#ubuntu-server 2006-03-27
<mark105> hi im trying to get ubuntu running on a proliant 800 that has a smart array 3200 in it
<mark105> ive got it all installed
<infinity> And on reboot, it doesn't work, because cpqarray isn't in the initramfs, right?
<mark105> something like that
<mark105> no wait
<mark105> grub loads, it loads the kernel
<infinity> Yes...
<mark105> but then it says my raid drive doesnt exist
<infinity> And then you can't find the root filesystem.
<infinity> Yes, see above.
<mark105> yup
<infinity> Is this breezy or dapper?
<mark105> breezy
<infinity> If dapper, I'll have a fix for you in the next initramfs upload.
<mark105> 5.10
<infinity> If breezy, you'll need to 'echo cpqarray > /etc/mkinitramfs/modules' && dpkg-reconfigure linux-image-[whatever] 
<infinity> Should be able to mount it from the recovery console on the install CD to mangle it like so.
<mark105> ok
<mark105> cpqarray is a binary?
<mark105> i havent got far enough to know yet
<infinity> cpqarray is a kernel module for your array.
<infinity>  /etc/mkinitramfs/modules is a file that says "add these extra modules to my initramfs, please!"
<mark105> ahh right
<infinity> (And dpkg-reconfigure linux-image-`uname -r` will re-run the linux-image postinst which will, among other things, regenerate your initramfs image for that kernel package)
<mark105> cheers dude
<mark105> now i just need to find the recovery console
<mark105> this isnt working
<infinity> You have your target system mounted... Where?
<infinity> As /target?
<mark105> wont mount
<mark105> loading ubuntu live cd now
<mark105> have no idea where to find recovery console
<nictuku> you'll be fine with the live cd and chroot, I guess
<mark105> what i was gonna do
* infinity nods.
<mark105> well that fixed it
<mark105> finishing install now
<nictuku> :-)
<mark105> know what to modprobe for a compaq netelligent integrated nic?
<nictuku> I dunno, but as a last resort you can try to load all of them and see what happens :-)
<mark105> well so far the lights havent lit up
<mark105> google reakons its the tlan driver
<mark105> but its not doin much at the moment
<nictuku> did the interface show up?
<nictuku> read dmesg
<mark105> ok
<mark105> well dmesg found it and said its working
<mark105> but not showing up
<mark105> well just ran dhcpclient eth0 and now its working
<mark105> doesnt load up properly at boot
<nictuku> :-)
<nictuku> I was saying "check mii-tool"
<mark105> ??
<nictuku> If the NIC has MII support, it will report if the cable is plugged in
<mark105> yeh it says that now
<mark105> ahh crap i need to add auto eth0 to /etc/network/interfaces
<nictuku> hehe yes you do
<mark105> thats whats wrong
<mark105> lol
<nictuku> I think it's time to update https://launchpad.net/distros/ubuntu/+spec/network-wide-updates
<hunger> Keybuk: They work-for-me(TM)
<dman> im having issues with ubuntu plus scsi and raid
<dman> the install cd isnt making a block device of my array
<fabbione> dman: wrong channel
<fabbione> ask in #ubuntu or file a bug
<dman> ia ssumed scsi + raid etc.. was server related
<fabbione> i can use scsi and raid + lvm on my workstation :)=
<fabbione> no.. actually.. i do :)
* fabbione takes off for dinner
#ubuntu-server 2006-03-28
<mark105> is there a smp kernel?
<juuva> quite many.
<juuva> use linux and smp as keywords when searching with apt
<mark105> hum i need to update to a smp kernel
<mark105> ahh ok
<mark105> thats one thing i have always wondered, how do you search with apt?
<juuva> apt-cache search keywords
<mark105> ahh
<mark105> ty
<juuva> and apt-cache show packet shows more info about specific packet
<mark105> oh yup
<mark105> ahh right, there is alot of smp ones
<mark105> i have a problem
<mark105> it sez im running a smp kernel when i run "cname -r" but when i cat /proc/cpuinfo it only shows 1 cpu
<mark105> i apt-get a new smp kernel as i added a second cpu to my server
<mark105> but
<mark105> the second cpu isnt showing up
<Pygi> mark105: restarted?
<mark105> all i have to o is apt-get it and run that kernel at boot time correct?
<mark105> yeh i rebooted on to the smp kernel
<mark105> might reinstall
<mark105> i messed a few things up i wanna fix so
#ubuntu-server 2006-03-29
<yves> I'm having a nice experience migrating from MS Exchange 2k3 :-)
<yves> I'll write something about that when it's finished
<yves> one particular outstanding issue is that users love outlook and OWA
<yves> the pretty webmails available are bloated do-everything solutions
<yves> roundcube has a great potential, though
<yves> server team may want to know that we've uploaded nwu 0.1.4 to revu
<yves> we would appreciate reviews =] 
<mark105> does kubuntu have the same server install as ubuntu?
<fabbione> yes
<fabbione> the base installer is the same for everything
<mark105> hun
<mark105> err
<mark105> hum
<mark105> as kubuntu works and ubuntu doesnt
<mark105> must be something wrong with my cds
<fabbione> possibly yes
<mark105> dunno
<mark105> oh well
<mark105> they the same so what does it matter
<mark105> i have a problem
<mark105> my server has 2 cpus
<mark105> they both show up in bios
<mark105> but even tho im running a smp kernel only one ever shows up
<fabbione> mark105: 2 cpus or an hyperthreading CPU with 2 cores?
<mark105> 2 physical cpus
<mark105> in a compaq proliant 800
<infinity> mark105: Odd are the BIOS is only enabling one... Or something worse, like one's bad, not getting enough power, etc, etc.
<infinity> mark105: With an SMP kernel, if the kernel sees an SMP table, it'll walk it to count the CPUs, and enable every CPU that appears to be online, if it can't do that, it's 99.9% likely to be a hardware issue.
<infinity> s/Odd are/Odds are/
<mark105> hum ok
<mark105> i dunno
<mark105> compaqs have these little extra power regulator things for the cpus also
<mark105> i figured that it showed up in bios so it was working
<mark105> prety sure its working as the mobo its self has light indicators wether the cpus are physically working and both are green which means they is ok
<mark105> and i have no bios options to turn them on or off
<mark105> so im at a loss as to whats wrong
<mark105> im very new to these compaqs tho
<mark105> big beasts these are
<infinity> mark105: Well, after you boot an SMP kernel (and which SMP kernel did you install, by the way?), does "dmesg" have anything enlightening to say about the CPU discovery and setup?
<mark105> not sure at current, i have just reinstalled
<mark105> so no smp kernel yet
<infinity> Right, well install linux-686-smp, and see where you go from there.
<infinity> (Assuming this is breezy.. If it's dapper, just linux-686 will do, since we do SMP/UP unified now)
<mark105> yeh breezy
<mark105> apt'ing now
<mark105> nope only one cpu came up says kernel
<rambo3> think of this:  dvd -rw : ubuntu server live cd for apache and mysql
<hub> hi
<hub> would u buntu server install on a PXE bootable machine
<hub> that has no cd-rom
<hub> nor floppy
<hub> I know it should be possible with a debian, but wondering about ubuntu
<neuralis> i see no reason why not.
<hub> https://wiki.ubuntu.com/PXEInstall <- found it
<hub> neuralis: yeah, I found it. this method should work :-)
<hub> neuralis: I'm used to have netinstaller for PXE, but that one is perfectly acceptable
<hub> I just have to make sure the hardware supports it
<hub> properly
#ubuntu-server 2006-03-30
<JulienH> If I download http://cdimage.ubuntu.com/daily/current/, and type "server" just before install... I have the same install with http://cdimage.ubuntu.com/ubuntu-server/daily/current/, am I right ?
<nictuku> infinity, may I /query you?
<munzir> Hi, I just installed ubuntu-server dapper and choose the option of lvm and it booted properly. I remember / shouldn't be made lvm am I wrong?
<ajmitch> it's generally fine to have / on LVM when you have a separate /boot
<ajmitch> but grub doesn't read LVM volumes to find the kernel, and you're assuming that the kernel will stay on 1 physical volume if you use lilo - which isn't always true
<ajmitch> hence the need for separate /boot
<munzir> ajmitch: I just did a default installation where boot is not separate, and the default is grub so how come it boots?
* ajmitch shrugs :)
<munzir> ajmitch: ;)
<ajmitch> last time I tried, it selected lilo automatically, which I didn't really want
<ajmitch> since then I've just done installations with /boot separate
<munzir> ajmitch: I just checked it and it's grub not lilo by default choosen. lilo is not installed
<ajmitch> and mount tells you that /boot is not separate?
<munzir> ajmitch: huh! this is something new to me. mount tells me this:
<munzir> /dev/mapper/Ubuntu-root on / type ext3 (rw,errors=remount-ro)
<munzir> /dev/sda5 on /boot type ext3 (rw)
<ajmitch> ah right
<ajmitch> so it did setup /boot separately, that's good to see
<ajmitch> how big is it?
<munzir> ajmitch: df -h / gives: 129G  569M  122G   1% /
<fabbione> ajmitch: yes i did make sure /boot is separated when autopartitioning with LVM
<munzir> ajmitch: this is 3 HD with 73G each in RAID5
<ajmitch> fabbione: a welcome change from last time I made that mistake :)
<fabbione> ajmitch: manual partitioning you are on your own
<fabbione> ajmitch: eheh
<ajmitch> yeah I always go for manual now
<fabbione> yeah
<munzir> fabbione: but I don't remember this is listed. I remember the installation only mentioned / and swap, am I wrong?
<fabbione> you still can't setup lvm over raid automatically
<munzir> fabbione: so what I am doing is wrong?
<fabbione> munzir: i am pretty sure it writes also /boot, but the page in there doesn't scroll
<fabbione> so it might be after
<fabbione> and you don't notice
<munzir> fabbione: ok I will notice it next time ;)
<fabbione> yeah
<fabbione> i am sure it works
<fabbione> i wrote that code :)
<fabbione> and tested
<munzir> fabbione: you said lvm over raid can't be set automatically?
<fabbione> there are still some annoying corner cases, but it's not easy to fix
<fabbione> munzir: it depends at what stage...
<fabbione> but you can set it up manually
<fabbione> there is no UI to say: make these 20 disks a raid and slam lvm on it
<fabbione> not directly at leat
<fabbione> least
<fabbione> i *might* do it for dapper+1
<fabbione> anyway .. back to mount this rack
<munzir> fabbione: what do you mean, please? I just choose RAID in the installer and it did the formatting and mentioned the size for 2HD only so I guessed it's ok. then I choose lvm and now it seems it's working, where should i expect the problem? I am using dapper
<fabbione> later
<fabbione> munzir: you did use manual partitioning.. nothing to phear
<munzir> fabbione: no I did automatic
<fabbione> automatic does not do raid
<fabbione> so you did manual somehow
<munzir> fabbione: ah! may be ;)
<fabbione> i am sure
<munzir> fabbione: definitely I trust you
<fabbione> ok
<munzir> more than I trust myself
<fabbione> good :)
<fabbione> i am off now...
<munzir> ok
<munzir> thanks
<fabbione> gotta finish to cable this rack
<munzir> a lost for your help
<fabbione> and move the server in there
<fabbione> no problem
<munzir> Sirs, what's the best tool you use to administer the server from GUI? I see webmin is not there
* #ubuntu-server  [freenode-info]  channel flooding and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
<thinkloop> im trying to get my mail servers to work but having problems. Anyone know where exim4 creates its mailbox?
#ubuntu-server 2006-04-01
<Drac[Server] > Shutting down temporarily to change surge protectors.
<Hal9000> is there a "powered by ubuntu-server" logo or something?
#ubuntu-server 2006-04-02
<unary> hi all
<harisund> People, could someone please explain if doing hostname <new_name> breaks the system?
<harisund> I tried to do that, and now whatever I do I get an error, saying the hostname couldnt' belooked up using gethostbyname()
<harisund> and my /etc/hostname still has the old name only ! I can't even sudo reboot ?
<harisund> vi /etc/hosts
<deejross> hello, can anyone help me with a jabber server problem?
#ubuntu-server 2007-03-26
<os1ris> can anyone give me some insight using ndiswrapper with ubuntu-server'
<os1ris> ?
* Starting logfile irclogs/ubuntu-server.log
<niru> hey folks 
<niru> whats up
<niru> I am trying to come up with server version of my distro
<niru> But seeing some problems need to be clarified by you folks
<niru> any help
<niru> How to start with
<niru> I am editing the tasksel but unfortunate it is not taking what I give in taskesl
<niru> rather packages get installed according to preseed file
<niru> Any body available here
* niru feels its strange that people in ubuntu are not active enough :)
<niru> ivoks hi
<ivoks> hello
<niru> I am editing the tasksel but unfortunate it is not taking what I give in taskesl
<niru> rather packages get installed according to preseed file
<niru> Can I use your method
<niru> I am at present going with debian way
<ivoks> mine method? :)
<niru> could you tell me how  can move in ubuntu way
<niru> I mean ubuntu way of using seed.I dont know esactly how t works
<ivoks> i don't know about others, but i do it with kickstart
<niru> Any explanation
<niru> oh just explain me such that I can follow if possible
<ivoks> it's easy
<ivoks> it's redhat's tool
<ivoks> you need system-config-kickstart
<niru> ivoks:so you dont go with ubuntu
<ivoks> ubuntu implemented system-config-kickstart
<niru> ivoks:Could you give me any link
<ivoks> i don't know if debians installer supports kickstart
<niru> ivoks:ubuntu server version uses which method?
<ivoks> it uses pressed files
<ivoks> but it also supports kickstart
<simulacra> exit
<theacolyte> Can't seem to find any info in #ubuntu for this, or the website, what version of mysql does the server version come with?
<mralphabet> dapper LTS? or edgy server
<theacolyte> 6.10
<theacolyte> sorry bout that
<mralphabet> http://packages.ubuntu.com/edgy/misc/mysql-server
<theacolyte> ah, thanks mralphabet
<theacolyte> I knew it was out there, but couldn't find it
<shawarma> fabbione: How do you feel about changing this channel to a support one?
<ivoks> dev & support
<ivoks> :D
<Laser_away> does it matter?
<shawarma> Yes, that too.
<Burgwork> think that might be good
<Burgwork> as this channel is not exactly busy
<shawarma> Laser_away: "Does it matter what fabio thinks" or "does it matter if it's changed"?
<ivoks> and #ubuntu is not a right place for server questions
<fabbione> shawarma: i don't really like the idea od support
<fabbione> it will become yet another #ubuntu
<Laser_away> shawarma: heh, the later.
<fabbione> but if you all think it's wise to open the gates.. go ahead
<shawarma> fabbione: Did you read the arguments on the mailing list?
<fabbione> shawarma: no?
<maswan> fabbione: on the other hand, would it really disrupt any actual development discussions here?
<shawarma> fabbione: It's basically about the principle of least surprise.
<GNu_Joe> I've been waiting for the devlopment discussion, when does it occure?
<shawarma> fabbione: a) People come here expecting it to be a support channel. 2) #ubuntu is really noisy and it would be nice to have a separate channel for server stuff.
<shawarma> Heh.. a) and 2). Nice.
<shawarma> and er... well, there was a third reason..
<shawarma> Oh, right, that there's not really any devel discussion going on here anyway.
<ivoks> ubuntu-server users mostly do know somethign about development
<fabbione> maswan: no, but we did try to have support for a while and we ended up with people asking how compile kernels or install nvidia on servers
<fabbione> ivoks: wrong
<maswan> fabbione: ah, ok
<ivoks> fabbione: i see :)
<Laser_away> could there be a #ubuntu-server-devel?
<shawarma> Well, that sort of questions should just be redirected to #ubuntu.
<fabbione> maswan: people don't understand the difference and we were spending more time sending people to the right channels than anything else
<fabbione> but again
<shawarma> Laser_away: Either that or just move it to #ubuntu-devel.
<fabbione> if the community feels the need.. so be it
<fabbione> i am not pro or against
<ivoks> fabbione: were that nvidia questions before 6.06?
<fabbione> ivoks: no also after IIRC
<ivoks> fabbione: cause there was no difference betwean server and regular install before 6.06
<shawarma> The worst that could happen is that people will ask silly questions which we can just choose to ignore. Development discussion can go to #ubuntu-devel or, if the volume increases, to a specific #ubuntu-server-devel channel.
<fabbione> but does it matter?
<ivoks> both were installed from same CD, had same packages, etc...
<ivoks> next question; who would answer on support questions? :)
<shawarma> Same as in the other support channel: whoever feels like it.
<ivoks> fwiw, i vote for 'let's try'...
<Laser_away> what is the current support channel for server, #ubuntu?
<ivoks> Laser_away: yes
<ivoks> and no one here is on #ubuntu channel
<ivoks> i think that says enough...
<ivoks> (no, i didn't check all of you :)
<shawarma> ivoks: Heh..
<shawarma> Well then..
<ivoks> it's your call fabbione 
<ivoks> see you later guys, gtg
<shawarma> cheers
<shawarma> Well, since noone seems to oppose..
* ..[topic/#ubuntu-server:shawarma] : Ubuntu Server discussion and support | general (not server specific) support -> #ubuntu
<shawarma> Let's see how long it takes before "the crowd" floods us with nvidia questions or whatnot.. :-)
<Laser_away> well, you might need to define what "Ubuntu Server support" is
<shawarma> It's kind of like porn, isn't it? I can't define it, but I know it when I see it.
<shawarma> Laser_away: ..but if you can define it, feel free. :-)
<theacolyte> Any of you have ldap working with php5 sucessfully?
<theacolyte> Well, I just did, nm on that :)
<shawarma> mkay. :-)
<EtienneG> hey guys, can someone tell me how to install the Nvidia drivers on feisty ?
<EtienneG> juuuuuust kidding
<theacolyte> use yum
<shawarma> heh
<theacolyte> I'm SOOO tired of SNMP/MIB's I'm about to go blind!
<theacolyte> I'd give me left foot to find a good snmp browser
<morrolan> Hi, I've just installed ubuntu-server, and I'm struggling to create an SQL database?
<theacolyte> morrolan: what's the issue?
<mralphabet> mysql? or some other db engine
<ivoks> nice topic :)
<shawarma> ivoks: Feel free to change it. :-)
<ivoks> http://www.zenoss.com/ - this would look great in ubuntu-server
<shawarma> ivoks: It sure does look shiny. :-)
<ivoks> i'll download it and give it a try
<shawarma> Uh, it's a Python thing? 
<theacolyte> I'm actually setting up Cacti right now
<theacolyte> heh
<theacolyte> and wondering why apt-get install nagios-mysql requires postfix...
<ivoks> python+zope+twisted
<shawarma> ivoks: Wicked.
<ivoks> and:
<ivoks> http://sourceforge.net/potm/potm-2007-03.php
<shawarma> Ever tried Zabbix?
<ivoks> What is your development environment like?
<ivoks> We develop on Mac OS and Ubuntu using a GNU development environment and Python.
<ivoks> that's good enough for me :D
<theacolyte> I'm an IS manager personally, not dev
<shawarma> I've been a Nagios user for years, but maybe I should take a look at alternatives. There seems to be quite a few out there.
<theacolyte> Mainly a windows shop here
<theacolyte> I use GFI's product
* shawarma offers his condolences.
<theacolyte> Don't. I like Windows just the way it is :)
<ivoks> yeah, me too :)
<shawarma> So do I:Nowhere near any of my machines.
<shawarma> :-)
<theacolyte> more of a RHEL guy actually for linux, here's a question, I know you can do a package install such as yum groupinstall development, is there an equivalent for ubuntu?
<theacolyte> such as apt-get install please get me everything i need to compile something
<theacolyte> make, gcc etc
<ivoks> apt-get install build-essential
<theacolyte> ah thanks )
<ivoks> it will not install all dev packages, just essential
<shawarma> if "something" is already in ubuntu, then "apt-get build-dep something"
<shawarma> ivoks: It's strange they don't provide .deb's if they use Ubuntu..
<ivoks> shawarma: yes :/
<theacolyte> lol
<theacolyte> I swear to god. If I see that effing MOTD again I'm gonna come unglued
<theacolyte> I thought it was just a runtime script that copied from a file that kept the motd?
<shawarma> Eh?
<theacolyte> well, the motd when reset always goes back to the default ubuntu motd
<shawarma> theacolyte: When do you see it?
<theacolyte> I thought it was just a matter of editing /var/run/motd
<theacolyte> on log in
<shawarma> Ah.
<shawarma> touch $HOME/.hushlogin
<theacolyte> you know... The programs included with the Ubuntu system are free software;
<theacolyte> thanks.. that was driving me crazy
<shawarma> The file is actually in /etc/motd{,.tail}
<shawarma> Well... /etc/motd.tail contains the static part.
<shawarma> $(uname -snrvm) is prepended to that to form /var/run/motd.
<theacolyte> ah got it
<shawarma> The FHS dictates that conf stuff should be in /etc, so there's a symlink in there.
<theacolyte> why is it so persistant? hehe
<shawarma> So, if you want to keep a MOTD with the uname stuff prepended, you change /etc/motd.tail. If you just want a static one, delete the /etc/motd symlink and replace it with something you like.
<shawarma> The static one can of course just be an empty file.
<theacolyte> ls
<ivoks> there are some ugly stuff in zenoss
<ivoks> like for sudoers:
<ivoks> zenoss NOPASSWD: /bin/kill
<ivoks> this makes it a bad software
<Burgwork> oh geez
<Burgwork> just while I was debating zenoss vs zabbix
<shawarma> I wonder what it's for.
<theacolyte> why would you use zabbix vs cacti?
<shawarma> It's probably something about reloading configuration files or something.
<ivoks> shawarma: exploiting :)
<shawarma> ivoks: *G*
<Burgwork> they are looking for people to help them build deb packages
<ivoks> Burgwork: zenoss?
<Burgwork> might want to ping upstream and tell them that is bad
<Burgwork> yep
<theacolyte> I'm curious actually. I'm trying to find some good monitoring/metric software
<ivoks> i wanted to do that, but this strikes me...
<theacolyte> So why zabbix vs cacti or nagios or something?
<Burgwork> because zabbix is one install vs many
<theacolyte> so zabbix is like nagios + cacti, etc?
<Burgwork> thanks, I have better things to do than fight with configuring stuff endlessly
<Burgwork> basically
<theacolyte> got it, as do I
<theacolyte> I tried groundwork, almost made me vomit configuring it, it's almost as bad as nagios
<Burgwork> busy working up the courage to rebuild the asterisk server in house
<theacolyte> * configuration is even worse than nagios *laugh*
<ajmitch> hi Burgwork 
<Burgwork> hey ajmitch
<theacolyte> ooo zabbix has a win32 agent
<theacolyte> i'm sold already
<Burgwork> our network, has fortunately, recovered from the attack of the incompetent alarms tech
<theacolyte> Burgwork: what zabbbix version do the ubuntu repos have?
<Burgwork> no idea
<Burgwork> packages.ubuntu.com/zabbix will tell you
<theacolyte> thanks
<Burgwork> hmm, universe only
<ivoks> oh, nice...
<Burgwork> we need a solution in main
<ivoks> http://www.zabbix.com/screenshots_11_screens.php - zabbix already considers croatia part of EU :)
<ivoks> that was a joke
<shawarma> nagios used to be in main, it seems.
<ivoks> Burgwork: is there a strong reason why zabbix isn't in main?
<theacolyte> here's one for you
<theacolyte> did an apt-get install using dbconfig
<theacolyte> Warning: mysql_pconnect(): Access denied for user 'zabbix'@'localhost' (using password: NO) in /usr/share/zabbix/include/db.inc.php on line 32
<theacolyte> :)
<ivoks> nice :)
<theacolyte> excellent, and removing it and reinstalling it after manually making the database, dbconfig doesn't come back up... although that may be an ubuntu thing
<ivoks> basicly, debconf should create DB and DB user
<ivoks> that's not such a big deal...
<ivoks> anything else? :)
<theacolyte> i uninstalled the package, went to reinstall it, and it just flashed by without asking about dbconfig... answers cached someplace?
<ivoks> yes
<ivoks> dpkg-reconfigure will reconfigure it
<ivoks> removing it with --purge will remove answers
<theacolyte> why doesn't dbconfig ask for the root mysql password?
<ivoks> theacolyte: maybe it isn't packaged well
<theacolyte> got it
<ivoks> i'll check it tomorrow
<ivoks> but i think we should have something like this for next lts
<ivoks> (like an option, ofcourse)
<theacolyte> well
<theacolyte> i hate zabbix already :)
<ivoks> :)
<shawarma> I've always like nagios-text.
<shawarma> s/like/liked/
<shawarma> It seems so wrong to monitor the MySQL database that your monitoring data is kept in.
#ubuntu-server 2007-03-27
<Burgwork> ivoks: probably because nobody has filed an MIR
<Burgwork> I took a look at its security record
<Burgwork> doesn't look too scary, for a php app
<ivoks> :))
<Burgwork> I need to do an MIR for asterisk at some point as well, so I will do zabbix
<ivoks> that would be great addition for next LTS
<Burgwork> the latest asterisk also supports snmp
<Burgwork> pretty much all options for running asterisk right now suck, because of lack of security support
<Burgwork> and given asterisk has a history of remote DoS issues...
<ivoks> i didn't spend too much time with asterisk
<ivoks> tried, worked, left it :)
<ivoks> i would probably work with it, but i've left that company :D
<Burgwork> we have an ancient 1.x cvs version of asterisk some consultant setup for us
<Burgwork> running on White Box EL 3
* theacolyte flushes Zabbix down the toilet
<theacolyte> I'd rather hand configure MIB/OID/SNMP than deal with it
<firecrotch> Hi everyone, I'm wondering if you could direct me to a guide to optimizing the services on my server
<[miles] > morning guys
<[miles] > anyone awake?
<lionel> morning [miles] 
<[miles] > bonjour lionel
<[miles] > ;)
<lionel> :)
<[miles] > lionel: dude, I'm currently manually updating our 6.06 LTS servers...
<lionel> hehe. security updates ?
<[miles] > lionel: When I was using SLES, I could automatically configure it to update
<[miles] > lionel: in ubuntu, is there a particlar package to help do this, or is it just cron-tastic :)
<lionel> what do you mean by automatically ?
<[miles] > well, auto-update
<[miles] > it would download and install all updates (SLES)
<ivoks> yes
<lionel> there is a unattended-upgrades package
<[miles] > ah
<[miles] > ok nice
<ivoks> i'm not sure this is smart thing to do :)
<[miles] > ah ok
<lionel> I would not do it also :)
<[miles] > maybe a cron notifiying me of availble updates would be better
<[miles] > I was amazed last night... in 7 years working with linux, I have never seen any reference to "dialog" in bash scripting... then, I happend to download an ebook on linux programming, and low and behold, it's showing how to create ncurses menus in bash using dialog...
<[miles] > saves having to code them in C
<ivoks> you can do it with cron
<ivoks> but you would have to create your own script
<[miles] > aye
<[miles] > thats fine, I don't mind doing that...
<ivoks> there is /var/log/unattended-upgrades/unattended-upgrades.log
<lionel> cron-apt could do it
<ivoks> so you could parse it
<ivoks> or that, right :)
<[miles] > ivoks: you class that package as unstable?
<lionel> it downloads and send a mail saying updates are available
<ivoks> [miles] : unattended-upgrades?
<[miles] > nod
<ivoks> [miles] : no; it's great package; the idea iss unstable :)
<[miles] > jaja
<[miles] > :)
<ivoks> default behaviour of this package is to download only
<[miles] > ah ok
<[miles] > I must stream-line a few things here, there is too many UBS's now
<[miles] > like apt-proxy or what ever its called
<ivoks> lionel: feisty's version has "Unattended-Upgrade::Mail" mail notification
<lionel> Oh cool
<lionel> thanks for the info
<[miles] > can someone gimme a clue as to how / where I configure this unattended-upgrades please?
<ivoks> [miles] : /etc/apt/apt.conf.d/50unattended-upgrades"
<ivoks> without last "
<[miles] > thanks
<[miles] > ahhh heres another q4u all
<[miles] > I use Prozilla as a download manager... as it's fast multi-part downloader
<[miles] > can I configure apt to use it in anyway?
<[miles] > I guess apt uses wget no?
<ivoks> well, you can allways do --print-uris
<ivoks> and then feed your prozilla with urls :)
<[miles] > :)
<[miles] > ivoks: I can't find any info on what options I can feed this autoupdater
<ivoks> sure you can
<ivoks> less /usr/bin/unattended-upgrade :)
<[miles] > :O 
* [miles]  see's snakes
<[miles] > fuck, I need coffee... time to hit a bar
<[miles] > bbiab guys
<[miles] > thanks for the info btw
<gawdzilla> Is there an ircd webadmin type tool like admirc ?
<gawdzilla> hopefully for ircd-hybrid
<gawdzilla> Is there an ircd webadmin type tool like admirc ?
<[miles] > gawdzilla: I don't know of one
<[miles] > gawdzilla: you hit sourceforge?
<gawdzilla> yup
<gawdzilla> and anope forums
<[miles] > gawdzilla: one second... you want an admin interface to control an irc server? correct?
<gawdzilla> yup
<[miles] > right, gimme a min
<gawdzilla> nickserv chanserv and so on
<[miles] > I'm just asking in another channel
<gawdzilla> bot maintenaince would be nice but I'd settle for minimalistic service control
<gawdzilla> thanks
<[miles] > sorry, the guys I thought might know... don't
<[miles] > gawdzilla: ask in #freenode ?
<[miles] > gawdzilla: surely someone there will know....
<gawdzilla> OK, thanks for the suggestions
<[miles] > gawdzilla: it's the only thing I can personally think of... asking there
<[miles] > gawdzilla: does it have to be irc server?
<[miles] > gawdzilla: jabber servers are cool
<gawdzilla> Yes since I'm already running it
<gawdzilla> tho later a migration to jabber with an irc bridge could be interesting
<[miles] > gawdzilla: I personally install jabber servers normally
<gawdzilla> yes they have many interesting interfaces toother protocols
<[miles] > nod
<[miles] > lionel: still there?
<lionel> [miles] : yep
<[miles] > lionel: do you happen to know, the next LTS release?
<lionel> no
<[miles] > lionel: with 5 year support on server.
<[miles] > lionel: ah ok
<lionel> it is not planned obviously
<lionel> I heard some times ago that it would be every two years
<[miles] > ok
<lionel> so feisty+2 may be a LTS...
<lionel> feisty will not be and feisty+1 will probabily not be
<[miles] > k
<[miles] > lionel: you work for Canonical?
<lionel> no :)
<[miles] > :)
<[miles] > contributor?
<lionel> yep, only contributor
<lionel> (small contributor ;))
<[miles] > jeje
<davekempe> was someone here asking about securing PHP apps for shared hosting?
<shawarma> davekempe: There was some talk about in on the mailing list. Maybe here, too.
<davekempe> yeah i cbfed posting to mailing list, but was going to suggest apparmour
<davekempe> need to test it some more, but it should be in fiesty
<shawarma> cbfed?
<ajmitch> "can't be bothered" :)
<davekempe> :)
<shawarma> huh?
<shawarma> That becomes "cbfed" how?
<davekempe> lol
<ajmitch> replaced bothered with another word
<shawarma> fish? finger? fenestrate?
<shawarma> fantasise?
<ajmitch> fish
<shawarma> Oh, good.
<shawarma> Then I get it.
<shawarma> :-p
<davekempe> anyway. what do you guys think of apparmour?
<ajmitch> not a huge fan, though I can see a few people using it
<davekempe> why not a fan?
<ajmitch> path-based MAC, weak & messy
<ajmitch> labelling is more complex, causes more complex policy, but is more complete in that regard
<davekempe> all security is compromise
<theacolyte> join #cacti
<theacolyte> !
<jjesse> is there a feisty download for ubuntu server x86?
<jjesse> i see a daily for amd64 and also sparc but no x86
<fabbione> jjesse: if you are looking for daily build, there was a bug on our cdimage publisher.. so today image might not be there
<fabbione> otherwise just download Beta release and dist upgrade
<jjesse> fabbione: is that from cdimage.ubuntu.com/ubuntu-server/ ? 
<fabbione> http://cdimage.ubuntu.com/ubuntu-server/daily/current/ <- those are daily build
<fabbione> and i386 is missing
<fabbione> http://releases.ubuntu.com/feisty/ <- beta release
<jjesse> ah sorry 
<jjesse> silly me
<fabbione> no problem
<theacolyte> ooo, reading the instructions on upgrading to 7.04 -- nice work on that, very easy :)
<shawarma> Is there a guide for upgrading servers?
<theacolyte> yup
<theacolyte> https://help.ubuntu.com/community/UpgradeNotes
<theacolyte> err sorry
<theacolyte> https://help.ubuntu.com/community/FeistyUpgrades
#ubuntu-server 2007-03-28
<foo> I am helping someone install ubuntu on a Dell PowerEdge SC1435 (http://www.dell.com/content/products/productdetails.aspx/pedge_sc1435) - the system has a SAS 5iR RAID controller. During ubuntu, on the partition screen... it hangs. We tried this: http://ubuntuforums.org/showpost.php?p=1575949&postcount=20 .. any idea why the hang? ALT+F2 didn't show any verbosity or anything, hmm. 
<foo> Would you guys recommend ubuntu 6.06 LTS AMD64 or x86? I've been told AMD64 isn't too stable... thoughts? 
<shawarma> foo: amd64 is stable. The only issue with amd64 I'm familiar with is stuff like plugins for firefox, but that's hardly relevant on servers. :-)
<foo> shawarma: ahh, yeah. :)
<foo> shawarma: thank you :)
<shawarma> foo: Where does the boot hang?
<foo> shawarma: Right before the partitioner, after he presses enter on the web proxy set up
<foo> Someone else suggested to boot with the ubuntu live cd and do the partitioning prior to the install, which isn't a bad idea
<foo> Any two cents appreciated :)
<shawarma> I'm sorry, I've got to run. I'll be around later, though.
<foo> shawarma: alrighty, hit me up if you have some input - thanks
<Burgundavia> ivoks: it was you who was discussing network management tools ala zabbix the other day, no?
<ivoks> yes
<Burgundavia> you looked into that python based one, no
<Burgundavia> ?
<ivoks> hm.. zenoss?
<Burgundavia> yep
<ivoks> zenoss requests NOPASSWD in sudoers for /bin/kill
<Burgundavia> ya
<ivoks> i've asked on devel list about this, but no one responded yet
<Burgundavia> ah
<ivoks> as soon as i catch some free time, i'll investigate why is this needed
<ivoks> i guess there are some processes that run as zenoss user
<ivoks> which try to kill processes runed by root
<ivoks> this is someting i dislike
<ivoks> if that's the case, i'll work on a workaround
<foo> Strange
<foo> I run nagios now..
<foo> I've seen zenoss (and have a zenoss) hat at the socal linux expo... and was going to migrate my stuff to it 
<Burgundavia> http://dev.zenoss.org/trac/search?q=sudoers&wiki=on&changeset=on&ticket=on
<Burgundavia> ivoks: where is the link to the devel list?
<ivoks> they got forum :)
<Burgundavia> are their any other gotchas in the code that we have picked up?
<ivoks> i didn't look at it yet
<Burgundavia> ah, I see
<ivoks> i started to read INSTALL and saw this
<Burgundavia> ok
<Burgundavia> I am going to write the asterisk MIR now
<ivoks> http://community.zenoss.com/forums/viewforum.php?f=3&sid=8720860bbc055abbbdb95b4b31429498
<ivoks> great
<Burgundavia> yep, got it
<Burgundavia> wow, the zaptel installation method is hideously ugly
<foo> Burgundavia: Setting up asterisk or something? 
<Burgundavia> I already have an asterisk box at work
<Burgundavia> it has uptime measured in hours
<Burgundavia> and it is built on 2 years old cvs asterisk code
<Burgundavia> on White Box EL 3
<Burgundavia> but apparently my gf is nagging me to come to bed
<ivoks> Burg. have a good night :)
<foo> haha
<foo> women. *shrug* 
<foo> :)
<foo> ivoks: Heya, you work with dell servers by any chance?
<ivoks> couple of them, yes
<ivoks> 1600sc and 1500sc
<ivoks> that reminded me, i should put back cover on one of them :D
<foo> haha!
<foo> Sweet!
<foo> I'm dealing with the 1435C. trying to help someone get ubuntu on it
<foo> Haven't had luck getting RAID0 and RAID1 to work
<foo> http://ubuntuforums.org/showpost.php?p=1575949&postcount=20
<foo> Going to give that a shot
<foo> Any two cents ivoks ?
<ivoks> sorry, wasn't here
<ivoks> let me see...
<ivoks> what raid controler is that?
<foo> SAS 5iR
<foo> I know that's not what the article shows that I linked, but a friend (lullabud) said it might do the trick
<ivoks> ok, that's a hardware raid
<ivoks> and megaraid_sas isn't included in initrd? hm...
<foo> yu
<foo> p
<ivoks> but this page is for software raid
<foo> ahh
<foo> Hmm, we were just going to try it, I had  no idea
<ivoks> i.e. if you have hardware raid
<foo> I had them try with ubuntu 6.06 and guy said it hung when he got to the partitions part of the install 
<maswan> a real raid doesn't need any support, it should just appear as normal scsi devices
<ivoks> linux will see only one disk (assuming you set up raid before installing)
<foo> maswan: agreed.
<ivoks> and one can't expirience thise problems
<foo> ivoks: ahh
<ivoks> these
<foo> Alright.. so, I probably need to tell the guy to set up RAID in the RAID BIOS?
<foo> er, I shouldn't assume he did that, I did
<ivoks> if you can't set it up in bios, than it's software raid
<ivoks> right
<ivoks> i preferre hw raid, but there are some that preferre linux software raid
<maswan> if you want to set it up from inside the OS, it depends on alot of factor
<foo> Should SAS 5iR be hardware RAID?
<foo> I would prefer hw raid
<maswan> probably, yes
<ivoks> http://lists.centos.org/pipermail/centos/2006-October/070929.html
<ivoks> yes, it is
<foo> I see
<maswan> handling them from inside the OS usually depends on you finding a management tool and hope it runs on your distribution (and not just red hat 7.2)
<foo> hah, I see
<foo> We're going with ubuntu
<ivoks> good choice :D
<foo> Eh, I've gotten so much crap for using ubuntu. 
<foo> I'm all for giving things a chance...
<maswan> It shouldn't be a problem to set it up in bios, you probably want to look for the management tool anyway though
<foo> And ubuntus support and everything is just great
<maswan> but that's a later problem, not for install
<foo> The common answer I get is "it's a desktop distro"
<foo> eh, I take it as ignorance and move on.
<foo> I see
<ivoks> when i installed ubuntu on dells
<ivoks> i got setup CD with server
<ivoks> whit it i've created raid
<ivoks> and then rebooted and started installer
<ivoks> iirc, it didn't have raid bios :/
<foo> ahh
<foo> This should have a raid bios
<ivoks> IIRC!
<foo> I'm just telling someone, I hope it does
<foo> ivoks: You run ubuntu on those other SC servers?
<ivoks> yes
<ivoks> i run ubuntu only
<ivoks> :)
<foo> nice. What are your primary reasons for running ubuntu?
<foo> (I will use these when I talk to folks as well)
<ivoks> personal reasons...
<ivoks> i worked with debian for 8 years
<foo> I love debian.
<ivoks> i do have RHCE, but i find ubuntu to be superior in things i do
* foo has a debian polo shirt
<foo> hehe
<foo> I see
<ivoks> for example...
<ivoks> rhel 4 has very old samba
<ivoks> this samba doesn't work with some versions of MacOSX
<maswan> ubuntu on the server is like debian, except it "just works", and we have a bit better experience in speedy security upgrades
<maswan> (speaking as to why we use it at work)
<[miles] > mornign guys
<ivoks> foo: if you need a reason:
<[miles] > erm, question:
<ivoks> http://www.google.com/trends?q=ubuntu%2C+redhat
<ivoks> :)
<maswan> oh, and a resonable upgrade schedule, so that when you feel like doing a site upgrade, there is always something _resonably_ fresh around
<[miles] > I've just put in a ubuntu server 6.06, and it's fine...
<ivoks> right
<[miles] > but, I have a fwbuilder script that I execute on boot, and it's churning all the logs to the terminal
<[miles] > is there no syslog installed by default?
<ivoks> i could go with newer apache, php etc on redhat
<ivoks> but i loose support then
<ivoks> and i'm on my own...
<ivoks> with ubuntu i'm safer
<ivoks> i can go with dapper or some newer version for 'edgy' setups
* foo nods
<foo> ivoks: thank you! Hm, where are you located? If you don't mind me asking
<ivoks> foo: zagreb, croatia
<ivoks> foo: with clients even outside croatia :)
<foo> hm, never heard of .. either of those... hehe, anyways, cool! Thanks, I'll hang around here.
<[miles] > ivoks: you know nxor?
<ivoks> [miles] : no
<ivoks> [miles] : maybe, but not by nickname
<[miles] > he's a SUSE guy
<[miles] > Daniel Radic
<ivoks> no, i'm afraid not...
<[miles] > http://smeet.zeilers.net/2006/attendees
<[miles] > right... coffee time
<[miles] > bbiab
<ivoks> [miles] : yes, there is syslog
<ivoks> [miles] : you should set it up to not display iptables messages to console
<[miles] > ivoks: weird, cos on the other box, it's not doing it
<[miles] > just the UBS 6.06 one
<ivoks> well, i can't check it out now, cause i have to go...
<ivoks> bbl
<[miles] > yo
<lionel> hey [miles] 
<[miles] > mmm syslog was installed.. how strange... I have no idea why the firewall logs are getting outputed to the console :-|
<[miles] > bonjour lionel
<[miles] > lionel: do you have any idea as to why this might be happening please?
<lionel> firewall usually log on console and syslog
<lionel> iirc it is log priority related
<lionel> dmesg -n 1 should prevent this
<[miles] > sorry back now
<[miles] > it's a fwbuilder script
<[miles] > lionel: is there a configuration file where I should specify the -n 1
<[miles] > ?
<lionel> I don't know :-(
<[miles] > lionel: ok, np, I'll google around, for sure you've hit the nail on the head tho
<lionel> let me know if you find a solution :)
<[miles] > nod, thanks dude
<[miles] > I will
<[miles] > I can't check it until nearly 14:00
<[miles] > damn it
<[miles] > cos it's the firewall for the internel network... got 2 x boxes... can't swap'em around
<[miles] > lionel: FYI, I just made some modifications, simply adding /bin/dmesg -n 1 did work, many thanks for that info dude
<[miles] > I placed it in the .fw script btw
<lionel> hehe ;)
<lionel> that's a solution
<[miles] > seems thats what everyone does
<[miles] > lionel: UBS 6.06 makes a nice firewall...
<[miles] > lionel: bare min... superb
<lionel> UBS ?
<[miles] > lionel: may I ask you, your relations with ubuntu are at a personal level or business?
<[miles] > Ubuntu Server
<lionel> both
* [miles]  has no idea why he always refers to it as UBS
<[miles] > lol
<lionel> I have about 20 servers here under Ubuntu
<lionel> (here = at work)
<[miles] > ah ok
<lionel> most of my servers in fact (some still in Debian and very few run Windows)
<[miles] > lionel: may I pm you?
<lionel> sure !
<foo> [miles] : Would you happen to run the servers with ubuntu on dell hardware?
<[miles] > yes
<[miles] > foo: our hwp is dell
<foo> sweet, which ones?
<[miles] > poweredge
<ivoks> foo: no luck with dell?
<lionel> here also i use Dell Powerdge
<foo> ahhh, sweet... you guys rock
* foo is going to start idling here
<foo> ivoks: ah, I've shot him an e-mail - he's going to try it tomorrow, I don't have physical access, just remote
<foo> [miles] : 1435SC by any chance?
<[miles] > mmm will have to check
<[miles] > foo: gimme 5 mins please
<foo> [miles] : ah, no problem - thanks!!
<foo> lionel: What about you? Dell poweredge 1535SC by any chance
<foo> ?
<foo> (if you'd happen to knw0
<foo> know)
<lionel> no, I have only 850, 860, 1850, 1950 :-(
<lionel> foo: what is your problem ?
<davekempe> foo is the 1535c a new model? what problems are you having with it? 
<foo> lionel: Had some issues with the SAS 5iR RAID Controller... was just looking for living proof that someone got it working, hehe
* netjoined: irc.freenode.net -> brown.freenode.net
<lionel> foo with Dapper ?
<foo> Ubuntu 6.06 LTS AMD64 hung after the proxy setup... which is right before the partitioning part
<davekempe> do you have the lspci output?
<foo> I'm helping someone set it up and I'm thinking he didn't configure the RAID array in the RAID BIOS
<foo> davekempe: Can't get that far :) Might try the ubuntu live cd tomorrow if he did build the raid array
<davekempe> yeah. feisty kubuntu or knoppix 5.8 might be a good source of info
<davekempe> whats your target distro? dapper?
<lionel> davekempe: kubuntu ? :)
<foo> haha.
<foo> Would like to get dapper LTS AMD64 working if possibly
<foo> If need be, 6.10... but starting with that
<foo> I'd be able to troubleshoot more if I had physical access to the server, but since I don't - I'm trying to ask around to make it easy on the guy, hehe
<davekempe> lionel, kubuntu cos i prefer konsole, and cos its the best amd64 livecd around
<lionel> davekempe: no problem, I would have said "Feisty live CD" to avoid (k)Ubuntu troll ;)
<davekempe> foo, when this has happened to me (quite a few times now) I have needed a lengthy session at the console to get things work
<davekempe> lionel,  :)
<lionel> Time for lunch here. bbl
<foo> davekempe: eek. To my understanding the SAS 5iR RAID card is true hardware RAID... so, if the RAID array is built successfully, it should work fine... I assumed he built the array, but have not confirmed 
<davekempe> foo - SAS is a new storage mechanism, so 'true' or not, dapper might not support it nicely
<ivoks> is there realy something to troubleshot or you are just guessing?
<foo> davekempe: I see
<ivoks> davekempe: it does
<foo> ivoks: Wha? Yeah, it hung after the http proxy setup, right before the partition
<ivoks> sas has little to non impact on OS
<foo> I see
<foo> ivoks: hehe, I don't doubt ya, just askin' around. 
<foo> Anywho, hopefully he just needs to build the array and we can be on our merry way
<foo> lionel: Lunch? Geez, it's 4am here. hah
<davekempe> ivoks, i have had plenty of trouble with various sas controllers and dapper, not sure what you are getting at
<ivoks> foo: i'm just interested if you tried to install ubuntu or just asking random people do they have problems with dell? :)
<[miles] > sorry I have to run out of the office to meet the wife... foo, I'll be back shortly
<ivoks> davekempe: lol... well, i had none :)
<foo> [miles] : np
<foo> ivoks: ah, we've tried... hence how I know it froze. It was explained to me, though, and I have to maybe explain to him how to build the RAID array, we'll see
<ivoks> it froze?
<ivoks> i doubt it frozed cause of raid controller
<foo> froze... hung .. no progress bar movement.. yeah.
<ivoks> did you try booting it with pci=nommconf?
<davekempe> foo, the exact same thing happens to me on a Sun 4100 SAS, but only when the mirror was configured
<foo> It was right before partition setup.. don't know.
<foo> ivoks: nope, should we try that? 
<ivoks> ah.. i see
<foo> I see
<davekempe> the ibm base model server x405 i think did something simiilar as well
<davekempe> and adaptec sas controller in that one
<davekempe> you gotta get in front of the machine, switch to alternate console and go from there
<foo> alternate console = alt+f2 ?
<davekempe> on the Suns, the installer sits there spewing messages about a floppy controller or something, then finally gets there.... but seriously, we need more info before we can help you
<davekempe> or alt+f3 or F4
<ivoks> right
<foo> Right, I told him to do that.. said it was just a normal login.
<foo> I have seen verbosity there myself, which is why I asked him
<foo> Hm, I'm assuming a DRAC card would allow me to do this all remotely, right?
<ivoks> what else do you need except normal login?
<ivoks> then you have dmesg
<ivoks> lsmod and all the tools for diagnose
<foo> ivoks: err, good point, I'm used to just seeing dmesg on that console. I'll have him do that tomorrow
<foo> for sure
<foo> hm, can he set up ssh too, hehe
<ivoks> yes
<davekempe> alt+f3 might do it, or F4 I can't remember. i just do its instinctively
<foo> ahh, sweet. thanks guys
<ivoks> err... no, only if he install it first :)
<foo> ah, yeah, he can probably bring the network up and get me in, nice
<davekempe> if you really can't get it working, boot off a livecd, install ssh an get in from there
<foo> heh, no need for a livecd, then
<foo> yeah
<davekempe> then you can use debootstrap to install dapper
<davekempe> and even build a custom kernel
<ivoks> or build custom kernel and do net boot
<ivoks> anyway... bll
<foo> ah, turns out he did set up the RAID array
<dballester> hi to all
<Odd_Bloke> Hi guys, I'm running kernel 2.6.15-26-server (Dapper) and need the kernel headers. There is not, however, an equivalent headers package. Can I get headers for this kernel or do I need to upgrade to a (marginally) more recent kernel?
<ivoks> huh?
<ivoks> linux-headers-2.6.15-26-server
<ivoks> and... that's old kernel
<ivoks> you should update your server
<Odd_Bloke> Hmm, I appear to be going insane.
<Odd_Bloke> ivoks: I've just installed it, and it didn't upgrade it automatically...
<ivoks> it won't do that
<ivoks> you have to manually update it
<ivoks> i would suggest installing linux-server package
<Odd_Bloke> ivoks: Already installed.
<ivoks> then apt-get update
<ivoks> apt-get dist-upgrade
* Odd_Bloke isn't stupid enough to dist-upgrade.
<ivoks> ?
<Odd_Bloke> I've never had a dist-upgrade work in my life.
<ivoks> this will not install newer distribution
<ivoks> but a upgrade for kernel
<ivoks> s/a/an
<Odd_Bloke> It didn't install anything.
<mralphabet> did you do the update first?
<Odd_Bloke> Yup.
<ivoks> are you sure you aren't running 2.6.15-28?
<Odd_Bloke> I am.
<Odd_Bloke> (Sure)
<ivoks> so... you don't have internet repositories enabled?
<Odd_Bloke> Though, looking at /boot, I do have 2.6.15-28 installed.
<ivoks> ok...
* Odd_Bloke reboots.
<Odd_Bloke> OK, now it's booting with 2.6.15-28
<[miles] > mmm anyone having problems accessing security.ubuntu.com
<[miles] > ?
<[miles] > mmm anyone having problems accessing security.ubuntu.com
<lionel> it is very slow / unavailable for me since this morning
<[miles] > ah ok, not just me then
<[miles] > lol
<ivoks> i use mirrors archive
<[miles] > guys, u know a way to view the cache in bind?
<ivoks> dig @localhost :)
<ivoks> dig @localhost [domain] 
<ivoks> actualy, <domain>
<[miles] > nah, rndc dumpdb
<[miles] > :)
<[miles] > works perfectly
<[miles] > jesus, the update servers are slowww today
<[miles] > gonna have to setup a proxy cache
<[miles] > mmm whats better, apt-proxy or apt-cacher ?
* [miles]  pokes lionel a bit
<lionel> hey ;)
* [miles]  does it some more 
<[miles] > :P
<lionel> If you have bw, the best is probabily a local miror 
<[miles] > really?
<[miles] > lionel: you don't use apt-proxy or apt-cacher?
<lionel> from what I have seen, squid tends to replace apt-proxy/apt-cacher
<lionel> no
<lionel> Dapper i386 is "only" 9G of disk
<lionel> if you have many system with that...
<[miles] > ok
<lionel> I have a boubt on 9...
<lionel> may be 13
<lionel> but with some bandwith, it should not be a problem
<ivoks> i would suggest squid too
<[miles] > ivoks: :-|
<[miles] > mmm
<EtienneG> miles, we use apt-cacher here with good success
<coNP> hey
<coNP> is it possible to install a ubuntu server (in fact the alternate, because I need RAID as well) from a running system?
<coNP> just as I were using ubiquity (that is not a solution, however, because it does not support RAID if I am right)
<mralphabet> coNP: without a reboot?
<mralphabet> or rather, what do you mean by running?
<coNP> I have a desktop machine
<coNP> I have a hard disk installed on that  I want to have the new system
<coNP> I want to boot my desktop machine and then install the new system 
<coNP> while I am able to perform regular tasks as answering e-mails, etc.
<coNP> finally I remove the hard disk and put it back to the new machine
<mralphabet> I do not understand why you just can't install ubuntu on the new machine, it takes 15 minutes
<coNP> because I only have the hard disk here:)
<coNP> and I don't want to move the whole big machine
<Burgwork> you can do that
<Burgwork> grab the alternate, install on it
<Burgwork> swap the harddrive
<Burgwork> go
<coNP> sure that is what I wanted
<coNP> but then I imagined that it might be possible to install from my desktop
<shawarma> coNP: It is. You can use debootstrap.
<coNP> oh, thanks
<coNP> I install the hard disk and -- hopefully :) -- come back
<mralphabet> is it me or is that just overcomplicating the process
<shawarma> mralphabet: Probably.
<radevil_> hello
<radevil> hello
<radevil> I want to apply to the ubuntu server developer team
<radevil> is there anybody here that works for canonical in that position that can gives me some information please?
<mralphabet> http://www.ubuntu.com/employment#head-9a9627b56fd16e9c958afc0774a78ef29d3c9098
<mralphabet> not sure if you have seen that
<radevil> well i wanted to know about the job
<radevil> how much time does it takes
<radevil> schedule
<mralphabet> I don't know that anyone here works for canonical
<radevil> mmm so you're all colaborating with support
<Burgwork> radevil: which job?
<mralphabet> I could easily be wrong, but it isn't something that has been brought up
<radevil> ubuntu server developer
<Burgwork> right
<Burgwork> for that you would need to talk to canonical direclty
* ..[topic/#ubuntu-server:Burgwork] : Ubuntu Server discussion and support | general (not server specific) support -> #ubuntu-server-admin
<radevil> do yuo wirk for canonical?? 
<Burgwork> no
<radevil> you work*
<radevil> mm ok, well i though i could find someone that works for them to find some more information about the schedule, and some other stuffs
<radevil> thanks a lot for the help
<Burgwork> radevil: wait
<Burgwork> basically, the job requires you to have some debian skills and lot of server experience
<Burgwork> you can work from home
<Burgwork> there are a minimum of two international conferences you would need to attend each year, called Ubuntu Development Summits
<Burgwork> do you have experience with open source in general?
<radevil> yes, i have experience working with debian servers
<radevil> LDAP, Bind DNS, iptables, apache, etc ...
<shawarma> Burgwork: Why would you want general support to go to #ubuntu-server-admin instead of #ubuntu ?
<Burgwork> because #ubuntu is completely and totallly full
<Burgwork> I would rather have -admin merge into here, as we are not busy here
<shawarma> Oh, #ubuntu-server-admin is not new?
<shawarma> I just never heard about it before.
<shawarma> Burgwork: Even though #ubuntu is full, it's still the proper place to ask how to install nvidia drivers and whatnot.
<Burgwork> is new
<Burgwork> if we are trying to promote Ubuntu on the server, throwing them to #ubuntu is not a good way to do it
<shawarma> Definitely not.
<Burgwork> I suspect that most people running on Ubuntu ont he server know those basic things
<shawarma> But this channel is for server support, too?
<Burgwork> they are looking for higher level advice
<Burgwork> oh, right
<ivoks> :)
<Burgwork> I didn't read the topic before I changed it
<ivoks> this is dev+support channel :)
* Burgwork hangs his head
<radevil> lol
* ..[topic/#ubuntu-server:Burgwork] : Ubuntu Server discussion and support | general (not server specific) support -> #ubuntu
<ivoks> Burgwork: is good to know that we all think a like :)
<Burgwork> shall we merge -server-admin into this one?
<ivoks> sure
<Burgwork> innatech registered it
#ubuntu-server 2007-03-29
<Innatech> Anyone have any known gotchas relating to setup of OpenLDAP + Samba3 (as a PDC) on an LTS server install?
<theacolyte> Yeah
<theacolyte> It doesn't work without a lot of work :)
<theacolyte> I gave up personally
<Innatech> Hehe. Can you recall what the dealbreakers were? 
<theacolyte> Hmmm
<theacolyte> When I left off, I had samba running, but whenever I tried to access a share it wouldn't authenticate, can't remember anything more specific
<theacolyte> All appearances it looked fine though
<theacolyte> And to be more precise -- it wasn't OpenLDAP it was ADS... but I tried it with LDAP just to make sure, didn't work either
<theacolyte> hehe
<Innatech> Aha. OK, good to know. Thanks. 
<theacolyte> there's a lot of documentation out there, none of which seemed to work
<Innatech> Yeah, it all seems either old or to make a point of avoiding the LDAP back-end.
<theacolyte> evaluating openfiler right now actually. Tired of buying CALs for a fileserver
<theacolyte> (win2003)
<Innatech> I'll try and document what I do in a useful way if I can get it going. 
<theacolyte> Yeah, if you get it working, I'd love to see what you did
<Burgwork> I would use fds, personally
<Burgwork> do you have windows or linux clients?
<Innatech> Windows clients. 
<theacolyte> windows
<theacolyte> all xp sp2
<Burgwork> hmm
<Burgwork> I am lucky, I have all Ubuntu, client and server
<theacolyte> So, for me, I'd have to auth against AD (using AD or LDAP)
<theacolyte> There's no chance in hell I'll ever be able to move our desktops to linux unfortunately
<Burgwork> for AD, you need samba 4
<theacolyte> I'd be fired if I even mentioned it (not really, but if I tried)
<Burgwork> samba3 is only for client
<Innatech> yeah. My clients won't give up Windows on the desktop either, but they're *totally* excited about replacing their network's core with Linux. 
<Innatech> mm....Samba3 will work as an 2000-style PDC. 
<theacolyte> I can't get rid of Exchange
<theacolyte> Burgwork: I'm not trying to replace my DC's/GCS's
<Innatech> Which version of Exchange?
<theacolyte> 2003
<theacolyte> I can't justify 2007
<Innatech> Yeah. 
<theacolyte> Especially since it's about as likely I'll switch users to linux as I'll be installing Office 2007
<theacolyte> LOL
<Innatech> If you were running 2K, you could probably get away with a Samba PDC, but not with 2003. 
<theacolyte> I'm a 1 man IT shop for 120 employees 5 offices 30 remote users... no time to train
<Burgwork> I think you both shoudl stick with AD and Exchange
<Burgwork> there are no drag and drop solutions yet
<Innatech> Well, I don't sell Windows servers, so.....
<theacolyte> Yeah, the only thing I was going to replace actually was fileserving, just because I'm not compliant with CAL's and I don't really want to drop $3000 just so people can access shared files
<theacolyte> (don't tell MS)
<Burgwork> ya
<Burgwork> this is a publicly logged channel
<theacolyte> BSA ALERT... BSA ALERT
<theacolyte> Actually, I'm using Ubuntu Server as a backend server... NTP, Cacti, Splunk, various other things you can't do with Windows well
<Innatech> Yup. My clients are all smaller offices. They're gerneally happy with hosted exchange, and don't want to spend the money to have a Windows domain on site when I can give them everything but Exchange on Samba. 
<theacolyte> working nicely
<Innatech> I just haven't tried to do it with LDAP or on LTS before. 
<Burgwork> what LTS are you talking about?
<Burgwork> long term support?
<Innatech> Ubuntu LTS. yep. 
<theacolyte> 6.06?
<Burgwork> rightr
<theacolyte> Splunk is really, really, really nice by the way
<Innatech> But, really, if I never see another .rpm I'll be a happier man. So I'm going to try it. 
<theacolyte> hehehehe
<theacolyte> I'm actually coming from a RHEL background and before that good ol' RH. I know what you mean.
<Innatech> Heh. I have the 1999 "Learning Red Hat" on my shelf. I still use some CentOS but I'm much happier on Debian based distros. 
<theacolyte> CentOS is pretty decent
<Innatech> Yeah, it's nice to have it available. 
<theacolyte> Burgwork: How is FDS? Never messed with it
<Burgwork> not bad, well tested code
<Burgwork> it is the old sun/netscape code
<theacolyte> yeah
<theacolyte> Does it do stuff like delegation, group policy, etc? It's been awhile
<Burgwork> I honestly have no idea
<Burgwork> I run OpenLDAP here, because it is supported on dapper
<theacolyte> Got it
<theacolyte> Oh, by the way, something I haven't looked into yet -- is there a OSS RADIUS server available in the standard repos?
<Innatech> Oh, that's a good question. 
<Burgwork> http://packages.ubuntu.com/cgi-bin/search_packages.pl?exact=0&searchon=names&version=all&case=insensitive&release=all&keywords=radius&arch=any
<Burgwork> freeradius, by the looks of it
<theacolyte> not bad then
<Innatech> yup, that's what I'm finding too. 
<theacolyte> I see krb5 so that makes me happy
<Burgwork> ajmitch is working on an auth tool
<Burgwork> make it easy to take an Ubuntu client and auth against either AD or LDAP
<Burgwork> stratus: greetings
<theacolyte> I'm in the process of setting up a totally OSS Cisco replacement for MARS, ACS, etc... since there's no way I can justify event corrolation, access control, etc to anyone in the company besides myself
<theacolyte> Burgwork: that would be nice as hell. I'd love a distro that out of the box could auth against a domain a-la windows
<Burgwork> SLEd can do it
<stratus> Burgwork: thanks. howdy?
<theacolyte> yeah but SLED is $
<Burgwork> I was chatting with ajmitch, stratus
<Burgwork> said you were a DD
<stratus> Burgwork: oh great, I've read your name here and there.
<stratus> Burgwork: nice to talk with  you
<Burgwork> likewise
<stratus> ajmitch: #315297 makes me nervous
<stratus> Burgwork: hold on while i read your mugshot and pretend that I know your internet history track for ages. :)
<stratus> Burgwork: do you watch bsg?
<Burgwork> mugshot. RedHats answer to not having enough projects to work on
<Burgwork> I do
<Burgwork> though I have seen none of season 3
<Innatech> I haven't seen much of 3 either. 
<Burgwork> stratus: why does fds scare you?
<stratus> I need to watch the last 3 episodes from season 3
<stratus> Burgwork: that ITP opened for ages makes me nervous, nothing against fds though.
<Burgwork> ah
<stratus> I'm psyched with bsg and looking forward for caprica and/or the bsg movie DTV
<Burgwork> given the ratings, I am worried about getting a 5th season
<theacolyte> Alright all- I'll catch you later, going to go home, get some dinner with the wife, then get back to work... oh and maybe say hello to her for the first time in a few days... take it easy :)
<stratus> I need to bug noel about pkg-fedora-ds in alioth.
<Burgwork> doesn't alioth do gzr now?
<Burgwork> I know the X team has a git repo
<stratus> 5th season? noooo. There's just the 4th season confirmed for next year - 13 episodes.
<Innatech> I think there will be a fifth season....I'm pretty sure they're working out how much everyone's going to get paid for it already.  Of course, it might get cancelled along the way if it stops doing well. 
<stratus> we've <everything>.d.o
<Burgwork> 22 hours for the 4th season, actually
<Innatech> I read somewhere that a B5 miniseries is going into production. That might be interesting, if they don't mangle it too badly. 
<ajmitch> afternoon
<ajmitch> Burgwork: ah, mentioning my name again
<Burgwork> of course
<ajmitch> stratus: that ITP was open for ages for a reason
<ajmitch> I've been talking with herzi
<stratus> ajmitch: There's pkg-fedora-ds, and just noel and a NM on the team, and AFAIK they did nothing yet in any VCS.
<ajmitch> noel & herzi (who owns the ITP_
<ajmitch> last time I tried to join the team alioth was throwing a fit with the database :)
<ajmitch> I should follow up on it
<ajmitch> ok, resubmitted team request
<stratus> great, let me know if they give you a status update
<ajmitch> I expect it'll be the same as a few weeks ago (not much)
<stratus> I'll give fds a try on some vservers and probably do initial packaging, but I doubt I'll have something really useful before 15 Apr. I'm heavily busy with Sacix release related stuff until there.
<ajmitch> why 15 april? 
<stratus> we will release between 11-15 apr. :)
<ajmitch> even so it's far too late to get in :)
* ajmitch wonders if the 'we' is debian or ubuntu
<ajmitch> it'd be great if they ended up releasing on the same day :)
<ajmitch> feisty is meant to be out on the 19th of april
* ajmitch also wonders why you want to do initial packaging as well, before the 15th :)
<stratus> we as in sacix, a etch based cdd
<stratus> that would be great, yes
<ajmitch> I'll hopefully have something useful for fds working before the 15th
<ajmitch> depending on available time
<ajmitch> as in, I have something now, it's just not too useful yet
<stratus> oh, once you put your ubuntu (bzr?) feisty or feisty+1? based branch online i can also work on something usable for debian sid
<ajmitch> hm, but I'm trying to make something that will work for sid as well 
<ajmitch> no point restricting it
<ajmitch> a few extra libraries will need to be uploaded to sid & feisty+1
<ajmitch> (svrcore, mozilla ldap sdk)
<stratus> sure
<stratus> do you know if there's something simple to use over svrcore?
<stratus> if yes, i can work on this or any other small component starting this week and upload it to experimental
<ajmitch> not afaik
<ajmitch> well I've got svrcore & mozldap packaged
<stratus> i'll take a look on stuff like that tomorrow then.
<stratus> oh, good.
<stratus> push bzr branches!
<ajmitch> :)
* ajmitch will push stuff to debian too, don't worry :)
<stratus> I'm not worried about debian sync, but I want to play with fds ASAP.
<ajmitch> if it'll all work without hassles on etch, even better
<ajmitch> right
<stratus> It looks promising from a old school OpenLDAP user POV.
<foo> Hm, anyone with dell hardware around that I spoke with last night? Or that just has dell hardware? ubuntu keeps hanging during install on the partition
<foo> I'm trying to remotely help someone
<jronnblom> hmm, I have a problem with snmpd in dapper and im beginning to think its a bug in the 5.2.1.2-4ubuntu2 package for amd64
<fabbione> jronnblom: please file a bug in launchpad
<jronnblom> im trying to but can't find my way in that site ;)
<jronnblom>  Net-SNMP does not use Malone as its bug tracker.
<jronnblom> To report a bug about Net-SNMP, please use its official bug tracker.
<jronnblom> which is?
<jronnblom> might be this im hitting, http://sourceforge.net/tracker/index.php?func=detail&aid=1259966&group_id=12694&atid=456380
<fabbione> jronnblom: hold on a sec.. you are looking in the wrong place
<fabbione> https://bugs.launchpad.net/ubuntu/+source/net-snmp
<fabbione> this should work
<fabbione> there is "Report a bug" somewhere in that page
<jronnblom> ah, thank you
<[miles] > morning guys
<dballester> hi to all
<ivoks> hi
<shawarma> fabbione: re: https://launchpad.net/bugs/98518    I'm curious.. Why check for 10GB volumes?
<fabbione> shawarma: oh i thought i fixed it in a later version but i might be wrong
<fabbione> 10 GB is a special value.. the reported is right.. it needs to check for vendor too
<shawarma> I just found this: http://66.102.9.104/search?q=cache:hYfltnotmy8J:christophe.varoqui.free.fr/wiki/wakka.php%3Fwiki%3DTestedEnvironments%26show_comments%3D1+multipath-tools+sg_start&hl=da&ct=clnk&cd=1&gl=dk
<fabbione> yes i know
<fabbione> it's from where i took the data
<fabbione> i have that SAN at home
<shawarma> Ok. The configlet has vendor/device stuff in it. I thought that would take care of it.
<fabbione> the configlet is for the multipathd config
<fabbione> not the init.d script
<fabbione> so it does need fixing
* shawarma slaps his forehead
<shawarma> I was thinking that sg_start was something from multipath-tools and hence would check the config.. I'm clearly on crack.
<shawarma> and on a school night! Sheesh!
<fabbione> yes you are on crack.... kthxbye
<shawarma> :-)
<fabbione> the tech explanation on why 10GB.. it's an hardware "feature" :)
<fabbione> long to explain... if you don't have knowledge of a SAN and multipath active/active active/passive
<fabbione> food time
<shawarma> The reported size of the volume tells what role it plays in the SAN?
<fabbione> no it's simply the way in which the HSG80 exports a passive path... call it a bug in the firmware :)
<fabbione> it's just the way it has been done
<shawarma> right, ok. I've only ever worked with HP's XP512's.
<shawarma> They may have had similar weirdness. It was setup once and never really gave us any problems, so I've never really had to deal much with it.
<fabbione> it's not really a matter of problems you hit, but configuration and redundancy you want to achieve in this case
<shawarma> Sure. Stuff like that is just easier to remember the more you have to deal with it.
* shawarma scurries off for lunch
* fabbione is already digesting sushi
<\sh> could it be that nfs4 support in dapper is not working as it should?
<[miles] > guys I'm getting a CPU 1 : Machine Check Exception 4 Bank 3 : 000000000000000 TSC 0 Kernel Pacnic  - not syncing ....
<[miles] > on a 6.06 LTS server
<[miles] > never had a KP off an ubuntu server yet
<[miles] > fucked CPU?
<\sh> [miles] : looks like
<\sh> [miles] : AMD 64bit cpu?
<[miles] > aye
<[miles] > well
<\sh> well, cpu cache mem could be fcked up, too
<[miles] > it's Pentium D Dual Core
<\sh> cpu or cache mem I would guess
<[miles] > aye
<[miles] > I think it will be
<[miles] > mmm every day, my cron.daily ntpdate script sends me a damn email
<[miles] > no other cron.daily script does it except this one :-|
<shawarma> [miles] : It's probably the only one generating any output.
<dballester> hi again
<dballester> ubuntu-server & iscsitarget, any .deb ? any tip? regards and TIA
<Innatech> dballester: http://ubuntuforums.org/showthread.php?t=213545
<dballester> yet read :)
<dballester> thanks in anyway :)
<dballester> I undestand same process for Edgy, but seems that i will need to recompile each kernel update
<dballester> :/
<dballester> hope some day iscsitarget will be part of ubuntu server O:D
<mralphabet> feisty and vmware don't really mix well ;(
<mralphabet> fixed, stupid old /etc/vmware
<mralphabet> still can't install tar version of vmware server though 
#ubuntu-server 2007-03-30
<nealmcb> I'm upgrading via aptitude (dapper), and again I'm running into odd broken dependencies.  It says that cupsys-bsd is broken, and suggests that I need to upgrade it in order to upgrade cupsys-client to 1.2.2 My problem is, why on earth does it think I don't want it to do that automatically??  does it think I placed some sort of hold on it or something??  I never do that sort of thing on purpose....
<ivoks> you are dist upgrading or what?
<nealmcb> just a normal "U" for upgrade
<ivoks> so... you already have dapper?
<nealmcb> yes
<ivoks> so, it says that cupsys-bsd needs upgrading?
<nealmcb> Yeah.  in the aptitude gui, at the bottom "[1(1)/...]  Suggest 4 upgrades e: Examine  !: Apply  .: Next  ,: Previous"
<ivoks> doing sudo apt-get upgrade doesn't install new packages?
<nealmcb> I've been told for years that aptitude was better than apt, since it keeps track of what you really want to install
<ivoks> sorry, but i don't see a problem
<ivoks> it reminds you that you need to upgrade another package too
<ivoks> and if you choose apply, everything should go ok
<nealmcb> why does it ask me about cupsys-bsd, but not about cupsys-client?
<ivoks> if that 'reminding' is a problem, maybe you shouldn't use tool which primary job is to remind you about additional upgrades :)
<nealmcb> I didn't ask for anything in particular, and it comes up with not one, but four different things I have to approve
<ivoks> then don't use UI of aptitude
<ivoks> just run sudo aptitude upgrade
<ivoks> or dist-upgrade
<nealmcb> If I understood what was different about the two situations, it wouldn't make me nervous
<ivoks> difference betwean what?
<ivoks> doh...
<nealmcb> why does it ask me about cupsys-bsd, but not about cupsys-client?
<nealmcb> both need upgrading, but it makes a point of asking me about one of them
<ivoks> if you select one package for upgrade, than it will ask you for another one
<nealmcb> I didn't select anything in particular for upgrade - just a general "upgrade it all" but it starts asking questions about four packages out of the dozens that need upgrading
<ivoks> maybe cupsys needs additional library
<nealmcb> the other questions out-of-the-blue are about evolution-plugins , libc6-i686 and libglib2.0-data 
<ivoks> and if you approve instalation of cupsys-client, then that library will get installed
<ivoks> thus, you don't have to approve that for evey single package that depends on that library
<nealmcb> I could see it warning me if I was asking to do something custom, like holding cupsys-client at an old version.  but I'm just trying to say "upgrade it all"
<ivoks> you don't listen or you don't understand?
<ivoks> if new version of cups depends on a new library (which you don't have installed)
<ivoks> then, selecting upgrade of one cups package, selects that new library
<ivoks> since that library will get installed, you don't have to approve installation of every single cups package
<ivoks> they don't need special approval, since you will have that library and everything is fine with them
<ivoks> and, i'll repeat
<ivoks> why do you use aptitude UI if interaction makes you nervous? :)
<nealmcb> Both cupsys-client and cupsys-bsd are already installed, by default.  So it isn't an issue of needing a new library, as far as I can see
<ivoks> ok, for the test
<ivoks> when you do sudo apt-get dist-upgrade
<nealmcb> I like a GUI that tells me what I need to know.  I'm curious why I need to know about these four upgrades, out of all the others out there
<ivoks> does it say that it need aditional packages?
<nealmcb> why dist-upgrade?
<ivoks> that's what aptitude is doing
<nealmcb> I thought "U" was for just "upgrade", not "dist-upgrade"
<ivoks> i don't use aptitude, sorry, i can't help you
<ivoks> :)
<nealmcb> Ahh...
<nealmcb> for the record, sudo aptitude upgrade says it will upgrade both cupsys-bsd and cupsys-client.  So I still want to know why the GUI is making a big deal about cupsys-bsd and a couple others, out of dozens of upgraded packages.
<ivoks> press e?
<nealmcb> yeah, "e" helps give info.  But what is the equivalent for the command line?
<nealmcb> It is just odd that the GUI treats these packages differently than the command line, and I want to know why, and if there is a way to turn that off.  It gets far worse at other times with aptitude - e.g. packages showing up for deletion which none of my colleagues remember marking for deletion.  , which makes me wonder if folks really don't recommend it any more, like they used to.
<nealmcb> so maybe just doing it all from the command line, with apt-get or aptitude, is the answer for server administration these days?
<ivoks> i've never used aptitude, and i'm runing linux servers for 10 years
<marnaud> hi, I don't know if I'm at the good place for that, I have a question about logrotate, so maybe I'm not too off-topic and someone knows it well
<nealmcb> well, it was the default for either debian or ubuntu in 2004 or so as I recall
<ivoks> nealmcb: it was never default in ubuntu
<ivoks> and never in debian
<ivoks> dpkg is the only 'default' thing
<ivoks> everything else is glue on top of it
<ivoks> marnaud: sure, just ask
<marnaud> I have configured all my log files to be rotated once a month, and a rotation happened before she had to
<nealmcb> during installation of debian server pre-sarge in september of 2004, aptitude was the default
<nealmcb> I don't know if sarge shipped that way or not
<marnaud> I had chrony and I deinstalled it, I think it's that which is the problem because chrony has log files handled by logrotate
<ivoks> marnaud: all logs or just some of them?
<marnaud> after chrony was removed, the day after with the daily cron task, all my log files handled by logrotate were rotated
<marnaud> ivoks: all logs
<marnaud> so I don't know if it's a normal behaviour or if this may be a bug
<ivoks> marnaud: how did you configure logrotate to rotate only once in a month?
<ivoks> in every config in logrorate.d?
<marnaud> I configured it in /et/logrotate.conf with monthly directive
<marnaud> and all my config files in logrotate.d have monthly too
<ivoks> but... that file includes /etc/logrotate.d
<ivoks> ok
<marnaud> I don't know exactly how function /var/lib/logrotate/status
<ivoks> that should be ok
<marnaud> ok so it's a normal behaviour ?
<ivoks> it's not
<ivoks>  /var/lib/logrotate/status is status of when was the last time logs were rotated
<marnaud> yes, this confirms they were rotated
<marnaud> and not at the begin of the month as I must do normally
<ivoks> welll
<ivoks> you can do this :)
<ivoks> mv /etc/cron.daily/logrotate /etc/cron.monthly/
<marnaud> I'm sorry, I should precise, this rotation happened 3 days ago
<ivoks> even for syslog?
<marnaud> and since this unusual rotation, there is not daily rotations
<marnaud> this problem happened once
<ivoks> hm...
<marnaud> yes even for syslog
<ivoks> did you changed settings on that day?
<marnaud> no
<marnaud> that's why I wonder what happened and if it may be a bug
<ivoks> logrotate should start keeping it's own logs :)
<nealmcb> So now folks on another channel are saying that apt and aptitude are unreliable for doing upgrades - that update-manger is necessary, implying X11!!  Do folks here agree?
<foo> hmm, during the ubuntu install... I was told alt+f2.. setup network, install openssh-server... then I can ssh in remotely. Just wondering, is there anyway to run the installer remotely?
<foo> :)
<marnaud> ok I will make some tries because I'm curious about this problem :)
<LaserJock> marnaud: I don't think update-manager is the recommended upgrade tool for servers
<LaserJock> for a normal desktop it's a bit better because it has some extra "stuff"
<marnaud> LaserJock: sorry, I don't see why you talk me about update-manager :)
<LaserJock> hmm?
<Burgwork> nealmcb: there is going to be a commandline updater
<nealmcb> tell me more :-)
<nealmcb> one that uses the same python logic behind update-manager?
<nealmcb> burgwork ^^
<Burgwork> yes
<nealmcb> thanks
<Burgwork> justa  sec, getting the spec
<nealmcb> :-)
<Burgwork> https://blueprints.beta.launchpad.net/ubuntu/+spec/server-upgrade-tool
<ajmitch> hi Burgwork 
<Burgwork>  hey ajmitch
<nealmcb> Burgwork: thanks - I'll look at it later when I'm running firefox.  launchpad seems to have cookie and certificate problems, according to lynx
<LaserJock> nealmcb: I think elinks works with Launchpad
<LaserJock> I saw that bug in my bugmail today
<nealmcb> LaserJock: thanks - I'll try that out... after my big upgrade finishes so I can install it....
<nealmcb> LaserJock: elinks works - thanks
<nealmcb> Burgwork: This site is accessible by launchpad admins and members of the Launchpad   Beta Testers team only.
<Burgwork> nealmcb: nuke the word "beta" out of the url
<nealmcb> ahh - but it is on the normal launchpad site...
<nealmcb> :-)
<exobuzz> hello
<mralphabet> hello
<exobuzz> i have a question. i asked it on #ubuntu but got no reply, but i guess this channel is more suited as its a server issue
<exobuzz> anyway here goes: Im adding a usb hd to machine i have only remote access to. As such, I don't want to mount it from fstab, as that happens before networking is started, and in case of some failure, i want to be able to log in. So I intent to create an entry in fstab with noauto and "0" for fsck order so it doesnt get checked/mounted. Then I can mount later on. I want it mounted BEFORE apache/proftp etc as it will have files on
<exobuzz> it needed by those daemons and others. Are the update-rc.d "defaults" suitable for this, ? does the system normally run fsck on every boot and fsck decides whether a disk is dirty or not?
<Innatech> IIRC, fsck is only run if the disk is found to be marked dirty @ startup, but I might be a little fuzzy on that. 
<exobuzz> thanks. yeh i ran it a few times and it seems to be smart so i guess thats the right way
<exobuzz> and looking at things the update-rc.d defaults use S20 for my script, which SHOULD be ok. as apache/proftpd are S50/S91 (this is a sysv machine no upstart etc
<exobuzz> ok rebooting to test it :)
<exobuzz> well. that seems to work nicely
<Kamping_Kaiser> sorry i took a while to leave -admin, i was out
<Kamping_Kaiser> in this instance does 'server'=ltsp server?
<shawarma> Depends.
<shawarma> :-)
<shawarma> Kamping_Kaiser: What's the problem?
<Kamping_Kaiser> i was wondering if an ltsp server has support until 2009 or 2011.
<shawarma> Kamping_Kaiser: Dapper is supported until 2011.
<Kamping_Kaiser> shawarma, for ltsp servers though? because desktop is only 3 years (ie 2009), with servers until 2011
<shawarma> Kamping_Kaiser: I'm not entirely sure (don't work for Canonical).
<Kamping_Kaiser> shawarma, ok. i'll muse over my best course of action for a day or two then :)
<shawarma> Kamping_Kaiser: You could drop Canonical an e-mail and ask them.
<shawarma> Kamping_Kaiser: they're very friendly, don't bite, and usually reply pretty quickly.
<Kamping_Kaiser> shawarma, would canonical be the correct place to ask? i dont have any support contracts with tehm
<Kamping_Kaiser> *them
<shawarma> They decide for how long there's going to be support on stuff.
<shawarma> http://www.canonical.com/support/webtolead
<Kamping_Kaiser> thanks
<shawarma> any time
<shawarma> Kamping_Kaiser: You could try in #ubuntu-devel too.
<Kamping_Kaiser> shawarma, hm. think i'll not do that :)
<[miles] > mmm why is ubuntu-servers version of SpamAssassin so out of date?
<shawarma> [miles] : spamassassin | 3.1.7-2ubuntu1 | http://se.archive.ubuntu.com feisty/universe Packages
<shawarma> [miles] : Is that so bad?
<[miles] > for 6.06LTS
<[miles] > sorry
<[miles] > should have said
<shawarma> [miles] : Well, you answered it yourself. 6.06 means June 2006.
<[miles] > shawarma: yeah...
<[miles] > shawarma: I know that
<[miles] > shawarma: but for a server... SA is quite a critical package in some situations
<[miles] > shawarma: like the situation im in
<[miles] > shawarma: I've compiled the latest SA tarball now
<shawarma> [miles] : http://packages.ubuntu.com/dapper-backports/mail/spamassassin
<shawarma> [miles] : Unsupported, though.
<[miles] > shawarma: mm ok
<[miles] > thanks
<[miles] > I'll keep that in mind
<[miles] > shawarma: actually, due to the server being a spam firewall, I think I'll try to start rolling my own .deb's
<[miles] > and keep the base Ubuntu Server 6.06
<shawarma> [miles] : that's on option, too.
<[miles] > shawarma: you know if there is any nice tools to build a .deb from a tarball? like rpmbuild has?
<shawarma> [miles] : I'm not familiar with rpmbuild.
<[miles] > ah ok np
<shawarma> [miles] : Is it something like checkinstall?
<[miles] > no idea mate
<[miles] > never attemtpted to package .deb's
<shawarma> Try a quick 'apt-cache show checkinstall'. See if the description fits your needs.
<[miles] > ok thanks will do
<[miles] > just hacking a perl SA pluggin
<[miles] > then I'll try
<shawarma> k
<[miles] > lionel: good day
<mvo> can someone with apache expertise can give me a hint how to reproduce https://beta.launchpad.net/ubuntu/+source/apache2/+bug/95325 ? I tried it in various ways and seem to be getting nowhere
<lionel> hi [miles] 
<lionel> (and sorry for the delay)
<necrite> hi 
<necrite> i have to make one step by step doc for ubuntu server installation
<necrite> i have to knoe when ubuntu server instalation ask you for network configuration
<necrite> anyone remember that?
<ivoks> when? during installation :)
<ivoks> it loads drivers first
<ivoks> iirc
<necrite> ivoks, mhh but it make all interfaces as DHCP .. 
<ivoks> right
<necrite> i find one post :)
<ivoks> wait... i know where you can find this info
<necrite> nice :D
<ivoks> http://www.howtoforge.com/samba_domaincontroller_setup_ubuntu_6.10
<ivoks> there, picture by picture
<ivoks> so, that would be after scaning CDROM
<ivoks> it it is a net boot installation
<necrite> i dont know why ppl need this things :S
<ivoks> then it is after keyboard layout
<[miles] > hi lionel and me also, sorry for the delay
<[miles] > jaja
<[miles] > lionel: went to carrefour to have a MAJOR argument with them
<r00tintheb0x> Hey guys, how can i forward X from a server to my Gnome desktop?
<nealmcb> r00tintheb0x: ssh does x forwarding
<r00tintheb0x> nealmcb, yeah i got it from Ubuntu+1
<r00tintheb0x> thanks
<radevil> hello 
<theacolyte> Afternoon
#ubuntu-server 2007-03-31
<Innatech> hasta manana. 
<foo> heh, that guy got RAID0 working with ubuntu 10 on that SAS 5iR RAID card. Would anyone happen to know if this is a good card?
<shawarma> &win 3
<shawarma> whoops
<shawarma> frickin us keyboard layout..
<mralphabet> has anybody seen any issues with vmware guests not being able to comminicate with the host machine?  I have an ubuntu host with an xp and vista guest that are not able to ssh to the host or browse the host samba shares while other physical machines on the network are able to ssh and browse samba shares on the host machine
<Innatech> can you ping the host from the VMs? Can you ping other systems on the network from the VMs? Can other machines on the network ping/browse the VMs?
<mralphabet> Innatech: yes, I can ping both ways
<mralphabet> Innatech: yes, VM's can browse other physical machines, other physical machines can browse the vm's
<mralphabet> this seems to be exclusive to host vs guest traffic (other then icmp)
<Innatech> mralphabet: hmm. odd. I googled a little and didn't find much....
<mralphabet> Innatech: there's a similar posting on the vmware forums though it is a 2003 host with windows guests
<mralphabet> http://www.vmware.com/community/thread.jspa?threadID=78606&tstart=0
<Innatech> what OS is the host running?
<mralphabet> host is patched up to feisty
<mralphabet> vmware server patched up to 1.0.2
<Innatech> have you checked out iptables/ipchains and tried disabling them on the host to see if its a firewall issue?
<mralphabet> I had not, if only because my other physical machines can see the host
<Innatech> different interfaces. 
<Innatech> I'd try temporarily disabling the firewall on the host, restart the VMs and see if it comes to life. 
<mralphabet> k, I'll give it a shot, thanks for the recommendation
<Innatech> np, hope it works. It's just an educated guess :) 
<mralphabet> that's fair, more then what I had going
<Innatech> heh. 
<Innatech> <--- afk for a while. 
<mralphabet> sure, thanks
#ubuntu-server 2007-04-01
<jronnblom> mralpahbet: try disabling tcp segementation offload on the host that is running vmware. Had a problem with very slow net performance and tso off did cure the problem. At longshot but... ethtool -K eth0 tso off
<jronnblom> might also test with  ethtool -K eth0 tx off and ethtool -K eth0 sg off but that was'nt needed for me
<mralphabet> jronnblom: I get "Cannot set device tcp segmentation offload settings: Operation not supported"
<mralphabet> from your first command
<mralphabet> I get Operation not supported from all three commands
<oren> hi all. i am new to Ubuntu. just installed the desktop.
<oren> does anyone uses the server?
<oren> what is the most used server in production environment?
<oren> i assume that it's some kind of linux. but which one?
<owen1> hi all. is there anyone here?
<PuMpErNiCkLe> Yes, N/A, N/A, yes.
<owen1> what do u mean N/A?
<jronnblom> mralphabet: I suppose your hardware doesn't support tcp segementation offload then. I have used this on broadcom and intel nics
<jronnblom> and also on my nvidia nic
<jronnblom>  ethtool -k eth0 should give you some info about the current state of among other things the tso
#ubuntu-server 2008-03-24
<wantE17style> hello
<aetaric> wantE17style: just ask them
<slide> What is getty? Im trying to remove any un needed programs on my server and i have this running "/sbin/getty 38400 tty1"
<nawty> slide: http://www.google.co.uk/search?q=what+is+getty&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
<nawty> slide: also, what version of ubuntu server are you running?
<slide> i think the newest, my host just reinstalled for me so im not sure what they used
<slide> gutsy
<slide> according to apt sources heh
<nawty> slide: what does /etc/issue say?
<slide> Ubuntu 7.10
<nawty> slide: and you'll have to bear with me for a moment here, it's 3am, and my brain's slow :P
<slide> hehe yea, brains slow here too.. family has been over alll day
<nawty> slide: dpkg -S /sbin/init
<nawty> slide: what does that return?
<nawty> slide: do you know what getty does yet?
<slide> sysvinit: /sbin/init
<nawty> ok, that's running the old (pre-upstart) init system.
<slide> yea its something for termals dunno
<nawty> slide: so getty controls the login prompts you see on your ubuntu servers
<nawty> slide: alt-f1, alt-f2... etc...
<nawty> tty0 is the first one, and tty1... etc... you get the idea no doubt.
<slide> yea
<slide> I guess thats the remove console that my host offers
<nawty> i'm assuming because this is a server you would like to have only the first terminal available, and remove the extras ?
<slide> remove/remote
<nawty> slide: <editor-of-choice-here> /etc/inittab
<nawty> go down to the lines that have tty..etc...
<slide> 1:2345:respawn:/sbin/getty 38400 tty1
<slide> thats the only 1
<nawty> are you sure?
<slide> yea
<nawty> so in theory, you should have lines that look like this:
<nawty> #2:23:respawn:/sbin/getty 38400 tty2
<nawty> #3:23:respawn:/sbin/getty 38400 tty3
<nawty> #4:23:respawn:/sbin/getty 38400 tty4
<nawty> #5:23:respawn:/sbin/getty 38400 tty5
<nawty> #6:23:respawn:/sbin/getty 38400 tty6
<slide> exactly
<nawty> well, without the #'s.
<slide> no, with the #'s
<nawty> well, do you have lines that resemble that at all? and if so, do they have the #'s?
<slide> i have exactly, the line i pasted and then the lines you pasted
<nawty> and, then when you do a ps afx you have only the one line ? or do you have all of the lines? (more than the tty1 line)
<slide> only the 1 line
<nawty> ah, you could remove the tty0, but i would really suggest against it!
<slide> i think the tty1 may be how my zen host has 'remote console' that i can see the system boot up with
<slide> hrm
<slide> maybe not
<nawty> bah, i'm an idiot, i mean to be talking about tty1, not tty0
<slide> yea i figured heh
<nawty> hehehe, yeah, you're right, tty1 is your 'console'
<nawty> I'm pretty sure you could remove such an evil process :P
<nawty> but i'd suggest against it.
<slide> yea
<slide> im not gonna ;)
<slide> do you know of any guides or anything to help me really secure my server?
<nawty> and on that bomb shell, i'm going to put my ass to bed.
<slide> i got hacked recently and DONT want it to happen again
<nawty> slide: give me a second, i'll see if i can find you something
<slide> thanks! :)
<nawty> slide: ah, so there's a few things you can do off the bat.
<nawty> slide: ssh no root logins, iptables unused incoming ports
<nawty> slide: daemons listening on localhost
<nawty> slide: do you run php of any flavour?
<slide> yes
<nawty> slide: running hardened php
<nawty> slide: do you run it as the apache user?
<nawty> slide: if so, you should investigate running it as a su-php configuration
<slide> apache runs as www
<nawty> www-data
<nawty> that's flavour dependant unfortunately
<slide> no heh
<slide> i changed it to www
<nawty> which ever and all, no doubt you do mass virtual hosting of some sort or another ?
<slide> yea
<nawty> slide: suphp + hardenedphp
<nawty> slide: and try get your users to have non-generic uid's
<nawty> slide: and, then that of course runs straight out the box from apt
<slide> i have no real users
<nawty> slide: make sure your /tmp is mounted with noexec
<nawty> slide: i was more thinking create some at least semi-non-generic uid groups
<nawty> so for client x, all his sites get a uid, and then client y, all her sites get a uid
<nawty> more to avoid one clients bad code to be able to affect another users.
<nawty> if you're paranoid you can look at something like portsentry
<nawty> 8.04 is going to include apparmour
<slide> cool cool :)
<nawty> slide: unfortunately, i can't be of much help right this second.
<slide> thats cool
<slide> go to sleep
<slide> hehe
<nawty> slide: heheh, remind me in about 12 hours and i'll give you a run down of exactly what i've done to some of my mass virtual hosting boxen to avoid them getting hacked
<slide> sweet!
<slide> thanks :)
<nawty> slide: i've had a total of 3 compromised servers in about 8 years, and over 7500 websites at one point :)
<slide> dang
<slide> how do you handle them when they get compromised?
<nawty> 2 of said servers were not actually running anything :P but stupid ass me forgot they were on the network.
<nawty> slide: pull ethernet, work back through logs and such, and once i can verify that the data isn't dodgy, use that data, else use backup restored data to restore post reinstall.
<slide> yea im having a hard time figuring out how they got in
<nawty> slide: i doubt anyone i know would be comfortable with a compromised server even after cleanup, over a clean new install.
<slide> i got my host to backup server and reinstal and let me view the backup
<nawty> slide: error log not have anything at all?
<nawty> slide: and, did you check /tmp ?
<slide> nawty, well not that I could see
<slide> but im no expert so
<slide> nawty, nothing at all in there
<nawty> slide: if you could find something in /tmp, or some shared place tha they'd have placed their uploaded files
<nawty> slide: ah, but it's been rebooted :9
<nawty> :(
<slide> nawty, i did get a report about some phising pages on one of the sites
<slide> and my host deleted those files though
<nawty> slide: could be a result of the hack.
<slide> right
<slide> and i think they were sending spam
<nawty> slide: also, could've been 2 separate hacks, one for spam, one for phishing.
<slide> which is why i took it down without really letting my users know
<slide> b/c didnt want to get their emails blacklisted
<nawty> slide: eeek. good idea, but in future try organise a kvm and pull the network
<slide> kvm?
<nawty> slide: from there you can work your way back without rebooting the box and loosing iformation
<nawty> slide: access to the keyboard and mouse.
<slide> ah
<nawty> slide: and video, but over the network
<nawty> well, to be technically correct, it'd be an IPKVM, or IP Based Management Console
<nawty> slide: running processes, memory filesystems, and logs should all be kept as pristine as possible to work your way back.
<slide> yea
<nawty> slide: cissp has a bit on how to forensically analyze a server, see if you can find some information on that.
<slide> k
<nawty> slide: but it's been years since i last looked at the cissp course material.
<nawty> slide: anyway, goin to get some sleep, nite nite :)
<nawty> *wave*
<slide> nite
<slide> thanks
<slide> ttyl
<J-_> When using ddclient, it says, "Enter the interface which is used for using dynamic DNS service. Interface used for dynamic DNS service:" do I put my dynamic IP in there, or router's static IP?
<kgoetz> *interface*
<kgoetz> usually means device, like eth0, ppp0, etc
<J-_> !httpd
<ubotu> Sorry, I don't know anything about httpd - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<J-_> I'm trying to make a Virtual host to point to http://directory.site.dyndns.org on my http://site.dyndns.org website pointing to my server. My IP always changes, how can I define the IP since I have to define the IP:80(ie. NameVirtualHost ip.address:port) in /etc/apache2/apache2.conf?
<Kamping_Kaiser> i doubt you'll be able to do subdomains on a dyndns account
<J-_> I can
<Kamping_Kaiser> really?
<J-_> I can do wildcards
<J-_> http://www.dyndns.com/services/dns/dyndns/howto.html
<J-_> shows how to set up the ddclient, but says something about wildcards.
<Kamping_Kaiser> J-_, http://k-k.homelinux.net:81/~kgoetz/apache2-vhost-template.txt
<J-_> If I can't get my server to come up with 127.0.0.1 does it mean it's not set up corrently, or is something not defined?
<fromport> J- you're error description doesn't make sense: cannot computer
<fromport> compute
<J-_> Do I need to make a virtual hosting for my /var/www/ too now that I've made one for /var/www/about/?
<J-_> virtual host*
<J-_> It's weird. Since I made the /var/www/about/ virtual host, I go to my /var/www/ and it shows the same page.
 * J-_ asks in apache.
<aetaric> is it possible to port forward ssh?
<faulkes-> yes
<aetaric> then why won't i let me
<aetaric> *it
<faulkes-> there are any number of possible reasons why it won't let you do it
<faulkes-> for instance, trying to port forward a port under <1024 as non-root
<faulkes-> configuration options set in ssh_config, sshd_config etc..
<faulkes-> or possible user error
<aetaric> i don't have iptables or any firewall..and im using the default ssh configs
<aetaric> can you help me resolve this problem?
<AlexC_> hey,
<AlexC_> I'm trying to setup Bind9 so that `example.com` runs on one IP, and `foobar.example.com` runs on another, this seems to work (pinging them shows the correct IP) however, I am unable to connect to it via a webbrowser
<Kamping_Kaiser> sounds like apache is misconfigured
<Kamping_Kaiser> btw. what guide did you follow for bind?
<AlexC_> I haven't followed a guide, really
<AlexC_> right, example.com should serve as a normal Apache virtual host, however foobar.example.com should connect to port 882 and it runs webmin
<AlexC_> no, wait. https://foobar.example.com:882 runs Webmin (so seperate from Apache) *however* https://foobar.example.com runs as a virtual host
<AlexC_> nevermind, I have it working =)
<nxvl> mathiaz: hi!
<zul> hey mathiaz
<nxvl> nijaba: did you take a look at Bug #162167 ?
<ubotu> Launchpad bug 162167 in mysql-dfsg-5.0 "mySQL password asks only once" [Wishlist,Confirmed] https://launchpad.net/bugs/162167
<nxvl> dendrobates: did you take a look at Bug #196778 ?
<ubotu> Launchpad bug 196778 in likewise-open "Provide likewise-open-gui and likewise-open binaries rather than domainjoin-gui and domainjoin-cli" [Low,Confirmed] https://launchpad.net/bugs/196778
<dendrobates> nxvl: I have merged your debdiff and some other changes and am testing now.
<nxvl> dendrobates: :D
<nxvl> btw
<nxvl> dendrobates: did you check about the student program we talk about some days ago?
<dendrobates> nxvl: not yet.
<nxvl> ok
<nxvl> if you know smoething please let me know
<Sylphid> comming from a red hat background would ubuntu or debian be more up my ally for a server install?
<sommer> Sylphid: I'd vote for Ubuntu
<kirkland> Sylphid: do you have a preference between, say RHEL and Fedora?
<Sylphid> i was actually using fedora
<kirkland> Sylphid: If you prefer the speed at which Fedora tracks mainline, you'd like Ubuntu.
<Sylphid> but it was compromised
<kirkland> Sylphid: if you want long term or even commercial support, look at Ubuntu's LTS releases
<Sylphid> debian does not have a kernel compiled for server optimization out of box correct?
<Sylphid> does ubuntu default to enabling SELinux
<sommer> Sylphid: it defaults to using AppArmor, but you can easily install SELinux
<Sylphid> hmm never used AppArmor .... less annoying that SELinux? =D
<sommer> I've found it easier to configure
<Sylphid> ty sommer and kirkland for ur time... ill give ubuntu server a shot :)
<kirkland> Sylphid: have fun
<Sylphid> always
<w0nder> anyone recommend a particular irc server for my small office?
<JaxxMaxx_> Anyone here have experience with FreeRadius, and more specifically, the webadmin module  dialup_admin  for that RADIUS server?  Its documentation mentions making sure PHP4 modules are loaded into apache, but I read recently that version 4 isn't in 7.10   Would the php5 work?
<ScottK> JaxxMaxx_: I'm not familiar with that module, but at a guess I'd say almost certainly not.
<timboy> i'm running apache. what owner should I make my var/www/* ?
<sommer> timboy: www-data
<timboy> sommer, thx!
<sommer> timboy: you're welcome
<timboy> I have a stock apache setup on gutsy server and I wanted to get ssl working. What's the best way to do so? I already have ssl working for my email server I just want the webmail logins to be encrypted...
<sommer> timboy: the gutsy serverguide should help: https://help.ubuntu.com/7.10/server/C/httpd.html
<timboy> thx again sommer
<sommer> np
<lamont`> ScottK: you around?
<lamont`> debian 3118123
<lamont`> debian 311812
<ubotu> Debian bug 311812 in postfix "postfix: syslog reconnection" [Grave,Open] http://bugs.debian.org/311812
#ubuntu-server 2008-03-25
<owh> Greetings, I'm having a look at bug #203696. As per the instructions from the submitter, I've added the two lines to the imap protocol section and then I've attempted to reload dovecot. I get this error: "Error in configuration file /etc/dovecot/dovecot.conf line 566: Unknown setting: mail_use_modules" - any ideas?
<ubotu> Launchpad bug 203696 in dovecot ""undefined symbol: quota" on dapper while trying to use imap_quota" [Undecided,New] https://launchpad.net/bugs/203696
<owh> I'm doing this test on Hardy to determine if it needs attention before release.
<owh> Can someone please hit me with a clue-bat?
<ScottK> lamont`: Here for a moment now.
<lamont`> wondering what thoughts you have... how do you feel about bind mounting /dev/log and just saying "meh"???
<owh> mathiaz: FYI, the dovecot bug seems to relate to Dapper only. While it possibly needs fixing, the module/plugin structure for the Hardy version appears to be completely changed. From the changelog to beta4: Replaced mail_use_modules and mail_modules settings with mail_plugins and mail_plugin_dir. I've removed myself from this bug.
<owh> Is it intentional that the bash complete for sudo is turned off by default on a hardy-server install, or is this a bug?
<sommer> owh: you know I noticed thst as well
<sommer> how do you turn it on?
<owh> I've just googled and Bug #196021 seems to discuss it.
<ubotu> Launchpad bug 196021 in bash-completion "include bash-completion by default in hardy" [Wishlist,Confirmed] https://launchpad.net/bugs/196021
<owh> sommer: It seems that Mika Fischer is working on it - not trivial by the look of things.
<owh> sommer: It seems that installing bash-completion makes it work, but there is a big debate about upstream support for it.
<sommer> ah, cool
<owh> So, yes, it's a bug and people know about it :)
<michalski> next meeting this wednessday?
<owh> Yup, same place, same bat-channel.
<michalski> (#ubuntu-meeting ?)
 * owh nods.
<michalski> wilco
<ScottK> lamont`: I liked what you said on #debian-devel - that it's tending to defeat the purpose of the chroot.  Personally I very rarely restart postfix and I don't think I've ever had a problem with syslog getting hung.
<ScottK> lamont`: To me it seems kind of like throwing the baby out with the bathwater.
<lamont`> it's not restarting postfix that's the issue
<lamont`> it's restarting syslog without restarting postfix
<ScottK> OK.
<ScottK> Remembered wrong.
<ScottK> I don't think I've ever had to do that.
<lamont`> and then you lose the logging from qmgr, master, and any other chrooted, long-lived process
<ScottK> Right.
<lamont`> think logrotate
<ScottK> Ah.
<ScottK> There's always the fix it the way you want in Ubuntu and then whine to the Debian syslog maintainer, "Well they made it work in Ubuntu, surely you're as capable as those idiots."
<ScottK> lamont: ^^^
<lamont> lol
<ScottK> There'll be time to do it early in Ibex and still get it back into Lenny.
<lamont> Maintainer for sysklogd is Martin Schulze <joey@debian.org>.
<ScottK> Ah.
<ScottK> Well he probably wouldn't fall for that.
<ScottK> I do tend to think that if the problem is syslog restarting, it gets a share of the blame.
<lamont> the problem is syslog having an API to do this, and that not being exported to other packages to hook into
<lamont> OTOH, it is limited to something like 10 sockets.
<lamont> bind mounting a file isn't so bad as bind mounting a directory, since you can't fchdir() to a non-directory fd
<_dennister> hey ppl, looking for some help getting phpmyadmin to show up in my apache site
<_dennister> anyone awake? :)
<foo> Ask your question
<foo> Always...
<_dennister> sorry foo :)
<foo> it's ok
<_dennister> how do i get the phpmyadmin to show up in the index of my apache site?
<kgoetz> doesnt it have a vhost?
<foo> _dennister: Put the folder you extract in your web root?
<_dennister> huh?
<foo> What do you mean "index of your apache site"  ?
<foo> You mean, so you can go to your site/phpmyadmin/ or something?
<kgoetz> how did you install it?
<_dennister> lol...my site is up, originally it should have looked like this when I first fired up the localhost: http://www.bit-tech.net/content_images/2007/06/build_your_own_server/torrentflux03.jpg
<_dennister> i've been following this long howto to make a fileserver, but i was beginning not to trust the howto that much, so installed apache2 the old-fashioned way first, the way i did over a year ago, using ubuntu's official documentation
<foo> ok, so you want your site to look like that screenshot
<foo> ?
<_dennister> which is *not* the way the howto from the link^^^ said to do it...yes, i want/need it to look like the screenshot
<_dennister> the phpmyadmin item is missing
<foo> well, why is it missing? where is it?
<_dennister> i have no idea...lol
<kgoetz> how did you install phpmyadmin?
 * foo seconds kgoetz's question
<_dennister> separately from apache2, with mysql-server
<_dennister> hi kgoetz :)
<kgoetz> *how*?
<foo> Did you grab source?
<foo> That doesn't answer the question
<_dennister> nope, from repositories
<kgoetz> hello :)
<foo> So, apt-get
<foo> Hm, I'm not sure where it puts it or why you want to do that
<kgoetz> _dennister: have you tried visiting http://localhost/phpmyadmin ?
<_dennister> yep, and i can access phpmyadmin and the databases within it by http://localhost/phpmyadmin
<kgoetz> its in a vhost :)
<foo> hm, I see
 * foo tags kgoetz 
<kgoetz> _dennister: open up the apache config snippet in /etc/apache2/conf.d/phpmyadmin (or whatever its called) and look for 'basename' line
<_dennister> k, think i found what you're referring to (/etc/apache2/conf.d/phpmyadmin.conf)
<kgoetz> that looks right
<_dennister> but i did a find for baseline and it's not there
<kgoetz> _dennister: pastebin that file
<_dennister> !pastebin
<ubotu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<kgoetz> brb
<_dennister> k, here it is, i've never edited it at all, so it's the original file: http://paste.ubuntu-nl.org/60950/
<_dennister> now i have to run and peeeeee :)
<kgoetz> _dennister: `sudo ln -s /usr/share/phpmyadmin /var/www/phpmyadmin
<kgoetz> and your done
<_dennister> back...
<kgoetz> wb
<_dennister> kgoetz: :) ty, ty, ty :)
<_dennister> it's finally there
<kgoetz> _dennister: hehe. no worries. you might even want to remove /etc/apache2/conf.d/phpmyadmin.conf to avoid conflicts
<_dennister> hmmm...it hasn't so far
<kgoetz> np then
<_dennister> but i'll remember that...not like "so far" is more than 24 hrs
<_dennister> now i'm still having some wierd issues with samba...the smb.conf file keeps losing the workgroup information...it just disappears sometimes
<_dennister> sometimes the 2 pc's see themselves and sometimes they don't...usually they see each other tho, and in 'workgroup', only one pc shows up
<_dennister> oh, well, another day perhaps...have some tidying to do here...g'night, and ty again
<Jeeves_> kgoetz: Did you succeed?
<kgoetz> Jeeves_: i've had ... 'issues' here, so only partially. systems all yours - i wont have time to do anything useful with it :/
<Jeeves_> kgoetz: Ah, ok.
<Jeeves_> Well, it gives me a chance to see if solaris can push more than 1.5gbit over multiple interfaces
<Jeeves_> Linux won't because ksoftirqd is at 100% cpu load
<kgoetz> with 4 gig ports that should be an experiment worth doing
<Jeeves_> indeed
 * kgoetz suspects it will
<kraut> moin
<rhineheart_m> hello.. anybody here?
<_ruben> kinda
<rhineheart_m> _ruben, okay.. thanks for responding. well, can you tell me if chkrootkit is reliable?
<_ruben> cant say for sure .. have heard mixed opinions on it over time .. never had any reason to try any of those tools myself
<rhineheart_m> _ruben, really? so what tool are you using for your server?
<fromport> rhine: he know what's he's doing and doesn't need a script to tell him if he has a rootkit ?!
<rhineheart_m> okay..well. can you tell me what is really a rootkit?
<fromport> google is your friend
<rhineheart_m> yeah.. I expect that response.. M reading now.. :)
<_ruben> chkrootkit and similar tools are to check if your server has been compromised
<_ruben> me not using them keeps me kinda vulnerable in fact .. since i might be compromised without knowing
<fromport> *grin* sometimes it's better to simply now knowing...
<fromport> not
<fromport> http://en.wikipedia.org/wiki/Rootkit
<_ruben> indeed
<_ruben> and then again, i doubt there's such a thing as the perfect rootkit detection mechanism
<_ruben> makeing sure your systems are secure is the first step .. chkrootkit is only a tool to help you find out you failed at that
<fromport> _amen_ ;-)
<takedown> chkrootkit and similar are useless because only stupid scriptkiddie will use a public rootkits
<takedown> best protection of rootkits is a integrity checker such as tripwire and aide
<takedown> burn database and binary file of aide and do a regural checks thats all you need, if you have been compromised you see it. No matter what type of rootkits will be used
<rhineheart_m> takedown, so you are plainly recommending tripwire and aide?
<takedown> burn to cd ofcourse*
<rhineheart_m> burn to cd? what do you mean/
<takedown> rhineheart_m: i prefer aide
<rhineheart_m> okay.. I will try to look for it...
<mok0> rhineheart_m: put the database on a CD then even the best hacker wont be able to manipulate it
<rhineheart_m> BTW.. the one that controls the incoming ports of my box it the firewall in the router.. now.. how could I control the box from the inside?
<rhineheart_m> yeah.. I agree that... but that would mean a little speed
<takedown> rhineheart_m: when you build you system after all settings run aide and make fresh snapshot of file database, then burn binary aide file and database snapshot to cd. No one can modify you files without you attention, just do a regular update of database on cd.
<ScottK> lamont: I really don't know what the right answer is for syslog.
<lamont> me neither.
<rhineheart_m> takedown, is aide in the repo?
<ScottK> lamont: Would you please give back postfix in dapper-backports on all archs except i386.
<lamont> I may just give up and bindmount /dev/log
<takedown> rhineheart_m: sure
<lamont> ScottK: I'll poke the OSA when I see him
<ScottK> lamont: Thanks.
<rhineheart_m> okay.. it might slow down the server..
<takedown> rhineheart_m: nope, you need update database only once when you do changes on files such as config and binaries
<takedown> for example if you make changes in you /home/docs directory everyday you can just exclude it from config and it will be ignored
<takedown> You can choose what files you want to protect, it's flexible
<rhineheart_m> okay.. how about the aide thing? will it slow down the box?
<takedown> my servers just fine aide just compare database with file system when you ask, it doesnt monitor everyfiles everytime so it cant be slow down box
<takedown> if any file has been changed from last snapshot it will show you
<rhineheart_m> thank you takedown for your time. you gave me insight on these matters.. :)
<takedown> rhineheart_m: you are welcome
<JaxxMaxx_> is there something built into 7.10 that will search all the mounted filesystems for specific filename patterns?  I seem to recall using "Find"  but that has been giving me no good results lately
<nawty> JaxxMaxx_: find would be your answer.
<nawty> JaxxMaxx_: what do you have in mind searching?
<JaxxMaxx_> trying to find various .conf files
<nawty> find / -name *.conf -print
<nawty> or
<nawty> find /etc -name *.conf -print
<JaxxMaxx_> yeah, I need to give it a path, not just a filename
<nawty> JaxxMaxx_: so attempt to change the /, or /etc, to where you want ;)
<nawty> neogenix@plonker:~$ find /etc -name *.conf -print | wc -l
<nawty> 189
<nawty> neogenix@plonker:~$
<JaxxMaxx_> next is to figure out init.d  so that apache will autostart.  somehow installing it via aptitude didn't add it as a daemon
<nawty> JaxxMaxx_: update-rc.d apache defaults :)
<nawty> (well either apache, or apache2, depending on your install)
<JaxxMaxx_> that one adds various package daemons?
<nawty> yup, that'd be the thing that manipulates the startup links.
<JaxxMaxx_> hmm, what whould apache2 show up as in ps ?
<nawty> htytpd
<nawty> httpd even.
<nawty> sorry, my bad, i mean apache2
<nawty> so:
<nawty> ps afx | grep apache2
<nawty> neogenix@plonker:/$ ps afx | grep apache
<nawty> 10373 ?        Ss     0:45 /usr/sbin/apache2 -k start
<nawty>  3825 ?        S      0:00  \_ /usr/sbin/apache2 -k start
<nawty> something like that.
<JaxxMaxx_> happen to have used Ubuntu in a RADIUS server role?   trying to get freeradius and dialup_admin to behave
<nawty> JaxxMaxx_: busy working with that at the moment actually come to think of it.
<nawty> JaxxMaxx_: what's not happening?
<nawty> JaxxMaxx_: have you installed freeradius-dialupadmin?
<JaxxMaxx_> dialup_admin pages aren't showing properly
<nawty> ah, have you installed the mysql php module?
<JaxxMaxx_> I've got mysql in there, and apparently php5,  is there another package?
<nawty> php5-mysql ;) (package)
<JaxxMaxx_> what's the proper hotkey in Aptitude to get a package to installed state?
<nawty> no idea, i use the commands like this:
<nawty> 'aptitude install php5-mysql'
<nawty> to be honest, i've never actually used the gui.
<JaxxMaxx_> hmm, says it's installed
<JaxxMaxx_> Essentially, this Ubuntu 7.10 server should be a RADIUS server, with the databases in MySQL, with the dialup-admin interface for easy configuration.  NAS device is a captive portal appliance
<nawty> JaxxMaxx_: unfortunately i have to run, if you're still stuck i'll be back in a few hours.
<JaxxMaxx_> yeah, I'm sure I'll still be ehre. :)
<dennister> hey guys...making progress here, but am stumjped with getting the apache server to work under openssh
<dennister> followed this main documentation howto: https://help.ubuntu.com/7.10/server/C/httpd.html
<spiekey> hello!
<dennister> and it all worked before i actually got a site up (for internal use), but have to comment out all the ssh stuff in main config file for it to work
<dennister> hi spiekey
<dennister> can u help me or r u looking for help?
<dennister> spiekey: ??
<dennister> can someone help with apache under ssh/ssl/
<JaxxMaxx_> dennister: Do you mean SSL, and HTTPS services?  or a text based browser inside an SSH session?
<dennister> JaxxMaxx_: sorry, didn't see ur message...and i just restarted it all with another try
<dennister> JaxxMaxx_: i guess i mean https services, as i'm trying to build a headless server that will host sql-ledger
<dennister> hey kgoetz :)
<dennister> ur awake
<dennister> kgoetz: u helped me so much witht he simple symlinking last night...wanna take another stab at another issue?
<dennister> i think i'm almost done :)
<dennister> anyone have any idea how to change the url that apache under https is listening on?
<dennister> unfortunately, port 443 is open on 0.0.0.0, and i want to change the url
<baffle> dennister: The URL? You mean wich interface/IP it listens on?
<dennister> baffle: yes
<dennister> the ip port 443 listens on
<dennister> i used netstat -an to find out what the problem is, so i've now identified that 0.0.0.0:443 is open and listening for incoming, but i need 192.168.1.67:443 open
<JaxxMaxx_> in httpd.conf there is a Listen section, there you can define what ips the service listens on
<dennister> thx...will look there to make sure...think i finally did it, after about 24 hours of struggle i finally was asked for my passphrase when trying to restart apache
<RainCT> Hey
<RainCT> can someone please tell me what the two first lines in /etc/apache2/sites-available/default are by default?
<gregbrady> ameVirtualHost *
<gregbrady> <VirtualHost *>
<gregbrady> 	ServerAdmin webmaster@localhost
<gregbrady> 	
<gregbrady> 	DocumentRoot /var/www/
<gregbrady> 	<Directory />
<gregbrady> 		Options FollowSymLinks
<gregbrady> 		AllowOverride None
<gregbrady> Sorry, too many lines!
<RainCT> gregbrady: great, thanks! :)
<gregbrady> RainCT, no problem.
<gregbrady> And the first line should be NameVirtualHost*
<RainCT> yes, I had deleted that one and it broke my config :P
<gregbrady> RainCT, It happens.
<RainCT> btw, how can I get ride of that message? Â«apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerNameÂ»
<gregbrady> RainCT, sorry I can't help there.  I can find anything installed by default though!
<JaxxMaxx_> no DNS is available to your server, RainCT?
<sommer> RainCT: add ServerName localhost to /etc/apache2/apache2.conf
<dennister> has anyone ever used torrentflux here? i'm having a problem witht he search engines
<RainCT> thanks :)
<JaxxMaxx_> I don't use search engines for .torrent files, just go straight to the major sites
<dennister> that's the way i'm used to doing it...but i'm trying to do it through my server now so i can shut this htpc down at night
<dennister> i have the https services working now :)
<JaxxMaxx_> search for .torrents on a desktop, then upload them to the server? =]
<dennister> almost done: got lamp under openssh, x11vnc, proftpd, phpmyadmin, mysql...
<dennister> just need to get torrentflux and sql-ledger working now...
<dennister> JaxxMaxx_: isn't that for creating torrents?
<JaxxMaxx_> no no, I mean download the .torrent file to your PC, then FTP the .torrent to the server and load it into the downloader that way
<dennister> omg!...that worked! :-)
<dennister> thought uploading was just for providing new torrents, and i don't do that...just share stuff already made into torrents
<JaxxMaxx_> No GUI on the server?   wonder if the site would work in a console/textbased www browser...
<dennister> i actually do have xfce on the server, but the whole idea is to make it headless and run it from upstairs on the main floor here
<dennister> wanna migrate to a thinner client setup...this home theatre pc is the only one i had for awhile, and it's a pig
<dennister> now on to the biggest challenge, and from all accounts, is a big one: getting sql-ledger to work
<nxvl> mathiaz_: around?
<mathiaz> nxvl: yes
<nxvl> mathiaz: i saw your comment
<nxvl> mathiaz: i also was thinking about the translation
<nxvl> mathiaz: but there is no way to do it if i don't add the template
<nxvl> mathiaz: also i haven't change the priority to medium, it was medium, i was surprised to see that too
<nxvl> mm
<mathiaz> nxvl: the priority was high
<nxvl> no, you are right it is high, on the postinst is that it is medium
<nxvl> i have just saw it
<nxvl> :S
<mathiaz> nxvl: I don't have a problem with translation - just a reminder that we'll have to notify the doc team about that change
<nxvl> mm ok
<nxvl> mathiaz: did you want me to do a new debdiff?
<nxvl> including all the comments you have done?
<mathiaz> nxvl: yes please
<nxvl> mathiaz: ok, working on it
<JanC> does anybody here know if more eBox modules will go into hardy than are already in the archive?
<mathiaz> JanC: no - we're way pass FeatureFreeze now
<JanC> that's unfortunate, as most people seem to ask for the mail module, which isn't in...
<ScottK> There's always backports once it's in the next release.
<nxvl> mathiaz: uploaded
<nxvl> just for the record, that bug was the worst PITA i have had on my way into ubuntu, but the one i learn more from
<zul> JanC: it doesnt use postfix or dovecot
<JanC> zul: accordign to the eBox projetc site, it uses postfix by default?
<zul> JanC: sorry I meant just dovecot
<JanC> they seem to use Courier ?
<FreeNod1> hi!
<FreeNod1> anybody installed gnome on server?
<Jeren> Greetings
<Jeren> I'm attempting to use the exec() command in PHP to get a directory listing outside of the apache webroot but without success.  It works when accessing a file listing of files in my web folder, though.
<Jeren> Given that its probably a Xubuntu/Ubuntu security issue (permissions with...something), I thought I'd look here for some help
<baffle> Jeren: Sounds like basedir restrictions?
<Jeren> I'm new to linux, so... I have no idea what it would sound like
<baffle> Jeren: An option in php.ini called "open_basedir".
<Jeren> Ok
<baffle> I haven't really fiddled with PHP much since around the time PHP4 was hot, so not sure where the configuration is located.. It might be in /etc/php5/apache2/php.ini
<Jeren> Yea
<Jeren> I just loaded it
<Jeren> And...
<baffle> Jeren: Err, or are you actually able to use exec()? And exec('ls') works, but not exec('ls /') ? (I'm not sure about the syntax. :)
<Jeren> open_basedir is commented out
<Jeren> Yes
<Jeren> exec('ls') shows my /var/www folder correctly
<baffle> Ah, those restrictions doesn't really apply if you're able to execute the binary. :)
<baffle> So it's probably something else..
<Jeren> But when attempting a folder outside of the www folder structure, it doesn't work.  Yet, I've read several examples online that seem to show exec('ls properly working with other directories
<Jeren> Indeed
<Jeren> You'd think, being just a simple directory listing, that I could do it.
<Jeren> I guess this is why alcohol isn't allowed on the job... I'd be grabbing a beer right now <_<
<baffle> Jeren: That depends on what country you're in I think.
<baffle> Jeren: Have you checked the php error log?
<Jeren> I have not...
<Jeren> Where is that typically at?
<baffle> Jeren: Not sure if it is enabled by default, it should say so in the php.ini file.
<baffle> Jeren: I don't really have any Ubuntu installations running PHP.
<Jeren> And I don't think its enabled...
<Jeren> I'll have to get back to you, I'm being called to a meeting
 * RainCT wonders what the question is :P
 * Jeren simply implied the issue but never used a question mark!
<Jeren> brb
<RainCT> ah found it :P
<Bidou> mv /home/pc/bidou /home/bed/
<RainCT> Bidou: good night :)
<Bidou> thx ;)
<Jeren> There we go...
<spiekey> soren: you there?
<Kamping_Kaiser> dennister, i just woke up :)
#ubuntu-server 2008-03-26
<godfreyhk> Anyone tried to install JeOS on a non-virtual server?
<sommer> nope... I haven't
<godfreyhk> Do you think it'd work?
<sommer> only if you have the same hardware as the virtual machine, jeos only includes specific drivers... to keep the weight down
<godfreyhk> I see, thanks.
<pleaseandthankyo> ok installed xubuntu and and goubuntu  on top of edubuntu where are they now? and how do i load them?
<kgoetz> pleaseandthankyo: please ask in #xubuntu.
<kraut> moin
<juliux> ho
<juliux> does somebody allready installed lotus notes on ubuntu? if yes is there a howto?
<andguent> juliux: I don't know anything more than google knows. I did a basic search and found a few hits that look great.... if it was 2004
<juliux> hehe
<Nafallo> morning people.
<Nafallo> if I need to deploy a vmware box. which Ubuntu should I choose? dapper has support for vmware as well until 2011?
<_ruben> my current plans for (among other types) vmware machines is gutsy, with 'planned' upgrades to hardy when it stabilizes and then try to go lts-only from there
<Kamping_Kaiser> Nafallo, if you install the server yes
<Kamping_Kaiser> Nafallo, if it can wait a month, go for hardy
<_ruben> or get out ur wallet and go for vmware esx ;)
<\sh> Nafallo: you don't really want to use vmware-server, right?
<\sh> esx instead is much better for commercial vmware environments...
 * _ruben cant wait to get his esx experiments started
<_ruben> too bad there's a few items on my todo list with higher prio :/
<Nafallo> \sh: internal box for testing purposes. basically the intranet will be on their.
<Nafallo> there
<\sh> Nafallo: think about the flaws (wrong time syncs etc.) I have this problem here all the time...
<_ruben> problem with vmware server is that dapper is probably too old, and gutsy/hardy are too new to be present on the HCL .. doesnt mean it wont work though
<_ruben> then again, vmware's hcl updates rather slow, so dapper might even be supported ;)
<Nafallo> \sh: I'll have a chat with you when I get back :-)
<sommer> morning
<nijaba> hey sommer
<faulkes-> morning nijaba
<nijaba> morning faulkes-
<piedoggie> I need to put together a few virtual servers and I was wondering how well 7.10 works versus the upcoming 8.04?
<dendrobates> piedoggie: as a guest?
<piedoggie> guest and host
<dendrobates> piedoggie: using what virtualisation technology?
<piedoggie> vmware
<dendrobates> piedoggie: both work well
<piedoggie> sorry, I would have explained better but I am running very short on sleep
<piedoggie> okay.  I've been playing around with the 8.04 jeos and it's not doing well.  Something fails and it doesn't get a complete sources.list file.
<piedoggie> I guess I'll just use 7.10 and upgrade in about 30 days (ugh)
<nijaba> piedoggie: what do you mean?  which version did you test?
<piedoggie> I tested beta and two dailies
<nijaba> piedoggie: I tested the jeos beta before release and I did not have a problem installing them on kvm or vmware server
<piedoggie>  the beta would just hang on the task selection portion of the install and at roughly the same point, I would get a red screen and then the list of possible tasks.  I could load grub but I couldn't select software.  When the system booted up, I looked at sources.list and it only reference the CD-ROM
<piedoggie> should say at roughly the same point with the dailies
<piedoggie> if you want, I can run to a quick install now and give a more accurate report
<nijaba> I am going to check again then...
<piedoggie> okay, the daily image I downloaded was last night at 12:30 a.m..  Size is 101 MB
<piedoggie> this is window so I can't give you an MD5 Jack
<piedoggie> sorry, using speech recognition.  I need to train a new model
<piedoggie> MD5 check
<nijaba> piedoggie: I'll start by rechecking the beta
<piedoggie> okay.  I'm trying to duplicate the problem with the daily from last night.  It's installing the base system now
<piedoggie> I'm also doing this on VM workstation 6
<piedoggie> the daily I downloaded last night has gotten further than it has with any other version I've tried
<piedoggie> it's sitting at 90%, asking me to please wait and the virtual ethernet activity light is on solid
<piedoggie> what is the install doing at this point?
<nijaba> piedoggie: it could be checking the repository for update
<piedoggie> this is probably something you can't fix now but, if a user didn't have some sort of activity indicator, they would think that the system had hung
<piedoggie> there's a good chance you will get people thinking it's failed when really it just hasn't completed the task
<piedoggie> on the other hand, you could always just tell them that it's a bot playing second life
<piedoggie> finally finished doing whatever it was doing
<piedoggie> that's a long time with no feedback
<piedoggie> one other thing I've noticed is that the login prompt happens before you get the messages about starting the law system log daemon kernel log daemon and then local boot scripts
<nijaba> piedoggie: 15min for an install?  does not seem that long to me.
<nijaba> piedoggie: this is a long time issue.  You can go add your comment to the bug.  I still hope it will be fixed before final release
<nijaba> ^ about the login prompt
<piedoggie> I'm sorry.  I didn't pay close enough attention.  There's one phase where it's installing software I think and it sits there for something like five or more minutes without any user feedback
<piedoggie> I'll run to the test today after I take a nap.  I really do give better error reports what I have a full nights sleep.  :-)
<nijaba> piedoggie: np. and take care
<piedoggie> one last question, what's the difference between vmware and kvm?  I'm becoming unhappy with vmware server and would like an alternative
<nijaba> piedoggie: kvm is open source software, vmware is not.  kvm is a bit younger, so it does not have all the features vmware has
<nijaba> piedoggie: but if you are running on windows, kvm will not help, it really is bound to linux, as it is part of the kernel
<piedoggie> the only reason I'm bound to Windows is because I'm disabled and must use speech recognition
<piedoggie> I do all of my server works with Linux although I am tempted by Solaris just because of ZFS
<piedoggie> I have so drunk the ZFS Kool-Aid.  :-)
<soren> I seem to missing something. What is it that is so marvelously fantastic about zfs?
<piedoggie> ZFS is a really remarkable filesystem.  It's the first filesystem I've been excited about in almost 15 years
<nijaba> piedoggie: hey, you do not have to excuse yourself for having window, and in your case I would be very happy if I could tell you we had some speach recog on linux, but that it not the case, AFAIK
<piedoggie>  by erasing the boundaries between LVM, and raid, they have managed to create something that's actually better.
<soren> piedoggie: What does it do that xfs+lvm doesn't do?
<piedoggie> You can dynamically add or remove disks on a running system.  It is able to detect more errors to the point where they have actually detected bad power supplies through the file system
<_ruben> xfs+lvm+raid that'd be right?
<soren> _ruben: Possibly. lvm does some form of raid, too.
<soren> _ruben: I've never used it, though.
<piedoggie> it automatically migrates to other storage areas if it detects errors
<piedoggie> the Sun zfs website has a pretty nice set of white papers on it
<_ruben> soren: lvm only does striping afaik
<_ruben> soren: which is a feature lacking in the debian-installer, shamefully ;)
<soren> _ruben: You mean using more than one pv for a vg?
<_ruben> soren: yes, and actually striping the blocks over the pv's like raid0
<piedoggie> nijaba: with regards to speech recognition, there is some hope in that the wine people have managed to make NaturallySpeaking (the only reasonable desktop speech recognition system) work.  It runs faster and more reliably than it does on Windows (surprise surprise)
<nijaba> piedoggie: hey cool!
<soren> _ruben: I don't really care much about that.
<piedoggie> but unfortunately, it doesn't speak to any Linux applications.  That is going to take some time and money and the nonprofit I belong to is working on a grant to get funding
<soren> _ruben: a) on a reasonably busy server, the disk heads are all over the place anyway, so the disk layout of files doesn't matter much.
<_ruben> soren: when having lots of small files it doesnt matter really .. but when storing large files, i'd say it'd be a performance improvement
<_ruben> soren: hmm .. never looked at it that way
<soren> _ruben: b) I like the fact that if a disk dies (and there's no redundancy), it's contained to a certain part of the filesystem rather than smashing the *Entire* thing because every other fs block is on the dead disk.
<fromport> hmm just got bitten (again) by the hardy installer. i have > 2TB disks . setup the partions with debian-lenny boot image but during something really mingles with the partirion table and all partitions past the first 4 are wiped :-(
<piedoggie> http://en.wikipedia.org/wiki/ZFS  is a reasonable description
<soren> _ruben: I've never really cared about fs fragmentation on my servers. They're usually busy enough for it to not matter at all. Any place on the disk has as good a chance of being close to the disk heads at any given time as any other.
<_ruben> soren: true, concerning b, but i'd use raid1 as pv's if its important data in any way ..
<soren> _ruben: Sure.
<_ruben> soren: i dont care that much about fragments either, tho increasing the number of spindles used i do prefer
<piedoggie> thanks for the help.  I think it's time to crash and get some sleep.
<soren> _ruben: Point a) describes why it's pointless, while point b) describes, why it's actually a bad idea.
<soren> _ruben: Sure, but unless it's a server that's not doing anything but serving *huge* files one at a time, it won't do you much good.
<_ruben> soren: true enough
 * _ruben always tries to get the most out of his hardware, but that doesnt always lead to the best results/setup/whatever :p
<_ruben> i really do need to do some research on how to get the best performance for given diskload + hardware setup
<CrummyGummy> Hi all, is any one here using mysql clustering?
<faulkes-> you mean ndbd and what not?
<CrummyGummy> yup
<faulkes-> I don't currently use it under ubuntu but I do use it
<CrummyGummy> I'm having problems similar to this bug.
<CrummyGummy> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459543
<ubotu> Debian bug 459543 in mysql-server-5.0 "mysql-server-5.0: ndb-cluster is broken" [Normal,Open]
<CrummyGummy> And I was wondering if its valid for ubuntu.
<juliux> does somebody getÂ´s  domino on an ubuntu server running?
 * CrummyGummy heads off to launchpad.
<faulkes-> that debian bug sounds more like his cluster is borked and not actually a bug
<CrummyGummy> Thats good and bad. I then need to find out why I have a similar problem.
<CrummyGummy> http://pastebin.org/25478
<CrummyGummy> faulkes-: Please have a look at that for me.
<faulkes-> how many nodes exist in the cluster?
<CrummyGummy> 6
<CrummyGummy> 2 data
<CrummyGummy> 2 mgm
<CrummyGummy> 2 sql
<faulkes-> have you or did you start by initializing ndbd already?
<CrummyGummy> yes
<faulkes-> and if this is a previously installation, do you have backups of your data as per mysql-cluster backup method?
<CrummyGummy> Nope, this is my first time.
<CrummyGummy> I'm pulling all the data from a multi-master replication setup.
<faulkes-> sec
<faulkes-> http://pastebin.org/25483
<faulkes-> is what your error translates to
<faulkes-> start looking for information surrounding that
<CrummyGummy> hmmm, I've seen that error when filling the db. It shouldn't happen whne setting up a file. Quick question wrt the ndbd --initial. Does it exit by itself or do I have to stop it?
<CrummyGummy>  /file/table/
<CrummyGummy> cheers, gotta go...
<faulkes-> ndbd --initial is used when you first initialize the cluster node or if you are completely rebuilding it from a backup
<faulkes-> it acts just like a typical ndbd process afterwards
<mathiaz> zul: re bug 204612
<ubotu> Launchpad bug 204612 in nut "nut 2.2.1-2.1ubuntu1 fails to install on Hardy Heron" [Undecided,In progress] https://launchpad.net/bugs/204612
<mathiaz> zul: you don't need to ask for a FFe - the package doesn't install now
<zul> mathiaz: yep
<mathiaz> zul: it's a bug and should be fixed
<zul> mathiaz: ok Ill just merge it when it hits debian
<mathiaz> zul: the problem is the udev restart call which should not be done
<mathiaz> zul: the solution about udevtrigger is propable the RTDT
<zul> RTDT?
<mathiaz> zul: you may wanna ask #u-devel about this though
<mathiaz> zul: right thing To Do
<zul> ok will do
<zul> mathiaz: too many acronymns
<mathiaz> zul: yeah - especially if I start to use wrong ones...
<zul> mathiaz: if it doesnt appear on merge-o-matic Ill just cherrypick it
<piedoggie> how difficult is it to customize jeos with your own applications?
<piedoggie> I should probably also say that they are all tarballs and have little or no chance of becoming .debs
<sommer> piedoggie: should be as easy as custimizing regular ubuntu... you may just have to install more software initially, seeing as how little jeos starts out with :-)
<piedoggie> :-)
<piedoggie> I assume there is documentation on how to do this but I just haven't been able to find yet?
<sommer> piedoggie: http://doc.ubuntu.com/ubuntu/serverguide/C/jeos.html is the development version of the serverguide that will be released with Hardy
<sommer> should help get you started anyway
<piedoggie> I may just fall back on releasing it as a virtual machine.
<sommer> piedoggie: interesting, do you think more software vendors will take that approach in the future?
<piedoggie> think so.  I have a customer that is a fruit and vegetable wholesaler and they are dependent on aid package called produce pro-
<sommer> cool
<piedoggie> the first version came on a Red Hat eight CD as a tar ball installed by the vendor
<piedoggie> the current version comes on a virtual machine
<piedoggie> the project I'm working on (reputation-based anti-spam) is such a bag of parts that I don't think anybody but myself can install it
<piedoggie> so rather than inflicting a four or five page long installation process on someone, just delivered as a virtual machine and call it done
<sommer> heh, would make sense to distribute a VM then :-)
<jetole> hey guys
<piedoggie> the big challenge is figuring out how to partition user data from the baseline system
<piedoggie> I think I'm going to go with two virtual disks, one for the basic application and the other for all of the user data files
<piedoggie> obviously I'm going to want to have as small a virtual machine as possible for distribution purposes
<jetole> hopefully a quick question? is there a way to create a new NIC other then ifconfig eth0:1? I am not a real big fan of ifconfig but ip addr add seems to only apply an address to an existing NIC as far as I know and hping3 which I am using for testing at this point wants an interface but advanced routing seems to have some issues with eth0:1
<piedoggie> why not add your network interface to /etc/network/interfaces
<jetole> piedoggie: I have but it seems that ifconfig is used there however I found I can manually add an alias with ip
<jetole> doesn't show up under ifconfig but then again neither does any additional ip on a NIC under ifconfig
<jetole> ip link set eth6:2 up && ip addr add 192.168.0.25 dev eth6:2 ; ifconfig -a | grep '192\.168' ; ip addr list | grep '192\.168'
<jetole> that will add the interface but will not show up under ifconfig, will show up under eth6 under ip and will allow any app to use eth6:2
<jetole> in fact, you can lose "ip link set eth6:2 up" and just go with "ip addr add"
<sigger> I think I broke my ubuntu server.  Will the reinstall (if there is one separate from install) preserve my etc/files, users, groups, and other things?  [apologies, I just asked this in #ubuntu, but the question is serious enough to seek 2nd opinion]
<ScottK> sigger: No.
<ScottK> sigger: Can you boot the server at all?
<peterdv> (or boot from live cd and mount the partitions ?)
<ScottK> Yep.
<sigger> yes
<sigger> Server boots fine.  I messed it up by cping the partition with /var then cping back.  but forgot --preserve=all so I lost all perm info
<sigger> services not running right.  sock missing.  pid can't open. blech
<sigger> I made a big mes
<sigger> mess
<sommer> sigger: do you have another "test" box you could install ubuntu server on?
<sigger> mmmm, not really unfortunately
<sigger> I just gave up my last "extra" box
<sommer> you could then compare services and permissions... or you could ask per service and someone here can probably help
<sigger> I'm not even sure why I can't ssh.  no error on server side, but no conn from client
<sigger>  /etc/init.d/mysql start complains about not accessing .sock
<sigger> etc
<sommer> sigger: chown -R mysql.mysql /var/run/mysqld/ and try starting mysql
<sigger> k
<peterdv> Forgive me, but before attempting rescue, I feel the need to ask: "What is your backup situation". Not to be rude - just to get a feeling for the risk involved. No offence intended.
<sigger> peterdv:  all data safely backed up off this PC.  Thank you peterdv.  No offense taken.  Helpful comment
<sigger> k did that and perm for debian.cnf, but it now rightly complains of missing /var/run/mysqld/mysqld.sock
<sigger> Know what that is, but no idea how to "bring it back" or get it
<sigger> (actually there was one bit of info that I had to back up manually when the prob was discovered.  I copied the mysql data by files (with --preserve=all) rather thana mysqldump
<sommer> sigger: the mysqld.sock file should be created when starting mysql, but if the permissions on the directory are wrong the deamon process can't create it
<sommer> try chmod 755 /var/run/mysqld and starting mysql
<kraut> what's the sysreq-key? (urgent)
<kraut> alt+~?
<sigger> actually left before the 755 msg and just tried it with 777.  no luck
<sommer> sigger: can you pastebin the exact error?
<sigger> starting by /etc/init.d/mysql start, rather than running mysqld directly if it matters
<sigger> I can't because I can't even ssh in yet
<sigger> I can retype tho.
<sommer> sigger: does the error mention anything about perms?
<sigger> kinda, not really, here's what I think is the relevant part:
<sigger> Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock'.  Check that mysqld is running and that socket [same .sock] exists
<sigger> a process called mysqld is running.  the .sock does not exist tho
<sigger> hmm, lemme kill -9 and retry
<sommer> sigger: what are the permissions and owner of /var/run/mysqld ?
<sigger> at the moment, mysql.mysql 777
<sommer> sigger: try chown mysql.root /var/run/mysqld, I may have told you wrong with the "-R" in the first command
<sigger> k, I'll play with it
<sigger> nope.  -R didn't matter anyway as theres nothing in ther
<sommer> mmmm... what is the output of ls -l /var ?
<sigger> err, I recall there's a bunch there
<sigger> you want just mysql?
<sommer> sigger: heh, yep
<sigger> oh sorry thats not /var/run.  its /var
<sigger> lemme get it
<sigger> run in ls -l /var is 777 root.root
<sigger> i.e. if i were to do ls -ld /var/run
 * sigger starts to plan what to back up before nuking the install
<sommer> maybe try touch /var/run/mysqld/mysqld.sock and chown it to mysql, then try starting
<sigger> hmm good idea
<sigger> no, but I spent some more time looking at syslog (since there is reference to it in error msg).
<sigger> There is another error coming up where it can't lock .ibdata (i think that was the file)
<sigger> er cannot lock ./ibdata1
<sigger> Unable to lock ./ibdata1, error: 11
<sommer> sigger: ah, check the perms and owner of /var/lib/mysql, should be 755 mysql.mysql
<sigger> it is.  I confirmed above
<sigger> well actually, lemme make it exactly that
<sigger> its more open
<sommer> and the contents of /var/lib/mysql should be mysql.mysql
<sigger> contents?  you mean owner.group?
<sigger> it was mysql.mysql 777
<sigger> and the ibdata1 file is 777 mysql.mysql just for fun
<sommer> sigger: yep, the contens of /var/lib/mysql should be mysql.mysql
<sigger> well yes they all are
<sigger> hmm, getting a little crazy here: what if I delete the lock on that file (assuming there is one)
<sommer> sigger: worth a try, I'm running out of ideas ;)
<sigger> nope.  I did notice that the mysqld process sticks around past a /etc/init.d/mysql stop
<sigger> so I had to kill
<sigger> so is it ok that I just copied my data dir files to a backup place?  i.e. can I just copy them back to newly installed mysql data dir and have everything be ok?
<sommer> sigger: I'm not sure about that one
<sigger> ahh maybe I can run mysqldump still
<sigger> nope needs sock
<zul> soren: ping https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/204479
<ubotu> Launchpad bug 204479 in php5 "PHP should be shipped with magic_quotes_gpc = Off  in php.ini" [Wishlist,Triaged]
<zul> soren: what do you think?
<faulkes-> zul: that's typical of most distributions of php.ini
<faulkes-> I don't really think it's a huge issue, if you aren't taking steps to escape / validate your data, assuming php is going to be your magic bullet is well, going to leave you shooting blanks
<soren> zul: I'm a bit torn on the subject.
<owh> The PHP manual says this: http://au2.php.net/magic_quotes
<zul> fedora has it turned off
<owh>         magic_quotes_gpc                      Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at         runtime, and defaults to on in PHP.
<owh> It also says that it's depreciated and removed in PHP6
<zul> owh: I like the big fat warning there
<owh> Personally as a PHP developer I'd expect my environment to do what the manual says. Even if it sucks.
<owh> zul: You mean the warning :)
<zul> yep
<soren> There are a few troubles involved:
<soren> magic_quotes are a more secure default.
<soren> by extension, it teaches bad habits to web developers.
<soren> We've had it on for a long time (don't we? (I find myself unsure)), so disabling it now, might make us vulnerable to attacks that it used to save us from.
<faulkes-> soren: web developers? bad habits? I am shocked, *SHOCKED* to hear you even suggest something like that occurs
<soren> It's kind of like..
 * soren chuckles
<soren> faulkes-: :)
<soren> WEll, C programmers *ought* to make sure that buffer overflows didn't happen.
<zul> soren: dunno thats why I am asking
<owh> soren: While I agree with what you're saying, if we open that can of worms, that is, changing defaults randomly, then where does that behaviour stop?
<zul> :)
<soren> Yet we put the SSP stuff in place, just to be sure.
<soren> It's not entirely comparable, though, as magic_quotes does change php's behaviour in ways the programmer will se.
<soren> see.
<owh> faulkes-: You should see some of the credit card code I am presented with by clients "fresh from their developer".
<soren> owh: It sucks to change defaults, but after long consideration, I'm leaning towards "screw history. If we find better defaults, make the change."
<owh> soren: If they were actual developers they'd know about get_magic_quotes_gpc()
<nxvl> i can not be present on the server meeting, i feel sick and i'm going to the hospital, sorry for absense
<owh> soren: That's a fair comment. Not sure I agree yet.
<owh> nxvl: Good luck.
<owh> nxvl: Get better.
<soren> nxvl: Yeah, get better, dude!
<owh> There is an argument for making Ubuntu better than the rest and leading the way. I totally grok that.
<soren> owh: The sooner, the better. Usually.
<soren> The trouble is that we're quite far along in the release cycle.
<owh> There is another argument that says that if you are deploying a server and something as fundamental as that changes, you are pretty fsk'd.
<owh> If, and only *if* this change is made, then there needs to be a screen explaining that on installation. It will trip up lots of people.
<owh> Anyway, I'm a PHP developer, I'd take it either way, but then I've been doing this for a while :)
<zul> soren: for the PHP stuff configuration file changes and memory issues we can revisit in ibex cant we?
<owh> The level of skill out in the world is asking us for a beating.
<owh> That is, the skill level is low and we'll be answering the support calls.
<owh> zul: I suspect it will be PHP6 by then, but I don't know that for sure. The rules change at a major version upgrade.
<soren> zul: I'd actually like to change the memory limits *right* now. 16 in cgi and mod_php6, and 32 in -cli.
<zul> soren: heh if you are too busy I could do it for you of course
<owh> soren: You mean mod_php6, or 5?
<soren> 5.
<soren> zul: That would be lovely!
<owh> soren: Just to be clear, that's increasing the limit right?
<soren> owh: I don't believe so, no.
<owh> Are advocating making the memory limits smaller?
 * owh checks a hardy install.
<soren> WEll..
<soren> I'm advocating setting the memory limits where they used to be and *ought* to be, but by accident have not been for a while.
<owh> How long for?
<soren> Not sure.
 * owh checks the php manual for guidance.
<soren> Don't.
<soren> Well, feel free to read it, but don't be (mis)guided by it.
<owh> "8M" before PHP 5.2.0, "16M" in PHP 5.2.0
<owh> Currently: "128M"
<owh> http://au2.php.net/manual/en/ini.core.php#ini.memory-limit
<soren> owh: Close, but no cigar :)
<owh> Uh, when I say, currently, I mean the manual. My hardy machine is still booting.
<soren> owh: "8M" (but disabled) before PHP 5.2.0, "16M" (still disabled) in PHP 5.2.0. Now, 128MB and enabled.
<ajmitch> oh dear, PHP
<soren> memory_limit defaulted to *off* until 5.2.something.
<zul> wow hey ajmitch :)
<soren> ajmitch: Dude!
<ajmitch> hello
<soren> ajmitch: Long time!
<ajmitch> not that long, honest
<soren> :)
<owh> soren: The shipped memory_limit is 16M
<soren> owh: At some point the php developers figured that setting memory_limit enforcing on by default would be a good idea.
<soren> Then they got scared that people would shout at them for breaking stuff that used to work..
<owh> :)
<soren> ..and then they set the default limit to 128MB to be (almost) sure that they wouldn't break anything.
<soren> We, OTOH, have had memory_limit enforcing on for *ages*.
<owh> So, you're cutting that back quite drastically.
<owh> Well that's cool.
<soren> With a default of 8MB in mod_php5 and -cgi, and 16 in -cli (to fix some pear crap, I believe)
<owh> At the moment the php.ini file I'm looking at is 16M
<owh> In hardy.
<soren> Recently, the way the amount of used RAM was counted, changed. So what used to fit in 8MB didn't anymore.
<soren> owh: Oh?
<owh> /etc/php5/apache2/php.ini
<nijaba> soren: I confirm it on a fresh install of php
<soren> Did I actually manage to get around to fixing that? I'm deeply surprised. It's still in my todo list (waaaay down).
<soren> What about -cgi and -cli?
<owh> '/usr/share/php5/php.ini-dist.cli 32M
<owh> '/usr/share/php5/php.ini-dist 16M
<owh> That's all that I can see.
<soren> O_O
<soren> Wow.
<owh> There are dist, paranoid and recommended ones as well.
<soren> zul: Er... never mind, then. I (or someone else, possibly) already fixed it.
<owh> In the examples.
<zul> soren: yep I just checked
<soren> dist is the template used to generate our php.ini.
<soren> (ucf style, iirc)
<keescook> (old topic... php magic_quotes)
<owh> soren: Uh, the dist has 128M
<keescook> I'd like to keep it enabled.  applications should know to deal with it -- those that don't certainly need it enabled.
<soren> owh: You just said?
<soren> 20:56:26 < owh> '/usr/share/php5/php.ini-dist.cli 32M
<soren> 20:56:56 < owh> '/usr/share/php5/php.ini-dist 16M
<soren> 20:57:02 < owh> That's all that I can see.
<owh> Gimmie a mo.
<owh> Yeah, the dist is in the example dir.
<owh> '/usr/share/doc/php5-common/examples/php.ini-dist:memory_limit = 128M
<zul>  # memory_limit: 16M for cgi/apache; 32M for cli
<zul>         cat php.ini-dist | tr "\t" " " | sed -e'/memory_limit =/ s/\b128M/16M/g' > debian/php5-common/usr/share/php5/php.ini-dist
<zul>         cat php.ini-dist | tr "\t" " " | sed -e'/memory_limit =/ s/\b128M/32M/g' > debian/php5-common/usr/share/php5/php.ini-dist.cli
<owh> '/usr/share/doc/php5-common/examples/php.ini-paranoid:memory_limit = 8M
<soren> owh: Oh. Er.. Sorry. I was being uncharacteristically ambiguous.
<owh> '/usr/share/doc/php5-common/examples/php.ini-recommended:memory_limit = 128M
<owh> :)
<soren> owh: The ones you showed me first (in /usr/share/php5) are the ones used to generate our php.ini.
<soren> owh: The reasons why are a bit involved (dpkg conffile handling stuff and such).
<owh> Yeah, I figured, but I thought I'd be complete and then you mentioned dist, so I double checked.
 * owh heads to meeting.
<Saftle> have a quick question, I'm wanting to migrate all of my windows based servers into ubuntu, however I'm not sure whether ubuntu server or ubuntu desktop would be better due to me requiring a GUI. Basically we wouldl like PHP, APACHE, SSH etc to be ran from the linux environment and it would require a Virtual Machine of Windows to be running windows tasks.
<soren> What's the gui for?
<Saftle> to run VMware
<soren> Ah.
<owh> Saftle: Technically you don't actually need a gui to run vmware-server. I'm not sure if it will install without it.
<owh> Saftle: Personally I install ubuntu-server and add what is needed.
<Saftle> owh: so basically install gnome and vmware-server after installing ubuntu-server then?
<Saftle> rather than using ubuntu desktop and installing lamps and vmware-server?
<soren> The end result is *almost* identical.
<owh> Saftle: Well, I'd not even install gnome, I'd start with vmware-server.
<owh> Saftle: It will pull in the dependencies.
<Saftle> owh: sorry for being a linux noob, but without the gnome GUI is vmware still visible?
<owh> Saftle: Well, yes and no.
<owh> Saftle: You will be able to manage the vmware-server from a remote console, but it won't be a gui on the server hardware itself.
<Saftle> wow, ok, that might be just what I need then
<owh> Saftle: Try it and see if it gives you what you need.
<Saftle> owh: awesome thx alot for your help.
<owh> Saftle: Pleasure.
<JaxxMaxx_> To admin a VMWare'd Windows server, use RDP :)
<owh> Saftle: Just so you know, Ubuntu is heading towards kvm. I've personally not made that switch yet, but you should be aware of it.
<owh> JaxxMaxx_: Sometimes you need to see the BIOS screen too :)
<Saftle> owh: you mean like a KVM switch?
<owh> Saftle: No, like the software.
<Saftle> owh: not familiar with it
<JaxxMaxx_> Hmm, does VMWare have remove viewing capabilities yet?
<Saftle> owh: just googled it, so basically it's an alternative to vmware?
<owh> Saftle: Yes.
<Saftle> owh: oh ok thx, I'll look into it, and see if it's a better solution than vmware
<owh> Saftle: One difference is that the kernel support is part of Ubuntu. The packaging for vmware has sometimes been challenging.
<JaxxMaxx_> is KVM compatible with vmware images?
<owh> JaxxMaxx_: There are conversion tools available/in the works.
<JaxxMaxx_> is it giving the community a tingly feeling?   why the move away from vmware?
<JaxxMaxx_> I'd thought it was a good product, vmware
<Saftle> owh: another noob question for you, how exactly would I go about installing xp without a gui and then be able to remote into it after installation without configuring the IP using the windows GUI? or is that all possible, but just requires a bit of googling on my end?
<owh> JaxxMaxx_: It is, it works for me, sometimes it bites you.
<owh> Saftle: The thing you have to bear in mind is that you're talking about a GUI into a virtual computer. A remote console.
<owh> Saftle: You start up the hardware, insert the (virtual) CD and boot the XP installer.
<JaxxMaxx_> I think he's just confused about how to go through the XP install without being able to see it (because the host OS has no GUI)
<Saftle> and then from there remote into it from another computer?
<Saftle> exactly
<owh> Saftle: 1. Install your virtual machine layer, vmware, kvm, whatever. 2. Create a virtual machine via ssh. 3. Boot the virtual machine from a remote GUI console. 4. Install XP.
<JaxxMaxx_> ah, like a remote X session?
<Saftle> oh ok, that makes sense, well thx again. I'll give it a shot. I'm sure that doing it this way will definately decrease the worlkload on the server
<Saftle> workload*
<owh> Saftle: Well, the gui doesn't draw that much cycles if it isn't doing anything.
<JaxxMaxx_> Just occupies RAM
<owh> I'm trying to download stuff from bazaar.launchpad.net and I'm getting 500 Internal Errors. Any ideas?
<zylstra555> Hello. I am using Ubuntu server, I get this when running apt-get install: E: Could not get lock /var/cache/apt/archives/lock - open (11 Resource temporarily unavailable) | E: Unable to lock the download directory
<owh> zylstra555: Are you running the apt-get as root, is another package installer already running?
<zylstra555> owh: Yes, Apt-get is in root. I am getting help in #ubuntu at the moment... will return here if they cant come up with anything. Also, its only one instance of apt-get running
<owh> zylstra555: What about aptitude, synaptic, dpkg?
<zylstra555> sudo fuser -vki /var/lib/dpkg/lock;sudo dpkg --configure -a   fixed the problem, so, no idea what caused it
<owh> zylstra555: Is this in hardy?
<zylstra555> owh: Shoot, forgot I had it installed. Yes, it is, in fact
<zylstra555> (I should write the OS version on the side of it... should have mentioned that immediately)
<zylstra555> Would it be a security risks if I made my regular user account into a full administrator without need of using the SUDO command?
<owh> zylstra555: In short, yes.
<owh> zylstra555: If you can reproduce this problem, can you please report a bug?
<zylstra555> owh: Yes, however, I dont think I can. I have no idea what caused it. I did do something evil and decide to install Samba over Webmin, which, uses the -F option
<owh> ROTFL, that will learn you :)
<owh> zylstra555: I wonder if the samba package was still installing.
<zylstra555> owh: It pretty much stopped. I restarted and tried again, and restarted and tried a different package, the same problem happened.
<owh> zylstra555: What I'm saying is that perhaps webmin was still trying to install.
<zylstra555> owh: Hmm... perhaps
<zylstra555> Okay, second question: I am having trouble getting data into my public_html folder, located at /home/user/public_html  and I cant use my FTP client to change the attributes, since it doesnt have the proper privileges (thus, why I asked about making my regular account into a full root)
<zylstra555> How do I change it? I tried sudo chmod +r+w public_html   but that didnt yield anything, telling me I properly used the wrong switches.
<mok0> zylstra555: chmod 751 ~/public_html
<mok0> zylstra555: and make sure all .html files have protection 644
<zylstra555> 664? Write, Read, but not execute?
<zylstra555> No, I take that back
<mok0> zylstra555: yes, owner rw others r
<zylstra555> I need my webserver to be executable, and certain parts to be writtable. (Which, I can deal with later)
<mok0> zylstra555: 751 = owner rwx, group rx, others x
<mok0> zylstra555: writable? eeech.
<zylstra555> mok0: Forum :/
<mok0> zylstra555: make the directory or files belong to group www-data
<zylstra555> mok0: It does
<mok0> and give group write access
<zylstra555> (Default is /var/www/ for Apache2, I changed it to /home/user/public_html for some extremely strange reason. )
<mok0> i.e 664 for files and 771 for dirs
<mok0> zylstra555: heh, well that's up to you :-)
<zylstra555> I just cant get chmod 751 ~/public_html to work at all
<mok0> zylstra555: do you own it?
<zylstra555> It keeps saying that public_html Does not exist
<zylstra555> mok0: My server is screwy.. other than that, it belongs to the www-data group, its not necessarily part of mine. How would I change that?
<mok0> what does "id" say?
<mok0> zylstra555: you don't
<zylstra555> (well, not associated with my user account, that is. I am the administrator... )
<zylstra555> ID:    gid=1000(server) groups=4(adm),20(dialout),24(cdrom),2(floppy),29(audio),30(dip),44(video),46(plugdev),104(scanner),10(lpadmin),110(admin),1000(server)
<mok0> zylstra555: go "id" in the terminal and paste the result
<mok0> heh
<mok0> ok
<zylstra555> Oh, I dont know if this has anything to do with it, but, the command "su" does not work for me
<mok0> zylstra555: grep server /etc/passwd
<mok0> zylstra555: right
<Bidou> 'night all
<zylstra555> server:x:1000:1000:server,,,:/home/server:/bin/bash
<zylstra555> su returns: su: Authentication failure
<mok0> zylstra555: ok, so ~/public_html refers to /home/server/public_html
<mok0> zylstra555: ~ means -> users home dir
<zylstra555> mok0: So, now it should just give me the same permissions as my current home folder, right?
<mok0> zylstra555: don't know what you mean, exactly
<zylstra555> mok0: I still cant set file attributes for the public_html folder
<mok0> zylstra555: does it exist?
<zylstra555> mok0: Yes, quite plain and clearly on the DIR command
<mok0> ls -l ~/public_html
<zylstra555> in fact, cd public_html works fine
<zylstra555> It keeps saying:
<zylstra555> "No such file or directory"
<mok0> ls -l ~/public_html
<zylstra555> The same thing happens
<zylstra555> Should I stop Apache2 and delete the folder and create it again?
<mok0> no such file or directory?
<mok0> zylstra555: NP
<mok0> zylstra555:  NO
<zylstra555> ls: /home/server/public_html: No such file or directory
<zylstra555> wait, /server/?
<mok0> zylstra555: then: mkdir ~/public_html
<zylstra555> ls -l ~/public_html returns: "total 0"
<mok0> ok, try ls -ld ~/public_html
<zylstra555> Its kind of funny, I had my server running fine before... then I decided to redo everything
<zylstra555> drwxr-xr-x 2 server server 4096 2008-03-26 15:56 /home/server/public_html
<mok0> zylstra555: the server has nothing to do with this.
<mok0> zylstra555: ok, now your ~/public_html dir looks fine
<mok0> zylstra555: when you said "it worked fine" was that before changing away from /var/www ?
<zylstra555> mok0: I still cant upload to it via FTP, thus, the file attributes are still fine
<mok0> zylstra555: hmm
<mok0> is this forum a home-made one, or what?
<zylstra555> mok0: Nope, my server was only allocating 3GB of 20 that I had available. This was due to using the DD command for moving the drives data. I decided to do an entire reinstall so I could fix most of the other problems it was having anyways. Before I had the public_Html folder in /home/user/public_html and I decided to set it back to the same one
<zylstra555> mok0: The forum (which is not currently on the server, since I cannot upload it) is a SMF forum. The server itself is sitting behind me
<mok0> zylstra555: I guess first you should get the httpd server to display a simple html page
<zylstra555> mok0: I cant. I cant do anything to the public_html directory, let alone create an index.html page
<mok0> zylstra555: but you need to tell apache2 that there is another doc dir
<mok0> zylstra555: still not?
<mok0> zylstra555: that's very puzzling
<zylstra555> mok0: I still cant do anything to that folder, no, if thats what you were asking. (The irony... I dont know how I got it working before)
<mok0> zylstra555: above, you have a directory ~/public_html that looks quite normal
<mok0> zylstra555: in the terminal, try "cd ~/public_html"
<zylstra555> (currently in the /home/user/ folder)
<zylstra555> mok0: cd ~/public_html works fine
<mok0> zylstra555: now, "touch index.html"
<mok0> zylstra555: that should give you an empty file
<zylstra555> mok0: Okay
<mok0> zylstra555: what editor are you comfortable with?
<zylstra555> mok0: that worked
<zylstra555> nano,
<zylstra555> mok0: Creating a very basic page
<mok0> zylstra555: ok, then try writing something in that empty file using nano
<zylstra555> mok0: I can write to that file
<mok0> yay
<zylstra555> When, on my local network, I visit http://192.168.1.7/ I get the Apache Directory listing, which, is blank
<zylstra555>  Also, my FTP client doesnt list the index.html file
<mok0> zylstra555: very slow access from here
<mok0> zylstra555: try http://192.168.1.7/~server
<zylstra555> mok0: Are you trying to visit it?
<mok0> zylstra555: yes
<zylstra555> mok0: 192.168.1.X isnt a regular IP address, thats a router assigned address. Right now, my site is at www.zylstrablog.co.nr and is being hosted by my Windows computer
<zylstra555> (which, also, happens to be down at the moment..
<mok0> zylstra555: I see
<zylstra555> mok0: I see where we were on two pages. The directory /home/server/public_html now exists... but, what about /home/user/public_htm ?
<mok0> zylstra555: anyway, since you put the index.html page in the user "server" 's public_html directory, you need to address it with ~server after the url
<zylstra555> *html
<zylstra555> http://192.168.1.7/~server returns "NOT FOUND"
<mok0> zylstra555: /home/user/public_html would belong to a user called "user"
<mok0> zylstra555: you probably have to tune apache's conf files
<mok0> zylstra555: hang on
<zylstra555> mok0: Correct. Whome, does not exist. (This is how it used to be configured)    Apache is set to use /home/user/public_html
<zylstra555> www-data's home folder is /home/user/public_html
<mok0> zylstra555: normally, you don't do it like that.
<zylstra555> mok0: :)
<mok0> zylstra555: apache can serve any directory
<mok0> zylstra555: ordinary users can serve their ~/public_html directory
<mok0> zylstra555: will you have users on the machine?
<zylstra555> mok0: Nope, no other users
<mok0> zylstra555: then you might as well edit apache's conf files to tell it where the document root is
<mok0> zylstra555: it doesn't have to be a home directory for anyone
<zylstra555> mok0: Which, is currently set to /home/user/public_html    should I set it to /home/server/public_html ?
<mok0> zylstra555: by default, it is /var/www
<mok0> zylstra555: look in /etc/apache2/sites-enabled
<zylstra555> mok0: I have to leave my computer for a while, if you happen to be here when I get back (which, might take about 30 minutes or so) I will be able to continue. I greatly thank you for your help, hopefully, I will get this resolved
<mok0> It is quite late here, so I might be gone
<mok0> Anyway, I advice you to edit the  apache config file, look for "DocumentRoot": that will be where the basic URL goes to
<Erickj92> does anyone have some time to help me trouble shoot apache2?
#ubuntu-server 2008-03-27
<_dennister> anyone awake in here? I could really use some security-related advice b4 i take the head off this new fileserver :)
<_dennister> oh dear...i should go on my other pc where i can pm
<_dennister> bbs
<ScottK2> lamont: I think Bug #207526 needs to be dealt with, but I don't think the reporter has the right fix.
<ubotu> Launchpad bug 207526 in postfix "default main.cf.tls causes syslog warnings" [Undecided,New] https://launchpad.net/bugs/207526
<lamont> ScottK2: I'll have to look at it when I'm awake tomorrow afternoon
<ScottK2> Fair enough
<lamont> and off to bed with me
<ghostnob> HELP! I'm following the BIND9 tutorial on the https://help.ubuntu.com/community/BIND9ServerHowto but I don't understand where it says "Now, you can add DNS records to the bottom of the zone". my domain name is haryoh.com. Would I have to create ns.haryoh.com or use my FQDN ns?
<anthony> Say, does the server team publish a list of recommended books on topics such as postfix, apache, etc. for further reference?
<ScottK> anthony: No, but for Postfix, "The Book of Postfix" is the one you want.
<anthony> ScottK: You're the second or third person to say that, so I think I may be buying it tomorrow morning.
<anthony> unless I decide I can wait a week, and get it cheaper from Amazon.
<anthony> Any opinions on using Linux as your firewall versus something like a Cisco product (what we have now)?
<Kamping_Kaiser> my opinion is dump the cisco, but i'm probably alone on that ;)
<anthony> I haven't really used it yet (just getting started in this position), but from watching Bob do it I can say that it looks _extremely_ awkward.
<anthony> He copies and pastes a text file of update commands into the terminal to make changes.
<Kamping_Kaiser> bob?
<anthony> Sorry, my former boss, now co-worker.
<Kamping_Kaiser> ah right
<ScottK> anthony: It depends on the Cisco.  I know Cisco PIX SMTP Fixup manages to lose a LOT of mail for people.
<anthony> no idea what model it is
<MajorP47> has anyone ajaxterm in use?
<soren> MajorP47: Yes.
<MajorP47> soren, wow ure the first
<MajorP47> and it works by u? which machine u running, amd64?
<MajorP47> did u have any issues on the installtion?
<soren> Works fine. amd64.
<MajorP47> mh, not on mine
<MajorP47> no problems during install?
<soren> This was probably a year ago, but no, not afair.
<MajorP47> i cant help me... nothings solves the problem
<soren> WEll, then I can't help you either.
<MajorP47> yes i worry about that :/
<soren> Well, if nothing solves the problem, what can I do?
<MajorP47> but can u say how u've inclued it in apache?
<MajorP47> nothing ;)
<MajorP47> but maybe give me a idea, that i think in another way
<soren> Can you please stop with the "u" instead of "you" thing? I just woke up and it confuses the heck out of me.
<soren> I don't use apache on that server.
<MajorP47> ok i will no problem
<soren> Ok, here's an idea:
<MajorP47> aha ok, did u added a mediatype?
<soren> Install it.
<soren> See if it works.
<MajorP47> lol
<MajorP47> i have, what u thinking....
<soren> Well, you haven't even told me how it fails. How am I supposed to guess what's wrong and how to fix it?
<MajorP47> do u use a proxy module for it?
<MajorP47> you :(
<MajorP47> :)
<MajorP47> iam sorry
<MajorP47> self tired ;)
<MajorP47> ok well, i get a connection error status: 404 in the ajaxterm prompt
<MajorP47> i even have read the tickets, but no one has the same problem
<MajorP47> it must be a local access problem i guess
<soren> YEah, I proxy it.
<MajorP47> well that could it be, i thought proxy is just for decryption but i must be more behind
<MajorP47> damn now i must compile it -.-
<MajorP47> brr
<soren> Er.. It..
<soren> You can just connect directly to it.
<soren> I just proxy it to have it conveniently at foo.domain.com/haxorterm
<soren> Besides, it's a python app. You don't compile it.
<MajorP47> aha ure sure?
<soren> See for yourself.
<MajorP47> i know but i would must compile the mod_proxy ;)
<soren> Er.. no.
<soren> We provide that.
<MajorP47> it runs perfectly unter my vhost, but dont work
<MajorP47> nope i have compiled it myself ;)
<MajorP47> btw. i use debian :>
<MajorP47> but ubuntu-server is also a candidate for my next server
<soren> It runs perfectly, but doesn't work?
<MajorP47> right
<MajorP47> i see it, i can click buttons but i dont get the login prompt
<MajorP47> i mean, the problem cant be by apache
<MajorP47> it must be a local access problem or smt. else
<MajorP47> ive also isntalled python 2.5-dbg
<soren> How can something run perfectly, but not work? I don't understand.
<MajorP47> a good theme, which version of python u running?
<MajorP47> the vhost runs perfectly, no errors ;)
<MajorP47> but the ajaxprompt dont work
<MajorP47> no even no python problem, did tested it with normal 2.5, dont work, well...
<soren> 2.5
<MajorP47> where is the bug, mhhh
<MajorP47> ah well another question, are u running ssh under the standard port?
<soren> Yes.
<MajorP47> ok...
<MajorP47> i dont
<soren> I don't see how it matters?
<MajorP47> that could even a issue
<MajorP47> well there's some ssh option in ajaxterm, dont know for what exactly but it's there
<soren> I'm quite sure mine doesn't use ssh.
<soren> Or perhaps it does nowadays..
<soren> Hmm.. Yes, it does.
<soren> Well in that case..
<soren> Have you done anything to tell ajaxterm that your ssh is on a different port?
<MajorP47> u see, many possibillities ;)
<MajorP47> ive tried with the apache config, but dont work either
<soren> What have you tried?
<MajorP47> ive tested it but i dont worked
<MajorP47> tryed
<MajorP47> ah what
<MajorP47> sry
<MajorP47> iam tired
<MajorP47> ive tried some other apache solutions
<MajorP47> iam runnig it unter a subdomain with port and ssl, thought that i have a fail there, but was not the case
<MajorP47> ok will test with my default ssh port..
<soren> 07:29:36 < soren> Have you done anything to tell ajaxterm that your ssh is on a different port?
<MajorP47> yes i did it, but i have had on that time a failure in my vhost.conf, so that it even couldnt dont work, i will try it now again
<MajorP47> ah damn wtf
<MajorP47> i will install the proxy, term just runs local, that is the problem
<_ruben> mornin'
<spiekey> morning
<spiekey> soren: you there?
<soren> Always.
<spiekey> i have got a small tcpdump  file here and i doubt that its doing a proper tcp handshake...http://i32.tinypic.com/23lgrjt.jpg
<spiekey> No 127 and 128
<spiekey> the packets are created by ftester, a firewall testing tool. I would like to verify if the testing packets do a real tcp connection
<_ruben> spiekey: that the right url? no (initial) handshake at all there
<spiekey> damn!
<_ruben> hmm .. misread it slightly, but still looks strange
<_ruben> fin,syn,ack .. i doubt that's the first packetg
<_ruben> -g
<spiekey> it should only have [SYN] set in the first paket, right?
<_ruben> correct
<soren> It's a firewall tester.
<soren> It's not supposed to act properly.
<soren> Is it?
<spiekey> yes of course!
<spiekey> well, it should have spoof features, but also simulate proper connections
<soren> *shrug* I'm not familiar with ftester.
<_ruben> me neither
<spiekey> i just tested  with a ssh connectionn....i should be [SYN](srouce), [SYN][ACK](dest),... right?
<soren> Assuming the other end does reasonable things, yes.
<soren> Oh.
<soren> Er.. Sorry, you're right.
<soren> Followed by [SYN](source)
<soren> Gha.
<soren> Followed by [ACK](source), I mean.
<bip_> hello anybody can tell me something about ubuntu-server vmware-server support ?
<bip_> which release is binary compatible ?
<bip_> should I use LTS ?
<bip_> will upciming LTS support it ?
<nijaba> bip_ vmware-server is available from the partner repository, and an updated version should be available soon after release of 8.04 in the same repository.
<bip_> so if i must plan a vmwrae server deployement which version should i pick nijaba ?
<bip_> shall i use a 8.4 alpha ?
<bip_> or some other non LTS version ?
<_ruben> i'd go for 7.10 (gutsy) and upgrade to 8.04 (hardy / lts) when its final
<nijaba> bip_ if you want to deploy it today, I would not use 8.04, as vmware server for it is not yet avail
<bip_> I well it s gonna be deployed in the nex weeks ...
<bip_> let say it wont be in production before official release
<nijaba> I second _ruben proposal, adding that I would wait for the updated vmware server to be present in the repository
<bip_> 7.10 can apt-get vmware-server w/out problems _ruben ?
<nijaba> bip_: yes
<bip_> well i need the vmware-server right away
<nijaba> soren, use 7.10 then
<soren> ?
<bip_> we have a box that we use just as physical host for virtual machines
<_ruben> must admit i havent tried installing vmware from the repos yet .. am still in the progress of installing my first ubuntu based vmware host (my other hosts are running novell sles9)
<nijaba> sorry, I meant so, not soren
<soren> nijaba: Ah.
<bip_> I need to migrate those machines
<bip_> and we are plannin to deploy a further vmware hosting machine
<_ruben> bip_: for serious vmware usage, the use of vmware esx is highly recommended .. then again, thats far from free
<bip_> we are currently using debian, but I m not totally happy with tlevel of integration of debian and vmware
<bip_> well I d pay the licence for ESX
<bip_> but my problem is NOT the fee _ruben
<bip_> my problem are vthe hardware requirements of ESX
<bip_> we certanly do not have nor can afford or need that hardware
<_ruben> ah
<bip_> we run about 12 servers here
<_ruben> then vmware server is the way to go
<nijaba> bip_: did you consider kvm?
<bip_> 4 of those are already virtualized
<bip_> well not really nj
<bip_> nijaba,
<bip_> I inherited vmware
<nijaba> ok
<bip_> and as you mighrt know
<bip_> bosse gte nervous if you say: change
<_ruben> hehe
<bip_> we have running server ...
<bip_> they have been running with vmware until now ...
<bip_> now we need to redeploy em and change some/a lot of stuff ...
<bip_> changing virtualization engine would add a further variable ...
<bip_> I am already nervous thinking about a os switch
<bip_> so how many of you run vware server in a production environement ?
<_ruben> we (here at the office) are using it only for internal stuff currently .. tho in a month or so i'll be playing with esx and exploring the possibilities to also use it for hosting stuff for our customers
<bip_> we have it in the LAN now
<bip_> i plan to virtualize some dmz hosts as well
<bip_> how long have you been running that _ruben ?
<bip_> there is any way i can browse the partner repo from the web ?
<_ruben> im guessing we started using virtualization about a year ago
<_ruben> yes, but i wouldnt know the url from top of my head
<bip_> and was this year mostly pain free _ruben ?
<_ruben> yeah, most problems where (crappy) hardware related
<_ruben> but thats the beauty of virtualization: crappy host? get a new/better host, and move the guest without troubles and minor downtime
<bip_> this year you used mostly sles 9 as host os right _ruben ?
<_ruben> yeah .. the switch to ubuntu has been initiated not that long ago .. only have a few live servers running ubuntu, but more to come when i have time
<bip_> why are you thinking about switching to ubuntu ? something you dont like aboute suse ? something you like about ubuntu ?
<_ruben> bip_: both .. sles9 requires you to pay for updates and has slow release cycle .. ubuntu has a great community based support and optional commercial support and a fixed release cycle
<bip_> well  the cost issue I understand and my boss does as well ;-) not sure the slow release cycle is really a issue unless you must live always on the cutting edge
<_ruben> bip_: well .. our sles9 machines run a 2.6.5 based kernel which is pre-historical .. sles10 i heard so many bad stories about when it was released even after sp1 came out, that i didnt even bother suggesting we'd go there
<_ruben> and with ubuntu, i ran into a bug .. reported it at 4pm .. when i checked my mail the next day, the fix was released at like 8pm that night
<bip_> oh well i have nightmares with suse too , so dont get me started ...
<_ruben> even though it wasnt such a big bug, it does demonstrate how 'flexible' the ubuntu way is
<_ruben> ok :)
<bip_> how is ubuntu beahving ?
<_ruben> i do love suse's YaST .. but thats about it
<bip_> is it deployed in production ?
<fromport> i've got hardware with > 2TB harddrive (hardware raid5) and i'm bitten by "parted" bug that has been there since gutsy. every distro has it glitches ;-)
<_ruben> bip_: other than a few initial quircks its behaving like a charm
<bip_> or is it still sort of pre-production _ruben ?
<_ruben> bip_: i recently migrated our office firewall from sles to ubuntu .. our next 'big' steps will be replacing a loadbalancer at a colo and some new bulkmail servers
<bip_> here we are tryin to standardize most production servers run debian
<_ruben> and im migrating some vmware hosts machines from sles to ubuntu
<bip_> but some appliances sold to customers must run RHEL
<_ruben> when we moved to suse we actualy came from debian (woody)
<bip_> I am unhappy with the way debian deals with vmware
<bip_> so thi is why I m pondering adding ubuntu to the team
<bip_>  this
<_ruben> with the rather slow release cycle of vmware server, rolling your own package should be very doable
<_ruben> especially once you have a working base
<bip_> well is sorta nightmarish ...
<bip_> never works the same ...
<bip_> it wasn t like that
<bip_> I used to be able to just run it from tarball
<bip_> but i dont know maybe vmware doent go along with some debian kernels
<bip_> maybe 1.0 is plain too old ...
<bip_> it s becomin a tad too scarey to keep it on production machines
<_ruben> vmware server 1.0 you mean?
<bip_> yes
<_ruben> the 1.0.x branch is the current stable branch
<bip_> I have that running now
<_ruben> 2.0 is still in beta
<bip_> yeah ...
<_ruben> i run 1.0.2 and 1.0.4
<_ruben> havent gotten around to upgrade a few older ones
<bip_> but there is a 1.0.5 bei current now
<bip_> anyhow do you know what happen now ?
<bip_> my boss wants me tu built a replacemet email server
<bip_> and told me do a vmacchine
<bip_> well the vmware-console is no longer running on the server
<bip_> the vmachines are running fine
<bip_> but simply there is nothing listening on port 902 :(
<_ruben> your xinetd (or whatever superserver you use) crashed?
<bip_> I don t think so ...
<bip_> but i might give it a quick check ...
<_ruben> 902 is serviced through that
<bip_> I know ...
<bip_> i have been readin quite a few docs about that lately ;-)
<_ruben> so even if vmware craps his pants, 902 should still be avail (atleast in listening state)
<bip_> it s not
<bip_> i can t evene get a prompt if i do telnet localhost 902
<bip_> vmachines are up and running
<bip_> but nothig is on 902
<_ruben> what does sudo netstat -lnp tell you about port 902?
<bip_> one sec
<bip_> that shows nothing on port 902
<bip_> that service died ...
<_ruben> then inetd/xinetd/whatever must died or atleast have some problems
<bip_> I m checkin that
<bip_> but i have read the /etc/xinetd.conf file no mention about vmware is made there ...
<bip_> and that file is dated about 2 years ago ...
<bip_> maybe vmware console isn t managed by xinetd in debian ...
<_ruben> and /etc/xinetd.d/vmware-authd ?
<_ruben> could be, wouldnt know
<_ruben> do you have another vmware host on debian? if so you could compare the two
<bip_> i don t have that file _ruben
<bip_> no i dont have an other one here :(
<_ruben> i'd check the vmware package to see if it shows any traces on how vmware-authd is serviced
<bip_> yeah I playing detective ...
<bip_>    m
<spiekey> howdy
<spiekey> what libnet package does it want? http://pastebin.ca/959330
<_ruben> spiekey: im *guessing* it wants the libnet1 package
<spiekey> libnet1 is already the newest version.
<spiekey> guess again :)
<spiekey> libnet1-dev is also installed
<spiekey> http://pastebin.ca/959340
<_ruben> there's also libnet0 (obsoleted) and a libnet6-1.3
<spiekey> nope, still the same :-/
<faulkes-> morning zul
<zul> morning faulkes-
<dthacker> happy thursday
<_ruben> heh
<sommer> hey all
<faulkes-> heya
<youngmusicorg> could someone tell me what the standard location of ldap logs is? I can't find a single reference to ldap in my logs, while slapd is running in the loglevel is 256
<Kamping_Kaiser> it should log to syslog
<Kamping_Kaiser> unless you set a custom logfile
<youngmusicorg> yes, of course. How stupid of me to forget that one.
<Kamping_Kaiser> hehe.
<youngmusicorg> thanks
<Kamping_Kaiser> np
<rhineheart_m> anybody in here who would like to say about webmin? I have it in my machine.. and I'm so curious people are claiming that it's a security nightmare...
<youngmusicorg> I just copied my ldap database from a fedora server to a ubuntu server. Ldap works as such, but an ldapsearch -x "uid=name" gives no result. Ldap is responding, but says the entry is not there. But i can use "slapcat -a "uid=name" and get the whole entry. Any ideas?
<Kamping_Kaiser> odd. turning up the debug didnt help at all?
<youngmusicorg> well, no. According to the logs, nothing goes wrong. The entry's just not there and the server returns a code (32 No such object)
<Kamping_Kaiser> not sure. i wont be here long enough to help out this morning either
<lamont> youngmusicorg: should be in daemon.log, I expect
<youngmusicorg> ok, thanks for responding
<Kamping_Kaiser> night all!
<Kamping_Kaiser> i'll see you in about 8 hours :D
<Jeeves_> Good night!
<Kamping_Kaiser> Jeeves_, :) catch you later mate
<smiley__> Anyone care to help me understand dns servers/
<smiley__> I have 6 static ip's , and a few Domain Names
<smiley__> Id like the domain names to point to my static ips
<smiley__> but, am still sorting out the DNS thing
<sommer> smiley__: here's a good place to start: http://doc.ubuntu.com/ubuntu/serverguide/C/dns.html
<smiley__> Thanks sommer, i appreciate the help.
<sommer> if you have specific question don't hesitate to ask :)
<smiley__> So, from what i understand, I set up bing9 properly..
<smiley__> Log into the site that i got the domain from
<smiley__> and change its primary dns # to that of my static ip
<smiley__> And then all should be well?
<smiley__> ill be back,
<sommer> uh, not sure what you mean by "Log into the site that i got the domain from"
<joebob777as7> I followed the steps on the ubuntu server guide to set up ssl with my apache2 server now I can't go to http sites it tells me:BAD REQUEST Reason: You're speaking plain HTTP to an SSL-enabled server port.
<sommer> joebob777as7: do you have <VirtualHost *:80> in your virtual host?
<sommer> joebob777as7: if so try changint it to <VirtualHost server_IP:443>
<sommer> s/changint/changing/g
<joebob777as7> sommer what file is that again? sorry...
<sommer> joebob777as7: probably /etc/apaache2/sites-available/defualt... unless you've added another config file
<helpme> hi all
<foo> hello
<joebob777as7> sommer this is my default file: http://pastebin.ca/959719
<helpme> i need help with a broken mdadm array
<CarlFK> why is postgresql-8.3 install using server_encoding LATIN1 ?
<helpme> it's a 4x320GB sata raid5 array built using mdadm, and i cant run it anymore
<sommer> joebob777as7: try changing <VirtualHost *> to <VirtualHost IP_ADDRESS:443>, replacing IP Address with the server's IP
<SpudDogg> Hello everyone
<SpudDogg> helpme:  are you getting any particular errors?
<joebob777as7> sommer what if i have a dynamic ip? or do you mean my lan ip?
<helpme> sda2 and sdc2 are saying only them are ok (sdb2 and sdd2 faulty removed), and sdb2 is saying sda2, sdb2 and sdc2 are ok (only sdd2 faulty removed), and finally sdd2 is saying everyone is ok.
<sommer> joebob777as7: whichever IP your clients will use to access it... on a server the IP is usually static
<helpme> how do i get my data back? or at least most of it?
<SpudDogg> helpme:  hang on a second
<helpme> ok
<SpudDogg> helpme:  i believe that since you're working with a software RAID, you should be able to mount those drives read-only and *possibly* get some of the information back.
<CarlFK> helpme: why "can't mount" ?
<helpme> how do i do that? in raid5, we're supposed to stripe data across disks
<joebob777as7> sommer ok sorry to be a pain I would appreciate it if you would just explain a couple things.... 1. what does this tell my server to do? 2. why now if I go to domain.com does it show my root domain directory?
<helpme> sd{a,b,c,d}2 are 0xfd partition type (raid autodetect), data is incomplete with less than 3 disks
<SpudDogg> helpme:  that's going to be the issue for you.  i don't think there will be a way to recover ALL data unless you send the disks off to a recovery company.  other than that, you should actually be able to mount those disks one at a time, read-only, and hopefully grab some of your data
<JaxxMaxx_> I'm trying to reset the administration password on my MySQL installation.  Removing the package and reinstalling didn't appear to blank the password.  Any other recommendations? (trying to follow the steps on https://help.ubuntu.com/7.10/server/C/mysql.html )
<sommer> joebob777as7: 1) it tells your server to listen in the IP Address using port 443 the HTTP SSL port 2) probably because you don't have an index.html or index.php
<helpme> isn't there a way to tell mdadm to salvage md array using nearly up2date partitions?
<joebob777as7> sommer ok I guess I just need to learn a little more. I was setting up my web server using webmin and I had it redirecting requests to mail.domain.com go to a dir of my mail login and now it's going to my / dir...
<SpudDogg> helpme:  this may be like profanity, but do you have access to a windows machine?
<helpme> w/ difficulty, y?
<sommer> joebob777as7: ya, I don't know much about webmin... other than it will create strange configurations at times
 * agile beats his head against his new dual quad core cd-less 1u servers 
<joebob777as7> sommer ok thx! i'll look into it.
<sommer> joebob777as7: np
<agile> have any of you managed to make an installable thumb drive using the server iso?
<SpudDogg> helpme:  well, i know there is raid rebuilder software for windows, but i don't think it's not going to work on ext3 filesystem anyway.  still, my recommendation is to try to mount them R0, one at a time.  It looks like that's going to be your best bet.
<helpme> they cannot be mounted, they are a linux_raid_member
<helpme> do you have a link?
<joebob777as7> sommer what is the best way to have it so that if someone goes to http://mail.domain.com it redirects to https://mail.domain.com?
<SpudDogg> helpme:  i know that it sounds stupid to attempt to mount a single drive from a raid, but that's what i tried to do before.  i did not actually recover any data, but i did get them mounted
<SpudDogg> helpme:  a link...hang on
<helpme> SpudDogg: thanks
<sommer> joebob777as7: mod_rewrite is what I use: http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html
<SpudDogg> helpme:  http://ubuntuforums.org/archive/index.php/t-638625.html
<joebob777as7> sommer is this module installed by default or do I have to enable it?
<sommer> joebob777as7: ummm... I forget, but you can check to see if it's enabled by ls /etc/apache2/mods-enabled
<sommer> joebob777as7: if it's not enabled you can enable it by sudo a2enmod rewrite, I believe
<helpme> SpudDogg: i read that, but that's not my case. my drives are perfectly working, only an inconsistency in my md array
<joebob777as7> sommer i think I killed it... Syntax error on line 295 of /etc/apache2/apache2.conf: Syntax error on line 2 of /etc/apache2/sites-enabled/000-default: /etc/apache2/sites-enabled/000-default:2: <VirtualHost> was not closed.
<sommer> joebob777as7: what's on line 2?
<joebob777as7> <VirtualHost *>
<sommer> joebob777as7: do you have a </VirtualHost> entry?
<helpme> SpudDogg: i solved it!
<SpudDogg> helpme:  really?  what did you find?
<helpme> i read this: http://wi read this: http://www.issociate.de/board/post/479697/Help:_Re-assemble_raid-5_with_inconsistent_events..htmlww.issociate.de/board/post/479697/Help:_Re-assemble_raid-5_with_inconsistent_events..html
<helpme> i read this: http://www.issociate.de/board/post/479697/Help:_Re-assemble_raid-5_with_inconsistent_events..html
<helpme> i checked the event count , and found sd{a,b,c}2 to be closest, then (cause i knew the array layout):
<helpme> mdadm -A /dev/md1 --force /dev/sd{a,b,c}2
<helpme> xfs_check just told me my fs was good
<joebob777as7> sommer nice sorry i'll go re read the manual
<joebob777as7> lol
<SpudDogg> helpme:  glad you got it done, sorry i couldn't be more help...
<sommer> joebob777as7: there more familiar you are the better :-)
<sommer> joebob777as7: but if you have specific problems someone will probably know the answer, or where to find it
<joebob777as7> ok thx again
<helpme> SpudDogg: no, u were helpful. thank you
<helpme> bye all
<joebob777as7> sommer why doesn't *:443 work? why does it have to be the ip address?
<sommer> joebob777as7: because that will configure apache to send regular HTTP requests using port 80, I believe
<joebob777as7> that's what I want I think... I want all normal requests to go to port 80 and then one set of requests to mail.domain.com to get redirected to 443... with it set to *:443 I still get the BAD REQUEST thing...
<sommer> joebob777as7: righ, but *:443 sends all traffic through port 443, which isn't what you want
<sommer> joebob777as7: what you'll need to do is setup on <VirtualHost IP_ADDRESS:80> and another <VirtualHost IP_ADDRESS:443>
<sommer> joebob777as7: then place your rewrite rules in the :80 virtual host
<joebob777as7> sommer ok I think I get it. also in the rewrite is there a way to run something with mail. through 443?
<sommer> joebob777as7: not sure what you mean?
<joebob777as7> I think it is just a lack of understanding on my part of the rewrite. I'll research more then ask later if I have questions.
<sommer> joebob777as7: okay, no problem
<sigger> sommer: realized I forgot to say thank you for helping me yesterday trying to help me salvage my server (mysql in particular). sooo.... Thank you!
<sommer> sigger: you're quite welcome
<sigger> nuked it and started over.  headaches in locating all the little scripts and configs that needed to be saved (and did miss smbpasswd), but eventually "got 'er done"
<sommer> sigger: sweet, sometimes the only thing to do is knuckle down and muscle through :-)
<sigger> yep.  gives the chance to clean house and also put some a doc together on "what to do if"
<sigger> s/some/
<sigger> it would be fantastic if there were a script to save and restore things certain /etc/ files and maybe some other /var info.
<sigger> Damn Small Linux has it as part of their upgrade process
<sommer> sigger: I use a svn repo to store most, if not all, my configs... great for mistakes, and config history
<sigger> but using a svn repo requires you to drop them into the repo, no?
<sigger> DSL's upgrade process has a file where you list the stuff you want to save and scrapes out the users/groups/etc.  Very automated.  very neat.  would be handy for instantiating a new server.
<sommer> yep, they need to be checked in, and commited when they're modified... for that I keep a checkout of the repo in my home directory
<sommer> sigger: that would be handy... you could make the suggestion for the next release :-)
<sigger> prolly not a bad idea.  And the script exists, albeit DSL specific.
<sigger> obviously not the 28 day from now release ;)
<sigger> ubuntu-devel mail list the right place for that?
<sommer> sigger: um, probably ubuntu-devel-discuss list
<sigger> oops, ya that's what I meant to type.  thx
<sommer> sigger: or create a Blue Print in Launch Pad for Intrepid
<sigger> that I'm not familiar with.  will google
<sommer> sigger: ya it's in wiki.u.c somewhere
<nijaba> sigger: https://wiki.ubuntu.com/FeatureSpecifications
<sigger> thx.  ya been poking around launchpad and trying to read through the many, many,many specs to make sure I don't submit something thats already there.  thx
<dthacker-work> did bacula make the cut for inclusion in hardy?
<Jeeves_> http://nl.archive.ubuntu.com/stats/cacti/
<dthacker-work> Jeeves_: nice
 * dthacker-work is working on a zabbix config himself
<sommer> is it a good idea to share an nfs mount through Samba?
<sommer> just wondering if there are any major issues doing that
<Jeeves_> sommer: I wouldn't recommend it
<Jeeves_> For locking and caching, it sounds icky
<sigger> I had issues when I did it once.
<sommer> heh, I was thinking along those lines, but wasn't sure what the results would be
<sigger> oh, it wasn't ubuntu though.  it was knoppix, but debian based, so prolly same result
<sommer> ya, I'll stear clear of that idea :-)
<sommer> thanks
<sigger> np
<wo0f>  
<sigger> anyone wanna have a gander at my specification for launchpad?  never written one of these
<sigger> well if so, here it is: https://wiki.ubuntu.com/ConfigSave-ConfigLoad#preview  any comments will be appreciated.
<sommer> sigger: looks good to me
<smiley__> sigger .. looks good, great idea
<smiley__> but could one not just use dd?
<smiley__> i guess i understand the hardware limitation of it
<sigger> Only works with exact same size partition, no?  picture replacing your main HD.
<sigger> Just thought of another use case too.  Want a temporary server?  run livecd and ConfigLoad with data from another server.
<sigger> Instant temporary server.
<sigger> oh and thanks smiley__
<jackrazz> hey everyone I'm trying to vnc to a remote PC via a reverse ssh tunnel
<jackrazz> I can connect successfully via terminal, but I need a vnc_viewer connection.
<jackrazz> what is the vnc command to do this?
<jackrazz> I've use this to revserse connect
<jackrazz> Remote PC Command: ssh -R 55540:localhost:22 jackrazz@192.168.1.146
<jackrazz> My PC comand: ssh -p 55540 alleta@localhost
<sigger> well its in Launchpad.  Since I don't have the capacity to actually write it, I don't know how this'll work out, but its certainly worth a shot.
<jackrazz> I've tried vncviewer localhost:0
<JaxxMaxx_> I've used putty to set up SSH tunnels for VNC before, but I had to connect to specific localhost ports to get the connection...
<jackrazz> I think i'm using the wrong port (the :22) I'm tryin port 5900 now
<JaxxMaxx_> Hmm.  MySQL command to delete a database?  I need to remake this SQL database for FreeRADIUS...
<sigger> drop?
<joebob777as7> JaxxMaxx get mysqladministrator! you won't regret it.
<JaxxMaxx_> it an apt package?  Mostly I'm just trying to get FreeRadius working
<joebob777as7> jackrazz why don't you use x11 forwarding?
<joebob777as7> JaxxMaxx yes apt-get install mysqladmin I believe
<sigger> mysqladmin is in the std package if you installed LAMP ubuntu server
<joebob777as7> JaxxMaxx sorry it is mysql-admin package
<joebob777as7> mysql-admin - GUI tool for intuitive MySQL administration
<JaxxMaxx_> I'm not sure if I put in the LAMP role on this t hing when I first installed
<jackrazz> joebob, I'm very new at this..sorry. I'm not sure what x11 forwarding is
<sigger> Jaxx, try typing mysqladmin and see what happens ;)
<jackrazz> I issued ssh -R 55540:localhost:22 jackrazz@192.168.1.146 on the remote pc
<jackrazz> and ssh -p 55540 alleta@localhost on my pc
<JaxxMaxx_> ack, that looks like a GUI program, this server is headless.
<JaxxMaxx_> waaay too many dependancies
<sigger> not GUI
<sigger> CLI
<jackrazz> I then tried vncviewer localhost:0
<sigger> I just use mysql personally
<joebob777as7> jackrazz if I were you I would get the free version of nomachine. That would be best easiest and it goes over port 22 by default
<joebob777as7> nomachine.org
<JaxxMaxx_> heh, adding the package in aptitude is adding 233MB of dependancies on this server. =]
<jackrazz> ok, so the ssh commands should set up the tunner. I have a terminal on the remote pc.
<sigger> Jaxx, anyway other option (if you have apache/php) is to use phpmysqladmin (or something like that)
<joebob777as7> JaxxMaxx_ yes is gui
<jackrazz> I just need a viewer to the remote pc with its her remote account
<sigger> I now I see the hyphen in mysql-admin.  mysqladmin is CLI
<JaxxMaxx_> heh.
<JaxxMaxx_> my aptitude can't seem to find that package.  it in universe?
<joebob777as7> jackrazz if you want to do X11 forwarding here is a quick and dirty guide...
<sigger> JaxxMaxx mysqladmin?
<JaxxMaxx_> foudn kmysqladmin
<sigger> great
<JaxxMaxx_> I don't want the kde version =]
<sigger> JaxxMaxx: mysqladmin (no hyphen, no k) not good?
<JaxxMaxx_> aptitude doesn't find it,  is there a way to look it up with apt-?
<sigger> you try typing mysqladmin?
<fromport> apt-cache search mysql|grep admin
<JaxxMaxx_> oh, hurrr, there it is, why not just try the command.....
<sigger> like.... try typing mysqladmin??? ;)
<tesla4> hello i just installed the x86 server version and very new to this. I want this to be a LAMP Server. I am at the command prompt and dont know what to do.
<JaxxMaxx_> sorry about my confusion level, this project is beginning to exasperate me.
<sigger> tesla4: easiest to me is reinstall specifying to install as LAMP server
<tesla4> done that
<fromport> tesla: "ubuntu lamp howto " in google
<tesla4> is there a channel that helps on using this for beginners?
<sigger> tesla4, this is a good one but you need enough background to know what question you want to ask.  try some googling/reading then asking specific quetsions
<tesla4> i have installed this os on a windows virtual server. I would like this to be my webserver so i can get out of IIS. My question i guess is that now that i installed this and configured it for a LAMP server what next?
<tesla4> how about this. I am logged in to my system and how do i assign an ip address to my server?
<joebob777as7> tesla4 modify /etc/network/interfaces
<JaxxMaxx_> I think the server guide listed in the chantopic has IP config information
<tesla4> thanks for the link whom ever send it to me on sudo.
<tesla4> when i edit the interfaces file and enter dns-nameservers 0.0.0.0 how do i add a second NS
<dthacker-work> tesla4: put the second nameserver on a new line below the first
<tesla4> so i would add another line with dns-nameservers 1.1.1.1
<dthacker-work> tesla4: like this http://paste.ubuntu-nl.org/61273/
<tesla4> I dl webmin and now i need to install it. How can i copy a file from my windoze client to my ubunto server. I tried ftp but doesnt seem to work
<spiekey> hi
<spiekey> i have trouble with vsftpd
<joebob777as7> tesla4 you can mount -t cifs to mount a windows share
<spiekey> as a anonymous user i can upload files but not download them or delete them
<spiekey> any idea why?
<joebob777as7> spiekey i'm sure it's an anonymous user permissions in a config file... ;)
<spiekey> i guess so. the unix permission look okay
<joebob777as7> spiekey not sure at all. ftp is crap with unix permissions stuff. way too complicated lol. did you check the server manual?
<spiekey> yey! Found it!
<spiekey> anon_other_write_enable
<tesla4> i added the lines nameserver 10.0.0.1 and nameserver 10.0.0.2 and after i save the file and try to do a ifdown eth0 it errors out and says duplicate option
<tesla4> nm i found where to add the dns servers
<tjaalton> I'm merging nfs-utils, since it has a couple of important fixes and a ton of manpage updates.. filing a FFe as well
<tesla4> i am trying to mount to a shared directory on a windows server and having no luck. I keep getting "No such File or directory"
<tesla4> this is the command i use "sudo mount -t ntfs //server/share -o username=user,password=pass /mnt/server
<SpudDogg> ls
<joebob777as7> tesla4 i think -t cifs
<tesla4> i tried cifs but it keeps giving me an error
<tesla4> so i ran this sudo apt-get install smbfs
<joebob777as7> sudo apt-get install smbtools maybe? i think that's the package...
<joebob777as7> tesla4 do you have fusesmb installed?
<tesla4> dont know
<joebob777as7> tesla4 sudo apt-get install fusesmb and then try to mount -t cifs
<tesla4> i got it to work
<tesla4> i added the username and password of the windows share and it work
#ubuntu-server 2008-03-28
<mutabi> hey all - does anyone know any good visual designers for mysql that work under linux at all? something like mysql workbench for linux ?
<mutabi> okay answered my own question: http://ondras.zarovi.cz/sql/  :-)
<joebob777as7> tesla4 Great!
<jetole> hey guys
<joebob777as7> hey jetole
<jetole> if I don't specify a route/gateway in my /etc/networks/interfaces then ubuntu seems to choose one for me automatically, can I disable this?
<jetole> or do I have to write my own f$!#ing network startup script?
<joebob777as7> jetole what is the purpose?
<hellspawn> got a basic server and would like to have dual hd's one for backup. program suggestions??
<jetole> I have a machine with three public routes on three seperate interfaces and only one is supposed to be the gateway so I set the nic to manual and or static and apply the ip and netmask and then setup the expensive static routes and I could not figure out why I had multi default routes until I took all routing off and they were still there and when I didn't start 3 of the nic and set it up verbatim from the pre-up I used and the ...
<jetole> ... ip command in interfaces it came up properly
<joebob777as7> hellspawn cron rsync
<jetole> hellspawn: yes, network based backup
<hellspawn> k that should start me in the right direction
<jetole> also rdiff-backup works better then rsync for backup
<hellspawn> excellent
<joebob777as7> hellspawn I use cron rsync over ssh
<jetole> rsync is really not where you want to look for backups but is a great tool for replicating data offsite
<jetole> rdiff-backup provides more backup specific options
<hellspawn> just a basic duplicate of files to the other hd on the server
<jetole> read about it in "backup and recovery" from o'reilly
<joebob777as7> hellspawn I swear if you use rsync you'll be happy
<jetole> hellspawn: maybe rsync then, rdiff backup only copies changes keeps date info so I can pull how file looked since backup on X day etc etc
<jetole> you might be
<jetole> like I said, rdiff-backup is really designed for the backup process and rsync isn't but that makes rsync simpler and stupider for the task
<jetole> i am not bad mouthing rsync, stupid for the task sounds like what you might want
<jetole> but I would do it to another computer
<jetole> having backups to the hard drive is great till the computer crashes
<joebob777as7> a quick and dirty backup is rsync over ssh with self signing ssh
<twb`> Kerberized NFSv4 doesn't love me.
<hellspawn> while it may be "dumb" for the job I can make it a weekly task and save important data
<jetole> I use self signing for mine as well
<jetole> hellspawn: absolutly, I use rdiff-backup nightly
<jetole> hellspawn: so you don't know how I can disable routing in interfaces?
<joebob777as7> hellspawn rsync -vaz /path/to/data server:/path/to/backup
<jetole> or anyone know how routing can be disabled in interfaces?
<hellspawn> joebob777as7 seems easy enough
<hellspawn> jetole I think you need to look at your net.eth0 script.. but that may be gentoo
<hellspawn> too many distros.. so little time
<jetole> yeah thats gentoo alone
<jetole> screw it, I am writting an rc script for these interfaces
<hellspawn> jetole  /etc/network/interfaces
<hellspawn> jetole: that may have been the smartest thing I'vev written all day
<jetole> hellspawn: come again
<hellspawn> jetole: check out /etc/network/interfaces
<jetole> hellspawn: thanks for the advice
<jetole> 22:56 < jetole> I have a machine with three public routes on three seperate interfaces and only one is supposed to be the gateway so I set the nic to manual  and or static and apply the ip and netmask and then setup the expensive static routes and I could not figure out why I had multi default
<jetole>  routes until I took all roting off and they were still there and when I didn't start 3 of the nic and sedt it up verbatim from the pre-up I  used and the ...
<jetole> 22:56 < jetole> ... ip command in interfaces it came up properly
<jetole> 22:54 < jetole> if I don't specify a route/gateway in my /etc/networks/interfaces then ubuntu seems to choose one for me automatically, can I disable this?
<jetole> notice the time gaps
<hellspawn> jetole: why don't you just give me your address and I'll send you my extra router
<jetole> why do I need another router?
<hellspawn> why are you using a computer as a router??
<jetole> I have a linux IDS here with 11 NIC
<hellspawn> I may be misunderstanding
<jetole> hellspawn: static routes for an inline IDS
<jetole> not that I don't think a computer cannot perform as an excellent router but I am deffinitly having issues at the moment with it
<hellspawn> I could tell you a solution but it would be a gentoo one not a debian one
<jetole> well I am already writting the rc script and taking it out of interfaces all together
<jetole>  /etc/network/interfaces
<wo0f>  
<piedoggie> I'm testing out  8.04 beta as a guest under vmware workstation with the goal of running under vm ware server.  I need to run vmware tools to enable clean shutdown/startup.
<piedoggie> I installed the virtual kernal and the vmware tools install complains about the supplied vm kernel modules
<piedoggie> what is the one-true-way of installing vmware tools?
<JanC> 8.04 has pre-compiled vmware tools in the repositories IIRC
<piedoggie> any idea of the name?
<JanC> openvm* or somthing like that
<piedoggie> only find the x11 video drivers
<JanC> open-vm-tools
<JanC> http://packages.ubuntu.com/hardy/open-vm-tools
<piedoggie> got it
<piedoggie> thanks
<JanC> np  ã
<piedoggie> hmm selecting the gui version installs a *boat load* of packages :-)
<JaxxMaxx> oooh, unicode smiley
<piedoggie> it is the future man..
<JaxxMaxx> what's the keycode for that one?
<piedoggie> don't know.  fumble fingert it into existance.
<JaxxMaxx> must be using multinational keyset
<JaxxMaxx> Â©
<piedoggie> copyright??
<JaxxMaxx> Â£
<piedoggie> pound
<JaxxMaxx> Â¢Â¡Å¸â§Â¥ÅÅâºÂÅ¡â¢
<piedoggie> cool
<JaxxMaxx> the joys of alt+numpad
<piedoggie> ugh.  the open vm tools don't do the clean shutdown it seems
<jetole> JaxxMaxx: I remember back in the windows 95 days and even windows 98, alt+255 created a hard space and you could make a folder in dos that windows didn't know how to open
<JaxxMaxx> Nice place to stash the goods
<rhineheart_m> hello.. what's the correct permission to module directory? is it www-data?
<Kamping_Kaiser> what modules
<rhineheart_m> sorry.. wrong entry..
<rhineheart_m> Kamping_Kaiser, if ssh server can be accessed in the internet.. is it safe?
<Kamping_Kaiser> that is a nonsense question
<rhineheart_m> okay.. sorry for the nonsence question then.
<Kamping_Kaiser> its as safe as the weakest password on the system
<rhineheart_m> how about having a password if 15letters plus 2 digits.. that format is safe?
 * Kamping_Kaiser shrug
<faulkes-> if you are going to put a server up with ssh, then passwords can always be guessed, regardless of length
<Kamping_Kaiser> afk. sleep
<faulkes-> you should be looking at additional measures
<faulkes-> such as restricting the hosts which can ssh to the server via iptables
<faulkes-> or installing and configuring fail2ban
<faulkes-> or both ;)
<Kamping_Kaiser> hosts.allow/deny is a nicely crude way of doing it
 * Kamping_Kaiser really gone
<rhineheart_m> but I'm using a dynamic IP to access server back in the office.. how would I do that? how about using private key file?
<soren> The safe choice is to disable password logins altogether and only do pubkey authentication.
<faulkes-> that's another option as well
<rhineheart_m> uhuh.. please advise me the safest way to do it?
<soren> I... er... just did?
<rhineheart_m> I mean. which is the safest way to secure the box with ssh server...
<soren> WEll, that's not entirely true.
<soren> The safe choice is to turn the thing off or not plug it into the network.
<rhineheart_m> at least.. the safest
<rhineheart_m> soren, that's an excellent one. but I guess.. it's the only avenue for me to send files to server with the use of ssh server by winscp
<faulkes-> we've presented you with a number of options, it is up to you to decide which you feel meets your requirements for security
<rhineheart_m> I guess I would choose pubkey auth
<soren> Ok. Do that then.
<rhineheart_m> now.. may I ask you guys here..how to change the username administrator into something else I want.. the administrator was the one I set when I set-up the box
<soren> rhineheart_m: There's no tool to do that. You need to change /etc/{passwd,group,gshadow,shadow} manually.
<rhineheart_m> okay.. so how to do it?
<faulkes-> if you are only changing the person who has sudo ability
<rhineheart_m> yeah.. I want to change the username with sudo ability
<soren> rhineheart_m: You open those files and change the name whereever you see it.
<faulkes-> add the new account you want to be able to sudo to the admin group and remove the old account
<soren> Yeah, that's much easier.
<rhineheart_m> how to list down the usernames with sudo ability?
<faulkes-> check /etc/group and see who is in the admin group
<rhineheart_m> how to read the file?
<rhineheart_m> I tried cat /etc/group  <<<<is it the right one?
<sigger> I notice the apache conf file doesn't have LoadModule but does refer to a mods-enabled dir.  Do I just move stuff from mods-available to mods-enabled and restart to add a mod?
<nijaba> sigger: a2enmod
<sigger> thx.  (gees, not much on its man page tho!)
<sigger> guess theres not much to say.
<soren> rhineheart_m: getent group admin
<nijaba> sigger: similarly you have a2ensite
<rhineheart_m> soren, thanks.. do you use winscp?
<soren> I don't run windows.
<soren> ...and that sounds like a windows application?
<rhineheart_m> soren, okay.. how about scp?
<soren> Sure
<rhineheart_m> do you know how to allow it to write files in the directory?
<soren> scp isn't special w.r.t. filesystem permissions. If the user has write access, that's it.
<rhineheart_m> okay.. how to make a user to have write access?  I guess the user m using doesn't have it.. but it is the user with sudo power.. I just don't know why the server won't allow to write
<soren> Try over in #ubuntu.
<soren> rhineheart_m: "For general (not server specific) support visit #ubuntu"
<NineTeen67Comet> I know this isn't only Ubuntu but I've noticed when I run top on my server, I see a ton of Apache running. I have 11 sites on this server, would each one be requesting an instance of apache? Right now my bandwidth is limiting even myself to get into my server, but I've got top running is how come I'm asking.
<fromport> apache forks, but not for every website
<fromport> one website could also produce 100 apache processes
<NineTeen67Comet> Okay, it just seems like it is really running a lot ..
<NineTeen67Comet> no biggie, I think my current bandwidth hogging is coming from one of my other boxes (just don't know which one) ..
<fromport> apt-get install iptraf vnstat
<fromport> and of course: read themanuals ;-)
<faulkes-> the number of apache children or workers is generally configurable, however the issue sounds more like one related to actual traffic rather than procecsses
<fromport> yep, i really like things like munin to monitor my servers ;-)
<_MMA_> Hi all. I'm trying to switch from SAMBA to NFS. Here's the issue: http://ubuntuforums.org/showthread.php?t=738086 Any ideas?
<sommer> _MMA_: are the permissions correct?
<_MMA_> Yep. I think I have it actually. Looks like I might need to define the subfolders in exports with the "nohide" option.
<sommer> _MMA_: these are the options I use: (rw,sync,no_root_squash)
<_MMA_> sommer: How does "no_root_squash" effect things?
<_MMA_> I see the definition of the option, but an unsure what that means.
<_MMA_> s/an/am
<sommer> _MMA_: there's a good explanation here: http://www.freeos.com/articles/3421/
<_MMA_> sommer: Thanx
<sommer> _MMA_: not strictly necessar, but on a LAN I'm okay with it :)
<sommer> necssary even
<_MMA_> Ahh... Yeah. I get it now.
<eth01> boo
<Piet44> i have problem with enabling eth0 on ubuntu 7.10 jeos. I already edited the vmx file to ethernet address static but wont help
<Piet44> my error is NOT_IMPLEMENTED /build/mts/release/bora-44356/pompeii2005/bora/devices/net/vlance.c:1802
<sigger> I'd appreciate if a few people could take a look at this https://wiki.ubuntu.com/ConfigSave-ConfigLoad and tell me files that would need to be saved off a server that I might have missed.  Not a long read.
<sigger> Trying to get some more feedback before putting in front of the Ubuntu gods
<sommer> sigger: are you wanting a list of config file?
<sigger> well, configs that people would find useful to have backed up if they were migrating, etc.
<sigger> you consider passwd a config file?  if not (I don't think of it that way) then stuff like that too
<sigger> and of course welcoming a comment like "hey dopey, this already exists... its called xyz"
<sommer> sigger: just wondering, because I think the list is going to vary person to person
<sommer> I think what you have is a good explanation of what you're trying to accomplish
<sigger> sommer: it is.  thats why I suggest a cleartext file where folks can drop in the names of files they'd like to have backed.  but some just need to be.  e.g. passwd/groups
<sommer> oh, I see what you mean
<sommer> the defaults
<sommer> probably add /etc/hosts if you don't have it
<sigger> the feature rec pages suggest seeking user feedback, so just trying to do what they ask so I have the best shot at getting someone to pay attention to it.  I'm personally not the biggest lin expert in the world
<sigger> got that
<sigger> maybe cron stuff?
<sommer> I would think that would vary too much
<sigger> seems like it oughta be optional.  maybe its all in cleartext with no defaults, but the file starts off with some entrys to give folks a head start or some ideas.
<sigger> I never like unseen defaults personally
<sommer> maybe look at files that don't get modified depending on which packages are installed
<sigger> er, sorry, not followign
<sommer> I think hosts, passwd, and groups are a good start
<sigger> shadows, hosts
<sommer> well I was thikning of nsswitch.conf, but that can be modified depending on ldap, nic, etc
<sommer> er nis not nic :)
<sigger> hehe, I don't even know what that is.... sounds like a line in cleartext ;)
<sommer> it determines the resolv order for host names
<sigger> ah
<sommer> I'd stick with the three you have, those seem pretty sane to me, but either way
<sigger> so much stuff potentially, iface stuff.   but all that is up to sysadmin to spec in the cleartext.
<sigger> k, cool.  maybe I'll just tweak and leave that for the experts.  I don't even think this should be that hard in bash, as I think it through
<sommer> sigger: yep, you might also try and track down that dsl script you mention and maybe attach it to the page
<sigger> in the DSL chan right now asking for it.  thx
<piedoggie> setting up 8.04 Beta under VM Ware server.  Switched to the virtual kerneland now I'm trying to figure out how to force a clean shutdown when the host machine goes down.
<good_dana> i'm installing 6.06 on a ms virtual server 2005 r2 sp1 host, and its been sitting at the "installing core packages" for over an hour
<good_dana> and there's 0 CPU usage
<sommer> hey all, I just received this: udev hook script requires at least kernel version 2.6.17
<sommer> when doing a test upgrade from fiesty to hardy
<sommer> wondering if anyone else has had this issue?
<ScottK> sommer: I'd file a bug on that if there isn't one already.  Sounds like a sequencing issue.
<sommer> ScottK: ya, I did some searching and couldn't find a similar bug, but thought maybe someone else may have had the same issue
<sommer> I'll file one, thanks
<sommer> just to double check, the procedure I did was to: apt-get install network-manager-core, then do-release-upgrade -d
<sommer> does that sound right?
<ScottK> Yes.
<sommer> cool
<piedoggie> any suggestions on how to get a clean shutdown of an 8.04 guest under vmware server or workstation?
<mrpoundsign> does anyone know, offhand, how to enable innodb table support in mysql? It seems to be off in 5.0.45-1ubuntu3.3
<macd> Its on, just create a new table using it as the storage engine
<mrpoundsign> No, it's not on, it won't let me make tables with innodb support.
<mrpoundsign> it went away with an upgrade. It's enabled in 3.1, but not there in 3.3
<mrpoundsign> hmm, well, it looks like request-tracker is confused about innodb support
<mrpoundsign> ok, this is bizarre. SHOW VARIABLES LIKE 'have_innodb'; shows DISABLED, but I can create InnoDB tables;
<mrpoundsign> aah, interesting, if you specify innodb, it creates the tables as myisam
<agilista> any of you using gfs?
<mrpoundsign> so, it seems 5.0.45-1ubuntu3.3 is missing innodb support.
<zul> for bug #208411 if we dont do inetd default anymore then why dont we just remove it from the init script
<ubotu> Launchpad bug 208411 in dovecot "Please guard the inetd.conf checks" [Undecided,New] https://launchpad.net/bugs/208411
<mrpoundsign> is there a way to pull the config options to see what's happening? I think it's being compiled with '--skip-innodb'
<FreeNod1> hi can I start programs on my ubuntu server just like my ubuntu desktop?
<FreeNod1> ^^''
<mutabi> FreeNod1 no mate - it has no GUI so you need issue commands yourself to start apps.
<mutabi> mrpoundsign - get the source and build from scratch mate with the options you want - best way for a server deployment.
<infinity> soren: *whine*
<infinity> soren: Fix my dovecot bugs so I don't have to do it myself!
<FreeNod1> mutabi:  oh yikes... not even with a terminal client?
<mrpoundsign> mutabi: is there a doc on that?
<infinity> mutabi: Are you sure you don't want to be in #slackware?
<mrpoundsign> infinity: whats wrong with dovecot?
<infinity> mutabi: (It's not considered best practice in an Ubuntu support channel to tell people that they should go compile their own stuff when we happen to provide thousands of packages, specifically so they don't have to...)
<infinity> mrpoundsign: Oh, nothing terribly, just grumpy about init spew to stdout, and too busy to upload it myself. ;)
<mrpoundsign> infinity: how about telling me how to tell what the compile options are for ubuntu-server-5.0.45-1ubuntu3.3
<mrpoundsign> :) at lease mutabi is helping. though I would much rather use a package, or get someone to confirm the problem.
<mrpoundsign> and I will file a bug if I can get someone to confirm the issue.
<infinity> mrpoundsign: Err, "ubuntu-server" isn't a package...
<mrpoundsign> mysql-server, sorry
<infinity> zul: Don't remove inetd junk from the init script.  It's there to guard against people who DO have it installed.  It's correct, it's just not correct to do it blindly.
<infinity> zul: Sorry, completely missed you commenting on it.
<zul> infinity: yeah it was just a rhetorical question
<mrpoundsign> like, if someone can tell me how to get the source package, I can see if the innodb option is disabled upon compile :)
<infinity> mrpoundsign: I could be smoking something, but I don't see us shipping 5.0.45 binaries at all... We ship 5.0.51a-3ubuntu5
<mrpoundsign> gutsy-updates
<infinity> mrpoundsign: Source packages can be snagged with "apt-get source ${package}", assuming you have "deb-src" lines in your sources.list that match your "deb" lines.
<infinity> mrpoundsign: Ahh, and here I am assuming hardy's more recent than gutsy. :)
<mrpoundsign> and where would it put this source when I am done downloading?
<infinity> mrpoundsign: In CWD.
<mrpoundsign> keen.
<mrpoundsign> with all the patches, etc?
<infinity> mrpoundsign: Yup.
<mrpoundsign> infinity: and 5.0.51 > 5.0.45 ;)
<infinity> mrpoundsign: It'll download foo.orig.tar.gz (upstream), foo.diff.gz (patches), foo.dsc (manifest of the previous two), and then helpfulling apply B to A and dump it in a foo-$ver/ directory.
<mrpoundsign> and where do I see the config options?
<infinity> s/helfulling/helpfully/
<infinity> mrpoundsign: foo-$ver/debian/rules would be your best best.
<mrpoundsign> keen.
<infinity> (In gerneral... In the specific case of MySQL, that's definitely where they're defined, unless someone's mangled it severely since I used to maintain it)
<mrpoundsign> infinity: are you running .51a? Does "SHOW VARIABLES LIKE 'have_innodb';" show enabled to you?
<infinity> | have_innodb   | YES   |
<infinity> 5.0.51a-3ubuntu4
<mrpoundsign> ok, this is nor infinitely frustrating. It looks like the package source should have it enabled. grr.
<mrpoundsign> ok, ok... there's nothing in the startup script relating to innodb. skip-innodb is not enabled in /etc/mysql/my.cnf -- anything else I should look at? Any ideas what so ever?
<infinity> I'm short on ideas right now, due to trying frantically (and failing miserably) to multitask.
<infinity> mrpoundsign: You should at the very least file a bug at https://bugs.edge.launchpad.net/ubuntu/+source/mysql-dfsg-5.0
<mrpoundsign> thanks for all the help. This is even worse -- I updated another machine, and it's enabled. copied the my.cnf from that machine to the non-working machine, and it's still disabled.
<mrpoundsign> yeah, now I am not sure if it's a bug or a misconfiguration.
<infinity> mrpoundsign: Oh, that's bizarre.
<mrpoundsign> both 1686 arch, both 2.6.22-14
<mrpoundsign> i686
<mrpoundsign> is there a way to force a re-download and install of the package without losing my databases?
<infinity> apt-get --reinstall install mysql-server-5.0
<mrpoundsign> ok, how about getting it to re-download as well?
<mrpoundsign> seems to be using the already downloaded package.
<zul> infinity: what do you see without the if then in the dovecot init script?
<infinity> "apt-get clean" first.
<infinity> root@loki:~# /etc/init.d/dovecot restart
<infinity> sed: can't read /etc/inetd.conf: No such file or directory
<infinity>  * Restarting IMAP/POP3 mail server dovecot                                                  [ OK ]
<mrpoundsign> there we go. Where does it put the packages so I can md5sum them to compare, if I need to? :)
<infinity> mrpoundsign: /var/cache/apt/archives
<zul> infinity: gotcha
<infinity> zul: Thankfully, that part of the script isn't set -e, so it doesn't fail, but it's still fugly. ;)
<mrpoundsign> infinity: awesome, thanks. :) will let you know what I find, if anything.
<zul> infinity: uploaded
<infinity> zul: You're a champ.
<zul> infinity: np
<piedoggie> found shortcoming open-vm-tools package on 8.04.  It's missing all of the default scripts for power up, powerdown, suspend, restart.  Yes, I filed a bug
<mrpoundsign> infinity: md5 summaries match; same problem. Is there a file that specifies start-up options for mysql? Nothing in /var/mysql (or it's sub directories) seems to be mismathed between the two machines
<infinity> mrpoundsign: Everything in /etc/mysql, the init script itseld and, there's always the slim chance that the user starting it has something setup in ~/.my.cnf
<mrpoundsign> infinity: they are all identical across the two machines.
<mrpoundsign> (at least, as far a md5 can tell)
<infinity> mrpoundsign: Of course, some variables can be set in the mysql DB itself.. Not sure if have_innodb is one of them (seems like an odd one to allow people to set).
<soren> infinity: Are just whining or do you have a bug number? :)
<mrpoundsign> infinity: and I definitely didn't set it. :) where can I dump those options?
<infinity> soren: Not only do I have a bug number, but zul already fixed it.
<soren> infinity: Oh :)
<swingr> hi
<infinity> soren: Yeah, you totally missed out on your chance for free booze as compensation, sorry.
<soren> infinity: What if I threaten to break it again?
<swingr> hi! i got a question. i tried to setup a crypted debian server, but the installer is buggy.  now i wanna try ubuntu server.  i have 2 hdd, want to run them on raid1  and encrypt this.  does ubuntu server installer offer all of this?
<swingr> does the installer offer cryptsetup during installation?  and will there be any bug, like in debian etch?
<soren> That should work.
<swingr> ok, then i will download and have atry
<FreeNod1> do I need to untar a program in specific place to use it?
<FreeNod1> ^^''
<mrpoundsign> infinity: I think I found it; somehow my /tmp directory permissions got munged. Do you know how to set the correct permissions?
<infinity> mrpoundsign: chmod 1777 /tmp
<mrpoundsign> infinity: zomg. <shoots self in head>
<mrpoundsign> how the *** did /tmp get changed to 700?
<mrpoundsign> infinity: nothing in mysql.err, it was in syslog.
 * mrpoundsign cries
<zul> infinity: wohoo...free booze
<infinity> zul: I made no such promises to YOU, just saying that soren missed out. ;)
<zul> infinity: fine then :P
<zul> im going to go watch family guy then
<soren> You tease.
<soren> But I knew that.
<good_dana> i put in the wrong dns entries when i was installing my server how do i change them to ones that work?
<mrpoundsign> good_dana: do you mean the hostname?
<good_dana> mrpoundsign: no i mean where it looks to resolve hostnames, i figured it out though
<mrpoundsign> good_dana: /etc/resolv.conf -- if that's not the answer you already had :)
<good_dana> the other question i had was how can i force it to load 640x480x32 on boot like i had to do for the install?
<good_dana> mrpoundsign: thanks, that is the answer i had :)
<zylstra555> Hello. Just had a power failure... I need to check my server for hard disk issues. How do I do that?
<donsmouse> sudo fsck
<donsmouse> sorry sudo fsck /dev/xxx,where xxx is the name of your harddrive
<zylstra555> donsmouse: "WARNING!!! Running efsck on a mounted filesystem may cause SEVERE dammage"
<donsmouse> yeah,i read that on a post in the forums
<donsmouse> has anyone tried the new ubuntu 8.04 beta?
<zylstra555> I have, it seems stable (the server version) enough for my forum site
<donsmouse> yeah i tried it and it seems to work ok,but still in the testing stage
<donsmouse> well i'll talk to you guys later,have to go to work
#ubuntu-server 2008-03-29
<rhineheart_m> hello.. how to change the homedirectory of a user?
<faulkes-> Bit Rate=60 Mb/s   Tx-Power=14 dBm
<faulkes-> always nice to see that ;)
<rhineheart_m> hello.. how to determine if IPV6 is the cause of intermittent connection
<rhineheart_m> I just so curious about this before heading into disabling IPV6 in my server..
<haji88> Hi I'm trying to start a FTP server and this is my first time, so here is my question I got proftp installed and I can access the server and upload and download files on my local network, but how can I access the server from the internet. I mean do I need like an online host or something like that?
<rhineheart_m> hello.. is disabling IPV6 cannot disrupt web server operation?
<rhineheart_m> I only found out that my router cannot support IPv6.. and I guess it might be the reason of intermittent connection in my LAN
<rhineheart_m> any feedback please..
<haji88> I guess nobody is here :-(
<rhineheart_m> yeah....
<rhineheart_m> they're here but they are sleeping.. LOL
<haji88> I guess
<rhineheart_m> okay.. let me help you :)
<rhineheart_m> just do port forwarding port 21 in your router to your box
<rhineheart_m> unless you've changed the default port number
<haji88> no my port still 21
<haji88> but I don't know what should I do to connect to my server over the internet
<rhineheart_m> okay.. then try it
<rhineheart_m> you could use filezilla or any ftp client. what matters most in here.. your box supports ftp service
<rhineheart_m> and your router/firewall allows external access to ftp port
<haji88> sorry I wasn't clear, what I meant is what should I type in filezilla to get connected to my server?
<rhineheart_m> mmm.. just type in your IP in the host then the username and pssword then port number
<haji88> does this work online?
<rhineheart_m> there should be boxes corresponding those data
<haji88> sorry but I don't get it
<rhineheart_m> mmm.. try this: http://helppages.obsidian.com.au/HelpCenter/tutorial/filezilla
<haji88> ok I'll give it a try, thanks! :)
<owh> sommer: ping
<sommer> owh: yo
<owh> Hey. Did you get the email I just send a few minutes ago?
 * sommer checking
<owh> s/send/sent/
<sommer> owh: ya, I haven't read through your entire diff yet
<sommer> from what I have though I think most of the spelling errors were corrected
<owh> sommer: There was a server 500 error on bzr.launchpad to download the C directory and some of the .xml files, so I asked in #LP and was given a tgz by spiv.
<owh> sommer: Is there a way to check if my source and your current version are the same?
<sommer> um, what happens if you do bzr update?
<owh> sommer: I cannot do that, I have a vSat connection and downloading the 88Mb of the document tree takes many hours.
<owh> sommer: The biggest problem is not the 88Mb, it's that each file comes down individually.
<sommer> owh: ah, one sec
<owh> sommer: If I look at the file times on this directory, they're all from different times all on 27-03-2008
<owh> sommer: Is there an embedded version string anywhere?
<sommer> owh:  I don't think so
<owh> sommer: Crap, and we call ourselves developers :|
<sommer> I call myself sommer :)
<owh> ROTFL
 * owh tries to enforce version control in configuration files even.
<owh> sommer: I just checked one of the files. What I have and what bazar has as the original are the same.
<sommer> owh: ya, the last commit to the serverguide was:  Sat 2008-03-22 16:59:56 -0400
<owh> sommer: That means that my edits are edits with respect to what is currently in bazar.
<owh> sommer: The last commit, does it contain your updates?
<sommer> yes, but not the ones you sent me
<owh> sommer: Cool, then the server guide as it stands is still riddled with spelling errors, let alone inconsistencies.
<owh> sommer: Would you like me to give you a diff that excludes example.com changes etc?
<keithclark> Does anyone know is ssh is broken between a computer running 8.04 and one running 7.10?
<owh> sommer: Just typos and spelling errors?
<owh> keithclark: Works for me. Perhaps you have v2 vs. v1 issues.
<sommer> owh: sure, but I'll have to double check that it's cool to commit it
<owh> sommer: If you can do that before I do the work, that would be appreciated.
<owh> keithclark: What I meant with my cryptic response is that sometimes you can force sshd to ignore v1 connects.
<sommer> owh: okay, I'll have to ask Matt East who is in UTC time zone, so it'll be tomorrow
<keithclark> owh, not sure.  I can access the 7.10 from the 8.04 machine, read the directories and even play media files.  But, when I try to save something to it, a progress bar comes up and nothing else happens.  The remote computer is also no longer available until a logout/login.
<owh> sommer: That's cool. If you can tell me from my first email which things you don't want, then I can do something about it. But apart from username and example.com changes, I've not changed actual words.
<owh> keithclark: I have no idea what you are trying to describe. If you can connect and read directories across ssh, then the problem is not ssh.
<sommer> owh: what I was getting at in my reply is that some of the spelling mistakes in the diff you sent me are fixed
<keithclark> owh, I can connect and read, until I try to save a file.
<sommer> does that make sense?
<owh> sommer: No.
<owh> sommer: Specifically:
<keithclark> owh, I cannot write to the disc.  No error, just a frozen progress bar.
<sommer> the firt entry in backup.xml where I had "Backuping"
<sommer> I caught that with the last commit
<owh> sommer: Well, bazaar does not show that.
<rhineheart_m> I tried this: lsmod | grep ipv  and this is the response: ipv6                  278916  24 what does it mean?
<owh> sommer: I just downloaded it from bazaar then and I still have backuping.
<owh> keithclark: How are you "saving a file"?
<keithclark> owh, copy/paste with Nautilus and sftp://
<owh> keithclark: sftp != ssh
<owh> rhineheart_m: If you run lsmod | head, you'll see the column names :)
<keithclark> owh ???
<owh> keithclark: sftp and ssh are not the same.
<rhineheart_m> can anybody here has an idea on how to remove IPV6?
<rhineheart_m> I tried this one.. sudo rmmod ipv6   and I got this error: ERROR: Module ipv6 is in use
<owh> rhineheart_m: Your Ethernet interfaces are likely using it.
<rhineheart_m> I tried : lsmod | grep ipv  and this is the response: ipv6                  278916  24
<sommer> owh: ah, there's more than one backuping... doh
<sommer> I must have hit the ignore key when using aspell
<sommer> crap!
<keithclark> owh, but sftp uses ssh, no?
<owh> rhineheart_m: Yes, that just means that there are no other modules using it, not that the module itself isn't in use.
<rhineheart_m> oaky.. so how would I disable IPV6? I am in the remote end
<owh> keithclark: Yes.
<owh> rhineheart_m: Without losing Ethernet connectivity, I doubt that you can.
<keithclark> owh, ok I guess I don't have a handle on my problem then.
<owh> rhineheart_m: I would not recommend doing ifdown eth0, because that would kill your remote connection.
<owh> sommer: That means that most of my diff is very relevant.
<owh> keithclark: Yes.
<rhineheart_m> so you mean.. the only way to do it is to work on it in the site?
<owh> keithclark: I suspect that you are looking at a permission issue, not an ssh issue.
<sommer> owh: probably, I'll try and check through it tomorrow, but there's still an issue with getting it committed
<keithclark> But I log in as me on the remote machine.
<sommer> post freeze and all
<owh> rhineheart_m: I do not know. I would like to understand why you would feel the need to disable IPv6, even if you're not using it. Personally I have no IPv6 experience at all.
<keithclark> owh, and if I log in as me and I am accessing my directories on the remote machine, it should work, no?
<owh> sommer: That is very true. I tried to get this all sorted out two weeks ago, but was unable to actually get the server guide downloaded :(
<rhineheart_m> I think IPV6 causes the internet disruption since my router doesn't support it..
<sommer> owh: do you think it's a huge issue as it is now?  aside from the spelling mistakes :-)
<owh> rhineheart_m: If it does not support it, there should be no interaction at all. The machine would use IPv4 to get to the world. From what you've described thus far, I suspect you have a different issue than you think you do.
<sommer> the consistancy thing is good, but I thought that each section was pretty consistant
<owh> sommer: Well it reflects poorly on our QA, it's going to be around for many years and we're not talking about changes that will affect any translation efforts.
<owh> sommer: I think its important to get it right.
<rhineheart_m> owh, I just got this idea: Ubuntu has a newer Internet protocol called IPv6 turned on by default. However, some hardware â such as NICs and modems â shows broken behavior when exposed to IPv6 related DNS requests. This leaves you wondering why DNS resolution seems slower or doesn't work at all.
<owh> rhineheart_m: Well, are you exposed to IPv6 related DNS requests?
<sommer> owh: it reflects on my QA... heh, the issue isn't that the translation is different it's that once you change the string you have to ask the translators to go back and check each one
<sommer> and since they're all volunteers...
<rhineheart_m> owh, how to determine if I'm exposed?
<owh> sommer: No, the string is the same. We're talking about a string that has an ID. I'm not adding/deleting lines, just repairing borked words.
<owh> rhineheart_m: What is the actual problem you're trying to solve?
<sommer> owh: right, but they use LP to do the translation and it shows up that a string has changed
<sommer> so they then have to go back and check it
<owh> keithclark: I think you're describing a permission/path issue, but I don't know that for sure. It may be that your sftp client is broken. I do not know.
<owh> sommer: Well, I do not know how rosetta works, but I would think that you can mark those changes as spelling errors. (If we remove the username/example.com changes.)
<sommer> owh: maybe, I just know that it was a minor issue when I corrected the ones I caught last week, which was only a few days after SF
<keithclark> owh, thanks for trying.  I'll keep searching.
<sommer> owh: I'll certainly ask though
<owh> keithclark: Why not use scp in the mean time?
<owh> sommer: Sure.
<rhineheart_m> owh, I have been diagnosing the problem of your network for almost a month already the ADSL modem is already new and the analog line has been replaced with a new one the ISP is responding well but they couldn't get really about the problem I'm just suspecting that IPV6 causing the intermittern connection especially when I am working to my box remotely.. I mean.. updating my website.. the MTU has been set to 1300 already which is I believe the
<rhineheart_m> recommended one..when I got disconnected.. the only way to be connected again is to refresh the connection
<owh> rhineheart_m: My network?
<rhineheart_m> sorry.. my network
<owh> rhineheart_m: So, you are seeing random disconnects, is that the problem?
<rhineheart_m> yeah
<rhineheart_m> BTW..I'm on ADSL static PPPoE and the dialer is my router
<owh> rhineheart_m: Sigh, I didn't really want to get into a big thing right this second, but I'll get a glass of water and come back.
<rhineheart_m> owh, okay. I will wait for you
<owh> rhineheart_m: Lets start at the beginning.
<owh> rhineheart_m: The remote computer is running which OS?
<rhineheart_m> ubuntu 7.10
<owh> rhineheart_m: Server?
<rhineheart_m> yeah
<rhineheart_m> nO GUI
<owh> rhineheart_m: How is it connected to the world?
<rhineheart_m> accessing SSH
<rhineheart_m> apache
<rhineheart_m> version2
<rhineheart_m> http and ssh
<owh> rhineheart_m: How is it connected to the world?
<rhineheart_m> what do you mean with how it is connected to the world? internet
<owh> Yes
<owh> Physically
<rhineheart_m> yeah
<owh> rhineheart_m: What is plugged into what?
<owh> rhineheart_m: This is not a trick question.
<rhineheart_m> SERVER>linksys (wrt54g) >adsl modem>internet
<rhineheart_m> owh, can I talk to you privately?
<owh> rhineheart_m: The ADSL link is PPoE?
<owh> rhineheart_m: Sure, if you pay me $120 AUD per hour to personally solve your problems.
<owh> rhineheart_m: Otherwise we'll stay right here.
<rhineheart_m> :)
<rhineheart_m> yeah it is
<owh> So, the WRT54g is running the PPoE client?
<rhineheart_m> yep
<owh> rhineheart_m: Are there any other computers connected to the WRT54g?
<rhineheart_m> yeah running windows
<owh> rhineheart_m: Are they losing connectivity?
<keithclark> owh: Never used it before.
<owh> keithclark: Used what?
<keithclark> owh: scp
<owh> keithclark: It's very nice: scp myFile bob@remote:/home/bob/thing/foo/bob
<rhineheart_m> yeah..
<owh> keithclark: That copies myFile to the remote computer and names it bob.
<owh> rhineheart_m: Then the problem has likely nothing to do with your server or IPv6. It's more likely to be related to the WRT54g or the ADSL connection itself. Also the MTU is normally 1500, not 1300.
<keithclark> owh: Yup, got you, and I think you are right. Permission errors.
<keithclark> owh, but I log in as me on the remote.  Same as if I were there.
<owh> keithclark: Yes, but if you're putting it into a place where you're not allowed to write, then it won't matter :)
<keithclark> It is in my home directory
<owh> keithclark: Run the scp command with the -v switch and see what it tells you.
<owh> keithclark: -v == verbose
<keithclark> owh, sorry (face red) typo.
<owh> keithclark: ROTFL - it happens to all of us.
<keithclark> owh: (blushing) it is working!
<owh> keithclark: I once couldn't find a bug that had $daemon and $deamon in it.
<owh> keithclark: All good!
<keithclark> owh: hahahaha....
<keithclark> owh:  So I take it that my Nautilus/sftp is broken and not ssh.
<owh> keithclark: It wasn't that funny at the time :)
<owh> keithclark: I couldn't say.
<keithclark> owh, no worries, scp is easy.
<owh> rhineheart_m: What have you done about troubleshooting.
<keithclark> owh, and thank you for your help!
<owh> rhineheart_m: The skill is in eliminating them one at a time. The fact that the Windows computers are experiencing the same issue, indicates that its something that they have in common with your server, eg. the ADSL connection or the router.
<rhineheart_m> owh, connecting to internet directly without the router
<owh> keithclark: No problem.
<owh> rhineheart_m: What did that show?
<rhineheart_m> owh, I did it before.. not yet this time.. I guess I have to try standalone this time
<rhineheart_m> owh, but before I bought the router.. same thing.. but the analog line wasn't changed yet
<owh> rhineheart_m: My personal guess is that the ADSL link is losing sync. Likely that's caused by either an ISP level fault, an exchange fault, physically connecting the ADSL network incorrectly to the phone system.
<owh> rhineheart_m: I doubt the router has anything to do with the issue, but its possible,
<owh> rhineheart_m: that the router is disconnecting the PPoE connection on idle.
<rhineheart_m> owh, you have really the experience there.. :)
<owh> rhineheart_m: Often problems like this are the simple things, not the complicated things.
<owh> rhineheart_m: Yeah, 26 or so years will do that :)
<owh> rhineheart_m: That is 26 years in the industry :)
<owh> rhineheart_m: Have fun. I'm off.
<rhineheart_m> owh, thanks for the inputs
<owh> rhineheart_m: No problem.
<sten_> hi.  I've found the one-liner "992 inet n - n - - smtpd" to  main.cf, to open a second smtp port, but "postfix check" returns:
<sten_> missing '=' after attribute name: "992 inet n - n - - smtpd"
<sten_> This is Postfix 2.5.1, on gutsy
<sten_> ah, it's supposed to go in master.cf...
<mib_bdg8wq> Can useraccounts be setup on ubuntu-server, so that when users login on their computers they connect to the server so files etc. are stored on there, not locally?
<rhineheart_m> how to change system time in console?
<ClaesBas> man date! and maybe man hwclock
<rhineheart_m> ows.. how to exit in man date?
<ClaesBas> q
<ClaesBas> may man man also.....
<rhineheart_m> thanks.. I just dunno how to change time in man date..
<ClaesBas> I meant maybe
<ClaesBas> date -s 03301533200800 && hwclock -w
<rhineheart_m> ows.. I can't really get you.
<ClaesBas> But it's better to install and config ntp which syncronize with some goot clocksource
<ClaesBas> s/goot/good
<ClaesBas> Or use ntpdate
<rhineheart_m> okay.. thanks.. I remembered I installed ntpdate before.. and it must be running
<Deeps> Hi, I'm trying to tranfer some files over an NFS share from a remote source over a slow link, and when i'm reading files from the nfs share, top reports a lot of IO wait, and if i'm writing, it goes bezerk, and the whole system slows to a crawl
<ClaesBas> ntpdate asks from time from a timeserver and sets it....
<Deeps> I know it's not a local issue as i can transfer files from my machine to another machine via scp at much higher speeds without any problem
<ClaesBas> Anybody here who have a server with lm-sensors running with ipmisensors (Redhat and others distros have it)?
<ClaesBas> No one with lmsensors running on a Proliant?
<kjdx> 	
<kjdx> Day I speak Italian and I try to speak English through google translate to find a support configured postfix but I can not understand how I have to do to generate a FQDN make it work for some of you I know how to say?
<kjdx> 	
<kjdx> I have a server ubuntu 7.10 does everything except Inbound outgoing can send the
<kjdx> Someone I know I am helping to solve the problem?
<ClaesBas> kjdx can you "Paste" your main.cf...
<kjdx> ok
<kjdx> http://rafb.net/p/wDyWXW96.html
<kjdx> For the configuration I followed this link:
<kjdx> Http://howtoforge.com/postfix_antispam_mailscanner_clamav_ubuntu_p2
<kjdx> But I do not know what I have to put FQDN
<ClaesBas> kjdx: I don't think you could have a smtp-server as "localhost"!
<ClaesBas> You have to have a real hostname which exist on dns!
<kjdx> 	
<kjdx> I have 8 websites active in name-based server
<kjdx> 	
<kjdx> I can make one of these?
<ClaesBas> I that hostname is "hosted" on this machine
<ClaesBas> I meant if (s/I/If)
<kjdx> sorry I did not understand
<ClaesBas> Change the line: myhostname = <to_your_real_hostname>
<ClaesBas> kjdx: I must leave for while now, hope you get it to work....
<kjdx> ok
<kjdx> 	
<kjdx> I changed and sent me back an email but this
<kjdx> http://rafb.net/p/6cF4Dz71.html
<kjdx> I changed after I rebooted postfix
<kjdx> 	
<kjdx> Three weeks trying to fix this thing :|
<lamont> nomesito.com lacks mx and a rrs
<kjdx> How it works?
<kjdx> sorry
<ClaesBas> Is your "mailservers" ip 62.149.230.86?
<ClaesBas> (host86-230-149-62.serverdedicati.aruba.it)
<kjdx> Ah ok hours trying
<kjdx> Ip that put put ip server that is, sites or have given ip to a mail server?
<kjdx> 	
<kjdx> Because I tried with ip of the server that is what they use for sites but does not work
<kjdx> I do not know what to do more
<AtomicSpark> i recently installed the new 8.04 beta server cd on a hp netserver 4something and i had that "doesnt go past loading local boot scripts" issue. now i've had this on my notebook for 7.10 alt and 8.04 both desktop too. is this a issue with the installer? it can't be drivers if this happens on more then one machine, expecially one that doesnt use GUI.
<yarddog> im running 6.06 LTS, i wonder when it will be stable to upgrade to the 8.04 LTS
<sommer> yarddog: definitely by the release date :-)
<yarddog> would i just change my sources.list or would i need a cd for that?
<sommer> yarddog: the best way is to use the do-release-upgrade command
<sommer> part of update-manager-core package
<yarddog> looking at it now
<jeandaniel_> Hello, can the hardy heron server be easily installed without a graphical environment?
<ScottK> That's the only way it can be installed.
<jeandaniel_> I installed hardy heron from the alternate CD, I installed kvm and downloaded the hardy jeos. I tried several kvm option to install jeos in a vm but could not get to a console. kvm on a graphical environment will launch an xterm on which one can see the boot and log in as in a console. Here without an X server running kvm will not launch. How can I do to install a vm without X server?
<jeandaniel_> this is one of the option I tried :
<jeandaniel_> sudo kvm -hda /dev/mapper/marge-trac -m 512 -boot d -cdrom /home/jd/hardy-jeos-i386.iso -net nic,vlan=0,macaddr=00:16:3e:00:00:01
<tmadsen> hi, I'm trying to set up a bridge. Do any of you have a good introduction to the subject, that maybe also digs a little deeper than basics?
<jeandaniel_> i also tried the option " -nographic -monitor stdio" but it implies that grub is configured to write to the console, and it also implies that the system has a getty listening on a tty configured in inittab. How can we configure such a thing now inittab is gone is favor of upstart?
<jeandaniel_> tmadsen: what do you want to do with your bridge? because if you want virtual machines hooked to the network via a local bridge on eth0, then I have found enough information for my needs on the website of kvm, on the debian install page
<tmadsen> i have a setup that is like 4 machines that need access to the internet trough a 5th jeandaniel_
<tmadsen> no virtual machines
<jeandaniel_> It seems to me that in this context, the 5th machine can be set as a router
<jeandaniel_> a routeur and a NAT usually
<jeandaniel_> does  the first 4 machines  have routable addresses or are they on a private network?
<jeandaniel_> if they are on a private network, then you definitely need a routeur and a NAT
<tmadsen> jeandaniel_: NAT is not an option for me, two of the machines are webhosts (port 80), and I'm pretty sure it should be possible to do it via bridging
<jeandaniel_> ok, then I am pretty sure your 4 first machine are not on a private network, and indeed i can be solved via a bridge
#ubuntu-server 2008-03-30
<yarddog> anyone notice after updating to 8.04, that the nvidia binary thinks this is a xen kernel and wont install?
<yarddog> i guess the nvidia binary thinks the new server kernel supports xen
<sommer> yarddog: I'm pretty sure that it does
<yarddog> yeah, im wondering how to get the nvidia support then
<sommer> are you installing the nvidia drivers on a server kernel?
<yarddog> binary
<yarddog> its from their site
<sommer> you'll probably want to install the generic kernel then
<yarddog> nv works in xorg
<yarddog> may have to live with it
<sommer> vesa should work too, heh
<yarddog> hehe
<sommer> are you installing on an actual server or a test machine?  just wondering why you'd want the nvidia drivers on a server
<yarddog> its an actual server, here at home for a home based business, its a micron NF3400
<yarddog> i installed xfce for the sake of have the gui option
<sommer> ah, the desktop kernel should work with the drivers and work fine then... if you need nvidia that is
<yarddog> no need really
<yarddog> i can just put nv in the xorg, it works
<sommer> cool
<yarddog> its an old card anyway
<yarddog> fx 5200
<yarddog> my windows box has the 7600 gs
<yarddog> that one im a bit more picky about :)
<sommer> heh, my 6800 just crapped out on my desktop... sigh
<yarddog> i know someone that is running one of those
<yarddog> he likes it on either linux or xp, but not on vista
<sommer> heh, I haven't met anyone who likes vista
<yarddog> you just did, but only because im lucky enough to have it work
<yarddog> 'lucky'
<yarddog> thats my workbox
<sommer> oh come on there's no need to lie :-)
<yarddog> lol
<yarddog> vista on my sony vaio, xp on my dell laptop, ubuntu-server on this micron, and the wife has vista on her dell
<yarddog> eventually i would like to get another box for a linux play machine :)
<yarddog> i got this micron with the intention of running the ubuntu server though, ive been running xampp
<yarddog> but on windows
<yarddog> so i want to transfer that to this
<yarddog> more stability in terms of uptime im sure
<Nafallo> who is running solaris?
<Nafallo> and what is the three-finger-salute to reboot or shut down?
<yarddog> lol
<yarddog> power button
<yarddog> or unplug
<Nafallo> oki. so nothing to just have it reboot without login is there?
<yarddog> ive not seen a solaris box in 3 years
<yarddog> so i plead the 5th on that
<Nafallo> oki
<rhineheart_m> hello.. can anybody here assist me in the removal of webmin.. I know of something to remove it.. just please advise which to do: aptitude purge webmin or this one sudo apt-get remove --purge webmin ? I want all its configuration be removed too
<ScottK> rhineheart_m: Best ask in the place you got the package from.  They'll know best.  I suspect either of those would work, but I don't know the package.
<owh> Salutations. I've got a few scripts that together provide some functionality - think of it as an application, although it isn't really. In the past I've stored the scripts in a directory inside /root/myFooBar and symlinked to the scripts from /etc/cron.*, /var/www and /usr/local/bin, but I thought I'd ask if there were Ubuntu standard ways of doing this?
 * owh really doesn't want to create a package to make this work, but I want it to be obvious for any future administrator.
<owh> I wonder if the most appropriate location for the myFooBar directory is inside /opt?
<ScottK> owh: There or usr/local.
<owh> ScottK: I looked at usr/local, but only found generic folders like games, X11, so I opted for /opt - pun intended :)
<owh> I'm trying to migrate an ancient smbpasswd file to the samba v3 tdb format. The command I think I'm supposed to use is: pdbedit -i smbpasswd:old.server/etc/samba/smbpasswd  -e tdbsam - the error I get is: "Unable to set account database iterator for smbpasswd!", which doesn't appear in any manual and the google hits don't help either. Suggestions?
<owh> In case anyone is goog-ling and comes across this question, the answer was to copy the smbpasswd file into /etc/samba, then run pdbedit -i smbpasswd -e tdbsam and it appeared to work. This URL helped: http://www.informit.com/articles/article.aspx?p=422302&seqNum=3
<jeandaniel> Hello, can the standard hardy heron server can boot on lvm? or should we devote a small ext3 partition for /boot?
<blue-frog> lvm needs /boot
<jeandaniel> a year ago, the latest grub had seen some progress in booting over lvm and over efi, but I could not reproduce that success
<baffle> jeandaniel: Is that grub1 or grub2?
<baffle> Quick google reveals this: http://grub.enbug.org/LVMandRAID
<jeandaniel> it is grub2
<jeandaniel> but the project insist to call grub2 'grub' and grub1 'grub legacy'
<jeandaniel> I have installed hardy heron server on my mac mini in the cupboard, installed hardy jeos into a kvm virtual machine. Now from anywhere, I can type 'ssh jeandanieldomain' to land on the vm
<jeandaniel> Good job ubuntu
<jeandaniel> took three hours, and it works almost out of the box
<jeandaniel> to be fair it took less than that but some roomate is bugging me with the laundry and the washing up
<tmadsen> Hi, I have a setup that looks like this: http://tmadsen.net/setup.png. I need to have the two networks N1 and N2 talking to each other, and both have access to the internet trough the firewall. Does anyone have a good idea on how to configre the firewall to make that possible?
<faulkes-> the easiest way it to add an additional network card to the firewall as from your .png, it would appear you are trying to run two subnets off one nic
<tmadsen> I am
<tmadsen> so with the extra nic, you would use bridging?
<faulkes-> not really, just basic routing
<tmadsen> trough e.g. iptables?
<faulkes-> the only interface that I see requiring iptables is eth0, the one connected to the internet, which needs to be configured to use nat
<tmadsen> can't use nat, I have two webservers behind the firewall
<faulkes-> yes, you can ;)
<tmadsen> ok, so how can i tell which webserver should respond to port 80 requests?
<faulkes-> nat & masquerade
<faulkes-> well, I am assuming the ip's you have provided are the ones you are using, which require the use of nat in any case
<faulkes-> unless those ip's are different and actually globally accessable
<tmadsen> the N1 and N2 ips are globally accessible
<faulkes-> essentially, what you want to do is have eth0 pretend to be all of the accessible ip's and then do a masquerade to the internal ip's which are actually 1918 based addresses
<faulkes-> so if a request comes in for aaa.bbb.ccc.web_server1 it forwards/masquerades it to 192.168.26.N1
<faulkes-> and if a request comes in for aaa.bbb.ccc.web_server2 it forwards/masquerades it to 192.168.26.N2
<faulkes-> and where I have specified aaa.etc.. that is the global IP and 192.168.x.x is an actual rfc1918 address internal to your network
<faulkes-> although not fully particular to your case, this is generally covered in the linux virtual server project
<tmadsen> mhm, thanks
<tmadsen> a light went on, I'll try it ... thank you
<geos64> hi
<AtomicSpark> is there anyway to display a wine application on a terminal only machine? maybe export it to a tty or vnc-server? i see these options "-monitor dev" and "-vnc display" but not sure what they do. any thoughts?
<soren> AtomicSpark: Those look like qemu options?
<AtomicSpark> yes
<soren> er..
<soren> Are you asking about wine or qemu?
<AtomicSpark> heh. wine :P sorry. was playing with kvm at the same time.
<soren> Ok. The question is completely off-topic here, but the answer is wineconsole.
<AtomicSpark> well i'd be using it on a server and i figured someone here would have more terminal experience :P
<soren> andyd: Hi there :)
<andyd> why hello there. :-)
<soren> andyd: The major differences you'll find are: The different release schedule, a different kernel, and AFAIR a rather different approach to booting and device handling. The latter will probably not be apparant, unless you start digging.
<aliguori> soren, is it possible to do an ubuntu-server install over the serial port?
<soren> aliguori: Should be, yes.
<aliguori> i'm playing around with a linux kernel patch right now that makes the guest kernel aware of when it's being run with -nographic
<aliguori> i've got a grub patch too
<aliguori> soren, any clue what it takes?
<soren> What does it do in that case?
<soren> aliguori: Yeah, I'm digging out the docs now.
<aliguori> soren, automatically output to the serial port
<aliguori> so in linux, it adds ttyS0 as the preferred console
<aliguori> the idea is to make it so something like qemu -cdrom ubuntu-server.iso -boot d -nographic Just Works
<soren> aliguori: Ah. Makes sense.
<soren> I'm not even sure what happens in that case right now?
<aliguori> nothing :-(
<aliguori> -nographic just hides the vga screen and redirects the serial port to stdio
<aliguori> but the guest doesn't know you're using it, so it still outputs to vga
<aliguori> so right now, you have to configure your guest to use serial explicitly to make use of -nographic
<soren> Yeah, I see. I would have thought isolinux did something clever.
<soren> (I'm considering the installer case)
<aliguori> right
<aliguori> well, my patch makes it detectable via cpuid that serial is the preferred console
<aliguori> so it should be easy enough
<andyd> The different release schedule is what interests me most, soren.
<soren> Oh, ok. I thought you'd just detect the absence of vga and switch to ttyS0.
<aliguori> soren, the vga is still there
<soren> aliguori: Oh, just not hooked up to anything?
<aliguori> soren, correct
<soren> Gotcha.
<aliguori> you pretty much have to have a vga device for an x86 guest
<soren> I thought that was more of a BIOS limitation.
<aliguori> most bootloaders assume it too i think
<soren> Possibly. I have no clue, I'm just making this up as I go along :)
<soren> andyd: Yeah, I sort of gathered :)
<andyd> How soon will Hardy server be released ?
<soren> April 24th.
<andyd> oh, very soon then.
<Goliath23> hi
<Goliath23> anyone has experience with updating from 6.06 to 8.04?
<Deeps> 8.04 isn't out of beta yet
<Deeps> so you're probably better waiting ... 25? days til it's out i guess
<nijaba> Goliath23: we do want to hear from you if you can test it though.  We are trying to make sure this goes smoothly, but the more tests the merrier
<Deeps> true
<Goliath23> hm, I see. I'm installing an ubuntu 6.06.2 LTS in a virtualbox right now and will clone my system in terms of installed packages
<Goliath23> to test it for my production server
<Goliath23> unfortunately, my server is x64 and I think I can't test that with virtualbox
<JanC> virtualbox supports x86-64
<JanC> at least when the host is also 64-bits
<Goliath23> oh does it? I culdn't find the setting..
<Goliath23> hm, okay. hardware is, but I installed the opensuse x86 on my workstation so I guess it's not
<slide> Im trying to use apache + mysql auth and whe apache was at ver 2.0 I used libapache2-mod-auth-mysql but that is no longer compatible with 2.2 The replacement is libapache2-mod-authn-dbd but this is not available, can anyone help me figure out how to get it setup?
<Goliath23> why i'm asking about upgrading in the first place is just exim to be honest. dapper has version 4.60, but I need at last 4.62 because of some features I want to use
<Goliath23> any idea if it's possible to get updated exim4 packages for dapper?
<JanC> hardy has 4.69 packages
<Goliath23> but I won't be able to install them on dapper, won't I?
<JanC> you could try te rebuild source packages of a newer version of exim on dapper
<Goliath23> hm, yes
<Goliath23> I did a rebuild of a source package once, but it's been a while. do you have a tutorial on that?
<Goliath23> hm, my dapper on virtualbox won't boot. hangs on "booting the kernel" :/
<JanC> dpkg-buildpackage
#ubuntu-server 2009-03-23
<moz_> guys do you know any usb wireless devices i cant go wrong with, with ubuntu-server
<Kamping_Kaiser> Could someone give me the name of the command line version of ubiquity? I know i've seen it meantaioned on the ubuntu-server list, but I cant find anything about it on the net
<twb> Kamping_Kaiser: there isn't one.
<twb> Kamping_Kaiser: however you may be thinking of debian-installer (d-i), which is completely different software that is both more powerful and more flexible.
<Kamping_Kaiser> twb, i'm pretty sure there is. it wasnt an ubuntu project, but was meantioned on the list.
<Kamping_Kaiser> and no, its not d-i
<twb> OK, perhaps I am not possessing all the facts.
<Kamping_Kaiser> I'll lurk a while, and if no one knows, I'll have to grave dig my maildir :l
<tommy_nmw> hi
<tommy_nmw> let me ask about ubuntu
<tommy_nmw> hello
<tommy_nmw> who knows how to set up active directory like Ubuntu domain controller ?
<twb> tommy_nmw: that would be OpenLDAP and Samba, I guess
<twb> I don't know much about it
<tommy_nmw> so who knows well?
<treykee> good evening all
<tommy_nmw> yes
<llragsll> I want sshd to check the ssh_known_hosts file for all connections and no the .ssh/known_hosts file that is created for each user...
<rags> can I have two gateways configured...with 2 different metrics?? I want it to switch whenever the other one drops..Is this possible?
<Kamping_Kaiser> yes, and theres tools packaged for that purpose
<Kamping_Kaiser> cant give personal experiance though
<Noah0504> Anyone around?
<_ruben> hmm .. im starting to experience more and more "issues" with cronjobs lately .. some work as expected, others down run at all, or dont do anything .. guess it's time to do some more investigating
<rst-uanic> _ruben: have you tried to start those jobs manually?
<_ruben> manually they work fine
<_ruben> could be an $ENV problem i guess
<rst-uanic> maybe, try exporting needed variables in the job script
<rst-uanic> also, did you run those jobs as the user specified in the crontab or as yourself?
<_ruben> both as root, which does have some effects on the $ENV (sudo versus cronjob)
<rst-uanic> _ruben: and you use full paths in the cronjobs?
<Alex_21> Hi, All,
<Alex_21> In Ubuntu is .HTaccess access enabled by default? The release I am using is 8.04 Hardy. Please
<_ruben> rst-uanic: yes
<Alex_21> Odd, because I can't install Drupal from source for some reason
<rst-uanic> _ruben: and what $ENV variables do you think you use?
<_ruben> Alex_21: the allowoverride setting configures what stuff you can put in .htaccess sites
<Alex_21> Does anyone have experiance with instaling Drupal from source?
<_ruben> rst-uanic: none specifically .. i havent researched it very much yet .. was about to do so
<Skaag> Can I safely remove console kit somehow? It wants to remove dbus as well
<Skaag> Why do I need that stuff on a server that will never do gnome sessions?
<_ruben> dbus depends on consolekit, for whatever reason
<_ruben> it was a $PATH issue .. my cronjob calls /sbin/ipvsadm .. which turns out to be a shell script which then calls ipvsadm-1.24 and apparently /sbin/ isnt in the $PATH for (root) cronjobs
<Skaag> _ruben: I know dbus depends on it, do I need dbus?
<_ruben> Skaag: how should I know? :)
<Skaag> is it required for proper functioning of an ubuntu server?
<Skaag> ;-)
<_ruben> Skaag: I dont know what apps you got installed which might need it
<Skaag> Apache, MySQL...
<_ruben> my servers dont have dbus
<Skaag> ok great
<Skaag> I assume if an app will need dbus it will say so
<Skaag> I was just afraid it's required for the basic operation of the OS itself
<_ruben> it should yeah
<Skaag> ok removed that stuff...
<Skaag> it's just that sometimes console kit takes 100% CPU for no reason
<Skaag> and I noticed it's a known bug
<Skaag> thanks :)
<_ruben> nice
<rst-uanic> _ruben: is it working now? :)
<_ruben> rst-uanic: this specific one, yes .. i added a "PATH=/sbin:$PATH" to my script :)
<rst-uanic> that's good
<uvirtbot> New bug: #345470 in bind9 (main) "Please sync bind9 1:9.5.1.dfsg.P1-3 (main) from Debian unstable (main)." [Wishlist,Fix released] https://launchpad.net/bugs/345470
<_ruben> i wonder if i should file a bug wrt the ipvsadm behaviour
<rst-uanic> _ruben: my $PATH has /sbin
<_ruben> rst-uanic: but also in a cronjob?
<rst-uanic> don't know
<rst-uanic> I think cron scripts declare their own parameters or just use full paths :)
<_ruben> rst-uanic: well .. i did use a full path to ipvsadm, but that doesnt work, because /sbin/ipvsadm is a wrapper script, which doesnt use full pathts
<rst-uanic> _ruben: maybe :)
<_ruben> filed a bug for completeness sake .. at the very least it is now "documented" behaviour :)
<rst-uanic> :)
<infinity> rst-uanic: Crontabs can have a PATH declared at the top.
<rst-uanic> infinity: yes they can
<infinity> 02:56 < rst-uanic> I think cron scripts declare their own parameters or just use full paths :)
<infinity> My point is that the crontab itself (not what you run from it) can have PATH and SHELL and other such things declared before the periodic entries.
<infinity> man 5 crontab
<rst-uanic> infinity: ok, and my point is that it is better to use full paths and have no problems
<infinity> Generally not...
<rst-uanic> infinity: why not
<rst-uanic> ?
<infinity> Scripts that use full paths (and worse, compiled code with full paths compiled in) aren't very resilient to the whole reason the UNIX filesystem hierarchy exists.
<infinity>  /usr/local/bin:/usr/bin:/bin <-- That's arranged like that for a reason.  So you can override what's in /usr/bin with /usr/local/bin ... And if you don't want that behaviour, you remove local from your path, not recompile or hardcode.
<rst-uanic> infinity: And if I want to write a small scripts for my system? I should think of how this will work on other systems too?
<infinity> rst-uanic: Why would you bother hardcoding paths on your own system?  You know what you have installed, surely?
<infinity> rst-uanic: But even small projects, I tend to write to the same standards as something I'd write for public release, based on the realisation that a good 75% of my "small projects" end up deployed to dozens of machines, at the least, and publically released to thousands/millions, at the worst.
<rst-uanic> infinity: I am not saying that declaring $PATH is wrong. I saying that if I want to write some quick script using full path is quite ok.
<infinity> rst-uanic: Well, sure, whatever you want to do is "okay for you", by definition.  It's your system.  I'm just arguing it's not actually "best practice" to hardcode full paths to binaries.
<infinity> What if we move something from /bin to /usr/bin or from /usr/sbin to /usr/bin between releases, and your script breaks because of it?
<infinity> No hardcoded binary locations, no problem.
<rst-uanic> infinity: for sure :)
<_ruben> good point
<rst-uanic> infinity: thanks for your explanations :)
<uvirtbot> New bug: #347206 in bacula (universe) "bacula in dapper (2.2.8) catalog upgrade from hardy (1.3.6)" [Undecided,New] https://launchpad.net/bugs/347206
<sparky_> I'm trying to mount my back-up disk to upload on to my server but it can't mount it using "sudo mount -t hfsplus /dev/sdf1" it kicks back saying "wrong fs type, bad option, bad superblock on dev/sdf1.  Any help?
<soren> sparky_: Anything in dmesg?
<sparky_> [  511.957477] hfs: unable to find HFS+ superblock
<soren> Well, there you go.
<sparky_> i don't know anything about superblock....
<soren> The superblock is where the filesystem puts information about itself.
<soren> It's created by mkfs.
<sparky_> is there a way to fix without lossing my data
<sparky_> oh so just run the mkfs and it will create the superblock?
<soren> Nono!
<simplexio> i dont think so
<soren> no!
<soren> sparky_: No!
<sparky_> ok
<soren> mkfs is what you use to *create* the filesystem to begin with.
<simplexio> sparky_: are you 100% sure that your device name is right ?
<soren> So if you run it on a block device that already has a filesystem, you'll delete the current contents.
<sparky_> yes, it is the only one that is 1Tb in size
<soren> sparky_: Try "sudo vol_id /dev/sdf1"
<soren> ...and tell me what it says.
<sparky_> http://www.pastebin.ca/1369065
<soren> Why do you think it's an hfs+ filesystem?
<sparky_> I thought that is what i created it as on my mac, but it looks like its fat32 correct?
<soren> Yes.
<sparky_> so i would us -t fat32
<sparky_> use*
<soren> Just mount it.
<sparky_> it's not showing anything in the dir
<soren> sparky_: What did you expect to see? Did it mount correctly?
<Giddion> hello
<sparky_> i expected to see all my back-up'd files over 600 Gb worth
<Giddion> ive got a spare server laying around and im thinking of putting ubuntu server on there, im curious to know what i could use a box which has 32gb HDD space, P4 1.66 and 512mb ram for?  im currently running a mail server, web server, file server and mssql. but this is all windows based so i couldnt transfer it to linux.   any ideas?
<orudie> ivoks, hi thanx for helping me last night i got working it looks decent
<soren> Giddion: Not sure. Perhaps you could make it a mail, web, file and mysql server? :)
<ivoks> soren: have you seend apache directory studio?
<ivoks> seen
<soren> ivoks: Nope.
<ivoks> soren: it's ldap browser
<ivoks> soren: it even has scheme editor and ldif editor
<ivoks> it's a perfect tool for managing ldap
<ivoks> the only bad thing - it's for eclipse
 * soren really wishes we didn't have to deal with JAva.
<ivoks> soren: it's a workstation-side app
<ivoks> soren: on server, we wouldn't have java
<soren> ivoks: Right, right, I was just looking at the other Apache Directory stuff.
<ivoks> soren: ah, apache directory - ldap implenetation
<ivoks> grr... keyboard
<ahasenack> hey, they have triggers :)
<soren> ahasenack: I'm almost sure that doesn't outweigh the Java thing.
<ahasenack> sommer: correct :)
<sparky_> soren, thx for the help I got it going
<soren> Cool.
<uvirtbot> New bug: #347098 in samba (main) "Samba crashes Windows XP Home" [Undecided,New] https://launchpad.net/bugs/347098
<AlexC_> g'morning
<AlexC_> we've just sent a server off to a data centre, however we've ran into quite a problem that was not noticed before we sent it off. The partition that mounts as / is 250mb in size! Is there a way to somehow move the data that is current on the / partition somewhere else, re-mount that temporarely, increase the size of the partition, then move it back?
<ivoks> you could create new partition
<ivoks> of the same size
<ivoks> dd data to it
<ivoks> fix boot loader and fstab to boot from the other partition
<ivoks> fix the first partition
<ivoks> copy data back
<ivoks> fix boot and fstab and reboot
<ivoks> of course, be carefull and don't come looking for me if it doesn't work :D
<AlexC_> :P
<soren> AlexC_: Is it the only partition on the system?
<AlexC_> ok, so we've 5 partitions - one each for /home /tmp /usr /var and /. Trouble is we have no more space left to make a new partition, so I'm going to have to kind of do this 'on-the-fly' /home is 213GB, so maybe I could move all partition data into there and only mount that, then delete all others, fix sizes, copy data back over?
<soren> AlexC_: Can I see you partition layout, please?
<ivoks> well, then copy everything to /home
<AlexC_> soren, sure
<giovani3> oh LVM
<giovani3> why we love the
<AlexC_> soren, http://paste2.org/p/169698
<giovani3> thee*
<soren> AlexC_: Where's sda1 and sda2?
<giovani3> and sda4
<ivoks> swap?
<ivoks> sda4 would be extended
<scope006> when i create a new user in ubuntu server auto complete and bash history doesn't seem to work out of the box as opposed to the first created user
<giovani3> and sda7
<soren> giovani3: There doesn't have to be a sda4.
<AlexC_> soren, they do exist, just not mounted. They are some recovery partitions that ideally we could get rid of (I want to), though boss wants them to be kept there
<scope006> anything special i should look at in /etc/profile or something like that
<giovani3> why was this not LVMed?
<soren> AlexC_: That's why I wanted to see your partition layout. The output of fdisk -l or parted print or something.
<AlexC_> soren, ok
<ivoks> well, having / on 260MB partition in this case isn't that bad
<domas> when will people learn to use single big partition for system, and then big big partition for service data :)
<domas> I just have 10G / and huge /a ;-)
<AlexC_> soren, http://paste2.org/p/169702
<ivoks>  /usr is separate, /var is separate...
<soren> domas: Hopefully never :)
<AlexC_> ivoks, it sure is, as I can't do any updates to the server due to it running out of disk space
<ivoks> i guess kernel is creating problems
<soren> AlexC_: Shame. I was hoping we could just extend your root partition.
<ivoks> having boot bind-mounted to directory in /var would help :)
<AlexC_> soren, same here. If I was to delete sda1 and 2, that would be possible?
<AlexC_> though they are very small, but it would give us something to play around with
<soren> AlexC_: Technically, yes. I wouldn't, though.
<ivoks> AlexC_: if i were you, i would delete sda1, sda2, sad3 and sda5
<soren> AlexC_: sda2 is several GB.
<domas> soren: why? :)
<ivoks> AlexC_: and then create / on top of all of them
<ivoks> i'm not sure that's possible, since three of them are primary and one extended
<soren> domas: Why on Earth would you do something like that?
<Deeps> sda1 is marked type dell utility, sda2 is fat32, so i'm guessing server's recovery partition?
<Deeps> oh, hmm, was scrolled up
<Deeps> ignore me
<AlexC_> Deeps, correct
<domas> soren: why on earth would you constrain yourself in /var, /tmp, etc ;-)
<AlexC_> though I see no need for them (recovery partitions)
<domas> soren: i understand ubuntu has specific philosophy (like storing essential database files in /var/run ;-))
<ivoks> right...
<ivoks> that's very stupid :)
<ivoks> we should fix that
<soren> domas: Eh?
<domas> I can give you 10 things that are idiotic about mysql package on ubuntu
<domas> I filed one of them, and nobody even looked at the bug :)
<ivoks> domas: pid in /var/lib/mysql? :)
<giovani3> is there a reason you can't just dump all the data on a drive, and start over?
<domas> ivoks: binlogs in /var/run
<ivoks> domas: that's right
<domas> ivoks: what is right in that?
<AlexC_> giovani3, server is physically few hundred miles away from us now, though with the RAC we have it *may* be possible, however I would not like to do this
<domas> anyway, mysql writable ~mysql is as bad =)
<ivoks> nothing, i ack on that bug
<domas> "CHECK TABLES" at restart is _extremely_ annoying on terabyte tables, you know.. ;-)
<domas> well, even on 100GB databases it is quite bad. ;-)
<domas> soren: see, people put arbitrary limits where they don't need them, and don't have proper setup for anything else
<AlexC_> soren, what are the technical reasons for not deleting sda2 and extending sda3 into that space?
<giovani3> AlexC_: your datacenter doesn't offer kvm?
<giovani3> you could ask to borrow a usb drive, backup your stuff
<ivoks> domas: could you summarize all those pitfalls?
<AlexC_> giovani3, I don't know tbh
<ivoks> domas: so that we can fix them all
<giovani3> then ask them to put some install media in the cd drive, and start over with LVM!
<giovani3> AlexC_: well I'd be asking if I were you
<domas> ivoks: as long as someone will listen, sure
<ivoks> domas: i will listen
<domas> ivoks: lately I find out that people who pay me listen to me way more than whose who don't ;-))
<domas> ivoks: ok!
<soren> AlexC_: The fact that sda2 is located *before* sda3.
<soren> You can't extend backwards.
<AlexC_> ah
<soren> domas: The problem isn't that people contrain themselves. The problem is that it's too tedious to move stuff around.
<ivoks> domas: if you file a bug on LP, add me (ivoks) as surbscribed
<ivoks> domas: or, if you'd preffere to send an email, ivoks at ubuntu com
<domas> ivoks: oki
<AlexC_> soren, would formatting sda2, then copying all data from sda3 to 2, then delete 3, extend 2 into 3 work?
<domas> ivoks: e.g. https://bugs.launchpad.net/ubuntu/+source/mysql-dfsg-5.0/+bug/293258 - is there for quite some time already
<uvirtbot> Launchpad bug 293258 in mysql-dfsg-5.0 "mysql user has home directory writable by mysqld" [Undecided,New]
<soren> AlexC_: Yes.
<AlexC_> soren, is that a yes, it is a good idea, or a technically possible yes - but shouldn't really, yes?
<domas> ivoks: it isn't critical, but quite bad practice (used by many.. ;-)
<ivoks> i know
<soren> AlexC_: Probably a good idea, yes.
<ivoks> i have to fix conf on couple of my installs
<ivoks> and i forgot to fix all that
<ivoks> so, once you have a list, we'll fix all of them in one go
<domas> oki!
<AlexC_> soren, ok cool, could dd handle the difference in partition sizes if I was to do a direct copy of sda3 to sda2?
<domas> puts some pressure on me now!
<AlexC_> or, should I format sda2, resize that to the same as sda3 - then copy, then extend?
<ivoks> bbl
<domas> ivoks: there're also few bugs, mysqld_safe loops at 100% after mysqld restart, etc
<soren> AlexC_: Sort of.
<soren> AlexC_: It won't break. :)
<ivoks> domas: i've seen that one, too :/
<AlexC_> but ... ? :P
<domas> ivoks: I just really have to sit down and review that, maybe should ask my managers to approve this to do that on my payroll
<domas> hehe, I have separate big /tmp only on boxes that have LVM snapshot roundrobin configured
<domas> does 50G /tmp sound ok?
<domas> ivoks: kudos though for having apparmor profile
<domas> ivoks: I'm giving 'mysql security' talk soon at MySQL Conference, and it will be one of hilights in it =)
<soren> AlexC_: Sorry, I was on the phone..
<AlexC_> soren, no worries
<soren> AlexC_: Just dd it over. The filesystem will still be those 200-300 MB, so once you've joined the partitions, you should resize2fs it.
<soren> ...as that will extend it to be the size of the underlying block device.
<ivoks> domas: well, mysql's apparmor isn't my work :)
<AlexC_> soren, ok, so: 1) Format sda2, 2) dd sda3 to sda2, 3) delete sda3, 4) extend sda2 5) resize2fs ?
<soren> AlexC_: don't bother formatting sda2.
<AlexC_> oh really?
<AlexC_> would I not then end up with half of sda3, and half of sda2 on the sda2 partition?
<soren> dd'ing sda3 onto it will overwrite that anyway.
<soren> You would anyway.
<ivoks> bbl
<soren> mkfs doesn't go through every bit of the block device zeroing it out.
<soren> It just puts a superblock there.
<AlexC_> ahh ok
<domas> ivoks: hehe, now that hardy will fix my apparmor bug soonish, I'll be able to deploy it widely \o/
<AlexC_> soren, ok, I'll start on it =) This could be fun, since if I can't boot into the server I'm fecked =3
<soren> AlexC_: Be careful. Make sure grub know where to look for stuff.
<uvirtbot> New bug: #293258 in mysql-dfsg-5.0 (main) "mysql user has home directory writable by mysqld" [Undecided,New] https://launchpad.net/bugs/293258
<soren> Or lilo or whatever you're using.
<AlexC_> soren, yes, indeed. Just to confirm: 'dd if=/dev/sda3 of=/dev/sda2' is correct?
<soren> That looks about right, yes.
<AlexC_> ok, cool - thanks for all this btw
<AlexC_> and it is ok to do while sda3 is mounted?
<soren> I would probably remount it readonly.
<soren> ...make sure you have a root terminal open ready to remount it rw.
<AlexC_> soren, hum, and the server would still boot up ready for me to SSH in if I was to edit fstab, change to readonly, and restart server?
<soren> Oh, you can remount while running.
<soren> sudo mount -o remount,ro /
<AlexC_> mm, interesting =)
<AlexC_> soren, I'm so hesitant to do this, as it's a long trip to London if I mess up. I am currently SSHed in, so I remount, dd, then do same command once finished (though changing 'ro' to 'rw') ?
<AlexC_> if you've not got time just say and I'll poke someone else
<soren> AlexC_: Again: Make sure you've got a root prompt somewhere else, ready to remount rw.
<soren> ..in case something goes bad.
<AlexC_> soren, I'm not quite sure I understand you, I can only login via SSH - would that do?
<Deeps> have another ssh session open at a root prompt
<soren> Open up another terminal, ssh into the server, "sudo su -".
<AlexC_> ok
<soren> Which boot loader are you using?
<AlexC_> grub
<soren> Alright. Tell grub that your root partition is /dev/sda2
<soren> ...since sda2 and sda3 will have identical UUID's, so I'm not sure which one will be chosen.
<AlexC_> ok, I shall do that now. One thing I have just thought, we'll need to make sda2 bootable, or will dd copy that data across?
<soren> dd won't copy it across, no.
<AlexC_> ok
<soren> It's a flag in the partition table.
<soren> Not in the filesystem superblock.
<AlexC_> ok that makes sense, and is something we'll need to do once dd has completed then
<AlexC_> ok, I did the remount - though 'mount' says it is still rw
<soren> mount looks at /etc/mtab
<AlexC_> ahh ok
<AlexC_> time to dd
<AlexC_> right, dd finished
<AlexC_> mount / back as rw, mount sda2 just to see if data has been copied correctly is next step?
<AlexC_> ok that appears to have worked, though I am a bit concerned fdisk still says it is a FAT32 partition - is that because it just hasn't updated, or has everything been copied to fat32 (and more importantly, will that be 'ok')?
<soren> fdisk doesn't know about the contents of partitins.
<soren> It just sees that the partition's type is that. You can just change it to "Linux".
<soren> (type 83)
<AlexC_> ah ok, so that is just a ... 'label'/name for it?
<soren> Sort o, yes.
<AlexC_> soren, is it worth changing it to 83? Also, how do I make this partition bootable? Btw I shall send you a donation once I have done all this, as your help is extremely appreciated
<soren> AlexC_: I would probably change it to avoid confusion.
<soren> I don't know if the bootable flag really makes any difference, but it's something you do from fdisk as well.
<AlexC_> I thought bootable was quite essential, other wise grub couldn't boot it?
<soren> I doubt grub cares, to be honest, but seeing as there's very little margin for error, you should probably set it :)
<AlexC_> ok, awesome - that's done
<AlexC_> technically I should now be able to reboot and everything *should* work, on the new partition? Then after that I simply delete sda3 and increase sda2 size?
<soren> That's the idea, yes.
<rgreening> anyone here familiar with openerp? trying to run the server in jaunty and it fails. comp
<rgreening> complains about xpath
<rgreening> ERROR: Import xpath module
<rgreening> ERROR: Try to install the old python-xml package
<rgreening> ScottK: ^ any ideas?
<ivoks> install python-xml package?
<giovani3> heh
<giovani3> the instructions are a clue
<rgreening> ivoks: its installed, obviously.
<giovani3> jaunty is also ... not stable
<rgreening> giovani3: Im not a n00b :P
<giovani3> rgreening: file a bug report?
<ScottK> rgreening: By design python-xml is not in the default path.
<ScottK> giovani3: I'd rather he fix it.
<rgreening> :)
<rgreening> ScottK: and I am capable, with a hint...
<rgreening> as you know
<ScottK> rgreening: I don't recall what you have to add to the path to see the old python-xml stuff, but that's what's needed.  The python-xml package should yield sufficient clues.
<rgreening> So ScottK, does that mean, I need to mod the openerp server script to update the PYTHONPATH?
<ivoks> /usr/share/pyshared/oldxml/
<ScottK> rgreening: I think so.  As ivoks says.
<ivoks> just ignore me :)
<rgreening> cool.
<rgreening> ScottK: I'll take a look
<rgreening> thanks ivoks
<ivoks> dpkg -L python-xml might help
<ScottK> Great.  IIRC it's in Universe so you can upload it.
<ivoks> i'm not sure my answer is correct
<rgreening> cool
<rgreening> np, I'll look around see if I can work it out.
<AlexC_> soren, still alive? It's booted up into sda2 =) So far so good, what did you say I needed to do to make sda2 as big as I needed?
<AlexC_> just use fdisk to change it? (well, mount sda2 as ro first I would assume?)
<soren> AlexC_: No need.
<soren> AlexC_: Just remove sda2 and sda3, recreate sda2 with the start sector of the old sda2 and end sector of the old sector3.
<soren> Err... s/sector3/sda/3/g
<AlexC_> soren, I can't remove both, if I do that I loose all data on them. Currently sda2 is the copy of sda3
<soren> Yes, you can.
<rgreening> ScottK: prob this path... /usr/share/pyshared/oldxml
<soren> Removing the partition does not touch the data on it.
<soren> AlexC_: ^
<ScottK> rgreening: Since that's the one ivoks suggested, I'd tend to think yes.
<rgreening> hmm. tried exporting it. no go..
<AlexC_> soren, ok, that makes sense. And I do this all with fdisk, right?
<soren> AlexC_: Yes.
<domas> ivoks: heh, I see intrepid has a bit better scripts than hardy :)
<ivoks> domas: still, we should fix it in hardy too
<soren> domas: For what?
<ivoks> mysql
<uvirtbot> New bug: #347361 in net-snmp (main) "libsnmp-python segmentation fault" [Undecided,New] https://launchpad.net/bugs/347361
<AlexC_> soren, ok, that is done. I know have '/dev/sda2   *          12         307     2377620   83  Linux'. However, 'df -h' is still showing /dev/sda2 as 260mb, what is the next step after this?
<ScottK> rgreening: sys.path.append('/usr/share/pyshared/oldxml/_xmlplus') will get you started, but then import xpath dies in progress leading to more clues.
<rgreening> ScottK: yeah. They import boolean (which is part of python 2.6.. and other mess...)
<ScottK> So I think that leads to more work worth doing.
<rgreening> hehe
<ScottK> rgreening: It's actually xpath that imports boolean.
<rgreening> I wanted to demo this software to someone today... no go for Jaunty...
<ScottK> Intrepid will be similar probably as python-xml is out of the path there too.
<domas> ivoks: damn you people, quite a few problems have been fixed in intrepid :)
<domas> ivoks: I was looking at all init scripts and saw "oh, they changed this, they changed that" :)
<domas> ivoks: I'm tempted to set up PPA for hardy with intrepid packages
<rgreening> ScottK: right from the python intrepreter, importing xpath is broken, so it leads me to believe there's either some voodoo needed or the oldxml stuff is just broken..
<ScottK> I would tend to suspect an incomplete python-xml update for Python 2.6.
<AlexC_> am I right in thinking,  resize2fs /dev/sda2  will resize the filesystem to  take up all the partition
<rgreening> oh my, whats a rats nest i've uncovered....
<rgreening> ScottK: Bug 337759
<uvirtbot> Launchpad bug 337759 in openerp-server "openerp-server depends on python-xml and is therefore uninstallable ATM" [Undecided,New] https://launchpad.net/bugs/337759
 * ScottK was looking for In Progress -> rgreening....
<rgreening> ScottK: its an existing bug report
<ScottK> Yes, and?
<AlexC_> g'bai
<ScottK> rgreening: You're allowed to fix ones you didn't report.
<rgreening> I know, I was just indicating I found an open one to work against :)
<rgreening> ScottK: seems to me, modifying the oldxml to not load boolean may be whats necessary.
<ScottK> rgreening: From what little I know about this, that seems likely.
<ScottK> It's dead upstream, so don't feel bad about patching it.
<rgreening> though what breaks outside of that, is unknown
<rgreening> ok
<rgreening> I'll give that a shot
<rgreening> ScottK: I expect a big patch to remove boolean may fix this. It's in 44 places in the package.
<ScottK> That's not so bad.
<rgreening> :) just time consuming.. but hopefully this is all thats required to fix openerp
<broheem> hello everyone. noob question: i need to add php-imap support to a current ubuntu server setup. if i run "sudo apt-get install php5-imap" will that leave the current setup intact and just add on imap? or do i need to run that command with all the modules/addons i currently have enabled?
<giovani3> broheem: it will install the module, it doesn't remove your other modules
<broheem> giovani3: perfect, thank you! i wasn't sure if that was replacing php5 with the new module or just adding it on. that answer my question. take care.
<giovani3> broheem: no problem -- that goes for all modules in debian/ubuntu -- in some cases, though, there will be multiple packages that replace one another such as xxx-mysql versus xxx-pgsql
<giovani3> because only one kind of support is built in at a time, for example
<broheem> giovani3: ah, yes, that makes sense. thanks for the info. much appreciated!
<giovani3> np
<ivoks> domas: sorry, i wasn't here
<ivoks> domas: if you are really eagar to do it, of course, you can set up ppa
<ivoks> domas: we could then just pull the diff and review it
<domas> ivoks: nah, I mean, I'd just pull package from intrepid and make it compiled for hardy
<domas> ivoks: intrepid resolves most of bad stuff
<ivoks> hehe ok
<domas> thats good
<domas> except that we run mostly LTS :)
<ivoks> well, LTS isn't sealed
<ivoks> fixes are always welcome
<mathiaz> soren: did you push your opennebula modifications to my iso_testing scripts somewhere?
<soren> mathiaz: No, I didn't, sorry.
<rgreening> ScottK: I think I figured out how to make the rdepend on python-xml for openerp-server go away :)
<ScottK> rgreening: That's an even better solution for openerp-server.
<rgreening> :)
<rgreening> 1 file to fix
<rgreening> a couple of small changes to osv/orm.py ScottK
<ScottK> Ideally we want python-xml to go away ....
<rgreening> and it then uses internal python xml (xpathEval)
<ScottK> Perfect.
<rgreening> Im testing here. Will let you know how it all goes.
<MHS_> Hello. I am setting up a server for a number of computers. The server will hand out an IP address however I am having trouble in getting it to accept the server as a router to the internet. Can anyone help me?
<cemc> MHS_: what do you mean 'accept the server as a router' ?
<MHS_> The computers can't access the internet through the server
<cemc> MHS_: is ip forwarding enabled? check cat /proc/sys/net/ipv4/ip_forward
<MHS_> I think you meant type in that to the terminal. If you did then after I typed it in it said 0
<MHS_> I also went directly to the file and it also shows nothing
<giovani3> MHS_: then that means that ip forwarding isn't enabled
<giovani3> so your server isn't acting as a router
<MHS_> How can I change this?
<giovani3> did you ever try to set it up as a router?
<MHS_> No.
<Tuxist> hi
<giovani3> ok -- it's not the most simple of tasks
<Tuxist> i have problem with nfs, pam and kerberos
<giovani3> I wouldn't advise it if you don't feel pretty comfortable with linux
<Tuxist> when i ount the nfs volume i can't login via pam kerberos
<MHS_> I'm comfortable enough that I believe I can at least try. If you could possibly help me that is.
<giovani3> MHS_: https://help.ubuntu.com/community/Router
<giovani3> that's ONE guide -- there are many
<giovani3> I don't know if it's complete
<MHS_> Thank you
<Tuxist> have anybody solutions for this problem
<giovani3> google is your friend
<Tuxist> i think nfs overwrite the krb5cc_0
<MHS_> Thank you for all the help. I know. An I've looked but I just couldn't find the right wording I suppose.
<rgreening> ScottK: Im having a diff time getting postgres properly setup to test out the openerp changes...
 * ScottK hasn't set up postgres in a very long time.
 * ScottK would just say ask here ....
<rgreening> I have set up in the past... but never had much difficulty...
<rgreening> I think its openerp related.
<Hans67521> hello all
<Hans67521> how do i remove the login warranty message for each user?
<_ruben> edit /etc/motd
<ivoks> err
<ivoks> edit /etc/motd.tail
<Nafallo> edit /dev/ivoks
<ivoks> :)
<_ruben> oh .. right .. forgot about that one :p
<Hans67521> thanks
<Hans67521> dont have a /dev/ivoks
<giovani3> Hans67521: 'twas a joke, disregard
<uvirtbot> New bug: #347503 in samba (main) "Samba/Winbind: INTERNAL ERROR: Signal 11" [Undecided,New] https://launchpad.net/bugs/347503
<Jeeves_> Hi all!
<moz_> my system is having trouble booting
<moz_> it seems to hang after "loading hardware drivers.."
<moz_> there is a message saying [8.8xxxxxx] header request #8
<moz_> then there is no hard drive activty, anyone know whats happened?
<Jeeves_> moz_: Try booting without 'quiet' at the bootloader
<Jeeves_> That will give you more output
<moz_> [8.847701] header request #1 is actually the message
<moz_> Jeeves_: how do I do that sorry?
<Jeeves_> moz_: When it's starting grub
<Jeeves_> hit escape
<moz_> yup
<Jeeves_> and than you can edit the boot-options
<Jeeves_> someone figured that it is better to boot a server silent
<Hans67521> can i run fetchmailconf from terminal without X
<giovani3> Hans67521: you can't ... fetchmailconf is a GUI
<giovani3> it just edits .fetchmailrc though, so you can do that manually
<slops17> hey all
<Hans67521> i have a fetchmailrc file for a user
<Hans67521> how do i run it
<Hans67521> or if i have 10 users how do i run it
<moz_> Jeeves_: it seemed like when i changed that it loaded ok, i guess that is just coincidence it couldnt have fixed it ?
<slops17> i am trying to do an install of ubuntu server on my server but after the install it takes me to a grub command line but i cant do anything
<giovani3> Hans67521: I don't know what you mean by "run it" -- the .fetchmailrc file is a preferences file
<Hans67521> ok
<slops17> i am using the server cd iso
<Hans67521> but how to i run to to download mail for a users
<Hans67521> user
<User777> hello
<cemc> Hans67521: you run fetchmail, which uses the .fetchmailrc file for options
<Jeeves_> moz_: hmm, might be a coincidence
<User777> okay so i just downloaded and installed ubuntu server with LAMP..(its actually a turnkey Joomla appliance) and although Everything seems set up correctly in interfaces and resolve i cant resolve..any ideas?
<Jeeves_> only one way to find out :)
<Hans67521> mmm.. i am lost
<Jeeves_> User777: cat /etc/resolv.conf
<Hans67521> i a put in set daemon 60 in the users fetchmailrc file will it then automaticaly check mail every 1min?
<User777> cat /etc/resolve.conf list the 2 nameservers i put and they are correct
<oly562> question - does the ubuntu - server run gui-less by default?
<Jeeves_> User777: And they are reachable?
<Jeeves_> oly562: Of course
<oly562> why of course?
<slops17> any one?
<User777> they are reachable
<Jeeves_> slops17: type enter
<slops17> i did
<oly562> why does the ubuntu server take so long to boot?
<slops17> i am trying to do an install of ubuntu server on my server but after the install it takes me to a grub command line but i cant do anything
<oly562> vs desktop and gui, actually the desktop and gui load faster than the gui-less server
<oly562> is there a way to fix that?
<Jeeves_> oly562: That depends what the reason is
<oly562> im speaking from a default install no real services added yet...
<oly562> no reason, its default settings im concerned with
<oly562> try to follow what im saying, it will make more sense
<moz_> my wireless USB stick is disconnect very frequently, sometimes after 5 mins of use sometimes 20 mins, is it possible is it over heating, the device is still being recognized on my laptop that is running unbuntu-server, but it will not ping anything, could this be overheating
<moz_> or with overheating should it not be recognized
<User777> Jeeves_ ?
<moz_> if i replug it in, it will usually work again for a while
<slops17> jeeves_ i am trying to do an install of ubuntu server on my server but after the install it takes me to a grub command line but i cant do anything
<oly562> ok, i will try this again... the gnome ubuntu desktop loads 10x faster than the ubuntu - server os. why is this? note, i haven not loaded any services on the server, other than the defaults... and.... is there a way to fix this? if you know how to speed up the default server great, if not, i dont need to type extra kystrks.
<Jeeves_> Ok
<Jeeves_> so now there are three peope asking me 6 questions
<oly562> im asking the room
<Jeeves_> User777: are you firewalling stuff>
<User777> im only asking one question as such
<Jeeves_> ?
<User777> i havent touched any firewall settings
<Jeeves_> User777: That's not the question
<Hans67521> does anyone know fetchmail
<Hans67521> i need help
<Jeeves_> oly562: Try finding out what needs time during booting
<Jeeves_> Hans67521: man fetchmailrc
<oly562> ill wait for a few, then i will try back later, nothing i can find on docs tell me why it takes longer than a window 2000 server to boot up
<henkjan> oly562: you didnt install an tasksel like 'mailserver' or something?
<oly562> no henkjan
<oly562> i did not
<oly562> although i would like to load services next
<henkjan> oly562: i remember sendmail taking a longtime to start if not configured correct
<User777> sorry, its address is behind a firewall yes, but other VM's with windows work fine out of the box
<oly562> but if the server is going to take that long, i will simply use freebsd for my server needs
<oly562> im trying out ubuntu this year
<Jeeves_> oly562: Sure. Blame Ubuntu for your cluelessnes
<oly562> well debian i mean
<User777> other vm's on the same subnet
<User777> i mean^
<Jeeves_> User777: Still not answering the question
<oly562> im not running a freeradius server Jeeves.
<henkjan> oly562: in the grub menu you can edit the boot parameters
<Jeeves_> User777: Hint: sudo iptables -L -n -v
<oly562> or apache ssl that i can automajically get to boot with out halting
<oly562> yesh....
<henkjan> oly562: remove the 'splash' line
<oly562> dont assume anyone is cluess from a few lines in a chat room
<oly562> henkjan:  oh? you think that will work?
<henkjan> oly562: er,, remove the 'slash' word and boot
<oly562> i dont see any splash, are you saying in grub?
<Jeeves_> henkjan: oly does not understand what he is doing
<Jeeves_> I give up :)
<henkjan> oly562: by removing splash your server wil show you whats starting up
<oly562> Jeeves_:  is a dick
<oly562> ;)
<Jeeves_> oly562: Indeed!
<oly562> hmmm
<Jeeves_> But at least i'm a smart dick!
<User777> chain input (policy accept 0 packets, 0 bytes)
<User777> err..sorry thats incomplete
<oly562> where can i remove splash...
<henkjan> reboot the server
<User777> pkts bytes target  prot opt in  out  source    destination
<oly562> it starts up in cmdline, there is no splash pic, gui, notta. i dont see where the splash line would be
<henkjan> in the grub boot menu you should be able to edit the parameters
<Jeeves_> !paste
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<User777> is the same for FORWARD and OUTPUT
<oly562> the server is not on at this time, im just asking for furture ref..
<Jeeves_> User777: See !paste
<henkjan> oly562: if the servers is starting up in cli. on which line is it 'hanging' ?
<User777> ah, yes sorry, thanks
<oly562> yah, i need to find that out... henkjan
<oly562> its been a month since i messed with it
<oly562> ill do that. and return later
<henkjan> oly562: okay
<oly562> i sorta remember, something, but not definitive
<Jeeves_> henkjan: that's about the same I said before :)
<henkjan> oly562: and don't call jeeves a dick again!!!!!
<Jeeves_> henkjan: It seems to help when you repeat stuff I say :)
<oly562> but one more thing, where would i remove this splash entry? in grub.conf?
<Jeeves_> oly562: #kopt in /boot/grub/menu.lst
<oly562> i call'em as i see'em
<oly562> ic.. menu.list got it
<henkjan> Jeeves_: its my authority!
<Jeeves_> henkjan: Ah!
<Jeeves_> Enlighten me!
<Jeeves_> oly562: No, menu.lst
<oly562> one last little question, about wireless ;) oh and Jeeves how bout just in grub dir
<henkjan> Jeeves_: recoverd from an busy saterdayafternoon? ;)
<Jeeves_> henkjan: Almost :)
<Jeeves_> oly562: Try writing a phrase
<User777> here it is    http://paste.ubuntu.com/136238/
<Jeeves_> That might help people understand what you try to say
<oly562> ok,  can i manually change my wireless nic signal, such as 2.4. to say, something higher, manually? i do not know if the nic is 5.x ghz but i do know its 2.4. its a wireless G nic
<Jeeves_> User777: Ok, so no firewalling
<oly562> im thinkin i can change the freq
<Jeeves_> User777: Now paste what's in /etc/resolv.conf
<oly562> any suggestions? if not, not big
<Jeeves_> oly562: No clue
<oly562> i will want to set up a wireless net on my server, is why
<User777> ahhhhh!
<oly562> henkjan: ? ur thoughts on wireless change of nic strength
<User777> lol..Thanks so much Jeeves!
<User777> i dont know what file name i typed in but nano must have created something elese
<oly562> ok, ill be back at a later time.. Njoy... l8
<User777> that resolve was blank so i filled it in and now reolving is happening
<Jeeves_> User777: coolio
<Jeeves_> have fun
<henkjan> olcafo: no thoughts on that. wireless is for homi!
<Jeeves_> :)
<henkjan> hmm, sorry olcafo. that wasnt for you
<domas> hi!
<Jeeves_> Hi!
<_ruben> ho!
<Jeeves_> Wat nou!
<rgreening> ScottK: ping
<ScottK> rgreening: Pong
<rgreening> ScottK: I really hate postgres
<mathiaz> kirkland: you mentionned that kvm 84 supported kvm-in-kvm.
<mathiaz> kirkland: is this also true for the hardy backport?
<rgreening> I still cant get postgres + openerp running
<kirkland> mathiaz: true, if you have an amd64 cpu
<ScottK> rgreening: Don't hate postgres.  It's not mysql after all.
<kirkland> mathiaz: and if you're running the kvm-source module
<mathiaz> kirkland: is there any specific options to be passed to kvm?
<kirkland> mathiaz: yes, i actually done that on my hardy backport test machine
<kirkland> mathiaz: yes, there is ...
<rgreening> ScottK: I have no idea where to go... I've read everything I can to see about getting this running.
<mathiaz> kirkland: I've been some beta testing and there is the last test case that deals with a virtual host - http://testcases.qa.ubuntu.com/Install/ServerWhole
<kirkland> mathiaz: -enable-nesting enable support for running a VM inside the VM (AMD only)
<mathiaz> kirkland: ah - and libvirt in hardy doesn't support that?
<kirkland> mathiaz: oh, hmm, probably not
<ScottK> rgreening: There are probably people here who can help you with the postgres stuff.
<kirkland> mathiaz: i got a post on my blog that makes me think that we might need to backport libvirt too, if we go this route
<mathiaz> kirkland: ok - I'll give a try using the command line then.
<mathiaz> kirkland: that wouldn't suprise me - we should think about the whole stack
<mathiaz> kirkland: and backporting the same version as in jaunty
<mathiaz> kirkland: so that we can be a more confident that things are stable in hardy
<kirkland> mathiaz: agreed
<rgreening> ScottK: this is the bug I am running into... http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516348
<uvirtbot> Debian bug 516348 in openerp-server "openerp-server: server cannot connect to database" [Important,Open]
<mathiaz> kirkland: at least we know that the combination of the different packages (version wise) work on Jaunty.
<ScottK> So at least it's not just you.
<kirkland> mathiaz: right
<mathiaz> kirkland: anyway - thanks for the pointer to the kvm option. I'll give it try later.
<ScottK> rgreening: Were the last comments helpful?
<kirkland> mathiaz: sure thing
<rgreening> ScottK: nope. not really...
<ScottK> rgreening: I've got no great ideas for you.
<rgreening> he
<rgreening> heh
<rgreening> stupid package being packages and not properly tested!
 * rgreening needs to kick someone
<Jeeves_> rgreening: ask someone to bend over
<rgreening> :)
<rgreening> volunteering?
<rgreening> :P
<Jeeves_> Nope :)
<Jeeves_> btw
<User777> hello again
<Jeeves_> why do we boot servers without any usefull output?
<Jeeves_> Why not remove splash and quiet from the grub commandline?
<Jeeves_> User777: Hi
<mathiaz> kirkland: the RAID bug (boot from degraded raid) is still there?
<kirkland> mathiaz: yes, that's what i'm working on
<User777> so..on this ubuntu server..i just installed and (i think) configured correctly proftpd....however i cant connect from filezilla on a windows machine....any ideas?
<kirkland> mathiaz: the latest mdadm release in debian solves the problem
<kirkland> mathiaz: i'm trying to isolate the fix
<kirkland> mathiaz: otherwise, i have a merge prepared
<Jeeves_> User777: Did you select inetd or standalone?
<User777> inetd
<kirkland> mathiaz: what do you think would be preferred?
<Jeeves_> User777: Is inetd installed?
<Jeeves_> User777: By default, it isn't
<User777> ah
<User777> i did not know that
<Jeeves_> which is kinda dumb in the proftpd package
<Jeeves_> User777: it's because of the 'no open ports by default' policy, i believe
<User777> will installing inetd now make it work..or will i have to then redo proftpd?
<Jeeves_> User777: The install should do the trick
<User777> inetd isnt in repository?
<mathiaz> kirkland: hm - looking at the changelog.
<mathiaz> kirkland: would the fix be included in 2.6.7.2?
<kirkland> mathiaz: the changelog entry seems to indicate so
<kirkland> mathiaz: i cherrypicked the one non-documentation patch in that release
<kirkland> mathiaz: this did NOT solve the problem
<mathiaz> kirkland: merging 2.6.7.2 would be easy since it's a bug fix only release
<kirkland> mathiaz: so i merged 2.6.8-12-gb47dff6-2
<kirkland> mathiaz: which did solve the problem
<User777> okay su just installed inetutil-inetd and am rebooting
<kirkland> mathiaz: this one looks tasty too: http://git.debian.org/?p=pkg-mdadm/mdadm.git;a=commit;h=2b4ca8f079335c1b3f345ec13da58699aaa0269d
<kirkland> mathiaz: let me try a merge of 2.6.7.2
<User777> thanks you so much
<User777> inetd did it
<User777> your the man (and or woman)
<mathiaz> kirkland: hm - according to ANNOUNCE-2.6.8: Release 2.6.8 contains various bug fixes and minor enhancements.
<mathiaz> kirkland: It seems like that fits the criteria for a FFexception.
<mathiaz> kirkland: I wouldn't upload 2.6.8 with an Exception as 2.6.8 is not a bug-fix *only* release.
<kirkland> mathiaz: right
<mathiaz> kirkland: I wouldn't upload 2.6.8 *without* an Exception as 2.6.8 is not a bug-fix *only* release.
<kirkland> mathiaz: i'm trying to merge 2.6.7.2
<cellofellow> changing the system password doesn't change the courier password. How do I change the courier pop/imap password? I've tried restarting the courier daemons but to no avail.
<cellofellow> never mind, I just didn't actually change my password :P
<mathiaz> kirkland: hm - regarding the RAID bug - booting a degraded RAID5 array works
<kirkland> mathiaz: okay, got a 2.6.7.2 merge building
<kirkland> mathiaz: lemme test
<mathiaz> kirkland: the RAID5 array boots with only 2 disks active.
<kirkland> mathiaz: with the mdadm that's in the archive?
<mathiaz> kirkland: however a RAID1 array doesn't boot
<mathiaz> kirkland: yes.
<kirkland> mathiaz: \o/
<kirkland> mathiaz: sweet, a merge of 2.6.7.2 works
<kirkland> mathiaz: let me upload the source to p.u.c
<kirkland> mathiaz: would you mind building/testing to confirm this?
<mathiaz> kirkland: no problem.
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid5_boot.png
<mathiaz> kirkland: ^^ this is the degraded raid5 array booting.
<mathiaz> kirkland: the same error message is still there - however the system is able to boot.
<kirkland> mathiaz: right, same here
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid5_boot_2.png <- the following messages
<kirkland> mathiaz: i get the error message
<kirkland> mathiaz: http://people.ubuntu.com/~kirkland/mdadm
<kirkland> mathiaz: you should be able to dget the source
<kirkland> mathiaz: note that i haven't sufficiently documented the merge in the changelog yet
<mathiaz> kirkland: http://paste.ubuntu.com/136289/
<mathiaz> kirkland: is the error message about MAKEDEV normal?
<kirkland> mathiaz: hmm, that doesn't look right
<kirkland> mathiaz: and i just ran it here, same thing
<olcafo> is ethereal not in the repositories?
<giovani3> olcafo: ethereal changed its name to wireshark in 2006
<mathiaz> kirkland: 2.6.7.2 doesn't fix the RAID bug.
<olcafo> oh, thanks. Odd that I could'nt find this info online.
<mathiaz> kirkland: the system fails to boot from a degraded RAID1 array.
<kirkland> mathiaz: fark
<giovani3> olcafo: what were you searching for?
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid1_boot.png
<giovani3> olcafo: the second google result for "ethereal" is wireshark
<mathiaz> kirkland: do you have an idea why a degraded RAID5 array would boot while a degraded RAID1 wouldn't?
<kirkland> mathiaz: i don't ...  but i almost want to throw this back to kernel space
<kirkland> mathiaz: b/c we're still getting that gnarly kernel message
<kirkland> mathiaz: which simply cant be right
<kirkland> mathiaz: okay, i've verified that the /dev/MAKEDEV problem has been around for before the current changes
<kirkland> mathiaz: not that it's right, but it's been there for a little while
<ScottK> SDGathman: Right.  I understand that.  I don't think the pypolicyd-spf is packaged for Fedora.  That's likely easy enough.
<ScottK> Sorry.  Wrong channel.
<kirkland> mathiaz: try this ...
<xyberpix> Hi all
<kirkland> mathiaz: sudo dpkg-reconfigure mdadm
<kirkland> mathiaz: choose the boot-degraded=yes
<xyberpix> I really hope that someone can help me out here
<kirkland> mathiaz: see if that gets you to boot degraded
<xyberpix> I'm getting major slow responses when copying files to my 8.10 samba server
<xyberpix> has anyone got any pointers?
<xyberpix> I've added the default socket options as well
<xyberpix> so no one's had problems with samba on Ibex then?
<kirkland> xyberpix: https://bugs.edge.launchpad.net/ubuntu/+source/samba
<xyberpix> kirkland: tnx
<mathiaz> kirkland: nope - I'm still dropped to a busybox prompt.
 * Jeeves_ is gone
<Jeeves_> see ya
<mathiaz> kirkland: that's with mdadm 2.6.7.2 and after having run dpkg-reconfigure mdadm with boot degraded set to yes.
<kirkland> mathiaz: jeebus
<mathiaz> kirkland: I didn't get the question on reboot and got dropped directly to the busybox prompt
<mathiaz> kirkland: I can see the same error messages
<kirkland> mathiaz: right
<kirkland> mathiaz: that's the expected behavior when you answer the question ahead of time
<kirkland> mathiaz: okay, try this ...
<kirkland> mathiaz: install an upstream 2.6.29 kernel from http://kernel.ubuntu.com/~kernel-ppa/mainline/v2.6.29-rc8/
<kirkland> mathiaz: in my experience, that made the error messages, as well as the problem go away
<mathiaz> kirkland: ok.
<mathiaz> kirkland: I also noticed in the mdadm 2.6.8 changelog entry mention about adding support for kernel 2.6.28
<kirkland> mathiaz: oh really ....
<kirkland> mathiaz: do you want to try my 2.6.8 merge too?
<kirkland> mathiaz: before updating your kernel?
<rgreening> ScottK: The docs for setting up openerp v5 are all wrong.
<mathiaz> kirkland: sure -
<mathiaz> kirkland: let's try 2.6.8
<ScottK> rgreening: Sounds fun ....
<rgreening> ScottK: not really. Just found the correct way, and it crashes in building the db
<rgreening> go figure.
<kirkland> mathiaz: http://people.ubuntu.com/~kirkland/mdadm
<kirkland> mathiaz: any better luck with 2.6.8?
<kirkland> mathiaz: fwiw, i just tested 2.6.29 and it boots degraded very cleanly, exactly as expected, no nasty error messages
<mathiaz> kirkland: \o/
<mathiaz> kirkland: 2.6.8 boots
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid1_boot_success.png
<mathiaz> kirkland: there is the same error message though.
<kirkland> mathiaz: right
<kirkland> mathiaz: but 2.6.8 is definitely an improvement
<mathiaz> kirkland: but the system boots from the degraded RAID1 array.
<kirkland> mathiaz: i can clean up the merge changelog entry and try to get an FFe approved
<kirkland> mathiaz: can you also try the 2.6.29 kernel?
<kirkland> mathiaz: you should see no error message at all there
<mathiaz> kirkland: FYI I have oopses on dmesg
<mathiaz> kirkland: probably related to the error message
<kirkland> mathiaz: yeah
<mathiaz> kirkland: I'm going to try 2.6.29.
<mathiaz> kirkland: I though I tried your 2.6.8 merge
<mathiaz> kirkland: hm - nm.
<kirkland> ?
<mathiaz> kirkland: yeah - I was reading the scrollback
<kirkland> mathiaz: what version of mdadm did work?
<mathiaz> kirkland: 2.6.8
<kirkland> mathiaz: k
<mathiaz> kirkland: the one currently in http://people.ubuntu.com/~kirkland/mdadm/
<kirkland> mathiaz: k
<kirkland> mathiaz: yeah, that's 2.6.8
<kirkland> mathiaz: fwiw, 2.6.7.2 also worked for me
<kirkland> mathiaz: but you reported that that one did not work for you
<mathiaz> kirkland: yes - 2.6.7.2 didn't work for me.
<kirkland> mathiaz: okay, i'm glad you're around to double-check these
<mathiaz> kirkland: what are you test cases?
<mathiaz> kirkland: I'd like to know why your tests are successful while mine aren't
<kirkland> mathiaz: boot with both disks
<kirkland> mathiaz: make sure they're sync'd
<kirkland> mathiaz: reboot once with both disks, make sure that works
<kirkland> mathiaz: install some version of mdadm
<kirkland> mathiaz: poweroff
<kirkland> mathiaz: boot with one of the 2 disks attached
<kirkland> mathiaz: rejoice on boot, cry on initramfs
<mathiaz> kirkland: I've just rerun dpkg-reconfigure mdadm on a system that is already running a degraded RAID1 array.
<mathiaz> kirkland: and ask to not boot from a degraded array.
<kirkland> k
<kirkland> mathiaz: now you'll get the prompt
<mathiaz> kirkland: however on boot the system still boots without asking a question
<kirkland> mathiaz: oh, right
<kirkland> mathiaz: note the wording of the question ...
<kirkland> mathiaz: "newly degraded"
<mathiaz> kirkland: yes :) - so it's the expected behavior.
<kirkland> mathiaz: once a system has booted a degraded raid, it expects that that is the current behavior
<mathiaz> kirkland: ?
<kirkland> mathiaz: we've discussed this before ....
<mathiaz> kirkland: ok.
<kirkland> mathiaz: this is why my test case includes this step:
<kirkland> <kirkland> mathiaz: make sure they're sync'd
<kirkland> mathiaz: so after i'm done with a round of testing, to "reset", i boot with both disks attached
<kirkland> mathiaz: re-add to the array if necessary, and wait for the sync to complete
<kirkland> then
<kirkland> <kirkland> mathiaz: reboot once with both disks, make sure that works
<mathiaz> kirkland: right.
<mathiaz> kirkland: BTW 2.6.29 doesn't show any error message
<kirkland> mathiaz: \o/
<kirkland> mathiaz: would you confirm that in https://bugs.edge.launchpad.net/ubuntu/jaunty/+source/linux/+bug/334994 ?
<uvirtbot> Launchpad bug 334994 in linux "Degraded RAID boot fails: kobject_add_internal failed for dev-sda1 with -EEXIST, don't try to register things with the same name in the same directory" [High,Confirmed]
<kirkland> mathiaz: i *firmly* believe this is a kernel issue
<mathiaz> kirkland: 2.6.8 is able to boot from degraded RAID1 array - with 2.6.28 there are messages in the kernel log, while 2.6.29 is quiet
<kirkland> mathiaz: yes
<kirkland> mathiaz: that's exactly my experience
<mathiaz> kirkland: wrt to you tests - I'm not doing the reset step when the system was failing to boot from a RAID1 array.
<mathiaz> kirkland: Multiple reboot would still lead to have the question asked.
<mathiaz> kirkland: I guess this is the expected behavior.
<kirkland> mathiaz: right, until you successfully boot with one disk
<kirkland> mathiaz: which you hadn't really done before you used the 2.6.8 package
<kirkland> mathiaz: once you've done that, you've told the system, "It's cool--we can boot with one disk"
 * mathiaz nods
<mathiaz> kirkland: so why 2.6.7.2 was working for you but not for me?
<kirkland> mathiaz: and it says, "Okay, cool.  Degraded is now the known state of your array."
<kirkland> mathiaz: that's a good question
<mathiaz> kirkland: bug 334994 updated
<uvirtbot> Launchpad bug 334994 in linux "Degraded RAID boot fails: kobject_add_internal failed for dev-sda1 with -EEXIST, don't try to register things with the same name in the same directory" [High,Confirmed] https://launchpad.net/bugs/334994
<mathiaz> kirkland: I've added the kernel oops from /var/log/kern.log
<mathiaz> kirkland: hm - I may have found a regression with kvm 84 on hardy. It seems that the shutdown command doesn't send the proper ACPI signal to the guest
<mathiaz> kirkland: I used to be able to do a clean shutdown on the guest with the command virsh shutdown vm-id.
<mathiaz> kirkland: that doesn't seem to work anymore.
<mathiaz> kirkland: (at least with a jaunty guest)
<mathiaz> kirkland: are you aware of this?
<kirkland> mathiaz: i am not
<mathiaz> kirkland: I'll do more testing to make sure it's kvm 84 and not jaunty that is broken
<mathiaz> kirkland: I'll file a bug against kvm if needed.
<kirkland> mathiaz: okay
<moz_> at the moment i am setting the key and essid of my wireless usb device by using "iwconfig" and dhclient to connect to it, is there a way fro mthe terminal I can set all those things to happen automatically instead of doing it each itme
<moz_> *time
<kirkland> mathiaz: https://bugs.launchpad.net/bugs/337763
<uvirtbot> Launchpad bug 337763 in virt-manager "[jaunty] regression: virt-manager reboot action is non-functional" [Medium,New]
<kirkland> mathiaz: that might be your acpi issue?
<mathiaz> kirkland: let me try with a hardy guest and see if the shutdown command is sucessful
<mathiaz> kirkland: hm - seems like it.
<mathiaz> kirkland: virsh shutdown hardy-base is able to sucessufuly shutdown the guest
<kirkland> mathiaz: so hardy shuts down, but jaunty does not?
<mathiaz> kirkland: yes.
<mathiaz> kirkland: and this is with kvm 84 on a hardy host
<kirkland> sounds like a bug in jaunty kernel, right?
<olcafo> I have this problem with Intrepid host running 8.10 and 7.10 clients.
<olcafo> havent' tried hardy guests.
<mathiaz> kirkland: yes I don't think it's the same bug as reported by jdstrand
<mathiaz> olcafo: do you have the acpid daemon running in your guests?
<mathiaz> olcafo: and did you boot your guest with acpi enabled (from the host)?
<olcafo> 7.10's is not. I'm not sure about 8.10
<mathiaz> olcafo: you need acpid running in your guest other wise the ACPI shutdown signal is not process by your guest.
<olcafo> that machine is not available to me at the moment. I'll have to check that later.
<olcafo> mathiaz, that makes sense. I didn't really think of it as a problem that needed fixing though :P, just an inconvinience at the moment.
<orudie> hi, anyone familiar with zoneedit? i need some help with their nameservers, its kind of confisuing
<kirkland> mathiaz: http://git.debian.org/?p=pkg-mdadm/mdadm.git;a=blobdiff_plain;f=Assemble.c;h=3ee028b461619a1379827e1bfce84c245a1aebfc;hp=1d3787022adec681aec9ddbb3e3ef98e2dfcfb35;hb=4e9a6ff778cdc58dcc6897e74cf5ee1d3f73e1f7;hpb=22eba5121632c4b26541fbb04209a90b93c24bcc
<mathiaz> kirkland: this is a very simple fix :)
#ubuntu-server 2009-03-24
<mathiaz> kirkland: is the good one?
<kirkland> mathiaz: i don't know yet
<kirkland> mathiaz: testing
<kirkland> mathiaz: i'm looking at each of about a dozen functional commits
<kirkland> mathiaz: i think that last git patch is the winner
<mathiaz> kirkland: oh - good news. Now does the last patch rely on changes made by previous patches?
<kirkland> mathiaz: no ...
<kirkland> mathiaz: i applied just that little patch
<kirkland> mathiaz: i'm pushing to p.u.c
<mathiaz> kirkland: great - I'll test it
<kirkland> mathiaz: dget http://people.ubuntu.com/~kirkland/mdadm/new/mdadm_2.6.7.1-1ubuntu8.dsc
 * kirkland crosses his fingers
<mathiaz> kirkland: hm - :/
<mathiaz> kirkland: ubuntu8 doesn't fix the problem.
<mathiaz> kirkland: booting from a degraded RAID1 array still fails.
<Stargazer> How can i get ubuntu server to auto-mount 'new' devices that connect(physically).
<Stargazer> *?
<kirkland> mathiaz: wtf
<kirkland> mathiaz: okay, we have some disconnect between your testing and mine
<kirkland> mathiaz: this is probably back to why 2.6.7.2 works for me and not for you
<mathiaz> kirkland: this time I made sure that both disks were in sync before unplugging one of them
<kirkland> mathiaz: so both disks were sync
<kirkland> mathiaz: you installed the newly built package
<kirkland> mathiaz: it updated the initramfs
<giovani3> Stargazer: usb devices? try looking into usbmount
<kirkland> mathiaz: you powered off
<kirkland> mathiaz: booted up with only 1 of the 2 devices
<giovani3> Stargazer: http://usbmount.alioth.debian.org/
<kirkland> mathiaz: and it dropped you to initramfs?
<mathiaz> kirkland: yes
<Stargazer> Does that package generally mount all devices, like SD cards and external HDDs(via USB)
<Stargazer> *?
<giovani3> Stargazer: well, considering SD cards are never directly connected to the system ... yes
<giovani3> SD cards are almost always fed through a USB SD reader
<mathiaz> kirkland: let me rerun dpkg-reconfigure mdadm - to make sure that initramfs is updated
<kirkland> mathiaz: k
<Stargazer> Giovani3, my laptop has an SD port.
<giovani3> Stargazer: however, servers don't typically have usb/sd devices plugged into them often
<Stargazer> What does Ubuntu Desktop use then ?
<giovani3> Stargazer: why would you be using laptop hardware to run a "server"?
<giovani3> I believe it uses usbmount
<giovani3> why?
<Stargazer> Giovani3: it's light, doesn't distract me with GUIs and... i can concentrate!
<giovani3> Stargazer: do a lot of text web browsing then? heh
<Stargazer> No.
<Stargazer> Typically: i don't web browse using Lynx/other.
<Stargazer> I may chat... if i have a connection.
<mathiaz> kirkland: http://paste.ubuntu.com/136364/ <- this is the kvm command line used to start the vm by libvirt
<giovani3> I wouldn't find non-gui terminals very useful on a physical machine
<giovani3> but to each their own
<mathiaz> kirkland: and yes - I can confirm that it cannot boot from a degraded RAID1 array.
<giovani3> servers, should definitely never have guis on them -- but I don't usually sit in front of keyboards connected to servers :)
<kirkland> mathiaz: erg
<mathiaz> kirkland: I'm still dropped to the busybox shell even if I ask to boot from a degraded array.
<kirkland> mathiaz: my test env must be polluted in some way
<kirkland> mathiaz: i'm going to create some virgin images
<kirkland> mathiaz: okay, i gotta run for a bit
<kirkland> mathiaz: i'm going to drop for a while
<kirkland> mathiaz: how big is the .img file you're working with?
<kirkland> mathiaz: any chance you can set the password to 'ubuntu' or something and upload it to p.u.c ?
<kirkland> mathiaz: and i'll test against it?
<mathiaz> kirkland: hm - mdadm 2.6.8 also fails now
<mathiaz> kirkland: the images are around 1 Gb.
<mathiaz> kirkland: we can continue debugging this issue tomorrow.
<mathiaz> kirkland: I'll have fresh new images anyway since the -server iso are respun.
<uvirtbot> New bug: #346571 in samba (main) "libpam-smbpass breaks sudo" [Undecided,Incomplete] https://launchpad.net/bugs/346571
<Stargazer> Does server use X ?
<mathiaz> Stargazer: no
<Stargazer> Ty.
<{bosco}> anyone know of a good website tracker????
<{bosco}> for ubuntu server
<twb> wget.
<{bosco}> huh wget
<JanC> what do you mean by "website tracker" ?
<{bosco}> like webalizer ???
<{bosco}> JanC,
<{bosco}> and awstats
<{bosco}> need to know the best one
<{bosco}> !info awstats
<ubottu> awstats (source: awstats): powerful and featureful web server log analyzer. In component main, is optional. Version 6.7.dfsg-5ubuntu0.1 (intrepid), package size 887 kB, installed size 4892 kB
<{bosco}> !info webalizer
<ubottu> webalizer (source: webalizer): web server log analysis program. In component universe, is optional. Version 2.01.10-32.2 (intrepid), package size 337 kB, installed size 1528 kB
<JanC> {bosco}: I suggest you look for log analyzer or such, and webalizer & awstats are probably fine
<{bosco}> that is what i thought i would install awstats
<JanC> if you are used to one of these, then use it for now
<renatokrause> Good night
<{bosco}> JanC, i am more used to webalizer
<giovani3> or you can use google
<JanC> then use it, and maybe check the others in a test environment to investigate if they might be better in the future
<JanC> (better for you)
<{bosco}> giovani3, lol
<giovani3> {bosco}: ?
<giovani3> google's web stats are good
<{bosco}> giovani3, i know just thought it was kinda funny to hear you say that i guess
<{bosco}> they are good
<TwoToneSpirit> Hello.  Is there a graphical FTP server?
<giovani3> TwoToneSpirit: GUIs are not supported in #ubuntu-server
<{bosco}> net2ftp TwoToneSpirit is that what yo umean
<giovani3> I don't know why you'd run linux and then want a "graphical ftr server" anyhow
<{bosco}> something like that
<{bosco}> i know lol
<giovani3> net2ftp seems to be a web-based ftp client ...
<scopecreep> can you guys recommend anything more detailed than phpsysinfo to monitor my server remotely?
<giovani3> scopecreep: ssh, and learning the shell
<shrimp> question:  is 2mb upstream plenty "in your opinion" to run a decent server?
<TwoToneSpirit> giovani3:  Well some people don't want to use the terminal, but still want to be able to grab a list of people logged into their FTP.
<giovani3> htop is your friend
<giovani3> TwoToneSpirit: well, I suggest you learn, really
<{bosco}> look into net2ftp
<TwoToneSpirit> giovani3:  Come on now, that's not a good attitude.  Of course I can deal with the command line, but as you understand I'm sure, there are many people out there who aren't computer people, but still want to have working features.
<giovani3> TwoToneSpirit: it's an appropriate attitude, I think -- I don't know of a single "graphical" ftp server for linux -- it's possible they exist -- but if that's the type of software you desire, you're unlikely to be happy with linux in general
<scopecreep> i can use the shell but i dont want to have to ssh in just to see cpu load and whatnot
<mattmitchell> could someone give me some advice on whether or not i should setup my own email server (no experience) OR just use something like google apps?
<giovani3> mattmitchell: it all depends on your aptitude, and willingness to try things out
<TwoToneSpirit> giovani3:  Well, the point is that we need to develop a solution so that people who want a GUI environment *are* happy.  I have turned many people on to Ubuntu who don't know or care about the command line, but unfortunately, if they want to run an FTP server, I have to tell them to wait.  And I don't like making people wait when it means continuing to run non-free software.
<mattmitchell> giovani3: i see. so, what I'm worried about is getting hacked, or spam. i don't mind spending time setting things up and learning though.
<giovani3> TwoToneSpirit: I do not agree -- first of all, ubuntu doesn't write software, second of all -- GUIs on servers should never, and hopefully never will be supported by ubuntu -- different distributions have different opinions on this
<giovani3> TwoToneSpirit: if you want GUIs, linux is probably not for you
<giovani3> if you think it is -- RedHat is probably more your style
<giovani3> mattmitchell: postfix, by default, is secure -- spam is totally separate, and is difficult for anyone to battle
<mattmitchell> giovani3: ok that's a good start though. do you have any good references for dealing with spam when using postfix?
<giovani3> mattmitchell: I'd recommend hosting your mail with google -- and playing around on a test machine until you feel comfortable
<giovani3> mattmitchell: yep, the postfix website has lots of links for that -- look into greylisting, RBLs, and spamassassin
<mattmitchell> giovani3: yeah, that sounds like a good idea!
<shrimp> <---just signed up for roadrunner business class account, 15mb downstream and 2mb upstream, will this be plenty for a decent server, or will I require more?
<mattmitchell> giovani3: cool. thank you :)
<giovani3> shrimp: there are no guidelines -- it just depends on what you need to use the server for
<giovani3> clearly, as long as you need less than 2Mbps ... you'll be covered -- however, roadrunner has pretty crappy SLAs, and, I wouldn't consider it very reliable for something mission-critical, if you plan to host mail on that connection, I'd make sure you have a backup mx provider elsewhere on the internet
<shrimp> not running a dns server, go through dyndns
<TwoToneSpirit> giovani3: The phrase "linux is probably not for you" needs to be phased out of our vocabulary.  The slogan "Linux for human beings" must begin to mean something.
<giovani3> TwoToneSpirit: I don't represent Canonical, therefore, my views don't have to be, and really, shouldn't be in line with theirs
<giovani3> linux is an open place -- everyone is welcome to their view
<giovani3> it's an official (so I've been told) policy of this support channel that GUI-related requests are not to be handled here
<shrimp> have experiance with rr giovani?
<giovani3> shrimp: yep
<shrimp> what happened?
<shrimp> I hear nothing but good around here
<giovani3> shrimp: they're a low-class isp in my experience, but, my requirements may be different from yours
<shrimp> maybe a difference in managment?
<TwoToneSpirit> giovani3:  No, of course not - I didn't mean to say that you need to conform in any way.  All I was saying is that it behooves all of us to have a gentle approach and a warm atmosphere - "linux is not for you" will obviously scare some people away.
<shrimp> it's just to start anyway, a community based website with joomla, I shouldnt have any problems with it just as a starting point I wouldnt think
<giovani3> TwoToneSpirit: I don't believe that everyone needs to be welcomed with open arms no matter what the request -- there are idealogical differences between different distributions, and operating systems, GUIs on servers is a pretty clear-cut one, most people in the linux community would be horrified to see one on a server, and to have you insist on one, is not gonna get you far with most linux folk
<shrimp> X on a server, lmao NEVER
<shrimp> if a person doesnt know how to ssh into a server, or install and use Linux without a GUI, they really dont need to be setting up a server "just my opinion of course"
<{bosco}> www.boscoslife.com permission denied www.boscoslife.info works fine both on same server both used to load fine can someone help me :??????
<shrimp> anyone had any GOOD experiences with rr business class?
<orudie> is there a good free ssh client for blackberry ?
<shrimp> no
<Votan> ello
<shrimp> no
<nrich> how do I install the xen kernel for ubuntu, so that it can be paravirtualized ?
<shrimp> man, ubuntu doesnt include the ROUTE target
<shrimp> man, ubuntu doesnt include the ROUTE target
<shrimp> yea I know, isnt that a shame?
<shrimp> yes it is
<shrimp> I wanted it, so I didnt have to recompile
<shrimp> I know!
<{bosco}> anyone here awstats problems premission problems when sudo -u www-data /usr/bin/perl /usr/lib/cgi-bin/awstats.pl -update -config=www.boscoslfe.com error message here http://pastebin.com/m49a8d708
<BentFranklin> I installed postfix on my Kubuntu 8.10.  I think it is configured correctly (maybe).  I'd like to test it.  Now I believe I need a MUA to compose email.  Is that correct?
<jmarsden> BentFranklin: Well, you could telnet localhost 25 and type in SMTP commands to do it, if you know enough SMTP.  But for most normal humans, using an MUA is preferred :)
<BentFranklin> So, Thunderbird is an MUA right?  Is MUA roughly equivalent to "email client"?
<BentFranklin> Are you aware of any MUA's that support command line composition (for shell scripts)?
<jmarsden> You can't run Thunderbird on Ubuntu Server... the server has no GUI.  Command line MUAs include mutt and bsd-mailx
<jmarsden> Example shell command to send email:   echo "This is my message" | mail -s "my subject" someone@example.com
<BentFranklin> Sweet. Just what I need.
<BentFranklin> In your example, 'mail' might be replace by 'mutt'?
<jmarsden> No, use mail.  mutt is a client that uses the whole screen , mail (really /usr/bin/bsd-mailx underneath) can be non-interactive.
<BentFranklin> Ok, I'll apt-get bsd-mailx.  Thanks a lot jmarsden!
<twb> "the server has no GUI" is utter bollocks.  An X client and/or X servers can be installed on an Ubuntu Server system just as easily as on any other Ubuntu system.  Whether it's *advisable* to do so is another matter.
<BentFranklin> Anyway I have Kubuntu 8.10
<BentFranklin> I asked in here because they told me to the other day on #kubuntu
<twb> You could say "no GUI is installed by default" or "ubuntu server has no GUI by default".
<jmarsden> This IRC channel is for support of Ubuntu Server.  Which comes with no GUI, and questions about GUIs and GUI applications or installing GUIs on servers are unlikely to be well received here, in general... that is not what this channel is for.
<BentFranklin> How do people traditionally configure their ubuntu servers - with console emacs maybe?
<twb> BentFranklin: IMO it is silly to install an fullscreen editor on a server, when cat and ed work perfectly well.  Or using Emacs' TRAMP from a remote machine.
<jmarsden> With whatever text editor they choose, yes.  Emacs, vi, nano, whatever.
<twb> BentFranklin: certainly most servers I know run without a screen or keyboard attached.
<BentFranklin> I see, you run your editor on a remote machine
<BentFranklin> I installed bsd-mailx and it installed a bunch of exim stuff.  Also it said "* Starting MTA ...done."  Will this conflict with postfix?
<jmarsden> That's a little odd.  Did it uninstall postfix??  if not you should be fine.
<jmarsden> You can always do   telnet localhost 25    and see what the banner line from the MTA says, if you are not sure whether postfox or exim is running on your machine.
<BentFranklin> It says exim
<BentFranklin> Oops! My bad.  I got my hosts confused.
<jmarsden> You might want to put the hostname in your shell prompt to help avoid that... PS1='\u@\h:\w\$ '   in bash, for example.
<BentFranklin> Actually I have that already...
<jmarsden> Ah... you installed bsd-mailx on some other machine that did not have postix on it... right? Hence the accidental exim installation?
<BentFranklin> On the correct system it did not install exim (because there was already an MTA I assume)
<jmarsden> Right.
<twb> I have noticed that various packages in Ubuntu inconsistently recommend exim4 | m-t-a, postfix | m-t-a, or even just m-t-a (which defaults to cyrus, ffs)
<twb> I don't think any MTA is installed by default.
<twb> Anyway, I recommend you use postfix instead of exim4.
<p_quarles> twb: well, you're wrong
<BentFranklin> It works perfectly.  Thank you sirs!
<p_quarles> twb: anyway, exim4 is installed by default in any version of Ubuntu; and an MTA is a fundamental element of any Linux distro
<twb> p_quarles: that's not true.  On desktop Ubuntu, exim4 is *definitely* not installed.
<twb> p_quarles: this is different to Debian, which now installs exim4 but leaves it unconfigured -- so the mail is accepted but never goes anyway.
<twb> s/anyway/anywhere/
<twb> That's assuming you don't uncheck the "standard" task on Debian, of course.
<infinity> p_quarles: "You're wrong" isn't the best way to jump into a conversation.
<infinity> p_quarles: And, for the record, we've not installed any MTA by default on Ubuntu for years now, and back when we did, it was postfix, not exim.
<infinity> p_quarles: (And this isn't a religious issue, it's fact.  For the sake of religion, I'll state that I'm an exim user)
<twb> The main reason I avoid exim4 isn't because it's crap, but because I don't know anybody that uses it -- apart from a small subset of hard-core Debian users.
<twb> Most of the Debian *and* CentOS users I know use postfix, so I can easily discuss problems and learn good ideas about it.
<infinity> twb: It's got a pretty massive install base, actually.  But I tell people to stick with that they know.  MTAs are confusing beasts, and changing to the flavour of the month so the cool kids will like you isn't all that sane.
<twb> infinity: install base of people who got it because it was the default, or installed base of people who actually understand it, more or less?
<infinity> twb: A massive install base of real sysadmins, not accidental users, yes. :)
<twb> Fair enough.
<infinity> twb: And I'd argue that a large portion of postfix's install base is accidental users too, since it's a common recommendation for people to install for a "just works" MTA.
<infinity> (Hence why it's really hard to find someone who can answer difficult postfix questions... And why I never let lamont out of my sight)
<twb> Shrug.
<infinity> But, yeah.  It'a all about what you're comfy with, IMO.
<infinity> They're both powerful enough to do whatever you want, if you know how to make 'em do it.
<infinity> *shrug*
<twb> infinity: is there an exim channel as there is #postfix?
<{bosco}> can anyone help me out never had to use sudo to change anything in root http://pastebin.com/m7e329d86
<{bosco}> ::::""""???\
<infinity> twb: Probably.  I don't tend to look for support for it.  The exim spec (the manual) is pretty comprehensive.
<{bosco}> i run a vps
<kraut> moin
<Skaag> moin
<Jeeves_> OLA!
<_ruben> hm .. icecream? :)
<uvirtbot> New bug: #347788 in openvpn (universe) "OpenVPN client does not recognize WLAN connections" [Undecided,New] https://launchpad.net/bugs/347788
<AlexC_> g'morning
<AlexC_> yesterday I was working on expanding an EXT3 partition as it was only 260mb in size, all was working fine until I have resized the partition with 'resize2fs', I restarted and now upon boot GRUB is spitting out error 22
<AlexC_> basically, sda3 was 260 mb and sda2 (which I did not need) was 2gb. Talking with someone here I 'dd' sda3 to sda3, deleted the partitions and re-created a partition starting where sda2 started, then end where sda3 ended. This seemed to work, and IIRC I managed to reboot just fine. Issue seems to be after I ran resize2fs to expand the 260mb filesystem to fill up the now 2gb size of sda2
<AlexC_> I do have console redirection for this server provided via DRAC, so at least I can poke it from here =) Any help would be greatly appreciated
<soren> AlexC_: ..so you have access to grub?
<AlexC_> soren, well I thought so - however I was not promoted to press 'e' or what ever it is to edit grub, before it attempts to load (ie, it goes stage 1.5 straight to error 22)
<soren> Ah.
<AlexC_> looking though this RAC we have, I may be able to virtually add a media device, so a live 'CD' should do the trick
<AlexC_> when I get into a live cd, what could the issue be?
<soren> I think the problem is that the partition where it goes looking for the stage2 loader and the configuration file is encoded into the stage1.5 loader.
<soren> Let me think for a second..
<AlexC_> I still have a backup of the original partition, and an iso of the partition before I did resize2fs btw, in case that will be of any help
<soren> AlexC_: I don't think that will help much.
<soren> AlexC_: Did you boot the live cd yet?
<simplexio> AlexC_: iso , do you mean dd image ?
<AlexC_> soren, not yet, got some issues with installing the browser plugin to let me do it
<simplexio> AlexC_: created using dd if=/dev/sd? of=image.img
<AlexC_> simplexio, yes
<simplexio> AlexC_: you can restore data using dd
<AlexC_> mmhmm, trouble is I am locked out currently =)
<simplexio> AlexC_: need livecd because your grub is broken
<AlexC_> I know
<AlexC_> just getting that Live CD working is tricky when Dell decide that everyone should be using 32bit Windows XP and MSIE6
<simplexio> AlexC_: you probably deleted /boot/ dir or something .. if i rcall right installed grub only need data in mbr + /boot/grub/ directory stuff
<AlexC_> urgh, why do companies spit out software that simply does not work is beyond me
<AlexC_> especially on something so vital as this
<AnRkey> how can i send a test job to lpd remotely?
<AnRkey> i know the queue and ip
 * AnRkey will hug whoever knows
<AlexC_> soren, ah, finally - I am in the live cd
<AlexC_> I had to install Firefox 2, manually install the Dell Firefox extensions and run the browser as root! How insanely insecure and stupid is that
<simplexio> damn www-proxy is broken.. have to use links2 to browsing from server :)
<simplexio> nice day in work
<embrik> I want my ubuntu hardy server to be a domain controller and that my pupils can log on to every workstations at school with a roaming profile - I haven't found any howto on this - does anyone know?
<embrik> someone has told me it is difficult. I use debian-edu (skolelinux) today, but it doesn't appeal to the users
<AlexC_> is it possible to edit the grub menu before Error 22 kicks in? I thought it was possible to do
<AlexC_> just this live cd is incredibly slow over a network
<soren> AlexC_: No, I'm afraid not.
<soren> AlexC_: Error 22 is about grub not being able to find the partition with the stage 2 loader on it.
<soren> ...and that's what has the menu and all that.
<AlexC_> oh, cool. Though it would be possible to re-install GRUB if/when I get into this live cd?
<soren> Yes.
<AlexC_> what would be  the most lightweight/smallest live CD to boot from to do this? Net connection here isn't the best, currently got the System Rescue CD running, though yet to get into it due to sheer size
<AlexC_> well, not live cd - just to get a console
<XiXaQ> any experiences regarding jaunty server? Is it mostly stable now, or will there still be radical changes? I'm not going to use it for a stable production system, but I have a slow connection at home, so I'd prefer to avoid downloading so many updates.
<AlexC_> XiXaQ, it's not at a stable release, I think that answers the question
<rst-uanic> XiXaQ: if you do not want many updates you should wait for couple of weeks after release
<XiXaQ> but the feature freeze is in effect after alpha 6?
<AlexC_> XiXaQ, which in theory means it will be at its buggiest, as they will now focus on bug fixes
<rst-uanic> XiXaQ: FF was in the February according to https://wiki.ubuntu.com/JauntyReleaseSchedule
<XiXaQ> yes, I was looking at it.
<rst-uanic> XiXaQ: and what do you mean by a slow connection?
<XiXaQ> a 3g connection with bad reception; 200Kbps in average.
<rst-uanic> oh
<rst-uanic> but you can download iso, install it and never update until final release
<XiXaQ> so, if I get 300MBs of updates daily, then it really isn't worth it. :)
<rst-uanic> XiXaQ: yeah)
<XiXaQ> what I want to do, is explore it and its new features so that I'm ready to start working seriously with it when it's released and stable.
<rst-uanic> XiXaQ: wait for beta (two days I think) and try it then
<rgreening> ScottK-desktop: ping
<rgreening> ping ScottK2
<rgreening> I need a FFe for python-django-tagging. Current package is broken. New svn snapshot corrects this.
<rgreening> bug/347882
<rgreening> bug 347882
<uvirtbot> Launchpad bug 347882 in python-django-tagging "FFe for python-django-tagging" [Undecided,New] https://launchpad.net/bugs/347882
<rgreening> I have a package prepared for upload
<ScottK-desktop> rgreening: I'd say fix it then (that's an FFe with my server guy I can so OK by myself hat on).
<XiXaQ> does Darwin Calendar Server in jaunty support LDAP or PAM for users and groups?
<rgreening> ScottK-desktop: ok. I'll upload
<rgreening> ScottK-desktop: uploaded
<rgreening> yay. first upload as motu :P
<rgreening> ScottK-desktop: ping
<kirkland> mathiaz: i just install a raid1 from today's iso
<kirkland> mathiaz: boot-degraded magically works
<kirkland> mathiaz: can you test it out, and see if i'm completely insane?
<mathiaz> kirkland: and will test it out and confirm whether you're insance or not
<mathiaz> kirkland: and will test it out and confirm whether you're *insane* or not
<kirkland> mathiaz: :-)
<kirkland> mathiaz: i installed from today's server iso
<kirkland> mathiaz: i think that's important
<mathiaz> kirkland: 20090324.2?
<kirkland> mathiaz: 7f2d68febda3d67c9dbae8b6d3011281  jaunty-server-amd64.iso
<mathiaz> kirkland: ok - I'm using the same iso
<kraut> are there any best practises how to use iscsi?
<kirkland> mathiaz: i'm going to test it one more time, with a different partitioning scheme
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid1.preseed
<mathiaz> kirkland: ^^ this the preseed I'm using for installing the system
<kirkland> mathiaz: thanks, reading....
<mathiaz> kirkland: look at expert_recipe to get the exact partition scheme I'm using
<kirkland> mathiaz: okay, so no separate /boot partition
<kirkland> mathiaz: i'm going to go test that now
<ivoks> hello
<mathiaz> ivoks: hi
<ivoks> mathiaz: do you have 5 minutes?
<AlexC_> I need a lightweight cd that either a) will let me install grub b) uses grub to boot an existing partition. Anyone have any ideas what I can use?
<mathiaz> ivoks: sure
<mathiaz> ivoks: I won't be able to attend the meeting as I have an appointment at the same time
<ivoks> mathiaz: regarding dovecot-postfix
<ivoks> mathiaz: ok, then it's even better to talk about this before the meeting :)
<mathiaz> ivoks: yes :)
<ivoks> mathiaz: bottom line, the question is: what to do when user removes dovecot-postifx, and what to do when user purges it?
<acicula> AlexC_: boot an ubuntu cd in live mode or it's grub menu to boot the disk directly?
<ivoks> should the functionality be there if the package is removed?
<ivoks> should we revert to state before dovecot-postfix is installed?
<ivoks> (on purge)
<mathiaz> ivoks: I would guess so
<AlexC_> acicula, ideally I would, however it needs to be extremly light weight. I have no physical access to the server, but I do have console redirection and virtual media that I can use. Net connection is not that good to boot a Ubuntu live CD, I pretty much just need grub or minimum to get me grub
<ivoks> then we have to backup postfix's configuration
<ivoks> this wouldn't be too hard
<acicula> AlexC_: could try the netboot iso
<ivoks> as far as purging goes, i thing it's sane to assume that user wants everything that camed with that package - removed
<mathiaz> ivoks: right - couldn't we just undo the changes we made to the postfix configuration?
<acicula> AlexC_: not sure if it comes with grub, but you can get a console that way
<AlexC_> acicula, I'll try
<mathiaz> ivoks: well the thing here is that the package is only about configuration
<ivoks> mathiaz: yes, postconf is great for that
<mathiaz> ivoks: so I wonder if removing == purging in that case
<ivoks> i would agree that removing and purging is the same
<acicula> AlexC_: though it'll take longer to get the console then booting a livecd in console mode i think
<ivoks> then we break policy - not removing configuration on remove :)
<ivoks> should we rename it to dovecot-postfix.conf.bak?
<ivoks> cjwatson: ping
<mathiaz> ivoks: that would be a good compromise
<ivoks> cjwatson: would it be too bad to purge package even though user requested remove?
<mathiaz> ivoks: move dovecot-postfix.conf to .conf.bak on remove and delete the file on purge
<ivoks> ok
<ivoks> mathiaz: why didn't we use update-alternative in the first place? :)
<cjwatson> ivoks: yes
<cjwatson> if the package actually includes configuration, removing it on remove rather than on purge is a bug
<ivoks> cjwatson: how about renaming config to .bak?
<cjwatson> that would probably be fine as long as you clean up entirely on purge
<ivoks> since in this case, if the package is removed and configuration untouched, user won't actually remove dovecot-postfix integration
<ivoks> ok
<cjwatson> right, you just need to be careful not to trash user adjustments if they removed it by accident
<cjwatson> you might want to consider whether you should move .bak back if they reinstall straight away
<ivoks> hm... good idea
<cjwatson> AlexC_: the server install CD has a rescue mode that permits reinstalling grub
<cjwatson> AlexC_: you can do this from the netboot image by adding the boot parameter rescue/enable=true
<ivoks> cjwatson mathiaz thank you guys
<kirkland> mathiaz: results of your raid test?
<AlexC_> cjwatson, awesome, I shall try that as well
<mathiaz> kirkland: not finished yet.
<mathiaz> kirkland: the other installations are still running
<mathiaz> kirkland: it should take another hour or so to complete
<stickystyle> Does anyone know if there is a way to do client side LUN masking with open-scsi?  My Dell MD3000i has a LUN that is presented as a 20MB disk.  Dell support tells me it's a special disk for managing the unit and if I'm not managing the unit from the the client it's not needed (the windows drivers let you hide it).
<soren> I'm not sure what purpose that serves..
<soren> stickystyle: Why would you bother hiding it?
<stickystyle> the reason i ask is because every time i boot the machine I get "Buffer I/O error on device sdc, logical block 4" spewed across my tty and I'm a little worried that my linux box might be touching that lun in a way that may break the target.
<soren> sdc is an iscsi share?
<soren> That sounds odd.
<stickystyle> It's just this weird 20MB FAT drive that each machine that logs into the box gets by default.
<stickystyle> I have not explicitly told the array to export this LUN to my clients, thats just its design :-/
<stickystyle> I guess while there is someone around that is familiar with iscsi, soren do you have any advice on bug 345957 ?
<uvirtbot> Launchpad bug 345957 in open-iscsi "iscsid is looking for targets prior to network being available" [Undecided,Incomplete] https://launchpad.net/bugs/345957
<stickystyle> *Should* the box be able to connect to iscsi shares prior to network being configured?
<stickystyle> Mathias' response didn't quite make sense to me.
<LHC> hey
<LHC> anyone know anything about webhosts
<stickystyle> LHC: as in hosting companies, or hosting your own website?
<LHC> hostin companies
<LHC> I started up a reseller site but its not complete yet
<ttx> It's time for the weekly meeting of the Ubuntu Server team, on this channel.
<LHC> its something to bring in money on the side hah
<ttx> Who's here for the server team meeting ?
<LHC> Im only selling dedicated atm but I was wondering about webhosting (lots of users on one server)
<kirkland> ttx: o/
<stickystyle> ttx: I came to listen (metaphorically)
<ivoks> isn't the meeting now?
<ttx> ivoks: that's what I was trying to say, yes.
<ttx> ok, let's pretend we have a Mootbot.
<ttx> #startmeeting
<ivoks> oh, tb meeting in -meeting :/
<ttx> Agenda: https://wiki.ubuntu.com/ServerTeam/Meeting
<ttx> Last week minutes: https://wiki.ubuntu.com/MeetingLogs/Server/20090317
<ttx> Does anyone have anything to add to the agenda ?
<ttx> ... I'll suppose nobody has.
<ivoks> :)
<ttx> [TOPIC] Review ACTION points from previous meeting
<ttx> kirkland to write a blog post asking for testing of kvm 84 backport to hardy with specific instructions on how-to setup kvm 84 from the ubuntu-virt PPA
<kirkland> ttx: done.
<ttx> yes, I saw that one.
<kirkland> ttx: http://blog.dustinkirkland.com/2009/03/ubuntu-server-kvm-call-for-testing.html
<kirkland> ttx: some feedback
<kirkland> ttx: it appears that this might require backporting libvirt as well, possibly
<kirkland> ttx: anything more you want to know about this?
<ttx> kirkland: the libvirt backport is to fix additional bugs ? Or for kvm-84 compatibility ?
<kirkland> ttx: one user reported that some of his vm's would not boot, until he installed a backported libvirt as well
<kirkland> ttx: i haven't investigated the issue yet
<ttx> ok.
<ivoks> and on still doesn't boot
<ivoks> one
<ttx> anything else to add on the KVM topic ?
<kirkland> ttx: i don't think so ...  maybe more in the coming weeks
<ttx> [TOPIC] Other progress reports on Roadmap items
<kirkland> ttx: please keep testing kvm-84 on hardy, if you have the ability to do so!
<ttx> anyone has anything to report on the https://wiki.ubuntu.com/ServerTeam/Roadmap items ?
<sommer> there's new sections on eucalyptus and opennebula in the serverguide :)
<kirkland> \o/
<sommer> reviews welcome
 * ttx has a look
<ttx> sommer: i'll be in contact with you this week for adaptations to the Likewise-Open chapter to cover the likewise-open5 option
<sommer> ttx: cool, but fyi SF is the 26th
<ttx> sommer: that I'll be in contact with you... tomorrow ?
<sommer> ttx: coolio :)
<ttx> that brings us to another milestone...
<ttx> [TOPIC] Beta release coming up
<ttx> We should be busy with ISO testing soon. We need all the help we can to test on various hardware
<twitzel> Does anybody have time to discuss multipath/udev issues ?
 * sommer should be able to help with ISO testing
<twitzel> on 8,10
<ttx> so if you have some free time and some server box lying around, please give it a shot
<ttx> http://iso.qa.ubuntu.com/
<ivoks> ok
 * lamont considers again _not_ highlighting on 'postfix'
<_ruben> hehe
<ttx> We usually test a lot in VMs but not so much on real iron.
<ttx> [TOPIC] Open Discussion
<ttx> Anything/anyone ? Or else i'll break the shortest meeting in history record.
<ttx> Any regression that you've seen ignored and you would like to bump ?
<ttx> OK, we enter the final month so everyone is already busy, I see :)
<ivoks> :)
<zul> just a tad
 * sommer is sleepy
<ttx> [TOPIC] Agree on next meeting date and time
<ttx> so I think Europe is catching up DST this next week-end
<kirkland> woohoo
<AlexC_> soren, just want to say thank you very much for your help over the past day, been highly appreciated. I have it all up and working now =)
<ttx> Should we adjust the meeting time accordingly
<sommer> sure
 * ttx doesn't remember the usual meeting time
<bittin_> 15:00
<bittin_> and i tought i was to late :p
<ttx> then we just keep 1500 UTC, right ?
<sommer> works for me
<ttx> OK, and we should get back our slot on #ubuntu-meeting
<ttx> so next week, 1500 UTC, #ubuntu-meeting
<bittin_> sounds great
<ttx> #endmeeting, then
<ttx> have a great week, and happy Beta ISO testing.
<Asad2005> I have installed zfs-fuse on ubuntu hardy server but unable to export NFS from mounted zfs "/tank does not support NFS export" Is there a solution to this without compiling kernel ?
<nealmcb> mathiaz: I missed the server team meeting, having forgetfully assumed that the info on the fridge was right (meet at 16:00 utc in u-meeting....) - how should that be updated?
<mathiaz> nealmcb: well the fridge has been wrong for some time.
<mathiaz> nealmcb: things should be back in order soon I think.
<nealmcb> mathiaz: right - I just replayed my thinking from last week when I figured I'd just stay there until 16:00, but then saw the announcement there that the fridge was wrong....
<kshbu0> hello
<LHC> hey
<tinjaw> Today I am going to be researching the conflicts under a default install between DHCP's dynamic updating, Bind9, and AppArmor on 8.10.
<tinjaw> First task is to find out "who" should be the one to set best practices. Bind9 or AppArmor.
<jdstrand> tinjaw: the default apparmor configuration is supposed to support standard application configurations
<kshbu0> something more elementary... Why defaults a server install to dhcp?
<Jeeves_> kshbu0: It does in the installer
<tinjaw> kshbu0: not default install of server, but of dhcpd
<Jeeves_> you can always 'go back' and do manual configuratino
<kshbu0> That is what i mean: the installer should give me the choice.
<tinjaw> jdstrand: understand, but default install of Bind9 makes directories in /etc/bind not /var/lib/bind
<kirkland> mathiaz: sorry to nag, but did you finish the raid1 test yet?
<jdstrand> tinjaw:   /var/lib/bind/** rw,
<jdstrand>   /var/lib/bind/ rw,
<jdstrand> tinjaw: already there
<mathiaz> kirkland: doing it now.
<twitzel> sorry, to repeat myself. Can someone please help me with a multipath problem in 8.10 ?
<jdstrand> tinjaw: that is a standard configuration
<jdstrand> (though not default)
<tinjaw> first research question I am googling now: should I just move /etc/bind wholesale to /var/lib/bind? and if so, why isn't that the default install config.
<jdstrand> /usr/share/doc/bind9/README.Debian.gz
<twitzel> Specifically its a multipath/udev problem
<tinjaw> jdstrand: understood. trying to determine if default package install of Bind9 under U8.10 should be changed via bug report.
<kshbu0> bind9 same story. I've always thought that installation of bind should be in a chrooted jail.
<jdstrand> the chroot breaks things and with apparmor is is not needed
<kshbu0> Why is this not standard procedure on UB-server? Is Debian not doing this either?
<kshbu0> OK. Coming from Mandriva yesterday, I've no complete picture of AppArmor
<kshbu0> Going thru a steep learning curve... I have been running Mandriva for years...
<ahasenack> I asked about the bind thing in the ubuntu server mailing list, you may find it in the archives
<kshbu0> now moving to Ubuntu on both laptop,desktop and server.
<ahasenack> I always thought it weird that postfix is chrooted by default, but not bind
<tinjaw> ahasenack: thx, searching now
<ahasenack> http://osdir.com/ml/linux.ubuntu.server/2008-07/msg00037.html
<kshbu0> will hav a look in the archives. Posted the same question yesterday.
<mathiaz> kirkland: still not working.
<mathiaz> kirkland: I'm dropped to a busybox shell when I choose to boot from a degraded RAID1 array.
<ahasenack> kshbu0: ^^^
<kirkland> mathiaz: holy smokes
<kirkland> mathiaz: um, okay, we have diverged
<lamont> ahasenack: that's because bind had an installed base
<kirkland> mathiaz: i'm booting fine
<lamont> (before I inherited it)
<ahasenack> lamont: you mean, it was too late to chroot it
<kshbu0> According to the latest server manual/faq dropping into busybox should not happen if you don't wantthat.
<kirkland> mathiaz: how big is your .img file?
<kirkland> mathiaz: just one disk
<Deeps> kshbu0: they're testing jaunty i believe
<mathiaz> kirkland: haaaaa
<kirkland> mathiaz: ?
<mathiaz> kirkland: which drive do you disable?
<mathiaz> kirkland: the first one or the second one?
<kirkland> mathiaz: the 2nd
<kirkland> mathiaz: you?
<mathiaz> kirkland: If I disable the 1st one it fails to boot
<kirkland> mathiaz: i boot without the 2nd one
<mathiaz> kirkland: however disabling the 2nd one make the system boot
<kirkland> mathiaz: oh
<kirkland> mathiaz: let me try that
<lamont> ahasenack: I mean that I haven't bothered to start chrooting new installs of it, while leaving the installed base alone, nor have I given much thought to converting the installed base
<lamont> ahasenack: especially since everyone and their brother does it differently already
<Deeps> kirkland / mathiaz: bios configuration set to only boot from first HD, and not looking to 2nd/3rd/etc.?
<mathiaz> Deeps: it's in kvm.
<Deeps> hah, nm then :)
<mathiaz> kirkland: also - I'm using libvirt.
<LHC> anyone know about webhosts
<lamont> ahasenack: there is at least one bug in the debian bts about chrooting bind9, I'd be happy with a patch that did it in a manner that (1) doesn't break the installed base and (2) is sane.
<mathiaz> kirkland: when I state disable the first disk, I meant I comment out the disk definition in the guest xml definition.
<kirkland> mathiaz: i either launch with:
<kirkland> kvm -hda foo1.img -hdb foo2.img
<kirkland> or
<kirkland> kvm -hda foo1.img
<uvirtbot> New bug: #347992 in apache2 (main) "Apache CustomLog and TransferLog directives leave blank logfiles" [Undecided,New] https://launchpad.net/bugs/347992
<kshbu0> its nearing 18:00 here. I'm going dowstais o eat some thing.. Bye
<mathiaz> kirkland: http://paste.ubuntu.com/136859/
<mathiaz> kirkland: ^ these are the two kvm command lines launched by libvirt
<viezerd> http://paste.ubuntu.com/136858/  <<<-- dmesg output: does this mean that my ethernet-card is broken ?
<mathiaz> kirkland: hm - so I think what this does is that the second disk is actually switched in place of the first one when I uncomment the first disk
<viezerd> Because when there is heavy networkload, I loose connection
<viezerd> earlier this week I found this --> http://bugzilla.kernel.org/show_bug.cgi?id=12500 with a 2.6.28.1 kernel, So I asked my hoster for a different kernel but I got the same problem now
<uvirtbot> bugzilla.kernel.org bug 12500 in Network "r8169: NETDEV WATCHDOG: eth0 (r8169): transmit timed out" [Normal,New]
<Asad2005> I have installed zfs-fuse on ubuntu hardy server but unable to export NFS from mounted zfs "/tank does not support NFS export" Is there a solution to this without compiling kernel ?
<kirkland> mathiaz: do you have a screen shot of your error again?
<kirkland> mathiaz: i want to check something ...
<kirkland> mathiaz: and can you pastebin the output of `sudo fdisk -l` ?
<mathiaz> kirkland: hold on - I need to be able to reproduce this.
<tinjaw> I'm wondering if Bind9 should run chrooted and under AppArmor. Maybe that is overkill, but wouldn't be anymore work that only using one.
<kirkland> mathiaz: btw ... acpid is on today's iso's ;-)
<mathiaz> kirkland: yop - o3
<kirkland> o3 = ?
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/raid1_boot_failure_1.png
<mathiaz> kirkland: it looks like a high-five to me - but nobody else seems to agree with me.
<kirkland> mathiaz: looks like a little head and big boobs
<kirkland> mathiaz: o/*\o  is a high five
<mathiaz> kirkland: right - but that involves two people.
<Deeps> lol
<mathiaz> kirkland: my message is that I want to high-five you - whether you answer or not is not in my realm of control
<kirkland> mathiaz: and how do i respond, should i choose to accept your high five?
<mathiaz> kirkland: well - you high-five me back
<mathiaz> kirkland: like it real life
<mathiaz> kirkland: o/*
<kirkland> o3
<mathiaz> kirkland: o3
<kirkland> mathiaz:   *\o
<dantalizing> that looks like a hobo with a sack
<dantalizing> is that jazz hands going on there?
<mathiaz> kirkland: jdstrand has another way to high-five in the online world - but it takes two lines
<kirkland> pom poms
<jdstrand>  5
<jdstrand> o/
<ttx>   \o
<mathiaz> ttx: you're just raising your arm
<jdstrand> (I use an alias though, so I only type one line)
<mathiaz> ttx: you're *not* high-fiving
<ttx> I hardly reach jdstrand shoulder.
<Deeps> <o/
 * jdstrand waves to kees
<kirkland> mathiaz: okay, so i've uploaded a new image to http://people.ubuntu.com/~kirkland/jaunty-server1.img
<kirkland> mathiaz: this one does exhibit the problem
<kirkland> mathiaz: 05cb71e60a534c5ff1a00c5d12d77b7d  /tmp/jaunty-server1.img
<kirkland> mathiaz: i've passed it on to apw on the kernel side
<mathiaz> jdstrand: ^5
<mathiaz> jdstrand: that's a onliner for high-fiving people in the online world
<mathiaz> kirkland: ^5
<jdstrand> mathiaz: it doesn't have near the *pizazz* though ;)
<mathiaz> kirkland: have you been able to reproduce the bug?
 * kirkland high fives mathiaz...yeah!
<mathiaz> \o/
<kirkland> mathiaz: yes, and no.  i'm thinking this is non-deterministic
<kirkland> mathiaz: one install this morning ...  no issues booting degraded raid
<kirkland> mathiaz: second install, issues
<kirkland> mathiaz: which is the image i uploaded to p.u.c
<kirkland> mathiaz: non-determinism is the only explanation for the difference in behavior that you and i are seeing
<incorrect> I am debating about backporting kernel 2.6.28 to hardy,
<mathiaz> kirkland: right. I've seen one instance where the system booted while I expected not to.
<kirkland> mathiaz: i think the upgrades of the mdadm userspace were red herrings
<mathiaz> kirkland: but I can reproduce it 90% of the times
<kirkland> mathiaz: i think it was "working" for other reasons in some of those cases
<kirkland> mathiaz: agreed.
<theunixgeek> Does Ubuntu Server run well under a virtual machine?
<stickystyle> mathiaz: In bug 345957 you commented that _netdev is not honored in jaunty, I'm a bit confused as to how then iscsi targets are supposed to get mounted when networking has not been configured at that point (I'm the bug reporter).  Is it that I'm doing something wrong?
<uvirtbot> Launchpad bug 345957 in open-iscsi "iscsid is looking for targets prior to network being available" [Undecided,Incomplete] https://launchpad.net/bugs/345957
<stickystyle> theunixgeek: Ubuntu Server works great as a virtual machine.
<tinjaw> theunixgeek: umm, yes? is that a trick question?
<stickystyle> theunixgeek: Ubuntu JeOS works even better http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos
 * kees waves to jdstrand 
<kees>      5
<kees>      \o
<sbeattie> kirkland: in your attempts to fix raid degraded mode, can you keep an eye towards fixing bug 316670 as well, as raid10 is just broken in jaunty.
<uvirtbot> Launchpad bug 316670 in mdadm "Raid10 array not assembled at boot, all disks are marked as spare" [High,Confirmed] https://launchpad.net/bugs/316670
<kirkland> sbeattie: thanks for the reminder, yeah, i've been planning on moving on from this one, to that one at some point
<kirkland> sbeattie: i keep trying to put this one to bed
<sbeattie> kirkland: thanks, appreciated.
<kirkland> sbeattie: so you've reproduced that one?
<theunixgeek> tinjaw: just wanted to make sure ;)
<theunixgeek> stickystyle: ah, thanks
<theunixgeek> that does seem to be better
<sbeattie> yeah, it's easy to do so; you can do it on a regular jaunty system with loopback mounts. (I put a recipe in the description of that bug)
<stickystyle> theunixgeek: no problem.
<kirkland> sbeattie: thanks
<theunixgeek> what "unecessary drivers" are left out of JeOS?
<stickystyle> I'm not sure of the exact list, but most of the video cards, IDE/SCSI/RAID controllers, network drivers, etc. that will never be present in a VM (since you have a fixed list of 'virtual HW') they are removed.
<mathiaz> stickystyle: iscsi devices should be mounted when the network interfaces are brought up by udev
<mathiaz> stickystyle: not mounted - the block devices are created when the network interfaces are brought up by udev
<mathiaz> stickystyle: that way iscsi devices are just regular block devices (treated like local ones)
 * theunixgeek is downloading ubuntu server
<theunixgeek> 210 kpbs, not bad
<mathiaz> stickystyle: this is why the iscsi init script runs at level S20 (IIRC) *before* local file systems are mounted.
<mathiaz> stickystyle: the init script is just waiting for all automatic targets to be logged in.
<stickystyle> mathiaz: Okay, I get what your saying now.  So I probably need another init script to actually mount the device after networking has come up correct?
<mathiaz> stickystyle: no - you just need to put your iscsi devices in fstab as you would do for normal local block devices
 * stickystyle is reversing his changes, perhaps he missed something when he first installed.
<mathiaz> stickystyle: iscsi support in the installer hasn't been really tested in jaunty
<mathiaz> stickystyle: it may not work correclty.
<theunixgeek> Who here has experience deploying Ubuntu Server on virtual machines?
<theunixgeek> (I prefer Fedora as a workstation OS, but Ubuntu as a server OS; this is my first time trying it on a VM)
<theunixgeek> I know, it should be the other way around.... :P
<stickystyle> theunixgeek: It's not the 'other way around' in this channel ;-)
<theunixgeek> stickystyle: ah, good point
<theunixgeek> ;)
<theunixgeek> stickystyle: sorry; I don't mean to start flame wars of any kind
<stickystyle> No worries, just playin with you.
<stickystyle> Did you have any specific questions about Ubuntu in VM?
<centaur5> Could anybody help me with forwarding VNC using iptables I've tried multiple commands I've found online and still can't get it to work?
<twitzel> Sorry to repeat myself, don't want to bother anyone. Can someone please help me with multipath/udev ?
<|max|> there are fr channel ? for ubuntu server ?
<twitzel> Where do I go for help with udev/multipath in ubuntu ? Is there a mailing list ?
<theunixgeek> |max|: je crois... attend un moment
<theunixgeek> !fr
<ubottu> Ce canal est en anglais uniquement. Si vous avez besoin d'aide ou voulez discuter en francais, merci de rejoindre #ubuntu-fr
<|max|> mouai :p
<|max|> pas serveur
<theunixgeek> |max|: essaye #ubuntu-server-fr
<theunixgeek> |max|: je crois que les gens dans #ubuntu-fr peuvent t'aider
<mathiaz> |max|: il n'y a pas de channel francophone dedie a ubuntu-server
<|max|> oki
<|max|> en fait j ai 3 carte reseaux et j aimerai gerer deux connections internet
<|max|> et en faire que une
<|max|> je sais que sous windows on peut le faire
<andol> mathiaz: Noticed that you just recently marked all the Ubuntu i386 server images (jaunty rc beta) as tested. Are there any use in having me continuing test the ones I yet haven't tested?
<mathiaz> andol: what kind of hardware are you using?
<mathiaz> andol: well - since it's software testing it doesn't really matter.
<andol> mathiaz: yeah, that's what I kind of figured
<andol> (just an old dell optiflex gx260 I have standing around in the office.)
<mathiaz> andol: more hardware testing is always welcome. Otherwise you can focus on other isos to test.
<mathiaz> andol: right. So if you're up for more testing you can try the desktop one.
<andol> mathiaz: Regarding the pure hardware testing the default installation should be "enough"?
<mathiaz> andol: you could also drop by #ubuntu-testing and ask there what is the most needed.
<mathiaz> andol: yes.
<mathiaz> andol: default install for hardware testing is enough.
<andol> mathiaz: I'll do that tomorrow. By then I'll also see if we have any "real" servers idle, which I can steal for some testing.
<mathiaz> andol: awesome. Thank you very much for your help!
<andol> Is the comment field a good place to mention on what hardware the install is tested on?
<andol> (I'll save the rest of my potential questions for #ubuntu-testing :)
<scope006> has anyone here used the tuning-primer.sh script on ubuntu server for analyzing mysql?
<theunixgeek> Does Ubuntu Server come with everything preinstalled for installing Joomla
<theunixgeek> ?
<theunixgeek> let me reword that
<theunixgeek> Does Ubuntu Server come with everything ready for installing Joomla?
<twitzel> Can anyone see me ?
<acicula> yup
<andol> theunixgeek: Perhaps not preinstalled, but you should find what you need in the repositories.
<twitzel> Okay, quick question. I found a bug in ubuntu-bugs thats virtually identical to my problem. The bug was closed with "fixed in jaunty". How do I use that ?
<andol> theunixgeek: Doing the LAMP-install should give you most of what you need. To that you might need to install an extra php module or two.
<acicula> twitzel: depends on your bug i suppose
<theunixgeek> andol: cool, thanks
<twitzel> As described here before, udev doesn't generate devices for any partitions on my multipathed device
<theunixgeek> twitzel: if it's "fixed in jaunty" that means it's fixed in Jaunty Jackalope
<theunixgeek> twitzel: "fixed in Jaunty" means it's already fixed for the next release
<twitzel> Can I install this ? apt-get doesn't show anything
<twitzel> Basically I'm  stuck now because I had promoted the switch from RHEL to ubuntu server and now 2x12TB of storage have been down since 2 weeks since we switched
<twitzel> So I really need a solution asap, and if this "jaunty" thing fixes it, I'd like to use it
<acicula> jaunty is still alpha, beta in a few days
<twitzel> So going back to RHEL is the best option right now ?
<twitzel> I opened a new bug
<twitzel> Maybe I can argue there that jaunty doesn't help if its not available
<acicula> if the problem is backported(able) into intrepid maybe you can do that, but if it's a new feature it seems you just have to wait for jaunty to get stable, or run the alpha/beta or go back to what worked before
<twitzel> I believe its basically just the udev rules files and their order
<twitzel> no binary stuff at all
<twitzel> How do I merge from debian unstable ?
<twitzel> Actually found this: This bug was fixed in the package multipath-tools - 0.4.8-14ubuntu1
<twitzel> ---------------
<twitzel> multipath-tools (0.4.8-14ubuntu1) jaunty; urgency=low
<twitzel>   * Merge from debian unstable, remaining changes:
<twitzel>     - control:
<twitzel>      + Bump debhelper dependency to install udev rules to
<twitzel>       /lib/udev/rules.d, bump udev dependencies as well.
<twitzel>      + multipath-udeb must not depend on multipath-modules,
<twitzel>       because the Ubuntu kernel already includes the modules and no
<twitzel>       package provides m-m.
<twitzel>     - initramfs/hooks: Install rules from /lib/udev/rules.d.
<twitzel>     - kpartx.udev, multipath-tools-boot.init:
<twitzel>       Replace multipath-tools-boot init script with udev rules.
<twitzel>     - multipath-tools.preinst: Fix preinst script to modprobe dm-multipath.
<dguitar> pastebin....
<twitzel>       This will make sure that multipathd will be able to start.
<twitzel>     - multipath-tools.prerm: Add prerm script to not fail when upgrading
<twitzel>       from a broken version of multipathd.
<twitzel>     - patches/1000--set-umask-in-multipathd.patch: Set umask in multipathd.
<uvirtbot> New bug: #348075 in samba (main) "CIFS VFS: server not responding" [Undecided,New] https://launchpad.net/bugs/348075
<twitzel>     - rules: Move udev rules to priority 95, because rules that load
<twitzel>       modules should be >90.
<twitzel>   * Fix bugs (LP: #316851, #320156)
<twitzel>   * multipath-tools.prerm/preinst: Remove checks for old ubuntu
<twitzel>     versions, we don't support upgrading from them anymore.
<kraut> twitzel: don't know if i'll get kickeassed for that, but yes, i would use redhat or centos for that.
<twitzel> Thats actually double sad. First that ubuntu has difficulty dealing with multipathed SANs (not sooo rare in the server world) and then that even when it works under RH etc. its a major PITA. No wonder people shell out loads of money to managed storage ala Equallogic etc.
<racecar56> i want to use a static ip address, but i only know how to do that on desktop, what do i do to make ubuntu server have a static ip?
<twitzel> racecar56: do you mean set it without using the GUI ?
<twitzel> You ought to change the file /etc/network/interfaces
<twitzel> racecar56: man interfaces will tell you all you need to know about that
<yeason1> this is a noob question but I can't remember... where are the kernel source files stored?
<_ruben> /usr/src/
<yeason1> ah, thnx
<jurism> Hi! I have problems with restarting apache2. It says something about unable to open logs. I am 90% sure it is php5-ffmpeg problem, but I need this extension very much. Can You tell me where should I add 'pkill -9 apache2' in /etc/init.d/apache2 so server could restart with no problems? Thank You!
<racecar-56> this place is silent
<oruwork> can i get apache to host 2 separate websites on one ubuntu server box ? i mean set it up the way that each website would have its own www directory
<Vog-work> yes oruwork
<Vog-work> I have to go so I can't help with it though
<macd> oruwork, should be pretty self explanitory, look in /etc/apache2/sites-available/ glance at default, use it for a template to make a new one, then you can "load" the sitre with "sudo a2ensite whatyoucalledit"
<macd> oruwork, refer to: http://trent.instantspot.com/blog/2009/02/11/Configuring-Apache-to-run-virtual-hosts-on-Ubuntu
<Elite> Hey guys
<uvirtbot> New bug: #348169 in mysql-dfsg-5.0 (main) "prob mysql installation" [Undecided,New] https://launchpad.net/bugs/348169
<nat2610> how do you know if selinux is activated or not on a system ? there isn't any command setenforce ?
<nat2610> hey I'd need a little bit of help. I'm trying to install bind9 packages, it worked in the past, them I messed up some stuff and now when I try to reinstall it I get dpkg: error processing bind9 (--configure): subprocess post-installation script returned error exit status 100 and looking at my messages log I have Mar 24 15:46:29 nat32 kernel: [  369.095590] type=1505 audit(1237934789.179:11): operation="profile_replac
<nat2610> e" name="/usr/sbin/named" name2="default" pid=14034
<nat2610> I don't know what to do
#ubuntu-server 2009-03-25
<uvirtbot> New bug: #347881 in dovecot (main) "dovecot-imapd incompatible with ntpdate use" [Undecided,Confirmed] https://launchpad.net/bugs/347881
<Alysum> hi Id like some help with a crontab line
<Alysum> for some reason this isnt every run:   */1 * * * * [`/bin/date +%d` -eq '26'] && /home/tom/scripts/script.php
<Alysum> not sure if there is a mistake in the date command
<maxb> Alysum: % has special meaning in a crontab line
<maxb> by the way, the /1 is redundant
<Alysum> even with the ` ` ?
<Alysum> i know Im testing it every min
<nat2610> what are yiy trying to do with your date ?
<nat2610> s/yiy/you
<giovani> Alysum: * = every minute
<Alysum> II know
<maxb> Alysum: escape the % as \%
<Alysum> ok will try
<maxb> the ` ` don't matter - they are processed by the shell - the % processing happens by cron itself before the string ever gets executed
<nat2610> but that doesn't make any sense executing the result of date
<Alysum> what does % do in a cron?
<Alysum> hmm it still didnt work
<Alysum> * * * * * [`/bin/date +\%d` -eq '25'] && /home/tom/scripts/script.php
<Alysum> this is syslog  /USR/SBIN/CRON[17874]: (tom) CMD ([`/bin/date +%d` -eq '25'] && /home/tom/scripts/script.php)
<maxb> Alysum: spaces are mandatory inside [ ]
<Alysum> you mean after [ and before ] ?
<maxb> yes
<Alysum> ok it worked
<Alysum> thanks mate
<maxb> but why don't you just write:   * * 1-24 * * /home/tom/scripts/script.php
<Alysum> no I'm testing it cause Im going to run it on the last day of each month
<maxb> ah
<Alysum> yeah it will be like this
<Alysum> 59 23 * * * [ `/bin/date -d tomorrow +\%d` -eq '01' ] && /home/tom/scripts/script.php
<Alysum> the first day %d is 01 not 1 right ?
<Sam-I-Am> howdy
<maxb> Alysum: -eq does a numeric comparison anyway
<Alysum> ok
<uvirtbot> New bug: #348283 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 won't install when /tmp mounted 'noexec'" [Undecided,New] https://launchpad.net/bugs/348283
<oh_noes> I have a swap entry in fstab
<oh_noes> why isnt my server using it?
<oh_noes> How do I check?  top and free -m shows 0kb/0kb for swap
<bitsbam> hey all
<twb> oh_noes: cat /proc/swaps
<twb> oh_noes: see also swapon -a and swapoff -a
<twb> oh_noes: does fstab identify the swap by UUID, or device?
<bitsbam> i am having trouble with slave replication on MySQL, i set it up and it said slave io is not running, but slave sql is.
<bitsbam> how do i know if the slave is replicating?
<oh_noes> it identifies the uuid.  I think I found the problem, the uuid wasnt listed in /dev/disk/by-uuid so on reboot it didnt mount any swap
<twb> oh_noes: normally it should
<twb> oh_noes: unless you somehow boot without udev
<twb> e.g. I have
<twb> 319998ce-e734-4b5d-abb7-cceeef72a62e -> ../../mapper/lvm-swap
<twb> ...in that dir
<oh_noes> yeah, I manually added mine in.  not sure why it wasnt in there ... fixed now
<twb> oh_noes: um, you are not supposed to put files in /dev/disk/by-uuid
<twb> oh_noes: they'll disappear on reboot anyway; it's udev's job to manage that dir.
<twb> If I were you, I'd swapoff, then use mkswap to reinitialize it with a specific UUID, and then match that UUID in /etc/fstab.
<twb> Then reboot and see if udev can see the UUID
<oh_noes> oh, ok
<oh_noes> thanks
<RaNdY> Hello, how to see network-address to be conf in named.conf.local (bind9)?
<fr500> what?
<fr500> named.conf.local is the zone configuration file
<RaNdY> zone definition for reverse DNS sir?
<RaNdY> rev.0.168.192.in-addr.arpa
<RaNdY> where to see "network-address" to replace 0.168.192.
<^law^> hello guys ;)
<simplexio> Received disconnect: 2: server_input_channel_req: unknown channel -1
<^law^> oops sorry 4got to change nick
<simplexio> intresting error. i have newer seen it before. /newer as in last 8 years when i have used ssh daily )
<_law_> guys , i have no-GUI for my ubuntu server, but now i want to  add minimal GUI for it , i wan to have   file manager, package manager n web browser, so what should i do ?
<_law_> XD
<simplexio> _law_: do you want use X on it or X app from it ?
<_law_> hmm wat is the best?
<_law_> haha i'm very new in linux world
<simplexio> _law_: and you get somekind desktop installong ubuntu-desktop ( i think its full) off course you could do it old fashion way and try install only Xorg + xterm + browser
<simplexio> _law_: when i need to run some "local" hd stuff in my server i start nautilus or similiar gui filemanager from X tunnel to my desktop which is linux too
<_law_> my ubuntuserver is just fresh installed and no GUI
<simplexio> _law_: console is quite good for everything server stuff :)
<_law_> yaya i agree
<rdw200169> _law_, i agree, also
<_law_> so i just want my server start in console mode by default
<rdw200169> _law_, have you considered something web-based, like ebox or webmin?
<_law_> n if i need to use gui then i just calling the applicaion i need
<rdw200169> _law_, there are 3 applications that run in the terminal that do what you're looking for, aptitude, mc, and w3c
<simplexio> _law_: im not 100% how ubuntu installs  Xorg package, but for minimal X you could try install Xorg and xterm
<rdw200169> _law_, mc is 'midnight commander', w3c is the browser that comes with a standard installation (like lynx), and aptitude is a very good front end for the package manager that runs in the terminal
<simplexio> _law_: and if you have another desktop linux or windows with cygwin you can do stuff like " ssh -X me@server ; firefox " and firefox actually run in server but windows comes to your desktop
<simplexio> that i s what i do. i run rhytmbox from my home fileserver etc.. and just keep gui on my desktop
<rdw200169> _law_, many people would (including myself) strongly suggest you not install Xorg for security reasons
<_law_> u now my point is i want my server start in console mode by default. then .i.e. if i need to browse internet i just need to type firefosx n the firefox gui shows up
<rdw200169> _law_, especially if you plan on hooking the server up to the internet (i.e. a public-type server)
<simplexio> agree.. if you want use X programs use X tunneling instead
<_law_> x tunneling? how to do that?
<_law_> i have very lack of knowledge XD
<simplexio> besides. link2 is actually quite good browser. whjo needs pictures :) had to use it yesterday when for somereason http proxy started acting, so ssh to my server and link2
<simplexio> _law_: do you have 2 linux machines ?
<_law_> yaya i have
<_law_> ubuntu server that hasi no x
<simplexio> _law_: then do following, from desktop : ssh -X user@server
<_law_> n centos sever that has gui
<simplexio> _law_: server dosent need it
<simplexio> _law_: but you need that openssh-server in server
<rdw200169> _law_, yes, openssh-server is the 'new
<rdw200169> _law_, ' telnet
<simplexio> actually you should newer use telnet to login systems. it good tool to debug stuff like mailserver etc.. but newer transfer anything importand over it
<simplexio> those days.. even i could hack into other peoples accounts when we had hubs and telent server in school
<_law_> i just execute ssh -X user@server from terminal
<rdw200169> its even strongly suggested not to even install telnet...
<_law_> then?
<simplexio> then type xterm
<_law_> but my ubuntuserver still don't has it
<simplexio> if it gives error then type apt-get install xterm
<_law_> hmm i'm confuse now
<simplexio> please explain
<_law_> i wanna know
<_law_> what should i install in my ubuntu server
<_law_> xorg or xterm?
<_law_> n wat r those?
<simplexio> only xterm
<_law_> then wat is xterm?
<simplexio> it shouldnt offer you xorg-server, only xterm package
<_law_> wat xterm usage?
<simplexio> _law_: ?? its terminal program for x, and very light weight
<_law_> ooo
<_law_> ok then i'm install it 1st
<_law_> wait :)
<simplexio> double check that it dosent wnat to install alot stuff
<simplexio> it while when i installed xterm to server so cant rememeber all
<_law_> ok now i'm installing it
<_law_> my internet very slow
<simplexio> its sloow
<_law_> ya my internet
<simplexio> is it ready ?
<_law_> not yet
<_law_> XD
<simplexio> it isnt that big, you connection is sloowww
<simplexio> but when its ready you just type xterm ... hard aint ?
<_law_> ok
<_law_> simplexio, yesterday i read on the net that wecan use PuTTY 4 remote via ssh from windows
<simplexio> then xterm should start to your centos desktop, all command that you run from that xterm go straight to server... now if you need run nautilus in server, then just ssh -X user@server and start nautilus, or linuxdcpp, or rhytmbox, or transmission
<_law_> then i installed it
<simplexio> umm.. .
<_law_> ok but i need to install nautilus 1st rite
<_law_> u ever used PuTTy?
<simplexio> when i used windows on desktop
<simplexio> and now, when i ssh to home server from here
<_law_> hmm i just installed it n when i run it it's defaultly use my windows username to connect to  my linuxbox
<_law_> but on the web i c that we can type te username we want to use
<_law_> the username
<simplexio> havent used latest putty, i think this versio is older one.. you could try user@server syntax
<simplexio> if i recall right, putty supports that
<simplexio> bit now to smoke
<_law_> where to type that line?
<_law_> i mean where to type user@server
<_law_> ?
<simplexio> in putty to connection address
<_law_> oh
<_law_> ok
<llragsll> how to use nis netgroup for user authntication?
<llragsll> I mean where do I specify to use the netgroups?
<llragsll> Some where in PAM?
<llragsll> i wasnt to do this for telnet sessions..
<simplexio> newer done it , but there is "good" howtos in google, i recal lrading one or two
<llragsll> well most of them suggest using /etc/passwd file...but tht is i the compt mode...
<owh> Greetings. In the range of silly questions. I have a hardy server and a google apps domain. I want to pop email from 24 accounts and store them in a user account on the server. Is there a better way that enumerating 24 accounts in /etc/fetchmailrc ?
<owh> s/that/than/
<_ruben> owh: unless gmail supports bsmtp (which i dont think it does), i'd say that's about the only solution you got .. (with bsmtp gmail would push the mail to you)
<owh> _ruben: Yeah, I don't think they'd do that :-)  If the machines were in different domains I could just forward the mail from within gmail, but that ain't the case :( Ah well, more copies of passwords on hard-disks :)
<owh> s/:)/:(/
<ttx> sommer: please ping me when you're around
<kraut> moin
<owh> kirkland: Yes, you are right, my brain is going to mush.
<owh> kirkland: It was sispoty :)
<owh> +t
<BUGabundo> anyone can recommend me an app to act as a SIP/VoIP server?
<kwork> asterisk
<kwork> or freepbx
<kwork> both have web guys aswell
<BUGabundo> kwork: thanks. I think asterisk may be a bit too much for a inicial tryout
<BUGabundo> but I'll install it on a VB server and test
<kwork> quite fancy device is audiocodes
<kwork> it has asterisk on oen board aswell bunch of E1's
<BUGabundo> boss wants to connect local branch and another office via VoIP
<BUGabundo> already started talking to VoIP ISPs
<BUGabundo> to know what I've available
<BUGabundo> so I can go from the simplest solution (webphones/ip phones)
<BUGabundo> to more complext server based
<kwork> BUGabundo,  check out audiocodes devices they are nice voip gateways, thou they are more to VOIP ISPs
<kwork> more inteneted to isps even
<BUGabundo> yeah
<BUGabundo> I just need 4 local and one remote
<sommer> ttx: yo
<ttx> sommer: want to discuss likewise-open 5 now ?
<sommer> ttx: sure
<ttx> sommer: so I'm not sure how this should appear... but it seems interesting to at least mention likewise-open5 on those pages
<ttx> even if the main/supported alternative is still likewise-open (4.1)
<ttx> sommer: we expect likewise-open5 to work better in most scenarios
<ttx> sommer: installing likewise-open5 will uninstall likewise-open. So it will make you leave any joined domain.
<sommer> ttx: is the interface for 5  different from 4?
<ttx> sommer: Instructions for one work for the other. Same CLI/GUI interfaces
<sommer> ttx: that's cool, should be pretty simple
<sommer> ttx: I'll add information about the upgrade issue from 4 to 5 and note that 5 should work better
<ttx> sommer: sounds good, ping me when you have something to review.
<sommer> ttx: sure will do
<ttx> sommer: I'm available for all questions in the 4 next hours.
<orudie> hi, can someone link to LAMP installation guide ?
<\sh> spt-get install apache2 libapache2-mod-php5 php5-mysql mysql-server
<\sh> orudie: and if you need more infos...e.g. howtoforge is a good catch...http://www.howtoforge.com/ubuntu_lamp_for_newbies e.g.
<orudie> is there a dpkg command for this ?
<\sh> orudie: sudo apt-get install apache2 libapache2-mod-php5 php5-mysql mysql-server as mentioned before
<orudie> i installed 8.10 server on a VPS account, and there is no /etc/hostname file, is this normal ?
<sommer> ttx: here's a diff of the likewise-open5 content: http://paste.ubuntu.com/137489/
<ttx> sommer: it's not really in universe because upgrading means rejoining. It's a separate package because upgrading would have meant rejoining... and we can't have both versions in main at the same time.
<sommer> ah
 * sommer adjusting
<mdz> kirkland: I'm seeing an issue with KVM where after rebooting, the CD-ROM no longer works (boot fails).  Closing KVM and then opening it again gets it working.  have you seen this?
<mdz> the common scenario is an Ubuntu installation.  I boot from the CD, do the install, reboot, and it doesn't come up again
<ttx> mdz: I noted that too. it's not a regression though, the behavior was the same for intrepid.
<mdz> ttx: yes, it seems familiar, though I thought it started working again at some point
<ttx> mdz: I was wondering if it wasn't obeying some virtual ejection at the end of the install.
<ttx> since you reboot rather than restart the VM completely.
<mdz> ttx: that sounds like a likely hypothesis
<Daviey> well it is an upstream bug IMO, that if the cd is set to the primary boot device, then the VM has it own rules on what to boot from.. ignores the cd post virtual-eject
<ttx> sommer: maybe add something about replacing one with the other
<sommer> ttx: version two: http://paste.ubuntu.com/137496/
<orudie> i installed 8.10 server on a VPS account, and there is no /etc/hostname file, is this normal ?
<Daviey> orudie: no
<Daviey> orudie: How did you install?  From a debootstrap it is :)
<orudie> Daviey, there is an option which distro to deploy, among many i picked ubuntu 8.10 server
<Daviey> orudie: who is the provider?
<orudie> linode
<Daviey> *shrug*
<Daviey> they've borked it :).. Even so, you can create one :)
<orudie> i'm talking to them right now, there response was Without the /etc/hostname file, DHCP assigns the hostname.
 * ttx proposes an alternate version
<Daviey> orudie: Please tell me they don't ship DHCP for IP's!
<orudie> i dont know that Daviey
<orudie> but yeah, my goal is to host multiple drupal sites on this host
<orudie> have to configure everything
<orudie> i'm used to setting a server up for just one domain , but not multiple
<ttx> sommer: see http://paste.ubuntu.com/137500/ -- I removed the justification for Universe which isn't really useful and added an 4.1->5.0 upgrade warning
<Daviey> orudie: vhosts are your friend!
<orudie> thats why i'm kinda concerned about this from the very start
<orudie> vhosts?
<Daviey> apache virtual hosts.. allows you to have many domains one one IP address
<Daviey> on one*
<orudie> oooh, yeah thats right i started reading about this last night
<ttx> sommer: I also removed the "For most scenarios..." since it should work at least as well in all cases
<Daviey> orudie: (incompatiable with SSL)
<ttx> sommer: otherwise it's a bug :)
<orudie> so /etc/hosts will have multple hosts line hostname.example1.com , hostname.exmplae2.com etc. ?
<orudie> like*
<sommer> ttx: that makes sense... I'll commit it
<sommer> ttx: thanks
<ttx> sommer: you're welcome :) I'll try to review the euca/opennebula chapters today.
<sommer> ttx: that would be awesome
<sommer> ttx: I think there are some issues with openebula networking, so you might want to keep an eye out for that... I'm planning on working on it this morning as well
<Sam-I-Am> anyone here skilled in bug reporting?
<Sam-I-Am> found a bug in an ubuntu package which has been reported already for the equivalent debian-unstable package
<Sam-I-Am> yet i'm not sure if the ubuntu folks are aware of it or not
<Sam-I-Am> figured i might just report it and link to the debian bug
<Sam-I-Am> might ask in ubuntu-bugs now that i think of it...
<rst-uanic> Sam-I-Am: you could post it on the launchpad.net
<Sam-I-Am> yeah
<Sam-I-Am> bugs.launchpad.net?
<rst-uanic> Sam-I-Am: yes
<rst-uanic> https://bugs.launchpad.net/bugs/+filebug
<Sam-I-Am> yeah thought so
<Sam-I-Am> it'll just be a copy of the debian package bug
<Sam-I-Am> i'll reference it...
<Sam-I-Am> already updated another db-4.7 bug there a few mins ago
<ttx> Sam-I-Am: you can mark your bug as "also affecting" the Debian distribution of the same package.
<ttx> that way the bug watch allows us to track progress on the debian bug.
<Sam-I-Am> cool, i'll do that
<Sam-I-Am> never wound up in this situation before heh
<ttx> sommer: in the Eucalyptus page: Cloud Computing environment will consist of three machines [...] One Node Controller: [...] Two Compute Nodes: runs the Node Controller component of Eucalyptus --- There are Node controllers all over. The first machine should probably not be called "Node controller" but something like "Management node" ?
<ttx> or the second one should be renamed to "eucalyptus-nc"
<sommer> ttx: that makes sense... I am still a little fuzzy on how all the pieces fit together
<ttx> well, it's the unfortunate naming of eucalyptus-nc. Node controller has a master sense (I control nodes) and a slave sense (I'm a slave and I need to run a node controller software to be controlled)
<ttx> So the "node controller" requires node-controller-packages to be deployed on compute nodes.
<ttx> sommer: so the text in the doc is correct, but confusing.
<ttx> That's why I would refer to "Node controller" for the function... and "eucalyptus-nc" for the package required on nodes
<sommer> ttx: I see, I'll rename it to Management Node... that does seem more consice
<ttx> sommer: might be simpler to just s/runs the Node Controller component of Eucalyptus/runs the eucalyptus-nc component/
<ttx> since "Node controller" is used everywhere else
<ttx> also you use "Compute nodes" and "Cluster nodes" interchangeably. Pick one :)
<Sam-I-Am> mmm, bug posted and cross-referenced
<ttx> sommer: I'd choose "Compute nodes".
<kirkland> mdz: you want to boot from the cdrom on reboot?
<sommer> ttx: heh, sure
<kirkland> mdz: what does your boot order say?
<ttx> kirkland: the boot order still shows "CDROM". But reboot fails with "No boot device" while the CDROM ISO file is still "mounted" in virt-manager
<kirkland> mdz: are you seeing the same thing as ttx? is this in virt-manager?
<mdz> kirkland: I didn't check the boot order, but that sounds like what I'm seeing
<mdz> kirkland: I'm using plain kvm
<ttx> kirkland: I'm not sure it's a bug, tbh. The behavior looks like what you would get with a slot-in CDROM drive (CD ejected and won't be swallowed back at reboot)
<kirkland> mdz: so normally, i start with something like 'kvm -hda foo.img -cdrom jaunty-server-amd64.img'
<kirkland> mdz: do an installation... install completes
<kirkland> mdz: it tells me to reboot, i warm reboot the kvm
<kirkland> mdz: at this reboot, the boot order is handled 'properly', by booting from my -hda
<mdz> kirkland: that's exactly what I'm doing, and it fails
<mdz> kirkland: when you say "i warm reboot the kvm", do you just let the normal shutdown sequence occur (including ejecting the CD) or something else?
<kirkland> mdz: yes, i'm testing now
<kirkland> mdz: i've been doing exactly ^^^ that just about every day this cycle, and it's never failed me
<mdz> kirkland: that == normal shutdown sequence, or something else?
<kirkland> mdz: normal shutdown sequence
<kirkland> mdz: server or desktop iso?
<mdz> kirkland: desktop
<mdz> maybe they use different methods of ejecting the CD, but it seems unlikely
 * kirkland is installing jaunty-desktop into a kvm ....
<Ethos> guys i've copied over an installation to another machine (different network card) and it won't detect it
<Ethos> is there any way I can re-set up the network card on the new machine?
<Ethos> using 8.10
<kirkland> mdz: okay, i just did the following without reproducing the problem
<kirkland> mdz: downloaded jaunty-desktop-amd64.iso -> 4a9d522d06f118fa72dbd613a02ca43e
<kirkland> mdz: kvm-img create -f qcow2 jaunty-desktop.img 4G
<kirkland> mdz: kvm -m 1024 -hda jaunty-desktop.img -cdrom ../iso/jaunty-desktop-amd64.iso
<kirkland> mdz: completed an install, pressed the "reboot now" button
<kirkland> mdz: i did have to hit "enter" one time more than i remember in the vm, something about ejecting the cd
<kirkland> mdz: and then my newly installed system came up and booted fine
<mdz> kirkland: weird
<mdz> kirkland: kvm command line?
<kirkland> mdz: kirkland@t61p:/local/virt/img$ kvm -m 1024 -hda jaunty-desktop.img -cdrom ../iso/jaunty-desktop-amd64.iso
<kirkland> mdz: okay, i'm going to ask you something strange ....
<kirkland> mdz: what's your cpu running at?
<kirkland> mdz: ie, freq scaling?
<mdz> kirkland: yes, I use frequency scaling, it typically idles at 800MHz
<kirkland> mdz: apw and identified earlier this morning some weird behavior with degraded md raid that changes based on the host's cpu freq
<kirkland> mdz: i've been trying to chase that issue down for several days
<kirkland> mdz: possibly unrelated, but ondemand has introduced non-deterministic behavior in that bug at least
<Coff3> if trying to get kerberos logins to work but failed, now i cant login normal.. what to do ? still have one root shell to that computer
<Coff3> common-account  :)
<mdz> kirkland: interesting
<mdz> ttx: are you using cpufreq as well?
<ttx> mdz: yes
<ttx> kirkland: btw couldn't reproduce my VM freeze with a fixed frequency... Doesn't really prove anything, but...
<kirkland> ttx: good to know
<kirkland> mdz: have you experienced this issue more than once?
<mdz> kirkland: yes
<mdz> kirkland: every time so far tday
<mdz> today
<kirkland> mdz: can you post a screenshot of the error you see?
<mdz> kirkland: yes
<Ethos> anyone know of a good guide to setup a connection to a mssql server?
<Ethos> all the guides I've found either don't work, or are ... shit heh
<mdz> kirkland: http://people.ubuntu.com/~mdz/temp/Screenshot-kvm-cd-boot-failed.png
<mdz> kirkland: notably, kvm still has the file open
<mdz> lrwx------ 1 mdz mdz 64 2009-03-25 16:00 /proc/22847/fd/8 -> /home/mdz/iso/jaunty-desktop-i386.img
<kirkland> mdz: i'm testing again
<orudie> how do i install LAMP on a brand new ubuntu 8.10 server ?
<Ethos> sudo taskel
<rst-uanic> orudie: start tasksel and choose LAMP there
<kirkland> mdz: one more question ... is today the first time you've noticed this?  how recently can you say that you knew this to work previously?
<Tuxist> hi i have problem with nfs, pam and kerberos
<Tuxist> when i mount my nfs volume i can't access the pam ldap account
<Tuxist> http://pastebin.com/m49c16c94
<ScottK> leonel: Debian just uploaded clamav (it went to New of course) so what's in Git now ought to be good.
<kirkland> mdz: okay, I'm clicking "Restart Now" after installation
<kirkland> mdz: and i'm watching my iso in the host with lsof
<leonel> ScottK  I was getting to that point .. :)
<ScottK> leonel: Excellent.  I'm ready for a package any second now.
<kirkland> mdz: my host dropped the open file to the iso
<leonel> the version I tested  got me we working with no results ...
<kirkland> mdz: and now my guest has me waiting to hit enter to remove the disk and close the tray
<leonel> scottK I'll pull it
<ScottK> Excellent.
<kirkland> mdz: it hit enter, and i boot into my newly installed guest image
<kirkland> mdz: curious, are you using the kvm in our kernel, or the kvm built from kvm-source?
<kirkland> mdz: i just uninstalled my kvm-source dkms built kvm module, and i'm rebooting now
<kirkland> mdz: hrm, still can't reproduce, even with the stock kvm in linux-image
<uvirtbot> New bug: #348532 in mysql-dfsg-5.0 (main) "mysql apparmor profile does not allow access to /var/log/mysql.*" [Medium,Triaged] https://launchpad.net/bugs/348532
<ScottK> leonel: The whole package is published at http://people.debian.org/~mt/clamav/
<ScottK> leonel: Unless you're really close to uploading, I'll grab that at put it in the PPA?
<leonel> scottK  I guess that package would be better  packaged ..
<ScottK> I would generally assume so.
<leonel> scottK so the plan is to  get that package    port it to jaunty  and  ... all the rdepends?
<ScottK> leonel: First we go to the PPA.  If we get the rdepends working, then we ask for a freeze exception.
<ScottK> I assume if we have working rdepends we'll get it.
<leonel> ok
<leonel> getting that package  to my jaunty   and  latter today start the show ..
<mdz> kirkland: I'm using all stock jaunty stuff
<kirkland> mdz: understood
<kirkland> mdz: i've been trying -amd64
<kirkland> mdz: i see you're testing i386
<kirkland> mdz: i'll download that
<jwstolk1> hi. I need the "send" program on my server (for the wake-on-lan tool), and installed both of the packages where it was supposed to be in. but I still have no "send" (but I do have the man page for it).  and "send" is a difficult thing to google for....
<kirkland> jwstolk1: sudo apt-get install wakeonlan
<jwstolk1> done
<kirkland> jwstolk1: that doesn't get you what you need for WoL?
<jwstolk1> I get "send : Operation not permitted at /usr/bin/wakeonlan line 126"
<jwstolk1> when trying to send the magic packet
<kirkland> jwstolk1: which version of ubuntu?
<kirkland> jwstolk1: you might need "sudo wakeonlan" ?
<jwstolk1> i'm already root :)  (ubuntu-server 8.10)
<orudie> rst-uanic, so the command is just tasksel ?
<jwstolk1> kirkland: the package manager tells me send is not installed, and should be in  mailutils-mh and nmh. I installed those, but still have no "send"
<kirkland> jwstolk1: see line 126 of /usr/bin/wakeonlan
<kirkland>         send(S, $pkt, 0, $them) or die "send : $!";
<kirkland> send is not a command
<kirkland> it's a perl function
<jwstolk1> ok
<kirkland> and it's telling you that you don't have permission to send on that socket
<orudie> if i see the error unable to resolve host njnode (njnode is the hostname) , how can i fix it ?
<kirkland> mdz: i didn't see a response from you on one other question ... if this is something that recently regressed, or if you've been seeing this for a while?
<mdz> kirkland: I have definitely seen it before, but I don't use kvm every week, so I'm not sure I would notice if it has come and gone
<ScottK> leonel and nxvl: Clamav 0.95 is uploaded to the PPA.
<mathiaz> sommer: hi - I've been talking with ara about organizing a ubuntu-server testing day
<mathiaz> sommer: what about picking up a couple of sections of the jaunty server guide and making the instructions given there are still working for jaunty?
<sommer> mathiaz: okay, but SF is in like 4 hours
<mathiaz> sommer: hm.. ok
<mathiaz> sommer: the testing day could focus on the instructions.
<ScottK> cemc: ^^^ (about 3 lines up) - We have a clamav package so we can start working on rdepends.
<mathiaz> sommer: like the command to be used.
<ScottK> (or maybe 6)
<mathiaz> sommer: the commands (verbatim content) aren't translated
<mathiaz> sommer: so we could still change them after StringFreeze?
<sommer> mathiaz: possibly, it's been discouraged in the past... mdke likes to focus on translations and packaging after SF
<mathiaz> sommer: ok.
<sommer> mathiaz: if it's just command or config file issues, and there are bugs it probably won't be a big deal
<mathiaz> sommer: right. I think it would still be valuable input.
<mathiaz> sommer: at least we'd know what would be wrong...
<sommer> mathiaz: sure, we can always apply the changes for karmic
<sommer> mathiaz: do you have a list of sections in mind?
<mathiaz> sommer: not really.
<mathiaz> sommer: It's just an idea for now. Is doc.ubuntu.com up-to-date?
<mathiaz> sommer: and for the next release cycle, we should organize such a testing day ealier in the release cycle :)
<sommer> mathiaz: yeppers, and the list of "Needs Review" is here: https://wiki.ubuntu.com/JauntyServerGuide
<sommer> mathiaz: ya a testing day with serverguide stuff would be awesome
<mathiaz> sommer: but it would have to be done *after* FeatureFreeze
<mathiaz> sommer: but *before* DocumentationStringFreeze
<sommer> mathiaz: that would probably be the best time
<leonel> scottK  Thanks  Here  just builded the package from http://people.debian.org/~mt/clamav/
<ScottK> leonel: It's also built in the PPA.  It still lacks (from our perspective) the apparmor profile, but should be perfectly suitable for testing.
<leonel> scottK  the  wiki will be used  for tracking advances in rdepends ?
<ScottK> leonel: Yes.
<ScottK> nxvl and cemc:  ^^^
<nxvl> here
<ScottK> nxvl: Do you think you could grab the libclamav rdepends listed on the wiki (less klamav) and upload them to the PPA?
<ScottK> Then we'll have build failure logs ....
<nxvl> ok
<ScottK> leonel: Can you join #debian-clamav on OFTC.  We can discuss it there.
<jmedina> what is OFTC?
<Deeps> irc.oftc.net:6667
<jmedina> thanks
<Kaushal> hi
<Kaushal> anybody here using jboss AS ?
<Ethos> guys i've compiled this ;php5-mssql_5.1.6-1ubuntu2.1_i386.deb
<Ethos> anyone know how I can now use it to connect to mssql from ubuntu server?
<Sam-I-Am> its probably documented in the package for php
<Sam-I-Am> which is what you built...
<Sam-I-Am> the docs should give you the functions and maybe some examples
<kirkland> mdz: tested the same procedure on i386 guest -- no problem there either
<kirkland> mdz: what format are your disk images?  qcow2?
<mdz> kirkland: default for kvm-img create
 * kirkland goes check what that is...
<kirkland> mdz: fmt=raw
<kirkland> mdz: i'll test with that now
<mdz> kirkland: maybe I should just open a bug report about this and move on
<mdz> it's not blocking my work or anything
<kirkland> mdz: sure, whatever you'd prefer
<kirkland> mdz: i certainly can't reproduce it for all i've tried
<mdz> that's very puzzling
<theunixgeek> I wish 2.4 Mbps were a standard download speed :P
<uvirtbot> New bug: #348454 in nut (universe) "PDU support not working" [Medium,In progress] https://launchpad.net/bugs/348454
<theunixgeek> it's so nice watching an Ubuntu Server disk image being downloaded in under  6 minutes (granted, it's from a local computer, but it's still nice)
<genii> Does anyone know if Adaptec SAS-51245  works well under ubuntu? Official support is for SUSE, SCO, UnixWare, Sun Solaris, FreeBSD and VMWare ESX
<albertico> hi... does anybody knows a way to modify the tomcat startup parameters?
<theunixgeek> albertico: tried here? http://tomcat.apache.org/tomcat-3.3-doc/tomcat-ug.html
<albertico> theunixgeek, i was looking into it right now...
<uvirtbot> New bug: #347525 in ec2-api-tools (multiverse) "[jaunty] Please package ec2-api-tools for i386" [Undecided,New] https://launchpad.net/bugs/347525
<Elite|Jeti> Do any of you know a list of PCI dial up modems that will work in ubuntu-server?
<jmedina> I have used trendnet external serial modems in a few servers without problems
<Elite|Jeti> I don't have external ones
<ivoks> conexant
<jmedina> but never PCI they are really hard to get
<ivoks> you'll have to buy a driver
<Elite|Jeti> How about USR?
<ivoks> usr are softmodems
<ivoks> and no driver is provided
<Elite|Jeti> So is there any that work OOTB?
<jmedina> buying a driver, that *ucks
<ivoks> jmedina: driver costs more than device :D
<jmedina> ivoks: yeap I know
<ivoks> but at least we are supporting linux oriented company
<jmedina> I dont use modems, but I have a customers that always ask for external modem for failover admin
<ivoks> i use them for fax service
<jmedina> they have servers in some cities where there is no adsl/cablemodem
<Elite|Jeti> So if I use a conexant what do I have to do?
<jmedina> fax? :O
<ivoks> yep
<kirkland> mdz: fwiw, also just tried with raw disk image (like yours) ... still no reproduce (fyi, i'm backgrounding these tests, and just keeping you apprised)
<Elite|Jeti> Yes fax from a PC to a fax machine or other PC lol
<jmedina> its been a lot since I used  a fax
<ivoks> fax2mail is great
<jmedina> here the last fax we received was 2 years ago
<ivoks> or mail2fax
<ivoks> or ftp2fax
<jmedina> ivoks: well that is fine
<theunixgeek> yay, my installation is finished
<theunixgeek> no!!!
<theunixgeek> "This kernel requires the following features not present on the CP: pae"
<theunixgeek> What should I do? I installed it on VirtualBox
<ivoks> haha vbox
<ivoks> install linux-386 package and boot 386 kernel
<ivoks> in guest
<theunixgeek> ivoks: how? I can't even book
<ivoks> you can boot from iso/cd and boot into rescue mode
<uvirtbot> New bug: #348627 in openssh (main) "motd disappears when using PasswordAuthentication in OpenSSH server" [Undecided,New] https://launchpad.net/bugs/348627
<theunixgeek> ivoks: how do I boot into rescue mode?
<theunixgeek> "rescue a broken system?"
<ivoks> yes
<theunixgeek> ok, I'll try that
<Elite|Jeti> http://www.linuxprinting.org/show_printer.cgi?recnum=HP-PhotoSmart_7350   how do I download this driver?
<mdz> kirkland: I noticed that kvm doesn't have an apport hook.  are you interested in adding one?
<kirkland> mdz: yes!
<kirkland> mdz: bdmurray was going to help me with that at some point ...
<kirkland> mdz: i noticed this today, reading your bug post
<mdz> kirkland: what info would you want included?
<mdz> probably the exact kernel version
<kirkland> mdz: and guiltily thinking, "man, i never even used ubuntu-bug..."
<mdz> though maybe the new versioning makes uname good enough
<kirkland> mdz: the kernel version of both host and guest
<ivoks> driver used for network
<mdz> kirkland: can you get the host info from inside the guest?
<kirkland> mdz: whether the host is using the kvm-source kernel module, or the de facto one
<kirkland> mdz: no
<ivoks> virtio/e1000/realtek
<kirkland> mdz: yeah, ivoks ^
<kirkland> mdz: network type
<kirkland> mdz: disk image format (qcow, qcow2, raw, etc), and virtio or not
<kirkland> mdz: i'd expect that the report should come from the host
<mdz> kirkland: hmm, a lot of that stuff is going to vary at runtime for a particular instance of kvm, no?
<mdz> should we be doing this at the libvirt level then?
<kirkland> mdz: yes, the command line actually used is very valuable
<kirkland> mdz: you can get that from libvirt
<ivoks> if user is using libvirt, why not just whole config file?
<kirkland> mdz: the libvirt level might provide more information, but would muddy the waters as to where the bug is
<kirkland> mdz: soren "owns" libvirt and virt-manager, so he should be consulted on those
<kirkland> mdz: dendrobates has tasked me with specifically kvm
<mdz> kirkland: I filed bug 348633 btw
<uvirtbot> Launchpad bug 348633 in kvm "Fails to boot from CD after reboot: CDROM boot failure code: 0003" [Undecided,New] https://launchpad.net/bugs/348633
<kirkland> mdz: thanks
<mdz> kirkland: it sounds like in most cases we'll want the user to try to report based on a running kvm instance, i.e. ubuntu-bug <pid> rather than ubuntu-bug kvm
<mdz> that way we can see the command line they're using, and hopefully gather some of the other info you're looking for
<mdz> kirkland: writing hooks is really easy; if you can gather the info you want with shell commands then converting that to a hook is very straightforward
<kirkland> mdz: one minor point that I haven't added to your bug discussions yet...  i try to *always* set the Importance of a bug 1st, regardless of whether or not I can reproduce it and what its Status might be
<kirkland> mdz: tremendously helps me in sorting, to have at least something
<uvirtbot> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,In progress] https://launchpad.net/bugs/1
<ivoks> uvirtbot: take a break :)
<uvirtbot> ivoks: Error: "take" is not a valid command.
<kirkland> mdz: cool ...  where do I put these shell commands?
<theunixgeek> ivoks: thanks; it works now :D
<Elite|Jeti> http://www.linuxprinting.org/show_printer.cgi?recnum=HP-PhotoSmart_7350   how do I download this driver?
<kirkland> mdz: oh ...
<kirkland> mdz: dude
<kirkland> mdz: drop the -boot d
<kirkland> mdz: since your disk image is empty, kvm will default to booting from the cdrom the first time
<kirkland> mdz: the second time, you'll have grub love
<ivoks> theunixgeek: np
<mdz> kirkland: that's fine the first time, but then the second time it will boot from the disk (which I don't want)
<kirkland> mdz: and you'll boot just fine, i bet ;-)
<theunixgeek> now, how do I find out my local IP address? ifconfig isn't helping
<mdz> kirkland: I want it to work regardless of what junk happens to be in the disk image when I sit down to work
<ivoks> theunixgeek: 'ip a' is better than ifconfig, but ifconfig should show ip address
<theunixgeek> ivoks: the local one
<mdz> kirkland: have the kvm package install /usr/share/apport/source_kvm.py
<mdz> kirkland: sorry, /usr/share/apport/package-hooks/source_kvm.py
<ivoks> theunixgeek: local like localhost or from local network?
<theunixgeek> ivoks: local network
<ivoks> theunixgeek: ifconfig and ip a
<theunixgeek> something like 192.168.etc...
<theunixgeek> thanks
<mdz> kirkland: check out source_splix.py for a really simple example
<mdz> kirkland: and pydoc apport.hookutils for some convenience functions
<mdz> kirkland: basically, you define a function add_info(report) which treats report as a python dictionary to store key/value pairs in
<mdz> you can put pretty much anything you want in there, and apport will do the right thing with it
<kirkland> mdz: that part looks simple enough
<mdz> binary data gets base64 encoded and attached, etc.
<jmedina> I have a custion, and I think I know a answer
<kirkland> mdz: and my set of magic shell scripts go ...?
<jmedina> which command can be used to see the reserved blocks count for a filesystem
<theunixgeek> ivoks: I'm getting 10.0.2.15 but I don't get an Apache test page when I open that in my browser(s)
<jmedina> I have used dumpe2fs (ext3)
<sbeattie> kirkland: see the source_apparmor.pu hook for a more complex example
<jmedina> is there any other tool you know?
<ivoks> theunixgeek: did you install apache?
<mdz> kirkland: add_info(report): report['OutputOfMagicShellCommand'] = command_output(['ls','-l','/dev/null'])
<kirkland> mdz: neat, this looks easy enough
<sbeattie> kirkland: I want to add an apport hook for mdadm, to capture users raid configuration.
<kirkland> sbeattie: oh, snap
<theunixgeek> ivoks: I installed a LAMP server configuration
<kirkland> sbeattie: be my guest ... that's another that's used in really complicated ways that users don't even always understand
<mdz> kirkland: the only thing I'm unsure about is how you can get the PID so that you can poke at the process
<ivoks> theunixgeek: is apache running? (ps ax | grep apache)
<mdz> kirkland: it's included in report['ProcStatus'] but not in a very convenient way
<theunixgeek> ivoks: /usr/sbin/apache2 -k start
<kirkland> mdz: isn't that the reporter's responsibility?
<ivoks> theunixgeek: only one instance?
<theunixgeek> ivoks: six
<ivoks> then it's running
<ivoks> telnet localhost 80
<mdz> kirkland: the reporter will provide the PID for a running instance.  apport will take care of the basics like figuring out which binary was run and what package it is in, and getting /proc info
<theunixgeek> ivoks: I did; it says it's connected
<ivoks> so, it works
<mdz> kirkland: if you wanted to do something fancier, like parse the command line args and figure out the file type of the disk image in use, you'd need to know the PID inside your hook
<theunixgeek> ivoks: I still don't know what my local IP address is :P
<mdz> kirkland: you should email pitti on that one
<kirkland> mdz: okay
<kirkland> mdz: can i parse it out of report['ProcStatus'] ?
<kirkland> mdz: with some fancy regexing?
<ivoks> theunixgeek: 20:51 < theunixgeek> ivoks: I'm getting 10.0.2.15
<mdz> kirkland: you can, but pitti might prefer to just make it available to the hook more cleanly
<theunixgeek> ivoks: yeah, but I get nothing in my browser
<kirkland> mdz: cool
<theunixgeek> "Safari canât open the page âhttp://10.0.2.15/â because the server where this page is located isnât responding."
<mdz> sbeattie: apport hook for mdadm -> great idea, do you need help with it?
<kirkland> mdz: is this something I can get into the archive after beta?
<ivoks> theunixgeek: on server, try telnet 10.0.2.15 80
<mdz> kirkland: I don't see why not; it's just adding an inert file on disk.  it's only used when reporting a bug, and if it crashes, apport continues gracefully.  it's very low risk
<theunixgeek> ivoks: "Connected to 10.0.2.15"
<theunixgeek> and wget'ing from it works
<ivoks> theunixgeek: maybe your browser doesn't know where 10.0.2.15 is
<jmedina> try: netstat -pltn | grep apache
<theunixgeek> ivoks: what do you mean?
<ivoks> theunixgeek: it's a server in vbox, right?
<mdz> ttx: perhaps you could chime in on bug 348633
<uvirtbot> Launchpad bug 348633 in kvm "Fails to boot from CD after reboot: CDROM boot failure code: 0003" [Undecided,New] https://launchpad.net/bugs/348633
<ivoks> bah..
<theunixgeek> ivoks: yes
<ivoks> theunixgeek: and the browser is on another machine?
<theunixgeek> ivoks: yes; even Firefox on the same machine won't open it
<\sh> guys, does anyone run ubuntu server (hardy or intrepid) on something like BLc7000 with bl46x or bl495 with flex10 virtualization solutions of hp fame?
<ivoks> theunixgeek: so, have you considered that your other machine doesn't know how to reach 10.0.2.15?
<ivoks> theunixgeek: routing problem
<ivoks> theunixgeek: try pinging 10.0.2.15 from that machine, or even better traceroute it
<theunixgeek> ivoks: how do I get it to work, then? (I'm new at networking stuff, so sorry if I don't know much of some of this)
<ttx> mdz: looks very familiar. Will try to reproduce in the same conditions and report on the bug.
<theunixgeek> ivoks: seems like it can tracerout it
<theunixgeek> *tracerout
<ivoks> theunixgeek: it is working, it isn't available from other machines cause of your network setup
<theunixgeek> *traceroute
<sbeattie> mdz: I'm happy to implement it (I've already done a few); ideas for exactly what to capture would be useful.
<theunixgeek> ivoks: how should I go about editing my network setup?
<ivoks> theunixgeek: sorry, i have lots of work to do, it's 9PM and i don't have time atm to teach you network basics... maybe someone else is in better position
<theunixgeek> ivoks: no problem; thanks for your help
<theunixgeek> How do I edit my network setup so that a website on an Ubuntu Server virtual machine can be accessed from other computers?
<Elite|Jeti> theunixgeek, what do you need to do?
<theunixgeek> Elite|Jeti: I want to be able to view an HTML file on other computers
<theunixgeek> it's already in /var/www
<theunixgeek> I can traceroute to my server, but not ping to it, nor access its files from other computers
<Elite|Jeti> Do you use DHCP on the network?
<theunixgeek> Elite|Jeti: to be honest, I don't know
<mdz> sbeattie: debian/bugscript should give you an excellent starting point
<theunixgeek> Elite|Jeti: I'm relatively new to networking
<Elite|Jeti> Do you use a router?
<mdz> sbeattie: (aka /usr/share/bug/mdadm/script)
<theunixgeek> Elite|Jeti: yes
<Elite|Jeti> The other computers in the house do they run linux or windows?
<mdz> sbeattie: that's the hook for Debian's bug tool, which spits out a big text file with everything in it.  if you take the individual pieces of that and put them into the apport report separately, that would be excellent
<kirkland> mdz: okay, now that i have my source_kvm.py, can i dry-run it?
<orudie> ivoks, hi
<kirkland> mdz: just to see what it's gathering, without really barfing a real bug?
<Reepicheep> does anyone here have slapd running on intrepid with TLS?
<theunixgeek> Elite|Jeti: one runs Mac OS X, the other, Fedora
<sbeattie> kirkland: sure, if you do ubuntu-bug -p [pid] it'll let you see the report before shoving it to launchpad.
<Elite|Jeti> theunixgeek, is that one running OS X a mac?
<theunixgeek> Elite|Jeti: yes
<Reepicheep> I know there are some issues with gnutls and openldap.. I'm wondering if my issues are related?
<mdz> kirkland: the easiest way is as sbeattie says
<Elite|Jeti> or is it a hack
<mathiaz> Reepicheep: what are your issues?
<kirkland> mdz: sbeattie: cheers, thanks.
<Elite|Jeti> ok
<Reepicheep> slapd doesn't start when I add the TLS to the config
<mathiaz> Reepicheep: what's the error message?
<Reepicheep> I get an error "main: TLS init def ctx failed: -64"
<mdz> kirkland: if you want a closer look, you can do this:http://pastebin.com/f15196f43
<mathiaz> Reepicheep: is the openldap user able to read the private key and the certificate?
<theunixgeek> Elite|Jeti: so, any ideas?
<Reepicheep> yeah.. they are world readable
<mathiaz> Reepicheep: the private key is world readable?
<mathiaz> Reepicheep: do you have apparmor messages related to slapd in your dmesg?
<mdz> mathiaz: I noticed samba doesn't have an apport hook either; it could surely use one
<jmedina> Reepicheep: I would load slapd by hand with -d option
<jmedina> I remember there was some incompatibilities disscused in openldap mailing list about slapd compiled agains gnutls
<Reepicheep> I used the "-d" to get the error message. and yeah the private key is world readable
<jmedina> but I have never had those problems using my own CA
<Reepicheep> I set it that way thinking it was passably a permissions thing
<jmedina> Reepicheep: is that all the message?
<mathiaz> mdz: yes - it's on my TODO list now that I wrote up the DebuggingSamba wiki page
<Reepicheep> I have am using my own CA
<Reepicheep> with openssl
<mathiaz> Reepicheep: where are the cert and private key files located?
<Reepicheep> but openldap is built with gnutls
<mathiaz> Reepicheep: slapd apparmor profile may deny access to them if they're not located in the standard directory
<mathiaz> Reepicheep: you can check that by reading the output of dmesg
<Elite|Jeti> theunixgeek,msg me
<Reepicheep> dmesg reports "[153869.332435] type=1505 audit(1238000019.270:4): operation="profile_replace" name="/usr/sbin/slapd" name2="default" pid=5178"
<Reepicheep> my certs are in /etc/ssl/certs/server.crt and /etc/ssl/private/server.key
<Reepicheep> I also have my CA cert as /etc/ssl/certs/cacert.pem
<mathiaz> Reepicheep: is the openldap user part of the ssl-cert group?
<mathiaz> Reepicheep: etc/ssl/private/ is only readable by the ssl-cert group.
<Reepicheep> ok.. I don't have that group.. let me set that up
<kirkland> sbeattie: mdz: what's wrong with this?  http://pastebin.ubuntu.com/137749/
<kirkland> i'm expecting a CpuInfo field in my report
<kirkland> oh, hmm, it's triggering the report against bash
<kirkland> so i don't think my kvm hooks are running
<mathiaz> Reepicheep: you should make sure that the openldap user is able to read the private key
<mathiaz> Reepicheep: and its directory.
<kirkland> mdz: sbeattie: this file is /usr/share/apport/package-hooks/source_kvm.py
<Reepicheep> I did test that by "su -s /bin/bash openldap" and was able to read /etc/ssl/private/server.key
<Reepicheep> oh.. maybe that doesn't work..  I thought I tested that
<Reepicheep> let me check that out
<Reepicheep> that was it.. thanks
<kirkland> mdz: sbeattie: okay, i have it now!
<kirkland> mdz: sbeattie: i had to explicitly call "ubuntu-bug -P 1234 -p kvm"
<kirkland> but now i'm cooking ;-)
<sbeattie> kirkland: FYI, attach_harware() already includes /proc/cpuinfo
<kirkland> sbeattie: thanks, i see that now ...
<Reepicheep> I created the ssl-cert group added openldap user and made the private directory group ssl-cert with "g+rx" permissions
<kirkland> sbeattie: before, my reports were being generated against bash
<kirkland> sbeattie: and i wasn't getting that
<Reepicheep> I spent way to much time on that for it being that simple
<sbeattie> mathiaz|kirkland: any chance we can get the apport package included in ubuntu-server?
<sbeattie> the crash catcher is disabled by default on release, so it should be safe from a performance perspective.
<kirkland> sbeattie: hmm, is there a very lightweight, few-deps, cli-only package?
<mathiaz> kirkland: yes.
<mathiaz> sbeattie: I don't see why we shouldn't do that.
<sbeattie> kirkland: just the apport package; apport-{gtk,qt} include the gui bits.
<kirkland> sbeattie: cool, i'll leave it to mathiaz to add to the seed
<jmedina> hy there, any reason the -F option was removed from shutdown command?
<jmedina> in hardy LTS
<sbeattie> mathiaz: that would be awesome, thanks.
<jmedina> I see the option in dapper in the manpage, but in hardy and intrepid
<Elite|Jeti> Any of you guys use hplip?
<mdz> kirkland: "ubuntu-bug kvm" should be sufficient, as should "ubuntu-bug 1234" (if 1234 is a running kvm process)
<uvirtbot> Launchpad bug 1234 in launchpad-foundations "Gina is an unmaintainable mess of command line options, environment variables and shell scripts" [Medium,Fix released] https://launchpad.net/bugs/1234
<jmedina> I do, but I upgrade to 2.8.10 becaus some tray problems with customers printers
<mdz> kirkland: also note there's a convenience function for "attach this file or tell me if it doesn't exist"
<Elite|Jeti> jmedina, were you talking to me?
<mdz> uvirtbot: ha!
<uvirtbot> mdz: Error: "ha!" is not a valid command.
<jmedina> Elite|Jeti: yeap
<Elite|Jeti> jmedina, can you help me?
<jmedina> Elite|Jeti: how?
<jmedina> Elite|Jeti: you never said your problem
<jmedina> Elite|Jeti: I have not HP printer here, it is in customers site
<jmedina> I dont even have a printer configured in my system, I dont like wasting paper :D
<Elite|Jeti> jmedina, I have a hp photosmart 7350 photo printer I wish to install to my ubuntu server and share via samba
<jmedina> Elite|Jeti: and what is the problem?
<Elite|Jeti> don't know how
<jmedina> Elite|Jeti: plug in the printer, then enter to http://127.0.0.1:631
<Elite|Jeti> I did sudo apt-get install hplip and it downloaded something
<Elite|Jeti> and installed but now what do I do?
<jmedina> tellme when you are in the admin page
<Elite|Jeti> It says page failed to load
<ivoks> install hpijs-ppd package
<ivoks> why share it over samba?
<ivoks> windows support http/ipp protocol
<ivoks> it can't discover it and use the ppd, but, well, you can add it as network printer :)
<Elite|Jeti> huh?
<ivoks> what?
<Elite|Jeti> What you said makes no sense to me
<ivoks> what doesn't?
<ivoks> linux/unix/osx can discover printers on another linux/unix/osx and use it without any user configuration
<ivoks> cups provides real client-server printing
<ivoks> windows never did real client-server printing
<ivoks> each windows client needs driver
<ivoks> cups clients don't need drivers, only ppd file
<ivoks> windows can be cups client, but it can't discover printers without interaction
<ivoks> and it needs driver to 'print' postscript to cups
<ivoks> so, if you already have cups on ubuntu, and you do, why adding another (samba) layer and make things even more complicated?
<ivoks> just add network printer with url http://ip_of_server:631/printers/name_of_printer
<Fenix|work> Greetings :)
<Fenix|work> How is everyone today?
<Fenix|work> any server admins using vsftpd?
<Elite|Jeti> ivoks: how do I set that up?
<ivoks> what exactly? printer? or windows client?
<Elite|Jeti> Printer
<ivoks> install hpijs-ppd package
<ivoks> restart cups
<ivoks> plug in printer
<ivoks> go to http://localhost:631/admin
<ivoks> and add recognized printer
<Elite|Jeti> I did sudo apt-get install hpijs-ppd and says not found
<ivoks> hpijs-ppds
<jmedina> what is the difference in hpijs and hplip, I always used hplip
<kirkland> sbeattie: mdz: is it possible to prompt the reporter for certain questions I can't determine automatically?
<jmedina> ohh yea ijs is for inkjet
<jmedina> hplip for lasers, sint it?
<kirkland> sbeattie: mdz: I can't see how i can determine the guest os, or the guest disk image format
<ivoks> hpijs is a driver
<kirkland> sbeattie: mdz: i have source_kvm.py collecting the other things i need, now
<ivoks> hplip is a system for scanning, printing, faxing...
<sbeattie> kirkland: not that I'm aware of, but that's a question/suggestion pitti can answer best.
<kirkland> sbeattie: cool, i'll ping him
<Elite|Jeti> how many MB is 1904Kbs?
<Elite|Jeti> erm kB*
<ivoks> 1904/1024
<Elite|Jeti> So a bit better than one meg
<mdz> kirkland: I don't think anything prevents you from popping up a dialog and asking a question, but I'm not sure that it will work properly in all cases
<mdz> kirkland: you should check with pitti on that one
<mdz> kirkland: you should be able to get the guest disk image format by looking at the command line as I suggested (to get the pathname of the image files), and examining the image files
<soren> kirkland: qemu/block.c has a routine for detecting the disk image format.
<soren> I'm not sure, but I believe it's exposed in {kvm,qemu}-img as an "info" subcommand or something.
<soren> If that's already been mentioned: Sorry, just joined the conversation now.
<kirkland> mdz: i'm regexing out the kvm command line, retrieving that properly
<kirkland> mdz: any idea on how to ask ps what path dir is this command executing from?
<Elite> You have a software kvm?
<kirkland> mdz: ie, the -hda foo.img will likely be a relative path
<kirkland> mdz: if i can get that to an absolute path, then i can run soren's block.c routine for finding the format
 * kirkland is away for bit ... messages logged
<mdz> kirkland: os.path.join('/proc/pid/cwd', 'hda.img')
<ivoks> Elite: kvm = kernel virtual machine, that's virtualization
<Elite> Ah lol
<Elite> Too bad there wasn't a way you could switch using software that was silent not vnc but something that wasn't IP dependant
<soren> kirkland: Use "kvm-img info" instead.
<soren> kirkland: It detects the format and gives a bit more meta-data. It looks quite useful.
<mdz> kirkland: I think you may get the command line in report['ProcCmdLine']
<mdz> er, ProcCmdline
<mdz> kirkland: see e.g. https://bugs.edge.launchpad.net/ubuntu/+source/vlc/+bug/348669
<uvirtbot> mdz: Error: This bug is private
<mdz> oops, that's an untriaged crash report
<soren> That's odd. I thought ubuntu-dev were allowed to see those?
<mdz> soren: we are, but uvirtbot apparently isn't
<soren> mdz: I'm not.
<soren> mdz: Launchpad says I'm not allowed there. :/
<soren> mdz: Are you part of the security team, perhaps?
<kees> soren: it's not a security bug
<kees> soren: (I can't see it either)
<soren> The plot thickens..
<soren> mdz is a member of the Launchpad Security Team (by extension). Perhaps that is why?
<kees> soren: I'm a member of the LPST, and I can't see it.
<soren> Alright, I'm fresh out of hypotheses.
<jdstrand> fwiw, I can't see it either...
<soren> kees: So... that blkid thing you talked asbout yesterday.. What was it? I've just finished a dist-upgrade and am trying to decide if I should reboot. :)
<soren> kees: Does it only affect md devices, or any devmapper device (specifically lvm2 devices)?
<kees> soren: it's (to my knowledge) only in Keybuk's PPA, not the general archive.
<kees> soren: based on other people's reports, it is only broken for md devices.
<soren> kees: Oh, ok. Lovely.
 * soren reboots
<albertico> hi, it seems like the ubuntu 8.10 tomcat6 service ignores the parameters I defined on the setenv.sh file
<albertico> has anyone dealt with this?
<acicula> setenv.sh file?
<soren> \o/
<acicula> o/
<albertico> acicula, already defined the setenv.sh file on the /usr/share/tomcat6/bin directory, but seems that tomcat ignores it
<albertico> acicula, it keeps starting without the parameters I defined
<Elite> ivoks: you stilll around?
<acicula> albertico: what are you trying to do?
<albertico> acicula, change the tomcat6 parameters when starting the jvm
<albertico> acicula, basically, start tomcat6 with the following jvm parameters: "-server -Xms48M -Xmx256M -XX:SoftRefLRUPolicyMSPerMB=36000 -XX:MaxPermSize=128m"
<albertico> acicula, I have been searching around, and it says that one should modify the setenv.sh file and add such parameters
<acicula> the setenv.sh file from where?
<acicula> dont think the ubuntu tomcat6 service start script use that anyhow
<albertico> acicula, I understood the setenv.sh file on the same directory where the tomcat6 scripts are installed, which is the /usr/share/tomcat6/bin path
<acicula> tried modifying /etc/defaults/tomcat6?
<acicula> albertico: dont see a setenv.sh there
<acicula> dont se a setenv.sh in the tomcat6 distro either?
<albertico> acicula, the guys on the #tomcat channel say I must create it...
<albertico> acicula, so I did, but it does not work
<albertico> acicula, let me check with the /etc/defaults/tomcat6
<acicula> # Arguments to pass to the Java virtual machine (JVM).
<acicula> #JAVA_OPTS="-Djava.awt.headless=true -Xmx128M"
<acicula> seems pretty selfexplanatory
<warthog9> other than downloading an entire cd.iso, loop back mounting it and pulling the netboot images out, is there anywhere in <mirror>/ubuntu-releases/ that has the netboot images, particularly if they are under one of the numeric version directories?
<acicula> warthog9: should be there
<acicula> warthog9: correction, they are there
<warthog9> acicula: got a pointer, I'm not seeing *just* the netboot images on http://mirrors.kernel.org/ubuntu-releases/
<Deeps> look on http://cdimage.ubuntu.com/ i think
<Deeps> or google ubuntu netboot?
<acicula> warthog9: google, dont have an url for you, but you can find the linux/initrd images you want somehwere in the three
 * warthog9 goes to run find on the kernel.org box for it then
<acicula> eh?
<Elite> How do I install a printer? its an HP Photosmart 7350 and I have cups installed
<warthog9> 'cause I know I can find them in just /ubuntu/ but I wasn't seeing the vmlinuz & initrd's in the releases directory structure
<albertico> acicula, it worked using the /etc/default/tomcat6 file... the tomcat docs say you can use the CATALINA_OPTS option for such definition, but it doesn't work... so the JAVA_OPTS is the option that works
<albertico> acicula, thanks for your advice
<jmedina> albertico: you should send this comments to the ubuntu server documentation team, I think is worth to have this info in the ubuntu server guide or something
<acicula> albertico: did you try setting CATALINA_OPTS in the /etc/default/tomcat6 ?
<Elite> Anyone?
<jmedina> Elite: Elite did you enter to cups admin interface?
<albertico> acicula, yes, but tomcat ignored the CATALINA_OPTS
<acicula> albertico: think those options only work if you use the startup script from tomcat
<acicula> albertico: which is entirely different from the init.d script
<albertico> jmedina, I agree... will do so  :)
<Elite> jmedina, how?
<jmedina> Elite: I and ivoks already told yu so
<jmedina> albertico: thanks
<Elite> through the :631?
<warthog9> acicula: ok I'm not seeing just the vmlinuz and initrd's from releases.ubuntu.com &/or any mirror thereof.  I can find them trivially in a normal mirror of ubuntu's normal mirrored tree (I.E. http://mirrors.kernel.org/ubuntu/) but the later here doesn't export the numeric version (6.06 for example) it just has dapper, hardy, etc.  So I suppose since the netboot images aren't available in releases, is there a know place that
<warthog9> I can find something that lists Ubuntu 6.06 is dapper?
<jmedina> lsb_release -a
<jmedina> :S
<warthog9> jmedina: I'm also making the assumption that I'm not on an ubuntu box, and I need to translate it for all versions of ubuntu
<Elite> Me?
<jmedina> Elite: so do you have cupsys installed and running?
<acicula> warthog9: https://help.ubuntu.com/community/Installation/NetbootInstallFromInternet
<acicula> ?
<albertico> acicula, that makes sense... I tried to use the startup.sh script, but I get various errors... and it seems that the init.d script uses the jsvc for starting the tomcat as daemon
<warthog9> acicula: no, let me make the question simpler - is there a way to translate dapper, hardy, etc (like a txt file somewhere) to the ubuntu version number?
<Elite> jmedina, that ip thing doesn't work
<acicula> warthog9: different question, dunno
<docta_v> any svnserve experts in here... i'm trying to setup svnsync
<jmedina> Elite: try with the server's IP
<docta_v> svnsync hangs with an empty svnserve.conf
<docta_v> if i change one thing in svnserve.conf... like add an authz line
<docta_v> then it works but then breaks access for normal users
<Elite> I did
<warthog9> acicula: well if a normal $joe user is presented with a list that just has hardy, dapper, etc is this going to be more or less useless to them?
<jmedina> Elite: again, is cupsys installed and running?
<albertico> see ya guys...  thanks again!
<jmedina> Elite: read the server guide
<jmedina> http://doc.ubuntu.com/ubuntu/serverguide/C/cups.html
<acicula> warthog9: i have no idea what you are on about, you were looking for netboot images yes?
<jmedina> there are instruccions about configuring cups to allow remote printing and admin
<jmedina> Elite: then when you enabled remote access and enter to the admin interface please tell me
<jmedina> well in fact there is a lot of documentation about howto configure printeres in cups
<jmedina> just a little clics
<Elite> God damn this is shit
<Elite> I can't find out how to enable that crap
<Elite> ...
<jmedina> Elite: enable what?
<Elite> The admin web interfact
<jmedina> Elite: did you read that guide?
<jmedina> http://doc.ubuntu.com/ubuntu/serverguide/C/cups.html
<Elite> What guide?
<jmedina> Â¬Â¬
<jmedina> Elite: so?
<Elite> jmedina, not yet still dling cupsys
<jmedina> Elite: did you change Listen in cupsd.conf?
<jmedina> and restart cupsys
<jmedina> ?
<Elite> How do I restart it?
<Elite> I tried the /etc/init.d/cupsys restart but nothing
<jmedina> Elite: show the output from:
<jmedina> netstat -plutn | grep cups
<jmedina> run it on the server
<jmedina> not in your computer
<Elite> I know
<jmedina> I dont
<Elite> What?
<jmedina> I dont know if you know
<Elite> tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      8535/cupsd
<Elite> udp        0      0 0.0.0.0:631             0.0.0.0:*                           8535/cupsd
<jmedina> and what is the server's IP?
<Elite> I don't run linux on my desktops so you don't need to tell me where to run the command ;)
<Elite> 192.168.0.100
<jmedina> ok then
<jmedina> http://192.168.0.100:631
<Elite> page load error
<jmedina> it should work, unless you have a firewall or simething, in your desk or server,
<jmedina> which error?
<Elite> Firefox can't establish a connection to the server at 192.168.0.100:631.
<jmedina> mmm, are you in the same subnet?
<Elite> 255.255.255.0
<Elite> yes
<Elite> Want the file from my network?
<jmedina> that is a subnet mask
<jmedina> nop
<jmedina> do you have firewall in server?
<Elite> 255.255.255.0
<Elite> Don't think so, I do have SWAT installed and it works
<jmedina> mm
<jmedina> please show me the lines you change in cupsd.conf
<Elite> where is that file?
<jmedina> did you read the guide?
<Elite> # Only listen for connections from the local machine.
<Elite> Listen 192.168.0.100:631
<Elite> Listen /var/run/cups/cups.sock
<Elite> that is all I changed
<Elite> I only edited the IP
<jmedina> so you only have those Listen lines in your file?
<jmedina> did you restart cups?
<jmedina>  /etc/init.d/cupsys restart
<jmedina> plase restart it again
<jmedina> and showme again the output from "netstat -plutn | grep cups"
#ubuntu-server 2009-03-26
<Elite> austin@ubuntu-server:/etc/cups$ /etc/init.d/cupsys restart
<Elite>  * Restarting Common Unix Printing System: cupsd                                                         start-stop-daemon: warning: failed to kill 8851: Operation not permitted
<Elite> cupsd: Child exited with status 1!
<genii> Elite: Try using sudo
<genii> eg: sudo /etc/init.d/cupsys restart
<Elite> There we go!
<Elite> jmedina, now that command shows: austin@ubuntu-server:/etc/cups$ sudo netstat -plutn | grep cups
<Elite> tcp        0      0 192.168.0.100:631       0.0.0.0:*               LISTEN      8884/cupsd
<Elite> udp        0      0 0.0.0.0:631             0.0.0.0:*                           8884/cupsd
<Elite> When I try to go to the ip is says 403 forbidden
<jmedina> mmm
<jmedina> you never tell me about that error when I ask for the error
<jmedina> sometime when you dont give enough info it is harder to solve simple problems
<Elite> What error?
<jmedina> 403 forbidden
<Elite> the 403?
<jmedina> or where did you get it?
<Elite> That is the first time I got that error, and I got it when I got to http://192.168.0.100:631
<jmedina> you need to change access restrictions in cupsd.conf
<jmedina> sorry I have to go
<Elite> genii you still here?
<genii> Elite: A bit, yes. I'm not overly familiar with cups errors however, and so not of much help on that subject
<Elite> Do you know what permissions stuff he was talking about?
<genii> Elite: 403 forbidden is a generic webserver message which means you or the user it thinks you are is not allowed to see the files. This normally happens when people put files in the webserver dir which don't belong to the same user the webserdoes for instance. In cupsys case, the user may have to be specified in the cupsd.conf file which jmedina mentioned
<genii> Bleh, typos
<Elite> I know what the error is but I can't see any place to set a user name
<Elite> How do I get out of a man
<genii> man cupsd.conf  shows quite a lot of name settings,auth settings, etc
<genii> Elite: q
<Elite> I was there and can't seem to find dick all there its too confusing
<genii> Elite: Mine has what seems to be relevant entries of:  SystemGroup lpadmin    (my user is a member of this group)    and:  DefaultAuthType Basic
<Elite> Whats after that line?
<genii> Elite: Wait, I'll just pastebin the whole thing so you can see
<Elite> ok
<genii> Elite: http://pastebin.com/f3090af06
<Elite> thx
<Elite> Do you share your printer?
<genii> Elite: Nope, it's an usb printer connects directly to my laptop
<Elite> God damnit! mine looks literally just like that and it doesn't work
<genii> Elite: Hm. You are putting what url in?   192.168.0.100:631    or so?
<Elite> yea
<Elite> I just keep getting a 403 erroe
<genii> try:   127.0.0.1:631
<Elite> I can't
<genii> Why not?
<Elite> I'm not on that machine
<Elite> Anything I don on that machine is done by ssh
<genii> Elite: Ah, ok. If you have lynks/elinks installed on there, you can do it on ssh
<Elite> Whats that?
<genii> text mode web browser
<genii> Useful to have on CLI machines
<Elite> how do I get out of vi
<genii> Elite:   :q   or :q!   to not write changes
<Elite> not working
<genii> Elite: eg:     links http://127.0.0.1:631                  doesn't work?
<genii> (after of course sudo apt-get install elinks if it was not installed)
<Elite> No the vi exit I mean
<genii> Elite: Hit ESC a few times then try again the:    :q!
<jmedina> where can I preview Ubuntu Server guide for jaunty
<jmedina> ?
<jmedina> there is no link in help.ubuntu.com
<Elite> I am on dial up is that application on the dvd?
<genii> Elite: elinks should be on the cd actually
<Elite> how do I make it come from there?
<BrunoXLambert> genii, w3m is installed by default for a text web browser
<genii> BrunoXLambert: Ah, thanks, did not know
<genii> Elite: Apparently you have already a browser installed
<Elite> Yea opening now
<BrunoXLambert> links doesn't even seems in main
<BrunoXLambert> elinks is
<genii> BrunoXLambert: links is a symlink to elinks
<BrunoXLambert> but not installed by default
<genii> (when it gets installed)
<BrunoXLambert> yeha
<BrunoXLambert> the real links is in universe
<Elite> w3m says it can't open http://127.0.0.1:631 or http://localhost:631
<BrunoXLambert> netstat -taunp | grep 631
<BrunoXLambert> ps faux | grep cups
<Elite> tcp        0      0 192.168.0.100:631       0.0.0.0:*               LISTEN      8983/cupsd
<Elite> udp        0      0 0.0.0.0:631             0.0.0.0:*                           8983/cupsd
<Elite> austin@ubuntu-server:/etc/cups$ ps faux | grep cups
<Elite> austin    9013  0.0  0.0   3004   752 pts/1    S+   20:12   0:00              \_ grep cups
<Elite> root      8983  0.0  0.2   5988  2336 ?        Ss   19:50   0:00 /usr/sbin/cupsd
<genii> Elite: Please use pastebin when a lot of lines
<Elite> It was 2 parts or supposed to
<genii> Elite: Try it's Listen address you likely specified, which would be the 192.168.0.100:631   or so
<Elite> I get a 403 still
<BrunoXLambert> 403
<BrunoXLambert> hmmm
<BrunoXLambert> why would the permition would be bad
<genii> Elite: Unfortunately as I already said, I'm not a Cups expert
<Elite> I know
<jmedina> read the logs!!!!
<jmedina> dont guess
<Elite> Where are they?
<BrunoXLambert> /var/log
<genii> You likely want the apache one
<genii> or /var/log/cups/error_log
<Elite> I don't think I have apache installed
<Elite> Nope
<genii> Can you even get a "403" if no webserver backend?
<Elite> Yes
<Elite> Like I said I can use SWAT
<Alysum> hello does anyone use apple's Terminal here and know how to alt backspace to delete the previous word like on PC keyboards?
<Elite> I use it and alt on a mac keyboard is the button right next to the space on the left side
<Deeps> ctrl+w?
<owh> Salutations. In fetchmailrc I need to specify many accounts. How do I specify default options like ssl sslchk and sslcertpath for the accounts. At the moment, it appears that I need to specify this for each user, rather than for the server, which makes no sense to me.
<owh> Until now, I've only ever needed one account in fetchmailrc - multiple accounts appears to be a whole different kettle of fish :(
<owh> In case anyone's wondering, it turns out that you create a "defaults" "server" with the options. Very intuitive :|
<Alysum> Elite: it doesnt work, its supposed to delete the WHOLE word until it meets a space backwards
<twitzel> Hi all
<twitzel> where can I download a "jaunty" iso image ?
<jmarsden> http://cdimage.ubuntu.com/releases/jaunty/alpha-6/
<twitzel> How alpha is it ? Is it minor issues, or does it have serious problems ?
<jmarsden> It is an alpha release... so I suppose it is 100% alpha?  If you can't handle that, wait for the real release :)  How serious its problems are depends on what you do with it...
<twitzel> I only want to run an NFS server with it. My current problem is that multipath-tools is all messed up in intrepid, but all the problems I have, are apparently fixed in "jaunty" Nobody seems to want to backport it to intrepid.
<twitzel> So its either "jaunty" now, or RH/centos instead. I'd like to keep everything homogeneous, i.e. ubuntu, so I like to give it a shot. But intrepid is basically broken
<jmarsden> Intrepid works fine here, if you think it is broken, did you file a bug?  Please supply bug # and I'll look at the bug report...
<twitzel>  Bug #338363
<uvirtbot> Launchpad bug 338363 in multipath-tools "device maps from partition tables will not be generated" [Undecided,Fix released] https://launchpad.net/bugs/338363
<twitzel> I think most of it is probably udev script related
<jmarsden> Doesn't the workaround stated in the bug report :  ENV{DM_TABLE_LIVE}!="1", GOTO="kpartx_end"   work?
<twitzel> No
<twitzel> Basically what I have done now, is removed all dm related udev scripts, which makes it at least generate /dev/dm-* by default rule and then call kpartx in a boot script
<jmarsden> Then you should add a comment to the bug saying that the workaround fails for you, and what happens when you try it.  ALso, you could consider just grabbing the sources for the newer version of multipath-tools from Jaunty and rebuilding them on Intrepid.
<twitzel> From the udev debug output, the kpartx rule is NEVER called
<twitzel> (that was before I messed with it)
<jmarsden> Or you can take the risk and run an alpha release... but if your NFS server will go into production... I wouldn't do that!
<twitzel> How bad can it be ?
<jmarsden> I'd grab the Jaunty sources for multipath-tools and build the packages for Intrepid...
<twitzel> Sounds like a good plan
<jmarsden> http://www.ubuntu.com/testing/jaunty/alpha6  says "This is still an alpha release. Do not install it on production machines."  I'd do as it says...
<twitzel> We don
<twitzel> 't do HA stuff or webserving
<twitzel> Unless it crashes everyday or loses data, its okay
<twitzel> I can try jaunty on one machine and try to backport the stuff to intrepid on the others
<jmarsden> OK.  There are no guarantees of either of those things being true for Jaunty Alpha6 :)  I'd be surprised if it did that to you, but... it might.
<twitzel> we have several of these HW configs
<twitzel> One last question about that. If I install the alpha, can it be upgraded to release without complete reinstall ?
<ScottK> twitzel: Yes.
<ScottK> twitzel: Actually if you install and upgrade now you'll have essentially the beta.
<twitzel> awesome
<twitzel> I'll email Taiwan and have them burn and insert the CD
<twitzel> I wish I knew more about udev
<twitzel> then I could contribute something. But right now its a bit above my head whats going on
<twitzel> Uuuh
<twitzel> U just botched by kpartx rule such that it calls kpartx on all dm-* that come in
<twitzel> Now everything works as desired, of course, all other device-mapper functions one could have are shot now
<whalesalad> Hey guys I turned my eth0 interface off a little while ago, and just turned it back on... but it's not working at all :/
<whalesalad> using ifconfig eth0 up/down
<p_quarles> whalesalad: sudo /etc/init.d/networking restart
<p_quarles> or sudo dhclient eth0
<simplexio> or ifup/ifdown  eth0
<n006> ÐÐ¾!
<n006> ÐÑÑÑ ÐºÑÐ¾ Ð¶Ð¸Ð²Ð¾Ð¹? :)
<rst-uanic> Ð°Ð³Ð°
<n006> ÐÐ¾Ñ.
<rst-uanic> ÐºÐ°Ð½Ð°Ð» Ð²Ð¾Ð±ÑÐµ-ÑÐ¾ Ð°Ð½Ð³Ð»Ð¾ÑÐ·ÑÑÐ½ÑÐ¹ Ð¾Ð±ÑÑÐ½Ð¾ Ð±ÑÐ» :)
<n006> ÐÑÑ Ð½ÑÐ¶Ð½Ð° Ð¿Ð¾Ð¼Ð¾ÑÑ. Ð¥Ð¾ÑÑ Ð½Ð°Ð²ÐµÑÐ½Ð¾Ðµ Ñ ÑÐ¾ÑÑ Ð½ÐµÑÐµÐ°Ð»ÑÐ½Ð¾Ð³Ð¾.
<n006> ÐÐ¹ ÑÐ¾ÑÑÑ ÑÐ¾ ÑÐ½Ð¾ Ð½Ðµ ÑÐ¾Ñ Ð½Ð°Ð¶Ð°Ð». xD
<n006> sorry
<rst-uanic> strange :)
<soren> whalesalad: "ifconfig eth0 down" deconfigures the interface, thus bringing down the routes through that interface. ifconfig up only bring the interface back up, not the coresponding routes. So: Use "ifdown eth0" and "ifup eth0" when you want to deconfigure/configre eth0.
<owh> I'm in the hunt for opinion, so please don't be shy. I've built an electronic ticket system. It emails out tickets to events. Invariably people provide incorrect emails, make typo's have quota issues and the like. I need to deal with the "backscatter". I was thinking of using dbacl to pre-filter this and then parse the individual messages. Are there other/better ways of doing this?
<whalesalad> Thanks for all the help guys
<owh> I'm asking here, not from a programming perspective, but because there is lots of server/enterprise experience in the room and I'm sure that u-s ships with all manner of tools I know nothing about :)
<soren> Why the filtering?
<soren> Do you intend to use the return-path address for other purposes?
<owh> The filtering is to make sure that an allocated ticket actually arrives. If it never gets to the recipient, it's never used.
<owh> It also means that the email address is faulty, so we cannot send a reminder later.
<_ruben> owh: you can only prevent backscatter on your own servers, not those of others .. and checking whether an email address exists or not, is nearly impossible
<owh> I'm just wondering, perhaps I don't need to do any of this. If a message comes back for *any* reason, it's borked.
<_ruben> well .. a bounce analyzer is another, sometimes useful, system
<_ruben> progammatically analyzing a bounce is quite an endeavour due to the non-standard formats being used
<owh> _ruben: Sure, but I'm beginning to wonder if I need to do this to actually figure out if the message got there. I suppose I need to ignore the "Delayed" errors, but the rest...
<_ruben> over-quota: tempfail .. non-existent domain: could be perm or tempfail .. etc .. rather difficult to handle properly
<owh> That in itself is classifying them. Which is why I started down the Bayesian path.
<_ruben> owh: well .. i'd atleast recommend "marking" email addresses that bounced atleast once or twice as "special (action required)" or smth similar
<_ruben> depending on the mailvolume one could process those marked addresses manually
<owh> Yeah. At the moment we do a "time-out" - if you don't collect your ticket with a period it goes back into the pool.
<owh> I just downloaded the email from the mailout of 9000 tickets. There were three messages, one to invite, one to collect and one to thank. That generated 3300 "extra" return emails alone.
<owh> People are not good at writing their own email address :(
<owh> I've not yet analysed all that email, but most of it is mistyped email addresses.
<owh> s/is/seems to be/
<owh> There isn't any ready-made stuff for this in u-s is there?
<soren> owh: Even if they have to type it twice? Wow. I'm surprised.
<owh> Nope, they just cannot seem to achieve it :(
 * soren loses another little bit of faith in mankind
<owh> I just found one user who mistyped their address *nine* times. The same two letters transposed.
<Bambi_BOFH> dyslexic ;O
<soren> *facepalm*
<_ruben> our bulkmailers have their queues filled with @hotamil.com @homail.com @hormail.com etc addresses
<owh> Yup
<owh> Or @hotmail
<owh> No phone numbers though - at least <grin>
<_ruben> which basically is a flaw in our software which i keep nagging our dev's about .. no address should be added to a mailinglist untill its verfied
<_ruben> hehe
<owh> That's the path I'm going down too. Otherwise you're just storing junk.
<owh> So, is dabcl overkill for what I want to do, or a smart way to go about solving this?
<_ruben> cant say i know what 'dabcl' is :p
<soren> dbacl.
<owh> Doh
<owh> digramic Bayesian text classifier
<_ruben> classifier .. hmm
<_ruben> sounds a bit overkill indeed
<Bambi_BOFH> is a classic 'click here to confirm' to uncool?
<owh> Bambi_BOFH: Well, they'll click regardless.
<_ruben> putting effort into a proper signup process is best imo
<_ruben> not being able to do anything untill a confirm link is clicked for instance
<Bambi_BOFH> owh, if the link is clicked, someone got the email.
 * Bambi_BOFH heads to dinner. will be interested to see how this discussion evolves
<owh> _ruben: I like the notion of sending an email to what ever they tell me, ignoring what ever comes back and only adding the address and sending a ticket once they click the link.
<owh> Bambi_BOFH: Ah, I read "on the site", but you mean, "in the email"
<Bambi_BOFH> yup.
<_ruben> owh: it's about the only way "that works" :p
<owh> Yup
 * owh adds a few lines of code to make that happen and ditches the dbacl idea. Much appreciated.
<_ruben> :)
<owh> The more I think about it the less I understand why I didn't think of this before :(
<owh> It's not like its a new idea :)
<jwstolk> I found my problem: wakeonlan (sending the magic packet) fails if the computer where the packet is send from has more than one nic. (I have 5, it's a firewall)
<jwstolk> The only solution I found was disabling all but one noc, which isn't a very good option in my case.
<owh> jwstolk: Just out of curiosity, how did you confirm this behaviour because while I've not done what you're doing, it does not appear to make sense to me.
 * owh is happy to be disabused of this :)
<jwstolk> It works on all my ubuntu-servers, except the one with multiple nic's, en it's the only reason I could find using google as well.
<simplexio> jwstolk: if i recall right wakeonlan work only from lan adderss, are all those nics in same lan. maybe packet originates from wrong nic or something
<jwstolk> the "send" operation in the python wakeonlan scripts gives an error, the packet never gets send, not even to the wrong subnet
<simplexio> jwstolk: ahh.. that script dosent work .. is it in some package or can you paste it to pastebin
<jwstolk> simplexio: the "wakeonlan" ubuntu package
<jwstolk> "send : Operation not permitted at /usr/bin/wakeonlan line 126."
<jwstolk> I think setting up the connection for sending fails, but I don't really know python.
<simplexio> jwstolk: are you sure you have enabled wol in those nic which shoul work
<jwstolk> I should not need to enable it on the nicks where I send it from. the computer that will receive then has it enabled, and it works, it's just doesn't work from the server with multiple nic's
<jwstolk> I want to send the magic packets from the firewall, because that's the one that is on 24/7.
<jwstolk> simplexio: If I change the destination port from "discard" to "ntp" in the script, it does send the packet. (port doesn't matter for WOL)
<jwstolk> (I also tested with the firewall stopped, but that didn't help.)
<jwstolk> hmm, the script no longer gives me an error, but nothing wakes up.
<jwstolk> simplexio: Got it to work: changed the port in the script from "discard" to "ntp" _and_ specify the subnet using "wakonlan -i 10.0.1.255 <HW Address>".
<jwstolk> ok, works with the "discard" package as well, if I open that port in the firewall software. I think I got confused by the fact that stopping the firewall does not seem to clear the IPtables.
<kraut> moin
<george__> hey guys, anyone here who worked with apparmour? trying to figure out how jailbash is set to be the shell for specific users only
<VSpike> Hi .. I've set up a command-line PPTP VPN connection on my server and it works when I do "pppd call myvpn"... but how can I configure it so that a static route is added when the vpn is connected?
<simplexio> jwstolk: have to remeber that
<heno> Hi
<jwstolk> simplexio: It isn't very clear that wakeonlan is sending to the "discard" port, and that you have to let that through the firewall (if any), but the nic doesn't care where in the packet the "magic" part is, or to what port is send.
<heno> Anyone here set up to help with a RAID install test on 64 bit?
<heno> http://iso.qa.ubuntu.com/qatracker/test/2490
<heno> http://testcases.qa.ubuntu.com/Install/ServerRAID1
<jwstolk> heno, works here. (Raid 10,f2 on two disks, on ubuntu-server-64) but I needed the newest kernel before rebuilding after a (simulated) drive replacement worked.
<jwstolk> but I can't really test things right now.
<heno> jwstolk: thanks - I was specifically thinking of an ISO install test with the pre-beta images
<jwstolk> ok. (I cheated anyway, I installed ubuntu on a single SSD, and only use the raid for the served files.)
<heno> soren, ttx, dendrobates: do we have anyone with a suitable setup?
<ttx> heno: not that I know of. Maybe kirkland.
<soren> heno: Is virtualised installs ok?
<ttx> soren: probably, looks like a software raid test
<soren> Indeed.
<soren> If so, I can do it.
<soren> I need to take a break now, though.
<heno> soren: virtual would be fine - it's mainly to test the ISO itself. Thanks!
<domas> how much RAM should left to OS on a DB server?
<domas> cause whenever I leave less than 2GB, kswapd starts going nuts :)
<domas> (even with swapiness decreased a lot :)
<soren> domas: Can you see what those 2 GB are used for?
<domas> soren: "cache"
<domas> well, it is 32GB machine
<domas> so 2G is quite small percentage :)
<soren> Cache pages should be evicted instead of swapping.
<domas> it isn't swapping
<domas> it is just kswapd doing lots of CPU cycles
<soren> And what do you think that means?
<domas> that it is nuts :)
<domas> if I increase swapiness, it starts swapping
<domas> and calms down
<soren> How do you determine whether it's swapping or not?
<domas> vmstat
<domas> (and "swap used" stays at 0 :)
<domas> sometimes kswapd just starts going nuts and panics machines eventually, if no intervention is made
<domas> it doesn't seem to like edge case of "one very very very big process"
<soren> You should talk to the kernel guys.
<domas> yeah, I guess
<tom__> does somebody know why i get "ignoring bad proto spec: '17437' when i try to restart ssh?
<tom__> i installed openssh-server
<tom__> changed /etc/ssh/sshd_config
<tom__> where i changed port 22 to 17437
<tom__> and set PermitRootLogin to no
<Deeps> did you change port or protocol?
<Deeps> double check the change you made
<Deeps> default is :Protocol 2
<Deeps> (answer found, 2nd hit on google for: 'openssh ignoring bad proto spec:')
<tom__> thanks, you're right
<Jeeves_> Ola
<Jeeves_> Anyone here using kvm + virtio nic?
<soren> Yes.
<Jeeves_> Ever had a kernel panic while booting it? :)
<Jeeves_> http://pastebin.ubuntu.com/138146/
<Jeeves_> Or better
<Jeeves_> http://pastebin.ubuntu.com/138148/
<domas> here, example of linux being idiotic: http://p.defau.lt/?WB6QRUQKJK19nVoZNQlNCA
<Jeeves_> domas: How is that idiotic?
<domas> Jeeves_: it uses 2G for cache, mostly caching _nothing_, and pushed out 2G of process that had active cache use
<Jeeves_> domas: I would expect cache is filled with the mysql-data files
<domas> Jeeves_: O_DIRECT
<domas> Jeeves_: actually most cache is log file, which is never read
<Jeeves_> domas: So fix how syslog opens the logfiles
<Jeeves_> so it doesn't get cached
<beniwtv> Hi all... I have a strange problem on one of my Ubuntu servers. It has 5 HDD's in RAID (mdadm). However, one drive periodically is put into 'Fault' state by mdadm. Removing and re-adding the drive seems to get it back up. Also strange is that I created a partition on that drive of type fd (Raid autodetect), but when I start my RAID, fdisk -l complains that it hasn't a valid partition table, which I think could be related t
<beniwtv> o the error I'm seeing. Note: I created the RAID manually (not with the installer), so I can't rule out that I have done something wrong. Any ideas?
<Deeps> not the most scientific solution, but you could try trashing that disk and recreating the partition,filesystem,etc. and readding it to the mdadm arrray fresh, and have it rebuild?
<beniwtv> Deeps: Yeah, that's what I thought to. I was previously playing with a fake RAID, which included that disk. Maybe it has some left-over there.
<beniwtv> Deeps: But just to verify, fdisk should not give that error (Disk xx doesn't contain a valid partition table), right?
<Deeps> should not, no
<beniwtv> Even in RAID 5?
<Deeps> might wanna use dd to /dev/zero those blocks? (i'm not sure if that has any other potential repercussions, mind)
<soren> beniwtv: That depends entirely on how you've set up your raid.
<beniwtv> soren: Used mdadm --create, with default options (has 5 devices, RAID5). I have never done it manually, I always used the installer, which didn't gave me any problems afterwards. But this server has had a RAID array added, so the system was already installed on it.
<beniwtv> soren: But I'm begining to think the drive is faulty, or the 3rd cable of the RAID is bad. I see timeouts in dmesg for that drive (which is the only one on that cable). And all others seem to work fine...
<kinley> hey: is there a safe way to differ between ethernet devices connect to path throght modul or by switch modul for dell poweredge blade server ?
<kinley> lspci : http://paste.ubuntu.com/138185/
<soren> kinley: I don't understand the question.
<soren> kinley: What are you trying to achieve?
<acicula> think he's trying to figure out which ethernet device belongs to which physical connection perhaps?
<soren> Ah.
<soren> kinley: Do you know how the pci "addresses" (I don't know if that's the correct term) map to physical ports?
<kinley> sorry, solved it, dell blade chassis map the ehternet port directly to different factorys, so port ethernet port 0 and 1 go to factory A and port 2 and 3 to factory c
<soren> Err... Does that answer your question?
<soren> If so, that's cool. It just mean that I didn't understand the question after all :)
<soren> I don't even know what a "factory" is (other than a place where stuff is produced).
<kinley> ;) or a blade chassis modul slot
<kinley> you can choose between switches, pass throught moduls....
<soren> Googling "blade chassis factory" didn't help, either. It only gave results where "factory" was used in the "production facility" sense.
<kinley> http://support.dell.com/support/edocs/systems/pem/multilang/cfggd/west/U003C0D.pdf
<kinley> page 39
<Deeps> possibly OT, is it possible to get the battery life remaining from a laptop without acpi enabled?
<soren> Deeps: If it's old, perhaps apm will do.
<soren> kinley: I don't see it.
<kinley> you got the pdf ?
<soren> kinley: Yes.
<Deeps> soren: p3 750mhz, old it certainly is!
<kinley> soren: on page 29 is a picture which show the backside of the chassis... the vertical slots are the factorys
<soren> Searching for "factory" gives me two hits. "factory default settings"  and "the factory-assigned World Wide..."
<soren> Oh, *twenty*-nine.
<kinley> 39
<kinley> sorry  page 39
<soren> Oh. "fabric" :)
<soren> You're German or something, aren't you? :)
<Deeps> soren: pretty sure the information it's outputting isn't accurate, but thanks anyway (100% battery life after 30mins?)
<kinley> fabric
<kinley> sorry
<soren> Deeps: Mind you, old laptop batteries positively suck at reporting their current charge level.
<Deeps> soren: good point
<soren> Deeps: I had one that knew three different levels. 100%, 6% and 0%. Ironically, the one where it stayed the longest was 0%.
<soren> 100% for the first 5 minutes, 6% for maybe 45 minutes, and 0% for the last hour or hour and a half or so.
<Deeps> soren: sounds like my old dell
<soren> Deeps: Fujitsu Lifebook.
<Deeps> mind you, same dell reaches 0% in about 5mins now, and then cuts out 30seconds later hehe
<Deeps> machine in question now is an hp omnibook xe3, p3 750mhz, providing internet gateway, firewall, mrtg
<dendrobates> heno: kirkland should be able to test that.
<Deeps> ..and i'm currently in a powercut, so only that laptop and mine are still alive, sitting in a rather uncomfortable position too as wireless is also unavailable
<kirkland> dendrobates: heno: what specifically do you want me to test?
<oruwork> how can i host multiple websites ?
<oruwork> on one host
<Deeps> apache vhosts
<rst-uanic> oruwork: you should add different virtualhosts
<oruwork> rst-uanic, ok, any more info on this ?
<friartuck> oruwork ip aliases and apache virtual hosts is one of a few answers...http://httpd.apache.org/docs/1.3/vhosts
<rst-uanic> http://httpd.apache.org/docs/2.0/vhosts/
<rst-uanic> this one is for apache2 :) I'm not sure if there's any difference
<friartuck> oruwork and....https://help.ubuntu.com/8.10/serverguide/C/httpd.html
<oruwork> friartuck, so its just a matter of creating configuration files for each site in /etc/apache2/sites-available ?
<Faust-C> a2ensite
<friartuck> oruwork you need to look into ip aliases, this is separate from apache. then...you need to dig into apache documentation. that's too long of a story for IRC.
<oruwork> friartuck, ip aliases.... hmm not sure where to start
<Faust-C> create virtual IP
<Faust-C> eth0:1
<Faust-C> gotta love linux's built in functionality
<Faust-C> or name based vhosts
<Faust-C> ubuntugeek.com
<oruwork> errr stuck
<twitzel> jmarsden, with jaunty multipath works like a charm
<oruwork> and confused
<Faust-C> oruwork: google, books, etc
<friartuck> strange...ubuntu server guide covers eth bridging but not aliases. hm.
<rst-uanic> aliases are quite rarely used i think
<oruwork> so i moved file /etc/apache2/sites-available/default to /etc/apache2/sites-available/site1 and changed the site root and directory in this file, nothing happend :(
<rst-uanic> oruwork: you sould enable site1
<rst-uanic> sudo a2ensite site1
<rst-uanic> also, you should specify site name in the virtualname tag
<oruwork> http://pastebin.com/m63a12793
<oruwork> virtualname tag ?
<oruwork> where would i specify this ?
<oruwork> in which file is the ServerAlias configured?
<oruwork> rst-uanic, really stuck not sure what to do
<george__> :q
<george__> bye guys
<oruwork> ScottK, around? i need some help to get 2 sites working under apache 2
<rst-uanic> oruwork: stuck with what?
 * ScottK is here, but knows very little about apache.  I'd say just ask the channel.
<oruwork> rst-uanic, well.. the same thing, not sure how to get 2 separte sites
<oruwork> i have a feeling of hitting the wall
<oruwork> :)
<rst-uanic> oruwork: what have you done already?
<rst-uanic> oruwork: and... you need two different sites, that have different FQDNs but are located on the same ip and server, right?
<oruwork> i'm looking at instructions here https://help.ubuntu.com/8.10/serverguide/C/httpd.html , I copied file default to site1 and specified document root and directory in site1 file
<rst-uanic> ok
<rst-uanic> when you specify virtualhost
<rst-uanic> the first line is <VirtualHost *>
<rst-uanic> change it so something like this <VirtualHost yoursite.com:*>
<rst-uanic> restart apache and try again
<oruwork> the first line in default file yes <VirtualHost *:80>
<rst-uanic> now
<rst-uanic> in a new file specify you site name instead of *
<rst-uanic> s/you/your/
<oruwork> rst-uanic, how can i remove site from a2ensite ? rst-uanic  ?
<rst-uanic> oruwork: a2dissite
<boflic> I followed the perfect server howto for ubuntu 8.10 with isp. I have a problem though. i can connect to apache and isp from local ip (192.168.0.x) but when i try to connect from server1.x.x it fails, and firefox gives me an error about that the site is there but it cant connect to it! Can anyone help me out PLEASE!
<Zerqent> boflic: are both you and the server behind the same NAT?
<boflic> yes, and i forwarded ports to my server, in a attempt to make it work!!
<boflic> Can i give any logs???
<nomoa> hi, sometimes our bind nameserver refuse to respond (timeout), I can see strange errors in /var/log/messages but I'm not sure it is linked to the problem : http://pastebin.com/da52bd36
<boflic> sorry!!! i got it! cybercity (my isp) turned of nat loopback! reenabled it and it seems to work! does anyboddy know if it is possible to disable updates from isp??
<soren> boflic: Cybercity has always done that.
<boflic> I know! BUT WHY! they should just accept that when i made some changes, its becuase i need it!!! Isn't it posible to make it allways on???
<Zerqent> boflic: you have to check that from outside your NAT
<boflic> Zergent: I've solved it with nat loopback on! my mistake!
<jmedina> morning
<kraut> i'm using open-iscsi to use a lun on a netapp filer. my system spams the filer with this message: Thu Mar 26 18:13:24 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX
<kraut> does anybody know, how to fix that?
<jmedina> kraut: where those messages are displayed?
<kraut> on the filer
<kraut> shall i pastebin the default-file of the node, i'm using?
<jmedina> kraut: do it, probably someelse can help
<kraut> jmarsden_: http://pastebin.com/m6284d233
<kraut> XXX is the target IP
<kraut> it seems to happen every 30 seconds
<jmedina> probably because timeouts, ping timeout I think that is something like a keep alive packet
<kraut> how do i deactivate that? because it's working.
<kraut> the strange thing is also, when i stop open-iscsi, the disk is still working
<kraut> i set ping timeout to 0 now
<kraut> seems to help
<mathiaz> kirkland: have you heard of mandos? http://packages.ubuntu.com/jaunty/mandos
<kirkland> mathiaz: nope, looks interesting, perhaps
<kirkland> mathiaz: i'd like to review the full design
<kirkland> mathiaz: but looks interesting
<paul_> sd
<oruwork> hi, so how can i get Apache2 to work with 2 sites ?
<acicula> vhosts
<oruwork> acicula, this is file /etc/apache2/sites-available/selsovet.com which is my second site that i'm trying to run http://pastebin.com/m7c89c098
<oruwork> both domains still open the same document root
<oruwork> rst-uanic, still here ? :)
<acicula> oruwork: dunno about syntax, guess the vhost dont match
<oruwork>  could someone please help me with setting up 2 different sites ?
<jmedina> oruwork: isnt documented in ubuntu server guide?
<oruwork> jmedina, yes, server guide is what i'm looking at , but i'm struggling with it
<jmedina> waht is the problem?>
<jmedina> oruwork: both servers are listening in same IP and same POrt?
<oruwork> the only thing i did was copy the hosts-avaiable/default file and modified it like this http://pastebin.com/m7c89c098  , reloaded apache, now when typing both domains in the browser they still point to the same document directory, and i want them to point at 2 different directories. So yeah . i really need help on getting this to work  jmedina
<jmedina> oruwork: what is the output from
<jmedina> apache2ctl -S
<jmedina> ?
<oruwork> http://pastebin.com/m237bf9b
<big_ham> re
<jmedina> oruwork: I use this config for virtual hosts
<jmedina> http://verde.e-compugraf.com/jm-confs/apache/vhost.apache2.template
<jmedina> I only place that file in /etc/apache2/sites-available
<jmedina> en then enable with
<jmedina> a2ensite vhostname
<jmedina> and reload apache
<big_ham> using Dovecot/Postfix, can I have one user's email attachments store in a specific directory?
<jmedina> oruwork: if  using name based virtual host and both sites uses same IP and same port then remove the domain name from the VirtualHost directive
<oruwork> jmedina, ok, this is what i did, both domains still show the same site though :( http://pastebin.com/m4a7861dd
<jmedina> oruwork: change your virtualhost directyve
<Ayukawa> Okay, at risk of sounding like an idiot, i just set up spam filtering based on the guide at https://help.ubuntu.com/8.10/serverguide/C/mail-filtering.html but I'm wondering how to get a list of mails that are blocked by the filters.
<jmedina> jus put a *
<oruwork> jmedina, yeah its <VirtualHost *:80>
<oruwork>  now
<jmedina> Ayukawa: if you are using amavisd-new then you can set notifications for spam, virus, banned, and bad headers
<jmedina> I think is not enabled by default
<jmedina> oruwork: again
<jmedina> apache2ctl -S
<jmedina> please
<oruwork> jmedina, sure bro http://paste.ubuntu.com/138450/
<oruwork> jmedina, i think i didnt specify ServerName , just not sure how to do this
<jmedina> ServerName is most important
<jmedina> if not specified all traffic goes to default site
<jmedina> just put ServerName selsovet.com
<oruwork> where do i specify it ?
<jmedina> and again -S
<jmedina> in your second site file
<oruwork> anywhere?
<oruwork> at the buttom ?
<jmedina> the one you posted, the one you changed *
<jmedina> yeap
<jmedina> I usually add it near to ServerAdmin and before DocumentRoot
<jmedina> you can doit anywhere
<oruwork> heh
<oruwork> i think its working now  :)
<oruwork> can i do this without the default ?
<oruwork> i would like to orgonize this by /var/www/site1 , /var/www/site2, etc....
<oruwork> cuase i'll be hosting 3 sites on this vps
<oruwork> jmedina, ^^
<big_ham> jmedina ... did you see my Q above ^^^ ?
<jmedina> oruwork: yeap, I usually always put default in /var/www/default, and all the site goes to /var/www/siteN
<jmedina> I use default as a catch up, all traffic no directed to a defined virtual hosts goes to default site
<jmedina> for example when someone try to use the IP insead of name
<oruwork> oh thats right, what would happen if someone would use the ip ?
<jmedina> big_ham: I dont know, what you mean as a attachment store dir?
<big_ham> here's the scenario brielfy
<oruwork> so i should pint the default file to go to /var/www/default ?
 * Faust-C wants more work on making sure Kolab works in ubuntu
<big_ham> there's an email address people in the field use to email pictures to
<big_ham> right now a human checks the emails, strips attachments and uploads to FTP dir
<big_ham> mail and ftp are on the same box, so if I can strip attachment on server side and drop in a directory, it saves a step and some bandwidth
<jmedina> oruwork: I always do that
<big_ham> does that scenario make sense?
<oruwork> so when someone types the ip of your VPS, what do they see ?
<Faust-C> big_ham: makes sense
<Faust-C> picasa has a item like that
<Faust-C> you can txt a image to a certain email address and it will be on album
<Faust-C> big_ham: you can make a filer cant you?
<Faust-C> like setup a images@domain.com and have the filter strip the attachments and save them to a folder
<big_ham> on the server side?
<Faust-C> yeah iirc
<Faust-C> server side filers, w/ imap
<big_ham> I'm not sure, I'm fairly new to Ubuntu, let me google that one
<big_ham> didn't know the "lingo" I should be using, ya know?
<jmedina> I think I already answer this a few days ago, I dont know a solution about that
<big_ham> you did jmedina ... but I felt I didn't phrase properly
<jmedina> but I think is not that hard to create a script that strips mail and place attachments in a directory, then mangle mail body to add footer with infor of attachments locations in a FTP server
<big_ham> and I've been googling with no pertinent results which is wierd
<jmedina> postfix has good support por pipe to a program
<Faust-C> jmedina: yep
<jmedina> renattach did something like that
<big_ham> would this be a dovecot filter, or a postfix filter (i assume dovecot)
<jmedina> big_ham: depens what Local Deliver Agent you use
<jmedina> you can use local postfix, or dovecot 'delivery'
<big_ham> jmedina: how can i check to be sure before I waste time in the wrong realm?
<mathiaz> kirkland: is there anything cool to mention about the qemu update to 0.10.0 in jaunty?
<kirkland> mathiaz: that it happened!
<kirkland> mathiaz: it's the first qemu release in almost a yeat
<kirkland> year
<mathiaz> kirkland: ok - new features? main bug fixes?
<kirkland> mathiaz: http://www.nongnu.org/qemu/changelog.html
<mathiaz> kirkland: ok - the main thing seems to be kvm support and all the virtio stuff
<mathiaz> kirkland: wasn't this already included in Ubuntu?
<stickystyle> big_ham: I do something similar to what your asking about.  Previously I did it with a big nasty procmail script to but, but you run into scalability problems processing each message as it arrives.  I don't know what your scripting ablity is, but I would recommend letting the mail deliver to a set mailbox (as it sounds like you already do) then have a script that runs out of cron like every 5min to read the mailbox and take action o
<big_ham> unfortunately my scripting abilities are limited, but my learning abilities are very high ...
<big_ham> i found some info related to "body_checks" and making filters
<big_ham> but it's specifically to "REJECT" bad attachments
<big_ham> http://linuxpoison.blogspot.com/2007/12/filter-attachments-bat-exe-etc-in.html
<jmedina> stickystyle: would you mind to share your script?
<kirkland> mathiaz: yeah
<kirkland> mathiaz: the key is that qemu has lacked an active maintainer for most of a year
<stickystyle> jmedina: Let me take a look at what I can do to share the idea of how it works, it's kind of tricky since technically it would by my companies property.
<kirkland> mathiaz: aliguori just took that over, and will be doing regular releases
<big_ham> stickystyle: I have to say that cron seems easy enough, but I must admit I'm not even aware where attachments are kept in the file system
<stickystyle> big_ham: They are kept mixed in with the actual email file.
<stickystyle> base64 encoded.
<big_ham> oh boy ... not all that straightforward then
<stickystyle> Well, that's where a modern scripting lang comes to help.  It will abstract most of those little nuances away from you.
<big_ham> i see
<big_ham> any general google guidance you can provide would prove very helpful as I'm having a hard time figuring a starting point
<stickystyle> big_ham: Here are the python examples of mailbox handling http://docs.python.org/library/mailbox.html#examples
<oruwork> this is a beauty jmedina :)
<jmedina> good, another happy customer
<jmedina> :D
<jmedina> next :D
<big_ham> stickystyle: thank you
<big_ham> have to head out on site, but I will pick back up with this when I return
<big_ham> BTW ... for whom do you work?
<stickystyle> I'm an IT Manager for a Freight Forwarding company, nothing glamorous :)
<big_ham> I see ... always interested
<oruwork> jmedina, doint some further testing here, it turns out that one of my domains cant look up the directory i specified in /etc/apache2/sites-availab.e/selsovet.com
<jmedina> oruwork: which tests?
<oruwork> jmedina, i'm reorgonizing everything the way you told me so that my setup will be similar to /var/www/default, /var/www/site1, /var/www/site2, etc...
<oruwork> jmedina, i'm putting up index.html files in directories of the sites
<oruwork> and trying to access them in the browser
<jmedina> oruwork: did you restart apache after changing DocumentRoot in sites config?
<oruwork> jmedina, yup
<jmedina> oruwork: and what but apache2ctl -S
<jmedina> ?
<jmedina> also use  apache2ctl -t for sintax checking
<mathiaz> kirkland: how many logos are now available in screen-profiles?
<kirkland> mathiaz: released in jaunty, or committed to bzr ?
<stickystyle> big_ham: I doubt this code will work right away as I did it from memory, but it should give you the general idea what I was talking about http://pastebin.com/d48672594
<mathiaz> kirkland: in jaunty
<mathiaz> kirkland: I saw a mention about suse in the changelog
<kirkland> mathiaz: so the screen-profiles package just comes with ubuntu-light, ubuntu-dark, and ubuntu-black
<oruwork> jmedina, http://pastebin.com/m6196adf3
<kirkland> mathiaz: there's a new screen-profiles-extras package, which has a bunch of other light/dark colors, plus profiles for (fedora, debian, redhat)
<kirkland> mathiaz: committed to bzr are profiles for (centos  debian  fedora  gentoo  mandriva  novell  redhat  slackware  suse  ubuntu)
<kirkland> mathiaz: and i just completed a new script, screen-profile-dump
<kirkland> mathiaz: which will allow you to dump your profile to one, monolithic, file, which you can install as ~/.screenrc or any unix/linux system that has screen
<oruwork> jmedina, http://pastebin.com/m2508310f
<kirkland> mathiaz: thus, for distros that don't have screen-profiles packaged for them yet
<kirkland> mathiaz: or, for a system where you don't have root access and can't install screen-profiles
<kirkland> mathiaz: so people.ubuntu.com, for instance
<mathiaz> kirkland: cool
<kirkland> mathiaz: i also learned a neat new trick for kvm today
<kirkland> mathiaz: which works *really* well in screen
<kirkland> mathiaz: kvm -curses
<kirkland> mathiaz: runs the kvm in the current console/shell session
<kirkland> mathiaz: i now have each of my kvm's running in their own window in screen
<NEWzilla> Hi, I have 8.10 installed LAMP configuration plus aptitude safe-upgrade executed with subversion installed.. (just to provide a background on my server)  My problem is it appears Apache's ldap is not searching nested groups.
<jmedina> can I paravirtualize using KVM in my opteron cpus (they dont support Full Virt)
<mathiaz> kirkland: hm - you mean the kvm command?
<mathiaz> kirkland: or the console of the guest?
<kirkland> mathiaz: i received a contribution from a novell/suse developer yesterday
<NEWzilla> I have found this was fixed in i think 2.2.3 of apache but it appears to not be working  for me.  i have to add the user directly to the group but it does not search nested groups
<kirkland> mathiaz: with support for suse's update manager, in the updates-available script
<jmedina> I always used xen for paravirt
<kirkland> mathiaz: the kvm command
<jmedina> NEWzilla: waht you mean with ldap nested groups?
<mathiaz> kirkland: ok - does that mean you have to create a new screen window before starting kvm -curses?
<jmedina> NEWzilla: what are you trying to do?
<oruwork> jmedina, nvm , i made a silly mistake, this beauty is working
<kirkland> mathiaz: well, that command will take over your current shell
<kirkland> mathiaz: running the kvm itself inside of an ncurses session
<jmedina> oruwork: good, what whas the silly mistake?
<NEWzilla> I have apache setup to authenticate basic auth off of MS active directory.
<kirkland> mathiaz: so, yeah, i hit <f2> to open a new window, name it whatever that vm's name will be
<NEWzilla> i have require ldap-group setup for my <location>
<kirkland> mathiaz: and then run kvm -curses -hda foo.img
<oruwork> jmedina, i didnt copied index.html files to the wrong path lol
<oruwork> jmedina, i mean i DID copy
<NEWzilla> it works but only if i have the users in the specified group. if i put a group in the group "nested group" in the ad group.. apache does not appear to search the nested group to determine if the user is part of a nested group.
<mathiaz> kirkland: what kind of ncurse session is created?
<kirkland> mathiaz: it just uses curses to render the console output of the vm
<kirkland> mathiaz: rather than sdl
<mathiaz> kirkland: could it be possible to detect if you're running in a screen session and automatically create a new window and name it correctly?
<mathiaz> kirkland: I'm not familiar with kvm on the command line as I'm running everything from libvirt
<kirkland> mathiaz: there is some support in screen for auto-naming windows
<NEWzilla> i have tried using the AuthLDAPMAxSubGroupDEpth but it fails and apache does not restart.. says it is not supported or the module is not installed... yet i have authnz_ldap enabled and it works ... just not when the user is in a nested group in the group set for the require -ldap-group
<kirkland> mathiaz: it can take some regex of whatever your last command executed or something like that
<kirkland> mathiaz: i played with that for a little while
<kirkland> mathiaz: it was very distracting, i found to use in the general case
<kirkland> mathiaz: my window names were jumping all over the place :-)
<NEWzilla> so, i am kind of wondering.... might ubuntu server's apache install be missing this patch?
<mathiaz> kirkland: right - I usually don't name my screen windows
<mathiaz> kirkland: OTOH I rarely have more than two sessions opened.
<mathiaz> kirkland: otherwise it takes to much time to cycle through them.
<kirkland> mathiaz: i name all of mine, and i have 10-15 open
<jmedina> mm I have not used nested groups in AD I dont know how is strcutured in LDap tree
<mathiaz> kirkland: however one thing I made sure when I designed my vm mgmt scripts is to have a consistent naming in the vm.
<jmedina> NEWzilla: have you tried using a simple ldapsearch query?
<mathiaz> kirkland: ex: if I create a vm named t-slapd, I wanted to make sure that the guest hostname was t-slapd
<mathiaz> kirkland: and that I could ssh into the guest using t-slapd
<kirkland> mathiaz: i like that consistency
<mathiaz> kirkland: I had to modify the root filesystem to be able to specify the hostname of the guest from the host
<NEWzilla> jmedina: no, but this is because i currently do not know how to build such a search query.
<mathiaz> kirkland: this is why I'm using lvm snapshots rather than qcow2 files as I want to be able to update the root filesystem.
<mathiaz> kirkland: do you know if it's possible to get the vm name from the guest?
<NEWzilla> jmedina: i have found the bug entry for apache and it says closed and was a bug on the require ldap-group but i have no clue how to determine if my apache really does include its fix.. i have checked and apache 2.2.9 is running..
<mathiaz> kirkland: I meant inside the guest
<jmedina> NEWzilla: check the changelog of you apache package
<jmedina> I really dont know how is nested groups in ldap
<kirkland> mathiaz: as libvirt calls it?
<kirkland> mathiaz: i don't think so
<kirkland> mathiaz: i don't think the guest knows its a guest
<jmedina> I use this config por group ldap auth
<jmedina> http://paste.ubuntu.com/138481/
<NEWzilla> the first difference i have found is you have AuthLDAPGroupAttributeIsDN in your configuration..
<NEWzilla> i don't have this in mine.. but going to read up on what it is..
<NEWzilla> do you have any sub groups in yoru domain admins that contain users not in the domain admin group directly and are they still granted access to the site?
<NEWzilla> a nested group is just a group that contains reference to another group. instead of just the users.
<jmedina> NEWzilla: nop I dont uses subgroups
<NEWzilla> for example when assigning a user to a gropu you can also assign a group to a group.
<NEWzilla> jmedina: i guess you wouldn't want to take a stab at testing it with me to see if i am really finding an issue with ubuntu's apache + mod authnz_ldap or if i am just doing things wrong?
<NEWzilla> i am looking at the apache bug 42891 and it says resolved... but it is still not working for me.
<uvirtbot> Launchpad bug 42891 in wine "apt-get build-dep wine fails with "libicu28-dev uninstallable"" [Medium,Fix released] https://launchpad.net/bugs/42891
<mathiaz> kirkland: right. Something similar to the ec2 init script
<mathiaz> kirkland: where you can grab information about the guest from an outside source
<NEWzilla> http://issues.apache.org/bugzilla/show_bug.cgi?id=42891
<uvirtbot> issues.apache.org bug 42891 in mod_authz_ldap "Support for nested groups in LDAP" [Enhancement,Resolved: fixed]
<kirkland> mathiaz: interesting, can you pastebin that init script?
<mathiaz> kirkland: IIRC with vmware-server you can poke at things between the host and the guest
<zul> kirkland: for the ec2 set hostname?
<zul> the script that changes is called ec2-set-hostname.py in the ec2-init package
<mathiaz> kirkland: IIRC in ec2 you can get some information about the AMI by wget a specific address from the guest
<zul> mathiaz: the latest updated version for the next ec2 beta has a script called ec2-get-info which allows you to get alot of the information already withough using curl
<NEWzilla> how do i determine what version of a mod i have installed?
<giovani3> NEWzilla: an apache module you installed via ubuntu?
<NEWzilla> oh crap........ i think i just learned that it looks to be part of the apache 2.3 trunk......
<NEWzilla> anyone know about getting apache 2.2 upgraded to 2.3 on ubuntu server 8.10?
<giovani3> 2.3 is the development trunk, they don't release those
<NEWzilla> or even 2.4 ?
<giovani3> it turns into 2.4 when it's done
<giovani3> until it's out ... it can't be included
<NEWzilla> if the module documentation is under documentation > 2.3 > modules... this means it is part of the 2.3 apache trunk.. right?
<NEWzilla> i will see if the 2.4 has this part of it in the authnz_ldap module...
<NEWzilla> actually i don't even know if there is an apache 2.4 yet... lol
<giovani3> there isn't ... like I said
<giovani3> 2.3 is a development trunk -- it turns into 2.4 when it's finished
<NEWzilla> ok, i got you
<giovani3> then 2.5 will be the development trunk, and it will turn into 2.6 when it's finished
<giovani3> considering 2.2 is relatively modern, I don't know when 2.4 is expected
<giovani3> you could, however, ask about this in #apache, I'm sure they know much more
<NEWzilla> i understand .. blarg..... how crazy is it to use the 2.3 right now? or is there a way to only use the authnz_ldap module in my 2.2 apache server?
<NEWzilla> er . the new authnz_ldap module that has the subgroup search feature added
<giovani3> 2.3 is a development trunk, it's probably not stable
<giovani3> once again ... #apache knows far more about this than we do
<NEWzilla> ok, i will hop over there thanks guys
<jmedina> NEWzilla: havnt you tryed kerberos auth, I think is more appropiate for AD auth
<jmedina> http://port25.technet.com/archive/2008/01/25/technical-analysis-apache-with-mod-auth-kerb-and-windows-server.aspx
<jmedina> from microsot :D
<NEWzilla> I will look at it. but i am working on getting together an identity management solution and to centrally help manage other resources.  this apache server is just one of many resources i would like to manage with Active Directory
<jmedina> I think kerb is betther por central id mgmt, you can enable Single Sing On with it using key based auth
<jmedina> IE and mozilla supports SSO
<geekboxjockey> I was wondering if anyone here uses Bacula, I have a filset issue with backups for 3 systems. Each backup is almost identical in coverage plus the inclusion of an additional folder or two on each system. Is there a way to extend or inherit from a base fileset and add custom additions for each host on top of that?
<geekboxjockey> So instead of having to specify a fileset for each host that contains (/usr, /var, /etc, /home...) just specify one, and then add to it for additional locations on each individual host.
<acicula> geekboxjockey: been awhile since i set that up, maybe, if it's possible it's described in the manual
<geekboxjockey> yeah, I've been scouring it for a bit now, it's a BIG manual, I've also done the obligatory googling before coming here :-P
<geekboxjockey> Bacula configuration is an art-form :P
 * Faust-C suggests backupPC
<Faust-C> considering its apart of amanda now
<beniwtv> hi all... I have created partitions on my disks with fdisk on ubuntu server, changes partition type to fd (linux raid autodetect) saved them with "w", but the partitions do not show up in /dev, even after a reboot. Any ideas?
<beniwtv> (there also where no errors from fdisk, and fdisk -l after the reboot shows them fine)
<Yasumoto> soren: I saw that it looks like you were working on getting Cobbler working on/with ubuntu, did that work out all the way or is it still in progress? I can't seem to find any 'recent-ish' updates
<soren> Yasumoto: It keeps getting deferred, I'm afraid.
<beniwtv> oh, and one more hint: cat /proc/partitions does not show them... now I'm really worried.... :-/
<Yasumoto> soren: ah, totally understandable
<Yasumoto> soren: is it close to being done, or are there still some parts that need work?
<soren> Yasumoto: there's still quite a bit of work to be done.
<Yasumoto> soren: gotcha, I'll poke around a bit, thank you :)
<theunixgeek> Any recommendations for a minimal desktop environment for Ubuntu Server?
<Jeeves_> openss-server :)
<Jeeves_> +screen
<Yasumoto> you could try xfce (apt-get install xubuntu-desktop)
<theunixgeek> Yasumoto: I'm installing it right now :)
<Yasumoto> theunixgeek: cool
<theunixgeek> I was wondering if there's something even more minimal
<Deeps> ubuntu server + X = #ubuntu
<theunixgeek> Since my download speed just dropped from 121 to 66 kbps :|
<twitzel> jmarsden_: I did install jaunty and it worked. Interestingly, I noticed other differences in how multipath-tools behaved in jaunty and for fun copied just the executable /sbin/multipath from the jaunty box to the intrepid box. Now that intrepid box works absolutely perfectly. So it wasn't a udev issue after all
<twb> twitzel: that hurts my brain
<twitzel> Althouh the version of multipath-tools in jaunty and intrepid appear to be the same, the one that comes with jaunty works, the one that is in intrepid doesn't
<twitzel> Anyhow, all my problems are solved now. Thanks to everyone who helped.
<twb> twitzel: no, they differ in -1 to -2.
<twb> http://changelogs.ubuntu.com/changelogs/pool/main/m/multipath-tools/multipath-tools_0.4.8-14ubuntu2/changelog
<twitzel> Uh, didn't notice the 2
<twb> The first changelog entry say "Let dmsetup run kpartx"
<twitzel> will this be backported to intrepid ?
<twitzel> Another strange this is, with intrepid multipath-tools you get something like this: multipath -ll
<twitzel>  mpath2 (360022190009773680000214a495047ce) dm-2 ,
<twitzel>  [size=2.0T][features=0][hwhandler=0]
<twitzel>  \_ round-robin 0 [prio=3][active]
<twitzel>  \_ #:#:#:# sdd 8:48  [active][ready]
<twitzel>  \_ round-robin 0 [prio=0][enabled]
<twitzel>  \_ #:#:#:# sdj 8:144 [active][ghost]
<twitzel> With the newer multipath-tools from jaunty it looks correctly like this: mpath2 (360022190009773680000214a495047ce) dm-1 DELL    ,MD3000
<twitzel> [size=2.0T][features=0][hwhandler=0]
<twitzel> \_ round-robin 0 [prio=3][active]
<twitzel>  \_ 1:0:0:2  sdd 8:48  [active][ready]
<twitzel> \_ round-robin 0 [prio=0][enabled]
<twitzel>  \_ 1:0:1:2  sdj 8:144 [active][ghost]
<twb> Please stop
<twitzel> okay
<twitzel> sorry
<twb> I don't know if it will be backported to intrepid; I don't know ubuntu's backporting policy.
<twb> At worst you can manually install that .deb on each host you have, I guess.
<twitzel> There is however, still a minor issue
#ubuntu-server 2009-03-27
<Damm> stupid question i'm sure, virsh is giving me an error 'network not found br0'... failed to start
<Damm> yet ifconfig br0 shows the right stats
<unblessedTurnip> how did you define your bridge in /etc/network/interfaces ?
<Damm> lemme pastie
<Damm> http://gist.github.com/86461
<Damm> not using nat here, just regular routing
<Damm> hopefully that doesn't complicate things.
<Damm> and eth0 is manual static with no settings
<Damm> iface eth0 inet manual
<Damm> running jaunty (apt-get update current)
<unblessedTurnip> what is giving you the 'failed to start' ?
<Damm> virsh start 'dev'
<Damm> or virsh start 'ubuntu'
 * Damm obviously will dig in the docs more
<Damm> because clearly my network isn't what it's expecting
<unblessedTurnip> so I'm assuming you want it to connect to a bridged interface of some defined name?
<Damm> yep
<Damm> ideally eth0
<unblessedTurnip> well, you're only bridge port is eth0; you don't want another one?
<unblessedTurnip> as in:  bridge_ports eth0 virtual0?
<unblessedTurnip> so there are two interfaces both using the defined address, netmask, etc\
<Damm> nope not another
<Damm> unless you can give me a reason
 * Damm has gone over the Ubuntu KVM docs quite well, and it's just not giving me the details i'm trying to find sadly.
<unblessedTurnip> ok so you want it for virtualization
 * Damm nods
<unblessedTurnip> well, the second port on the bridge will allow the virtualized OS to connect to the network as it's own entity
<unblessedTurnip> no NAT traversal through the host
<Damm> so basically, doing bridge_ports eth0 virtual0 virtual1/etc
<Damm> would be better
<Damm> your saying
<twb> Would you also want proxy ARP?
<unblessedTurnip> well, it's how you make a second port on your bridge0
<unblessedTurnip> besides eth0
<Damm> ah right
<twb> Damm: obviously a bridge of only one thing doesn't make much sense
<Damm> twb, well then please by all means point me somewhere I can fill in the blanks... because I don't want a 'answer'
<Damm> I want to learn.
<unblessedTurnip> I set up virtualbox (open source edition) through https://help.ubuntu.com/community/VirtualBox#Networking
<unblessedTurnip> it documented setting up the bridge, with the second or more bridge point creation
<unblessedTurnip> it's followed by virtualbox-specific stuff after that though
<Damm> interesting, yes.
<Damm> I guess I wasn't thinking that way when I read it, I was thinking it would attach to br0 (kvm) and like vmware allow multiple 'guests' to read that.
<unblessedTurnip> so link helped?
<unblessedTurnip> i need to find better documentation on configuring /etc/network/interfaces
<Damm> that's what I was thinking.
<Damm> I see a ton of arbitrary settings in these examples with no information on what they are related to
<Damm> like bridge_fd 9, bridge_hello 2
<Damm> bridge_stp makes sense to me thankfully
<unblessedTurnip> where did you get those from anyhow?
<Damm> https://help.ubuntu.com/community/KVM/Networking
<Damm> I am reading this now
<Damm> and laughing at myself for following it
 * Damm shakes his head
<Damm> unblessedTurnip, my error has nothing to do with what you linked at all.
<Damm> but thank you for trying :)
<unblessedTurnip> I thought it might be because the virtualizer expected a seperate bridge interface beyond br0, but oh well
<Damm> no
<Damm> the instructions in that wiki tell you to modify the network 'name' to br0
<Damm> the problem is we then do not define the network 'br0' in kvm
<Damm> it's not looking for ifconfig br0, or eth0, or /dev
<Damm> it's looking for an xml config for the network 'br0'
<unblessedTurnip> oh
<Damm> and thus the utter failure begins
<unblessedTurnip> alright then :|
<Damm> it's funny now yes?
<unblessedTurnip> yea
<unblessedTurnip> best of luck with KVM
<Damm> well, once this is done and I document it... it's something for my company to go forward
<Damm> and it's nice padding on the resume
<Damm> designed and deployed a mixed architecture using kvm in a production enviroment, built monitoring systems around it, blah blah
<unblessedTurnip> interesting; i hope the monitoring tools are good :P
<Damm> They will be.
<Damm> as long as you can handle a wrapper to read the JSON
<Damm> and that's trivial with perl or ruby or python
<unblessedTurnip> i'll probably be the only guy at our network ops centre that could do that :P
<Damm> but now i'm going to shower feeling accomplished because I defeated a wiki!
<unblessedTurnip> haha
<Damm> oh I feel that way all the time
<Damm> only reason i'm looking at KVM right now is because Xen is on the deprecated list
<Damm> we're going to use Xen for a year or two, but I'd like to have all the tools and migration path for KVM set once we feel KVM is ready to use.
<twb> Damm: do you have specific problems with kvm?
<Damm> twb, not anymore
<Damm> :)
<twb> Damm: I'm looking at migrating from vmware to openvz (for unix guests) and kvm (for windows guests).
<Damm> pardon my french as i say this.
<twb> So if KVM "isn't ready" I'm very interested :-)
<Damm> are you fucking insane about openvz?
<twb> Damm: what's wrong with openvz?
<Damm> Unless you work for Cameron (spry) there's really no reason to use openvz
 * unblessedTurnip gooogle.com/search?q=openvz
<Damm> Xen is a HUGE step up from Openvz
<Damm> and going from vmware to openvz is like... a downgrade
<Damm> majorly
<twb> IME vmware breaks everything.
<Damm> openvz failure 1, you cannot swapon a 'file' to add any swap other then was booted with.
<giovani3> openvz is a mess
<giovani3> memory management failure
<Damm> that's very painful and stupid, can't dd if=/dev/zero of=swap count=500;mkswap swap;swapon swap
<twb> As I control the dom0, I have no need to add swapfiles within a domu
<Damm> right, but with openvz the memory management is fail
<Damm> and I/O performance is fail
<Damm> so unless you know who Cameron is or Sprynet
<Damm> ... I don't know why you'd touch openvz for a million dollars
<Damm> (that's the company that started using openvz/championed it or whatever)
<unblessedTurnip> does virtualbox still not provide 64-bit host virtualization?
<unblessedTurnip> disregard last;  Damm: what made you choose KVM as an upgrade path in particular?
<Damm> unblessedTurnip, based on kernel support and it being maintained by the 'mainline' kernel tree
<Damm> So Ideally I won't have to worry much about tainted drivers, or drivers not working in kvm because of 'x' reason...
<Damm> so only thing I need is qemu, kvm package, and libvirt or another way to manage the guests
<unblessedTurnip> so the kqemu kernel module is included then?
<unblessedTurnip> or is it required with KVM?
<Damm> not sure on that
<Damm> but it's in jaunty's repos
<Damm> and for me I look for what's being supported by companies in the next 6months-1year.
<unblessedTurnip> alright.  last time I played with it was like 7.10, and had to be built by hand
<Damm> nah with jaunty it's insanely easy
<unblessedTurnip> I'm back one step for the LTS
<Damm> install the meta package, and make sure you can load the kernel module kvm-intel
<Damm> and configure networking and go
<Damm> yeah i'm using the LTS with Xen
<Damm> but i'm also deploying couchdb + Chef for Management
<unblessedTurnip> kqemu might be depricated in favor of kvm-intel module now
 * unblessedTurnip must research
<Damm> so I made my chef server jaunty, and i'm gonna give my coworkers a taste of it while we test it
<Damm> i believe so
<Damm> kvm-intel is in the regular kernel images
<unblessedTurnip> alright, interesting
<twb> AFAICT kqemu is only for people who can't use VT -- either because the CPU doesn't support it, or because some other virtualization system on the same host is hogging it
<unblessedTurnip> that makes sense
<twb> And kqemu has some annoying bugs -- like making qemu segfault regularly when you switch to the (qemu) console (alt+2), or making it impossible to allocate 2GiB of memory to the VM, or making any d-i image segfault shortly after it starts with an "unhandled opcode".
<unblessedTurnip> fun times
<Damm> interesting
<Damm> so yeah I'm just trying to learn this and make it go
<unblessedTurnip> best of luck.  I gotta jet.
<Damm> it's all using libvirt so that's always a win
<twb> Last time I looked at libvirt was when it first entered Debian, and it was an alpha joke
<Damm> twb, i think it still is really.
<Damm> and it really is a huge joke, but someone decided to take the joke seriously.
<Damm> so now the joke is really on debian
<twb> I expect libvirt will go nowhere until someone decides to sink money into it
<Damm> twb, sadly people are starting to support it in a joke way.
<twb> Shrug
<twb> Not my problem.
<Damm> See, that's where I differ.  It is your problem, my problem, anyone who ends up using it in the next 2-3 years should care.
<Damm> the problem is we are programmed to 'not care'.  I call it the Conditioning of Society.
<twb> You might as well call it the bystander effect.
<Damm> I call it being a cow in a herd.
<Damm> You don't have to blend in, and accept things as they are.  Some of us do it because it's easier then the alternative.
<zoopster> so Damm what are you doing about the "joke" as you call it besides complaining about it on a public forum?
<Damm> zoopster, myself? well one can start with documenting the experience, and providing the resulting configuration that worked for you so others can learn from your experience.
<Damm> that's for starters
<Damm> not document in 'in the drama' way like oh my god the horror... just improve on the documentation and the experience for the user (even if the user is a sysadmin)
<drewmeigs1> hey, could anyone give me a little help with nagios?
<twb> !anyone > drewmeigs1
<ubottu> drewmeigs1, please see my private message
<drewmeigs1> i am trying to set up nrpe, but after typing "./configure", the guide says to type "make all" but there is no "make" nor are there rules for all. i was wondering how to get beyond this.
<Damm> apt-get install nrpe
<Damm> you absolutely do not need to build nrpe from source, just nagios-plugins and nrpe from apt and then configure /etc/nagios/nrpe.cfg
<drewmeigs1> ok, thank you so much. i guess i didn't realize it was in the repos. i really appreciate it.
<Damm> aptitude can search, so does apt-cache
<drewmeigs1> thank you
<Damm> so
<Damm> vnc-viewer working
<Damm> got my kvm running with networking via bridged
<Damm> amazing what a little weed can do to fix your brain to finish the job
 * jmedina agree
<Sam-I-Am> Damm: are you... the damm i know?
<Damm> Sam-I-Am, OH my blessed bosum of love.
<Damm> oh how I have missed you
<Sam-I-Am> haha
<Sam-I-Am> guess so...
<twb> Surely you mean bosom.
<Damm> nope I don't
<Damm> he's not my type
<Sam-I-Am> haha
<twb> Damm: you've never had a bosom-friend?
<twb> Kids in this century are so tame.
<Sam-I-Am> so... really... you?
<Damm> twb, he's just so hairy.
<Damm> j/k
<Sam-I-Am> ha
<Damm> Sam-I-Am, really me yep
<Sam-I-Am> wow
<Damm> how's Fort Collins treating you
<Sam-I-Am> thats two people from the past i've met today
<Sam-I-Am> pretty good
<Sam-I-Am> except for the snow today
<Damm> I haven't seen / heard from Brian in ages
<twb> FWIW google doesn't know what a "bosum" is.
<Damm> twb, you should teach it.
<twb> Damm: I don't know what it is, either.
<Damm> I see yazzy now and then but he still ignores me
<Sam-I-Am> ha, another name from the past
<Damm> twb, let's just make it a fictional name and stop here.
 * Damm nods to Sam-I-Am.
<twb> Shrug.
<Sam-I-Am> still in #cisco ?
 * Damm is just showing off his KVM love to my boss
<Damm> he's digging it
<Damm> nah, I still deal with cisco crap
<Damm> oh brian? no clue
<Damm> i get email from him randomly
<Sam-I-Am> ah
<Sam-I-Am> what are you doing these days?
<Damm> Systems + Network Administrator for one of the most hated companies on the internet lately.
<Sam-I-Am> hmm... level3?
<Damm> my company runs myluvcrush.com and iqquizapp and a fwe other sites
<Damm> that facebook junkies loathe and hate
<Sam-I-Am> ahh
<twb> I was going to guess IANA
<Sam-I-Am> heh
<Damm> twb, no... my woman works for a company that does phone calls for mobile messenger (which is the company behind those websites)
<Damm> and they get roughly 15-25 death threats a day
<Damm> seriously
<twb> I expect the WTO gets more
<Sam-I-Am> wow
<Damm> We're just a banner company, if you have *.tattomedia.com in your block list for adblock or otherwise
<Damm> well you can thank me.
<twb> I wouldn't know; my browsers don't implement iframes or images.
<Damm> mainly because I had a discussion with a coworker about how we were loosing hits from adblock plus and such
<Damm> so we worked around it, so that no matter what you get to see our ad.
<Sam-I-Am> twb: elinks person? :)
<Damm> well except twb.
<twb> Sam-I-Am: emacs-w3m
<Damm> ahh yeah he's safe.
<Damm> we have elinks customers
<twb> I hate how the UI isn't consistent across pages in a GUI browser
<twb> And I hate using the mouse
<Sam-I-Am> do you have foot pedals for emacs?
<Damm> you can blame the consistency crap on MS
<twb> Sam-I-Am: nope
<Sam-I-Am> i'm an opera user... its not bad.
<twb> Damm: no, I mean things like websites changing the colour of links
<twb> Damm: or putting images on top of buttons so you can't tell they're buttons
<Damm> twb, well good news... web 2.0 has gotten rid of most of those annoying traits
<twb> Apart from Opera still using qt3 on Debian.
<Damm> it has replaced it with more annoying traits
<twb> Damm: oh yeah
<twb> Damm: like I saw a router yesterday that draws the ENTIRE PAGE using ajax
<Damm> oh that's easy
<twb> Damm: for its management console, I mean
<Damm> you should see the pile of shit that Sun is trying to sell with their 'Unified Storage Solution'
<twb> Damm: my point is that's pretty annoying if you don't implement js
<Damm> it's a very annoying Tomcat webapp
<Damm> that has very little to offer.
<twb> haha, tomcat
<Damm> why do I want to spend 68k on a Solaris 10 server
<Damm> really sun
<Damm> get a new clue
<twb> Those OWA clones are funny
<Damm> Zimbra
<twb> Damm: the smart people in sun work on zfs and stuff, not the wanky web space
<Damm> yeah i had a job doing that once
<Damm> ... every time someone calls me up and asks if I want to do Zimbra
<Damm> I tell them unless your offering 100k to start, screw off.
<Sam-I-Am> heh
<Sam-I-Am> i've read a little about that
<twb> Damm: which do you hate more: zimbra or scalix? ;-)
<Damm> zimbra
<Damm> twb, friend of mine just decomissioned one of his ldap servers... to find out it was promoted as the ldap master and had 3 accounts still left on it
<Damm> oh the horror of that when ldap replication suddenly broke on a cronjob on the weekend
<twb> The ubuntu partners team contacted me about getting zimbra packaged properly in Ubuntu
<Damm> and then email stopped working
<twb> I said "maybe, if I don't have to use launchpad"
<twb> :-)
<Sam-I-Am> i just posted some ldap-related bugs to launchpad
<twb> I think I can safely say that I have *never* had a good experience with ldap.
<Sam-I-Am> its definitely not the most straightforward thing
<twb> It's like domestic abuse
<twb> Everyone hates it, and knows it's terrible, but we keep going back to it
<twb> Because the only alternatives are, like, NIS
<Damm> the problem with LDAP is what it is, and how people use it.
<Damm> nss_ldap is horrible, you should use nss_ldapd if you don't... please shoot yourself now
<twb> They're both horrible
<Damm> i can't say i have started to use launchpad yet... I'm sure i'll hate it
<Damm> I was hoping to get a landscape trial
<Damm> ... but I haven't gotten squat from registering for a trial
<twb> You can't even log into launchpad unless you are using a GUI browser :-/
<twb> Yeah, I think canonical forgot to set a budget for landscape
<Sam-I-Am> heh, libnss on centos/rhel .. you know, "enterprise" .. causes the system to hang indefinitely if you configure it to use ldap.
<twb> Or maybe it's just some intern that made the stub package :-)
<twb> Sam-I-Am: you probably want soft binding, then
<Sam-I-Am> yeah, even then it hangs
<Sam-I-Am> its a bug
<twb> Ow
<twb> RHEL should just cash in their chips and tell people to use Ubuntu
<Sam-I-Am> rh was like... yeah, we might fix that... been about 1.5 years since i think it was reported.  quick solution is downgrading libnss
<twb> Sorry guys, it's not 1995 anymore
<Sam-I-Am> i'm trying to convince my boss we should go to ubuntu server from centos/rhel
<Sam-I-Am> rhel is like the aix of linux
<twb> Sam-I-Am: you should point him at the policy manual and ask "so where is the equivalent quality assurance infrastructure on RHEL?"
<Sam-I-Am> hmm, havent heard of that
<twb> FFS, there isn't even any post-2000 documentation about the RPM format
<Sam-I-Am> lol, rpm
<twb> Sam-I-Am: the policy manual is what allows us users to report bugs like "don't put shit in /opt you fucking idiot" to package maintainers
<twb> And the policy manual means they can't argue.  Their package is just plain wrong
<twb> Cf. fedora directory server (har har).
<Sam-I-Am> i havent tried fds
<twb> It is funny
<Sam-I-Am> smells like ldap with some twists
<twb> Like a road accident
<twb> Sam-I-Am: it's a fork of openldap
<twb> Er, I think
<twb> It might be a pure-java thing, I am confusing the two.
<ajmitch> FDS is the old netscape directory server
<twb> Fair enough
<ajmitch> previously AOL, etc
<ajmitch> some old stuff in there
<Damm> ah back
<Damm> Sam-I-Am, i'm coming from RHEL
<Damm> so having Landscape shuts up people
<Sam-I-Am> heh
<Damm> sigh, so no mysql 5.1 in jaunty
<Damm> damn i am not get any respect tonight
<Damm> I might as well just giveup and finish up some stupid xen crap
<twb> Damm: you need to carry a broadsword
<twb> Nobody gives you shit then
<twb> Well, maybe one guy does, but the rest learn from his mistake
<Sam-I-Am> lol
<Damm> twb, oh rest assured no one in their right mind fucks with me.
<Damm> sam has met me, he could prolly attest to my insanity atleast.
<Sam-I-Am> ha
<Sam-I-Am> sure...
<twb> "Hey, you in that tree up there!  Are you a motorcar?"
<twb> "Yes, I am!"
<twb> "What luck, so am I!"
<mrwes> How often does freshclam -d check for updates?
<Damm> my coworkers leave me alone
<Damm> which is nice
<twb> mrwes: too often?
<Damm> mrwes, do you really depend on your freshness that much?
<Damm> of your clams
<Damm> I suggest you to use some bleach on your clams
<twb> clamav exists AFAICT to use up all your RAM and I/O
<mrwes> well.... I looked in /etc/clamav/freshclam.conf and it appears to say 24 times a day
<twb> mrwes: that wouldn't surprise me
<mrwes> why?
<mrwes> heh
<Damm> twb, pretty much yep
<twb> mrwes: because it sucks
<mrwes> sigh...
<Damm> only way to deal with clamav is to nuke it's databases every 50000 emails
<Damm> otherwise it gets too bloated
<Damm> and slow
<twb> Rather than deploying clamav, the "right" solution would be to scrap all your Windows workstations
<mrwes> twb, I don't have that option
<twb> But that tends to cause a zombie rampage
<twb> Only wobbly windows will soothe them
<mrwes> so...can I change that or not?
<twb> mrwes: dunno, actually.  I don't have much direct experience with clamav (except for kill -9, of course.)
<Damm> mrwes, buy some macs
<twb> haha
<Damm> <-- is a machead now
<twb> Damm: then install Ubuntu on them.  Woo!
<Damm> sam would be so proud
<Sam-I-Am> haha
<mrwes> twb: so why the smart ass comments then?
<mrwes> :)
<twb> mrwes: because I'm a smartass.
<mrwes> blah
<twb> And I'm bloody bored
<Damm> mrwes, seriously you can't update clamav enough to protect you from the stupidity of windows users
<Damm> mrwes, so updating the datafiles 24hours a day is excessive to most of us
<Damm> perhaps it's not enough for you
<mrwes> yah I need more
<mrwes> 48 hours a day maybe
<mrwes> so...I take it I don't need a cron for freshclam...heh
<Damm> you do
<twb> Put it in cron.hourly?
<Damm> put it in cron.hourly
<Damm> but it won't save you from the windows users
<Damm> as long as you can accept that, your fine.
<mrwes> hrmmm
<Damm> last time I used Zimbra my ClamAV process was sucking up 500-1024meg
<Damm> minimum
<Damm> resident.
<twb> hehe
<mrwes> why do I need an hourly cron, when there is freshclam daemon running?
<twb> Does zimbra include clamav in it huge /opt mess?
<twb> mrwes: ah, fair enough
<Damm> yes twb
<twb> Damm: yuk
<Damm> mrwes, hrm, then i wonder why it's there
<Damm> oh well
<twb> I wish those jackasses would just use the stock postfix and such
 * Damm twitches
 * Damm takes his postfix-cure shots.
<Sam-I-Am> lol
<twb> haha
<Damm> next time please warn me before you say that word.
<twb> Damm: you are an exim4 weenie? ;-P
<Damm> and no i'm not a sendmail man
<Damm> yes I'm a exim weenie
<twb> Haha
<Damm> exim4 > *
<Damm> and you know it
<Damm> and exim doesn't cause STI's (massive dirty writes)
<Damm> I really feel sorry for anyone who uses *warning* Postfix... I mean look at Fastmail.fm
<Damm> I remember when they went from Sendmail to Postfix because of the dirty writes that postfix forces... their load went from 3.0 to 115.0
<Damm> with the same amount of traffic
<Damm> and we all know why postfix does it too, which doesn't make it any better.
<Sam-I-Am> i havent had too much trouble with postfix
<Damm> Sam-I-Am, postfix doesn't trust ext3/ext2
<twb> That's good, cos ext4 has a default commit interval of 30 minutes :P
<Sam-I-Am> i use xfs
<Damm> twb, the problem with ext4 is that even with ext4... unless you have NVRAM and a BBU hooked up, it's still fail
<Damm> if you don't understand why I'll save you from the rant... because you'll only make your ears bleed
<twb> Yeah, ext4 is funny
<Damm> the truth is all filesystems in linux are in the same fail
<Damm> once we can get to the VM and fix that hurdle
<Damm> filesystems can be stable again
<twb> Though I can't remember when I last saw someone spell UPS as BBU
<zoopster> Damm, twb - you guys are fairly stupid apparently
<Sam-I-Am> except xfs :)
<zoopster> telling a guy to put freshclam in cron?
<zoopster> wtf?
<Damm> zoopster, I haven't touched clamav in years
<Damm> so really
<Damm> no thanks
<twb> zoopster: actually, I asked a question.
<Damm> and I always left a ? on it...
<Damm> Sam-I-Am, unless you have a BBU with 512meg of cache hooked up to XFS... I wouldn't trust it
<Damm> althought XFS is better if you store the journal on another disk...
<zoopster> so that ? protects your id10t-ness?
<Damm> zoopster, do you have a reason to be calling me an idiot?
<zoopster> Yes
<Damm> zoopster, I think the freenode gods would like it if you stfu already with your 'flaming idiot' comments.
<Damm> however, if you'd like I'll give you a flash light and a plunger
<Damm> you know how to use those right?
<zoopster> and they don't care for your attitude and language either
 * Damm smiles
<Damm> It's nice knowing that no matter where I go, I can find someone like that :)
<zoopster> you always keep those tools around for your use, I take it
<zoopster> with an attitude like that...it's no wonder
<ScottK> zoopster: Your communication style is really inappropriate here.
<zoopster> Mine? Scrollback a bit.
<ScottK> zoopster: I think I read back enough.
<ScottK> zoopster: There are better ways to communicate someone is not correct than calling them an idiot.
<zoopster> ScottK: sorry, but after they lambasted several asking simple questions I had enough.
<ScottK> OK.  Maybe then I need to go back farther then.
<Damm> perhaps it was inappropriate to talk badly about ClamAV...
<zoopster> It went on for several hours
<Damm> okay then I clearly was not here then.
<zoopster> I'm not going to argue about it, I was wrong for calling Damm an idiot and I can tell that several were not too keen on the commentary that went on since I came in nearly 2.5 hours ago
<twb> ScottK: it would be reasonable to point out that Damm and I wandered wildly off-topic and were generally grumbling instead of helping people.
<Damm> twb, i'm guessing that was pretty unrelated.
<Damm> his anger seemed more pointed at something else
<twb> Damm: granted.
<Damm> twb, usually when someone goes off like that... there's a reason, he was upset because of someone's behavior towards him.
<Damm> doesn't make his behavior any more justifiable
<Damm> just puts it in better perspective.
<ScottK> twb and Damm: I did just go back and read the last several hours of scrollback and you're both about 90% off topic for this channel.
<ScottK> This channel is for development and support of Ubuntu server.
<Damm> ScottK, I presume then KVM and Ubuntu server is OT?
<Damm> because that's how I joined
<ScottK> Damm: Not at all.
<Damm> as far as ClamAV I tried to be more factual then personal hatred of it.
<Damm> as far as the other OT that's taken out of channel
<Damm> :)
<ScottK> Also freshclam doesn't need a cron job.  Freshclam runs a daemon and the number of times per day it checks is managed via /etc/clamav/freshclam.conf.
<Damm> I wasn't aware of that, last time I was in Ubuntu LTS it did :(
<ScottK> So if you were aiming for factual, that didn't make it.
<Damm> nah, that was wrong.
<Damm> I can admit that, and I wasn't positive if it did work in cron or otherwise.
<ScottK> Damm: Oddly enough we've never made an LTS release that did that.
<Flannel> Damm: One of the guidelines in Ubuntu channels is "When helping, be helpful."  Comments that aren't only contribute to noise, and make you seem pretentious.
<Damm> Flannel, thank you for that.  However one person at a time please :)
<Damm> ScottK, well this release enabled it both in cronjob and otherwise.  I believe it had a dialog that asked me if i wanted to run Freshclam and said yes, and it shoved that in also.
<Damm> but that is over 2 years ago, so I just know I had both running from Ubuntu, nothing more.
<Damm> so trying to pull facts out of 2 years ago when the servers are no more, is pointless.
<Damm> and I will stop here.
<ScottK> Fair enough.  I don't want to run anyone off.
<Damm> Nor do I, I just had my battle and won with KVM on Jaunty so I was glowing a little so it was my semi-celebration.
<Damm> which is on my list now to help out with that documentation on the wiki
<Damm> :)
<ScottK> That's good.  Docs always need updating.
<Damm> Well documenting libvirt/kvm is always a challenge as it seems different situations permitting it can vary on configuration
<Dei> Hello, anyone here familiar with ISPCONFIG?
<Dei> Hello, anyone here familiar with ISPCONFIG?
<oh_noes> how do I increase the number of open files a non root user can have?  Currently it's 1024
<twb> oh_noes: ulimit?
<twb> oh_noes: a.k.a /etc/limit, I think
<jmarsden_> oh_noes: /etc/security/limits.conf.  Add a line that says    *   hard   nofiles    2048
<jmarsden_> Then start a new login shell for the user concerned and ulimit -n should then say 2048.
<oh_noes> thanks I added it but instesd of *, it was for a specific
<oh_noes> user*
<jmarsden> Sure, that should work too :)
<oh_noes> I also needed to add a pam line to /etc/pam.d/common-session to actually make it work.  Which I found interesting
<oh_noes> didnt work without session required pam_limits.so
<Dei> anyone just familiar with DNS?
<Dei> I want to run name servers under the same domain I will be hosting a website
<Dei> cant quite figure out what to do
<jmarsden> Dei: what you call your nameserver hosts is pretty much irrelevant... ns1.example.com and ns2.example.com naming is common, but not needed... what are you really stuck on?
<Dei> well.. with my domain registrar, I added the two aliases i would be using for the name servers
<Dei> i was able to ping them previously.. but for some reason now I cant
<Dei> that wouldnt be dependant on my system settings though, would it?
<jmarsden> Wait... you told the registrar DNS for your domain is at ns1.whatever.com and ns2.whatever.com and you provided Ip addresses for each of them, right?  And you set up the server at the first IP as a master DNS server, and the other one as a slave?  and now you can't ping eitehr of them?
<jmarsden> Can you still ping them by IP address?  ping 1.2.3.4 or similar?
<Dei> yeah. I just cleared out my configuration now...
<Dei> I used bserv and cserv.loyalreliable.com
<Dei> and they actually both pointed to the same IP Address
<Dei> but since cserv and bserv are glued by my domain registar... it seems like it should still be pingable
<Dei> i can still ping the ip
<Dei> what!!! weird...
<Dei> i just cleared my configuration 2 minutes ago
<Dei> and now they are pinging again..
<jmarsden> I was about to say, dig bserv.loyalreliable.com works for me from here...
<Dei> well I cant be mad.
<Dei> I was using this ISPCONFIG program... but I think i am going to abandon it
<jmarsden> dig @cserv.loyalreliable.com bserv.loyalreliable.com.  gets me a REFUSED back...
<Dei> i just cleared my config when I uninstalled ISPconfig
<jmarsden> so cserv is not really giving out info to the general public (me) for the loyalreliable.com domain yet.
<Dei> hm
<jmarsden> OK, so now just create working /etc/named.conf files for each DNS server and a zone file for loyalreliable.com on the master, and you're all set... right?
<Dei> i suppose
<Dei> I dont know how to do that yet though
<jmarsden> Then why are you trying to run DNS servers?  Learn on a test LAN, not on the public Internet :)  Until you learn, let your ISP handle DNS duties...
<Dei> lol
<Dei> no time to learn
<Dei> only time to make it work
<Dei> would I have to edit my named.conf from /var/named/chroot/etc/named.conf?
<jmarsden> Read http://www.langfeldt.net/DNS-HOWTO/BIND-9/ and http://www.howtoforge.com/traditional_dns_howto and that should help.  And no, you can edit /etc/named/named.conf unless you have done something odd.
<Dei> i dont think i'm too odd
<jmarsden> Hmmm, I just installed bind9 on Intrepid 8.10 desktop here and it is using /etc/bind/named.conf ...
<Dei> yeah
<Dei> I'm actually running fedora lol
<Dei> but having trouble finding people to help
<Dei> ubuntu is on my laptop though ;]
<jmarsden> Fedora is not recommended as a server OS... use CentOS if you must go the way of RPM on your servers...
<Dei> hm
<Dei> maybe i'll put Ubuntu Server on
<Dei> start with a fresh pallet
<jmarsden> That would make this a better place to ask your questions :)
<Dei> lol
<jmarsden> https://help.ubuntu.com/8.10/serverguide/C/ is a good starting point if you are new to Ubuntu Server.  And be sure you select the "DNS Server" task from the task list during the install... so you'll have the relevant software installed for you.
<Dei> yeah
<Dei> I might go ahead and put Ubuntu Server on there
<Dei> you know how you set the host name
<Dei> does that actually have any affect
<Dei> i.e. am I required to have that matching
<jmarsden> Not for DNS service to work, no.
<Dei> what cases would that be necessary?
<Dei> if you had a large internal network?
<Dei> with an internal DNS
<jmarsden> Web hosting with virtual web hosts, email unless you mess in extra detail with config files... DNS requests go to an IP address and a well known port number, so you can name the server host(s) whatever legal hostname you choose.
<Dei> hm
<Dei> I'm going to be doing vhosts
<jmarsden> Most people name the host whatever fits their naming scheme, but register aliases like ns1 and ns2 for DNS server names, so they can move DNS around among their servers if they want to.
<Dei> im going to run my primary and secondary dns on the same system ;o
<Dei> and then hopefully host 100 sites
<jmarsden> You are nuts.  Or your customers are, to trust you, if you only run one DNS server... at minimum use a free secondary DNS host like editdns or granitecanyon or whatever...!
<Dei> thats what ive seen recommended
<Dei> i'll check editdns
<Dei> I mean..
<Dei> I would run 2 servers.. but we would be  behind the same internet connection
<Dei> so I didnt see a purpose.. baring Hardware failure
<jmarsden> Your two DNS servers are supposed to be on separate subnets on different upstream connections...
<jmarsden> You can get a small virtual private server for this kind of use for about US$15/month if you don't want to use a free secondary.
<Dei> I'm taking a look at opendns here now
<Dei> i just assumed
<Dei> if dns and web are on the same server
<Dei> DNS wouldnt be down unless Web is down
<Dei> and if Web is down... then why would DNS still need to be up
<Damm> It's fairly easy and inexpensive to keep a DNS server on a secondary server
<Damm> I'm not sure if I share the same views as a different subnet/upstream.  However, I do share the views about having a secondary DNS server that's not running on your main websites box
<Damm> I know certain NIC's love to make you do crazy things (like DENIC)
<Dei> i kind of get it
<Dei> but if Web is down, then what benefit would it be to keep DNS working
<Dei> unless we had backup webservers
<jmarsden> Dei: So you can quickly get a VPS from somewhere else and change your DNS to point all your customers to the new host!
<Dei> hm
<Dei> ok ok
<Damm> Dei, mainly it's nice to have DNS on a secondary server so that when your website is getting pounded, your dns does not suffer.
<Damm> that's one of the biggest benefits, a low TTL to move it to another IP is also good
<Damm> :)
<Dei> now i think im getting it
<Dei> for instance
<Dei> if we had a disaster
<Dei> and web would be down for a week
<Damm> Dei, I always plan for failure... and hope for success.
<Dei> yeah
<Damm> that way when the worst happens, you know what to do and handle it.
<Dei> i'll start doing the same
<Dei> sounds like good practice
<Dei> do you guys know of any shell providers
<Damm> to stray OT a little, It's better to realize your failure points, and address them now when your smaller.  Then when your trying to grow leaps and bounds, and you can't get ahead because you didn't spend the time earlier.
<Dei> or VPS... if thats the same thing or not I do not know
<Damm> Honestly, I'm lazy.  I use Akamai for my DNS Needs.  I have Powerdns setup using MySQL for a backend, it just transfers my zone every 30minutes and deploys it on their DNS servers.
<Damm> not exactly cheap
<Damm> but you can get a Slicehost.com account for 10$/month
<Damm> and they're okay.  There's some latency issues at odd hours, but overall it's been reliable.
<Damm> </OT>
<Dei> lol
<Dei> we are the topic
<jmarsden> Dei: slicehost, linode, johncompanies ... and yes this is all OT for #ubuntu-server
<twb> jmarsden: is there a channel for that?
<jmarsden> I'm not sure, on freenode... which is basically all about open source software...
<Dei> hm... Akamai with PowerDNS?
<Dei> it seems like bind might be easier initially, since I wont have to bother with SQL
<Damm> Dei, it's OT... if you wish to discuss that conversation further you can /query me.
<twb> jmarsden: well, is there an #ubuntu-offtopic or -chat or something?
<twb> jmarsden: my point is it's better to direct people elsewhere for OT than just to tell them to shut up (paraphrasing).
<jmarsden> There is #ubuntu-offtopic, yes.
<jmarsden> I do not see any channels specifically about finding good VPS or shell host providers here on Freenode, which is what I thought you were asking.
<twb> jmarsden: that was my initial question, yes
<twb> Failing that, directing people to a generic "noise" channel seems advisable
<jmarsden> True... in this instance, by the time I had searched the channel list for a few appropriate keywords, they'd apparently already taken it to private messages :)
<Dei> :)
<_law_> hi guys i wanna ask that how to list the package that installed in ubuntu server
<friartuck> _law_ dpkg -l | grep ii | grep foo
<_law_> friartuck, ii  n foo r the name of the package?
<friartuck> _law_ dpkg -l | grep ii  #to list all installed pakages. make sense?
<_law_> ooo
<_law_> ok i try it now
<friartuck> foo is case sensitive
<friartuck> ^whatever your package name...foo is example :)
<uvirtbot> friartuck: Error: "whatever" is not a valid command.
<_law_> thx friartuck
<_law_> :)
<_law_> now i have another question
<_law_> in my box i have libtomcat6-java, tomcat6, tomcat6-common installed , but when i tried to deploy  a war file in the tomcat webapps it won't be deployed, is there any other tomcat package that i have to install, to make it works?
<_law_> in my box i have libtomcat6-java, tomcat6, tomcat6-common installed , but when i tried to deploy  a .war file in the tomcat webapps it won't be deployed, is there any other tomcat package that i have to install, to make it works?
<friartuck> _law_ I'm not tomcat pro...have you looked here? https://help.ubuntu.com/8.10/serverguide/C/tomcat.html
<_law_> ok friartuck, thx
<_law_> hmm i think i already installed the needed tomcat package , but still i can't deploy the hudson.war
<_law_> XD
<_law_> guys i want to deploy a .war file in tomcat n i have installed java, libtomcat6-java, tomcat6, tomcat6-common. but the war file can't be deployed. what should i do?
<twb> _law_: is there any error message?
<_law_>  The requested resource (/hudson) is not available.
<twb> Bummer.
<twb> I don't do tomcat, so that's about all I can suggest, sorry.
<_law_> it seems the hudson.war not deployed
<_law_> Bummer?
<_law_> what's that?
<twb> It's a surfer term meaning "bad"
<_law_> twb
<ttx> _law_: what release ? intrepid ?
<_law_> that's ok
<_law_> ttx it's intrepid
<kraut> moin
<jmarsden> _law_: You might want to try asking in #tomcat ?
<_law_> oh thx jmarsden
<ttx> _law_: what are you doing exactly to deploy
<_law_> just as usual put the war file in the webapps folder then restart tomcat
<ttx> _law_: it may well be related to our way of doing things... so better ask here (to me) first
<ttx> which webapps folder
<_law_> tomcat
<ttx> /var/lib/tomcat6/webapps ?
<ttx> /usr/share/tomcat6/webapps ?
<_law_> '/usr/share/tomcat6/webapps '
<ttx> _law_: CATALINA_BASE is /var/lib/tomcat6/webapps
<ttx> _law_: so you should deploy webapps there
<ttx> _law_: otherwise you should have a deploy descriptor in /etc/tomcat6/Catalina/localhost
<Damm> _law_, if you can't deploy a WAR you should find out why you can't deploy it
<_law_>  in my box i only install libtomcat6-java, tomcat6, tomcat6-common
<Damm> because more then likely tossing it in there, will not guarantee it working
<_law_> ttx i'll try it now
<Damm> ... if you go to the /manager ui, and you can't deploy a WAR that way, shoving it in /var/lib/tomcat6/webapps won't make it run
<Damm> but ensure you restart tomcat6 after you put the WAR there
<Damm> and best of luck :)
<ttx> Damm: in fact we do autodeploy in Jaunty, so he wouldn't really need to restart :)
<ttx> with Intrepid... I think it would work as well.
<Damm> ttx, neat.  Well gosh dangit it's been awhile sinc eI ran tomcat6
<ttx> (for war dropped in /var/lib/tomcat6/webapps)
<Damm> thanks for letting me know though so i know in the future :)
<Damm> but I promise I'll never install tomcat ever again in my life.. </OT>
<ttx> Damm: never say never...
<_law_> great ttx i put the war in '/var/lib/tomcat6/webapps' n it's deployed :D
<Damm> ttx, although to be more on topic... i'm kinda suprised that it's not suggested to use jetty
<Damm> or tomcat6 being deprecated for jetty
<_law_> hmm i thought i must put in '/usr/share/tomcat6/webapps'
<Damm> _law_, nope, that's different spot
<Damm> :)
<ttx> _law_: we are using a CATALINA_HOME / CATALINA_BASE deployment, like descibed in tomcat RUNNING.txt doc
<ttx> CATALINA_HOME (/usr/share/tomcat6) contains binaries
<_law_> so to deploy must pit in 'var/lib/tomcat6/webapps' i got it now
<_law_> put
<ttx> CATALINA_BASE (/var/lib/tomcat6) contains instance-specific stuff
<_law_> thx ttx, Damm
<ttx> you can use package tomcat6-user to deploy more (private) instances
<ttx> different CATALINA_BASE, same CATALINA_HOME
<ttx> Damm: why jetty ? We don't even have jetty6 packaged ?
<_law_> ttx after i put in the '/var/lib/tomcat6/webapps ' i must restart thr tomcat 1st , if not it won't deploy  any war
<ttx> _law_: possible, autodeploy is a new feature in Jaunty
<_law_> oo
<_law_> ic
<_law_> hmmm ttx
<_law_> u ever use hudson
<ttx> sorry, no. My knowledge stops at tomcat6 packaging.
<_law_> now i'm trying to deploy the hudson.war then it deployed n created the folder named hudson but when iwant to acces it via http://localhost:8080/hudson
<_law_> i get http 404
<_law_> description The requested resource () is not available.
<_law_> but the other war works
<ttx> _law_: I suppose it needs some more precise URL, like http://localhost:8080/hudson/html/index.jsp
<ttx> (wild guess)
<Damm> ttx, no clue, I'll be honest it's been about 2years since I ran Ubuntu, and I started running it again this week
<Damm> so I have alot of catching up to do
 * Damm has been sitting with RHEL for Production and Gentoo for development.
<Damm> I believe that is the full yin and yang cycle </OT>
<_law_> oo
<_law_> i try it now
<_law_> hmm it's not working XD
<Damm> _law_, yep it's there.  afaik it was basically licensing that forced the tomcat/jetty hand if you were curious.
<Damm> it's a bit different of a setup though i believe
<_law_> hmmm
<_law_> i 've deployed hudson.war in windows tomcat n it just simply put in webapps then when i access it via web browser it can be accessde
<_law_> but in ubuntu sever is not working XD
<_law_> guys which file in /etc/default to edit if i want to disabled tomcat  security manager?
<ttx> /etc/default/tomcat6 -- TOMCAT6_SECURITY=no
<_law_> oh thx ttx :)
<ttx> _law_: not recommended except for testing/debugging, of course
<_law_> hmm the in the hudson webpage tell to do that so i try it now
<ttx> _law_: well, it's difficult to get security profiles right and they are an endless source of funky errors.
<_law_> ic
<_law_> ok now i'm trying to open the deployed hudson again XD
<_law_> hmm it works but
<Damm> but?
<_law_> have other  error XD
<_law_> the hudson now canbe accessed but on the page is written
<_law_> Unable to create the home directory '/usr/share/tomcat6/.hudson'. This is most likely a permission problem.
<Damm> tomcat may not be able to write there
<_law_> hmm ya i guess so
<ttx> _law_: ah. application makes unreasonable assumptions on how unsecure your setup could be
<Damm> that's the common problem with some WARS that fail to install, they do something funky with $datadir
<_law_> wat so u mean ttx?
<ttx> well, it wants to create a directory under $CATALINA_HOME with the rights of the webapp. We usually confer limited rights to webapps, and those don't include changing stuff in the main directories
<_law_> then wat should i do XD
<Damm> ttx, i ran into a blog that did something worse... trying to write to /home/tomcat by default :(
<ttx> _law_: any way to change that directory location ? If not try creating it manually and make it owned by the tomcat6 user
<Damm> ttx, he has to unzip the WAR and modify the xmlfile that defines that location
<Damm> and then re-pack it
<ttx> Damm: convenient :)
<Damm> if you prefer to not do that, unzip the WAR, and modify the xml file
<Damm> and then login to the manager and tell it to start it
<Damm> and it should start then
<_law_> hmmm so  which is te easiest way?
<_law_> :D
<Damm> _law_, define easy?
<Damm> in less then 10 steps? cd /var/lib/tomcat6/hudson
<Damm> it should be under WEB-INF
<_law_> hmm
<Damm> i think
 * Damm is looking at the WAR now
<Damm> it may be the ${basedir} crud in META-INF/tab/tab/pom.xml
<Damm> but doesn't click in the brain
 * Damm looks further
<Damm> found it
<Damm> load up WEB-INF/web.xml
<Damm> line 141 or so
<_law_> then?
<Damm> if HUDSON_HOME is not defined it defaults to your home directory
<Damm> and guess what the tomcat users home directory is?
<_law_> what?
<Damm> ... if you guessed /usr/share/tomcat6 you win a cookie
<_law_> oh
<Damm>     <env-entry-value></env-entry-value>
<Damm> put a value in that.
<_law_> wait i open it now
<_law_> aaaaaaaa , i'm using nano how to find the line 141 easily XD
<jmarsden> nano +141 filename
<_law_> oh i just knw that   tips thanx very much
<_law_> u want me put wat value ?
<_law_> oh
<_law_> someone in #tomcat give me the answer
<Damm> what was the answer he gave you?
<Damm> set HUDSON_HOME?
<_law_> still chatt with him XD
<_law_> hmmm they tell me to set HUDSON_HOME to the dir that tomcat user have full privillge  in it
<ttx> Hm. I would rather create a directory in which the tomcat user has full privilege. a tomcat6:tomcat6 /var/lib/hudson for example
<_law_> ttx, how do iknow that some user has full privilege in any dir?
<ttx> _law_: by looking at the owner/group of a directory. sudo mkdir /var/lib/tomcat6/hudson && sudo chmod tomcat6:tomcat6 /var/lib/tomcat6/hudson
<_law_> oo
<_law_> thx
<_law_> i try it now
<Damm> it's trying to write to /usr/share/tomcat6
<Damm> which if you check /etc/passwd should be your homedir in the gecos
<_law_>  gecos?
<_law_> hmm wat is the corect form for chmod
<_law_> i'm getting invalid error mode
<Damm> because chmod doesn't change user/group
<Damm> that's chown
<_law_> ooo
<_law_> ok i got it
<Damm> chmod only accepts numbers, such as chmod 0740
<ttx> ah hm, yes, sorry.
<ttx> typo up there
<_law_> ok nvm
<_law_> ;)
<uvirtbot> New bug: #349014 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: Unterprozess pre-installation script mit Signal (Broken pipe) get?tet" [Undecided,New] https://launchpad.net/bugs/349014
 * Damm needs to find his mysql 5.1 debs
<_law_> it's not working :(
<_law_> hmm i'm  tring to export the hudson home again coz it seems the hudson home is not changing
<Damm> it won't because hudson home is tomcat's home directory
<_law_> no
<_law_> as root
<Damm> until you change the file I mentioned, the line I mentioned... you will not win without just doing a horrible chmod -r tomcat:tomcat /usr/share/tomcat6
<Damm> you don't run tomcat as root
<_law_> i mean  as root i have done  export hudson home to  xxx
<_law_> then i restart tomcat an acces via web browser  n it success  w
<_law_> but
<_law_> when i restart my servere
<_law_> my server
<Damm> you would have to export HUDSON_HOME in your tomcat startup script
<Damm> in the same line that starts the tomcat instance
<_law_> n i just go straight access  the hudson wb it gets the same error again
<Damm> HUDSON_HOME=/tmp /usr/libexec/tomcat6
<Damm> (example, not accurate)
<Damm> and i've said my peace and how to fix it, good luck.
<_law_> hmm u mean i need to  export hudson home by adding line in /etc/init.d/tomcat6?
<Damm> I would rather you just fix web.xml
<Damm> and slap the maintainer of hudson for making you do it
<_law_> haha
<Damm> assuming that CATALINA_HOME is writable is bad dumb, stupid.
<_law_> maybe the maintainer only test it on windows
<Damm> write to where you install the war, or give it a configuration option to set it... so it doesn't make you do this
<Damm> but this is an old java issue
<Damm> that won't get fixed by us talking
<_law_> hey if wanna edit the web.xml?
<_law_> wat should i do?
<Damm> usually I just do mkdir -p /var/lib/tomcat6/webapps/hudson/data
<Damm> for example
<Damm> and then set in that file that folder
<Damm> (and make sure tomcat/tomcat owns it)
<_law_> ooo
<mattt> evening all
<_law_> hmm i already done editting the tomcat startup script now try to reboot server
<_law_> hello mattt :)
<Damm> you do have a pension for punishment _law_
 * mattt feels sick at the sound of tomcat
<_law_> a pension for punishment? wat do u mean? Damm
<Damm> _law_, you are picking the most painful ways of resolving this issue.
<Damm> why is that?
<_law_> hmm did i?
<Damm> editing /etc/init.d/tomcat6 should be your last resort
<Damm> very last
<_law_> hmm i already done it though
<_law_> ohh noooo
<twb> Damm: s/pension/penchant/
<_law_> my tomcat not starting now
<Damm> that's a shocker
<_law_> '/etc/init.d/tomcat6: 29: /var/lib/tomcat6/hudson: Permission denied'
<_law_> i just at the HUDSON_HOME= xxxx
<_law_> XD
<Damm> oh how that so fails
<Damm> heh
<_law_> help
<_law_> how to fix it then?
<_law_> XD
<_law_> i've wasting whole day 4 setting hudson in ubuntu server
<Damm> I'd suggest start by scrolling up
<_law_> scrolling up?
<_law_> u mean undo all i've done?
<_law_> what shoul i do then/
<_law_> ?
<Damm> Not sure what your expecting me to say.
<_law_> hmm now i'm trying to set the env variavle in my .bascrh
<_law_> u think that will work? Damm?
<Damm> nope
<Damm> you are so cold it's not even funny.
<_law_> why?
<_law_> so the last step i need is to set the hudson home permanently
<_law_> if i do it by execute export HUDSON_HOME=xxxx
<_law_> it oly works 4 that session only XD
<Damm> you can export whatever you want
<Damm> it only works in that shell, and once setuid or su is called
<Damm> that enviroment is not inherited
<Damm> (unless you tell it to)
<_law_> so what should  ido?
<Damm> there's a file I mentioned about 5x if you scroll up
<Damm> I even mentioned about what line to edit
<shally87> hi..
<Damm> and now I'm 100% done.
<Damm> hi shally87
<_law_> hi too
<shally87> I would like to ask hod do i access my lamp server in vbox?
<shally87> i do port forward but there is nothing happen
<shally87> was using router dlink model dsl-500t
<shally87> and i follow  the instruction here http://portforward.com/english/routers/port_forwarding/Dlink/DSL-500T/HTTP.htm
<mattt> shally87: IIRC, if you forward the ports while the VM is running you need to reboot?
<shally87> reboot the vm..
<shally87> ok tq..
<mattt> wait!
<mattt> sorry
<mattt> i thought you meant forward ports using VBoxManage
<_law_> Damm u mean edit the line 141
<_law_> i'm doing it now
<kraut> my open-iscsi daemon is still flooding the filer with message like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX
<kraut> does anybody know why?
<shally87> ok
<shally87> i use router to forward?
<shally87> i use router to forward..
<shally87> ok my condition is like this;
<shally87> i got 1 cpu which i run a vbox inside...
<shally87> and i have lamp server running
<shally87> and a router outside with a dynamic ip..
<shally87> so i want to access the lamp server by typing the dynamic ip
<shally87> how to do that??
<shally87> I found the port forward but it is not working
<shally87> and my lamp server has it's own ip
<shally87> which i not using NAT
<Dei> you could enable the DMZ for a second just to test the forwarding
<Dei> otherwise it must be an issue with the port forwarding; such as correct port# or tcp/udp
<shally87> hmm
<shally87> if i allow dmz, this means i only able to forward 1 vm..
<shally87> any difference between tcp and udp?
<Damm> http?
<shally87> hmm
<shally87> brb
<tjaalton> kirkland: seems that update-motd is racy, sometimes I get motd.tail twice
<simplexio> has nayone idea why my server now and then fails to answer ssh.
<simplexio> Received disconnect: 2: server_input_channel_req: unknown channel -1
<simplexio> usually first connect from remote server fails at morning. second try works. server is "home" server. i have something like 6 connections allways open and i open one at every mornign
<simplexio> and connection is coming from "far away", nwer got that when connecting from desktop which is one hop away
<kraut> my open-iscsi daemon is still flooding the filer with message like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX
<kraut> does anybody know why?
<shally87> hi again
<shally87> i try but nothing works
<shally87> any specific channel for port forwarding?
<_law_> ok bye all go home time
<_law_> thx 4 helping
<kraut> ubuntu and iscsi is teh sucks!
<Ethos> it's good
<kraut> it's not working
<Ethos> it's not hard?
<kraut> and if you restart the iscsi intiator, nothing happens
<Ethos> install it and connect
<kraut> and now my system hangs again
<Ethos> user error
<Ethos> works perfect for me over ssh
<kraut> user error, nice answer... really!
<Ethos> It's true
<Ethos> I know tonnes of people that use it
<kraut> and why the hell is it flooding the filer with messages like this: Fri Mar 27 10:36:20 CET [is@iscsi.notice:notice]: ISCSI: New session from initiator iqn.1993-08.org.debian:01:c3f22ca89d75 at IP addr XXX
<Ethos> No idea
<Ethos> Sounds like you cocked it up? lol
<kraut> we have tons of centos-systems wich are running like a charm
<kraut> totally... do you have any other useless comments?
<Ethos> Do you?
<domas> goddamnit, us.archive.ubuntu.com is soooo slow, people should learn from european mirrors  :)
<Jeeves_> domas: The U.S. Should learn from the rest of the world in lots of situations :)
<ScottK> Jeeves_: Could we keep this about Ubuntu Servers please?
<Jeeves_> ScottK: I was not interested in a useless discussion about the US. it was just a remark.
<ScottK> Jeeves_: OK.  I'm not either and I really don't appreciate it.
<Jeeves_> ScottK: ok .....
<domas> we have local hardy mirror, so I somehow never noticed problems =)
<acicula> thought ubuntu already defaulted to a local mirror when installing
<domas> well, by "local", I mean "one in LAN"
<Jeeves_> domas: Join #ubuntu-mirrors
<Jeeves_> we can make jokes about the us there too :)
<domas> I just pressed 'ok' too fast when doing netinstall
<domas> I'm testing a nehalem box
<domas> wanna see how much difference sse4.2 optimized kernels/software can make
<acicula> depends on what you are doing iirc
<acicula> some benches so little improvement, some show a lot
<acicula> *show
<acicula> though i'm guessing your playing with the server variant?
<domas> ye
<acicula> doesnt it come with more cache then the i7?
<domas> http://p.defau.lt/?6owFTijFM99gLtSMBDcdqA
<acicula> heh that's an awesome domain
<giovani> not quite as cool as the cook islands :)
<acicula> dual socket system?
<domas> ye
<acicula> nice
<domas> I wanted to get fau.lt though
<domas> but some squatters had it :)
 * acicula scratches head over what country goes with lt
<giovani> Lithuania?
<giovani> that's all I can think of without looking it up
<domas> thats correct :)
<domas> I always like to do-release-upgrade over the atlantic
<giovani> getting ready for jaunty? :)
<domas> shiiiit, sshd didn't come up after restart
<domas> bad part - I didn't set root password
<domas> so my ssh keys don't really work
<acicula> heu
<acicula> dont need a password if you have a key?
<domas> who needs passwords
<acicula> are you using services from hostex?
<domas> some, why?
<acicula> just curious about their service, but cant really make heads or tails of their page
<acicula> was wondering if you knew of an english version
<domas> you need hosting in lithuania? :)
<domas> info@hostex.lt would work, I guess
<domas> they run main datacenters here
<domas> why can't I get into grub :)
<quizme> has anybody upgraded to ruby 1.9.1 ?
<domas> woo, success
<acicula> domas: not specifically in lith, but somewhere in the eu is fine if connection is decent
<acicula> domas: gratz :)
<quizme> do i have to reinstall ruby gems if i just upgraded to ruby 1.9.1 ?
<domas> success was mostly for getting into grub screen
<acicula> well you are halfway there then
<domas> somewhat difficult with text and background having same color
<acicula> :/
<domas> damn, missed again
<domas> why the heck doesn't ssh come up :)
<acicula> network started?
<domas> yup
<domas> responds to ping :)
<acicula> can do a local logon?
<domas> no, there's no password
<domas> have to reset it :)
<acicula> boot in single user mode
<domas> I tried init=/bin/sh, probably too old trick
<acicula> no user with admin rights set either?
<acicula> init=S i think
<acicula> not sure
<domas> ghm, what is 'recovery mode'
<domas> what happens if I boot in 'recovery mode'? :) never tried that
<acicula> err that lets you drop to a shell too
<acicula> dunno if you need a pass
<acicula> hey these guys are pretty cheap too, whats your experience with them
<domas> I used to run systems dept. for that company once upon a time :)
<acicula> ah
<domas> anyway, it has good connectivity to .lt
<domas> and as .lt is in europe's ass
<acicula> i know :)
<domas> it probably isn't good for european hosting
<domas> I use server4you.de myself
<acicula> well i'm mostly using my vps to dial out, not so much incomming traffic so
<acicula> domas: they look pretty nice as well, should've searched better before i guess
<domas> arghhhh
<domas> http://p.defau.lt/?QjLfEsw_0yGjAp582inyLQ
<acicula> root
<acicula> drop to shell?
<acicula> ohcrap
<acicula> :D
<acicula> http://www.cyberciti.biz/faq/grub-boot-into-single-user-mode/
<acicula> tl;dr boot grub edit kernel line, add single
<acicula> wait, that also drops you into giving the password
<acicula> boot from cd and chroot into the server?
<acicula> maybe you can override the init?
<domas> thats what I tried at first :)
<domas> so sad :)
<anelephant> HI, I have a problem with a bin9 server. It seems to resolv internet querys well. However I have some problem with some xp machines that is not able to use it. When I do nslookup it gives error message: server failed
<anelephant> anyone have any smart Ideas?
<acicula> what does the log say
<domas> lol
<domas> I just had lots of amusement in #ubuntu
<anelephant> I haven't set up a log, I'll do that now.  named-checkzone works out fine on both reverse and forward zones, and there is net access on all machines however some machines are not able to access other machines by name, only by IP. I'll get back to you with the results from the log.
<domas> this is epic
<domas> http://p.defau.lt/?kuELtwBBr6cZKpr8mR7G2g
<acicula> lol, read the first line, dont need to read the rest
<acicula> boot something and chroot
<acicula> add a user :P
<acicula> if you boot in single user mode, wont pressing enter for a password work, since there isnt a root password?
<anelephant> so I seem to have been able to find the problem with my bind9 server. when The server tries to load the zone file it gets : permission denied. Now I guess I am sounding noobish but how do I set the permissions for the file so that bind can access it?
<zul> anelephant: chown
<anelephant> yea, but what permissions should the file have?
<acicula> well read as the user or group,
<anelephant> ok, thanks acicula!
<domas> ok, hahaha, apparently init=/bin/dash is also correct way, it just doesn't print you shell
<domas> but listens for commands
<acicula> so you gots root back
<acicula> t00t
<domas> well, it doesn't have terminal initialized, just pure stdin/stdout
<domas> so, 'passwd' doesn't work :)
<acicula> /sbin/passwd
<acicula> probably have no path set?
<domas> passwrd uses terminal i/o, not stdin
<acicula> can use useradd with options to add a user and add it to the admin group perhaps?
<domas> usermod -p works
<domas> oh well, it works now
<acicula> it's not added to the admin group by default
<acicula> so you have to specify or change that
<domas> I just set the password :)
<incorrect> I am wondering what the best method of setting up samba is,  I feel i should use pam authentication
<incorrect> if I use ldap then it seems a use has to maintain two passwords
<infinity> Samba can't auth against PAM, but you can go the other direction.
<infinity> libpam-smb allows all your other PAM-using services to authenticate against Samba.
<incorrect> I am sure i once had use pam to get its user db
<infinity> (You can't do it the other way because SMB clients send passwords pre-encrypted, and Samba passing an encrypted password to PAM would do no good)
<kirkland> tjaalton: hmm, i just took a quick look at the code, and i don't see the race
<kirkland> tjaalton: please file a bug, and give as much information as you can about what situations you see the race
<incorrect> ok so what ever protocols can i use to serve home directories to linux,macs and windows?
<tjaalton> kirkland: does it run twice at *:00 ?
<giovani> incorrect: well ... windows likes SMB/CIFS
<tjaalton> kirkland: maybe I'm reading the cronjob wrong, but it appears so
<giovani> linux/mac can handle SMB/CIFS with samba
<giovani> linux/mac can handle NFS more easily though
<giovani> windows can handle NFS with some software
<incorrect> is there anything else
<giovani> theoretically, sure
<giovani> those are the big ones
<giovani> unlikely the other options would work well
<incorrect> what about webdav?
<giovani> it's not a filesystem replacement, but it's a way of sharing files, sure
<giovani> like ftp is
<incorrect> probably samba is the best method
<giovani> just depends on your needs
<genii> I have to sat that the unix tools for windows really really suck, however
<genii> sat -> say
<giovani> indeed, but they're not the only solution
<giovani> so you're not forced to use them
<incorrect> ok i will get samba going
<kirkland> tjaalton: can you pastebin your cronjob?
<kirkland> tjaalton: i'm running update-motd from HEAD, which isn't in jaunty
<kirkland> tjaalton: (inotify-based update-motd :-)
<tjaalton> kirkland: it's what's in jaunty
<tjaalton> have to go now.. ->
<anelephant> Hi I have been struggeling with my bind server giving permission denied on my zone files, Ive tried making root owner and bind owner but it doesn't seem to work.. Any ideas?
<sommer> anelephant: check /var/log/syslog for apparmor entries... have you changed the default location of your zone files?
<NEWzilla> i love the debian way to manage apache...  thanks guys!
<NEWzilla> the sites-enable sites-disable and the a2en* commands. nice..
<giovani> NEWzilla: we love it too :)
<ScottK> kirkland: I like the packages to be updated count on login in Jaunty.  That was you that did that, right?
<kirkland> ScottK: ack ;-)
<ScottK> So thanks for that.
<kirkland> ScottK: if you want to see that number tracked on an hourly basis, run the fancy new screen-profiles
<jpds> kirkland: Is it a known bug that screen-profiles does not work with screen's 'altscreen on' option?
<kirkland> jpds: not sure...  i dunno what altscreen does... /me checks the manpage
<jpds> kirkland: It clears up any output screen gives on closing/detach.
<jpds> So instead of seeing backlog, you just see [screen detached].
<kirkland> jpds: so if you put that in your .screenrc
<jpds> It doesn't work.
<kirkland> jpds: and you're running screen-profiles, that option is not respected?
 * kirkland tests
<jpds> Yeah. :(
<kirkland>         altscreen on|off
<kirkland>  
<kirkland>         If set to on, "alternate screen" support is enabled in  virtual  termiâ
<kirkland>         nals, just like in xterm.  Initial setting is âoffâ.
<kirkland> that's a terrible explanation in man
<jpds> kirkland: You can test it using my old screenrc: http://ryanak.ca/~jpds/screenrc
<kirkland> jpds: yeah, i've reproduced the problem
<kirkland> jpds: please open a bug
<kirkland> jpds: you can mark it 'confirmed', and priority 'medium'
<kirkland> jpds: i'm working on a couple of critical mdadm and kvm issues at the moment, but i'd really like to get this fixed
<kirkland> jpds: in the case where you can figure out the problem, i'm definitely all ears, and will gladly merge a fix ;-)
<Tuxist1> hi
<Tuxist1> I have problem with kerberos ,pam and nfs when I mount the nfs volume I can't login into my kerberos user with pam
<jahor> hi anyone know some resource (wiki, web etc) about documenting network infrastructures and server environment ? in last days i create doc for one of our larger deployments with more servers and many services and i could not find a sane way to document dependencies betwen components (my idea is keep all in one wiki)
<jpds> kirkland: Bug filed, I'll take a look into the source too.
<kirkland> jpds: thanks a lot
<jahor> btw anyone know about some tool like lintian for checking server configuration (something like checking all disk partitions are in nagios configuration, regexp based check of some config files etc)
<kirkland> jpds: i suggest removing chunks out of your screen-profiles profile
<kirkland> jpds: until you get it down to the point where altscreen works again
<kirkland> jpds: and then we can identify the conflicting option
<kirkland> jpds: does that make sense?
<kirkland> jpds: okay, i found the problem-setting
<kirkland> jpds: termcapinfo xterm* ti@:te@
<jpds> kirkland: Yep, will do... thought it might have been that.
<kirkland> jpds: perhaps you can do a bit of research and find out how to get altscreen and termcapinfo compatible with one another?
<kirkland> jpds: i would be so appreciative ;-)
<jpds> kirkland: Sure.
<kirkland> jpds: cheers, dude!
<mathiaz> kirkland: I'm running screen-profile 1.40 on my hardy server.
<mathiaz> kirkland: the number of updates is incorrect.
<mathiaz> kirkland: how can I fix that?
<kirkland> mathiaz: \o/
<kirkland> mathiaz: hit F5-enter
<kirkland> mathiaz: that'll refresh all of your status indicators
<mathiaz> kirkland: nope - still wrong
<kirkland> mathiaz: okay, then run apt-get update
<kirkland> mathiaz: and then F5-enter
<mathiaz> kirkland: apt-get update; apt-get dist-upgrade shows nothing
<kirkland> mathiaz: oh, hardy ....
<kirkland> mathiaz: hardy doesn't have the hook to update /var/run/updates-available on upgrade
<kirkland> mathiaz: rm ~/.screen-profiles/updates-available
<kirkland> mathiaz: then F5-enter
<kirkland> mathiaz: it would pick up the change in an hour
<kirkland> mathiaz: within an hour
<kirkland> mathiaz: jaunty is basically instant
<mathiaz> kirkland: great - thanks.
<mathiaz> kirkland: also - in the status bar, Ubuntu 8.04 is written
<mathiaz> kirkland: I used to have Ubuntu 8.04.2
<kirkland> mathiaz: hmm
<kirkland> mathiaz: let me check something
<kirkland> mathiaz: that's something to do with lsb-release
<mathiaz> kirkland: I was running 1.15 and 8.04.2 was shown
<kirkland> lsb_release
<mathiaz> kirkland: 1.40 shows 8.04
<kirkland> mathiaz: yeah, i used to grep that out of /etc/issue
<kirkland> mathiaz: now i'm using lsb_release properly
<mathiaz> kirkland: right - you're using -i -r
<mathiaz> kirkland: why not using -d for description?
<kirkland> mathiaz: i think i got something weird on Debian or elsewhere when i used -d
<kirkland> let me check ...
<kirkland> mathiaz: had to look it up ....
<kirkland> mathiaz: lsb_release -d on debian says: "Debian GNU/Linux 5.0 (lenny)"
<kirkland> mathiaz: someone from debian complained that that was too many chars
<kirkland> mathiaz: i can special-case it for us
<mathiaz> kirkland: hm - it's just cosmetic I think
<mathiaz> kirkland: if it requires too much code it may not be worth
<kirkland> mathiaz: it'll be trivial to fix
<kirkland> mathiaz: if you open a bug, i'll fix it ;-)
<sbeattie> kirkland: heh, on my opensuse server (that will get replaced soonish), it shows up as '"openSUSE 10.3 (i586)"' (double-quotes included)
<kirkland> sbeattie: yeah, i'm going to special case it
<sbeattie> Oh, that was with -d
<kirkland> sbeattie: distros that have concise+informative -d, and others that need to be -r -i
<kirkland> mathiaz: this status notification does not run frequently, so we can do more work in it
<kirkland> mathiaz: as opposed to the load and mem ones, which run every 2 seconds... those have to be *fast*
<mathiaz> dantalizing: what's the state of openvz in jaunty?
<jpds> kirkland: There doesn't seem to be a way to make termcapinfo and altscreen play together.
<kirkland> jpds: bummer ...
<jpds> kirkland: Also altscreen only wipes the screen for stuff like vim
<kirkland> jpds: is this documented anywhere?
<kirkland> jpds: ie, did you find others hitting this issue?
<jpds> Removing the termcapinfo wipes the screen on detach/close.
<kirkland> jpds: but not stuff like .... what?
<kirkland> jpds: i was using "ls -al" in my tests
<kirkland> jpds: and it was wiping that
<jpds> kirkland: No, I asked in #screen
<kirkland> jpds: is there some way we can modify the termcapinfo to play nice?
<jpds> Not that they told me of :(
<kirkland> jpds: is there an open bug against screen?
<kirkland> jpds: can we open one against screen?
<kirkland> jpds: or is this "by design"?
<kirkland> jpds: we're carrying a couple of trivial patches against screen, both of which have been accepted upstream, i think
<jpds> kirkland: My guess is that it's by design.
<scope006> can ayone point me in the right direction for some best practices on keeping logs well managed and under control in ubuntu server?
<scope006> i want to have some control over how long i keep various old logs files etc
<mathiaz> jdstrand: have you tried to use virt-manager + kqemu on jaunty?
<kirkland> jpds: okay, leave the bug open, paste your findings or irc log
<kirkland> jpds: i'll take a look at the screen source at some point when things settle a little bit
<kirkland> jpds: i'll see if i can find something that work s;-)
<kirkland> mathiaz: thanks for bringing up the updates-refresh question ...
<kirkland> mathiaz: i just verified that it's working properly on jaunty, where apt upgrade is properly hooked to update /var/run/updates-available
<jdstrand> mathiaz: not for a while, no
<jmedina> scope006: I like to use remote syslog servers, I have used syslog-ng for log rotation and archiving
<jmedina> there are some web interfaces for searching in the logs
<jmedina> syslog-ng can archivo logs in database so you can use syslog-ng php  or something
<scope006> jmedina syslog-ng... ok cool ill look into that
<jmedina> I think there is a new syslog daemon, it is used in fedora
<scope006> im also looking at the logrotate.conf file atm as well to see what is setup out of the box
<jmedina> syslog-ng can rotate logs by itself
<scope006> hmmm
<scope006> interesting
<jmedina> but most important, be sure you understand log facilities and priorities
<jmedina> you can use sysklogd to send logs to a remote syslog-ng
<jmedina> sysklogd only uses UDP
<uvirtbot> New bug: #343357 in samba (main) "Errors on file append on CIFS mounted Apple Time Capsule" [Undecided,Invalid] https://launchpad.net/bugs/343357
<jmedina> syslog-ng can use udp + tcp
<giovani> syslog over tcp typically isn't used
<jmedina> I like syslog-ng because has a log of filtering capabilities
<scope006> interesting
<jmedina> giovani: yeap, it is just an option, some poeple think it is good
<scope006> im going to do some reading up on it then
<giovani> jmedina: yep, it has its uses -- high-volume logging, where order and delivery are critical, tcp should be used
<scope006> right now i haven't tweaked any rotation/pruning
<scope006> just using logwatch to email me changes each morning
<giovani> but low-volume, or sporadic logging (like say, from a voip handset) should always be udp -- tcp adds too much overhead
<jmedina> giovani: that is a a good use
<jpds> Anyone know why apparmor is just failing for me? http://paste.ubuntu.com/139077/
<scope006> and am using a custom script to rotate my apache logs when i want it to happen and then issue a graceful restart
<jmedina> there is good web interface I dont remember, it used to be in sourceforge banners
<jmedina> :S forgot the name :S
<jpds> Also, I'm getting errors from a null-complain-profile - no idea where that is coming from though.
<scope006> giovani that makes sense
<sbeattie> jpds: cat /proc/self/attr/confined ; you're likely working under a shell that got an apparmor complain profile attached to it.
<sbeattie> (it won't let you load policy in that case)
<jpds> sbeattie: Oh, right! That file doesn't exist either..
<sbeattie> there's an upstream fix that reports a better error message, but that didn't make it into jaunty.
<dantalizing> mathiaz: we werent able to get any focus on jaunty from openvz
<sbeattie> jpds: duh, sorry, tired, /proc/self/attr/current
<dantalizing> mathiaz: but we're going to have for karmic in prep for the next lts
<jpds> sbeattie: "null-complain-profile (complain)"
<jpds> sbeattie: Must be the usr.sbin.sshd profile I added.
<mathiaz> dantalizing: sounds like a good plan to me.
<sbeattie> jpds: yes, that would do it.
<mathiaz> dantalizing: any info on whether openvz will be included upstream?
<jpds> sbeattie: OK, thanks a lot.
<sbeattie> jpds: you should be able to do 'sudo sh -c "echo -n unconfined > /proc/$$/attr/current"' to let your current shell reload policy
<scope006> jmedina:  it looks like out of the box logrotate does a lot of default archiving and "pruning" for you with various logs
<Pubnum> Howdy
<Pubnum> cetan_hota: care to take the floor?
<cetan_hota> Afternoon all. Having an issue with 9.04 mounting an iso image from VMware. If I attempt to mount the iso image thats on the host in my 9.04 guest, all that happens is the File Bowser opens over and over..
<Pubnum> and over and over...
<Pubnum> I am a confirmed second victim of this issue
<dantalizing> mathiaz: not that i'm aware of .. iirc the latest kernel they're supporting is 2.6.26
<cetan_hota> I can move a iso image into the guest and mount it without issue.
<jpds> sbeattie: Does $$ get autoreplaced? Setting it to the shell's PID doesn't let me reload profiles.
<sbeattie> $$ should be the shell's pid as well, but hrm.
<sbeattie> what does it contain after you do that?
<jpds> sbeattie: Same, null- ....
<uvirtbot> New bug: #349743 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/349743
<sbeattie> jpds: duh, sorry again; try 'sudo sh -c "echo -n setprofile unconfined > /proc/$$/attr/current"'
<sbeattie> (note the added setprofile statement)
<jpds> sbeattie: It doesn't seem to be able to write to the file.
<lamont> mathiaz_: around?
<fevel> hello
<fevel> does anyone know the software heartbeat?
<RoAkSoAx> felipe_, i do
<jmedina> anyone here using openvpn 2.1 with UP/DOWN scripts or plugins?
<jmedina> probably using script-security option
<jmedina> I think I found a bug in openvpn iniscript in intrepid
<RoAkSoAx> jmedina, you could check in launchpad if the bug is reported, or you could report it yourself
<jmedina> RoAkSoAx: thanks I'll do
<RoAkSoAx> np :)
<uvirtbot> New bug: #343046 in mailman (main) "list_lists crashed with ImportError in <module>() no module names email.messages" [High,Confirmed] https://launchpad.net/bugs/343046
<mattofak> hi all; i'm attempting to setup media wiki to authenticate against my AD server, i think I have it mostly figured out, but does anyone know how to install a new root CA for OpenSSL so that LDAPS works?
<mathiaz> mattofak: you wanna look at the ca-certificates package and its update-ca-certificates command
<mathiaz> mattofak: once you've added the new root CA to the ca-certificates infrastructure, you'd have to configure you media wiki system to use the ca certificates.
<mattofak> mathiaz: I'm in the process of writing those config files now, but wouldnt i just tell it to use an LDAPS bind, and then OpenSSL takes care of the rest so long as i have the root cert installed
<mathiaz> mattofak: you have to configure the ldap client to trust the ca certificates ca
<mathiaz> mattofak: and starting from hardy, libldap (openldap) is using gnutls rather than openssl.
<mathiaz> mattofak: the system-wide configuration file for the ldap client library is /etc/ldap/ldap.conf
<mathiaz> mattofak: this is where you set the TLS_CACERT option to the list of ca certificates that should trusted.
<mathiaz> mattofak: this is where you set the TLS_CACERT option to point to a file holding all the ca certificates that should be trusted.
<mattofak> ok, i see where you're going with that
<mattofak> mathiaz: it appears i have some problems in media wiki itself, so i need to work that out before i can see if LDAPS works, but that you for setting on the right path
<PotterT|VF> I am trying to use a vpn script created for redhat variants (using if-up/if-down and ifcfg-vpn0)   any one know of any easy changes that could be done to adapt it for ubuntu server?
<PotterT|VF> or debian servers in general i guess
<uvirtbot> New bug: #349919 in openssh (main) "ssh client sometimes hangs" [Undecided,New] https://launchpad.net/bugs/349919
<jahor> hello, anyone know about some tool like lintian for checking server configuration (something like checking all disk partitions are in nagios configuration, regexp based check of some config files etc)
<thierry_> hi, I'm new to the server world, I'd like to know if you could point me some ressource on how to set up a ubuntu server on a home network so that it will be visible from outside this network too
<Deeps> www.portforward.com
<thierry_> (I already have ubuntu server installed, I'm just clueless on how to make it work with a domain name, ssh, etc...)
<friartuck> thierry_ you could start here: https://help.ubuntu.com/8.10/serverguide/C/index.html
<thierry_> friartuck : yes I was looking at it before asking my quesion, it seems handy but I also lack the theory to understand stuff like "Why should I need a static IP" or "What is a subnet mask?"
<friartuck> thierry_ this is a chat-room chief. you need a book. running a server is not a 5 minute discussion.
<thierry_> friartuck : alright, then could you point me any good book?
<thierry_> friartuck : I mainly try to set up my server to learn while doing it so reading books on the subject would be great I think
<friartuck> thierry_ here's a start http://www.amazon.com/Beginning-Ubuntu-Server-Administration-Professional/dp/1590599233 . that publisher is Apress. another good publisher is http://oreilly.com
<thierry_> friartuck : I did a fast search this morning on oreilly and found mainly stuff about windows server... do you have some title related to unix server? I know that at some point I should look at Apache, but before that?
<thierry_> friartuck : and by the way the book you first proposed seems awesome, I'll buy it
<jmedina> I always recomend read official documentation, then go to you rdistribution and lear here things are located
<jmedina> but for background always reading official documentation
<jmedina> for DNS bind there is https://www.isc.org/software/bind/documentation
<jmedina> with a good howto and good backgrond about DNS system
<jmedina> for apache http://httpd.apache.org/docs/
<jmedina> with alot of howtos and good references
<jmedina> and for other proyects it the same
<friartuck> jmedina true, he's asking what a static IP is though...hence pointing to some books
<jmedina> I like Oreily TCP/IP Network Administration
<jmedina> it is based on linux good example and good tcp/ip background
<thierry_> k I'll look at that
<jmedina> I learn TCP/IP from that book
<jmedina> I think first release was based on solaris and slackware
<jmedina> now is more redhat but theory and exercices are very good, good diagrams
<thierry_> just so you know, I'm already fluent in C++/C, perl and many other langage (I even did google summer of code last summer) but I'm total newbie concerning servers
<thierry_> jmedina , friartuck : thanks a lot for the references, I have to go
<PC_Nerd> Hi,  tcpdump to a specified file makes the file an "application/octet-stream", so how can I then open that for reading || what is that file containing? ( I'm trying to "catch" all packets through my local server)
<friartuck> PC_Nerd tcpdump uses pcap file format. you can use wireshark to open pcap files.
<PC_Nerd> ok thanks!
<olcafo> I find it fun to read with vim. ;)
<friartuck> olcafo hm, never tried that.
<PC_Nerd> of course "cat networklog" tends to screw up doesnt it ( mime)! lol
<olcafo> just the other day I made a file and did a search with vim to revael that a client's website login wasnt' secure... worked like a charm.
<friartuck> olcafo just tried that...I wouldn't say it "works like a charm".
<olcafo> *shrug*
<olcafo> a, right. that's right, after tinkering around I used wireshark to create the file and then browsed it with vim.
<friartuck> ha ha.
<olcafo> things start to slip out of memory these days.
<friartuck> anyone do away with tapes? disk-to-disk or sending hdd offsite?
<PC_Nerd> is there a good packet sniffer (open source
<olcafo> I was just looking into that for a client a few weeks back.
<PC_Nerd> that would allow me to write the packet info to a file for other programs to read ( but not in pcap file format) - txt or something similar
<PC_Nerd> * want to be able to log how much traffic goes through given ports etc....
<friartuck> PC_Nerd um, maybe you should look at cacti for historical trending. paketsniffers aren't really good for that. if I understand you.
<olcafo> friartuck, offsite backups over the internet make a lot of sence for small companies who don't change many files during the day.
<PC_Nerd> ok, nagios is too "complex" for my liking, and I want to be able to put all the data in my own application (which is graphs etc on a web page).....  does cacti do that and if not what might?
<friartuck> PC_Nerd cacti and nagios are not the same animal. nagios is up/down monitoring, cacti is historical trending. mrtg will allow you to put graphs where you want but requires heavy html knowledge.
<olcafo> fiartuck, the solution we came up with was quite simple: take a snapshot and send it offsite, after that you just run a script that makes a copy of the changed data during the day, put it all in an encrypted zip file and ftp it to the backup server.
<olcafo> and sycn it back up offcourse.
<PC_Nerd> I know html very well.... but I want a raw data output ( like a csv or plain text) so that multiple applications can read from the same source.
<PC_Nerd> I specifically  dont want to just read a graph into html, because I will be comparing network data/bandwidth to other stats from apache and other server apps.
<friartuck> PC_Nerd mrtg and cacti use rrd database. you should look into that.
<PC_Nerd> thanks, will do
<friartuck> olcafo yeah, I guess that's only a bitch if you have to do a full restore.
<olcafo> friartuck: even then, this perticular site only hase about 20GB of data (small office!), we keep the zip files on the server for a couple of weeks for versioning. the only thing I haven't figured out is how to properly backup Exchange (cheaply that is).
<friartuck> olcafo nice. I'm looking for a 5-10TB solution. probably go with hot-swap drives and special transport caddy's. just don't like tapes...
<olcafo> friartuck: one of my sites has 10TB data storage NASs, the data there is static enought that we only back it up to take quarterly (DLT S4 1.6TB tapes). But yeah, pain in the ass.
<olcafo> *tape, not take
<olcafo> backing that much data offsite is not really an affordable option without tapes.
<Deeps> faster net connection? :D
<olcafo> Deeps: haha. this sites' only internet option is 5Mbs!
<olcafo> bad location.
<friartuck> ha ha...sir...you need a ds3 so I don't have to deal with tapes. heh heh.
<jmarsden> olcafo: You can use the old ExMerge program to export Exchange email into PST files and automate that; it's not 100% "proper", but it is definitely "cheap"... combine that with a scheduled ntbackup of the whole Exchange db and you're reasonably OK in a small office setting, I would think?
#ubuntu-server 2009-03-28
 * jahor is sad because he got no reply to his question ;(
<friartuck> jahor documentation?
<olcafo> jmarsden: I've actaully looked into that quite extensively. At the end of day this doesn't eliminate the need to do a full ntbackup of exchange to tape... which is what we are trying to get away from.
<friartuck> olcafo jmarsden bacula? dunno much about it. reading about it today in fact.
<jmarsden> friartuck: Unless it has an Exchange-specific agent it won't be able to back up an Exchange database correctly.
<olcafo> bacula on Exchange just doesn't cut it.
<olcafo> I think bacula has a development agent, but I don't want to mess with a perfectly good working exchange database.
<olcafo> If only I could move them over to a Linux solution...
<jmarsden> jahor: There is no such "lintian for your server configuration" tool that I know of, perhaps because it would have to know about every config file format in the Universe to be able to do that...
<friartuck> olcafo just googled a few but it came up with problem reports :O. ubuntu pushes bacula in the official docs. maybe they'll get it right soon.
<olcafo> well, I'm off. Bye.
<jahor> jmarsden: i do not mean validate everything ... just like lintian check only for special cases i define
<jahor> jmarsden: my plan is to use it to check other machines if i find something bad on one of all servers - just like lintian is used
<jahor> jmarsden: but when it does not exists there is room for me to make it, rigt ;o)
<jmarsden> jahor: lintian is generally used to check .debs during the work of creating and modifying packages.... not per server?
<jahor> jmarsden: lintian is for packages ... the tools i search for could be names for example syslint
<jmarsden> jahor: Sure, you can create something.  Are you thinking of a very general server config check tool like cfengine, then?
<jmarsden> http://www.cfengine.org/
<jahor> jmarsden: what i know about cfengine, func, bcfg2 and others is to create some change based on some templates or other sources
<jmarsden> cfengine can be told to just tell you what is different (wrong), it does not have to fix it if you do not tell it to do so.
<jmarsden> And yes, you'd have to create your own ruleset... that is "the special cases you define" ... :)
<jahor> jmarsden: then it could be the right tool for this purpose, i could check the docs for cfengine
<jahor> jmarsden: the cfengine documentation scares me on the first sight ;o)
<jmarsden> It is intended for large scale server setups and experienced server admins... but it is a powerful tool if you take the time to learn it.
<jmarsden> I've only ever played with it myself -- I've not used it in production.
<jahor> jmarsden: but thanks ... i just got idea to combine func and nagios like checks
<comz_> hello all.. i'm trying to solve this problem: i need to configure sendmail (or postfix or something else) to forward all mail that will point to this server to one other email on other server .. could somebody help me please ?
<comz_> please, anybody !
<Damm> comz_, that's more dns then the latter.
<Damm> you can configure sendmail/postfix/exim4 to accept and relay for a domain, but if the DNS records don't tell it to do it also... it won't.
<comz_> Damm: it is configured .. i need to forwart all emails to any account (ac1@dom1.com, ac2@dom1.com, ac1@dom2.com) to one email (nick@example.com)
<Damm> comz_, then you need to setup a user mapping
<Damm> virtual user mapping or user mapping
<comz_> Damm: virtual i think .. how it is done ?
<comz_> because no of the account currently exists on the server
<Damm> however this isn't #sendmail or other said.  So what package did you install on Ubuntu Server?
<lamont> man virtual
<comz_> lamont: no entry for virtual
<comz_> Damm: i'll try it there .. thanks
<lamont> comz_: after you install postfix there is
<comz_> lamont: thanks
<mmt_> Could somebody tell me how to configure my routers' NAT settings so that I could access my local server with my global ip?
<mmt_> from within the localnetwork that is
<twb> Is the router running Ubuntu?
<mmt_> No it doesn't.
<twb> Then no.
<mmt_> Could you point me to a channel where I could get some help?
<twb> mmt_: that depends on what OS your router is running.
<twb> e.g. #openwrt if it runs OpenWRT.
<mmt_> It's a ZyXEL P-660HW-D1
<mmt_> running the firmware that came with it.
<uvirtbot> New bug: #350291 in samba (main) "Samba cannot resolv ip" [Undecided,New] https://launchpad.net/bugs/350291
<goksu> hello I need help on installing ubuntu on HP Prolient ml350 G5
<goksu> the installation goes just fine from ubuntu-server-64.iso. but I can not boot after install. ml350 hangs after reboot saying "attempting Boot from hard drive c:".
<goksu> first time I try this. so it could be something about the ml350
<goksu> is irc working fine? first time since 1998 I have logged on.
<Nicke_> it's working fine yes :)  But..
<Nicke_> !weekend
<ubottu> It's a weekend.  Often on weekends, the paid developers, and a lot of the community, may not be around to answer your question.  Please be patient, wait longer than you normally would, or try again during the working week.
<goksu> ok thank you. I'll wait.
<goksu> oh the good old days. :) university life.
<ivoks_> http://www.sun.com/servers/index.jsp?tab=0
<ivoks_> Sun SPARC Enterprise T5440 Server
<ivoks_> Sun SPARC Enterprise T5440 Server
<ivoks_> From $5,179,500
<ivoks_> huh? :)
<andol> ivoks_: Seems like they have corrected it now, or are they still trying to give you that price? :)
<ivoks_> still the same :)
 * andol sees "From $51,795"
<ivoks_> heh
<ivoks_> how about M3000?
<ivoks_> From $14,795
<andol> yes, that's the same.
<ivoks_> T5120 from $1,279,500
<ivoks_> X4450 From $1,499,500
<ivoks_> etc :)
<andol> T5120: "From $12,795", X4450: "From $14,995"
<andol> Well, if nothing else, there is a pattern...
<ivoks> probably taxes for non-EU countries :D
<ivoks> take care
<andol> you too
<ivoks_> lol... i have two IRC at the same time :)
<andrer> anyone know a way to re-scan for iscsi targets without restarting iscsi? (I already have some luns mapped on a NAS device... if I do /etc/init.d/iscsi restart the new disks will show up, but I don't want to restart iscsi as I already have some disks mapped)
<lantay77> why wont my server show all of my 540mb of ram? http://paste.ubuntu.com/139725/
<lantay77> 2.6.28.3 is my kernel
<friartuck> lantay77 try: more /proc/meminfo
<lantay77> that shows more info
<lantay77> is some of it reserved by the kernel or something?
<friartuck> lantay77 is the first line, MemTotal correct?
<lantay77> yes
<friartuck> lantay77 dunno why, my box shows different numbers also.
<lantay77> http://paste.ubuntu.com/139727/
<lantay77> thats what i got
<friartuck> lantay77 how about top? my top shows the same as /proc/meminfo
<lantay77> top shows the same as MemTotal
<friartuck> hmm, dunno why free shows diff.
<jkakar> I'm playing around with Eucalyptus in Jaunty Server (beta).
<jkakar> I've got the cluster running with a node registered.
<jkakar> I've created a KVM image with ubuntu-vm-builder.
<jkakar> Now I'm blocked on using ec2-bundle-image to turn the KVM image into something I can use with Eucalyptus.
<jkakar> Are there any instructions describing the process?
<uvirtbot> New bug: #350564 in mysql-dfsg-5.1 (universe) "package libmysqlclient-dev 5.1.30-2ubuntu1 failed to install/upgrade: tentata sovrascrittura di `/usr/include/mysql/decimal.h', che si trova anche nel pacchetto libmysqlclient15-dev" [Undecided,New] https://launchpad.net/bugs/350564
<Rafael> anybody has experience with ebox and samba
<dosno> Anyone running the 9.04 beta ?
<Begs> hey, how do you make ubuntu refuse all connections that didnt originate from the local network
<Deeps> iptables -I INPUt -s ! localnet/mask -j REJECT ?
<Deeps> replacing localnet/mask accordingly, and INPUt with INPUT
<Begs_> Deeps: thanks
#ubuntu-server 2009-03-29
<Begs> its odd, a while after i run iptables -I INPUT -s ! 192.168.0.0/255.255.255.0 -j REJECT i stop being able to access the server using cifs from my windows box, and as soon as i delete the rule it works again
<Begs> everything else works though
<Deeps> may need to allow broadcast traffic too?
<Begs> how do i do that, its just odd how it works fine for a while then stops?
<Deeps> allow traffic to/from 255.255.255.255 as well?
<Begs> so just run  iptables -I INPUT -s ! 192.168.0.0/255.255.255.255 -j REJECT instead of other command
<Deeps> no, the second param is the netmask, assuming you want traffic from 192.168.0.* you need it as defined earlier
<Deeps> that said, broadcast traffic appears from the source anyway, so it's not that
<daddy242> Does anybody know how to get rid of complaints like  Does anybody know how to get rid of apparmor complaints like requested_mask="::r" denied_mask="::r" name="/lib/tls/i686/cmov/libdl-2.7.so" pid=6792 profile="null-complain-profile" namespace="default" for a sshd profile for a sshd profile
<daddy242>      /msg nickserv register m0v135 treymul@gmail.com
<ScottK> daddy242: I'd suggest a different password next time.
<Deeps> and possibly a different irc client / terminal configuration
<giovani> not to mention more careful observation of 5 spaces
<daddy242> good call
<CppIsWeird> is there any pfsense like package for ubuntu-server?
 * genii struggles with apcutils
<daddy242> Does anybody know how to get rid of apparmor complaints like requested_mask="::r" denied_mask="::r" name="/lib/tls/i686/cmov/libdl-2.7.so" pid=6792 profile="null-complain-profile" namespace="default" for a sshd profile
<Sam-I-Am> you can edit the apparmor profiles
<Sam-I-Am>  /etc/apparmor.d or somesuch
<daddy242> I have done a lot of editing, the files in question have already been given read rights to sshd, but i am getting these errors due to this other profile
<Sam-I-Am> did you edit the null-complain-profile ?
<daddy242> no, I'm not sure what that is
<daddy242> I don't even have anything like that under apparmor.d,, where would I find it
<Sam-I-Am> something is telling it to gripe by default about stuff
<Sam-I-Am> alternatively, just disable apparmor, its irritating and broken :P
<Sam-I-Am> have you googled for that error?
<daddy242> yes and I haven't been able to find anything helpful
<Sam-I-Am> meh
<Sam-I-Am> i guess you could make a profile to specificially consider that file in question
<Sam-I-Am> question is... is apparmor breaking something or just griping?
<ScottK> Sam-I-Am: What's broken about our apparmor and have you filed bugs?
<Sam-I-Am> its more like the default profiles for apps
<Sam-I-Am> i spent almost a day trying to figure out some weirdness with slapd only to find out it was a misconfigured apparmor profile
<ScottK> There are certainly sometimes problems with them.
<Sam-I-Am> turns out there was a bug filed for it already, but the subject for it was a bit misleading... nor did i realize it was apparmor at the time.
<CppIsWeird> is there any package that would setup a ubuntu-server to something similar to m0n0wall or pfsense?
<Sam-I-Am> hmmm, i havent seen one
<giovani> CppIsWeird: nope, but firewalls in ubuntu are pretty simple: https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<genii> Any way to send a network alert when ups kicks in?
<genii> (so all the other boxes can nicely shut down when there's like 2 minutes left of power for instance)
<goksu>  hello I need help on installing ubuntu on HP Prolient ml350 G5
<twb> genii: I guess that would be up to nut.
<goksu> the installation goes just fine from ubuntu-server-64.iso. but I can not boot after install. ml350 hangs after reboot saying "attempting Boot from hard drive c:".
<twb> goksu: that sounds like the MBR wasn't installed, since it refers to "drive c:" which GNU/Linux never does.
<goksu> twb: how do I fix it?
<twb> By installing the bootloader, I imagine
<goksu> ubuntu installs well from cd. all the way to remove installation cd prompt.
<twb> That's assuming I've diagnosed the error correctly, of course.
<goksu> shouldnt the install cd load that too?
<goksu> I am thinking along the same lines.
<twb> goksu: it should
<friartuck> goksu did you do custom partitioning?
<goksu> I have 4 hdds. I made raid5.
<twb> goksu: hardware or md raid5?
<friartuck> goksu lvm raid5?
<goksu> no I did not. guided with lvm.
<PhotoJim> I missed the problem.  what is it?
<twb> PhotoJim: 14:17 <goksu> the installation goes just fine from ubuntu-server-64.iso. but I can not boot after install. ml350 hangs after reboot saying "attempting Boot from hard drive c:".
<PhotoJim> twb:  Thanks.
<goksu> :)
<PhotoJim> I had a problem with RAID1 (software) not enabling quickly enough for a successful boot.  adding a rootdelay solved it.  but your problem is not what mine was, alas.
<goksu> so after pluging the 4 hdds. I did a raid5 from the boot F8 or F120 I guess.
<goksu> no. I have not installed a software raid. because I dont know how to do that. and the raid5 install I did I did before the ubuntu cd got inside the machine.
<twb> goksu: ok, so you are using hardware raid?
<goksu> yes hardware raid. raid5.
<friartuck> goksu did ubuntu install see 4 drives or 1?
<goksu> I have 4x 146GB drives. the total now with raid5 is about 410GB. so yes I t did.
<friartuck> goksu see 1 drive @410GB?
<goksu> yes.
<goksu> should I have done a raid5 on 3 drives and set the fourth as a hot spare?
<friartuck> no.
<goksu> ok. so Ubuntu installs from cd ok. but I can not boot after the cd is removed when asked.
<karl86> i used the ubuntu server guide to set up postfix with tls, but mail clients are complaining that the certificate is out of date. Can anyone point me in the direction in which I am going wrong?
<friartuck> goksu setting up hardware raid varies from card to card. it's fairly easy to screw up. I would check the raid card manual.
<twb> I hate hardware raid
<twb> Especially fakeraid
<friartuck> goksu sounds like problem with raid card and not ubuntu. guessing.
<goksu> friartuck: I'll go through the manual again. but shouldnt ubuntu have said so when I last installed? It even asked to removed the old swap partition and all from the previous install attempt.
<genii> boot from raid5 is often problemmatic
<goksu> geni: hmmm. that means not possible for ubuntu or needs workaround?
<friartuck> goksu well, when hardware raid is done right...the OS thinks there is only one drive.
<goksu> friartuck: yes that what I know.
<goksu> till what time can I count on you guys being around?
<twb> goksu: it doesn't work that way.
<twb> goksu: people here are from all over the world, and they come and go individually.  There's no roster.
<friartuck> goksu this guy did it with guided partitioning and no lvm: http://www.cylindric.net/blog/2007/09/11/ubuntu-on-a-compaq-ml350-server  maybe reinstall and try no lvm...
<goksu> twb: cause yesterday I couldnt find anyone. being the weekend and all.
<twb> Shrug
<goksu> its good to know. :)
<twb> If you need support bad enough there are people you can pay
<twb> Otherwise you take what you get
<friartuck> kick it
<goksu> twb: what I try to do here is to get a linux server into the company. they insist on getting everything with windows. and they cant do it properly even then.
<PhotoJim> goksu: commercial Linux support is available from quite a few places.  there are tons of advantages to running a server on Linux versus Windows, but whether it makes sense at a given company depends on a lot of things.
<goksu> ok some background. I am a civil engineer, lead planning engineer here in qatar (thats gmt+3 so 06:30 now). I have been trying to get most of my work onto the linux side.
<goksu> I have already moved my two laptops to ubuntu. and what I have been trying with windows it is easier with linux. the learning curve is higher but I like to read  manuals anyway. :)
<genii> goksu: I did not see your Q immediately, it did not flag to me due to mis-spelling of ny nick. A usual workaround is to have a small un-raided /boot which then goes to the main system in a raid5 layout
<genii> A hardware raid1 is also OK, depending.
<friartuck> goksu try the install without lvm. just use regular guided. leave the raid5.
<twb> genii: he's using hardware raid5, so a separate /boot shouldn't be necessary.
<goksu> friartuck: I will try without lvm now.
<genii> twb: Even hardware raid 5 controllers often do not allow for boot. The adaptec series has a few like this for instance
<twb> genii: that's retarded
<genii> I think it's an MBR issue when the data is being striped
<twb> everything I hear about hardware raid makes me sad
<friartuck> twb that's a shame, it makes for very fast disk access and reliability. raid is good.
<twb> We bought a fancy IBM rackmount box with hotswap drives for a customer, and only later found out that you had to ask specially if you wanted the hardware raid firmware to support RAID5
<twb> friartuck: I have no problem with md RAID, I use it a lot.
<genii> twb: That totally sucks
<genii> (the firmware issue)
<twb> friartuck: but hardware RAID is like SCSI, you have to have the right kind of jewelled knife and it has to be a full moon and shit
<twb> genii: I think that was also one of the stupid raids where you need a tainted driver to make it appear to the kernel as a single drive
<genii> Ah, not true hardware raid then
<twb> The other reason I like md raid is that I don't need to buy spare copies of the raid controller, because md raid is md raid, and any linux can read it with any kind of controller
<twb> genii: bloody wacky hardware raid, at least
<twb> genii: stupid IBM...
 * genii throws a rock at Big Blue for twb
<goksu> ok I got this from the boot setup menu F10: boot disk status: passed-disk present, boot disk ready: pass -disk ready, verify boot sector: pass-valid os boot sector present.
<genii> Hm, perhaps it supports MBR
<goksu> so I a am now starting the without lvm regular guided install from scratch.
<twb> But sata is always hot pluggable, right, so it's TOOOOTALLY safe to just open a cheap-ass whitebox tower and add/remove drives while it's running
<twb> >duck<
<genii> twb: I'm moving to combination SAS/SATA so I can eventually move it all to SAS
<twb> SCSI's just too expensive to justify for me.
<friartuck> sata 3Gb/s are nice these days.
<genii> twb: I definitely agree on the price issue
<Alex_21> Yeah, the price of what?
<matthew-21> Hi, could someone please tell me how to configure what port apache listens on? My isp blocks port 80.
<genii> Alex_21: SCSI drives
<genii> matthew-21: /etc/apache2/ports.conf
<matthew-21> Thank you.
<genii> np
<Alex_21> Oh, Matt, use "Sudo vi /etc/apache2/ports.conf"
<goksu> meanwhil I have another question.
<goksu> I am running ubuntu desktop edition on my laptops.
<Alex_21> Got to Ubuntu for Laptops and Desktops
<Alex_21> Lol, we don't mind here, but you'll get better support over there
<goksu> I have tried to install the server edition onto them from scratch because all I needed was the server apps. installation went ok but at first reboot I got kernel error.
<friartuck> goksu strange, I'm running server 8.10 on a dell 810 np.
<goksu> my question is: does that happen often? the server edition is geared for servers I understand but still it sould boot from a centrino 1.6 and a amd 1.6
<PhotoJim> server 8.10 on a dell poweredge 2450 here at home.  other than that RAID1 boot issue, which was pretty easily fixed, no problems at all.
<friartuck> goksu I've installed server 7x and 8x on all kinds of old desktops with no issues.
<goksu> friarduck: I have an hp compaq nx7010 centrino 1.6 and an MSI m673 amd 1.6 running on 1.5 ram.
<goksu> both installe dok but no reboot. anyway. I'll ask again when I do a server install on them. :)
<friartuck> goksu did you use 32-bit on those?
<goksu> friartuck: I used 32 bit for the centrino. and 64 bit for the amd turion 64 1.6.
<friartuck> goksu and neither booted?
<friartuck> goksu here's recent post on same hardware, install worked: http://ubuntuforums.org/archive/index.php/t-1047447.html
<goksu> friarduck: neither booted. I was a little surprised as one is an old but good laptop, the other one is new but not very high end.
<genii> PhotoJim: I have a couple of those 2450, nice boxes
<goksu> friarduck: on the web page you sent. it does not say server. I couldnt boot server editions. but the desktop editions booted without any problems.
<PhotoJim> genii: I have two, but one isn't running (has CPUs but no drives or RAM).  got them cheap, $50 for the pair.  Very pleased so far.
<goksu> I dont suspend or hibernate. they are left open 24/7.
<goksu> one is anyway.
<matthew-21> Is there a way to share things on an external harddrive using apacheÃ
<PhotoJim> matthew-21: apache is a web server, it's not meant to be a file server.  but you can do anything on an external drive that you can do on an internal one, using Linux.
<friartuck> goksu that's strange. server edition should work on anything that desktop works on. I think Murphy's Law having fun with you.
<PhotoJim> goksu: you could always try using the desktop alternate install CD.  but in theory it shouldn't matter.
<matthew-21> Yes, but my linux server really only has enough room for the os and a few packages and I am not sure how to share web files that are on my external harddrive.
<PhotoJim> matthew-21: you can mount filesystems anywhere you like.  apache's web content is stored at /var/www.  so if you mount an external hard disk partition at /var/www, your web server is using your external drive.
<friartuck> matthew-21 make a soft link (ln -s) in /var/www?
<PhotoJim> That's option 2.
<PhotoJim> and option 3 is to get a decent-sized hard disk.  terabyte drives are $100-ish US.  much smaller drives that are still really quite large are much less.
<friartuck> 1TB drives are freakin cheap now.
<goksu> PhotoJim: I did a desktop install then added the lamp packages. I really like linux flexibility.
<Alex_21> Alex_21: He only has a 10 GB Disk because that is all his web host provides
<PhotoJim> goksu:  Linux is really awesome.  the learning curve is sometimes steep, but I admire it more and more all the time.
<goksu> friartuck: I have an acer easystorage 1TB. upgraded to 4TB.
<PhotoJim> friartuck: they're cheap enough that I have a pair of them on RAID1 for a home server, when I don't need a quarter of that much space.  but it makes no sense to not have the space these days.  I can grow into it.
<Alex_21> Alex_21: That was about Matthew-21
<friartuck> goksu nice.
<matthew-21> Ã©nick matthew211
<Alex_21> Ok, Matthew-21: where is his external drive mounted
<matthew-21> woops
<friartuck> PhotoJim I'm sure you will fill that volume :).
<Alex_21> I'll be right back
<PhotoJim> friartuck: I have a feeling you're right. :)
<Alex_21> Where is a Hard Drive mounted by default
<Alex_21> ? Please
<genii> If it's not a system drive usually somewhere under /media
<friartuck> Alex_21 look in /media
<PhotoJim> Alex_21: but you can arrange to have it mounted wherever you like.
<friartuck> Alex_21 you type "mount" with no arguments to see what's mounted.
<Alex_21> Ok
<Alex_21> Thanks
<island_swimmer> Is there someone named Matthew-21 or something here?
<island_swimmer> Someone who was looking for help with sharing files
<goksu> PhotoJim: believe me you grow into it.
<island_swimmer> I am doing the same thing
<island_swimmer> I was hoping to help. Maybe PM if that was ok
<friartuck> goksu you in Qatar?
<goksu> friarduck: yes I am.
<friartuck> goksu IT jobs there?
<goksu> ubuntu install is asking Activate serial ATA Raid devices yes/no. I say yes.
<goksu> friarduck: yes plenty. even the government is looking for IT guys. its growing fast here. not enough qualified ppl.,
<goksu> friarduck: but funny they have only one IP. the whole country goes out on one IP.
<goksu> ok ubuntu instal says Select disk to partition.
<friartuck> goksu strange. I was working for financial services co. when market tanked. maybe I'll head that way :). Qata nice place?
<friartuck> goksu how many disks does it present?
<goksu> SCSI.CCISS (-,0,0) (cciss/c0d0) - 440.3GB Compaq smart array.
<friartuck> goksu I'd say your good to go.
<goksu> friarduck: It is a very safe place. you leave your back on the car in a garage and come back 2 hours later and it still is there.
<friartuck> goksu ha ha. nice.
<goksu> ok it removes logical volumes root, swap_1 and volume group etc..
<genii> Hm. Compaq
<goksu> you can find anything you look for. but everything takes time.
<friartuck> goksu I look for job...that's taking long time. =-O
<goksu> partitions formating....
<goksu> so the hdds work ok.
<island_swimmer> How do I find drie that are plugged in but not mounted?
<island_swimmer> Please
<goksu> friarduck: you are welcome here.
<goksu> THE FORMAT ÃS STUCK ON 33%  sorry caps..
<island_swimmer> No, that is fine. It'll pass it eventually
<goksu> there are a lot of ppl who work here and come and go as needed.
<island_swimmer> How do you find out what drives that are external can be mounted if they aren't
<island_swimmer> ? Please
<island_swimmer> Lol
<goksu> island_swimmer: I dont know. I plug, and it shows. try lusb
<goksu> if it does not I unplug and replug. but thats obvious.
<friartuck> goksu you may need to run a consistency check on the logical volume in the raid setup. it may need to be initialized or something.
<friartuck> island_swimmer type "mount" to see what's mounted. look in /media for external usb drives.
<goksu> friartuck: it is "installing the base system" now. so ok I guess.
<island_swimmer> This is a CLI Command-Line install of Ubuntu with no other packages
<island_swimmer> Except some ssh and gui tools
<island_swimmer> And no it isn't moiunted at all
<island_swimmer> Mounted, ... Sorry, nor is it in "/media"
<island_swimmer> What can I do
<island_swimmer> Lol, ... Please
<friartuck> island_swimmer do "lsusb" and "mount" and post in pastebin.com
<genii> island_swimmer: sudo fdisk -l      should show all the partitions. Likely an external will be sdb1 sdb2   sdc1 sdc2   or so on. Also when: mount        is issued it will not be shown as boing mounted anywhere. You could try after finding what partition is something like:  sudo mkdir /media/sdc2 && mount /dev/sdc2 /media/sdc2                            as an example
<genii> If it completes successfully (in this example for second partition of sdc)  then:  ls /media/sdc2             would show the disk contents
<genii> island_swimmer: Also if the filesystem on it is not native linux you will need to have filesystem driver for whatever it contains and also specify that in mount command like:   mount -t ntfs-3g /dev/sdc2 /media/sdc2              or similar
<island_swimmer> How do you get a wd's file type?
<island_swimmer> It is a WD HD
<island_swimmer> Western Digital
<island_swimmer> Mybook
<genii> island_swimmer: The: sudo fdisk -l      command should have shown you that
<genii> island_swimmer: eg in my case: dev/sda1   *           1       19210   154304293+  83  Linux                             shows the drive is Linux (ext3)
<goksu> ok Ubuntu server Install onto prolient ml350 G5 raid5 does not work. I can not reboot after installation. I still get attempting boot from hard drive (c:)
<goksu> it was an install attempt with no lvm. just regular guided.
<island_swimmer> It looks like SDA1 is part of the OS on the Internal Hard Disk. Is that right?
<genii> goksu: As a fast guess I'd say they have some custom MBR which still says something like C:    instead of the MBR being based on GRUB
<genii> island_swimmer: Correct
<goksu> genii: so what do I do now?
<genii> goksu: Did you install grub to the mbr of the first hd ?
<goksu> genii: all I did was install the cd. nothing else. so if the cd did not install then grub did not install.
<island_swimmer> Well, I tried the command and it only shows my internal HD
<goksu> genii: I did not specifically install grub.
<island_swimmer> Is ther a package that has all the drivers for every file type on it?
<genii> island_swimmer: Then it doesnt see the drive. Does it connect by ethernet wire or by usb, or firewire, or what?
<island_swimmer> USB 1.1
<genii> island_swimmer: There isn't a single metapackage I know of that is some "all in one" for filesystems supprt, sorry
<friartuck> goksu that's strange, I think it's something with the raid/bios setup and probably not to do with ubuntu install. my guess.
<island_swimmer> It is some Windows compatable one I know, but I don't know which one
<genii> goksu: Can you make a single small raid1 and then the rest raid5 in bios/controller ?
<island_swimmer> Is that why it won't see the drive?
<genii> island_swimmer: If fdisk doesn't see it then it's something at a hardware level and not at some software level like filesystem type or such
<island_swimmer> Ok
<island_swimmer> I'll check
<genii> goksu: If so, suggest to install /boot and grub to the raid1and the system onto the raid5.
<goksu> genii: ok. if nothing else will work. bu I really did not want to have to do a raid1. :S
<genii> goksu: The MBR of a raid1 will be like a normal disk but just twice, so it works with grub. The MBR of a raid 5 can vary wildly
<friartuck> goksu genii I would check the system bios, that's separate from the raid setup program.
<genii> friartuck: Yes, that may not be a bad idea. It could be also there is a "hidden partition" with system stuff thats causing it
<friartuck> goksu genii you should be able to do one raid5 volume, I've done it a bunch of times.
<friartuck> goksu genii but you have system bios program and raid card setup program to deal with.
<goksu> the ml350 is brand new from the box. I dont think there is any residue in the hdds.
<genii> friartuck: He has no probs making a raid5 and ubuntu seeing and installing to it. He has some other probs which seem MBR related since it refers to "drive C:" etc etc
<genii> goksu: Is there some other hd in there not int he raid5 which it might be going to first and trying to boot from?
<friartuck> genii agreed, but maybe there's an onboard raid conflicting with an installed raid card...or maybe bios needs to know about raid card or something.
<goksu> genii there is not.
<genii> goksu: There seems something on it here: http://ubuntuforums.org/archive/index.php/t-80342.html    which suggests the initramfs needs to preload a driver called cpqarray
<genii> It's an old thread but perhaps still relevent
<genii> Although this would happen after grub
<friartuck> goksu have you managed to get into system bios program?
<lwizardl> Hi
<goksu> friartuck: yes I think so. everything is factory default. I am rereading the manuals from the hp.com site. they dont have any manuals on the cds attached to the box. :S
<genii> goksu: http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1238304153554+28353475&threadId=1237645
<lwizardl> would it be possible to build a Ubuntu Server that acts as the network firewall and also auto scans everything for malware?
<genii> goksu: Same problem you have answered by their tech support
<friartuck> genii goksu so you think he should boot off cd and do grub install?
<genii> friartuck: Thats what I'd try, yes
<goksu> genii friartuck I'll do that after I reread the manual.
<goksu> genii friartuck so I do a "grub-install /dev/cciss/c0d0p1" ?? from a boot from a live cd and from terminal?
<genii> goksu: I'd use the name of the drive you installed to, I think it was different than that one
<friartuck> genii goksu how would he get the physical? cxdxpx?
<genii> friartuck: fdisk should still  list it. I'm gonna scroll up here, he mentioned disk name earlier
<genii> "<goksu> SCSI.CCISS (-,0,0) (cciss/c0d0) - 440.3GB Compaq smart array."
<goksu> genii friartuck so it is the same command then.
<genii> the "p1" on their command is partition1. I'd try just the disk name without partiton specified
<friartuck> goksu genii I agree. try grub-install /dev/cciss/c0d0
<friartuck> genii goksu I've only installed grub with gentoo. just checked the docs and it leaves off the partition there too.
<genii> goksu: Any joy yet?
<goksu> genii nope not yet. I am looking for the desktop cd. that one was live.
 * genii makes more coffee
<MusicGenious> wow, lots o people
<MusicGenious> anyone wanna help me set up a server?
<goksu> does it matter if the desktop cd is a 32 bit or not?
<friartuck> MusicGenious here's a good place to start: https://help.ubuntu.com/8.10/serverguide/C/index.html
<MusicGenious> quick question, which version should i use?
<MusicGenious> lts or newest release?
<goksu> burning 64 bit desktop for grub-install
<MusicGenious> i wish there was a puppy linux server edition but ughh nope
<friartuck> goksu good idea.
<MusicGenious> 8.10 or 8.04?
<MusicGenious> im putting it on a compaq presario sr1115cl or something
<twb> 14:59 <Alex_21> Oh, Matt, use "Sudo vi /etc/apache2/ports.conf"
<twb> I recommend sudoedit instead, since it reduces the amount of stuff that is escalated.
<friartuck> MusicGenious it's up to you. 8.10 has new packages. 8.04 has longer support.
<MusicGenious> will they both allow me to set it up with a dns hostname?... and is that free?
<friartuck> MusicGenious yes
<MusicGenious> i know ubuntu is free, but are host names?
<twb> MusicGenious: or your own network, certainly.
<friartuck> MusicGenious hmmm...hostname is just the name of you machine.
<MusicGenious> i want access anywhere
<MusicGenious> like if im at school or wherever
<twb> MusicGenious: then you probably just want to use a gratis dynamic dns service, so you will have something like musicgenious.ath.cx or musicgenious.dyndns.org
<MusicGenious> cuz im running on a home network and i got the whole 192.168.x.x thing going lol
<MusicGenious> will that be free?
<twb> That will be zero cost.
<MusicGenious> WORD!!!
<twb> i.e. free of charge.
<MusicGenious> and using this server will let me open and save things to it from wherever?
<twb> MusicGenious: that will give your router a permanent FQDN.  You would then use port forwarding to make services visible from the internet.
<MusicGenious> ok, that will work, but will i be able to save files to it?
<MusicGenious> like if im at school and i do some homework and i wanna upload it, will i be able to do that?
<Alex_21> Thanks for your help
<Alex_21> Good night
<twb> MusicGenious: if you expose that service, and neither you ISP nor your school block your access, then sure.
<friartuck> MusicGenious the issue is security. making a server available on the internet opens a can of worms.
<twb> friartuck: good point.
<MusicGenious> aka people can do whatever they want to it?
<twb> MusicGenious: that depends on your security model.
<friartuck> MusicGenious if you don't know about security, then yes.
<twb> For example, if you enable remote ssh access via passwords instead of keys, then anyone on the internet can just keep trying passwords until they guess what yours is.  Then they have full access to your system running as your user.
<MusicGenious> basically heres what im using it for besides my personal use.  i have friends over and we record music, and i wanna upload all of our stuff so they can access it and show family and friends and stuff, it'll save on the cost of burning a crap load of cd's lol
<twb> MusicGenious: you realize that is almost certainly a violation of copyright law?
<friartuck> twb looks like he's talking about originals...
<MusicGenious> what is a violation of copyright law?  letting people download the music ive recorded that i made myself?
<MusicGenious> im not sharing other peoples music, im sharing mine
<twb> MusicGenious: ah, if it's your music, that's OK.
<MusicGenious> hence musical genius lol
<friartuck> MusicGenious not for originals, just don't share Metallica. :)
<MusicGenious> yeah or linkin park lol
<MusicGenious> m shinoda isnt down with that lol
<twb> Technically copyright only applies to creative works.  You could argue that Metallica's albums aren't ;-P
<twb> Aaaanway
<friartuck> ha ha! not since black
<MusicGenious> btw, if you guys are interested www.myspace.com/andyblankfield  take a listen, feel free to critique lol
<MusicGenious> lol
<twb> friartuck: actually I think their best work was their covers album, garage inc.
<friartuck> twb Cliff Burton fan?
<MusicGenious> thats just me, but im trying to start a music club or whatever and make an album called collaboration generation
<friartuck> Cliff'em All?
<twb> friartuck: shrug
<twb> friartuck: I don't know much about art.
<twb> I think we've wandered off-topic.
<MusicGenious> nahh im waiting for the server edition to dl
<MusicGenious> btw how long should this take to set up?
<goksu> ok ubuntu desktop 64 bit live cd book ok. :) pretty screen :)
<twb> MusicGenious: you can do an install just using a mini.iso
<MusicGenious> roughly
<friartuck> twb Cliff Burton was original bass player in Metallica. Yeah, it's way off topic.
<MusicGenious> its not hooked up to the internet, im using a usb adaptor at the moment
<twb> MusicGenious: ah, fair enough.
<MusicGenious> thats another thing, will i be able to use ndiswrapper so i can run it from wireless?
<lwizardl> would it be possible to build a Ubuntu Server that acts as the network firewall and also auto scans everything for malware?
<twb> MusicGenious: ndiswrapper will work as well on Ubuntu Server as it does on Ubuntu.
<MusicGenious> never got it working on ubuntu lol
<twb> MusicGenious: precisely.
<MusicGenious> but it works on puppy linux... weird
<twb> MusicGenious: I recommend you pay more attention to Linux support when purchasing hardware in future
<friartuck> lwizardl take a look here: http://www.ipcop.org and here: http://www.smoothwall.org
<twb> lwizardl: that depends on how you define `everything' and `malware'.
<MusicGenious> lol, well its not a big deal, its just more convenient... but if i can figure this one out i should be able to build a puppy linux server edition myself lol
<twb> Really, the right way to get rid of malware is to take Windows away from your users.
<MusicGenious> lol
<lwizardl> twb, well i have a few windows users on my desktop and i would like to make sure that they stay safe
<twb> lwizardl: that's not really possible.  The best you can achieve is a holding action.
<lwizardl> twb, i have enough trouble with her on windows she's almost 60 years old
<friartuck> lwizardl firewall from scratch is long story. ipcop and smoothwall is short story.
<twb> friartuck: why not ufw?
<twb> friartuck: ultimately they're all just wrappers on top of iptables
<lwizardl> friartuck, i've looked at the ipcop stuff but i would like to also have Tor type setup on the same server machine
<friartuck> twb true, but ipcop and smoothwall rock. ipcop has plugins for snort and all kinds of stuff. you can do it by hand...but if one is asking in a chat-room then doing by scratch is long ways off.
<friartuck> lwizardl tor server on a firewall=bad practice.
<goksu> genii friartuck I did a boot with livecd 64bit desktop. then did a "grub-install /dev/cciss/c0d0" (also with c0d0p1) I get message "could not find device for /boot: not found or not a block device.
<twb> Routers are for routing and not services.
<lwizardl> friartuck, i don't want to run a tor server for others to access i just want to have all my connections tunneled through it
<twb> goksu: you need --root-directory=/mnt after mounting your root filesystem on /mnt and your boot filesystem on /mnt/boot.
<twb> Does Tor use tun/tap?
<goksu> twb: could we go step by step? at the terminal I do what exactly?
<goksu> I am not that good with the terminal just yet. :)
<twb> goksu: OK, so you should at present have partitions for the root and /boot filesystems.
<friartuck> twb he just booted off live cd.
<twb> friartuck: that's why he needs to mount the disks
<friartuck> goksu do: sudo fdisk -l   and past at pastebin.com
<goksu> twb friartuck I think I need to go step by step. 1. I booted from a livecd 64bit. it booted ok. 2. at the terminal I do what? the sintax escapes me.
<twb> friartuck: it would be better to get /proc/partitions
<friartuck> goksu just cut and paste the output in pastebin.com and hit the send button, then copy and paste the url link in here.
<goksu> http://pastebin.com/d66a1856a
<goksu> thats a cool site. :)
<friartuck> goksu now do: more /proc/partitions
<goksu> http://pastebin.com/d707fd4ec
<goksu> down below the previous post.
<goksu> looks like I need to remake the raid5. I have tried 3 installations and it looks like residue from those.
<friartuck> goksu well, i dunno. try: mount /dev/cciss/c0d0p1 /
<friartuck> oops
<twb> friartuck: er, don't mount it there
<friartuck> not that
<friartuck> twb does he need to make a directory in /mnt ?
<twb> friartuck: I don't bother
<friartuck> twb this is not a production box.
<twb> friartuck: it's only a problem if it's a gentoo livecd
<friartuck> goksu try: mount /dev/cciss/c0d0p1 /mnt
<goksu> friartuck twb it will be a production box when it is properly mounted though.
<friartuck> ha
<goksu> friartuck twb I am at work this is the machine I will transfer my work load to.
<friartuck> goksu if it's mounted, you should see some directories with: ls /mnt
<goksu> friarduck yes it looks like it did mount. I see bin cdrom etc...
<friartuck> goksu do you see boot? ls /mnt/boot
<goksu> friartuck sorry for the typo. :)
<goksu> friartuck ye sit is there.
<goksu> I really need to work on my understanding of the linux file system :/
<friartuck> twb I've only installed grub a few times with gentoo. do you think he needs: grub-install --root-directory=/mnt /dev/cciss/c0d0 ?
<twb> friartuck: yes, that's right.
<twb> friartuck: however check that there's something IN /mnt/boot first
<twb> If that doesn't work, try adding --recheck
<goksu> ok
<friartuck> twb he sees boot in /mnt
<twb> friartuck: well obviously, because the root directory needs an empty dir there so as to mount a separate /boot, if it is a separate filesystem
<friartuck> twb he did regular guided partition. shouldn't be separate
<twb> Fair enough
<goksu> ls /mnt/boot has files in it. also grub.
<goksu> so I go with your command line instruction?
<friartuck> yeah
<goksu> twb friartuck ?
<goksu> ok then. :)
<goksu> friartuck twb I am rebooting now. fingers crossed.
<goksu> friartuck what does you nick mean?
<friartuck> goksu I'm old, single, talk about religion and politics a lot, pot-belly.
<friartuck> goksu friartuck is religious character in Robin Hood.
<goksu> yes wel so? I am 34, working on my pot belly. :) just got married 10 months ago.
<goksu> oh ok.
<goksu> HOOLLYYYSHHHHH.t!! server login: ehehehe
<friartuck> goksu good luck with that. installing grub is easier than woman
<friartuck> goksu yay! thanks for the help twb!
<twb> My workstation used to be called rocinante.
<twb> I was gonna call it bucephalus, but then I thought "let's be fair, pebcak"
<goksu> friartuck twb genii thank you all for your help. I could not have done it without you. :)
 * genii wakes up when his name gets hightlighted
<genii> Ah, got it working then
<genii> goksu: Was the MBR after all then?
<friartuck> genii yes, that post you found did the trick.
<genii> Cool, glad to have been of some service
<friartuck> goksu that was hairy. you deserve some easy installs now!
<goksu> twb: rocinante?
<genii> twb: Nice catch on the  --root-directory=/mnt  part btw (just checked backscroll)
<twb> goksu: look it up
<goksu> friartuck: both need plenty of patience.
<goksu> friartuck: now that I have the server up. I have plenty of more work to do. I'll attack the laptops next. :)
<goksu> so that was the mbr? so the /boot is the name for the mbr and grub the software we installed in it to kickstart the boot sequence of the OS?
<goksu> twb friartuck genii thank you all for the help. any time you come give a heads up well go drinking on me.
<friartuck> goksu ehh, not exactly. grub is installed in mbr and needs to know where /boot is.
<twb> goksu: stop invoking my name, I'm trying to concentrate.
<goksu> t-w/b ok then. :)
<CppIsWeird> is there any package that would setup a ubuntu-server to something similar to m0n0wall or pfsense?
<friartuck> CppIsWeird ipcop and smoothwall are linux equivalent to monowall and pfsense.
<friartuck> CppIsWeird or you can do netfilter by hand: https://help.ubuntu.com/8.10/serverguide/C/firewall.html
<btm> soren: i see your cobbler git branch hasn't seen activity in 9 months. is deploying ubuntu boxes with cobbler (hardware + virt) still on the horizon?
<dei> Anyone here familiar with DNS? I'm wondering - when I use the Dig command if there should always be an Answer section
<dei> well - if the server is working correctly, there should be an answer section... I assume
<friartuck> dei yeah, there should be an answer. try dig @4.2.2.2 www.google.com to see how it should look.
<kraut> moin
<beawesomeinstead> anyone use jaunty's dovecot-postfix? it looks like postfix doesn't use Dovecot deliver properly out-of-the-box ...
<cemc> beawesomeinstead: what do you mean exactly?
 * giovani installs it in his jaunty vm
<cemc> when you install dovecot-postfix it changes the mailbox_command in postfix/main.cf to use dovecot's deliver
<beawesomeinstead> cemc: Postfix doesn't use Dovecot's deliver out-of-the-box, regarding mailbox_command is specified in main.cf. Another thing is that, as was mentioned on Ubuntu Wiki, Dovecot LDA is default LDA, however postfix still tries to lookup users in it's database (which is not specified) -- IMO, missing <local_recipient_maps = > in main.cf
<cemc> default local_recipient_maps is from passwd file as far as I can tell
<giovani> hmm, it installs mysql, but then maps users locally?
<giovani> that's odd
<cemc> huh?
<beawesomeinstead> giovani: it installs mysql-common since dovecot is compiled with auth-via-mysql support
<giovani> beawesomeinstead: ah ... well they should use it
<beawesomeinstead> cemc: i checked, yeah, default auth db for dovecot in pas so yep, default local_recipient_maps makes sense
<beawesomeinstead> *pam
<beawesomeinstead> but still not sure what's wrong with mailbox_command.  dovecot-postfix works smoothly after adding dovecot deliver as a service into master.cf, but...
<beawesomeinstead> * and after adding local_deliver = dovecot in main.cf of course
<cemc> do you get any error messages?
<jpds> kees: Could you possibly look into my merge proposal for apparmor at http://tinyurl.com/c5hjlk ?
<cemc> cemc: I just tried installing dovecot-postfix on my jaunty vm, and sent a mail to the local user, and it got delivered
<beawesomeinstead> cemc: yep. Here is my postconf -n and error message: http://friendpaste.com/6RFbYIJKqjeQLTbAnmhD55
<cemc> beawesomeinstead: does that flashadmin user exists as a unix user?
<beawesomeinstead> cemc: no, flashadmin is a virtual user, notice
<beawesomeinstead> local_recipient_maps =
<cemc> oh, I see. well, it you user virtual users, then the mailbox_command won't work. there's virtual_transport = for that, I think
<cemc> you would set virtual_transport = dovecot, then define that transport in master.cf
<cemc> mailbox_command is for the local delivery agent of postfix (man 5 postconf and search for mailbox_command)
<beawesomeinstead> cemc: ah, a see. just for the record, in my stack i managed to get it working with <local_transport = dovecot> instead of <virtual_transport = dovecot>
<beawesomeinstead> thanks for your assistance!
<yann2> where is the best place to add a script that should run just after a server boots?
<cemc> yann2: you could add the script to /etc/rc.local
<yann2> This script is executed at the end of each multiuser runlevel.
<yann2> so it gets executed how many times?
<yann2> just one?
<friartuck> yann2 here's a good doc: https://help.ubuntu.com/community/UbuntuBootupHowto
<kees> jpds: yup, did it earlier this morning (though I changed your patch around a bit)
<jpds> kees: Oh, didn't see. Awesome, thanks. :)
<kees> jpds: np, thanks for the patch.  :)
<jpds> Does anyone know what the m in requested_mask="::mr" in apparmor is?
<kees> jpds: "man apparmor.d"  it means, basically, map into memory for execution (a shared library)
<jpds> kees: Didn't know that manpage, thanks.
<kees> np :)
<kees> it's mentioned at the bottom of "man apparmor" under "SEE ALSO", though it could probably stand out better.
<jpds> Yeah, I didn't look hard enough.
<kees> all that said, there are still things missing from the apparmor.d manpage (just some new settings, like "deny" and "allow" prefixes) but there's a bug open for that already.
<dustin> ubuntu server edition 8.10 with gui- gnome, is it possible to build and if so how would I do it?
<giovani> dustin: GUIs aren't supported in this channel, yes, you can install the ubuntu-desktop package, which will install everything the desktop would have on top of your server install -- not much point though
<dustin> giovani: is there anything special I need to do to install server 8.10 on a p3 w/256ram
<giovani> dustin: nope, but I highly highly doubt you want to run gnome on that machine
<giovani> 256 MB of ram is not enough for any serious desktop environment like kde/gnome
<giovani> I'd stick to a straight server install -- no gui
<dustin> it ran good as a desktop but when I installed apache with php over ubuntu 8.04 I ran into problems
<giovani> what kinds of problems?
<dustin> have you guys had any problems with the iso's on the ubuntu site, (I cant seem to get one to burn right)
<giovani> you should be confirming that the md5 hash of the file you downloaded matches the md5s provided
<dustin> php and apache didnt play well together being installed after OS
<giovani> to make sure it wasn't corrupt during download
<giovani> php and apache play fine together, it was probably a misconfiguration
<dustin> thats Y I think that using server edition will help fix that (becouse I wont have to mesh them so I wont be the one to mess it up)
<giovani> the desktop and server edition don't have any differences in the apache/php packages they offer
<giovani> so that will not solve your problem
<dustin> how do I test md5 b4 burning?
<giovani> on linux, "md5sum filename.iso"
<giovani> and then compare that number to the one provided on the download mirror
<giovani> dustin: you never needed to manually pack them together, the LAMP package simply installs the same packages you would have otherwise
<friartuck> dustin lamp requires configuration
<dustin> well I think its time to burn this php,apache,mysql all in one book becouse that means that all the info in it is wrong :S
<giovani> there's no need for a book
<giovani> plenty of great documentation on the ubuntu wiki
<giovani> and on google
<dustin> yeah well I am one of those ppl that has a library in my living room and I buy the book then ask why the info is wrong :S
<giovani> well books are not bad ... you just need the RIGHT book
<giovani> which book have you been following?
<dustin> I need to start looking more online before I go to barns and noble
<dustin> its SAMS complete guide to php apache, and mysql all in one
<dustin> ISBN:  978-0-672-32976-0  I think I am going to leave a review with a few bookstores
<friartuck> l.a.m.p. you can get a full time job administering any of those initials. learning all of them takes more than a reading.
<dustin> I am learning this in kindof a crash course fashion
<dustin> :)
<giovani> well ... most jobs involving Apache involve using it with PHP and MySQL :)
<giovani> so, that's why there are books covering the topics together
<giovani> even if they're basic
<dustin> just out of curiosity does anyone know if there is a version of cuda for ati cards that I might be able to use to accelerate my software raid?
<friartuck> giovani true that, but if the environment is large enough there will be specialist for each.
<giovani> friartuck: not in most companies
<giovani> most companies don't hire real specialists -- they hire generalists
<dustin> instalation question: when I install on this computer(I know these #'s are small) I have ane 20gb hdd and one 40gb hdd shold I raid 20gb of both and use the rest for non critical data?
<dustin> of course raid1 for the raid
<friartuck> giovani the qualifier was "large". I worked at a firm that had a dedicated dns group, nothing but bind all day long.
<dustin> or would this be a great waste of time
<giovani> friartuck: yeah, missed that
<dustin> so to raid or not to raid is it a waste of time or would I be able to use it I am going to host 5-15 websites and I dont think that I will be using dns binding
<dustin> I tested the iso and it came out good so I am burning again hoping that it was just a bad disk last time
<dustin> does anyone have an opinion on software raid on a system this small?
<friartuck> dustin lamp like raid is not a trivial topic. it's up to you.
<dustin> I just was wondering if I would see any gain by using it and if anyone else here would opt for or against it on there own system if it were this small
<dustin> in other words is there any point to it or am I waisting time trying to use it (my data isnt that critical)
<dustin> server edition comes with openssh correct?
<giovani> dustin: not until you install it
<dustin> I am just making a list of things to install and things to update while I am here
<PhotoJim> dustin: it's a good idea to make a list of anything you find useful on your system.  then if you reinstall or make a new system you will know what to install.
<dustin> and I want to do this right this time because it is realy agrivating when it doesnt work right
<PhotoJim> dustin: I discovered yesterday that debian lenny doesn't automatically install telnet, which is useful for testing network connections even ify ou don't log into remote systems with it. :)
<dustin> of course I would get I/O errors now that I have advice on how to install :S
<dustin> anybody here like to work with hardware errors ;)
<dustin> I installed this iso on a virtual machine that matched my specs without problems and now that I have the disk I cant get the thing to go grrrr
<PhotoJim> Hardware errors are a real b**ch.
<dustin> especialy after you just removed a working build
<dustin> *not a good working build but working just the same
<PhotoJim> I had some RAM issues with my server at home for awhile.  it took me awhile to figure out the problem.
<PhotoJim> had some data corruption as a consequence.
<dustin> well reset bios to defaults and try again :)
<PhotoJim> It felt amazingly good to figure it out though.
<PhotoJim> good luck.
<PhotoJim> actually, I learned one thing out of my RAM troubles.  my server ran amazingly well with only 192 MB of RAM.
<PhotoJim> and better 192 MB of reliable RAM than 768 of dodgy :)
<PhotoJim> (only one stick was bad, thankfully.  so I ran at 640 a bit until I got another 256M stick.)
<dustin> this server was running with 256mb ram 933mhz proc and 2 hdd newly added-- dvdrom and cdr drives for reload
<mattt> is this channel for people running the server version of ubuntu, or for people running any ubuntu version in a server environment?  :)
<dustin> and the drives are the only change since last load
<PhotoJim> mattt: I don't know for sure, but primarily 1.  2 is welcome I'm sure though.
<dustin> yup we all are running or trying to get running servers
<dustin> so far as I can tell anyway
<dustin> photojim it was the disk ',(
<PhotoJim> dustin:  as in the media?
<PhotoJim> as in the drive?
<dustin> does anyone have a cdrom drive cleaning disk I can borrow (jk) and yes the media was the problem
<dustin> I think my burner has a dirty lens or something
<PhotoJim> entirely possible.
<PhotoJim> laptop or desktop?  laptop drives are easy to clean.
<PhotoJim> desktop drives are trickier.
<PhotoJim> I thought you'd tried multiple drives which is why I wasn't attributing your problem to your drive.
<dustin> desktop and I have plenty of drives to try I will try different ones soon becouse I just tried to verify a known good disk and it failed the md5 test
<dustin> known good as in I just built a working computer with it 2 days ago
<PhotoJim> well I'm glad you figured it out.
<dustin> but at least it didnt give the I/O error
<PhotoJim> at least drives are cheap.  if you need to replace it it isn't a huge problem.
<dustin> actualy I have 5 computers I can canibalize for one
<PhotoJim> yes, I've done that.
<dustin> final count 3 burners 1 dvdrom and 4 cdrom drives
<dustin> my family was complaining about there computers always crashing so I built them a couple that I need to mail out but so long as they are here ;D
<PhotoJim> :)
<PhotoJim> I have a bunch of spare drives.
<PhotoJim> not worth selling.
<PhotoJim> nothiing wrong with a 16x DVD burner.
<PhotoJim> and the 8x in my server does fine, not worth tearing the machine apart to upgrade.
<dustin> well how often do u realy use a cdrom in your server
<PhotoJim> not very often.
<PhotoJim> but once in awhile.
<PhotoJim> people send me DVDs of stuff occasionally.
<dustin> I have my desktop for gaming and media and next to it is the server that just kinda sits there looking good
<dustin> brb switching desktops
<dustin> that feels better
<dustin> I was in kde to help walk someone through something
<Supertanker> Hi, on Ubuntu 8.10 server the libpam-chroot package appears to be roken
<Supertanker> broken
<ivoks> best way to deal with that is to report the bug
<Supertanker> How?
<Supertanker> (Sorry, I haven't done many bug reports)
<ivoks> https://bugs.edge.launchpad.net/ubuntu/+source/libpam-chroot
<Supertanker> Thank you
<mattt> Supertanker: why's it broken?
<ivoks> there's a bug about that already
<Supertanker> I'm loading to see if it's the same one
<Supertanker> I read somewhere it was because it was linked with ld instead of gcc, or something really weird like that.
<Supertanker> Yeah, same bug
<ivoks> https://bugs.edge.launchpad.net/ubuntu/+source/libpam-chroot/+bug/237308
<uvirtbot> Launchpad bug 237308 in libpam-chroot "libpam-chroot broken" [Undecided,Confirmed]
<ivoks> i'll check it in jaunty tomorrow
<ivoks> 'night
<Supertanker> Hah
<Supertanker> Okay, I fixed that bug; now I get "Connection reset by Peer" instantly when I try to ssh to my server with the chroot'd user.
 * Supertanker looks that up too
<Supertanker> Thanks guys.
<mattt> Supertanker: heh, i set this up the other week
<mattt> Supertanker: a few notes ... make sure you mount /dev/pts and /proc
<fevel>             whats a good way to monitor my ubuntu gateway's traffic? I would like to check wich IP is consuming the most bandwidth
<mattt> Supertanker: so, like ... mount --bind /dev/pts /chroot/dev/pts
<mattt> Supertanker: and finally, make sure there is a passwd entry in the chroot for the user you're ssh'ing in w/
<Supertanker> mattt, oooh, I didn't think you needed a proc or the pts
<mattt> Supertanker: this is probably the best resource i found:  http://chains.ch/2008/01/26/chroot-environment-on-debian/
<Supertanker> Thanks
<Supertanker> Eh
<Supertanker> Somehow in my /chroot/dev I only have two files now: 0 and 1
<Supertanker> And I can't remove them
<Supertanker> :o
<Supertanker> You know what, mattt?
<Supertanker> In my /dev/ there's no /pts, but there's a directory called pts
<Supertanker> Is that what I need?
<mattt> yeah
<mattt> a directory called pts under dev :)
<mattt> aka /path/to/dev/pts/
<Supertanker> Ah okay
<mattt> Supertanker: but, i think not having /dev/pts mounted would give you a different error
<Supertanker> mattt, ahh, I see
<Supertanker> PTY allocation request failed on channel 0
<Supertanker> Now I'm getting somewhere :P
<mattt> Supertanker: ah!
<mattt> that's the one :)
<Supertanker> (It turns out I needed to set UsePrivledgeSeperation no in sshd_config)
<mattt> ah, crappy ... the box i'm using (debian lenny) didn't require that
<Supertanker> Huh
<Supertanker> I have /chroot/dev/pts created and it has two files inside
<Supertanker> So why am I getting that error still?
<mattt> hmm
<mattt> let me have a look on my box
<Supertanker> Okay
<mattt> Supertanker: try mount --bind /proc /path/to/chroot/proc
<mattt> Supertanker: btw, those files are probably there because of the --bind, you're remounting your /dev/pts on top of that directory
<Supertanker> ...oh duh
 * Supertanker tries
<Supertanker> Nope :/
<Supertanker> Yeah, I fixed that already
<mattt> your user is defined in the chroot's /etc/passwd, right?
<mattt> and lastly, may want to install udev in the chroot
<Supertanker> Yes to the first and I'll try that in a bit for the second
<mattt> wait
<Supertanker> ?
<mattt> i just removed udev from my chroot and it still works ... sooo
<mattt> the only last suggestion i have is ... to verify your /etc/security/chroot.conf file
<mattt> Supertanker: what does your chroot line look like?
<Supertanker> Just a sec
<Supertanker> It appears to be valid
<Supertanker> The last entry into the auth.log is "preparing to chroot()"
<Supertanker> After saying it found the chroot_dir, etc, etc.
<Supertanker> I could just try doing ./makedev generic and seeing if it's a device problem or not
<mattt> sec
<mattt> can you copy the line from chroot.conf?
<mattt> cuz that caught me out too
<Supertanker> What line?
<mattt> where you define your user's chroot
<Supertanker> It's just 'sentharn           /chroot/home/sentharn'
<mattt> that's the problem
<mattt> change it to
<mattt> sentharn /chroot
<Supertanker> Ahhh
<mattt> that wasn't clear to me either :)
<Supertanker> Well we got a step closer
<Supertanker> Now it doesn't kick me out
<Supertanker> But it still says PTY failed
<Supertanker> Oh duh
<Supertanker> That's because I have no pts
 * Supertanker recreates it
<Supertanker> Boooh-yah!
 * Supertanker hugs mattt 
<Supertanker> Thanks!
 * mattt cheers
<mattt> sweet
<Supertanker> Hmmm
<Supertanker> Is /proc really necessary?
<Supertanker> It'd be kind of nice if I didn't have to put it in the chroot
<mattt> don't think so
<mattt> but then you can't ps, df, etc.
<mattt> actually, try to unmount and see if you can still ssh in, not 100% sure
<Supertanker> It closes the connection as soon as I log in if I try without it
<Supertanker> I don't think it likes not having it much.
<uvirtbot> New bug: #351275 in mysql-dfsg-5.0 (main) "AppArmor rules cause tmp table problem" [Undecided,New] https://launchpad.net/bugs/351275
#ubuntu-server 2010-03-29
<lamont> kirkland: around?
<lamont> libvirt vs windoze xp pro, drive C becomes readonly as of recently, was working a few days back
<lamont> (lucid) - wtf?
<lamont> wandering back and forth, so laggy
<uvirtbot> New bug: #550578 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/550578
<ryanakca> ... is there any reason why, under Lucid, I get a bunch of 000 executables in /sbin and /usr/sbin ? http://paste.ubuntu.com/405041/
<Parabola> sup guys
<ryanakca> ... I mean, I just reinstalled upstart and it is "12K ---------- 1 root root 9.3K 2010-03-17 19:38 /sbin/runlevel"
<ryanakca> Filesystem problems?
<zagabar_> Hello.
<zagabar_> I have an ubuntu server and I recently got vnstat. Then I saw that my server is like constantly sending data. Approx 200 mb per hour is transmitted. Almost nothing is reiceved. I have no idea what this transmission is. How can I check it? It is a command line only serve.r
<CBebop> I have an issue with Lighttpd not being able to use port 80
<CBebop> saying it is in use
<CBebop> but I have no processes using port 80 and I cant find why it would be in use
<lamont> kirkland: interesting - 'twould appear that the issue was windoze vs self
<CBebop> only happened after a reboot, used to work just fine, I am using Ubuntu Server 10.04
<jeffesquivel> zagabar_, iptraf ?
<CBebop> I dont have a lot of experience with this, but lighttpd is set up correctly as far as I know, and works fine if i specify a different port like 81
<pmatulis> CBebop: so something else may be bound to port 80, please investigate
<jeffesquivel> CBebop, can you try doing telnet localhost 80  on a terminal on your server?
<CBebop> netstat -lntp showed nothing bound to port 80 is why I came here, I coulndt find much online but I most likely wasnt using the right words
<jeffesquivel> CBebop, how about telnet localhost 80 ?
<CBebop> connection refused
<jeffesquivel> CBebop, hmm... do you have the error message provided by lighthttpd?
<CBebop> one sec
<CBebop> jeffesquivel: 2010-03-28 20:45:44: (network.c.345) can't bind to port: :: 80 Address already in use
<jeffesquivel> CBebop, really strange
<CBebop> I know =/
<jeffesquivel> CBebop, what about lsof -i :80 ?
<CBebop> Woa
<CBebop> rtorrent 1369 cbebop  146u  IPv4  24225      0t0  TCP 192.168.1.141:56440->180.190.169.26:www (ESTABLISHED)
<CBebop> That shouldnt be using that port at all
<CBebop> I wrote the config file myself
<CBebop> Killed rtorrent, re-ran the lsof command with no response and still port 80 lock from lighttpd startting
<jeffesquivel> CBebop, yep, that seemed like an a connection to a remote 80 port
<jeffesquivel> not the local one
<CBebop> Ahh
<FireCrotch_> CBebop: are you sure you don
<CBebop> That would make sense, a tracker connection
<FireCrotch_> 't have a rogue apache or something?
<CBebop> Apache shouldnt be running, I disabled it on start (Ubuntu installed it when i upgraded from 9.04)
<CBebop> its not in the process list at all
<jeffesquivel> CBebop, could it be that you have the port used but on ipv6?
<CBebop> Maybe, inadvertantly
<CBebop> let me double check for ipv6 stuff in lighttpd
<jeffesquivel> CBebop, I just read that lighthttpd first binds to port 80 on ipv4 and then on ipv6 addresses
<jeffesquivel> CBebop, it may bind correctly on the first and then fail on the other one... and the error is the same
<CBebop> I removed ipv6 from the config file and it started fine from the init.d script. I wonder why it just suddenly broke. Must have been an update to ligttpd that I missed.
<jeffesquivel> CBebop, so it is working now/
<jeffesquivel> ?
<CBebop> I should pay closer attention. THank you very much for your help jeffesquivel and FireCrotch_
<CBebop> Yeah
<CBebop> Binds ipv4 just fine
<jeffesquivel> CBebop, ok, great... I was running out of ideas here, he he :-)
<CBebop> Must be a bug in the updated version from repositories
<CBebop> that could be my only guess
<jeffesquivel> CBebop, yep... if you get to the root of the problem, and it applies, please file a bug
<jeffesquivel> well, gotta go... bbl
<Roxyhart0> hi there somebody know any free software do do backup from windows/mac clients in a linux samba server?
<aetaric> Roxyhart0: mac has native backup support
<aetaric> and you can store them on samba servers by turning on a setting in the time machine prefs
<Roxyhart0> mmm...i will chek it...thanks
<aetaric> windows has a backup solution too. there is/was a backup program
<aetaric> but you will have to setup scheduling
<Roxyhart0> yes, i just was wondering if there are any free software client/server
<aetaric> !info bacula
<ubottu> bacula (source: bacula): network backup, recovery and verification - meta-package. In component main, is optional. Version 2.4.4-1ubuntu9 (karmic), package size 52 kB, installed size 96 kB
<aetaric> maybe
<Roxyhart0> thanks a lot! i will check it
<aetaric> no problem
<uvirtbot> New bug: #550629 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: package samba-common is already installed and configured" [Undecided,New] https://launchpad.net/bugs/550629
<Sam-I-Am> hmmm
<Sam-I-Am> anyone here notice ldap is STILL broken in lucid?
<Sam-I-Am> glad to see no ones bothered to fix that in oh... 7 months since i reported the bug
<twb> Isn't that because it's an important bug?
<Sam-I-Am> yeah thats why it gets ignored :)
<twb> Whereas some gnome icon being misaligned by 2px gets priority #1
<Sam-I-Am> but i bet if there was a problem with EC it'd get some attention
<twb> Ha
<Sam-I-Am> no offense, but this being an LTS release you'd think people would want to fix these server-related bugs
<Sam-I-Am> glad i'm not the only one who feels this way
<Sam-I-Am> told my ubuntu lucid box to use ldap and now i'm locked out
<Sam-I-Am> oh, and i cant even get into grub anymore because someone broke that too
<twb> I'm only using Ubuntu because 1) apparently, the customers ask for it by name; and 2) it's still better than CentOS.
<Sam-I-Am> so i had to boot off the damn CD
<Sam-I-Am> well, hardy LTS was pretty damn solid
<Sam-I-Am> had to backport a few things, but the general stuff worked
<Sam-I-Am> oh, apparently i dont get to see what happens when my machine boots anymore... instead i get some splash screen which runs at what feels like 9600 baud on a framebuffer device :/
<twb> There's apparently this "plymouth" crap that tries to start X during boot or something
<Sam-I-Am> yep
<Sam-I-Am> i tried removing it... and bad things happened
<Sam-I-Am> none of the standard methods i know to turn my console back to 80x25 acually work
<Sam-I-Am> either it gets ignored or it doesnt boot
<twb> Oh, because it's loading vga16fb
<twb> I had that problem, too.  In the end I removed the video card and used serial
<twb> It's REALLY annoying, because on my hardware all it does is switch from an 80x25 I can read to an 80x30 I can't.
<Sam-I-Am> twb: heh
<Sam-I-Am> glad someone else here is feeling the love
<Sam-I-Am> https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/423252
<uvirtbot> Launchpad bug 423252 in sudo "NSS using LDAP on Karmic breaks 'su' and 'sudo'" [Unknown,Confirmed]
<Sam-I-Am> theres my bug... reported before karmic was released
<twb> Sam-I-Am: use "files ldap" not "ldap compat".
<twb> Sam-I-Am: does the problem magically go away?
<Sam-I-Am> twb: ldap needs to be first...
<twb> Sam-I-Am: why?
<Sam-I-Am> so root can be in ldap
<twb> Oh, I missed that point.
<Sam-I-Am> yeah, security policy says centrally managed root accounts... except for an 'emergency' password
<twb> I'm amazed that *ever* worked
<Sam-I-Am> wasnt a problem until karmic
<Sam-I-Am> and even then i can log in as root fine, its just none of my users can use sudo or su
<twb> Have you taken this upstream, to Debian?
<Sam-I-Am> so if you dont enable your root account in ubuntu before configuring ldap, you lock yourself out
<Sam-I-Am> debian doesnt seem broken
<twb> OK, so what is different between Debian and Ubuntu wrt. nss or sudo?
<Sam-I-Am> i... wish i knew
<twb> You can find out from the PTS pages
<Sam-I-Am> best i can tell this is a regression problem with whatever version of glibc ubuntu uses
<twb> e.g. http://packages.qa.debian.org/s/sudo.html
<Sam-I-Am> yeah, i dont think this is sudo specific
<twb> At the bottom of the page is an "ubuntu" section with a link to the diffs
<twb> Sam-I-Am: so check nss the same way
<Sam-I-Am> since the error message comes out of the kernel
<Sam-I-Am> or something deep within
<twb> Where's the kernel message there?
<Sam-I-Am> this thing...
<Sam-I-Am> setreuid(ROOT_UID, user_uid): Operation not permitted
<Sam-I-Am> is something very deep in the OS
<Sam-I-Am> since su gets the same error
<twb> Um, that's not a kernel message (as in printk/dmesg)
<Sam-I-Am> so not really kernel, but definitely base libraries
<Sam-I-Am> yeh
<twb> setreuid(2) is a system call
<Sam-I-Am> yeah, thats what i meant
<Sam-I-Am> so anything that uses it gets bonked
<Sam-I-Am> which is why i dont think its specifically sudo or su related
<twb> Is the UID of the root account in LDAP 0?
<Sam-I-Am> yes
<Sam-I-Am> and right now i dont even have a root account in ldap
<Sam-I-Am> for testing
<twb> Then I'd say you need to investigate pam, nss and/or libc.
<Sam-I-Am> i'm trying to get libnss-ldapd working here
<Sam-I-Am> which might eliminate nss
<twb> nss will still be needed, but if it works then you know the fault is in libnss-ldap
<Sam-I-Am> of course, i kinda hoped someone with a bit more experience than me with the ubuntu internals would have looked at this bug
<twb> You could also try #openldap for ideas
<Sam-I-Am> since it effectively renders lucid DOA for anyone with enterprise/centralized auth
<twb> Well, here we do not put root in ldap, because that would be stupid.
<Sam-I-Am> why?
<twb> It would mean that a network failure would turn into a boot failure
<Sam-I-Am> it should use the local account if ldap fails
<Sam-I-Am> thats how it works here
<twb> So you have *two* accounts with UID=0?
<Sam-I-Am> yep
<twb> Suggest you look at sash, which does something similar, but strictly within the flat files
<twb> See if it is broken, maybe
<Sam-I-Am> well, right now i have no root account in ldap
<Sam-I-Am> so theres only the local account
<twb> But yeah, the way I would do it would not be to have a root account with a password in LDAP, but rather to use ssh keys everywhere, with puppet to add/remove keys from /root/.ssh/authorized_keys
<twb> Sam-I-Am: is nscd installed?  If so, it might be caching the LDAP account
<Psi-Jack-> puppet?
<Sam-I-Am> not using nscd
<Sam-I-Am> it causes other problems in general
<twb> Sam-I-Am: nod.
<twb> Psi-Jack-: cfengine NIHd by ruby wankers
<Sam-I-Am> although people have reported its a 'workaround'
<twb> Sam-I-Am: I think they're on acid
<twb> Installing nscd should BREAK things, not fix them.
<Sam-I-Am> yep
<twb> I suspect more likely is that they installed nscd and then broke it, but nscd kept it working for a little while
<Sam-I-Am> meh
<twb> Sam-I-Am: let me know if you figure it out
<twb> I'll probably be migrating to 10.04 in about three years :-/
<Sam-I-Am> heh
<Sam-I-Am> apparently there is a debian bug for this...
<Sam-I-Am> getting the same level of attention
<Sam-I-Am> what'll be funny is if this is a glibc problem... and it eventually works its way into redhat
<twb> Sam-I-Am: what ticket number?
<Sam-I-Am> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545414
<uvirtbot> Debian bug 545414 in sudo-ldap "sudo-ldap: sudo fails with "sudo: setreuid(ROOT_UID, user_uid): Operation not permitted" for ldap users" [Important,Open]
<twb> Sam-I-Am: Debian and Ubuntu run eglibc, which isn't glibc.
<Sam-I-Am> yeah my bad
 * twb subscribes to that ticket via the command-line.
<twb> Pity nobody has ITPd those launchpad CLI tools to Debian yet.
<ScottK> twb: launchpadlib and ubuntu-dev-tools are in Debian.  Which did you mean?
<twb> ScottK: hmm, maybe that happened since last I looked
<twb> ScottK: basically I want an exact equivalent to bts(1) for malone
<ScottK> twb: I'd love to have one of those too.  I don't thin it exists.
<ScottK> thin/think
<ScottK> I'd particularly love bts show <bugnumber>
<twb> I wrote one for roundup, which was fun.
<twb> Bug #123456
<uvirtbot> Launchpad bug 123456 in xine-lib "podcast crashes amarok" [Undecided,Fix released] https://launchpad.net/bugs/123456
<twb> ScottK: do you need bts show -m, or just bts show?
<ScottK> bts show
<twb> http://paste.ubuntu.com/405677/ <-- barebones version
<twb> Probably even just a .bashrc of: mal () { ${BROWSER:-sensible-browser} https://launchpad.net/bugs/$1; }
<ScottK> Right.  Seems like it'd be nice for ubuntu-dev-tools.
<twb> Eventually it should look something like http://code.haskell.org/~twb/ru/ru
<ScottK> There are a number of nice one liners in there.
<twb> I haven't bothered because it's easier to reproduce problems on Debian and use reportbug and bts.
<ScottK> Right, I want it more for when I see a bug number somewhere but don't want to fire up a browser and manually hunt through the LP U/I.
<twb> ScottK: so what should it do, if not fire up your browser?
<ScottK> twb: It does.  It's just an easy way to fire it up going directly to the right URL without having to deal with navigatin LP or remembering the URL pattern.
<twb> ScottK: OK, no worries.
<twb> Ugh, ubuntu-dev-tools doesn't have manpages for some/all of its binaries.
<twb> Haha, and ubuntu-iso crashes when I try to call it with --help, because genisoimage isn't installed :-)
<Sam-I-Am> the fun never ends :)
<osmosis> why does the lucid installer, when creating a software raid, create a separate /boot that is not on the raid?
<twb> osmosis: there's a guided install option for software raid now?
<osmosis> twb, not part of guided partitioning, but it does have it in the installer without having to drop to the CLI. Its part of the "manual partitioning" option.
<twb> Um, manual partitioning is manual.
<twb> It shouldn't be doing anything you don't tell it to
<osmosis> twb, yah i see. it was guided LVM. not raid.
<twb> osmosis: the bottom line is that bootloaders historically have trouble with LVM and md RAID (except RAID1).
<twb> Even now, it is flaky to do it.
<osmosis> twb, i might create a 4 disk raid1  for /boot  and then a 4 disk raid10 for root
<twb> osmosis: what, are you hosting a database?
<osmosis> twb, nah, just for fun. to push the limits. some qcow2 files
<twb> Otherwise, s/raid10/raid5/ and that's what I do.
<twb> 256MB RAID1 /boot, everything else is a RAID5 LVM, and then allocate 2 or 4GiB to /, $bignum for /home, and leave the rest of LVM unallocated.
<osmosis> twb, actually testing the concept in a virtual machine with 4 virtio disks
<osmosis> 4 qcow2 files to make a raid10
<jeffesquivel> hi, which is the official ubuntu way to have HA?
<uvirtbot> New bug: #531409 in vmbuilder "vmbuilder xen ubuntu completely borked" [High,Confirmed] https://launchpad.net/bugs/531409
<twb> jeffesquivel: what does the ubuntu-serverguide say abuot it?
<jeffesquivel> twb, sorry... asked to quickly, already on the Ubuntu's HA Team wiki, thanks anyway :-)
<jeffesquivel> sometimes I just get excited about a topic and ask before doing my reading, he he
<Ichat> could anyone plz help me with installing a headless torrent (client)  on   10.04 server   ebox.1.5
<Ichat> im really kind of  Lost,
<twb> headless, or GUI-less?
<Ichat> webgui
<twb> Last time I looked rtorrent was an acceptable bittorrent client, with an ncurses UI.
<twb> Ichat: searching aptitude for tags "bittorrent" and "web" turns up torrentflux.
<Ichat> its a home-server kind of system,  no monitor,   all goes via  ebox (or webmin),  the problem is,  that   for whatever reason,
<Ichat> when i install   transmission daemon  (has a webui),    i cant get it to work outside of    localhost.
<twb> Ichat: that's probably because transmission doesn't listen to anything but localhost by default, for security reasons.
<twb> Ichat: find transmision's configuration file, and change that.
<Ichat> in previous versions i had to change its config.json      in   /etc/transmission-daemon/settings.json     but now there is a settings file  in /etc/t ......mon/settings.json      and in   home/username/.config/settings.json     and in one other place
<Ichat> the problem is,   what is the real file and what is not
<Ichat> than i tried to change,  its setup params  in   /etc/default/transmission-daemon     to load a  config-dir  param  but it just plainly ignored that
<Ichat> same prob with  8.04   9.10
<Ichat> and i have no clue to what im doing wrong
<twb> I don't use bittorrent, so I can't help you
<Ichat> :) i wish i didn't either :$
<Ichat> but its realy usefull for sharing lage files (sutch as  renderings (3d pictures)
<twb> If you say so
<twb> If it was strictly between two peers, I'd use socat or scp.
<uvirtbot> New bug: #545384 in autofs (main) "automatic mounting of removable devices doesn't work in KDE" [Undecided,New] https://launchpad.net/bugs/545384
<twb> I'll say this for Ubuntu: it's not SLES.
<Omahn> Hurray for the Solaris 10 license change. Makes justifying Ubuntu *much* easier.
<Jeeves_> :)
<andol> Omahn: What license change?
<joschi> andol: solaris 10 could be downloaded for free. oracle now changed the license, so you need to buy a support contract from them in order to use solaris 10. otherwise you need to delete it after 90 days
<twb> Is sol10 the same as opensol10?
<joschi> twb: no
<twb> What's the difference?
<joschi> twb: http://blogs.sun.com/jimlaurent/entry/faq_difference_between_opensolaris_solaris
<twb> Thank you.
<twb> Looks to be a similar breakdown to RHEL vs. Fedora.
<joschi> twb: basically yes
<twb> I'd go insane without dpkg/apt and a GNU userland.
<twb> That and the QA from debian-policy/lintian/debbugs
<lifeless> joschi: got a link to oracles announcement ?
<lifeless> twb: there is nexenta, but it might be terrible, I don't know anyone that has used it in anger.
<twb> I'm not touching nexenta until the dpkg and nexenta people settle their differences.
<twb> If it was actually Debian GNU/kSol, I'd certainly try it.
<joschi> lifeless: http://www.sun.com/software/solaris/popup.jsp?info=17
<joschi> lifeless: "Please remember, your right to use Solaris acquired as a download is limited to a trial of 90 days, unless you acquire a service contract for the downloaded Software. "
<joschi> lifeless: http://www.cuddletech.com/blog/pivot/entry.php?id=1120
<andol> joschi: thanks
<uvirtbot> New bug: #550749 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.6 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 2 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/550749
<jiboumans> morning
<maxagaz> hi
<RoyK> hi all. this cloud thing, is that a replacement for general virtualization? if so, what does it use? kvm?
<Cromulent> RoyK: no
<RoyK> Cromulent, no what?
<Cromulent> no it isn't a replacement for general virtualisation
<twb> RoyK: cloud computing is a NIH reinvention of some of plan 9's functionality :-)
<RoyK> Cromulent, then what is it, really? I don't get it...
<twb> RoyK: it's a way to rent time on big iron, like you used to do back in the 60s.  The only difference is that now it's an HPC cluster instead of an actual big iron.
<twb> RoyK: http://en.wikipedia.org/wiki/Cloud_computing
<RoyK> well, it sounds like virtualisation to me
<RoyK> I've read that
<twb> RoyK: it leverages virtualization, but for a different goal.
<twb> If you have one server and one VM, it would be meaningless to deploy cloud infrastructure.
<twb> The point of cloud computing is when you have >>1 hardware node and >>1 VM.
<RoyK> well, of course :)
<RoyK> I was just thinking if cloud in-house computing could be a neat replacement for something like XenServer
<RoyK> we have like five machines with 30 VMs
<twb> That really depends on whether the benefit of load balancing VMs across the HNs is worth the hassle of configuring it.
<RoyK> sorry, what's HNs?
<Cromulent> hardware nodes
<RoyK> ok
<maxagaz> how to get the uuid of a device ?
<twb> The things with the wires and electrickery.
<RoyK> can ubuntu clouds failover a VM from one HN to another?
<twb> maxagaz: udev has a thingy
<twb> RoyK: that's the *point* of a cloud
<RoyK> k
<twb> RoyK: without that, it'd just be virtualization
<RoyK> so what is it using for virtualisation? kvm?
<twb> RoyK:
<twb> RoyK: NFI.  Probably whatever you want.
<Cromulent> the real benefit of clouds hasn't yet been realised on ubuntu yet imo which is having instances span multiple hardware nodes
<maxagaz> twb, udevadm info --query=all doesn't work
<RoyK> Cromulent, I guess you'll need a pretty cool infiniband network in the back for that to be efficient
<maxagaz> for example, how to get the uuid of all my device ?
<maxagaz> like, sda1 uuid, sda2 uuid...
<Cromulent> RoyK: not really it just makes development of distributed applications somewhat simpler - if you present the resources to the application as one machine yet have the distribution handled in the background
<maxagaz> twb, ok, I found this : blkid
<Cromulent> most computationally heavy distributed apps work over the internet currently anyway
<Cromulent> its just removing the setup from the application developer and putting it in the OS developers hands / cloud layer developers hands
<Cromulent> that is why you have technologies such as OpenMP
<Cromulent> or MPI rather
<maxagaz> what does the last '2' means in fstab: "/dev/sdb1 /mnt/extra ext3 defaults 0 2" ?
 * RoyK throws maxagaz a "man fstab"
<RoyK> hm. ic. is it possible to have redundant cloud controllers as well?
<Cromulent> probably - I don't run my own cloud though so you'll be best off waiting for someone else to confirm - it would seem like a large oversight to not allow them though if you ask me
<nucc1> how can i set my server's hostname permanently?
<jeffesquivel> nucc1, change it on /etc/hostname then on /etc/hosts then $ sudo hostname new_hostname
<vishalbelsare> I have a question regarding EBS. If I have use a Ubuntu EBS Boot AMI, i.e. the root disk is EBS based, do I incur the IO charges for EBS just for using that instance too? or is this applicable only to EBS volumes mounted on a running instance?
<nucc1> jeffesquivel, thanks
<jeffesquivel> nucc1, no problem
<bronto2> i think i somehow unistalled part of ssh server, cant connect to the remote machine, any solutions other than calling the main admin?
<jeffesquivel> bronto2, do you have any other remote access service (telnet, vnc, etc.) ?
<bronto2> jeffesquivel, is there something thats enabled by default on ubuntu-server? (only ftp is working)
<jeffesquivel> bronto2, don't think so
<nucc1> jeffesquivel, are you familiar with postfix?
<jeffesquivel> bronto2, are you sure you messed up your ssh? or could it be that your current ip is being blocked by something like fail2ban or denyhosts?
<bronto2> ok, now if i have to mail the main admin, what is the command to reinstall the entire ssh thingy?
<jeffesquivel> nucc1, it has been a long time since I had to admin a postfix server
<jeffesquivel> nucc1, why?
<bronto2> jeffesquivel, i belive its ssh proble, this is intranet
<nucc1> jeffesquivel, my problem may be in postfix, or it may be dns. let me explain.
<bronto2> *problem
<jeffesquivel> bronto2, ok then
<nucc1> jeffesquivel, i have a domain hosted on a shared hosting platform, and a linode node to which there is an A-record pointing to a web app running there.
<bronto2> sudo apt-get remove ssh && sudo apt-get install ssh should fox things?
<bronto2> *fix
<nucc1> jeffesquivel, the problem is this: when the linode instance tries to send a message to addresses on the shared-hosted domain, it gets rejected with "sender verification failed"
<nucc1> jeffesquivel, would it help if i told you the domain and subdomain?
<jeffesquivel> bronto2, you can try sudo apt-get --reinstall install ssh
<bronto2> jeffesquivel, thanks
<jeffesquivel> bronto2, no problem
<jeffesquivel> nucc1, any more information on what type of verification?
<nucc1> sender verification
<nucc1> i can paste the log
<jeffesquivel> nucc1, I mean, IIRC there are several methods to do sender verification
<jeffesquivel> nucc1, ok
<nucc1> jeffesquivel, lemme pm you the link
<jeffesquivel> nucc1, hmm... let me see if I understand correctly
<jeffesquivel> nucc1, you have a web app installed on the same server as your postfix
<nucc1> yes.
<jeffesquivel> nucc1, and you want your webapp to be able to send e-mail msgs
<nucc1> it sends the messages alright.
<nucc1> jeffesquivel, the setup is like this
<nucc1> the main website is on domain.com
<nucc1> the webapp is on a linode virtual server: node.domain.com
<nucc1> when the web app tries to send email to an address@domain.com , the email gets rejected
<nucc1> jeffesquivel, for the reason in the log.
<nucc1> jeffesquivel, other email servers seem to work fine. i've tested Yahoo and Gmail.
<jeffesquivel> nucc1, I see...
<jeffesquivel> nucc1, well the error message you are receiving (550) usually means that the user you are trying to send mail to doesn't exist (at least not on that domain)
<nucc1> jeffesquivel, i think it says that the user I am sending the mail as cannot be verified
<nucc1> and for the life of me, i don't know how to make my postfix instance reply acknowledge the verification requests
<jeffesquivel> nucc1, well... you see the part where it says: "550 Sender verify failed (in reply to RCPT TO command"
<jeffesquivel> RCPT TO is the SMTP command which defines the recipient not the sender
<jeffesquivel> nucc1, you're getting bounced when you specify when you want to send the message to not when you say who you want to send it as
<merlijn-> quick question, for how long will the 9.10 server release be supported?
<nucc1> merlijn-, 18 months, i guess
<jeffesquivel> s/when you want/who you want/
<merlijn-> 18 months? desktop even gets 2 years
<nucc1> merlijn-, lts releases are the ones that get 2 years.
<nucc1> merlijn-, that is, 8.04, 10.04
<merlijn-> lts server get 5 years
<merlijn-> I found that here: https://wiki.ubuntu.com/
<nucc1> jeffesquivel, is it possible that the domain.com mail server rejects the email with a false message? cos the addresses exist.
<nucc1> i just sent my gmail address an email with the same postfix config.
<nucc1> jeffesquivel, also, i get confused where it says "status verification failed for root@..." cos that is the user I am sending the email as
<nucc1> merlijn-, lts releases get 5 years, non-lts releases get 18 months.
<jeffesquivel> nucc1, hmm... I just read a little bit more about that error message
<jeffesquivel> nucc1, it is also used to deny relay access
<nucc1> jeffesquivel, i don't know why it tries to relay...
<jeffesquivel> nucc1, which means, the machine your sending the mail to thinks you want to use it as a relay server and is bouncing you
<nucc1> jeffesquivel, is what you read on the net?
<jeffesquivel> nucc1, yes...
<nucc1> where's the link?
<nucc1> jeffesquivel, does that mean that i'm effectively hopeless?
<jeffesquivel> nucc1, http://www.eudora.com/techsupport/kb/1593hq.html
<jeffesquivel> nucc1, don't think so... gimme a sec
<jeffesquivel> nucc1,
<jeffesquivel> I just tried to do the same thing your server is doing but manually (telnet to port 25)
<nucc1> yea
<jeffesquivel> this is the message I get
<jeffesquivel> 550-Message rejected because (vertex.tellantservices.com) [201.191.183.183] is
<jeffesquivel> 550 blacklisted.
<nucc1> whew!
<jeffesquivel> but now, that's my IP
<jeffesquivel> you should try from your server to see if that's the case for your IP too
<jeffesquivel> most probably, it is
<nucc1> jeffesquivel, vertex.tellantservices.com is not 201.191.183.183 !
<jeffesquivel> nucc1, I know...
<jeffesquivel> nucc1, that's why I told you that you should try from your server
<jeffesquivel> nucc1, most probably your server's ip is blacklisted too
<nucc1> hey, how do i specify recipienet address?
<jeffesquivel> RCTP TO:
<jeffesquivel> nucc1, http://www.earthinfo.org/example-smtp-conversation/
<nucc1> lol. too many unrecognized commands. connection closed... lemme google for a quick tutorial :d
<nucc1> jeffesquivel, here's what it told me: rcpt to: fanen.ahua@tellantservices.com 550-verification failed for <fanen@vertex.tellantservices.com>
<nucc1> no such user here. sender verify failed.
<jeffesquivel> nucc1, well.. good news, you're not blacklisted... it's just me :-)
<nucc1> jeffesquivel, i'd have been puzzled, cos its a relatively fresh install :d
<nucc1> with a new IP :d
<nucc1> jeffesquivel, the message is quite confusing though. it says 550-verification failed for fanen@vertex.tellantservices.com
<nucc1> which to me means that vertex.tellantservices.com did not acknowledge that it knew such a user
<jeffesquivel> nucc1, did you used fanen@vertex... as your MAIL FROM:  ?
<nucc1> jeffesquivel, yes.
<jeffesquivel> nucc1, what happens if you use a different domain on your MAIL FROM:?
<nucc1> jeffesquivel, let me use the main domain now.
<jeffesquivel> I mean something which doesn't has tellantservices.com in it
<nucc1> ha ha. ok. tellantservices.com just told me 451 temporary local problem... please try later
<nucc1> jeffesquivel, it says 550 currently not permitted to relay through this server
<jeffesquivel> nucc1, really weird... you changed just the MAIL FROM not the RCTP TO, right?
<nucc1> jeffesquivel, yeap
<nucc1> wonder why it doesn't say that for tellantservices.com domains.
<nucc1> i mean vertex.tellantservices.com
<nucc1> and since it's a shared host, our options seem quite limited
<jeffesquivel> nucc1, the weird thing is that tellantservices.com shouldn't be trying to relay anything when receiving mail to @tellantservices.com addresses
<nucc1> so it's a craptastic mail config on a shared host. explains why some people despise shared hosts...
<nucc1> and leaves me unable to explain why stuff isn't working.
<nucc1> :(
<jeffesquivel> nucc1, yeah, I don't like not being able to understand stuff... he hehe
<jeffesquivel> nucc1, hmm... let me try something from a different IP... gimme a sec
<nucc1> ok. i'm here :)
<jeffesquivel> nucc1, so I guess you have previously send an e-mail to fanen.ahua@tellantservices.com from some other service and it works ok, right?
<jeffesquivel> actually, I should be able to try that
<jeffesquivel> nucc1, yep... just as I thought
<jeffesquivel> nucc1, tellantservices.com is misconfigured
<nucc1> jeffesquivel, that is my actual email, which works.
<jeffesquivel> nucc1, I cannot send e-mail to it even from my regular gmail account
<jeffesquivel> nucc1, I just tried to send a message and it bounced me with the same message we are getting
<nucc1> jeffesquivel, hmmm. maybe i should propose we close that account. use google apps for email, and host the website on linode altogether.
<nucc1> oh boy.
<jeffesquivel> nucc1, sounds like a good idea... he he
<jeffesquivel> nucc1, did you tried to send an e-mail to that account from another account? did it worked?
<jeffesquivel> nucc1, anyway, back to your original problem... I think it may be possible that tellantservices.com thinks it is also the mail server for vertex.tellantservices.com (don't know if that's even possible, I'm just guessing)
<nucc1> jeffesquivel, we've been using it as office email,
<nucc1> jeffesquivel, yes, i suspect that. but there's no way to fix that...
<nucc1> that i can think of :(
<nucc1> i'm actually looking at the pricing for google mail now
<jeffesquivel> nucc1, yep... agree with you on that one
<nucc1> jeffesquivel, googleapps wants to sell you the whole shebang for $50/user/year. which is just overkill.
<jeffesquivel> nucc1, but it is free if you have less than 50 users
<nucc1> jeffesquivel, it doesn't say so. i know it used to be that way.
<jeffesquivel> nucc1, gimme a sec
<nucc1> jeffesquivel, i really appreciate your time and assistance
<jeffesquivel> nucc1, http://www.google.com/apps/intl/en/group/index.html
<jeffesquivel> nucc1, I think that's the link to the standard edition which should still be free
<nucc1> it was only showing me the business page :)
<nucc1> yes, seems to.
<nucc1> i'll recommend a move in the next meeting.
<jeffesquivel> nucc1, ok
<tyska> hello guys
<tyska> someone here use UEC?
<tyska> i wanna know how can i set Real IP Addresses to virtual machine. is this possible
<tyska> ?
<tyska> hello? someone is there?
<zul> soren: vmbuilder in lucid seemed to be fubared
<tyska> hello guys
<tyska> someone who uses UEC is online?
<ttx> tyska: yes
<tyska> ttx: how can i assign a real ip address to a vm instance of my cloud? is this possible?
<uvirtbot> New bug: #548883 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/548883
<ttx> tyska: define "real IP address"
<ttx> tyska: public IPs are assigned through VNET_PLUBLICIPS in eucalyptus.conf
<ttx> I mean, VNET_PUBLICIPS
<tyska> ttx: i need a IP that is reachable from any computer in the Internet, and not just the computers on the subnet of a LAN
<tyska> ttx: did you understand?
<ttx> tyska: the CC will assign public IP addresses from its public-facing network interface. If that is connected directly to the Internet, then it will serve reachable addresses...
<ttx> Otherwise you'll have to do some NAT
<ttx> so that the address from the VM can be reached through another one
<tyska> and with nat i just put the NAT rules on the CC right?
<RoyK> can I mix amd and intel machines in a cloud, possibly at different speeds, and the cloud will balance it all as best as it can?
<ttx> RoyK: by cloud you mean... UEC ? EC2 ?
<ttx> tyska: again, depends on where you put your CC. The machine doing NAT needs to be reachable
<RoyK> uec - that is - I thought they were the same
<tyska> yes, understand
<ttx> RoyK: you can mix, however, eucalyptus counts in "cpus", it does not look into how fast they go
<RoyK> ok, so tossing in an old P4 1,8 might be disasterous ;)
<ttx> RoyK: so if you have a very slow quad-core and a very-fast 8-core, it will still see 12 "cpus"
<ttx> RoyK: I think so, haven't tried :)
<RoyK> ic
<FF666> hi
<FF666> is this the chanel for ubuntu eucaliptus?
<edmoore> greetings. I hope this question does not stretch the scope of this channel too much: We've a bunch of old boxes lying around for our small research group - a webserver, a fileserver, email, some other bits and bobs. Someone advised me to consolidate them all into a bunch of virtual machines on a single box, and that seems to be The Done Thing (tm) nowadays. But I don't understand why, for our needs, just running each of those things natively di
<edmoore> on a single ubuntu server wouldn't be a better idea?
<ttx> FF666: yes, there is also #ubuntu-cloud, but here is alright
<FF666> ok
<ttx> edmoore: segmenting is good, so that an upgrade of one doesn't kill the other.
<ttx> edmoore: but in the end it's a question of how much resource you can throw at it
<ttx> since running them in multiple VMs will use more resources
<RoyK> what sort of storage do you guys use for eucaliptus?
<edmoore> we might be able to stretch to a new dell r710 with a couple of xeons and maybe 12GB of ram. It'll have a long upgrade path hopefully.
<ttx> edmoore: VMs have another advantage, you can move them around
<edmoore> so I guess the real advice is: unless you actually should virtualise (eg our actual number crunching machines), then you should really consider virtualising?
<edmoore> sorry typo: unless you actually *shouldn't* virtualise, you should
<ttx> edmoore: I'd say that, yes (but I'm biased)
<RoyK> is virtualising number crunching machines really a good idea?
<RoyK> I mean, is the overhead so low it makes sense?
<edmoore> RoyK: that was a typo, i meant to say unless you actually *shouldn't* (eg our crunching machines), you should
<RoyK> heh
 * RoyK has no plans on virtualising the number crunching machines here
<edmoore> RoyK: me neither!
<edmoore> well, the crunchers are actuially run by sysadmins who know what they're doing
<edmoore> ok that's sound advice, thank you very much.
<FF666> is there any site where I can download an image of ubuntu server with eucaliptus installed?
<ttx> FF666: not that I know of. Esepcially as it requires at least two machines at this point.
<ttx> FF666: however installing it from 10.04 beta 1 ISO is not very difficult.
<FF666> ttx:??, I'll use a virtual machine, so the number of computers is not a problem
<FF666> I want to know if there is a site where I can find images of ubuntu, like vwmare images
<ttx> FF666: well, running a virtualization node inside a VM will be... problematic. virt-in-virt isn't working so well.
<ttx> FF666: you want an Ubuntu server image ? Or an Ubuntu-Server-preinstalled-with-Eucalyptus image ?
<FF666> ttx: the second one
<ttx> FF666: ok, we don't have that.
<FF666> ttx: ok
<FF666> ttx: but the performance is not a problem, I'm doing a proyect for college
<FF666> ttx: I've to deploy an mysql on the cloud
<RoyK> seems to me UEC might be a good replacement for this XenServer stuff we have now
<RoyK> but again - what sort of storage would you recommend?
<mdeslaur> smoser: so, does kvm support OVF?
<smoser> its kind of not the right question to ask
<smoser> ovf is really not something that KVM would support
<mdeslaur> smoser: ok. uhh...do you like cake?
<smoser> it would be supported more at libvirt or virt-convert level
<mdeslaur> smoser: oh, is ovf just a description file? I thought it had the disk image also?
<smoser> yeah, wouldn't that be easy :)
<smoser> ovf is a description file.
<smoser> and it does define the type of each disk image that is present in the OVA (archive file)
<smoser> but makes no restrictions on what that type is
<mdeslaur> oh, I see
<smoser> yeah.
<smoser> so the end goal of "heres the ovf, it can be run on any hypervisor"
<smoser> is , well, not easily realized at the moment.
<mdeslaur> my google search for OVF led me to some guy called "Scott Moser <smoser@us.ibm.com>", but he's apparently not answering his email any more :)
<jcastro> I don't think that guy is trustworthy tbh
<mdeslaur> jcastro: I've already complained to IBM management :)
<smoser> mdeslaur, he's not worth anything
<smoser> i'd not bother with him
<smoser> :)
<mdeslaur> hehe
<ruben23> hi, how do memory testing and checking on my ubuntu-server..?
<soren> ruben23: Reboot, choose the memtest86+ option in grub.
<ruben23> soren: how do i check i i have memtest, i havent installed it yet.
<soren> ruben23: It's installed by default.
<ruben23>  soren: how do i select it on startup, i havent seen it..on startup
<soren> ruben23: It should be in your grub menu.
<ruben23> how do i access grub menu, something i need ot press..?
<sherr> ruben23
<sherr> Sorry - ESC for grub2
<elb0w> Anyone use UEC?
<elb0w> had some questions about it
<zul> ttx: do you want me to take care of the phpsysinfo one?
<ttx> zul: sure, though at this point beta2-targeted bugs and papercuts have precedence.
<ttx> elb0w: shoot
<zul> ttx: okie dokie
<elb0w> im looking for redundancy options and failover
<elb0w> it looks like it doesnt have any?
<ttx> elb0w: there is some redundancy when using multiple clusters and multiple node controllers, but not something I'd really call redundancy (or failover).
<elb0w> so
<elb0w> I always pictured  a clouds (I know the term is overused) purpose was that if something goes down something else picks up the slack
<elb0w> Is all the UEC is meant to do is spawn VM's?
<ttx> elb0w: cloud computing is really "utility computing", power at your fingertips. That doesn't imply redundancy. That's what clusters do. However, redundancy so that the VMs you started actually are guaranteed to run is a welcome addition.
<elb0w> so UEC is not HA then I take it
<ttx> elb0w: foer example, Amazon EC2 reserves the right to terminate an instance of yours anytime (last time I read the fineprint)
<ttx> elb0w: at this point, now.
<ttx> no, even.
<elb0w> ok
<elb0w> thanks ttx
<zul> ttx: the bacula "papercut" is not exactly a "papercut" its more of a feature
<ttx> zul: right, wanted to see if Ante already had the fix in his PPA or not
<zul> dont think so
<uvirtbot> New bug: #550965 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: el subproceso post-installation script devolviÃ³ el cÃ³digo de salida de error 75" [Undecided,New] https://launchpad.net/bugs/550965
<RoyK^> hi all
<RoyK^> what do you guys use for uec storage?
<RoyK^> hum... "64-bit can run both i386, and amd64 instances; by default, Eucalyptus will only run 1 VM per CPU core on a Node" <-- only one VM per core by default seems _very_ low
<RoyK^> I mean, overbooking by 4-10 is common
<tyska> hello
<tyska> someone can help me with UEC?
<RoyK^> heh - trying to read up about it myself
<tyska> read up where?
<RoyK^> https://help.ubuntu.com/community/UEC
<tyska> this how-to doesn't help with problems solution
<tyska> for example, now im trying to find the file where is set the IP of the Cloud Host
<RoyK^> well, I think it might be better to ask about the problem ...
<tyska> but there is no documentation about this
<RoyK^> the node controller?
<RoyK^> or the nodes?
<tyska> eucalyptus.conf
<tyska> but when i try to run a instance of vm i get this error:
<tyska> FinishedVerify: Not enough resources: vm instances.
 * genii temporarily removes "coffee" from his highlight list
<RoyK^> genii += 0xc0ffee
<genii> RoyK^: :)
<jeffesquivel> hi, I want to start learning about virtualization on Ubuntu Server, any ideas of what a reasonable hardware platform for testing would be?
<RoyK^> jeffesquivel: the tutorial is quite clear about that https://help.ubuntu.com/community/UEC/PackageInstall
<RoyK^> that's for cloud, though. if you plan to setup a vm or two with virtualbox or something, you don't need that amount of iron
<RoyK^> brb
<sherr> jeffesquivel: virtualisation or UEC cloud? You can test virt. on a laptop
<jeffesquivel> RoyK^, I don't want to get into cloud just yet... I was thinking more like a ubuntu hypervisor (is that the correct term?) running on a server with probably two or three VMs running concurrently
<jeffesquivel> sherr, virtualization
<jeffesquivel> sherr, so is it ok for me to just buy the cheapest VT-enabled CPU and just use that?
<jeffesquivel> I'm asking because I thought maybe the cheapest CPUs don't have some feature which would be nice to include in my testing...
<RoyK^> you need VP
<sherr> VT
<RoyK^> ermm
<RoyK^> yes
<RoyK^> but I guess even Atom has that now
<sherr> You don't need VT if you use Xen. But Ubuntu Xen support is poor.
<sherr> You had best get it ... for options.
<RoyK^> huh? UEC uses xen, right?
<sherr> KVM, VirtualBox need need it (in general anyway)
<RoyK^> virtualbox doesn't need VT
<sherr> Amazon use Xen. But I think UEC is agnostic - but generally KVM mainly
<RoyK^> kvm needs it
<sherr> virtualbox - are you sure?
<RoyK^> positive
<RoyK^> it's even got a small icon telling if the cpu has it or not
<RoyK^> but I read somewhere that xen was what made uec possible, or something
<RoyK^> default install of a node, is that kvm?
<sherr> RoyK^: I have not looked at UEC much. Interested in virt. but less so in "cloud".
<RoyK^> afaics UEC is just virtualisation gone large
<sherr> My impression was that UEC is based off eucalyptus which is an Amazon compatible AWS layer. But a layer that hides the implementation.
<RoyK^> sherr: what are you virtualising? servers or general desktop/testing?
<sherr> And Ubuntu's primary ikplementation is KVM. Xen has lost a lot of raction in Ubuntu, Fedora etc.
<sherr> I am doing servers primarily.
<sherr> And looking to use Xen because most of the available h/w I have available (at work) has no h/w VT.
<RoyK^> how many VMs?
<sherr> I have not had such good experiences with KVM either, performance wise.
<sherr> RoyK^: Not cloud level :-) two or three maybe. I haven't got things running at work yet.
<RoyK^> sherr: try virtualbox
<sherr> Currently, I have a vbox vm on a desktop at home.
<RoyK^> I use that on my primary (private) opensolaris server with three VMs
<sherr> Well - 3 actually. 2x lenny, 1x centos (work staging web server)
<sherr> VBox is great, works well.
<jeffesquivel> RoyK^, is it possible to remotely manage virtualbox?
<RoyK^> jeffesquivel: sure
<sherr> Yes. VBoxManage is CLI.
<RoyK^> jeffesquivel: the OSS version lacks RDP, though
<jeffesquivel> RoyK^, so... I should be able to install VB even withouth X running on a server?
<RoyK^> jeffesquivel: but download it form sun and you get RDP console access to each VM, and the rest can be managed through the command line or VirtualBox
<RoyK^> without X on the server
<tyska> hello guys
<RoyK^> just remote X whenever you start VirtualBox
<tyska> someone can help me with UEC?
<jeffesquivel> RoyK^, sherr, I always thought of VB as more a "desktop virtualisation solution"
<RoyK^> tyska: ask the question, not whether people can help you or not
<RoyK^> jeffesquivel: but you can create VMs without X too
<RoyK^> jeffesquivel: I think that was the initial idea, but it works well for servers too
<tyska> RoyK^: i need to explain my problem, if no one is 'listening' i will just waste my time
<sherr> jeffesquivel: that's because it has a GUI (if desired) that works well. And makes it easy to use.
<RoyK^> tyska: it usually takes one (long) line - try it
<sherr> People look down on "easy" :-) But time is short sometimes.
 * RoyK^ likes easy systems
<RoyK^> although I think kvm or xen might scale better than vbox
<jeffesquivel> sherr, RoyK^: ok, I'll look into it too... even so, I prefer KVM + libvirt if possible (because of it being 100% FLOSS)
<RoyK^> but then, since this box is running opensolaris, nothing else really works
<Sripa> I am unable to upload my kernel using euca-upload-bundle command
<RoyK^> jeffesquivel: it's your choice entirely :)
<Sripa> It checks for the bucket name, and never returns..
<Sripa> What might be the problem ?
<tyska> when i run euca-describe-availability-zones verbose nothing happens
<jeffesquivel> RoyK^, sherr: I read sometime ago that there is a feature in newer CPUs which does the virtual to physical page translation in hardware and should improve performance noticeably... do you know anything about it?
<tyska> i think this problem happened because i had two NIC connected to a HUB that is connected to a DHCP server, in the installation the two NIC'S get dynamic IP, but later i change the configuration of one NIC to static IP
<tyska> to do a LAN with the nodes in another subnet
<tyska> now i've fixed the IP's configuration, but now i have 0000/0000 no free/max on the euca-describe-availability-zones verbose command
<tyska> someone can help me?
<sherr> tyska: Sorry, no knowledge of UEC.
<Sripa> sherr: got any idea abt mine ?
 * sherr thinks UEC might need better support and docs soon. Maybe a seperate channel.
<Sripa> I use eucalyptus installed on centos 5
<sherr> Sripa: Sorry - I know little about UEC *or* eucalyptus.
<tyska> Sripa: see ubuntu-cloud
<tyska> Sripa: see #ubuntu-cloud
<sherr> I am vaguely interested, but life is short and I have no business case.
<Sripa> tyska: yeah but that is specific to ubuntu right ?
<sherr> #ubuntu-cloud - all 5 people .. :-)
<tyska> UEC really needs a better documentation
<sherr> I would assume ubuntu-cloud and UEC and euca are all relevant in that channel
<tyska> ubuntu enterprise cloud
<sherr> But this channel seems to turn into a UEC/Cloud channel a lot anyway ...
<RoyK^> jeffesquivel: I thought that was VT
<uvirtbot> New bug: #534877 in eucalyptus "potential db connection leak when no default kernel/ramdisk id is not set" [High,In progress] https://launchpad.net/bugs/534877
<uvirtbot> New bug: #534868 in eucalyptus "update the default message expiration time" [Medium,In progress] https://launchpad.net/bugs/534868
<uvirtbot> New bug: #534869 in eucalyptus "incorrect error message when timestamp has expired" [Low,In progress] https://launchpad.net/bugs/534869
<uvirtbot> New bug: #437026 in eucalyptus "authentication fails in certain cases for tools which assume UTC and do not include time zone data" [High,In progress] https://launchpad.net/bugs/437026
<jeffesquivel> RoyK^, I think it may be called IOMMU
<jeffesquivel> RoyK^, but not sure if that was what I read
<jeffesquivel> about
<RoyK^> I guess I'll just have to setup an ubuntu test cloud to see what it can do
<RoyK^> storage on opensolaris seems like a good idea
<jeffesquivel> well, gotta go
<RoyK^> don't want non-snapshotting filesystems anymore
<jeffesquivel> bbl
<jeffesquivel> RoyK^, sherr, thanks for all the help!
<uvirtbot> New bug: #544992 in eucalyptus "get_all_keys gives an extra item " [Low,In progress] https://launchpad.net/bugs/544992
<uvirtbot> New bug: #537058 in eucalyptus "When creating a large number of volumes concurrently, loopback devices may get reused" [High,In progress] https://launchpad.net/bugs/537058
<uvirtbot> New bug: #535335 in eucalyptus "failed volumes appear as creating" [Medium,In progress] https://launchpad.net/bugs/535335
<uvirtbot> New bug: #538604 in eucalyptus "Storage stats (vol size, counts) are not remembered across SC restarts" [Low,In progress] https://launchpad.net/bugs/538604
<tyska> if i run the command to discover the nodes, but the IP address configuration of the server was wrong, what i need to run for fix the credentials in the node????
<tyska> i get to create a instance
<tyska> but now i cant connect
<tyska> im getting this message: Permission denied (publickey).
<tyska> someone now how to solve this?
<tyska> someone know* how to solve this?
 * tyska waiting response
<smoser> ok, for the sake of discussion, lets pretend that someone wanted what was provided by http://mod-auth-shadow.sourceforge.net/
<smoser> and they were using some old debs (probably from hardy)
<smoser> what would be the recommended way to do "auth shadow" ?
<smoser> i'm guessing its pwauth / libapache2-mod-authnz-external
<sherr> smoser: no idea - but that would seem a reasonable solution. For a start, it is recommended from the m-a-shadow page.
<smoser> sherr, thanks. yeah, i think that is right.
<sherr> It is also maintained - security patches etc.
<zul> smoser: thats what I would do
<guptaxpn> hello
<guptaxpn> anyone in here?
<guptaxpn> what's the deal with the virtual machine install option?
<guptaxpn> how is it different than a normal server installation?
<RoyK^> it uses a kernel made for kvm and some support stuff for that
<guptaxpn> kvm?
<uvirtbot> New bug: #551130 in mysql-dfsg-5.1 (main) "infinite loop in /etc/init/mysql.conf if mysqld is not running." [Undecided,New] https://launchpad.net/bugs/551130
<guptaxpn> so would it work with virtualbox?
<RoyK^> kernel virtual machine
<guptaxpn> is it smaller?
<RoyK^> not really, just install linux-image-virtual or whatever it's called
<guptaxpn> huh
<RoyK^> yeah, linux-image-virtual
<RoyK^> use that on the guest
<guptaxpn> wil lthat take up fewer resources?
<RoyK^> not really, but it'll tune up things a little
<guptaxpn> like what?
<RoyK^> the resources are spent in userspace anyway
<RoyK^> i/o drivers, scheduling choices...
<RoyK^> it generally works better on VMs
<guptaxpn> okay :)
<guptaxpn> i'll switch the kernels once i finish installing the normal base system
<uvirtbot> New bug: #551158 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/551158
<lamont> yay EX_TEMPFAIL
<wack479> I have been doing some research on mdadm and my raid5 array, and am i correct in my thinking that, in order to have the array put together at boot, i need to have it configurd in my mdadm.conf
<geneticx_wrk> hi everyone. can someone please shed some light, I have created a ipsec vpn connection with an ASA 5510 using ubuntu..but once im connected I can't reach remote LAN or go on the internet..any help is appreaciated.
<RoAkSoAx> kirkland, i've just submitted my student proposal to the GSoC website
 * soren glances at soren`
<soren> soren`: shoo!
<tyska> hello guys
<tyska> i really need help with UEC
<tyska> some one can help me?
<tyska> someone*
<bogeyd6> kind of
<soren> tyska: As always: Ask your questions. That's the only way anyone will be able to answer them.
<tyska> i have installed CLC and CC on the same machine
<tyska> as in the how-to page
<tyska> and i have two NIC's, one is the NIC accessible from the  others machines in my lan
<tyska> and one NIC just for the NODE's
<tyska> but i cannot log in with elastic fox
 * guntbert wonders what tyska is talking about - really no idea :-)
<tyska> UEC
<guntbert> and that is? (too lazy to google -- I admit it)
<wack479> I have been doing some research on mdadm and my raid5 array, and am i correct in my thinking that, in order to have the array put together at boot, i need to have it configurd in my mdadm.conf
<sYskk> the tinyurl is expired
<sYskk> how do I add a subdomain to an existing domain ?
<sYskk> I'm working from the ssh
<guntbert> sYskk: please explain - where is the name server?
<sYskk> actually the name server is located at my registrar - what I'm really looking for I guess is to add a virtual host in Apache
<RoyK^> sYskk: /etc/apache2/sites-{available|enabled}
<sherr> wack479: That's what I do.
<wack479> sherr: hello again! and u add config to the mdadm.conf?
<sYskk> RoyK^: thx
<sherr> wack479: backup/rename mdadm.conf, then try :
<sherr> mdadm --examine --scan > /etc/mdadm/mdadm.conf
<sherr> Should give : ARRAY /dev/md* ... lines
<sherr> wack479: as usual, be careful/backup ..
<wack479> mdadm.conf is empty
<wack479> so i dont need to backup it
<wack479> and the os isnt on the array :)
<sherr> Odd - but maybe your issue ...
<wack479> but when i do "sudo mdadm --examine --scan > /etc/mdadm/mdadm.conf" it says permission denied
<sherr> Just try the command i.e. sudo /sbin/mdadm --examine --scan
<RoyK^> mdadm.conf shouldn't really be necessay - it's stored in the metadata on the drives
<sherr> RoyK^: I agree. But in my experience, it often seems to be for me.
<wack479> yes, but if i reboot, it has to be reassmbled without it, correct
<sherr> wack479: did the cmd work/give output?
<RoyK^> yes, the drives are tagged
<wack479> yes it did
<wack479> ARRAY /dev/md0 level=raid5 num-devices=5 UUID=87a687c5:9017aa15:3034c7f4:7083a99d
<RoyK^> and mdadm should be self-concionous with the drives without a config file
<sherr> Well, try it and see if it improves. It can't hurt.
<wack479> its the same array, so should there really be 2 uuid's?
<RoyK^> wack479: what's the problem?
<sYskk> what is the command to restart apache ?
<wack479> syskk: /etc/init.d/apache2 restart
<RoyK^> apache2ctl restart?
<RoyK^> apache2ctl graceful?
<RoyK^> wack479: that's the kill-em-all command, there are better ones
<wack479> RoyKwell, im trying to make sure my raid 5 is working properly, and when i restart, my array is gone, and i have to reassemble it.
<RoyK^> ic
<wack479> Royk: so as i was reading on it, it seems that to autoassemble u have to have a conf file
<wack479> or whatever its called
 * RoyK^ doesn't use linux for storage much, since opensolaris and zfs is so fucking cool
<wack479> sherr: should there really be 2 uuids?
<wack479> nm, ran it again, and only one showed up
<RoyK^> not to bitch linux or anything, but for storage management, zfs beats it all
<wack479> ok
<RoyK^> snapshotting, comression and so on and copy-on-write and ssd caching
<RoyK^> btrfs is a runner-up for zfs, but it's miles behind
<soren> mdeslaur: I'm curious about virtinst 0.500.1-2ubuntu4.. Who says vmmouse is preferred?
<amanda1> http://www.mdhjakten.se/dela/?id=dti2d6s
<mdeslaur> soren: it offers better tracking, and is what works good, no?
<mdeslaur> soren: vmmouse should get used automatically when you install lucid
<RoyK^> wtf is vmmouse?
<soren> mdeslaur: I didn't think we even installed or supported the vmmouse driver anymore.
<soren> mdeslaur: Not since the whole evdev hotplug magic came along.
<mdeslaur> soren: yes, it's in main, and gets installed by default
<soren> mdeslaur: Perhaps it works better now in Lucid.
<mdeslaur> soren: there's a udev rule for it now
<mdeslaur> soren: I use vmmouse from dapper all the way to lucid
<soren> mdeslaur: For a few releases at least you had to put stuff in your xorg.conf to enable it.
<mdeslaur> soren: yeah
<sherr> wack479: sorry, there should be one UUID per array
<mdeslaur> soren: but lucid should get auto-configured with the udev rule
<soren> RoyK^: It's a mouse bus that was first used by vmware and then added to QEMu.
<RoyK^> ok
<soren> VMWare has this special port that it uses for communication with the guests.
<soren> That's how they send commands to the vmware tools you install in the guest.
<soren> One of the things they use it for is for sending absolute pointer coordinates to the guest which makes for much nicer pointer integration for desktop environments.
<soren> They also use it to send shutdown events and probaby a bunch of other tidbits.
<soren> It's quite a hack. Especially these days where the hardware help with virtualisation. It violates the usual iopl restrictions in a number of ways. I can't imagine the vmware developers are happy with it these days. They have to special case a bunch of things to account for it.
<uvirtbot> New bug: #551221 in apache2 (main) "consider a newer version of apache2 for lucid or backport some changes" [Undecided,New] https://launchpad.net/bugs/551221
<wack479> sherr: no worries, and thats what i thought, added the one, and it seems to be working properly
<RoyK^> hi, the page at https://help.ubuntu.com/community/UEC/StorageController says something about using the storage controller, but little about what sort of storage that should be used
<jeffesquivel> hi, is any of the members of the HA Team here?
<uvirtbot> New bug: #551276 in apache2 (main) "apache 2.2.14-5ubuntu4 fails to start with mod_dav_fs enabled" [Undecided,New] https://launchpad.net/bugs/551276
#ubuntu-server 2010-03-30
<sYskk> i get an error when trying: sudo apt-get install subversion libapache2-svn
<sYskk> Setting up libapache2-svn (1.6.5dfsg-1ubuntu1) ...
<sYskk> Considering dependency dav for dav_svn:
<sYskk> ERROR: Module dav does not exist!
<sYskk> ERROR: Could not enable dependency dav for dav_svn, aborting
<sYskk> :/
<pwnguin> django app deployment question
<StormTide> can you use the alternate cd to install a no-gui install, and if so, do you need to do anything special... i cant find a server edition alternate cd (need alt for raid options)
<pwnguin> how should i deal with multiple apps assuming CSS hosted in /media/?
<pwnguin> ie, the django admin app uses /media/base.css
<pwnguin> i can alias /usr/share/pyshared/django/contrib/admin/media/css in apache
<pwnguin> but if i come across another app that uses /media/, that fails
<Italian_Plumber> is there some place i can go to read about the recent changes to samba?  I have one shared folder that contains symlinks to another user's folders.  The symlinks and the folders all have 777 permissions, but when I try to open those folders over the share, it says "You don't have permission to access this resource".  What gives?
<Italian_Plumber> This used to work just fine
<mdeslaur> Italian_Plumber: look at http://www.ubuntu.com/usn/USN-918-1
<mdeslaur> Italian_Plumber: you can no longer have wide links and unix extensions enabled at the same time in samba
<pwnguin> looking into it, i can define a seperate prefix for the admin app
<Italian_Plumber> so if I want to share those other users folders I have to create a new share?
<mdeslaur> Italian_Plumber: if you are serving windows clients, you can simply disable unix extensions
<mdeslaur> Italian_Plumber: if you are serving unix clients, yes, you need to create a new share
<Italian_Plumber> ok I'll look into that, thanks.
<Italian_Plumber> Well that explains what to do but doesn't explain what wide links and unix extensions are. :)
<Psi-Jack-> Hmm
<Psi-Jack-> UEC supports both kvm (by default), and Xen. I'm considering actually trying it now for once, after playing with XenServer from Citrix. heh
<Psi-Jack-> Can you run both kvm and xen domU's on the same UEC host?
<uvirtbot> New bug: #551356 in samba (main) "samba symbol link folder access denied" [Undecided,New] https://launchpad.net/bugs/551356
<Maletor> I have an LVM at /dev/mapper/vg-root  When I'm in the installer do I want to select the volume and create a new partition table? I thought LVM got rid of partition tables???
<Maletor> Also, I'm installing from live-cd so when I boot up is it going to be able to assemble with mdadm and make the lvm2?
<twb> It's not meaningful to create a partition table within an LVM LV.
<Maletor> Well I created a /dev/vg/swap and /dev/vg/root
<twb> Those are LVs, not partitions.
<Maletor> Within the installer it shows up as /dev/mapper/vg-root
<Maletor> Exactly, how do I install to the LV.
<twb> In d-i, you simply assign mount points to LVs and/or partitions.
<twb> I can't comment on ubiquity, because when last I looked it didn't support md RAID nor LVM.
<twb> Nor did the live CD support server installs.
<Maletor> What's ubiquity - the installer
 * Maletor answers own question about installer
<genii> !info ubiquity
<ubottu> ubiquity (source: ubiquity): Ubuntu live CD installer. In component main, is optional. Version 2.0.10 (karmic), package size 3509 kB, installed size 12428 kB
<Maletor> well i just want a vg for swap and a vg for root. How can I install Ubuntu now?
<Maletor> err. lv
<twb> Maletor: do you want a server or a desktop?
<Maletor> desktop twb
<Maletor> (and personal server)
<twb> Maletor: I won't provide support for Ubuntu desktops.
<Maletor> Server then.
<twb> OK, then you need to download the server install CD.
<twb> Otherwise you'll get a GUI, and various other things that shouldn't be on a server.
<Maletor> Ok I'm downloading alternate-amd64
<Maletor> I will boot up, find my RAID, find my LVM2 and install appropriately.
<Maletor> Kernel should have mdadm and LVM2
<twb> The alternate CD is a Desktop install CD.
<Maletor> Different kernel's though, right?
<twb> I don't know, since I don't use Ubuntu desktops.
<Maletor> I'm pretty sure they are.
<Maletor> Ubiquity can't support RAID and LVM so why should the kernel?
<Maletor> I need alternate or this will not be able to mount the root filesystem because it won't be able to find (access) it.
<twb> Ubiquities failings aren't any reason to cripple the kernel.
<twb> *ubiquity's
<lifeless> wait, what
<lifeless> ubiquity can do raid and lvm setup
<lifeless> but as twb says, for desktop stuff - #ubuntu-desktop
<lifeless> or even #ubuntu
<Maletor> It can!? :)
<lifeless> if you're doing a server install, grab the server CD
<Maletor> Hey, I have a /dev/md1 as RAID5 and a /dev/vg/root (as ext4 -- /dev/mapper/vg-root).
<Maletor> [10:32pm] Maletor: Can I just select my /dev/md0 and set that to boot
<Maletor> [10:32pm] lifeless: stay on channel please
<Maletor> [10:32pm] Maletor: Select dev/vg/root to my root partition and /dev/vg/swap to swap
<Maletor> [10:33pm] Maletor: And install. And the kernel will be able to figure out that it needs to assemble a raid and find a lvm to startup?
<maxagaz> is there a command line to check the Upload and the Download traffic speed my eth0 ?
<maxagaz> of my eth0
<twb> maxagaz: push data through it
<twb> Time how long it takes to transmit a known quantity.
<twb> If you want the theoretical maximum, mii-tool or ethtool will report the negotiated line speed for 802.3 links.
<maxagaz> twb,  there's no command line tool to check the amount of data transfered per second ?
<soren> maxagaz: ntop?
<maxagaz> soren, iftop...
<swift> hi guys... i tried configuring mrtg on my ubuntu server... getting the following warnings when i run mrtg....
<swift> http://pastebin.com/5i8bLQH2
<swift> I dont understand why this is happeining
<swift> the graphs are shown on the browser
<swift> but they are blank...
<swift> should i run snmpwalk on my server?
<swift> snmp agent is started on 192.168.8.1 router
<twb> swift: sounds like a chown issue
<twb> swift: who owns those log files, and who does rateup run as?
<uvirtbot> New bug: #358098 in vm-builder (universe) "vmbuilder hangs or crashes when building images on ec2 instances" [Wishlist,Triaged] https://launchpad.net/bugs/358098
<swift> how to check that?... ls -al rateup?
<uvirtbot> New bug: #371783 in vm-builder (universe) "NameError: global name 'isodir' is not defined" [Low,Fix released] https://launchpad.net/bugs/371783
<twb> swift: also, LANG=C is wrong.  You want LC_ALL=C.
<uvirtbot> New bug: #392097 in vm-builder (universe) "vmbuilder ignores mac option when using bridge network" [Low,Fix released] https://launchpad.net/bugs/392097
<twb> swift: no, examine the process while it's running.
<swift> twb... how do i do that?
<twb> !grounding
<twb> Hmph.
<twb> ubottu should just snarf all the dpkg bot's info entries
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> ubottu: shut up
<twb> swift: you need to improve your basic Unix skills
<Sam-I-Am> twb: moo
<twb> Ha!
<Sam-I-Am> hows life?
<twb> Shrug.
<Sam-I-Am> found a workaround for the ldap problem i mentioned
<Sam-I-Am> nothing like some universe packages :)
<twb> Sam-I-Am: go on.
 * twb steeples fingers
<Sam-I-Am> you still have the bug i posted?
<twb> Can't remember.  I subscribed to the Debian one.
<Sam-I-Am> one sec..
<Sam-I-Am> https://bugs.launchpad.net/bugs/423252
<uvirtbot> Launchpad bug 423252 in sudo "NSS using LDAP on Karmic breaks 'su' and 'sudo'" [Unknown,Confirmed]
<Sam-I-Am> posted solution
<Sam-I-Am> while i was there, i also noticed another interesting bug... introduction of using sasl external to modify ldap by default caused some acls to be added in Bad Places
<Sam-I-Am> like... acling things like cn=schema from outside connections
<Sam-I-Am> so uh... nothing can read the schema
<Sam-I-Am> openldap developer nicely posted that one for me... his name has a bit more pull than mine does.  we'll see if anyone notices.
<Sam-I-Am> theres a lot of sorta duplicate bugs i'm merging for that
<Sam-I-Am> not being able to read rootdse kinda returns a variety of strange error messages
<Sam-I-Am> twb: the silence is deafening :/
<twb> Sam-I-Am: sorry, other channels and whatnot
<twb> So nslcd magically fixes it?
<twb> Yeah, OK.
<twb> I've done my share of flip-flopping between nss-ldap and nss-ldapd
<twb> Their actual code is bloody ugly.
<Sam-I-Am> yeah
<Sam-I-Am> its... not ideal
<Sam-I-Am> but it works :P
<Sam-I-Am> i think its nss-ldapd which fixes it... nslcd seems to be related, but i dont think its the core issue
<Sam-I-Am> in the past, nss-ldapd has sucked ass, so this was a surprise
<Sam-I-Am> time to hit the sack here
<swift> hi guys, I wanted to confirm on my query... mrtg is not workin as expected.. i get the following warnings
<swift> http://pastebin.com/5i8bLQH2
<swift> i checked the permissions on 'rateup' file... the owner is 'root'
<swift> with rwx permissions
<swift> also, now when i manually type 'sudo mrtg /etc/mrtg/mrtg.cfg'.... i get no warnings.... andonly then my graph get's updated
<swift> otherwise... i see mrtg doesn't run as a process... please advise
<swift_> any advise if mrtg can cause the internet line to go down?
<qman__> swift_, you need to figure out what user mrtg is running as, and chown the log files to that user
<RoyK> swift, run it again a few times. you always get some warnings the first runs
<RoyK> and no, mrtg isn't running as a daemon
<RoyK> use cron
<swift> RoyK, i want to have it in the init tab... so that it starts at reboot
<swift> how can i do that?
<RoyK> crontab -e
<RoyK> man cron
<RoyK> man 5 crontab
<swift> RoyK, dont want a cron job... want to have it under init
<swift> how cqan i have it as a service ... always running?
<sherr> swift: That's not how mrtg is designed.
<sherr> It is designed to run from cron (and installed so)
<swift> sherr, can't i have it as a service running at all times... that's kinda bad
<sherr> It is not meant to run *all* the time. Reading/generating stats all the time.
<swift> i mean.. if smokeping can.. what;s with mrtg?
<sherr> swift: why? It is silly - snapshot every second?
<swift> yeah... it just shows the graph.. progress
<swift> so that i can compare
<t3ngu> sorry to intervene, but in that case your data is static every second
<swift> t3ngu.. how is it static?
<swift> that's wierd
<RoyK> swift, mrtg isn't a daemon
<RoyK> swift, use munin instead - mrtg is OLD
<swift> it can be run as a daemon
<RoyK> ok - didn't know that, but still, use something else
<swift> i wanted t try mrtg... munin is running
<RoyK> ah :)
<swift> :D
<RoyK> first munin, then rrdtool and then mrtg, just to trace back all the way?
<t3ngu> I mean static, as you dont collect data every second
<RoyK> :D
<swift> mrtg has an option.. runasdaemon.. in the config
<t3ngu> you usually run something every 5mins
<t3ngu> and then plot it.
<RoyK> iirc 5 minutes is maximum resolution for mrtg
<RoyK> there's a lot of bad hardcoding in mrtg
<swift> ok, point noted... il run it using cron
<swift> thanks guys!!!
<RoyK> I really don't see why you shouldn't use cron :)
<RoyK> hi all. I'm considering setting up a cloud for internal virtualisation use, but I wonder, how can the have a redundant front-end server?
<t3ngu> cluster?
<t3ngu> load balanced webservers?
<RoyK> I thought the front-end also bridged the traffic..?
<t3ngu> what do you mean 'breagded traffic' ?
<RoyK> eucalyptus needs to be aware of the redundancy
<RoyK> "tunneling" the ip traffic from the nodes to the clients
<RoyK> bridging
<RoyK> or routing if you like
<t3ngu> then i think you would like linux-HA
<t3ngu> http://www.linux-ha.org/wiki/Main_Page
<RoyK> not really, I would like Eucalyptus to do this. Linux HA is something else
<RoyK> or perhaps I can do it with DRBD/heartbeat
<RoyK> hm...
<t3ngu> i really don't know eucalyptus
<t3ngu> haven't used it but i have used drbd and load balanced in high traffic sites
<TeTeT> RoyK: redundancy in the front-end is kind of un-researched right now. There's a bug I file on this, let me check
<TeTeT> bug 497087
<uvirtbot> Launchpad bug 497087 in eucalyptus "Redundancy for cloud and cluster controller (HA)" [Wishlist,Confirmed] https://launchpad.net/bugs/497087
<brontosaurusrex> any clues on why this: 'sudo mount --bind /var/www/files/ /home/user/files/' didnt persist?
<brontosaurusrex> and q2, how to change the default user shell type, and which one should i choose? bash?
<RoyK> TeTeT, so do I understand it correctly that if the cluster controller dies, all VMs become unavailable?
<RoyK> brontosaurusrex, persist?
<brontosaurusrex> RoyK: after reboot this mounted folders show as empty
 * RoyK didn't know --bind, though, having used -o bind, but it's probably the same
<RoyK> ah
<RoyK> :)
<RoyK> man fstab
<brontosaurusrex> RoyK: ok
<TeTeT> RoyK: the cluster and the cloud controller are both SPOF if you go with the simple topology
<RoyK> brontosaurusrex, or just edit /etc/fstab
<RoyK> it's self-explainatory
<TeTeT> RoyK: you can have multiple cluster controllers, but it's not straight forward to setup in 9.10
<TeTeT> RoyK: in 10.04 LTS 'Lucid' the multi-cluster approach has been integrated into the installer
<RoyK> hm, ok, so with 10.04 I can use a pair of "front-ends" and a bunch of nodes behind them?
<brontosaurusrex> RoyK: any other way? without editing fstab?
<RoyK> brontosaurusrex, that's the way
<TeTeT> RoyK: nope, only one Cloud controller, but multiple cluster controllers for multiple availability zones
<brontosaurusrex> RoyK: eventually i would make a bash script of some sort : addsomenewuser tony
<TeTeT> RoyK: are you aware of the Intel/Canonical cloud whitepaper? might give you some ideas for architecture
<RoyK> brontosaurusrex, you mean useradd -m?
<brontosaurusrex> RoyK: i mean i will do a script with multiple commands, where user will be input variable
<RoyK> TeTeT, do I understand it correctly that all traffic is bridghed through the cluster controller? if so, that's a single point of failure...
<RoyK> brontosaurusrex, sure, as you please, but mounting on startup is done in fstab. obviously you _can_ do it other places, like in the init scripts or even with cron, but it'll be ugly
<brontosaurusrex> RoyK: damn
<TeTeT> RoyK: correct, if you only have one cluster - but a cloud might have multiple clusters
<brontosaurusrex> RoyK: ok, so view mtab after mount command, copy-paste to fstab, reboot and see if that wroks?
<brontosaurusrex> works*
<RoyK> brontosaurusrex, heh - just learn the system
<RoyK> brontosaurusrex, /tmp    /var/tmp/tmp    none    bind    0       2
<RoyK> will bind-mount /tmp on /var/tmp/tmp
<RoyK> on boot
<brontosaurusrex> ok
<RoyK> TeTeT, erm, but still, for one cluster, there would be only one controller, right? so no failover like what exists on high-end stuff like vmware?
<TeTeT> RoyK: you're right, on a simple topology cloud with one front-end and multiple nodes, the front-end is a single point of failure
<TeTeT> RoyK: so the front-end should be on HA hardware
<RoyK> TeTeT, there's another thing I don't understand - I read in the docs that  the nodes cache their drive image locally. won't this make it hard for it to fail over to another node if the one running the VM dies?
<TeTeT> RoyK: there is no fail over between nodes. Instances running on the nodes are thought to be disposable, e.g. an unreliable system
<TeTeT> RoyK: so in general when you run an instance, the node will ask the S3 storage controller for an image
<TeTeT> RoyK: the node checks then if the image is in the node's cache and if not, it will copy it from S3
<TeTeT> RoyK: the instance itself is then a copy of the image (more or less, some magic with ssh keys and creating one image out of the image, ramdisk and kernel is done too)
<swift> hi again... i have an ubuntu server which is the gateway to our network
<swift> it has two modems connected to it.. eachhavingan internet line
<swift> authentication is done via the ubuntu server... virtual ppp interfaces are present on the server.... now, one of the modems has an snmp agent which i use to capture data in mrtg
<swift> the other modem doesn't have any snmp agent... is there a way i can get modem data via the server?... maybe by using the ppp interface corresponding to that modem
<swift> please advise
<RoyK> just install snmpd
<RoyK> there will be snmp counters on linux for all interfaces
<swift> RoyK.. so, snmpd will be able to get the required data from the server... for that particular internet line?
<RoyK> snmpd will report the traffic on the interface that connect to that connection
<RoyK> whatever's happening inside the modem won't be shown, but that is probably just fine
<swift> yes... basically... I want to monitor the traffic on the line
<RoyK> well, the traffic going through the server and in/out of the line will be the same, no?
<swift> RoyK, i see a lot of snmp related services on the server... snmpdelta, snmpget, snmpdf....
<swift> yes
<RoyK> or are there other machines connected to this modem?
<swift> no... all traffic goes out via the server
<RoyK> does the server listen to snmp?
<swift> only thing is, there are two internet lines
<swift> RoyK. how can i find that out?
<RoyK> connected to one or two interfaces on the server=
<RoyK> ?
<RoyK> if eth0 is connected to modem A and eth1 to modem B, they have different counters
<swift> there are two lines.... each connected to separate modems
<RoyK> if ppp0 is connected to modem A, it also has a counter
<swift> yes.. tat's the case
<swift> ok coool!
<RoyK> well, just cfgmaker
<RoyK> it'll find it
<swift> run cfgmaker?
<RoyK> man cfgmaker :)
<swift> RoyK... i ran cfgmaker for the modem IP which has the snmpagent
<swift> i see the graph for that modem too
<swift> infact... there are 8graphs... confusing
<RoyK> one for each interface cfgmaker found
<RoyK> but you should run cfgmaker for the ubuntu machine
<RoyK> since one of the modems don't have snmp
<swift> woh1!!
<swift> over the top
<swift> im new to this.. please can u make it easier?
<RoyK> hm.... I gotta work too :)
<RoyK> just remember that your server is a router. it counts every packet that goes through. possibly those counters are the ones you're looking for
<swift> hmm... point noted... ill get this done!... thanks RoyK!!!
<tgalal> I need someway to install Ubuntu server on 100 machines without having to do the installation procedures on all of them .. Is there someway that I can install only on 1 machine and replicate the installation over all the others ?
<xenaxon> hello, where are the apache config files kept?
<lloowen> Hello all. Having problems with my mouse when I use a virtual pc via my vmware server. I think I have to add something to the xorg.conf file, but the xserver crashes when I alter anything in there. Tried a number of suggestions for altering the xorg.conf file, but didn't work. I have installed "apt-get install xserver-xorg-input-vmmouse" so in theory it should work, but clearly this package is not working on my pc. I am using kubuntu
<lloowen> xenaxon: /etc/apache2/
<lloowen> anyone using vmware server2?
<TeTeT> tgalal: there are multiple ways to achieve this. You can use kickstart, preseed or you can clone the install with clonezilla
<tgalal> TeTeT, which is the simplest ?
<tgalal> TeTeT, I need a hands-off installation .. i only want to touch 1 machine
<TeTeT> tgalal: if they are identical hardware, clonezilla is most likely the easiest path, then kickstart, the preseeding
<TeTeT> tgalal: do some testing with clonezilla.org, https://help.ubuntu.com/9.10/installation-guide/i386/automatic-install.html
<TeTeT> tgalal: https://help.ubuntu.com/9.10/installation-guide/i386/appendix-preseed.html
<lloowen> any body using vmware server2?
<tgalal> TeTeT, thanks a lot .. that really helped
<xenaxon> does apache start everytime I start ubuntu
<xenaxon> kubuntu*
<xenaxon> or do I need to start the service manually?
<TeTeT> xenaxon: by default it is started when installed
<uvirtbot> New bug: #551544 in puppet (main) "puppet in lucid does not support upstart status " [Undecided,New] https://launchpad.net/bugs/551544
<uvirtbot> New bug: #551545 in qemu-kvm (main) "PXE netboot not booting localboot from virtio-disk" [Undecided,New] https://launchpad.net/bugs/551545
<xenaxon> guys how do I start the mysql server
<au> xenaxon: /etc/init.d/mysqld start
<RoyK> xenaxon, like most other services, like au said
<xenaxon> thanks
<au> welcome :)
<RoyK> or "service mysqld start" on newer versions
<RoyK> ubuntu has adopted that now, it seems
<au> since when could you do that on ubuntu?
<au> ahh
<xenaxon> oh, sorry I'm on kubuntu
<xenaxon> not ub
<au> I missed that switching from centos that ubuntu
<xenaxon> it says urecognised service/command not found
<au> xenaxon: apt-get install mysql-server
<au> that will install it for you
<xenaxon> I did
<au> did you double check? :p
<xenaxon> ok
<xenaxon> no
<xenaxon> no such file or directory
<xenaxon> and I installed it right now
<tgalal> TeTeT, I'm planning to use kickstart or preseeding ... isn't there any where I could define incremental IP addresses for my machines and usernames as well ?
<tgalal> in any of the 2 methods
<au> pm me the output of what it said when you did apt-get install mysql-server
<tgalal> any way*
<xenaxon> how can I check if mysql is running
<joschi> xenaxon: sudo /etc/init.d/mysql status
<xenaxon> what mysql client should I use
<xenaxon> joschi do you recommend any mysql client?
<xenaxon> interface*
<joschi> xenaxon: whichever you like...
<joschi> depends what you want to do with it
<xenaxon> on windows I was just using the phpmyadmin
<xenaxon> I need it to do manual database operations
<xenaxon> like importing a database/table/entries
<xenaxon> and also creating/editing table structure
<joschi> xenaxon: try http://dev.mysql.com/downloads/workbench/
<joschi> xenaxon: or install phpmyadmin if you liked it and it did what you needed
<TeTeT> tgalal: IP addresses should go in your DHCP server and dealt out from there. On usernames I fear you have to script
<TeTeT> tgalal: e.g. you can script that they get each a different user in the %post section of the kickstart file
<xenaxon> thanks joschi. I installed the workbench.
<xenaxon> is it possible to import a database with the MySQL Workbench?
<sherr> xenaxon: does it not have any documentation?
<xenaxon> where are the database files kept in mysql
<xenaxon> I just want to copy the database from my windows folder to the linux mysql folder
<xenaxon> can I just copy the database table from windows mysql to linux mysql?
<sherr> xenaxon: Try /var/lib/ for the DB data files and /etc/my.cnf (or similar) for cnfig.
<sherr> But there are lots of docs around for MySQL. Have a look e.g.
<sherr> http://dev.mysql.com/doc/
<xenaxon> on windows my dataase has it's own folder
<xenaxon> I can't find folders for any of linux's databases
<xenaxon> does anyone know how to import a database with MySQL Workbench?
<xenaxon> it doesn't have any help files
<xenaxon> ...
<tgalal> TeTeT, I don't want to use a dhcp server because it will be a single point of failure ... and I want the machines to be networked even of the dhcp server is down .. so I want to use static IP's ... any idea ?
<twb> Whereas with static network configuration, you have *two* SPOFs
<tgalal> how is a static network a single point of failure ?
<twb> Machines will still have network if the DHCP server is down.  They typically just won't be able to reboot while the DHCP server is down.
<twb> tgalal: because both ends need to be statically configured to talk to one another.
<tgalal> this doesn't make it a SPOF .. because if a machine falls down .. the rest will be able to communicate
<tgalal> I have 100 machines
<twb> Anyway, there's no reason you can't have multiple DHCP servers using the same ethers database.
<tgalal> too much hassle
<tgalal> I need static IP's :-)
<twb> As a rule, I don't help people to do stupid things
<tgalal> this is not stupid .. this is the best for my setup
<tgalal> multiple dhcp servers is a stupid idea
<tgalal> 100 dhcp servers on 1 network ?
<tgalal> are you sure this is wise ?
<twb> 0 is a network.  It has 2Â³Â² IPs in it.
<tgalal> ?
<twb> 0 as in CIDR 0.  a.k.a. 0/0 or 0.0.0.0/0.0.0.0 if you want to be verbose.
<\sh> oh well...make the dhcp servers redundant e.g. pacemaker .. and use dhcp relay features of your switch
<twb> \sh: DHCP already works by broadcast
<tgalal> twb, I learned this in my network basics class
<twb> If you're using fixed IPs with a shared ethers database, it doesn't matter which one responds first.
<tgalal> hmm
<twb> Of course, distributing ethers to hosts direct and forgoing DHCP entirely wouldn't work too well, because you wouldn't have enough network to access the LDAP or NIS database that had the ethers in it.
<\sh> twb, you could use the dhcp relay features of your switch, when you want to use only one dhcp service for any networks in your local infrastructure...works very nicely when you have several native vlans and you need ip..
<xenaxon> does anyone know how to import a mysql database?
<tgalal> What the hell .. if I use kickstart I will still have to provide the 100 machines with the installation CD's ?
<tgalal> TeTeT, ^
<TeTeT> tgalal: no, you can install it conveniently from a PXE boot server
<tgalal> https://help.ubuntu.com/community/PXEInstallServer
<tgalal> TeTeT, thanks :-)
<tgalal> I need someway to generate incremental usernames and passwords for all the machines
<tgalal> machine1 password1, machine2 password2, ... etc
<tgalal> TeTeT, can I do so with kickstart ?
<TeTeT> tgalal: you have to script it somehow and give each host a different ks.cfg
<tgalal> how do I give the hosts a certain kickstart file ?
<TeTeT> tgalal: for example providing ks.cfg via a cgi script
<tgalal> will you please elaborate a bit ?
<tgalal> as far as I can understand the as soons as I boot the client machines in PXE mode .. they detect the server and run the designated kickstart file ... so how can I specify which file every client uses ?
<TeTeT> tgalal: ks=<webserver>/<cgi-bin>/<script>
<TeTeT> tgalal: instead of ks=<webserver>/ks.cfg
<TeTeT> on the server you need to write a script that injects a new IP and user for each machine, and probably you want different passwords too
<xenaxon> can someone help me with phpmyadmin
<xenaxon> I can't get it to work
<tgalal> this is exactly what I want to do
<tgalal> but
<TeTeT> so you need a config file or database with a truple of IP, user and password on the installation server
<TeTeT> your script needs to parse that file/ read the db and then provide a ks.cfg based on it
<tgalal> TeTeT, parse what file ?
<tgalal> the db you mean ?
<TeTeT> tgalal: the configuration file with the truple inside
<tgalal> TeTeT, can this be a php script ?
<TeTeT> tgalal: yes, can be
<tgalal> one last question
<tgalal> what variables do i feed to the script such that it makes the correct selection ?
<TeTeT> tgalal: sorry, I don't get your question
<tgalal> TeTeT, I mean how will the script know that this particular machine just ran the script so that the script provides it with the truple
<xenaxon> what is wrong with etc/www I can't edit or create anything
<TeTeT> tgalal: you need a persistent global variable that knows which truple you selected last
<tgalal> this is exactly what I can't figure out :-D
<TeTeT> tgalal: maybe in a /tmp file or somewhere. I never had the need to code it. In a DB you just store it in a current_truple_id table/column
<tgalal> no no
<tgalal> you don't get my question
<tgalal> i mean on what basis do i select the druple
<tgalal> truple*
<tgalal> how will the php script decide on the truple
<tgalal> I think I got an idea
<tgalal> I will use the IP address reported by the machines when they're booting in PXE mode ... the server should provide them with addresses
<tgalal> TeTeT, I will try that and tell you how it goes
<TeTeT> tgalal: good luck
<zul> ttx: ping when you are round
<zul> xenaxon: google is your friend
<TeTeT> zul: do you implement the apport hooks for server packages?
<zul> TeTeT: yep
<zul> TeTeT: check the server-lucid-apport-hooks spec
<TeTeT> zul: nice, I'll have to give a short presentation on them for the next sprint. Any recommended reading for me beyond the spec?
<zul> TeTeT: umm....lemme check
<zul> TeTeT: nope they should be the regular docs for apport
<TeTeT> zul: ok, so read https://wiki.ubuntu.com/Apport first
<zul> TeTeT: yep
<kirkland> ttx: around?
<kirkland> ttx: we need to update the documentation under https://help.ubuntu.com/community/UEC/* to reflect the new, simplified Lucid procedures for doing things
<kirkland> ttx: (Registration, Publication, etc)
<ttx> kirkland: sorry, was busy filing bug 551650
<uvirtbot> Launchpad bug 551650 in eucalyptus "Regression in euca_conf --deregister-nodes" [Undecided,New] https://launchpad.net/bugs/551650
 * kirkland looks
<ttx> kirkland: yes, I was planning to have a look during freeze
<ttx> zul: pong
<zul> ttx: what do you think of? https://bugs.edge.launchpad.net/ubuntu/+source/apache2/+bug/551221
<uvirtbot> Launchpad bug 551221 in apache2 "consider a newer version of apache2 for lucid or backport some changes" [Undecided,New]
<kirkland> ttx: okay, i'll go fix it
<ttx> kirkland: to avoid regressions, starting with beta2freeze we should be very careful with what bug we try to fix
<ttx> kirkland: for the weekly cherrypick of week #24 in particular :)
<ttx> zul: looking
<ttx> kirkland: i'm doing a few tests on the current euca, fwiw
<kirkland> ttx: this week's cherry pick was non-trivial
<kirkland> ttx: thanks, me too; i just got an up-to-date cloud running here
<ttx> kirkland: I mean we should stop fixing small bugs to avoid facing the risk of regression between Beta2 and RC
<ttx> this week was ok :)
<kirkland> ttx: whatever you say boss
<suunto> ola, i have a server in my office that can only be reached via ssh. it's hosting some dev sites, which i need to reach..so i tried ssh -L 3128:localhost:3128 username@server.office
<suunto> and now i enter in my browser the proxy localhost:3128 - but i cant reach these sites..
<suunto> is there a way to get to them?
<ttx> zul: that seems like two features
<ttx> zul: sounds interesting, but will need to pass ReleaseTeam approval
<kirkland> smoser: around?
<kirkland> smoser:         [ "${haystack#* ${needle} }" != "${haystack}" ] ain't working
<kirkland> smoser: http://pastebin.ubuntu.com/406509/
<ttx> kirkland: I suspect it's because haystack uses newlines as separators
<kirkland> ttx: yeah, i'm going to turn this back into a loop and do some testing
<ttx> since it's built from nodes.list, if I read correctly
<kirkland> ttx: correct
<elb0w> looks like its working now
<ttx> kirkland: fwiw the logic in /usr/share/eucalyptus/registration/node is working :)
<kirkland> ttx: http://paste.ubuntu.com/406511/
<kirkland> ttx: that's my proposed solution
<kirkland> ttx: smoser suggested that inline string searching shell construct
<zul> ttx: i dont think we can do the apache2 ffe
<kirkland> ttx: or something close to it
<kirkland> ttx: i'm going to wait until smoser comes around to verify that my suggested change is okay
<kirkland> ttx: i'm testing it here and it works
<kirkland> ttx: try applying that to your /usr/sbin/euca_conf and see
<ttx> sure, no hurry, it's not as if deregister a node had any real value anyway
<kirkland> ttx: try this on your cloud ....
<kirkland> ttx: uec-run-instances -l ttx $EMI
<kirkland> ttx: then ssh in using your public SSH key registered in Launchpad
<Omahn> Could anyone tell me where I should send feedback regarding the server support cycle periods?
<Omahn> (from one of our users)
<ttx> kirkland: nifty -- though you should have asked for a FFe on that one
<ttx> adding new commands/features after FeatureFreeze should pass Release Team approval...
<uvirtbot> New bug: #551655 in spamassassin (main) "open-whois.org is cybersquatted and its rules should be removed from Spamassassin" [Undecided,New] https://launchpad.net/bugs/551655
<ttx> (I don't doubt that in this precise case they would have granted it, but...)
<ttx> kirkland: or did they grant the exception ? I cannot find any trace on the referenced bug.
<kirkland> ttx: this was a remnant of scott's xc2 spec which didn't get implemented;  i was passionate about solving this one particular usability pain-in-the-ass, and so I just-did-it
<kirkland> ttx: in retrospec, i perhaps could have had an FFe
<ttx> kirkland: maybe check with a release team member that they are ok with it... so that it doesn't backfire
<kirkland> ttx: right now?
<kirkland> ttx: or in the future?
<kirkland> ttx: because i was just about to push "publish" on a blog post about the niceness of the tool
<ttx> kirkland: ah
<kirkland> ttx: i'll do it if you like
<ttx> kirkland: would be good for them not to discover that new feature in a blogpost, IMHO
<kirkland> ttx: okay
<ttx> kirkland: sorry for being a little bureaucratic here, but part of my release management job is to ensure the server team sticks to the rules :)
<jiboumans> +1 on that ttx
<kirkland> ttx: http://pastebin.ubuntu.com/406523/
<ttx> kirkland: sounds good !
<uvirtbot> New bug: #551681 in apache2 (main) "apache2 init script typo: eload instead of reload" [Undecided,New] https://launchpad.net/bugs/551681
<uvirtbot> New bug: #551685 in php5 (main) "package php5-ldap 5.3.1-5ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/php5/20090626/ldap.so', which is also in package libapache2-mod-php5 0:5.3.1-5ubuntu2" [Undecided,New] https://launchpad.net/bugs/551685
<uvirtbot> New bug: #551701 in unixodbc (main) "odbc_config missing" [Undecided,New] https://launchpad.net/bugs/551701
<Brendan_Mcc> hey all, new to linux and Ubuntu. I have Ubuntu 9.10 Server installed and want a windows machine to be able to connect to my VPN server being Ubuntu, to be able to access the local network. I tried to follow the guide at https://help.ubuntu.com/9.10/serverguide/C/openvpn.html but got lost at step 3 of the code where it says to VI the vars file... is there a gui vpn server i can download or do i need to do it at the comm
<Brendan_Mcc> any1?
<guntbert> Brendan_Mcc: instead of vi you can use any editor you like - nano is installed by default and quite easy
<hggdh> for the record, the UEC test rig is still unavailable
<ttx> mathiaz: around ?
<mathiaz> ttx: o/
<ttx> hey
<Brendan_Mcc> guntbert: yeh but i followed the steps in the URL and it doesn't actually copy those files
<Brendan_Mcc> I cant see a vars file
<ttx> mathiaz: quick status update on your specs...
<Brendan_Mcc> so im lost to follow the instructions
<ttx> mathiaz: is server-lucid-uec-testing still blocked ?
<Brendan_Mcc> guntbert: is there a gui vpn server i can setup? i should have no probs with that!
<mathiaz> ttx: hm - don't know if the installer has been fixed
<guntbert> Brendan_Mcc: I'm looking at the page you gave - where is "step 3"?
<mathiaz> ttx: I'd have to kick an install on the UEC test rig
<guntbert> Brendan_Mcc: no idea about vpn servers
<Brendan_Mcc> well 'code section 3'
<ttx> mathiaz: it detects hard drives now
<ivoks> hey all
<ttx> mathiaz: though it seems to detect the first HDD as sdb
<mathiaz> ttx: now meaning that it was broken last week?
<Brendan_Mcc> guntbert: i did an apt-get install open vpn
<Brendan_Mcc> then the cp to copy it all to the new dir
<ttx> mathiaz: yes, last weel it would not detect any HDD and ask about iSCSI targets
<mathiaz> ttx: yop - that's what I saw
<Brendan_Mcc> then tried editing the vars file in step 3, no luck, file doesn't exist and is empty
<guntbert> Brendan_Mcc: I can only guide you through some linux steps - so where on that web page did you get stuck?
<mathiaz> hggdh: are you using the UEC test rig to conduct the beta1 isos test?
<jcastro> mdeslaur: hey did your bug preventing you from porting virt-manager get fixed?
<guntbert> Brendan_Mcc: I see no "step 3"
<hggdh> mathiaz: I cannot bring the servers on
<mdeslaur> jcastro: nope
<jcastro> do you have the bug #?
<mdeslaur> jcastro: hold on
<mathiaz> hggdh: what do you mean by that exactly?
<Brendan_Mcc> guntbert, ok i did sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/ THEN vi /etc/openvpn/easy-rsa/vars and there was nothing in the file to edit
<hggdh> mathiaz: trying again
<jcastro> no rush
<mdeslaur> jcastro: #530138
<mathiaz> hggdh: have you restarted an installation?
<hggdh> mathiaz: santol, sapodilla, mamoncillo, etc do not come online
<hggdh> mathiaz: yes, I just did
<Brendan_Mcc> guntbert: call it the '3rd' Code Section
<mathiaz> hggdh: do you see anything on the serial console?
<Brendan_Mcc> of the instructions
<mathiaz> ttx: so the UEC test rig is currently used for beta1 iso
<guntbert> Brendan_Mcc: you just put the lines after the instruction into that file - are you fine working with vi?
<guntbert> Brendan_Mcc: found
<mathiaz> ttx: once that's done I'll have a look at wether the installer is able to detect hard drives
<ttx> mathiaz: ok... the fallback on this being to do manual testing and postpone multinetwork automation to 10.10
<ttx> mathiaz: What about server-lucid-puppet-uec-ec2-integration ? There are some WI about facts and libactiverecords-ruby that are still TODO
<ttx> is it still on track for Beta2Freeze/Beta2Release ?
<mathiaz> ttx: for now on track for Beta2Release
<hggdh> mathiaz: how do I get the serial console?
<ttx> mathiaz: will anything there require a BetaFreezeException ?
<Brendan_Mcc> guntbert: yeah im all good with VI, but the vars file doesn't exist to edit in the first place
<mathiaz> ttx: it's testing - so no impact on BetaFreeze
<ttx> ok
<ttx> mathiaz: about server-lucid-id-mgmt-reference-env... should we drop it or do you still hope to have some time to work on that ?
<mathiaz> hggdh: https://wiki.canonical.com/InformationInfrastructure/IS/PlatformUEC
<guntbert> Brendan_Mcc: doesn't matter - you just created it and "populate" it ...
<mathiaz> ttx: I still have hope to work on that before beta2
<mathiaz> ttx: now that you've fixed the most important upgrade bugs :)
<ttx> mathiaz: heh
<Brendan_Mcc> guntbert: ok, ill give it a shot
<ttx> mathiaz: before Beta2Freeze ?
<mathiaz> ttx: package 1.0.X sssd may be moved to final though
<mathiaz> ttx: nope - Beta2Release
<mathiaz> ttx: it's testing - so no impact on BetaFreeze
<guntbert> Brendan_Mcc: you can look into /usr/share/doc/openvpn/examples/easy-rsa/2.0/easy-rsa/   if there is a file vars (which I doubt)
<ttx> mathiaz: well, "Fix cn=config upgrade bugs from hardy/karmic" sounds like bugfixed to me
<ttx> bugfixes
<ttx> or should we consider this one done now ?
<mathiaz> ttx: hm - I'd like to test it a bit more
<ttx> ok
<mathiaz> ttx: testing during beta2freeze which *may* lead to an upload post beta2
<ttx> okok
<ttx> smoser: yo
<Brendan_Mcc> guntbert: ok, made the vars file with VI but then fail with Enter the following to create the server certificates: as theres 1: no easy-rsa subdir, and when i create it cant execute the files mentioned
<Brendan_Mcc> something isn't right
<hggdh> mathiaz: ssh session to nickel (proxy via tamarind) hangs, no response
<mathiaz> hggdh: you can't ssh to nickel from tamarind
<guntbert> Brendan_Mcc: so back to my last idea: have a look at the structure in /usr/share/doc/openvpn/examples/easy-rsa/2.0/  - maybe there is one directory too many or so in the instructions
<sherr> Brendan_Mcc: /usr/share/doc/openvpn/examples/easy-rsa/2.0/vars on my openvpn
<Brendan_Mcc> guntbert: investigating
<Brendan_Mcc> sherr: found it
<Brendan_Mcc> ill have a play there for now
<Brendan_Mcc> sherr: much better, things are happening now :)
<hggdh> mathiaz: heh. Via chinstrap, done
<ttx> smoser: ping
<hggdh> mathiaz: to power-cycle, I need a <RACK> which is not defined in the document you gave me
<mathiaz> hggdh: to power cycle the systems I'd suggest to use uec_power on nickel
<mathiaz> hggdh: as outlined in the README file in the uec-testing-preseed bzr branch
<mathiaz> kees: jdstrand: mdeslaur: how important is it to have apache2 2.2.15 in Lucid?
<mathiaz> see bug 551221
<uvirtbot> Launchpad bug 551221 in apache2 "consider a newer version of apache2 for lucid or backport some changes" [Medium,Confirmed] https://launchpad.net/bugs/551221
<jdstrand> mathiaz: this is a complicated issue due to the openssl requirement. mdeslaur has been following this most closely, so I'll let him comment
<mathiaz> jdstrand: right - the openssl point makes it more complicated
<jdstrand> mathiaz: we've been avoiding the reneg patches thus far, due to the timing of when they were available relative to the LTS
<mdeslaur> mathiaz: I don't think we're ready to put openssl 0.9.8m in lucid
<mdeslaur> mathiaz: and the other 2.2.15 security fixes have been backported to lucid already
<mathiaz> mdeslaur: ok - so pulling 2.2.15 is not important
<jdstrand> mathiaz: 0.9.8m will likely break things in such a way that they'll need to be modified to use the old reneg code
<jdstrand> (where they = 'things', not openssl)
<mdeslaur> mathiaz: my personal feeling is we're way too late in the dev cycle to update openssl and get all the dependencies tested properly
<mdeslaur> mathiaz: -1 from me
<mathiaz> mdeslaur: ok - could you add a comment on the bug?
<mdeslaur> mathiaz: sure
<zul> ttx: *cough* from formencode http://paste.ubuntu.com/406586/
<ttx> zul: I'm not sure what you're trying to tell me here
<zul> ttx: it looks like python-dns is needed after all otherwise it will give the user a big fat warning
<ttx> zul: well, if no dependency makes use of that code path, a suggests is alright
<ttx> If none of the formencode redepends use resolve_domain=True, then moving it from depends to suggests won't make it fail
<zul> checking
<ttx> if any of them do, you have two options. Restore the dependency... or add a python-dns to the rdepends that needs it
<ttx> zul: like I already told you, choice between the two options depends how many of them need it.
<zul> ttx: gotcha
<ttx> if 0 of formencode rdepends use resolve_domain=True -> the "suggests python-dns" in formencode is alright
<ttx> if 1 of formencode rdepends use resolve_domain=True -> add a "depends python-dns" to that specific one
<ttx> if >1 of formencode rdepends use resolve_domain=True -> Restore the "depends python-dns" in formencode and MIR python-dns
<Shtirlic> May someone provide me with Iron reason to ask admins to use ubuntu server instead of centos5?
<suunto> Shtirlic, centos ... seriously... suck
<suunto> their repos / software is very old versions...
<suunto> like in OLD
<Shtirlic> suunto: agree yes i found this one but need another one
<suunto> run ubuntu, it's fresh, it's hardcore, it's easy to use - apt rocks
<suunto> let me put it to you this way..
<suunto> i used to run gentoo...and gentoo really rocks..
<suunto> but now i just put ubuntu on cause it's less compiling and it works quite good
 * suunto wouldnt go with centos..but let me ask my brother..he runs centos..
<suunto> nah he's away..
<suunto> whats the reasoning behind centos?
<Shtirlic> i know what u talking about, they reason centos5 is easy to maintain and it's enterprise and serois companies use it, what can i say about Ubuntu server, i know only one big company that uses Ubuntu server -- it's wikipedia
<suunto> lol 3rd busiest site in all the world..
<suunto> whats you going to run on it?
<Shtirlic> suunto: yeeh that would be my second point after the old repos
<suunto> what will your company run on the servers?
<Shtirlic> suunto: just bunch of ruby applications and static web hosting
<suunto> Shtirlic, then no reason not to go with ubuntu..ruby and apache, you need fresh stuff there..
<suunto> maybe the server admins dont know ubuntu?
<suunto> how many servers?
<suunto> clustering?
<Sam-I-Am> where is the proposed server docs for ubuntu 10.04?
<Sam-I-Am> so i can look at them
<Shtirlic> the problems is that i really wanna go with ubuntu server, because i use ubuntu desktop and freebsd on my own side, but they said that ubuntu have security problems, nor cetos5
<mdeslaur> Shtirlic: Ubuntu doesn't have security problems, and security updates come out way faster than centos
<suunto> Shtirlic, i think not, updates are regular..you firewall, apache is darn secure,
<Shtirlic> suunto: no cluster, but if i win this battle all other servers will be in future
<mdeslaur> Shtirlic: the best reason, is Ubuntu has commercial support available, centos doesn't
<smoser> ttx, here.
<ttx> smoser: you're in a swap day, so you shouldn't be here :)
<smoser> well 1/2 swap day
<guntbert> Sam-I-Am: as of yet I see only http://help.ubuntu.com/9.10/serverguide/C/
<ttx> smoser: hah, let's take advantage of this, then
<smoser> i got to play pre-school parent helper.
<soloslinger> anyone able to shed some light on why a /etc/init.d/networking restart gives me a "SIOCADDRT: File exists/Failed to bring up eth1."?
<ttx> smoser: pm?
<smoser> am. just returned.
<ttx> smoser: privatemsg?
<suunto> Shtirlic, is there any reason why you have to argue with a company what to run? like, it's only servers right..?
<suunto> that pretty much means your the boss, you say, they do..etc etc
<suunto> at the moment it seems like a company that doesnt run ubuntu, they have their own flavor of centos and thats what they try to convince their clients to use
<mdeslaur> Shtirlic: another great reason: with Ubuntu, you can enable _just_ security updates, with Centos, you are forced to install _all_ updates
<Shtirlic> suunto: yeeh, i am the lead web dev in company, so i can discuss what server to use, but needs some point fro ubuntu -server
<Sam-I-Am> smoser: do you know the location of the ubuntu server docs for 10.04?  i'm curious if the ldap stuff was updated to reflect usage of ldapi/saslexternal to modify the db... the package changed in 9.10, and the docs describe a process that does not work
<pmatulis> Shtirlic: the ubuntu community is massive so there is more online help.  you can aslo purchase server support from Canonical
<suunto> Shtirlic, i also do webdev and run complete dev environment + hostign on ubuntu..
<suunto> and as for the ruby apps...it's not redmine is it?
<suunto> cause that runs cool on ubuntu too
<jdstrand> Shtirlic: another big difference is the compiler hardening in Ubuntu. in rh/centos the system binaries are compiled with hardening flags, but any applications you comile yourself are. see https://wiki.ubuntu.com/Security/Features for more info
<Shtirlic> suunto: no, some sinatra backends
<jdstrand> err
<jdstrand> Shtirlic: ...any applications you compile yourself are *not*
 * Shtirlic copypasting from log
<jdstrand> Shtirlic: that can be a big win security-wise, depending on your use
<zul> ttx: i commented on the rabbitmq bug
<Shtirlic> so it's 4 1. Fresh repo
<Shtirlic> 2. Has commercial support
<Shtirlic> 3. Big community (first google results for issues)
<Shtirlic> 4. Security updates separated from other updates
<Shtirlic> myabe add something more?
<Sam-I-Am> 5. works
<Sam-I-Am> :P
<Shtirlic> 6 profit!
<jdstrand> Shtirlic: 5. custom compiled binaries have compiler hardening enabled
<Sam-I-Am> you forgot "..."
<Shtirlic> Sam-I-Am: )
<ttx> zul: I'd still query #ubuntu-devel for better suggestions on how to fix this
<suunto> great example: i google for sinatra ruby ubuntu and sinatra ruby centos - ubuntu got so many more posts..and a group: and 45K more entries in google
<Shtirlic> but their main point is  that sentos is Enterprise blah blah and strong
<smoser> Sam-I-Am, sommer might know more
<smoser> but i do not. sorry.
<Sam-I-Am> aight
<Sam-I-Am> it needs some fixin :/
<jdstrand> Shtirlic: Ubuntu is enterprise ready. we have 5 years of support on the server with an LTS release
<jdstrand> Shtirlic: you can also purchase paid support from Canonical (or 3rd parties) for Ubuntu
<ivoks> eh
<ivoks> ubuntu server rulez
<Shtirlic> oh, forgot is the Ubuntu serer support LVM as i know this is some kind of dynamic storage increase on virtula machines?
<jdstrand> Shtirlic: absolutely it supports LVM, and raid, and virtualization
<jdstrand> it the cat's pajamas :)
<Shtirlic> jdstrand: thx,
<Shtirlic> and the last question: it's easy to upgrade to 10.04 server from prev 9.10 if i will not wait untill final release?
<jdstrand> Shtirlic: yes. 9.10 -> 10.04 is a supported upgrade. you can also do LTS -> LTS upgrades
<ivoks> jdstrand: are there any significant new features in 10.04's ufw, regarding 8.04?
<jdstrand> Shtirlic: at this late date in the 10.04 dev cycle, you may want to start your testing with 10.04, but obviously we are still fixing bugs
<jdstrand> ivoks: oh gosh yes: https://wiki.ubuntu.com/UncomplicatedFirewall#Features :)
<ivoks> jdstrand: thanks :D how about apparmor? :D
<jdstrand> ivoks: there are a lot of improvements to apparmor itself, which makes it more flexible when developing profiles (and bug fixes). in terms of profiles: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles
<Shtirlic> jdstrand: but upgrades from 10.04 betas will be available to final releases?, so I can start developing on betas and have stable on production?
<jdstrand> ivoks: I might point out if you are doing a lot of virtualization via libvirt, then the apparmor security driver for libvirt is on by default. this provides guest isolation as well as host protection from rogue VMs
<jdstrand> Shtirlic: yes-- beta2 freeze is next week. there should be no major changes at this point. it is possible that things will break, but we release in a month so everything should be about stabilization at this point
<ivoks> jdstrand: thanks
<jdstrand> Shtirlic: you can do the normal upgrade procedures and when 10.04 is released, your normal upgrade procedures will get you a complete, supported LTS release
<ttx> ivoks: yo
<ivoks> ttx: oy
<ttx> ivoks: sent you an email about UDS
<jdstrand> Shtirlic: for a testing environment, 10.04 is probably the way to go, imho, but obviously it is up to you
<ivoks> ttx: i've seen it; didn't have time to respond :D
<ttx> ivoks: got to go now, but please reply when you get a chance :)
<ivoks> ttx: will do
<Shtirlic> jdstrand: brilliant, thx for good answers, looking forward to release
<jdstrand> Shtirlic: sure! :)
<uvirtbot> New bug: #551820 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/551820
<geneticx_wrk> Hello everyone. So I have configured rsnapshot to back up daily, weekly, monthly. My initial daily is 256 MB (daily 0) then daily 1 is only 40K and daily 2 is only 40 K again...when I go inside daily 1 or 2 I dont see any contents ..what could be wrong?
<smoser> oops. and Sam-I-Am i think it might be asommer (not here now).
<Sam-I-Am> heh
<Daviey>  .
<xenaxon__> guys, how do I make virtual hosts on linux
<xenaxon__> I want to work locally
<xenaxon__> and access my www/[projectname] individually
<xenaxon__> like I did on windows
<xenaxon__> and access the projects like this: www.[projectname].lh
<xenaxon__> help?
<uvirtbot> New bug: #551847 in euca2ools (main) "uec instance boot fail" [Undecided,New] https://launchpad.net/bugs/551847
<eagles0513875> hey guys are there any commandline based c++ development environments in the repo
<RoyK^> eagles0513875: you mean makefiles and such?
<eagles0513875> RoyK: already got the answer but for cpp files im creating from scratch as im learning c++ atm
<eagles0513875> vi is probably the best solution
<eagles0513875> cept only one problem my ssh connection keeps hanging on me when using vi for some reason though RoAkSoAx
<eagles0513875> whoops meant RoyK
<eagles0513875> nm fixed it
<RoyK^> :)
<eagles0513875> this makes no sense there is something buggy with vi
<eagles0513875> i get random lockups then it unlocks itself
<qman__> that normally happens when the connection drops out
<eagles0513875> how is it dropping out though
<qman__> it shouldn't be doing that if you're on a LAN, though
<eagles0513875> i am on a lan
<qman__> when it unfreezes, does it type in everything you typed while it was frozen?
<eagles0513875> qman__: it did a bit but it never unfroze 2nd time round
<eagles0513875> restarted ssh session
<eagles0513875> and recovered
<eagles0513875> goign to leave it on and see if it does it again
<qman__> yeah, that's definitely a connection problem
<qman__> as opposed to anything wrong with vi itself
<RoyK^> rotfl http://uncyclopedia.wikia.com/wiki/Cannabis
<jeffesquivel> "Minitrue mark article doubleplusgoodthink. Miniluv make goodthink fullwise." --> Bua hahahaha
<jeffesquivel> hmm... it's been a while since the last time I read 1984
<Flare183> I need help installing Lon Capa onto my Ubuntu Server
<jeffesquivel> Flare183, sorry... I have never used Lon Capa, but seems like an interesting concept
<Flare183> jeffesquivel: Yeah
<xenaxon> Hello, how do I set multiple vhosts
<ChmEarl> Xen4 + 2.6.32.10 pv_ops kernel on karmic 9.10 limited to one vif network and 3 domU's
<ChmEarl> eth0 is bridged to br0.. xend starts smoothly
<ChmEarl> http://paste.ubuntu.com/406685/
<sherr> ChmEarl: Is that a kernel you built yourself? dom0?
<ChmEarl> yes... from git
<jeffesquivel> xenaxon, vhosts as in apache? or you mean virtual machines?
<sherr> Ahh OK. I am looking at Xen myself. Currently dom0 is .26 lenny.
<xenaxon> jeffesquivel: as in apache
<xenaxon> vhosts for organising my projects
<xenaxon> so I can work locally
<ahasenack> where are the initscripts nowadays? I'm a bit lost with upstart
<ahasenack> the files in /etc/init.d/ are just stubs
<ChmEarl> sherr, so far all problems have been solved by loading the right module
<ahasenack> in particular, I'm trying to debug this error:
<ahasenack> # start eucalyptus-network
<ahasenack> start: Unknown parameter: IFACE
<jeffesquivel> xenaxon, well... you can differentiate them by IP or by hostname
<ahasenack> but I can't find that eucalyptus-network "initscript"
<jeffesquivel> xenaxon, which one where you thinking about?
<sherr> ChmEarl: I am still finding my way ...
<xenaxon> I have 2 or more folders in my etc/www and each folder is a website
<sherr> So, dom0 is .32 + patches from Jeremy?
<sherr> Jeremy the Citrix Xen/Linux engineer.
<xenaxon> jeffesquivel: hostnames
<jeffesquivel> ahasenack, hmm... /etc/init/
<sherr> ChmEarl: What domU's are you running?
<xenaxon> I want to differentiate my local website projects my hostnames
<ChmEarl> c564 fc12 suse11.2
<ahasenack> jeffesquivel: thanks
<jeffesquivel> xenaxon, ok, then you need to configure the CNAMEs in your dns
<jeffesquivel> ahasenack, no problem
<xenaxon> I have 2 projects at the time being: celebrity and tamil
<xenaxon> I have configured them in /etc/hosts file
<ChmEarl> sherr correct about dom0 components
<xenaxon> but I don't know how to configure the vhosts in apache
<xenaxon> it'a bit different from windows
<sherr> ChmEarl: I have centos5 x64 + Squeeze x64 ... it seems to run well. And good performance.
<jeffesquivel> xenaxon, ok... then you can use 000-default as a template
<jeffesquivel> xenaxon, it is located in /etc/apache2/sites-available
<xenaxon> oh
<xenaxon> I edited it a bit
<jeffesquivel> xenaxon, you just copy 000-default and change the important bytes (Directory and the hostname for the virtual host)
<xenaxon> I tryed to use it same as I did with httpd-vhosts on windows
<xenaxon> but it's not working properly
<jeffesquivel> xenaxon, hmm... I have never used apache on windows
<xenaxon> should I leave the 000-default
<sherr> ChmEarl: I might try doing a .32+patches + Xen4 myself. But I will need to be physically present at my PC first. In case it doesn't boot ... a week or two.
<xenaxon> or delete it
<xenaxon> ?
<xenaxon> and how should I name the new files
<xenaxon> should I name them as my projects/folders?
<jeffesquivel> xenaxon, it is up to you to leave it or delete it
<xenaxon> if I leave it, 127.0.0.1 will continue to work in /www/
<xenaxon> yes
<xenaxon> ?
<jeffesquivel> xenaxon, names are up to you too... but keep in mind that apache will read them in alphanumerical order
<xenaxon> but tell me how should I name the files
<xenaxon> it doesn't mater does it
<xenaxon> I guess it's just a form of separating them
<jeffesquivel> xenaxon, nop, it doesn't...
<xenaxon> organising
<jeffesquivel> xenaxon, yep
<jeffesquivel> xenaxon, ubuntu's default config is made that way to be easy to organize and manage
<jeffesquivel> now after you have the correct files in place
<jeffesquivel> you can use the utility called a2ensite
<jeffesquivel> with the name of the file you created
<jeffesquivel> to enable your site
<jeffesquivel> after that invoke-rc.d apache2 force-reload should tell your apache2 that there is a change in config that it should take into account
<jeffesquivel> and that's it
<xenaxon> ?
<xenaxon> what?
<xenaxon> how do I call it
<smoser> anyone have any idea how to make ssh (attempt) to kill processes on the remote end on a local kill of the ssh client ?
<smoser> ie:
<smoser> ssh localhost 'echo self is is $$; sleep 2m'
<jeffesquivel> xenaxon, ok, let's say you created a virtual host in a file called newvirtualhost
<smoser> then, either ctrl-c or kill <ssh-pid>
<xenaxon> I created 2 vhosts
<smoser> you'll still see both a bash process and a sleep process
<xenaxon> and also set dns file for them
<xenaxon> :)
<xenaxon> now what
<jeffesquivel> xenaxon, to "enable" that virtual host you need to execute the following command: a2ensite newvirtualhost
<xenaxon> newvirtualhost being the name of each file/vhost?
<jeffesquivel> xenaxon, yep
<jeffesquivel> jeffesquivel, it should give you an error if you give it the wrong parameter, anyways
<xenaxon> ERROR: Site celebriton does not exist
<sherr> xenaxon: https://help.ubuntu.com/8.04/serverguide/C/httpd.html#http-configuration
<xenaxon> wait
<xenaxon> the files are shortcuts
<xenaxon> when I edit one the other is edited
<xenaxon> actually it's the same file
<xenaxon> ..
<xenaxon> :)
<jeffesquivel> sherr, thanks...
<sherr> xenaxon: It might be a good idea ot learn a little about basic unix/linux before setting up a web server
<jeffesquivel> xenaxon, you should read sherr's link :-)
<jeffesquivel> xenaxon, and you can come and ask if there is something you don't understand or is not working :-)
<xenaxon> wait
<xenaxon> I've put the 2 vhost configs in different files
<xenaxon> celebriton and tamil
<xenaxon> it still says site celebriton does not exist
<jeffesquivel> xenaxon, ok, where did you put those files?
<xenaxon> sites-enabled
<jeffesquivel> xenaxon, you should put the real files in sites-available
<xenaxon> yes, i know
<jeffesquivel> then, using a2ensite (or creating the symlink manually) you create a link from there to sites-enabled
<xenaxon> I just TRINGED 5 seconds ago
<xenaxon> :)0
<xenaxon> :))
<jeffesquivel> after that, you restart apache and it if everything else was correct, you should have your vhosts working
<xenaxon> ok done
<xenaxon> now restart
<xenaxon> ok. WORKS
<xenaxon> thanks a million
<xenaxon> ur the god
<jeffesquivel> xenaxon, you're welcome
<xenaxon> oh, one more thing. any way of moving tamil's database from my windows partition to kubuntu
<xenaxon> I know it's stored in files so, is it possible to just copy the database from there to here?
<jeffesquivel> xenaxon, what database are you using?
<jeffesquivel> xenaxon, mysql?
<xenaxon> mysql yes
<jeffesquivel> xenaxon, you can make a dump of the database in windows and then restore it on kubuntu
<xenaxon> is there no way possible of just copying the files ?
<jeffesquivel> xenaxon, just be careful of the character set
<jeffesquivel> xenaxon, I don't know... I don't think that's recommended anyway
<jeffesquivel> xenaxon, do you use phpmyadmin?
<xenaxon> yes I do
<xenaxon> both on windows and on kub
<jeffesquivel> xenaxon, ok... you should be able to export your database on windows and then import it on kubuntu
<xenaxon> ah, gotta switch
<xenaxon> ok
<jeffesquivel> using phpmyadmin
<xenaxon> I was hoping I can just copy the folder with the database files
<xenaxon> but it's not possible is it
<Pirate_Hunter> Evening all, recently I got into something that had made me look into commercial webhosting panels such as ispconfig, cpanel, plesk, webmin, vhcs (apparently has been revived), ispcp (derived from vhcs)and ehcp. Would like if people could provide their opinions on any of these panels or offer some other alternative and any information on how would go about testing these panels without having to create multiple clean vms?
<xenaxon> in windows /mysql/data/ contains a folder with the database
<xenaxon> anyway. forget about it I'll just switch to wingows
<xenaxon> thanks for your help
<jeffesquivel> xenaxon, i don't know if it is possible... but don't think so... usually those files can have stuff in them that is operating-system dependant
<jeffesquivel> xenaxon, no problem
<jeffesquivel> well... gotta go
<jeffesquivel> bbl
<uvirtbot> New bug: #498939 in mysql-dfsg-5.1 (main) "mysql- packages section on synaptic" [Wishlist,Triaged] https://launchpad.net/bugs/498939
<uvirtbot> New bug: #552029 in vm-builder (universe) "vmbuilder: error: no such option: --in-place" [Undecided,New] https://launchpad.net/bugs/552029
<mlevin_> hey folks. quick question for ya. I have an ubuntu 9.10 image on amazon (cloned alestic's ami-7d43ae14 to make my own). did an aptitude safe-upgrade today and upgraded some packages and also noticed it upgraded to kernel 2.6.31-305-ec2, but when I reboot and do uname -a, it is still on 2.6.31-302-ec2. so how do I get it to boot into 2.6.31-305-ec2?
<mlevin_> (or am I in the wrong channel?) ;-)
 * ChmEarl now has multiple domU's with good vif in Xen4/pv_ops on karmic 9.10 : problem solved
<fluvvell> With XDMCP being removed in Karmic, what do we have as a "drop in" replacement for remote connection / thin client ?
<alvin> fluvvell: As far as I know, it isn't removed.
<alvin> fluvvell: I have Jaunty machines in production running XDMCP. Are you sure it is removed in Karmic? (Do you have a source?)
<uvirtbot> New bug: #549991 in lm-sensors (universe) "Laptop fan isn't often sped up when CPU is hot" [Undecided,New] https://launchpad.net/bugs/549991
<fluvvell> https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/408417
<uvirtbot> Launchpad bug 408417 in gdm "No option to log in remotely via XDMCP" [High,Won't fix]
<alvin> fluvvell: Ah, I see. I'm using Kubuntu. It's not gone in KDM
<fluvvell> yes, I guess I could use the kdm greeter but...
<uvirtbot> New bug: #552053 in mysql-dfsg-5.1 (main) "mysqld_safe should be available in mysql-server" [Medium,Triaged] https://launchpad.net/bugs/552053
<alvin> fluvvell: Man, man. I didn't know this. The company I work for is heavily dependant on XDMCP. I'll say the bug affects me too. (This effectively limits our options. We can't consider Gnome anymore)
<fluvvell> plus i've not yet had success with the peppertop.com solution but I'm still working on it.  Yes, I had a small cafe relying on it so am in the middle of a "hot" fix
<uvirtbot> New bug: #550194 in samba (main) "[Lucid] passwd reports a System Error when trying to change password (dup-of: 546874)" [High,Fix released] https://launchpad.net/bugs/550194
<fluvvell> alvin: well, just don't upgrade from jaunty just yet :-)
<lullabud> alvin: it looks like gdm-2.20 is provided in karmic with xdmcp support.
<lullabud> it seems to me like the reason behind that is that newer versions of GDM are gnome instances, whereas older versions of GDM were not built on the gnome libraries and were not gnome instances.  so, new versions will have to work around that, perhaps respawning with a target x server or something.
<lullabud> i guess you could always use xnest or xdm or the older gdm.
<fluvvell> lullabud, thanks, there are some helpful hints in the bug report on https://bugzilla.gnome.org/show_bug.cgi?id=592976 which I'm still reading through
<uvirtbot> Gnome bug 592976 in general "No option to launch XDMCP chooser from login screen" [Normal,New]
<lullabud> fluvvell: yeah... i verified it on my 9.10 laptop though and sure enough, no remote login at the login screen.
<uvirtbot> New bug: #552067 in vsftpd (main) "secure_chroot_dir in /var/run/vsftpd disappears each time the system is restarted" [Undecided,New] https://launchpad.net/bugs/552067
<lullabud> fluvvell: found a long article on it, well written - http://www.peppertop.com/blog/?p=712
<lullabud> 3 articles actually...
<fluvvell> lullabud, yes been working through them.
#ubuntu-server 2010-03-31
<jMyles> I am tempted to chmod -R 750 * for a bunch of places, including /var, /etc, /home - is this a bad idea?
<hggdh> generically, yes, it's bad
<hggdh> for example, ~/.ssh
<soren> jMyles: Yeah, don't do that.
<jMyles> Well I created a new user and I'm surprised how much access they have
<jMyles> I want them to only have access to ~
<jMyles> for example, they can read everything in /etc/apache2/sites-enabled - I do not want this
<jMyles> How about instead of 750, I go o=X ?
<orudie_> how would I look up the cpu info ?
<Sam-I-Am> orudie_: cat /proc/cpuinfo
<orudie_> thanx
<Hypnoz> anyone know if I add /etc/event.d/ttyS0 so I can support a serial adapter, is there any way to apply that device without rebooting?
<qman__> Hypnoz, sudo start ttyS0
<Hypnoz> qman__: OH SNAP you da man!
<Hypnoz> qman__: was trying telinit q and telinit u, but I'm wondering if those only apply to the old init.d system, not event.d
<qman__> yeah, all that stuff is gone away in ubuntu now
<Hypnoz> qman__: "start" and "stop" are for event.d I'd guess?
<qman__> yes
<qman__> and 'service' is now in ubuntu by default, for the rest
<Hypnoz> like the RH command, i can do service network restart?
<qman__> yes
<Hypnoz> maybe some motivation to move up from 8.04 at some point
<Hypnoz> but I'm kinda hesistant to dist-upgrade all my servers ... if it ain't broke don't fix it
<lullabud> oi... just booted up an AIX machine.  this thing is like a haunted house.
<lullabud> ksh default, and the up arrow moves the cursor upwards on the screen
<lullabud> hah... boy do I love gnu.
<Hypnoz> eek quick reimage
<lullabud> if you can believe it, some of our customers actually still use AIX.
<twb> And I bet service(8) ignores policy-rc.d(8) >:-/
<Psi-Jack> I'm considering trying out the Ubuntu-Server 10.4 beta1 for it's UEC. How reliable is that if anyone else by chance uses it yet?
<lullabud> Psi-Jack: i'm running it in a vm to host mediawiki and do miscellaneous tasks and it's working fine for me.
<Psi-Jack> Oh yeah? Cool. I know 10.4 is due to release by the end of next month, so I hoped it was reasonably stable at the moment with all the freezes.
<Psi-Jack> And 10.4 is the new LTS?
<lullabud> Psi-Jack: yeah, LTS.
<Psi-Jack> Will be anyway. ;)
<lullabud> Psi-Jack: it seems like a lot of the issues, as always, are tied to GUI apps, so if you go headless you're much less prone to problems.
<lullabud> Psi-Jack: that being said, i just upgraded a gui install with zero problems.
<Psi-Jack> Right, and my server is headless. ;)
<Psi-Jack> I only plan to have GUI by UEC standpoints.
<Psi-Jack> Which is totally web based as I understand.
<Psi-Jack> Web/CLI that is.
<lullabud> Psi-Jack: well, join us in #ubuntu+1 if you're taking the plunge
<lullabud> Psi-Jack: beta2 comes out april 8th, so you may want to hold out another 2 weeks...
<lullabud> er... week and a half
<Psi-Jack> I can always upgrade or dist-upgrade, no? ;)
<Psi-Jack> These aren't live production servers anyway, just gathering ideas and trying out various options.
<Psi-Jack> OpenSUSE with it's Xen Hypervisor approach, which seems really nice.. Citrix XenServer, which is effing awesome, but limited. And now, UEC, which I don't like some of it's approaches, but until I actually try it, I can't knock it.
<fluvvell> for those in on the question re XDMCP, has anyone tried a simple ssh -X login with a gnome-session, and / or seen scripting to make that work well and automated for a client ?
<lullabud> fluvvell: ssh -X/Y work fine, as does Xnest
<fluvvell> lullabud, my understanding was that xnest uses tsclient  ?
<lullabud> fluvvell: i think that's vice versa...
<Psi-Jack> heh.
<Psi-Jack> In the UEC, what is Walrus?
<fluvvell> lullabud, I think i mean that the client machine logs in with tsclient.  I'd need to install xnest on the server. Prob I have is that we have virtualbox running with port 3389 in use and I haven't checked if I can do both at once
<lullabud> fluvvell: no, that's not true.  tsclient is a client for logging in with various other methods, like MS RDP and such.  xnest basically is network redirected X sessions, just like ssh -Y but with a windowed desktop.
<lullabud> fluvvell: you can get something similar if you ssh -Y and then run startx, but it's not in a window.  xnest nests the remote X session in a window so you don't end up with two docks, two of everything
<lullabud> all overlapping each other...
<lullabud> fluvvell: first google link validates most of that... - http://en.wikipedia.org/wiki/Tsclient
<lullabud> ..that is, first google result for "tsclient"
<lullabud> fluvvell: oh, so back to server vs client, you don't need to install xnest on the server, you have to have xnest on the client.
<fluvvell> lullabud, yes - though the nail I'm trying to hit is to replace XDMCP. My user was working well in Jaunty, when upgraded to karmic the XDMCP support failed. So she only needs to show one desktop, that of the session on the server. I've gotten around the lack of a  server-locating utility in gdm by starting her client machine with kdm. But for some reason, (I suspect the version of xorg at this stage) there are no XDMCP servers showin
<fluvvell> g.
<lullabud> oh, i see, i see...
<lullabud> then no, xnest is not what you need.
<fluvvell> Sry, that was a long post
<lullabud> fluvvell: there are some conf files you can tweak, i forget which, that enable/disable xdmcp.  i think it's xorg.conf... might have some notes around somewhere....
<fluvvell> no, but If I could think through the ssh /startx thing, I could probably work it out.
<fluvvell> lullabud, yes. I've just been down to the site and I think the fact that he has the ATI commercial x server stuff installed, thats where the issues begin - that and possibly compiz
<lullabud> hmm.  compiz, i don't know... never done that with xnest.
<fluvvell> which i should disable, and start with a bog standard setup.
<fluvvell> and the fact that its a cafe and its the lunch /2h period, I've skipped away to lick my wounds and think it out. :-)
<lullabud> well, they are surely moving away from xdmcp.  i hadn't used it in a long time, but looking now it's clear that they're doing away with it for some reason.
<lullabud> they say it's insecure, which i can't validate...
<lullabud> perhaps they're moving to vnc or something...
<lullabud> vnc has never been reliable for me in linux though, so it's disappointing to see xdmcp being dropped.
<lullabud> the xdmcp support on the 6.06 livecd saved my ass one time when i had to configure a solaris machine that had no monitor port.
<twb> What's this about dropping XDMCP?
<lullabud> twb: eh, gnome is moving away from xdmcp
<lullabud> twb: it's no longer a login option to connect to a remote machine rather than the local...
<lullabud> and it's missing from other places too
<twb> FSVO gnome = gdm?
<lullabud> fsvo?
<twb> For Some Value Of
<lullabud> uh... yeah, gdm-2.20 is now considered "legacy"
<lullabud> and it's the last version (afaik) that supports xdmcp
<lullabud> the newer versions do not support it, and are default in 9.10 and 10.04
<twb> Annoying, but as long as Xorg (and xdm) continues to support it, I don't care too much.
<twb> I wonder what the LTSP people had to say about it
<lullabud> well, that's part of my disappointment... i just did  "grep -ri xdmcp /etc/" and didn't find it in anything xorg related on 10.04
<fluvvell> there didn't seem to be much development going on in the ltsp crowd either
<fluvvell> but the XDMCP indifference is definitely at Gnome level rather than Ubuntu
<twb> RFB is retarded compared to X11.
<fluvvell> and it *is* insecure, but what with ssh or ssl surely there is a way to seal any cracks -
<twb> It's only when you get insane amounts of layered gradients, like in GTK2 or OpenOffice or xulrunner, that RFB actually starts being faster.
<twb> Oh, and bloody client-side font rending
<fluvvell> RFB ?
<twb> fluvvell: RFB is the protocol that VNC is a thin wrapper on top of.
<lullabud> fluvvell: oh, well, it looks like it's dead simple to enable xdmcp server-side stuff in 10.04.  edit /etc/gdm/gdm.schemas, just change "disable" to "enable" and it works....
<lullabud> i jsut tested it between OSX and 10.04
<twb> http://en.wikipedia.org/wiki/RFB_protocol
<fluvvell> twb, yeah I'm using vnc in a number of cases, and while it solves the immediate problem its not the answer to everything
<twb> lullabud: my last OS X host was a glorified X thin client ;-)
<twb> fluvvell: RFB is a "lowest common denominator" protocol.
<lullabud> twb: yeah, but it was probably the thinnest client ever.
<lullabud> :P
<lullabud> following after steve job's as the thinnest ceo ever....
<lullabud> s/job's/jobs
<twb> lullabud: it was a 330MHz bondi blue running 10.2, acting as a remote head for a 3GHz workstation
<lullabud> hey, g3's are still useful!
<lullabud> now i'm going to have to run out to the curb and get that one that's next to the trash can...
<uvirtbot> New bug: #552238 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/552238
<Maletor> I just set up parted (from the expert install of the alternate CD) with a RAID1 with /boot on it and all three drives it mirrors have a bootable flag. And a RAID5 with a lvm on it that contains root filesystem and swap space. Will my kernel be able to find and mount the root filesystem at boot?
<twb> Try it and see.
<Maletor> I will. I am hoping for the best twb.
<Maletor> Finishing install of base system now...
<twb> As you were told yesterday, this is the wrong channel for support for desktop ("desktop" and "alternate" CDs) installs.
<Maletor> Nobody knows what a LVM on that channel is...
<fluvvell> that doesn't surprise me
<twb> Well, we *did* suggest you use the server install CD.
<Maletor> Right, I will probably have to do that if this fails. Even if I do drop to command line to set up fstab and mdadm, how can I be sure what I am doing is right. I first started with gentoo and followed the docs and got help on IRC and that had a kernel panic where it couldn't find the root partition.
<twb> Maletor: I can help you if you go to the debian-installer partition manager (d-i partmgr) step on the server install CD.
<twb> And assuming a clean install.
<twb> Doing it any other way is more effort than I can be bothered going to on your behalf.
<Maletor> I may take you up on that offer twb. I'll let you know how this goes.
<sbeattie> Maletor: it should be able to, though there's been some trouble in lucid booting off of lvm+raid.
<Maletor> sbeattie: thanks, yes, i've heard lucid is very unstable from pretty much everybody
<twb> Until it's released, it is /by definition/ unstable.
 * sbeattie eyes his two lucid systems carefully. :-)
<qman__> I installed karmic server on a raid 1 with LVM just yesterday
<qman__> it was smart enough to figure it out
<twb> That's not the same as "buggy"
<qman__> which surprised me greatly
<qman__> since it's the first time that's ever happened for me
<fluvvell> I wouldn't have said it was pretty unstable. but I don't have any of my raid machines running it.
<Maletor> hqman__: did you install from server?
<Maletor> qman__
<qman__> yes
<qman__> Maletor, you could always install ubuntu server, then install the ubuntu-desktop package on top
<qman__> of course the GUI is not supported here
<qman__> but the install process would be
<Maletor> Houston, we have lift off.
<Maletor> Let me just verify the RAID and LVM and I will be ecstatic.
<qman__> cat /proc/mdstat
<Maletor> And what is the command 'dh -i' for where filesystems are mounted?
<qman__> I usually use 'mount' to do that
<qman__> and df -h to check filesystem usage
<Maletor> Yup, everything is working magically. This is fantastic.
<Maletor> lvextend works too. This is sweet. Thank you everybody.
<twb> OK, I have a host here with three rtl8169's in it.  mii-tool can't tell me which one is connected, because apparently the driver doesn't support that ioctl.
<twb> How can I non-destructively determine which NIC has a cable plugged in (so I can label the NICs with eth0 through eth2)?
<twb> Hmm, I suppose worst case is I can connect it to another host (instead of just a switch), and stick pings over a transiently-static configuration.
<qman__> twb, mii-tool works for me on rtl8169s
<qman__> those are what I mostly use, since they're a great way to go gigabit for about 15 bucks
<maxagaz> is there a way to check which computers are connected to samba ?
<qman__> maxagaz, I'm sure it could be done with netstat, though there may be a higher level tool for it
<cmeiklejohn> maxagaz: smbstatus maybe?
<eagles0513875> hey guys im having issues with vi over ssh
<twb> eagles0513875: expand.
<eagles0513875> twb: basically work in vi then all of a sudden it feels like it freezes
<twb> eagles0513875: you're hitting ^S.  Type ^Q to fix it.
<eagles0513875> im not hitting annything
<eagles0513875> this is while typeing lets say some programming in c++
<twb> OK, what kind of line speed are we talking?
<eagles0513875> lan
<eagles0513875> 100mbps
<eagles0513875> server nic being gigabit
<eagles0513875> and desktop im on gigabit as well
<eagles0513875> what even stranger it only happens with vi
<twb> OK, check the load average and the iowait on the remote host.
<eagles0513875> atm i have no load on it
<eagles0513875> im the only one who has access to it
<eagles0513875> if i use nano this doesnt happen
<twb> Talk to #vim, then.
<eagles0513875> twb: could it be an issue with ssh
<eagles0513875> cuz it seems from what i can tell by the ssh program im using it ends up one way the connection
<eagles0513875> the server is getting input just not sending back output
<twb> How did you determine this?
<eagles0513875> im using xshell ssh program on windows and it has arrows to show input to the remote machine and whats getting sent back out to said client
<twb> Just because your client receives nothing doesn't mean the server isn't sending anything.
<twb> If you kicked out the cable, you'd see the same behaviour.
<eagles0513875> i havent been anywhere near them
<twb> Ask dmesg if the link has been bouncing lately
<qman__> I get that kind of behavior when I have a poor wireless signal
<qman__> moving my laptop to get a better signal fixes it
<qman__> but, on a LAN
<qman__> it would have to be bad cables or faulty hardware
<twb> qman__: or something like NM playing silly-buggers
<qman__> or some bizarre software issue
<twb> Ah, xshell apparently proprietary crap.
<eagles0513875> twb: and qman__what doesnt make sense though is why does it only do this on vi and not anythign else like nano
<eagles0513875> twb: i like it so i can consolidate all ssh connections into one program with multiple tabs
<twb> I presume there are extraneous factors that prevent you simply running Ubuntu on your workstation
<eagles0513875> twb: said desktop is windows said machine in question is nix
<eagles0513875> bah got no help in vim
<eagles0513875> random thought
<eagles0513875> since im on 64bit ubuntu server should i install ia32libs to be save
<twb> I think you're misdiagnosing the symptoms, and I'm still waiting for the results of the diagnostics I asked you for.
<eagles0513875> twb: not showing anythign out of the ordinary in dmesg and syslog
<twb> Can you reproduce the symptoms on demand?
<eagles0513875> twb: i can reproducd them yes just have to work with vi for a few
<twb> Can the server address your Windows desktop directly (i.e. no NAT)?
<eagles0513875> im using static ips on both  and yes it can
<twb> On the server, run "mtr <workstation IP>", and hit d once.
<twb> You should see horizontal line(s) of "." crossing the screen.
<twb> When there is no network, it'll print a ? instead of a .
<eagles0513875> didnt do anything like that
<eagles0513875> it just brought up an empty traceroute
<twb> You need to hit "d"
<eagles0513875> i did
<eagles0513875> i have some latency values
<twb> eagles0513875: you should have at least one line in the table, starting with "1. <host name or ip>"
<eagles0513875> going to take a few need to hook up my monitor directly to the server
<twb> Whatever
<qman__> twb, I get nothing of the sort doing that
<eagles0513875> twb: if im doing it via ssh its not givine me an ip but latency values
<twb> It should look like this: http://paste.ubuntu.com/406887/
<qman__> yeah, it doesn't look like that
<eagles0513875> im not getting anythign of that sort either
<twb> ...except with fewer entries, because there aren't any hops on your LAN
<qman__> also, that's what page it opens to
<qman__> but I don't get anything at all in the list
<eagles0513875> me neither
<twb> Try mtr 8.8.8.8
<qman__> that works as expected
<twb> Or even "mtr 127.0.0.1" should have at least one entry
<qman__> ah, working now
<twb> I don't know why it isn't/wasn't working for you.
<eagles0513875> 8.8.8.8 and lo device both have something for me
<qman__> I don't either
<twb> You could try mtr -n <IP>, if it's a DNS issue
<qman__> maybe something wrong with the client IP I was using
<eagles0513875> when you say workstation ip do you mean teh host or destination
<eagles0513875> taht you are on
<twb> eagles0513875: AFAIK you have two hosts, a workstation (running xshell) and a server (running sshd and vim).
<twb> On the server, run "mtr -n <workstation's IP>'
<eagles0513875> ok
<eagles0513875> nothing still
<twb> Then your network's totally buggered, and you need to make that work.
<eagles0513875> :-/
<twb> eagles0513875: are you the network admin, there?
<eagles0513875> its a small home network
<eagles0513875> lol only one in this family who understands in computers
<eagles0513875> wait a min
<eagles0513875> could me having bind installed but not configured be the issue here
<eagles0513875> at least to networking
<qman__> not really
<eagles0513875> cuz i tried to ping my current machine im on from server and it wasnt resolving
<qman__> it would have an effect but by IP things should still work
<eagles0513875> super high latency more like it
<qman__> well, there you go
<eagles0513875> found the answer
<qman__> find out what's causing the latency and fix/replace it
<eagles0513875> restarted networking
<eagles0513875> and its fine
<eagles0513875> so its a bug in networking somewhere in ubuntu server
<twb> qman__: it wouldn't surprise me if he has an appliance router or switch, and it got confused after a power outage.
<eagles0513875> no power outages here though twb
<eagles0513875> im on a linksys
<qman__> yeah, I've had that happen before, as well as them burn up
<twb> Stupid cheapo switches...
<eagles0513875> qman__: think im goign to buy a new one cuz this one is starting to piss me off
<qman__> I use a PC running ubuntu server with 4 NICs in it as my router
<twb> Real Soon Now manglement will turf them and actually fix the wall points, so that we can just use the UPS-backed switch in the rack.
<qman__> but I have a somewhat complex network
<twb> Oh yeah, and replace the battery in the UPS :-/
<qman__> heh, yeah
<qman__> UPS makes all the difference, even without power actually going out
<qman__> everything just works happier
 * twb hits manglement with a trout
 * eagles0513875 tries vi again
<eagles0513875> not happening again
<eagles0513875> seems like its a bug in ubuntu networking
<maxagaz> cmeiklejohn, yes smbstatus!
<maxagaz> cmeiklejohn, thanks
<qman__> eagles0513875, a hardware problem is far more likely
<eagles0513875> qman__: this server is brand new
<eagles0513875> qman__: as it only does this with vi and no other editor
<qman__> cables, your linksys
<qman__> that stuff does get flakey sometimes
<eagles0513875> qman__: true
<eagles0513875> qman__: after resetting networkign on ubuntu its fine and happy
<qman__> could also be a problem with the NIC driver
<qman__> or if you've got networkmanager running
<qman__> which you shouldn't, networkmanager just causes problems
<eagles0513875> trust me i know
<eagles0513875> about nm
<eagles0513875> im nothing but commandline on my server
<eagles0513875> tbh kinda prefer it
<eagles0513875> the nic's are both broadcom nics
<eagles0513875> one is a pcie nic the other is a normal nic both gigabit
<qman__> what do you mean by "normal"
<twb> NM is a headless daemon.
<eagles0513875> qman__: normal pci nic im guessing and the other uses the pcie bus
<eagles0513875> it did it again
<eagles0513875> froze or lost connection
<uvirtbot> New bug: #552360 in squid (main) "package squid 2.7.STABLE7-1ubuntu11 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/552360
 * eagles0513875 will have to try ssh via my macbook to soee if same issue with vi locking up occurs
<jeffesquivel> wow... incredible how some people pay up to $3 700 for having RHEL pre-installed on their servers
<jeffesquivel> I wonder if they come with something beside installation and upgrades
<_ruben> support probably
<jeffesquivel> _ruben, right... forgot about that one, he he
<sebsebseb_> hi
<jeffesquivel> sebsebseb_, hi
<kaushal> hi
<kaushal> model name : Intel(R) Xeon(R) CPU E5504  @ 2.00GHz
<kaushal> do i need to install amd64 or is there a x86_64 hardy image ?
<Jeeves_> amd64 will do
<kaushal> Jeeves_: Thanks
<kaushal> so there is only i386 and amd64 image only ?
<Jeeves_> afaik, yes
<_ruben> amd64 == x86_64
<_ruben> as in: the amd64 install media install a x86_64 kernel
<alvin> How would you determine the ftp software on a server if you are sitting at the client. Is it even possible?
<nimrod10> alvin, if you telnet to it, it should say the software and version
<alvin> nimrod10: Thanks!
<alkisg> Hi, I want to restrict access to the nbdrootd service to local networks only. Is the following correct?
<alkisg> a) in hosts.deny, put: nbdrootd: ALL
<alkisg> b) in hosts.allow, put: nbdrootd: 127., 10., 192.168., 172.16.-172.31.: keepalive
<obea> how to dpkg use wildcard character
<obea> dpkg -l mysql* ?
<guntbert> obea: never tried but *if* it works then you should put quotes around the pattern to hide the * from the shell
<obea> yeah dpkg -l Â¡Â®*mysql*'    thx!
<obea>  ;)
<thefish> can anyone comment on mdadm using "raw" disks (/dev/sdx), or partitions (/dev/sdx1) and which is better and why?
<proppy> Hi, is it possible to setup an ubuntu entreprise cloud across multiple data center ?
<ttx> proppy: it is possible to setup separate "clusters" (availability zones), but they will depend on the same "Cloud controller" front-end.
<proppy> ttx: is LAN connection required between all the "clusters", and the "controller" ?
<ttx> proppy: yes. Otherwise you should install two separate "clouds"
<ttx> well, not LAN connection
<ttx> can be WAn
<ttx> the cluster controller and the cloud controller need to be able to talk to each other, but not necessarily on the same network.
<proppy> one "cluster" = one "physical host" ?
<proppy> one "cloud" = multiple "physical host" on the same network ?
<ttx> no, a cluster is made of a cluster controller, a storage controller, and one or more node controller
<proppy> oh ok, "node controller" = one "physical host"
<ttx> node controller is one physical host running lots of VMs, yes.
<proppy> so we can have a "cluster" in house
<proppy> another in running on a dedicated server
<proppy> and having them part of the same "cloud"
<proppy> given that each cluster controller is able to talk to the cloud controller
<proppy> is it possible to provision image on multiple clusters ?
<alvin> thefish: I have no idea, but the Debian installer uses partitions if you set up md devices during install
<thefish> alvin: cheers, ubu does the same
<thefish> but ive set up raid6 here on raw devs
<thefish> i cant think why that would be bad
<alvin> thefish: I meant Ubuntu actually. Ubuntu uses the Debian installer. (unmodified?)
<alvin> me neither. Go ahead
<thefish> if mdadm scans /proc/partitions it sees both
<alvin> If I set up LVM, I also use raw devices. (Same for ZFS)
<proppy> ttx: thanks for all these informations
<thefish> im going to stick to the debian method, im sure theres something they know that i dont
<thefish> ye ill be using lvm on top of this md
<ttx> proppy: yes, the image registered in one "cloud" should be available to all "clusters"
<alvin> For ZFS, it is recommended to use raw devices, but I'm pretty sure the reason for that is not valid for mdadm.
<proppy> ttx: is there some kind of synchronisation available for the multiple storage controller, across the cloud
<proppy> for EBS-like storage
<ttx> proppy: I think multiple SCs will sync, but I'm not exactly sure, sounds like a question for #eucalyptus
<proppy> ttx: yes, I will ask there, thanks a lot for your help
<ttx> proppy: np
<obea> Â¡Â° /usr/sbin/dpkg-reconfigure: uptrack is broken or not fully installed
<proppy> Hi, does uec support non-VT hardware throught Xen or Qemu/kqemu ?
<Omahn> proppy: Kirkland should be able to give a conclusive answer but I believe the reponse will be no as UEC uses KVM.
<sherr> the fish: re: MD on top of raw partitions. According to Steven Ellis at Linux.conf.au 2010 :
<sherr> http://mirror.internode.on.net/pub/linux.conf.au/2010/tuesday/index.html
<sherr> They are not so good - makes it harder to move disks to another system (backup/recovery). A single partition takes a very small amount of space and is more compatitible with the tools.
<sherr> Even : thefish :-)
<thefish> sherr: ok ta
<thefish> sherr: same for lvm?
<sherr> thefish: I use LVM over MD over partitions. Works well.
<thefish> sherr: so just pv on eg /dev/md0 ?
<RoyK^> hi. solaris has a command, pstack, to see the stack from a coredump - any idea if linux has something similar? the pstack available in ubuntu doesn't show this
<sherr> thefish: yes, that's right.
<thefish> cool, thanks sherr - thats what ive usually done
<kirkland> proppy: Omahn: well ....  i suppose it kinda does support non-accel QEMU, as UEC just runs "kvm", which by default, if no VT hardware is present, it just disables kvm-acceleration and runs in godawful-slow mode
<kirkland> proppy: Omahn: as to the other points, upstream Eucalyptus supports Xen, I believe, but Xen in Ubuntu is universe-supported, and very much untested with UEC
<kirkland> proppy: Omahn: and kqemu doesn't exist anymore, sorry.
<hggdh> ttx: a bit of PM?
<alvin> Why is this command not working?
<alvin> $ sudo qemu-img -c -O qcow2 disk-raw.img disk.img
<alvin> Oh,... I know
<alvin> (Sorry to bother. The 'convert' part was missing)
<ttx> hggdh: just a sec
<ihernandez> hello. i have a server that now is a NX server for several clients on the office
<ihernandez> now i want just to export /home with nfs and use some kind of Network Authentication for account
<ihernandez> the nfs export goes fine... but when it comes to the central network authentication thing i don't know really which tool plays what role. OpenLDAP, Kerberos...
 * zul dislikes dentists
<alvin> ihernandez: I'm also interested in that. Let us know if you find documentation that works with Ubuntu
<ihernandez> alvin, i have been told by a user on #ubuntu that with ldap + nfs all users can login from all machines and have they data
<ihernandez> the nfs docs on ubuntu site are great, and they work pretty well
<alvin> Yes, they should.
<ihernandez> https://help.ubuntu.com/9.10/serverguide/C/network-file-system.html
<ivoks> VMBuilder.exception.VMBuilderUserError: No such hypervisor. Available hypervisors: vmserver esxi xen kvm vbox vmw6
<ivoks> where did qemu go in 10.04? :D
<ihernandez> but ldap docs are a nightmare
<ivoks> zul: ^^ ?
<ivoks> ihernandez: which ldap document is wrong?
<ivoks> ihernandez: which version of ubuntu are you using?
<Omahn> I'm about to upload a debdiff that (hopefully) resolves an old issue in exim4 in hardy. Once I upload the debdiff should I subscribe ~ubuntu-sponsors to get someone to build the -proposed package?
<alvin> There is nothing to find about NFS4+kerberos, and there are bugs filed against the ldap documentation. ldap has split the packaging. For someone without experience, the whole ldap story is very confusing.
<ivoks> http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<ivoks> ldap ^^
<alvin> looks better than last time, thanks
<alvin> I'll try them out in a few weeks
<ivoks> that's for karmic and newer
<proppy> Omahn: kirkland: thanks for these informations
<ivoks> soren: hi; isn't qemu supported in vmbuilder?
<soren> ivoks: Just use kvm.
<ivoks> soren: on machines that don't support kvm?
<soren> ivoks: The image has no kvm-specific things in them.
<ivoks> soren: that won't work
<ivoks> soren: i get:
<soren> ivoks: How do you figure that?
<ivoks> libvir: Domain Config error : internal error no supported architecture for os type 'hvm'
<ivoks> so, image is built
<ivoks> and vmbuilder dies on creating xml file
<ivoks>   File "/usr/lib/python2.6/dist-packages/libvirt.py", line 1119, in defineXML
<ivoks>     if ret is None:raise libvirtError('virDomainDefineXML() failed', conn=self)
<ivoks> libvirt.libvirtError: internal error no supported architecture for os type 'hvm'
<soren> Ah, right, yes, if you try to use the libvirt stuff as well.
<soren> ...was that ever supported?
<ivoks> i think it worked in 8.04
<ivoks> i'm sure qemu, without kvm, worked in 8.04 trough libvirt
<soren> ivoks: Feel free to file a bug.
<ivoks> soren: ok :)
<soren> ivoks: Oh, and it still does.
<soren> ivoks: It's purely a VMBuilder issue.
<ivoks> that's obvious
<ivoks> :)
<ihernandez> ivoks, 9.04 on server
<ihernandez> ivoks, 9.10 the last docs i checked. the docs are not either right or wrong. they are confusing.
<ivoks> ihernandez: http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<ivoks> ihernandez: that's it :)
<ihernandez> ivoks, yes. it's damn confusing!
<ihernandez> and as docs don't go further on what are you doing ... it's a mess
<RoyK^> 10.04 should be out soon...
<ivoks> ihernandez: book a course
<sherr> ihernandez: There are a few options available you e.g. OpenLDAP, LDAP-other, NIS etc.
<sherr> ihernandez: IRC is hard to do support/training on sometimes.
<sherr> Google has lots and lots of resources on authentication. Some very well writen.
<ihernandez> sherr, i did google a lot, of course.
<ihernandez> sherr, but most points to the ubuntu documentations
<ihernandez> i will have to read just NIS howto
<ihernandez> and more general resources
<sherr> ihernandez: NIS is less recommended (and insecure) but fairly easy to set up.
<ihernandez> as there is no straightforward howto to setup network authentication
<ihernandez> sherr, yes. i know . that's the reason i'm trying to set ldap
<sherr> ihernandez: "setup network authentication" is a large book ... :-)
<sherr> Have a look at Apache's Directory - seems to look good, has a GUI front-end etc.
<ihernandez> i'm just complaining about... let's say... very common tasks requiring large books
<ihernandez> i will :)
<ihernandez> thanks
<ivoks> ihernandez: ubuntu training provides excellent courses
<ihernandez> ivoks, online?
<ivoks> ihernandez: there's ubuntu server course that will explain you everything
<ivoks> ihernandez: yes, even on line
<ihernandez> sorry, wronk shortcut
<sherr> ihernandez: It's hard doing docs, support, training, etc. You have to search hard sometimes. But there are decent docs around. Sometimes in more than one document though ...
<ihernandez> go for lunch! be bacl!
<ihernandez> back : )
<sherr> http://directory.apache.org/ (it is Java however)
<\sh> sherr, the gui frontend is an eclipse plugin ;)
<ivoks> yeah, and it rocks
<ttx> ivoks: I have two papercuts bugs left for you, just in case you can work on them
<ttx> (or invalidate them if they are not simply-fixed papercuts)
<ivoks> ttx: sure; i'm finishing my work in UK today, so i'll have time starting tomorrow
<ttx> bug 321091 and bug 552622
<uvirtbot> Launchpad bug 321091 in server-papercuts "Bacula fails to install correctly if mysql wasn't installed before" [Medium,Confirmed] https://launchpad.net/bugs/321091
<uvirtbot> Launchpad bug 552622 in server-papercuts "Installing scsitools pulls in Tk and X" [High,Confirmed] https://launchpad.net/bugs/552622
<ttx> ivoks: get up early while it's still wednesday somewhere :)
<ivoks> huh? why?
<ivoks> another deadline? :D
<ttx> hggdh: I'm ready now
<ttx> ivoks: beta2freeze :)
<ivoks> argh...
<RoAkSoAx> ivoks, we need to get the cluster packages too :)
 * ivoks will move to RedHat
<ivoks> a lot less releases; more time to do some work :D
<RoAkSoAx> lol
<ivoks> ok, so... i'll stay awake this night
<ivoks> and try to get this all done
<RoAkSoAx> lol
<mdeslaur> zul: bug 552636
<uvirtbot> Launchpad bug 552636 in bacula "bacula-server 5.0.1: package update should warn about required database update" [Undecided,New] https://launchpad.net/bugs/552636
<RoAkSoAx> i'll be back in an hour to start testing
<ivoks> and i expect to see pacemaker in main, as a reward for all this work :D
<zul> mdeslaur: thanks
<ivoks> ok
<ivoks> another thing to work on
<ivoks> sometimes i feel like only packages that fall apart are those that i'm working on :/
<ivoks> i'm a jinx
<RoAkSoAx> ivoks, haha pacemaker is now 1.0.8
<uvirtbot> New bug: #552636 in bacula (main) "bacula-server 5.0.1: package update should warn about required database update" [Undecided,New] https://launchpad.net/bugs/552636
<zul> mdeslaur: ill take a look at it this afternoon/tomorrow
<Xbert> is there anyway to update more than one installation/server at a time?
<RoyK^> Xbert: landscape :Ã¾
<Xbert> anyway to do it without landscape
<RoyK^> Xbert: I don't know any open source systems for it, though. if you find one, let me know :)
<Xbert> atm I do it with and SSH script but its really messey and I have to enter the root password around 8 tmes
<RoyK^> use ssh keys
<Xbert> ssh keys are only used to login not for sudo commands
<RoyK^> visudo - set NOPASSWD
<Xbert> it that safe?
<Xbert> is*
<RoyK^> or just sudo ./myscript
<RoyK^> it's safe so long noone gets your password
<RoyK^> but then, if someone gets your password, they can sudo in anyway
<Xbert> I cant sudo the script it does not pass sudo to the remote machine, that would just run the script  on my local machine with root priv
<RoyK^> but again, if you leave your terminal open and you have NOPASSWD set, you have a problem
<Xbert> that what I mean having no sudo password is a bad idea on 8 servers
<RoyK^> ssh server sudo /run/this/script.sh
<RoyK^> but then, without NOPASSWD you'll have to type your password for each server
<Xbert> the problem is not really entering the password 8 time but I have to remember 8 password as each server has it own pasword
<Xbert> I guess landscape is the only way
<RoyK^> erm - your user account has different passwords on each server?
<Xbert> the sudo users does
<RoyK^> sudo uses your password, not the root password
<Xbert> sudo uses the password of anyone in the sudo group
<RoyK^> why don't you allow your own account sudo access?
<RoyK^> that's the whole point of sudo
<RoyK^> no common password
<Xbert> I do but I have 8 different passwords, one for each server
<RoyK^> why?
<Xbert> I cant have them the same incase I have to get the password to somewhere to do something for me
<Xbert> give*
<RoyK^> using sudo correctly you never have to give your password away
<RoyK^> just allow a user to do this and that as another user
 * RoyK^ NEVER gives his password away
<Xbert> then point is I cant have any passwords the same on any system as it is policy
<RoyK^> erm
<RoyK^> why aren't you using a central password database?
<RoyK^> like ldap or even nis?
<Xbert> if i'm ill or something at least this way i can give someone 1 password then change it later, the worst they can do then is mess only 1 server up
<Xbert> they are 8 server for different companies
<Xbert> they all have different users
<Xbert> I admin them all
<RoyK^> well, NOPASSWD won't hurt
<RoyK^> or setup cron-apt or something and let the systems do the updates themselves
<Xbert> I can't have an account with no password, so a sudo with no password would loose me my job in about 10sec
<Xbert> I think when we do the upgrade to the OSs I'll have to change to a real enterprise linux
<RoyK^> heh - you use ssh keys to get in and then nopasswd with sudo to login as root. nobody can get in unless they have your password for your computer
<Xbert> yeah but if anyone see that I have an account with no password I'll get fired
<RoyK^> or $150 per server per year for landscape
<RoyK^> you can't do all with landscape, though
<RoyK^> "real" enterprise linux?
<RoyK^> like redhat?
<RoyK^> ubuntu is just as "enterprise" as redhat is
<RoyK^> and if you can afford redhat, you can afford landscape
<RoyK^> it's not an account with no password
<Xbert> ubuntu server lacks many things redhat have
<RoyK^> give me an example, please
<Xbert> I like ubuntu very much, but lately I've been think it just not enterpise ready
<Xbert> well push update
<RoyK^> landscape?
<Xbert> that would increase the cost of the servers
<alvin> I'm with Xbert on that one. I like Ubuntu far more than RedHat, but RedHat is more stable (at least for the things I need)
<RoyK^> it costs less than redhat and works well with our system with some 30 ubuntu boxes
<Xbert> the reason we use linux is cost
<Xbert> yeah but we have redhat support already
<RoyK^> Xbert: redhat costs more than a landscape subscribtion
<RoyK^> per server
<RoyK^> alvin: more stable ?????
<Hypnoz> I think even if linux cost as much as windows, we'd still use linux
<Xbert> but that is another cost on top of that
<alvin> RoyK^: Absolutey. Do you want examples?
<RoyK^> please
<Xbert> upstart for a start, that is so buggy
<alvin> give me a moment. I have written them down
<alvin> yes, upstart is the worst by far
<Xbert> grub 2
<Xbert> that quite bad too
<RoyK^> Xbert: redhat costs like $350 per server per year, landscape $150, and redhat alone doesn't allow for push updates, for that you need an extra product
<Xbert> yeah but we have redhat support already, I look for away to no add more yearly cost
<RoyK^> what's so bad about it?
<Xbert> grub 2 is a mess
<Xbert> it fails to find kernals
<Xbert> and is a nightmare to edit manually
<RoyK^> for those 30 ubuntu machines we have, I haven't seen such problems. Is that just me?
<Xbert> grub 2 should not be called grub, it nothing like grub 1 so much so it shouldnt be a new app altogether
<RoyK^> grub2 is not in use on ubuntu LTS
<RoyK^> and you should use LTS on servers
<Xbert> it included in server 9.10 and 10.4
<sherr> Xbert: when you say "update", you mean configuration etc.?
<Xbert> package update
<RoyK^> 9.10 is not LTS and 10.4 is in beta1
<Xbert> they will not remove grub 2 from 10,4
<Xbert> not now
<Xbert> its a feature they market
<RoyK^> 9.10 also doesn't use grub2
<RoyK^> not on this server I just checked
<sherr> 9.10 does use grub2 - but only on new installs (no prev. grub)
<RoyK^> ok
<Xbert> I don't want to sound like i don't like ubuntu, I do, alot, its just ot not reasdy for servers, it as ready for the server as fedor is
<alvin> RoyK^: I've written a post about it. https://lists.ubuntu.com/archives/ubuntu-server/2009-December/003574.html Since then, we have taken Canonical support, and I will now start feeding them some of these problems. (Yes, grub2 is buggy. I have servers that sometimes can't find their root device, resulting in 80% failed boots. Other HDD and reinstall does not work. Older Ubuntu does.)
<RoyK^> this one was upgraded
<sherr> I have avoided grub2 yet - and am glad so far ...
<Xbert> yes grub 2 is in server 9.10
<Xbert> i have it running right next to me
<Xbert> and it will be in 10.4 server too
<RoyK^> alvin: that's bad...
<Xbert> which is a bad move
<RoyK^> perhaps upgrading to 10.4 will have to wait
<ScottK> Last I heard Grub 2 was only for new installs
<alvin> It's bug 360378
<uvirtbot> Launchpad bug 360378 in linux "Gave up waiting for root device after upgrade then busybox console" [High,Confirmed] https://launchpad.net/bugs/360378
<Xbert> no idea why anyone thinks grub to is ready or any good tbh
<Xbert> brug 2 *
<Xbert> i don't know but yes i have new installs of 9.10 all running grub 2
<sherr> 9.10 used grub2 if no previous grub was present ...
<Xbert> i upgraded my laptop to 9.10 and i think it still has 1 yes
<Xbert> yeah that sounds right
<sherr> Debian lets you choose 1 or 2.
<alvin> It's not on all servers. That would create an outrage. But I have the error on 4 different servers. I just keep rebooting as workaround.
<Xbert> alvin, i have had the same problem 3 time on 1 system in 3 differnet reinstalls
 * ScottK didn't have any problems so far.
<Xbert> hehe, yeah i did the reboot dance for a while too
<alvin> Then please add a 'me too' on Launchpad
<Xbert> but then after a kernal upgrade it never found the new kernal and I try for an hour to work out how to manually edit grub2 menu and gave up confused as hell
<qman__> the jump to grub2 in 9.10 was premature, but hopefully they will round out the features for 10.04
<alvin> The cause of the bug is still unclear, but I'm using LVM on all servers. Could be a combination of grub2+lvm+something else. Anyway, it's nothing beyond a standard install.
<Xbert> qman__, the bugs are still there in 10.4 beta 1
 * alvin facepalm
<Xbert> something like that normally get fixed before beta or never
<alvin> In that case, I really have to test the beta some of these days
<alvin> I reported it (a duplicate) while Karmic was in RC
<Xbert> alvin, I had it on both lvm and no lvm systems
<ScottK> Lack of pre-release testing is generally a problem for Ubuntu Server because server people are a lot less willing to run pre-release stuff than Desktop people in general.
<alvin> Oh, so it's not lvm then
<RoyK^> still
<ScottK> So please test.
<RoyK^> 8.04 LTS works like a dream
<alvin> That could very well be correct
<Xbert> ScottK, yeah i get that, I am running 10.4 at home for my servers OS
<ScottK> Great.
<Xbert> but I really cant see me staying with ubuntu server professionally for a few more years
<RoyK^> alvin: and what other version will you be using than an LTS version for servers?
<RoyK^> well, use windows
<RoyK^> or just get lost
<RoyK^> no need for more trolling
<Xbert> so why get nasty?
<sherr> RoyK^: please keep it civil
<Xbert> I'm not, Im expressing my feeling on the matter
<alvin> RoyK^: Hey, hardy is LTS, but KVM guests kept crashing. At least that was fixed in Karmic. We had to move
<RoyK^> Xbert: have you even tried 8.04 LTS?
<qman__> I rather like karmic, I think it's a net gain
<qman__> and if they can fix the bugs for 10.04 it'll be nice
<Xbert> yeah I have been running ubuntu server for a few years and every version has show stopping bugs for a server
<alvin> That's a yes. Tested Hardy, Jaunty and Karmic for weeks. This involved a lot of bug triaging. I don't think I was being counter-productive.
<Xbert> I want newer version of samba on a updated OS, not messing with backports and manual installs
<sherr> Xbert: What about just removing Grub2 and installing Grub1? Testing that?
<Xbert> I cant risk the down time if it goes wrong, and I don't want to take anymore time setting up new servers and hacking on them out of the box
<qman__> removing grub2 and installing grub1 on a fresh karmic install is more work than it should be, it's faster to install 9.04 and upgrade
<Xbert> I have to have a explainable install procedure, I cant link to some wiki page and say do this, hehe
<qman__> I really think it should be an option in the installer
<qman__> with grub2 as default
<RoyK^> alvin: how does kvm scale, really?
<Xbert> qman__,  yes i agree
<Xbert> I compare ubuntu server to fedora, it a testing ground atm
<alvin> RoyK^: What do you mean by scale?
<qman__> I really hate fedora
<Xbert> I hope it become more enterprise friendly soon
 * RoyK^ pats qman__ 
<qman__> I'd use slackware or BSD over fedora any day
<Xbert> qman__, i've never got it running correct on any install i tried, so ubuntu wins the desktop for sure
<RoyK^> alvin: does it support guest smp? does it allow for failover to other hosts? how about overhead?
<alvin> Oh, it does support guest SMP, and live migration (but that last one is buggy and crashed libvirt. If I'm not mistaken, it's an apparmor thing)
<alvin> We want to use it for one physical server, and one spare. The server will run about 8 virtual machines. Now, I bring them down and migrate offline.
<sherr> qman__: no room for hate here surely?
<qman__> sherr, hate is probably too strong a word, but fedora has caused me so many problems
<sherr> Disagreements of course :-)
<alvin> KVM is evolving very fast
<qman__> I refuse to use it on any of my stuff
<Xbert> I don't like fedora to use but they give a lot back to all upstream so I good its there
<sherr> qman__: me too. A long time ago - but it is a very important dist.
<sbeattie> alvin: did you file a bug on the live migration crashing libvirt?
<Xbert> sherr, agreed
<alvin> sbeattie: There is one
<RoyK^> it's be nice to see a fancy gui fronting kvm
<sbeattie> alvin: okay. jdstrand has been pretty good about trying to fix up any issues like that.
<Xbert> has anyone even tried to edit a grub 2 menu?
<sherr> Xbert: I haven't - but reading, it appears straightforward
<alvin> sbeattie: It's very well possible it's fixed. I just don't like testing those things on production machines. I'm currently preparing some test machines.
<sherr> Xbert: I don';t like config in /etc - prefer /boot
<qman__> changing any grub2 configuration is a real trip
<Xbert> I'm confused to even why they changed from 1, I see no reason to change
<RoyK^> sherr: does it really matter where the config lies?
<qman__> it 'just works' a lot better than grub1 could
<qman__> but you're SOL if you need something custom
<Xbert> sherr, I'll have to re-read the doc on it, I was confused as hell
<sherr> Xbert: If I have >2 OS's to boot, I forget which one has the config for Grub. I have to boot into it to edit it or keep them sync'd?
<RoyK^> erm
<RoyK^> yes
<sherr> I can more easily share /boot
<alvin> sbeattie: Got it, bug 461528 it's fixed by jdstrand. Now I really have to try this again.
<uvirtbot> Launchpad bug 461528 in libvirt "apparmor blocks migration" [Medium,Fix released] https://launchpad.net/bugs/461528
<Xbert> I just wanted to add some switch to the kernal, I could make the changes stay
<Xbert> couldnt
<sherr> Mind you, maybe I am not the target audience and the plain fact is - Grub1 is unmaintained. Grub2 will get better.
<Xbert> I assumed the install that installed grub had the configs
<sbeattie> alvin: cool, it'd be great when you get a chance (and test machines set up again) to give it a go again. Thanks!
<RoyK^> sherr: heh - then better stay at grub1 until grub2 is fixed :D
<Xbert> grub 1 is unmaintained really?
<RoyK^> perhaps it doesn't need much maintenance :)
<alvin> No, it says here it's in main
<Xbert> why are they still updates being released for grub then?
<sherr> Xbert: I recall readng that it is not going to be developed further - no develpers want to work on it. Moved to Grub2.
<sherr> Maybe still getting some updates e.g. security
<Xbert> yeah I guess, grub 2 seems like a big jump for a distro at this point tho, but I guess the more uses it gets the better it gets, just never fast enough
 * RoyK^ is sceptical
<metalf8801> can I become root after I open nano? because I forgot to type sudo nano I just typed nano
<ScottK> No
<_ruben> safe the file in a place you do have write rights, then sudo mv it to the proper place
<_ruben> s/safe/save/
<metalf8801> ok thank you I'll do that :)
<Caspa> does ubuntu server have gui
<metalf8801> Caspa no
<Caspa> awesome
<metalf8801> but you can add a web gui like landscape
<metalf8801> or webmin which is free
<tyska> hello
<tyska> someone know UEC well?
<metalf8801> landscape isn't free
<metalf8801> what is UEC?
<tyska> Ubuntu Enterprise Cloud
<qman__> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<metalf8801> ubottu your kidding :( when did that happen?
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<qman__> metalf8801, webmin has been unsupported since about 6.10
<qman__> very long time
<metalf8801> I have it running on Ubuntu server 9.04
<sherr> metalf8801: people here seem to point people to ebox
<sherr> Looks quite good for web server config and admin (Ubuntu based I think)
<metalf8801> I just had to add the webmin ppa
<metalf8801> I guess I should give ebox another try or pay for landscape but sins I'm just using it at home right now its hard to justify the cost
<Xbert> there is a ppa for webmin?
<qman__> I just use SSH
<qman__> solves the problem
<Xbert> i just untared the tar and ran ./install.sh
<Xbert> webmin allow you to update from the GUI
<alvin> lol @ubottu
<qman__> sudo apt-get update && sudo apt-get dist-upgrade -y
<qman__> pretty simple
<alvin> (next, he'll tell you that XDMCp is unsupported as well, and that we should use some experimental form of RDP)
<qman__> let's test that theory
<qman__> !xdmcp
<ubottu> xdmcp is the X Display Manger Control Protocol -- look at http://tldp.org/HOWTO/XDMCP-HOWTO/ to find out how to configure it
<alvin> Last revision 2007, but so farm so good. We're still safe.
<qman__> interesting that it doesn't link to an ubuntu doc
<qman__> 7.04
<qman__> pretty outdated
<qman__> no way it'll work for current releases
<qman__> everything has changed
<alvin> Actually, I was half serious. I'm using Kubuntu as clients, so I'm not affected, but Ubuntu has lost support for choosing an XDMCP session in GDM. There are other methods of course. XDMCP is still working and TLDP can even be clustered these days. (Another thing I really have to try)
<qman__> ah, so it's a change in GDM
<alvin> Yes, not X
<qman__> I remember trying to set it up back on 6.10, but XDMCP wasn't compiled with SSH support
<qman__> in the package
<qman__> I would have had to compile it myself
<alvin> What I still like to find out is how we can send those nifty new X transparancy, wobbly, shiny bling over XDMCP
<qman__> interesting thought
<alvin> Oh, I'm only using it the old-fashioned way. Enable it, connect. No need for addd security on a local network.
<qman__> it would require client-side hardware acceleration to be worthwhile
<qman__> but does XDMCP run the theme manager server side or client side?
<alvin> Off course it would
<alvin> Well, server side I think.
<alvin> Server as in the traditional sense. Not in the X sense, because that's the other way around.
<qman__> yeah
<qman__> I have to turn that fancy stuff off anyway though
<qman__> for some reason it always memory leaks
<alvin> Intel card?
<qman__> usually run out of RAM in two weeks
<qman__> nvidia
<alvin> I'm faster. I only have to start Akonadi for that. Bam, instant out of memory
<qman__> hah
<qman__> well, transparency is nice, but it's not worth having my desktop crash every 10-14 days
<alvin> That's thinking like a Linux user :-) with uptime of x days
<alvin> Either I'm becoming old, or I have become more experienced finding bugs, or Ubuntu is too bleeding edge. I've been asking myself that question for about a year now.
<alvin> For the record, it's probably not Ubuntu.
<qman__> I'm a bit old fashioned, don't know what I'm going to do about my desktop for 10.04
<qman__> really don't like all this "2.0" UI mentality
<alvin> If only it where that simple. Upstart, grub2, Akonadi,... they all bring very interesting features and even solutions for long standing problems. It's only the instability that is very irritating. I'm beginning to feel like a Windows user.
<qman__> at least those changes have good reason and improvements to come
<qman__> I like the faster boot times upstart gives
<alvin> Yes, one day we'll be very happy with them
<alvin> Also, no troubles with ordering scripts. (And yet, that is the main problem of upstart now)
<jeffesquivel> hi... anyone knows where I can find documentation to create a local Ubuntu One/Dropbox ?
<ScottK> jeffesquivel: The Ubuntu One server code is not open source
<jeffesquivel> ScottK, I know...
<jeffesquivel> ScottK, I want to implement something like it using other tools
<jeffesquivel> ScottK, the thing is that I have several computers I would like to keep in sync, but they have a lot of files... it would be painful to do it through the Internet... I really prefer doing it on my LAN
<alvin> A real-time rsync?
<jeffesquivel> alvin, yeah, something like that
<jeffesquivel> I read about unison
<jeffesquivel> but as far as I can tell it is not real-time either
<alvin> Tricky. It sounds like you could use a fileserver
<ScottK> It's not real time
<jeffesquivel> alvin, yep, I do have a file server
<zroysch>  2776 root      20   0  419m 102m  19m R   94  5.2  86:12.11 Xorg
<jeffesquivel> alvin, let me explain
<alvin> ok
<zroysch> for what reason is Xorg using 94% cpu
<jeffesquivel> alvin, I have several desktops and a laptop and a netbook
<alvin> I'd say: Intel drivers, or those shiny effects we were talking about :-)
<jeffesquivel> alvin, I would like to be able to work on any of them and, for example, download some music or some important document
<jeffesquivel> alvin, and then, that info should be sync to the others once they are available
<jeffesquivel> alvin, that way if I take the netbook or the laptop on the road
<jeffesquivel> alvin, I still can get to my music and stuff (because I have a local copy)
<alvin> Ah, but there is an old method fot that. Maybe not perfect, but we'll get to that.
<jeffesquivel> alvin, I know about VPN... but internet connection is not always possible or extremely slow
<alvin> For local use, you can use share /home on NFS. For the notebook, rsync (or unison - it is used for things like that)
<alvin> I'm using dropbox for some things, and rsync for the rest. (And also shares /home at home)
<jeffesquivel> alvin, hmm... yeah, what I would have to do is run rsync periodically... which is what I thought... but wanted to know if someone knew of a better way to do it (something that synced immediately, like dropbox, he he)
<jeffesquivel> alvin, one other question... why do you prefer NFS over any of the other networked FS?
<alvin> jeffesquivel: Simple. It's the default Unix/Linux method for sharing
<alvin> Let's see what ubottu says about it. If it says 'samba' I'll scream.
<alvin> !NFS
<ubottu> nfs is the network file system. See https://help.ubuntu.com/community/SettingUpNFSHowTo for information on installing and configuring NFS.
<jeffesquivel> alvin, ok... I've read that NFS can sometimes give you issues with lock files or something like that... (I remember reading "NFS safe" as a feature for some apps)... have you ever have any problem with something like it?
<alvin> ok, network file system. We're safe
<zroysch> how do i make Xorg stop using 99% CPU and sending my temps over 95C
<alvin> Oh, that's true. Especially when using databases (Akonadi...)
<alvin> Samba has the same problems. For that reason, there's NFSv4
<sherr> jeffesquivel: Never used it but the Tahoe-LAFS filesystem might be worth a look :
<sherr> http://allmydata.org/trac/tahoe-lafs
<alvin> You can put your shared /home on an NFS server and use it with Kubuntu/akonadi
<dinger1986> anyone have any suggestions for good solid external drives for backing up to?
<zroysch> dinger1986: external drives are the same as internal drives, just with a case around them. are you asking what cases are good?
<dinger1986> zroysch: yeh, need ones for backing up servers to
<zroysch> does the server have no more room for drives or something
<dinger1986> would it be better buying server drives and put them into an external case?
<zroysch> I got a cheap solution from sans digital. its a 2 drive enclosure in raid1
<dinger1986> the server has space but its for doing backups to which can be taken offsite
<zroysch> its usb, so kinda slow
<zroysch> but does the job
<dinger1986> usb would be fine
<jeffesquivel> sherr, seems interesting that tahoe-LAFS
<dinger1986> any brand best?
<zroysch> i dont use many external drives, but this sans digital has been working for 2-3yrs
<alvin> Yes, interesting indeed. But, how do you pronounce it :-)
<zroysch> has an interface that tells you when the drives/fans fail etc
<zroysch> runs on windows, not sure about linux servers
<jeffesquivel> alvin, sherr: have you considered a cluster filesystem? but first, let me check if that makes sense at all ;)
<dinger1986> ok thats cool, only issue is im in the uk so will need to check if i can get it over here
<alvin> Tahoe-stuff looks interesting, but big. What's the speed of that stuff for local use?
<zroysch> if not im sure you can find something comparable. i'd opt for a raid situation so you have 2 copies of the backup at all times, in case one of the drive fails.
<zroysch> good luck
<alvin> I (well, a company I work for) wanted a spare system. We bought 2 SUN servers and 2 SANs. A commercial application (PresStore) is doing the sync. (not real-time) You can easily do things like that with open source I think.
<alvin> Isn't a cluster file system over the top to keep a notebook in sync?
<jeffesquivel> alvin, I don't know... may be... but still would like to at least research the possibility... :-)
<alvin> jeffesquivel: If you do, post your story on Slashdot
<jeffesquivel> jeffesquivel, he he... I haven't read /. for years now...
<alvin> I have met people from a company that made backups by breaking RAID-1. break RAID, put disk away, put in new disk,... So, yes, you can use some technologies where it's not meant to be used.
<jeffesquivel> alvin, actually, I was thinking something like that... I know there is a tool called like nrbd or something like that
<jeffesquivel> alvin, that is supposed to behave as a "networked RAID 1"
<alvin> I shouldn't be saying stuff like that...
<alvin> I know that exists, but what's the performance?
<alvin> I think for mirroring /home, you need quite a bit these days with all databases running in the background.
<alvin> Nepomuk, Akonadi, strigi,..
<jeffesquivel> alvin, yeap, that's what I would research about... he he... it is probably not worth it
<alvin> Databases are troublesome for syncs
<jeffesquivel> alvin, but may work for some other similar situation in the future...
<alvin> Even normal files. I tried to sync kjots (a note taking application) by using Dropbox. This fails most of the time.
<uvirtbot> New bug: #551617 in apache2 (main) "/doc/  shows entire  /usr/share/doc, not apache doc" [Medium,Invalid] https://launchpad.net/bugs/551617
<jeffesquivel> alvin, hmm... is kjots similar to tomboy ?
<jeffesquivel> alvin, because I think you can sync you tomboy notes through Ubuntu One
<alvin> Maybe, it stores 'books' in files. Each book can have pages
<alvin> I've heard about that. Well, kjots will soon move to akonadi, so I wonder what will happen then.
<alvin> I think we need to put those things centralised. Databases belong on a server.
<jeffesquivel> alvin, yeap... in tomboy they are named "notebooks" and notebooks have notes
<jeffesquivel> he he
<ScottK> There is someone doing a KDE cloud project meant to link all those kinds of things together.  Not sure if it's working or not yet.
<alvin> Hmmm
<jeffesquivel> I can't believe no one has thought of doing a FLOSS Dropbox-like project
<jeffesquivel> it is so useful... he he
<jeffesquivel> or at least it would be so useful for me ;)
<alvin> You can also put your files in a git repo
<jeffesquivel> alvin, never used git... it is something like subversion, right? let me STFW...
<alvin> yes
<alvin> There is a project that puts /etc in it. Also, to share between servers if I'm not mistaken
<uvirtbot> New bug: #552126 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: alamprotsess installed post-installation script tagastas lÃµpetamisel veakoodi 75" [Undecided,New] https://launchpad.net/bugs/552126
<jeffesquivel> wow... didn't know the kernel team had stopped using bitkeeper
<alvin> It was big news
<jeffesquivel> I remember the controversy because of it not being OSS...
<zim> hi all. is there a quick way I can get sshd to email me when someone logs on. ie.  session opened for user
 * ScottK considers updating postfix to uninstall if you feed it an invalid hostname (the source of ^^^).  If you aren't smart enough to use a proper hostname, you aren't smart enough to run postfix.
<jeffesquivel> alvin, yeah... I was away from the news for quite sometime... he hehe
<jeffesquivel> alvin, mostly working on non-linux related stuff...
<jeffesquivel> alvin, do you know if Linus Torvalds created git because of the controversy of bitkeeper not being OSS or just because he felt they needed something better?
<marshall> funny, i was just about to ask about git on ubuntu
<alvin> jeffesquivel: I don't think you missed much. He created it because something in the license of bitkeeper changed
<marshall> i did apt-get install git, which installed gnuit and something else, but 'git' isn't found when i try to use it
<jeffesquivel> alvin, I see...
<marshall> i thought he created it it keep track of linux kernel development?
<alvin> That is its purpose
<marshall> how do i use it on ubuntu jaunty?
<alvin> Off course, Linus made git better than everything he used before, so that's why it's so popular now
<marshall> !git
<ubottu> Git is a distributed revision control/software code management project created by Linus Torvalds. For more information, see http://en.wikipedia.org/wiki/Git_(software)
<alvin> git is provided by git-core
<alvin> gnuit is something else (git is a virtual package that installs gnuit)
<uvirtbot> New bug: #371875 in kvm (main) "kvm 1:84+dfsg-0ubuntu11 lacking vde support (dup-of: 253230)" [Undecided,Invalid] https://launchpad.net/bugs/371875
<jeffesquivel> alvin, hmm... but I don't think git is what I need... I actually don't care much about the version support of Dropbox (I have backups for that ;)... I mean is a nice feature, but I prefer the auto-sync better... he he
<alvin> Let's ask ubottu
<alvin> !autosync
<alvin> !dropbox
<Hypnoz> Hey I was playing with server redundancy with 2 nics, and ran into a weird issue. If anyone recognizes this pls let me know. http://dpaste.de/OowB/
<jeffesquivel> Hypnoz, you want redundancy in case of a switch failure?
<Hypnoz> yeah
<jeffesquivel> Hypnoz, hmm... then link aggregation is not an option... unless you have fancy switchs which can behave as one virtual switch
<jeffesquivel> Hypnoz, link aggregation is nicer because it also provides increased bandwidth... but both ethernet ports need to be on the same virtual switch
<Hypnoz> virtual switch? not familiar with that
<jeffesquivel> Hypnoz, I know this doesn't addresses your current issue... but may be a better way to do what you want to do... he he
<jeffesquivel> Hypnoz, http://en.wikipedia.org/wiki/Link_aggregation
<Hypnoz> this is for a new DC not in production yet, trying to set up some redundancy on a budget
<jeffesquivel> Hypnoz, specially http://en.wikipedia.org/wiki/Link_aggregation#Single_switch
<jeffesquivel> Hypnoz, IIRC, Linux supports link aggregation natively...
<Hypnoz> I'll browse the article. Right now I have the server with two IP's both in the same subnet, and was going to put both IP's in the load balancer
<Hypnoz> so if one goes down, the LB sees that and takes that link down
<Hypnoz> but LB is taking both links down sometimes, when only one link went away
<jeffesquivel> Hypnoz, is your LB a hardware device?
<ihernandez> i'm hating ldap
<ihernandez> really
<lamont> ScottK: heh
<Hypnoz> jeffesquivel: yeah an F5
<jeffesquivel> Hypnoz, I have never used one of those
<jeffesquivel> Hypnoz, down here is difficult/expensive to get cool devices... we usually try to do as much as possible in software (with FLOSS, preferably ;) )
<Hypnoz> jeffesquivel: where is "down here"
<jeffesquivel> Hypnoz, Costa Rica
<Hypnoz> yeah I could see how it might cost more for network gear there than in california
<jeffesquivel> Hypnoz, yep
<jeffesquivel> Hypnoz, anyway... I think you can do what you want through link aggregation... basically you have to NICs that behave as one... you get twice the bandwidth and if one link fails the other is still used
<jeffesquivel> s/to NICs/two NICs/
<Hypnoz> jeffesquivel: ya I may look into virtual switch, and bond0 for my two eth adapters, it will be more inital config and learning, but sounds faster and more stable and redundant in the end
<jeffesquivel> Hypnoz, yes
<jeffesquivel> brb
<GhostFreeman> How do I ask ubottu a question?
<pwnguin> /msg ?
<GhostFreeman> Well, that was resourceful
<GhostFreeman> Anyone here using zsh on Ubuntu Server? How would I go about installing and configuring it
<guntbert> !askthebot | GhostFreeman
<ubottu> GhostFreeman: Please investigate with me only with "/msg ubottu Bot" or in #ubuntu-bots.  Search for factoids with "/msg ubottu !search factoid".
<smoser> soren, are you around ?
<soren> smoser: MAybe.
<smoser> what does
<smoser>         logging.debug("Preventing daemons from starting")
<smoser>         self.prevent_daemons_starting()
<soren> Am I in troube?
<smoser> do ?
<soren> trouble.
<soren> Uh..
<soren> echoes some stuff to the debug log and calls a method?
<smoser> as i understand all it does is put a script in /usr/sbin/policy-rc.d
<soren> Not anymore.
<smoser> of the target
<soren> It also diverts initctl nowadays.
<smoser> oh. i am looking at 0.11
<soren> ok.
<soren> Then... uh... Yes, you're probably right.
<smoser> but am I right that it just puts that there, and then somehow things are supposed to run through that ?
<soren> Not exactly.
<soren> postinst scripts (well-behaved ones) call invoke-rc.d to start stuff.
<soren> ..invoke-rc.d respects policy-rd.d
<smoser> ok.
<smoser> so, i'm guessing then that apache and postgres aren't well behaved... or maybe osmehting else got them started.
<smoser> in hardy
<soren> pass
<jeffesquivel> RoAkSoAx, hi... are you part of the HA Team?
<RoAkSoAx> jeffesquivel, yes I am
<jeffesquivel> RoAkSoAx, great... is there a specific channel for contributing to HA?
<jeffesquivel> RoAkSoAx, I've been asked to give a conference about HA at the FLISOL (latin american install fest day) and may be I can create some documentation or something that may be useful...
<RoAkSoAx> jeffesquivel, in ubuntu we usually idle at #ubuntu-ha, but if you are interested in contributing upstream you should check #linux-ha and #linux-cluster
<jeffesquivel> (plus I will probably need some help from team members ;-) )
<RoAkSoAx> jeffesquivel, i know what that Is and I've also gave conference in the flisol about HA :P
<RoAkSoAx> last year
<jeffesquivel> damn! I should really try to enter the obvious channel before asking and looking like a fool, he he ;-)
<jeffesquivel> RoAkSoAx, really? is your material licensed under CC or similar? can I use it?
<jeffesquivel> RoAkSoAx, I'm in Costa Rica, btw... where did you gave your conference?
<RoAkSoAx> jeffesquivel, you sure can but i'll have to search for it since I don't really know where in all my files it is. Just drop me an email reminding me
<jeffesquivel> RoAkSoAx, ok, thank you very much!
<RoAkSoAx> jeffesquivel, no prob
<RoAkSoAx> lamont, ping
<jeffesquivel> sherr, tahoe-lafs is already in ubuntu
<RoAkSoAx> kirkland, ping?
<Rafael_> can somebody help me with this comand, i get an error: sudo mount -t cifs -o username=xxxx,password=xxx //192.168.1.106/DRG/"D"/My Documents/Charts /home/rgotten/charts.windows
<jeffesquivel> Rafael_, can you log into that share with that username and password using smbclient?
<jeffesquivel> Rafael_, just in case... have you tried changing the order of the parameters as in the man page
<Rafael_> jeffesquivel: i am new to all this and i was trying to create a mount point..my i ask you what you mean?
<jeffesquivel> Rafael_, ok... first try this:
<jeffesquivel> sudo mount -t cifs //192.168.1.106/DRG/"D"/My Documents/Charts /home/rgotten/charts.windows  -o username=xxxx,password=xxx
<jeffesquivel> Rafael_, I think that is the correct order for the parameters... at least the official one
<Rafael_> jeffesquivel: ok let me try
#ubuntu-server 2010-04-01
<Rafael_> jeffesquivel: this is what i get: http://pastebin.com/xY5wR2Ly
<jeffesquivel> Rafael_, ok, try this first: sudo apt-get install smbfs
<Psi-Jack> Alrighty. I have a couple quick questions regarding UEC.. What is the Walrus storage service, and Storage controller?
<Rafael_> jeffesquivel: i have samba install since i ave done that command in the past
<jeffesquivel> Rafael_, hmm... smbfs is not part of the samba package, are you sure you have it installed?
<jeffesquivel> Rafael_, in that case... I thnk the problem may be that you are trying to specify the full path inside the share...
<jeffesquivel> Rafael_, how about sudo mount -t cifs //192.168.1.106/DRG /home/rgotten/charts.windows -o username=xxx,password=xxx  ?
<jeffesquivel> Rafael_, did it work?
<Rafael_> jeffesquivel: thanks i got it it is: sudo mount -t cifs -o username=xxxx,password=xxx //192.168.1.106/Charts /home/rgotten/charts.windows
<jeffesquivel> Rafael_, great!
<Rafael_> by
<jeffesquivel> Rafael_, just in case... you can see the name of the shares on that server with: smbclient -L //192.168.1.106/
<Rafael_> thanks a lot
<jeffesquivel> Rafael_, you're welcome
<jeffesquivel> bbl
<uvirtbot> New bug: #483427 in bridge-utils (main) "if-pre-up.d script points to script in /usr" [Medium,Triaged] https://launchpad.net/bugs/483427
<cef> anyone got any hints on setting up serial console access for a KVM guest (serial in the guest, and configuring KVM/libvirt)?
<cef> btw: http://tinyurl.com/ubuntuserv is broken
<dlynes> I've tried adding kernel parameters to /etc/grub.d/10_linux, and then running grub-mkconfig, but it doesn't seem to spit out my new kernel parameters
<dlynes> Is there a trick I need to know to get it to work?
<twb> dlynes: you should add parameters in /etc/default/grub-pc or so
<twb> Unless you're still using GRUB Legacy.
<dlynes> twb, No such file or directory
<twb> Also, I've always used update-grub, not grub-mkconfig.  I don't have a system that's still using grub in front of me, so I can't check what the difference is.
<twb> dlynes: /etc/default/grub?
<David5> Enter text here...sdfasdfsdf
<David5> Hello
<David5> ???
<dlynes> twb, great....thanks
<dlynes> twb, I've only used regular ubuntu and debian up until this point, and never had to do any kernel configuration on ubuntu before
<dlynes> twb, is ubuntu server that much different from regular ubuntu?
<Xodiac13> i need help on being able to get my ext hdd to do raid 0 with the internal hdd i mounted the ext hdd and i can get into it and it adds more space i just ran out of space on the internal hdd and it wont transfer more files onto the ext hdd i need help so i can put it on the ext hdd
<twb> dlynes: the differences are primarily in the list of installed packages, and (on some architectures and releases) the default kernel variant.
<dlynes> twb, it was /etc/default/grub
<dlynes> twb, ah
<Xodiac13>   i have a my share but seems to be full but it still has 300 gigs left and i also formatted it to a ext3
<dlynes> twb, so there might be a few kernel tweaks in the server edition that aren't in the regular edition?
<twb> dlynes: it is more that one will be configured with a server in mind, and the other with desktops in mind.
<dlynes> twb, ah
<Xodiac13> any help please
<twb> For example, a desktop kernel might be built with a faster interrupt cycle, so that it seems more "responsive"
<dlynes> twb, And the server editions aren't named the same way as the regular ones?
<dlynes> i.e. jaunty, karmic, ...?
<Xodiac13> me
<twb> dlynes: an Ubuntu release includes both desktop and server bits.
<dlynes> Xodiac13, can you break up your question into several sentences?  I'm having trouble understanding that one long run-on sentence
<dlynes> twb, ah
<Xodiac13> dlynes: i have an ubuntu server 8.04 64bit and my internal harddrive is full i formatted a 320 gig external harddrive to ext3 and i mounted it successfully in the command line i can see inside of the external harddrive but when i try to transfer files it said its full even though on the server it shows the added space is there anyway i can fix this with raid 0 or make a directory from the myshare to the external harddrive
<dlynes> Xodiac13, what does raid anything have to do with your problem?
<dlynes> Xodiac13, Can you pastebin the output of df, after you've formatted and mounted the external hard drive?
<twb> Xodiac13: RAID will not fix your problem.
<Xodiac13> dlynes: i figured it might solve the problem because it combines the space on the server including the external
<Xodiac13> twb o okay how can i fix it
<dlynes> Xodiac13, no, it does not
<twb> Xodiac13: is "myshare" a product name?
<dlynes> Xodiac13, you're thinking of LVM, not raid
<Xodiac13> twb its the folder that the windows computers can see to add files
<Xodiac13> dlynes how can i use LVM
<dlynes> Xodiac13, i'm far from being an expert on lvm (I have no idea how to set it up), but you set up an LVM, and add volumes to it
<twb> Xodiac13: please pastebin the contents of /proc/partitions and /proc/mounts, and the output of "df -m".
<Xodiac13> twb okay
<dlynes> Xodiac13, however, I think the lvm needs to be created first, and the drives need to be in the lvm before you start using them
<dlynes> Xodiac13, but don't quote me on that
<Xodiac13> dylnes k
<Xodiac13> twb im somewhat very familiar with ubuntu but what you just have me do in the output of df-m
<Xodiac13> i mean df -m
<twb> You can use "man df" to find out about the df program.
<Xodiac13> twb sigh okay
<dlynes> Xodiac13, it sounds like you'd probably gain a lot by hanging out in #ubuntu and #ubuntu-beginners a while, too
<dlynes> Interesting
<Xodiac13> sorry my bad yeah thanks dylen all im trying to do is ask for help not critism i ask a simple question and you end up lectuaring me
<dlynes> Xodiac13, i wasn't lecturing anyone...perhaps you misinterpreted my intent
<Xodiac13> dlynes obviously i did i would like help please and i am willing to learn
<ScottK> Xodiac13: I just read the backscroll and I don't think he was lecturing you.
<dlynes> Xodiac13, I've asked for the output of 'df', and twb's asked for the output of 'df -m' and 'cat /proc/partitions' and 'cat /proc/mounts', and we haven't seen it yet
<dlynes> Xodiac13, throw the output of those on http://pastebin.ca/ or something similar
<Xodiac13> ScottK well if i cant even get an answer and all i here is dumb comments
<ScottK> Xodiac13: They've asked you for information to help solve your problem.
<ScottK> If the questions don't make sense to you, ask more questions instead of reacting.
<Xodiac13> http://pastebin.com/259ng1Vd
<Xodiac13> ScottK sorry im a little hotheaded
<ScottK> Xodiac13: Happens to all of us now and then.
<dlynes> Xodiac13, and what is sda and sdc?
<Xodiac13> ScottK lol
<Xodiac13> dlynes sda is the internal harddrive and sdc is the external harddrive
<Xodiac13> http://pastebin.com/0Prt4eFb
<dlynes> Xodiac13, ok, and where is your normal directory for your windows clients?
<Xodiac13> http://pastebin.com/MCgkn64m
<Xodiac13> dylnes myshare is on the ubuntu server for all the files so the windows computers can see it
<dlynes> Xodiac13, which is where?
<Xodiac13> sorry
<dlynes> Xodiac13, /opt/myshare?
<Xodiac13> i made a myshare on the ubuntu server using samba so any computer can see it on the network
<dlynes> Xodiac13, again....where is myshare located within the directory structure on your ubuntu server?
<Xodiac13> yes
<Xodiac13> http://pastebin.com/grq7rfWc
<Xodiac13> its located in the link it shows where its at
<dlynes> oh...it's off your root directory
<Xodiac13> dylnes yes
<dlynes> pastebin the output of 'ls -l / | grep myshare' and 'ls -l /mnt/extdisk'
<Xodiac13> k
<Xodiac13> http://pastebin.com/fPj05q6b
<Xodiac13> http://pastebin.com/RjVi1aJz
<dlynes> Xodiac13, sorry.... 'ls -al /mnt/extdisk', I meant
<Xodiac13> http://pastebin.com/1cyxtz0X
<dlynes> Xodiac13, ok...try the following:  'mv /myshare/* /mnt/extdisk', and then pastebin the output (if it doesn't work), including your shell prompt
<Xodiac13> dlynes k
<Xodiac13> dlynes so its copying all the files to the extdisk?
<dlynes> Xodiac13, i'm guessing that means it's working?
<Xodiac13> dlynes yes
<Xodiac13> dlynes sorry for me being hotheaded im in the Marine Corps and thats just the way we are
<Xodiac13> dlynes at least me lol
<Xodiac13> dlynes im a grunt
<dlynes> Xodiac13, ok...now you need to update your samba config so that the exported folder is pointing at /mnt/extdisk instead of /myshare
<Xodiac13> dlynes i need help on that im kind of a newb with ubuntu server
<dlynes> Xodiac13, and I don't have time to help you with that tonight...it's actually bed time for me
<Xodiac13> dlynes nooooo
<Xodiac13> dlynes and for what you were going to help me on would it point it to the ext drive and the internal
<dlynes> Xodiac13, what it's doing right now is moving all the files out of the /myshare directory and dropping them into the /mnt/extdisk directory
<dlynes> Xodiac13, after it's finished, you'll see a whole bunch of free disk space on /
<dlynes> Xodiac13, if you do a 'df -m' afterwards
<Xodiac13> dlynes nice and now will i be able to get the files from the ext drive
<dlynes> Xodiac13, anyways...suffice it to say, the information is in /etc/samba/smb.conf usually
<Xodiac13> okay
<dlynes> Xodiac13, so after you make any changes to that file, you'll need to do an /etc/init.d/samba restart
<Xodiac13> now the internal harddrive will be free so i can add files to that now
<dlynes> correct
<Xodiac13> nice
<dlynes> but not that get exported to the network
<dlynes> they'll be local files
<dlynes> /mnt/extdisk will be the network files
<dlynes> but like i said...you need to update smb.conf and restart samba before anyone sees those changes
<Xodiac13> so i will see the extdisk when i go to the myshare obviously but not the internal so i can add more files
<Xodiac13> okay
<kirkland> RoAkSoAx: pong
<dlynes> Xodiac13, anyways..pastebin the contents of your /etc/samba/smb.conf file and maybe someone will be able to help you
<Xodiac13> dlynes k thanks man
<dlynes> Xodiac13, i would suggest trying it on #ubuntu or #ubuntu-beginners though, instead...there's a lot more people in boht of those channels
<dlynes> Xodiac13, your questions will get answered faster there
<Xodiac13> dlynes okay thank you i really do appreciate it
<dlynes> Xodiac13, this channel's mainly for people that have ubuntu server edition-specific questions
<Xodiac13> dlynes nice
<dlynes> Xodiac13, and the help you need, isn't server specific..all ubuntu distributions have those issues
<Xodiac13> dlynes o okay thank you
<Xodiac13> dlynes so in the samba config file what am i looking for to change so that i can use both the internal and external
<cef> anyone dealt much with serial consoles with libvirt/kvm? I can't seem to get any working, and I suspect it's a host issue (libvirt domain defines)
<Xodiac13> dlynes im not looking at it right now its transfering files so yeah
<twb> cef: what the actual error?
<cef> twb: every time i edit the domain info and put in a <serial or <console entry, it drops the <source element, and rewrites the <target element - plus the kvm command line has '-serial none' in it, so it's like it's totally ignoring the config options
<cef> twb: fwiw: the machine the domains are running on is headless, and it isn't connected to a network with a gui box on it that I can use as a VNC console
<cef> twb: the getty is running fine in the guest, but I can't figure out how to get the host to expose it somehow. preferably through 'virsh console domainname' would be best
<twb> cef: everything you've said makes sense to me, and I don't know more.
<twb> cef: you could try the libvirt channel (#virt?)
<cef> twb: yeah that's next.. I tried #ubuntu-virt earlier. no response (2 hrs ago I think)
<cef> actually only 1 hr ago
<cef> oh fun, #virt is locked it seems
<cef> oh fun, #libvirt is locked it seems
<twb> Maybe OFTC
<cef> no.. just #virt.. only 5 people in #libvirt
<cef> yeah just looking thru the wiki/libvirt site now (been using it all day)
<twb> cef: remember to STAY IN THE CHANNEL.
<cef> yup irc.oftc
<twb> cef: if you ask in #ubuntu-virt and then leave an hour later, you might miss a response from an hour-and-a-half later when someone wakes up
<cef> twb: oh I'm still in both #ubuntu-virt and here..
<cef> I idle in there 24/7
<twb> OK, /whois lied to me.
<cef> +c on the channel afaik
<twb> cef: incidentally, have you played with lxc at all?
<cef> twb: not really.. I've got it installed I think
<cef> this console issue is my main stumbling block to getting this machine live.. and yeah.. it's creating a hassle for me at work.. *sigh*
<cef> don't really have the time to play with lxc before it goes live.. mebbe after
<twb> lxc is for jails, whereas kvm is for full emulation
<twb> They're orthogonal
<codygman> i'm trying to setup postfix on my server, and thought i did everything right, but it's not sending mail.
<codygman> it seems like after executing 'mail -s subject myemail' the process keeps running
<twb> When testing, use SMTP or sendmail(8) directly.
<codygman> oh... alright i'll try using sendmail
<killown> ubuntu-server is better than centos?
<twb> Note that sendmail-the-api is not the same as sendmail-the-package
<Callum__> killown: not necessarily better, both can do different things in different ways
<twb> killown: mu.
<killown> i need some linux distro for server
<Callum__> I prefer the RPM package manager but I like the fact that Ubuntu Server is updated much more frequently and uses later versions of software
<twb> I'm astonished that anyone who has studied the internals of rpm/yum and dpkg/apt can prefer the former.
<Callum__> twb: I dunno, I just prefer it... I don't have any technical reasons as to why, apart from maybe a secure RPM repository is a LOT easier to set up than a SecureApt repository (STILL haven't figured it out yet)
<twb> Callum__: erm, you just build a normal repo, but you sign it with your key.
<twb> If you're using a PPA or so, I think that part is taken care of automatically anyway
 * jeffesquivel agrees with twb
<twb> Callum__: see e.g. http://wiki.debian.org/HowToSetupADebianRepository
<Callum__> twb: yeah, but it still says in apt-get that its not secure >_>
<twb> Callum__: either you did it wrong, or you didn't install your key into the apt client.
<Callum__> and I have the key installed on every machine I try to use the repo with...
<Callum__> hell, the repo doesn't even appear as secure on the machine that signs the packages
<codygman> can you send email on a server without having a domain name yet?
<twb> That would depend on where you're sending it to.
<twb> If you're talking about a smarthost, it's pretty common for its correspondents to reject your mail if your EHLO host doesn't resolve.
<twb> Obviously satellites are a pushover, because it's only talking to your local mail gateway server.
<codygman> twb.. i'm just trying to setup mailing for my django site :P
<codygman> i'm still in development, so I don't want to switch the dns on my domain name yet
<sherr> codygman: If you are just wanting to send email, SSMTP (simple smtp) might be easier for a novice.
<codygman> alright, i am pretty new to having my own server :D
<jeffesquivel> codygman, how about use an existing account on an existing mail server to send the messages?
<codygman> jeffesquivel.. you mean like using gmail?
<twb> I have had bad experiences with ssmtp
<jeffesquivel> codygman, exactly
<twb> For roaming laptops, I can recommend msmtp.
<twb> I'd use postfix for a server, though.
<codygman> twb.. i'm trying to, I think i'm configuring it wrong
<jeffesquivel> codygman, but it can be an account on any mail server you have an account already set up, not necessarily gmail
<codygman> since i don't have a domain, i'm not sure what to put
<codygman> or maybe i forgot to open port 25
<twb> You only need to open port 25 to RECEIVE mail
<jiboumans> morning folks
<codygman> hostname -f keeps telling me this:
<codygman> hostname: Unknown host
<codygman> the contents of my hostname file is:
<codygman> 127.0.0.1   localhost localhost.localdomain runningshoesreview.org
<twb> codygman: that's wrong.
<twb> You should have "127.0.0.1 localhost" and "127.0.1.1 www www.example.net"
<twb> You can have "localhost.localdomain" after "localhost", it shouldn't matter much with/without it.  But the hostname and FQDN should be the first two entries.
<twb> (The first two entries in whichever line they're on, that is.)
<codygman> alright here are all three lines:
<codygman> codygman
<codygman> 127.0.0.1   localhost localhost.localdomain
<codygman> 127.0.1.1 www www.runningshoesreview.org
<twb> Right.
<codygman> alright good :)
<twb> Now if "hostname" returns "www", then "hostname -f" should return "www.runningshoesreview.org"
<codygman> is there a book you'd recommend for this type of stuff btw?
<twb> codygman: best I can do is /join #debian-bots, /msg dpkg grounding
<codygman> alright cool
<codygman> btw, my mailing seems to be working after that
<twb> It's just stuff you pick up over time
<RoAkSoAx> ttx, howdy!! i was wndering what would happen if one of the controllers of the cloud, i.e. cloud controller, fails
<RoAkSoAx> would the cloud stop working>?
<ttx> RoAkSoAx: depends on which controller you lose
<RoAkSoAx> ttx, lets say the cloud controller
<RoAkSoAx> would everything fail?
<ttx> RoAkSoAx: VMs continue running
<ttx> RoAkSoAx: you just can't send new commands
<ttx> (euca-* commands calling the web services on the CLC)
<RoAkSoAx> ttx, and is there a way to have many controllers for failover ?
<twb> Not even the "abort!" command? ;-)
<ttx> RoAkSoAx: not yet.
<RoAkSoAx> ttx, so i guess eucalyptus guys are working on it already?>
<RoAkSoAx> ttx, because i was thinking that it could actually done by using the cluster stack, but creating resource agents to manage the starting/stopping of the resources, such as a cloud controller
<RoAkSoAx> though they would have to be clones
<Psi-Jack> Heh, blah.
<Psi-Jack> Trying out beta1 of Ubuntu-Server 10.4.. Can't seem to get ANY of the UEC Store items to install.
<alvin> I just stumbled on bug 360038. Is this even possible? Does Ubuntu has an RDP server for X?
<uvirtbot> Launchpad bug 360038 in rdesktop "cannot connect from Jaunty to Intrepid" [Undecided,New] https://launchpad.net/bugs/360038
<_ruben> rdp, doubt it .. vnc, sure .. not on a server though
<_ruben> (havent read the actual bug)
<uvirtbot> New bug: #448705 in mysql-dfsg-5.1 "akonadi server doesn't start at login" [Critical,In progress] https://launchpad.net/bugs/448705
<Psi-Jack> Hmmm.
<case_> hi there
<Psi-Jack> Morning.
<case_> i'm trying to setup a cloud using the 10.04 beta CD, is it the right place to ask my questions?
<Psi-Jack> Sure. If anyone were actually around to help. Been asking for questions about UEC for days, and nobody seems to be interested or knowledgable to help.
<case_> :)
<Psi-Jack> Heck.
<Psi-Jack> I'm just trying to figure out what's required just to make UEC work proper..
<Psi-Jack> As far as, does it use image files for all the kvm's installed by the store, or what.
<Psi-Jack> For a vm box, I usually keep / down to 10-15gb tops.
<RoyK> Psi-Jack: there was someone in here a couple of days ago that seemd quite knowledgable about UEC...
<Psi-Jack> Heh
<Psi-Jack> Yeah, it's rare enough to see little signs of help regarding it. ;)
<case_> anyway, i've installed a cloud controler, then i've installed another PC as a node, which seems to have detected the cloud controler, so far so good... but once the install is finished, there is still no node listed on the controler... and no new node detected on the network...
<RoyK> afaik I think those questions are rather well documented
<Psi-Jack> Well I recently installed UEC from 10.4 (yes, I know, beta, but hey), but it failed to install any Store image at all, and no real usable reason as to why.
<Psi-Jack> So I'm installing 9.10 in the same manner, seeing if it makes any difference.
<case_> then, i've installed eucalyptus-nc on my own workstation, it was detected on the cloud controler using sudo euca_conf --no-rsync --discover-nodes , but once added still no node listed by euca_conf --list-nodes
<case_> Psi-Jack, i managed to install store image but only with the admin login
<case_> Psi-Jack, any other login, even with administrative rights will fail
<Psi-Jack> I used admin. ;)
<Psi-Jack> It just failed, no matter what I did.
<Psi-Jack> Probably because of my 15 gb /, but I have a LVM VG available for all where I wanted the images to even be.
<Psi-Jack> Empty 650 GB VG without LVs.
<case_> should be enough...
<case_> Psi-Jack, anyway, have you managed to setup nodes?
<Psi-Jack> Nope
<case_> hmmm
<case_> i've just noticed i've gazillons of updates pending... may help to install them...
<Psi-Jack> Didn't help me, but hey!
<Psi-Jack> I'm installing 9.10 now. :p
<case_> i'm sure it's a conspiracy to sell amazone ec2 ;p
<Psi-Jack> That's fine. I could give a rats arse about Amazon hosting anything.
<ttx> RoAkSoAx: yes, they are working on it.
 * ttx grabs some lunch
<thenetduck> hey when I put in sudo pdnsd-ctl empty-cache it says the command isn't found
<thenetduck> how can I fix that?
<killown> ubuntu is good for server?
<\sh> killown, no use windows 7 for server...ubuntu is only good for the desktop
<killown> lol funny
<RoyK> killown: we have 40+ linux servers at work and we're in the process of moving them all to Ubuntu 8.04 LTS
<RoyK> perhaps 10.04 LTS when that comes around, don't know yet
<killown> and 910?
<killown> and 9.10?
<RoyK> that's not an LTS
<RoyK> long term support release
<killown> ok
<RoyK> we only use LTS on servers
<killown> do you try centos?
<RoyK> yeah, and I don't like it, but I guess that's mostly taste
<RoyK> I like the managability in ubuntu
<RoyK> and the package availability
<RoyK> there are some 23k packages available, last I checked
<killown> stable packages?
<RoyK> lemme check
<RoyK> of course there will be bugs around, also in these "stable" packages. you get what you're paying for, and it's free...
<RoyK> $ apt-cache search "" | wc -l
<RoyK> 25317
<RoyK> that includes metapackages, kernels and so on, but it's still quite a lot
<killown> hehehehe nice
<RoyK> the number for 10.04 (beta) seems to be 30628
<RoyK> it saves me LOTS of time to be able to just apt-get install most things and not compile it from scratch
<killown> i just need a stable distro for compile from source
<killown> hehe
<killown> there is many advanced things that you need enable in ./configure
<case_> compile what from source?
<killown> ldap samba squid
<RoyK> some months back, before we decided to move to Ubuntu, one of the scientists came down and wanted netcdf packages and scipy and lots of other stuff that were a little tricky to get setup correctly. it'd take days to do that on one box. we switched to ubuntu and everything was ready
<RoyK> killown: check ubuntu packages first - most of the stuff is in there
<RoyK> ldap support in samba, for instance
<killown> ok
<RoyK> or AD support
<killown> noway
<killown> is it true?
<RoyK> it's in there - we're using it
<case_> killown, compiling everything from source is really not the philosophy of ubuntu...
<killown> ad suporte for instance
<RoyK> yes
<Psi-Jack> Blah!
<Psi-Jack> UEC stuff is painfully annoying me at the moment.
<Psi-Jack> I got it to actually start an instance... It boots, it immediately shuts down afterwards.
<case_> Psi-Jack, any trick to add a node ?
<Psi-Jack> Eh?
<Psi-Jack> I'm just following https://help.ubuntu.com/community/UEC/PackageInstall
<case_> hmmm okay thanks
<case_> so you're having better results with 9.10 than with 10.04beta , right? even if it doesn't work yet...
<RoyK> killown: just download and install - try it yourself - I'd recommend 8.04 LTS for servers until 10.04 has been released _and_ has proven stable
<case_> Psi-Jack, could you please tell me if euca_conf --list-nodes returns something for you on your cloud controler?
<Psi-Jack> Not really. I'm wiping UEC off this system. Not at all happy with how annoying this whole method is.
<case_> hmmm okay thanks
<skuld_kid> Question about logs and rotation.  Last night I discovered my hard drive was full.  Had a syslog of over 50G, syslog.1 over 25G, and a daemon log of over 80G.  How do I configure my logrotate.conf to rotate these files...I don't see anything defined for these critical logs.
<sherr> skuld_kid: have you looked at the man page for logrotate?
<RoyK> it should rotate weekly by default
<RoyK> keeping 4 weeks iirc
<RoyK> perhaps you should check if there's a daemon filling the logs?
<RoyK> tail -f daemon.log might be a start
<skuld_kid> yes.
<RoyK> sherr: it probably isn't rtfm that's the problem if a default ubuntu installation runs out of log space
<RoyK> there isn't that much to log, really, unless you're running a very heavily used mail server with a spambot using it or something
<RoyK> 50 gigs of logs is a LOT
<skuld_kid> found the problem.  mysqld:  InnoDB error: trying to access tablespace <blah> page no. 0, but the tablespace does not exsist or is just being dropped.  Anybody know what that means, or how to fix it?  I didn't think I had any InnoDBs
<skuld_kid> yeah I know
<alvin> Should /tmp erased at boot, or at shutdown? (in Karmic)
<_ruben> syslogs are rotated by its own script, not by logrotate
<RoyK> try restarting mysql
<skuld_kid> I tried that
<alvin> there's a 'be' short in that sentence
<RoyK> hm... google for it :)
<alvin> Got it. /tmp *should* be emptied at boot when TMPTIME=0 in /etc/default/rcS
<alvin> Now to find out, why this isn't working...
<alvin> Found that too: it's bug 524196
<uvirtbot> Launchpad bug 524196 in sysvinit "TMPTIME=0 no longer clears /tmp on boot" [Undecided,Fix released] https://launchpad.net/bugs/524196
<RoyK> http://pharmama.files.wordpress.com/2010/03/fakesstest.jpg
<pmatulis> RoyK: wrong channel?
<RoyK> :)
<RoyK> funny!
<bogeyd6> bug 292971
<uvirtbot> Launchpad bug 292971 in libnss-ldap "nscd leaking memory using libnss-ldap" [High,Triaged] https://launchpad.net/bugs/292971
<uvirtbot> New bug: #553266 in clamav (main) "Update for clamav security fixes from 0.96 release" [Undecided,Confirmed] https://launchpad.net/bugs/553266
 * ScottK is working on ^^^
<zim> Hi all. how can I get tab completion to work the same on the server version as on the desktop version. example apt-g{tab} ins{tab} apa{tab}
<_ruben> zim: that works on -server as well by default
<zim> _ruben: ok not on my version isp stock install root user what conf files do you edit to make it work
<_ruben> complain to your isp for providing a root shell first
<zim> sh --> is linked to dash before you ask
<_ruben> but yes, root shells tend to be limited that way (never bothered to look into why)
<_ruben> perhaps root doesnt use the global bashrc/profile stuff
<zim> Ok many thanks anyway. anyone else?
<zim> found it many thanks
<Rafael> can anybody help me with this: rsync: recv_generator: mkdir "/home/rgotten/Prueba/Myplasticare/Charts/charts.documents" failed: Permission denied (13)
<RoyK> Rafael: I guess filesystem permissions won't let you create it?
<Rafael> RoyK: any idea what to do?
<RoyK> mkdir manually
<RoyK> check permissions
<RoyK> manually override as root if nothing else works
<sherr> Rafael: what exact rsync command are you using? Check target perms.
<RoyK> sherr: it shouldn't be rsync's fault - the error is quite clear
<Rafael> sherr: this is a small srip i am running. I found one of the problems is that the  folder called Charts was created as root so i delete it and recreate it as the user, but anyway this is the sript
<Rafael> sherr: #!/bin/bash
<Rafael> rsync -v -r -d --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael> rsync -v -r -d --delete /home/rgotten/charts.documents /home/rgotten/Prueba/Myplasticare/Charts >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<zul> ttx: ill take the phpldapadmin
<RoAkSoAx> ttx, where to find info about that or who can I talk to
<ttx> RoAkSoAx: you can try #eucalyptus. Or talk to them at UDS :)
<RoAkSoAx> ttx, i'll try #eucalyptus first cause I was actually planning a "HA Support for UEC" session for UDS, but that is just create OCF Resource Agents to provide failover in case any of the controllers fail, however this means that the nodes have to be clones
<RoAkSoAx> so the RA's will allow us to use the current cluster stack
<RoAkSoAx> to do the failover
<RoAkSoAx> over two clone machines. Data could be replicated with DRBD for example
<uvirtbot> New bug: #553342 in samba (main) "spnego references incorrect realm via winbind when joined to AD and spnego is enabled" [Undecided,New] https://launchpad.net/bugs/553342
<odin2> I'm stuck with getting sound on my server install, I installed xmms2 and alsa; ~/.cache/xmms2: alsa cannot find card '0' - I don't know where to start to resolve the problem (I searched the forum already)
<sherr> odin2: Sound's a desktop thing really, this is #ubuntu-server. Not really on topic ...
<sherr> odin2: the forum's got lots of sound questions/help. If you cannot find a relevant thread, post one?
<bogeyd6> !desktop
<ubottu> A desktop environment is what "puts the pieces of a !GUI together". The available desktop environments in Ubuntu are !GNOME (ubuntu-desktop), !KDE (kubuntu-desktop), !Xfce (xubuntu-desktop), IceWM, !Fluxbox, WindowMaker (wmaker), FVWM and others - See also !Flavors
<bogeyd6> :)
<bogeyd6> sherr, ubuntu does have a kicking MPD install
<bogeyd6> sound streaming sucks through MPD tho
<odin2> okay, was wondering if a server install doesn't support sound at all ...
<odin2> thx
<bogeyd6> odin2, you are correct in that is isnt supported in any way
<bogeyd6> you will be missing muchos packages
<RoyK> nice day today http://kernel.org/
 * bogeyd6 thinks it has to do with the kernel not using a sound module
<RoyK> bogeyd6: it should be autodetected
<bogeyd6> odin2, lspci -v | grep audio
<odin2> VIA Technologies, Inc. VT82C686 AC97 Audio Controller (rev 50)
<bogeyd6> RoyK, google is doing that today too
<bogeyd6> odin2, now do lspci -v | less
<bogeyd6> pastebin everything about the audio controller
<bogeyd6> !pastebin @odin2
<bogeyd6> !pastebin @ odin2
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<bogeyd6> !pastebin | odin2
<ubottu> odin2: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
 * RoyK is looking for an update on HTCPCP
<ttx> smoser: anything to report about euca2ools vs. boto1.9, to the euca guys ?
<smoser> other than it went over really well.
<smoser> i found basically nothing boto1.9 related.
<ttx> ok, so no outstanding issue on that
<ttx> good
<smoser> no.
<smoser> soon after lucid, we will have to merge our improved euca2ools
<smoser> to theirs
<odin2> bogeyd6, http://paste.ubuntu.com/407606/  only the sound part
<bogeyd6> odin2, which ubuntu version?
<odin2> 9.04
<bogeyd6> hmm
<odin2> shall I uninstall alsa and xmms2 and start over?
<bogeyd6> did you run ALSACONF
<odin2> no, I just installed everything alsa
<bogeyd6> well run alsaconf
<bogeyd6> if that dont work im outta ideas
<uvirtbot> New bug: #553362 in mysql-dfsg-5.1 (main) "Start script creates /var/run/mysqld with static owner" [Undecided,New] https://launchpad.net/bugs/553362
<ruben23> hi guys can i ask help i got ubuntu-server but during boot up my system force scan my LVM VOL001 and found error and inconsistency..problem aftre it wont properly, seems like all corrupted how do i repair it and recover..
<ttx> smoser: do the daily EC2 images ship with ramdisk now ?
<ttx> mathiaz: ping
<mathiaz> ttx: o/
<ttx> mathiaz: hey, two things I need to discuss with you
<smoser> ttx yes. http://uec-images.ubuntu.com/lucid/20100401/published-ec2-daily.txt
<ttx> smoser: great, thanks
<smoser> (note the ari-* stuff there)
<ttx> mathiaz: work items to postpone
<ttx> mathiaz: there were at least two items that you should postpone if you couldn't complete them by freeze time
<ttx> if you didn't, please mark them POSTPONED /and/ add new TODO ones for final if appropriate
<ruben23> hi
<mathiaz> ttx: will do
<ttx> mathiaz: next is bug 551544
<uvirtbot> Launchpad bug 551544 in puppet "puppet in lucid does not support upstart status " [High,Confirmed] https://launchpad.net/bugs/551544
<ttx> that sounds *bad*
<mathiaz> ttx: yes - I'd have to look at the upstart init script
<mathiaz> ttx: bug 552786
<uvirtbot> Launchpad bug 552786 in upstart "Lack of exit codes" [Undecided,New] https://launchpad.net/bugs/552786
<ttx> does it look like something we should target for beta2 ? i.e. something to work on by next week ?
<mathiaz> ttx: hm - I don't consider it as a beta2 blocker
<mathiaz> ttx: it should definetely be fixed for final though
<ttx> ok
<ttx> will target appropriately
<mathiaz> ttx: that being said it doesn't mean we should push it back too long
<ttx> mathiaz: yes, I think that's something to work on now
<mathiaz> ttx: ie working on bugs targeted at final can be done before beta2
<ttx> not just a blocker
<mathiaz> ttx: agreed - it's not a blocker
<mathiaz> ttx: the same way as the nss/ldap bug is not a blocker either
<ttx> beta2 targeting has two facets -- the bugs that need to be fixed by the milestone, but also the bug that should get fixed by the milestone
<ttx> depending on who targets :)
<ttx> mathiaz: last thing (yes, I know I said only 2)
<ttx> mathiaz: multi-network status -- I don't think the current status in the beta2 whiteboard is reflecting current situation
<ttx> mathiaz: it's unblocked, right ?
<mathiaz> ttx: well - I haven't had time to test if the netboot installer now works
<mathiaz> ttx: you've reported it was able to detect block devices now
<ruben23> guys, do i need to run fsck..? manually to repair a corrupted LVM...
<mathiaz> ttx: but the wrong one
<ttx> let me check that again with todays status
 * ttx fires up magic
<ttx> mathiaz: please make sure that status is up-to-date on your specs by EOD so that I get the right info for release meeting tomorrow
<mathiaz> ttx: ok
<ttx> mathiaz: still seems to pick up local HDD as sdb instead of sda
<mathiaz> ttx: ok - I'd have to test it on the hardware DC
<ttx> I tested ISO today and it worked alright
<mathiaz> ttx: the netboot installer may be the problem
<ttx> if you confirm it, please file bug
 * ttx checks if there is already one
<ttx> doesn't seem to be one
<that0n3guy> hey all, I'm on a vps and usually run at about 380m of ram used... but about 30 minutes ago, its been easily over 480m (100mb difference) how can I look and see where its all going?
<that0n3guy> top isnt much use, everything it shows is showing %0 mem usage
<Oxymoron> Could someone explain to me whats wrong with this line : LoadModule php5_module /usr/lib/apache2/modules/libphp5.so? Apache2 says its invalid syntax? :S
<cbeebie> If I install ubuntu server with automatic updates turned off, what's the proper way to turn them or (or off ) at a later stage?
<sherr> that0n3guy: ps / free : man ps (e.g. ps axl)
<cbeebie> that0n3guy: top is great! Maybe you have nothing that's using more then 1% of the memory?
<that0n3guy> cbeebie: yeah, so why is 100mg of free ram gone?  I had to add more ram to my vps just for it to ever run...
<that0n3guy> what kinda of things cause that?
<that0n3guy> i've got 194mb cached...  that seems high to me but maybe not
<cbeebie> that0n3guy: Linux is pretty aggressive about using memory that would otherwise be free for caching and buffering
<sherr> Oxymoron: http://httpd.apache.org/docs/2.2/mod/mod_so.html#loadmodule
<sherr> maybe : relative path and module name? See docs
<that0n3guy> I gotcha so the 100mb that was all of a sudden used might be it just is caching more b/c I added more to the syste
<that0n3guy> m
<Oxymoron> sherr: i got this error when trying to start apache2:
<Oxymoron> apache2: Syntax error on line 185 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/php5.load: Cannot load /usr/lib/apache2/modules/libphp5.so into server: /usr/lib/apache2/modules/libphp5.so: cannot open shared object file: No such file or directory
<Oxymoron> oxymoron@o
<Oxymoron> libphp5.so is in there
<Oxymoron> sherr: I guess the name of libphp5.so should be mod_php5.so instead?
<ruben23> hi,what happened is during boot up it force scanned the vol001 then found inconsistency then it says- to do manually repir fsck.
<mathiaz> zul: do you have daily-build of puppet?
<zul> mathiaz: yeah the latest is being pushed out now
<mathiaz> zul: where?
<zul> mathiaz: the script is being run on my machine and it will uploaded to a ppa but I can force it if you want
<RoyK> wouldn't it be nice if you came home and your girlfriend pulled this at you? http://pharmama.files.wordpress.com/2010/03/fakesstest.jpg
<mathiaz> zul: and where is the puppet package published?
<mathiaz> zul: in which PPA?
<zul> someone should read my blog more often ;)
<zul> check on ~ubuntu-server-edgers
<odin2> bogeyd6, thank you very much for your help - it still doesn't work yet, but at least I have hope and an idea where to go from here and that is much more than when I came in. thx again!
<zul> mathiaz: i just pushed the latest puppet git to the ppa
<gamla_kossan> hi guys, thought I should ask in here: does the ubuntu 9.10 live cd support ntfs?
<ScottK> Ubuntu Server doesn't have a live CD
<ruben23> hi
<gamla_kossan> ScottK: true, but getting an intelligent answer in #ubuntu is.. well, a bit unprobable :/
<ScottK> gamla_kossan: That doesn't make it on topic for this channel.
<gamla_kossan> ScottK: well, if you're gonna hardline about it, nevermind. have a nice life etc.
<jcastro> ScottK: fascist!
<jcastro> :)
<ScottK> Yeah, the problem is if you answer one, then we get overrun with others.
<ScottK> I have kids.  I know exactly how this works, "But Daaaaaaad, last time you ...."
<odin2> :)
<mathiaz> zul: smoser: is /dev/xconsole used on EC2?
<zul> mathiaz: I dont think so
<smoser> mathiaz, yeah, i think thats gone now
<smoser> from the guest kernel
<smoser> mathiaz, at least:
<smoser> $ ls /dev/xconsole
<smoser> ls: cannot access /dev/xconsole: No such file or directory
<smoser> thats in a karmic guest
<RobH> Is this the proper channel to ask for assistance with setting up a cloud controller & node controller to run virtual instances?
<stickystyle> I wanted to test out the JeOS install in 10.04, when I press F4 to bring up the install modes menu and select "Minimal install virtual machine" and press enter, am I supposed to get some kind of feedback that it accepted my selection?
<jeffesquivel> hi, has anyone here used ubuntu-server to create a webdav share?
<RoAkSoAx> kirkland, ping
<alvin> RobH: More or less. You have ubuntu-virt for that.
<RobH> ahh, will ask there, thank you
<Davexor> Greetings, I have a (somewhat) simple question
<Davexor> I am attempting to set up a home server with Web and Media etc.  My issue is that i am not all that Command-line fu.  Would it be a better idea to run it off of a desktop version of ubuntu? Or to install a desktop core on the server edition?
<ScottK> It doesn't make a significant difference.
<Davexor> Ok, then on to my second question, How would i install a GUI on my server install?
<ScottK> sudo apt-get install ubuntu-desktop.  Anything that happens after that you need to ask in #ubuntu.
<Davexor> Rock on.  thank you
<ruben23> hi guys i have an existing tftp server on my linux server, with an ubuntu-image, how do i add up windows image on it like win 7 so i can install windows 7 on network..and make it worked..
<RoAkSoAx> kirkland, howdy!!
<kirkland> RoAkSoAx: howdy ;-)
<RoAkSoAx> kirkland, how's it going?
<kirkland> RoAkSoAx: hacking on libvirt ;-)
<RoAkSoAx> kirkland, wish I had the knowledge to do that too :)
<kirkland> RoAkSoAx: heh, just takes time and a willingness to learn
<RoAkSoAx> kirkland, i do meet the requirements lol though right now im cvrazy with last too weeks of school so I'll ping you about that later. Anyways... I wanted to ask you if you've come to a decision regarding how to obtain ubuntu+1 in testdrive?
<kirkland> RoAkSoAx: i had a few ideas, one i liked better than others
<kirkland> RoAkSoAx: would you do this ...
<kirkland> RoAkSoAx: would you open a bug in Launchpad about this
<kirkland> RoAkSoAx: mark it High/Triaged
<kirkland> RoAkSoAx: assign it to me
<kirkland> RoAkSoAx: and let's discuss it there
<kirkland> RoAkSoAx: i can't chat too much right now, but i'll email it to that bug
<kirkland> RoAkSoAx: also, others might chime in with better ideas
<RoAkSoAx> kirkland, will do then
<kirkland> RoAkSoAx: thanks dude
<RoAkSoAx> np ;)
<kirkland> RoAkSoAx: sorry about the busy schedule
<kirkland> RoAkSoAx: things should slow down soon ;-)
<RoAkSoAx> kirkland, its ok... i'm busy with school anyways for this next two weeks
<RoAkSoAx> kirkland, btw I've created two blueprints for the modularization and the Front-end for the gsoc and I guess you'll have to add mi to the testdrive group to be able to make uploads to testdrive-gtk trunk
<kirkland> RoAkSoAx: right, sounds good
<kirkland> RoAkSoAx: remind me of your LP id
<RoAkSoAx> kirkland, ~andreserl
<kirkland> RoAkSoAx: https://edge.launchpad.net/~testdrive-gtk
<kirkland> RoAkSoAx: you're in ;-)
<RoAkSoAx> kirkland, i know it is a pain to have different nick, lp id, and stuff :P
<RoAkSoAx> kirkland, awesome thanks :)
<kirkland> RoAkSoAx: heh, hard to remember at first
<kirkland> RoAkSoAx: testdrive-gtk now owns https://code.edge.launchpad.net/~testdrive-gtk/testdrive-gtk/trunk
<kirkland> RoAkSoAx: the code in there right now was mostly written by rickspencer as a quick rough draft
<kirkland> RoAkSoAx: you're welcome to start from that, or scratch
<RoAkSoAx> kirkland, i've already started from scratch, though if i knew how to handle the ubuntu+1 issue now it would be something i wouldn't hvew to worry about in the future because Im using the same code to create the list of iso's for the pygtk itnerface
<kirkland> RoAkSoAx: cool, i'll get that for you tonight, then, if it's blocking you ;-)
<Xpistos|work> is there a way to get my server to mail me the logs that come up in /var/mail/USER
<RoAkSoAx> kirkland, i know that the code for the ISO list creation should be independent from the testdrive common code, so if I new how are we gonna handle the ubuntu+1 issue now, that would allow me to actually separate the code now and make it independent.
<kirkland> jdstrand: http://paste.ubuntu.com/407717/
<RoAkSoAx> kirkland, btw... what I was thinking is keep the config for ubuntu+1 in the config file but it can be loaded differently from the other part of the config
<RoAkSoAx> for example [testdrive-globals]
<RoAkSoAx> and [testdrive-iso-list]
<RoAkSoAx> and I can work with that in the meanwhile
<kirkland> RoAkSoAx: okay, so here's the basic implementation
<kirkland> RoAkSoAx: we should cache the "development" release somewhere, like /var/cache/testdrive/ubuntu-development
<kirkland> RoAkSoAx: basically, that wget from cdimage would write the code name into there
<kirkland> RoAkSoAx: and cache it for some amount of time (a day, at least)
<kirkland> RoAkSoAx: and only do the wget to update that cache when it's expired
<kirkland> RoAkSoAx: ideally, there should be some other way to get this information
<kirkland> RoAkSoAx: perhaps ask mvo in ubuntu-devel at some point
<kirkland> RoAkSoAx: in the config file, we would get the current dev code name from that cache file
<RoAkSoAx> kirkland, ok sounds like a plan then
<kirkland> RoAkSoAx: i need to get this in tonight
<kirkland> RoAkSoAx: get that bug filed and assigned to me ;-)
<RoAkSoAx> kirkland, ok will do :)
<Nattgew> I have a PHP server that's been working fine for a long time. It was acting weird today so I restarted it, but when I try to access the pages, they download and don't display.
<Nattgew> I've poked around a bit but I'm not sure what's going on.
<sherr> Nattgew: Could there have been a server s/w update that's been activated by the reboot?
<sherr> Maybe check what's been installed recently - /var/log/apt /var/log/aptitude* etc.
<sherr> Plus the apache logs of course.
<Nattgew> I checked those logs, mysql updated recently but it's been a long time since anything else happened
<Nattgew> I'm not sure what I'm looking for, the packages seem to be installed and the php module is loading
<sherr> Apache log - access and error for the page?
<sherr> What does "acting weird" mean? Do you think it is related? Was it working just before reboot?
<Nattgew> I had a shell script I was running, and it had frozen and would not run again. It was also doing the same thing with the webpages.
<Nattgew> When I try to go to the page, it spits out 5 of these
<Nattgew> 127.0.0.1 - - [01/Apr/2010:16:21:11 -0500] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch (internal dummy connection)"
<RoAkSoAx> kirkland, btw I'm also gonna be trying to create a resource agent to setup HighAvailability for some of the Cloud Controllers, so I'll be poking you about the kvm related stuff
<kirkland> RoAkSoAx: cool
<Nattgew> hmm, if I go to the pages directly, it works now, but my bookmarks that worked before pointing to http://server/ try to download
<Xodiac13> i need help on getting my server back up and running i did a distro upgrade and now im getting a mount filesystem error
<Xodiac13> i need help on getting my server back up and running i did a distro upgrade and now im getting a mount filesystem error
<Xodiac13> i need help on getting my server back up and running i did a distro upgrade and now im getting a mount filesystem error
<Nattgew> Xodiac13 do you mean that it's not booting?
<RoAkSoAx> kirkland, btw I reported the bug in testdrive but I cannot change the status nor importance of it, so I just set it to confirmed and assigned it to you
<kirkland> RoAkSoAx: url?
<RoAkSoAx> kirkland, https://bugs.launchpad.net/testdrive/+bug/553616
<uvirtbot> Launchpad bug 553616 in testdrive "Improve method to obtain current development release for ISO list generation" [Undecided,Confirmed]
<Xodiac13> Nattgew: i did a distro upgrade and everything went fine i rebooted and now when it goes into grub counts down then tries to boot i get a general mount filesystem error
<kirkland> RoAkSoAx: got it, thanks
<RoAkSoAx> np ;)
<Nattgew> Xodiac13 can you boot a CD to repair it?
<Xodiac13> Nattgew can i use the ubuntu server 8.04 even though i upgraded to ubuntu server 9.10
<Nattgew> that should be fine
<Xodiac13> when i load the cd what am i looking for
<airells> amanda , bacula or what to backup  ?
<Xodiac13> i dont want to mess anything up
<Nattgew> what options does the server CD give you?
<qman__> you probably want to "repair a broken system", drop to a root shell, and manually fix the problem
<Xodiac13> crap i lost my server cd do you think if i were to get the ubuntu server 9.10 it will revover it still
<qman__> likely a grub issue
<qman__> you can do it with any live CD, doesn't even really need to be ubuntu
<Xodiac13> qman__ so i can use my ubuntu desktop 9.10 to try and fix it
<Xodiac13> what am i looking for
<qman__> you will want to mount your local filesystem, make sure /etc/fstab is right
<Xodiac13> qman__ okay
<qman__> then run grub, make sure the system.map is right, and reinstall it to the mbr
<Xodiac13> qman__ lol is there a recovery option
<sherr> Xodiac13: Can you boot an old kernel i.e. ESC/Shift at boot to get grub menu / try different kernel?
<Xodiac13> sherr: okay when i do that and it works will i be able to have it boot that kernal
<sherr> If you have a kernel that still boots, you can make that the default to use (if that's what you mean)
<Xodiac13> yes
<Xodiac13> sherr none of the older kernals worke
<Xodiac13> worked*
<Xodiac13> sherr i am downloading the ubuntu server 9.10 after that were do i go from there
<Xodiac13> sherr or if there is a way to still save the folder and all the files that would be a lot better
<sherr> Your files/dirs are almost certainly still on the disk fine
<sherr> Boot a CDROM (maybe live) and backup if you want
<sherr> Or boot "rescue mode" and try fixing
<Xodiac13> sherr when i boot rescue mode is it going to try to fix it automatically
<sherr> No, you will have to try and fix it. Hard to say what the problem is.
<sherr> IRC is difficult for this type of support sometimes. Lots of good web guides e.g.
<sherr> https://help.ubuntu.com/9.04/installation-guide/i386/rescue.html
<sherr> 9.10 better maybe : https://help.ubuntu.com/9.10/installation-guide/i386/rescue.html
<sherr> and the forums.
<Xodiac13> sherr okay i will take a look
<sherr> Good luck anyway :-)
<Xodiac13> sherr thank you
<RoyK> I just hope the grub2 problems gets fixed soon
<RoyK> I have a truckload of servers that wants a new version and not being able to boot them properly is a bitch
<Xodiac13> RoyK i hope i can fix my server lol i really need it working right now
 * RoyK offers Xodiac13 to transfer $10k to his account
<Xodiac13> lol yeah wooot
<RoyK> a windows XP CD can do wonders
<Xodiac13> RoyK no no no no no lol heck no i refuse to have a server with windows xp i only have windows on 2 computers one for gaming and the other because the ati radeon video card isnt supported anymore its a legacy card
 * RoyK hands Xodiac13 an opensolaris dvd
<Xodiac13> RoyK not familiar with opensolaris
<RoyK> I didn't like it much until I discovered zfs and that made me move storage over to opensolaris
<RoyK> it somehow cancels the need for hardward raid, making it much better through software
<RoyK> caching with SSDs is nice
<Xodiac13> heck yeah
<Xodiac13> but i am going to wait on getting SSDs because i heard of them breaking the platter spins to fast and breaks
<qman__> I don't know about opensolaris, never used it, but I have used sun solaris
<qman__> it may have some nice features but the userland is a total bear
<RoyK> qman__: userland in solaris 10 is old
<qman__> it's like working on a unix box straight out of the 80s
<RoyK> userland in opensolaris is better, but not really good
<RoyK> at least you have stuff like vim
<RoyK> and standard setup with sudo
<qman__> had to spend a good hour or two getting the gnu userland and basics
<qman__> and even then, half the programs were still the old, unfriendly ones
<qman__> nice to know opensolaris isn't as bad
<RoyK> try opensolaris - it's not that bad
<RoyK> it's still old stuff, but the zfs stuff rocks and service management is nice once you get to know it
<qman__> I imagine so, the straight solaris stuff had some potential
<qman__> but was a total pain since I could never figure out what it was trying to tell me
<RoyK> there are some issues, though, like ssh not logging failed logins unless you touch this and that file, because perhaps someone could fill your disk with faulty login messages and ......
<RoyK> there's a lot of old shit with (open)solaris
<qman__> I actually encountered a solaris box with a full disk
<qman__> you really can't do anything
<qman__> it was an old sparc with a 20GB disk in it
<qman__> it won't let you stop services or delete files
<qman__> because apparently it has to log that action before it performs it, or something
<qman__> and couldn't, because there was no free disk space
<RoyK> http://tools.ietf.org/html/rfc5841
<KSid> Hi guys
<KSid> Is it possible to remove a package via aptitude while leaving all dependant apps in place?
<KSid> I want to upgrade openssl from source so want to replace the existing install
<ryanakca> For Lucid+1, would it be feasible for Ubuntu to maintain a tripwire database?
<mathiaz> kirkland: hi!
<kirkland> mathiaz: hiya
<mathiaz> kirkland: how big is your local amd64 mirror?
<kirkland> mathiaz: i can tell you how big the whole i386+amd64 mirror is
<KSid> Any suggestions about removing a package and leaving broken packages via aptitude?
<kirkland> mathiaz: du churning...
<kirkland> mathiaz: 325G
<ryanakca> (and keep it up to date with the MD5SUMS of the files in packages)
<kirkland> mathiaz: removing i386 might drop that a bit
<mathiaz> kirkland: hm ok - so a 128GB SSD drive isn't enough to host all of the amd64 archive
<kirkland> mathiaz: prolly not
<mathiaz> kirkland: great - thanks
<kirkland> mathiaz: you should just pick up a little usb powered external drive
<kirkland> mathiaz: 500G
<kirkland> mathiaz: and keep that in your bag
<mathiaz> kirkland: I already have one
<kirkland> mathiaz: then you're set ;-)
<mathiaz> kirkland: but not 500 Gb :/
<mathiaz> kirkland: how big is main only?
<kirkland> mathiaz: $ du -sh pool/main/
<kirkland> 125G    pool/main/
<kirkland> mathiaz: you could probably have just amd64 of main
<lifeless> oh mirrors
<kirkland> mathiaz: and you'll need _all
<lifeless> jpds: ^ :> if you're still up
<lifeless> something I was thinking of was having separate mirror sets for amd64/i386 etc
<lifeless> with the sources files shared between them
<lifeless> or even a dedicated sources set
<jpds> lifeless: I only have stats for full archive mirrors...
<jpds> Oh wait.
<jpds> lifeless: Interesting.
<lifeless> yes
#ubuntu-server 2010-04-02
<lifeless> jpds: we can, I think, write a single update process to spit out N sets
<uvirtbot> New bug: #409192 in libvirt (main) "could not be installed during automatic synptic update" [High,Invalid] https://launchpad.net/bugs/409192
<uvirtbot> New bug: #553676 in samba (main) "nautilus gvfs-smb" [Undecided,New] https://launchpad.net/bugs/553676
<yazd> I'm having a problem using ssh.  When I simply try to connect to an SSH server, as I've done in the past, I get the error message "Privileged ports can only be forwarded by root." I am not trying to forward.  I tried to run the following: ssh [server]
<kirkland> mathiaz: ping
<mathiaz> kirkland: o/
<kirkland> mathiaz: https://bugs.edge.launchpad.net/ubuntu/+source/libvirt/+bug/219249
<uvirtbot> Launchpad bug 219249 in libvirt "virsh completion only works at the shell prompt" [Wishlist,Incomplete]
<kirkland> mathiaz: can you re-test that bug, or close it?
<mathiaz> kirkland: hm - that would require access to a lucid libvirt
<mathiaz> kirkland: which I don't have
<kirkland> mathiaz: not on your mini10v?
<mathiaz> kirkland: nope
<kirkland> mathiaz: is the bug just that virsh can't expand ~ ?
<kirkland> mathiaz: i just tested here on Lucid, works fine
<mathiaz> kirkland: I think what I meant was that when I type the file completion works
<mathiaz> kirkland: but when I hit enter it fails
<kirkland> mathiaz: virsh # define ~/foo2.xml
<kirkland> error: Failed to open file '~/foo2.xml': No such file or directory
<kirkland> mathiaz: like that?
<mathiaz> kirkland: yes
<mathiaz> kirkland: with you typing only ~/fo and then completed it to ~/foo2.xml
<uvirtbot> New bug: #239107 in libvirt "kvm - guest freebsd 7 - reboot problems" [Wishlist,Fix released] https://launchpad.net/bugs/239107
<uvirtbot> New bug: #235386 in libvirt (main) "Permissions of files in /etc/libvirt/qemu are too restrictive" [Wishlist,Invalid] https://launchpad.net/bugs/235386
<uvirtbot> New bug: #368084 in libvirt (main) "internal error creation of non-raw images is not supported without qemu-img" [Medium,Fix released] https://launchpad.net/bugs/368084
<uvirtbot> New bug: #273748 in libvirt (main) "postinst fails with addgroup: The group `libvirtd' already exists as a system group." [High,Confirmed] https://launchpad.net/bugs/273748
<uvirtbot> New bug: #351183 in libvirt (main) "libvirtd crashed with SIGSEGV in virStateActive()" [Low,Invalid] https://launchpad.net/bugs/351183
<kirkland> mathiaz: hey
<mathiaz> kirkland: o/
<kirkland> mathiaz: what release is your kvm host these days?
<kirkland> mathiaz: still hardy?
<mathiaz> kirkland: yes
<kirkland> mathiaz: with the kvm/libvirt backport?
<kirkland> mathiaz: can you still reproduce https://bugs.edge.launchpad.net/ubuntu/+source/libvirt/+bug/193451 ?
<uvirtbot> Launchpad bug 193451 in libvirt "poweroff in the guest doesn't stop the kvm process on the host" [Low,Confirmed]
<mathiaz> kirkland: 1:84+dfsg-0ubuntu12.4~hardy1~ppa1
<mathiaz> kirkland: 0.6.1-0ubuntu5.1~rc1ppa1
<mathiaz> kirkland: let me try that
<kirkland> mathiaz: cool, thanks
<kirkland> jdstrand and I have cut libvirt's open bugs from 78 to 41 \o/
<mathiaz> kirkland: seems like it's working correctly now
<kirkland> mathiaz: would you mind marking that bug fix-released?  or would you like me to?
<mathiaz> kirkland: I'll update the bug
<kirkland> mathiaz: thanks dude
<kees> kirkland: have you had good irc sessions with screenbin?  I'm thinking about using screenbin for a session, but realized that logging it might be uncool
 * kees ponders how to tie it to the irc channel...
<seyacat> hi ubuntu server
<seyacat> what is the name of package of text mode ubuntu installer? like ubiquity but in text mode
<kees> seyacat: "debian-installer"
<seyacat> kees: ty, isee that
<seyacat> kees: how can i use debian-installer?
<_Techie_> !deb
<ubottu> deb is the Debian package format, also used by Ubuntu. To install .deb files, simply double-click (in Ubuntu) or click (in Kubuntu) on them to start the GDebi utility.
<_Techie_> !dpkg
<ubottu> dpkg is the Debian package maintenance system, which together with apt forms the basic Ubuntu package management toolkit.
<_Techie_> someone help me, my minds gone blank
<_Techie_> syntax from installing from a .deb please
<_Techie_> for*
<qman__> _Techie_, dpkg -i package.deb
<qman__> see also: dpkg --help; man dpkg
<14WAAGF8Z> can anybody help me how to exclude a folder from the rsync command. i have a fodlder called "Search" inside the folder called "charts.windows" that i do not want rsync to copy, the rest of the folders inside the "charts"folder i do want them to be copy: this is what i have: rsync -v -r -d --delete /home/rgotten/charts.windows /home/rgotten/Prueba/Myplasticare/Charts >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<erichammond> 14WAAGF8Z: Try adding an option like: --exclude charts.windows/Search
<kobrien> ahoy, just looking at lucid. it seems lighttpd can't bind to port 80. is anyone looking at this?
<14WAAGF8Z> erichammond: in waht part of the command i should add that
<erichammond> 14WAAGF8Z: Anywhere before the source directory
<ddecator_> i have my server setup with my ssh key so i don't need to login when i access it. however, i used my .pub key...since that key is on lp, should i generate a new key to use for accessing my server? or does it still need the private key on my system anyway?
<ddecator_> oh, when i logged on it asked me to unlock my private key. so i guess that answers my question =)
<RoAkSoAx> kirkland, what about lp?
<RoAkSoAx> getting the release from lp?
<billybigrigger> i just fired up a test vm i had in vbox, i zipped up the /var/www folder and want to transfer it over my network...last time i ran this vm i remember networking was functioning correctly
<billybigrigger> eth0 will not go up, i've checked my interfaces they are good, the e1000 network module is loaded...
<billybigrigger> sudo ifup eth0 returns and error about no device
<billybigrigger> SIOSCSIFADDR: No such device
<billybigrigger> eth0: ERROR while getting interfaces flags: No such device
<billybigrigger> any suggestions?
<aetaric> sounds like the virtual adapter isn't connected
<billybigrigger> ï¿¼
<billybigrigger> Network
<billybigrigger> Adapter 1:
<billybigrigger> Intel PRO/1000 MT Desktop (Bridged adapter, eth0)
<billybigrigger> it's connected
<aetaric> no clue then
<billybigrigger> hmmm
<billybigrigger> where's j he's usually good at bailing me out :)
<SJrX> is there a command like time that will give me an idea how much iowait time the process had, I have a problem where the first time I execute commands on a VPS it takes like 300 ms to start executing.
<jeffesquivel> billybigrigger, are you sure that the interface exists in the guest? (i.e. does it shows on ifconfig -a ) ?
<billybigrigger> it shows up as eth3
<billybigrigger> sudo ifup eth3
<billybigrigger> ignoring unkown interface eth3=eth3
<billybigrigger> jeffesquivel, ?
<billybigrigger> any ideas
<jeffesquivel> billybigrigger, probably your mac address changed, which udev interpreted as you inserting a new inteface, thus giving it a new persistent name (that would almost always have been correct in a physical machine)
<billybigrigger> yeah, that makes sense
<billybigrigger> i generated a new mac address in vbox
<jeffesquivel> billybigrigger, if that's it... then you can edit /etc/udev/rules.d/70-persistent-net.rules
<jeffesquivel> billybigrigger, all you need to do is delete the old entries
<jeffesquivel> and then replace eth3 for eth0
<jeffesquivel> billybigrigger, other solution would be to edit /etc/network/interfaces
<billybigrigger> already edited my interfaces
<jeffesquivel> billybigrigger, and replace eth0 for eth3 and use ifup eth3 just like before
<jeffesquivel> billybigrigger, ok, nevermind then
<jeffesquivel> ;)
<billybigrigger> jeffesquivel, thanks
<jeffesquivel> billybigrigger, no problem
<billybigrigger> now to finish transferring /var/www and exporting my mysql tables...fun stuff
<gwynddyllyd> anyone knows if there is a way to recover an encrypted partition left over from a previous install
<gwynddyllyd> I accidentally borked my system yesterday and upgraded to 10.04 today. My old ~ is still in another partition, but after mounting it I can't access its contents - they were encrypted.
<jeffesquivel> gwynddyllyd, do you have the key?
<gwynddyllyd> While this is a good sign for security, it's bad for my local confs...
<gwynddyllyd> jeffesquivel: I know the pass, but if by key you're referring to a file that serves as key then I'm out of luck.
<gwynddyllyd> Also, does this means that I should keep backups of .Private at all times?
<jeffesquivel> gwynddyllyd, you should always keep backups of your important stuff :-)
<jeffesquivel> gwynddyllyd, but what you really need to have is the info on that file that serves as key
<gwynddyllyd> jeffesquivel: all my documents were archived somewhere as well, it's just the conf files that I have lost
<jeffesquivel> gwynddyllyd, IIRC, just after installation you're warned about it... but not everything is lost...
<jeffesquivel> gwynddyllyd, I think kirkland is THE guy to ask about encrypted home though...
<gwynddyllyd> jeffesquivel: any way to get the contents back, or am I out of luck?
<gwynddyllyd> ,seen kirkland
<gwynddyllyd> (do we have a bot here?)
<gwynddyllyd> jeffesquivel: but even then, thanks a lot.
<jeffesquivel> gwynddyllyd, ok, lets see if I can help while we wait for his reply
<jeffesquivel> right now you have a .Private directory on your home with all your encrypted stuff, right?
<gwynddyllyd> also, lucid beta comes with great defaults. My console is setup for 1280x1024 and I have done zilch for it to happen
<gwynddyllyd> on a folder at /media/local/olduser
<gwynddyllyd> my current ~ is a different partition
<gwynddyllyd> entirely different from the one I borked
<jeffesquivel> gwynddyllyd, ok... do you happen to also have your old ~/.ecryptfs ?
<gwynddyllyd> let me check
<maxagaz> i have some troubles with cups, when trying to modify a printer, I get this error message in the logs: E [02/Apr/2010:13:30:30 +0800] Unable to change permissions of "/etc/cups" - Permission denied
<maxagaz> permissions are already set to 755, and user:group is root:lp
<gwynddyllyd> yes I do
<maxagaz> can someone help ?
<jeffesquivel> gwynddyllyd, do you have a wrapped-passphrase in there?
<jeffesquivel> gwynddyllyd, if you do... try this: ecryptfs-unwrap-passphrase wrapped-passphrase
<gwynddyllyd> jeffesquivel: yes, there is
<jeffesquivel> gwynddyllyd, it will ask you for your password (the one you have) and then the output should be a lot of letters and numbers
<gwynddyllyd> jeffesquivel: done.
<gwynddyllyd> jeffesquivel: numbers and letters at the prompt
<jeffesquivel> gwynddyllyd, now, you need to use mount -t ecryptfs to mount your encrypted directory unto a decrypted one using the key you just got...
<jeffesquivel> gwynddyllyd, give me a sec to see if I can find a tutorial for that
<gwynddyllyd> jeffesquivel: i'm reading ecryptfs' man page. Seems ok to follow.
<jeffesquivel> gwynddyllyd, ok... then my work's done :-)
<gwynddyllyd> jeffesquivel: I really appreciate your help. I was about to wipe the partition and buy a new hd to hold my confs on separate media.
<gwynddyllyd> (which for the latter i might still do)
<jeffesquivel> gwynddyllyd, you're welcome
<gwynddyllyd> jeffesquivel: to be completely fair I see no point in encrypting configs. As soon as I manage to copy the old files somewhere else I'll wipe the partition.
<jeffesquivel> gwynddyllyd, I guess it depends on the contents of those configs
<jeffesquivel> gwynddyllyd, for example, pgadmin3 stores passwords for your database in cleartext somewhere in your home
<gwynddyllyd> jeffesquivel: editors, compilers, git, etc
<jeffesquivel> gwynddyllyd, or you could have a recently used file named "something deeply personal you don't want to share with others" and that name is in a config file...
<jeffesquivel> gwynddyllyd, but I see your point :-)
<gwynddyllyd> lol
<gwynddyllyd> yes that could happen, but that's not the case.
<jeffesquivel> gwynddyllyd, I know... I think I just have my $HOME encrypted to mess with big brother... ha hahaha
<gwynddyllyd> jeffesquivel: hahhahahhahah
 * gwynddyllyd thinks about GoDaddy's recent brawl with China
<gwynddyllyd> jeffesquivel: Do you happen to know what kind of cipher Ubuntu uses by default? It's asking me right now.
<jeffesquivel> gwynddyllyd, hmm... that should be on my fstab
<jeffesquivel> no, it's not there... but mount does know
<jeffesquivel> ecryptfs_cipher=aes,ecryptfs_key_bytes=16
<gwynddyllyd> jeffesquivel: aes did the trick - it was the default
<jeffesquivel> gwynddyllyd, ok, great
<gwynddyllyd> but apparently .Private on that partition is a symbolic link to /home/.ecryptfs/olduser/.Private
<gwynddyllyd> nevermind, it's on media too, I just have to relink it.
<jeffesquivel> gwynddyllyd, I was just reading about that! http://dustinkirkland.wordpress.com/2009/08/06/moving-your-encrypted-home-meta-data-out-of-varlibecryptfs/
<gwynddyllyd> jeffesquivel: Copying that link will be hard. I'm on the console and I haven't used screen to spawn this emacs instance... :(
<gwynddyllyd> let me grab a pen... lol
<billybigrigger> ewwwww
<billybigrigger> hehe
<jeffesquivel> gwynddyllyd, ha haha... it may help... but basically says what you already know... that some stuff is really located at /home/.ecryptfs/$USER
<gwynddyllyd> jeffesquivel: yes, I have relinked it and managed to mount it... but the contents are not there!
<gwynddyllyd> something is amiss
 * gwynddyllyd scratches head
<jeffesquivel> gwynddyllyd, did you check the encrypted files are where they should be?
<jeffesquivel> jeffesquivel, you see nothing on your mounted directory or you see everything but with scrambled names?
<gwynddyllyd> jeffesquivel: I saw the files at /media/local/.ecryptfs/olduser/.Private
<gwynddyllyd> and they're scrambled
<gwynddyllyd> but now I've linked them there
<gwynddyllyd> oh, wait
<gwynddyllyd> maybe I should try mounting at the .ecryptfs directory
<gwynddyllyd> instead of at the 'old location'
<gwynddyllyd> since it's not my home anymore
<gwynddyllyd> no point in linking anything
<gwynddyllyd> jeffesquivel: no luck. Everything's scrambled after mounting with my passphrase. That's sad, and a proof that security works. Not even the owner can access his files if he's careless.
<jeffesquivel> gwynddyllyd, wait
<jeffesquivel> gwynddyllyd, if you try to open one of the files, is it readable?
<jeffesquivel> gwynddyllyd, IIRC, the system does two things: 1) encrypt your data 2) change the name of everything so that you can't get info out of the names
<jeffesquivel> gwynddyllyd, it does that with two different keys
<jeffesquivel> but I think you can get the key for the filename stuff from the key you already have...
<gwynddyllyd> jeffesquivel: let me try. The names are definitely hard to read and type.
<gwynddyllyd> jeffesquivel: I complains about not finding a key with description XXXXXXXXXXXX
<jeffesquivel> gwynddyllyd, hmm... you could try doing ecryptfs-add-passphrase before trying to mount
<gwynddyllyd> s/I/It
<gwynddyllyd> it asks me to when I'm mounting interactively.
<gwynddyllyd> I figured I shouldn't since I don't want to get some global file dirty.
<gwynddyllyd> (it probably holds info on the current ~ too)
<jeffesquivel> gwynddyllyd, hmm... what you need is your fnek sig... now I remember
<jeffesquivel> gwynddyllyd, that is stored on ~/.ecryptfs/Private.sig
<jeffesquivel> I think that when you are mounting the encrypted dir it asks you if you want to use fnek (file name encryption key) or something like that
<gwynddyllyd> let me try to remount it
<jeffesquivel> gwynddyllyd, you have to say yes and use one of the sigs on that file I told you
 * jeffesquivel should write about of this process on his blog for when he needs it again in the future
<jeffesquivel> wait, scratch that...
 * jeffesquivel should start a blog
<jeffesquivel> ;)
<gwynddyllyd> jeffesquivel: mounting with the fnek for the passphrase did nothing apparently. It complains that it couldn't find a matching auth token for the damn thing, though it gives me the matching pass as error
<gwynddyllyd> But I'm assuming it will be impossible to retrieve it.
<gwynddyllyd> jeffesquivel: If I manage to make this work I'll write a script to automate the backup of all keys and restore them.
<jeffesquivel> gwynddyllyd, I know it is possible... I just can't remember exactly how... he he.
<gwynddyllyd> This is such a headache... lol
<gwynddyllyd> And the worst part is that I'm doing just for the challenge now, since I could've reconfigured everything I needed already.
<jeffesquivel> gwynddyllyd, yep... that's exactly why I want to see it done... ha haha...
<gwynddyllyd> hahhahahha
<gwynddyllyd> you sadistic bastard
<gwynddyllyd> :p
<jeffesquivel> ok, wait... I
<jeffesquivel> 'll try this... but that means logging out
<jeffesquivel> brb
<jeffesquivel> gwynddyllyd, got it!
<gwynddyllyd> jeffesquivel: how??
<jeffesquivel> gwynddyllyd, this is what I did (everything as root):
<jeffesquivel> gwynddyllyd, ecryptfs-add-passphrase --fnek
<jeffesquivel> gwynddyllyd, that should insert two sigs into your kernel or something like that... both of them are the ones that you can find on ~/.ecryptfs/Private.sig
<jeffesquivel> gwynddyllyd, did that work?
<gwynddyllyd> Sort of. They come out differently from what's in Private.sig
<gwynddyllyd> I wonder if I have the passphrase wrong
<jeffesquivel> gwynddyllyd, hmm...
<jeffesquivel> gwynddyllyd, well, just in case...
<jeffesquivel> gwynddyllyd, after that, I did mount -t ecryptfs /encrypted/directory /mnt
<jeffesquivel> it asked me for the passphrase again
<gwynddyllyd> Should I use as input the long one I got from unwrap-passphrase or as plaintext?
<gwynddyllyd> Did it work?
<jeffesquivel> gwynddyllyd, the long one you got from unwrap-passphrase
<jeffesquivel> in both cases... for add-passphrase and for mount -t ecryptfs
<gwynddyllyd> jeffesquivel: that might be it then
<jeffesquivel> yes, it worked for me logged in as another user (and then sudoing a shell) I got to mount this user's home
<gwynddyllyd> The key matched now!
<jeffesquivel> gwynddyllyd, great
<jeffesquivel> gwynddyllyd, now you do mount -t ecryptfs /encrypted/ /mnt
<jeffesquivel> give it the long unwrapped passphrase
<jeffesquivel> after that, answer aes, 16, y, y
<jeffesquivel> then it will ask you for one of the sigs... in my case I had to use the second one on Private.sig
<jeffesquivel> and that was it
<gwynddyllyd> jeffesquivel: IT WORKS!
<jeffesquivel> gwynddyllyd, :-)
<gwynddyllyd> That's one long passphrase to input by the way
<gwynddyllyd> It's safe to assume that whoever has access to someone else's password still needs a lot of determination to carry it through.
<gwynddyllyd> jeffesquivel: I can't express my gratitude enough. This has been driving me insane.
<jeffesquivel> gwynddyllyd, you're welcome
<gwynddyllyd> The 'entire passphrase' nailed it.
<gwynddyllyd> Man, my old ~ was very messy.
<jeffesquivel> gwynddyllyd, ha haha... that tends to happen
<gwynddyllyd> jeffesquivel: I'm making a tarball of everything right now. No more crazy ecryptfs in my backups.
<jeffesquivel> gwynddyllyd, ha ha ha
<gwynddyllyd> just kidding
<gwynddyllyd> Will you write that blog post, then? It would help a lot of people.
<jeffesquivel> gwynddyllyd, as soon as I get my blog up again, I'll do it ;-)
<gwynddyllyd> It's almost 5am here. Maybe I should call it a day.
<jeffesquivel> gwynddyllyd, where's that?
<jeffesquivel> gwynddyllyd, well... good night (day?) anyways... he he
<gwynddyllyd> jeffesquivel: ipanema, rio de janeiro
<jeffesquivel> gwynddyllyd, Brasil! cool!
<gwynddyllyd> jeffesquivel: Where you're at?
<jeffesquivel> gwynddyllyd, San JosÃ©, Costa Rica
<Pirate_Hunter> morning, got my hands on a second machine which I wish to turn into a home web server, however, I am wondering should I just cluster both machines together or just use something like mogilefs to distribute the data between them. I just don't want two separate web servers running at the same time even knowing I have also thought of turning the second into a web proxy or where the database will be held. Anyway what do people here
<Pirate_Hunter>  suggest as I am also googling for information?
<gwynddyllyd> jeffesquivel: Never been to Costa Rica! How is it? The stereotype we have here is even sunnier than Rio.
<jeffesquivel> gwynddyllyd, well... on summer it is...
<jeffesquivel> gwynddyllyd, but we have rain about ~8 months of the year
<gwynddyllyd> jeffesquivel: We have only summer here, the entire year. I'm originally not from here, so I tend to be pretty pissed at the temperatures.
<gwynddyllyd> 25-35 C all the time
<gwynddyllyd> On summer it's 30-45
<jeffesquivel> gwynddyllyd, yeah... I don't like hot climate either... but we have really nice beaches not so far away (~4 hours) ;-)
<gwynddyllyd> Oh, San JosÃ© is on the countryside?
<jeffesquivel> gwynddyllyd, nop... San JosÃ© is at the center of the country.... it is the capital city
<jeffesquivel> gwynddyllyd, but CR is really small
<jeffesquivel> gwynddyllyd, you can get from here (the center) to south the border in about 7 hours
<Pirate_Hunter> any suggestions on how I can make better use of the second machine?
<jeffesquivel> and that's too far by our standards (because CR is "taller" than "wider")
<maxagaz> does someone know a good wiki on how to install xen on karmic ?
<jeffesquivel> Pirate_Hunter, how about a HA cluster? (and helping the HA team while at it :-)
<jeffesquivel> maxagaz, just wondering... any special reason why to prefer Xen than KVM?
<Pirate_Hunter> jeffesquivel, not a problem once I look into it, if it does what I need...
<jeffesquivel> Pirate_Hunter, what is that you need?
<maxagaz> jeffesquivel, I'm using kvm too, I'd like to try Xen
<gwynddyllyd> jeffesquivel: I might visit one day. I always wanted to go to Vancouver by car.
<jeffesquivel> gwynddyllyd, wow! that's a long ride!
<gwynddyllyd> Anyway, I'm off to bed. It's really late here.
<gwynddyllyd> jeffesquivel: a jeep and supplies would be enough :)
<Pirate_Hunter> ahhh can you just read the long post I posted, you just have to scroll up a bit
<jeffesquivel> gwynddyllyd, well... if you get to come, be sure to visit Guanacaste's beaches... :-)
<gwynddyllyd> jeffesquivel: I might, I might...
<jeffesquivel> maxagaz, oh, I see... well, got no idea about Xen (besides that it seems to not be supported on Ubuntu anymore), sorry...
<maxagaz> jeffesquivel, not supported anymore? what about ubuntu cloud computing system provided with karmic server ?
<maxagaz> isn't is using xen ?
<jeffesquivel> maxagaz, you mean eucalyptus (or Ubuntu Cloud Environment)?
<sherr> Pirate_Hunter: I don't have an opinion really. Do whatever you feel like it. It all depends on usage etc.
<maxagaz> jeffesquivel, yes
<jeffesquivel> maxagaz, I'm not completely sure, but I think it is based on Qemu-KVM... other people on this channel may know more about it
<sherr> mazagaz: the xen forums, xen site and http://bderzhavets.wordpress.com/
<simplexio> i think kvm is current hot virtualization system, xen isnt sunc with latest kernel releases (and what i have understood, it has some problems)
<sherr> Ubuntu is not so good for Xen really.
<sherr> Xen seems pretty good, and the only real option for systems without h/w VT i.e. a lot of systems.
<sherr> To play with Xen, it might be easier to install Debian Lenny and update to the Debian dom0.
<Pirate_Hunter> sherr, I get what you mean, however, I have no clue what I want to do with the second machine, just wish to good use of the second machine instead of having two web servers running independently, well in the end the I'll figure something out
<simplexio> but dosent alla latest systems have it
<Montjoie> hello i have a problem with an ubuntu hardy under selinux, which channel is the best for this ?
<sherr> simplexio: Most - but that still leaves MASSIVE numbers of older systems in the world. Anyway - Xen is good on its own merits as well.
<simplexio> Pirate_Hunter: you could try run db on another.. if you want to learn something, then you could try install www+db to both and then try some HA stuff
<Montjoie> perhaps there are more specific ubu tu channel tanh this one
<sherr> Montjoie: if you are running ubuntu server, this is the channel ...
<Montjoie> ok
<Montjoie> i have a strange selinux problem
<Montjoie> http://pastebin.fr/7398
<Montjoie> after a fresh install
<Montjoie> pam_console_t is certainly not the good context for a cron script
<Montjoie> all system correctly labeled
<sherr> Montjoie: No idea, sorry (no selinux). If no one else can help, post in the forum/security.
<Pirate_Hunter> simplexio, yeah I been told to make the second hold database, cache etc that way it will balance the load if I ever decide to run some intensive sites, also again the ha cluster will have to read on that
<simplexio> Pirate_Hunter: it depnds what you need or want to try in home servers
<simplexio> Pirate_Hunter: like i currently play with GIs databses and mapnik + rendering maps
<Pirate_Hunter> simplexio, don't think I'll be doing that even knowing it does sound interesting, recently been suffering from extreme boredom and need to think of soemthing to do. The server is intended for hosting some personal pages, a few projects made by me or other people. I will definitely not be using much resources out of the server but do have others that may require some resources specially when doing group projects. Altogether abou
<Pirate_Hunter> t 5-10 people max working on the server, doing group or individual projects and hosting a few sites, what I require stability, redundancy and well a working server(s)
<Pirate_Hunter> sorry for the long text
<maxagaz> is it possible to mount a kvm image in order to takes files on the system installed on it ?
<alvin> maxagaz: Yes, you can do that. You can mount the images with -o loop, but I forgot the rest, but there's good documentation on the subject.
<Montjoie> so no people here do selinux on ubuntu ?
<RoyK> Montjoie: I don't think many uses that, no. ubuntu mostly relies on apparmor instead
<facetiousproxy> installing the server now
<facetiousproxy> any problems known about 8.04
<facetiousproxy> ?
 * RoyK doesn't know any
<facetiousproxy> working on installing now
<facetiousproxy> i found it interesting that even if i choose lamp install i have to install apache2
<RoyK> that is, being two years old, it uses older software than newer distros, so you might be missing something
<facetiousproxy> i don't mind i just appreciate the stability
<RoyK> but again, for most stuff, you don't really need the latest stuff
<RoyK> huh? that should be part of lamp
<RoyK> just remember to apt-get update && apt-get dist-upgrade when you're done installing
<facetiousproxy> thanks
<RoyK> ubuntu 8.04 is stable
<RoyK> imho
<facetiousproxy> that is exactly what i was going to ask
<facetiousproxy> running it on a vpc for de-bugging then will clone onto server
<RoyK> ok
<RoyK> local VM for development is nice
<facetiousproxy> so far it works alright
<facetiousproxy> using sun virtualbox
<facetiousproxy> decent training platform
<facetiousproxy> just putty myway in or just use the screen itself
<Rafael> I have the following comand to backup my ubuntu server into a linksys NAS: rsync -v -r -d --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael>   my problem is that if i try to add -t (timestamp) or -va, i recerive something like: rsync: failed to set times on "/home/rgotten/mnt/Myplasticare/Charts/charts.windows/R/Ruiz/Ruiz Roberto": Operation not permitted (1)
<Rafael>  please help
<RoyK> Rafael: does the filesystem support that?
<RoyK> oh
<RoyK> Rafael: try to just use rsync -av
<RoyK> and wtf is -d?
<RoyK> 'transfer dirs without recursing'??
<Rafael> RoyK  i tryed -va and did not work..you want me to try instead -va?
<Rafael> the fylesystem i believe is ext3
<RoyK> Rafael: if -av doesn't work, we'll try to find the error :)
<RoyK> I use rsync regularly and I haven't seen those problems
<Rafael> sorry i am newby what is diference between va and av?
<RoyK> same thing
<RoyK> -av
<RoyK> -a -v
<RoyK> -v -a
<RoyK> -va
<RoyK> the order is irrelevant
<Rafael> when i try it i get permision denied ..i can try it again..what do you wnat me to show you after i do it?
<RoyK> do you own the target directory?
<RoyK> erm
<Sorell> run with sudo?
<RoyK> you're backing up to a linksys NAS?
<RoyK> I guess that nas has another filesystem that doesn't support it all
<Rafael> let me run it
<Rafael> one sec
<Rafael> RoyK: very interesting, when i run it thur rsync  -n -va --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ |tee -a /home/rgotten/logs/respaldo-`date +%d%m%Y`.log i get sent 174209 bytes  received 18825 bytes  8579.29 bytes/sec
<Rafael> total size is 1611734614  speedup is 8349.49 (DRY RUN)
<Rafael> You have mail in /var/mail/rgotten
<Rafael>  but when i get the permition error is if i do a scrip to execute it?
<facetiousproxy> oh
<RoyK> Rafael: -n won't try to create the file on your NAS
<RoyK> so no errors will occur
<RoyK> I guess the problem is the NAS using some ubscure filesystem internally
<Rafael> so when i do it this is what i get: ./respaldo-archivos.sh                                  rsync: failed to set times on "/home/rgotten/mnt/Myplasticare": Operation not permitted (1)
<Rafael> rsync: failed to set times on "/home/rgotten/mnt/Myplasticare/Charts": Operation not permitted (1)
<Rafael> rsync: failed to set times on "/home/rgotten/mnt/Myplasticare/Charts/charts.windows": Operation not permitted (1)
<Rafael> but if i remove the -a..no problem
<RoyK> how do you connect to the nas?
<RoyK> nfs? smb?
<RoyK> http://en.wikipedia.org/wiki/NAS200 says that one only supports CIFS (aka SMB)
<RoyK> with CIFS/SMB, timestamps can be an issue
<RoyK> just try rsync -rv
<RoyK> that will copy the data, but won't care about times or flags
<Rafael> rgotten@myplasticare:~$ df -T /home/rgotten/mnt /home/rgotten/Prueba/Myplasticar                                              e/Charts
<Rafael> Filesystem    Type   1K-blocks      Used Available Use% Mounted on
<Rafael>          cifs   976267392 150326416 825940976  16% /home/rgotten/mnt
<Rafael> <Rafael> /dev/md3      ext3   955253868   3914068 912826224   1% /home
<RoyK> bingo :)
<facetiousproxy> on a cell phone internet connection the installation of the ubuntu server takes forever when it comes to configuring apt
<RoyK> so either get a firmware that supports nfs, or use rsync -r
<Rafael> remember i am newby..i am pulling information from here and there
<Rafael> what is -r
<RoyK> facetiousproxy: I really wouldn't recommend installing ubuntu with cell phone connectivity
<RoyK> Rafael: man rsync
<Rafael> RoyK: thanks..ok i guess i have toleave with this for now until i find a way of doin nfs .. question..i was looking at the logs and they are 2 mb..does this make sence?
<Rafael> sorry to live with it
<RoyK> Rafael: impossible for me to say - it depends on how many files you're backing up, and keep in mind that you're appending to the log file, so it'll continue growing
<RoyK> that is, today's log file will grow
<RoyK> but I wouldn't worry about that, really
 * RoyK has moved most data storage over to opensolaris
<Rafael> so in the future when is 100 mb..that is some memory that is taking away...is any way to dlete automatically logs older than xxx
<RoyK> you're creating new logs each day, so you should be able to remove all logs easily with something like find /path/to/logs -ctime something
<RoyK> s/all logs/old logs/
<RoyK> see man find
<RoyK> Rafael: in essence it's find /path -mtime +10 -exec rm -f {} \;
<RoyK> +10 means 10 days
<RoyK> meaning all files older than 10 days
<hggdh> ttx: thank you for your edits
<ttx> hggdh: I'm doing an install to validate the steps right now
<ttx> there are a few subtile changes :)
<hggdh> yeah, I saw. I was still working on them, and I copied the original text as a framework
<hggdh> but it was far from complete
<Rafael> RoyK: i have being testing webmin..it will be the same i i go the the log folder and delte them?? i was trying to find a way of automatically delete the ones older than let say a month
<RoyK> I don't use webmin, but for normal log rotation (removal of old logs), logtotate is the thing. with your new-name-per-log, logrotate won't work, but a script running find with -atime etc will work well, and you can schedule it with cron - see man find / man cron
<RoyK> find /path -mtime +30 -exec rm -f {} \;
<RoyK> will remove 30 days or more old files
<RoyK> man 5 crontab is also nice
<jdstrand> kirkland, smoser: hi!
<smoser> hi
<jdstrand> kirkland, smoser: so I investigated the libvirt 0.7.7 hotplug/scsi behavior and discussed it with upstream
<jdstrand> kirkland, smoser: you can read about it in https://bugzilla.redhat.com/show_bug.cgi?id=578975
<uvirtbot> bugzilla.redhat.com bug 578975 in libvirt "libvirt device_add does not work for scsi hotplug" [Medium,Closed: notabug]
<jdstrand> kirkland, smoser: the bottom line is that scsi hot add is not pci hot add
<jdstrand> kirkland, smoser: as such, with scsi hot add, the guest must rescan the bus
<jdstrand> kirkland, smoser: one the guest does that, the disk is available
<jdstrand> kirkland, smoser: in the past, libvirt created a new scsi controller for every new device. this was a pci add which is why it showed up magically
<smoser> suck
<smoser> working around the change in a guest is not acceptable
<jdstrand> kirkland, smoser: this is incorrect behavior and now libvirt adds disks to an existing bus, like what would happen in the real world
<jdstrand> yeah
<jdstrand> so, it is not a bug, but yet it is still a regression
<jdstrand> lovely really
<mdeslaur> those are my favorite kind of bug fixes :)
<jdstrand> smoser: euca will break in lucid+1 for sure
<jdstrand> smoser: I've not tried, but attaching a virtio disk should still work
 * jdstrand goes to try
<smoser> so we just need to force old behavior, adding a scsi controller
<smoser> and the comment about "real world"...
<jdstrand> smoser: also, aligouri (upstream qemu) reiterated that we should not be using scsi hot add
<smoser> i'd think that it is hugely more likely to add a scsi device to an existing scsi  controller
<smoser> but if your pci has hot plug, it is entirely possible to add a new scsi controller
 * jdstrand nods
<jdstrand> smoser: you know, we could adjust the xml to add a new controller, but then euca would have to keep track of that state
<jdstrand> so not ideal
<jdstrand> let me see if virtio is shows up in the guest...
<smoser> it does
<smoser> well, it used to
<smoser> :)
<jdstrand> with 0.7.7?
<jdstrand> ah, right
<smoser> 0.7.5
<jdstrand> yeah, all this does not affect 0.7.5, which as the old behavior
<smoser> s/0.7.5/all versions prior to 0.7.7/
<smoser> jdstrand, have to think about this...
<jdstrand> well 0.7.5 and lower, 0.7.6 might be affected too (haven't checked)
<smoser> it will absolutely break guests if devices don't "just show up" (you're right about 0.7.6, i don't know)
<jdstrand> agreed
<jdstrand> so either hack up libvirt or euca to add a controller, or move to virtio (which I am still testing)
<RoAkSoAx> kirkland, howdy!!
<jdstrand> smoser: virtio hot add stills works
<jdstrand> <disk type='file' device='disk'> <source file='/tmp/dev.dd'/> <target dev='vdb' bus='virtio'/>
<jdstrand> </disk>
<jdstrand> smoser: use that xml ^ and same virsh attach-device syntax and it all works
<jdstrand> smoser: of course, kirkland mentioned euco is resistent to vd* devices
<jdstrand> s/euco/euca/
<kirkland> RoAkSoAx: howdy
<smoser> jdstrand, its something ewe're going to be forced to deal with (moving away from scsi)
<RoAkSoAx> kirkland, http://paste.ubuntu.com/408130/
<smoser> but not something that we can do now.
<smoser> again, its guest breaking
<kirkland> RoAkSoAx: \o/
<smoser> basically either that or scsi hot/add versus pci hot/add is api change
<kirkland> RoAkSoAx: well done!
<smoser> from the guest's point of view
<RoAkSoAx> kirkland, i used that before, I just woke up and remembered... lol
<kirkland> RoAkSoAx: that's awesome, dude
<kirkland> RoAkSoAx: okay, so let's do this ...
<jdstrand> smoser: yes, when 'm' opens euca will break
<smoser> yeah. and we're going to have to leave scsi
<smoser> *have to*
<smoser> unless one of us wants to fix it
<kirkland> RoAkSoAx: throw that into a testdrive function, something like testdrive.ubuntu.dev()
<jdstrand> smoser: well, or do the accounting to keep adding controllers
 * smoser doesn't raise hand
<jdstrand> smoser: I looked at the patches, they aren't trivial
<kirkland> RoAkSoAx: oh, better yet ...
<smoser> we have to leave scsi because its broken and "wont fix" from upstream
<smoser> in 'm'
<kirkland> RoAkSoAx: yeah, well, whatever
<jdstrand> smoser: the accounting would have to be within euca, not libvirt
<kirkland> RoAkSoAx: just make it so that it's a one liner in the config file
<jdstrand> smoser: so if they *really* want it, they would need to add it themselves
<kirkland> RoAkSoAx: and make sure that it handles no-networking gracefully, so that you can still use testdrive against your local cache on the plane
<RoAkSoAx> kirkland, ok
<smoser> jdstrand, yeah. so what are you thinking for this ?
<jdstrand> smoser: in 0.7.5 libvirt did the accounting on the number of new controllers. that all went away with the new scsi impl
<jdstrand> smoser: I'm sure I could code up something to get it to work again, but it is a bit late in the game
<jdstrand> smoser: I think 0.7.7 needs to be deferred
<RoAkSoAx> kirkland, ok will do that for current release, though for modularization I'll handle that differently :)
<jdstrand> smoser: I will see if I can backport my blueprint items to 0.7.5-- but I'm pretty sure one needs to be postponed. I might be able to get the other two to work, with some 'cunning cleverness'
<jdstrand> too bad really, the patches were pretty small against 0.7.7
<jdstrand> oh well
<smoser> :-(
<kirkland> RoAkSoAx: sure
<jdstrand> kirkland: ^
<kirkland> jdstrand: did we hear back from upstream on the bug you filed?
<kirkland> jdstrand: i didn't get any email about it
<jdstrand> kirkland: see backscroll
 * kirkland reads
<kirkland> jdstrand: oh, sorry, i missed all of that
<kirkland> jdstrand: reading now
<kirkland> jdstrand: smoser: okay, i'm caught up now
<kirkland> jdstrand: smoser: one other idea ... what about USB?
<kirkland> jdstrand: smoser: in terms of "real world", usb flash disks are plugged and unplugged all the time
<smoser> its an idea
<kirkland> jdstrand: smoser: they show up as sdb, sdc, etc.
<kirkland> jdstrand: smoser: seems like eucalyptus could be taught to add "usb" disks to guests
<jdstrand> kirkland: that should work fine. let me try
<smoser> so, fwiw, the 'sdb' isn't as big of a deal
<smoser> because there is already a change required for that
<kirkland> i'm not sure about qemu's performance of usb disks, versus scsi versus ide
<smoser> in ec2, you attach a volume as xdX
<kirkland> but i do know that all of those suck compared to virtio
<jdstrand> smoser: really? then going virtio would be recommended
<smoser> in euca, its sdX
<smoser> yeah... i just realized that.
<kirkland> jdstrand: smoser: *we* are all in agreement about virtio
<jdstrand> smoser: or do I not understand your point?
<kirkland> jdstrand: smoser: it's nurmi that we have to convince to take that change
<smoser> jdstrand, you do understand it.
<kirkland> or we need to roll our own for UEC
<jdstrand> k
<smoser> kirkland, well, yes and no.
 * kirkland smacks smoser for being cryptic
<smoser> for root device, its painful and api breaking between ec2
<kirkland> smoser: speak your mind dude :-)
<smoser> there will be existing fstaba entries that have '/dev/sda1 /'
<kirkland> ah, "root device should be on sda" ... ?
<smoser> and any image that moves across will break if you change that (by moving to virtio)
<smoser> for hot plug (euca-add-volume, euca-detach-volume) there is already a api change.  you cannot specify 'xvdX' as you do in ec2, because xvdX is XEN
<jdstrand> kirkland, smoser: so the decision comes down to: do we stick with the old 0.7.5, lose the bug fixes but maintain deprecated scsi behavior and not touch euca for an LTS, or move to the new 0.7.7 with its fixes, but new scsi behavior and updating euca
<jdstrand> kirkland, smoser: I can't answer that question
<jdstrand> I defer to you guys
<kirkland> jdstrand: here's my opinion
<smoser> shoot
<smoser> i'm blowing smoke
<smoser> you can do sdX
<kirkland> jdstrand: there are a bunch of bug fixes in the changelog, as you and i reviewed
<smoser> in xen
<smoser>  or ec2
<kirkland> jdstrand: but there's about an equivalent number for any libvirt release
<smoser> however, i still do think that , while a PITA, changing this portion is less concerning than root=
<kirkland> jdstrand: while the "features" section is small, the "improvements" section is *huge* and gives me pause
<smoser> and would also make data on the EBS volumes safer
<smoser> which is important
<kirkland> jdstrand: https://bugs.edge.launchpad.net/ubuntu/+source/libvirt/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=FIXCOMMITTED&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_
<kirkland> supervisor=&field.bug_commenter=&field.subscriber=&field.tag=fixed-in-0.7.7&field.tags_combinator=ANY&field.status_upstream-empty-marker=1&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch.used=&field.has_branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on
<kirkland> yoicks
<jdstrand> yikees
<kirkland> jdstrand: http://tinyurl.com/y9abpkr
 * RoyK hands kirkland a link to http://shorturl.com
<smoser> the one thing that *does* change from ec2 -> euca is that in ec2, you can say "attach this as /dev/sdi" and, because its xen, the hypervisor can definitively say "yes" or "no"
<RoyK> or tinyurl, perhaps
<smoser> in kvm, the hypervisor can't really promise that.
<kirkland> jdstrand: there are currently two bugs tagged fixed-in-0.7.7
<jdstrand> (from us, yes, but most LTS users aren't probably running lucid yet...)
<kirkland> jdstrand: one high, one medium, but neither of which milestoned as blockers for release
<kirkland> jdstrand: fair enough
<smoser> so, its very late in the game.
<jdstrand> (meaning we don't know how many of the fixes we'd miss would affect users)
<smoser> but if this were even 1 month ago, i would heavily be suggesting moving
<smoser> to attachment via virtio
<kirkland> jdstrand: my vote is for 0.7.5, and we cherry pick the fixes we can from git
<smoser> kirkland, your link is bogus
<smoser> as 523148 is fixed in our 0.7.5
<kirkland> jdstrand: note that i added a kvm and a libvirt to hardy-backports about a year after hardy's release (ie, jaunty's kvm and libvirt)
<kirkland> smoser: the tinyurl one?
<smoser> yes.
<jdstrand> kirkland: you won't be able to do a kvm/libvirt backport for lucid without breaking euca (or backporting it too)
<smoser> wait.
<smoser> i dont think that is fixed in 0.7.7
<kirkland> jdstrand: ah, good point
<smoser> jdstrand, that will always possibly be the case
<kirkland> jdstrand: okay, well, honestly, we can't break euca at this point
<smoser> there is no promise from anywhere that there is not massively painful changes in 0.7.8 that would prohibit easy backport either.
<smoser> theres no reason to make up reasons to hcange
<smoser> there are very good reasons
<jdstrand> kirkland, smoser: if you recall, I had expressed the opinion in backscroll to stay with 0.7.5
<jdstrand> smoser: true
<kirkland> jdstrand: right-o
<jdstrand> we just *know* it will break now
<kirkland> jdstrand: i'm coming to that conclusion, too
<smoser> the primary one, in my opinion, is that EBS (the functionality exposed by attach/detach) is supposed to promise that your data is SAFE
<smoser> and as we know, with buggy scsi, that is probably not the case.
<jdstrand> kirkland: smoser talking about virtio and you usb got me talking again
<kirkland> jdstrand: just explaining my logic getting there, so that it's a thoroughly considered opinion
<kirkland> jdstrand: yeah, so USB ...
<smoser> i say no to usb
<smoser> i'd suspect performance and other issues.
<kirkland> smoser: why's that?
<jdstrand> I would tend to agree-- it is a hack
<smoser> you'd have a hard sell.
<kirkland> smoser: jdstrand: alrighty ...  how about this ....
<smoser> i'm open to a tested virtio solution because it is the "accepted solution" for hotplug
<jdstrand> either fix euca to move to the upstream recommended virtio or stay with deprecated scsi
<kirkland> smoser: jdstrand: if in Lucid+1, euca insists that they can't do virtio, but libvirt has deprecated the pci_add scsi call, USB will be their only option for adding scsi disks
<jdstrand> smoser: I've got packages in my ppa and xml in backscroll for virtio
<smoser> can we test that?
<jdstrand> smoser: I don't have the testing ability to thoroughly test euca
<jdstrand> (I don't have a cloud, the experience with euca, etc, etc)
<kirkland> smoser: just add jdstrand's ppa, and upgrade libvirt-bin and libvirt0 on your NC's
<jdstrand> I'm betting you will see a performance gain over scsi as well
<smoser> kirkland, but you have to change euca
<smoser> right ?
<kirkland> smoser: yeah
<smoser> to make it say "add a virtio device"
<smoser> thats what we want to test.
<smoser> and see how bad it is.
<kirkland> jdstrand: oh, the performance gain is huge
<jdstrand> between performance and stability/integrity, it may be something to consider regardless (I don't know)
<kirkland> smoser: one sec, let me pastebin a crude grep
<kirkland> jdstrand: we've been through this with nurmi several times now
<jdstrand> kirkland: you have the backscroll xml, right?
<kirkland> jdstrand: we're going to insist on it for lucid+1
 * jdstrand nods
<Rafael> i am using this comand and get the error: find /home/rgotten/logs/ -mtime +30 -exec rm -f {} \
<Rafael>     error: find: missing argument to `-exec'
<RoyK> Rafael: terminate with \;
<RoyK> not just \
<kirkland> smoser: http://pastebin.ubuntu.com/408145/
<jdstrand> kirkland, smoser: so, I am going to work on my libvirt bp stuff. let me know how to proceed after your testing. I don't have much more to offer atm
<kirkland> smoser: jdstrand: a gross grep shows that those are the places that need changing in the euca code
<kirkland> jdstrand: i do have the xml in backscroll, yes
<smoser> kirkland, jdstrand i think, for maintainability that this is probably somethign worth testing
<jdstrand> kirkland: is that a grep on "name='phy'" (I think that might show more, if things were hiding)
<kirkland> jdstrand: http://pastebin.ubuntu.com/408149/
<jdstrand> (but it could potentially miss stuff-- I've not looked at the code)
<jdstrand> kirkland: seems a reasonable place to start
<kirkland> jdstrand: smoser: i don't mind trying this, but i'm not planning on hacking on it today (today's a swap day for me)
<smoser> yeah, its monday before i could really test this.
<jdstrand> kirkland: uhm, they are using 1024 as a hard limit there. please tell me they are checking the lengths of source and target dev
<jdstrand> otherwise we've got an overflow
<jdstrand> sorry for slipping on my security hat :)
<jdstrand> s/overflow/potential overflow/
<kirkland> jdstrand:             char xml [1024];
<kirkland> jdstrand: don't see any other sanity check :-(
<koolhead17> kees:
<jdstrand> heh
<kirkland> jeebus, yeah, they should be using MAX_PATH all over in here, all of it hardcoded to 1024 :-/
<jdstrand> kirkland: well, for it to mean something, local_iscsi_dev, localDevReal and/or remoteDev need to be attacker controlled
<jdstrand> (from a security POV, not coding style)
<jdstrand> I have no idea how that stuff is fed into euca, but you might want to bring it up to upstream and let them determine that (since they presumably know the code better than us, certainly me)
<jdstrand> kirkland: ^
<kirkland> jdstrand: yeah, i'll file a bug upstream
<kirkland> jdstrand: the path_max thing they should definitely solve
<kirkland> jdstrand: there's a bunch of 1024 char full paths in there
 * jdstrand nods
<eagles0513875> hey guys im having an interesting issue with vi over ssh
<eagles0513875> for some reason when im working on vi it seems to drop my connection entierly to the server whiel im sshed into the remote machine.
<eagles0513875> the problem is
<eagles0513875> it only occurs when using vi
<eagles0513875> anyone have any ideas as to the issue
<RoyK> eagles0513875: using a non-standard terminal and arrow keys?
<RoyK> eagles0513875: if just using hjkl instead of arrow keys, can you reproduce the problem?
<eagles0513875> im using windows machine with xshell to ssh into the machine
<RoyK> also, try to enable keepalives in ssh - it might help
<eagles0513875> let me try wiht hjkl and see if it happens
<eagles0513875> RoAkSoAx: already is enabled
 * RoyK guesses that was meant to RoyK 
<eagles0513875> ya
<eagles0513875> sry
<eagles0513875> damn failure to tab complete
 * eagles0513875 fires up xshell and connects
<eagles0513875> RoyK: also it happens when typing up a clean vi file
<RoyK> eagles0513875: echo $TERM
<eagles0513875> RoyK: output is xterm
<RoyK> eagles0513875: wierd  -  working with vim over an ssh link is something I do every day
<eagles0513875> RoyK: 64bit karmic or 32
<RoAkSoAx> kirkland, ok I think this is how i'll go: 1. Function on testdrive to check local cache. 2. If no cache, get current dev release from LP. 3. If cache, check if expired. If it is, update it from LP. 4. If cache, not expired. do nothing. 5. Config file will always load the release from the cache
<eagles0513875> RoAkSoAx: sry for ping before btw
<RoAkSoAx> eagles0513875, no prob ;)
<RoyK> eagles0513875: karmic too - 32/64 shouldn't make a difference
<kirkland> RoAkSoAx: perfect!
<kirkland> RoAkSoAx: give the cache, say a 1-day expiration
<eagles0513875> RoyK: will keep working with it and see if it happens
<RoAkSoAx> kirkland, on every dev cycle, when do they release the first ISO for testing? As soon as they open the dev cycle?
<kirkland> RoAkSoAx: a few days (or weeks) later
<RoAkSoAx> kirkland, so we could extend the cache expiration then
<kirkland> RoAkSoAx: it could be 7 days
<kirkland> RoAkSoAx: actually, yeah, let's just make it 7 days
<RoAkSoAx> kirkland,  yeah that's what I was thinking, because either way, it will check for a new release, and if there is a new release, it will update the cache even though it has not expired
<RoAkSoAx> anyways, I can manage that later
<Rafael> RoyK: did it with no error message but logs are still there since last year
<kirkland> RoAkSoAx: cool
<RoyK> Rafael: huh - try without -exec ...
<RoyK> that'll list the files matching -atime or -ctime or whatever you were using
<eagles0513875> RoyK: everythign seems fine now
<RoyK> eagles0513875: what did you do?
<eagles0513875> RoyK: nothing
<eagles0513875> i was doing what i normally do when i encounter the problem
<eagles0513875> which was type up some c++ examples im doing
<eagles0513875> it used to freeze while in the middle of typing them but it hasnt
 * RoyK is a magick wizzard beaming out magick rayz to fix vim problemz
<eagles0513875> haha
<eagles0513875> RoyK:  was just thinking that it was me talking to u that fixed it
<Rafael> RoyR: look what i am getting now: rgotten@myplasticare:~$ find /home/rgotten/logs/ -mtime +30 rm -f {} \;
<Rafael> find: paths must precede expression: rm
<Rafael> Usage: find [-H] [-L] [-P] [-Olevel] [-D help|tree|search|stat|rates|opt|exec] [path...] [expression]
<_ruben> Rafael: he meant you should remove anything following -exec as well
<_ruben> so stop at '+30'
<Rafael> thanks
<Rafael> good worked
<spowers> is 2.6.33 or 2.6.32 possible on karmic server?
<spowers> (is there a PPA anyone knows about for that, is what i'm really getting at)
<_ruben> spowers: http://kernel.ubuntu.com/~kernel-ppa/mainline/?C=M;O=D
<_ruben> these are vanilla kernels, no ubuntu pathces in 'em
<spowers> that will be fine for my purposes
<spowers> does the ubuntu server project patch the kernel for anything important?
<_ruben> most patches are backports from newer version afaik, dont know of any -server specific patches
<spowers> ok, neat
<_ruben> and patches that are expected to end up in later versions
<spowers> i just want to test btrfs
<pmatulis> spowers: as a rule of thumb, patches are sent upstream, accepted (hopefully), and come back downstream for packaging
<pmatulis> spowers: some "quirks" may be added ubuntu-side for weird stuff
<_ruben> been meaning to my hands on some spare ssd drives and play with stuff like btfs and nilfs, wont happen anytime soon though
<spowers> so vendor patches, at least for ubuntu server, are carefully limited to bugfixes and that sort of thing?
<spowers> apart from "quirks"
<uvirtbot> New bug: #554063 in amavisd-new (main) "Calling dspam from amavisd-new fails" [Undecided,New] https://launchpad.net/bugs/554063
<pmatulis> spowers: what is a vendor patch?
<spowers> i'm not sure on the preferred nomenclature
<pmatulis> spowers: use plain terms then
<spowers> what i meant was to clarify if -server kernels were patched conservatively, and so the patches usually make their way upstream easily
<pmatulis> spowers: all kernels are patched conservatively, nothing is thrown in just for shits and giggles
<Rafael> RoyK: i have a script called respaldo-archivos.sh that runs the rsync. and this is executed with cron, for the path: find /path -mtime +10 -exec rm -f {} \; this should go on the .sh file or in the cron directly
<RoyK> Rafael: doesn't really matter so long that cron eats it
<RoyK> Rafael: I usually use a cron job running a script in case I need to add more logic later
<Rafael> RoyK: so this is what i have rigth now on the script: #!/bin/bash
<Rafael> rsync -v -r -d --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael> rsync -va --delete --exclude=/charts.windows/Search /home/rgotten/charts.windows /home/rgotten/Prueba/Myplasticare/Charts >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael>  and i will just add a line with : #!/bin/bash
<Rafael> rsync -v -r -d --delete /home/rgotten/Prueba/Myplasticare /home/rgotten/mnt/ >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael> rsync -va --delete --exclude=/charts.windows/Search /home/rgotten/charts.windows /home/rgotten/Prueba/Myplasticare/Charts >> /home/rgotten/logs/respaldo-`date +%d%m%Y`.log
<Rafael> sorry
<Rafael> i will just add a line with find /path -mtime +10 -exec rm -f {} \;
<mathiaz> kees: hi!
<mathiaz> kees: I'm currently investigating bug 292971
<uvirtbot> Launchpad bug 292971 in libnss-ldap "nscd leaking memory using libnss-ldap" [High,Triaged] https://launchpad.net/bugs/292971
<mathiaz> kees: and I currently get the following valgrind log: http://paste.ubuntu.com/408201/
<mathiaz> kees: I'm not sure how to interpret that log
<kees> mathiaz: hello!
<kees> mathiaz: reading...
<kees> mathiaz: valgrind is saying that the ldap_create function is leaking 68 bytes of memory via calls to ber_memcalloc_x
<kees> mathiaz: I'd install libnss-ldap-dbgsym to get a better traceback, though
<mathiaz> kees: how do I build libnss-ldap-dbgsym
<mathiaz> kees: ?
<kees> mathiaz: just install it from pitti's ddeb repository.  let me find the docs...
<kees> mathiaz: https://wiki.ubuntu.com/DebuggingProgramCrash
<mathiaz> kees: thanks
<kees> mathiaz: does the patch in comment 1 work?
<uvirtbot> New bug: #554094 in samba (main) "Windows clients cannot connect unless Samba manually restarted" [Undecided,New] https://launchpad.net/bugs/554094
<mathiaz> kees: well - that's what I'm trying to figure out
<mathiaz> kees: I'm trying to reproduce the issue
<mathiaz> kees: and figure out if the patch fixes the problem
<kees> ah-ha, excellent.
<mathiaz> kees: however my C knowledge/libnss is not strong enough to figure out whether the patch is supposed to work
<mathiaz> kees: so any help in reviewing the patch is welcome
<mathiaz> kees: I think I'll be able to confirm by experimenting that the leak goes away - whether the patch is actually the correct way is out of my area of expertise
<kees> heh
<kees> mathiaz: well, a visual inspection of the patch looks good to me.  i.e. the implied logic makes sense, assuming it works.  :)
<mathiaz> kees: so I'll confirm it works and that should be enough to confirm the fix
<kees> mathiaz: yeah.  if you develop a test, please consider adding it to the qa-regression-testing bzr tree
<mathiaz> kees: hm - I'm not sure how I can develop an automated test for a memory leak
<mathiaz> kees: the actual test is: look at the valgrind log
<mathiaz> kees: it shouldn't have the libber leak
<kees> mathiaz: sounds easy enough: run valgrind, check for "bad" text in output.  :)
<mathiaz> kees: :)
<mathiaz> kees: http://people.canonical.com/~mathiaz/valgrind.nscd.exit.15674
<mathiaz> kees: ^^ this is with the current version of libnss-ldap with the memory leak
<mathiaz> kees: http://people.canonical.com/~mathiaz/valgrind.nscd.exit.15949
<mathiaz> kees: ^^ this is with the patch applied
<mathiaz> kees: http://people.canonical.com/~mathiaz/valgrind.nscd.exit.16237
<mathiaz> kees: ^^ this is the correct valgrind log for the patched version of libnss-ldap
<mathiaz> kees: it seems that the library so numbers were bumped for the new patched version
<addisonj> hi there, I am having problems with samba and DHCP, it keeps reloading the samba.conf file on every DHCP renew, thing is, my DHCP just uses mac addresses to assign a static IP
<alvin> addisonj: are your clients also losing connection to the samba server?
<addisonj> server isn;t in production yet, so I can't really say yet
<addisonj> but if samba is reloaded won't it kill everything?
<alvin> Then how do you know? The messages on the console? They are irritating, but harmless.
<addisonj> hm? so you are saying a samba reload every 5 minutes is not going to cause problems?
<alvin> Reloading is not restarting, so no.
<alvin> I think there is a bug somewhere about the messages. If you are also losing connection, go here: bug 435061
<uvirtbot> Launchpad bug 435061 in dhcpcd "smbd loses connection on DHCP lease" [Medium,In progress] https://launchpad.net/bugs/435061
<kees> mathiaz: why was it bumped?
<kees> it shouldn't change the ABI
<mathiaz> kees: that's a very good question
<mathiaz> kees: shouldn't the ABI be bumped manually?
<mathiaz> kees: I've just applied the patch and that's all
<kees> mathiaz: usually -- I guess it depends on the build system
<kees> well, it seems like a lot of the memory leaks are gone, but I see this added: +==PID== Warning: invalid file descriptor -1 in syscall close()
<kees> +==PID==    at 0x587F99D: ??? (syscall-template.S:82)
<kees> +==PID==    by 0x627EC6A: ??? (in /usr/lib/liblber-2.4.so.2.5.4)
<kees> +==PID==    by 0x627EB3A: ber_int_sb_close (in /usr/lib/liblber-2.4.so.2.5.4)
<kees> +==PID==    by 0x627F783: ber_sockbuf_free (in /usr/lib/liblber-2.4.so.2.5.4)
<kees> +==PID==    by 0x6046747: ldap_ld_free (in /usr/lib/libldap_r-2.4.so.2.5.4)
<kees> looks like the atexit handler needs to be more careful?
<kees> mathiaz: btw, my comparison was:  diff -u <(perl -pe 's/^(==|--)[0-9]+(==|--)/${1}PID${2}/' valgrind.nscd.exit.15674) <(perl -pe 's/^(==|--)[0-9]+(==|--)/${1}PID${2}/' valgrind.nscd.exit.16237)
 * mathiaz 's brain just exploded
<kees> the good news from the valgrind is:
<kees>  ==PID== LEAK SUMMARY:
<kees> -==PID==    definitely lost: 632 bytes in 1 blocks
<kees> -==PID==    indirectly lost: 32,904 bytes in 6 blocks
<kees> +==PID==    definitely lost: 0 bytes in 0 blocks
<kees> +==PID==    indirectly lost: 0 bytes in 0 blocks
<mathiaz> kees: yeah - that's the key part IMO
<kees> mathiaz: has upstream commented on the patch at all?
<mathiaz> kees: not yet :/
<kees> mathiaz: perhaps ask the patch submitter about the atexit do_close issue, but other than that, ship it!  ;)
<moldy> hi
<moldy> i am trying to setup kvm with bridged networking. br0 on the host is working. i pass --bridge br0 to vm-builder. yet, the guest still seems to use nat. what am i missing?
<Rafael> RoyK: how can i get an emal notification/email when a log has an error so i do not have to be checking them...everything else is working beatifull
<_ruben> Rafael: tons of tools for that: logcheck, sec, ....
<DrDeth> hi - could someone help me with a quick postfix config issue?
<ScottK> !ask | DrDeth
<ubottu> DrDeth: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<DrDeth> I've set up postfix with virtual domains, and dovecot for IMAP - I can recieve mail on the virtual domains, but cant send mail out
<DrDeth> I get the dreaded Relay access denied
<ScottK> What's the exact error?
<ScottK> Also please pastebin the output of postconf -n
<DrDeth>  NOQUEUE: reject: RCPT from deth-serv[85.10.192.78]: 554 5.7.1 <user@valid.email.com>: Relay access denied;
<DrDeth> http://pastebin.com/SmDx16VZ
<ScottK> DrDeth: I don't see where you've authorized any clients to relay in your configuration?
<ScottK> Just mynetworks = 127.0.0.0/8
<ScottK> I don't see any smtp auth.
<DrDeth> ok - if the clients use authentication to their virtual domain, how would I set that up ?
<ScottK> I'm pretty sure the server guide covers this reasonably well.
<DrDeth> Ok, I'll go have a look. I was following this community guide: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<ScottK> A lot of the community docs are really out of date.
<DrDeth> i noticed :(
<ScottK> I'd recommend https://help.ubuntu.com/9.10/serverguide/C/postfix.html#postfix-smtp-authentication (or the appropriate one for the release you're running)
<ScottK> The bits in that about integrating clamsmtp are probably OK as that hasn't really changed.
<DrDeth> excellent - thanks ScottK
<kindjal> I'm having problems with libvirt 0.7.7 on Lucid that very much match this bug that is claimed closed: http://www.mail-archive.com/kvm@vger.kernel.org/msg21669.html
<kindjal> The upshot is that suspend/resume looks like it's working from libvirt's perspective, but the guest VM is hung.
<kindjal> Anyone seen this?
<ScottK> kindjal: We're going to stay with 0.7.5 for Lucid.
<kindjal> I just updated from 0.7.5 two seconds ago to just see if this happens to have been fixed...
<kindjal> it exists on 0.7.5 too.
<kindjal> Perhaps it's a guest kernel thing?  What kernels should dom0 and domU be using?
<kindjal> my dom0 is just a default Lucid install, and the guest was built from ubuntu-vm-builder
<ScottK> You've exhausted my knowledge on the topic
<kindjal> d'oh
<kindjal> I can't figure out why I'd be special here, I'm just trying to get started with libvirt
<alvin> Will we be able to use virsh reboot in Lucid with 0.7.5? And shutdown the host?
<kindjal> alvin: That's this bug? https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/368962
<uvirtbot> Launchpad bug 368962 in libvirt "Can't reboot kvm virtual machines using virsh" [High,Confirmed]
<alvin> Yes
<kindjal> I'm hoping for that one too.  I see recent traffic on it, but don't know the status.
<kindjal> Does anyone have suspend/resume working?
<facetiousproxy> lo everyone
<ScottK> There was mail today to (IIRC) ubuntu-devel on it.
<lunaphyte_> i've got a computer with two network interfaces connected to unique networks, both with a default gateway, and therefore have a handful of "ip route ..." commands that need to be run at boot so things behave as desired.  where do these commands belong so this happens automatically at boot?
<alvin> in /etc/network/interfaces
<lunaphyte_> oh?  i'll have another look at the man page.  i didn't know ip route commands were appropriate in that file.
<alvin> Like this : up route add -net x.x.x.x netmask x.x.x.x gw x.x.x.x dev $IFACE
<alvin> you put that under: iface ethx inet static
<alvin> and to beautify: down route del -net x.x.x.x netmask x.x.x.x gw x.x.x.x dev $IFACE
<lunaphyte_> oh - it's other commands too though - like ip route add default via 10.3.60.1 table vlan-3; p rule add from 10.3.3.1 table vlan-3; so on.
<alvin> I have no experience with those, but I suspect they can go in the same fle. After all, you don't want them at boot, but at ifup.
<alvin> It's better than putting stuff in rc.local, in case you need those routes earlier
<alvin> Might I suggest the excellent Debian documentation on the matter?
<lunaphyte_> yeah, i'm not a big fan of rc.local.  :)
<lunaphyte_> ah, good idea.  thanks, i'll have a look.
<lunaphyte_> right, i shouldn't have said boot.  that's a bit ambiguous.  at interface up/down.
<moldy> hm, kvm insists on configuring the network as 10.0.2.15 -- why`
<moldy> ?
<walrus> hi everyone, anyone here using nfs4 in karmic? I have some weird problems with it
<alvin> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<alvin> Well, me :-)
<walrus> ok, the problem is: I can mount the exported directory, but when I try ls /exported-dir in client, this takes more than 1 minute to show anything
<walrus> I tried to do a strace ls /exported-dir and everything worked fine, without any delay
<walrus> when I tried to mount the same directory in a notebook with an arch linux install, the problem disappears.
<alvin> whoa
<alvin> Is df also completing slower?
<walrus> nope
<walrus> just ls or any direct access to any file/directory in the exported directory
<alvin> Hmm, weird. I'm not seeing this behaviour. Have you tried (wild guess) disabling apparmor?
<alvin> and checked your domain?
<alvin> You're not using autofs, right? Just mount -t nfs4 jadajada...
<walrus> yes, nos using autofs
<walrus> checked my domain?
<walrus> how can I disable apparmor?
<walrus> I'm making the tests in terminal mode (becausa is impossible to use gnome in this way. the system hangs for 1 minute few seconds)
<walrus> maybe is better to abandon nfs. it just gave my headaches. first was the sqlite not working with nfs3,, now this problem.
<walrus> the sad thing is: in this network (a lan in a non profit in a brazilian favela), the same exported directory via samba works completely fine in windows clients.
<jeffesquivel> walrus, IIRC, why not use smb to mount the directory on linux too?
<walrus> jeffesquivel: because I don't know how to gave write permission to the users in the nis domain.
<jeffesquivel> walrus, I see...
<walrus> I can create a file with a normal user in his home directory, but the file has root ownership, and than I can't edit the file anymore.
<jeffesquivel> walrus, I guess you're exporting /home and then mounting it somewhere else, right ?
<walrus> jeffesquivel, yes, exactly
<jeffesquivel> walrus, IIRC, what we did (but we were't using NIS, we were with LDAP) was to use pam_mount
<jeffesquivel> walrus, do you have several users logged in at the same time on your linux machines? or just one?
<walrus> jeffesquivel: in the moment just one.
<foo> I'm trying to mount an nfs share between 2 nfs systems. I used to do mount 192.168.0.2:/public public/ - but this doesn't appear to be working. any tips ?
<walrus> jeffesquivel: you are using pam_mount to mount the samba share automatically when a I user logon?
<jeffesquivel> walrus, well, that was some time ago (several years, actually)... but at the time yes, that's what we did
<walrus> foo: Why is not working? what are the error messages?
<jeffesquivel> walrus, it was more secure also, because we wouldn't have the whole /home mounted all of the time
<foo> walrus: wrong fs type, bad option, bad superblock on 192.168.0.2 , might be something else going on
<walrus> foo: maybe you are using the wronf nfs version, try mount -t nfs4 ou mount -t nfs
<foo> walrus: hm, negative
<lunaphyte_> alvin: thanks for the help.  that seems to be working well, by way of the up/down statements in the interfaces file.
<alvin> lunaphyte_: You're welcome
<walrus> jeffesquivel: yes, maybe this is a good idea. I started to configure an openldap  server but never finished to configure the clients. maybe this is a good reason
<walrus> jeffesquivel: and thanks for the ideas
<jeffesquivel> walrus, it may be... I really have never used NIS (it seemed outdated even at that time, but mostly because I needed to have windows clients too)
<alvin> Don't use samba for sharing between Linux clients. NFS is meant for that. Let's go over the details
<alvin> NFS4 is just different. (but needed these days for all those blasted desktop applications that need their databases)
<walrus> alvin: yes, this is the reason that I'm trying to solve the problem for a long time
<walrus> but I'm really stucked in the moment
<alvin> What is your /etc/exports on the server?
<alvin> Did you put a domain in /etc/idmapd.conf? And activated it in /etc/default/nfs-common ? (NEED_IDMAPD=yes)
<walrus> nope
<alvin> Well, those are the first things you need to do. Do it on both machines. (same domain, idmapd)
<jeffesquivel> alvin, may I know what is the problem with using samba for sharing between Linux clients? :-)
<alvin> jeffesquivel: It's Windows file sharing. No need to install if you don't use Windows
<alvin> Also, POSIX rights...
<alvin> NFS is also faster
<jeffesquivel> alvin, oh, I thought I read that walrus also used that same share on windows clients...
<jeffesquivel> alvin, I see your point... thanks
<alvin> There's another thing. Suppose your 'client' is also a Linux server. You can reboot your server. When the server is back, your shares will not have reached a timeout and will still be mounted
<walrus> well, I changed the idmap domain and nfs-commom, restarted nfs, remounted the shared directory
<alvin> (although you may have troubles doing stuff on that client)
<walrus> nothing has changed
<alvin> Still, post your /etc/exports NFS4 needs a filesystem with fsid=0
<walrus> 90 seconds for output the ls results
<alvin> I'll give an example:
<alvin> /srv/archive    192.168.1.0/24(rw,async,no_subtree_check)
<walrus> "/export 192.168.0.0/24(rw,root_squash,insecure,no_subtree_check,async,fsid=root)"
<jeffesquivel> alvin, I see... I recall reading that nfs has some problems with security (for example, here: http://www.hiit.fi/it/tech/config/pam_mount.html)... do you think that is true or is it may be that they don't understand the protocol well enough?
<alvin> Hmm, it's not coming through
<jeffesquivel> alvin, just curious... as I've never used NFS before
<walrus> "/export/home 192.168.0.0/24(rw,root_squash,insecure,nohide,no_subtree_check,async)"
<alvin> NFS3 is very simple. There's little security, but it's easy to set up if you don't need the security and locking. NFS4 can be secured in different ways
<alvin> walrus, good. What's the value for your /export export?
<alvin> ah, I didn't saw it there
<jeffesquivel> alvin, ok... I'll read more about it... thank you :-)
<alvin> doesn't look wrong. Try adding crossmnt to the options of /export
<RoyK> nfs4 on linux doesn't work too well
<alvin> and change fsid=root to fsid=0
<alvin> I agree that Solaris does a better job
<RoyK> last I tried using nfs4 with linux against solaris, it worked, but uid mapping was out of the question
<walrus> alvin: tried, same problem :/
<alvin> For that reason, I share ZFS with sharenfs=anon (root=... should also work, but for a strange reason it doesn't on Linux)
<alvin> Hmm, I really wonder what your problem is there
<alvin> Was it equally slow with NFS3?
<walrus> no, but I needed to stop using nfs3 because of a problem with sqlite, that made impossible to use any programa that used it
<alvin> I know, just wanted to know if the issue was NFS4 related
<alvin> Does no_root_squash make a difference?
<alvin> Oh, and after altering /etc/exports, don't forget exportfs -av
<walrus> tested, didn't made any difference
<walrus> why the hell strace ls /home is not slow??? this is completely crazy to me
<alvin> Home on your server is /export/home ?
<walrus> no, is ;home
<alvin> oh, yes, you said that
<walrus> /export/home is a mount --bind
<alvin> and that's faster? Hmm, I wonder if apparmor is discriminating against certain mountpoints
<walrus> and the problem is ubuntu related, because this doesn't happens with arch linux. maybe Is a good idea to try a new ubuntu fresh installation.
<sherr> walrus: could this be firewall filtering on client or server?
<sherr> something maybe taking time to timeout, or auth trouble.
<sherr> Nothing in syslog on server or client?
<alvin> smells like auth trouble to me, but I'm really not sure.
<sherr> Try wiping firewall on both
<walrus> no firewall here
<walrus> just ip masquarade
<sherr> I'm still on NFS3, works fine.
<alvin> Yes, but not for databases :-(
<walrus> but are you using /home?
<sbeattie> walrus: is anything showing up in the logs on your nfs server?
<sherr> walrus: anything in logs? tail -f on both. Maybe /var/log/auth.log as well
<walrus> just the message:
<walrus> svc: failed to register lockdv 1 RPC service (errno 97).
<sherr> lockd? or lockdv?
<walrus> NFSD: Using /var/lib/nfs/v4recovery as the NFSv4 state recovery directory
<walrus> lockdv
<walrus> NFSD: starting 90-second grace period
<alvin> walrus: What versions of Ubuntu are you using?
<walrus> karmic
<walrus> 9.10
<sherr> OK - lockdv lots of google hits .... work a look
<alvin> try $ sudo service portmap start
<walrus> job already running
<walrus> well guys, thanks for the ideas. I will try a Ubuntu fresh install on client, I tried again to use the exported dir in my arch linux notebook and everything went fine again.
<alvin> weird, but good luck
<sherr> walrus: good luck anyway. Please come back and let us know.
<walrus> thanks, I will.
<kindjal> Does anyone have experience with kvm restore from suspend resulting in a hung guest OS?  dom0 and domU both ubuntu Lucid with default installs.  I can't get restore to work.
<kindjal> kvm at 100% cpu, vnc session unresponsive, yet virsh shows "running" state and no errors in logs.  Symptom looks a lot like this: http://www.mail-archive.com/kvm@vger.kernel.org/msg21669.html
<alvin> I have seen those symptoms before, but in diffferent situations
<kindjal> alvin: you mean not after a resume?
<alvin> Maybe. Those issues are fixed. I'm looking now
<alvin> There is bug 457716
<uvirtbot> Launchpad bug 457716 in libvirt "apparmor denies save and restore" [High,In progress] https://launchpad.net/bugs/457716
<kindjal> Yes I found that one too...
<kindjal> I had that problem yesterday and updated apparmor config, now save and restore works, but suspend and resume does not...
<kindjal> I think I'll disable apparmor and see what that does.
<alvin> I remember trying this a long time ago. Never tried it after that. (it didn't work)
<alvin> Please do and tell us
<kindjal>  no change
<kindjal>  stopping apparmor had no effect.
<jeffesquivel> alvin, nfsv4 seems nice... I thought nfs was a dead protocol... it seems I was wrong.. I'll have to try it out, thanks for the info!
<kindjal> re: nfs4, nfs4.1 is supposed to have pnfs clustering
<kindjal> alvin: so have you not seen working suspend/resume with kvm?
<alvin> Well... I didn't ever try it, but I have seen it working by accident
<alvin> When you do a live migration, your guest will be suspended
<alvin> ah, no, paused. It's probably not the same. (It's getting late)
<alvin> kindjal: I have never heard of NFS4.1 :-) cool
<kindjal> my plan is to set up some kind of shared file space for live migration, but I'm still just trying a basic suspend/resume, and failing... maybe I'll move on to migration.
<alvin> Good luck. It should work (except for the pause thing)
 * alvin goes to sleep
<jdstrand> kindjal: yeah, apparmor doesn't need to do anything with suspend/resume of guessts-- that would be a libvirt issue
<kindjal> jdstrand: I just tried your 0.7.7 packages too
<jdstrand> kindjal: is it broken there too?
<kindjal> 0.7.7-4ubuntu1~jdstrand2
<kindjal> yes
<jdstrand> hmm, sounds like an upsteram issue then :(
<kindjal> I haven not yet seen working restore from suspend... is it supposed to work?
<jdstrand> upstream
<kindjal> qemu-kvm 0.12.3+noroms-0ubuntu4
<jdstrand> tbh, I don't use that feature
<jdstrand> istr that it was problematic
<jdstrand> and it didn't do what one would expect
<kindjal> It would make me feel better to know that I'm not special, and nobody uses it, or it's broken for everyone.
<kindjal> What I really want is migration, which I haven't gotten to try since I'm not yet using shared storage.
<jdstrand> kindjal: I'm pretty sure you're special wrt this issue
<jdstrand> err
<jdstrand> s/special/not special/
<jdstrand> it would help if I could type
<kindjal> :)
<kindjal> have you seen this? http://www.mail-archive.com/kvm@vger.kernel.org/msg21669.html
<jdstrand> well, I was just passing through-- if feel free to file a bug and if you can link it to the upstream bug
<kindjal> ok
<kindjal> thanks
<jdstrand> no-- made a note of it. gotta go!
<JamesHarrison> Seem to be running into this regression (issue with installer/grub2 not coping with hardware raid1 in 9.10 and later): https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/485604
<uvirtbot> Launchpad bug 485604 in grub-installer "karmic server 64 bit installer fails at GRUB when installing with RAID1" [Undecided,New]
<JamesHarrison> Any solution other than to revert to 9.04 like I had on this box before? Failure prompted a fresh install.
#ubuntu-server 2010-04-03
<d1avlo> #freebsd-br
<d1avlo> sorry :(
<arrrghhh> hey all, does anyone use MPD to play music locally from their server?  i had been using pulseaudio, and it worked OK locally until an update recently broke it, and i uninstalled pulse and went back to alsa.  now the music is playing, but every 10 seconds to 30 seconds, the song pauses for about 2-3 seconds.  the audio doesn't cut out, the song literally pauses... i don't get why pulse would work and alsa wouldn't.
<JackLD> Having a really hard time installing 10.04 server on a Dell with mirrored drives. Once the install gets started, it fails on not having a CDRom driver (even though it booted up, fine)
<arrrghhh> 10.04 isn't released yet...
<JackLD> beta 1
<arrrghhh> yea
<arrrghhh> not final.  did you at least try it with 9.10?
<arrrghhh> that would rule out a software issue.  it's probably hardware tho.
<JackLD> Well, I think it is goofy hardware. I just wondered if there was a way to identify the cdrom. I didn't see anything in /dev
<arrrghhh> did you try booting a livecd instead of going straight to the server install?
<JackLD> Yeah, I gave in and set it up with the 10.04 desktop. But I really wanted the server kernel
<arrrghhh> hrm
<donspaulding1> hmm, I upgraded my server from Intrepid->Jaunty->Karmic->Lucid without restarting in-between each release.  Now all my init-related scripts seem to be horked.  I can't run anything in /etc/init.d/, they all just point me at "start foo" and "stop foo" and all those commands hang.  I got an error on the Lucid upgrade that said "System user messagebus already exists.  Exiting."  That seems to have left things in an inconsisten
<donspaulding1> Without really knowing what I'm doing, I would guess a critical system service is either hung or broken.  Based on my googling thus far, I'd think it was DBus, but that's just speculation.
<donspaulding1> anyone know what to do when the upstart scripts are totally hung and you no longer have any init.d scripts?
<arrrghhh> fresh reinstall & lesson learned?
<donspaulding1> I didn't realize I had stumbled into #windows-server
<arrrghhh> then spend way more time trying to flail through the mess you made.
<donspaulding1> and what would the lesson learned be?  don't test out beta releases?
<arrrghhh> and don't upgrade thru 5 versions w/o rebooting.
 * the-sandman 
<arrrghhh> and yes, i would not install lucid until it's final on a server unless you don't mind blowing it all away.
<JackLD> Nah, I don't mind blowing it away. But, once on, the updates are straightforward.
<donspaulding1> yeah, I've never had a problem upgrading servers.
<arrrghhh> the only time you really need to reboot with upgrades in linux are kernel updates.  but you should when you get each update.
<donspaulding1> and there's no critical data on this machine, I just thought I'd test it out.  That being said, I won't learn anything by blowing it all away.
<arrrghhh> you reboot when the system says you should?
<donspaulding1> I reboot when it's convenient.
<donspaulding1> My other mistake was doing things the old-fashioned way.
<arrrghhh> i use do-release-upgrade
<donspaulding1> Hand-editing sources.list and doing a dist-upgrade
<arrrghhh> blech
<dustin_> masu3701 what are you wanting to use that server for that you are installing?
<masu3701> dustin: i am trying to learn servers
<masu3701> dustin_: so im installin it to practice
<masu3701> i just installed ubuntu server but when i start the pc i get a black screen that ask me to log in
<masu3701> i put the password and i dont get nothing (GUI)
<masu3701> am loged in in command line
<masu3701> am new to server
<masu3701> how do i get to see the GUI?
<masu3701> how do i get off the command line?
<ScottK> masu3701: There is no gui on Ubuntu Server.  That's pretty much the point.
<masu3701> Scottk: but when i boot the pc it ask me to log in..so i put the user name and pwd but i only get the command line...saying 67 packgaes can be update and 31 update are security update then have a prompte
<dustin_> masu3701 if you are wanting to just fiddle with an ubuntu server I would reccomend simply adding lamp on a normal ubuntu install
<dustin_> masu3701 that way you can have the gui for a crutch if you need it
<arrrghhh> masu3701, yea you can install the ubuntu-desktop package and get a gui, but that really is not the point of ubuntu-server.
<masu3701> arrrghhh: wait...am lost...so in ubuntu server you dont have gui? then how do you do things?
<arrrghhh> you can install the regular ubuntu and run all of the same "server" programs like apache, mysql, etc... ubuntu-server is just a stripped version to save resources to dedicate to those processes.
<arrrghhh> masu3701, by typing in the command line?
<masu3701> lol
<masu3701> damn
<arrrghhh> if you want a point and click gui server, run windows...
<arrrghhh> i just have a network cable and a power cable going to my server.  streams video to my ps3, plays music, it's a hub for all my files... who needs a gui?  just unnecessary bloat.
<arrrghhh> it powers my website.  everything.
<ScottK> zul: Next time before you blog about the availability of packages you might want to see if they build first....
<ScottK> zul: Any consideration of doing posgresql 9 snapshots?
<arrrghhh> anyhoo.... anybody use MPD to run music locally/
<masu3701> arrrghhh: what?
<masu3701> so its not gui?
<masu3701> dont make sense
<ScottK> masu3701: In the case of the pending updates, enter "sudo apt-get dist-upgrade", hit enter, and then put your password in.
<masu3701> scittk: then how do you set up rules and all that?
<ScottK> Read what it says and make sure it doesn't want to remove a bunch of stuff.
<ScottK> rules for what?
<masu3701> Scottk: have you ever use windows server?
<ScottK> Not in about 11 years.
<masu3701> its gui....you just click click and you're there
<ScottK> I get that.
<masu3701> it sucks then if its only command line
<masu3701> how do you join a domain and stuff?
<masu3701> set up rules?
<ScottK> I can also deploy a full featured mail system using ~20% the hardware you'd need for a Windows/Exchange system of similar scale.
<ScottK> masu3701: I'd recommend you have a look at the Ubuntu Server Guide.  https://help.ubuntu.com/9.10/serverguide/C/index.html
<ScottK> It does require more up front learning that Windows, but you get better security, scalability, and a lot more control over your system.
<ScottK> I did put a GUI on the first Linux server I set up, but I think I only used it for a week or two.
<masu3701> so ubuntu server is alll command line?
<aetaric> masu3701: yes
<masu3701> aetaric: what?
<masu3701> dont make alot sens
<aetaric> hey guys, what is the highest load you have ever seen?
<masu3701> so how is that better then windows server?
<aetaric> masu3701: a GUI increases the load and uses more resources
<masu3701> in windows you can just click here click there and you done
<aetaric> by removing the GUI you server has more resources to use for your 'tasks'
<aetaric> infact, i'd much rather never use a GUI again
<masu3701> lol
<masu3701> so how do i access the server? how to i connect to it?
<aetaric> uh. ssh is the prefered remote connection method.
<aetaric> putty will let you connect to it.
<aetaric> http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
<masu3701> aetaric: but Gui is always easier to use
<aetaric> masu3701: easier doesn't make it better.
<masu3701> aetaric: but if you dont know anything about command how are you gonna get around?
<masu3701> how do yo access the server?
<aetaric> i'm microsoft certified in Windows Server 2003, and i don't even use a microsoft product in my house.
<aetaric> login via the login prompt
<masu3701> aetaric: i am logged in but dont know what to do or where to start
<masu3701> i just get a prompt
<masu3701> where to go?
<masu3701> i dont know
<masu3701> so how is this better?
<aetaric> masu3701: what do you want to use it for?
<masu3701> to learn servers
<masu3701> aetaric: but now am just stock at the command prompt not knowing what to do
<aetaric> read a guide? you need to install the software for each application you want.
<aetaric> and on windows you are stuck on a GUI not knowing what to do
<masu3701> aetaric: no...on windows you can click on things and find out what they do
<aetaric> if you want a webserver, type sudo apt-get install apache2 php5
<masu3701> aetaric: i want to save files on the ubuntu server...how do i do that
<aetaric> masu3701: samba, which lets you transfer files over the network like windows machines do
<aetaric> sudo apt-get install samba
<masu3701> aetaric: and how to i start transfering files from my pc to the server?
<aetaric> the same way you do on windows?
<masu3701> aetaric: first how to i connect to the server
<masu3701> then how do i transfere files
<aetaric> i can't help you with a step by step way to learn how to use a server. i'd suggest you look at the forums for how to do stuff.
<aetaric> if you have an error, i'll be glad to help you with that.
<masu3701> ok
<masu3701> aetaric: i just install filezilla on my other ubuntu computer...now am trying to connect to the server...how do i do so?
<masu3701> where do i get the hostname from?
<aetaric> you set it during setup
<masu3701> the ip?
<masu3701> the host is the ip right?
<masu3701> cause i just  have a user name
<aetaric> you can run ifconfig  to get the current ip
<masu3701> aetaric: i have the inet ip and bcast ip....which one?
<ubuntologist> hi there! in setting up dhcp3-server, is it possible to serve an ip to the interface doing the serving? or is this thinking a bit odd...like what came first - the chicken or the egg?
<erichammond> ubuntologist: I believe I may have accidentally experienced just what you describe today.  I forgot to restart the network interface on my DHCP server when I switched the configuration from DHCP to static IP.  A few hours later the DHCP IP address lease expired and it got assigned a new IP address by the DHCP server running on that machine.
<erichammond> ubuntologist: I haven't completed the investigation, but that's what appears to have happened based on my initial scan.
<erichammond> ubuntologist: However, the machine did have an old IP address already assigned to it when it asked to renew the lease.  I don't know if it could be done when the system is booting and the DHCP server itself has no IP address yet assigned.
<ubuntologist> hi eric - yes, that sounds like what i am testing. i.e. to define a static ip in the dhcpd.conf file as the interface serving requests and in /etc/network/interfaces allow the interface to be dynamically assigned. doesn't seem to work as planned though. still playing around but i may end up just defining it as static and be done with it.
<frojnd> Hello there.
<frojnd> Anyone here. Hope there is one :)
<frojnd> Can someone explain me in what way GUI on server makes system more vulnerable?
<jeffesquivel> frojnd, well... running a GUI means you have more stuff installed and running on your system
<jeffesquivel> frojnd, which means, the probability of having a security-related bug present on your system is bigger
<RoyK> frojnd: normally it won't hurt much
<RoyK> frojnd: but then, normally, who would need a gui on a server...?
<RoyK> frojnd: if you need/want a gui on the server, I'd recommend installing ubuntu desktop and later installing the linux-image-server package for server optimisations and then your services
<RoyK> ubuntu server and desktop are mostly the same
<sherr> frojnd: X Windows is big - lots of code, lot of extra potential vulnerabilities
<sherr> frojnd: also lots of extra resources needed (ram,cpu etc.)
<sherr> Although I am not a zealot. A server is OK with a GUI if that's what's wanted.
<sherr> *A server with a GUI*
 * sherr thinks it's too early ...
<RoyK> sherr: it doesn't really matter much on most systems - a gui doesn't add more ports to listen to, as with new services. for local vulnerabilities to be exploited, you need a local user account or find another vulnerability through which you can pipe the attack
<RoyK> but the gui wastes memory (for some time until the swapper takes care of it)
 * the-sandman 
<facetiousproxy> what is a really good book for Intermediate level training for a LAMP Server?
<facetiousproxy> i am going through the Docs of each system but they aren't really that much help for training other people
<monkey_dust> i have two pc's, one laptop, one desktop, both have openssh-server + client installed -- i can ssh from the laptop to the desktop, but not the other way -- hints & tips pls?
<joschi> monkey_dust: configuration & logs pls?
<monkey_dust> from what? i'm a newbie in networking
<monkey_dust> nmap from desktop to laptop says, that ALL ports on my laptop are filtered
<monkey_dust> ok, it was caused by ufw
<RoyK> root@door:~# lsb_release -r
<RoyK> Release:	10.04
<RoyK> whee
<RoyK> first test server on 10.04
<bogeyd6> Im trying to setup a virtuhost redirect on a website and am having problems using this conf http://pastebin.ubuntu.com/408622/
<bogeyd6> the server serves the default page, not the redirect
<RoyK> first, use a separate file to make things look better - second, I have no idea why this doesn't work. I just tried with this http://pastebin.com/c6tHs8LR and it works like a dream
<bogeyd6> RoyK, nevermind, i dropped it into apache2.conf and all is working
<RoyK> heh
<RoyK> I would recommend not doing that
<bogeyd6> thas ok
<bogeyd6> i doesnt afraid of anything
<RoyK> one config file in /etc/apache2/sites-available per site
<RoyK> then symlink to /etc/apache2/site-enabled
<bogeyd6> i just need it working until the main redirect server is back online
<bogeyd6> RoyK, i did that, but the default website keeps overriding it
<bogeyd6> i split the files
<bogeyd6> so i hace 000-default and example in the /etc/apache2/sites-enabled
<bogeyd6> enabled the rewrite mod
<bogeyd6> etc...
<bogeyd6> bah
<bogeyd6> this is why i use SLES for any production servers we use
<RoyK> heh - I use ubuntu on rather large servers in production
<RoyK> we're moving everything to those these days
<bogeyd6> yeah but
<bogeyd6> i shouldnt have to spend 45 minutes to an hour figure out something that is documented in the apache2 documentation
<RoyK> I don't
<RoyK> but then, I've been using ubuntu/debian for 10 years, so I somehow know my way around them
<RoyK> is linux-image-virtual now the same as linux-generic-pae?
<RoyK> or linux-image-generic-pae
<RoyK> dpkg -L linux-image-2.6.32-19-virtual reports /boot/vmlinuz-2.6.32-19-generic-pae install, no 'virtual'
<pwnguin> when did universe come enabled by default?
<RoyK> pwnguin: afaics it's enabled by default in 8.04lts
<ScottK> I think Feisty was the first release, but I'm not sure.
<exobuzz> what is the status of the server edition when it comes to raid? what I mean is, the mdadm/software raid support in ubuntu is really quite broken and outdated. There are a variety of patches, and fixes on launchpad, yet lucid looks destined to ship with an MDADM which is ~ 18 months old, and has some major bugs as well as lacking support for any of the new and interesting features that the kernel 2.6.32 brings
<exobuzz> is there anyone actually maintaining it ?
<exobuzz> (debian testing currently has a much newer mdadm, although triggers raid building using the more traditional method instead of via udev)
<exobuzz> currently i run a new mdadm on my machine, along with a couple of patches so it works from within the ubuntu initramfs
<exobuzz> (but am thinking to switch to debian, where it all seems better supported)
 * RoyK hands exobuzz an opensolaris cd
<exobuzz> haha
<exobuzz> :-)
<exobuzz> I really dont want to run opensolaris..
<RoyK> if you want stable storage, osol beats them all
<aetaric> i lol'ed. solaris should burn
<RoyK> zfs ftw
<RoyK> until btrfs gets stable, zfs is the only good storage platform there is
<exobuzz> I dont need zfs. also, its not really an answer to my problem. its like the old "how do i do this in mysql" "use postsgresql" type thing.. or "use ruby".
<RoyK> exobuzz: linux md usually works well, and I've been using it a lot. what is your particular problem?
<exobuzz> ext4 despite being quite legacy, is serving me well. and I'm more at home with linux.. i ditched my last sun machine with solaris a long time ago
<exobuzz> RoyK, that ubuntu ships with ancient stuff, and hasnt fixed any of the reported bugs
<RoyK> which ones?
<RoyK> ubuntu/debian usually uses old versions with backported fixes
<exobuzz> you can start here https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/136252
<uvirtbot> Launchpad bug 136252 in mdadm "[->UUIDudev]  mdadm.conf w/o ARRAY lines but udev/mdadm not assembling arrays. (boot & hotplug fails)" [Medium,Triaged]
<exobuzz> debian has mdadm 3.1.1 ubuntu has 2.6.7
<exobuzz> i run my own mdadm with some home rolled patches
<exobuzz> (3.1.2)
<exobuzz> also https://wiki.ubuntu.com/ReliableRaid
<exobuzz> which refers to a bunch of bugs
<RoyK> ic
 * RoyK still sticks to opensolaris for storage :)
<exobuzz> but even a simple upgrade to 3.1.1 or 3.1.2 would solve at least some of the major bugs
<exobuzz> the rebuild failures
<RoyK> how does it fail?
<exobuzz> and 3.1.2 works with ubuntu, with a small change to the ubuntu initramfs structure (missing a needed folder)
<exobuzz> 2.6.7 has bugs dealing with interrupted reshapes etc
<exobuzz> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/256666
<RoyK> i thought most of that was in kernel
<uvirtbot> Launchpad bug 256666 in mdadm "mdadm cannot resume array reshape" [Undecided,Fix released]
<exobuzz> its marked as fixed, but its not actually.. since 2.6.7 has some of the same bugs as 2.6.3
<exobuzz> RoyK, 2.6.7 has some conditions where it can segfault
<exobuzz> anyway. it jut makes no sense at all to ship a mdadm 2.6.7 with a kernel 2.6.32.
<exobuzz> despite the hotplug construction issues, upgrading mdadm would at least be something, so people can avoid some long standing rebuild bugs, as well as having new features like reshaping between raid levels (1->5 for example). and reshaping with new stripe width
<exobuzz> i actually wonder if moving mdadm to udev was a good idea, just because it seems to have been incomplete, and not tested well.
<ScottK> exobuzz: Most of the people who would deal with this aren't generally around on the weekend.  It might be useful to put this into a message to the ubuntu-server mailing list so it can be discussed.
<exobuzz> k
<exobuzz> thanks
<RoyK> exobuzz: what happened when you tried to recompile mdadm?
<exobuzz> well. i took the ubuntu mdadm 2.6.7 source, and did a uupdate on it, after manually removing uneeded patches from the ubuntu diff. I then made a change to where mdadm stores its map file for raid construction, so that it would work from the ubuntu initramfs, however an easier fix is to add the missing /var/run/mdadm folder (https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/550131)
<uvirtbot> Launchpad bug 550131 in mdadm "initramfs missing /var/run/mdadm/ dir (loosing state, race, misconfig)" [Undecided,Confirmed]
<exobuzz> but anyway. i now have a working 3.1.2 mdadm on my ubuntu karmic.
<[diablo]> evening
<[diablo]> guys, anyone know any info on JEOS 10.04 please?
 * [diablo] looks at soren 
<[diablo]> ;-)
<uvirtbot> New bug: #554775 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu1 failed to install/upgrade:  (dup-of: 554763)" [Undecided,New] https://launchpad.net/bugs/554775
<alvin> Reading the backlog, I'm suddenly afraid for my Ubuntu fileserver with mdadm...
<uvirtbot> New bug: #554782 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/554782
<Rafael>  folder of a windows client computer to be mounted on my ubuntu server. that folder is on a non -administrative user. i had  to do it as a Share folder for all users since if i did it other way it won let me..any help..this is the command that i ended using, were the F folder is the share for all users.  sudo mount -t cifs -o username=xxxx,password=xxxx //192.168.1.105/F /home/rgotten/FrontDesk.Windows
<jeffesquivel> Rafael, what you want to do is to share it only for that username and not for everyone else?
<Rafael> jeffesquivel: if i try only to share it with that username on the windows client when i write the command i get an error
<jeffesquivel> Rafael, which error?
<Rafael> permission denied
<jeffesquivel> Rafael, what version of Windows are you using?
<Rafael> xp
<Rafael> xp prof
<jeffesquivel> Rafael, is it part of a Domain or Active Directory, or is it an standalone computer?
<Rafael> jeffesquivel:4 windows client workgroup is OFFICE
<jeffesquivel> Rafael, have you tried to access that share directly with smbclient?
<Rafael> jeffesquivel: i try but i am newbe so maybe i am doing something wrong...when i did the share of all users it worked
<jeffesquivel> Rafael, you can try with something like smbclient -U username //192.168.1.105/F
<jeffesquivel> that will ask you for the password
<Rafael> jeffesquivel: passowrd of that user not of adminsitrative correct?
<jeffesquivel> Rafael, right
<jeffesquivel> password of the user in the windows computer
<Rafael> jeffesquivel: let me ask you a dum question
<jeffesquivel> Rafael, yes?
<Rafael> jeffesquivel: i want to understand this..if let say user John is a limited user and on the D drive has a folder called F under my doucments...will you go from my account whcih is rafael and since i have administrative privilleges go to c: document settings bbb and look for John and rigth click on F or is there other way fo doing this correctly?
<dvheumen> hi, anyone got any experience with setting up file shares on a linux host and authenticate users via likewise with Windows server? I'm stuck at not getting access to the share from client machine accessing the share
<jeffesquivel> Rafael, I don't understand you... you should be able to share the folder with user John, usually, you don't need to be an administrator to share folders
<Rafael> jeffesquivel: let me try one more time and see
<jeffesquivel> Rafael, ok
<Rafael> jeffesquivel: i try and if you are not a administrator, you can not do it
<jeffesquivel> Rafael, hmm.... you're right... sorry, the user I tried it with was an administrator and I thought it wasn't...
<jeffesquivel> Rafael, may be this document can help: http://support.microsoft.com/kb/304040 ?
<Rafael> jeffesquivel: let me take a look
<Rafael> jeffesquivel: what happens if the shared folder has a space in between, let say My Documents  how do you type it so it can be mount?
<ScottK> You have to quote it.
<ScottK> Either "filename with space" or filename\ with\ space should work.
<Rafael> so in this case how will you do it..since is giveing me an error: sudo mount -t cifs -o username=Rafael,password=3544 //192.168.1.105/Myplasticare Pictures /home/rgotten/FrontDesk.Windows
<Rafael> Myplasticare Pictures
<ScottK> How about Myplasticare\ Pictures
<Rafael> let me try
<Rafael> error
<uvirtbot> New bug: #554845 in clamav (main) "package clamav-daemon 0.95.3 dfsg-1ubuntu0.09.04 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/554845
<Rafael> look at error: http://pastebin.com/qssQrXfi
<ScottK> Not sure.
<Rafael> anybody can help?
<jeffesquivel> Rafael, how about sudo mount -t cifs -o username=Rafael,password=3544 "//192.168.1.105/Myplasticare Pictures" /home/rgotten/FrontDesk.Windows     ?
<Rafael> jeffesquivel: Thanks..it worked
<jeffesquivel> Rafael, np
<jeffesquivel> :-)
<ddecator> when i ssh to my server outside of the local network, am i supposed to use the external ip of my server, or of the router it is connected to?
<jeffesquivel> ddecator, it depends... can you access the external ip of your server from outside your local network?
<ddecator> jeffesquivel: not sure. i had to forward the port from the router to the server, so i'm guessing i use the router's ip?
<jeffesquivel> ddecator, yep, most probably
<Rafael> jeffesquivel: i have added that lst one to my /etc/fstab do i have to quote it...look: # Samba automatic load
<Rafael> /192.168.1.101/serverbackup /home/rgotten/mnt   cifs  credentials=/root/.credentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<Rafael> /192.168.1.106/Charts /home/rgotten/charts.windows   cifs  credentials=/root/.credentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<Rafael> /192.168.1.105/Myplasticare Pictures /home/rgotten/FrontDesk.Windows   cifs  credentials=/root/.credentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<ddecator> jeffesquivel: i tested the router's ip and it worked =) thanks
<jeffesquivel> Rafael, I don't know if you can quote like that on fstab... why don't you try it and tell me? :-)
<jeffesquivel> ddecator, you're welcome
<jeffesquivel> ddecator, but I really did nothing... he he
<Rafael> jeffesquivel...that is my next question..how can i test the fstab?
<Rafael> jeffesquivel: like reboot and see if it is mounted..or how?
<jeffesquivel> Rafael, well... first... if you try mount /home/rgotten/FrontDesk.Windows
<jeffesquivel> Rafael, it should go looking to /etc/fstab to try to get the rest of the info
<jeffesquivel> Rafael, IIRC, you could try mount -a too (which mounts everything that is set to auto mount on boot)
<Rafael> <jeffesquivel> this is what i get: rgotten@myplasticare:~$ mount /home/rgotten/FrontDesk.Windows
<Rafael> [mntent]: line 17 in /etc/fstab is bad
<Rafael> mount: can't find /home/rgotten/FrontDesk.Windows in /etc/fstab or /etc/mtab
<jeffesquivel> Rafael, is line 17 the share with the space?
<Rafael> y
<Rafael> jeffesquivel...i do not know if i should keep trying the hard way or just change the name of tha fodler to a single word?
<Rafael> what do you think?
<jeffesquivel> Rafael, I personally, prefer using single words to avoid all of that...
<Rafael> your are rigth mu froiend
<Rafael> my friend
<Rafael> jeffesquivel: i just want to share with you this...you can use octal representation of the space "\040 and using that it worked: //192.168.1.105/Myplasticare\040Pictures /home/rgotten/FrontDesk.Windows   cifs  credentials=/root/.credentials,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<Rafael> just found that by googling
<jeffesquivel> Rafael, great! and thanks for the tip
<Rafael> no..thanks you for your patient with this newby
<Rafael> newbee
#ubuntu-server 2010-04-04
<jeffesquivel> Rafael, that's what the community is for... :-)
<Rafael> jeffesquivel..that is the way i thought it should be, but i find sometimes thta people are not so friendly when you have somebody like me who is trying to learn and is kind of hard when you are an old man like me..so thanks
<jeffesquivel> Rafael, :-)
<Rafael> have a great day
<jeffesquivel> Rafael, thanks, you too
<joeblob> hmm, the official AMI for EC2 wasn't available for me, ami-cb2e7f8e
<joeblob> it just doesn't show up in the search
<rene-> hello
<rene-> can ubuntu-server be installed via netboot?
<uvirtbot> New bug: #554903 in apache2 (main) "apache2 with mod php5 does not execute index.php" [Undecided,New] https://launchpad.net/bugs/554903
<Jeeves_Moss>  can someone please post a WORKING APT list for server 8.04 CLT?
<uvirtbot> New bug: #554921 in dbconfig-common (main) "package dbconfig-common 1.8.44 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/554921
<mrspacklecrisp> Anyone out there who can help a person with touchscreen problems?
<mrspacklecrisp> Hello?
<mrspacklecrisp> How can there be so many people and no one is talking?!
<mrspacklecrisp> irc is SO frustrating!!
<uvirtbot> New bug: #554928 in samba (main) "cannot follow symlinks on any samba share" [Undecided,New] https://launchpad.net/bugs/554928
<gbear14275> hey guys, just installed 10.04 beta 1 on my server and going through some initial setup.  I was hoping for some recommendations for some good gui tools I can use to manage the machine through the network.  Not sure how much support I'll get but does anyone have any recommendations?  I'm planning on this being a vm host.
<gbear14275> Right now I'm thinking of using tools such as virt-manager through x forwarding... but am wondering if there are better ways.  My first hiccup was trying to use gparted and it not having any lvm2 support so am now a little nervous about that
<masu3701> i just installed ubuntu server....i got to access it using filezilla....
<masu3701> now how to i access from outside the network?
<uvirtbot> New bug: #555031 in php5 (main) "package php5-ldap 5.3.2-1ubuntu3 failed to install/upgrade: tentative de remplacement de Â«Â /usr/lib/php5/20090626 lfs/ldap.soÂ Â», qui appartient aussi au paquet libapache2-mod-php5 0:5.3.1-5ubuntu2" [Undecided,New] https://launchpad.net/bugs/555031
<Ichat> can anyone help me with getting my printer up and running :   ubuntu  8.04  server    ebox 1.4    samsung clp310
<ngw> hi *
<ngw> sorry for the dumb question, but what should I do if I want to test an EC2 deployment on a VM like vmware ?
<ngw> I'm kind of lost, I'm developing a web application with a rather difficult deployment (rails 3 app + node.js daemon and some ticks with nginx) and I would like to test it before buying an EC2 instance
<ngw> locally I mean
<lifeless> UEC
<lifeless> http://www.ubuntu.com/cloud/private
<lifeless> its a free software EC2 clone
<lifeless> you can set that up locally and test your deployments
<ngw> lifeless: fantastic, will try immediately
<ngw> thanks a lot
<barret2222> hi
<Annaa> http://tinypic.zapto.org/2kn4m8.png?t=1270382266 do my breasts look to big?
<uvirtbot> New bug: #555109 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: å­è¿ç¨ æ°ç pre-installation èæ¬ è¿åäºéè¯¯å· 1" [Undecided,New] https://launchpad.net/bugs/555109
<uvirtbot> New bug: #555115 in vm-builder (universe) "Can't use XFS as filesystem" [Undecided,New] https://launchpad.net/bugs/555115
<uvirtbot> New bug: #555139 in gnome-system-tools (main) "Cannot enable user (dup-of: 546874)" [Medium,Incomplete] https://launchpad.net/bugs/555139
<lamont> 555115 sounds like a feature, maybe?
<uvirtbot> New bug: #545656 in libvirt (main) "Have not been able to download any application" [Undecided,New] https://launchpad.net/bugs/545656
<dassouki> for some reason i can't enable .htaccess for a site i have under ispconfig .. the site goes bazunk when i enable it.. my .htaccess and my log http://pastie.org/902745
<Rafael_> i have 2 software raid 1 boot and swap and 2 raid 5 system and data i will like to go from ext3 and ext4  any easy way to do it
<RoyK> why change? ext3 works.....
<RoyK> if you need to, there are rather good docs available through this fancy website called Google
<holmser> I was installing 9.10 server on a dual xenon with a raid 5 setup yesterday, and both grub and lilo failed to install
<Rafael_> RoyK: i have bieng testing the server for the past 3 month..this is the time to scre up..i want to be able to do it so in the future when is fully functional i can do any upgrades like that and i know how to solve problems if any
<holmser> I've been googling around but I can't seem to find any info on what the problem may be
<RoyK> holmser: don't use raid5 on the root
<RoyK> just don't
<RoyK> use a little mirror for the root
<holmser> ok
<holmser> this is gonna be a really newbish question, but one of my IT buddies gave me this server and I have never worked with a raid 5 setup before
<Rafael_> i have bieng googling and nit a lot of thinks out there
<holmser> how would I set up that mirror?
<RoyK> hardware or software?
<holmser> hardware
<RoyK> if it's hardware raid it should be trivial to run it all off that
<RoyK> linux won't see the raid and won't care
<RoyK> if grub install fails, use a small (1GB?) partition for /boot and the rest for something else
<holmser> ok... so I would just need to go in and manually partition the drives instead of using the automatic setting?
<RoyK> make sure /boot is the first partition
<RoyK> yes, do that
<holmser> ok.  I'll try that this afternoon.  Thanks for the help
<IIID> anyone has experience to serve pre gzipped files on apache?
<IIID> Like .css or .js files
<KurtKraut> IIID, what do you want to know, precisely?
<incorrect> for some reason dpkg-reconfigure slapd doesn't ask me to configure it
<IIID> KurtKraut, i couldnt make it work... it is eaither invalid characters, or doesnt get the compressed file if content-encoder header is not sent
<Shurik> hi, is there any ubuntu server experts?
<Shurik> hi. My experience with linux - second day. I finally setup ubuntu server and setup my domain name - esceloju.lv - this show "It works!". I updated to kubuntu because I was unable to find any commands how to setup software etc. i don`t have any clue where to start setup apache, mysql  thanks
<Shurik> is anybody live?
<ScottK> !weekend | Shurik
<ubottu> Shurik: It's a weekend. Often on weekends the paid developers and a lot of the community may not be around to answer your question. Please be patient, wait longer than you normally would or try again during the working week.
<Shurik> thanks
<viezerd> Shurik: https://help.ubuntu.com/community/Servers provides you some basic information
<viezerd> to getting started
<Shurik> ok, i`ll erad this and came back after some years... :)
<Shurik> one quest about subdomains. my doesn`t work if wrote www.esceloju.lv but works without www. Is this a router problem or dns provider  ?
<viezerd> probably a dns
<IIID> dns if you have the www alias set in virtualhost settings
<Shurik> in Alias field I need to wrote only subdomain name, like www  only? or full adress likewww.esceloju.lv?
<IIID> Shurik, there are several ways depending on your configuration needs, if one domain, ServerAlias www.yourdomain.com
<Shurik> oh, it works!:)
<Shurik> fixed
<Shurik> maybe you can tell where i can find index.html file on my server?:) this would be very nice
<Shurik> :D
<IIID> "/var/www" if default
<Shurik> yes, the faile is there, but I can`t save it - Check that you have write access to this file or that enough disk space is available.
<Shurik> any solutions?
<Shurik> ok, thanks guys for support
<jeffesquivel> I wonder if that was sarcasm... on IRC I can never tell...
<viezerd> he will be back after some reading
<jeffesquivel> viezerd, ha ha... ok
<masu3701> i am shoppin for a home server....wll run file server, mail server
<masu3701> how big shuld the hd and memory be for ubuntu server?
<jpds> 3GB.... 512MB should do it?
<KurtKraut> masu3701, I've typed 'ubuntu minimum system requirements' on Google and found this: https://help.ubuntu.com/community/Installation/SystemRequirements - I think this link will help you to find your answer
<ScottK> It depends a lot on what you're going to do with it.
<IIID> if you want performance, there is virtually no upper limit
<qman__> yeah, ubuntu will run on just about anything
<qman__> the hardware you choose should be based on what you want it to do
<qman__> I have one old box still chugging along, 200MHz
<masu3701> maybe i just need a biger hard drive
<Psi-Jack> During the installation of Ubuntu 9.10 at tasksel, what does "Virtual Machine host" end up installing?
<viezerd> not sure, but I have KVM installed and when I execute 'tasksel' I see the x in Virtual machine host'
<Psi-Jack> Yeah. I just noticed that too, when I switched my kvm switch to my other server that is also a kvm server. ;)
<viezerd> kvm is not only a switch, its also a kernel-based virual machine :)
<Psi-Jack> Yep. :p
<Psi-Jack> Why I said, both kvm switch, and kvm server. ;)
<viezerd> ah :P
<Psi-Jack> I have 3 vm server clusters.
<uvirtbot> New bug: #555361 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/555361
<dvheumen> Hi. Can anyone confirm my suspicion that it is (technically) impossible to add a disk to an mdadm mirror array that is even slightly smaller? (I'm asking because I've got this problem and I'm ready to move the stuff over to another disk, but I'd like the easiest way out :P)
<Psi-Jack> dvheumen: Your suspicion is correct.
<MTecknology> So, it's a little off topic but - why would you guys pick Ubuntu over something else like Gentoo or CentOS?
<tholo> If you are managing multiple servers Gentoo gets to be a pain...
<jongbergs> !hi
<ubottu> Hi! Welcome to #ubuntu-server! Feel free to ask questions and help people out. The channel guidelines are at https://wiki.ubuntu.com/IRC/Guidelines . Enjoy your stay!
<MTecknology> tholo: any other reasons?
<tholo> Not really, as far as I am concerned.
<jongbergs> hi, i've installed ubuntu 9.10 server but forgot to install the LAMP stack package during installation. How can i install LAMP from the server CD installer directly without needing internet access?
<MTecknology> tholo: thanks very very much - I really didn't care about the specific reason but I was more interested in how you approached it - not the 'it sucks' approach
<tholo> No, Gentoo is fine for low numbers of servers. But it becomes a pain when you have a lot of them. Ubuntu and CentOS are both fine in that case.
<tholo> That's all just my personal opinion, of course. :-p
<MTecknology> jongbergs: add the cd as a repo, apt-get update && tasksel
<MTecknology> jongbergs: should work
<Psi-Jack> I'm having an issue getting clvm working. When I set the lvm.conf locking_type = 3, but I'm getting the following two lines of error:
<Psi-Jack>   Unknown locking type requested.
<Psi-Jack>   Locking type 3 initialisation failed.
<jasonmchristos> Christ Jesus rose from the dead and so will you , do not fear death. This is the day which by faith we conquer all fear, and maximise our potential as human biengs.
 * Psi-Jack sighs.
<Psi-Jack> Fracking trolls!
<MTecknology> jasonmchristos: thanks for the spam
<jasonmchristos> just a word of encouragment
<jasonmchristos> i you dont like it just ignore it
#ubuntu-server 2011-03-28
<ruben23> hi guys i have a web server apache then i have alias set where i can browse the directory and download the file on a browser by typing the local IP http:localip/recordings --->its working on local but in remote or using its publci ip it wont open at all, the webserve have local ip and publci ip set. any idea guys..?
<kernalzero> Hey all.  I'm new to ubuntu server.  Have had intermittent linux experience for sometime now though but not much server experience.  I'm planning on running ubuntu server for my home webserver / vpn server.  Would you guys suggest I just install ubuntu server and go? or install ubuntu desktop and virtualize ubuntu server?
<SpeedSter> Desktop until you get more familiar with linux
<SpeedSter> The server build has no gui
<kernalzero> figured that was the best idea, I've been running the server on an old windows box through VMware and have the webserver running, only took like 30 minutes to get running just don't want to screw things up and have no way to fix it d/t lack of experience
<kernalzero> have an atom setup en route and just trying to plan what i'm going to do before it gets here on tuesday.  any suggestion what to use for virtualization? I've looked at KVM
<SpeedSter> Virtualbox is a little easier to use than kvm
<kernalzero> i'll take a look into that, appreciate it speedster.  later
<Jasonn> What can i put thats easy to install on my server?
<Jasonn> Something that i might find usefule
<Jasonn> useful*
<bin1010> moin
<bin1010> has anyone deployed grails in ubuntu server?
<bin1010> not sure I trust grails just yet ;)
<SpeedSter> Whats grails
<SpeedSter> Grails was acquired by vmware?
<shaggy2> hey I was wondering if there was a way I could simply revert ubuntu 10.10 back to the way it was after install without completely formatting and reinstalling,
<rcconf> what's up ubuntu server users
<rcconf> :)
<ScottK> $ uptime
<ScottK>  22:03:50 up 52 days, 23:59,  1 user,  load average: 0.38, 0.13, 0.04
<ScottK> :-)
 * patdk-lap wonders who doesn't patch their kernel :)
<qman__> lost power for over 3 hours a few weeks back, so my numbers aren't that impressive right now
<qman__> but I've got a couple LPG generators on the way, so never again
<rcconf> patdk-wk: you can update the kernel with rebooting thanks to ksplice
<patdk-lap> ya, I had some 800day uptimes day 2 months ago :(
<rcconf> patdk-lap:
<rcconf> :)
<patdk-lap> damn storm knocked out power for 3 days
<patdk-lap> lp tanks didn't last 3 days
<qman__> ah
<qman__> well, one thing we sell is propane, got a 5000 gallon tank just for that
 * rcconf loves Ubuntu
<patdk-lap> only 1000 here
<patdk-lap> ubuntu doesn't use rcconf, go back to bsd :)
<qman__> heh
<rcconf> o,O
<rcconf> I use rcconf in UBuntu :D
<rcconf> http://www.techiehq.net/newreply.php?do=newreply&p=82730
<rcconf> is this true? i really need to know
<qman__> rcconf, that forum requires registration
<uvirtbot`> New bug: #744006 in backuppc (main) "package backuppc 3.2.0-3ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/744006
<uvirtbot`> New bug: #744019 in cloud-init (main) "mountall errors on boot" [Undecided,New] https://launchpad.net/bugs/744019
<hsn_> how can i upgrade 7.10 to 8.04?
<ikonia> aliverius: good morning
<Pinpon> raphink: :)
<rpinson_> Pinpon, ?
<twb> Why is collectd using between 200MB and 600MB of VSZ?
<alami> hello, can any explain to what i can do in this situation, http://pastebin.com/wbD69aEW
<alami> when i try to start my server, i get this things
<twb> alami: are you using vmware?
<twb> alami: or some other third-party software?
<alami> nope, i'm using a real HP server
<twb> That message is because something is calling "/etc/init.d/hostname start" instead of letting upstart do it
<twb> Rather, because something has symlinked /etc/init.d/hostname into rcS.d or rc2.d
<twb> This is not normal, but something third-party packages try to do it to be clever
<alami> and how can i fix it?, i can only trough repaire console to the server
<twb> Try update-rc.d -f hostname remove
<twb> Or look in /etc/rc2.d and /etc/rcS.d for symlinks to hostname and manually delete them.
<alami> ok i will try to do that
<alami> thanks a lot
<alami> i thing that a conflict between ssh and apache in libssl, but i have stop sshd and apache and acpi-support on the boot, but i steal can't start up this system
<twb> Sounds like you've fucked it up badly
<twb> Maybe it is best to reinstall from scratch
<alami> i have on this server firewall and proxy, and i don't want to reinstall it
<cylex> Hello, I would like to do an active directory effect, where users logs in through ubuntu server
<cylex> is there something like that available between windows and linux
<jamespage> cylex: do you want to integrate linux systems to active directory
<jamespage> cylex: or just have something similar for your ubuntu systems?
<cylex> have something similar
<cylex> like have windows users login, using linux server
<aliverius> goodmorning people
<aliverius> goodmorning ikonia
<jamespage> cylex: so this is Windows clients authenticating against an Ubuntu Server?
<cylex> yes
<cylex> and then it logs on to windows
<cylex> basically, I wanna know if its possible
<alami> jamespage: what do you thing, if my ubuntu-server 10.04 get weird at the boot, if i upgrade to 10.10, is that a good idea
<jamespage> cylex: hmm not tried that before; I've backed Samba share authentication off to AD but never tried making linux act as the primary domain controller
<cylex> wat's AD?
<jamespage> cylex: I think you used to be able todo this for NT 4 domains but I'm not sure about Full Active Directory (AD)
<cylex> hmm
<cylex> also, I heard of universities use Ubuntu as desktop OS
<cylex> do they use some sort of networking
<jamespage> alami: that depends - what sort of issue are you having at boot?
<jamespage> alami: also be aware that 10.10 is not a long term support release whereas 10.04 is (so fixing might be a better option in this case)
<alami> ok plz try to stay with me
<raphink> cylex, what do you mean by "some sort of networking"?
<alami> i have on this server firewall with iptables, and i have only run sudo apt-get update, and upgrade
<alami> after that, i can start my server
<cylex> something like Active Directory login
<jamespage> cylex: if you are just working with Ubuntu there are a few options for login/authentication - see https://help.ubuntu.com/10.04/serverguide/C/network-authentication.html
<raphink> cylex, probably, that or another kind of LDAP auth
<alami> it stay weird
<jamespage> alami:  when you say weird what sort of behaviour are you seeing
<cylex> ok thanks
<cylex> :)
<jamespage> cylex: np - have a nice day!
<cylex> you two! :)
<cylex> I have tons of questions
<cylex> i'll be back, when I install ubuntu
<alami> jamespage: i see that apache2 can't start, clamAV is out of date, checking for running unattended update
<alami> and also libssl and libcrypt and phyton
<alami> after unattended update
<jamespage> alami: did you see any issues during the upgrade?
<jamespage> alami: /var/log/apt/term.log might have more information if anything went wrong.
<alami> sorry i don't remamber that was two week a goo
<alami> i have search every when i have get any other informations
<alami> i will passt you  /var/log/apt/term.log
<jamespage> alami: OK
<alami> btw: i have try to apt-get install --reinstall libssl0.9.8 in rescu mode, but without any change
<alami> jamespages: http://pastebin.com/SN5dfzxb
<jamespage> alami: can you pastebin /var/log/boot.log as well so I can see the error messages.
<alami> ok
<alami> jamespage: that's http://pastebin.com/VkHwJV38
<jamespage> alami: hey - I have to duck out for 30 mins or so - I'll take a deeper look when I get back...
<alami> ok, i will stay here
<jamespage> alami: back now
<alami> cool
<alami> :)
<alami> i'm happy
<alami> so i hope you can help me
<jamespage> alami: so there are quite a few error messages relating to /opt/hp/hpsmh/lib/libcrypto.so.0.9.8
<alami> yes and libssl
<jamespage> alami: it would appear that this library is conflicting/interferring with the operation of the normal system installed one - issue with libssl is the same.
<jamespage> alami: is that the HP systems management agent? (hpsmh)
<alami> yes
<alami> but when i'm also on recovery mode, i can't use ssh, because libssl and libcrypto
<jamespage> I'm guessing that hpsmh has installed something to /etc/ld.so.conf.d so that the system picks up the libraries that it provides.
<jamespage> can you do a ls of this directory so we can take a look?
<alami> yes of cource
<alami> but i want only to tell another ting
<alami> i thing that libssl version that i have is not compatible with the system
<alami> ehat do you thing
<jamespage> agree - the versions provided by the HP agent look to be breaking other things like SSH, python and maybe apache
<jamespage> output of ldconfig -p might be useful as well
<alami> jamespage: http://pastebin.com/BRWBbzgN
<alami> what do you thing about this other link http://www.go2linux.org/linux/2010/05/pacman-error-while-loading-shared-libraries-libssl-so-0-9-8-cannot-open-shared-object-
<jamespage> alami: if you look at lines 51->53 it confirms that the hp provided library is overriding the system provided one.
<jamespage> for libssl
<alami> ok
<alami> and what's the solution to fix that?
<jamespage> libapr is being impacted by the same issue.
<jamespage> Which is probably the cause of the apache startup failure
<alami> i don't know rearly, apache ist not the problem, i want only to start the system another time
<jamespage> Well; you could un-install the HP systems management stuff - or it might need an upgrade if there is a later version (but that might cause the same issues).
<alami> http://www.go2linux.org/linux/2010/05/pacman-error-while-loading-shared-libraries-libssl-so-0-9-8-cannot-open-shared-object-, what do you thing about this solution
<jamespage> alami: I don't think that is the issue you have; or a good solution
<alami> i have disable all hp stuff at the boot
<jamespage> alami: fixing up system libraries like that is normally very fragile and future upgrades might break stuff
<alami> aha ok
<alami> jamespage: i thing reinstall the system is the best thing here
<jamespage> alami: disabling is probably not sufficient; take a look in  /etc/ld.so.conf.d and see if there is a file related to the HP stuff and move it out.
<alami> because i can't reinstall un-install the HP systems management stuff
<jamespage> alami: I think that may be a bit extreme (re-install the system)
<jamespage> alami: you should be able to  uninstall the HP stuff
<jamespage> which should resolve the issue.
<alami> http://pastebin.com/Ky577dED
<jamespage> alami: hpsmh.conf
<jamespage> I'd be willing to bet that if you move that file (or purge the HP systems management stuff) and reboot your errors should go away :-)
<alami> /opt/hp/hpsmh/lib
<alami> lol
<jamespage> So this directory tells the system where to load libraries from
<alami> i will move this file to /var/tmp
<alami> and reboot, ok?
<jamespage> Suggest that root home directory may be best.
<jamespage> things like /var/tmp /tmp etc... get purged out on reboots
<jamespage> but other than that try it out.
<alami> do you mean that i have to move /etc/ld.so.conf.d/hpsmh.conf to my /home?
<alami> lol or i will just change th name from mv /etc/ld.so.conf.d/hpsmh.conf /etc/ld.so.conf.d/hpsmh
<alami> are you ok jamespage?
<alami> so i have try it, but don't work
<alami> jamespage?
<jamespage> alami: hey
<jamespage> same issues?
<dschuett> I just did a re-install of one of my ubuntu 10.04 machines. Now i can't ssh into it. I get the error  WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! It gives me the fingerprint and the file, but the file is encrypted, so i can't delete it
<alami> jamespage: nothing, i have do that, but i still geting the same Problem
<jamespage> alami: so what does ldconfig -p say now?
<jamespage> dshuett: ssh-keygen -R <hostname> -f ~/.ssh/known_hosts should help you out - because the host keys have changed you need to purge any existing entries.
<jamespage> dschuett: sorry - missed the c ^^
<alami> jamespage: do you still here? :)
<jamespage> alami: yes
<alami> how can i understandt that :D via recovery mode, i can start the system normaly
<alami> i don't understadt that
<alami> but look, every thing work fein, but ssh not, i thing the Problem is only libssl
<alami> when i will get that, everything will work
<jamespage> alami: so did the change you made have any effect? i.e. is SSH the only thing now not working?
<alami> no the change doesn't have any effect
<alami> http://pastebin.com/uJXg5x1A
<jamespage> alami: well it looks like the system is still picking up the HP software.
<alami> i will try to remove it
<Caribou> alami I don't understand why hpsmh is coming into play when restarting sshd
<Caribou> hpsmh is System Management Homepage, the webpage that you access when you reach https://{yoursystem}:2381
<jamespage> Caribou: it would appear that the various libraries installed with hpsmh have conflicted with system installed versions which is causing this issue
<alami> jamespage: i have delete  /etc/ld.so.conf.d/hpsmh.conf and i still get the samethings
<Caribou> hold on, lemme check a few things
<jamespage> alami: have you confirmed that this has removed these libraries from the ld configuration by running ldconfig -p
<jamespage> ?
<alami> yes
<alami> wait i will passt you ldconfig -p
<Caribou> Only on ref on ITRC, but seems like it has some good suggestions : http://tinyurl.com/4dcv7vq
<alami> jamespage: http://pastebin.com/zd24uLbp
<alami> Caribou: thanks for your help
<Caribou> funny, this url http://communitylinux.org/node/271 talks about a known bug and that the original author is Dann Frazier
<Caribou> he's dannf & he usually hangs around in this room
<alami> jamespages: do you see 50-52
<jamespage> alami: hmm - that's weird - it might be worth checking the content of the other files in /etc/ld.so.conf.d
<alami> ok
<jamespage> the ld cache is only updated after sudo ldconfig is run so make sure todo that as well.
<Caribou> you must rerun ldconfig after modifying the file
<Caribou> jamespage beat me to it ;)
<jamespage> :-)
<alami> i have do after that
<alami> http://pastebin.com/HhgGJRxE
<alami> another question, why this? http://pastebin.com/C21L4Mit
<alami> why when i run sshd, hp anwser me
<alami> :D
<alami> jamespage:Caribou: thanks a lot, i will give it up, i have try all what you said but without any results
<alami> if i want to backup squid and dansguardiain configuration, i need only to backup squid.conf and dansguardian.conf?
<alami> Caribou: this bug is rearly hard
<Caribou> yeah & apparently not very well known. I would suggest to remove hpsmh if you don't plan to use it right away
<alami> Caribou: do you mean apt-get -remove hpsmh?
<Caribou> did you install the Proliant Support Pack yourself (hpsmh comes from the PSP)
<alami> sorry i don't know another person has install this server 6 mouth ago
<Caribou> I'm just not sure if hpmsh has other dependancies.
<alami> have see what Mike Watt say here http://tinyurl.com/5raezoq
<alami> sure it has another dependancies
<Caribou> yeah, you might want to try that
<alami> Caribou: i will try apt-get remove hpsmh, what do you thing? are you with
<alami> me
<Caribou> don't you want to try Mike Watt's trick first.
<alami> ok, i will try that first then i will remove if mike's trick doesn't work
<alami> thanks a lot
<Caribou> otherwise, you can remove it. It's publicly available anyway so you can always d/l & reinstall
<alami> yes that it
<alami> and i don't need it
<alami> you know, why i should need hpsmh
<Caribou> it's in there somewhere : http://downloads.linux.hp.com/SDR/
<Caribou> it's a management webpage to help manage your proliant
<Caribou> You access it by the following URL : https://{your server hostname}:2381
<alami> lol have you forget :) don't work
 * Caribou didn't catch the beginning of the discussion
<alami> cp -i -s /opt/hp/hpsmh/lib.hp/* ./
<alami> no problem ;)
<uvirtbot> New bug: #744293 in drbd8 (main) "Infinite loop in helper LVM script for DRBD 8 in Lucid" [Undecided,New] https://launchpad.net/bugs/744293
<alami> Caribou, jamespage : look at my new boot.log :)
<alami> only to let you know i have remove hpsmh and i don't get any positiv thing
<alami> but thanks a lot
<alami> for you help :)
<RoAkSoAx> SpamapS: ping?
<mdeslaur> Daviey: why did you say we don't have a comprehensive test suite for bind9?
<tyreza> hello there
<tyreza> using sed
<tyreza> is it possible to just only delete a line ?
<tyreza> anyone there ?
<tyreza> using sed is it possible to change a value ?
<Daviey> mdeslaur, We don't.... upstreams you mean?
<tyreza> hello
<tyreza> anyone there ?
<Daviey> mdeslaur, Perhaps i missunderstood the question, but i thought we were talking about comprehensive test *cases*.. which we lack.
<tyreza> WHAT'S up here ?
<zul> what about the ubuntu-qa testsuites?
<Daviey> tyreza, Please have patience... your question didn't include enough detail...  You need to state what you need removed.
<Daviey> zul, Unless things have changed, i thought that testsuite was less than comprehensive.
<mdeslaur> Daviey: ah...pitti mentioned not having a test suite in the bug (651875)...yeah, upstream test suite is pretty good
<Daviey> mdeslaur, perhaps i should clarify... first - zul, is the ubuntu-qa testcases more comprehensive than i gave them credit for?
<tyreza> i got 3 pc
<tyreza> i have ssh access on 3 pc
<tyreza> i need to remove a line called networkcom wich is present on 3 pc
<tyreza> so i want to use sed -i for that what should i have to do ?
<Daviey> zul, what do you think?  Are they comprehensive?
<Daviey> tyreza, I'm sorry - but i'm really struggling to understand what you are trying to do..  you want to remove a line which starts with networkcom, from a text file?
<tyreza> well let me explain you in an other way
<tyreza> on this file : /etc/network/interface
<tyreza> i got a line : iface lo inet loopback
<tyreza> i need to delete this line
<tyreza> how to do ?
<tyreza> with sed -i ?
<Caribou> sed '/iface lo inet loopback/d' /etc/network/interface
<Caribou> or in a more complete fashion : mv /etc/network/interface /etc/network/interface.sav; sed '/iface lo inet loopback/d' /etc/network/interface.sav > /etc/network/interface
<tyreza> i m sorry not working
<tyreza> sed '/iface lo inet loopback/d' /etc/network/interface
<tyreza> is it : sed '/iface lo inet loopback/d' /etc/network/interface or sed - i '/iface lo inet loopback/d' /etc/network/interface  ?
<pmatulis> s/interface/interfaces ?
<tyreza> sed '/iface lo inet loopback/d' /etc/network/interfaces
<tyreza> not removing the line iface lo inet loopback
<tyreza> i think there is missing /s
<tyreza> is it the correct syntaxe ?  sed -i 's/iface lo inet loopback/d' /etc/network/interfaces
<pmatulis> tyreza: you need to read a little on how sed works
<smoser> SpamapS, ping
<pmatulis> tyreza: basically you need to output the changes to a separate file.  something like Caribou said
<uvirtbot> New bug: #744371 in php5 (main) "PHP5-FPM doesn't always restart on 10.10" [Undecided,New] https://launchpad.net/bugs/744371
<tyreza> oh dear you earase my file
<tyreza> gone
<tyreza> i have to reinstall my macchine
<pmatulis> tyreza: no, *you* erased your file
<tyreza> may be
<tyreza> thanks a lot
<tyreza> bye
<skaet> Daviey,  https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/717166 do you know when a fix will be landing for this?
<uvirtbot> Launchpad bug 717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [Critical,Triaged]
<skaet> its marked as a release blocker, is that accurate?
<tyreza> hello
<tyreza> is there anyone ther e ?
<tyreza> on my terminal i got a scrip when i run the script i got a blue script where it asks me to enter the entry
<tyreza> to be able to have that screen i have to do ./myscript
<tyreza> so my question : how to that script to an new window
<skaet> Daviey,  all:  also, any update on: https://bugs.launchpad.net/ubuntu/+source/open-vm-tools/+bug/727342
<uvirtbot> Launchpad bug 727342 in open-vm-tools "FFE: open-vm-tools kernel module failed to build" [Critical,New]
<tyreza> i don't like that script run on the same window
<tyreza> i would like to run the script to a new window
<tyreza> how to do ?
<tyreza> yes i know i is an very tuff question, may be there is no answer for that
<smoser> tyreza, try: gnome-terminal --command "sh -c 'echo hi world; sleep 10'"
<smoser> that opens a new terminal, runs 'echo hi world; sleep 10' as if you'd typed it at the terminal
<tyreza> do you understand my questioN ?
<tyreza> so for my case i have to use myscript instead of hi world ?
<tyreza> gnome-terminal --command "myscript'"
<tyreza> gnome-terminal --command "sh -c 'echo myscript'"
<tyreza> am i right ?
<tyreza> ok let me check
<robbiew> hallyn: hey...so what's the situation with bug 727342
<uvirtbot> Launchpad bug 727342 in open-vm-tools "FFE: open-vm-tools kernel module failed to build" [Critical,New] https://launchpad.net/bugs/727342
<hallyn> robbiew: no change since my last response to skaet.
<robbiew> so are we waiting for others to test it?
<tyreza> -bash: gnome-terminal: command not found
<hallyn> robbiew: some already have, but yes
<hallyn> robbiew: i'm gonna try to look for another vmware-player version, one that actually works, to test with myself.
<robbiew> hallyn: ok.  From a "regression" standpoint, aren't we regressing the user experience if we DON'T put this version in?
<robbiew> it's busted right now, right?
<patdk-wk> hmm, I'm pretty sure it built fine for me in vmware
<hallyn> yes it is
<hallyn> patdk-lap: open-vm-tools did?
<robbiew> hallyn: given this bug is targeted to Beta 1...which is thurs...we need to decide now or punt to beta 2
<patdk-wk> booting it now, will see :)
<patdk-wk> I know awhile ago it wouldn't
<patdk-wk> but thought that was only in alpha
<hallyn> patdk-lap: open-vm-dkms will not build in natty
<hallyn> kernel incompatibility
<hallyn> robbiew: punting to beta 2 feels cozy, except then i consider that if there are bugs to be shaken out, putting it in at beta1 would mean we have beta2 to try and find/fix those
<robbiew> hggdh: any updates on our favorite euca bug 717166 ?
<uvirtbot> Launchpad bug 717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [Critical,Triaged] https://launchpad.net/bugs/717166
<robbiew> skaet: what do you need from hallyn in bug 727342 ?
<uvirtbot> Launchpad bug 727342 in open-vm-tools "FFE: open-vm-tools kernel module failed to build" [Critical,New] https://launchpad.net/bugs/727342
<hggdh> robbiew: not yet. It is like a firefly, right now...
<robbiew> hggdh: so we should retarget that to beta 2 then?
<patdk-wk> oh ya, those two modules fail
<skaet> robbiew,  I was looking for someone to have tested it, and be willing to sign off in the bug that they had.
<hallyn> actually i need to target bug  742770 to beta1 or beta2
<uvirtbot> Launchpad bug 742770 in lxc "Erorr in syntax in ubuntu templates" [High,In progress] https://launchpad.net/bugs/742770
<hggdh> robbiew: yes, even though I will try again today
<robbiew> hallyn: beta 1 is this week...so beta 2 most likely
<robbiew> skaet: ack, so we've tested it...but there's sure to be bugs
<skaet> robbiew,  it was touching a lot of stuff.   I checked with the kernel folks, and they were ok.   However at this point,   unless it really is release critical,  I'd rather it wait until Friday.
<robbiew> skaet: no worries
<robbiew> it can wait
<hallyn> skaet: comment #14 and #9 are confirmations, fwiw
<SpamapS> smoser: pong
<robbiew> hallyn: let's target to beta 2, but push the change out next week
<hallyn> robbiew: ok
<robbiew> then we can get it to folks via apt-get dist-upgrades
<skaet> hallyn,  ack, but my comments about regression risk, and extent of testing weren't really answered.  (comment #21).
<skaet> robbiew,  have gone in and marked it for release,  not against beta-1 then.
<smoser> SpamapS, does this look sane: http://paste.ubuntu.com/586535/
<SpamapS> smoser: the white space is a quite lacking, but it should work fine.
<smoser> why do you think white space is lacking?
<smoser> where would you enter white space?
<hallyn> zul: ivoks: regarding bug 727342, I actually wonder if it's also the cause of bug 727342
<uvirtbot> Launchpad bug 727342 in open-vm-tools "FFE: open-vm-tools kernel module failed to build" [Critical,New] https://launchpad.net/bugs/727342
<rcconf> hello
<SpamapS> smoser: I would indent the entire script section, and I'd put a blank line between every unrelated stanza
<smoser> i dont know what "unreleated stanzas" are
<SpamapS> http://paste.ubuntu.com/586538/
<SpamapS> It was a formatting nit
<jamespage> smoser, hggdh: I've setup the ec2 jobs on the Jenkins QA instance - http://jenkins.qa.ubuntu-uk.org/view/natty-ec2/
<hggdh> jamespage: K; give me one hours, giving a presentation on -classroom
<jamespage> hggdh - np
<jamespage> would be good to run them against the beta-1 candidates when published
<smoser> SpamapS, so, yeah, this is very much nit.  from a non-upstart developer perspective, mine looks prettier to me (outside of the indentation of the script sections).
<SpamapS> hrm.. there should be a universal syntax highlighting definition language so that when vim gets syntax highlighting for something, all others get it relatively soon thereafter
<rcconf> What is the downside of disabling SysRq?
<smoser> ie, i would consider task, env, console, start on, and description to be "related" rather than "unrelated"
<SpamapS> smoser: sure. I stare at upstart jobs constantly and having no separation is a pet peeve. ;)
 * SpamapS should add some formatting guidelines to the cookbook
<smoser> very much personal taste. separating one line "stanzas" of anything is a waste of screen in my opinion
<smoser> :)
<SpamapS> smoser: maybe get a bigger screen ?
<smoser> ah, then you have one with more than 1080 verticle lines, eh?
<smoser> it must have came from before the "wide screen takeover"
<zul> oh its smoser :)
<SpamapS> I'm happy to say I have almost no idea what my screen resolution is on either monitor. A testament to "it just works"
<smoser> SpamapS, does 'start on starting X' block 'X' ?
<SpamapS> definitely
<ivoks> wait, why?
<ivoks> if X is starting, start Y
<ivoks> why would Y's start|stop preferences compromise X?
<hggdh> jamespage: roger, I do want to
<SpamapS> ivoks: the whole point of the 'starting' condition is to be able to block the start of another service with your own
<patdk-wk> hggdh, ok, got the open-vm-dkms and stuff from that bug report
<patdk-wk> the amd64 package almost works
<patdk-wk> autologin to ubuntu-desktop is missing gnome-panel (running but not displayed, probably unrelated bug)
<patdk-wk> but shared desktop folders won't mount at all
<patdk-wk> oh, got it to mount
<patdk-wk> it just doesn't automount, like I was used to, but they do manually mount
<oneseventeen> I'm downloading a php app that is encoded in Zend or ionCube.
<oneseventeen> is there a preference among Ubuntu server users?
<SpamapS> oneseventeen: err.. open source apps that don't get "encoded" is my personal preference. ;)
<JanC> and even for non-open source apps the ability to see the code for debugging etc. is very useful...
<Daviey> hallyn-afk, skaet, do you need me for open-vm-tools update ?
<Daviey> ah, we are pushing it back to beta-2.
<Daviey> ok
<RoyK> - Hellow, it's IT, have you tried turning it off and on again?
<jpds> RoyK: s/it's//
<RoyK> sorry :)
 * RoyK is named Roy and has used that in his job a couple of times
<RoyK> s/that/that phrase/
<jpds> Ha.
<r4ffy> ello do you remember a name of application what can installed on ubuntu server what permitted of configure a ldap by web if in style of active directory?
<RoyK> r4ffy: for client access?
<RoyK> no idea - have only done that from the commandline
<sparc> Hmm, I've got a binary that's compiled again libstdc++-libc6.2-2
<sparc> but lucid comes with a newer version
<sparc> is there a possibility i could get it to work, with a compatibility library somewhere?
<cole> r4ffy: are you talking about phpldapadmin?
<sparc> I don't see any in apt-cache search
 * RoyK wonders if sparc is on SPARC
<sparc> hehe, i'm on amd64
<sparc> saldy i don't have any sparcs anymore
<unit3> Hey, has anyone seen an issue on 10.10 where mdadm won't grow a RAID1 after increasing the partition sizes?
<unit3> I'm trying "mdadm --grow /dev/md1 -z max", and it just stays the same size, even after pulling the partitions and re-adding one at a time.
 * RoyK is 1mm away from ditching an old T1000
<SpamapS> unit3: are these partitions on the same drive as the partition where / is located?
<SpamapS> RoyK: Tandy 1000?
<RoyK> sun t1000
<SpamapS> :)
<Daviey> *** Did everyone get the notification of the ISO's being posted on the QA tracker? ***
<Daviey> Get rich quick, Get the respect of your peers, friends, and trolls alike - ask me how!
<unit3> SpamapS: yeah, /dev/md1 is /. It's XFS, so I should be able to live grow it if I can get md1 to expand to the full partition sizes.
<unit3> The partitions were enlarged via booting from live USB.
<unit3> so they've been bigger since the system booted.
<rcaskey> how do I create a device that is on vlan14 of br0?
<rcconf> when I boot up from livecd I can have access as root without a password. why do I need to put root password manually?
<unit3> Oh, I think this explains the problem I'm having: http://www.spinics.net/lists/raid/msg19956.html
<unit3> Time to reboot to live USB and see if I can do it from there.
<sparc> Hey there.  Are there any compatibility libraries, for old versions of libstdc++?
<sparc> I don't see any in the repos
<sparc> Trying to get an older version of Netbackup to run on Lucid
<rcconf> how do you mount an encrypted device in ubuntu server?
<rcaskey> http://pastebin.com/GJKXkrEP
<rcaskey> <- if I bring up br0.14, nada, but if I dhclient br0 it will get a dhcp lease from the untagged dhcp server
<maswan> sparc: I don't think so. While dapper/hardy is in use, you can dig around for libraries there and do your own manual install maybe.
<sparc> maswan: thanks, i'll give that a whirl
<RoAkSoAx> kirkland: ping ?
<kirkland> RoAkSoAx: pong
<RoAkSoAx> kirkland: are you seeing the issue with the dual monitors with Classic Desktop (no effects)?
<kirkland> RoAkSoAx: i'll need to check
<RoAkSoAx> kirkland: ok :), when you have the time please provide it at bug #737891 so that we cna get this issue fixed soon :)
<uvirtbot> Launchpad bug 737891 in gnome-desktop "[Arrandale] gnome-display-properties unable to correctly enable monitors connected to VGA" [High,Confirmed] https://launchpad.net/bugs/737891
<NoqturnalX> anyone use sysklogd?
<SpamapS> NoqturnalX: whats the advantage of using it over rsyslogd ?
<NoqturnalX> preference
<NoqturnalX> I thought all I had to do was change SYSLOGD="" to SYSLOGD="-r" in the sysklogd file to listen for logs
<NoqturnalX> it's what I used on the Ubuntu Server 7.10 box
<NoqturnalX> too much of a n00b to get rsyslogd or syslog-ng to work apparently LoL
<RoyK> NoqturnalX: that's all, just restart syslogd
<NoqturnalX> that's what I thought
<RoyK> erm - sorry - rsyslogd is a bit different
<NoqturnalX> But it doesn't seem to be working (I think) lol
<semiosis> NoqturnalX: did you have trouble with the tips i gave you last week?  it really shouldn't be hard to enable the UDP syslog listener in rsyslog
<RoyK> NoqturnalX: check /etc/rsyslog.conf
<NoqturnalX> I tried a few different things browsed through some mans n tutorials and I'm starting to think i'm just a idiot and narfed something. The old ubuntu server was using sysklogd with the same -r option so I figured i'd try that today and see if I can get anything
<NoqturnalX> rsyslogd is uninstalled atm
<semiosis> NoqturnalX: another way besides adding -r in /etc/default/rsyslog is to add the module to the rsyslog.conf, I believe the two lines you need are "$ModLoad imudp" and "$InputUDPServerRun 514"
<NoqturnalX> i'm bout ready to hook up the old server and comb through the config files to see what I did differently on that one lol
<semiosis> ah, nvm then
<NoqturnalX> i'll reinstall rsyslog and try it again before throwing the old server back into a station n lookin at what makes that station work
<NoqturnalX> rsyslog reinstalled
<RoyK> NoqturnalX: I have rsyslog running as a remote syslog host
<RoyK> works for me
<NoqturnalX> gives me hope
<NoqturnalX> so add -r to RSYSLOGD_OPTIONS right
<NoqturnalX> right now it says RSYSLOGD_OPTIONS="-c4"
<semiosis> thats one way, the other is to load & config the imudp module in /etc/rsyslog.conf
<RoyK> NoqturnalX: just edit /etc/rsyslog.conf and set it to listen to udp:514
 * RoyK points to semiosis's answer
<NoqturnalX> alright i'm going to give the -r a try first then i'll try the imudp module, so should the RSYSLOGD_OPTIONS be "-rc4" or "-r-c4"??
<RoyK> try the module first
<NoqturnalX> k you talked me into it
<semiosis> "-r -c4" (a space between the two options)
<semiosis> lol, yeah, module is new school, the -r is old-school
<RoyK> syslog     646     1  0 Mar25 ?        00:01:05 rsyslogd -c4
<RoyK> that's mine
<RoyK> works for me (tm)
<NoqturnalX> lol `locate rsyslog.conf` first result is /etc/rsyslog.conf but it's not there
<NoqturnalX> find / -name "rsyslog.conf" results /etc/init/rsyslog.conf
<NoqturnalX> should i just copy the init/rsyslog.conf to /etc
<semiosis> no that is something different
<semiosis> how could you have just installed rsyslog and not have the default config file?!
<semiosis> thats weird
<NoqturnalX> i'm wondering the same thing
<NoqturnalX> apt-get install rsyslog
<NoqturnalX> i just did a apt-get install rsyslog-doc too just in case
<semiosis> i guess you could 'apt-get purge rsyslog' and then 'apt-get install rsyslog'
<RoyK> apt-get install win7
<NoqturnalX> k trying that semiosis :P
<NoqturnalX> "A new version of configuration file /etc/rsyslog.d/50-default.conf is available, but the version installed currently has been locally modified" lol
<NoqturnalX> i just went with the maintainers version
<NoqturnalX> k i got the .conf file now
<NoqturnalX> so uncomment $ModLoad imudp then?
<NoqturnalX> and maybe uncomment $UDPServerRun 514 too?
<semiosis> yeah that
<semiosis> i was looking at the man page from a diff version, sorry for the confusion.
<NoqturnalX> I <3 you guys now
<NoqturnalX> it seems to be working
<NoqturnalX> so it looks like my logging fun is out of the way
<NoqturnalX> now to figure out how to use Squid LOL
<semiosis> good luck
<NoqturnalX> I dunno if I wanna persue tackling squid first as a http accellerator or figuring out how to use RADIUS with my AP's
 * NoqturnalX is questioning his spelling today
<NoqturnalX> anyone round here run a RADIUS or squid?
<Daviey> hggdh, around?
<ScottK> SpamapS: Congratulations.
<hggdh> Daviey: always
<hggdh> but slow...
<rcconf> is there a way to select in terminal using keyboard only?
<rcconf> select text
<pmatulis> rcconf: sure
<pmatulis> rcconf: i use screen
<Whitor> Hi all. I've got a 10.04 headless server running on subnet A Everyone on subnet A can access any service on my server. Subnet B can ping my server, but cannot access any of its services (ie connections time out when trying to access web pages or SSL logins, etc) any ideas ?
<ivoks> SpamapS: ah, thanks
<jmarsden> Whitor: iptables or similar packet filtering on the server could be blocking the TCP and UDP but allowing the pings through.  Or simialr rules on the router between the two subnets could be blocking TCP and UDP traffic.
<rcconf> pmatulis: that doesnt help
<Whitor> jmarsden, I know the routers between the networks are ok, similar services on other servers work ok
<Whitor> jmarsden, I've narrowed it down to the ubuntu server, but I'm not sure what to look at
<SpamapS> ScottK: ty :)
<jmarsden> Whitor: Then it sounds like firewall rules.  iptables or ufw or similar.
<Whitor> jmarsden, where do I configure iptables?
<jmarsden> Whitor: With the iptables command :)  Where you store a set of rules... depends on which firewall setup you want to use...
<jmarsden> Whitor: check whether    sudo iptables -L -n    shows you anything unusual.
<Whitor> jmarsden, I guess I have to do some digging. I was just curious if there was some known default behavior to not talk to other subnets on a high level... would seem reasonable
<jmarsden> Whitor: You manage multiple servers, but have no knowledge of packet filtering?  Seems odd.   No, there is no default-to-own-subnet-only behaviour that I know of.
<jmarsden> Whitor: Check that your default gateway on the server is set correctly, although since ping is working, it should be...
<Whitor> jmarsden, heh, I have knowledge of this magic. I was just looking for a quick answer from some knowledgeable folk.
<Whitor> and yes the gw is correct
<jmarsden> Whitor: OK.  By default a Ubuntu server should not have any firewall-y packet filtering enabled, so it "should" just work.
<Whitor> a turnkey firewall I used once back in the day, had this behavior by default. I would only talk to machines on its own subnet
<Whitor> astaro I think it was
<hallyn> zul: so do you mind sponsoring my fix for bug 742770 after beta1 freeze?
<uvirtbot> Launchpad bug 742770 in lxc "Erorr in syntax in ubuntu templates" [High,In progress] https://launchpad.net/bugs/742770
<Whitor> thanks, I appreciate the info
<jmarsden> Whitor: you're welcome.
<guntbert> Whitor: don't guess, look into the firewall rules yourself
<zul> hallyn: sure or clint can do it :)
<Whitor> jmarsden, I'm working with ufw right now
<Whitor> jmarsden, of course I wouldn't guess ... thats why I'm asking here
<hallyn> clint can do it?
<Whitor> this particular machine was setup by an intern last summer
<hallyn> actually, hm.  can i do it?
<jmarsden> Whitor: Just disable it  (sudo ufw disable)  and see if things start working.   And it wasn't me who thought you were guessing :)
<Whitor> jmarsden, a great idea. exactly what I was hoping for
<Whitor> dang, that wasn't it
<Whitor> so it must be something other than the firewall
<hallyn> hm, nope, lxc is not one i got rights to.  drat.
<Whitor> what would make icmp work, but tcp fail ?
<Whitor> local to the server
<rcconf> Is there a reason for rc.local to not work?
<jmarsden> Whitor: ... all the TCP services are bound to localhost only??  Does   sudo netstat -ntlp   show the relevant services listening on 0.0.0.0 ?
<jmarsden> Hmm, but if others on that subnet can see them, that shoudn't be the issue...
<Whitor> says its listening
<Whitor> on 80, 22, and 3306
<jmarsden> If it isn't packet filtering, is it routing?  Does this server have multiple NICs on different subnets, or anything like that?
<Whitor> nope, one nic. and the routers between me and it are the same routers between me and a different server which is communicating with me fine
<Whitor> perplexing
<jmarsden> Yes... can you do the reverse -- use a service on subnet B from the server machine?
<Whitor> I can open a web page from an HP printer ... so yeah
<rcconf> what is the keys for ^A in screen?
<jmarsden> rcconf: man screen, but I think it is ctrl-a and then a   by default
<rcconf> jmarsden: too long manual cant find that
<jmarsden> Whitor: I don't know, I think at this point I'd pull out the big guns and run tcpdump or similar to see whether the packets from clienst on B are reaching the server at all.
<jmarsden> rcconf: If you can't be bothered to read, why should others be bothered to help you :)
<rcconf> man man
<rcconf> jmarsden: im bothered to read a lot and not finding it :)
<rcconf> man man
<yaaar> howdy
<rcconf> man -k
<yaaar> I have a 32-bit 10.04.02 LTS server that's locking up on me regularly. I get a whole bunch of stack traces in the logs like these: http://pastebin.com/jjQsWb0t ...always seems to be rsync, which makes me think it's related to a backup operation (to a local BackupPC server) ...any idea what might be wrong?
<rcconf> howdy
<rcconf> yaaar: stop rsync service
<oneseventeen> I need to install Zend Optimizer or ionCube Loader for a web application.  Which one would you recommend if you had to load one of the two?
<Whitor> jmarsden, yeah :( I hate digging through packet dumps. ... but thanks for your time!
<jmarsden> Whitor: you're welcome
<oneseventeen> (yes, an open product would be more ideal, but unfortunately none of the open systems I've looked at fit our needs)
<genii-around> Can you use vconfig to make for instance vlan1 on eth0:0 vlan2 on eth0:1  etc?
<guntbert> rcconf: its always <ctrl>A    and the the additional key   - so <ctrl>A<ESC> get you into copy mode (search for copy in man screen)
<rcconf> guntbert: im trying to copy
<rcconf> got it
<rcconf> i just need to use space
<guntbert> rcconf: yes, I know, I just read it up in man screen - you press <ctrl>A<ESC>  -- ahh
<rcconf> guntbert: it says it copied to buffer
<rcconf> but than it pastes nothing
<yaaar> rcconf: 1)rsync isn't running as a service (that is, rsyncd is not running...the backup server does something like "ssh root@client /usr/bin/rsync --server ..." and 2)I need the backup to work, so just not using rsync isn't exactly an opion
<rcconf> use scp to backup?
<yaaar> i want to fix the problem, not act like it's not there
<yaaar> (also scp would be very inferior to the current backup scheme)
<rcconf> k
<hggdh> Daviey: where are you?
<rcconf>  /whereis Daviey
<rcconf> is at gibson.freenode.net [Oslo, Norway]
<rcconf> :D
<Daviey> hggdh, lo o/
<Daviey> hggdh, Great!  I wondered if you had touched the test rig since last week
<hggdh> Daviey: not really, no
<Daviey> hggdh, okay... great... Just to check, you didn't try the apparmour changes?
<hggdh> Daviey: well, I did. But originally, when we ran it, apparmour was disabled (for whatever reason!)
<hggdh> Daviey: I then, while testing, set the dhcpd profile to complain mode
<Daviey> hggdh, did that make any difference?
<hggdh> Daviey: and it is still in complain mode (but apparmour is now active for the rest
<hggdh> Daviey: no difference that I could see. It works sometimes, most times it does not
<rcconf> Copied 11 characters into buffer
<rcconf> now what?
<rcconf> it's not in clipboard
<hggdh> Daviey: BUT -- and this is the piece I do not yet understand -- the DHCPD *always fail to start
<rcconf> oh ok
<rcconf> it is i just cant press enter or something
<Daviey> hggdh, I'm having a call with upstream tomorrow, are there any other things you want raised - other than that?
<hggdh> not really, nothing else is critical
<Daviey> hggdh, Now you've said it....
<hggdh> Daviey: :-)
<hggdh> Daviey: interesting: right now we have 3 instances running, two got public IPs, one did not. None got metadata
<hggdh> and we have one instance I just submitted in pending...
<Daviey> hggdh, is zul still using one of the machines?
<zul> no
<hggdh> zul: soncoya is free, then?
<zul> yep
<Daviey> ah, wondered if there was a rogue dhcpd on the network
<hggdh> zul: thanks. Daviey: I am going to reinstall with today's ISO, fully-distributed
<hggdh> Daviey: this will also check if this is a problem only with the all-in-one
<Daviey> hggdh, is fully distributed needed atm?
<Daviey> dave
<hggdh> Daviey: not really, just to verify if there is a collision if CLC/CC/Walrus/SC are together
<Daviey> hggdh, ok... can you send me an email with your findings, and suggestions for what i could test/try on it in my tomorrow AM?
<hggdh> Daviey: roger wilco
<Daviey> super!
<rcconf> why the hell screen says it copyed to bugger but than paste doesnt work?
<rcconf> buffer
<rcconf> wtf
<rcconf> it's frustrating
<RoAkSoAx> kirkland: still around?
<kirkland> RoAkSoAx: yup
<RoAkSoAx> kirkland: could you check the latest branch of powernap and see if you could sponsor that as it includes a few important bugfixes and the logic to handle the upgrade of the config file, please :)
<RoAkSoAx> when you have the time of course :)
<yaaar> I have a 32-bit 10.04.02 LTS server that's locking up on me regularly. I get a whole bunch of stack traces in the logs like these: http://pastebin.com/jjQsWb0t ...always seems to be rsync, which makes me think it's related to a backup operation (to a local BackupPC server) ...any idea what might be wrong?
<hggdh> Daviey: still using your PPA, correct?
<RoAkSoAx> kirkland never mind... juat remembered we are in beta freeze so ill ask for FFe first
<RoAkSoAx> or not really?
<hallyn> RoAkSoAx: is powernap in universe?
<RoAkSoAx> hallyn: nope, it's in main
<hallyn> ok
<RoAkSoAx> otherwise I'd have uploaded it myself :)
#ubuntu-server 2011-03-29
<sparc> Are we able to host our own Launchpad?  or maybe that's defeating the purpose
<twb> sparc: try #launchpad
<twb> Short answer: yes, yes.
<sparc> oh, thank you, i didn't know about that :)
<uvirtbot> New bug: #744672 in ocfs2-tools (main) "ocfs2console can not start due to deprecated unit" [Undecided,New] https://launchpad.net/bugs/744672
<NoqturnalX> I have returned :P
<NoqturnalX> does anyone know if I can put multiple IP's in a acl with squid? Example acl Group1 src 192.168.1.5, 192.168.1.105, 192.168.1.112 ? Would that work?
<nuclearmoose> New to Ubuntu. Have ver 10.10 installed on a VPS - anyone here familiar w/ setting a server like this up to run WordPress sites?
<nuclearmoose> Have been able to install Apache2, PHP, MySQL, wget
<nuclearmoose> Apache server is up and running as is MySQL
<stanman246> hi does anyone know of a tool to check if servers are up and running? I'm looking for somerthing like serverup (android app)
<stanman246> hi does anyone know of a tool to check if servers are up and running? I'm looking for somerthing like serverup (android app)
<rcconf> stanman246: i thought of ping
<rcconf> :)
<stanman246> lol
<stanman246> looking for a tool which does a ping with intervals, so i get a notice when the server is up/down
<stanman246> ..
<tonyyarusso> stanman246: Nagios?
<tonyyarusso> bah, he quit
<stanman246> hmm....
<stanman246> got some defect hardware here i think...
<red2kic> tonyyarusso: You missed your chance!
<tonyyarusso> heh
<uvirtbot> New bug: #744772 in openssh (main) "package openssh-client 1:5.3p1-3ubuntu6 failed to install/upgrade: subprocess installed post-installation script killed by signal (Segmentation fault)" [Undecided,New] https://launchpad.net/bugs/744772
<huats> morning
<maedox> Hi guys, is someone able to help me with some network setup? I have set up eth3 and eth3:0 on the same card but it always connects outbound with the eth3 IP. How do I make it use both depending on which interface the service is listening on? I'm using JBoss 4.2.2.GA, so maybe it's not Ubuntu's fault?
<KB1JWQ> Fix your routing table.
<KB1JWQ> And you probably don't want to be running NetworkManager either.
<maedox> KB1JWQ: you mean "google it"? ;)
<maedox> There's no networkmanager here
<KB1JWQ> maedox: Let me rephrase.
<KB1JWQ> Are both of the IPs bound to eth3 and eth3:0 on the same network?
<maedox> KB1JWQ: ok, I appreciate it.
<maedox> Yes, they are.
<KB1JWQ> maedox: netstat -rn says what?
<KB1JWQ> (pastebin)
<maedox> oh, right, I think I get it. three lines all an iface eth3. Hold on... pastebinning.
<maedox> http://pastebin.com/qJarfdzA
<KB1JWQ> maedox: Yeah, your outbound traffic all dumps out eth3.
<maedox> KB1JWQ: what's the tool for chaning the routing table?
<KB1JWQ> route
<maedox> Never used that. If I add something with that is it persistent or should it rather go in a config file somewhere?
<AdvoWork> Hi there, i have paths set like: mirror_lenny = http://cdn.debian.net/debian  for something im using, how would i specify the path for the latest server version?
<KB1JWQ> Generally in /etc/network/interfaces maedox
<maedox> KB1JWQ: Alright, thanks man, I'll see if I can make it work.
<KB1JWQ> Good luck. :-)
<mok0> I have written a system that makes a nice notification system for disk quotas. I am looking for other ubuntu-devs that might help take it a step further for inclusion in Ubuntus server infrastructure
<yann2> hello! is someone interested by the ubuntu-virt.org domain? I booked it 2 years ago to build a small website on virtualisation on ubuntu, but never managed to find the time/motivation - it s expiring in a month
<mok0> yann2: sounds like a nice idea
<mok0> yann2: I know that time/motivation thing for ideas... :-(
<yann2> want it? :)
<yann2> I ll probably just let it expire
<craigaa> hi all, I am hoping that someone can help me with the HP Microserver, actually to see if it would be capable of what I want it to do
<JanC> craigaa: just tell what you want to do and what the specs of that HP microserver are, then maybe somebody can answer...
<craigaa> basically, I want to do Samba and internal IMAP email for 20-25 users
<craigaa> it has an AMD Athlon II Neo 1.3Ghz Processor
<craigaa> and can take up to 8Gb ECC RAM
<craigaa> I would also like to run linux SW RAID 1
<craigaa> on 2 x 1Tb SATA HDD
<craigaa> I know Ubuntu runs on it (both server and desktop), but I am wondering if I may be overreaching with up to 25 users
<JanC> it shouldn't be a problem I think, but also depends on how intensive they use it maybe
<JanC> basically, that hardware was high-end some years ago...  ;-)
<JanC> well, similar hardware
<craigaa> JanC so you don't think the hardware would battle performance wise?
<JanC> I see on soem sites they mention "up to 10 users" when running Windows on it
<craigaa> :-)
<craigaa> thanks
<JanC> they don't mention what services those 10 users are supposed to be using etc.
<craigaa> but that is Windows so you lose about 1/2 to 1/3 of the performance off the top
<craigaa> before you start adding additional services
<JanC> I think the main point is how you are going to use it
<JanC> they also list 1-10 users with Red Hat
<AdvoWork> Hi there, i have paths set like: mirror_lenny = http://cdn.debian.net/debian  for something im using, how would i specify the path for the latest server version?
<nick_name> how to blank screen in ubuntu server?
<nick_name> hi again
<nick_name> is possible to lock screen in ubuntu server?
<Pici> nick_name: If you're using screen you can use ^x
<Pici> er, ^A x  rather.
<remix_tj> or using vlock
<nick_name> Pici: not running screen atm
<JanC> just log out on all consoles?
<nick_name> JanC: it wont lock
<JanC> eh?
<nick_name> the screen.
<JanC> what do you mean by "lock"?
<hggdh> Daviey: good morning
<nick_name> JanC: like screensaver lock.
<JanC> if you are not logged in on any local console, then it is "locked" IMO?
<nick_name> JanC: i want to blank the monitor
<nick_name> like a blankscreensaver
<JanC> it will blank automatically after a period of time?
<nick_name> maybe
<nick_name> i think
<nick_name> how do i change the time of it
<Daviey> hggdh, hello!
<Pici> Elsewhere, someone suggested: sleep 2; xset dpms force off
<nick_name> hm gonna try
<nick_name> is possibleto transfer tty2 to tty1?
<andygraybeal_> does anyone use openldap server for authentication?
<andygraybeal_> i'm gonna try to install openldap and see if i can configure it for authenticating too
<pmatulis> andygraybeal_: yes, many people and organizations do
<andygraybeal_> cool, i want to follow the instructions @ https://help.ubuntu.com/community/OpenLDAPServer
<andygraybeal_> it's a little scary it says the documentation isn't complete for it
<andygraybeal_> :)
<andygraybeal_> pmatulis, oh specififcally, i meant people in this channel.  if i run into trouble, i would like to be able to get some help.
<pmatulis> andygraybeal_: use the server guide
<andygraybeal_> ah the server guide, thank you
<pmatulis> https://help.ubuntu.com/10.10/serverguide/C/network-authentication.html
<andygraybeal_> :)  thanks
<phoenixsampras> does ubuntu comes with firewall? how to disable it?
<andygraybeal_> i think the firewall is disabled by default.  ufw is the default firewall.
<nick_name> it is
<nick_name> disabled bydefault
<nick_name> .
<nick_name> phoenixsampras: type sudo iptables :L
<nick_name> phoenixsampras: type sudo iptables -L
<pmatulis> phoenixsampras: ufw is a frontend to the netfilter/iptables firewall
<phoenixsampras> does ubuntu comes with firewall? how to disable it?
<uvirtbot> New bug: #744928 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/744928
<DrD_away> phoenixsampras: https://help.ubuntu.com/community/UFW
<RoAkSoAx> morning all
<Daviey> RoAkSoAx, your keepalived, I can't upload it until the thaw.
<RoAkSoAx> Daviey: howdy!! yeah I remembered we are in hard freeze
<Daviey> RoAkSoAx, I thought it was universe TBH... it was only when i was going some pre-upload checks that i noticed.
<Daviey> it's in server-ship aswell.
<RoAkSoAx> Daviey: yeah it has been there forever :)
<soren> Indeed. >5 years.
<andygraybeal_> the LDAP Authentication on in the server guide, the example file for setting up the first user is John Doe.  It has his home folder being /home/john ... would i mount the NFS server to the directory server in fstab to get this to work the way I'm thinking?
<andygraybeal_> er... i mean if i want the home folder to be on an NFS share
<pmatulis> andygraybeal_: ldap will merely provide you with info (user's home is /home/john), you need to do the rest (have /home/john available)
<andygraybeal_> pmatulis, good, thank yuo.   how does john exist?  how do i assign him permission to use that folder?
<andygraybeal_> i am having a hard time wrapping my head around this.
<ivoks> andygraybeal_: throw in pam_mkhomedir
<andygraybeal_> ivoks, why doesn't it say that in the general server documentation?
<ivoks> those are two different things
<andygraybeal_> okay :)  thakn you i wil lread about pam_mkhomedir
<ivoks> authentication is one, authorization is seconds and home directory is third
<andygraybeal_> does ldap automatically get linked to pam?
<ivoks> once you have ldap authentication, then you just have to add pam_mkhomedir module and you are done
<andygraybeal_> ah interesting thank yuo. i  will read more about it.
<ivoks> can you login as john doe?
<andygraybeal_> ivoks, i'm not there yet, i'm still thinking about how i'm gonna end up with a home folder.
<andygraybeal_> but let me try, i need to configure my client now.
<ivoks> or, subscribe for ubuntu server classroom and you'll learn all about that :)
<andygraybeal_> awesome, i will look into it
<ivoks> s/classroom/course
<pmatulis> ivoks: is that a mailing list?
<pmatulis> ivoks: oh, the course
<ivoks> pmatulis: nope; http://www.ubuntu.com/support/training
<pmatulis> ivoks: you look to be a kerbeors genius
<pmatulis> i'm reading the man page for 'kadmin' and it discusses the difference between it and kadmin.local:
<pmatulis> "that kadmin.local runs on the master KDC if the database is db2...."
<ivoks> pmatulis: where did you get that idea? :D
<ivoks> 16:11 < pmatulis> ivoks: you look to be a kerbeors genius
<pmatulis> ivoks: he he
<uvirtbot> New bug: #744965 in cloud-init "Cloud-init quits on wrong style line-ends" [Medium,Triaged] https://launchpad.net/bugs/744965
<uvirtbot> New bug: #744976 in euca2ools (main) "euca-describe-snapshots lists all public snapshots" [Undecided,New] https://launchpad.net/bugs/744976
<pmatulis> kerberos*
<andygraybeal_> ivoks, and pmatulis thank you for training link!
<ivoks> np
<pmatulis> ivoks: anyway, i question the db2 reference
<ivoks> i have to go now...
<ivoks> take care :)
<pmatulis> ivoks: bye!
<zul> Daviey: ping cobbler 2.1.0 is imminent so we wont need a git snapshot in universe for natty
<Daviey> zul, hurray!
<Daviey> zul, Although, if we want the puppet love - that will probably be a delta we are carrying - or a post release snapshot :D
<Daviey> zul, We'll have to see what upstream do really.
<zul> Daviey: right...im going to look at the patches put forward on friday and probably include the delta but well see
<soren> smoser: It seems the current UEC images don't have any config for eth0 in /etc/network/interfaces. Is that intentional?
<Daviey> zul, landing the patches isn't the challenege... it's if it breaks the damn thing :O
<zul> Daviey: right that was an all encompassing statement
<smoser> soren, http://paste.ubuntu.com/586890/
<smoser> it appears to have /etc/network/interfaces to me
<Roasted__> Has anybody integrated an Ubuntu server or clients into the mix of a Windows domain? I'm trying to figure out how I can auto map windows file server shares to a certain place on the Ubuntu desktop to users on the fly when they log in
<geekboxjockey> dhcp3 - I have a firewall with 3 subnets (interfaces) that i want to enable a dhcp-relay on to a ubuntu system running dhcp3
<geekboxjockey> for some reason right now clients across every subnet are given IPs defined in the first subnet declaration
<geekboxjockey> how do i enable the dhcp3 service to be smart about assignment through a dhcp relay that is servicing 3 interfaces and presumably different subnets
<soren> smoser: Spectacular.
<soren> smoser: Might something be overwriting that during boot or something?
<smoser> well i took that from a booted instance
<smoser> so, probably not
<smoser> i've not made any changes in that code maybe ever
<soren> smoser: I see that same interfaces when I'm looking at a clean image... I wonder what's going on here.
<soren> smoser: thanks. I must be barking up the wrong tree.
<patdk-wk> Roasted__, isn't that what libpam-mount is for?
<binBASH> anyone tested sheepdog yet?
<binBASH> http://www.osrg.net/sheepdog/
<Roasted__> patdk-lap, I have no idea. I just debuted a lab of ubuntu thin clients and its proving to be a MAJOR headache already.
<Roasted__> patdk-lap, I just need a way for students to log in and BAM theire share is connected to /home/Bill Gates/Documents
<Roasted__> where Documents = \\fileserver\classof2011\bill_gates
<patdk-wk> I have used libpam-mount before, for mounting on user login, not with samba shares, but should be no different
<Roasted__> patdk-lap, based on your experience, do you think libpam-mount would allow me to boot a computer, log in as 5 different users, and each user get THEIR own share on the server mounted?
<patdk-wk> as long as you don't mount them all in the SAME place
<Roasted__> right
<Roasted__> but how can I set it as a wildcard
<Roasted__> let me gather my thoughts...
<Roasted__> If I log in as steve_jobs, I want \\server\students\classof2011\steve_jobs to mount to /home/steve_jobs/Documents
<Roasted__> but if he logs out and bill gates logs in, I want the SAME thing, but bill_gates instead of steve_jobs
<patdk-wk> I fail to see the issue
<Roasted__> This needs to be based on user login. NOT rebooting and mounting at startup.
<Roasted__> so you think it'll fly?
<patdk-wk> like I said, libpam-mount, NOT fstab
<Roasted__> I just never heard of libpam-mount. ever. so I wanted to make sure :P
<patdk-wk> did you even bother to read what libpam-mount is?
<zul> Daviey: damn it looks rh specific again
<Roasted__> I'm googling for it now.
<Roasted__> patdk-lap, is libpam-mount just a package or an actual gui app?
<soren> smoser: Argh, yeah, totally barking up the wrong tree.
<Daviey> zul, i saw the .ks patch
<patdk-wk> package, that would be why it starts with lib :)
<patdk-wk> apt-cache show libpam-mount
<zul> Daviey: bah!
<ScottK> Nice: Welcome to Ubuntu Natty (development branch) (GNU/Linux 2.6.38-7-generic i686)
<geekboxjockey> do i need to create one VLAN per subnet i wish to assign IP addresses via DHCP to?
<Roasted__> patdk-lap, sorry I'm drawing a bit of a blank. how do I get started with setting it up? Is this based on .profile?
<patdk-wk> it's based on pam :)
<Roasted__> man I need a drink...
<Roasted__> patdk-lap, is there a guide anywhere that you know of about setting this up?
<patdk-wk> http://pam-mount.sourceforge.net/doc.php
<geekboxjockey> do i need a vlan to serve multiple subnets from one interface with DHCP on unbuntu?
<Roasted__> patdk-lap, no examples I take it?
<patdk-wk> there are examples all over those pages
<patdk-wk> if you mean, cut and paste for your specific issue, doubt it
<andygraybeal_> what is the course on openldap (directory authentication?)
<Roasted__> patdk-lap, yeah, I'm just a little panicked to get it running and sick as ever, so my focus level at the moment is not good.
<Roasted__> patdk-lap, this sound right? <volume user="user" fstype="smbfs" server="krueger" path="public" mountpoint="/home/user/krueger" />
<patdk-wk> remove the user= part
<zul> whee...bug triaging storm coming soon to a mailbox to you
<patdk-wk> that means only user named user, will mount it
<Roasted__> I thought smbfs was old and not used anymore?
<patdk-wk> cifs
<Roasted__> cifs is the old one or the replacement?
<patdk-wk> wouldn't you want mountpoint="~/krueger"
<Roasted__> What is krueger in this instance? Is this the name of the file server or the user?
 * patdk-wk notes the, server="krueger"
<Roasted__> so that's just the comp name of it
<Roasted__> the mountpoint concerns me
<Roasted__> /home/user/krueger
<Roasted__> I need the "user" to be whoever the user is that's logged in
<Roasted__> Can I wildcard it?
<patdk-wk> you could
<patdk-wk> but why not just use ~
<Roasted__> good thought
<Roasted__> the ~ would apply to whatever user in at the time?
<Roasted__> I'm also curious what path=public means
<zul> who is running the meeting today?
<patdk-wk> the share name
 * patdk-wk votes ubottu runs it :)
<Roasted__> well the share name is going to change I would think, since each user = share
<patdk-wk> path=%(USER)
<Roasted__> thats a wildcard?
<Roasted__> here's the part that confuses me
<Roasted__> I work for a school, so we have 4 folders. //storage/students/classof2011 and 12 and 13 and 14
<Roasted__> and within each is the individual student shares
<Roasted__> so I want a way to mount //storage/students/classof2011/steve_jobs to steve_jobs, since hes a senior, and //storage/students/classof2014/bill_gates to bill gates since he's a freshman
<Roasted__> but... automagically.
<Roasted__> Can libpam differentiate between the 4 folders?
<Roasted__> the classof folders?
<patdk-wk> how could it? it only knows the user and password of the person attempting to login
<Roasted__> could I at least mount //storage/students so when they open their home folder they see Class of 2011, Class of 2012, Class of 2013, and Class of 2014 there?
<patdk-wk> I dunno, but I guess you could attempt to mount it 4 times, once for each different path, and the one that works will stick?
<raphink> pam has modules that can check for the existence of files
<raphink> such as pam_listfile.so
<Roasted__> where is that file located?
<raphink> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_listfile.html
<raphink> not sure if that would help
<raphink> pam can do a lot of things if you find the right module
<raphink> or if you code it ;-)
<raphink> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/Linux-PAM_SAG.html
<Roasted__> I've never set up pam before, so I'm kind of new to this.
<Roasted__> I'm just *really* stuck and trying to find a quick solution.
<raphink> sorry i'm just getting in the conversation, what are you trying to achieve exactly?
<Roasted__> I work for a school district, and I just debuted a lab of LTSP Ubuntu thin clients.
<raphink> right
<Roasted__> The students are getting confused, heavily, by the fact their "Documents" folder doesn't have their stuff.
<Roasted__> And this is because there are links on the desktop that smb:// to the class of folders
<Roasted__> class of 2011, 12, 13, 14
<Roasted__> and they work out of there
<Roasted__> so I'd like to put links to those shares within their documents folder.
<Roasted__> without the need for authentication
<raphink> how do you currently mount these folders?
<Roasted__> so that way steve jobs, who's a freshman, can log in and bam - he has his stuff in his Documents home folder
<Roasted__> I just have links on the desktop
<Roasted__> they double click, type in their password, and it uathenticates
<Roasted__> then they browse to their folder.
<Roasted__> The confusing part is the fact that they see their home directory and think that's where their files are, when it's not.
<Roasted__> So I'm trying to help them out by automating... everything... a little bit.
<raphink> hmmm alright
<raphink> let me try to get this straight
<raphink> you mount the smb mountpoint in each homedir
<raphink> but it contains all classes folders
<Roasted__> currently it doesnt mount anywhere
<raphink> so each users has class2011, class2012, etc.
<Roasted__> it just kind of mounts when they log in
<Roasted__> I'd LIKE it to go to their home folder
<kirkland> any preseed wizards around?
<Roasted__> what would be AWESOME is to get their share to mount to /home/*USER*/Documents
<raphink> kirkland, not a wizard, but ask anyway :-)
<Roasted__> but I doubt I can pinpoint it that much
<kirkland> raphink: it's not me, it's aliguori
<raphink> let him ask then :-)
<kirkland> hmm, seems he's in #ubuntu-cloud, not here
<patdk-wk> roasted, why not? that should be easy
<patdk-wk> the only issue is the class20xx part :)
<Roasted__> patdk-lap, you think it'd be easy?
<Roasted__> because I think it looks hard. :/
<andygraybeal_> i'm reading the 10.04 server guide under LDAP Authentication, under ACL, it says: Authentication requires access to the password field, that should be not accessible by default.   Does this mean that I need to modify my configuration?  Just underneath that sentence it gives me an example of ldapsearch; not modify, so I'm confused.
<raphink> I'd go about mounting the dir when they log in
<patdk-wk>  <volume fstype="smbfs" server="fs-students" path="classof20xx/$(USER)" mountpoint="~/Documents" />
<raphink> using a login script
<patdk-wk> login script would do the same thing
<raphink> right
<raphink> the problem is the xx ;-)
<patdk-wk> but you could check if the userpath exists for each one first
<patdk-wk> but that *still* wouldn't help if user exists in multible ones
<Roasted__> patdk-lap, my server name is storage, and the full path is //storage/students/classofxx/student_accounts
<patdk-wk> and you Loose the password then to auth with
<Roasted__> with that said...
<Roasted__> wouldn't it be...
<Roasted__> <volume fstype="smbfs" server="storage" path="students/classof20xx/$(USER)" mountpoint="~/Documents" />
<patdk-wk> yep
<patdk-wk> I wonder if: <volume fstype="smbfs" server="storage" path="students" mountpoint="~/Documents" />
<patdk-wk> would be *good enough*
<Roasted__> and if I just wanted to mount all 4 of the class folders in Documents, wouldn't I just use path="students"
<raphink> Roasted__, how about making links on your filer?
<Roasted__> My ubuntu server is on the domain. Would PAM look at those credentials and authenticate these users to these locations?
<raphink> so that //storage/students/all/$USER points to //storage/students/classofxx/$USER for each $USER
<raphink> that would solve your issue
<patdk-wk> if it's a samba server
<patdk-wk> dunno if that would work in win2008
<Roasted__> It's a windows server
<raphink> :S
<Roasted__> don't think it would?
<Roasted__> where would I put this <volume...> entry to test it?
<patdk-wk> in the pam-mount.conf file
<Roasted__> no file found. where's it supposed to be located?
<patdk-wk> have you even installed libpam-mount yet?
<Roasted__> yep
<Roasted__> just searched filesystem for it
<Abhijit> hi guys
<Abhijit> is httpd and apache are two different softwares?
<Abhijit> or if those two are same then is it that in old apache the path for httpd.conf was different and now in new apache2 its different?
<Abhijit> help
<kpettit> what is the keyboard shortcut to get to the terminal window.  I used to do "cntrl + alt + f1" but that' doesn't work with the newer version of ubuntu
<Abhijit> kpettit, ctrl alt t
<kpettit> Abhijit, ah cool, didn't know that one.  But what I ment is the terminal outside of the GUI.  The console
<patdk-wk> Roasted__, /etc/security/pam_mount.conf.xml
<kpettit> Sometimes my GUI locks up and I need to get to the console to kill things.  But the command I used to use doesn't work anymore
<Roasted__> patdk-lap, got it. Do I just tag this at the end?
<patdk-wk> no, it's xml
<Abhijit> <Abhijit> is httpd and apache are two different softwares?
<Abhijit> <Abhijit> or if those two are same then is it that in old apache the path for httpd.conf was different and now in new apache2 its different?
 * patdk-wk wonders what the env looks like when a user logs in
<Roasted__> where doe sthis entry need to go then? under volume definitions?
<kpettit> Abhijit, I know in Centos it's httpd and in Ubuntu it's apache.  THey are the same app just different config setup
<Abhijit> kpettit, oh i see. in college we have old version of red hat. and now here i have ubuntu. so the same paths are not working
<Abhijit> :(
<kpettit> I've got a centos and ubuntu machine.  Apache works the same way, they just name the directories different and chop up the config files and directories in different ways.
<kpettit> Apache is kind of a beast.  People try to tame it differently
<Abhijit> yerah
<Roasted__> patdk-lap, I take it I AM to edit this file, right?
<raphink> Abhijit, apache is an httpd
<raphink> there are others
<Abhijit> raphink, yeah
<raphink> httpd means http server, and apache is one http server
<raphink> lighttpd or nginx are other examples of httpd
<raphink> usually, when httpd.conf refers to apache's configuration though
<raphink> and in Debian and Ubuntu, this configuration is located in /etc/apache2/apache2.conf
<Abhijit> raphink, yeah
<Roasted__> raphink, can you give me a hand with this pam thing still?
<Roasted__> There's just some areas I'm unclear on.
<raphink> which areas?
<Roasted__> Well I have the <volume... etc> section written out the way I think I need it
<Roasted__> <volume fstype="smbfs" server="storage01" path="students" mountpoint="/home/%(USER)/Documents" />
<raphink> the path doesn't take in consideration your class issue though
<Roasted__> that's fine, if I can at least get the 4 Class folders in Home/DomainUserLoggedInAtTheTime/Documents I'd be good
<Roasted__> I think
<Roasted__> I mean it's worth a shot
<Roasted__> if studenst go to documents and see Class of folders, they'll know where to go
<Roasted__> Do I just add that in the pam_mount.conf.xml file?
<raphink> I'm not familiar with pam_mount, but I think this is what you need to put
<raphink> from patdk-wk's comments
<Roasted__> this is what you need to put... as in you think what I have is right?
<raphink> I think so, yes
<raphink> did you try it?
<Roasted__> hold on a second
<Roasted__> am I to paste that line I pasted into the conf.xml file?
<Roasted__> and ifs o, where?
<Roasted__> I don't want to just be guessing and mess something up.
<raphink> patdk-wk gave you the location of the file earlier, didn't he?
<Roasted__> yes
<Roasted__> but WHERE in the file
<raphink> ah
<Roasted__> screw it, I'll just try it
<Roasted__> testing on my laptop so I dont fry my production lab I just set up :P
<Roasted__> brb
<uvirtbot> New bug: #745073 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.4 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/745073
<Roasted_> yeah that uh
<Roasted_> did nothing
<Roasted_> :(
<Roasted_> anybody familiar with configuring pam?
<raphink> Roasted_, did you check with the documentation?
<Roasted_> raphink, of course.
<Roasted_> It's all I've been reading for the last hour.
<Roasted_> And while it goes into grave detail about it, it's missing some key simple steps with setting it up.
<Roasted_> Which is extremely frustrating...
<raphink> :S
<Roasted_> raphink, what was your idea about it?
<Roasted_> about getting the login thing to work
<Roasted_> I'm desperate for anything. I just need it to fly..
<raphink> well as far as classxx goes, my idea was to use a symlink on the filer, but it's a windows machine
<Roasted_> ignore classxx
<raphink> and then I didn't know about pam_mount so I'd have made a login script to mount the samba share
<Roasted_> if I can get all 4 classes to show up within Documents, I'd be fine
<Roasted_> how would the login script authenticate
<raphink> but then it would ask for the password, so pam_mount is nicer
<Roasted_> gah
<Roasted_> stab me
<Roasted_> this is so frustrating
<raphink> ;-)
<Roasted_> it already asks me 3 times for a password
<Roasted_> it's obnoxious
<Roasted_> so obnoxious I wouldn't be surprised if they'd pull this ubuntu lab out, which I DO NOT want
<Roasted_> so I need to make this work
<raphink> you mean pam_mount asks for a password?
<Roasted_> no
<Roasted_> my current setup does
<Roasted_> many times
<Roasted_> it's ridiculous
<raphink> ok
<Roasted_> pam_mount I don't even have working because I have no flipping idea how to set it up. All of the configs I see tell me what entries to use, but I have no idea how to structure them in the config file.
<Roasted_> There's no examples that say, if you're trying to do this, then set it up like this, etc.
<raphink> Roasted_, you read this right http://manpages.ubuntu.com/manpages/jaunty/man5/pam_mount.conf.5.html ?
<raphink> Roasted_, did you try with /students instead of students ?
<patdk-wk> might help some: http://www.redhat.com/archives/k12osn/2006-October/msg00262.html
<Roasted_> I did not use /students
<Roasted_> raphink, yeah thats the one link I was reading
<Roasted_> one of the many
<Roasted_> patdk-lap, not really sure that link offers much help. It sounds like somebody asking hte same question I am with no answer.
<raphink> the guy did say the dev was helpful
<Roasted_> sigh
<Roasted_> I'm just not reading anything here that I can use
<RoyK> hi all. I ssh into this server, and starting something like xterm works fine, but when I try to start firefox, I get 'X11 connection rejected because of wrong authentication.' - any idea what might be wrong?
<thesheff17> RoyK: are you using ssh -X username@host?
<RoyK> as I said, xterm works
<RoyK> forwarding x11 is set in the config
<RoyK> simple X stuff works well
<thesheff17> RoyK: weird...I just ran it from a 10.04 desktop to a 10.04 server no problems. There is a frame buffer that should be on the server apt-get install xvfb
<RoyK> no need for X on the server - I just want to start X apps from it
<thesheff17> RoyK: all I do is ssh -X username@host then firefox works fine.
<RoyK> http://pastebin.com/W2vqiVh2
<RoyK> xeyes/xterm/etc works
<RoyK> not firefox
<RoyK> server is 10.04.2 LTS AMD64
<genii-around> Some Mac clients need -Y instead of -X in the ssh connect line
<RoyK> genii-around: tried that as well, no change, also, when it works for xterm, it should work for firefox, no?
<genii-around> RoyK: You would think so, yes. Maybe no Xauthority file?
<thesheff17> RoyK: X11Forwarding yes You have this in /etc/ssh/sshd_config file?
<RoyK> genii-around: yes, it's there
<RoyK> thesheff17: seriously - I told you x11 forwarding works
<thesheff17> RoyK: not sure why term would work and not firefox but I have no issue.
<RoyK> xeyes/xterm uses x11 tunneling
<genii-around> RoyK: Is there a local copy of it running already? ( firefox )
<RoyK> nope
<genii-around> RoyK: Perhaps try calling firefox with the swith of --no-remote
<RoyK> no change
<genii-around> Hm. It's a puzzler.
<RoyK> that is - with --no-remote, it only gave me 'X11 connection rejected because of wrong authentication.' once
<RoyK> without it, the error message came twice
<DrDetroit> When I download and install dhcp3-server, does it by default turn itself on?
<RoyK> DrDetroit: you need to configure it first
<RoyK> DrDetroit: see /etc/dhcpd.conf (iirc)
<DrDetroit> thanks, just tying to think of all the things i need to do for making a replacement for my main box
<mathiaz> kirkland: hey!
<kirkland> mathiaz: yo
<mathiaz> kirkland: how is the update-motd system working again?
<kirkland> mathiaz: it's compiled into pam_motd
<mathiaz> kirkland: I'd like to add specific information to the motd on our ec2 instances
<kirkland> mathiaz: sure ...
<kirkland> mathiaz: http://manpages.ubuntu.com/manpages/natty/en/man5/update-motd.5.html
<mathiaz> kirkland: so that we can figure out in which environment we are (dev, staging or prod)
<mathiaz> kirkland: great - thanks for the pointer
<kirkland> mathiaz: basically, you need to drop an executable in /etc/update-motd.d
<kirkland> mathiaz: name it NN-word
<kirkland> mathiaz: where NN is a number
<kirkland> mathiaz: it'll be executed by run-parts
<kirkland> mathiaz: see http://manpages.ubuntu.com/manpages/natty/en/man8/run-parts.8.html for ordering
<mathiaz> kirkland: cool I'll look at it
<EtienneG> I just noticed how big the server team got.  I skip *one* UDS, and you guys basically double the team?  I am positively shocked!
<EtienneG> o/ mathiaz
<mathiaz> EtienneG: o/
<kirkland> mathiaz: sure thing;  let me know if you have *any* trouble with it
<uvirtbot> New bug: #745195 in tomcat6 (main) "Tomcat6 updates depend on tomcat-user.xml" [Undecided,New] https://launchpad.net/bugs/745195
<jfb_h20> what's a quick way to tell how a mounted disk is formatted?
<_ruben> can a not-formatted disk even *be* mounted?
<jfb_h20> no, I want to know if it is ntfs, ext2/3/4 or fat32...
<_ruben> mount will tell ya
<jfb_h20> ah, perfect. thanks.
 * _ruben needs to learn to read .. reading 'if' instead of 'how' ...
<_ruben> braincells trying to be smart i guess
<Disconnect> how do i pass info to partman for mkfs.ext4? (need a -lot- of inodes.)
<Disconnect> preseeding partman that is
<zul> hallyn: lxc support in openstack has landed in trunk as of 15 minutes ago, fyi
<hallyn> zul: awesome
<zul> hallyn: thanks for the help!
<hallyn> zul: my pleasure, thanks for doing it :)
<zul> hallyn: my pleasure
<hallyn> now i'm really enjoying using my new lxc-clone and lxc-lvm-clone
<hallyn> i need to kick those to upstream nad see if they can integrate them
<azizLIGHTS> if i want to rehost youtube videos on my own httpd, what should i do?
<SpamapS> azizLIGHTS: do you have the right to re-distribute said videos?
<azizLIGHTS> yes
<SpamapS> azizLIGHTS: then you would just host the .flv file on your httpd
<azizLIGHTS> i dont want to download the flv from my httpd , i want to see it streaming in a aplayer on my httpd
<adam_g> hallyn: lxc-clone/lvm-clone? does that clone via lvm CoW snapshot?
<azizLIGHTS> so how can i do that
<hallyn> right
<hallyn> adam_g: right
<azizLIGHTS> SpamapS: so how can i do that
<SpamapS> azizLIGHTS: put them in the DocumentRoot of the webserver
<SpamapS> azizLIGHTS: I think by default that is /var/www
<azizLIGHTS> SpamapS: yes, but that makes my browser download the flv. i want to see it in a player with pause/play, buffer
<azizLIGHTS> skip seek
<azizLIGHTS> what is that thing called that does that
<raphink_> then you need to develop a web page that embeds the videos
<azizLIGHTS> somebody already made it i bet for free, what is it called>? im not sure of name so i cannot google it
<raphink_> or instead of using the flv, try using mpeg or even webm, and embeds them using HTML5
<azizLIGHTS> oh
<raphink_> that depends on your users, too
<azizLIGHTS> thats nice for chrome i think
<azizLIGHTS> i am the user btw
<raphink_> since there's still quite a few people using old browsers that don't support HTML5 + webm
<raphink_> if you're the only user, then you can choose whatever technology fits  you ;-)
<raphink_> so go for the easiest one, which is probably HTML5+webm
<azizLIGHTS> ok i like ur idea but i also want to try those flash players theyare nice
<azizLIGHTS> you know any i can use on my server
<raphink_> I've never done anything with a flash video player
<raphink_> you can search for one that is free, but I can't recommend you one
<azizLIGHTS> i dont know what to call this technology, on server side
<azizLIGHTS> flv player for server lol... what is it called
<adam_g> hallyn: oh. awesome to hear, similar functionality was on my libvirt/virt-manager wishlist for a long time
<raphink_> search for free flash video player
<azizLIGHTS> yea... i get vlc
<raphink_> like http://flowplayer.org/
<azizLIGHTS> when i do that
<raphink_> then you don't use the same google as I do ;-)
<JanC> VLC *can* be used as a streaming server if you want  âº
<azizLIGHTS> in cli?
<raphink_> indeed it can JanC
<hallyn> adam_g: I'll put it in my ppa tonight or tomorrow, and fwd the patches to the list to see if we can get it upstream.
<raphink_> and it's even good at it :-)
<azizLIGHTS> hmmm ok guys thanks for info
<azizLIGHTS> ill experiment with html5 chrome, webm, vlc, flowplayer
<MetaJake> can anyone recommend the size to make a virtual drive for experimenting with ubuntu server, including lamp, python and some python web frameworks possibly?
 * Patrickdk just always does 8gigs, cause that is the vmware default
<thesheff17> MetaJake: I usually use 20GB...but depends on db size...web content etc.
<MetaJake> ok thanks for the recommendations, all
#ubuntu-server 2011-03-30
<axisys> i installed latest lucid 10.04.2 on my refurbised ibm box and I am only getting bug soft lockup cpu#0 stuck for 61s! on the screen a reboot after the fresh install
<twb> axisys: so piss about with notsc, noapic, acpi=off, etc?
<andygraybeal_> with kvm, can i use a real physical nic dedicated to a virtual machine?
<andygraybeal_> so i can have a virtual machine connected directly to a hardware network?
<twb> andygraybeal_: almost certainly
<twb> WOrst case: you bridge it but don't assign an IP on the dom0 for that iface
<andygraybeal_> awesome thank you twb.  i nee to play with this.
<andygraybeal_> twb, *nods*
<andygraybeal_> thank you
<axisys> twb: don't follow
<axisys> so want me to try acpi=off ?
<axisys> but i do not see the grub
<axisys> how do I catch the grub during boot
<Jasonn> Hold shift while bootin
<Jasonn> booting*
<axisys> Jasonn: ok.. let me try
<Jasonn> Okies
<Jasonn> Its shift on all the newer versions
<Jasonn> escape, or delete on the older ones
<axisys> ok shift gave me the grub
<axisys> Jasonn: thanks
<Jasonn> No problem :)
<twb> axisys: *I* don't care
<axisys> i installed 10.04.2 server 32bit.. but the kernel shows 2.6.32-28-generic-pae instead of server
<axisys> so append acpi=off in the kernel line may be?
<Jasonn> nah, it doesnt matter
<Jasonn> i suppose
<Jasonn> Yer probably gonna get better help if you ask in #ubuntu for that one mate
<axisys> Jasonn: ok
<twb> crond tries to reduce the "nice" and "nproc" ulimits of its child processes.  How do I prevent this?
<twb> Hmm, it mentions pam_limits, so maybe it's pam not crond at fault...
<twb> Fuck it, I'm just going to ignore the complains in the log
<twb> I'm even getting... pam_limits(cron:session): Could not set limit for 'nice' to soft=20, hard=20: Operation not permitted; uid=0,euid=0
<twb> Which *can't* be widening a limit, so it's clearly just not allowed to change limits at all
<axisys> twb: thanks for your help.. acpi=off worked.. system finally up
<twb> OK, WTF
<twb> I have a new CUPS server, and it ONLY works if I refer to it as its unqualified hostname.
<twb> http://paste.debian.net/112372/
<twb> Where is /etc/cups/mime.convs supposed to come from?
<dschuett> not really a big deal, but does anyone know how to change the order of the interfaces in the systen information that comes up during login?
<juzzy__> hi
<twb> What "system information" ?
<YankDownUnder> dschuett, Um...the stats?
<kaushal> hi
<kaushal> when i run dmidecode i get Type: Unknown Speed: Unknown in http://pastebin.ubuntu.com/587238/ Any clue ?
<twb> any clue about what?
<kaushal> twb: about Type: Unknown Speed: Unknown
<kaushal> is there anyother way to know the RAM Speed and Type ?
<twb> Try lshw
<twb> or open the box
<kaushal> twb: ok
<_ruben> or your hardware inventory documents ;)
<twb> haha
<twb> "ask your hardware vendor"
<kaushal> twb: its colocated
<shauno> I don't suppose it's a VM that's giving you empty results because there's technically no hardware?
<BbluE> Hello all.
<twb> Grmph
<twb> Why does nagios3 use /usr/bin/mail but not recommend on it
<twb> Apparently because bsd-mailx meets its deps, but provides a slightly different binary
<BbluE> Are you running Nagios on your server?
<twb> I am.
<kaushal> shauno: its a physical hardware
<BbluE> Nice monitoring solution.
<twb> Personally I think it could do with a massive cleanup
<twb> I mean step #1 would be to use execvp instead of system() FFS
<BbluE> I have a question for anyone who might be able to answer it...
<BbluE> I used apt-get to install php5... is there a format or anything I can put into the php.ini, to comment out extensions I know I'm not going to use?
<twb> That's a question for #php, I think
<BbluE> Ah,I figured someone here might have ran into that issue... installing it on Ubuntu Server 10.10.. but, you're right. I should go check there. Thank you.
<uvirtbot> New bug: #745522 in dovecot (main) "ucf prompt on server-tasks upgrade profile" [Undecided,New] https://launchpad.net/bugs/745522
<nick_name> hello
<nick_name> is there a way to disable ttys temporarily?
<twb> stop tty2
<katmandoudou> Hello, I have configured my server to run JBoss as service. It works almost except that I have some exceptions when I try to stop it
<katmandoudou> http://pastebin.com/y0at57Mv
<katmandoudou> Caused by: java.net.ConnectException: Connection refused
<katmandoudou> Could someone help me ?
<rcconf> try with /etc/init.d/
<katmandoudou> rcconf, ok
<katmandoudou> rcconf, it has changed nothing ...
<rcconf> k
<katmandoudou> rcconf, would you want to see my /etc/init.d/jboss file ?
<rcconf> im not geek
<katmandoudou> rcconf, ah ...
<jamespage> katmandoudou: I'm a little rusty on Jboss but from memory the shutdown command should be connecting to a control port to initiate the shutdown
<jamespage> katmandoudou: /etc/init.d/jboss might be helpful to diagnose
<jamespage> katmandoudou: netstat -a would also handy with JBoss up and running
<katmandoudou> jamespage, ok at first I paste my /etc/init.d/jboss script to pastebin
<jamespage> katmandoudou: great
<katmandoudou> jamespage, ok http://pastebin.com/5ikL1Erp for the jboss script
<jamespage> katmandoudou: well it looks like it still works the same way as it did in 4.3 and 5
<katmandoudou> jamespage, yes but it doesn't work for the shutdown :)
<jamespage> katmandoudou: yeah - so we need to figure out why the shutdown code can't connect to the JBoss instance
<jamespage> katmandoudou: some log data from jboss would also be helpful as I think the containers output what ports they are listening on
<katmandoudou> jamespage, the server.log ?
<jamespage> katmandoudou: yep -that should contain the right info
<katmandoudou> jamespage, here my boot.log http://pastebin.com/eST0qhku
<jamespage> katmandoudou: looking now
<katmandoudou> jamespage, and after having cleaned my server.log, I don't have a lot of interesting things inside
<katmandoudou> jamespage, here my server.log http://pastebin.com/NFRLFHLS
<katmandoudou> jamespage, I must leave for a while now. See you after, just the time to go to home
<brontosaurusrex_> in karmic server, what would be a working way to setup internet time adjustement once per day?
<Caribou> brontosaurusrex_: why would you want to do that, instead of running a ntp daemon ?
<Caribou> This will cause sudden offset in your time reference (i.e. changing once a day)
<brontosaurusrex_> Caribou, ok, that makes sense, so: sudo apt-get install htp ?
<guampa> brontosaurusrex_: add something like * * * * * ntpdate time.nist.gov to crontab, mind that some servers, notably dovecot, will die if time moves backwards too much
<Caribou> well, afaik, ntp is installed by default.
<Caribou> lemme check
<brontosaurusrex_> Caribou, ok, that makes sense, so: sudo apt-get install ntp ? > related: can i use ntp on desktop as well?
<Caribou> as long as you have a internet connection, it should work fine either on desktop or server
<brontosaurusrex_> also, can i assume that ntp comes with some sane defaults? and can i assume i dont need to play with crontab with ntp?
 * Caribou is looking at it right now
<guampa> brontosaurusrex_: ntp is the ntp daemon, not ntpdate which is a different program. ntpd doesn't need crontabs
<brontosaurusrex_> guampa, i understand
<guampa> it will run at startup and stay in background syncing time while the system is up
<brontosaurusrex_> i understand that as well
<Caribou> I just installed it. Seems to configure without a glitch and sync with ntp.ubuntu.com
<tigreton> hi
<tigreton> could you recommend an admin panel like webmin? i didn't find nothing
<brontosaurusrex_> Caribou, ok, thanks for help
<Caribou> np
<tigreton> i have problems win openldap too, if someone can recommend some tutorials too, thanks
<uvirtbot> New bug: #745599 in samba (main) "fails on automatic update" [Undecided,New] https://launchpad.net/bugs/745599
<katmandoudou> jamespage, I'm back
<uvirtbot> New bug: #745601 in whois (main) "Update whois server for .li TLD" [Undecided,New] https://launchpad.net/bugs/745601
<katmandoudou> jamespage, are you still here ?
<katmandoudou> jamespage, it should comes from my run.conf !
<jf_> hi, I'm having a really irritating problem installing ubuntu server on my server machine
<jf_> after installing and rebooting multiple times, everything is okay with the network
<jf_> but as soon as I install dhcp 3 and reboot, every last bit of networking fails to work properly (it's fine before restarting)
<jf_> *dhcpd
<jf_> ah it is actually dhcp3-server
<pmatulis> jf_: "every last bit of networking" meaning other systems affected?
<jamespage> katmandoudou: sorry - just popped out for a bit
<jamespage> katmandoudou: I tried to reproduce your issue; with no success (i.e. I was able to startup and shutdown as the init script does)
<jamespage> katmandoudou: some of the init script looks a bit suspect when compared to the shutdown.sh that comes as part of JBoss
<katmandoudou> jamespage, sorry wait a minute I've almost solved the problem
<jf_> pmatulis: no, just the server
<etrisnanto> hello
<pmatulis> jf_: check the logs
<jf_> i looked at dmesg, everything's fine there
<pmatulis> jf_: /var/log/daemon.log
<jf_> okay, from dhcpd there are only warnings there (host declarations are global, not limited to scope declared in)
<pmatulis> jf_: you need to discover what is actually happening.  do you lose your IP address assignment?
<jf_> what do you mean? the server itself has a static ip (which it retains) and all other network devices eventually don't get a new dhcp lease
<jf_> but since the server has a static ip and the router does too, it should at least have internet
<uvirtbot> New bug: #745642 in bind9 (main) "FTBFS in ubuntu natty" [Undecided,New] https://launchpad.net/bugs/745642
<hallyn> Daviey: (haven't updated yet) did you enable modpython in your ppa's new znc yesterday?  (if you ever got around to updating)
<jf_> pmatulis: I also just noticed that nothing in ifconfig changes if I remove the network cable
<jf_> or put it into another rj45 slot
<pmatulis> jf_: and when dhcpd is not running that behaviour changes?
<tigreton> well bye
<jf_> no it does not
<jf_> everything breaks after installing dhcpd
<jf_> *dhcp3-server
<pmatulis> jf_: so it's the installation and not the running of it
<jf_> even if I remove the package, it's still broken
<pmatulis> jf_: remove package and reboot mabye.  sounds very odd
<pmatulis> jf_: i'm starting to think that dhcpd has nothing to do with your problem
<jf_> it does seem rather weird
<Daviey> hallyn, no... but i did email the debian maintainer asking why it wasn't enabled
<Daviey> it could have very good reason... but doesn't seem so
<Daviey> hallyn, if you are bored, and have a diff.... :)
<hallyn> Daviey: no to both
<hallyn> thanks :)
<hallyn> Daviey: today i hope to get testing done on vmware
<hallyn> first need to update the hallyn labs infrastructure :)
<Daviey> hallyn, Yeah... the latest bug update wasn't clear if it was good or bad.
<hallyn> oh, it was bad
<Daviey> I think it indicated that it tried to modprobe before it had been dkms built
<Daviey> which isn't necessarily a problem, is it?
<zul> morning
<hallyn> Daviey: oh, no I thought it was saying that the debian packaging was trying to install two modules which no longer exist.
<hallyn> but his second msg said that clipboar doesn't work
<hallyn> anyway i just need to test it
<hallyn> biab, time for a reboot
<katmandoudou> jamespage, still here ?
<jamespage> katmandoudou: sure am
<jamespage> did you manage to fix your issue?
<katmandoudou> jamespage, ok so after some tests I can say that the problem is from the run.conf
<katmandoudou> when I put the option -Djboss.service.binding.set=ports-02 into the JAVA_OPTS variable
<Disconnect> is there a way to use preseeding to manually create a partition before partman runs? (if i can do that, i can get a reasonable number of inodes, then i can just tell partman to keep the now-existing partition..)
<katmandoudou> without it, I can stop jboss normally
<katmandoudou> with I have the exceptions you have seen before
<katmandoudou> this option is to change the ports of JBoss, to add 200 to each ports
<jamespage> katmandoudou: OK - that was a new feature in JBoss 5
<katmandoudou> jamespage, and ?
<jamespage> katmandoudou: so the way the init script calls the Shutdown code needs to be modified - see http://community.jboss.org/wiki/configureports (right at the bottom)
<jamespage> it does not observer the settings in run.conf
<katmandoudou> jamespage, thanks I try to start and stop jboss and I tell you the results
<talntid> I'm trying to solve an issue. I have an app that sends many emails to the same addresses every day. Recently, it stopped "working". Seems the emails are going out, from what I can see.. but none of the addresses are receiving them. The mail HOST is gmail. Unlikely that I am being blocked. It responds and says mail accepted for delivery -- just, it's not happening. Any ideas on troubleshooting?
<ScottK> If your logs say gmail accepted them, then it's an issue internal to gmail.  You'll have to talk to them.
<Disconnect> not to point out the obvious, but check spam. gmail sometimes decides that automated mail like that is spam..
<talntid> I did check the spam mail.
<talntid> It's not in there :)
<talntid> I am under the impression that it's internal to GMail too, ScottK. Just wanted to make sure I wasn't missing something dumb...
<pmatulis> talntid: you might want to pastebin some mail logs
<Disconnect> and its not under 'all mail'?
<pmatulis> fg
<katmandoudou> jamespage, it should be not exactly the same values to pass
<katmandoudou> jamespage, I did this : JBOSS_CMD_STOP=${JBOSS_CMD_STOP:-"java -classpath $JBOSSCP org.jboss.Shutdown --shutdown -s jnp://localhost:11299"}
<katmandoudou> jamespage, and I get this exception : Exception in thread "main" java.net.MalformedURLException: Service URL must start with service:jmx:
<katmandoudou> 	at javax.management.remote.JMXServiceURL.<init>(JMXServiceURL.java:143)
<katmandoudou> 	at org.jboss.Shutdown.main(Shutdown.java:234)
<talntid> correct, Disconnect
<Disconnect> dunno then. we had that problem with large mailer reports, just sucked it up and moved them to the internal server
<talntid> I want to convince my office staff that the crap they are having me auto-email me them, is crap ;)
<talntid> They can view the info live, any time, using the intranet page. Instead, they want it emailed to them every day. weak. :P
<jamespage> katmandoudou: I don't like the way the init script calls the java code directly; it would be better if it called shutdown.sh with appropriate parameters '-p 1290 -o localhost' should work
<katmandoudou> jamespage, yes let's try
<katmandoudou> jamespage, I changed my JBOSS_CMD_STOP like this : JBOSS_CMD_STOP="cd $JBOSS_HOME/bin; ./shutdown.sh -p 1290 -o localhost"
<katmandoudou> but the problem is the same
<katmandoudou> I have still the ConnectException
<jamespage> katmandoudou: so are you still using the -Djboss.service.binding.set=ports-02 setting?
<katmandoudou> yes normally
<katmandoudou> yes I have just checked
<jamespage> katmandoudou: sorry - thats my fault the parameter for the port should be '-r 1290' not -p
<RoAkSoAx> morning
<jamespage> ./shutdown.sh with no args give you all of the options
<jamespage> hey RoAkSoAx
<RoAkSoAx> jamespage: howdy! how's it going today?
<jamespage> RoAkSoAx: good thanks! hows yours?
<RoAkSoAx> jamespage: good good
<katmandoudou> jamespage, ok it was the -r
<katmandoudou> jamespage, thanks a lot !!
<jamespage> katmandoudou: no problem - might be worth reporting that as a bug back to jboss as its pretty broken how it is today.
<zul> SpamapS: ping when you around....is squid upstart stuff fixed in lucid?
<SpamapS> zul: I think so.. I think the reports we got were largely busted conffiles from people who had never re-started their squid.
<zul> SpamapS: so we should be ok to make the changes in maverick?
<SpamapS> zul: yeah should be fine unless I missed more bug reports coming in
<AdvoWork> Hi there, i have paths set like: mirror_lenny = http://cdn.debian.net/debian  for something im using, how would i specify the path for the latest server version?
<zul> SpamapS: cool
<shauno> AdvoWork: archive.ubuntu.com/archive would be the equivalent of that.
<shauno> err, /ubuntu rather
<uvirtbot> New bug: #735072 in samba "The hostname proposed by installer is too long for file sharing to work correctly." [High,Confirmed] https://launchpad.net/bugs/735072
<Error404NotFound> i am following http://www.linuxjournal.com/content/centralized-logging-web-interface to send my syslog to a center server. How would i also send other logs such as apache as well?
<airtonix> Error404NotFound: well apache has some custom errorloging modules
<Error404NotFound> airtonix: so, the only option is to send those messages to syslog as well?
<airtonix> it's been a while since i looked at it, but i think you can "stream" it to a custom handler
<SpamapS> Error404NotFound: apache can log to syslog very easily
<SpamapS> Error404NotFound: the simplest way is just   CustomLog |logger -t apachelogs -p user.info
<SpamapS> actually you need the full path to logger, so   CustomLog | /usr/bin/logger -t whatever -p something.somethingelse common
<evilsushi> does syslog.conf come installed on the ubuntu 10.04 lts distro?
<evilsushi> root@ironman:/etc# find / -name syslog.conf
<evilsushi> root@ironman:/etc#
<evilsushi> erm
<evilsushi> rsyslog?
<evilsushi> what is rsyslog?
<pmatulis> evilsushi: the logging framework since 9.10
<evilsushi> cool so ill just install ng then
<pmatulis> evilsushi: why?
<evilsushi> pmatulis: because its the norm and works great?
<pmatulis> evilsushi: rsyslog works great too
<evilsushi> do you have config examples?
<pmatulis> evilsushi: to do what?
<Slyboots_> Mm.. Anyone know how to get wget to name files it downloads correctly
<Slyboots_> Say I .. give it wget http://fake.com/download?12345 , Wget will save the file as download?12345 instead of filename.zip
<genii-around> Slyboots_: You can try something like wget -O filename.zip http://wherever/something?12345
<Slyboots_> genii-around: Yea, but it would be preferable for wget to follow the link as it should and obtain the correct filename
<genii-around> Slyboots_: It does follow the link, but the file is being named differently by some server side script.
<fosterdv> wget http://longname -O short_name
<Anon275> nick/starwarsfan
<uvirtbot> New bug: #745930 in cloud-init (main) "cloud-init timeout waiting for metadata service on EC2" [Undecided,New] https://launchpad.net/bugs/745930
<semiosis> Slyboots_: according to the wget man page, a new exprimental option called "--content-disposition" will do what you want
<Slyboots_> Mmm..
<semiosis> Slyboots_: idk what version introduced that option, i'm looking at maverick's man pages
<Guest98493> hi room
<Slyboots_> I'll gve it a try, see how it goes
<semiosis> Slyboots_: cool, let us know how it goes
<smoser> SpamapS, ping
<smoser> bug 745930
<uvirtbot> Launchpad bug 745930 in cloud-init "cloud-init timeout waiting for metadata service on EC2" [Undecided,Incomplete] https://launchpad.net/bugs/745930
<smoser> request upstart job help. jhunt__ would also be helpful possibly.
<smoser> hm... that wasnt the bug that i meant to say, but your input might be useful there also. i meant to ask about bug 745946
<uvirtbot> Launchpad bug 745946 in cloud-init "cloud-final job did not run" [Undecided,New] https://launchpad.net/bugs/745946
<SpamapS> smoser: looking now
<SpamapS> smoser: the udev one, btw, I totally stalled out on. Its really puzzling.
<smoser> i'm not convinced that the first bug above is not related to udev.
<smoser> ie, it would fail to find the metadata service if the job ran, but the network interface wasn't really up.
<SpamapS> Agreed.
<uvirtbot> New bug: #745946 in cloud-init (main) "cloud-final job did not run" [Undecided,New] https://launchpad.net/bugs/745946
<SpamapS> smoser: but in that case, udev appears to have started normally
<SpamapS> smoser: is it possible cloud-config never stopped?
<Guest98493> Can anyone help me to setup a web server?
<smoser> SpamapS, i can't be sure, but i dont think its likely.
<smoser> SpamapS, we are moving to a different test suite, and so i dont have some logs that i would have had :-(.
<Guest98493> I have ubuntu 10.10 installed with LAMP
<Guest98493> where to go from now?
<Pici> Guest98493: Then you already have a webserver setup.
<SpamapS> Guest98493: well what do you want your web server to do?
 * SpamapS hopes the answer is "PROFIT"
<Guest98493> none profit
<Guest98493> :D
<Guest98493> just hosting myself and my buddies
<Guest98493> I want to have hosting panel something close to cpanel
<Guest98493> so the idea is just setup a web server and forget about it
<SpamapS> udevd[59]: worker [66] did not accept message -1 (Connection refused), kill it
<SpamapS> smoser: have to figure that one out. So weird.
<smoser> but SpamapS regarding the 'start on' for those two jobs
<smoser> does that seem sane ?
<SpamapS> totally
<smoser> could any race condition cause cloud-final to not start ?
<smoser> ok.
<SpamapS> Those two things, rc and cloud-config, are decoupled from one another
<SpamapS> so its a safe and
<slim_> hello all, is there a sip server to use it for chat (text/audio/video) and can communicate with MS OCS server ?
<SpamapS> one thing that I don't like about that tho, is that it will block running 'runlevel 1'
<SpamapS> actually thats not true.. runlevel does not wait
<SpamapS> and.. single user on a cloud instance is.. a bit silly
<smoser> you have a better suggestion? i need "rc.local"
<smoser> hm...
<smoser> hm... maybe there should be an upstart job called rc.local
<SpamapS> smoser: stopped rc RUNLEVEL=[2345] is about as close to rc.local as it gets
<smoser> right.
<smoser> i was suggesting there should be a job though
<smoser> so that people dont have to write "stopped rc RUNLEVEL=[2345]" many times
<SpamapS> no
<SpamapS> ;)
<SpamapS> rc.local is still in /etc/init.d IIRC
<semiosis> Guest98493: check out webmin for server control panel
<smoser> 59 jobs in /etc/init on the system i'm looking at
<smoser> 5 of them (almost 10%) have "stopped rc RUNLEVEL=[2345]"
<smoser> that would seem a reasonable thing to abstract
<smoser> and then run rc.local via it.
<Guest98493> semiosis: thanks
<SpamapS> smoser: start on boot-finished ?
<SpamapS> or maybe 'post-boot'
<smoser> basically, yes, that is what rc.local starts on
<smoser> :)
<SpamapS> nice thing is you can just dump that in rc.conf's post-stop .. 'initctl emit post-boot'
<smoser> but scott will tell you that boot has never finished
<SpamapS> post-automatic-boot
<SpamapS> post-system-boot
<SpamapS> whatever we call it.. it means that the stuff we run at the beginning has completed.
<lder> hi.  i am running a server on a closed network and want to deliver updates via CDROM once a week.  is there a special day of the week that security updates are released on the repo?
<SpamapS> lder: no.
<SpamapS> lder: they're released "as fast as possible"
<lder> SpamapS: ok, thanks.
<RoAkSoAx> kirkland: I NQA preseed + SSD rockS!!
<kirkland> RoAkSoAx: :-)
<kirkland> RoAkSoAx: + TestDrive for extra speedy options
<RoAkSoAx> kirkland: indeed, can we pass the nqa arguments by default though? This way I can just make an option available in testdrive (In the preferences "Enable NQA" "Enter Pressed file location"), so that's even faster?
<kirkland> RoAkSoAx: nope
<kirkland> RoAkSoAx: however, in a few months, it'll get easier
<kirkland> RoAkSoAx: you can actually add kernel command line arguments on the kvm line
<kirkland> RoAkSoAx: however, you have to provide both the kernel and initrd parameters too
<kirkland> RoAkSoAx: aliguori (upstream QEMU) has a brand new, super cool hack for qemu that will let you address the kernel/initrd in the -cdrom argument by a url style cdrom://path/to/vmlinuz
<kirkland> RoAkSoAx: once we have that in qemu, then, yes, you will be able to add such support to TestDrive ;-)
<RoAkSoAx> kirkland: cool!! that;s great then. I guess that for now I can have a customized ISO to "Install from Pressed" defaulting to your preseed
<RoAkSoAx> so that I don't have to enter it manually
<kirkland> RoAkSoAx: cool
<RoAkSoAx> kirkland: have you though on having this included in the official ISO?
<RoAkSoAx> (the pressed file)
<RoAkSoAx> or a hidden option to not have to enter it manually
<kirkland> RoAkSoAx: i've discussed the concept of having a "no-questions-asked" seed file in the /preseed directory of the Ubuntu Server before with cjwatson
<RoAkSoAx> kirkland: that'd we great
<kirkland> RoAkSoAx: as i recall, cjwatson didn't like the idea because a true "no questions asked" install would probably need to blow away the whole disk (as my sample preseed does)
<kirkland> RoAkSoAx: and that can be dangerously destructive
<kirkland> RoAkSoAx: however, I still think providing just such a file in /preseed would be extremely high value, low cost effort
<RoAkSoAx> kirkland: indeed! but with proper documentation I don't think it would be dangerous because the administrator would know what they are duing if they use the preseed. And I also agree with you on having it shipped in /preseed (at least) would be awesome
<kirkland> RoAkSoAx: moreover, i'd love to have that as an option in the F4 Modes menu of syslinux, and additionally append the "priority=critical locale=en_US" to the kernel line when selected
<kirkland> RoAkSoAx: so I suggest your toss this out there as an Oneiric-Topic on the mailing list
<kirkland> RoAkSoAx: perhaps CC cjwatson so that he can comment on it
<RoAkSoAx> kirkland: cool, I will
<hallyn> hey dn
<hallyn> hey d'nalrick, how's it going
<cjwatson> kirkland: a preseed file might be one thing, but I refuse to put it in the F4 Modes menu - it's far too dangerous for exposure there
<cjwatson> absolutely no way
<cjwatson> a preseed file can have comments and such
<kirkland> cjwatson: fair enough
<kirkland> cjwatson: any suggestions as to avoiding the need for the locale=en_US additional parameter?
<kirkland> cjwatson: perhaps making an assuming from the language chosen on the first language prompt in syslinux?
<cjwatson> just document it in the preseed file
<kirkland> cjwatson: and I'm pretty sure that I could avoid the priority=critical with a more complete preseed, right?
<cjwatson> sure, though many preseeders use priority=critical anyway
<cjwatson> saves hassle
<cjwatson> you could use Kickstart, that's able to set locale parameters from a file
<kirkland> cjwatson: right, so ideally, I would just add file=/preseed/no-questions-asked.seed
<cjwatson> (with a disgusting hack)
<kirkland> cjwatson: and if that's the case, then we assume a locale and priority=critical
<kirkland> and "no-questions-asked" should probably be something shorter, save keystrokes
<cjwatson> I wish there were less focus on this and more on server team members fixing bugs in the server installer :-/
<cjwatson> TBPH
<cjwatson> https://help.ubuntu.com/10.10/installation-guide/i386/automatic-install.html documents using Kickstart, FWIW
<kirkland> hallyn: howdy :-)
<kirkland> cjwatson: thanks
<bastidrazor> i used the 64bit install CD and now i notice Linux servitude 2.6.32-30-generic-pae #59-Ubuntu SMP Tue Mar 1 23:01:33 UTC 2011 i686 GNU/Linux ..
<kirkland> cjwatson: TBPH, I wish we had more leverage to change the server installer in positive ways
<bastidrazor> since i don't have the 64bit kernel nor mroe than 3.2GB of RAM, can i safely install the -server kernel?
<Guest98493> hi guys
<Guest98493> I'm quite stuck trying to install shorewall following this guide http://net.tutsplus.com/tutorials/php/how-to-setup-a-dedicated-web-server-for-free/
<Guest98493> when I type "sudo cp /usr/share/doc/shorewall-common/examples/one-interface/* /etc/shorewall/"
<pixel13> let's try this again... ( I should've known there was an ubuntu-server channel!) ;)
<Guest98493> it gave me cp: cannot stat ......
<smw> Guest98493, why do you need shorwall?
<pixel13> anyone here successfully used DRBD 8 / OCFS2 on Maverick?
<pixel13> ...specifically _with_ Pacemaker?
<smw> Guest98493, please get a real nick
<Guest98493> How do I get real nick?
<Guest98493> :)
<RoyK> Guest98493: type /nick mynick
<smw> Guest98493, type /nick aname
<RoyK> what a nick...
<yessir> hehhe
<yessir> smw: I don't know anything
<pixel13> For those of you familiar with DRBD, I'm referring specifically to this guide:
<pixel13> https://wiki.edubuntu.org/ClusterStack/LucidTesting#Pacemaker,%20drbd8%20and%20OCFS2%20or%20GFS2
<smw> yessir, ok, I suggest against shorewall
<yessir> I was just trying to follow th guide
<yessir> smw: so I don't need shorewall at all?
<smw> yessir, it is not worth the time.
<smw> yessir, no
<pixel13> I know it's for Lucid, and DRBD + OCFS2 is not a problem, that's been really easy to setup...it's just I have not been able to get Pacemaker work with O2CB for the life of me, really hoping someone on this board can help point me in the right direction
<smw> yessir, shorewall is more of a pain than anything else when used on a local server.
<smw> yessir, (local server == not on the internet)
<yessir> oh
<yessir> I'm trying to setup a web server
<yessir> can you have a look at this guide: http://net.tutsplus.com/tutorials/php/how-to-setup-a-dedicated-web-server-for-free/
<smw> yessir, one that will be available to others?
<yessir> Yes.
<smw> yessir, run from home?
<yessir> Yup.
<smw> yessir, you don't need a fw because your router will block ports for you.
<yessir> I'm planning also to install a hosting panel
<yessir> Oh, I see.
<cjwatson> kirkland: I can think of lots of ways we could do really useful things for server users in the installer
<yessir> I should the skip to step 7?
<smw> yessir, but, just a warning, most ISPs do not allow you to host a website on port 80
<cjwatson> kirkland: for example, I intend to propose that I spend time rearranging the preseeding format so that LVM and RAID preseeding is much more straightforward
<cjwatson> *that's* the sort of server installer work I want us to be doing
<yessir> how can I test am I allowed or not?
<smw> of course, if you have a "business account"...
<pixel13> hmm..no one here using DRBD for Ubuntu clustering??
<smw> cjwatson, what?
<cjwatson> smw: wasn't talking to you?
<pmatulis> pixel13: try the ubuntu-server ML
<pixel13> thx @pmatulis, good call. I may just give that a try...
<kirkland> cjwatson: sounds useful;  we'll have quite a bit of work around OpenStack next cycle, and we'll need a good experience installing it;  I'm hoping we explore ways to make this work well with less invasive changes required to d-i than we did with UEC
<cjwatson> kirkland: right, that sort of thing I also think is useful.  What I'm worried about is spinning wheels on nice-to-haves
<yessir> "ECONNREFUSED - Connection refused by server".
<yessir> I tried to connect to the server using Filezilla
<kirkland> cjwatson: such as a functional no-questions-asked seed?  that's just file in rootskel, right?
<smw> yessir, maybe shorewall is messing with you? lol
<pixel13> @pmatulis ...dang it, seems most recent talk of OCFS2 on ubuntu-server ML is over a year ago!
<kirkland> cjwatson: don't worry about my request for the priority/locale selections, i can see that as being more of a pain, and more of a nice-to-have
<pixel13> how can I ask a fresh question on the ML?
<yessir> Oh no..
<cjwatson> kirkland: changes to several different udebs, all of which require testing, QA, bug-fixes, ongoing merges, etc.
<yessir> Can you guide me how to uninstall it?
<cjwatson> preseeding aliases live in preseed, for instance
<cjwatson> preseed files live in cdimage, not rootskel
<smw> yessir, sudo apt-get remove shorewall
<smw> !who | yessir
<ubottu> yessir: As you can see, this is a large channel. If you're speaking to someone in particular, please put their nickname in what you say (use !tab), or else messages get lost and it becomes confusing :)
<kirkland> cjwatson: interesting, i had no idea;  i think i'd be satisified with shipping a single file somewhere in the server cd filesystem
<cjwatson> if that's all it takes, I don't care; but scope creep is a problem
<yessir> ubottu: Yes sir! :)
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<cjwatson> what I'm trying to say isn't "I'll obstruct any useful change you want to make", but more "I wish server effort went slightly more in the direction of the giant stack of bugs and feature requests we already have from users, rather than adding new ones"
<SpamapS> cjwatson: ++
<cjwatson> I mean server installer effort, sorry - I don't see the rest of it
<SpamapS> Whether intentional or not, You captured my exact stance on the server product quite well there.
<yessir> How do I check if I have installed OpenSSH  or not
<yessir> my memory did not serve me well :o
<SpamapS> which ssh
<SpamapS> ssh --version might also work
<semiosis> dpkg -l | grep ssh
<semiosis> TMTOWTDI (tm)
<yessir> semiosis: dpkg: unknown option -1
<SpamapS> yessir: thats an l not a 1
<semiosis> l as in list
<yessir> semiosis: do you mean l letter?
<semiosis> no i mean l as in list
<yessir> I got it
<yessir> :)
<yessir> Anyone know how can I connect to my server using Filezilla via SFTP?
<semiosis> yessir: thats actually pretty easy, if you can SSH into your server, you should be able to SFTP in as well... make sure you use SFTP (SSH File Transfer Protocol) and not the other choice FTPS (which is something different)
<yessir> Sounds too simple but yet too difficult for me
<yessir> :(
<yessir> How can I make sure it's SFTP not FTPS
<semiosis> it's the Server Type option in Filezilla, when you are setting up the connection options
<yessir> semiosis: Should I use HTTP/1.1 using CONNECT method or SOCKS 5
<yessir> also which port should I use?
<SpamapS> yessir: thats for proxy!
<semiosis> yessir: just leave that stuff alone unless the defaults dont work
<semiosis> yessir: you should only need hostname, server type, username and password
<yessir> hostname is my ip, right?
<yessir> as you could tell I'm quite noob
<yessir> :)
<semiosis> yessir: yes sir
<uvirtbot> New bug: #746052 in samba (main) "rpcclient deldriver does not remove drivers from all architectures" [Undecided,New] https://launchpad.net/bugs/746052
<SpamapS> kirkland: your new challenge.. do for mutt what byobu did for screen. :)
<kirkland> SpamapS: :-)
<kirkland> SpamapS: i spent about 6 months using sup
<yessir> I think I messup something
<SpamapS> seriously.. mutt is awesome but you have to read 9 pages of docs to figure out how to make it do the basics.
<kirkland> SpamapS: i liked it, but it was buggy, and being in ruby, i didn't hack on it much
<kirkland> SpamapS: i've heard "notmuch" is pretty cool
<yessir> I typed "yes" and pressed entered... now I see on y letters running
<SpamapS> I've always been an Evolution user..
<kirkland> SpamapS: but i like your challenge :-)
<yessir> how can I make it stop
<kirkland> SpamapS: i may well take a stab at that
<SpamapS> But I try to do mutt about once every 9 months
<semiosis> yessir: ctrl+c
<yessir> semiosis: thanks
<yessir> what is apt-get update
<semiosis> yessir: software is distributed in "packages" which can be managed with apt-get, the update command (of apt-get) will refresh the list of packages available from the package repositories.  type "man apt-get" to see the manual for apt-get, it will explain more about it
<yessir> semiosis: 13: Permission denied
<yessir> Unable to lock the administration directory ......, are you root?
<KB1JWQ> yessir: sudo that.
<yessir> KB1JWQ: Can you give me presise command for that
<yessir> :)
<KB1JWQ> yessir: Have you read the fine documentation? :-)
<yessir> KB1JWQ: I have not
<yessir> *shame on me*
<yessir> getting quite late now.. I should be in bed....
<yessir> Thanks for everyone that helped me this far
<semiosis> yw
<jibel> hi all, there is only 1 mandatory testcase left for natty beta 1 iso testing : Install (default + RAID1) http://iso.qa.ubuntu.com/qatracker/result/5241/286 , any volunteer ?
<hggdh> Daviey: if you are there... Dan seems to have found the issue
<hggdh> which is sort of weird
<SpamapS> kirkland: hmmm.. notmuch seems pretty good
<jibel> hggdh, smoser, are you testing ubuntu server ec2 images ?
<skaet> hggdh, around?
<jibel> :-)
<skaet> :)
<hggdh> skaet, jibel: sorry, got involved in raid1 tests and my critically unloved bug
<skaet> hggdh,  we're just wondering if the ec2 tests are close to be finished off?
<osmosis> how do I stop a service from starting at boot?
<hggdh> skaet: I did not have time yet to look at them, but Jenkins ran a series of tests. I will collate them now to the tracker
<semiosis> osmosis: which service?
<skaet> hggdh,  cool.    they're the biggest unknown at this point in time.
<osmosis> any service
 * skaet will be glad when jenkins talks to iso tracker directly ;)
 * hggdh also
<skaet> jibel, ^^
<osmosis> my friend is telling me that ubuntu has no chkconfig and its problematic.
<hggdh> skaet: I intend to have at least one session on UDS on this
<skaet> hggdh,  please sign me up.  :)
<hggdh> skaet: roger wilco
<ejv> hi guys, partitioning new disks to be assembled into a new mdadm software raid, because the disks are 2TB, 4k format, I used GPT this time around. Is setting: `parted /dev/<device> set <partition number> raid on` akin to setting fd for Linux raid autodetect? or are they fundamentally different? should I not set any 'flags' at all? thank you! :)
<osmosis> semiosis, ^
<cjwatson> ejv: kind of similar, I guess; it makes the GUID of that partition be one that means "this is a RAID physical volume"
<ejv> cjwatson: ok
<cjwatson> you should set that flag, yes
<ejv> heheh ok, i want to be able to (in the future) call `mdadm --auto-detect` and have it pick up these GPT partitions and roll them together back into the array
<osmosis> im being told that upstart is inferior to sysV because it doesnt factor in USR1, USR2 signals that some daemons use for log rotation and graceful reloading
<SpamapS> osmosis: in that case, sysv's init daemon stays out of that game entirely. The scripts implement those signals.
<SpamapS> osmosis: I'd say that in this regard, upstart is deficient when compared to LSB-init ..not sysv
<cjwatson> wouldn't you send those signals directly to the daemon anyway?
<SpamapS> osmosis: anyway, custom reload actions is an open bug in upstart.
<cjwatson> oh, I guess you mean how reload is hardcoded to be SIGHUP
<SpamapS> cjwatson: the init script allowed aggregating all of the things relevant to that daemon in one place
<cjwatson> yeah.  it wouldn't be hard to implement custom reload actions, I suspect
<SpamapS> it was sort of the operational clearing house for the daemon.. upstart is more "do it our way or don't do it"
<SpamapS> 'tis an old bug .. bug 94873
<uvirtbot> Launchpad bug 94873 in upstart "init: support custom actions" [Wishlist,Triaged] https://launchpad.net/bugs/94873
<SpamapS> Most daemons that implement such things have their own control program too.... apachectl .. mysqladmin.. pg_ctl ..
<osmosis> good info. thanks
#ubuntu-server 2011-03-31
<semiosis> osmosis: sorry was afk, 'update-rc.d' is the command that performs functions similar to chkconfig
<hallyn> SpamapS: are you the father of php in ubuntu?
<SpamapS> god no
<SpamapS> php is definitely a bastard
<hallyn> drat
<SpamapS> but occasionally I look afte rthe little twit
<SpamapS> whats up?
<hallyn> was just wondering who cares about the packages
<SpamapS> I do .. I confess ;)
<hallyn> well low importance, but bug 744371
<uvirtbot> Launchpad bug 744371 in php5 "PHP5-FPM doesn't always restart on 10.10" [Medium,New] https://launchpad.net/bugs/744371
<SpamapS> FPM is horribly broken on all versions prior to natty
<hallyn> it's one which will fall off the radar and suddenly have 3 people complainingloudly about how ubuntu sucks...
<hallyn> this is in natty too, judging byinit script
<SpamapS> ahhh
<SpamapS> I see now
<SpamapS> Thats an easy fix
<SpamapS> hallyn: as soon as I get my upload rights, I'd be happy to make that my first upload. ;)
<hallyn> yeah, np for natty.  hard to justify an sru unless someone else confirms the problem
<hallyn> when is that projected?
<hallyn> i'm a big jealous of the fast-track you've taken :)
<SpamapS> Not sure, whenever the DMB enacts their voting results
<hallyn> on full server suite?
<SpamapS> I wouldn't mind having a nice well defined set of concerns to focus on like you. ;)
<SpamapS> no they voted core dev for me :)
<hallyn> well somehow lxc ended up not in my set.  which is a real fing bugger
<hallyn> wow
<hallyn> big time congrats
 * hallyn starts building up a sponsor queue to ship to SpamapS 
<hallyn> you dont' have much else to do right?
 * SpamapS is quite humbled by the names of the team members
<SpamapS> No nothing really to do at all. :)
<hallyn> SpamapS: well, i think i'm goign to have to do another request to add lxc.  suspect they'll tell me to shove off, but...
<SpamapS> hallyn: definitely not.. I think they'll give it to you in a blink
<SpamapS> hallyn: the pain is that you have to sit through the meeting again.. I think they should have async meetings where votes/questions can be done via email.
<smoser> jibel_, yes
<ejv> i need some help, im getting ABYSMAL mdadm resync performance on a brand new raid6, for a 4 x 2T array, it's taking nearly 22 hours, what is the problem? thanks.
<qman__> ejv, that's normal
<qman__> especially for such large disks
<qman__> you can speed up the process a bit by changing /proc/sys/dev/raid/{speed_limit_max,speed_limit_min}
<ejv> yea i changed those, and it didn't realy impact performance in a noticeable way
<ejv> it's holding a steady 25MB/sec
<qman__> yeah, that's about all you're going to get
<ejv> what if i changed the stripe_cache_size in /sy/block/
<ejv> sys*
<qman__> since raid 6 is double parity
<ejv> i just figured since they disks are empty and have no data, initializing a new array should be a quick and simple operation, not 22 hours lol
<ejv> the*
<qman__> nope
<qman__> it has to build the entire array
<ejv> if I bought a better CPU, could I perhaps get a boost?
<qman__> yes
<qman__> another factor is how fast your disk controller is
<qman__> I'm guessing all four disks are on one controller
<ejv> cpu is a previous gen athlon ii, it's a software raid, via mdadm
<qman__> if that controller is only PCI or only PCIe x1, that's going to be a significant limitation
<qman__> see how high your iowait stat is, top can tell you
<ejv> qman__: http://pastebin.com/raw.php?i=n8md9gB8
<ejv> (sdb-e are the md6 raid6 members)
<qman__> not too much
<qman__> what did you set the two values to?
<ejv> 500000 for max, 50000 for min
<qman__> yeah, that's not high enough
<qman__> try 2000000 for both
<ejv> i thought that's in megabytes
<ejv> im only seeing a resync speed of 25mb/sec
<qman__> kilobytes IIRC
<ejv> hmm
<ejv> one moment :)
<ejv> will adjust
<qman__> setting it too high won't have any ill effects on the system, it won't do more than it can handle
<qman__> it's just set that low for in-production operations, so they won't slow you down
<ejv> ok changed the values on both
<ejv> is this operation swap intensive, should i enable my swap (it's off right  now)
<qman__> no
<ejv> kk
<qman__> it's pretty much all CPU and I/O
<qman__> also, what type of drives do you have?
<ejv> these are low power green drives, segates 5900 rpm
<qman__> yeah, that's going to hurt it
<ejv> well how does this math work, if each drive via iostat is reporting 25mb/sec, that means my system is doing 100mb/sec of disk i/o, that's not too shabby right?
<qman__> yeah
<ejv> ok lol
 * ejv needs to feel good about his purchase
<bastidrazor> should mutt update itself when a new mail in received without any user input? it appears for me i have to do some sort of input before a new mail shows
<qman__> 100MB/s isn't too bad
<qman__> for the class of hardware you're using, anyway
<ejv> right, older cpu, low power drives
<ejv> etc.
<qman__> you're probably being limited by the disk controller
<ejv> you know what
<ejv> i didn't think of that!
<qman__> those drives should be capable of 60-80MB/s each, but if they're all on one controller, on one PCIe lane, that's slowing you down
<ejv> it's on a pci sata 4 port
<qman__> yeah
<ejv> SATA 150 for each port
<ejv> man i TOTALLY didn't think of that
<qman__> the PCI bus is shared with all other PCI devices
<qman__> and is only 133MHz
<ejv> these are SATA II drives on a SATAI ports
<ejv> yea
<ejv> wow totally didn't think of that
<ejv> so i'm probably pushing the limits of the controller
<ejv> all my onboard motherboard SATA slots were occupied, so I had to use the 4port SATA PCI
<ejv> i can bet you the onboard SATA ports are MUCH faster
<qman__> very likely
<ejv> *sigh*
<qman__> but 22 hours still isn't bad
<ejv> thank you very much, you made my day with that comment
<qman__> my last resync took three days
<ejv> a light bulb went off in my brain lol
<ejv> yea, well here's my situation
<ejv> i have an old raid6, 500G members, in operation since 2008, that are occupying those precious onboard controller ports, my plan is to migrate the data, and then completely phase them out
<ejv> then i'll move the new 2T 5900rpm discs to the onboard spots and remove the PCI controller until I need it again
<ejv> sounds.... sane, right? lol
<qman__> yeah
<ejv> wonderful :)
<qman__> shouldn't have any problems, as long as you actually go offline for the switch
<ejv> according to newegg, it looks like 4 port PCI SATA300 cards are really common now
<qman__> only need a few minutes, but trying to swap it in live is usually a bad idea
<ejv> back in 2008, they were *expensive*
<ejv> yup i'll be shutting the server down completely, and very carefully moving everything
<qman__> I lost three drives in one day on my last array
<ejv> god, what happened
<ejv> were they from the same manufacturing batch?
<qman__> seagate firmware, I suppose
<ejv> yeesh
<ejv> sry to hear that
<qman__> that was a raid 5
<ejv> so that wasn't able to completely protect
<qman__> the replacement is a raid 6 with hot spare
<ejv> i wonder if mdadm supports hot spare
<qman__> it does
<ejv> ok i might consider that then
<qman__> that's what I use
<qman__> other tip
<Patrickdk> heh, raiding with 5900rpm drives are never run
<qman__> set up smartctl to email you
<Patrickdk> damn sleep mode on them
<ejv> you recommend it for such large members, because of the really bad URE statistics these days?
<ejv> sleep mode? my drives better not sleep...
<qman__> it's built into the firmware
<qman__> I don't buy green drives, too much hassle
<qman__> and too many horror stories
<qman__> but anyway, set up smartctl to email you
<qman__> my new array has already had two drives start to fail, I RMA'd one and I'm going to RMA the other next time I get a chance to pull it apart
<ejv> well i did my homework the best i could, and didn't ever see any issues with the ST32000542AS drives for use in raid, i'll keep looking
<ejv> hmm email... scary
<ejv> don't i need an MTA and SMTP and all that gobbly gook then...
<qman__> all you need is postfix on the server
<qman__> if you have a mail server you can smarthost it, otherwise you can set it up with gmail or something
<ejv> hmm ok i'll look into doing that
<qman__> it's not too involved and it's worth the advance notice
<ejv> yea definitely
<ejv> i have a mail server managed by a friend on another remote host, I imagine I can point smartctl to that
<ejv> or sure, google like u said
<ejv> err gmail*
<ejv> thanks for your help again qman__
<ejv> i shall return :D
<ejv> 1175 minutes to go
<qman__> no problem
<Doonz> would you recommend raid 10 for a high i/o's server?
<linuxtech> See http://www.debian.org/security/2011/dsa-2208 Ubuntu 10.04 bind9 users might be interested in running the backport I setup at https://launchpad.net/~cp/+archive/net
<draven_sol> if i want an encrypted raid and lvm what is the correct order for setup? ie make an lvm of 4 drives, then raid then encrypt or what order should it be in
<rcconf> I have a problem
<rcconf> after sudo poweroff the fans and cpu fan keep spinning
<rcconf> and I know it's not an hardware problem because I have just shutdown the computer and fans with power button while I was in the BIOS.
<rcconf> :|
<SpamapS> rcconf: I've had that happen before with some hardware.. seems like some of them just ignore that final instruction to power off.
<rcconf> SpamapS: how did you solve  it?
<lifeless> hammer
<ttx> Daviey: you coming to the openstack design summit ? If not, anyone from Canonical ?
<rcconf> lifeless: shut up thanks :)
<SpamapS> rcconf: I pushed the power button. :-P
<rcconf> eh :\
<rcconf> that doesnt solve my issue
<ejv> rcconf: I noticed that my brand new PSU doesn't immediatley power off after shutdown, it keeps running for about 15 seconds to make sure all the drives safely spin down, are you components on perpetually?
<ejv> s/you/your/
<rcconf> ejv: yes, i think so
<rcconf> i have tried to wait like 30 minutes
<ejv> yea that's far too long
<ejv> at that point i'd toggle the manual switch on the power supply
<rcconf> ejv: it does not have one
<rcconf> ejv: computer is old
<rcconf> :)
<rcconf> ejv: and
<rcconf> CPU fan is using 5300RPM
<rcconf> spinning i mean
<rcconf> and I cant control the speed
<rcconf> old BIOS
<ejv> dunno if you can complain toooo much if the box is a dinosaur rcconf :p
<rcconf> ejv: 2000 computer
<twb> You can push it off the roof, tho
<rcconf> not that old
<rcconf> twb: if you give me another one
<twb> assuming it's small enough to fit through the door
<ejv> a power unit from 2000... that's kinda pushing it
<ejv> you could prolly do yourself a favor, electric bill wise, and get a more efficient PSU :P
<rcconf> it's some good old machine I found
<ejv> but is it an excuse for remaining on, of course not :P
<rcconf> and gave it life
<rcconf> im God
<rcconf> :|
<twb> rcconf: a binge-drinking roughneck with a penchant for turning lovers into vases?
<rcconf> english please
<twb> http://en.wikipedia.org/wiki/Greek_mythology ?
<rcconf> I dont like false gods
<rcconf> wont read
<twb> All things are true and false and meaningless.
<twb> http://en.wikiquote.org/wiki/Principia_Discordia
<rcconf> sudo nano /etc/hosts 127.0.0.1 twb-links
<twb> You should use sudoedit
<rcconf> ?
<twb> Instead of "sudo nano"
<rcconf> no.
<Daviey> ttx, I'm /probably/ not. zul certainly is
<Daviey> ttx, Clashing with the release week is a mega PITA.
<ttx> zul: did you register yet ?
<huats> morning
<huats> hello ttx !
<ttx> huats: yo
<rcconf> hello
<MatBoy> it would be awesome to have a php based manager like webmin, but php... I know there is a php extention to the webmin pl files, but this is old
<wout-lnx> Mr. Hallyn???
<wout-lnx> Are available?
<rcconf> ?
<wout-lnx> hallyn I've got a question regarding your kvm spice ppa
<soren> wout-lnx: It's 5:15 in the morning where he is. It'll probably be a couple of hours :)
<phoenixsampras> HELP!!! how to upgrade from 10.04 to 10.10 ?
<zul> ttx not yet hoepfullly today
<rcconf> phoenixsampras: sudo-apt dist-upgrade
<rcconf> phoenixsampras: sudo apt-get dist-upgrade
<rcconf> or release..
<rcconf> wait
<rcconf> phoenixsampras: sudo do-release-upgrad
<rcconf> phoenixsampras: sudo do-release-upgrade
<JanC> rcconf: IIRC there are at least 3 ways to power down an "IBM PC compatible" computer, and it sounds like linux guesses wrong about what your hardware supports...  ;)
<rcconf> JanC: motherboard is amd pc chips m810lmr
<xampart> phoenixsampras: edit /etc/update-manager/release-upgrades and set "Prompt=normal", then do-release-upgrade
<phoenixsampras> thank you xampart, you are wise
<rcconf> phoenixsampras: my command doest work?
<rcconf> doesnt
<muszek> hi... I'm using backupninja for backups.  I'm pretty sure when I set it up (2 yrs ago) I created config files in /etc/backup.d/.  I edited them a while back only to see that edits have no effect.  I just discovered that backupninja apparently uses files from /usr/local/etc/backup.d which appear to be copies of the files I originally created in /etc/backup.d (old versions).  Why could that be?  Should I simply edit those in /usr/local/backup.d fr
<muszek> om now on?
<phoenixsampras> xampart: how to verify the ubuntu server release version?
<xampart> cat /etc/issue
<xampart> for starters
<raphink> or lsb_release -a
<qman__> draven_sol, raid first, then lvm, then encryption
<qman__> rcconf, by default, LTS will only upgrade to another LTS, so to go from lucid to maverick you need to change that setting first
<rcconf> k
<muszek> how do I check which repository a package is installed from?
<muszek> n/m, found it
<a7ndrew> muszek: what was the answer>
<a7ndrew> ?
<muszek> a7ndrew: apt-cache showpkg _packagename_ (doesn't show exactly which version is installed, but lists all installable versions and some data about them, incl. the origin... which is good enough for me)
<hggdh> Daviey: good morning
<a7ndrew> muszek: thanks, interesting to contrast that with what 'aptitude show' reveals. It runs faster too.
<bda> hello, whats the best virtualization software to use?
<pmatulis> bda: kvm of course
<pmatulis> ;)
<lun0> how can i log user actions on server?
<bda> pmatulis: i thought ubuntu recommended it for reason :) would it be better than a headless virtualbox, though?
<pmatulis> bda: try both and decide for yourself but i suppose kvm will become more and more integrated and supported in ubuntu than virtualbox
<pmatulis> bda: so you need to think of the future a bit
<hallyn> wout-lnx: hi
<wout-lnx> Hello hallyn
<hallyn> wout-lnx: fwiw i'm not currently touching myspice ppa, bc dev-zero is going to update his and push to universe
<wout-lnx> hallyn: Ok but dev-zero's ppa doesn't contain a spice compatible kvm bin
<bda> pmatulis: right. thanks for your help!
<wout-lnx> hallyn: It is my understanding that kvm in ubuntu is not spice enabled because spice libs are not yet packaged. Correct?
<Daviey> hggdh, hello!
<hallyn> wout-lnx: yup
<Daviey> Good news about the patch
<Daviey> The PPA has been updated btw.
<hallyn> wout-lnx: yes, dev-zero is going to (AIUI) use my qemu-kvm packaging
<hallyn> wout-lnx: so he'll basically end up with my qemu (quasi) package and his own updated library packages
<wout-lnx> hallyn: Can I help?
<a7ndrew> lun0: I guess it depends which actions you want to log. Do you mean their shell commands? If so apparently you can use the 'script' command to do it, I'm not too sure of exactly how its done though, as Ihaven't had a need.
<wout-lnx> hallyn: Testing needed?
<hallyn> wout-lnx: sure.
<hallyn> wout-lnx: are you on gimp#spice?
<lun0> a7ndrew: ok, will check it
<wout-lnx> hallyn: I'm not a coder, nor a packager
<wout-lnx> hallyn: not yet
<hallyn> wout-lnx: ok.  well, i'm starting to think dev-zero may have gotten distracted...  (real life does sometimes get in the way if you're doing this for fun :)
<hallyn> wout-lnx: anyway the stuff i have *should* work.  kim0 has tested it
<wout-lnx> hallyn: gimp#spice. gimp=gimpnet??
<hallyn> wout-lnx: actually maybe he never got audio to quite work
<hallyn> yeah
<hallyn> you can ping dev-zero and ask him if he has new paackages he can push soon to his ppa
<hallyn> ivoks: hey, od you have any currently-unused manzanita chassis which are not behind a firewall?
<hallyn> feh
<wout-lnx> wout-lnx: I got as far as running a vm with spice from cli
<wout-lnx> hallyn: I got as far as running a vm with spice from cli
<hallyn> wout-lnx: ok,
<hallyn> wout-lnx: i've gotten redhat to boot graphically
<wout-lnx> hallyn: running a vm using libvirt, with virt-manager with spice devices
<hallyn> wout-lnx: but i was doing funky things with the library versions anyway
<hallyn> wout-lnx: so that's another reason to use dev-zero's packages.  If he says he doesn't have time then i can go ahead and update his packages and create new ones in my ppa
<wout-lnx> hallyn: funny thing is, I could connect to the cli vm with spice client just fine, I couldn't connect with the libvirt one.... (only got frozen screens and then client would die)
<hallyn> oh, not sure that's funny.
<hallyn> how does libvirt do the connection?
<hallyn> It's probably due to my not properly falling back tothe old protocol
<hallyn> which, again, is why we should switch back to the simple old libs :)
<wout-lnx> ;-)
<wout-lnx> Well I'm connected to gimnet...
<hallyn> wout-lnx: ok, i've pinged dev-zero several times over the last week, so he may just be on vacation.  let's see if he was just ignoring me :)
<PrestonConnors1> Hello, is it recommended to apt-get remove consolekit on Ubuntu Server? What is console-kit-daemon used for?
<soren> PrestonConnors: If it was recommended to remove it, it woulnd't be there to begin with.
<PrestonConnors> soren: Do you know why console-kit-daemon would consume many resources for a server with a lot of ssh connections? console-kit-daemon is consuming about 3.6GB of RAM and about 60% of CPU on these servers.
<soren> Probably becuase it's broken somehow.
<PrestonConnors> soren: When I kill console-kit-daemon it automatically restarts with normal usage and starts to linearly consume more resources over time.
<soren> PrestonConnors: Which Ubuntu version is this?
<PrestonConnors> 10.04.2 64bit
<PrestonConnors> fully updated
<PrestonConnors> it is across 20 servers, 16 cores 96GB ram each
<soren> looks like bug 232557
<uvirtbot> Launchpad bug 232557 in consolekit "console-kit-daemon leaks memory" [Medium,Confirmed] https://launchpad.net/bugs/232557
<PrestonConnors> is there a safe way to disable console kit daemon
<PrestonConnors> i am killing it every day via crontab but would like a better resolution. some people recommended to apt-get remove it because it is quite buggy.
<zul> jamespage: im dropping the cobbler4j stuff, its no longer shipped in 2.1.x
<jamespage> :-(
<zul> no this is a good thing ;)
<jamespage> only joking!
<zul> so was i
<jamespage> what that it was a good thing or that you where dropping it?
 * jamespage is really confused now
<zul> upstream no longer ships it
<jamespage> TBH not surprised....
<zul> neither am i
<zul> tbh i dont think anyone installed it either
<sky1> Has someone practical experience with Request Tracker?
<RoAkSoAx> zul: don't forget to add python-koan :)
<RoAkSoAx> Daviey: howdy! Hey the eucalyptus powernap config and the separation of the tools have not yet been merged into the branch right?
<zul> RoAkSoAx: frig ill do it after beta
<melter> is there a way to do a non-interactive install of Postfix that automatically chooses "No configuration"?
<RoAkSoAx> zul: ok :)
<kpettit> Anybody know how I can connect to rdp on a non-standard port using remmina or terminal server client apps?
<Doonz> Hey Everyone, What is a good virtual server platform to use on ubuntu?
<sky1> vmware
<Doonz> ok would prefer something else because the stupid interface is buggy
<kpettit> Doonz, I like Virtualbox
<kpettit> I use that daily, and I like the RDP thing you can use on it's virtualmachines.  That's what I'm trying to connect to right now.
<kpettit> If I can just figure out how to change port on client.  ughh
<Doonz> kool
<Doonz> wich client
<kpettit> I've got Remmina and Terminalserver client.  But doing ip:port doesn't seem to do the trick
<semiosis> melter: an easy way to do it is to install postfix interactively the way you want it, then use 'debconf-get-selections | grep postfix > postfix-options.debconf' to save your interactive responses, then do to unattended installs just do a 'debconf-set-selections < postfix-options.debconf' before you install the package
<semiosis> melter: or something close to that
<Doonz> kpettit: may sound stupid but have you tried ip [space] port
<melter> semiosis: thanks
<kpettit> Doonz, no.  I'll try that...
<Daviey> RoAkSoAx, no.. i was going to merge and upload it concurrently... is that ok?
<kpettit> haha, that was it.  good call Doonz
<Doonz> woot! /me chalks up his deed for the day
<RoAkSoAx> Daviey: yeah that's fine :) I was just wondering
<Doonz> i forget wich client i was using and thats how it wanted the format to be
<kpettit> VirtualBox does this thing where you can turn on RDP to any virtualmachine.  You can see boot screen and everythign.  Very nice, espically with OS's that don't have RDP
<Doonz> ill have to install that when i get home
<Doonz> basically i have a quad core with 16gb ram and would like 5-8 linux servers on it to play around with carious things
<kpettit> The default virtualbox setup is great for desktop vm stuff.  But I use the "headless" stuff when I need to run it on a server.
<Daviey> RoAkSoAx, looking to upload when b1 is due.
<Doonz> yeah it will be headless so remote management features are key
<kpettit> VirtualBox should do great for you then.  Has really good snapshot and import/export stuff
<Doonz> does it allow you to mount iso's for install os's?
<kpettit> yes
<kpettit> You can do it all CLI or through the GUI
<Doonz> i like gui....
 * RoyK wonders how long it'll take for Oracle to ruin vbox as well
<kpettit> I normally use the GUI myself.  But when I install it remotly I do the CLI stuff.
<kpettit> It actually did better than vmware server.  I had a couple of vmware images that kept crashing vmware, but worked with virtualbox for whatever reason.
<Doonz> kool im a linux newb so i like to mess around with vm's so i dont hoze my system
<kpettit> RoyK, No kidding.  Hope they don't mess with it to much like with OpenOffice or MySQL
<kpettit> Doonz, smart.  I get too anxious sometimes trying out crap and mess up my machines frequently.
<kpettit> I'm doing the alpha of 11.04 right now on my desktop.  Bad idea, I should have just done it in a vm
<Doonz> yeah and when i break things that make it so my wife can do what she wants i get to sleep on the couch
<kpettit> haha, same goes here.
<RoyK> kpettit: I was an OpenSolaris user, but that abruptly stopped after Oracle pulled the plug - using OpenIndiana for storage now...
<kpettit> I liked alot of the ideas OpenSolaris came up with.  Never had a chance to play with it much though
<draven_sol> qman__, thanks for providing the answer
<RoyK> kpettit: we have ~350TB on OI atm
<RoyK> works well
<Doonz> that sounds sexy
<RoyK> lol
<Doonz> ive only got like 12tb
<kpettit> man.  that's a monster.
<Doonz> :(
<kpettit> I've got TB envy now.  I was happy to have 8
<genii-around> RoyK: Did you ever manage to find why firefox wouldn't run but xterm would? Just curious
<Doonz> Hostname: ss1 - OS: Linux 2.6.31-23-server/x86_64 - CPU: 4 x Intel(R) Xeon(R) (1600.000 MHz) - Processes: 162 - Uptime: 3d 18h 56m - Load Average: 0.05 - Memory Usage: 537.29MB/5976.13MB (8.99%) - Disk Usage: 4896.45GB/9745.55GB (50.24%)
<compdoc> I only have 6TB :(
<Doonz> thats my fileserver at home
<kpettit> I'm using one of those Drobo's.  I really like it
<maswan> We were moving to more ZFS storage until oracle ruined it. Now it is mostly xfs on rhel-derivatives or ubuntu (depending which subsite is managing it). Alltogether it is a few PB though.
<sky1> Has someone practical experience with Request Tracker? /msg me
<Caribou> Regarding VM, any reason _not_ to use the native KVM tools on Ubuntu ?
<queso> What uses the .conf files in /etc/init/  ?
<Pici> queso: upstart
<queso> Pici: How would I restart a service that has a conf file in there?
<cloakable> queso: service <service> restart
<queso> cloakable: Is the service's name equal to <servicename>.conf?
<cloakable> queso: Think so.
<queso> Great, thanks
<queso> Wait
<queso> man service says it runs stuff in /etc/init.d/   not  /etc/init/
<semiosis> queso: it does both, also check out the 'initctl' command
<RoyK> genii-around: haven't done any more testing
<genii-around> RoyK: Ah, OK.
<queso> There is a .conf file in /etc/init/ but no script with the corresponding name in /etc/init.d/  Is that script needed?
<semiosis> queso: try 'service <service>' if you get usage instructions then all is well, if you get 'unrecognized service' then something is wrong
<queso> semiosis: unrecognized service is what I get :(
<semiosis> queso: what service is this anyway?
<queso> semiosis: ispman-agent
<queso> semiosis: /etc/init/ispman-agent.conf's last line is exec /opt/ispman/bin/ispman-agent nodetach  so it just runs that perl script
<SpamapS> kirkland: so I'm giving sup a shot. What finally pushed you off sup? It looks *awesome* so far. I've waded through tons of email that I'd been ignoring already.
<kirkland> SpamapS: well, i imported 6GB of old mail
<kirkland> SpamapS: it crashed on me frequently
<kirkland> SpamapS: i loved the keystrokes, and the interface, and the color coding, though
<SpamapS> kirkland: ahhh.. I archive everything older than 1 year because that much mail seems to crash *most* mail clients. :)
<kirkland> SpamapS: not gmail :-)
<SpamapS> kirkland: I hear that. I'm still clinging tightly to hosting my own inbox tho.
<kirkland> SpamapS: yup
<SpamapS> kirkland: I was thinking of hooking up ajaxterm + sup to replace hastymail as my web mail provider actually.. :)
<kirkland> SpamapS: awesome
<kirkland> SpamapS: that sounds pretty sweet
<kirkland> SpamapS: let me know how that works
<SpamapS> probably not as well as gmail. <le sigh>
<kirkland> SpamapS: right
<SpamapS> Now to figure out how to get offlineimap to use the messaging indicator.
 * RoAkSoAx on its way to the airport to travel to texas for the TLF
<kirkland> SpamapS: you're running offlineimap from a cronjob?
<kirkland> SpamapS: notify-send is the magic command
<kirkland> SpamapS: echo foo | notify-send
<kirkland> SpamapS: alternatively, if you're running sup inside of a byobu session, you could either a) add a custom indicator, or b) patch /usr/lib/byobu/mail to work well :-)
<kirkland> mathiaz: hey
<kirkland> mathiaz: i think i have an idea of what might be wrong with your update-motd ...
<kirkland> mathiaz: update-motd scripts run as root
<kirkland> mathiaz: i think i recall you saying that you were doing some ec2 stuff in your update-motd script
<kirkland> mathiaz: which means you'd need to copy or link your credentials over to the root account, i believe
<Nafallo> if you're all bored and wonder what to do, I just filed bug 746497 ;-)
<uvirtbot> Launchpad bug 746497 in libvirt "libvirt installs firewall rules on package upgrades" [High,New] https://launchpad.net/bugs/746497
<SpamapS> kirkland: I don't want OSD notifications, I want the messaging indicator
<SpamapS> kirkland: IMO notifications that pop up and obscure windows are reserved for extremely time sensitive information, like IM's..
<kirkland> SpamapS: ah, whoops, i missunderstood
<kirkland> SpamapS: okay, good luck with that
<zul> Nafallo: i assure you we arent :)
<Nafallo> zul: aw. that's a shame ;-). want to triage it at least? :-)
<zul> sure gimme a couple of momments
<Nafallo> ta ;-)
<Nafallo> meh. I should have mentioned it is on 10.04.
 * Nafallo adds a comment
<Slyboots_> Mm..
<Slyboots_> Is there a "Danger" in giving users a shell?  I've created an account for services with limited access but Im going to have to give them a shell.. say Bin/bash
<Slyboots_> Since they need to create a screen session
<raubvogel> Slyboots_, it depends on the user and what they are supposed to do
<Slyboots_> Run 1 service.  Calibre-server which allows read-only access to a handful of files
<Slyboots_> right now when I start the daemon using their script it runs as root; so.. not going to do that :P
<raubvogel> then set their shell to only be able to run that
<Slyboots_> Didnt realise you could do that
<Slyboots_> Or.. how you can do that :P
<raubvogel> http://en.wikipedia.org/wiki/Restricted_shell
<raubvogel> There are better ways but that should start making you think
 * Slyboots_ nods
<uvirtbot> New bug: #746541 in tomcat6 (main) "Unable to upgrade tomcat6 (6.0.28-2ubuntu1.2) " [Undecided,New] https://launchpad.net/bugs/746541
<MetaJake> is there a way to serve public webpages using ubuntu server on Vmware?
<elb0w> So I did apt-get install ntp
<elb0w> But the dates still off
<CrunchyChewie> is CUPS capable of managing 6-9 printers for 88 individuals?
<semiosis> elb0w: it will slowly adjust the time toward correctness, unless you give ntpd the -x option which will jump it right to the correct time when it starts up.  you can add that to /etc/default/ntp
<elb0w> its ok
<semiosis> MetaJake: apache httpd?
<elb0w> it synced now
<MetaJake> semiosis, yes. by the way, vmware = vmware fusion*
<MetaJake> apache*
<semiosis> MetaJake: so you have apache running in the ubuntu guest OS within vmware?  can you browse to it from the host os?
<MetaJake> semiosis, yes I can browse to the ip i currently have configured... but then I realized this was just an internal network ip.. and I had confirmed that the default website could not be reached from an external client.
<CrunchyChewie> MetaJake: what kind of networking do you have the guest on? Host only? Bridged? NAT?
<MetaJake> chrunchychewie, pardon my inexperience at this point: What do you mean by Guest? and how can I learn what kind of network it is on from the choices you provided?
<semiosis> MetaJake: the guest is the ubuntu server inside vmware fusion
<CrunchyChewie> MetaJake: Host is the actual physical machine, guest is the VM
<MetaJake> I see. and how can I learn what kind of networking the guest is on? Again pardon my inexperience at this point. Thank you.
<CrunchyChewie> http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1022264
<MetaJake> NAT
<bdamos> Hello all, is anybody here using KVM for virtualization and starting the virtual machihnes at boot? (I believe it is called running it in headless mode) I cannot seem to choose between virtualization via KVM and via VirtualBox.
<CrunchyChewie> you want Bridged mode so the Ubuntu guest appears as a separate machine on the network and you can access it's IP
<RoyK> bdamos: I do
<bdamos> -.- just noticed the kvm channel, sorry guys
<bdamos> royk: how are you doing it?
<MetaJake> crunchychewie, I see.
<RoyK> bdamos: virtualbox isn't really made for servers
<RoyK> but it works well
<RoyK> bdamos: I just start virt-manager, create the VMs, and that's it
<RoyK> click the 'autostart on boot' checkbox
<CrunchyChewie> Anyone have any experience using Ubuntu Server as a printer server for ~100 people or so?
<semiosis> MetaJake: according to this doc (http://rosslawley.co.uk/2010/08/how-to-configure-vm-fusion-nat-to-be.html) you can actually set up vmware fusion to do NAT in the reverse direction, to route port 80 from the host into the guest machine
<semiosis> MetaJake: thats an alternative to switching to bridged mode
<MetaJake> crunchychewie I turned off ubuntu, switched the network setting to Bridged and restarted ubuntu as well as apache, unfortunately, now when I visit the ip (which used to load the default website) now, does not connect.
<MetaJake> i ran ifconfig to make sure the ip was the same, in bridged mode, which it is.
<MetaJake> .. semiosis, I see.
<CrunchyChewie> Metajake: are you trying to access the website from the host?
<semiosis> MetaJake: what the ubuntu system *thinks* is its IP may or may not actually work on your network, depending on many factors
<MetaJake> chrunchychewie, yes I am.
<MetaJake> semiosis, I see.
<CrunchyChewie> MetaJake: is the Ubuntu server and Host OS in the same subnet?
<CrunchyChewie> *are
<MetaJake> I can post the results of ifconfig if that would help determine the actual ipaddress of ubuntu in bridged mode (?)
<CrunchyChewie> stick it in pastebin
<CrunchyChewie> please do this from your host as well
<MetaJake> crunchychewie once again my inexperience must be pardoned: how can I learn if Ubuntu and my host OS are in the same subnet?
<kpettit> MetaJake, compare the ip address of both.
<CrunchyChewie> MetaJake no worries, when you do ifconfig, look at the IP address, its probably 192.168.2.xx or 192.168.1.xx or similar
<CrunchyChewie> that 3rd set of numbers need to be the same for it to be in the same subnet
<CrunchyChewie> otherwise they wont see each other
<CrunchyChewie> so if your host is 192.168.1.100 and your ubuntu is 192.168.2.100, they won't see each other
<CrunchyChewie> if it is 192.168.1.xx and 192.168.1.xx they will
<RoyK> CrunchyChewie: unless you have a broader netmask.....
<semiosis> CrunchyChewie: ip address + netmask determines the subnet, so it's only true that the first three groups need to be the same if the netmasks are 255.255.255.0
<CrunchyChewie> yea sorry I assumed the netmasks were the same, is there any reason to believe, by default, they are not?
<RoyK> we use 192.168.0.0/21 for our internal hosts
<RoyK> meaning 255.255.248.0
<RoyK> which covers 192.168.0.0-192.168.7.254
<semiosis> CrunchyChewie: theres lots of networks out in the wild
<MetaJake> crunchychewie, I see. Well here are the results of lfconfig from my host OS http://pastebin.com/fjKUVu8H ... oddly enough, I can not figure out how to copy the results of lfconfig from Ubuntu server, due to the nature of the window that it operates in via vmware fusion. .. but I can tell you that the results it is showing me, have a different subnet then my Host one which i pasted in that link.
<semiosis> MetaJake: it will probably be simpler to go back to NAT mode, follow that tip I posted (hopefully it works) and then your ubuntu guest web server will be accessible at your mac's IP address
<RoyK> MetaJake: OS X?
<semiosis> RoyK: vmware fusion
<MetaJake> royk yes
<MetaJake> semiosis, I see.
<CrunchyChewie> MetaJake: what is your Ubuntu server IP?
<MetaJake> 192.168.113.136
<CrunchyChewie> if it is on bridged mode you need to change eth0 to 192.168.1.101 or something
<CrunchyChewie> do you have a server or just a router
<RoyK> MetaJake: if you're using NATed networking, you need to configure the hypervisor to forward IP to the VMs. If you're using bridge mode, make sure you tie the VMs to the right NIC (en0 or en1)
 * RoyK uses bridged mode for things that he needs to access from the outside
<CrunchyChewie> MetaJake: check left bar messages
<semiosis> MetaJake: does your mac get its IP address automatically (DHCP) or did you set it manually (static)?
<MetaJake> semiosis, automatically.
<RoyK> MetaJake: using bridged networking or nat?
<semiosis> MetaJake: then when you switch your vmware guest to bridged, you will need to set it to use DHCP also, or get really familiar with IP addressing
<RoyK> MetaJake: and semiosis said 'vmware fusion', but the ifconfig output looked more like virtualbox - which one are you using?
<MetaJake> vmware fusion, royk
<RoyK> ok
<RoyK> MetaJake: I'm using vbox for my VMs on this laptop - that works - I don't know how fusion works in comparison, sorry
<semiosis> MetaJake: and what does your mac get its IP address from, is it some kind of home wireless router/base station?
<MetaJake> semiosis, it is a home router, yes.
<CrunchyChewie> guys he needs to go into /etc/network/interfaces and give eth0 a static address
 * RoyK mumbles something about this not being an ubuntu server issue, but rather a virtualisation issue with vmware fusion
<semiosis> MetaJake: ok, you'll need to set up a "nat pinhole" or "port forward" on the home router as well... and you may encounter a block by your ISP that prevents you from hosting a web site (on standard HTTP port 80) as some ISPs are known to do that
<semiosis> RoyK: yes good point
<MetaJake> semiosis, royk. I see.
<semiosis> RoyK: but the goal here is for MetaJake to be running a live web server on ubuntu
<RoyK> sure - I'll give all the help I can give, but all I know is it works well on virtualbox - I haven't touched vmware fusion for years
<semiosis> MetaJake: is this mac a laptop?
<MetaJake> semiosis yes
<semiosis> MetaJake: i.e. is portability a concern or will it always and forever be connected to this very home network?
<RoyK> semiosis: looks like it - it's got en0 and en1, the latter being the wireless
<RoyK> damn - is vmware fusion still commercial?
 * RoyK wonders why people would pay for what virtualbox can do for free
<MetaJake> semiosis, yes I use the laptop very portably, but in this case I would like to try serving from this static location
<semiosis> MetaJake: if you use bridged mode, and set a static ip on the ubuntu guest OS, it may not work when you hook up to another network... in NAT mode, once set up correctly, the ubuntu guest os will always be reachable at your mac's IP address, everywhere
<semiosis> MetaJake: ...on port 80 (HTTP) which IMHO is a simpler network design
 * MetaJake makes changes to network config
<DrDetroit> I am trying to make a replacement server for my very old RedHat machine. I have a ubuntu server 10.04 LTS up and running. I was thinking the best way to continue was to make a new interface and dhcpd file, then remove the working machine, and plug the new one in.
<DrDetroit> I have pasted my proposed config fiels at http://pastebin.com/aNyJMREv would someone be willing to take a look at them and see if they look ok?
<mok0> DrDetroit: can't you just test it?
<DrDetroit> mok0: I can but if it doesnt work then I will have to undo it all to make it work again
<DrDetroit> i was just hoping someone had a few min to look it over and give their opinion
<DrDetroit> this is my first ubuntu server
<DrDetroit> and i am unsure about things
<mok0> I can't see anything wrong with it
<DrDetroit> i figure if i can have internet and dhcp working, then if the old box fails i can just replace it, make a few changes and be ready to rock again
<DrDetroit> then i could configure a firewall
<mok0> DrDetroit: Right
<DrDetroit> not sure now the ip forwarding will work with this config
<DrDetroit> i dont see it anywheres, and i think it belongs in the firewall
<DrDetroit> currently i  run min e in the old box from iptables, but I am afraid my iptables wont run on this new box
<mok0> DrDetroit: It should run
<DrDetroit> really? its a old file from 2002
<DrDetroit> my main box has been extraordinalrly reliable since i started it up
<mok0> DrDetroit: iptables has not changed AFAIK
<mok0> at least not the configuration
<DrDetroit> mok0: thank  you, i will give this configuration a try as soon as I am able
<mok0> DrDetroit: You should get the new box to work before you kill off the old one
<DrDetroit> mok) right, that is why i am trying now, the old box is long in the tooth a Rh 7.3
<DrDetroit> HEHE
<DrDetroit> but works perfectly
<DrDetroit> never had a problem with it
<DrDetroit> but i do want a replacement "just in case"
<mok0> DrDetroit: yeah
<DrDetroit> it does my NAT firewall, mail and web servers
<JasonMSP> Im installing open-dkim to work with postfix and this error pops up and won't allow opendkim to start:
<JasonMSP> dkimf_db_open(): Invalid argument
<JasonMSP> any thoughts?
<MetaJake> semiosis you still around? I finished the tip on that link for giving my VMware Fusion an Incomingtcp of 80.
<semiosis> MetaJake: yeah howd it go?
<MetaJake> i also poked a couple holes in my router, through port 80. but... still having trouble loading up what i BELieve to be my ubuntu-server's static IP.
<MetaJake> the vmware fusion reconfig went well I think. The reboot went ok. and I'm running in NAT mode now.
<semiosis> MetaJake: why mess with the ubuntu server's IP?  it worked fine before when it was probably using dhcp (which i believe is the default out of the box config in ubuntu)
<MetaJake> indeed. I'll go change that back. heh. sry. thanks for getting my brain gears going again
<DrDetroit> mok0: my old iptables is v1.2.8.8.72.3 running on a rh7.3 machine, do you think it will run ?
<zertyui> hello
<zertyui> i setup postfix server
<zertyui> but i can't able to send/receive mail
<zertyui> what i have to check ?
<zertyui> #?
<MetaJake> semiosis, mind checking this address to see if a webpage loads for you? http://192.168.113.136/ if you can.
<JasonMSP> zertyui:  i recommend that you go to #postfix for help.  There is a long list of things that you might need to check.  They will help you there but follow the guidelines and make sure you check your error log and try yourself first using google.  You will get a lot more help if you know your stuff.
<MetaJake> semiosis, scratch that. Apparently its still getting hung up. :\
<bearly230> Hello all, I've got I hope a quick and easy question. I'm running a Ubuntu 10.10 network and need to sync data files with a remote server. I've tried rsync over ssh and that works but only 1 way. What I'm looking for is a 2 way solution. Any suggestions?
<MetaJake> bearly230 I'm new to ubuntu but from the sound of it, syncing files might be accomplished from a version repository software of some sort. maybe GIT or SVN?
<MetaJake> or are you working with content outside the scope of a version repo's function?
<bearly230> MetaJake I havn't heard of those. I've been using ubuntu for quite a while but I'm no expert.
<MetaJake> version repository's are virtual copies of file systems. its not like file transfer like rsync or ftp..
<MetaJake> examples are GIThub.com ... and a popular one called Subversion
<bearly230> MetaJake: no idea how those work. I'll take a look at it. Would nfs over ssh be an option?
<MetaJake> upon establishing a database with their service though, they let you sync up files between locations.
<bearly230> I've got to much data to use an online service.
<MetaJake> i'm not familiar with nfs .
<bpgoldsb> Does anyone know if I can make the alternate installer (netboot) pull udebs from a local server instead of a standard debian mirror?
<bpgoldsb> s/debian/ubuntu
<bearly230> Does anyone have any experence with nfs over ssh or somthing simular?
<CrunchyChewie> bearly230: how much data we talkin
<bearly230> CrunchyChewie, about 350 gb atm. Once synced won't be much to transfer but will need to keep everything synced.
<hggdh> hallyn: available for bit?
<CrunchyChewie> bearly230: 2 way sync?
<bearly230> CruncyChewie: Thats what I'm wanting. I've got 2 users working from different locations. And we need to keep our data synced between our servers.
<hallyn> hggdh: would like 5 misn to finish this test
<CrunchyChewie> bearly230: thats a bit, what type of files
<hggdh> Daviey: involving hallyn, OK?
<bearly230> CrunchyChewie: All kinds. We don't have a lot of new files every day. But they do add up over time.
<hallyn> hggdh: here?
<hggdh> hallyn: no, when you are ready, we will open another channel
<CrunchyChewie> bearly230: ever thought of s3 or something?
<bearly230> Whats s3?
<hallyn> hggdh: ready
<bearly230> CrunchyChewie: Whats s3?
<Daviey> hggdh, yes, hallyn is the best person
<Daviey> for *everything*
<CrunchyChewie> bearly230: amazon cloud storage
<bearly230> Can't afford that. Not in the budget. (
<hallyn> Daviey: no no, i'm useless.  i hear SpamapS is the bomb
<semiosis> MetaJake: i was afk, back now, that IP address you mentioned is private, i wouldn't be able to connect to it
<MetaJake> semiosis, yes. my mistake. .. still working on it over here.
<semiosis> bearly230: rsync <local> <remote>, then do rsync <remote> <local>, to get the two-way sync... read through the rsync manual (man rsync) to get familiar with the options, you'll probably want some of them
<bearly230> semiosis: Thanks I'll keep digging
<Daviey> hallyn, SpamapS is soooo yesterday... you are about to make me really happy :)
<semiosis> bearly230: and by the way, you can use option "-e ssh" to have rsync do the ssh itself (any other way to do rsync over ssh is unnecessarily complicated)
<Daviey> actually, SpamapS... i did want you.. :)
<bearly230> semiosis: Thats what I've been doing. Just hoping I wouldn't have to turn around and reverse it. But guess I will
<MTeck> So... I have a vmware virtual machine. Someone added some space to the virtual hard disk. LVM sits on top of that. How can I get that virtual disk grown?
<MTeck> I'm guessing the first step is to get linux to see that the physical disk has changed
<guntbert> alcuadrado: no need to be sorry, but here you will get better server specific help
<alcuadrado> hi there! I've just removed the old kernels from a server (because /boot had no more space available) and then rebooted it, now it doesn't start :s
<alcuadrado> yes, I see guntbert, thanks :)
<guntbert> alcuadrado: what happens when you boot it?
<alcuadrado> I don't have it here, that's the problem
<alcuadrado> I've asked for a hardware reboot right now, just in case it's some bug in the housing panel
<guntbert> I doubt that, can you look at the boot process? Can you get to the grub menu?
<semiosis> MTeck: is your virtual disk partitioned so that the LVM pv is just one partition, or is the LVM pv the whole disk?
<alcuadrado> let me check that
<alcuadrado> it's working now guntbert :)
<alcuadrado> don't know how it took so much
<MTeck> semiosis: partition
<semiosis> MTeck: then your expanded disk probably has new unpartitioned space at the end, beyond the end of your existing partition
<guntbert> !yay | alcuadrado
<ubottu> alcuadrado: Glad you made it! :-)
<alcuadrado> yeah, I was kind of mad about that haha
<alcuadrado> it's a sever of a client I'm leaving
<semiosis> MTeck: so you can create a new partition from that free space, create a new LVM pv in your vg, then expand your lv, then fsck the lv, then resize2fs the lv
<alcuadrado> take a look at this: http://pastie.org/1740932
<alcuadrado> is that normal?
<MTeck> semiosis: when I do fdisk -l /dev/sdb I see the size of sdb1 which is using 99GB and reports the disk size is 107.3GB.. but 500GB was just added
<MTeck> i can look at vmware and see that there's 600GB allocated to it
<MTeck> 610.25*
<semiosis> MTeck: i'm not sure about this, but i suspect something needs to get reset for it to see all the extra space, maybe detach/reattach, maybe a reboot, hopefully someone else more familiar with vmware can sort that out
<guntbert> alcuadrado: no quite - use aptitude (interactive mode) to resolve it
<MTeck> ooooh.......
<alcuadrado> ok, thanks :)
<MTeck> it looks like maybe it was added as a third hard disk
<alcuadrado> a dist-upgrade solved it :)
<MTeck> but fdisk -l doesn't see that disk
<MTeck> so....
<semiosis> MTeck: oh thats nice
<semiosis> MTeck: wait, how do you see it added as a third disk if fdisk doesn't report it?
<MTeck> semiosis: vmware vsphere (client interface)
<MTeck> i can look, but can't actually manage anything there
<MTeck> semiosis: is there any way to just probe for new hardware?
<semiosis> MTeck: reboot?
<RoyK> MTeck: non-hotpluggable hardware won't be seen until a reboot
<RoyK> so if you jam a pci card into your system while it's running, you (a) won't see it and (b) may fuck up the motherboard badly
<semiosis> RoyK: in case you missed it, he's running in vmware vsphere, trying to get the system to recognize a new virtual disk
<RoyK> sorry, I missed that
<RoyK> I don't know vsphere
<RoyK> linux (including ubuntu) supports hotplugging devices
<RoyK> but then, if vshphere doesn't deliver an api compatible with linux, you'll need a reboot
<RoyK> last I checked, vmware only supported redhat, so that may be an issue
<MTeck> YAY
<MTeck> semiosis: RoyK: echo "- - -" > /sys/class/scsi_host/host0/scan
<semiosis> MTeck: cooool!
<ejv> qman__: you available? :)
<ejv> that raid6 initialization/resync we discussed yesterday, well looks like im getting some read errors
<ejv> http://dpaste.com/527511/
<ejv> (dmesg output)
<zertyui> hello there
<zertyui> who knows about postfix with mailutils ?
<zertyui> hello
<ejv> is it possible to mark a drive as failed in mdadm, during a resync? so that the raid6 can function with 3/4
<zertyui> anyone know about
<zertyui> postfix ?
<zertyui> i configured postfix with mysql
<zertyui> i create user etc ...
<zertyui> but using thunderbird the password not working
<zertyui> what to do ?
<zertyui> hello anyone there ?
<EvilPhoenix> zertyui:  be patient
<EvilPhoenix> zertyui:  if someone has a solution, they'll answer
<EvilPhoenix> zertyui:  in the mean time, did you check in the postfix channel/
<EvilPhoenix> ?
<zertyui> there is no one there
<zertyui> do you know on post fix ?
<Delemas> Anyone know what could cause sudo to delay 3 minutes before running a command? DNS is working properly.
<zertyui> well
<zertyui> who know about my sql ?
<KMFrog> higiez, does ubuntu server support SSD trim?
<ignarps> KMFrog, linux kernel > 2.6.33 should have trim support
<KMFrog> ignarps, thanks, do I need to use a specific file system?
<KMFrog> google says Ext4 and Btrfs, that will do. thanks for your help ;]
<ignarps> KMFrog, xfs as well
<ignarps> still waiting on md raid support for TRIM though :(
<Delemas> It seems it might have been a ldap issue. Thanks anyways...
<ignarps> Delemas, nscd can help cache some ldap stuff for you if your ldap server times out from time to time :)
<sparc> Hmm, if we want a backport of something like Puppet, from Maverick to Lucid
<sparc> that isn't already a backport
<soren> How do you figure that?
<soren> Err..
<soren> Ignore me.
<sparc> does it seem like it might be possible to get the source deb, and try to build it and install it
 * soren can't read.
<sparc> or maybe that's Madness, and I should be just repackaging something from reductivelabs
 * sparc doesn't know "How it's Usually Done"
<kirkland> zul: hey, did you end up fixing https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/741661 ?
<uvirtbot> Launchpad bug 741661 in cobbler "Web UI does not work from default install (2.1.0~bzr-2009-0ubuntu1)l" [Medium,Fix released]
<kirkland> zul: i'm looking at the code now
<kirkland> zul: and it looks like at least part of it is fixed
#ubuntu-server 2011-04-01
<RoAkSoAx> kirklandi here waiting for shuttle to take me to airport
<RoAkSoAx> i mean hotel
<pHro> hello
<panfist> is there any info on best practices regarding system time?
<panfist> i vaguely remember reading about how it should be set to gmt in BIOS and in the os stored as an offset from that or something...?
<kirkland> RoAkSoAx: cool
<kirkland> RoAkSoAx: ping me when you're at the hotel
<RoAkSoAx> ykirkland will do im still on my way
<kirkland> zul: i can't build cobbler more than one
<kirkland> zul: the build leaves a bunch of garbage around
<kirkland> zul: and are we still using lp:~ubuntu-virt/cobbler/ubuntu ?
<kirkland> zul: it looks out of date
<Jasonn> Ok, well I ALMOST got PPTP VPN service to work on my server, just i cant connect to it
<jeeves_moss> how do I set up a local DNS server behind a NAT?
<kirkland> zul: can you get that branch fixed so that I can work on a couple of bugs?
<pmatulis> Jasonn: PPTP?  are you serious?
<jeeves_moss> how do I set up a local DNS server behind a NAT?
<uvirtbot> New bug: #746847 in cobbler (universe) "cobbler packages don't rebuild" [Medium,In progress] https://launchpad.net/bugs/746847
<Jasonn> pmatulis: Yeah
<Jasonn> pmatulis: Why?
<uvirtbot> New bug: #746854 in cobbler (universe) "upgrades broken if symlinks exist, one symlink is plain wrong" [High,Fix released] https://launchpad.net/bugs/746854
<e_t_> jeeves_moss: there are two options for DNS that I know about. One is Bind9, essentially THE standard of DNS. The other is dnsmasq. In my opinion, dnsmasq is easier to configure. Once you have your DNS server running, you just have to point your client machines to use it. This can be done either manually or through DHCP.
<jeeves_moss> e_t_, can you point me to a simple "how to" URL
<e_t_> jeeves_moss: There's this for Bind: http://news.softpedia.com/news/How-to-Host-Your-Own-Domain-With-Bind9-on-Ubuntu-49585.shtml
<e_t_> jeeves_moss: For dnsmasq, just install it and read the /etc/dnsmasq.conf file. It has extensive explanation and instructions in the comments.
<aliverius> i get a lot of hdd usage on my generally idle server
<aliverius> how can i see what processes use it?
<e_t_> There is a program called iotop that shows (more or less) which processes are writing to the disk and how much.
<MetaJake> something keeps changing my /etc/resolve.conf to a different nameserver then the one I save it as...  any idea what might be causing this?
<Jasonn> What is something useful i can throw on my server>
<Jasonn> ??
<e_t_> MetaJake: check to see if you have the package "resolvconf" installed. NetworkManager also makes changes resolv.conf.
<MetaJake> e_t_ I see thank you
<e_t_> Jasonn: what do you want your server to do?
<Jasonn> anything useful
<Jasonn> Not: seedbox, apache, proxy, vpn
<e_t_> You could make it a virtual machine host with kvm.
<Jasonn> only has 10GB dick space
<Jasonn> disk**
<Jasonn> lol;
<e_t_> CUPS would make it a print server.
<Jasonn> its a VPS, so dont really have a printer
<e_t_> If it's got more than one Ethernet card, you could turn it into a router.
<Jasonn> Hmmm
<Jasonn> It doesnt
<Jasonn> lol
<Jasonn> Its a server outside of my network, in a diff country
<Jasonn> Anyways, Im thinking of something awesome, along those lines
<Jasonn> like
<Jasonn> :(
<e_t_> If you play World of Warcraft, you could set up your own server with bnetd.
<Jasonn> Hmm
<Jasonn> dont play
<Jasonn> it
<Jasonn> D:
<Jasonn> something to do with networking
<e_t_> After eliminating Apache, proxy, and VPN, there's not much left.
<e_t_> Do you want to try an email server?
<Jasonn> Yesh
<e_t_> Or IRC?
<Jasonn> Could i host a server for freenode
<Jasonn> with only 256mb ram?
<e_t_> That's probably below what they'd like. They also want at least 1.5Mbit up and down connection speed. You could ask them.
<Jasonn> nope
<e_t_> Is this a personal project, or is it work-related?
<Jasonn> personal
<Jasonn> just to gain knowledge and stuff
<e_t_> You're paying for a VPS "just to gain knowledge?" That sounds expensive. I just have an old laptop with a busted screen for my server.
<Jasonn> Its $5/mo
<Jasonn> really not much
<Jasonn> plus 20% off
<e_t_> Mine is $0/month.
<Jasonn> I have a server at home too
<Jasonn> Its just i run a website too
<Jasonn> So i want it for that
<Jasonn> and actually, your probably costs you more in electricity bills than mine does in total u.u.
<Jasonn> plus, i dont have a fast connection at home
<e_t_> An email server is really easy to set up (if you already have a domain). In Ubuntu, the default mail setup is Postfix for SMTP and Dovecot for IMAP/POP3. You can also use Exim4. Either one will prompt you for information during installation and you should be up and running quickly.
<Jasonn> Hmmm
<MetaJake> e_t_ sorry to wander away there. I'm just testing elementary functions of apache.. httpd, php mysql. eventually I will be using python and its' webdev frameworks. but...
<Jasonn> But then the reverse DNS of the server would have to be the one of the email?
<Jasonn> brb
<MetaJake> i made some changed to some apache config files and now /etc/resolve.conf keeps changing on me like i said and I can't get a connection to my internet at all.
<e_t_> Jasonn: Actually getting your mail accepted by other servers (Gmail, Yahoo, Hotmail) is a different matter.
<e_t_> MetaJake: resolve.conf only affects DNS resolution. Try "ping -c 4 72.14.213.105" (google.com). If that fails, then DNS is the least of your problems.
<MetaJake> ok. actually I just got my connection back (tested using apt-get update)
<MetaJake> ... I think  I'm back in business.. I had made some changes to the configuration of my virtual machine that I forgot about.
<MetaJake> been a spaghetti sort of day.. in all its learning
<e_t_> OK. What you could do is make resolv.conf how you want, then "sudo chmod 444 /etc/resolv.conf" to prevent even root from writing to the file afterwords.
<MetaJake> ah, i gotcha. Nice tip, I'm writing that down for next time, similar situation
<Jasonn> e_t_: THen how do i get the mail accepted?
<e_t_> I don't know. I have my server set to use Gmail as a smarthost. Gmail then trusts my server because I gave it my login credentials, and everybody else just gets a message from my Gmail account.
<e_t_> Jasonn: http://www.techrepublic.com/article/get-it-done-host-your-own-e-mail-server/5032914
<e_t_> It's not a how-to, but it's got useful information.
<e_t_> Also, http://serverfault.com/questions/9594/cannot-send-email-to-hotmail-or-msn-addresses
<Jasonn> e_t_: How do i install it?
<e_t_> Which?
<Jasonn> mail server
<e_t_> Do you want Postfix or Exim4?
<Jasonn> difference?
<Jasonn> e_t_: ^
<Jasonn> difference?
<e_t_> Exim4 offers (I think) a more detailed installation. Postfix is Ubuntu's default mail server; Exim4 is Debian's.
<Jasonn> Ill take exim
<Jasonn> just apt-get install exim4 ??
<e_t_> I think so.
<Jasonn> dont work
<Jasonn> It gives me an error, but i cant copy and paste because putty doesnt let me
<e_t_> You're in Windows? take a screenshot of the putty window.
<shauno> putty lets you; drag to select & it goes straight into the clipboard  (it's more difficult to tell it to _not_ copy)
<Jasonn> Can i get a domain, and set the a records to 192.168.1.140 and then when im in my local network, it will go to 192.168.1.140??
<thesheff17> Jasonn: yes I do it all the time.
<Jasonn> Works?
<Jasonn> Thanks
<e_t_> No. Any address beginning with 192.168 is not routable on the Internet. You need a static public IP.
<Jasonn> :OO
<Jasonn> Then what can i do
<Jasonn> ?
<e_t_> How do you connect to the server?
<thesheff17> Jasonn: I create domain names all the time that are webServerPriv.domain.com -> 192.168.7.15 and it works fine.
<shauno> the "when I'm in my local network" bit is real relevant there.  you can put any address you want in the A record.  you'll only be able to reach it from places it's routable tho
<thesheff17> A host records
<Jasonn> e_t_: Local server
<e_t_> I thought this was your VPS.
<Jasonn> nope
<Jasonn> talking about another serrver
<e_t_> OK. If you want a server on your LAN to just do stuff on the LAN, you don't need a domain at all. If you want people on the Internet to be able to email you though, you need a registered domain name and a public IP address. You will then configure your router or gateway with the public IP address and forward all traffic to the server on the LAN.
<pHro> i like this channel much better than #ubuntu, much better conversation
<uvirtbot> New bug: #746963 in clamav (main) "package clamav-base (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/746963
<itsNe> Hi! Are there any sendmail guru's on?
<qwebirc44173> How can I disable all the power management ?
<mithran> hi can someone suggest me a good native tool to use for ubuntu as a client, to take ssh/telnet of an appliance and store the logs, execute commands, set term type, , etc?...I already tried teraterm via wine and putty, but is there any other tool that maybe better?
<mithran> the client will be run on ubuntu 10.04 desktop
<qwebirc44173> ^
<mithran> hi  qwebirc44173: is xshell any good, ive seen some people run it?
<xampart> a bit of a problem with dovecot+postfix vacation autoreply: our mailaddresses are the form $firstname.$lastname@$domain and they are delivered to $user@$dovecot.server. when i use sieves autoreply, the from-address in the reply message is $user@$dovecot.server, not the proper mail address.
<xampart> is there a way to use the $first.$last@$domain in reply messages from-address?
<shaggy2> hey guys, I need to change the ip address in bind files from 192.168.0.8 to a different ip is there a quicker way to do it?
<shaggy2> better explination, I have about 15 bind9 database files, all with about 10 refferences to 192.168.0.8 I want to know if there is a quicker way to change it rather then manualy opening every file
<andreasf_> shaggy2: Something like "sed 's/192.168.0.8/192.168.0.100/' < file1 > file1.new"
<soren> Or "sed -i"
<soren> Also, s/192.168.0.8/192.168.0.100/ might replace 192.168.0.87 with 192.168.1007, for example.
<soren> So: Be careful.
<shaggy2> wouldn't that copy the file and apply the changes in the new file?
<soren> shaggy2: andreasf_'s solution would put the changes into a new file (which you can then proceed to rename, if you're happy with the changes).
<andreasf_> Back up your original files before attempting this :-)
<soren> shaggy2: "sed -i -e 's/blah/blah/g' file.conf" will act on file.conf in-place.
<shaggy2> I might just stick with the way I know. might be safer. if I stuff something up I was planning to format anyway, I thought I would just try to change the ips so I didn't have to, bind 9 aint the only thing that needs to be changed
<_ruben> use 'sed -i~', it'll backup the existing files with the ~ suffix
<qwebirc44173> How can I disable all the power management/saving ?
<soren> qwebirc44173: Why?
<qwebirc44173> soren: problem shutting down.
<qwebirc44173> soren: we are discussing at #ubuntu
<soren> qwebirc44173: So you want to disable power management so that you can be sure it won't shut down?
<qwebirc44173> lol
<qwebirc44173> I want to be sure it shuts down*
<soren> qwebirc44173: This makes no sense.
<qwebirc44173> soren: power saving
<soren> qwebirc44173: It's sort of like removing the wheels from your car, because you don't feel it's driving very well.
<qwebirc44173> soren: how to disable power saving
<qwebirc44173> maybe it's the problem. i need to know
<soren> Powering off is power management.
<soren> If you're talking about CPU throttling, that's a different story.
<soren> I'm not sure you can thoroughly disable CPU throttling or frequency scaling.
<soren> It used to be a module, but I think it's built-in no.
<soren> now.
<soren> qwebirc44173: You could talk to the good folks in #ubuntu-kernel.
<qwebirc44173> ok
<qwebirc44173> thanks
 * sky1 is looking for an user which has experience with the tracking issue software Request Tracker  /msg me
<huats> morning
<jamespage> ttx: hey - snap!
<ttx> jamespage: snap?
<ttx> oh :)
<jamespage> :-)
<ttx> jamespage: young padawan needs to learn more if he wants to be as fast as the jedi master
<jamespage> I think we must have been looking at it at exactly the same time - I though I had discovered a new 'feature' in launchpad that recognised the words 'duplicate' and 'bug xxx' and did automagic stuff :-)
<soren> sky1: If you really want help, I suggest you just start explaining your problem.
<soren> sky1: Even if I was a requesttracker expert, why would I /msg you?
<sky1> hm... ok
<soren> sky1: Here, in the channel, there are tons of people who can help. If I get bored along the way, someone else can pick up where I left off. What would be my motivation to give that up?
<sky1> i would like to use a template  from an copy of a document for Improvement suggestions for RT..  it's no problem to convert these in a format like html or sth like that ... if i do so is it possible to integrate these html document  for a ticket creation in RT?
<soren> sky1: For stuff like that, I recommend looking at one of the requesttracker mailing lists:
<soren> http://bestpractical.com/rt/lists.html
<sky1> ok ...thnx
<eagles0513875> hey guys whats the name of the mod_zlib package for php on lucid?
<_ruben> eagles0513875: there is none, as it's built in
<eagles0513875> ok is it enabled by default or do i need to go digging around in the php.ini file
<_ruben> i assume it's enabled by default
<eagles0513875> ok will dig around in php.ini
<eagles0513875> thanks
<volkan> How do i remove a package pin? Can i just delete the /etc/apt/preferences.d/ files?
<volkan> I checked the documentation but the method proposed doesn't work: echo PACKAGE_NAME install | dpkg --set-selections returns nothing and after apt-get update apt-cache policy PACKAGE_NAME is still set to the pinned version...
<qwebirc44173> output of /sys/power/disk is test testproc [shutdown] reboot
<qwebirc44173> is this the reason I cant shutdown the system properly?
<qwebirc44173> ...........
<rickspencer3> Daviey, hey, beta 1 is out, what's the word on the street wrt server?
<Daviey> rickspencer3, haven't yet had much community feedback.. which isn't uncommon... looking at the incoming bug count, looking reasonable.  the beta1 qa'ing is looking pretty good.
<Daviey> rickspencer3, The documented (release notes) eucalyptus bug should now be fixed in the archive, so apt-get upgrade away
<rickspencer3> Daviey, nice!
<qwebirc44173> Allocate IRQ for PCI VGA on
<rickspencer3> Natty! Natty! Natty!
<qwebirc44173> good?
 * Daviey passes rickspencer3 a pair of pompoms.
<ttx> Daviey, zul: saw http://www.stackops.org/ ?
<ttx> Daviey, zul: Lucid-based openstack ISO, with agent-based post-install config
<Daviey> ttx, I did!  I downloaded the iso.. not had a chance to complete installation with beta1 this week.
<Daviey> but thanks for pointing it out.
<zul> ttx: yep
<jamespage> Daviey, ttx: we have had quite a few reports of bug 654549
<uvirtbot> Launchpad bug 654549 in tomcat6 "Tomcat6 fails to upgrade if JAVA_OPTS contains /" [Low,Confirmed] https://launchpad.net/bugs/654549
<jamespage> The fix is quite small; SRU worthy?  Happy to handle if you think so
<Daviey> jamespage, looking
<jamespage> Daviey: this is the fix - http://pastebin.com/Bq6tHhW6
<Daviey> jamespage, is it just upgrades or new installs aswell?
<jamespage> So it would be upgrades only where extra stuff has been added to /etc/default/tomcat6 with '/' characters
<jamespage> normally JAVA_OPTS
<Daviey> jamespage, So the only catchment is people updating from lucid -> maverick?
<jamespage> Daviey: yes - and people applying security fixes to based Maverick installs which have had extra options added
<jamespage> TBH it probably impacts Lucid as well
 * jamespage goes to look
<Daviey> Ah, if it does, and the fix looks trivial - and backported, shoot for it :)
<jamespage> So this was added in Maverick by the looks of things - so does not impact Lucid
<jamespage> Daviey: ^^
<Daviey> jamespage, ahh... looks totally Fix Released then?
<jamespage> Daviey: fixed release in Natty; however Maverick still has the issue
<jamespage> Lucid not impacted
<Daviey> jamespage, It doesn't seem that high impact to me... but if you have the patch, and can throw out the SRU dance, comments... seems a good idea.
<jamespage> Daviey: well it can be worked around but it is annoying - I'll stick it on my list as low priority - have some ec2 testing stuff todo from beta-1 testing.
<Daviey> jamespage, ec2 testing, fixes or using it?
<jamespage> daviey: changes to the way it runs; broader use during beta-1 threw up a few things that don't work so well.
<Daviey> Oh dandy.
<jamespage> daviey: going to move to a new type of Jenkins project for it to make reporting easier - http://jenkins.qa.ubuntu-uk.org/job/natty_server_ec2/
<Daviey> jamespage, Am i able to sign up to get mails on failures?
<Daviey> That reporting matrix looks good!
<jamespage> daviey: I think we should get some mailing lists setup for failure notifications - what do you think?
<Daviey> jamespage, That sounds a really, good idea
<jamespage> ack
<Daviey> jamespage, Is it looking like your jenkins instance will cover more than just server eventually?
<jamespage> daviey: TBH it already is - we have desktop and alternate ISO testing running in it at the moment
<Daviey> Ah, i didn't know that had been achieved...
<jamespage> daviey: it does not really fit into a t1.micro any more - I broke it yesterday when I used a new Jenkins feature - it ran out of memory....
<Daviey> jolly good :)
<doko_> what is the status of xen in main? still at -3.3?
<raphink> rpinson@rpinson:~$ rmadison xen-3.3 | grep natty
<raphink>    xen-3.3 | 3.3.0-1ubuntu13 |         natty | source
<doko_> ahh, there is a patch in the bug tracker ...
<doko_> server team, please have a look at the openldap and postfix build failures
<qwebirc44173> I need help enabling APM support!
<qwebirc44173> please!
<soren> qwebirc44173: What sort of hardware are we talking about?
<qwebirc44173> amd pcchips 810lmr
<qwebirc44173> m810lmr
<qwebirc44173> it supports APM
<soren> What processor is it?
<qwebirc44173> soren: http://www.ciao.co.uk/Productinformation/PCCHIPS_M810_LMR__5409872
<jmazaredo> 0 0 * * 1-6 am I right? this will run the program at midnight every monday to saturday except sunday?
<qwebirc44173> jmazaredo: man crontab
<jmazaredo> ya i did that im just confused
<qwebirc44173> theres a bunch of guides on the internetz
<zul> Daviey: the ftbfs is a transient error i think
<RoAkSoAx> mornin all
<Doonz> is there an open source alternative to cpanel?
<semiosis> Doonz: webmin, maybe
<semiosis> hi RoAkSoAx
<Doonz> semiosis: any recommendation on a vm server? don twanna use vmware
<Doonz> is virtual box decent?
<semiosis> Doonz: i havent used virtualbox, just vmware and centos xen.  have you checked out ubuntu enterprise cloud?  i plan on setting that up sooner or later
<Doonz> im just starting to play around with it
<iclebyte_work> Doonz, yes it is
<iclebyte_work> very handy
<iclebyte_work> I've run production VM's on it too
<iclebyte_work> my experience has been that it's a solid product
<MagicFab> hi all - if anyone speaks French here, you're invited to contribute to this translation (SAGE Sysadmin code of ethics): si qq'un veut participer Ã  cette traduction, vous Ãªtes invitÃ©s: http://sketchpad.cc/PPM2DE5gDL
<RoyK> MagicFab: #ubuntu-fr might be worth a try
<MagicFab> RoyK, tx, I am inviting a few people
<kirkland> cjwatson: hi, do you have an idea when you'll rebuild d-i for beta2?
<cjwatson> I'll do it now
<zul> Daviey: yeah so openldap ftbfs is bogus
 * rcconf hello all
<RoyK>  
<rcconf> How can I use Ubuntu Server as Live CD?
<RoyK> you can't
<rcconf> no?
<rcconf> I just want to get to cli
<RoyK> oh
<rcconf> :)
<RoyK> press alt+left
<RoyK> s/left/right/
<RoyK> or alt+f<something>
<rcconf> RoyK: in the first menu?
<RoyK> I think you have to go through the language settings before the terminals spawn
<rcconf> RoyK: where it say
<rcconf> s
<rcconf> Try Ubuntu
<rcconf> no
<RoyK> or even - choose 'repair' in the menu
<rcconf> it only shows Install
<rcconf> etc
<RoyK> ubuntu server doesn't have the 'try ubuntu' choice (iirc)
<rcconf> yes it doesnt
<rcconf> so how I do boot and access the disks
<RoyK> but if you choose install, and then go through the kbd/language settings, new terminals should be available on virtual terminal 2-4 IIRC
<genii-around> 2 and 3 I think, 4 used to be for error messages from the install, etc
<rcconf> RoyK: there is recue mode and stuff
<RoyK> rcconf: that's the easy way, yes
<rcconf> http://www.cyberciti.biz/faq/howto-boot-ubuntu-linux-rescue-mode/
<RoyK> rescue will prompt for a root partition and mount that
<rcconf> RoyK: it didnt mount
<rcconf> dont know why
<RoyK> well, if you get a terminal, then just mount it yourself :)
<RoyK> cat /proc/partitions
<RoyK> that'll show you what's there
<rcconf> k
<RoyK> rcconf: any luck?
<rcconf> no
<rcconf> RoyK: cat proc shows the partitions
<rcconf> now what i do?
<RoyK> mount <dev> <mountpoint>
<rcconf> mount sda /media/ ?
<rcconf> mount sda /mnt/
<rcconf> or sda1
<RoyK> sda is the drive
<RoyK> sda1 is the first partition
<rcconf> yes
<RoyK> mountpoint can be anything
<RoyK> I guess /mnt should do fine
<RoyK> even /asdf will do :P
<rcconf> RoyK: mount /dev/sda1 /media/ mount fail
<rcconf> invalid argument
<RoyK> rcconf: pastebin /proc/partitions
<rcconf> cant
<RoyK> well, what partitions do you have there?
<rcconf> oh i will try the home partition
<RoyK> if in doubt, run a fsck on them first
<rcconf> :)
<rcconf> i was trynig to mount swap
 * rcconf facepalms
 * RoyK hands rcconf a beer :)
 * rcconf drinks water
<rcconf> :D
<jacobfogg> We currently have 9 web/db servers and I am trying to map them out and am looking for some advice as to what to include in my report... I have a good start, but don't want to miss anything worthwhile...
<ttx> daviey, zul: if you want to have parallel LXC/KVM support in openstack, you should probably +1 the "Re: [Openstack] heterogeneous instance types" thread
<RoyK> jacobfogg: start off with distro/kernel versions, list of installed packages and perhaps an OpenVAS scan
<zul> ttx: done and done
<jacobfogg> RoyK: got everything but the scan so far.
<jacobfogg> I also have hardware specs: Proc's, Ram, HD's
<RoyK> lshw is nice for that
<jacobfogg> Nice! ... I also have Internal/External IP's, Primary and secondary (if applicable) purpose
<RoyK> OpenVAS can be a bit paranoid, so try to weight those alerts on your mental scales :P
<a456> hey everyone, i have an ec2 instance on amazon with ubuntu, i see my test page for apache, but inside of /var/www/ i see folders for cgi-bin, html but nothing inside them, any idea where the page is served from
<RoyK> jacobfogg: make sure you run chkrootkit on those machines as well
<RoyK> a456: check the apache config
<jacobfogg> Thanks =)
<a456> RoyK: i cant find the apache2 config
<RoyK> a456: /etc/apache2
<raphink_afk> grep -r "cgi" /etc/apache2
<a456> hmm -bash: cd: /etc/apache2: No such file or directory
<raphink_afk> how did you install apache?
<RoyK> a456: perhaps lighttpd is running?
<a456> it was preinstalled on amazons ec2 image
<a456> http://50.17.186.175/
<RoyK> lol - that's fedora
<a456> so its apache
<RoyK> not ubuntu
<a456> oh fuck
<a456> hah
<a456> sorry ive been up since 4am working /west coast time/ grr
<RoyK> a456: /etc/httpd
<RoyK> a456: and perhaps /j #fedora :P
<raphink_afk> ;-)
<a456> thx guys hah
<a456> i was confused because any host ive had had a test page liek that but included an html file
<a456> that was served via the server? the dir was emtpy which is why i was co nfused once i "touch index.html"
<a456> i could see, thanks!
<jamespage> hggdh: around?
<Nafallo> hallyn: hi. I've just updated bug 746497
<uvirtbot> Launchpad bug 746497 in libvirt "libvirt installs firewall rules on package upgrades" [High,Incomplete] https://launchpad.net/bugs/746497
<Nafallo> hallyn: hopefully that's all of the questions answered...
<RoyK> heh - starting an openvas scan on this old single cpu machine: load average: 57.30, 53.72, 39.70
<Kiall> RoyK, didn't you're parents talk to you about playing with matches? The same rules apply to what you're doing right now ;)
<RoyK> Kiall: lol
<RoyK> Kiall: just scanning a network I manage :)
<RoyK> but from the outside to see if there are any cracks
<Kiall> ... and starting a fire at the datacenter that server is hosted at while you're at it ;)
<RoyK> haven't seen a server that can't handle 100% load yet
<RoyK> anyone that produces a server that stops at 50% should be hanged
<Kiall> I have .. and it did end in a fire too .. but it was a crappy old dust filled desktop someone was doing stupid shit with ;)
<RoyK> then the problem probably was noone had vacuumed the server recently...
<RoyK> dust can be quite a bitch
<hggdh> jamespage: now I am
<cjwatson> kirkland: uploaded a new debian-installer; should be ready for tomorrow morning's daily builds
<kirkland> cjwatson: rock, thanks
<kirkland> cjwatson: will test then
<hallyn> Nafallo: so restarting libvirt-bin did reinstate the routes right?
<Nafallo> hallyn: routes? who talked about routes?
<hallyn> Nafallo: filter rules i meant
<hallyn> all right well let me try to reproduce
<hallyn> thanks for the info
<Nafallo> it did indeed, yeah :-/
<RoAkSoAx> SpamapS: any ideas why this is showed? while upgrading eucalyptus start: Unknown parameter: IF
<RoAkSoAx> start: Unknown parameter: IFACE
<Daviey> RoAkSoAx, It has always done that, it's when, aiui, an emit doesn't fill $iface... the problem is that upstart doesn't let it pass unoticed now
<Daviey> not sure of the fix tho :)
<SpamapS> hmm
<SpamapS> is IFACE used in the script/exec lines?
<Decepticon> is amazon AWS doing some april fools joke? i cant login since april 01 12:00 or ping the httpd
<Decepticon> it shows as a running instance though
<RoAkSoAx> SpamapS: no it is not
<RoAkSoAx> SpamapS: this is the job http://paste.ubuntu.com/588357/
<RoAkSoAx> SpamapS: ARGH.. this one.. http://paste.ubuntu.com/588358/
<RoAkSoAx> SpamapS: but the upstart job has not changed in quite a while
<RoAkSoAx> and because of that, the upgrade /install in natty fails
<Daviey> SpamapS, IFACE is not used... previously that was not a problem with upstart... it would give a warning, but not fail to start
<SpamapS> oh but it *IS* used
<Daviey> SpamapS, interetingly, when i appended IFACE=eth0, it still blocked
<SpamapS> instance $IFACE
<Daviey> SpamapS, yeah
<SpamapS> thats very very important
<Daviey> but in natty, it matters that it's not provided
<SpamapS> Its *critical*
<Daviey> in <natty, it didn't
<SpamapS> and actually a good thing that its refusing to start
<Daviey> SpamapS, it wasn't critical pre-natty
<SpamapS> its exposing a confusing thing though
<SpamapS> why is it used in instance, and not in the scripts
<Daviey> SpamapS, one moment
<SpamapS> I'd like to see a comment explaining that added to the file
<Daviey> SpamapS, it gave a warning before natty, but didn't fail...  I questioned it during the cycle, but because it worked - we just carried on with it.
<Daviey> as a unknown :/
<SpamapS> It looks like the script needs to run multiple times.. every time a net-device-up runs..
<SpamapS> So, you just need to add this
<SpamapS> env IFACE=manual-start
<Daviey> SpamapS, well yeah, but postinst, we don't emit the interfaces
<Daviey> SpamapS, Ahh!
<Daviey> SpamapS, to the postinst or the upstart job?
<SpamapS> upstart job
<Daviey> SpamapS, when was that introduced?
<SpamapS> that way any time somebody runs 'start eucalyptus-network' it works
<SpamapS> Daviey: natty of course. :)
<SpamapS> it bit me a few times as well
<Daviey> SpamapS, ok.. but doesn't change anything else?
<SpamapS> No, as you guys have noted, its not used anywhere else.
<Daviey> ie, the current job works as is, after a reboot.
<SpamapS> I see the point of the thing..
<SpamapS> its saying "check to see if there's a default route every time a net device is up"
<Daviey> oooo
<SpamapS> and w/o the instance stanza, it would race if multiple interfaces came up
<SpamapS> I would suggest that it be   'start on net-device-up IFACE!=lo' .. since the code makes no sense on loopback only.
<Daviey> SpamapS, so add both of them entries, the env and amend the start on line?
<Daviey> hggdh, are you around?
<hggdh> Daviey: always
<Daviey> hggdh, :D
<Daviey> hggdh, Are you free? :)
<hggdh> expept, of course, when I am elsewhere
<hggdh> Daviey: I was until now. But, mind you, I am married
<Daviey> heh
<hggdh> Daviey: what can I do for you?
<Daviey> hggdh, Are you able to re-provision these machines, with stock beta1?
<Daviey> well.. actually.. only cempedak actually.
<hggdh> Daviey: hum. For stock beta1, it might be better to reinstall
<hggdh> no biggie
<hggdh> (I ran a dist-upgrade, and some other packages got upgraded as well)
<hggdh> Daviey: give me ~ 20 min, and we will be all set
<Daviey> hggdh, yeah.. cempedak uncovered an upgrade issue
<hggdh> Daviey: just what we needed
<Daviey> hggdh, think we have a fix, thanks to SpamapS .
<Daviey> just need to test it
<hggdh> Daviey: installing stock beta1 now
<Daviey> hggdh, groovy
<kirkland> RoAkSoAx: ping
<RoAkSoAx> kirkland: pong
<kirkland> RoAkSoAx: i'm going to head your way shortly
<kirkland> RoAkSoAx: sorry, i've been caught up here all day :-(
<RoAkSoAx> kirkland: no worries :)
<kirkland> RoAkSoAx: did you find some good wifi at a coffee shop?
<kirkland> RoAkSoAx: there's some good places around there
<RoAkSoAx> kirkland: actually end up staying in the room :). But, the Java Jives cafe seems like a good polace
<kirkland> RoAkSoAx: it's a beautiful day though!
<RoAkSoAx> and its right next to the hotel
<kirkland> RoAkSoAx: i'm going to come pick you up
<kirkland> we'll get you out the hotel shortly
<kirkland> RoAkSoAx: once again, my apologies
<RoAkSoAx> kirkland: no worries, was working here too :) and btw.. robbiew said he might be coming too
<kirkland> RoAkSoAx: cool
<kirkland> robbiew: want to meet us at Austin Java on Barton Springs road?
<robbiew> nah...I need to drop off stuff at the venue
<kirkland> robbiew: I figured we'd finish the work day there, or at Uncle Billy's before heading over to Threadgills
<kirkland> robbiew: ah
<robbiew> kirkland: they having the speaker's dinner at Threadgills again?
<kirkland> robbiew: yes, but Riverside location, at least
<kirkland> robbiew: which is better than the original
<robbiew> ah, very nice
<robbiew> for sure
<kirkland> robbiew: do you need help @ the venue?
<kirkland> robbiew: either today or tomorrow?
<robbiew> not today...as for tomorrow, I can't sit there all day...but have folks lined up to man the booth
<robbiew> just given out CDs at the table
<robbiew> and ubuntu lanyards as bag swag
<RoAkSoAx> robbiew: my presentation is afternoon so I can be there most of the morning
<robbiew> ok
<SpamapS> hmm
<SpamapS> isn't 'telinit 1' supposed to bring down the network?
<SpamapS> Daviey: sorry yeah, I'd say both changes would be good. Though the start on change may need some more thought/testing than we can put in between beta1 and beta2. ;)
<Daviey> heh
<SpamapS> Daviey: we should add an event..   default-route-configured
<SpamapS> Daviey: any time the default route changes that should be emitted. Lots of things would do well to start at that point rather than net-device-up IFACE!=lo
 * SpamapS puts it on the Oneiric idea pile
<hggdh> Daviey: CLC/Walrus/CC/SC installed on cempedak, now installing the NCsa
<hggdh> Daviey: all installed, pristine beta1. I have to go out for 20 min
<hallyn> hggdh: so the problem yesterday was due to an upgrade issue?
<hallyn> Daviey: ^ ?
<SpamapS> DOHHH
<SpamapS> ssh isn't restarted on runlevel 1->2 :(
<SpamapS> or rather, sshd
<Daviey> -otp
<hallyn> yeah we need a new one time pad.  let's just do plaintext for now
<hallyn> bbl
<uvirtbot> New bug: #747756 in openssh (main) "sshd is not started on transition from single to multi user" [Undecided,New] https://launchpad.net/bugs/747756
<genii-around> Probably an upstart thing
<hggdh> hallyn: I do not know, I don't know what SpamapS and Daviey found
<SpamapS> genii-around: definitely an upstart thing :)
<hggdh> Daviey: I am back, what do we need to do?
<SpamapS> the job was changed recently to have sshd stop on runlevel [!2345]
<SpamapS> but it only starts on 'filesystem'
<hggdh> SpamapS: can you please summarise the changes to euca upstart -- I will then test the beast
<SpamapS> hggdh: add 'env IFACE=manual-start' to the file
<hggdh> SpamapS: to the eucalyptus-netkwork.conf, correct?
<SpamapS> hggdh: right
<hggdh> k, doing it. Will reboot after
<hggdh> alright. I am just confused on *what* bug is this. I do not see it having any impact on the blocker we have
<kthomas_vh_> howto install apache2-mpm-worker without forcing update of php to 5.3,  under 10.x?
 * kthomas_vh_ immediate googles
<kthomas_vh_> *-ly
<hggdh> SpamapS: OK. Now, what exactly am I checking for here?
<hggdh> all I see is that euca did not auto-start on a reboot
<SpamapS> hggdh: that you can upgrade the package
<SpamapS> RoAkSoAx: ^^ can you help hggdh with a more clear test case?
<RoAkSoAx> SpamapS: will have to do it a bit later as I'm kinda fixing something here :)
<hggdh> hallyn: so, by the above, this has nothing to do with the issue we found yesterday
<RoAkSoAx> hggdh: but basically, once you do a fresh install, try to upgrade with a later euxalyuptus version
<RoAkSoAx> and you should be able to upgrade without any issues
<RoAkSoAx> and not having eucalyptus failing to upgrade because of IFACE thing oin the upstart job
<hggdh> RoAkSoAx: will do. But, worth noting, I made the change & rebooted -- euca did *not* came up
<hggdh> meanwhile, upgrading
<SpamapS> hggdh: you can probably even get it with --reinstall
<RoAkSoAx> hggdh: yeah try that
<hallyn> hggdh: jjohansen: have you learned anything on bug 746751 ?
<uvirtbot> Launchpad bug 746751 in linux "kernel: [Firmware Bug]: the BIOS has corrupted hw-PMU resources (MSR 38d is 30)" [Critical,In progress] https://launchpad.net/bugs/746751
<jjohansen> hallyn: sorry really just started looking as I was finishing up with another bug before switch context
<hallyn> jjohansen: np, was just wondering
<RoAkSoAx> kirkland: http://me.roaksoax.com/cobbler.debdiff
<jjohansen> hallyn: is there anyway to get access to the hardware in question or should I have hggdh run some test kernels
<hggdh> jjohansen: all you need is access to tamarind, you should be able to ssh from there to cempedak/mabolo/marula/santol/sapodilla/soncoya
<hggdh> jjohansen: the first is the CLC/CC/Walrus/SC, the others are the NCs (where KVM is run)
<jjohansen> hggdh: I don't have access to tamarind
<hggdh> jjohansen: then I can do it -- but I have a dinner to go in a few
<jjohansen> hggdh: well thats okay I won't have a kernel for a while
<jjohansen> honestly not until some time on the weekend /me needs to look at it more first
<RoAkSoAx> kirkland: #731616
<hallyn> jjohansen: what're you going to try?
<hallyn> hggdh: i got the access.  however, i don't really know my way around those systems...
<hggdh> jjohansen: no prob. I will be fireflying the channels during the weekend
<hallyn> hggdh: i've looked over the wiki page,
<hallyn> is there a 'normal' way to start looking around?
<jjohansen> hallyn: not sure yet, just wanted to know about testing for when I had smething
<hggdh> hallyn: I usually start with ssh-copy-id to the systems
<hggdh> hallyn: you might want to add some lines to your ~/.ssh/config, though
<hallyn> but is any machine free/safe?
<hallyn> hggdh: i was planning to look around next week
<hallyn> was hoping to figure out this vmbuilder ec2 port
<hggdh> hallyn: all of them have natty Eucalyptus installed; I am running a dist-upgrade right now
<hggdh> hallyn: they are free to use, I can always re-gen the beast
<hallyn> cool, thanks
<kirkland> RoAkSoAx: SpamapS: http://paste.ubuntu.com/588420/
<kirkland> RoAkSoAx: this includes your koan fixes
<kirkland> SpamapS: and the debconf stuff
<kirkland> SpamapS: eyeball that diff while i build and test it locall here
<jjohansen> hggdh: this worked on maverick, tight?
<hggdh> jjohansen: yes. But we were using CCISS then
<jjohansen> hggdh: I am not convinced that is the reason, but it is worth looking at
<kirkland> RoAkSoAx: http://paste.ubuntu.com/588426/
<kirkland> RoAkSoAx: something's wrong in cobbler.postinst
 * RoAkSoAx looks
<kirkland> RoAkSoAx: on dpkg -i, it's hanging
<kirkland> RoAkSoAx: i have some debug code in postinst right now
<hggdh> jjohansen: neither are we convinced. But it is worth noting the difference.
<jjohansen> hggdh: right, do we know if any of the natty kernels worked?
<hggdh> jjohansen: no, we do not -- this is the first time in Natty that we have been able to run Euca on that hardware
<jjohansen> hggdh: okay, then I think the place to start is with a mid point bisect on the kernels
<hggdh> jjohansen: perfect
<jjohansen> hggdh: hrmm, I'm not sure whether I will do bisects on the mainline or just grab older natty kernels for the first couple of tests.  But either way I'll have a kernel to point you at later tonight
<hggdh> jjohansen: OK. I am going out to a dinner, but will be monitoring the channel
<hggdh> of course, when I get back :-)
<jjohansen> hggdh: /me was also thinking it would be good to get a trace with the maverick kernel installed on natty.  ie.  do the strace on kvm with the maverick kernel, that would give us a better comparison point for the kind of output expected in the strace log
#ubuntu-server 2011-04-02
<kirkland> RoAkSoAx: SpamapS: okay, dudes ... we've got cobbler in a pretty good state now, installable and runnable straight after install/upgrade, I think, prompting for a password and updating *both* places
<kirkland> RoAkSoAx: SpamapS: lots a changes, *all* bug fixes
<kirkland> RoAkSoAx: SpamapS: but it is late on a friday, and I don't want to upload to the archive right now
<kirkland> RoAkSoAx: SpamapS: so i threw it into the ubuntu-virt ppa
<kirkland> RoAkSoAx: SpamapS: https://launchpad.net/~ubuntu-virt/+archive/ppa
<kirkland> RoAkSoAx: SpamapS: give that a look as soon as you get a chance;  i'm calling it a day ;-)
<kirkland> laters!
<kirkland> RoAkSoAx: SpamapS: http://paste.ubuntu.com/588435/
<kirkland> RoAkSoAx: SpamapS: current branch is outta sync, so i'm maintaining locally for now, but there's the diffy
<kirkland> laters!
<palhmbs> anybody had problems setting up msmtp? I can't figure out how to set recipient --- I have a error--- errormsg='recipient address root not accepted by the server'
<hggdh> jj-afk: we can always install-downgrade the kernel; it would be better than doing it all with maverick-level code (KVM, euca, etc)
<jj-afk> hggdh: the first thing I want to try is installing a maverick kernel on natty, and trying that.  That will determine what we try next
<jj-afk> if that fails then there is a userspace issue to resolve, may be same or different.  But this will give us a base line for the kernel
<hggdh> jj-afk: OK; mind if I get it done tomorrow? A bit over legal alcohol limit right now...
<hggdh> :-)
<jj-afk> if it succeeds, we will start kernel bisects, if it fails we need to try the nattry kernel on karmic userspace.
<jj-afk> tomorrow is fine
<hggdh> perfect, current maverick kernel is OK?
<jj-afk> yep
<hggdh> roj, will do it tomorrow morning
<Datz> torrent missing: http://releases.ubuntu.com/10.04.1/ubuntu-10.04.1-server-amd64.iso.torrent
<Datz> also for the i386
<ScottK> Datz: 10.04.2 is current.
<Datz> I wasn't aware 10.04.2 was available for server addition
<Datz> I guess this page should be updated: http://www.ubuntu.com/desktop/get-ubuntu/alternative-download
<ScottK> Please file a bug against the ubuntu-website project.
<Datz> edition :P
<Datz> that wouldn't be in ubuntu brainstorm, but the regular ubuntu forum?
<ScottK> No.
<ScottK> Datz: https://bugs.launchpad.net/ubuntu-website/+filebug
<Datz> thanks
<Datz> done
<osmosis> whats the difference between  kvm's  writeback and writethrough?
<Datz> Is Ubuntu-JeOS not updated anymore?
<Datz> http://cdimage.ubuntu.com/jeos/releases/
<ChmEarl> Datz, debootstrap, then install ubuntu-minimal and openssh-server
<Datz> ah, good idea. thanks
<foxbuntu> anyone around that is familar with 10.04 install on HP hardware?
<foxbuntu> HP Server hardware that is
<pHro> foxbuntu, ive installed on dell server hardware , not sure if that helps
<foxbuntu> pHro, it might, you ever used the DRAC on the dell hardware to do it?
<pHro> ive used the drac, a very nice tool, but never installed, I wouldnt see why installing via a drac would cause any issues, its just console redirection
<pHro> foxbuntu, the biggest hurdle you may face is the raid controller driver, i know ubuntu supports all of dells raid controllers except the S100
<pHro> S100 has no current linux support that I know of
<foxbuntu> pHro, the problem I am having right now is I am attached to the system but after the hardware/kernel install it is looking for the install media in /cdrom but apprently thats mapped to the hardware CDROM not the virtual one I am using
<pHro> ahh i see, i can see how that would be a challenge, do you have physical access to the  server to use the hw optical drive?
<foxbuntu> not for hours
<foxbuntu> and then I cant get to it
<foxbuntu> so not really
<foxbuntu> is there anyway to change where its looking?
<pHro> id imaging that /cdrom is the hw optical drive and possibly /cdrom1 is the virtual, thats just a hypothesis, im not sure how you can tweak that
<pHro> imagine*
<pHro> id try booting to a livecd and see how its mapped out
<pHro> but wait you cant boot to anything can you...
<foxbuntu> I can boot
<foxbuntu> it gets quite a ways into the install until this happens
<pHro> i wish there was a way to install from an anonymous ftp like other distros, that would solve your problem...
<pHro> i guess what you need to know is where to change the path to the install media...
<pHro> i just loaded up the ubuntu installer in 'expert mode' looking around for options
<pHro> you can press f6 to toggle that
<foxbuntu> pHro, im actually trying that now...
<foxbuntu> pHro, I might have found a way around it...you can select your source locations (i.e. media/apt) to get the comps from
<pHro> yes you can select from a mirror
<pHro> also
<pHro> and its nice enough to know where the mirrors are for  you
<foxbuntu> no dice
<foxbuntu> it fails on the "install comps from cd" step in expert mode
<pHro> try installing from a mirror
<pHro> i forgot where i found it but it in there somewhere
<pHro> its under the 'load installer components from cd'
<pHro> then the first option talks about  choosing a mirror to install from
<foxbuntu> pHro, i think i might have it working, there are two seperate types of ilo consoles, and the other one seems to work...that java based one
<pHro> sweet
<pHro> im glad you are making progress, ive been troubleshooting a leaky toilet for about an hour now and ive gotta wait another couple hours before home depot opens
<qwebirc61633> hello again
<qwebirc61633> im still trying to solve poweroff problem
<qwebirc61633> I checked dmesg and it prints "apm: BIOS not found."
<qwebirc61633> cmon
<qwebirc61633> im sick of that thing
<qwebirc61633> doesnt poweroff
<qwebirc61633> ...
<pHro> ok so when you issue a shutdown command it doesnt shut down?"
<qwebirc61633> no, all those command dont poweroff
<qwebirc61633> it's not BIOS fault because with same settings in BIOS
<qwebirc61633> i can shutdown in archlinux
<ikonia> qwebirc61633: please don't cross post your questions
<qwebirc61633> ok
<qwebirc61633> this is ubuntu server channel
<qwebirc61633> i have that problem in server
<ikonia> really ? why are you asking in #ubuntu then ?
<qwebirc61633> ikonia: because it's ubuntu?
<ikonia> qwebirc61633: this channel is for server support
<njin> hello, can someone look at bug 747506
<uvirtbot> Launchpad bug 747506 in ubuntu "Persistent connection reset from clients on Ubuntu machines" [Undecided,New] https://launchpad.net/bugs/747506
<njin> ubuntu-it-test
<alternate_> guise
<alternate_> How do I install Ubuntu with custom configuration?
<alternate_> is there an altenative CD?
<alternate_> anyone
<alternate_> hello!
<DrDetroit> mostly you should just ask and then wait to see if someone will answer
<DrDetroit> sometimes it takes awhile
<DrDetroit> what kind of custom configuration?
<alternate_> DrDetroit: power management etc
<DrDetroit> I am no expert, but I would think that you could first install ubuntu-server, then do your custom configuration
<DrDetroit> but, like I said, I am no expert. I am here getting help myself
<DrDetroit> hehe
<alternate_> DrDetroit: LOL!
<DrDetroit> alternate: here is a guide to building your own kernel
<DrDetroit> https://wiki.ubuntu.com/Kernel/BuildYourOwnKernel
<alternate_> looks hard
<alternate_> I will try
<DrDetroit> you might just want to wait for someone more knowledgable than I
<alternate_> DrDetroit: Ill do it after hacking Linus
<DrDetroit> haha
<DrDetroit> my kinda guy
<DrDetroit> or gal
<alternate_> gay?
<alternate_> DrDetroit: thanks for the link ;)
<DrDetroit> i think i typed guy
<DrDetroit> oh i see, no not gay, it's just a saying
<DrDetroit> ltr
<alternate_> almost getting into Linus ssh server
<alternate_> torvalds is the login username
<alternate_> :))
<jsebean> does anyone know why some of my files randomly go corrupt on ubuntu server?
<jsebean> anyone?
<jsebean> does anyone know why some of my files randomly go corrupt on ubuntu server?
<hggdh> RoAkSoAx: there?
<hggdh> RoAkSoAx: when you are in: without 'env IFACE=manual-start' in eucalyptus-network.conf, upgrade fails; with it, upgrade hangs
<RoAkSoAx> hggdh: I'm here
<RoAkSoAx> hggdh: uhmmm yeah there's something weird going on there
<RoAkSoAx> hggdh: can't test anything right now
<RoAkSoAx> as I'm in the TLF right now
<hggdh> RoAkSoAx: no problem, just a heads up.
<RoAkSoAx> hggdh: thanks ;)
<hggdh> RoAkSoAx: for the record: http://imagebin.org/146287
<RoAkSoAx> hggdh: cool. Will look at this stuff when i get home
<uvirtbot> New bug: #748450 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/748450
<uvirtbot> New bug: #748501 in rabbitmq-server (main) "package rabbitmq-server 1.7.2-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/748501
<help__me> hello
<help__me> how can I update grub using rescue mode?
<help__me> I changed resolution in grub file but I messed up a setting and now I dont get signal image in grub etc
<help__me> if you know tell me pls
<Daughain> Would this be th eplace to get help setting up a home media server?
<James147> !ask | Daughain
<ubottu> Daughain: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<James147> ^^ you are more likly to get an answer that way :)
<uvirtbot> James147: Error: "^" is not a valid command.
<James147> :S
<Daughain> Considering how varied the use of the term'server' is, I thought I asked a valid quesion.
<ehnde> anyone use kvm? is it typically administered from the command line or a gui?
<ehnde> i was really comfortable with vmware ESXi, but it doesn't play well with my current hardware
<ehnde> i'd like a similar setup if at all possible
<James147> Daughain: making ubottu's statement more valid ^^ its hard to tell you where to go when we dont know what exactly you want :)
<Daughain> James147, Actually, I kow, I just cant remember the name of the channel. It was dedicated to a buntu fork dedicated to being a media server.
<jmarsden> Daughain: Please ask your real question.  Then either it can be answered here, or you can be pointed to a more appropriate channel.
<matoc> ehnde: KVM can be used in many different ways. Look at virt-manager if you want a gui.
<ehnde> matoc: does virt-manager work remotely? or just on the host machine?
<matoc> ehnde: it can work remotely though an ssh chanel.
<matoc> *through
<ehnde> that would work for my purposes, i'll do the appropriate searches
<ehnde> thank you
<Haegin> Hi, how can I change locale on ubuntu server? I've got the locale I want set in /etc/environment, /etc/default/locale and I've got it enabled in /var/lib/locales/supported.d/local or wherever it is and I've tried dpkg-reconfigure locales but it's still booting and using POSIX like a n00b
<DrDetroit> Haegin: https://help.ubuntu.com/community/Locale
#ubuntu-server 2011-04-03
<jjohansen1> hggdh: how did the test go?
<Eversmann> hi ;-) Greetings from Spain
<Eversmann> is there anyone there to ask a question about qemu-kvm with spice enabled on a ubuntu server?
<hggdh> jjohansen1: I could not test it yet, a small issue on a previous test
<Eversmann> you mean the spice enabled version?
<jjohansen1> hggdh: okay, np.  Let me know when you have it tested
<hggdh> jjohansen1: will do; downloading the maverick kernel now
<hggdh> jjohansen1: it will take a bit longer, I got no IPV4 addresses, still digging in the logs
<d3ngar>  Hi there, I have a problem with my VPN: Two computers can connect and ping the host. The host can ping the clients. But the clients can't ping each other...
<ScottK> Can the server ping the clients?
<d3ngar> Yes
<d3ngar> I have been advised that it's something to do with the server routing
<jjohansen1> hggdh: no worries, I am in and out all night, not waiting around on you, but will deal with the next step when ever we have results
<patdk-lap> hmm, I have a backwards issue :)
<patdk-lap> I want to limit my server to doing only 100iops, it's starving other access when it gets higher (it likes doing 20k iops)
<patdk-lap> can't find anything about how to make it go slower, just faster
<freakabcd> hi all
<freakabcd> did ubuntu stop providing the ubuntu-jeos releases?
<freakabcd> the last jeos release i see on cdimage.ubuntu.com is hardy
<jmarsden> patdk-lap: ionice ?
<jeeves_moss> how do I add local DNS resolve files for my BIND9 server?  the external DNS names resolve properly, but I can't resolve my domains locally
<jmarsden> jeeves_moss: Add a zone stanza to named.conf and create the appropriate zonefile it points to.  You can set up a view so the local domains are only visible to requesting DNS clients on your lcoal LAN, if you want.
<jeeves_moss> jmarsden, that's kinda the point.  I only want the look ups to be for requests from the subnets in 192.168.x.x subnets
<jmarsden> Then learn about views and you should be all set.
<jeeves_moss> jmarsden, ok, i've copied all the current DNS zone files from <domain>.<TLD>.conf to <domain>.<TLD>.local, and changed all the pointers to the local server's addresses, but I'm stuck on how to add the "views" part
<jmarsden> There are tutorials out there, I don't know how good they are, maybe http://www.howtoforge.com/two_in_one_dns_bind9_views will help you?
<jeeves_moss> jmarsden, thanks, I'll have a look before the rum kicks in and I head to the pub
<jmarsden> jeeves_moss: You're welcome.
<RoyK>  
<jeeves_moss> jmarsden, this might be better, http://pupeno.com/blog/two-in-one-dns-server-with-bind9/
<jeeves_moss> what causes "rndc: no server specified and no default"?
<uvirtbot> New bug: #748887 in bind9 (main) "DNS resolving seems to be failing often and is taking way too long. " [Undecided,New] https://launchpad.net/bugs/748887
<jeeves_moss> what causes "rndc: no server specified and no default"?
<awanti> Hi. I am running ubuntu server 10.04 with samba pdc. Samba clients are windows xp & 7. Every thing is working perfect. But I am unable to restrict users to change the settings. Plz. even can guide me :)
<patdk-lap> jmarsden, ionice doesn't do it
<uvirtbot> New bug: #749444 in cloud-init (main) "grub-legacy-ec2 cannot be purged" [Undecided,New] https://launchpad.net/bugs/749444
<andygraybeal> join #nexentastor
<qwebirc75869> How do I recompile a Kernel for Ubuntu Lucid using Maverick?
<qwebirc75869> or how do I recompile a kernel for server using desktop edition?
<hggdh> jjohansen1: hi, I cannot figure why I do not get IPv4 addresses on the maverick kernel on natty
<jjohansen1> hggdh: is that on the base machine or inside of kvm?
<hggdh> jjohansen1: on the base machine
<jjohansen1> and yet the maverick install would get IPv4 addresses?
<lenios> isn't that supposed to be #ubuntu+1 ?
<jjohansen1> hggdh: the maverick install on the machines would obtain IPv4 addresses, right?
<hggdh> jjohansen1: yes
<jjohansen1> hggdh: does maverick use a module that isn't built as part of the kernel
<hggdh> jjohansen1: heh. I might have found it -- I now see a apparmour DENIED message for dhclient
<hggdh> jjohansen1: let me aa-complain it, and try again
<jjohansen1> hggdh: oh, oops :)
<hggdh> jjohansen1: sounds quite obvious after thinking of apparmour... :-)
<hggdh> but... let's see what happens after a reboot
<jjohansen1> hggdh: well yeah, but it is a little unusual when just switching kernels, certainly does happen but it means the application changed behavior because of the different kernel
<hggdh> jjohansen1: yeah... I am not sure what else changed, but I would expect more surprises
<jjohansen1> yeah
<hggdh> yeah!  I got me IPv4 aqddresses now
<xnixan> hi, how to increase the number of loop devices on ubuntu server 10.04?
<woonix> xnixan: A Google search of "ubuntu increase loop devices" found the answer on the first link --> http://ubuntuforums.org/showthread.php?t=394792
<xnixan> woonix, thanks for advice, but in ubuntu-server there is no modules.conf, only /etc/modules, and i already modified it and increased the number of loop devices to 256(maximum allowed by kernel 2.6) but after rebooting it is still the same, only 8 loop devices :(
<woonix> have you actually tried using up all 8? The link I read suggests that more will appear once they have been used.
<woonix> I haven't tried it myself, so I don't know what will happen.
<xnixan> i tried it with other distros, and previous ubuntu releases, but whenever you have less loop devices system will till you do not have free loop device to mount more
<fubada> hi
<fubada> can someone help me get my linux workstations talking to ubuntu kerberos
<fubada> for gdm login
<rcsheets> does anyone know if libvirt-bin, libvirt0, and python-libvirt are safe to update while VMs are running?
<rcsheets> KVM VMs in my particular case
<compdoc> Ive done it
<compdoc> the change doesnt occur until you reboot
<rcsheets> ok, great. thanks.
<uvirtbot> New bug: #749620 in openssh (main) "ssh-keygen -h or ssh-keygen --help does not show help" [Undecided,New] https://launchpad.net/bugs/749620
<javatexan> anyone have a favorite backup for ubuntu server and mysql?
<Lcawte> Hi, I'm having problems with self signed SSL certificates, see https://brickpost.info
<javatexan> sorry, that I can turnover to a non-binary type....LOL
<javatexan> like, run this and it will be happy
<javatexan> LOL
<qman__> javatexan, mysqldump + rsync
<javatexan> darn, I was afraid you would say that
<javatexan> LOL
<qman__> if you need something faster, set up a slave SQL server
<Lcawte> Anyone got any idea whats up with my ssl certificate/or some server thing I need to sort out?
<Lcawte> Also,
<Lcawte> Need to get 0B of archives. After unpacking 0B will be used.
<Lcawte> E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
<Lcawte> E: Couldn't lock list directory..are you root?
<Lcawte> Yes, I am root
<javatexan> thanks qman_  this is a friend I helped setup and now it wont go away....LOL  I was hoping for something easier to pass off, I guess I could script it for him
<qman__> javatexan, simple is best
<qman__> if they have lots of them to back up you can get a little better managed with something like backuppc
<qman__> but just one, a simple script is the way to go
<guntbert> Lcawte: my first guess: you have some package manager running already
<Lcawte> guntbert: I can't see one :/
<Lcawte> oh wait, I see it
<Lcawte> why aren't you dead proccess
<Lcawte> apt and apt-get proccess' being run by root, now, any idea on the SSL problem?
<uvirtbot> New bug: #749720 in mod-wsgi (main) "Wrong symlink in libapache2-mod-wsgi-py3" [Undecided,New] https://launchpad.net/bugs/749720
#ubuntu-server 2012-03-26
<jdstrand> hallyn: fyi, jjohansen1 is working through it over the weekend, but it won't be tonight
<jdstrand> hallyn: last I heard he is striving for tomorrow midday (CDT)
<jjohansen1> oh please, no.  I am striving for tonight, so it can be uploaded as soon as people come online tomorrow.  I believe it is actually working now, but I added new regressions tests and some are failing and I am debugging through it.
<twb> Ballpark, what's the typical total throughput in gbps or tbps for a larga data center or IXP?
<jdstrand> jjohansen1: I more meant striving for the package being available by midday, but I'll prepare/test/upload when you are ready
<oApocalypse> hello i have a samba permission issue can anyone help
<seekwill> What's the problem?
<oApocalypse> well i have the availability to read but not write
<seekwill> smbd.conf ? ls -la /path/to/folder ?
<oApocalypse> the way i have it set in smb im utilizing username map also
<oApocalypse> but ill tell u what i have set as far as the share
<oApocalypse> security is set to user
<oApocalypse> create mask = 0770 writable = yes valid user =@mygroup  guest ok = no read only = no
<seekwill> writable = yes
<seekwill> oh
<seekwill> Pastebin works better :)
<oApocalypse> when i rightclick in putty it pastes it over and over lol
<oApocalypse> mind u im new so all i have for experience is reading
<oApocalypse> i have a workgroup set also
<oApocalypse> i tried to get to it from a non work group computer
<oApocalypse> it asked me for credentials i entered valid group credentials and its still read only
<oApocalypse> the device itself has permissions set at 0770 also
<oApocalypse> (HD)
<seekwill> What does ls -la /path/to/dir show?
<oApocalypse> root group and 4096?
<oApocalypse> drwxr-xr-x
<oApocalypse> again not fluent in linux :P
<oApocalypse> but i think thats 0770 lol
<oApocalypse> group being the group that i set of course
<seekwill> Copying and pasting the output of the command helps
<oApocalypse> how to on putty
<oApocalypse> it doesnt give optioin
<seekwill> ?
<seekwill> Give the option for what?
<oApocalypse> # ls -la /Share
<oApocalypse> total 8
<oApocalypse> drwxr-xr-x  2 root torrent 4096 2012-03-25 13:21 .
<oApocalypse> drwxr-xr-x 24 root root    4096 2012-03-25 13:17 ..
<oApocalypse> -rw-r--r--  1 root torrent    0 2012-03-25 13:21 test
<oApocalypse> #
<seekwill> yeah
<seekwill> Your torrent user group does not have permission to write
<seekwill> It's not 770
<seekwill> chmod -R 770 /Share
<oApocalypse> ur the man
<oApocalypse> ok where do u see this
<seekwill> drwxr-xr-x  2 root torrent 4096 2012-03-25 13:21 .
<seekwill> . is the current directory
<seekwill> drwxr-xr- : 'd' it's a directory, 'rwx' read write execute for the owner (root in this case) 'r-x' read and execute (no write)
<oApocalypse> nice
<oApocalypse> heres another question
<seekwill> Oh, you've used up your question allocation for the day
<oApocalypse> why can i access this outside of the workgroup if i credentials
<oApocalypse> LOL
<oApocalypse> damn next time
<seekwill> What do you mean?
<oApocalypse> well i have a desktop off the workgroup
<oApocalypse> and i was able to get onto it
<oApocalypse> shouldnt me defining a workgroup only allow those on the same workgroup
<seekwill> Workgroups aren't really security groups
<seekwill> From my understanding at least
<oApocalypse> no for instance i created a folder in this directory
<seekwill> What directory?
<oApocalypse> in /Share
<oApocalypse> with one of my usernames
<seekwill> I can't see your screen (not yet at least, give me a sec), so you need to be specific
<oApocalypse> # ls -la /Share
<oApocalypse> total 12
<oApocalypse> drwxrwx---  3 root torrent 4096 2012-03-25 21:04 .
<oApocalypse> drwxr-xr-x 24 root root    4096 2012-03-25 13:17 ..
<oApocalypse> drwxr-xr-x  2 mike mike    4096 2012-03-25 21:04 New folder
<oApocalypse> -rwxrwx---  1 root torrent    0 2012-03-25 13:21 test
<oApocalypse> #
<oApocalypse> does that mean new folder will be only accessable by mike?
<seekwill> Mike is such a troublemaker...
<oApocalypse> yea i hate him
<oApocalypse> lol
<seekwill> Pastebin your smbd config
<seekwill> The part about your share
<seekwill> But yeah, that's what it means
<seekwill> I'm guessing you want to make this directory "public" for anyone who is in the torrent group?
<oApocalypse> yes
<a5m0> if i got one of the 12.04 beta downloads would it update itself to the final release at a later date?
<oApocalypse> [Share]
<oApocalypse>  comment = torrent drive
<oApocalypse>  path = /Share
<oApocalypse>  create mask = 0770
<oApocalypse>  writeable = yes
<oApocalypse>  valid user = @torrent
<oApocalypse>  guest ok = no
<oApocalypse>  read only = no
<seekwill> Pastebin works great :)
<shauno> a5m0: that's the plan, but there's no guarantees you might accumulate some 'cruft'. I prefer a clean install for production, but upgrading from beta does work
<oApocalypse> lol i have to copy to clipboard then edit it so no its a pain in the ass
<oApocalypse> whats pastebin
<seekwill> oApocalypse: You paste all that to a webpage, and it gives you a URL. You paste just the URL here
<seekwill> oApocalypse: Did you check this? http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html for config options?
<oApocalypse> what my question is  will things i put into a directory other than folders ahve that same read write bullshit
<locuse> hi.  i installed my 1st ubuntu-server 10.04LTS instance, for production use with Zimbra.  so far so good.  i want to stay as much as possible "on" the LTS release (+security updates) -- but would like to upgrade to the latest possible openssh (v5.9).  is that possible with the 10LTS release?  i.e. just one package, without derailing the 'rest' of the LTS release?
<seekwill> locuse: Why do you want to?
<locuse> seekwill: i want access to features in newer versions of openssh.  e.g., multiple AuthorizedKeyFiles + auto fallback ...
<seekwill> I believe you can upgrade that without breaking everything else.
<locuse> seekwill: at least worth a shot ... where's the "right place" in ubuntu-land (i'm used to opensuse, til now) for finding and installing a "latest" openssh package/repo that would install into 10LTS?
<seekwill> locuse: I'm not sure on Ubuntu either, but I'd check 12.04 LTS to see if it comes with the version of openssh you want, then you won't have to go through this :)  If that fails, see if there's a precompiled package in a repo somewhere.
<locuse> seekwill: atm, Zimbra is !supported on 12.04LTS, hence the issue ...
<seekwill> ah
<locuse> eventually, sure -- but not until "at least April", iiuc
<seekwill> Can you live without that feature till then? :)
<seekwill> If you don't find any other repos that you trust, I'd set up another 10.04LTS machine as your dev machine (you should have one already) and roll your own package, then deploy the .deb to your prod machine
<locuse> seekwill: unfortunately, i suspect the 'old' ssh is a source of a problem.  if i have to, i'll build openssh in /usr/local and be done with it ...
<locuse> haven't *ever* rolled a .deb ...
<seekwill> I haven't either! :) I'm assuming it's the same as rolling an RPM though
<locuse> seekwill: heh, apparently nothing is the same upon switching distros! ;-)
<locuse> seekwill: closer -> https://launchpad.net/~jamon/+archive/backports.  it's v58, not v59 ...
<oApocalypse> ty for help seekwill ive found a workaround
<seekwill> locuse: doh!
<seekwill> oApocalypse: Nice :)
<oApocalypse> any idea why a 1tb drive would show up at 160gb networks share?
<locuse> seekwill: is that a good "doh", or a bad "doh"?
<hallyn> jdstrand: thanks for that info
<twb> locuse: IIRC multiple authorized keys files are supported in lucid's openssh-server...
<locuse> twb is 'lucid' 104LTS?
<twb> lucid = 10.04 LTS, yes.
<locuse> twb: tried it, didn't work -- complains about "garbage" in the config file if i add a second authkeyfile ...
<twb> Well, I could be wrong
<twb> I thought I tested it for monkeysphere
<locuse> twb: as i understand it, didn't arrive til v5.9 -> http://lists.debian.org/debian-ssh/2011/09/msg00014.html
<twb> Fair enough
<locuse> the server i installed has v5.3
<locuse> basically ancient
<twb> I can confirm that
<michaelh1> Hey, does anyone know who in Ubuntu creates the ARM UEC images http://uec-images.ubuntu.com/precise/current/ and the tool used?
<locuse> hm, this looks like a path to a newer-openssh deb ... http://askubuntu.com/questions/100840/openssh-5-9p1-on-ubuntu-11-10
<twb> michaelh1: try #ubuntu-arm
<michaelh1> twb: will do
<oApocalypse> why would a hd i shared looks like a 142gb hd
<oApocalypse> does samba segment the drive automatically for different users
<twb> uupdate -v 5.9p1 /root/packages/openssh/openssh-5.9p1.tar.gz
<twb> locuse: would be better to cherry-pick the package from precise or whatever
<hallyn> stgraber: I'm about to push an lxc that temporariliy does the temp proc mounting to fix your issue.  i'll leave it to you to do what's needed to get it through?
<twb> hallyn: push it to all of ubuntu, or a staging/experimental area?
<hallyn> all of ubuntu
<twb> That sounds suboptimal for a temporary test...
<hallyn> ican push it to staging area in the meantime...
<hallyn> it's not a temp test
<hallyn> it's a temp fix until a dependency gets fixed
<twb> ah, ok
<stgraber> hallyn: ok, btw, jjohansen1 is planning an apparmor upload tomorrow morning
<hallyn> oh i thought it was afternoon
<hallyn> stgraber: it's up to you
<hallyn> i'll happily wait
<hallyn> less work and risk for me
<hallyn> but this is working (finally.  two days of one little stupid mistake after another)
<jjohansen1> hallyn: it was but I got some failures in new regression tests I added am working through them, I think most of them are actually in the tests but I want to make sure all the regressions are working
<hallyn> jjohansen1: sorry i'm not following - so now it's going to morning or afternoon?
<hallyn> mind you i'm not trying to rush you :)
<jjohansen1> hallyn: I will have the upload waiting for when jdstrand comes on in the morning
<locuse> twb seekwill thanks, will dig in precise.
<stgraber> hallyn: can you push to a separate branch so we have it around just in case?
<hallyn> jjohansen1: ok, thanks.  stgraber: so i'll wit?
<hallyn> ok
<stgraber> I'll be in #ubuntu-release all week, so I'll check for the apparmor upload and do the required nagging to get it in, making sure it fixes the problem here and then rebuild all the images
<jjohansen1> stgraber: yeah I can setup another branch in a bit, I was just heading to dinner
<stgraber> jjohansen1, hallyn: Thanks for tracking this one down and fixing it so quickly
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/precise/lxc/lxc-aa-proc
<twb> grumble grumble direct root logins not enabled with keys, grumble
<hallyn> denied from sshd_config ?
<twb> correct
<twb> just allowedusers cyber@<my class C> and *@<customer NAT class C>
<hallyn> yeah i seem to recall that slowing me down when i was testing some remote libvirt stuff that required root
<twb> The most important case is: ssh root@foo tar -C /foo | ssh root@bar tar -C / -x
<twb> Because in that case both ends need to be root and you can't easily talk to stdin to escalate through e.g. sudo
<twb> (Yes, you could use netcat, but that would send the tarball as cleartext over the networl.)
<hallyn> so you netcat to a local port from whcih you forward through ssh, and ...
<hallyn> j/k
<hallyn> i think i'm done for the day.  it's been just a pathetic performance on my part.  i'm embarassed.  (or would be, if anyone'd been watching)
<hallyn> gnight all
<twb> I have a PHP weenie who is currently OOMing his allocated resources by running PHP lucene.  He suggests migrating to solr, but AFAICT that needs an entire tomcat stack, AND he'll still be running the rest of his app in PHP, so I'm not sure how this would be a win
<twb> Am I right?  Would solr be a pointless memory hog?
<imbrandon> twb: no solr is worth it
<imbrandon> and the php solr api too that makes it more so
<twb> This is not some ecommmerce site or anything, it's a flipping issue tracker for a ten-person company
<twb> If it was up to me there the solution would be "STFU if you want body searches, use the IMAP backend"
<twb> :-/
<imbrandon> that sounds like it would need it more than a ecommerce site
<imbrandon> :)
<twb> I'm not happy about him using PHP either, but I was overruled for that one host
<imbrandon> twb: heh i think you might be on the wrong end of the stick this time, what version of php and whats does your metrics like new relic say the memeory is ued by
<imbrandon> rearely php casues it
<twb> I was getting OOM reports from lucene via syslog
<imbrandon> yea i hear that part
<twb> Gimme  a minute and I'll pull them up for you, just got to deal with this (unrelated) security fuckup first...
<imbrandon> but thats just the straw
<imbrandon> that broke its back
<imbrandon> you need the metrics
<lifeless> twb: solr is a good thing, decouples your bits, will have less overhead on starting up php, lets you query it from other languages etc
<twb> But it DOES mean I need a stupid jvm and tomcat, right?
<imbrandon> well yea but if done properly it will be much better
<twb> Will tomcat even fit into a 1GB RAM VM?
<imbrandon> do you have a sysadmin handy ?
<twb> I am the sysadmin
<twb> It's my job to say "no" to the devs
<lifeless> thats sad
<imbrandon> ohhh you called a coder whinnie and tomcat stupid
<imbrandon> those are very nice tools if used properly
<imbrandon> solar and php both can be setup to not use a ton of ram
<twb> imbrandon: all of "web app" space is stupid a priori, but tomcat is especially stupid because I am called in all the time to customer sites where it wants like 8GB of RAM just to do some trivial job for half-a-dozen users
<imbrandon> try apc and memcache and then run newrelic to see where itss actually going
<twb> this "newrelic" stuff is a property of what, php or lucene?
<lifeless> twb: so use a lighter weight container, or get your instrumentation up and look at the data
<twb> lifeless: they're LXC containers already
<lifeless> newrelic is a company that runs a webstat instrumentation service
<imbrandon> ties code metrics, it watches all kinda of code
<imbrandon> ass see whats taking cpu ram disk io
<lifeless> twb: nothing to do with LXC. Java container.
<imbrandon> etc down to the functino
<twb> lifeless: I don't even have java installed yet!
<lifeless> I get that
<lifeless> but you are ranting about something you don't have the basic terminology for.
<lifeless> perhaps you should spend a little time learning :)
<imbrandon> newrelic is totaly seperate, think of it like a tool, its not a part of the stack
<twb> lifeless: so far it has been easier to install infrastructure that isn't bloated by default
<lifeless> twb: thus my suggestion to use a different container
<lifeless> anyhoo, I have to run, ciao
<imbrandon> i dont know of a nother j2ee stack thats lighter than tomcat :) maybe try glasssfish ?
<imbrandon> l8tr lifeless
<twb> Does "j2ee" also imply it would have to be Sun java?
<lifeless> imbrandon: spring
<imbrandon> no
<imbrandon> j2ee is a api for java
<twb> Well at least there's that.  Oracle are also on my shit list
<imbrandon> hum
<imbrandon> lifeless: ahhh , mostly just deal with the java bridge in zend server
<imbrandon> last few years
<lifeless> imbrandon: also there is jboss
<lifeless> and there is another one whose name escapes me just now, that jenkins uses by default
<imbrandon> oh yea i actually forgot about that one, jboss is pretty sweet
<imbrandon> thought jenkins was on tomcat default
<imbrandon> maybe not though
<imbrandon> i set it up and forgot about it :)
<twb> lifeless: ah, you meant https://en.wikipedia.org/wiki/Web_container (right?)
<imbrandon> btw : 06:07 < twb> It's my job to say "no" to the devs  <--- you need to do a little more reasearch on your job then, i dont know of anyone who's job it is to tell devs "no" except a CIO, DevOps or in your case sounds like Ops is there to facilitate the developer doing their job while protecting the companies intrest, even if you did have a propblem with a developers way of doing things its still above the ops paygrade to make the call 
<twb> I can assign myself a different title if you prefer :-)
<imbrandon> would no make a diffrence if that is how you look at the developers and you ARE in power over them, either A) you dont trust them and that should end the relationship right there, why have someone work under you you dont trust, or B you cant fire them and your overestimating your power over them
<imbrandon> so its moot
<twb> I don't trust the webdev because he's an idiot, but I don't have the power to sack him
<imbrandon> ah then eat humble pie and do your job
<twb> I have the power to say to management "I recommend option <B> because it is not retarded"
<imbrandon> as in learn how to make a java stack
<twb> That may well be option B, but if the webdev is only recommending solr because he read about it on reddit, it is my job to determine if there is a better solution
<imbrandon> ok well this isnt productive, we could go on all day, if you have some more tech questions i'd love to help
<twb> Where "better" doesn't necessarily mean "faster" but e.g. could mean more secure
<imbrandon> and if you think solr is something from reddit and never heard of newrelic you sorely need to brush up on your ops skills
<imbrandon> i understand exactly what it means , been at this almost 20 years
<imbrandon> i do need to stop the back and fourth though, its disruptive in here, i'm happy to help technicly if you want recomendatinos on a good setup
<imbrandon> but cant contiunue the back and fourth
<twb> Shrug.  So far your suggestions have been to profile and find out where the problem actually like (agreed); and that solr is worth the overhead of learning to administer a java web stack (of which I'm still not convinced).
<twb> If and when I establish that java really is needed / worth it, I'll be happy to discuss ricing it up
<imbrandon> thats your call, i can tell you i implmented it this week , publicly, on a site with about 10.7 million hits a month
<imbrandon> and its all documented on the whos and whys
<imbrandon> if you want the papers and links
<twb> I'm not interested in scaling to internet-sized systems
<imbrandon> no but it sounds like you need to scale to one, and this was done on 2 machines, one web with 4gb ram total and one db mysql from oracle
<imbrandon> thus it would still apply
<imbrandon> honestly man, i';m not here to sell you on anything, i juist can tell you what my experince is and what i have to back that up, i have no need for you to beleaive me
<twb> I'm not interested in infrastructure that would ALLOW me to scale to that size if it requires deploying infrastructure with which I'm not familiar.
<imbrandon> take my adive or leave it , i'm not paid to be here :)
<twb> Granted.
<imbrandon> right but when your comfort zone dose not include a basic server like a java stack, or a solid php stack then i have shakey feeling your gonna find anything your familiar with to deploy
<imbrandon> or you wouldnent be here
<twb> Server â  web server
<imbrandon> sure sure, semantics
<imbrandon> you knew exactly what i mean
<twb> What I babysit is mostly LDAP, postfix, dovecot, NFS, samba, etc.
<imbrandon> ok
<imbrandon> then grab your nearest web dude even if you dont trust him and have some faith
<imbrandon> there is no replacement for expertise
<twb> That would be you :-)
<imbrandon> well i'm trying man but i'm getting shot down every corner by some 1999Linux users way of thinking
<imbrandon> but i'mm willing to look past it
<imbrandon> heh
<twb> It is fair to say that IMO CLI beats GUI beats web UI :-)
<imbrandon> and dont get me wrong , i started using linux with rh 4 arround 96ish :)
<imbrandon> i'm in irrssi and screen now
<imbrandon> that dont mean i cant keep up with the latest trends of ohh say the last decade
<imbrandon> this stuff isnt new man
<imbrandon> its proven tech
<imbrandon> i'm not saying go run nginx
<imbrandon> :)
<twb> I've done that
<imbrandon> as have i, take a gander at brandonholtsclaw.com , just posed about it yesterday
<imbrandon> :)
<imbrandon> i'm gonna grab a soda, when i get back lets start over and see if we cant get you workin here
<imbrandon> back in ~5 min
<twb> btw newrelic appears to be newrelic.com, and AFAICT that's not DFSG-free so it would be an automatic fail here
<imbrandon> its a service, what does dfsgfree have to do with it
<twb> The actual ITS, which has been written by generations of work experience students, is http://allocpsa.net (darcs get --lazy http://dev.allocpsa.net )
<imbrandon> and no theirs or any other metric provider that is not you looking over syslogs wont be either
<twb> I'm currently using logcheck and collectd
<imbrandon> rember your paiying for their time, ever herd the joke about the man that hit the furnis and charged $1000, the customer balked and the man said its $1 for the hammer and $999 for knowing where to hit it
<imbrandon> twb: right but you cant tell me where the memory was going
<imbrandon> e.g. able to intrreprit them
<twb> If you just mean which process, sure, I could do that
<imbrandon> no
<imbrandon> i mean what function in what context
<imbrandon> and how man calls to it
<imbrandon> and was it cacheed
<imbrandon> and if so where in apc or memcache
<imbrandon> or redis
<imbrandon> or ......
<imbrandon> yea lots more to it than just the process , and i'm not the expert
<twb> Right, that is the kind of problem I leave to the webdev because it's happening inside his web stack
<twb> s/leave /normally leave/
<imbrandon> thats not a web dev problem though , you are the one with the tools, like newrelic
<imbrandon> you job dont stop at the stack man, thats the bigest downfall most sysops make
<twb> well, normally profiling within the app would require loading magic inside the app, not just reading syslog
<imbrandon> no it requires loading magic on the server to intercept the calls at the cpu
<twb> And/or compiling the app (or the interpreter) with CFLAGS += -g and shoving it through gdb
<imbrandon> in the app does no good
<imbrandon> cuz then you modify the app
<imbrandon> no and no
<imbrandon> thats the way it was done a few 10 years ago or so
<imbrandon> VT is all new now
<twb> VT as in Intel VT-x?
<imbrandon> yea thats what i was refering to
<imbrandon> crap phone one sec man
<twb> I'm already using that to isolate containers from one another
<imbrandon> sorry
<twb> np
<imbrandon> i was getting at intercepting the calls there, you want to do it in a way that you DONT modify the code
<imbrandon> e.g. with a newrelic type module
<imbrandon> if not them similar
<imbrandon> brb
<twb> How is that different from strace and/or gdb ?
<imbrandon> because your modifyting the code when recompiling it diffrent
<twb> Or are you talking about instrumenting the PHP interpreter?  I'm a little confused.
<imbrandon> yes
<imbrandon> and yes
<imbrandon> and really the whole server not just the php runtime, it hasent been an intrepiter since php 3
<imbrandon> we're are 5.4 now
<twb> If you're instrumenting the PHP runtime, you're inherently changing the runtime.  I grant you, that you're not changing the PHP app, i.e. the code written in PHP stays the same.
<imbrandon> right but without the code changes, i am not enough of an expert to shoot down your every retort on this subjkect but i do konw if you research it a bit
<imbrandon> it IS the way to go
<imbrandon> and stop saying php, i mean EVERY PROCESS
<imbrandon> mysql , top, w, whatever is runnining on the box
<imbrandon> all of it at the cpu level
<twb> So what, you're saying run that instead of kvm?
<imbrandon> well sorta, depends on the kvm you are refering to but bsicly yes
<imbrandon> thats what new relic does
<imbrandon> than then chomps all the info and gives it to you in a way you can actually make actions on
<twb> I'm surprised that gives meaningful information
<imbrandon> like let me finish i'm still on the phone but when i'm done i'll show you my new relic console
<twb> Sure sure
<imbrandon> and show you the actionalble data
<imbrandon> and why an approach like this is so much more than just sysog etc, in other words you wouldne tbe here, you would be a) making a java server cuz he was undenyably right,m or shoveing what exact part of the code is broken in his face, but this time with solid proof
<imbrandon> not a fillled log
<imbrandon> that could have filled with anything then boke the camels back on that
<imbrandon> or hell it could be a php bug its self and not his code
<imbrandon> thats what we'll beable to see at a glance
<imbrandon> thats HARD to do with sysslog
<twb> Granted.
<imbrandon> back, ok give me sec to get the newrelic up
<twb> btw, the actual (unhelpful) error that sparked this is:
<twb> [Fri Jul 01 12:53:09 2011] [error] [client 203.7.155.8] PHP Fatal error:  Allowed memory size of 268435456 bytes exhausted (tried to allocate 80 bytes) in /var/www/alloc-stage/zend/Zend/Search/Lucene.php on line 1136, referer: https://alloc-stage.cyber.com.au/task/taskList.php?
<imbrandon> yea all that means is the setting in the php.ini is too low
<imbrandon> ok got a browser up ?
<twb> Well, the web dev said we should 1) increase the cap; and 2) migrate from PHP lucene to solr
<imbrandon> yup, hes right on both
<imbrandon> on most prod boxes i set it about 512m
<imbrandon> and then never think twice about not using solar
<twb> That feels like giving up
<imbrandon> solr is likeapche of search
<twb> Well, it *is* apache solr/lucene :-)
<imbrandon> twb: you got to loose that feeling man, it only will drive ya nuts, i am not saying give in to eveyr little whim or 8gb for 3 users
<imbrandon> but both of those are VERY VERY reasonalble requests
<imbrandon> like so reasonable i'm suprise YOU dident sugest them to him
<twb> Well, he said that php lucene is loading the entire lucene db into memory in ever php process, and I went "WTF GTFO"
<imbrandon> well only about half right
<imbrandon> but yea
<imbrandon> thats now the the zf1 ( what your using ther e) works
<twb> You don't give in to design like that, you put your foot down and say "go back and do it properly"
<imbrandon> zf2 and php 5.3 does a much better job and 5.4 even more so
<twb> php5.3 here
<imbrandon> twb: thats just it there is no proberly unless its from anther stack, that IS properly
<twb> He's using a convenience copy of lucene so I can't easily see what version
<imbrandon> and thats when i tell a sysop that tells me know to start packing his desk cuz as soon as i'm off the phone with his boss thats what would happen
<imbrandon> no*
<imbrandon> exactly twb and he is trying to get you to load the industry best practice of solr
<imbrandon> that you scoff at
<imbrandon> so what is he SUPOSSE tyo do
<twb> imbrandon: well, the "right" way would be a separate process that PHP talks to via a socket or port, and it just runs continuously and responds to requests.
<imbrandon> code it in asm >
<twb> Which I grant you is AIUI what solr does, I just have a knee-jerk reaction to deploying java to SOLVE memory issues
<imbrandon> php dont work like that, thats what things like solar and nodjs loadn hals are for
<imbrandon> exactly what they are for
<twb> loadn hals?
<imbrandon> twb: this gut feeling and kneejerk reaction is what is kiling you , not the dev, have you actually profiled modern j2ee stacks ?
<twb> my experience with j2ee stacks is limited to customers asking me to increase their mail or web server's allocation from 8GB to 16GB because "8GB isn't enough [for ten users]"
<twb> Oh and asking me to restart it when it crashes
<imbrandon> that may have been the case of java is a hog long ago, but vb6 was shittly long ago, and so was php, now php runs 2 of the 3 most traffic websites on the planet, with that kinda of backing you can bet your not the first sysabmin to have this issue, you just need to fiund who solved it best
<twb> AFAICT the "solutions" for PHP, at least, are to put a great big honking caching reverse proxy in front of it
<imbrandon> twb: the more you talk them more i would be scared to work at your company, it soulds like youve been at the same desk since 1999 and not left per se and learned anything new
<imbrandon> no its to run FPM actually
<imbrandon> and a little reverse microcache maybe
<imbrandon> maybe
<twb> Is that the fancy new stuff that byte-compiles PHP to an IR?
<imbrandon> no
<imbrandon> and php has been mytecode compiled since zend engine 1
<imbrandon> e.g. php 4.0.0
<imbrandon> its now "fancy nerw stuff"
<twb> Oh *that* fpm
<imbrandon> php 4.0.0 came out what 12 years ago
<imbrandon> i konw i keep saying it man but your your own worst enemey here , i almost need to checdk if i'm just being trolled
<uvirtbot> New bug: #965022 in openssh (main) "ssh crashed with SIGSEGV" [Undecided,New] https://launchpad.net/bugs/965022
<imbrandon> twb: fpm a.k.a fast page module, a.k.a fastcgi
<imbrandon> not a new tech
<imbrandon> maybe a new name and a new way to implment it
<imbrandon> but been arround ages
<imbrandon> and if you need a reverse proxy its probably apache killing you not the php
<imbrandon> as demonstrated in that blogpost
<imbrandon> , ok i have my passwd on newrelic set to a temp one if you wanna poike arround a little
<twb> msg me the credentials or something?
<imbrandon> its running on my blog that i just deployed 2 days ago and not been optimized yet, so lots of nice little errors and such to see
<imbrandon> sure
<imbrandon> one sec
<twb> I log in from newrelic.com, or from your site?
<imbrandon> newrelic.com
<twb> hm, might as well use a GUI browser...
<imbrandon> you'll want the app that says brandonholtsclaw.com zerox@linode
<imbrandon> uh yea
<twb> It's listing dev/live/test no brandonholtsclaw
<imbrandon> hit the dropdown
<imbrandon> in the top right
<imbrandon> it needs to say xerox@linode
<imbrandon> near the logout, prbably says enews pro or something now
<twb> got it
<imbrandon> kk, poke arround in there i actually need to take another call
<imbrandon> trusting a stranger here
<imbrandon> heh dont blow it up
<twb> It's struggling a bit, probably either the .au / .us link, or because I'm on an ARM netbook with zero video acceleration
<imbrandon> possibly, but the datapoints are the real key
<twb> mm
<imbrandon> notice all the toip greay bar
<imbrandon> there it lots of metiric and i only have some loaded
<imbrandon> but see it break down to the fucntin calll level
<imbrandon> and then what inside the functino even
<twb> OK so it can profile PHP files, modules and modules' SQL queries
<imbrandon> deeper than file
<imbrandon> but yea
<imbrandon> much more detailed than syslog
<imbrandon> with no code changes
<imbrandon> also note on the fron page
<imbrandon> i'm getting what about 2 hits per minute on my blog
<imbrandon> basicly idle
<twb> Where it says memcache, is that memcached?
<imbrandon> and its sitting at 455mb ram un optimized with solar
<imbrandon> yes
<imbrandon> memcache is the api ( now part of mysql from oracle ) that memcached implments
<imbrandon> but the new interface to the mysql ndb server long with handlersocket is msuch nicer now, it will be mainstream in another 3 to 6 months
<twb> FWIW I doubt that's instrumenting at the VT/KVM layer, I expect that's more more likely to be instrumenting the PHP runtime plus collecting stats from memcached and friends, and maybe sniffing packets
<imbrandon> sureand it can
<twb> Pulling that data out by watching x86 instructions would be a real bitch
<imbrandon> like i said i dont have most of it loaded
<twb> OK
<imbrandon> see all the empty blanks
<imbrandon> like all of background tasks is empty
<imbrandon> i only have the raw basics going as i'm in the mid of a redesign
<imbrandon> on that blog, thus only one post re-imported too
<imbrandon> :)
<twb> Oh "background" tab doesn't fit on my screen
<twb> I can just see "ba..."
<imbrandon> nother 24 or 48 hours and it will be back to norm
<imbrandon> ahh well its empty anyhow
<imbrandon> heh
<imbrandon> anyhow youve seen the tools and know my opinon, i can give you sites to back it up but in reality ANYWHERE you look its best practice so just pick somewhere
<imbrandon> but in the end he is right this time
<imbrandon> maybe not every time
<twb> Well fair enough
<imbrandon> but solr and 512m in the php,.ini is the way to go
<twb> Definitely not every time -- we had to explain to him that double-ledger accounting was a good idea, and using floating-point for financials wasn't :-)
<imbrandon> heh sure, he is a coder not an accountant :) i'd expect that
<imbrandon> i;d be sacred if he did know
<imbrandon> well maybe  ot but you get my drift
<twb> Sorry, I forgot to mention this ITS also manages all the money stuff :-(
<imbrandon> sure but he surely isnt the only one, if there isnt code reviews by other developers and its money on the line that just dumb, fire the ceo
<twb> But yeah, double ledger accounting has been best practice since the 17th century, so I would expect anyone doing financial ANYTHING to know about it
<imbrandon> NOW
<twb> imbrandon: there's only one dev
<imbrandon> thats ok for a blog, i thought you said this was a business that meney was at stake
<twb> This code is kept around instead of migrating to RT because the CEO (who also owns the company) thinks it's awesome :-/
<imbrandon> if you cant hirer the help outsource , thats just nuts, your ceo should be put in jail for being liable
<imbrandon> as well as anyone who follows him
<twb> AIUI it's not a public company so it's 100% legal to run it into the ground by mismanagement
<imbrandon> yea let me give all my money to this 16 year old to go alone and make a midnight night deplosit
<twb> Not that this has happened yet... it's a 25yo company
<imbrandon> that sounds smart
<twb> imbrandon: that's pretty much what happens, only he's twenty-five or so now
<twb> He doesn't come into the office because we will yell at him
<imbrandon> he is dumb for not quiting and the ceo needs shot
<imbrandon> yell at him sounds like he is savin yalls ass
<twb> Well he also took the ITS off and made his own company so now he's a contractor!
<imbrandon> nice , 8x the monney is always better
<twb> So we say "ITS should do this" and he goes "but that might break things for all my other (imaginary) customers"
<twb> Of course he has probably joined this channel by now and is collecting incriminating evidence...
<imbrandon> well it is only a request unless you are willing to walk
<imbrandon> but it dont sound like it
<twb> CEO isn't and he gets veto :-
<twb> :-/
<imbrandon> heh the cannel is loged
<imbrandon> all #ubuntu cannels are public logged
<twb> Yeah I don't really care
<imbrandon> i know, was just letting ya know
<imbrandon> :)
<imbrandon> okies i got to get some real work done, you good on the newtelic or wanna poke some more ?
<twb> Nah, I'm done.  Thanks.
<imbrandon> kk, i'm round if ya need soemthing , might need to say my name so irssi hilights me
<imbrandon> :)
<twb> No worries
<imbrandon> last thing though i have no affilatin with new relic btw, if you dont use them gram something similar
<imbrandon> they are very trusted in the industry though
<imbrandon> if you grab reviews
<twb> home time for me too
<imbrandon> l8tr
<jamespage> morning all
<bencer_> morning jamespage
<jamespage> morning bencer_
<jamespage> good weekend?
<bencer_> seems that we made all: both packages and doc
<bencer_> yup, a friend from frankfurt visited me, and the bbq in the park season has started
<bencer_> according to the german standards :)
<jamespage> +1
<jamespage> sounds good
<imbrandon> elllo ello
<bencer_> i've one questions, are the bugs filled against the old ebox src packages automatically deleted or do we have to close/move them?
<jamespage> bencer_, I was going to get something added to the release notes for precise as well
<bencer_> that would be cool
<jamespage> bencer_, the archive-admins will close them once the work has been completed
<jamespage> bencer_, no further action required from our perspective
<bencer_> just got removed now
<bencer_> 2012-03-26 07:11:56 INFO    Removed-by: Martin Pitt
<bencer_> 2012-03-26 07:11:56 INFO    Comment: superseded by zentyal-*, LP #957109
<bencer_> 2012-03-26 07:11:57 INFO    15 packages successfully removed.
<uvirtbot> Launchpad bug 957109 in ebox "Please remove libebox, ebox and ebox-* packages from the precise archive" [Undecided,Fix released] https://launchpad.net/bugs/957109
<jamespage> bencer_, ah - so I see
<bencer_> i was going to prepare and send a couple of blueprints we want to propose for q
<jamespage> bencer, sounds good
<bencer> me and jacalvo we will be in the uds :)
<jasonmsp> hey all.  What is a good spam-filter to use with 10.04 and a postfix/dovecot setup?
<greppy> jasonmsp: I like amavisd-new + spamassassin + clamav with sanesecurity signatures.
<greppy> jasonmsp: http://www200.pair.com/mecham/spam/ can be made to fit ubuntu without too much headache.
<jasonmsp_> timed out...  Anyone have a suggestion for a spam filter?
<jasonmsp_> postfix/dovecot on 10.04
<jamespage> bencer, excellent! look forward to meeting you in person
<bencer> jamespage: yes. do you know when are people starting to submit blueprints for q?
<bencer> maybe its a bit too early?
<jamespage> bencer: most people are still focussed on getting precise finished
<jamespage> blueprints normally get raised/approved in the 2 weeks or so before UDS
<jamespage> but if you have time now it won't hurt to raise them!
<bencer> ok, i will
<bencer> probably today, as i've already some drafts
<greppy> jasonmsp_: that url timed out?  worked for me.
<jasonmsp> greppy..  no my connection sucks and I keep dropping out.  Wanted to make sure I didn't miss a response.
<jasonmsp> im looking for a spam filter for 10.04 dovecot/postfix setup.
<greppy> jasonmsp: http://www200.pair.com/mecham/spam/
<greppy> jasonmsp: that can be made to fit ubuntu 10.04 without too much pain.
<jasonmsp> greppy: thx..  I prefer quality over complexity.  Do you think thats the best solution?
<yolanda2> hi, good morning
<yolanda2> any one can help with a dbconfig problem?
<yolanda2> i always asks for password confirmation all the time
<soren> yolanda2: Which package?
<yolanda2> hi soren, i'm doing a new package for openerp, a new one that i'm building
<soren> yolanda2: Ah.
<soren> yolanda2: And it asks for password on every upgrade?
<greppy> jasonmsp: it's a pretty comprehensive solution.  There isn't really a single "do this one thing and it will fix your spam issues" solution.
<yolanda2> soren, every time i even try to install the package. Only ask for server, and password confirmation
<greppy> jasonmsp: at least, not without paying someone else to do it for you :)
<yolanda2> it's quite strange. It doesn't ask for a password, so password confirmation never works, of course, and blocks the install
<soren> yolanda2: You could try enabling debconf debugging to see if that offers any hints.
<yolanda2> hi soren, new with that, how can i do it?
<soren> Set DEBCONF_DEBUG=developer before doing dpkg -i.
<yolanda2> ok
<yolanda2> thx
<soren> Either like so:
<soren> export DEBCONF_DEBUG=developer
<soren> ..and then run dpkg.
<soren> Or:
<soren> (better)
<soren> sudo DEBCONF_DEBUG=developer dpkg -i blah.deb
<soren> It might only really be helpful if you know at least a bit about how debconf works.
<yolanda2> soren, a little, but i'm doing the first package with it
<lynxman> morning o/
<jamespage> morning lynxman
<lynxman> jamespage: good morning sir :)
<jamespage> nice weekend?
<lynxman> jamespage: it was indeed, first picnic of the season
<lynxman> jamespage: and yours?
<jamespage> lynxman, very nice thankyou! lots of time enjoying the nice weather for a change!
<lynxman> jamespage: lovely :D
<soren> yolanda2: Any luck?
<soren> yolanda2: Otherwise, I recommend you share the code somewhere. Otherwise, it's quite hard to guess what's going on.
<yolanda2> sorry, soren, meeting now
<yolanda2> i have the code public, let me show you later
<soren> yolanda2: no worries.
<linocisco> ubuntu server sucks.
 * soren bites
<greppy> linocisco: you are free to use something else.
<soren> linocisco: Are you going to qualify that somehow?
<linocisco> soren, I want to setup loadbalancer like pfsense using ubuntu. but no easy way
<soren> linocisco: I wonder if that could be phrased as a constructive question...
<linocisco> soren, I love ubuntu alot. but whenever I asked on forums or IRC about seting up dual WAN router to failover+loadbalancing proxy server using two ISP links which has two different upstream proxy
<linocisco> it is not possible. like impossible
<soren> And that's easy as pie with this pfsense thing you speak of?
<linocisco> soren, I have not finished my setup using pfsense. but it is more closer
<soren> linocisco: Doesn't sound unachievable at all. haproxy + policy routing + something that monitors connectivity and tears down connections as needed and retries.
<soren> linocisco: Just complex if you've never used either before.
<linocisco> soren, yes. even ubuntu geeks said it is difficult
<linocisco> soren,  there is no predefined how to guide
<soren> linocisco: Predefined how to guides for every single scenario doesn't scale.
<soren> Simple as that.
<soren> You're just going to have ti learn the tools (or find someone else to do it all for you).
<linocisco> soren, ti =?
<soren> "to"
<soren> You're just going to have to learn the tools (or find someone else to do it all for you).
<yolanda2> hi soren, debug showed some problems and now it asks for password, i'm having some other problems now but i'm trying to solve them
<yolanda2> hi soren, just another question. Now my package fails because i don't have postgresql and postgresql-client installed. If i use dbconfig, and choose postgres, isn't that dependency handled automatically? do i have to add a dependency for postgres anyway?
<soren> yolanda2: Yes.
<soren> yolanda2: Not all packages work with all db types, so a dependency from dbconfig-common to all the various client tools would be wrong.
<soren> yolanda2: Add a dependency on the relevant tools for the databases your package supports.
<yolanda2> so dependency for postgres and postgresql is needed? and what about if you choose to don't config postgres? the tool gives you that option, postgres will be installed anyway?
<Daviey> You can actually tell dbconfig what databases it should support.
<Daviey> Unless you have a foo-database package, i'd make it a recommends... as i don't always want to run the database on my app server
<Daviey> If you do make a foo-database package, make it a recommends of the app serverpackage
<Daviey> I might have repeated what soren said, sorry.
 * ogra_ prefers the bar-database packages ... they have a promis of beer in them 
<yolanda2> Daviey, i have a recommend now
<ogra_> *promise
<yolanda2> but then after supplying the password, i have this error
<yolanda2>  â An error occurred while installing the database:                                                                                                        â
<yolanda2>  â                                                                                                                                                         â
<yolanda2>  â psql: could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket              â
<yolanda2>  â "/var/run/postgresql/.s.PGSQL.5432"?
<yolanda2> as Postgres isn't installed
<Daviey> yolanda2: postgres isn't running
<yolanda2> Daviey, i just added as a recommends, so it shouldn't be installed by default, but i thought that dbconfig was handling that
<Daviey> you probably need to check it's running, and if not, run it from postinst
<Daviey> i think dbconfig SHOULD.. but it doesn't it seems
<yolanda2> Daviey, can i show you my debian files? perhaps i'm doing something wrong
<soren> yolanda2: There's a config option to tell dbconfig whether to ask for remote hsots by default.
<soren> yolanda2: dbc_remote_questions_default or something.
<yolanda2> dbc_remote_questions_default=true
<soren> yolanda2: If that's not set to "true", it won't ask for remote hosts by default (unless you've lowered your debconf priority threhold)
<soren> yolanda2: Where do you set that?
<Daviey> yolanda2: I assume you are seeing the issue apt apt-get time, rather that throught the installer?
<yolanda2> let me show you the files, just a moment
<yolanda2> it's pushed here: sftp://yolanda@chinstrap.canonical.com//home/yolanda/openerp-package-test
<yolanda2> it's my first contact with dbconfig, i followed documentation and some samples, but perhaps something is wrong
<soren> It's been a while since I've had chinstrap access. :)
<soren> Daviey: It's all yours :)
<Daviey> yolanda2: fancy scp'ing to people.canonical.com:~/public_html/ ?  Then everyone can see it :)
<yolanda2> ok
<yolanda2> sorry, Daviey, i'm trying an scp to people.canonical.com and gives me access denied
<soren> yolanda2: Perhaps scp isn't permitted?
<soren> yolanda2: (It's different from sftp)
<koolhead11> yolanda2: what are you installing via apt-get?
<yolanda2> koolhead11, no, using a locally generated debian file
<yolanda2> Daviey, i did a bzr push: bzr push sftp://people.canonical.com//home/yolanda/public_html/openerp-package-testing/
<yolanda2> can you check it?
<uvirtbot> New bug: #965138 in juju "Juju concatenates the full API endpoint URL when it gets absolute paths from the MAAS api." [Undecided,New] https://launchpad.net/bugs/965138
<soren> yolanda2: Looking at your config.. It might be correct, but it's certainly different from how I usually do it.
<yolanda2> soren, if you can give me some guidance is good, i'm new to that so perhaps i didn't look at the right samples
<soren> yolanda2: I tend to source the various files, set the dbc_* variables and then dbc_go.
<yolanda2> soren, i do more or less like that, what difference you see?
<soren> yolanda2: I've admittedly never done dbtype-specific stuff.
<soren> I've always had a generic package and set dbc_dbtypes
<soren> yolanda2: You check for the existence of the pgsql file, then you set the dbc_* vars, then you source the config and run dbc_go
<soren> Oh, hang on.
<soren> You source the config and run dbc_go in a subshell.
<yolanda2> soren, if you can show me some of your code it can be good
<soren> The dbc_vars won't propagate to dbc properly.
<Daviey> $ bzr branch http://people.canonical.com/~yolanda/openerp-package-testing/
<soren> yolanda2: http://paste.ubuntu.com/900274/
<soren> yolanda2: vs
<soren> yolanda2: http://paste.ubuntu.com/900275/
<soren> (first is yours, second is what I'd usually do.
<soren> Getting rid of the subshell would possibly solve everything, though.
<yolanda2> thanks soren, i'll try
<soren> It certainly won't work without it.
<soren> Mind you, I've only looked at the config.
<soren> yolanda2: In your postinst, you're calling "getent passwrd | grep". Please don't do that.
<Daviey> yolanda2: does this help, http://bazaar.launchpad.net/~maas-maintainers/maas/packaging/view/head:/debian/maas.config
<Daviey> yolanda2: lazily generates a random password.
<soren> yolanda2: If there's an ldap user backend with thousands of users, that's going to dreadful.
<Daviey> that is a .config file
<soren> yolanda2: Do "getent passwd <username>"
<yolanda2> soren, ok, that sentence came by default in openerp initial package so i just left like it was, but i'm seeing that the initial package wasn't very good
<soren> yolanda2: I also don't see the postinst actually consuming the info from dbconfig, but perhaps that's not done yet?
<yolanda2> should be there
<yolanda2> let me see,
 * soren stares
<soren> Nope, don't see it
<soren> You're also a bit heavy on the calls to dbc_go.
<yolanda2> seems that i pushed wrong version
<soren> Three of them, (one being in a subshell)
<Daviey> yolanda2: When you are ready with the package, i might have a tester lined up.
<yolanda2> soren, Daviey, pushed right version to people.canonical.com now, sorry
<soren> yolanda2: You don't need to set all the dbc_* vars in the postinst.
<Daviey> yolanda2: Does openerp need a shell?
<soren> I still don't see the postinst doing anything with the stuff that dbconfi provides.
<yolanda2> perhaps something is wrong then, it's the right code now
<yolanda2> that is in the postinst
<yolanda2> # source dbconfig-common shell library, and call the hook function
<yolanda2> if [ -f /usr/share/dbconfig-common/dpkg/postinst ]; then
<yolanda2>     . /usr/share/dbconfig-common/dpkg/postinst
<yolanda2>     dbc_dbtypes="pgsql"
<yolanda2>     dbc_authmethod_user="password"
<yolanda2>     dbc_dbuser="openerp"
<yolanda2>     dbc_remote_questions_default=true
<yolanda2>     dbc_go openerp $@
<yolanda2> fi
<yolanda2> isn't right?
<soren> You don't need to set all those vars in the postinst.
<soren> ...but as is, the postinst will just create the user.
<soren> It won't shove the config into openerp.
<soren> Perhaps it's not needed?
<soren> I'm just so used to mysql where I always need to pass the password on to the app.
<soren> ..but I guess with postgres that's not necessarily necessary.
<soren> What with its ident auth and whatnot.
<yolanda2> soren, well, i need to put the username and password in a openerp.conf file
<yolanda2> can be done with md5 or with ident, we are trying md5
<soren> yolanda2: Ok.
<soren> yolanda2: That's what I mean then :)
<soren> yolanda2: I don't see the code to do that, but if that's still not done, that's clearly why :)
<yolanda2> soren, i still haven't done it, i'm in the process :)
<soren> Ok, my servers are done deploying, I'll go and poke at them for a while.
 * soren wanders off
<Daviey> yolanda2: Are you looking at  a 6.1 snapshot, rather than 6.0 release?
<yolanda2> Daviey, yes, the package is for 6.1
<Daviey> yolanda2: when is 6.1 final due?
<yolanda2> Daviey, openerp 6.1 is already out
<Daviey> yolanda2: then why does it look like you are doing a snapshot?
<yolanda2> Daviey, because they still delivery nightly builds from time to time, do you mean that?
<Daviey> yolanda2: Do they have a 6.1 release that can be downloaded?
<yolanda2> Daviey, yes
<yolanda2> let me send you to the page
<yolanda2> http://nightly.openerp.com/6.1/releases/openerp-6.1-1.tar.gz
<Daviey> ah, cool - http://nightly.openerp.com/6.1/releases/openerp-6.1-1.tar.gz
<Daviey> thanks
<yolanda2> np
<uvirtbot> New bug: #965188 in mcollective (universe) "Mcollective is launched more than once" [Medium,Invalid] https://launchpad.net/bugs/965188
<smoser> zul, i just opened https://bugs.launchpad.net/nova/+bug/965225
<uvirtbot> Launchpad bug 965225 in nova "EC2 TerminateInstances api call hangs and returns 500 when given bad data (ip address)" [Undecided,New]
<zul> smoser:  cool thanks (i think ;)
<zul> smoser: you can use an ip address to terminate an instance?
<smoser> no
<smoser> its just bogus data.
<zul> smoser: ah i see
<zul> Daviey:  can you review please? http://paste.ubuntu.com/900421/
<Daviey> zul: looking
<Daviey> zul: how is keystone looking for MIR btw?
<zul> Daviey: good...we have to fix up the swift testsuite and then it should be ok
<Daviey> fix-ubuntu-tests.patch i'd call it, tests-disable-external-deps.patch .. but just a taste thing.
<Daviey> --#log_config = /etc/keystone/logging.conf
<Daviey> +-#log_config = ./etc/logging.conf.sample
<Daviey> ?
<Daviey> patching a commented field?
<Daviey> -	python setup.py build_sphinx || true
<Daviey> +	python setup.py build_sphinx
<Daviey> Does it currently fail to generate doc's?
<Daviey> Seems an odd fix for, * debian/rules: Fix doc builds + clean (LP: #956019)
<zul> Daviey: not sure adam_g made those modifications for the log_config stuff
<zul> smoser: fixed locally
<koolhead11> so finally i can see step by step Essex guide for precise http://www.hastexo.com/resources/docs/installing-openstack-essex-4-ubuntu-1204-precise-pangolin
<yolanda2> hi Daviey, i got some success in creating openerp user now. However, seems that is also creating a database, is there any way to create only the openerp user, but without any database? this is going to be created by openerp interface
<uvirtbot> New bug: #965283 in openvswitch (universe) "include openvswitch documentation / package openvswitch-docs" [Undecided,New] https://launchpad.net/bugs/965283
<ttx> zul: looks like a packaging todo list: http://www.hastexo.com/resources/docs/installing-openstack-essex-4-ubuntu-1204-precise-pangolin
<zul> ttx: cool ill have to read it
<ttx> zul: there are a few weird things, but overrall, it's not bad
<zul> ttx:yeah
<koolhead11> ttx: :P
<ttx> koolhead11: weird things include copying an old volume.py file to solve a bug, losing all other improvements to the file
<koolhead11> ttx: Madkiss is the guy who wrote it
<koolhead11> he is in #openstack channel
<ttx> ack
<raydog45000> 	Hello all, I am trying to set up an ubuntu server, I checked the disc for defects and tested memory, after I choose a host name it fails at 43% of starting up the partition, how can I get it to complete?
<raydog45000> anyone here?
<greppy> raydog45000: nope, we're all just idling.
<greppy> if someone can help, they will :)
<raydog45000> m'k
<smoser> zul, did you run test on that change?
<zul> smoser: yeah
<smoser> i'm just looking at the tests in ova/tests/api/ec2/test_ec2_validate.py, and would have thought you'd break one.
<smoser> maybe you should add one there.
<zul> smoser: ack
<smoser> and i commented in the review a bout a little thing to fix while you're there.
<smoser> hallyn, http://www.mail-archive.com/openstack@lists.launchpad.net/msg09018.html
<smoser> i'm not the only one.
<hallyn> without opening the link, i think i saw the email
<smoser> althoguht his post (and my recent test) does not show regression in performance due to guest (lucid versus precise), which is what i originally thought.
<smoser> hallyn, yeah, you can't trust me enough to open links
<hallyn> i'm afraid high prio bugs will continue to take priority over the performance tests though
<hallyn> at leaset, the ones in precise
<hallyn> still,
<hallyn> most of your perf loss was still due to https right?
<smoser> did you do this ?
<smoser> http://s3hh.wordpress.com/2012/01/11/kvm-performance-measurements-my-plan/
<hallyn> heck whatever is causing that may also be responsible for the other perf loss
<hallyn> smoser: no, that's what i'm saying i'll do as soon as high prio precise bugs are all cleared or waiting on something
<smoser> by "do this", i mean, the blog says "I intend to do". did you do ?
<hallyn> no.  i continue to intend to do this
<smoser> hallyn, well, on e thing not listed there, is a regression test.
<smoser> its fine/good to turn all the knobs on precise
<hallyn> right
<smoser> but if we got 100M/s in lucid, and 20M/s in precise, we need to know that.
<hallyn> right, so i'm going to first do a basic test (with precisely one configuration) to compare oneiric to precise
<hallyn> you think i should do lucid instead of oneiric?
<Adri2000> zul: are there plans to merge openstack packages with debian's? if yes, before or after precise?
<uvirtbot> New bug: #965356 in nova (main) "unnecessary dep: nova-api -> nova-cert" [Undecided,New] https://launchpad.net/bugs/965356
<zul> Adri2000: the process has already started it should be completed after precise
<Maleko> can someone explain why ubuntu automatically re-add/set the highlighted route as def gw
<Maleko> http://pastebin.com/imadQJuB
<addictedboy> Trying to set firefox custom server using their guide, but getting this error message while restarting
<addictedboy> the apache
<addictedboy> apache2: bad group name sync
<addictedboy> Action 'configtest' failed.
<addictedboy> The Apache error log may have more information.
<addictedboy>    ...fail!
<Adri2000> zul: ok. another question: do you or anyone knows if ~ubuntu-server-dev is open to non-coredevs motus? or: can I directly contribute to openstack packaging without applying for coredev?
<zul> Adri2000: yes you dont have to ubuntu-server-dev/core-dev to contribute to openstack packaging you just have to do merge proposals
<Adri2000> I know about merge proposals, that's why I said "directly contribute" :)
<zul> Adri2000: right we accept merge proposals but you need either ubuntu-server-dev or core-dev to merge directly into the branches
<Adri2000> ok
<SpamapS> Adri2000: ubuntu-server-dev is approved via the developer membership board
<SpamapS> Adri2000: it covers quite a few things outside openstack, and thus, one needs to show a wider breadth of contribution to be granted those rights.
<Adri2000> I see
<SpamapS> Adri2000: we'd b *more* than happy to help you achieve it. Another option is to just apply for per package upload rights for the packages you are most interested in.
<SpamapS> Adri2000: for that you'd just need to show a sustained contribution to the packaging of those things over about the length of one release cycle (so 6 months)
<SpamapS> Adri2000: in order to show that.. merge proposals. :)
<Adri2000> actually I'm not looking specifically for more upload rights, but rather a convenient (i.e. commit+push :)) way to contribute some fixes to the packaging. just like it's possible in some debian teams, where their git/whatever repo is open to a larger team than just the team of debian developers
<uvirtbot> New bug: #237164 in xorg "kvm needs to correctly simulate a proper monitor" [Medium,Invalid] https://launchpad.net/bugs/237164
<csotelo_> hello people I have a problem on creating a user on postgres after install it
<csotelo_> createuser: could not connect to database postgres: could not connect to server: No such file or directory
<csotelo_>     Is the server running locally and accepting
<csotelo_>     connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
<KM0201> csotelo_: i have no idea on that.. patdk-wk may know, as i recall, he is pretty knowledgeable.
<patdk-wk> hmm?
<Adri2000> zul: may I suggest to rename /etc/apache2/conf.d/dashboard.conf in horizon to something more explicit? (like openstack-dashboard.conf) - tell me if you want a bug report
<zul> Adri2000: bug report with a merge proposal would be good :)
<Adri2000> ehhhh - that's such a small change that I feel a merge proposal is more work for everyone...
 * Adri2000 files a bug at least
<csotelo_> thanks KM0201
<csotelo_> patdk-wk, please.. have you read my problem
<KM0201> csotelo_: he may not have saw it, as i think he came in after you posted it
 * patdk-wk sees no question
<patdk-wk> had to reboot for kernel update
<csotelo_> patdk-wk, my quetsion is why postgres dont permit me to create a new user
<csotelo_> because when I do a createuser -SRDp myuser as postgres user, then I get the error
<patdk-wk> dunno about postgres
<patdk-wk> most likely cause you didn't authenicate to postgres as an admin
<csotelo_> ?
<csotelo_> patdk-wk, why I have done is install a postgres on a new machine
<csotelo_> I usually done something like sudo apt-get install postgresql postgresql-client
<csotelo_> and the
<csotelo_> sudo -s and then su postgres
<csotelo_> and filelly createuser -SDRp myuser
<csotelo_> finally*
<csotelo_> and normally it work
<csotelo_> I don the same and get that error on a new machinne
<SpamapS> Adri2000: so bzr packaging branches are open to a wider team.. commit, push, and one more command 'bzr lp-propose'
<koolhead11> !postgres
<koolhead11> !pgsql
<koolhead11> csotelo_: https://help.ubuntu.com/10.04/serverguide/C/postgresql.html  see if this helps
<caribou> hallyn: Regarding bug 965231, would a copy of the VM I'm using for testing help ?
<uvirtbot> Launchpad bug 965231 in qemu-kvm "Virtual Machine is not terminated when doing "shutdown" in VM with Oneiric/Precise" [High,Confirmed] https://launchpad.net/bugs/965231
<Adri2000> zul: ok, I must admit that it's a bit more complicated: I forgot the handling of the rename in maint scripts :), so well, I'll go ahead and propose a branch
<Adri2000> SpamapS: right, I'll give it a try ^
<zul> cool
<hallyn> caribou: itmight...  i know shutdown was working ofr me last week, but i can't recall if that was with the precise package, or with upstream
<hallyn> so i just need to get my test box up and test.
<caribou> hallyn: it's a very basic Oneiric-server install nothing particular
<koolhead11> zul: is diablo/essex and precise/essex updated simultaneously ?
<hallyn> caribou: but is acpid installed?
<zul> koolhead11:  diablo/essex?
<caribou> hallyn: now it is & it still hangs after "System halted"
<SpamapS> Adri2000: renames are easier these days with dpkg-maintscript-helper (though that makes things less backportable since it is fairly new)
<koolhead11> zul: oops. i meant oneiric/essex srry
<caribou> hallyn: I must be missing something obvious otherwise it would have been noted before
<hallyn> ok.  sounds like a definate bug :)
<hallyn> no no, it may be broken in precise and fixed upstream.  let me test (sometime today)
<caribou> hallyn: why would I be the only one seeing this, it started on Oneiric
<caribou> hallyn: no rush, it' end of day here in France
<hallyn> caribou: I don't know that many people use 'virsh shutdown'
<caribou> ah ok
<caribou> hallyn: thanks for looking at this, see you tomorrow
<hallyn> caribou: np, ttyl
<zul> koolhead11: no it isnt
<koolhead11> zul: okey. i thought so :)
<Adri2000> SpamapS: yep, found http://raphaelhertzog.com/2010/10/14/correctly-renaming-a-conffile-in-debian-package-maintainer-scripts/ ; it says it works since 1.15.7.2 which is there since maverick, so that will work I think :)
<jjohansen1> hallyn, stgraber: so we have a problem, turns out there was a kernel bug in addition to the userspace issue.  We need both to fix the issue.  This will require a kernel freeze exception from the release team
<hallyn> jjohansen1: thanks for the info.  stgraber: soudns like we should go with the temp-proc-mount fix then
<hallyn> jjohansen1: quick related q,
<jjohansen1> hallyn: shoot
<hallyn> jjohansen1: is unconfined allwoed to request transition to all domains?
<jjohansen1> hallyn: yes
<hallyn> ok
<hallyn> right now lxc-start enters the usr.bin.lxc-start comain, but lxc-execute doesn't
<hallyn> but both request entring the container's profile
<hallyn> so i think that's what we want right
<hallyn> thanks
<jjohansen1> sounds right
<stgraber> hallyn: yeah, the temporary fix sounds good then, feel free to upload and I'll poke #ubuntu-release to have it accepted
<hallyn> stgraber: lxc_0.7.5-3ubuntu45_source.changes dput'ed
<stgraber> hallyn: thanks
<hallyn> stgraber: jjohansen: I'm goign to commit some changes to the server guide lxc section to fill in the apparmor bits.  I'll post you to the merge request if you care to review.  (Though it shouldn't be contraversial)
<kantlivelong> my grubmenu seems to be missing... how can i rebuild the grub conf? im on ubuntu 11.10 server x64
<RoyK> update-grub ?
<kantlivelong> oh lol :P
<stgraber> hallyn: lxc accepted
<hallyn> stgraber: cool.
<hallyn> I'm going to do a merge proposal now for https://code.launchpad.net/~serge-hallyn/serverguide/lxc-aa/
<hallyn> (and then consider myself done with lxc server guide for real)
<zul> adam_g: https://launchpadlibrarian.net/98406449/buildlog_ubuntu-precise-i386.swift_1.4.7-0ubuntu3.2_BUILDING.txt.gz
<adam_g> zul: cool
<uvirtbot> New bug: #965476 in lxc (universe) "Can't install Precise guest on Oneiric host" [Undecided,New] https://launchpad.net/bugs/965476
<uvirtbot> New bug: #965478 in image-store-proxy (universe) "Depends: eucalyptus-common but it is not installable" [Undecided,New] https://launchpad.net/bugs/965478
<adam_g> zul: is that in the archive or a PPA somewhere?
<zul> ppa
<adam_g> zul: is keystone rc1 going to go in today?
<zul> adam_g: i wanted to get daviey to review but i think he had a question about the logging.conf
<zul> Daviey: ^^^
<Daviey> no, the real question was about the docs.. the 'fix' is || true.. which seems to be a regression?
<adam_g> huh?
<Daviey> the logging.conf was more of a question, as why we are patching a commented field.
<Daviey> 14:20 < Daviey> -Ipython setup.py build_sphinx || true
<Daviey> 14:20 < Daviey> +Ipython setup.py build_sphinx
<Daviey> oh, wait - i'm looking inverted
<Daviey> *doh*
<adam_g>  bzr+ssh://bazaar.launchpad.net/~openstack-ubuntu-testing/keystone/precise-essex-proposed/
<adam_g> ^ i fixed the doc issue in that branch, which should be merged with the upload
<uvirtbot> adam_g: Error: "i" is not a valid command.
<zul> adam_g: yeah i got that locally
<adam_g> zul: what do you mean
<Daviey> adam_g: why are we doing:
<Daviey> 14:19 < Daviey> --#log_config = /etc/keystone/logging.conf
<Daviey> 14:19 < Daviey> +-#log_config = ./etc/logging.conf.sample
<adam_g> -#log_config = ./etc/logging.conf.sample
<adam_g> +log_config = /etc/keystone/logging.conf
<adam_g> ...in -proposed
<adam_g> http://paste.ubuntu.com/900800/
<zul> oops...hold on
<adam_g> i spent a while getting that package in better shape last week in preparation for rc1 landing
<adam_g> Daviey: which branch were you looking at?
<Daviey> adam_g: from zul's debdiff
<adam_g> zul: is that debdiff a merge of -proposed into ubuntu-server-dev, or some other??
<zul> bad merge
<adam_g> hm, ok
<uvirtbot> New bug: #965507 in juju "Juju uses http to contact uec-images.ubuntu.com" [High,In progress] https://launchpad.net/bugs/965507
<zul> adam_g: the local branch here has the doc build changes
<adam_g> zul: the local branch where?
<zul> adam_g: on my pc
<Daviey> adam_g: branch it from zul's PC, and we are gold!
<adam_g> zul: why isnt it in -proposed? i wouldn't have spent time fixing it if were, and now we'd have a clean merge :)
<zul> adam_g: it has the testsuite fixes that i was working on lemme, push back
<smoser> zul,  fyi, you had smokestack pep8 errors in your https://review.openstack.org/#change,5809,patchset=1
<zul> smoser: son of..
<zul> adam_g: https://code.launchpad.net/~openstack-ubuntu-testing/keystone/precise-essex-proposed
<zul> ^^^ that is what is going to be uploaded today
<uvirtbot> zul: Error: "^^" is not a valid command.
<zul> shut up uvirtbot
<zul> adam_g: s/python-swift/swift/g though
<adam_g> zul: ok
<adam_g> so thats a different branch than the one Daviey was looking at?
<zul> adam_g: he was looking at a debdiff
<adam_g> zul: okay, well, that branch LGTM then. curious to know why you need the entire swift package as a builddepends, tho
<zul> adam_g: yeah that should be just python-swift
<zul> adam_g: so im going to change that to python-swift and then upload it
<adam_g> zul: before you do, push change to -proposed and lets run it thru the CI build job once
<zul> adam_g: k
<zul> done
<adam_g> zul: cool
<zul> adam_g: swift is still failing in the ci though, 1.4.9 needs some dependencies for the testsuite
<adam_g> zul: also the quantum package is still uninstallable, should i try to fix it up?
<Adri2000> zul: I don't know if you get notified about this: https://code.launchpad.net/~adri2000/ubuntu/precise/horizon/rename-apache-config-file/+merge/99366
<zul> adam_g: should be fixed i think
<zul> Adri2000: i might have been i just havent gotten around to it yet
<Adri2000> ok no problem
<zul> adam_g: if you want to kick one off go ahead
<adam_g> zul: about quantum http://paste.ubuntu.com/900840/
<zul> adam_g: grr...i thought i fixed that part can you have a look
<adam_g> yeah
<adam_g> also strange that 'quantum-server' pulls in no other dependencies
<lynxman> zul, adam_g: by any chance do any of you guys remember how to recover the admin credentials out of a cobbler setup?
<zul> lynxman: re-install cobbler?
<adam_g> id like to get quantum installable and try to solicit (beg for) some testing from the openstack list
<lynxman> zul: it's a shared setup :/
<adam_g> lynxman: i thought they were stored in a config file in plain text, but i could be wwrong. i know i had to reset it once, but forget how i did exactly
<adam_g> roaksoax: ^
<lynxman> adam_g: hmm thanks :)
<lynxman> adam_g: found the file and resetted, thanks
<lynxman> adam_g: it's /etc/cobbler/users.digest
<adam_g> np
<adam_g> zul: that keystone branch looks good-to-go
<zul> adam_g: uploaded now just need to do keystone
<zul> er...keysoneclient
<uvirtbot> New bug: #965523 in mysql-dfsg-5.0 (universe) "mysql 5.5.22, 5.1.62, 5.0.96 security update tracking bug" [Undecided,Confirmed] https://launchpad.net/bugs/965523
<zul> Daviey/adam_g: keystone/python-keystoneclient is in the queue
<Daviey> zul: i see it, waiting for the diff
<zul> Daviey: k
<adam_g> zul: whats the story with the quantum packaging branch? i was trying to figure out the deal when you were on vacation but couldn't :)
<zul> adam_g: should be up to date...ill take a look this afternoon
<adam_g> zul: the ubuntu branch is not related to the ubuntu-server-dev or openstack-ubuntu-testing branch
<zul> adam_g: yeah lemme poke it
<roaksoax> lynxman: dpkg-reconfigure -plow cobbler
<zul> adam_g: i should have the console tick stuff ready tomorrow
<adam_g> zul: party time
<zul> adam_g: i got rid of the tick interval though so it will check everytick count
<adam_g> zul: https://bugs.launchpad.net/bugs/956019  whats the correct way to fix this? it needs a new binary package, but dont want to repeat last week
<uvirtbot> Launchpad bug 956019 in keystone "keystone doesn't install the copyright file" [High,New]
<adam_g> ooops
<adam_g> https://bugs.launchpad.net/bugs/965356
<uvirtbot> Launchpad bug 965356 in nova "unnecessary dep: nova-api -> nova-cert" [Undecided,Confirmed]
<adam_g> oh, nvm
<adam_g> nothing new required there
<zul> yeah you got me confused for a minute
<lynxman> roaksoax: thanks, didn't want to do that since its a shared orchestra server :)
<roaksoax> lynxman: :)
<ha1dfo> hi all. I'm trying to install grub2 to a highly customized ubuntu based linux running on ramdisk, but it grub-probe says: "cannot find a device for /" What can I do to make it work?
<kantlivelong> is there a proper place to set readahead values?
<smoser> utlemming, could you go through SRU for bug 948461
<uvirtbot> Launchpad bug 948461 in apt "apt-get hashsum/size mismatch because s3 mirrors don't support http pipelining correctly" [High,Confirmed] https://launchpad.net/bugs/948461
<smoser> i'd say it would be sufficient to : boot instance , ssh instance, enable proposed, apt-get update, apt-get intsall cloud-init, show apt-setting was modified.
<utlemming> smoser: I've already verified that one friday...using the same tests
<utlemming> smoser: see comment #30
<WeissLehrer> i have a problem on my samba configuration, for some reason the user-configuration for windows users using pdc are not saved ( http://pastebin.com/gXvvjC5u )
<smoser> you need to change 'verification-needed' to 'verification-done'
<smoser> utlemming, ^
<utlemming> smoser: done
<uvirtbot> New bug: #965654 in openssh (main) "/var/log/auth spam every 2 mins: sshd[*]: Connection closed by 127.0.0.1 [preauth]" [Undecided,New] https://launchpad.net/bugs/965654
<uvirtbot> New bug: #965663 in openssh (main) "ssh-copy-id doesn't call restorecon on SELinux enabled destination hosts" [Undecided,New] https://launchpad.net/bugs/965663
 * cwillu_at_work stabs an anonymous ubuntu developer at random
<guntbert> ouch, you got me instead!
<cwillu_at_work> guntbert, that means you need to update btrfs-progs in the repo :p
<cwillu_at_work> !info btrfs-tools precise
<ubottu> btrfs-tools (source: btrfs-tools): Checksumming Copy on Write Filesystem utilities. In component main, is optional. Version 0.19+20100601-3ubuntu3 (precise), package size 794 kB, installed size 1724 kB
<cwillu_at_work> that's only about 2 years out of date :p
<guntbert> cwillu_at_work: will do, ... uuhmm          what was the key again?
<Nafallo> it's been the same since forever...
 * guntbert stops the bantering immediately
<Nafallo> like, several releases.
<cwillu_at_work> Nafallo, I know
<Nafallo> I had luck with the version in debian sid though.
<cwillu_at_work> I just (light-heartedly) wish that they wouldn't say they support btrfs when the support is ancient, broken and deprecated by upstream :p
<Nafallo> that's at least from last autumn, and includes scrub
<cwillu_at_work> restripe support in 3.3 is nice
<Aison> I suddenly have got big problems with setting up vlans on bonding network devices
<Nafallo> cwillu_at_work: any news on working btrfsck?
<Aison> all my machines with bonding and vlan are no longer reachable after reboot
<cwillu_at_work> dangerdonteveruse branch
<cwillu_at_work> fsck has been around and working fine for years
<Aison> this setup worked for a long time now
<cwillu_at_work> it's a repair utility that's been missing
<Nafallo> cwillu_at_work: hmm. yeah. I don't really count an fsck as working without the ability to actually fix problems ;-)
<cwillu_at_work> Nafallo, that's not what fsck is for
<Nafallo> all the other fscks seems to do that stuff. just saying.
<cwillu_at_work> no, they don't :p
<cwillu_at_work> some of them do
<Nafallo> if you say so. the ones I've used have been able to fix things, except for btrfs :-)
<Nafallo> and btrfs is planning to implement that support, so...
<cwillu_at_work> http://linux.die.net/man/8/fsck.xfs
<Nafallo> *shrugs*
<cwillu_at_work> "fsck.xfs - do nothing, successfully"
<Nafallo> anyway. I don't care. I want something that can fix broken btrfs. whatever that is called ;-)
<cwillu_at_work> btrfs can (mostly) fix broken btrfs :p
<Nafallo> that "mostly" in there isn't convincing me :-)
<cwillu_at_work> (coincidentally enough, btrfsck can fix it to about the same extent :p)
<Nafallo> haha
<cwillu_at_work> Nafallo, fsck.ext3 is just a mostly too you know
<Nafallo> ehrm
<cwillu_at_work> you may be confusing e2fsck's journal playback with its repair mode
<Nafallo> all btrfsck have done for me is to tell me there are problems. and telling me that have taken it forever, to the point where I've told fstab to not use it ;-)
<cwillu_at_work> Nafallo, it never should have been linked to fsck.btrfs
<cwillu_at_work> (xfs ships a no-op fsck.xfs for precisely the same reason)
<Nafallo> bah. I better go do the things I was supposed to do today before the day is completely gone.
<Nafallo> later
<Nafallo> well, I'll save implementing a spam-filter for tomorrow I think. I let thunderbird do it's thing now and tomorrow ;-)
<Nafallo> ...morning
<Jammie> Hi, I'm having trouble with eth0 not reconnecting after reboot (same as the problem here http://askubuntu.com/questions/73431/when-ubuntu-server-restarts-eth0-doesnt-come-back-up)
<Jammie> anyone have any ideas/suggestions?
<ha1dfo> Jammie, after reboot, ifconfig -a does show anything?
<ha1dfo> before config (if you have the case when udev messes up ifaces)
<Jammie> no, on first reboot ifconfig -a is blank
<Jammie> but after running sudo /etc/init.d/networking start it all worls
<Jammie> *works
<a5m0> how can i uninstall dhcpd on ubuntu server 12.04 i keep getting "
<a5m0> Virtual packages like 'dhcp' can't be removed
<a5m0> "
<uvirtbot> New bug: #952397 in juju "Juju is forcing *ALL* charms in a repo to be perfect to be able to deploy *any*" [Critical,Fix released] https://launchpad.net/bugs/952397
<Aison> what's bad with this network configuration?
<Aison> http://pastebin.com/y9Az7uDG
<Aison> after reboot, I have to ifconfig eth0 up
<Aison> ifconfig eth1 up
<Aison> ifenslave bond0 eth0
<Aison> ifenslave bond0 eth1
<Aison> vconfig add bond0 10
<Aison> etc....
<Aison> myself
<JanC> Aison: "manual"?
<Aison> yes, this configuration worked for over two years now
<Aison> but after some update, it no longer works
<Jammie> did you upgrade to 11.10?
<Aison> it's 11.10, yes
<Aison> but the upgrade is some time back
<Aison> it did not start with 11.10
<Aison> the problems did not start with the upgrade to 11.10
<Aison> they started for about 3 weeks ago
<Jammie> ah, I thought it may be the same problem I'm having
<theq_> Hello, some services can't connect using localhost or 127.0.0.1 or 127.0.0.2 address, I have fixed issues in mysql and apache by setting IP in config, but it doesn't work in postfix, courier, ejabberd, bind - I just can't connect to these from that pc which we are talking about, from any pc from network which see this PC I can connect. Where is the issue?
<theq_> it comes after upgrade to 11.10
<theq_> before it was working fine
<locuse> hi.  i'm modifying my remote status-check scripts to use upstart rather than chkconfig.  "service --status-all" provides no run-level info as "chkconfig --list --all" did.  i *do* see chkconfig pkg is available for Ubuntu.  is it still used/useful for the runlevel info? or is chkconfig considered deprecated, and there's an equivalent, more-informative "service ..." cmd?
<Daviey> locuse: have a sample output of what you were using before, chkconfig?
<locuse> Daviey: hi.  sure -> http://pastebin.com/d5L97JJM.
<locuse> Daviey: looking at the upstart output, iiuc, it shows the *actual* running status of each service ... i'm simply looking for the per-runlevel toggle status.  i.e., what each service is set to do @ startup
<Daviey> locuse: Yes, i see the difference.. nothing at the top of my head, but the person to ask is jodh in 9 hours from now.  Sorry.
<locuse> Daviey: heh, long after after my bedtime. np :-)
<locuse> Daviey: upstart in an ubuntu constrcut, not JUST for ubuntu-server, right?
<locuse> oops. s/in an/is an/
<Daviey> locuse: right.
<locuse> ok, i'll check in "the big room" as well.
<locuse> Daviey: just fyi, stumbled on : http://www.linuxpowerup.com/en/Chkconfig-is-good-but-for-Ubuntu-sysv-rc-conf-is-a-better-alternative-for-enable-and-disable-services-at-startup
#ubuntu-server 2012-03-27
<uvirtbot> New bug: #959262 in python-novaclient (main) "[Errno 13] Permission denied: '/var/www/.novaclient'" [Undecided,Confirmed] https://launchpad.net/bugs/959262
<adam_g> hallyn: around?
<twb> Sigh.  So I backported xtables-addons from natty to lucid, so I would have a DKMSized version.  This installed PERFECTLY on the local test machine.
<twb> I send my boy out to the airgapped prison, and it's reporting "I need kernel sources", despite not needing them here (only the headers)
<twb> With any luck he is now sneakernetting the dkms build output & similar diagnostics to somewhere that can get to me.
<Patrickdk> hmm?
<Patrickdk> why didn't you send him the compiled package?
<SpamapS> Patrickdk: too easy ;)
<twb> Uh, because when the kernel gets a minor update, the .kos will need to be recompiled
<twb> e.g. 2.6.32-33 to 2.6.32-34
<SpamapS> dkms always builds though so I don't think this is a "just send him the binary" issue
<twb> I did send him the xtables-addons-dkms .deb, of course
<Patrickdk> ya, dkms is nice for auto-upgrades
<twb> That was the whole point of using dkms instead of m-a
<Patrickdk> but I build my dkms on a build machine, and push them out
<twb> Patrickdk: I suppose I would've done that if I had anticipated this not working
<Patrickdk> 33 to 34? you living life like 3 months ago?
<Patrickdk> we are on -40 :)
<twb> Patrickdk: whatever, I made thhose numebrs up
 * Patrickdk is pissed at his isp
<Patrickdk> their providers provider is broken
<Patrickdk> and they *dunno* how to work around the issue
<Patrickdk> yay for 1000ms latency
<hallyn> adam_g: half
<twb> at least your site is on the internet
<twb> stupid airgap
<adam_g> hallyn: do you know of any circumstances where libvirt would take the liberty of setting a domain to 'paused'?
<hallyn> (thinking)
<hallyn> i don't.  it'd be neat if it did that based on host load :)
<adam_g> seems to be related to load, but trying to determine if its libvirt or nova thats pausing
<hallyn> interesting
<hallyn> i haven't heard of such a thing
<adam_g> ok, ill look closer at nova in that case, thanks
<hallyn> i'd look at nova
<hallyn> yeah
<hallyn> np - ttyl
<adam_g> night
<uvirtbot> New bug: #965836 in openssh (main) "`ssh-add -x` does not prevent key use" [Undecided,New] https://launchpad.net/bugs/965836
<Rallias> Since my installation of nginx is no longer tasked with listening on a port below 1024, how do I set it so it never is root when it starts up?
<twb> How is it started presently?  sysvinit or upstart?
<aarossig> Question regarding my network.. I just did a hardware refresh and upgraded to 11.10 Server. While copying on my gigabit network, the network transfer will stop for periods of time and then start back up. Using sshfs, the cpu will go down to 0 for ~10 or 20s and then the transfer resumes. Any ideas?
<twb> aarossig: you... aren't the guy who wants me to configure his UPS, are you?
<aarossig> am I?
<twb> Dunno, his name was Andrew Rossi
<twb> of Designer Networks
<aarossig> twb: I don't think so, I am capable of configuring my own UPS (as well as those of my clients)
<aarossig> ah, no I don't own a business
<twb> OK, no worries :-)
<aarossig> :P
<aarossig> so do you happen to have any suggestions for my situation?
<twb> Well I would definitely encourage you to go 12.04 not 11.10, since 12.04 is LTS
<aarossig> this happpens on both sshfs and samba, but with samba it is much more catastrophic and the transfer actually itimes out
<aarossig> twb: yeah, I plan to do a dist upgrade to it
<twb> Not sure about your issue; could be I/O or something
<aarossig> moral of the story.. I can't wait anymore. I've been putting up with old packages and ppas with 10.04 for far too long
<twb> dump ps auxf to a file every second or so and diff them around the time an issue occurs, looking for D state procs, or watch "iostat 5"
<aarossig> thanks, i'll look into it
<twb> if you're copying with e.g. scp, it could be the buffering when it actually hits the disk
<aarossig> I believe it is something IO related, I am running 8 hard drives and some are on the PCI/PCI-e busses.
<twb> so e.g. you do "scp example.com:foo.img ." and it will block when it runs out of buffer writing to the local disk
<aarossig> yeah, that sounds accurate. I will try
<twb> aarossig: 8 HDDs in what array, RAID6?
<aarossig> it is actually several RAID1 arrays
<aarossig> one for root, one for home, and then several for data
<twb> Track down which ones have the data in question, watch their iostats
<aarossig> okay, thanks for the suggestions
<aarossig> i'll give it a shot
<twb> Also look at the flush stuff in /proc see if its interval corresponds to your blocking interval
<twb> e.g. if your ext4 filesystem is set to flush every five minutes and you see issues every five minute
<aarossig> the frequency is much higher, but I see your point
<aarossig> twb: yeah, iostat shows fairly constant writing
<aarossig> you're probably right about the caching, it might be filling up the caches and then flushes them to the disk, rinses and repeats.
<twb> I hear there is also iotop; I haven't tried it
<aarossig> i was using iotop
<aarossig> iostat is more device lebel
<aarossig> level*
<twb> The other thing to read up on is "write amplification"
<aarossig> iotop is process level
<tarvid> boot setup temperature dropped from 76 C to 36 C after installing a new Corsair A50 fan, how would I go about monitoring remotely?
<twb> tarvid: how are you measuring it now?
<tarvid> the setup screen reports tempereature
<tarvid> BIOS
<twb> OK
<twb> The raw data is in /sys somewhere; there is a package that tries to understand how to interpret it...
<twb> Can't remember the name
<tarvid> /proc/acpi/... on some boxes, not this one
<twb> lm-sensors
<tarvid> installed but hard disk is the only it reports
<twb> You probably have to rice it up
<twb> IME it's a pain and usually not worth the hassle
<tarvid> This box was a gift from the local library - free as in free cats
<aarossig> because the library doesn't serve beer.
<twb> I hope they don't serve cats either
<tarvid> alas
<tarvid> they have one
<aarossig> twb: I ended up here https://bugs.launchpad.net/ubuntu/+source/linux/+bug/427210, rather interesting stuff. Thanks for the general direction pointing.
<uvirtbot> Launchpad bug 427210 in linux "CFQ may not be the right choice of i/o scheduler for the most common desktop systems" [Medium,Invalid]
<tarvid> !lm-sensors
<ubottu> To access CPU temperature sensors and detect fan speeds, install the lm-sensors package. See https://help.ubuntu.com/community/SensorInstallHowto for installation and usage instructions.
<twb> aarossig: you have a server, CFQ is probably best for your case IIRC, but feel free to experiment
<aarossig> deadline seems to have improved it slightly, the network transfer seems to be more continuous
<aarossig> I will be doing some more debugging
<twb> aarossig: at least in my case, the problem wasn't the scheduler, it was that I was doing so damn much I/O.  Which was mostly due to RRDs (collectd) plus a lot of write amplification.
<twb> I fixed it by telling collectd to STFU and buffer an hour of writes and flush them all at once, instead of trying to do random-access writes into the RRDs every ten seconds
<twb> It was interesting to see how badly it raped the system, though -- e.g. dpkg would issue an fsync for every file (or dir, depending on version) and bring the whole system crashing down.
<aarossig> lol
<aarossig> very good, these are good starting points for me to google form
<twb> Incidentally, if you are into BDSM you can look at libeatmydata
<twb> Which is an LD_PRELOAD wrapper that discards all attempts by the app to explicitly flush data.
<twb> Patrickdk: fyi, the problem at the prison was he just had the wrong header package installed
<aarossig> I am quite proud of my little server. I can boot up from cold 8 drives and the voltage only falls from 12.2 to 11.9V. Quite pleased.
<tarvid> !dns
<ubottu> To set up a Domain Name Service see the !serverguide - https://help.ubuntu.com/10.04/serverguide/C/dns.html
<tarvid> where do I setup my isp's nameservers
<tarvid> !nameservers
<tarvid> !nameserver
<tarvid> !name server
<tarvid> uswed to be resolv.conf but that gets overwritten
<twb> tarvid: resolvconf package
<twb> IIUC if you remove that symlink you can just make it an ordinary file and it won't fuck with it
<erichammond> tarvid: If you're using DHCP, then you might set up the nameservers in the DHCP server.
<tarvid> static assignment
<qman__> remove network-manager if you have it, then disable resolvconf, then set resolv.conf manually
<qman__> or if you want quick and dirty, set resolv.conf then chattr +i
<tarvid> thanks, that seems like the hard way, does Ubuntu havge a reason?
<qman__> well, this stuff exists to make networking on desktops and laptops easy
<qman__> why it gets thrown in on servers too, I have no clue
<qman__> caused me plenty of trouble before
<tarvid> avahi with two nics gets things wrong half the time
<twb> qman__: resolvconf is hard dep in precise (and 11.10?) so would need to disable rather than remove... oh, you said that
<tarvid> cfd /etc/root
<tarvid> so how am I supposed to set up static name servers in 12.04?
<twb> tarvid: you learn to use resolvconf, or you bypass it
<twb> When I grumped about the same thing recently, I was told 14:01 <twb> IIUC if you remove that symlink you can just make it an ordinary file and it won't fuck with it
<tarvid> I looked at thye man page, it is inscrutable
<tarvid>         dns-nameservers 68.105.28.16, 68.105.29.16
<tarvid> 	dns-search ls.net
<tarvid> 	
<tarvid> chattr: Operation not supported while reading flags on resolv.conf
<tarvid> by adding nameservers to /etc/network/interfaces I now have nameservers in roslv.conf but dns does not work
<twb> tarvid: is /etc/resolv.conf a symlink?
<twb> Define "does not work"
<twb> $ dig PTR 8.8.8.8.in-addr.arpa @8.8.8.8 +short ==> google-public-dns-a.google.com.
<tarvid> can't get out, can ping peers but nothing beyond the gateway
<twb> tarvid: so you did "mtr 8.8.8.8" and got nothing?
<tarvid> nothing
<twb> Then your network is fucked; nothing to do with DNS
<tarvid> you are correct
<tarvid> giving up for the night, thanks for the help
<twb> Hmm, any gotchas in online growing of an XFS filesystem?
<twb> Too late, I did it anyway
<KM0201> lol
<andol> twb: Any fun suprises? :)
<twb> Not yet
<twb> But $stupid_customer has no barriers, it's an 8-disk array w/hardware raid and then LVM on top, and the ENTIRE PV is allocated
<twb> So the "solution" to give them another 6TB of storage, was to put in another 8 disks in a second array, and pvcreate /dev/sdb and vgextend vg1 /dev/sdb and then fill /home over the entire second PV as well
<twb> "whee"
<twb> Also this is lenny
<andol> Ah
<koolhead11> hi all
<koolhead11> Daviey: :)
<SpamapS> twb: I've done a lot of online growing of XFS partitions in exactly the manner you described. Works fine
<SpamapS> twb: and when i did it, it was kernel 2.6.18 (old ass redhat)
<Maleko> why i dont see if labels in 'ip a'? i assigned few additional ips under labels/aliases
<lynxman> morning o/
<uvirtbot> New bug: #966038 in keystone (universe) "Downloadable user OpenStack credential files (settings... OpenStack) doesn't work" [Undecided,New] https://launchpad.net/bugs/966038
<uvirtbot> New bug: #966039 in net-snmp (main) "netsnmp_assert 1 == new_val->high failed int64.c:419 netsnmp_c64_check32_and_update()" [Undecided,New] https://launchpad.net/bugs/966039
<yolanda2> hi, good morning
<yolanda2> i have a question about dbconfig
<yolanda2> is there any way to skip database creation? i only want to create postgres user, but no database
<bencer> jamespage: SpamapS would you have a look at https://wiki.ubuntu.com/JorgeSalamero/PerPackageDeveloperApplication and maybe support my application?
<cas> Hi, I got some problems with formatting my (hardware)RAID disk
<cas> I get the error it is in use while it is not mounted
<cas> Any idea what I can do to "release" this disk for mkfs?
<lynxman> jamespage: Question, I've seen a package I'd like to create for Ubuntu (and maintain) which would possibly land in Universe (or multiverse), due to this the restrictions of the freeze for precise do not exactly apply, right?
<jamespage> lynxman, they still apply - i.e. you will need a FFe IMHO - but if its a new package they I think the release team would ack that
<jamespage> bencer, on my list
<bencer> jamespage: ok thanks!
<bencer> btw, i've already sent some blueprints on things we want to work now
<lynxman> jamespage: its a mysql load balancer (ala pgbouncer), I reckon pretty useful for ops people
<bencer> https://blueprints.launchpad.net/~zentyal
<iclebyte> has any one ever seen 'rt6_redirect: source isn't a valid nexthop for redirect target' in syslog? I can only seem to find references to the kernel source where the message is and other people asking the same question. I have no way of working out which node is causing this.
<yolanda2> hi, just another question about dbconfig: i need to create an user, but this user needs to have rights to create database. Currently the user created by dbconfig cannot do it, how can i do it?
<yolanda2> please, any help with dbconfig?
<yolanda> please, any one can help with dbconfig?
<uvirtbot> New bug: #966115 in nova (main) "nova-api{,-os-compute,-ec2,-os-volume} relationship" [Undecided,New] https://launchpad.net/bugs/966115
<soren> yolanda: Why would the user need to create the database?
<yolanda> hi soren, because openerp works like that...
<soren> yolanda: dbconfig is supposed to have created it ahead of time.
<yolanda> there is a "manage databases" screen, that allows to create new databases, so the user needs to have createdb permissions
<soren> yolanda: And it gets upset if the db is already there?
<yolanda> well, we don't use that db that is created by dbconfig, if we could just skip the db creation will be fine. But the main problem is that the openerpuser must be able to create new db
<yolanda> the way that openerp works, it allows to create different databases for different companies for example
<yolanda> we cannot mess with it, it's how openerp is built
<soren> Oh.
<soren> I'm not sure dbconfig will let you do that. Giving admin creds to an app sounds like a recipe for disaster.
<yolanda> soren, not admin rights, only createdb
<yolanda> i'm trying to use install-dbadmin files to add an "alter user openerp createdb", am i right?
<soren> yolanda: For postgres? No idea.
<yolanda> it's a mandatory condition to run openerp...
 * soren is a MySQL sort of person
<yolanda> soren, the alter has right syntax, no advice for that :) ... but for the place to put it
<soren> Then yes.
<soren> At least, that's what the docs say. I've never used that functionality.
<iclebyte> soren, could you please take a quick look at this for me and see if it rings a bell? http://ubuntuforums.org/showthread.php?t=1947743
<yolanda> ok, will try
<Daviey> yolanda: Hola!
<Daviey> How goes it?
<yolanda> bad...
<Daviey> O_O
<yolanda> Daviey, currently having some problems with user permissions
<lynxman> Daviey: by bad she means she's having troubles with dbconfig and setting up the openerp database :)
 * lynxman helps sometimes as a cultural translator from Spanish to English
<Daviey> yolanda: just run everything as root?
<Daviey> (not being serious)
<yolanda> Daviey, i will be happy just embedding a doc in the package and telling the users to do all by themselves :)
<soren> iclebyte: No idea. I'm remarkably lost when it comes to ipv6.
<iclebyte> soren, as am I! no problem, thanks for looking.
<yolanda> the problem i have, is that opnerp user is created by dbconfig, but doesn't have permissions to create new databases, which is completely mandatory for openerp
<yolanda> i'm thinking in use install-dbadmin scripts, and paste some alteruser there
<Daviey> yolanda: GRANT access?
<yolanda> Daviey "ALTER USER openerp CREATEDB"
<yolanda> this is the clue
<Daviey> Ah no
<yolanda> how can i do it?
<Daviey> yolanda: I think you need to add GRANT CREATE
<yolanda> Daviey, only need that openerp user can create new dbs
<yolanda> so doing that in install-dbadmin is right?
<Daviey> yolanda: So, you don't want the package to create the database, or create the schema ?
<yolanda> no, only the user
<yolanda> if it creates an empty db, it isn't a big problem, but the user will have to do it by the UI
<Daviey> yolanda: In this case, there is actually little benefit to using dbconfig :(
<yolanda> Daviey, to configure the user
<yolanda> that's the only thing
<Daviey> yolanda: You are going to hate me for this, but if you want the database to be managed by the app.. I wouldn't use dbconfig.
<Daviey> especially as you only care about pg
<uvirtbot> New bug: #507007 in asterisk (universe) "make dahdi a suggests or recommends" [Undecided,Confirmed] https://launchpad.net/bugs/507007
<yolanda> well, what i need is just to create that openerp user, and modify config file with that settings. Obviously can be done in rules, as it was done before
<yolanda> do you think that is better?
<yolanda> i mean, in postinst, but with shell, sorry
<yolanda>         # Register "openerp" as a postgres superuser
<yolanda>         su - postgres -c "createuser -s openerp" 2> /dev/null || true
<yolanda> that is the old way
<Daviey> yolanda: if that is ALL you want to do for database handling at package level, i think i'd probably stick with that.  I'd probably put a debconf question of medium, asking if i should do it or not.
<Daviey> You must hate me now :)
<yolanda> Daviey, i put you in my blacklist :)
<yolanda> i've learned a new thing, that's good
<Daviey> yolanda: sorry!  When i suggested dbconfig, it was when i thought you'd be handling the database at packaging level
<Daviey> you don't care about the database at that stage, it seems
<Daviey> i'm suhc an ass.
<yolanda> Daviey, doesn't matter
<yolanda> i've learned an useful thing, and fighted with packaging a bit, that is good
<yolanda> i will do some modifications to that, because we need random password for that user, and modify config file, but this can be done by script
<Daviey> yolanda: You can generate a random password if wanted.
<yolanda> i know
<yolanda> i was doing it
<yolanda> with dbconfig :)
<Daviey> heh
<Daviey> jamespage: Do we care to have: jsvc, libcommons-daemon-java and tomcat6-user in main?
<jamespage> Daviey, any specific reason you ask that question?
<Daviey> jamespage: i removed them from the CD, and want to know if i should do anything to keep them in main
<jamespage> Daviey, I don't think they really need to be in main TBH
<jamespage> esp tomcat6-user
<jamespage> its source package still will be BTW
<jamespage> tomcat6
<jamespage> assume you did not take tomcat6 off the ISO?
<Daviey> jamespage: no, tomcat is still on the cd
<jamespage> Daviey, great
<Daviey> just not -user
<Daviey> jamespage: happy for -user to drop to universe?
<jamespage> Daviey, good with me - I can't see why jsvc, libcommons-daemon-java where in main anyway?  maybe euca?
<Daviey> maybe
<RoyK> hrmf - seems my server is booting, but after kernel bootup, jumping to initramfs
<RoyK> any idea how to remedy that?
<Daviey> RoyK: try the prior kernel?
<RoyK> grub config looks good, and it must be, otherwise it shouldn't be booting kernel
<derknecht> i want to set up a apache with php. I normally used mod-php5, but since ubuntu 11.x there are dependency issuses with apache worker and mod-php5. how is the recommended way of using php with apache? suphp? cgi/fastCGI? mod_php5? Thanks for your opinions.
<ikonia> derknecht: there shouldn't be dependency issues
<derknecht> problem with mod_php5 is that prefork worker is needed
<ikonia> derknecht: apache/php modules are pretty strongly tested each release
<derknecht> how stable is suphp? find the user/group setting attractive
<ikonia> never used suphp
<ikonia> never really even researched it
<Daviey> derknecht: I've used apache2-mpm-itk when i want apache running as a user/group
<derknecht> Daviey: itk looks very promising, thanks a lot
<derknecht> does that work for php and html with the same user? i mean is both affected when i assign a user/group in a vhost?
<Daviey> derknecht: yes
<macnix> is there a way to create & control upstart jobs as a regular system user?
<macnix> I keep getting the dbus error message whenever I use start/stop as anyone else but root
<macnix> ideally, each app has will have its own regular user, it will create upstart jobs as that user and it will be able to start/stop them, no admin privileges required
<Daviey> jodh: ^^
<jodh> macnix: you can create jobs as regular users but this feature is not enabled in Ubuntu by default. See http://upstart.ubuntu.com/cookbook/#user-job
<jodh> macnix: and presumably this is the dbus error you get: http://upstart.ubuntu.com/cookbook/#strange-error-when-running-start-stop-restart-or-initctl-emit
<Daviey> thanks jodh
<jodh> Daviey: np
<ikonia> jodh: that's very useful ! I didn't know you could do that
<ikonia> thank you
<jodh> ikonia: np.
<jodh> there is a restriction on user jobs currently: they do not have their output logged. That feature is essentially complete but won't be available in Precise.
<koolhead17> hi all
<uvirtbot> New bug: #966184 in nis (universe) "package nis 3.17-31ubuntu0.10.04.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/966184
<zul> good morning
<lynxman> zul: morning
<macnix> jodh: yes, that's the error
<macnix> jodh: my LTS is running upstart 0.6.5
<macnix> is it safe to force an upgrade to 1.3?
<wiherek> Hi
<jodh> macnix: no
<jodh> macnix: well, you can do it, but you'd need to recompile a few packages your self including nih and dbus.
<wiherek> should I go with Ubuntu 10.10 or 11.04 and 32 or 64 bit on a 4GHz 4GB RAM VPS?
<Angtagapagligt> 11.04 32 Bit
<macnix> jodh: don't really want to open that can of worms
<wiherek> k, thanks.
<Myrtti> 10.04 :-P
<macnix> jodh: can I accomplish my goal in a different way?
<jodh> macnix: quite - I wouldn't recommend it.
<wiherek> cant do 10.04 :(
<wiherek> its not in the options.
<Myrtti> :-(
<wiherek> :-(
<Angtagapagligt> :-P
<macnix> jodh: I mean, others must have tackled this
<macnix> system user per app with upstart jobs, without sudo privileges, can't be THAT difficult, surely
<jodh> macnix: you could play elaborate tricks with sudo+initctl+user directories below /etc/init/, but again, I really wouldn't recommend it. What types of jobs do you want your users to be able to create? When do you want these jobs to start?
<jodh> macnix: I really don't know I'm afraid. But what is the user case here? You can run system jobs as a different user if required.
<macnix> jodh: this is what I'm doing now 1.1 - 1.3 https://github.com/gerhard/deliver/tree/master/strategies
<macnix> jodh: that requires anyone who deploys to have sudo privileges, so that upstart jobs can be created properly, and the app start via sudo start
<macnix> jodh: so we have developers which have sudo privileges just because they can't deploy new versions of an app without it.
<jodh> macnix: I don't understand - why does all this need to run through upstart and need root privs? Can't this app server run on non-priv ports?
<macnix> jodh: yes, it can, but how do you re-generate new upstart files for that app (new services get added, old ones removed) without sudo privileges?
<macnix> jodh: it's not the ports, it's writing those upstart files in /etc/init & starting/stopping the service which requires sudo
<jodh> Why do you need to regenerate new upstart jobs? Why not have 1 central (root) job that uses "instance" and can somehow "look" for other instances of this app-server thing in non-priv users home directories?
<macnix> jodh: how would that work? I know the instance job, but not sure how it could "look" for other jobs part of this app
<macnix> let me give you a live example
<jodh> macnix: look here: http://upstart.ubuntu.com/cookbook/#instance
<jodh> macnix: that first example is looking for instances of some service in /var/lib/queues. Tweak to suit.
<macnix> jodh: tweaking away. will let you know how it goes. cheers!
<jodh> macnix: np. good luck.
<hallyn> Daviey: hey
<hallyn> Daviey: https://bugs.launchpad.net/ubuntu/+source/vde2/+bug/776818/comments/13   I'd missed that comment.  I don't know how to answer that :)
<uvirtbot> Launchpad bug 776818 in vde2 "[MIR] vde2" [Undecided,Confirmed]
<hallyn> Daviey: specifically wrt bug 776650
<uvirtbot> Launchpad bug 776650 in qemu-kvm "Build qemu-kvm with native VDE support" [Medium,Confirmed] https://launchpad.net/bugs/776650
<hallyn> shoudl this be added to today's mtg agenda?
<hallyn> I'll add it
<wiherek> can I build a views search form that would work by just adding /search argument to the end of a taxonomy term url?
<wiherek> so like this: mysite.com/taxonomy/term/search
<Pici> wiherek: Are you sure you're in the right channel for your question, this is #ubuntu-server
<wiherek> lol
<wiherek> thought it was drupal
<wiherek> sry :D
<Pici> tis okay ;)
<uvirtbot> New bug: #966269 in rabbitmq-server (main) "Starting rabbitmq-server on installer stalls installation" [Undecided,New] https://launchpad.net/bugs/966269
<rbasak> smoser: in cloud images, I can sudo without specifying a password, but the sudo configuration does not look like it's changed and the password is just disabled by prefixing a "!". When I do this in a netinst, I still need a sudo password (or NOPASSWD adding to /etc/sudoers). Any hints as to how the cloud images manage to work this way? I want to do the same in a netinst.
<smoser> sudoers.d
<smoser> $ sudo cat /etc/sudoers.d/90-cloudimg-ubuntu
<smoser> # ubuntu user is default user in cloud-images.
<smoser> # It needs passwordless sudo functionality.
<smoser> ubuntu ALL=(ALL) NOPASSWD:ALL
<Daviey> passwords are overrated
<rbasak> #includedir /etc/sudoers.d
<rbasak> and there I was thinking that the "includedir" directive was commented out, so I didn't examine sudoers.d.
<rbasak> thanks :)
<hallyn> stgraber: do you have a minute?
<hallyn> stgraber: let's say that user namespaces came with a limitation: you have to map userids in container to userids on host a priori (prior to starting container at least).  How bad is that in your opinion?
<hallyn> so for instance, installing mysql without planning in advance could cause setuid(mysql) to fail until you stop the container, reconfigure, and restart
<hallyn> (of course if you just map everything in container from 0..500 and 1000..1100 you might be pretty safe)
<stgraber> hallyn: sounds pretty bad as your regular user won't be able to create users on the host
<hallyn> well in any case the mapping will need to be created on the host, so that part i'm not sure is a problem
<hallyn> basically, i think you'd find a way to say host ids 50000-55000 are usable by hallyn, for whatever
<hallyn> then uid 0 in my container maps to 50000 on host, etc
<hallyn> the part that worries me is that the mapping may not be dynamically changeable
<hallyn> it may become so, depending on performance impact
<hallyn> stgraber: I'm going to cc you on my next email regarding this
<stgraber> hallyn: hmm, right, thinking some more, if we assign 5k uids per container it should be fine for most cases
<stgraber> hallyn: that's as long as they don't use LDAP or any other large user directory
<hallyn> right, but the q is is it reasonable to assume the container can predict the contaienr uids needed, so they can map them
<hallyn> let's move to email :)  thx
<antihero> how do I make it do an automatic security update each night?
<antihero> by "it" I mean a clean ubuntu server distro
<SpamapS> antihero: do you want an ISO each night, or do you want to just download and install upgraded packages every night?
<lynxman> roaksoax: ping
<hallyn> smoser: regardign kvm perf regression, feb 20 I uploaded a pkg based on upstream git head to ubuntu-virt ppa, might be worth trying with that
<hallyn> (i'm waitnig for lucid vm to finish building)
<smoser> hallyn, well, you can remove variables (specifically variables i dont care about) by using the cloud images
<hallyn> drat.  yeah
<roaksoax> lynxman: pong
<lynxman> roaksoax: I'm having some issues deploying precise with orchestra (sitting on an oneiric machine), I'd like to pick your brain for some mins whenever its okay for you :)
<roaksoax> lynxman: sure,
<roaksoax> lynxman: sure, what are your issues
<lynxman> roaksoax: It looks like when importing the isos if the profile already exists it won't be updated, I'm having an issue with precise where it complains about different kernel versions between the archive and the pxe boot
<roaksoax> lynxman: cobbler-ubuntu-import -u precise-i386
<lynxman> roaksoax: let me try
<lynxman> roaksoax: yeah did that already, facing the same issue :/
<roaksoax> lynxman: is cobbler-ubuntu-import updating the ISO?
<uvirtbot> New bug: #966351 in nis (universe) "package nis 3.17-31ubuntu0.10.04.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/966351
<lynxman> roaksoax: http://pastebin.ubuntu.com/902393/
<lynxman> roaksoax: it says "skipping import", that's the issue, I'd pretty much like to force it :)
<roaksoax> lynxman: cobbler-ubuntu-import -U
<lynxman> roaksoax: no -U option on the oneiric version
<roaksoax> lynxman: ah then you need to remove the prefoile and import one
<lynxman> roaksoax: cool! will do that then :)
<roaksoax> lynxman: unless you wanna install the precise version of cobbler-ubuntu-import
<lynxman> roaksoax: nah it's fine, will go that way
<roaksoax> ok
<lynxman> roaksoax: the only problem is that the oneiric orchestra version does -c which throws the same error, doesn't update the profile
<roaksoax> lynxman: -c = check
<roaksoax> -u should update
<roaksoax> lynxman: that's all fixed in precise btw
<lynxman> roaksoax: yeah that's good news, but it'd be also interesting to do a SRU for oneiric
<lynxman> roaksoax: don't you think?
<Adri2000> I've just realized I proposed a merge request into lp:ubuntu/horizon instead of lp:~ubuntu-server-dev/horizon/essex ...
<Adri2000> is it going to be handled anyway?
<arosales> smoser: utlemming: Do you think you be able to get to  ubuntu-cloudimg-query and cloud-publish-ubuntu to query2 along wit hthe cloud-image-sync this cycle?
<arosales> utlemming: smoser: per https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-cloudutils
<smoser> i think both of those qualify as Feature, and I really think we're past that point in the cycle.
<smoser> both suck that we dont have them.
<smoser> but..
<utlemming> smoser, I agree with your assesment here
<Daviey> smoser: if we didn't have control of the API, and the API was deprecated mid-cycle, we'd consider it for an SRU.
<utlemming> I would like to ship it, but we're late.
<Daviey> therefore, we can still consider it for release if the risk benefit is met.
<arosales> sounds like something we can still push for ?
<utlemming> arosales: yes...but I need to do a bit of work to get it ready. The bits are done, the documentation is so-so and the packaging needs doing.
<smoser> i'll let utlemming comment on it, and i can review that. having cloudimg-query read /query2 woudl be good, but its not terribly useful.
<smoser> it would remove 1 hack, which is that you can't really download (or get data for) the disk images with it.
<smoser> you just have to get the url for the tarball ("uec style") image and then take off .tar.gz and add .img
<smoser> so my personal feeling would be to not bother with cloudimg-query, but if we had sync, that would be good.
<arosales> utlemming: do you have cycles to work on sync?
<utlemming> smoser: I concur...
<utlemming> arosales: I may or may not...it really depends on whether another project interfers. Right now I have the cycles since I'm blocked. So I can give a noble effort.
<Daviey> utlemming: Have you solved the LANG PITA?
<smb> hallyn, smoser If some hard evidence comes out of the kvm perf issue, it would be best to have a bug report for collecting data and working on it. If you then could mail me (and I thinkg tgardner is interested too) that number it will have a lesser chance to get lost in noise.
<utlemming> Daviey: yes, but I want to talk about it with you and smoser during our meeting shortly
<Daviey> utlemming: If you have capacity, kernel upgrades still suck.. and infinity doesn't seem to be touching it as promised.
<arosales> utlemming: ok, lets see where you are able to make progress on sync. Perhaps leave sync as a todo and postpone cloudimage-query?
<utlemming> arosales: that sounds like a plan
<utlemming> Daviey: are you referencing the grub error messages?
<arosales> SpamapS: thanks for charing todays meeting
<SpamapS> always a pleasure :)
<hallyn> smb: was just checking to see if smoser had filed one, looks like no.  I'll file one against qemu-kvm and linux (later today)
<smoser> hallyn, i have not.
<smoser> i really just don't have amore than a finger in the wind
<smb> hallyn, sounds good
<smoser> and i'm embarrarisingly ignorant about what even *is* good
<hallyn> ditto, really.  but i'm pretty sure 9m/s is bad :)
<smoser> regressions are easy to spot, though, given 2 setups to compare.
<tarvid> can I reload without setting up the dm again?
<tarvid> or how can I get dns resolution working again?
<tarvid> since switching to static ip address, I've lost dns
<e_t_> tarvid: Did you switch to static IP in NetworkManager? Did you specify a DNS server to use there?
<tarvid> I don't havge network namager, this is a basic server install
<tarvid> manger
<tarvid> without desktop
<e_t_> What's the output of cat /etc/resolv.conf ?
<tarvid> it had nameserver 192.168.1.1
<tarvid> even after adding dns-nameservers to /etc/network/interfaces
<e_t_> Do you get anything from "dig @192.168.1.1 google.com" ?
<tarvid> no name resolution works
<e_t_> That's what the @ is for, it directs dig to point to a specified server, regardless of defaults. Also try it with @8.8.8.8
<tarvid> no name servers could be reached
<e_t_> can you ping other hosts?
<tarvid> only this machine
<e_t_> The your real problem is that networking is busted.
<tarvid> true
<tarvid> but it worked before attempting a static ip and nameservers
<e_t_> Can you pastebin your /etc/network/interfaces ?
<tarvid> http://paste.ubuntu.com/902512/
<e_t_> What address do you get from DHCP?
<tarvid> I'll swith from static to auto and see what happens
<Aison> on my ubuntu server, the networking is completly fucked up :(((
<tarvid> I'm downloading the daily build, can I reinstall without setting up the dm again?
<Aison> I didn't change anything in the configuration, but now, after reboot I have to configure the network devices all by hand
<e_t_> tarvid: what do you mean by "dm" ?
<Aison>  /etc/network/interfaces is somethow not working right
<tarvid> RAID1
<tarvid> Aison, at least you have company
<tarvid> resolvconf is supposed to take dns-nameservers from that file
<e_t_> tarvid: I think the installer will detect an existing Linux RAID.
<tarvid> encoueraging
<tarvid> took overnight the last time to erase it
<Adri2000> zul: is it a problem that my merge request is for lp:ubuntu/horizon instead of lp:~ubuntu-server-dev/horizon/essex ?
<Adri2000> (realized that today :/)
<e_t_> tarvid: At that point in the installer, nothing has been changed, so you can just reboot if the raid isn't detected.
<zul> Adri2000: yeah can you merge it against lp:~ubuntu-server-dev/horizon/essex please
<Aison> tarvid, since ubuntu 11.04, I've got also this strange "Waiting for network connection" message at boot up, on ALL my desktop machines, it's just crap
<tarvid> does not make one cheery
<uvirtbot> New bug: #949442 in maas (main) "hard coded list of ubuntu release names, should use distro-info" [Undecided,New] https://launchpad.net/bugs/949442
<tarvid> dhcp fails on install, time to fix that first
<Adri2000> zul: done https://code.launchpad.net/~adri2000/horizon/rename-apache-config-file/+merge/99574
<zul> Adri2000: cool thanks
<tarvid> how am i supposed to use network-manager to add aliases?
<bluefrog> tarvid, aliases? oh thought you had your own dns server
<tarvid> I do but want to add ethernet aliases to a host
<bluefrog> tarvid, is your resolv.conf still a symlink?
<bluefrog> tarvid, deit /etc/hosts for aliases
<bluefrog> edit
<tarvid> about to reload, testing static IP addresses issued by ISP, that is why I want to add aliases on another machine to make sure the routes work
<koolhead17> popey, around?
<koolhead17> popey, just wanted to tell you we should not feed those trolls!! :)
<tarvid> how come aliases in network-manager do not show up in ifconfig?
<rbasak> Daviey: can we talk about my service orchestration / system management blueprints tomorrow?
<Daviey> rbasak: ping me in the morning?
<Daviey> rbasak: well have a voice chat
<roaksoax> SpamapS: how can I start an upstart job after a init script has started a daemon
<SpamapS> roaksoax: two options. Either a) change the init.d script to emit an event when it is started, or b) convert the init.d script to an upstart job
<roaksoax> SpamapS: cool thanks and yes I had to patch the init script
<rbasak> Daviey: will do, thanks
<Daviey> rbasak: still around?
<Daviey> rbasak: Does OpenMPI need to be in beta2?
<rbasak> Daviey: I'm not aware of a need. I think janimo uploaded it
<Daviey> http://launchpadlibrarian.net/98532550/openmpi_1.4.3-2.1ubuntu2_1.4.3-2.1ubuntu3.diff.gz
<tarvid> installing 12.04 server - long pause after configuring network manually. What is it doing?
<SpamapS> tarvid: testing your patience ;)
<SpamapS> Ursinha: what happened to the old server team SRU report?
<Ursinha> SpamapS, it's supposed to be there
<SpamapS> Ursinha: where?
<Ursinha> SpamapS, where it was before :) let me find the link
<SpamapS> should go in the knowledge base
<SpamapS> Ursinha: and thank you for finding it for me. :)
<smoser> Daviey, we're expecting cloud-images for beta-2 candidates tomorrow?
<smoser> (and the same for ISO)
<zul> adam_g: i added convert_to_sqilte.sh and sample_data.sh to keystone.install
<Ursinha> SpamapS, hm, it seems it's a bit broken
<Ursinha> zul, where did you place your old sru report?
<adam_g> zul: whats convert_to_sqlite do?
<Ursinha> it was you?
<Daviey> smoser: Yep, i'm not going to bed until we have a viable candidate
<smoser> you have a bed?
<Ursinha> lol
 * SpamapS sleeps on a pile of old scraps and feathers
<zul> Ursinha: should be in the same place as last time
<Ursinha> zul, I can't remember where
<Ursinha> hahahaha
<Ursinha> we're all doomed
<zul> http://people.canonical.com/~chucks/SRUTracker/
<Ursinha> ah, it's chucks
<Ursinha> I was trying zul
<Ursinha> y u no use the same nick!?
<zul> alter-ego
<Ursinha> lol
<Ursinha> thanks zul
<Ursinha> bad news is that it seems equally broken
<Ursinha> sigh
<Ursinha> SIGH
<Ursinha> SpamapS, I'll fix that
<SpamapS> Ursinha: thank you!
 * SpamapS had not looked at it in a while but was wondering how we were doing at keeping up w/ SRU's
<Ursinha> SpamapS, it's here: http://reports.qa.ubuntu.com/reports/ubuntu-server/sru-report.html
<Ursinha> you can bookmark it
<Ursinha> :)
<SpamapS> Ursinha: done, and maybe once its fixed, add it to the KnowledgeBase page as well?
<Ursinha> SpamapS, surely
<Ursinha> we might want to add stats.qa.ubuntu.com/reports/ubuntu-server/ as well
<zul> SpamapS: im not keeping up with the sru report at all
<allowoverride> whats a good program for vitualizing OS on debian based servers like ubuntu
<allowoverride> i did a headless a while back on ubuntu 6.x. wondering what other free progs are avail... thanks!
<guntbert> !kvm | allowoverride
<ubottu> allowoverride: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<allowoverride> uses libvrt
<allowoverride> ok, anything else?
<allowoverride> i like virt-manager :) and xm cmd's
<allowoverride> oh im new to xen by the way
<rhys> so orchestra. anyone using it yet?
<uvirtbot> New bug: #966552 in net-snmp (main) "error with netsnmp.snmpwalk in libsnmp-python " [Undecided,New] https://launchpad.net/bugs/966552
<uvirtbot> New bug: #966558 in juju (universe) "add explicit ingress rule on non-Local provider bootstrapping node for zookeeper" [Undecided,Triaged] https://launchpad.net/bugs/966558
<uvirtbot> New bug: #966563 in juju (universe) "document best practices for keeping systems up to date" [Undecided,Triaged] https://launchpad.net/bugs/966563
<uvirtbot> New bug: #966566 in juju (universe) "create/document charm store review process" [Undecided,Triaged] https://launchpad.net/bugs/966566
<uvirtbot> New bug: #966569 in juju (universe) "document current lack of zookeeper ACLs (dup-of: 966573)" [Undecided,Triaged] https://launchpad.net/bugs/966569
<uvirtbot> New bug: #966573 in juju "document current lack of zookeeper ACLs" [Undecided,Triaged] https://launchpad.net/bugs/966573
<uvirtbot> New bug: #966577 in juju (universe) "add explicit egress 'owner' rule on non-bootstrapping nodes to require root access to zookeeper" [Undecided,Triaged] https://launchpad.net/bugs/966577
<uvirtbot> New bug: #966583 in juju "document lack of encryption in the juju environment" [Undecided,Triaged] https://launchpad.net/bugs/966583
<uvirtbot> New bug: #966584 in juju (universe) "implement explicit ingress filtering for Maas nodes" [Undecided,Triaged] https://launchpad.net/bugs/966584
<uvirtbot> New bug: #966590 in juju (universe) "implement full explicit ingress filtering on non-Local provider bootstrapping node" [Undecided,Triaged] https://launchpad.net/bugs/966590
<pabelanger> Is the ubuntu release team responsible for actually creating the ISO (specifically the mini.iso)?
<pabelanger> I'm looking for the process that is actually used (eg: scripts)
<uvirtbot> New bug: #813773 in juju "Juju should have security rules/acls for every path in zk" [High,In progress] https://launchpad.net/bugs/813773
<uvirtbot> New bug: #966601 in juju (universe) "encipher or remove sensitive credentials from zookeeper" [Undecided,Triaged] https://launchpad.net/bugs/966601
<uvirtbot> New bug: #966605 in juju (universe) "document best practices for securing communication between juju nodes" [Undecided,New] https://launchpad.net/bugs/966605
<raubvogel> editing rsyslog config: rsyslog.conf, rsyslog.d/50-default.conf, or create a file in rsyslog.d/ ?
<uvirtbot> New bug: #966611 in juju (universe) "add man pages for juju commands" [Undecided,Triaged] https://launchpad.net/bugs/966611
<uvirtbot> New bug: #966617 in juju (universe) "supply high level design documents" [Undecided,Triaged] https://launchpad.net/bugs/966617
<kirkland> hmm, seems that dkim-filter no longer exists in Ubuntu 12.04
<kirkland> I was using that happily on Ubuntu 10.04
<kirkland> anyone know if there's a replacement?
<bemu> Anyone seen apt-get failures on EC2 akin to: https://gist.github.com/0f8b5d1be792990d1bc6
<bemu> It's strange because it looks like the files are being pulled from the same place with --fix-missing: https://gist.github.com/2703c9b26d594d36f6a5
<dork> hi all, i've got a few ubuntu servers connected to an ip based kvm. i've got communication with the serial port during post, grub, and if therer isn't a failure between runlevel 1 and 2 i can see that and everything going forward, if there is an issue during boot up like prompting for raid degraidation boot override or if a software array cant assemble, or any failure for that matter that results to a busybox prompt, i lose my communication with the box
<mgw> is it possible (reasonably easily) to run sshd on separate ports, with different sshd config settings for each port?
<raydog45000> I just recently set lamp up on my ubuntu desktop and am trying to convert it to pure server, I can access it via ssh on mylocal host, does anyone know a good guide to make it accessible from the net or know how?
<ChmEarl> raydog45000, iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
<raydog45000> what does that do?
<ChmEarl> raydog45000, if you have a router (hw firewall) then open port 22 there
<raydog45000> ok
#ubuntu-server 2012-03-28
<uvirtbot> New bug: #966707 in vsftpd (main) "not built with all hardening features" [Undecided,New] https://launchpad.net/bugs/966707
<SpamapS> roaksoax: FYI, regardin maas and rabbitmq.. we should fix MaaS to not fail if RMQ is not running yet, rather than try to coordinate w/ upstart. They won't always live on the same box, so its not really viable to believe we can control the bootup order of machines in a distributed setting.
<lifeless> SpamapS: +1
<SpamapS> this problem exists in tons of services.. but stuff we are writing *now* should not repeat that mistake. :)
<twb> boot order isn't deterministic even on a single host, when using upstart
<SpamapS> twb: its not supposed to be. Things that can start in parallel, should.
<SpamapS> twb: only "plumbing" should need ordering really.
<twb> just sayin
<roaksoax> SpamapS: agreed, however, this is not really an issue of maas failing, but rather, this is an issue of not being able to successfully install maas due to rabbitmq stalling the installer, and this is just a work around that allows us to successfully install maas from the installer
<roaksoax> SpamapS: and this is the only way Daviey and I could figure out to do so
<Smaug> hey all, how do I find out under what user my apache process is running?
<twb> It's www-data unless you've messed up
<twb> you would find out by looking at ps output or pgrep and /proc
<myhrlin> or by checking apache's config file
<Smaug> thanks
<Smaug> twb
<twb> myhrlin: well if you trust config files ;-)
<twb> Could be config was changed since apache was last started
<myhrlin> ah, hopefully you wouldn't have any untrusted users on the machine to do that and not restart the daemon
<twb> fsvo untrusted users = idiot coworker sysadmins, but yeah
<myhrlin> yeah I wouldn't trust them
<twb> Fucking cups and its stupid conflation of conffile and state file
<twb> http://paste.debian.net/161199/ my etckeeper logs are FULL of that crap
<Smaug> quick check - any dangers on giving www-data write access to a folder containing a website?
<twb> Yes
<twb> Tell your web app author to get a goddamn clue
<twb> Also probably better to discuss this on #httpd
<qman__> yeah, if the httpd has write access to any directories which contain scripts or could contain scripts, invariably when the website code vulnerabilities are found they will use it to upload nasty things
<twb> Especially if you enable scripts ;-)
 * twb comes from the "static HTML or GTFO" school
<Smaug> hmm
<Smaug> ty
<dork> np dragon
<SpamapS> roaksoax: yeah that makes sense. My main point is simply that it is better solved upstream by maas itself.
<SpamapS> roaksoax: the mistake is in the way maas did things.. you're just working around that.
<uvirtbot> New bug: #781949 in txaws "Must check certificates for validity" [High,In progress] https://launchpad.net/bugs/781949
<JayWalker_> I changed some things on my server (none of which should have caused this) and suddenly I'm getting 403 errors from apache on ALL my host names even with the file/folder permissions set to 777. wat do?
<uvirtbot> New bug: #960713 in quantum (universe) "more debian/control issues" [Low,Fix released] https://launchpad.net/bugs/960713
<RoyK> gd mrnng
<acidflash> hello all,
<acidflash> i am having problems with processes blocking for more than 120 seconds
<acidflash> i have a raid card, and 10 hdd's installed in jbod, each disk is an array (using it as a sata expansion card), and jfs
<acidflash> during rsync, after all the memory 16 (gb) fills up
<acidflash> the rsync will go into D state, and when i dmesg, i get the following -> http://pastebin.com/ZYqehBxa
<acidflash> i've googled long and hard, and have come to no conclusion,
<acidflash> kernel is 3.0.X
<twb> acidflash: do you have swap?
<acidflash> twb: yes
<twb> It's probably swap thrashing if memory is full
<twb> 2.6 *sucks* at swap IME
<twb> Dunno abuot 3.x
<acidflash> take a look at pastebin its dmesg
<twb> Those aren't helpful without more context
<twb> You say you have jfs and JBOD SATA disks -- is there anything in between (mdadm, LVM, ...) ?
<acidflash> yes, sorry, there is LVM
<acidflash> no mdadm
<twb> so what each SATA HDD is a PV and they're all one VG, and you have a jfs on top of that, spanning PVs?
<acidflash> yes sir
<twb> OK.  You realize your MTBF is pretty fucked in that layout, right?
<acidflash> why would it be? its just a sata expansion, it shouldnt be
<twb> Because the failure of any one disk will lose your entire array
<acidflash> each disk is a seperate array, and then put into lvm
<twb> You're effectively got an unstriped raid0
<acidflash> twb, each disk is  seperate array
<twb> Right so you have zero redundancy
<twb> zero parity
<acidflash> there is a way to replace a disk in lvm, only losing data on that disk
<acidflash> these files are not mission critical
<twb> OK, so long as you realize that
<acidflash> its just a bunch of videos cached from youtube
<twb> And jfs would probably be pretty pissed off about having a 2TB chunk of its blocks zeroed, obviously
<acidflash> yes, i realise there is no redundancy
<twb> Okey dokey
<twb> How are you calling rsync?
<acidflash> truth is i havent tested with jfs, ext 4 is not to shabby about it
<twb> And how big are the source and destination dirs
<acidflash> rsync -avHP --ignore-existing --exclude '1oBrGpbCGqs' -e ssh root@XX.XX.XX.XX:/videos/youtube /videos/
<acidflash> thats how i am calling rsync,
<acidflash> source dir is about 8.8TB
<acidflash> destination DIR has upper limit of 28 TB
<twb> Do you need -H?  That probably pisses it off.
<acidflash> no, not necessarily
<acidflash> would be nice to have though
<acidflash> i have done 8.3 TB with it
<acidflash> if i stop now, will it effect anything negatively?
<twb> as in interrupt rsync?
<acidflash> because the remaning data will be in the same dir
<twb> I wouldn't think so
<acidflash> no, not interrupt, i need to recall rsync
<acidflash> i mean data integrity
<twb> I don't follow
<acidflash> H = hard link
<acidflash> 8.3 TB of data with hard links
<acidflash> the remaning 600 Gigs not hard link
<acidflash> would that be a problem ?
<twb> Not using -H just means if foo.c and bar.c are hard-linked on the source, they won't be hard-linked on the destination
<acidflash> mmmmmmmmmmmmm
<acidflash> ok
<twb> If you don't use links extensively, it shouldn't be a big deal
<acidflash> i dont
<twb> You can always relink them post-facto with perforate's finddup -l
<acidflash> ok ill try without -H
<twb> Other than that I can't think what else would be giving you grief
<acidflash> so the swap is causing hte problem you think?
<twb> swap thrash just means the system will hang instead of killing off naughty procs
<twb> Look at free -m or free -g during the issue and if swap is being used that's a tip off
<twb> btw next time I would suggest doing raid0 w/striping in mdadm rather than using lvm for this use case
<acidflash> why would you recommend that over lvm
<acidflash> for performance?
<twb> because that's what it's for
<twb> atm if you do synchronous writes, they'll all go to one disk and the rest will idle
<twb> (Unless you've explicitly striped in LVM, anyway)
<twb> Look at iostat and see if all your writes are bunched into one or two disks
<acidflash> nah, they are spread across many
<twb> hum.
<acidflash> there is a nice util called saidar
<twb> I find that surprising, but whatever
<acidflash> shows me disk, network, cpu, io etc.
<twb> cute
<twb> Ah, free supports -h in recent versions.
<acidflash> there isnt much stress in reads on these disks, and i need them to just be one large chunk, thats why i avoided raid0, because if 1 fails, all fails, with lvm, i just replace empty hdd, put UUID of old hdd on it, fsck, 0 the place that that hdd held, and go on like nothing happened
<acidflash> only losing data on that disk
<acidflash> raid1 would be nice, but i need double the storage
<twb> acidflash: you should be able to do that with raid0 as well
<twb> I haven't done it myself because usually if I need volatile storage I just put in a shitload of RAM
<acidflash> twb: then obviously raid0 is a better choice, but ive never actually done it or come across someone doing that with raid0, i was unaware you could,
<twb> mdadm is pretty flexible
<twb> obviously you should test it first; ICBW :-)
<acidflash> yeah, ill test it on a small storage
<acidflash> im doing it now without -H
<acidflash> see if its hangs,
<twb> if that doesn't work try turning swap off entirely (temporarily at least) with swapoff -a
<acidflash> from what i read on google, heavy io with rsync in any type of raid, is blocking for whatever reason, and it hasnt been solved (in any of the articles in 2011)
<acidflash> aha
<acidflash> ok
<twb> That might just be me being an anti-swap bigot
<acidflash> well its worth a try
<acidflash> just to finish rsync
<acidflash> i probably wont be having these problems once i start serving from it
<acidflash> average io is not more then 45 mb/s read
<twb> The other thing you could do is just use tar or something and be super lazy
<acidflash> 15 mb/s write
<clarezoe> Hi, I'm trying to add cgi support to apach but every time I open localhost, the browser asks me to download. I'm following the doc http://httpd.apache.org/docs/2.2/howto/cgi.html and here is my httpd.conf http://paste.ubuntu.com/903495/ . Please help, thanks!
<acidflash> but rsync is doing close to 350-400 mb/s
<twb> tar over nc instead of ssh I mean
<acidflash> mm
<twb> Or nfs, or whatever
<twb> There are lots of ways to just shove shit from one place to another
<acidflash> yeah
<acidflash> whats your preferred raid card?
<acidflash> areca?
<twb> Uh, no.  mdadm.
<twb> Hardware raid an expensive, buggy, unreliable pain in the arse.
<acidflash> what if you need lots of ports, what do you do
<acidflash> ie: i need atleast 20 sata
<acidflash> other then the 7 on board
<twb> You get a $10 SATA to PCIe bridge and put it in jbod mode
<acidflash> any _good_ pci-x to sata only has 2 on it
<acidflash> 2 x 6 pci-x = 12
<acidflash> still 8 short
<twb> pcix?  That's not dead yet?
<acidflash> pci-express
<twb> That's pcie
<acidflash> depends where you are ;)
<twb> If you are putting more than 6 disks in a machine you probably need to consider getting a fancy-pants enterprise case or mobo, or a NAS or a SAN
<acidflash> correct terminology is probably pci-e
<twb> pcix was a competing standard
<acidflash> i can use SAN or NAS for my caching systems
<acidflash> it needs to write to local disks,
<acidflash> it cant write to network storages
<twb> Shrug.  I'm just giving you my opinions.  You don't have to follow them.
<twb> I'd have to run the numbers, but I expect the PCIe or QPI backplane of a workstation mobo can't sustain a whole lot more than 6 or 8 disks
<acidflash> bandwidth wise it can
<acidflash> 66 Mhz is plenty
<twb> That's a clock cycle rate, not bandwidth
<acidflash> its bus speed for port
<smb> Daviey, Morning Sir! Can I get you to have a look at bug 882540? I think it would be ready for some sponsorship, sir! ;-)
<uvirtbot> Launchpad bug 882540 in iscsitarget "kernel crash whenever it is accessed" [Undecided,In progress] https://launchpad.net/bugs/882540
<acidflash> you can calculate bandwidth from it, cant you
<acidflash> oh i forgot to mention, these disks are 3 TB GPT
<acidflash> twb: does that change anything?
<twb> 66MHz appears to be a PCI clock.  PCI-e v3.0 is rated at 1GB/s per lane.
<acidflash> 33 Mhz = pci
<twb> acidflash: well, it means you'll get some write amplification if your blocks aren't aligned.
<acidflash> PCI-E 2 is 66 mhz
<twb> acidflash: ref. https://en.wikipedia.org/wiki/PCIE and https://en.wikipedia.org/wiki/PCI
<Daviey> smb: looking
<Daviey> (morning smb, btw o.)
<twb> "As a point of reference, a PCI-X (133 MHz 64-bit) device and PCIe device at 4-lanes (Ã4), Gen1 speed have roughly the same peak transfer rate in a single-direction: 1064 MB/sec."
<acidflash> yes i saw that
<acidflash> but PCI-X @ 133 Mhz is definitely not correct
<acidflash> if by PCI-X they mean the old PCI
<acidflash> its plausible for express
<smb> Daviey, The problem itself is probable valid back to oneiric (at least I think I remember reports that had 3.0 kernels in them), but I have not, yet prepared a debdiff for that...
<twb> No, as I said PCI-X was a competitor to PCIe and it is now obsolete.
<twb> https://en.wikipedia.org/wiki/PCI-X
<acidflash> ahhhhhh
<acidflash> ok
<acidflash> yes very possible then
<Daviey> smb: looks good!  Whilst not /required/, it's good pratice to use dep-3 patch headers (tagging).. Have you come across it before, http://dep.debian.net/deps/dep3/ ?
<twb> Backplane on a Z68 (for example) appears to be "DMI" now, not PCIe or QPI
<smb> Daviey, Not yet, will have to look at the documentation
<twb> "The original implementation provides 10 Gbps each direction (using a x4 link). DMI 2.0 (introduced in 2011) doubles the transfer rate to 20 Gbps with a x4 link."
<acidflash> yeah i can believe it
<Daviey> smb: skip directly to the end, there are some examples, slightly higher up there is detailed explanation.. if you wanted to do that, i'd be happier.. but i'm not going to make it a requirement.
<acidflash> especially with ocz pushing their HSDL's
<twb> acidflash: that's between the north and southbridges
<acidflash> if you ptu a bunch of ssd's in raid0, they are doing amost 2TB/s
<acidflash> sorry
<twb> acidflash: i.e. between the CPU and the peripherals
<acidflash> 2 GB/s
<smb> Daviey, I am using a format like we have for the kernel right now (to have s-o-bs and references to bugs and origin)
<twb> Given that SATA can do a theoretical 6Gbps, that means you can have up to three disks before you bottleneck at the backplane
<acidflash> thats a good point
<twb> Of course the heads can't pull data off spinning metal at 6Gbps, but you see my point that you at least need to run these numbers rather than just shoving a shitload of disks in a case and hoping for the best
<Daviey> smb: Yep.. so i can upload as is, but if you want to change to dep3, i'll hold out.
<acidflash> twb: I normally dont use the onboard sata for more then the system and logs
<acidflash> normal throughput is probably not even 2Gb/s
<acidflash> but the load is on the PCI-Express cards
<acidflash> thats a different story
<acidflash> I dont think the backplane applies to them
<acidflash> otherwise its not possible to push 20 Gb/s with 4 OCZ's Raid0 striped
<acidflash> and its been doen
<smb> Daviey, Seems more or less I already got the information in, just not exactly in the right format. But if you are ok with it, I think for now I would prefer to keep it that way and try to comply better for future changes.
<acidflash> done*
<twb> acidflash: uh, if you plug a pcie card in, that goes disk --sata--> pcie card --pcie--> southbridge --dmi--> northbridge --> cpu
<acidflash> then something is off with the numbers :)
<twb> Probably
<acidflash> not my numbers
<twb> Or the OCZ guy was lying, or he didn't use a 4 lane DMI backplane
<acidflash> read about OCZ-Vertex 3 Max IOPS
<acidflash> mm
<acidflash> yes thats possible also
<acidflash> not 4 lane
<twb> Enterprise gear, like blade racks, will have different backplanes
<acidflash> yes thats 100% true
<twb> acidflash: 4 lanes on the mobo between north and south bridge, not pcie x4
<acidflash> yes i understand
<rbasak> Daviey: ping
<Daviey> rbasak: I have a call starting in 30 seconds, after that.. Fancy a chat?
<rbasak> Daviey: OK
<acidflash> tried without rsync without -H and still same problem
<acidflash> is here no solution to this?
<acidflash> there*
<lynxman> morning o/
<clarezoe> hi, when I open 127.0.0.1 the script works but the browser asks me to download if I open localhost. anyone can help? Thanks
<larsemil> is there some nice lvm manager made in curses?
<acidflash> ok this is EXTREMELY annoying
<uvirtbot> New bug: #967037 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/967037
<mrrothhcloud_> I want a easy webplatform, for my consulting website, should I use webpress
<mrrothhcloud_> wordpress
<mrrothhcloud_> I am hosting on a ubuntu server, should if I go with wordpress use the pakcage in repostory or should I choose another platform all togther
<uvirtbot> New bug: #967082 in rabbitmq-server (main) "package rabbitmq-erlang-client 2.7.1-0ubuntu3 failed to install/upgrade: subprocess new post-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/967082
<lynxman> roaksoax: ping
<smoser> Daviey, are we thinking today's cloud images should be tested ?
<smoser> for beta-2
<Daviey> smoser: There isn't anything i'm aware of that makes a change to cloud-images packages pending.
<roaksoax> lynxman pong
<lynxman> roaksoax: morning sir, I have a couple questions for you orchestra related
<lynxman> roaksoax: I got the new precise profile in place (thanks!) and while trying to juju bootstrap the machine I marked as net bootable reinstalls properly but doesn't install zookeeper or anything extra
<lynxman> roaksoax: http://pastebin.ubuntu.com/903894/
<lynxman> roaksoax: have you found this issue before?
<smoser> jamespage, that means to you, an we run full test ?
<lynxman> roaksoax: juju is 0.5+bzr401-1juju1~oneiric1
<smoser> of the 20120328
<roaksoax> lynxman: let me see
<zul> Daviey: ping im going to replace the console patch that we carry with the new one
<Daviey> zul: I assume you'll put it through CI, and make sure it DTRT
<zul> Daviey: yep
<roaksoax> lynxman: that's done by cloud-=init are you sure it is running on boot?
<lynxman> roaksoax: it is afaict
<lynxman> roaksoax: just PMed you credentials if you fancy a look
<roaksoax> lynxman: so check the cloud init logs
<lynxman> roaksoax: I reckon cloud-init running is attached to the profile right?
<jamespage> smoser: I can kick that off now
<smoser> thank you, mr. page.
<jamespage> smoser: 20120328 to confirm todays image?
<smoser> yeah.
<jamespage> OK running now
<smoser> hallyn, i responded to your performance mail
<smoser> and then had one more thought.
<smoser> i gues i'd like to see what we're doing by default in ubuntu with cache=
<smoser> as the kvm man page says: "Some block drivers perform badly with cache=writethrough, most notably, qcow2."
<smoser> if we're doing that combination by default.. maybe we at least want to know if qed would make a difference. i probably woudn't advocate for changing from qcow at this point as default, but a good data point.
<zul> Daviey/smoser: nnnnnghhh
<zul> smoser: http://paste.ubuntu.com/903947/
<smoser> hallyn,
<smoser> http://paste.ubuntu.com/903859/
<smoser> oops
<smoser> hallyn, http://paste.ubuntu.com/904000/
<smoser> basically 512 (default bs for dd) is what is completelyh sucking
<gary_poster> hallyn, hi.  We didn't really think apport info was necessary for bug 959352 but we just added it anyway because we didn't see any action on it.  Do you happen to know any behind-the-scenes information on the kernel side of it?
<uvirtbot> Launchpad bug 959352 in lxc "Ephemeral containers have "/rootfs" prefix in /proc/self/maps entries" [High,Confirmed] https://launchpad.net/bugs/959352
<smoser> hallyn, then, when going to file in root disk, http://paste.ubuntu.com/904004/ (including sync) we still get good speed.
<smoser> hggdh, i suspect bug https://bugs.launchpad.net/ubuntu/+source/fence-agents/+bug/961232
<uvirtbot> Launchpad bug 961232 in fence-agents "running multiple 'cobbler system reboot --name=xxx' at the same time, fence_cdu lists ALL reboots" [Undecided,New]
<smoser> is fairly important to you
<smoser> ?
<hggdh> smoser: sort of: I think it is just mixing the commands & responses received (on the many different ssh sessions to the PDU)
<hggdh> if this is the case, then I do not really care, I can live with the excess output
<smoser> wait. what?
<smoser> is it rebooting the systems or not.
<hggdh> at this point in time, I am commanding reboot on 4 systems, via 4 different jenkins jobs
<hggdh> each job deals with ONE and ONLY ONE machine
<hggdh> but the output shows the commands and responses of ALL machines
<hggdh> and the systems do get rebooted
<hggdh> smoser: my itch is (apart, of course, of seeing more than I should see): is this just the PDU crappy code mixing the output, or, somehow, fence_cdu is commanding all to reboot when called with just one
<hggdh> I frankly think the latter option quite farfetched. But this is software :-)
<smoser> hggdh, right.
<smoser> that should be easily testable, though, hggdh
<smoser> if you issue a reboot of one system, and all reboot ....
<smoser> then we need to fix that
<smoser> :)
<hggdh> yeah. I intend to check on it as soon as beta2 ends
<hggdh> when I opened the bug I had just had a WTF moment seeing the output, and decided to get it recorded ASAP
<jamespage> utlemming, did you just kickoff a precise ec2 test run
<jamespage> ?
<utlemming> jamespage: yes
<utlemming> did I mess something up?
<jamespage> utlemming, hrm - no its running fine
<jamespage> smoser got me to press the button about two hours ago - https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/precise-server-ec2/6/
<jamespage> **\0/** all green!
<utlemming> can you cancel the run? or should we just let it run through?
 * jamespage thinks bout that one
<jamespage> utlemming, lets just let it run
<jamespage> utlemming, if its less green I'll delete it
<utlemming> k
<jamespage> smoser, Daviey: https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/precise-server-ec2/6/  all looking good
<jamespage> thats the first entirely successful run we have ever had on a full test
<smoser> jamespage, but then utlemming had to run it again ?
<smoser> is that what i see above?
<smoser> way to ruin a good result, u
<smoser> utlemming,
<smoser> :)
<jamespage> smoser, like I said - I'll delete the second set of results if they are less green :-)
<utlemming> jamespage: lets delete the second run if they fail too :)
<utlemming> then I don't ruin smoser's happy day
<koolhead17> hi all
<robbiew> arosales: SpamapS: looks like https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-juju-charm-testing needs some DONE or POSTPONE love ;)
<arosales> SpamapS: should we postpone the charms and other providers except canonistack and EC2?
<koolhead17> Essex/Precise screencast https://vimeo.com/39299140
<koolhead17> looks interesting without audio though
<level15> hi: what is your suggested way of backing up your KVM virtual machines?
<SpamapS> indeed, I'll postpone some stuff
<uvirtbot> New bug: #967296 in php5 (main) "package libapache2-mod-php5 5.3.5-1ubuntu7.7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/967296
<arosales> SpamapS: thanks for adding the updates to Juju charm testing. If its ok with you I am also going to mark deploy framework against ec2 and canonistack as "INPROGRESS"
<SpamapS> arosales: I don't really think it is in progress ??
<arosales> SpamapS: Is that what m_3 is working on?
<arosales> or is that more of the implement work item?
<SpamapS> m_3: are you working on getting the test suite runnign with an ec2 and canonistack config?
<SpamapS> arosales: they can certainly be decoupled
<arosales> SpamapS: ok.
 * arosales will wait to see what m_3's current status is.
<uvirtbot> New bug: #967311 in whois (main) "Incorrect 6to4 handling" [Undecided,New] https://launchpad.net/bugs/967311
<m_3> SpamapS: yes
<hallyn> smoser: interesting
<hallyn> gary_poster: I don't know of any behind-the-scenes action, sorry.  Oh, though apw was going to try merging the latest upstream
<hallyn> (of overlayfs)
<m_3> arosales SpamapS: I'm working to get the current charmtesting framework working against ec2 and canonistack
<arosales> m_3: SpamapS: would it be reasonable to mark deployment against ec2 and canonistack as in progress @ https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-juju-charm-testing  then?
<m_3> arosales: just updated that
<gary_poster> ack thanks hallyn
<arosales> m_3: thanks
<m_3> arosales: np
<hallyn> gary_poster: the shame is this is horribly interesting to me, i'd love to dig into exactly what's happening;  but i need to focus on libvirt's stability
<JayWalker_> Is there a quick and easy way i can set apache back to default configuration?
<hallyn> jjohansen: terribly sorry..   but jamespage saw a reoccurance of bug 925024
<uvirtbot> Launchpad bug 925024 in linux "apparmor makes it impossible to install postgresql-common on Precise" [Medium,Fix released] https://launchpad.net/bugs/925024
<roaksoax> SpamapS: howdy! So I was wondering whether you think is best to do this : initctl emit --no-wait rabbitmq-server-running or [ -n "$UPSTART_JOB" ] && initctl emit --no-wait rabbitmq-server-running
<roaksoax> SpamapS: in rabbitmq's init script
<smoser> adam_g, if you have an unmodified ubuntu precise openstack installation running, could you pastebin 'virsh dumpxml instance-id' and ps -axww | grep kvm ?
<SpamapS> roaksoax: thas the right way to do it if you want to coordinate on a single node.
<smoser> i'm just curious to see what all we're setting, and to lazy to do it myself.
<adam_g> smoser: yeah, one sec
<SpamapS> roaksoax: rather, just calling initctl without a [ -n ]
<roaksoax> SpamapS: cool, thanks
<adam_g> smoser: oh actually, what do you mean unmodified? i just updated to trunk at home, i can get you that from CI lab probably, but its running a version thats different than precise atm
<smoser> well, give me what you can. and guess if it is differeent.
<SpamapS> roaksoax: should also open a task upstream w/ maas to make it wait for the rabbitmq server rather than failing if its not available though. :)
<smoser> ie, is the CI lab likely to have changed the libvirt xml ? and kvm?
<SpamapS> roaksoax: not to beat on a dead horse. ;)
<adam_g> smoser: heres xml: http://paste.ubuntu.com/904274/
<gary_poster> hallyn, completely understand.
<adam_g> smoser: http://paste.ubuntu.com/904276/ kvm proc
<smoser> carp, hallyn, you see that ^ ?
<smoser> cache=none on the root disk.
<roaksoax> SpamapS: heh, yeah well the issue is not really maas not waiting for rabbitmq, but rather, the creation of user/vhost/permissions fail on CD installation
<roaksoax> SpamapS: since this is done in maas postinst, then on the installer things fail, while on a normal apt-get it works
<adam_g> smoser: oh, actually, on that node i am running 2012.1~rc1-0ubuntu2
<adam_g> smoser: yeah, looks like all disks are hard-coded as cache='none in libvirt.xml.template
<smoser> adam_g, actuallyu, i dont see cache= at all in the libvirt
<smoser> in the xml
<smoser> meaning libvirt mus be doing that by default
<smoser> or i'm missing it
<SpamapS> roaksoax: I see.. definitely makes sense then.
<adam_g> smoser: <driver name='qemu' type='qcow2' cache='none'/> ?
<SpamapS> roaksoax: shouldn't the udeb depend on rabbitmq though?
<SpamapS> roaksoax: then it would be guaranteed to be configured before.
<roaksoax> SpamapS: it's not a udeb, it's the package being installed in-target
<roaksoax> SpamapS: but since rabbitmq is not running on installer time, then it does not create the stuff needed
<smoser> adam_g, what file is that in ?
<smoser> i dont see it in nova source
<SpamapS> roaksoax: you're allowed to 'invoke-rc.d rabbitmq-server start' in a postinst...
<SpamapS> roaksoax: though this seems more complicated than that
<adam_g> smoser: i pulled that from the pastebin
<SpamapS> roaksoax: can maas use a remote rabbitmq? If so, is there a debconf question?
<Daviey> SpamapS: invoke-rc.d in the installer won't work directly because of policy.d
<adam_g> smoser: http://paste.ubuntu.com/904288/
<adam_g> smoser: /usr/share/pyshared/nova/virt/libvirt.xml.template
<SpamapS> Daviey: *uggh*
<adam_g> smoser: apparently users can provide their own template to be used instead of the default, though ive not done that
<SpamapS> what a freakni mess
<SpamapS> Daviey: how then is maas started to create the user?
<Daviey> SpamapS: it just needs more gaffa tape
<smoser> adam_g, not in longer.
<smoser> not on trunk
<smoser> that file is gone
<roaksoax> Daviey: https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/913464
<uvirtbot> Launchpad bug 913464 in rabbitmq-server "rabbit creates new PAM session" [Medium,Fix released]
<Daviey> SpamapS: invoke-rc.d --force or /etc/init.d/ override policy.d :)
<Daviey> ^^ gaffa tape.
<uvirtbot> Daviey: Error: "^" is not a valid command.
<roaksoax> Daviey: see above patch, I think that fixes our issues
<smoser> https://review.openstack.org/#change,5621
<adam_g> smoser: yeah, i know about that. but i thought we were talkin about essex? :)
<smoser> oh, thats not essex.
<smoser> ok.
<smoser> thats fine.
<roaksoax> Daviey: ah no, that is already merged
<SpamapS> Daviey: indeed....
 * SpamapS backs away slowly
<smoser> well, hallyn adam_g it looks like cache=none has been default for a while.
<smoser> https://review.openstack.org/#change,5769
<smoser> (it was before tha too)
<hallyn> cache is for wussies
<smoser> ah.
<smoser> for some reason i always had in my head that none == unsafe
<smoser> or at least ~ unsafe
<zul> adam_g: still around?
<adam_g> zul: yeah
<zul> adam_g: so im doing some work on the nova packaging branch, im going to make it fail if the tests suites (it needs a fix in python-netadr which i will upload tomorrow) and i swapped out the conosle patch with the new console patch as well
<adam_g> zul: what is the status of the new  patch?
<zul> adam_g: fails some pep8 tests right now but it has been reviewed with asking a bigger file size to check
<adam_g> zul: hmm looking for the gerrit proposal
<zul> adam_g: https://review.openstack.org/#change,5873
<JayWalker_> I hosed my apache2 install. I reinstalled all the apache2 packages and it's back to default config, but still doesn't work. It cant see anything in /var/www even with permissions wide open. What can i do?
<adam_g> zul: oh, thats cool libvirt upstream is looking to solve this
<zul> adam_g: da
<adam_g> zul: id really prefer we wait to get some more 1+'s from upstream before carrying it. can we run it in proposed and do some heavy testing on it first?
<zul> adam_g: yeah its alreayd in the proposed tree
<adam_g> zul: ok, lemme run it through. in theory we should be able to dump gigabytes to the console logs with no issues
<adam_g> zul: did that swift test suite fix get uploaded? id like to enable keystones tests if os
<zul> adam_g: not til the beta freeze is off
<Daviey> adam_g: where is libvirt tracking it?
<adam_g> Daviey: not sure, its mentioned in zul's proposal by someone from (i assume) libvirt
<adam_g> Daviey: https://review.openstack.org/#change,5873
<zul> Daviey: since its totally libvirts fault
<zul> adam_g: also im starting to look at out of tree patches that mgith not get into final
<urthmover> is it possible to install 10.04 from a 11.04 minimal install disk?
<urthmover> I have an apple xserve and 10.04 does not boot from the disk, but the 11.04 does.  I need to test out 10.04 though.  Can this be done?
<KM0201> urthmover: i highly doubt it.
<Daviey> zul: is it, or kvm's fault?
<zul> Daviey: libvirt
<urthmover> ok KM0201 I'll take your word for it
<KM0201> urthmover: i fail to see how you think it would be possible..
<uvirtbot> New bug: #967410 in samba (main) "Windows clients cannot connect to shared printers " [Undecided,New] https://launchpad.net/bugs/967410
<uvirtbot> New bug: #966069 in horizon "/etc/apache2/conf.d/dashboard.conf contains wrong paths in the Ubuntu package" [Medium,Triaged] https://launchpad.net/bugs/966069
<uvirtbot> New bug: #967424 in cobbler (main) "Cobbler package silently creates invalid install if /var/www/cobbler directory already exists" [Undecided,New] https://launchpad.net/bugs/967424
<uvirtbot> New bug: #967430 in cobbler (main) "Switching to internal python tftp server fails due to file name change" [Undecided,New] https://launchpad.net/bugs/967430
<hallyn> aw crud.  kvm-spice -vga qxl is not working ofr me (at least with precise alternate iso)
<hallyn> sigh
<adam_g> zul: will all of these pass once that upload of yours goes in? https://jenkins.qa.ubuntu.com/view/Precise%20OpenStack%20Testing/job/precise-openstack-essex-nova-trunk/669/console
<zul> Status Code: 404
<zul> it should
<adam_g> zul: hmm. did you disable the tests or something again? nova just finally built successfully
<zul> adam_g: i disabled the tests
<adam_g> ok
<zul> adam_g: ill re-enabled them after the netaddr stuff is uploaded tomorrow
<adam_g> k
<hggdh> folks, I will need help with bug 967815
<uvirtbot> Launchpad bug 967815 in cobbler "/var/lib/tftpboot directory permissions destroyed" [Undecided,New] https://launchpad.net/bugs/967815
<uvirtbot> New bug: #967815 in cobbler (main) "/var/lib/tftpboot directory permissions destroyed" [Undecided,New] https://launchpad.net/bugs/967815
<Nicolas_Leonida2> hi, what mail server should I install for mail() to work in php?
<azneita> Nicolas_Leonida2, how about postfix
<Nicolas_Leonida2> default ubuntu server doesn't come with smtp service installed?
<hnsz> where do i put my wpa_supplicant.conf?
<kklimonda> I'm having problems mounting nfs4 share from lucid server to precise client. It looks like bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622146 - does anyone have idea if that's fixed in lucid? changelog seems to say "no"
<uvirtbot> Debian bug 622146 in nfs-kernel-server,src:krb5 "nfs-common: compatibility between squeeze and sid broken" [Normal,Fixed]
<kklimonda> yup, seems related.. oh well, I'll have to see if I can backport the patches
#ubuntu-server 2012-03-29
<hallyn> tjaalton: just tested debian sid xserver-xorg-video-qxl in precise guest, worked fine for me.
<hallyn> tjaalton: i can't say whether it fixes the standing bugs i pointed to, but quick test didn't show up any new bugs for me
<tjaalton> hallyn: nice to hear, thanks
<uvirtbot> New bug: #957003 in sssd (main) "sssd_be crashed with SIGABRT" [Undecided,New] https://launchpad.net/bugs/957003
<jamespage> Daviey: around? wanted to check something euca related with you for precise?
<Daviey> jamespage: hola
<jamespage> Daviey: there are a number of packages which won't install anymore due to euca being removed from precise
<jamespage> Daviey: python-image-store-proxy being one of them - should I go ahead and request they are dropped as well?
<Daviey> jamespage: yes please
<jamespage> Daviey, ack
<Daviey> jamespage: utlemming was removing the UEC branding i understood.
<Daviey> jamespage: We want to be as close to upstream Euca as we can.
<lynxman> morning o/
<huats> morning
<uvirtbot> New bug: #914469 in bind9 (main) "dig crashed with SIGABRT in isc_assertion_failed()" [Medium,Confirmed] https://launchpad.net/bugs/914469
<uvirtbot> New bug: #915870 in bind9 (main) "dig crashed with SIGABRT in raise() when using +trace +sigchase" [Medium,New] https://launchpad.net/bugs/915870
<uvirtbot> New bug: #923754 in ocfs2-tools (main) "ocfs2console crashed with DeprecationWarning in /usr/lib/python2.7/popen2.py: The popen2 module is deprecated.  Use the subprocess module." [Medium,Confirmed] https://launchpad.net/bugs/923754
<brontosaurusrex> hi, how would i go updating karmic server to 10.04 or something?
<rbasak> Daviey: I've filed bug 968124. What's the right way for it to be tracked appropriately? Milestone for 12.04? Or subscribe someone appropriate? Or a tag? Or something else?
<uvirtbot> Launchpad bug 968124 in rabbitmq-server "Restarting rabbitmq-server from another package's postinst hangs the init script" [High,Triaged] https://launchpad.net/bugs/968124
<jamespage> rbasak, ah - I think I just hit that - bah
<rbasak> jamespage: there's a workaround. I'll post in the bug
<jamespage> rbasak, ta - I'll target that for you as well if that helps
<jamespage> is this for beta-2?
<rbasak> beta-2 is today, isn't it?
<rbasak> I was wondering what the appropriate mechanism for targeting is really
<jamespage> rbasak, not beta-2 then
<jamespage> :-)
<jamespage> rbasak, I normally nomiate for release and target to a milestone
<jamespage> rbasak, I think you can nominate but it won't be automatically accepted
<rbasak> jamespage: does that make it show up in http://status.qa.ubuntu.com/reports/ubuntu-server/release-bugs.html? What does that report filter on?
<Daviey> rbasak: it's fixed in trunk
<Daviey> rbasak: roaksoax will be uploading a fix today, so it's in the archive for beta-2 release time
<jamespage> rbasak, ah - subscribe ubuntu-server-release-tracking
<rbasak> Daviey: ah cool, thanks
<uvirtbot> New bug: #968124 in rabbitmq-server (main) "Restarting rabbitmq-server from another package's postinst hangs the init script" [High,Triaged] https://launchpad.net/bugs/968124
<Daviey> i literally just tested his package :)
<rbasak> Daviey: I literally just reproduced on amd64 :)
<Daviey> rbasak: from the PPA?
<rbasak> Daviey: no from the archive
<Daviey> well then.
<Daviey> :)
<PedroGomes> Hi, I have dozens of machines on my lab, all equal among themselves. When I try to install the ubuntu 12.04 some machines, but not all report an error when mounting the ram disck
<PedroGomes> there is a kernel panic because it can't find the /dev/rd/0 partition
<PedroGomes> but If I install the stable version with the same pxe file
<PedroGomes> it works
<PedroGomes> any idea?
<andygraybeal> hold up, so pgadmin isn't a web interface?
<andygraybeal> *pgadmin3 ? it's asking for gtk.
<andygraybeal> grrrrr!
<andygraybeal> hmm i guess i can install it on my workstation.. and then connect to the server.. doh
<zul> beta is out yet?
<dork> its been out for weeks
<piquadrat> Hi! Is there a packed version of solr 3.x available  somewhere? 1.4 from the repos is quite ancient
<zul> good morning
<jamespage> piquadrat, not in either the debian or ubuntu archives at the moment
<jamespage> sorry - on my list for next release...
<jamespage> (your are not the first to ask :-))
<piquadrat> jamespage: it's simple enough to set it up manually, so no worries :)
<jamespage> 1.4 is not quite that ancient - its only one major release behind
<jamespage> solr skipped 2.x
<piquadrat> yeah, but Solr 3 has all these shiny new things like spatial support :)
<koolhead11> anyone around!! :P
<Amoug> What is the use of nosuid mount option if one is already mounting with noexec ? From a security perspective
<xranby> Amoug: there do pop up bugs that enable execution of binarys on noexec filesystems
<xranby> like the  /lib/ld*.so /mnt/binary  trick
<xranby> that plauged some kernels
<xranby> nosuid of course makes sure the suid bit are not set
<Amoug> xranby, so it is more of a defense in depth
<Amoug> because modern kernels fixed that trick
<xranby> Amoug: all i am saying, it looks hard to execute a binary and misuse the suid bit,  people belived it to be impossible before that trick got discovered
<xranby> net tricks can get discovered
<xranby> if you are security paranoid,, be paranoid :)
<xranby> and try secure your system before someone finds out how to get you
<xranby> its a cat and mouse race after all
<Amoug> xranby, I am more of a pentester than a sysadmin... But you have to learn how to secure, in order to know how to find flaws
<Amoug> and vice versa :)
<stgraber> hallyn: ping
<hallyn> stgraber: hey
<stgraber> hallyn: lxc-execute is mounting the mqueue filesystem on /dev/mqueue/ showing a failure with arkose (though still working fine afterwards)
<hallyn> stgraber: yes, lxc-init always does that.
<stgraber> hallyn: so I was wondering if mqueue is considered safe and if so if we should add a "mount fstype=mqueue," to the profile
<stgraber> stgraber@castiana:~/data/code/ubuntu-archive-tools$ sudo arkose -h
<stgraber> lxc-init: failed to mount /dev/mqueue : Permission denied
<stgraber> stgraber@arkose-tmpTkI6d7:~/data/code/ubuntu-archive-tools$
<stgraber> at least lxc-init is kind enough to ignore the failure and continue so that didn't break arkose ;)
<hallyn> stgraber: yeah, it didn't used to ignore that :)  hold on, i'm checking whether that is definately namespace-safe
<hallyn> yeah, no reason not to imo
<hallyn> ('mount -t mqueue /dev/mqueue /mnt' after lxc-unshare -s IPC /bin/bash does not show the contents from the host's equivalent mount)
<stgraber> good, I'll upload the change as soon as the freeze is lifted then
<stgraber> hallyn: isn't bug 948447 fixed with the apparmor profile?
<uvirtbot> Launchpad bug 948447 in lxc "Starting an LXC changes the volume (sound!) of the host" [Medium,Confirmed] https://launchpad.net/bugs/948447
<hallyn> stgraber: no
<hallyn> stgraber: that's fixed with precise guests bc udevadm trigger doesn't run
<hallyn> stgraber: apparmor can't stop that
<hallyn> that's the one we coudl do if we coudl write a BPF filter to reject the uevent netlink msgs from container
<hallyn> heck, with seccomp2 now in our kernel, maybe we could do something with that.  if it wasn't too late
<stgraber> hallyn: ok, good, so we can probably mark it fixed for good next cycle then
<hallyn> hopefully.  i'm not 100% clear on how it'll work in practice
<uvirtbot> New bug: #968326 in lxc (universe) "lxc-execute tries to mount /dev/mqueue and is rejected by apparmor" [Medium,Fix committed] https://launchpad.net/bugs/968326
<hallyn> stgraber: is that the only bug you're getting from lxc-execute?
<stgraber> hallyn: yep
<gary_poster> hallyn, hey.  -b in current lxc-create sets up an fstab that has "$homedir $homedir none bind 0 0" instead of "$homedir /var/lib/lxc/$container/rootfs/$homedir none bind 0 0".  This doesn't seem to work.  I'm about to file a bug, unless you stop me along the way. :-)
<Daviey> roaksoax: Hey, are you planning that rabbit upload?
<Daviey> roaksoax: we are now in thaw btw
<hallyn> gary_poster: why does it not work?  that shoudl work
<hallyn> bug is good
<gary_poster> cool hallyn, will give details
<roaksoax> Daviey: already uploaded
<Daviey> roaksoax: awesome
<roaksoax> hggdh: I need free machines to work on the fence_cdu issue you were seeing
<hggdh> roaksoax: we are upgrading aldebaran to the jenkins precise backport right now. When we are done, you can test it there (as long as you do not destroy the system ;-))
<roaksoax> hggdh: hehe I just need a couple of machines to 1. see what's going on. 2. work on a fix
<roaksoax> hggdh: so, the cobbler server and 2 free machines not being used
<roaksoax> to try to reproduce what you are seeing
<hggdh> roaksoax: deal
<hggdh> roaksoax: it will be aldebaran as the cobbler server, and alkaid and phact as the cannon fodder
<roaksoax> hggdh: cool, just let me know when they are free
<roaksoax> i'll work on it this afternoon
<gary_poster> hallyn, a bot will announce it soon I'm sure, but I filed bug 968371.  Running to lunch.
<uvirtbot> Launchpad bug 968371 in lxc "lxc-create -b is broken" [Undecided,New] https://launchpad.net/bugs/968371
<hggdh> roaksoax: ack
<uvirtbot> New bug: #968371 in lxc (universe) "lxc-create -b is broken" [Undecided,New] https://launchpad.net/bugs/968371
<smoser> ha.
<smoser> this is pretty awesome
<smoser> http://www.erikyyy.de/invaders/
<smoser> download, extract, run:
<smoser>  kvm -kernel invaders
<koolhead17> Daviey, please let me know when you around, something important
<koolhead17> to talk
<koolhead17> help needed
<gary_poster> hallyn, we are trying to decide whether to manually fix a one-off instance of our machinery and run some tests, or wait for the fixes (ubuntu template and lxc-start-ephemeral, I'm guessing) to bug 968371.  (Note that we're also willing to help with that bug, but it sounded like you were working on it already.)  Is this something we can hope to have fixed by, say, tomorrow; or will it be later?
<uvirtbot> Launchpad bug 968371 in lxc "lxc-create -b is broken" [High,Confirmed] https://launchpad.net/bugs/968371
<hallyn> stgraber: ^ when is freeze to be lifted?
<stgraber> hallyn: it's
<stgraber> hallyn: I already uploaded lxc a few minutes ago with the lxc-execute fix
<hallyn> ok
<hallyn> gary_poster: i'd really like to finish digging into this libvirt bug, but i didn't realize you had a deadline.  I can pusha fix by tomorrow morning at leatest
<gary_poster> hallyn, thank you; like I said, I'm happy to help, and also, if you want to dig into libvirt and then do this, that's fine, but it will change our plans a bit.  No biggie.  Would Monday be a better goal for 968371?
<axisys> do I make change in logrotate.d/rsyslog or some other file to make sure mail.log in always 644 ?
<hallyn> gary_poster: no let's plan on tomorrow.  LIke I say i'ts just a matter of removing the leading '/' from the second field in fstab, so if you want to post a debdiff that'd be great;  but i'll do it.  (once i decide how best to do it in bash :)
<hallyn> gary_poster: really, I feel like I should re-write the lxc-start-ephemeral to be cleaner script (local vars, exit early if first part of pipline fails, etc).
<gary_poster> heh, cool, thanks hallyn.  And then we might need an ephemeral change too, right, for the lines that parse fstab?  re-write: yeah, that sounds nice.  If it fits in your schedule, and we still have some time to test and debug it before final freeze, sounds good
<hallyn> gary_poster: actually,
<hallyn> gary_poster: originall someone wanted lxc-start-ephemeral to work for non-root,
<hallyn> gary_poster, but some of the parsing being done now should make that fail.  Do you care?
<hallyn> (i.e. 'while read line do < fstab.orig > fstab' type of stuff)
<gary_poster> yeah, we talked about that
<hallyn> i hope you don't mean you and i
<hallyn> (just bc i have no recollection, and worry about my memory)
<gary_poster> (no sorry, talked about it on our team.) I suspect it was me caring.  I'm into it just working now. :-)  We (our team) actually talked about proposing to rip all of the support for non-root for simplicity
<gary_poster> We didn't do it, but would be fine with it now.
<hallyn> right, we should either fix it somehow, or do a check early on for id == 0 and fail cleanly if not
<gary_poster> +1
<gary_poster> hallyn, so having the fix in tomorrow is plenty early for us, and much appreciated.  Please ask us if you want us to work on it, and we'll be happy to, but by default we won't, and will leave it to you.
<gary_poster> Can also do testing if that would be helpful
<uvirtbot> New bug: #968411 in nova (main) "[Precise] nova is vulnerable to CVE-2012-1585" [Medium,Confirmed] https://launchpad.net/bugs/968411
<zul> adam_g: im looking to upload a newish keystone tomorrow
<adam_g> zul: with what?
<zul> adam_g: the one with the git clone stuff removed from the testusite
<adam_g> zul: please push to -proposed first, im going to be squashing some packaging bugs later today too
<adam_g> nova has a few, and id really like to get the quantum package installabel
<zul> adam_g: its already in there
<adam_g> k
<uvirtbot> New bug: #914164 in horizon (universe) "[MIR] horizon" [High,Incomplete] https://launchpad.net/bugs/914164
<melter> does anyone know if the 12.04 focus on new hardware applies to ubuntu server?
<dork> absolutely
<jamespage> SpamapS, m_3: any opinion on whether I should spend some time FFe'ing/merging nodejs 0.6.x from debian for precise?
<melter> dork: was that a reply to me?
<dork> melter: yes
<smoser> utlemming, need your help.
<m_3> jamespage: don't really know what depends on the new version
<jamespage> m_3: nothing in the archive
<m_3> jamespage: as a general rule, sure... but
<jamespage> but node seems to move along at a fair pace
<m_3> jamespage: yup, I'm for it if you have tim
<m_3> e
<jamespage> m_3: I'll push it all somewhere to see if it works
<jamespage> sure it will but...
<smoser> utlemming, when you see this, please look at https://code.launchpad.net/~smoser/cloud-init/precise-locale-warning
<smoser> it seems to function as designed, but then when i tried to get french error messages i failed.
<smoser> ie, i set LC_ALL=fr_FR.UTF-8, and ssh'd in.
<smoser> it gave me a friendly error message
<smoser> i ran sudo localegen.... set LANG and LANGUAGE to fr_FR but then when i do somethin glike: ls asdf
<smoser> the error message is english
<Daviey> wfm
<smoser> utlemming, i assigned bug 859814 to you.
<uvirtbot> Launchpad bug 859814 in cloud-init "Locale issues with beta-1/2 cloud-images" [Medium,In progress] https://launchpad.net/bugs/859814
<smoser> i'd suggest starting from my branch and making sure that when you foloow the given directions it works.
<adam_g> zul: were you able to successfully run all keystone tests lately?
<zul> not since friday
<zul> are they broken again?
<adam_g> oh i see
<adam_g> zul: the ksc test cases target (and git checkout) 3 different keystoneclient branches
<zul> lovely..
<adam_g> zul: we can just get rid of KcMasterTestCase + KcEssex3TestCase i think
<adam_g> ill look into after luch. bb in a few
<zul> adam_g: agreed
<utlemming> smoser: ack
<SpamapS> jamespage: what is our delta for node where we can't just sync it?
<smoser> i can' tseem to make it give me french error messages
<utlemming> smoser: do you have a paste of what your doing?
<smoser> utlemming, well, not really.
<smoser> :)
<smoser> but the goal is to just launch instance
<smoser> install new deb
<smoser> exit
<smoser> LC_ALL=some_other_lang ssh instance
<smoser> see message, follow instructions
<utlemming> so this is interesting
<smoser> exit
<smoser> LC_ALL=some_other_lang ssh instance
<smoser> ls asdf
<utlemming> if you have a proper locale generated and defined in the settings, then you get localized messages
<smoser> see failed message in some othe rlanguage
<utlemming> if, however, any of your locales defined in LANG=? or LC_*=?, are bad, then you get english
<smoser> i'm completley locale iillterate.
<utlemming> http://paste.ubuntu.com/906193/
<_ruben> what determines the resolution of the console nowadays? (or on O actually)
<_ruben> got two boxes, installed in the same way, but they ended up with different resolutions
<_ruben> one of 'em might've had a monitor attached and the other not, during install
<jamespage> SpamapS, mainly tests - we get some different test failures/timeouts
<SpamapS> jamespage: ugh
<jseutter> anyone here running maas from trunk?
<jacobw> maas?
<jacobw> assume that i want to learn juju, how could i do that?
<jseutter> jacobw: do you want to use juju, or write charms?
<jseutter> jacobw: if you want to simply use it, juju.ubuntu.com is pretty much the only spot for docs.
<jseutter> jacobw: the tutorial there is pretty good at explaining how things work.  The other place you can look for stuff is on youtube.
<smoser> utlemming, ok. you and i need to figure out how to do basic locale stuff
<utlemming> smoser: like?
<smoser> ie, i want to see an error message that i dont undretsand.
<smoser> how do you do that
 * utlemming works on it
<smoser> i was using 'ls' because i'm almost certain its "no such file or directory" is translated.
<utlemming> try apt
<utlemming> so it depends on the language. But I've exported "LC_ALL=fr_FR
<utlemming> and I get:
<utlemming> $ apt-get --fail-miserably-you-stupid-machine
<utlemming> E: L'option --fail-miserably-you-stupid-machine de la ligne de commande n'est pas reconnue
<utlemming> and the language pack is not installed.
<utlemming> After installing "language-pack-fr-base":
<utlemming> $ ls foo
<utlemming> ls: impossible d'accï¿½der ï¿½ foo: Aucun fichier ou dossier de ce type
<utlemming> smoser: ^
<utlemming> smoser: so the conclusion that we can draw here is 1) unless the appropriate language pack is installed, then errors messages are in english and 2) the default error language is english
<jetole> Hey guys. Don't know if this is the best spot to ask but does anyone know how I can add a user to sudo-ldap who can execute all commands except certain ones, for example if I wanted to set a rule that allowed a user to execute all commands except /usr/bin/perl and /usr/bin/python, does anyone know how I would do that?
<lifeless> man sudoers
<jetole> lifeless: you know sudo? Can you take a look at my questions and see if you have any suggestions related to my problem?
<SpamapS> jetole: if they can execute "all commands except perl" , they can execute /bin/bash .. or /usr/bin/top .. and run other commands
<SpamapS> jetole: consider defining the exact commands they can execute, and just let them do that
<jetole> SpamapS: actually I can set these rules on normal sudo so they can execute all commands except the ones I specify and I can make it so they cannot execute other command from the command called by sudo. On normal sudo I can say define a command alias SHELLS and have it contain all the shells on the system and then I say the user rule is """user ALL=ALL, !SHELLS""" (without the quotes) and then I use the option noexec which makes it so if I try ...
<jetole> ... to run anything from say top, or vim, etc that it will fail. Now I know how I can easily implement noexec with sudo-ldap but, it doesn't have aliases and there are some weird limitions with the order it processes rules so not sure how to do the first part
<SpamapS> jetole: heh.. sounds like complexity to me.. I'm like frankenstein with complexity.. COMPLEXITY BAD!!!
 * SpamapS goes on a rampage
<zul> SpamapS: braaains....braiiins
<EvilResistance> zul, stop being a zombie, or i'll have to get my zombie-buster out
<mcloy>  wget -r is not showing sometimes layout and  the links are always not working
<SpamapS> EvilResistance: do you call it 'Waitpid The Destroyer'? ;)
<jetole> SpamapS: yeah it's actually pretty easy and basic sudo stuff typically but something is different in sudo-ldap and while I can't put my finger on it, someone will come by and say "oh you just do it like this"
<jetole> ...and I will scream "why didn't I think of that?"
<jetole> on that not I'm going home for the day. Later
<Aethor> hi all :) any network guru available for help/advice?
<SpamapS> Aethor: best to just ask your question, and if somebody is around who can answer, they will
<Aethor> ok - ubuntu 11.10, trying to bond 2 NICs, and at the end of my wits - /etc/network/interfaces looks ok and yet it doesn't work
<Aethor> on network restart, I get a "RTNETLINK answers: File exist" error
<Aethor> and then "Failed to bring up bond0"
<Juv1228> hello, im trying to configure a server here. it has a single IP and needs to run several lxc containers
<Juv1228> so it needs to use a nat and internal bridge correct?
<SpamapS> Juv1228: lxc containers can use nat, or bridged networking
<Juv1228> SpamapS, but with a bridged networking they each have to have their own public ip right?
<SpamapS> Juv1228: right, so you probably want NAT
<Juv1228> to avoid that i am trying to setup a nat and use shorewall to firewall/forward things
<Juv1228> the problem is none of my containers can reach the outside world
<uvirtbot> New bug: #968722 in rabbitmq-server (main) "/usr/sbin missing some wrappers for plugins/env" [Undecided,New] https://launchpad.net/bugs/968722
<taipres> That bug report is confusing
<taipres> oh missing files, nevermind
#ubuntu-server 2012-03-30
<moparisthebest> I'm using Lucid and need a package which shows up on packages.ubuntu.com, but won't install, does it work for anyone else? http://paste.ubuntu.com/906458/
<uvirtbot> New bug: #968743 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/968743
<uvirtbot> New bug: #968753 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968753
<joosengee> someone use samba domain
<joosengee> or not?
<joosengee> I have some question?
<joosengee> anyone help me, please.
<Jeeves_> Hmm
<Jeeves_> A new libreoffice in an LTS is possible during beta
<Jeeves_> but a new apache2 isn't
<henkjan> no apache 2.4 in precise?
<Jeeves_> No
<Jeeves_> At least, not currently
<Jeeves_> https://bugs.launchpad.net/ubuntu/+bug/939300
<uvirtbot> Launchpad bug 939300 in ubuntu "precise 12.04: consider adding Apache 2.4 ?" [Wishlist,Confirmed]
<henkjan> *click  "yes this affects me"
<micahg> no, apache 2.4 will probably be a backport though
<twb> Oops, my LDAP server's cert expired... no logins for nearly half an hour
<jamespage> morning all
<mgw> good morning
<uvirtbot> New bug: #968983 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968983
<PedroGomes> I, does anyone here can give me a functional PXE file for Ubuntu 12.04?
<PedroGomes> *Hi
<Daviey> Here is a function pxelinux file, http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/pxelinux.0
<Daviey> functional*
<PedroGomes> Daviey: not quite what I need, but maybe it can help. This is the PXEfile that goes in the tftpboot folder, what I need was a boot configuration file that is deployed for each machine
<PedroGomes> but I will try and change this one
<PedroGomes> maybe it will do the trick
<PedroGomes> Daviey: no luckâ¦
<PedroGomes> why does 11.10 install without problems and 12.04 has ram disk problemsâ¦.
<xranby> jamespage: morning
<jamespage> xranby, good morning! how are you?
<xranby> jamespage: im fine thanks, i have beem focusing on GUI backend perfomance
<xranby> mostly since i do not have any crash report to investigate :)
<xranby> jamespage: please tell if you observe any instability issue
<xranby> during your testing rounds
<jamespage> xranby, sure will :-)
<jamespage> things have been pretty stable TBH
<xranby> nice, thats what i want to hear
<dcramer> why would the default setup of 10.04 LTS postfix not use aliases
<dcramer> I send mail to root and it sends it out
<_ruben> it does use it, but i recall a "bug" where the postinst doesn't populate /etc/aliases even tho it makes you think it does
<_ruben> and after modifying /etc/aliases, make sure you run newaliases
<dcramer> _ruben: no it's because mail -s test root doesn't sent to root@localhost
<dcramer> it sends it to root@hostname
<dcramer> for some strange reason
<_ruben> a default config should accept mail for @hostname as well
<_ruben> what does 'postconf myorigin myhostname' show?
<dcramer>  /etc/mailname
<dcramer> which is my domain name
<_ruben> and postconf mydestination?
<dcramer> mydestination = beaver1.postgresintl.com, localhost.postgresintl.com,localhost
<dcramer> postgresintl.com
<dcramer> is the domain name
<_ruben> and beaver1 is the hostname i assume?
<dcramer> yes
<_ruben> beaver1 oughta be in mydestination as well
<dcramer> I have other setups where this is not the case
<dcramer> nm I'll try that
<dcramer> actually postgresintl.com needs to be in mydestination
<zul> good morning
<stgraber> hallyn: ping
<stgraber> hallyn: could it be that we forgot to allow lxc-start to call change_profile? setting lxc.aa_profile prevents the container from starting here
<stgraber> hallyn: ah, no, my bad
<stgraber> hallyn: I should have read the main profile and see that it needs to be prefixed by lxc- :)
<stgraber> hallyn: hmm, so I added a profile lxc-upgrader01 in /etc/apparmor.d/lxc/ and called it lxc-container-upgrader01 in the profile
<stgraber> hallyn: but now /etc/init.d/apparmor reload fails ...
<stgraber> hallyn: bug 969228
<uvirtbot> Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [Undecided,New] https://launchpad.net/bugs/969228
<hallyn> stgraber: d'oh, again i didn't see the notification here.  but i saw the email :)
<stgraber> hallyn: hehe :)
<stgraber> hallyn: I also reproduced the weird dpkg diverts and locales being blocked by apparmor. I'm upgrading the machine to linux-image-3.2.0-21-generic before reporting that one
<stgraber> hallyn: bug 969228 is either and LXC or an apparmor parser bug, so shouldn't depend on the kernel version
<uvirtbot> Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228
<hallyn> stgraber: yes, could you try removing the #include from the top of your new file?
<stgraber> hallyn: no change...
<hallyn> drat
<hallyn> note i *did* test this...  how odd
<hallyn> reproduced now though
<hallyn> stgraber: oh i didn't go far enough in my request
<hallyn> stgraber: if you pull the #include from both container profiles and put it at top of /etc/apparmor.d/lxc-containers, it works
<hallyn> jjohansen: is there a way to say '#ifndef tunables #include <tunables/home> #endif' in a apparmor profile?
<hallyn> jjohansen: i want users to be able to just 'apparmor_parser /etc/apparmor.d/lxc/lxc-new' rather than /etc/init.d/apparmor reload', is the only reason
<hallyn> (maybe that's not worthwhile)
<sbeattie> hallyn: #ifdef> not... really, but I haven't looked at the bug report yet.
<hallyn> (drat, this coudl require a server guide update)
<jamespage> hallyn, is there anything I can do to help diagnose/fix the 'failed to fstat previous diversions file' issue we see with postgresql under lxc?
<jamespage> I just hit the same issue in another charm
<hallyn> jamespage: turn off apparmor and see if it's still broken
<hallyn> if not, mark it as affecting linux and critical priority, owned by jjohansen
<jamespage> hallyn, OK - testing now
<stgraber> hallyn: sorry, was working on something else, looking now
<stgraber> hallyn: worked
<hallyn> stgraber: ok, i guess i'll move the #include, and ask for server guide update.  users will need to reload all container profiles at once.
<stgraber> hallyn: btw: [ 1022.059598] type=1400 audit(1333118643.042:36): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=23460 profile="lxc-container-upgrader01" name="/var/lib/ureadahead/debugfs/" pid=23666 comm="ureadahead" fstype="debugfs" srcname="none" flags="rw"
<stgraber> hallyn: I guess we should silent that one
<hallyn> we do that with just an explicit deny right?
<stgraber> hallyn: yep
<hallyn> (sorry doing a bunch of bugs at a time)
<sbeattie> hallyn|stgraber: can you post the problematic version of the /etc/apparmor.d/ tree to bug 969228
<uvirtbot> Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228
<hggdh> roaksoax: aldebaran (the cobbler server), alkaid and phact are available now
<hggdh> roaksoax: sorry for the delay, but I only ended the upgrade around 0100 UTC today
<stgraber> sbeattie: there you go
<sbeattie> stgraber: thanks, peeking.
<jamespage> hallyn, if I turn off apparmor I can't start any containers
<jamespage> hallyn, http://paste.ubuntu.com/907334/
<roaksoax> hggdh: no worries
<stgraber> hallyn: hmm, the divert and locale apparmor bugs are still there with -21 ... I guess I'll have to file a bug this time as it's preventing the daily upgrade testing from working
<jeh> anyone here happen to be using the mlx4_en ethernet driver on precise?
<hallyn> stgraber: that's what jamespage is looking at
<hallyn> stgraber: yes, if jamespage hasn't filed it yet, pls mark it critical
<jamespage> hallyn, stgraber: I've not filed a bug yet
<hallyn> jamespage: sorry, please at 'lxc.aa_policy = unconfined' to the container's config (/var/lib/lxc/container/config)
<jamespage> hallyn, ack
<hallyn> jamespage: it's explained in the server guide, but that's notreally online yet iiuc :)
<stgraber> jamespage: I did :)
<stgraber> sbeattie, hallyn, jamespage: bug 969299
<uvirtbot> Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299
<jamespage> stgraber, hallyn: oddly if I put lxc-container-default into complain mode I don't get the issue - but neither does aa complain
<stgraber> hallyn: targeted to final and marked critical
<stgraber> jamespage: yay for debugging fixing the bugs ;)
<hallyn> jamespage: might be worht commenting that int he bug
<jamespage> hallyn, lemme double check that
<hallyn> jjohansen: ^ bug 969229
<uvirtbot> Launchpad bug 969229 in txamqp "Impossible to reopen closed channel" [Undecided,New] https://launchpad.net/bugs/969229
<hallyn> no that's not the one :)
<hallyn> jjohansen: would you believe bug 969299
<uvirtbot> Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299
<stgraber> hallyn: lxc-start: unknow key lxc.aa_policy
<hallyn> wth
<stgraber> (I think we also want s/unknow/unknown/g btw ;))
<hallyn> d'oh
<hallyn> aa_policy
<hallyn> lxc.aa_profile
<hallyn> stgraber: that's not *my* typo :)
<stgraber> root@athos:/data/internal/containers# lxc-start -n upgrader01
<stgraber> lxc-start: Permission denied - failed to change apparmor profile to unconfined
<hallyn> stgraber: you haven't disabled apparmor
<hallyn> usr.bin.lxc-start isn't allowed to transition to unconfined
<stgraber> hallyn: why would I do that? I just want it off for one container ;)
<smb> zul, Just read your answer to that xen feature mail. Just to make sure I am not doing something wrong because I am using still the xend based api between libvirt and xen host in precise.
<hallyn> stgraber: you think the default lxc-start profile should allow that?
<zul> smb: no you arent i think they are refering to the XCP stuff that citrix was doing this cylce in debian/ubuntu
<stgraber> hallyn: I think we should allow for a container to set "lxc.aa_profile = unconfined" without turning apparmor off for all containers, yes
<smb> zul, Yes, well generally the xcp stuff, right. Reading about the blueprint gave a bit the impression this is what is used in Precise
<zul> smb:  right i dont think anyone on the platform team has used the xcp stuff really
<hallyn> stgraber: ok so there's that, the #include fix, and what was the other thing is houdl add right now?
<hallyn> (and by right now i mean, "sometime soon")_
<hallyn> maybe that was it
<stgraber> hallyn: "#include fix", "deny for debugfs in /var/lib/ureadahead/debugfs/", "allow switch to unconfined in usr.bin.lxc-start"
<hallyn> ah right debugfs, thanks
<hallyn> mabe the ubuntu template should add a commented '# lxc.aa_profile = unconfined'
<hallyn> stgraber: really we want debugfs anywhere to be silenetly denied, right?
<brontosaurusrex> finnaly updated my old intranet server from 9.10 to 10.04 and noticing some magic: mp4/h.264 videos can be seeked without preloading in html5 mode on chrome..., is it a chrome magic or a combo of smarter apache and chrome, or some other mistery?
<stgraber> hallyn: hmm, indeed, "deny mount fstype=debugs," should be fine
<stgraber> hallyn: also +1 on adding some lxc.aa_profile line to the template, either "lxc.aa_profile = lxc-container-default" or a commented "# lxc.aa_profile = unconfined"
<stgraber> hallyn: as long as there's a way for people to easily figure it out, that's fine
<jamespage> hallyn, stgraber: not sure whether its related but I'm getting some excellent kernel message cruft - http://paste.ubuntu.com/907382/
<stgraber> jamespage: I've always blamed the lack of logging namespace for that one ;) not sure if that's the real cause though
<jamespage> stgraber, it does not appear to impact function as far as i can tell
<stgraber> jamespage: I'm testing aa-complain now ;) sounds like an interesting workaround
<Daviey> jamespage, adam_g, zul: What is the story of precise-openstack-essex-swift-trunk failing?
<zul> Daviey:  the story is that swift needs openstack-nose-plugins to build the testsuite and its 95% done on my todo list
<zul> Daviey:  its packaged just not in the archive
<hallyn> stgraber: jamespage: actually we still have attach_disconnected in the policy, that *might* be causing problems.  not sure
<hallyn> biab
<Daviey> zul: ok, thanks
<stgraber> hallyn: good point, I'll test that before trying jamespage's trick
<autif> is apt-proxy now called apt-cacher?
<patdk-wk> no
<patdk-wk> different project
<patdk-wk> apt-cacher is slow
<patdk-wk> apt-cacher-ng is faster by many times
<autif> apt-cache search apt-proxy did not return apt-proxy - it returned apt-cacher and apt-cacher-ng
<autif> I was looking to caching packages because I want to install and update many machines and want to save bandwidth
<autif> came accross https://help.ubuntu.com/community/AptProxy
<patdk-wk> find apt-proxy for me :)
<autif> should I be using apt-cacher-ng?
<patdk-wk> or, it works for me, to locate apt-proxy
<autif> ubuntu-server 11.10
<patdk-wk> 10.04 here
<autif> hmmn - that may do it
<patdk-wk> apt-proxy downloads the all .deb's for a version if I remember right
<patdk-wk> using gigs of space
<patdk-wk> where apt-cacher-ng only downloads the .deb's you use, like a http proxy
<autif> yup - that should be find - I have a 2TB disk :-)
<autif> ah, I see the difference
<patdk-wk> last time I used apt-proxy I think it was using 600gigs of space for me
<autif> will try out apt-cacher-ng
<patdk-wk> just all the updates for things I didn't use, kept using up all my bandwidth
<autif> thanks patdk-wk
<patdk-wk> heh, my apt-cacher-ng is using 1.9gigs of space
<Ng> I think everyone should stop saying the names of software that ends in -ng
<Pici> heh
 * patdk-wk renames amavisd-new to amavisd-ng
<Ng> -1
<Daviey> zul: bug 965551 ?
<uvirtbot> Launchpad bug 965551 in quantum "quantum-server 2012.1~rc1-0ubuntu2 fails to install" [Undecided,New] https://launchpad.net/bugs/965551
<patdk-wk> ng, not bad, only 15 packages in lucid have -ng
<zul> Daviey: i think adam_g said he was going to work on that one
<Daviey> zul-ng, What is the status of that bug?
<Daviey> ok, great
<zul> heh zul-ng
<patdk-wk> that one is overrated!
<Ng> Daviey: you stop that!
 * Daviey wonders how hard an irrsi pluggin would be to add -ng to any verb. :)
<Daviey> err noun
<Ng> I hope it would be very very difficult
<Daviey> zul / adam_g: Are you uploading new snapshots today?
<zul> Daviey: no im going to wait for rc2
<Daviey> zul: no date set, or confirmed there will be an rc2, is there?
<zul> Daviey: lemme check my sources
<hallyn> stgraber: uh, what is jamespages' trick?
<zul> Daviey: if they get their stuff together it will be today otherwise monday
<stgraber> hallyn: aa-complain ;)
<hallyn> ah ok
<Daviey> zul: feel free to tell your sources that i haven't seen that discussed anywhere, or on the release schedule.
<Daviey> Or just tell ttx.
<stgraber> hallyn: dropping the attach_disconnected seems to have worked here
<stgraber> jamespage: can you try doing that too? ^
<hallyn> stgraber: interesting.
<jamespage> stgraber, OK - I'll try - where do I set that?
<hallyn> it does make some sense
<hallyn> remove it from the top of /etc/apparmor.d/{usr.bin.lxc-start,lxc/lxc-default}
<hallyn> probably just remove the whole flags=(.*)
<azertyu> hello there
<azertyu> is tehre any specialist bladecenter ?
<azertyu> anyone there ?
<patdk-wk> what is a, specialist bladecenter?
<patdk-wk> I would assume all bladecenters to be special
<azertyu> sure
<azertyu> well i got a small on my bladecenter
<azertyu> Chassis Cooling Devices
<azertyu> 1
<azertyu> 	
<azertyu> Chassis Cooling Device status OK
<azertyu> 	  78%
<azertyu> 2
<azertyu> 	
<azertyu> Chassis Cooling Device status OK
<azertyu> 	  79%
<azertyu> what can be ?
<ironm> hello. Is there an approved possibility to create own ubuntu server images with some third party packages (for off-line installations? I have played a bit with debian live-builder 3.0a-45-1 but was not successful. Thank you in advance for any hints.
<xT_Bash> hey ppl
<xT_Bash> any1 willing to help me with a 10.04 LTS install?
<xT_Bash> wanna install the kde but yet dont have any clue how
<arthurjohnson> Why would you want to install KDE on a server install?
<xT_Bash> any other desktop u suggest?^^
<xT_Bash> or does the question target the desktop thing itself?
<arthurjohnson> None.  At least thats my opinion.
<xT_Bash> well
<arthurjohnson> I would never put a desktop on a server.  Wastes resources.
<arthurjohnson> But if you must, go with something a little lighter, like xubuntu
<xT_Bash> im not that fit with with console yet
<xT_Bash> still too miseducated by microsoft stuff :P
<arthurjohnson> Desktops aren't going to make configuring and maintaining a server any easier.
<xT_Bash> mkay
<arthurjohnson> But if you must, go for something a bit lighter, like xubuntu.
<xT_Bash> combined with the ressource facts its quite a reason to leave it awys
<xT_Bash> away*
<ironm> !xubuntu
<ubottu> Xubuntu is Ubuntu with Xfce instead of !GNOME. More info at http://www.xubuntu.org and http://wiki.ubuntu.com/Xubuntu/ - To install from Ubuntu: Â« sudo apt-get install xubuntu-desktop Â» - Join #xubuntu for support - See also: !Ubuntu and !Xubuntu-Channels
<xT_Bash> so.. could u gimme a source with tutorial how to start up with ub-server?
<ironm> !ubuntu-live
<arthurjohnson> xT_Bash: have you installed your ubuntu server yet?
<xT_Bash> yep
<JanC> xT_Bash: even most serious Windows servers are administered remotely using AD (or other ways) anyway, so why do they need a GUI? ;)
<xT_Bash> i already said i wont install a KDE/GNome etc
<xT_Bash> actually just sitting in front of the commandline and dunno how to get the thing running
<xT_Bash> well
<xT_Bash> anyways thx for your advice so far
<xT_Bash> am a bit busy and g2g
<JanC> generally, services just run
<xT_Bash> TTYL
<xT_Bash> bb
<hallyn> roaksoax: hi, would you mind pushing lp:~kroq-gar78/ubuntu/precise/rsyslog/fix-846818 ?  I don't have the upload rights.  IT's a trivial, correct, typo fix.
<roaksoax> hallyn: howdy! sure!
<hallyn> roaksoax: thanks!
<roaksoax> hallyn: done!
<hallyn> thanks again :)
<zul> adam_g: hey are you workin on quantum?
<stgraber> hallyn: I have a weird bug for you ;)
<stgraber> hallyn: running: ubuntu-vm-builder kvm oneiric --kernel-flavour generic --ssh-key /data/auto-upgrade-tester/ssh-key.pub --components main,restricted --rootsize 15G --addpkg openssh-server --destdir /tmp/stgraber --arch i386
<stgraber> hallyn: outside a container works fine
<stgraber> hallyn: in a container, fails with: http://paste.ubuntu.com/907564/
<stgraber> hallyn: wrong pastebin, http://paste.ubuntu.com/907541/
<adam_g> zul: havent yet
<adam_g> zul: would like to, tho
<stgraber> hallyn: so we get that weird "mkdir: cannot create directory `/dev/shm': File exists"
<adam_g> or, would like it to be fixed, if you wanna take it :)
<zul> adam_g: ill get it fixed today
<stgraber> hallyn: but only when running ubuntu-vm-builder in a container ... apparmor doesn't tell me it rejected anything
<hallyn> stgraber: well the mkdir *should* fail if it exists...
<hallyn> whey doesn't it onthe host?
<stgraber> hallyn: it's ubuntu-vm-builder so that error appears during a deboostrap in a chroot...
<stgraber> hallyn: and the mkdir call in sysvinit is guarded by a [ -d /dev/shm ] || mkdir /dev/shm
<stgraber> hallyn: looks like bug 891045
<uvirtbot> Launchpad bug 891045 in sysvinit "initscripts: upgrade fails in chroot" [High,Confirmed] https://launchpad.net/bugs/891045
<hallyn> that sucks
<stgraber> yeah :)
<stgraber> I'm trying to figure out exactly what's different between the host and the container...
<hallyn> stgraber: test -d /dev/shm in container
<hallyn> 127
<hallyn> umount /run/shm
<hallyn> test -d /dev/shm -> 0
<mgw> heyâ¦ what would cause ssh to stall for 4 seconds on login
<mgw> $ ssh localhost ls
<mgw> takes 4 seconds
<stgraber> hallyn: interesting, though test -d /dev/shm = 0 in my container
<stgraber> hallyn: but that may explain what's going on in ubuntu-vm-builder
<stgraber> hallyn: my apparmor profile allows any mount in /tmp at the moment, I may try to restrict that to proc and sysfs which are the two I identified in vmbuilder as must-have
<benji> mgw: does logging in locally take that long?
<zul> adam_g: ok fixed
<JJarvis> Hi, would someone please be able to help me in installing a wireless driver?
<mgw> benji, it didâ¦ found the problem (ldap)â¦ thanks!
<benji> mgw: cool
<JJarvis> I know Ubuntu-Server isn't supposed to run on anything other than LAN, but there is a reason.
<zul> adam_g: problem was that i suck ;)
<JJarvis> How would I activate a Broadcom STA driver (restricted) in the console?
<hallyn> t doesn't always fail
<hallyn> stgraber: it doesn't always fail
<stgraber> JJarvis: jockey-text?
<stgraber> hallyn: fun, so we have a race that mounts another tmpfs on top of /run/shm but only some of the time? :)
<hallyn> stgraber: uh, i dont' think so,
<hallyn> stgraber: the fs is always mounted, but someimtes test -d /dev/shm returns 0
<stgraber> hmm
<JJarvis> @stgraber Will try that now. Thanks.
<JJarvis> exit
<hallyn> stgraber: do you know if '[ -d /dev/shm ] || mkdir /dev/shm calls out to /usr/bin/test or something else?
<hallyn> cause /usr/bin/test's -d code looks pretty unassailable
<stgraber> hallyn: it's called with /bin/sh (dash) so I think it's using dash's builtin test
<hallyn> d'oh
<hallyn> feh, this could be a libc bug..
<hallyn> i assume the stat must occasionally fail...
<hallyn> jamespage: have you confirmed that remove attach_disconnected works for you?
<hallyn> jjohansen: can you confirm that it should be safe to remove attach_disconnected from lxc profile?
<smoser> utlemming, SpamapS http://paste.ubuntu.com/907621/
<smoser> look for Setting up postgresql-9.1 (9.1.3-2)
<adam_g> zul: can we disable that console monitor thing till its been merged upstream, or has gone through sufficient testing?
<zul> adam_g: sure go ahead
<stgraber> hallyn: you can also remove the FIXME for that "deny umount" line, it's fixed with -21
<hallyn> where is that?
<adam_g> zul: can you checkin those *.logrotate files to the nova branch?
<zul> adam_g: yeah hold on
<zul> adam_g: they should already be there
<hallyn> biab
<adam_g> zul: doh
<adam_g> zul: my bad
<adam_g> zul: though it looks like nova-network provides dhcpbridge, not nova-common. ill update
<zul> adam_g: ack
<jjohansen> hallyn: it is not.
<jjohansen> hallyn: those fixes/changes just aren't ready for this cycle
<jjohansen> hallyn: so for 12.04 attach_disconnected is the required work around.  I really, really wish it wasn't that way, but ...
<Blah1> hey all.  anyone familiar w/ preseed ?  I remastered oneiric mini.iso, stuck a preseed.cfg file in it.   fired up a vm w/ that iso yet ubuntu installer doesn't appear to pickup the preseed.
<Blah1> and the only way i can tell that is because it stops to ask me the ubuntu mirror question, when i've specified it in the preseed file.
<hallyn> jjohansen: ok, i asked because of bug 969228
<uvirtbot> Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Confirmed] https://launchpad.net/bugs/969228
<jjohansen> hallyn: hrmm, okay, yet another stupid bug in the compiler that needs to be fixed.
<hallyn> jjohansen: hooray if it's obvious to you how to fix :)
<stgraber> hehe, looks like LXC is pretty useful at finding apparmor bugs ;)
<jjohansen> hallyn: I don't know about obvious, but I know its at least part of its in the compiler
<hallyn> stgraber: drat
<stgraber> hallyn: I "think" I got ubuntu-vm-builder working here ;)
<hallyn> did you change anything?
<stgraber> hallyn: that thing does "mount --bind /dev/ /tmp/<something>/dev" which means it also gets /dev/shm in the process which is a dangling symlink
<stgraber> hallyn: instead I added a new upstart script to that container that does "rm /dev/shm && mkdir /dev/shm && mount --bind /run/shm /dev/shm"
<stgraber> hallyn: so now ubuntu-vm-builder gets an empty dir instead of dangling symlink and seems happy
<stgraber> hallyn: then it failed running kpartx as I forgot to enable loop devices ;)
<hallyn> what does 'mount --bind /dev /tmp/<something>/dev" ?
<stgraber> hallyn: ubuntu-vm-builder
<hallyn> oh
<stgraber> which is fine if the VM knows that /dev/shm can be a symlinkto /run/shm which in some cases doesn't exist yet
<hallyn> now originall /dev/shm was a symlink to, not bind mount of, /runs/hm right?
<stgraber> but apparently something in oneiric doesn't ;) (I'm building an oneiric VM in a precise container)
<hallyn> so how would you fix the reported bug/
<stgraber> yeah and that's fine in 99% of the cases, except when something stupidly bind-mounts /dev to a chroot of another vresion of Ubuntu ...
<stgraber> in my specific case, I think the fix should be in ubuntu-vm-builder, I don't see any reason to bind-mount /dev to start with
<stgraber> debootstrap gives you a minimal /dev that should work just fine
<stgraber> and that won't have a dangling symlink as your /dev/shm
<jamespage> ;q!
<jamespage> hallyn, looking now
<hallyn> jamespage: no need!
<hallyn> jjohansen says that's wrong
<jamespage> hallyn, standing down....
<hallyn> :)
<stgraber> jjohansen, hallyn: reading scrollback, that bug isn't linked to the attach_disconnected
<stgraber> jjohansen, hallyn: the problem with attach_disconnected is localedef and dpkg-divert failing
<stgraber> jjohansen, hallyn: bug 969299
<uvirtbot> Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Critical,Confirmed] https://launchpad.net/bugs/969299
<hallyn> oh no did i mis-paste?
<hallyn> but in any case, jjohansen says removing attach_disconnected is not yet safe
<hallyn> jamespage: the debdiff attached to bug 968912 (not by me) works for me, and adds a patch identical to what is already upstream.  Do you mind sponsoring it?
<uvirtbot> Launchpad bug 968912 in psensor "Wrong type of sensors displayed in preferences" [Undecided,Confirmed] https://launchpad.net/bugs/968912
<stgraber> right, then ^ needs urgent fixing (as in, we need that for the release)... that upgrade testing container just won't work with it, so I'm currently running it without
<hallyn> stgraber: you marked it critical right?  jjohansen is on it iiuc
<hallyn> all right i'll go ahead and test and push the rest of the changes we've discussed then
<stgraber> hallyn: yeah, critical + targeted, should be on the right buglists with that
<hallyn> worst case i guess we pull the apparmor profiles for now
<stgraber> I don't think it's so bad we should pull the apparmor profile
<stgraber> as pulling the profile introduces its own problems ;)
<stgraber> at least with lxc.aa_profile I can workaround it for that specific container and keep the standard profile for the others
<hallyn> stgraber: would you say that non-ubuntu containers should still start in lxc-container-default, or in unconfined?
<hallyn> i'd prefer lxc-container-default of course, but i don't know if they need special mounting abilities offhand...
<hallyn> eh i'll leave it as is for now
<stgraber> hallyn: I'd prefer lxc-container-default, we'll deal with the bugs if anyone files one
<amarcolino> quick question , is ubuntu 12.4 stable enough to be used as a development apache server?
<hallyn> amarcolino: I suspect the official stance is "don't do that"
<hallyn> !release
<ubottu> Ubuntu releases a new version every 6 months. Each version is supported for 18 months to 5 years. More info at https://wiki.ubuntu.com/Releases & http://wiki.ubuntu.com/TimeBasedReleases
<hallyn> hm, was hopin gfor more :)
<hallyn> amarcolino: that said, i'm running it everywhere...  except my mail server where i run lucid
<amarcolino> thanks for the info and it has been stable for you till now?
<hallyn> amarcolino: not always.  you'd like to think we're close to release and no major library upgrade will mess us up now, but you never can tell...
<jjohansen> stgraber: I updated Bug#969299 with my initial guess, I will check as soon as my vm is finished updating
<hallyn> stgraber: have you noticed that lxc no longer builds on precise?  http://paste.ubuntu.com/907772/
<stgraber> hallyn: it built fine yesterday
 * stgraber tries locally
<hallyn> hmmm.
<stgraber> local build failed somewhere in the doc (usually does when not in sbuild) but lxc itself built
<hallyn> stgraber: "debian/rules build" fails.  is your schroot 100% uptodate?
<stgraber> hallyn: I'm building in arkose directly on my laptop that was updated 10min ago, so yeah should be up to date
<amarcolino> hallyn, will take note of that, I aint planning to do much at the moment other than use it for site development, it should be stable enough for that...
<hallyn> i'm just wondering whether to worry about the failure, or be happy it builds in buildds
<stgraber> hallyn: http://paste.ubuntu.com/907790/
<hallyn> what cmd did you use?
<stgraber> hallyn: ./configure --disable-doc && make
<stgraber> hallyn: I'll try building the full package now
<stgraber> hmm, actually looks like I'm not completely up to date ... upgrading again first then
 * stgraber wonders what machine he updated 10min ago ;)
<hallyn> stgraber: jinkeys, it doesn't happen when i remove automake and autoconf!
<stgraber> hallyn: always blame the automagic :)
<hallyn> stgraber: well i'd noticed it when working on 0.8.0, so i knew we'd have to deal with it at some point...
<hallyn> jjohansen: adding change_profile -> unconfined,  isn't allowing me to transition to unconfined?
<jjohansen> hallyn: urgh, f$#@!!!!!!
<hallyn> well it's possible i'm doing something wrong!
<hallyn>  have two rules,
<hallyn> transition -> lxc-*,
<hallyn> transition -> unconfined,
<jjohansen> hallyn: unlikely, unconfined is a special path, as soon as you said it, it hit me that I didn't try it
<hallyn> ok
<stgraber> :)
<jjohansen> hallyn: I will get a patch out today
<stgraber> jjohansen: did you consider using lxc as your official test suite? seems like we have pretty good code coverage there ;)
<hallyn> stgraber: when i use 'deny mount fstype=debugfs,' before the allow rule for /sys/kernel/debug, container does not start
<hallyn> (or after)
<jjohansen> stgraber: I don't think I am ready for that yet :)
<hallyn> jjohansen: thanks
<jjohansen> stgraber: actually lxc will be, being rolled into the testing more
<stgraber> hallyn: oh right, I'm guessing it's "normal" in apparmor world... "deny mount fstype=debugs" denies all debugfs including the one we explicitly allowed for /sys/kernel/debug
 * jjohansen shakes head at the bugs this cycle
<stgraber> jjohansen: ^ is that right? "deny mount fstype=debugfs," blocking our "mount fstype=debugfs -> //sys/kernel/debug/,"
<hallyn> jjohansen: but look at how cool it'll be when done :)
<jjohansen> stgraber: erm yeah deny, will actually subtract permissions from allow rules.  Its an absolute this is denied
<stgraber> ok, that's what I thought
<hallyn> so do i just wnat 'dontaudit' ?
<jjohansen> hallyn: yeah, one of these days ...
<jjohansen> hallyn: dontaudit?
<stgraber> hallyn: just go with "deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/", then
<hallyn> yeah i guess so. technically that's the only one we're sure we're ok being quiet about anyway!
<stgraber> hallyn: so we only silently deny this one and will update if we discover any other one we didn't know about :)
<hallyn> and that actually works :)  will do
<Jeeves_> Hi all
<Jeeves_> Can I ask for some non-ubuntu-related advice on disks and smartctl?
<hallyn> stgraber: i'm getting ready to push http://people.canonical.com/~serge/lxc.debdiff
<stgraber> looking
<stgraber> hallyn: lxc-0.7.5/debian/lxc-default.apparmor: can you drop the FIXME in there too? it's no longer relevant with the new kernel
<stgraber> hallyn: (FIXME above the deny for remount,ro of /)
<hallyn> the 'Doesn't match yet' ?
<stgraber> yep
<stgraber> rest looks good, thanks
<hallyn> thanks, pushing
<mcloy> well i have a domain . and i host it on  my box. i need an email@mydomain.com ..............
<mcloy>  i want to setup email accounts for my domains. i have a linux server avaialabe for hosting. how can i setup the emails ?
<qman__> mcloy, this is covered in the server guide under postfix: https://help.ubuntu.com/10.04/serverguide/C/postfix.html
<qman__> and a more advanced, complete setup here: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<mcloy> isnt this what i need https://help.ubuntu.com/community/MailServer    ?
<psyferre_> Hey folks,  I've got a machine running Ubuntu 10.10 server.  Given that the support EOL is "April 2012", does that mean I have two days before do-release-upgrade will cease to work?
<Myrtti> no, it means you've got until the last thursday of April or so
<SpamapS> uh
<SpamapS> do-release-upgrade will work as long as natty is available
<SpamapS> psyferre_: you have until the last thursday of April to keep getting support and security updates...
<SpamapS> psyferre_: do-release-upgrade will work at *least* 6 more months.
<SpamapS> I'd expect that one could coax it to work even after natty goes EOL too.
<SpamapS> but I don't know for sure if that works
<psyferre_> Awesome.  Thanks!  I knew it would eventually stop working, but I wasn't sure when and couldn't seem to hit the right google search string to find out for sure.
#ubuntu-server 2012-03-31
<delinquentme> if i give someone a public SSH key
<delinquentme> what does this allow?
<delinquentme> that allows me to ssh into their system .. but not vice versa correct?
<b1g1r0n> delinquentme: correct
<Zanzacar> i have ubuntu-server installed and i wanted some audio output for pianobar. I tried to install pulse audio but it is asking for X11 libraries when run with pulseaudio -D
<Zanzacar> is there a better way to get audio?
<acidflash> flush-252 is always going into D state, and blocking for more than 120 seconds, which is SUPER annoying
<acidflash> what can I do to solve, already googled for 6 days
<raydog45000> Hello, I just set up a server and am trying to add users, I use sudo useradd -m -k /home/john john, then set a password, when I login to it it doesn't say the name@servername it just shows $
<raydog45000> does anyone have an idea?
<twb> So it turns out that if you set a slapd ppolicy to warn users a week before their password expires, that doesn't actually mean anything will warn them
<ironm> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<ironm> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<arbir> hello
<arbir> how can i find a list of packages that would be deployed with 12.04 lts ?
<MysticJay> Hi, anyone here to help me with uspd?
<tombs1171> Is there anyone here who can help with postfix?
<bazhang> try #postfix ?
<tombs1171> will do, thanks
<kklimonda> arbir: what do you mean? what packages get installed depends on what you choose to install
<bazhang> arbir, that would be #ubuntu+1
<arbir> ok.. for exampleâ¦ which version of php would come with the 12.04 server?
<mcloy> what php mailing method is better for heavy email mailing on a site ? sendmail or something else?
<arbir> which version of apache ? 22 or 24
<mcloy> or setup an smtp server.. fully
<arbir> thats what i meant.
<kklimonda> arbir: you can more or less browse https://launchpad.net/ubuntu/precise for those answers, or install precise somewhere and see it directly
<arbir> kklimonda: thanksâ¦ looking up is good.. but installing and checking is too much work.
<kklimonda> arbir: if you know package name you can also use rmadison to get its version in all releases
<kklimonda> that would include precise
<arbir> this link u gave me is goodâ¦ thanks!
<MysticJay> Hi, I installed nut and think I have configured it correctly, but on boot the upsd seems to complain about beeing not configured.
<mcloy> which has multithreading  (utilizing full bandwidth available)    sendmail or any other smtp server ?
<mtaylor> sigh
<mtaylor> anybody know anything about networkmanager on desktop and how it interacts with dnsmasq?
<JanC> mtaylor: why do you think it does?
<JanC> (and doesn't sound like a server topic...)
<oApocalypse> who here has samba experience
<oApocalypse> along with it associating with windows 7
<guntbert> !ask | oApocalypse
<ubottu> oApocalypse: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<oApocalypse> lol
<oApocalypse> ok im running ubuntu 11.10 with samba configured
<oApocalypse> my windows 7 machine is seeing my tb hard drive at a 142 gb drive
<Patrickdk> is there a question in this?
<EvilResistance> i think he's wondering why its showing up as 142GB on the Windows machine, when 11.10 ius a 1TB drive
<oApocalypse> yes sorry
<Patrickdk> oh? I read that as his thunderbird harddrive
<oApocalypse> i have a seperate hard drive in the linux server thats 1tb didicated to share
<oApocalypse> dedicated*
<Patrickdk> I don't think samba/smb is 64bit compatable at that level
<oApocalypse> and windows 7 is showing the share at 142gb
<Patrickdk> atleast I know mine all show up as like 32gigs free disk space, when I have like 5tb free
<oApocalypse> i just reached the 142gb capacity through my windows machine
<oApocalypse> and it wont let me add more
<Patrickdk> odd, mine will
<Patrickdk> actually, my free space stays constant, no matter how much I put on the drive
<oApocalypse> whats the command to query disk space in linux
<Patrickdk> df
<oApocalypse> HMM? /dev/mapper/Exousia-root
<oApocalypse>                      149520692 141925492         0 100% /
<guntbert> looks rather full
<oApocalypse> let me include that this is my first time using linux so i could have done something wrong
<oApocalypse> that doesnt look like a terabyte though
<oApocalypse> that looks liek the partition is 149gb
<guntbert> oApocalypse: !pastebin the output of     sudo fdisk -l         and of      df -h    and of        mount   please
<oApocalypse> pastebin??
<EvilResistance> !pastebin | oApocalypse
<ubottu> oApocalypse: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<EvilResistance> !pastebinit | oApocalypse
<ubottu> oApocalypse: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<oApocalypse> i shouldnt just paste here
<Spartan29> Haaaaaaaaaaaaaaallo
<EvilResistance> no
<EvilResistance> UNDER NO CIRCUMSTANCES
<guntbert> EvilResistance: thx for the reminder about pastebinit  - as we are talking server :)
<EvilResistance> guntbert:  :)
<EvilResistance> oApocalypse:  you can do this:  [command] > pastebinit or something, after you install pastebinit
<EvilResistance> sudo apt-get install pastebinit
<Spartan29>  I've a trouble. I can't share files from linux to windows, files are in a folder of an NTFS partition mounted on boot time. What i see is that i can't change folder and than in it contained files. Can someone help me?
<mcloy> iam using sendmail and php  to send email. but its not sending up. i have allowed port 25 for 0.0.0.0/0     but its not sending any emails.  http://pastebin.com/M6kKLVtZ    need help . how can i check and make sendmail working?
<stgraber> jjohansen: did you see that last comment in bug 969299? could it be related to the problem?
<oApocalypse> whats the mount command
<uvirtbot> Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Critical,Confirmed] https://launchpad.net/bugs/969299
<oApocalypse> damn
<oApocalypse> i see what i did
<jjohansen> stgraber: no I haven't checked the bug today
<stgraber> jjohansen: the suggestion is that it could be related to deleted files and that mediate_deleted might help
<oApocalypse> http://paste.ubuntu.com/909269/
<jjohansen> stgraber: hrmm, yeah I am looking at it now
<Spartan29>  I've a trouble. I can't share files from linux to windows, files are in a folder of an NTFS partition mounted on boot time. What i see is that i can't change folder and than in it contained files. Can someone help me?
<jjohansen> stgraber: so I can believe that is the case, though I would have expected a log message there.  Of course we have a couple of bugs around logging of things that have logging surpressed
<jjohansen> stgraber: normally you wouldn't need the mediate_deleted flag because the file labeling and task labeling generally match for deleted files
<jjohansen> unfortunately if this is a mediate deleted case, all we can do atm is add the flag
<RoyK> Spartan29: ntfs mounted with ntfs3g/fuse?
<RoyK> or something over the net
<virusuy> gents!
<Angtagapagligt> Hey
<jjohansen> stgraber: I will run through and test this today and update with what I find
<Spartan29> RoyK, i don't know... how can i know?
<jjohansen> I should probably create a bug about not getting a log message for this as well
<oApocalypse> anyone able to tell me what my issue is see,s ;ole evil and gunt left
<RoyK> Spartan29: heh - you should know
<oApocalypse> seems like*
<RoyK> Spartan29: is that disk with that ntfs filesystem physically connected to the linux machine?
<stgraber> jjohansen: cool, thanks
<RoyK> physically, as in, with sata, sas, usb, scsi, ide, mfm etc
<mcloy> how can i know that sendmail installed is working and will send mails (i have a phpscript that says it send mails. but actually i never recieve the mail in my inbox) ?
<RoyK> mcloy: postfix or exim?
<Angtagapagligt> Can someone write me to show my sister how a IRC chat works? :)
<RoyK> Angtagapagligt: install an irc client on her machine...
<mcloy> RoyK,  using sendmail
<oApocalypse> ive been abandoned
<RoyK> mcloy: sendmail???
<mcloy> RoyK,  yes
<Angtagapagligt> RoyK :) No she just wanna have a look :)
 * RoyK stopped using sendmail sometime at the end of the 1990s
<RoyK> Angtagapagligt: offtopic...
 * RoyK will probably start using sendmail again once QBASIC gets popular again
<Spartan29> RoyK, yes the disk is internal at the pc, but i don't know if it's mounted with ntfs-3g or fuse, but maybe probably withe ntfs-3g
<RoyK> ntfs-3g uses fuse
<RoyK> Spartan29: now, if sharing files with a windows machine, on a linux server, using ntfs, why oh why do it that way?
<RoyK> Spartan29: or is this a dual boot desktop?
<oApocalypse> if im tryin to copy one entire directory to another i would do cp /directory /directory correct?
<Rapid2214> If it fails, use the -r parmameter
<Rapid2214> Depending on what your coping
<oApocalypse> yea it says cp: omitting directory
<Rapid2214> Yh, use -r or -R
<Rapid2214> I think they do the same things
<Rapid2214>  -R, -r, --recursive          copy directories recursively
<oApocalypse> its 142gb so it will take awhile then correct
<oApocalypse> and im in command prompt so they show no progress
<Rapid2214> You can use rsync for that amount of data, then if it fails it wont take years to do it all again
<Spartan29> RoyK, yes this is a dual boot pc for some maintenance on files /24 for dw files, and i want access a folder with films that is on the drive used to store films (once the'yre completed). The access at these files must be obtained by windows or other inux boxes present in my lan.
<oApocalypse> lol to late
<Rapid2214> rsync -Pav /folder /foler2
<Rapid2214> Is what I would usually use for anything +40GB
<oApocalypse> rsync is a default command?
<RoyK> Spartan29: don't use ntfs on a linux server, use ext4 or something
<Rapid2214> Installed by default on ubuntu
<RoyK> Spartan29: if it's a dual boot pc, it's not a server, and this is the wrong channel
<oApocalypse> well i shall try that if i get a failure
<oApocalypse> i see the hd light flickering away lol
<oApocalypse> ill check back on it in awhile
<oApocalypse> ty for the help :)
<Spartan29> RoyK, i know this is the wrong place. But if you can help me i quickly go away to fix my problem.
<mcloy>  here are the error logs for sendmail. need help http://pastebin.com/hJUYzEX4
<Spartan29> RoyK, the problem finally is that i cannot apply the permission right to show folder content to everyone.
<mcloy>  here are the error logs for sendmail. need help http://pastebin.com/0GfTnYNU
<Rapid2214> Spartan29, Can u fill me in with your senario?
 * RoyK doesn't want to spend time on things off topic in here
<mcloy> iam having the following error. what is wrong with sendmail? Mar 31 21:30:41 ip-10-111-31-180 sendmail[24639]: q2VLUfa6024639: from=www-data, size=274, class=0, nrcpts=1, msgid=<201203312130.q2VLUfa6024639@ip-10-111-31-180.ec2.internal>, relay=www-data@localhost
<mcloy> Mar 31 21:30:41 ip-10-111-31-180 sendmail[24639]: q2VLUfa6024639: to=ab159ab@hotmail.com, ctladdr=www-data (33/33), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30274, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
<guntbert> mcloy: are you experienced with configuring mail servers?
<guntbert> mcloy: if not I suggest 1) take care 2) read https://help.ubuntu.com/10.04/serverguide/C/email-services.html  3) take care 4) follow (2)
<mcloy> guntbert,  doing it the first time
<mcloy> guntbert,  no configs are needed for sendmail.......
<Rapid2214> Your local mail server is denying relay
<guntbert> mcloy: a *very serious*  word of caution â¢ : misconfigure mail servers are the bane of the internet (-> spam)  and are not regarded well by the rest of legit admins - trouble might lie ahead
<guntbert> *misconfigured
<Rapid2214> Guntbert +1 - Its burnt me before :)
<guntbert> Rapid2214: well, that is ONE mistake I didn't make ... ;-)
<guntbert> mcloy: uninstall sendmail and use postfix - and when it asks you what kind of server you want to run choose the most local version possible
<mcloy> guntbert,  hmm. so not use sendmail..       can you tell whats wrong by looking at the 2 errores ?
<mcloy> guntbert,  which is the most easiest mail server?
<guntbert> mcloy: as I said read https://help.ubuntu.com/10.04/serverguide/C/email-services.html   - they are talking about postfix, keep in mind what I said above about the initial setting
<mcloy> what about sendmail?
<mcloy> guntbert,  you there?
<guntbert> mcloy: don't touch it, it might bite :)
<mcloy> guntbert,  seriously.. why dont you recomend it ? :)
<guntbert> mcloy: it is a big old complicated beast with a lot of badly understandable options and cross effects
<mcloy> guntbert,  do i need my server to be made as  FQDN.
<guntbert> mcloy: I don#t know for waht you need it
<guntbert> *what
<mcloy> fully qualified domain  name.  someone told me i need to configure it
<mcloy> guntbert,  ok. so ill leave sendmail.....     which one do you recomend is the easiest to tackle. postfix qmail or exim ?
<guntbert> mcloy: no, for what purpose do you need the mail sever?
<mcloy> making a php site. and many of its heavy function sinclude email sending
<guntbert> and I say "use postfix" for the 3rd time :)
<mcloy> guntbert,  basically iam a php guy
<mcloy> guntbert,  ok...... :)
<mcloy> i know nothing about linux
<mcloy> guntbert,  iam going to install postfix. how long are you online ?
<guntbert> mcloy: my advice: get someone to help you with that mail server part - or leave that part out for the beginning -
<guntbert> mcloy: I'm on my way to bed  - Good luck :-)
<mcloy> ill do it myself
<mcloy> thx ! :)
<guntbert> mcloy: one last caveat: pleas do read a little about the danger of "open mail relays"
<mcloy>  how to purge remove an application?
<mcloy> guntbert, ill block the ips and allow only one. or the local host. as the webhost is the same machine as iam goin to install postfix on...
#ubuntu-server 2012-04-01
<CrystalVoid> good afternoon everyone ... is it just me... or is the installer for 11.10 getting stuck trying to find a DHCP_v6 server on a network without one..?
<pehden> http://pastebin.com/bT2mKYcp
<mcloy> how do i setup fqdn to setup an email server?
<pehden> help http://pastebin.com/ySbi6zgb
<pehden> postfix/proxymap[21103]: fatal: open /etc/postfix/mysql-virtual_domains.cf: Permission denied
<pehden> postfix/proxymap[21103]: fatal: open /etc/postfix/mysql-virtual_domains.cf: Permission denied
<mcloy> i need postfix to just send emails from local machine by php. do i need a domain.com? and fqdn?
<patdk-lap> to send emails, yes, you need EVERYTHING, and everything must be set correctly
<patdk-lap> or no one will accept mail from you, or just classify it as spam
<mcloy> so i need a .com registered? and set /etc/host and hostnames?
<mcloy> anything else?/
<patdk-lap> you need a valid domain name
<patdk-lap> you need your ip address to be set with that domain
<patdk-lap> and your domain set to that ip address
<patdk-lap> you need to tell postfix to use that name for it's helo
<mcloy> ok..
<patdk-lap> it all has to match, forward, backwards, ...
<mcloy> hm.
<mcloy> do i need to install bind?
<patdk-lap> http://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
<patdk-lap> I dunno, do you?
<mcloy> i have bind for hosting purpose. apache runing.   hosting is good. i have amazon cloud.  i have a domain name too. postfix installed.
<mcloy> i have endtered      A record as      mail        ip.ip.ip.ip          and then added mx record as       mail.domain.com    what next ?
<mcloy> (is that corect by the way?)
<patdk-lap> make sure, nslookup ip.ip.ip.ip, returns mail.domain.com
<patdk-lap> and make sure postfix uses mail.domain.com for it's helo
<patdk-lap> and while we are at it
<patdk-lap> DON'T STEAL OTHER PEOPLES domain names for your examples
<mcloy> steal ? :)
<patdk-lap> do you own domain.com?
<mcloy> ya
<mcloy> i mean no
<patdk-lap> hmm, I didn't know you where that company
<mcloy> how to do this  and make sure postfix uses mail.domain.com for it's helo?
<mcloy> patdk-lap,  its open-pages.com
<mcloy> you can nslookkup
<mcloy> patdk-lap, are you there?
<mcloy> how to make sure make sure postfix uses mail.domain.com for it's helo
<xpistos> Hey everyone. I need a bit of guidance. I have a program that has to go into the apache folder to stream movies to my roku box. I have apache setup, but I only get the "It Works" screen when I try to go to the page. is there a different folder than /var/www that this info should go in. I don't see htdocs that I would see in windows.
<xpistos> thanks in advance.
<free99> hey there... anyone know how to setup lighttpd with wordpress MU?
<free99> I've gotten 95% of the way, but am having an issue with loading images
<Zanzacar> can anyone help me setup audio on ubuntu server 11.10?
<KM0201> audio>
<KM0201> ?
<KM0201> why would you want audio on a server?
<Zanzacar> I have it running in my house for various media needs. I thought it would be neat to run pianobar on it so I can have pandora though my wireless headphones
<KM0201> i have no idea on that one
<Zanzacar> I know it isnt very conventional but I just thought it would be cool. I tried to install pulseaudio but it was requesting some libraries from X11 and what not
<KM0201> yea
<qman__> Zanzacar, base audio is provided by alsa, you don't need pulse unless alsa's mixing is insufficient
<Zanzacar> qman__: I am install alsa now going to see how far that gets me
<kieppie1> hi guys. I wanto get up to speed re virtualization re ubuntu circa 10.04 LTS, & browsed over http://blog.dustinkirkland.com/2011/10/getting-started-with-ubuntu-orchestra.html
<kieppie1> other than this, is there any tutorials on this new manner of doing things? server & in particular virt is not very well detailed AFAIK
<gletob> Anyone know how to get Database auth working with Squid3?
<uvirtbot> New bug: #969452 in openssh (main) "SSH crashes after authorization" [Undecided,New] https://launchpad.net/bugs/969452
<uvirtbot> New bug: #969916 in bind9 (main) "host crashed with SIGSEGV in start_thread()" [Medium,New] https://launchpad.net/bugs/969916
<uvirtbot> New bug: #970152 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.61-0ubuntu0.10.04.1 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 1 (dup-of: 349469)" [Undecided,New] https://launchpad.net/bugs/970152
<uvirtbot> New bug: #970292 in openssh (main) "openssh-client inactive ssh connection hangs after short time" [Undecided,New] https://launchpad.net/bugs/970292
<uvirtbot> New bug: #802117 in juju "juju ssh/scp commands cause spurious key errors, should use a different known_hosts file" [Medium,In progress] https://launchpad.net/bugs/802117
<uvirtbot> New bug: #969604 in lxc (universe) "lxc-stop should be able to handle ephemeral containers more robustly" [Low,Confirmed] https://launchpad.net/bugs/969604
<uvirtbot> New bug: #970071 in cloud-init (main) "sshutil does not correctly interpret relative paths in sshd_config" [Undecided,New] https://launchpad.net/bugs/970071
<uvirtbot> New bug: #965551 in quantum (universe) "quantum-server 2012.1~rc1-0ubuntu2 fails to install" [Undecided,Fix released] https://launchpad.net/bugs/965551
<uvirtbot> New bug: #969228 in lxc (main) "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Fix released] https://launchpad.net/bugs/969228
<uvirtbot> New bug: #969414 in apache2 (main) "apache2 crashed with SIGABRT in raise()" [Undecided,Invalid] https://launchpad.net/bugs/969414
<uvirtbot> New bug: #961232 in cobbler (main) "running multiple 'cobbler system reboot --name=xxx' at the same time, fence_cdu lists ALL reboots" [Undecided,New] https://launchpad.net/bugs/961232
<uvirtbot> New bug: #969374 in mysql-5.1 (universe) "package mysql-server-5.1 5.1.58-1ubuntu1 failed to install/upgrade: ErrorMessage: subprocess new pre-removal script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/969374
<uvirtbot> New bug: #969426 in apache2 (main) "Apache fails to shutdown cleanly during update and removes libapache2-mod-php5 in the process, causing service restart to fail due to syntax errors in configuration" [Undecided,New] https://launchpad.net/bugs/969426
<uvirtbot> New bug: #970679 in samba (main) "winbind coredumps when encountering a group with over 1000 members" [Undecided,New] https://launchpad.net/bugs/970679
<antares79> hi guys. quick question: does anyone else see virt-manager not updating the statistics graphs in oneiric or is it just me?
<airtonix> it's just you
<uvirtbot> New bug: #970782 in dovecot (main) "Please merge new upstream dovecot version 2.0.18-1" [Undecided,New] https://launchpad.net/bugs/970782
<raydog45000> Anyone know the command or where to get a java compiler?
<mcloy> ssh -i key.pem ubuntu@ec2-107-22-63-2.compute-1.amazonaws.com
<mcloy> ah great
<mcloy> that so silily of me
<mcloy> iam using amazon cloud. and installed postfix. if i change /etc/hosts and etc/hostname . it will not cause any problem?
<mcloy> i need help , i need to send emails by php. i have installed postfix but people say that i dont have a fqdn and no /etc/hostname and /etc/hosts valid entry.     what should i do?
<Rapid2214> mcloy: Talk on here :) I would recommend phpmailer
<mcloy> Rapid2214,  thanks.. :)     yes i have alread php mailer with me
<mcloy> Rapid2214,  but the problem is that its not sending emails by postfix
<Rapid2214> K, what error do you get?
<mcloy> # php phpmailer.php
<mcloy> SMTP Error: The following recipients failed: ab159ab@...com
<Rapid2214> K, and in the postfix log?
<mcloy> Apr  1 14:21:44 ip-10-111-31-180 postfix/local[30002]: 93F1B3D6D: to=<root@ip-10-111-31-180.ec2.internal>, orig_to=<root>, relay=local, delay=0.11, delays=0.09/0/0/0.02, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
<mcloy> Apr  1 14:21:44 ip-10-111-31-180 postfix/qmgr[29413]: 93F1B3D6D: removed
<mcloy> Apr  1 14:22:35 ip-10-111-31-180 postfix/postfix-script[30156]: fatal: the Postfix mail system is already running
<mcloy> Rapid2214,  do i need a fqdn ? and to add and entry iin domain registrar records and in /etc/hosts and hostname fiels ?
<Rapid2214> Okay, what version of Linux are you running?
<mcloy> ubuntu
<mcloy> kubuntu to be exact
<mcloy> sory... its ubuntu serve
<Rapid2214> K, run tail /var/mail/root
<Rapid2214> and see if you have any messages
<Rapid2214> Thats what happens to me when something fails
<mcloy> tail: cannot open `/var/mail/root' for reading: No such file or directory
<Rapid2214> K, tail -f /var/log/syslog
<Rapid2214> While sending the email
<mcloy> Rapid2214,  you there?
<JamesJRH> Hello. Is this a bug?:
<JamesJRH> james@james-ThinkPad-X60-Tablet:~$ date; sudo hwclock
<JamesJRH> Sun Apr  1 17:02:32 BST 2012
<JamesJRH> Sun 01 Apr 2012 16:02:29 BST  -0.922465 seconds
<JamesJRH> Surely it should either say UTC or it should say 17:02:29.
<JamesJRH> (For those that don't know, BST = UTC+1 = 'British Summer Time')
<ha1dfo> hi! I'd like to use gpg to verify a signed file. I have the signature already imported to apt. which parameters hsould i use to tell gpg to use the keyrings of apt?
<uvirtbot> New bug: #970921 in postfix (main) "Postfix 2.9.1 Crashing with Signal 6 - Postfix 2.8.5-2 works perfectly" [Undecided,New] https://launchpad.net/bugs/970921
<mcloy> need help with postfix send php based script email . <br />SMTP -> ERROR: AUTH not accepted from server: 503 5.5.1 Error: authentication not enabled
<mcloy> <br />SMTP -> FROM SERVER:250 2.0.0 Ok
<mcloy> <br />SMTP Error: Could not authenticate.
<mcloy> RoyK,  you there?
<JamesJRH> Is it possible for me to obtain a correct source of TAI from my system if I keep it in sync?
<RoyK> mcloy: yep
<mcloy> see my probleM ^
<JamesJRH> Implementing TAI on top os UTC relies on UTC being correctly implemented. But Ubuntu seems to ignore leap seconds in it's UTC.
<JamesJRH> of*
<RoyK> mcloy: your own server?
<RoyK> mcloy: you haven't defined the issue...
<mcloy> RoyK,  ya
<mcloy> iam using phpscript to send mail.    installed postfix and its giving the above stated error
<RoyK> and you try to use smtp auth and smtp auth isn't enabled and you really don't need smtp auth if it's a local server so why do you use it in the first place?
<mcloy> hm
<mcloy> its smtpd_sasl_auth_enable      = no           already
<mcloy> UTH not accepted from server: 503 5.5.1 Error: authentication not enabled
<mcloy> RoyK, http://pastebin.com/qUbYFarM
<mcloy> any help with postfix. here are my config files http://pastebin.com/qUbYFarM and here is the error  ERROR: Password not accepted from server: 535 5.7.8 Error: authentication failed: authentication failure. FROM SERVER:421 4.7.0 ip-10-111-31-180.ec2.internal Error: too many errors
<ikonia> mcloy: the error is pretty clear, authentication, so you need to look at what you are authing against, and then check the username/password
<mcloy> i have. i have made a user with no login. and a password. but still....
<mcloy> ikonia, iam very disturbed since 2 days
<ikonia> you need to look at what you are authing against and check the username and password
<mcloy> ikonia,  i made a username as fp and passward as "xx"
<mcloy> iam giving the same.
<ikonia> mcloy: ok, so verify you can login as "fp" and "xx"
<mcloy> ikonia,  i have made a system user. with no login
<ikonia> mcloy: then that's why it won't work
<mcloy> its a user.  no matter it cant login
<ikonia> it does matter
<mcloy> i see
<uvirtbot> New bug: #971028 in krb5 (main) "kerberos auth doesn't work because of kerberos server not found" [Undecided,New] https://launchpad.net/bugs/971028
<mcloy>  ok tell me how to make a user again please ?
<ikonia> mcloy: use the user admin gui
<mcloy> ikonia,  its a server
<mcloy> with no gui
<ikonia> mcloy: https://help.ubuntu.com read the server guide
<ikonia> mcloy: learn the basics
<mcloy> ikonia,  i just forgot the command. its adduser..
<mcloy> useradd -s /sbin/nologin pf        this is what i did ikonia
<ikonia> you need to be able to login, create a user with a login shell, test it, then test it with postfix
<mcloy> ikonia,  i have added user by useradd pff        then a passwd pff           then xx             still geting the error . <br />SMTP -> ERROR: Password not accepted from server: 535 5.7.8 Error: authentication failed: authentication failure         . have you seen  http://pastebin.com/qUbYFarM  et
<mcloy> ?
<ikonia> mcloy: can you login as the user you have just created
<mcloy> by su ?
<ikonia> mcloy: no, login
<mcloy> iam on a cloud. i only login by root
<ikonia> then login as that user
<ikonia> instead of root
<mcloy> k
<ikonia> come on, think it through
<ikonia> I ask you to login as that user to test it...I shouldn't have to tell you to then "login" to test it
<ikonia> you're setting up a mail server, if you can't grasp simple concepts like "logging in to test a users login ability" then you shouldn't be running a mail server,
<ikonia> it will be open to exploit and security risks
<mcloy> yes. ican login and iam geting the same error
<ikonia> I'm stepping away from this as I'm not comfortable helping you debug this if I have to explain to you to "login" to test a user
<mcloy> thanks for your time
<ikonia> I don't believe you should be trying to run a mail server and I don't think your in a position where your experience will allow you to debug it
<mcloy> anybody else ? any help with postfix. here are my config files http://pastebin.com/qUbYFarM and here is the error  ERROR: Password not accepted from server: 535 5.7.8 Error: authentication failed: authentication failure. FROM SERVER:421 4.7.0 ip-10-111-31-180.ec2.internal Error: too many errors
<mgw> hi, is there a way to pre-configure the install of cobbler, to prevent the configuration prompts when doint apt-get install?
<yeats> mgw: you might want to investigate 'debconf-set-selections'
<mgw> yeats: thanks, looking
<uvirtbot> New bug: #971046 in bind9 (main) "DNS doesn't work as expected -- ldap-server, kerberos-server not found." [Undecided,New] https://launchpad.net/bugs/971046
<uvirtbot> New bug: #971056 in openldap (main) "Upgrade overwrites LDAP config with defaults" [Undecided,New] https://launchpad.net/bugs/971056
<xpistos> can someone give me a hand with this - I can take the same path way and use it to mount with "mount -t nfs 11.10.19.100:/data/Comics/My\ Comics /home/x/Data/My\ Collection" but not in fstab for some reason
<xpistos> "11.10.19.100:/data/Comics/My\ Comics /home/x/Data/My\ Collection	nfs	rw,hard,intr	0	0" doesn't seem to wor
<xpistos> +k
<guntbert> xpistos: in what way?
<xpistos> guntbert: I can manually use the "mount -t nfs PATHWAY" and it mount to the folder but if I put it in fstab, it gives me an error
<guntbert> xpistos: tell us the error please
<xpistos> retrieving
<xpistos> [mntent]: line 26 in /etc/fstab is bad
<xpistos> the line is '11.10.19.100:/data/Comics/My\ Comics /home/x/Data/My\ Collection	nfs	rw,hard,intr	0	0'
<xpistos> where ip is my server the first is the pathway to my nfs share in exports and the second is my target folder
<xpistos> the same path will work when I do so manually with the "mount -t nfs " command
<guntbert> xpistos: I'd suspect the blanks, but I may err...
<xpistos> let me try that to test
<guntbert> xpistos: else try with less options.... (maybe there is a syntax error)
<xpistos> guntbert: it was the blanks. I never had trouble with that before strange. But Not a problem. Thanks for seeing that.
<xpistos> guntbert: I don't suppose you know the default folder to apache do you?
<guntbert> xpistos: glad you made it - I avoid blanks in all file systems (old school)  -  look in /etc/apache2
<xpistos> guntbert: LOL. I will keep that in mind from now on!
<guntbert> :)
<xpistos> what is httpd called in ubuntu?
<RoyK> apache
<xpistos> cause i installed apached and I can't run httpd -S
<xpistos> but I can run apachectl -S
<RoyK> apache2
<RoyK>  /usr/sbin/apache2
 * RoyK seems to be going north for some work, to ny-Ã¥lesund, svalbard :D
<xpistos> how would I fix this error? apache2: bad user name ${APACHE_RUN_USER}
<RoyK> start apache with apache2ctl
<xpistos> apache2ctl restart?
<RoyK> aye
<xpistos> apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<xpistos> this is on the localhost
<RoyK> doesn't matter
<RoyK> also, IIRC you can override that
<RoyK> but still, it doesn't matter much
<xpistos> so I am guessing it isn't actually restarting
<RoyK> that's not an error message
<RoyK> it's merely a warning
<xpistos> oh
<RoyK> set ServerName (and perhaps ServerAlias) to get rid of that
<xpistos> well I am still getting the error message
<RoyK> it's not an error message
<yeats> xpistos: APACHE_RUN_USER is set in /etc/apache2/envvars, so you might want to check that file
<uvirtbot> New bug: #971131 in samba (main) "nmbd crashed with SIGABRT in tdb_traverse()" [Undecided,New] https://launchpad.net/bugs/971131
#ubuntu-server 2013-03-25
<Nicolas_Leonidas> how do I stop this Enter passphrase for key '/home/foo/id_rsa' from showing up when I try to ssh?
<escott_> Nicolas_Leonidas, don't set a passphrase on the key
<Nicolas_Leonidas> escott, it's too late it's already there
<Nicolas_Leonidas> but there is something that remembers ssh passphrases I just can't remember it's name
<escott_> Nicolas_Leonidas, so make a new key
<escott_> Nicolas_Leonidas, ssh-agent
<Nicolas_Leonidas> yeah, can't I use ssh-agent? changing the key is difficult because the key is distributed on other servers
<gdeeble> Hey is anyone familiar with Ser2Net in here? While it sounds retarded, I'm just trying to figure out if it's possible to have it pull the serial port of the local host, where the console log is being pushed to. For example, it's being pushed to ttyS0 in the parameters, and I want ser2net to allow me to connect to that port to capture what's going on, but this is on the same server that
<gdeeble> it's running on.
<patdk-lap> sure, it works great
<patdk-lap> I use it for phonesystems and other things to make the software work over tcp/ip
<gdeeble> In this case it covers my servers and such, but I want it to do kind of like a loop back to itself as well.
<Gletob> I'm having an issue with two servers/init scripts not starting correctly on reboots, how can I diagnose these issues.  One is mumble-server from the repos, and the other is an init script I use for a minecraft server.
<semcentro> I have problems to send key gnuPG to server
<Nicolas_Leonidas> join #freelance
<rsthelord> Hello Guys!! i am getting /install/vmlinuz error when i am booting from a usb. how do i solve the issue?
<Guest6722> HEYO!
<Guest6722> RoyK:  will you ping me when you have a minute?
<RoyK> ping
<RoyK> (one minute only)
<Guest6722> lol
<Guest6722> you were saying my swap was on slowest part of drive
<RoyK> and I said never mind
<RoyK> no, you can't move it without a lot of partitioning magick
<LargePrime> oh.  as in never mind, this is not an issue
<LargePrime> magic or just effort
<RoyK> swap use will be slightly slower
<RoyK> but then, swap is always slow, and excessive swap is a killer
<LargePrime> yes
<LargePrime> another minute?
<RoyK> no - gotta go and catch a train
<LargePrime> ok later then if you can thanks
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/rc2/+merge/155218
<RoyK> LargePrime: back
<LargePrime> missed you
<LargePrime> short train
<RoyK> LargePrime: no, I'm on the train ;)
<LargePrime> ofc
<LargePrime> any thoughts on kernals you would like to share?
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<LargePrime> RoyK:
<RoyK> LargePrime: what do you mean?
<LargePrime> I have a grsec kernel on my server, and I am thinking to replace it.  and then i find i have a bunch of options
<LargePrime> should i just do a generic kernel?
<RoyK> that works well for 99% of machines
<RoyK> I haven't used a custom kernel for years
<LargePrime> RoyK:  How would i move the swap partition?  what would i google?
<RoyK> but if you want/need the grsec added security, then use it
<RoyK> LargePrime: don't think about it - the easiest way is to reinstall. everything else will be very hard. also, how much swap do you really use/need?
<RoyK> LargePrime: and if you use a lot of swap, you have too little memory
<RoyK> LargePrime: better just forget about it. it doesn't matter!
<RoyK> LargePrime: pastebin output of "free"
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/rc2-fix/+merge/155223
<LargePrime> how do i pipe into pastebin again?
<RoyK> !pastebinit | LargePrime
<ubottu> LargePrime: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<LargePrime> http://paste.ubuntu.com/5646361/
<LargePrime> RoyK:
<RoyK> ic
<LargePrime> swap seems small
<RoyK> it's still ~2GB free
<RoyK> memory
<RoyK> that is, it's not "free", but allocated as buffers/cache
<RoyK> but that's usable for applications
<tobin> Is the euca200ls package in the awstools-dev PPA the replacement for the ec2-api-tools ?
<RoyK> it's swapped out a wee bit, but so long as everything runs ok, it's no reason to worry
<jamespage> zul, cinder is still auto-generating a dependency on python-rtslib is that correct?
<zul> jamespage:  yep
<zul> babel as well
<jamespage> zul, thats somewhat counter to the -0ubuntu1 changelog entry
<zul> jamespage:  it is
<jamespage> ??
<zul> jamespage:  erm..
<zul> jamespage:  im not sure where that is coming from
<zul> jamespage:  seems to be coming from the tarball
<zul> jamespage:  http://paste.ubuntu.com/5646390/
<jamespage> zul, its still in pip-requires
<zul> jamespage:  yeah
<zul> jamespage:  lemme bug ttx
<jamespage> zul, thats not really 'dropping the dependency' is it :-)
<zul> jamespage:  right
<zul> ttx: ^^^
<ttx> o/
<ttx> zul: rtslib still in pip-requires ?
<ttx> awesome
<zul> ttx: looks like it
<ttx> zul: care to file a bug ? I'll make sure jgriffith sees it
<zul> ttx: just checked the git tree and its not in  the tools/pip-required
<zul> er...tools/pip-requires
<zul> https://github.com/openstack/cinder/blob/master/tools/pip-requires
<ttx> zul: it's in the milstone-proposed branch though
<ttx> I suspect half backport
<zul> ttx: it is
<ttx> https://github.com/openstack/cinder/blob/milestone-proposed/tools/pip-requires
<zul> ttx: ill file a bug
<ttx> Missing backport for https://github.com/openstack/cinder/commit/7bb449aa5a0a069cc6df918acc33bf550fbd5834
<jamespage> zul, I've +1'ed that MP
<jamespage> guess we can fix this up with rc3
<zul> yep yep
<zul> ill get it fixed upstream
<zul> ttx: https://bugs.launchpad.net/cinder/+bug/1159798
<uvirtbot> Launchpad bug 1159798 in cinder "rc2 still depends on rtslib." [Undecided,New]
<zul> ttx: you just cherry-pick that git hash right?
<ttx> yeah, but would like to make sure there are no other leftovers
<zul> ttx: ack
<zul> hallyn_:  im going to backport that libvirt-lxc bug today
<hallyn_> zul: which one is that?
<zul> hallyn_:  the one that shutsdown the hose
<hallyn_> oh yeah
<RoyK> zul: backporting a bug or bugfix? ;)
<zul> RoyK: bug fix
 * RoyK thought perhaps it was a wee bit counterproductive to backport a bug
<RoyK> zul: what bug, btw?
<zul> RoyK:  lxc container can shut down the host due to a bug in libvirt
<RoyK> ouch
<hallyn_> zul: but really if /dev is shared between host and guest that's a setup bug anyway
<RoyK> doesn's sound very secure to me
<hallyn_> and since we don't have a /dev/initctl, i'm not sure it actually affects us...  or maybe i'm misremembering the details of the bug
<zul> hallyn_:  anyways im building the fix now, do you want to have a look at the debdiff after?
<zul> hallyn_:  http://paste.ubuntu.com/5646549/
<Goranek>  /query skofo
<Goranek> sorry
<zul> hallyn_:  alright uploading
<hallyn_> zul: looking :)
<hallyn_> zul: misspelled containers int he changelog fwiw
<hallyn_> zul: the fix is kinda silly really.  it doesn't stop the container from shutting down the host int hat case, it only tries to stop 'virsh shutdown' fromdoing it
<zul> hallyn_:  yeah i know
<hallyn_> but i gues the devcg stops that
<hallyn_> but <shrug> looks good, thx :)
<hallyn_> stgraber: what do you make of bug 1159817 ?
<uvirtbot> Launchpad bug 1159817 in lxc "python module lxc failed to import on ARM with: UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb5 in position 0: invalid start byte" [Undecided,New] https://launchpad.net/bugs/1159817
<stgraber> hallyn_: I'm looking at it now
<stgraber> hallyn_: I first thought of some pyc corruption as I've already seen that on arm, but I can reproduce it here...
<ScottK> I'd have guessed a bytes/string issue.
<stgraber> ScottK: so my guess is that it's blowing up on my firstname ;)
<stgraber> but I can't explain why it does that on armhf and not on x86
<ScottK> That is odd.
<stgraber> hmm, actually, no, it's the C module that's failing to import
<stgraber> python3 -c "import _lxc"
<stgraber> hmm, I really can't find anything that'd explain thi in the code... let me try a rebuild on my panda, maybe we can just blame cosmic rays
<hallyn_> in buildds are those build with cross compiler, or natively?  i'm assuming natively?
<ScottK> Native.
<stgraber> corrupted binaries aren't completely unheard of on armhf, so there's a reasonably good chance that a rebuild will fix it
<stgraber> especially as ~alpha3 worked fine on armhf and I only added one function to the python binding which isn't even called on import...
<hallyn_> that is...  disconcerting.
<hallyn_> (the inherent unreliability, that is)
<caribou> jamespage: howdy, remember last week my query about changing Suggest to Depends on nova-novncproxy
<caribou> jamespage: looks like it triggered something bigger but then I sorta lost track of your discussion (i.e. in-flight SRU, security fixes etc)
<jamespage> zul, hmm - I think I have a regression in libvirt with regards to live-migration with attached ceph rbd volumes
<jamespage> appears to work OK with the 0.9.x we had in folsom CA - but not so happy in 1.0.x (I held it back in staging whilst I checked stuff in proposed)
<boedy> Hi
<boedy> I just rented a vps server and transfered my website to it.
<boedy> I have the feeling curl and wget are not working properly
<boedy> when I do a request to the facebook api. I only get partial results
<boedy> if I run it via a proxy server I get the correct results
<boedy> Is this a problem with the server or the source I'm fetching the data from?
<Datz> Hi. I'm wondering how to tell whether my server needs a restart after certain updates: Can't find anything really definitive here: http://ubuntuforums.org/archive/index.php/t-1012637.html
<Datz> Doesn't look like there would be any cause for a restart, only thing I'm wondering about is why: "linux-headers-server linux-image-server" was updated..
<Datz> if no new kernel
<sarnold> Datz: it's unfortunately difficult to tell when a machine needs to be restarted to apply updates -- running services will usually keep old versions of libraries loaded, for example
<Datz> ah. I see. That's what the post seemed to indicated. It would be nice if the GUI program to tell whether a restart was needed would be available for server.
<Datz> Thanks anyhow sarnold
<sarnold> Datz: for libc updates, there is some magic to restart long-lived services, but not everyhting will be restarted. a reboot is the easiest way to get the new code rnning everywhere. but, of course, not all problems are so horrible that the machine needs tobe restarted to fix it -- eventually is Good Enough.
<Datz> yea, I'm going to go with the eventual method this time :)
<sarnold> Datz: for kernel updates, it does say "please restart". I think I've seen non-kernel updates trigger that too, but I can't recall how to make it happen :) so perhaps I'm mistaken.
<Datz> humm, never noticed that. WHere would it say this?
<Datz> after installation I'm guessing..
<sarnold> Datz: I've only seen it on the happy gui updater. Dunno about servers.. that's a different ball of wax. :)
<Datz> oh I got ya. Thanks. ;)
<stgraber> hallyn_: so much for cosmic rays... a no change rebuild didn't fix it, so I'm now wondering what I broke in the python binding of liblxc or what changed in python that broke it :)
<hallyn_> hm
<hallyn_> if you install the old pkg and just copy liblxc.so.0.whatever over from the broken pkg, does that break?
<stgraber> good question. I'll grab the alpha3 and test some combinations of liblxc+the binding module
<stgraber> I was almost worried we woudln't have a critical bug to fix for the final 0.9 ;)
 * hallyn_ trying to figure out why his pkg gives him empty ARCH in
<hallyn_> /usr/bin/make -C /home/serge/z/sparc-cross-toolchain-base-1.101ubuntu1/linux-source-3.8.0 O=/home/serge/z/sparc-cross-toolchain-base-1.101ubuntu1/linux-source-3.8.0/debian/tmp-headers KERNELVERSION=3.8.0-14 INSTALL_HDR_PATH=/home/serge/z/sparc-cross-toolchain-base-1.101ubuntu1/linux-source-3.8.0/debian/tmp-headers/install SHELL="/bin/bash -e" ARCH=
<hallyn_> stgraber: perish the thought :)
<hallyn_> oooh, i think i see
<stgraber> hallyn_: new liblxc + old python binding => works
<stgraber> hallyn_: other way around doesn't but I'm using some new symbols so that was expected... I'll try to bisect my python binding changes
<timmo> help! files are copying at 100KB/s disk to disk
<sarnold> timmo: is that hundreds of thousands of little tiny files? has either filesystem been filled completely to capacity in the past? are there any errors in dmesg? ...
<timmo> sarnold: each drive tested is less than 10% capacity most are freshly formatted ext4, sped is for both ntfs to ext4 and ext4 to ext4, dmesg show nmdb respawning but the rest looks fine
<timmo> sarnold: hdparm shows all disks running @ udma 6 and buffered read speeds over 90MB/s
<sarnold> timmo: somewhere along the way, the default IO scheduler changed from cfq to deadline -- or the other way around, I forget details -- you might want to try changing the scheduler used via /sys/devices/*/*/ata*/host*/*/*/block/*/queue/scheduler files  (ugh, hate that path. just type find /sys -name scheduler ...)
<sarnold> timmo: I've heard some complaints from people with the new scheduler with their workloads. it might be worth cargo-cult changing it :)
<timmo> sarnold: /sys/devices/pci..../block/sdc/queue/scheduler is noop [deadline] cfq
<sarnold> timmo: oooh! hey, /sys/block/ has symlinks that are way friendlier. :) /sys/block/sdc/queue/scheduler ought to work too, just with less annoyance.
<sarnold> timmo: from a root shell (e.g., sudo -s)  'echo cfq > /sys/block/sdc/queue/scheduler' -- and re-test..
<timmo> sarnold: still at 100KB/s
<sarnold> timmo: damn. sorry for the rabbit-hole.
<timmo> sarnold: no worries, thanks for the thought
<timmo> can't believe I didn't check but copying to IDE boot drive is normal speed, all SATA slow on PCI-x controller
<sarnold> timmo: woah, odd. but at least you've got something to look for..
<Dulcin> hi
<Dulcin> I'm running the percona wizard for mysql my.cnf (https://tools.percona.com/wizard) and it asks which version of mysql I'm running (enterprise, community, percona, maria, other). However, is it possible that I have the 'ubuntu' version of mysql? Because looking up the version I can not determine wether I have the enterprise or community version... community sounds likely but it doesn't state so when i run mysql or look up the version in the
<Dulcin>  database
<Dulcin> So maybe I should choose other? Or is community the one I want anyway?
<koolhead17> hallyn_, around
<hallyn_> yeah
<sliddjur> What happens when a users logs out or loses connection? What should I look into if I want to execute a script each time a user does either of those?
<sarnold> sliddjur: that's some .. old and cranky code, involving process groups, sessions, and soforth. Advanced Programming in the Unix Environment is the best description of all those APIs, though the 'setpgrp', 'tcsetpgrp', and 'setsid' manpages do a decent job...
<sarnold> sliddjur: you might be able to just use pam_exec to do what you want, but I wouldn't be surprised if there were conditions that it doesn't handle perfectly.
<stgraber> hallyn_: so it looks like the problem with python3 on armhf is related to the new get_version function
<stgraber> (I did a test build with just the new get_config_path and it's fine)
<hallyn_> stgraber: oh, our get_version, not the python one :)
<stgraber> hallyn_: right
<hallyn_> _?  why _?  hm
<hallyn> stgraber: got any idea what it might be?
<hallyn> i susepct it's another header include snafu
<hallyn> note there is version.h in both src/ and src/lxc/
<stgraber> hallyn: I'm not sure yet, I'm busy with other things at the moment :( I tried a very quick check in C and it worked (using get_version from lxccontainers.h), so it may be some python weirdness.
<hallyn> stgraber: ok
<hallyn> (i'm going to play around later, but dinner first)
<hallyn> lol, forgot this was on arm
<stgraber> haha, yeah, it's armhf only, would be way too easy to debug otherwise
#ubuntu-server 2013-03-26
<buengenio> hello, routing question - I'm connecting via VPN to another site on a WiFi connection (client IP: 10.0.0.4). On the local wired connection I have another machine connected (ip: 192.168.0.222). Question: how to access ping or http on 192.168.0.222 from the VPN server-side ?
<zerooneone> i just started using ubuntu for some servers i'm managing. question: how long does it usually take for security vulns to be fixed, such as the issue with apache 2.2.22?
<TheLordOfTime> zerooneone, #ubuntu-hardened might be a better place to ask.  but which vulnerability are you talking about>?
<zerooneone> nm i think i found it. i'm confused by the ubuntu version numbers. i should just look at the USN from now on :)
<TheLordOfTime> i'm still curious though :P
<zerooneone> TheLordOfTime: it was apache2 http://www.ubuntu.com/usn/usn-1765-1/
<zerooneone> apache2 says to upgrade to 2.2.23 but the ubuntu security upgraded version is 2.2.22-1ubuntu1.3 for ubuntu 12.04
<TheLordOfTime> zerooneone, note the four CVE links in the USN.,
<TheLordOfTime> they're all "released" or "not-affected"  :)
<zerooneone> tell me that's not confusing
<TheLordOfTime> nope.
<TheLordOfTime> it isn't confusing.
<TheLordOfTime> but... i've worked with the security process for a couple of packages, so... :P
<TheLordOfTime> here's how to see if they've been fixed though
<TheLordOfTime> http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1048.html    http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-4558.html    people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-4557.html
<uvirtbot> TheLordOfTime: The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1048)
<uvirtbot> TheLordOfTime: Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558)
<uvirtbot> TheLordOfTime: The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557)
<TheLordOfTime> http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3499.html
<uvirtbot> TheLordOfTime: Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499)
<TheLordOfTime> can we disable that thing?
<zerooneone> haha
 * TheLordOfTime slaps uvirtbot with /dev/null
<TheLordOfTime> zerooneone, anyways, if you look at those links, you'll see it also says which "version" each CVE was fixed in.
<zerooneone> i can see that now thanks. but can't we just call it 2.2.23 then? help me understand...
<TheLordOfTime> because it isn't 2.2.23.
<zerooneone> it's just been patched then
<TheLordOfTime> there may be other code changes between the version in the repos for a software, but the security patch has been applied
<TheLordOfTime> but not the other code changes.
<TheLordOfTime> there ARE cases where a security update may need a version bump
<TheLordOfTime> but i've never seen that in any of the packages I monitor.
<TheLordOfTime> (it's rare is what I"m trying to say)
<zerooneone> so when our security guy wags his finger at the fact that apache 2.2.22 is installed i can just tell him to go find his black hat then
<zerooneone> ok i understand. but i'm not happy about it
<zerooneone> thanks for your help TheLordOfTime
<TheLordOfTime> yep
<one> How doos I change console font?
<one> andol: how doos i change console font?
<one> kevinsky: how doos i change console font?
<one> freeflying: how doos i change console font?
<one> diplo: thank you that look better
<one> diplo: how about do you know how to turn down the brightness my eyes hurt
<one> Do they still sell radiation filters for screens maybe it is burning my retina.
<one> how does I lower the brightness from console only?
<one> ^ slightly different question
<uvirtbot> one: Error: "slightly" is not a valid command.
<one> ^ help
<uvirtbot> one: (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.
<one> ^ help gdef
<uvirtbot> one: Error: There is no command "gdef".
<one> ^ help ping
<uvirtbot> one: (ping takes no arguments) -- Checks to see if the bot is alive.
<Myrtti> one: can you please stop
<one> Myrtti: ok that is cat toy for someoneelse
<one> my eyes are burning how to stop the radiation?
<one> Do i have to buy a filter or is there a way to tell it from console?
<Myrtti> one: can you please stop playing around? I'm sure there are other hobbies available for you than fooling around in IRC channels. My personal recommendation is either medieval and renessaince literature, knitting or woodwork.
<Myrtti> cycling is also a nice hobby.
<one> huh
<one> im serious I want to know how to turn down brightness
<Myrtti> in most cases you can do it with the hardware. The displays usually have a button for doing it.
<one> its a fuction key which isn't working from console only
<rbasak> one: this is on a laptop?
<one> Also I know some software can make it go lower than usual even to black, yes a laptop.
<one> I want it very vary low barley readable.
<rbasak> one: try #ubuntu, or perhaps askubuntu.com is more likely to get an answer. This is a server channel.
<one> I am not fooling around I think it is burning my retina laptop screens look brighter than looking out the window on a sunny day.
<one> I have to stop and cool my eyeballs off from time to tiem
<one> rbasak: for some reason or another I am unable to join #ubuntu
<Myrtti> that would be because you are banned there. If you want to discuss it, join #ubuntu-ops.
<one> Myrtti: unsuccessful
<Myrtti> that would be because you didn't actually discuss.
<Myrtti> but it's your choice.
<one> false
<one> bearing false witness against a neighbor
<ikonia> this isn't going to end well
<Myrtti> one: how about you just stop there, and we can go on with our lives?
<one> Myrtti and consider every day a blessing in that you have another chance to repent of your false witness before JUDGMENT DAY
<zul> grrr
<zul> jamespage: so im lookin at this bug: https://bugs.launchpad.net/ubuntu/+source/quantum/+bug/1107114 and it depends on a ryu package which isnt packaged in ubuntu or debian
<uvirtbot> Launchpad bug 1107114 in quantum "quantum-ryu-agent crashed with ImportError in /usr/lib/python2.7/dist-packages/quantum/plugins/ryu/agent/ryu_quantum_agent.py: No module named ryu.app" [Medium,New]
<jamespage> zul, might be a propreity bit
<zul> jamespage:  you would think so but its available on pypi
<jamespage> hmm OK
<zul> https://pypi.python.org/pypi/ryu/1.7
<jamespage> zul, I'm guessing the unit testing covers none of that plugin then
 * jamespage sighs
<jamespage> and its not in pip-requires or anything
<jamespage> bah
<zul> doubt it
<zul> ive seen other stuff that is not in pip-requires
<drag0nius> i've installed zentyal on non-standard port, but web access does not start (netstat doesnt show port open)
<jamespage> zul, cinder rc3 out yet?
<zul> jamespage:  not yet quantum rc2 is out though
<jamespage> zul, oh - and can you prepare a update for the grizzly cloud archive for that latest libvirt fix as well pls
<zul> ack
<jamespage> zul, marvellous
<jamespage> zul, also all of the rc1's are in grizzly-updates now - did you want to tweet that or something?
<zul> jamespage:  sure
<jibel> hallyn, stgraber another annoying bug with lxc on arm bug 1160360 . I filed it against lxc although it is more like something in flash-kernel that should detect the platform it is running on.
<uvirtbot> Launchpad bug 1160360 in lxc "flash-kernel failed in an armhf lxc container on ARM: /usr/sbin/flash-kernel: 214: /usr/sbin/flash-kernel: mkimage: not found" [Undecided,New] https://launchpad.net/bugs/1160360
<stgraber> jibel: ah, sounds like the same kind of problem we had with grub on x86
<stgraber> jibel: btw, I'm still trying to figure out what happened with the python module, it's a really weird bug ;)
<jibel> stgraber, I'm sorry :)
<stgraber> jibel: well, I'm glad you noticed it before we release the final 0.9 :)
<hallyn> stgraber: so to deal with the veth create scalability, we might want to have all templates default to specifying names and peer names for all veths
<jibel> stgraber, I'm feeling like the only user of lxc on ARM
<stgraber> hallyn: ah, I didn't follow the discussion too closely but is the extra delay caused by the generation of a unique name for the pair?
<hallyn> jibel: you might be, but i'm setting up my arm laptop right now so you won't be
<stgraber> jibel: you're not, I'm using it on my pandaboard for package builds ;)
<hallyn> stgraber: yeah finding a new name is o(n^2)
<hallyn> stgraber: but those build containers don't get upgraded?
<stgraber> hallyn: they do but they don't have a kernel in them ;)
<hallyn> i've got a bad feeling about 1160360,
<hallyn> we had to go to some effort to fix that with grub
<hallyn> so will mkimage have to detect if it's in a container too?
<jamespage> zul, could you ack the python-coverage update here please - http://people.canonical.com/~jamespage/ca-updates/
<stgraber> hallyn: so I'm not sure I like the idea of forcing people to set the names for the pair in the config as it may be a bit tricky for people to figure out when moving containers around
<stgraber> hallyn: however we can easily generate something better than the current random names
<zul> jamespage:  +1
<jibel> stgraber, oh wait, about the kernel bug, maybe it's just me doing weird things because I reused a cloud-config script that is normally used to provision local VMs
<hallyn> stgraber: they're usually random, how is 'containername.1 and containername.2' worse?
<jibel> I'm trying something
<hallyn> though there is probably a rather short length limit
<stgraber> hallyn: veth<PID of lxc-start>-<index>
<hallyn> jibel: no i'm guessing any instance based from cloud image will have a kernel and cause this
<stgraber> hallyn: I'd rather we have LXC generate good unique names than assuming that people or our template will ;)
<hallyn> stgraber: or just v<initpid>.1 and v<initpid>.2.  something like that, yeah
<jamespage> zul: ta
<hallyn> stgraber: sounds good
<stgraber> hallyn: right. The only problem I can think of with initpid is when doing nesting, as you can technically get a clash
<stgraber> hallyn: not sure what else we can use though ;)
<jamespage> zul, "        self.fake_ryu = fake_ryu.patch_fake_ryu_client().start()"
<hallyn> stgraber: that should still be mostly not o(n^2), and should be very rare
<jamespage> so it does have unit tests but it stubbs out the client - which is fair enough
<zul> jamespage:  well thats something i guess
<hallyn> jamespage: at first glance i thought you were telling zul off
<zul> hallyn:  wouldnt surprise me ;)
<stgraber> hallyn: oh nevermind, with nesting we also get a new netns so the veth name won't clash
<hallyn> true :)
<stgraber> hallyn: so yeah, v<initpid>.<increment> sounds good, should be reliable and will fix the allocation time issue
<zul> yolanda/jamespage: https://code.launchpad.net/~zulcss/quantum/rc2/+merge/155486
<stgraber> hallyn: is that something you want to do for 0.9?
 * jamespage hopes he's not getting a rep for telling people off
<hallyn> stgraber: yeah i think so
<hallyn> stgraber: not right now though, and i'm not sure where to record that task :)
<hallyn> we need a 0.9 and 1.0 blueprint
<hallyn> s
<stgraber> hallyn: ok. My hope is to send the pull request for 0.9 on Monday
<hallyn> oh.  hm.
<stgraber> hallyn: assuming I figure out that damn python bug by then ;) I did a dozen test build yesterday and it's just plain weird...
<hallyn> ok i'm still waiting for my arm to update.
<hallyn> (and then of course i'll have to drop back into android to flash the old kernel since new kernel doesn't work)
<stgraber> so far, I've come to the conclusion that it's not some kind of weird function name clash (my function was called get_version so could have clashed with one of the LXC ones) and it's not caused by what we get from the LXC API as even returning a fixed string gives the error
<hallyn> /build/buildd/sparc-cross-toolchain-base-0.9ppa1/debian/tmp/usr/include/stdc-predef.h:30:26: fatal error: bits/predefs.h: No such file or directory    hmmmmm
<hallyn> oh.  feh.  my arm kernel doesn't have bridge support
<hallyn> guess i'll leave that to stgraber
<stgraber> I found quite a few bugs so far, but none that explain what I see ;)
<gQuigs> I can't seem to find documentation on the Ubuntu 10.04 Kernel Backports; the best I could find was http://askubuntu.com/questions/29961/why-are-only-some-versions-of-the-kernel-backported-to-certain-releases
<gQuigs> but no "official" doc backing that up
<gQuigs> specifically I'm wondering if support for the 3.0 kernel ends in April with Oneiric
<stgraber> hallyn: oh wow, so I can confirm that it's nothing to do with the function in my python binding, it seems to have something to do with the structure listing the functions related to the python module
<hallyn> huh
<stgraber> hallyn: the bug happens whenever that struct contains two items. If I remove get_current_config_dir, then get_version works
<hallyn> does it need to be (and is not) null terminated?
<stgraber> now to go check the python documentation to figure out what I missed ;)
<stgraber> it needs to be NULL terminated and it's
<hallyn> :)
<hallyn> +1 then :)
<jamespage> zul: +1 on quantum rc2 MP
<zul> jamespage:  cool thanks
<jamespage> zul, sorry - got distracted by something else
<zul> jamespage:  no worries i had other things to keep me busy
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<hallyn> stgraber: actually, i wasn't thiniing right.  since we always pass in a random name, we should be ok now in lxc - we're passing in a name, so kernel doesn't have to find one.
<eagles0513875> hey guys quick question ufw automatically denies all or do i need to setup a rule to deny everything
<RoyK> eagles0513875: "ufw enable" will deny all incoming access
<eagles0513875> thankjs RoyK :) deny everythign unless i tell it to allow a certain port or service
<RoyK> eagles0513875: if you need external access, such as ssh, run "ufw allow 22/tcp" *before* running "ufw enable"
<RoyK> eagles0513875: deny everything *incoming*. It normally allows everything outgoin and related/established return traffic
<eagles0513875> ok kool :)
<eagles0513875> all i do know RoyK is that there is lots of inbound attempts thank god it denys everything except what i have allowed
<stgraber> hallyn: ah, we already do that now?
<nottheoilrig> smoser: i'm getting a lot of 403 errors from one of the ec2 archive mirror
<stgraber> hallyn: fixed!
<nottheoilrig> e.g. http://us-east-1.ec2.archive.ubuntu.com/ubuntu/pool/universe/a/aria2/aria2_1.15.1-1.debian.tar.gz
<stgraber> hallyn: you were right on a null-terminated list that wasn't null-terminated, except it wasn't the one I changed at all ;) it was some get/setters list that we've had around for ages
<stgraber> hallyn: properly ending that one fixed everything...
<nottheoilrig> is this a known issue? can you please help me find the right bug number for this 403 behavior?
<smoser> nottheoilrig, are you sure you have apt-get updated ?
<stgraber> hallyn: I'll upload a fixed lxc in a few minutes
<stgraber> jibel: ^
<nottheoilrig> smoser: yes, that was the first thing i thought, but even after apt-get update i get the same 403 error
<jibel> stgraber, great, I'll be happy to test it.
<smoser> nottheoilrig, looking at it.
<nottheoilrig> smoser: thank you
<jamespage> zul, +1 on ca update for quantum rc2 as well if I've not already done so
<zul> jamespage:  thanks
<hallyn> stgraber: great :)
<nottheoilrig> is there an option that i can pass to apt-get update to print the actual URL it uses for the line:
<nottheoilrig> Hit http://us-east-1.ec2.archive.ubuntu.com quantal/universe Sources
<Jeeves_> https://github.com/tuxis-ie/monitoring/tree/master/mklivestatus
<Jeeves_> (For those of you playing with Nagios :))
<nottheoilrig> ah, --print-uris
<smoser> nottheoilrig, just so you're aware, that is "just" a source package.
<smoser> ie, i can 'apt-get install aria2', just not 'apt-get source aria2'
<stgraber> hallyn: patch sent to the ML, not sure how long it'll take for you to get it though :)
<hallyn> stgraber: was right quick that time
<nottheoilrig> smoser: yes, i was trying to "apt-get source" to find all the places in ubuntu where Libgcrypt GCRYCTL_SET_THREAD_CBS is invoked
<SpamapS> I believe some people were working on getting opengrok setup for everything in Ubuntu main
<smoser> nottheoilrig, right. its a valid problem, just making sure you realized that it wasnt affecting binaries.
 * nottheoilrig nods
<smoser> its being worked, by canonical IS, nottheoilrig
<nottheoilrig> smoser: thank you!
<hallyn> smoser: it seems to me canonistack is suffering frmo bug 1100843.  where after some time, qemu vm performance degrades significantly.  Have you ever noticed that anywhere?
<uvirtbot> Launchpad bug 1100843 in qemu-kvm "Live Migration Causes Performance Issues" [Medium,Confirmed] https://launchpad.net/bugs/1100843
<hallyn> (i.e. start up a vm, it's quick, let it sit for a few hours or days, then it's slow)
<stgraber> hallyn: I'm glad we found that one before 0.9 because it could have been the source of quite a few very very weird python-related bugs :)
<hallyn> stgraber: now q is is that the last one for this release :)
<stgraber> hallyn: it's almost a miracle it showed up as that simple UnicodeError and not as some kind of weird corruption
<stgraber> hallyn: well, I've got a dozen production servers running rc1 with a ton of containers and sub-containers using hooks, seccomp and everything scripted with the API, if there was anything horrible, I should have noticed ;)
<stgraber> (though that's not on arm, so the python one went unnoticed)
<smoser> hallyn, i've noticd that, yes. but i'm not sure that that has to do with live migration.
<smoser> what evidence of live migration link do you have?
<Daviey> m_3: around?
<hallyn> smoser: i have none, and was the one who pointed out that it may not be related to live migration at all
<hallyn> all right i'll see if i can get some metrics on that
<stgraber> hallyn: so for bug 1159818 I guess the right solution is to allow armhf, copy some of the non-native arch magic from lxc-ubuntu and nag utlemming until cloudimg-query works with armhf?
<uvirtbot> Launchpad bug 1159818 in lxc "Allow architecture armhf with template ubuntu-cloud when running on ARM" [High,Confirmed] https://launchpad.net/bugs/1159818
<hallyn> stgraber: yeah,
<hallyn> i think utlemming may be dev-nulling his lxc bugmail :)
<utlemming> hallyn: I saw it...I just haven't had a chance
<hallyn> utlemming: ive been assuming you want to be cloud template maintainer, but if you just don't have time for it let me know i guess
<hallyn> (presumably you can crank it out a lot faster than I)
<stgraber> hallyn: I'll take a look at the lxc-ubuntu-cloud change myself as I've done the armhf stuff in lxc-ubuntu and I think we want to allow for lxc-ubuntu-cloud armhf on x86
<stgraber> but I'll let utlemming deal with cloudimg-query
<hallyn> cool
<tedski> i am so fucking spoiled on coffee
<tedski> i just pulled a shot from the superauto at work
<tedski> i had to go pour it down the drain
<tedski> whoops, wrong channel
<tedski> derp
<one> How do I share a connection over wifi on the server system?
<one> Is it going to be in the server guide?
<hallyn> one: http://s3hh.wordpress.com/2011/12/15/simple-netboot-setup/  is how i do it
<one> hallyn: how do I export a link into another console from irssi in console?
<hallyn> if you're under screen you can cut/paste the link in screen
<hallyn> really that link isn't so unworkable to not be typable
<one> theres no mouse in my console though
<hallyn> but, in a mtg, bbl
<hallyn> you don't need a mouse if you're under screen
<hallyn> ctrl-a esc, j/k/h/l over, 'space' to start sleecting, $ to end of line, space to finish selectnig, enter, ctrl-a ] to ppaste
<one> hallyn: how long will you be gone
<one> let me move to a screen session and try it
<one_> I am in screen now
<one_> please repaste the link so I can try this
<one> screen looks very useful but there arent any apparmor profiles made for it so I have been shying away from it
<one> I will have to make an apparmor profile for it
<one> seems like every progrum access the root password file
<one> so pretty much everything needs apparmor
<Brace> one: I can strongly recommend byobu, it's a userfriendly overlay onto screen
<Brace> one: this is ubuntu, you shouldn't have a root password really
<one> Brace: come on im not a sucker
<one> please
<one> refrain from antagonizing me
<Brace> one: sorry, I'm not trying antagonise you, it's just that as I understand it, the 'ubuntu way' is not to have a root password
<one> yes its called stupid by default
<Brace> one: or if you mean byobu, then it's a really good program, I strongly recommend it
<one> Brace: thanks but im not interested in extras
<one> I am trying to cut and paste a link at the moment
<one> will you repaste that link for me
<kirkland> Brace: :-)
<one> will you repaste that link for me
<one> hey nutmeg
<Brace> one: as I'm feeling nice - http://s3hh.wordpress.com/2011/12/15/simple-netboot-setup/
<Brace> kirkland: I see what you mean :-)
<hallyn> one: link repaste http://s3hh.wordpress.com/2011/12/15/simple-netboot-setup/
<andol> Brace: Why make generalized statements about (not) having a root password? Assuming I have my server setup not to accept root logins over ssh I might still find a root password very convenient if I need to repair something from the physical console.
<hallyn> Brace: oh, thx :)  missed yoru repaste
<hallyn> ok, bbl
<Brace> hallyn: np :)
<Brace> andol: it wasn't really generalised, I was directing it at one, if you want to have root passwords, then that's your choice
<one> ok I got it into buffer now how do I open a new window?
<zul> jamespage:  https://code.launchpad.net/~zulcss/ceilometer/rc1/+merge/155552
<one_> screen is pretty nice, figured it out
<hallyn> ctrl-a c
<one_> If you want to get to the Father you must go through the Son.
<one_> Not the wife not the mother, try it only mutilate her it is similar to quantum encryption.
<one_> Brace: choose the way of the Master
<jamespage> zul: ceilometer LGTM
<zul> jamespage:  thanks
<zul> jamespage:  i expect to get happybase from debian anyways
<jamespage> zul, yeah - zigo uploaded it - its in NEW
<jamespage> zul, we still need to package ming tho
<jamespage> zul, next cycle along with ryu for quantum I think
<zul> jamespage:  pythyon-ceilometerclient is still in new as well
<jamespage> Daviey, please please please ^^
<jamespage> Daviey, oh and please please please openstack folsom updates in quantal-proposed queue
<samba35> i have 2 ubuntu systems 1 is on physical desktop and another on vmware ,i want to access firefox of vmware ubuntu from physical desktop using ssh or better option (???)
<holstein> access? you mean,, you want to forward -x via ssh ?
<holstein> samba35: ^
<samba35> yes
<holstein> samba35: sure.. that'll work
<samba35> but i am not able to get desktop /remote firefox
<samba35> try export display also
<holstein> samba35: can you ping them from each other? did you set the networking up properly? can you ssh in?
<samba35> if you dont mind can you pls tell me how it can be achive
<samba35> yes
<holstein> samba35: yes, you can ping? and ssh in?
<samba35> i can ping to each other able to use ssh from both side
<holstein> samba35: did you configure ssh to forware x?
<holstein> forward*
<Daviey> jamespage: ack
<samba35> on which machine
<samba35> X11Forwarding yes
<holstein> samba35: http://unix.stackexchange.com/questions/12755/how-to-forward-x-over-ssh-from-ubuntu-machine
<holstein> samba35: and you restarted the service?
<samba35> yes
<jamespage> Daviey, ya
<jamespage> ta rather
<samba35> infact restart system also :)
<holstein> samba35: what error messages are you getting?
<samba35> Error: no display specified
<holstein> samba35: https://bbs.archlinux.org/viewtopic.php?id=88945
<holstein> https://wiki.archlinux.org/index.php/SSH#X11_forwarding
<holstein> samba35: use a pastebin to paste your terminal with the command and the error message
<samba35> ok let me try
<samba35> pls wait ,be right back
<stgraber> hallyn: wow, make dist was really quite broken in upstream LXC :) I just noticed when comparing my tarball with Daniel's. Patch incoming
<stgraber> hallyn: next up is fixing make clean to actually cleanup everything, then I think I'll be happy with our build system :)
<hallyn> stgraber: why is lxc.c in EXTRA_DIST?
<stgraber> hallyn: that's the python lxc.c so it's not built through the standard automagic
<stgraber> hallyn: so needs to be specifically included in EXTRA_DIST along with setup.py if we want to see it in the tarball at all
<hallyn> oh the release tarball
<hallyn> gotcha, thx :)
<samba35> now i am getting X11 connection rejected because of wrong authentication.
<samba35> Error: cannot open display: localhost:10.0
<stgraber> right, that whole commit is about fixing the release tarball not including quite a bunch of files :)
<stgraber> (and including some files it shouldn't)
<hallyn> yup, ack is in the mail.  not sure when you'll getit
<stgraber> hallyn: got it
<hallyn> i hear sf.net doesn't deliver email on saturdays any more
<hallyn> k :)
<stgraber> hallyn: I just hope Dwight will be able to answer my follow-up lxc.spec question
<hallyn> maybe you shouldn't have beatn around the bush :)
<hallyn> woohoo, got past install-gcc1
<ikonia> ? install-gcc1 ?
<stgraber> jibel: updated lxc should be in the archive now
<jibel> stgraber, okay, I'll try in a moment.
<smoser> jibel, ping
<smoser> bug 1160462
<uvirtbot> Launchpad bug 1160462 in cloud-init "Don't run resizefs hook during installation of an LXC container with cloud-init" [Undecided,New] https://launchpad.net/bugs/1160462
<smoser> is that a regression ? i dont think it stricktly is.
<jibel> stgraber, python3-lxc 0.9.0~rc1-0ubuntu2 works fine.
<stgraber> jibel: yay!
<jibel> smoser, I don't think it's a regression
<jibel> smoser, in the context of LXC it just doesn't make sense to try to resize the hard drive of the host.
<smoser> jibel, right. it doesn't make sense to do it. i should have caught the ENOENT on the stat.
<smoser> but it doesn't make sense specifically to *not* do it just because its lxc
<jibel> smoser, right too :)
<Free99> hello everyone, I'm running an asterisk server on a ubuntu server via linode, having trouble getting phones to call each other, but they can call asterisk and run the echo test just fine
<Kubes_> Hello, cloudinit question.  How does cloudinit determine initial boots (for run once) vs post start-ups?  Can this be reset?  (Testing and build amis from a current instance?>  Thanks!
<Kubes_> Is this correct place for ask cloud init questions?
<sarnold> Kubes_: it's not wrong..
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<Kubes_> Ok, thanks.  the #ubuntu channel send me here, what is the correct place?
<holstein> Kubes_: just ask, and we'll see what the issue is
<sarnold> Kubes_: I don't know if this is the _best_ place, but at least this is good enough. :) feel free to re-ask in another few minutes...
<Kubes_> How does cloudinit determine initial boots (for run once) vs post start-ups?  Can this be reset?  (Testing and build amis from a current instance?
<smoser> utlemming, fun
<smoser> http://paste.ubuntu.com/5650240/
<smoser> raring instance
<jamespage> zul: +1
<zul> thanks
<zul> Daviey:  *cough* python-ceilometerclient *cough*
<Daviey> zul: yes, i will do it today.
<zul> Daviey:  cool then we should be ok for grizzly
<smoser> utlemming, https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1160543
<uvirtbot> Launchpad bug 1160543 in linux "kernel crash on EC2 raring" [Undecided,Incomplete]
<hallyn> woohoo!  sparc-cross-toolchain-base built
<stgraber> hallyn: congrats!
<philpem> Any postfix gurus in the building? I'm getting this when I try to send mail: Mar 26 19:46:16 wolf postfix/smtp[11111]: 7842A2C0E04: to=<philpem@philpem.me.uk>, relay=mail.philpem.me.uk[96.47.225.116]:587, delay=0.84, delays=0.2/0/0.37/0.26, dsn=5.0.0, status=bounced (host mail.philpem.me.uk[96.47.225.116] said: 550 SMTP AUTH is required for message submission on port 587 (in reply to RCPT TO command))
<philpem> Relayhost is set up, smtp_sasl_auth_enable is set, smtp_sasl_password_maps is set, smtp_sasl_security_options is clear.
<jcastro_> sebrock: hallyn: so which one of you is putting docker in ubuntu? :)
<jcastro_> sorry sebrock, I meant stgraber
<hallyn> wow i've never gotten so many 'your email is awaint approval' msgs from just one email :)
<stgraber> jcastro_: well, unlikely to happen for 13.04 considering how new it's and that we're about to freeze for good, but for 13.10, I'm sure we'll find volunteers
<stgraber> jcastro_: ideally by then they'll have talked to upstream LXC and we can get them to use the API instead of wrapping around our binaries
<hallyn> jcastro_: personally i'm still waiting for the hype to settle down
<jcastro_> I was more hoping for a ppa than anything else
<hallyn> but maybe i'll go learn some go from their github repo :)
<jcastro_> stgraber: ack.
<hallyn> stgraber: this thread may be a sign that at the next 'ubuntu irc days'/whatever another lxc demo is needed
<stgraber> hallyn: I guess so, I've been pretty consistent at showing off LXC at every single conference I've been attending in the past 3 years, but I guess not everyone attends those, so maybe an IRC session would be a good idea too (or an hangout? hangout on air has the advantage that we can screenshare)
<hallyn> stgraber: that's a good idea
<hallyn> perhaps to celebrate 0.9 :)
<stgraber> as good a pretext as any ;)
<hallyn> all right lemme finally take care of the libvirt dnsmasq.d sru, then i'll look at the lxc-clone patch
<hallyn> we dont have clone in teh api yet do we?
<stgraber> no, I have it in the python API though but it just calls lxc-clone
<stgraber> but I have plans to kill all of those in 1.0 anyway and move to a clean C implementation + backend plugins in shell
<hallyn> i think we need lxc-clone rewritten in python
 * hallyn looks around for a volunteer
<stgraber> so that create/destroy/clone/... can all use some common functions to deal with the various backends
<hallyn> right
<stgraber> sure, once we have clone() in C with the plugins and everything, lxc-clone can be made a 5 lines python script ;)
<hallyn> stgraber: can you put up a wiki page with the todolist (including rewriting lxc-clone as c) so we can easily prioritize?
<hallyn> todolist for 0.9 and 1.0 i mean
<hallyn> (i can start it if you prefer, but i think you have an actual list you can start from :)
<stgraber> hallyn: I'll publish something after 0.9 is out, I don't want to confuse people :)
<hallyn> ok
<stgraber> for now I want bugfixes, then get 0.9 out next week, then start preparing 1.0 and getting people to start sending feature patches for 1.0
<hallyn> right
<hallyn> ok, biab
<hggdh> /join #ubuntu
<stgraber> jibel: testing a patch to the lxc-ubuntu-cloud template to support armhf on x86 and armhf on armhf (will still need manually passing the URL until utlemming uploads a new cloudimg)
<blistov> Anyone having issues with AMD-Vi initialization failing after updating to xen-hypervisor-4.1-amd64:amd64 (4.1.2-2ubuntu2.5, 4.1.2-2ubuntu2.6) ?
<stgraber> hallyn, jibel: So I'll send a patch to make armel/armhf work on armel/armhf hosts for both lxc-ubuntu and lxc-ubuntu-cloud. armel/armhf on x86 for the cloud image is working here but the change is rather massive and I'd rather avoid rushing this in 0.9
<hallyn> send to lxc-devel?
<stgraber> especially as it wouldn't work out of the box anyway until flash-kernel is fixed or removed
<stgraber> hallyn: yeah. Finishing the tests here, will send in a few minutes. The bits I'll send for 0.9 are just some simple changes to the arch checks. For 1.0 I'll push the rest of the changes I have here which basically doubles the size of lxc-ubuntu-cloud (we need function sharing between our two templates ;))
<hallyn> thx will look for it
<hallyn> hm, yeah, with abstraction/templating (in the OO sense :) we could actually make fn sharing between lxc templates pretty nice
<hallyn> i've been looking for a good way to move all that away from shellscript
<hallyn> ideally would've been to c, but this might make it worth doing in python (or c++) and continuing to have the c api wrap program calls
<stgraber> I think python would be better for the Ubuntu templates. I'm not a huge fan of subprocess handling and wgetting stuff from C :)
<stgraber> yay, got an armhf cloud instance running in LXC on my x86 machine, so that patch works too. Just need to keep it around for LXC 1.0
<Kubes_> A cloudinit question I asked prior, but still answered, maybe there's a expert here now.  How does cloudinit determine initial boots (for run once) vs post start-ups?  Can this be reset?  (Testing and build amis from a current instance?
<hallyn> stgraber: now, arm ubuntu-cloud containers on amd64, that should just be a matter of updateing the template a bit right?  no technical reason for that restriction?
<stgraber> hallyn: correct and I have a patch for that, expect that "a bit" is around 80 lines of pretty weird code to deal with qemu-user-static and multi-arch
<hallyn> stgraber: also, on raring on arm i thought qemu-i386-static should work
<hallyn> stgraber: yup, ok.
<stgraber> so I'm not planning on allowing qemu-user-static for cloud images in 0.9, but for 1.0 I expect to have it
<stgraber> i386 on arm is interesting, I didn't know it actually worked nowadays
<hallyn> it should, with the new qemu source in raring
<hallyn> but, not worth worrying about now :)
<hallyn> thx - ttyl
<stgraber> I'll run a quick test, if it works, I'll allow it in lxc-ubuntu
<stgraber> hallyn: is that just i386 or x86_64 too?
<hallyn> stgraber: should both be there...
<stgraber> hallyn: ok. I'll run a test. Last I tried, they were "there", working was a whole other thing though :)
<stgraber> (things segfaulting all over)
<hallyn> sigh
<stgraber> hallyn: /bin/sh: 1: Cannot fork
<stgraber> hallyn: that's what I get under qemu-i386-static on armhf
<stgraber> hallyn: so I can spawn a first process but that's about it :)
<stgraber> hallyn: same with amd64 on armhf
<Fleck> hello, ubuntu server uses old package for courier-imap
<Fleck> have some problems because of this!
<Iapetus> hello!
<Iapetus> Can someone help this newb with directions to make my server available to the world?
<Iapetus> It's working and I can access it on my own network, but no one elsewhere can seem to get to it.
<Iapetus> and I suck at networking ;_;
<sarnold> Iapetus: can you ping from your server to e.g. google.com? can you ping to 4.2.2.1? Is your server on an rfc1918 private network address? do you have NAT in place?
<Iapetus> ooo hang on
<Iapetus> yes, and yes, I do not know what a rfc1918 private network is, and I don't think so about NAT
<sarnold> rfc1918 is the 192.168/16, 10/8, and ... 172.something addresses
<Iapetus> one second
<Iapetus> oh and to be a little more clear: I am running two computers. One of them has the server installation, and this is the one I am chatting with. I can SSH to the server as well.
<Iapetus> after reading a little more, I would say yes the server is on an rtf1918
<sarnold> Iapetus: okay, hosts in the private unroutable address space tend to get internet access through network address translation; that complicates other machines contacting the host directly. (ping, for example, will never really work.) you'll need to do some port forwarding on your NAT firewall.
<Iapetus> using router settings?
<sarnold> Iapetus: yeah; how you do that varies from system to system...
<Iapetus> I logged into my router and set the Port Forwarding Range to point to the server's IP address, with start port at 22 and and port at 80, allowed both TCP and UDP. Was this wrong?
<sarnold> Iapetus: heh, forwarding port 53 dns may cause you problems looking up hosts -- depends on how well the designers of your router thought things through :)
<sarnold> Iapetus: I'd start with only ports 22 and 80 over tcp. use only what you need..
<Iapetus> right on
<Iapetus> good to know I'm on the right path
<Iapetus> damn that %10 configuration and %90 content :S
<Iapetus> is the 192.168.0.xxx address accessable from anywhere though? or do I need to change that to something more unique?
<sarnold> Iapetus: that address range can't be routed over the internet. (Every reasonable ISP will perform ingress and egress filtering on those address ranges to prevent them from being on the internet.)
<Iapetus> makes sense
<sarnold> Iapetus: we ran out of ipv4 addresses, so you don't really have an option. You can still get IPv4 addresses from some ISPs, but they've all been handed out now, so...
<Iapetus> wait, what?
<Iapetus> does that mean I cannot make my home server accessable to the internet?
<sarnold> Iapetus: you can, it just means using NAT and setting up port forwarding.
<Iapetus> thank you for the help btw, sometime google is a needle in a haystack
<Iapetus> time to read some more :S
<sarnold> Iapetus: if you're like most home-users, you'll next want to read about "dynamic DNS" systems; if your NAT firewall's IP address changes due to a new dhcp lease, a dynamic dns thing will let you continue using a convenient hostname.
<Iapetus> yeaaaah, I just read about NAT on wikipedia FML
<Iapetus> I went to school for programming, not networking ;_;
<Iapetus> well fudge
<Iapetus> think you could walk me through this?
#ubuntu-server 2013-03-27
<Iapetus> ;_;
<Iapetus> hmm
<hallyn> stgraber: drat.  might be worth a bug against qemu and QEMU
<hallyn> thx
<plan_1> What is the command to print and update a logfile onscreen? I know there is watch but that oly works for a log such as dmesg as far as I kknow.
<sarnold> plan_1: tail -F ?
<plan_1> sarnold: That looks useful but I haven't seen it update yet do you know how often it should update?
<sarnold> plan_1: quite quickly; perhaps the slowness is the writing to the log file.
<sarnold> plan_1: writing to files via a standard output typically buffers 4096 bytes or so, thta might be a bunch of lines...
<sarnold> plan_1: e.g., grep's --line-buffered command line option will ask it to use line-buffering rather than block-buffering, so tail -f and tail -F and so forth respond more quickly.
<plan_1> sarnold: Thanks, looks like i have connections on 50440
<plan_1> sarnold: But the firewall is not allowing them does that imply kernel level problems would you say?
<Iapetus>  awesome, I got it working from a friend of mine. Can someone confirm?
<Iapetus> http://71.10.98.41:8000/
<sarnold> Iapetus: woot!
<plan_1> sarnold: Well it is not set to allow them that is.
<sarnold> plan_1: you'd have to compare netstat -lnp output against the iptables -L output
<Iapetus> can you reach it sarnold?
<sarnold> Iapetus: yeah, some anime screenshot and so forth :)
<Iapetus> sick
<Iapetus> fucking networking
<plan_1> sarnold: It doesnt show in netstat only iptraf.
<plan_1> sarnold: I usually do netstat -taupe netstat -lpn is showing unix sockets and I don't really know what all of that means.
<sarnold> plan_1: l just shows listening sockets.. perhaps it's an already-connected socket?
<plan_1> sarnold: If it is kernel level would it not also escape netstat as the evidence suggests?
<sarnold> plan_1: what problem are you trying to debug btw? :)
<plan_1> sarnold: Oh ok let me glance at the netstat man to display connected sockets.
<plan_1> sarnold: Unless you know off the top of your head what the netstat command would be.
<plan_1> sarnold: Reguardless of netstat I made the iptables list myself and know it is not allowing these connections showing in iptables. So what do you think kernel level problems?
<plan_1> sarnold: Still with me?
<sarnold> plan_1: I'm afraid I was never with you :/ I don't know what problem you're trying to solve.
<plan_1> sarnold: The problem is unsolicited network connections.
<plan_1> sarnold: You know the whole iptables not set to allow them bit.
<plan_1> sarnold: Is that not plain english?
<sarnold> plan_1: so, you've got network connections that you don't want? don't know which program is accepting them? not sure why iptables has let them through? or... I'm still not following. :)
<plan_1> sarnold: All of the above.
<plan_1> sarnold: How about this one why doesn't netstat show domain connections when using -taupe?
<sarnold> plan_1: what's a "domain connection"?
<plan_1> sarnold: If you check /etc/services it id udp port 53 DNS
<plan_1> Remember me highvoltage ?
<sarnold> plan_1: udp is connectionless; even when connect(2) is used on a UDP socket, it doesn't actually set up a connection, it just adds some filtering rules to the socket
<sarnold> plan_1: my netstat -anu output doesn't show any outgoing DNS, even though I'm sure my system is doing DNS once in a while ...
<plan_1> sarnold: That is what I thought more of a broadcasting but why the -u option in netstat then?
<sarnold> plan_1: just to show only udp
<sarnold> no need to see tcp if you're curious only about dns :)
<plan_1> sarnold: No I mean since udp is connectionless why is there a -u option since they will never show.
<sarnold> plan_1: ah! because listening sockets still show up
<plan_1> sarnold: Well there is no allowance for high port udp so there must be kernel level problems here.
<plan_1> I know it is not the Ubuntu way but is there somehow I may get a clean system I am willing to pay $100.
<plan_1> Remember me highvoltage ?
<plan_1> Remember me highvoltage ?
<plan_1> Remember me highvoltage ?
<sarnold> his connection is just timing out, over and over again...
<plan_1> Anyone know how to induce vomiting, I just ate some easter candy and it is making me sick that and the cans of dog food called beef stew.
<plan_1> Does the rest of the world get this canned protien textures mixed with preservatives?
<plan_1> Im in Missouri.
<plan_1> Is this type of stuff in europe also?
<plan_1> Or australia?
<histo> plan_1: eat burnt toast
<plan_1> histo: How much does it usually take you?
<histo> plan_1: huh?  the charcoal will make you puke
<plan_1> I might try the finger throat method as I have no toast.
<histo> if you go to a hospital that's what they will give you charcoal
<plan_1> histo: I was asking how many slices.
<histo> plan_1: no idea never really tried just have heard about it.
<plan_1> finger throat method hurts too bad
<plan_1> cancel that idea, so what are you up to histo
<linocisco> who is using asterisk on ubuntu server?
<plan_1> For what
<plan_1> The crap is basically unusable
<linocisco> plan_1, IP PBX
<histo> linocisco: what would a person use asterisk for?  like voip telephony or something? I guess I have to watch some videos
<plan_1> and assume you are talking to who on the other end?
<plan_1> akams AI
<plan_1> time to slay hells angels
<plan_1> ok koolhead17 im working on it
<koolhead17> plan_1, ?
<plan_1> hoot n cold
<plan_1> if everyone else is lukewarm
<plan_1> fagboys walking around with "smart" phones
<plan_1> yelling like idiots
<plan_1> and a loud mouth slut following them
<plan_1> you want me to get cold as ice koolhead17
<plan_1> "I killed all husnock everywhere"
<plan_1> The agents?
<plan_1> If they dont work for me they are agents of nothing.
<plan_1> Unpredictable.
<greppy> plan_1: do you actually have anything ubuntu related to talk about?
<plan_1> Yeah but it gets ignored.
<plan_1> see how sarnold just kindof drifted off
<plan_1> hey bazhang thanks for writing the skeleton any chance I may get a clean kernel I have $100
<plan_1> The LORD is my shepheard I shall now want.
<bazhang> plan_1, please stay on topic
 * plan_1 laughes
<linocisco> histo, yes. for voip pbx
<Styler2go> Hello. I have some strange things happening with my Ubuntu Server. Since a few Days i am getting a huge load in "Connections through firewall" and " ipconntrack". Is there a way to see whats happening there?
<ikonia> I spy a linux format editor....
<vezq> Styler2go: use tcpdump to see network traffic
<plan1> Is there a way to get the firewall to actually work?
<patdk-lap> plan1, sure, load the modules for it :)
<evilnickveitch> ikonia, where?
<ikonia> evilnickveitch: he's wearing an evil disguise, and he maybe an ex-editor
<Styler2go> what can i do with tcpdump?
<jpds> Styler2go: dump tcp traffic.
<jpds> Styler2go: Dump all network traffic actually.
<jamespage> zul: http://people.canonical.com/~jamespage/ca-updates/
<jamespage> if you would be so kind :-)
<zul> jamespage:  +1 (although not offically here yet)
<jamespage> zul, lol
<jamespage> okies
<Daviey> jamespage: penstack components in quantal queue.. 2013-02-21 .. those ones are good?
<Daviey> or totally superseeded by 2013-03-22?
<jamespage> Daviey, superceded by 2013-03-22
<jamespage> Daviey, ugh - did you already accept those ones?
<Daviey> jamespage: no
<Daviey> jamespage: 2013-03-22 is good?
<jamespage> Daviey, yes - thats what I prepared last week
<jamespage> its the original srus with the security updates applied
<Daviey> right
<Daviey> jamespage: quantum (2013-03-01) is good?
<jamespage> Daviey, yep
<jamespage> thats a missing bit from the original SRU update that adam_g prepared
<Daviey> jamespage: except adam didn't add a bug reference to the changelog. *sigh*.  I need that.
<jamespage> Daviey, bah - OK - please reject it and I'll sort that out
<Daviey> done
<mkander_> Hey everybody, I just installed a new motherboard asus p8z77-v in my server, and now I cant get the network up
<mkander_> Any hint on what to do? Please help me.
<mkander_> "Cannot find device eth0"
<qman__> mkander_, sudo rm /etc/udev/rules.d/70-persistent-net.rules && sudo reboot
<qman__> if that doesn't fix it, you lack driver support
<Daviey> mkander_: ifconfig .. it might not be called ethX
<mkander_> Ok Ill try that qman__
<mkander_> Daviey: just "lo" in there
<Daviey> ok
<mkander_> wow looks like it worked :-)
<mkander_> YEEEhaa :)
<mkander_> thanks
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/rc3/+merge/155723
<yolanda> zul, no changes apart from version number?
<zul> yep
<jamespage> zul, approved
<jamespage> (thats my release that is)
<virtx> hi
<virtx> what is a good monitoring tool (for monitoring webserver/mysql/php-fcgi, networking) in CLI or really light application? htop is not so sufficient..
<hallyn> stgraber: the lxc-start-ephemeral manpage says '-n name' is an option, but it's not inthe soruce
<Pici> virtx: There are a few 'top-like' packages in the repositories for apache and mysql. It really all depends what sort of monitoring you are trying to do.
<stgraber> hallyn: ah yeah, I remember seeing that and forgot to fix it. Will do today
<hallyn> stgraber: cool, thanks :)
<virtx> Pici, what do 'top-like' tools do?
<Pici> apachetop says "It is modelled after the standard 'top' utility, and displays information such as the requests pers second, bytes per second and the most popular URLs displayed."
<virtx> good, and for mysql?
<virtx> for networking i'm using iftop, but vnstat seems better
<Pici> vnstat is pretty nifty.
<Pici> !info mytop
<ubottu> mytop (source: mytop): top like query monitor for MySQL. In component universe, is optional. Version 1.6-6 (quantal), package size 34 kB, installed size 152 kB
<virtx> well, i try it
<virtx> Pici: isn't there an apachetop tool for other webservers?
<virtx> like nginx, lighttp
<Pici> virtx: There might be.  Try: apt-cache search nginx top   or a similar query
<zul> jamespage:  http://people.canonical.com/~chucks/ca/
<virtx> Pici: nothing :\
<stgraber> hallyn: patch for -n/--name sent to lxc-devel
<hallyn> stgraber: cool, thx.  getting ready to send a lxc-clone patch
<jamespage> zul, +1
<zul> jamespage:  thanks cinder ca right?
<jamespage> zul, yep
<zul> jamespage:  k thanks
<zul> jamespage:  did you promote the other ones this morning?
<jamespage> zul, everything pending is in proposed
<jamespage> http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/grizzly_versions.html
<zul> jamespage:  cool thanks
<zul> now we just need python-ceilometerclient
<jamespage> zul, I'll flush through to updates now
<jamespage> zul, OK - synced through
<jamespage> zul, so just pending ceph (which I just uploaded), cinder rc3
<jamespage> and ceilometerclient when it arrives :-)
<zul> jamespage:  ack
<stgraber> hallyn: hey, is it just me mis-reading the diff or do you end up with lxc.rootfs defined twice in the config?
<hallyn> stgraber: doesn't show up twice
<jibel> stgraber, hallyn re bug 1160360 following ogra_'s comment I tried FLASH_KERNEL_SKIP=true and update-initramfs works fine even with flash-kernel installed. Is it something that could be set by default in the template too ?
<uvirtbot> Launchpad bug 1160360 in lxc "flash-kernel failed in an armhf lxc container on ARM: /usr/sbin/flash-kernel: 214: /usr/sbin/flash-kernel: mkimage: not found" [Undecided,New] https://launchpad.net/bugs/1160360
<stgraber> jibel: no, we don't do rootfs modifications from the templates
<stgraber> jibel: as we support copying the rootfs from an existing machine into a container
<stgraber> jibel: so it'd have to be a change in the flash-kernel package to check running-in-container and do the equivalent of FLASH_KERNEL_SKIP=true in that case
<jibel> stgraber, okay
<ogra_> stgraber, jibel, patches accepted :)
<sliddjur> when doing this: mkdir /long/path/name/newdir/ && touch /long/path/name/newdir/newfile  is there a way to evade typing /long/path/name/newdir a 2nd time?
<jibel> ogra_, checking running-in-container in initramfs-hook/flash-kernel would be fine?
<ogra_> jibel, well, check the flash-kernel code ... it should be added everywhere where you find the env var
<jibel> ogra_, okay, I'll send a patch. thanks
<ogra_> thanks too ! :)
<savr> hi, there is no reason for gstreamer and qt to be installed on my server?
<savr> (they were installed by default)
<savr> ?
<RoyK> Â¿
<savr> hi, there is no reason for gstreamer and qt to be installed on my server? RoyK <<
<savr> and I can also remove samba?
<RoyK> savr: do you have little disk space?
<savr> no I just don't want junk installed
<savr> easier to debug problems
<RoyK> it doesn't matter
<RoyK> stuff not running doesn't make bugs
<savr> for example I had apache installed and it took me ages to figure out why tomcat wasn't working properly...
<savr> turned out apache was proxying tomcat automagically
<RoyK> savr: that's running processes
<RoyK> savr: not installed software
<savr> samba would also be running
<RoyK> then stop it, or just uninstall it
<savr> actually... apache2 package isn't installed by default...
<RoyK> samba isn't installed automatically. neither is apache
<savr> it is apache2-common or something like that...
<RoyK> that doesn't contain any daemosn
<savr> I'm using a packaged version of ubuntu to openvz
<RoyK> daemons, even
<RoyK> savr: worry about then if a problem arises
<RoyK> imho samba shouldn't be installed unless yo need windows connectivity
<savr> also it saves a ton of time upgrading
<savr> I don't
<savr> removing
 * ogra_ wonders how you got it installed in the first place ... neither qt nor gstreamer nor samba are in an ubuntu server default install unless you actively select them
<RoyK> ogra_: 16:36 < savr> I'm using a packaged version of ubuntu to openvz
<ogra_> oh
<ogra_> missed that
<ogra_> scary
<savr> not sure if it is a good idea to use the ubuntu openvz template
<smb> smoser, About bug 1160543. Is that repeatable? In which case I might be inclined to build a test kernel with the anticipated upstream changes. ;)
<uvirtbot> Launchpad bug 1160543 in linux "kernel crash on EC2 raring" [High,Confirmed] https://launchpad.net/bugs/1160543
<smoser> smb, embarrasingly, the first i personally played with raring on ec2 was yesterday.
<smoser> and i started an lxc container, stopped it and stareted  and stopped
<smoser> and it crashed.
<RoyK> savr: dpkg -l | pastebinit
<smoser> (i thought i'd busted networking). i dont know much more about it.
<savr> I'm on mosh... need to ssh once the upgrade is finish
<yolanda> jamespage: https://code.launchpad.net/~yolanda.robla/charms/precise/glance/ha-support/+merge/155771
<savr> apt-get upgrade takes forever on openvz :/
<RoyK> too many packages installed? slow host?
<savr> I'm the host
<savr> ssh into the mysql node... http://pastebin.com/iJ6azVa8
<savr> ogra_: RoyK smoser smb
<smoser> savr, dpkg/apt is sync-heavy
<savr> got gstreamer gtk can be remove too?
<smoser> see 'unsafe-io' (man dpkg) or 'eatmydata'
<savr> apt-get purge -y openjdk-\* icedtea-\* icedtea6-\* apache\* x11-\* samba\* libgtk\* libgstreamer\*
<savr> that should clean it all up?
<RoyK> savr: pastebin dpkg -l ;)
<savr> I have
<RoyK> oh
<RoyK> there
<smb> smoser, Well ok, I think that it might be related to lxc's usage of mem cgroups.
<RoyK> mysql?
<savr> yeah that is the mysql node
<savr> so it needs mysql
<RoyK> ok
 * RoyK isn't a big fan of mysql
<savr> so anything else I should get rid of?
<RoyK> not sure - a lot of libraries you might not need, though
<RoyK> how much does the root fs fill up now?
<savr> dunno
<savr> it is slowly still removing on two more nodes
<savr> it's really slow the server isn't doing anything other than running apt on a few nodes right now
<sarnold> savr: the 'deborphan' package can help find packages that aren't needed any more -- but be careful with its recommendations, it'll happily recommend a leaf package that you _want_ -- but with a careful hand driving it, very useful. :)
<savr> I've got 3 nodes running only apt right now. and that is all on the server
<highvolt1ge> stgraber: I suppose you've seen https://www.youtube.com/watch?feature=player_embedded&v=wW9CAH9nSLs#at=291 already?
<stgraber> hallyn, sarnold: I think I finally understand bug 1157332. The logic in the package itself is correct for raring, but the problem is when you upgrade from precise or quantal to raring as the migration code is then triggered twice
<uvirtbot> Launchpad bug 1157332 in lxc "/etc/dnsmasq.d-available/lxc circular link " [High,Confirmed] https://launchpad.net/bugs/1157332
<sarnold> stgraber: yay :)
<hallyn> stgraber: oh no, is that going to be the same for libvirt?
<stgraber> I'm confirming I can easily reproduce this with 12.10 => 13.04. If I can, then I'll add some code to fix the mess. It's easy enough to detect the circular link from the postinst, move everything back to normal and restart dnsmasq
<hallyn> sigh
<hallyn> thx :)
<stgraber> the good news being that in the worst case scenario we just need to fix raring + quantal. I don't think we need to SRU something to precise this time around
<sarnold> stgraber: did it only trigger for me because I had upgraded precise->quantal->raring ?
<stgraber> sarnold: I certainly confirmed that precise->quantal->raring causes it, but I suspect just quantal->raring will too
<sarnold> stgraber: aha
<stgraber> sarnold: right, quantal->raring => broken links
<stgraber> alright, now to fix that mess :)
<sarnold> stgraber: good luck :) it sounds frustrating :)
<stgraber> sarnold: it's just frustrating because it's the 3rd time we have to fix it and we'll likely have to re-upload twice 3 different sources to get rid of it entirely
<sarnold> stgraber: oh _man_ :/
<stgraber> libvirt, lxc and network-manager share the same bit of code and we have it in precise, quantal and raring
<stgraber> hallyn: hmm, so the problem is trivial to see but hard to fix ;)
<stgraber> hallyn: in short, we have the migration code in .maintscripts which tells dpkg to move the file if the previous version is older than X
<stgraber> hallyn: the problem being that we have 3 possible value of X depending on whether we're coming from precise, quantal or raring
<stgraber> hallyn: so our upgrade code is perfectly fine for users upgrading from initial raring to current raring, but will trigger twice (or more) for those coming from precise or quantal
<stgraber> hallyn: with the problem being that if we set that value to the oldest version with dnsmasq support (current SRU in precise), we may miss triggering for people upgrading from old quantal or old raring
<stgraber> in short, I think we should keep .maintscripts as it's, because it's not wrong. Then add some postinst code to detect double-migration and fix it
<stgraber> I'll test a fix here and attach to the bug report with details of my findinds, because the SRU team will want to know the details for sure (as it won't be good, clean packaging changes ;))
<stgraber> sarnold: do you still have your broken dnsmasq setup or did you fix it?
<hallyn> stgraber: it's also frustrating because the libvirt one isn't even accepted itno -proposed yet :)
<hallyn> c'est la vie
<stgraber> hallyn: alright, I have a fix
<hallyn> stgraber: cool.  maybe the fix will explain to me why we can't just use explicit package version comparisons in pre/postinst to fix it :)
<stgraber> hallyn: because we need explicit version comparison + series comparison
<sarnold> stgraber: I certainly don't _like_ my current dnsmasq setup -- I either have to type sec-precise-amd64.local _or_ I no longer get local LAN resolving. :/ I'm going to try a reboot after I fiddled with a few settings though
<stgraber> hallyn: as in, we need our migration code to trigger if the previous version is "<= X on precise" or "<= Y on precise" or "<= Z on raring"
<stgraber> hallyn: currently we just have it as "<= Z on raring" so anything that's lower than the original raring version will be migrated even if it already was through an SRU
<hallyn> stgraber: bleh :)
<stgraber> hallyn: bug updated with patch. I had slangasek take a quick look to see that I wasn't insane and that it's the "best" way of fixing the mess and he seems to agree.
<stgraber> hallyn: I'll just do another precise -> quantal -> raring upgrade, then run my new postinst and see if that fixes it. If it does, I'll upload lxc to raring and quantal-proposed
<hallyn> stgraber: cyphermox will do network-manager I recon?
<stgraber> hallyn: I guess so. I'll open tasks for all 3 packages as usual and target to quantal + raring
<stgraber> I really hope it's the last time we need to go through that mess
<hallyn> stgraber: I'll copy it over to libvirt then, thanks.
<hallyn> stgraber: wait, so it doesn't apply to precise?
<hallyn> pretty sure I had a precise bug open for libvirt for the original
<stgraber> precise is broken but the broken bits won't ever be called, so it's fine
<hallyn> oh, right, so that's only for this bug.  got it
 * hallyn being silly
<cyphermox> hallyn: stgraber: what bug?
<stgraber> cyphermox: bug 1157332
<uvirtbot> Launchpad bug 1157332 in network-manager "/etc/dnsmasq.d-available/lxc circular link " [High,Triaged] https://launchpad.net/bugs/1157332
<stgraber> cyphermox: yet another fallout of the dnsmasq stuff :)
<SpamapS> utlemming: hey, wondering how you get the cloudimage-rootfs label on the ubuntu cloud images. Is that code somewhere visible?
<utlemming> Its done via a custom code branch of Live-build. It's old and will get updated next cylce. But here it is: lp:~ubuntu-on-ec2/live-build/cloud-images/
<Quest> how to open port 80 in ubuntu? (i dont have any GUI)
<SpamapS> Quest: man ufw
<Quest> SpamapS,  is the default firewall of ubuntu is iptables? and i need iptables command?
<jcastro_> ufw is a convenience wrapper for iptables
<stgraber> Quest: ufw is the recommended CLI frontend for iptables
<jcastro_> https://help.ubuntu.com/community/UFW
<stgraber> Quest: however by default on Ubuntu systems, we don't firewall anything, so just installing apache (or any web server) should just work without explicitly opening tcp/80
<Quest> can i do that directtly by iptables
<SpamapS> utlemming: ty
 * stgraber loves ephemeral containers + gigabit mirror, precise => quantal => raring all done in 2min
<stgraber> getting a nice 82MB/s from the local proxy+mirror
<ogra_> grr
 * ogra_ is envious
<stgraber> ogra_: still on 2Mbps SDSL? or did you upgrade to something from this decade? :)
<ogra_> to lazy
<ogra_> and i wouldnt have anything to moan about
<stgraber> you know that if you continue like that cjwatson will have a better internet connection than you do, right? :)
<ogra_> i might just upgrade to LTE then ... phones are stacking up around me recently
<stgraber> if you can get reasonable pricing for LTE, sure. I only enjoy reasonably priced LTE when I'm in Switzerland. Where I live in Canada I can't find anything with more than 6GB a month and even 6GB is around 70$ so way too expensive.
<stgraber> and so far I've only found a single ISP here that's crazy enough to sell me unmetered internet, the others still put limits at 500GB or similar and then I'd have to pay crazy expensive extras for the remaining 1.5TB or so...
<ogra_> wow
<ogra_> thats bad
<stgraber> I should really poke my ISP at some point and ask what percentage of their total IPv6 bandwith I'm using, because at 1.5TB a month, I'm sure it's a very significant chunk of their total IPv6 traffic (for a fairly small consumer ISP) ;)
<stgraber> hallyn: new LXC uploaded to quantal and raring
<stgraber> hallyn: I'll ask for a new backport to precise once quantal is moved to quantal-updates
<stgraber> hallyn: now to test your lxc-clone change and I'll be done with lxc for the day (and hopefully, the week ;))
<zul> utlemming: do you know why walinuxagent got rejected?
<hallyn> stgraber: the lxc-start-ephemeral -n change ending up in yoru ppa will be helpful to me :)
<stgraber> hallyn: yeah, it should be there tomorrow. So far I just applied it to my local copy of the script for testing
<Darkstar1> qq I just accidentally deleted everything in a directory is there anyway to undelete what I just did?
<sarnold> Darkstar1: first, give up hope. They're probably gone. Second, the 'recover' package claims it can recover data using debugfs from ext2 filesystems. Maybe debugfs can help with ext3 as well. But, uh, I'd be surprised.
<Darkstar1> sarnold: Thanks. Hope is now crushed
<Googol30> I have a couple of spare hard drives laying around, and am experimenting RAIDing my boot drive. I'm wondering if I can safely shrink my existing boot partition to mirror a (much) smaller drive without screwing something up, and if I can do that in such a way that I can expand that into a RAID5, then RAID6, after RAID1?
<Googol30> The drive I am trying to mirror with is 10GB, the current boot partition is 55GB, and I have about 6GB of data on the boot partition.  I'm worried there might be a problem with fragmented files and concatenation screwing something up.
<Googol30> I've been given the suggestion that I should make backups before attempting this, so if someone can give me information on how to implement a backup scheme (preferrably a Tower of Hanoi solution) in addition to RAID, that would be phenomenally helpful.
<sarnold> Googol30: rsnapshot is pretty keen
<sarnold> Googol30: I've got rsnapshot making houryly, daily, weekly, backups, between two hard drives  on my laptop; it goes ~100 gigs of data in two minutes most times..
<hallyn> is that at all related to rdiff-backup?
<sarnold> hallyn: I don't think so...
<hallyn> just wondering
<sarnold> rsnapshot uses raw rsync
<Googol30> sarnold: Does rsnapshot take advantage of "journaling" which I've heard the ext series of filesystems uses?  I haven't quite looked into filesystem types or features recently.
<sarnold> Googol30: as far as I know, the journalling in ext3, ext4, and related filesystems happens entirely without the application being aware
<sarnold> Googol30: it isn't like using a filesystem snapshot, as offered by zfs or btrfs -- journalling is just a way to try to offer asynchronous speeds with synchronous safety.
<xnox> lvm also gives snapshots and is more stable than zfs/btrfs
<sarnold> Googol30: ah yes, see xnox's comment. if you want to use snapshotting, consider using LVM snapshots (block-level) rather than filesystem level snapshots, as LVM snapshots are far better tested .. and feel 'simpler' (to me, anyway)
<sarnold> Googol30: I live fast and loose with my data -- _some_ backups are far better than none -- so I don't bother with snapshotting filesystems. I just want to have another handy copy of my data should one drive die.
<Googol30> sarnold: Which is why I'm in the process of RAIDing and implementing a backup scheme.
<sarnold> Googol30: because it appears you care more about your data than I do mine :D hehe
<Googol30> I have data which I can't afford to lose, and making manual backups when I feel like it is becoming tedious.  Additionally, server availability is important as well, and since I have a couple hard drives laying around, I thought I might experiment with RAID.
<Googol30> About backups: are snapshots an acceptable form of backing up a disk?
<patdk-lap> heh?
<patdk-lap> snapshots != backup
<patdk-lap> if they where, they would be called backups
<patdk-lap> raid is not a backup
<patdk-lap> backups are what you use when you accidentally drop the server in a lake, under a forklift, when the building burns down
<Googol30> I'm aware that RAID is not a backup.  It is simply for availability.  And I was assuming snapshots are a form of backing up data.
<patdk-lap> raid is what you use to keep the system running while it has a disk failure
<patdk-lap> snapshots can be used like a, instant available history
<sarnold> .. and snapshots are what you do to get a more-consistent view of the data _while making a backup_
<xnox> Googol30: base dies -> all snapshots based on the base are dead as well.
<xnox> Googol30: it's incremental "back-up" with stress on "incrementals"
<patdk-lap> reverse incremental
<Googol30> So what's the difference between snapshots and actual backups?  And what do you suggest for offsite backups, as I don't feel like relying on other entities to keep my data safe, nor do I feel like dealing with setting an autonomous version of that up.
<Googol30> Correction: I don't feel like paying another company for something which I can do myself, just as reliably.
<sarnold> Googol30: a backup is a physically separate copy of the data; a snapshot is an "frozen" _view_ of the data in the past that some programs will see, while other programs are allowed to keep making changes to the data
<patdk-lap> the issue is, someone doing something stupid to the disk will kill the snapshot and your data
<sarnold> Googol30: for "production" sorts of systems, you might do something to quiesce your databases and similar 'live' systems in a stable state, take a snapshot, then let them run again. then you run a backup tool on the _snapshot_ of the data, to make your physically separate copy of the bits. Once the backup is done, you do something to throw away the snapshot -- and only the 'new' data survives.
<patdk-lap> and you will need a backup
<sarnold> wow. re-reading my description, I'm afraid I only made things worse. heh. :(
<patdk-lap> likely issues, admin wipes a disk using dd
<patdk-lap> what was it we had a few days ago
<patdk-lap> someone relabeled their zfs disks
<Googol30> I'm fully aware of what humans can do to a disk or data, which is why I'm going through the process of making backups and RAID.
<patdk-lap> I don't believe raid fixs human at all
<Googol30> Additionally, I'm fully aware of what RAID does and what it is for.  Instead of telling me the consequences of _not_ setting a backup scheme up, can you tell me _how_ to set something up?
<patdk-lap> you asked
<sarnold> Googol30: I found rsnapshot easy to install and run; the /etc/rsnapshot.conf had reasonable defaults already provided for many settings, and there's LVM integration options in case you want to use them.
<Googol30> patdk-lap: To clear up doubt about my knowledge of computers, RAID is a system of physically seperate disks joined to form a single logical disk, which prevents against anomalies such as total disk failures, bad sectors, and human screw-ups such as pushing a disk off a table, because the information is spread out.  You are correct in your repeated statements that RAID is not for data backups, while I am correct in my state
<Googol30> If you have any other doubts or questions, please ask and I'll clear things up.  With all due respect, I don't like being called wrong when I _know_ that I'm not wrong.
<Googol30> sarnold: Would I go about installing rsnapshots through apt-get, or must it be downloaded from somewhere?
<sarnold> Googol30: rsnapshot is available for install as usual :)
<Googol30> And according to patdk-lap, snapshots aren't "real" backups.  Is he correct here, or will snapshots work as some form of backing up data, or supplement backups somehow?
<Googol30> If he _is_ correct, however, what else would I need to do to actually _backup_ my data?
<sarnold> Googol30: heh, he's correct, snapshots are nothing like backups, since there is still only one copy of the data with a snapshot.
<sarnold> Googol30: snapshots are useful for ensuring data consistency while making a backup.
<RoyK> hei
<Googol30> sarnold: So snapshots aid in the production of backups, correct?  What would I need to do in addition to making snapshots to backup that data?  Simply copy that snapshot to another disk?
<Googol30> sarnold: Should I just install rsnapshot and read the man page?
<sarnold> Googol30: yes, the snapshots give you a consistent state to backup -- the snapshot would live for five or ten minutes while the backup is being made, then you'd collapse it away again
<sarnold> Googol30: you can backup the snapshot data however you wish, with rsnapshot or duplicity or whatever else...
<sarnold> (duplicity might be nice if you want off-site backups too.)
<FUF> Hi all.. I have a question about ubuntu cloud images.
#ubuntu-server 2013-03-28
<FUF> Firstly, I'm having trouble booting ubuntu cloud images in kvm/libvirt. I realize the default console is set to ttyS0. Even if I change this to tty0 etc., I don't get a getty prompt to log in.
<FUF> How do I log into an ubuntu cloud image on kvm?
<FUF> There isn't an sshd listening by default either.
<FUF> heh... after all the datasourceec2.py warnings looking for a metadata service, it finally continues to boot and gets to a getty.
<blenderman> i want to put a gnome desktop on my ubuntu server and use it remotely
<blenderman> how can i do this?
<mand0> install gnome?
<blenderman> no
<blenderman> i mean how would i use the desktop remotely?
<blenderman> to open software and things like that
<mand0> instead of SSH, VNC to it
<blenderman> yes thats what i mean
<patdk-lap> vnc or nx or ........
<blenderman> ok vnc does just this?
<blenderman> allows me to remotely control a desktop?
<holstein> blenderman: they are different things.. i would just try them both and see what works for you
<blenderman> ok now what's the advantage of using ubuntu server
<blenderman> instead of controling an ubuntu distro with gnome with vnc
<mand0> cuz command line is better for a server operating system. less overhead, less packages
<blenderman> is there something about command line that enables a server to run constantly
<blenderman> is it had gnome would you not be able to let it run all the time
<holstein> blenderman: ?
<holstein> it? you mean, the computer? you can leave it on if you want.. you just leave it one.. the DE or lack of DE has nothing to do with it
<blenderman> i guess my question is
<blenderman> why are servers left to run all the time
<blenderman> while we're supposed to turn desktops off
<blenderman> at night
<holstein> blenderman: you arent "supposed to".. but you can.. if you dont need to leave it on
<holstein> folks leave servers on cause they need to be on, and available
<violinappren> Hello. I have a subversion setup served over an Apache host with a self-signed certificate. It was working fine until today (possibly after applying the latest updates.) Now I get this error upon using the command line client: "SSL handshake failed: Secure connection truncated"
<violinappren> any ideas?
<SpamapS> violinappren: openssl s_client -connect server:port usually shows more useful error messages than other things
<SpamapS> violinappren: also check the ssl server log
<violinappren> SpamapS: I get the following error in the logs: user root not found: /svn/project1/trunk
<violinappren> accessing the URL in the browser actually works, prompts me for HTTP auth over ssl
<violinappren>  its a client-side issue, i installed libneon and symlinked libneon-gnutls.so.27 -> libneon.so.27
<violinappren> works fine now
<sarnold> violinappren: wacky; was the client busted in an upgrade at the same time? or...?
<violinappren> sarnold: yes, both are precise machines
<violinappren> sarnold: seems  gnutls packages are all going haywire, i get this error now while trying to git clone something from github: error: gnutls_handshake() failed: A TLS packet with unexpected length was received.
<violinappren>  
<sarnold> violinappren: the recent openssl security update busted some specific modes when run on CPUs with AES-NI instructions. The security fix was reverted, and we waited for OpenSSL team to deploy _new_ fixes, and after a few days in the -proposed queue, we shipped those.
<sarnold> violinappren: I think I heard Debian's update might have missed the fix. It might be worth looking into it to see if you can find out specifically which combinations break :(
<violinappren> its a disaster that openssl packages aren't getting  enough quality control even on an LTS release
<sarnold> violinappren: it's a pain to track down when it only trips bugs in one odd mode on specific CPUs :(
<sarnold> violinappren: too true, some more comprehensive tests would be keen.
<jamespage> bug 1160893
<uvirtbot> Launchpad bug 1160893 in mongodb "Unchecked access to SpiderMonkeyâs JavaScript nativeHelper function" [High,Triaged] https://launchpad.net/bugs/1160893
<alex88> hi guys, I've an ubuntu server openvz container, which gets the ip from dhcp
<alex88> but on boot it doesn't have the default route, if I do dhclient eth0 it has the route
<alex88> seems an issue with 12.10, 12.04 works fine
<alex88> but running ifdown/ifup works fine
<spurious> Hi all, any canonical folks here?
<jamespage> spurious, yes
<spurious> Hi jamespage, is there a particular channel for AWS specific questions?
<jamespage> spurious, here is fine
<spurious> I'm having trouble getting hold of the ubuntu AMIs through the AWS API. When I query using the Canonical ID provided on help.ubuntu.com I get a huge list of AMIs, not the 32 listed on the AWS marketplace, and those listed in the marketplace are not in the list
<spurious> When I query with the specific AMI ID however, I do get the correct AMI, but there is no Canonical ID in the metadata
<spurious> Hence, I guess, it not showing up in the query
<spurious> Is there a preferred method for getting the Ubuntu AMIs?
<spurious> And also what are the ~350 AMIs that do show up  under the Canonical ID
<spurious> jamespage, any idea on how I should proceed?
<jamespage> spurious, yes - try https://cloud-images.ubuntu.com
<jamespage> its organized by ubuntu release and will give you the correct AMI's for every ec2 region for the official ubuntu AMI's
<jamespage> spurious, https://cloud-images.ubuntu.com/releases/12.04.2/release/ for example
<jamespage> spurious, the data on site is is also machine consumable
<spurious> jamespage, is there a specific nomenclature for the AMI metadata? I am sourcing AMIs over the AWS API througgh image repository queries
<jamespage> spurious, the cloud-utils package for ubuntu contains a 'ubuntu-cloudimg-query' tool which you can use to query this data
<jamespage> spurious, the machine readable data is here - https://cloud-images.ubuntu.com/query/
<spurious> jamespage, unfortunately I'm using the AWS Java SDK in an enterprise product running on RHEL, so I'm not sure I can use the cloud-ing query tool
<jamespage> spurious, there is more information on the cloud image query data here - https://help.ubuntu.com/community/UEC/Images
<jamespage> utlemming, smoser: do we have any cloud image tooling for folks not running ubuntu?
<jamespage> spurious, actually thats just a bash script so you can probably run it on anything with bash
<spurious> jamespage, one of my dev test boxes is an Ubuntu machine, if I pull down the cloud-utils package from the Canonical repo can I pull out the query sh and run it independently?
<jamespage> I think you probably can!
<jamespage> spurious, or you could grab it from here - http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/raring/cloud-utils/raring/files/head:/bin/
<spurious> jamespage, thanks, I'll give it a go. Do you know anything about the original question of why the 32 official AMIs on the Canonical marketplace page don't show up on the provider ID query?
<jamespage> spurious, unfortunately no I don't - utlemming might be able to help with that
<spurious> jamespage, thanks! utlemming, any input you could offer would be greatly appreciated
<jamespage> spurious, np - utlemming is around ~3 hours from now probably (central US)
<spurious> jamespage, that's fine, thanks. I'll leave this open and contact him around then. Cheers.
<spurious> (or her, shouldn't jump to conclusions)
<spurious> jamespage, do you happen to know if the query script is redistributable?
<jamespage> spurious, its GPL-3 so yes
<jamespage> spurious, its part of https://code.launchpad.net/cloud-utils
<spurious> jamespage, great, thanks
<smoser> spurious, so, you raise an interesting question about the "marketplace" amis.
<smoser> we do not have machine formated data that gets you those ami-ids available.
<smoser> utlemming can explain more what the difference between the non-marketplace and the marketplace amis are.
<smoser> they are bit for bit equivalent to the non-marketplace ami.
<smoser> spurious, i personally would appreciate it if you'd put your interest in using ubuntu-cloudimg-query on RH to https://bugzilla.redhat.com/show_bug.cgi?id=907756 (see comment 12)
<spurious> Hi smoser, it seems that the marketplace amis are solely for use through the AWS marketplace GUI.
<smoser> i didn't want to say that.
<spurious> The query script, however, works fantastically
<smoser> and i'm not certain that there is not a benefit to canonical if you chose to use the marketplace amis.
<smoser> it may also imply some sort of suport, i'm not sure. but if you wanted support and you're using the official amis not listed in the marketplace, you can get it.
<spurious> if they're bit-for-bit equiv it doesn't really matter that they are different, as long as they are overall queriable for users of the API
<spurious> ah, I see what you mean, and indeed the amis in the marketplace do come in 4 versions, normal and then 3 llevels of support
<spurious> which is fair enough, that's where the main business is
<spurious> somser, the status of that request on rhel is CLOSED ERRATA
<spurious> oops, smoser, sorry
<smoser> spurious, yeah, as in its "fixed" they've included it (without the ubuntu tools)
<smoser> but its fine to comment there.
<smoser> just maybe no one will listen :)
<spurious> ok, will do. Would love to see this on rhel, a fantastic tool.
<smoser> spurious, fwiw, the data that it queries is https://maas.ubuntu.com/images/query/
<smoser> and we're working on making improved data available.
<smoser> oops. wrong url
<smoser> ubuntu-cloudimg-query hits
<smoser> [DIR] raring/                 27-Oct-2012 17:57    -   Ubuntu Server 13.04 (Raring Ringtail) daily builds [Current Development Version]
<smoser> [TXT] released.latest.txt     25-Mar-2013 19:37  279
<smoser> GAH.
<smoser> http://cloud-images.ubuntu.com/query/
<smoser> ^ that one.
<smoser> and the new data format is available at http://cloud-images.ubuntu.com/eightprotons/ , but the location will likely move sometime soon.
<smoser> http://cloud-images.ubuntu.com/eightprotons/streams/v1/com.ubuntu.cloud:released:aws.js is what you're interested in (aws data).
<spurious> smoser, looks good, thanks!
<smoser> utlemming, we could put simplestream data for the aws marketplace ids also.
<smoser> at something like 'com.ubuntu.cloud:released:aws-marketplace.js'
<koolhead17> smoser: jamick http://paste.ubuntu.com/5655036/
<koolhead17> this GPG error am getting for PPA/testing/grizzly
<koolhead17> installing ubuntu-cloud-keysring
<koolhead17> was of no help
<smoser> Daviey, ^
<koolhead17> smoser: hello btw :P
<sliddjur_> .
<zul> jamespage:  ping
<sliddjur_> I cant seem to start my mysqlserver
<sliddjur_> when i try to connect to mysql: ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<sliddjur_> var/run/mysqld/mysqld.sock doesnt exist
<Styler2go> Hello Guys. i have problems with my ubuntu server. since a few days it is getting a very huge amount of "connections through firewall" and "ipconntrack". any idea how i can see whats happening?
<patdk-wk_> Styler2go, sure, check the conntrack table
<Styler2go> can you tell me how i can do that?
<Styler2go> http://styler2go.de/munin/localdomain/localhost.localdomain/fw_forwarded_local-week.png this is the graph where i see the amount...
<patdk-wk_> cat /proc/net/ip_conntrack
<Styler2go> and what can i do with this table...? i mean.. is it ok that the amount is that high?
<patdk-wk_> in that case, no idea
<patdk-wk_> cause that just counts packets
<patdk-wk_> tcpdump?
<Styler2go> http://styler2go.de/munin/localdomain/localhost.localdomain/fw_forwarded_local.html  http://styler2go.de/munin/localdomain/localhost.localdomain/fw_conntrack.html
<patdk-wk_> how should we know what is high or low, it's your system, and only you know how it's setup and what is connected to it, and what is expected
<Styler2go> i cant explain this huge amount...
<patdk-wk_> they are all local connections, so they will show up in netstat
<patdk-wk_> maybe your part of the *largest ddos in history*
<Styler2go> lol
<Styler2go> my server is running as great as everytime
<patdk-wk_> and that means?
<Styler2go> i dont think its an "attack"?
<patdk-wk_> just cause your server is running fine, doesn't mean it isn't attacking someone :)
<patdk-wk_> I didn't say you where getting attacked
<Styler2go> hmm
<Styler2go> how can i defend me?
<patdk-wk_> and  I didn't really mean it seriously
<patdk-wk_> just the timing of it, with the timing of the latest ddos
<Styler2go> i had some ddos attacks in the past, but i dont think this is one
<patdk-wk_> I dunno why you won't bother taking anything I say, and look into it though
<patdk-wk_> you had some ddos against you? or you where part of the source of a ddos?
<Styler2go> i got ddos'd
<airtonix_> i like saying ddos
 * patdk-wk_ gets tripple dos
<patdk-wk_> I perfer 3 d's, bigger is better right?
<airtonix_> i thought the term was "Denial Of Service"
<patdk-wk_> airtonix_, no
<airtonix_> is ddos "Daves Denial of Sanity" ?
<patdk-wk_> Distributed Denial of service
<patdk-wk_> multible attack sources
<patdk-wk_> hard to block
<airtonix_> patdk-wk_: not really
<patdk-wk_> generally thousands of source ip's, always changing
<Styler2go> so you have no idea how to get more informations why its so huge?
<patdk-wk_> well, only by taking down your ip or subnet
<airtonix_> patdk-wk_: I often find switching the power off to be effective
<patdk-wk_> Styler2go, I gave you MANY OPTIONS, you ignored them all
<patdk-wk_> airtonix_, then you just created a dos
<Styler2go> no
<Styler2go> i used your commands
<patdk-wk_> so you gave into their goal :)
<patdk-wk_> well, you now have the info you need to look into it then
<airtonix_> i spose you'd have to be interested first, which i was not
<Styler2go> http://pastebin.com/b4HR0YVC for example
<Styler2go> maybe i really should restart the server...
<patdk-wk_> looks like a lot of web hits from that .dip.t-d..... isp
<Styler2go> hmm
<Styler2go> but this is not the problem or?
<patdk-wk_> I dunno
<patdk-wk_> check your weblogs
<patdk-wk_> determin if that is something you allow, or something you think is bad
<patdk-wk_> it could be as simple as someone having a webpage open from your server, that has autorefresh on it
<patdk-wk_> so it's just reloading a crapload
<zul> jamespage:  https://code.launchpad.net/~zulcss/python-ceilometerclient/1.0.0/+merge/155962
<Daviey> smoser: wassup?
<smoser> koolhead had a question above
<smoser> http://paste.ubuntu.com/5655036/
<Daviey> that isn't CA
<jcastro_> good morning folks!
<Daviey> gpg --keyserver pgpkeys.mit.edu --recv-key  81DCD8423B6F61A6 ; gpg -a --export 81DCD8423B6F61A6 | sudo apt-key add -
<Daviey> is one way
<zul> jcastro_:  helo
<smoser> isn't "CA" ?
<smoser> good ol jcastro underbar.
<smoser> i love that guy.
<zul> ?
<jamespage> zul, pong
<zul> jamespage:  can you add python-ceilometerclient to the ci
<jamespage> zul, how much beer is that worth?
<zul> jamespage:  hmmmm....2 beers :)
<zul> jamespage:  ill get them at the mirantis party for you
<jamespage> zul, w00t!
<jamespage> cheapsake
<jamespage> cheapskate
<zul> totally
<alex88> hi guys, after ubuntu 12.04 I cannot copy paste something when using byobu since every n seconds I lost selection, is there a fix for this?
<Pici> alex88: probably a better question for #ubuntu, as -server does not have a gui.
<alex88> Pici: byobu is a gnu-screen wrapper that display a status bar and the window list
<alex88> you think is a client-side terminal program?
<Pici> alex88: are you using screen's selection method to copy and paste? or are you using a mouse?
<alex88> Pici: mouse, and client is not ubuntu
<alex88> http://bazaar.launchpad.net/~zekus-one/byobu/trunk/revision/1992 seems there is already a fix undergoing
<Pici> Ah
<alex88> sorry just found it now :)
<Pici> I've not had that issue myself on any OS, thought it was a terminal/putty/whatever issue.
<zul> jamespage:  one more beer https://code.launchpad.net/~zulcss/python-ceilometerclient/1.0.0/+merge/155962
<Pici> alex88: no problem, my fault for not understanding,.
<alex88> no worries, thanks anyway :)
<alex88> ok, byobu ppa fixed the issue ;)
<jamespage> zul, +1 on the MP for ceilometer-client
<zul> jamespage:  cool im just working on keystone now so ill have that for you in a couple of minutes
<axisys> how to find out all the dependencies for a installed pkg ?
<axisys> I have pkg ``foo'' installed.. how to find out all the other packages installed as dependecy pkg ?
<tobin> I'm having an issue with my upstart script logic. I have a script that needs to be run at boot and at shutdown. The script takes args (start and stop) so I believe i need to have each command run in the pre-start/post-post. The upstart script works on boot but when i issue i shutdown its never run. Any ideas? http://pastebin.com/YsHLGafp
<tobin> I've also tried stop on stopping network-services*
<axisys> apt-cache showpkg foo gives the info.. but not so clean
<jamespage> zul, ceilometerclient setup in the lab
<zul> jamespage:  cool thanks
<jodh> tobin: if you look at /etc/init/networking.conf, the event will not be emitted in certain circumstances by the looks of it. Try looking at your /var/log/upstart/networking.log.
<tobin> jodh: hrm okay
<tobin> jodh oh this is because of the virtual networking devices
<Fieldy> is there a way to tell apt to use somewhere other than /tmp/ as its temporary directory?
<zul> jamespage:  https://code.launchpad.net/~zulcss/keystone/rc2/+merge/155977
<Fieldy> how do I configure which services are started at boot?
<alex88> Fieldy: update-rc.d and check the init scripts afaik
<alex88> s/init/upstart/
<Fieldy> ok thanks i'll poke around
<alex88> Fieldy: what are you trying to achieve?
<Fieldy> alex88: i don't want several services i just installed to start up at boot yet, until i'm done configuring everything
<alex88> Fieldy: then update-rc.d -f servicename remove
<Fieldy> ah okay that's simple enough
<alex88> if they're init scripts, for upstart you should find the init script in /etc/init and comment the line "start on " etc
<alex88> yeah simple enough
<Fieldy> i'll reboot and give it a shot
<jamespage> zul, looking
<jamespage> zul, also opening havana on precise in the lab
<genii-around> Keep in mind this update-rc.d method will only work for daemons which are in the /et/init.d ( old sysvinit scripts) and not upstart scripts which are in /etc/init
<zul> jamespage:  ack
<jamespage> zul, I've taken two decision for the lab today; 1) we won't be using the ubuntu series specific branches any longer and 2) the PPA is just called havana
<zul> jamespage:  thats fine with me
<Fieldy> genii-around: ok, thanks. yep, one service (bind / bind9 / named) still starts up. yet i can't find anything in /etc/init/ named as i would expect. any ideas how I stop bind9 from starting at boot?
<jamespage> zul, +1 on keystone
<zul> jamespage:  cool thanks https://code.launchpad.net/~zulcss/python-novaclient/ftbfs/+merge/155992
<jamespage> zul, are we all good for client releases for grizzly?
<zul> jamespage:  ill go through them one more time this afternoon
<agu10^> What deployment tool do you suggest to get my website from windows 8 into my VPS server on ubuntu server?
<zul> jamespage:  last one i swear today: http://people.canonical.com/~chucks/ca
<Fieldy> would putting my custom iptables rules and various forwarding commands in /etc/network/if-up.d/zzz-firewalling-and-forwarding be a good way to have them applied on boot?
<patdk-wk_> no, that would run per ifup of each interface
<Fieldy> hm... so it would do it once for eth0 and then once for lo?
<Fieldy> (in my case)
<patdk-wk_> should, yes
<Fieldy> patdk-wk_: okay, my goal is to get this one series of commands run at boot but after networking is up, is there a better way to accomplish this?
<patdk-wk_> simple upstart script probably
<LargePrime> BUM?
<patdk-wk_> but there is an iptables startup package, to emulate the rhel way
<LargePrime> patdk-wk_: would BUM automate this?
<patdk-wk_> how should I know
<patdk-wk_> dunno what BUM is
<Fieldy> i'm not either
<LargePrime> test
<LargePrime> the Bott Up Manager
<LargePrime> boot
<LargePrime> *
<Daviey> zul: https://launchpadlibrarian.net/135520670/buildlog_ubuntu-precise-i386.python-cinderclient_1%3A1.0.2.34.g7369310%2Bgit201303281130~precise-0ubuntu1_FAILEDTOBUILD.txt.gz
<zul> Daviey:  where is that from?
<zul> Daviey:  oh havana ppa
<zul> Daviey:  should be fixed in the next build
<Fieldy> i created the following upstart script and placed it in /etc/init/iptables-and-forwarding : https://gist.github.com/anonymous/5264686   however start iptables-and-forwarding returns: start: Unknown job: iptables-and-forwarding  I was following this example: http://upstart.ubuntu.com/getting-started.html   .. any ideas?
<Fieldy> figured it out. there's an error on that ubuntu.com page, it says "Jobs are defined in files placed in /etc/init, the name of the job is the filename under this directory without the .conf extension. They are plain text files and should not be executable." i renamed it with .conf at the end of the filename and it works.
<Fieldy> or at least, it could be written a little better. it's easy to read it as telling you to not have the file named .conf
<qhartman> I recently upgraded a cluster of machines from 11.04 to 12.04, and some of them are showing a weird "phantom load".
<qhartman> The LA is quite high, but there's no significant CPU or IO activity, and there's plenty of free RAM.
<qhartman> Has anyone else seen this?
<hallyn> sigh.  this crosscompile stuff becomes tedious.
 * hallyn off to be afk for lunch
<jamespage> zul: those ca updates lgtm
<zul> jamespage:  cool
<zul> jamespage:  alrighty uploaded
<koyetsu> is it usual for samba to be so fricken flakey? i have 2 servers virtually itentical smb.conf only difference is the netbios name and the path of the shares...1 works the other doesn't....
<sarnold> koyetsu: I've had good luck with samba<->samba things, but windows clients seem very flaky. (even windows<->windows seems trouble.)
<koyetsu> well i seem to have worked it out....but samba irritates me
<koyetsu> ok now on to more important issues. i'm working on setting up an automated ubuntu. i've created my ks.cfg and to answer the partitioning questions i created a preseed file. but i still get the very last question basically: here is the partition table do you want to write it yes/no any idea how to an answer passed to it?
<koyetsu> this is my current preseed http://paste.ubuntu.com/5654282/
<eutheria> i am using ldap auth, and i've set up some systems with the encrypted home dir
<eutheria> i was wondering if i changed the ldap password if i would still be able to mount the users homedir
<koyetsu> ok if no one can help me on that, then one other issue is happening in my install. i'm pxe booting and pointing the install at http://local.server/ubuntu the ubuntu folder is the mounted iso for 12.04 server. during the install it pops up and says that /dists/precise/restricted/binary-amd64/Packages was corrupt. but if i continue i never seem to have any problem.
<sarnold> koyetsu: I think there's only a handful of packages in the restricted tree; mostly nvidia, fglrx, a few others
<sarnold> koyetsu: if you can't figure out why it is corrupted or don't care to bother you could remove the restricted from your sources.list and delete the file..
<koyetsu> sarnold: i'm just trying to make this a no key press install. and like i said this is the mounted iso. shouldn't be a corruption. i've redownloaded etc. and it still says it
<sarnold> koyetsu: oh hrm.
<koyetsu> thinking about just mirroring the distro off ubuntu but not sure what to get or the easiest way to do it. i definately dont want a complete mirror just 12.04 server 64 bit
<koyetsu> anyone know anything about apt-mirror? i'm trying to severly limit what it downloads....i have to cut from 92gb to 56gb trying to make it mirrow a specific distro for local installs
<eutheria> oh encrypted homedirs didn't work for ldap users
<eutheria> meh
<mp__> i have a machine with two ip addresses. i restarted the networking service, and the interface, it still remains. any ideas?
<mp__> i can't ping one of both addresses though
<mp__> but ip a s shows two ips
<hallyn> woohoo, qemu-linux-sparc working as ss10.
<hallyn> it's almost as fast as my sparcstation 1+ was
<tsaavik> Has anyone been successful in setting up mode5 bonding via the method outlined at https://help.ubuntu.com/community/UbuntuBonding?
<thebwt> Howdy folks, I'm trying to preseed a netboot installer, and having a hard time figuring out which initrd.gz is actually being used. My tftp/apache directory looks like this http://archive.ubuntu.com/ubuntu/dists/quantal/main/installer-amd64/current/images/netboot/ (i just mirrored that page). I can run installs just fine, but would like to take it a step further. By all accounts ubuntu-installer/amd64/initrd.gz should be what is loaded, but e
<thebwt> okay forget my previous question, I had a second copy of the netboot folder in the wrong place, and was editing that... no wonder stuff didn't work :p
#ubuntu-server 2013-03-29
<dandkburt> looking for a member that knows Postfix mail server
<patdk-lap> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<dandkburt> I am not asking to ask
<dandkburt> I am seeking a person
<patdk-lap> ok, you didn't even ask anything infact
<holstein> dandkburt: i think the suggestion is to just ask the question
<patdk-lap> just making random comments?
<dandkburt> no
<dandkburt>  not randome
<dandkburt> want someone to assist me on installing and configureing it on my net
<patdk-lap> that is what the server guide was made for
<dandkburt> and if something that arises that is not in the server guide
<patdk-lap> do you have a specific question about something not covered?
<dandkburt> guess this room is falsly advertised
<patdk-lap> odd, people trust random people on irc, over the documented instructions?
<LargePrime> ok give the ip and the root password
<LargePrime> derp
<lamont> heh
<Fieldy> is there a way to install gallery via apt that does not pull in apache? i use lighttpd
<dandkburt> SMTP server error: 4.3.0 Temporary system failure. Please try again later.
<patdk-lap> fieldy, --no-install-recommends ?
<Fieldy> patdk-lap: i wasn't aware of that option, thanks i'll check it out
<Fieldy> still pulling in apache unfortunately
<patdk-lap> heh, it's worse than I thought then
<patdk-lap> then I don't believe there is any fix, other than to fix the packaging
<patdk-lap> or maybe there is an ignore depends option
<Fieldy> i'm accustomed to installing and maintaining gallery manually, i'll just continue to go that route, i was merely hoping not to
<dandkburt> SMTP server error: 4.3.0 Temporary system failure. Please try again later.
<dandkburt> anyone know how to fix this
<Fieldy> dandkburt: if you have a question, you might want to ask it :)
<Fieldy> look in your smtp servers logs / error logs, it should tell you more
<dandkburt> where would I find the logs
<BrassDragoon> How do I set vsftpd up to only allow access to a certain directory?
<adjen> hi
<adjen> i discover a new great exploit to get root take a look  http://ro0t.dyndns-server.com/
<Iapetus> just a drunk
<dandkburt> ok
<dandkburt> I am getting these errors
<dandkburt> now
<dandkburt> how do I fix
<dandkburt> Mar 29 01:18:05 ddb postfix/smtpd[19037]: warning: SASL: Connect to private/auth-client failed: No such file or directory
<dandkburt> Mar 29 01:18:05 ddb postfix/smtpd[19037]: fatal: no SASL authentication mechanisms
<ScottK> dandkburt: You probably have postfix in a chroot (this is in the Debian/Ubuntu default) and have not configured SASL to work with the chroot.
<ScottK> IIRC, the server guide (in /topic) explains how to configure it.
<BrassDragoon> got vsftpd running, but after restart I keep getting this
<BrassDragoon> root@box:~# service vsftpd start
<BrassDragoon> vsftpd start/running, process 4218
<BrassDragoon> but then it doesn't show up as a running task anywhere, and killall doesn't detect it
<BrassDragoon> halp?
<koyetsu> is there a way other than restarting the iscsitarget server to add additional targets? reason i'm asking is it won't let a restart happen is the target is actually being used
<rigved> hi everone.
<rigved> I have ubuntu 12.04 running on a VPS with OpenVZ. I have installed apparmor but it does not seem to be loaded.
<rigved> when i run "sudo apparmor_status", I get the message: apparmor module is not loaded.
<rigved> I cannot find any error message in /var/log/syslog or messages or dmesg or kern.log. It seems to be related to this bug: 113887
<rigved> Can anyone help to get apparmor started?
<kerframil> rigved: you're running in a container so it's not going to happen
<rigved> kerframil: ok. i understood. since the kernel is on the host. thanks for your help!
<mpopp> is there a reliable test to check whether all cores of my two cpu server are being used?
<mpopp> htop
<agu10^> i have an issue with node.js
<agu10^> NODEMON is not reading .nodemonignore
<Ul_> hello everybody. having problems setting up interface bonding. having 4 servers with 4 bonded nic each. the bond device comes up with the right address but I can only ping the ip address of the bond device of the host i'm on. can't ping the other hosts. bonding mode is balance-rr
<Ul_> the file /proc/net/bonding/bond1 shows MII Status: down
<Ul_> and ideas what could be the problem?
<Ul_> found that the devices are not enslaved after boot. if i do a manual ifenslave bond1 eth1 eth2 eth3 eth5 then it works fine
<Ul_> even though speed is not 4 GBit but onlt 2.2 GBit
<Ul_> with balance-rr
<rigved> it seems that the dovecot-related configuration (in dovecot and in the postfix-dovecot integration as well) mentioned here: https://help.ubuntu.com/12.04/serverguide/ is again dovecot version 1. However, version 2 is installed by default in ubuntu 12.04.
<rigved> *against
<soren> Ul_: What does your /etc/network/interfaces say?
<rigved> what is the appropriate place to discuss this? any mailing list?
<foxxxx> hey, did any of you guys got xen 4.1 to work with ubuntu server 12.04 ? just did a fresh install but when i try to boot the xen entry it hangs at: "Panic on CPU 0: FATAL PAGE FAULT ..."
<Underbyte> question: when i try and login from my server with my normal username, i get this error: "The system is going down for maintenance in 3 minutes!"
<Underbyte> but when i investigate...
<Underbyte> root@dev:/# shutdown -c
<Underbyte> shutdown: Cannot find pid of running shutdown
<Underbyte> any ideas?
<Underbyte> (login == ssh in this case)
<rigved> foxxxx: is this similar to this: http://ubuntuforums.org/showthread.php?t=2120482 ?
<foxxxx> yep totally
<foxxxx> now i'm compiling the xen-4.2.1 from source
<foxxxx> let's see if that changes anything
<foxxxx> what i'm just curious about
<foxxxx> this actual machine was running debian squeeze with xen-4.0 perfectly fine
<foxxxx> i just had some other issues with debian old-packages, etc...
<foxxxx> so i switched to ubuntu-server 12.04 today
<foxxxx> already tested ubuntu-server 12.04 with xen-4.1 in a virtual machine where it boots fine too, but not on this particular hardware somehow
<Ul_> slaves eth1 eth2 eth3 eth5
<Ul_> also tried with
<Ul_> up /sbin/ifenslave eth1 eth2 eth3 eth5
<Ul_> but they are not enslaved after boot
<Ul_> bye everybody ... will look into this later
<gynna> http://xeroticmomentsx.blogspot.com/2013/03/amateurgallery.html
<sarnold> stgraber: I'm a bit confused by convert_tuple_to_char_pointer_array(); the memcpy() looks like it could be replaced by a simple assignment with = -- am I misunderstanding something important? :)
#ubuntu-server 2013-03-30
<aaron_rackspace> hey all, i'm looking for anyone who would be interested in a c++11 project that I'm looking to package with an ubuntu distro. would require an understanding of BGP, syslog, and TCP sockets. project is currently alpha.
<Fieldy> I installed phpmyadmin however there's nothing that I can find related to it anywhere in /var/www. it didn't say I needed to do anything else, did I miss something?
<sarnold> Fieldy: when I'm stuck with a "what next?" sort of feeling, I look in the /usr/share/doc/<packagename>/ directory, and if that isn't as useful as it could be, I run dpkg -L <packagename> to see what files were installed
<LargePrime> hey, assuming a Ubuntu server with server ips bound to to it, how do i open a port on one of the ip's?
<sarnold> LargePrime: there's no default firewall; just have your server program bind() a socket, listen() to a port at startup, then accept connections in the main loop
<LargePrime> The software is supposed to have opend a port.  but it seems not.  i scanned with nmap and it is closed
<sarnold> LargePrime: check with sudo netstat -nlp | grep :portnumber
<sarnold> (-n to avoid dns, -l to show listening, -p to show program names and pids)
<LargePrime> sarnold: how do i specify the ip?
<sarnold> LargePrime: most programs have a directive for that; 0.0.0.0 or * for "any", or a specific IP if you want it bound on only one address
<LargePrime> ok i see it with the netstat command
<LargePrime> sarnold:  I see thie correct ip and the port with the netstart, but nmap is not showing it as open when scanned
<sarnold> LargePrime: okay, that's a start, though it does complicate things a bit :) it's bed time for me, so I'm afraid I'll just hahve to throw you some pointers and hope one of them gets it..
<LargePrime> and now everything is working
<sarnold> LargePrime: first, make sure ...
<sarnold> haha
<LargePrime> ok did i do that?
<sarnold> try to show the problem to someone else, and it goes away. every time. :D
<LargePrime> ok it not just me
<sarnold> LargePrime: I wish I had a good explanation. :/ the netstat command won't change anything..
<LargePrime> sarnold:  thanks
<capellou> bonjour
<capellou> je voudrais savoir comment je dois faire pour redÃ©marrer comme si c'etait pour la premiere fois mon ordinateur je suis sous Ubuntu 10.04 LTS ?
<angs> I am installing ubuntu-server 12.04.2 from a pendrive (by using unetbootin), it outputs error for the ubuntu archive mirror, I selected tens of countries from the list, but it always output "bad archive mirror". one of  the mirrors that I am using is se.archive.ubuntu.com. how can I overcome this step?
<holstein> angs: i would try and install without adding packages at installation
<angs> it asks that step by default when I select "install ubuntu server" option on unetboot.
<BenyG> angs: have you checked networking is ok?
<angs> sorry select "install" option.
<angs> I selected to install it without having connection option
<angs> if I select "install ubuntu server" on the unetboot, at a point it asks me to insert the installation CD where I am using pendrive. there is no option to select another storage.
<angs> I will try to use usb-creator to prepare the usb stick then try it
<angs> *try to install it
<joshu> hi anyone familiar with using procmail for forwarding outgoing emails?
<sliddjur> What is xinetd and why would I need it?
<sliddjur> im setting up nagios3 server and a nrpe host on another network. some guides suggests me to use xinetd
<RoyK> sliddjur: xinetd (or inetd) is a helper to make processes not having a tcp (or udp) listener built in work over those protocols. nrpe should be able to listen to tcp without (x)inetd
<sliddjur> RoyK: hmm ok.
<sliddjur> my teacher also suggested me to use two hosts on the same network
<sliddjur> he never told me why
<Fieldy> any suggestions for an imap server other than courier? i've spent two hours mucking with it and it just won't start. and i'm not new at courier, i have many years of experience, and even I can't figure it out. time to move on.
<genii-around> Fieldy: Dovecot
<Fieldy> thanks
<maxb> Either dovecot or cyrus
<guntbert> Fieldy: the !serverguide contains a good part about mail services
<maxb> dovecot's probably easier to get going with
<guntbert> !serverguide | Fieldy
<ubottu> Fieldy: The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<maxb> cyrus is possibly better some more advanced use cases
<Fieldy> thanks for the info
<Fieldy> yeah my needs are simple
<Fieldy> just tired of fighting courier's goofy config
<Fieldy> so i'll play with dovecot
<Seveas> Fieldy: cyrus is good too
<dandkburt> can some one tell me why I am getting this "Connection closed by foreign host." and why I cannot get my smtp up and running
<holstein> dandkburt: what are you trying to do?
<dandkburt> install Postfix and get it running on my server
<holstein> you are trying to ssh into it?
<dandkburt> yes
<holstein> dandkburt: thats when you get that error? trying to ssh into it?
<dandkburt> I have ssh connected
<dandkburt> that is when I use Telnet
<dandkburt> through ssh
<dandkburt> to test it
<dandkburt> Holstein will you pm me
<holstein> dandkburt: nah.. you should wait for a more qualified volunteer.. try #ubuntu as well
<dandkburt> ty Holstein
<dandkburt>  all I am looking for is help configuring Postfix if anyone could take a minut to help me
<dandkburt> wow
<dandkburt> I am getting blown off everywhere
<genii-around> dandkburt: Probably just no one around right now, it is a holiday weekend after all
<dandkburt>  looking for assistance on postfix
#ubuntu-server 2013-03-31
<MraAlbertina> hi. how could i force the use of VESA on one machine? ubuntu 12.10
<MraAlbertina> i mean on boot, trough grub
<Fieldy> i installed roundcube, but I don't see anythying under /var/www related to it... did i miss something? i read all the output after install
<patdk-lap> cause that isn't how ubuntu does things
<patdk-lap> it got spread out and installed all over the place
<patdk-lap> normally why I don't bother using ubuntu packaged web apps
<patdk-lap> normally it will have like apache include a config from /etc/roundcube to do it
<Fieldy> okay yeah that lead me to find it's actually installed in /var/lib and wants me to set up an alias to a url pattern which will point it there -- that is really odd
<Fieldy> yea. this is messy... will mess with it more tomorrow. i already see a manual install in my future.
<qman__> Fieldy, it automatically sets up a web directory and everything, all you have to do is turn it on
<qman__> it might already be on, try visiting http://your.server/roundcube/
<Catbuntu> hi
<pelle2> hi
<pelle2> doesn anyone have any idea of what causes this: booting with a certain usb-disk (not from it, just attached) does not work IF i do not have a monitor connected to the server
<pelle2> if i have a monitor attached, the system boots
<pelle2> if i remove that specific usb-disk, i can boot fine without a monitor attached
<pelle2> ?!
<ioria> i'd like to know if ISPConfig is necessary to install a full Ubuntu server ... (i'm preatty new about this) ? tx
<Halite> I'd like to run a server on Ubuntu. How
<andol> Halite: In this context, how do you define a server?
<sliddjur> how do i change rep in cli?
<sliddjur> i have a virtual server at my uni, and they use their own rep. and i cant dist upgrade. stuck on 10.10
<sliddjur> if there are a swedish/nordic repositorie i'd be happy :)
<qman__> sliddjur, in ubuntu, dist-upgrade stays with the same release version, use "do-release-upgrade" to upgrade to a newer release
<qman__> sliddjur, that said, to change the repositories, you need to edit them in /etc/apt/sources.list
<qman__> also, I'm pretty sure 10.10 is end of life now
<qman__> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<sliddjur> qman__: crap.. i dropped connection on release upgrade.
<sliddjur> what now
<qman__> did it start actually upgrading yet? it should have started a screen/SSH session on a high port for your to reconnect to
<sliddjur> yes, it disced when I was supposed to answer if i wanted to keep bash settings
<sliddjur> i can still connect on same port.. but can i get back to my other session somehow? i can see it on pts/0
<sliddjur> *** bash.bashrc (Y/I/N/O/D/Z) [default=N] ? Write failed: Broken pipe
<qman__> sudo screen -d -r
<sliddjur> dont have screen
<sliddjur> and apt-get is now locked
<qman__> well, you can kill off the process
<qman__> did it do a lot yet?
<sliddjur> qman__: yeah kind of
<sliddjur> qman__: can i pause a process?
<sliddjur> 18098 pts/1    00:00:00 dpkg
<qman__> dpkg locks the database until it's done, the way to get out of it is to kill the process and then do a dpkg --configure -a
<qman__> but in this case you probably don't want that
<qman__> I would kill the process and try to apt-get install screen
<qman__> then try to do-release-upgrade again
<qman__> rather, screen do-release-upgrade
<sliddjur> qman__: cant "move" process to my new connection?
<qman__> no
<qman__> it has to have already been set up to do so, with screen
<sliddjur> ok.
<sliddjur> qman__: i had to run dpkg --configure -a.
<sliddjur> qman__: and now it continues where i was cut off :o
<sliddjur> qman__: seems like it actually just finished release upgrade! wohoo
<qman__> great
<patdk-lap> ya, I have killed do-release-upgrade in the middle
<patdk-lap> doing dpkg/apt-get  manually, and restarting do-release-upgrade suprissingly restarted it just fine for me
<qman__> yeah, it's a surprisingly resilient process
<qman__> I had one break in the middle but I don't remember how I resolved it, it did work out
<sliddjur> I need to open one port for a specific IP in iptables, whats the command?
<sliddjur> tcp
<Armenia> hi
<sliddjur> can someone port scan one ip for me?
<sliddjur> nmap 84.210.170.149 -p5666
<Tzunamii> sliddjur: http://nmap.online-domain-tools.com/
<Tzunamii> Black belt in google-fu is a beautiful thing
<rwb> Hi, I am having a problem with a server (ubuntu 12.04) getting past grub.  It is frozen on "Starting up ..."  It has just been through a long fsck..  How can I get it to boot?
<Quest> hi
<Quest> when a visiter visits a page. what information can be grabbed of the user? ie its ip,  operating system? what else? can a unique identification of its browser be grabbed or its mac address of his system and not the network router/swtich behind which it is?
<shauno> Quest: you might find https://panopticlick.eff.org  interesting.  but no, you won't get a mac address.  you'll have the mac address of the last router on the path to you.  usually your own router.
<stgraber> not completely true, you can get the MAC address of the visitor if you're using IPv6 without privacy extensions (as EUI64 addresses contain the MAC address in the last 64bits)
<patdk-lap> shauno, that assumes his uplink uses ethernet
<shauno> well, it's a safer assumption than ipv6 at this point :)
<Quest> shadeslayer,  stgraber  ipv4 dont show mac?
<stgraber> Quest: they don't, only the router closest to the source knows the MAC and the information isn't passed on
<patdk-lap> mac is only used on the local *ethernet* cable
<stgraber> not only ethernet, infiniband can also be used to carry IP packets and does have MAC addresses too, which is why I didn't limit my statement to ethernet
<patdk-lap> infiniband doesn't use mac, except if using ethernet emulation on infiband
<patdk-lap> but ya, it's not used for t1, ax25, ....
<Quest> you said you can get the MAC address of the visitor if you're using IPv6 without privacy extensions (as EUI64 addresses contain the MAC address in the last 64bits)
<Quest> stgraber, ^
<stgraber> Quest: correct
<Quest> so it will give mac of machine to the http server?
<stgraber> for example, if you get a connection from 2607:f2c0:f00f:2700:2677:3ff:fe89:87bc, you can find that my MAC address is 24:77:03:89:87:bc
<patdk-lap> you have to assume ff:fe means that, and not someone that just used that in their ip
<patdk-lap> it's a pretty good guess though, currently
<patdk-lap> I have no idea why people love mac addresses though
<Quest> the ipv6 isnt the routers ipv6 incase the request(s) are coming from a network behind that router?
<stgraber> usually not, until very recently IPv6 didn't have NAT and most implementations still don't use NAT (and as far as I'm concerned, really really shouldn't)
<patdk-lap> the only thing guarrenteed (and not if using nat) is the ip address
<Quest>  the ipv6 isnt the routers ipv6 incase the request(s) are coming from a network behind that router?  or the ip of the router will be sent for all requests?
<patdk-lap> stgraber, using a lot of ipv6 nat for ipsec networks between our clients
<stgraber> IPv6 has so many addresses that using NAT just causes pain. However most operating systems nowadays (including Ubuntu) use privacy extensions by default to avoid the issue of making everyone easy to track by just looking at the last 64bits of an IPv6
<stgraber> patdk-lap: I never found any case where I really needed IPv6 NAT, I've had a few cases where I found it useful to use some of the non-routable (RFC1918-equivalent) addresses for point to point VPN links but the rest I always managed with properly designing the network so that everything is properly routed (even if some paths are routed over VPNs)
<patdk-lap> yes, that assumes you can manage it
<Quest> so theres no real way for tracking a pc uniquly that is using pv4 and is behind  a router?
<patdk-lap> like I said, ipsec vpn between are clients networks, out of our control
<stgraber> one case where NAT will likely be used is for tethering on cell phones as doing on-demand prefix delegation for those is rather tricky and most providers probably won't bother
<stgraber> Quest: right. For http you can get away with some clever javascript+cookies combination like google and other ad agencies do, but it's not that easy and web browsers often evolve making it harder and harder (as far as I'm concerned, this is a very good thing, I don't like being tracked :))
<Quest> hm
<Quest> thanks
<Quest> stgraber,  thats contrary in pv6 right?
#ubuntu-server 2014-03-24
<omfgitsasalmon> Hai, I'm new to networking and I'm curious about setting up a mail server with my Ubuntu server
<omfgitsasalmon> Can anyone assist me?
<fraq> omfgitsasalmon: in the past I have used sendmail as the MTA
<fraq> what exactly are you trying to accomplish?
<omfgitsasalmon> fraq: my server can't send email using PHP
<omfgitsasalmon> I tried following tutorials but none of them work. Is it because I'm hosting it on a domestic network?
<fraq> what tutorials have you tried?
<fraq> bear in mind, I'm no expert at this. I just built a sendmail server as part of a larder experiment
<fraq> *larger
<neild64> Your isp could be blocking smtp
<Pupeno> Is ntpd running enough to have the clock adjusted? I changed the time on a machine to see it in action and I'm not seeing ntp fixing it.
<mardraum> pastebin ntpq -p
<Pupeno> mardraum: https://gist.github.com/pupeno/9737576
<rbasak> Pupeno: IIRC ntpd refuses to change the time by more than a few hours by default in case that breaks things. It also slews the clock slowly; you'll need to wait a day or two to see it come into sync again anyway.
<Pupeno> I just want to make sure it's working since I change it to bind only lo. It shouldn't stop it from working, but just in case. Is there a way for me to do it? I can't find any logs that say "hey! clock is wrong, slowly fixing it." or sosmething like that.
<mardraum> what rbasak says is 100%. Thought from your output you don't seem to be able to reach any ntp servers.
<mardraum> though*
<mardraum> bind only lo why? are you expecting to NAT it out from localhost?
<Pupeno> mardraum: I just don't want ntp to be reachable by anybody (as a server), I'm just running it to keep the clocks synced.
<mardraum> firewall it then?
<Pupeno> mardraum: I'll firewall it too, but I prefer to have a close configuration as well for all services.
<Pupeno> So, apparently I have to bind it to public IPs for it to reach ntp servers.
<Pupeno> Why is that?
<ogra_> Pupeno, you could just run ntpdate by a cron job once a day instead ... that saves you from having to run a daemon
<mardraum> are you expecting to NAT it from localhost?
<Pupeno> mardraum: no.
<mardraum> then how could it possibly route to the public internet
<Pupeno> mardraum: I'm not familiar with the NTP protocol, maybe it has some callback mechanism I'm not aware of, but my server doesn't need to bind 0.0.0.0:25 in order for it to open connections to port 25 in other servers and deliver email. I was expecting ntpd to open connections to my time servers without having to bind and listen in port 123.
<mardraum> I'm not having a go at you. At least you didn't claim you hadn't made any changes and then fess up an hour later you made it only run on lo
<Pupeno> I'm fine with ntp using other interfaces, I just don't want it to listen on them. The same way postfix is not listening on eth0, but it's using it to reach the Intenet.
<mardraum> you run a MTA on localhost only that works fine sending and receiving mail?
<mardraum> to internet hosts
<Pupeno> mardraum: there's an MTA running listening only on 127.0.0.0:25 that routes email to the internet, yes.
<Pupeno> I meant lo, port 25.
<mardraum> cool, you must have some translation happening
<Pupeno> mardraum: nope.
<mardraum> perhaps NTP just refuses to work like that. I've never tried
<mardraum> nope?
<mardraum> pastebin some mail logs
<Pupeno> mardraum: you don't need to listen on port 80 to connect to port 80. My browser doesn't listen on port 80 and connects to port 80 of any server out there.
<mardraum> I never suggested that it did?
<mardraum> browser will always use a high port anyway, but we are off topic
<Pupeno> Well, so does postfix.
<mardraum> your 127 address is not valid on the internet. If it can send email to an internet host, something is translating the address.
<Pupeno> But also, they open the port to connect, not to listen, which is different.
<Pupeno> mardraum: no, nobody is doing NAT. You don't need to do NAT. Program X talks to postifx on 127.0.0.1:25, postfix stores the email, then opens a random high port to connect to whatever:25 and delivers said email.
<mardraum> a random high port on an interface it doesn't listen on?
<Pupeno> mardraum: yes.
<Pupeno> That's how TCP/IP works.
<mardraum> TCP/IP specifies interfaces now?
<mardraum> your postfix config would allow this to happen.
<Pupeno> mardraum: no, TCP/IP specifies that you open a local port on a local IP to connect to a remote IP on a remote port.
<mardraum> why you expect ntp to work the same I don't really know
<Pupeno> mardraum: because that's how most tcp/ip clients work.
<mardraum> guess you found the only one in the world that doesn't then?
<Pupeno> mardraum: well, I have no proof one way or another, I will not just assume that I found an exception only because something I expected didn't happen. I need more information.
<rbasak> lamont: any news on bug 1288823 please?
<uvirtbot> Launchpad bug 1288823 in bind9 "Trusty bind9 RRL " [High,Triaged] https://launchpad.net/bugs/1288823
<lamont> rbasak: let me get that uploaded
<rbasak> lamont: thanks!
<zul> jamespage:  when you get a chance https://code.launchpad.net/~zulcss/nova/2013.1.5/+merge/212214
<zul> jamespage:  fixed
<jamespage> zul, +1
<zul> jamespage:  thanks
<zul> jamespage:  ill double check the changelogs and start uploading in a couple of minutes
<zul> jamespage:  forgot one from friday https://code.launchpad.net/~zulcss/neutron/2013.1.5/+merge/212226
<jamespage> zul, double space in changelog
<zul> jamespage:  fixed
<jamespage> zul, +1
<jamespage> zul, we need to ditch the distro tasks on https://bugs.launchpad.net/nova/+bug/1295674
<uvirtbot> Launchpad bug 1295674 in nova "Meta bug for tracking Openstack 2013.1.5 Stable Update" [Undecided,New]
<jamespage> and just have one for Cloud-Archive
<zul> coreycb: lemme know when you are done
<coreycb> zul,  wil do
<coreycb> zul, jamespage: https://code.launchpad.net/~corey.bryant/cinder/2013.1.5/+merge/212217
<zul> coreycb: -1
<coreycb> zul, should I drop all the "pin" change logs?
<coreycb> zul, for glance and horizon
<zul> coreycb: the non user facing ones so like sphinx yes
<coreycb> zul, ok
<coreycb> zul, I also noticed the logs are in reverse order vs the tracking branches in case that makes a difference
<zul> coreycb: ye
<coreycb> zul, cinder is ready for re-review
<zul> ack
<zul> Corey:  +1 from me
<coreycb> zul, thanks  jamespage ^
<coreycb> zul, jamespage: glance https://code.launchpad.net/~corey.bryant/glance/2013.1.5/+merge/212423
<zul> coreycb: i thought we were going to skip glance
<jamespage> coreycb, skip it
<jamespage> the upstream changes are nullified by my patch
<coreycb> zul, jamespage: that's right, forgot about that
<jamespage> coreycb, hey - np :)
<coreycb> :)
<coreycb> zul, jamespage : horizon https://code.launchpad.net/~corey.bryant/horizon/2013.1.5/+merge/212225
<jamespage> coreycb, I think the final commit is e6a4653 not b14debc
<coreycb> jamespage, ok that is probably the similar case for cinder too
<coreycb> zul: ^
<zul> coreycb: arrgh
<coreycb> zul, jamespage : I pushed horizon again
<zul> coreycb: ill fix up cinder
<coreycb> zul, I'm ready to push if it's easier
<zul> coreycb: sure
<coreycb> zul: pushed
<zul> coreycb: thanks
<coreycb> jamespage, when you get a second: https://code.launchpad.net/~corey.bryant/charm-helpers/1294140/+merge/212430
<jamespage> coreycb, commented
<jamespage> smb, I'm going to propose we backport the current iscsitarget to 12.04,12.10 and 13.10
<jamespage> so we don't have todo this again for the 3.13 kernel
<coreycb> jamespage, thanks, responded
<smb> jamespage, Guess that works for me. So I could close my tracking bug and you can drive the other. If you have a bug number I can refer to in my report, just let me know.
<jamespage> smb, lets just do it under bug 1262712
<uvirtbot> Launchpad bug 1262712 in iscsitarget "[SRU] Backport iscsitarget 1.4.20.3+svn490 into Precise" [High,Triaged] https://launchpad.net/bugs/1262712
<smb> jamespage, NAK, that is just plain confusing
<jamespage> smb, why?
<smb> jamespage, The current iscsitarget for me is 1.4.20.3+svn499-0ubuntu1 orin at least 496. This is not what the original tracking bug was for. And then we got some stuff in the comments from the old request and some from the new one
<jamespage> smb, ?
<jamespage> I'm a bit confused
<jamespage> the original bug for for +490 - upstream trunk (as I just uploaded to 14.04) is only 9 commits on from that
<smb> The tracking bug was opened to push the S version of it into older releases. Now you want to push the T version. It may only be a few commits but it is a different version and to be honest for me that is a new request.
<zul> jamespage/coreycb: cinder and horizon uploaed
<coreycb> zul, thanks
<zul> jamespage:  https://code.launchpad.net/~zulcss/keystone/2013.1.5/+merge/212232
<zul> jamespage:  im dealing with kazoo right now
<raj__> Is plymouth  anyway useful on server ? i see several plymouth entries in the processes listing ..
<jamespage> zul, ack
<jamespage> zul, niggle on the keystone MP - other than that +1
<rbasak> raj__: http://web.dodds.net/~vorlon/wiki/blog/Plymouth_is_not_a_bootsplash/ provides a good explanation of why plymouth is also useful for server.
<railsraider> Hi im trying to make upstart pre-stop stanza to sleep for x seconds before sending the sigkill but it seems that upstart doesnt accept it and kill imiddiately
<railsraider> http://pastebin.com/2ruUqdav
<railsraider> any idea how to wait before upstart do sigkill
<zul> jamespage:  fixed
<jodh> railsraider: 'kill timeout SECONDS' - see init(5).
<railsraider> i tried that
<jamespage> zul, +1
<zul> jamespage:  well need the new oslo.rootwrap as well (#1081795)
<rbasak> railsraider: looks like your problem is "exec". What's inside a "... script" stanza in an upstart job is just normal shell.
<railsraider> seems like upstart ignores my sleep command and the kill timeout is how long to wait after sigterm to send sigkill
<rbasak> railsraider: in shell, lines after a successful "exec" will never execute.
<rbasak> railsraider: I don't know why you had "exec" there, in the first place, but try dropping it.
<railsraider> rbasak: i have to make sure the processes exit gracefully how would i achive that
<railsraider> thanks im trying that now
<railsraider> rbasak: thanks so much worked on this all day i simply copy pasted the line from the script section
<railsraider> it works now
<jamespage> hallyn, seeing some lxc oddness in the OpenStack CI lab - "lxc-start: command get_cgroup failed to receive response"
<jamespage> that's coming from lxc machines that juju is trying to start on one of the servers
<hallyn> jamespage: do you have any more info from syslog, auth.log, or a container.log?
<jamespage> hallyn, syslog, auth.log - nothing
<jamespage> where do I find container.log?
<vlad_starkov> QUESTION (cross-post): Can't boot on freshly installed 12.04.4 64bit. Got multiple CPU soft lockup messages. Could someone point me how to boot in verbose/debug mode to figure out what's going on?
<rbasak> !crosspost|vlad_starkov
<ubottu> vlad_starkov: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<vlad_starkov> rbasak: Yep. For that I market question as "cross-post"
<hallyn> jamespage: you can check /var/log/lxc/ ..  it depends where juju is directing it to put them
<hallyn> jamespage: can you try createing and starting a contaienr by hand, see if htat fails too?
<jamespage> hallyn, http://paste.ubuntu.com/7147289/
<hallyn> jamespage: oh, i think that's a knwon bug in apparmor today.  tyhicks was assigned one
<jamespage> hallyn, OK  - so long as someone knows :-)
<hallyn> probably bug 1296459
<uvirtbot> Launchpad bug 1296459 in apparmor "Upgrade from 2.8.0-0ubuntu38 to 2.8.95~2430-0ubuntu2 breaks LXC containers" [Critical,New] https://launchpad.net/bugs/1296459
<jamespage> hallyn, that is latest everything
<hallyn> jamespage: yeah try downgrading apparmor
<jdstrand> hallyn, jamespage: fyi, tyhicks is assigned and knows the cause. he is working on a fix now
<jamespage> ack
<hallyn> cool, thx
<hazmat> do nested containers need trusty kernel?
<lutostag> hazmat: you can do nested lxcs pre-trusty with root
<lutostag> just add lxc.aa_profile = lxc-container-default-with-nesting to your /var/lib/lxc/<top-level container name>/config
<hazmat> lutostag, thank you
<lutostag> hazmat: np :)
<zul> hallyn/smb: libvirt xl fails to start because there wasnt a /var/log/libvirt/libxl/libxl-driver.log btw
<hallyn> zul: meaning if the .log file doesn't exist, libvirt xl won't start?  it opens without O_CREAT ?
<zul> hallyn:  yeah the directory is missing from the libvirt-bin.dirs
<hallyn> zul: pushing a new package to fix that?
<zul> hallyn:  yeah
<zul> hallyn:  do you have anything else?
<zul> smb: do you have any documentation on libvirt and xl?
<hallyn> zul: oh, sorry, no i don't
<zul> hallyn:  ack
<zul> hallyn:  ok uploaded
<adar> hi. do you know anyone know a good tutorial about security nginx ??
<sarnold> hallyn: congratulations on core-dev :)
<thumper> hallyn: when I run 'lxc-start', does that immediately put the container into STARTING mode?
<thumper> I have an "lxc-wait -n ubuntu-local-machine-1 -s RUNNING|STOPPED" running after the lxc-start and it returns immediately
<thumper> and lxc-info says stopped
<thumper> but 8s later, it is started
<Valduare> hi all
<Valduare> whats the word on using these arm devices for bare metal servers in maas
<sarnold> Valduare: I'd say "no" to pandaboards, my personal pandaboard hangs often; they fell over often when we used them for builders, too
<sarnold> Valduare: I hope you're talking about real servers though :) I suspect they'd be quite a lot nicer.
<Valduare> I havnt used a panda board myself
<Valduare> I have a few mk808 devices that have been real solid
<Valduare> but these mk902 have rj45 and quad core
<Valduare> sarnold: anyways just wondering if I can get them under maas to play with
<sarnold> Valduare: try asking in #maas -- the little I've played with it, it looks pretty flexible, if you can figure some way to remotely power them on and off..
<Valduare> half a watt idle, they could stay on :P
<sarnold> niiiiice
<hallyn> thumper: yes, lxc calls it started when init has started
<hallyn> thumper: you're probably interested in bug 1266808.
<uvirtbot> Launchpad bug 1266808 in lxc "No mechanism to wait until a started container is ready and has finished booting" [Wishlist,Triaged] https://launchpad.net/bugs/1266808
<blottoface> I did an aptitude install mediawiki and uncommented out the Alias line in /etc/mediawiki/apache.conf.  Then I did a a2enconf mediawiki.  Then I restarted apache2 services.  It complains about permissions when I try and visit the site.  :(  The www-data user and group has read permissions.  The error in the log says "client denied by server configuration"
<Valduare> #maas is dead channel tonight..
<Rallyball> My pc won't read my flashdrives but the system will recognize it, anybody know why?
<sarnold> blottoface: that could be the server configured to deny or not allow based on IP address, or any other number of reasons.. it'd be nice if it could tell you -why- it was denied...
<sarnold> Rallyball: perhaps they are formatted with a filesystem your kernel can't read?
<Rallyball> Yes, that's probably it, thanks.
<Rallyball> Do most flashdrives load a default file system depending on the OS?
<Rallyball> Or is there something I have to do to load them from the pc?
<Rallyball> In other words, are most flash drives compatible with Linux?
<sarnold> Rallyball: most flash drives come formatted with vfat, because it is the only filesystem that mac os x and windows have in common
<sarnold> (vfat more or less equals fat32..)
<Rallyball> That makes sense.
<Rallyball> How do I format it to accept linux files?
<sarnold> Rallyball: mke2fs on the /dev/whatever block file
<Rallyball> Ok, thanks.
<sarnold> Rallyball: if it is partitioned you may wish to change the filesystem type tag in the partition table using fdisk or gdisk
<Rallyball> Yes but I will need to dump the data first.
#ubuntu-server 2014-03-25
<blottoface> sarnold: apache complains after I restart that the Alias directive will likely never be reached because it overlaps an earlier alias.  I can't for the life of me find any other Alias directives for apache.  I even went so far as to disable the 000-default site.
<sarnold> blottoface: grep -ri alias /etc/apache* or something? :)
<sarnold> grab the big guns..
<blottoface> hrm, I'll have to take a look at this tomorrow.  That's a pretty bad bug in the package.
<zzxc> Hey guys, I'm trying to get my a machine running 12.04 server to play audio and keep getting this message 'ALSA lib pcm_dmix.c:1018:(snd_pcm_dmix_open) unable to open slave' anyone have a where to start to fix this?
<PryMar56> zzxc, install alsa tools?
<PryMar56> can you open the ncurses mixer?
<PryMar56> zzxc, I run xmms2+abraca
<PryMar56> works headless
<zzxc> PryMar56: Yeah ALSA works fine there is 3 cards outputs listed but it works
<zzxc> xmms2+abraca what is it?
<PryMar56> xmms2 is a server and abraca is a frontend which can x11 forward
<PryMar56> xmms2 plays all digital formats+icecast+online radio
<zzxc> PryMar56: Mmmm, yeah Its less an issue of that part. More of an issue of everything gives me that same message.
<zzxc> PryMar56: I'm running MOCP and pianobar, and was hoping to get airplay enabled so I can play sound through my speakers. But I'm currently having some issues with that.
<zzxc> Its been a while since I'm worked on a server isntance that had physical hardware.
<PryMar56> zzxc, login as users , do groups: are you member of audio and video?
<zzxc> video no audio yes
<zzxc> Got the speakers to pop. Scared the shit out of me. Also most likely in the wrong jack from the looks of it
<basketball> does anyone have a server that i can you real quick i want to test a setting
<fiasco_averted> I have two-factor authentication setup in Ubuntu 13.10 using pam.d and google-auth. It prompts me for username then password then two-factor-auth token. I'd like it to only be two total prompts, one for username, and one for password+2FA-token.
<fiasco_averted> (10:23:11 PM) fiasco_averted: Any idea how to set that up? I assume it's a line or two in /etc/pam.d/sshd, but after trying a few examples from blog posts and reading the man page on pam.d I haven't found a working solution. Thanks. Next step is to hook it up to openvpn as well, and I believe that'll require the pasword+token setup as well.
<sarnold> fiasco_averted: hrm, I wouldn't expect there to be any easy way to get only two prompts
<sarnold> fiasco_averted: without having investigated at all :) I expect the answer would be to write or find a PAM module that does exactly what you want
<sarnold> fiasco_averted: since PAM is .. finicky .. and vital I'd be scared to do it myself
<fiasco_averted> sarnold: I'm pretty sure its possible just within the pam.d sshd file configuration. That's how I set it initially. Others with other OSes seem to just be editing that file, but then calling different authentication .so files that ubuntu doens't have (on OSX for example). I'm testing this out in a snapshotted VM first, so I'm more than willing to break everything without causing any issues.
<sarnold> fiasco_averted: hooray for vm-testing :)
<sarnold> fiasco_averted: you actually had password+2fa token working in one prompt somehow earlier?
<fiasco_averted> yes, with three prompts. 1. username 2. password 3. 2FA
<sarnold> ah, okay
<fiasco_averted> sarnold: its dead simple to setup on ubuntu 13.10 http://fiascoaverted.blogspot.com/2014/03/configuring-two-factor-authentication.html
<fiasco_averted> I just want to condense the second two prompts into one.
<sarnold> fiasco_averted: yeah, that's the part that I think will be difficult to do without writing your own pam module; none of the pam modules I found in the archive via "apt-cache search two-factor" have a mention in their description that they could accept both unix password and token in one prompt -- you'd think it'd be a selling point of the module if it could do that..
<sarnold> oh, I see that's your blog :) nice post
<fiasco_averted> thanks. Its up in a million different places, but I hadn't seen it confirmed with the default spelled out for 13.10 and this is less verbose than others, so felt I should document it. I'm going to setup a openvpn a few different ways and document that on the blog as well, but I want to get this one line password+token first.
<grek> hi i have this situatiuon http://superuser.com/questions/732971/virtualbox-no-suitable-module-for-running-kernel-found
<grek> please help
<JiHui_Choi> ubuntu 13.10, cron makes two pids for one job. Is it normal?
<JiHui_Choi> init,1
<JiHui_Choi>   ââcron,1022
<JiHui_Choi>   â   ââcron,2191
<JiHui_Choi>   â       ââsh,2193 -c php -f /home/foo/bar.php
<JiHui_Choi>   â           ââphp,2195 -f /home/foo/bar.php
<JiHui_Choi> Of  course not, I think. please let me know how to fix this.
<|usefedora> Hi, I'm running precise server on a laptop, and I need some daemons to remain running when I shut the lid.
<|usefedora> Does anyone know how one might go about making that happen?
<smb> zul, I know, that is on my list. Yes, it is called code (and a bit of documents in the various doc subdirs in the source).
<memoryleak> i discovered a screen session running as root with the " while true; do echo -n "$(date) : "; echo "$(dig +short www.beaverbrooks.co.uk @dns0.star.co.uk)"; sleep 1; done" command running :(
<Simon818> Hi. Anyone around for a quick install-related question?
<Simon818> lol I guess IRC will always be a place for idle people
<bluefrog> ask your question first. comment after
 * Simon818 nods
<cfhowlett> !ask|Simon818,
<ubottu> Simon818,: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Simon818> So I'm wondering what to expect when installing Ubuntu server. I ask this because I am a blind computer user and want to make sure I even can
<cfhowlett> Simon818, be aware that the default is no graphic user interface ...
<Simon818> I definitely wasn't impatient, just haven't had to venture onto IRC for a long time. Sorry if it seemed that way. Anyways, onward
<cfhowlett> Simon818, no worries.
<cfhowlett> memoryleak, I'd suspect you have a script somewhere invoking that dig command.  definitely NOT ubuntu default so ...
<memoryleak> cfhowlett: I suspect the server is compromised
<Simon818> Actually not having a GUI is better. But I do wonder whether I can, say, connect via SSH and then complete the install process. I gues I could try and mess with the server machine to get seakup running or something but, seems kind of pointless if said thing is possible.
<cfhowlett> memoryleak, based on this alone?
<Simon818> *speakup
<cfhowlett> Simon818, ssh is out of my area of experience ...
<memoryleak> cfhowlett: It's at least a good reason to investigate further
<Simon818> Hmm ok
<cfhowlett> memoryleak, agreed.
<memoryleak> cfhowlett: Especially because it's in a infinite loop
<cfhowlett> Simon818, repost at intervals and someone should answer
<cfhowlett> memoryleak, yeah, that's typically a good sign of foul play.
<Simon818> I'd assume that the install process is something like a standard comand line installer with prompts and such
<cfhowlett> Simon818, indeed - CLI all the way
<bluefrog> Simon818, if you want to access a server via ssh then what is your problem? what you have on screen will be read by your system, no?
<Simon818> wonder if server comes with sound drivers... somehow I think not
<memoryleak> cfhowlett: There are so many users on that server with SSH access, develoepers, wannabe sysadmins and so on.
<cfhowlett> Simon818, I don't recall but they're easily added
<cfhowlett> memoryleak, infinite loops seems like a kiddie script.  hiding it in the root processes seems malicious ...
<Simon818> bluefrog: I need a way to INSTALL the server to begin with, so was just trying to determine whether I could install the server OS onto machine 2 using machine 1 for SSH access
<cfhowlett> Simon818, http://www.unixtutorial.org/2009/05/ubuntu-ssh-how-to-enable-secure-shell-in-ubuntu/
<cfhowlett> !ssh|Simon818,
<ubottu> Simon818,: SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)
<cfhowlett> Simon818, as I said, someone on this channel has done installation via ssh - just not me
<Simon818> Hmm yeah, PuTTY is what I use generally too
<shredding> If i want to upload or download stuff to my ubunto server and am logged in with ssh, I have to log out and reloing to sftp and after that logout and relogin with ssh to continue work.
<shredding> is there a faster way?
<bluefrog> Simon818, have no way to test a server install right now. might take me 30 minutes before i can do that
<Simon818> t's no big deal, I'm having a look at some resources I know of in the meantime, because I know people have done this before.
<bluefrog> Simon818, am downloading a server. will test that in 30 minutes if you stick around
<shredding> Or is there a way to upload stuff via ssh?
<Simon818> I should be here, I'm already up late, no reason to bother changing that now. lol
<bluefrog> Simon818, i assume you will have speakers hooked up to the machine used for servers...
<Simon818> sure, easy enough to do. It's just an old junk desktop that can't run windows worth a crap, so figured I'd play with Linux and familiarize myself with it more
<Simon818> I've used Linux for years in a VPS type situation, so I suppose this is experimental as much as anything
<mardraum> Simon818: easiest way is to use scp
<Simon818> for what exactly?
<mardraum> Simon818: sorry, responding to earlier questions about upload/download
<Simon818> Oh I think that was someone else
<mardraum> christ
 * mardraum takes reading classes
<Simon818> it happens. Lol
<mardraum> shredding: look into scp, it's easy and you can do it in either direction
<shredding> ah, so scp is a command that is executed from within ssh?
<shredding> mardraum: But I cant scp to my local computer?
<mardraum> from your shell, yes
<mardraum> shredding: assuming you make ssh available on your local connection, you can
<mardraum> shredding: you can also run multiple windows within a ssh session, look into tmux or screen
<shredding> What does it mean to âmake ssh availableâ on my local machine? Iâm on a mac and want to download log files to my local machine or upload stuff without having to open cyberduck or other clicky-dicky stuff.
<shredding> i have ssh installed and can login via ssh from my mac, does that mean i have it âavailable"?
<mardraum> just open a new terminal and use sftp or scp?
<bluefrog> shredding, yes you have ssh scp sftp on mac
<bluefrog> mac is linux
<bluefrog> proprietary linux :)
<mardraum> well, it's not actually linx
<shredding> So if I connect from my mac to my ubuntu server ...
<bluefrog> yeah bsd
<bluefrog> shredding, yes
<shredding> What would be server in that case: scp file  user@server:/targetdirecotry/
<shredding> (if i want to download file)
<bluefrog> shredding, scp user@server:/targetdirecotry .
<shredding> ?
<bluefrog> shredding, to download the target blah blah into your current dir
<mardraum> shredding: assuming your local machine does not listen on port 22 on the internet, or have it forwarded, it's going to be easier to run from a local shell
<Simon818> someone mention me for a sec? I want to make sure I have the sound working
<Simon818> for some reason it wasn't before.
<shredding> but âserverâ is not correct, isnât it?
<bluefrog> Simon818, no
<Simon818> good times
<Simon818> bluefrog: thanks
<shredding> it should be an ip or so, but my local computer does not have a static ip.
<shredding> (sorry if i do not get the obvious)
<mardraum> shredding: open a new terminal on your local machine, and do "scp user@server:/some/path/file.txt ."
<bluefrog> shredding, server=address of the server, either a FQDN or IP
<shredding> I understand that, Iâm talking vice versa.
<shredding> If Iâm logged in on my ubuntu, how woul i push a file to my local machine?
<shredding> What would be âserverâ in that case?
<mardraum> your local machines has to have ssh open to the world
<mardraum> usually on home connections by port forwarding
<mardraum> we have no idea how your network is setup.
<bluefrog> shreddinged and you will need to know your public IP
<shredding> Well, there is no network setup.
<shredding> I connect to my wlan router and thats it.
<mardraum> really? you appear to be here
<shredding> Yeah, itâs a network.
<shredding> But my ssh is not open to the world.
<bluefrog> shredding, but actually it seems you may have to learn a bit more before tring to scp whatever
<mardraum> it's going to be easier for you to pull from the server
<mardraum> forget about the other direction, you are not setup for it.
<shredding> I already learned a lot, but once you open a door, a whole new world pops off and I feel like not knowing anything ;)
<shredding> Where can i read about that topic?
<mardraum> port forwarding?
<shredding> I have port forwarding setup on my local computer.
<shredding> Even though i did not fully understand what it does, but i have an idea.
<shredding> So basically i guess i have to pick up the greater topic.
<Simon818> local computer ... port forwarding .... *WHAT*?
<shredding> Iâm not sure.
<shredding> I guess i will start by reading the scp man page.
<shredding> thanks for the input, all.
<bluefrog> Simon818, out of curiosity, how do you activate speakup on a normal install?
<bluefrog> Simon818, trying the server install. there's no speakup option when starting it. you will need someone to do the install for you
<bluefrog> Simon818, or you could set up a network install, preseed and launch a stand alone server install
<Simon818> bluefrog: your last option sounds somewhat promising, I have n oidea how to go about doing that though
<Simon818> bluefrog:  sorry, I was afk for a few. I know people have done this, it can't be impossible.
<bluefrog> Simon818, https://help.ubuntu.com/community/Installation/Netboot
<bluefrog> Simon818, http://searchitchannel.techtarget.com/feature/Performing-an-automated-Ubuntu-install-using-preseeding
<Simon818> aha
<Simon818> bluefrog:  both of these look useful, checking now. thanks
<Simon818> bluefrog: It looks like kickstart is probably the best option. I'd like to investigate the idea of accessing the server installer remotely somehow so I can install it myself in the right circumstances, but this is no different from the way we have to do windows installs, so I'm used to it. Thanks a lot for investigating this, I really wouldn't have known where to look.
<rostam> HI I am using LTS 12.04. I like to upgrade the grub to the version released with 12.10. Is this possible? if so how I can do that? thx
<cfhowlett> rostam, sudo apt-get distp-upgrade
<cfhowlett> rostam, will update ALL your currently installed packages to current levels in the repos
<rostam> cfhowlett,  Thanks for info, but I like to stay with LTS release, I want to upgrade only grub if it is possible???
<cfhowlett> rostam, that WILL keep the lts release
<bluefrog> rostam it will upgrade for 12.04 not 12.10
<cfhowlett> rostam, sudo apt-get install grub2
<cfhowlett> !grub
<ubottu> GRUB2 is the default Ubuntu boot manager. Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - For more information and troubleshooting for GRUB2 please refer to https://help.ubuntu.com/community/Grub2
<cfhowlett> see the RestoreGrub option
<rostam> cfhowlett, bluefrog  oh thanks, so far I have been using "apt-get upgrade"  I was not aware of "distp-upgrade", what are the differences? thx
<rostam> apt-get disp-upgrade is not valid so I missed something here...
<cfhowlett> rostam, apt-get dist-upgrade   my apologies - fat finger syndrome
<bluefrog> rostam, apt-get dist-upgrade and man apt-get to read about the differences
<rostam> thank you all.
<pmatulis> morning
<zul> jamespage:  i just noticed the neutron migration script got merged
<hallyn> zul: do you have a rig on which you could set up some nova stress testing for bug 1228977?
<uvirtbot> Launchpad bug 1228977 in nova "n-cpu seems to crash when running with libvirt 1.1.1 from ubuntu cloud archive" [High,Confirmed] https://launchpad.net/bugs/1228977
<hallyn> or do yo uknow who does?
<hallyn> i think just an hour of a script creating/starting/destroying instances should suffice
<zul> hallyn:  yeah gimme a sec
<zul> hallyn:  saucy or precise?
<hallyn> zul: saucy
<zul> hallyn:  yeah gimme a sec
<hallyn> awesome, thanks
<hallyn> oh look, gaughen didn't update the meeting page, she gets to run the meeting again :)
<zul> hallyn:  what do you need me to do?
<zul> hallyn::  yeah gaughen  has to run it again
<hallyn> zul: well the test case is a bit vague, so i think simply setting up a small openstack with libvirt-proposed, and making sure that heavy instance create/start/destroy doesn't crash anything and all instances start up,
<hallyn> will suffice.  we can at least say it absolutely did not regress, and appears to ahve been solved
<zul> hallyn: this one has the load fix as well?
<hallyn> zul: the one dberrange pointed us to, yeah
<zul> hallyn:  ok
<hallyn> then once mdeslaur pushes the new security fix i've got 3 more bugs to sru to saucy :)
<zul> ak
<hallyn> when does saucy eol again?  april?
<hallyn> july, ok, so worth it
<gaughen> hallyn, damn it
<gaughen> I guess I do get to run it, as penance  <-- hallyn, zul
<zul> gaughen:  i did
<zul> gaughen:  i had to run it twice because i forgot to update the wiki page
<gaughen> zul, it's fair
<gaughen> zul, are you really next?
<zul> gaughen:  no i dont think so
<[conrad]> Hello everyone. I'm using 12.04 and just recently installed a new NIC, and now my LTSP doesn't work anymore. Specifically the DHCP server isc-dhcp-server. I originally thought it wass because my interface went from eth1 to eth4, but I got that resolved ( it's now eth1 ). Trying to start the server via init or service results in a failure, and there is nothing in syslog, just "error code 1" in kern.log .
<cfhowlett> !ltsp
<ubottu> LTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project
<hallyn> zul: you should move yourself to the back then :)  i did assume iw as next after gaughen
<ogra_> [conrad], you might want to try #ltsp too
<zul> hallyn:  even better if i remove myself from that list :)
<[conrad]> cfhowlett: If that was for me, again it's just the DHCP server at this point that is the problem.
<cfhowlett> [conrad], OK.  completely over my head ...
<atpa8a> hello
<atpa8a> which upstart job executes init.d stuff?..
<jodh> atpa8a: /etc/init/rc.conf (see http://upstart.ubuntu.com/cookbook/#the-rc-job)
<atpa8a> rc-sysinit rather
<atpa8a> thanks
<caribou> gaughen: I might be slightly late to the meeting. I have nothing to bring up this week
<gaughen> caribou, thanks for the heads up. I try to move fast.
<rostam> HI I am using 12.04 LTS. I need to use grub2-common pkg which comes with 1210. I need to port this package to 12.04. How is this possible? thx
<hallyn> zul: jdstrand: there is a patch on today's livirt m-l to make vfio work (fixing bug #1276719).  i'll probably merge it in when i push the fix for the trusty machine type
<uvirtbot> Launchpad bug 1276719 in libvirt "apparmor denies VFIO passthrough: RLIMIT_MEMLOCK and /dev/vfio/XX" [Medium,Confirmed] https://launchpad.net/bugs/1276719
<bluefrog> rostam try your luck with backport repo
<jamespage> zul: great!
<rostam> bluefrog: you said "luck" that scares me. Thx
<bluefrog> rostam, don't know if there's a backport for that
<zul> hallyn:  ack
<rostam> bluefrog,  thanks,
<jamespage> coreycb, zul: either of you have capacity to look at https://jenkins.qa.ubuntu.com/view/Trusty/view/AutoPkgTest/job/trusty-adt-python-boto/5/
<jamespage> that's blocking boto -> release for 14.04
<coreycb> jamespage, sure
<coreycb> jamespage, what package is this for?
<zetheroo> After performing an update and rebooting the server will no longer boot up .. trying in recovery mode it comes to the point "Gave up waiting for root device." and dumps me into initramfs ... :P
<zetheroo> Above it says "Alert! /dev/disk/by-uuid/*UUID* does not exist.
<timmytimtimo> i choosed Server Virtualization for my final project. i want to use ubuntu server 12.04, how can i get kvm and libvirt-bin to install
<timmytimtimo> i need help?
<cfhowlett> timmytimtimo, not going to do your homework for you ---
<cfhowlett> !info !kvm > timmytimtimo,
<cfhowlett> !info kvm > timmytimtimo,
<timmytimtimo> cfhowlett, please how can i install kvm and libvirt-bin?
<cfhowlett> timmytimtimo, have you installed server?
<timmytimtimo> yes
<cfhowlett> timmytimtimo, have you installed any additional software on the server?
<timmytimtimo> NO
<cfhowlett> sudo apt-get install
<timmytimtimo> okay
<timmytimtimo> it said install can not be found on E:
<cfhowlett> timmytimtimo, time for you to stop being lazy "ubuntu + server + install + kvm" in your favorite search engine
<jpds> timmytimtimo: sudo apt-get install kvm libvirt-bin -y # done.
<gaughen> so is it zul or hallyn running the meeting next week?
<timmytimtimo> am new in ubuntu server
<hallyn> gaughen: put me down, move zul to right in front of you at the back
<gaughen> thanks hallyn, done!
<zul> thats fair
<zul> :)
<timmytimtimo> where can i download libvirt-bin?
<coreycb> jamespage, when you have a chance: https://code.launchpad.net/~corey.bryant/charm-helpers/1294140/+merge/212430
<jamespage> coreycb, something is wonky with your branch
<coreycb> jamespage, hmm
<coreycb> jamespage, I have parent branch: bzr+ssh://bazaar.launchpad.net/~openstack-charmers/charms/precise/nova-compute/icehouse/
<jamespage> wrong target - lp:~openstack-charmers/charm-helpers/icehouse
<jamespage> yeah - you are targetting a nova-compute update against the charm-helpers branch
<jamespage> coreycb, ^^
<coreycb> doh
<coreycb> jamespage, that's right.. the last fix I proposed was for charm-helpers and I re-used that
<coreycb> fixing
<jamespage> coreycb, good-oh
<coreycb> jamespage, https://code.launchpad.net/~corey.bryant/charms/precise/nova-compute/1294140/+merge/212667
<jamespage> coreycb, +1 merged
<jamespage> thanks
<jamespage> !
<coreycb> jamespage, np thanks!
<zul> hallyn:  looks ok so far
<hallyn> zul: awesome, thanks.  if you add a comment to the bug i'll add the verification-done tag
<zul> hallyn:  bug number again?
<hallyn> bug 1228977
<uvirtbot> Launchpad bug 1228977 in nova "n-cpu seems to crash when running with libvirt 1.1.1 from ubuntu cloud archive" [High,Confirmed] https://launchpad.net/bugs/1228977
<zul> hallyn:  done
<hallyn> excellent, thx
<hallyn> mdeslaur: ^ how long will the saucy-security package percolate?
<hallyn> (i'll make a note to push the next 3 patches to -proposed the day after)
<mdeslaur> hallyn: it depends how long it's going to take me to test it...it's lxc fixes
<mdeslaur> hallyn: there's a test script for the lxc backend, right?
<mdeslaur> hallyn: let me build it and stick it in the security team proposed PPA, and I'll let you know
<hallyn> mdeslaur: oh feh, i don't expec tthose to work now
<hallyn> sorry
<mdeslaur> hallyn: oh har har, another cve popped up
<mdeslaur> hallyn: forget it, push your changes to -proposed, it's going to take me a while to get to it
<hallyn> mdeslaur: ok - if you need to drop these no big deal (these should be pretty simple).
<hallyn> thanks, ttyl
<utlemming> smoser: i386 cloud images are failing to build: http://paste.ubuntu.com/7152440/
<utlemming> smoser: it looks like libc6-xen requires a version a libc6 that is older than what is already installed/required
<smoser> https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1271534
<uvirtbot> Launchpad bug 1271534 in eglibc "libc6-xen:i386 installation can cause panics on boot" [High,Fix released]
<smoser> that is what did it
<Valduare> hey guys how do I setup a reverse ssh tunnel that auto re-connects
<andol> Valduare: s/ssh/autossh/
<Valduare> autossh?
<Valduare> googling that
<andol> Acts as a wrapper around ssh, but also establishing an additional tunnel loop which it uses to check whatever the connection is still alive, reconnecting if neccesary.
<Valduare> interestin
<Valduare> andol: hmm
<Valduare> http://akntechblog.wordpress.com/2010/09/11/autossh-for-persistent-reverse-ssh-tunnels/
<Valduare> following this guide
<Valduare> having trouble
<Saur0_> hi can anyone help me set up lvm with 4 tb disks?
<arlen> >
<patdk-wk> is there no way to know the current users home directory in apparmor?
<sarnold> patdk-wk: none, sorry
<sarnold> patdk-wk: if you use the 'owner' rule with the @{HOME} variable, you can at least confine them to scribbling over their own files..
<patdk-wk> no that doesn't work
<patdk-wk> people keep setting things owned by the www-data group
<patdk-wk> then other users are screwing with them
<patdk-wk> figured if I could use apparmor to rmeove access to other home folders, solved
<sarnold> patdk-wk: 'owner' wouldn't allow them to screw with each other via the www-data group owner, they really would need to be the -owner-
<patdk-wk> no
<patdk-wk> for some reason the users think www-data needs write access
<sarnold> patdk-wk: i really do think something like "profile user_shell { owner @{HOME}/ rw, owner @{HOME}/**/ rw, owner @{HOME}/** rw, } would go a long way towards knocking off that kind of crap :)
<patdk-wk> wait
<patdk-wk> what does that owner flag do?
<patdk-wk> haven't see nthat in my reading
<patdk-wk> ah, ya, that should do it
<jjohansen> patdk-wk: it only permits access to files who oid == the tasks fsuid
<patdk-wk> now, hmm, I wonder what shell I run these users as :)
<patdk-wk> how does the matching work?
<patdk-wk> first to match? last to match?
<sarnold> patdk-wk: depends; for 'x' rules, that's a most-specific-rule-wins; the other rules in a policy accumulate
<sarnold> patdk-wk: if you want your users to get a confined shell on login but don't want to confine /bin/bash (you don't :) -- check this out: http://wiki.apparmor.net/index.php/Pam_apparmor_example
<patdk-wk> ok, just wondering how to add in a /home/shared folder
<sarnold> patdk-wk: that'd be something like "/home/shared/ r, /home/shared/** rw,"  -- just leave off the 'owner' qualifier
<patdk-wk> but then how will that interact with the owner /home/**/ rw,
<patdk-wk> that is what I'm wondering
<sarnold> patdk-wk: it should Just Work; the 'owner' rules will grant some accesses, the /home/shared/** rule will grant other accesses, and the union of all the rules should work out just as you expect
<raj__> within bash script I use "for file in /xx/* " to refer to all files within /xx but to refer to all files within "xx" as well its subfolders in the for statement, what can I use ?
<sarnold> raj__: check out the 'globstar' entry in bash(1) -- I think that enables the ** feature from zfs
<sarnold> err, not zfs, zsh
<sarnold> stupid brain :)
<larsemil> i am running ubuntu on several servers. I mount an nfs share to different servers. It works fine on all except 2 servers. On the host i get: [ 1706.286305] lockd: server mail not responding, timed out
<larsemil> for that and the other server.
<larsemil> any takes?
<raj__> sarnold: thanks sarnold, that worked out!
<raj__> sarnold: could I probably filter all files  to  "   .xyz" files within folder & subsequent subfolders ?
<patdk-wk> sarnold, almost works
<patdk-wk> I have it so users can't read other users folders at all
<patdk-wk> but they can still write to them :(
<coreycb> zul, jamespage: can you take a look when you get a chance?  https://code.launchpad.net/~corey.bryant/ubuntu/trusty/python-boto/jenkins-2014-02-26/+merge/212722
<jamespage> coreycb, what's the rationale for dropping the assertion in the unit test?
<coreycb> jamespage, that assertion was failing
<jamespage> coreycb, do we know why?
<coreycb> jamespage, not exactly...
<dragoonis> curl https://monitoring.api.rackspacecloud.com/pki/agent/linux.asc | sudo apt-key add -
<dragoonis> The program 'curl' is currently not installed.  You can install it by typing:
<dragoonis> apt-get install curl
<dragoonis> E: Package 'curl' has no installation candidate
<dragoonis> Help ?
<Valduare> hi guys
<Valduare> anyone here know how autossh works
<coreycb> jamespage, it looks to me like the assertion should be testing for True, if I understand MagicMock correctly
<sarnold> raj__: probably /foo/**.zyx
<sarnold> patdk-wk: hrm; can you pastebin your profile? I'll give it a look
<patdk-wk> well, it is fixed
<patdk-wk> except if a user knows the exact path they have permissions to write to
<patdk-wk> http://pastebin.com/yUb1U6Fy
<patdk-wk> it's probably, good enough
<patdk-wk> just not perfect
<sarnold> patdk-wk: nice :)
#ubuntu-server 2014-03-26
 * RaptorJesus exposes himself to the channel and slaps everyone in the face.
<Patrickdk> sarnold, gave up on attempting to attach the profile to a shell
<Patrickdk> I just added aa_change_profile, that worked good
<Patrickdk> cause currently, I don't launch a shell for these users
<sarnold> Patrickdk: cool! :)
<sarnold> Patrickdk: yeah, if they don't already use a shell, trying to make that fit would be annoying.
<Patrickdk> heh, just some stupid issues
<Patrickdk> can't get a standardized base config
<Patrickdk> even including all the base stuff, users still can't do stuff like run sendmail
<Valduare> hi guys
<Valduare> i need help with autossh
<Valduare> i need to setup a reverse tunnel from one server to another server
<Valduare> having troubles figuring this autossh out
<phunyguy> anyone alive in here?  Wondering if, short of backing up my data and doing a complete format of this mdadm array, I can convert from RAID5 to RAID6 provided I have the free space remaining to account for the decrease in size of the array...
<zetheroo> On a system which we do not want to shutdown, what would be the simplest way to backup the root disk? Would an rsync of / be sufficiant?
<timmytimtimo> where can i get Virtinst to install on my Ubuntu server 12.04.3?
<RoyK> timmytimtimo: I'd start with an apt-get update && apt-get dist-upgrade to get it up to 14.04.4 ;)
<RoyK> timmytimtimo: after that, just apt-get install virtinst
<timmytimtimo> it show error: E:unable to locate package virtinst
<RoyK> timmytimtimo: update first
<RoyK> and please upgrade - 14.04.3 isn't very new
<RoyK> erm
<RoyK> 12.04.3
<RoyK> timmytimtimo: I have the package installed on 12.04.4
<timmytimtimo> RoyK lets do private chat please
<BoozeWooz> I've set-up a webserver using ubuntu 12.04 LTS server edition, and everything runs fine (apache etc), except, sometimes the DNS lookup will redirect to the old webhost ?! http://network-tools.com/default.asp?prog=dnsrec&host=www.tsbvchikara.nl
<timmytimtimo> ?
<timmytimtimo> how can i install ethtool on my ubuntu server 12.04.3
<RoyK> timmytimtimo: most tools can be installed with apt-get. google it. and don't PM people for support
<timmytimtimo> okay
<timmytimtimo> thanks
<hxm> someone had the problem to run dropboxd downloaded from dropbox.com and it does nothing? no error message no success
<hxm> ah, found it
<zul> jamespage: ping when you are around
<jamespage> zul, pong I;m back
<zul> jamespage:  so cinder bumped oslo.mesaging to a9 which is fine...however a9 has a new dependency on oslotest which isnt in the archive
<zul> there is two ways i see this being fixed:
 * jamespage listens
<zul> (1) package oslotest
<zul> (2) copy over oslotest into oslo.messaging and drop the patch after oslotest is in the archive
<zul> (3) sync it from experimental and write the MIR
<zul> it being python-oslotest
<zul> jamespage:  thoughts?
<jamespage> zul, I'd do 3)
<jamespage> on the assumption we can get a friendly MIR team member to review for use
<jamespage> us
<zul> jamespage:  yeah
<ttx> MIR team member. Now that's a bit confusing
<zul> ttx: how is it confusing?
<ttx> Mir or MIR ?
<zul> ttx: meh :)
<rbasak> ttx: well, I'm case sensitive :)
<zul> jamespage:  im seeing some weirdness in the charms http://pastebin.ubuntu.com/7157174/
<jamespage> zul, oh - that will happen before the amqp relation forms
<jamespage> it should sort itself out
<zul> jamespage:  ok
<hallyn> jdstrand: so far I've still not reproduced actual fs corruption with qcow2.  I do see that it is insanely slow - though this is qcow2 on btrfs on lvm, which may be the reason.  but it happens irregardless of snapshot activity
<hallyn> i.e. unpacking ncurses-term always takes forever
<jdstrand> hallyn: I have seen your pleas for me to give more feedback. I unfortunately have been using my VMs heavily lately. I will respond soon-- it is high on my priority list
<jdstrand> sorry for not responding sooner
<hallyn> jdstrand: heh, ok, thanks.  np.  I just dont' want to be impacting *your* workflow iwth qcow2 not working.
<hallyn> ttyl
<jdstrand> I'm using the saucy qemu for now
<jdstrand> but I'm quite worried when people install the LTS
<jdstrand> (and openstack, etc, etc)
<semiosis> jdstrand, marcoceppi, jamespage: any update on the glusterfs MIR?
<semiosis> sarnold: ^^
<jdstrand> semiosis: sarnold is going through the list. I think he had 4 MIRs to review. 2 are done. it is coming
<semiosis> jdstrand: thx.  is it even possible this will get into trusty at this point?
<semiosis> jdstrand: and thus support for gluster in qemu
 * semiosis is not optimistic
<jdstrand> I think it depends on the outcome of the review
 * jdstrand is not on the release team
<semiosis> ok cool, then there is still hope, maybe :)
<jdstrand> I think there is hope
<hallyn> mdeslaur: did you have any plans regarding virt-manager in trusty?  i.e. last-minute update to 1.0.1? :)
<mdeslaur> hallyn: nope. There are a zillion new dependencies in universe that would require a MIR before 1.0.x can go in
<mdeslaur> hallyn: I did rebase all our patches though, I could perhaps stick it in a ppa if someone wants it
<hallyn> mdeslaur: thanks - was mainly wondering about some of the open bugs whether it was worth backporting patches.
<hallyn> i don't personally care for ppa and haven't seen anyone ask for one.  thanks though.
<Kully> How do I link a directory? i.e. I want /var/www/ to not actuall contain anything and store all the files that would normally be in there in /vol/var/www/
<med_> Kully, you can do a bindmount if you want.
<med_> e.g., sudo mount --bind /mnt/Files/Music /home/user/Music
<med_> so sudo mount --bind /vol/var/www /var/www
<med_> ref: https://help.ubuntu.com/community/Mount
<med_> http://manpages.ubuntu.com/manpages/lucid/man8/mount.8.html
<coreycb> jamespage, can you review please?  https://code.launchpad.net/~corey.bryant/ubuntu/trusty/python-boto/jenkins-2014-02-26/+merge/212722
 * Corey eyes coreycb 
<coreycb> Corey, nice name :)
<Corey> Likewise. Congratulations on spelling it properly!
<Kully> med_ thanks for that; that's what I'm looking for.
<Corey> coreycb: I've moved away from boto and started using libcloud instead, so I'm a bit rusty on the boto side of the world, but that test *looks* sane on first glance.
<coreycb> Corey, ah thanks, you didn't have to review
<Corey> Eh, I've been slacking on my contributions lately. :-)
<coreycb> Corey, heh.  we corey's have to stick together
<Corey> Oh, I know who you are now!
<jamespage> coreycb, some comments
<Corey> Congrats on the new job.
<zul> coreycb: can i suggest koreycb :)
<coreycb> zul, ha
<coreycb> ok Corey and I have chatted, we know each other now
<Corey> *snerk*
<Corey> And yeah, I missed the /home/ubuntu; I was focusing on the date math portion of coreycb's test.
<jamespage> matsubara, hey - could you pickup the maas tests for beta 2?
<matsubara> jamespage, is that the ISO tests? yes, once I'm done with the upgrade tests I can do that.
<jamespage> matsubara, yes please
<beisner> jamespage,matsubara - fyi I've been putting some cycles into the iso tests @ qa tracker
<coreycb> jamespage, updated per your comments - https://code.launchpad.net/~corey.bryant/ubuntu/trusty/python-boto/jenkins-2014-02-26/+merge/212722
<adam_g> jamespage, zul heads up -- https://review.openstack.org/#/c/82154/  this will probably break your builds but it looks like neutronclient was SRU'd to include the fix that required the bump to 2.3.4, so it should be safe to patch out
<zul> adam_g:  gah..
<adam_g> zul, welcome to openstack stable updates :)
<zul> adam_g:  bah
<Kully> do bridged directories store files in both locations? doesn't seem to show a symblink or anything when listing
<bekks> What are bridged directories?
<jamespage> beisner, +1
<jamespage> thanks
<rostam> HI I am using 12.04 LTS where can i find the bugs related to libssl package for LTS release? thx
<ndee> I'm running a server with around 3-5 web devs accessing it, does anyone know a good user managment scheme to use for such a case? They work on a public_www directory and sometimes, they have to edit files which also have to be editable by the www-data user. So just put them into the www-data group?
<TJ-> ndee: DVCS and some kind of CI tool (e.g. git + jenkins) ?
<rostam> HI is pysnmp supported on debian?
<adam_g> jamespage, am i still allowed to upload to cloud-archive staging PPAs? i still have access to. was hoping to get the newest trusty libvirt pushed
<zul> adam_g:  what do you need push?
<adam_g> zul, libvirt 1.2.2-0ubuntu6  -staging is still at ubuntu4
<adam_g> (icehouse)
<zul> adam_g:  okies gimme a bit..i need to fix it up
<zul> adam_g:  just doing a test build before uploadeing
<adam_g> zul, \o/ aweome thanks so much
<zul> adam_g: done
<adam_g> zul, thanks again
#ubuntu-server 2014-03-27
<wo0f> is it normal to be gettings lots of UDP spam?
<wo0f> see here: http://pastebin.com/LUm906Z2
<zul> jamespage:  im doing CA catch up this morning
<jamespage> zul, +1000
<jamespage> needs goind
<jamespage> matsubara, hate to ask but maas iso testing?
<matsubara> jamespage, hi, sorry, today I have the CIAAS presentation and then can continue with the ISO testing.
<matsubara> jamespage, today is the final beta freeze at 21utc, right?
<jamespage> matsubara, yes
<jamespage> trying to get it out the door right now
<jamespage> beisner, are the maas tests something you could help out with?
<moza> Hello, I am having problems connecting to my svn server for all repositories access which permissions are handled by apache. I'm unsure where to look for errors
<jamespage> zul, bug 1297705
<uvirtbot> Launchpad bug 1297705 in keystone "keystone logrotate configuration causing service disruption" [High,Triaged] https://launchpad.net/bugs/1297705
<jamespage> we should probably SRU the fix for that as well
<zul> jamespage:  agreed
<beisner> jamespage:  yep, planning on it.
<jamespage> matsubara, beisner: ok - so need to happen in the next couple of hours if possible please
<beisner> jamespage, matsubara - i can dedicate the morning to plowing through those, starting in appx 30 min.
<caribou> rbasak: FYI, it's online now : https://help.ubuntu.com/14.04/serverguide/cloud-images-and-uvtool.html
<zul> jdstrand: *cough* https://bugs.launchpad.net/ubuntu/+source/heat/+bug/1267557 *cough*
<uvirtbot> Launchpad bug 1267557 in heat "[MIR] heat" [Medium,New]
<zul> jamespage:  ok python-oslotest good to go...ill update the new python-oslo.messaging today
<zul> jamespage:  also for those playing along at home https://bugs.launchpad.net/ubuntu/+source/python-pbr/+bug/1298384
<uvirtbot> Launchpad bug 1298384 in python-pbr "pbr 0.7.0 ftbfs with python3.2" [Undecided,New]
<jamespage> zul, thats a CA issue inly right?
<jamespage> zul, excellent - thanks for sorting this
<zul> jamespage:  yeah i fixed it in the packaging and uploaded it to the trusty archive so we can sync it back over
<jamespage> zul, ah - nice
<jdstrand> zul: I know :)
 * jdstrand notes that the security team is crazy busy getting pulled in every direction and doing the best we can :)
<jdstrand> I'm working on the juju-core/golang stuff now
<zul> jdstrand:  oh i know...its like that for everyone :)
<jdstrand> it is, for sure
<zul> jdstrand:  *snicker* heat is more important ;)
<jdstrand> just know I haven't forgotten
<zul> jamespage:  when you get a chance can you do dh-python, im not comfortable with it
<jamespage> zul, syre
<jamespage> zul, oh - we need to sort xen as well
<zul> jamespage:  im on it
<jamespage> zul, qemu will need a rebuild afterwards
<zul> jamespage:  ack
 * jamespage hugs zul
<smb> zul, jamespage "sort" in what way?
<zul> the LDFLAGS stuff again
<smb> oh _that_ :/
<zul> smb:  yes that :P
<jamespage> smb, zul: anyway we can have that in the trusty packaging so it becomes a no-change backport again?
<zul> jamespage:  it was never a no-change backport
<jamespage> ok scrub again
<jamespage> " so it becomes a no-change backport"
<zul> there is a line in the debian/control which made it fail everytime
<jamespage> ah
<zul> yeah i can possibly do that
<smb> Hm, I suppose we could but then we would differ from Debian
<jamespage> oh
<smb> zul, If it is wanted I can add stuff to the update I am currently working on. Just let me know
<zul> smb: its the "Built-Using: ${misc:Built-Using}" line that causes it to fail on 12.04
<zul> smb:  oh i will
<zul> smb:  im not sure what that line does
<smb> zul, Ohm I thought it was the need to unset LDFLAGS
<zul> smb:  not sure
<smb> zul, The built-using I think gets replaced by some stuff (qemu/seabios versions) I think. But that I would not remove in the T packaging
<zul> smb:  okies
<zul> smb: its too late to see if it breaks anything
<smb> zul, Too late? I suppose for a current upload
<zul> smb:  perhaps
<evilbug> i'm not very familiar with firewall software on linux but i'm thinking of installing shoreline on my ubuntu 12.04 home server. would that be a good choice or no?
<smb> zul, I meant was that a question or statement?
<smb> zul, For a certain amount of gratuity in May I can have a look at a precise sbuild of the trusty package I am working on ... :)
<zul> smb:  statement
<rbasak> caribou: nice! Thank you for all your work. I really appreciate it since I hate writing docs :)
<caribou> rbasak: we all do; but in this case it gave me the opportunity to get up to speed with uvtool rapidly
<jamespage> smb, while we have your ear
<jamespage> can you tell me what caused the tainted message in the last comment of https://bugs.launchpad.net/ubuntu/+source/iscsitarget/+bug/1291641
<uvirtbot> Launchpad bug 1291641 in iscsitarget "iscsitarget-dkms 1.4.20.3+svn496-1ubuntu1: iscsitarget kernel module failed to build" [High,Fix released]
<smb> jamespage, No! I still need those
<jamespage> I'm sure its something iscsitarget is doing wrong but I can't figure out what
<jamespage> smb, :-)
<smb> jamespage, That should just be a result of having module signing. As iscsitarget is a dkms module it cannot be signed by the same key as the rest of the kernel (because that gets thrown away after build)
<zul> jamespage:  xen uploaded to the ppa
<jamespage> zul: great!
<zul> jamespage:  looking at mongo next
<jamespage> there is a branch for mongo
<zul> oh there is?
<zul> hehe...telegram for mongo
<zul> sorry candygram
<jamespage> zul, https://code.launchpad.net/~ubuntu-cloud-archive/
<jamespage> precise-icehouse branch
<jamespage> you should be able to bzr merge ubuntu:mongodb
<zul> ack
<jrwren> is there a uvtool for lxc ?
<jamespage> zul, dh-python done
<zul> jamespage:  thanks...mongodb is building locally for me now
<jamespage> zul, takes a while
<zul> jamespage:  i noticed that the last one ftbfs...at least the amd64 one did
<rbasak> jrwren: no. I'd like to write on at some point, though.
<rbasak> one
<rbasak> uvt-lxc, to work in the same way for the parameters that make sense
<rbasak> uvt-simplestreams-file, to maintain a local store of cloud image tarballs
<rbasak> (and eventually deprecate calling uvt-simplestreams-file and uvt-simplestreams-libvirt directly, instead making it an automatic step of calling uvt-kvm and uvt-lxc when necessary)
<jrwren> rbasak: let me know if/how I can help
<smb> zul, Oh, btw as you have not yet uploaded the new libvirt for T, wait a bit longer. I would have a replacement which is fresh(er) and shiny. :)
<zul> smb: okies
<foo357_> Hello, I have two ubuntu machines (a client and a server). The server synch's it's accounts over to the client through sync-accounts. I have a pair of accounts defined on the server which I want to keep from being updated, how do I do that?
<foo357_> On the client I have assigned these accounts to a special group, and that is subsequently lost when the server synchs and doesn't know of this information.
<zul> jamespage/coreycb: https://code.launchpad.net/~zulcss/python-keystoneclient/0.7.1/+merge/213100
<jamespage> zul, usptream
<zul> fuck
<zul> jamespage:  fixed
<jamespage> zul, language timothy!
<zul> jamespage:  damn it, it should be in that branch now
<jamespage> zul, does that need a ffe? its a major version bump
<beisner> jamespage:  maas testcases -> contain deprecated commands (filed documentation merge proposal), and 1+ failed subtest in the testcase, which is actuall 10 testcases.
<sander^work> After upgrading to unbuntu 12.04.. I got a notice that I need to run a phpmyadmin script called create_table.sql to give access to a database for extended features.. I have no idea where that script is located.
<jamespage> beisner, nice work - thanks for working through those
<sander^work> I did an updatedb.. and a locate.. nowhere to be found.
<smb> zul, New shiny libvirt for T uploaded to https://launchpad.net/~smb/+archive/xen/+packages (though not build there, yet). Worked quite nicely for a T desktop install. Though I really wonder how desktop always manager to f*** err fail on some things.
<thedanielmatt> you could try âfind"
<thedanielmatt> @sander^work may try something like âsudo find / -type f -name âscriptnameââ
<zul> smb: ack ill get to it today or tom
<smb> zul, roger that
<sander^work> thedanielmatt, no result
<thedanielmatt> maybe take off the â-type f"
<pmatulis> sander^work: i think package 'libapq-postgresql3.2.0-dev' provides '/usr/share/doc/libapq-postgresql3.2.0-dev/examples/create_table.sql'
<beisner> jamespage, matsubara - i plan to run those to ground today (maas iso tests) and submit testcase updates (syntax/cli etc) as needed.
<pmatulis> version number may be different.  that's on saucy
<pmatulis> sander^work: â
<sander^work> thedanielmatt, still no result. Really wondering of the upgrade did take with itself the right scripts. Maybe the maintainer forgot it or something.
<thedanielmatt> sander^work: check out what pmatulis said
<sander^work> pmatulis, it's mysql.
<pmatulis> sander^work: maybe phpmyadmin says stuff that doesn't make sense on debian/ubuntu
<pmatulis> sander^work: apt-file told me you can get that script with that package
<sander^work> pmatulis, I think that's a coinsidence. That postgresql script has nothing to do with phpmyadmin.
<pmatulis> sander^work: ok.  can you tell what package is the origin of the message you saw?
<pmatulis> sander^work: maybe pastebin the entire line, plus a few lines before and after
<sander^work> pmatulis, http://pastebin.com/Mb4vXHJb
<sander^work> pmatulis, it basicly displays an notice about it, for enabling extra features inside phpmyadmin.
<sander^work> pmatulis, i'm fine with disabling those extra features aswell I guess.. But I dont know how.
<pmatulis> sander^work: so you see it within the php interface?
<sander^work> pmatulis, yep.
<pmatulis> sander^work: ha
<pmatulis> sander^work: http://forums.gentoo.org/viewtopic-t-883135-start-0.html
<pmatulis> sander^work: if that doesn't push you forward, please see the phpmyadmin folks.  i see you are in #phpmyadmin
<zul> Daviey: ping python-oslotest is still in binary new can you punt it out of there? please
<Daviey> zul, are you sure it is there?
<Daviey> ah yea.
<checkit> Hey guys, on my centos box I can serv sites from http://hostname/~username. How can I do this from my ubuntu box with apache2?
<jrwren> that is called userdirs
<jrwren> i'm pretty sure its default in ubuntu apache
<zul> Daviey:  if im stuck in an alternate universe then yes
<checkit> jrwren: I'm migrating from CentOS so there are some minute differences that I'm trying to overcome.
<zul> checkit:  mdir -p public_html in the users home directory and make sure its 755
<checkit> jrwren: It doesn't seem to be defaulted.
<checkit> zul: What is mdir?
<checkit> you mean mkdir
<zul> yes
<checkit> I'm getting Forbidden error with permission denied... Do I need to add something to my vhosts?
<cuddylier> I had a DDoS attack yesterday on a Ubuntu box I have. Here is the screenshot of the bandwidth graph: http://puu.sh/7LCFB.png Does outbound mean someone on the box sent the attack out rather than the actual box being DDoSed?
<w0rmie> Be
<Havenstance2> cuddylier, has this been answered yet?
<cuddylier> Havenstance2 No
<Havenstance> okay some backgrounds on networking, when something comes to your machine from outside its logged and called Inbound connections, when something is sent out its outbound
<Havenstance> alot like your phone, you call someone its outbound call, they call you its inbound
<Havenstance> what this graph shows me is that someone initiated a DDoS attack from your machine starting at approx 23:40 and lasting until just after 00:00 so approximately 20 minutes long
<Havenstance> might not even have been DDos, is this a gateway machine? like does it server your network?
<Havenstance> cuddylier, I have seen Bit Torrent clients do this to bandwith too so if its a torrent box or has torrent client on it someone may have downloaded something
<Havenstance> if its a network server then someone within the network may have downloaded something
<jrwren> cuddylier: do you have any per udp port charts to go with that?
<cuddylier> Havenstance: It's a box for game hosting but I can't see anything in my game panel logs that indicate someone started a java process that was sending out traffic.
<jrwren> cuddylier: do you run DNS or NTP on that server?
<cuddylier> jrwren: No the datacentre only provide charts like that
<cuddylier> jrwren Neither
<Havenstance> cuddylier, yeah because a spike like that indicates that its sending a tremendous amount of data somewhere
<jrwren> cuddylier: cloud backups?
<cuddylier> I don't do backups no
<cuddylier> I however download files
<cuddylier> The thing is this floods the network port and the server becomes unaccessible
<cuddylier> Could downloading a file really cause that?
<cuddylier> It has a 100Mb/s port
<jrwren> cuddylier: are you SURE you arne't running dns or ntp?
<cuddylier> Yes, at least I didn't install it and the box is secure.
<Havenstance> cuddylier, if your running BitTorrent on it the explanation would be a seeding torrent that someone suddenly wanted was uploaded somewhere
<jrwren> you'll have to give us a lot more info for help then :)
<Havenstance> downloading would be INBOUND traffic
<Havenstance> Uploading is always outbound
<cuddylier> Havenstance: Never installed any bittorrent client on it.
<jrwren> Havenstance: depends on point of view.
<Havenstance> download=taking in upload = sending out
<jrwren> downloading from that server is sending out.
<jrwren> from that server POV.
<Havenstance> true
<Havenstance> cuddylier, is this chart from the machine itself or from the hosting company?
<cuddylier> The hosting company
<w0rmie> Begin: Running /scripts/init-premount ... done.
<w0rmie> Begin: Mounting root file system ... /init: .: line 249: can't open '/scripts/live'
<w0rmie> [ 12.991289] Kernel panic - not syncing: Attemped to kill init! exitcode=0x00000200
<w0rmie> [ 12.991289]
<Havenstance> cuddylier, could be a DDoS attack, can you have your hosting company change the machine IP?
<w0rmie> any idea?
<jrwren> how could it be DDoS?
<jrwren> the spikes are on outbound on that chart. cuddylier said the server is secure, so its not large file downloads.
<jrwren> if there is no NTP and no DNS, its not likely used in  reflection attack.
<jrwren> it could be ANYTHING.
<Havenstance> I've seen similar charts on my server from DDoS. but it could be something as simple as an update too
<Havenstance> well, no not even on outbound
<Havenstance> basically you need to provide more data then a link to a graph that can't readily be interpreted
<cuddylier> jrwren: Well when I say secure, no one can start a process outside a java process as box is used in my hosting company which allows people to use any jar file.
<jrwren> someone ran a jar that did a bunch of xfer then :p
<TJ-> cuddylier: That graph looks like there's a low inbound  causing a large outbound - resolution isn't great but it looks to me as if the inbound increases roughly in line with the peak in outbound
<TJ-> cuddylier: Have you examined *all* the logs for entries within that time bracket for anything 'unusual' ?
<jrwren> what is this hosts IP?
<cuddylier> TJ- Which log entries exactly?
<TJ-> cuddylier: *all* logs
<cuddylier> I'm not the best with knowing which log is which.
<TJ-> cuddylier: You've got a narrow time boundary (23:30 through 00:10) so you should look at that time period in all logs, especially towards the beginning when it began
<cuddylier> So just /var/logs yeah?
<TJ-> cuddylier: The peak ratio was 28.56 (60.55/2.12) - that might give a clue as to what kind of issue you're dealing with, if it is a reflection attack
<TJ-> cuddylier: Mostly, but as we don't know the precise server config there might be other log locations, especially if it's a Java application server/container (e.g. JBoss or Tomcat)
<cuddylier> I just have normal Oracle java
<cuddylier> Running normal jar files
<cuddylier> Two of my nodes did the same thing at the same time exactly.
<TJ-> cuddylier: what's the application? Maybe it has a flaw that allows reflection or something similar.
<cuddylier> TJ- Usually minecraft server jars.
<cuddylier> Although technically people can use any jar
<cuddylier> That isn't necessarily minecraft.
<cuddylier> So people could technically run booters or bitcoin mine
<cuddylier> But only people who have paid for a server can.
<cuddylier> So I just need a way to find and terminate them.
<TJ-> I could create a similar graph just sending repeated HTTP "GET / HTTP/1.0" requests if the index page is large
<TJ-> cuddylier: Sounds like first thing is to implement some instrumentation, and possibly some bandwidth limiting and alerting
<cuddylier> That's easier said than done however
<TJ-> That's what sysadmins are for :)
<checkit> Hey guys, rookie problem... Internal Server Error when trying to access http://localhost/~user. My userdir.conf file https://gist.github.com/anonymous/9814939 and my vhost file for the site: https://gist.github.com/anonymous/9815001
<sarnold> checkit: I suspect you've got <directory> and <location> confused: http://httpd.apache.org/docs/current/mod/core.html#directory
<sarnold> checkit: there may be more errors, I'm not an apache expert by any stretch..
<checkit> I get the Internal Server Error when I got to http://localhost/~user/public. I do get a directory listing when I just go to http://localhost/~user
<checkit> But the public directory isn't there...
<checkit> I do see it in the filesystem though
<TJ-> checkit: ~user will resolve to /home/$USER/public_html/
<checkit> TJ-: Right.
<TJ-> checkit: So any file-system files/dirs should be under that *and* have permissions allowing access to the user and the httpd daemon, as appropriate
<checkit> That part is all done.
<TJ-> checkit: So anything under ~/public_html/ should show up, unless you've got additional restrictions in-place in the apache configuration
<jbradfield> I'm trying to install 12.04.4 server on a machine behind a firewall, is there a way to get it to stop insisting that I connect to the archive server?
<jbradfield> Like I have the thing completely disconnected from the network and it still finds the adapter, tries to connect, fails, and complains about it and doesn't let me just install from disc
<sarnold> jbradfield: can you tell the installer to skip networking configuration?
<jbradfield> I can't find an option to do so
<jbradfield> even if I run the installer in expert mode there's not even an option to actually do anything installation related until I set up a connect and download installer components
<jbradfield> I figured there had to be another image for fully offline installation but can't find that either
<jbradfield> swear there used to be
<jbradfield>  /j ubuntu
<jbradfield> crap
<qman__> jbradfield: you are correct that it used to work without being online, did you try interrupting the dhcp and then choosing do not configure the network at this time?
<qman__> or unplugging your network cable to achieve a similar effect
<DeltaHeavy> Why isn't FHS followed more strictly? Apache and Nginx's document roots by default should be somewhere in /srv/ if I'm understnading FHS correctly?
<bekks> DeltaHeavy: Because devs decided to not follow FHS at that point.
<jbradfield> I'm trying it again with the cable physically disconnected
<DeltaHeavy> bekks: It feels like it's all software. I've never used /srv/ in my life before just now.
<shauno> I believe it's more an issue that the FHS can't be followed in that particular case.  the FHS defines /srv for this use, but doesn't define any layout below it
<bekks> DeltaHeavy: On Ubuntu?
<DeltaHeavy> bekks: Yep, mind you I was a CentOS/RHEL guy mainly before getting deep into webdev.
<jbradfield> qman_: if I interrupt dhcp it still (somehow) connects the archive server and starts grabbing packages; if I completely unplug the network it asks me to specify the archive server, then complains that it can't find it (obviously) and won't let me continue
<qman__> jbradfield: i mean that it needs to be unplugged before it gets to setting up the network
<bekks> DeltaHeavy: My apologies - to both facts :P
<qman__> jbradfield: what i think is happening is that once the network is configured, regargless of archive access, it assumes it should be online
<jbradfield> I unplugged the machine before turning it on
<qman__> jbradfield: but if the network is never configured to start, it should work offline
<qman__> ok
<jbradfield> it still finds two adapters, neither of which is plugged into anything
<DeltaHeavy> bekks: Hey, nothing wrong with CentOS/RHEL :p
<qman__> jbradfield: i haven't tried with .4 but that used to work from cd
<qman__> jbradfield: however i have seen this when trying to install via usb
<jbradfield> I'm doing the latter
<qman__> usb for some reason refuses to work without a network connection, i never figured out why
<jbradfield> well that's a headache considering only one of these boxes even has an optical drive
<qman__> yeah, it is
<TJ-> qman__: That sounds like an apt 'cdrom' vs 'file' URL  issue for access to the installation media pool
<qman__> despite that it should be simple, lots of things don't work right booting from usb, i keep a usb dvd around because of it
<ilhami> hey
<ilhami> anybody here?
<ilhami> how can I stress test my server?
<checkit> Guys, if I used apache2en userdir how can I disable it?
<qman__> ilhami: 'stress' is a package designed to do that
<ilhami> qman__ haha is it called "stress"?
<TJ-> checkit: "a2dismod"
<Valduare> hi guys - how many physical servers are needed for ubuntu cloud, maas, juju etc
<ilhami> how can I test how many requests per sec my server can handle?
<ilhami> I will use JMeter :D
<jbradfield> guess I'm ordering an external dvd drive and not fixing this until next week
<jbradfield> working from a usb optical drive but not from a usb flash drive is nuts
<TJ-> jbradfield: I'm about to test it here, just completing the ISO download... and going to have dinner
<nxvl> Daviey: ping
<nxvl> Daviey: does the list of packages that the ubuntu server team cares about still exists?
<nxvl> or, where can i find the wiki page on where are the efforts going at this point of the release cycle
<rostam> HI if I want to stop a service and it be persistent through reboot what should I do? for example: isc-dhcp-server ? thx
<TJ-> rostam: Do you mean disable it?
<sarnold> rostam: http://upstart.ubuntu.com/cookbook/#override-files
<rostam> TJ yes disable it.
<rostam> sarnold, thx
<blizzow> How do I manually input DNS servers if I don't put them in /etc/resolv.conf?
<sarnold> blizzow: what are you trying to do?
<blizzow> I changed my server to a static IP (as most servers are), and manually changed /etc/resolv.conf.  Of course the resolv.conf says my changes will be overwritten, but doesn't explain where to manually enter DNS servers.
<sarnold> blizzow: ah. that comes from the resolvconf infrastructure, which might make a lot less sense if you've got a static IP address
<sarnold> blizzow: check out the resolvconf manpage, it ought to explain it all :)
<blizzow> Seems like a good idea to put something in the default resolv.conf file about this...
<sarnold> blizzow: chances are good you'll just apt-get purge resolvconf -- but read about it first and decide if that's the right approach :)
<blizzow> Yeah, even putting "man resolvconf bro" in the default resolv.conf or "ohai, go add a dns-nameservers line to your /etc/network/interfaces file would be nice.
<sarnold> lol
<sarnold> agreed
#ubuntu-server 2014-03-28
<Phibs> how do I remove all partitions/LVM information during a preseed install ?
<bekks> Phibs: by wiping the disk before installing.
<sarnold> there's no setting for it? o_o
<bekks> either wipe the disk or define the layout you want to have.
<sarnold> Phibs: B.4.7 looks useful: https://www.debian.org/releases/stable/amd64/apbs04.html.en
<bekks> thats the latter, yes.
<Phibs> sarnold: thanks
<Phibs> yeah, where in the preseed would i wipe
<sarnold> Phibs: there is a preseed/early_command that might also work: https://www.debian.org/releases/stable/amd64/apbs05.html.en
<Phibs> thanks
<Phibs> for some reason it keeps asking me what disk to use
<Phibs> when I specifically told it ;0
<Phibs> http://p.bsd-unix.net/pfymj9hbe
<Phibs> unless any of htat is wrong
<nbastin> is there a server ISO somewhere that has a fix for https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1244176 ?
<uvirtbot> Launchpad bug 1244176 in linux "Server 13.10 Install Fails with USB Keyboard (Appears to Hang)" [High,Fix released]
<Phibs> anyone know why it is still asking me about partitioning: http://p.bsd-unix.net/pfymj9hbe
<keee> i cannot connecte saucy to internet, no line for eth0 on 70-persistent-net.rules
<keee> any idea?
<sarnold> keee: check ifconfig -a to see if the interface is there; if not, check dmesg, see if you can find a module that might be needed to support the NIC
<keee> no ethernet entry in ifconfig -a
<keee> wait
<keee> r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
<keee> r8169 can't disable ASPM: OS doesn't have ASPM control
<keee> r8169 irq 44 for MSI/MSI-X
<keee> r8169 eth0: RTL8168evl/8111evl at 0xffffc90001830000, 90:b1:1c:a4:25:8d, XID 0c900800 IRQ 44
<keee> r8169 eth0: jumbo features [frames: 9200 bytes, tx checksumming ko]
<keee> in ther persistent-rules it doesn't show up
<caribou> jamespage: I'm looking at the ssh_authorized_keys_b64 issue that ivoks & julian pinged you about a while ago
<jamespage> caribou, ok
<caribou> jamespage: the workaround they used was to force user=nova in the call?
<jamespage> caribou, I have no idea - I can't see how that would help
<jamespage> caribou, I think it needs a re-think on how the known hosts and ssh keys are passed around
<jamespage> currently its a single attribute for each one of the relation
<jamespage> quite possibly the fix is to move to a attribute for each host - one for its signature and the other for its key
<jamespage> and then each compute host can aggregate those locally
<jamespage> known_hosts_compute1=XXX
<jamespage> public_key_compute1=XXX
<jamespage> that should limit the size of the data being passed on the command line as each call can be made individually
<caribou> jamespage: not sure how doing this will reduce the size of the known_hosts/authorized_keys if it is passed as an argument to relation_set
<caribou> jamespage: but I'm still working at making sense of the charm...
<jamespage> caribou, don't pass the whole file, pass fragments for each host that needs to be in it - and assemble the file on the client (nova-compute in this case)
<jamespage> zul, https://code.launchpad.net/~james-page/neutron/vpn-fwaas-fixes/+merge/213221 when you start :-)
<jamespage> zul, cr**p - I managed to push that direct to the branch - can you check it out? if its foobar I'll revert
<caribou> jamespage: pardon my ignorance but I thought that compute nodes needed to be aware of all compute nodes for live migration
<jamespage> caribou, yes - each compute node passes its key to nova-cloud-controller, and the nova-cloud-controller distributes the keys and known_hosts to all other compute nodes
<jamespage> caribou, right now that last bit is done as a single file base64 encoded
<jamespage> which at 80 hosts breaks
<caribou> jamespage: ah, ok I get it, thanks for the details
<jamespage> yolanda, thats for the grizzly nova.conf right? thats broken I think
<jamespage> it should look like the one inthe havana conf
<yolanda> jamespage, yes, for grizzly
<yolanda> ok, should use same keys
<yolanda> database_xxx
<jamespage> yolanda, fixed
<yolanda> thx
<zul> jamespage:  i havent started yet but it looks fine
<zul> jamespage:  https://code.launchpad.net/~zulcss/keystone/2014.1.rc1/+merge/213247
<jamespage> zul, not sure the logrotate change is quite right - just checking
<zul> jamespage:  im just adding the FFE bug number to the changelog
<jamespage> zul, great
<jamespage> zul http://paste.ubuntu.com/7168216/
<zul> jamespage:  okies
<zul> jamespage:  updated
<jamespage> zul, looking
<jamespage> zul, one niggle but +1 aside from that
<zul> im pretty sure i spelled upstream right
<zul> :)
<jamespage> zul, tabs/spaces in logrotate
<zul> done
<jamespage> zul, +1
<zul> jamespage:  just uploaded new oslo.messaging as well
<jamespage> \o/
<jamespage> zul, use coreycb as well - don't do them all yourself :-)
<zul> jamespage:  so cinder should be ok as well
<zul> jamespage:  oh i know..he will be doing the brunt of them soon enough
<jamespage> zul, other than mongodb CA staging now in sync
<coreycb> zul, jamespage: hey guys, I'm keeping an eye out for glance, nova and ceilometer today.  haven't seen that they're released yet.
<jamespage> coreycb, +1 nice one
<jamespage> zul, oh - do you want me todo horizon? I have a fixed ubuntu theme as well
<zul> jamespage:  yes please
 * jamespage had parked that from last week
 * zul hates doing horizon
<zul> ok keystone done
<sander^work> pmatulis, I found create_table.sq for phpmyadmin inside /usr/share/doc/phpmyadmin/examples/ packed as a gz file. Thanks for pointing out the forum link!.
<zul> Daviey:  oslo.messaging is in depwait because of python-oslotest
<Daviey> zul: looking
<zul> Daviey: https://launchpadlibrarian.net/171037159/buildlog_ubuntu-trusty-i386.oslo.messaging_1.3.0~a9-0ubuntu1_MANUALDEPWAIT.txt.gz
<Daviey> zul: promoted p-oslotest, once it's published you should be good
<zul> Daviey:  thanks
<pmatulis> sander^work: nicely done
<Daviey> smoser: What did you think about the distro-info idea?
<zul> jamespage/coreycb: https://code.launchpad.net/~zulcss/cinder/2014.1.rc1/+merge/213268
<sander^work> pmatulis, when I log into phpmyadmin.. I now see one "ok" under pmadb.. but all the others I pasted yesterday is "not ok".
<pmatulis> sander^work: dunno, better ask the PMA guys
<smoser> Daviey, distro-info? context ?
<Daviey> smoser: The comment I added to curtin FFe?
<Daviey> Storing KERNEL_VERSIONS outside of curtin?
<smoser> oh. i'm sorry. i didn't see it. i agree that the table there sucks
<smoser> Daviey, i think that such information woudl be good to store somewhere and disro-info is source of similar data.
<smoser> i don't think at this point i'd want to try to shove it in elsewhere, though.
<smoser> do you?
<sander^work> pmatulis, Where is those?
<sander^work> ah. in #phpmyadmin
<Daviey> smoser: Yeah, i agree.
<pmatulis> sander^work: in #phpmyadmin or forums or mailing lists
<sander^work> none is responding there.
<Daviey> smoser: Have you thought about how to update it in a timely manner as SRU?
<Daviey> ie, it needs to be co-ordinated, right?
<smoser> well, only kinda-sorta
<smoser> the fallback is "do nothing"
<smoser> and that will work fine for 14.10, 15.04, and 15.10 and even 16.04
<smoser> the place it fails is hwe kernels.
<smoser> so yeah, the package would have to be updated to address that.
<smoser> but the user can in their maas update that.
<smoser> ie, they can provide config. so its not *terrible*
<smoser> and we can actually release the update as soon as the kernel version for a given release is known.
<smoser> ie, as soon as kernel team says "we're using 3.15 for 14.10" we can push that curtin update.
<smoser> the update doesn't actually *have* to happen until the hwe-u kernel for 14.04 is available.
<Daviey> smoser: true, ok - cool
<sarthor> Hello, using linux mint 16 32bit, Everything was working fine, since yesterday my chrome goes black, and nothing visible, where no problem with mozilla. How to fix my chrome. Please help  to guide.
<sarthor> right one https://chromium.googlecode.com/issues/attachment?aid=1404810051000&name=chrome_black_nvidia_optimus_bug.png&token=QV2La405oXsDP0bIU2QofBsmhO8%3A1396017033249&inline=1
<cfhowlett> !mint|sarthor, not supported here
<ubottu> sarthor, not supported here: Linux Mint is not a supported derivative of Ubuntu. Please seek support in #linuxmint-help on irc.spotchat.org
<sarthor> ubottu: Ohh. i was writing there in mint chan, but after the channel ubuntu-server logged in, cursor automatically came here. Sorry.
<ubottu> sarthor: I am only a bot, please don't think I'm intelligent :)
<sarthor> hehe. I am having locked mind, so how can i think.
<patdk-wk> explains a lot
<RoyK> any idea how I can find how much memory the whole of apache processes are *actually* using? Adding the ps axv col 8 numbers doesn't make sense since a lot is shared during forking
<DeltaHeavy> RoyK: Run 'htop' on your server. If it's not installed install it or alternativly just run 'top'. I think you can also run 'ps -aux | grep -i apache | grep -v grep'
<DeltaHeavy> There will be multiple processes, you'll need to add them al up.
<DeltaHeavy> Oh wait you already said you used 'ps'. I'm pretty sure you still add them all up. Each of those processes can have multiple workers in them still.
<RoyK> no, using prefork with php
<RoyK> not worker
<RoyK> but if process x allocates 100MB and writes to it and then fork()s, the data won't be copied until it's written to, but still, both processes with show up in ps (or top or htop or...) with the same amount of "allocated" memory
<DeltaHeavy> Regardless, what 'ps' is giving you is all the memory being used by Apache. If you're expecting a different result I'd look at your Apache configuration before 'ps' or 'top'
<RoyK> what?
 * RoyK gives up
<DeltaHeavy> What 'ps' is giving you is what's being used.
<DeltaHeavy> RoyK: "Prefork MPM uses multiple child processes with one thread each and each process handles one connection at a time." - http://stackoverflow.com/questions/13883646/apache-prefork-vs-worker-mpm
<RoyK> I know
<DeltaHeavy> RoyK: So yeah, you're going to see a bunch of threads for Apache in prefork mode, and it's not surprizing at all that they all have the same amoutn of allocated memory. What's the problem here exactly?
<DeltaHeavy> Each thread needs it's own allocated amount of memory.
<RoyK> it doesn't work like that. read what I wrote above
<DeltaHeavy> By process 'x' do you mean the parent Apache process or it's children worker threads?
<DeltaHeavy> Not worker, but children threads*
<RoyK> no threads, child processes
<RoyK> I mean any process. if a process allocates xMB memory and forks, very little new memory is used, but both are reportedly using the same amount of memory
<DeltaHeavy> When Apache makes child processes in prefork mode , those child proceses have everything that's needed to serve up a request. They're going to be the same size most of the time, if not all the time. Theo only process that'll have a different amoutn of memory maybe is the parent Apache process. It sounds like it's working as it should.
<DeltaHeavy> You can try asking in #httpd, but I think they'll tell you the same thing.
<RoyK> heh - no, they won't
<RoyK> the thing is, a lot is shared
<RoyK> and adding up the memory "used" by the apache processes (and other processes) gives me a number twice the total amount of memory actually allocated
<DeltaHeavy> Maybe I'm wrong but that's how I remember it. I used used to be pretty through and through solid in Apache but I'm using Nginx these days.
<RoyK> hence the initial question
<DeltaHeavy> If anything's wrong it's you Apache conf I'd think
<RoyK> and this is not an apache question, it's about anything that forks
 * RoyK really gives up
<tcstar> I am running ubuntu 12.04 on 4 web servers with a lot of different websites on them...  What are the best practices in mirroring a server, not just the files but the virtual host configurations as well, if any?
<DeltaHeavy> tcollins: Are there 4, individual web servers, or are you using vhosts? Nginx? Apache?
<rbasak> tcstar: step by step, first I'd switch to managing virtual host configurations with a configuration management tool
<tcstar> All are running Apache...  @rbasak I didn't know of any config management tools I could install so I've been doing it all manually
<tcstar> I did create a bash script to create the configuration file, the folder, and set the right permissions though...  don't have any of the FTP stuff as I deploy using git so no user accounts per website either
<DeltaHeavy> FTP shouldn't be used even if you're not using git IMO. SFTP/FTPS if you are going to go that sort of route.
<tcstar> yeah, by ftp i mean i have no ftp server installed ( i'm guessing that includes ftps - but since that's ftp over ssh i could be wrong )
<DeltaHeavy> SFTP is FTP via SSH. FTPS is FTP via SSL.
<zul> smb: ping where is it again?
<smb> zul, Either in my ppa or on chinstrap...
<zul> smb:  cool thanks
<zul> smb:  uploaded
<Phibs> does anyone here use preseed, have an issue where it won't stop asking me about disk config even though I told it whole disk, sda
<Phibs> with precise
<DeltaHeavy> Hey, anybody know why these lines added to '/etc/ssh/sshd_config' make it so SSH refuses all connections? http://paste.ubuntu.com/7169485/
<DeltaHeavy> I'm on 12.04
<TJ-> DeltaHeavy: Have they broken the config such that the sshd hasn't started?
<DeltaHeavy> TJ-: It seems to start fine, let me double check though.
<DeltaHeavy> TJ-: When I restart the service it seems to be fine, but 'service ssh status' returns this - ssh stop/waiting
<DeltaHeavy> When those lines aren't there it's - ssh start/running, process 26306
<TJ-> DeltaHeavy: I think you're breaking the config so sshd fails. Check the log-files.
<TJ-> DeltaHeavy: "man sshd" ... "sshd -T" == test mode
<DeltaHeavy> I know about man pages but I do'nt really think they're the best resource for this. I'll look into sshd -T though
<TJ-> DeltaHeavy: My first stop is the man pages; that's how I just got "-T" for you
<DeltaHeavy> TJ-: Ah, thanks :p thought you were telling me to RTFM
<DeltaHeavy> 'sshd -T' returns "/etc/ssh/sshd_config line 93: Directive 'UsePAM' is not allowed within a Match block". These are the last 9 lines (sans comments) of my sshd_conf - http://paste.ubuntu.com/7169570/
<TJ-> DeltaHeavy: I was! Like I said, it's my first step whenever I'm not sure - most daemons with complex configuration syntaxes have a 'test' option
<TJ-> DeltaHeavy: there you go :)
<DeltaHeavy> Can probalby figure it out from here
<DeltaHeavy> True, often I'l lbe told to RTFM when it really doesn't make sense so I'm kind of weary when people suggest man pages lol. But yeah, that was a good case.
<TJ-> DeltaHeavy: I think the applicable lines (from "man sshd_config"!) are "Match ... until either another Match line or the end of the file...."
<DeltaHeavy> Damn, guess it really does need to be at the end of the file. Thanks, Ill try that now
<DeltaHeavy> Yep, it worked
<DeltaHeavy> Thanks!
<TJ-> :) Thank the man-pages ;P
<DeltaHeavy> lol
<rbasak> zul: do you mind sponsoring https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1298273 for me please? Turns out I can't upload apache2 to precise (though I can to trusty).
<uvirtbot> Launchpad bug 1298273 in apache2 "apache2 doesn't compare SNI hostname against Host header case-insensitively" [Undecided,New]
<rbasak> I've tested everything and it's good to go.
<zul> rbasak: sure
<zul> rbasak:  done
<DeltaHeavy> So, I have a user with restricted SSH access as to only allow SFTP. I have it set up in '/home/sublime/' with a symlink to '/srv/nginx/'. The user 'sublime' is a part of the group 'sftp' and the premissions on /srv/nginx/ are recersivly owned by 'matt' and the group 'sftp' as I want the user 'sublime' and anybody else belonging to the 'sftp' group to be able to read and write to any file in there. I have some folders/files that need
<DeltaHeavy> to be a part of the 'www-data' group so some applications ran by the web server can write data to caches and all that. How do I allow some folders to be read and writable to only the owner, and BOTH of the groups 'sftp' and 'www-data'?
<DeltaHeavy> I'm on 12.04
<TJ-> DeltaHeavy: "man 5 acl" You'll need Access Control Lists, using {set,get}facl
<DeltaHeavy> Ok, thanks. Was hoping I could do this without acl.
<TJ-> DeltaHeavy: I can't think of how, unless you add the www-data user to the sftp group, but that might have unexpected side-effects
<DeltaHeavy> Yeah, I think I might just make it so users in the sftp group just won't be able to read/write any files belonging to www-data. Maybe in the future I'll need to fix that but I doubt it as it's just cache files right now.
<lordievader> Good evening.
<DeltaHeavy> Is it best to put mounts like these in fstab: mount /out/side /chroot/point_to_outside -o bind
<DeltaHeavy> Basically to escape a chroot jail
 * RoyK mutters something about *real* virtualisation
<stgraber> DeltaHeavy: or you can just access the outside through /proc/1/root
<DeltaHeavy> stgraber: But they're chrooted. How can they access /proc/ ?
<stgraber> so you don't have /proc mounted in your chroot?
<DeltaHeavy> No, why would I do that?
<stgraber> well, depends on the service, but it's not entirely unheard of for stuff to access /proc/self or /dev/fd and similar which will fail if you don't. Though if it's the service itself doing the chroot call, then the author probably made sure that won't be the case.
<DeltaHeavy> stgraber: I'm doing this to limit what a user logging in via SFTP will be able to do.
<sarnold> do not confuse chroot with a security mechanism.
<DeltaHeavy> Really it's for connections made by my IDE that stores my password in plain text. It was using the main account before so I made an SFTP only account.
<DeltaHeavy> sarnold: Am I doing something wrong?
<sarnold> DeltaHeavy: chroot may be a convenient-ish way to try to reduce the scope of a program run amok, but chroot only changes filesystem's "root". the process can still do dbus things or ptrace things or shared memory things or whatever else to "escape" the chroot
<DeltaHeavy> sarnold: Yeah, anybody looking into the chroot won't have shell access, they're only able to log in via SFTP.
<DeltaHeavy> The chroot ensures they're only browsing the files I think they're browsing.
<sarnold> DeltaHeavy: fair enough, openssh folks have probably put effort into that. :)
<RoyK> DeltaHeavy: well, what if that php script or something had an exploit? (;
<DeltaHeavy> RoyK: Yep, that's one thing they could do.
<RoyK> best way to secure a server is always the simple way
<DeltaHeavy> So what are you suggesting?
<RoyK> turn it off and lower it into the mariana trench
<DeltaHeavy> lol
<RoyK> quite secure
<DeltaHeavy> Yeah, can't ensure anything will be 100% secure. The gaping security hole I was trying to fix was a bunch of JSON files littered around my filesystem on my local Windows (ew) computer, that had my password in plain text
<DeltaHeavy> A password for an account with full sudo privileges.
<DeltaHeavy> Usually I don't even use SFTP anyway but for some projects I do.
<RoyK> DeltaHeavy: sounds very secure indeed!
<DeltaHeavy> Now all they can do is fuck up what I mount inside that chroot, so =/
<RoyK> DeltaHeavy: why not kvm virt or something?
<DeltaHeavy> Also, back to my original question. Would a bunch of lines like this under a descriptive comment in my /etc/fstab be the best way to allow people in that chroot to access the data in a web server's document root? - /srv/nginx/silvercreekit.com    /home/sublime/silvercreekit.com auto    bind    0   0
<DeltaHeavy> RoyK: How would a VM solve anything?
<RoyK> DeltaHeavy: it'll separate things better
<DeltaHeavy> They're editing the same things though :p
<RoyK> different kernel, different system
<DeltaHeavy> This is already a VM
<DeltaHeavy> It's a VPS
<RoyK> it won't help much for whatever's on the web
<RoyK> ah - ok
<DeltaHeavy> I'm basically just trying to make it so if somebody finds my password that's littered all over my desktop PC they can fuck up as little as possible
 * RoyK generally uses his own physical machines for VMs
<DeltaHeavy> Being the projects I specifically use SFTP for.
<RoyK> sftp/scp/sshfs is generally secure
<DeltaHeavy> Eh, using your own machines for web hosting specifically ain't the greatest idea.
<RoyK> DeltaHeavy: not hosting anything but my own stuff
<DeltaHeavy> Yeah, I usually use 'git' though.
<DeltaHeavy> Yeah, that's a good solution then.
<DeltaHeavy> So again, is this in my /etc/fstab a good or a bad idea? - /srv/nginx/silvercreekit.com    /home/sublime/silvercreekit.com auto    bind    0   0
<sarnold> DeltaHeavy: why not use ssh keys? :)
<DeltaHeavy> sarnold: The plugin for Sublime Text doesn't allow that...and I'm on Windows
<sarnold> DeltaHeavy: aww. :/
<DeltaHeavy> Don't feel like dropping $3'000 on a Mac right now.
<tasslehoff> Is it common sense to stay on LTS for a server?
<sarnold> tasslehoff: it's quite popular, yes; people don't want to have to upgrade their servers every six or seven months
<sarnold> tasslehoff: most people just want to set something up, set up some monitoring and backups, and then leave it alone for two or three years -- and either consider upgrading to the next LTS or skip an LTS release, depending upon what makes most sense
<tasslehoff> sarnold: I'm a trigger happy upgrader, but I've managed to keep my server at 12.04. Now I am pondering how to get a newer version of Plex :)
<tasslehoff> I guess waiting for 14.04 release and add a couple of weeks is the smart thing to do
<sarnold> tasslehoff: hrm, I don't immediately spot plex in our archives
<sarnold> tasslehoff: you may be able to upgrade plex separate from the rest of the system
<tasslehoff> sarnold: I have a ppa, but it hasn't gotten any updates lately
<sarnold> tasslehoff: on th eother hand, if you have fun upgrading and like fiddling with things, that does make you an ideal candidate for upgrading to 14.04 before release, and filing bugs along the way >:->
<tasslehoff> sarnold: perhaps. I'll wait until tomorrow, when the whiskey is not doing the talking ;)
<sarnold> tasslehoff: (honestly though, up to you, do whatever you like.. :)
<sarnold> good plan :)
<rbasak> zul: thanks!
<Phibs> installing precise LTS, I'm setting the gateway but it is not adding it to /etc/network/interfaces, anyone know why?
<Phibs> it adds the ip/netmask/mac....
<Phibs> d-i netcfg/get_gateway string 10.119.226.97
<sarnold> hrm, looks just like the example from http://d-i.alioth.debian.org/manual/example-preseed.txt
<Phibs> lol @ the 375 worthless people in here
#ubuntu-server 2014-03-29
<gdi2k> not a ubuntu question at all, but it is about servers, so maybe someone good advice: I want to buy a decent Intel dual-port NICs, and I see a lot of HP branded ones that are supposed to be for specific HP server platforms. Will these work in a generic server box, or are they somehow restricted to HP gear?
<gdi2k> example: http://www.ebay.com/itm/HP-NC360T-PCI-E-Dual-Port-Intel-Gigabit-Ethernet-NIC-412648-B21-412651-001-Clean-/181362132661?pt=US_Internal_Network_Cards&hash=item2a3a0686b5
<pleia2> it'll work fine, HP has a pretty big networking division these days (bought some networkingy companies)
<pleia2> sells NICs, switches, etc
<gdi2k> pleia2, excellent, thank you
<pleia2> sure thing
<lordievader> Good morning.
<rabbel> Hey guys... I'm wondering if someone of you managed to do an automated install with USB stick..
<rabbel> Because I didn't :)
<lordievader> My /run is full. This is probably due to atop consuming ~400M on there. Can I simply remove the atop folder?
<lordievader> In other words do programs expect data that is in /run to be there the next time they start?
<lordievader> Ah debian bug #650222 is the problem.
<uvirtbot> Debian bug 650222 in atop "atop: fills up /var/run" [Important,Open] http://bugs.debian.org/650222
<Yud_Zroc> so is there a way to remotly connect to an ubuntu server from a windows client (Example user A is running windows 7, the server being ubuntu server 12.04)
<Yud_Zroc> Preferably to manage it, not to just use FTP, or git/svn. The area where it will be set up will have no access to a mouse/keyboard/monitor
<ikonia> just use ssh
<Yud_Zroc> from what? cmd?
<ikonia> any ssh client you want
<Yud_Zroc> Ok, so ssh client must me installed on my windows machine to access it?
<ikonia> yes
<Yud_Zroc> got it, thankyou for pointing me in the right direction
<rakesh__> hey i deleted the www folder as apache was not properly installed .now on installing apache (which system says is already installed) www folder does not show up.wat to do???
<peyam> hi
<peyam> I have a ubuntu server on my old computer
<peyam> and I Want to put files there from my other computers
<peyam> how do I do it? i already have installed vsftpd
<teward> is there any step-by-step guide for setting up an email server complete with IMAP and SMTP?
<peyam> hi again guys
<peyam> I dcan log in to my ftp server
<peyam> cant*
<teward> peyam, i'm curious, why don't you just put SSH on your computer you're running ubuntu server on, then use the built-in SFTP?
<teward> rather than set up a completely new FTP setup for it
<teward> (you'll need an sftp client, but there's a ton of those that work)
<peyam> teward, All im trying to di is to make a server and put movies in it so I can watch movies in other rooms
<peyam> so I see a page that says "it works"
<peyam> but its all and I dounno how to add files to it and see them there
<teward> i think what you want is a media server kinda setup
<peyam> yes
<peyam> how do I fix it
<peyam> hi
<peyam> I have made a home server
<peyam> I made a ftp server
<peyam> now i want to know how my local users can see the content of the files uploaded to ftp. all I can see is the "IT WORKS" on my server page
<karantzis> hi! is this the right place to ask some DNS questions?
<RoyK> karantzis: it's the right place to ask ubuntu questiosn ;)
<RoyK> karantzis: it's the right place to ask ubuntu questions ;)
<RoyK> !ask | karantzis
<ubottu> karantzis: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<karantzis> ok, here goes: 'im having an ubuntu server with domain example.com and would like to have it point subdomain.example.com to a different machine. How can one go implementing that?
<karantzis> RoyK: using ubuntu server 12.04
<RoyK> google bind delegation
<RoyK> if youÂ§re using bind, that is
<karantzis> yes, i am. Thanks for the pointer RoyK
<omrib> I'm having the weirdest problem with libvirt 1.1.1 from cloud-archive:havana repository. pip install libvirt-python==1.2.2 fails because /usr/bin/ld: cannot find -lvirt-lxc: https://travis-ci.org/omribahumi/libvirt_metadata_api/builds/21847716
<omrib> libvirt-python assumes libvirt lxc support is compiled in if libvirt version is >1.0.2. Is this assumption wrong, or is the libvirt-dev package broken?
#ubuntu-server 2014-03-30
<kafka> question, I am working at a place that uses a shared file system and therefor there's 1 server which they install all the apps on and the rest of the workstations are running it from the server. each user has a homedir with a small quota, Also the server has eclipse installed on it so every time a user is running eclipse from his workstation, eclipse is using quota space to store osgi/bundles and that maxes out the quota, now my question, is there any w
<kafka> config eclipse to use a fixed location for those osgi/bundles?
<kafka> so it wont have to deploy those osgi/bundles locally for each user's homedir?
<vegnt> I have a server at home on which i host a website with some domain, i also have two internet connections from two internet providers. How can I use the second connection as a backup so that when the first one is unavailbe, my website will still be reachable through the domain?
<bekks> you have to switch the dns entry from the first to the second provider. that will be an issue.
<vegnt> is it possible to have two A-records
<vegnt> one for each gateway
<TJ-> vegnt: Did you see my suggestion for a load-balancing proxy outside your network?
<vegn> TJ-, yes thanks
<vegn> I need to read what that means exactly
<vegn> if round robin dns with multiple a-records counts as load balancing
<vegn> then i think that will work
<bekks> It wont.
<bekks> Because round-robin implies, that the failed connection will still be used. you have to disable the failing entry. Round robin doesnt help you at all at that point.
<teward> sarnold: ping.
<Joe_knock> Hello there
<RoyK> hi
<Joe_knock> RoyK: What would you recommend I use to create a full backup of my Ubuntu VPS?
<Joe_knock> By backup I mean create a type of backup that I can download and restore elsewhere. I want to DL the backup to my local ubuntu machine
<RoyK> Joe_knock: I beleive deja dup is rather good
<Joe_knock> Will I still need to do an SQL dump even with a backup solution? RoyK
<lordievader> I use dirvish here myself.
<RoyK> Joe_knock: depends on the DBMS used
<RoyK> Joe_knock: which one do you use?
<Joe_knock> RoyK: MySQL
<RoyK> then make regular dumps
<Joe_knock> lordievader: But will the process I explained work with dirvish?
<RoyK> mysqldump --all-databases | gzip -c > mydump.sql.gz
<RoyK> or perhaps a separate dump per database for easier restore
<Joe_knock> RoyK: The server itself hasn't been used in a while, which is why I want to backup everything and cancel use.
<RoyK> then just make a dump of the database(s) and back it up
<RoyK> Joe_knock: even rsync will do it
<Joe_knock> Will I require another piece of software to DL whatever I've backed up?
<RoyK> Joe_knock: rsync -avPAHX yourserver:/ /place/to/put/it
<RoyK> Joe_knock: rsync -avPAHX root@yourserver:/ /place/to/put/it
<RoyK> make sure to enable ssh root login first if it's not enabled
<lordievader> Joe_knock: dirvish is a wrapper around rsync, if your server has ssh you can transfer the backup data.
<Joe_knock> RoyK: By using that command above, I will be able to take the remote file and put it on my local machine?
<Joe_knock> interesting, lordievader.
<RoyK> Joe_knock: the command above is for transferring the entire filesystem(s) from your server to your local machine
<RoyK> as it is or as they are
<Joe_knock> RoyK: I've read that I must avoid certain directories when doing a backup. Directories like /dev make it difficult to restore
<lordievader> Joe_knock: This is a nice guide on it: http://wiki.edseek.com/howto:dirvish
<RoyK> Joe_knock: then
<RoyK> Joe_knock: rsync -avPAHX --exclude=/dev --exclude=/proc --exclude=/sys root@yourserver:/ /place/to/put/it
<RoyK> should do it
<Joe_knock> RoyK: Based on what you've said, would my best solution be to: do an SQL dump first of the database(s) and then run the command you've given above so that all files and the SQL DB are backed up properly?
<RoyK> Joe_knock: the command above transfers the entire system - not just the database dumps
<RoyK> Joe_knock: if you only need the database(s), just copy the dump files
<Joe_knock> oh okay, So I can store the dump files on the remote server and they will be backed up onto my local machine too? I was thinking I would first DL the dump files separately and then run the command above for all other files
<Joe_knock> RoyK: ^^
<RoyK> Joe_knock: erm - do you want to backup the whole server, or just the databases?
<Joe_knock> Everything, but I want dump files for MySQL so that I can restore it properly
<Joe_knock> Everything except /dev, /proc, /sys
<RoyK> then dump the database somewhere
<RoyK> and rsync the lot
<RoyK> that'll include the dump files, obviously
<Joe_knock> Thanks RoyK, that is what I will do. Your help is much appreciated
<RoyK> np
<ahmadgbg> Hi, im using Ubuntu server and i have setup my web server with apache, webmin and virtualmin. What is the best way to get a email like info@domain.com to send and recieve?
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<ahmadgbg> so what is the best and simplest way to run a web server?
<ahmadgbg> i found that webmin is very easy thats why i used it
<ahmadgbg> and also how can i fix so i cant have an email for my domains (i have three)
<RoyK> ahmadgbg: apt-get install apache2
<RoyK> then configure it
<RoyK> it's not that hard
<ahmadgbg> Royk: i already have it
<RoyK> just learn the commandline basics
<RoyK> but don't use webmin
<ahmadgbg> Royk: the website is up and running, but i have a problem with the mail
<RoyK> then configure postfix or exim or whatever MTA you're using
<ahmadgbg> MTA?
<ahmadgbg> ye i have postfix
<ntz_> hi! i have 2 different physical servers both with virtualmin installed. server1 has DNS for domain.tld and managed to make it point to server2 for subdomain.domain.tld (external IP of server2) but now i want to have sub.subdomain.domain.tld public_html files also being on server2. how does one go for something like that?
<RoyK> ntz_: if subdomain.asdf.tld is delegated, all subdomains are too
<ntz_> RoyK: they are. but where do i define/create the sub.subdomain.asdf.tld? on server1 or server2 machine?
<RoyK> in the zone file? or apache config? I don't quite get it
<ntz_> oh, wanst aware you could do it on either. i would say go with the zone file
<ntz_> so which machine's zone file should i edit?
<TJ-> ntz_: if you have delegated the subdomain from server1 to server2, so that server2's DNS is the SOA for it, then server2 would generally be the one to host an additional subdomain zone file
<ntz_> TJ-: how can i be 100% sure this is the case?
<ntz_> i mean that i have correctly delegated the subdomain from server1 to server2
<TJ-> see what the NS records are for the sub-domain
<TJ-> ntz_: "dig -t NS sub.domain.tld"
<ntz_> TJ-: ;; ANSWER SECTION: subdomain.asdf.tld. 38400 IN NS      server1.
<ntz_> does that mean it's not delegated?
<TJ-> ntz_: Looks that way; depends where you are querying from and what the TTL on domain.tld is, of course.
<ntz_> i run the command from server1
<ntz_> not delegated, huh?
<xperia> hi. small question. what is the best filesystem for storing a unlimited amount of files with ubuntu? with ext4 it looks like there is a limited amount of files that can be stored in ubuntu. myself i want create hundreds of billions small files for a test project and i don't think ext4 will serve me!
<andol> xperia: Well, I doubt you can find any filesystem which allows you to store and unlimited amount of files.
<andol> xperia: That aid, ZFS is supposed to be able to handle 2^48 files and Btrfs is supposed to handle 2^64 files.
<xperia> andol: thanks a lot for the reply! will look into it. have read that raiserfs should provide the possibility to store a unlimited amount of files. could this be true?
<andol> xperia: Realize what a large number 2^48 is, not to mention 2^64?
<xperia> andol: yeah it is huge 2^64 => 18'446'744'073'709'551'616 i have heard that btrfs however is not really stable. one person i know tryed to use btrfs but he changed back. problem however could be maybe that he tried to use it on a raid array...
<Joe_knock> When I run this command: mysqldump --all-databases | gzip -c > mydump.sql.gz Where will my sqldump appear?
<xperia> Joe_knock: where you execute the command
<Joe_knock> so if I ls, I will see it in the place I execute it? xperia
<xperia> yes
<lordievader> Joe_knock: pwd also shows you the current working directory.
<Joe_knock> I guess it makes sense to store my SQL dump in a specific folder though
<xperia> Joe: in this case use the full path you like as a exmple: mysqldump --all-databases | gzip -c > /tmp/mydump.sql.gz
<faiss> i have a problem to install realtek ethernet NIC seeking r8169 driver
<faiss> i get the message: INSTALL /home/fai/Downloads/r8169-6.018.00/src/r8169.ko
<faiss> Can't read private key
<faiss>   DEPMOD  3.11.0-18-generic
<faiss> what should i do about?
<PryMar56> faiss, have you installed firmware-realtek?
<faiss> i dont think so, how should i do?
<PryMar56> faiss, not sure about ubtuntu, but on Wheezy this package solved all realtek driver issues
<faiss> whats the package name? let us check it on apt
<PryMar56> apt-cache search firmware | grep real
<faiss> i think it gonna work :p
<faiss> i forgot about
<faiss> but i think its apt-file no?
<PryMar56> faiss, firmware-realtek is not found on ubuntu-server 12.04
<faiss> no it works fine on 12.04 but not in 13.10
<faiss> i just upgraded to 13.10, since that time i have the problem
<xperia> faiss: what does => lsmod | grep r816 return ?
<faiss> xperia, it returns the "r8169     0" but after a simple reboot it returns nothing
<xperia> hmmmm looks like you had loaded it somehow ... try
<xperia> rmmod r8169
<xperia> modprobe -r r8169
<xperia> lsmod | grep r816
<xperia> what does it output ?
<faiss> xperia, returns nothing
<faiss> i'll test an other release 014 instead of 018 and i'll retest
<xperia> so module could be not loaded then. some people report that this is actually not reall the right driver for the network card. can you post the output of this command here
<xperia> lspci -v
<faiss> done. ----> http://paste.debian.net/plain/90652
<xperia> okay let me check this here => Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 07)
<xperia> faiss: yeah 8169 looks like is wrong! you need => r8168 ...
<xperia> try this howto here => http://ubuntuforums.org/showthread.php?t=2204946
<faiss> even with r8168 i got the same problem, so i tried with r8169 because it worked for a friend with the same model of computer
<faiss> i'll follow the howto again, and i'll retest
<faiss> thank you xperia :)
<xperia> faiss: check also this here => http://ubuntuforums.org/showthread.php?t=2201556
<xperia> has much more infos in case you still have problems.
<xperia> with the module driver r8168 it should works
<xperia> is it normal to wait 2 Hours for resizing a SSD Partition from 500 GB to 125 GB. Don't understand why resizing a SSD Partition takes that much long and is still not finished.
<faiss> xperia, ifconfig -a shows p3p2 but no way to connect
<Patrickdk> xperia, what did you expect?
<faiss> and no rules on /udev/rules.d/ for p3p2
<xperia> Patrickdk: Hmmm other Harddrives takes normally 1 Hour and the Job is done but maybe i don't remember anymore right.
<xperia> faiss: what for a module is loaded when you do lspci -v it should ouptu something like "Kernel driver in use: ..."
<Patrickdk> well, it depends on the size of the file
<Patrickdk> if it's all large files, an hour
<Patrickdk> if it's all tiny files, it could take a long long time
<xperia> huuuhhh well i have about 4'000'000 Tiny Files on the SSD
<faiss> xperia, 	Kernel driver in use: r8168 and the ifconfig shows the ethernet card, and is activated using ifconfig p3p2 up
<xperia> so are you able to "ping google.com"
<xperia> faiss: should it p3p2 be actually eth0 ?
<Patrickdk> xperia, with all tiny files, your limited to drive latency :(
<xperia> Patrickdk: i guess i need to leave it for the next 6 Hours then. Thans for the Info.
<Patrickdk> what model ssd?
<Patrickdk> must be an older one
<xperia> Patrickdk: Samsung SSD 840 Series MZ-7TD500
<Patrickdk> evo?
<Patrickdk> sas ssd's are still expensive as hell
<xperia> Patrickdk: on the Package does not stay anything that is PRO i guess it is the EVO version. Planning to buy hopefully the 1 Terrabyte SSD in the next Months.
<Patrickdk> well, the rounded ones are evo
<Patrickdk> 250, 500, 750, 1000
<Patrickdk> the base2 ones are pro, 256, 512
<xperia> ahh okay then it is EVA as i have the 500GB Samsung SSD
<xperia> sorry EVO
<Patrickdk> ya, that isn't it's best workload :)
<Patrickdk> still sounds a bit slow though
<Patrickdk> I almost never shrink filesystems though
<xperia> Patrickdk: problem is i just realized that i need to use from now on btrfs on all my new drives to aviod the inodes limits. so i started now to resize the SSD to test BTRFS a BTRFS partition.
<xperia> Patrickds: what do you think about this 1 Terrabyte SSD its quite cheap only 50 Cents per Gigabyte => http://www.steg-electronics.ch/de/article/samsung-ssd-840-evo-basic-609032.aspx
<Patrickdk> depends on the usage
<Patrickdk> I've been leaning more twords the m500 960gb one
<Patrickdk> it's alittle slower, but not triple layer
<Patrickdk> for a laptop/desktop either should be fine
<Patrickdk> but I was going put it into server usage
<Patrickdk> though, the m550 just came out last week, and is close to the same specs, but still not triple layer
<xperia> Patrickdk: ahh the "Crucial m500 960GB" interessting is in the same Price Range.
<Patrickdk> I'm looking at filling a few servers with those
<Joe_knock> When trying to run this command: rsync -avPAHX --exclude=/dev --exclude=/proc --exclude=/sys root@yourserver:/ /place/to/put/it I am getting a "Connection refused" message.
<xperia> yeah has some less IOPs 80'000 IOPS vs. 98'000 IOPS
<Patrickdk> Joe_knock, and?
<Patrickdk> xperia, you will never see those iops
<Joe_knock> Patrickdk: rsync doesn't follow through then
<Patrickdk> unless you always have like a 32 qd
<Patrickdk> Joe_knock, that message is pretty self explaining
<Patrickdk> connection refused
<Patrickdk> what moer do you want to knwo?
<Joe_knock> Patrickdk: I'd like to know if there might be something wrong with my command. It says root@myserver.com port 22: Connection refused (but I changed my port
<Patrickdk> I don't see anywhere in your rsync command where you changed the port
<Joe_knock> Patrickdk: I changed my port a long time ago. Do I need to add the current port in my command?
<xperia> Joe_knock: i am not sure but i thin you need something like this => root@yourserver:YourPortNumber/ /place/to/put/it
<WannaBeGeekster> Do I have to use vconfig to create a VLAN?  Can I just enable the 8021q kernel module and configure /etc/network/interfaces properly for a vlan interface?  I am stuck in a vlan and can't apt-get install vlan
<Joe_knock> xperia: It seems even my mysql dump is being prevented for the root user
<WannaBeGeekster> mysqldump?
<xperia> Joe_knock: what do you mean with prevented for the root user. are you able to make a mysqldump as normal user but not as root?
<Joe_knock> WannaBeGeekster: I am trying to create a backup of it
<WannaBeGeekster> You are using mysqldump and not mysql dump, right?
<Joe_knock> xperia: I tried as a normal user using sudo and I am in root right now getting this error:
<Joe_knock> mysqldump: Got error: 1045: Access denied for user 'root'@'localhost' (using password: NO) when trying to connect
<WannaBeGeekster> ahh -p
<WannaBeGeekster> mysqldump -p ...
<WannaBeGeekster> Then you will need to put in your root password if you are running as the root user.  If you are running as a userland user then use mysqldump -u root -p
<WannaBeGeekster> You have to put user= and pass= in your .my.cnf to make the password work without having to supply it on the command line.  You can make a heading specifically for mysqldump [mysqldump] <cr> user=root <cr> pass=mypassword
<Joe_knock> Success!
<Joe_knock> Is this something I should worry about: Warning: Skipping the data of table mysql.event. Specify the --events option explicitly. ??
<WannaBeGeekster> I wouldn't worry about it.  Unless you really want to keep them.
<WannaBeGeekster> Ahh.   Actually.  Do you have scheduled events configured?  If so then I would do your backup again with that option.
<Joe_knock> scheduled events? no I didn't get that far. This VPS was to host a code-management tool and outgoing mail server. The guys running the company are screwing around, so I'm backing up and leaving them.
<WannaBeGeekster> Gotcha.
<WannaBeGeekster> Yes, then I wouldn't worry about it.
<Joe_knock> They don't even have a working customer portal anymore. That is how bad it is.
<WannaBeGeekster> Wow, that is nuts.
<WannaBeGeekster> I am at the datacenter right now setting up a new cloudstack cluster.
<WannaBeGeekster> My billing system works and I don't even have any customers right now.  lol
<Joe_knock> WannaBeGeekster: I am now going to transfer everything to my local PC using this: rsync -avPAHX --exclude=/dev --exclude=/proc --exclude=/sys root . Will i need to include -p in this as well?
<Joe_knock> WannaBeGeekster: Are you selling VPS stuff?
<WannaBeGeekster> Actually I am
<Joe_knock> On your own?
<WannaBeGeekster> You can PM me if you like
<WannaBeGeekster> And the -p is only necessary for mysql and its related tools if you have a password set for the root account in MySQL specifically.
<Joe_knock> Let me give the rsync command a try.
<WannaBeGeekster> Go for it.  I am curious to see if it works for you.
<Joe_knock> that command failed :'D
<TJ-> Joe_knock: You'll need at least one "--include" too
<Joe_knock> TJ- I want to backup everything except those 3. Does the command require a specific include?
<Joe_knock> I get a "ssh: ... port 22: Connection refused
<TJ-> Joe_knock: Oh well, that isn't the parameters" That's no ssh server listening, or the firewall DROPing connections to port 22
<Joe_knock> TJ- , the full command goes like this:
<Joe_knock> rsync -avPAHX --exclude=/dev --exclude=/proc --exclude=/sys root@myserver.com:/ /path/to/backup
<Joe_knock> I am trying to get the backup copied to my local system
<TJ-> Joe_knock: Well, you need to focus on the ssh connection first. Can you do "ssh root@myserver.com" and get an interactive log-in?
<Joe_knock> TJ- Do I need to run that command when I am logged in to my VPS or when I am on my local system? I can SSH into my remote server
<TJ-> Joe_knock: From the local PC, to the server. If that works, but the rsync command doesn't then there's something of a syntax or typo error in your remote server
<Joe_knock> TJ- I am using a custom port on my server. Could the port 22 error be because of that?
<TJ-> Joe_knock: Yes! You need to tell rsync the port
<Joe_knock> TJ- I tried this: rsync -avPAHX --exclude=/dev --exclude=/proc --exclude=/sys root@myserver.com:[portnum]/ /path/to/backup but that didn't work. Any other options?
<TJ-> Joe_knock: Does rsync connect, or get the same connection-refused message?
<Joe_knock> TJ- Same error
<TJ-> Joe_knock: Then you have some kind of typo/syntax error on the command line
<TJ-> Joe_knock: try adding debug output: "-vvvv"
<Joe_knock> It could be this: -avPAHX
<TJ-> Joe_knock: If you get the connection error, then its the remote system specification
<Joe_knock> It doesn't give any connection errors.
<Joe_knock> Perhaps it could be my client that is blocking it.
<TJ-> Joe_knock: you said "Same error"
<Joe_knock> Oh you mean same "connection refused" error?
<teward> is there a step-by-step guide at all for setting up a mail server with IMAP/POP3 and SMTP anywhere that works?  I couldn't find any that were really complete enough for what I need...
<Joe_knock> Have you looked at Postfix? teward
<teward> Joe_knock, I've looked at postfix, yes, but never found a guide that completely explains its configuration and setup
<teward> while I may be decently fluent with nginx, I'm essentially a newbie in setting up mail servers
<teward> and the other thing is i need a mailserver that can work without linux user accounts tied to it (not sure if postfix can do this?)
<Joe_knock> teward are you looking for something highly custom?
<Joe_knock> teward, I think my mail server is running on a single user account
#ubuntu-server 2015-03-23
<phunyguy> gosh darnit
<ROOM1> hi
<ROOM1> hi
<ROOM1> hi
<dholbach> hiya
<dholbach> is anyone aware of the mysql-5.6 installation/removal issues? https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bugs?orderby=-id&start=0)
<dholbach> hey rbasak, ^ do you know who could help with this?
<rbasak> dholbach: that would be me - thank you for the heads up
<dholbach> <3
<dholbach> rbasak, if you need a tester with half-installed packages let me know :)
<rbasak> dholbach: OK. So you can confirm the bug?
<dholbach> yes
<rbasak> Thanks
<dholbach> I noticed mysql-server-5.6 being installed yesterday and couldn't quite remember installing it in the last time, so I tried to remove it
<dholbach> now dpkg says "rH  mysql-server-5.6"
<nivv> Is it possible to dry run a dist upgrade? I'm moving from 12.04 to 14.04
<istram> hey! is there anybody using cloud-init while also having a configuration management system?
<OpenTokix> istram: yes and no, dpeends onr you config managmenet.
<istram> OpenTokix: what are your experiences? I have rather minimal configuration in it as the CFGM takes over quite quickly for most of tasks.
<istram> even then, cloud-init has probably the worst documentation I've seen aside Bluez.
<OpenTokix> istram: my experience is that if you follow the debian file structure. - IE dont edit files in /usr/ apart from /usr/local - and have sensible dpkg-defaults - it will be a painless upgrade.
<istram> nivv: guess the last message from OpenTokix was for you :)
<nivv> istram thanks :)
<nivv> so scary though..
<nivv> with no staging server :/
<istram> nivv: I also find the dist upgrade to work fine, just make sure you follow the documentation.
<nivv> hm yea,
<istram> there can possibly be lots of ifs and buts and not every service may go without configuration update.
<istram> better count with bigger service window...
<OpenTokix> nivv: Have you built it your self, - or is it some legacy system?
<nivv> yea
<nivv> OpenTokix: It's a hosted vps
<OpenTokix> nivv: ok
<nivv> but the kernel is 2.6.32-042stab090.4 x86_64
<OpenTokix> nivv: so its xen or some other paravirt-stuff.
<OpenTokix> nivv: can't you get a second VPS and migrate to that?
<nivv> OpenTokix: migrating seems to be even more work tbh, lots of websites running on it
<nivv> but if we can keep the same IP maybe it could work
<OpenTokix> nivv: Do your vps-company offer snapshots?
<nivv> OpenTokix: they offer full backups, and you can restore to whichever of the full backups, so technically yes
<OpenTokix> nivv: do a snapshot, - upgrade, make sure it works
<nivv> Yup! open
<nivv> OpenTokix will the kernel be upgraded as well?
<OpenTokix> nivv: if its xen or other paravirt, no
<OpenTokix> since your system is running the kernel of the dom0
<nivv> OpenTokix should I be worried about that?
<OpenTokix> nivv: no
<nivv> Goodie!
<OpenTokix> nivv: your upgrade is focused around the userland-software. - Ie. webserver etc.
<nivv> OpenTokix indeed
<OpenTokix> nivv: kernel is the program that just keep the intrastructure for disk-communication etc.
<nivv> OpenTokix ah! cool, I'm going to try to upgrade on my server at home now, see what happens, basically the same software on both
<OpenTokix> nivv: have fun
<nivv> OpenTokix thanks for the (calming) help! :)
<OpenTokix> nivv: I once did a scripted dist-upgrade accross 40 hosts  - I have a big trust in dist-upgrade
<OpenTokix> nivv: since I always do everything the "debuntu-way" so to speak
<Walex> OpenTokix: your trust is well places. Debian and Canonical spend quite a bit of effort in producing smoothly-upgradeable packages...
<nivv> Coolio! Only reason I'm upgrading is actually  because PHP 5.6 isn't available on 12.04
<OpenTokix> Walex: yes, - I like it
<ikonia> wom 1
<ikonia> oops
<jamespage> zul, I'm going to ask for your oslo-log upload to be rejected
<jamespage> zul, Debian will use a different source package name and I want to ensure we don't break ourselves next cycle
<jamespage> zul, policy and log will be tweaked uploads from debian vcs (not uploaded in Debian just yet)
<zul> jamespage:  thats fine with me
<nivv> Anyone here?
<Sling> plenty of people :)
<nivv> I just did a do-release upgrade and now I got a message that grub couldn't be installed on /dev/sda
<nivv> What gives?
<OpenTokix> nivv: since you ar running a paravirt vps, grub isnt needed really
<nivv> OpenTokix; this is on my server at home though.
<Sling> leave your question here and people will attack it
<nivv> (sorry for the swedish) https://www.dropbox.com/s/h3x0y6eppypqb5n/Sk%C3%A4rmklipp%202015-03-23%2013.50.05.png?dl=0
<OpenTokix> nivv: oh, and it is /dev/sda ?
<OpenTokix> nivv: try to run update-grub2 from a shell
<OpenTokix> nivv: (Im swedish, so no worries)
<nivv> ok, OpenTokix, should I press "yes" or "no"?
<nivv> maybe this is because I did a dry run?
<OpenTokix> nivv: oh, its a dry-run
<nivv> yea..
<OpenTokix> nivv: press yes, and then do it manually later
<nivv> it's kind of weird. I'm pretty confident I did a dry run but during the install my sites are down on my homeserver
<nivv> OpenTokix: got this when doing "update-grub2"
<nivv>  /usr/sbin/grub-probe: fel: failed to get canonical path of `none'.
<OpenTokix> nivv: hmmm, weird
<nivv> maybe because I'm still in the sandbox? Maybe I should try to reboot and see if I'm on 12.04
<OpenTokix> if you did dry-run, nothing was changes
<nivv> OpenTokix: turns out I wasn't and I can't connect after the reboot >_< Probably have grub error at home now!
<OpenTokix> nivv: you did it via ssh?
<nivv> yes
<nivv> OpenTokix ^
<OpenTokix> nivv: I guessyou have to connect a monitor now and troubleshoot your homemachine
<sohail-ahmed> I am unable to scan from a network printer. Would any body help. xsane gives device is busy, thanks!!!
<pmatulis> is it turned on?
<nivv> OpenTokix yup!
<nivv> OpenTokix btw, when I try to SSH into the box I immediately get connect to host domain.com port 22: Connection refused
<OpenTokix> nivv: probably machine is booted, somewhat has ip and such - but no services is running. - My guess is you have gotten your devices mixed up somehow. - Do you have multiple disks in the machine - or a usb-stick connected or something.
<nivv> OpenTokix: I got a mdadm raid
<nivv> + and OS disk, nothing else, and a printer via USB
<OpenTokix> nivv: oh, ok
<nivv> OpenTokix: you think it's trying to boot the raid array instead of the OS disk?
<OpenTokix> nivv: yes - sounds like it
<nivv> probably the reason I got the grub error
<OpenTokix> nivv: sounds like it
<nivv> hm,  we'll see!
<nivv> OpenTokix: got this error btw when doing the upgrade
<nivv> https://www.dropbox.com/s/l72lghpn9c6ms4x/Sk%C3%A4rmklipp%202015-03-23%2014.53.05.png?dl=0
<OpenTokix> nivv: not sure what happened
<nivv> Seems to have stopped at grub-pc though?
<nvez-> How can I report a bug regression?
<nvez-> This started appearing again: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1346917 .. running 3.13.0-46-generic
<rbasak> nvez-: if the previous bug was fixed but has now regressed, then please file a new bug. You could also mention the new bug in the old bug, and also mention it in #ubuntu-kernel.
<nvez-> Thanks rbasak !
<rbasak> nvez-: no problem. One of the tags from https://wiki.ubuntu.com/Bugs/Tags#Regression_specific might also be appropriate.
<rbasak> (for your new bug)
<nvez-> got it! :)
<hallyn> rbasak: hey, is the fix for bug 1432683 ready?
<rbasak> hallyn: sorry, I didn't realise I was supposed to be driving that. No real progress since we last spoke - haven't had an ack from anyone else, and no idea about reverse deps that might need to be fixed.
<rbasak> I can poke people and start grepping the archive I suppose.
<jamespage> zul, most things are building now - https://launchpad.net/~james-page/+archive/ubuntu/kilo/+packages
<zul> jamespage:  cool just fixing trove
<jamespage> zul, the ~= versioning in requirements is being fixed upstream - created an issue in glance
<zul> jamespage:  ack
<hallyn> rbasak: if you prefer i take it over that's fine - i just thought yo uowned it, and had a good solution :)
<rbasak> hallyn: I've just started grepping the archive for apparmor-init-parser
<rbasak> Er, apparmor-profile-load
<hallyn> so we never figured out what is causing things like lxc and cgmanager to transatively depend on init-scripts-helper or whatever it's called?
<hallyn> (init-system-helpers)
<rbasak> I'm not sure anything does transitively depend on it
<hallyn> lxc's packaging doesn't list it, but apt-cache show shows it depending on it
<rbasak> infinity suggested that dh_installinit (IIRC) should grep the init scripts and add a dependency on init-system-helpers dynamically (using ${misc:Depends}
<teward> anyone know what can cause a ssh login to take an age before it drops me to a shell?
<rbasak> )
<rbasak> But we'd need to know which sources to rebuild even after I made that change
<rbasak> So I'm grepping everything to find out
<rbasak> I suspect the actual list is quite small.
<hallyn> k
<hallyn> thanks!
<rbasak> No problem.
<rbasak> hallyn: btw, I'm not sure that this grep will finish in a realistic amount of time. I'll check progress after an hour or so to work out an estimate.
<rbasak> (I'm running pull-lp-source in a looP)
<hallyn> seems like we'd have a lxr style site for that :)
<hallyn> sources.debian.org style
<rbasak> 200/23816 sources done now
<rbasak> Maybe ~20 hours then.
<sarnold> jamespage: sorry for the slow reply, three day weekend was nice though; I reall ylike the idea of disabling build-time requirement and moving repoze.who to a suggests; that seems like a good approach
<jamespage> sarnold, good cause I uploaded that an hour ago :-)
<jamespage> sarnold, I need to sort-out the unit test suite with xmlsec1 and then I think its all good to go to main
<sarnold> jamespage: yay! thanks :)
<shodan45> if I want a private network between 2 KVM vms, do I need a bridge on the host?
<sconklin> gaughen,  utlemming: 14.04.2 has shipped, but Amazon hasn't updated their AMIs yet, any reason?
<utlemming> sconklin: are you talking about the quickstart images ?
<sconklin> utlemming: let me get a clarification from the person who asked me?
<sconklin> utlemming: specifically, why doesn't this page reflect .02? http://cloud-images.ubuntu.com/trusty/current/
<utlemming> sconklin: ah, okay, fixing that now
<sconklin> cool, thanks
<utlemming> sconklin: fwiw, 14.04.2 is utterly meaningless in the context of a cloud image. 14.04.2 is a snapshot (release + updates) in time, well the cloud images uses a serial and has more freuent releases. The only reason we do put 14.04.x is because people expect it.
<utlemming> sconklin: for this reason, future LTS's won't have cloud image point releases. We want to eliminate the confusion.
<sconklin> utlemming: so to get to the equivalent of a point release in cloud, one should change to the HWE kernel package and just stay updated?
<utlemming> sconklin: correct
<sconklin> cool. That also means not having to wait for the 'release'
<utlemming> sconklin: right. Often times we have the packages that will make the point release before the it is generally released sans the HWE kernel
<utlemming> sconklin: I hope to get this confusion fixed in time for 16.04.
<sconklin> that would be nice.
<utlemming> sconklin: the contentious bit is whether cloud images should use the HWE kernel by default. That sticking point is rather...polarizing.
<sconklin> I can see both sides of that one myself
<utlemming> sconklin: I really wish that there was a good answer to it
<sconklin> well, there's no one answer. Different people want different things. The naming has gotten convoluted and doesn't make sense in some cases.
<sconklin> example: What does "hardware enablement" mean if I only run in VMs?
<utlemming> which is generally valid, until you consider VM's. VMware and Hyper-V have all had interesting changes in their kernel support such that "hardware enablement" is actually meaningful
<utlemming> and then you have things like Multiqueue for KVM instances
<utlemming> so, yeah, even though "hardware" is the verb, the new feature enablement is actually what is needed
<sconklin> exactly. And in our case, it's OverlayFS that we care about (this time).
<wedgwood> I'm seeing behavior in trusty that looks precisely like this old bug https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/285897
<wiredfool> just upgraded to trusty, and I'm getting a uvt sumplestreams error when updating.  This worked on precise last week. http://pastebin.com/6K95PPKR
<sarnold> wiredfool: wild-guess time, could you check dmesg or /var/log/audit/audit.log for apparmor DENIED lines?
<wiredfool> sarnold: nope, nothing there
<sarnold> wiredfool: bummer. well,that's overall good, but it does mean I don't know what to suggest next. sorry.
<wiredfool> was afraid of that
<wiredfool> sarnold: I think the essential problem is that I have 5 metadata entries and 10 base images
<wiredfool> sarnold: wound up converting the images I care about to not use a backing store, then blowing away the simplestreams store using uvt-simplestreams-libvirt purge
<devster31> hi, I need to keep both libcurl4-gnutils-dev and it's :i386 version, is it possible?
#ubuntu-server 2015-03-24
<EuaD1> i was trying to install owncloud on my xubuntu 14.04.2 install and apparently i messed up my apache2 install because now my MythTV web interface doesn't work
<EuaD1> i now get The server encountered an internal error or misconfiguration and was unable to complete your request. when i try to connect mythweb
<Jeremy26> Hi.  We're switching all our servers to Ubuntu-servers.  I'm setting up my 1st one -- currently in the middle of install.  It's a UEFI-mobo, with disks partitioned with a 300MB EFI partition in addition to the usual install locations.  Started the install, going OK, until it gets to the GRUB install.  It fails @: "[1] Install the GRUB bootloader on a hard disk" just telling me an "Installation Step Failed".  I can continue with no no bootloader
<Jeremy26> apparently, but I figure there should be a way to do this right from the installer.
<Jeremy26> How do I get the installer to install UEFI+Grub2 stuff?
<sarnold> EuaD1: note that some apache config7uration diredctives changed bwtween the apache in 12.04 LTS and 14.04 LTS... ifyou were following a guide, make sure it's for the right version..
<sarnold> Jeremy26: wild-guess time, maybe grab a terminal and run grub-install by hand? I can't recall if it just does the right thing based on your configs or not.. but it'd be one potential starting point
<sarnold> Jeremy26: which install disc are you using? apparently 12.04.1 and earlier didn't do uefi so well...
<Jeremy26> sarnold: Hi.  Using vivid-server 15/latest, atm
<EuaD1> sarnold, i had mythtv and apache2 running for years and was running fine on 14.04 but as soon as i installed owncloud the mythweb web panel is no longer accieble
<sarnold> Jeremy26: oh, that really ought to work :)
<Jeremy26> sarnold: by "grab a terminal", from where I am @ installer step?  or continue without bootloader, and "do it" later?
<sarnold> Jeremy26: I was thinking from where you are in the installer.. hopefully enough is installed at that point to have a useful shell available
<sarnold> EuaD1: aha. try checking apache's logs for erro messages..
<sarnold> there are probably more details there
<EuaD1> sarnold, ok, according to the error.log, it says authtype digest configured without corresponding module
<sarnold> EuaD1: auth changed the most in apache 2.4.. lookhere for starting point http://httpd.apache.org/docs/current/mod/mod_auth_digest.html
<EuaD1> sarnold, ok, thanks. i just removed and purged owncloud and it still says internal error. so i'll read this over, thanks
<Jeremy26> sarnold: ok.  i need to figure out what to DO to get the grub-uefi done right once I'm in the shell ...
<sarnold> Jeremy26: I'm hoping  that a plain "grub-install" would do it :) but that's blatant hopefulism on my part
<Jeremy26> sarnold: i'm sure you're nice to kittens and puppies and all, but I'm hoping for some docs ;-)
<sarnold> Jeremy26: looks like you're right, it looks like it requires the destination device name and probably --uefi-secure-boot parameter http://manpages.ubuntu.com/manpages/utopic/man8/grub-install.8.html
<Jeremy26> sarnold: more here, https://help.ubuntu.com/community/Grub2/Installing#UEFI, but still rather thin.  You'd think an installer would handle this for you.
<Jeremy26>  Well, s|think|hope|g anyway.
<sarnold> Jeremy26: yes, yes I would, and I suspect it often does :)
<Jeremy26> sarnold: That's what has me a bit hesitant.  There's nothing weird here.  It's  a standard partition setup with the UEFI bits.  Wondering if something 'sick' here that's preventing the install.
<Jeremy26> Oh, Arch's docs come thru a bit more: https://wiki.archlinux.org/index.php/GRUB#Alternative_install_method
<Jeremy26> So, I'm at the "Installation step failed".  Do I *first* drop to shell, then install? or 'continue' past this without installing grub, and invoke the shell in a step or two?
<sarnold> I'd try it now.. you know where you stand right now, hehe
<Jeremy26> sarnold: You presume a lot with that "know" biz, but ok ...
<sarnold> Jeremy26: who knows what the next screen will bring? a big failure of some sort that refuses to contuinue? or salvation? or a lengthy package install that's pointless because youy can't boot it anyway? :)
<Jeremy26> sarnold: minor problem ... atm, at shell, there's no 'grub-install' available. hmmm .
<sarnold> Jeremy26: grumble. sorry.
<sarnold> Jeremy26: time for me to bail.. good luck :)
<Jeremy26> re-grumble. thx.
<Jeremy26> Well, the next step was, effectively, 'finish the installation', then reboot.  @reboot, I get dropped to a Buaybox/ash shell, at prompt "(initramfs)", with absolutley no keyboard responses.  I.e. hosed.
<Jeremy26> Not exactly a stellar "first time"
<Jeremy26> wow.  'rescue' mode is even worse :-(
<Jeremy26> What to do now?  Do I have to start over and reinstall?
<EuaD1> looking at synaptic, i don't see Apache Module mod_auth_digest anywhere. i would really like to get mythweb working again
<ObrienDave> !info mod_auth_digest
<ubottu> Package mod_auth_digest does not exist in utopic
<EuaD1> why am i getting this error then? AuthType Digest configured without corresponding module
<nivv> OpenTokix: FYI, when I did the dry run it stopped at the grub prompt, that was the reason I couldn't reach it by SSH
<OpenTokix> nivv: ok, so its up now?
<nivv> OpenTokix: Yup! Just connected it to a screen and pressed enter. And now on the productionserver it upgraded perfectly! I'm a happy camper
<OpenTokix> nivv: awesome! ^5
<nivv> Just forgot that custom PPA's need to be updated too
<nivv> OpenTokix: do you know why that happens? Shouldn't it just bypass that since it's a headless server?
<OpenTokix> nivv: There is an issue, that was discussed last week actually. https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/797544 <-- this very strange default in 14.04 - I have changed it in my config managment now, so I always have a timeout set.
<nivv> OpenTokix: ah I see. Did you change your /etc/grub.d/00_header? I'm a bit scared to reboot the server (haven't done so after the upgrade)
<OpenTokix> nivv: no, I changed in /etc/defaults/grub and reloaded update-grub2
<amarcolino> Hi, I am running a clean install of ubuntu 14.4 with bonding (bonding-mode 4), the system can update and access the internet via w3m, however, I can't seem to ping other computers on the local network and vice-versa, anyone can help me?
<OpenTokix> amarcolino: your switch is configured to handle 802.3ad?
<OpenTokix> amarcolino: Can you ping the hosts if you unbond the interfaces?
<amarcolino> ... hmmm... haven't tried to unbound the nics and no since I ain't using a switch , it connects directly to the router, give me a sec.
<OpenTokix> amarcolino: router is also a switch
<OpenTokix> I assume its your home router? yes? Or is a commercial router?
<amarcolino> plain home router and I wouldn't know whether it can handle 802.3ad, it works accessing the internet but the local network :s, that's a pain not being able to connect to it
<OpenTokix> ok, doubt it support 802.3ad, and if it does you have to enable it probably.
<amarcolino> nope just unbound the nic, so using only one and I still can't ping
<OpenTokix> amarcolino: ok, - is the host you're trying to ping also a linux machine?
<amarcolino> nope it is a windows machine, tried both ways and neither can ping, I suspect it is the linux instead of the windows
<OpenTokix> ok, no firewall enabled?
<amarcolino> nope
<OpenTokix> so, run tcpdump on the interface when you ping, to see if you get anything back
<amarcolino> how do i use tcpdump, i.e. tcpdump [ping address],?
<OpenTokix> on your local machine
<OpenTokix> if your interface you are ping:ing from is eth0
<OpenTokix> as root: tcpdump -i eth0 icmp
<amarcolino> OpenTokix: once I use tcpdump and ping on the windows machine it works
<amarcolino> so there must be something blocking it
<OpenTokix> yes
<OpenTokix> probably the default firewall on the windows machine
<amarcolino> weird now the windows machine can ping but the ubuntu cant ping the windows, any suggestions?
<OpenTokix> windows firewall
<OpenTokix> Enabled by default and blocks everything
<amarcolino> going to try another laptop and see if the same happens, it is weird to not be able to ping a clean ubuntu install
<OpenTokix> since for me at least, that folder is not handled by my git repo
<OpenTokix> wrong window
<amarcolino> OpenTokix: for some reason my windows 7 laptop is blocking ping connection, yet windows 8 laptop is fine, grrr. Need to find out why, I most likely did something when I setup this laptop since it is the one I use often.
<amarcolino> OpenTokix: thanks for the help it was driving me insane
<OpenTokix> amarcolino: depends on what you select for the network setup. Like "home network" or "public network" That will set other settings in the firewwall on windows.
<OpenTokix> Why do I even know this? I dont use windows.
<amarcolino> it is setup as home, it is probably one of the services I disabled or something I enabled/disabled in the administrator config, sigh, this will take a while :'(
<OpenTokix> amarcolino: Not like ping is crucial to the function of your ipv4 network
<ReScO> hey peeps
<ReScO> I'm having some trouble setting up my firewall...
<ReScO> i have fail2ban, but i want to close pretty much every port except 22,80,443,587,993 and 3000, how can i do this in such a way, a portscanner will think it's offline?
<ReScO> and i want to open port 22 for certain IP's only.
<amarcolino> OpenTokix: so far I can ping from windows 7 to windows 8 but not the other way and if I use bonding ubuntu cant receive or send pings on the local
<amarcolino> OpenTokix: this is strange just done a reboot with a single nic functioning and tried pinging the server from both laptops and nada, can you help?
<Spyidonas> quick question , if a folder served by apache is on www-data group and user, and its file permissions are 777 shouldn't the folder be writeable by php?
<rbasak> Depends on directory permissions all the way up - the php user must be able to get to the directory in question.
<OpenTokix> Spyidonas: You should geneerally never have a folder set to 777, unless its a upload folder or such. - if www-data owns it. - 775 whould be enoigh
<rbasak> Also, check for apparmor denials
<Spyidonas> i set it to 777 because 775 doenst work
<rbasak> (not sure what the default is there)
<rbasak> Spyidonas: that's fine for debugging a test deployment but be sure to change it back before going to production
<Spyidonas> i havent modify any apparmor, does the ubuntu 12.04 default denies write? the thing is folder above the one i want have read/write access
<Spyidonas> for example /var/www/uploads is readable-writeable
<Spyidonas> and the /var/www/upload/test isn't
<Kartagis> Spyidonas: never ever use 777. change the directory's ownership
<Spyidonas> Kartagis: i did it for test because nothing works.
<Spyidonas> Kartagis: not even 777 apparently
<Kartagis> Spyidonas: never ever use 777. change the directory's ownership
<Spyidonas> Kartagis: to www-data , correct? Still doesn't work
<Kartagis> Spyidonas: is this wordpress?
<Kartagis> Spyidonas: is it also php-fpm?
<Spyidonas> Kartagis: no, its an existing site and im adding a webmail
<Spyidonas> Kartagis: the existing site has upload options and php reads/writes to folder
<Kartagis> because php doesn't run under a different user
<Kartagis> whereas php-fpm does
<Spyidonas> Kartagis: i created a new folder throwed everything the webmail has and i have the error i cant read/write
<Spyidonas> Kartagis: it's the standard php/apache that comes with ubuntu 12.04
<Kartagis> have you read the <webmail> docs?
<Kartagis> is it horde?
<Spyidonas> Kartagis:no its the afterlogic
<Kartagis> you are on ubuntu, right? check what user the webserver is running under with ps aux|grep apache
<Spyidonas> Kartagis:their site http://www.afterlogic.com/support/faq-webmail-pro-php#3.1 says everything about permissions
<Spyidonas> Kartagis:apache runs under root...
<Kartagis> that is a Very Bad Ideaâ¢
<rbasak> dannf, hallyn: what are you expecting from me on bug 1427406? Do we have a patch for Vivid that works on all architectures that we're ready to apply?
<Spyidonas> Kartagis: :S I haven't configure that server, my task is to simply activate this webmail clinet :/
<Kartagis> edit the apache configuration file for user
<Kartagis> Spyidonas: /etc/apache2/envvars
<Kartagis> export APACHE_RUN_USER=www-data
<Kartagis> export APACHE_RUN_GROUP=www-data
<Kartagis> should be that
<Spyidonas> Kartagis: will it mess up the existing site ?
<Kartagis> oh, and you actually should have a user www-data
<Spyidonas> Kartagis: i have a user www-date
<Kartagis> I don't think so, but shit happens
<Kartagis> then nope
<Spyidonas> Kartagis: the exports are as you typed them
<Spyidonas> Kartagis: without modification
<Kartagis> one sec
<EuaD1> is anyone in here familar with znc server?
<Kartagis> User ${APACHE_RUN_USER}
<Kartagis> Group ${APACHE_RUN_GROUP}
<Kartagis> Spyidonas: put these in /etc/apache2/apache2.conf
<Kartagis> EuaD1: you mean the BNC?
<EuaD1> Kartagis, it's called ZNC
<EuaD1> I have a linode server running a ZNC server
<Kartagis> EuaD1: the bouncer, right?
<EuaD1> yes
<Kartagis> EuaD1: what do you need help with?
<Kartagis> I am on znc
<EuaD1> well, it's sort of a funny issue but im logged into my znc server, looking at the web admin panel my user has 3 networks. i seem to have forgotten how to resume as my user because when I try to switch to that nick it says that user is already logged in
<Kartagis> logged in as connected to a network?
<EuaD1> Kartagis, yes. the web panel shows i'm connected to only 1 network
<Kartagis> EuaD1: did you change usernames?
<Kartagis> on your irc client*
<EuaD1> Kartagis, yes
<EuaD1> for example. if you hop into #linuxtechandgaming on freenode you can see me logged in multiple times
<Kartagis> EuaD1: can you kill all your users and start anew?
<Kartagis> aka fresh start
<EuaD1> Kartagis, i'm not entirely sure how to be honest.
<EuaD1> i wanted to set up a bouncer so that I would never miss a conversation
<Kartagis> /msg *status help
<EuaD1> shit, i just realized what time it was. Kartagis i need to get going to get to work on time. sorry i need to run
<EuaD1> Kartagis, i sent you a direct message showing what it returned. maybe i'll talk to you later for help. thanks
<Kartagis> EuaD1: /msg *status restart should do it
<Kartagis> Spyidonas: are you all good? I need to go to lunch if you are
<Fun> hi folks
<Fun> who here knows decent uk vps provider?
<Fun> :D
<Kartagis> Fun: DO provides UK locations IIRC
<Fun> true
<Fun> any else? :D
<Fun> I like ovh however they dont offer UK
<Spyidonas> Kartagis: are you still there?
 * Patrickdk has ovh blacklisted on all his servers
<Patrickdk> never seen anything ligit from that network
<Jeremy26> can anyone verify whether ubuntu-server installation disk (vivid) is supposed to be bootable as UEFI, and that it should be able to install grub2+UEFI to a target system?  I can't manage to do either one.
<hallyn> rbasak: we're looking for guidance as to who to contact who would be able to write the patch we need
<hallyn> (else we'll just have ot wait until next week and i may have time to look at it in depth)
<hallyn> we can discuss it during team meeting
<hallyn> the bug is listed as an action so it'll come up
<Jeremy26> fyi, the ubuntu-server vivid/current installer fails to correctly detect/use DHCP setting, requiring manual network setup.  other-OS installers and rescue disks have no DHCP problems.
<dannf> rbasak: no known fix yet :(
<dannf> rbasak: i told hallyn i'd look at it again, but i need to finish another task first
<designbybeck__> I'm trying to update one of my test servers and I'm getting this: https://gist.github.com/anonymous/d2d0fe04998b82521505
<designbybeck__> sudo: unable to open /var/lib/sudo/beck/3: No such file or directory
<designbybeck__> my main user is what I ssh'd in with, it should be a sudoer
<designbybeck__> just tried as root and got the same thing
<designbybeck__> odd
<jamespage> zul, I'm seeing quite a few python3 isms creeping into openstack - assertRegex instead of assertMatchesRegex for example
<jamespage> something in the dependency chain is dealing with that upstream, but not in Ubuntu
<jamespage> any ideas?
<zul> not off the top of my head
<zul> jamespage:  oslotest maybe
<jamespage> zul, hmmm we are quite out-of-date there
<jamespage> zul, nope not that
<zul> jamespage:  then not off the top of my head
<jamespage> np
<jamespage> zul, can I steal you ironic branch for testing? did you look at trove?
<zul> jamespage:  i pushed to ~ubuntu-server-dev/ironic/kilo already
<zul> lemme push my trove stuff somewhere
<zul> jamespage:  https://code.launchpad.net/~zulcss/trove/kilo-3
<yossarianuk> hi - I have an upstart issue
<yossarianuk> I have created an upstart file -(for starting a meteor app) - it works fine via 'service meteor start/stop'
<yossarianuk> but doesn't start on boot
<yossarianuk> I can 'cheat' and add the line 'service meteor start'  to rc.local and that starts on boot
<yossarianuk> but how can I work out why the upstart job /etc/init/meteor.conf doesn't start on boot ?
<yossarianuk> do you have to tell upstart somehow taht the service should start on boot ?  i.e the equivalent on 'update-rc.d ... ... '
<rbasak> yossarianuk: are you aware of http://upstart.ubuntu.com/cookbook/?
<rbasak> You need to tell upstart what other event to start your job on.
<rbasak> For example:
<rbasak> start on runlevel [2345]
<rbasak> stop on runlevel [!2345]
<rbasak> Then it'll get started on when the runlevel changes to 2.
<rbasak> hallyn: so I've got to task switch to Docker for now, and probably won't be able to look again at apparmor-profile-load until next week. I hope that's OK.
<an3k> I'm running Ubuntu Server 14.04 and want to set display resolution and screen resolution for grub as well as console to 1024x768. With the default settings I get a display and screen resolution of 800x600 for grub and a display resolution of 1024x768 and a screen resolution of 800x600 for console.
<an3k> I tried setting GRUB_GFXMODE=1024x768 but that didn't changed anything. I added GRUB_GFXPAYLOAD=1024x768 but that didn't changed anything too.
<an3k> I also modified /boot/grub/grub.cfg manually and set gfxmode=1024x768 and set gfxpayload=1024x768 but that also didn't worked.
<an3k> I also modified /etc/grub.d/00_header (based on http://askubuntu.com/questions/18444/how-do-i-increase-console-mode-resolution/18463#18463) but even that didn't worked.
<genii> Did you do sudo update-grub after you made those changes?
<an3k> yes
<an3k> after all of that didn't worked I undid all modifications and enabled the nvidiafb and set GRUB_CMDLINE_LINUX_DEFAULT="video=nvidiafb:mode_option=1024x768-16"
<an3k> nothing changed.
<an3k> After I manually ran fbset -xres 1024 -yres 768 -match the console was finally in 1024x768 but after the next reboot it's again in 800x600
<genii> an3k: If the fbset worked manually you could just add that command to your rc.local file
<hallyn> rbasak: ah, ok.  you don't mind if i step in then?  oh wait, i'm out the next two days, so i woudn't be speeding it up much...
<hallyn> rbasak: are you around on friday?  can i ping you then to get the status of your debdiffs, and I'll take it fro mthere?
<rbasak> hallyn: sure, I'll be around.
<hallyn> rbasak: thanks!  i appreciate it.
<an3k> genii: thanks, I'll do that. Howver, shouldn't be th there a configuration for setting the resolution?
<hallyn> i should be albe to finish it up fri/sat then
<yossarianuk> rbasak: thanks I already have  'start on (started mongodb and started nginx and runlevel [2345])'
<an3k> like GRUB_GFXMODE= in /etc/default/grub
<yossarianuk> off now anyway - i'll look tomorrow...
<genii> an3k: Instead of the GFXMODE or GFXPAYLOAD methos you could try the old way of VGA=xxx in the GRUB_CMDLINE_LINUX_DEFAULT
<genii> an3k: You'd need to look up the 3 numbers to use for the mode you want
<an3k> genii: tried that. All it did was keeping grub in 800x600 and console in 800x600 (1024x768) but kernel log in 720x400 ...
<an3k> 791 which is 1024x768x16
<genii> an3k: I'm out of immediate ideas on the issue.
<rbasak> arosales: did you mean to publish the last minutes on ubuntuserver.org? I see your post but it's still listed as a draft.
<arosales> rbask, I may have forgetting to press publish.  Let me check the fomatting and click publish
<Jeremy26> Has anyone successfully installed ubuntu-server with Grub2+UEFI?  Every time fails here -- simply get to the "Install step failed" telling me no bootloader's installed.  End up with an unbootable system if I continue.
<pmatulis> Jeremy26: it depends on the EFI implementation
<arosales> rbasak, thanks for the reminder, http://www.ubuntuserver.org/?p=1243 posted
<Jeremy26> pmatulis: Hi.  Can you explain that?
<an3k> genii: looks like it's because of nouveau ...
<an3k> funfact: grub runs in 1280x1024 with a 15 years old graphics card but only in 800x600 with a 5 years old nvidia card ...
<an3k> genii: I'm now using a ATI MACH64 with 2 MB RAM and PCI ... all problems solved.
<genii> an3k: Cool.
<hxm> hello, my ubuntu works slow, for login ssh needs 1 minute and for see the pages i host some of times it needs 2 minutes, i dont see any process in top that eats cpu or memory and logs says nothing, what can i debug?
<genii> hackemate: Check /var/log/auth.log for brute-force password attempts, and /var/log/apache2/error.log for people trying to reach admin pages for applications. You might want to install fail2ban which will limit attempts
<sarnold> hackemate: wouldn't hurt to try some ping or mtr or smokeping to find out your latency, packetloss, etc
<hackemate> i see many lines like this Mar 24 17:43:09 datatec CRON[9587]: pam_unix(cron:session): session closed for user root
<hackemate> Mar 24 17:43:56 datatec CRON[9615]: pam_unix(cron:session): session closed for user root
<hackemate> fail2ban is installed
<hackemate> but seems does nothing really
<hackemate> pam_unix is ssh?
<hackemate> i did, average is ime=178.513 ms top was 300
<sarnold> the important bit there is that that's a cronjob, probably not a big deal
<genii> hackemate: For fail2ban maybe check here: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-fail2ban-on-ubuntu-14-04
<sarnold> 130 ms to where?
<sarnold> I can get from west coast of the united states to japan in 100ms
<hackemate> ping 37.187.42.205
<sarnold> west coast US to UK is 190 ms
<hackemate> right now is under 100ms
<hackemate> from spain to france
<genii> hackemate: Is the ping time from the remote machine to the server or from the server to some other machine?
<hackemate> from remote machine to the server, this is what i see in localhost 64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1 ttl=64 time=0.099 ms
<genii> ping time to localhost is meaningless
<sarnold> yeah, but from spain to france, 100ms seems tolerable
<sarnold> I got 163 from west coast us, it's closer than uk for me :)
<genii> hackemate: From ssh session on the server, if you do ping -c 10 google.com       ... what sort of lag on that?
<hackemate> wow i got stuck 5 minutes
<hackemate> i mean 4 minutes
<hackemate> now works fine, again
<hackemate> but sometimes is like cpu is 100%
<hackemate> the google ping is this 64 bytes from muc03s07-in-f6.1e100.net (173.194.44.6): icmp_seq=1 ttl=54 time=17.1 ms
<sarnold> how about all ten pings?
<hxm> 64 bytes from muc03s07-in-f5.1e100.net (173.194.44.5): icmp_seq=1 ttl=54 time=17.4 ms
<hxm> all like this
<hxm> i think is not networking problem, looks like cpu 100%
<hxm> i have 2 ssh connected and sometimes i cant write on them
<hxm> and suddenly it starts to respond again
<hxm> auth.log is filled of pam_unix  sessions from cron
<genii> hxm: How far apart is your most often cron job? For instance, sometimes you see a problem like a cronjob running every 5 minutes that actually takes more than 5 minutes to do
<hxm> i go check that
<sarnold> "filled"? that;s not good.. they shuold happen periodically...
<hxm> im talking about 5-10 per second,
<sarnold> WHAT??
<hxm> dont scare me
<hxm> i removed all cronjobs
<sarnold> and did you look through the /etc/cron* files and directories?
<hxm> man type a cd takes eternal, im getting paranoid
<hxm> there are some files in cron.d, nothing in else cron.*
<hxm> in cron.d i have apache2 aptitude and logrotate, roundcube updatenotifier
<genii> Hm
<hxm> norfix.es is still getting minutes to load
<sarnold> hxm: how about /etc/crontab?
<hxm> 47 * * * * root cd / && run-parts --report /etc/cron.hourly and  12 30 1 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ) same for weekly and monthly
<hxm> i candisable them too
<sarnold> hxm: those are fine..
<sarnold> I suggest reading this.. it might be jumping to conclusions, but .. https://www.fireeye.com/blog/threat-research/2015/02/anatomy_of_a_brutef.html
<genii> Is there anything abnormal like i/o errors if you do: dmesg | tail -n 50
<hxm> dmesg is empty
<hxm> https://www.dropbox.com/s/09fpcuswhef4flj/Captura%20de%20pantalla%202015-03-24%2020.35.36.png?dl=0
<sarnold> .. _nothing_ in dmesg? odd
<genii> Waht?
<hxm> i said sme: waht
<genii> That is highly unusual
<hxm> screenshot shows it
<hxm> it is a virtualmachine of a dedicated server, maybe that
<hxm> about bruteforce fail2ban could just ban them no?
<genii> hxm: It's better to deny them for a period of time than to ban because some failed login attempts may be from valid ssh attempts
<sarnold> if this is a container of some sort maybe dmesg is not available, but this is feeling like it may be a compromised machine with a rootkit installed
<hxm> not visible in top?
<sarnold> yeah
<hxm> lsof could give a clue no?
<sarnold> depends on the rootkit
<teward> can someone look at https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1336713 and see if they can test/replicate?  (I wasn't able to on a production instance that has `php5-fpm` installed but not the `php5` metapackage)
<teward> (I ask here because server package :P)
<hxm> what can i do now
<sarnold> hxm: if it were me, I'd set ujpa replacement, restore from backups, etc., and do forensics on the system later
<hxm> ujpa?
<sarnold> up
<sarnold> this is a new keyboard, I'm hot entirely used to it yet
<genii> s/hot/not   ;)
<sarnold> figures :)
<teward> sarnold: we should replace your keyboard
<teward> :P
<hxm> do you know chkrootkit.org?
<sarnold> teward: the transition is far harder than I expected
<sarnold> hxm: I believe it's wildly unmaintained.
<sarnold> hxm: .. and fighting a problem thats nearly impossible to solve anyway.
<hxm> i know, but i wont get this tomorrow again
<teward> sarnold: the alternative is radical implantation of cybernetic technologies which facilitate data entry via neural signals
 * teward is a crazy, yes.
<teward> or, go get your old keyboard :)
<sarnold> teward: heh, I switched to this one because my old one caused significant pain in my hands and arms
<sarnold> teward: or, well, I suspected it was involved. three weeks with a different keyboard have helped immensely
<teward> rbasak: ping - have you seen anything else similar to https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1336713 that affects the `php5` packages?  (I can only find that they have the `php5` metapackage on there which could potentially cause this if `apt` or some other system is not detecting `php5-fpm`, but...)
<rbasak> teward: I've not seen it apart from in that bug IIRC. Need steps to reproduce to do anything about it :-/
<teward> rbasak: yeah, I set it back to 'incomplete' - even tested a dist-upgrade on a production server I know for a fact hasn't been updated since January cause I"m insanely busy.
<teward> rbasak: wasn't able to replicate with *just* php5-fpm (and there's been no updates to the nginx package that'd trigger this)
<teward> rbasak: the only thing i can think that would do this is a case where `apt` derps and ignores php5-fpm being installed, and then installs Apache
<teward> rbasak: since `php5` meta package
<teward> (it was said in the description that it was present, I believe, but again, we need more info)
<rbasak> teward: thanks. I updated the description to make it completely clear.
<teward> rbasak: the only reason i'm on the bug is 'cause bdmurray pinged me (see -bugs for that discussion)
<teward> rbasak: bdmurray said "Hey, they're using the PPA" maybe on the assumption that causes it (because nginx was mentioned on the bug), but I"m 99.99% certain that nginx, PPA or repository or otherwise, would not be the cause
<Jeremy26> Is there detailed documentation for *installing* ubuntu-server on UEFI?  Every attempt I've made fails -- whether allowing the installer to try to auto-figure-it-out, or dropping to apt shell and manually installing the grub-efi packages.  Fails 100% of the time.  As a test of my h/w and partitioning, no issues installing Fedora ...
<teward> rbasak: the *only* way it could happen is if `php5`'s dependencies list was in a "php5-fpm not present with regards to compatibility and depends" state - that's the only real way it'd trigger this, 'cause php5-fpm doesn't depend on apache components, and nor does nginx
<mdeslaur> coreycb: is trusty getting nova 2014.1.4 too? doesn't look like it's been uploaded...
<coreycb> mdeslaur, yes and it should more or less be done.  let me kick tests off and soon should be able to mark the bug as verified.
<mdeslaur> coreycb: cool, thanks!
<dmsimard> Hi. Any idea why installing the linux-generic-lts-utopic package in pkg_include (preseed) yields a kernel panic ? Is this a bug ? It looks like the initramfs doesn't run - the initrd for 3.16 isn't generated
<dmsimard> Someone else's reported the issue and hacked together a update-initramfs in a late_command but that doesn't sound like an ideal solution
<dmsimard> http://askubuntu.com/questions/526193/preseeding-3-16-hardware-enablement-kernel-requires-manual-update-initramfs
<Jeremy26> One last try -- anyone successffully installed ubuntu-server to UEFI?  preferably Vivid?
<dmsimard> We have precise installs that run fine when installing the trusty lts kernel in preseed, without having to resort manually running update-initramfs
<teward> !vivid
<ubottu> Ubuntu 15.04 (Vivid Vervet) will be the 22nd release of Ubuntu due for release in April 2015. Discussion and support in #ubuntu+1. For more info see the announcement at  http://www.markshuttleworth.com/archives/1425
<teward> Jeremy26: ^
<teward> you should probably start in #ubuntu+1 ( just sayin )
<Jeremy26> teward: Been there on & off for 2 days .  The only response to any question I got was to come back here.
<rbasak> Jeremy26: maybe try the ubuntu-server mailing list? UEFI is still not common enough that many people who happening to be watching IRC at the time you ask will have experience with it.
<teward> Jeremy26: well then I suggest patience - but as with all QA and iso testing, you should consider filing an issue against the image if it's not working as it should be with efi installations
<teward> i also agree that the ubuntu-server mailing list will yield better results
<teward> (I force my systems to use legacy if efi is an option)
<rbasak> dmsimard: that sounds worthy of a bug report to me.
<dmsimard> rbasak: Thought so too.. Will file one. Thanks.
<rbasak> dmsimard: maybe against the initramfs-tools package in the first instance?
<rbasak> I'm not sure where else would be relevant.
<dmsimard> Yeah I was about to ask where to file it
<dmsimard> I haven't exactly pinpointed where the problem occurs
<rbasak> I think a missing initramfs makes initramfs-tools a reasonable first guess. It can always be reassigned later.
<sarnold> Jeremy26: dang, still no luck? :( please file a bug against ubiquity, I think that's the most logical next step
<Jeremy26> sarnold: Hi.  Nope.  Terrible installler experience.  Grub's just non-functional.  UEFI's barely usable without manual intervention.  DHCP doesn't manage to configure the network at all -- all other installers do.  A USB-key install still insists on a CD being attached.
<Jeremy26> Yeah, really terribly frustrated atm.  Looking at Fedora.
<sarnold> Jeremy26: damn. I haven't needed a cd for installing for.. uhh.. many years. :/
<Patrickdk> what is a cd?
<Jeremy26> Patrickdk: it's what ubuntu-server apparently requires to install itself
<Patrickdk> since when?
<Patrickdk> I've been using pxe boot install since 2007
<Jeremy26> Tried a Vivid Server install on UEFI from a USB key?
<Patrickdk> can't claim I ever used usb install, and never used a computer with uefi boot
<JanC> Patrickdk: if you used an x86 computer that was manufactured in the last several years, then it was most likely using (U)EFI
<Patrickdk> not true, they still have the, do not use uefi option
<JanC> they don't
<Patrickdk> I don't own any of them
<Patrickdk> all of my servers, even recent ones still have the don't use uefi
<Patrickdk> I don't have any of the hp bl460c g9's yet though, just the g8's
<JanC> they have a "run a BIOS emulation layer on top of UEFI" option
<Patrickdk> no, no uefi support at all
<Patrickdk> that is brand new, in the g9 servers that just came out
<dmsimard> rbasak: FWIW: https://bugs.launchpad.net/initramfs-tools/+bug/1436098
<Jeremy26> Patrickdk: I've supermicro mobos. All have full UEFI support.
#ubuntu-server 2015-03-25
<PryMar56> seems that libsystemd-daemon.so.0 is missing in vivid
<PryMar56> the header file sd-daemon.h is found, but not the SO
<PryMar56> I can't build xen-4.5.0 without it
<crane_> hifolks
<crane_> I have used sudo usermod -a -G sudo username to make user a sudoer
<crane_> now when I use su username and issue sudo it wont accept its pass
<crane_> also I cant ssh anymore
<crane_> as this user
<crane_> wtf? :D
<Craig4who> hi everyone
<Craig4who> anyone got an experience with heartbeat
<Craig4who> pacemaker
<jamespage> zul, ok all baked - https://launchpad.net/~james-page/+archive/ubuntu/kilo/+packages
<jamespage> just need those oslo-packages to go through aa review
<zul> jamespage:  cool anyone said they would review them yet
<zul> jamespage:  btw i should have nclxd working with 0.5 today
<jamespage> zul, not yet
<jamespage> arges appears to be not around
<jamespage> asked in -release again
<jamespage> zul, I've done designate and manila as well
<zul> jamespage:  ack
<bornpilot> I am working with 14.04 LAMP on the Apache side of things I need to have web dev usres aceess to the web app folders should I keep the user folders root from the default setting in the install and change the group to have rwx acces to those directorys or what is the best practives for multiuser access to web servers application files?
<OpenTokix> bornpilot: I would have the webdav folder writable for the webdav-suers. - And theb mount -bind ro for the actual webaccess fo the files.
<bornpilot> web developer users not webdav service sorry about that.
<OpenTokix> You can still separate them, to have a writable folder - and then mount that as a bind, but ro for the webserver
<bornpilot> Thanks
<rbasak> # WARNING! I don't seem to be running in the Docker container.
<rbasak> # The result of this command might be an incorrect build, and will not be
<rbasak> #   officially supported.
<rbasak> jamespage: ^^ is that expected?
<jamespage> rbasak, yes
<jamespage> the upstream build process uses docker to build docker
<jamespage> think schroot's
<rbasak> OK, thanks. kickinz1: ^^ - looks like that's fine and we can use sbuild
<lnxmen> j #gentoo-pl
<lnxmen> Sorry.
<rbasak> jamespage: so enable-gccgo-build.patch no longer applies. I think the dep3 headers are wrong, as the pull request it refers to seems to be completely different.
<rbasak> Do you know where I can find a current version of the patch please, or where it came from originally?
<jamespage> which package?
<rbasak> jamespage: docker.io
<jamespage> rbasak, that came direct from IBM
<rbasak> jamespage: not published anywhere?
<jamespage> rbasak, it was based on patches for master upstream
<jamespage> rbasak, so for 1.5.0 I'd look for equivalents in master branch
<rbasak> jamespage: aha. https://github.com/bpradipt/docker/commit/b34e0cd5e8511f388e5d2150559ec80a99a32d79 maybe?
<jamespage> rbasak, yes
<rbasak> OK. I'll try those. Thanks!
<jamespage> he's the author of the patch you already have
 * rbasak wonders if this will break the golang build
<gchristensen> Hi, what events cause new AWS AMIs to be built? ie: I was expecting a new one around the openssl patches, but it hasn't come, but it isn't with major releases as far as I can tell, 14.04 has been updated a few times in thepast 6 monhts
<Odd_Bloke> gchristensen: The OpenSSL patches should be pulled in via apt-get (the way you would pull in security fixes normally).
<Odd_Bloke> gchristensen: The images are respun if there are _critical_ security issues, or if the way that the image interacts with EC2 changes.
<gchristensen> Odd_Bloke: makes sense, up until now I just make new servers using a more up to date image. I'll add an apt-get upgrade step in there. though it is curious, is there a way to determine what caused a new AMI to be released? ie: ami-3b14370b, which was released on 2015-03-05
<Odd_Bloke> gchristensen: Release notes are generated at http://cloud-images.ubuntu.com/releases/trusty/release-20150305/unpacked/release_notes.txt
<Odd_Bloke> gchristensen: Yeah, you should definitely have an upgrade step in there; we don't release new images for every security issue.
<jamespage> jdstrand, would you have capacity for three NEW package reviews for vivid? all oslo refactorings of shared code from openstack projects
<jdstrand> jamespage: not within the timeframe you'd be interested in (note, I no longer perfrom regular ubuntu-archive duties)
<jdstrand> jamespage: (sorry)
<jdstrand> if in a few days you are in a jam, ask again and I'll see what I can do
<jamespage> jdstrand, ack - ta
<hxm> i am migrating a site from hosting, but my bandwich is limited, can i use ftp from old server to other ftp server?
<hxm> something like cp but between ftp
<Odd_Bloke> hxm: Do you have SSH access to the hosts, or just FTP access?
<hxm> just ftp
<hxm> not even sftp
<Odd_Bloke> hxm: I suspect you're out of luck; I think you'd have to pull down the contents to push them back up.
<Odd_Bloke> hxm: But you could use a cloud instance to do it; they generally have excellent bandwidth.  Obviously there would be a cost associated with that.
<PryMar56> how to request a new package for vivid? libsystemd-daemon.so.0
<PryMar56> in systemd 219
<Odd_Bloke> PryMar56: systemd 219 is already in vivid: http://packages.ubuntu.com/vivid/systemd
<Odd_Bloke> PryMar56: If there's something missing that you would like included, find or file a bug; it's unlikely to make it in to vivid as we are past feature freeze.
<PryMar56> libsystemd-daemon.so.0  is missing & its required to build Xen 4.5.0 upstream
<PryMar56> Odd_Bloke, I hope I'm wrong about this. I can't be the first one to try to build this
<PryMar56> going to check what is done in fc23
<Odd_Bloke> PryMar56: There was a libsystemd-daemon0 package in utopic: http://packages.ubuntu.com/utopic/libsystemd-daemon0
<Odd_Bloke> But I don't really know much about systemd or its packaging, so I can't really tell you why it isn't in vivid.
<PryMar56> Odd_Bloke, even debian8 (systemd 215) has it
<PryMar56> from 215->219 things may have changed
<smb> PryMar56, FWIW I just recompiled the xen-4.5 in vivid and had no issues with the current state of the archive
<PryMar56> smb, did you configure with --enable-ocamltools ?
<PryMar56> smb or did you build oxenstored ?
<smb> No since ocaml is for the old toolstack which is gone
<PryMar56> smb, so your effort is moot
<PryMar56> smb, I'm making progress fishing through the fc23 systemd 219 build
<PryMar56> my snooping thru fc22: http://paste.ubuntu.com/10679310/
<PryMar56> OK, I filed a bug with [needs-packaging] tag
<JanC> Patrickdk: looks like g8 is/was still BIOS-based indeed (but being from 2012, that's an "old" hardware design by now...)
<hxm> Odd_Bloke: i did it using lftp
<hxm> very usefull
<hxm> lftp -e "mirror -R local_dir remote_dir" -u ftp_user,ftp_pass remote_host
<kybe> Hi folks. I have an issue with glusterfs-server starting before zfs on ubuntu 12.04 during boot. This results in glusterfs insterting some files into the mount point and ZFS refusing to mount. Any tip on how to adjust that? glusterfs-server is started by upstart on runlevel2 and zfs-mount seems to be S20 in /etc/rc2.d/.
<sarnold> kybe: what Snn is used for the glusterfs-server?
<kybe> none, i can only find it in /etc/init/glusterfs-server.conf. there it just says runlevel 2345
<sarnold> kybe: ugh. I don't recall how the sysvinit compatability levels interact with the upstart prereqs..
<sarnold> kybe: it might make most sense to convert the zfs initscript into an upstart configuration file so you can control the ordering exactly
<kybe> Ok
#ubuntu-server 2015-03-26
<Ryan_Lane> I need to update dhclient.conf and then cause dhclient to restart itself. basically I need to override the dns and have it immediately apply
<Ryan_Lane> I can't find a good way to do this...
<Ryan_Lane> (I need this to work when run over ssh, from config management)
<Ryan_Lane> anyone have any ideas here?
<sarnold> Ryan_Lane: check out omshell(1)
<Ryan_Lane> thanks
<replman> Hi! I tried to install php 5.5 on ubuntu 12.04 LTS as described here: http://askubuntu.com/a/343567
<replman> all went as expected but in the end i get the following error:
<replman> Setting up apache2 (2.4.12-1+deb.sury.org~precise+5) ...
<replman> Directory /etc/apache2/conf.d is not empty - leaving as is
<replman> Please note, that directory is considered obsolete and not read anymore by default
<replman> php_cgi_wrapper.conf  zz010_psa_httpd.conf
<replman> apache2: Syntax error on line 210 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/fcgid.load: Cannot load /usr/lib/apache2/modules/mod_fcgid.so into server: /usr/lib/apache2/modules/mod_fcgid.so: undefined symbol: unixd_config
<replman> ERROR: Config file dir.conf not properly enabled: /etc/apache2/mods-enabled/dir.conf is a real file, not touching it
<replman> dpkg: error processing apache2 (--configure):
<replman>  subprocess installed post-installation script returned error exit status 1
<replman> dpkg: dependency problems prevent configuration of libapache2-mod-php5:
<replman>  libapache2-mod-php5 depends on apache2 (>= 2.4); however:
<replman>   Package apache2 is not configured yet.
<replman> dpkg: error processing libapache2-mod-php5 (--configure):
<replman>  dependency problems - leaving unconfigured
<replman> dpkg: dependency problems prevent configuration of apache2-mpm-prefork:
<replman>  apache2-mpm-prefork depends on apache2 (= 2.4.12-1+deb.sury.org~precise+5); however:
<replman>   Package apache2 is not configured yet.
<replman> dpkg: error processing apache2-mpm-prefork (--configure):
<replman>  dependency problems - leaving unconfigured
<replman> No apport report written because the error message indicates its a followup error from a previous failure.
<replman>                                                                                                           No apport report written because the error message indicates its a followup error from a previous failure.
<replman>                                                                                                                                                                                                                     Errors were encountered while processing:
<replman>  apache2
<replman>  libapache2-mod-php5
<replman>  apache2-mpm-prefork
<replman> E: Sub-process /usr/bin/dpkg returned an error code (1)
<replman> Sorry!
<replman> I wanted to paste to pastebin, hit the wrong window :-(
<replman> stupid client that allows such a post.
<replman> http://pastebin.com/pkfpYAvV
<yakim> At first you must remove old version of Apache2
<replman> yakim: I found out that i have a problem with libapache2-mod-fcgid-psa and apache2.4
<replman> dpkg -l | grep mod-fcgid prints  "libapache2-mod-fcgid-psa  2.3.9-14033112"
<replman> maybe i should downgrade to apache 2.2. How can i do this?
<yakim> you have sum problems with php module version
<yakim> I see /usr/lib/apache2/modules/mod_fcgid.so: undefined symbol: unixd_config
<yakim> http://superuser.com/questions/838180/apache-loading-php-module-undefined-symbol-unixd-config
<yakim> The Apache API changed from 2.2 to 2.4, unixd_config was renamed ap_unixd_config (see Api changes from 2.2 to 2.4). You need a php module version that is compatible with Apache 2.4 or stay with Apache 2.2.
<replman> I think that this psa fcgi module is still for 2.2.
<yakim> yes
<replman> But i cannot remove this because then plesk might not run
<yakim> try find new version of this module
<replman> i tried to remove it anyways. Then apache stuck with another config file. So best might be to downgrade to 2.2. Ist that possible?
<yakim> I think, it is possible.
<replman> yakim: do you know how?
<yakim> do you create backup of old config?
<replman> no :-(
<yakim> ups...
<replman> i have to look
<yakim> at first you must purge php5 and apache. Then disconnect ppa, update ant install php5 and apache again
<yakim> then restore you configs
<yakim> I make this update on my server some time ago, but I don't use such modules
<replman> yakim: is it enough to copy the files from /etc and after doing the reinstall, copy the files back?
<replman> how to disconnect ppa
<yakim> not all. Only /etc/apache2 and /etc/php5
<replman> how to purge php5 and apache?
<replman> can i preview which files will be removed by the purge?
<yakim> apt-get purge apache2*
<dmsimard> Haven't had any attention on what I consider an important bug: https://bugs.launchpad.net/initramfs-tools/+bug/1436098 .. who can I poke ? :)
<rbasak> dmsimard: try #ubuntu-devel. It's not really a server-specialist thing even if it involves server. Few people here will know much about it.
<dmsimard> rbasak: Thanks.
<Pici> /3/36
<kickit2> anyone know how to get isc-dhcp-server to actually give an error message?  All it does it terminate with status 1 - no errors even when calling it with just dhcpd -t -cf /pathtocfgfile/dhcpd.conf (with the correct path or course).  If I launch it without the -t flag it runs, but I want it to error check (which is when it fails) which leavs me feeling that I have errors
<rbasak> kickit2: anything in /var/log/syslog?
<kickit2> nothing other than "terminated with status 1, respawning.." over and over until init complains its trying too fast and kills it all together
<ppetraki> kickit2, run it from strace without daemonizing, strace -f  -s 4096 <executable> &> omgsomuchdata.log
<kickit2> alright - to be honest a stack trace is beyond me.  but If im interpreting this correctly, its giving exit status 0 when done this way
<kickit2> heres the trace in a pastebin http://pastebin.com/p4NnbcVG
<OpenTokix> kickit2: you just posted your rndckey on the internet, I suggest you change it later.
<OpenTokix> kickit2: but that trace it exits with 0
<kickit2> yeah - I'll deal with fixing security crap once the service actualy works :)
<kickit2> well IDK what changed, but it isn't complaining about exit status 1 anymore.. just " init: isc-dhcp-server main process ended, respawning" about 10 times until it says its respawning too fast and kills it
<Karunamon> Hi folks - I have reason to believe that the landscape-server packages are incorrectly missing from the appropriate repo
<Karunamon> aaaaand disregard that, now they show up in the Packages page when examined via web
<Karunamon> must have caught it mid-update or something
<Karunamon> ah, no, I was looking at Trusty
<Karunamon> http://ppa.launchpad.net/landscape/14.10/ubuntu/dists/utopic/main/binary-amd64/Packages - note that landscape-server is not included
<pmatulis> Karunamon: everything ok?
<Karunamon> pmatulis: ah no, problem still exists
<pmatulis> Karunamon: what does?
<Karunamon> pmatulis: it appears impossible to install landscape-server on 14.10. the packages are not in the index for Trusty
<pmatulis> Karunamon: you want to install l/s 14.10 on trusty right?
<patdk-wk> trusty is 14.04 not 14.10
<Karunamon> misspoke - not in the index for Utopic
<pmatulis> Karunamon: yes, that's normal
<pmatulis> Karunamon: b/c l/s server is only made for LTS releases
<Karunamon> pmatulis: in which case, these instructions: https://help.landscape.canonical.com/LDS/QuickstartDeployment14.10 are no good.
<pmatulis> Karunamon: note that l/s versions can be deceiving.  what you see above is not "l/s for utopic (14.10).  it is the actual l/s version.  i.e. l/s 14.10 is the latest and is designed to be run on ubuntu 12.04 and 14.04
<Karunamon> ah! okay, that makes more sense then.
<pmatulis> Karunamon: i admit that it is unnecessarily confusing
<Karunamon> pmatulis: pfft, and the page even says that, I just kind of jumped right to the commands to input
<pmatulis> tsk tsk, bad Karunamon
<Karunamon> yeah, got ahead of myself :P. so seeing as how my server box is already 14.04, guess that means spinning up a VM or something if I want to play around with landscape
<danrik> um. what can I do if some unrelated domain sets DNS records pointing to my site?
<danrik> Can I configure something in apache so not to allow that?
<patdk-wk> sure
<patdk-wk> this is what virtual hosts are for
<Karunamon> danrik: you can't stop them from pointing at your site, but you can do things with the incoming traffic
<patdk-wk> and if you want, you can use rewrite if you want to block
<danrik> so I have virtual host configured - yes. But why is it still serving that domain?
<patdk-wk> what do you have the default virtualhost setup as?
<patdk-wk> to block everything?
<danrik> Karunamon, how would I deny all unauthorized doamins by default?
<danrik> Karunamon, ServerName mysite.com
<Karunamon> danrik: sounds like you'd want a rewrite rule of some kind, but unfortunately the knowledge of those is somewhat beyond me at the moment
<danrik> Karunamon, and handful of server aliases.
<Karunamon> if i'm thinking about this correctly, you need a list of what domains are authorised, and you'd have to construct a regex so that anyone hitting anything that's not part of one of those domains gets sent elsewhere
<patdk-wk> sounds like way too much work
<patdk-wk> you just make your virtrualhosts as you should
<patdk-wk> then in the default virtualhost, you just deny all
<Karunamon> patdk-wk: sounds better. i'm more of an nginx guy and also have a habit of doing things the hard way first :P
<Jeeves_Moss> hey guys, how do I correct this error "AH00534: apache2: Configuration error: More than one MPM loaded."??
<patdk-wk> you upgraded from pre-trusty? from apache 2.2
<Jeeves_Moss> patdk-wk, not that I know.  I rebooted the box, and now I'm getting this.
<patdk-wk> well, check your modules
<patdk-wk> you probably have multible mpm modules enabled
<Jeeves_Moss> ok, what should I be looking for, and how?
<patdk-wk> ls /etc/apache2/mods-enabled/mpm*
<patdk-wk> you should have two files, one .conf and one .load
<Jeeves_Moss> I've got  /etc/apache2/mods-enabled/mpm_prefork.conf and  /etc/apache2/mods-enabled/mpm_prefork.load
<patdk-wk> must be upgrade issue
<patdk-wk> can't remember what the solutio nthere is
<patdk-wk> and I'm walking out the door
<Jeeves_Moss> lol.  joy.  now how do I fix this......  this is our Kabana box for logs.
<teward> stupid question but is there a way to turn an Ubuntu system into a web gateway system in which all traffic goes through it and there's filtering done on the traffic to block certain kinds of traffic and/or destinations/sources
<TJ-> teward: Yes. A useful 'wrapper' around the linux kernel features is the Shorewall package
<sarnold> teward: multiple ways to do it; 'cleanest' is probably to run squid on the host, firewall off the internet from your other machines, only allow the squid machine access to the internet..
<teward> sarnold: the firewall is at the border, hence asking how to turn the server into the web gateway, the firewall rules and such is understandable, the filtering of content is the tricky part I think
<teward> (and as for those firewall rules, those are *not* hard :P)
<sarnold> teward: you can also set up a transparent proxy using squid and masquerade rules, but not all applications take kindly to having a proxy forced in place
<teward> mmm
<sarnold> teward: you can also run a machine as an ethernet bridge and do filtering there -- that way there's not even an IP address associated with the NICs you're using to do the filtering.
<teward> mmm
<teward> sounds technologically easy, but implementationally tricky
<teward> although this is why i keep an experimental segment to my network xD
<Patrickdk> implementationally tricky? not really
<Patrickdk> just normal proxy-arp
<Patrickdk> used heavily in the 80's and 90's, but not so much anymore, with our addiction to vlans and our heavily powered switches
<teward> Patrickdk: implementationally tricky in the short term on my network, i meant - i would still need to update the equipment on the one box to add in another NIC (this is why i hate not having money sometimes)
<mnaser> Is there a way to detect why processors are being underclocked?
<mnaser> Using 14.04.2 LTS.. seeing E5-2650v3 (2.3Ghz processor) running at 1.2Ghz
<mnaser> according to /proc/cpuinfo
<Patrickdk> why should it run faster?
<mnaser> Because this is a server and I'd like it to run at full power all the time
<Patrickdk> then log into your bios and configure it that way
<mnaser> In my BIOS, it's set to "Performance"
<mnaser> so all c-states etc are disabled
<mnaser> It's a poweredge r630
<Patrickdk> what does powertop say?
<Patrickdk> run powertop hit tab twice
<mnaser> not sure I understand what this all means but
<sarnold> mnaser: how about cat /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor ? are you running thermald?
<mnaser> http://pastebin.com/KeDGiZrR
<mnaser> this is a minimal install
<mnaser> powersave for all sarnold
<Patrickdk> doesn't like the bios isn't enforcing max performance
<mnaser> hmm
<Patrickdk> or it is set to allow os override
<sarnold> mnaser: you may want to change those to ondemand or performance, but it really looks like you may not need them spinning at 2.8 much
<mnaser> this server is going to get really busy
<Patrickdk> busy doesn't matter
<mnaser> and im doing some basic testing and i think the low performance im seeing is impacted by this.
<Patrickdk> but if fractions of nanosecons latency matters if it was *slightly* idle
<mnaser> i think im not making it "busy enough" to upclock
<mnaser> i mean ill adjust it to performance
<Patrickdk> I'm sure it is
<mnaser> and see what comes out
<Patrickdk> but if you set it to max performance, all cores at 2.3
<Patrickdk> that means you just disabled your turbo 3ghz speed
<mnaser> ok so
<mnaser> it didnt affect the results
<mnaser> which means that you're right, it isnt the reason
<mnaser> but at least that confirms it
<mnaser> thanks Patrickdk / sarnold
<sarnold> mnaser: there's a few days good reading material here: http://www.brendangregg.com/linuxperf.html you might find something useful / new to look at
<mnaser> brendan gregg always has great content :)
<sarnold> yes :)
 * mnaser used to read since Joyent times / USE method
<mnaser> >known for screaming at disks
<mnaser> :P
<sarnold> AAARRAGH
<sarnold> hehehe
<Patrickdk> he's fun in person :)
<sarnold> one short silly video..
<mnaser> i've never met him but i've probably spoke with him a few times on irc back when we ran a lot of joyent smartos stuff
#ubuntu-server 2015-03-27
<k2gremlin> Hello all
<k2gremlin> I travel alot... I have a Ubuntu Server at home and I was wondering the best way to implement a VPN solution that will put my laptop on my home network..
<k2gremlin> I basically want it to pull an IP address from my home network so that I can effectivly connect to my entire network
<sarnold> k2gremlin: investingate openvpn and strongswan; openvpn is probably the esier of the two to configure and probably more likely to traverse horrible hotel wifi
<k2gremlin> sarnold, thanks, ill lok into it
<k2gremlin> look*
<k2gremlin> sarnold, you there?
<sarnold> k2gremlin: not for muych longer..
<k2gremlin> sarnold, Trying to generate keys, and the guides are telling me they make the keys/ directory but it's not making them. It's not prompting me for the questions either
<k2gremlin> sarnold, http://pastebin.com/BN35sHJb
<sarnold> k2gremlin: hunh, I wonder if there was some other assumptionm that made with the system state before getting started..
<k2gremlin> https://help.ubuntu.com/lts/serverguide/openvpn.html using this guide..
<sarnold>  k2gremlin another possibilitym, you might be bloxked on low-entropy /dev/random, if it's a remote server withuot keyboard or mouse..
<k2gremlin> trying to put this on my Squid proxy server. I seen another guide that changes the interface.. but their setup was a direct proxy. Mine is transparent with a dynamic WAN connection lol
<k2gremlin> I'm puttyed into it
<sarnold> k2gremlin: the 'source vars' step may not have been completed correctly?> it looked like it was complaining about not having the variables set...
<k2gremlin> I tried both 'source vars' and 'source ./vars'
<sarnold> check env output, see if they look right
<k2gremlin> env?
<sarnold> it prints the contents of your environment variables
<k2gremlin> http://pastebin.com/hTpSfhzK   here is the whole setup starting at sourcing the vars
<k2gremlin> http://pastebin.com/hTpSfhzK
<sarnold> aha!
<sarnold> thanks for psting the whole thing :)
<k2gremlin> whoa..
<sarnold> start with sudo -s
<k2gremlin> thats got a lot of info
<sarnold> then run the commands as shown withuot the sudo in front of each one
<k2gremlin> ok ill run it in s mode lol
<k2gremlin> ok
<k2gremlin> thats working... wtf? lol
<k2gremlin> No where in the guide does it say sudo -s to start
<sarnold> hehe
<sarnold> the trick is that you need to add those variables to the shell's environmment, thus the source
<sarnold> .. and sudo starts a new shell for each command you're ruyning
<k2gremlin> gotcha!
<sarnold> so it affects nothing
<k2gremlin> its generating.....
<k2gremlin> "This is going to take a long time
<k2gremlin> "
<sarnold> once you know, you nkow and never think of it again
<k2gremlin> lmfao
<k2gremlin> right
<k2gremlin> So if the rest of this goes smooth... will this work witout changing my interface configurations?
<sarnold> I think it should
<k2gremlin> The reason I am hesitant to do so is because I am remoted in.... changing them could perma disconnect me lmfao
<sarnold> I only use openvpn as a simple cliednt and my admins did all the work for me :)
<sarnold> heh
<sarnold> yeah
<k2gremlin> and if that happens, wife and kids will be ape shit cause the internet will go out lol
<sarnold> be careful :)
<sarnold> VERY CAREFUL
<k2gremlin> LOL!
<k2gremlin> Im carefully considering each command before I do it
<sarnold> time for me to run, have fun :)
<k2gremlin> Thanks again
<sarnold> good plan any time you have a root hsell..
<k2gremlin> Although!!
<k2gremlin> I am remoted in on the WAN side :P
<k2gremlin> so as long as that connection stays up im good
<sarnold> :)
<k2gremlin> later
<k2gremlin> thanks
<k2gremlin> *plays a game of League while this key generates!*
<bojan> Can anybody guide me on NFS with NIS authentication
<bojan> I have configured NFS on ubuntu 12.04 and checked the mounting on the same computer its working fine..But i am trying to mount in my network computer it is saying error as :mount.nfs:serevr access denied while mounting"
<bojan> But i can see the mount from my network computer
<strikov> rbasak: taking into account that tomcat bug has been fixed -- i want more bugs from you to work on; the link you sent last time doesn't work because it shows me nothing in the search results
<rbasak> strikov: let me find you one :)
<rbasak> Oooh, I know
<rbasak> strikov: I was about to do https://bugs.launchpad.net/bugs/1435823 but you can take it if you like.
<rbasak> Just need to reproduce and fix it in the right place. Not sure if that's the systemd unit definition, or in mysqld_safe, or somewhere else like one of the commenters has done.
<rbasak> strikov: the fix needs to go to Debian too - I have commit access to Debian mysql VCS, so I can push it there and then upload the fix to Ubuntu.
<rbasak> strikov: carry on at this rate and you'll get upload rights pretty soon :)
<strikov> rbasak: okay, thanks; i'll look into this bug just after we upload juju-1.22 (hope to do this just after our licensing call)
<rbasak> OK
<strikov> rbasak: what happened with this apparmor/lxc bug btw? I saw that it grew and now covers some other projects (including squid3)
<rbasak> strikov: I need to sync with hallyn. The issue is that the apparmor-profile-load script was previously provided by upstart, which is no longer installed.
<rbasak> Given that lxc and other packages still need the script despite upstart not being installed, clearly upstart is the wrong package for the wrapper to be in.
<rbasak> So we need to move it somewhere (probably init-system-helpers, with the actual implementation in apparmor).
<rbasak> But we need to avoid breaking any package that used the wrapper without depending on where we move it.
<rbasak> But we need to (avoid breaking any package) that (used the wrapper without depending on where we move it).
<strikov> rbasak: understood, thanks; let me know if i can help with this somehow
<strikov> rbasak: regarding mysql; i propose slightly different (probably) simpler fix than the one in the bug (/etc/tmpfiles.d/); How about that: http://pastebin.ubuntu.com/10688810/
<strikov> rbasak: just two lines to service config and we're done
<rbasak> strikov: perfect!
<rbasak> strikov: could you verify that this fixes the issue please, and then I'll upload?
<strikov> rbasak: the only thing I'm not sure is permissions; bug proposes mysql/mysql ownership while upstart conf uses mysql/root; do you have any clue why it matters?
<strikov> rbasak: systemd with my config creates mysql/mysql by default
<rbasak> strikov: I can ask upstream. I'll ask in OFTC in #debian-mysql if you want to follow.
<strikov> rbasak: thanks
<strikov> rbasak: verified that fix work on a clean instance
<strikov> rbasak: if mysql/root ownership is needed then we need to fallback to tmpfiles.d though because RuntimeDirectory can't handle ownership other than default one for service (mysql/mysql)
<rbasak> OK. thanks. We'll see what they say.
<rbasak> I suspect that the previous mysql/root was a mistake that never mattered, and that mysql/mysql is fine, but might as well check.
<strikov> rbasak: ack, want me to come up with debdiff or just this pseudo-diff is enough?
<rbasak> strikov: pseudo-diff is enough - thanks!
<mnaser> I'm trying to setup linux-crashdump .. I have followed all the instructions here: https://help.ubuntu.com/lts/serverguide/kernel-crash-dump.html
<mnaser> I can verify that that it's running from dmesg | grep -i crash ... [    0.000000] Reserving 128MB of memory at 720MB for crashkernel (System RAM: 262045MB)
<mnaser> However when trying to force a crash .. echo c > /proc/sysrq-trigger .. nothing happens, I just see it sit on the crash screen
<rbasak> strikov: just one thought. Was something else creating the directory in a now non-persistent way, causing it to work until next reboot, that is now superfluous and should now be removed?
<pmatulis> mnaser: output to 'cat /proc/sys/kernel/sysrq' ?
<mnaser> 176
<mnaser> (the server did crash as I saw from the console screen)
<mnaser> https://wiki.ubuntu.com/Kernel/CrashdumpRecipe#Allocated_memory_for_the_crash_kernel .. I'm checking if that may be it..
<pmatulis> mnaser: you are directly on the console?
<mnaser> pmatulis: this is a dell server so I was running this on SSH while looking at screen remotely via idrac
<mnaser> idrac = dell's ipmi equiv
<pmatulis> mnaser: there you go
<pmatulis> "If you are using a network connection, you will lose contact with the system."
<mnaser> yes, im aware of that :) because it crashes the server
<pmatulis> looks like it's working then
<mnaser> however, it is supposed to dump the crash to /var/crash and reboot
<mnaser> none of that happened
<pmatulis> oh
<mnaser> (the whole point of having linux-crashdump heh)
<pmatulis> mnaser: yes, then check your settings (value of 'crashkernel')
<pmatulis> mnaser: how much RAM do you have?
<mnaser> 256gb on this server, and using crashkernel=384M-:128M
<pmatulis> mnaser: dell model?
<mnaser> R630
<pmatulis> mnaser: possible to have someone try directly on the console?
<mnaser> looks like some people had to go up the crashkernel value to 256Mb for it to work
<mnaser> let me give that a shot
<mnaser> and it looks like kexec reboots arent working too which I suspect might have to do with this
<Arrick> Hey all, I have a 12.04.3  server running a moodle/totara site... I am wondering if I install the latest server version on a new machine, will there be any snags I run into if I export the DB's and copy over files?
<pmatulis> mnaser: try from the actual console
<pmatulis> mnaser: so it worked when you raised the value to 256MB?
<strikov> rbasak: bah, me this bug while reproducing: https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bug/1436178
<strikov> rbasak: fixing it as well
<rbasak> strikov: thanks!
<lordievader> Good afternoon.
<qhartman> I have a cluster of servers running 12.04 and 14.04 on AWS that every once in awhile will produce log entries with completely bogus dates in them
<qhartman> So far I've only seen it in entries that end up in auth.log from sshd and cron
<qhartman> the dates are always some period of time in the future, ranging from a few weeks to several months
<qhartman> oh oops, not true, I just double-checked, and there are ones that show up in the past as well
<qhartman> here's a snippet: https://gist.github.com/qhartman/62d2a49cd3c5a4fbd589
 * maxb saw a kernel bug that involved time-jumps of around 2**32 / 10**9 seconds (~ 4 seconds) into the future once, but never anything that wild
<qhartman> I've done a bunch of research on this sort of thing, and I've only found one other report and it was dismissed as an sshd bug
<qhartman> yeah, I've never seen anything like it before
<qhartman> and my log aggregator shows that it's affecting most (if not all) the servers in this cluster
<qhartman> I discovered the problem yesterday and I had to clean up about 100k entries before things started looking right
<rbasak> qhartman: those dates look like past dates to me
<rbasak> Why do you say they're from the future?
<qhartman> that snippet was taken on the 23rd
<rbasak> All the Mar 23 ones are consecutive.
<qhartman> so  there's Dec 8
<rbasak> Feb 16 and Mar 3 etc are all in the past relative to that.
<rbasak> Dec 8 is also before Mar 23.
<qhartman> and in the ones I cleaned out most of them were dec, nov, spe, etc
<qhartman> well, I suppose, it's not clear from that entry which year it
<qhartman> well, I suppose, it's not clear from that entry which year it is
<qhartman> but you could be right
<rbasak> Is it possible that your log aggregator is somehow lagging in logging those particular messages?
<qhartman> nope, that snippet is from the auth.log file on the host
<qhartman> we jsut disovered the problem via the aggregator
<rbasak> Maybe put something on each host that logs the time sequentially, and alerts you when it jumps too far forwards or backwards?
<rbasak> You could use CLOCK_MONOTONIC to avoid glitching on system time changes.
<rbasak> Could it be some NTP related problem?
<qhartman> I'm not convinced it's an actual time problem
<qhartman> So far, the spurious messages have only shown up in auth.log
<qhartman> all the other files are normal
<qhartman> and all the messages from our java applications we're running are normal as well
<rbasak> I believe the timestamp is written by the logging daemon, not the thing doing the logging. But I could be wrong - I don't know the syslog protocol.
<qhartman> though I suppose the jvm may do some kind of internal time keeping
<rbasak> It would make sense for the timestamp to be determined by the client end actually. Closer to the real time the log message was generated.
<qhartman> yeah
<qhartman> that is my undertanding that the timestamp is sent to syslog as part of the message
<qhartman> and my understanding is that it's actually sent in epoch time, then converted appropriately by syslog, but I'm less certain about that.
<rbasak> Also each of your cron syslog entries has a correct timestamp
<rbasak> And most of your sshd entries do not
<qhartman> the cron errors are less common
<rbasak> So I agree with you now - it looks likely to be the sshd.
<qhartman> I must have missed them in that snippet
<rbasak> Oh, you do have cron errors too?
<qhartman> yeah
<qhartman> but they are far less common
<qhartman> ,but the messages from cron are also less common
<rbasak> I still think something is flapping your system time.
<qhartman> our monitoring system creates a lot of log noise from sshd
<rbasak> Maybe something being driven from that cron?
<qhartman> That definitely makes the most sense at a global level, but there are no anomalies that I've found in other logs
<qhartman> and the time is ntp managed
<qhartman> if it got messed up that badly ntp would give up
<qhartman> Looking through more of these entries, it would be more consistent to consider the bad entries to all be in the past, and just lacking year specificity, though that would indicate that the stamps are likely not sent in epoch time.
<qhartman> looks like the syslog format expect time according to this RFC: https://tools.ietf.org/html/rfc3339
<qhartman> so not epoch, but it does include the year, so unless rsyslog is swallowing that information then these are future dates... :\
<rbasak> Based on your sample I still think they're past dates.
<rbasak> They fit better. Clustered closer to the current date.
 * qhartman nods
<rbasak> Maybe edit rsyslog configuration to make sure?
<qhartman> yeah, that's what I'm digging into now
<rbasak> And put some logging of system time in.
<qhartman> trying t osee how the default rsyslog message templates munge the date
<rbasak> Sleep on a 60 second look (using CLOCK_MONOTONIC, without referring to system date) and log the date.
<rbasak> loop
<rbasak> Maybe also use logger to log the date through syslog as well as directly to a file.
<qhartman> yeah, makes sense
<jeeves_moss> I'm having an issue with mod_proxy.  I can curl the URL from the CLI on the system, but I can't access it via the outside world.   here is my config.  http://pastebin.com/wbZYwDzR
<patdk-wk> it's missing the url you used
<patdk-wk> that is one very strange proxy config
<Spyidonas> Hello guys i have a small issue with apache and php, i have 2 folders under /var/www , one is a normal website that works as expected (joomla website), the other is a folder i created and while it has user and group as www-data (same as the joomla site) php isn't able to write to this folder (file_put_contents error). Is there any php.ini tha enables this function or a special apache
<Spyidonas> config? I have tried 755,777 and 0777 as permissions without success...
<Spyidonas> I am trying to install Rainloop, thats the permissions i need http://www.rainloop.net/docs/permissions/ , still it doesn't work.
<elnur> Is this the place to get help on creating a network bridge in Ubuntu Server?
<sarnold> Spyidonas: mode 777 is almost always the wrong thing to do..
<sarnold> elnur: sure
<lordievader> elnur: Sure, what do you want to know?
<elnur> I have a server with an IPv6 /64 subnet. I want to create several LXC containers and assign an IPv6 IP adress to each so that I can access them from outside.
<Spyidonas> sarnold: Yes , this issue is about permissions, normal permissions dont work so i check if full permissions work, but they don't...
<sarnold> Spyidonas: check aa-status output to see if your apache is confined by apparmor..
<Spyidonas> sarnold: There's no app armor installed
<sarnold> Spyidonas: check the logs for apache/php, there may be more detailed errors logged somewhere else..
<Spyidonas> sarnold: the error log is empty, the access log says i accesed the website from my browser
<Spyidonas> sarnold: i have ErrorLog ${APACHE_LOG_DIR}/web_error.log
<Spyidonas> sarnold: is there any other log i can see?
<sarnold> Spyidonas: maybe a vhost-specific log if you're using vhosts?
<Spyidonas> sarnold: there are no other logs
<Spyidonas> sarnold: the error is [202] Data folder permissions error [file_put_contents]
<Spyidonas> sarnold: i have tried permissions all the way to 0777
<lordievader> elnur: Yes..?
<sarnold> elnur: there's probably already a bridge created by lxc for the containers.. there's some information on more complex configurations her https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html
<Spyidonas> sarnold: this ( https://github.com/RainLoop/rainloop-webmail/issues/262 ) suggests i create a test file but the output is 5) file_put_contents=0
<sarnold> Spyidonas: how about the is_dir, is_readable, is_writable, and mkdir tests?
<Spyidonas> sarnold: all of them output 1 (except unlink)
<Spyidonas> sarnold: 1) is_dir=1
<Spyidonas> 2) is_readable=1
<Spyidonas> 3) is_writable=1
<Spyidonas> 4) mkdir=1
<Spyidonas> 5) file_put_contents=0
<Spyidonas> 6) unlink=0
<Spyidonas> 7) rmdir=1
<sarnold> Spyidonas: weird. I wonder if it is suhosin or whatever that slightly-safer-php thing is called..
<Spyidonas> sarnold: well the weird part is that my other folder that hosts a normal website works without issues with joomla
<Spyidonas> sarnold: maybe joomla doesn't use file_put_contents anywhere...
<elnur> sarnold, there is a bridge, yes, but it doesn't get a public IPv6 address.
<lordievader> elnur: Did you give it a slave who can get an public ip?
<elnur> lordievader, what does that even mean? :)
<elnur> I'm not a network guy, so I don't understand a lot of stuff.
<elnur> But I wish to learn. :)
<lordievader> elnur: Well a bridge device can be seen as a virtual switch. It will not magically get an ip address but it can take the ip of a physical ethernet device if that gets added to the bridge.
<lordievader> elnur: https://help.ubuntu.com/community/NetworkConnectionBridge
<elnur> lordievader, okay. The question is how to do that.
<lordievader> elnur: brctl addif <bridge> <eth-nic>
<elnur> lordievader, the problem with that link is that I don't see any IPv6 examples.
<elnur> I have a single IPv4 address and a /64 IPv6 subnet. So I'd want to use IPv6 for this.
<lordievader> I should still mess with IPv6, don't really have any IPv6 knowledge. But I suppose you can route it through the bridge interface.
<elnur> Okay. :(
<sarnold> elnur: how about the lxc config manpage I pasted along? I haven' tried it myself but it does look like you oughtot be able to configure what you want entirely from container configs
<elnur> sarnold, too many low level stuff there I don't understand.
<sarnold> elnur: scroll down to the examples, I think that'll be easier
<elnur> sarnold, those examples are LXC specific. I have yet to figure out how to create a bridge.
<sarnold> elnur: that bit is almost too easy: brctl addbr <name>
<elnur> sarnold, will that persist after a reboot?
<sarnold> elnur: I was a bit underwhelmed when I found that :) hehe
<sarnold> elnur: no; that's why it'snice to tie it into something else, like lxc if you want to use containers...
<elnur> sarnold, I mean, the bridge is supposed to be persistent. So that when I reboot the server, it all still works.
<k2gremlin> sarnold, You around?
<sarnold> hey k2gremlin
<k2gremlin> sarnold, Sorry got to go out for a bit. I have some questions for you later if your still around.
<sarnold> k2gremlin: there's usually someone around even if I'm not, hehe
#ubuntu-server 2015-03-28
<elnur> So, is eth0 just a logical name? Or is it hardwired?
<sarnold> purely logical
<elnur> I mean, why replace eth0 with a bridge to eth0 if eth0 goes away? Isn't it the same thing then?
<elnur> Or should a bridge be a bridge between several interfaces to make any sense?
<sarnold> probably that -- or maybe with another bridge? -- but perhaps there's use for bringing a vm or container online with a nic but unable to talk qith anything else..
<elnur> I still have the same use case: connecting LXC containers to the outside world.
<elnur> Now I'm just trying to understand why I need a bridge in the first place.
<elnur> Here's the post I tried to follow: http://blog.toxa.de/archives/606
<elnur> But I still couldn't solve the problem.
<elnur> So, what's the point of the bridge he created in that post if it bridges eth0 and nothing else?
<sarnold> elnur: it appears to me that it bridges eth0 in the host with the eth0s in the guests
<elnur> sarnold, oh. Now that makes more sense.
<elnur> Okay. So I left eth0 and added br0 that bridged eth0. Now eth0 lost its IP addresses and br0 got them. What's the reason for this?
<elnur> Okay, I managed to bridge both IPv4 and IPv6.
<elnur> O
<elnur> O
<elnur> I'm making some progress. :)
<elnur> Why would I need to use radvd?
<sarnold> elnur: nice
<elnur> Is enabling forwarding necessary for this to work?
<sarnold> elnur: I suspect it is but haven't tested myself
<elnur> If I enable forwarding, will my host still be accessible by that IP?
<sarnold> it should be, I've turned on enable forwarding on firewalls and been able to log in to the firewall via its IPs
<elnur> Oh yea!
<elnur> Finally made it work! \o/
<elnur> I'm so damn happy now.
<elnur> sarnold, thanks, man. You've been really helpful.
<sarnold> elnur: sweet! I'm glad it's working, but you did most of the leg work. I jjust aimed a few docs your way :)
<elnur> Just noticed I got one little problem though. :)
<elnur> The container itself can't access the Internet.
<sarnold> d'oh :)
<elnur> But at least I can access it from the Internet.
<elnur> That's the main problem I was trying to solve. :)
 * Patrickdk gives everyone frozen yogert
<sarnold> Patrickdk: yay!
<Nyanpo> what the fuck is index.php and do I need it?
<Nyanpo> I was told to delete it
<Nyanpo> it's in var/www
<Nyanpo> deleted it
<Nyanpo> whatever
<elnur> sarnold, solved that problem too. :)
<elnur> Nyanpo, :D
<Nyanpo> ayy
<Nyanpo> I'm going to bed now anyways.
<sarnold> elnur: oh cool, what was the problem with outgoing?
<k2gremlin> sarnold, Im back. Had a great dinner at a Tilted Kilt ;)
<sarnold> that's a good looking burger
<k2gremlin> Sure was tasty :P
<k2gremlin> So I got my VPN to the point were the tun0 interface is listed on ifconfig -a, I setup the configuration on my client laptop and it appears to be correct. But when it goes to connect it just times out
<k2gremlin> Fri Mar 27 21:59:08 2015 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
<k2gremlin> Fri Mar 27 21:59:08 2015 TLS Error: TLS handshake failed
<k2gremlin> iptables -L should list any and all iptables that are configured correct?
<k2gremlin> sarnold, ?
<sarnold> k2gremlin: might be time to use tcpdump or wireshark to see if you can see a key negotiation
<k2gremlin> sarnold, The key piece of information is that this is my squid3 transparent server as well. WOuld any iptables crap have to be set to allow 1194 in?
<k2gremlin> I tried using iptables -L to list what I am currently using for squid... but it will not display.
<k2gremlin> not sure why
<sarnold> k2gremlin: you'll probably have to let something through..
<sarnold> k2gremlin: did you select the correct tables with -L?
<k2gremlin> "iptables -L" should list everything currently in iptables right? or am I missing something lol
<k2gremlin> trying to list all
<sarnold> sudo iptables -L -t nat  lists different things than iptables -L
<k2gremlin> sarnold, there is no way to just list all tables? I only have a few rules applied atm so it's not very long
<sarnold> k2gremlin: iirc only filter and nat are used on most systems
<k2gremlin> sarnold, I have 3 in mangle for proxy ;)
<k2gremlin> sarnold, something isnt sitting good with me.. I start te openvpn service, run "netstat | grep openvpn" and nothing...
<k2gremlin> anyone else have experiance with OpenVPN?
<sarnold> k2gremlin: here's what I see on my client: http://paste.ubuntu.com/10693184/
<k2gremlin> sec... found the issue... I think.... :P
<k2gremlin> Mar 27 23:24:24 SquidTrans ovpn-server[18022]: Options error: --dh fails with 'dh1024.pem': No such file or directory
<k2gremlin> Mar 27 23:24:24 SquidTrans ovpn-server[18022]: Options error: Please correct these errors.
<k2gremlin> Mar 27 23:24:24 SquidTrans ovpn-server[18022]: Use --help for more information.
<k2gremlin> digging now lol
<k2gremlin> Ohhhhhh so close now :) gotta mess with the home side of the network. Get the config right
<k2gremlin> arrgggggg so freaking close
<k2gremlin> says endpoints must exist within the same 255.255.255.252 subnet.
<k2gremlin> server-bridge 192.168.2.1 255.255.255.0 192.168.2.100 192.168.2.101
<k2gremlin>     -   this is the line in the server.conf file. 192.168.2.1. is br0 and currently the gateway for my entire home network.
<k2gremlin> sarnold, im baffled. How can I make the endpoints within the same .252 network when I have an entire class C on the back end
<sarnold> k2gremlin: I don't know anything about that spefici restrction.. I suspect you could have your "roaming" profile hand out dhcp in a tiny range though..
<k2gremlin> ---------------------------
<k2gremlin> OpenVPN GUI
<k2gremlin> ---------------------------
<k2gremlin> Connecting to config has failed.
<k2gremlin> ---------------------------
<k2gremlin> OK
<k2gremlin> ---------------------------
<k2gremlin> errrrr that didnt paste right lol
<k2gremlin> ill figure it out
<sarnold> k2gremlin: good luck :) I'm off
<k2gremlin> sarnold, later
<k2gremlin> Looking for some guidence http://pastebin.com/ALeniTeX  Windows Maching connection to OpenVPN server
<k2gremlin> Anyone?
<bojan> Can anybody solve this problem "I have configured NFS on ubuntu and i can mount the shared partition on the same computer but cant mount in the computer connected in the network...Saying error as :mount.nfs:server access denied while mounting"..But i can see the shared directory in the network computer by the command "sghowmount -e 192.168.2.1"
<aandy> hi guys. i have a ext4 fs, and a perculiar situation. what are my options if i want to have a copy (mirror) of a file with different permissions. e.g. a root:root rwx------ which should be readable to one other person (not withstanding adding the user to group root)? soft and hard symlinks seems to be a no-go as they point to the same inode, and chmod doesn't attempt to change permissions of symlinks
<aandy> (or am i wrong?). so far, i've only come up with rsync+inotify as a (bloated) solution. i would prefer if i could just do: chown root:root file && chmod 700 file && setfacl -m u:other_user:rwx file, but file is tested by an application and throws errors if the permissions aren't exactly 0700 (which they aren't when acl is set). any ideas? :)
<lordievader> Good morning.
<aandy> the file rarely changes, so it's not a huge problem, but the solution isn't pretty
<Blueking> could someone had a look at this  http://paste.ubuntu.com/10691975/    net drop out without any notice,  'service networking restart' brings it back online   question are 1: are ISP's access gateway having issues?  2: pc hardware 3: pc software error ?   pc beeing used as router with ubuntu server + shorewall, supermicro mobo with xeon cpu dual nic onboard intel I210
<Blueking> hadn't touched setup for more than a year before it started dropping net a week ago
<xtify> hey guys
<xtify> the ubuntu server community is this dedicated support for ubuntu-server..what exactly do the group provide as far as contributing
<xtify> is this smiliar to fedora's infrastructure community
<elnur> sarnold, I did this: http://blog.toxa.de/archives/613
<pmatulis> xtify: normal people who help if they can.  ask a question and see
<xtify> ok what is the best way I can contribut to ubuntu-server
<pmatulis> xtify: documentation perhaps?
<pmatulis> https://wiki.ubuntu.com/DocumentationTeam/SystemDocumentation/UbuntuServerGuide
#ubuntu-server 2015-03-29
<CipherWeston> Hey, I'm having trouble with my website connecting to a remote Ubuntu MySQL Server. It's completely blocking it (error: 111) and I've already set bind-address in my.cnf to 0.0.0.0 (skip-networking was never in the file). Anyone know some other solution?
<Sling> CipherWeston: can you verify its listening on all interfaces on the mysql host? lsof -i:3306
<Sling> also, is there any firewall involved on either side? check iptables, etc
<CipherWeston> mysqld  916 mysql   10u  IPv4   8262      0t0  TCP *:mysql (LISTEN)
<Sling> looks good
<CipherWeston> I might need help with the iptables command..
<Sling> I prefer this one: iptables -n -v --line-numbers -L
<CipherWeston> (am not a pro at this) here's what was given to me: http://i.imgur.com/x3R9bnZ.png
<Sling> okay so essentially everything is open on that server
<Sling> only ssh is passed trough a anti-brute-force mechanism
<Sling> and the other host?
<CipherWeston> That's a great question. Let's see if I can get in there (it's through domain.com)
<CipherWeston> Well, after a long talk with a support guy, turns out my website's hosting does not allow remote SQL connections. Damn my luck. Thanks for the help though!
<lordievader> Good morning.
<Grey_Loki> Hi. The version of weechat in the repo is quite outdated (0.4.2, latest stable is 1.1.1). I'm wondering - are there likely to be any problems if I install the latest version of weechat from source, with a version from an aptitude installation already on the system?
<bekks> You will have problem doing it that way.
<bekks> A more safe way would be using a PPA or create a .deb for the version you want to install.
<Grey_Loki> bekks: using checkinstall, or similar?
<bekks> Yes. Or just use a PPA.
<Grey_Loki> Huh, neat. I didn't know those existed :D
<hehe> hi folks
<hehe> for some reason creation of new network adapter fails
<hehe> bizzare
<hehe> what can i do to fix it?"
<hehe> I am following this manual https://www.softether.org/4-docs/1-manual/6._Command_Line_Management_Utility_Manual/6.5_VPN_Client_Management_Command_Reference
<hehe> :D
#ubuntu-server 2016-03-28
<FuriousGeorge> what is it on ubuntu that is seeing the br0 interface i set up and remembering it?
<FuriousGeorge> by set up i mean from cli
<mybalzitch> /etc/network/interfaces
<ChibaPet> My system froze just a while ago and the only thing in the logs was a dbus error. I'm not actually running any graphical software that uses it, so I'm guessing systemd ate itself. Kwality.
<ChibaPet> I feel like this will show up a bunch more once we're all using this in enterprise environments.
<sypher> ChibaPet: Like RHEL 7 has been using systemd since release?
<ChibaPet> sypher: Yes, but it's not actually used in production most places that I can see. EL6 is still the predominant OS.
<ChibaPet> And it seems that Ubuntu Trusty is more common than EL6.
<ChibaPet> So, not a lot of real-world use yet.
<sypher> ChibaPet: I'm a Linux engineer at $dayjob. I highly beg to differ on both of those statements.
<ChibaPet> =shrug=
<sypher> I see EL6 and EL7 an order of magnitude more often in every client I support. Only two of them use Ubuntu, and its rare.
<sypher> And I'd say about a third of them are EL7.
<ChibaPet> EL shows up more in big, traditional deployments, but Ubuntu seems to own the cloud.
<sypher> Again, my observations don't line up with yours.
<ChibaPet> Evidently. :P
<sypher> But different industries use different techonologies.
 * sypher just woke up, sorry for typos.
<ChibaPet> I hadn't noticed a typo, so you're all clear from this end.
<sypher> Anyway... systemd, for all that people demonize it, has caused zero problems in any of my clients' deployments. Which, of course, is anecdotal, but that's a lot of anecdotal information.
 * sypher shrugs.
<ChibaPet> It was recently pretty exciting for EL people using Docker. :P
<ChibaPet> Sigh. I guess I should just understand that software crashes sometimes, and that when the logs indicate that it's systemd going bad, I need to take that in the larger context where this is a rare thing. :P
<sypher> ChibaPet: Which release are you running?
<ChibaPet> This box, Xenial. (Yes, I'd meant my original utterance for a different channel.)
<sypher> Ahh. Probably still growing pains, then.
<ChibaPet> I hope not, this close to release. :P The thing that sucks is that I have no spoor to use for a bug report.
<elh9> if i move my primary graphics card (hd5450) from a x16 slot to a x1 slot, so that i can move my VM dedicated r9 280x to the x16 slot, can i force ubuntu to use the hd5450 instead of defaulting to the primary pcie slot?
<elh9> or is this something that would need to be modded in the bios?
<elh9> if i move my primary graphics card (hd5450) from a x16 slot to a x1 slot, so that i can move my VM dedicated r9 280x to the x16 slot, can i force ubuntu to use the hd5450 instead of defaulting to the primary pcie slot?
<elh9> or is this something that would need to be modded in the bios?
<eahmedshendy> Have you ever get error this while using ssh to connect to your server? debug1: Exit status 254
<eahmedshendy> Note that we didn't do anythiing related to PAM. and this machine is an Ubuntu instance on Amazon
<lordievader> Good morning.
<ChibaPet> lordievader: Good morning.
<lordievader> Hey ChibaPet
<lordievader> How are you?
<ChibaPet> Not bad. I'm up a bit earlier than is normal for me with some scheduled work.
<ChibaPet> And you?
<lordievader> I was up very late this morning...
<lordievader> But furthermore can't complain.
<ChibaPet> Up late is a source of wonder and joy for me. Up early is the questionable one. :)
<LaT0rtue_> TELNET:            telnetchat.ddns.net - port 23
<atralheaven> hi
<teward> This may sound like an odd question, but is there a way to set up a postfix server that my internal network can reach to and then send messages out via a GMail SMTP connection (so everything comes from noreply@domain.tld)?  Being on a home net, my monitoring stuff doesn't email me because residential IP blacklisting happens everywhere
<patdk-wk> that is a horrible idea
<patdk-wk> I don't believe gmail allows you to just relay anything
<patdk-wk> you should never use noreply@
<patdk-wk> but otherwise, yes
<atralheaven> sorry I was disconnected
<atralheaven> i
<atralheaven> I don't know if anyone has answered me
<teward> patdk-wk: well, there's a google apps account which matches noreply@domain.tld, so it'd auth up to that account to send.  that's the question
<patdk-wk> sure
<jrwren> teward: yes, there are ways to do that. You can also use mail services like AWS Simple Mail Service.  You also may be able to use your ISP to relay said messages.
#ubuntu-server 2016-03-29
<hexahive> Hello ppl :) I need an advice, especially if there's someone having experience with fwknop-server... I'm getting an error "[*] Access file: 'access.conf' was not found."  ... I've checked that the file exists in /etc/fwknop, also tried to chmod it to 777 and chgroup it to my username instead of root, but nothing of those usual things help... Any ideas ?
<andol> hexahive: I have no experience with fwknop-server, but as a general approach I would try running it using strace, and see which access.conf paths are tried.
<sarnold> I hadn't noticed that he rejoined here before replying in another channel... if my hunch is correct he ought to be on his way soon :)
<sarnold> (my suggestion: give the full pathname in the configuration file, based on the logging messages given here http://sources.debian.net/src/fwknop/2.6.0-2.2/server/access.c/#L1018 )
<hexahive> sorry for generating confusion ;)
<hexahive> sarnold: you were absolutely right, when i run it with "sudo fwknopd" while in /etc/fwknopd, it works
<sarnold> \o/
<sarnold> bonus points to the author for giving decent error messages :) that's not always the case
<sarnold> (I went looking in fact expecting it to be terrible.)
<hexahive> yep, i've noticed he made the code give different messages whether the file exists or the permissions aren't right, which is cool :)
<DanDreamPipe> So I'm trying to redirect defunctsite.com/path/file.html or defunctsite.com/path to newsite.com/path/subpath/file.html while using DNS
<DanDreamPipe> But DNS does not support file paths
<DanDreamPipe> What do, what are my options here
<DanDreamPipe> I've been trying to figure this out for many hours
<ChibaPet> DanDreamPipe: You can't do it with DNS. You need your load balancer or web server or other intermediary to do that translation.
<DanDreamPipe> I'm willing to set such servers up, but by setting said devices DNS settings to my server will the queries to defunctsite.com/path/etc still resolve to newsite/etc/?
<DanDreamPipe> And queries to undefined.com go to google DNS
<ChibaPet> With no offense intended, I think the sort of advice you need would best be supplied by a local expert - local professional services or something. You're confusing a couple concepts that could end up making your life difficult if you don't get them right.
<jvwjgames> Hello
<jvwjgames> I am wondering if there is a way that if a demon
<jvwjgames> *could if it receives certain data that all programs could stop except for Apache and another program
<jvwjgames> Is that possible?
<jvwjgames> Anyone?
<jvwjgames> I need to know if this is possible
<FuriousGeorge> im running openvpn and trying to ping server subnet from client (i can ping the server itself)
<FuriousGeorge> in tcpdump i see pings reach the server and seem to die there
<FuriousGeorge> i expected them to be routed to the computer with the matching destination which is on the same  subnet,
<FuriousGeorge> if i go to the destination computer and listen for pings on eth0 i see none, but if i try to ping the source computer i can.  i can ping any computer on the subnet behind it for that matter
<FuriousGeorge> i made sure ip forwarding was enabled on the server, and that iptables/firewalld was not even installed
<FuriousGeorge> im at a loss at this point
<lordievader> Still sounds like a firewall, tcpdump sits before the firewall.
<caribou> nacc: jgrimm asked me to sponsor the logwatch merge
<caribou> nacc: oh, looks like kirkland already sponsored it
<devster31> hi, I have multiple ssh servers in a LAN, but I want to access them from outside the network and the best option seems a VPN (correct me if I'm wrong), is there a tutorial that I can follow to set up openVPN so that only traffic towards those hosts is passed through the VPN and all the internet traffic isn't?
<caribou> jgrimm: is it still useful to merge the latest clamav bits now that we're so close to release ?
<caribou> jgrimm: debian has a new 0.99-1 as of a march 11th
<beisner> jamespage, ddellav - fyi, pushed neutron 2014.1.5-0ubuntu4~cloud0 from proposed to icehouse-updates in uca re: bug 1393391
<ubottu> bug 1393391 in neutron "neutron-openvswitch-agent stuck on no queue 'q-agent-notifier-port-update_fanout.." [Undecided,Confirmed] https://launchpad.net/bugs/1393391
<beisner> jamespage, ddellav - also, promoted qemu 2.2+dfsg-5expubuntu9.7~cloud2 from kilo-proposed to kilo-updates in uca re: bug 1546445
<ubottu> bug 1546445 in qemu (Ubuntu Wily) "support vhost user without specifying vhostforce" [Medium,Fix released] https://launchpad.net/bugs/1546445
<BlackDex> hello there.. I have a dell server and installed ubuntu 14.04.4 LTS on it. When i type `dmesg` the console is very very slow with the output. How can i speed this up?
<younder> Anyone have any experience with setting up a bind9 (DNS) server? My server name is pandora and my domain name the same. A nslookup on pandora fails on the master node while the 10 cluster nodes it succeeds. The resolv suceeds on all. What is the problem?
<younder> BlackDex, It is fine on mine ( a Dell PowerEdge T110 II)
<younder> mongodb has a powerful diagnostic util that I tried earlier today.
<BlackDex> younder: i have an dell poweredge R430
<younder>  It basically dumps all the diagnostic data of your system. It's up to you to make sense of it though
<younder> I could make a dump of it into pastebin if you like
<jgrimm> caribou, skip it
<caribou> jgrimm: ok!
<jgrimm> thanks sir!
<younder> Altso I have a problem with a cluster node L1 which can't access apt-get-ng while all the other nine nodes can. Seems to be in the network setup, but I can't find it. Any suggestions?
<younder> They have identical (via ansible) setups
<younder> But originally they were set up one by one. and L1 seemed to have internet connectivity while the other nodes did not. To mak it update i change /etc/resolv.con  etc
<designbybeck> I'm trying to learn more about the cloudimg setups. I am using the vhd here: http://uec-images.ubuntu.com/wily/current/
<designbybeck> the vhd boots, but I'm not sure what the username and password are?
<younder> You need werewulf..
<designbybeck> this is wily younder  is that what you mean?
<younder> http://warewulf.lbl.gov/trac
<designbybeck> HHHmmmm
<younder> is what I mena a cluster manager which takes old prootocols like boot and  works by identically configuring all nodes.
<younder> I don't use it in my cluster but it gets good reviews on HPC
<crazybluek> just wonder what to do...  firewall/gateway need some implementation of a few lines with 6to4 and 6in4 Tunnels in shorewall  or/else remove shorewall and install ufw instead...  what are best thing to do ?
<designbybeck> I was just trying to follow some of these guides for settings up openstack in a VM to play with: http://docs.openstack.org/developer/devstack/guides/single-vm.html
<younder> Anyhow Admin magasin and HPC magazine will better see you throght than a random question on ubuntu srever which is for more spesicic ubuntu related questions
<designbybeck> I figured it was an Ubuntu CloudImg build on UbuntuServer so I thought this group might know
<younder> crazybluek, have you tried ufw (uncomplicated firewall)
<younder> There is a book on IPTABLS I can recommend  called 'linux firewalls' by michael rash but i reccomend UFW for starters. It is build on to of IPTABLES anyhow so co can eassily use hat insted
<jrwren> does ufw have ipv6 and 6to4 and 6in4 support?
<younder> There is a book on IPTABLES I can recommend  called 'linux firewalls' by Michael Rash but  recommend UFW for starters. It is build on to of IPTABLES anyhow so co can easily use that
<younder> jrwren, yes
<crazybluek> younder never been into ufw
<younder> I  use it every day
<younder> But not for ipv6
<younder> It's the 6to4 and 6in4 I wonder about.
<younder> Dangerous to combine anyhow
<younder> you get the ip6 over ip4 attacks. Blow your firewall sky high to combine them
<younder> As usual read a book about it but not implemented it yet. O'reilly IPV6
<jrwren> what are these attacks?
<younder> http://www.darkreading.com/vulnerabilities-and-threats/windows-ipv4-networks-vulnerable-to-ipv6-attack/d/d-id/1097153?
<younder> http://www.rmv6tf.org/wp-content/uploads/2013/04/5-IPv6-Attacks-and-Countermeasures-v1.2.pdf
<younder> Particularly you network if opened to  IPV6 from he firewall is open to scan.
<younder> Even if yo have IPV4 internally they also have IPV6 addresses.
<jrwren> looks like scare tactics to sell firewalls ;]
<younder> jrwren, No just my own fear
<jrwren> younder: I classic stateful connections only firewall works quite well *shrug*
<younder> I like IPTABLES too :)
<jrwren> :]  Me too
<teward> server team meeting today?
<jgrimm> teward, yep
<younder> what do you have to say about port 53 and the DNS.?
<younder> Is it all it is? I seem to believe there are more prots.
<younder> ports
<patdk-wk> heh?
<patdk-wk> dns uses udp port 53 and tcp port 53
<patdk-wk> it uses nothing else
<patdk-wk> unless you are not talking about dns, but talking about mdns, then it uses port 5353
<younder> I use ufw allow 53
<younder> You are wrong
 * ogra_ has never seen anything else but udp/tcp 53 being used for DNS
<jrwren> no, you are wrong ;]
<jrwren> ^ that is my way of saying, "how about instead of saying, 'you are wrong', you show facts."
<younder> ports for rndc
<patdk-wk> I would love to see some facts that show I'm wrong
<patdk-wk> rndc != dns
<jrwren> rndc isn't dns.
<patdk-wk> hell, what even is rndc
<jrwren> AFAIK DNS servers that aren't ISC BIND do not do rndc.
<younder> Port 953
<jrwren> patdk-wk: rndc is an ISC BIND9 management protocol
<maswan> patdk-wk: rndc is bind's remode daemon control protocol
<patdk-wk> ya, not dns
<jrwren> well, ISC BIND, not just bind9
<younder> no it is used to magege a BIND9 DND server though
<patdk-wk> I haven't used bind since well, 2004?
<maswan> which you might like to have for a "dns server" in general, but you might also want to have ssh for the same reasons. Doens't make it dns.
<jrwren> yes, words are important. bind isn't dns, bind is A dns server.
<younder> and so port 953 is also a port bind9 CAN listen to
<patdk-wk> one should not expose ports that one does not need
<younder> absoutely
<ogra_> (and one should not blame others of being wrong if one didnt explain the actual problem correctly at all)
<ogra_> :)
<patdk-wk> ogra_, it's ok, I'm wrong, wife tells me all the time
<ogra_> lol :)
<jrwren> its ok, its only human to use a close but inacurrate word and assume others know what you mean. My wife does it all the time, as do I. ;]
<younder> anyhow if you are uing a bind9 server as am I guard port 953 ;)
<jrwren> you are blocking individual ports?
<patdk-wk> block all ports
<jrwren> is there a reason you cannot block all and open what you want?
<patdk-wk> only unblock a few
<patdk-wk> otherwise anyone *user* account can run stuff on the server
<patdk-wk> not good
<younder> I use ufw It bocs all pots unless i explicitly open them
<younder> I use ufw It blocs all ports unless i explicitly open them
<GeekDude> I installed a new 14.04.4 box yesterday and chose 'no' when asked if I wanted to automatically update/important update. If I wanted to change that, would 'sudo dpkg-reconfigure unattended-upgrades' be the correct way to go about that? Does it produce the same results as picking yes during installation, or does it just accomplish the same thing by different means?
<younder> but you mileage may vary. I alto like going straight to the metal and using iptables
<younder> GeekDude, A simple "sudo apt-get update && sudo apt-get upgrade -y " will do that
<GeekDude> younder: I want it to be automatic, and only important/security updates though
<younder> The -y is king in a cluster
<younder> GeekDude, the you don't want upgrade
<younder> GeekDude, anyhow your system should do that once  a week.
<younder> when you install it
<jaywink> hey all. Any idea what could cause when running a python script that does "os.system('service foobar restart')" in root terminal, everything works, but the same script in root crontab gives 'unrecognized service'? The upstart conf file is in /etc/init and as said, service works normally but not via root
<younder> jaywink, permissions
<jaywink> younder, even if running via root crontab?
<GeekDude> younder: The thing is, during install I explicitly disabled that option. I am now wishing I had picked it.
<patdk-wk> service isn't in bath :)
<patdk-wk> path
<jaywink> patdk-wk, tried also full path to /usr/sbin/service - and it is service which says "unrecognized" ;)
<jrwren> jaywink: 'unrecognized service' or 'unrecognized command service'?  Sounds like /sbin is not in the path.
<younder> GeekDude, sudo dpkg-reconfigure --priority=low unattended-upgrades
<younder> should do it
<jaywink> jrwren, definitely service command is found, tried full path
<jrwren> jaywink: i cannot imagine what is wrong. does using invoke-rc.d or initctl directly work?
<younder> dkpg-reconfigure is overall underrated
<jaywink> jrwren, yes. this is the script (sorry, jinja template, vars are replaced correctly and script works otherwise) - https://github.com/jaywink/ansible-diaspora/blob/master/templates/restart_on_memory_capped.py
<younder> jaywink, have you checked premissions
<younder> ?
<jaywink> something python + cron session related maybe... since same os.system in root shell works
<younder> sudo chown root <program>
<jrwren> jaywink: cron's environment is often different from root shell environment
<jaywink> younder, it's running in root crontab, how could it be permissions sorry? the script executes, only error is the os.system call
<lordievader> jaywink: Does 'initctl list' list the service you are trying to control if that command is ran from the crontab?
<GeekDude> younder: what is the significance of 'priority=low'?
<younder> jaywink, correct me if I a wrong but isn't hat just python for a shell command?
<younder> GeekDude, one a week vs one a day
<lordievader> GeekDude: The man page reads that the priority setting sets the minimum priority level of questions asked, see 'man dpkg-reconfigure'.
<GeekDude> lordievader: I did check that page, but I have no clue what that means
<lordievader> It seems that questions dpkg might pose are put in different priority classes. The default is low, so setting it to low can be ommited.
<jaywink> lordievader, finally got cron to output :P yes, initctl list executed from root crontab does contain the service .. sigh... I made a python script for expansion flexibility, seems that is biting back now
<lordievader> jaywink: Upstart being as strange as it is, it might work with initctl instead of 'service'. I had it before that service didn't know a particular service while initctl did.
<younder> jaywink, can't you use a shellbang #/path/python
<younder> nad no py
<younder> and no. py
<younder> WELL THEN IT WILL WORK!!! ;)
<lordievader> younder: His problem has nothing to do with how the interpreter is called.
<younder> lordievader, I know
<younder> lordievader, It's just a feeling I get sometimes.. This SHOULD work and then NOT
<jaywink> lordievader, awesome, initctl totally worked :) thanks!
<lordievader> jaywink: Ah, good to hear ;)
<younder> so you are moving to systend  finally!
<younder> systemd
<younder> wonderful inprovement over init
<jaywink> yeah but on trusty on this server
<younder> I am relly looking forward ti 16.06 in fact I have a alpha in a VM right now
<younder> 16.04
<lordievader> The beta of Xenial is already released ;)
<younder> enoght words read https://wiki.debian.org/systemd
<jrwren> both upstart and systemd are excellent IMO.
<jaywink> compared to initv scripts yeah... :P
<younder> now we have something except aptitude  to work on
<arcsky> hey there is differnt keyboard layout in my shell how can i switch back? i have only ssh access.
<RoyK> arcsky: keyboard layout is a local thing, meaning the ssh client reads through the client's OS - it doesn't matter what sort of layout the server's using
<arcsky> i have used this putty windows  client to connect ot my ubuntu machine for years and now it has switched..
<younder> arsky what is putty windows?
<teward> younder: putty windows client - i.e. PuTTY SSH client for Windows
<younder> Iv'eused ssh for years.
<teward> arcsky: "now it has siwtched" <-- this is fairly vague, so it's unclear what exactly you're asking
<younder> OOH. yes. I remeber them now
<teward> arcsky: the SSH client can sometimes 'override' the key mapping in use; but so can the Server
<younder> So you wans an encryped tynnel
<younder> tunnel?
<teward> younder: no, that's not his issue.
<younder> lol ok
<teward> RoyK: i noticed an odd instance in some qemu-run VMs of Ubuntu where the SSH client's keymapping isn't honored
<teward> rare, but odd
<sarnold> back in the day we used to spend forever trying to get the backspace key to work reliably everywhere. good times.
<teward> heheh
<teward> sarnold: i think i heard horror stories of those days xD
<younder> I use quemy too mostly for the pi's
<younder> so the por bastards on a doze. What can we do to help him?
<sarnold> we can help him better formulate problem descriptions
<younder> You havent considered .. no
<younder> so you don't wnat the whole linux hell thing just the 'telnet'?
<younder> hell = RHELL = shell
<younder> The robot deamonds have taken over so  much.
<jrwren> what do you mean^?^?^?^?^?^?^?^?^?^?^?sarnold: what do you mean?
<sarnold> jrwren: lol
<younder> Imagine a elf atabbing a dwark. Or a child killing a parent after being forked mind you, to become a deamond. Now thts just unix
<Pici> younder: Er, can we keep these random comments to a minimum please?
<Pici> younder: If you're looking for a chat channel there is #ubuntu-offtopic, otherwise these channels are for support unless otherwise specified..
<RoyK> sarnold: stty erase ^H # ;)
<sarnold> RoyK: heh if only it had been that easy.. :)
<RoyK> sarnold: some old unix wiz taught me back then ;)
<sarnold> RoyK: the trick was getting all layers involved to agree that ^H is the One True Backspace
<younder> what?
<jcastro> jgrimm: got a sec? Our team needs help getting an FFe for Xenial for charm-tools
<jcastro> https://bugs.launchpad.net/ubuntu/+source/charm-tools/+bug/1546776
<ubottu> Launchpad bug 1546776 in charm-tools (Ubuntu) "[FFe] charm-tools 2.0" [Undecided,Triaged]
<jcastro> https://bugs.launchpad.net/ubuntu/+source/juju-core/+bug/1545913
<ubottu> Launchpad bug 1545913 in juju-core (Ubuntu) "[FFe] juju-core 2.0" [Undecided,Confirmed]
<rsevero> Hi. I have a server whose network interfaces were named through a /etc/udev/rules.d/70-persistent-net.rules file. My really strange problem is that now that I removed my 70-persistent-net.rules file and reboot, the interfaces I keeping the names I invented. Why? How can I make it get the automatic names again?
<rsevero> the interfaces are keeping the names I invented
<nacc> rsevero: just removing that file doesn't regenerate the initrds
<younder> Have you flushed the DNS cache
<rsevero> nacc: I don't kow this file nor how to regenerate it. How can I do it?
<sarnold> nacc: ooo
<rsevero> younder: Why DNS caches would have any influence on the naming my network interfaces are named by the kernel?
<younder> rsevero, actulaly the arp cache
<nacc> rsevero: I believe it is `update-initramfs -u -k all`, iirc
<nacc> sarnold: was that "good guess, nacc"? Or "you're wrong, nacc"? :)
<sarnold> nacc: "good guess nacc" :D
<sarnold> something I wouldn't have considered and yet once I hear it, seems plausible enough :)
<nacc> sarnold: whew
<rsevero> nacc: It seems you are right nacc. Having most of my experience on Gentoo, I would never have thought about regenerating initramfs to apply network interface name changes. Am I correct in understanding that every time I edit /etc/udev/rules.d/70-persistent-net.rules I have to regenerate initramfs?
<patdk-wk> you shouldn't ever have to, no
<nacc> rsevero: right, the issue is those rules get copied into the initrd, iirc
<patdk-wk> oh?
<nacc> i might be wrong, but i recall doing that in the past
<patdk-wk> something change with that lately?
<patdk-wk> or is that a requirement due to the biosdev... package?
<rsevero> nacc: Ok, thanks.
<nacc> i don't have it in front of me right now, but i think the files are copied into the initrd during update/creation
<nacc> patdk-wk: --^
<nacc> patdk-wk: presuming that's the case, they would get out of sync if you locally modify them and don't regenerate the initrd(s)
<rsevero> On a completely unrelated issue: how can I fix a computer that starts to show "error: invalid video mode specification 'text'. Booting in blind mode" just after initial Grub screen after it got hard reseted?
<rsevero> And never completes the boot process?
<nacc> rsevero: can you provide the kernel cmdline? should be viewable in grub too
<rsevero> linux     /vmlinuz-4.2.0-35-generic.efi.signed root=/dev/mapper/vg-root ro
<rsevero> nacc: Is this the line you want?
<nacc> rsevero: yeah
<nacc> rsevero: hrm, seems that message is from grub itself
<nacc> rsevero: https://lists.gnu.org/archive/html/help-grub/2013-01/msg00016.html
<rsevero> nacc: Yes. I think so.
<nacc> rsevero: not sure, sorry
<rsevero> nacc: I had already seem that page. Thanks anyway. Will try my luck on grub channel ;)
<nacc> rsevero: yeah that's probably more likely to succeed, sorry!
<randymarsh9> hello
<randymarsh9> ntop is a network display tool as well as web server?
<nacc> randymarsh9: yes, per it's description, i think it has an embedded web server
<DirtyCajun> this is why i love linux. why Raid 0 when you can juust keep them seperate and symlink.
<patdk-wk> you can do that on windows too
<patdk-wk> but simlink doesn't increase the speed of a single file
<patdk-wk> or a database
<bekks> Or anything else ;)
<DirtyCajun> but it decreses total data falure when 1 drive fails in a raid 0
<bekks> thats why you use RAID 1 :P
<DirtyCajun> you are losing space.
<Deeps> DirtyCajun: 'why raid0 when you can do something that doesn't offer the benefits of raid0' 'because of the benefits of raid0' 'but then you get the drawbacks too' well, yeah.
<DirtyCajun> the only benefit i know of raid 0 is speed. wrong?
<Deeps> no
<Deeps> but if speed matters, then it's a significant benefit
<maswan> well, space too
<DirtyCajun> i cant count the number of people i know that raid 0 NOT for speed but for a "single large disk so they dont have to split files"
<Deeps> just because you know a lot of people who make poor choices for their requirements doesn't make the technology bad
<DirtyCajun> this is being misconstrued. lord. s/why raid 0/why raid 0 for space consolidation/
<Deeps> ('a lot' may be inaccurate, i dont know how high you can count)
<randymarsh9> anybody know what nprobe is and how it relates to ntop?
<randymarsh9> is it a plugin or standalone application?
<Deeps> looks like a netflow collector
<Deeps> similar to nfdump i guess
<Deeps> ah no, looks like it has flow manipulation capabilities as well
<gpiccoli> Hello, sorry to bother you. I tried to joing #ubuntu-cloud, but it "redirected" here, so I believe this is the channel for cloud questions, right?
<Pici> yep
<gpiccoli> I wanna boot a x86 cloud image using qemu in another arch. The problem:
<gpiccoli> I boot the image, it works but end up giving lots of n/w problem, related to cloud-init
<gpiccoli> is there a way to disable cloud-init and boot directly to terminal, as usual?
<gpiccoli> the error messages are like "request error [(<urllib3.connectionpool.HTTPConnectionPool object at 0x7f8fc1a1d890>"
<randymarsh9> Deeps: so does it sound like it integrates with ntop or it runs on its own?
<Deeps> it runs on it's own, but it still needs to feed into ntop or something else like it
<randymarsh9> i installed both ntopng and nprobe and can't figure out what's running what so troubleshooting is pretty freaking hard
<Deeps> Fully interoperable with commercial collectors such as IsarFlow, Fluke, Cisco, Dartware, AdventNet, Arbor Networks, Plixer, NetFlow Auditor, SolarWinds Orion NTA.
<Deeps> from the nprobe page
<randymarsh9> pretty lame that none of the switches work on windows when they claim it runs on windows
<randymarsh9> guess i should have this running on linux
<Deeps> i'm assuming you haven't paid for it
<Deeps> given that you're asking in here
<Deeps> rather than using the 5 days installation support that they give you when you pay
<Deeps> and from what i can tell, nprobe isn't free
<randymarsh9> what makes you think it's not free?
<randymarsh9> it's open source and they link to the download page right on their site
<Deeps> randymarsh9: the text on the site that says it's not free
<lordievader> IIRC, the software is free, the appliance/support isn't.
<Deeps> randymarsh9: nProbeâ¢ is available for a little fee, thatâs used for running the project and funding the new developments. You can purchase online your copy of nProbeâ¢ at the ntop e-shop site, that includes one year support. After the transaction is completed you can download your nProbeâ¢ copy immediately
<Deeps> nProbe is distributed under the EULA and requires a license per system.
<Deeps> just because source is open, just because the download is freely available without drm, doesn't make it free
<Deeps> the website seems to contradict itself regarding availability of source code, but it doesn't appear that the source is freely available either
<lordievader> They provide a deb didn't they?
<Deeps> the text suggests it's a binary package distribution
<lordievader> Ah, in such a way.
 * lordievader is happy with pmacct
<Deeps> oh that looks like it could be good at home
<Deeps> and more
<randymarsh9> Deeps: then maybe don't link to it from the same directory where you store all your free license binaries
<Deeps> randymarsh9: maybe better to tell them that rather than me, it's not my license you're violating
<randymarsh9> their page says it's free to try
<Deeps> \o/
<randymarsh9> are you the dmca police or something
<randymarsh9> jesus christ
<Deeps> nope, but you asked why i thought it wasn't free, i explained. just because you don't like the answer doesn't mean you need to take it out on me /o\
<randymarsh9> you made it sound like i shouldn't be asking for help in here because i didn't pay for it
<randymarsh9> very helpful of you
<Deeps> sorry if you got that impression, given that i've been the only person to try and help you so far, i'll leave you to the rest /o\
<Deeps> gl, nn!
<randymarsh9> by telling me i didn't pay for support.....
<randymarsh9> right, thanks
<crazybluek> hmm, it seems net hangs every time dhclient renew ip given by fibermodem ?  any workaround this ?
<sarnold> does it renew the same or a different address?
<sarnold> does it set e.g. bad dns server names?
<sarnold> does it mess with the routing tables?
<sarnold> are there any errors or warnings in the logs?
<crazybluek> should be same address as it have had same IP all the time
<crazybluek> havn't found warnings in logs yet
<randymarsh9> anyone know of any better alternatives to ntop for collecting netflow traffic?
<crazybluek> I loose net connectiong at 18-20 minute
<crazybluek> 24/7  I loose netconnection every 18-20 minute
<sarnold> crazybluek: dang..
<crazybluek> for 1-2 minute
<lordievader> randymarsh9: As I said, I'm happy with the pmacct and nfsen combination.
<crazybluek> 18-20 min  about same time as renew time 1065 second I've seen in logs
<sarnold> nfsen? is that packaged?
<randymarsh9> lordievader: does it have a pretty dashboard ?
<lordievader> sarnold: Not that I know of.
<lordievader> randymarsh9: It's functional.
<randymarsh9> ahah
<sarnold> lordievader: hah, apparently I've already visited http://nfsen.sourceforge.net/ and even looked at screenshots. sigh. :)
<randymarsh9> guess that's most important
<randymarsh9> lordievader: do you have it running on ubuntu?
<lordievader> randymarsh9: Nfsen, yes. Pmacct, no.
<randymarsh9> if i download nfsen do i need to use pmacct?
<randymarsh9> i just want to see what's using the most bandwidth
<lordievader> Nfsen is just something to collect/display flow data. It doesn't generate it.
<randymarsh9> so pmacct is the collector and nfsen displays it?
<lordievader> Yes, pmacct listens on an interface and sends the flow data to nfsen.
<randymarsh9> does nfsen come with its own web server or do i have to set one up?
<lordievader> No, you need your own.
<randymarsh9> why don't you run pmacct on ubuntu?
<randymarsh9> i'm thinking of setting them both up on the same box
<lordievader> Because the box that I want to run it on doesn't run Ubuntu?
<randymarsh9> what does it run
<lordievader> Gentoo.
<randymarsh9> so why not put nfsen on gentoo as well?
<randymarsh9> or are you trying to keep them separated
<lordievader> Since my webserver vm runs Ubuntu.
<randymarsh9> cool
#ubuntu-server 2016-03-30
<jamespage> morning
<cpaelzer> jamespage: hi
<cpaelzer> jamespage: fyi I got success with the dpdk upload, now my ovs-dpdk seems to work fine
<cpaelzer> jamespage: I wanted to ask if you need help or just want to discuss about you charming it
<cpaelzer> jamespage: also I'm interested in what you decided regardig the user/permission of the vhost-user sockets
<jamespage> cpaelzer, just getting a ceph rc out of the way and then I'll re-focus on the work I was doing last week on testing ovs+dpdk+openstack
<jamespage> I hit some unrelated blockers which inhibited progress a bit...
<cpaelzer> jamespage: sure, just wanted to offer help more than tracking on that remaining bug :-)
<cpaelzer> me going on with testing might help to get off some inhibitors you didn't hit yet upfront, so I just go on until you let me know
<randymarsh9> hello
<lordievader> o/
<randymarsh9> is the userspace the type of syntax the command line takes?
<randymarsh9> for example bash?
<teward> if I have a question about the base ubuntu-server metapackage, who do I bother?
<nacc> randymarsh9: sorry, can you rephrase your question?
<Seveas> teward: that'll depend on the question. Try in here and see what happens.
<teward> Seveas: the quesiton being why is lxc and everything on the server seed itself, as part of the `ubuntu-server` metapackage in Xenial
<teward> everything directly related*
<ogra_> teward, yeah, guiven it is now part of every ubuntu default install it should probably rather be in ubuntu-standard
<teward> ogra_: i'm still scratching my head as to why this was done, maybe I missed an email chain, but...
<teward> ogra_: seems like a massive change, esp. if we have to load container support into every default install
<teward> i'm just left scratching my head is all
<crazybluek> how to prevent net lag when ubuntu  dhclient renews ip due lease time on dynamic ip given by dhcp server on another device ?
<randymarsh9> anyone know why there is a slash to separate librrd-dev and libmailtools-perl for the apt-get install on this page:
<randymarsh9> Setting up libitm1:amd64 (4.8.4-2ubuntu1~14.04.1) ...
<randymarsh9> Setting up libmpfr4:amd64 (3.1.2-1) ...
<randymarsh9> Setting up libquadmath0:amd64 (4.8.4-2ubuntu1~14.04.1) ...
<randymarsh9> Setting up libtsan0:amd64 (4.8.4-2ubuntu1~14.04.1) ...
<randymarsh9> Setting up libmpc3:amd64 (1.0.1-1ubuntu1) ...
<randymarsh9> Setting up binutils (2.24-5ubuntu14) ...
<randymarsh9> Setting up libc-dev-bin (2.19-0ubuntu6.7) ...
<randymarsh9> Setting up linux-libc-dev:amd64 (3.13.0-83.127) ...
<randymarsh9> Setting up libc6-dev:amd64 (2.19-0ubuntu6.7) ...
<randymarsh9> Setting up cpp-4.8 (4.8.4-2ubuntu1~14.04.1) ...
<randymarsh9> Setting up cpp (4:4.8.2-1ubuntu6) ...
<randymarsh9> woops
<randymarsh9> sorry
<randymarsh9> https://nsrc.org/workshops/2014/nsrc-tein-ait/raw-attachment/wiki/Agenda/exercise2-install-nfdump-nfsen.htm#configure-your-collector
<nacc> randymarsh9: uh, line continuation?
<randymarsh9> nacc: so ignore that?
<nacc> randymarsh9: i really don't think you should be going down the route of building your own packages if you don't know what that is, but that's your choice :) you can keep it there or not, it's just meant to indicate it's all one line (and if you were to c&p, it'll hopefully include the enter at the end)
<randymarsh9> nacc: i'm following diffrent guides on how to setup a netflow monitor and the last one did not work so i was doing this one
<randymarsh9> stupid file doesn't even exist on their server
<randymarsh9> so the green file mean they are executables correct?
<randymarsh9> when i do ls
<sarnold> doublecheck with ls -l
<randymarsh9> does the first part (-) mean it's a file?
<randymarsh9> i see -rwxr-xr-x
<sarnold> yes; it would be 'd' for a directory, 'c' for a character device, 'b' for block device, 'l' for a symlink .. I can't recall what sockets/pipes/fifos get..
<nacc> s
<nacc> sarnold: --^
<nacc> for sockets, at least
<sarnold> thanks nacc :)
<randymarsh9> how come i can't execute the file just by typing it's name when i am in the same directory as said executable?
<randymarsh9> it tells me command not found
<mallard> randymarsh9: You need to use ./executable
<randymarsh9> i have to type "./" before it
<randymarsh9> yea
<randymarsh9> is that just how linux works?
<mallard> It has to be on your $PATH
<nacc> it has to do with your PATH
<randymarsh9> i understand that
<randymarsh9> but if i am in the same directory?
<randymarsh9> it doesn't care?
<mallard> Its like that for security reasons
<nacc> it has to be in your PATH; I dont' think you understand that
<teward> randymarsh9: this isn't Windows
<randymarsh9> teward: yes that's how i'm used to doing it
<mallard> If you unzipped something and it had a nasty executable called ls inside, you would run it instead of the real ls
<teward> randymarsh9: if the directory you are in is not in your $PATH variable, it must be prefixed with ./ to indicate you are executing something in the current directory
<randymarsh9> mallard: excellent point
<teward> randymarsh9: otherwise, you have to add the unzipped location to the $PATH variable
<mallard> If you really wanted I think you can put . on your path by putting a ; on its own at the end, but you shouldn't do that
<sarnold> don't do that :)
<teward> and also, mallard raises that good security point :P
<teward> and yes, you should not do that
<teward> so don't edit your path that way
<randymarsh9> cool thanks
<randymarsh9> next thing you know i'll be doing my own packages
<randymarsh9> ;)
<sarnold> :D
<randymarsh9> dang way over my head here
<randymarsh9> anybody have a netflow setup running on their ubuntu box?
<randymarsh9> tried nfsen w/ nfdump so far and can't get it working
<randymarsh9> any other recommendations?
<randymarsh9> or know a good channel to ask in?
<DirtyCajun> just for specificity... prepending a : to the beginning or appending it to the end of your PATH will yield that result, but changes weather it searches before the rest or after randymarsh9
<randymarsh9> DirtyCajun: cool good to know thanks
<DirtyCajun> also permenantly changing it is a security risk but changing it for your session only is just "frowned upon"
<DirtyCajun> in which you would just type PATH=$PATH:
<RoyK> or PATH=$PATH:/whateveryouwanttoaddinthepath
<DirtyCajun> right.
<lordievader> randymarsh9: 'Can't get it working', what are you running into?
<randymarsh9> lordievader: when i would run "./nfsen start" instead of saying something like OK or succeeded I got a bunch of weird output about line 44, 66 etc. and some message about rerunning the config (which after rerunning would still yield the same result)
<randymarsh9> honestly i think it's because of following several different guides on setting this up
<randymarsh9> and something somewhere got screwed up so i'm just going to wipe the whole install and start fresh using 1 decent looking guide i found
<randymarsh9> and make sure i understand every step i'm doing
<randymarsh9> feel like second time around i should be able to get it working
<lordievader> randymarsh9: Oh, that is normal. Nfsen spews out a bunch of perl stuff, but if it doesn't error you are good to go.
<lordievader> Can you pastebin the output by the way?
<randymarsh9> lordievader: damn already reformatting
<randymarsh9> where were you 20 min ago before i gave up all hope?!?
<randymarsh9> jk. that's good to know if i encounter it again. is there a command i can run to see if it actually is running in the background? will top do it?
<sarnold> ps auxw
<randymarsh9> sarnold: difference between ps and top is ps is screenshot and top is realtime right?
<lordievader> No.
<lordievader> Read the man page of both applications ;)
<randymarsh9> how come they don't teach this stuff in school
<randymarsh9> if i get this working i will be so happy
<sarnold> they really should teach how to read manpages in school :) hehe
<randymarsh9> man is incredibly useful
<randymarsh9> used it like 6 times today
<randymarsh9> surprised there's no man page on "cd" though
<sarnold> 'cd' can't be implemented as a stand-alone command
<randymarsh9> yes it can
<sarnold> it's a shell built-in, because that's the only way it can affect the current working directory of the process
<sarnold> so it's documented in your shell's manpage
<randymarsh9> if you run cd on its own it takes you to some directory i haven't quite figured out yet
<lordievader> randymarsh9: That is not the point sarnold is trying to make. Suppose cd is a program. It would start up, chande dir, and exit. Leaving you in the original dir you where in.
<lordievader> The parent didn't change dirs, only the child did.
<sarnold> randymarsh9: 'cd' with no parameters changes directories to your home directory
<randymarsh9> so only programs have man pages?
<sarnold> no, but shell built-ins often don't
<randymarsh9> cool thx
<tarpman> for extra fun, sometimes there's a program and a shell builtin with the same name (e.g. 'echo' or 'test'), and the man page documents the program, but what you're actually running is the builtin...
<JanC> configuration files or concepts or libraries/library functions all could all have manpages
<JanC> oh, and I do have a manpage for 'cd'
<randymarsh9> anyone know why i would want to make a link between two files?
<sarnold> JanC: hah, so there is, in 1posix :) I've never noticed..
<randymarsh9> does it mean if i edit one i am editting the other?
<JanC> randymarsh9: in case of hardlinks yes (they are just another name for the same file), in case of symlinks it depends (they are special files that refer to other files, and some applications might not follow symlinks, e.g. for security reasons)
<JanC> but in general, yes you would be editing the same file
<randymarsh9> JanC: ok ty
<tarpman> the usual write to a new file, fsync, rename dance probably breaks hardlinks though, I guess?
<sarnold> yeah
<RoyK> any idea if it's possible to enable the L3 cache on a celeron? lshw reports it to be disabled...
<patdk-wk> royk, they are disabled on the die
<sarnold> how rude
<sarnold> if it's just a configuration option that the bios doesn't export, maybe gross tricks like this could do it http://timetobleed.com/enabling-bios-options-on-a-live-server-with-no-rebooting/
<sarnold> but if they've burned a fuse, well .. no luck there.
<RoyK> patdk-wk: just strange it's visible, then
<patdk-wk> well, it exists on the die
<randymarsh9> is there man page for directories?
<patdk-wk> basically, it's the server cpu
<patdk-wk> just reclassed for desktop
<randymarsh9> like if i want to know what /usr/src/ is for can is there a way to put man in front of that?
<tarpman> randymarsh9: man 7 hier
<tarpman> "description of the filesystem hierarchy"
<RoyK> patdk-wk: I guess a few people have tried to hack that, then, without much success :P
<randymarsh9> tarpman: thx
<randymarsh9> just curious what is the point of adding the 7?
<randymarsh9> man hier seems to work ok too
<tarpman> randymarsh9: habit. sometimes there are pages with the same name in different sections. e.g. printf(1) and printf(3) are very different things
<randymarsh9> so page 7?
<tarpman> pardon?
<randymarsh9> does the 7 mean page 7?
<tarpman> section 7
<randymarsh9> ah
<randymarsh9> cool thx
<patdk-wk> very important
<tarpman> randymarsh9: the man(1) page has a list of the sections near the top
<patdk-wk> expecially when the program and config man pages are the same name
<tarpman> (in case it wasn't clear, the (1) is the section there)
<patdk-wk> or if you want the libc function vs the shell function
<randymarsh9> you can do a man man
<randymarsh9> pretty sweet
<tarpman> randymarsh9: perfect example of why to specify the section...  you probably wanted 'man 1 man', but there's 'man 7 man' too... ;)
<tarpman> randymarsh9: see also: 'whatis man'
<randymarsh9> there's a whatis command ???
<randymarsh9> so cool
<randymarsh9> did you guys know about the whereis command?
<randymarsh9> pretty useful stuff for you experts
<RoyK> it just searches PATH for the command
<RoyK> randymarsh9: 'type' is another command that works somewhat the same way, only lists more stuff
<Pici> and apropos
<tarpman> and 'which', and 'command', and ...
<mallard> My favourite command is poweroff.
<mallard> Opens a portal to that game "outside"
<Pici> heh
<randymarsh9> does clean install of ubuntu server enable firewall by default or no?
<teward> define "enable firewall" :P
<randymarsh9> is the firewall turned on by default?
<teward> randymarsh9: define 'turned on'.
<teward> if you mean "Turned on and blocking traffic" then I haven't seen that yet on a default install
<teward> because "blocking traffic" varies use case to use case to use case
<teward> there's no 'default' I believe that fits "most situations"
<randymarsh9> just curious thanks
<teward> randymarsh9: usually a server admin will set the firewall up as needed.  :P
<teward> rather than rely on defaults
<teward> oop which reminds me i have a default grub on this VM that is evil
<teward> randymarsh9: sudo ufw enable   <--- will turn on a 'default' firewall setup, but I don't like ufw, 'cause I like manipulating via iptables ;)
<randymarsh9> ya that's the command i used to disable it
<teward> i think you mean enable.
<randymarsh9> no i turned it off because this thing isn't working
<teward> ah
<teward> well, that's because you didn't set up the firewall to do what yo uwant it to ;)
<randymarsh9> thought it had to do with fireall but doesn't look like it
<teward> also "this thing isn't working" = vague
<randymarsh9> ya
<teward> ... grrr stupid grub
<teward> *goes to fix a server*
<randymarsh9> if i do "ls -l" i see this output: drwxr-xr-x 9 www-data www-data 4096 Mar 30 16:03 directory_name
<randymarsh9> why is www-data there twice
<randymarsh9> is one the user and one the group?
<mallard> There's the user and the group
<randymarsh9> ok
<randymarsh9> and is that the owner of the directory?
<mallard> Yeah
<randymarsh9> ok good
<randymarsh9> so there's also a root user and a root group?
<mallard> yeah, each user usually has their own group too
<randymarsh9> when installing a pacakge "apt-get install program_name" grabs it from the repositories and "wget package_url" grabs it from the specified website right?
<teward> randymarsh9: apt-get install will install the package from the repositories.  wget doesn't install anything
<teward> wget is used to download the URL.
<teward> if the URL is to a .deb it downloads the .deb to either the current directory, or the path defined in the -O option (if it wasn't provided, then it downloads to the directory you are in)
<teward> it doesn't install anything
<teward> apt-get downloads, then installs, the package from a repository.
<jrwren> and a repository is just a file store with some files in specific places. Might be a website (http), or ftp, or other.
<mallard> you should keep a copy of the repositories on a large collection of floppy disks
<mallard> it's a great conversation piece
<jrwren> been there, done that, glad I do not anymore. ;]
<teward> lol
<sarnold> heh I did a slackware install back in the day that was 53 floppies.
<sarnold> latex was ~dozen, x11 was ~dozen..
<randymarsh9> does ubuntu server hide file extensions by default?
<rattking> randymarsh9 linux doesnt use extensions the same way other operating systems do..
<randymarsh9> how does linux differentiate between an executable and a plain text file?
<randymarsh9> when i do an ls it knows it's an executable but how?
<tarpman> randymarsh9: by the executable (+x) bit in the permissions
<tarpman> randymarsh9: there are plain text files that are executable: scripts.
<rattking> by the file mode
<randymarsh9> ok cool thx
<rattking> the tool 'file' can tell you more about a file
<jrwren> because... magic!
<rattking> lol yes âmagic number" :)
<jrwren> there is nothing magic about magic.
<sarnold> jrwren: hehe
<randymarsh9> very cool that's like the whatis tool for commands
<mwhudson> a bug in file (actually in the magic file) resulted in the best bug ever
<mwhudson> "my printer doesn't work on tuesdays"
<JanC> hehe, I remember that one
<rattking> wat?!
<sarnold> https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/255161
<ubottu> Launchpad bug 248619 in file (Ubuntu Karmic) "duplicate for #255161 file incorrectly labeled as Erlang JAM file (OOo does not print on Tuesdays)" [High,Fix released]
<sarnold> dude
<JanC> https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/255161/comments/28
<ubottu> Launchpad bug 248619 in file (Ubuntu Karmic) "duplicate for #255161 file incorrectly labeled as Erlang JAM file (OOo does not print on Tuesdays)" [High,Fix released]
<JanC> that's where somebody discovers first that the bug happens on Tuesdays
<hallyn> help i've forgotten how to bzr
<teward> hallyn: hail git :P
<teward> hallyn: you broke it, what's wrong :P
<sarnold> hallyn: step one, be sure to have some free time..
<hallyn> i've forgotten how to push a private branch of serverguide
<hallyn> (sadly it is not yet avaialble over lp+git)
<hallyn> ok sun finally came out - bbl
<sarnold> poor bzr never had a chance against the sun
#ubuntu-server 2016-03-31
<Javezim> Hey all, how do you upgrade from samba 4.1.6 to 4.1.18+ on ubuntu 14.04
<nacc> Javezim: you don't, at least not in a supported way
<Javezim> nacc: Hmm well apparently there are a few bug fixes in the latest version that we are seeing
<Javezim> so is there anyway to do this?
<sarnold> download tarball from samba.org, check signatures, build, install into /usr/local/, remove ubuntu-provided samba packages, integrate the ones you build..
<teward> though I would expect it to have some quirks, since at that point you sacrifice the support of security updates (unless you recompile each version, etc.)
<teward> and some headaches :P
<Javezim> Yeah that sounds like way to much of a pain
<Javezim> Well maybe someone can help with the actual issue we are having
<Javezim> Samba keeps crashing when read/writing a file
<sarnold> if you can isolate the fixes you need you could prepare a debdiff for sponsoring..
<Javezim> Output from log level = 2 is here - pasted.co/86397482
<teward> permit me to yell at you for not using the Ubuntu pastebin, if only because that pastebin attempted to launch a suspicious popup (my Snort network monitoring detected the weirdness in the popup, plus my popup blocker kicked in)
<Javezim> This error constantly occurs when reading/writing a file. We use Samba with Gluster and can't figure why this is happening on one of our setups but not another
<Javezim> paste.ubuntu.com/15564525
<newbsduser> hello, iam looking for a test utility for generating accounting requests for freeradius server, i tried radtest but it generates authentication requests... i also asked it in freeradius channel but i wanted to ask it here, too
<lordievader> Good morning.
<ZoderUck> hey
<ZoderUck> how to ensure all *.php files are handled by my fastcgi php  and not redirected to mod_mono,  mod_mono is required for  mvc app, that works.
<ndf> sounds like a question for #php ;P
<ZoderUck> aha and in #php they redirect me to #mvc ?
<stephank> I'm trying to automate setup of EC2 instances (testing with xenial) that handle a lot of connections, and I'm running into conntrack limits ("table full, dropping packet"). I can raise the limit, but is there a way to disable connection tracking completely?
<stephank> Think I found a way that'll do. I was going to roundabout way of trying to remove LXC from cloud-init, but it executes too late I think. LXC is the only thing loading the kernel modules.
<stephank> But I instead found this, and it seems to leave the conntrack table empty now: http://serverfault.com/a/234572/40783
<pmatulis> morning
<RoyK> hm... anyone remember what SAS' counterpart is for SATA's S.M.A.R.T. ? smartctl doesn't list much for SAS drives
<Sling> RoyK: that should 'just work'
<Sling> iirc
<RoyK> Sling: it doesn't
<RoyK> Sling: sata disk on a sas controller - fine - but SAS drives don't have S.M.A.R.T.
<Sling> sas/scsi even tape devices support smart commands
<Sling> or at least, smartctl can pull info from them
<RoyK> Sling: http://paste.debian.net/422987/
<RoyK> so *some* info, but not everything I want
<RoyK> or perhaps I'm just confused - completely different format (and I want this into munin)
<Sling> it's also possible smart isn't enabled for the device
<Sling> but supported
<RoyK> see the paste - says it's enabled
<Sling> ah sorry can't open the paste right now
<patdk-wk> sas has smart
<patdk-wk> it's just different :)
<patdk-wk> that is normal expected results for smart from scsi/sas
<patdk-wk> Elements in grown defect list: 0
<RoyK> let's see.... do echo -n "$i: "; smartctl -a /dev/$i | grep 'Elements in grown defect list' ; done # ;)
<RoyK> zero...
<patdk-wk> it was the same for my scsi disks and fc disks back in 2000
<patdk-wk> nothing has change
<patdk-wk> only smart was added to ide
<teward> jgrimm: ping, if you're not busy
<jgrimm> teward, howdy
<teward> jgrimm: did you get the email I sent yesterday, or did my Snort firewall nom the message before it was sent?
<teward> s/firewall/IDS/
<jgrimm> teward i did, i have had a chance to chat with rbasak yet as he was out on pto earlier this week
<teward> ok
<teward> you did ask re: that in the server team meeting, so I sent to you and rbasak so you'd both be able to discuss and get back to me :P
<rbasak> Sorry teward, I've only been back today
<teward> rbasak: no problem, you didn't miss too much :0
<teward> :)  *
<teward> rbasak: review the email I sent to you and jgrimm, though.  further discussion on that issue may have to be off-channel
<jgrimm> teward, ack.
 * teward goes back to poking his sbuild schroots to try and make them work again
<rbasak> teward: reply sent
<teward> hasn't arrived yet, i'll look when it gets here.  Aaaand, thunderbird just blew up >.>
<teward> rbasak: any chance you can resend?  Looks like something somewhere ate the message
<teward> (or it never sent out)
<rbasak> teward: sorry, my fault. gpg agent issues. I sent unsigned.
<teward> rbasak: no problem :)
<teward> got it
<teward> (i'm having gpg-agent issues myself, but it's an issue with my Thunderbird blowing up)_
<rbasak> The default agent config seems to break when I'm using a screen from somewhere else.
<teward> indeed.
<rbasak> Seems to expect some sort of desktop session or DISPLAY connection or something I don't necessarily always have.
<rbasak> Which is wrong IMHO. I have a uid. That should be enough to reach my agent.
<jgrimm> teward, +1 on rbasak's response to you
<jgrimm> wrt nginx
<teward> jgrimm: rbasak: thank you both!  I thought it'd be a good idea to loop you both in on it!
<teward> jgrimm: rbasak: the only pending issue is 1.9.13, as it needs reviewed for a freeze exception
<teward> probably going to poke -release at some point today to see if they can look at it before next thursday, but lets hope that lands
<jgrimm> thanks teward
<rbasak> teward: thanks. Your FFe request seems comprehensive.
<teward> rbasak: indeed.  I kept the same level of thoroughness as the last ;)
<jcastro> rbasak: heya, welcome back, I see you're working on the FFe for juju-core
<rbasak> jcastro: o/
<rbasak> jcastro: it's not really in my hands right now.
<jcastro> well, our team specifically needs help with charm-tools
<jcastro> but we're unfamiliar with the distro process and were shepherded to "ask someone on -server, they have smart people, you guys make server tools."
<teward> heheh
<jcastro> https://bugs.launchpad.net/ubuntu/+source/charm-tools/+bug/1546776
<ubottu> Launchpad bug 1546776 in charm-tools (Ubuntu) "[FFe] charm-tools 2.0" [Undecided,Triaged]
<jcastro> it's more of a "what do we do now?" question more than anything else
<frickler> jamespage: do you have packages ready for ceph 10.1.0 already? I just tested upgrading from 10.0.2 to 10.0.5 and that didn't work too well, sadly
<jamespage> frickler, not archive ready yet but you can try ppa:openstack-ubunut-testing/ceph-sru
<jamespage> ppa:openstack-ubuntu-testing/ceph-sru
<jamespage> rather
<jamespage> frickler, amd64 is still building right now
<jamespage> frickler, I've been debugging some i386 build failures but with a 3 hour build loop it takes some time...
<jamespage> jcastro, we get things uploaded....
<jamespage> pitti +1'ed
<frickler> jamespage: great, thx
<teward> rbasak: insight please - FFe bug status == confirmed means what?
<rbasak> teward: nothing really. Just that someone else is affected (ie. wants it)
<teward> ok
<teward> so I should prod -release then :)
<jamespage> teward, once a member of the release team comments with a +1 and marks it triaged, its approved
<teward> jamespage: ack, thanks, i'll keep that in mind going forward :)
<teward> (this should be documented somewhere!  :P)
<acmehendel> google thinks that they can make a driverless car, but in reality they cant make a driverless car that copes with regular city traffic and drivers
<acmehendel> these billionairs are a bunch of control freak psychopaths
<acmehendel> their algorithm sucks and it will always suck
<acmehendel> algorithms
<pmatulis> acmehendel: thank you for the diatribe
<acmehendel> youre welcoime
<cagmz> Anyone know why UTF charcters aren't showing up in on Windows using Tera Term (from my Ubuntu box)? I have set send/recieve to UTF-8
<thebwt> cagmz: are you getting the empty box? could be the glyphs aren't tehre.
<thebwt> there*
<cagmz> for the infinity character, I get '8', and for an arrow, I get '?'
<cagmz> however, using Bitvssh Tunnelier, both characters show up
<YamakasY> erm is there some lsb release done ?
<halvors> Hi. How to change the permission of a folder from drw-r----- to -rw-r-----
<halvors> ?
<sarnold> halvors: what does that 'd' mean?
<RoyK> halvors: Ã¸h - d is dir, man ;)
<halvors> oh.
<halvors> Cause my problem is that rsyslog is unable to write to that directory somehow...
<RoyK> trying to tell syslog to log to a directory as opposed to a file? ;)
<halvors> No that's not it.
<halvors> I have this in my rsyslog configuration: $template DynFile, "/home/hoursgaming/syslog/%$DAY%.%$MONTH%.%$YEAR%/%HOSTNAME%.log"
<halvors> *.* -?DynFile
<halvors> But the file is somehow never created.
<halvors> Anyone knows why that might be?
<halvors> How can i check if rsyslog have problems writing the file?
<sarnold> most of those things that look like variables are using %$..%
<sarnold> but hostname does not
<halvors> The problem seems to be that i'm unable to write to folders other than /var/log/syslog
<halvors> /var/log i mean.
<sarnold> is your syslog daemon confined with apparmor? check dmesg or your auditd logs for DENIED lines
<patdk-lap> I hate writing to /var/log
<patdk-lap> it causes so many unneeded iops
<sarnold> do you use a loghost instead?
<patdk-lap> ya
<sarnold> let the loghost deal with the iops :D
#ubuntu-server 2016-04-01
<coreycb> jamespage, beisner: when one of you get a chance, can you promote sahara to trusty-mitaka proposed?
<hallyn> arges: hey, do you have a qemu-bisecting script out there?
<helpwth> im going insane. i have moved all my folders over to my ssd. i have done a grub install and i have done a grub update and i have changed the UUID of fstab and it still says "loading OS error no such device" uuid of old HDD entering rescue mode. can someone please help
<TJ-> helpwth: in the GRUB rescue> shell now?
<helpwth> yeah
<TJ-> helpwth: try "ls" and see what device nodes you see
<TJ-> helpwth: if you're good at guessing, then try to find GRUB's files by checking each of the "(hdX,msdosY)" nodes with "ls (hdX,msdosY)/" and looking for boot files
<TJ-> helpwth: if there's a separate /boot/ file-system, you'll see vmlinuz-<version> and initrd.img-<version> there; if /boot/ is in the root file-system you'll see all the standard / directories such as /bin /usr /var /etc /dev ...
<TJ-> helpwth: also, check what GRUB's idea of where it's root file-system is with "set" and check 'root=' and 'prefix='
<beisner> o/ coreycb  yep will do
<arges> hallyn: https://github.com/arges/qemu-bisector havne't used it in a while
<sarnold> how have I never seen nproc before??
<sarnold> that's awesome
<TJ-> sarnold: I find that browsing things like "dpkg -L coreutils | grep bin/" and then exploring man-pages can be very enlightening :)
<cagmz>  I set a PS1 variable in my .bashrc, and it shows up when I SSH, but if I record the terminal using script(), it looks like I have two prompts; my original and my custom PS1. how do I fix this? I'm using my linux box through SSH
<sarnold> TJ-: trouble is, I did most of my manpage exploring in the 90s :)
<TJ-> sarnold: time to retro it :)
<sarnold> TJ-: souds like fun
<sarnold> cagmz: look slike that happens default out of the box too; itlooks fine with 'cat typescript' though
<helpwth> tj dtill here?
<hallyn> arges: awesome, thx
<TJ-> helpwth: popping in and out
<helpwth> i got frustrated and downloaded live cd on a usb. updated grub and installed grub. in the boot/grub.cfg it shows the right UUID... but when i restart and press C at the grub menu it STILL shows the old HD UUID
<TJ-> helpwth: you've got other devices connected and the system has the boot loader on one of them, not the one you think and is booting from that other device
<helpwth> ive since ran sudo grub-install /dev/sda and it made the boot/grub
<helpwth> but when i restart the boot/grub is gone
<helpwth> like i twas nevver made
<hallyn> arges:
<hallyn> "# - ensure autologin to root from ttyS0
<hallyn> how exactly do you do that?
<sarnold> pitti may have something stealable in the autopkgtest prepare-vm things
<hallyn> in the old day syou'd put bash in /etc/inittap or something :)
<hallyn> hm, yeah
<hallyn> though actually i may not need that - i don't need to login to do stuff ,just need to check that it booted
<hallyn> so i can just have expect wait for a login prompt with timeout
<hallyn> i think
<hallyn> yeah 'close' seems to then kill the task so all's good
<lordievader> Good morning
<loli1> hello
<loli1> I have a problem wig logrotate and anacrontab
<loli1> myabe you can help me
<loli1> I have a set of logs that I want to rotate every day at 23:59. So, I created the rules in /etc/logroata.d/myLogs, and added in CRON, that a 23:59, execute lorotate of that path. THE PROBLEM: is that ANACRONTAB executes all /etc/logrotate.d/ at 00:00. So what happens is: at 23:59 "myLogs" are rotated by CRON, and then at 00:00 are rotated again!!!! How do I solve this?? I onyl want to rotate those logs, and only those, at 23:59
<yossarianuk>  Is anyone aware of any good bare metal backup solution that works with windows, mac and linux ?
<lordievader> If you have ssh/rsync access to windows/mac, dirvish.
<yossarianuk> lordievader: not a bad idea - does rsync on windows still require cygwin ?
<lordievader> No idea...
<jelly> rsync-based scripts like dirvish or rsnapshot are not enough for bare-metal-restore capability even on linux, let alone windows
<yossarianuk> bacula has been suggested and that seems to fit the bill.
<Sling> bacula can be old and cumbersome but it does the job :)
<arges> hallyn: no idea, that script is really old, I bet it could be improved alot
<pmatulis> morning
<Ameurux> hello
<frickler> jamespage: ceph 10.1.0 is doing fine so far, one minor issue would be getting rid of the warnings during installation: http://paste.ubuntu.com/15576472/
<jamespage> frickler, hmm - that looks like some sort of debhelper bug
<jamespage> please can you file a but
<jamespage> bug rather
<frickler> jamespage: will do
<frickler> jamespage: http://paste.ubuntu.com/15576693/ looks more serious, look at the "Tasks:" output. seems like systemd counts each thread as a task, so the default limit of 512 will be pretty low for OSDs in a larger cluster
<frickler> jamespage: I'll do a bug report for that, too
<jamespage> frickler, +1
<jamespage> I'd like to include as much as possible in my next upload
<jamespage> frickler, thanks for the testing btw - nice to have more eyes on ceph :-)
<frickler> jamespage: yeah, we did run with the builds from ceph for trusty, but they don't have builds for Xenial yet and having a current ceph version directly from Ubuntu sounds like a better alternative anyway
<jamespage> frickler, tbh we track upstream releases pretty closely
<frickler> jamespage: in trusty there only is firefly and no hammer
<jamespage> frickler, you can get hammer from the UCA
<jamespage> frickler, add-apt-repository cloud-archive:kilo
<jamespage> for example
<jamespage> frickler, add-apt-repository cloud-archive:mitaka
<jamespage> mitaka will have jewel in the end
<frickler> jamespage: hmm, right, but we are targetting mitaka on xenial now anyway, nicer kernels and stuff ;)
<jamespage> frickler, of course
<jamespage> frickler, are you covering ceph and openstack?
<jamespage> covering/using?
<frickler> jamespage: yes
<jamespage> frickler, well if you hit any problems with packaging ping either coreycb, myself or ddellav
<frickler> jamespage: well, https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1563330 would be nice, and https://bugs.launchpad.net/ubuntu/+source/cinder/+bug/1564812 too ;)
<ubottu> Launchpad bug 1563330 in ceph (Ubuntu) "Please do not enable the service ceph-create-keys by default" [Undecided,New]
<ubottu> Launchpad bug 1564812 in nova (Ubuntu) "Disable sudo io logging for rootwrap" [Undecided,New]
<jamespage> frickler, ack
<frickler> jamespage: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1564922 and https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1564917 are the new bugs
<ubottu> Launchpad bug 1564922 in ceph (Ubuntu) "Warning messages during package installation" [Undecided,New]
<ubottu> Launchpad bug 1564917 in ceph (Ubuntu) "Default task limit from systemd is too low for ceph" [Undecided,New]
<jamespage> ddellav, ok barbican uploaded...
<ddellav> jamespage ok
<jamespage> beisner,
<jamespage> [   37.408818] cloud-init[2193]: Can not apply stage config, no datasource found! Likely bad things to come!
<beisner> wee
<beisner> jamespage, https://github.com/ryan-beisner/charm-nova-compute  for cpu passthrough and smt bits that worked @ 15.10
<jamespage> [FAILED] Failed to start Raise network interfaces.
<beisner> jamespage, i need to revalidate when i can test on ppc64el, then planning to put that review up
<tdelam> hey guys, I just installed Ubuntu 14.04-4 LTS and everything is fine, except when I log in to install anything via apt-get nothing exists? I tried apt-cache search mysql for example and the only that comes back is "rsyslog - reliable system and kernel logging daemon" .. i've never seen this before. Any idea why this would be? sources.list seems fine
<FuriousGeorge_> hey all
<FuriousGeorge_> what would you use to backup a remote server with a 1tb disk that is 95% free
<FuriousGeorge_> there was something i used to use but i can't think of it
<FuriousGeorge_> more like 99% free
<patdk-wk> tar
<patdk-wk> rsync
<patdk-wk> duplicity
<patdk-wk> ....
<patdk-wk> what exactly is it your attempting to do
<FuriousGeorge_> patdk-wk: ideally id like to copy what i back up right over my drive like dd, but im thinking that's not possible
<FuriousGeorge_> i used to use a program, but tbh i can't recall if it was only for ntfs, that would make an image
<FuriousGeorge_> partimage
<patdk-wk> sure, but if you do that, it will backup all that extra stuff
<FuriousGeorge_> bcouldn't remember name at first.  but idk if that will work
<patdk-wk> so you really need to save the disk? not just the files?
<patdk-wk> if you really need a dd like image, I would zerowipe your freespace first
<FuriousGeorge_> patdk-wk: not really, but i'd like to have something akin to the snapshot i take with my vps if possible
<FuriousGeorge_> if it's too hard, then tar w/e
<patdk-wk> well, not all vps's expose a block device you are allowed to touch
<DirtyCajun> FuriousGeorge_: i just rsync a backup file and exclude boottime folders. does the exact same thing. only change would be UUIDs if yu had to repartition
<FuriousGeorge_> DirtyCajun: patdk-wk:  ty
<cyphermox> jgrimm: what is the difference in the way one starts MAAS from the CD for a region controller vs. a rack controller, do you know, or can you point me to someone who would?
<jgrimm> cyphermox, roaksoax... rharper and he are looking at getting the bits for that ready.
<randymarsh9> so is the bash-windows story true or is this an april fools
<patdk-wk> randymarsh9, heh? that was days ago
<aruns> Hi.
<aruns> Silly question, but how do I open a file from terminal?
<aruns> I have tried xdg-open, but that does not always seem to work.
<hilx> nano filename
<hilx> or sudo nano filename
<Sling> aruns: what do you mean with 'open' ? view its contents? run it? edit it?
<aruns> Sling: Yes, I want to edit it in a text editor.
<aruns> My default text editor is Gedit.
<Ben64> how did you install ampps
<aruns> Command line.
<aruns> Apache is fine.
<Ben64> can you be more specific
<aruns> cd /download/location chmod 0755 Ampps-<version>-<arch>.run ./Ampps-<version>-<arch>.run
<Ben64> yeah, that's not supported at all
<aruns> Where <version> is the current version of Ampps that I have installed.
<aruns> No, Ampps is running.
<aruns> I just need to edit the MySQL config file.
<Ben64> great, but this channel doesn't support 3rd party stuff, and the ampps website says it's only supported on centos
<aruns> No, I just want to know how to open a text file via terminal.
<aruns> Onto a text editor.
<Ben64> vim /path/to/file
<aruns> Oh, OK.
<Ben64> or nano, or whatever editor you like
<aruns> I can't use Gedit?
<Ben64> gedit /path/to/file
<aruns> Ah, OK.
<aruns> Thanks.
<Ben64> so yeah, you should not be doing any of this. by circumventing the normal package process you're going to be missing out on security updates for mysql and apache, not great ideas
<aruns> I just wanted to try Ampps out as a LAMP stack configuration server.
<aruns> *LAMP stack server configuration
<Ben64> that doesn't make sense
<aruns> Eh, my machine is 11 years old anyway.
<aruns> I don't have any sensitive data on here.
<Ben64> so who cares about security?
<aruns> Well, it's not my main machine.
<Ben64> it's on a network with your main machine, right
<aruns> Yes.
<Ben64> and it's on internet you pay for, and are subject to the ToS
<Ben64> so anything illegal that happens on your hacked server comes back to you
<aruns> Actually, I was probably better off installing Apache, MySQL and PHP from command line.
<aruns> But I know for next time.
#ubuntu-server 2016-04-02
<Blueking> morning
<FManTropyx> should I shut down httpd and mysqld before running dist-upgrade?
<Blueking> trying to fix router/ubuntu server  /etc/network/interfaces   auto eth0, iface eth0 inet static, address 109.247.165.99, gateway 109.247.160.1, dns-nameservers 92.220.228.70 109.247.114.4      second nic  eth1: auto eth1, iface eth0 inet static, address 10.25.0.1, netmask 255.255.255.0
<Blueking> am I missing something ?
<Blueking> any wrong ?
<Blueking> set auto lo too
<TJ-> Blueking: you're not setting a netmask on eth0
<TJ-> Blueking: but as I said last night, 99% of the time you should use DHCP on the WAN interface so the ISP can allocate the address, DNS, and gateway
<Blueking> forgot it  netmask 255.255.248.0
<Blueking> fibermodem are set to bridgemode
<Blueking> public IP = static given by isp
<Blueking> that I want to be on mine private router
<TJ-> Blueking: right, you said. That doesn't make any difference to using DHCP to *get* that address though
<Blueking> network failed that way too
<TJ-> Blueking: did the PC get a DHCP lease ?
<Blueking> yes but at every lease renew  net dropped
<TJ-> Blueking: if not, then you've something wrong with the bridge, is it transparent?
<Blueking> bridgemode on fibermodem ?
<TJ-> So, your PC got the ISP's address and it could route to the Internet OK?
<Blueking> laptop connected directly on fibermodem have none issues
<TJ-> So, your PC got the ISP's address *via DHCP* and it could route to the Internet OK?
<Blueking> yes
<TJ-> Blueking: and when you set the *same* address/netmask/gateway/dns statically it can't route?
<Blueking> u got it right
<TJ-> Blueking: that tells you the ISP only opens the route when its DHCP server assigns a lease
<TJ-> Blueking: so, instead of trying to statically define things, use DHCP and solve the lease renewal issue
<Blueking> ok  what should I look into renewal issue ?
<TJ-> Blueking: well, are you using NetworkManager to manage the connection?
<TJ-> It makes more sense since it knows how to do everything, and it controls dhclient, dnsmasq, etc.
<TJ-> All of those log quite verbosely into the syslog so you can generally diagnose issues too
<Blueking> never used networkmanager
<Blueking> I am using shorewall as firewall if that matters
<TJ-> OK, so you're manually configuring it so dhclient, dnsmasq work independentally?
<Blueking> yes
<Blueking> dnsmasq I havn't looked at
<TJ-> If the lease doesn't get renewed, the *first* thing to check is that the 'dhclient' processes (1 for IPv4, 1 for IPv6) continue running after the initial lease is obtained. If they've stopped then that would easily explain why the lease never gets renewed
<Blueking> changed auto eth0, iface eth0 inet dhcp
<TJ-> If you confirm both dhclient s are running and you see, in syslog, dhclient trying to renew a lease, you'll have some diagnostic information to work with
<Blueking> eth1 and lo remains unchanged
<TJ-> which release of Ubuntu are you using?
<Blueking> how it looks like when dhclient tries to renew in logs ?
<Blueking> 14.04
<Blueking> LTS
<TJ-> OK, quite an old version. Did you check whether both IPv4 *and* IPv6 leases expired?
<Blueking> ipv6 given by isp are just local RD
<TJ-> So you're not using prefix delegation and your own DHCP server issuing addresses
<Blueking> that were greek language to me :P  (didn't understand)
<TJ-> there are so many IPv6 addresses available the ISPs will usually delegate a complete /64 subnet to each customer account, so you can then delegate that on your local network
<Blueking> will disconnect to test new setting in interfaces
<Blueking> it's /64 yes
<Blueking> but not true ipv6 tho
<Blueking> starts with fe80
<Blueking> and I see on windows that it got none ipv6 gateway or dns
<TJ-> well, if you're operating your own gateway it would need an DHCPv6 client on the public interface to request that info from the ISPs DHCPv6 server. Then it would share that with its LAN-side DHCPv6 server
<Blueking> TJ- dhcp-server on isp side comes up on windows net connection... that we don't need to put on ubuntu I'll guess
<Blueking> gateway on isp
<Blueking> IP of router = 109.247.165.99   gateway  109.247.160.1
<Blueking> brb  check if net is back with dhcp
<Blueking> TJ-  ok back  did ifdown eth0 && ifup eth0  and got an message    'suspect value in host_name option - discarded
<Blueking> on through ubuntu router now
<Blueking> lease time 4287 seconds
<Blueking> renewal in 4287 seconds I mean
<TJ-> Blueking: ok, check if the dhclient is continuing to run: "ps -efly | grep dhclient" and check its command-line arguments to see where its config and lease files are
<Blueking> ok /var/lib/dhcp/dhclient.eth0/leases eth0
<Blueking> and /run/dhclient.eth0.pid
<lordievader> Good morning.
<Blueking> TJ- I see host-name in there
<TJ-> Blueking: 'suspect value' indicates something wrong with it
<Blueking> but it's from ISP
<TJ-> so? ISPs can make mistakes too
<Blueking> ok host-name "0004005c0426/hdl-lunn1ar2"
<TJ-> definitely a bad name "/" is an illegal character in a hostname
<TJ-> unless there's some special format for that option in the DHCP RFCs
<Blueking> http://paste.ubuntu.com/15586424/
<Blueking> why are there two inputs ?
<Blueking> ok I'll ask my isp
<Blueking> TJ-  check that pastebinit  why are there two leases on same interface ?
<TJ-> Blueking: the lease file is append-only... expired lease records remain in the file. The latest lease (look at the expire timestamps) is the last one
<TJ-> Blueking: regarding the host-name content you have, RFC1533 para 3.14 describes DHCP Option 12 "Host Name". RFC1035 describes the character set restrictions which are that names can only contains letters, numbers and the hyphen ("-") with "." as a separator
<Blueking> ok
<Blueking> I have to notify isp about it then ?
<TJ-> Yes. Use what I told you (the RFCs) to ensure they take you seriously and pass it to their engineers
<TJ-> and of course show them the lease that was acquired
<Blueking> ok
<Blueking> nods
<TJ->  "option host-name "0004005c0426/hdl-lunn1ar2";" stands out like a sore thumb to someone who knows DHCP/DNS
<Blueking> hehe  but still I had a disconnect right now after 2 hour uptime
<Blueking> TJ-  are there ways to have longer lease time ?
<TJ-> Blueking: no; that's a DHCP server configuration. It looks like the ISP is using the same short expiry time for static leases it uses for dynamic leases
<Blueking> TJ-  but host-name can't be reason for unstable net ?
<Blueking> TJ-  what if... I know net drops out like every 2h  I can force renew  of ip ?
<Blueking> before it happens ?
<TJ-> Blueking: the order of actions on timestamps is renew, rebind, expire. Your DHCP client should do 'renew' before ever reaching 'rebind' and should never reach 'expire'
<lordievader> Could it be that his dhcp client does adhere to the RFC and thereforce doesn't do the renew/rebind because of the hostname option?
<TJ-> well the client says it's ignoring the host-name
<TJ-> I'd like to see the syslog before saying more, which we hanve't had yet. That'll show if the client requests a renew and possibly the server doesn't respond
<TJ-> the client takes the lease with the suspicious host-name so I can't imagine it'd not then renew
<Blueking> TJ-  hmm did just have an disconnect   and needed to manual get it back online
<TJ-> Blueking: the order of actions on timestamps is renew, rebind, expire. Your DHCP client should do 'renew' before ever reaching 'rebind' and should never reach 'expire'
<TJ-> Blueking: time to grab the /var/log/syslog and see what happened
<Blueking> I am looking into it
<TJ-> if you want to pastebin the last 1000 lines (which should cover it) I'll take a look " pastebinit <( tail -n 1000 /var/log/syslog ) "
<Blueking> sent pm
<TJ-> Blueking: I have them disabled
<Blueking> http://paste.ubuntu.com/15587360/
<TJ-> Blueking: what time did you lose the connection?
<Blueking> 13:42  11:03
<Blueking> and 13.22
<Blueking> can't be munin ?
<Blueking> those cron jobs ?
<TJ-> I see lots of "bound to ..." but then nexxt message from dhclient always seems to be from it Starting Up again. That suggests the process isn't remaining running. How are you starting dhclient?
<Blueking> not sure
<TJ-> Well, have you for an /etc/network/interfaces with "iface em1 inet dhcp" ?
<Blueking> yes
<TJ-> OK, so ifupdown should be the one starting dhclient
<Blueking> auto em1   iface em1 inet dhcp
<TJ-> and it ought to remain running
<Blueking> yes
<Blueking> how to check that ?
<TJ-> well right now for example "ps -efly | grep dhclient" should show it still running
<Blueking> yes
<TJ-> renewal in 4165 seconds... that's 69 minutes
<Blueking> http://paste.ubuntu.com/15587413/
<TJ-> Blueking: did you edit anything out of that syslog pastebin from other services in between the dhclient messages?
<Blueking> not in last 2 hours
<Blueking> but maybe about 11.00
<TJ-> OK, I just didn't want to be missing any important other clues that may have been there, if you had
<Blueking> for a year net was dropping at every 24h  2-3 weeks ago it started dropping out every 18-20 minute
<TJ-> "DHCPNAK from 81.167.184.1 (xid=0xf0827209)" ... I think its your ISP with a messed up DHCP configuration. That message is in response to your client asking to renew, so the server offers the address back then immediately refuses it, forcing the client to withdraw the lease and request a completely new one
<Blueking> ok
<TJ-> Yes, it is definitely your ISP. Looks like their DHCP server admin is clueless
<Blueking> so we have a conclusion now ?
<TJ-> I think you may be able to script around it so dhclient doesn't withdraw the lease whilst regaining a new lease (as the IP is static it shouldn't lose connectivity)
<Blueking> I could take it up with ISP first
<TJ-> I was thinking for you it'd be quicker to set up a local script so you don't have to deal with the loss until they fix it. That could be ages from what you've told us
<TJ-> dhclient can take the -sf option to a shell script that performs actions
<TJ-> so you could add a script that keeps the ip address when the lease is NACKed
<Blueking> easy task ?
<TJ-> yes. why don't we start by adding a script that simply logs the timestamp and the reason the script is called. That way we cn confirm the script sees the effect of the NACK (expire or fail) and then add code to do something about it
<TJ-> "man 8 dhclient-script" goes into detail about the script mechanisms
<TJ-> Blueking: do you have the file "/etc/dhcp/dhclient-enter-hooks.d/debug" ?
<Blueking> yes
<TJ-> Blueking: if so, as sudo/root edit it, change RUN="no" to RUN="yes" and then restart networking/ifupdown to restart dhclient. It'll then log to a file "/tmp/dhclient-script.debug" each time the script is invoked
<Blueking> ok
<TJ-> Then we can look at what is recorded in that file after the next time you lose the connection
<Blueking> lol had wrong order on ifup && ifdown :P
<Blueking> now
<Blueking> reason why dropout now
<Blueking> moved tmp dhclient log file so start with fresh new one
<Blueking> when it drops out
<TJ-> good, you're making progress
<FManTropyx> I do "/etc/init.d/mysql stop" and mysqld just keeps immediately spawning a new instance - how do I shut down MySQL completely?
<TJ-> FManTropyx: what Ubuntu release? I'd guess the init system is respawning it. You should use the init system to control it
<FManTropyx> OS is 14.04, but I'm a noob trying to administrate it...
<TJ-> FManTropyx: then the init system is upstart. Do "sudo service <name> [start | stop | restart | status ]
<TJ-> FManTropyx: so "sudo service mysql stop"
<alechk0> hey guys, my 12.04 machine running mysql server rebooted earlier, and now mysql fails to start with "mysql respawning too fast, stopped" messages, I've tried to dpkg-reconfigure mysql-server-5.5 and it failed, then I tried to apt-get remove mysql-server mysql-server-5.5 and it failed again at configuring the mysql-server-5.5 package
<alechk0> so now every time I try to install/remove package, it tries to configure the failed installation
<alechk0> and of course the mysql server is stopped
<alechk0> how do I purge the failed installation?
<soee> hi, can i upgrade 15.10 to 16.04 via command line ?
<ikonia> you can
<soee> is the do-release-upgrade -d the right option ?
<ikonia> no
<ikonia> as that will upgrade to a development version
<ikonia> (pre release 16.04)
<ikonia> I suggest you wait for the official upgrade process which is at 16.04 release
<soee> ikonia: i do want to jump to 16.04 development version
<soee> i want to setup vps already for 16.04
<ikonia> I advise against it
<ikonia> #ubuntu+1 topic has documentation in it
<Blueking> can someone have a look at dhclient debug file + log from sniffing on interface  when lease renews (logged with tshark) I get 2 x NAK when renew of ip fails and net drops out
<rowdypixel> does anyone know of a way to further debug an upstart script when i get the message "job failed to start" and the log is totally empty? I am trying to run a web server as a service, and running the command to start the server works fine as the user the config file is set to run under
<rowdypixel> conf file for reference: https://gist.github.com/anonymous/f4547f9f9c2f3827dbc671027f931d13
<Blueking> how to pastebin result of ifdown && ifup ?
#ubuntu-server 2016-04-03
<LABcrab> Hello!
<pmatulis> hello
<redasus> hey
<redasus> I'm getting SSL23_GET_SERVER_HELLO:unknown protocol when using nginx to serve my site through https on an aws ec2 ubuntu server
<redasus> any help is appreciated
<lordievader> Good morning.
<Blueking> patdk-lap   u there ?
<Blueking> patdk-wk u there ?
<Blueking> someone here have been into dhcp server/dhcp dhclient and lease renew ip problems with dhcp server (on ISP side) that fails getting NAK  -> suspect value in host_name option - discarded  and disconnects from net ?
<Blueking> what versions of dhcp for ubuntu 14.04 are there out now ?
<Deeps> Blueking: packages.ubuntu.com will tell you
<Blueking> ok   versions I know about are dhcp dhcp3  any other ?   (not server version)
<Blueking> patdk-wk u there ?
<trippeh> hum, my debmirror is no longer fetching i18n/Translation-en for xenial main from archive.ubuntu.org
<trippeh> hm, more stuff seems broken. :)
<trippeh> oh, I have Acquire::Languages "en"; set in my apts which may recently have starting tripping things up.
<trippeh> official mirrors seems to have i18n/Translation-en tho.
 * patdk-lap has no issues
<patdk-lap> I just upgraded 3 machines today
<patdk-lap> just a few min before you started complaining :)
<halvors1> Ubuntu server network confiuguration is handled by /etc/network/interfaces.
<halvors1> What proram is actually dealing with this?
<halvors1> And is there any way to make iproute2 persistent?
<halvors1> Like /etc/network/interfaces, since it seems to be lacking a lot of features provided by iproute2
<tarpman> halvors1: /etc/network/interfaces is handled by the programs in the ifupdown package. which feature are you looking for exactly? some other packages extend ifupdown, but their additions aren't necessarily documented in interfaces(5)
<halvors1> tarpman: I was looking for VRF support, as well as IP-IP tunnels, and DHCPv6 prefix delegation client using isc-dhcp-client.
<halvors1> VRF support like described with iproute2 here: https://www.kernel.org/doc/Documentation/networking/vrf.txt
<halvors1> I'd like mye network configuration to be persistent :)
<tarpman> sounds like a reasonable thing to want :)
<halvors1> There is no way to do that with iproute2?
<halvors1> tarpman: Do you have any idea how to do this with ipupdown? Or add packages to it that implements this?
<tarpman> I haven't heard of VRF before, so I'm googling around quickly to see if I can figure that out
<tarpman> the only way I know of persisting iproute2 changes is to run it in scripts... whether a custom init script, or /e/n/i pre-up/post-up hooks, or such
<halvors1> tarpman: VRF is virtual routing, meaning that you basically have separate routing table for devices etc.
<halvors1> Often one for each VLAN. To separate routing as well as the local link.
<halvors1> How do i add such a script/hook?
<tarpman> reading http://lwn.net/Articles/654541/, very cool
<patdk-lap> hmm, iproute has no persistance
<patdk-lap> it's kind of like asking ifconfig to be persistant
<patdk-lap> you need a manager to do that persistance
<patdk-lap> I know quagga was getting vrp support I think
<patdk-lap> and strongswan
<patdk-lap> but really, if ifup/down scripts are too complex
<patdk-lap> it might be enough to just use up down command to launch iproute2
<trippeh> VRF in iproute is very new, so probably nothing existing to integrate it with ifupdown yet
<trippeh> but the DHCPv6 PD not beeing supported is getting kind of old :)
<trippeh> (altough isc-dhcp-clients support for it is kinda crappy, or at least was not long ago)
<patdk-lap> I have never been able to get isc-dhcp to do pd correctly, as much as I tried
<patdk-lap> worked fine with widedhcp
<Blueking> patdk-lap hello
<trippeh> I guess we can only hope systemd-networkd implements it ;-)
<Blueking> patdk-lap u know your stuff on networking  and knows wireshark and so on ?  have a look at dhcp.pcap file ?
<Curly_Q> Can someone here talk a bit about the difference of using JAVA versus PHP and MYSQL on an Ubuntu server. Just a few questions. Maybe more if it is interesting. The first question is: Is Java or PHP or MYSQL secure and does it have certain vulnerabilities?
<Curly_Q> I have a Headless Apache2 server i386
<Blueking> tj
<Curly_Q> Also is a 64 bit Ubuntu server backwards compatible with older versions of Ubuntu?
<Curly_Q> Compatibility meaning that is a 64 bit machine will apt-get compatible downloads if a 32 bit installation is installed?
<readonlyomg> im having some serious ready only filesystem issues and i cant for the life of me establish whats going on other that the ata 6  faileure im getting
#ubuntu-server 2017-03-27
<echosystm> i've added a service to systemd
<echosystm> i can manually start it no problems
<echosystm> however, it never starts on boot
<echosystm> systemctl enable myservice does nothing
<echosystm> any ideas?
<ChmEarl> echosystm, any `WantedBy=`?
<echosystm> nope
<ChmEarl> [Install] -> WantedBy=multi-user.target
<echosystm> okie doke
<ChmEarl> echosystm, if you know how it needs to sequence, there are other keys to use
<echosystm> ChmEarl: that fixed it
<echosystm> thanks
<drab> anybody around familiar with hp switches way of doing trunking/lacp?
<drab> I had lacp on 4 ports and bonding with lacp on the host
<drab> and it worked
<drab> but you can't have dhcpsnooping on a dyn trunk which is what enabling lacp will give you
<drab> so I have to set up a static trunk, but then I'm not sure what on the server side
<lordievader> Good morning.
<patsToms> morning
<patsToms> could I make local repositories mirror on my raspberry?
<hateball> provided it has ample storage, yes
<hateball> !aptmirror
<hateball> boo
<zioproto> hello Openstack folks. We are facing a new Neutron bug ad SWITCH. I found that it is a known bug. https://bugs.launchpad.net/neutron/+bug/1632540
<ubottu> Launchpad bug 1632540 in neutron "l3-agent print the ERROR log in l3 log file continuously ,finally fill file space,leading to crash the l3-agent service" [Undecided,In progress]
<zioproto> we see this bug in Mitaka but it looks like it is still present in master
<zioproto> jamespage: are you online ?
<zioproto> jamespage, coreycb we are facing some neutron sync issue between neutron-servers and agents because of the time change from CET to CEST in the night of 26th of March. Let me know if you faced any similar issues. We had a small 3 minutes time window when the time changed where neutron thought all its agents where offline since 1 hour. This caused a lot of
<zioproto> load. Neutron tried to recreate all routers and reapply all iptables rules. I am still reading logs ...
<ivoks> zioproto: i'm not jamespage or coreycb, but are you sure those are related to time?
<ivoks> zioproto: time tracking in unix is done with unix clock, and date presented to user is almost just translation into human readable format (+ some mangling like DST)
<ivoks> leap seconds are more likely to cause issues like this
<zioproto> there is a race condition well this happened exactly when the time changed from CET to CEST, yes it could be a leap second issue
<zioproto> I just figured out I have heartbeat_timeout_threshold=0 in my neutron.conf, this could be the source of trouble
<ivoks> leap seconds in 2017 are scheduled for june and december, iirc
<zioproto> so, it is not a leap second :)
<ivoks> it's not
<ivoks> we've always had incrementing leap seconds so far
<ivoks> which are fairly simple and uneventful
<ivoks> problem will be when we will have to do a negative one; which means that earth rotation has slowed down
<ivoks> but in any case, don't get date to get in your way
<ivoks> that couldn't have caused that issue
<ivoks> time tracking is based on time pased since unix epoch, and that is not impacted by DST
<zioproto> ok, I am still debugging the issue, I will report here when I am sure that happened
<fnordahl> xnox: ping?
<xnox> fnordahl, hello
<fnordahl> xnox: hi there.
<fnordahl> xnox: re LP: #1642966
<ubottu> Launchpad bug 1642966 in cups (Ubuntu Yakkety) "package cups-daemon 2.1.3-4 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [High,Fix committed] https://launchpad.net/bugs/1642966
<fnordahl> xnox: the SRU'ed package caused just that error here now apport-info in LP: #1676380
<ubottu> Launchpad bug 1676380 in cups (Ubuntu) "package cups-daemon 2.1.3-4 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1676380
<fnordahl> xnox: ftr, the update has now been pulled.
<zul> coreycb; ping do we really need this? https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone/tree/debian/patches/add-version-info.patch, keystone is the only package that does this and my devops side of me you really dont want server banners to be identified in production
<freakynl> Hi, anyone know why a minimal server install has open-iscsi, lxcfs and snapd running by default?
<zul> coreycb: i know why we added it but its something we started and dropping it makes keystone so much more easier to maintain
<coreycb> zul, i'm not really sure if we can drop that or not. you may want to run it by james.
<zioproto> hey there
<zul> coreycb: ugh
<zioproto> hey guys the ubuntu packaging for neutron still includes a cron job /etc/cron.d/neutron-l3-agent-netns-cleanup
<zioproto> I found another race condition when this cronjob deletes namespaces and other parts of neutron want to apply iptables rules to it forever
<zioproto> I will open soon a bug
<zioproto> just wondering, why this cronjob ? other distributions dont ship it AFAIK
<coreycb> zioproto, i think we may have dropped the cron jobs in a recent release
<coreycb> zioproto, checking
<zioproto> that would be great, for sure is still there in Mitaka :)
<tom___> Hi, i use ubuntu server 16.04.2 but it takes unusually long to start the server. See the full dmesg (http://paste.ubuntu.com/24260947/) and the lines which seem to hang somehow (http://paste.ubuntu.com/24260952/).
<zioproto> tom___: check if you have weird udev rules
<tom___> zioproto: are udev rules capable to delay the boot process that much?
<zioproto> yes we had a problem like that when we upgraded Trusty to Xenial
<zioproto> tom___: we had a line that we added it looked like
<zioproto> tom___: KERNEL!="sr*", IMPORT{builtin}="blkid"
<zioproto> this was in our custom file in /etc/udev/rules.d/
<zioproto> in trusty it was no problem
<zioproto> in xenial there was a delay at boot for 120 seconds
<tom___> Do you remember which udev-rule was the problem?
<tom___> zioproto: It is a clean install with no custom udev rules. Should I add one myself?
<zioproto> this problem was very special for our setup
<zioproto> because we create symlinks for disks in /devv
<zioproto> so no matter if the the disk is /dev/sda or /dev/whatever
<zioproto> we create symlinks to /dev/sra
<zioproto> so
<zioproto> you most probably dont have our same problem
<zioproto> tom___: just make sure you dont have custom stuff in udev because that could be a root cause for slow boot
<tom___> zioproto: no there is nothing like that. I found somewhere that the raid controller could be the problem as i have one but dont use it. But adding raid=nodetect as boot parameter didn't help anything.
<coreycb> zioproto, https://bugs.launchpad.net/cloud-archive/+bug/1623664
<ubottu> Launchpad bug 1623664 in Ubuntu Cloud Archive "Race between L3 agent and neutron-ns-cleanup" [Undecided,New]
<coreycb> zioproto, they haven't been dropped yet
<zioproto> oh, so not even in master, right ?
<coreycb> zioproto, correct
<zioproto> coreycb: but that bug is fixed with the patch I merged in Barcelona
<zioproto> I mean router deleting is not a problem anymore
<zioproto> now I triggered a similar condition
<zioproto> if you have a glitch in rabbitmq
<zioproto> the neutron server asks all l3agents to reapply security groups
<zioproto> and you fail apply the iptables rules in a namespace that does not exist because the cronjob deleted it
<zioproto> I am writing a neutron patch to make the code more robust again doing stuff on namespaces that are gone for some reason
<zioproto> but the real bug here is that cronjob
<zioproto> :D
<drab> moin
<zioproto> coreycb: I cant make a patch that creates again the namespace, to have the cron again coming and deleting the namespace, we have to find a common design between the neutron devs and the ubuntu packaging
<coreycb> zioproto, it looks to me like namespaces are cleaned up my neutron and neutron-lbaas upstream code these days so i think we can drop these cron jobs
<zioproto> ok, but we need a fix at least for Mitaka ? what about Newton ?
<coreycb> zioproto, we'd have to start at pike and work our way back with SRUs
<zioproto> coreycb: this patch needs a lot of love, but this is the key idea https://review.openstack.org/450271
<zul> zioproto: can you open up a bug about dropping the netns cron stuff please?
<coreycb> zul, we can use this bug: https://bugs.launchpad.net/cloud-archive/+bug/1623664
<ubottu> Launchpad bug 1623664 in Ubuntu Cloud Archive "Race between L3 agent and neutron-ns-cleanup" [Undecided,New]
<zul> coreycb: okie dokie
<zul> coreycb: http://paste.ubuntu.com/24261969/
<coreycb> zul, looks good. i'd just update the changelog message to say that upstream now cleans up netns.
<coreycb> zul, neutron-lbaas needs an update too
<zul> coreycb: ack
<mike-zal> what is host server key? can't find anything on that :( . it sounds like the key of the host computer where my VPS is, but what it has to do with my VPS?
<nacc> mike-zal: in what context? ssh key?
<mike-zal> well, when I connect to my server with ssh through filezilla, I got a meesage:
<mike-zal> host server key is unknown. you have no guarantee that server is the one you want.
<mike-zal> then I have some details about the host: name of the server, hostkey algorith and some fingerprints
<mike-zal> hmm... it seems like it's about my VPS key, because as host I see name of my server
<mike-zal> but strange thing is: I don't have any keys yet
<mike-zal> I can connect to the server when I agree to trust it anyway
<mike-zal> still, I am confused by the message
<nacc> mike-zal: can you be clearer where the error is? you say 'host' and 'VPS'
<nacc> mike-zal: if you ssh from your machine to the VPS, do you see the same error?
<mike-zal> nacc: in filezilla, it shows when I try to connect with my VPS
<mike-zal> in terminal it's all good
<mike-zal> it also works with filezilla, the difference is that I get this warinig message
<nacc> mike-zal: sounds like something to ask filezilla about?
<mike-zal> nacc: I hoped that some commone server knwolege would explain it
<nacc> mike-zal: if ssh doesn't say it can't find the host key, then i don't know why filezilla does
<mike-zal> nacc: also, I was wondering if that is not the reason why krusader won't connect to my server. it always klaims about some changed keys
<nacc> mike-zal: it's not good for your keys to be changing
<mike-zal> nacc: the thing is, I don't have keys
<mike-zal> yet
<nacc> mike-zal: what do you mean? sshd won't run without there being a host key (afaik)
<mike-zal> when I was connecting through root on krusader, all was well. but when I blocked root and try to log with a user, it won't let me
<blackflow> mike-zal: that's the host's signature key. accept it the first time you connect
<nacc> mike-zal: i think you're confusing your VPS' host key and your local ssh keys
<mike-zal> yes, you are right
<mike-zal> I knew that something was missing for me ;)
<mike-zal> ok, must look what is this host key then
<blackflow> it's the host side of key exchange algorightm
<blackflow> *algorithm
<mike-zal> now I know that's not about ssh keys, I know what to look for, thanks :)
<mike-zal> found this: https://www.vandyke.com/solutions/host_keys/host_keys.pdf
<blackflow> well, it _is_ about ssh keys, just on the server side :)
<blackflow> it's not about public key authentication, specifically.
<mike-zal> then can you refer to me some good source on this? I never knew about tis host key and no article mentioned it before, or at least not in a clear manner
<mike-zal> I never creates that key, never messed with anything related to it, or at least not awarely.
<mike-zal> created*
<blackflow> mike-zal: man ssh   then /HOST KEYS
<sarnold> the sshd startup script normally creates the host keys on first boot
<nacc> mike-zal: iirc, sshd creates keys on start if they are not present
<sarnold> some people generate the keys in their host automation script and ditribute the keys to hosts tht way
<mike-zal> ok. then maybe this host key is the "key" why krusader won't connect to the VPS that way, although strangely it had no issues with root user
<mike-zal> it's not a big issue, there are plenty of ways connecting to server then krusader but I just don't like not to know what is it ;)?
<mike-zal> ok, I start to unserstand it slowly. I did changed some things during server setup i cryptographic keys, just as articles suggested. so I guess that's the change that causesed krusader to complain.
<mike-zal> and filezilla just checks the key and I must remeber it during first connection and if it doesn't change "by iteslf" in future, it's all good
<mike-zal> ups, I meant: filezilla must remeber it
<sarnold> this is often called "TOFU", "trust on first use"
<nacc> mike-zal: right, the host key is like a fingerprint of the remote server. you locally (at some point) said 'remember this server is saying to trust its identity as being this key' and then you hanged the key
<mike-zal> ok
<mike-zal> so this is merely first connection info, on filezilla part, hence the message, "host server key is unknown" and it gives me possibility to remeber it
<nacc> mike-zal: presumably
<nacc> mike-zal: yes, host key checking assumes you know when the keys change, i guess
<sarnold> and if it's unknown because it's the first time you've connected to it, then that makes sense. if it's unknown and you've connected to it before, then perhaps someone is running a man-in-the-middle attack on you.
<mike-zal> no, it's first connection
<mike-zal> but it is possible that before I had the chanse to secure server, someone got in and I didn't notice it.
<mike-zal> let's assume to worst case scenario: where to look for traces of that?
<mike-zal> is there any way to check date of last change on file that holds that host key? where is it located?
<mike-zal> sarnold: during my ssl setup, I installed some cryptographic packages as suggested on article. could they have changed it?
<sarnold> mike-zal: it shouldn't -change- those files, the host key should be generated very nearly at machine creation time and then never again. of course there's a chance that e.g. new sshd packages support curve 25519 keys and older ones didn't, so that key gets created at a reboot..
<patdk-wk> the issue is, if someone got in there, and was able to change those files
<patdk-wk> they got root access
<patdk-wk> and they could change the timestamps on those files also
<zul> coreycb: we should be good now
<ThiagoCMC> Hey guys! I'm facing a weird problem here with Ubuntu 16.04 HWE, I'm trying to enable 2 x 1G Hugepages, like this: "default_hugepagesz=1GB hugepagesz=1G hugepages=2"
<ThiagoCMC> However, after "update-grup ; reboot", the /proc/meminfo shows "HugePages_Total:     121"! WTF...
<ThiagoCMC> Server have 128G, what is preallocating those extra 119 x 1G hugepages?
<ThiagoCMC> I just want 2, not 121!
<keithzg> Hmm I swear I followed https://help.ubuntu.com/lts/serverguide/mail-filtering.html but even with "$sa_tag_level_deflt = -999;" I'm not seeing any spam info headers in emails being sent to and then delivered by the server in question, and nothing is showing up in the mail log to indicate Amavis is actually checking anything.
<nacc> ThiagoCMC: `cat /proc/cmdline` and `cat /proc/meminfo` and `hugeadm --pool-list` in a pastebin?
<sarnold> I've never seen hugeadm before; thanks nacc
<nacc> sarnold: np, helped write it way back when :)
<sarnold> nacc: ha! :D
<nacc> there's also hugectl for manipulating programs with hugepages
<nacc> a la numactl
 * keithzg seems to have discovered that the problem was just that running `mail` from the mail server itself was bypassing things; via SMTP things seem fine, which is fair enough. Time to de-verbose the loglevel settings!
<sarnold> keithzg: woo :)
<keithzg> sarnold: This is the thing I kindof love about the Linux side of my daily job; most of the time the solution is simple and I just need to stop and think what *I* am doing wrong ;)
<sarnold> keithzg: hehe, that's not a bad place to be ;)
<ThiagoCMC> nacc, here: https://paste.ubuntu.com/24263955/
<sarnold> 32 TB VmallocTotal -- oy :)
<nacc> ThiagoCMC: hrm, `dmesg | grep Huge` ?
<nacc> sarnold: i think that's the kernel default
<nacc> sarnold: it's true on my lappy too
<sarnold> awww. mine too.
<sarnold> now I'm dissapointed again.
<nacc> ThiagoCMC: i tentatively think it's this line: DirectMap1G:    131072000 kB
<nacc> that's 125 1G pages (oddly not 121 :))
<ThiagoCMC> That's creepy! dmesg output:
<ThiagoCMC> HugeTLB registered 1 GB page size, pre-allocated 2 pages
<ThiagoCMC> :-(
<nacc> ThiagoCMC: i think it's because you changed the default hugepages size
<ThiagoCMC> Hmmm... How I did that?  lol
<ThiagoCMC> =P
<nacc> hugepagesz=
<nacc> err, default_hugepagesz=
<ThiagoCMC> Hmm..
<nacc> that's probably not recommended
<ThiagoCMC> Weird because I've used this before... just like this...
<nacc> as it will also mean THP uses 1g pages by default
<ThiagoCMC> I see...
<ThiagoCMC> I'll try to remove that line
<ThiagoCMC> *option
<nacc> ThiagoCMC: on the same machine and kernel?
<ThiagoCMC> same machine, previous kernel (4.4)... I also tried 4.4 couple hours ago, same result...
<ThiagoCMC> I'm seeing that people set default_hugepagesz
<ThiagoCMC> RedHat docs, DPDK docs...
<nacc> ThiagoCMC: i mean, changing the default_hugepagesz to 1G is intended to be very intentional
<ThiagoCMC> Ok...
<nacc> rhel's kernel is also ancient, i assume
<nacc> :)
<nacc> and behavior changes
<ThiagoCMC> I know...  =)
<ThiagoCMC> By removing that "default_huge...", it is different now!
<nacc> ThiagoCMC: 2 ? or some other number?
<ThiagoCMC> Look: https://paste.ubuntu.com/24264024/
<ThiagoCMC> Weird that "grep on meminfo" doesn't show the 1G ones...
<ThiagoCMC> But I think I'm okay with it...
<nacc> ThiagoCMC: right meminfo ony shows the default huge page size
<nacc> ThiagoCMC: and then the directmap values
<ThiagoCMC> Hmm...
<ThiagoCMC> Thank you!
<nacc> ThiagoCMC: yw!
<drab> hi, anybody around that uses something like rundeck or stackstorm?
<drab> I'm trying to figure out something that can allow me to "package" a set of commands and workflows to end over to operators
<drab> basically a web frontend to ansible + a bunch of scripts
<drab> stackstorm seems promising as it could do that and then more, but I'm wary of possible complication, it seems overall fairly new
#ubuntu-server 2017-03-28
<rchavik> hi, when using admad's I18nRoute together with LocaleSelectorFilter, the locale gets reset by the dispatcher. any hints to avoid this?
<rchavik> i'll just copy and modify it
<Polarcraft> Did the interfaces file change from 14.04 to 16.04?
<sarnold> not drastically
<sarnold> I can't recall any changes, but that doesn't mean there weren't any..
<drab> Polarcraft: anything specific you're after?
<drab> even for a more convoluted setup with bonds and bridges it actually seems exactly the same to me
<drab> certainly the same fort configuring a bunch of interfaces with a few pre-/post up/down commands
<Polarcraft> drab, well the /etc/network/interface file doesn't contain the nic generated.
<drab> Polarcraft: "the nic generated"?
<drab> you mean from install process?
<drab> is this ubuntu server 16.04 ibnstalled from server iso install media?
<Polarcraft> drab, let me rephrase that, when the box was installed by the server provider the /etc/network/interfaces file did not contain the nic "ens3". When on 14.04 it would have contained that nic in the /etc/network/interfaces.
<drab> Polarcraft: I see, so that problem is less about /etc/network/interfaces having changed and more about maybe the installer doing something different, altho that also seems unlikely, afaicremember my installs worked the same
<drab> Polarcraft: do you have anything in /etc/network/interfaces.d/ ?
<drab> that's the only change I've seen with newer lxc/cloud images
<Polarcraft> No that is blank.
<Polarcraft> I have no idea why this would have been changed though.
<drab> ok, then I got no clue, the installer should really have put it there, but again I think that's the problem, not a format change
<drab> I don't think it is, I'm more inclined toward an install bug of some kind specific to the interfaces. for example I've had all kinds of grief on these new servers with systemd "predictable" naming
<drab> I had to disable that for the installer to even work
<Polarcraft> Well I don't think I can change that as the host is sadly OVH.
<Polarcraft> I need to bridge the nic from "ens3" to a new one by the name of "ens3:0", but the way I used to do it I can't really do in this situation.
<tarpman> Polarcraft: is it possible your host set the system up to use systemd-networkd by default instead of ifupdown?
<Polarcraft> Well I don't know how OVH does it for 16.04 as I am still using 14.04 for my machine.
<Polarcraft> tarpman, they aren't doing systemd-networkd
<Polarcraft> tarpman, you learn something new everyday. Doing what I used to do worked perfectly.
<johefernan> EHLO!
<johefernan> Question
<johefernan> Does 16.04 Server autoupdate?
<hateball> johefernan: If you tell it to during installation or afterwards
<johefernan> Dang, didn't remember
<andol> johefernan: grep "APT::Periodic::" /etc/apt/apt.conf.d/*
<lordievader> Good morning
<rbasak> smb: any opinion on how to ship Zesty with a working tor?
<rbasak> Disable apparmor? Or release note that apparmor needs disabling manually or something?
<smb> rbasak, I have not looked but the reverts I documented were in x an y. zesty may or may not be different
<rbasak> Ah
<rbasak> I'll check Zesty then. Thanks!
<rizonz> hi guys, what are the needed repo's for server deployment using your own internal mirror ?
<rizonz> do I need multiverse for an example ?
<rizonz> or universe ?
<Silicium> hi there
<cpaelzer> rizonz: you don't "need" multiverse unless you want to install something depending on it
<Silicium> i have to create a list of all packages together with their licenses (short) and the copytight file is not machine readable :(
<cpaelzer> rizonz: you should be able to live without for most regular cases
<Silicium> is there a way to get the licenses for each package installed?
<cpaelzer> rizonz: you can also go without universe IIRC, but that obviously limits you further
<cpaelzer> rizonz: why not go on one of your systems and apt-cache policy '*' and some awk/grep, you'll know where things come from
<cpaelzer> maybe there is an easier way to get that thou - not sure
<cpaelzer> Silicium: isn't that just what you look for http://askubuntu.com/questions/247757/how-do-you-find-the-licenses-for-everything-installed-on-your-system ?
<Silicium> i need the license
<cpaelzer> Silicium: which is in each of those files
<cpaelzer> Silicium: a few years there was an effort to make those somewhat machine readable which is mostly true now
<cpaelzer> Silicium: if you only need a shortname grep for it
<Silicium> cpaelzer: srsly?
<Silicium> i should grep for values i dont know?
<cpaelzer> Silicium: you should grep for the "License:" prefix they all have
<Silicium> no ubuntu 1404 the copyright files are not machine readable
<cpaelzer> Silicium: as I said - not all are
<cpaelzer> Silicium: but this gets you a good head start
<cpaelzer> Silicium: for i in /usr/share/doc/*; do printf "\n%20s: " "$(basename $i)"; awk '/^License:/ {print $2}' ${i}/copyright | sort | uniq | xargs ; done
<rizonz> cpaelzer: yeah I'm not sure
<rizonz> I canot find a decent mirrorlist which works
<cpaelzer> rizonz: my zesty lxc guest is fine with main only it seems
<cpaelzer> rizonz: apt-cache policy $(dpkg -l | awk '/^ii/ {gsub(":.*",""); print $2}' | xargs) | grep archive | uniq -c
<cpaelzer> 469 main no others
<cpaelzer> rizonz: and I can enable disable universe/multiverse without and effect other than restricting my potential packages that I can access
<rizonz> cpaelzer: but that cache is good enough, also when you reboot it ?
<cpaelzer> rizonz: sure, what fails in your cae and I can check?
<cpaelzer> rizonz: just upgraded two packages and it worked fine with the reduced pockets
<rizonz> cpaelzer: but you use a proxy then in your apt ?
<rizonz> of the clients
<cpaelzer> rizonz: I only wanted to confirm that a system can live fine with the reduced set, I haven't bothered to actually mirror something
<cpaelzer> rizonz: but IMHO it shouldn't mind where it comes from
<cpaelzer> rizonz: maybe there is the difference, my system only "asks" for main now and is working
<cpaelzer> rizonz: are you trying to set up a reduced mirror but the systems are unmodified and ask for main, universe, ... ?
<cpaelzer> rizonz: and that fetch fails then?
<rizonz> cpaelzer: mhh
<rizonz> I want to see what is in multiverse and universe, just some simple list
<cpaelzer> rizonz: you can tweak sometihng like this to your needs http://paste.ubuntu.com/24267442/
<rizonz> cpaelzer: thannk, but there is no online reference ?
<cpaelzer> rizonz: you'd think there is one - and there might be but I don't know
<cpaelzer> rizonz: http://paste.ubuntu.com/24267506/
<cpaelzer> rizonz: well, if you mean an online reference what a package is in in general (and not something specific to your system) that might be easy as I'm sure this is on LP somewhere
<cpaelzer> rizonz: https://launchpad.net/ubuntu/+source/<pkgname>
<rizonz> cpaelzer: yeah will check out
<cpaelzer> rizonz: you will see the pocket per release in the table there
<rizonz> it's dofficult to decide what to mirror
<rizonz> at least I know I don't need i386 anymore :)
<rbasak> cpaelzer: I'm not sure the architecture selected should be the host architecture. It should be the architecture of the image selected.
<rbasak> (uvtool)
<cpaelzer> rbasak: does anybody ever really use it cross arch?
<cpaelzer> ok, then the image arch - fine with me
<rbasak> cpaelzer: since qemu can do cross arch I'm not sure we should rule it out
<rbasak> cpaelzer: if it's not too difficult I think?
<cpaelzer> rbasak: looking into it
<rbasak> cpaelzer: if --backing-image-file is ued, then we'd need a --image-arch option that could default to the host arch.
<cpaelzer> rbasak: well I'm only changing the default path and provide the templates - IFF it is overly complex for what we gain we might keep it as I proposed
<cpaelzer> rbasak: but let me look at it first
<cpaelzer> rbasak: ok looked at it, not that it would be impossible, but I really think that would make it more complex and error prone
<cpaelzer> rbasak: so far most handling on filters is kept to simplestreams for a reason
<cpaelzer> rbasak: to pick the arch from the image would need to understand those plus the case on backing image you mentioned
<cpaelzer> rbasak: I think even for cross arch usage the fact that there now willa ctually be arch-templates will help
<cpaelzer> rbasak: and one doing that might also add a --template command
<rbasak> cpaelzer: not really understanding the filters. Just picking up the arch metadata once an image is selected.
<rbasak> cpaelzer: how about as a compromise having an --image-arch option which defaults to the platform arch?
<rbasak> cpaelzer: and always use that instead of inspecting the image metadata.
<rbasak> cpaelzer: then at least it's overridable and separable internally from the platform arch.
<rbasak> s/platform/host/
<cpaelzer> rbasak: yeah that sounds fine to me
<cpaelzer> rbasak: let me write something for that
<rbasak> Thanks
<cpaelzer> rbasak: pushed with the change
<cpaelzer> rbasak: I still would think I'd always just use --template if I need to override instead of --image-arch, but I'm fine to hear other peoples need
<cpaelzer> rbasak: so in terms of simplicity and less code I'd still vouch for my MR before this commit, but follow your decision once you can take a look at it
<jamespage> zul: I expect you to hold me to account for completely disabling the unit tests for vmware-nsx - I raised https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1676712 to cover it
<ubottu> Launchpad bug 1676712 in vmware-nsx (Ubuntu) "random sqlite related failure during unit testing" [Medium,Triaged]
<lucidguy> Ok, Xeon E5 running at 75-80 all the time, bad?  Google tells me the maximum running temp is 73c
<zul> jamespage: heh
<DammitJim> how can I easily find the dependencies on a package I installed?
<rbasak> cpaelzer: thanks for taking bug 1663671! The existing tests are overly complex IMHO. Feel free to cut them down massively.
<ubottu> bug 1663671 in squid3 (Ubuntu) "dep8 tests fail on infrastructure" [Medium,Triaged] https://launchpad.net/bugs/1663671
<cpaelzer> rbasak: yeah I wanted to take a look to get it working there
<cpaelzer> rbasak: thanks for letting me know that dropping some might be acceptable
<cpaelzer> rbasak: I looked at another issue only to realize you posted the update I wanted to write, so I was assinging myself here just to take a look :-)
<rizonz> guys do we need universe/multiverse for webserver, nodeJS deployments and such ?
<drab> hi
<drab> how do ppl do failover for a nas hosting shared homedir? or you just dont' and use some other FS?
<cpaelzer> rizonz: FYI nodejs is universe
<cpaelzer> nodejs package
<drab> given that both nas boxes r on zfs I was thinking I could minimize the problem by taking a snap, moving that over to the other box, restore, then stop the first one, snap/restore one last time and move back to old primary
<drab> but it involves downtime during last sync, which that said should be pretty small
<drab> (writes volume isn't crazy)
<rizonz> cpaelzer: and multiverse ?
<rizonz> is there a lot of crap we mostly use ?
<rbasak> cpaelzer or maybe nacc: triaging bug 1676263. Looks like a regular HWE-related breakage. Do you know how we handle these right now?
<ubottu> bug 1676263 in iscsitarget (Ubuntu) "iscsitarget-dkms 1.4.20.3+svn502-2ubuntu4: iscsitarget kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/1676263
<cpaelzer> rizonz: as discussed earlier today that depends on tha packages you need
<cpaelzer> rbasak: there is a master bug to dup it to
<rizonz> cpaelzer: I know but I'm trying to catorize it some
<cpaelzer> rbasak: I don't have the number without searching, but nacc will have it available I hope
<rbasak> bug 1668808 perhaps?
<ubottu> bug 1668808 in iscsitarget (Ubuntu Xenial) "iscsitarget-dkms 1.4.20.3+svn502-2ubuntu4: iscsitarget kernel module failed to build [error: field ârx_hashâ has incomplete type]" [Undecided,Fix committed] https://launchpad.net/bugs/1668808
<rbasak> There seem to be a number of different "master bugs" so I'm not entirely confident. I'll wait for nacc.
<rbasak> Thanks cpaelzer. Good to know there is an answer :)
<nacc> rbasak: one sec
<nacc> for trusty failures with 14.04.5: LP: #1612627
<ubottu> Launchpad bug 1612627 in iscsitarget (Ubuntu Trusty) "iscsitarget-dkms 1.4.20.3+svn499-0ubuntu2.1 fails to build on linux-generic-lts-xenial kernel " [High,Fix committed] https://launchpad.net/bugs/1612627
<nacc> for xenial failures with 16.04.2: LP: #1668808
<ubottu> Launchpad bug 1668808 in iscsitarget (Ubuntu Xenial) "iscsitarget-dkms 1.4.20.3+svn502-2ubuntu4: iscsitarget kernel module failed to build [error: field ârx_hashâ has incomplete type]" [Undecided,Fix committed] https://launchpad.net/bugs/1668808
<nacc> rbasak: cpaelzer --^
<rbasak> nacc: thanks!
<rbasak> nacc, powersj, cpaelzer: I'm going to tag those master bugs "triage" to help triagers find them quickly.
<cpaelzer> rbasak: good idea, we should make our wiki state (and link) those and similar hints we develop for triaging over time
<cpaelzer> it might even do so already and I didn't check
<powersj> jgrimm:
<powersj> woops.. jgrimm: https://code.launchpad.net/~powersj/ubuntu-cdimage/server-zesty-ppc64el/+merge/321187
 * jgrimm looks
<rizonz> mhh it takes forever for apt-mirror to finish, I only download 64 bits 16.04, is apt-mirror that slow these days ?
<jgrimm> powersj, cool, thanks
<blacknred0> hi - question... I am migrating from vmware esxi to openstack, but that is not my question.... my question is that I have a raid 5 (3 hdd) and I am wondering if when I mount them I need to mount them all or only the one that is recognized?
<nacc> blacknred0: you don't mount individual disks in a raid5
<blacknred0> I guess that my confusion is that one of the drives show as vmware vmfs and another as linux lvm
<blacknred0> nacc: do i use an utility like mdadm?
<nacc> blacknred0: so it's not recognizing your raid5 at all?
<nacc> blacknred0: how was your raid5 configured before?
<blacknred0> nacc: doesn't seem like, no
<Ussat> You dont want to "migrate" your raid5, you want to recreate it in openstack
<blacknred0> nacc: when i configured (which it was a long time ago and my memory doesn't fail me).... I literally let the dell utility handle it and when I boot esxi, I think it recognize the disk as one
<blacknred0> Ussat: but doing that means that I will look my vdmk's, right?
<Ussat> look ?
<blacknred0> oops... I will lose*
<Ussat> well, ya.....I mean, you are migrating them , right ?
<blacknred0> Ussat: well... yes.  I want to move away from esxi to openstack ... and my thought was that I could mount the raid and have openstack point to the vdmk's
<Ussat> The best way to do it is to create what you want in openstack and then migrate the data
<blacknred0> but, if I am following your logic... you are saying that is not that simple
<Ussat> no, it is not, raid is never simple
<Ussat> reacreate what you want in openstack, raid5 and all, then migrate the data
<blacknred0> Ussat: ok... you gave me something to think about
<Ussat> and have backups
<blacknred0> I think that I will probably have to add more drives and create the data using openstack and then migrate from one drive block to the other
<blacknred0> thanks nacc and Ussat !
<Ussat> add more drives to the current raid ? no, just rea create your setup in openstack, then migrate the data
<blacknred0> Ussat: but to create the setup I would need to mount the drive or drives, right?
<blacknred0> or are you saying to move the vdmk's to an external hdd and configure the raid using openstack and then move the data back?
<cyphermox> smoser: I'm trying an install of subiquity and getting cloud-init started and applying a default config when the installer boots, but once I reboot onto the final system (cloud-init is installed, and only has /var/lib/cloud/seed/user-data), cloud-init apparently doesn't run to apply my username/password and hostname for the installed system
<cyphermox> any way I can debug this and figure out why it's not starting or not applying the seed?
<cyphermox> rharper: ^
<rharper> cyphermox: zesty?  you really want to populate /var/lib/cloud/seed/nocloud-net/{user-data,meta-data,network-config}
<rharper> in /run/cloud-init/ds-identify.log will likely show that it didn't detect any user-data and the zesty behavior is to not run cloud-init;
<Ussat> blacknred0, I am saying create a brand spanking new openstack with your NEW raid5 avd copy the data over to it
<smoser> o/
<jgrimm> smoser, wrong channel
<smoser> \o/
<smoser> cyphermox, rharper is right. you have to provide meta-data and user-data for the nocloud seed to be considered valid.
<cyphermox> rharper: yes, zesty
<blacknred0> Ussat: got it :P .... thanks mate
<cyphermox> there is a meta-data too, but not network-config AFAIK
<cyphermox> the intent of network-config was for it to be disabled since it was version 1; maybe this has changed now?
<rharper> network-config is optional; but you want a 'nocloud-net' dir under and put the files there
<cyphermox> rharper: yeah, that exists
<cyphermox> nocloud-(something), I didn't really notice
<cyphermox> I'm about to boot the VM elsewhere to do look at the directory tree again
<rharper> ok, well then a tar of /run/cloud-init  /var/log/cloud-init* and /var/lib/cloud*  and I can help debug
<rharper> w.r.t network-config; you can't disable since you're rendering netplan IIUC
<rharper> err, _can_
<cpaelzer> rbasak: FYI http works on localhost now, ssl still fails but I'll no more get to that this evening
<cpaelzer> rbasak: on squid tests I mean
<rbasak> \o/ thanks!
<eanyx> hi
<eanyx> I need to make a cluster with an apps which was not design to be in cluster. Is it possible to make a cluster with it?
<eanyx> i use haproxy and keepalived
<patdk-lp> no
<patdk-lp> it's very unlikely you can cluster something that was not designed to cluster
<patdk-lp> you can use haproxy and keepalived, but that will NOT make a cluster, it will just make failover
<patdk-lp> if it was clustered, you wouldn't need keepalived or haproxy
<eanyx> I need failover at first place
<eanyx> but what is mandatory for failover?
<patdk-lp> dunno, that depends on you and your app
<eanyx> I've two nodes, and I need the unicity of writing to rabbitmq queue shared between two instance of the same binary
<patdk-lp> it could be as simple as just moving an ip
<patdk-lp> it could be as complex as moving filesystems, applications, vm's, ip's, nic ports, ....
<patdk-lp> what is a unicity?
<eanyx> I've been sais that my apps need to be "reentrant"?
<eanyx> the uniqueness of data written on disk
<MystaMax> hello! In previous versions of Ubuntu, I had to delete /etc/udev/rules.d/70-persistent-net.rules when creating templates for VMs. Is this no longer necessary because of systemd/udev? The file does not exist.
<compdoc> right, it doesnt seem to be used anymore, although you can probably create the file manually
<apachenoob> is it recommended to create virtual hosts on a regular users home directory or in the var/www directory?
<rizonz> damn I need to findout how large the 16.04 repo(s) are
<sarnold> rizonz: it's an upper limit of 1.1 TB, that's what mine covers for 12.04, 14.04, 16.04, 16.10, and devel
<rizonz> sarnold: ok, but what do you mirror then ?
<sarnold> everything
<rizonz> updates, security as well ?
<rizonz> 1.1Tb in total ?
<sarnold> I skip security, those are migrated to -updates every few hours
<rizonz> ok
<rizonz> so I should skip them as well
<rizonz> does it actually use security ?
<rizonz> on an apt-get upgrade ?
<sarnold> well, I should have said that I skip security.ubuntu.com; the -security pocket is on the main mirrors too
<rizonz> yes ok
<sarnold> here's where I started: https://wiki.ubuntu.com/Mirrors/Scripts  -- if you strictly want only 16.04 there are probably better ways to get there; maybe debmirror or aptly
<rizonz> I do an apt-mirror
<sarnold> hrm, I don't see any references to the by-hash infrastructure in that script. it otherwise looks nice.
<drab> rizonz: du -hsc /var/spool/apt-mirror/mirror/us.archive.ubuntu.com/ -> 348G
<drab> that's for trusty and xenial, only main sources
<drab> both amd64 and i386
<rizonz> drab: ok, but we need universe and multiverse as well I gues
<rizonz> *guess
<drab> yeah, they ar in there, I do only main for -src
<drab> but all for binary
<drab> actually,I'm forgetful it seems, we do -src for all too
<rizonz> ok, I do this atm: https://pastebin.com/qUgnH8KL
<drab> rizonz: http://dpaste.com/29N4ED7
<drab> plus the src line above
<rizonz> drab: and that size is 384G ?
<rizonz> *348
<drab> 360G, I du'ed the old mirror at first, the berkeley one we're using now is 360G
<rizonz> why is mine 500G and growing ?
<drab> do you run clean?
<drab> I'm using apt-mirror
<rizonz> not yet
<drab> and I hvae a clean job at the end
<rizonz> it's downloading
<drab> free's quite a bit each time
<drab> oh, I see
<rizonz> but does it put all first in skel ?
 * rizonz forgot
<drab> I got not clue about that, been running this daily at 4am for the past year, don't think I've ever seen it go up to 500GB
<drab> rizonz: not ime
<drab> like it doesn't go up and then come down if that's what you're asking
<rizonz> mhh this is weird
<rizonz> my lines are not weird are they ?
<drab> ~
<drab> :P
<sarnold> I don't think I've seen deb-amd64 before; I'm more familiar with deb [arch=amd64]
<drab> sarnold: that's what I'm using with apt-mirror, works fine
<drab> I think they are equivalent
<sarnold> okay
<rizonz> yeah me the same
<drab> rizonz: don't see anything wrong with your lines, they match my paste
<MystaMax> compdoc, ah sorry I didn't know you replied. Thanks for the information!
<drab> oh, wait
<drab> oh, nm, that was accounted for too
<drab> I just  noticed yuo had the installer lines too
<rizonz> drab: yap I need pxe boot
<rizonz> is there a faster way for du -h ?
<sarnold> not easily
<sarnold> df -h is way faster; if you have it on its own filesystem it'll be close
<rizonz> yeah true but centos is there as well
<rizonz> 589G
<rizonz> and growing
<rizonz> sarnold: is archive not bigger then normal ?
<sarnold> rizonz: every time I look at mine, it's somewhere between 1.01 and 1.11 TB
<rizonz> sarnold: for both of them ?
<sarnold> "both"?
<rizonz> yes you said precise and xenial
<sarnold> ah. I've got precise, trusty, xenial, yakkety, and devel on this
<rizonz> yes so I don't get it why mine is that large
<rizonz> sarnold: I'm looking for a clue
<sarnold> rizonz: makes sense; I just don't know what would make sense for a partial copy
<rizonz> sarnold: do you apt-mirror it or rsync ?
<sarnold> rsync
<rizonz> ok
<rizonz> sarnold: which script ?
<rizonz> I think apt-mirror is getting shit in
<sarnold> rizonz: I started with the bits on that wiki page ^^^ and modified for my local environment
<rizonz> sarnold: why do we use archive and not release ?
<sarnold> rizonz: for my use I wanted all ubuntu packages unpacked on my local system
<sarnold> including all updates
<rizonz> the question is, what should we use
<rizonz> sarnold: mhh ok, can you give an example of your script, I need to look as I don't see exactly how they exclude in a decent way
<sarnold> rizonz: http://paste.ubuntu.com/24270684/
<rizonz> sarnold: but there you don't exclude security ?
<sarnold> rizonz: sorry, I mispoked earlier; I just don't bother to mirror security.ubuntu.com
<rizonz> sarnold: oh indeed, it's a different URL
<rizonz> sarnold: you use ubimirror or debmirror ?
<sarnold> rizonz: two-stage rsync: http://paste.ubuntu.com/24270684/
<rizonz> sarnold: why that ?
<sarnold> rizonz: because it's the easiest way to get everything quickly
<rizonz> sarnold: ok
<rizonz> oh, otherwise it delete-after in the run ?
<rizonz> I wonder, how do I make sure I don't have crap but het the installer as well
<rizonz> oh men this sucks :P
<rizonz> centos and fedora were easier
<rizonz> sarnold: mhh rsync is actually kinda useless between i386 and amd64
<sarnold> ?
<sarnold> like I said; I wanted _everything_
<rizonz> yes true, do you still use 32bits then ?
<sarnold> if that isn't a good description of your problem, maybe rsync isn't the best tool :)
<rizonz> it is but not for Ubuntu repo :P
<sarnold> no, but my users do :)
<sarnold> so I wanted it easy available to unpack
<rizonz> get some other users
<rizonz> why do they use 32bits ?
#ubuntu-server 2017-03-29
<rizonz> sarnold: checkout debmirror, much nicer
<rizonz> for ubuntu likes
<lordievader> Good morning
<cpaelzer> rbasak: if you ever wonder, those squid tests are run-once by design
<cpaelzer> rbasak: I don't want you to waste the same 30 minutes I just wasted
<cpaelzer> rbasak: they end with adding apparmor profiles that won't work for certain aa-tests, a rerun fails until you unload the profile
<sarnold> o_O
<col88> Hi! im trying to add an entry to /etc/hosts using preseed - any tips?
<cpaelzer> col88: you can at least force your own hostname into /etc/hosts with netcfg/hostname https://help.ubuntu.com/lts/installation-guide/example-preseed.txt
<cpaelzer> col88: but I guess you want more hosts into /etc/hosts Ã
<cpaelzer> ?
<col88> essentially i need to tell my new hosts that my puppetmaster is identified as IP address xxxx
<col88> so resolve the name to a static IP on all machines
<cpaelzer> col88: sorry, no idea for normal preseeds, but if in your env cloud-init is an option http://cloudinit.readthedocs.io/en/latest/topics/examples.html#run-commands-on-first-boot
<col88> ah ha thats a good idea
<rbasak> cpaelzer: noted, thanks!
<cpaelzer> rbasak: it turned out most fixes that I was writing were already in the upstream qa tests
<cpaelzer> rbasak: so I pulled the latest version of those
<cpaelzer> rbasak: and on top only tweaked to run against localhost
<cpaelzer> rbasak: and a bit of setup to have something reasonable available at localhost
<cpaelzer> rbasak: my tests on LP are starting soon (building atm), once successful we could push to z.p
<cpaelzer> rbasak: although we are in freeze and this is not 100% bug-fix of the package itself
<cpaelzer> rbasak: but I think proper testing would still be welcome
<cpaelzer> rbasak: before that the tests have to actually pass on LP
<cpaelzer> rbasak: to confirm - those tests are pure Ubuntu Delta atm, no need to send to Debian or did you intend to do so once they are working fine?
<rbasak> cpaelzer: I intended to send to Debian once they were in reasonable shape, as I didn't think the previous state of them would be acceptable to Debian.
<rbasak> cpaelzer: as for the freeze, I think dep8 fixes are absolutely fine.
<rbasak> Or any kind of dep8 improvement, not just fixes.
<cpaelzer> ok
<blackflow> Hello. Need help understanding the bug resolution life cycle. What's the next step for Bug #1673357 ? It's been recommended to the server team, but it'll have to be patched by the maintainers first?
<ubottu> bug 1673357 in munin (Ubuntu) "Munin core plugin "if_" doesn't work" [Medium,Fix released] https://launchpad.net/bugs/1673357
<rbasak> blackflow: it's definitely fixed in Zesty in 2.0.33, right?
<rbasak> blackflow: in that case see https://wiki.ubuntu.com/StableReleaseUpdates and in particular https://wiki.ubuntu.com/StableReleaseUpdates#Procedure
<rbasak> blackflow: anybody can do the preparation steps - the only thing you won't be able to is the actual upload, for which you'll need a sponsor.
<rbasak> blackflow: the server team will get round to it eventually I hope, but if you'd like to speed up the process, please do as much as you are able.
<blackflow> rbasak: I've been maintainer of some packages on FreeBSD (and bugzilla triager) so I'm in general familiar with the whole contribution process. However, I'd need help getting started with Ubuntu contribs. Is there a process/team/mentorship I can rely upon for that?
<rbasak> blackflow: I wish we were better on the documentation front. It's mostly out of date :-/
<rbasak> blackflow: feel free to ask here, or in #ubuntu-devel
<rbasak> There's https://wiki.ubuntu.com/SponsorshipProcess and some other related pages on the wiki but I'm afraid some of it isn't current.
<rbasak> In short, post a debdiff to the bug, and subscribe ~ubuntu-sponsors, and it'll be in the sponsorship review queue.
<rbasak> blackflow: if there's a specific thing you feel that we're missing in the process to help get new contributors on board, please let us know.
<rbasak> We're working on a git-based workflow for contributions, but that's still a work in progress and not quite ready for general use.
<rbasak> When it's ready, I'm hoping that we can replace most of the documentation with just "clone from here, push to here, submit a merge proposal here" flow.
<rbasak> blackflow: in the meantime, I'd be happy to answer specific questions.
<blackflow> rbasak: thanks. :) I don't have any for the moment, and in fact you've given me a pretty sound advice with debdiff.
<zul> jamespage: question for you do we really need this patch? https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/keystone/tree/debian/patches/add-version-info.patch
<jamespage> zul: :-)
<zul> umm..yeah
<cpaelzer> rbasak: grr - of course now other tests fail https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty-ci-train-ppa-service-2667/zesty/amd64/s/squid3/20170329_132948_8ac14@/log.gz
<rbasak> :-/
<cpaelzer> maybe I updated too much believing in the good of "new" too much
<cpaelzer> but hey, http and https worked in LP infra
<rbasak> cpaelzer: could it be because a proxy is set by default?
<rbasak> Not sure about FTP though.
<rbasak> But that sort of thing has been a cause of failures in the past.
<rbasak> Causing requests intended for localhost to bounce through some external host that then resolves "localhost" differently, etc.
<cpaelzer> rbasak: ah no I think I see the issue
 * cpaelzer is touching all kind of wood
<eanyx>  Hi, I need to make a cluster with an apps that was not designed to be in cluster. I would like to use keepalive + haproxy for failover. But how to watch for apps failover?
<eanyx> I've a problem : I need to have rabbitmq writing from the 2 nodes on the same shared queue
<cpaelzer> eanyx: doesn't rabbitmq have heartbeat and clustering as feature ? https://www.rabbitmq.com/reliability.html
<cpaelzer> rbasak: that was good to fail actually
<cpaelzer> rbasak: it had still some ubuntu.com references which might work for us but not on dbci
<cpaelzer> rbasak: and the issue with those tests helped me to uncover
<cpaelzer> rbasak: a new revision is building, but it builds oh-so-slowly
<rbasak> Ah, great!
<cpaelzer> rbasak: I can only trigger tests later on after some family life
<rbasak> Sure :)
<eanyx> yes, but how to integrate with my apps? I need some failover software to switch my apps from one node to other and then use anoter clustering techno (rabbitmq to switch over)?
<cpaelzer> sorry eanyx, I just don't know - crossing fingers for you that somebody else does
<eanyx> cpaelzer: are you aware of reentrant software?
<cpaelzer> sure, but from reentrant functions via acid on a DB to no-state containers that can be something different for each of 10 people you ask
<rizonz> sarnold: ping
<sarnold> hey rizonz, how's your mirroring project coming?
<cpaelzer> rbasak: https://bileto.ubuntu.com/excuses/2667/zesty.html all good now on squid
<cpaelzer> rbasak: I'll do the publish and Debian submit tomorrow
<rbasak> cpaelzer: o/ thank you1
<rbasak> !
<rizonz> is it possible to use metalink files for yuour local mirror ?
<drab_> rizonz: did you figure out why your mirror kept getting bigger and bigger?
<rizonz> drab_: he thanks for asking, dunno, I really cannot say... debmirror works perfectly
<drab_> rizonz: so you were using apt-mirror before?
<drab_> I actually need to do something about it because it's really slow and not allowing me to resync things selectively, at least not that I can find out
<drab_> so if I have 5 things to mirror I can't just kick one off (unless I temporarily mess with the config file)
<rizonz> drab: yap
<rizonz> drab: it's damn slow
<rizonz> debmirror did the erm, 150G in 1,5H :)
<drab> wow, ok
<drab> rizonz: the only thing is, debmirror seemed a lot more complicated to setup/maintain compared to apt-mirror, but maybe I just looked at the wrong howto
<rizonz> drab: sec, have a doc for you... it's damn easy
<rizonz> drab: https://help.ubuntu.com/community/Debmirror
<drab> rizonz: yeah, hacky :) . compared to adding the lines to mirror to a config file, that is
<drab> rizonz: apt-mirror is a lot more consistent with the whole apt setup, configs are even in /etc/apt/
<drab> so it's overall a lot more "sensible", but yeah, can't seem to be ablet o get it to work well so will need to ditch it
<rizonz> drab: apt-mirror sucks
<rizonz> comparing to debmirror
<rizonz> drab: I don't think this is hacky
<drab> that's fine, we clearly have diff definitions of hacky, not a problem :)
<rizonz> drab: if you want a full mirror, just rsync it
<rizonz> I do that with fedora as they repo structure it MUCH better
<rizonz> *their
<drab> that has other problems, no logs, which is also why I don't like backups with plain rsync + hardlinks even tho conceptually it's a good way to go, minus deduplication on large files/vm images
<rizonz> drab: no just a good exclide file ;)
<rizonz> *exclude
#ubuntu-server 2017-03-30
<drab> on a diff topic, anybody around running zfs root on ubuntu-server?
<drab> it seemed not recommended/experimental, but I'm seeing more articles/ppl saying it works, just can't tell how stable/trustworthy it is
<sarnold> one of our users put this together https://github.com/zfsonlinux/zfs/wiki/Ubuntu-16.04-Root-on-ZFS
<drab> sarnold: yeah I had seen that one and that was my definition of "experimental" :)
<sarnold> :)
<undriedsea> Any iptables gurus out there?
<undriedsea> I am trying to figure out what I am doing wrong...
<undriedsea> 	iptables -t raw -A PREROUTING -i $IFACE -p tcp --dport 80 -m tcp -j CT --notrack
<undriedsea> iptables -A INPUT -i $IFACE -p tcp --dport 80 -m tcp -j ACCEPT
<undriedsea> iptables -t raw -A OUTPUT -o $IFACE -p tcp --sport 80 -m tcp -j CT --notrack
<undriedsea> ^ This rule set doesn't seem to be opening up TCP:30 (stateless fw)
<drab> undriedsea: you mean tcp:80?
<undriedsea> yea, long day :)
<drab> k, just checking, been there myself :)
<drab> is the pkt supposed to be destinated for the box the rule is on?
<drab> undriedsea: and I assume you tcpdump'ed and can see the pkt making it there, yes?
<drab> does it get dropped?
<undriedsea> correct, I see it come in
<undriedsea> 17:58:15.347645 IP XXXXX > YYYYYY.http: Flags [S], seq 1806319247, win 27320, options [mss 1366,sackOK,TS val 9381349 ecr 0,nop,wscale 7], length 0
<drab> undriedsea: and do you see that getting dropped?
<drab> are you using any LOG staments anywhere by any chance?
<undriedsea> No
<undriedsea> Let me google how to do that
<drab> also what's in CT? maybe it gets dropped there?
<drab> also why are you messing with raw and NOTRACK? are you trying to optimize a fw in front of a hosting web server?
<drab> undriedsea: also fwiw I don't recall a --notrack, are you use that's working
<drab> undriedsea: I don't use it so can't claim any experience with it, but from memory/some reading iirc you use it with -t raw -j NOTRACK
<undriedsea> yeah, I think I just figured it out, the accept in prerouting wasn't enough, I needed a normal accept too
<drab> -j CT --notrack looks odd to me
<drab> oh ok, fair enough
<undriedsea>  -j NOTRACK is deprecated
<undriedsea> -j CT --notrack is the new syntax
<drab> ah, well, like I said, been a while :)
<undriedsea> no worries
<drab> good to know, thank you, always learn something
<undriedsea> indeed
<drab> so is CT some new built in table? it doesn't exist in my list of tables in man iptables (on a latest ubuntu xenial)
<azidhaka__> hi! when using canonical's kernel livepatch service, do i still need to do apt-get dist-upgrade to update the kernel a new one is released?
<cpaelzer> azidhaka__: the livepatch helps you to get over the most critical issues without a unplanned outage
<cpaelzer> azidhaka__: but you'll still have planned outages to update
<cpaelzer> azidhaka__: by the way live patchign works in general not all issues are fixable by it, so an update/restart according to your policy is still required
<cpaelzer> azidhaka__: but maintaining a good SLA with less unplanned outages is a huge win for security and uptime
<azidhaka__> cpaelzer: so, i should run the typical update, upgrade, dist-upgrade and still reboot on my terms?
<cpaelzer> azidhaka__: yes
<azidhaka__> cpaelzer: thank you
<lordievader> Good morning.
<cpaelzer> hi lordievader
<cpaelzer> lordievader: how are you today?
<lordievader> Doing good. How are you, cpaelzer
<cpaelzer> fighting the bug flood :-)
<lordievader> Good luck ;)
<lordievader> They never stop coming...
<cpaelzer> by design, since by applying iteration every software can be written as one broken line of code
<cpaelzer> 1. every software can be shrinked by a line
<cpaelzer> 2. every software has a bug
<cpaelzer> 3. iterate
<cpaelzer> I wonder if #1 makes it "no line of code" eventually and that is broken by not doing anytihng ... hmm
<lordievader> That would be interesting, I guess the bug 'it doesn't work holds true' if a program is zero lines of code.
<maswan> is this meant to be missing? https://cloud-images.ubuntu.com/releases/16.04/release  - the link to latest release?
<lordievader> maswan: Guess something was forgotten, I guess you want: https://cloud-images.ubuntu.com/releases/16.04/release-20170307/
<maswan> hm. actually, let me take this to the vanguard of -mirror, that's probably the appropriate place
<maswan> lordievader: yes, but that's significantly harder to script against. :)
<lordievader> True...
<cpaelzer> beisner: hiho on bug 1664737 are you sure UCA-N has the yakkety binaries?
<ubottu> bug 1664737 in libvirt (Ubuntu) "[ARM] : Unable to use Cinder volumes on ARM " [Undecided,Incomplete] https://launchpad.net/bugs/1664737
<cpaelzer> beisner: I thought not and a quick check did not bring in libvirt/qemu from Y, see http://paste.ubuntu.com/24279676/
<kol65> hi guys, any chance of not needing to boot a server twice a week?
<ikonia> ?
<kol65> updates, webserver, needing reboot
<kol65> 14.04
<ikonia> what updates need reboots
<maswan> Canonical's livepatch
<ikonia> should really only be libc and the kenel
<maswan> oh, lots of them
<ikonia> really ?
<ikonia> what other than libc and the kernel is needing an update
<maswan> yeah, libc and kernel
<maswan> and since kernel is a couple of reboots per month..
<kol65> *what was todays?
<ikonia> I'm sure there are others, but they should be edge cases
<blackflow> dbus :)
<maswan> but since kernels are the the frequent cause, livepatch is the solution
<kol65> does get a bit much, my centos servers are like once every 3 months
<ikonia> kol65: what updates are causing you to need reboots so much though ?
<kol65> thought kern 4 was going to sort this out
<kol65> ikonia:  kernel  etc etc
<ikonia> how would kernel version 4 change the update pattern
<kol65> regressions
<ikonia> kol65: etc etc...no sorry
<kol65> ok
<ikonia> the kernel and libc are pretty much it
<ikonia> and they are not released weekly as you state
<ikonia> hence why I'm interested what updates are causing you to require reboots as often
<kol65> like twice this week, hard to get through a week without a reboot
<ikonia> you keep saying that
<kol65> yeah, miffed :)
<ikonia> but yet you don't say what is requiring a reboot
<ikonia> blackflow: nice additional spot with dbus
<kol65> read the security updates, usually says at the bottom
<ikonia> can you give me an example of one
<kol65> ok
<ikonia> (please)
<kol65> one moment
<ikonia> sorry forgot my manners there for a moment
<blackflow> well, according to our logs, we rebooted our 16.04 servers once every 8-12 days due to kernel updates in the past four months.
<kol65> https://www.ubuntu.com/usn/ there is the one to start with
<maswan> yeah, once every 8-12 seems right
<kol65> lets pick them out now
<ikonia> blackflow: more than it should be - kernel updates shouldn't be that frequent
<OerHeks> 24th libc and today 30th a kernel, no big deal .. don't you have those updates with centos too?
<maswan> 29th, 15th, 7th in march
<kol65> https://www.ubuntu.com/usn/usn-3247-1/ another do you really want me to continue?
<maswan> just kernel updates
<maswan> on the up side, we get a much better flow of security patches than centos
<ikonia> kol65: yes please
<kol65> yeah, security is great
<ikonia> kol65: as thats a security system inside the kernel
<ikonia> so yes, I'd like another please
<ikonia> and you maybe could do that without a reboot with a bit of thought, I'm not %100 sure off the top of my head though
<kol65> when you have loads of servers running Ubuntu and major players as clients is a pain, sry
<maswan> Sometimes I'm a bit miffed on that side when it goes weeks for redhat to make a rhel kernel update for something
<blackflow> maswan: yeah, and personally I find it a nice balance between relatively recent kernel and stability updates.
<ikonia> more so if you're dealing with major players
<ikonia> kol65: you should be able to manage that
<blackflow> maswan: and then it takes centos even more weeks to merge
<maswan> anyway, for kernel updates, there exists a [non-free] solution
<maswan> for rebootless upgrades
<blackflow> maswan: it's free for up to few machines
<kol65> ikonia: you looking for a job, cant go past 25k euro tho ;)
<ikonia> I'm not comfortable with live patch as a production ready solution
<maswan> blackflow: yes, but not Free :)
<blackflow> and you get to be the beta for paying customers, but hey.... free rebootless upgrades :)
<ikonia> kol65: not trying to be rude, bu tif it's major players as you say, your infrastructure should be setup to deal with service management
<blackflow> maswan: are we talking about the canonical livepatch service? I thought it was free for just a few machines
<kol65> ikonia: I blagged a bit, but major for me
<ikonia> same point
<maswan> blackflow: Yes, it is
<ikonia> you really need to setup your infrastructure and practices to account for updates
<kol65> rub salt, ty
<ikonia> sorry, that wasn't the intention
<kol65> np
<ikonia> but it's something you should look at now if this is causing you this level of upset
<kol65> indeed
<ikonia> patching and maintenance is a fact of life and something you should be prepared for
<kol65> prevention is always better than cure though
<blackflow> maswan: oh you meant free as in speech
<kol65> nah beer
<maswan> blackflow: yeah. but it is a neat service. been thinking of applying it to some servers at work. but we ended up fixing our applications to the point where we can do downtimeless reboots by means of service migrations instead.
<kol65> its not the downtime as that is like a minute or so but just having to boot
<blackflow> maswan: which also covers for quick recovery in case of failure, so it's a win-win
<kol65> also you get these fanatics who offer services that crucify you if your server is down at any time
<maswan> for our hpc cluster nodes we do it all automatically, the only downside is the draining of jobs until the whole node is free, so we take a hit in throughput
<kol65> sry anyway but I have this effect on irc
<kol65> people start to chat
<kol65> I should charge
<kol65> and usually around 1 hr I am kicked :)
<blackflow> lol
<kol65> its my life
<blackflow> the truth is, that kind of industry is very demanding and ungrateful. if you get crucified for any down time, you should then have a setup for that and probably charge it quite a lot. not patronizing, just sharing my own experience in "the industry".
<kol65> yeah its tough eh
<kol65> just services like say its bad because you boot a server, its fake news
<blackflow> for example our particular use case tolerates such reboots. when it comes to the point that it won't be tolerable, there's always ip based failover, or if you wanna get fancy, virtualization and live migration
<kol65> nerd :)
<maswan> honestly, that was one of our first wins by moving into ganeti for virtualisation of services, VM reboots are much faster than hardware, and hardware reboots done after live migration of all the VMs away from the HW
<maswan> ah, heh. :)
<maswan> but 3 seconds of downtime before the webserver starts responding again when you reboot a VM is much nicer than waiting 3 minutes for bios and blaha.
<kol65> I just do dedicateds, the thought of offering shared hosting fills me with fear
<blackflow> maswan: try 5-10 when your setup has to check pxe to see what it should boot into :)
<kol65> lol this laptop throws up a pxe error, what is it :)
<kol65> on boot
<kol65> seems to think its connect by wire by the looks or at least looks for it
<blackflow> kol65: well, I had a client once who complained I wanted to reboot his machine once or twice a month. I did managed dedicated hosting. Sure, no problem I said, you'll need redundancy and blah blah and oh yeah, your cost would go 10x just on infra, plus additional maintenance costs. he quickly accepted reboots were just fine :)
<kol65> I dont like to fleece people though
<blackflow> wasn't fleecing. real cost of setting up failover pairs, additional DNS, monitoring, testing, ...
<kol65> ty, noted
<blackflow> I mean, we're talking about going from "here's a baremetal machine and I'll take care of software and updates" to a complete fault tolerant infrastructure
<kol65> yeah, I do it at too low a rate
<blackflow> it becomes significant when all these "public clouds" that promise redundancy and what not, start failling because they're not as redundant as advertised. a 5â¬ VPS at Leaseweb, advertised as fault tolerant, live migration in case of failure etc... was down two weeks because their storage layer failed including its redundancy. it "filled up" and fixing it required datacenter expansion, new
<kol65> I think its good to under estimate yourself and suddenly realise that your not as thick as you thought
<blackflow> hardware, experts brought in.  the funny part is it happened TWICE in two year period. one would think they learned the first time it happened.
<kol65> blackflow: yeah there have been some major fkups etc with the biggest
<maswan> blackflow: our pxe is fast, but I was optimistic about 3 minutes, we have HP servers, so that's more like 6-7 minutes before they ping
<blackflow> maswan: yeah HP machines were what I had in mind :)
<beisner> cpaelzer, ack you're right
<cpaelzer> beisner: thank you a lot - you just scared the hell out of my last SRU activity :-
<cpaelzer> )
<cpaelzer> beisner: might I ask if you have arm boxes in the openstack lab or are those things driven by the HWE Team usually?
<beisner> cpaelzer, i've got some.  :)  all in use atm but could arrange access next wk if necessary.
<cpaelzer> beisner: this was more a generic question than the request to test this particular bug
<cpaelzer> beisner: although over time I'd expect some of your Team might end up being the only one with the ressources to track that down
<beisner> cpaelzer, ah, right.  yep generally-speaking we can work out short-term access to a machine for these type of bugs.
<lucidguy> Should I use intel rapid storage fake raid on a linux server, or disable it and manually create my md volumes etc?
<lunaphyte> hi.  i've increased the size of a virtual disk, but the os still sees the old size.  how can i make it see the new size, without rebooting?
<lunaphyte> ah.  echo 1 > /sys/block/sdd/device/rescan
<lunaphyte> it seems that rescan-scsi-bus doesn't quite rescan as thoroughly as one might expect
<nacc> lunaphyte: i think you wanted the --forcerescan option
<nacc> lunaphyte: ah maybe because rescan-scsi-bus is for rescanning busses  not disks?
<lunaphyte> nacc: yeah, i guess
<jbicha> rbasak: hi, I'm pinging again about LP: #1667195, Sweet5hark is out this week but I believe he was fine with it
<ubottu> Launchpad bug 1667195 in mdbtools (Ubuntu) "Drop mdbtools-gmdb from main" [Undecided,New] https://launchpad.net/bugs/1667195
<jbicha> https://irclogs.ubuntu.com/2017/03/07/%23ubuntu-desktop.html#t16:04
<rbasak> jbicha: thanks. OK, I'll drop it from the server seed.
 * rbasak wonders if that needs an FFe.
<jbicha> the other last thing that kept gconf and friends in main was emacs25 which finally migrated to zesty (without that dependency)
<jbicha> my opinion is that since it wasn't shipped but only listed as "supported" that it wouldn't need a FFe
<rbasak> Good point. It wouldn't make any changes to an image.
<rbasak> jbicha: there's also supported-sysadmin-desktop: * mdbtools-gmdb
<rbasak> Does that impede progress for you?
<jbicha> yes, I think it needs to be unseeded there too to allow gconf, etc. to drop to universe
<rbasak> I'm less willing to touch a desktop seed :-/
<rbasak> Server seed changed
 * rbasak asks in #ubuntu-desktop
<jbicha> thanks
<powersj> nacc, I used the server team package list and tried doing a pull-lp-source. Those packages that do not have source in zesty are in that 3rd list
<faekjarz> Hey there! How do i set a specific order, in which modules are loaded / probed on boot?
<kol65> Hi can someone tell me what minimal install means plz?
<cpaelzer> rbasak: nacc: on sponsoring if one could look at bug 1671767 that would be great
<ubottu> bug 1671767 in asterisk (Ubuntu) "asterisk crashes dialing h264 video sip device" [High,Triaged] https://launchpad.net/bugs/1671767
<cpaelzer> rbasak: nacc: the reporter is very active and I want to encourage by getting that moving, yet I can't upload asterisk on my own
<nacc> cpaelzer: ack, will review today
<cpaelzer> thanks
<kol65> bugs eh
<kol65> errors
<rbasak> cpaelzer: thank you for following up on that. Add it to your "why I should be MOTU" list please :-)
<nacc> kol65: you don't know what a minimal install is?
<kol65> nacc:  minimal for what?
<ogra> everything ?
<kol65> ?
<ogra> it is enough of a system to boot and run the package manager
<nacc> kol65: you asked a question about what minimal install means
<nacc> kol65: i was clarifying if you were literally asking for the definition
<kol65> ogra:  thanks dude
<kol65> ogra:  perfect explanation
<ogra> :)
<kol65> hehe
<kol65> just noting that down
<kol65> so its the basic platform
<kol65> foundation to build on
<kol65> are minimal installs strictly regulated?
<kol65> what is actually in a minimal install?
<cpaelzer> rbasak: I have already last week
<rbasak> :)
<nacc> worktoner: echo 1 > /sys/block/<sdwhatever>/device/rescan ?
<ayush1706> Hey
<ayush1706> Anyone used or using kernelcare here?
<jge> hey all, trying to get a LAMP stack going with PHP 7 and PHP-FPM but for some reason this box is not cooperating and not showing FPM/FastCGI as the API when I do a quick php()info test.
<jge> My steps were pretty much get PHP set up as: sudo apt-get install php php-mysql php-fpm libapache2-mod-fastcgi
<jge> enabled the following modules actions fastcgi alias, added a config inside /etc/apache2/conf-available/php7.0-fpm.conf
<jge> enabled it with a2enconf restarted apache and fpm and nothing..
<jge> what did I miss!? :(
<nacc> jge: any errors in the logs?
<nacc> jge: and i assume you meant phpinfo(); ?
<jge> nacc: yes sorry, phpinfo();
<nacc> jge: np, just making sure it wasn't something easy :)
<jge> I found it, forgot to disable mod_php :(
<nacc> jge: ah :)
<jge> yikes
<jge> all good now, thanks
<jge> anyone here ever deployed VTiger (CRM) on Ubuntu Server?
<bekks> jge: whats your actual question besides that poll?
<jge> bekks: getting an HTTP Error 500, really frustrating as I've already enabled debug logging on apache (which doesn't show anything relevant), PHP is blank (CRM is a php app) and VTiger's internal logging doesn't show anything
<nacc> jge: if you get a 500, apache2's logs will tell you why, typically
#ubuntu-server 2017-03-31
<Mead> is there a system requirements or minimum recomended specs for ubuntu-server?  I'm trying to figure how large of partition I should create for my install drive.
<hateball> Mead: https://help.ubuntu.com/lts/serverguide/preparing-to-install.html
<hateball> Mead: It all depends what services you intend to run on it
<Mead> mainly just kvm and guest OS's
<Mead> could it be installed on say an 8 or 16 gig flash drive?
<lordievader> Good morning.
<Mead> good evening
<lordievader> o/
<zetheroo> Hi all - I installed Ubuntu Server 16.04 onto a freshly created VM (Proxmox) using the minimal Ubuntu ISO. I then installed gnome-session-flashback and xorg, but I cannot get the desktop env to start with 'sudo startx' and it doesn't start on bootup.
<zetheroo> my xorg log is as follows http://paste.ubuntu.com/24287725/
<rbasak> zetheroo: server people don't know xorg. Try #ubuntu.
<zetheroo> ok
<rbasak> zetheroo: seems odd that you're using startx though. Usually people use lightdm or similar. Why not just use the desktop installer if that's wha tyou want?
<blackflow> zetheroo: looks like there's no video device
<blackflow> no dri, no framebuffer
<zetheroo> aparantly I need a gdm\
<zetheroo> no video device? hmm .. ok
<blackflow> zetheroo: well the errror log you pasted shows no valid gpu, look at the (EE) entries
<zetheroo> its a VM set to VMware compatible ... whatever that is :P
<blackflow> could be just appropriate driver missing
<blackflow> zetheroo: otoh, check if xserver-xorg-video-vmware is installed
<zetheroo> installed lightdm and rebooted  - I have login screen
<zetheroo> though the resolution is huge - LOL
<zetheroo> ok, I changed the VM display settings back to default (VNC) and now have a more sensible resolution at login. BUt when trying to login I get 'Failed to start session' in red text above the password input area
<blackflow> zetheroo: you'll have to check the logs (perhaps via ssh)
<zetheroo> I am in there but not sure which logs to be hunting down
<blackflow> zetheroo: but indeed like rbasak said, at this point the problems are likely related to non-servery parts, so better ask in #ubuntu
<blackflow> zetheroo: journalctl -n -p err   is a good start
<zetheroo> ok, I'll duck back in there then :D
<zetheroo> whole bunch of this:
<zetheroo> Mar 31 15:07:33 orbit1604 lightdm[1344]: PAM unable to dlopen(pam_kwallet5.so): /lib/security/pam_kwallet5.so: cannot
<zetheroo> Mar 31 15:07:33 orbit1604 lightdm[1344]: PAM adding faulty module: pam_kwallet5.so
<blackflow> kwallet is kde... did you install kde?
<zetheroo> no, I think thats installed by default ... even on Ubuntu Desktop
<blackflow> (I see you asked in #ubuntu too, so yeah, bettre there)
<Ussat> FUK
<zetheroo> ð
<jge> hey all, wondering if I can install php5.6 on Ubuntu 16 without adding the odrej/php PPA?
<jge> I'm working with a server that has no internet connectivity and will never have one.
<jge> It only has access to Ubuntu repos
<rizonz> meh 8G for / seperated form the rest is not enough anymore
<rizonz> *from
<nacc> jge: no, you cannot
<rbasak> jge: you could create a 14.04 container inside the 16.04 machine and have php 5.5.
<rbasak> jge: or, if it'll never have internet connectivity, install Vivid from an old archive and never update it. It'll be full of security holes but perhaps that won't matter?
<rbasak> Though if it won't matter, then ondrej's PPA shouldn't either I suppose, so perhaps I don't understand your scenario.
<jge> rbasak: I just asked the firewall team, they agreed to allow access to that PPA (life's good again ;)
<nacc> jge: not sure why you can't just use 14.04?
<dn`> I try to boot an iscsi Ubuntu via ipxe; I was able to install Ubuntu on the ipxe target via; on reboot I always get a âLogin error (Login status  0) on conn 7; 18 - encountered non-retryable iSCSI login failure; I disable any kind of authentication and was able to install on the target - anyone got an idea why itâs not booting from it?
<nacc> dn`: does it drop you to a shell?
<dn`> yes
<nacc> dn`: are you able to login to the  iscsi target from the shell?
<dn`> (itâs the first time I do this, so it might be something very stupid Iâm missing)
<dn`> â¦ it just booted...
<dn`> I think I know now why
<dn`> one sec..
<dn`> I think the ipxe(?) keept the connection open and I set the max con limit per target to 1
<nacc> dn`: ah
<dn`> just to debug I set it to 2 .. but that canât be slution can it?
<nacc> dn`: not sure
<dn`> this took me longer then it should have;-)
<dn`> nacc: maybe another question, my basic plan was to prepare one lun - then clone this lun for each machine I need to install; so for each machine I assume I need to adapt the config - so I greped for the IQN in /etc and found it a various places - the most prominent is e.g. iscsi.iscsi.initframfs that I need to adapt â do you know if the files in iscsi/nodes/iqnâ¦ or iscsi/send_targets/:IPâ¦ get auto generated?
<nacc> dn`: you mean you were going to install using one lun and then treat that as a 'master image'?
<dn`> yes - I thought that idea would be good - bad idea?
<dn`> the problem is I would also do it with preseed/kickstart - I wouldnât mind but I canât find a iscsi example;-)
<nacc> dn`: so the problem you'll find, depending on your config is
<nacc> a) all of them will share an initiator name
<nacc> b) you may want to read README.Debian from open-iscsi
<dn`> I assumed I could change the initiator name for each - I donât need to install them in parallel
<nacc> dn`: i would suggest modifying your root imagea
<nacc> dn`: and make it not used on its own
<nacc> dn`: if that makes sense
<dn`> not sure I follow - ânot used on itâs own?â
<nacc> dn`: some context on what i mean: https://naccblog.wordpress.com/2017/03/30/iscsi-initiator-names-in-cloud-images/
<nacc> dn`: treat it as a master image
<nacc> dn`: well, you can use it, i guess
<nacc> dn`: but i mean, it sounds like basically you're doing your own little cloud :)
<nacc> dn`: and that requires making sure your 'image' is clean
<nacc> smoser: --^ :)
<dn`> ah, yes - thatâs kinda the plan
<nacc> dn`: things like ssh host keys, iscsi initiator names, etc. should be unique
<dn`> hmhm, ssh host keys is a good point - guess Iâll try to figure out how todo it with preseed/kickstart
<dn`> but this will create many tears from past tries ;-)
<nacc> dn`: we (server team) are talking about this generally
<nacc> dn`: but i don't think it's 'solved' yet :)
<dn`> iscsi via preseed?
<nacc> dn`: making a clean image to use
<nacc> dn`: given an installed instance
<dn`> ah - I think itâs not insane hard
<dn`> there is a command to regnerate the host key or you could just delete it (auto generate on start then)
<nacc> without having tohave a script go and do it :)
<dn`> ah;-)
<dn`> yeap, that would be nice - but if I can have one request
<dn`> âfixâ pressed ;-)
<dn`> I often have to install machines without ipmi
<nacc> what's wrong with preseed? or do you mean iscsi support in preseed?
<dn`> and then preseed can be a super awesome tool
<dn`> yes, iscsi support and something different then partman ;-)
<smoser> nacc, just saying this out loud, i think that the "updated" iscsi.initiatorname probalby gets put into the initramfs at some point, and at that point the initramfs has a copy and is also then dirty.
<dn`> e.g. assuming you have a 100GB disk, and you want something like 30GB used for / [ignore th enumbers etc] - you are forced to also create 70g parition - otherwise partman fails; you canât ânotâ create it
<nacc> dn`: tbh, there's an entirely new instller in development (subiquity) -- not sure on preseed support there
<nacc> powersj: you asked about that on the list, right?
<nacc> smoser: yep, i think that's true, as there is an initramfs hook in the package
<dn`> nacc: can subiquity do a non interactive install?:)
<dn`> how stable is it?:) *googleing*
<nacc> dn`: no idea :)
<nacc> dn`: not stable, afaict
<nacc> dn`: it's still internal, mmaybe
<dn`> found the repo
<nacc> dn`: yeah, it is in active development
<dn`> but I guess Iâll try to figure out if iscsi is or is not possible with preseed :/
<nacc> this at least refers to it: https://gist.github.com/Lupul/0accbdc94b8a5ce674d7
<powersj> nacc: yeah I did ask about it. I think still need to understand where it would be used and by whom
<smoser> if you're doing iscsi root... then it really seems best to me to shoot for doing image based clone rather than install.
<smoser> and use cloud-init or some other "first time" thing.
<nacc> dn`: --^
<smoser> basically then, get yourself a pristine image (from cloud-images.ubuntu.com, have to add a kernel if you need a hardware kernel)
<smoser> and then just clone that thing. probably can even get away with putting a static /var/lib/cloud/seed/ in it for your metadata and user-data. or you can clone and then write those few files.
<dn`> smoser: thatâs what I tried, will look more into it - the problem is I need to clone the image at least twice I think for each installation ;-)
<dn`> nacc: thanks - will try to figure that out
<dn`> nacc: maybe itâs easy as addres sis the IP and multiselect is the name/iqn
<dn`> that would be WOHA ;-)
<drab_> how woudl you evaluate the different performances of more slower cores vs fewer faster cores when it comes to concurrency?
<nacc> drab: what do you care about? define a performance metric and measure it
<drab> nacc: yeah, the thing is, I don't have the hw test to on. So I'm not sure if 8 cores at 2.5GHz are going to do better than 4 cores at 3.2Ghz
<nacc> drab: ... so how would you evalutate this at all? thought experiment?
<drab> nacc: I was hoping someone here would have gone through similar considerations and maybe had the gear to test it, and knew that for eaxmple in a hosting scenario as a rule of thumb you're better off with faster CPUs and fewer core count or whatever configuration
<drab> I coulsd possibly try to recreate something with containers and limiting cores, but don't think I can influence freq at all
<nacc> drab: right, you never said 'hosting scenario' -- so # of VMs is a performance metric
<arooni> what should i check when i get a 'Connection refused' message from my ubuntu 14.04 server when i try to ssh to it?
<arooni> its being antisocial
<dlloyd> is openssh running?
<tomreyn> arooni: connection refused suggests that some endpoint or intermediary recived your connectrion and decided to actively drop it.
<tomreyn> that's what an openssh server does when it's just starting up, or when you are connecting from an ip address not authorized to connect to it.
<tomreyn> but also a firewall, wherther host or network based could do such.
<tomreyn> most of the time, firewalls would just drop the traffic, though
<tomreyn> (which would result in a timeout message, not the one you got)
<Mead> welp I took the plunge, I've got ubuntu server installed,  nothing but command line,  now I have no choice but to learn how to configure everything in the CLI...   so...  now I guess I need a load of guides and documentation.  Anyone kwow were to start?  The more searchable the better.
<blackflow> Mead: start with specific software you want/need
<compdoc> you can also install a minimal desktop like mate. which then allows you to remote into it
<compdoc> my life would be a living hell with remote dektops
<blackflow> that kinda defeats the purpose :)
<compdoc> nothing but net. I get it
<bekks> Mead: you could even install a graphical environment. Which will not help much in configuring services on your server.
#ubuntu-server 2017-04-01
<rizonz> is backports really needed for servers ?
<RoyK> depends what packages you need :P
<rizonz> hehe
<rizonz> RoyK: 1-0
<rizonz> RoyK: but not many packages in there ?
<patdk-lap> there isn't much worthy of backporting yet
<patdk-lap> the older it gets, the more items get put into backports
<patdk-lap> backports also don't get security patches
<RoyK> patdk-lap: well, I guess that may be true for ubuntu, being a wee bit bleeding edge for most sysadmins. It's quite nice with debian, where the standard track is rather on the conservative side
<patdk-lap> well, this is #ubuntu though
<RoyK> I'm aware of that
<Elzington> I'm looking at my syslog, and see: connect from unknown[96.57.19.234] ... is this a connection attempt, or is this a successful connection from that IP address?
<Elzington> a second later I see: disconnect from unknown[96.57.19.234]
<Elzington> the full line is: postfix/smtpd[20890]: disconnect from unknown[96.57.19.234]
<dn`> anyone got by chance a fix/hint regarding: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1569925 Iâm facing the same ;/
<ubottu> Launchpad bug 1569925 in systemd (Ubuntu) "Shutdown hang on 16.04 with iscsi targets" [High,Confirmed]
<dn`> wuhuhu, I fixed it ;-)
<dn`> *trying to narrow down the âfix*
<dn`> the issue is that the network intereface gets shutdown to early, but iscsi thingie stil needs it
<dn`> since the interface is started in initramfs for me, it was good enough to remove the interface from /etc/network/interfaces
<dn`> but thatâs nt really pretty
<lordievader> Good morning
<zeus123> hello everyone, can anyone help me regarding squid3 basic authentication from internet, which is behind NAT.
<faekjarz> Hey there! I'd like to receive kernel updates, but i use the non-default 4.8 on 16.04. Is there a metapkg like linux-image-generic that points to a latest 4.8.0 kernel? (4.8 is required because it seems to have the ACS override patch applied / useful IOMMU groups)
<faekjarz> â¦apt-cache search linux-image output doesn't look promising, did i overlook something?
<rbasak> faekjarz: if you don't get an answer here, try asking in #ubuntu-kernel. Also there might be more people who know on a weekday.
<faekjarz> rbasak: aye, thanks
<blackflow> faekjarz: I was going to suggest the linux-generic-hwe package, but I guess that's not what you need?
<faekjarz> blackflow: hmm, it points to the latest 4.8 (check), but what does hwe stand for?
<faekjarz> â¦found it, btw, hwe stands for hardware enablement
<patdk-lap> you will want hwe
<patdk-lap> cause 4.8 will go unsupported soon
<patdk-lap> so you will have to upgrade to what comes after 4.8
<drab> is anybody doing something "magical" with write caching to allow backups with no downtime? or is it just a crazy idea?
<drab> so basically turn some knob that stops writes to going to disk but just put them in cache, run a snapshot of the disk, flush writes to disk/re-enable writing as usual
<drab> I realize that during the window of the snap if something happens you're screwed, but it's a risk I'd be willing to take in a few scenarios I need to deal with where I don't have slaves to take backups and don't want to stop services/block writes
<rizonz> patdk-lap: yap, I have added it, it's only 2G
<rizonz> RoyK: ^
<RoyK> 2G what?
<tekk> hi, is there a way to check which pci dev-id a network interface is ?
<tekk> i.e. what does eth0 map to
<tekk> (trying to identify nic's)
<tekk> ah... lshw has it
<tekk> my bad
<WACOMalt> hey guys. How can I fix this issue with dependencies on my locales when trying to install tmux? https://pastebin.com/Q35vgvhz
<WACOMalt> and when I do apt-get -f install I get this: https://pastebin.com/Lf7HfmgX
<WACOMalt> which is more than a little scary to be frank
<OerHeks> WACOMalt, is this on Zesty?
<JanC> WACOMalt: what exactly did you do before that...
<WACOMalt> this has been plagueing me for so long I have no idea what I did as it was like half a year ago
<WACOMalt> and how do I check my ubuntu version :X
<WACOMalt> I think its 14.04 server LTS
<WACOMalt> OerHeks: yes just confirmed I am on Ubuntu 14.04.5 LTS
<JanC> it looks like you added third party repositories for some other release then
<WACOMalt> https://pastebin.com/raw/7GxqHuFX
<WACOMalt> that's my apt/sources.list
<WACOMalt> I dont see anything fishy
<JanC> lsb_release -d
<WACOMalt> already found it, thanks :)
<WACOMalt> 14.04.5 LTS
<JanC> what sources are in /etc/apt/sources.list.d/
<WACOMalt> JanC: https://pastebin.com/raw/8M3R2EGL
<WACOMalt> looks like everything is for trusty
<JanC> except for btsync maybe?
<JanC> (also, those are just filenames, of course)
<WACOMalt> JanC: went into btsync and all the others in text editor
<WACOMalt> all say trusty
<WACOMalt> any idea how I can force it to reinstall locales or whatever it's hanging on?
<JanC> not until you find out what is causing this really
<JanC> well, maybe find out if you have any packages installed that don't come from these repositories
<WACOMalt> that's why I'm here, for help finding out what's causing this
<WACOMalt> I'm completely out of my depths
<drab> WACOMalt: what were you trying to install? generally speaking if you get to the point of running apt-get with -f something failed previously to install
<WACOMalt> previously, I dont know. like Is aid it was likely 6 months ago
<WACOMalt> currently, tmux
<drab> WACOMalt: I assume you're not storing logs for that long, are you?
<drab> WACOMalt: anything in /var/log/apt ?
<drab> especially history.log(.x.gz)
<drab> also is this a server install? assume so since this is -server, but why the gnome packages? did you put a gui on the server?
<WACOMalt> at one point yes. I was using x-server forwarding
<drab> WACOMalt: I assume you ddi an apt-get update and evreything is ok?
<drab> do you have anything in /etc/apt/sourced.list.d/ ?
<JanC> https://pastebin.com/raw/8M3R2EGL
<JanC> supposedly they are all intended for trusty
#ubuntu-server 2017-04-02
<WACOMalt> yeah I went into each file and nothing but trusty listed beside them
<JanC> my guess would be you either installed a .deb not from an external repository, or you removed that repository afterwards
<drab> can you disable all 3rd partyr repos and try an update again?
<WACOMalt> how do I do that?
<drab> just sudo mv /etc/apt/sourced.list.d/ /etc/apt/sourced.list.disabled/
<drab> and re-run apt-get update
<JanC> and then run sudo apt update
<JanC> or apt-get
<JanC> probably apt-get i  :)
<drab> apt is actually nicer, I'm just too used to type apt-get still
<drab> nicer progress bar at least :)
<drab> also I don't think apt history is removed often if at all, its' so tiny,can't remember rotation poilcies
<drab> so you should still have something in /var/log/apt/
<drab> can you please check history.log?
<OerHeks> maybe apt-get dist-upgrade is more fun .. libc update lately and kernels...
<drab> it should tell you what you installed
<drab> OerHeks: yeah the thing is, it shouldn't ask you to remove it, which is what is happening here
<JanC> maybe check that log around 7-5 months ago
<WACOMalt> argh. sorry to do this to you guys but I have to run. I'm going to have to fix this tomorrow, something came up
<WACOMalt> I'll be back!
<WACOMalt> thanks for the help thus far
<JanC> the requested libc versions mentioned in the pastebins are not normal for Ubuntu 14.04
<OerHeks> bitcoin thingy.. box can be hacked too
<JanC> well, any of those could be rogue; like I said those are just filenames and there could be anything behind them
<JanC> so the one named "bitcoin" is no more suspect than the other ones
<JanC> and in any case, I would expect that scammers make sure they wouldn't be detected that easily  :P
<JanC> usually this sort of crap is the result of stupid enterprise companies  ;)
<JanC> at least IME
<drab> are ppl around here running kvm on ubuntu-server by any chance? it seems overall cumbersome
<drab> for one any documentation I found, including on the ubuntu wiki, seems outdate, referencing 8.04 and stuff
<drab> and the default ubuntu-vm-builder breaks badly
<drab> even the official kvm doc page references 7.04 under the ubuntu section
<OerHeks> good start https://help.ubuntu.com/community/KVM
<drab> OerHeks: that's what I've been following and had a lot of rpoblems with
<drab> the ubuntu-vm-builder seems broken
<drab> never complete no matter which combination of paramters I try
<drab> and if I use virt-install that again isn't completing cleanly or it seems to require a great deal of hacking around with VNC and ssh tunnelling to do an install from CD
<drab> I'm trying to get pxe install going, but no luck there either so far
<drab> also --os-variant with virt-install stopped at ubuntuprecise... which looks suspicious
<Mead> what is the best way to restart a system via SSH?
<drab> eeer, what's that supposed to mean?
<drab> how would you restart a local system?
<drab> Mead: ssh isn't special, you restart it the same way you'd restart a local system
<Mead> ok, how to I restart fromt he cli?
<drab> Mead: https://www.google.com/search?q=how%20do%20I%20restart%20a%20system%20via%20ssh&*&rct=j
<adrian_1908> I have a question about Nginx + PHP-FPM, but I thought I'd ask here instead of the specific channels. If the Nginx worker runs as `www-data` and the FPM pool as e.g. `cms-user`,  can I just give ownership of the website directory to `cms-user` or do I need to involve `www-data` for some reason?
<adrian_1908> The way I see it `cms-user` would be what the CMS uses to run PHP scripts and hence to handle files, so wouldn't that user alone suffice as owner?
<blackflow> I've got remote unlocking of encrypted root working with dropbear. None of the askubuntu or similar articles for search of "ubuntu unlock root on boot" or similar, were correct, it's far simpler today. I'd like to contrib an article to server wiki. Please let me know where do I start.
<blackflow> I know how to edit wikis, just please point me to (official?) section/pages where I can add such content.
<blackflow> somewhere here, if I'm not mistaken?  https://help.ubuntu.com/lts/serverguide/
<Mead>  why do I have a "virbr0" interface when i run ifconfig when it isn't in /etc/netowrk/interfaces file?
<blackflow> Mead: created by libvirtd I think, you've probably got virtualization set up?
<Mead> I'm working on it, all the packages are there
<Mead> interesting
<Mead> I installed ubuntu-server last night and I'm confirming I did everything  right before I stat trying to build actural VM's.  that that virbr0 was unexpected
<blackflow> Mead: technically, it's not needed. You can shut down the daemon and run VMs through custom scripts launching qemu-system-x86_64, and have whatever networking configuration you need.
<Mead> nice
<dn`> is there by chance a kernel param that I can set while using the ubuntu-installer (net) via preseed to sent the output/or log at least to a remote syslog?
<Erick3k> hello
<Erick3k> ubuntu randomly gets stuck https://i.imgur.com/BZucMiY.png
<Erick3k> after restart
<Erick3k> any idea why?
<blackflow> Erick3k: randomly but not every time? Enable journal persistence if it isn't already and check the logs on next reboot aftre it freezes like that.
<Erick3k> blackflow i reboot and works, i turn off the vm and turn back on and that happens, extremly weird am out of ideas
<Erick3k> check this video so you can see what am talking about https://drive.google.com/file/d/0B4wHJ6nwLi9BQ0pWU2tRbVVfc2c/view?usp=sharing
<blackflow> Erick3k: well then do exactly like I suggested.
<Erick3k> ok how can i enable that sorry my ignorance
<blackflow> Erick3k: "Storage" option of /etc/systemd/journald.conf
<blackflow> check the manpage of journald.conf
<Erick3k> k
<DarkByD3sign> Evening all, anyone around to ask a security question.
<blackflow> Maybe.
<Erick3k> blackflow this should do it right https://i.imgur.com/priemZZ.png
<blackflow> Erick3k: correct
<Erick3k> ty
<DarkByD3sign> I've created a VPS from a well known cloud service. I've created my ssh key in putty gen and added it to the details on the cloud service so I can log in. Do I need to edit anything on the server side like in /etc/ssh/sshd_config?
<blackflow> DarkByD3sign: once you make sure it works, disable password authentication
<Erick3k> blackflow ok now stuck, poweroff and boot on systemrescue cd to get the log?
<blackflow> Erick3k: no, reboot again into working system and then check with journalctl
<Erick3k> tried reboot still gets stuck https://i.imgur.com/fSg8JWa.png
<blackflow> Erick3k: then reboot until you get in
<Erick3k> tried power off and start same thing
<Erick3k> ok
<Erick3k> blackflow 20 reboots and nothing
<blackflow> Erick3k: well then try from a systemrescue and see if there's anything in /var/log/messages
<Erick3k> k
<Erick3k> no messages but kern says https://i.imgur.com/tiPp325.png
<Erick3k> blackflow any ideas?
<Erick3k> about to give up on this, makes 0 sense
<Erick3k> anyone around that can help me with a non booting cloud image?
<blackflow> Erick3k: sorry, no idea.
<blackflow> Erick3k: though that first screenshot you posted, there are no errors as has been suggested in #ubuntu, those are regular raid modules loading up messages
<Erick3k> right but why does it gets stuck after a shutdown and not a reboot?
<blackflow> Erick3k: wait, that's not what you originally said
<Erick3k> did you see the video i linked?
<blackflow> and looking a the timestamp, that's on boot?
<Erick3k> you can do a reboot and boots up
<Erick3k> once you power it off
<Erick3k> it gets stuck forever
<Erick3k> https://drive.google.com/file/d/0B4wHJ6nwLi9BQ0pWU2tRbVVfc2c/view?usp=sharing
<Erick3k> check the end of the video
<Erick3k> yes
<Erick3k> gets stuck next time you power it on during boot
<blackflow> and after that you can't boot into the system at all?
<blackflow> that link doesn't load, but nevermind
<blackflow> doesn't matter, the boot sequence should print out any errors it encounters
<blackflow> there's that cgroup message, I don't know if that's a showstopper error or just a warning
<Erick3k> it just doesn't go past https://i.imgur.com/BZucMiY.png
<Erick3k> no error
<Erick3k> no nothing
<Erick3k> just stuck there
<blackflow> Erick3k: I'm sorry, without an error message, I wouldn't know what could be the cause.
<Erick3k> yea same here
<Erick3k> yea an Unsolvable Bug i guess
<blackflow> Erick3k: you did say that was ubuntu cloud?
<Erick3k> yes image
<blackflow> which image exactly?
<Erick3k> https://cloud-images.ubuntu.com/xenial/20170331/
<Erick3k> tried older ones, same thing seems to happen
<Erick3k> ubuntu 14 works great
<Erick3k> so is something on 16
<blackflow> eh, afaik that's for containers
<Erick3k> am using kvm
<blackflow> I don't think that cloud is the right image then
<blackflow> I could be wrong. But, why not just use the regular server image, if that's KVM
<Erick3k> ummm
<Erick3k> you might be right
<Erick3k> this looks like the right one
<Erick3k> https://cloud-images.ubuntu.com/releases/16.04/release-20170330/
<blackflow> https://www.ubuntu.com/download/server
<blackflow> I blame all this "cloud" nonsense. Everything is called cloud these days. Easy to get confuzzled.
<blackflow> and they're all just regular operating systems
<blackflow> with the exception of containers not needing their own kernel
<blackflow> so the images for containers are made smaller and simpler.
<Erick3k> interesting
<Erick3k> i just prefer the images save you the install / setup cloud-init time
<blackflow> but KVM is full virtualization. containers are just namespaces. that means for KVM you'll need a full blown operating system with a kernel, init, and all that. so, go with regular server images.
#ubuntu-server 2018-03-26
<ipat8> Has anyone been able to get the new server installer to appear?
<ipat8> I have the newest daily iso but I don't get the new installer, I only get the old debian installer.
<tomreyn> ipat8: where did you download from or whats the checksum?
<tomreyn> i'll give this a try in a few http://cdimage.ubuntu.com/ubuntu-server/daily/20180325/bionic-server-amd64.iso
<tomreyn> sha1: b6dad56464ad1f948fee893e0fa9385536f7fdc4 sha256: ebabb1767eabb793449fec9f94feae0486c350056f68e863ac7835660e4168c3
<tomreyn> i got the classic ncursrs like interface, too
<tomreyn> also it's pretty broken
<tomreyn> it prints <ERR> in many places and keyboard detection seems to be broken, shows key codes to press instread of special characters.
<tomreyn> localization seems to be incomplete
<tomreyn> well, there's another month left ;-)
<ipat8> tomreyn: Yep that's the one I'm using, maybe a preseed issue?
<tomreyn> ipat8: yes, maybe, i'm using it in virtualbox, can't seem to switch between VTs, but it does print some errors justr before th einstaller loads
<tomreyn> ipat8: maybe it's actually bionic-LIVE-server-amd64 which we should be trying.
<ipat8> Hmm, let me grab it and see
<ipat8> Wait
<ipat8> Where do you see a bionic-LIVE-server-amd64 ?
<tomreyn> http://cdimage.ubuntu.com/ubuntu-server/daily-live/current/
<tomreyn> and yes this is the one
<ipat8> Yep just realised what I was doing
<ipat8> * realized
<tomreyn> i'm running it now
<tomreyn> 5 languages supported so far?!
<tomreyn> http://i.imgur.com/VMk77JS.png
<tomreyn> english, catalan, hungarian, lithuanian, russian, if i'm getting it right.
<ipat8> Yep, so I'm guessing they're going to be building both, as to maintain compatibility with MAAS or preseed?
<tomreyn> the new one also offers maas as an installation target
<tomreyn> but maybe preseed, or backward compatibility in general.
<ipat8> Holy shit that's fast
<ipat8> No
<ipat8> I meant MAAS as an installation source
<tomreyn> oh ok
<ipat8> It requires a debian installer for cloud-init
<ipat8> That was 45 seconds and it's done
<ipat8> That's incredible
<tomreyn> yes it's really fast
<ipat8> I see why MAAS is so fast now
<tomreyn> manual paritioner crashes for me. but then i have no disk to install to.
<ipat8> curtin is just magic
<ipat8> Are you in vbox or vmware?
<tomreyn> vbox
<ipat8> Change to a SATA disk
<ipat8> and a SATA controller
<tomreyn> i dont have a MAAS, so i only have SATA anyways
<tomreyn> just added a disk, it detects it when it restarts the installer (no reboot)
<tomreyn> i like how it installs in the background now, like the desktop installer does
<tomreyn> and you can import ssh keys already, nice.
<ipat8> I'm extremely impressed, if I can script this or provide a preseed this is going to be a significant improvement in how I manage my auto installs.
<tomreyn> how do you deploy?
<tomreyn> pxe boot, i guess?
<tomreyn> hmm apt dist-upgrade states that grub-pc-bin was automatically installed and is no longer required - on a fresh installation.
<tomreyn> oh that's probably because i got efi
<tomreyn> it reboots very fast, too. the longest job is dhcp (ipv4+ipv6) here.
<lordievader> Good morning
<tobasco> coreycb: any idea? https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1758882
<ubottu> Launchpad bug 1758882 in neutron (Ubuntu) "neutron-db-manage python-pecan failure" [Undecided,New]
<tobasco> i checked all dependencies for gnocchi and neutron packages, can't see any weird constraints
<tobasco> happend after adding gnocchi for queens
<coreycb> tobasco: i'm not sure but i can try to recreate. heads (plural) is a typo right?
<coreycb> tobasco: if you upgrade python-pecan does it fix it ?
<coreycb> tobasco: we may need a higher min version of python-pecan specified in the neutron package
<coreycb> tobasco: i've triaged that bug, it's a package issue so i'll get that uploaded now.
<tobasco> coreycb: I fixed the issue on my side, I posted some more info there
<tobasco> I install ceph before having the UCA repo, so python-pecan is already installed when installing the other packages
<tobasco> ceph-mgr depends on python-pecan
<tobasco> don't know if the procedure about it, but we should probably change the neutron package to have the later version from UCA
<coreycb> tobasco: ok. it's still a package bug for neutron. once i build it successfully (takes a bit) i'll get it uploaded to bionic then back to the queens uca. thanks for reporting this.
<tobasco> unless it would break ceph-mgr completely
<tobasco> coreycb: cool, sorry for setting it as invalid, thought it was a mistake on my part
<coreycb> tobasco: all good :)
<adac> how to remove all but one kernel?
<lordievader> adac: `sudo apt remove <the packages you want to remove>`?
<adac> lordievader, yes that is an option. but I need to automize that actually
<adac> and I don't know which kernels are installed on the machine already
<lordievader> Hmm, well if the meta-package is installed `apt-get autoremove` should leave the last two and remove the rest. Though this has been buggy in the past.
<lordievader> Not really sure if this has been fixed.
<adac> lordievader, I see yes. thanks!
<lordievader> The above works until you start installing specific kernel versions manually ð
<adac> lordievader, which I do :P
<adac> hehe
<lordievader> Ah, the way `apt` select packages for removal is by checking if they are orphaned. If they are manually installed they do no classify as orphaned.
<lordievader> I suppose you then either need to write a script or start using  the meta-package.
<adac> kk thanks
<coreycb> jamespage: promoting queens-proposed -> queens-updates
<teward> *waves to the server team*
<rbasak> o/
<teward> anyone want to do me a solid and do an nginx merge from Debian?  I'm a little bit busy with networking redesigns and overhauls at work so I've been pulling 10+ hour days and am just dead when i'm not at work...
<teward> i know that we're in FeatureFreeze, but I"m hoping the Release team will accept something like we did for 16.04, with us being as close to nginx stable that comes out in April as possible, with a version bump to the then-stable NGINX release in -updates.
<teward> hate to ask but :P
<rbasak> teward: no worries. I'll add it to our list.
<tobasco> coreycb: if it's not too much could you ping me when that package fix is available in queens uca
<coreycb> tobasco: sure np
<tobasco> coreycb: awesome, thanks :)
<Gargravarr> hi all, looking for some help with something not entirely server-related, but recommended to post here anyway - need some help with SSSD if anyone can advise
<tomreyn> Gargravarr: most people in here may not respond unless you'll discuss the entire issue.
<Gargravarr> okay, i generally post the minimum to grab attention without flooding
<Gargravarr> so i've got Ubuntu laptops auth'ing via LDAP using SSSD. most of the machines work, but i have a few machines where SSSD causes the machine to freeze on boot
<Gargravarr> the most frustrating aspect is that i have no logs or error messages as to why it's occurring
<Gargravarr> this is on Xenial with kernel version 4.13.0-36 & -37. if i disable the sssd.service and reboot, the machine comes up to the login prompt. otherwise it freezes at the Plymouth splash screen, or the text screen showing the services starting if i ESC out of it
<ahasenack> rbasak: hi, question. I'm getting ready to propose those nvdimm packages. What would be the next step, get sponsorship for an upload, and then get an AA to take a look since it's a NEW package?
<rbasak> ahasenack: yes that's right
<rbasak> ahasenack: you'll need an FFe too, though for new packages that's not usually a problem.
<teward> rbasak: thank you very much.  once this rebuild is over I"ll not be pulling 10 hour days and will be able to provide more help again, but until that point I'm a little swamped :P
<ahasenack> rbasak: ok
<Gargravarr> okay, now i'm getting hard/soft lockups on the CPUs
<Gargravarr> after starting SSSD
<rbasak> Gargravarr: bug 1746806?
<ubottu> bug 1746806 in linux-aws (Ubuntu) "sssd appears to crash AWS c5 and m5 instances, cause 100% CPU" [Critical,In progress] https://launchpad.net/bugs/1746806
<Gargravarr> rbasak: thanks, i'll read that
<Gargravarr> yesss, i keep seeing the ^@^@ strings when this happens
<rbasak> ^@ is 0x00
<rbasak> Crashes of all kinds can typically cause that.
<rbasak> To verify if you're affected by that bug, please start by reverting the kernel package version.
<Gargravarr> rbasak: does this affect the 4.13 kernels too? i'm only seeing 4.4 mentioned in the bug
<Gargravarr> ah, scrolled down enough
<Gargravarr> rbasak: how far back should i revert?
<Gargravarr> currently running 4.13.0-37
<rbasak> Gargravarr: sorry, I don't know any more than the bug.
<Gargravarr> fair enough
<rbasak> Gargravarr: but if you find more information that's not in the bug, then please do post it there.
<Gargravarr> will do
<Gargravarr> yep, i found 4.10.0-28 was still installed, booted that and it's running fine, LDAP auth included
<Gargravarr> right, i'll follow the bug (and post my setup)
<rbasak> Gargravarr: thanks. Please also mark yourself as affected on the bug.
<mdye> thx for ubuntu-server; I've recently begun using LXD via the Snap on an ARM7 box and it's rock solid, easy to manage. Thx guys
<nacc> rbasak: do you have a link to our pad for the git-ubuntu changes? Maybe i can take a stab at them
<rbasak> nacc: https://pad.ubuntu.com/Y25nCOQd6e
<nacc> rbasak: thanks
<nacc> rbasak: what exactly is the walk() method supposed to be returning? I don't see any docs (or the order in which things are supposed to be return, i guess)?
<rbasak> nacc: sorry that's not defined anywhere. It should be.
<rbasak> nacc: it returns a sequence of (parent, obj) pairs, enumerating all objects recursively.
<rbasak> s/enumerating/iterating over/
<rbasak> parent is just the parent of the object, which makes the output easier to consume since the actual data structure is the other way round (an object keeps track of its children but not its parent)
<rbasak> nacc: also instance.walk() is supposed to return instance as well where that makes sense.
<rbasak> nacc: so for that to work, walk() is told its parent when it is called, since the class instance itself doesn't know. And it just returns that.
<rbasak> nacc: IIRC, the ordering is intentionally depth first, so that the placeholder replacement happens bottom up
<nacc> rbasak: yep
<nacc> rbasak: that makes sense, i just wanted to make sure i followed it, as it's sort of an internal API
<rbasak> nacc: yeah. My fault for not documenting it better. Because it's an interface that isn't defined in code anywhere (duck typing etc), there wasn't an obvious "must write a docstring" prompt for me. Some of it is an external API too. I'm not sure whether walk() should be internal to the module or external to callers.
<nacc> rbasak: if you have a few seconds, https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+ref/repo_builder_tags_branches i thnk does everyting up to the copy method
<nacc> rbasak: it keeps the coverage at 98% (which it is in master, which i think implies some missing test, which i'm going to look at now)
<nacc> rbasak: ok, got it to 100% in master
<nacc> rbasak: branch updated
<compdoc> anyone have a gui they like to encrypt files/folders?
<nacc> rbasak: fyi, force-pushed branch, which now matches the spec (I found it easier to create the classes first and then move to in-place dictionaries) and added the Repo.copy method
<nacc> rbasak: still at 100% coverage :)
<nacc> rbasak: i'm not seeing an obvious way to find all commits in a repo (I can find all reachable commits from the branches, but we're not guaranteed to have any branches)
<ProCycle> Have a bit of a head scratcher with SSH. I can login with my adminstrative account using key auth just fine. However I cannot login with another account using it's own key. I just get "No supported authentication methods available (server sent: publickey)"
<ProCycle> It worked fine on Friday, but it doesn't today. Double checked I had the right key in .ssh/authorized_keys
<ProCycle> updated and rebooted the server
<sarnold> ProCycle: check ownership and permissions of / /home /home/user /home/user/.ssh /home/user/.ssh/authorized_keys   -- namei -l ~username/.ssh/authorized_keys is a handy way to get there :D
<ProCycle> Huh didn't know about that command
<ProCycle> home is owned by root, user dir is owned by user, .ssh is owned by user, authorized_keys is owned by user
<ProCycle> and perms seem correct too
<sarnold> ProCycle: how about the permissions? group owner of the .ssh dir and file?
<ProCycle> They're both set to the user's group
<ProCycle> It makes no sense :S
<sarnold> are there any more detailed logs on the host?
<ProCycle> I can look, where would they be>
<sarnold> is the client perhaps using a too-small key? openssh recently changed to require > 1024 bits for rsa keys, iirc
<ProCycle> Nope it's a 2048 key
<sarnold> /var/log/* and /var/log/audit/audit.log if you've got it
<ProCycle> looking at auth.log
<ProCycle> See lots of bot attempts to login to nonexistent accounts but don't see my user account in there
<sarnold> curious
<sarnold> tail -F the thing, and try again?
<ProCycle> Ah there we go
<ProCycle> Authentication refused: bad ownership or modes for directory /home/username/.ssh
<ProCycle> .ssh has drwxrwxr-x with owner set to username and group set to username
<ProCycle> running groups lists it as a member of that group
#ubuntu-server 2018-03-27
<sarnold> right :)
<sarnold> sshd doesn't care about the details of the group
<sarnold> all it cares about it 755 not 775.
<ProCycle> it has the same perms as my other account which can log in
<ProCycle> So I don't know what it's complaining about
<sarnold> your other account was 775 as well and it *could* log in? o_O
<ProCycle> yes
<ProCycle> They've always been that way, for years
<ProCycle> I do -rw------- for the actual authorized_keys file
<ProCycle> wow it worked
<ProCycle> changed to 755 and can login now
<ProCycle> Thanks for the help!
<sarnold> \o
<sarnold> \o.
<sarnold> GAH.
<sarnold> yay.
<sarnold> there we go. :)
<ProCycle> So strange it would take exception to only that account
<ProCycle> Oh it's closing time, gotta run. Thanks again!
<lordievader> Good morning
<ahasenack> rbasak: hi, good morning/afternoon. Could you please import ubuntu-advantage-tools into git? Latest version is 16, uploaded on march 21st, but in git we still have v15 from March 20th
<rbasak> It's in the whitelist.
<rbasak> nacc: ^ so I assume it's OK to just run the importer against this. The only risk is a collision, but that seems unlikely for this package.
<rbasak> Running
<ahasenack> thx
<rbasak> ahasenack: it ran but didn't seem to do anything
<rbasak> ahasenack: I see version 16 here.
<ahasenack> hm, I see it now too
<ahasenack> oh geez, I just did a fetch, not a pull or merge
<ahasenack> sorry
<ahasenack> my mistake
<samba35> is there a bug in 16.04.4 with openvswitch ?
<samba35> too many logs are been genrated with openvswitch
<samba35> in GB s
<ahasenack> rbasak: ohh, something changed in lp regarding our git repo for packages
<ahasenack> rbasak: I'm making a new MP, and lp by default selected this target for me: ï¿¼ lp:ubuntu/+source/ubuntu-advantage-tools (repository details)â default repository
<rbasak> ahasenack: that's intentional.
<ahasenack> the UI is also slightly different now
<rbasak> It's easier/better now, no?
<ahasenack> yep
<ahasenack> that wa the "ohh" part :)
<rbasak> Ah :)
<ahasenack> rbasak: who will be the default reviewer?
<rbasak> ahasenack: we don't really have an answer for that yet, sorry
<rbasak> Mapping reviewers to people who can upload doesn't really work currently
<ahasenack> ah, it defaulted to the usual import team
<rbasak> (there is no such map)
<teward> rbasak: can you stab the Canonical Landscape team for me about bug 1685885?  I'm not the only one affected by it, and it makes using Landscape impossible.
<ubottu> bug 1685885 in landscape-client (Ubuntu) "Extreme RAM and SWAP usage" [High,Confirmed] https://launchpad.net/bugs/1685885
<RoyK> is there an exception for sigterm? I have one for kbkdinterrupt, but that doesn't work when systemd takes down the service
<rbasak> teward: done
<nacc> rbasak: ack, np
<teward> rbasak: thank you kindly.  That's been biting me for some time, and though it's confirmed and High priority, nobody's touched it.  One guy said on the bug it ate all the ram on their mail server, so if *someone* could consider that an urgent issue, that'd be great.  I've not been using Landscape for centralized management because of what I consider a massive memleak
<teward> *returns to the shadows*
<jamespage> frickler: fwiw the ceph-volume and missing dep for ceph-mgr are now in bionic and the Queens UCA; working updates for artful and Pike UCA now
<nacc> rbasak: around? had a quick Q re: git-ubuntu tests
<rbasak> nacc: o/
<nacc> rbasak: ok, so i've got a quick implementation of repo_comparator.equals, and i was assuming it'd take two pygit2.Repository objects to compare; however, if we pass in expected_result, that's a repo_builder.Repo object (and not yet written anywhere). Should I create a second temporary pygit2.Repo fixture?
<rbasak> nacc: could go either way I guess. I think that it probably makes sense for repo_comparator.equals to take a pygit2.Repository and a repo_builder.Repository perhaps, and handle writing the latter to a pygit2.Repository in a temporary directory itself. So no fixture.
<rbasak> nacc: my reasoning is that it'll make the tests simpler, and that's what we'll be writing in bulk.
<nacc> rbasak: hrm, a good point
<rbasak> I can't think of a case where we'd need an equals method with two pygit2.Repositories. But if we ever do need that, we could always supply two methods; one being a wrapper of the other.
<nacc> rbasak: yep, good point
<nacc> ok, i'll switch to that
<nacc> rbasak: nice, test passes (case #1)
<nacc> rbasak: i need to clean up this pile of commits significantly, of course :)
<nacc> and found a few bugs in my branch, i'll get them squashed and send you a few MPs to review
<smoser> can someone takek a quick review for me
<smoser>  https://code.launchpad.net/~smoser/ubuntu/+source/ssh-import-id/+git/ssh-import-id/+merge/342231
<sarnold> with open(output_file, "r") as f:
<sarnold> is it kosher to open an output file with read permissions, not write?
<sarnold> oh, nevermind, that's pre-existing code
<rbasak> smoser: what if HOME is set but empty?
<rbasak> I see the code is upstream.
<smoser> if os.environ.get("HOME")
<rbasak> It seems the code doesn't really define the behaviour in that edge case.
<smoser> if truly empty would still take the 'else'
<rbasak> Whatever behaviour it has feels like an accident.
<smoser> but HOME=" "
<smoser> then i'm not sure.
<rbasak> Shouldn't else have a : at the end?
<sarnold> I'd wager "empty HOME" falls under "don't do that"
<smoser> rbasak: yes. and the code does. i was just typing here.
<rbasak> Not in the patch I'm looking at.
<rbasak> Line 50 in the MP
<smoser> rbasak: http://paste.ubuntu.com/p/MBMXFmfSKt/
<smoser> thank you
<smoser> we'd have found that anyway in a test of proposed, but that was quicker.
<frickler> jamespage: thx for the notification, for me that means that I must update my local builds in order to stay ahead of you ;-)
<ahasenack> rbasak: hi, when you have a moment, since you reviewed some of the previous uploads: https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/342208 (I'm not expecting anything for today)
<rbasak> ack
<ahasenack> nacc: I think I'm done with the nvdimm packages, would you like to take a look?
<ahasenack> otherwise, or in addition to, I'm about to follow the remaining steps of https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages
<ahasenack> via motu
<ahasenack> (assuming it was always meant to go to universe first)
<nacc> ahasenack: universe +1
<nacc> ahasenack: i can look, where should I?
<ahasenack> nacc: ppa: https://launchpad.net/~canonical-server/+archive/ubuntu/nvdimm/
<ahasenack> nacc: git:
<ahasenack> (jsut a sec)
<ahasenack> ndctl: https://code.launchpad.net/~ahasenack/ubuntu/+source/ndctl/+git/ndctl
<ahasenack> nvml: https://code.launchpad.net/~ahasenack/ubuntu/+source/nvml/+git/nvml
<nacc> ahasenack: ok
<nacc> ahasenack: do you have any response re: testing?
<nacc> actual functional testing, i mean
<ahasenack> nacc: I have responses about the packaging
<ahasenack> let me link to the first
<ahasenack> I never got an explicit "yes, it's working with our hardware"
<nacc> ahasenack: yeah that's what i'm most concerned with at this point
<ahasenack> nacc: since I took over: https://bugs.launchpad.net/ubuntu/+bug/1752378/comments/13 (comment #13 and later)
<ubottu> Launchpad bug 1752378 in Ubuntu "Please add Userspace Packages for NVDIMM support" [Medium,In progress]
<ahasenack> I can ask point blank now
<nacc> yeah that's what i'd recommend
<ahasenack> nacc: done
<nacc> ahasenack: +1
<ahasenack> thx
<nacc> ahasenack: on first glance, code looks good -- i think it'll really need an AA review, though, as I've never done a new package like this
<ahasenack> nacc: sure, and I added some lintian overrides to the nvml package
<ahasenack> about the *_dbg/ directories
<ahasenack> hopefully with enough comments on why they are needed, and for how long
<nacc> ahasenack: yep, was reading about that in the bug
<ahasenack> I understand why an AA review would be welcomed first, I just want to get rid of any potential low hanging fruit in the packaging before it's shown to an AA
<ahasenack> or, s/low hanging fruit/embarrasing mistake/
<ahasenack> and, of course, it needs to work, hence the question in the bug for a comment stating that it does work with their hardware
<ahasenack> I didn't get a reply yet in that other bug you pointed me at yesterday
<nacc> ahasenack: ack
<hashwagon> Is there a common reason why a statically set ip address set via /etc/network/interfaces would revert back to DHCP?
<hashwagon> ^ in ubuntu 16.04
<nacc> hashwagon: revert when?
<nacc> rbasak: fyi, 4 branches pushed up for review, the first 3 are i believe ready to land (i coudl use some help coming up with tests for the repo_comparator, i think
<hashwagon> I have  many servers all configured through SaltStack and about 1% of them are changing to DHCP. The last example was ~4:30PM ET today. It's been reverting about every 24 hours now on this particular system.
<hashwagon> nacc, ^
<hashwagon> Are there any other logs other than journalctl I should be going through?
<sarnold> if you don't need dhcp on these machines maybe just purge the package that supplies the daemon it winds up using?
<hashwagon> Good thought. That might complicate things as there are maintenances we go through where dhcp comes in handy.
<sarnold> oh. then that'd require more thought and nuance :)
<nacc> hashwagon: strange, i'd check syslog, journalctl
#ubuntu-server 2018-03-28
<nacc> powersj: if possible, could you look at the health of the jenkins? i'm having some of the snapcraft cleanbuild jobs randomly die
<nacc> powersj: nm, answerd in #snappy
<lordievader> Good morning
<coreycb> jamespage: i'm adding a liblasso3.symbols file to lasso for the MIR
<coreycb> jamespage: first time creating one. for the versions i only went back to precise, mainly because that's all i could access. does that make sense?
<coreycb> jamespage: following this: https://wiki.debian.org/UsingSymbolsFiles
<ahasenack> good morning
<RoyK> good localtime() ;)
<ahasenack> the best
<smoser> rbasak: https://code.launchpad.net/~smoser/ubuntu/+source/ssh-import-id/+git/ssh-import-id/+merge/342231
<smoser> that was fixed... can you re-review ? if you had anything else.
<ahasenack> why does ubuntu-server (the metapackage) pull in open-iscsi, does anybody know?
<RoyK> ahasenack: doubt it
<RoyK> ahasenack: better install the package yourself (or add it to the ansible playbook of choice)
<compdoc> never noticed open-iscsi installed on my servers
<ahasenack> compdoc: at least in bionic, the ubuntu-server package pulls open-iscsi in
<sdeziel> it's also pulled in Xenial
<sdeziel> ahasenack: my guess would be to simplify boot from iSCSI root
<compdoc> iscsiadm is installed :/
<eraserpencil> Hi! I am asking question about hosting a site on an ubuntu server. Is this the correct place?
<sdeziel> eraserpencil: yes
<eraserpencil> So I have a domain name from namecheap, a VPS on linode, name servers are set correctly (tested by going to www.mydomain.com and seeing the default "welcome to nginx page"
<eraserpencil> I got round to getting Pelican SSG, I've copied all the .html file, css and images files over to the /var/mydomain/html/ on my VPS.
<eraserpencil> But I'm not seeing any changes
<eraserpencil> Is this something got to do with waiting for it to get indexed?
<sdeziel> eraserpencil: is your nginx vhost configured to use /var/mydomain/html/ as its "root" ?
<eraserpencil> how could i check?
<sdeziel> vhost/site definitions are in /etc/nginx/sites-enabled/
<eraserpencil> ahhh
<eraserpencil> is that what is meant by root?
<eraserpencil> yes
<sdeziel> no, by root I meant https://nginx.org/en/docs/http/ngx_http_core_module.html#root
<sdeziel> which in your case should be "root /var/mydomain/html;" assuming you want to serve stuff out of that dir
<eraserpencil> ahhh
<eraserpencil> I have it commented out
<eraserpencil> but are changes instant?
<eraserpencil> if i changed the html code
<sdeziel> eraserpencil: when you changes files served by nginx it's immediate
<sdeziel> but when you change nginx configs, they are not picked up automatically, you need to reload nginx for that (sudo service nginx configtest && sudo service nginx reload)
<eraserpencil> kk thanks.. that means something is broken
<ahasenack> nacc: hi, do you know something about tomcat in bionic? In particular, why do we seem to have tomcat8.0 and tomcat8?
<ahasenack> and tomcat8 (not 8.0) seems to have many more binary packages
<nacc> ahasenack: 8.0 is probably referring to 8.0.x versus 8 is at 8.5?
<nacc> ahasenack: i'm not sure, though, let m elook
<nacc> ahasenack: also, the 8.0 may be purely for libs that other packages need that aren't compatible with 8.5?
<ahasenack> it's what I'm thinking
<ahasenack> that 8.0 is for legacy stuff
<nacc> ahasenack: we did have a tough time transitioning to 8.5, for freeipa and dogtag-pki, iirc
<nacc> ahasenack: https://bugs.debian.org/cgi-bin/b
<nacc> bah
<nacc> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876115
<ubottu> Debian bug 876115 in wnpp "ITP: tomcat8.0" [Wishlist,Fixed]
<ahasenack> yeah, freeipa is what I'm looking at now, and that led me to tomcat8x
<ahasenack> that's good info, thanks
<ahasenack> I think it's also incompatible with java9, according to an error message I saw
<ahasenack> I'll try with java8
<nacc> ahasenack: yeah, i'd believe that
<nacc> powersj: so i'm thinmking to test the snapcraft fix (pending), could we add a PPA to the xenial VM spawned?
<powersj> nacc: here's the script I run https://github.com/canonical-server/test-scripts/blob/master/git-ubuntu/vm_setup
<powersj> You can give it a spin locally
<nacc> powersj: thanks
<nacc> rbasak: fyi, found a bug in source_builer, i'll push it separately
<nacc> rbasak: hey and first import parenting test bumped us to 40% coverage on importer.py :)
<nacc> rbasak: up to 43% coverage of importer.py :)
<nacc> rbasak: it's amazing how easy it is to write tests now!
<nacc> powersj: each jenkins job gets a fresh VM right?
<powersj> nacc: yes
<nacc> powersj: ack, ok
<nacc> powersj: we might be hitting a nuance of cleanbuild, per the latest analysis, which we might be able to avoid using (since we are going to start a fresh VM, we don't tehcnically need to spawn the lxd in it, i don't think)
<nacc> powersj: just an FYI, it's still being analyzed by snapcraft folk
<powersj> ok :) thanks for update
<powersj> where is this discussion happening?
<nacc> powersj: PM currently with kyrofa, but there is a pending PR on github
<powersj> ok
<ProCycle> I'm messing around with self-signing SSL keys and noticed that in /etc/ssl/certs everything in there is world writeable (the CA certs)
<sarnold> the symlinks? or the actual files?
<ProCycle> Why is it like that? isn't that a security risk? (other people can replace ca keys with thier own
<ProCycle> I guess they're all symlinks
<ProCycle> I'm trying to figure out where I put my internal CA key and the certificate. I've already got the private key in /etc/ssl/private
<ProCycle> Oh I see it now. There's so many results in there it makes it hard to find the actual files. ssl-cert-snakeoil.pem is read only except for the owner
<sarnold> you can try e.g. find /etc/ssl -type f -ls   to see just the files
<ProCycle> I don't know how symlinks work, do they actually have permissions or is ls -l just displaying it that way because they're symlinks?
<sarnold> linux doesn't care about the permissions on symlinks
<sarnold> chmod(2) doesn't even have a way to change them
<sarnold> they can still get non-777 modes via other filesystems, fuse, etc., but I don't think linux even follows the permissions when they're set that way.
<ProCycle> So whatever the actual file has is what the effective permissions are on the symlink
<sarnold> there's some nuance that the YAMA security module influences if symlinks are followed or not
<ProCycle> And to create symlinks you'd need write perms to the directory right?
<sarnold> yes
<ProCycle> makes sense, thanks for the clarification
<sarnold> thanks for double-checking :D
<ProCycle> I'm writing a guide for internal nginx servers with internal CA signed certs so I want to make sure I get things right
<sarnold> nice
<ProCycle> shame there's no certbot for internal CAs, would make things so much easier
<nacc> rbasak: fyi, just force-pushed import-tests, which is now a little better organized and more unit tests (still not at a 100% for added code, but 30% bump in importer.py coverage is pretty good :)
#ubuntu-server 2018-03-29
<nacc> rbasak: powersj: fyi, i'm testing (https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/357/) some further fixes to our snap that may unwedge CI
<nacc> thanks to kyrofa's help
<nacc> i'll need to run it a few times ( powersj if there's any way you can clone that same job 3 or 4 times easily, that'd be great), as that's what failed before (about 1/4 of times run in parallel)
<nacc> oh i'll just rebuild it a bunch
<nacc> rbasak: hrm, our reimport tagging needs to apply to applied/ too, doesn't it?
<nacc> rbasak: does it look werid to have applied/reimport/0 ?
<nacc> powersj: rbasak: it does look like it fixes it
<nacc> rbasak: so i'll need to rebase my branches so we get clean CI runs, if that's ok with you?
<nacc> contentfully the same for you
<nacc> powersj: rbasak: pushed to master, but i'll hold off on rebasing just for rbasak's sake
<nacc> rbasak: actually, i lied, i'm going to push over the top to retrigger CI
<nacc> rbasak: branches pushed, should pass CI in all 4 cases
<lordievader> Good morning
<OpenTokix> What is the kernelversion in 18.04?
<ducasse> OpenTokix: 4.15.0.13 atm
<OpenTokix> ok, nice
<gunix> is there any other method for complete unattended install for ubuntu ? cause MAAS is failing really bad
<OpenTokix> gunix: preseed
<gunix> OpenTokix: yea, and pxe boot
<gunix> OpenTokix: when I try to PXE boot from the ubuntu install ISO i get an error because the format is not correct
<gunix> OpenTokix: is there any blog on how to prepare iso images for pxe boot so that they work?
<OpenTokix> no, preseed with iso is broken
<OpenTokix> why would you ever do that?
<gunix> OpenTokix: i didn't add preseed to the iso
<OpenTokix> Dont boot the iso from pxe
<gunix> OpenTokix: i just tried to boot the iso via PXE and it failed
<OpenTokix> You just boot the kernel + initrd, and fire of a netinstall
<gunix> than how do i boot ?
<gunix> hmm.
<gunix> OpenTokix: do you have a tutorial for that ?
<OpenTokix> gunix: hold on, I am preparing a pastebin for you
<gunix> OpenTokix: you are kind. thank you.
<OpenTokix> gunix: https://pastebin.com/S2BBwKuH
<OpenTokix> gunix: this is what I use fro 16.04
<OpenTokix> This will give you swedish keyboard layout, for us, change all sv/se to us and you will be fine. - I keept it because to get correct layout was non-trivial D:
<OpenTokix> :D
<OpenTokix> This is both location of installer binaries, pxe config and preseed file in the same paste. - Also username and password is: ubuntu for this install.
<gunix> OpenTokix: where did you add that PXE boot section ?
<OpenTokix> gunix: in the configuration my tftp-server.
<OpenTokix> https://debian-administration.org/article/478/Setting_up_a_server_for_PXE_network_booting
<OpenTokix> It's the same for all debian and derivates.
<gunix> OpenTokix: does it work with http server or do you really need tftp ?
<OpenTokix> gunix: yes, pxeboot support only tftp
<OpenTokix> but you pull the preseed from http.
<gunix> OpenTokix: does it default to the LABEL 2 when you boot?
<tomreyn> ipxe supports http(s) network booting
<gunix> i mean, from what i understand, that will be a boot option
<tomreyn> but you'd need to get ipxe installed ony our NIC / system firmware beforehand
<gunix> tomreyn: yes, that would help, since we already have nginx in the network ...
<gunix> tomreyn: the system is proliant gen9
<tomreyn> just one system?
<gunix> tomreyn: about 6 or 7
<gunix> tomreyn: i will get about 50 more incoming but not all gen9, some gen7 and gen 8
<gunix> so i don't know if the old tech can do ipxe
<tomreyn> uuh those are eol
<gunix> tomreyn: yes.
<gunix> poc infra.
<tomreyn> i have no first hand experience with ipxe on proliants. there's this https://community.hpe.com/t5/ProLiant-Servers-ML-DL-SL/UEFI-iPXE-and-Service-Pack-for-ProLiant-SPP/td-p/6933534
<tomreyn> (result of a quick web search)
<gunix> weechat and links ...
<tomreyn> http://ipxe.org/howto/romburning
<gunix> tomreyn: i think i just figured out something
<gunix> tomreyn: i don't need to set this up. ilo can boot the iso from the network and i just add the preseed to the iso
<gunix> the only problem is, i need a centralised way to change boot order on all servers
<tomreyn> hp ilo booting off an iso requires manual interaction, though, i guess
<gunix> if the iso has preseed than it shouldn't need it
<tomreyn> ok, good luck :)
<gunix> :D
<tomreyn> there are hp utilities / services / servers to manage ilo configurations centrally. i forgot the name, though, and i think you also need an extra license for that.
<gunix> tomreyn: IPMI can change boot order too, but i tried that and it didn't yield the results i was expecting
<gunix> and AFAIK ilo has some sort of API
<gunix> i need to inspect
<tomreyn> yes it does, it's ugly, though
<tomreyn> ipmi doesn't seems like a hp concept ;-)
<RoyK> iirc iLO supports IPMI
<OpenTokix> gunix: no, you have to configure your pxe-server.
<ahasenack> rbasak: hi, do you think you could review https://code.launchpad.net/~ahasenack/ubuntu/+source/ubuntu-advantage-tools/+git/ubuntu-advantage-tools/+merge/342208 today?
<ahasenack> I'm off tomorrow (holiday), and monday is the final freeze
<ahasenack> nacc: hi, do you think you could look at https://bugs.launchpad.net/ubuntu/+bug/1752378 today? I'm off tomorrow (holiday)
<ubottu> Launchpad bug 1752378 in Ubuntu "Please add Userspace Packages for NVDIMM support" [Medium,In progress]
<rbasak> ahasenack: I'll take a look
<rbasak> ahasenack: do you happen to have any bileto knowledge?
<ahasenack> no
<ahasenack> just that it exists
<ahasenack> but since I couldn't use it, I didn't read about it
<rbasak> OK
<rbasak> ahasenack: stopping for lunch. I'll continue when I'm back.
<ahasenack> sure, thx
<kabar> i am getting error while installing wordpress.. need argent help
<kabar> Reload : postfix   [OK] Reload : nginx     [OK] Restart : php5.6-fpm[OK] Reload : mysql     [OK] Running pre-update checks, please wait... Setting up NGINX configuration  [Done] Setting up webroot              [Done] Downloading WordPress           [Done] Setting up database             Oops Something went wrong !! Calling cleanup actions ... 'ee_mysql_grant_host'
<RoyK> kabar: check the logs - looks like the mysql grants failed
<kabar> Royk: how i check log
<RoyK> not sure where they may be - I've never installed wordpress from packages
<kabar> ok brother
<ahasenack> well, start in /var/log
<ahasenack> if that output was from a php script displayed in your browser, check the apache logs in /var/log/apache<tab><tab>
<kabar> dont get it
<RoyK> kabar: perhaps /var/log/dpkg.log
<RoyK> ahasenack: that php script was probably run directly, not through apache, as installers mostly do
<RoyK> kabar: you may want to consider installing wordpress from source - there's a *ton* of updates that never reaches the repos
<rbasak> ahasenack: I don't see any tags "upstream". Which commit on Github matches the current state of Bionic please, and which is the one from which you're uploading?
<ahasenack> rbasak: I'm releasing on github after ubuntu
<ahasenack> rbasak: I'm treating ubuntu as the upstream
<kabar> log is so big
<rbasak> ahasenack: I'm just after the broken down commits for the change please. Where can I find those?
<ahasenack> there are no broken down commits in the lp branch, since there are no changes in debian/ and it's a new upstream
<ahasenack> I see where you are getting at, though. If I'm treating ubuntu as the upstream, you will want to see every individual commit there?
<ahasenack> there are commits/merges that do not warrant an entry in d/changelog
<ahasenack> otherwise it would be a git log
<rbasak> ahasenack: I just want to review the diff, and it would be easier if broken down.
<ahasenack> rbasak: would you do that if this were not a native package? Review each change in, say, a new apache tarball?
<ahasenack> not do, but require
<ahasenack> sorry
<ahasenack> I can break it down but one commit would be like "cleanups". The others would match the d/changelog entries
<rbasak> ahasenack: I'm only interested in the packaging implications. For apache, that's pretty evident from the debian/ directory. For this package, though, it pretty much is all packaging so the "upstream" changes are relevant.
<ahasenack> for example, a change like this:
<ahasenack> -install_package_if_missing_file() {
<ahasenack> +apt_install_package_if_missing_file() {
<ahasenack> that's just previxing apt functions with apt_
<ahasenack> I wouldn't mention this in the changelog
<ahasenack> d/changelog, that is
<rbasak> Yeah so if that were in its own commit, I could see that and ignore it.
<rbasak> Making the diff that I do need to review smaller.
<ahasenack> I see
<ahasenack> so I can have changes, small ones let's say, in the git commit log, that are not mentioned in d/changelog, as long as the commit log is self explanatory, is that ok?
<rbasak> ahasenack: I would probably say something like "Other trivial miscellaneous changes; see git log for details" in the changelog or something.
<rbasak> ahasenack: but then Vcs-Git really needs to point to something that has the changes.
<ahasenack> rbasak: the vcs-git url is correct, you just won't find matching commits between that and launchpad, not even commit messages
<ahasenack> lp is not a mirror
<smoser> rbasak: ok.. so imporer..
<smoser> importer
<smoser> ssh-import-id https://git.launchpad.net/ubuntu/+source/ssh-import-id/tree/
<smoser> has ssh_import_id.egg-info/ dir that i dont know where they came from.
<smoser> they're not in ssh-import-id_5.5.orig.tar.gz
<smoser> $ tar tvzf ../ssh-import-id_5.5.orig.tar.gz  | grep egg
<smoser> $ tar tvzf ../ssh-import-id_5.5.orig.tar.gz  | grep egg
<smoser> $ tar tvzf ../ssh-import-id_5.5.orig.tar.gz  | grep egg || echo "no eggs"
<smoser> no eggs
<smoser> oh. i see they're in ssh-import-id_5.5-0ubuntu1.diff.gz
<rbasak> Oh. It's a version 1 package?
<smoser> i guess, yeah :)
<smoser> so how would you do this SRU ?
<RoyK> smoser: you don't need the z in that tar command when extracting - it's automatic
<smoser> RoyK: yeah, thanks. but my fingers dont remember that.
<RoyK> hehe
<rbasak> rharper, dpb1: https://www.reddit.com/r/Ubuntu/comments/880spj/systemd_ifdown_hook_services_for_individual/
<rharper> rbasak: networkd-dispatcher is a possiblity
<rbasak> rharper: yeah that's why I pinged you :)
<nacc> rbasak: fyi, i'll keep adding tests to my last branch
<powersj> nacc: it looks like there is a race in the vm_setup script when you launched multiple of them at the same time.
<rbasak> nacc: thanks. It seems unlikely I'll get to reviewing it any time soon now though :(
<powersj> One job was still creating a VM and then when a 2nd tried to run uvt sync it throws the libvirterror
<nacc> rbasak: understood; how did you want to proceed with that, given the time crunch(ish)
<nacc> i can try and get 100% coverage of all added code
<nacc> (i'm hoping i can get to 100% of importer.py, tbh)
<nacc> powersj: :)
<rbasak> nacc: I don't mind you continuing to work on it provided that it doesn't make my reviews unwieldy and big. If that's going to happen, I think you should hang back.
<rbasak> nacc: too much stuff pending review makes things exponentially difficult :(
<rbasak> And IMHO, the only reasonable way to handle that is to reduce velocity.
<nacc> rbasak: yeah, just a bit frustrating in that stuff is getting pushed further and further back that is ready now
<nacc> :)
<nacc> rbasak: 'unwieldly' is relative. the last commit that just adds test is up to about 600 lines
<nacc> but it's all tests
<gunix> is there any way to export the preseed config after install, like on centos?
<ChmEarl> gunix, /var/log/installer/cdebconf/questions.dat also answers.dat... not sitting at debian now
<nacc> gunix: debconf-get-selections is the same as above
<nacc> but not everything is preseedable
<gunix> ChmEarl: how do i transform that into a preseed config?
<ChmEarl> nacc +1
<nacc> gunix: you ... generally can't, iirc
<nacc> gunix: these days, people make image snapshots
<nacc> gunix: it's not typically worth the cost to re-install multiple times
<gunix> nacc: what if you want to run tests on an environment and want to reinstall a bare metal server 5 times per day?
<nacc> gunix: you installed by hand once? preseed from the get-go
<gunix> nacc: how do i get the preseed from the get-go ?
<nacc> gunix: you start with the default preseed
<nacc> customize it from there
<gunix> nacc: on centos you get a file called "anakonda" after the install, which can be used to kickstart all new installs
<gunix> and it provides a fully automated feeling to the install
<nacc> gunix: yes, i know.
<nacc> gunix: ubuntu and debian do not.
<gunix> :D
<nacc> gunix: a lot of people do what i suggest and are able to get to the preseed they want
<nacc> then they just use that, basically, forever, IMO
<gunix> nacc: ok, so i should install get-go and generate a preseed with it ?
<nacc> gunix: 'get-go' was a turn of phrase sorry
<nacc> gunix: start with a preseed, then work from there
<gunix> oh
<nacc> gunix: http://blog.dustinkirkland.com/2011/03/ubuntu-server-quick-install-no.html e.g.
<gunix> ok, i will try to tweak a preseed. i have multiple examples
<gunix> but was trying to avoid that
<gunix> but it seems to be the easiest way to do this
<nacc> gunix: yeah, that's my recommendation
<nacc> gunix: get one that works, first, then tweak from there
<gunix> nacc: ok, thank you!
<nacc> gunix: np, good luck!
<akern07> Has anyone ever resized a partition in ubuntu server?
<dpb1> yes
<RoyK> akern07: gparted is quite easy to use
<akern07> I was wondering how to resize a partition in ubuntu server after extending the size of my virtual machine in VM.
<dpb1> what filesystem are you using?
<TJ-> akern07: you could use 'parted resizepart ...'
<akern07> I think it's the primary volume
<gunix> nacc: how do i encrypt password for d-i ?
<JanC> you first need to resize the partition (e.g. with 'parted'), then resize the filesystem (e.g. with 'resize2fs')
<xinobi> does fcgi handles sessions differently from mod_php?
<jerichowasahoax> reposting the response i provided in #ubuntu, for convenience:
<jerichowasahoax> the only thing i can think of is if nginx is loading a different php.ini file, some session related configuration variables might be different
#ubuntu-server 2018-03-30
<xinobi> jerichowasahoax my server only has these php.ini files /etc/php/7.0/fpm/php.ini /etc/php/7.0/cli/php.ini
<jerichowasahoax> xinobi: well it's not using the cli one, that's for sure
<jerichowasahoax> xinobi: i was hoping there would be an /etc/php/7.0/apache2 as well, though, for you to double check
<xinobi> jerichowasahoax exactly so I believe that my php.ini has something missing
<jerichowasahoax> xinobi: because i'm on apache2 and that's where minei s
<xinobi> jerichowasahoax: no /etc/php/7.0/apache2 is not present in my system
<xinobi> jerichowasahoax I'll try to figure this later have a nice time ;) thank you
<mojtaba> Hello, does anybody know what could be wrong with this command?
<mojtaba> (09:01:58 PM) mojtaba: if [ $(df /home/osmc/Movies/Cartoon/ --output=pcent | awk -F '%' 'NR=2{print $1}') -ge 80 ]; then echo "hi";fi
<mojtaba> I don't know awk, I found this on the web.
<mojtaba> I am going to check if a mounted drive is used more than a specific amount.
<mojtaba> What I am getting is: -bash: [: too many arguments
<dpb1> mojtaba: first step is simplify, just run df /home/osmc/Movies/Cartoon/ --output=pcent
<dpb1> mojtaba: then, build up
<mojtaba> dpb1: sure, thanks
<dpb1> but, the answer is, you are missing a closing paren (at least)
<mojtaba> I see
<mojtaba> brb
<soahccc> Hey I just shredded my mysql server (I uninstalled it, tried to install mariadb, it failed, can't install mysql anymore). I purged every mysql/mariadb package, removed /etc/mysql and /var/lib/mysql and tried to reinstall mysql server. It just doesn't start up with no error whatsoever :S
<soahccc> anything I missed?
<sikun> soahccc, try apt-purge mysql*
<sikun> I remember doing something similar and I think that is what I ended up doing
<sikun> I mean, apt purge mysql*  (no dash of course)
<JanC> sikun: that could also purge some mysql-related tools which aren't part of mysql
<JanC> and I guess soahccc would also want to purge everything that's part of mariadb
<gunix> OpenTokix: i try to use your preseed and i am stuck because it doesn't find any root partition
<gunix> nevermind, i figured that out
<gunix> i added the preseed to an ubuntu iso, made it completely unattended, however proliant servers refuse to boot it
<gunix> the iso works great with vms
<gunix> but the proliant server refuse it
<gunix> and the proliant servers do work great with normal ubuntu iso
<gunix> this is very confusing
<powersj> gunix: do you even get the language selection screen? any flash of the start of an install? how are you booting it?
<powersj> oh and how did you add the preseed
<gunix> powersj: there is no language selection screen. it is fully automated
<dpb1> gunix: you'll need to describe what happens more than "refuse it" :)
<gunix> dpb1: it tries to boot from other sources instead of the iso
<gunix> dpb1: it just completely ignored i added the iso from iLO
<dpb1> my first suspicion would be corrupted media
<gunix> dpb1: than how does the media work on KVM vms ?
<dpb1> as that has happened to me more times than I count
<gunix> dpb1:  if it's corrupted, why does it work with kvm? it goes through the full install
<dpb1> same disc?
<dpb1> or are you using the .iso
<gunix> dpb1: yes, same disc lol
<gunix> dpb1: the same exact iso is working on KVM vms, but is not working in the proliant
<dpb1> not iso
<dpb1> same physical disk
<gunix> what are you talking about?
<gunix> are you talking about a physical CD/DVD ?
<dpb1> "the same exact iso is working on KVM vms"
<dpb1> yes, physical disc
<gunix> dpb1: omg man
<gunix> dpb1: you don't need to burn CDs, it's not 1999
<dpb1> so you are blinking the .iso over there?
<gunix> dpb1: you can add the iso to KVM VMs via virt-manager, and to iLO via web interface... in iLO you add the http address of the .iso and in virt-manager you need the .iso to be on the same server as the libvirt/qemu/kvm services
<dpb1> good, getting details now
<gunix> dpb1: in iLO i tried to add the normal .iso (located on THE SAME web server)
<gunix> so tcp connection can't be an issue
<dpb1> and your ilo mount of the standard ubuntu-server .iso works
<gunix> yes
<gunix> :(
<compdoc> virt-manager is awesome
<gunix> compdoc: yea, i run virt-manager on my local system and connect it to the server from the DC. it's great :D
<dpb1> gunix: can you try another physical server?
<gunix> dpb1: i tried two physical servers, but both gen9
<gunix> this are the files i change in the iso, before repackaging it: https://github.com/TommyKTheDJ/hydra/commit/2741997149d0fdcf96e5d947f32b3dab7bf49157
<gunix> this is the command I am building the iso with:
<gunix> mkisofs -D -r -V "UNATTENDED_UBUNTU" -cache-inodes -J -l -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o /opt/ubuntu16-desktop-unattended-install.iso /opt/ubuntuiso
<dpb1> ya, dunno, that looks okish to me, and clearly the kvm test case is proving your .iso isn't DOA.
<gunix> yes :(
<dpb1> my next guess would be something EFI vs legacy
<dpb1> that's intentionally handwavy
<gunix> i can try to switch the server to bios
<gunix> but afaik the iso has some efi flags
<powersj> also check for secure boot, but switching to legacy would be best as I'm willing to bet you weren't using EFI with virt-manager
<gunix> dpb1: holy fuck, it's working on bios
<gunix> powersj: yea, that's what i thought after dpb1 mentioned it. virt-manager can't be using efi
<gunix> i need to go agian through the process of creating the dvd. must be something there that damaged efi
<gunix> *creatig the .iso, not the DVD
<gunix> thank you for the help, guys, i can move forward now!
<dpb1> gunix: good luck
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> .-.            .-.
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> /   \          /   \
<PhoulJAOF9K> |   _ \        / _   |
<PhoulJAOF9K> |   _ \        / _   |
<PhoulJAOF9K> |   _ \        / _   |
<PhoulJAOF9K> |   _ \        / _   |
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> '. '.;'    ';,' .'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> './ _    _ \.'
<PhoulJAOF9K> .'  a __ a  '.
<PhoulJAOF9K> .'  a __ a  '.
<PhoulJAOF9K> .'  a __ a  '.
<PhoulJAOF9K> .'  a __ a  '.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> .--'\   '-'  '-'    /'--.
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> _>.__  -- _.-  `;
<PhoulJAOF9K> .' _     __/     _/
<PhoulJAOF9K> .' _     __/     _/
<PhoulJAOF9K> .' _     __/     _/
<PhoulJAOF9K> .' _     __/     _/
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> '-,.__/  _   .-.  ;|_
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> /` `|| _/ `\/_  \_|| `\
<PhoulJAOF9K> |    ||/ \-./` \ / ||   |
<PhoulJAOF9K> |    ||/ \-./` \ / ||   |
<PhoulJAOF9K> |    ||/ \-./` \ / ||   |
<PhoulJAOF9K> |    ||/ \-./` \ / ||   |
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> jgs .'  \ =  _= _ = _= /`\
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> /     `-;----=--;--'   \
<PhoulJAOF9K> \    _.-'        '.    /
<PhoulJAOF9K> \    _.-'        '.    /
<PhoulJAOF9K> \    _.-'        '.    /
<PhoulJAOF9K> \    _.-'        '.    /
<PhoulJAOF9K> l t x d a   l a g a r c i a   V o l u n d   m i k e - z a l   A z t e c 0 3   b a l d e r s o n   l e d _ i r 2 2   D e n B e i r e n _   f a t d r a g o n   P e s t   N e o 4   k i r k l a n d   V e r y _ s l o w   c o m p d o c   p m a t u l i s _ _   k n e e k i   F r e e j a c k   k a r l t h a n e   n e i l o y   N i z u m z e n   D i e m u z i   p a t d k - l p   v 1 2 a m l   m e m i n e m y _   T J -   b e a t z z  
<PhoulJAOF9K> ltxda lagarcia Volund mike-zal Aztec03 balderson led_ir22 DenBeiren_ fatdragon Pest Neo4 kirkland Very_slow compdoc pmatulis__ kneeki Freejack karlthane neiloy Nizumzen Diemuzi patdk-lp v12aml meminemy_ TJ- beatzz Aison adac disposable2 mikal Oatmeal ptx0 mhache m_tadeu y0sh lordievader ktosiek trevor_s DalekSec Thumpxr marlinc compuguy freakyy soren_ jgornick_ tdn apw Piper-Off logan- vtapia pjdc a1berto dino82 Mercury_Vap
<Volund> ....if you say so man
<Volund> wtf was that ASCII bomb supposed to be anyways
<dpb1> ah, I'm close
<dpb1> some kind of mouse?
<dpb1> https://paste.ubuntu.com/p/rQmzKzd23d/
<qman__> my guess is an easter bunny
<gunix> when you spam, at least spam right
<gunix> any idea why "d-i netcfg/choose_interface select eno1" is not picking eno1 ?
<gunix> i get an option to select the primary network interface
<gunix> through the setup
<nacc> gunix: is it actually called eno1 at that point?
<gunix> let me try to screen picture it for you
<gunix> nacc: https://ibb.co/muaWAS
<gunix> nacc: already tryed to add it to append too: https://bpaste.net/show/90dded721504
<gunix> but no idea if i did something wrong or not
<nacc> gunix: how are you serving your preseed ?
<gunix> nacc: it's part of the .iso
<gunix> i rebuild the iso with the preseed as part of it
<nacc> gunix: ok, you might need to preseed more (iirc, it prompts unless you pressed something else) -- google for NQA preseed
<powersj> you can also look at the syslog to see why it asked you a question
<nacc> powersj: ah nice
<powersj> it should say something like "X not answered", "asking..." or something like that
<powersj> although your verbosity may need to be turned up for that
<powersj> that's how we debug the ISO smoke tests when we have issues
<gunix> nacc: https://help.ubuntu.com/community/Cobbler/Preseed
<gunix> here he configures it probably for 1 single interface and that's why it works with no option
<nacc> gunix: i'd try what powersj is saying to debug
<gunix> powersj: how do i turn on verbosity ?
<powersj> gunix: first take a look at 'syslog' on the system during an install and see what it says it may already have enough
<gunix> powersj: ok, dropping to shell\
<gunix> how am i supposed to scroll up without less ? :D
<gunix> it doesn't accept shift + pageup :D
<gunix> cat syslog | grep -i net | more
<gunix> ...
<powersj> if you are using less you can use 'u' for up half a page and 'd' for down
<powersj> the issue will be towards the very end, should be last 50 or so messages unless you have tried things since then
<gunix> warning couldn't read wpasupplicant pid file, not trying to kill
<gunix> info: couldn't find BOOTIF= entry in /proc/cmdline
<gunix> nothing else that looks suspicious
<powersj> gunix: are you seeing any messages with 'debconf' in the syslog: https://paste.ubuntu.com/p/ZJDRxhg92N/
<powersj> there would be 100s of messages if there are
<powersj> it is very, very verbose
<gunix> powersj: i rebooted :D
<powersj> lol
<gunix> i need to wait 10 mins
<powersj> in either case if there are no messages you can rebuild your ISO with the following added to the append option, so instead of 'quiet' have 'DEBCONF_DEBUG=developer'
<gunix> powersj: i will grep for debconf and netcfg next time
<powersj> and that will make sure these messages show up
<powersj> it is perfect for debugging these types of issues
<powersj> it will spit out each question that is asked how it is responded to and if something comes up or a question is not answered it will be right there in syslog
<gunix> powersj: how do you know this stuff? this is nowhere on the internet :D
<powersj> gotta ask the right question
<powersj> ;)
<powersj> and because I foster the ubuntu server ISO tests I had to pick up some ISO/debconf know-how
<gunix> what does foster mean? :D
<powersj> nurture :) own?
<gunix> yea :D
<powersj> take care of
<gunix> yea
<gunix> you work at canonical ?
<powersj> yes
<gunix> nice!
<gunix> not enough debconf messages ///
<gunix> powersj: i have only 4 messages from debconf
<gunix> all for setting up debconf/language
<nacc> rbasak: dpb1: up to 58% coverage ... and i am almost finished getting actual commit-level comparison correct
<nacc> (which is our hash-level testsing)
<powersj> gunix: heh well then you are going to want to rebuild your ISO with that debug option
<gunix> powersj: i did
<powersj> hmm
<gunix> powersj: now i am getting confused about the iso
<gunix> powersj: yes, i was not using the right iso. great.
<powersj> heh
<gunix> what can i say, at least i learned something ...
<nacc> powersj: do you have a moment for some mock assistance?
<powersj> nacc: yeah - however rharper may be more useful :)
<nacc> powersj: rharper: to ensure Git commit hashes are consistent, I want to stub out some functions that we use for generating the commit and tag messages
<nacc> powersj: rharper: so I am trying to use unittest.mock.patch() as a decorator to my test function
<nacc> but since this in a file that does 'import gitubuntu.importer as target', i think gitubuntu.importer has already been imported, so patching it has no effect when i'm trying to patch a module-level method
<powersj> link to the file? Were you trying something like: @patch('gitubuntu.importer.method_name')
<gunix> powersj: it powered through the entire install now. it's booting the system on 2 servers atm
<powersj> gunix: \o/
<powersj> gunix: what did you have to fix?
<gunix> nacc: powersj: dpb1: thank you for your help these days
<nacc> gunix: yw
<nacc> powersj: one memoent
<nacc> powersj: and yes
<gunix> powersj: well a lot of stuff a long the way. the last part was an error in the documentation that had the right text in the hyperlink but was pointing to the wrong link ...
<powersj> gunix: so the debug messages were helpful?
<nacc> powersj: rharper: http://paste.ubuntu.com/p/Snhcg9HTvR/
<gunix> powersj: so it actually said ubuntu16-preseed.iso but it was pointing to ubuntu-preseed.iso :D
<nacc> powersj: lines 598/599
<gunix> powersj: it was helpful you asked me to look for the debug message. because when i configured them and they didn't show up, it was clear that i was using the wrong iso :)))
<nacc> powersj: and i'm trying to use the decorator, because if i do it inline in the testmethod, it leaks to later test methods
<nacc> powersj: i could use a context manager instead, i guess
<nacc> just feels like it shouldn't be necessary
<powersj> nacc: currently that test just fails as your return values are not set or does it even run?
<nacc> powersj: it runs, but the mock has no effect
<nacc> (afaict)
<nacc> powersj: hold on may be PEBKAC
<nacc> powersj: ok, it worked, nm
<nacc> powersj: sorry!
<powersj> nacc: curious what was up
<nacc> powersj: i had made a typo, and so i had 6 failing tests instead of 5, the 6th was a red herring as it wasn't fully patched
<nacc> s o it was showing me irrelevant, but bad data
<powersj> ok :)
<hashwagon> What's the best way to flush dns on 16.04 server?
#ubuntu-server 2018-03-31
<skylite> why does sudo -u someuser bash -c "for i in {1..5}; do echo $i; done" not work the way expected?
<jerichowasahoax> skylite: because you didn't escape the $
<jerichowasahoax> skylite: so $i was expanded when the command line was processed, and since $i was empty then, you ended up with "for i in {1..5}; do echo ''; done"
<skylite> but it prints 5 five times
<jerichowasahoax> because of your for loop, yes
<jerichowasahoax> it set $i to 1, then ran an empty echo line, then set $i to 2, etc etc
<skylite> I dont really see how escaping solves this issue
<jerichowasahoax> it prevents $i from being expanded when processing the inital command line
<skylite> I tought escaping makes the shell interpret $ as a character and not as a variable sign
<jerichowasahoax> yes
<jerichowasahoax> the shell you're typing your command line into no longer interprets that as a variable to expand
<jerichowasahoax> so, it passes the string $i as a command line parameter
<skylite> I see
<jerichowasahoax> and THAT shell that you're running sees "$i", and goes "oh, a variable!"
<jerichowasahoax> remember, there's two shells here
<jerichowasahoax> the "bash -c" in your command line, and the shell you're running that command line in
<skylite> jerichowasahoax: thx
<jerichowasahoax> skylite: np
<ShriHari> hello
#ubuntu-server 2018-04-01
<Emeriss> A very good easter all
<mojtaba> Hello, I want to keep a reverse ssh always open, do you have any suggestion? Also re-run after restart of the machine.
<mojtaba> and of course when the source come back online again.
<andol> mojtaba: autossh, and starting it as a (systemd) service.
<mojtaba> andol: Do you have any link for the configuration.
<andol> mojtaba: A Google search mentioning autossh and systemd gives you plenty of suggestions.
<mojtaba> andol: thanks
<mojtaba> Hello, do you know what should I do when I am using rsync to deal with the file names containing non-english characters?
<mojtaba> I get invalid argument (22)
<tomreyn> mojtaba: try quoting them
<tomreyn> or rather the entire argument
#ubuntu-server 2019-03-25
<lordievader> Good morning
<xrandr_mac> Can I install ubuntu server from. The network install cd?
<RoyK> xrandr_mac: so long that you have network access during the installation, yes - I've used that a lot
<RoyK> any idea what to do when I try to make a package and I get this error? http://paste.debian.net/1074553/
<supaman> RoyK: is there a debian directory and it contains a changelog file?
<RoyK> supaman: there's a debian dir, but no changelog file, so I forged one and with a little trouble, it worked
<supaman> great :-)
<coreycb> jamespage: sahid: i'm going to sweep up the remaining rc's for stein. i don't think there are many.
<PaulePanter> Hi. Installing ubuntu-server (bionic), I am only asked to configure the DNS server by the installer and not the rest of the network configuration (DHCP/static).
<sahid> coreycb: ack, do you need some help? I can do some
<PaulePanter> I then have to edit the netplan configuration manually in the live system.
<coreycb> sahid: i think we're good, thanks. we can split up the final release when that comes around.
<sahid> coreycb: ok sure we will do that :)
<coreycb> sahid: james has smoke tests passing on the current proposed packages so we'll re-run that and we'll need to manually test dashboards
<jamespage> coreycb: ta - just a few I think
<sveinse> Trying to install latest ubuntu 18.04 LTS server on a VM and the installer crashes when I'm trying to set manual ipv4 address, starting the installer all over again :(
<sarnold> that sounds vaguely familiar
<tomreyn> sveinse: probably bug 1816954
<ubottu> bug 1816954 in subiquity (Ubuntu) "Unable to show Info nor Set static IP during install" [Undecided,Fix committed] https://launchpad.net/bugs/1816954
<Maxel> hi, I ran into a problem I thought I solved but apparently did not. My boot partition is only 500mb and it has 0 bytes free. I was trying to do an upgrade and now I'm stuck
<Maxel> I see some guides saying I can boot from a different disc of linux and try to repartition the disk, but wanted to see if anyone thinks that's a terrible idea on here before I accidentally break something
<mwhudson> Maxel: are you booted?
<sveinse> Maxel: It happened to me all the time on my old server. You probably have older kenels taking up all the space. uninstall them first, and then you can install the upgrade
<sarnold> I wouldn't go down that route, no..
<Maxel> yeah, it's a vm I have
<mwhudson> you should be able to remove some kernels
<Maxel> running on esxi
<sarnold> I'd just truncate some kernels with "> /boot/vmlinuz-...." -- pick old ones
<sarnold> then dpkg --purge that old version
<Maxel> I would like to solve the tiny boot partition eventually, but I need to free up some space first
<mwhudson> what does dpkg -l linux-image-*-generic | grep ^ii show?
<Maxel> remind me what the util to pipe output to pastebin is?
<mwhudson> pastebinit
<Maxel> http://paste.ubuntu.com/p/VWc835NQ4F/
<mwhudson> yes ok you probably don't need all of those :)
<sarnold> try to keep the newest one or two, and whatever kernel you're running now
<Maxel> I think I messed this up once though, what's the safe way to remove these? I just deleted the files and got myself in trouble
<mwhudson> apt remove linux-image-4.4.0-134-generic
<mwhudson> (for example)
<mwhudson> like sarnold says probably best not to remove the kernel you are actually running
<sarnold> truncate one file with > /boot/vmlinuz-whatever ... to free up storage; then you can dpkg --purge the package that owned the file
<Maxel> just fill the file with 0 bytes you mean?
<mwhudson> then upgrade to bionic where this kind of stuff doesn't pile up in the same way :)
<mwhudson> (not necessarily helpful advice i realize)
<mwhudson> Maxel: yes
<mwhudson> well not fill the file
<Maxel> is that 18.04? cause that's what I was trying to actually do here
<mwhudson> replace the file with a 0 byte file
<mwhudson> Maxel: yes
<Maxel> ls -l
<Maxel> whoopsies
<Maxel> just cause I'm extra worried, so can I just do: echo "" > vmlinuz-4.4.0-128-generic
<sarnold> maybe; I've always used > filename to truncate files
<sarnold> using echo in that fashion may try to make a new directory entry and thus fail to allocate memory
<Maxel> no need to echo anything, just lead with the >
<sarnold> right
<Maxel> trying to purge the package now: dpkg: warning: ignoring request to remove vmlinuz-4.4.0-128-generic which isn't installed
#ubuntu-server 2019-03-26
<mwhudson> Maxel: the package is called linux-image-4.4.0-128-generic
<Maxel> how much space in my boot partition should I need to do the upgrade to 18.04?
<Maxel> and should I be able to upgrade without any issues?
<sarnold> guessing, ~250 megs ought to be enough
<Maxel> hmm, trying to do the upgrade right nwo and it says I need to download 563mb
<Maxel> I've got about 260m free on /boot/, but I only have 400m total
<sarnold> is /boot also on the filesystem that will receive all the downloaded packages? that'd be quite strange..
<sarnold> well, no, not really, but .. having only 400m free on / might be a serious crimp in the upgrade :)
<Maxel> I'm not actually sure where this will download to
<Maxel> I just assumed it would go to boot since every time I do apt upgrade, it fills up /boot
<sarnold> hehe
<Maxel> I'm just worried about blowing up my install, I assume it should be capable of aborting if it doesn't have necessary space
<sarnold> I think for 'easy' filesystem layouts it probably can handle it; but it probably assumes most package contents will be unpacked onto /
<Maxel> alright, giving it a shot
<Maxel> well this is not good
<Maxel> "ing" keeps printing to the screen
<sarnold> that does sound bad.
<Maxel> was a window error, but when I pressed enter it selected some option
<Maxel> I think I'm upgrade, lsb_releases -a says I'm on 18.04.2
<Maxel> I just don't know what I selected for a setting in that menu
<sarnold> what versions do you get from: dpkg -l bash systemd
<Maxel> http://paste.ubuntu.com/p/QMrHnJjJTz/
<sarnold> well, that's good and bad. the versions look good, but the 'it' rather than 'ii' means something went wrong partway through
<Maxel> yeah, I haven't restarted yet
<Maxel> not sure if that would be a good idea or not
<sarnold> try dpkg --configure -a   and   apt-get install -f  -- those can often either dislodge errors, or show you an error message to tackle next
<Maxel> dpkg: error: dpkg frontend is locked by another process
<Maxel> I have a suspicion that some process got backgrounded that is still finishing the install
<sarnold> aha!
<sarnold> it is run in screen, perhaps you just need to reattach to the screen session
<Maxel> what's the command for that?
<sarnold> back when I used screen I used screen -RAD
<Maxel> hmm, cleared out the screen, didn't seem to reattach to anything
<sarnold> try control-A, followed by l  (ell)
<Maxel> no dice
<sarnold> how about control-A 0, control-A 1, etc ?
<Maxel> well ctl-a isn't sending a signal at all it seems
<Maxel> I'm using a vmware remote console to do this, closest I get to a keyboard plugged into a machine
<Maxel> oh f, accidentally restarted the server.... welp lets see what happens
<Maxel> yeah, disaster, cant mount fs
<sarnold> uhoh :/
<Maxel> I haven't tried this function out, but I'm going to see if I can revert my vm image
<Maxel> hopefully it works
<Maxel> made a snapshot before I tried the upgrade out
<sarnold> lets hope it's happy with that :)
<sarnold> if the machine was mostly quiet then it'll probably be fine.. but databases sometimes don't take that kind of treatment well
<Maxel> reverted super fast, seems to be back to a good state
<Maxel> alright, got it upgraded I think
<Maxel> but now the upgraded os isn't mounting my drive I had connection correctly before
<Maxel> I'm not sure how to debug this though
<Maxel> "wrong fs type, bad option, bad superbloc
<Maxel> it's a drive controlled by a raid card
<DK2> what could be the cause when network installation of ubuntu 16.04 runs fine but after bootup of the system there are no nic found by ubuntu_
<DK2> theres only LO
<lordievader> Good morning
<DK2> theres no /lib/modules/4.4.0-142-generic/drivers in the installation
<gunix> does anybody know if docker just got removed from microk8s in the last updates?
<ahasenack> rbasak: I have an FTBFS in package X, that is fixed by patching a bug in a build-dep Y. Is it common to add the version of Y that has the fix in X's build-deps line?
<ahasenack> it will be an ubuntu release, i.e., <n>ubuntu<m> version at the end
<teward> hmm... I think I discovered a bug in the live installer.. o.O
<teward> 18.04.2, it boots without an Internet connection then crash-loops the subiquity installer when I try and set the 10.255.0.0/16 subnet with a search domain... hmmmm
<sdeziel> weird discovery of the day: pgrep depends on systemd, lzma, lz4, gcrypt and gpg libs ... who would have thought
<rbasak> ahasenack: no, I specifically avoid doing things like that.
<rbasak> ahasenack: it stops things like cherry-picks from working if the bugfix is backported.
<rbasak> The way I see it is: the versioned relationships are for a hypthetically bug-free version of what you're referring to
<rbasak> I'm sure there are exceptions where it's needed, but in the general case IMHO it creates more problems than it solves
<ahasenack> ok
<ahasenack> and I would SRU Y (from above example) at the same time as X
<rbasak> That should be fine I think. If it fails due to the race then the retry button can be used once the race is resolved.
<micmac> Hi
<blackflow> o/
<micmac> so I have to upgrade a 14.04.6 LTS server to 16.04.6 LTS. according to the discussion we had on #ubuntu, it may take me some time to improve my setup first (setting the right DNS entries and so on)
<micmac> and I'm a little busy right now, so I may have to wait some time before upgrading
<micmac> is there a risk keeping the server on 14.04.6 LTS version for some time, although it says the HWE is supported until april this year ?
<micmac> it's not an internet server, just a local server
<micmac> small company
<blackflow> well it wont' stop working on april 25st :) it only means you won't be getting any new updates.
<micmac> harware related, or any update
<blackflow> (unless you subscribe to ESM thatis)
<micmac> *hardware
<blackflow> any update.
<micmac> wow ok
<micmac> I don't think I'm really at risk here, but I guess I won't wait monthes
<blackflow> micmac: that's what I said for the last FreeBSD server in our fleet. it's still 11.1, hasn't been updated since summer. "Oh just a few weeks, we're migrating to Ubuntu anyway".
<micmac> blackflow: heh, I don't know how long it will take but I'll do it
<DammitJim> is all software from main repos free for use
<DammitJim> ?
<Pici> Yes.
<Pici> https://help.ubuntu.com/community/Repositories#Main
<sdeziel> DammitJim: AFAIK, every piece of software from the archive is free ($) to use
<tomreyn> that's if you have an intel cpu
<tomreyn> https://downloadcenter.intel.com/download/27591/Linux-Processor-Microcode-Data-File Version: 20180312 (which is apparently in 18.04.2) states "This Software is licensed for use only in conjunction with Intel component products. Use of the Software in conjunction with non-Intel component products is not licensed hereunder.". I run an AMD system, and i think this package was installed automatically (from main) here.
<tomreyn> i recall there was a lot of discussion about this, though, and maybe you (and I, as a user) were granted an exception.
<tomreyn> also there was a notion that this is not software in the ubuntu sense (it apparently is in intels') and thus doesn't need to be free to be in main.
<blackflow> tomreyn: obvs you're not using intel microcode on AMD cpu, even if the package is installed.
<blackflow> as for the "free for use" question above, I'd point out "within the confinement of what individual licenses allow". "free" usually implies "do what you want", that's why GNU folks prefer "libre" instead.
<tomreyn> blackflow: i have it installed, but don't have a license to it, maybe you're right in that 'use' is the relevant word there and it refers to 'running', not to 'installing'/'downloading'
<blackflow> pretty sure "use" means actually using the software, ie. running it. there'd be a lot more rioting from distros if it didn't.
<blackflow> as it was with the benchmarking limitation which they promptly removed, following a minor uprising with pitchforks in the linux community.
<blackflow> tomreyn: and if you wanna go into such detail, then be wary of the nvidia proprietary license which only allows ONE instance of the driver installed per physical machine.
<tomreyn> that's not in main, though
<tomreyn> the latest intel-microcode version in bionic is actually 3.20180807a.0ubuntu0.18.04.1 which doesn't have this license restrictions.
#ubuntu-server 2019-03-27
<Maxel> so I have a raid card that allows me to mount a volume in ubuntu server 16.04, when I upgraded to 18.04 I was unable to mount that volume
<Maxel> I don't remember how I mounted the volume initially, but I'd like to have the same volume with the same data in the upgraded ubuntu version
<sarnold> what error did you get?
<Maxels> good question, I'll load up my snapshot and see
<Maxels> so when booting, I get a failure on "failed to mount [volume]"
<Maxels> and then I am presented with warning I am in emergency mode
<Maxels> and I can also check the log for the mounting process that failed
<Maxels> mount: [volume]: wrong fs type, bad option, bad superbloc
<Maxels> if I revert to the old snapshot on 16.04 it works fine though
<sarnold> what filesystem type is it? does fstab just leave it auto or does it specify?
<Maxels> I'm trying to remember, I can switch to the other snapshot but I think it was xfs
<Maxels> I don't remember how to use fstab from when I set this up
<Maxels> I appreciate your help btw :)
<Maxels> does 18.04 just not support xfs or something?
<sarnold> at least on the kernel my laptop is running it required loading a module
<sarnold> cat /proc/filesystems | grep xfs
<sarnold> 	xfs
<sarnold> that's after sudo modprobe xfs
<sarnold> (please forgive the abuse of cat, I ran cat /proc/filesystems first just to see what it supported; I hadn't looked in ages :)
<Maxels> hmmmm, I'm trying to unpack what you're saying
<Maxels> did the cat search supported filesystems?
<Maxels> and is loading the module to support xfs as simple as an apt-get add?
<sarnold> it should just be sudo modprobe xfs
<sarnold> if that doesn't load it, then yeah, an apt-get install will be required :)
<Maxels> I'm not sure what modprobe normally would do, but it didn't print anything on that command
<sarnold> /proc/filesystems shows the filesystems that the kernel currently knows how to mount -- others may require loading modules, as it did for me to load xfs
<sarnold> usual unix rules, it shuoldn't print anything if it succeeds :)
<Maxels> hmm, ran modprobe, still failing the mounting
<Maxels> and then starting in emegency mode, although I don't know what emergency mode does
<sarnold> modprobe only affects the current boot
<sarnold> if you've rebooted then it's unloaded
<Maxels> hmmm, so how would I force the process to mount the disk again after running modprobe
<sarnold> I'd just try mount /path/to/device /path/to/mount/point and see if that works
<sarnold> if it works, then figure out how to get the boot process to mount it, if that's what you want, and if it doesn't work, then start debugging that :)
<Maxels> ah, I see what you're saying
<Maxels> so I ran the exact same command that failed on boot, and it failed after I had run modprobe
<sarnold> how did it fail?
<Maxels> same error as when booting: wrong fs type, bad option, bad superblock on /dev/sda, missing codepage or helper program, or other error.
<sarnold> is there anything more useful in dmesg?
<Maxels> I don't even know what dmesg is
<sarnold> dmesg dumps the kernel's message buffer
<sarnold> it's INSANELY wonderful
<sarnold> get to know this one :)
<Maxels> oh boy, lots of info
<Maxels> I'm digressing a lot, but something that drives me nuts is how history doesn't seem to always save, and gets truncated
<Maxels> is there a way to make history unlimited and save more often somehow?
<Maxels> I'm trying to remember the commands I used to mount the volume after I was wrestling with some accounts, and it lost history
<sarnold> so... history is involved.
<sarnold> you can configure a HGUE amount of aspects of it; man bash, search for HIST and histappend
<sarnold> running multiple shells at once tends to be the usual cause of "lost" command
<sarnold> there are external tools you can use too, to try to store history across sessions / computers / etc .. I don't use this myself, but it *looks* neat, you know? :)
<Maxel> yeah maybe that was a bad assumption, that it would work across sessions
<Maxel> I assumed it was user based
<sarnold> each shell maintains its own in-memory history of executed commands
<sarnold> and at exit will either overwrite the history file, or append to the history file
<Maxel> yeah, and I just want the "no matter where you're session originated, if you use the same user save any command to history, forever"
<sarnold> that can be done :)
<Maxel> I've got all sorts of problems with this upgrade though. I can't connect via ssh anymore, the fs isn't mounting correctly, I guess that's all my problems for now
<Maxel> history thing has been a long ongoing problem
<lordcirth> Maxel, try adding this to bashrc: "export PROMPT_COMMAND='history -a'"
<lordcirth> that will flush your history to file every command
<rbasak> cpaelzer: https://pastebin.ubuntu.com/p/xG2VTmDb7j/
<rbasak> cpaelzer: not a problem from an SRU review perspective, but seems odd from a git-ubuntu workflow perspective.
<cpaelzer> rbasak: that is the first time we used git ubutnu for that - formerly was pull-lp-source
<cpaelzer> interestign
<rbasak> cpaelzer: ah. It's because the watch file uses bz2
<rbasak> So therefore uscan does
<cpaelzer> ah ok, the confusion makes snese now
<cpaelzer> even "sense"
<theGoat> we are using setfacl to give the splunk user access to read logs in /var/log, but what we have noticed is that it is also changing the group permissions of the file.  is there a way to run it so it doesn't touch the group permissions?
<sarnold> theGoat: is the filesystem mounted with noacl?
<theGoat> no i don't believe so
<theGoat> i would have to reach out to one of the system owners
<sarnold> I did this on an 18.04 LTS and got the results I expected: setfacl -m u:root:w _z.jpg
<strk> what's the preferred way to pass env variables to a systemd service file ?
<jelly> strk: /etc/init/foo.conf is NOT a systemd service file, it's an upstart service... uh, thingy
<strk> uh
<jelly> disclaimer: srtk was accidentally asking about their "how to pass http_proxy env.var. to a service" trusty issue in #debian
<jelly> we had zero clue and less interest in that, but figured someone in here might remember enough about upstart
<sdeziel> isn't that the "env" directive?
<jelly> strk: see!  That's what happens when you ask in the right place.  Answers.
<sdeziel> strk: yes, that's env: http://upstart.ubuntu.com/cookbook/#env
<sdeziel> strk: you may or may not want to put that in a .override file (/etc/init/foo.override, see http://upstart.ubuntu.com/cookbook/#override-files)
<strk> how about: service localstack restart http_proxy=xxxx ?
<strk> is that expected to work ?
<lordcirth> strk, fyi, trusty won't be supported much longer, unless you're paying
<jelly> and if you're paying?
<jelly> will repos be moved somewhere behind a username and password?
<sarnold> updates will be hosted on a ppa
<sarnold> I think the archives will be left alone
<jelly> but still available to anyone?
<sdeziel> strk: no that won't work, see http://upstart.ubuntu.com/cookbook/#job-environment
<jelly> looking at Debian ELTS, paid support but the repo is free to use if you need fixes for a package that someone else is paying support for.
<lordcirth> jelly, the archives stay up for a while, yes, but without updates
<jelly> lordcirth: will the updates be hidden behind username and password or some other auth?
<strk> I didn't understand the documentation about `env`, nor I see a clear reference about job-environment in the #job-environment url
<strk> I'm probably too tired
<sdeziel> jelly: in https://www.ubuntu.com/esm#faq: "ESM is just a regular Ubuntu archive, but authenticated and served over HTTPS."
<lordcirth> !esm | jelly
<ubottu> jelly: Canonical offers paid extended security support for end-of-life LTS releases through the Ubuntu Advantage program. For more information, see https://ubuntu.com/esm . ESM is not an Ubuntu community offering; please direct questions about it to Canonical directly.
<sdeziel> strk: in your case, you'd probably want to use this: echo 'env "http_proxy=xxxx"' >> /etc/init/localstack.override
<sdeziel> strk: because otherwise, the job's environment is really minimal (only TERM and PATH)
<jelly> uh... why would the service manager define TERM
<jelly> wait, don't answer, I'm fine not knowing any more about upstart now that it lives only in EL6
<jelly> (and trusty)
<jelly> thanks for the faq!
<sarnold> no no I'm curious about this, what *does* it default to? :)
<sdeziel> sorry, -ENOTRUSTY
<sdeziel> http://upstart.ubuntu.com/cookbook/#mountall-examples suggests "TERM=linux"
<sarnold> TERM=linux is in a huge pile of expected test results too
<sarnold> https://sources.debian.org/src/upstart/1.11-5/ChangeLog/#L10626
<strk> sdeziel: but in that case It'll stay, while my goal is to NOT store the proxy info in a static place
<teward> where do I report a subiquity installer bug again?
<ahasenack> bugs.launchpad.net/subiquity iirc
<ahasenack> hm, no
<ahasenack> https://bugs.launchpad.net/subiquity/+filebug <-- there teward
<teward> ahasenack: that's what I thought i just filed my bug
<teward> nasty little search domain ERRORCRASH cases
<ahasenack> cool
<the_actor> I am having problems with setting up two factor authentication for SSH using pam_google_authenticator.so. I am using a fresh install of Ubuntu LTS 18.4 and canât seem to get PAM to work well with SSH. The minute I systemctrl reload ssh.service the SSH login prompt looks different and fails regardless of input. Been using this
<the_actor> https://www.google.com/amp/s/www.linuxbabe.com/ubuntu/two-factor-authentication-ssh-key-ubuntu-18-04/amp I have gone over the steps multiple times. Any suggestions?
<lordcirth> the_actor, anything useful in 'journalctl --unit ssh', 'less /var/log/auth.log', or 'less /var/log/syslog'?
<the_actor> I have not checked. I have rolled back the image multiple times to a base 18.4 install. I am thinking there is some thing I donât understand regarding how pam and or ssh work or some minor difference in the way the config files are written. The only other thing is perhaps I need to generate a key, which is something I am trying to replace with a password and a google auth token.
<lordcirth> I have not done this, so I don't know, but "check the logs" is usually a good place to start.
<the_actor> And Iâm not even sure that it is a good idea, because I have read in the SSH official documentation that they prefer password based login as opposed to public key. Iâm wondering how secure that actually is without some kind of pre-shared key or certificate being done over the cloud. So the Google authentication token seems like a good idea. Unless I am foolishly misguided.
<the_actor> I invite any input.
<lordcirth> the_actor, where did you see that passwords are preferred to keys?
<the_actor> The most important thing is, in its default state, once the user manual he authenticates the fingerprints, is every subsequent initial connection after that initiated with the protection of encryption?
<the_actor> Hold on let me see if I can locate the article.
<lordcirth> the_actor, with default ssh configs? Yes, everything is encrypted, and once the user accepts the host's key, any server without that key will be unable to impersonate or read the connection.
<the_actor> It was on ssh.com in one of their articles. I can not locate the exact one now. They were weighing out the pros and cons of key-based authentication password-based authentication and Certificate based authentication
<the_actor> lordcirth: what is your opinion on a simple password, and a google one time use authentication token?
<sdeziel> the_actor: ssh.com != openssh
<lordcirth> the_actor, depends, how much do you trust Google? :P
<sdeziel> the_actor: if you don't want TOTP specifically, you can easily do pubkey+Unix password auth with OpenSSH
<the_actor> lordcirth: interesting point
<lordcirth> Google Authenticator is proprietary now, which is a red flag.
<lordcirth> But I think you can do similar things with open source apps and self-hosting.
<the_actor> sdeziel: Good point. Just thought adding it to my google auth app would be easier.
<the_actor> lordcirth: Thanks for the warning, I thought it was open source.
<lordcirth> the_actor, it was, and then it wasn't. I think f-droid still has an old copy, but I wouldn't start using it if you aren't already.
<lordcirth> And yeah, pubkey + password means you need your device + your brain, which is pretty decent.
<the_actor> lordcirth: Thanks, to confirm. Even though I do not have any security cert on my server, with the default config once the ssh keys are accepted on initial connect then in subsequent connects my password is not sent in clear text over the cloud?
<lordcirth> the_actor, ssh will never send a password over cleartext. It will never send data over cleartext unless you pass some very specific and obvious options.
<the_actor> lordcirth: Ok, so then the safest bet would be to confirm the keys on first connect on the local net?
<lordcirth> the_actor, the main vulnerability here is that an attacker pulls a MITM attack on your first connection, you accept their host key, and they continue to MITM you. If you need to avoid this, copy the host key over yourself in some trusted manner
<lordcirth> Or just view the host key fingerprint on the server and compare visually, I guess
<the_actor> lordcirth: Cool man. You helped me a lot.
<the_actor> Thanks guys
<lordcirth> np
<keithzg[m]> Hmm, how might I blacklist libraries from being loaded while trying to run an executable? Trying to run a self-compiled version of `sqlite3` and it's failing on "header and source version mismatch" and I'm presuming (perhaps incorrectly!) that this is due to the sqlite3 libraries already installed on the system.
<lordcirth> keithzg[m], prepend your custom lib dir to LD_LIBRARY_PATH
<qwebirc24999> Hello. I am unable to use iscsi in initramfs properly - specifically, the internet connection is not established. This bug I am having since 18.10. It all works in 18.04.
<qwebirc24999> so what I did was install open-iscsi, then echo "iscsi" >> /etc/initramfs-tools/modules, echo "ISCSI_AUTO=true" > /etc/iscsi/iscsi.initramfs and update-initramfs -u. To see if it all works, I made a keyscript with curl example.com and disabled quiet splash. In 18.10 (and 19.04) connection details do not appear like in 18.04 (signaling that there is an issue) and example.com cannot be resolved then. How do I fix this issue
<keithzg[m]> lordcirth: Oh, I don't know why that didn't occur to me!  Although, that doesn't seem to actually change anything; I still get "SQLite header and source version mismatch" (then the two disparate entries corresponding to the `#define SQLITE_SOURCE_ID` lines in `sqlite3.h` presumably; certainly the one corresponds to that in my local copy of `sqlite3.h`. Hmmm.
<mwhudson> teward: thanks for the bug, i think that one is fixed in the current subiquity release
<mwhudson> but i should check i guess
<qwebirc24999> folks, why is it that on dhcp setup in initramfs I get a line 8 error 8.8.4.4 not found? My line 8 is IPV4DNS0=8.8.8.8 8.8.4.4 [ISP DNS]
<sarnold> try just one ip
#ubuntu-server 2019-03-28
<qwebirc24999> it is automated by configure_networking though
<qwebirc24999> how do I make it so that it'd work properly
<qwebirc24999> alright, so if I manually fix the DNS I now get a curl 60 error (SSL certificate problem: unabel to get local issuer certificate). I have the certificates in /etc/ssl/certs. What is wrong?
<sarnold> did you run update-ca-certificates?
<qwebirc24999> yes
<qwebirc24999> sarnold
<sarnold> hmm, I don't know what to suggest next
<lordievader> Good morning
<kstenerud> I have some questions about the MIR process
<kstenerud> A package I want promoted depends on just a few other packages, but some of them are pretty big
<kstenerud> so is there some rule of thumb over what gets in and what remains out?
<kstenerud> Or are there any packages that should simply be dismissed out of hand?
<rbasak> kstenerud: importance gets weighed against difficulty
<kstenerud> OK. In this case it's a command line tool that would pull in python-tornado and ruby-sinatra
<kstenerud> So now I'm wondering... will this become an uphill battle? Should I reconsider?
<kstenerud> er python3-tornado that is
<rbasak> Both of those seem really major to me. For Ubuntu, Ruby is particularly painful as we don't have most of that stack in main currently.
<rbasak> Why are they needed by the tool? Are they really mandatory?
<kstenerud> rbasak I haven't dug in too deeply yet. It looks like it produces a command line tool, and a web API server. If these can somehow be split out, that could work... I'm trying to decide if this has a realistic chance of being a MIR or not
<kstenerud> what I'd been hoping for was just a command line tool that people use to configure pacemaker/corosync. This web stuff being mixed in was a nasty surprise
<kstenerud> I'd still need to dig deeper to see if the cmdline tool is just a web client in disguise, which would kybosh the whole thing I imagine. But even if it can be standalone, would a split in theory be feasible>
<rbasak> kstenerud: there aren't any rules precluding a split. A single source package can produce multiple binary packages, some of which we can move to main and some of which can remain in universe. The only feasibility question is how involved the packaging work and maintaining that delta would be.
<kstenerud> ah ok, cool. I'll do some more digging then
<evit> Anyone know why the https://usn.ubuntu.com/ website and mailing list are always behind the release of patches. Seems like they should be in sync
<lotuspsychje> evit: wich patch are you talking about?
<evit> The patch comes and then it isn't announced for a whole day some times
<evit> The patch will be available but people might not know cuz its not on the https://usn.ubuntu.com/ or announced via the mailing list
<evit> for nearly a day sometimes
<evit> Seems like that should be more 'realtime'
<tomreyn> evit: smtp does not guarantee instant message delivery. a mailing list with thousands of users can take days until messages to all recipients were distributed.
<evit> tomreyn, I'm aware. That's not why
<tomreyn> have you tried the newsfeeds (RSS+ Atom), are those also behind?
<evit> tomreyn, no but all sources should be updated as soon as possible
<tomreyn> evit: maybe bring it up in #ubuntu-hardened once you have specific observations (with timestamps) you can share.
<lotuspsychje> evit: whats your end goal with this anyway? if a security flaw comes out, the flaw is being worked on to fix
<lotuspsychje> when the fix is there, the system updates
<tomreyn> it's relevant in companies where security updates are managed.
<tomreyn> or any form of organozations
<evit> lotuspsychje, Not my point. We know about vulns but need good info on when patches are available to mitigate them
<evit> lotuspsychje, Time is of the essence in many cases. The longer its not patched the more likely it is to be exploited
<lotuspsychje> we have seen in the past the hardened guys where behind of work..its human to get work done too right
<Odd_Bloke> I don't know any details, but I wouldn't be surprised if the usn.u.c updates can't start until embargo is lifted in some cases.
<evit> lotuspsychje, I'm not blaming anyone I'm just suggesting it should be more synced up and done in a more coordinated/timely fashion for the sake of the security of the community
<Odd_Bloke> So the update goes out to the archive as the notification process starts.
<lotuspsychje> yeah i think Odd_Bloke is right
<evit> I hear you both
<lotuspsychje> perhaps as tomreyn suggest talk to the hardened guys about it evit ?
<evit> lotuspsychje, Yes, I will. Thanks to you all
<tomreyn> you're welcome. ;)
<lauren> who would I talk to to argue for zstd and brotli, both very small binaries, being installed by default in the base server install? it would be cool to be able to distribute things as .tar.brotli or .tar.zstd, and the main bottleneck for this being useful is brotli or zstd being installed by default
<teward> lauren: a bit late in the dev cycle for this discussion.
<lauren> I don't really care which iteration it makes it into. I just realized it was something that would make sense in the future, and someone had to bring it up, so i might as well
<teward> getting it included into the main server images would require us syncing in the Security team and the SEcurity team doing analysis on zstd and brotli to determine if there's any major issues with the package(s) which would fail to land in Main
<lauren> :)
<teward> try reading https://wiki.ubuntu.com/MainInclusionProcess though
<teward> because Main Inclusion is... tricky
<sarnold> both brotli and libzstd are in main
<teward> they are?
<teward> sarnold: then why does rmadison say they aren't?
<teward>  brotli | 1.0.7-2                | disco/universe           | amd64, arm64, armhf, i386, ppc64el, s390x
<sarnold> teward: http://paste.ubuntu.com/p/J9Zk8J2Jfn/
<teward> hmm
<sarnold> teward: probably usual source / binary things
<rbasak> lauren: what's the full justification for why it'd be useful, please, for someone who doesn't know much about this area?
<rbasak> (I understand the default part)
<lauren> rbasak: brotli and zstd are the current state of the art open source lossless compressors; I'm not sure who zstd was originally by, but it's now permissively licensed and maintained by Facebook, and brotli is permissively licensed by Google. both are already in universe as of xenial. both brotli and zstd can reach much higher compression rates than nearly anything else, and can do it at much higher throughput than anything else open
<lauren> source; the only exceptions seem to be lzma which gets just barely better compression in the very best case, which is also not installed by default and is much slower on compress
<lauren> https://quixdb.github.io/squash-benchmark/#results https://sites.google.com/site/powturbo/home/benchmark
<teward> > maintained by Facebook
<teward> given their current Security track record I'd call that a negative impacting factor
<lauren> the relevant use case for me is I'd like to be able to distribute software brotli-compressed; brotli seems to average 2x or so smaller file size for binary data than bzip2, in the powturbo benchmark
<teward> just saying
<lauren> ah pretty good point
<sarnold> rbasak: zstd's --adapt feature is pretty neat; folks like using it with eg zfs send ... | zstd --adapt | ssh remote@host zfs recv ...
<sarnold> rbasak: .. if the network's really fast, it'll compress very fast; if the network is very slow, it'll spend more time compressing
<sdeziel> wow, that's interesting ^
<supaman> no matter who the developers are (google, facebook, kaspersky ... ) everything should be vetted right?
<sarnold> lauren: for "offline" use cases like that, be sure to compare against xz; xz is slow as sin to compress but gets great ratios
<lauren> for sure, guessing inclusion by developer is just a heuristic
<lordcirth> adaptive streaming compression? Ok that's really cool
<lauren> and fair enough. is xz installed by default? if not maybe I just want to suggest that be included by default
<lordcirth> By the way, I hear you can also speed up those sorts of ssh-piping things by including | buffer | on one or both ends
<sarnold> lordcirth: did you mean mbuffer?
<lauren> obviously since these are in the repos, it doesn't make that big of a difference
<lordcirth> sarnold, nope, the command is just 'buffer', also apt install buffer
<lordcirth> It just buffers pipes
<lordcirth> Ah, it seems mbuffer is an upgraded version?
<lauren> huh good to know. I assumed ssh would be reasonable internally
<lordcirth> lauren, it is reasonable in the sense of being safe and not using 500MB of RAM.
<lordcirth> Most unix tools, especially older ones, will err on the side of using less resources.
<lordcirth> For example, dd uses 512b blocks by default, and you can often get a big speed boost by specifying bs=1M
<lauren> ah makes sense. I always do something like that with dd yup
<sdeziel> lordcirth: I've reduced my use of dd after reading https://www.vidarholen.net/contents/blog/?p=479 which I found interesting
<lordcirth> sdeziel, cool, thanks
<sdeziel> lordcirth: I still use dd when I need to seek/skip though
<sarnold> I'm pretty sure that cp behaviour is pretty new..
<lordcirth> sarnold, which cp behaviour?
<sarnold> cp foo /dev/sdb
<sarnold> Once Upon A Time it would just unlink sdb and then put the data there. as you asked.
<lordcirth> Yeah, that was my first thought too
<lordcirth> sarnold, but old cat would work, right?
<tomreyn> there are pitfalls in working with raw devices like this
<tomreyn> some aren't block special but symlinks
<tomreyn> also accessing them will often require root / sudo, which makes piping and redirecting a tid bit more difficult than this blog post suggests
<sdeziel> tomreyn: symlinks should be resolved so that cp ends up writing to the real destination
<sarnold> lordcirth: yeah I'd expect cat to work. but then you've got to use a root shell rather than just using sudo on dd ..
<lordcirth> I've used sudo tee > /dev/null, but that's maybe slow for ISOs?
<tomreyn> i remember that i ended up replacing a symlink in /dev/mapper by a file when using .. i don't know what tool exactly in the past.
<rbasak> lauren: thanks, that's useful to know. Can I suggest that you file a bug (a single bug for both should be fine) with that justification?
<rbasak> I wonder what the longevity of this stuff will be (so we don't end up with a big pile of them that we can't remove0
<rbasak> )
<sdeziel> sarnold: this old cp behaviour you describe sounds like "cp --remove-destination", I am a bit surprised it ever was the default
<lauren> oh hmm longevity is a good point
<sarnold> rbasak: what, you don't love having compress and gzip and bzip2 and lz4 and brotli and zstd and xz all installed at once because once upon a time each one was the best tool available? :)
<rbasak> :)
<lordcirth> I've personally seen zstd referenced many more times than brotli, anecdotally.
<rbasak> Perhaps we should operate a one in one out policy :)
<sdeziel> considering that zstd can be used with btrfs, that pretty much guaranty it needs to remain supported forever
<lauren> nah, none of them are dead, it's a great criticism
<sarnold> sdeziel: the difference between in-kernel implementation vs userspace utilities..
<sarnold> though I haven't actually seen a compress file in AGES
<sdeziel> ah right
<lordcirth> 'compress' isn't installed in my 18.04 Xubuntu?
<lauren> maybe compress could be removed from default by now, but someone is going to be irritated and need to install it
<lauren> oh nice!
<lordcirth> Or on my 18.04 server
<sarnold> wow :)
<sarnold> I sure didn't expect that
<lordcirth> It hints to install 'ncompress' as it should, of course.
<sdeziel> gunzip  can currently decompress files created by gzip, zip, compress, compress -H or pack
<teward> sarnold: well given ncompress is in Universe I"m not surprised it's not a default :p
<teward> (yay for umt search!)
<sarnold> hahaha
<lauren> ahh interesting. so maybe the reasonable thing is just to tell users to install one. I expect both zstd and brotli to have solid longevity, because if I understand correctly, both have a lot of room for improvement in terms of more efficient compressors without changing the protocol
<rbasak> Do zstd and brotli have different use cases?
<lauren> I don't think so. I just don't want to pick sides.
<sdeziel> I've only heard of brotli being used for web stuff (browsers, libs, servers)
<sarnold> yeah brotli seems to be used with webfonts or something similar
<rbasak> Part of Ubuntu's purpose, for defaults, at least, _is_ to pick sides, to help us focus rather than dilute attention to detail. Perhaps that means we should wait until there's a clear winner between the two then. I don't have a strong feeling in any direction right now - just conscious that it's hard to go back once we do put something in.
<sarnold> zstd's adaptive compression feature is nice for some potentially-network-bound usecases
<sdeziel> sarnold: Firefox nowadays sends Accept-Encoding: gzip, deflate, br
<sdeziel> same for Chromium
<sarnold> gah why would it not put br first?
<sdeziel> oh, I didn't know the ordering played a role in the preference
<sarnold> oh well. web is their own world
<sarnold> they do what they do :)
<sdeziel> I bet the reason was because some middle boxes would exploded if gzip and deflate were not seen first
<lordcirth> Ah, middleboxes. Breaking compatibility since forever
<sarnold> heh :( probably true
<tomreyn> s/(compatibility)/\1 and encryption/
#ubuntu-server 2019-03-29
<patz0r> hey guys, I have a Ubuntu server running 18.04 and I just noticed that timedatectl is not running and fails to start
<patz0r> this is what I see in the logs, any idea what I can try to fix this?
<patz0r> # timedatectl
<patz0r> Failed to query server: Connection timed out
<patz0r> # tail /var/log/syslog
<patz0r> systemd[1]: systemd-timedated.service: Failed with result 'exit-code'.
<patz0r> systemd[1]: Failed to start Time & Date Service.
<patz0r> dbus-daemon[16875]: [system] Activating systemd to hand-off: service name='org.freedesktop.timedate1' unit='dbus-org.freedesktop.timedate1.service' requested by ':1.76' (uid=0 pid=20578 comm="timedatectl " label="unconfined")
<patz0r> I think this is actually my issue.. [system] Failed to activate service 'org.freedesktop.systemd1': timed out (service_start_timeout=25000ms)
<patz0r> any ideas on how to fix it without a reboot?
<patz0r> haven't touched this machine for a few months, logs like that go back to at least december
<lordievader> Good morning
<DammitJim> definitely not the right channel, but I don't know where else to ask... do you guys know of the proper technology/tool to continuously transfer files @ 5 files per second over WAN? I think at this point, the files are about 56KB
<lordcirth> DammitJim, are these files coming in constantly, and need to be synced across when they do?
<DammitJim> they are coming in constantly
<DammitJim> what do you mean by synced?
<lordcirth> I mean you want to immediately start copying them over WAN, best-effort, non-blocking
<lordcirth> Firstly I suspect you'll want inotify to trigger the copy
<DammitJim> I see what you are saying. Yes, I'd like for something in the stack to ensure the delivery of the files
<DammitJim> in this sceneario, I'm looking for what kinda transport/protocol to use
<DammitJim> We'll be the receivers fo this data
<lordcirth> Yeah, this is an interesting question actually.
<lordcirth> DammitJim, what's the latency between sites?
<DammitJim> I'm not sure about the latency
<lordcirth> Also, are the files compressible?
<DammitJim> I actually don't know how to measure that right now
<lordcirth> DammitJim, do you have a sample file?
<lordcirth> Or have any idea about their format>?
<DammitJim> the files are already compressed, but I'm sure we can try more compression... my fear is just the amount of files and the fact that they are constantly being sent
<DammitJim> no, no sample, yet
<lordcirth> ok, if they are already compressed, and 56kb, there's probably no point
<lordcirth> DammitJim, at 5/s, you might be able to just have inotify trigger an scp.
<lordcirth> depending on latency.
<lordcirth> However, if you lose connection, reboot, etc, you want a good way to catch up, possibly while more stuff is coming in. That might be the hard part.
<DammitJim> don't worry about inotify (that's the client's issue)
<DammitJim> I'm worried about picking the right implementation so that there isn't all this over head for connections
<lordcirth> Yeah, scp isn't an *efficient* way, but a 5/s it might work
<DammitJim> so, perform 5 connections every second?
<DammitJim> I guess that could work....
<lordcirth> It's far from optimal, but probably functional
<DammitJim> hhmmmm
<DammitJim> gotta go to a meeting
<DammitJim> bbl.. thanks for your input
<Ussat> Guys...srsly......Disco Dingo ?
<andol> Yepp, that's the part I look forward to most about Ubuntu 19.04.
<Ussat> There was a time I was wonderiong how people came up with these names...now..I really dont wanna know
<Ussat> Guess I should test the beta, but its not LTS so....
<blizzow> I installed an ubuntu 18.04 zerver using a ZFS root. After the installation was complete, I added a second disk as a completely new pool and set mountpoint=/path/to/my/dir newpool/newzfs. Now the machine hangs during boot because the new pool is not imported automagically. How do I get the zpool imported on boot?
<lordcirth> blizzow, did you use /dev/sd* device names? That can cause problems
<blizzow> lordcirth: I did because this is a qemu based VM. The disk is actually a ceph based rbd image.
<blackflow> blizzow: there's some race condition with systemd, so I'm mounting all datasets on boot via legacy
<blackflow> otehrwise, the zfs-mount.service is responsible for automounting
<blackflow> blizzow: which path are you trying to mount it? that's important. if it's a path in charge by tmpfiles, it won't work
<blizzow> blackflow: I'm trying to mount /var/lib/graphite/whisper/
<blackflow> blizzow: is that directory (supposed to be) empty on boot?
<blizzow> currently I have this line in /etc/fstab:
<blizzow> sdb/stats /var/lib/graphite/whisper zfs nodev,noatime,x-systemd.requires-import-sdb.service	0 0
<blackflow> ah no, use the dataset name
<blizzow> blackflow: definitely not supposed to be empty.
<blackflow> newpool/whateve  /var/lib/.../  zfs .... 0 0
<blizzow> blackflow: I named my newpool "sdb" :(
<blackflow> blizzow: I meant is there anything on boot that predefines any files in there, like tmpfiles
<blackflow> oh k. so is the sdb/stats have mountpoint=legacy attribute?
<blackflow> *does the
<blizzow> nothing should happen on boot that adds to that directory, no.
<blizzow> blackflow: no, it doesn't.
<blackflow> it should
<blizzow> okay, so I did zfs set mountpoint=legacy sdb/stats
<blackflow> if you're using fstab, then teh ds needs mountpoint=legacy, or else zfs-mount.service will try to mount it which may enter into race conditions. in particular, is /var or /var/lib also a zfs dataset? you said this was root on ZFS
<blackflow> I separate /var/log, /var/tmp and /tmp  from the root pool so I can rollback root without affecting those dirs, which usually should NOT roll back along with root.
<blizzow> It's ZFS root and I did not break out any subdirectories onto other pools.
<blackflow> well you should. if you rollback to fix botched update, you'll rollback logs and whatever else. /var/lib databases should also be separate
<blackflow> (of specific programs, not /var/lib itself, and definitely not apt's)
<sarnold> blizzow: have you tried dhe's advice yet?
<blizzow> sarnold: trying it now.
<blizzow> When I boot, it goes into default mode. I press enter for maintenance and do not see the zpool in there. I do a zpool import -a , then I do a mount /var/lib/graphite/whisper
<blizzow> Then I exit and things are up.
<blizzow> It's like the zpool is not being picked up during boot.
<blackflow> blizzow: did you set mountpoint=legacy?
<blackflow> btw, are you also asking in #zfsonlinux? I'd like to not waste my time here if you are :)
<blizzow> blackflow: I didn't even think to look for #zfsonlinux, I did ask in #zfs though ;).
<blackflow> ah, k
<plsuh> Would this be the right place to ask about trying to run a pfSense(FreeBSD) domU on Ubuntu Server using Xen?
<sdeziel> plsuh: do you have to use Xen? I believe you'd get a better experience with KVM instead
<sdeziel> plsuh: that said, if your question is about setting up that domU in the dom0 context, it's not pfSense specific so feel free to ask here
<plsuh> will FreeBSD run on top of KVM?
<sdeziel> yes
<sdeziel> I am myself running OpenBSD inside KVM for years now
<plsuh> ok, I will try that
<plsuh> I can get the HVM domU to execute, but cannot get any kind of response out of the domU whether via VNC or serial console
<sdeziel> plsuh: it's been a while since I played with Xen but I believe you still need to pass a cmdline arg to get a serial console on the Xen device (don't remember the name)
<sdeziel> ah found it, console=/dev/hvc0
<codefriar> Hello! I've an ubuntu 18.10 server reporting 'temporary failure in name resolution' whenever I try to ping a subdomain running on it.
<plsuh> I did that with a linux guest -- Alpine Linux specifically
<codefriar> I'm wondering if it could have something to do with setting up the bond on 3 of the 4 ethernet ports?
<plsuh> but that was in the Alpine init, not the HVM setup
<sdeziel> plsuh: by cmdline I mean kernel boot arg
<codefriar> any idea what might cause the 'temporary failure in name resolution' error?
<sarnold> codefriar: try pastebinning some dig output that shows what you're trying, where it fails, and maybe someone will be able to spot something
<codefriar> sarnold https://pastebin.com/3rHezetg this is ping output. I'm on the server hydra.local. their is a running docker service that supposed to be attached to plex.hydra.local. However, I can't ping it, because of the name resolution error
<sdeziel> codefriar: are you using systemd-resolved? If yes, please share /etc/resolv.conf content
<codefriar> https://pastebin.com/58Aw9z39 here's the pastebin with dig info
<codefriar> sdeziel i'm using 18.10, does that use systemd-resolved?
<sdeziel> codefriar: yes, and your dig output confirmed
<sdeziel> codefriar: I suspect that your search domain doesn't include 'local' in it so systemd-resolved tries mDNS to resolve this name
<codefriar> sdeziel this contains the only two uncommented lines in resolv.conf
<codefriar> https://pastebin.com/miw87PaU
<sdeziel> codefriar: you can check systemd-resolved config with "systemd-resolve --status"
<codefriar> sdeziel wow so much info here. Any clue what I'm looking for? How can I add .local ?
<sdeziel> codefriar: the domain name used
<sdeziel> codefriar: as to how to add .local to the list, it depends on how your network is configured. It's probably done using netplan as the config generator so please pastebin the /etc/netplan/*.yaml files
<codefriar> here's the output of the status command. I don't see a top level domain listed? https://pastebin.com/skwZBYW1
<codefriar> sdeziel here's my netplan: https://pastebin.com/HeWvb9Qu
<codefriar> sdeziel the netplan information was created by the installer.
<sarnold> if you picked .local yourself, you'd probably be better served by picking a different tld entirely.
<sdeziel> codefriar: hmm, I am not knowledgeable enough with netplan but I think you can achieve what you want by adding Domain=hydra.local to /etc/systemd/resolved.conf and restarting systemd-resolved
<sarnold> if you're trying to use mdns as it was designed, of course, I don't know why it's not going well.
<codefriar> sarnold well hostname returns 'hydra'
<sdeziel> codefriar: right, avoid abusing .local is the right way
<codefriar> sdeziel how am I abusing local? (not a combattive question, just ignorant)
<sdeziel> codefriar: understood. .local is reserved for mDNS resolution
<sdeziel> codefriar: technically, this mDNS thing is supposed to only be applicable to single labels under .local but many resolver/stub libs get this wrong, systemd-resolved included
<codefriar> sdeziel ok... so adding the domain bit should help?
<sdeziel> codefriar: adding .local to the domain list used by systemd-resolved disables mDNS for the said domain
<codefriar>  will that cause other machines on the network to fail to find hydra.local?
<codefriar> hmm, well that didn't end up fixing the 'temporary failure in name resolution' issue
<sdeziel> codefriar: did you restart systemd-resolved?
<codefriar> sdeziel Yep!
<codefriar> (twice)
<sdeziel> codefriar: pastebin the /etc/systemd/resolved.conf and systemd-resolve --status output please
<codefriar> --status now shows hydra.local as the DNS Domain
<sdeziel> hmm
<codefriar> https://pastebin.com/7CgzCrhv
<codefriar> this is /etc/systemd/resolved.conf https://pastebin.com/KwZQENnq
<sdeziel> codefriar: could you try with Domain=local instead?
<codefriar> sdeziel sure thing, one second
<codefriar> no dice.
<codefriar> sdeziel i did restart systemd-resolved
<sdeziel> codefriar: can you "dig @auth-server plex.hydra.local" ?
<sdeziel> or "dig @upstream-resolver plex.hydra.local"
<codefriar> dig: couldn't get address for 'auth-server': failure
<codefriar> same for upstream
<sarnold> you've got the give the ip address for those nameservers
<sdeziel> that was meant to be replaced with I think 192.168.1.65
<sdeziel> as this is the IP systemd-resolved will turn to for DNS resolution that it cannot fulfill from its cache
<plsuh> sdeziel: thanks, yeah I mis-typed -- it was in the kernel args. Thanks for the assistance.
<codefriar> sdeziel sorry, I mis understood. one second. (also, sorry, wife's car wouldn't start, had to fix)
<codefriar> sdeziel  no A record returned. resultedin SERVFAIL
<sdeziel> codefriar: OK so the upstream server has an issue, you'd need to fix this as it's what systemd-resolved would ask for the A record
<sdeziel> codefriar: assuming I really understood what you really want to achieve ;)
<codefriar> sdeziel that's fair. here's the dime tour of the goal. brand new (4hr) old ubuntu-server 18.10 install on dell r710. 3 of 4 nic's bonded to bond0, one left alone. bond pulls 192.168.1.80. En4 pulls 192.168.1.81. Server name is Hydra. Avahi installed, mac can ssh in via hydra.local . I've attempted to use homelabos (an anisble script) to setup a bunch of docker services that are supposed to be available on
<codefriar>  servicename.host.domain aka: plex.hydra.local however, none of the subdomains are functional, and whenever i try to ping one of them, I get nothing but the temp failure to resolve name error. That error seems un-related to the docker based stuff, so I was trying to work on resolving that issue.
<codefriar> OOC, is there a big networking change between 18.04lts and 18.10
<sarnold> nothing that I can recall
<sdeziel> codefriar: so you seem to need/want mDNS/avahi to work
<sdeziel> but only for the first label under .local
<sdeziel> codefriar: who/what publishes the "servicename.host.domain aka: plex.hydra.local" ?
<sdeziel> I'd hope for a dnsmasq or something ;)
<sdeziel> https://gitlab.com/NickBusey/HomelabOS says: "A domain configured with a A type DNS record of *.yourdomain.com pointed at your server's IP address."
<sdeziel> codefriar: maybe you should go to #homelabos
<codefriar> sdeziel no one there.
<codefriar> sdeziel the instructions say just put a whatever.local there
<sarnold> there's at least six people there now :)
<codefriar> sarnold thats new
<sarnold> now whether or not anyone is at their keyboard, good question..
<sdeziel> codefriar: since you don't seem to have an authoritative source of information to resolve plex.hydra.local, you can probably put it under /etc/hosts as a quick and dirty hack
<sdeziel> codefriar: I haven't look closely at the project but it seems that all the HTTP(S) traffic needs to be directed to a reverse proxy (traefik) that hopefully knows how to reach the actual backend
<codefriar> sdeziel yeah, traefik is up and running
<gbkersey> Doing a pxe install of 16.04lts and it is hanging because there is a dependency problem with the kernel...  Seems that the net installer installs linux-generic which pulls linux-image-generic 4.4.0.143 but that version of the kernel depends on linux-base >= 4.1, but linux-base 4.0 is being installed by the installer....
<sarnold> gbkersey: let me look around a bit
<sarnold> gbkersey: this looks like your bug .. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1820419
<ubottu> Launchpad bug 1820419 in linux (Ubuntu Xenial) "linux-generic should depend on linux-base >=4.1" [High,Fix committed]
<sarnold> gbkersey: comment #9 may help https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1820755
<ubottu> Launchpad bug 1820419 in linux (Ubuntu Xenial) "duplicate for #1820755 linux-generic should depend on linux-base >=4.1" [High,Fix committed]
<keithzg[m]> My co-worker spent aaaaaages trying to figure out why nullmailer wasn't working on one Ubuntu instance atop Windows but was on another; turns out the working one was 16.04 while the non working one was 18.04, and nullmailer apparently no longer ships with a SysV init script for /etc/init.d and the WSL builds of Ubuntu don't use systemd for some reason?
<tomreyn> !wsl
<ubottu> Windows 10 has a feature called Windows Subsystem for Linux, which allows it to run Ubuntu (and other Linux distro) userspace programs without porting/recompliation. For discussion and support, see #ubuntu-on-windows or ##windows. For installation instructions, see https://msdn.microsoft.com/en-us/commandline/wsl/install_guide
<keithzg[m]> tomreyn: I mean, I'm not surprised to see that WSL is weird, my comment in many respects was more about the lack of SysV init support in the current packaging of nullmailer (which would affect more than just WSL builds)
<gbkersey> sarnold: Thanks...
<tomreyn> keithzg[m]: according to https://github.com/systemd/systemd/issues/8036 systemd works on WSL, but then this is the wrong channel to discuss WSL specifics, as you read above.
<keithzg[m]> tomreyn: Yeah, I'm not too worried about that, I was just surprised by it. The only thing I really care about, which is why I bothered commenting here in #ubuntu-server, is that nullmailer apparently no longer ships with a script for `/etc/init.d` (as far as I can tell, using the one from the old package works just fine in 18.04 too).
<tomreyn> why would it, if the init system is systemd
<sarnold> I really wish we'd kill all the old sysv scripts from packages that support both sysv-init and systemd unit files
<sarnold> it doesn't feel like a cohesive system to have files for N different service managers in each package
<tomreyn> yes that'd be more than nice. probably also means a lot of work.
<sarnold> yeah
<sarnold> I mean, I haven't volunteered to do it :)
<tomreyn> if you had, i had asked you to share your scientific advances in human cloning and / or time travelling.
<sarnold> alas I keep hoping a future-me will show up with some good news but that bastard hasn't done it yet
#ubuntu-server 2019-03-30
<tomreyn> temporal prime directive probably...
<tomreyn> need to fix bug#1 first to advance to the next level and meet the volcanians
<sarnold> ahhhhhhhhh.
<sarnold> that explains so much
<tomreyn> gnu hurd might also come into play there, not sure.
<sarnold> hehe :)
<teward> sarnold: if you're still around, see PMs
<Haris> hello all
<Haris> on 14.04, in apache, for status mod, I'v configured require ip line. but its still opening /server-status for all other configured vhosts .. regardless?
<Haris> what context does ubuntu load the httpd modules enabled config files in?
<sarnold> Haris: the top-level apache2.conf file has a diagram showing how the config files are read in
<sarnold> Haris: here's the file *before* it gets preprocessed and put into the package http://paste.ubuntu.com/p/jrxYgRSgpj/
<sarnold> (I don't have easy access to the "real" thing, but the text at the top shouldn't matter)
<Haris> I need the context. this diagram doesn't mention the context
<Haris> putting in require ip line in /etc/apache2/mods-enabled/status.conf has no affect to who can access /server-status
<Haris> apache guys are telling me to check for which context this mod's config is loaded in
<sarnold> aha! http://paste.ubuntu.com/p/RPpXv4GSb5/
<sarnold> check around line 150 through 165
<Haris> doesn't make sense
<Haris> doesn't seem relative here
<Haris> related+
<sarnold> really? it seems to me that it's your situation exactly :) you have a config, you want it enabled on only one vhost, so you should use a2disconf to disable it globally, and then add it manually to the one vhost where you do want it
<Haris> hmm
<Haris> how does one hide dot files on this same box
<Haris> https://pastebin.com/ye13Fn2A
<Haris> this is my apache2 config for this vhost. I can't seem to hide dot files, be it via FilesMatch or Location blocks
<sarnold> hmm, your FilesMatch bit looks pretty close to what's on here https://httpd.apache.org/docs/2.4/sections.html
<sarnold> is there anything in the logs that might indicate why that one didn't work? that one looked good :/
<tomreyn> Haris: whats an example file url path that should have been blocked but was not?
<Haris> the /.env /.env.example /.git /.gitignore
<tomreyn> also define 'hidden', maybe you don'T actually mean to deny access but to remove off directory listings?
<Haris> deny access via web. allow access via dir locally
<Haris> for eg I have a laravel based app. it uses .env file for global config constants
<Haris> I don't want the file containing global config constats to be readable via direct url access
<Haris> but only readable by app for including
<tomreyn> in line 29 you want either LocationMatch or Location ~
<tomreyn> https://httpd.apache.org/docs/2.4/mod/core.html#location
<tomreyn> Still, I guess a URL path of /.env should still have been blocked by the Directory block.
<tomreyn> or the FilesMatch one there rather
<sarnold> I never got the hang of directory vs location in apache. I found it easier to switch to nginx than learn apache. but the block from lines 8 through 17 all kinda looked plausible
<Haris> location is for url paths context. directory is for dir paths context
<Haris> but apache community suggests to use dir context. and not use location context
<sarnold> yeah I think I came to the same conclusion, that directory was more reliable than location, to the extent I ever got it working
<tomreyn> same here. you can use either, and combine the two, but filesystem paths are really the more reliable approach.
<tomreyn> i actually like apache httpd's approach there better than nginx's, since it's more precise IMO, and more specific.
<tomreyn> and most of all much better documented
<tomreyn> this is relevant, too, and important to remember when combingin Location* and Directory* https://httpd.apache.org/docs/2.4/sections.html#merging
<Haris> ubuntu should have enabled locationmatch directive in 14.04
<Haris> a single regex doing most of the work
<Haris> is it enabled in apache on 16.x or 18.x?
<sarnold> tomreyn: 100% agreed on the better apache docs. no doubt. nginx docs have been adequate for the little I do..
<Haris> I'v had to put per url Location block in my apache2 vhost config file(s)
<Haris> makes for lengthy config files
<tomreyn> sarnold: have you ever needed to prevent access to dotfiles except for /.well-known in nginx? have fun figuring this one out.
<sarnold> tomreyn: no, everything in the directory is meant for public consumption. :) "the little I do" :)
<tomreyn> Haris: i'm convinced that LocationMatch works in 14.04. what makes you thhink it does not?
<sarnold> time for the weekend! good luck Haris, thanks tomreyn :)
<tomreyn> sarnold: :-) enjoy yours!
<Haris> apache syntax check gives msg that its not yet implemented on it yet and it doesn't wrok
<Haris> work+
<Haris> good luck sarnold =)
<sarnold> :D
<tomreyn> Haris: hmm and your apache2 package version is?
<Haris> 2.4.7-1
<Haris> 2.4.7-1ubuntu4.20
<Haris> amd64
<Haris> on 14.04
<tomreyn> weird. ok. and Location ~ doesn't work either?
<Haris> yep. it says it is not yet built for taking more than one argument
<Haris> for Location or LocationMatch or FilesMatch
<tomreyn> well, then i guess it's good it's reaching end of life in three weeks.
<Haris> yep
<tomreyn> there are 2.4.10 backports
<MJCD> Hey all
<MJCD> Anyone used Git Virtual File System? (GVFS) ?
<MJCD> i've heard it's not what I expect
<rypervenche> MJCD: What are you expecting it to be?
<MJCD> basically what I want is a CI and then an autocommit on save, automatic pulls, automatic versioning, etc
<MJCD> accessible as a filesystem
<MJCD> auto-update from core repo
<MJCD> all sorts of stuff
<MJCD> at a more basic level
<MJCD> just versioning of files, auto pull, auto commit
<MJCD> CI determines whether it happens at all and triggers the thing
<MJCD> and just auto incrementing revisions
<MJCD> idc if the x.x.version is like 320491
<MJCD> haha
<MJCD> but i've heard it's infact nothing like that
<MJCD> like it SOUNDS like it should be that
<MJCD> but isn't, and I can't remember
<tinoco> rafaeldtinoco was removed by: rafaeldtinoco
#ubuntu-server 2019-03-31
<PaulGit> I have created a new VPS at a provider with 18.04 and for some reason commands like WGET are not find the path to the CA to validate SSL certs.  Anybody who can help point me in the right direction?
<blackroot> PaulGit: use fetch
<andol> PaulGit: Do you have the ca-certificates package installed?
<PaulGit> I do have the ca-certificates installed
<PaulGit> If I pass the CA cert path to OpenSSL it is happy, if not it fails
<PaulGit> Is there a path setting somewhere>
<blackroot> were this package installed by default? have you tried to purge it then re-install to see if that helps?
<blackflow> sounds like perhaps the provider is not installing a regular Ubuntu but something modified.
<PaulGit> Yes, it was installed by default, I will try the purge and reinstall.
<PaulGit> If that fails I will contact the provider (CloudSigma) they have excellent support
<PaulGit> Purge didn't work. :(
<blackflow> PaulGit: does just one specific URL fail, or any https URL does?
<PaulGit> @blackflow I have only tried two.  GitHub and one of my own servers.  Both fail.
<RoyK> PaulGit: nothing like a Mitm-attack in the morning
<PaulGit> RoyK: indeed, as I live in China thatâs a distinct possibility!
<RoyK> PaulGit: that might explain itâ¦
<RoyK> PaulGit: do you have ssh access to servers outside of china?
<PaulGit> RoyK: the server is actually in Switzerland. SSH works fine to servers outside China but the GFW rate limits it so itâs no good as a proxy
<RoyK> PaulGit: perhaps it helps if someone could open ssh on port 443 or something? ;)
<gislaved> is it sane to import your certs into /etc/ssl/certs ?
<PaulGit> RoyK: sadly not, they use  DPI . The best means at then moment of âjumpingâ the GFW undetected is to use ShadowSocks or ShadowSocksR (the latter has obfuscation). When I first moved here 7 years ago SSH worked great, sadly itâs a cat and mouse game!
<PaulGit> Finally got to the bottom of my SSL issue. There are not symlinks in /usr/lib/ssl for some reason.
<kantlivelong> anyone here using samba on a windows domain? i cant seem to get ntlm auth to work
<kantlivelong> kerberos works fine tho
