other configs you may want to look at while I am at it?
<Armadillos> Let's go off of that right now.
<sudormrf> ok  I grabbed everything else for now.  I will PB them all and just save the links :D
<Armadillos> K
<sudormrf> just saw a different error in the syslog on the server: unable to add forward map from servertest.mydomain.local to 172.16.30.128: SERVFAIL
<sudormrf> here is the dhcpd.conf http://paste.ubuntu.com/7584708/
<Armadillos> On your client VM, is it running like a server (no GUI), or do you have a full GUI in place?
<sudormrf> the client is ubuntu desktop :)
<Armadillos> Are the network settings being controlled by Network Manager?
<sudormrf> they are indeed
<sudormrf> no changes have been made to NM
<Armadillos> Because network manager will set resolv.conf to 127.0.0.1 normally, and it will use a DNS Masq to use a "local" DNS server
<sudormrf> well, one.  I commented out the dnsmasq line so I could verify if it was receiving the nameserver
<Armadillos> Your /etc/resolv.conf, is it pointing to 127.0.0.1?
<Armadillos> Ahh,, Okay.
<sudormrf> commented that out :D
<sudormrf> yeah
<Armadillos> What is in your /etc/resolv.conf file?
<sudormrf> now?
<Armadillos> When the machine boots up and gets it's DHCP address.
<sudormrf> ah.  in that case nameserver 172.16.30.1, search localdomain.  what I am expecting to see (and have seen a couple times) is nameserver 172.16.30.128, search mydomain.local
<Armadillos> And you have bind running on that IP?
<sudormrf> on 128? yes
<sudormrf> just checked the status and it says it is running
 * Armadillos scratches head
<sudormrf> yeah it is a head scratcher :S
<Armadillos> I wonder if it's because you have the same IP address listed twice in the "option Domain-name-servers" area.  Have you tried it with just one?
<axisys> what's equivalent to this command to check only the installed pkgs
<axisys> apt-cache rdepends libgnutls26 | grep -v lib
<Armadillos> axisys: The #ubuntu channel would probably be able to answer that better, as more active people are there.
<sudormrf> Armadillos, I have tried it with just one.  didn't resolve the problem :(
<sudormrf> I can try it again if you think it would help
<Armadillos> Try it and see... I think you're right on this, but it's a "hunch" at this point...
<sudormrf> ok
<sudormrf> just did a TCPdump (haven't commented it out yet)
<sudormrf> perhaps this will be helpful?
<Armadillos> It's possible.
<sudormrf> http://paste.ubuntu.com/7584864/
<sudormrf> there it is
<Armadillos> Hmm...
<Armadillos> I'm baffled at this one...
<sudormrf> Armadillos, interesting.  so I tried this: http://pastebin.com/GdEsyECZ and the client picked things up just fine
<sudormrf> uncommented out those lines and it broke again
<sudormrf> probably something with the ddns updates
<Armadillos> Possibly.
<sudormrf> trying something else now.
<sudormrf> :D
<sudormrf> just did this: http://pastebin.com/EbCvHJgN
<sudormrf> and it worked again
<sudormrf> hmm
<sudormrf> maybe it's bootp
<sudormrf> looks like the booting and bootp lines may be the culprits
<Armadillos> Interesting.  Bootp isn't really used anymore
<sudormrf> annddddddddd that wasn't it
<sudormrf> something is really strange here
<sudormrf> I have to go.  be back later
<explodes> I have a server blade with an /etc/network/interfaces configured for eth0 to have a static ip address, but it was meant for a different network, and now i need to "undo" that.  If I have "auto eth0" and "iface eth0 inet dhcp" shouldn't it be back to a normal configuration?
<explodes> eth0 has no ip after a reboot, so its clearly messing up some where.
<explodes> never seen NO ip address what-so-ever show up in ifconfig..
<PryMar56> 70 persistent network rules
<PryMar56> udev
<explodes> I plugged the ethernet wire into the wrong port.
<PryMar56> that should job memories
<explodes> Wow
<arcsky> how do i disable this services ? tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      2202/1
<jpds> arcsky: Find out which PID it belongs to.
<arcsky> yeahpla: its 2202 aas u can see there
<arcsky> but i want it permant close it
<jpds> arcsky: Right, so you have to do: ps aux | grep 2202
<arcsky> jpds: sure
<arcsky> arcsky      2202  0.0  0.0 105632  2084 ?        S    09:18   0:00 sshd: arcsky@pts/1
<xperia> Hi All. I just installed MAAS on my ubuntu Server. I want to use Maas with several Diskless Server Nodes to increase my Proccessing Power. My question is how can i turn On the Diskless Server over PXE with MAAS?
<jpds> xperia: IPMI?
<xperia> jpds: thanks a lot for the answer. will look into it.
<Pupeno> Any ideas why chmod would not find a sub-directory when running recursively? http://serverfault.com/questions/601709/why-would-chmod-give-no-such-file-or-directory-when-running-recursively
<cloudman> Hi, can I do away with php 5.5 and use an earlier version without too much hassle
<cloudman> WHMCS are not up to speed
<cloudman> 14.04
<rbasak> jamespage: bug 1068756 just appeared in our triage list. I think all the arguments are exhaustively discussed in the bug. How do you feel about a UOS session to just make a decision?
<uvirtbot> Launchpad bug 1068756 in procps "IPv6 Privacy Extensions enabled on Ubuntu Server by default" [Undecided,Confirmed] https://launchpad.net/bugs/1068756
<Teduardo> is there an ubuntu specific openstack channel?
<rbasak> Teduardo: I don't think so. This is the best channel for Ubuntu Server + Openstack discussion.
<Teduardo> ah, okay. I had a very strange issue with LVM yesterday brought on by cinder doing multiple lvcreates and it turns out it's related to the custom udev rules that ubuntu uses.
<Teduardo> is there any way to avoid that sort of thing?
<cfhowlett> !stackk|Teduardo
<cfhowlett> !stack|Teduardo
<cfhowlett> !openstack|Teduardo
<Teduardo> uhh, sure
<cfhowlett> Teduardo sorry, I tried.
<Teduardo> cfhowlett: what did you try?
<cfhowlett> Teduardo looked for the openstack channel.  not found.  sorry
<Teduardo> ohhhh
<Teduardo> okay, yeah i guess it's not really an openstack issue i think it's more about lvm and udev in ubuntu
<shredding> how can i remove everything from the screen in terminal?
<Cyberspirit> clear
<Cyberspirit> or cls
<xperia> Hi. What for Software/Solution can be used on a Ubuntu Server to melt the CPU's of several Disk less Computer with one Ubuntu Server Computer.
<xperia> Ideal would be if the CPU System Information would then show 1 Processor with X available Cores as one Computer instead  X Processors with 1 Core on X Different Computers.
<shredding> Cyberspirit: I mean that itâs no longer scrollable
<shredding> And more important: Searchable.
<Cyberspirit> you would want to look at your logs and clear the logs for bash
<Cyberspirit> http://askubuntu.com/questions/191999/how-to-clear-bash-history-completely
<shredding> I donât mean searchable with ctrl-r
<shredding> My terminal has endless scrolling.
<Cyberspirit> might want to ask someone else here
<Cyberspirit> i'm curious myself :)
<shredding> Okay.
<shredding> The problem occured when i wanted to recursively grep all log files.
<shredding> Maybe you know a solution for that:
<shredding> I have different folders (nginx, app etc.)
<shredding> They have various files and older files are gzipped.
<shredding> I want to cat all files recursively excluding gz.
<shredding> to grep for a specific word.
<rberg_> shredding: how about something like "find /var/log ! -iname "*.gz" | xargs grep 'some term'"
<shredding> I ended up with find . ! -name '*.gz' -exec grep 'preview' {} \+
<shredding> Whatâs the difference between iname and name?
<shredding> I google it.
<rberg_> may I suggest man :)
<yossarianuk> hi - does mdraid support discard (for SSD RAID) in ubuntu 12.04?
<yossarianuk>  I can use fstrim with md raid'd ssd  - just want to know if discard works with mdraid?
<TJ-> shredding: If you pass the results of 'find' as arguments to grep, grep will report the filename too, as in "grep 'preview' $(find ......)"
<TJ-> shredding: specifically "grep 'preview' $(find /var/log/ ! -iname '*.gz')"
<shredding> TJ-: Thatâs awesome
<shredding> because, then i can pipe the outcoume to another grep.
<rberg_> yossarianuk: trim support was added to md in linux 3.7
<yossarianuk> rberg_: thanks - I know trim is added
<yossarianuk> i.e I can use fstrim on a cron job.
<yossarianuk> just wondering is 'discard' should work - i.e auto trimming...
<yossarianuk> or if I still need to setup a cron job.
<tych0> hi smoser, is there any reason filters for the simplestreams glance mirror aren't configurable?
<smoser> i suspect bcause it was written before there were filters
<smoser> so no.
<smoser> and patches most definitely welcome.
<tych0> ok, sounds good
<nashant> Hey. I've just installed server 14.04 and it gets part way through booting and then the console hangs (init: plymouth-upstart-bridge main process ended, respawning). But SSH still works. I've tried adding noplymouth to grub defaults but no joy. Any ideas?
<Teduardo> hmm, running this command: add-apt-repository cloud-archive:icehouse gives me: Error: 'cloud-archive:icehouse' invalid is there any way around that?
<tych0> smoser: so there is some question about how exactly this should work
<tych0> do you want to integrate GlanceMirror with ObjectStoreMirror (i.e. require an object store) so that you get all the reference countign stuff and such?
<tych0> or should i just implement the filters in GlanceMirror and leave it to be its own beast
<smoser> i think probably just do filters
<tych0> ok
<nashant> Hey guys. I don't suppose anyone has got xbmc working on 14.04 server have they?
<fridaynext> what's the command to get in my email inbox using mutt? the accounts are all in /home/vmail/domain/user/Maildir
<fridaynext> i've read man mutt and i can't figure it out
<smss1995> Hi everybody,
<smss1995> I couldn't ssh localhost in the server ...
<smss1995> Can anybody help me?
<smss1995> Note that, I get "leaking memory" at changing root password ...
<smoser> hey. random query...
<smoser> mynetwork has been a bit less than reliable lately.
<smoser> i want to run something that logs the status of my connection, ideally only showing state changes. but basically showing if a.) i can ping a host or series of hosts b.) i can hit a web site.
<smoser> i can write something, but i'd rather not if i dont have to.
<smoser> anything available that i can run ?
<Monotoko> I can't seem to figure out how to get bind on my 14.04 server, I've tried to the usual "apt-get install bind9" but it's saying there's no installation candidate
<Monotoko> even the installation guide suggests what I've already done: https://help.ubuntu.com/14.04/serverguide/dns-installation.html
<Monotoko> here's what I have in my sources.list: http://pastebin.com/x0J0KZ5t and here's what I get when I try to install it: http://pastebin.com/vbKkvFQW
<sarnold> Monotoko: have you run an 'apt-get update' with that apt sources.list yet?
 * Monotoko facepalms
<Monotoko> thank you sarnold
<Monotoko> I've been working with CentOS for too long
<sarnold> hehehe :)
<sudormrf> Armadillos, you around?
<sudormrf> Armadillos, interesting turn of eventsw
<shinobi_one> anyone know if it's possible to use nfs4 without exporting /export with fsid=0, like i just want a subdir in /export/subdir exported to a specific host
<bekks> shinobi_one: So export /export/subdir witg fsid=0 or use NFSv3.
<shinobi_one> bekks: let's say i have /export/subdir1 and /export/subdir2, both i want to go to unique separate servers, should i set fsid=0 on both of those? or will that simply not work
<bekks> shinobi_one: That wont work, afaik.
<shinobi_one> i don't want to use nfsv3 because nfsv4 is more reliable, and this is stuff that will be mounted basically 24/7 and be used for backups and such
<bekks> nfsv4 more reliable? In which manner?
<shinobi_one> state
<bekks> ?
<shinobi_one> i'm not looking to get stale nfs every week
<bekks> You can get stale nfs locks with nfsv4 too.
<shinobi_one> it's less common though
<shinobi_one> as far as i've read
<bekks> Mount the share, and just poweroff, not shutdown the exporting server, and you will have your lock. :)
<shinobi_one> i mean, i suppose it may be possible to export the /export root to both of the 2 servers separately right?
<shinobi_one> i'll try that
<bekks> It depends on the share and mount options, not on th v3 / v4.
<polo_25> I, can someone help me?, I need to print in raw mode in an EPSON FX2190, trying with "lp -d EPSON_PRINTER -o raw Archivo.prt" I can print, but I don't now how to onfigure the printer to print in raw mode automatically so I can Print the files generated from my DOS emulated app in DOSBox from ane text editor like Geany or gedit.
<shinobi_one> btw bekks: it totally works to export the /export root dir to 2 servers specifically, then add the exports for the subdirs uniquely as well
<nashant> suddenly having issues. Getting 'plymouth-upstart-bridge main process ended, respawning' and then the screen blinks about every 20 seconds
<nashant> but goes no further in the boot process
<nashant> correction
<nashant> boot just takes ages
<sarnold> heh
<Phibs> anyone know why when I run debmirror, it isn't picking up the installer ?
<Phibs> heh is right ;)
<nashant> ignore me. I'd ballsed up my network bridges
<sarnold> Phibs: crazy; my timestamps show you joining 29 seconds after I said 'heh'.
<Phibs> you muts be a bit lagged :)
<sarnold> Phibs: I was thinking much the same about you :)
<shinobi_one> with nfsv4 are you supposed to be able to mount the root dir say /export and see all of the subdirs?
#ubuntu-server 2014-06-05
<caribou> hallyn: did someone report issues with dnsmasq spinning up at 100% CPU on Trusty ?
<caribou> hallyn: the dsnmasq processes started by libvirt-bin btw
<bobharry> Can someone help me with this issue with mysql not installing correctly http://paste.ubuntu.com/7594137/
<bobharry> Can someone help me with this issue with mysql not installing correctly http://paste.ubuntu.com/7594137/
<bobharry> Can someone help me with this issue with mysql not installing correctly http://paste.ubuntu.com/7594137/
<bobharry> Can someone help me with this issue with mysql not installing correctly http://paste.ubuntu.com/7594137/
<cfhowlett> bobharry ask the ##liinux channel
<bobharry> Urgh everyone keeps directing me xD
<zetheroo> for a while now we have been looking to replace out Windows 2003 server with something open source, and we were looking at Zentyal lately, but are now looking to other options - so I am wondering if Ubuntu Server is able to do what Zentyal does - we are looking primarily for replacement of AD
<f0x_> Dear all, i have a question about Ubuntu MAAS this is the right section ?
<rbasak> f0x_: #maas is probably best, but here would also be fine. The MAAS devs follow #maas more closely though.
<rbasak> zetheroo: Zentyal is based on Ubuntu AFAIK. We have Zentyal packages that the Zentyal guys pushed a couple of cycles ago. I'm not sure of current status, so probably best to check with them.
<zetheroo> rbasak: right, but without Zentyal packages can Ubuntu Server do the same things more or less?
<rbasak> zetheroo: as far as I'm aware, yes. The point of Zentyal is to make it easy. That's AFAIK - I have no direct experience.
<zetheroo> rbasak: ok
<rbasak> It's rare to see AD/Samba questions on this channel though.
<rbasak> You're welcome here if you're using Ubuntu Server to do it of course, but you may have issues getting help without clubbing together with the guys working on the stuff all the time.
<zetheroo> does that mean nobody is really doing this?
<rbasak> I used to do this kind of thing for a living. With samba. I wasn't on IRC much at that time though.
<rbasak> So there probably are, but I don't know of a good rallying point.
<zetheroo> I see
<rbasak> zetheroo: https://wiki.ubuntu.com/Enterprise might be of help.
<rbasak> I see recent and relevant-looking threads on https://lists.launchpad.net/enterprise-ubuntu/
<rbasak> So https://launchpad.net/~enterprise-ubuntu
<f0x_> Thanks for replay, my question is verry simple, at my work i have serveral PCS's, and my objective is to use all these PCS's to process some data at night, and i need a MAAS server that boot all machines on a LIVE Ubuntu, it is possible ?
<rbasak> That's not what MAAS is really meant for. You might be able to hack it, but it might be easier to just do it by hand - it's quite far off the main MAAS use case.
<f0x_> Ok, mass is designed to install OS's no ?
<cfhowlett> rbasak I am NOT a sysadmin and have no experience but wouldnt the LTSP method that edubuntu be the right solution in his case?
<rbasak> f0x_: it's designed to give you a cloud-like API with OS installation happening in the background as needed. So MAAS owns your workstation's hard drives. OTOH you can hack it, eg. in commissioning mode it runs on an ephemeral image without touching the disk.
<rbasak> f0x_: however, you're departing from the use case, so you'll need to be able to grok the code and hack it yourself really. If you aren't comfortable doing that directly yourself I'd avoid it.
<rbasak> cfhowlett: I'm unfamiliar with that, but that sounds like a good avenue to investigate. LTSP-style seems like a better fit to me if the goal is to not take over the machine's disk.
<cfhowlett> !ltsp
<ubottu> LTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project
<f0x_> Thanks for the quick answers, so its better for me to manualy create a PXE infrastructure than hacking MAAS ?
<rbasak> f0x_: I'd say it's an either way thing, but to hack MAAS you'll need to understand PXE *and* what MAAS already tries to do for you.
<rbasak> I'm not sure you'll get much benefit from it.
<f0x_> The problem is that we need an infrastructure as i describbed, and don't know what is the faster and easyest way to do that
<f0x_> DO you have a suggestion for me ?
<rbasak> f0x_: maybe LTSP is your best bet. Failing that I think you'll either need to do a ton of research and experimentation or bring someone in.
<jrwren> f0x_: imo manually craeteing a PXE is not much more difficult than either of those 2 things.
<rbasak> I could do it too myself, no problem. I just wonder how hard it is for someone unfamiliar with all the pieces
<rbasak> I can imagine myself spending a week figuring it out if I didn't know about it already
<ndee_> hey guys, how do you get around long fsck times when you reboot a server which uses ext3 as a file-system?
<rbasak> ndee_: are you sure you're using ext3? It's the same as ext2 but with a journal, and one of the benefits is that you get fast recovery. So are you sure you have a journal?
<jrwren> ndee_: we use XFS instead. sorry, that isn't a good answer :(
<rbasak> ndee_: Oh, or are you talking about scheduled checks? You can tune the frequency of those with tune2fs.
<ndee_> jup, in the /etc/fstab, the "type" is ext3.
<ndee_> rbasak I rebooted a production server and it told me after 377 days, there should be a fsck and it took longer than 30 minutes, so I had to cancel it since it was a production server
<rbasak> ndee_: right, OK. Yeah, use tune2fs to adjust that.
<rbasak> Or turn it entirely off if you want.
<rbasak> You can also use tune2fs to detect if there will be a check on next reboot.
<rbasak> Create a monitoring check for that status, schedule downtime, etc :)
<ndee_> rbasak: guess that's the way to go ;)
<tych0> hi rbasak, did you see https://code.launchpad.net/~tycho-s/uvtool/no-start/+merge/222049 ?
<rbasak> tych0: yes. Sorry I've not looked at it yet. Sounds absolutely fine to me.
 * rbasak needs to find some time to work on all the outstanding uvtool stuff :-/
<rbasak> There's a progress bar MP as well
<tych0> rbasak: ok, no worries
<tych0> just wanted to make sure you saw it
<tych0> and it didn't get buried in some set of launchpad emails :-)
<tomdickharry> hey folks I purged maria db 10 and added maria 5.5 to apt list
<tomdickharry> now when I run apt-get install I get  Errors were encountered while processing:  /var/cache/apt/archives/mariadb-server-5.5_5.5.37+maria-1~trusty_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)
<tomdickharry> any ideas how to fix it?
<rbasak> tomdickharry: try clearing out /var/lib/mysql. There's no migration path for the actual database I don't think.
<EzeQL> Anyone working with sublimetext3 and ubuntu 14.04?
<kotedo`> Hi guys!  I am trying to figure out how I can see the compiler flags for openssl
<rbasak> kotedo`: https://launchpad.net/~ubuntu-security/+archive/ppa/+build/6062683 and click on buildlog
<rbasak> kotedo`: you can get there from https://launchpad.net/ubuntu/+source/openssl if you click through the version and architecture
<kotedo> rbasak: Fantastic!  Thank you so much!
<tomdickharry>  rbasak u mean delete /var/lib/mysql ?
<kotedo> rbasak: Maybe I am not seeing it ... Where do I see the compilerflags per OpenSSL build?
<rbasak> kotedo: well, you can see each compiler call line, with flags included
<tomdickharry> in makefile?
<rbasak> That's everything it was actually built with, as opposed to what any build component tried to do.
<hallyn> caribou: hi, it rings a bell, but offhand i' not sure.  actually i think there are bugs about *any* dnsmasq taking 100% cpu
<caribou> hallyn: that was my suspicion. I'm getting this rather often these days; I'll try to look into it
<tomdickharry> rbasak: working
<tomdickharry> cheers
<hallyn> caribou: i gues i was thinking bug 1314697
<uvirtbot> Launchpad bug 1314697 in dnsmasq "DNS resolution no longer works; dnsmasq uses 100% CPU" [Undecided,Fix released] https://launchpad.net/bugs/1314697
<hallyn> except that was on utopic only
<hallyn> so best to file a new bug :)
<caribou> hallyn: I started to get this soon after trusty release
<hallyn> hm, i've been running utopic until yesterday afternoon (downgraded to trusty temporarily bc utopic was unusably unstable)
<caribou> hallyn: ok will look into this; I'm hitting this almost daily
<hallyn> zul: yo
<zul> hallyn:  whats up
<hallyn> zul: ppl need bug 1321365 fixed.  if you're not ready with the 1.2.5 for me to test (last i checked it was ftbfs) i will go ahead and push a fix on the current version
<uvirtbot> Launchpad bug 1321365 in libvirt "virsh (ppc) fails with "missing /proc/device-tree/cpu "" [High,Confirmed] https://launchpad.net/bugs/1321365
<hallyn> (see the dup)
<hallyn> it's a 2 line change, no biggie, i don't mind doing it on the old version,
<zul> hallyn:  lemme do one more build and upload to the ppa,
<zul> hallyn:  sorry i got sidetracked
<hallyn> ok, and you ahve the fix for 1321365 in there?
<dw1> http://www.openssl.org/news/secadv_20140605.txt
<hallyn> i'll prep my tester
<hallyn> dw1: yeah seeing that posted in every irc channel just about :)
<dw1> hallyn: ahh good :)
<hallyn> dw1: presumably #ubuntu-hardened is all over it
<dw1> cool a security team :)
<hallyn> a security blanket
<dw1> haha
 * dw1 goes back to sleep
<zul> hallyn:  just added it
<hallyn> thx
<jdstrand> dw1: http://www.ubuntu.com/usn/usn-2232-1/
<dw1> ah-mazin' great work
<zul> hallyn:  doing a testbuild first
<zul> hallyn:  still failing for me can you upload the apparmor fix to the one that is in the archive now?
<hallyn> zul: will do
<hallyn> zul: i'm surprised though.  it built for me locally the other day with ebtables installed
<hallyn> (pushed)
<RoyK> https://lists.debian.org/debian-security-announce/2014/msg00129.html how fun
<pmatulis> yep
<qman> Yeah, been patching servers all morning
<qman> No squeeze patch (yet?)
<RoyK> perhaps someone should hire a bunch of programmers to do a code review of openssl :P
<RoyK> or a rewrite :P
<RoyK> OpenSSL (...) is a catastrophe waiting to happen.  In fact, the only thing that prevents attackers from  exploiting problems more actively, is that the source code is fundamentally unreadable and  impenetrable. -- Poul-Henning Kamp, 2010
<pmatulis> RoyK: OpenBSD is re-writing
<RoyK> pmatulis: nice - got a link to that project?
<RoyK> (not openbsd)
<pmatulis> RoyK: not handy no
<qman> http://www.libressl.org/
<pmatulis> ah yeah, that's the one
<RoyK> google knows
<RoyK> http://beta.slashdot.org/story/200775
<RoyK>  At the moment we are too busy deleting and rewriting code to make a decent web page. No we don't want help making web pages, thank you.
<RoyK> lol
<willwhite> Anyone else seeing "Hash Sum mismatch" when running `apt-get update` on new instances booted from 14.04 instance-store AMI in us-east-1 (ami-3adb2f52) ?
<qman> Also, no 12.04 libssl0.9.8 patch
<qman> Only libssl1.0.0
<RoyK> The NSA Is Behind This (tm)
<RoyK> :)
<sarnold> heh, I bet the libressl guys are feeling pretty cocky about dropping dtls support..
<RoyK> erm. why?
<sarnold> RoyK: at least two of the CVEs in today's pile were DTLS-specific
<RoyK> ah
<mdeslaur> sarnold: when did they drop dtls support?
<axisys> lsof | grep tls shows every sshd process has /usr/lib/x86_64-linux-gnu/libgnutls.so.26.21.8 .. anyone else seeing it on 12.04 lts ?
<sarnold> mdeslaur: drat, the freshbsd site with the commits is down and I can't find what I was thinking of on opensslrampage.org. I must have been wrong but I'd love to know what I was thinking of.
<mdeslaur> sarnold: you were thinking of heartbeats
<mdeslaur> all the issues were present in the libressl code base when I checked this morning
<sarnold> mdeslaur: I thought it was something Big that someone would care about..
<axisys> any idea why sshd process maps has gnutls library in 12.04 tls ? did not find much in google
<sudormrf> hey guys, I am trying to understand repos a bit better.  I am working on testing something with a group of people.  one person synced a file to a repo, but the repo is not pingable or browseable so I think it won't work at all until he does something on his end...correct?
<sudormrf> stupid question, I suppose, but I am second guessing myself
<TheEmpath> hi.. having a really, really hard time setting up a local DNS server.  IS there anything that simplifies the process?
<sudormrf> TheEmpath, in short, nothing I have found does.
<sudormrf> I have been working on a bind9/dhcpd setup for a couple of weeks now (mostly in my down time).
<sudormrf> what is the problem you are having with bind?
<TheEmpath> im currently using bind9 right now
<TheEmpath> but only one machine on my LAN sees it
<sudormrf> so your other clients aren't getting the nameserver info?
<TheEmpath> meaning, the bind9 serever is setup to "map" someLocalName.net to an IP
<sudormrf> ok
<TheEmpath> and one machine on my server can type someLocalName.net and it sees it
<TheEmpath> but all other machines cannot
<sudormrf> this could be a DHCP issue and not a DNS issue
<sudormrf> have you setup isc-dhcp-server? or is DHCP being handled by something else?
<TheEmpath> ahhh
<TheEmpath> so i have a router that handles the DHCP
<sudormrf> TheEmpath, because I have been fighting with the exact same issues.
<sudormrf> ok, so in the router have you told the router to use your DNS server as the primary DNS server?
<TheEmpath> lol @ your name btw
<sudormrf> :)
<TheEmpath> correct
<TheEmpath> router knows to look at the bind9 server
<sudormrf> also, have you set the FQDN in the router?
<TheEmpath> i think i have
<TheEmpath> how do i confirm?
<sudormrf> what kind of router?
<TheEmpath> consumer
<sudormrf> lol I mean make/model :)
<TheEmpath> dunno why that matters :O
<sudormrf> TheEmpath, because you asked me how you check if you set the FQDN
<sudormrf> it will be in different places on every router
<TheEmpath> i know i wont be able to set such things on the router
<sudormrf> and/or your router may not support it
<TheEmpath> i have a dynamic dns pointing to my static IP however
<TheEmpath> and that works fine
<sudormrf> well as I understand it DHCP is what hands out the FQDN and the DNS server info to clients.  your clients are only querying the DNS server when looking up addresses (be they local or remote, you may have a forwarder setup).  the A records are created in BIND so that you can lookup something by hostname without fail, if I am not mistaken
<sudormrf> and the PTR records are created as a reverse lookup method
<TheEmpath> right.  i've setup the named.conf.options for that
<TheEmpath> with the rev and the domain name im using
<sudormrf> TheEmpath, aye, so what I am saying is that I would verify that your DHCP setup is working correctly
<sudormrf> verify that the router knows to tell the clients where to look for DNS
<TheEmpath> hrmmm
<TheEmpath> it is true that the one machine that can access the DNS server is a static ip
<TheEmpath> and hte one that cannot is DHCP
<TheEmpath> but when i look at the DHCPed client... its networking configuration is correct
<TheEmpath> the right ip range, the right gateway, netmask
<TheEmpath> but you are saying an A record might be buggy?
<TheEmpath> hrmm
<TheEmpath> i did restart the DNS server
<TheEmpath> that means i need to restart the client too
<TheEmpath> lemme try that
<sudormrf> k
<TheEmpath> huzzah, good call sir :D
<sudormrf> fixed?
<TheEmpath> fixed :D
<TheEmpath> now my VPN doesn't work, but thats a whoel other beast
#ubuntu-server 2014-06-06
<mwhudson> um
<mwhudson> why might a cloud image end up with #MANUAL
<mwhudson> nameserver 0.0.0.0
<mwhudson>  in /etc/resolv.conf?
<mwhudson> i'm pretty sure dhcp is passing a nameserver
<mwhudson> (it's not actually running in a cloud)
<TriJetScud> I'm looking for guidance on creating custom ubuntu cloud images...
<sarnold> TriJetScud: seen this yet? it might be enough to keep you from having to prepare you own customized images: http://cloudinit.readthedocs.org/en/latest/
<TriJetScud> I've seen this but cloud-init doesn't support microsoft's system center yet
<TriJetScud> I'm just looking at how the ubuntu cloud images are created, scripts wise
<shuggans> hi all - have zoneminder installed on ubuntu server 12.04 - trying to redirect its recording data (/usr/share/zoneminder/images) to /media/videostore/DVR/images using fstab but getting mount errors on boot
<shuggans> can anyone help me figure out what I'm doing wrong?
<larsemil> does anyone have any hints on how to troubleshoot ldap + tls? I dont get it to work. I followed this guide: https://help.ubuntu.com/12.10/serverguide/openldap-server.html#openldap-tls
<larsemil> when i run a ldapsearch i get: root@master:~# ldapsearch -x -ZZ -H ldap://83.209.243.253 -b dc=daladevelop,dc=se                   âÂ·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·
<larsemil> ldap_start_tls: Protocol error (2)                                                                  âÂ·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â·Â· additional info: unsupported extended operation
<larsemil> sorry strange paste
<frt> hi folks
<frt> I get crontab permission denied error
<frt> when I execute vi sh in cli it does work
<larsemil> http://serverfault.com/questions/602258/ubuntu-14-04-openldap-tls-problems
<frt> I have typed crontab -u root -e
<frt> same command is there its all cool
<LeMike> hello. the "original" PHP version is always different from the one on ubuntu-servers because they have their own patches - so the Patch-Number is different. How near is it to the original one if it quotes "PHP 5.3.2-1ubuntu4.24" ? or which PHP version is "PHP 5.3.2-1ubuntu4.24" truly?
<TJ-> LeMike: check the package's Changelog
<LeMike> TJ-: Where in the changelog do I see that "5.5.9+dfsg-1ubuntu3" is the same as "PHP 5.5.9" or "PHP 5.5.something" ? there are also the Ubuntu-Version-Numbers for PHP
<TJ-> LeMike: You look for the earliest 5.5.9 entry, and then work forward to the one you're interested in. Each version will add something in terms of additional patches - possibly backports from upstream, possibly local Debian/Ubuntu bug-fixes.  But, essentially, the base-version of the package (before any -XubuntuY extension) is the PHP version of the upstream source
<caribou> jamespage: thanks for the sosreport SRU review;
<caribou> jamespage: I'm surprized about the DEP3 comment, I used quilt --dep3 to create the patch headers
<jamespage> caribou, np
<caribou> jamespage: what's wrong about it ?
<jamespage> caribou, here's one that uses the Description field correctly:
<jamespage> http://paste.ubuntu.com/7600696/
<caribou> jamespage: ah, the spacing in the Desc ?
<LeMike> Ah! So the 5.5.3+dfsg is the one, that is in sync with the PHP 5.5.3, TJ- ?
<TJ-> LeMike: Correct
<LeMike> Thanks. That was easy TJ-  :D
<jamespage> caribou, you need to use the Description field name
<jamespage> and indent to ensure it can be parsed as a single field
<TJ-> LeMike: "+dsfg" simply means that Debian modified the original upstream source package to conform with their definition of "free" software. see https://wiki.debian.org/DFSGLicenses
<caribou> jamespage: crap, I missed that one, will fix it
<caribou> jamespage: on that topic, is it good practice to add those DEP3 header to patches ? I see many packages that don't have them
<jamespage> caribou, its really good practice
<caribou> jamespage: ok will keep doing it, but correctly this time ;-)
<Codmadness> Can anyone help me with this error http://pastie.org/9263748
<YamakasY> I can login to a 14.04 fresh install using console but SSH doesn't accept my password... what could be wrong ?
<sonne> when was 14.04 supposed to be released on LTS server again?
<sonne> should have been around these days...
<sonne> i only remember "june" though :)
<YamakasY> when I deploy a 12.04 ubuntu install I can login with the rootpw using ssh, the same deploy for 14.04 doesn't accept the password
<Codmadness> Can anyone help me with this error http://pastie.org/9263748
<bgardner> Codmadness: Give me a minute to read up
<Codmadness> Ok
<bgardner> Codmadness: I saw you over in #ubuntu, did they already give you instructions?  What have you already done?
<Codmadness> Well I've tried reinstalling, purging mysql, removing mysql and keep getting errors. Everytime I do apt-get install mysql-server it says 2 are not fully installed
<Codmadness> Which in the end ends up with E: Sub-process /usr/bin/dpkg returned an error code (1)
<bgardner> Codmadness: Ok, and is your other comment I see about 'port 3307 in use' related or not?
<Codmadness> Well I know that nothing else is 3307
<Codmadness> I even changed to port to see a difference which nothing worked.
<Codmadness> #mysql Said E: Sub-process /usr/bin/dpkg returned an error code (1) is a ubuntu issue
<bgardner> Oh, I see; initscript action start failed.  That's probably the port in use.  One moment.
<Codmadness> Yet I get E: Sub-process /usr/bin/dpkg returned an error code (1) everytime I reinstall or install mysql-server. How could it stop the install process?
<Codmadness> I also get that error everytime I upgrade
<bgardner> Codmadness: Not sure yet, could you get me a pastebin of this: sudo lsof -Pnl +M -i4
<Codmadness> Do you mind me using pastie.org? Its much eaiser to use pastie.org on my pi
<bgardner> Sure
<Codmadness> http://pastie.org/9263980
<bgardner> Codmadness: What's the output of lsb_release -a
<bgardner> Codmadness: And then after that, paste the output of: sudo netstat -tulpn
<Codmadness> http://pastie.org/9263991
<bgardner> Codmadness: What's in the mysql logs?
<bgardner> Codmadness: Or syslog, related to mysql
<pmatulis> morning
<Codmadness> LEt me check
<Codmadness> http://pastie.org/9264027
<Codmadness> Thats what happens when i try to start
<bgardner> Codmadness: While I look at that please paste the contents of /etc/init.d/mysql
<bgardner> Codmadness: Need to step away for a couple minutes but I'll be back.
<Codmadness> k
<bgardner> Codmadness: I'm back.  This promises to take a while, let's move this conversation private so we don't clutter the channel.
<TJ-> Codmadness: I'd suggest first disabling the starting of mysql so you can complete the upgrade. Once you've done that, you can then work on it by manually starting the mysqld and investigating why processes seem to left running when they're told to stop
<Codmadness> TJ- Since I've installed it I have rebooted the vps so it should have killed it
<TJ-> Codmadness: But have you fixed the package issues caused? If not, the package will still be 'unconfigured'
<Codmadness> Well I've done --fix-broken
<TJ-> Codmadness: After restarting, did you check if the mysqld is running?
<Codmadness> TJ- Well I checked system monitor
<TJ-> Codmadness: check the PID file contents matches the running instance PID, with " PIDM=$(sudo cat /run/mysqld/mysqld.pid); ps -efly | grep $PIDM  "
<Codmadness> The pid constantly changes
<TJ-> Codmadness: You should get 2 lines, one of which ends with "/usr/sbin/mysqld"
<TJ-> It does? That suggests the service is restarting constantly
<Codmadness> It grows up in numbers everytime
<Codmadness> Wait thats what aus does :/
<TJ-> Codmadness: OK, I'd suggest disabling the mysql service for starters so you can work with it manually. You can override the upstart init job by doing "echo manual | sudo tee -a /etc/init/mysql.override"
<TJ-> Codmadness: If the service is repeatedly restarting, that might explain why the init script failed to keep track of the current PID, and therefore fails to stop it with "no such instance"
<Codmadness> Ok one second
<Codmadness> Ok let me run that one second
<Codmadness> Ok i ran the echo command
<TJ-> Codmadness: now you need to stop/kill any existing instance
<Codmadness> kill -mysql?
<TJ-> Codmadness: "sudo pkill mysqld"
<Codmadness> Ok done
<TJ-> Codmadness: After that, check for any remaining instances with "pgrep mysqld"
<Codmadness> It returns nothing...
<TJ-> Codmadness: good, that means no mysqld instances are now running
<Codmadness> Oh, I thought that was bad xD
<TJ-> Unix commands are generally quiet when they are successful. If something goes wrong, they complain
<TJ-> I'm reading the mysql upstart script to see if it could be doing anything special
<Codmadness> Oh, ok thanks
<TJ-> Codmadness: OK, nothing amazing there. It does some basic checks like ensuring disk space, and only starts mysqld if those pass. So the fact it starts tells us that part is OK. So, if mysqld is respawning (thus causing the PID to change) then something it finds when starting is the problem. So if you start it manually you might be able to catch some clues
<Codmadness> So I shall start mysql right?
<TJ-> Codmadness: Try "sudo /usr/sbin/mysqld" see if it exits with some errors, or continues running
<Codmadness> root@playmcpe:~# sudo /usr/sbin/mysqld
<Codmadness> 140606 16:36:34 [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead.
<Codmadness> root@playmcpe:~#
<Cyberspirit> command to see the size of a file from friggen bash console?
<Codmadness> Woops should have pastbinned it
<Codmadness> Didn't realize it was that big
<TJ-> Codmadness: Is that all you see?
<Codmadness> Yes TJ-
<TJ-> Codmadness: It hasn't returned to a shell command prompt?
<Codmadness> Nope
<Cyberspirit> command to see the size of a file from friggen bash console?
<TJ-> Codmadness: OK, you need to send it a SIGQUIT to exit it. Press Ctrl+\  and wait a few seconds, then it should exit
<Codmadness> SIGQUIT
<Codmadness> Woops
<Codmadness> Command not found
<Cyberspirit> stat
<TJ-> Codmadness: You have a shell prompt again?
<gry> Cyberspirit: "ls -lah /path/to/file"
<Codmadness> Well it says sigquit isn't a command
<TJ-> Codmadness: Haha! You don't type SIGQUIT ... that is the name of the 'signal' sent to the process when you press Ctrl+\
<gry> Cyberspirit: "ls -la /path/to/file" in something raw, probably bytes
<TJ-> Codmadness: as long as you have the shell prompt back you're fine
<TJ-> Codmadness: As that didn't fail, I'm going to guess the problem was transient and has gone away. On that assumption remove the manual override with "sudo sed 's/manual//' /etc/init/mysql.override" and then restart the service with "sudo service mysql start"
<Codmadness> Wait so when I run sudo /usr/sbin/mysqld it should popup a shell script?
<TJ-> Codmadness: No. In the interactive shell, doing "sudo /usr/sbin/mysqld" starts mysql server in the foreground so it doesn't return to the shell. Therefore, you have to tell the process to quit to get back to the shell.
<TJ-> Codmadness: The shell is what provides the "$USER@$HOST:~$" prompt where your command are interpreted
<Codmadness> Oh
<TJ-> Codmadness: So, as I said, remove that override and restart the service and then check the mysql log-file again and see if it is running correctly
<xtriz> i have been using gentoo on my machine, and tired due to user intervention in maintaining system, is ubuntu stable enough that i do not need to spend the time in maintaining it ?
<Codmadness> ok
<xtriz> right now i am under tight time constraint and can't afford to waste the time in fixing system
<ikonia> xtriz: it's in use in the enterprise, it's a stable as you configure it to be
<xtriz> so is ubuntu-server stable enought to directly use for my work ( i.e. mostly virtualization stuff, running kvm/qemu ) without much fuzz and get my work done without wasting time in fixing things.
<xtriz> ikonia, that's good
<ikonia> xtriz: works out of the box
<xtriz> ikonia, do updates to new kernel and other updates tend to break the system ? ( as you said it's widely used in enterprise so it must not break stuff that easily )
<ikonia> xtriz: nopr
<ikonia> nope
<TJ-> Hmm, I've always found it doesn't work out of the box... only when I put it *in* the box does it work :)
<xtriz> ikonia, great  :)
<Codmadness> TJ- http://pastie.org/9264321
<TJ-> Codmadness: Aha! so, it's an upstart/configuration issue then
<Codmadness> But still mysql-server isnt installed properly :/
<TJ-> Codmadness: I thought that part was fixed?
<TJ-> Codmadness: In which case, maybe the update has broken the config files
<TJ-> Codmadness: put the override back in place "echo manual | sudo tee -a /etc/init/mysql.override"  ... and then try "apt-get -f install"
<cfhowlett> xtriz suggest you use the LTS (Long Term Support) release - currently 14.04.  Tis generally more stable than the interim releases
<xtriz> cfhowlett, ok :)
<Codmadness> Ok its doing TJ-
<sander^work> When I install or remove puppermaster and puppetmaster-passenger (from the precise puppetlab repository) I get: invoke-rc.d: initscript puppetmaster, action "start" failed. subprocess installed post-installation script returned error exit status 1
<Tung> sudo is really really annoying for someone coming from debian
<rbasak> Tung: sudo comes from Debian! It's just the installer default. If you wish, just set a root password and use su.
 * rbasak doesn't like root having a password so got used to it
<Pici> Or use sudo -i if you need to run a lot of commands in a superuser context.
<rbasak> samiux: if you're using the puppetlab repository, you should probably report a bug with them. We can only fix the Ubuntu repository here.
<Tung> actually i've got a more pressing problem than that at the moment but thanks for the suggestions
<rbasak> Ah yes. I use sudo -i all the time. I see no point in sticking sudo in front of everything if that's what I need to do every command.
<Tung> if i give you guys a dump of dmesg do you reckon you could fish out the problem with me plugging in a WD 1TB external USB 3.0 drive into a usb 3.0 port on an intel DH67GD motherboard?
<Tung> i'll go to pastebin
<rbasak> Tung: sounds more like a kernel issue.
<samiux> rbasak, ????
<rbasak> Tung: you might find #ubuntu-kernel more useful if so. I hope somebody can help you, but hardware issues like that are pretty hard to debug over IRC IMHO
<Tung> http://pastebin.com/m2kkw2An
<Tung> ok
<Tung> take a look anyway, fdisk -l isnt showing the device
<Tung> this is with a 3 day old updated ubuntu 12.04
<Tung> server
<InFierno> got usb3 drivers installed?
<rbasak> What does /proc/partitions say?
<Tung> i need usb3 drivers?
<Tung> interesting
<rbasak> Is sdc not the device you're looking for?
<Tung> i'm looking for sdc yes
<rbasak> Is sdc listed in /proc/partitions?
<Tung> but fdisk -l doesn't see it and i cannot mount /dev/sdc1
<InFierno> Do you have hardware raid on?
<Tung> yes sdc and sdc1 is listed in partitions
<Tung> i have hardware bios raid on yes, raid1
<rbasak> So then your kernel can see sdc and sdc1, which suggests that it reads the partition table OK.
<Tung> the partition is ntfs but it wont mount as such
<rbasak> OK, so it sounds like you have an NTFS mounting problem. Nothing to do with the hardware.
<Tung> ah there we go
<Tung> it mounted now
<Tung> it froze before for 30 seconds
<Tung> but now it mounted
<Tung> with errors:
<Tung> The disk contains an unclean file system (0, 0).
<Tung> The file system wasn't safely closed on Windows. Fixing.
<Tung> my system might've just been busy, thanks anyway
<Tung> all good i see the partition
<Tung> i'm attempting to tar archive project gutenberg for backup to external hdd, any ideas on a faster method of backing it up to a ntfs filesystem?
<Tung> 33GB in size
<Tung> and then i've got the ubuntu mirror to backup which is roughly 103GB
<Tung> tar -cv ?
<Tung> whoa
<rbasak> tar should be fine if you want a filesystem-level backup. If on rotary disks then it's the number of seeks that will slow it down (if you have a large number of files).
<Tung> lol that just dumped the contents of the gutenberg files to my terminal
<rbasak> Recently I've started using bsdcpio which can do pax format archives and I think may include extended attributes etc.
<rbasak> GNU tar is a little more limited and needs parameters to enable that stuff.
<Tung> i've found that mc (midnight commander) has a decent copy command
<Tung> ill use that for now, not tarring
<Tung> getting a respectable 19.xxMB/sec over usb3 with tons of directories/files in each one
<Tung> 67388 files
<qhartman> Anyone know of a good way to measure the IO activity of a single disk in a machine? Everything I've looked at can only show aggregate information.
<rberg> iostat
<qhartman> awesome, thx
<qhartman> that's perfect
<rberg> np!
<qhartman> http://stream1.gifsoup.com/view2/3554046/the-more-you-know-o.gif
<rberg> nice
<med_> caribou, what's the right approach to installing crashdump and arming it configging it in Trusty?  I think something changed between Precise and Trusty (if memory serves, I haven't dug in yet today)
<med_> pmatulis, ^
<med_> apt-get install linux-crashdump
<med_> and then do I need to reserve some kernel memory with a boot kernel cmdline entry and reboot?
 * med_ goes a googling
<caribou> med_: yep that's the good way then edit /etc/default/kdump-tools
<med_> nod
<med_> ack
<med_> thanks
<caribou> med_: just googles "crash dump recipe"
<caribou> med_: then you will need to reboot so the crashkernel= boot parameter is taken into account
<med_> so no changes to that doc since 2013 but probably the change I recall happened early 2013 or late 2012
<med_> yep, ack, will do
<med_> yep, that change doc'd in 13.04
 * med_ invokes the recipe
<caribou> med_: the mechanism (i.e. kdump-tools) got introduced then, yes
<oste> what is the proper way to install php 5.6?
<genii> oste: Sort of a trick question. The absolute right way would be to package it from source yourself. But that is outside the scope of actually just getting it installed. I'd probably go with PPA here.
<oste> ppa?
<genii> At https://launchpad.net/~ondrej/+archive/php5-5.6    Disclaimer: Personal Package Archives are supported by their authors and not by Ubuntu
<genii> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<rbasak> OndÅej is the Debian PHP maintainer, so his PPAs are probably the best ones to use.
<oste> cool
<oste> any idea when 5.6 will make it into ubuntu?
<rbasak> Not before it's released.
<rbasak> So it depends on the PHP project's release schedule, and how that relates to both OndÅej, the Utopic release schedule and my own schedule.
<oste> k thanks
<oste> so what is the procedure for getting this ppa in place?
<oste> deb http://ppa.launchpad.net/ondrej/php5-5.6/ubuntu saucy main ??
<rbasak> If it isn't available in Debian by 21 August, then it definitely won't make it in Utopic.
<rbasak> Since that's Ubuntu's release schedule deadline.
<oste> i see
<rbasak> https://wiki.ubuntu.com/UtopicUnicorn/ReleaseSchedule
<rbasak> https://launchpad.net/~ondrej/+archive/php5-5.6 has instructions
<gema> beisner: ping
<mix> buenas
<mix> hi people!
<mix> i have problem with m
<mix> my ubuntu server
<mix> in zoneminder
<mix> i have a error in mysql
<mix> hh
<sarnold> mix: welcome to irc :) irc normally works best if you have something concrete to discuss -- like that error from mysql..
<rberg> Hi all i am having a issue where if a block device is unavailable during boot the system ask me to press S to skip M for manual or keep waiting, pressing S or M seems to have no effect at all
<rberg> does anyone know what can be done to proceed?
<pmatulis> rberg: try the 'nofail' option in /etc/fstab
<rberg> great thanks!
<pmatulis> rberg: see 'man mount'
<rberg> I had not noticed that before, thanks
<rberg> any idea on why I was unable to skip?
<pmatulis> rberg: nope
<pmatulis> rberg: it's not the root filesystem is it?
<rberg> nope
<rberg> this is very odd that I cant press S M or I.. the keyboard input is accepted when I hit ctrl-alt-del..
<bekks> rberg: So "s", "m" and "i" are defective.
<rberg> yes
<rberg> is plymouth somehow required for these to work? also this is on 12.04
<bekks> For the keys?
<rberg> yeah.. seems odd I know.. I ask because its not installed
<rberg> and I really am out of ideas
<bekks> plymouth has nothing to do with defective keys.
<rberg> plymouth came to mind as I know it can display that message over the splash screen
<qman> I have had that problem or something very similar before, I never managed to fix it, I ended up reinstalling
<rberg> this doesn't happen often.. but it made recovering a hardware raid problem harder
<bekks> rberg: does the system ask you, before booting ubuntu?
<rberg> not sure I understand what you mean? before ubuntu bios / post?
<bekks> rberg: Yes - does that happen before ubuntu?
<rberg> the problem was that a device in fstab (sdd) had its underlying raid array fall apart. so yes there was a device problem before ubuntu booted
<rberg> I am booting off of sda
<rberg> I would like to be able to skip or drop to recovery shell if this happens again
<qman> Yeah, what's happening is, when there are no problems with disks everything is cool, but if it has to ask you something like skipping or recovering, it bugs out and won't do anything
<qman> I never figured out why or what the fix is, but I have seen it before
<rberg> ok.. at least I am not the only one! heh. I was able to repair the system with a boot cd, and when sdd was online everything boot up fime
<rberg> but I am left asking why was I unable to use the recovery shell
<qman> Right
<qman> It stumped me for over a year, I also had removed plymouth on the server in question
<qman> I had to upgrade for new hardware support and decided a reinstall was the best way
<pr3d4t0r> Greetings.
<pr3d4t0r> Q. Where can I find out which security advisor corresponds to an automatic update just done on one of my Ubuntu servers?  I have the linux-3.xx.xx image version.  Thanks in advance.
<pr3d4t0r> Er, advisory
<pr3d4t0r> This came out on the heels of the OpenSSL update from 48 hours ago, so they might be related but I'd like to know the details since this requires a server reboot and I have too many users on board.
<rberg> have a look here www.ubuntu.com/usn/
<pr3d4t0r> rberg: Checking.
<pr3d4t0r> rberg: Found it - futex issue.  Thanks.
<pr3d4t0r> Have a nice wknd, Everyone.
<rberg> qman: fwiw I took another system installed plymouth broke a raid array and was able to hit S to skip!
<rberg> well look at that, mountall depends on plymouth!
<qhartman> anyone know if the proble with excessive fsyncs in apt-get causing problems on btrfs systems is still a thing?
<qhartman> I have some VM's running on a ceph cluster that are showing really poor performance, but mostly when running apt-get. Ceph is using btrfs as the storage filesystem, but I would expect that to be abstracted away so that this wouldn't happen
<qman> qhartman: while I'm not sure about your specific case, fsyncs can't really be abstracted away while maintaining data integrity
<qman> qhartman: normally the workaround is to write those fsyncs to a fast cache or logging device, then bring the slow array up to date asynchronously
<qhartman> qman, right. In this case I was just thinking that there are so many "filesystem" layers between the apt-get process and the actual storage that it might not be relevant
<qhartman> but it seems like it is
<qhartman> all the other tests I'm doing work as expected. It's only apt-get that wrecks everything
<sarnold> qhartman: you could always use libeatmydata
<qhartman> sarnold, heh
<qhartman> interesting
<qhartman> that might be a good validation check
<sarnold> qhartman: fwiw I'd really expect an fsync in a program to really wait until data has been committed to disk, at least one disk, somewhere in the setup. that's what it asks for. hehe.
<qhartman> sarnold, sure. When you're going "program -> OS -> hypervisor -> clustered storage -> OS -> filesystem" I wouldn't be surprised to have something in there lying a little bit.
#ubuntu-server 2014-06-07
<qman> qhartman: all the subsystems in between are built to pass on synchronous writes the best way they can, so if everything's working as it should, those sync writes go all the way to disk (or cache/log disk)
<qman> anything less results in data loss during a crash condition
<qman> and the more links in the chain, the more important it is for that to actually happen
<Tung> i need a method of scouring my hardware for a cd/dvdburner without knowing if its plugged in or not
<Tung> it doesnt show up in sudo fdisk -l
<Tung> should it even though it contains a blank DVD?
<Tung> wodim --devices and wodim -scanbus show nothing
<sarnold> Tung: maybe lshw -class disk  ?
<qman> cat /proc/partitions
<qman> mine is sr0
<sarnold> Tung: dmesg output may also show something, maybe look for 'sr' (it's been a while  since I've had a cd writer..)
<Tung> ah good found it with the lshw command
<Tung> logical name of sr0
<Tung> sweet thanks!
<Tung> congratulations, its a DVD!
<Tung> :D
<oste> i am trying to install php 5.6 but i am not sure what the final steps are
<oste> i ran the steps listed here https://launchpad.net/~ondrej/+archive/php5-5.6
<oste> at the end it says âNow you're ready to start installing software from the PPA!"
<oste> how do i do that??
<cfhowlett> !ppa|oste
<ubottu> oste: A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<oste> i get that
<oste> just not sure what step to take to get php 5.6 in place of the current
<Tung> a voodoo witchdoctor dance
<sarnold> oste: did you run the apt-add-repository command yet?
<oste> yes i sure did
<oste> pretty sure its all in place
<oste> but php 5.5 is still being used
<sarnold> oste: okay, good; apt-get update, then apt-get install php5 apache2  -- I think the default would take them from the ppa rather than The Archive
<oste> damn pretty sure i already did all that
<sarnold> oste: did you restart apache2?
<oste> yeah
<sarnold> oste: can you pastebin the dpkg -l 'apache2*' 'php*' output? (the pastebinit tool can help)
<oste> looks like this http://pastebin.com/5GUuh24R
<sarnold> oste: hrm. you're running the saucy versions of apache2 and php5; if the ~utopic and ~trusty and ~precise bits in his package versions are to be trusted, he doesn't have any saucy versions
<oste> :(
<oste> out of luck?
<sarnold> oste: you -could- try replacing 'saucy' with 'trusty' in your /etc/apt/sources.list.d/whatever file for that specific ppa
<sarnold> oste: you might need to then use apt-get install php5/trusty apache2/trusty -- I haven't tried mixing ppa versions before..
<oste> eeks
<sarnold> (don't forget the apt-get update after changing the version in your sources.list)
<oste> would be better to get on trusty?
<oste> that is after saucy right?
<sarnold> very good idea :) saucy support ends next month.
<oste> cool
<oste> is there an easy way to do that?
<sarnold> do-release-upgrade should walk you through it
<oste> awesome - then hopefully that ppa will work
<sarnold> you may need to re-run the apt-add-repository once you've upgraded
<dw1> i got an unattended-upgrades reboot required email the other day and cant remember if i rebooted.. how can i check if i still need reboot?
<sarnold> dw1: 'need' is a bit of a strong term. the recent kernel security update contains a fix for a local unprivileged user -> kernel mode vulnerability, so if you don't trust your users or your services, you will want to upgrade if your uname doesn't match the highest-versioned kernel installed (dpkg -l 'linux*')
<dw1> right
<sarnold> rebooting is also the easiest way to get services to use the new openssl packages, but you could also restart by hand whichever services are exposed to the world
<dw1> that seems to be what triggered it
<dw1> just cant remember if i rebooted
<sarnold> uptime will tell you when you last rebooted
<dw1> ahh yes
<dw1> brb. :)
<ethermonk> i have installed php5-mcrypt but im still getting errors saying mcrypt is not installed from framework installs (and phpmyadmin)
<ethermonk> i have purge the config and reinstalled and issue persists
<Sachiru> What's the name of the app that provides a GUI to control users and groups settings in Gnome?
<oste> sarnold are you still around?
<oste> i set up a fresh instance running trusty
<oste> still cant get php 5.6 after following the steps here https://launchpad.net/~ondrej/+archive/php5-5.6
<ethermonk> i cant get mcrypt to work
<Tung> my system is booting up painfully slowly after installing and booting from a xen kernel
<Tung> https://help.ubuntu.com/community/Setting%20up%20Xen%20and%20XAPI%20%28XenAPI%29%20on%20Ubuntu%20Server%2012.04%20LTS%20and%20Managing%20it%20With%20Citrix%20XenCenter%20or%20OpenXenManager
<Tung> while following this tutorial
<Sachiru> Scenario is this: I have two groups, [EDT] and [EDT-Admin]. I want members of [EDT] to have a personal folder in (share) that only they have access to, and all personal folders in (share) are granted full r/w/x access to [EDT-Admin], but not [EDT]. Is it possible to do such?
<Sachiru> The caveat is that members of [EDT-Admin] are members of [EDT] as well.
<oste> nvm on the ppa issue forgot to run apt-get install php5
<ethermonk> oste, can you test php5-mcrypt for me?
<oste> i have not used that lib before
<oste> but i can run a command or two if you have it handy
<ethermonk> oste, im trying to install this but i cant get past the requirement check because of mcrypt: http://www.opencart.com/?route=download/download
<Tung> is it a double raid1 if i setup hardware raid1 in an intel bios and then setup raid1 in ubuntu?
<Tung> fdisk sees 2 disks instead of one volume after matching the two disks in bios to each other
<Tung> http://ascend4.org/Installing_Raid_1_on_Existing_Ubuntu_Server
<Tung> using this tutorial
<Tung> (note i have no intention of wanting a double raid1, was just wondering why fdisk can see 2 disks and not 1, it aint fooled)
<lordievader> Good morning.
<Tung> good afternoon lordievader
<lordievader> Hey Tung, how are you?
<Tung> suffering from memory loss, cant remember console commands that often
<Tung> df du dh whatever
<Tung> mount this that way bla bla bla
<Tung> feels like im waving my hands in the air
<Tung> chanting spells from books
<Tung> and yourself?
<Tung> also reading up on the reiserFS
<Tung> and synching a newly created raid partition
<lordievader> Tung: Use them enough and you'll remember. I'm reinstalling OS'es on my laptop.
<soren> Tung: Sounds like your hardware raid is fake.
<Tung> soren: nods I disbanded it and am using linux software raid
<soren> Tung: Good call.
<Sachiru> Query: Assume a folder has 055 permissions, can root see said folder?
<soren> Sachiru: Yes.
<soren> Sachiru: All the various restrictions don't apply to root.
<lordievader> Sachiru: It is very rare for root not to see/modify anything.
<bekks> Sachiru: root can and will see everything.
<bekks> Sachiru: you cannot hide things from root.
<Sachiru> Thanks
<Sachiru> Sigh
<Sachiru> Having difficulty with samba and permissions
<Sachiru> At first I thought I solved the samba issue with setfacls, turns out ZFS on linux does not support POSIX ACLs
<sergey_> I just installed Ubuntu server 14.04 32bit. My system freezes while shutting down or reboot. Last message on screen: "Stopping System V runlevel compatibility". How to fix it?
<bekks> sergey_: how long did/do you wait then?
<sergey_> bekks: an hour
<sergey_> bekks: It happened before and after apt-get updade/upgrade
<sergey_> uname -a
<sergey_> Linux svr 3.13.0-29-generic #53-Ubuntu SMP Wed Jun 4 21:02:19 UTC 2014 i686 i686 i686 GNU/Linux
<gry> probably it's intentional? what command are you using to shut it down?
<sergey_> gry: I tried: sudo reboot, poweroff, shutdown -h(r) now all the same
<gry> interesting
<gry> is it in a vm or on a physical computer you're staring at?
<sergey_> its on old laptop Acer TravelMate 2410, on VM same installation works perfect
<sergey_> gry: I really need to get it work...
<gry> does dmesg or /var/log/kern.log have any useful hints about it?
<gry> I'm sort of useless here as I've got little experience personally but these two are where I'd look first
<sergey_> gry: I don't know how much it useful. Can you take a look, please? Here is dmesg http://pastebin.com/wiGcNauV
<sergey_> gry: kern.log https://www.dropbox.com/s/gp0s4dmnwwqijwf/kern.log
<sergey_> gry: laptop has its latest BIOS firmware installed
<gry> does 'sudo shutdown now' make any difference?
<sergey_> gry: I executed it. After "Stopping System V runlevel compatibility" it dropped me to root shell, I see "root@svr:~#"
<gry> ouch
<gry> I apologize, someone else needs to look at it - I have a 14.04 desktop install and it does exactly this and I'm more or less a newbie so I can't give any advice
<sergey_> gry: no problem, thanks for your help and time
<dw1> remove items, such as outdated kernels autoremoved, remain in dpkg -l with flags 'rc' - will they ever disappear from there?
<dw1> removed*
<Patrickdk> sure, if you use purge
<Patrickdk> removed doesn't remove everything
<dw1> yeah
<dw1> just seems silly to keep them forever
<Patrickdk> why? it needs to know
<dw1> hmm perhaps
<Patrickdk> remove kills the program and libs, but keeps the data and config files
<Patrickdk> how else will it know it left those behind? if it didn't track that?
<dw1> i jus tima gine there will be a point when there will be 100 removed kernel remnants
<dw1> just imagine* .. wtf ;)
<Patrickdk> so?
<dw1> k ill stop pointlessly micromanaging things :p
<dw1> for now...
<Pupeno> can locate find files by owner and group?
<gry> no, but find can
<gry> 00:24:07 <Pupeno:#ubuntu> can locate find files by owner and group?
<gry> 00:24:33 <Pupeno:#ubuntu-server> can locate find files by owner and group?
<gry> please don't cross-post in the future
<xperia> hi. i have installed vsftp and i am able to access the uploaded files over the webbrowser using a ftp:// url however when i try to boot with the FTP Files a PC over PXE i am getting always the error tftp timeout message? How can i Fix this Problem?
<andol> xperia: ftp != tftp
<xperia> andol: thanks for the answer. does that mean it is not possible to use vsftp for netbooting?
<andol> xperia: Well, at least for the initial pxe boot step you'll need to get your kernel etc by way of tftp. Possible that ftp, http or something else might fill a purpose in a later step.
<xperia> okay thanks for the answer andol. will switch over then to tftp-hpa and try it out now
<xperia> i installed tftp-hpa now adjusted the tftp directory in the config and established a connection to the tftp server on the local lan by using the command line and tryed after this to fetch/get a test file but it fails for some strange reason. asking me why. has anybody a suggestion how to solve this problem?
<bitbyte> hey guys ive got a strange server error if I pastebin the error can some one take a look at it
<lordievader> bitbyte: State the problem, perhaps someone is around who can help you.
<bitbyte> http://pastebin.com/7zsh1kr3      its complaining that / is using 94.6 % out of 94.04 size on root
<lordievader> bitbyte: Is it?
<bitbyte> Iâm not too certain where to start to check it to be fair
<lordievader> bitbyte: df -h
<bitbyte> it says it has /dev/mapper/usbc01--vg-root     95G   90G     0 100% /
<lordievader> bitbyte: There you go, your root-fs is full.
<bitbyte> is there a way to break it down
<bitbyte> to whats taking the space up
<lordievader> bitbyte: du -hs /*
<bitbyte> mmmmm I think I may have messed up a LVM which has been downloading data
<bitbyte> I do appreciate the help even though im useless >..<
<bitbyte> the output  I get from the above is : http://pastebin.com/yLLJsphT
<lordievader> Is /var a separate partition? Else that is likely to be your problem.
<bitbyte> ermmm no var is included
<lordievader> That one is tatking 88G of your 100G partition ;)
<bitbyte> mmmm I wonder whats taking up all that space because the drive only has the OS on it
<lordievader> bitbyte: du -hs /var/*
<dasjoe> bitbyte: du -hs /var/*
<lordievader> dasjoe: Beat you to it :P
<dasjoe> Once is enough, though
<dasjoe> :)
<bitbyte> well what a suprise seems to be plexmediaserver
<bitbyte> thanks for the help guys much appreciated
<bitbyte> i just need to work out how to get plex to store meta data on my LVM
<bitbyte> well somewhere with more space
<lordievader> bitbyte: Make an lv just for Plex?
<bitbyte> lordievader thats a good idea but may need to get a new drive for it
<lordievader> Running out of space on your vg?
<bitbyte> well at the moment I have two LVMâs one for main disk holding the os on 120 ssd and then second tieing in 3 platter drives for 2.8TB
<bitbyte> http://pastebin.com/eyNSRyC2
<bitbyte> lordievader much appreciated for the help this evening iâm going to have to play with plex
<lordievader> Have fun, bitbyte
<bitbyte> im sure I will ^___^
<pr3d4t0r> Greetings.
 * pr3d4t0r eyes whaley.
<pr3d4t0r> Q. Is it safe to upgrade from 12.04 LTS to 14.04 LTS via command line?  We have server backups of everything relevant.  Thanks in advance for your recommendation.
 * pr3d4t0r figures that any serious kinks would've been found out 2 months after release.
<pr3d4t0r> I have both SSH and console access to the server, by the way.
<sheptard> pr3d4t0r: I wouldn't
<sheptard> pr3d4t0r: unless you have some strong reason to upgrade to 14.04
#ubuntu-server 2014-06-08
<dw1> my provider let me start with 14.04 over a month ago :D
<Patrickdk> ubuntu doesn't support lts to lts upgrades till 14.04.1 is released
<Patrickdk> you can do it anytime you want though
<Nautilus> anyone care to help with the basics of naming a machine properly? I have already put a name for the box in /etc/hostname, but think I need to do more (to make a fqdn). The VPS will host a few small sites of mine, not sure how to choose which domain name or where to put it
<Nautilus> hostname returns the name I put in there, but "hostname --fqdn" tells me "hostname: Name or service not known"
<pmatulis> Nautilus: it's taken from /etc/hosts
<pmatulis> Nautilus: (domain name that is)
<pmatulis> Nautilus: so put the FQDN in there
<Nautilus> ok, I made an entry there. I have localhost and whatever was below that I changed to boxname.domainname.com (also 127.0.0.1)
<Nautilus> already have it
<gry> what does "hostname --fqdn" say now?
<Nautilus> same error, maybe I forgot to reboot?
<Nautilus> I put that in yesterday
<pmatulis> Nautilus: pastebin your /etc/hosts
<Nautilus> http://pastebin.com/DgP8uvaS    where naut is the contents of /etc/hostname
<Nautilus> ohhhhh geez 127.0.1.2
<Nautilus> err, 127.0.1.1
<Nautilus> I have to reboot after changing that, right?   it's now 127.0.0.1
<gry> Dunno.
<Nautilus> looking at something else first then wil reboot
<Nautilus> ah, the original hosts file had "127.0.1.1    Ubuntu12" .... should I put that back in?
<Nautilus> heres what I have now: http://pastebin.com/AgtfrD83
<pmatulis> what you had before was better
<pmatulis> but you were missing something
<pmatulis> the format should be this:
<pmatulis> 127.0.1.1   hostname.example.com hostname
<pmatulis> and you don't need to reboot
<Nautilus> do I leave the 127.0.1.1 Ubuntu12 line?
<pmatulis> no
<Nautilus> will remove
<Nautilus> is there any reason to choose one domain name over another? I have about 3 I'll be putting on here
<Nautilus> ope will do more email than the others
<Nautilus> one*
<Nautilus> hostname --fqdn
<Nautilus> naut.reedonline.com
<pmatulis> good work
<Nautilus> tx to you guys :)
<Nautilus> this is it now: http://pastebin.com/iizvEEH5
<Nautilus> i have 2 users I've added as sudoers, I should then disable the root user?
<Nautilus> (and what would be the best way to disable the root user?)
<pmatulis> Nautilus: did you enable the root user?  it's disabled by default on ubuntu
<Nautilus> perhaps the VPS provider enabled it in the image? It was the only user I started with
<Nautilus> so I gather I should disable it.  Like this?  sudo passwd -l root
<Nautilus> oh, sshd_config has a setting for that ... looks like the best way
<pmatulis> no
<pmatulis> that won't prevent someone becoming root if they have shell access
<pmatulis> disable the user and all disable root ssh login (another default)
<pmatulis> disable the user and disable root ssh login (another default)
<Nautilus> i do the later with sshd_config, right?
<pmatulis> yes, and restart sshd after making the change
<savid> Anyone know how I can configure the "extra_modules" option in linux-crashdump? It seems on RHEL systems it's located at /etc/kudmp, but I'm not sure where ubuntu keeps it.
<Nautilus> and the former is what I had above... sudo passwd -l root   ?
<pmatulis> yeah
<Nautilus> thanks
<pmatulis> savid: try /etc/default/...
<savid> pmatulis: I have /etc/default/kdump-tools, but I don't see any options for extra_modules there
<Nautilus> if I do an "apt-get install" for something that's already installed, that's not a problem is it?
<cfhowlett> Nautilus nope.  it'll just return "already installed" or zero installed
<Nautilus> thanks
<pmatulis> savid: kdump stuff is quite distro specific.  there may not be the modules you're after
<pmatulis> in ubuntu
<pmatulis> savid: what release are you on and what functionality are you looking for?
<Nautilus> turning on the ufw firewall, what should i allow? ssh and http for sure, what about https (for the future), and sftp (maybe ssh covers that?)
<Nautilus> 12.04
<Nautilus> oops that was for savid
<savid> pmatulis: I'm on 14.04. I need to configure kdump to load extra modules when it builds the initramfs.
<pr3d4t0r> sheptard: Thinking about it.  Why wouldn't you?  Personal preference or there are known issues with the upgrade?
<sheptard> pr3d4t0r: I updated to 14.04 and kinda wish I hadn't
<sheptard> I had a fun few hours trying to get zfs working again
<sheptard> but I updated the day it came out
<sheptard> but if this server is in production, you may do well to wait until 14.04.1 is out
<pr3d4t0r> sheptard: Coolio, thanks for the heads up.
 * pr3d4t0r shelves plans for a few weeks.
<Nautilus> I'm following along at http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics but at step 6 I don't have a /etc/bind/named.conf.options file ... what's that tell me?
<Nautilus> ah, looks like I dont have bind9
<Nautilus> oy, did I just do something to make some keys stop responding? mess up a keymap?
<Nautilus> v, e and r do not respond
<Nautilus> yea, I was trying to query the version. yikes, how to fix
<Nautilus> I can't even cut & paste "-m keymap", the e doesn't come out :(
<Nautilus> i'm stuck on this, any suggestions?
<CCs> Can you, please, repeat your question? (I just joined)
<Nautilus> sure. I was messing with bind commands and seem to have unbound the v. e and r keys.
<Nautilus> so fairly fubar atm ;)
<CCs> so when you press v, e or r keys, nothing happens?
<CCs> sed -n l
<CCs> press v
<Nautilus> yes
<CCs> press Enter
<CCs> what do you see?
<CCs> (You can exit with Ctrl-D)
<Cyberspirit> I see a house
<Cyberspirit> a tree
<Nautilus> I cant type sed
<CCs> because of e :)
<CCs> right
<Nautilus> hang on, someone said just to logout/login
<CCs> That's a solution. Or reboot. :)
<CCs> Or mouse, if you have Xterm
<Nautilus> logout did it. I was worrie because v and e are in my login
<CCs> Catch 22 :)
<Nautilus> yep
<CCs> There's graphical tool too http://xahlee.info/linux/linux_keyboard_tools.html
<Nautilus> no GUI on the server
<zetheroo> I have setup Samba4 as DC on 14.04 .. does anyone have experience in how to get LDAP Account Manager to work with Samba?
<lordievader> Good morning.
<xperia> hi all. when i try to install maas on my ubuntu server i get the information that syslog-ng will be deleted. Problem is however that Syslog-NG is needed on the system and from what i see there is also no Replacement Install maked after the removal of the Package. Actually Ubuntu let me the Choise either to install maas and loose all logging possibility or keep Syslog-NG and not able to...
<xperia> ...install MAAS. Is this Normal?
<histo> !info maas
<ubottu> maas (source: maas): MAAS server all-in-one metapackage. In component main, is optional. Version 1.5.1+bzr2269-0ubuntu0.1 (trusty), package size 2 kB, installed size 40 kB
<histo> xperia: can you pastebin the output you are seeing when you try to install
<xperia> histo: yeah sure one moment.
<TJ-> xperia: The reason is the dependency chain: maas > maas-cluster-controller > rsyslog
<xperia> histo: here is the paste => http://apaste.info/24I
<xperia> TJ-: Ahhh rsyslog Thanks for the Info. The Question is now then when i install MAAS how can i still logg as a example postfix becouse i allready installed one time Maas and there were no more Postfix Mail Logging availble.
<xperia> Maas for sure breaks in ubuntu the postfix mail logging at least on my side this is the case.
<TJ-> I think it is because they both provide "system-log-daemon", and yet maas-cluster-controller doesn't... I wonder if that is an oversight? Worth making a bug report against it, replacing rsyslog with system-log-daemon
<xperia> well i just started looking into maas. I collected several Dell PowerEdge 1750 Servers and i am trying now to create a High Computing Cluster with ubuntu. Have to say that MAAS however from ubuntu is not really that good when it comes to High Computing Cluster as the People from MAAS expect to Install the Ubuntu Images on every Node aka every Node Sever however i dont have Harddisk there and...
<xperia> ...second i prefer to boot the Image into Ram and this Feature is not availble in MAAS ...
<TJ-> I thought nodes were PXE booted?
<xperia> TJ-: yeah they are pxe booted but after they boot MAAS expect to Install the Full Ubuntu Image into the Nodes. That is not really good as i prefer to boot the Image on every Node into ram.
<xperia> I was able however to compile the simple Kestrel High Performance Computing Cluster Software on Ubuntu. http://kestrelcluster.github.io/
<xperia> This is much more Impressive actually as nearly everything is done with the Shell. The Kestrel Package however is broken in Ubuntu Server. I had to spend a lot of Time till i got it compiled. https://launchpad.net/~kestrel/+archive/kestrel-3.0
<histo> Are beowulf clusters still used/
<Cyberspirit> im gonna build one
<xperia> histo: good question. from what i learned is that beowolf is based on kestrel actually. I looked into beowolf also but from what i have read is that BeoWolf expect that on every node a Computer Operating System is installed into the Hard Disk. I spent lot of time to find a Package to Run and Manage Computing Node Cluster in Diskless Modus where the Operating System is loaded into the Ram...
<xperia> ...instead installed to Hard Disk but could not find anything like that except Kluster HPC.
<Cyberspirit> just made a Class A IP address space on my 2nd lan
<Cyberspirit> but im going to be using virtual machine containers
<xperia> hi all. i have a strange problem with tftpd-hpa running on my ubuntu server. for some strange reason i am getting always the error message "RRQ from 192.168.1.122 filename splash.png, tftpd: read: Connection refused" can anybody tell me how to solve this Connection refused Problem? I searched the Internet for it but could not find any solution that works till yet!
<qman> xperia: that means either tftpd isn't running or your firewall is rejecting the traffic
<xperia> qman: thanks for the info. i just tryed with a another machine to download a test file and with that machine it worked now. strange
<apb1963> If e2mkfs reports bad blocks, does it take them into account when it creates the file system?  I've got a whole bunch of these...  Warning: the backup superblock/group descriptors at block 1802240 contain bad blocks.
<atpa8a> hello
<atpa8a> when booting installation from the UEFI cdrom... how can i specify the expert mode?
<atpa8a> add expert to kernel paramteres?..
<DeltaHeavy>  Hey. My local machine is Windows but I have a VPS I'd like to mount over the network. What's the best option for this? I'm having issues specific to my text editor with SSHFS, and I'm thinking of either SAMBA or NFS. Any suggestions? My VPS is running Ubuntu 12.04.
<lordievader> DeltaHeavy: I'm using samba over ssh usually when I'm on windows and outside of my network.
<lordievader> I've set it up using this guide: http://www.nikhef.nl/~janjust/CifsOverSSH/Win7Loopback.html
<DeltaHeavy> lordievader: Thanks, I'll look at this. Things sent over SAMBA aren't secure on their own?
<lordievader> No idea, personally I don't trust it enough. But I never looked into it ;)
<DeltaHeavy> Man, that looks WAY more complicated than it needs to me :p I might have to do this on a few computers in a reasonable amount of time.
<oste> how do you revert a ppa?
<oste> trying to get rid of php 5.6 now
<lordievader> oste: That is what's ppa purge is for.
<oste> i did this sudo ppa-purge ppa:ondrej/php5-5.6
<oste> but php 5.6 beta 3 still shows as the version
<lordievader> Do you have multiple ppa's offering 5.6?
<oste> i dont think so
<oste> PPA to be removed: ondrej php5-5.6
<oste> Warning:  Could not find package list for PPA: ondrej php5-5.6
<oste> so that confirms that it is gone
<oste> i restarted apache
<lordievader> oste: What does "apt-cache policy php5-common" return?
<oste> haha was just about to launch a new instance
<oste> would be nice to know how to remove those things
<oste> hang on..
<oste> http://pastebin.com/u2VbKxci
<lordievader> There is no repo supplying 5.6 beta, did you manually install the package?
<oste> no
<DeltaHeavy> 14.04 is using 5.5? Crap >:
<DeltaHeavy> Guess I'll still be compiling php5-fpm
<oste> yeah it is
<oste> but i used the ppa to get 5.6
<DeltaHeavy> Why aren't they using 5.6?
<oste> it is not released
<lordievader> !info php5-common
<ubottu> php5-common (source: php5): Common files for packages built from the php5 source. In component main, is optional. Version 5.5.9+dfsg-1ubuntu4 (trusty), package size 429 kB, installed size 1103 kB
<DeltaHeavy> Nvm, I was mistaken
<DeltaHeavy> I take it back
<oste> welp if anyone can recommend something to check to revert back to the default php lemme know
<DeltaHeavy> !info php5-fpm
<ubottu> php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.5.9+dfsg-1ubuntu4 (trusty), package size 2131 kB, installed size 8915 kB
<oste> i am stuck on php 5.6 and found a bug in a package pretty quickly
<oste> gotta go back
<lordievader> oste: Remove and install from the repo.
<oste> shouldnt it do that?
<oste> i have removed the ppa
<oste> so sudo apt-get upgrade should now install php from the repo
<lordievader> No, it won't. Your current version of php is newer.
<lordievader> apt-get upgrade doesn't downgrade packages.
<oste> i see
<oste> how to remove the current version?
<oste> sudo apt-get purge php*
<oste> could try that haha
<lordievader> apt-get remove php5-common&&apt-get autoclean&&apt-get install php5-common (and other things you might need)
<oste> about to hose the server :)
<oste> damn - seems reverting back is not so easy
<lordievader> Yeah, downgrading packages can be a pita.
<qman> oste: alternative is manually downloading the debs and using dpkg -i
<qman> not sure if there is a way to do something similar with apt-get
<oste> thanks but i did hose the server
<lordievader> oste: What did you remove? Libc?
<oste> i am not really sure sorry
<oste> kind of a noob - need to stay away from downgrading packages
<lordievader> Theoretically it should only remove php5-common and perhaps a few things that depend on <-
<RoyK> hm. how can I block access from an IP while allowing 80 in ufw?
<RoyK> seems the ufw allow http takes presence over ufw deny x.x.x.x
<RoyK> any way I can reorder those rules?
<Malinux> hei RoyK
<RoyK> hi, Malinux, my dear ;)
<Malinux> :)
<dustinspringman> Is it possible to use a ubuntu-server as a pptp ROUTER ? as in... I want to use a ubuntu-server as the pptpd host for multiple endpoints, but I need those endpoints to be able to talk to eachother via the ubuntu-server via routing... is this a possible configuration?
<dw1> dustinspringman: https://help.ubuntu.com/community/PPTPServer
#ubuntu-server 2015-06-01
<jak2000> i want add a user as sudoer, but cant: sudo vi /etc/sudoers dit an sae but cant save the message always is:  "E45: 'readonly' option is set (add ! to override)"  how to fix it?
<tyler_wylie> jak2000: can't you just add someoen to the wheel group? otherwise aren't you supposed to use visudo
<pmatulis> the wheel group? is that freebsd?
<tyler_wylie> pmatulis: most *nix's
<tyler_wylie> pmatulis: unless something's changed recently
<pmatulis> jak2000: not sure why you are getting that error but try doing what it says (:w! or :x!)
<jak2000> pmatulis solved with visudo
<pmatulis> jak2000: right, was going to mention that too
<tyler_wylie> looks like wheel is most linux / freebsd but not debian/ubuntu, hm
<tyler_wylie> eitherway, visudo the way to go to edit /etc/sudoers.
<diytto> hey guys i have 1TB of space on my server allocated to my / partition and i can't use it. is there any way to remedy this?
<linuxmint> Hello, what command lets me see what actions my server did last night? The auto backups has over filled the disk.
<linuxmint> I can't find where the incomplete backups went to before the disk was filled.
<linuxmint> I can see the top 10 largest files, in /var, but I don't think I can delete those files.
<linuxmint> Ok, I deleted a bunch of files, which gives my disk 91.3% space.
<linuxmint> I need to clear the incomplete backups, so the end of this month's auto backups will have enough space to complete and not freeze up the server.
<gartral|2> hey all after doing a release upgrade my apache configurations are broken, any ideas?
<Seveas> gartral|2: that's not entirely surprising, apache changes things frequently. What's the error?
<gartral|2> Seveas: the ever unhelpful: apache2_reload: Your configuration is broken. Not restarting Apache 2
<Seveas> check the apache logs
<gartral|2> Seveas: no errors that I see... http://paste.ubuntu.com/11489955/
<Seveas> gartral|2: hmm, and what does /etc/init.d/apache2 configtest say?
<gartral|2> Seveas: configtest isn't an option
<Seveas> then my apache knowledge is a bit rusty it seems :)
<gartral|2> Usage: apache2 {start|stop|graceful-stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean}
<Seveas> try this: apache2 -t
<Seveas> (not the initscript, the actual binary)
<gartral|2> AH00526: Syntax error on line 74 of /etc/apache2/apache2.conf: Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}
<Seveas> ding!
<gartral|2> /etc/apache2/apache2.conf doesn't exist...
<Seveas> check the relevant config line, look up its documentation, and fix as appropriate
<gartral|2> Seveas: can you do my a favor
<Seveas> depends on the favor
<gartral|2> can you check to see if http://kitsunet.info:1180/phpBB3 is accessable?
<Seveas> Not Found
<Seveas> The requested URL /phpBB3 was not found on this server.
<gartral|2> Seveas: try again
<Seveas> I get a vlank forum
<Seveas> blank*
<Seveas> so it seems to work :)
<lordievader> Good morning.
<rbasak> jamespage, hallyn: I'll take the squid3 merge.
<jamespage> rbasak, +1 thanks
<jamespage> rbasak, do you have time for a quick transitional package type question?
<rbasak> jamespage: sure
<jamespage> rbasak, trying to wrap my head around a reverse transition from last cycle
<jamespage> rbasak, so...
<jamespage> during vivid we did a transition from python-oslo.XXXX to python-oslo-XXXX which was a little confused due to upstream dropping namespaces
<jamespage> rbasak, this was not really required, and we're trying to realign with debian to get some scale on packaging at least on the dependency chain
<jamespage> rbasak, I know I need a breaks/replaces on the switch back to avoid dpkg overwrite problems
<jamespage> rbasak, but do we need to keep the python-oslo-XXXX packages in Ubuntu as well?
<rbasak> "from python-oslo.XXXX to python-oslo-XXXX"?
<rbasak> But whichever way, I don't know of any reason to keep old packages around.
<rbasak> Not even for one release.
<rbasak> All the metadata for the transition ends up in debian/control in the new packages.
<rbasak> Oh, hold on.
<rbasak> You're talking about binary packages and I thought you were talking about source.
<jamespage> rbasak, yeah - binaries
<jamespage> rbasak, look at something like oslo-messaging for example
<rbasak> Yes, you would need the old binary package names as transitional packages in the new source package.
<jamespage> rbasak, urgh - that's what I thought
<rbasak> Otherwise users who have the old binary package installed won't get the new one.
<rbasak> Need that until the next LTS.
<jamespage> rbasak, not really - only for one cycle
<rbasak> Yeah if it was only in a non-LTS
<jamespage> it is only in a non-LTS
<jamespage> thank golly for that
<rbasak> Maybe there's one exception here in your case though.
<jamespage> rbasak, trying to avoid another delta to maintain
<rbasak> For you it's a dependency package. So users will end up with the new thing when they upgrade because the higher level thing will depend on the new name.
<jamespage> rbasak, yeah - its not really a direct installed package
<jamespage> yup - thats true
<rbasak> So provided that no user is using the old package without the directly installed package, then you could probably technically get away without the transitional package.
<rbasak> I'm not sure if it's acceptable to do that or not though.
<jamespage> rbasak, I did think about abusing Provides
<rbasak> You will still need to maintain the breaks/replaces anyway, so maybe it's not that much to maintain the transitional on top?
<jamespage> rbasak, yeah - just trying to get this into debian to be delta free
<jamespage> rbasak, zigo did say transitional packages would be OK - but FTP master may not think so
<jamespage> as this is a transition Debian did not do
<jamespage> only Ubuntu
<rbasak> jamespage: https://wiki.debian.org/PackageTransition
<rbasak> Provides is acceptable.
<rbasak> jamespage: but you still need transitional packages I think.
<rbasak> jamespage: otherwise depending on upgrade ordering dpkg will still fail with a file conflict.
<jamespage> rbasak, I think so yes
<trippeh> the sysv-style init scripts should still work in systemd-enabled 15.04 right?
<trippeh> if there is no matching unit file
<trippeh> cant get watchdog to start (/dev/watchdog poller)
<trippeh> huh now it started
<trippeh> ah. does not start on boot.
<trippeh> perhaps there is a more modern alternative?
<rbasak> trippeh: yes, but make sure you use the "service" wrapper to ensure the right thing is called. Calling a sysv script directly when systemd or upstart is in use is dangerous.
<trippeh> #1448924
<trippeh> rbasak: yeah, used "service"
<acro458> Does anyone have any idea if there is a linux program similar to this: http://www.seattlelab.com/slnet_about/
<quantic> acro458: uhhh, that just sounds like a telnet server to me...
<quantic> but maybe I'm really missing something
<jpds> acro458: What's wrong with SSH?
<acro458> It is a telnet server
<jrwren> do you get a c:\> prompt when using it with windows?
<acro458> It is for using openbasic
<acro458> through anziowin
<jrwren> acro458: to what end?
<acro458> To connect to the serverdon't need ssh. It is
<acro458> To connect to the server
<acro458> It doesnt need ssh. It is internal-only. Network not connected to the outside
<acro458> Proprietary software
<acro458> Need a telnet service that can handle unlimited users
<jpds> Why would you want to use telnet in 2015?
<jrwren> acro458: yeah, this does not make any sense to me.
 * quantic has to be missing something, here.
<acro458> Because I 100% have to. Its my job
<jrwren> acro458: find a new job ;p
<quantic> That sounds like a disaster in the making.
<acro458> Are you going to pay me?
<jrwren> apt-get install telnetd
<jrwren> does what you want.
<jrwren> its a bad idea.
<jrwren> I strongly urge you to strongly urge your superiors that this is a bad idea and ssh exists for many many good reasons.
<acro458> So I should just pay $15,000 from that website?
<acro458> It is an internal network
<acro458> why would we need ssh?
<jrwren> lol.
<acro458> It has been running on telnet for 30 years
 * quantic wouldn't pay ANYONE that can't understand why you simply don't use telnet EVAR.
<jrwren> ever heard of stuxnet?
<jpds> !telnet | acro458
<ubottu> acro458: telnet is not safe. Please use ssh instead. See !ssh
<quantic> yeah, welcome to 2015 - there is no such thing as an internal network
<quantic> and "proprietary software" == "its secure because we said military-grade somewhere in the description"
<acro458> If people access the network, we have MUCH bigger problems than us using telnet vs ssh internally
<jrwren> there are some cases where I might use telnet, like if the network is not at all internet connected. firewalled to internal is not enough.
<jrwren> AND every node on the network has controlled physical access.
<quantic> even then, I would feel dirty. :P
<jrwren> yes, I'd want my keyauth and still use ssh, but I might be OK with deploying some archaic app which uses telnet
<jrwren> acrocity: afaik, apt-get install telnetd does what you want.
<quantic> he gone
<jrwren> oh oops, sorry acrocity
<jpds> http://packages.ubuntu.com/search?keywords=telnet
<jpds> Telnet also hasn't seen an update in years.
<jrwren> because its "done" and stable :)
<quantic> text goes in, text goes out
<jrwren> nc -l <port> | bash & echo <commands> | nc <host> <port>
 * jpds wonders what happens if you dd /dev/urandom to a telnet server.
 * jrwren tries it
<Delemas> I just upgraded from Ubuntu 14.10 to 15.04. The upgrade claimed to have worked but apparently Ubuntu can't deal with /usr on it's own partition as such server can't boot.
<Delemas> I'm trying to find a way to fix this other than a total reinstall...
<sarnold> Delemas: you may have success switching back to upstart from systemd
<sarnold> Delemas: see this for suggestions https://wiki.ubuntu.com/SystemdForUpstartUsers#Permanent_switch_back_to_upstart
<Delemas> do-release-upgrade should really fail before starting when /usr is a separate mount...
<Delemas> Trying that. I really hope that does it...
<Delemas> FML
<Delemas> Now it doesn't want to mount /var...
<Delemas> sarnold, Thanks. That made it so it would at least boot with manual proding...
<sarnold> Delemas: woo :) please do file bug reports.. I know I saw something else recently about a separate /usr giving trouble but I can't recall the setting..
<Delemas> hmm I wonder which package I should file against...
<Delemas> do-release-upgrade? systemd? hmmm
<sarnold> Delemas: I think both; perhaps first against systemd in the hopes it gets fixed, but also adding do-release-upgrade for trusty might be a good idea, in case it can't easily be fixed in the future :/
<jelly> hey, if debian can make a separate /usr work, so should ubuntu
<dannf> hallyn: do you think we can fix LP: #1457639 in a vivid sru? do you have other things queued for vivid?
<dannf> hallyn: (post-debsync-for-wily, of course)
<Delemas> 2 bugs filed...
<hallyn> dannf: yes i think that's SRuable.  well i didn't look at the patch but it looks important enough
<hallyn> dannf: i intend to merge from debian tue or wed this week
<hallyn> thenwe can sru.  lemme check my list
<hallyn> actually my list is empty other sruing the "kvm on all arches"
<dannf> hallyn: "kvm on all arches"? like a metapackge?
<dannf> but cool, will touch base with you after the sync
<hallyn> cool
<Delemas> For some reason the boot is hung up on mount /var. The entry is correct. I do a mount -av and exit emergency maintenance mode and normal boot occurs...
<Delemas> I get "The disk drive for /var is not ready yet or not present." it is very weird...
<dasjoe> I take it a trusty container can't be booted using systemd-nspawn? It just gets stuck: http://paste.debian.net/193379/
<Delemas> man... apparently I'm forced to repartition...
<trippeh> re earlier, has telnetd been updated for the systemd world? :P
 * trippeh hides
<sarnold> trippeh: it looks like it'll use update-inetd to change its configuration when installed: http://sources.debian.net/src/netkit-telnet/0.17-40/debian/telnetd.postinst/
#ubuntu-server 2015-06-02
<zanzacar> if I wanted to monitor what devices downloaded from what ips what would be the best means in which to do that?
<jdv> squid proxy on your network
<zanzacar> jdv: thanks I will check it out. The device I want to monitor is a wifi device so I was thinking about even doing something with wireshark or something
<zanzacar> just wasn't sure really so I figured I would ask for expert opinions
<jdv> wireshark will give you too much data for your requirements
<zanzacar> thats what I was thinking too, mainly I just want to know what server the wifi device is accessing to download some of its information
<zanzacar> is squid specific for surfing the web? I am trying to figure out what IP address a device actually accesses
<zanzacar> the device being a kindle I have
<jdv> can you bring up a shell on it?
<jdv> squid will monitor all traffic
<jdv> a simpler way to see what its doing is to connect it to your PC and then run a command line netstat on it
<zanzacar> I can't bring up a shell
<zanzacar> I am thinking I might just put wrt on my router and monitor it through that and iptables or something similar
<zanzacar> I am not sure how i would run netstat on it via my pc
<jdv> bridge the connection ?
<jdv> can you root a kindle?
<jdv> or otherwise ssh to it?
<jdv> I dont have one
<zanzacar> well the tablet versions I am sure you can
<zanzacar> this is just an e-reader
<zanzacar> but I was curious what things it was accessing via the internet, looks ups etc
<jdv> Do you have a phone with shell ? I might consider making that a hotspot and then exploring the network connections running from the phone
<zanzacar> oh thats a decent idea i like it
<zanzacar> my phone doesn't support hotspots though and I am in the process of rooting it
<histo> just arp poison the kindle and use wireshark
<zanzacar> arp poison?
<histo> arp spoof whatever you want to call it.  you route all it s traffic through you
<zanzacar> interesting
<jdv> lol arp spoofing to monitor network connections on a trusted device.
<jdv> well why not.
<jdv> just dont have any other devices on the network at the same time
<lordievader> Good morning.
<histo> jdv: why not you don't have to spoof all of them. You can select just one target
<epicepic> why did i failed install smbfs on ubuntu 15 server?
<histo> epicepic: what did you install?
<histo> epicepic: or I should say what was the error?
<synthmeat> so, i want to vimdiff a remote file and output of local command...
<synthmeat> vimdiff scp://host//remote.file <(local.file)
<synthmeat> that kinda doesn't work (not sure i can specify more into how _exactly_ it doesn't work)
<synthmeat> errata: <(cat local.file)
<synthmeat> (sorry. the one i typed out does work)
<synthmeat> is it something about "cat" that doesn't help here?
<synthmeat> and, OT... wow, imagined a lot more traffic in here :/
<jpds> synthmeat: I don't even think that scp:// exists.
<jpds> Ah, OK, it has support for that.
<synthmeat> jpds: yeah, i diff remotes this way all the time, and use it as such in many commands
<synthmeat> well, "all the time". found about it yesterday :D
<synthmeat> well, "use it as such in many commands" is also a blatant lie too :D
<synthmeat> it works in vimdiff, that's all i know :D
<solo2> ubuntu server raid1 ( no VMhd // 2 hd ) controller checked ( name of raid1 set from the controller and with 2 hd already in the same group ) ... during installation grub failure at the end. Disk partition it can only see the raid with # #126 at the end ... no chance to see the other 2 hd only the raid . i tryed to manual partitioning it. setting /boot /swap /  .... grub failure .... pls help me
<hallyn> smb: regarding the libvirt init job waiting on socket being ready - let's ask zul to integrate your and dosaboy's comments when he merges 1.2.16 in next 2 weeks
<hallyn> (that's bug 1455608)
<zul> yay for timeframes!
<smb> hallyn, not in a rush there. might consider things for srus into previous releases
<hallyn> smb: yes, it's on my list for next set of srus
<coreycb> jamespage, any tips on getting around this?  this (https://merges.ubuntu.com/p/python-openstackclient/REPORT) has a setup.cfg merge conflict, so I manually updated setup.cfg to what debian has, but debuild gets:
<coreycb> dpkg-source: info: local changes detected, the modified files are:
<coreycb>  python-openstackclient-1.0.3-1ubuntu1/setup.cfg
<coreycb> rbasak, maybe you have tips ^
<rbasak> coreycb: that's odd. I wouldn't expect there to be a merge conflict in setup.cfg as I wouldn't expect that to change in a packaging delta anyway.
<rbasak> coreycb: to change setup.cfg if required that should be done through a quilt patch
<coreycb> rbasak, yeah I agree
<rbasak> coreycb: so maybe check 1.0.3-1, 1.0.3-1ubuntu1 and 1.0.2-2 manually?
<rbasak> Incidentally that's a tricky merge for merge-o-matic maybe because Ubuntu was previously ahead of Debian on upstream version
<coreycb> rbasak, there aren't any existing patches at least
<Kully3xf> how to fully clear out history
<Kully3xf> i've tried putting /dev/null >> .bash_history
<Kully3xf> I've tried history -c
<Kully3xf> everything looks good until I logout/back in
<jamespage> coreycb, I'd pop all patches with -f and then re-extract the orig.tar.gz over the top of everything
<coreycb> jamespage, ok thanks
<epicepic> how do i chown nor chmod for cifs mounted folder ?
<jamespage> zul, can you avoid working on any oslo pkgs in wily - I'm working on resyncing with Debian
<jamespage> hopefully the ftp masters will be ok with holding Ubuntu transitional packages - zigo was OK with having them
<jamespage> coreycb, openstackclient might be a straight sync tbh
<jamespage> zul, how do we feel about ibm-db-sa?
<jamespage> zul, looking at straight sync for migrate - but that would mean a MIR for that package
<brianw> Hello
<zul> jamespage: sure, i dont think we need ibm-db-sa, besides you need an actual database to test it out
<coreycb> jamespage, yeah it could probably just be sync'd
<coreycb> jamespage, here's the sync bug 1461189
<coreycb> https://bugs.launchpad.net/ubuntu/+source/python-openstackclient/+bug/1461189
<moloney> It seems like you can't install ubuntu (14.04) to an existing mdadm RAID array.  During install the devices are numbered md127 and md126 instead of md0 and md1, and then during first boot it fails to bring up the RAID arrays. If I delete the RAID arrays and create them during the install then it will work.  Do I need to do something different when creating the RAID arrays, like set some additional meta data?
<quantic> moloney: i have different experiences, so i wont be much help. ive been able to install to existing mdadm arrays without issue.
<moloney> quantic: using 14.04?  Do you remember how the array was originally created (e.g. using the installer from a previous ubuntu release)?
<quantic> moloney: using 14.04 using arrays originally created by 12.04, 14.04, 15.04, 15.10, Fedora 21, Fedora 22, CentOS 7. (I do a lot of testing with some of my servers.)
<quantic> moloney: s/15\.10/14\.10/
<moloney> quantic: Did you ever do it with an array created with the mdadm command?  I noticed for example the installer gives the arrays names like 'myhostname:0' for md0 and 'myhostname:1
<Walex2> moloney: MD arrays are recognized by the UUID in the superblock of their members
<moloney> quantic: Did you ever do it with an array created with the mdadm command?  I noticed for example the installer gives the arrays names like 'myhostname:0' for md0 and 'myhostname:1' for md1, so maybe I just need to add something to the mdadm commands to create the arrays.  I guess I just need to try that out
<quantic> moloney: yes, using both 0.90 and 1.2 superblocks. I've just never encountered the issue you're describing.
<moloney> Walex2: sure and the installer seems to recognize that the arrays exist, but the odd number (127 etc) seems to be causing issues
<quantic> moloney: that's the number they typically get allocated in the installer, including mine. hasn't ever caused issues.
<quantic> moloney: and the system doesn't look for them by md device number. it looks for UUIDs.
<moloney> quantic: yeah I figured it would be using the UUIDs which makes me even more confused at to what my issue is.  The only thing kinda "special" about my setup is that the drives are NVMe (PCIe), but since it works when I create the array in the installer I doubt that is related
<quantic> moloney: interesting... all of mine are standard SATA/SAS drives. that might be the difference.
<moloney> quantic: only thing I can think is that the installer doesn't realize it needs the nvme driver at boot if it doesn't do anything with the underlying devices during the install
<Delemas> Any chance Ubuntu 15.04 implemented something where PHP can't connect off the server? My squirrelmail lost the ability to connect to my imap server after a 14.04 to 15.04 upgrade...
<bekks> The default settings you accepted my have caused that. Did you upgrade from 14.04 to 15.04 directly?
<bekks> Or did you upgrade to 14.10 before?
<Delemas> No I thought you had to upgrade to 14.10 first...
<Delemas> So that is what I did...
<Delemas> hmm I don't recall seeing that. Any hints where to fix that?
<bekks> PHP settings in /etc/
<sarnold> Delemas: check dmesg for an apparmor denial; I can't recall if there's default php confinement there, but it might be related
<sarnold> Delemas: dmesg | grep DEN ought to do it
<Delemas> I remember SELinux doing something like this on an un named evil distribution... I'm not seeing an apparmor denial...
<jjohansen> Delemas: grep DEN /var/log/syslog
<jjohansen> it can have some messages in that don't go to dmesg, eg. trusted helpers like dbus mediation
<Delemas> Well other than pointing out my DNS updates are being denied (unrelated) nothing that looks like an apparmor denial.
<jjohansen> Delemas: another way to test and see if it is appparmor is boot with apparmor=0 as a kernel param in grub
<jjohansen> Delemas: are you using upstart or systemd?
<Delemas> Oh ok I'll try that and see if it goes away.
<Delemas> I switched to upstart because systemd didn't work with a /usr partition. It didn't help. I had to complete repartition my server. I haven't switched back to systemd but could now.
<Delemas> I like the boot speed with systemd but that is a pretty big flaw IMHO
<jjohansen> okay so with upstart you can also get away with doing /etc/init.d/apparmor teardown
<jjohansen> that will unload all policy, so you don't have to reboot
<Delemas> Oh ok I'll try that.
<Delemas> Ah well that is one thing to mark off. It's not apparmor...
<Delemas> hmm I wonder if the new PHP is really trying to verify the certificate and failing...
<Delemas> so dumb.... It is suddenly verifying certificates and failing...
<Delemas> Turns out php 5.6 in turns on verify_peer by default and the ancient 2012 version of squirrelmail provided for it doesn't support overridding php's defaults.
#ubuntu-server 2015-06-03
<Patrickdk> not sure why you would want to disable that
<Delemas> Because it also has no way to define the CA files to use so it always fails.
<Delemas> So an upgrade resulting in no SMTP or IMAP connections. Very useful webmail...
<Delemas> If Ubuntu had a modern squirrelmail release I could just define the options and move on...
<Delemas> I guess I'm going to have to package it myself...
<cryptodan_laptop> Delemas: https://help.ubuntu.com/community/Squirrelmail
<Delemas> That doesn't help.
<cryptodan_laptop> thats what came up when I googled squirrelmail ubuntu 14.04
<trippeh> to be fair, it doesnt look like squirrelmail has actually made a release since then
<trippeh> its all "just use a snapshot plz kthx"
<Delemas> squirrelmail on 14.04 works because it doesn't using php 5.6
<Delemas> They have a stable snapshot.
<cryptodan_laptop> cant drop back to 5.5?
<Delemas> We are actually running a snapshot now only it was taken in 2012...
<Delemas> i.e. this if the version in universe: 2:1.4.23~svn20120406-2
<Patrickdk> using 5.6 is pretty daring, 5.6 is like just released a few months ago I think
<Patrickdk> oh, universe, that isn't ubuntu supported
<Patrickdk> hmm, guess it will be a year old soon
<Delemas> 3 years by my count...
<trippeh> my personal outdated-in-ubuntu pet peeves is amavisd-new and wireless-regdb (both in main)
<Delemas> wordpress would be another...
<Patrickdk> how? release date of php 5.6.0 is aug 2014
<Delemas> Ah that makes sense I thought you meant squirrelmail...
<trippeh> when debian oldstable ships newer versions than 15.04 ;)
<sarnold> trippeh: the requestsync program can file bug reports about those things for you :)
<trippeh> pretty sure they all have "new upstream release" bugs on them at least
<trippeh> I heard wireless-regdb is beeing worked on now
<sarnold> \o/
<trippeh> finally we can have working 802.11ac ;)
<sarnold> fancy, I still think of G as the neat new thing
<trippeh> well it sorta works, just without its killer feature, the extra performance ;)
<trippeh> oh god squirrelmail is still using sourceforge?
<drocsid> I'm having trouble increasing ulimit -l max locked memory       (kbytes, -l) 64
<drocsid> in ubuntu server
<drocsid> in /etc/security/limits.d/elasticsearch.conf
<drocsid> I set elasticsearch   - memlock unlimited
<drocsid> and I  tried sysctl -p
<drocsid> I also tried sudo sysctl --system
<drocsid> and logging out and back in
<drocsid> but locked memory max remains at 64kbytes. How do I change this in ubuntu-server?
<sarnold> drocsid: check your /etc/pam.d/ files to make sure you didn't accidentally typo the name /etc/security/limits.d/elasticsearch.conf when you set it up
<drocsid> sarnold: I just asumed that I could place that file in limits.d, maybe I should just set this in limits.conf instead?
<sarnold> drocsid: hmm, maybe you should be able to..I didn't see anything referring the limits.d directory inthe pam_limits manpage so I hadn't realized it already existed.. :)
<sarnold> drocsid: .. but low and behold, I've got the limits.d directory too. hah.
<sarnold> drocsid: dno't forget that the limits set via the pam_limits module will only affect whatever login mechanisms are configured to use it, via /etc/pam.d/..
<drocsid> sarnold: from my understanding it's there so you don't goof and mess up all the system limits. But this isn't working
<sarnold> drocsid: it's both way simpler than that and way more complicated than that :/ it only affects whatever login mechanisms are configured to use pam_limits via /etc/pam.d/
<drocsid> Is /etc/security/limits.conf part of pam_limits / pam ?
<sarnold> yes
<sarnold> drocsid: so if it is started via an upstart or sysvinit script, pam_limits is never run and those files are never parsed anyway
<sarnold> but if you're logging in as elasticsearch via ssh and need this locked memory limit raised, that'll work fine
<drocsid> hmm so then since I start the process using the init script as root, let me see what it does.
<sarnold> drocsid: try this: http://upstart.ubuntu.com/cookbook/#limit
<drocsid> didn't know this was that complicated. :(
<sarnold> the thing is, _something_ needs to run to set those limits.
<sarnold> otherwise the limits are inherited from the parent process
<sarnold> well,that's backwards; limits are inherited from parent processes, and if it happens to run as root, and happens to be configured to use pam and pam runs pam_limits....
<drocsid> looks like these lines exist in the init script
<drocsid>       if [ -n "$MAX_OPEN_FILES" ]; then
<drocsid>                 ulimit -n $MAX_OPEN_FILES
<drocsid>         fi
<drocsid>        if [ -n "$MAX_LOCKED_MEMORY" ]; then
<drocsid>                 ulimit -l $MAX_LOCKED_MEMORY
<drocsid>         fi
<sarnold> the end result is that it feels elegant and simple once you know it; and until you know it, it feels incredibly complicated and terrible. :)
<drocsid> so I will try setting those vars in /etc/default
<drocsid> and looks like it will set them maybe
<sarnold> nice, are those variables inherited from an /etc/default/ file hopefully?
<sarnold> woo
<drocsid> it's a big pain in the ass as far as I'm concerned, these simple configs differ between all the distros and init scripts. Setting it one way doesn't work in another environment. :(
<drocsid> maybe I'm just not getting it right, but I thought that /etc/security/limits.conf was supposed to set the limits across the system...
<drocsid> sarnold: thanks
<sarnold> drocsid: I can understand :) it took me years before I came to terms with PAM...
<sarnold> drocsid: all fixed?
<drocsid> yeah, the init script takes care of it.
<sarnold> nice.
<Locke2002> There is a gap in my kern logs... How can that happen?
<sarnold> Locke2002: of what sort? it's quite common for the kernel to go weeks without logging anything
<sarnold> my currently running kernel has a period of 139 hours with nothing to report :)
<Locke2002> kern.log.1 ends on May 28, kern.log starts today after an unplanned reboot of my VPS. My SSH session showed root sent shutdown, another log mentioned stopping a service for runlevel 15.
<Locke2002> maybe my VPS provider did a reboot?
<sarnold> it's unusual for vps providers to not at least mention it to you, but there have been some serious xen / qemu issues since then
<Locke2002> I know it wasn't too sudden, I got all my fail2ban shutdown notifications
<patdk-lap>  depends on the vps provider
<patdk-lap> my cloudatcost node randomly reboots all the time
<Locke2002> haha, ok
<patdk-lap> I have only ever received one notice about it
<sarnold> with a name like that, it's not too surprising.. :)
<patdk-lap> even amazon, same deal
<patdk-lap> they give notice on hardware failure though
<patdk-lap> but I have aws instances randomly reboot, without warning or notice
<patdk-lap> on aws
<Locke2002> is it not unusual that kernel wouldn't have anything to log while shutting down?
<patdk-lap> who said it shutdown?
<sarnold> dang, I don't have any shutdowns in my logs :/
<sarnold> patdk-lap: he had a shutdown notification from root in an ssh session
<patdk-lap> ah
<Locke2002> my fail2ban notifications, they were sent out as it was going down
<patdk-lap> ya, you won't get a kernel shutdown notice
<patdk-lap> it will be readonly by then
<Locke2002> ok
<Locke2002> thanks guys :)
<sarnold> Locke2002: usually the best notice you get that a reboot happened is the huge logspam at 0.xxxx seconds in the log
 * patdk-lap uses uptime :)
<histo>  22:01:57 up 70 days, 1 min,  2 users,  load average: 0.00, 0.01, 0.05
<lordievader> Good morning.
<histo> *yawn&
<trijntje> Hi all. I want to start using zfs on ubuntu. Can somebody point me to a good resource to get started? I have no experience with zfs
<Sling> trijntje: did you try google? :) the ubuntu wiki has a nice zfs article with a ppa
<trijntje> Sling: I found the ubuntu wiki article, but I didn't find it very usefull, its pretty general. I was hoping someone here would know of a best practice/tutorial document for running zfs on ubuntu
<trijntje> I tried the server guide as well but I couldn't find any mention of zfs
<Sling> what kind of best practice do you mean? zfs kinda does all of its work on its own
<Sling> also do you want have a zfs root partition or just separate
<trijntje> just separate, I need to store some expensive data and make sure it doesn't silently get corrupted
<trijntje> Sling: I guess I'm not too sure what I mean, thats the problem when you are completely new to a subject ;)
<Sling> trijntje: zfs is mainly self-healing
<Sling> as long as you keep an eye on the status of your pool/volumes using monitoring (im sure there is a nagios plugin for this) then you're good
<bekks> trijntje: https://pthree.org/2012/04/17/install-zfs-on-debian-gnulinux/ - thats the starting point for ZFS on Linux.
<trijntje> bekks: thanks, I'll go and read that
<vikram1> Hi all i need to migrate my server from ubuntu 14 to ubuntu server 15 plz help me
<lordievader> vikram1: sudo do-release-upgrade?
<vikram1> vil my all database vil b safe ryt bcoz i installed on ubuntu desktop 14 LTS and needed to upgrade to Ubuntu Server 15 LTS
<lordievader> vikram1: Read the release notes.
<vikram1> release uipgrade will uopgrade me to desktop release. I want to upgradee / migrate to server edition.
<lordievader> vikram1: do-release-upgrade only upgrades the packages that are currently installed.
<vikram1> it'll upgrade to desktop to desktop version i need to migrate to desktop edition to server edition
<lordievader> What?
<vikram1> i have installed my server on Ubuntu 14 LTS desktop edition now. i need to migrate to Ubuntu 15  Server edition and not desktop edition
<teward> vikram1: there's no distinction really between "Desktop Edition" and "Server Edition" to the upgrader.
<vikram1> will migrating from Desktop edition to server edition increase the performance ?
<teward> `do-release-upgrade` will upgrade everything as is, ignoring the image you've installed with, and doing the upgrade on a package basis
<teward> vikram1: removing the GUI portions might help a little, but without further details on your environment it's impossible to figure out what you're trying to achieve other than an upgrade
<vikram1> Thanks a lot for teward
<teward> vikram1: from apt and do-release-upgrade's perspectives, it's upgrading based on the migration path from trusty -> utopic -> vivid
<teward> not the image you used
<teward> (however 14.04 LTS -> 15.04 will require one additional upgrade, 14.04 LTS -> 14.10, then 14.10 -> 15.04)
<teward> unless you absolutely need 15.04 for your environment, i'd suggest keeping the LTS
<teward> (or, fresh install after backing up the data and determining the applications you need to install)
<deadrat> Vikram1 must've installed the default unity desktop in his server. Now he is wondering if changing to Ubuntu server increases performance.
<teward> deadrat: he's installed the Desktop iso
<teward> deadrat: he's also asking two things:  "How do I migrate to Server Edition" and "How do I go from 14.04 LTS to 15.04"?
<deadrat> Yes..
<vikram1> What would suggest me as i m using it for internal usage abt 100 users max for a social networking site.
<teward> deadrat: so, removing the GUI bits is not too hard, nor is removing the other apps provided he has a list of what to remove
<teward> the upgrading will be two-stage though
<teward> and with each stage he runs the risk of explosions
<deadrat> Let him stay in LTS till next lts release and maybe he can remove the desktop packages that are not required.
<teward> agreed
<teward> and for a server, performance will probably increase since the GUI overhead wouldn't be existing
<deadrat> Yup.. So unity and its dependencies must be removed.
<teward> as well as libre office and the other installed applicatoins
<teward> i should really diff the ubuntu-desktop package and the default server install to find how to purge the GUI components xD
<deadrat> And other packages like software centre , Firefox etc.
<teward> mhm
<teward> hence the diffing of the desktop package and the server install xD
<teward> (brb)
<deadrat> Where can he find the list of packages included?  . they are in release notes, I guess..
<teward> deadrat: i think it's a large enough list that it's not in the release notes
<teward> IDK i'd have to check
<deadrat> Vikram1 should be able to figure that out.
<teward> mhm
<vikram1> thanks a lot guys
<deadrat> U r welcome.
<mgz_> hiya. is there a reason the base ubuntu server image doesn't run ntpd? seems you'd like to avoid clock skew by default.
<tonyyarusso> mgz_: While often a good idea, it's certainly not necessary, and having unnecessary daemons running with open ports is avoided in default configurations.
<rbasak> mgz_: >= Vivid runs systemd-timesyncd now.
<rbasak> mgz_: we were going to start running ntpd by default, but no need now.
<teward> does anyone know what the default charset is for a MySQL table on 12.04?
<teward> or do I have to hunt things down?
<mgz_> rbasak: aha, thanks!
<trippeh> rbasak: good. newer upstream ntpd supports client only modes without gross config hacks though.
<mgz_> so, still an issue for charms for now but goes away next lts
<trippeh> ntpd is the only reason our servers run with conntrack enabled (for UDP only, tho)
<trippeh> ntp in ubuntu is also on my list of outdated in ubuntu pet peeves :)
<trippeh> although its also outdated in debian, so..
<bitfury> hey guys, I'm trying to get a rackspace cloud VM going with an older version of Ubuntu (14.04.01 LTS) since they only have .02 I'm booting from an iPXE tool they have available but the only option I see is to use a "preseed" config file.. I have no idea what this is but would it be possible to specify the version I want install along with the ISO to use in there?
<sarnold> once you get to needing a preseed file, the ISO has already been selected and booted..
<bitfury> :( it's annoying they don't allow uploading an ISO and using it to build your VM..
<bitfury> lame
<bitfury> and importing an image into their cloud environment is a pita
<sarnold> I'm surprised they don't have the 14.04 or 14.04.1 images available. :/
<bitfury> I know :(
<lordievader> What is wrong with the .02?
<bitfury> nothing wrong, this is a test box I'm building and we would like to keep same version as production
<lordievader> Ah. In that way... Hmm.
<bitfury> could I somehow boot from .02 then downgrade .01?
<bitfury> to
<sarnold> it'd probably just be a matter of selecting the proper kernel metapackage, linux-image-generic, linux-tools, linux-generic, etc..
<bitfury> :\ sounds like hell
<sarnold> heh, I can understand; it'd be nicer to just find a 14.04.1 image in their cloud offerings in the first place.
<bitfury> yeah..
<sarnold> but downgrading a 14.04.2 to the earlier kernel is probably a much easier route than dealing with preseed files.
<bitfury> this would be another option: http://www.rackspace.com/knowledge_center/article/creating-an-ubuntu-1310-image-for-the-rackspace-open-cloud-0
<bitfury> but looks like a pita too..
<bitfury> dealing with kickstarter files, XenServer etc
<bitfury> damnuuuuu rackspaceee
<bitfury> are changes from .1 to .2 significant? I read a different kernel is used
<bitfury> would version of packages be different on default installation of both?
<sarnold> bitfury: the kernel and X11 family of packages are newer; the .2 kernel will be unsupported sometime in 2016, so you'd have to deal with that eventually. most users would never notice the difference, but it depends what you're going to do with the machine..
<sarnold> .. the last diagram on this page describes what I mean about the kernel being end-of-lifed before the rest of the release: https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<bitfury> idea is to have this box running our app for demos, testing is done locally by a developer (using a windows box)
<bitfury> I have another local VM running .01 where I test security and package updates
<lordievader> bitfury: Dd that over?
<bitfury> but I wanted to use this box to test all of this stuff
<bitfury> instead of having a local VM
<bitfury> guess I can keep it and then use .02 for demos
<bitfury> what's DD lordievader
<lordievader> dd, a bitcopy tool.
<bitfury> lordievader: hmm ok, 60G transfer to a remote server though..
<bitfury> across the internetz
<bitfury> never done it but I assume SSH is involved and that will add overhead.
<bitfury> might take a while..
<bitfury> fuck it, will roll with .02
<lordievader> Please watch your language.
<bitfury> sorry
<bitfury> thanks guys
<sarnold> have fun bitfury :)
<bitfury> sarnold: I'll try ;)
#ubuntu-server 2015-06-04
<Radar> We had a little over an hour of downtime this morning. What happened was that MySQL was killed due to out of memory, and then apparmor denied MySQL from starting up again. How can we investigate why this issue occurred?
<Radar> Particularly why apparmor blocked MySQL
<sarnold> Radar: dmesg | grep DEN ought to show you the denials; you can add the right privileges to allow them to the /etc/apparmor.d/usr.sbin.mysqld file -- and if they aren't specific to your site, you could file a bug so we include them for everyone else
<Radar> sarnold: This hasn't been an issue before today. From what I can see in the usr.sbin.mysqld file, the permissions are correct.
<Radar> I can show you the file if you'd like.
<sarnold> sure
<Radar> https://gist.github.com/radar/991f13af7859cdb69646
<Radar> the /var/lib/mysql path is symlinked to /srv/mysql
<Radar> I don't know what the "k" means here: https://gist.github.com/radar/991f13af7859cdb69646#file-mysqld-L33
<Radar> Looks like that it has been configured for access to those directories.
<sarnold> Radar: aha, probably that symlink...
<Radar> It's been symlinked for ages.
<Radar> We have an identically configured server where this is not an issue.
<sarnold> Radar: add a rule like "alias /var/lib/mysql/ -> /srv/mysql/" to /etc/apparmor.d/tunables/alias
<Radar> argh, our other server doesn't use a symlink!
<jjohansen> Radar, sarnold: if you suspect any of apparmor's trusted helpers might be involved then greping /var/log/syslog is better, as they are logging there
<jjohansen> eg. dbus
<Radar> My apologies, I thought they were configured the same.
<sarnold> jjohansen: gah thanks for the reminder. I'm still not used to this new world. :)
<sarnold> Radar: ahhhh :)
<sarnold> Radar: once you add the alias rule, you'll want to run apparmor_parser --replace /etc/apparmor.d/usr.sbin.mysqld
<Radar> Thanks for the tip sarnold :)
<sarnold> probably /etc/init.d/apparmor reload would do the same job...
<sarnold> Radar: the 'k' means the process can issue fctnl locks on the file; some days I wonder if it's worth actually mediating those, but we do. :)
<patdk-lap> I do
<lordievader> Good morning.
<solo1> how can i configure mdadm in a server raid1 ... it was with only 1 hd and i want to get raid1 using it ... i ve no idea how can i set ... 'due i found a lot of tutorial saying i must decide it when both are void or blank during server installation .... pls help
<lordievader> solo1: https://www.howtoforge.com/how-to-set-up-software-raid1-on-a-running-system-incl-grub2-configuration-debian-squeeze-p2
<solo1> to lordievader: tnx dude
<solo1> to lordievader i got only 2 hdd and the guide speaks about 3
<lordievader> solo1: Change it to your situation.
<histo> solo1: how are you going to use 1 hd and do raid1
<lordievader> histo: "i got only 2 hdd" Seems to me like he has two.
<histo> lordievader: didn't get that far.  His first comment was stated weird.
<IronDev> Guten Tag
<smoser> strikov, did you make any headway on bug 1371634
<strikov> smoser: i was able to create kvm instance with scsi multipath
<smoser> oh nice.
<strikov> smoser: playing with it now
<strikov> smoser: funny thing is that even qemu-emulated multipath contains spaces in disk name
<smoser> that is funny.
<smoser> maybe user_friendly_names is just what we need ?
<strikov> smoser: i suspect that issue might be in a different place
<smoser> i reproduced the issue using kpartx on a regular device
<smoser> see the bug
<strikov> smoser: yes, that's the first thought I have, thats quite strange that it is not default then
<smoser> i think that maybe kpartx to do that needs to replace ' ' with '\x20' or what not. maaybe the kernel juts expectst that and kpartx isnt doing it.
<strikov> smoser: i think that (a) kpartx indeed has a bug but (b) upstream didn't fix it because you usually don't get such an input
<strikov> smoser: example
<smoser> maybe
<strikov> smoser: http://pastebin.ubuntu.com/11564916/
<strikov> smoser: tool which gets disk serial has a way to eliminate spaces
<strikov> smoser: why not use it this way to generate udev name w/o spaces?
<smoser> http://paste.ubuntu.com/11564919/
<smoser> thta is from powerKVM
<smoser> on a similar system, and yeah, they don thave the funny names there.
<smoser> cmdline there has: $ cat /proc/cmdline
<smoser> root=UUID=6ef1254c-50ac-421a-bb4a-25619189b327 ro console=tty0 console=hvc0 crashkernel=1024M rd.lvm.lv=ibmpkvm_vg_data/ibmpkvm_lv_data rd.lvm.lv=ibmpkvm_vg_log/ibmpkvm_lv_log rd.lvm.lv=ibmpkvm_vg_root/ibmpkvm_lv_root rd.lvm.lv=ibmpkvm_vg_swap/ibmpkvm_lv_swap
<smoser> so thats where naems come from
<strikov> smoser: you don't see names because kpartx failed I think
<smoser> you think it failed on powerKVM ?
<smoser> strikov, see : /usr/share/doc/multipath-tools/examples/multipath.conf.synthetic:#
<smoser> getuid_callout          "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
<strikov> smoser: okay, so i reproed inside vm: http://pastebin.ubuntu.com/11564961/
<strikov> smoser: yeah, i just can't understand why default config doesn't work if disk names *usually* contain spaces
<strikov> smoser: i thought that we met some corner case
<strikov> smoser: but that's not the case if vm disks looks the same
<strikov> smoser: i'm trying to understand where dmsetup get this name
<smoser> strikov, i think it gets name from rules/60-persistent-storage.rules
<smoser> i think
<smoser> hm... well, at least that calls scsi_id
<strikov> smoser: i think that dmsetup doesn't use scsi_id and that's the problem
<smoser> strikov maybe you're right. /lib/udev/rules.d/55-dm.rules
<smoser> uses SYMLINK+=mapper/..... DM_NAME
<strikov> smoser: interesting: http://pastebin.ubuntu.com/11565129/
<smoser> hm. i dont know
<smoser> right.
<smoser> thats why my hack worked
<smoser> (when i replaced spaces with the \x20
<smoser> not sure what is creating either of those though
<strikov> smoser: http://pastebin.ubuntu.com/11565218/
<strikov> that's how udev gets the name, and name seems to be ok
<smoser> hm.
<strikov> smoser: alternative route (see udev rule) returns incorrect name though: http://pastebin.ubuntu.com/11565314/
<smoser> so something is creating both
<smoser>   /dev/mapper/1IBM     IPR-0   5EC2A900000000A0
<smoser> and
<smoser>   /dev/mapper/1IBM\x20\x20\x20\x20\x20IPR-0\x20\x20\x205EC2A900000000A0
<strikov> smoser: I think that path with \x20 comes from udev which gets it from kernel
<strikov> smoser: but i have no idea who creates first path with spaces
<smoser> ah. and the second is the symlink to ../dm-X . and the first is an actual block device (with same major minor as ../dm-X)
<smoser> https://lists.ubuntu.com/archives/foundations-bugs/2015-April/233983.html
<smoser> awesome.
<smoser> someone solved this for us 3 weeks ago
<smoser> :)
<smoser> https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1432062
<strikov> smoser: well, that's awesome
<strikov> smoser: let me try it inside a vm
<strikov> smoser: problem here is that we need to backport it everywhere i think
<strikov> smoser: or generate config with user_friendly_names if that really helps
<smoser> strikov, right. we would probably want to backport to trusty.
<smoser> but the bug reporter says that the install (d-i probably) installs 'user_friendly_names'
<smoser> so that would seem also acceptable
<smoser> but. would like to generally fix this also.
<strikov> smoser: http://pastebin.ubuntu.com/11565504/
<strikov> smoser: user friendly fixes the issue
<strikov> smoser: maybe we can generate this trivial .conf in curtin?
<strikov> smoser: with user friendly it uses mpathN instead of disk name which fixes the issue
<smoser> strikov, sweet. i'm testing user friendly names rightnow, and will update that bug.
<smoser> reboot in progress.
<smoser> strikov, worked!
<smoser> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1371634/comments/17
<smoser> strikov, ... but this doesnt give you warm fuzzies
<smoser> http://paste.ubuntu.com/11565939/
<smoser> smb, ^
<smoser> so.. installed a system with curtin
<smoser> followed https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1371634/comments/17
<smoser> reboot
<smoser> scary messages about ext4 in mdesg
<strikov> smoser: did it boot, i mean do you have something working?
<smoser> yeah. it worked
<smoser> but then scary ext4 messages :)
<smoser> those scary messages appear on both systems that i tried it on
<strikov> smoser: do they block everything or you can continue doing something in bash
<strikov> smoser: trying to repro in the vm; my multipath disk is not used as / so i could miss it
<smoser> https://bugzilla.kernel.org/show_bug.cgi?id=42723
<smoser> strikov, it all "just works" with those steps
<smoser> (other than the fact that you get filesystem errors :)
<smoser> strikov, can you write somewhere how you fixed ?
<smoser> er... how you made kvm do multipath
<strikov> smoser: http://pastebin.ubuntu.com/11566036/
<strikov> smoser: (1) that's important to put same serial numbers for both disks and (2) scsi-virtio controller needs to be added
<strikov> smoser: that's basically it
<bitfury> good morning all
<strikov> smoser: i used cloud image as mail disk and userdata was generated with cloud-localds
<smoser> strikov, would be nice to make 'launch' do that :)
<smoser> do/support
<strikov> smoser: yeah, i just didn't look into xkvm stuff so not sure if it's simple to do it with it or not
<strikov> smoser: i just run bonnie++ fs benchmark on mounted multipath partition, don't see any ext4 issues
<smoser> strikov, well i fyou grab the kvm command that should give you most of what you need to know.
<strikov> smoser: hm, do you think that installing multipath-tools-boot (not multipath-tools) is enough for curtin
<smoser> -tools-boot depends on -tools
<smoser> so yeah
<smoser> so with xkvm... if you added '--multipath-disk=disk1.img' and it did that magic, that'd be cool.
<smoser> strikov, but maybe you shouldnt spend time on that.
<smoser> but work on the other curtin things. thats probably better idea
<strikov> smoser: well, we need implement multipath in curtin :) i'm working on mp now
<rbasak_> Hi
<rbasak_> I'm on 3G.
<rbasak_> Sorry for the lack of notice. I wasn't expecting four electricians to turn up in my kitchen all at once.
<rbasak_> They've had to turn off the entire house power because it seems the kitchen didn't have a supply of its own and was just leeching from other bits of the house. So I have no working sockets right now :-(
<rbasak_> Oh, wrong channel.
<rbasak_> gaughen: ^^
<gaughen> :-)
<smoser> strikov, thats true.
<smoser> multipath in curtin and a way to test it via 'launch' would be nice.
<strikov> smoser: do you see any simple way to try modified curtin with your machine w/ ,p?
<strikov> *w/ mp
<strikov> smoser: are you sure that 'sudo update-initramfs -u -k all' is really needed?
<strikov> smoser: i suspect that multpath-tools-boot should do that internally
<smoser> strikov, but i write the file after i install the packkage
<smoser> that was just to make sure our version of the file was installed.
<strikov> smoser: oh, i see your point, i forgot that multipath.conf needs to be included into initramfs
<smoser> strikov, its possible that system has some bad disk i think
<smoser> http://paste.ubuntu.com/11567312/
<strikov> smoser: yeah, i suspect that's not multipath-related
<strikov> smoser: we may want to ask #hs about it
<strikov> smoser: http://bazaar.launchpad.net/~strikov/curtin/multipath-2/revision/210
<squisher> rbasak, heh, good luck with the electricians! Ping on the bcache pkg-ing... I think a glance should be good enough, then we should just upload it and if there are issues people will hopefully complain :D
<Voyage> How much downtime is expected if I have hosting setup right but I transfer my domain registrar from one registrar  to another
<squisher> Voyage, totally OT, but you shouldn't expect any downtime if things go right
<Voyage> OT?
<filipoi> Hi there, I have a problem with setting up nginx in lxc. It doesnt want to serve any files. After fresh install when I check my domain in a browser I got default page â ok. But when trying to change root directory I've got blank page with "ERR_CONNECTION_REFUSED" message. I thougt that I didnt properly fowarded port 80 to lxc â but no I could run python simple HTTP server on port 80 and everything
<filipoi> works correctly. Also I thought that maybe it has something to do with permission on my root dir â but I think no â I change nginx user to root user and nothing changed â still I cannot serve directory that I pointed in my server block.
<filipoi> Any ideas?
<filipoi> I'm a begginer so I probably made some stupid mistake but I dont know where...
<strikov> filipoi: do you see anything suspicious in nginx's logs?
<filipoi> strikov: in error.log Ive got only one line
<filipoi>  [alert] 10198#0: unlink() "/run/nginx.pid" failed (2: No such file or directory)
<teward> there's your problem
<teward> nginx can't find the pid :P
<filipoi> aha
<teward> (which is bad)
<filipoi> I guess ;)
<filipoi> how can I fix it?
<teward> filipoi: "Connection Refused" is the system's way of saying that you either got a "REJECT" packet or the connection attempt was blocked because no service was listening.
<teward> run `pidof nginx` first to see if it's still 'running'
<teward> if it is, `sudo killall nginx` then try and reload the nginx service
<filipoi> yaeh the output is " 11032 11031 11030 11029 11028 "
<teward> filipoi: start by terminating the existing nginx processes, first with `sudo service nginx stop`
<teward> if thta fails kill them with the prior command
<teward> `service nginx start` then
<teward> filipoi: stupid question but you DID refresh the configuration right, when you edited the config?
<filipoi> tewardtewar: I think so
<filipoi> I mean I restarted nginx
<teward> well killing nginx and reopening it will refresh the config
<filipoi> and reloaded
<teward> filipoi: i think you restarted it but it failed to load given the 'failed to find pid' issue and "Connection Refused"
<filipoi> oh I see
<filipoi> but why it failed?
<teward> no idea, it'd require a lot more debugging than I cna throw at it right now
<teward> also not sure why you're running it in a container, it sounds like it's a hassle
<filipoi> heh somebody told me that it is a good way ;)
<filipoi> anyway it is just for learning pupropses
<filipoi> I dont have any real website to serve
<squisher> filipoi, if you're learning, then it's probably a good idea to get familiar with the software itself first, and only then run it in a container afterwards
<teward> ^ that
<teward> me, I just VM everything, but i have a large VM cluster for that purpose
<filipoi> yeah â but I had nginx running on the host before
<filipoi> now I wanted to try soemthing different
<filipoi> ok I gotta go â thanks for your time.
<teward> well i've had bad luck with lxc containers anyways, hence why I invested in a beefy VM host server xD
<teward> and no problem
<squisher> If I was to experiment with containers it'd probably be docker
<teward> what squisher said xD
<teward> although i prefer VMs since i have many vlans for different network access levels xD
<Kully3xf> what's up guys/gals. Trying to write a loop that will inject a shell script over ssh taking in IP's from a list
<bekks> So do it.
<bitfury> that's strange, trying to sync clocks against NIST NTP servers but iptables is blocking it even though I have a proper rule for allowing returning traffic (established, related)
<bitfury> http://is.gd/Wgweju
<patdk-wk> that only works if your using conntrack
<bitfury> paste of iptable rules, ntpq -p returns timed out, nothing received
<bitfury> :\
<patdk-wk> I wouldn't use nist ever though
<patdk-wk> those timeservers are so overloaded, and they bandwidth limit
<bitfury> what's onntrack?
<patdk-wk> just use pool.ntp.org
<bitfury> c
<Kully3xf> what does ssh -tt do
<bitfury> patdk-wk: we're required to use NIST (compliance of some sort)
<patdk-wk> ok
<patdk-wk> test with pool.ntp.org to VERIFY it's not a nist issue
<bitfury> lets see
<patdk-wk> what is your ip?
<bitfury> hmm
<bitfury> same with pool.ntp.org
<bitfury> what ip
<patdk-wk> that your traffic is coming from
<Sprocks> i seem to be having a problem mounting a cifs share in fstab, when i use the same info that works on another ubuntu i get mount error(95): Operation not supported Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) but it doesnt say what is wrong. If i use sudo mount with the same info it mounts fine
<sarnold> Sprocks: is there anything in dmesg?
<Sprocks> how do i check?
<bitfury> patdk-wk: not sure I would like to disclose it here
<patdk-wk> hmm?
<patdk-wk> your public ip is so private your not allowed to use it on the internet?
<sarnold> Sprocks: dmesg | tail
<patdk-wk> sorry, but heh, not sure how to help anymore
<Sprocks> sarnold: cifs_mount failed w/return code = -95
<bitfury> patdk-wk: not about being private, that's like asking someone I just met for their home address
<patdk-wk> no it's not
<bitfury> I think it is
<Sprocks> sarnold: also says Server requires packet signing to be enabled in /proc/fs/cifs/SecurityFlags
<quantic> well, it's not
<patdk-wk> ya, cause if I know your ip address, I know where you are and can kill you in your sleep
<patdk-wk> networks use ip addresses
<patdk-wk> without ip addresses diagnostics of network issues are impossible
<patdk-wk> sorry,  Ican't help you
<bitfury> ok thanks
<sarnold> bitfury: turn off iptables entirely and test?
<bitfury> hmm lets give that a shot
<sarnold> Sprocks: hmm never heard of that; maybe try to modprobe cifs manually?
<Sprocks> sarnold: to turn off iptable i use ufw disable right?
<bitfury> sarnold: that did it..
<sarnold> Sprocks: I think so
<bitfury> but my first rule should allow return traffic though..
<sarnold> bitfury: hah, sorry, now you have to figure out the rules :)
<bitfury> heh, yep
<Sprocks> sarnold: like i said is i use mount -t cifs it works but info in /etc/fstab doesnt
<Sprocks> sarnold: i used this guide to get it to work on the one machine https://wiki.ubuntu.com/MountWindowsSharesPermanently#Mount_password_protected_network_folders
<sarnold> Sprocks: interesting; that guide recommends putting the credentials in your home directory. that seems odd. try putting the credentials in /etc somewhere, set file owner and group to root, and then adjust /etc/fstab for the new name..
<Sprocks> sarnold: i thought that was wierd also but it worked great on the one machine with an identical setup as far as im aware
<Sprocks> sarnold: moved it to /etc and still same result "operation not supported"
<sarnold> Sprocks: oh well, that was a long shot :/ I've got to run; pastebin your fstab and maybe someonme will figurfe it out before Ig et back
<Sprocks> ok so to continue the testing process i removed the uid arg and now i get mount error(79): Can not access a needed shared library
<Sprocks> im getting mount error(13): Permission denied when trying to mount a cifs share in fstab is someone able to help?
<Sprocks> ok i fixed it now, there was a hidden character in my credentials file somehow. sarnold the issue i had before seemed to be the sec=ntlm part but since ntlm is default i guess it doesnt matter that its not there
<sarnold> Sprocks: hah, that's a crazy path to get there.. nice debugging :)
<trippeh> Hmmm. I cant control systemd-timesyncd without dbus?
<patdk-lap> you can't use systemd without dbus
<trippeh> patdk-lap: pretty sure I am.
<patdk-lap> ok, your limiting your systemd usage :)
<trippeh> I'm running ubuntu core, it has systemd and no dbus running.
<patdk-lap> hmm
<patdk-lap> I thought dbus was a goal of systemd
<trippeh> udev is active tho, of course ;-)
<trippeh> seems most parts of systemd works fine without dbus, at least the stuff needed for servers.
<trippeh> except controlling timesyncd ;)
<trippeh> I really need to take a long and hard think about if I want to have dbus on my servers.
<ObrienDave> decisions, decisions
<trippeh> I have until 16.04 LTS to decide ;)
<sarnold> please file bugs :)
<trippeh> maybe I dont really need timesyncd *control*. would be nice for debugging the thing tho.
<sarnold> it's hard to imagine a timesync thing not needing debugging or control once in a while, and I completely understand the deisre to keep dbus off if you can..
<trippeh> easy way out is just to run ntpd, but the deb/ubu packaged version is too old for the client-only mode
<trippeh> which means I have to firewall the thing, and using conntrack and stuff (thanks, UDP)
<trippeh> I suppose I could do it statelessly if using just a few known ntp servers. not perfect, but what is
<Scott_S> Hey there! Does anyone here have any idea why Postfix would be rejecting port 25 connections from outside of localhost? inet_interfaces is set to all, but it still won't accept the connection.
<sarnold> Scott_S: is there anything in the postfix logs? has that port been filtered by your firewall? has that port been filtered by your ISP?
<Scott_S> To verify, is that mail.log and mail.err? Sorry, I don't have any amazing amount of knowledge about POstfix.
<sarnold> me neither :) both those are good places to start, anyway..
<Scott_S> Neither of them has anything in them, unfortunately.
<sarnold> dang. check postconf output for what looks like log files..
<trippeh> Port 25 is often filtered if you are testing from a residential connection
#ubuntu-server 2015-06-05
<Scott_S> See, I would think it was that, but netstat shows that master is listening on port 25 for both * and 0.0.0.0.
<Scott_S> Which leads me to believe it is actually listening to the port, but refusing the connection.
<sarnold> Scott_S: ah! if it's actually listening than firewall inspection is the next best step I think
<trippeh> residential ISPs doesnt like their users having spambots spewing spam :)
<Scott_S> trippeh, Datacenter actually, but I did request port 25 traffic be permitted and they replied back stating that they had removed the restriction filter. I'll check with them again just to make sure.
<sarnold> Scott_S: .. it might be denied by shaw ..
<Scott_S> sarnold, I'm able to connect to my other server properly, which is configured with Windows. It'd be ridiculous for Shaw to restrict *incoming* port 25 traffic.
<Scott_S> Otherwise, well, no one would use IMAP.
<sarnold> Scott_S: I meant, if you're trying to test from your home laptop, shaw might prevent you from connecting to port 25 on the way outbound, to reduce spam..
<trippeh> Scott_S: "email clients" dont really use port 25 anymore. the client to relay traffic is SMTP on port 587
<trippeh> aka "submission"
 * trippeh sees if this systemd-networkd thing is working
<Scott_S> Interesting. I'm curious why Postfix is set up to use port 25 by default.
<trippeh> To recieve email from relays ;-)
<trippeh> relay -> mx is still on 25.
<Scott_S> trippeh, so IMAP uses port 587 for actually sending mail via TLS?
<trippeh> no. IMAP does not usually send email at all.
<Scott_S> Erm sorry, I meant for receiving mail. I know that smtp is for sending.
<Scott_S> I think I may be screwing up my ports and services. I'll figure it out later.
<trippeh> IMAP uses different ports, none 25
<trippeh> and not really related to Postfix
<trippeh> yeah :)
<Scott_S> Shows how much I set up these things, I'm unable to send mail via SMTP, which is supposed to use port 25 (apparently).
<sarnold> Scott_S: when debugging mail problems it's best to use the simplest tools ever: nc to specific hosts, on specific ports, and hand-type the smtp sending session..
<sarnold> Scott_S: test from localhost, from inside the same DC, from outside the DC, etc..
<sarnold> if you're testing using full-blown  MTAs you'll drive yourself insane quickly.
<trippeh> ok, networkd did bring up networking, thats something I guess :)
<trippeh> no idea how to make it set accept_ra=0 before link up hmmm
<Scott_S> sarnold, If you're still here, I simply enabled SSL smtp, which appears to have fixed the issue as I now connect via 465. Port 25 worked from localhost, just not from external network.
<OpenTokix> trippeh: pre-up in /etc/network/interfaces
<OpenTokix> trippeh: or just set ipv6 to manual, or add it to /etc/sysctl.conf
<OpenTokix> trippeh: You want it to use dhcp6?
<Dyon> Hi - I'm trying to setup an LDS for "managed" repository mirroring, can this only be accomlished with landscape-api and do I have to know all urls by head (e.g. MAAS repo, JuJu Repo, Cloud) or is there some magic command hidden somewhere? :-)
<lordievader> Good afternoon.
<trippeh> OpenTokix: that is for ifupdown, not systemd-networkd.
<trippeh> OpenTokix: anyway, ifupdown handles most of it without those kinds of hack
<trippeh> I'm just trying out the future ;)
<OpenTokix> trippeh: ok
<OpenTokix> trippeh: And the future does not include autoaccept_ra? =)
<trippeh> not yet, *it seems*
<trippeh> got it worked aroud in dbus for now
<OpenTokix> trippeh: What is your aversion for RA?
<OpenTokix> trippeh: I am curious that is
<trippeh> sometimes in server-land you want to do a fully static config, even for gateway, thats all
<OpenTokix> trippeh: ok
<trippeh> say, your switch may not have the required RA filtering for it to be used securily
<OpenTokix> you mean you get some errornous ipv6-address?
<OpenTokix> ie. malconfigured network?
<trippeh> say, a machine in the same VLAN gets owned, and starts announcing itself as gateway for MITM
<OpenTokix> ok
<OpenTokix> yes, that would be a bad thing
<trippeh> same problem with DHCP of course. good switches can snoop/filter it as well
<giammy2290> ho aperto qusta discussione nel forum di ubuntu http://forum.ubuntu-it.org/viewtopic.php?f=28&t=598243
<giammy2290> qualcuno riesce a darmi una mano?
<giammy2290> thx
<giammy2290> ?
<sgo11> hi, is that possible to try ubuntu server before installing it? I boot the usb and don't see "try ubuntu" option. thanks.
<lordievader> sgo11: Err, as Ubuntu Server doesn't have a gui I do not think that it is possible.
<sgo11> lordievader, there are many linux distributions run in usb (live OS). why can't I run live ubuntu server? this is nothing about GUI from my point of view...
<lordievader> Oh it is possible, just not with the installer that the Ubuntu Server iso comes with.
<sgo11> lordievader, got it. thanks a lot. very sad.
<lordievader> sgo11: You could basically take one of the live-cd's and boot with the 'text' kernel parameter....
<sgo11> lordievader, ok. I am checking http://live.debian.net/
<zul> smb/hallyn: libvirt 1.2.16 is building in my ppa:zulcss/libvirt-testing ppa
<hallyn> zul: cool.  i'll make a note to test that in a bit
<jrwren> sgo11: what do you want to do? anything the server distro can do, the desktop distro can do. You can try ubuntu server by running try on the desktop.
<sgo11> jrwren, Just want to run a live server. I am downloading debian-live-8.0.0-amd64-standard.iso now. thanks.
<teward> sgo11: well, that's not a 'live server' either, that's a live image, it can *run* live but it's not a server
<sgo11> teward, why is that not a server? so how can I run a proper live debian or ubuntu server? thanks.
<jrwren> use the ubuntu live image and run?
<jrwren> hrm, to be honest, I don't know what a liver server is. I'll leave you to it.
<sgo11> jrwren, a live server is just booting the server from usb and load it to ram and running from ram.
<sgo11> for example, freenas.org
<sgo11> based on freebsd.
<jrwren> how is that different than live desktop?
<jpds> sgo11: I think you'll be far off running it in a VM.
<sgo11> jrwren, I am not an expert. I am not very sure. a server supposed to have less space, faster performance etc.. because I don't need any GUI libs and because I am not an expert, i just want to find some already optimized tuned system to use.
<DonRichie> hi, what is the best software to monitor the services of a single machine?
<jpds> !best | DonRichie
<sgo11> jpds, I need the server to run in a physical machine. so I am not planning to use a VM. thanks.
<jrwren> sgo11: lordievader's suggestion of regular live cd and 'text' mode matches that. ubuntu-server is not 'tuned' any different than desktop. The difference is in default packages.
<jpds> sgo11: In any case, you can't try Ubuntu Server like you can the desktop.
<jpds> DonRichie: Depends on your needs, most people need to use Nagios and friends.
<sgo11> jrwren, jpds, OK. thanks. I will try the live debian image first. not sure what is in it. just complete my download.
<jrwren> sgo11: what server software will you run?
<sgo11> jrwren, samba, nfs, nginx, nodejs
<jrwren> sgo11: cool. good luck. I'd be interested in reading about your experience
<sgo11> jrwren, thanks a lot. :)
<marcaddeo> hey guys, i have a ubuntu server dvd and i'm at the screen that lets you decide what to do "Install ubuntu" "Test Memory" etc... im just trying to get into text mode so i can have a terminal and try and test a potentially broken hard drive and recover my zfs pool
<tonyyarusso> marcaddeo: Second person today...no, the server DVD doesn't have a "live environment" option.  The desktop one does, or you could create something like it by installing to a flash drive.
<marcaddeo> tonyyarusso: i see. damnit. i tried the desktop one, but it doesn't boot because the server doesnt have real graphics
<tonyyarusso> marcaddeo: I think there's a "dumb down the graphics" option somewhere.
<tonyyarusso> Or a couple really
<tonyyarusso> Change the graphics type, disable splash
<tarpman> server installer should still have rescue mode
<tarpman> not sure if there's a menu entry for it -- if not, edit the command line, add 'rescue/enable=true' to the end (no quotes)
<marcaddeo> tarpman: how does rescue mode work though, it goes into a command line gui screen to start doing stuff... i just would like to get into a terminal so i can run SMART and what-not
<tarpman> marcaddeo: follow the prompts, eventually you will have the option of mounting your existing system and getting a shell in it, or just getting a shell in the installer environment
<tarpman> marcaddeo: if you need more features (e.g. ability to install packages with apt-get) you might have better results booting a desktop dvd in text mode (add 'text' to the end of the boot command line), like tonyyarusso suggested
<marcaddeo> tarpman: thats what im trying to do, desktop text mode but i can't get it to work
<marcaddeo> my kvm keeps complaining about the resolution
<tarpman> marcaddeo: ok, boot with 'text nomodeset'
<marcaddeo> i've tried removing quiet splash, and adding -- vga=770 text
<marcaddeo> okay
<marcaddeo> tarpman: should i remove the quiet splash?
<tarpman> marcaddeo: up to you. nomodeset forces splash to be disabled iirc. removing quiet just means you see more kernel messages
<marcaddeo> also: the docs say it should be like quiet splash -- (boot options here)
<marcaddeo> but when im editing it, it's actuall quiet splash ---
<marcaddeo> note the third -
<marcaddeo> should there be three?
<tarpman> yes, with newer kernels it's ---
<marcaddeo> ah i see
<tarpman> just to check, which ubuntu version is your dvd? 14.04.2?
<marcaddeo> 15.06 i think
<tarpman> ah
<ObrienDave> 15.04 ;p
<marcaddeo> whateer :p
<tarpman> 'text' doesn't work with 15.04 -- use 'systemd.unit=multi-user.target' instead
 * tarpman really should file a bug about that
<marcaddeo> ah!
<marcaddeo> you may have jsut made my day much better lol
<marcaddeo> tarpman: is nomodeset still going to work?
<tarpman> marcaddeo: yes
<tarpman> marcaddeo: I'm not sure how that interacts with the --- ... if it's still giving you grief, I'd try dropping those
<marcaddeo> it worked! thank you tarpman
<tarpman> :)
<hallyn> zul: feh, lots of failures in qrt with libvirt 1.2.16.  they look familiar, though
<hallyn> something to look at next methinks
#ubuntu-server 2015-06-06
<zul> hallyn,  ack
<ibrahim> hello there, I have a ubuntu server and osticket is installed on it, I want from osticket to send email notifications and for this I have installed postfix but I am not receiving emails.
<lordievader> Good morning.
<NAoH> Hey can anyone give me some help with my server?
<lordievader> !ask | NAoH
<ubottu> NAoH: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ibrahim>  hello there, I have a ubuntu server and osticket is installed on it, I want from osticket to send email notifications and for this I have installed postfix but I am not receiving emails.
<NAoH> I'm trying to set up a LAMP stack. It's on a fresh copy of 14.04, apache is severing, however the websites are only available on other computers in the local network, not via the public IP.
<NAoH> I am pretty sure port 80 is forwarded correctly
<bekks> NAoH: So what happens when you try to access your site from outside (notfrom inside using the public ip)?
<NAoH> "connection refused"
<lordievader> NAoH: What is the output of 'nmap -p 80 <public-ip>'?
<bekks> NAoH: Are you really trying from outside your network?
<NAoH> installing nmap now
<NAoH> I'm accessing it via a computer on the local network, with the public IP in the url
<bekks> That not going to work.
<bekks> You need to access it from _outside_ your network.
<NAoH> Nmap:
<NAoH> Starting Nmap 6.47 ( http://nmap.org ) at 2015-06-06 10:04 UTC Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.06 seconds
<bekks> See above.
<lordievader> NAoH: If you have an ip for me I could check for you.
<NAoH> Just connected to it via a computer outside of the network, it's defo down
<NAoH> 121.208.43.132
<NAoH> don'thackmeplz
<lordievader> Port 80 is filtered.
<NAoH> http://i.imgur.com/YWuNcIU.png
<NAoH> do the confs look correct?
<lordievader> NAoH: I suppose, does 0.13 run a firewall?
<NAoH> well ubuntu is a fresh install, I don't think it comes with prohibitive settings out of the box
<NAoH> i'll check through my router. Hosting an Apache server on my windows desktop worked fine. I was able to connect from remote computers
<bekks> It comes with prohibitive settings by default :)
<NAoH> Good old ubuntu, always has my back haha
<NAoH> I tried turning ufw off completely to experiment, is that enough?
<NAoH> (because that didn't work)
<bekks> Whats the output of "sudo lsof -i | grep apache"?
<NAoH> server@UnixServer:~$ sudo lsof -i | grep apache apache2  1067     root    4u  IPv6  15797      0t0  TCP *:http (LISTEN) apache2  1070 www-data    4u  IPv6  15797      0t0  TCP *:http (LISTEN) apache2  1071 www-data    4u  IPv6  15797      0t0  TCP *:http (LISTEN)
<lordievader> !paste | NAoH
<ubottu> NAoH: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<NAoH> thanks
<NAoH> http://paste.ubuntu.com/11602601/
<lordievader> It does listen to ipv4 ports right?
<RoyK> lordievader: it was only one line ;)
<bekks> No, it doesnt listen to IPv4 at all.
<lordievader> RoyK: According to his paste, it were 3 lines. My point exactly.
<NAoH> No problem, i'll use the paste site for CLI outputs
<RoyK> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<NAoH> Any idea where I should go from here?
<bekks> Configure your webserver to listen to IPv4.
<RoyK> sometimes lsof etc only shows the ipv6 socket open, but it may be listening to ipv4 on the same socket. lots of software do just that
<RoyK> try to telnet to 127.0.0.1 <port> to check
<RoyK> (not 'localhost', because that may mean both 127.0.0.1 and ::1)
<NAoH> http://paste.ubuntu.com/11602639/
<NAoH> Maybe i entered it in wrong?
<RoyK> microsoft telnet?
<RoyK> what's the server's ip address?
<RoyK> also - better login to the linux server and try from there - to localhost - to see if that works first
<RoyK> in case a firewall or something stops it
<NAoH> I think it worked
<NAoH> http://paste.ubuntu.com/11602670/
<NAoH> That's from my ubuntu machine, running telnet to itself at port 80
<NAoH> I should explain, I have 2 computers on my network. Linux "server machine" and Windows. The windows machine is a development platform and I want to learn to set up a server so I can experiment with writing web applications.
<NAoH> So the linux server will simply be a LAMP server that I just send my web app projects to, and can access on the web.
<NAoH> in other words. I'm a little slow to catch up with all of the linux stuff
<NAoH> but it's cool as hell
<RoyK> NAoH: you connected to ::1 there - try "telnet 127.0.0.1 80"
<NAoH> ok
<NAoH> Connected no problem
<RoyK> good
<RoyK> then from windows - telnet into the server's ip address, port 80
<bekks> IPv4 address.
<RoyK> NAoH: do you have a valid IPv6 address on that linux server?
<linuxmint> # blkid
<RoyK> linuxmint: ?
<linuxmint> Can anyone help me understand and/or fix my disks? I have 4 disks http://dpaste.com/1NAQ2WT, but shows only 1 55GB mounted, but I have no 55GB http://dpaste.com/3GJF8AX, only 120GB?
<NAoH> RoyK: I don't know, how do I find out?
<bekks> linuxmint: You are using Mint, dont you? :)
<RoyK> NAoH: pastebin ip addr list
<linuxmint> bekks: this computer is Mint, but my disks issue is using Ubuntu server.
<bekks> linuxmint: fdisk isnt recognizing the GPT labels, so use gdisk -l, at first glance.
<RoyK> linuxmint: pastebin lsblk output
<NAoH> RoyK: http://paste.ubuntu.com/11602793/
<RoyK> NAoH: nah - no ipv6 there - just a link local address
<NAoH> RoyK: How do you mean?
<linuxmint> bekks: http://dpaste.com/382PCZQ
<RoyK> inet6 fe80::21b:78ff:fe84:823/64 scope link <-- fe80::... is link local
<linuxmint> RoyK: http://dpaste.com/0S92EJJ
<RoyK> linuxmint: what's on those 120GB drives?
<NAoH> Royk: How do I set that up?
<linuxmint> RoyK: I installed Proxmox and I thought I set up a RAID on the 4 x 120GB disks, but I don't think it's working?
<RoyK> NAoH: don't care about that now - if your ISP hasn't supplied you with IPv6 or your network hardware doesn't support it, it's of little use except experimentation
<RoyK> linuxmint: try mdadm --assemble --scan
<linuxmint> RoyK: http://dpaste.com/0J17BYS
<RoyK> what drives did you use for the raid?
<linuxmint> RoyK: I thought I used the 4 x 120GB, but maybe it didn't setup properly.
<RoyK> if all 120GB drives, then you might have slightly broken it by installing ubuntu on one of them :P
<linuxmint> The issue is a monthly backup took place and filled the disk (says 92% of 55GB?) and now I'm trying to fix the disks.
<RoyK> I'd guess trying a manual assembly might work if it's fixable
<RoyK> what does /proc/mdstat have to say?
<linuxmint> What's a manual assembly? pulling out cables?
<RoyK> linuxmint: mdadm --assemble /dev/md{something} /dev/{your,drives}
<linuxmint> http://dpaste.com/3SE6N7C
<NAoH> RoyK: Do I have to allow the ports via iptables?
<RoyK> linuxmint: cat /proc/mdstat
<RoyK> NAoH: obviously, yes
<RoyK> NAoH: I'd recommend using ufw if you don't need anything special
<linuxmint> http://dpaste.com/2WQ7A6E
<NAoH> RoyK: Damn, that's not obvious to me. I only just figured out iptables exsisted. What would the command to allow port 80 through?
<RoyK> linuxmint: ok - try something like this - mdadm --assemble /dev/md0 /dev/sd[bcd]3
<RoyK> NAoH: pastebin iptables -vnL
<RoyK> NAoH: if nothing's blocked, no need to open
<NAoH> RoyK: Nothing is blocked, fresh install of ubuntu
<RoyK> and telnet <yourip> 80 from windows tells you what?
<NAoH> http://paste.ubuntu.com/11602840/
<linuxmint> http://dpaste.com/1SN680A
<RoyK> linuxmint: not sure, then...
<NAoH> RoyK: http://paste.ubuntu.com/11602840/**
<RoyK> NAoH: all accepted - iptables isn't the issue
<RoyK> linuxmint: any data there you haven't backed up?
<linuxmint> pretty much all of it, as the backup overfilled the disk, so I had nothing to transfer to a 2nd safe computer.
<RoyK> linuxmint: better use something like crashplan.com (or something faster?) next time. a raid isn't backup. it just helps you whenever a disk dies
<linuxmint> yes, that's why I had RAID setup. I then auto transferred the backups to a 2nd computer, but due to disk overfill, no backup or transfer.
<RoyK> linuxmint: just one thing - looks like you have four 120GB drives where linux is installed on one of them, and then a 500GB drive that's not in use
<linuxmint> yes, it's a mess somehow.
<RoyK> linuxmint: http://ubuntuforums.org/showthread.php?t=1947275
<RoyK> some of that might work, but it may also ruin what's left
<linuxmint> is this the right link? https://www.code42.com/crashplan/
<RoyK> yep
<linuxmint> k
<RoyK> linuxmint: crashplan.com is ok, but make sure you disable deduplication - if not, it renders more or less worthless when you get closer to 1TB of data
<RoyK> I moved to crashplan.no - norwegian reseller with local servers - *far* faster, but a bit more expensive
<RoyK> linuxmint: I hope that data isn't too valuable :P
<linuxmint> RoyK: I can rebuild the whole lot, but it will take a while. I woudl prefer not to. there must be a way of seeing what the error is and working it?
<RoyK> usually --assemble should work
<RoyK> but if it can't find the superblock, you'll have to try to recreate it with --assume-clean in which you'll need the correct order and layout of the raid
<linuxmint> k, sounds tricky. I'll work through that link 1st.
<RoyK> linuxmint: never had to do that myself - only tried it in the lab - been using mdraid for some years (10+), though, without much issues
<linuxmint> k, hopefully this is the problem. I think if I just empty the disk a bit, I could run a backup.
<RoyK> linuxmint: If you can access the data, get it off to somewhere, maybe crashplan, maybe elsewhere. Then recreate the RAID somewhat more sane. You have four 120GB drives - perhaps using these ones in a RAID-5 could do, with the root on a small partition the 500GB drive or perhaps even on a pendrive
<RoyK> ?
<linuxmint> yes, I just finished installing CrashPlan.
<RoyK> what sort of raid layout did you have before this crashed?
<linuxmint> I can't remember.
<linuxmint> It seems I didn't setup a RAID according to the # mdadm --assemble --scan command.
<RoyK> what does pvs tell you?
<RoyK> may have been some lvm raid
<RoyK> or proxmox? zfs?
<linuxmint> http://dpaste.com/2W5AEA0
<RoyK> I saw something about zfs being supported
<RoyK> linuxmint: So you installed proxmox and setup a RAID and then reinstalled with ubuntu, right?
<linuxmint> Yes, I'm a bit confused now, as I started looking at how to fix up the backups, with either Proxmox ZFS or NAS4Free.
<linuxmint> Now I'm working through CrashPlan, so I have 4 options in my head.
<RoyK> never mind backup until you can access the data
<linuxmint> k
<RoyK> zfs isn't installed by default on ubuntu
<RoyK> there's fuse zfs, ok for reading and getting data off the drives, but sucks at i/o, and there's zfsonlinux, separate repos
<linuxmint> I tried to install zfs, but I don't think I succeeded.
<RoyK> I use zfsonlinux, but wouldn't recommend it if you need flexibility, as in adding another drive to increase storage
<linuxmint> It might be installed, but not configured.
<RoyK> try 'zpool status' and 'zpool import'
<RoyK> actually, the partition layout looks like zfs
<RoyK> (or perhaps not)
<RoyK> anyway - does zpool status has anything to say?
<linuxmint> -bash: zpool: command not found
<RoyK> apt-get install zfs # or something
<RoyK> debian-zfs, perhaps
<RoyK> that's the fuse zfs - should do
<RoyK> at least, it should show you if something's there
<linuxmint> -bash: debian-zfs: command not found
<linuxmint> I guess not installed.
<RoyK> apt-get install zfs-fuse
 * RoyK had to check on an ubuntu box
 * RoyK usually uses debian on servers these days :P
<linuxmint> k, # zpool status. no pools available.
<RoyK> zpool import
<linuxmint> yes, # zpool import. # zpool status. no pools available.
<RoyK> no output from zpool import?
<linuxmint> yes, no output.
<RoyK> perhaps zpool import -D ?
<RoyK> (without the ?)
<linuxmint> yes, also no output.
<RoyK> ok - then I have no idea where your data went
<linuxmint> yes, the data is still there as it's running.
<RoyK> oh
<RoyK> then get it off the drives
<RoyK> and reinstall on something sane :)
<linuxmint> lol
<linuxmint> lol/cry
<RoyK> no reason to cry if you can still access the data
<RoyK> if someone can lend you a portable drive, say 1TB, that'll probably be the easiest - crashplan tends to be slow
<linuxmint> yes, but not sure if I can get the data off the drive, as the disk says 92% of 55GB. That means I can't run a backup. I think I'll need to look for the data (a vz file), then scp or something?
<RoyK> I don't quite follow you
<linuxmint> well, I setup a 2nd computer with NAS4Free, but haven't figured it out yet.
<RoyK> you didn't have anything on that RAID?
<RoyK> those 50GB shouldn't be a problem
<linuxmint> well, the RAID apparently doesn't exist. There's the data of a few VMs I'll need to file where they're at.
<RoyK> kvm? virtualbox? xen?
<linuxmint> I think it's a kvm.
<RoyK> then /var/lib/libvirt/images/
<linuxmint> http://dpaste.com/0XX9DD8
<RoyK> no libvirt there - don't you even know which hypervisor you were using?
<linuxmint> I need to look it up.
<linuxmint> Proxmox vE
<linuxmint> VE
<RoyK> no idea
<linuxmint> k
<RoyK> I'd suggest you start over - your data may be busted
<linuxmint> hmm, I might look for the files of the VMs atleast, so I don't have to rebuild the VMs.
<linuxmint> Really 4 x 120GB Intel SSDs should be as reliable as it gets.
<RoyK> thing is, you've installed ubuntu on one of them, not the 500GB drive
<RoyK> so you've possibly messed up the raid
<linuxmint> likely.
<RoyK> if you were to reinstall, I'd suggest doing so on the 500GB drive and using the SSDs for a RAID-5, giving you 360GB
<RoyK> should suffice on iops for even large databases
<RoyK> and you never want to trust a single drive, at least not an SSD
<NAoH> Hey
<NAoH> any idea why my apache server will broadcast to the web on port 8080 but not 80 when my windows server will broadcast to 80?
<bekks> Because you configured it like that?
<bekks> Apache doesnt broadcast at all.
<NAoH> I'm probably using the wrong terms
<NAoH> But I spent the last day trying to figure out why I couldn't access the website on my freshly installed ubuntu + lamp through my public IP. I had port 80 forwarded and everything, I just set apaches listening port to 8080 and I could access my IP with :8080 after the IP
<Patrickdk> consult the firewall
<Patrickdk> this includes any firewalls your isp is using
<NAoH> According to the ISP, they aren't blocking any ports
<NAoH> I don't think ubuntu-server has a firewall that blocks port 80 by default, right?
<bekks> Belief is a good thing for a church, how about checking your firewall to be sure?
<Patrickdk> "I had port 80 forwarded and everything" == firewall
<Patrickdk> so that is atleast one firewall we know about
<Patrickdk> did you have apache on port 80?
<melbaubuntu> Hey guys i have setup my vsftpd server and now i would like to organize my index.php/html.php with filezilla. Anyone any ideas how and where to locate it?
<Patrickdk> and forwarded your firewall correctly to port 80?
<melbaubuntu> i mean index.php/index.html
<NAoH> bekks: How do I check my firewall?
<bekks> How did you until now?
<NAoH> # iptables -L
<bekks> iptables -L -vnx
<NAoH> There are no arguments in any of the fields
<jpds> NAoH: sudo iptables-save
<lalops> Direct download links/forum attatchments SEO ANALYZER SCRIPT: ATTATCHMENT FOUND: http://www.websiteadverts.org/forum/showthread.php?tid=17 WEBSITE WORTH CALCULATOR SCRIPT: http://www.websiteadverts.org/forum/showthread.php?tid=16
<lalops> Direct download links/forum attatchments SEO ANALYZER SCRIPT: ATTATCHMENT FOUND: http://www.websiteadverts.org/forum/showthread.php?tid=17 WEBSITE WORTH CALCULATOR SCRIPT: http://www.websiteadverts.org/forum/showthread.php?tid=16
#ubuntu-server 2015-06-07
<friendlyguy> hi there! has anybody in here tried to boot via iscsi? I've got a qla4010c here and I'm trying to :)
<OpenTokix> friendlyguy: how far do you get?
<friendlyguy> I've configured the bios of the card with the right vlan, target and iqn. bios reports the drive I'd like to install to. but as soon as i get into setup the drive isn't shown
<friendlyguy> right now i'm trying it with debian... but i guess I'm also out of luck there. only my thumdrive is listed as drive
<friendlyguy> OpenTokix: is there anything you can recommend
<lordievader> Good morning.
<friendlyguy> now i'm trying again with 15.04
<friendlyguy> same problem
<friendlyguy> I'm not seeing the iscsi target the iscsi hba is connected to
<friendlyguy> hmmmm: maybe I'm a step further
<friendlyguy> i had a look at the loaded module qla4xxx with modinfo
<friendlyguy> there is a parameter: ql4xdisablesysfsboot and default is NOT to export boot targets
<friendlyguy> maybe.... ;)
<ibrahim> Hi , I want to upgrade from 10.04 to 12.04 please guide me to a good tutorial. server platform.
<friendlyguy> hm, crazy
<friendlyguy> there is "something"
<friendlyguy> i've unloaded qla4xxx and and inserted it again
<friendlyguy> in the kernel messages i found a msg from qla4xxx with connerr and the iqn i entered in the hba bios
<friendlyguy> i'm still into debugging, but maybe someone can help... i found a param that enables extended logging, which may help to troubleshoot.
<friendlyguy> i can set it to 1 but if i reload the module it gets back to default 0. i need this extended logging during first commands after loading
<friendlyguy> ok, found a way doing this with insmod
<CiPi> https://www.youtube.com/watch?v=FQM5fU7V-MM
<melvin> heey guys, anyone any knowledge about apache2 server permission @filelocation /var/www/??
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<miceiken> Hi. I've just put 2 harddrives in my ubuntu server, but I want to completely format them, how do I go about this?
<dasjoe> miceiken: what exactly do you want to do?
<miceiken> Think I figured it out
<miceiken> I got some old hard drives, wanted to wipe them clean
<histo> miceiken: wipe or format?
#ubuntu-server 2016-06-06
<dirty> on server how do I manually install security updates on a one time basis, I do not want it automated with unattended-upgrades for a couple local policy reasons
<dirty> s/,/?/
<b4r> dirty: I would think it's just apt-get update and the system will install anything at all which needs upgrades
<b4r> but I might be missing something
<b4r> dirty: apt-get update then upgrade
<patdk-lap> cause that installs ALL updates
<patdk-lap> not ONLY security
<b4r> patdk-lap: so
<b4r> patdk-lap: thanks for stating it isn't right
<caribou> rbasak: morning.
<caribou> rbasak: nacc: interesting situation here :
<caribou> rbasak: nacc: Debian just accepted the only delta I had for corosync so no more need to merge it; I'll request a sync but what should we do in such situation with the existing git repo ?
<jelly> trying to decide on a platform for a small mail server with ha; choices are: debian, ubuntu lts or centos. we have most experience with debian but the ha stack is only barely completed with jessie-backports.  ubuntu is slightly better but centos/rh seem to have by far the best documentation for ha setups.  Goal: simple active/passive cluster, floating ip with smtp service.
<teward> jelly: I should point out you're on an Ubuntu channel
<teward> you can expect "Ubuntu" to be the recommendation here.  You may wish to ask in ##linux or Linux-distribution-agnostic forums to get better sets of information and recommendations
<jelly> teward: I'm perfectly aware of that!
<teward> (my two cents)
<jelly> teward: I'll wait for comments from people who have actually dealt with linux-ha, er, clusterlabs, on ubuntu
<teward> sure, I just wanted to make a note that since you are asking for an impartial analysis, you may want to avoid distro-specific channels ;)
 * teward goes back to poking nginx
<jelly> I'm going to ask the debian-ha people in their channel, too.  However logs of this channel seem to show reasonably intelligent conversation and avoid the less helpful forms of "Use $our_stuff it's the best!!!11"
<teward> :P
<jelly> you're going to take that compliment even if you don't like it.
<teward> jelly: not arguing :)  just busy :P
 * teward has a lot of things to get done :/
<jamespage> ddellav, coreycb: hey - backports most oslo.* things for newton and fixed up the changelog generation for new packages for the UCA
<jamespage> it was generating against 12.04 for new entries...
<jamespage> doh
<coreycb> jamespage, thanks!
<jamespage> coreycb, clients still need doing
<jamespage> coreycb, nice weekend?
<coreycb> jamespage, ok I can get the clients.  yes it was a great weekend.  how about you?
<jamespage> coreycb, nice thanks - finally warmed up a bit on saturday
<rbasak> caribou: we could optionally push reconstruct/deconstruct/logical tags for the previous delta if you think that would be helpful. Otherwise, go ahead and sync and throw work trees away?
<coreycb> jamespage, that's nice.  it's been very rainy here.  hoping we'll dry up soon!
<jamespage> coreycb, ddellav: so how about we get b1 out of the door today?
<caribou> rbasak: well for now it doesn't hurt to keep it if it is simple enough to add new debian releases on top of it for later
<caribou> rbasak: there was only one patch as a delta so it's not worth the overhead
<coreycb> jamespage, sure let's do it.  I wasn't sure if it was ready or not.
<caribou> rbasak: or trash it & rebuild later as I'm not going to use it
<jamespage> coreycb, well some bits appear to be; I re-jigged the branch build configurations to auto version for ones that have
<jamespage> which was most of them I think
<caribou> rbasak: FYI I forced-pushed my kexec-tools changes (wanted to see how LP would react)
<caribou> rbasak: good thing is that it keeps all the diffs with comments
<rbasak> caribou: yeah it looks good!
<rbasak> caribou: not worth the overhead> agreed. Though in the general case, we could take MPs for reconstruct/deconstruct/logical and push them if desired.
<caribou> rbasak: I'm also testing a new merge on an existing git repo of the previous merge (clamav)
<coreycb> jamespage, ddellav: alright, I'll start working through the packages for b1 shortly.  should be really simple seeing as most everything builds ok for CI.
<jamespage> coreycb, happy to help out - want me to take some?
<jamespage> --parallel=2
<coreycb> jamespage, sure feel free
<jamespage> coreycb, do we have a list?
<coreycb> jamespage, I'm still using the spreadsheet
<jamespage> coreycb, gotit - taking keystone now
<coreycb> jamespage, sounds good, I'll put my name by one
<coreycb> jamespage, probably all that's needed is a refresh of d/control to align with upstream and release the new version
<jamespage> coreycb, that was my thinking
<coreycb> jamespage, ok
<ddellav> coreycb jamespage ok, i'll start taking some packages as well.
<coreycb> ddellav, ok, thanks
<jamespage> --parallel=3
<jamespage> \o/
<ddellav> am I on the right spreadsheet? I dont see jamespage's name on keystone on the r-17 page: https://docs.google.com/spreadsheets/d/1DFhvygMhzVch4k_vr1W9wnc2h6ANemY6CNn0UKFJfxE/edit#gid=2077440986
<ddellav> coreycb ^
<jamespage> ddellav, I'd put it in on R-18
<coreycb> ddellav, jamespage: I moved it to the new tab.  now that CI is in shape, I think I'll just change this back to the old way we had it with tabs only for milestone releases.
<jamespage> +1 ack
<coreycb> jamespage, ddellav, done
<ddellav> coreycb jamespage ok, thanks
<coreycb> jamespage, ddellav: cinder is calling for new versions of os-testr, paramiko, and mock.
<coreycb> jamespage, ddellav: I'm bumping os-testr
<jamespage> coreycb, ok
<ddellav> jamespage coreycb ok, i'll look at paramiko as well
<jamespage> ddellav, coreycb: keystone uploaded
<jamespage> glance next
<caribou> rbasak: what's the plan regarding the repository that were used last cycle to merge using git-dsc-commit ?
<caribou> rbasak: nacc: do we want to migrate them over or keep using the same ones ?
<caribou> rbasak: I've just done clamav using last cycle's repo
<rbasak> caribou: I don't think we have decided on any particular plan, but I think it's OK to not worry about maintaining the logical deltas etc in a single coherent repository, but also not throw it away.
<rbasak> caribou: I would set two git remotes, one for old and one for new, and rebase from the old tree to the new one.
<caribou> rbasak: yeah, that's what I was thinking of so, at the end, each repo has the complete history
<rbasak> caribou: yeah, but maybe in the end we'll throw away the old repos and won't have bothered to move every piece to the new ones. I think that's OK though - better that we move forward.
<coreycb> ddellav, jamespage: os-testr uploaded
<ddellav> coreycb ack
<coreycb> ddellav, here's the repo for paramiko: https://github.com/jbouse-debian/paramiko
<ddellav> coreycb ok,  thanks
<coreycb> ddellav, jamespage: I'll take a look at python-mock
<jamespage> coreycb, that might not be strictly required...
<coreycb> jamespage, probably not
<jamespage> coreycb, other than in the requirement - I'd not block b1 on it unless it actuall caused unit test failures...
<coreycb> jamespage, sounds like a plan.
<coreycb> ddellav, ^
<ddellav> coreycb jamespage ok
<ddellav> coreycb im getting a bad archive when I try to download the heat tarball: http://cl.ly/3W2q280G2K11/Image%202016-06-06%20at%2010.44.58%20AM.png
<coreycb> ddellav, it looks like they've tagged the release but not release the tarball yet. you can check here http://tarballs.openstack.org/heat/.
<ddellav> coreycb isn't this the right one? http://tarballs.openstack.org/heat/heat-7.0.0.0b1.tar.gz
<coreycb> ddellav, it is!  my mistake.
<ddellav> coreycb for some reason im only getting 200k of the tarball
<ddellav> coreycb i'll move onto something else and check back later
<coreycb> ddellav, you could try manually downloading it and renaming it with orig in the name
<ddellav> coreycb ah true, i'll try that
<MacroMan> I'm attempting to compile scolorq, but getting an error from g++: overloaded âabs(double&)â is ambiguous
<MacroMan> I think this was written to compile with an older version of g++. Can I specify a different version to use?
<ddellav> coreycb there does not appear to be a 2.0 release tag in the paramiko upstream. Shall I use master? *shrugs*
<coreycb> ddellav, looks like there's one here: https://github.com/paramiko/paramiko
<ddellav> coreycb heh ok
<kyle__> /window close
 * kyle__ sighs
<blizzow> Holy moly, what is going on with the mount command on a default install these days??  ELEVEN cgroup entries? FIVE tmpfs entries? It's nearly illegible.
<nacc> blizzow: i believe lxd is seeded on server installs now
<blizzow> nacc: That's effing lame.
<nacc> blizzow: it was in the release notes: https://wiki.ubuntu.com/XenialXerus/ReleaseNotes#LXD_2.0
<blizzow> WTF happened to a bare bones OS that you CHOOSE to install virtualization on? If I wanted a bloatware platform, I'd buy Windows or a cellphone from ATT. What's next, forced xorg/mir installations in server?
<blizzow> Screw it, hey let's force install KDE+QT+GTK+GNOME so servers are ready for ANYTHING.
<ddellav> coreycb getting this weird error when trying to build paramiko with gbp: http://paste.ubuntu.com/17066343/
<coreycb> ddellav, can you push it and I'll take a look?
<ddellav> coreycb sure
<ddellav> coreycb lp:~ddellav/ubuntu/+source/paramiko
<nacc> blizzow: take rants elsewhere :)
<coreycb> jamespage, neutron wants ovs >= 2.6.0.  I think you were going to bump ovs but if not, let me know.
<jamespage> coreycb, not just yet
<blizzow> nacc: Where should one take an ubuntu-server rant if not IRC? Seems the perfect platform.
<jamespage> try it with 2.5.0
<coreycb> jamespage, ok will do
<sdeziel> blizzow: if you want a bare bones install you should use the mini.iso
<nacc> blizzow: cf. topic, use an appropriate channel (e.g., #ubunut-offtopic)
<nacc> err, #ubuntu-offtopic
<nacc> sdeziel: hey! looking at the bug
<nacc> sdeziel: (puppet)
<sdeziel> nacc: yeah, thanks for assisting on this
<nacc> sdeziel: would you be able to fix upstream? i have the PR done, but would need to setup the stuff to contribute to puppet
<sdeziel> nacc: I feel like I'm not using the right tools at all
<nacc> sdeziel: https://github.com/nacc/puppet/tree/ubuntu_1610_systemd is my branch right now
<nacc> sdeziel: most of the past 6 months for me has been learning what tools to use :)
<blizzow> I think it's pretty on-topic to say that ubuntu-server is turning bloated, and should NOT install virtualization garbage by default.
<sdeziel> nacc: this PR should fix Yakkety but I feel the right way would be to default to systemd unless we detect a version < 15.04
<nacc> sdeziel: yeah, i don't know ruby well enough at that point :)
<nacc> sdeziel: ack, though, that would be cleaner, as this array is only going to grown from now on
<nacc> sdeziel: so we technically need to fix 16.10 before we can fix 16.04 by SRU policy. It probably would be fine to do an out-of-band patch for 16.10, but I'd prefer if we can upstream it first, just to keep track of the changes properly
<sdeziel> nacc: understood, I'll try to change how Ubuntu is handled so that systemd is considered default and were old releases are special cased to use upstart
<sdeziel> nacc: will check up with upstream
<nacc> sdeziel: great, thanks! i'll review as soon as I see a new patch
<sdeziel> nacc: thanks!
<sdeziel> blizzow: the mini.iso works really well is you want 0 fat ;)
<sdeziel> blizzow: that said, the many cgroup related mounts are due to systemd and cgmanager. lxd isn't to blame
<nacc> sdeziel: appreciate your patience and sorry for the churn on the patches
<blizzow> It still shouldn't be on a server install by default. It's akin to installing nginx by default.
<sdeziel> blizzow: lxd being socket activated it's probably not running unless you asked it to
<blizzow> sdeziel: see my prior comment.  It's like saying, "oh we install nginx by default but don't turn it on. It'll only turn on if you ask it to."  What is the reasoning behind installing lxd by default?
<blizzow> Don't even get me started on the fact that SERVER cannot choose UTC as a timezone during installation.
<blizzow> Choosing Iceland isn't an option if I choose "Americas" Thus I'm forced into some weird language/geography choices.
<sdeziel> blizzow: what I'm saying is the Server ISO comes with some collection of packages deemed appropriate/handy for the majority. If you want something smaller, the mini.iso is probably a very good alternative
<blizzow> And the establishment has deemed Trump or Clinton appropriate/handy for the majority of voters in the USA. That doesn't make the decision right.  I'm here to voice my opinion about the choices of "appropriate/handy for the majority" in the hopes that someone will listen.
<sdeziel> OK
<jelly> blizzow: can you preseed UTC?
<blizzow> Don't know. It should be an option during the standard install procedure though. If one is forced to go choose a timezone, at a minimum, UTC should be an option, ideally, a choice of any timezone should be available. Some people install in disparate geographies but use a single timezone.
<nixnothing> yo
<nixnothing> so, there was this game strategy I used to play where the main character was a demon overlord
<nixnothing> and thats what I names to user that runs all my server deamons
<coreycb> ddellav, horizon and python-django-openstack-auth uploaded
<coreycb> ddellav, I don't get the same error for paramiko.  but I do get:
<coreycb> http://paste.ubuntu.com/17069078/
<coreycb> ddellav, if I run 'sphinx-build sites/docs html' manually against upstream it seems to be ok. so I'd try to drop into the chroot on failure with pbuilder and see what's different.
<ddellav> coreycb ok
<halvors> My ubuntu-server is loosing connectivity when IP address is renewed from DHCP.
<halvors> Why can that be?
<halvors> How can i disable ifupdown?
<coreycb> ddellav, neutron's uploaded
<ddellav> coreycb ack
<ddellav> coreycb almost got paramiko building
<coreycb> ddellav, awesome
<halvors> How can i use systemd-networkd instead of ifupdown?
<ddellav> coreycb heat pushed and ready for review: lp:~ddellav/ubuntu/+source/heat
<coreycb> ddellav, cool I'll take a look
<coreycb> ddellav, can you push upstream and pristine-tar branches for heat?
<ddellav> coreycb doesn't git push --all do that?
<coreycb> ddellav, it should but I don't see it in your repo
<ddellav> coreycb hmm... ok, i'll take a look
<ddellav> coreycb strange, it shows up here: https://code.launchpad.net/~ddellav/ubuntu/+source/heat/+git/heat
<coreycb> ddellav, I'm using the wrong version. error on my end, sorry.
<ddellav> coreycb np
<coreycb> ddellav, ok heat's uploaded!
<ddellav> coreycb great ty
<ddellav> coreycb neutron-fwaas ready for review lp:~ddellav/ubuntu/+source/neutron-fwaas
<FManTropyx> I have two questions
<FManTropyx> the PHP5 in the repo is 5.5.9+dfsg-1ubuntu4 but the latest version is already 5.5.39 so will I be able to get a newer one any time soon without bypassing the official repository? and what is "dfsg-1ubuntu4"?
<teward> FManTropyx: "php5 in the repo"
<teward> what Ubuntu version are you looking at?
<teward> because it's no longer in the repos as of Xenial
<teward> (php7.0 is Xenial, and no php5)
<sarnold> dfsg means "debian freesoftware guidelines" -- stuff that doesn't conform to debian's guidelines have been removed (often documentations)
<teward> ^
<FManTropyx> I am running 14.04
<teward> http://askubuntu.com/questions/151283/why-dont-the-ubuntu-repositories-have-the-latest-versions-of-software is relevant
<teward> FManTropyx: ^
<teward> FManTropyx: there are third party PPAs which have php5 updated... but of course, the obvious applies:
<teward> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<sarnold> the "1ubuntu4" probably means that it's been through roughly four ubuntu-specific updates of some sort since it was copied from debian's "5.5.9+dfsg-1" package.
<sarnold> FManTropyx: also: why is 5.5.9+dfsg-1ubuntu4 the newest version available to you? did you turn off the updates and security pockets?
<FManTropyx> that's what I was asking :) I haven't done anything
<teward> FManTropyx: well
<teward> your -updates and -security pockets must be disabled
<teward> or the package held
<teward> from rmadison which lists the versions of stuff: http://paste.ubuntu.com/17076262/
<teward> ignore -proposed but meh
<sbeattie> or the mirror you're updating fro has fallen behind.
<sarnold> FManTropyx: run apt-cache policy php5 -- on a 14.04 VM i've got I get these results: http://paste.ubuntu.com/17076269/
<teward> sbeattie: indeed
<FManTropyx> yeah, 5.5.9
<sarnold> FManTropyx: what's the _full_ version number?
<FManTropyx> I have 5.5.9+dfsg-1ubuntu4.16 installed and 5.5.9+dfsg-1ubuntu4.17 candidate, but what does that matter? 5.5.9 is the version of the PHP
<teward> FManTropyx: again, read the AskUbuntu question I linked, and the answers to it, especially the selected one.
<teward> It's version fixed, I believe
<FManTropyx> I think I have read it, but isn't 5.5.9 pretty old?
<FManTropyx> not that I really need the latest :)
<sarnold> ah, good, then that means everything is working as expected. You should install your updates of course -- you're missing ten CVE fixes...
<FManTropyx> yeah, I'll run update&upgrade later
<teward> FManTropyx: keep in mind you're using 14.04
<teward> which is at least two years old
<sarnold> FManTropyx: see also https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions and https://www.debian.org/security/faq#version
<teward> ^ there you go
<FManTropyx> also I think that the latest kernel isn't being used, even after reboot
<FManTropyx> I have some old ones that apt-get keeps nagging about, so is it safe to run autoremove on them?
<sarnold> yeah, and in fact you may fill your /boot or / whatever if they aren't being automatically cleaned
<sarnold> I never figured out why they are for some people and not for others
<sarnold> the usual advice is to keep at least two kernels -- the latest, and whichever you're running now, and if that's the same kernel, then the previous one too :)
<FManTropyx> I had 4 there IIRC
<FManTropyx> should I set up a cronjob to run apt-get inst-upgrade daily?
<sarnold> there's an unattended-upgrades package that you may find helpful
<FManTropyx> okay, thanks for all the help - I will look into all this later!
<sarnold> have fun :)
#ubuntu-server 2016-06-07
<arooni-mobile> hey folks;  im on an ubuntu 14.04 laptop and id like a bitter vnc viewer than vinagre.  when i connect to my mac mini that has two 1920x1080 displays i am either too far zoomed in or out.  i'd like to view only one display at a time via vnc.  how can i do this?
<devster31> on a live server I should only install new updates if they're security upgrades?
<coreycb> jamespage, beisner: hello, 1:2.2+dfsg-5expubuntu9.7~cloud5 is ready for promotion to kilo-proposed when you have a moment
<jamespage> coreycb, ok got it
<coreycb> jamespage, thanks.  AMZ_ ^
<coreycb> AMZ_, it'll need some time to build and publish binaries then qemu will be available to test in kilo-proposed
<AMZ_> jamespage: coreycb: thanks! i'll keep an eye on it
<jamespage> done
<coreycb> jamespage, we're going to leave paramiko at >= 1.16.0 for b1.  there were missing directories in the released tarball that d/watch points at.  the maintainer said he'll be updating to 2.0.0 soon so we can pick it up in b2.
<coreycb> ddellav and I were chatting with him
<jamespage> coreycb, ok
<ddellav> coreycb jamespage though his latest email says he's almost done with updating it
<coreycb> ddellav, hmm. ok.
<coreycb> ddellav, alright well nova and cinder are just about ready to upload so I think I'll just upload with >= 1.16.0 and we can bump d/control afterward for b2.
<ddellav> coreycb: ok sounds like a plan
<coreycb> ddellav, looks like monascaclient needs an MIR (for heat)
<ddellav> coreycb: ok, I'll add that to my todo list
<coreycb> ddellav, ok thanks
<coreycb> ddellav, this can be a good reference to understand why something is stuck in proposed: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<coreycb> ddellav, jamespage: nova and cinder uploaded
<nixnothing> morning
<jamespage> ddellav, coreycb: dealing with python-babel being stuck in proposed - openerp6.1 need a fixup
<coreycb> jamespage, ok need a hand with that?
<jamespage> coreycb, nah is just using old pkg names
<coreycb> jamespage, ok
<jamespage> coreycb, btw I did a bit of a re-jib on the ubuntu theme in the dashboaard
<jamespage> if i've got it right, its always installed, and is end-user selectable
<jamespage> its the default all the time unless someone changes their mind of reconfigures things
<coreycb> jamespage, awesome I'll take a look.  selectable in local_settings.py?
<jamespage> coreycb, yes
<jamespage> DEFAULT_THEME
<coreycb> jamespage, ok. cool, looks like the changes also limit the static assets compression to once per install too.
<jamespage> coreycb, yes - thus avoiding that trigger thing I was talking about
<coreycb> jamespage, great
<coreycb> jamespage, I'd like your opinion on bug 1574144 when you have a sec
<ubottu> bug 1574144 in horizon (Ubuntu) "package openstack-dashboard-ubuntu-theme 2:9.0.0-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,Triaged] https://launchpad.net/bugs/1574144
<jamespage> coreycb, hmm I wonder
<jamespage> coreycb, might be related to https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1584040
<ubottu> Launchpad bug 1584040 in horizon (Ubuntu Yakkety) "Horizon wsgi can run in the wrong WSGIProcessGroup" [Undecided,New]
<coreycb> jamespage, hmm not sure.  basically it's a result of installing openstack-dashboard when apache2 is already installed but apache2 is not running at install time.
<coreycb> jamespage, then openstack-dashboard.postinst fails here if apache2 is down:  apache2_invoke enconf $CONF || exit $?
<jamespage> coreycb, hmm
<nacc> sdeziel: would you be able to help me verify if LP: #1457957 is the same underlying issue as the puppet bug you're working?
<ubottu> Launchpad bug 1457957 in puppet (Ubuntu Vivid) "puppet uses upstart for service status checks in vivid" [High,Triaged] https://launchpad.net/bugs/1457957
<nacc> sdeziel: on cursory reading so far, it seems like it must be :)
<sdeziel> nacc: yes, looks like the same thing to me. Let me try to reproduce in a Vivid container
<nacc> sdeziel: thanks!
<nacc> sdeziel: it might need a trusty -> vivid upgrade (so you had upstart at some point), but not sure
<rbasak> magicalChicken: please can I have a progress update from you on bug 869017, bug 1394403 and 1511222? No progress is an acceptable report.
<ubottu> bug 869017 in kbd (Ubuntu) "Ubuntu server enables screenblanking, concealing crashdumps (DPMS is not used)" [Medium,Triaged] https://launchpad.net/bugs/869017
<ubottu> bug 1511222 in apache2 (Ubuntu Trusty) "Incorrect trusted proxy match test in mod_remoteip" [Medium,Triaged] https://launchpad.net/bugs/1511222
<ubottu> bug 1394403 in apache2 (Ubuntu Trusty) "RewriteRule of "^$" is broken" [Medium,Incomplete] https://launchpad.net/bugs/1394403
<coreycb> jamespage, ddellav: new oslo.messaging uploaded.  I failed to merge the ubuntu delta on my last upload.  should be fixed now.
<magicalChicken> rbasak: Hey, I have not made any progress on the bugs yet, sorry about that. I got sidetracked with curtin work. I see the patch for 1511222 and I can get that patched into the apache package this afternoon
<magicalChicken> As for 1394403 I was not able to reproduce the bug after the original patch that was uploaded was applied using the method provided in the comments. I'll try again with the method from the original report though
<magicalChicken> For the kbd bug I am kind of at a loss as to how to deal with that, aside from setting consoleblank=0 in the default grub configuration, but modifying boot seems a bit overkill for a minor bug
<sdeziel> nacc: so the Vivid issue really looks the same as the Xenial/Yakkety one
<nacc> sdeziel: great, thanks! can you put a comment in and mark it as a dupe? I trust your judgment in this regard. And we're not going to be fixing vivid anyways, so it makes sense to indicate it is fixed in xenial, at least
<nacc> (once it is)
<sdeziel> nacc: but the problem is not fixed in Xenial yet
<nacc> sdeziel: yes, hence the parenthetical caveat
<nacc> sdeziel: the bug is the same, we'll fix it in one place (bug)
<sdeziel> nacc: ah, sorry
<nacc> sdeziel: np, i was being overly verbose -- i agree with your assessment, if you could put a comment in and indicate it's a duplicate of the other bug, that'd be great (or i can later today)
<sdeziel> in https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1495853, paelzer mentioned: "There is a known issue in case upstart is installed - not 100% a dup, that is tracked in bug 1457957"
<ubottu> Launchpad bug 1495853 in puppet (Ubuntu) "puppet service enable broken on ubuntu vivid with debian provider" [Medium,Fix released]
<ubottu> bug 1457957 in puppet (Ubuntu Vivid) "puppet uses upstart for service status checks in vivid" [High,Triaged] https://launchpad.net/bugs/1457957
<Odd_Bloke> jackdpeterson: o/
<sdeziel> I'll dig deeper as apparently Debian now always use the "service" wrapper and it seems to work for them
<Odd_Bloke> jackdpeterson: What version of Vagrant are you using?
<jackdpeterson> Latest (1.8.1, virtual box also at latest)
<Odd_Bloke> jackdpeterson: On Ubuntu, or...?
<jackdpeterson> Actually, on Mac OS-X  ... but my colleagues could reproduce this issue across host OS's
<nacc> sdeziel: ah ok, thanks
<Odd_Bloke> jackdpeterson: I've updated that bug with what I'm seeing.
<jackdpeterson> Glad you could reproduce the issue :-)
<Odd_Bloke> jackdpeterson: Umm, I don't think I am reproducing the issue there; the box works fine for me.
<jackdpeterson> hmm, let me give it a shot on one of my ubuntu boxes to see if I can reproduce here in my strange alternate reality
<Odd_Bloke> jackdpeterson: Sure; I'm heading out now (I'm UK-based), but if you update the bug and ping me again tomorrow then we can keep working through it. :)
<jackdpeterson> Sure thing
<Odd_Bloke> jackdpeterson: (One thought: I have a pretty hefty machine so my boot might be happening before some timeout causes a failure to reported?)
<Odd_Bloke> Anyway, now I'm gone.
<jackdpeterson> Ah, well the other part of this is that it *should* be using the vagrant user and not ubuntu as the user to be consistent with that target environment.
<voot> Anyone have experience with FreeRADIUS? I'm writing some unlang, and my %{Group} variable expansion is returning an empty list, even when "id <username>" returns a full list of group membership
<genii> voot: Now to wait until someone knowledgable on the subject responds :)
 * genii makes more coffee
<etropes> hi there
<jelly> or ask in #freeradius
<cpaelzer> sdeziel: nacc: I just thought them to be related at least - that is why I just put it in as a note
<cpaelzer> nacc: sdeziel: I lack some of your contect - did I accidentially misclassify something there?
<nacc> cpaelzer: no, i think you're good
<cpaelzer> nacc: ok, thanks
<coreycb> ddellav, need any uploads sponsored?
<ddellav> coreycb did you do the neutron-* packages? i dont remember seeing confirmation on those
<coreycb> ddellav, nope, I saw your name by them
<coreycb> ddellav, I sponsored an upload for neutron-fwaas
<ddellav> coreycb ok lbaas and vpnaas are done too, let me post the links
<coreycb> ddellav, ok working on lbaas, let me know when vpnaas is ready
<ddellav> coreycb ok, pushing it now but launchpad seems to be really slow
<ddellav> either that or my connection is bad
<coreycb> ddellav, it might be, there was an outage today
<ddellav> yea, i know IRC was down for awhile
<ddellav> didnt know that spread to launchpad
<coreycb> ddellav, lp seems ok for me now
<ddellav> coreycb lp:~ddellav/ubuntu/+source/neutron-vpnaas ready for review. I couldn't build due to mock
<coreycb> ddellav, we decided not to bump mock for b1
<ddellav> coreycb oh i thought that was only paramiko
<ddellav> i'll drop it back down and rebuild
<coreycb> ddellav, k thanks
<coreycb> ddellav, neutron-lbaas pushed/uploaded
<ddellav> coreycb rebuilding vpnaas and manila after dropping mock back down to 1.2
<coreycb> ddellav, sounds good
<ddellav> coreycb oh i gotta do designate too, i'll get that cooking as well
<coreycb> ddellav, ok
<coreycb> ddellav, next time around for the *aas we should bump python-neutron to the current yakkety level
<ddellav> coreycb ok noted
<ddellav> coreycb lp:~ddellav/ubuntu/+source/manila lp:~ddellav/ubuntu/+source/designate lp:~ddellav/ubuntu/+source/neutron-vpnaas ready for review
<coreycb> ddellav, taking a look, they build ok?
<ddellav> coreycb yep, all green
<coreycb> ddellav, greaT
<coreycb> ddellav, ok all are pushed/uploaded
<ddellav> coreycb ok great, thanks
<coreycb> ddellav, yep np.  now on to ensuring nothing is stuck in proposed and we'll get everything backported to the Newton UCA, then test.
<EmilienM> coreycb: did you update neutron packaging in Mitaka/Xenial?
<EmilienM> tempest fails to run now :(
<EmilienM> http://logs.openstack.org/98/326698/1/check/gate-puppet-openstack-integration-3-scenario001-tempest-ubuntu-xenial/bc5b5c2/console.html#_2016-06-07_19_37_25_274
<coreycb> EmilienM, we did a stable release for neutron but none for neutron-*aas
<coreycb> EmilienM, is neutron-fwaas installed?
<EmilienM> yes
<EmilienM> coreycb: do you run tempest in your CI?
<EmilienM> you might have seen the same thing maybe
<coreycb> EmilienM, we run tempest smoke tests before we release
<EmilienM> coreycb: do you deploy fwaas ?
<coreycb> EmilienM, mind giving me a sec while I look into this?
<EmilienM> coreycb: sure
<Belldandu> Guys There have been NUMEROUS bug reports for this same issue https://bugs.launchpad.net/ubuntu/+source/postfixadmin/+bug/1321955 that have been confirmed OVER and OVER again for the last 2 years about postfixadmin removing mariadb even though its a dropin replacement for mysql
<ubottu> Launchpad bug 1321955 in postfixadmin (Ubuntu) "postfixadmin dependencies not well defined (requires mysql-server or postgresql, removes MariaDB)" [Undecided,Confirmed]
<Belldandu> Its getting rediculous at this point]
<Belldandu> the fix is as simple as adding mariadb as another alternate dependency aside from mysql and postgressql
<Belldandu> and yet
<Belldandu> IT HASNT been done
<Belldandu> whats worse is
<Belldandu> it hasnt been done through SEVERAL ubuntu releases
<tgm4883> Belldandu: please don't use enter as punctuation
<Belldandu> how has no one caught and fixed this by now with so many confirmed bug reports?
<Belldandu> I actually murdered my own mariadb installation a few minutes ago because i completely forgot about this crap.
<Belldandu> I fixed it but its annoying because i now have to install postfixadmin from source (which was the main reason i didnt do it before)
<rattking> I suppose if you are building from source you could add that dep to the package and build it from the src deb
<tgm4883> Belldandu: and in the process, you could submit a patch
<Belldandu> im about to do that because im tired of seeing it like that
<tgm4883> Belldandu: good, I look forward to seeing that patch
<coreycb> EmilienM, I'm not sure what the problem is.  did this ever work on mitaka?
<EmilienM> coreycb: yes, like 1 hour ago it worked
<coreycb> EmilienM, hmm, ok.  for the neutron packages, we've just released the stable version of neutron 8.1.0.
<coreycb> EmilienM, xenial or trusty?
<EmilienM> coreycb: xenial
<EmilienM> I haven't tested trusty but let me kick off a CI test
<EmilienM> let's see if Ubuntu Trusty jobs fail too now https://review.openstack.org/326727
<coreycb> EmilienM, neutron 8.1.0 was released to xenial-updates on 5/30/2016 so it can't be that then if it started an hour ago
<EmilienM> we pin Tempest since Friday
<EmilienM> maybe something between, idk
<coreycb> EmilienM, btw it may not be related but mixing pip and apt packages is not a recipe for success, unless the pip packages are isolated in a virtualenv
<bulldawgden> Is Zoneminder the best solution for security camera recording?
<bulldawgden> For Linux of course
<K4k> What's the Ubuntu equivalent of `chkconfig --list`?
<K4k> I know adding and removing services is update-rc.d but it doesn't look like it can just list the services and their run levels?
<sarnold> K4k: service --status-all is a good start if you're on an ubuntu with upstart
<sarnold> K4k: if you want to see what's been disabled, probably "grep manual /etc/init/*" is a decent start point.
<K4k> `ls /etc/rc3.d` got me enough to go on. Unfortunately, `service --status-all` just shows if the services are running or not currently.
<K4k> `chkconfig --list` shows you each service and if it's on or off for each run level
<EmilienM> coreycb: our stable/mitaka CI that pin tempest on latest stable tag is not failing so I suspect something merged in Tempest recently and the upgrade of Neutron broke something
<Belldandu> well
<Belldandu> i made the patch
<Belldandu> but
<Belldandu> every time i goto build it complains about fuzz
<Belldandu> even tried copying the patch out deleting the entire dir and redownloading it and then copying the patch back in and adding it to series
<Belldandu> still complains
<sarnold> Belldandu: are you trying to patch the contents of the debian/ directory in a quilt patch?
<Belldandu> yeah
<nacc> that's not what quilt patches are for
<nacc> quilt patches are for source modifications
<sarnold> aha :) that won't work -- just modify the debian/ directory's contents directly
<Belldandu> fun
<nacc> Belldandu: and given that trusty was in sync with  debian, isn't it really a debian bug? has it been fixed upstream (debian?) or the most recent versions in yakkety?
<Belldandu> let me see what debian says
<Belldandu> cause so far i've only run into this issue on ubuntu
<nacc> Belldandu: what removes mariadb? it cna't be doing it silently, so users are saying yes and not paying attention?
<Belldandu> yeah
<Belldandu> postfixadmin does
<Belldandu> it says that either mysql or postgressql is required
<Belldandu> if mariadb is installed it installs mysql
<Belldandu> which you cant go back to mysql from mariadb
<nacc> Belldandu: and why is it removing mariadb? I don't see a conflicts for mysql-client or postgresql-client
<Belldandu> because mariadb-client/mysql-server must be listed as an alternate dependency for mysql-client/mysql-server
<nacc> Belldandu: -server is a recommends, not a depends
<Belldandu> mariadb-server/mysql-server
<Belldandu> yeah ik
<Belldandu> sec
<Belldandu> i typed it out wrong
<Belldandu> because mariadb-client must be listed as an alternate dependency for mysql-client
<Belldandu> there
<nacc> but there's no 'postfix-mariadb'
<nacc> so what would the alternative be for that?
<nacc> is there a courier-authlib-mariadb?
<Belldandu> thats what postfix-mysql is for. Mariadb is a dropin replacement for mysql
<Belldandu> everything mysql is integrated in mariadb
<Belldandu> mariadb just has more features
<nacc> it would seem like mariadb should be doing some sort of provides: for mysql if that were true?
<Belldandu> so there is no need for a postfix-mariadb unless you plan to use the extra features in postfix
<nacc> i think i recall rbasak telling me something about this
<Belldandu> as far as i know mariadb does a replaces on mysql when its installed
<nacc> ah it provides
<nacc> virtual-mysql-client
<tarpman> possibly postfixadmin wants its Depends: mysql-client changed to virtual-mysql-client? that would be a debian bug too, and I don't see an existing one
<nacc> so i think that's your fix
<nacc> tarpman: jinx!
<tarpman> too slow >_<
<Belldandu> xD
<nacc> Belldandu: simple, straightforward fix, i think ...
<Belldandu> yeah
<nacc> Belldandu: but yeah, should go to Debian and get sync'd down
<nacc> Belldandu: note there is also virtual-mysql-server
<nacc> Belldandu: also present in trusty (both virtual packages)
<Belldandu> hmm
<nacc> Belldandu: but we'd need to get it fixed in yakkety first, then backported per SRU policy
<nacc> presuming this qualifies (which it seems like it might)
<Belldandu> also
<Belldandu> virtual-mysql-client
<Belldandu> oh derp
<Belldandu> i read that late
<Belldandu> xD
<tarpman> oh, there is a bug. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778794
<ubottu> Debian bug 778794 in postfixadmin "postfixadmin: Please change the dependencies/recommendations" [Wishlist,Open]
<Belldandu> yeah im not sure why i havent seen that till now
<tarpman> the postgres dep looks wrong too, there doesn't seem to be a package called postgresql-server, rather postgres...
<Belldandu> yeah
<tarpman> *postgresql
<Belldandu> i remember there being a bug report about that too
<Belldandu> something about the dependency being old
<Belldandu> for postgres
<Belldandu> supposedly there is an upstream package that contains the fix already in debian
<tarpman> ah yeah. fixed in 2.3.7-1, which is in wily
<tarpman> so that would be an SRU candidate already
<Belldandu> virtual-mysql-client/server is in yakkety all the way back to precise
<Belldandu> although in precise mariadb doesnt exist
<lamont> nacc: postfix-mysql Depends: libmysqldb${number}, it doesn't care about clients
<Belldandu> yeah
<lamont> so unless the library is abi-compatible, you'll want to request a postfix-mariadb.  patches welcome, of course.
<lamont> if there's interest, please do file the bug though, with or without the patch
<lamont> and no, I don't care if you file it against debian or ubuntu
<Belldandu> MariaDB is a fork of the MySQL database project that provides a drop-in replacement for MySQL. It preserves API/ABI compatibility with MySQL and adds some new features.
<Belldandu> so yes its abi compatible
<lamont> abi compatible to the extent of having the same library filename?
<lamont> api-compatible I believe.
<lamont> abi is work
<nacc> lamont: ack, i was just looking at the packaging without too much knowledge ad figured we'd want the alternatives to be correct for all cases
<nacc> *and
<lamont> hrm...
<Belldandu> mariadb was forked made by some of the original mysql developers
<lamont> actually... if you grab the latest postfix, and install postfix-mysql and then smash /etc/postfix/dynamicmaps.cf to point to the mariadb library, does it even work?
<lamont> forked usually means abi differences, even if api remains the same
<Belldandu> sure there are some differences however they maintained compatiblity for both api and abi with mysql
<lamont> Belldandu: I'd recommend going the postfix-mariadb route
<lamont> and, knowing the maintainer like I do, I'm sure he'd agree. :D
<Belldandu> there is no postfix-mariadb though
<lamont> that would be why I said to file a bug if you want it to exist.
<Belldandu> even how to forge gives "installation guides" saying to use postfix-mysql with mariadb
<sarnold> lamont :)
<Belldandu> Now we can install Postfix, Dovecot, MariaDB (as MySQL replacement), rkhunter, and binutils with a single command:
<lamont> the abi that postfix is compiled against for xenial says that the name of the library shall be "libmysqlclient.so.20".  IOW, no, it's not fully ABI compatible at the library level.
<Belldandu> apt-get install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo
<Belldandu> postfix works completely fine with mariadb
<Belldandu> its only postfixadmin thats causing issues
<Belldandu> and postfixadmin is strictly php
<lamont> that would be a second reason I've never looked at postfixadmin
<sarnold> yikes, rkhunter? didn't that have a nice user->root exploit in it?
<sarnold> or was that the one that thought upstart was a rootkit?
<sarnold> maybe it's both. heh.
<lamont> sarnold: I've found that "php" and "root vul" tend to come in the same package, 99% of the time.
<sarnold> lamont: pretty good indicator isn't it? :)
<Belldandu> so as far as postfixadmin goes there should be no need for postfix-mariadb since postfix works fine with postfix-mysql and mariadb-client/server
<lamont> tbf, mostly because the original example code was totally clueless in that regard (what security??? what's that?) and people keep copying it without getting the memo about it being braindead
<Belldandu> i actually have an email service with postfix/dovecot/postfix-mysql/mariadb
<Belldandu> and its running completely fine xD
<lamont> Belldandu: so what you're telling me is that mariadb hijacks^Wreplaces mysql below the library layer?
<Belldandu> yeah
<Belldandu> its a complete replacement
<lamont> then the postfix depends are completely correct, and there is no need for postfix-mariadb
<Belldandu> yeah
<lamont> so why are we having this conversation? :D
<Belldandu> because postfixadmin is being a dork and uninstalling mariadb because its not a alternate dependency for mysql
<Belldandu> hence why people suggested it depend on virtual-mysql-client instead of mysql-client
<lamont> all of this has nothing to do with the postfix package, which (properly, you tell me) depends on libmysqlclient20
<Belldandu> yeah
 * lamont goes back to the day-job
<Belldandu> we have been complaining about postfixadmin
<Belldandu> not postfix
<Belldandu> postfixadmin is a php layer over top of postfix
<Belldandu> it doesnt come with postfix
<Belldandu> its a seperate package
<lamont> and will always remain such. :D
<Belldandu> yeah
<Belldandu> but with postfixadmin removing mariadb when postfix doesnt. It makes installing it from the repo pointless
<Belldandu> postfixadmin basically breaks any postfix install thats using mariadb
<Belldandu> not to mention anything else using mariadb. simply by installing it
<Belldandu> the problem in itself is the postfixadmin dependencies
<nacc> Belldandu: i think we get that now, and we know the fix (and there is already a debian bug), right? and it's fixed in the upstream 2.3.8?
<Belldandu> is 2.3.8 Xenial?
<Belldandu> if so then i'll be upgrading later
<nacc> Belldandu: not even in debian yet
<nacc> afaict
<Belldandu> o.O
<tarpman> huh
<tarpman> nacc: postfixadmin's mysql-client dependency is not yet fixed in unstable, no. but it's a packaging question afaict, not an upstream one...
<tarpman> s/mysql-client dependency/mysql-{client,server} dependencies/
#ubuntu-server 2016-06-08
<nacc> tarpman: the debian package is done by upstream, afaict
<nacc> but not sure, i've not looked at the changes
<nacc> https://sourceforge.net/p/postfixadmin/code/HEAD/tree/branches/postfixadmin-2.3/debian/control
<nacc> Belldandu: tarpman: --^
<nacc> as explicit mariadb-* alternatives
<nacc> i'd expect tht's what unstable will pick up when a new release happens
<nacc> Belldandu: so you might just consider pinging the debian maintainers and asking if they'd package the new release
<timmy> hi anyne around to help me with a apache problem?
<sarnold> Guest98043: people come and go.. best to just ask and hope :)
<Guest98043> hi..i just installed apache and php 7
<Guest98043> everything seems to work fine when serviing html files
<Guest98043> when i am serving a json file
<Guest98043> i realised the content repeats
<Guest98043> this is what my content looks like as rendered by the browser
<Guest98043> <content> HTTP/1.0 200 OK Cache-Control: no-cache Content-Type:  application/json Date:          Wed, 08 Jun 2016 03:40:50 GMT <content>
<Guest98043> so the content to be served is displayed..followed by HTTP/1.0 200 OK Cache-Control: no-cache Content-Type:  application/json Date:          Wed, 08 Jun 2016 03:40:50 GMT
<Guest98043> then the content repeats again
<sarnold> o_O
<frickler> EmilienM: the error that you were seeing is the same that blocked the neutron gate yesterday. tempest update broke neutron-fwaas tests. fixed by https://review.openstack.org/326150
<ronator> hi there. I have some ubuntu 16.04 servers with Kernel 4.4. Can I disable "mounting" of debugfs? On Ubuntu 14.04 with kernel 4.4 the debugs entry would go away after a reboot. But not with ubuntu 16.04. Any idea?
<ronator> debugfs
<sarnold> is it in your /etc/fstab?
<ronator> noope
<ronator> only disk-by-uuid and swap
<ronator> example: mount
<ronator> mqueue /dev/mqueue mqueue rw,relatime 0 0
<ronator> debugfs /sys/kernel/debug debugfs rw,relatime 0 0
<ronator> hugetlbfs /dev/hugepages hugetlbfs rw,relatime 0 0
<ronator> I don't have such entries with ubuntu 14.04
<ronator> (this is not the full mount of course)
<sarnold> well now
<sarnold> I've got it mounted on two of my systems too.
<sarnold> harupmh.
<ronator> yes, and if you use icinga/nagios and check disks, you have to adjust stuff so that it won't conmplain about debugfs. SInce I won't use it actively I wonder if I can make it go away.
<ronator> There was an issue request for this at icinga2 so they "fixed" it, but I just do not understand if I can just disable it and where ...
<sarnold> ronator: aha. I think I've got it:  systemctl cat sys-kernel-debug.mount
<ronator> let me see ...
<ronator> wow, how did you come up with this so fast ...
<sarnold> probably you could symlink /etc/systemd/system/sys-kernel-debug.mount to /dev/null to forbid it from happening. maybe systemctl mask can do that for you? maybe you'd need to stop the service first to get it to umount...
<sarnold> ronator: just a hunch to check systemd when I didn't see it in my fstab either. I got lucky.
<ronator> What about commenting out all below [Mount] ? Or is this not a true file?
<sarnold> it is, but the version in /lib is owned by the package -- if you want ot make changes, they should go into a file in /etc/ instead
<ronator> but yeah, awesome tip sarnold, thx I was searching the net and only fin ding boring descriptions of debugfs ;-)
<sarnold> and indeed it feels like a mistake for it to be loaded by default..
<ronator> fun fact is: I have ubuntu 14.04 with kernel 4.4. first bott, it shows debugfs. reboot and it is gone! with ubuntu 16.04 and kernel 4.4 it won't just disappear.
<ronator> so thx for your hint, this way I can check the other systems that don't have it and compare them
<sarnold> heh, I'm surprised debugfs shows up in the first boot of 4.4 on a 14.04 -- in this case it's the systemd unit that causes it to be mounted
<ronator> yes, I saw it happening. and monitoring plugins where failing because no permissions on that "device" ...
<ronator> -h
<sarnold> it'd be worth poking upstreams on those plugins to try to get them to blacklist the in-kernel filesystems
<sarnold> I mean, it's handy, it reported this issue :) but it's also probably more annoying than useful
<ronator> true. and yes, icinga2 e.g. did change the defaults for check_disks especially for ubuntu 16.04 ;-) I wonder if this hapens with Debian 8 ...
<ronator> and I also wonder why the heck ubuntu 16.04 ships lxcd by default ... this also leads to stuff like "Additional Info: DISK CRITICAL - /run/lxcfs/controllers/freezer is not accessible: No permission"
<sarnold> ah, that's an easy one :) lxd is pretty neat and we wanted a low barrier to entry for folks to try it out :)
<ronator> hrrhrr
<Mc_uli> hi, wnat to setup some nodes with conjure-up. How many servers and storage do i need ? is there any kind of reference and explained where the e.g. cephs is installed or where the horizon dashboard goes?
<Mc_uli> its for openstack
<guzzlefry> Is there a recommended PPA for installing PHP7 on 14.04?
<frickler> coreycb: regarding debian/patches/skip-ryu-tests.patch for neutron, there are two uses of ryu, the second one is as the reference implementation for the bgp-dragent. I'm a bit sceptical about dropping tests for that part completely, because we are actively using it in our deployments
<rbasak> stokachu: see conjure-up question above please.
<rbasak> Mc_uli: stokachu won't be in for a few hours at least, assuming he's not away.
<Lunar_Lamp> w/in 1
<coreycb> frickler, I've dropped the skip-ryu-tests.patch and no longer skip those tests in the newton b1 release
<coreycb> frickler, build-depends no longer need to be in main so we were able to drop that patch
<frickler> coreycb: ah, great, that answers my follow-up question already ;)
<coreycb> frickler, :)
<EmilienM> frickler: can you backport https://review.openstack.org/#/c/326150/ to Mitaka?
<frickler> EmilienM: I can try, it probably would help if you can add a note to https://bugs.launchpad.net/neutron/+bug/1589521 stating how this affects you for Mitaka still
<ubottu> Launchpad bug 1589521 in tap-as-a-service "AttributeError: type object 'BaseNetworkTest' has no attribute '_try_delete_resource'" [Undecided,In progress]
<stokachu> rbasak: i've got this channel highlighted on conjure-up keywords, unfortunately i just got online
<EmilienM> frickler: well, I have the same trace so I'm not sure what can I add
<frickler> EmilienM: hmm, right, looks like it is a clean cherry-pick anyway, so lets wait what the neutrinos have to say on this (https://review.openstack.org/327068)
<EmilienM> ok
<EmilienM> in the meantime, I unblocked our CI in disabling fwaas on ubuntu
<rbasak> stokachu: np. The guy asking left anyway.
<stokachu> rbasak: is there like an info bot in here? so we could do like !conjure-up and it'll point them to askubuntu.com?
<rbasak> !
<rbasak> !info
<rbasak> I thought there was once, but evidently not.
<rbasak> stokachu: ah, you watch askubuntu.com for conjure-up stuff? I can just point people there then. That's probably easier even if no bot.
<stokachu> rbasak: yea that would be awesome
<rbasak> Cool, I'll do that - thanks.
<frickler> !yum
<ubottu> Uh, don't you mean !apt ?
<frickler> its still there it seems ;)
<Xin> howdy all
<rbasak> caribou: around? I'm looking at your updated kexec-tools MP.
<rbasak> caribou: I'm quite happy for you to just upload without a second review, but I'm going through as if you're not an uploader in order to try out the process.
<rbasak> I don't have my old git repo around, and I'd like to diff from before your rebase to after your rebase, but I can't find the old branch. Usefully LP remembers, so it's apparently de45e23.
<rbasak> caribou: would you mind tagging de45e23 as merge.v1 and pushing that please? I'm not sure this is actually documented anywhere but I intended that to be the process when asking for a re-review (or when you want to keep an older merge branch around before rebasing for any other reason) so the reviewer can get to both branches.
<prince> hello
<prince> This is for ubuntu servers aka vpses right?
<teward> can anyone think of any valid sane reason that when someone issues a 'ping' from 14.04 server that it would send the ping out over both the MAC address on that NIC port, but also a MAC address that doesn't even exist on the system (but isn't a broadcast MAC address)?
<teward> prince: this is a support channel for Ubuntu Server, not necessarily just VPSes
<prince> teward: obviously not just vpses, but for vps support as well I assume?
<teward> prince: again, it depends - from the Ubuntu OS on the VPS, we can assist, for the actual VPS itself, go to your provider
<prince> Oh no, ubuntu server related.
<teward> and in many cases what may be an "OS" issue is not, and is actually a provider issue
<teward> prince: you're free to ask your question, but you can get pointed to elsewhere if it's not actually an Ubuntu issue
<teward> that said, next time just ask your question
<prince> God!
<teward> rather than asking the premise of the channel
<prince> Do you need me to leave or something?
<teward> uh, what?
<prince> I said it's ubuntu related
<teward> prince: so ask your REAL QUESTION
<coreycb> jamespage, ddellav: I just uploaded cinder b1 for real this time.  Looks like just heat and nova are stuck in proposed for the known MIRs we have.
<jamespage> coreycb, \o/
<Xin> hey guys, im looking for some kind of product to automate sync'ing the current dev server over to a backup server, starting the backup servers required, and to update my DNS record to have the backup as the primary server
<Xin> and then signal me when the backup server has replicated globally type thing
<Xin> aka its ok for me to take the production server offline
<Xin> and do whatever
<Xin> I figure something for this must exist
<Xin> though its not terrible to do by hand
<ddellav> coreycb awesome. I'm working on the monasclient mir now
<coreycb> ddellav, ok cool
<coreycb> jamespage, suppose we can start backporting all the clients/oslos and core packages that are missing from the newton UCA?
<jamespage> coreycb, please do!
<coreycb> jamespage, ok
<jamespage> coreycb, branch PPA for newton is almost deployable
<coreycb> jamespage, awesome
<jamespage> coreycb, https://review.openstack.org/#/c/326597/ that needs landing and then we are all good
<Xin> no ideas folks?
<Xin> ;(
<jamespage> Xin, you might need that question to bake for a bit more that 3 mins :-)
<Xin> lol nah its what I do currently
<Xin> If theres a better way im all ears!
<coreycb> jamespage, why not use the package config for apache?
<jamespage> coreycb, well its a bit of a nuance of the charm
<jamespage> having two files named kesytone.conf confused the crap out of the ostemplategenerator
<coreycb> jamespage, ok
<teward> prince: i didn't say you couldn't ask about your issue, by the way - did you still want to ask your question?
<prince> teward: It's fine besides feeling offended, I'll probably ask later.
<teward> well, sorry, it wasn't *meant* that way
<jscar> HI, ubuntu newbie question.... how can I tell if apparmor utilties is installed?
<jscar> hello anyone?
<nacc> jscar: do you mean apparmor itself or some specific tooling?
<nacc> jscar: for apparmor itself `apt-cache policy apparmor`
<jscar> I'm trying to put mysqld into complain mode but aa-complain returns 'command not found' so I think apparmor utilties might not be installed but I want to know how to check
<jscar> apparmor itself is running
<\9> find out what the package name is, using apt-cache search
<nacc> apt-cache search aa-complain
<\9> and then use apt-cache policy, to find out whether it's installed or not
<nacc> apt-cache policy <pkgname>
<nacc> \9: :)
<jscar> thank you - so much learning! :)
<jscar> apt-cache policy apparmor-utils returns Installed: (none)
<jscar> Guess it's not installed :)
<nacc> yep ;)
<jscar> many thanks for the pointers
<coreycb> ddellav, I think we both have package ci duties today so just to let you know I'm working on cinder
<ddellav> coreycb ok. I actually put myself down for tuesday and friday but i'll do one tandem with you a couple times
<coreycb> ddellav, oh ok I thought jamespage had tues/thurs.  fix up the table then if you can.
<ddellav> coreycb when i looked only monday and thursday were selected by you guys heh
<coreycb> ddellav, oh package ci, not bugs
<ddellav> coreycb ahhhh, yes, ok. I haven't looked at CI yet
<John[Lisbeth]> Term mode is eh
<John[Lisbeth]> but maybe I am just butthurt because I always forget to use c-c c-k and c-c c-j
<John[Lisbeth]> I also feel like those two keybinds could be a toggle
<John[Lisbeth]> so just one keybind
<John[Lisbeth]> I mainly run into trouble when I do fancy rendering things like resizing terminals
<John[Lisbeth]> but every now and then a curses application will just bug out
<John[Lisbeth]> runs x smoothly
<John[Lisbeth]> oops
<John[Lisbeth]> wrong channel
<jackdpeterson> Odd_Bloke -- following up today on https://bugs.launchpad.net/cloud-images/+bug/1569237  Solution is to get the base image to have the default user be vagrant and not ubuntu.
<ubottu> Launchpad bug 1569237 in vagrant "vagrant xenial box is not provided with vagrant/vagrant username and password" [Undecided,New]
<jackdpeterson> I was able to connect after a while -- timing was a factor; however, that's still broken from the vagrant workflow because the 16.04 vagrant box image doesn't follow vagrant conventions. I referenced the docs in my latest comment.
<Odd_Bloke> jackdpeterson: o/
<jackdpeterson> 14.04, on the other hand does.
<jackdpeterson> UID/GID for vagrant:vagrant would be 1000/1000, respectively.
<Odd_Bloke> jackdpeterson: Right; Vagrant does allow boxes to configure what username they use (which is why `vagrant ssh` works), and using the `ubuntu` user is consistent with other Ubuntu images.
<Odd_Bloke> jackdpeterson: So is it just that people everywhere don't know this and assume the vagrant user will exist?
<jackdpeterson> That's correct -- the assumption is that the vagrant user always exists and is the 'default'. Then people stack on provisioners to sync up code between their host machine's FS and internal VM configuration. this assumption is generally safe since that is the convention.
<Odd_Bloke> OK, fair enough.
<jackdpeterson> and that uid/gid is based on my pulling up the 14.04 image and comparing.
<Odd_Bloke> jackdpeterson: I've updated the bug description, does that look reasonable to you?
<jackdpeterson> Yep, that's very close to what my title was on the other cross-referenced bug was -- so I'm happy with the accuracy of that :-)
<Odd_Bloke> jackdpeterson: Cool; now did you mention that you were interested in fixing it? ^_^
<jackdpeterson> I added some confusion with the SSH-related nonsense (my apologies)
<jackdpeterson> Yeah, If I can, I'm more than happy to!
<Odd_Bloke> jackdpeterson: So the relevant file is http://bazaar.launchpad.net/~ubuntu-core-dev/livecd-rootfs/trunk/view/head:/live-build/ubuntu-cpc/hooks/042-vagrant.binary
<Odd_Bloke> jackdpeterson: It's pretty crufty, unfortunately, but the way it works is basically to set up a cloud-init metadata source which is used at box boot to do configuration.
<Odd_Bloke> jackdpeterson: So I would suggest pulling down the latest yakkety Vagrant box (http://cloud-images.ubuntu.com/yakkety/current/yakkety-server-cloudimg-amd64-vagrant.box), unpacking that, modifying the contents and repacking it until you get something that works.
<Odd_Bloke> jackdpeterson: And then work out what will need to change in that hook.
<jackdpeterson> Sure, then reply with a Github Gist?
<Odd_Bloke> jackdpeterson: Sure. :)
<coreycb> ddellav, cinder should be fixed up for newton CI, looking at neutron now
<jackdpeterson> Odd_Bloke -- I have a gist -- but to be honest, I'm not sure if these changes will __work__ I'm not seeing documentation on how to spin up an environment for creating images from those hooks. https://gist.github.com/jackdpeterson/64c1f8a517087e07f7e40a1ace76ada0  Lines 70-72, and 115 are the changes
<jackdpeterson> and when I manually execute these scripts it complains about missing files (and stepping through this and manually fixing the references to other paths) is tedious and feels wrong
<jackdpeterson> oh, and the password doesn't need to be random ... it can just be 'vagrant'
<coreycb> ddellav, neutron should be fixed up for CI.  I'll leave designate liberty and nova newton for you.
<ddellav> coreycb: ok, sounds good.
<blizzow> I just wanted to come in here and reiterate that it is a moronic idea to install lxc and lxcfs by default in the server distribution and whoever is responsible for that decision should have their hard disks formatted. May an rm -rf /* come upon their root session.
<jrwren> when an upstart service runs and writes output, its stdout and stderr are written to /var/log/upstart/NAMEOFSERVICE.log   where does stdout and stderr go in the systemd case?
<rharper> jrwren: depends on the unit file but typically, systemctl status -l $service.service shows output from the daemon
<jrwren> rharper: thanks. I dug some more and found that what I expecte to be on stderr wasn't there because starting the process wasn't getting that far.
<rharper> ah
<caliculk> What does everyone here use for a combination of DCIM and Asset/Inventory Management for their hardware devices in a server room?
#ubuntu-server 2016-06-09
<runelind_q> I am new to lxd and want to configure the networking to be a true bridge in that I want my guests to get v4 addresses via DHCP and v6 addresses via SLAAC
<runelind_q> once I get this working I'm planning on having multiple interfaces on my host that binds to different VLANs (and thus multiple bridges, I would assume).
<runelind_q> I created a test guest and it created a vethDMY03 interface, but the guest doesn't have a v4 or a v6 address
<runelind_q> I went into the guest and set inet dhcp and inet6 auto in interfaces.d/50-cloud-init.cfg
<winslow__> Hi, all. Not sure if there's a better room to reach the team that handles Ubuntu cloud images, but `vagrant box add ubuntu/xenial64` is currently failing with a 404 when fetching the box.
<nacc> Odd_Bloke: --^ not sure if that is the same issue you were helping with earlier
<jrwren> runelind_q: did you create your own br0 bridge device, add your eth0 to it and tell lxd to use that br0?
<jrwren> runelind_q: this is a little dated, but may help: http://jrwren.wrenfam.com/blog/2015/11/10/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan/
<masuberu> hi
<masuberu> why loop
<masuberu> , lp and
<masuberu> rtc are missing from /etc/modules?
<masuberu> on ubuntu 16.04?
<masuberu> why loop, lp and rtc modules are missing from /etc/modules on ubunut 16.04?
<runelind_q> jrwren: i thought lxdbr0 was the new hotness?
<jrwren> runelind_q: it is, but that is a nated bridge interface which serves dhcp from a private range via dnsmasq.
<jrwren> runelind_q: your question made it sound like you wanted to bridge to your local lan.
<runelind_q> i did
<runelind_q> ok, i will use a regular bridge
<Yuri4_> Guys, how can I run some command automatically on every boot?
<runelind_q> let me count the ways
<runelind_q> you want to run it as root or a regular user?
<jrwren> Yuri4_: a crontab entry with @reboot isntead of `m h dom mon dow` works well
<runelind_q> that's what I was going to recommend.
<Yuri4_> runelind_q, as root
<runelind_q> sudo crontab -e
<runelind_q> then do what jrwren recommended.
<Yuri4_> jrwren, I'm very new to linux.
<Yuri4_> Wher do I put that entry?
<Yuri4_> Hmmm. Google says that crontab is timebased
<Yuri4_> I only need it run once after boot
<Yuri4_> Is this good solution?
<Yuri4_> Guys?
<runelind_q> yeah, if you set it to @reboot instead of a time, it will run the script on boot
<Yuri4_> runelind_q, but it will run only after user logins?
<Yuri4_> I'm on server and need to run that command when server restarts
<runelind_q> no, it will run during the boot process, even before a user logs in.
<runelind_q> jrwren: I'm assuming I want to swap eth0 for ens160 which is my actual interface name when I make changes to /etc/network/interfaces
<runelind_q> ?
<jrwren> runelind_q: yes.
<Yuri4_> runelind_q, I'm new to linux. So how do I execute on every boo, let's say "sudo mount_folder_x"?
<Yuri4_> boot*
<runelind_q> oh, if you want to mount something, you want to edit /etc/fstab
<Yuri4_> runelind_q, no, I absolutely don't want to do that
<Yuri4_> it already broke to servers
<Yuri4_> two*
<Yuri4_> I just want to run it on every reboot
<runelind_q> https://help.ubuntu.com/community/CronHowto
<Yuri4_> And if it fails it doesn't break servers
<jrwren> learn how to do it without "breaking" the servers ;]
<runelind_q> look into the part about @reboot
<Yuri4_> jrwren, I did everything correctly. I belive there is a bug in service I'm usuing
<runelind_q> probably not
<Yuri4_> jrwren, I'm very new to linux and can't understand that manual. I've been reading it for 10 min. Could you provide an example, how to do it, please?
<Yuri4_> I don't uderstand how to do it
<runelind_q> the link I provided is very thorough.
<Yuri4_> runelind_q, It is thorough, but I'm a noob. I don't understand what it saying
<Yuri4_> could you just give an example, please?
<Yuri4_> I'm windows sysadmin, not linux
<jrwren> Yuri4_: sorry, i've been doing this for 20yrs, if the docs at https://help.ubuntu.com/community/CronHowto aren't readable, I'm afraid i cannot help.
<runelind_q> sudo crontab -e
<runelind_q> then @reboot /path/to/script
<Yuri4_> runelind_q, thank you!
<Yuri4_> jrwren, see how it's done?
<Yuri4_> runelind_q, you are the best!
<jrwren> I do see.
<jrwren> Thanks.
<Yuri4_> runelind_q, I did sudo crontab -e then added @reboot /home/prouser/startup/command
<Yuri4_> but it doesn't execute
<runelind_q> did you set chmod +x /home/prouser/startup/command ?
<Yuri4_> runelind_q, no
<Yuri4_> runelind_q, thank you
<runelind_q> jrwren: ok, my guest gets a v6 address, but I can't ping6 it.
<runelind_q> I set v6 forwarding =1
<Yuri4_> runelind_q, I added 2 commands for @ reboot.  sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777 - this doesn't work
<jrwren> runelind_q: a routable address, not just link local?
<Yuri4_> but sudo mkdir - works
<runelind_q> jrwren: yeah, routable
<jrwren> runelind_q: I'm not familiar with SLAAC. I only use radvd
<runelind_q> jrwren: SLAAC is the autoconfigured addresses from radvd
<runelind_q> Yuri4_: put it into a script, run chmod +x on the script, then manually execute the script to make sure it works.
<runelind_q> put the full path to all commnds
<runelind_q> like /bin/mount instead of mount
<Yuri4_> remix_tj, yeah it's full path. 1 command works and anothe doesn't
<Yuri4_> how do I mannualy execute the script?
<Yuri4_> runelind_q, when I do it mannualy both command works
<Yuri4_> but on boot only 1 works
<Yuri4_> this one doesn't sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777
<runelind_q> you don't do sudo, just mount, since it runs as root
<runelind_q> and make sure you have /bin/sudo in there.
<runelind_q> and this should really really really really be done in fstab
<Yuri4_> runelind_q, when I do it in fstab my serve stops booting
<Yuri4_> server*
<Yuri4_> runelind_q, still doesn't work
<Yuri4_> I hade sudo mkdir though and it executed fine
<runelind_q> I dunno man.
<runelind_q> sounds like you need to hire someone to come over.
<Yuri4_> runelind_q, that's me who have been hired to do that
<Yuri4_> is there another option to do that on each boot?
<Yuri4_> not cron?
<runelind_q> nope, hire someone else as a subcontractor.
<patdk-lap> did you add the _netdev flag?
<winslow___> Hi all. Sorry if anyone responded recently. I had to travel some. Any word on the ubuntu xenial64 vagrant images being missing?
<runelind_q> net.ipv6.conf.all.forwarding=1
<runelind_q> net.ipv6.conf.br0.accept_ra=2
<runelind_q> net.ipv6.conf.default.forwarding=1
<runelind_q> guest gets a v6 address, but I can't ping it.
<Yuri4_> runelind_q, I fiexed it by adding sleep 30; before the command
<Yuri4_> thank you for the help!
<patdk-lap> must be a dns issue
<Yuri4_> patdk-lap, maybe some durty hack to change server IP after boot?
<Yuri4_> when I put it into FSTAB it broke both my server that took 8 hours to set up
<masuberu> I need to install fure-utils on ubuntu 16.04, any help?
<masuberu> fuse-utils sorry
<runelind_q> furry-utils
<winslow___> FYI, I filed https://bugs.launchpad.net/cloud-images/+bug/1590647 just so this isn't lost
<ubottu> Launchpad bug 1590647 in cloud-images "xenial64 vagrant boxes are unavailable from Atlas" [Undecided,New]
<House> hi all, i've got sssd+ad working for ssh, login & sudo, but for the life of me i cant get "smbclient -k" or automount to work for any passwordless access to smb fileserver. just get a timeout. all ok if i skip the '-k' and manually enter password, but automount won't work, and multi-user access in fstab requires a passwordless method.     anyone have this working?
<toshywoshy> Is there a significant difference between Debian partitioning and Ubuntu partitioning, as my debian preseed file used on ubuntu 16.04lts keeps on asking me to confirm the partitions manually
<Odd_Bloke> nacc: Thanks for the pointer to that Vagrant bug. :)
<toshywoshy> is there any way to prevent the installer from asking me to confirm manually the partition setup layout if it is already defined in an expert layout?
<frickler> toshywoshy: this is what we use for our trusty and xenial nodes: http://paste.ubuntu.com/17138951/
<toshywoshy> frickler: thanks, in the second partition you have '-1' as the maximum value, is that better than having '1000000000'?
<frickler> toshywoshy: IIUC it will use the maximum available size, I'm not sure what happens if you use a value too large for your current disc
<frickler> toshywoshy: I did some searching on the net to get that part together some years ago, most of the rest of the file is still the original https://github.com/puppetlabs/razor-server/blob/master/tasks/ubuntu.task/preseed.erb
<toshywoshy> frickler: I solved it based upon your preseed file, the solution was adding "d-i partman-auto-lvm/guided_size string max", which is wat the installer was nagging me about to confirm manually, thanks again
<frickler> toshywoshy: yw
<Thumpxr> so, is uptrack really necessary / makes sense on a private server which host various public services with >100 users?
<Teme_> hello
<Teme_> anybody wake?
<vbotka> Teme_, It's lunch time here man :)
<Teme_> aah, sorry to be a bother then ;)
<jamespage> coreycb, ddellav: ok so updated oslo.messaging to 5.2.0 - needed for keystone
<jamespage> fixed versions for keystone; should build through shortly
<jamespage> there where some network connectivity issues overnight - so re-ran some failing builds that got impacted by that
<jamespage> also pushed a small fix to pkgos-generate-snapshot to deal with .0b1 correctly -> will map to ~b1 for package version compatibiltiy
<jamespage> still tripping on some networky type problems but almost clean
<jamespage> I also took a look at the nova-lxd failure - its due to some missing mocking
<frickler> jamespage: regarding https://bugs.launchpad.net/bugs/1564812, the main issue is that there is one log-file generated per rootwrap command executed, i.e. one file every 2 seconds for some neutron agents. and they never get cleaned up it seems.
<ubottu> Launchpad bug 1564812 in nova (Ubuntu) "Disable sudo io logging for rootwrap" [Wishlist,Triaged]
<jamespage> frickler, a file per command?
<jamespage> or a log entry per command?
<frickler> jamespage: no, each sudo invocation generates a new file
 * jamespage checks an install
<jamespage> frickler, I'm not seeing that on a openstack install we have for QA
<jamespage> all sudo calls go to /var/log/auth.log
<frickler> jamespage: you need to add "Defaults      log_output" to your /etc/sudoers to trigger the issue, default installation doesn't log anything
<jamespage> frickler, well the default logs all commands and output to /var/log/auth.log
<jamespage> frickler, no you are right - output is not logged by default
<jamespage> only input
<frickler> jamespage: yes, but as part of our hardening, we add the above options, so that everything a user does e.g. within a "sudo -i" session, can be looked at afterwards with sudoreplay
<jamespage> frickler, ok so your proposed change does not alter the logging of commands to /var/log/auth.log
<jamespage> it just stops the creation of the individual files that log_input and log_output turn on?
<jamespage> if that's the case I misunderstood the problem - apologies...
 * jamespage thinks
<frickler> jamespage: at least that is my understanding of the impact of the change, yes
<rbasak> Wouldn't turning off output by default be surprising to others who turn it on globally and expect all commands to follow?
<rbasak> It seems to me that it would be less surprising for people who choose to turn global logging on to also disable it for specific cases where it is not wanted.
<frickler> rbasak: the problem is that you have to do it on the same line, so we would have to patch again this after every package update
<rbasak> frickler: it's a conffile. Your modifications should be maintained by packaging. You'll only have to handle it if the packaging changes the conffile it ships.
<rbasak> frickler: even if that weren't true, the right fix would be to have some better override features in sudo.
<rbasak> I just think that this kind of change just prompts another bug report saying the opposite. It's not the default configuration, so the fix should be to make it easier to get the behaviour you want, rather than changing the default for something that isn't even a default.
<rbasak> But anyway, up to jamespage.
<jamespage> hence my last /me thinks
<jamespage> ;0)
<jamespage> rbasak, frickler: this is tricky - I would tend to think it might be better set overrides per user that needs to be excluded
<rbasak> Can sudo take that instruction from a separate .d file? In that case that would be the perfect solution - no changes in packaging needed and frickler can add it locally without much concern for what happens on packag eupdates.
<ikonia> rbasak: it can
<ikonia> I've often used seperate files, eg: normal.rules webowners.rules etc etc
<ikonia> just make sure they don't conflict as ordering is not good
<rbasak> The files would have rules that overlap. Hence my question.
<jamespage> rbasak, looking now
<ikonia> that can cause a problem then, I believe the most restrictive rule is honoured
<jamespage> something like:
<jamespage> Defaults:nova !requiretty,!log_input,!log_output
<jamespage> might work ok
<jamespage> yes that does work fine - so I still can set global log_ouput, log_input, but nova/neutron whatever gets excluded
<jamespage> but still included in auth.log
<jamespage> frickler, ^^ that might fit your requirement
<jamespage> you can skip !requiretty as well as that's set in the pkg provided sudoers
<jamespage> commented on bug as well
<jamespage> rbasak, you'll have an opinion on https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1585794 just as I do
<ubottu> Launchpad bug 1585794 in nova (Ubuntu) "dpkg unable to configure nova-common if user nova is in ldap" [Undecided,New]
<jamespage> system users in ldap sounds like bad karma to me...
<jamespage> however that's not the actual bug here...
 * rbasak looks
<rbasak> jamespage: is the bug caused by there being a system user in LDAP, or just some normal user in LDAP that happens to be called "nova"?
<rbasak> jamespage: the pattern in that postinst is the normal one. If something needs changing, it'd probably need change across the board (ie. a wider collective decision).
<jamespage> rbasak, this issue is that the postinst tries todo usermod on the nova user for a switch in group way back before 12.04
<jamespage> nobody -> nova
<rbasak> jamespage: ah. That I did question but didn't realise it was relevant.
<jamespage> that won't work with an ldap provided user
<jamespage> that said I think ldap for system users is a little bonkers...
<rbasak> jamespage: I'd do that on an upgrade path only (compare to $2 etc)
<rbasak> I didn't think of that from an LDAP perspective though, just a "stepping on the user's customisations unnecessarily" perspective.
<rbasak> Always good for upgrade path code to be conditional on the required upgrade versions since then it can be dropped eventually and make things simpler, as well as reduce the likelyhood of some kind of unpredicted conflict when the upgrade path code isn't needed. I guess this is one of those cases.
<jamespage> rbasak, tbh that all applied to day 0 packaging anyway
<rbasak> I agree that an LDAP system user is pretty broken though, but that's not my justification.
<rbasak> Most packaging I've seen would work with an LDAP system user though, if the user knows what he's doing. In that postinsts just leave it alone in that case, and silently accept failure to remove on postrm I think.
<rbasak> jamespage: not sure what you mean?
<jamespage> rbasak, all of the part of the maintainer script was due to mistakes made prior to 12.04 release...
<jamespage> that's pretty much the earliest point we support upgrades from now
<rbasak> jamespage: ah, I see. So you could just drop the usermod?
<jamespage> just did :-)
<rbasak> :-)
<coreycb> jamespage, ddellav: all of the newton b1 core packages from our end are backported
<coreycb> jamespage, still need this to land I believe before testing right?  https://review.openstack.org/#/c/326597/
<jamespage> coreycb, is that the keystone one?
<coreycb> jamespage, yep
<Xin> stupid question
<Xin> but how do I allow access to apache only from my internal network
<Xin> no external access
<coreycb> ddellav, testing for bug 1546116 is complete.  can you tag the bug as verification-done and verification-liberty-done?
<ubottu> bug 1546116 in manila (Ubuntu Wily) "[SRU] manila share process init script is missing" [Undecided,Fix committed] https://launchpad.net/bugs/1546116
<rbasak> nacc: do you want bug 1590623 sponsoring?
<ubottu> bug 1590623 in php7.0 (Ubuntu) "Drop dh-php from Recommends to Suggests" [Undecided,New] https://launchpad.net/bugs/1590623
<ddellav> coreycb ok, i'll try
<jamespage> coreycb, ddellav: nova branch build failed fixed; patch accepted upstream!
<coreycb> jamespage, that must have landed quick
<jamespage> over a week
<jamespage> it was just some assert call badness
<jamespage> https://review.openstack.org/#/c/318568/
<coreycb> jamespage, ah that one
<jamespage> coreycb, have fix up for nova-lxd as well as soon as rockstart or zul are around...
<jamespage> rockstar rather..
<jamespage> doh
<coreycb> jamespage, oh awesome
<zul> jamespage: yeah no one can approve patches yet
<jamespage> zul, ha
<jamespage> zul, just ask someone in -infra to add you and rockstar to the groups
<jamespage> unless you have already done that...
<jamespage> yolanda is alway a good egg :-)
<zul> jamespage: i think rockstar already has
<jamespage> oh ok
<EmilienM> coreycb, jamespage: hey
<EmilienM> can I try to deploy newton on xenial?
<jamespage> sure
<EmilienM> how?
<jamespage> EmilienM, ppa:openstack-ubuntu-testing/newton
<EmilienM> ok cool
<EmilienM> jamespage: did you deploy already?
<jamespage> b1 is working its way into the UCA - but that PPA has branch builds for most projects
<jamespage> EmilienM, yes
<EmilienM> cool
<jamespage> EmilienM, you'll probably trip over the changes we've made to the keystone package for wsgi/apache2 support
<jamespage> well you might
<jamespage> /etc/apache2/sites-enabled/keystone.conf
<EmilienM> jamespage: ok so I use ppa but in a close future I can use uca, right?
 * jamespage crosses fingers...
<jamespage> EmilienM, coreycb or ddellav will email the openstack-dev ML once its all up and verified
<EmilienM> ok
<jamespage> coreycb, btw I'm going to push all of newton staging -> proposed right now
<coreycb> jamespage, +1
<jamespage> we may as well test proposed as no one else is just yet...
<EmilienM> jamespage: so should I wait that you push and then I test it?
<EmilienM> well, let's try the ppa this morning and ping me when you pushed in proposed I'll test it too
<jamespage> EmilienM, up to you - will take several hours to work through
<EmilienM> ahhhh
<EmilienM> ppa :)
<jamespage> if you want to start now use the PPA
<jamespage> EmilienM, we've done a bit of rejig in the openstack-dashboard packaging as well; the ubuntu theme is just installed alongside the other themes, and is end user selectable.
<jamespage> DEFAULT_THEME='xxxx' to switch the default between options - default|ubuntu|material
<EmilienM> mhh ok
<EmilienM> iberezovskiy: ^ fyi
 * EmilienM take notes on https://etherpad.openstack.org/p/puppet-openstack-xenial
<EmilienM> jamespage: so you put a default vhost for keystone, right?
<jamespage> EmilienM, yah - for admin and public endpoint ports
<EmilienM> mhh ok
<EmilienM> it's a bit annoying
<jamespage> EmilienM, is based on the one keystone provides in httpd
<EmilienM> for people using deployment tools like chef/puppet/ansible
<jamespage> https/wsgi-keystone.conf
<EmilienM> most of people deploy their own vhost
<EmilienM> why not in site-available?
<EmilienM> it would be better imho
<jamespage> EmilienM, for those not using puppet/chef/ansible
<EmilienM> it's like zigo does, forcing stuffs
<EmilienM> I don't like it... but that's my opinion...
<EmilienM> our keystone module already manage vhost with the capacity of configure the vhost
<EmilienM> so we'll have to drop this file...
<EmilienM> and chef/ansible will have to do the same
<EmilienM> people should be able to enable the vhost themselves I think
<EmilienM> it's very intrusive to add a vhost & enable it by default
<iberezovskiy> jamespage, why did you decide to change this behavior? it always was at sites-available as I know
<EmilienM> degorenko, iberezovskiy: FYI I updated https://etherpad.openstack.org/p/puppet-openstack-xenial with the notes I took from ^
<EmilienM> right, this change is not cool
<jamespage> what are we talking about
<EmilienM> keystone vhost
<jamespage> keystone has never shipped a sites-avaliable; as there is no longer a eventlet based daemon, we have to provide an enabled daemon in someway
 * jamespage ponders this...
<EmilienM> I just say, that most of people won't use this vhost in production, because everybody does vhost tunning. In puppet-keystone, we allow such tunning since you can configure everything in the vhost (SSL, workers, etc)
<EmilienM> so you better disable it by default and people will enable it before starting apache2
<jamespage> I appreciate that...
<EmilienM> I think providing a vhost is awesome
<EmilienM> it really helps people to easily deploy keystone
<EmilienM> but enabling it by default is a bit too much and I think most of people know how to enable a vhost, and if they don't lol. Don't continue OpenStack deployment :)
<iberezovskiy> providing of vhost is good, but please do not force to use it
<jamespage> I'm actually considering whether we should do the same with the dashboard as well - we should be consistent...
<EmilienM> anyway, I kicked off a CI job with PPA, I'll give you feedback as soon as jobs finish
<jamespage> coreycb, what do you think?
<coreycb> jamespage, we provide init scripts by default, so it seems like a default vhost makes sense
<coreycb> jamespage, I think we'll get complaints either way
<EmilienM> I just hope the packaging does not start apache by default
<EmilienM> ie: apt-get install keystone
<jamespage> EmilienM, yes it does
<EmilienM> ...
<jamespage> because it installs apache2
<coreycb> EmilienM, just like horizon
<EmilienM> ansible/chef/puppet folks will have big issues
<EmilienM> for orchestration
<jamespage> this is really about which expectations we break
<jamespage> I mr end user install keystone, and nothing is running
<jamespage> unlike pretty much everything else in the archive..
 * jamespage ponders this some more...
<jamespage> EmilienM, ftr I think 'big issues' is over egging it a bit - disabling a site is not that hard :-)
<jamespage> yes you will have to make a change to adapt to the changes in packaging behaviour...
<EmilienM> my concern is that ubuntu packaging is getting more and more intrusive
<EmilienM> I don't think production deployments need you to start apache, they have orchestration tools and they need to decide when they start services
<EmilienM> but anyway, yeah we can workaround all-the-things, I just say it's getting worse over the releases.
<coreycb> EmilienM, do you have examples?
<EmilienM> coreycb: containers
<EmilienM> coreycb: or people who use puppet/ansible/chef/whatever
<coreycb> EmilienM, containers where?
<EmilienM> they want to wait before starting apache, maybe they need to add more vhosts before
<coreycb> EmilienM, do you have examples of where we're getting worse?
<EmilienM> coreycb: keystone is the right example I guess
<EmilienM> as it's a core service that everyone use
<ogra_> EmilienM, enforced starting of services is a core part of the debian packaging requirements since over a decade ... thats not an ubuntu thing at all
<ogra_> has been like that forever for debian packages
<EmilienM> great, if everyone likes it then I'm wrong
 * ogra_ didnt say he likes it, but it is simply like that forever and it is a debian requirement, not an ubuntu one
<EmilienM> it's not because it's here forever that we can't change
<EmilienM> RDO packaging was a mess a few years ago
<EmilienM> (RDO = Red Hat OpenStack packaging)
<ogra_> what i'm saying is that you have to change debian
<EmilienM> and we changes lot of things, and now things are much better
<EmilienM> anyway, I'm trying to satisfy OpenStack community as a Project technical lead of Puppet modules
<rbasak> EmilienM: puppet is broken wrt. starting daemons. It takes over running services; it should use policy-rc.d.
<EmilienM> and as a PTL I'm trying to engage work with other communities to make things better
<EmilienM> our CI deploys Ubuntu jobs so I'm here
<rbasak> EmilienM: and if it did, then a default enabled or disabled "site" would make no difference. Your puppet module would just force it one way or other before starting the service.
<EmilienM> sure, we'll adapt
<EmilienM> just giving feedback, take it it's free ;-)
<rbasak> We can't have defaults one way for interactive users and the other way for automation. It makes sense for automation to override things as needed rather than the user because that can be...well, automated.
<rbasak> Debian provides the hook necessary to do it. Automation should use it.
<caribou> rbasak: just pushed the new merge.v1 tag
<rbasak> caribou: thanks! I'm out of time before meetings and EOD today. I'll try to look tomorrow.
<caribou> rbasak: no worry & thanks for looking at it
<rbasak> stgraber: FYI, bug 1590747 - is CI broken somehow?
<ubottu> bug 1590747 in lxd (Ubuntu) "images.linuxcontainers.org Debian sid image is broken" [Undecided,New] https://launchpad.net/bugs/1590747
<nacc> rbasak: if you could, that would be great, just added ~sponsors (re: 1590623)
<nacc> Odd_Bloke: np, just figured the context was similar enough (re: vagrant bug)
<Odd_Bloke> nacc: Yep, much appreciated!
<rbasak> nacc: done
<stgraber> rbasak: we don't test those images, so CI isn't broken, Debian most likely is :)
<nacc> rbasak: thanks!
<stgraber> rbasak: that error seems to indicate that debootstrap succeeded but didn't give us a rootfs with a working /sbin/init :)
<rbasak> stgraber: one might argue that not testing the images means that CI is broken :)
<rbasak> But fair enough.
<stgraber> root@dakara:/var/lib/lxd/containers/foo/rootfs# ls /sbin/init -l
<stgraber> lrwxrwxrwx 1 root root 20 May 12 05:39 /sbin/init -> /lib/systemd/systemd
<stgraber> root@dakara:/var/lib/lxd/containers/foo/rootfs# ls -lh lib/systemd/systemd
<stgraber> ls: cannot access 'lib/systemd/systemd': No such file or directory
<stgraber> rbasak: ^
<stgraber> so yeah, looks like Debian sid is busted today
<stgraber> kinda surprised that debootstrap succeeded though :)
<rbasak> stgraber: you checked your host for existence of /sbin/init, not the guest. But yeah, it's broken :)
<rbasak> s/guest/image/
<stgraber> rbasak: oops
<stgraber> root@dakara:/var/lib/lxd/containers/foo/rootfs# ls sbin/init -l
<stgraber> ls: cannot access 'sbin/init': No such file or directory
<stgraber> it's even worse than I thought :)
<stgraber> how the hell is debootstrap succeeding without an init system :)
<rbasak> stgraber: well now at least you see the same behaviour I do :)
<stgraber> confirmed that debootstrap didn't feel like picking an init system, no error reported during bootstrap... https://jenkins.linuxcontainers.org/view/All/job/lxc-template-debian/arch=amd64,release=sid,restrict=lxc-priv,variant=default/986/console
<stgraber> so yeah, that might surprise a few people :)
<rbasak> Hmm. deboostrap hasn't changed recently.
<jamespage> coreycb, we need to not backport packages which have not changed since xenial (it creates conflicts in the UCA sync)
<coreycb> jamespage, oops, ok
<coreycb> jamespage, does anything need fixing?
<jamespage> coreycb, deleting offenders now
<coreycb> jamespage, thanks
<mrjazzcat> For reasons I will keep to myself :) I want to install Mitaka OpenStack components on Xenial without tooling.  But, the cloud archive says only Trusty is supported.  What methods can I use, short of building from source?
<mrjazzcat> zul:  Can you help me with this Q?  ^
<frickler> mrjazzcat: what do you mean by "without tooling"? mitaka packages are part of plain xenial, no need to use any cloud archive anymore
<mrjazzcat> frickler: ah, I see.  the packages are already on my machine (or VM)!  Thank you!
<Yuri4_> Is it possible to mount.cifs so the files and folders belong to www-data:user1 ?
<genii> Yuri4_: That would be done on the server, by setting default user and group in the smb.conf
<Yuri4_> genii, I don't have access to that server. Some person at #linux advices me how to do it through mount parametrs now
<teward> Yuri4_: the mount parameters they mean is on the server
<Yuri4_> genii, meant on SMB server
<Yuri4_> of course I have access to the server where I mount it
<sdeziel> Yuri4_: on the client, mount with "-o uid=www-data,gid=user1"
<Yuri4_> sdeziel, cool!
<Yuri4_> thank you
<Yuri4_> gonna try
<sdeziel> Yuri4_: Here is what my fstab entry looks like: //smb/share /data/share cifs  vers=3.0,rw,noauto,credentials=/etc/samba/simon.secrets,_netdev,nodev,nosuid,noexec,uid=simon,gid=users    0       0
<Yuri4_> sdeziel, eh fstab
<Yuri4_> already broke my server when I put wrong space
<sdeziel> Yuri4_: there is more than what you asked but it shows how the auth creds are decoupled from the local UID/GID mapping
<Yuri4_> sdeziel, I just crontab it
<sdeziel> Yuri4_: the noauto should allow you to manually test before rebooting :)
<Yuri4_> crontab rocks
<Yuri4_> @reboot
<Yuri4_> sdeziel, is uid = :x:33:
<Yuri4_> or just 33?
<sdeziel> Yuri4_: just 33 or www-data
<Yuri4_> sdeziel, does that command look right? sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o uid=33,gid=1000 vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777
<Yuri4_> -o uid=33,gid=1000
<Yuri4_> other works for sure
<Yuri4_> not sure about -o uid=33,gid=1000 syntax
<sdeziel> Yuri4_: there seem to be a missing "," between gid=1000 and vers=3.0
<Yuri4_> sdeziel, this works  sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777
<Yuri4_> oh I see
<Yuri4_> thank ou!
<sdeziel> you are welcome
<Yuri4_> sdeziel, seriously, you are the best! Very appreciate your help!
<sdeziel> Yuri4_: using sudo will mean the credentials will leak into /var/log/auth.log
<Yuri4_> sdeziel, it will be without sudo
<sdeziel> Yuri4_: credentials= has the advantage to avoid such leaks
<Yuri4_> it will run as crontab script @reboot
<Yuri4_> without sudo
<Yuri4_> and it won't ask for credentials
<hallyn> gaughen: hi - so afaik the only ppl inside canonical using vmbuilder are the cloud image team.  i'd love it if they would consider maintaining it upstream, and pushing community-relevant patches up
<gaughen> hallyn, I'll consider it, but will chat with the team.
<hallyn> thx.  the users will appreciate it :)  of course i'd tried to get rid of it during 14.04, but adt was still requiring it at the time...
<hhee> hey! guys. how can i create local mirror main ubuntu server repos?
<hhee> which tools do i need to use for this?
<nacc> hhee: ubumirror?
<hhee> nacc, official tool for is?
<nacc> hhee: hrm?
<hhee> nacc, where can i find out how big main repos?
<hhee> nacc, for prepare my hdd :)
<nacc> hhee: that i'm not sure, they are large
<hhee> nacc, got it. but how large,...
<nacc> hhee: i don't know
<OerHeks> 80 gb+
<OerHeks> https://wiki.ubuntu.com/Mirrors
<hhee> OerHeks, thx a lot
<OerHeks> wait ...
<OerHeks> Make sure you have enough disk space. The Ubuntu archive, as of 2016-04-21, uses about:
<OerHeks> 912GB of disk space for the Ubuntu package archive.
<OerHeks> 16GB for Ubuntu release CD images... and growing
<OerHeks> You might want to check #ubuntu-mirrors too
<hhee> OerHeks, for example i need local repo mirror with packages and sources for 14 LTS. (for personal usage)
<hhee> OerHeks, got it
<hhee> guys. i need it for isolated net, without direct access into the internet
<hhee> i mean i dont want to become internet mirror
<patdk-wk> define isolated net without direct access
<patdk-wk> that sounds like proxy server territory
<patdk-wk> unless you actually mean, a isolated disconnected network
<hhee> patdk-wk, nope. not proxy territory. place in very remote place, almost without internet or with very expensive one
<patdk-wk> ya, that would be really, disconnected
<Yuri4_>  
<Yuri4_>  Is crontab -e @reboot reliable. I got a very important command there. It won't break, right?
<dasjoe> Clearly depends on which cron daemon you're using
<Yuri4_> dasjoe, I don't know. I'm running Ubuntu 16.04 server
<Yuri4_> how do I check?
<dasjoe> Yuri4_: it should simply work, then
<Yuri4_> dasjoe, thank you!
<jayjo_> I'm having trouble to connecting to mongo on an ec2 ubuntu instance. the mongo command won't connect, but ive run sudo service mongod start and it says its starting. killall mongod says nothing found
<jayjo_> ps not showing it either
<coreycb> beisner, python-os-brick 0.5.0-0ubuntu3~cloud0 is ready to promote to liberty-updates when you have a moment
<coreycb> beisner, manila 1:1.0.0-0ubuntu2~cloud0 is also ready to promote to liberty-updates
<beisner> coreycb, ok python-os-brick promoted re: bug 1524989
<ubottu> bug 1524989 in python-os-brick (Ubuntu Wily) "[SRU] ScaleIO driver could attach wrong volume to the VM" [Medium,Fix released] https://launchpad.net/bugs/1524989
<beisner> coreycb, also manila promoted re: bug 1546116
<ubottu> bug 1546116 in Ubuntu Cloud Archive liberty "[SRU] manila share process init script is missing" [Undecided,Fix committed] https://launchpad.net/bugs/1546116
<coreycb> beisner, awesome thanks
<beisner> coreycb, yw :)
<EmilienM> coreycb, jamespage: results of Xenial/Newton: 2/3 jobs are green, and some failures here and here but nothing really critical
<EmilienM> coreycb, jamespage: wait, in fact ppa repo was down and jenkins used xenial repo
<EmilienM> testing again
<jayjo_> I have a problem with mongodb on ubuntu... I am getting an out of memory error when trying to upload about 12 gb of data to a database. I don't have a much memory, but I have a drive of about 40 GB. Can I add swap space? Is that the best way to do this?
<Yuri4_> Can someone help me to understand, why my cronotab -e @reboot script doesn't run?
<Yuri4_> sleep 30; mount -t cifs //secret.file.core.windows.net/cgi-bin /var/www/course/cgi-bin -o uid=33,gid=1000,vers=3.0,username=secret,password=PASSWORD,dir_mode=0755,file_mode=0644
<jjrabbit443> hello
<jjrabbit443> how come folder structure is so much more confusing on unix than windows?
<jjrabbit443> All your programs -> Program Files
<jjrabbit443> All system files -> Windows
<jjrabbit443> All user configurations -> Users
<jjrabbit443> all three of those are at the root of the drive and all are pretty much self explanatory
<jjrabbit443> what do i get on unix?
<jjrabbit443> bin, dev, etc, usr, var, lib and bunch of other 3 letter folders that tells you practically nothing
<OerHeks> jjrabbit443, good start https://help.ubuntu.com/community/LinuxFilesystemTreeOverview
<rattking> jjrabbit443: there are reasons for all of it. http://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html
<OerHeks> and rattking's url goes into depth about the folders and purpose
<soLucien> hi guys ! how do i overwrite the system apt sources with a single one
<soLucien> ?
<jjrabbit443> thanks guys
<jjrabbit443> i definitely need to read this
<jjrabbit443> but keeping things simple is an attractive quality
<jjrabbit443> no wonder windows is on every damn computer
<OerHeks> soLucien, please don't crosspost, see the apt-proxy answer in #ubuntu
<soLucien> http://pasteboard.co/1yYdZxjv.png
<soLucien> okay
<sudormrf> so...suppose I want something internal where DNS forwards requests for google.com to an internal server.  that internal server then redirects the request to facebook.com, setting up the DNS forward is the easy part
<sudormrf> how would I go about forwarding stuff from the apache server over to a different site
<JanC> there are by far more linux/unix computers than windows computers in the world
<Guest_84757> Allah is doing
<Guest_84757> sun is not doing Allah is doing
<Guest_84757> moon is not doing Allah is doing
<Guest_84757> stars are not doing Allah is doing
<Guest_84757> planets are not doing Allah is doing
<JanC> Guest_84757: please stay on-topic
<JanC> !ops
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!
<FManTropyx> praise Allah
<Guest_84757> galaxies are not doing Allah is doing
<Guest_84757> oceans are not doing Allah is doing
<FManTropyx> I haven't gotten around to updating yet
<Guest_84757> mountains are not doing Allah is doing
<FManTropyx> perhaps Allah will do it for me
<Guest_84757> trees are not doing Allah is doing
<genii> If he returns and persists, I'll make it a +b
<teward> genii: thanks
<jjrabbit443> drugs are helluva drug
<JanC> been several people who have been spamming "islamic" stuff in various channels on Freenode recently
<dirty> E: Package 'vncserver' has no installation candidate
<dirty> any idea what's going on guys?
<jjrabbit443> JanC: so they're bots?
<JanC> jjrabbit443: no
<JanC> at least, in one case they responded to someone
<genii> dirty: Try vnc4server
<soLucien> it is a bot
<dirty> genii: strnger, second host I've done this on
<dirty> err strange*
<dirty> it worked on a second one
<jjrabbit443> what do you guys think the population of unix admins is to windows admins
<jjrabbit443> 1:60 unix vs windows?
<genii> !info vncserver trusty
<ubottu> Package vncserver does not exist in trusty
<genii> !info vnc4server trusty
<ubottu> vnc4server (source: vnc4): Virtual network computing server software. In component universe, is optional. Version 4.1.1+xorg4.3.0-37ubuntu5.0.2 (trusty), package size 1475 kB, installed size 5201 kB
<dirty> genii: maybe I was too sleepy and spelled it correctly, I do appreciate it :D
<dirty> genii: that did work
<genii> dirty: Glad to assist
<JanC> âState: not a real package (virtual)â
<jjrabbit443> if unix admins are in such high demand it's because there are hardly any right?
<count-zero> I keep seeing "[FAILED] Failed to start LXD - container startup/shutdown." when booting a fresh installation of Ubuntu Server 16.04. Running "systemctl status lxd-containers.service" yields the following info "error: open /var/lib/lxd/containers: no such file or directory". I haven't created any LXD containers, so is this error just a result of some sloppy logic in the LXD service during boot? Is this the expected behaviour?
<blizzow> count-zero: it's because some idiots thought it would be a good idea to install the lxc/lxd virtualization platform by default in the server installation. Hell, even openssh server is not installed by default.
<blizzow> Oh, and there are other (possibly more commonly used) virtualization platforms.
<nacc> blizzow: stop being rude.
<rbasak> count-zero: please report a bug.
<blizzow> nacc: you certainly don't like the fact that I'm calling out LXC/LXD as bad decision, do you?
<nacc> blizzow: calling anyone an 'idiot' because you disagree with them, is what i disagree with
<blizzow> nacc: at what point exactly is it that you're allowed to call bad policy makers idiots? I want to make sure I speak in a manner you approve.
<teward> in this channel, you shouldn't
<teward> !rules
<ubottu> The guidelines for using the Ubuntu channels can be found here: http://wiki.ubuntu.com/IRC/Guidelines
<teward> for the most part, name calling is against those guidelines
<nacc> blizzow: I think you could review the responses in https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1563026
<ubottu> Launchpad bug 1563026 in ubuntu-meta (Ubuntu) "LXC/LXD installed by default on Ubuntu server" [Wishlist,Opinion]
<count-zero> rbasak: Will do.
<blizzow> teward and nacc, let me rephrase - I disagree wholeheartedly with the geniuses that seeded lxc/lxd into the default server installation. They are mensa level mofos with the looks of supermodels and know practicality better than all others. I should prostrate myself in front of them because I am a lowly user with no value and should have known it was coming because LXC/LXD was in the 15.10 installer.
<OerHeks> "LXD does not start the bridge (so no dnsmasq or iptables) until you start interacting with lxd. "  no security risc i guess, only wasted diskspace
<teward> ^
<teward> blizzow: also, calling someone a 'mofo' is already against the guidelines and rules for respectfulness, please cease with the profanity.
#ubuntu-server 2016-06-10
<OerHeks> î¿
<bopnet> Boa noite!
<bopnet> hi!
<runelind_q> I added two more network interfaces to my Ubuntu VM, how do I find out what they are named?
<runelind_q> this is 16.04
<runelind_q> obvs not eth1 and eth2
<runelind_q> first adapter is ens160
<runelind_q> never mind, I found it via ip link.
<runelind_q> why can't the names make sense? :(
<RoyK> runelind_q: the nic naming was changed
<runelind_q> indeed.
<RoyK> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/ch-Consistent_Network_Device_Naming.html says aomething about it
<RoyK> no, it's not ubuntu, but the thing is in kernel
<nacc> RoyK: udev, not kernel (iiuc): https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<satriyaningjagat> @nacc @RoyK good link .. it answer my old question :)
<runelind_q> so for Landscape Dedicated Server you can register 10 computers or VMs or Containers?
<runelind_q> I just tried to register a container and it showed up as a computer.
<runelind_q> I got LDS 16.03 installed
<House> does this channel have a searchable log anywhere?
<hateball> House: http://irclogs.ubuntu.com/
<House> thanks
<lasus> hey, i'm doing 14.04 to 16.04 upgrade and i'm stuck on 'setting up cmanager (0.39-2ubuntu5) ...' for like 30min. should I 'ctrl+c' and try 'do-release-upgrade -d' again or what?
<jelly> lasus: you could pstree the do-release-upgrade process, figure out what's hanging, and gnetly nudge it
<lasus> jelly: yeah, 'sudo service cgmanager restart' fixed it. thanks.
<bdrung_work> magicalChicken, rbasak and I were talking about lp #869017 on #ubuntu-devel. I solve that issue with this preseed configuration: d-i debian-installer/add-kernel-opts string consoleblank=0 net.ifnames=0
<ubottu> Launchpad bug 869017 in kbd (Ubuntu) "Ubuntu server enables screenblanking, concealing crashdumps (DPMS is not used)" [Medium,Triaged] https://launchpad.net/bugs/869017
<jamespage> ddellav, coreycb: swift 2.8.0 uploaded to yakkety
<jamespage> closed out a couple of bugs at the same time
<jamespage> ddellav, coreycb and I see fresh oslo.* as of yesterday...
<jamespage> nice
<caribou> Is there a way to have squid-deb-proxy not block URL provided by  http://httpredir.debian.org which are not in .debian.org ?
<rbasak> caribou: I hit that pain. I ended up flipping everything to use a fixed mirror. Alternatively you could loosen squid-deb-proxy's ACL.
<caribou> rbasak: yeah,I think I'll use the fixed mirror
<hxm> hello, can i use dd for create an image of the current disk in use?
<lordievader> You could... but writes to the disk make this tricky. If it can be set to read-only it would make it alot easier.
<BrianBlaze> when I log into my ubuntu server 16.04 it says restart required... is it updating on its own?
<hateball> BrianBlaze: you may have enabled automatic security updates when you installed
<BrianBlaze> I don't remember the option but it's always possible
<BrianBlaze> thanks
<Odd_Bloke> Automatic security updates are enabled by default in 16.04, I believe.
<teward> Odd_Bloke: you get to choose still at the installer screen
<teward> but yes security updates should be installed by default for prebuilt images I believe...
<Odd_Bloke> teward: Only if you use an installer. ;)
 * teward points at his second message which may have gotten briefly caught in the buffer
<Odd_Bloke> Well, I wasn't just going to not hit Return after all that typing. :p
<teward> :P
<BrianBlaze> Well i found file I need to comment out so thanks guys :)
<Odd_Bloke> BrianBlaze: Why don't you want automatic security upgrades? :P
<BrianBlaze> I don't mind updates but I want to be in control lol
<teward> BrianBlaze: be advised you'll have security holes then unless you regularly check the server
<teward> I have automatic security updates (but not reboots) on all my servers pushed nightly (via Landscape) without reboots, but that's mostl;y because they're all web facing
<BrianBlaze> I do of course and I mean if I have to restart to make fill in the holes it's not actually happening anyways
<teward> and the ones that aren't that get updates are in my DMZ
<teward> BrianBlaze: you don't have to reboot for most
<teward> usually only the kernel upgrades
<BrianBlaze> well this is the second time this week it asks me to
<teward> BrianBlaze: and?
<teward> BrianBlaze: consider this: I have a monthly maintenance period where I reboot my servers
<BrianBlaze> that's twice in one week I am restarting a server
<BrianBlaze> once a month I can live with
<teward> Granted, I review the security updates and determine whether I need to critical-reboot
<teward> in 99% of all cases
<teward> i don't reboot servers
<teward> because the issues fixed in the kernel are ones i'm not worried about (though they exist)
<BrianBlaze> well it's asking to reboot to finish the update
<teward> BrianBlaze: no, it's saying that "To finish kernel reboots please restart so you can boot into that kernel" most likely
<teward> that's not the same as "Go reboot now" like Windows does
<teward> you are **not required to restart your server after each update run**
<BrianBlaze> for sure
<teward> it's recommended, but not required
<teward> so, use auto updates, but don't reboot unless you think it's necessary
<BrianBlaze> but I figured if you don't restart then the update you just did isn't completed
<teward> i think you need to start reading the USNs
<teward> and understanding *what* these updates are
<sdeziel> BrianBlaze: some updates apply "live" while other require the service to be manually restarted
<teward> and *what* they entail
<teward> sdeziel: isn't that 'most' updates?
<BrianBlaze> when the server is asking me to reboot
<teward> BrianBlaze: and by 'service' they mean software
<teward> NOT the server reboot
<BrianBlaze> doesn't that assume i need to?
<teward> BrianBlaze: again, read the USNs.  Server reboots are for specific cases
<sdeziel> teward: updates to libs generally don't trigger service restarts of all the services/binaries using them
<teward> either kernel updates which *can't* be implemented without booting to the kernel
<BrianBlaze> well that;s the message I have been getting
<BrianBlaze> reboot server
<teward> or C library issues that force it
<BrianBlaze> twice in a week
<teward> BrianBlaze: I have 25 servers
<teward> all of them require a reboot to apply kernel updates
<BrianBlaze> which is where the security updates will be right?
<teward> hate my IRC client
<teward> BrianBlaze: ONLY for the kernel
<teward> let me finish
<BrianBlaze> i hear you
<teward> I reveiwed the USNs for the kernel updates
<teward> and evaluated the risk to my servers
<teward> I evaluated them as 'low'
<teward> and then pushed the 'reboot' to the monthly reboot issued by Landscape to my servers
<BrianBlaze> okay I understand
<BrianBlaze> USNs are my friend
<BrianBlaze> :)
<teward> so, in an ideal world, you would reboot daily to get all the updates.
<teward> in the PRACTICAL world... you analyze the updates yourself
<teward> determine the need to reboot
<teward> and if the need doesn't exist, ignore the message
<teward> it's just there as informational
<BrianBlaze> gotcha
<jrwren> teward: purchase landscape support and many security updates are dynamically applied to the kernel using canonical-liveupdate ;]
<BrianBlaze> get out of windows mentality
<BrianBlaze> lol
<teward> jrwren: :P
<teward> jrwren: yeah, well, Landscape's expensive, and these servers're mine ;)
<jrwren> teward: indeed.  25 is a lot for one person. Why so many?
<teward> jrwren: service separation, VPSes, etc.
<teward> also
<teward> test servers
<jrwren> teward: life is about choices :p
<teward> nginx update testing, etc.
<teward> :)
<teward> of that 25, i only really care about 8, the others are run for clients ;)
<jrwren> teward: lxc/lxd for all that, then they cna share a kernel, and share downtime when you need to reboot the one kernel
<teward> jrwren: 14.04 old, been around longer than lxc/lxd
<jrwren> oh.. clients, well clients pay you. factor in cost of landscape when billing clients
<teward> jrwren: also, E:NoStaticIP
<teward> can't run all that from one or two hypervisors/boxes
<teward> and some clients want 'dedicated IP space' which requires VPSes or dedis offsite
<jrwren> teward: ah, yes, I understand the legacy.
<BrianBlaze> thanks for making it clear teward much appreciated
<runelind_q> I thought the 4.x series kernel didn't require reboot after upgrading?
<teward> runelind_q: I don't think it does, but that's 16.04 world I believe?
<runelind_q> yeah, I have 16.04 and just updated to the newest kernel and it prompted me for reboot.
 * teward shrugs
<teward> I think live patching can be done but reboots still work a tad better for some cases
<teward> that's a Kernel Team / Security Team thing
<teward> :)
<runelind_q> And Landscape standalone identifies containers as full computers by design?
<jrwren> does anyone know of a good nginx update source for 14.04? is 16.04's nginx in trusty backports? Maybe I could rebuild that deb myself?
<andol> jrwren: https://launchpad.net/~nginx/+archive/ubuntu/stable is maintained by the same guy who does most of the work on the nginx packages on the official repos.
<iliv> exit
<iliv> oops
<jrwren> andol: thank you! that is exactly for what I was looking
<jamespage> coreycb, ddellav: newton branch and proposed deployable with charms now btw; however
<jamespage> nova-compute is borking on loading auth information for neutron access...
<jamespage> looking at that now
<coreycb> jamespage, awesome (almost) :)
<Sairon> We're having troubles every now and then with our wehbosts SMTP server getting blacklisted, probably because it's shared. We do have an ubuntu server box at the office, and what I'd like to do is setup an SMTP server in order to avoid the problem. It would seem postfix is the way to go, but is this possible without moving the domain over to the ubuntu box? If it's possible, I'd love to
<Sairon> get some pointers on what to look into
<teward> Sairon: i assume you mean SMTP for a web site/service
<teward> ?
<Sairon> I want to use it for all our outgoing emails, hopefully being able to set it up in gmail which all of us use
<ivoks> your problem is sending mail
<ivoks> you don't need to move domain for that
<ivoks> just set up your own postfix on your server
<ivoks> and make sure that server is added to SPF as designated SMTP IP
<ivoks> +, if you use, make sure it's DKIM key is also valid
<teward> but you have to give any external servers access to the SMTP and such
<teward> as well
<ivoks> correct
<teward> so if you have any off-site services using SMTP (like at your web host) you have to configure them to reach into your office ubuntu server where SMTP is located to send from
<ivoks> he shouldn't use office' server
<ivoks> it should be a proper server, within a DC
<ivoks> :)
<Sairon> Thanks, have something to start with at least :)
<ivoks> you can run an instance in amazon or something
<ddellav> coreycb there's a requirement update for aodh mitaka point release, should I maintain it? I thought version changes for SRU's were prohibited?
<coreycb> ddellav, what's the update?
<ddellav> coreycb tooz 0.16.0 -> 1.28.0
<coreycb> ddellav, yikes
<ddellav> coreycb yea... lol
<cucumber> Hello
<cucumber>  I just switched from CentOS to Ubuntu server and realized it was installing updates automatically even though I chose "no" during the setup. It seems that unattended-upgrades is on by default.... why is this the case?
<Walex> cucumber: "unattended-upgrades" is by default just security upgrades. Avoids leaving vulnerable machines on the net
<cucumber> Walex: I understand that. But it feels a bit Windows like
<jamespage> ddellav, aodh is not on the same type of cadence as other projects
<jamespage> but that is odd
<jamespage> that said we're all good on versions anyway so I'd not worry to much
<ddellav> jamespage ok, im going to skip it for now
<coreycb> ddellav, jamespage, that update is actually fine, since it is inline with g-r: https://github.com/openstack/requirements/blob/stable/mitaka/global-requirements.txt
<coreycb> ddellav, btw the cinder ci failure I think that's just a patch not applying cleanly.
<ddellav> coreycb ok, i will check it out
<coreycb> ddellav, see "Hunk #x FAILED"
<yebyen> does anyone know about the OVA images like ubuntu-16.04-server-cloudimg-amd64.ova ?
<yebyen> i downloaded one to use in a vsphere template, but i am having trouble importing it
<yebyen> and i'm having a look at the manifest and it looks wrong in a couple of ways, but i wasn't able to find any launchpad bugs filed about it
<yebyen> the import fails i'm assuming because the manifest has an invalid sha in it
<yebyen> (about to confirm that)
<yebyen> actually looks like the SHA256 sums are correct
<yebyen> maybe there is a syntax error in the manifest?
<yebyen> if anyone uses these OVAs and has run into similar issues i'd love to pick your brain for a minute
<yebyen> i guess that ESXi/vSphere does not support SHA256 hashes in the OVA manifest
<yebyen> i rebuilt the manifest as SHA1 hashes and tarred it back up, works fine now
<yebyen> well that's cool
<yebyen> does anyone use vagrant-vsphere?
<ddellav> coreycb getting this error when building keystone after point releaase: http://paste.ubuntu.com/17178697/ I checked and cryptography 1.2 is whats currently available in xenial so not sure why it's breaking on that dependency.
<ddellav> also coreycb cinder ci failure fixed: lp:~ddellav/ubuntu/+source/cinder
<ddellav> coreycb for the mitaka SRU, lp:~ddellav/ubuntu/+source/neutron, lp:~ddellav/ubuntu/+source/neutron-vpnaas, lp:~ddellav/ubuntu/+source/aodh ready for review, once i figure out that keystone build failure that will be ready as well
<ddellav> coreycb no changes to neutron-lbaas and neutron-fwaas so i skipped those in the SRU
<coreycb> ddellav, I think we hit that python-cryptography != issue recently
<coreycb> I think dh_python had a fix
<coreycb> ddellav, jamespage fixed that in bug 1581065
<ubottu> bug 1581065 in dh-python (Ubuntu Yakkety) "incorrect parsing of != dependency versions" [High,Fix released] https://launchpad.net/bugs/1581065
<ddellav> coreycb ok, cool, thanks
<coreycb> ddellav, but this is on xenial?
<coreycb> ddellav, it should be fixed on xenial
<ddellav> coreycb yea, building in xenial
<coreycb> ddellav, has the chroot been updated recently?
<ddellav> coreycb actually yes i updated it this morning
<coreycb> ddellav, hmm, darn
<coreycb> ddellav, ok let me see if I can recreate
<ddellav> ok, i will push up my branch
<coreycb> thx
<ddellav> coreycb lp:~ddellav/ubuntu/+source/keystone
<ddellav> coreycb ugh, xstatic build error with horizon, this looks very familiar though I dont have any notes on how to fix it: http://paste.ubuntu.com/17179390/ http://paste.ubuntu.com/17179390/
<ddellav> coreycb oops, meant to paste this instead of the pastebin again lp:~ddellav/ubuntu/+source/horizon
<coreycb> ddellav, I think there's a patch that updates the python path, that may need updates
<ddellav> coreycb ok, i ran all the patches and they applied without fuzz or offsets
<coreycb> ddellav, ok you might have to look at the code
<ddellav> coreycb say whaaaaaaat? how cruel and unusual lol
<jzulauf_> created and AMI from the 16.04 image, but cannot login to it.
<jzulauf_> I used the standard 16.04 LTS hvm image and added some packages.
<ikonia> does the standard image work / let you login in
<jzulauf_> After creating an AMI from the running image, I launch it, but cannot log in.  Am I missing a step?
<ikonia> have you allocated a key to it ?
<ikonia> do you have the private key
<ikonia> whats the error when you login
<jzulauf_> I allocated a key to the original
<jzulauf_> enabled sshd passwd login
<jzulauf_> have attempted launch with and without key pair generation, but the passwd is always rejected
<jzulauf_> I can boot the orginal AMI and login with passwd.
<ikonia> so then you've altered the base image more than you thought
<ikonia> go back to the original AMI and start again
<ikonia> maybe make modular changes
<jzulauf_> ?
<coreycb> ddellav, cinder is pushed
<ikonia> go back to the orignial image - confirm it works, then make one or two changes, build the ami, test it, it works continue to make more changes it fails, back up
<jzulauf_> so... go to the original image.  create an AMI with no changes and see if I can launch it?
<jzulauf_> should what I'm doing work, or do I need to somehow reenable the ssh inject of the new key pair when launching the created AMI?
<coreycb> ddellav, do the rest build ok (minus keystone)?
<ddellav> coreycb yes
<ddellav> coreycb also horizon is broken, but im looking into that
<jrwren> cloud-init handles the installing of the ssh-key from metadata.
<jrwren> jzulauf_: how much changes are you making to the AMI? it may be easier to use cloud-config from cloud-init to make the changes on machine instance start rather than rebuild an AMI.
<jzulauf_> I'm enabling passwd ssh, installing a handfull of packages
<jzulauf_> (cpp development + tmate)
<jzulauf_> and adding a default passwd.
<ikonia> jzulauf_: there is no need for any additional step
<jzulauf_> okay.
<jzulauf_> looking at cloud-config
<jrwren> jzulauf_: for those little things, cloud-config sounds perfect. I'd not bother with AMI building
<ikonia> I would bother
<coreycb> ddellav, your stable/mitaka branch of keystone seeems to be building ok for me against xenial.  it's running tests now.
<ikonia> as each time you launch it it will have to run
<jzulauf_> is there a good quickstart for cloud-config?
<ddellav> coreycb mine failed after the tests ran
<ddellav> coreycb it ran for a solid 30 minutes before it failed heh
<ikonia> I'd only use a config tool to change variable data, eg: dns name depending on what region its in
<ikonia> if you have a persistent need for those packages, build it into the ami
<coreycb> ddellav, ah.  I'll stay tuned then.
<coreycb> ddellav, neutron uploaded
<coreycb> ddellav, aodh uploaded
<ddellav> coreycb excellent, thanks
<hhee> guys, what most known company are using ubuntu-server?
<hhee> companies
<hhee> just interesting
<genii> hhee: http://www.ubuntu.com/server bottom right of page, "Read our success stories"
<hhee> genii, thx a lot
<genii> More like mid-page,actually ...
<genii> hhee: Also others to be found at http://insights.ubuntu.com/group/cloud-and-server?cat=1172
<hhee> genii, got it
<coreycb> ddellav, neutron-vpnaas uploaded, I switched that over to ostestr to
<jzulauf_> the issue appears to be adding a password (that is timed out) to the default ubuntu user.
<jzulauf_> so I've added another user with a default timed-out passwd.
<jzulauf_> that appears to work.
<coreycb> ddellav, I'm hitting that keystone python-cryptography dh-python != issue too.. another option is to patch requirements.txt
<ddellav> coreycb if jamespage fixed it, how can we get that fix to apply to this?
<coreycb> ddellav, I think it's just manifesting itself differently
<adac> if I want to start gparted on my server via ssh -X I get: (gpartedbin:4272): Gtk-WARNING **: cannot open display:  any ideas how to resolve this?
<dasjoe> Why would you want to start a GUI application on a server without a display?
<teward> dasjoe: -X enables x-forwarding :p
<teward> which means it should show on their system's side but run from the remote guest
<teward> but good question
<dasjoe> teward: oh right, I didn't read the -X part :)
<teward> adac: ignore those warnings
<teward> because I get them launching gparted from the terminal locally on any computer as well
<adac> teward, I did not do ssh -X but only normal ssh
<adac> that was the problem
<teward> um
<teward> adac: you said `ssh -X`:  [2016-06-10 16:42:26] <adac> if I want to start gparted on my server via ssh -X I get: (gpartedbin:4272): Gtk-WARNING **: cannot open display:  any ideas how to resolve this?
<teward> adac: if you run without -X that's the problem - it can't access a display, nor the 'virtual' connection that's being presented via SSH
<teward> (because there isn't one)
<teward> when you use -X it 'masquerades' your system as the display (I don't know the proper word) and throws the graphical parts to your system
<adac> teward, yes taht was the problem. I thought I'd set X but I didnt
<teward> ah OK
<teward> adac: cool :)
<teward> glad you fixifed it :)
<adac> yeah :D
<adac> all works!
#ubuntu-server 2016-06-11
<Xin> stupid question but whats the correct listen line for apache to allow connections from anywhere on the local network?
<Xin> my subnet is 10.0.0.0
<Xin> listen <subnet>:80 ?
<ducasse> Xin: i haven't used apache in years, but i assume it would be 0.0.0.0:80 to listen on port 80 on all interfaces, or ip-address:80 to listen on a single interface.
<Xin> well if its listening on the local ip interface it will be net accessible unless I firewall it at the router
<ducasse> Xin: i don't think the 'listen' line restricts which addresses it accepts connections from, but i could very well be wrong. even if it did i would still block it, though.
<Xin> hmmm
<Xin> yeah probably right
<ducasse> Xin: that's how 'listen' usually works for other services, i'm just assuming apache is the same.
<ducasse> Xin: look here - https://httpd.apache.org/docs/2.4/howto/access.html
<TheSinding> Hey guys.. I was told, to add drives to the exisiting encrypted lvm setup i have. I had to encrypt the drives i want to add and then add the to the lvm ?
<devster31> hi, I can't find this, if cloud-init failed the first boot ddoes it get executed at the second boot? and if so, can I prevent that?
<alanclark5> hi channel
<BlueProtoman> I'm trying to run a local instance of MySQL and PHPMyAdmin on Ubuntu 16.04, but when I go to `localhost/phpmyadmin` I get an HTTP 500.  Plain old `localhost` is the default apache2 page for Ubuntu, as expected.  Any tips?
<bmullan> Question - installed conjure-up, then executed:  conjure-up openstack,  the Choose a Cloud screen comes up with no choices to choose from?   Checked github "issues" & didn't see anything?
<bmullan> I'm using ubuntu 16.04 and latest LXD v2.0.2
<stokachu> bmullan: which version of conjure-up
<bmullan> stokachu:  the conjure-up is version 2.0.0
<stokachu> the config in /etc/conjure.conf should have blessed: False
<stokachu> bmullan: make sure that's still set
<stokachu> conjure-up.conf
<bmullan> stokachu: the /etc/conjure-up.conf  blessed is set to False
#ubuntu-server 2016-06-12
<bmullan> stokachu: sorry I was away and closed my session... did you have any ideas for conjure-up openstack after I verified that  conjure-up.conf  blessed was set to False ?
<NoHoFoo> Failed to start Raise network interface  on new ubuntu server
<NoHoFoo> trying to set up ubuntu VM on win10 host
<teward> NoHoFoo: that depends on teh VM network configuration then
<teward> are you using a NAT or Bridged type of connection?
<NoHoFoo> yesh I followed as tutorial
<teward> that... means nothing to me, because tutorials are likely not what i was asking about
<NoHoFoo> but ubuntu says the interface no existy
<NoHoFoo> iconfig -a    show other ones but not eth1 the one i added to interface file
<NoHoFoo> ho do i make a new interface eth1 exist and live
<NoHoFoo> i set it to auto eth1
<NoHoFoo> and all the rest
<NoHoFoo> did a reboot
<NoHoFoo> how can i bring it to life
<NoHoFoo> iface eth1 inet static
<NoHoFoo> then address and mask
<NoHoFoo> but iconfig says it's not thre
<OerHeks> what are the names of your eth devices? as of Wily Werewolf, starting with systemd/udev will automatically assign predictable, stable network interface names for all local Ethernet, Wlan and Wwan interfaces.
<NoHoFoo> eth1 is the one i try to create
<OerHeks> so eth1 might be obsolete now.
<NoHoFoo> ifconfig -a shows enp0s3 and enp0sB and lo     only
<OerHeks> right, those are your 2 fysical internet interface names
<NoHoFoo> ifconfig -a shows enp0s3 and enp0s8 and lo     only
<NoHoFoo> it's a 8 not a B
<OerHeks> change eth1 to the 2nd one, enp0s8 and restart networking
<OerHeks> ( my best guess)
<NoHoFoo> i set up a hot-only adpater in VM Box
<NoHoFoo> i set up a host-only adpater in VM Box
<NoHoFoo> and matched all the addresses
<NoHoFoo> i replaced eth1 with eht0   but that couldn't come to life either
<NoHoFoo> vbox on win 10
<NoHoFoo> on reboot i saw an error: 'failed to start raise network interface'
<NoHoFoo> I don't know what a 'raise' net interface is,,,but I know it looks bad
<NoHoFoo> 'change eth1 to the 2nd one'   ?? tutorial said put eth1 at the end of the file so ur saying put it after enpos3 ?
<NoHoFoo> in second place??
<NoHoFoo> change order to  enpOs3    eth1   enpOs8   lo    ??????
<NoHoFoo> that wut u mean?
<OerHeks> replace eth1 with enp0s8
<OerHeks> if that does not work, try enp0s3
<NoHoFoo> ahh ok i try that
<NoHoFoo> change name of eth1 to enp0s8 ??
<NoHoFoo> wow that worked
<NoHoFoo> i don't knownhow or why but thanks anyway
<NoHoFoo> i sshed into my ubuntu server from BS win10
<stokachu> bmullan: should be fixed, there is something weird going on with the charmstore
<stokachu> and no one is online to ask about it
<bmullan> stokachu: thanks...  I'll try again in a day or two.
<ShekharReddy>  'local' => array('your-development-machine', ...)  i should fill in this but unable to figure out what exactly is 'development-machine'
<ShekharReddy> can someone provide as how can i find it out
<SpikeSpiegel> hey. how can one remotely install a ubuntu-server system in such a way that when it boots it will allow a ssh server?
<JanC> that would depend on where you want to install and what infrastructure is available there
<marlinc> zul, you around? I have a question about the nova-compute-lxd package
<zul> marlinc: currently its being moved to https://github.com/openstack/nova-lxd
<zul> marlinc: if you want to contribute to it follow the regular openstack contribution process
<shodan45> I'm trying to install (heck, just boot) from the 16.04 server iso inside KVM (host is 12.04 server) but no matter what I do I get a kernel panic
<shodan45> how do I start troubleshooting this?
#ubuntu-server 2017-06-05
<Latrina> so disklabel will bring a profit but sendboxed environment will not
<Latrina> makes sense
<pynki> hi guys, i have a postfix running that cannot send mails to outlook.com email adresses. i migrated the server from debian jessie where the same config it worked well. it sends mails to gmail without problems. any ideas/suggestions?
<fishcooker> what's the smtp error code pynki... it would be better stay tune to the postfix channel
<pynki> [....] , relay=mx2.hotmail.com[104.44.194.237]:25, delay=2, delays=0.98/0.02/0.43/0.58, dsn=2.0.0, status=sent (250  <4ad682e6-cc80-a2f8-aeb0-d47b76b45619@someaddress.com> Queued mail for delivery)
<pynki> it shows me a 250 in the mail.log. its strange
<SupaYoshi> Hi, I tried upgrading from Ubuntu 12.04 LTS to 16.04, to 14.04 worked fine, but now I'm stuck with a broken apt-get / dpkg
<SupaYoshi> http://paste.ubuntu.com/24781720/
<Ben64> upgrade didn't complete
<SupaYoshi> mhm
<SupaYoshi> so what shall i do?
<Ben64> i'd reinstall
<SupaYoshi> kay x
<SupaYoshi> i;ve got a lot of custom configs and so :P i'd rather upgrade
<SupaYoshi> i made a backup before going to 14.04
<SupaYoshi> might restore the backup and tehn upgrade to 14.04 again
<SupaYoshi> and then remove php5
<Ben64> well you can try to go through your sources and all the packages that aren't correct
<SupaYoshi> cus that seems to be the cuprit?
<SupaYoshi> libapache2-mod-php5 is the package going wrong
<Ben64> why would it be php
<SupaYoshi> when i do upgraed, it tries to process that package, and that errors out.
<SupaYoshi> also when autoremove or any
<Ben64> whats in your sources
<SupaYoshi> em a lot
<Ben64> well that's helpful
<SupaYoshi> lol its hard to copy the entire content to pastebin
<SupaYoshi> Im just going to restore my backup to 12.04 upgrade to 14.04
<SupaYoshi> backup again and remove php5 and then install 16.04
<fallentree> SupaYoshi: sounds like it'd be easier to just back up data, and install 16.04.02 fresh new
<ogra_> how exactly did you upgrade ... the switch from upstart (14.04) to systemd (16.04) is pretty complex and can only properly be handled by update-manager (there are package removals of essential bits that need to be handled etc)
<SupaYoshi> hi ogra_, i first dist dist-upgrade to 14.04 lts from 12.04.3 lts
<SupaYoshi> that went fine
<ogra_> you mean you didnt use update-manager ?
<SupaYoshi> after that completed, i ran dist-upgrade again from 14.04 to 16.04 without any apt-get upgrades in between
<SupaYoshi> that proballuy casued it.
<SupaYoshi> I never use a gui, or update-manager, I just use apt-get upgrade.
<ogra_> well, if you dont use update-manager you will end up having to do the exact same steps it does to remove packages from the essntial set.... in the end you will have ot do exactly the same just by hand, so i'd just go with it
<SupaYoshi> ?
<SupaYoshi> so what do you suggest me doing ogra_
<ogra_> switching out the init system underneath a runnig system is pretty non-trivial and cant easily just be handled by package dependencies ... there are manual steps involved
<ogra_> SupaYoshi, to always use update-manager when upgrading release to release ...
<ogra_> like all server docs suggest ;)
<ogra_> (note that this also the only upgrade path that gets extensive testing by the QA team)
<SupaYoshi> sudo do-release-upgrade = not using the upgrade manager?
<SupaYoshi> sudo apt-get upgrade = not using the upgrade manager?
<ogra_> https://help.ubuntu.com/lts/serverguide/installing-upgrading.html
<SupaYoshi> yeah thats what i done./
<ogra_> using do-release-upgrade ? not plain apt ?
<SupaYoshi> nope do-release-upgrade yes
<SupaYoshi> from 12.04 to 14.04 worked fine
<SupaYoshi> then i went to 16.04
<SupaYoshi> and then that dpkg error came up
<ogra_> weird ... you said above you had issues with php5 ... but update-manager should have removead all traces of php5 ...
<SupaYoshi> YEah and I think it did except for that one instance of apache php5.
<ogra_> (there is no php5 in 16.04 anymore)
<ogra_> that sounds surely like an update-manager bug then
<SupaYoshi> how do i do , do-release-upgrade without all the silly changelogs and so?
<ogra_> changelogs ?
<SupaYoshi> because it took ages reading the changelogs yesterday,
<SupaYoshi> chanlogs
<SupaYoshi> during the upgrade, it was like... reading changelogs 1%... 4%  took ages?
 * ogra_ never had changelogs when upgrading with do-release-upgrade
<ogra_> you mean it shows them ?
<SupaYoshi> well no, but i just dont see the point in it "reading changlogs" if it just has to upgrade
<ogra_> are you sure it said "changelogs" ?
<SupaYoshi> ill let you know upgrading to 14.04 now
<SupaYoshi> this server has been running 12.04 lts since august 2013, no issues
<SupaYoshi> so i never wanted to upgrade the release incase of problems
<SupaYoshi> but since i've made a backup now i'm feeling safe and its the end of support so yeah
<ogra_> (there is indeed no need to read any changelog entries, it processes *changes* and needs to handle removals, dropping (and rolling back) PPAs and such but doing any processing of changelogs shouldnt happen)
<ogra_> in any case, if you use do-release-upgrade and run into a broken system afterwards, please file a bug at https://bugs.launchpad.net/ubuntu/+source/update-manager/+filebug
<ogra_> (and always make sure to have the latest update-manager-coore installed before running it ... from ${release}-updates)
<SupaYoshi> okay cool
<SupaYoshi> so ogra, when im on 14.04
<SupaYoshi> do i first do, apt-get upgrade
<SupaYoshi> and then do-release-upgrade
<SupaYoshi> or can i go straight to the do-release-upgrade?
<ogra_> no ... you do: apt-get update && apt-get dist-upgrade && do-release-upgrade
<SupaYoshi> http://paste.ubuntu.com/24782098/
<SupaYoshi> oki
<ogra_> funny, i wonder why it does that
<SupaYoshi> http://paste.ubuntu.com/24782108/ on and on,...
<SupaYoshi> takes a long time.
<ogra_> that sounds like another bug to me
<SupaYoshi> heh what to do with et
<SupaYoshi> http://paste.ubuntu.com/24782320/
<fallentree> SupaYoshi: upgrading from 12.04? Need to follow this:  https://help.ubuntu.com/community/EOLUpgrades
<SupaYoshi> okay upgrade completed, em
<SupaYoshi> I'm trying to remove libapache2-mod-php5
<SupaYoshi> on ubuntu 14.04 but that gives me an error already
<SupaYoshi> http://paste.ubuntu.com/24782609/
<SupaYoshi> no-one an ieda?
<SupaYoshi> ondrej-php5-oldstable-precise.list i need to remove this i think
<robodep> hi all
<SupaYoshi> im having a really hard time removing libapache2-mod-php5
<SupaYoshi> https://www.howtoinstall.co/en/ubuntu/trusty/libapache2-mod-php5?action=remove
<SupaYoshi> this wont work
<teward> SupaYoshi: uhm, I presume you restarted Apache after removing it?
<teward> "this won't work" is vague too, what do you mean it didn't work.
<robodep> I've been trying to partition multiple disks via kickstart and nothing seems to work. Does anyone have any pointers?
<robodep> everything I've found refers to the preseed/late_command to create partitions, mkfs and append an entry to fstab, but none of that has worked so far.
<mason> Ugh. I very much dislike that shutdown now links to systemctl, allowing admin users to shut down or reboot without a passphrase.
<mason> I liked having the extra step.
<mdeslaur> cpaelzer: hi! are you able to test pacemaker packages?
<relativemedia> hey all im trying to get xenial to bind to my windows 2016 ad farm... i can pull users via getent passwd but i get a system error when trying to ssh into a box with my ad user
<relativemedia>  pam_sss(sshd:account): Access denied for user mike: 4 (System error)
<RoyK> when would one use pacemaker over keepalived and vice versa?
<relativemedia> this is the guide im following: https://help.ubuntu.com/community/ActiveDirectoryHowto
<sarnold> relativemedia: what's error 4?
<relativemedia> no idea lol
<sarnold> relativemedia: do the ad logs include something more details?
<relativemedia> wrong guide, this is the guide
<relativemedia> https://help.ubuntu.com/lts/serverguide/sssd-ad.html
<relativemedia> net ads user shows users too and klist shows a ticket
<relativemedia> ad log are no go
<cpaelzer> mdeslaur: no I havne't done that I think
<cpaelzer> some basics when I did a fix, but nothing decent enough to say " I can test"
<mdeslaur> cpaelzer: ok, trying to find a way to test the security updates I have ready
<mdeslaur> cpaelzer: thanks
<cpaelzer> mdeslaur: maybe the openstack Team can help to excecise that
<mdeslaur> is it actually used in openstack?
<mdeslaur> oh, it is
<SupaYoshi> hey, i am unable to remove php5 from my ubuntu 14.04 system
<SupaYoshi> Hi I've got a PhP application that needs to run on 5.4 which is only used internally on the LAN.
<SupaYoshi> And I cannot install php fpm 5.4 on xenial.
<SupaYoshi> is there a way to run a virtual machine with php 5.4.? I know it;s in secure, but I'm needing that application :)
<nacc> SupaYoshi: of course, run it in a container or VM
<nacc> SupaYoshi: run trusty in a container or VM, I mean
<nacc> SupaYoshi: oh but that will be 5.5
<nacc> SupaYoshi: there is no 5.4 in ubuntu
<SupaYoshi> nacc , i used to have 5.4 on 12.04
<nacc> SupaYoshi: 12.04 is eol
<SupaYoshi> ik
<SupaYoshi> thast why i upgraded
<SupaYoshi> but my webapp needs 5.4 becuse it sucks
<sarnold> it looks like php 5.4 may be in debian's LTS project https://wiki.debian.org/LTS -- you might ask them if php 5.4 is on their supported list?
<sarnold> I don't know much about centos but it looks like centos 7 is still supported and I see a php 5.4 in http://vault.centos.org/7.3.1611/os/Source/SPackages/
#ubuntu-server 2017-06-06
<lordievader[m]> Good morning
<_KaszpiR_> SupaYoshi better update your app
<_KaszpiR_> 5.4 is ancient
<SupaYoshi> anyone know how to connect to a kvm with vnc, running on a server without gui from windows?
<SupaYoshi> Im reading vnc over ssh but not sure
<SupaYoshi> http://paste.ubuntu.com/24792172/
<tomreyn> SupaYoshi: yes, a vnc client tunnelling through SSH should work
<tomreyn> if the VM runs a non-graphical OS, you may prefer to add a serial console to that VM, and connect to that via ssh
<Tahvok> Is there any plans to update keystone packages to 11.0.1 on xenial? There is a bug that has been fixed in .1 release, that is currenctly a blocker for us to update to ocata.
<Tahvok> coreycb: perhaps some mainteiner can help?
<coreycb> Tahvok: hi, yes we'll be getting the latest ocata point releases done soon
<Tahvok> coreycb: thank you for your answer! We will wait patiently.
<coreycb> Tahvok: no problem, we'll track the latest ocata point releases with bug 1696138
<ubottu> bug 1696138 in aodh (Ubuntu Zesty) "[SRU] ocata stable releases " [Undecided,New] https://launchpad.net/bugs/1696138
<Tahvok> coreycb: do you cherry pick fixes, or you just take the latest revision?
<Tahvok> I'm mostly interested in the following fix: https://bugs.launchpad.net/keystone/+bug/1662762
<ubottu> Launchpad bug 1662762 in OpenStack Identity (keystone) ocata "Authentication for LDAP user fails at MFA rule check" [High,Fix released]
<Tahvok> Currently none of our authentication work under ocata, as we are mostly using ldap for authentication
<coreycb> Tahvok: if a fix is not in an upstream point release yet, then we can cherry pick it
<Tahvok> It was fixed in 11.0.1
<Tahvok> Why does bug 1696138 says 'Newton'?
<ubottu> bug 1696138 in aodh (Ubuntu Zesty) "[SRU] ocata stable releases " [Undecided,New] https://launchpad.net/bugs/1696138
<coreycb> Tahvok: it doesn't ;)
<coreycb> Tahvok: just changed that, thanks. just a typo.
<jamespage> coreycb, Tahvok: https://bugs.launchpad.net/ubuntu/+source/neutron-fwaas/+bug/1696139
<ubottu> Launchpad bug 1696139 in swift (Ubuntu Zesty) "[SRU] ocata stable releases" [Undecided,New]
<jamespage> June updates for ocata
<jamespage> just raised that - will start soon on updates
<coreycb> jamespage: ah ok, marking this other bug as a dup then
<Tahvok> jamespage: zetsy?
<jamespage> yes
<Tahvok> What about xenial?
<jamespage> zesty and Ocata UCA for Xenial
<jamespage> one feeds the other
<Tahvok> Oh, ok
<jamespage> Tahvok: if you want something sooner
<jamespage> ppa:openstack-ubuntu-testing/ocata
<jamespage> has tip of the stable/ocata branch for keystone built in it
<Tahvok> I'll take a note. I can wait for now though :)
<teward> server team meeting today or no?
<nacc> teward: yep, in a bit, i think
<teward> nacc: who do i have to bother for access to the trello board
<ahasenack> teward: https://trello.com/b/U9HhWyT0/ubuntu-server-daily this one?
<teward> yup
<ahasenack> teward: I tried with an incognito logged out browser, I could see it
<teward> ahasenack: i mean edit/revise access not 'see it" access
<teward> since it's a public board :p
<ahasenack> teward: ah
<ahasenack> teward: what's your trello handle?
<teward> ahasenack: *apparently* it's thomasward13 but teward AT ubuntu DOT com for an email search if you need it
<ahasenack> teward: I think an email is fine
<ahasenack> ok
<ahasenack> teward: done
<ahasenack> teward: verify please?
<teward> standby
<teward> yep i have access thank you kindly :)
<ahasenack> cheers
<teward> ahhh i see it has teward on there too, that's something I don't have access to anymore xD
<ahasenack> teward: sorry, I didn't follow, did we add the wrong teward? :)
<teward> ahasenack: well i have two accounts apparently
<teward> one's tied to a Google logon that I stopped using
<teward> and one's tied to my @ubuntu.com address :)
<teward> both me, but only one is usable.
<ahasenack> ok, removing the non-13 one
<teward> ahasenack: thanks :)
<hashwagon> Question about Ubuntu 16.04 preceed install: My install is hanging on "The installer has detected the following disks have mounted partitions: /dev/sda - Unmount partitions that are in use?" I'm not seeing anything useful so far online.  Has anyone ran into this?
<ivoks> is it possible that there's a swap partition on that disk?
<nacc> hashwagon: if you drop to a shell (tty2 or from the main menu, iirc), can you see if it is actually mounted?
<hashwagon> Ctrl+Alt+F2'd at the begining of the install is there an alternative for lsblk -f? blkid doesn't show mount points
<hashwagon> cat /proc/mounts shows /dev/sda /media and /dev/sdb/cdrom
<hashwagon> * /dev/sdb /cdrom
<hashwagon> Okay I think I finally got it. I'll update here with the line I had to add.
<hashwagon> Adding this to my preceed resolved my issue: d-i preseed/early_command string umount /media
<robodep> hi all
<robodep> I don't have fdisk available to me in the installer.  how do you install this?
<robodep> or parted
<tarpman> robodep: anna install parted-udeb
<robodep> thank you!
<tarpman> or fdisk-udeb
<disposable> i decided to give btrfs a try and installed it as root fs. it created a subvolume for /home directory. how do i delete that subvolume? i want /home to be on nfs. i've tried 'btrfs subvolume delete /home' but all i get is ERROR: cannot delete '//home': Invalid argument
<sarnold> disposable: guessing, don't use the leading /
<disposable> sarnold: same error
<disposable> i've tried /home, @home and /@home
<sarnold> but "home" failed?
<disposable> sarnold: yes, home and /home return the same thing
<sarnold> disposable: bummer :/
<grendal_pure> good god what a nightmare
<grendal_pure> ok question, i have this piece of equipment that i connect to with via a customized serial cable of some sort.
<grendal_pure> the stupid client software to connect to this device runs on windows.  It did work with wine for some time..then decided to stop working.
<grendal_pure> there has to be a way to telnet to this thing.
<grendal_pure> company is clueless they say that job was outsoursed and they are only familiar with the finshed working program.
#ubuntu-server 2017-06-07
<grillo> Hi.  I'm setting up new drives, headed for a RAID array for my new UbuServer.  They're set up as GPT.  For now, mobo's non-EFI -- that'll eventually change.  For now, though, I need a "BIOS boot partition" to make Grub2 happy.  IIUC, that needs to be at the "start" of the drive(s).  Question -- at which sector should it start?  sector=1?, the UNALIGNED start of the largest free block (sgdisk -f == 34), or the ALIGNED start of the largest free block
<grillo> (sgdisk -F == 2048)?
<lordievader[m]> Good morning
<TafThorne> morning
<yossarianuk> â hi -  I am setting up a replicated postgresql server, using pacemaker for HA - its for a Zaabix server, what advantage would also using DRDB give me ?
<yossarianuk> many guides I have seen suggest using it - just wondering what advantage it would give?
<maswan> Hm. That seems like layering two node replication steps on top of eachother
<maswan> I don't see what you'd gain, other than more complexity and a potential fault source
<yossarianuk> âmaswan: thanks for the response
<fishcooker> yossarianuk: how about failover scene?
<yossarianuk> âmaswan: That was my thought also, was wondering is perhaps there was better performance writing to a network shared block device over replicating normally..
<maswan> Should be worse actually, since DRBD requires each block write to hit disk on both places before returning from a write, rather than postgres just managing transaction syncs
<maswan> But I haven't benchmarked it head-to-head, so that's just theory from my side
<maswan> We run a fairly big postgres with repmgr and manual failover (we only have two servers there, so we can't rely on getting quorum)
<yossarianuk> âfishcooker: I am using this as a template for HA -> http://wiki.clusterlabs.org/wiki/PgSQL_Replicated_Cluster
<yossarianuk> âmaswanâ: thanks - it was guides like this that made me consider DRDB -> https://wiki.postgresql.org/images/0/07/Ha_postgres.pdf
<yossarianuk> Its for a zabbix server setup so pretty sure pacemaker should be fine in that case.
<maswan> postgres 9.1 is pretty old in terms of replication support
<maswan> streaming replication went into 9.3 I think? and it's much better in 9.5+
<fishcooker> noted, yossarianuk
<yossarianuk> i think we plan to use 9.2, would it be better to bump the version in that case?
<maswan> wow, that's old. xenial has 9.5 and trusty on 9.3
<yossarianuk> I think its being compiled from source (for some reason I am unaware of) - i'll speak to them and see why and encourage a newer version..
<yossarianuk> thanks for the advice... it a fairly new area for me, I usually use Mysql.
<aoam> hello, i have a little question, is it possible to run systemd system in lxd container on host that has no systemd ? (because of im having troubles with that, servicies inside doesnt work)
<nacc> powersj: LP: #1583126, src:mysql-5.6 is in universe in trusty, so we can unsub ubuntu-server?
<ubottu> Launchpad bug 1583126 in mysql-5.6 (Ubuntu) "Cannot enable memcached plugin" [High,Confirmed] https://launchpad.net/bugs/1583126
<smoser> nacc, https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/1666573
<ubottu> Launchpad bug 1666573 in open-iscsi (Ubuntu) "transient systemd ordering cycle in boot with overlayroot ver read-only open-iscsi root" [Medium,Confirmed]
<dpb1> teward: took a look at the release note blurb for nginx, looks great. :)
<teward> dpb1: glad to hear it :)
<teward> anything that needed changed, or is it good as is?
<nacc> teward: as is, is great
#ubuntu-server 2017-06-08
<ruben23> hi there guys i have my Ubuntu server installed
<ruben23> but as i check there is a internal firewall rules
<ruben23> any chance how do i disable it adn removed it somehow.?
<ruben23> any idea guys.?
<sarnold> ruben23: if you want to uninstall ufw rather than configure it, feel free, just be careful you don't make mistakes configuring your services
<ruben23>  sarnold: how do i disable or remove the ufw.? or maybe temporarly disable for testing purposes
<sarnold> ruben23: 'ufw disable' if you want to turn it off
<sarnold> ruben23: apt-get purge ufw if you decide you don't want it at all
<ruben23> when disable this comes up again after reboot right..?
<sarnold> probably
<ShellcatZero> stupid question: is there some way to scroll line by line in the console instead of the half-page lengths with shift+pg up/down?
<ShellcatZero> I suppose I'll just use gnu screen
<hehehe> 16.04 server php 7  zlib is not there
<hehehe> any ideas why is kinda missing
<ruben23> hi guys
<ruben23> im currently on root on my ubuntu server and i have a username asterisk, any idea how do i access that.?
<ruben23> without re login.?
<tarpman> ruben23: su - asterisk
<tarpman> ruben23: or sudo -u asterisk -i
<tarpman> ruben23: the first one would prompt you for asterisk's password, the second would prompt you for your own password, otherwise they do largely the same thing
<ruben23> tarpman: asterisk user have a script that runs successfully, but when i used root it does not run
<ruben23> how do i make the root user be able to run the asterisk user permission also.?
<ruben23> any idea.?
<tarpman> ruben23: if the script is designed to be run as asterisk, probably you should run it as asterisk
<ruben23> but i need to run it on root also, most of the time
<tarpman> why?
<ruben23> coz during operation the default setup is on root
<ruben23> during our monitoring
<tarpman> also you can easily write a one-liner that does 'runuser - asterisk -c <the actual script>'
<tarpman> and run that as root
<ruben23> but im not sure i to put it automatic
<ruben23> coz by default when i run asterisk im at root
<ruben23> and the system script just run automatically
<ruben23> please help
<ruben23> tarpman:..?
<tarpman> sorry, I'm not understanding what you're trying to do
<ruben23> s3cmd - is a script, when i run it manually on user asterisk it runs the script but with root in automatic it does not run
<tarpman> what do you mean by "in automatic"
<ruben23> automatic means the script runs auto
<tarpman> are you trying to make a cron job? a system service? all of these things have features for running commands as specified users
<tarpman> it would help if you phrase your question in more general terms like "I have a script that uses s3cmd to back up my asterisk server to AWS and I want it to run periodically"
<tarpman> (that might not actually be what you want, it's just a guess)
<ruben23> ok this s3cmd script is set on na asterisk telephone system where when a calls comes in it is triggered to upload a recording to an AWS storage, now when we run the script runs but it does not upload at all, but when we used the user asterisk it runs and it uploads perfectly
<tarpman> ok. what triggers it and why can't it trigger as asterisk?
<ruben23> we manually used the user asterisk to run the script
<tarpman> and why can't it trigger a wrapper script of your own devising that calls runuser(8) like I suggested above?
<ruben23> yes how do i invoke an asterisk user on a script.?
<ruben23> i dont know how to do it
<tarpman> I haven't used s3cmd so I don't know what it would be depending on in asterisk's environment. probably needs the $HOME/.aws for credentials, or something like that
<tarpman> I already said, above
<tarpman> runuser -l asterisk -c 'the command to run as asterisk'
<lordievader[m]> Good morning
<funabashi> anyone know how i can do so a user only can see his own home dir and nothing else with sftp?
<sarnold> funabashi: do the users have shells that you'd still like them to be able to use?
<sarnold> funabashi: I think the ChrootDirectory directive to sshd_config might be able to do the job, but if you also want them to be able to use a shell when they ssh in normally, it'll probably be trouble
<sarnold> funabashi: if ChrootDirectory doesn't do it you might be able to wrap sftp-server with an AppArmor profile; this might require profiling sshd too. If you head down that route it'd be a good idea to have another terminal open with a root shell sitting somewhere handy but unlikely to be accidentally closed :)
<funabashi> no ssh access
<sarnold> aha, then ChrootDirectory sounds promising. :)
<sarnold> chroot normally has enough troubles that I don't like recommending it
<sarnold> but if they just sftp and don't ssh, it'll probably work okay
<funabashi> sarnold: do maybe can recommend any guide for this?
<sarnold> funabashi: I don't know of any off-hand, sorry
<sarnold> the sshd_config(5) manpage is the best I know, and it's too terse
<nacc> jamespage: sorry, I've had some network issues at the sprint -- re: python-django, are you still blocked by the openstack stuff in proposed?
<jamespage> nacc: I've not looked specificaly at the django stuff yet - but yes openstack  pike b1 is jammed in proposed - mostly blocked on kombu / celery compat atm I think
<nacc> jamespage: ok, if there's anything i can do to help, let me know :)
<powersj> cpaelzer: your dpdk merge is empty
<nacc> powersj: LP: #1627768
<ubottu> Launchpad bug 1627768 in multipath-tools (Ubuntu) "multipath silently crashes with general protection" [Undecided,Triaged] https://launchpad.net/bugs/1627768
<teward> nacc: cool, I"m glad to hear my release notes section for NGINX on Server works as is :)
<jamespage> coreycb: I've pushed all of the b2 dependency updates to artful in perparation for b2's tomorrow
<coreycb> jamespage: excellent
<JrWebDev> how do i stop the time from automatically syncing and adjust the time manually
<cpaelzer> powersj: has content now, thanks for the ping
<sarnold> JrWebDev: disable ntpd; you can then use date to set the time
<hashwagon> Hey does preseed support copying a file from the installation media to the installed system?
<nacc> hashwagon: you can do arbitrary commands in a preseed
<cpaelzer> ahasenack: http://pad.ubuntu.com/61wJGD7csl
<ahasenack> let's see
<cpaelzer> ahasenack: if you want to take a look at the old samba's
<ahasenack> cpaelzer: the trusty nomination we talked about: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/820679
<ubottu> Launchpad bug 820679 in samba (Ubuntu) "nmbd and smbd will not be started again on transition from runlevel 1 to 2" [Medium,Triaged]
#ubuntu-server 2017-06-09
<kuwer> Hello!
<kuwer> I want to install a driver for my nvidia geforce 8400 cs video card
<kuwer> I am following this tutorial http://ubuntuguide.net/install-latest-nvidia-graphics-drivers-in-ubuntu-linux but it seems different
<kuwer> Perhaps it was donne for an older ubuntu server version
<kuwer> Could someone help me please?
<kuwer> I already downloaded NVIDIA-Linux-x86_64-340.102.run file from nvidia website
<sarnold> kuwer: that guide looks eight years old or so. it's probably fair to ignore it entirely.
<patdk-l2> I always thought you just install the normal nvidia package and be done with it
<patdk-l2> unless you want to do something odd, like use cuba in your applications for like bitcoin
<patdk-l2> then your going have hell and be mostly on your own, cause that crap is not fun
<kuwer> patdk-l2: well, yes. I need Cuba, OpenCL
<sarnold> I don't think anyone does bitcoin mining on gpus anymore
<patdk-l2> atleast I gave up on it, and it takes a lot to do that
<patdk-l2> sarnold, I know a guy that just setup 12 amd video cards for it this week
<kuwer> I am not mining bitcoins but other coinis
<sarnold> patdk-l2: yikes
<kuwer> yeah, Bytecoin, Ethereum, well there is hundreds
<sarnold> this wiki page suggests 'sudo ubuntu-drivers devices' is a good starting point https://help.ubuntu.com/community/BinaryDriverHowto/Nvidia
<sarnold> what's funny is it jumps from that right into installing nvidia-nnn   -- maybe nvidia users are forced to install the new driver updates by hand? dunno..
<patdk-l2> they have to
<sarnold> anyway based on this wiki the first thing I'd try is "apt-get install nvidia-375"
<patdk-l2> cause the ones in ubuntu don't have the cuba stuff in them
<patdk-l2> get a intel phi :)
<kuwer> The correct driver for my video card is NVIDIA-Linux-x86_64-340.102
<kuwer> I could use wget http://us.download.nvidia.com/XFree86/Linux-x86_64/340.102/NVIDIA-Linux-x86_64-340.102.run
<kuwer> chmod u+x NVIDIA-Linux-x86_64-190.42-pkg2.run
<kuwer> ups
<kuwer> chmod u+x 340.102/NVIDIA-Linux-x86_64-340.102.run
<kuwer> chmod u+x NVIDIA-Linux-x86_64-340.102.run
<kuwer> sudo apt-get install linux-headers-$(uname -r) build-essential
<kuwer> Is that necessary?
<sarnold> probably; you have to compile portions of the drivers on your system
<kuwer> How about https://askubuntu.com/questions/66328/how-do-i-install-the-latest-nvidia-drivers-from-the-run-file
<kuwer> Used chmod +x driver
<kuwer> then sudo ./driver.run
<kuwer> And http://imgur.com/a/Vk5iu
<sarnold> kuwer: pastebin the logfile?
<sarnold> (the pastebinit tool from the pastebinit package can make that easy)
<kuwer> sarnold: this is the log file
<sarnold> is that the WHOLE log file? or just the last few lines?
<kuwer> last few lines
<sarnold> good good :) pastebin the whole thing and then we might stand a chance of spotting the error
<kuwer> how can I send out from the server this line?
<sarnold> apt-get install pastebinit ; pastebinit /var/log/nvidia-installers.log
<kuwer> paste.ubuntu.com/24812224
<kuwer> Perhaps this driver was not meant to server
<sarnold> WARNING: You do not appear to have an NVIDIA GPU supported by the 340.102 NVIDIA Linux graphics driver installed in this system
<sarnold> are you sure that your card is supported by this driver/ I hear they are aggressive about dropping support for 'old' hardware
<kuwer> This is not the latest driver
<kuwer> I went to nvidia and check for my video card model driver
<kuwer> And this is the one it pointed me to
<kuwer> As http://imgur.com/a/vHo8c
<kuwer> Maybe I should Run 'make oldconfig && make prepare' on kernel src to fix it.";
<sarnold> I don't think that would help
<sarnold> kuwer: the patches on https://gist.github.com/tpruzina look promising
<sarnold> kuwer: from your pastebin, the actual errors are starting on lines 3588 and then in 3598
<sarnold> all look like hotplug cpu related
<sarnold> kuwer: so try making the same changes that the patch that disables the hotplug support ..
<kuwer> Well, something I got to say is I am running this Ubuntu Server on a VirtualBox machine just to test.
<patdk-l2> dunno how that would work
<kuwer> Probably I will be doing the same procedure soon on a ssd driver I am waiting
<kuwer> I donÂ´t think there is path for my driver version
<sarnold> did you pass the pci through?
<kuwer> what do you mean, sorry
<sarnold> in order to use devices inside vms you have to use pci passthrough
<sarnold> I've never tried it before
<kuwer> Oh, not really.
<kuwer> Let me check that
<kuwer> Not sure where to set PCIE
<kuwer> Checking
<kuwer> DonÂ´t think my BIOS has BIOS that has the IOMMU
<lordievader[m]> Good morning
<jamespage> coreycb: checklist via PPA for pike b2 - https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/2808/+packages
<zul> jamespage:  looks like you need zunclient now
<jamespage> zul: and some
<jamespage> zul: https://launchpad.net/ubuntu/artful/+queue?queue_state=0&queue_text=python
<zul> ahaha
<hashwagon> Hey nacc, do you have any example of a preseed copy? A file copy from USB/CDROM to the newly installed system if possible. Google isn't being useful to me.
<nacc> hashwagon: https://help.ubuntu.com/lts/installation-guide/example-preseed.txt down at the advanced options
<nacc> hashwagon: that's how you run any old shell command
<nacc> mwhudson: jamespage: is it expected that there is no python-celery-sphinx? I think the new celery is loading a module from it, but there's only python3-celery-sphinx, afaict
<nacc> s/celery-sphinx/sphinx-celery/
<tomreyn> hashwagon: a more complex example: https://github.com/gc3-uzh-ch/openstack-tools/blob/master/etc/ubuntu-preseed.cfg#L489
<nacc> tomreyn: nice, thanks!
<tomreyn> and here you got a copy https://lists.ubuntu.com/archives/ubuntu-installer/2007-December/000130.html
<tomreyn> oops this one doesn't work, sorry
<tomreyn> this one uses 'cp' an is said to work https://help.ubuntu.com/community/InstallCDCustomization/PreseedExamples
<jamespage> nacc: hmm that's odd
<jamespage> I would expect both versions
 * jamespage looks
<hashwagon> tomreyn, nacc, thanks guys.
<mwhudson> nacc: no idea
<nacc> jamespage: yeah, it's surprising to me -- i also only see python3 in debian (afaict)
<nacc> mwhudson: np, thanks
<jamespage> nacc: apparently that's right but I have no idea why there is no py2
<jamespage> maybe the maintainer was being visionary!
<nacc> jamespage: yeah, and i think celery won't build without the py2 -- or I have to dig a bit into the internals
<nacc> jamespage: i'm looking to see if it's easy to add -- it seems like it's unexpected to only be py2 (and the debian side is just a trival stdeb generated thing (it seems). I wonder if it's just oversight
<nacc> jamespage: http://paste.ubuntu.com/24816633/ it builds. I'm verifying the autopkgtest now
<nacc> jamespage: tests pass, and it is exactly what fails with celery (import'ing sphinx_celery) :)
<hashwagon> Is it normal for a 16.04 server preceed install to have GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" in /etc/default/grub? This prevents me from booting to a tty unless I remove quiet and splash.
<hashwagon> sed command to resolve that: http://downloads.linux.hpe.com/SDR/project/minnow/current/Ubuntu_16.04_RAID1_preseed.cfg - odd behavior though..
<jerichowasahoax> I created a new apache2 vhost at a specific subdomain, and now my default vhost is being clobbered. What gives?
<compdoc> creator typo
<jerichowasahoax> The vhost in question: https://paste.pound-python.org/show/aZwN2OyZqjb3ee74YiZQ/
<jerichowasahoax> Note there are no wildcards in that vhost, and yet it's answering to ALL requests, not just ones directed at mantis.lavacano.net
<jerichowasahoax> I've currently disabled that site configuration.
<jerichowasahoax> Google says something about a NameVirtualHost directive but it doesn't appear to actually do anything
<sarnold> "If multiple virtual hosts contain the best matching IP address and port, the server selects from these virtual hosts the best match based on the requested hostname. If no matching name-based virtual host is found, then the first listed virtual host that matched the IP address will be used. As a consequence, the first listed virtual host for a given IP address and port combination is the default virtual host for that IP and port combi
<sarnold> https://httpd.apache.org/docs/2.4/mod/core.html#virtualhost
<sarnold> that's my guess..
<jerichowasahoax> sarnold: Assuming 000-default.conf is parsed before 100-mantis.conf, then *:80 should come first and take priority, no?
<sarnold> https://httpd.apache.org/docs/2.4/vhosts/ suggests using apachectl -S  to dump the parsed configuration as a useful troubleshooting tip
<sarnold> jerichowasahoax: I'd hope so :)
<tomreyn> jerichowasahoax: instead of <VirtualHost mantis.lavacano.net:80> you'd usually use <VirtualHost 149.56.132.23:80>
<tomreyn> using hostnames there is "not recommended"
<tomreyn> https://httpd.apache.org/docs/2.4/mod/core.html#virtualhost
<jerichowasahoax> tomreyn: But that IP address points to a couple different FQDNs, as I'm sure you noticed while you were checking my DNS records
<tomreyn> jerichowasahoax: if you mean the alias, there's only one
<tomreyn> mantis.lavacano.net is an alias for andariel.lavacano.net.
<jerichowasahoax> tomreyn: Not the CNAME, the IP itself
<jerichowasahoax> tomaw: and andariel.lavacano.net when contacted directly should be serving different content
<jerichowasahoax> er
<tomreyn> oh your mean PTR records?
<jerichowasahoax> tomreyn: see above
<tomreyn> that's what ServerName is for
<tomreyn> see the example in the docs i pointed to
<jerichowasahoax> ServerName isn't working either
<tomreyn> VirtualHost uses an ip address, ServerName an FQDN
<jerichowasahoax> or now it is
 * jerichowasahoax makes a mental note: any virtualhost that isn't <VirtualHost *:80> is practically invalid
<tomreyn> if thisis a general statement then i'd disagree
<jerichowasahoax> i know the technical explanation is "explicitly defined addresses take priority over wildcards"
<jerichowasahoax> which is why "mantis.lavacano.net" was clobbering things
<jerichowasahoax> but if I don't overgeneralize I'll just keep screwing that up over and over and over
<tomreyn> VirtualHost defines the ip address + port to service this ServerName FQDN on.
<jerichowasahoax> tomreyn: apachectl -S was putting "149.56.132.23:80" over "*:80"
<sarnold> ahh because it's more specific..
<jerichowasahoax> sarnold: yes
<sarnold> sigh stupid complicated mess
<jerichowasahoax> to be fair, the google results and docs weren't entirely clear on exactly what i was trying to put where
<jerichowasahoax> all they really said was "VirtualHost some.domain.com" and "VirtualHost some.domain2.com"
<jerichowasahoax> it didn't occur to me that they were assuming those names had different addresses
<SuperLag> Do you folks have any recommendations to *automatically* do some kernel cleanup, so /boot doesn't keeep filling up?
<SuperLag> it'd be nice to only keep 2-3 kernels...
<compdoc> how about: sudo apt autoremove
<sarnold> SuperLag: do you have /etc/kernel/postinst.d/apt-auto-removal on your system? it should auto-generate a list of packages to keep in /etc/apt/apt.conf.d/01autoremove-kernels that works with /etc/apt/apt.conf.d/01autoremove
<SuperLag> sarnold: I wasn't aware of that. I'll investigate.
<SuperLag> thank you, btw!
#ubuntu-server 2017-06-10
<Freemon> hello
<Freemon> did anyone try to install phantheon desktop on server 17 ?
<lordievader[m]> Good morning
<obinoob> Hi, need to set SET explicit_defaults_for_timestamp=1 but I can find a way, I'm on ubuntu server mysql 5.5.55
<sarnold> obinoob: this looks like it was introduced in 5.6.6 https://dev.mysql.com/doc/refman/5.6/en/server-system-variables.html#sysvar_explicit_defaults_for_timestamp
<obinoob> sarnold: can I upgrade mysql without loose my data?
<sarnold> obinoob: it looks like mysql-5.7 is in main in 16.04 LTS
<sarnold> obinoob: I see many package upgrade failures every release -- it feels like the package management scripts are a bit brittle, so if you've done anything out of the ordinary to your configuration it might take some work to untangle it
<sarnold> obinoob: and of course backups are always a good idea
<obinoob> no i didn't did anything special to my system is pretty much stock
<obinoob> I will follow this tutorial is based on digital ocean https://askubuntu.com/questions/750498/mysql-5-5-update-to-mysql-5-7
<sarnold> obinoob: if you do that you're on your own for security updates -- be sure to keep up with those every two months.
<obinoob> sarnold: so whats my best shot here?
<sarnold> obinoob: I'd be inclined to upgrade to 16.04 LTS. The worst of the bugs have probably been shaken out of it by now :)
<obinoob> sarnold: well I've a lot of server configuration done DNS DHCP, OPENVP, APACHE, PHP etc not sure ...
<sarnold> obinoob: if you'd rather use mysql straight from oracle, you can give those a try, but it may not be easy to return to using ubuntu-provided packaging
<sarnold> aha, yeah, 16.04 LTS's php is php7. A huge amount of php software is still stuck in 5.3 days..
<obinoob> I'm running php7.1 here from ondreij I guess...
<obinoob> anyway I will probably upgrade to a stable release in future but for now got to solve this ET explicit_defaults_for_timestamp=1
<sarnold> bed time here, good luck :) sorry I can't be more specific, I'm not sure about most of these things
<sarnold> i'm happy enough to not need to tend mysql or php :)
<obinoob> where are you?
<obinoob> oceania?
<obinoob> japan?
<obinoob> lol
<obinoob> ok thank you very much
<sarnold> portland, oregon, usa
<sarnold> nn :)
<obinoob> ;)
<supercool> Hello all!
<supercool> I am running a Ubuntu server very fast and the other is just not. I was checking with top and I see one is using swap memory and the second is not.
<supercool> My question is how do I turn swap memory on?
<supercool> Is it even possible?
<genii> !swap
<ubottu> swap is used to move unused programs and data out of main memory to make your system faster. It can also be used as extra memory if you don't have enough. See https://help.ubuntu.com/community/SwapFaq for more info
<jelly> supercool, does the second use none, or have none configured at all?
<supercool> jelly: I already set it to 1GB
<supercool> The thing is I have a processo running that in a few minutes fallows from 100% CPU to 17%... It used to be 17% all the time.
<supercool> I think it is related to swap disk now. First there where no swap disk.
<supercool> Now the disk gets filled to quick perhaps?
<supercool> I set a 1GB swap and it rolds 20secs with full working CPU 100%, then it drops to 17% more or less.
<supercool> Now I set a swap of 4GB and it took 1 minute with 100% CPU
<supercool> Now it finally drop to 28% more or less.
<supercool> I wonder if I can set something to recicle or something like that the swap partition
<supercool> Maybe this application is just filling it
<supercool> Any ideas please?
<tomreyn> supercool: this sound slike you need to debug the application.
<tomreyn> examining why swap grows rapidly on OS level is not really possible, since it's processes demanding it and that's all you'll find out.
<supercool> tomreyn: is there a way to confirm this application is using too much swap?
<supercool> just a basic level, as user
<supercool> well, besides what I am doing of course
<supercool> What else could be dropping down the CPU speed like that?
<tomreyn> supercool: there is no reliable way to determine swap allocation by process, but the *2nd* answer here has something which *may* give a good enough hint https://stackoverflow.com/questions/479953/how-to-find-out-which-processes-are-swapping-in-linux
<tomreyn> you may also wish to look at iotop
<supercool> checking...
<tomreyn> i.e. you need to find out what is your bottleneck. often the thing which is the boittleneck causes other perfomance indicators to change as well. but you need to identify the root cause.
<supercool> The thing is this same application runs at two different systems
<supercool> One runs it per hours all right
<supercool> The other got stuck in 1 minute
<tomreyn> high disk io can result in elevated cpu overhead (e.g. if you have software storage encryption). ram allocation spikes can cause high disk i/o due to swap configuration and  and swapiness.
<tomreyn> and the application work load is the same on both for sure?
<supercool> Thats why I thought it could be something system related, you know..
<tomreyn> identical hardware?
<supercool> tomreyn: yes
<supercool> same loads
<supercool> tomreyn: no, very similar in memory and disk I think. I could check that.
<supercool> But somehow the second one got stuck!
<tomreyn> you should. if hardware is the same, look at firmware. then look at hardware health, hwere possible (e.g. S.M.A.R.T. and the like)
<supercool> how can I list the users list from the users listed on top command?
<tomreyn> also check kernel messages / logs, i.e. /var/log/dmesg + /var/log/syslog
<supercool> the top command is saying there are 11 users at one system
<tomreyn> w, who, last
<supercool> Ok
<tomreyn>  /var/log/auth.log also
 * tomreyn bbl
<supercool> how about the memory being used
#ubuntu-server 2017-06-11
<genjitech> hello all, I'm having some trouble with rate limiting postfix 3.1.0 on Ubuntu Server 16.04.2 LTS.. I have customized /etc/postfix/main.cf with smtpd_error_sleep_time = 120s smtpd_soft_error_limit = 3 smtpd_hard_error_limit = 8 smtpd_client_connection_count_limit = 20 smtpd_client_connection_rate_limit = 10 .. and yet i still get slammed with single ips [49.140.10.140] dropping 1100+ emails to 3 different account in less
<genjitech> than 120sec. im running OSSEC with active-response firewall which does block any further attempts but all this happens before the block takes effect
<patdk-l2> I don't see where anything you said would have ANY affect on what you want
<patdk-l2> what does connection counts, errors, rates, ..., or even firewall blocks, have to do with number of emails
<patdk-l2> you can send any number of emails over a SINGLE connection, upto the configured max
<genjitech> the address that are being to to dont exist and should fall under smtpd_soft|hard_error_limit yet that many getting through in such short time
<patdk-l2> I don't see where that is documented
<patdk-l2> it says the error is incremented on a unrecognized or unimplemented smtp command
<patdk-l2> doesn't say it is on user doesn't exist
<patdk-l2> ah, it is documented in tuning, but not in rate limits
<patdk-l2> http://www.postfix.org/postconf.5.html#smtpd_client_message_rate_limit
<genjitech> i see. i was thinking that was to limit my clients sending rate.
<genjitech> sorry i went back to reading the docs all over again. patdk-12 thank you for the help.
<lordievader[m]> Good morning
<aatish> hi everone. i am trying to install samba on ubuntu server. i am following the official wiki guide and help.ubuntu. when i run smbclient -L localhost -U% i get the error session setup failed: nt_status_internal_error. i googled the error but did not get any tips. can someone point me in the right direction. i am trying to use samba+ubuntu as an active directory domain controller. when i run apt install samba libpam-winbind. i get the error failed to
<aatish> start samba winbind daemon.thank you
#ubuntu-server 2018-06-04
<cpaelzer> hi over here as well, good morning
<Dani-hp> Hello, i have some more questions about diskless ubuntu/thin client (root on nfs).. What about network interrupts? How good can Root-on-NFS Ubuntu's handle these? Any one has some "real live" experience with this? :-)
<lordievader> Dani-hp: usually if the network issues are not that severe it should be fine.
<lordievader> Also as long as no disk access is done you won't notice it.
<lordievader> We got thinclients to RDP to a Windows server. If during an RDP session the NFS server dissapears for some time and comes back the user doesn't notice.
<Dani-hp> Ah cool :)
<Dani-hp> so they directly connect to the win server on boot or do they first login on the ubuntu?
<Dani-hp> Ah and one more question.. the root-on-nfs share gets mounted rw, right? so if we have like 30 clients on the same nfs-share there is quite a lot conflict potential, right? even if the have their home on a sperate nfs share?
<lordievader> Nowadays they are Debian images. But the principle is the same. They boot the Debian image which gives them four buttons, most notably a firefox button and an rdp button.
<lordievader> For us the idea is that users can use them to quickly search something on the web, or do some work on their personalized rdp account.
<cpaelzer> jamespage: are you around, I'd really need one with 10 minutes to takl about openstacks control (or lack of) qemu machine types
<cpaelzer> jamespage: please ping me if you'd be available for a few minutes
<lordievader> Dani-hp: We only have 1 user on them ('thinclient'), but theoretically you can have a full desktop on there with their own accounts.
<Dani-hp> lordievader: Ah okey. But it's true that there is conflict potential with "full desktops", right?
<Dani-hp> for example when i install new apps/updates on one client, the changes are made for everyclient. right?
<lordievader> Yes
<Dani-hp> Well, that sucks :-)
<lordievader> This is why every regular client has no write access for the root-fs and the user home-dir is mounted on a tmpfs. There is one 'thinclient' which has write access and does the updates.
<lordievader> Why is this a bad thing?
<Dani-hp> Hm, so you mount the root-fs as RO?
<lordievader> Users don't need root access ð
<Dani-hp> well yeah
<Dani-hp> So lordievader if you could choose for a company with like 30-40 clients. Would you prefer a thinclient setup with root on nfs or a "complete" VDI Solution like VMWare Horizon or XenDesktop=
<Dani-hp> ?
<lordievader> I have no experience with the latter. We also do not have that many clients, about 15-20 or so. Just relaying what I know ð
<Dani-hp> kk :) do you have experience with LTSP?
<lordievader> I've heared of it. (And forgotten about it XD)
<Dani-hp> :D
<dara> i'm having trouble installing phpmyadmin, it won't accept my database administrative password
<parlos> Got a strange problem; I'm using SSH for X11 forwarding. (-X -Y). Once connected, launching xterm/xeyes works fine, but if I launch emacs/gwenview they just exists. (emcas has X support). Tested against another device, there it works. Any hints?
<coreycb> jamespage: would you mind giving magnum 6.1.0-0ubuntu2 a review? it's the first py2/py3 openstack service i've enabled so it'll be the pattern i plan to follow.
<jamespage> coreycb: ack will do - in git?
<coreycb> jamespage: yes, well i uploaded it to cosmic as well. seems to work fine for py2 and py3.
<coreycb> jamespage: py2 is favored by default for now, obviously
<coreycb> jamespage: btw the current dep8 tests are py2 only. if you can think of a way to also test py3 services i'd really like to do that.
<coreycb> jamespage: maybe in the actual test i could apt install python3-magnum and restart/test services again after the py2 services get tested
<jamespage> coreycb: I'd add the py3 tests as a separate test target in d/t/control using right tag for grabbing a clean testbed
<coreycb> jamespage: ah good, so you can have separate targets with their own Depends and tag for clean testbed. wasn't sure about that.
<jamespage> coreycb: I think so
<rbasak> nacc, ahasenack, cpaelzer, dpb1: how should we handle code review for git-ubuntu now? I'm quite happy to do all the reviews for nacc's MPs, but what about my MPs? I don't want to force nacc to do them, but if he can, that would be useful. So should I perhaps request a review from some team, and if nacc doesn't take it, ask ahasenack or cpaelzer?
<ahasenack> rbasak: don't know, it's quite a context switch
<cpaelzer> ahasenack: rbasak: if andreas or me are supposed to do them we will have to batch them
<cpaelzer> to do the huge context in/out just once for a series of things
<cpaelzer> OTOH if you have rather small broken up MPs I think that might work well
<nacc> rbasak: i can help as much as possible
<nacc> rbasak: if they are large, it will take longer, of course :)
<nacc> rbasak: i think all of the bugs we talked about last week are filed, right?
<rbasak> nacc: thanks. I think so, yes.
<nacc> rbasak: sounds good, i'm still working on rebasing my old MP that refactored the importer loop (as we discussed). If you'd like me to prioritize reviews or something else, just let me know.
<rbasak> OK
<nacc> rbasak: so given that CI passed your MP, it does seem to point to snap vs. deb difference?
<nacc> although 2.42.1 is in all releases (and the stable snap channel)
<rbasak> nacc: I agree it looks that way. I'm planning on experimenting with that tomorrow morning to see what I can reproduce.
<nacc> rbasak: thanks, good to hear
<granjero> hi, ubuntu 18.04 fresh install. nedd to conect php to a M$SQL database. which php extesions do i need to install? thnx
<nacc> granjero: 'php-mysql' ?
<sdeziel> M$SQL ?= mssql
<sdeziel> granjero: ^
<nacc> sdeziel: oh mssql! totally glossed that
<nacc> php-db then
<avgtechie> Just install lamp stack
<granjero> nacc, not MySQL MSSQL (microsoft DB)
<nacc> granjero: yes, I realized my mistake, php-db has a mssql plugin, iirc
<nacc> granjero: not sure why you are 5 minutes late to your own conversation :)
<granjero> i think maybe the problem im having is because the app works in php5 and ubuntu 18 is php7
<granjero> Â¿?
<nacc> granjero: if you need php5, you need 14.04, or a PPA.
<sarnold> or a better application :)
<granjero> will work on the app i think
<granjero> another question: I want to connect to my server via sftp so i can edit files. the directory /var/www/html is owned by root , how can i connect to the server and modify files in that directory with another user?
<sarnold> edit them locally then move them using rsync over ssh? or sftp if you really prefer that/
<granjero> that user has to be in root group ? or something like that
<avgtechie> chown the dir
<nacc> rbasak: a thought i had last evening, as well -- would it be possible to query Launchpad for any upload or orphan tags? If so, then we could just reimport those source packages, as we my alogrithmic changes only apply to those tags
#ubuntu-server 2018-06-05
<cpaelzer> good morning
<microwaved_> morning ^^
<microwaved_> anyone got some cool must happ applications on their ubuntu server i'm fiddling around with mine
<rbasak> microwaved_: lxd. It's there by default I think. It allows you to nest Ubuntu server installs. Perfect for experiments.
<microwaved_> rbasak: thanks!
<neo4> what is wildcard subdomain?
<neo4> I'm going to install on a test server wordpress mulstisite that will use wildcard subdomain
<neo4> how to configure apache to use wildcard?
<neo4> it should be like *.site.com
<neo4> or whole host
<neo4> it might for dns
<neo4> Can we somehow turn on all dubdomain for our server?
<neo4> that from our WP app we will able to create network
<ikonia> what ?
<ikonia> subdomains are nothing to do with your server
<neo4> ikonia: see https://en.wikipedia.org/wiki/Wildcard_DNS_record
<neo4> nothing do, there might apache should accept *.site.com and DNS redirect to all domains *.site.com to my server
<ikonia> so you're asking can apache handle wildcards ?
<neo4> in wordpress exists 'multisite network' it's when we install one copy of wordpress and can create multiple sites with naem site1.example.com site2.example.com
<ikonia> I know what multisite is
<ikonia> but you're not really asking a question
<blackflow> he's asknig a bunch of loosely related things all in one sentence. dns, apache and now WP.
<neo4> ikonia: both, I'm going install this set up on test server
<ikonia> both what ?
<blackflow> neo4: perhaps slow down and start from the actual problem you want to solve, ignoring whether it's dns, apache or WP.
<neo4> ikonia: both customization DNS server and apache
<ikonia> what about it ?
<neo4> blackflow: actual problem it's make a test server for wp plugins and themes using wp multisite installation
<ikonia> ok - so follow the multisite install guide
<ikonia> it calls out the DNS and webserver setup
<ikonia> it actually walks you through this is the setup and preq section
<neo4>  ok
<ikonia> do you actually ever read the docs on the products/setups you're trying to do ?
<neo4> ikonia: you seems not to have heard abut wildcard for DNS or Apache?
<neo4> exists a few kinds of wildcards
<ikonia> yes, I have
<ikonia> as I've just said I have, and I've just said I know what multicard is
<neo4> I too
<ikonia> no, there is one kind of wildcard - a wildcard
<neo4> ikonia: ok,
<ikonia> there are multiple technologies that can/cannot use wildcards
<neo4> I haven't
<ikonia> you haven't what ?
<neo4> haven't heard
<ikonia> ok - so read the documentation then
<neo4> i thought there existed special app that automatically add records to dns and creates virtual hosts :)
<neo4> ok
<neo4> this theme worth learning
<ikonia> a special app ??
<ikonia> to be honest, you're spam server technology stack is getting a bit old
<ikonia> ubuntu-server is not here to help you with this
<neo4> ikonia: It was delusion
<ikonia> ?
<neo4> about how it works
<neo4> it doesn't use app
<ikonia> no, it won't use an app
<neo4> passed, will read docs
<ikonia> as most people don't host apache/dns/email/webmail on one server
<ikonia> so that would require complex API calls to multiple infrastrcture components
<neo4> yes, and if you don't know server it looks like it uses app
<ikonia> which isn't realistic for an app like wordpress to deal with
<ikonia> nothing looks like it uses an app to do that
<blackflow> ikonia: (we do, but each is jailed and isolated :)   )
<neo4> ikonia: ok
<ikonia> blackflow: I'll cut that some slack then ;)
<blackflow> neo4: sounds like you really want to purchase a hosted centos/cPanel service and use cPanel. That is "an app" that integrates all that and does dns + virtualhost + a lot more, automatically.
<blackflow> if not, you'll have to write your own integration.
<neo4> blackflow: no, this is for people who badly know inside server but I am supposed to be a powerful linux user :)
<neo4> )))
<ikonia> then you are a liar
<blackflow> then you'll have to learn it yourself, which kind of excludes looking for "an app" that does that automatically.
<neo4> blackflow: I want to create wp plugin for codecanion that will deploy on server a wildcard multisite wp installation
<blackflow> neo4: I don't know what codecanion is, but sure, writing a WP plugin that integrates with DNS and Apache (re)configuration is of course doable.
<neo4> user install usual wordpress, then run my activate my plugin and run will get server and wp prepared for put there demo plugins and tests, left only put record to DNS server
<neo4> blackflow: it's big market
<ikonia> do you understand how silly that sounds
<ikonia> you want to create a plugin that will deploy codecanion
<ikonia> he means codecanyon
<blackflow> ah I see.
<ikonia> neo4: you understand hoiw infrastructure works......
<ikonia> "you install wordpress, install my plugin and it will configure wordpress for you"
<neo4> ikonia: which infrastracture?
<ikonia> for your plugin to work - you'd need wordpress installed and configured
<ikonia> so you're building a plugin to configure the dependency of the plugin actually working
<blackflow> unless there's some base WP installation that bootstraps other WP installations.
<ikonia> the wordpress default installer does it
<blackflow> but that sounds extremely advanced for somoene asking these questions.
<blackflow> well if I understand it correctly, this plugin should also integrate with DNS and Apache reconfig?
<ikonia> but apache will already need to be setup - or you can't install wordpress, which means you can't install the plugin
<ikonia> and dns will alrady need to be setup if you wish to access your blog via a friendly name
<ikonia> rather than IP
<ikonia> hence "do you understand how infrastructure works"
<neo4> blackflow: only server, there will on plugin a tip for user how  to set up DNS for using wildcard
<blackflow> yeah, but what I mean is, you have already a WP setup (with apache and whole infra), and then a plugin that deploys new WP installations, and changes apache and DNS for those new multisite installations.   Basically, replicate what cpanel does in a way :)
<ikonia> neo4: how to setup wildcard dns will depend on the dns provider, and it's well documented already
<ikonia> so you're plugin to provide a tip is pointless
<ikonia> I suggest you take this to the wordpress channel and ask how useful this is
<ikonia> and take a flameproof hat
<blackflow> heh, yeah.
<neo4> ikonia: apache have been set up already, Plugin will only configure and user have to put 755 right on shell script before run wp plugin, I think it will allow wp plugin to access /etc folder
<ikonia> errr no
<blackflow> eh no.... nononononon. don't do that
<ikonia> wordpress doens't touch etc
<ikonia> neo4: basically "stop what you are doing"
<ikonia> and you don't change the permissions
<neo4> ikonia: for DNS looks like standard *.example.com.   3600 IN  MX 10 host1.example.com.
<ikonia> neo4: that's just an MX record, that's not how DNS servers work
<ikonia> neo4: basically - you don't understand what you are trying to do, stop doing it
<neo4> ikonia: no, I'm going to do this plugin and sell it users
<neo4> on codecanion many sellers who need test server
<ikonia> ok - good luck with that
<ikonia> this channel is not here to help you with that, so please don't ask for help
<neo4> ok
<neo4> I'll ask if have some troubleshooting
<ikonia> no
<ikonia> do not ask
<ikonia> this channel is not here to help you build comercial software that could put people at risk
<neo4> I'll ask about software for myself )
<ikonia> no
<ikonia> you're done here
<ikonia> we helped you with your spam mail server
<ikonia> we've helped you with various other problems
<ikonia> you're now asking for help building comercial software that you don't understand - this is not this channels purpose
<neo4> ikonia: and you'll continue to help me with others things
<neo4> thanks )
<ikonia> word with the channels that provide and support the software stack you need
<ikonia> neo4: no, not in this channel
<neo4> I appreciated yours input
<neo4> ikonia: nothing bad, people have to help others, I don't thing it something bad if you helped me
<ikonia> no
<neo4> ikonia: yes, people require to help others
<neo4> it's human needs
<ikonia> they do
<ikonia> I agree
<ikonia> try the others such as #wordpress
<ikonia> this channel is not for your help needs though
<ikonia> ##php etc
<neo4> and I don't force anybody to help me,..
<ikonia> no, but I'm telling you to no longer ask for help on your projects
<neo4> ask and you get help, read bible
<ikonia> your projects are nothing to do with ubuntu
<ikonia> this is not a christian channel, and has nothing to do with the bible
<neo4> ikonia: I'll run my projects using ubuntu
<ikonia> yes, but they are nothing to do with ubuntu support
<ikonia> hence please no longer ask
<neo4> ikonia: ok, I understood, stop it, If I have trouble I'll ask
<ikonia> what part of "do not ask" am I not making clear
<neo4> ikonia: and what do you offer me to do?
<ikonia> use the channels that support the software stack/engineering you want to do
<neo4> ikonia: it means you offered me to leave a channel?
<neo4> I dont' understand
<ikonia>  you're welcome to stay, just don't ask people for help on your projects
<neo4> about shall I ask?
<ikonia> sorry I don't understand
<neo4> all questions relate to ubuntu server I'll ask here
<ikonia> not in reference to your development projects
<neo4> what about shall I ask?
<neo4> ok
<neo4> I won't mention  for why I need it
<ikonia> no, that wasn't what I said
<ikonia> hiding your needs will not be tollerated any more either
<neo4> it isn't my development project, it was just what we can do using whildcard possibilities. I don't have such project
<ikonia> you just said you are doing this to build commercial plugin to make money
<neo4> ikonia: if I won't say about my needs it will looks like proper question, silence is gold
<ikonia> that attitude will not be acceptable
<ikonia> as I've already said
<ikonia> look - either comply with what I've said, you'll be remove from teh chanbnel
<ikonia> you got removed from #ubuntu for ignoring the rules and requests to change your behaviour
<ikonia> there is nothing different about this channel
<ikonia> no more discussion on it please
<neo4> ikonia: say is one, but done thing is others. You can say much but in actually will have done nothing
<ikonia> I have no idea what your last sentence meant, sorry
<neo4> people do this frequently, empty words around
<neo4> ikonia: this saying
<ikonia> I'm sorry, I honestly don't understand what you are trying to say
<blackflow> neo4: except some can kickban if you cross the line ;)
<neo4> ikonia: fast tales is said but not fast bussness is being doing
<ikonia> again, I don't know what that means
<ikonia> sorry
<neo4> :(
<neo4> blackflow: it doesn't matter, I've banned on #ubuntu and #wordpress and today I went to #wordpress and asking there. If I need some channel I can reach it...
<neo4> :)
<neo4> on #wordpress they kicks me by default
<blackflow> neo4: sure but think why are people telling you all these things. is there a reason.
<blackflow> think hard. You want to write commercial software that someone will PAY for, but you have ZERO experience in things that software would have to do, and very little knowledge.
<neo4> blackflow: because deviate from topicks
<blackflow> Please explain to me, how is that NOT scamming people?
<blackflow> Like, buying a car only to find out it was put together by people who never built cars, and of course it breaks down.
<blackflow> Woudln't you want to find the seller and demand your money back?
<neo4> and #wordpress was first my irc channel, I hardly speak there and strong violate rules, put there links from youtube and speak in very familiar way.... )))
<blackflow> do you want to be called a scammer? a spammer? a criminal?
<neo4> blackflow: it's world, might buyer wanted to save money and buy cheaper thing, etc... greedy guy always pay twice
<ikonia> no
<ikonia> enough, this is nothign to do with ubuntu-server
<ikonia> neo4: you've been told what is expected of you, you've been told the consiquences
<blackflow> indeedy.
<ikonia> it's up to you what you do
<neo4> blackflow: yes, it's market
<blackflow> I meant this is offtopic for the channel :)   as for the market, no you will become a scammer and a thief and people will want you to return their money.
<neo4> blackflow: no, it isn't scam this is the silly of them to buy cheap things and not trusted expensive brands and nothing else
<ikonia> neo4: final warning - please stop now
<neo4> ok
<lordievader> Good afternoon
<microwaved_> anyone ever heard about flockport
<coreycb> jamespage: do you mind if I update gnocchi-api and gnocchi-common to default to py2 and have py3 as an alternative?
<jamespage> coreycb: that feels like a step backwards? I think some of the dependencies only ship py3 pkgs...
<coreycb> jamespage: that might be true for gnocchi. i'm planning to make everything else py2 default and py3 as alternative for now and then do a full switch to py3 all at once when all projects are ready.
<coreycb> jamespage: mainly due to issues with all-in-one installs
<jamespage> coreycb: ok
<jamespage> i'd not bother to much with gnocchi for now
<coreycb> ok
<jamespage> coreycb: I'm working on the ceph mimic release for cosmic btw
<jamespage> trying to get the parallel build target up for lp buildd's
<jamespage> might be able to use 4 - we'll see
<coreycb> jamespage: ok cool
<geoffmcc> Im running Ubuntu 18.04 and today I noticed I have a debian-tor group. I don't recall seeing it there before, but it may have been there. Im also pretty sure I never seen it on other versions before. All I have been able to figure out is that tor does not seem to be installed, but I cant find any documentation as to if that is now a default group.
<rbasak> geoffmcc: it doesn't look present by default on a Bionic image.
<rbasak> geoffmcc: looks like it gets created dynamically when you install the tor package.
<geoffmcc> rbasak: hmm.. weird. I wonder if an update pulled in something that somehow required it, but not tor
<rbasak> Nothing that I can see.
<geoffmcc> rbasak: okay thanks for looking
<geoffmcc> rbasak: debian-tor must be a default group on Bionic. I did a fresh install, checked and there it was again.
<rbasak> geoffmcc: which installer are you using?
<geoffmcc> rbasak: I just burned the latest image and i got that new installer, forget what its called.
<rbasak> debian-tor isn't present if I boot a KVM or lxd Bionic image (using official images). It could be an artifact of the installer though. You mean subquity?
<rbasak> subiquity
<nacc> and my ubuntu desktop that was a fresh install of 18.04 just before release does not have it either
<geoffmcc> rbasak: yes, subiquity.
<rbasak> smoser: ^
<rbasak> I don't understand why this would be happening.
<rbasak> The user-setup udeb looks like it defaults to adding users to debian-tor, but won't if the gruop doesn't exist.
<rbasak> I've not confirmed this though.
<rbasak> Is subiquity perhaps creating the group if it doesn't exist?
<smoser> rbasak: i do not think that subiquity is doing anything with tor
<rbasak> smoser: geoffmcc's report above is that a fresh install of Bionic using subiquity results in a debian-tor group created
<geoffmcc> rbasak: smoser: fresh install - $groups geoff adm cdrom sudo dip plugdev lxd lpadmin sambashare debian-tor libvirtd
<smoser> hm..
<geoffmcc> smoser: as far as i can tell, tor is not installed
<powersj> https://paste.ubuntu.com/p/zCcBFCJw2C/
<powersj> confirmed the debian-tor group is there on latest bionic daily-live iso :\
<nacc> powersj: what about the non-live one?
<powersj> I created LP: #1775228 and will check d-i now
<ubottu> Launchpad bug 1775228 in subiquity "user is in debian-tor group on fresh install" [Undecided,New] https://launchpad.net/bugs/1775228
<rbasak> powersj: thanks!
<nacc> rbasak: are you still around?
<axisys> anyone successfully made sssd working on ubuntu 14.04.. I am getting much success... exact same sssd.conf works on 5 centos 7 I tried
<axisys> I am *not* getting much success
<axisys> checked with #sssd team and so far no success there either
<axisys> ldapsearch works fine ..
<granjero> hi, trying to follow this guide to install SQL driver for php but i got an error on the second line. the echo "extension....
<granjero> https://www.microsoft.com/en-us/sql-server/developer-get-started/php/ubuntu/step/2.html
<sarnold> sudo and echo don't usually mix
<sarnold> whoever wrote this probably adapted instructions from elsewhere without testing
<sarnold> (well, sudo and echo work perfectly, as designed, etc., but people expect them to do something other than they do ;)
<sarnold> instead of prefixing every command with sudo, run sudo -s once, and then run the commands without 'sudo'
<granjero> let me try
<granjero> sort of worked
<granjero> got a wanrnig
<thedac> roaksoax: That seems to have fixed things. I am running a full OpenStack deploy now.
<roaksoax> thedac: cool
#ubuntu-server 2018-06-06
<nacc> rbasak: specifically waas pinging that in my latest branch, which tries to speed up the importer (and solve our idempotency issue), we would do branch manipulations at the end, so the tests need to change a bit (import_uunapplied_dsc, e.g., no longer does any branch manipulation). Will take some more time for me to rework the tests (I have all the tag parts of the tests passing now.
<neo4> Hi
<neo4> Who know how to solve this problem, why forever doesn't run from crontab but works from terminal?
<neo4> https://github.com/foreverjs/forever/issues/997
<neo4> this is my theme
<neo4> PATH
<neo4> we can't run command in crontab without new env variables
<neo4> yes, I've solved it. are you  interested what I did?
<neo4> add new evarinment variables
<neo4> and explicetly say cron to use bash
<neo4> said
<neo4> I've solved this, there is decision https://github.com/foreverjs/forever/issues/997
<cpaelzer> I realize I'm too busy when I start music after working for 4 hours already :-/
<cpaelzer> good ?morning?
<blackflow> good almost noon. and lol yeah, been there :)
<blackflow> my google-fu is failing me, is there a ubuntu-specific debsecan alternative thingy?
<rbasak> What's debsecan?
<rbasak> Oh. http://www.enyo.de/fw/software/debsecan/
<rbasak> I'd never heard of that
<blackflow> it'd be cool to have a tool like that for ubuntu. supposedly debsecan should be easily modifiable to read ubuntu specific databases
<rbasak> I don't know of any equivalent. You might want to ask in #ubuntu-hardened where the security team hang out
<blackflow> ohhuh, yeah, I thought this was -hardened :)  thanks.
<DirtyCajun> i am trying to get tgt to show a lun to my esxi host that is a LVM lv. When i give tgt a .img (or whatever) that i create with dd it works just fine. But any time i try to give it a disk (/dev/sdXX) or a lv (/dev/mapper/xxx/xxx) it doesnt show on the esxi side. any thoughts?
<DirtyCajun> i asked the question for 2 weeks. Never got an answer... and my server magically decided to like it and start working... mind blown.
<blackflow> DirtyCajun: zen of sysadmin. any problem will eventually fix itself. :)
<neo4> hi
<neo4> Who can estimate my English speaking? Can I make video tutorials. I'm going to do tutorial about linux?
<neo4> this is my test video https://www.youtube.com/watch?v=fPAUiqEsBuU&t=2s
<dpb1> neo4: wrong channel
<TvL2386> hey guys, anybody got a if-pre-up.d script to work on 18.04?
<Tomer> Hi
<TvL2386> hi
<Tomer> Is it the right place to ask about systemd?
<rbasak> TvL2386: see https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Network_configuration
<rbasak> TvL2386: AFAIK, since networkd doesn't support blocking pre-change hooks, as long as you use systemd-networkd you can't have those.
<rbasak> Tomer: you can ask about systemd _in Ubuntu_ here.
<Tomer> I'm trying to understand how a service is being run as a user
<Tomer> the systemd directive is User=blah
<Tomer> I did not see it used anywhere
<TvL2386> rbasak: yeah I put my executable bash script in /usr/lib/networkd-dispatcher/routable.d and expected it to be ran on boot, but it's not
<rbasak> Tomer: are you looking for systemd user instances?
<Tomer> postgres, for example, has a user in the shadow file, but no User directive anywhere. The process is being run as a user
<rbasak> TvL2386: did you install networkd-dispatcher?
<TvL2386> rbasak: networkd-dispatcher 1.7-0ubuntu3 was already installed
<rbasak> Tomer: it's quite common for daemons to drop their own privileges down from root. I don't know about postgres specifically without looking, but in these cases there would be no User directive in systemd. It'd be down to individual daemon configuration.
<TvL2386> I have a correct #!/bin/sh shebang, line 2 is `date > /tmp/iptables-restore` but that file is never created... so it's not ran? Also cannot find any evidence in /var/log/syslog that it was run
<Tomer> I've searched the source code of postgres, there's no use of setuid, setguid or seteuid.
<Tomer> Each deamon is supposed to drop it's own privileges? There's no implicit mechanism for that?
<Tomer> systemd implicitly create a cgroup per daemon, btw
<Tomer> Where can I ask where the postgres permission are dropped?
<TvL2386> just a guess: #postgres
<rbasak> Traditionally all daemons dropped their own privs
<rbasak> Nowadays systemd can do it for you, but it's more complex in terms of the privileged operations daemons need to do first, so not all of them do it that way yet
<rbasak> (and may have no plans to change)
<TvL2386> just checked nginx for fun. The master process is ran as root, the workers www-data
<TvL2386> same thing for php-fpm
<Tomer> Ok, thanks! I'll ask the postgres guys as well
<hackeron> Hi there, I'm trying to wrap my head around netplan. How would I get the equivalent of this? < https://pastebin.com/8ff6953V -- e.g. both dhcp and a static IP on an alias of the same interface. The examples I can find show 1 or the other, but not both?
<TvL2386> good luck :)
<TvL2386> I've copied my executable shell script to /usr/lib/networkd-dispatcher/*.d/ but it does not get executed on boot
<TvL2386> it should work according to https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Network_configuration
<TvL2386> so how do you purge `netplan`?
<rbasak> cyphermox: see hackeron's request above - I can't find any obvious answer based on the docs for that use case.
<rbasak> I wonder if networkd would stomp on extra IPs if DHCP is enabled regardless? I don't know.
<rbasak> TvL2386: netplan does nothing if no netplan config is defined, AIUI. So just install ifupdown if you don't want to use netplan.
<rbasak> hackeron: the obvious syntactic answer would be to enable dhcp and also define addresses. I don't know whether that will work though.
<rbasak> hackeron: in fact
<rbasak> hackeron: "Add static addresses to the interface in addition to the ones received through DHCP or RA."
<rbasak> hackeron: so there's your answer
<rbasak> From https://netplan.io/reference#common-properties-for-all-device-types
<TvL2386> rbasak: no netplan config? My /etc/netplan/01-netcfg.yaml contains the correct configuration to bring up ens160 and works fine
<rbasak> <TvL2386> so how do you purge `netplan`?
<TvL2386> that was just a joke :)
<hackeron> rbasak: ah, that did work! :D
<TvL2386> growing pains here
<hackeron> rbasak: easy enough - I'm trying to embrace netplan, it's a bit frustrating though - for example installing netscript breaks openvpn and all kinds of other things, so removed that and trying to use netplan exclusively :P
<TvL2386> I'm either screwing up or there's a bug with that networkd-dispatcher not being executed or not executing my scripts
<rbasak> hackeron: feedback on breakages appreciated. Though some of it may be networkd limitations rather than netplan - for example on the hooks thing - so that might be something that networkd upstream needs to tackle rather than netplan.
<rbasak> TvL2386: I don't see anything obvious that you're doing wrong there.
<rbasak> TvL2386: networkd-dispatcher acts on dbus signals so perhaps use a dbus debugger to see if the signal is being generated at all?
<rbasak> (or hack networkd-dispatcher to give you that debug info)
<TvL2386> rbasak: thanks for the help anyway ^^
<TvL2386> rbasak: I thought DBUS was a ubuntu desktop thingy -_-
<rbasak> It's not Ubuntu-specific at all. Is it a freedesktop thing? I'm not sure.
<rbasak> I do quite like it as a language agnostic but powerful enough IPC mechanism.
<rbasak> Powerful = signals, properties, etc.
<TvL2386> anyway: is it a desktop thing or also a server thing?
<TvL2386> dbus-daemon is running
<TvL2386> on my server
<rbasak> It's much more common on the desktop, but it isn't exclusively desktop.
<rbasak> systemd uses it quite a bit
<ahasenack> rbasak: one difference in buildflags between debian and ubuntu is -Wl,-Bsymbolic-functions (ubuntu has it, debian doesn't)
<ahasenack> does that raise a flag?
<ahasenack> I've yet to check what it means
<ahasenack> oh, it does mention "global symbols"
<ahasenack> and the segfault is exactly about a global variable that suddenly became NULL
<ahasenack> ...and I see this in d/rules
<ahasenack>         LDFLAGS="$(dpkg-buildflags --get LDFLAGS | sed -e 's/-Wl,-Bsymbolic-functions//')" \
<ahasenack> hmmm
<ahasenack> and
<ahasenack>     - Add LDFLAGS to avoid issues with accessing global variables in
<ahasenack>       shared libraries (LP #1470687, LP #1472115).
<ubottu> Launchpad bug 1470687 in autofs (Ubuntu Vivid) "Not working properly with compile options "-symbolic-functions"" [Undecided,Fix released] https://launchpad.net/bugs/1470687
<ubottu> Launchpad bug 1472115 in autofs (Ubuntu) "autofs start fails: segfault at 0 ip 00007f738cb881bb sp 00007ffeff888f70 error 4 in lookup_file.so[7f738cb76000+2b000]" [Undecided,Fix released] https://launchpad.net/bugs/1472115
<ahasenack> heh
<ahasenack> definitely looks familiar
<ahasenack> ah, I see it
<ahasenack> fixed
<ahasenack> nice
 * ahasenack commemorates with some coffee
<nicolas17> hi
<nicolas17> the official Vagrant box at https://app.vagrantup.com/ubuntu/boxes/xenial64 enables the serial console
<nicolas17> by having this in its Vagrantfile
<nicolas17> vb.customize [ "modifyvm", :id, "--uartmode1", "file", File.join(Dir.pwd, "ubuntu-xenial-16.04-cloudimg-console.log") ]
<nicolas17> what's the reason for that?
<blackflow> headless console output?
<nicolas17> I just tested "--uartmode1 disconnected" and it boots 3x faster
<motte> anyone here using seafile?
<nicolas17> https://paste.kde.org/pz4qubrek (running 5 times each)
<sarnold> blackflow: might be worth asking them about it -- they may enable serial consoles as a matter of course, just because the time when you absolutely need one is a bit too late to try to set one up..
<blackflow> sarnold: I suppose that's for nicolas17? he asked about why it's on by default.  and I concur.
<nicolas17> the slowdown is pretty terrible, I wonder if it's a VirtualBox flaw
<nicolas17> some of the log file looks corrupted too, like it drops characters sometimes
<sarnold> sorry blackflow, d'oh
<blackflow> but serial console output is indeed slow. FreeBSD recently made some patches which radically improved bootup speed on AWS, merely by not outputting anything by default (like grub's "quiet")
<nicolas17> ugh AWS
<nicolas17> they recently added real-time view of the serial output
<nicolas17> previously it only captured the screen after state changes
<blackflow> I don't think it's VBox fault. That thing is a blast from the past, it actually has baudrate, default I believe is 115kbps
<nicolas17> tail -f on the log file seemed to go at tens of characters per second
<nicolas17> and corrupting some text sometimes
<nicolas17> audit: nitializing netlink subsysdibl)  6.87] di te=00ud(18308791)iniaze
#ubuntu-server 2018-06-07
<Goop> I have two drives--one that is slow and costs my money to use/pull from, then I have a fast drive, is free to use, but is much smaller. Is there software that I could use to automatically allocate data and predict where to put it?
<sarnold> none that I know of, but zfs may come close, if the fast drive is fast enough to use for l2arc
<Goop> The thing is, I will be hosting a website with more data than what is on a VPS, the extra data will be pulled/pushed off-site (hence, there's a data transfer cost).
<sarnold> Goop: hrm, if your data usage matches many other sites, maybe something like squid, nginx, or varnish would fit well
<rbasak> Goop: bcache?
<lordievader> Good morning
<AtuM> Hi!
<AtuM> I have a question regarding networkmanager.. can nmcli also return a PSK for a wifi connection, or should I parse the /etc/NetworkManager/system-connections/ files instead?
<cpaelzer> anyone around for a little netplan question - I assume I hit something trvial atm - I have a config that works well when "netplan apply" - but after boot it is not applied
<AtuM> nmcli c s WIFI -s  still hides the psk key..
<cpaelzer> I wonder if I missed an enable/disable somewhere
<cpaelzer> TL;DR - after boot no device is up; then "sudo netplan apply" and all is good
<cpaelzer> what am I missing
<AtuM> found it! "nmcli -s c s WIFI"
<AtuM> shows secrets :D
<cpaelzer> FYI: none of these solutions is matching my case https://askubuntu.com/questions/1019146/netplan-does-not-apply-at-startup
<blackflow> so... the inevitable hard to debug problems of complex, unneded, additional layers..... how unexpected. :)
<cpaelzer> :-)
<cpaelzer> the networkd files even look normal, so it seems to be more a networkd than netplan issue in this case
<blackflow> cpaelzer: of course, you checked the journal/syslog?
<blackflow> networkd files look normal before or aftre netplan apply?  as far as I gather, netplan has a systemd generator that's fired up on book and produces transient networkd config.
<cpaelzer> it considers the link not managed
<cpaelzer> that is what networkctl and journal are telling me
<cpaelzer> they are the same before and after netplan apply
<cpaelzer> hanging around in /run/systemd/network
<cpaelzer> I seem to miss the piece of the puzzle that makes networkd consider those configs
<cpaelzer> on boot it seems not to happen and "netplan apply" lets it happen, yet I don't know yet what it is
<blackflow> cpaelzer: what I'd try next is take the network config produced by netplan and make it permanent in /etc, and temporarily disable netplan. If the net still fails on boot, that will clearly show the problem being networkd.
<blackflow> you know like a race condition or something with interface (re)naming or whatev.
<cpaelzer> yeah
<cpaelzer> I thought the config is on permanent in the file in /run/systemd/network
 * cpaelzer wonders if those are generated as well
<cpaelzer> let me check modification date after a reboot
<blackflow> cpaelzer: no, /run is tmpfs
<cpaelzer> true
<cpaelzer> so it might create those after networkd started
<cpaelzer> and apply might simply restart networking which picks them up
<cpaelzer> let me just restart networkd after a boot
<cpaelzer> copied the files to /etc/systemd/network - devices are still down and unmanaged after reboot
<blackflow> cpaelzer: I dived into the whole thing a bit and from what I read, it appears netplan is doing it all wrong. systemd generators should NOT, according to documentation and devs, be used for network config.
<cpaelzer> I was about to prep a bug anyway
<blackflow> cpaelzer: so in your case it means networkd has a problem with that link and/or config?
<cpaelzer> seems that way, btu then why is it working after netplan apply
<cpaelzer> since the .link/-network files do not change
<cpaelzer> same md5sums in /run/systemd/network/* before and after
<blackflow> cpaelzer: looking at the netplan source, the apply command pretty much only re-runs the generator and restarts networkd.    When you tested networkd config only, did you disable netplan?
<cpaelzer> blackflow: actually what would you disable to do so, the generator?
<cpaelzer> netplan-wpa@service should not matter I thouht but I can disable that
<cpaelzer> and I restarted systemd-networkd.service on my own
<cpaelzer> before
<cpaelzer> as I assumed this is what the apply would do
<blackflow> cpaelzer: mv /etc/netplan/01-netcfg.yaml /root/
<blackflow> netplan won't do anything if there's no config
<cpaelzer> I can do that in addition
<blackflow> I thought you did. That would test the networkd config without potential interference by netplan, and at least show where the problem is, networkd (if the problem persists) or netplan (if it doesn't.
<cpaelzer> will retry with that in addition
<cpaelzer> blackflow: even with that extended disabling it is not coming up managing the interfaces
<cpaelzer> but I agree that from the code the apply shouldn't du much more than restarting after laying out the files
<cpaelzer> reading that section again
<cpaelzer> it does a set of replug/rebinds
<blackflow> I think at this point the problem is no more in netplan, but in networkd, if plain networkd config won't fix this.
<cpaelzer> Could be a race
<cpaelzer> like devices completely there before it can handle events
<cpaelzer> and "netplan apply" will replug devices
<cpaelzer> which makes it realize "hey there is something"
<cpaelzer> I'll try to isolat this replkug done by netplan
<blackflow> but if you disabled the netplan config, and the plain networkd config didn't work, then it's not neplan.
<cpaelzer> and do it manually
<cpaelzer> blackflow: I agree, yet I still want/need to debug further
<cpaelzer> and finding what magic "netplan apply" does to fix it mgiht help to find the root cause
<blackflow> there's no magic there, the apply command code is pretty clear. it restarts the network after re-applying the generator which only re-creates the networkd config file
<blackflow> so, what I'd try is run that sequence with netplan disabled (no config in /etc/netplan/). create an explicit networkd config (eg. copy the one netplan creates), reboot. If the network is not configured, restart systemd-networkd. If the network is not configured, I'd then look into the source of netplan's systemd generator.
<cpaelzer> I already look in the apply source and this tries to confuse me I think
<cpaelzer> this clearly has no networkManager
<cpaelzer> ls: cannot access '/run/NetworkManager': No such file or directory
<cpaelzer> python3 -c 'import glob; print(bool(glob.glob("/run/NetworkManager/system-connections/netplan-*")))'
<cpaelzer>     False
<cpaelzer> but
<cpaelzer> on debug without anything in /etc/netplan/
<cpaelzer> oh no
<cpaelzer> forget the last 5 lines
<cpaelzer> it says "no" NM configuration
<cpaelzer> I was wondering if it was misdetecting
<blackflow> yeah. It tries one or the other.
<cpaelzer> and without a config it says no to both
<cpaelzer> DEBUG:no netplan generated networkd configuration exists
<cpaelzer> DEBUG:no netplan generated NM configuration exists
<cpaelzer> but
<cpaelzer> then it still does something
<cpaelzer> replugging the device
<cpaelzer> DEBUG:replug enp0s3: unbinding virtio0 from /sys/bus/virtio/drivers/virtio_net
<cpaelzer> DEBUG:replug enp0s3: rebinding virtio0 to /sys/bus/virtio/drivers/virtio_net
<cpaelzer> which is odd
<cpaelzer> and might be the trigger for networkd to handle it
<cpaelzer> will go on after lunch
<cpaelzer> thanks already for the discussion blackflow
<blackflow> I ran a test with a test server here, disabled netplan and had an explicit networkd config, the network didn't come up post boot.
<blackflow> so there's some kind of mess going on there for sure. now I'm intrigued...
<cpaelzer> really
<cpaelzer> interesting
 * cpaelzer taking lunch
<blackflow> bon appetit.
<blackflow> Jun  7 11:28:49 dev networkd-dispatcher[1746]: WARNING: systemd-networkd is not running, output will be incomplete.
<blackflow> oh that's right. systemd-networkd.service is NOT enabled by default on bionic.
<blackflow> status says "enabled-runtime". now I enabled it explicitly, and lets see what reboot does...
<blackflow> cpaelzer: yup. That was it. systemd-networkd.service is NOT enabled by default in Bionic. netplan's generator starts it at runtime. By having an explicit networkd config (one in /etc/systemd/network/foo.network), and explicitly enabling systemd-networkd.service, it works fine without netplan.
<blackflow> So, to control that variable, I'd do the same for your case. If network works fine wihtout netplan that way, then you know where the problem is: in netplan, and posssibly a race as you suggested.
<blackflow> Dunno why netplan is doing it that way. Clearly systemd does not expect or want generators to mess with network config.
<blackflow> https://github.com/systemd/systemd/issues/4066
<blackflow> yup, the generator does this:  https://github.com/CanonicalLtd/netplan/blob/master/src/networkd.c#L541
<blackflow> So uh... can we agree that netplan is unnecessary reinvention of the wheel that at the same time goes against systemd specification and causes more trouble than it fixes? :)   I can't help it, I _have_ to complain about it.
<cpaelzer> blackflow: in my case systemd-networkd.service was default enabled
<cpaelzer> but thanks for cross checking your csae
<cpaelzer> and I'm not going to stop you from complaining, free speech and all that :-)
<cpaelzer> I like what it solves, and I like that it is completely optional - so you can ignore/avoid it if you want
<cpaelzer> That replug event is it
<cpaelzer> I was able to confirm that this is what makes it work
<cpaelzer> so it is both
<cpaelzer> networkd issue to ignore it and either networkd/netplans issue to somehow ensure this is working
<blackflow> cpaelzer: minor detail, just to be 100% sure we're talking about the same thing, when you say systemd-networkd.service was enabled, was it "enabled-runtime" or just "enabled"?
<cpaelzer> blackflow: it was just enabled
<cpaelzer> like
<cpaelzer> loaded (/lib/systemd/system/systemd-networkd.service; enabled; vendor preset: enabled)
<cpaelzer> and active (running)
<blackflow> and with that, and no netplan config in /etc/netplan/, the network doesn't come up on boot, if you have explicit networkd confg in /etc/systemd/network/foo.network ?
<cpaelzer> blackflow: exactly
<cpaelzer> it seems it misses the event of the device appearing
<cpaelzer> unbind/bind on the driver makes it work
<blackflow> and it does if you restart systemd-networkd.service post boot?
<blackflow> ah I se
<blackflow> *see
<cpaelzer> If I restart systemd-networkd.service nothing changes (It might reload the config, but has still no event)
<blackflow> then it probably isn't a netplan issue at all in this case.
<cpaelzer> yeah, that is what I think
<cpaelzer> for me it seems to depend on the bus, I can trigger it with PCIe KVM guests but not with PCI
<cpaelzer> I have reported bug 1775566 about it
<ubottu> bug 1775566 in systemd (Ubuntu) "networkd not applying config - missing events?" [Undecided,New] https://launchpad.net/bugs/1775566
<cpaelzer> xnox: is that what you would look into - or who would I most likely talk to? ^^
<blackflow> cpaelzer: reading the bug report, which Ubuntu/systemd is this? I see the "renamed from eth0" message and afaik it's dropped from recent systemd (the one in bionic afaik)?
<blackflow> ah bionic.... weird...
<cpaelzer> yep bionic
<blackflow> maybe I'm wrong about that message. I do recall reading about a systemd issue about it being spammy and thus removed or something.
<cpaelzer> my networkd link files ahve rename rules
<cpaelzer> maybe because of that
<cpaelzer> but then we just reaized my rules are ignored, so maybe not
<blackflow> cpaelzer: hey, running these tests on my test server exposed a hardware fault (aftre several reboots), heh heh heh. Filing a hardware issue ticket with the hosting company.
<cpaelzer> yay
<cpaelzer> I think my case is a oversimplified virtual guest
<cpaelzer> I'm adding proper busses now
<cpaelzer> not sure how exactly that would cause it, but it could break some of the kernel events usually missing
<cpaelzer> so I need to be sure
<blackflow> cpaelzer: fwiw, I have a bionic installation in a qemu-kvm VM, with virtio, and this for network config only host-side: -net nic,model=virtio
<blackflow> cpaelzer: and no problem in the guest.
<cpaelzer> blackflow: so far I can only reproduce it with -M pc-q35-bionic but not with pc-i440fx-bionic
<cpaelzer> I have asked apw to look from the kernel POV if there is anything different in terms of device events in that case
<apw> oh machine type specific, and the differnece between those two is ...
<blackflow> *drum roll*
<blackflow> Anyone knows how to figure out "predictable" NIC names? I'm installing Ubuntu via debootstrap on some servers, via Debian jessie, which is configured for eth* . I need to figure out what the NIC name will be.
<blackflow> on one such instance I ran with net.ifnames=0 in order to boot into Bionic proper. But I still have no clue which one is it, looking at udevadm info /sys/class/net/eth0 .
<blackflow> (and btw, yes, I've seen this    https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c#L20    --   and I assumed it'd be enp3s0  (which is also ID_NET_NAME_PATH given by udevadm), but it apparently isn't...  )
<blackflow> udevadm info as seen by Bionic  https://dpaste.de/Sbuo
<rbasak> blackflow: one way to do that is to determine in advance what the MAC address will be, then arrange to either rename the NIC according to the MAC or use MAC-based naming
<blackflow> ID_NET_NAME_MAC=enx001e67ad6d8f   according to udevadm info, I suppose (and yes, that's the MAC of the NIC)
<blackflow> but uhh... no, no mac based names pls.   what I'd like to figure out is how to determine which of the several name schemes (see the dpaste above)  will be used?
<rbasak> Use https://git.launchpad.net/ubuntu/+source/systemd/tree/src/udev/udev-builtin-net_id.c?h=applied/ubuntu/bionic-devel rather than upstream, since that will show you the actual code in use in Bionic, including patches.
<rbasak> (the git importer is still experimental though that particular one should be current at least for now I think)
<blackflow> rbasak: good idea, and I see it, but I still don't know which of all those rules will be chosen.
<blackflow> I got eno1, enp3s0 and enx001e67ad6d8f as candidates.
<rbasak> https://lists.ubuntu.com/archives/ubuntu-devel/2015-May/038761.html might have some information. I'm not sure if it's still current though.
<blackflow> rbasak: oh one more thing, and I think that's where the problem is.... is systemd present in initramfs in Bionic?
<rbasak> I'd expect initramfs to be pre-init, but I don't actually know.
<blackflow> The situation I have here is initramfs set up with Dropbear for remote unlocking of LUKS'ed ZFS root pool. with net.ifnames=0 in kernel cmdline, all is good, I rely on eth0. Without it, guessed enp3s0 is "unknown device".
<rbasak> Can't dropbear listen on all interfaces? Or is it that you're trying to configure the interface first?
<blackflow> rbasak: it's not just that. the default initramfs scripts require explicit config, NIC name included, even with DHCP.
<blackflow> I _could_ whip up a custom initramfs, but eh...
<rbasak> Your dropbear LUKS unlock isn't a custom initramfs? :)
<blackflow> rbasak: it is on Gentoo (without systemd), not on Ubuntus.
<rbasak> FWIW, I wrote https://github.com/basak/netkeyscript to solve this problem, but that relies on a trusted network
<blackflow> incredibly, Ubuntu's initramfs supports encrypted root and dropbear just fine. :)  as long as ethX is used.
<rbasak> Looks like it's hardcoded to eth0
<rbasak> I wanted to make it work on all interfaces but never got round to doing that
<blackflow> rbasak: I got a solution that fetches the key over https using a self signed cert and its own (exclusive) CA but it's still in testing
<blackflow> neway, I'm not sure where my current problem is actually... I am guessing there's systemd in initramfs and NIC renaming happens according to those rules, but expected enp3s0 is just not there.
<rbasak> You might have an issue with limited entropy there
<blackflow> how do you reckon, if eth0 works just fine?
<rbasak> I wouldn't be surprised to learn that interface renaming only happens after pivot
<blackflow> rbasak: ran some tests with a KVM VM here. ens3 (virtio net, it's very much predictable to be ens3). and it works.
<blackflow> So it appears to me that I simply expect the wrong name. enp3s0 ain't in (on the actual server).
<blackflow> I am __really__ trying to give systemd a chance, but any attempt at doing so, I get spat in the face by it.......
<rbasak> Why not just use net.ifnames=0 if you know you'll only have one NIC?
<blackflow> well that's the thing, there will be more than one, and I wanted to "get with the program" and use systemd as it was designed... but I guess that's impossibru.
<rbasak> What would you do without systemd?
<blackflow> I'd enjoy my work much more :)
<blackflow> rbasak: and if that was a serious question, I'd do some udev magick and bind eth devices with MACs so they don't randomly change.
<blackflow> but I know how to solve this, it's just that I'm really trying to do it the "systemd way" and not be a hater.
<rbasak> You can still do that I think.
<rbasak> Add a 70-persistent-net.rules with what you want
<blackflow> if I'll be forced to go with ethX, then yeah.
<compdoc> Ive been using the new nic naming for years now. no issues
<blackflow> rbasak: it's eno1 .... wtf.
<blackflow> compdoc: yeah but how do you know in advance which name will it be? that's my problem.
<blackflow> rbasak: the folks in #systemd have clarified what's going on. There's an order of names tried for the link NamePolicy, and onboard is before path, that's why eno1 (onboard) was chosen before enp3s0 (path), on this server.
<blackflow> which also means it could be forced with a .link file.
<rbasak> I see.
<rbasak> Useful to know. Thank you for reporting back.
<blackflow> yw
<nacc> rbasak: powersj: just to close the loop from #snappy; they recommend we switch git-ubuntu jenkins to use the snapcraft snap
<powersj> I can do that
<powersj> rbasak: objections?
<nacc> powersj: he may want you to wait until we've figured out the issue we have now, just was an fyi for now
<powersj> ok
<rbasak> nacc, powersj: yeah, let's wait until LP switches
<rbasak> Since right now part of the issue is reproducibility, so I'd rather not get ahead of LP
<nacc> rbasak: ack
<cliluw> Does Canonical ever release backwards-incompatible versions into its official Ubuntu repos?
<cliluw> across the same Ubuntu version
<sarnold> I seem to recall a mysql update somewhere along the way that had some awkward changes
<sarnold> and when samba addressed some flaws in ancient SMB, we didn't do the usual backport just fixes but went with new versions, and that introduced new problems..
<rbasak> cliluw: the policy is here: https://wiki.ubuntu.com/StableReleaseUpdates
<rbasak> cliluw: with an exception for security issues.
<rbasak> Basically we try not to do that, but sometimes we have no choice.
<smb> sarnold, I am NOT old! :-P
<sarnold> smb: my apologies :D
<nacc> cliluw: do you have a specific question in mind?
<sarnold> cliluw: oh! a debian advisory about memcached just reminded me that we released an update to disable listening to UDP by default https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000115.html
<cliluw> nacc: Just wondering if I should do `apt-get upgrade` or `unattended-upgrades`.
<sdeziel> cliluw: I'd recommend installing apt-listchanges if you have concerns or want to know more about what's about to be installed/upgraded
<sdeziel> cliluw: this will display you the update's changelog and allow you to abort/continue the upgrade after reading it
<nacc> cliluw: i mean,  you could do unattended-upgrades for just security updates, e.g., or some other setup
<DirtyCajun> anyone with tgtd experience that can help me with tuning? my tgtd is using all 16 threads and causing serious iowait
<DirtyCajun> my tgtd instance is causing high io on a 16-core server. SSDs, 10Gbps nics and its seriously bottlenecking because of iowait... any thoughts?
<nacc> DirtyCajun: is it actively serving out targets/
<DirtyCajun> Yes
<DirtyCajun> targets are up and functioning
<DirtyCajun> initiators are connected and reading/writing
<DirtyCajun> (connected to esxi host)
<nacc> DirtyCajun: i mean, is the load higher than you expect?
<DirtyCajun> i mean... significantly... its a 16 core box and its pegged at 16 cores but no actual utilization
<DirtyCajun> https://i.imgur.com/xJLnmjp.png
<DirtyCajun> https://i.imgur.com/dIc4IfC.png
<nacc> DirtyCajun: have you read things like http://bencane.com/2012/08/troubleshooting-high-io-wait-in-linux/ ?
<DirtyCajun> haha yes
<DirtyCajun> this is explicitly with tgtadm/tgtd
<nacc> DirtyCajun: ... i mean you have 16 processes doing heavy IO
<nacc> DirtyCajun: not sure what you expect to see?
<DirtyCajun> It just doesnt make sense that the iscsi target default implementation would run >#cores threads
<DirtyCajun> it SEEMS like its doing that much io because there are a crap ton > cores running simultaniously
<nacc> i mean, 16 is double
<nacc> not exactly a 'crap ton' imo
<DirtyCajun> there were 47 threads running
<DirtyCajun> and only 16 cores
<DirtyCajun> i DID just find that each "Target" runs 16 threads
<DirtyCajun> so im going to try changing it from 3 targets to 1 target and 3 backing stores
<DirtyCajun> should drop it down to 16+1 parent thread
<DirtyCajun> (fingers crossed.)
<_KaszpiR_> DirtyCajun what SSD?
<DirtyCajun> Micron 2TB
<_KaszpiR_> nvme?
<DirtyCajun> no
<_KaszpiR_> SATA3?
<DirtyCajun> yes
<_KaszpiR_> install dstat
<_KaszpiR_> and then try dstat -tarsm
<_KaszpiR_> also what's your sysctl -a|grep -i dirty
<DirtyCajun> vm.dirty_background_bytes = 0
<DirtyCajun> vm.dirty_background_ratio = 10
<DirtyCajun> vm.dirty_bytes = 0
<DirtyCajun> vm.dirty_expire_centisecs = 3000
<DirtyCajun> vm.dirty_ratio = 20
<DirtyCajun> vm.dirty_writeback_centisecs = 500
<DirtyCajun> vm.dirtytime_expire_seconds = 43200
<DirtyCajun> but i thought dirty_Bytes werent relevant if there is no filesystem on the host itself
<_KaszpiR_> is that a single ssd deice?
<_KaszpiR_> or some mdadm/raid lvm whatever?
<DirtyCajun> I have 2 LUNS. One is a direct to single 1tb one is a Raid5 mdadm to 3x 2tb
<_KaszpiR_> what about /sys/block/*/queue/nr_requests
<_KaszpiR_> also you may try to increase max_sectors_kb  to match max_hw_sectors_kb
<DirtyCajun> all at 128
<DirtyCajun> the most frustrating part of all this is its ONLY on read
<DirtyCajun> erp
<DirtyCajun> only on write
<DirtyCajun> read is blazing fast
<_KaszpiR_> cause read is cached
<_KaszpiR_> I'd rather read about those disks how they work
<DirtyCajun> i mean... i moved 180GB in no time
<DirtyCajun> (off not on obviously)
<DirtyCajun> if moving to 1 tgt doesnt work i will
<DirtyCajun> gotta get everything off the tgt to local storage before i can tho
<_KaszpiR_> also did you check how much iops you get there?
<DirtyCajun> using fio i hit 26.5K read ios
<DirtyCajun> iops*
<DirtyCajun> and 20k write
<_KaszpiR_> that depends on the scenario
<_KaszpiR_> random or req?
<DirtyCajun> seq
<_KaszpiR_> try random
<DirtyCajun> random was like 4500
<_KaszpiR_> with file size 4G or more
<DirtyCajun> yep. (i work at a datacenter with san storage)
<DirtyCajun> so all that was my first tests haha
<_KaszpiR_> ah
<DirtyCajun> but im using enterprise os's at work
<DirtyCajun> dell / hp / solidfire etc
<DirtyCajun> so doesnt help at home haha
<_KaszpiR_> what micron model is it?
<DirtyCajun> Micron 1100 MTFDDAK2T0TBN-1AR1ZABYY
<DirtyCajun> the numbers are sexy on there.
<_KaszpiR_> it's slower than 1T evo 850
<_KaszpiR_> in raddom 4k r/w
<DirtyCajun> well yeah. but it was 14c/GB
<DirtyCajun> so i cant complain for the price
<_KaszpiR_> well, half o the price for 860 pro ;D
<_KaszpiR_> exackly
<nicolas17> my laptop had a 24GB SanDisk SSD >.>
<_KaszpiR_> also make sure ssd device is not overheating over 75C
<_KaszpiR_> or 70C, they start to crawl
<nicolas17> I wonder at what temperature they start to lose data
<_KaszpiR_> DirtyCajun another thought, lower number of threads for tgtd
<DirtyCajun> So it looks like it makes NUM threads == total host threads per target
<DirtyCajun> Thats why im moving everything off and going to 1 target. if that fixes it thats fine
<DirtyCajun> ok. so update
<DirtyCajun> With it on 1 target its still running 16xNUM LUNS +1 Parent (33)
<DirtyCajun> but it seems to be managing the connections better
<DirtyCajun> only issue is when i move a VM from lun1 to lun2
<DirtyCajun> it presents the initial symtoms
#ubuntu-server 2018-06-08
<nabhash> hi all , I just installed ubuntu server, I have 2 Pcie graphics cards I want to disable the default drivers and install new drivers , how would I do that ?
<sarnold> you may have better luck in #ubuntu -- the folks in this channel tend to use machines without video cards
<nabhash> @sar
<nabhash> sarnold  lol
<sarnold> well, okay, so we have video cards in our laptops, but that's just so we can use urxvt :)
<nabhash> sarnold i am not familiar with downloading files etc.. in text mode I feel stuck
<sarnold> that's fine :)
<nabhash> I need little help
<lordievader> Good morning
<spinningCat> anyone here?
<spinningCat> i just purchased a domain and i have ubuntu server machine
<spinningCat> i need to direct nameserver or something i dont know really. It is my first time work with server
<spinningCat> how can i do that=,
<lordievader> Do you manage the nameserver or does the company you bought the domain name at do that?
<jamespage> cpaelzer: morning - could you give me an opinion on bug 1773449
<ubottu> bug 1773449 in qemu (Ubuntu) "VMs do not survive host reboot" [High,New] https://launchpad.net/bugs/1773449
<jamespage> we're seeing issues with what I think is disk cache behaviour with qemu + librbd - I think the issue is either in qemu of librbd but wanted a second opinion
<jamespage> we don't see the issue with older versions of ceph/qemu
<cpaelzer> hi jamespage
 * cpaelzer is reading
<cpaelzer> jamespage: if I read correctly there should be set cache=none
<cpaelzer> so the data isn't list in qemu
<cpaelzer> for rbd you had some config
<cpaelzer> like
<cpaelzer> rbd_cache... values
<cpaelzer> I don't know if that is read only, but from the mentioning of "dirty" it seems to cache writes as well
<jamespage> cpaelzer: yep - I check that - in the libvirt xml, the cache is set to none by default for the rbd block device
<cpaelzer> good on that at least
<jamespage> yeah
<cpaelzer> but I ahve more to ask
<jamespage> sure
<cpaelzer> somewhere data is lost, nobody doubts that
<cpaelzer> while there could be a way to make rbd non-caching to fully avoid
<cpaelzer> and feel free to go that way, but I'd expect an admin to do so as his own tradeoff choice of speed/stability
<cpaelzer> instead I wonder about something else
<cpaelzer> If our PCs crash why isn't this often an issue, there are caches as well
<cpaelzer> the reason is that in 90+% of the time fsck will clean it and you'll be good other than maybe last written file
<cpaelzer> but
<cpaelzer> in the log of Ryan I see this
<cpaelzer> Warning: fsck not present, so skipping root file system
<cpaelzer> This sounds like the never answered https://ubuntuforums.org/showthread.php?t=2375459
<cpaelzer> It might be possible that an adapted guest that can fun fsck on boot will most of the times recover
<cpaelzer> to the level of a normal system that crashes
<cpaelzer> If that would work that would be good, and an admin should then be able to choose extra safety by changing e.g. rbd caching config
<cpaelzer> jamespage: one question on your comparison to xenial/ocata where t was good, could it be that this image has fsck avialable?
<cpaelzer> or even available
<cpaelzer> so did it not at all have dirty data - or did it come up because it clenaed up via fsck
<cpaelzer> ?
<jamespage> cpaelzer: used the same cirros image in both tests
<cpaelzer> jamespage: too bad for my theory :-)
<cpaelzer> so really the older stack didn't loose any buffers
<cpaelzer> I can't even think how it would not loose at least a tiny bit
<cpaelzer> jamespage: another thing, you said you had cache none
<cpaelzer> but that is actually maybe worse now
<cpaelzer> http://docs.ceph.com/docs/giant/rbd/qemu-rbd/#running-qemu-with-rbd
<cpaelzer> is this running as cache=none AND rbd_cache=true then?
<cpaelzer> or is rbd_cache not enabled either?
<cpaelzer> because as I read it if rbd_cache is true, then you'd want to have cache=writeback to to flushes
<cpaelzer> feels unintuitive
<cpaelzer> and I'm not sure if that will use page cache on top and make it worth
<cpaelzer> worse I mean
<cpaelzer> but worth a check maybe
<jamespage> cpaelzer: I'll test that out and see - I tried with writethrough but that had the same issue
<cpaelzer> To enable write-through mode, set rbd cache max dirty to 0.
<cpaelzer> on  the rbd side of things
<cpaelzer> jamespage: ^1^
<jamespage> ack
<cpaelzer> from http://docs.ceph.com/docs/giant/rbd/rbd-config-ref/#rbd-cache-config-settings
<jamespage> redeploying now to repro
<cpaelzer> good luck
<jamespage> cpaelzer: ok tried with writeback setting - still get the same issue after a hardkill on the qemu process
<jamespage> nice
<jamespage> cpaelzer: I think this is a librbd issue; the qemu code in 2.9 (works) and 2.11 (fails) is pretty much identical
<jamespage> cpaelzer: cache=none disables the rbd cache option, cache=writeback enables the option
<jamespage> but on the later ceph release, we see the block device corruption
<jamespage> afaict
<jamespage> block/rbd.c for reference
<jamespage> unless a flush is not being correctly propagated of course :-)
<cpaelzer> jamespage: ok, so with cache=none both caches should be off then?
<cpaelzer> that really should not get dirty disk content then :-/
<jamespage> cpaelzer: agreed
<jamespage> cpaelzer: yeah cache=none results in rbd cache = false via the qemu rbd driver
<jamespage> cpaelzer: figured it out
<trupheenix> I am attempting to setup a postfix server to send email from a local process to my GApps email domain.
<trupheenix> I have setup postfix with TLS.
<trupheenix> But I cannot figure out how to setup user accounts with password authentication.
<trupheenix> I followed this tutorial https://www.upcloud.com/support/secure-postfix-using-lets-encrypt/
<trupheenix> I am able to send email to GApps domain but it gets thrown into spam.
<blackflow> trupheenix: you need to install Dovecot, which is IMAP/POP3 daemon but also it does SASL, usable by Postfix.
<trupheenix> blackflow, I have installed dovecot also.
<blackflow> trupheenix: smtpd_recipient_restrictions = permit_sasl_authenticated    is the part of postifx configuration (from that tutorial) that sets up SASL authentication for sending. But you also have permit_mynetworks, which, depending on how you've set up the my networks list, will authorize those without needing to authenticate
<blackflow> .... and all of which has nothing to do with your mail sent to Google ending up as Spam.
<trupheenix> blackflow, ok
<trupheenix> blackflow, so here's how I have it set up.
<blackflow> your mail will often end up in google's spam for a ton of reasons outside of your control.
<trupheenix> Oh ok
<trupheenix> blackflow, at the moment I am able to send email without any user password.
<blackflow> trupheenix: which is expected if your'e sending from any of the "my networks" IPs/hosts
<trupheenix> blackflow, ok
<trupheenix> blackflow, how does one create user accounts for email? Like a postmaster user account?
<blackflow> trupheenix: but eh... permit_mynetworks should come _before_ permit_sasl_authenticated   iirc...
<trupheenix> blackflow, ok
<blackflow> trupheenix: postfix is mail TRANSFER agent, MTA. so you need to set up another agent to receive the mail and store locally in a datbase/filesystem. For example, Dovecot via "lmtp". Of course, you can also set up postfix to save incoming files locally in a maildir, but that's a bit more complex setup if you also need Dovecot to manipulate those files for IMAP/POP3.
<blackflow> cenrtalizing everything through Dovecot is the best thing.
<trupheenix> blackflow, I already have dovecot running
<blackflow> trupheenix: that tutorial seems to be setting it up for Postfix to store mail directly in a maildir.
<trupheenix> blackflow, yes
<trupheenix> blackflow, I don't want to use DB
<blackflow> you don't have to. the question is only whether Postfix saves mail as local files directly and Dovecot has access to them to (via a shared UID), or Postfix sends off to Dovecot via lmtp, so Dovecot is only authority in storing incoming and retrieving via imap/pop3.
<blackflow> this explains how to set up SASL authentication via dovecot for various mechanisms:  https://wiki2.dovecot.org/Authentication
<blackflow> "password databases" is what you need, eg. you can integrate with PAM for access to local system users.
<blackflow> personally I like to have that separate. for that you can have "passwd-file", and specify a path to a file that's similar to /etc/passwd but it's independent.
<spinningCat> hey
<spinningCat> i have ubunut-server machine
<spinningCat> and i have a domain
<spinningCat> how to direct my machine to server
<spinningCat> is there something like nameserver or something?
<blackflow> you mean how to direct your _domain_ to server?
<spinningCat> could be that
<spinningCat> i dont know about that
<spinningCat> it is my first experience
<blackflow> yes, you need to set up DNS. the easiest thing to do is with your domain registrar, just set up the A (and other) records.
<spinningCat> i will do SSL thing
<blackflow> what is "SSL thing"?
<spinningCat> certbot
<spinningCat> i need to domain
<blackflow> you mean you will use SSL/TLS certificates provided by LetsEncrypt....
<spinningCat> i guess i need to connect host and domain
<frickler> has anyone else seen unbound failing after the security update tonight?
<spinningCat> yes that is right
<frickler> failing as in not running after the update, needing a manual restart
<spinningCat> just execute certbot-auto and show that there
<blackflow> spinningCat: you will need to set up DNS (like mentioned above) and then a web server like nginx to respond to LetsEncrypts domain verification challenges.
<spinningCat> show my domain when certbot ask?
<spinningCat> i have nginx
<blackflow> I don't know if any of LE tools work without a web server (ie. start a listener on port 80 themselves)
<spinningCat> i have web server also you mean nginx right
<blackflow> I don't use certbot so I don't know. I prefer "dehydrated"
<spinningCat> set up DNS
<spinningCat> my app work in machine DNS is that what you meant
<blackflow> spinningCat: sorry, what?
<spinningCat> hmm
<spinningCat> my app work on nginx server
<spinningCat> i can acccess my app from outside
<spinningCat> and this app publish over DNS right
<blackflow> "publish over DNS" doens't make sense.    do you mean to say that you can access your web application over a domain, not just IP address?
<spinningCat> i can acces over IP address
<spinningCat> sorry for my english
<blackflow> okay, and now you want to access it over a domain?
<spinningCat> that's right
<spinningCat> i just save that ip as nameserver
<blackflow> does your registrar support managing "DNS zones"? Can you provide your servers IP as "A record" in your registrar's control panel?
<spinningCat> wii that work?
<spinningCat> registrar you mean domain provider right
<spinningCat> ?
<blackflow> well yes you can set up a nameserver yourself, but being that you don' tknow how to, I would NOT recommend you to do that just now.
<blackflow> registrair is the company you bought your domain from / registered your domain with.
<spinningCat> blackflow,  i dont know about registrar
<blackflow> where did you get your domain?
<spinningCat> yesterday
<blackflow> where, not when :)
<spinningCat> but domain is from different company
<spinningCat> ah
<spinningCat> sorry
<spinningCat> namecheap
<spinningCat> where
<spinningCat> America
<blackflow> okay, so NameCheap is "registrar". They also allow you to configure "DNS zones" which you need to set up the "A record" to point to your servers IPv4.
<blackflow> I meant "where" as "which company", so NameCheap.
<blackflow> there must be some tutorial in NameCheap's KnowledgeBase on how to do that. In short, you need to designate NameCheap to be "the nameservers" for your domain. And then edit "DNS zone" and set up "A record".   With this you have all the terms to google for more info.
<frickler> cpaelzer: jamespage: do you know if sdeziel is available somewhere? I just confirmed that https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1775833 is triggered by a simple manual install for me, too. i'd consider that a critical bug
<ubottu> Launchpad bug 1775833 in unbound (Ubuntu) "unbound not running after automatic update" [Undecided,New]
<cpaelzer> frickler:  sdeziel is a few ours out to wake up I'd think
<DevNull1> Is netcat-openbsd supposed to be a default package on LTS 18.04?
<cpaelzer> nice find in the ceph bug jamespage
<cpaelzer> gz!
<jamespage> cpaelzer: not an obvious one!
<blackflow> ikonia: oh, what he did now :)
<ikonia> youtube videos on linux, correcting his english and reviewing them
<blackflow> ah.
<nacc> rbasak: any luck with the snap?
<rbasak> nacc: not tried it today, sorry
<nacc> rbasak: nothing to apologize for :) was just curious
<nacc> did you see my unrelated ping re: the testing changes i'll need to do in my (pending) branch
<spinningCat> hey what am i doing here https://hastebin.com/oqifavisev.ini
<nacc> spinningCat: what do you mean?
<spinningCat> i am getting this https://hastebin.com/ucipuhiway.pas
<spinningCat> ho
<spinningCat> this is ubuntu*server i am sorry,
<rbasak> nacc: no sorry. I don't see that scrolling back. Remind me please?
<nacc> rbasak: my branch which is trying to fix our importer idempotency (well, it gets us closer, by first just doing all the unique import tags we expect to create and then doing branch manipulation at the end), will need test refactoring, since now import_{,un}applied_dsc no longer does any branch changes, while our tests assume they do
<rbasak> nacc: ah. Yeah, that makes sense.
<nacc> rbasak: just means it will take longer
<axisys> I am still waiting on a response from #sssd .. but how do I upgrade sssd 1.11.8 with sssh 1.13.4 or above.. my sssd config works fine with ubuntu 16.04 which has sssd 1.13.4, but fails on ubuntu 14.04 which has sssd 1.11.8 ..
<axisys> sssd mailing list suggesting me to upgrade sssd .. they are saying it is old.. so need help with recommended way to jump from sssd 1.11.8 to 1.13.4+ on ubuntu 14.04 ..
<HackeMate> hello
<HackeMate> is it possible to execute a command in every ssh login success? not in ~/.bashrc
<blackflow> HackeMate: for what purpose?
<HackeMate> i want to know when the user is logged in, since i have a permanent bruteforce attack in course since 2 weeks ago
<HackeMate> already configured fail2ban, but i find this option usefull, if exists
<HackeMate> i was reading about ssh ForceCommand but dont find much info about
<blackflow> I don't know of a way other than via shell/login rcs, like ~/.bashrc or ~/.bash_profile for login shells.
<nacc> i mean you could use ForceCommand with your special thing locally and then exec $SSH_ORIGINAL_COMMAND, based on the docs, but dunno if that would work
<blackflow> indeed, ForceCommand, covered by sshd_config(5) manpage.
<blackflow> HackeMate: btw, did you disable password login, enable only public key login, for ssh?
<HackeMate> yes, can be a solution, but i also could like get a prowl notification when i log in, for fun
<blackflow> not just "can be" but it is a must these days. also, keep in mind fail2ban won't help against distributed attacks.
<blackflow> ideally, you should set up some proper intrusion detection like Snort.
<HackeMate> found the solution
<HackeMate> using /etc/pam.d/sshd created a new line with pam_exec.so, executes the script and works fine
<HackeMate> using forcecommand in sshd_config closes the ssh connection, maybe because the script exists, then exists the ssh session who executed it
<HackeMate> snort, i'll google it
<blackflow> HackeMate: yes, hence the nacc's suggestion to spawn of SSH_ORIGINAL_COMMAND from it
<blackflow> *spawn off
<blackflow> but pam, yeah, interesting solution.
<HackeMate> the bad part is i cant get the user who logged in, but still fine enough
<blackflow> HackeMate: run `id` from the script to get the uid
<HackeMate> oh, truth
<blackflow> HackeMate: another, a bit less hacky way, is to have log monitoring. sshd will log all logins.
<sarnold> HackeMate: I strongly dislike the idea of using pam_exec for alerting in this fashion; consider using auditd and audisdp to get the logs off the machine..
<HackeMate> aha, i go read about this
#ubuntu-server 2018-06-09
<foo> Well, that explains that problem... 9 Jun 08:41:02 ntpdate[21812]: step time server 96.126.105.86 offset -66.916495 sec
<foo> Now, to set this up so that doesn't happen again
<Tea> I have a static IP configured via netplan - IPv4 and IPv6 - the IPv6 address is up and can reach the internet, but incoming IPv6 traffic to the webserver is being refused. Ports 80 and 443 are open on both v4 and v6. Not used netplan before today so I imagine I screwed something somewhere
#ubuntu-server 2018-06-10
<tomreyn> Tea: maybe the webserver is just not listening on those ports on the ipv6 address(es)?
<Tea> It is configured to
<tomreyn> does lsof -i :80 confirm it? are you able to connect to your ipv6 address locally?
<Tea> Yes to both
<Smokie> hey guys, i have a processer running when i run 'top', im trying to find its location on the system but i cannot do that
<Smokie> using 'find', 'locate' and 'where' doesnt give me any results, is this normal?
<kcuf> Smokie; the path /proc/<your process pid> has some info on your process if you know your process id - which top tells you
<kcuf> readlink -f /proc/<pid>/exe
<kcuf> or use htop
<Smokie> hey guys, i have a processer running when i run 'top', im trying to find its location on the system but i cannot do that
<Smokie> using 'find', 'locate' and 'where' doesnt give me any results, is this normal?
<blackflow> Smokie: file /proc/PID/exe         where PID is the PID of the process
<blackflow> it should be a symlink to the binary that spawned the process
<Smokie> found it, thanks
<Smokie> by killing the process and removing it it shouldnt run again, right?
<blackflow> Smokie: incorrect. you have to find what started it.
<Smokie> is there a way to trace how the server got rooted for someone to install it?
<blackflow> Smokie: if you got pwned, nuke&pave is the only correct solution, unless you want to do forensics on the system.
<blackflow> Smokie: well, you start with the most obvious. Public facing daemons and their logs. Logs in general. The filesystem inconsistencies (eg. binaries installed from packages that changed checksum or access rights), ...
<Smokie> blackflow, i have backups and i will wipe the server out, but i'd like to find out how it happened so i make sure its not something im running that gets transferred with the backup
<blackflow> Smokie: sure. btw, you can't run forensics on the computer itself. Mount the disk elsewhere.
<Smokie> hard to do that, its a dedicated server running a webserver
<Smokie> about 3-4 websites
<blackflow> if you got wordpress there, chances are that's your intrusion vector.
<blackflow> meanwhile, doing anything on the compromised computer is futile. you don't know what else is, and if you can trust the tools. can't trust the checksums, stat, well, pretty much anything.
<Smokie> 3 of the 4 are wordpress actually
<Smokie> blackflow, thanks for the info.. one last thing,
<Smokie> 29834 ?        Sl   2119327:49 minerd --algo=yescrypt -o stratum+tcp://yescrypt.mine.zpool.ca:6233 -u 1RqhXsVq3vSHXVRyzjswHGhJbXatxvPEf -p x
<Smokie> blocking the ip/hostname should stop it at least for sending the data, right?
<blackflow> yes, also port.
<Smokie> alright
<Smokie> any other suggestion?
<blackflow> for anylists or future?
<Smokie> lets start with the future hehehe
<Smokie> for prevention
<blackflow> Smokie: well you've got plenty of tools. Start with systemd and its security-related options to harden the services.  https://gist.github.com/ageis/f5595e59b1cddb1513d1b425a323db04
<blackflow> The build and use AppArmor profiles to confine further, which files can be touched by the service, and in what way (read, write, exec). You most certainly do NOT want write + exec ability, ANYWHERE.
<blackflow> firewall outbound packets too. preferably section individual outbound services into separate network namespaces and only allow what's minimally required.
<Smokie> i assume its safer too to block all ports except whats needed by web, mailserver ?
<Smokie> yeah
<blackflow> consider running services without root privilege. eg. daemons like nginx can be made to. you give them ability to bind to <1000 port with CAP_NET_BIND_SERVICE, and have to be set up and configured not to require uuid change
<blackflow> Smokie: your webserver has 0 business starting outbound connections. section off the mail server prefereably to a completely separate mchine or VM
<Smokie> i might consider that if i drop cPanel
<Smokie> its what i use to manage the server
<blackflow> sigh... so this ain't Ubuntu, is it?
<Smokie> oh shit.. this is the cpanel server, it is Not Ubuntu!! my other server is Ubuntu!
<blackflow> and btw definitely yes. cPanel is a huge mess that you can NOT secure. if oyu try to fire up SELinux (which is the alternative to AppArmor on CentOS), oyu'll break cPanel.
<blackflow> I'd stay away from cPanel like it's plague. I won't manage one even for monies. refused plenty of gigs like that. Just say no.
<Smokie> thats good to know, ill take your advice on that, it'll save me money too i guess
<Smokie> i just thought it would be easier to manage websites and tbh, easier to secure
<Smokie> and i really totally forgot about it running on centos, i always use ubuntu thats why my head automatically clicked its ubuntu
<blackflow> you cannot secure cPanel. it's architected that way from the era where information security was not even a term. its manual starts with "Disable SELinux".
<pepperhead> o/
<pepperhead> Network question: Server 18.04. I want to give each of the nic's in my server a staticIP. I see that it is configured in netplan, but the yaml says it wont affect across instances because of cloudinit. Should I disable cloudinit?
<pepperhead> Unsure what cloudinit is or what it is doing for me
<pepperhead> <<<< UbuntuServer NOOB
<pepperhead> My goal is to play with LXC/LXD to learn the container system
<_KaszpiR_> pepperhead read about cloudinit, then
<_KaszpiR_> cloudinit is used to provision (mostly cloud based) systems
<pepperhead> _KaszpiR_ TBH I am trying to learn Docker/LXC, if I dont need cloudinit, turning it off would save me one more tech to figure out.
<_KaszpiR_> AFAIR lxc uses cloudinit
<_KaszpiR_> cloudinit is pretty easy, you should be able to grasp it in 1h
<_KaszpiR_> also it's optional, if you don't do anything then by default it does nothing
<pepperhead> KaszpiR Thanks. I think what I need to do is configure the four ports, and "bind" to one of them for my host. I think LXC will take ownership of each as they are bound within the container. Researching "binding" now. Thanks again.
#ubuntu-server 2019-06-03
<lordievader> Good morning
<DJ-ArcAngel> i have an interesting problem.. migrated a VM with rsync from UEFI bios to normal bios, machine still boots and works, but when i try to upgrade, the install hangs on updating grub, there is no efi partition anymore.
<DJ-ArcAngel> anyone have an idea where to look to fix thsi
<cpaelzer> DJ-ArcAngel: to admit I'm often lost in all the varieties of grub-* but maybe installing grub-pc instead of grub-efi ?
<TJ-> DJ-ArcAngel: is the VM guest providing the boot-loader/kernel or are they provided by the hypervisor?
<DJ-ArcAngel> cpaelzer: yes.. an advice was to re-install grub-pc.. will try that
<DJ-ArcAngel> TJ-: it's vmware, so the guest
<TJ-> DJ-ArcAngel: if the guest originally was configured to boot using UEFI mode and is migrated to a BIOS mode boot then I cannot see how it could initially boot at all, unless grub-pc was also installed beforehand
<jamespage> coreycb: hey so I've pushed patches to stable/{queens,rocky,stein} for that neutron dns behaviour regression - and I uploaded to eoan
<coreycb> jamespage: ok great. i think the only other in-flight neutron change is point releases from sahid, which there's a queens one in the unapproved queue.
<jamespage> coreycb: shall I squash that into the previous changelog entry and re-upload?
<jamespage> coreycb: infact I will do that
<coreycb> jamespage: sure
<frickler> jamespage: coreycb: "neutron dns regression" doesn't sound good to me, do you have a pointer to a bug for that?
<coreycb> frickler: https://bugs.launchpad.net/neutron/+bug/1826419
<ubottu> Launchpad bug 1826419 in neutron "dhcp agent configured with mismatching domain and host entries" [Undecided,In progress]
<frickler> coreycb: thx, that looks like I need to read it in depth tomorrow
<kinghat> so i have a service running on a vps and its console is at local host, its possible to interact with that?
<sarnold> try hitting enter a few times, see i fyou get a login: prompt
<Ussat> Welp, trying oput Landscape here next week to manage Ubuntu Laptops
#ubuntu-server 2019-06-04
<genii> sarnold: I think he has some idea that because now he knows how to install thing in linux his career will be to be a sysadmin
<sarnold> genii: aye.. it's perhaps a longer road than he suspects, but still, I want to help folks as I can :)
<genii> Hehe, helluva long road
<sarnold> yeah :)
<lordievader> Good morning
<jamespage> coreycb: I've uploaded SRU's for bionic, cosmic and disco for the neutron internal dns fixes
<coreycb> jamespage: thanks
<coreycb> sahid: I've merged/uploaded everything except neutron so far for bug 1830695
<ubottu> bug 1830695 in nova (Ubuntu Cosmic) "[SRU] rocky stable releases" [High,Triaged] https://launchpad.net/bugs/1830695
<coreycb> jamespage: fyi ^
<supaman> about the xenailxerux release notes, in it they say that PHP was upgraded to PHP7 and packages were either rebuilt or upgraded to php7, does the rebuild then take place against the new version of php5?
<sdeziel> supaman: Xenial only ships with PHP 7.0 packages so those are all build against this version
<supaman> sdeziel: even cakephp?
<supaman> https://packages.ubuntu.com/xenial/web/cakephp
<sdeziel> supaman: yes
<TJ-> sdeziel: teward I'll leave Bug #1581864 up to you to respond
<ubottu> bug 1581864 in nginx (Ubuntu Eoan) "nginx.service: Failed to read PID from file /run/nginx.pid: Invalid argument" [Low,Confirmed] https://launchpad.net/bugs/1581864
<sdeziel> teward: do you plan to provide another PPA with the TJ's new patch? If yes I would give it a test run
<teward> sdeziel: TJ-: yes, but right now i'm fixing a major network bug at work
<teward> i'll upload with p1 attached to the version string I had uploaded previously so it bumps up
<teward> give me a minute i have to fix this crap
<sdeziel> thank you both
<teward> ahasenack: RE: your comment about intrusive patches
<teward> i think Upstream would want evidence it works before including
<ahasenack> sure
<teward> we can test-drive it in a PPA first
<teward> if it works there then we can SRU it here and next NGINX release with it in it I can upload it to Eoan
<ahasenack> I checked fedora, the same thing happens there, fwiw
<teward> and drop the delta
<teward> ahasenack: yeah it's an upstream issue, TJ ID'd it in the code
<teward> grrr this darn network bug...
<ahasenack> was an upstream bug even filed?
<teward> wonder if a switch is broken... BRB
<teward> ahasenack: I didn't see one, but we could always search Trac
<ahasenack> ugh, trac
<teward> most things don't end up in the Trac tracker and just on nginx-devel@
<sdeziel> Trac is a good deterrent for bug reporters ;)
<ahasenack> didn't want to say it, but there it is :)
<TJ-> ahasenack: I didn't want to report a bug until we're sure we're aiming at the correct target!
<ahasenack> TJ-: fair :)
<teward> TJ-: PM me yoru email address to use on the DEP3 headers?
<teward> 'cause i'm adding headers xD
<TJ-> teward: same as last time; ubuntu@iam.tj or hacker@iam.tj
<teward> yeah but i lost my logs :P
<teward> thanks
<TJ-> :p
<TJ-> didn't keep the patch? tut tut :D
<teward> lost the headers in my logs
<teward> TJ-: sdeziel: PPA uploads complete, made a version snafu with Eoan in the PPA that caused the latest patch to be rejected but fixed in the PPA.  Should build 'soon'.
<teward> p1 appended to version strings
<teward> building: Xenial, Bionic, Cosmic, Disco, Eoan.
<teward> TJ-: I'm fairly sure we've narrowed it down to an actual NGINX race condition problem, for how it handles PIDfiles, so... :P  In either case, the PPAs are buildilng now time for tests :P
<TJ-> teward: it's certainly due to not creating the PIDfile in the parent process, since systemd checks for the PID file as soon that exits
<teward> *nods*
<TJ-> just lucky on SMP the forked child gets going and creates that before parent exits on the other thread
<teward> looks like s390x is the only arch in the PPAs that's backlogged and the rest were built.
<teward> right
<xnox> teward:  odd, asking to clean them.
<teward> xnox: heh, didn't know you were tracking xD
<teward> xnox: ahhh i think that's because many are stuck in a cleaning loop and a few are disabled
<teward> of the 20 s390x builders, 5 are disabled 4 are doing builds and the rest stuck on cleaning
<xnox> teward:  tracking what? =)
<teward> xnox: when people complain about PPA buidlers being weird :P
<sdeziel> teward: TJ-: test successful on bionic
<sdeziel> let me know if you want some other distro tested prior to proposing upstream
<TJ-> sdeziel: might need to rework the patch to make it look prettier :)
<TJ-> sdeziel: although there's only 2 things can be changed; values assigned to the pid_child tell-tale values, and the if (pid_child < NGX_OK || pid_child > NGX_OK) which could be just if (pid_child !=0) or even (pid_child) - although those make the intent of the code obscure
<teward> sdeziel: I'd say test Debian and CentOS if you can, I just can't build CentOS packages
<teward> Upstream has to support Cent too so I mean :|
<teward> this reminds me I *really* need to get my private Debian cloud builders working again
<teward> xnox: FYI, 4 of the s390x builders that were building are not stuck in Disabled, the rest are "Idle" so I think that fixed the broken workers problem.
<teward> now stuck*
<teward> TJ-: well sdeziel seems to suggest the code fixes the headache, do you want to test Eoan and Xenial as well?
<teward> Eoan because this lands there first, Xenial because it's LTS too.
<teward> and needs this fix heh
<TJ-> teward: I don't actually have nginx installed, I just thought I'd hack the patch. It works in a 19.10 container though :)
<teward> sarnold: rbasak: if either of you want to review the patch for glaring WTH problems let me know, before I drop this in Eoan, it SEEMS like TJ-'s hacked patch works :P
<teward> TJ-: isn't that the point of all patches/hacks?  xD
<TJ-> teward: well I like to think I bring some finesse to the job, usually :p
<teward> heh
<teward> sdeziel: if you can spin an eoan container and make sure it works there that'd be great
<teward> this'd land in Eoan first, even if it's just a distropatch
<sarnold> teward,TJ-, any changes since last time I looked?
<TJ-> sarnold: when did you last look? patch was attached last friday
<sarnold> TJ-: sounds about right
<sarnold> (well, really, it feels like I just reviewed that yesterday morning.)
<teward> lol
<teward> sarnold: even if this is a nasty distropatch only I want this race fixed,  We'll let TJ suggest the fix upstream xD
<teward> or sdeziel
<teward> this race condition is a nasty :p
<sdeziel> teward: eoan test successful
<sdeziel> sarnold: If I recall the events correctly, you reviewed an old version of TJ's patch. Here's the latest one that tested OK on Bionic/Eoan: https://launchpadlibrarian.net/426320897/nginx-fix-pidfile.8.patch
<sarnold> indeed this line is new to me +    child_pid--;
<sarnold> alright, it's even more subtle than before, BUT I prefer this patch a thousand times to the systemd-based workarounds that were suggested
<sarnold> I wouldn't be surprised if upstream wants to do it differently
<TJ-> sarnold: nor me, as they know their code best
<sarnold> lets hope :)
<TJ-> they have to do something similar though to pull writing of the PID file into the parent process
<teward> regardless, if upstream fixes the issue, we can drop the distropatch but I would still want a distropatch that 'works' for older versions of NGINX.  in the short term this is SRUable, if Upstream comes out with a fix we can backport, we can drop this one and replace it with an upstream patch.  :P
<TJ-> yeah, and I think I heard someone say nginx-devel is the place to report this rather than trac?
<teward> Usually patches get submitted to nginx-devel there's a "Submitting Patches" guide let me grab it
<TJ-> I've subscribed so I'll write something later on
<teward> fooey I can't find the documentation, so I made a request for them to provide it again :p
<teward> and I know Maxim on that list is very good at such things.
<teward> sarnold: so, not a horridly nasty patch then?  :P
 * TJ- does dinner, bbl
<sarnold> teward: exactly
<teward> TJ-: looks like there had been patches suggested before for this, and were rejected.  See Maxim's response.  http://mailman.nginx.org/pipermail/nginx-devel/2019-June/012292.html
<teward> cc sarnold
<teward> looks like Upstream knows this may be an issue and previous patches in the past were rejected
<sdeziel> one of the rejected patch was a sleep 0.1 baked in nginx itself :)
<sarnold> hah, and here's them pointing out the race in the sleep 0.1 approach :) http://mailman.nginx.org/pipermail/nginx-ru/2017-November/060631.html
<sarnold> "sleep 0.1 - ÑÑÐ¾ race condition Ð½Ð° ÑÐ¾Ð²Ð½Ð¾Ð¼ Ð¼ÐµÑÑÐµ, Ð¿Ð»Ð¾ÑÐ¾Ð¹ workaround.
<sarnold> along the lines of "this is race condition here, it's a bad workaround
<sdeziel> https://mailman.nginx.org/pipermail/nginx-ru/2017-November/060628.html looks better
<sarnold> that pipe-based approach is very similar to .. cgmanager? lxd? lxc? iirc something that hallyn worked on; I *really* liked it, but figured that would be a drastic enuogh change that I didn't suggest it
 * hallyn perks up
<teward> heh
<sarnold> hey Hackerpcs :)
<sarnold> sigh.
<teward> had a feeling that'd happen :P
<sarnold> hey hallyn :)
<Hackerpcs> yo
<hallyn> hey sarnold :)
<teward> sarnold: alt-tab with a "Last active" setting on it instead of alphabetical :P
<teward> Hackerpcs: sarnold mispinged :P
<Hackerpcs> is this from ggn? xD
<teward> s/alt-tab/tab-complete/
<TJ-> teward: well, of the 2 patches that were rejected, the  100ms sleep is the least invasive, but if upstream won't fix it... no point us submitting my patch!
<teward> TJ-: i mean you can try
<TJ-> teward: I'm not sure I've the energy to want to push it if they have had two proposed patches, rejected both, and NOT come up with a solution themselves
<teward> but yeah i'm probably going to keep this as an added patch/delta
<teward> TJ-: i'm not even sure if they consider it an 'issue' TBH
<TJ-> teward: I agree, which strikes me as a poor attitude because it plainly is not what is expected behaviour, but they don't seem to publish the systemd unit file - is that originating in Debian or ubuntu?
<teward> Debian actually
<TJ-> right, so they're adopting the "someone elses problem" attitude
<TJ-> I know with my solution there is no race condition, but it'll get objected to for likely being too invasive
<teward> indeed.
<teward> the tricky part here is, it sounds like this invasiveness is *needed* to make things actually work right...
<teward> TJ-: I'm going to let it sit in the PPA for a bit, let sdeziel and others do some more testing
<teward> see if this works fine for most production use cases
<teward> if it does I'll go the route of uploading for Eoan and getting SRU reviews
<sdeziel> TJ-: it would be too bad to admit defeat before sending it upstream but I'd understand you don't want to fight that battle.
<sdeziel> TJ-: looking at https://launchpadlibrarian.net/426320897/nginx-fix-pidfile.8.patch, I noticed the 'if (ngx_create_pidfile(&ccf->pid, cycle->log) != NGX_OK) {' line has 1 too many space indent, same for the one after
<sdeziel> </nitpicking>
<sdeziel> my netplan setup fails to set the MTU properly, anyone knows about this?
<sdeziel> here is the yaml config: https://paste.ubuntu.com/p/zkSV8jrkRk/
<sdeziel> once 'netplan apply' is done, the MTU is left at 1500 requiring me to do 'ip link set enp1s0f0 mtu 9000'
<sarnold> sdeziel: do you need to set that on the bridge instead?
<sdeziel> sarnold: shouldn't be needed because the bridge always adapt to lowest MTU of the enslaved ports. That said, I tried it anyway and it doesn't work ;)
<sarnold> sdeziel: dang and double-dang. but thanks for reporting back :)
<sdeziel> I also tried setting the MTU on both but no dice, thanks for suggesting
<sdeziel> I think the issue is the NIC seems to go down/up on MTU changes
<cyphermox> sdeziel: AWS?
 * sdeziel misses ifupdown post-up scripts for quick and dirty fixes
<sdeziel> cyphermox: no, iron @Home
<cyphermox> ok, let me rephrase then, it's DHCP?
<sdeziel> cyphermox: no, all static
<cyphermox> oh you did paste config
<cyphermox> to get the MTU to apply you must match: by MAC or something else that is specific enough to apply to the interface
<sdeziel> oh, that would make a fantastic addition to https://netplan.io/examples ;)
<sdeziel> cyphermox: my bad, it's already there in https://netplan.io/reference
<sdeziel> testing this now, thanks!
<cyphermox> well, I guess it's worth having in examples
<sdeziel> It would be a good addition IMHO as tuning the MTU is probably something many folks are looking for
<sdeziel> cyphermox: it worked, thank you very much!
#ubuntu-server 2019-06-05
<ploxiln> it looks like the EC2 AMI for hvm-ssd has not been generated in cn-north-one since 2018-11 - sorry to pop out of nowhere with a question, but where would be appropriate to report/ask about this?
<ploxiln> s/cn-north-one/cn-north-1/
<sarnold> jamespage: ^^ is ec2 hvm-ssd image problems on cn-north-one something you'd tend to?
<ploxiln> well, correction: for xenial the last was 2018-11, for bionic the last was 2019-01. also it looks like non-hvm AMIs are still being generated regularly
<ChmEarl> when my 19.04 server goes down with multiple ssh client windows, I don't get notifications and the shells stay open
<ploxiln> ChmEarl: I don't have any definitive fixes, just some tips and tricks. 1) if the ssh session is frozen/stuck, type <enter>~.
<ploxiln> (including the period)
<ploxiln> 2) you could "pkill sshd" as your user on the server, to close all ssh sessions for your user before shutting down the server
<ploxiln> 3) you could try "sudo shutdown -r +1"
<sarnold> ChmEarl: you could also set ServerAliveInterval in your ssh clients, but the downside is the sessions will be much more likely to timeout if a router dies
<ChmEarl> ploxiln, sarnold  thanks
<lordievader> Good morning
<jamespage> sahid: you might just want to pick the patch from https://review.opendev.org/#/c/663294/
<jamespage> sahid: its still needed
<jamespage> sarnold: fraid not
<sahid> jamespage: i've kept it https://git.launchpad.net/~sahid-ferdjaoui/ubuntu/+source/neutron/tree/debian/patches/bug1826419.patch?id=6153732fec521d0a3d8044ad59a26acc6d05f083
<jamespage> sahid: ah sorry I was confused by the diff of a diff
<jamespage> sahid: yes that looks OK to me
<sahid> ok cool perfect
<kevindank> Hello, im about to migrate a website from shared hosting on bluehost to cloud hosting on Linode, the main goal is site load time improvement, does a dedicated cpu plan make a difference here?
<kevindank> My plan was to get a ubuntu 19.04 server with 16gbs of ram, 320gb SSD, and 8 core cpu but theres another plan offering smaller ssd and more cores
<leftyfb> kevindank: I would not recommend 19.04 for a server. Not unless you plan on upgrading it in 7 months. Stick with LTS.
<kevindank> leftyfb: 18.04 lts?
<leftyfb> kevindank: yes, that is the latest LTS
<leftyfb> supported for 5 years from release
<kevindank> okay
<TJ-> kevindank: no, you don't need a dedicated CPU linode, the standard will do
<kevindank> TJ-: Thanks
<TJ-> kevindank: the 2-CPU/4GB is usually enough for most sites; I host several domains on one such that are relatively busy
<jamespage> coreycb, sahid: do you think we should start stripping out python- binary packages this cycle? we dropped py2 support in the actual openstack projects, so we could work back down the dependency chain now
<coreycb> jamespage: yeah i think so. just need to be careful with swift deps i think.
<kevindank> TJ-: That's typically what I use.   I have a website thats on bluehost right now that is maxing out ram,cpu on the bluehost standard server so went with the highter ram plan of 16gb
<TJ-> kevindank: what's eating the memory? database?
<kevindank> Total CPUs : 16 / 16 Cores Total RAM : 31 GB Real Time Free RAM : 2 GB Real Time RAM Usage :
<kevindank> Real Time Free RAM : 1 GB Real Time RAM Usage : 29 GB
<kevindank> im pulling that uses wp server stats, im not sure if thats the ram/cpu of the shared server or our site on that shared server however
<kevindank> DB is 78mb
<kevindank> the site is a lawfirm site, theres a bunch of pages and a chat feature but it should not be using 29gbs by itself at all
<TJ-> kevindank: is that in the Linode, or at the shared hosting?
<TJ-> kevindank: I'd presume its the shared host and it is over-subscribed
<coreycb> sahid: neutron 2:13.0.3-0ubuntu1 uploaded to the cosmic unapproved queue. thanks!
<sahid> coreycb: thanks
<sarnold> ploxiln: apparently other images are being updated, it's the streams interface that's giving trouble -- eg https://paste.ubuntu.com/p/PM7QMBNm9g/
<sarnold> ploxiln: that was generated via aws --profile=china ec2 describe-images --region=cn-north-1 --owners "837727238323" --query 'Images[*] | sort_by(@, &CreationDate)'  --- I don't know enough aws to tell you how to create a 'china' profile like that, but I hope it's something you're familiar with or already done
<ploxiln> thanks for looking into it. the one I'm hoping for is 16.04 xenial with type hvm-ssd - I did an explicit search for it and I think that oen is not being generated
<ploxiln> so I did: aws ec2 describe-images --filters Name=name,Values="ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-*" Name=owner-id,Values=837727238323 --query "Images[*].[CreationDate,ImageId,RootDeviceName]" --output text | sort
<ploxiln> (with cn-north-1 region)
<ploxiln> and got 2018-11-21T07:51:00.000Zami-013ead89472fc7464/dev/sda1 as latest
<ploxiln> proper paste: https://paste.ubuntu.com/p/bNKnN3sj8T/
<ploxiln> bionic does have a newer hvm-ssd image, but the previous is from February, and the one before that from August 2018, so I just get the impression that general china flakyness makes each upload a roll of the dice
<Ussat> So I get a CALL......a Dr is having trouble with his linux system. Its running...wait for it.....Ubunti 14.04
<Ussat> I almost laughed in the phone
<compdoc> whats his phone number. I want to laugh at him for reals
<sdeziel> Windows XP I would have laugh but I'm actually impressed a Dr is using Ubuntu :)
<compdoc> tiz good stuff
<Ussat> We are taking it, burning it in the deepest darkest corner of hell and making hime a VM under my controll
<Ussat> sdeziel, it wasnt as much him "useing" it per se, his grad student set it up so he could run a few programs specific to his work
<Ussat> but ya we are burning it down...hard
#ubuntu-server 2019-06-06
<kantlivelong> does RPCNFSDCOUNT not work in 16.04 for nfs-kernel server? it looks to me that its never used by the service unit file but the unit does use RPCNFSDARGS
<kantlivelong> i only ask because increasing the thread count seems to make no diff
<lordievader> Good morning
<lucidguy> Ok, Server with 192GB of ram.  I assume that's GIGA, and not GIBI.  Convert that to Gibibytes and you get 178GiB.  If you do a free -g on the box you get 187?  I'm pretty sure df is in GiB, so why is there about 10GiB discrepancy?
<sdeziel> lucidguy: AFAIK, RAM is expressed with a 1024 base value for "K"
<lordcirth> sdeziel, -g is gibibytes according to the manpage
<sdeziel> lordcirth: I'm referring to the 192GB part
<lordcirth> Ah, the manufacturer? Yeah I don't know what they use
<lucidguy> Ohh, so ram is sold in GiB not GiG like drives?
<sdeziel> lucidguy: that said, that doesn't explain where the 5GB went
<blackflow> 192GB of physical RAM but not every bit is addressable. dmesg will show available physical addressable RAM in bytes.
<sdeziel> lucidguy: I'd check 'dmesg | grep -i memory' and see how the kernel reserved that RAM
<sdeziel> lucidguy: on a random box here, I have: Memory: 4740848K/4914680K available (8613K kernel code, 1335K rwdata, 4028K rodata, 1484K init, 1284K bss, 173832K reserved, 0K cma-reserved)
<lucidguy> Memory: 196455640K/199738988K available (12300K kernel code, 2473K rwdata, 4288K rodata, 2408K init, 2416K bss, 3283348K reserved, 0K cma-reserved)
<sdeziel> lucidguy: and this VM has 4800MiB assigned
<sdeziel> If I'm doing my maths right, your kernel only sees 190.4 GiB
<lucidguy> sdeziel: Does that make sense?
<sdeziel> and 3.13 GiB are 'reserved', whatever that means
<blackflow> stack <-> heap gaps'n'all, that RAM is not addressable.
<sdeziel> lucidguy: I don't know why the kernel doesn't see the full 192 GiB, looks like the EFI/BIOS is hiding some of it or something like that but I'm just guessing at this point
<lucidguy> Ok, this makes more sense now.  I knew storage, like drives were in GiG and not GiB, thought RAM was sold/represented the same way.
<sdeziel> blackflow: I would assume that only apply to virtual addresses, not physical ones, no?
<patdk-lap> if you have some pci devices that use memory (aka video cards)
<patdk-lap> that memory is not usable by the os
<sdeziel> yeah ^
<sdeziel> but 2G of video RAM on a server sounds a little excessive ;)
<lucidguy> My last statement is accurate right?  Disks are still sold in GiG?
<patdk-lap> I think some network cards do this also, and infiniband cards, but those are rare
<patdk-lap> ya, I guess it has to be a real server motherboard to have 192gb ram anyways
<patdk-lap> could need it if it was a windows server :)
<lucidguy> Ubuntu Server
<patdk-lap> efi/bios doesn't hide it
<patdk-lap> hmm, that motherboard was designed for only ubuntu server?
<lucidguy> I wonder if the BOSS storage controller is taking some
<sdeziel> patdk-lap: do you know where the NIC/video cards reserved chunks would be visible/accounted for? Would the kernel still see that memory or not? If it does, would they be in the 'reserved' section from that dmesg line?
<patdk-lap> the kernel won't see it, it will be subtracted before the os boots
<lucidguy> Thanks guys, appreciate the responses, solved my mystery.
<sdeziel> OK so that would explain where the 1.6GiB went
<lucidguy> I'm sure I read online that ram sold was represented in GiG not GiB.. grr
<sdeziel> one day, I hope to understand what the kernel reserves...
<patdk-lap> well, I cannot remember how it does it now
<patdk-lap> but should reserve <1meg
<patdk-lap> still lots of dma stuff that only works below 1meg or 16megs
<sdeziel> 170MiB on that i440fx VM
<sdeziel> out of 4800MiB assigned to it
<blackflow> sdeziel: yes, but that will always reduce the availability of physical RAM as long as physical addresspace is less than virtual (which is always unless you had gazillions of ram)
<blackflow> oh yeah, there's the GPU as well, sometimes it shares the system RAM
<patdk-lap> said that way above
<blackflow> sorry, didn't see it
<sdeziel> blackflow: I don't understand how the gap between stack and heap wouldn't be usable by the kernel. That gap is in virtual address space alone, no?
<patdk-lap> it is
<patdk-lap> but that doesn't really help the kernel
<patdk-lap> if the kernel was places randomly in each process, none of it's memory pointers or anything would work
<sdeziel> patdk-lap: I'm arguing with: blackflow: stack <-> heap gaps'n'all, that RAM is not addressable.
<patdk-lap> define addressable :)
<sdeziel> more specifically the 'not addressable' part
<patdk-lap> if you use it, it will cause a exception
<sdeziel> not addressable by the userspace process
<patdk-lap> it is addressable
<patdk-lap> it's not backed by anything, and needs to be allocated
<sdeziel> what I'm saying is this gap is purely virtual, it doesn't waste any physical RAM
<patdk-lap> well, there is some waste, but your talking on a small level, 4k
<sdeziel> I don't understand why the gap would be allocated at all
<patdk-lap> or maybe more for empty stack allocations
<patdk-lap> unused stack space
<patdk-lap> unused heap space
<patdk-lap> and mmap
<sdeziel> right but that's not part of the gap
<patdk-lap> outside of that, nothing is allocated to physical or swapped ram
<sdeziel> or is it? Is there actually a gap or can the stack and heap grow till they meet? Causing explosion
<patdk-lap>  heh?
 * sdeziel vaguely remembers stackclash
<patdk-lap> of course they can grow till they meet
<blackflow> sdeziel: ah yes, these days it's all in virtual address space only
<patdk-lap> when all the virtual address space is used up
<patdk-lap> the kernel will allocate physical and swap memory to back those pages
<patdk-lap> if there isn't enough swap space, then it will blow up sooner
<blackflow> sdeziel: they could meet in the past, there was a CVE about it, forgot the details. but iirc kernel now protects against that.
<sdeziel> https://access.redhat.com/security/vulnerabilities/stackguard
<blackflow> ah yes, the stack clash, you said it.
<jamespage> coreycb: apologies - dpdk things blew out my morning today - I'll endeavour todo some of the dep updates for train m1 tomorrow
<coreycb> jamespage: no problem at all, i'm going to focus on it this afternoon and see what deps i can get through.
<ahasenack> rafaeldtinoco: ok, so, sponsoring
<rafaeldtinoco> ahasenack: tks, NOW ill finally cherry-pick iproute2 patches for cosmic and disco then.
<rafaeldtinoco> ahasenack: do I have to ping someone for the missing +1s on the review ?
<rafaeldtinoco> (server team / etc)
<rafaeldtinoco> or just let it hang in there
<ahasenack> rafaeldtinoco: no, one is enough from our team
<ahasenack> and I can sponsor
<ahasenack> ahasenack: we usually just do a final check, like the bank asks you to ack sometihng on the phone loud and clear
<ahasenack> rafaeldtinoco: rather
<ahasenack> rafaeldtinoco: so, ok for having 96b1b4a6b461effe47a19d5d62d9f0e9825e9fcb sponsored?
<rafaeldtinoco> ahasenack: +1
<ahasenack> ok
<ahasenack> rafaeldtinoco: two things I'll do then
<ahasenack> rafaeldtinoco: one is push the upload tag, which marks the commit has corresponding to the dput I'll do right after
<ahasenack> rafaeldtinoco: and second is the actual dput
<ahasenack> rafaeldtinoco: that will upload the package to eoan-proposed, where it will go through what we call migration checks
<ahasenack> rafaeldtinoco: https://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<ahasenack> rafaeldtinoco: it may take a while to show up there after the upload, but I'd ask you to do what we call "follow its migration"
<ahasenack> i.e., keep an eye there to see if it passes the tests and actually lands in the archive
<rafaeldtinoco> will do
<ahasenack> rafaeldtinoco: that page refreshes about twice an hour, it's a bit irregular
<rafaeldtinoco> good to know
<ahasenack> rafaeldtinoco: it's currently building: https://launchpad.net/ubuntu/+source/iproute2/4.18.0-1ubuntu3
<ahasenack> a good hint that it migrated, and usually comes way before the excuses page updates, is the email from lp saying the bug was closed, since it's mentioned in d/changelog
<rafaeldtinoco> ok
<ahasenack> rafaeldtinoco: you can now also move the card to "external dependency", signaling we now have to wait for this external process
<rafaeldtinoco> ahasenack: done
<ahasenack> and I just assigned it to you, that was missing
<rafaeldtinoco> hum. maybe others are missing that too, /me review
<rafaeldtinoco> ahasenack: disco and cosmic are good also
<rafaeldtinoco> ahasenack: are we waiting for full verification on eoan ?
<ahasenack> ok, let's wait for eoan to migrate
<ahasenack> yep
<rafaeldtinoco> ok
<cncr04s> my grub won't boot from my mdadm array anymore
<cncr04s> some recent update broke it
<cncr04s> its an imsm array
<rafaeldtinoco> ahasenack: alright. so after dput to -proposed, and update_excuses are good, how does it get to -updates ?
<rafaeldtinoco> (in ccase this was an actual sru)
<ahasenack> rafaeldtinoco: for eoan there is no -updates yet, so it will just move to where it should be
<rafaeldtinoco> yep
<ahasenack> main or universe
<rafaeldtinoco> ah gotcha
<ahasenack> for srus,
<ahasenack> the upload to proposed will be in an unapproved state
<ahasenack> until a member of the sru team gets to it
<rafaeldtinoco> ah i know where that is
<rafaeldtinoco> all makes sense now
<ahasenack> if it's accepted, then this person will move it to -proposed, lp will get that standard comment about it having been accepted and asking for help testing it, etc
<ahasenack> we also have to check the excuses page for that particular ubuntu release, to see if dep8 tests failed
<ahasenack> if there are failures, they need to be investigated, and either justified in the bug with a comment, or fixed in a subsequent upload
<rafaeldtinoco> ok
<ahasenack> rafaeldtinoco: the per-release excuses page is like this: https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html
<ahasenack> replace "bionic" with your release of choice
<rafaeldtinoco> ok, saving bookmarks
<ahasenack> yep
<Soni> what are alternatives to lighttpd that will fit a shitbox VPS? 1 core, 256 MB of RAM, 10 GB of disk, etc
<Soni> I don't like the configs, I have the same block copypasted 5 times, once for each subdomain, and I wanna add a blog to it.
<OerHeks> a blog on a vps, interesting
<ploxiln> Soni: I use nginx a lot, it's also very efficient ... it's pretty popular so you may have already considered it
<ploxiln> there's an "nginx-light" package with a reduced set of features enabled
<Soni> but how hard is it to configure?
<ploxiln> I suppose it takes some getting used to, but it can be very concise to just serve some files or just proxy. fcgi requires a separate helper like spawn-fcgi
<ploxiln> https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/
<sdeziel> Soni: I'd advise sticking to nginx-core which is an Ubuntu specific flavor that mirrors upstream default plugin selection, that's the one in 'main'
<sdeziel> Soni: with that version, you get a handful of plugins that you can disable to reduce the RAM usage. Those plugins are for TCP and mail proxying
<sdeziel> Soni: with those plugins removed, my TLS/HTTP 2.0 nginx on 18.04 takes only 5.5M of RAM ;)
<Soni> maybe I should just use thttpd
<Soni> hm
<Soni> it's really hard to fit a blog engine into a shitbox VPS apparently
<sdeziel> Soni: if 5.5M of RAM is too much for you, then yeah, you'd need to use something != nginx
<Soni> does nginx have some plugin to turn an atom feed into an HTML blog?
<sdeziel> Soni: the biggest RAM consumers are often the DB engine and PHP depending on your blog
<Soni> so I edit the .atom and it changes the blog automatically?
<sdeziel> Soni: not sure that is what you are looking for but I found this : https://ef.gy/serving-an-atom-bundle
<Soni> okay, let's see if I can make any sense of this stuff
<Soni> first, how do I clean the package cache?
<Soni> actually hm is it safe to just remove everything in /var/cache?
<sdeziel> apt-get clean
<sdeziel> Soni: this should reclaim some space
<Soni> sdeziel: that's only for apt tho, I have stuff like the webserver as well
<sdeziel> Soni: I don't know your server but I'd recommend to tread carefully, rm -rf can hose a server pretty quickly ;)
<Soni> sdeziel: so can certbot. doesn't stop me from using it.
<sdeziel> Soni: I find dehydrated less intrusive but I guess it's a question of personal taste
<Soni> hm I wish I knew about that before setting up certbot
<Soni> would probably be lighter on disk usage as well
<sdeziel> dehydrated only deps are bash and curl IIRC
<Soni> anyway, any tool to clean up /var/cache?
<OerHeks> !info Polipo
<ubottu> polipo (source: polipo): lightweight, caching web proxy. In component universe, is optional. Version 1.1.1-8 (bionic), package size 174 kB, installed size 702 kB
#ubuntu-server 2019-06-07
<entry_lvl_dev> i cant rdp into my server..i installed ubuntu-mate and followed some online insturctions.,.. im able to rdp but the screen stays blue after i log in
<entry_lvl_dev> the desktokp envorinment doesnt load all the way
<lordievader> Good morning
<blackflow> teward: ping! I've analyzed and traced down the issue I had with nginx+http2. The problem is in fact with nginx. If the connection is slow or has high(er) number of tcp retries, nginx will stop sending pipelined content within a http2 request.
<blackflow> teward: apparently consistently after ~17 seconds.
<blackflow> teward: now I do have send_timeout set to 15s, but that's supposed to be timeout between two successive write ops. does that option have a different meaning with http2 now?
<coreycb> sahid: nova 19.0.1 uploaded to disco unapproved queue. thanks.
<sahid> coreycb: ack
<teward> blackflow: i don't see a bug open for you :P  The tricky part is a reproducible test case :p
<teward> blackflow: that sounds like something Upstream should see though, at nginx, for them to debug
<teward> and I don't see a reproducible test case anywhere other than your setup.
<coreycb> jamespage, sahid: i'm going to merge openstack-pkg-tools from experimental. it's basically all debconf changes.
<sahid> coreycb: ack
<coreycb> sahid: worth noting we don't use debconf in the openstack ubuntu packages except for ones that originate in debian (the
<coreycb> (the core packages we sync from debian will have debconf - zaqar, sahara, etc)
<blackflow> teward: right, that's the part I'm trying to pin down now.
<coreycb> jamespage: sahid: turns out everything we've been carrying has been merged into debian openstack-pkg-tools so i'll sync that (ie. syncpackage openstack-pkg-tools experimental) assuming it builds ok
<coreycb> i mean, syncpackage -d experimental openstack-pkg-tools
<teward> sdeziel: so I don't have any single-core test environments for any distro, but if I don't hear any "problems" in the next week or two I'll include that patch.
<teward> I need to do a patch for Eoan but I should probably figure out which PHP version's going to be in it
<teward> rbasak: is nacc still a good POC for PHP or is someone else handling PHP this cycle?
<sdeziel> teward: cool. re single-core it's easy with lxd: lxc config set foo limits.cpu 1
<teward> sdeziel: ya but i'm lazy and I meant in *prod* :p
<teward> like a production site I can test with that's straight internet facing :p
<teward> so unless you or Canonical want to loan me $8 for a 1-core KVM VPS with crap memory... :P
<teward> all my stuff's dual core or better
<teward> actually... *wonders about something*
<teward> i might be able to deploy this in my cloud and test with a direct IP but I'm busy at work.
<teward> this be a weekend task xD
<Ademan-remote> I"m trying to run the 18.04.2 server alternate installer from an iso on a thumb drive, and I've booted to the point where the installer is running, and it's failing at "Detect and mount CD-ROM". I can mount the iso file just fine from the busybox command line, can I just mount it in the right place and/or point the installer to it?
<Ademan-remote> Ah, gonna try this `mount -o loop path/to/iso/file/UBUNTUSERVER.ISO /cdrom'
<nacc> Ademan-remote: i think maybe you did the wrong thing -- you don't usually boot the ISO, you write the ISO to the thumb drive itself and boot from the thumb drive.
<Ademan-remote> the installer *really* wants to treat /dev/sdc1 as the cdrom: "Searching for Ubuntu installation media..." "Devices: '/dev/sdc1'"
<nacc> Ademan-remote: i've not tried what you are suggesting, I don't know if it will work
<Ademan-remote> nacc: it's *supposed* to be possible with EFI, and I'm booted, it's just the installer that's choking at this point
<nacc> Ademan-remote: just don't know if it's an actually supported thing in ubuntu :)
<nacc> (or tested)
<Ademan-remote> that's fair haha
<Ademan-remote> oh my goodness...
<Ademan-remote> the problem was when I hit "Ok" acknowledging the problem mounting the CD-ROM, it was unmounting /cdrom for me... so I had to OK it first, then mount to /cdrom...
<Ademan-remote> I did notice it was unmounting /cdrom but I didn't notice *when* it was happening heh
<Ademan-remote> ( so `mount -o /foo/bar/baz/quux.iso /cdrom' actually works, just be careful what the installer is doing heh)
<Ademan-remote> ...now to name this new box ;-)
<teward> nacc: who handles PHP stuff now?
<powersj> teward, working on getting someone on the team spun up on that
<powersj> teward, something come up?
<teward> powersj: nah, nothing of critical note, just need to know the php-fpm 'path' it's going to be dropping the socket into
<teward> because https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1831748
<ubottu> Launchpad bug 1831748 in nginx (Ubuntu) "Update /etc/nginx/sites-enabled/default with php-fpm 7.2" [Low,Triaged]
<teward> not SRUable but DEFINITELY fixable for Eoan
<teward> and since I think it's version number dependent, want to make sure I know the version landing for Eoan
<nacc> teward: sorry was afk
<teward> nacc: no problem
<nacc> tbh i've not looked at php in some time. I know that's not great. I am happy to assist anyone who is looking to take it over from server (cc: powersj :)
<teward> lol
<teward> nacc: i was just curious what version was landing xD
<keithzg[m]> Hmm is it expected that an 18.04 server with livepatching enabled would still be reporting 4.15.0-50 despite 4.15.0-51 being out? (I'm probably just misunderstanding something basic here.)
<sdeziel> keithzg[m]: yes, that's normal. Live patches won't change what uname reports
<sdeziel> keithzg[m]: furthermore, you also should/need to deploy regular patches so that when you reboot you get the -51 kernel proper
<keithzg[m]> sdeziel: Ah, so 4.15.0-50.54-generic is equivalent to 4.15.0-51-generic? And yeah, I have unattended-upgrades set to automatically install all security updates anyways, in fact that's what triggered me noticing this, since the  -51 kernel was installed and so now the machine in question is reporting reboot-required.
<sdeziel> keithzg[m]: not equivalent, no
<sdeziel> keithzg[m]: live patches are only provided for (some?) security patches *when possible*
<keithzg[m]> Ah, fair
<sdeziel> keithzg[m]: you can check which CVEs are live patched with: canonical-livepatch status --verbose
<keithzg[m]> sdeziel: Apparently currently none, since `canonical-livepatch status --verbose` gives identical output to `canonical-livepatch status`, to my surprise (both the version and fixes entries are just "").
<sdeziel> keithzg[m]: so either the live patches were not published yet or Canonical decided the only CVE was negligible enough to not worth providing live patches
<sdeziel> or maybe not even live patch'able since it was essentially ripping out a.out support IIRC
<keithzg[m]> sdeziel: Makes sense
<sdeziel> keithzg[m]: the notes in https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11191.html mention this CVE only affecting i386 and is rated negligible. I don't even think live patches are made available for i386
<keithzg[m]> Yeah and the server I have in question sure isn't running i386 anyways, heh
<sudoISS> So, if `sudo adduser username` creates the user "username", wouldn't `sudo adduser username groupname` make "groupname" "username"'s primary group?
<OerHeks> no, secondary, the primary group is used by default when creating new files (or directories), modifying files, or executing commands.
#ubuntu-server 2019-06-08
<BenderRodriguez> help
<BenderRodriguez> I'm trying to install Ubuntu Server 18.04 LTS but for some reason the connected interface is not shown as link up despite there being a connected link there. THe interface itself is detected. As such, I'm unable to get past the network configuration stage of the installer. Any ideas on how to resolve this?
<BenderRodriguez> The NIC card is detected as a Broadcom NetXtreme II BCM5709
<cncr04s> have you tried to bypass network setup (you can do that later)
<rbasak> teward: it'll be someone else.
<teward> rbasak: mmkay.  just was wondering which PHP's oging to land in Eoan.
<rbasak> teward: I think the plan was to bring it up to buster, but we had to defer last cycle due to some library. pcre3 -> pcre2 IIRC.
<sudoISS> So, it looks like Ubuntu 18.04's repos offer OpenSSL 1.1.0g as the version.
<sudoISS> This is frustrating, since 1.1.1 is out, and has been for awhile, and isn't going to fall out of support this September...
<sudoISS> ...so if I manually install the latest version/branch of OpenSSL... how will that conflict with my repos and such?
<TJ-> sudoISS: 1.1.1 is in -proposed currently
<TJ-> openssl/bionic-proposed 1.1.1-1ubuntu2.1~18.04.1 amd64
#ubuntu-server 2019-06-09
<superboot> Hi all. I've got a basic netplan YAML config: http://sprunge.us/lFMjAG. After a netplan generate; netplan activate, systemd is not resolving. /etc/resolv.conf has: nameserver 127.0.0.53. Does the config look right? Any hints?
