#ubuntu-server 2006-02-27
<ivoks> fabbione: libapr0-dev in ubuntu doesn't contain all .h needed for ganglia :/
<fabbione> ivoks: i find it weird...
<ivoks> me too
<ivoks> but, get the source of libapr
<fabbione> i believe you
<fabbione> they might have added stuff to them
<ivoks> apr_arch_networkio.h is the problem
<fabbione> it's probably a non standard extension
<fabbione> i have no idea
<ivoks> sorry for bad packages other day :/
<fabbione> dude.. no need to be sorry
<fabbione> you have done a lot
<fabbione> i am sorry that i don't have the time to help with that
<ivoks> there it is:
<ivoks> /httpd-2.0.55/srclib/apr/include/arch/unix/apr_arch_networkio.h
<ivoks> but it's not part of the libapr0-dev
<fabbione> that's because guess..
<fabbione> our libarp is from 2.0.54 or something
<fabbione> infinity: ?
<fabbione> ^^^
<ivoks> 2.0.55
<ivoks> but this is the source of our libapr0
<fabbione> our libapr
<fabbione> uh eh?
<fabbione> do you mean we are just not shipping a file?
<ivoks> yes
<fabbione> CRAPTASTIC
<ivoks> :)
<fabbione> ok we can get that fixed easily
<ivoks> if we fix that, i can finish ganglia
<fabbione> i think so.. i would like to ask thom and infinity
<ivoks> sure
<fabbione> it comes directly from apache2 package..
<fabbione> that infinity is hammering
<fabbione> can you open a bug for it?
<ivoks> sure
<fabbione> source apache2.2 binary libapr0-dev ?
<fabbione> ehm
<fabbione> apache2
<ivoks> apache2
<fabbione> right :)
<ivoks> as soon as lp becomes usable :)
<fabbione> mail infinity ...
<fabbione> :)
<ivoks> is it ok to make it a major?
* fabbione explains something about bugs to ivoks
<fabbione> the severity of the bug increase in proportion to how much you like to hear the developer assigned to fix it straight into your hears, or how much you like to be publically larted if the bug is *cough*wrong*cough
<fabbione> keep it normal...
<fabbione> nobody ever noticed up till now
<fabbione> s/hears/ears
<fabbione> for about.. hmmm few years
<fabbione> so it's not that relevant other than for ganglia
<fabbione> that's not even updated in Debian
<ivoks> or isn't a bug :)
<fabbione> exactly :)
<setuid> Looks like the ubuntu-server ISO from 2 days ago is... incomplete
<setuid> The libc6_2.3.bleh package has a postinst that is broken, asks for the name of a City, and refuses every one, then says to press [Enter]  to see a list. Pressing [Enter]  does nothing at all.
<fabbione> setuid: please file a bug on glibc
<fabbione> that's not server specific
<infinity> ivoks: Have you filed a bug about that missing header?
<infinity> ivoks: Ahh, yeah.  I see it in my INBOX.
<infinity> ivoks: Do you have the source package that requires that header?  It's a private header, afaict at a quick glance.
<ivoks> i'm here :)
<ivoks> infinity: i'm trying to build ganglia with apr from distribution
<ivoks> not the one included in ganglia package
<ivoks> ganglia brings whole libapr source cause that header is missing
<infinity> Argh.  They shouldn't be using private symbols.
* infinity has a look.
<ivoks> :)
* ivoks has that look for days :)
<setuid> I'll just boot up another system and rsync it over... silly thing
<infinity> Okay...
<infinity> ivoks: Read lib/apr_net.c
<infinity> ivoks: You see where they decided to rewrite apr_sockaddr_ip_get?  That's why they needed apr_inet_ntop, which is a private APR symbol.
<infinity> ivoks: Either bring that bit of code (apr_inet_ntop) back into lib/apr_net.c (and stop including the private header), or bring the prototype declaration into lib/apr_net.h (not recommended, since it could change, in theory, but it probably won't), or stop using the mangled apr_sockaddr_ip_get, and use the real one from APR.
<ivoks> ok, thanks
<infinity> While it's not the "right" thing to do, popping "const char *apr_inet_ntop(int af, const void *src, char *dst, apr_size_t size);
<infinity> " into lib/apr_net.h (and removing the include for the private header) may be the quickest way to get it to build and test it.
<ivoks> i have to do it right way, not quickest way :)
<ivoks> thanks for suggestion
<infinity> Well, I'd try that first, just to see if it appears to DTRT.
<infinity> Ugh.  Redefining apr_inet_ntop from the ground up will result in using a mess of other private symbols anyway, until you've duplicated a bunch of APR code.
<infinity> GO GANGLIA, GO.
<ivoks> :)
<infinity> ivoks: Try my suggestion.  If it works, I'll turn a blind eye.  And it's only a 2-line change. :)
<infinity> I'd appreciate it if you yelled at upstream for using private symbols, though.
<infinity> ivoks: Tell them to write a macro or wrapper around apr_sockaddr_ip_get() instead, if they really want to change how they call it.  Rewriting it and hooking into APR internals (thus requiring them to ship their own copy of APR) is just plain silly.
<ivoks> ok, i'll contact them
<ivoks> i'll dig more into it later
<ivoks> since i have some things to do now...
<ivoks> anyway, thank you very much!
<segfault> morning!
<segfault> just got samba+ldap+heimdal working together here. including smbk5pwd, the overlay which updates automatically the ldap password entries for smb,unix and krb.
<segfault> any chance to have the slapd-smbk5pwd package i made uploaded to universe?
<Pygi> troy: ping ping
<Pygi> mgalvin: ping
<mgalvin> Pygi: pong?
<Pygi> mgalvin: do you happen to have any record of official specs of ubuntu-server?
<JulienH> Pygi: what do you mean by "happen" ?
<Pygi> N
<mgalvin> Pygi: you should be able to get them from the wiki, I may have a copy at home but i cannot get that that ATM
<Pygi> mgalvin: you erased that from wiki...the spec on wiki is not the detailed specs....
<Pygi> JulienH: ??
<JulienH> https://wiki.ubuntu.com/ServerCandy ?
<Pygi> mgalvin: are you working on that anyway? the people on the list got interested in that project
<mgalvin> I did NOT erase it, someone else did... i know that wiki page was moved, but you should still be able to recover it
<Pygi> JulienH: no, instant-server
<Pygi> mgalvin: no, the detailed specs was never on wiki I think...
<JulienH> https://wiki.ubuntu.com/UbuntuInstantServerSpec ?
<JulienH> Oh, the detailled spec...
<Pygi> hehe :)
<JulienH> AFAIK, it has been erased by Matt
<mgalvin> i did not erase anything
<mgalvin> it was as it was left
<mgalvin> the wiki team does do cleanup from time to time, they may have moved it
<Pygi> matt: have you done anything (a step forward or whateva) with your team ?
<Pygi> what's the status of that project?
<Pygi> you could follow -devel, you know :P
<mgalvin> i have not had time, the project was left as it was months ago... I am working on some large projects and don't have time atm to work on the instant-server stuff
<mgalvin> maybe in a few months but, no time very soon
<Pygi> bah
<rambo3> after installation of ubuntu-server is it posible to enable boot splash?
<Pygi> just one thought...if you use the installation as a server, how often do you reset to server to see the splash?
<Pygi> that being said, ubuntu-server probably doesn't ships with usplash package, but you can download it...
<Pygi> also, are you talking about dapper server daily build, or a base install from breezy?
<rambo3> breezy.
<rambo3> usplash is not well documented
<Pygi> well, that install any *if any* splash you wish
<rambo3> i only found how to copy over plash images , not fresh install on ubuntu wiki
<rambo3> ah , f* it i am going back to debian
<JulienH> that's a good begin-end troll ^^
<Pygi> JulienH: lol :)
#ubuntu-server 2006-02-28
<Psi-Jack> Heh
<Psi-Jack> Cute,
<Pygi> what? :P
<JulienH> Good morning UbuntuGuys :)
<Pygi> mornin'
<JulienH> Does some server features have been implementeed in the actual build of Dapper ?
<infinity> Not sure I understand the question.  Dapper has lots of included server software, it has a kernel tuned for server use, and it will ship both of those on a custom "server" CD...
<setuid> mmml... dapper
<setuid> Why isn't anyone seeding the dvd? Its been going for days... slowly
<JulienH> ok, but for example :  does the /etc RCS feature have a working implementation ?
<setuid> 0 seeds, 1 peer
<infinity> JulienH: No, an out-of-the-box /etc-in-revision-control feature will not ship with dapper.  Of course, it's simple to do on your own anyway.
<infinity> JulienH: I assume someone will find time to make that even simpler for dapper+1
<setuid> I've been asking for cvs-over-etc for about 6 years
<setuid> I almost wrote it when I was at Linuxcare
<setuid> There's also cvsfs
<infinity> Well, with bzr it's dead simple (and much less messy than with CVS), but we just didn't have the spare time to make a nice little "/etc in bzr" package for people this time around, that's all.
<setuid> Right, that's Martin's stuff
<setuid> Daniel had some other kit too
* setuid checks his mail
<setuid> prophesy or something, iirc
<JulienH> So if I understand, Dapper+0 will only ship with a custom kernel and "server" packages ? No additionnal features ?
<setuid> svn would be nice, because you can present it over DAV and do all kinds of neat things with it (like restoring boxes over DAV, doing mirrors and deployements, etc.)
<setuid> What's Dapper+O?
<setuid> infinity: Since you handle the Apache fu, why is it that "ServerTokens Prod" removes all the tokens, but not for some modules (xslt being one)
<infinity> JulienH: Well, we've put a fair amount of work into it.  And some stuff should seem "slicker" out of the box, like a default snakeoil SSL setup for all daemons (in main) that support SSL.
<infinity> setuid: You'd have to look at the source for the XSLT module to see WTF it's doing wrong, I suspect.
<setuid> yeah, I'll cut into it later
<infinity> setuid: Instead of adding itself to the list, it could be reading the Token list, adding its own, then overwriting it, or something equally vile.
<setuid> I wish I could have a slick grub splash like the fbsplash on the dapper server boot iso
<setuid> eye-candy at bootup for a LUG demo
<infinity> Grub splashes only last a short while anyway.  If you want a tiny bit of eyecandy for you LUG, install usplash on your server.
<setuid> usplash?
<infinity> (Not something I'd usually recommend, but hey, demos are demos)
* setuid tests that in vmware
<infinity> usplash, the userspace boot splash we install by default on desktops.
<setuid> I wish I wasn't the only peer/seed on the dapper dvd... but I am. Sigh.
<JulienH> In other thinking way, a bootsplash may be a good beginning in order to convince Windows "Admins" to migrate to Ubuntu ^^
<setuid> If that's what it takes to convince them, then I feel sorry for them
<setuid> "It must be better, look at their boot splash!"
<JulienH> Yeah ! That type of thinkings :p
<setuid> hrm, ubuntu-server now just boots into the grub prompt
<setuid> I just tried to fix it with grub-install, no luck
<setuid> wth happened here
<infinity> JulienH: We're intentionally not installing usplash on the ubuntu-server install, because A) that would seriously upset "real" admins, and B) a splash needs a framebuffer, a framebuffer needs to fiddle with VGA registers, and while vga16fb is generally rock solid, anything touching VGA registers can potentially make your system less stable, so why do it?
<infinity> If the goal is stability out of the box, having rhe very first thing we do (load a frambuffer and show you pretty graphics!) destabilises your system, we lose.
<setuid> I agree
<infinity> s/rhe/the/
<JulienH> I agree too
<infinity> However, if you want to show it off on the overhead projector at a LUG, it's only an apt-get install away. :)
<infinity> (And it's never crashed my laptop...)
<infinity> (Full disclosure: I maintain usplash)
<infinity> (And initramfs-tools, which is where it hooks in)
* setuid decides to blow this server away and rebuild from scratch 
<JulienH> Then, if Linux is losing stability just because of loading a framebuffer.... we should question ourselves lol
<setuid> Well, Windows put lots of drivers in Ring 0, causing fun lockups
<setuid> Its bad to do that
<infinity> Actually, I was the last person to touch the vga16 framebuffer driver too, come to think of it, so you can blame me on all counts if any of it sucks.
<infinity> JulienH: In practice, I've not seen vga16fb bring a machine down, but from years of experience, I can tell you that VGA registers are fragile things.
<infinity> It's the number one reason why I always run Win32 servers on the "Standard VGA" driver (which is as bare-bones as you can get), cause anything else is just pointless bling begging for a lockup on a machine you never look at the console on ANYWAY.
<setuid> I love how people use the OpenGL screensaver on servers, and wonder why things lock up
<infinity> Ugh.
<setuid> Ok, something seriously fucked up grub on this ubuntu-server install.
<setuid> I shouldn't have to reinstall from scratch to fix this, but grub doesn't want to work either
<infinity> Lovely.  Is this on bare metal, or in vmware?
* infinity noted the vmware reference above.
<setuid> in vmware at the moment, it worked great for a few days, dozens of boots
<infinity> What's it doing on boot?
<setuid> Kicks into grub> immediately
<infinity> Oh, that's special.
<setuid> Yep, special... as in special ed.
<setuid> I'll blow it away
<infinity> I'll plead ignorance on that one.  That's not gotten to anything I touch (kernel, initramfs, etc) yet.  That's grub itself hating you.
<JulienH> Where can I find a list of packages that are server edition specific ?
<infinity> JulienH: As in "will be included on the CD"?  That list isn't finalised.
<infinity> JulienH: Nothing is "server-specific" in the sense that it's seperate from the distro, though, it's all in Ubuntu main, just different packages end up on different CDs (and end up installed by default or not)
<infinity> Once installed, the world is your oyster via apt-get, so the lines get a bit fuzzy (or, rather, there are no lines)
<JulienH> I've heard that packages between the desktop and server version will be different...
<infinity> You heard wrong, then.
<infinity> Same repository, same distribution, just different package SELECTIONS on the CDs.
<JulienH> Ok, thanks for giving me the right information :)
<infinity> Same packages in the repository, though.
<infinity> (So, you could install ubuntu-server, then install ubuntu-desktop, and you'd have essentiall a normal Ubuntu install, except you might be running the -server kernel instead of the -386 or -686 kernels, though it's easy enough to switch kernels too)
<JulienH> So, what are the differences between the Desktop and the Server image cd ?
<JulienH> http://releases.ubuntu.com/breezy/ and http://releases.ubuntu.com/ubuntu-server/breezy/
<infinity> What packages are on the CD itself (obviously, the server CD will include no "desktop" software, and lots more server stuff in its place, like MySQL, PostgreSWL, Squid, Samba, Apache2, etc, etc), the server CD won't install anything more than a base system by default (by design), and the server CD will install a server kernel by default instead of a desktop one.
<infinity> If you have speedy internet, you really don't need multiple CDs.
<infinity> The normal desktop CD has a "server" installation mode you can kick into, which will leave you at exactly the same spot as the server CD would, except with a desktop kernel instead of a server kernel.
<infinity> Swap kernels, and you have a server installation (but a CD filled with useless crap like OpenOffice)
<JulienH> ok... so the difference resides in the kernel and the packages selection.
<infinity> Having seperate images is partially for the bandwidth-impaired (who can have people burn one for them, etc), and partly a way for us to yell loudly to the world "Hey, we're not just a desktop distribution!"
<infinity> JulienH: Yup.  That's about it.
<infinity> JulienH: The server CD may get more goodies as time goes on, including things like a small live image for recovery tasks and other fun stuff.
<setuid> speaking of which... can someone please seed the dvd ;)
<infinity> JulienH: But in the end, if you're just installed the OS, it's just kernel and package selection that matters to you.
<setuid> I'm getting 35B/sec.
<setuid> that's 35 _bytes_ per-sec.
<setuid> 0 seeds, 1 peer (probably me)
<infinity> Lovely.  I have no idea what goes on with the bittorrent stuff on cdimage.ubuntu.com, but I can poke people who do when they're around.
<setuid> I'll try to fetch it over http and see
<maswan> Hint: bittorrent sucks wrt performance outside the release rush, if there are less than 10 or so simultaneous downloaders, http is bound to be faster.
<setuid> I was getting 300+k/sec. yesterday and the day before
<setuid> Now at 50% downloaded, everyone dropped out
<setuid> I don't think people "Get(tm)" the point of p2p
<maswan> perhaps the u.c seeder is down while new dailes are built?
<setuid> possible
<maswan> but still, 300k/s is way less than you should be able to get with just plain http
<maswan> if you have a resonably fast internet connection
<setuid> I'm getting 50-90k right now over http
<setuid> http://cdimage.ubuntulinux.org/dvd/current/dapper-dvd-i386.iso
<setuid> It just jumped up to 177k, now its back down again
<maswan> you're right,t hat is slow
<setuid> Maybe the server's taking a hit
<infinity> Use maswan's mirror instead.
<setuid> where?
<maswan> infinity: we don't mirror current though
<setuid> hrm
<infinity> The Canonical datacentre has been bandwidth limited recently.
<infinity> maswan: Oh, right.  Not even Flight releases?
<maswan> infinity: because the time it takes to mirror all the daily builds is most of the day
<maswan> infinity: all the flights are mirrored
<setuid> I seed my mirrors by using torrents, and then they do http/ftp/rsync on their end
<infinity> Oh, but I don't think I rolled an official ubuntu-server Flight4..
<maswan> anything in the "releases" directories
<infinity> Mostly cause there was no point, cause the seeds are still a mess, so the CD contents would suck.
<maswan> infinity: ah, hmm.. perhaps they should dump more releases.u.c traffic our way then. :)
<maswan> bittorrent works good if it is a popular file and the server[s]  are bandiwdth limited
<setuid>  1% [                                     ]  33,252,480    88.17K/s  ETA 8:20:32
<setuid> maswan: No no... I mean seed your mirrors with bt
<JulienH> I've just installed the daily build of dapper server
<setuid> it doesn't matter if its popular or not
<JulienH> And the install kernel isn't server... any idea ?
<maswan> setuid: if 50% of the data comes from the same server as the one handling http, that bittorrent download puts 5 times as much load on the server wrt disk io and cpu, compared to http/rsync
<setuid> No no
<setuid> That's not how that works
<setuid> Let's say you have 100% of the file on one server
<maswan> ... yes?
<setuid> You have 5 mirrors, they all grab 5% of that 100%, 5 _different_ %
<setuid> Now there's 25% of that 100%, being shared across the mirrors, _NOT_ hitting you for it
<infinity> setuid: Seeding his mirrors with bittorrent would be pointless, given the amount of potential direct bandwidth he has to us.
<setuid> well, 20% of the data anyway, the first mirror hits you for 5%
<maswan> setuid: yes, breakeven there lies at about 20 mirrors, when I last looked at it.
<maswan> setuid: and that still is under the assumption that network bandwidth is more precious than disk bandwidth
<infinity> setuid: If you mean "mirrors, in general", then sure, but we don't have that many people who mirror cdimages on a regular basis.
<setuid> We serve something like 7GiB/day on release weeks
<setuid> its insane, and I'd never be able to handle it if it weren't for torrent
<maswan> setuid: I'm the cdimage.debian.org guy, I have looked rather carefully at torrents. :)
<setuid> infinity: I'd be happy to provide that
<infinity> maswan: Give the man some graphs of what you push out.
<maswan> http://www.acc.umu.se/technical/statistics/ftp/monitordata/
<maswan> last week
<setuid> I don't doubt that there's a bandwidth constraint, sure, I've lived through it for the last 5 years with our projects
<infinity> maswan: Still have stats for breezy release and sarge release?
<maswan> http://www.acc.umu.se/~maswan/2005-12-10/2gbit-freesoftware.html
<maswan> yeah, there are the big graphs. :)
<infinity> 2.13 TB over the last day.  Nice.
<infinity> You scare me.
* setuid pays for all of his own bandwidth, unfortunately, so I'm very keen on the whole bt/mirrors/squid/caching/cdn thing
<setuid> When my new business goes up, it'll be nice and fat pipe
<setuid> I mirror Wikipedia, LDP, CPAN and a few other things here locally
<setuid> Oh and Gutenberg, of course
<setuid> I'd love to be able to provide an ubuntu/debian/cdimage and pool mirror
<setuid> Just need to get some more disks
* maswan nods
* setuid owns/operates/manages gnu-designs.com and SourceFubar.net, among 60-or-so other domains and projects. 
<maswan> the seeding of the cdimage.d.o torrents is done from another filesystem on the same host btw, just to not pull the io performance of the main raid down too much.
<setuid> you doing raw reads, or is it a real fs?
<maswan> real fs
<setuid> jfs? xfs?
<maswan> xfs
<setuid> *nod*
<setuid> How much total, is your du -sch on the top-level cdimage tree?
<maswan> ubuntu or debian?
<setuid> Both (individually)
<maswan> debian-cd (released) is 138G
<setuid> I'm curious how much I'd need to bring that up online on the tracker
<setuid> Wikipedia's english version is a fat 340GiB
* setuid falls over
<maswan> ubuntu-releases is 40G
<setuid> Oh that's not bad at all, still under 200GiB
<maswan> cdimage.u.c (only releases/ dirs) is 113G
<setuid> Except I'd have to pull it all over http for now, to mirror it. By the time I was done, it'd be refreshed again.
<maswan> I think with all the dailies etc it is about half a TB
<maswan> cdimage (weekly builds, old releases, jigdo pools, etc): ... still running
<maswan> the jigdo pools are lots of dirs and links
<setuid> Right
<maswan> hmm.. I should head home now though.
<setuid> I'll see what I can do
<setuid> Thanks for the help (and I know your name from somewhere... were you here back in the #linpeople days?)
<JulienH> What are the differences between the linux-server and linux-image-server metapackages ? Their description are identical
<JulienH> "dpkg -l | grep server" gives me nothing...
<infinity> JulienH: Given that there's no linux-restricted-modules (yet) for the server kernels, nothing.
<infinity> JulienH: But if/when there is, "linux-server" would depend on "linux-image-server" and "linux-restricted-modules-server"
<infinity> JulienH: Which is the case with every "linux-$FLAVOR" package, which depends on "linux-restricted-modules-$FLAVOUR" and "linux-image-$FLAVOUR"
<JulienH> Ok, thanks for you answers
<spike> eeer, can anybody suggest what "SEL" could be when it comes to an acer server and "System fault" led?
<spike> the thing is I've got this brand-new machine, installed ubuntu server on it, system works fine but the "system fault" led is on, and it should indicate a critical error
<spike> I cant find a way to tell wtf it's complaining about
<spike> also I've enabled logging in the BIOS but cant find a way to view the logs
<spike> suggestions?
<infinity> None whatsoever, other than the not-very-helpful "don't buy Acer hardware"
<spike> oh, ssytem even log
<spike> that's what SEL expands to
<spike> infinity: too late, they got 3... , and of course never thought of asking me...
<spike> "it was a nice offer"
* spike shrugs
<infinity> Heh.  It always is.
<infinity> I don't suppose you're in Australia?
<spike> might have got them downstairs at the store with one of those "pay 2 bring home 3" promotions...
<infinity> (I'm from Canada, where I thought Acer was actually dead, until I moved to Australia and saw them EVERYWHERE)
<infinity> Hadn't seen any Acer systems back home for well over 5 years.
<spike> uh, why did you move from the lovely canada?!
<infinity> A girl.
<spike> dont really know australia but I were canadian I wouldnt ever migrate away :)
<infinity> THE girl, more accurately.
<spike> oh, ok, I would too :)
<spike> ehehe
<spike> lucky you
<spike> anyway, back googling how the fsck get access to the bios logs...
<spike> tnx for moral support :)
* spike might try to enable BIOS over serial link
<spike> could spit something there
<maswan> setuid: 838G    cdimage
<maswan> setuid: hmm.. #openprojects perhaps?
<maswan> or whatever that channels was called
<setuid> Probably, I was here before OPN
<setuid> Getting a BLAZING 6k/sec. on cdimage now, over http
<setuid> ;)
<JulienH> I was at 120kB/s on cdimage...
<fbn> will there be a new version for the courier-mta package before dapper release?
<Pygi> fabbione: ping
<Unfun> hola
#ubuntu-server 2006-03-01
<YogSothoth> Hello!
<YogSothoth>  I'm in the datacenter trying to install Ubuntu Server 5.10 on a HP wx8000. It's Qlogic isp1020 (SCSI controller) is causing a kernel panic at boot. Just had a look at Google but all messages seem old and relating to Ubuntu Hoary. Isn't this already fixed? Should I try a patched kernel? I'm a bit newbie to this, please help!
<Pygi> fabbione: ping
<JulienH> Pygi: pong
<Pygi> JulienH: huh? :)
<Pygi> JulienH: how may I help you? :P
<JulienH> Pygi: No need to help, thanks ^^
<Pygi> JulienH: ok :)
<JulienH> It was just about your "ping" for fabbione :P
<Pygi> JulienH: well, you aren't fabbione :)
<Pygi> see ya later
#ubuntu-server 2006-03-02
<setuid> infinity: Why no manpage for usplash?
<setuid> tsk tsk!
<setuid> And some wacky README about BOGL, but not usplash
<setuid> oh, n/m... but the missing manpage is kind of a buggefr
<setuid> er, bugger
<lh317> i think I'm of the mind bootup should be so fast tehre is no need for a splash screen ;)
<lh317> and on a server, why does it even have a monitor? ;)
<setuid> I was just poking at it
<setuid> it doesn't do anything anyway
<bintut> is ubuntu already good as production server?
<lh317> define "good"
<lh317> and "production"
<bintut> mail server.. stable for production.. supported by community especially on security fixes..
<fabbione> yes
<lh317> well, the latter is questionable, as you have to run universe, adn universe isn't 'offically supported'
<bintut> fabbione: you mean, ubuntu is already much like debian for its support?
<lh317> if you need an actual contracted support for security, you're stuck with RHEL or SUEL pretty much.
<fabbione> lh317: wrong
<lh317> sine when have they reversed their universe policy?
<fabbione> bintut: we do provide security updates for everything that is in main
<fabbione> bintut: and that's for free
<fabbione> bintut: time is about 18 months for breezy and 5 years for dapper
<fabbione> bintut: if you need way more than that, i suggest you discuss a possible support contract with canonical
<fabbione> lh317: no changes in that direction
<lh317> fabbione: then what I said is true.
<lh317> you have to run universe, unless all you want is just postfix or exim.
<fabbione> <lh317> if you need an actual contracted support for security, you're stuck with RHEL or SUEL pretty much.
<fabbione> this is wrong
<fabbione> because Canonical do offer contracted support
<lh317> fabbione: for universe?
<fabbione> and security for main has been always free
<fabbione> lh317: if you need support for universe you can get it if you pay
<lh317> curiosity, link?
<fabbione> but that's something you need to agree with Canonical
<bintut> fabbione: i'm about to setup a server.. i can actually support my server but not the security fixes
<fabbione> www.canonical.com ?
<lh317> link to pay support contracts for universe?
<bintut> brb.. i have a phone call
<fabbione> bintut: if your server is made only by pkgs in main, you get security for free
<bintut> fabbione: i'll talk to you later..
<fabbione> lh317: that's something you discuss on a per contract base
<bintut> fabbione: yeah..
<lh317> fabbione: which means if you're not willing to deal, you're stuck.  I'll amend then, if you need OOB support, you're stuck with RHEL or SUEL.
<fabbione> lh317: ok.. let's put it in another way since you don't understand...
<lh317> can I buy a ubuntu cd and get unvierse support OOB?
<fabbione> there are no ubuntu cd you can buy
<lh317> No.  Therefore, if you need out of box security contract for the full offering, you arent running Ubuntu.
<fabbione> ubuntu is free
<lh317> i didn't literally mean buy a cd.
<fabbione> jeee you are so way out of your mind
<lh317> i can't get a universe support contract without negoiating.
<lh317> I can go to redhat.com and buy a contract with jsut a credit card and a mouse click.
<fabbione> no because that would utterly expensive
<lh317> that is a big deal for some groups.
<fabbione> how many packages are in rh?
<fabbione> how many in universe?
<fabbione> make a comparison
<fabbione> than
<fabbione> then
<fabbione> think this way
<fabbione> you have all main for freee
<lh317> fabbione: compared main to rhel, especially for a server.
<fabbione> that's about dunno.. 4400 binary pkgs?
<fabbione> if you need one or two pkgs from universe you pay only for those
<fabbione> instead of paying BIGFAT amount for stuff you don't even need to care about
<fabbione> but of course..
<fabbione> if you want to pay for everything you don't need.. go redhat
<lh317> ... you obviously missed the whole OOB part.
<lh317> if I'm installing a box for a customer, negoiating a support contract for a single box is out of the question.
<lh317> they won't do it, adn I can't act for them.
<lh317> of course, tbf, RHEL is a double-edged sword anyway.  they have a package that can do what you want.  But it isn't the package you want or the version you want.
<bintut> fabbione: in that case, if i'll use dapper now as a server, the packages i fethed from the universe will not be updated to the latest security fixes?
<fabbione> as i said many other times.. you choose what fits you best :)
<fabbione> bintut: universe is not supported by default. so no.
<fabbione> bintut: if you need support for universe you want to talk with Canonical
<fabbione> bintut: also.. take into account that Dapper is still in development
<bintut> fabbione: who provide the packages for universe?  is it canonical or the community?
<fabbione> bintut: community
<bintut> fabbione: yeah, i know that dapper is in dev stage
<fabbione> bintut: but if you need support for them, Canonical will provide them for you
<fabbione> bintut: you get the idea.. i guess
<bintut> fabbione: are you connected with canonical?
<fabbione> bintut: yes. i have been working for canonical since the beginning of light
<bintut> fabbione: cool!  :)
<fabbione> bintut: but i am not the person you want to talk about contracts or support.. really
<fabbione> bintut: there is an email address on canonical.com
* fabbione checks
<bintut> fabbione: i'll ask you personally and hopefully you won't be biased: do you think that the community that provides the packages in the universe will provide their own security updates for dapper later on?
<fabbione> bintut: i can tell from experience that it happens sporadicaly
<fabbione> but not on a regular base
<fabbione> i mean i do use universe packages myself
<fabbione> but i know that i can't rely on them on supersecure servers
<bintut> fabbione: is there additional patches that are being applied when packaging software in the universe?
<fabbione> http://www.ubuntu.com/support
<bintut> fabbione: yeah
<fabbione> bintut: probably.. that depends from package to package
<fabbione> there are about 11000 pkgs in universe.. i somehow lack the time to look at all of them :
<bintut> fabbione: how will i know the server packages that will be included in the main source for dapper?
<fabbione> there is a FAQ for that..
<fabbione> let me find the link
<bintut> fabbione: yes, please..
<fabbione> i am not a big www/wiki lover
<lh317> http://people.ubuntu.com/~cjwatson/seeds/ubuntu-server-dapper/server
<fabbione> that one
<lh317> is what I had, dunno if it's the most update source or not.
<fabbione> thanks lh317
<fabbione> it is
<lh317> they still need to seriously beef their mail server package sets.
<fabbione> lh317: did you file wishlist bugs?
<fabbione> or do you expect people to read your mind?
<fabbione> (on the note: that list will be considered final only 15 days from release)
<fabbione> (more or lesS)
<lh317> no, I haven't, but it should be obvious that SA, one of amavais or mailscanner, etc ought to be included.
<fabbione> that's exactly where community should be
<fabbione> there is no such thing as obvious
<lh317> ...
<bintut> same comment here..
<fabbione> lh317: you want SA and whatever scanner.. i don't.. somebody else wants it but in another brand/pkg versions
<fabbione> (just an example of course)
<fabbione> so there is no obviuos...
<lh317> well, I understand that.  that's one thing.  But I haven't seen a, "pick which scanner will be in drake" thread or discussion or request of the community either, or even a bug to vote on.
<fabbione> if community doesn't express wishes,,
<fabbione> so consider yourself at fault for not bringing up the topic
<lh317> fabbione: in this case, this is fundamental enough something should be selected.  Now, if you picked opposite my chocie and I didn't voice, i'd stfu.  but this is like selling a car and saying, tires optional IMO.
<fabbione> fundamental to you
<fabbione> and your working env
<fabbione> are you aware that in some states/companies, spam filters are illegal?
<lh317> i can't think of that many email environments where mailscanning isn't essential.
<fabbione> i do :)
<lh317> i'm aware.
<bintut> postfix, sa, amavis-ng, clamav, openldap, samba, openvpn, squid, dansguardian, sarg, nagios, snort, ejabberd, etc..
<fabbione> anyway.. time to wake up wife and start weekend :)
<bintut> where can i post my request? sorry, i'm an ubuntu/debian newbie.. i'm a mandriva user for years..
* bintut reboot
#ubuntu-server 2006-03-03
<raf1hh> hi all
<raf1hh> has anybody any experience getting ruby 1.8.2 or 1.8.4 on a fresh 5.10 server?
<lh317> i haven't.
<raf1hh> there is so much conflicting info on this subject on google that my head hurts...
<raf1hh> thought would ask sombody...
<lh317> unless I'm missing something, it should be as easy as 'sudo apt-get install ruby'
<raf1hh> yes, it installs 1.8.3 which is very buggy and not advised to be running
<raf1hh> 1.8.2 and .4 are the two stable releases
<lh317> breezy claims 1.8.2-9
<lh317> so I have to wonder how you're getting 1.8.3.
<raf1hh> but once you install it, it actually is 1.8.3
<lh317> sure it's not like a CVS pull and the version is wrong?
<lh317> that's what the changelog implies to me.
<lh317> http://packages.ubuntu.com/changelogs/pool/main/r/ruby1.8/ruby1.8_1.8.2-9ubuntu1/changelog
<lh317> hrm, i need to learn to read.  updated to 1.8.3-preview1 :/
<raf1hh> is it possible/safe to install a package from debian unstable repository?
<raf1hh> I guess more like possible without breaking too much stuff...
<lh317> possible?  Yes.  Safe? depends.
<lh317> for ruby, i'd imagine the answer is probably, but I haven't tried it.
<lh317> anyway, add unstable to your apt.sources.list below breezy, and possibly pin that one package.
<raf1hh> thanks, will give it a try
<lh317> obviosuly, if you break it, I point and laugh and you keep the pieces ;)
<raf1hh> thank god for VMWare snapshots :-p
<lh317> indeed.
<raf1hh> lh317: thanks for the help again
<lh317> np
<tarvid> In the thinking stage but I want to shape outgoing traffic.
<tarvid> I have recently realized I cannot control incoming traffix except by deferring or dropping outgoing traffic
<tarvid> In particular, downloads are screwing up my VOIP traffic
<tarvid> any wisdom?
#ubuntu-server 2006-03-04
* netjoined: irc.freenode.net -> brown.freenode.net
<setuid> Why was aes256 removed from dapper? (this worked fine in breezy)
<setuid> ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key length (256 bits) not supported by kernel
<setuid> And I have aes_i586 loaded
<setuid> oops, that should have gone to -devel
<gaspedalo> hi guys. Someone ever used evms yet?
<gaspedalo> no? I'd like to make a raid5 but I am unsure and hesitant
<spike> uhm, shouldnt I be able to gunzip, loop mount initrd images?
<spike> I get errors about invalid FS
#ubuntu-server 2006-03-05
<noomz> PLz! Could anyone can help me with apache2 w/ ssl & php
<derekS> there is a program on universe candidates that would be nice for ubuntu server
<derekS> mt-daapd
<derekS> any cahnce of it getting uploaded?
<derekS> for daaper
<derekS> *dapper
<nictuku> derekS, try  #ubuntu-motu and #ubuntu-devel
<nictuku> it must go to main first, I presume
<derekS> nictuku: ok
<derekS> thanks
<allee> Sun Galaxy X4100 sda1 versus sdi1 root dev strangeness.  After netbooting with preseeding, reboot fails can'y mount /dev/sdi1.  In grub s/sdi1/sda1/ and boot successful.  df shows root it now mounted on /dev/sdi9
<allee> uh, not sdi9, sdi1 of course
<nictuku> missing a required module in the initrd maybe?
<fabbione> allee: talk to Keybuk on #ubuntu-boot
<allee> 'k thx
#ubuntu-server 2007-02-26
<jbjuly> I have a question about update-inetd, It's installed default by Ubuntu, does it provide inetd already? I search for /etc/init.d/inetd but could not find it.
<jbjuly> does update-inetd load inetd? or should I install inetd manually in order for it to work. Why is it installed by default?
<ivoks> jbjuly: you don't need inetd
<ivoks> update-inetd is there just in case you have it
<ivoks> if some service really needs inetd, it will depend on it
<jbjuly> I need to enable udp echo for ICP in squid
<jbjuly> will ICP work in ubuntu without inetd?
<jbjuly> apt-get rdepends squid doesn't have inetd
<ivoks> why would you need inetd for ICP?
<ivoks> squid will open port for ICP
<jbjuly> I have enabled it in squid, how do I check it if it's open?
<ivoks> you know what ICP is for?
<ivoks> for connecting to other squids on other machines
<jbjuly> yes, i'm implimenting it to a internet shop
<fabbione> you still don't need inetd for that
<fabbione> use netstat -an to check
<ivoks> netstat -an | grep udp :)
<fabbione> that won't work
<ivoks> iirc, it goes over udp
<fabbione> not with -n :)
<fabbione> no nevermind me
<fabbione> it does
<ivoks> :] 
<ivoks> nmap needs additional switch for udp ;)
<jbjuly> I enter netstat -an | grep udp, and I got 127.0.0.1:123, and 0.0.0.0:3130, I have set the multicast group to 224.9.9.9 in squid.conf
<fabbione> icpv2           3130/tcp        icp             # Internet Cache Protocol
<fabbione> icpv2           3130/udp        icp
<fabbione> that's right
<jbjuly> does it need to show 224.9.9.9:3130? or is it really working right now.
<fabbione> no
<fabbione> 0.0.0.0 <- everything
<fabbione> including 224.9.9.9
<jbjuly> thanks
<fabbione> so your squid is listening on 3130 on all possible ip addresses that machine can cope with
<fabbione> multicast is included
<jbjuly> I'm wondering why do I need to set 224.9.9.9 in squid to enable ICP?
<jbjuly> I mean, any chosen multicast group
<jbjuly> got it!, I netstat -g, and saw eth0            1      224.9.9.9, eth0            2      224.10.10.10
<jbjuly> thanks!
<lapo> hi
<GNu_Joe> lapo, morning
<lapo> hi GNu_Joe
<GNu_Joe> quite day
<mralphabet> as most are
<GNu_Joe> clear
<kupesoft> I'm having trouble communicating with clients across a network bridge. I'm running an ip-masquerading router,
<GNu_Joe> kupesoft, not ignoring you just don't know the answer
#ubuntu-server 2007-02-27
<Skrot> Hi. Do I need to do something special with ubuntu/pam to make libapache2-mod-auth-pam work in ubuntu?
<Skrot> oh, sorry
<Skrot> didn't see the topic before it was too late
#ubuntu-server 2007-02-28
<tensor> hello, anyone know of a good how-to on chroot-ing apache2 on ubuntu?
<tensor> let's try again
<tensor> hello, anyone know of a good how-to on chroot-ing apache2 on ubuntu?
<supervillain> Hello, what is the size does squid occupies on it's cache? I have a default squid.conf without modifications.
<supervillain> I'm just asking because I'm afraid squid might occupy all of the disk space.
* Starting logfile irclogs/ubuntu-server.log
<re-align> How do I set a server to run things on boot?
#ubuntu-server 2007-03-01
<parkerw207> heya guys just looking for a bit of help
<parkerw207> i have this idea , i want to host my own website with my own server
<mralphabet> okay
<parkerw207> would the ubuntu server addidtion be a good choice?
<mralphabet> ubuntu LAMP
<parkerw207> oo blah , brb being sent to me car to get something lol 
<mralphabet> LAMP = webserver ready for use right out of the box
<GNu_Joe> then install openssh-server ASAP
<GNu_Joe> if you want remote login that is ;-)
<parkerw207> yeah i will need remote login
<GNu_Joe> have to put that bug back in
<parkerw207> another thing , can you have a server hosting webpages , and have the server connecting my pc's in my house ?
<GNu_Joe> parkerw207, is the system an old PC?
<parkerw207> there is a lot :P
<parkerw207> ooo i havent bought one yet
<parkerw207> this is theory work at the moment
<parkerw207> i have tons of old pc's around
<parkerw207> but i was thinking of buying a dedicated server
<GNu_Joe> if it's older then say 4 years it may not be compatable with the server kernel
<parkerw207> thats cool , well my budget would be about 2000 
<GNu_Joe> in which case you will need to boot into recovery mode and apt-get a kernel that works
<parkerw207> ahh i see
<parkerw207> well , i'll buy a dedicated server
<GNu_Joe> dedicated? how so?
<parkerw207> right , i am a IT student so i dont knwo everything , as you can tell this is just prelimary research
<parkerw207> i thought you could buy dedicated servers ?
<parkerw207> or is that just a phrase i misinterpreted lol
<GNu_Joe> then look at KVM / QEMM for emulation you should be able to create a buch of vurtual PC's
<parkerw207> ooo cool , another thing , could i attach a load of hard drives to the server so that everyone on my linux network got saved to the server rather than their terminals? , we have a habit of laptop break sessions :P
<mralphabet> sure
<parkerw207> is it easy to do ? i aint thick , i am trying not to sound it :P this is just a bit of research 
<mralphabet> where is this machine going to be physically located?
<mralphabet> is this a business use server? like something in your office? or are you going to have it colo'd somewhere?
<parkerw207> well it was going to go in my house somewhere
<parkerw207> this would be for the family
<parkerw207> and to run my theoretical website lol
<mralphabet> I just needed to know what kind of scale we were talking about here
<parkerw207> like , 7 terminals
<parkerw207> and the server will be used to host my website
<mralphabet> for your windows clients, you can use somehting called roaming profile where all the user documents can be redirected to the linux box
<parkerw207> oo , were all switching to linux soon
<parkerw207> i'm using linux at the moment
<parkerw207> been using it for a while
<mralphabet> for linux clients I know you can do something similar, but I am not familiar with it
<parkerw207> oo i see , well it is easy enough to have the server hosting the website and the home network at the same tie ?
<parkerw207> or would that slow things down
<mralphabet> if you are buying anything recent, that type of use isn't going to touch the cpu / ram
<mralphabet> hard drives you may want to splurge on and make sure you get something at least 7200 rpm if not 10000 rpm with some decent size cache
<mralphabet> even still, 7 desktops are not going to put a dent in a decent machine.
<parkerw207> oo great , well i have 2000 for a server
<parkerw207> is that enough?
<mralphabet> . . . you could buy the dell 440 and be fine, those go for $400
<parkerw207> oo cool :)
<parkerw207> how easy is it to host your own email service?
<mralphabet> or bump up to the next chassis that has more room for hard drives and you go up to around $7or800
<parkerw207> so that would be around...650 pound
<mralphabet> whatever it works out to be
<stelis> We recently bought a Dell server for about 400
<stelis> I think it was a similar spec to a 440
<stelis> That was single disk drive
<parkerw207> oo that is good , is ubuntu good as a server?
<mralphabet> I use it on my file server and haven't had a problem
<parkerw207> oo thats ok then 
<parkerw207> linux is meant to be the best at servers right?
<mralphabet> it works well for what I use it for . . . best is in the eye of the beholder
<ivoks> 7 machines? and simple desktop computer could serve 7 machines :)
<parkerw207> yeah i see what you mean
<stelis> It's a lot more flexible than Windows, and has a large number of server applications
<parkerw207> oo i see
<parkerw207> so i could use an old pc?
<ivoks> i have 60 computers, whole / is server from old p3@1.1GHz
<ivoks> s/server/served
<parkerw207> ooo i see
<ivoks> but with SCSI RAID
<parkerw207> would i need the gnome desktop environment though?
<parkerw207> is that not a drain on things?
<ivoks> where?
<ivoks> on server?
<parkerw207> yup
<ivoks> servers are best if they run only the things they need
<parkerw207> yeah true
<mralphabet> though some of the administration is "easier" through the gnome desktop if you are not familiar with the command line
<mralphabet> though, I would suggest using the command line for educational purposes
<parkerw207> yeah i will do
<parkerw207> well thanks for tall the info guys , been very helpfull , now i have to go 
<parkerw207> have a nice day all 
<mralphabet> aol.com
<mralphabet> it makes one wonder
#ubuntu-server 2007-03-02
<puff> Evening, what do folks think about vhcs.net or ispconfig.org?
<puff> We're setting up a colo for some private projects;  one of the users is used to control panels.  I'm kind of gunshy of them, because they've caused me endless problems in the past.
<GNu_Joe> is anyone working on any server projects?
<bigredradio> Anyone here on the installer dev teams? I want to scratch an itch...
<bigredradio> My question is "Is there a reason LVM is supported, but only confiures one LARGE lv?" This seems wrong and I want to help correct it.
#ubuntu-server 2007-03-03
<kupesoft> I just set up a serial console (/sbin/getty -L ttyS0 38400 vt100), but it doesn't seem to be an interactive shell (I only get stuff after a line-ending is sent)... is that normal?
<kupesoft> I want to make a "headless" linux server,
<kupesoft> ubuntu, even...
<mralphabet> kupesoft: don't you have ip on the box?
<kupesoft> Yes, but what happens if I screw up the networking by accident?
<kupesoft> mralphabet: Is that how serial consoles work (not interactive?)
<mralphabet> well don't do that
<kupesoft> mralphabet: /
<mralphabet> ;)
<kupesoft> mralphabet: ;/
<kupesoft> I don't know why it won't work properly,
<mralphabet> to be honost, I have never hooked up serially to a linux box so I couldn't tell you
<mralphabet> http://www.ubuntux.org/setting-up-a-serial-console
<kupesoft> mralphabet: I followed those instructions exactly...
<mralphabet> then I am not sure what else to suggest, like I said, I haven't had to use a serial connection before.
<mralphabet> others may have better imput
<mralphabet> input even
<kupesoft> I guess I need to turn off serial buffering,
<kupesoft> using setserial?
<kupesoft> I sort of got it...
<kupesoft> My USB-to-serial device only seems to accept I/O on a line-buffered basis. A quick fix is issuing the command, "stty cbreak < /dev/ttyUSB0 > /dev/ttyUSB0 2>&1". What's the underlying problem and how can I fix it?
<eamonn> hi all. I'm testing feisty-server on a new system I just built. Is it ok to discuss here or is there a ubuntu-server+1 channel somewhere?
<eamonn> nevermind, sorry, I just read the announcement on the channel. I'll go over to #ubuntu.
#ubuntu-server 2007-03-04
<[miles] > guys, anyone awake?
<sacater> this is highly unlikely but has anyone got an old server that i may be able to remotely use for free
<sacater> or be root
<mgalvin> sacater: why not set up a virtual machine for what you need to do?
<sacater> mgalvin: erm, proper server would be preffered
<sacater> im happy to share :P
<mgalvin> sacater: i don't have a spare available, i only suggest a VM b/c i tend to use them for many things, especially testing stuff
<sacater> mgalvin: dont know anyone who has an active that they might want to share, i cant pay in cash, but i can probably pay back somehow
<sacater> over time
<mgalvin> sacater: sorry, not that i know of
<sacater> mgalvin: damn, well add me sacater@01welp.co.uk for jabber, and please let me know if you hear anything
<mgalvin> sure, i will keep an eye out
<sacater> mgalvin: thanks mate
<sacater> mgalvin: sign onto jabber please
<sacater> mgalvin: sorry, 01welp.co.uk dosnt work with gmail, please add sacater@gajim.org
#ubuntu-server 2008-02-25
<fujin> hiya - anyone had any experience with R-C-S and gfs/gnbd?
<fujin> I'm looking at buidling a redundant mailaccess/store system
<rhineheart_m> okay.. I am having issues with my postfix..it won't send nor receive emails
<fujin> two frontend dovecot boxes, two backend gnbd SAN-attached mailstorage (500GB~1TB) boxes
<fujin> rhineheart_m: dpkg-reconfigure postfix, answer the questiosn
<fujin> more importantly
<fujin> paste logs first
<fujin> rafb.net/paste
<faulkes-> fujin: what about load balancing?
<fujin> faulkes-: what about load balancing?
<faulkes-> dovecot1 dies, now what
<fujin> the dovecot boxes will be L4+ loadbalanced by Foundry ServerIronXL
<faulkes-> that answers that then
<fujin> mm
<fujin> I just need to find a ubuntu-suitable tutorial on r-c-s & gfs & gnbd
<faulkes-> I'm not aware of anything offhand, ubuntu-tutorials.com might have something
<fujin> bugger it
<fujin> it's so ridiculous trying to find any documentation on this
<fujin> time to read some manpages I guess
<faulkes-> and then write a tutorial for others ;)
<fujin> ha
<mok0_> alstone: 24
<rhineheart_m> how to uninstall postfix? everthing in there.. including the SMTP Authentication enties?
<rhineheart_m> how to uninstall postfix? everthing in there.. including the SMTP Authentication entries?
<faulkes-> sudo apt-get remove postfix
<rhineheart_m> would remove as well as the entries in /etc/ssl/certs/?
<soulc> ok so how do I allow my isp to send my server mail?
<Kamping_Kaiser> soulc, set them as smart host
<Ejdes|Lap> hi
<Ejdes|Lap> how do i check the version of a program trough apt???
<Kamping_Kaiser> Ejdes|Lap, apt-policy packagename
<Kamping_Kaiser> er, `apt-cache policy packagename`
<Ejdes|Lap> Kamping_Kaiser, thanks:D
<Kamping_Kaiser> Ejdes|Lap, np :)
<Ejdes|Lap> !google ubuntu postfix server howto
<Kamping_Kaiser> Ejdes|Lap, you can also use dpkg - `dpkg -L packagename`
<Ejdes|Lap> okay :)
<Ejdes|Lap> i'l put that on my wiki / note list:P
<Kamping_Kaiser> np :)
<Ejdes|Lap> wiki.ejdesgaard.com there isn't mutch, but there will come more :) and everyone is ofc. welcome to add usefull informaion :)
<Kamping_Kaiser> is Nick Barcet in here?
<lamont> dpkg -l to see the version, btw
<Kamping_Kaiser> lamont, quite true, thanks for the correction.
<milestone> is it possible to define search domains within knetworkmanager or networkmanager in general? it keeps overwriting my changes in /etc/resolv.conf. any help is highly appreciated
<Kamping_Kaiser> IMHO kill nm and setup your network how you want it :)
<faulkes-> generally, servers tend to be static in terms of network setups
<ScottK> ubuntu-server doesn't have network-manager, does it?
<henkjan> ScottK: it doesnt
<ScottK> Then it's a bit off topic here I'd think.
<ScottK> I guess he agreed.
<henkjan> :)
<_ruben> hehe
 * faulkes- grumbles at DBI
<Stonekeeper> hi. Some programs when being installed throw up a curses screen for user input. Is there a way to get around this so it involves no interaction? thanks.
<AnRkey> what groupware servers are worth while on ubuntu server?
<AnRkey> any suggestions?
<dantalizing> AnRkey i think one of the guys in our group (florida loco) is running egroupware, but all of them, IMO, are really up to your personal taste
<AnRkey> ok
<AnRkey> my friend in spain also recons that egroupware is a good choice
<AnRkey> thanks
<AnRkey> it's looking like egroupware is a good choice
<dantalizing> there are definitely people using it...
<dantalizing> i personally didnt like the UI when i looked at it, but that was a long time ago, so maybe its better, or maybe you love it
<faulkes-> citadel?
<faulkes-> hey zul
<[miles]> yo Stonekeeper not in the land of oz yet?
<AnRkey> i see that it's in the uni or multiverse repos
<Stonekeeper> heh [miles], no. Housing market very slow :/
<ajdebe> Help with configuring OpenVPN
<ajdebe> anybody
<ajdebe> ?
<ajdebe> ?
<rhineheart_m> Hello! How to host two sites with different domain names in ubuntu gutsy?
<AnRkey> rhineheart_m, it's easy, you want to read up on vhosts
<AnRkey> it's a few simple lines in your apacha conf file
<henkjan> rhineheart_m: http://httpd.apache.org/docs/2.0/vhosts/examples.html
<henkjan> rhineheart_m: vim /etc/apache2/sites-available
<AnRkey> there henkjan got to it first :D
<henkjan> rhineheart_m: vim /etc/apache2/sites-available/yournewvhost.conf
<henkjan> rhineheart_m: add your config for the vhost to that file
<henkjan> a2ensite yournewvhost
<rhineheart_m> I have webmin installed in the server.. can I do it there?
<henkjan> that will make a symbolic link from sites-available to sites-enabled
<AnRkey> henkjan, i feel like a noob now, i normally just add the config for the vhosts to the top my my apache2.conf file :D
<soulc> ok so I have got the mail server sending through my isp but I still can't send email to my server
<henkjan> AnRkey: that works, but with seperate config files for your v-hosts your more flexible
<rhineheart_m> henkjan: what do I need to do with the /etc/apache2/sites-available/yournewvhost.conf?
<AnRkey> henkjan, yeah, i was just thinking that
<AnRkey> more control
<AnRkey> Checking extension pgsql is loaded or loadable: False
<AnRkey> The pgsql extension is needed, if you plan to use a pgSQL database.
<henkjan> rhineheart_m: add your vhost configuration to that file
<AnRkey> what do i need to install to fix that?
<rhineheart_m> henkjan: so how will I do it?
<henkjan> rhineheart_m: http://www.debuntu.org/2006/02/22/7-virtual-hosting-using-apache-2
<henkjan> AnRkey: where did you get that error from?
<AnRkey> egroupware
<AnRkey> it runs some tests and thats what it spat out
<ajdebe> Help with configuring OpenVPN
<AnRkey> henkjan, I get this for the mysql part
<AnRkey> The odbc extension is needed, if you plan to use a MaxDB, MsSQL or Oracle database.
<AnRkey> Warning Checking extension oci8 is loaded or loadable: False
<AnRkey> The oci extension is needed, if you plan to use a Oracle database.
<AnRkey> I actually wanna use the mysql db as my backend
<AnRkey> i cant find any mysql oci8 package
<AnRkey> i found a libmyodbc for mysql but that does not fix the problem
<AnRkey> oh man am I a tard or what
<AnRkey> the error is about M$Sql not mysql
<AnRkey> haha
<henkjan> AnRkey: oci8 is only needed for oracle
<AnRkey> sorry to bother
 * AnRkey slaps himself
<soulc> so where is the howto about smarthosts?
<henkjan> dpkg --configure $MTA doesnt the trick?
<mathiaz> ScottK: what's your opinion on debian bug 465569 ?
<ubotu> Debian bug 465569 in cyrus-sasl2 "cyrus-sasl2: Use /etc/sasl2 as primary configuration directory" [Wishlist,Open] http://bugs.debian.org/465569
<mruiz> hey mathiaz
<faulkes-> morning mathiaz
<faulkes-> I've been fixing bugs / adding features to what I sent you in mail last night
<faulkes-> bugs fixes are in, features I'm still testing
<faulkes-> mathiaz: when I get the next part working, I'll give it to the ML to give feedback on
<ScottK> mathiaz: lamont and I have discussed it.  From a Postfix perspective it's a don't care right now.  I'd be relucant to migrate Postfx to use that in the next several years because there's TON of documentation that knows Debian puts Postfix SASL stuff in /etc/postfix/sasl
<faulkes-> morning ScottK
<ScottK> Morning
<zul> hey ScottK
<ScottK> Heya zul
<ScottK> mathiaz: What are your thoughts on it?
<lamont> mathiaz: more to the point, postfix just appends it's config directory to the path in the lib, so if the lib moves and the user migrates from /usr/$mumble to /etc/sasl2, then everything keeps on "just working"
<mathiaz> ScottK: I don't see anything wrong with their proposal.
<lamont> and it uses /etc/postfix/sasl specifically because the config really really really doesn't belong under /usr
<lamont> mathiaz: it's not a postfix change
<lamont> it's a cyrus-sasl2 change
<lamont> and it doesn't affect postfix either way
<mathiaz> I wouldn't change the postfix configuration.
<mathiaz> ScottK: I think you mentionned cyrus-sasl2 during last uds
<ScottK> mathiaz: I'm not particularly familiar with the impact on other SASL users though.
<mathiaz> ScottK: with the idea to drop it to universe.
<ScottK> mathiaz: I did, but there are to many other users
<ScottK> mathiaz: We did (IIRC) get the mail server tasksel to use Dovecot.
<mathiaz> ScottK: ok - I though you suggested to only have dovecot sasl in main.
<mathiaz> ScottK: and make sure that all apps in main would use dovecot sasl
<ScottK> mathiaz: I did, but there are desktop users of it too it turns out (I didn't know that at UDS).
<mathiaz> ScottK: ok. Thanks for the clarification.
<soulc> ok so now that I can sit here and actually see the reply
<soulc> I was on last nite as alstone
<soulc> talked to lamont about sending email through my isp
<soulc> but I still can't receive email on the server relay rejected but I don't want to enable all email cause then I would get a shitload of spam
<ScottK> soulc: What is it you're trying to do and how did you get where you are now?
<rhineheart_m> I have this error: upload_max_filesize
<rhineheart_m> The server configuration does not allow a good upload capacity (less than 10 Mb per file): 2M
<rhineheart_m> how to change it?
<faulkes-> rhineheart: you have to be more specific as to what application that limit applies to (I assume php?)
<rhineheart_m> yeah..php.. M using php file navigator
<rhineheart_m> faulkes: do you know how to solve it?
<soulc> installed postfix and configured it via ubuntu via instructions at https://help.ubuntu.com/community/Postfix
<soulc> sorry look away for a sec and boom someone replies
<faulkes-> rhineheart: in /etc/php5/apache2/php.ini search for that value (upload_max_filesize) and change it from 2M to 10M (or whatever M amount you need)
<faulkes-> you will then need to restart apache
<ScottK> soulc: Which release are you running?
<soulc> current 7.04 server
<soulc> I guess
<ScottK> soulc: 7.10 is the most recent.
<soulc> ok then it is 7.10
<soulc> server
<ScottK> OK.
<ScottK> soulc: Please pastebin error messages you're getting and the output of postconf -n
<soulc> fixed all of the errors mostly can't load keys etc
<soulc> ok
<soulc> so where how pastebin?
<ScottK> !pastebin
<ubotu> pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<soulc> http://paste.ubuntu-nl.org/57347/   http://paste.ubuntu-nl.org/57348/
 * ScottK looks
<soulc> brb
<ScottK> soulc: Let me know when you're back.
<soulc> back
<ScottK> soulc: Where does mail to absolute-zero.com get delivered?
<ScottK> To this box, right?
<soulc> to straylight
<soulc> not the box I am on
<soulc> or I guess what do you mean?
<soulc> host name is straylight.absolute-zero.com aliased mail.absolute-zero.com
<soulc> but I want the email to be <userid>@absolute-zero.com
<soulc> box is also alised www.absolute-zero.com
 * ScottK looks some more
<ScottK> soulc: What do the logs say for that transaction (/var/log/mail.log)?
<rhineheart_m> what's the command to make permission 777
<soulc> http://paste.ubuntu-nl.org/57354/
<rhineheart_m> soulc: what's the difference between www-data and 777?
<soulc> eh?
<soulc> www-data is the userid and group that ubuntu apache uses
<soulc> 777 is a chmod setting or could be a group id number
<soulc> sudo chmod 777 <path to file>
<rhineheart_m> okay..so what if I want to download a file through http? which one I need to do?
<ScottK> soulc: The postconf -n you gave me was for straylight, right?
<soulc> ummm yes
<soulc> yeah top line has command
<soulc> you can set owner of the file to www-data or just chmod the premissions to 777
<ScottK> soulc: mydestination = mail.absolute-zero.com, straylight.absolute-zero.com, localhost.absolute-zero.com, localhost is missing absolute-zero.com then isn't it?
<soulc> yeap
<soulc> ok done
<rhineheart_m> what do you mean with permission 700?
<ScottK> reload postfix and try again.
<soulc> ok
<soulc> damn that works
<soulc> rhineheart_m: sudo chown www-data:www-data <file> or chmod 777 <file>
<soulc> thanks
<rhineheart_m> you mean.. www-data:www-data and chmod 777 are the same file permissions?
<soulc> no
<ScottK> soulc: You're welcome.  Please look at https://help.ubuntu.com/community/Postfix and fix it so the next guy doesn't make the same mistake.
<soulc> the first is setting owner:group the second is setting file permissions
<faulkes-> mode 777 is highly insecure
<faulkes-> ownership/group should always take precedence
<faulkes-> at least IMO
<soulc> ummm scottK first how would I change it and second add <domian> to the line mydestination = server1.example.com, localhost.example.com, localhost?
<ScottK> soulc: It's a wiki.  Anyone can edit it.
<soulc> I guess it would be example.com
<ScottK> Yes
<soulc> kk
<soulc> don't think rhineheart got what he needed
<soulc> damnit no I am getting spam
<soulc> man I hate spam
<faulkes-> rhineheart: in order for a file to be downloaded via http, it has to be world readable, chmod 644 /path/to/file
<faulkes-> soulc: spamassassin is your friend ;)
<soulc> is graylisting done at server level?
<soulc> I don't even want the stuff to get to my inbox to be moved to my junk box
<faulkes-> I'm unfamiliar with what postfix does in regards to Xlisting
<soulc> damn have to eat brb
<faulkes-> I use spamassassin, it comprises whitelists, blacklists, rbl's and bayesian filters
<faulkes-> I set it up for a client awhile ago, they went from getting 1k+ spams / user down to a range of 5 - 40 per user
<ScottK> soulc: Start with amavisd-new and integrate that with Postfix.  Use it to call spamassassin.
<ScottK> It can also call clamav if you want anti-virus scanning.
<ScottK> soulc: Yes.  Greylisting is done at the server level.  There are a number of implementations available to work with postfix.
<faulkes-> zul: you here?
<zul> faulkes-, maybe
<zul> yes
<faulkes-> heh
<faulkes-> re: ebox 8.04 testing
<zul> yep what about it?
<faulkes-> I sent email, figured I'd ask here as well, you mind if I forward that request into the server forums
<zul> nope go ahead
 * faulkes- nods
<faulkes-> zul: where would you like any reports sent?
<zul> to me
<faulkes-> email? forums and I forward back? specific LP location?
<zul> zulcss@ubuntu.com
 * faulkes- nods
<faulkes-> will do
<soulc> thanks guys for the help got to go to work now
<sommer> hey all
<sommer> I've cooked up a likewise-open section: http://doc.ubuntu.com/ubuntu/serverguide/C/likewise-open.html
<sommer> all reviews and feedback are greatly appreciated :)
<mookid> I cant get restricted driver manager to work on server
<mookid> I've installed desktop and the restricted driver manager wont load
<mookid> :(
<faulkes-> sommer: the section on the gui is a little bit ambiguous for credentials
<faulkes-> i.e. does it apply to say, gui ssh clients, to gdm logins? to all of the above?
<sommer> faulkes-: ya, but since there's more than one way to gui I wasn't sure what to put
<faulkes-> hmmm, perhaps an annotation of applications it is known to work with in that fashion?
<sommer> faulkes-: it's all logins
<sommer> all domain logins that is
<sommer>  zul: I'm still getting "ubuntu-xen-server: Depends: linux-xen but it is not installable" when I try to install xen... just fyi
<sommer> zul: is there anything I can help with regards to that error?
<zul> sommer: afaik the meta package hasn been updated yet so no :)
<sommer> zul: okay, is there another way to install xen?
<sommer> or how do I find out which packages the meta-package installs?
<zul> apt-get source xen-meta
<sommer> ah, cool thanks
<sommer> zul: should linux-xen be replaced by xen-image-*** ?
<nxvl_work> how do i use the domain authentification on ubuntu?
<nxvl_work> i can't find the option
<nxvl_work> on hardy i mean
<sommer> nxvl_work: you man Active Directory auth?
<nxvl_work> sommer: yup
<sommer> cause if  you do check out: http://doc.ubuntu.com/ubuntu/serverguide/C/likewise-open.html
<nxvl_work> thnx
<nxvl_work> that's what i was looking fo
<nxvl_work> :D
<nxvl_work> for*
<sommer> nxvl_work: np, let me know what you think... if the guide is unclear, or could use more information
<nxvl_work> mmm
<nxvl_work> i think for ibex we need to integrate this process with the gdm configuration
 * nxvl_work writes on his UDS idea pull
<sommer> for server?
<nxvl_work> nop
<nxvl_work> for workstations
<_ruben> hmm .. one of my fileserver kernel panic'ed again .. thought latest kernel upgrade "fixed" that .. any tips on how to troubleshoot or whatnot?
<sommer> nxvl_work: gotcha
<nxvl_work> sommer: if i'm a user and want to login against my company AD server i really don't want to use the CLI i want a GUI
<nxvl_work> (also thats the ubuntu way)
<sommer> nxvl_work: there is a gui, but the guide is for server...
<nxvl_work> sommer: yes, but i don't want a separate GUI
<nxvl_work> sommer: it must be integrated on the gdm config one
 * nxvl_work tests
<sommer> nxvl_work: right, I beleive the options is going to be added during install... or at some point it will be
<nxvl_work> let's see
<sommer> nxvl_work: you would still have to join the domain before it could be in gdm, I'd think
<nxvl_work> sommer: you should be able to do it in there
<nxvl_work> sommer: i will try the GUI to see if new ideas come to me
<nxvl_work> sommer: i haven't use likewise ever, so i'm just looking how it works
<sommer> nxvl_work: cool
<sommer> I'm not sure you'd want to join a domain from gdm ;-)
<sommer> or maybe I'm misunderstanding
 * _ruben starts a memtest86 run to check for bad mem
<nxvl_work> sommer: as a user, if i want to join a domain i want it to be done at login time (like windows does)
<nxvl_work> i will talk to the desktop team
<nxvl_work> i'm also not founding the gui
<nxvl_work> :S
<sommer> nxvl_work: you have to login to windows as an administrator first, then join the domain, after which you can login to the domain
<nxvl_work> found it
<nxvl_work> sommer: that's what i mean
<sommer> nxvl_work: okay, I'm with ya
<mathiaz> lamont: about bug 162821 - isn't that a duplicate of bug 127184 for the bind9 package ?
<ubotu> Launchpad bug 162821 in gbindadmin "gbindadmin settings differ from that of bind9 package" [Undecided,Confirmed] https://launchpad.net/bugs/162821
<ubotu> Launchpad bug 127184 in bind9 "Installing bind9 in a chroot" [Wishlist,Triaged] https://launchpad.net/bugs/127184
<nxvl_work> sommer: to add the "join domain" option in the gdm configurator
<nxvl_work> sommer: and then the domain login option on gdm log in window
<nxvl_work> s/gdm/login manager/
<nxvl_work> mmm i need to configure an domain for testing purposes, i will do it later
<nxvl_work> mathiaz: did you know which are our main goals for ibex?
<sommer> nxvl_work: mmmMM... seems like it may be confusing to choose between joining the domain or logging into the domain, but maybe the desktop team will lilke it
<nxvl_work> mathiaz: as in what does canonical expects from us?
<nxvl_work> sommer: i just a matter of adding a combobox to the login manager
<nxvl_work> sommer: also, if i configure a domain is because i will use it every day (in most of the cases)
<nxvl_work> i will try to discuss it with the desktop team now and also at UDS
<nxvl_work> to see what they think
<sommer> nxvl_work: cool beans
<mathiaz> nxvl_work: it's up to the community to decide what we want for ibex
<lamont> mathiaz: those sound different..
<mathiaz> nxvl_work: that's why we'll all gather at UDS to discuss our goals for ibex
<nxvl_work> mathiaz: but, also canonical must gave us a general roadmap, or it doesn't happens at all?
<mathiaz> lamont: it seems that the part about bind9 was about running named in a chroot
<nxvl_work> i mean some initial ideas for developing our roadmap
<lamont> mathiaz: that is, installing bind9 to run in a chroot is blocked only by figuring out how to do that safely/correctly for upgrades, (or not), while the other is blocked on gbindadmin figuring out how to work with the dog.
<mathiaz> lamont: I'd suggest to fix gbindadmin to work ootb with bind9
<lamont> mathiaz: exactly
<nxvl_work> sommer: that is desktop team work, doesn't it? we only need to gave them the support they ask for us, didn't we?
<lamont> while getting bind9 to chroot by default is orthogonal to what silly admin wrapper package one chooses
<mathiaz> lamont: right. so I'd mark the bug as won't fix for bind9 (I don't think you can mark the bug as a duplicate just for the bind9 package
<sommer> nxvl_work: not sure I understand your question
<mathiaz> lamont: agreed.
<lamont> and yeah, "dear bind9, do what gbindadmin wants, kthxbye"  --> WONTFIX
<mathiaz> nxvl_work: canonical will be involved in the discussion
<nxvl_work> sommer: i mean, to add AD support for gdm is desktop team's work
<mathiaz> nxvl_work: but if the community wants to implement something, UDS is the place where we'll discuss this.
<sommer> nxvl_work: ah, um... I'd think so, server being non-gui
<nxvl_work> mathiaz: that's clear, i'm asking if canonical gave an initial pull of ideas as "we want to go on that way" and then we chose which way we took on this direction
<ScottK> nxvl_work: UDS is your chance to push it the way you want it to go.
<sommer> nxvl_work: on the gdm thing you might want to take a look at bug #192599
<ubotu> Launchpad bug 192599 in likewise-open "GDM support for domain choice" [Undecided,New] https://launchpad.net/bugs/192599
<sommer> if  you haven't seen it already :)
<jjesse> and while you are working on a gtk app for likewise and making gdm support the domain choice, make it for kdm as well :)
<ScottK> And kdm4
<mathiaz> nxvl_work: not really.
<mathiaz> nxvl_work: come up with your own ideas
<mathiaz> nxvl_work: there will be a list of blueprint that we'll discuss during the sprint.
<mathiaz> nxvl_work: that's a good indication about the topics
<nxvl_work> sommer: something like that is what i'm looking fot
<nxvl_work> for*
<nxvl_work> mathiaz: oh! i thought canonical traces an initial and general roadmap and then at the UDS the community traces a more specific one
<nxvl_work> ScottK: are you attending to UDS?
<ScottK> Planning on it.
<mathiaz> nxvl_work: no - not really.
<mathiaz> nxvl_work: come up with your ideas and we'll discuss them.
<nxvl_work> ScottK: woohoo! i'm so exited about all the people i'm going the meet in there
 * ScottK is excited about not having to pay to go this time.
<nxvl_work> mathiaz: is also fine if i make an open call for ideas by mail or on my blog? or is against the policies?
<nxvl_work> ScottK: also that
<ScottK> nxvl_work: How you generate your ideas is up to you.
<ScottK> But ideas you're going to work on have a better chance of getting approved.
<nxvl_work> i think is really usefull to know what the users want to see
<nxvl_work> ScottK: yes, but there is always someone who hear a good idea an offers himself to do it :D
<nxvl_work> btw
<nxvl_work> is there any ssh/crypt specialist inhere?
<zul> mathiaz: yo
<mathiaz> zul: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/194770
<ubotu> Launchpad bug 194770 in samba "samba-common is not installed with samba" [Undecided,Incomplete]
<vaughn> Can anyone assist in mounting a Dell Powervault 200s?
<zul> mounting as in how?
<nxvl_work> is there any ssh/crypt specialist inhere?
<vaughn> Well, I can see it but I can't see how to mount it
<vaughn> I'm on an IBM eServer x345 and the Powervault is attached via scsi
<zul> is it a tape drive?
<nxvl_work> vaughn: can you pastebin the output of "dmesg | head"
<nxvl_work> err
<nxvl_work> "dmesg | tail"
<vaughn> Yes, give me a minute
<vaughn> It's a RAID5 array
<vaughn> Sorry, troubleshooting other stuff while doing this...
<vaughn> Ok zul, hrere's the output:
<vaughn> vaughn@ivtvm:~$ dmesg | tail
<vaughn> [  215.210191] /dev/vmnet: open called by PID 4336 (vmnet-natd)
<vaughn> [  215.210214] /dev/vmnet: port on hub 8 successfully opened
<vaughn> [  215.914892] eth1: no IPv6 routers present
<vaughn> [  216.434176] eth0: no IPv6 routers present
<vaughn> [  225.133537] /dev/vmnet: open called by PID 4757 (vmnet-netifup)
<vaughn> [  225.133581] /dev/vmnet: port on hub 1 successfully opened
<vaughn> [  225.219106] /dev/vmnet: open called by PID 4761 (vmnet-netifup)
<vaughn> [  225.219147] /dev/vmnet: port on hub 8 successfully opened
<vaughn> [  235.797499] vmnet8: no IPv6 routers present
<vaughn> [  235.987232] vmnet1: no IPv6 routers present
<zul> vaughn, can you use pastebin but Im not sure whats going on
<vaughn> Sorry, it's here http://paste.ubuntu-nl.org/57384/
<vaughn> Basically, I see that the RAID is on scsi channel 2 but I'm not sure how to mount it correctly
<nxvl_work> vaughn: lspci?
<vaughn> http://paste.ubuntu-nl.org/57385/
<nijaba> hello
<mookid> hello people =)
<mookid> what's the package name for ssh server
<mookid> is it sshd ?
<vaughn> I think it's openssh
<vaughn> or open-ssh
<mookid> yeah openssh-server
<mookid> dont know where i got sshd from :/
<foo> foolano: begone, foolamo!
<foo> :)
<vaughn> Ok, so I guess the real question is, why doesn't my scsi raid show up in /dev/sda or something?
<kgoetz> vaughn: sorry, that questions a copy :p
<Nafallo> mookid: the binary ;-)
<vaughn> A copy?
<kgoetz> vaughn: yeah, its not real
<kgoetz> vaughn: hardware/software raid? either way, it uses different device names
 * kgoetz just noticed no one answered the question
<vaughn> hardware raid
<vaughn> kgoetz: it's a Dell Powervault 200s
<kgoetz> vaughn: check if you have any /dev/md*
<kgoetz> iirc thats hardware raid (but i havent used it in quite a while)
<Nafallo> it's dependent on the configuration surely? :-P
<vaughn> kgoetz: no /dev/md*
#ubuntu-server 2008-02-26
<vaughn> Ok, I'll try again...I'm trying to get Ubuntu to recognize and mount a Dell PowerVault 200s on an IBM Eserver x345
<faulkes-> iirc isn't x345 scsi controllers hostraid?
<dts> What would be some cool ways to make money off a server farm?
<faulkes-> dts: raise eCattle
<dts> :-P
<faulkes-> all depends on the size of the farm and what you can do with it
<faulkes-> if you have a big enough farm, you could possibly rent out time on it as cluster for SC projects
<kgoetz> wasnt Sun making a computing grid people could sell time into?
<faulkes-> not sure
<faulkes-> although obvious examples that do come to mind are amazons EC2 / S3 stuff
<faulkes-> unless of course you count that entire "oops the entire thing fell down went boom for a couple hours" incident ;)
<pwnguin> dts: sell render time to poor students in animation
<dts> selling to poor students
<dts> sounds like a failing business plan :-)
<pwnguin> they buy books like its nobody's tomorrow
<pwnguin> just sell cards redeemable for render time in the bookstores ;)
<RingTailedFox_> does any one here uses open ldap to auth each client from server (linux)  when login in winxp (client) ?
<pwnguin> dts: if you're good at programming, try mturk
<pwnguin> they post these supposedly difficult tasks that humans can do
<pwnguin> for cents a task
<pwnguin> humans do it slowly, software generally doesn't exist to do it all is the idea
<pwnguin> write the software and then have the cluster take out a thousand tasks at once. grab a few thousand for each task is the idea ;)
<pwnguin> things like "find the amount of tax paid on the house on this form"
<dts> hmm
<dts> good idea
<dts> i looked at it
<dts> it pays like a penny a task
<faulkes-> RingTailedFox: see likewise-open
<faulkes-> a penny a task eh? I think I'll stick to my thinking tasks, they pay a heck of a lot more
<pwnguin> faulkes-: i imagine if you do "abnormally well" they forward your contact info to HR ;)
<faulkes-> I would hope not, HR is the devil
<pwnguin> you know what i mean
<pwnguin> dear AI genius, please help amazon take over the world
<faulkes-> yeah, I don't think that would happen
<faulkes-> amazon is doing some cool stuff but I'm just not into the company
<faulkes-> well, not unless they were to make a significantly appropriate offer ;)
<pwnguin> i think if you were to solve some of those computer vision HIT sets they'd find the money somewhere ;)
<faulkes-> I'm afraid I'm probably not that bright ;)
<faulkes-> but I can mix up a mean dirty martini
<faulkes-> that should count for something
<pwnguin> well, it takes extra bright people to make money from computer clusters ;)
<faulkes-> I think I'll stick to the martini's ;)
<rhineheart_m_> hello! is anybody here could help me? my postfix won't send and receive messages...thanls..
<rhineheart_m> I just can't run the postfix..
<faulkes-> have you read the official server documentation and the community based documentation yet
<faulkes-> https://help.ubuntu.com/community/Servers
<rhineheart_m> yes..But its not still functioning
<rhineheart_m> M sure no port has been blocked since I could telnet port 25
<rhineheart_m> and I have all the control in all ports in our public IP
<noodles12> Just curious. I installed ubuntu-server (7.10) and when i booted it up, it saied "PANIC: cpu too old for kernel"  but i have a pentium M and i've run regular ubuntu before. anyone know why?
<faulkes-> rhineheart: then check your logs /var/log, that will likely indicate what the problem is
<faulkes-> noodles: boot into recovery if possible, or via a live cd, see which kernel is installed
<rhineheart_m> is it possible to add authentication like SSL to a folder in var/www/site/subfolder?
<faulkes-> SSL is not authentication, it is encryption
<faulkes-> but yes, you can use https:// based url's if you configure the server for such
<faulkes-> that however, will only encrypt the traffic between the client and server, it will not authenticate anything (other than the certificate)
<rhineheart_m> can I still download files if I will be using ssl?
<kgoetz> yes
<rhineheart_m> is it possible to only encrypt the login then after that it will go back automatically to http?
<faulkes-> yes, that is possible
<rhineheart_m> how to do it?
<faulkes-> I refer you to the community documentation, please read that first and make an attempt yourself
<faulkes-> if you then have problems, come back with questions and logs / errors so we can understand what is happening
<rhineheart_m> Is any of you here running ISPConfig?
<rhineheart_m> faulkes: I got that error..
<henkjan> rrrr, ispconfig. i once had a customers server with ispconfig, but didnt like it :)
<rhineheart_m> why? somethings wrong with it?
<henkjan> its a mess
<rhineheart_m> okay.. have you tried their latest version?
<henkjan> rhineheart_m: no, we don't use any 'panel' for managing servers
<rhineheart_m> have you tried using webmin?
<henkjan> i have one customer using webmin
<rhineheart_m> henkjan: I like its functionality
<rhineheart_m> henkjan: okay..
<henkjan> its breaking configfiles
<rhineheart_m> henkjan: really?
<henkjan> rhineheart_m: well, we you once use webmin, you can't use cli anymore
<rhineheart_m> henkjan: I have two domains.. and its nameservers are pointing to my public IP now.. how can I host them with different CMS each?
<kraut> moin
<henkjan> rhineheart_m: http://www.debuntu.org/2006/02/22/7-virtual-hosting-using-apache-2
<rhineheart_m> henkjan: thanks..do you know how to completely remove postgresql?
<henkjan> apt-get remove --purge $packagename
<AlferedHichcok> having problems with setting up LDAP. there is no conf file in /usr/local/etc/openldap        and when i just edited  /etc/ldap/slapd.conf. . it says "no conf file found in there" when i typed $ /etc/init.d/slapd restart. any help?
<henkjan> /usr/local/etc sounds like FreeBSD
<Kamping_Kaiser> yeah ^^
<AlferedHichcok> henkjan,  iam using kubuntu
<Kamping_Kaiser> or a weird custom install
<henkjan> did you install openldap by hand?
<henkjan> or using dpkg/apt-get ?
<AlferedHichcok> henkjan,  Kamping_Kaiser  the openldap site showed me that. i thought it was talking about linux
<AlferedHichcok> no. i did it by apt
<AlferedHichcok> apt .ya
<AlferedHichcok> /etc/ldap/slapd.conf is there. i edited it. but when i restarted it by the above command. it says no conf in there
<AlferedHichcok> what the heck is going on
<Kamping_Kaiser> then yoru after /etc/ldap.conf and /etc/ldap/slapd.conf
<Kamping_Kaiser> AlferedHichcok, give us the whole error please
<Kamping_Kaiser> and check syslog for relevent info
<Kamping_Kaiser> (eg, are you restarting slapd with sudo?)
<AlferedHichcok> ok. wait
<AlferedHichcok> having problems with setting up LDAP. there is no conf file in /usr/local/etc/openldap        and when i just edited  /etc/ldap/slapd.conf. . it says "no conf file found in there" when i typed $ /etc/init.d/slapd restart. any help?
<AlferedHichcok> sory.................
<AlferedHichcok> $ /etc/init.d/slapd restart
<AlferedHichcok> No configuration file was found for slapd at /etc/ldap/slapd.conf.
<AlferedHichcok> If you have moved the slapd configuration file please modify
<AlferedHichcok> /etc/default/slapd to reflect this.  If you chose to not
<AlferedHichcok> configure slapd during installation then you need to do so
<AlferedHichcok> prior to attempting to start slapd.
<AlferedHichcok> An example slapd.conf is in /usr/share/slapd
<Kamping_Kaiser> !tell AlferedHichcok about pastebin
<Kamping_Kaiser> AlferedHichcok, and if you restart with sudo what happens?
<AlferedHichcok> let me
<AlferedHichcok> Stopping OpenLDAP: slapd.
<AlferedHichcok> Starting OpenLDAP: slapd - failed:
<AlferedHichcok> Unrecognized database type (<other>)
<AlferedHichcok> sory. my bad.
<AlferedHichcok> Kamping_Kaiser,  i cant get a "good" guide on how to setup ldap. for kubuntu.  the openldap.org has given guide for freebsd i think ?
<Kamping_Kaiser> AlferedHichcok, have you looked in the ubuntu wiki and help.ubuntu.com ?
<AlferedHichcok> Kamping_Kaiser,  yes but there are some unclear thing in that too.
<AlferedHichcok> is this site for bsd only http://www.openldap.org/doc/admin24/quickstart.html ?
<Kamping_Kaiser> AlferedHichcok, try following that then asking specific questions.
<AlferedHichcok> Kamping_Kaiser,  ok
<AlferedHichcok> is this site for bsd only http://www.openldap.org/doc/admin24/quickstart.html ?
<Kamping_Kaiser> AlferedHichcok, its for if you do a compile of openldap from source
<AlferedHichcok> ah . ic
<AlferedHichcok> thx. ill be back soon
<Kamping_Kaiser> ok
<Kamping_Kaiser> np
<AlferedHichcok> :) thanks again
<Kamping_Kaiser> AlferedHichcok, you up and running?
<AlferedHichcok> where to add   BASE    dc=example,dc=com          and   what should come after  database
<AlferedHichcok> as it said.        Unrecognized database type (<other>)
<AlferedHichcok> Kamping_Kaiser,  no just with configuring it
 * AlferedHichcok is following https://help.ubuntu.com/community/OpenLDAPServer#head-364d440097c2dc33eb577fb37237fb937b39208d
<Kamping_Kaiser> AlferedHichcok, database by default is bdb. looks like you uncommented the '<other>' database entry
<AlferedHichcok> yes
<AlferedHichcok> i shouldnt?
<Kamping_Kaiser> no
<AlferedHichcok> k
<AlferedHichcok> iam adding   BASE    dc=example,dc=com     at the end of the file
<Kamping_Kaiser> # The base of your directory in database #1
<Kamping_Kaiser> its *just* below the database section
<AlferedHichcok> i see # The base of your directory in database #1             suffix          "dc=nodomain"               in                  # Specific Directives for database #1, of type bdb:          # Database specific directives apply to this databasse until another   # 'database' directive occurs
<Kamping_Kaiser> yep. that one
<AlferedHichcok> i should just add bas  BASE    dc=example,dc=com        below suffix  ?
 * Kamping_Kaiser suggests readng the full config file
<Kamping_Kaiser> then wondering about adding stuff
<Kamping_Kaiser> bbl
<Kamping_Kaiser> s/bbs
<AlferedHichcok> bbl?
 * AlferedHichcok 's first day it is.
 * AlferedHichcok is aware he had to change dc=domain          to dc=example
<AlferedHichcok> any body home?
<AlferedHichcok> Kamping_Kaiser,  henkjan
<henkjan> AlferedHichcok: http://www.howtoforge.com/linux_ldap_authentication covers installation and configuration of openldap
<AlferedHichcok> http://pastebin.com/m4eaa650b
 * AlferedHichcok waits
<AlferedHichcok> i cant understand. where to put        BASE    dc=example,dc=com          and what does the comands  in 'Populating The LDAP Tree' heading in https://help.ubuntu.com/community/OpenLDAPServer        means........ can any one help?
<AlferedHichcok> henkjan,  Kamping_Kaiser  sudo slapadd -l init.ldif          bdb_db_open: only one suffix allowed          backend_startup_one: bi_db_open failed! (-1)           slap_startup failed
<AlferedHichcok> henkjan, Kamping_Kaiser  you there..................?
<david2> Hi all..
<david2> How can I count the total number of files inside a directory & subdirectories?
<juliux> find ./ * |wc -l
<juliux> but i also counts .  and ..
<_ruben> `find -type f | wc -l` for files only
<henkjan> hmm, receiving a shipment of ubuntu-server cds from canonical
<henkjan> nice
<henkjan> but, how do they know where i work?
<henkjan> i recently joined the ubuntu-server team
<henkjan> but afaik didnt mention my employer
<henkjan> i also didn't know there were server cd's available
<henkjan> well, nice giveaways for our customers
<rgl> hi.
<jjesse> hello
<henkjan> hi
<rgl> you guys known how to create a bootable cd with ms-dos?  I need to flash an SMDC/IPMI board, but its failing in Linux :(
<jjesse> hrmm never made a bootable cd rom before, made plenty fo bootable floppy disks and usb drives
<jjesse> you can make a boot usb drive by formating it with the /system option
<rgl> jjesse, humm a flash drive is good enough too :D
<rgl> jjesse, I just need to go into cmd.exe and type format x: /system ?
<jjesse> rgl: is the computer you are running dos?
<jjesse> or is it a linux box?
<rgl> jjesse, not really.  its windows vista.
<rgl> jjesse, I can use linux too.
<jjesse> rgl: in vista you can't create a bootdisk w/ the format command
<jjesse> it was in win98 or earlier that you could use the format x: /system command
<rgl> oh I only have vista :/
<jjesse> check out www.bootdisk.com for some more information
<rgl> http://www.allbootdisks.com/download/iso.html ?
<jjesse> they have bootdisks for dos/9x/nt/2k/xp
<rgl> they seem to have boot disks too :D
<rgl> ah thx :D
<jjesse> http://bootdisk.com/bootdisk.htm
<jjesse> is what i use when i need a bootdisk
<rgl> which one do you use to write into flash?
<jjesse> i use one of the ultiies at the main page if i remember correctly
<rgl> how to edit an .iso file?  that is, I have to boot disk, but what to push some files into it
<sergevn> Hello, I have Postfix up and running with virtual domains,  great. But the problem is, Im relaying with my ISP, and the  sender gets "relaying denied" mails back. I think I narrowed  the problem down, it has something to do with "ident  callbacks" how do i disable this in postfix?
<ScottK> Are you doing the ident callbacks or is someone doing them to you?
<ScottK> In Postfix it's called SAV (Sender Address Verification) and it's not done by default.
<sergevn> ScottK: setup: mailserver-->ISPrelayhost--> Gmail
<sergevn> ScottK: when im sending from gmail to mailserver, i am getting relaying denied.
<ScottK> sergevn: pastebin the relevant bits from /var/log/mail.log
<sergevn> ScottK: nothing relevant there :)
<sergevn> ScottK: Let me double check
<henkjan> sergevn: add the domain for wich you are receiving to /etc/postfix/main.cf mydestination =
<ScottK> sergevn: If it's your postfix that's getting rejected then it will be.
<ScottK> henkjan: I think he's sending, not receiving.
<henkjan> ScottK: " when im sending from gmail to mailserver, i am getting relaying denied."
<ScottK> Ah.
<sergevn> henkjan: so im receiving :)
<ScottK> OK.  So it's not mailserver-->ISPrelayhost--> Gmail
<ScottK> What henkjan says it probably what you need then.
<sergevn> ScottK: Gmail --> ISPrelayhost --> mailserver
<sergevn> ScottK: yeah sorry :)
<sergevn> ScottK: when my mailserver is long time up, im getting emails, no problem, when i restarted it, it takes hours to get emails.
<ScottK> sergevn: So far you've described at least two different problems.  Let's fix one at a time.
<sergevn> ScottK: i think they are linked
<ScottK> sergevn: Please pastebin the output of postconf -n
<zul> morning
<ScottK> morning zul
<zul> hi ScottK
<ScottK> mathiaz: I think we ought to add ntp to the list of server packages.  It's in desperate need of some bug triage at the very least.
<sergevn> ScottK: http://pastebin.ubuntu.com/5005/
<ScottK> looking
<sergevn> ScottK: local mail traffic works
<ScottK> sergevn: As henkjan, add the domain you're receiving mail for to mydestination.  It's not in mydestination = manny.local, localhost.local
<sergevn> ScottK: does it also has to be in mydestination if it are virtual domains?
<ScottK> Yes.
<ScottK> That's how Postfix knows it's supposed to deliver mail for those domains.
<ScottK> locally I mean.
<LupusNoctis> can anyone recommend a good remote administration package for a fresh 7.10 server?  I love the command shell, honest I do, but other administrators just can't handle it. =]
<LupusNoctis> and the only other one I remember, webmin, has been disowned by the Ubuntu community.
<henkjan> LupusNoctis: ebox might be an option in hardy
<LupusNoctis> that's the next version, right?  I kinda need something to help me configure the 7.10 server I set up yesterday.
<LupusNoctis> specifically something to help manage the ethernet interfaces.  Managed to get the thing a DHCP addy, but eventually it needs to be static
<ScottK> If by disowned, you mean recognized that the way webmin works is fundamentally incompatible with the Debian package management system, then yes (about webmin).
<LupusNoctis> that's what I heard. =]
<ScottK> LupusNoctis: That's just a matter of editing /etc/network/interfaces.  It's not particularly needing a gui.
<LupusNoctis> I hate to admit it, but it took me about 4 minutes to remember what program to use to edit text files. =\   been far too long since I've set up a linux box
<henkjan> LupusNoctis: http://pastebin.ubuntu.com/5007/
<henkjan> LupusNoctis: /etc/network/interfaces is trivial
<AnRkey> what imap server is suggested for a server running postfix?
<henkjan> AnRkey: dovecot
<AnRkey> henkjan, is it easy?
<henkjan> apt-get install dovecot
<LupusNoctis> it's trivial if you remember how. =]
<AnRkey> haha ok
<henkjan> maybe little tweaking needed in /etc/dovecot/dovecot.conf
<sergevn> ScottK: it's not the problem, it worked before without those domains added to the config, they are delivered to virtual domains
<AnRkey> and I want to use a semi-catch-all account for incoming email
<ScottK> sergevn: OK.  Then show logs.
<AnRkey> one account with an alias for each extra user
<AnRkey> i am installing postfix now
<AnRkey> it's asking what mode to install it as
<henkjan> AnRkey: thats not configured in your imap server but in your MTA
<AnRkey> i know
<AnRkey> still busy with the postfix install
<AnRkey> what is a smarthost?
<henkjan> smarthost is eg smtp server from your isp
<AnRkey> ahh ok
<henkjan> some isps block outgoing port 25
<AnRkey> then it's internet with smarthost
<AnRkey> this looks easy enough
<AnRkey> yeah i think thats the case here
<AnRkey> gonna use my isp for outgoing
<AnRkey> and fetchmail for incoming
<AnRkey> thanks henkjan
<henkjan> np :)
<sergevn> ScottK: Ok, by the location of the moon it started working again, definitly problem/policy of my ISP for relaying email if server is down
<sergevn> ScottK: (without changing any configs)
<ScottK> OK.
 * AnRkey is in love with ubuntu
<AnRkey> is that normal?
<sergevn> ScottK: henkjan: thanks for the help :)
<henkjan> AnRkey: yep. here the same :)
<ScottK> It may be that if your ISP think's you're down it queues up your mail for awhile before it retries.  That's actually sensible.
<AnRkey> i find myself handing out cd's every chance i get
<sergevn> ScottK: ah well, at least my mail doesnt get lost :)
<AnRkey> henkjan, Package dovecot is not available, but is referred to by another package.
<AnRkey> just done an apt-get update too
<AnRkey> ahh
<AnRkey> dovecot-imapd
<AnRkey> thanks anyhoo
<faulkes-> afternoon nijaba
<nijaba> hello faulkes-, actually it is morning in boston
<faulkes-> ah
<faulkes-> hadn't realized you'd flown over yet
<faulkes-> hope all is well
<nijaba> faulkes-: all is well, thanks :) what about you?
<faulkes-> long night last night
<faulkes-> between regex, perl dbi, oo php and project management coursework I didn't get to bed until late
<jjesse> wow sounds busy
<faulkes-> oh and a client had an emergency they needed me to deal with
<jjesse> i'm glad my clients don't have emergencies i deal with :)
 * faulkes- is good at multi-tasking
 * faulkes- is better at it after a couple good belts of scotch though
<faulkes-> well, emergency on there part, which does not particularly equate to an emergency on mine ;)
<faulkes-> but dollars are dollars
<faulkes-> oh and a side note, if you ever try to install xp sp2 on a g4 350mhz via qemu, don't unless you have 4 days to wait for it to install ;)
<faulkes-> hopefully today will be a much slower day for me though
<jjesse> hopefully
<jjesse> interseting never tried to install xp on any mac before
<atomic__> hello, i am using apt-mirror to mirror gutsy for my local lan and the issue is this:
<atomic__> whoops
<faulkes-> your issue is you disconnect from irc?
<jjesse> don't you hate it when you forgot to finish the problem and then hit enter
<atomic__> so, some people put "deb http://archive.ubuntu.com/ubuntu/ gutsy main restricted" in their mirror.list
 * faulkes- checks apt-mirror for irc dependencies
<atomic__> lol :)
<atomic__> i cant get used to this new laptop
<atomic__> so i mistype and misclick
<atomic__> i was wondering if i can put "deb http://mk.archive.ubuntu.com/ubuntu/ gutsy main restricted universe" (and the same for gutsy-updates and gutsy-security)
<atomic__> as oposed to having separate entries
<atomic__> ill just paste the 3 lines...
<atomic__> deb http://mk.archive.ubuntu.com/ubuntu/ gutsy main restricted universe
<atomic__> deb http://mk.archive.ubuntu.com/ubuntu/ gutsy-updates main restricted universe
<atomic__> deb http://security.ubuntu.com/ubuntu gutsy-security main restricted universe
<atomic__> i built the mirror with only the first line, apt-mirror is currently downloading files for gutsy-updates and gutsy-security
<atomic__> anyone please?
<ScottK> mathiaz: Would there be any chance of you merging cyrus-sasl2 soon?  I think we definitely want it (adding saslfinger to our package is enough by itself, but there's also a security fix), but I'm unlikely to have time this week.
<atomic__> i dont understand the repo mechanism very well, and i just need to know if that will work
<mathiaz> ScottK: I can have a look at it.
<ScottK> mathiaz: Great.   I did check with pitti and the changes debian made to his libdb4.6 migration patch are fine.
<mruiz> hi all
<Jaac> Im i run ps auxw it shows /usr/bin/mysqld_safe using up 98.3% CPU time? Does anyone what could be wrong or how i can resulve the problem??
<Jaac> If*
<Jaac> Though if i run uptime, it'll only show  load average: 1.44, 1.30, 1.28
<faulkes-> Jaac: all depends what mysqld is doing
<faulkes-> use the mysql cli client and issue a "show processlist"
<faulkes-> err, "show processlist;" without quotes that is
<faulkes-> depending on your tables, I would also check to see if any of them need to be repaired
<soulc> ok so do I add my network to the changes I make for PostfixAmavisNew? the changes are just putting 127.0.0.1
<soulc> hey all
<soulc> so I know this is a dumb question but how do I add a user to a group?
<soulc> nevermind
<faulkes-> nijaba: oh, see my attachment for the privacy statement
<nijaba> faulkes-: I think I did and already replied to your bug.  Have you updated it?
<faulkes-> nm, I just looked at the site ;)
<faulkes-> saw your comment
<mruiz> hey mathiaz
<mok__> yrkk a process somewhere is sitting on my usual nick :-(
<vaughn> Sigh...how do I list the groups that exist in the cli?
<sommer> vaughn: cat /etc/group
<vaughn> sommer: thank you!
<sommer> heh, np
<soneil> Is there a boot opt without PAE?  (or highmem646g, whichever is causing the "please use a kernel appropriate for your CPU." boot failure)
<nealmcb>  
<nealmcb>  
<sommer> nealmcb: yo
<sommer> heh
<nealmcb> sommer: howdy
<nealmcb> ahh - hmm - wonder what I was doing there....
<anthony> Does Ubuntu Server automatically run updates, or do you need to do them manually?  (by default)
<ScottK> You have to do it manually by default.
<zul> hi sommer
<anthony> ScottK: okay, thanks
<nijaba> faulkes-: it just worked great, thanks :)
<nijaba> anthony: to apply updates automatically, install unattended-upgrade
<nijaba> faulkes-: what's your feeling on bug #195838
<ubotu> Launchpad bug 195838 in server-survey "Alphabetization of answers" [Undecided,Confirmed] https://launchpad.net/bugs/195838
<faulkes-> ah, I looked at that, I'm currently undecided on it
<faulkes-> I will add a note tonight after dinner and some time to consider it (8pm est'ish)
<nijaba> faulkes-: no hurry..  Just wanted to know.
 * faulkes- nods
<faulkes-> we have meeting tomorrow, so I'd like to get as many ducks in a row and all that
<anthony> nijaba: Will that need any configuration, or just install it and leave it?
<nijaba> faulkes-: I did look at our graph.  Pretty neat
<faulkes-> nijaba: well, that's just the first part of it, I'm currently working on the individual breakdown categories
<nijaba> antony: should be configured when you install it.  Check for a new entry /etc/cron.daily
<nijaba> faulkes-: cool
<faulkes-> first one is sort of the 10,000 ft. look at what is happening, then drill down to category, then to topic/issues, then to related posts
<faulkes-> I'm also including by date, so it can be looked at in total or by month as time goes by
<zul> whats the url for the forum again?
<faulkes-> http://ubuntuforums.org/forumdisplay.php?f=7
<zul> thanks
<faulkes-> I also bumped your eBox post again so it gets more visibility
<zul> okies
#ubuntu-server 2008-02-27
<kgoetz> anyone tried dual booting Solaris10 and Ubuntu?
<kgoetz> on Sparc, fwiw
<jjesse> not that i know... personally don't have a sparc box to play with
<kgoetz> we just got one here, and we were hoping to play with both systems. gues i'll have to try it and see
<faulkes-> I can't imagine it would be any more difficult than dual booting OSX/ubuntu on ppc
<faulkes-> which isn't terribly difficult
<faulkes-> granted, apples/oranges there on arch's
<kgoetz> 'zactly
<faulkes-> still, the ubuntu team is usually fairly good at making those things painless
<rhineheart_m>  anybody here who could recommend a reliable and fast nameserver?
<ScottK> bind9
<rhineheart_m> Scott: can you point to me a best guide on how to configure bind9 server?
<foo> rhineheart_m: Best is subjective, a simple good should get you what you want :)
<rhineheart_m> foo: thanks foo... but what are you using?
<sommer> rhineheart_m: here's the development guide for bind9: http://doc.ubuntu.com/ubuntu/server/C/dns.html
<sommer> covers setting up a caching nameserver as well as primary and secondary master servers
<rhineheart_m> sommer: I got this error right after I installed bind9
<kgoetz> Kamping_Kaiser: see sommer link above
<foo> rhineheart_m: ah, I'm using bind9 ... that's where it's at, hands down
<rhineheart_m> really? wow that's great
<rhineheart_m> Is Kamping_Kaiser here?
<foo> rhineheart_m: Yup :)
<AtomicSpark> hi there
<AtomicSpark> ...
<kgoetz> hi
<AtomicSpark> well nice of you to say so
<kgoetz> i'm going to not get offended by that
<kgoetz> as i'm going to assume good faith
<AtomicSpark> tell me, does the LAMP install of 6.06 set up any users for sql?
<kgoetz> i dont know
<kgoetz> but i dont expect it would
<AtomicSpark> so what benefits, if any, does the LAMP server option do? i thought it made it easier.
<kgoetz> it installs a lamp stack, which i would assume is a benefit. what exact benefit i dont know, as i havent used that install option
<AtomicSpark> hmm.
<AtomicSpark> they should have a command-line wizard or something. that would be unique.
<AtomicSpark> oh well. i had trouble installing just mysql, this lamp option might prove useful.
<rhineheart_m> can anybody here recommend webmin?
<AtomicSpark> yes.
<kgoetz> !tell rhineheart_m about webmin
<AtomicSpark> although i use ssh for most of my server commands, it does have its uses.
<AtomicSpark> configuring websites, mysql, etc.
<rhineheart_m> foo: yeah.. it's easier there to add databases than ssh right?
<rhineheart_m> AtomicSpark: do you use ISPConfig?
<AtomicSpark> rhineheart_m: never heard of it. is it a addon (whatever they call it) for webmin?
<rhineheart_m> AtomicSpark: nope.. It's a web interface utility for servers like webmin
<AtomicSpark> ah. webmin is a web interface though. :P
<AtomicSpark> okay. i'm lost. how do i create a user in mysql? its CREATE USER user [IDENTIFY BY [PASSWORD] 'password'] ... Explain how to use that.
<kgoetz> CREATE USER fred IDENTIFIED BY 'randomstring';
<kgoetz> also ask in #mysql for any guides to using it
<rhineheart_m> AtomicSpark: I thought you're using webmin.. it simplier there.. you try..
<AtomicSpark> i don't have it installed on this machine. just a local VM to test sql statements on.
<kgoetz> try phpmyadmin if you need a gui for mysql
<kgoetz> dont use webmin. its evil
<rhineheart_m> kgoetz: are you ubuntu developer?
<kgoetz> rhineheart_m: no
 * AtomicSpark <3 phpmyadmin
<rhineheart_m> kgoetz: okay...have you tried using webmin?
<kgoetz> rhineheart_m: a long time ago
<rhineheart_m> kgoetz: you try their latest version before you say that
<kgoetz> rhineheart_m: why? i dont have to cut my arm to know its going to hurt
<kgoetz> br
<kgoetz> b
<rhineheart_m> kgoetz: in a local machine if you like...tell me why you don't like webmin?
<rhineheart_m> kgoetz: you must have a bad experience with it in the past
<foo> rhineheart_m: hm, easier than adding databases than ssh? Hmm
<rhineheart_m> foo: yeah! I found it easier. And in fact you could view/monitor the status of your box there..
<foo> rhineheart_m: Adding databases, you mean, mysql databases?
<rhineheart_m> kgoetz: I tried the latest version of ebox and almost ruin my box
<rhineheart_m> foo: good thing I was able to reverse the process
<kgoetz> rhineheart_m: bad experiances, like hours wasted on irc helping people who had broken their configs using webmin is the main cause...
<rhineheart_m> kgoetz: I see.. they broke their configs since they don't know much about configurations I supposed..
<kgoetz> ebox i cant comment on (past i dont like the look of it)
<rhineheart_m> kgoetz: what is lacking in webmin is the support
<kgoetz> what is lacking in webmin is leaving the configs human changeable
<kgoetz> safely changing files, using debconf, actual security and probably a whole lot more
<rhineheart_m> what i love in webmin..they have file manager
<rhineheart_m> you could easily move, copy, and a lot more. that pertains to file manipulation
 * kgoetz shudders
<kgoetz> luckily for me, its the end of the work day :)
<kgoetz> catch you all tomorrow
<rhineheart_m> okay.. have a wonderful evening
<henkjan> hmm, just installed ebox on my (hardy) workstation
<RainCT_school> Hi
<RainCT_school> Do you know of any tutorial explaining how to properly setup shared hosting on an Ubuntu machine?
<henkjan> RainCT_school: http://www.debuntu.org/2006/02/22/7-virtual-hosting-using-apache-2
<RainCT_school> henkjan: thanks
<RainCT_school> uhm.. well, not much I didn't know
<henkjan> well. whats your question then?
<RainCT_school> I want to have different users on the system that have each their webspace to which they can upload with sftp
<RainCT_school> if possible without having to add a config file for each user
<RainCT_school> (ssh access might also be needed so if it explains how to limit their access to their home directory (and those of their scripts) even better)
<henkjan> sftp chroot is not easy atm
<henkjan> the scp-only package might be an option
<RainCT_school> ok, will look at it
 * RainCT_school has to go
<RainCT_school> cya, thanks for your help :)
<henkjan> the OpenSSH project recently announced support for chroots in ssh, but i don't know if thats released alreayd
<kraut> moin
<_ruben> hmm .. seems misdn support isnt avail on gutsy (and others) .. guess co-worker will have to roll a custom kernel and hope it'll work
<rhineheart_m> how to change user in ssh? example logged as root you will login as another user
<nijaba> rhineheart_m: to open a session with another user: use ssh user@serveraddress, to change user within a session, just use the su command
<Jorel> hi, I need help in raid via software
<Jorel> 	
<Jorel> Someone help me?
<kraut> just ask
<henkjan> !ask
<ubotu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<Jorel> 	
<Jorel> Sorry, then I am taking issue with raid1 on a server, it is with two hds satas of 160 gb .. In the installation are all running, the problem is that when I try to boot the server only with a hd he not start
<Jorel> sorry for my ignorance, it is the first time that seeking help for irc. And also by the spelling errors that have in my sentences, because I do not have much knowledge in english, I am brazilian.
<faulkes-> no need to apologize for your english, we have many people here who are not native english speakers
<faulkes-> like the british folks
 * faulkes- runs 
<Jorel> ok. ;)
<[miles]> :D
 * [miles] is English , living in Spain
<faulkes-> is this software raid or hardware raid?
<Jorel> software raid
<[miles]> Jorel, sÃ­ hablas EspaÃ±ol... posiblemente puedo ayudar te
<henkjan> Jorel: did you remove the first harddisk?
<Jorel> 	
<Jorel> He usually starts with the two connected hds
<henkjan> Jorel: afaik the installer only writes grub, the bootloader to the first harddisk
<Jorel> The grub is already installed in the two hds, I had to install the grub in the slave manually, but worked ..
<henkjan> okay
<Jorel> the problem is to find after the grub, he tries to lift the systems as not think the two hds for him, after three minutes he enter into busybox, I see and I see it not mount a raid.
<Jorel> i am using the Ubuntu server 7.10 gustsy
<Jorel> it used mdadm to mount the raid via software
<faulkes-> is there anything useful reported in /var/log/kern.log or /var/log/syslog
<faulkes-> if so, you might want to paste it to
<faulkes-> !pastebin
<ubotu> pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<faulkes-> you might also want to include your /boot/grub/menu.lst
<Jorel> wait one minute ...
<Jorel> i am doing the process again, the log was too big and not found the exact place of massages boot it.
<faulkes-> no problem
<mruiz> hi all
<faulkes-> just look look for messages which related to the disks and raid devices
<faulkes-> hi mruiz
<mruiz> hey faulkes-
<rhineheart_m> what's the location of ImageMagick?
<Jorel> then, the hand sem kopiral the messages he sends pro monitor when you start only with a hd, and more in low and performed the command "cat /proc/mdadm"
<Jorel> http://paste.ubuntu-nl.org/57574/
<faulkes-> one moment
<Jorel> ok
<faulkes-> mount: Cannot read /etc/fstab: No such file or directory
<faulkes-> that would be typically, a very bad(tm) thing
<faulkes-> Not sure how best to help you, I would say boot via a rescue cd and start checking the system configs
<Jorel> It is because the fstab would dento of /etc/fstab that is the md1, as he not mounted the raid ..
<faulkes->  /etc/fstab (make sure it actually exists) and there also appears to be an isue with modprobe not finding a module or an incorrect setting
<Jorel> I found another mistake here .. But this was me .. I will have to restore the image of the boot initramfs. ;)
<Jorel> noticed that when he is unable to start.. It does not generate nothing and no kern.log and not in the syslog
<Jorel> i will try to raise the system only with a hd again to see if it has another message
<Jorel> what i was seeing in some forums was that inside /etc/initramfs/scripts  or ../hook some script on mdadm.. something with respect to no-degraded and degraded .. and this facility has nothing appropriate .. does have some relationship?
<faulkes-> I can't say for sure, I'm not a raid guy in here, I'm unsure who to point you to for additional help
<faulkes-> again, any log information you can post might give me additional ideas on where to look for information
<Jorel> it was a problem in the same initramfs, a the process of starting the system with a hd only, and returned another status in /proc/mdadm, but the message remained the same over...
<Jorel> http://paste.ubuntu-nl.org/57576/
<Jorel> what i understand he feels a hd, could even mount a raid, but for some reason he did not mount
<faulkes-> morning mathiaz
<mathiaz> mornin' faulkes-
<mruiz> heya mathiaz
<mathiaz> hi mruiz
<Jorel> this is complicated server. =/
<Jorel> the problem that I stuck to the Ubuntu server because it is higher than the kernel 2.6.20 ... why do I need kernel of a superior to recognize that the chipset of the motherboard which is a ICH9
<Jorel> Other distros not recognize neither the cdrom. :)
<faulkes-> certainly
<faulkes-> for those who just joined, Jorel is having issues with a raid setup
<faulkes-> http://paste.ubuntu-nl.org/57576/
<faulkes-> it's a bit beyond me at this point, so if anyone can offer additional thoughts, by all means
<Jorel> thanks faulkes-
<LupusNoctis> anyone know if Server 7.10 will automount USB flash drives?  or the commands for safe mounting/dismounting ?
<Jorel> is the ubuntu hardy solve my problem .. had seen him speak .. but was not interested ein test it, but as made a week that tou with this server stopped .. any alternative already helps me..
<Jhoe> And nobody knows what can do to solve my problem?
<Jhoe> 	
<Jhoe> I am the Jorel which was now little here, I do not know why it did not return to my old nickname
<Jorel> someone already had a problem to boot the system in raid1 with only one disc?
<LupusNox> What remote administration utilities are recommended for use with Ubuntu Server 7.10?   something beyond the command line, as this system will have some non-CLI savvy admins.  Primarily this server is used as a RADIUS server, with DialupAdmin to handle that side of things, as well as a MySQL server
<jjesse> e-box
<jjesse> i know at least for 8.04 that is recommended
<LupusNox> it run properly in 7.10 ?
<jjesse> don't know i haven't tried
<sommer> heh... I was just wondering if anyone has ever added a smily to the comments in a script?
<sommer> I just had a strange impulse to
<LupusNox> Is there a guide, or some further information, on getting ubuntu setup as a RADIUS server?  I'm looking to use the FreeRadius product, it's lsited in the apt-get modules, but some of the items don't appear to be installing correctly, specifically the dialup-admin  helper for freeradius
<LupusNox> do eet!
<LupusNox> you know someone's going to be looking at those commends
<sommer> LupusNox: heh will do... not sure about the FreeRadius question though
<LupusNox> this is my first time in a long while trying to set up a Linux server for anything complex
<LupusNox> trying to swing back into the Linux camp, give the clients that want to avoid MS licensing an option
<Jorel> to whom I was accompanying, also not satisfied with the installation of ubuntu 8.04 hardy =(
<LupusNox> did it kill your dog?  call you a bad name?  ;)
<Jorel> LupusNox, it is with me?
<LupusNox> Were you trying the new new version 8?  or 7.04
<Jorel> yes, new version
<Jorel> hardy
<Jorel> you come to follow my problem?
<LupusNox> I don't know much about the new version releasing in April
<LupusNox> still fighting with 7.10 myself
<Jorel> ;)
<Jorel> see http://paste.ubuntu-nl.org/57576/
<Jorel> i am taking issue with raid1, at the time that simulate the failure of a disk he does not boot the system ...
<mathiaz> kirkland: https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2
<mathiaz> kirkland: http://merges.ubuntu.com/c/cyrus-sasl2/
<mathiaz> kirkland: http://packages.debian.org/changelogs/pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.22.dfsg1-18/changelog
<rezman7> hello
<LupusNox> \o
<henkjan> zul: is ipv6 supported in ebox network configuration?
<Jeeves_> Hi there!
<zul> henkjan, no idea you might to check with the ebox developers I dont acutally use it myself
<henkjan> zul: ah, today i installed ebox on my workstation, after configuring network with ebox i lost my ipv6 addres
<zul> henkjan, the one from the archive or my ppa?
<henkjan> ebox: Installed: 0.11-0ubuntu1~ppa1
<zul> henkjan: can you talk to the ebox developers on #ebox?
<Jeeves_> henkjan: Are you sure you didn't just lose it for a while
<Jeeves_> Because of networking restart and waiting for another advertisement?
<henkjan> Jeeves_: i'm not sure. How fast is ipv6 autoconf?
<Jeeves_> Depends how it's configured :)
<henkjan> en afaik the linklocal adres also disappeared
<Jeeves_> Hmm, that's strange
 * Jeeves_ is testing LTS-Upgrade ...
 * nijaba waves
 * Jeeves_ waves back, not knowing who he's waving at
<Jeeves_> Hmm
<Jeeves_> That upgrade pretty much broke stuff :)
<aehgt1> I didn't want to butt in on the meeting, but on the issue of forum questions being directed to non-official documentation, perhaps it may be possible to use faulkes' forum stats tool regex to provide 'related official documentation' type links?
<faulkes-> nealmcb suggested the very same thing
 * Jeeves_ asks a newby question... Where's the forum
<faulkes-> I am investigating it
<faulkes-> http://ubuntuforums.org/forumdisplay.php?f=7
<aehgt1> ah, cool.
<Jeeves_> What were those 'hosting issues' mentioned in the meeting?
<faulkes-> because it is an ubuntu based survey, we would like it hosted by the ubuntu.com domain
<faulkes-> rather than something external
<faulkes-> if it was merely a case of a web host, I have several with sufficient bandwidth we could use
<nijaba> faulkes-: me too... I proposed that and it is part of the discussion
<nijaba> but we'll have it fixed soon :)
 * faulkes- nods
<faulkes-> I leave it in your capable hands o'god of teaching me bzr ;)
<faulkes-> damn you for forcing me to think ;)
<faulkes-> for those not in the meeting
<faulkes-> http://ubuntu.oss-mgmt.com/ are the stats I'm working on
<Jeeves_> faulkes-: I saw them, quite nice
<faulkes-> it's not purtified yet with all that css jazz and what not, but all suggestions and comments are welcome
<faulkes-> especially on classifications, terms, display issues
<faulkes-> btw, it is running on a constant basis, so those aren't static stats, they update currently every 5 min
<aehgt1> looks fine here in opera 9.26
<Jeeves_> Q: I just used do-release-upgrade -d to upgrade from dapper to hardy (for testing). When configuring Grub, I could not ask for a diff of menu.lst. Should I file a bug for Grub, of update-manager-core ?
<faulkes-> well, one likely change will be addition of top links, so you don't have to scroll all the way through to find a particular section
<Jeeves_> Anyone?
<aehgt1> I'm not sure, perhaps try #ubuntu-devel?
<faulkes-> beyond me
 * faulkes- is still a newbie
<Jeeves_> ack
<faulkes-> well, in the sense of ubuntu process familiarity
<faulkes-> hmmm, I need food
<aehgt1> yeah, breakfast is a plan
<Jeeves_> Ehm
<Jeeves_> Right
<Jeeves_> Well, i'm going to bed!
<Jeeves_> See ya
<aehgt1> lol, cya
<rezman7> hey
<aehgt1> hey
<rezman7> whats up
<aehgt1> not much, just working.. and lurking
<aehgt1> how about yourself?
<rezman7> trying to figure out my scsi raid
<aehgt1> what's up with it?
<rezman7> well i have a compaq proliant array RA4000
<rezman7> fiber to my server
<aehgt1> mmm...
<rezman7> im trying to figure out how to et ubunto to detect it
<rezman7> im a noob
<rezman7> when it comes to ubuntu server
<aehgt1> I haven't done a whole lot of fibre with ubuntu.
<aehgt1> How far along do you get before it fails/you get stuck?
<faulkes-> what adaper?
<faulkes-> adapter
<rezman7> well, thats the part, i just got it yesterday
<rezman7> i think i need adapter drivers
<rezman7> 1 sec, ill get the adapter out
<rezman7> hmmm
<rezman7> its a
<rezman7> FRU 06p3709
<rezman7> i looked it up on google, and it says in an ethernet adapter
<rezman7> fiber
<faulkes-> any vendor name on it?
<aehgt1> it's an IBM
<aehgt1> the RA4000 is FCAL though
<rezman7> u know what
<rezman7> i have another fiber card right next to me
<rezman7> came with the array
<rezman7> by compaq
<rezman7> 005106-002
<rezman7> can u guys please explain to me like what fcal and all that means
<rezman7> best way to learn is by asking :)
<aehgt1> FCAL - Fiber Channel/Arbitrated Loop
<aehgt1> it's a fibre specific network protocol
<rezman7> ah yes
<rezman7> thanks
<rezman7> ill go test this other card out
<aehgt1> kk..
<aehgt1> rezman7: You might also want to have a look at this: http://sourceforge.net/projects/cpqfc
<faulkes-> http://tinyurl.com/289p8j is the ibm page on that adapter, or at least listing the FRU
<faulkes-> iirc I saw something about the driver being depricated and to look at linux bonding
<faulkes-> however
<aehgt1> I'm not sure about the driver, it was mentioned on a page that google found for me and looked promising
<aehgt1> I believe that the ibm adapter is ethernet over fiber whereas the compaq card is fibre-channel
 * faulkes- nods
<faulkes-> although not ubuntu specific (or supported that I know of) there is http://www.open-fcoe.org/
<faulkes-> a fibre channel over ethernet project for linux
<faulkes-> all depends on what connections he needs I guess
<aehgt1> on rezman's specific issue, here's a page of specs for his array box: http://din-tech.e717.net/product/ra4000.htm
<aehgt1> He'll need the compaq adapter by the look of it
<aehgt1> SCSI internal, FC-AL external
 * faulkes- nods
<aehgt1> I've only ever used those boxes with enterprise boxes & os's, not with ubuntu
<aehgt1> left the co before I got around to playing
<faulkes-> we used to do FC to dell boxes running linux at a previous company
<faulkes-> never got around to dealing with the DLx series stuff we had though
<faulkes-> but that was a long long time ago, in a company far far away
<aehgt1> hah, know the feeling
 * nijaba need to run, see you later
<aehgt1> nijaba: cya
<sls> Hi, I am installing ubuntu over a nework. I have setup a preseed file that only indicates to grab files from my internal server... however the installer refuses to do so... it goes out on the internet anyhow and gets the install files.. this is slow... what is wrong?!
<sls>  d-i     apt-setup/hostname      string http://10.0.0.200/
<sls> that is not wrong is it?
<kgoetz> what files?
<sls> it goes to us.ubuntu whatever anyhow...
<sls> all the setup files
<sls> the udeb and *.deb
<sls> I am booting without issue from PXE
<sls> and it correctly grabs my preseed file from my web server
<sls> Does someone have a working example of a preeseed file for internal data center use?
<sls> does anyone knnow about ubuntu and unattended deployment using preeseed files on this list?
#ubuntu-server 2008-02-28
<osmosis> i downloaded nltk_lite , and python setup.py install  fails with the error "please install the python-tk package".  Why in gods name would I install a gui toolkit package on my head less server ?
<rhineheart_m> hello. how to install mod_fastcgi?
<AtomicSpark> i have this old netserver, duel pII (unknown speed) 256 pc100 ram 2x 8gb scsi hd. any ideas of something nifty to do with it?
<kgoetz> take over the world!
<kgoetz> osmosis: because it depends on it.
<osmosis> ok
<rezman7> pwnd
<rezman7> haha, im back
<osmosis> well...i realized x11-common  isnt actually that bit.  i thought it was all of xorg
<rezman7> im pretty sure my card is friend
<rezman7> fried*
<kgoetz> osmosis: no, your safe :)
<AtomicSpark> i was thinking of just installing a LAMP server on it but i dont really trust it holding anything valuable lol. maybe a caching server of some kind. hmm.
<kgoetz> IBM netserver? that would be reliable as the earth
<AtomicSpark> kgoetz: maybe. i just don't trust these drive lasting. i mean they're used and old. ha.
<AtomicSpark> i got it for 8 dollars :D
<kgoetz> AtomicSpark: you'd be supprised. its all server grade gear, so expect it to outlast your new shiny desktop
<AtomicSpark> kgoetz: heh. but anyways, its not enough space to store files. what else could i do with it? dns/website caching usually only helps on large networks.
<AtomicSpark> I could set it up to randomly portscan ip addresses. ha.
<kgoetz> AtomicSpark: WTF do you want to store in your website?
<kgoetz> 16 gig is massive
<AtomicSpark> kgoetz: i ment it was small to store files
<AtomicSpark> like file sharing. :P
<kgoetz> i still maintain its massive :)
<AtomicSpark> yeah. a raid 5 with 6 x 80GB harddrive is massive. lol.
<AtomicSpark> wish it had all the parts. its missing almost every fan. :'(
<kgoetz> AtomicSpark: i could potentially be imprssed if i wasnt sitting next to 50TB of raid :p
<AtomicSpark> heh.
<AtomicSpark> got LVM on it?
<kgoetz> nah, a proprietary filesystem
<AtomicSpark> i see LVM being nice even if you didn't add harddrives, it would be easy to re-size partitions.
<kgoetz> as long as its on a healing raid its ok
<AtomicSpark> depending if the alt-cd for hardy works, i'll put encrypted LVM on my laptop.
<rhineheart_m> can you recommend DMZ setting to ubuntu box?
<sommer> nealmcb: ubuntu-vm-builder is used to create jeos correct?
<sommer> or anyone who may know
<rhineheart_m> sommer: can you recommend DMZ?
<sommer> uh... as in a firewall?
<sommer> are you asking for the best way to deploy a production Ubuntu server?
<rhineheart_m> internet>>modem>>firewall>>DMZ
<rhineheart_m> yeah..
<sommer> I guess it depends on what services you plan on running
<sommer> and which clients need access to them
<rhineheart_m> I will run email DNS and website services
<sommer> will it be accessed from the internet?
<rhineheart_m> yeah
<sommer> or just by internal clients?
<rhineheart_m> accessible from the internet
<sommer> in that case I'd look at dedicated firewall hardware
<sommer> cisco pix, sonicwall, etc
<puff> sommer: Or run a firewall distro of linux.
<sommer> sure that too
<sommer> but I'd recommend running that on different hardware than your server :-)
<puff> Yeah.
<puff> rhineheart_m:  As I said earlier, my comments were assuming you are running a separate firewall between your DMZ server and the public internet, and between your DMZ server and the private internet.
<rhineheart_m> I have firewall by cisco..
<faulkes-> the dmz usually sits between two firewalls fw->dmz->fw
<rhineheart_m> can Linksys do that? I have wrt54g
<AtomicSpark> lawl spam
<nxvl_work> faulkes-: or in a firewall with 3 network cards
<nxvl_work> (one for internet, other for DMZ and the 3rth for LAN)
<AtomicSpark> dmz is usually pointed to a server you want FULL ACCESS publicly. webserver etc. no secure info should be on it.
<AtomicSpark> if you need dmz to open ports, you should rather just forward the ports you want instead of opening it wide open.
<rhineheart_m> Thanks AtomicSpark for that.  But can the internet break the way firewall has been set by CISCO?
<faulkes-> Atomic: not neccesarily, take in point a java app server, where requests may all come into port 80 but it has tons of other ports it uses, like 8080
<AtomicSpark> no. infact if you have nothing forwarded on your router, your network is pretty save. nat hides all internal stuff :P
<AtomicSpark> faulkes-: those are ports set up by outgoing connections. dont have to worry about those.
<faulkes-> I think we'll have to agree to disagree on that ;)
<nxvl_work> faulkes-: it depend on the net and the services you are running
<faulkes-> nxvl: correct
<nxvl_work> there is no recipe for DMZ's, every network is different
<faulkes-> and every network is generally different, with different requirements
<faulkes-> heh
<AtomicSpark> yes!
<nxvl_work> :D
 * nxvl_work HUGS faulkes-
<rhineheart_m> In my case.. I disabled Filter Internet NAT Redirection since If it enabled.. I can not access the box in the inside...
<AtomicSpark> maybe instead of asking how to enable dmz, tell us what you are trying to set up.
<AtomicSpark> ssh from internet?
<nxvl_work> rhineheart_m: if we don't know your network, what it runs, and what you want we can't say you how to do things
<rhineheart_m> puff: I do ssh from the internet..
<nxvl_work> rhineheart_m: try to ask more specific questions
<rhineheart_m> nxvl_work: Again I said, I want to run website (80), ssh, email services...and I guess DNS too
<nxvl_work> that still says nothing to me :D
<AtomicSpark> ah. are you running this from a linux machine?
<nxvl_work> you are going to use a 3 network firewall or fw->DMZ->fw->LAN
<AtomicSpark> i know we're in an ubuntu channel but i want to make sure :P
<rhineheart_m> yes. Ubuntu Gutsy Gibson
<AtomicSpark> nxvl_work: i still dont see why needs 2 firewalls and a dmz.
<nxvl_work> which is your network topography? where is you LAN
<nxvl_work> AtomicSpark: it depens on what you want to do
<nxvl_work> AtomicSpark: let me find the graphics who expain it
<rhineheart_m> Internet>>modem (bridge mode)>>router>>LAN
<AtomicSpark> nxvl_work: i'm getting a lan degree i know what you're talking about lol. i would keep it simple for him. just have him forward the ports from his router to the server.
<nxvl_work> AtomicSpark: i also prefer that option -> http://www.grassouille.org/docs/graphics/dmz.png
<AtomicSpark> he has a wrt54g.. can't be running anything too large lol. he'll max out his connections.
<nxvl_work> AtomicSpark: http://techrepublic.com.com/i/tr/cms/contentPics/5756029-DMZ-overview-A.gif <- that one
<AtomicSpark> oh i see what you are saying. interesting.
<rhineheart_m> http://www.grassouille.org/docs/graphics/dmz.png <<< is a good one..
<AtomicSpark> the first link shows using dmz to the server instead of port forwarding. i would just use port forwarding so you know you are only letting in what you want.
<AtomicSpark> the 2nd link is more enterprise class stuff. :P
<AtomicSpark> but yeah portforwarding vs dmz. just depends if you have problems.
<nxvl_work> one time i deploy 3 firewalls for a client with 2 DMZ
<rhineheart_m> AtomicSpark: yeah I got your point here.. but by default all ports are blocked in gutsy right?
<AtomicSpark> i would start with portfowarding 80, 22, whatever you need. if that doesnt work, just dmz.
<AtomicSpark> by default there is no firewall set up.
<nxvl_work> it was inet -> fw1 -> fw2 -> fw3 -> LAN, and a DMZ attached to fw's 1 and 2
<AtomicSpark> infact i don't even think it has a firewall till hardy.
<nxvl_work> it was crazy paranoid stuff
<AtomicSpark> nxvl_work: ha. someone would just DoS him instead of try to get in. :P
<nxvl_work> rhineheart_m: i haven't see any default firewall installed on any ubuntu box
<AtomicSpark> there is no firewall in ubuntu. not till hardy and thats very simple. also disabled by default.
<rhineheart_m> really? that's the way information displayed in the ubuntu website
<AtomicSpark> link?
<AtomicSpark> "The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server"
<rhineheart_m> http://www.ubuntu.com/products/whatisubuntu/serveredition
<rhineheart_m> "A key lesson from its Debian heritage is that of security by default. The Ubuntu Server has no open ports after the installation and contains only the essential software needed to build a secure server."
<AtomicSpark> well thats because a "default install" has no LAMP installed. no apache, mysql, etc. :P
<AtomicSpark> but hmm. thats interesting. i never had to open ports. let me check.
<pwnguin> i dont quite get the point of a firewall
<nxvl_work> rhineheart_m: it has no open ports because it has no services running :D
<AtomicSpark> yeah. i'm thinking thats what it means.
<nxvl_work> :D
<pwnguin> if you have an open port, wouldn't you want it publicly accessible?
<rhineheart_m> pwnguin: just like if you restrict people from entering your house.. you need to build a gate with a lock
<nxvl_work> pwnguin: not always
<nxvl_work> pwnguin: i always run mysql server listening only localhost
<AtomicSpark> pwnguin: most firewalls are used to block the port from outside your router or select which ips can or cant see it.
<nxvl_work> AtomicSpark: but that's a separate firewall
<AtomicSpark> but if you dont portforward or dmz, most people dont need a firewall. in that case a firewall would just actively monitor traffic. see the bad things.
<pwnguin> i wouldn't mind a gui config tool to set up my ath0 as an AP though ;)
<pwnguin> speaking of crazy networking
<pwnguin> anyone have a guide for myrinet on ubuntu?
<faulkes-> Atomic: well, thats more IDS than firewall
<rhineheart_m> yeah.. I agree with that. unless it's a standalone computer.
<AtomicSpark> yeah but firewall is thrown around so much. :P
 * faulkes- throws a firewall at Atomic
<nxvl_work> pwnguin: i have do it a looooong ago i don't really remember how i did it
<rhineheart_m> this is my concept... internet>>firewall>>single PC.. can't see a point..
<nxvl_work> pwnguin: but i remember it wasn't hard
<AtomicSpark> rhineheart_m: internet >> router >> PC, profit!
<pwnguin> nxvl_work: i tried a guide on the wiki, but i got some errors that might mean the hardware / driver doesn't support it
<pwnguin> or did you mean myrinet?
<rhineheart_m> sorry.. what I meant.... internet>>>firewall>>>LAN>>>mutiple PCs
<nxvl_work> s/LAN/switch
<AtomicSpark> lan as in... a switch?
<rhineheart_m> yeah.. switch.. sorry.. it was vague
<AtomicSpark> hmm. well in your use case i dont think you need a dedicated hardware firewall.
<AtomicSpark> but i guess it's up to you.
<rhineheart_m> yeah.. but my router has firewall in it..
<AtomicSpark> most people dont buy one unless they're buying other nice eqipment too. hp switches, enterpise routers, etc.
<AtomicSpark> well. kindof. its mostly just nat protecting you.
<AtomicSpark> home "routers" have a router, switch, dhcp, dns, firewall, etc all built in.
<AtomicSpark> but each one is very limited.
<AtomicSpark> you should of gotten the wrt54gl so we could make you put linux on it :D
<pwnguin> it comes with linux on it :P
<rhineheart_m> I see.. but I can't get that version here..
<AtomicSpark> you use their firmware or third party? the newer g's you cant flash.
<rhineheart_m> wrt54gl...
<faulkes-> wait, did you just say "nice equipment" and "hp switches"?
 * faulkes- runs
<AtomicSpark> haha.  don't like procurves?
<pwnguin> the L in gl stands for linux :P
<rhineheart_m> yeah.. its version 7 so m sure I can't flash it with linux firmware
 * faulkes- loves his cisco gear
<AtomicSpark> oh boy. fan boy.
<AtomicSpark> look out.
<kgoetz> no joke.
<faulkes-> nah, I don't have a choice in that area
<kgoetz> just get a managed hub :p
<faulkes-> I just what I'm given
<AtomicSpark> ...
<AtomicSpark> did you just say hub?
<faulkes-> just use
<faulkes-> a managed one at that
<AtomicSpark> no smart person would ever buy a hub. the only reason you use a hub is to "hub out" so you can find network problems.
<kgoetz> AtomicSpark: yeah. i have a pile of them
<faulkes-> does that come with a sherpa to hookup all your bnc connectors?
<AtomicSpark> you ment managed switches.
<AtomicSpark> :P
<rhineheart_m> but what's the risk if Filter Internet NAT Redirection  is enabled?
 * faulkes- runs
<AtomicSpark> i dont even know what that means.
 * AtomicSpark checks my router.
<kgoetz> no, i meant managed hubs
<faulkes-> rhinheart: without understanding what the vendor means by "Filter Internet NAT Redirection" it's hard to say
<kgoetz> and the only bnc is the backhaul
<pwnguin> hubs have their users
<pwnguin> uses
<pwnguin> cheap broadcast!
<AtomicSpark> yeah. for hubbing out. lol.
 * faulkes- unterminates kgoetz
<AtomicSpark> wait
<AtomicSpark> i think that means nat loopback?
<AtomicSpark> you want that.
<rhineheart_m> This feature uses Port Forwarding to prevent access to local servers from your local networked computers. <<got from their documentation..
<AtomicSpark> ugh.. if its nat loopback, you want that.
<AtomicSpark> i always connect to my server using the public ip, even if i am on the inside.
<AtomicSpark> lets you know your outside connection still works lol.
<rhineheart_m> okay. so I will need that one..
<pwnguin> i just use hostnames
<pwnguin> ssh tomato
<pwnguin> etc
<AtomicSpark> i googled it.
<AtomicSpark> it said :  If you turn this off, it will allow you to access the server on your
<AtomicSpark> local network using the Outside (Internet) IP address.
<AtomicSpark> If you turn it on, it will block access to the server using the Outside
<AtomicSpark> IP, but still allow by using the Internal (LAN) IP.
<rhineheart_m> but won't it compromised the files  and printers sharing in  a windows environment?
<AtomicSpark> pwnguin: you use tomato firmware?
<pwnguin> AtomicSpark: yea
<pwnguin> AtomicSpark: it has its moments
<AtomicSpark> good man. tomato rocks hard!
<pwnguin> the pppoe stuff is shaky
<pwnguin> sometimes it loses the password
<AtomicSpark> lol. havent had that problem.
<pwnguin> lemme tell you. that's fun when nobody is still around in the apartment when it was set
<AtomicSpark> have you tried updating? there has been new versions lately.
<rhineheart_m> Yeah...  I have that too.. PPPOE... my dialer was set in the router..
<pwnguin> yea,
<pwnguin> its a bit challenging to find a time when nobody's using the net
<pwnguin> and im awak
<AtomicSpark> it only cuts the internet when you reboot. it would take like 10 secs. :P
<rhineheart_m> nope.. it won't. as long as you didn't cut the power source to the modem
<pwnguin> well
<pwnguin> 10 seconds is ages when your addicted to WoW apparently
<AtomicSpark> haha. just do it anyways. screw em.
<rhineheart_m> I just wondered why my box can't send and receive emails...from and to the internet..
<rhineheart_m> I forwarded already port 25 to the box.. (mmmm....got an idea?)
<rhineheart_m> this is the last issue that ubuntu gives me pain..
<rhineheart_m> :)
<AtomicSpark> you need 25 and 110
<rhineheart_m> 110?
<AtomicSpark> pop3
<AtomicSpark> is it using imap? then you have to use 143 lol.
<rhineheart_m> hey.. how can I check if what ports will I need to be opened?
<rhineheart_m> ows..he left.
<kgoetz> you wont need to open up any ports as a client, only as a server
<rhineheart_m> but it can't still receive nor send
<kgoetz> what do your error logs say?
<kgoetz> and what cant send/recieve?
<AtomicSpark> so any other ideas on what to do with a old hp server?
<kgoetz> how old?
<AtomicSpark> hp netserver. duel pII 256 MB ram
<faulkes-> proxy
<faulkes-> fileserver if it has enough disk
<faulkes-> I have a g4 350mhz / 512 ram acting as my squid proxy
<AtomicSpark> ~18 GB
<faulkes-> does just dandy
<faulkes-> same amount of disk for me
<AtomicSpark> what would a proxy do for me? :P
<faulkes-> I generally don't keep a large media library though
<kgoetz> speed up your connection?
<AtomicSpark> how so? i never used one before.
<faulkes-> certainly, if you got to alot of specific sites often, it can speed things up
<AtomicSpark> oh. like caches things?
<faulkes-> caching of images, etc..
<AtomicSpark> interesting
<pwnguin> man, five minutes is a long time to wait wondering if you survived a remote reboot
<AtomicSpark> i have a 10MB connection :P
<faulkes-> or, if you are like me and have a 14yr old niece who loves youtube and msn and all that, you can force her through the proxy and limit her bandwidth
 * faulkes- whistles innocently
<faulkes-> pwnguin: db9 getty to a remote terminal server ;)
 * faulkes- loves his 2511's
<pwnguin> well, my systems are free
<pwnguin> can't complain about that
<faulkes-> true that
<pwnguin> for i had just about assumed id have to speak with the cluster admin tomorrow
<faulkes-> get with the times man, it's an age of immediate gratification!
<faulkes-> BOOT NOW!
<kgoetz> and finish your fsck in 8 hours :)
<pwnguin> hmm
<pwnguin> [  195.006711] CFI: Found no "amd76xrom" @fff60000 device at location zero
<faulkes-> kgoetz: 8hrs is entirely too long, I'd have finished the bottle of scotch by then
<pwnguin> that times a billion
<kgoetz> faulkes-: :)
<faulkes-> not that my employer would care
<pwnguin> now to set up an launcher that connects to these remote screens
<faulkes-> "can you admin a box in that state?" ..."yess, sirrrz"
<pwnguin> im thinking melon cad
<pwnguin> cat
<faulkes-> hmmm, maybe I'll play with qemu and 8.04 alpha server tonight
<faulkes-> Atomic: also, if you are connecting wirelessly to your router, I've found that by using a local internal lan proxy, my transfer rates go up by about 100k
<faulkes-> that might not be an issue for other folks, but hey, I'm not complaining
<rhineheart_m> how to completely remove postfix and its configuration files?
<kgoetz> --purge remove
<rezman7> hello
<rhineheart_m> and got this: dpkg - warning: while removing postfix, directory `/var/lib/postfix' not empty so not removed.
<rezman7> has anyone ever messed with a counter strike server?
<ScottK> rhineheart_m: sudo dpkg -P postfix
<ScottK> rhineheart_m: Then manually remove stuff like that that's left behind.
<rhineheart_m> how about to completely remove dovecot?
<rhineheart_m> I just want to install and configure squirrelmail from scratch
<ScottK> Similar procedure.
<kgoetz> rhineheart_m: removing postfix to work on squirrelmail sounds like a lot of work ;)
<rhineheart_m> kgoetz: but I don't have choice.. I can't really have it to work
<kgoetz> rhineheart_m: postfix and squirrelmail (and apache) are seperate problems
<rhineheart_m> kgoetz: what should be entered in Root and postmaster mail recipient:  ?
<kgoetz> rhineheart_m: your users login, or your email address
<rhineheart_m> kgoetz: can't get you..
<kgoetz> rhineheart_m: in what way?
<rhineheart_m> like webmaster@chicken.com?
<kgoetz> yeah.
<rhineheart_m> kgoetz: okay.. I will try...this should be the last try..or else..mmm...don't know If I will configure postfix and its related apps for squirrel
<kgoetz> you *dont* need to configure postfix for squirrelmail. its nothing to do with postfix
<rhineheart_m> okay..so what I need then?
<rhineheart_m> dovecot?
<kgoetz> squirrelmail, apache and an imap server
<kgoetz> dovecot probably works ( i use courier)
<rhineheart_m> okay.. but I guess I still need it for my drupal site...right?
<kgoetz> need what for drupal?
<rhineheart_m> registration confirmation, lost password...like that
<kgoetz> you'll probably need a mailserver of some sort for that (i dont use drupal myself)(
<rhineheart_m> but postfix is a mailserver right?
<kgoetz> yes.
<AtomicSpark> hmm.
<AtomicSpark> anyone know of a free ldap service? like a simple replacement for AD/NetWare?
<AtomicSpark> just for single log ons.
<kgoetz> openldap?
<AtomicSpark> yeah. have you used it? i've heard of it. :P
<kgoetz> yes, i'm currently trying to make a squirrelmail plugin work with it
<AtomicSpark> thats cool. i have a small network at work. didnt need all the overhead of small business server so i switched to linux, but miss single logons. :(
<AtomicSpark> ill check out openldap server.
<kgoetz> took us a while, but we got an almost-single signon here.
<kgoetz> its all against the one database, so i guess its a start
<faulkes-> likewise-open + openldap now
<AtomicSpark> yeah. basically i want a single place to manage users. then the clients get that info. you know. like how AD and netware work lol.
<kgoetz> openldap does it
<faulkes-> Atmic: likewise-open + openldap would be the thing
<AtomicSpark> good deal.
<kgoetz> theres a bunch of directory servers available - fedora directory server is the other free one that springs to mind
<kgoetz> faulkes-: which means ?
<kgoetz> likewise-open?
<faulkes-> likewise-open iirc is the client side single-signon portion
<faulkes-> for linux
<AtomicSpark> ah. the problem is, i have a mix of linux and windows clients.
<faulkes-> which is what openldap is for
<faulkes-> one is for sign-on, one is for storing credentials
<faulkes-> openldap stores the credentials
<kgoetz> never heard of likewise-open before
<faulkes-> openldap == active directory
<AtomicSpark> hmm.
<AtomicSpark> is it all command line?
<faulkes-> http://doc.ubuntu.com/ubuntu/serverguide/C/likewise-open.html
<AtomicSpark> http://doc.ubuntu.com/ubuntu/serverguide/C/openldap-server.html
<AtomicSpark> woo
<kgoetz> faulkes-: so it only works with AD?
<faulkes-> eh? no, of course not
<AtomicSpark> will openldap work with fake domains? like domain.local?
<faulkes-> not that I know of
<faulkes-> Atomic: yes
<AtomicSpark> good.
<faulkes-> kgoetz: openldap is meant as a replacement of AD, well, to a certain extent
<kgoetz> faulkes-: no, its a Directory implimentation.
<kgoetz> and it *doesnt* work the same a lot of the time
<faulkes-> true
<faulkes-> but we're talking sign-on here
<faulkes-> if you can sign-on to openldap via windows, signing on to openldap via linux (using likewise) should not be an issue
<faulkes-> it may be, I havent tested it, but I am following it to a logical extent
<kgoetz> theres a libpam-ldap module (not used it directly, just libpam-radius)
<kgoetz> which you can use for auth on ldap (openldap and AD iirc), which is shipped in universe
<rhineheart_m> kgoetz: you said earlier that you use imap server (courier) for squirrel?
<kgoetz> rhineheart_m: yes
<rhineheart_m> kgoetz: okay.. how to install it?
<kgoetz> rhineheart_m: apt-get install courier-imap
<kgoetz> surely you could have worked that out o_0
<faulkes-> rhineheart: there is significant documentation avaiable at https://help.ubuntu.com/community/Servers
<AtomicSpark> is there any good tools to configure openldap? manually editing the files seems risky. :\ especially if i dont know what i am doing haha.
<rhineheart_m> thanks faulkes m into it now..
<kgoetz> AtomicSpark: install ldapvi and ldap-tools
<AtomicSpark> alright ill write that down. i might just use ubuntu on my machine. centos5 seems to not like me.
<faulkes-> I really need to start saving and buy a fully loaded dell XPS laptop
<rhineheart_m> kgoetz: I have it installed already (courier-imap). what's the next? how to configure it to work with squirrel?
<AtomicSpark> i have a compaq 6820s. i like it. cant ubergame on it but it works nice.
<faulkes-> Atomic: well, part of it would be for gaming, but the other half would be my dev machine, which needs lots of ram/hp and portability
<kgoetz> rhineheart_m: read the doco in /usr/share/doc/squirrelmail[-doc]/ and /usr/share/doc/courier-imap/ and...
<rhineheart_m> kgoetz: I can't see any documentation there for courier-imap
<rhineheart_m> kgoetz: /usr/share/doc/courier-imap
<faulkes-> rhine: ls /usr/share/doc/co <tab> and see what it lists
<kgoetz> rhineheart_m: short version( i'll leave you to find the details in the ubuntu guides): install courier/squirrelmail. configure courier to auth on ldap, configure squirrelmail to auth on courier
<kgoetz> i have a number of dirs for `ls /usr/share/doc/courier-*`
<rhineheart_m> kgoetz: are you trying to tell me that I need LDAP for this purpose?
<faulkes-> no, courier/squirrelmail can auth against local pw's iirc
<faulkes-> i.e. /etc/passwd
<faulkes-> all depends on how you set it up
<kgoetz> yes they can
<kgoetz> or mysql.
<kgoetz>  The available modules you
<kgoetz> # can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe
<kgoetz> so anything you can auth pam against you can auth squirrelmail against
 * kgoetz is authing on pam for his courier
<rhineheart_m> kgoetz: so..what should I do to configure courier to auth on ldap, configure squirrelmail to auth on courier?
<rhineheart_m> kgoetz: I can't find a documentation on how to configure the two of them
<rhineheart_m> kgoetz: and I got this error: ERROR: Connection dropped by IMAP server.
<faulkes-> "aptitude search courier"
<faulkes-> p   courier-doc                                                      - Courier Mail Server - Additional documentation
<faulkes-> if the beginning of that like doesn't start with "i"
<faulkes-> do "sudo apt-get install courier-doc"
<faulkes-> which should provide you with the /usr/share/doc/courier-* docs
<kgoetz> rhineheart_m: configured courier, restarted it then run /usr/sbin/squirrelmail-configure ?
<rhineheart_m> kgoetz: That's the problem.. I don't know how to configure courier...
<faulkes-> https://help.ubuntu.com/community/Courier
<pschulz01> kgoetz: I bet you can't get it working.
<kgoetz> pschulz01: i can get his mail working or ours...
<pschulz01> kgoetz: Don't make me hit you.. 'cause I can.
<kgoetz> *grin*
<pschulz01> kgoetz: I think we got away with it.
 * kgoetz goes back to not working ^H^H working hard
<faulkes-> aye
<faulkes-> I have a project plan that needs finishing
 * pschulz01 looks at mysql and goes *shudder*
<faulkes-> heh
<pschulz01> faulkes-: Bye
 * faulkes- points pschulz01 at mysql-cluster
 * kgoetz thinks the aircon needs fixing
<pschulz01> . it mught have been the air-conditioning.
<rhineheart_m> kgoetz: I tried the instructions there.. but I can't login
<rhineheart_m> kgoetz: I got this: * BYE [ALERT] Fatal error: Maildir: Permission denied
<kgoetz> rhineheart_m: that error looks fairly self explanitory to me :)
<rhineheart_m> kgoetz: that's the error I got..
<kgoetz> rhineheart_m: does the maildir exist?
<kgoetz> !pastebin | rhineheart_m
<ubotu> rhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<kgoetz> !private message | rhineheart_m
<ubotu> rhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.
<AtomicSpark> back on topic on openldap, how would you set up logon scripts. say i wanted all the users home folders on the server when they log in, can i do that? would it be easier to just have the mount a "home" folder?
<pschulz01> AtomicSpark: That would be done somewhere in PAM.
<pschulz01> AtomicSpark: Then is wouldn;t matter how they authenticated when they logged in.
<rhineheart_m> yes I have it there..
<kgoetz> AtomicSpark: run `apt-cache search libpam` and look at the results, theres lots of cool things you can abuse pam to do
<rhineheart_m> this one: /home/webmaster/Maildir
<pschulz01> rhineheart_m: Does it have any subdirectories in it?
<kgoetz> rhineheart_m: does the user 'webmaster' exist? how is email getting pointed to them?
<rhineheart_m> pschulz01: yes is has
<kgoetz> rhineheart_m: pastebin your /etc/aliases file
<rhineheart_m> # Added by installer for initial user
<rhineheart_m> root:   administrator
<kgoetz> rhineheart_m: the *whole* file into a *pastebin*
<rhineheart_m> that's the whole file already with cat
<pschulz01> rhineheart_m: 'webmaster' != 'administrator'
<AtomicSpark> should i install a DNS server? id just be using it for authentication.
<kgoetz> AtomicSpark: hm?
<AtomicSpark> well. it would need it to be on a domain... :P
<kgoetz> wah?
<pschulz01> AtomicSpark: You shouldn't..  as long as other machines can find your LDAP server you should be fine. ie. you can use IP addresses.
<AtomicSpark> how do you configure the clients then?
<AtomicSpark> oh hey i found info about likewise-open
<AtomicSpark> heh i could always run a SMB server in KVM.
 * AtomicSpark hides
<pschulz01> AtomicSpark: They access the LDAP server via IP address rather than host.domain
<AtomicSpark> interesting. but the windows machines wont beable to join an ip address. :P
<AtomicSpark> but a DNS server would be good. just have it forward queries. better then using the router.
<AtomicSpark> meh then i should put DHCP on the server too.
<kgoetz> AtomicSpark: your confusing different sorts of domain
<AtomicSpark> maybe so.
<AtomicSpark> so i can have windows and linux clients authenticate to the openLDAP server without a DNS server installed?
<kgoetz> linux yes, windows .... ##windows :)
<AtomicSpark> lol.
<AtomicSpark> well my plan is to make a decent replacement for this inventory software we have that we will no longer support. then after thats gone we can make almost a full switch to linux.
<AtomicSpark> tis good :D
<kgoetz> what sort of inventory? (out of intrest)
<AtomicSpark> furniture
<kgoetz> *grins*
<AtomicSpark> we use this windows ap that runs off of access 97. they want way too much for updates and we only use it for inventory. no sales or whatever.
<AtomicSpark> so a simple mysql database with a php frontend should be fine.
<kgoetz> sounds like it would be perfect
<AtomicSpark> since mysql is open, you can do neat stuff like display pictures on your website of your instock items. :D
<kgoetz> AtomicSpark: more importantly, sine its open, the cost of migrating *away* is compartively tiny
<AtomicSpark> haha yeah.
<AtomicSpark> i cant even export the data from the fake access 97 thing :|
<kgoetz> mmm.
 * kgoetz is serious about the cost of migrating away btw
<AtomicSpark> ha. i wonder if there is any opensource inventory software that is a frontend for mysql or something. :P
<AtomicSpark> ill have to research this more
<nealmcb> sommer: re: "nealmcb: ubuntu-vm-builder is used to create jeos correct?"  - well, some might get confused, given the jeos "cdimage" which is not made by ubuntu-vm-builder.  I'd say we could fix that by not distributing a jeos cdimage at all, and just distribute some vm images made by ubuntu-vm-builder, and call those jeos's for different purposes (web server, mail server, whaetever).  And I've heard support for that, but not much movement, exce
<AtomicSpark> its interesting they have that. probably to support the big vmware boom lately. they should be pushing the KVM package they like so much.
<rhineheart_m> I got this error: ERROR: Connection dropped by IMAP server.
<justinmiller87> Hello all.
<justinmiller87> I was wondering if I could get some assistance on something please.
<justinmiller87> I'm attempting to access /var/www through FileZilla on a server I just setup. I am running proftpd, and created a shortcut to /var/www using ln -s. I can see the shortcut in FileZilla, but when I try to go into it I get Failed to retrieve directory listing.
<justinmiller87> I got it figured out. I was doing my ln -s shortcut backwards.
<puff> justYeah, I hate that.
<puff> kgoetz: Yeah.  See thin
<puff> Whoops.
<puff> kgoetz: Yeah, see http://catb.org/~esr/writings/cups-horror.html
<kgoetz> ah, an ESR link. this should be worth reading ;)
<puff> And the funny thing is, ESR even makes mistakes.  "...what any non-technical user would do... Print Queue"
<puff> ANy non-technical user would say "print what?"
<kgoetz> :)
<puff> Hee... "If the designers were half-smart about UI issues (like, say, Windows programmers)"
<puff> Note the back-handed compliment;  half-smart :-)
<kgoetz> fedora core 1. thats goign back a bit
<puff> Yeah.
<puff> About four years? Five?
<puff> Btw, what he's talking about, fundamentally, is usability engineering;  the difference between spiffy popups and wizards and a UI designed for usability.
<kgoetz> five sounds right
<puff> This specific example also illustrates a principle I like to call "shallow complexity".
<puff> In other words, sometimes you're better off just letting people deal with complexity directly, and doing your best to keep that complexity shallow.  Instead, all too often people think they're "fixing" it by spreading it across a dozen popups and wizards.
<puff> G'ngiht.
 * kgoetz wonders how you configure cups without root :/
 * kgoetz says words about ubuntu
<MenZa> kgoetz: You can configure cups without root? :P
<kgoetz> MenZa: dunno, but you have to be able to configure it somehow
<MenZa> Well, there's a web-based thing for it
<kgoetz> yep. but you need a login. what that is, i have no idea
<Jeeves_> Usually, it is root, with the root password
<Jeeves_> But you don't have that under Ubuntu :)
<kgoetz> Jeeves_: yes, hence the problem :p
<Jeeves_> :P
<MenZa> :d
<sommer> kgoetz: any user in the lpadmin group can configure cups... at least that's what I've found
<Kamping_Kaiser> sommer, using their username/password in the cups auth boxes? *sigh* i just got home :|
<Kamping_Kaiser> sommer, i'll try it out though, thanks
<sommer> np
<\sh> moins
<\sh> guys, we need to do something with the mess of tomcat5.5
<\sh> it needs a jdk and not a jre...and all packages providing java-virtual-machine, which is a suggests of tomcat5.5, are JREs
<Kamping_Kaiser> \sh, hello
<\sh> hey Kamping_Kaiser
<Kamping_Kaiser> how are you going?
<\sh> Kamping_Kaiser: good :) everything is green :)
<Kamping_Kaiser> nice :)
 * Kamping_Kaiser is finding the beta survey quite grueling
<Stonekeeper> hi. Does anyone know if Gutsy/Hardy can support a 4TB partition or is that down to the FS? thanks.
<Kamping_Kaiser> its filesystem specific
<Stonekeeper> ok thanks. what filesystem would you recommend for that amount of storage?
<Stonekeeper> if i was to use say gutsy server.
<Kamping_Kaiser> i think ext3 maxes at 4T. i belive the newer filesystems will handle it, but i'm a bit suspicious of them (eg reiser, zfs and all the trendy ones)
<Stonekeeper> yes, i am too. Well, I'm getting 8x1TB and am going to mirror them so if i claim some space for swap and OS parition then I'm going to be <4T
<Stonekeeper> ok thanks Kamping_Kaiser for your time. I'm happy I can use ext3.
<Kamping_Kaiser> Stonekeeper, no problem
<Stonekeeper> Kamping_Kaiser: sorry, forgot to ask: I'll be getting 32G Ram too. Will that mean I'm forced to use 64bit?
<Kamping_Kaiser> Stonekeeper, yes
<Kamping_Kaiser> fark. i just finished the beta survey *heh*. 1 hour.
<Stonekeeper> thanks Kamping_Kaiser
<Kamping_Kaiser> np
<CrummyGummy> Hiya, Anyone using supervise?
<CrummyGummy> daemon-tools.
<_ruben> i do, but not on ubuntu (yet)
<_ruben> and probably wont
<CrummyGummy> Any ideas what could be causing this? Does java just react wierdly to signals?
<henkjan> CrummyGummy: what do you mean?
<CrummyGummy> Erm, maybe the stuff I typed didn't get through...
<CrummyGummy> daemontools starts progs with no probs but when I restart/kill my java servers it just spawns another one. I had a similar problem with start-stop-daemon. That was wierdly enough fixed by a reboot.
<CrummyGummy>  reboot/unplanned reboot/
<henkjan> the purpose of daemontools IS to start a process again if it gets killed right?
<CrummyGummy> Yes, and it does that very well. It can also stop progs which I seem to be having a problem with.
<henkjan> so, whats the problem?
<CrummyGummy> If I use svc -k or svc -t its spawns another instance without shutting down the first one.
<henkjan> " when I restart/kill my java servers it just spawns another one." seems right behaviour to me
<\sh> soren: pingeling
<henkjan> ah, okay
<CrummyGummy> Ja, 5,6,7 instances later I have a real problem.
<soren> \sh: pong
<\sh> soren: tomcat5.5, doko meant you are the right person...
<\sh> soren: tomcat5.5 suggests java-virtual-machine , but all packages providing this package are JREs...tomcat but needs a JDK...
<\sh> soren: AFAIK we don't have a virtual package name for jdks (at least I didn't find one)...and tomcat is not installable at this moment...
<\sh> soren: suggesting a free JDK (icedtea e.g.) doesn't help, because when we do this, we have to disable tomcats security manager (it works only with suns jdk)...
<\sh> soren: so, given all this, what should we do to have a clean installable tomcat5.5. package? :)
<soren> \sh: Sorry, went away for a few minutes..
<soren> \sh: Er... Fix icedtea?
<soren> To be honest, though.. I don't really care much about Java.
<rhineheart_m> hello! how to remove completely squirrelmail and its configuration?
<\sh> soren: well, we should care about installable packages :) I don't know if it's ok to Suggest: icedtea-java7-jdk | sun-java6-jdk (which means suggesting a package from multiverse)
<henkjan> rhineheart_m: apt-get remove --purge $packagename
<Kamping_Kaiser> you were told that at least twice before
<soren> \sh: I'm not sure.
<Kamping_Kaiser> faulkes-, sorry about the baby bugfiling DoS in LP ;)
<\sh> soren: I'll raise this on u-d ml...I think we need a solution for this, and we should find a consense
<henkjan> Kamping_Kaiser: indeed, first asking how to remove postfix, 2nd asking how to remove dovecot
<Kamping_Kaiser> night all
<sommer> Kamping_Kaiser: later on
<nijaba> morning
<sommer> hey nijaba
<lamont> henkjan: you know, a fresh install will also remove that package for him... :-)
<lamont> oh wait.  did I say that out loud?
<henkjan> :)
<henkjan> maybe a sudo rm -rf /
<LupusNoctis> naughty naughty!
<faulkes-> morning nijaba
<faulkes-> whole bunch of new reports in server-survey
<faulkes-> I've commited at least one fix to my branch
<rhineheart_m> hello.. can you help me configure postfix?
<dantalizing> see this window will work for a bit
<mathiaz> nijaba: https://help.launchpad.net/BugTrackerEmailInterface
<nijaba> thanks mathiaz
<baffle> What is considered "best practice" for allocating storage for virtual machines? Defining LVM logical volumes pr. partition/pr. server or defining one LVM logical volume pr. server wich contains it own set of partitions/pv/vg/lv definitions?
<baffle> And; Does KVM and/or XEN support the ability to detect a change in size of the blockdevice? I.e. if I grow a blockdevice at the host OS, can I do a scsi rescan on the guest?
<faulkes-> I couldn't answer off-hand, iirc soren is doing most of the work on KVM stuff
<baffle> faulkes-: Yes, I've noticed. His last Q&A session sure did answer a lot of questions I had regarding KVM. I guess we're moving away from XEN now.
<baffle> I just wish "someone" would write virtio drivers for Windows.
<soren> baffle: I'm not sure, to be honest. I don't think it will grow like that.
<soren> baffle: You'd need to close the vm and start it again, I think.
<soren> "think" being the key word here.
<soren> baffle: W.r.t. to best practices, it really depends on what you're doing.
<soren> baffle: for various reasons, I do a lot of throw-away vm's, so setting up an lv is a bit pointless.
<baffle> soren: I use them mostly for production services.
<soren> baffle: Using an lv will give you the best performance.
<baffle> soren: Having the ability to do a scsi rescan and detect a larger blockdevice sure would be sweet; I'm a bit suprised that noone upstream (XEN/KVM) has looked into this. :-) At least this is something we do quite often on production servers that are not virtualized.
<soren> baffle: I honestly don't know.
<baffle> soren: My question was if best practice was using *one* LV (I.e. giving the guest /dev/sda) or multiple LVs (I.e. giving the host /dev/sda1 /dev/sda2 etc).. The latter is what I do for XEN paravirtualized hosts, as it allows the host to easily do offline growing of volumes and filesystems. I think this might be the wrong approach for KVM hosts.
<baffle> soren: Is Canonical comitting any resources to do feature developement on upstream libvirt/virt-manager?
<AtomicSpark> quick question, where does apache place the default public_html folder?
<soren> AtomicSpark: your home directory
<soren> baffle: It doesn't place it. You create it.
<soren> baffle: Not per se, no.
<AtomicSpark> k thanks. i'm in class. showing off my leet linux skillz. ha.
<soren> baffle: Whether you should use one or several lv's (or partitions or whatever) is really up to you and your workflow. I don't see much of a difference.
<baffle> soren: I guess so. It really boils down to if you want to do storage management on the host or the guest.
<soren> baffle: Precisely.
<baffle> soren: The servers we will be deploying Hardy on need to be able to have controlled simultaneous access to the shared storage (SAN). I guess CLVM is the (only?) solution for this, but I seem to be unable to find any proper documentation for it? We have a few RHEL clusters, but they seem to be a bit "black box". Are you aware of any Ubuntu installations running CLVM in produciton? Is there any Ubuntu documentation on this?
<baffle> soren: (Sorry for the Q&A session, I just happend to have a bunch of questions in my head; Be sure to tell if you're too busy. :-))
<soren> baffle: I'm aware of their existence. AFAIK, we don't have any Ubuntu specific docs for it.
<baffle> soren: So even if the components are part of main, it's basically just imports from Debian I guess. At least that makes things the same. :-)
<soren> baffle: We get a *lot* of stuff from Debian.
<soren> baffle: I maintain kvm in Ubuntu myself, though.
<soren> baffle: Up until very recently clvm was maintained here, too.
<coffeedude> dendrobates: back online now.  You still need me ?
<dendrobates> coffeedude: any idea on the release date of 4.0.5?
<coffeedude> dendrobates: I can tag a official release on Monday.
<dendrobates> coffeedude: thanks
<coffeedude> dendrobates: ping me if you don't have someone by 2pm EST.
<coffeedude> dendrobates: on Monday that is.,
<jetsaredim> i accidentally fat-fingered a chmod command and 777'd / on my server - is there any way to get out of this without reinstalling?
<jetsaredim> err chmod -R 777 /
<Jeeves_> jetsaredim: Hmm
<Jeeves_> I fixed that once using the permissions found on a backup-tape
 * jetsaredim doesn't have backup tape :(
<Jeeves_> jetsaredim: Than, I guessed you're kinda screwed
<Jeeves_> Unless you have another box
<Jeeves_> Somewhat the same
<jetsaredim> not really
<jetsaredim> good thing I setup md on my spare drives to backup files to
<jetsaredim> just sucks that I'll have to re-setup django again
<jetsaredim> is there an updated alpha4 cd for ubuntu-server?
<luca__> chi ha voglia di aiutare un principiante ?
<rhineheart_m> hello! what's the best smtp server for ubuntu?
<puff> rhineheart_m: There are lots of different opinions out there about that.  Three of the more popular packages are postfix, exim and qmail.
<puff> rhineheart_m: I chose postfix, because all of the experts I call for help use postfix.
<mathiaz> !postfix | rhineheart_m
<ubotu> rhineheart_m: postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer
<Kamping_Kaiser> ubuntu defaults to postfix (you removed it remember?), debian uses exim
<Kamping_Kaiser> and aiui no sane person uses qmail anymore
<puff> Kamping_Kaiser: Oh?  What's up with that?  Last thing I heard was that the guy who wrote qmail (wietse?) was a pain to work with, so a signficiant faction of folks didn't want to deal with it.
<Kamping_Kaiser> puff, from my reading a default qmail isnt rfc complient, and is a spammers heaven. it needs 3rd party patches "and stuff" before it becomes responsible again (debian had an argument about this recently if your after a quick link)
<rhineheart_m> Kamping_Kaiser: I have this strange problem..if I change /etc/postfix/main.cf to  #mailbox_command = procmail -a "$EXTENSION"  it could receive mails from yahoo. What do you think?
<Kamping_Kaiser> rhineheart_m, i think you havent given us enough details yet
<rhineheart_m> Kamping_Kaiser: I am using postfix..Trying to configure squirrelmail to work with postfix. My box has courier-imap installed too..
<rhineheart_m> Kamping_Kaiser: my problem? Cannot send emails..but I can receive with /etc/postfix/main.cf configured to to #mailbox_command = procmail -a "$EXTENSION"
<Kamping_Kaiser> rhineheart_m, and what was it before you commented that lilne?
<rhineheart_m> Kamping_Kaiser: my networks mynetworks = 127.0.0.0/8 (I tried adding 192.168.1.0/24 after 127.0.0.0/8 but doesn't change.
<Kamping_Kaiser> rhineheart_m, did you change the #mailbox_command line in any way?
<rhineheart_m> Kamping_Kaiser: I changed it with # so that my squirrelmail could receive mails
<rhineheart_m> Kamping_Kaiser: the complete line-- #mailbox_command = procmail -a "$EXTENSION"
<Kamping_Kaiser> rhineheart_m, you want to set `home_mailbox = Maildir/`
<Kamping_Kaiser> i'm guessing
<rhineheart_m> Kamping_Kaiser: this is the line: home_mailbox = Maildir/
<rhineheart_m> Kamping_Kaiser: but still it can't send mails..
<Kamping_Kaiser> rhineheart_m, you probably havent configured it correctly. check your mail logs for errors
 * Kamping_Kaiser thinks 'deja vu'
<rhineheart_m> Kamping_Kaiser: every time I send message this will happen: Undelivered Mail Returned to Sender
<rhineheart_m> Kamping_Kaiser: let me check the logs... a minute..
<Kamping_Kaiser> rhineheart_m, pastebin the last 10 lines of your mail.error and mail.log
<Kamping_Kaiser> rhineheart_m, *pastebin*
<Kamping_Kaiser> rhineheart_m, *do* *not* *message* *me*
<rhineheart_m> I forgot the link to pastebin
<Kamping_Kaiser> then ask for it
<Kamping_Kaiser> ubotu, pastebin | rhineheart_m
<ubotu> rhineheart_m: pastebin is a service to post multiple-lines texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<rhineheart_m> http://paste.ubuntu-nl.org/57773/
<Kamping_Kaiser> and becaues you seem to have forgotten:
<Kamping_Kaiser> !private message | rhineheart_m
<ubotu> rhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.
<Kamping_Kaiser> rhineheart_m, to=<webmaster@***@info>, two @ in an email address?
<rhineheart_m> Kamping_Kaiser: sorry..typo error.. this is the right one there.. http://paste.ubuntu-nl.org/57775/
#ubuntu-server 2008-02-29
<Kamping_Kaiser> rhineheart_m, did you type that pastebin out by hand?
<rhineheart_m> nope.. I just pasted it.. I just hide the domain/machine name..
<Kamping_Kaiser> rhineheart_m, was that stuff from mail.error or mail.log?
<rhineheart_m>  cat  /var/log/mail.log
<Kamping_Kaiser> rhineheart_m, i want the last *30* lines of both mail.error and mail.log
<rhineheart_m> cat /var/log/mail.error?
<Kamping_Kaiser> tail -n 30 /var/log/mail.error
<rhineheart_m> got this: tail: cannot open `/var/log/mail.error' for reading: No such file or directory
<Kamping_Kaiser> rhineheart_m, `ls -lh /var/log/mail*`
<rhineheart_m> got this: http://paste.ubuntu-nl.org/57776/
<Kamping_Kaiser> rhineheart_m, i suppose the last 30 lines of /var/log/mail.log /var/log/mail.err /var/log/mail.warn /var/log/mail.info would be useful
<AtomicSpark> herro!
<Kamping_Kaiser> AtomicSpark, welcome back
<AtomicSpark> you can never get rid of me :P
<Kamping_Kaiser> yes i can, i can go and eat breakfast :p
<AtomicSpark> i just had a whopper. mmm.
<Kamping_Kaiser> a what? o_0
<AtomicSpark> lol. burger king.
<AtomicSpark> and now i am setting at work. listening to groovy music.
<Kamping_Kaiser> oh
<Kamping_Kaiser> heh
<AtomicSpark> wondering if i should install a server now or wait till 8.08 is released.
<Kamping_Kaiser> 8.04 ;)
<AtomicSpark> whatever.
<AtomicSpark> i almost got it right. :P
<Kamping_Kaiser> and the answer really depends on how soon you need it stable
<AtomicSpark> where do they get the version numbers?
<Kamping_Kaiser> $(year -2000).(month)
<AtomicSpark> hmm.
<AtomicSpark> i never thought of that.
<Kamping_Kaiser> should have been : $(year -2000).$(month of release)
<AtomicSpark> well month of hopeful release ;)
<AtomicSpark> i hate how m$ does their years. its always the next year... like its a freaking car.
<Kamping_Kaiser> no, month of release
<AtomicSpark> so if it was delayed till may, it would be 8.05?
<Kamping_Kaiser> yep.
<Kamping_Kaiser> which is why dapper was 6.06
<AtomicSpark> oh god i hope it's not delayed that long. waiting till april is enough.
 * Kamping_Kaiser was rather hoping this would get shifted to 8.06. lts needs more work imnsho
 * AtomicSpark hopes for desktop alt cd will work
<AtomicSpark> stupid freezing on boot scripts. i read about it and lost interest lol. only can do live cd now.
<AtomicSpark> oh well. at least server cd's work. :)
<AtomicSpark> is there a list of updates to the hardy server? i've only seen the desktop "improvements".
<AtomicSpark> of course it's probably just new versions of stuff.
<Kamping_Kaiser> afk.
<rhineheart_m> Kamping_Kaiser: is procmail needed by postfix?
<lamont> no
 * lamont gets dragged off to dinner
<ethana2> anybody here use virt-manager?
<AtomicSpark> no.
<AtomicSpark> although if it makes KVM easier, i would be happy. can't seem to figure out how to go host > guest networking.
<AtomicSpark> like cant ssh to the machine.
<ethana2> it makes it much easier
<ethana2> I had it; networking just worked
<ethana2> ..but the second time just now it didn't..
<AtomicSpark> hmm
<AtomicSpark> can you install it for 7.10?
<ethana2> don't know
<ethana2> I'm on 8.04
<AtomicSpark> nope D:
<faulkes-> ethana2: iirc soren is handling kvm / virtio / virt-manager stuff on 8.04
<faulkes-> I'm not sure what his current status on it is
<ethana2> ok..
<ethana2> my problem seems to be that virt-manager won't let me use the cd-rom even if it has permission to or something..
<ethana2> there is no cdrom group on my system
<faulkes-> however, if you have found a bug, by all means, report it to https://launchpad.net/ubuntu/hardy
<faulkes-> create the cdrom group then?
<faulkes-> just add something like "cdrom:x:<unique group number>:<your username>,haldaemon" to /etc/group
<ethana2> uh
<ethana2> I don't know anything about group numbers
<ethana2> I'm filing a bug
<soren> ethana2: Wazzup?
<faulkes-> there ya go, the man himself
<faulkes-> heya soren
<ethana2> oh hey
<ethana2> I was told about you
<ethana2> ;)
<ethana2> well
<ethana2> I'll file this bug and pass you a link
<faulkes-> I guess I lit the Soren Signal
 * faulkes- will have to remember that trick
<ethana2> ok...
<ethana2> https://bugs.launchpad.net/ubuntu/+source/virt-manager/+bug/196850
<ubotu> Launchpad bug 196850 in virt-manager "vm cannot access cd-rom unless run as root" [Undecided,New]
<soren> ethana2: Yeah, I noticed you talking about in #kvm this morning, too :)
<ethana2> yes.
<ethana2> and last night
<soren> ethana2: Well, kvm can.
<ethana2> they directed me to the CLI
<soren> ethana2: Virt-manager makes some rather crude assumptions about what you can and can't do.
<ethana2> I tried it and was exhausted and confused within minutes
<ethana2> I see
<ethana2> ...can one of those crude assumptions be fixed?
<ethana2> reading from an optical disk drive isn't that high risk..
<ethana2> but I was running a windows virtual machine as root
<ethana2> and networking didn't work that way
<soren> ethana2: Well, yes, sure it can be fixed. It's just not as high priority as a lot of the other stuff I've got on my list.
<ethana2> I see
<faulkes-> ethan2: sounds like a job for a volunteer
<soren> If you can send me a patch, though... :)
<ethana2> well...
<faulkes-> come to the dark side of the server team ;)
<ethana2> I don't really know how to code
<faulkes-> lots of ways to help other than just coding
<ethana2> I wouldn't mind learning if someone had enough patience to lead me to being productive...
<ethana2> hmm
<ethana2> like filing bugs ;)
<faulkes-> like bug reporting, testing, packaging, support
<faulkes-> all that good stuff that makes our team rock
<ethana2> yes
<ethana2> I try to participate as much as possible
<faulkes-> there is a mentoring process being setup by mathiaz
<ethana2> ooooh
<ethana2> sign me up
<ethana2> my problem is this: we need to reinstall windows because it got a virus we can't remove
<ethana2> we need to run the latest Office
<ethana2> blasted standards incompliant mi...
<faulkes-> iirc, send mail to mathiaz@ubuntu.com about mentoring
<ethana2>  /anyway/... I don't want that code touching my MBR
<ethana2> k
<ethana2> ..so I wanted to put windows in a little cage were it couldn't hurt anything
<faulkes-> or check the server team wiki at https://wiki.ubuntu.com/ServerTeam I believe it's listed there as well
<ethana2> ...but still use it for Office and such
<ethana2> contacting him now..
<faulkes-> ethan2: yeah, I know, I tried to install xp sp2 on a g4 via qemu ;)
<faulkes-> lets just say, unless you have 5 days to wait for it to install, it really isn't that useful ;)
<faulkes-> then again, a 350mhz process running seti at full blast and only giving qemu 256mb of ram probably didn't help
<ethana2> man..  I want a tablet with a SPARC T2 and an x86 chip on a card with kernel virtualization
<faulkes-> s/process/processor
<faulkes-> heya nijaba
 * faulkes- gets the feeling nijaba is either gonna be happy, or is gonna kill him
 * faulkes- whistles innocently
<nijaba> hello...
<nijaba> faulkes-: what's going on?
<faulkes-> eh? nothing
<faulkes-> just commenting on outstanding bugs for survey
<faulkes-> I just figured being new with bzr and lime I might have blown something up ;)
<faulkes-> but I don't think I have
<nijaba> does not look like you did...
<faulkes-> what's your feeling on
<faulkes-> !bug #196559
<ubotu> Launchpad bug 196559 in server-survey "target of questions is hard to follow." [Undecided,New] https://launchpad.net/bugs/196559
<ethana2> so in the mean time, since filing that bug..
<ethana2> am I advised to learn how to work this via CLI?
<ethana2> I may give it a try, if someone can explain the process in a way that doesn't confuse the heck out of me
<soren> ethana2: You can add the cdrom to the libvirt xml afer creating the rest of the stuff via the gui.
<faulkes-> the server is shipped CLI, so getting comfortable with it is always good
<ethana2> ok...
<ethana2> where is this xml file?
<soren> What you want to do is do a "virsh -c qemu:///whateveryouusedtouse dumpxml nameofyourvm"
<soren> edit the output.
<soren> save it to foo.xml
<soren> And then do:
<ethana2> so...
<ethana2> virsh -c qemu:///whateveryouusedtouse dumpxml windows | foo.xml
<soren>  "virsh -c qemu:///whateveryouusedtouse define foo.xml"
<ethana2> ?
<soren> No, > instead of |.
<ethana2> oh
<ethana2> ok
<ethana2> now, I can't have any residual confusion
<ethana2> so to avoid being overwhelmed again, I need to really understand all of that
<ethana2> so
<ethana2> what is virsh, exactly?
<ethana2> and what I used to use for /what/?
<faulkes-> ethan: https://help.ubuntu.com/7.10/advanced-topics/C/index.html is a good place to start learning about the server environment
<faulkes-> re: CLI and other stuff
<ethana2> well....
<ethana2> I'm on a laptop
<ethana2> never touched a server in my life
<ethana2> opening link...
<faulkes-> CLI principles still apply to desktop environments
<ethana2> I can use the cli generally
<ethana2> I use it to install stuff...
<ethana2> I've gotten ubuntu gutsy working on a machine with two gpu's with vim in xorg.conf
<ethana2> ...but I have no familiarity whatsoever with virtualization
 * faulkes- nods
<faulkes-> it's all about the reading and the talking, which you seem to be doing, we'll help as best we can
<ethana2> (I don't know if you're aware of a certain xorg bug that makes that last accomplishment look really impressive....)
<nijaba> faulkes-: regarding bug 196559, I think that it is a bit to convoluted and I don't see any simple way to solve that.  what do you think?
<ubotu> Launchpad bug 196559 in server-survey "target of questions is hard to follow." [Undecided,New] https://launchpad.net/bugs/196559
<ethana2> I don't see virtualization on that page you sent me...
<faulkes-> nijaba: I think some re-ordering may make sense but overall, I think it's convoluted
<ethana2> also, this is ubuntu hardy..
<faulkes-> ethan: it wouldn't be, however, that was server stuff, one sec
<ethana2> k
<nijaba> faulkes-: for the reodering, ok, but explaining what will be the impact of an answers over the rest of the survey?  I really don't see how, plus I believe it is not that important, IMHO
<faulkes-> ethan: http://doc.ubuntu.com/ubuntu/serverguide/C/jeos.html thats ubuntu specific and jeos specific but it does deal with virtualization
<ethana2> k
<faulkes-> nijaba: agreed
<faulkes-> I'll make a note on it
<faulkes-> and give some thought about ordering
<ethana2> so it's recommended that I use vmware instead of virt-manager and such?
<ethana2> Does it take advantage of the hardware acceleration present in C2D chips?
<ethana2> I think it's called something like 'intel vt'
<faulkes-> 8.04 is going to use kvm
<faulkes-> the docs are still being written
<sommer> hey all
<faulkes-> 7.04 docs on KVM are at https://help.ubuntu.com/community/KVM - I wouldn't suggest using them, but reading them will get you familiar with stuff, plus links at the bottom
<faulkes-> speak of the documentation devil himself
<ethana2> ok
<ethana2> so kvm is a method of acceleration
<ethana2> that is used by xen and qemu
<ethana2> ok, well I have all that installed and enabled in my bios already...
<ethana2> I was running a vm that worked just fine..
<ethana2> blasted permissions..
<ethana2> two vm's actually
<faulkes-> yes, damnable permissions
<sommer> ethana2: what's your issue with virtuals?
<ethana2> well, when I go to crea..
<ethana2> uh
<ethana2> https://bugs.launchpad.net/ubuntu/+source/virt-manager/+bug/196850
<ubotu> Launchpad bug 196850 in virt-manager "vm cannot access cd-rom unless run as root" [Undecided,New]
<sommer> ethana2: ah... okay, I also read the back log
<ethana2> yes
<sommer> permissions woot!
<ethana2> policykit integration would be marvelous ;)
<sommer> ethana2: ya, I'd imagine a future version will have it
<sommer> are you running this on server edition?
<ethana2> no
<ethana2> I'm using this to run Office on a laptop
<ethana2> without letting xp slaughter my MBR
<ethana2> the hardware supports kvm, and it came with 1 GB of RAM
<ethana2> what else am I going to do with that?
<ethana2> eliminate rebooting all the time
<sommer> heh... compile stuff
<sommer> watch movies while compiling stuff :-)
<ethana2> oh
<ethana2> blend
<ethana2> ;)
<ethana2> well I don't, really
<ethana2> ..but that of course isn't the point
<sommer> so you didn't have a cdrom group?  or am I understanding that wrong?
<ethana2> I did not have said group, no
<sommer> strange... new install?
<ethana2> kinda
<ethana2> I still do not have that group, now
<ethana2> of course, I do have a group for libvirtd and kvm
<sommer> Mmmmm... I have the cdrom group on a new hardy server install and a gutsy desktop
<sommer> have you tried creating it?
<ethana2> I did try yes
<ethana2> I'll try again
<ethana2> add group
<ethana2> group name: cdrom
<ethana2> ..so far so good?
<ethana2> group ID: 1001
<ethana2> group members set to include myself
<ethana2> clicked ok, and the window went away
<ethana2> do I need to log out and back in, or should it have done it already?
<ethana2> can I just open that thing up again and see that group?
<ethana2> ...it's not there
<ethana2> does this mean I have to log out?  ..or is this group thing segfaulting on trying to create the group?
<ethana2> I'll run it from the terminal
<sommer> ya, try logging out
<ethana2> oh, ok
<ethana2> brb
<ethana2> k.. checking for group..
<ethana2> not there.
<ethana2> running from terminal..
<sommer> try grep cdrom /etc/group from a terminal
<ethana2> users-admin
<ethana2> oh, ok
<ethana2> cdrom:x:24:ethan
<sommer> party!
<ethana2> I did set it that way recently trying to figure this out
<ethana2> what?
<sommer> it's there
<ethana2> uh
<ethana2> ohh
<ethana2> weird
<ethana2> so users-admin is buggy?
<ethana2> running from terminal
<ethana2> users-admin
<ethana2> Segmentation fault
<ethana2> Oh.
<ethana2> suspected as much
<ethana2> no wonder
<ethana2> I'm going to see if a bug has been filed on that yet
<sommer> cool
<ethana2> oh no
<ethana2> users-admin doesn't even have a launchpad project
 * ethana2 explodes
<ethana2> I don't want this virtual machine to see the same fate as my dual seat desktop
<ethana2> ran into so many bugs, so much frustration and confusion
<ethana2> that an essential function just never got done
<ethana2> ...then found userful, which doesn't work on Hardy yet...
<ethana2> I think I have to go now
<ethana2> yup
<ethana2> well, thanks for your time...
<sommer> sure, have a good one
<ethana2> yup....
<ethana2> I'll try
<faulkes-> well, that was fun
 * nijaba vanishes.... good night
<faulkes-> night nijaba
<jetsaredim> how do I re-activate a raid setup?
<jetsaredim> I reinstalled, but forgot to backup my raidtab
<AnRkey> why is webmin not supported on ubuntu?
<AnRkey> it works just fine for me
<Kamping_Kaiser> 'works for me' is not a big picture view...
<AnRkey> Kamping_Kaiser, help me understand then
<AnRkey> :D
<AnRkey> works for me is probably not the best statement
<Kamping_Kaiser> AnRkey, its guilty of reguarly breaking system configuration, and is *amazingly* buggy and insecure
<AnRkey> you see i run it on and have run it on many installs of ubuntu
<faulkes-> iirc, webmin has in the past had isues with security, stability and support
<AnRkey> Kamping_Kaiser, but then are we not supposed to help them with bug reports?
<faulkes-> eBox is the current preferred solution for ubuntu
<Kamping_Kaiser> AnRkey, pardon?
<Kamping_Kaiser> faulkes-, hello
<AnRkey> faulkes-, I like ebox but it does not do enough for me
<faulkes-> if it's not supported, there would be no reason to submit bug reports
<faulkes-> eBox is growing daily
<faulkes-> zul just put up a whole whack of ppa's on LP
<AnRkey> Kamping_Kaiser, i just don't understand why every1 stopped supporting it when (imho) we should help make it better
<AnRkey> is it really that bad?
<faulkes-> I'm not arguing that webmin may have all the functionality you need
<AnRkey> and what are the examples of this
<Kamping_Kaiser> AnRkey, go and help make it better, just dont expect us to fix your system when it doesnt work :)
<faulkes-> well, I don't that's an appropriate answer, however
<AnRkey> Kamping_Kaiser, Thats not cool bud. I am asking not telling
<faulkes-> it is simply a decision made by ubuntu
<Kamping_Kaiser> AnRkey, sure, and i'm telling you what i think.
<faulkes-> if you feel strongly that webmin should be supported, you can bring it before the council
<Kamping_Kaiser> it should however have been s/us/me
<AnRkey> is there a wiki page about this that is hidden somewhere?
<faulkes-> about eBox?
<AnRkey> faulkes-, how do i do that? is there a mailing list that non council members can email?
<faulkes-> the wiki lists the various councils
<AnRkey> faulkes-, no webmin
<AnRkey> faulkes-, thanks
<faulkes-> and yes, they have mailing lists and they meet on irc
<AnRkey> i don't want to bother the council, I am just reading up for now
<faulkes-> more power too you
<AnRkey> are the meetings open to non members of the council?
<faulkes-> to a point yes
<faulkes-> if a meeting becomes out of order, they will take it private
<faulkes-> iirc
<faulkes-> but otherwise, they are open
<AnRkey> cool
<AnRkey> thanks faulkes-
<AnRkey> gonna do some more reading first and then take it further
 * Kamping_Kaiser would have thought muting everyone else would be more apropriate
<faulkes-> if you do plan to petition them for it though, I suggest you bring a very strong case
<AnRkey> i have looked around but there is no complete list of problems that ubuntu has with it
<AnRkey> or is there?
<AnRkey> faulkes-, thats what my plan is
<faulkes-> I can't fully answer the question
<AnRkey> I don't want to waste their time
<faulkes-> it was a decision that was made prior to my joining and may in fact have been something related to debian
<faulkes-> as we work closely with them
<AnRkey> Kamping_Kaiser, this is open source, should we not always be open to fixing things if they are broken?
<Kamping_Kaiser> i expect it was removed by debian (or you'll find discussion about it on debian-devel)
<AnRkey> yeah i read about the debian part in their lists
<Kamping_Kaiser> AnRkey, no we shouldnt.
<faulkes-> AnRkey: it's all about support and development, commitment to maintain, etc.. as well as the actual application itself
<AnRkey> faulkes-, thanks for your help
<faulkes-> fixing oss is fine, but if you have to support it in a 5 year plan, thats a different story
<faulkes-> np, glad to help
<AnRkey> I am trying to find an alternative and ebox is cool but just does not do all the cool things that webmin does
<faulkes-> what do you need it to do?
<faulkes-> you can always submit feature requests or see the latest development
<faulkes-> https://launchpad.net/~zulcss/+archive
<faulkes-> that is zul's latest work with ebox modules
<AnRkey> brb, client here
<AnRkey> is ebox going to be ready for 8.04?
<AnRkey> i have not checked it's progress
<AnRkey> also, ebox tends to take over a bit
<AnRkey> in London my old network's firewalls use ubuntu with webmin
<AnRkey> the proxy and firewall is all done from there as well as vpn
<AnRkey> and webmin rocked for thi
<AnRkey> this
<AnRkey> ebox worked well in tests but the biggest problem was that it wiped configs done manually
<AnRkey> we had a parent proxy for example that required one line of config to work
<AnRkey> ebox kept wiping that line for some reason
<AnRkey> faulkes-, it looks like ebox is my solution despite it's small problems that I have with it
<AnRkey> thanks for the chat
<Bidou> hi! i've a problem with mysql-server install. When i installed it, it didn't ask me for set up my password, why ?? and  the socket '/var/run/mysqld/mysqld.sock' doesn't exists!
<AnRkey> Bidou
<AnRkey> have you already got databases in it?
<AnRkey> guess not
<Bidou> how can i get it ?
<AnRkey> remove mysql-server with apt-get remove mysql-server --purge
<AnRkey> that will wipe it's configs too
<AnRkey> then reinstall, it should then ask for a root password
<AnRkey> mine did
<Bidou> ok, i did what you said and there are the same problem. I did exaclty what you said
<Bidou> DÃ©paquetage de mysql-server (Ã  partir de .../mysql-server_5.0.45-1ubuntu3.1_all.deb) ... * Stopping MySQL database server mysqld [ OK ] /// ParamÃ©trage de mysql-server (5.0.45-1ubuntu3.1) ...
<Bidou> it's what i can get in my shell
<Bidou> when i installed it
<Bidou> an idea ?
<Bidou> AnRkey: ?
<AnRkey> then you can set a root password
<Bidou> how ?
<AnRkey> http://keystoneit.wordpress.com/2006/10/28/resetting-mysql-root-password-in-ubuntu-dapper/
<AnRkey> google is your friend
<Bidou> thanks, i'll see
<AnRkey> i googled reset root password mysql ubuntu
<AnRkey> np
<AnRkey> Bidou, by default mysql's password for root is not set
<Bidou> AnRkey: hum sorry, for the first command i've a problem :/ "Any file or directory" > kill `cat /var/run/mysqld/mysqld.pid` cat: /var/run/mysqld/mysqld.pid: any file or directory
<AnRkey> sorry about that
<Bidou> but i cant change it ?
<Bidou> i think it's an other problem
<AnRkey> is it a fresh install?
<Bidou> of mysql-serv or gutsy ?
<Bidou> yep it's a fresh install for mysql-server
<AnRkey> mysql
<AnRkey> sudo /etc/init.d/mysql stop
<Bidou> what i have to do now ?
<AnRkey> sudo mysqld --skip-grant-tables &
<AnRkey> that starts mysql so that you can login as root without a password
<AnRkey> then run
<AnRkey> mysql -u root
<AnRkey> then you should be logged in to the mysql-server with root
<AnRkey> then run
<AnRkey> UPDATE mysql.user SET Password=PASSWORD ('newpassword') WHERE User = 'root';
<Bidou> i can see that in my shell: Version: '5.0.45-Debian_1ubuntu3.1-log'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  Debian etch distribution /// But anythings  else happen now
<AnRkey> replace newpassword with your new password
<AnRkey> push enter
<Bidou> i think that's ok
<AnRkey> I have just tested that on one of my test boxs
<Bidou> ok
<AnRkey> then type exit to exit the mysql client
<AnRkey> and run
<AnRkey> sudo /etc/init.d/mysql restart
<AnRkey> you should be good to go
<Bidou> ok i'm trying
<Bidou> Oh thanks a lot !! it's works !!!
<AnRkey> cool, glad I could help
<Bidou> anybody else find the problem
<AnRkey> i don't know
<AnRkey> it's not really a problem\
<Bidou> anybody else find the solution, if you prefer :)
<AnRkey> what you mean?
<Kamping_Kaiser> i thought those Translation-en_AU issues had been fixed in apt :/ it's been 3 releases
<Bidou> i mean you're the first who find the solution of my myster
<Bidou> if you don't understand me it's because i'm french and my vocabulary is very short
<Jeeves_> Morning
<AnRkey> Bidou, your english is cool
<Bidou> thanks 8-)
<AnRkey> Bidou, I think it's just setup that way and it's up to the end user to configure a password
<AnRkey> Bidou, it's not a bug if that's what you mean
<AnRkey> hi Jeeves_
<Jeeves_> What's new today?
<Bidou> no not a bug but a difference like others people: i ask many people for help, and all said "I don't understand, at me mysql-server doesn't proced like this"
<faulkes-> hmmm, 2:21am est, I should probably go to bed
<faulkes-> Bidou: there is also #ubuntu-fr when language is an issue
<AnRkey> Bidou, maybe they did not understand you
<faulkes-> however, your english seems ok
<AnRkey> Bidou, i have set up many servers like that for my clients so I do password resets often
<Bidou> #ubuntu-fr sleep all the time -_-
<faulkes-> my french however, mon dieu
<Jeeves_> :)
<Bidou> faulkes-:  lol tu connaÃ®t le franÃ§ais toi ?
<AnRkey> Bidou, this is where you should teach me
<AnRkey> :P
<Bidou> :p ok if you want lol
<AnRkey> naa
<AnRkey> i am already learning xhosa
<Bidou> some word: Bonjour = Hello / Bienvenue = Welcome / Merci = Thanks / Merci beaucoup = Thanks a lot
<AnRkey> our employee's laugh at me allot
<Bidou> J'adore tellllement Ubuntu = I love so muuuuch Ubuntu
<AnRkey> well i know 3 of the 4 :D
<faulkes-> Bidou: je pense qeue sais presque vignt ans ou j'parle francais chaque jour
<AnRkey> ok i better get back to work
<Bidou> AnRkey: ok ok, thanks again for your help
<faulkes-> je suis trais rouille, oui?
<Bidou> faulkes-: lool a little bed
<faulkes-> hmm, I thought that was rusty
<AnRkey> Bidou, no probs, remember to pay it forward
<Bidou> that good ! but there some mistakes
<faulkes-> mais, pas de probleme mon ami, bon nuit
<Bidou> lol bonne nuit, in france, time is: 08:28 am
<Bidou> so good morning for me
<faulkes-> ou'est vous dans france?
<Bidou> A Paris !
<faulkes-> you'll have to excuse my spelling, it's been 20 years ;)
<faulkes-> Ah, Paris! je t'aime
<Bidou> it's ok, i can understand
<Bidou> lol, every morning i can see the effeil tower because my high school is just under
<faulkes-> jais travaille dans arondismant pour quelque mois dan l'anne 1999
<faulkes-> arondismant neuf
<Bidou> ohh ok, what did you do?
<faulkes-> technologie
<Bidou> ok ok, and do you know trocadero ?
<faulkes-> eh bois beaucoup de vin ;)
<Bidou> lol sorry ?
<faulkes-> drank lots of wine
<Bidou> oh me ? no, i don't like it but it's maybe cause my age
<faulkes-> non, c'est moi qui bois beaucoup ;)
<Bidou> ah ok ! >> any mistake in your sentence !
<faulkes-> et travaille tojours
<Bidou> french wine ?
<faulkes-> mais oui
<Bidou> ^^ sure you drink french wine im stupid
<Bidou> so i asked you if you know "trocadero" ?
<faulkes-> non
<Bidou> oh it's maybe the most beautiful place of Paris !
<Bidou> very near the effeil tower
<faulkes-> il'a une, je ne sais pas in francais, "bar" ou "pub" avec le non anglais "the frog"
<Bidou> hum that mean something to me
<Bidou> but im not sure if I know
<faulkes-> le grenouille, beaucoup de l'ais ex-pats et las apres le jour travaille
<faulkes-> je suis canadienne
<Bidou> "de l'ais" ? "ex-pats" ? i don't understand these two words
<faulkes-> anglo-canadienne
<faulkes-> s/l'ais/les
<Bidou> oh ok it's why you speak french well !
<faulkes-> ex-pat est les ex patriots de les autre countrie
<Bidou> ah ok, i didnt know this expression
<Bidou> which places did you visit in paris ?
<faulkes-> the museums, churches, cafes, the eiffel tower
<faulkes-> jais une photo de moi avec la mona lisa
<Bidou> ^^ you see many things i never seen !
<Bidou> maybe i'll live in america next years
<faulkes-> c'est une nouveau ville pour moi, je pense que sie to visite canada tu sons visite beaucoup de les place ou j'ais nais pas
<Bidou> maybe in connecticut, or near new york, or i dont know yet
<Bidou> ^^
<faulkes-> c'est difficile, le couture c'est trais, hmmm,
<faulkes-> entranger
<Bidou> couturee = culture ?
<faulkes-> oui
<Bidou> ok ^^
<faulkes-> heh, ok, enough trying to remember a language I havent spoken in 20 years ;)
<Bidou> some people say, american are not very cultivate, is it true :p ?
<faulkes-> thank you though, it brought back some wonderful memories of paris
<Bidou> it's ok if i can understand ^^
<faulkes-> I wouldn't say that, I have many good friends in america
<faulkes-> it is the adjustment to many things, like food
<Bidou> or maybe i was thinking about geographic
<faulkes-> and like many countries, they have perceptions of other countries which aren't true
<Bidou> sure!
<faulkes-> it is just an adjustment from what you are used to being around, to new surroundings
<faulkes-> for some people, it is easy, for others, very difficult
<Bidou> i think people must be interressted if they want to be cultivate
<faulkes-> cultivate = cultured?
<Bidou> yeah xD
<faulkes-> cultivate in english is usually referred to growing plants
<Bidou> lol xD
<Bidou> ok i've to keep learning english
<Bidou> the best solution is to go in us and learn by listening
<faulkes-> thats entirely more difficult in new york or connecticut
<Bidou> last time i was in us was last summer and after 2 month i spoke english well
<Bidou> why ?
<faulkes-> 'cause in new yawk, it's like dey speak a different language, use knows?
<Bidou> i didn't know yet
<faulkes-> very accented english
<Bidou> some people in new york cant understand other people in new york ?
<faulkes-> like dialects, consider that quebec french is very very different from parisien
<faulkes-> they do, but only because they live there everyday
<Bidou> quebec is very different but a french can easy understand quebec
<faulkes-> however, travelling, exploring and learning are all good
<Bidou> it's better to leave in wich parts of us ?
<Bidou> lol are you searching on google ?
<faulkes-> leave or live?
<Bidou> oh sorry: live
<faulkes-> boulder, colorado is nice, so is san francisco
<faulkes-> new york is nice as well, especially if you enjoy dancing/night clubs etc
<Bidou> i went to las vegas but never to sans fransisco
<faulkes-> I remember my time exploring paris, I got off at les alles, was with an american woman I was seeing at the time
<Bidou> new york and for theater too :p (broadway, i saw grease, en the chorus line)
<faulkes-> we walked around, enjoyed a cafe and then down to the seinne, walked along it and came to the louvre
<faulkes-> she asked "I wonder what the big old building is"
 * faulkes- had to laugh a little bit
<Bidou> lol yeah, le louvre is so beautiful
<Bidou> and so old
<faulkes-> although I have to say, navigating the paris subway system is a nightmare if you've only been in the city two days and you've been drinking for 6 hours
<faulkes-> the damn things just keep going in circles until you reach the turnstiles
<faulkes-> but I loved my time there, I want to go back again
<Bidou> lol, maybe yes, but with a guid that isn't good ?
<faulkes-> walk along st. germaine
<Bidou> if you come back to paris, visit "trocadero" and "champs Ã©lisÃ©e" and "l'arc de triomphe", there are good places to visit
<faulkes-> yes, we did champs elisee and the triomphe
<faulkes-> walked from les alles station to the eiffel tower
<Bidou> ok but trocadero is maybe the most beautiful ^^
<faulkes-> taking side streets, stopping at cafes
<faulkes-> looking in little shops
<Bidou> oh that's the best !
<Bidou> even for me
<faulkes-> in new cities I like to take long walks around the neighborhoods rather than subways and taxis
<faulkes-> gives you a much better feel and enjoyment, for me at least
<faulkes-> discovering new places
<faulkes-> ok, now it's time for bed, I've been reminiscing for too long
<faulkes-> enjoy your day Bidou
<Bidou> i think i have to rediscover paris, when you speak to me of paris like that i remember i forgot how it's so beautiful paris ^^ tanks to you
<Bidou> good night !
<Bidou> and sweet dreams of paris ;)
<AnRkey> faulkes-, what virtualization would you use on ubuntu server
<AnRkey> damn, he's gone
<faulkes-> heh, just as I head off
<henkjan> AnRkey: kvm is the ubuntu way
<henkjan> i'm using Xen
<faulkes-> kvm is the ubuntu way currently, most of my experience is with Xen and Qemu though
 * faulkes- & bed now
<ethana2> clear
<ethana2> oops, sorry about that..  lol
<AnRkey> and an easy one for gutsy
<AnRkey> kvm integration in 8.04 just makes me supper excited
<AnRkey> super
<AnRkey> it's on my production box
<AnRkey> i was about to use vmware
<AnRkey> to me anything that needs a serial to activate it is not open enough
<AnRkey> but i do like vmware
<AnRkey> Oh by the way
<AnRkey> I get to remove a SCO server soon
<AnRkey> as in wipe the thing
<AnRkey> UBUNTU!
<AnRkey> :D
 * AnRkey feels good about this
<ethana2> that's awesome
<Jeeves_> Why doesn't 'do-release-upgrade' in Feisty/amd64 work?
<Jeeves_> It tries to download stuff from us.archive
<Jeeves_> And that really isn't configured anywhere
<Nafallo> Jeeves_: is not?
<Nafallo> Jeeves_: grepped for it? :-)
<Jeeves_> Nafallo: Yes, I'm sure of it :)
<Kamping_Kaiser> Jeeves_, can you describe your problem/s better ? i'm not sure what they are :/
<sergevn> Heeft iemand ervaring met een redundante dhcp server?
<Kamping_Kaiser> say what? o_0
<nijaba> hello
<nijaba> faulkes-: around?
<Kamping_Kaiser> sergevn, can you use english? i take your question is something about redundant dhcpd's?
<henkjan> Kamping_Kaiser: sergevn was indeed asking if someone had experience with an redundant dhcpd setup
<Kamping_Kaiser> no, not real servers.
<henkjan> semi redundant with two dhcp servers with both theire own scope works nice
<Kamping_Kaiser> if you set two servers with the same ranges and make sure only one is authoritive you should be mostly ok
<sergevn> Kamping_Kaiser: sorry, mistaking i was talking in ubuntu-nl :)
<sergevn> Kamping_Kaiser: yes I need to setup an redundant dhcpd server(s)
<Kamping_Kaiser> sergevn, ah, np *hehe*
<sergevn> Kamping_Kaiser: If one goes down, the other has to take over
<Kamping_Kaiser> sergevn, try what i suggested above. it should work ok, depending on your routers
<faulkes-> nijaba: I am now
<sergevn> Kamping_Kaiser: yes, but it does not automaticly take over
<Kamping_Kaiser> sergevn, it should become authoritive when the first server goes away
<Kamping_Kaiser> the problem you'll have is a lack of shared asignments files (but i havent done proper redundatn dhcp )
<sommer> morning all
<faulkes-> morning sommer
<sergevn> Kamping_Kaiser: ok thx
<J_P> hi all
<J_P> people, what package I need instal to have file /etc/hosts.deny and hosts.allow ?
<faulkes-> iirc tcpd is what you want
<Kamping_Kaiser> J_P, its tcpd
<faulkes-> sudo install apt-get tcpd
<Kamping_Kaiser> /var/lib/dpkg/info/tcpd.postinst:      cat >> /etc/hosts.deny <<EOF
<faulkes-> err
<faulkes-> sudo apt-get install tcpd
<faulkes-> even
 * faulkes- not fully awake yet
 * Kamping_Kaiser injects cafine into faulkes- 's eyeballs
<faulkes-> I'm on my 3rd cup of coffee, what I really need is a decent martini or a good scotch
<J_P> Kamping_Kaiser: thanks
<Kamping_Kaiser> faulkes-, heh
<Kamping_Kaiser> np
<faulkes-> morning nijaba
<Kamping_Kaiser> nijaba, helo
<J_P> Kamping_Kaiser: and faulkes- thanks :-)
<Kamping_Kaiser> :)
 * faulkes- pokes nijaba
<zul> faulkes-, he is away from his computer
 * faulkes- nods
 * faulkes- goes back to perl stuff
<jetsaredim> anyone have a recommendation for a web svn frontend? I know there is websvn and viewvc, but are there any others out there?
<henkjan> jetsaredim: trac combines bugtracking + wiki + websvn
<jetsaredim> henkjan: not sure I need all that
<jetsaredim> this is just for my own personal uses
<sommer> mathiaz, soren: had a chance to look over the virt section?
<mathiaz> sommer: not yet - I hope to get there by today.
<sommer> mathiaz: cool, I just wanted to make sure it's on the right track
<sommer> I think that section is the hardest I've worked on yet :-)
<Jorel> hi, any parameter for igorar some folders in rsync?
<Jorel> any parameter to ignore some folders in rsync?*
<rjune> I just read an article about landscape. I was curious if  the beta was available at all, or if it's unavailable until release
<gcleric> rjune: there is but it's by approval only.
<rjune> ah.
<gcleric> rjune: also beta are limite to two systems only.
<rjune> I was wanting to find out how it compared to ZENworks. but if I have to wait, I have to wait.
<gcleric> it's pretty sweet...
<rjune> ZENWorks is very slick. it would be difficult to be better then it
<gcleric> but only avaialbe when it is released to purchased support.
<rjune> 'k
<faulkes-> or people who carefully craft marketing emails to blog about it ;)
 * faulkes- whistles innocently
<rjune> heh
<gcleric> http://www.canonical.com/projects/landscape
<rjune> nice. looks like a good run at zen
<henkjan> landscape works nice
<henkjan> i applied few months ago for the public beta
<henkjan> my employer is just worried about the fact that canonical has access to too many resources from the systems you manage with landscape
<henkjan> installed packages, users etc
<henkjan> that might be a privacy issue
<rjune> landscape is not installed locally?
<rjune> I figured you set it up on a local server, ala ZEN.
<henkjan> landscape client is
<henkjan> but it connect to central landscape server at canonical
<rjune> :-/
<rjune> yeah, that's a bit of an issue
<henkjan> i asked for local landscape server, but canonical has no plans selling the server product
<rjune> I had submitted for the beta, if they contact me. I'll excuse myself because of that
<nijaba> rjune: you should certainly write a note to us stating this right now.  I think it is a problem that we would like to address ASAP
<rjune> What email address should I send it to?
 * faulkes- prods nijaba
<nijaba> nick.barcet@canonical.com will do, I'll forward
<rjune> or more appropriately, which department do you think it should go to?
 * nijaba prods back at faulkes-
<faulkes-> you were looking for me earlier today?
<nijaba> yep, did you read my msg?
 * faulkes- didn't think he did
<faulkes-> refresh my memory
<nijaba> merging your branch looks like you took the wrong version of the survey to make your changes as they are reverting all of my previous fixes.  What survey did you use?
<nijaba>  in the inactive survey, the one marked TEST is the old one.  You'll recognize it because it has 4 section.  The newest version is the other one.
<faulkes-> ah, yes, actually, I didn't see your message about that but I came to the same conclusion
<faulkes-> v0.2 wasn't listed for me when I did the original export
<zul> ScottK: ping
 * faulkes- will fix it up
<nijaba> faulkes-: sorry about that :(
<faulkes-> eh, it happens
<faulkes-> no biggie
<faulkes-> your current branch should be up to date with v0.2?
<faulkes-> s/branch/trunk
<nijaba> yep it is
<faulkes-> ok, I'll pull from there and go about it
<faulkes-> all god
<faulkes-> s/god/good
<nijaba> thanks
<nijaba> well, god can help, maybe?  not sure... ;)
<faulkes-> I'll ask him next time we go drinking
<nijaba> right...
<faulkes-> he gets a bit uppity though after the tequila's start flowing around
<rjune> faulkes-: when you go drinking with god, who buys?
<faulkes-> he has a fully stocked bar ;)
<faulkes-> he is god after all
<rjune> so you freeload his booze, eh?
<rjune> I would too
<nijaba> rjune: mail received, thanks
<rjune> no problem.
<rjune> I hope it works out well
<faulkes-> rjune: I got 3 rules about drinking, all booze is good booze, free booze is the best booze and get me another drink before I call you sally and treat you like my prison lover ;)
<soulc> is there a package that I could install that bans an ip if multiple login attempts fail say set to 3 unsuccessful attempts from <ip> no matter what login then it gets banned?
<soulc> I believe the proper term for that is "prison bitch"
<henkjan> soulc: fail2ban
<soulc> do you know the deps?
<henkjan> depends on iptables i think :)
<faulkes-> soulc: fail2ban or denyhosts
<soulc> damnit I don't know what to do with iptables....|-(
<faulkes-> denyhosts works with tcpd
<faulkes-> no iptables
<faulkes-> and fail2ban iirc will do all the iptables work for you
<henkjan> indeed, no need to type iptables yourself
<soulc> I am using tcpd
<faulkes-> nijaba: I've updated to v0.2, I'll go through and re-update as required
<nijaba> faulkes-: thanks so much
<faulkes-> np, it's a small issue, things like this happen
<faulkes-> nijaba: for countries, do you just want the primary regions listed on the url you supplied?
<faulkes-> listing everything would be, a bit much
<faulkes-> I can do either but one is alot more work
<nijaba> I think we shouldjust add the url for reference.  What do you think?
<faulkes-> allow people to enter it themselves then?
<faulkes-> could be a bit hard on tabulation, given case matching and such
<nijaba> no, I think we should stick on listing the UN regions
<nijaba> and place the URL in the decription of the question so that people can refer to it
<nijaba> if they do not know where they live
<faulkes-> ah, ok
<faulkes-> heh, not knowing where you live ;)
<nijaba> well, that seems odd, doesn't it?
<faulkes-> I will take care of it
 * nijaba hugs faulkes-
<soulc> what is the post url plz?
<soulc> er paste?
<sommer> soulc: this what you're looking for: http://paste.ubuntu-nl.org/
<soulc> thanks
<soulc> libclamav.so.2 how do I find what package this is supplied by?
<\sh> apt-file search libclamav.so.2
<\sh> soulc: but most likely it belongs to libclamav* package
<soulc> thanks
<LiENUS> is there a fix for fail2ban on 6.06?
<zul> whats wrong with it?
<LiENUS> it has a leap year bug
<LiENUS> ie its not running at all it dies immediately after starting
<LiENUS> i guess that would be a no
<faulkes-> perhaps you should report a bug then
<LiENUS> https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/196854
<LiENUS> looks like a bug report to me
<ubotu> Launchpad bug 196854 in fail2ban "fail2ban doesn't handle leap years" [Undecided,Confirmed]
<LiENUS> looks like the official position is 6.06 is unsupported
<zul> LiENUS, please open a bug in launchpad
 * LiENUS looks again
<LiENUS> https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/196854
<LiENUS> a bug is open
<ubotu> Launchpad bug 196854 in fail2ban "fail2ban doesn't handle leap years" [Undecided,Confirmed]
<LiENUS> why should i open another bug when one already exists?
<LiENUS> the official position seems to be that 6.06 is unsupported and the fix is to upgrade to a newer version
<LiENUS> hence i came to ask if that was true or not
<zul> LiENUS, its supported but its in universe so the fix has to be fixed in hardy first and backported ill look into it. For now you might wan to get the source from upstream
<zul> I meant to say 6.06 is supported but fail2ban is in universe which is not supported
<LiENUS>  http://breakherthewang.com/fail2fix  is a patch based upon the patch from the fail2ban guys
<zul> thanks...ill try to get the fix in for hardy now
<incorrect_> hello, i am trying to figure out why i get this message when trying to up eth0:1 SIOCSIFFLAGS: Cannot assign requested address
<sommer> incorrect_: what's the exact command you're using?
<incorrect_> ifup bond0:1 :)
<incorrect_> i have an ip, a netmask and a gw
<incorrect_> i tried without a gw
<sommer> you might try sudo ifup bond0:1
<incorrect_> i am root
<incorrect_> sudo -i
<incorrect_> im lazy
<sommer> ah... are there any errors in /var/log/syslog ?
<incorrect_> nope
<incorrect_> do i need a module to ip alias?
<incorrect_> i wonder if that error is coming from ipv6 module?
<incorrect_> i just want to understand the error
<incorrect_> the interface comes up
<sommer> it's probably because of the leap day ;-)
<sommer> incorrect_: is there another dhclient process trying to get an ip?
<sommer> incorrect_: you might also read through this thread: http://forums.theplanet.com/lofiversion/index.php/t13650.html
<sommer> is bond0 the correct interface?
<incorrect_> yes i bonded the two gigabites together
<sommer> gotcha... I wonder if that's why you're getting the error
<sommer> haven't used bonded interfaces myself
<incorrect_> i've done it before
<incorrect_> not had this error
<pike_> !enter | incorrect_ :)
<ubotu> incorrect_ :): Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<incorrect_> wibble
<pike_> its undoubtably something silly and obvious but im not sure
<incorrect_> i think its something to do with ip6
<incorrect_> its not like i can't use the interface
<incorrect_> arg, sorry can't help hitting enter
<pike_> heh
<sommer> zule
<sommer> doh
#ubuntu-server 2008-03-01
<kirkland_> keescook: you're missing out  :)
<keescook> kirkland_: hehe.  more video game music?
<kirkland_> irish band in the front half pplaying traditional music, cheesy cover band in the back playing 'rosana--meechu all da way....'
<keescook> hehe.  typing with a stylus?
<kirkland_> I wish.  qwersive and rosana al da way.
<kirkland_> back to beer.  bye.
<faulkes-> evening nijaba
<nijaba> evening faulkes-
<kgoetz> hi both
<nijaba> hey kgoetz
<kgoetz> hello
<efren30> i need help please i just installed ubunut everything working perfect except one thing i installed a visual effect and was working fine the windows would wobble wen i grabbed them etc.. i kept meesing around with it to get the 3-d cube and now the visual effect says none and when i try putting extra it says desktop effects could not be endab le please help and thanks.
<efren30> i need help please i just installed ubunut everything working perfect except one thing i installed a visual effect and was working fine the windows would wobble wen i grabbed them etc.. i kept meesing around with it to get the 3-d cube and now the visual effect says none and when i try putting extra it says desktop effects could not be endab le please help and thanks.
<faulkes-> nijaba: saw my messages from earlier?
<kgoetz> efren30: thats a question for #ubuntu or #ubuntu-desktop
<faulkes-> efren: the unbuntu server does not ship with X installed
<kgoetz> definately not an #ubuntu-server question
 * faulkes- nods at kgoetz
 * faulkes- wouldn't want his servers wobbling
<efren30> wich cahnnel is related?
<efren30> please that would help alot and thanks
<nijaba> faulkes-: not sure...  oh btw, I just realized that, for some reazon, my nickserv password was not accepted anymore and all the msgs I have sent you today did not get through...
<kgoetz> efren30: the ones i pointed you to. #ubuntu or #ubuntu-desktop
<faulkes-> doh
<efren30> thanks jus noticed
<faulkes-> nijaba: ah, the server-survey in your trunk didn't appear to be v0.2 when I pulled from it
<faulkes-> I exported .csv directly from lime and did changes there and then pushed it to my branch
<nijaba> faulkes: revision 9 was and 10 is now merged with your changes
 * faulkes- nods
<faulkes-> ok
<faulkes-> wasn't a big deal to re-input the changes anyways, think it only took a half hour but it was useful all the same as I got more familiar with limesurvey
<faulkes-> then I took a very very long nap ;)
<nijaba> faulkes-: thanks for all the work
<faulkes-> now I'm trying to get v0.2 of the server forum stats stuff ready for next week
<faulkes-> which is going rather well
<soren> sommer: No, I haven't looked at the virtualisation section yet. Sorry. Could you send me the link again, please?
<faulkes-> I'd love to have a look at that as well
<faulkes-> if at all posible
<nijaba> soren: sommer sent an email with the section attached
<nijaba> soren: the email was sent yesterday at 10:42 EST
<soren> Awesome. To whom?
<nijaba> shawarma@u.c
<nijaba> soren: guess you may not have received it, want me to forward?
<nijaba> well.  done it anyway (and to faulkes- as well)
 * nijaba about to go to bed.  good night *
<kgoetz> later mate
<faulkes-> well, that makes me feel better, just removes about 50 lines of code and replaced it with 10
<rhineheart_m> hello! Can postfix and sendmail mail server can at the same time without any problems?
<ScottK> No
<ScottK> They both listen on port 25 and so they cannot be installed together.
<rhineheart_m> Thanks ScottK.. apt-get remove --purge sendmail (will remove the configuration and the sendmail itself right?)
<ScottK> rhineheart_m: It will, but the packages are also set to conflict.
<ScottK> rhineheart_m: apt-get install postfix will also cause sendmail to be removed if it's installed (the config won't be purged, but postfix isn't affected by that).
<rhineheart_m> ScottK: I have webmin...my postfix is now functioning well (except sometimes it has delays in php mail() function)...when I checked in sendmail Mail server section..it's still there... I just don't know why..but its status is stop. what's the best way to handle this? can I execute "apt-get remove --purge sendmail " without harming the configuration of my postfix?
<ScottK> Not really as you've already uninstalled Sendmail.  You'd have to reinstall it to purge it.
<ScottK> Be warned that the way webmin manages config files is fundamentally incompatible with the way Debian/Ubuntu manage config files.
<ScottK> Eventually webmin will make you cry.
<rhineheart_m> ScottK: M aware with it..but I guess webmin still serving its purpose to me.. its just a matter of carefulness in terms of handling config files..
<ScottK> OK
<ScottK> I would either reinstall sendmail and then purge it and then reisntall postfix or just ignore it.
<rhineheart_m> ScottK: I will just ignore it.. thanks Scott
<rhineheart_m> How to prevent other users to log to ssh? only the root..or a specified user..
<kgoetz> man 5 sshd_config
<rhineheart_m> Thanks Karl
<rhineheart_m> >	won't it create issue if dovecot and postfix are both running in a mailserver?
<Nafallo> no
<Nafallo> why?
<rhineheart_m> just asking.. courier-IMAP+postfix+dovecot
<Nafallo> hmm
<Nafallo> you know dovecot is an IMAP client as well, right?
<rhineheart_m> yeah...so I have them all running in my server..
<rhineheart_m> Is it a right decision.. or you want me to run only postix_dovecot
<Nafallo> ehrm. it's not my server.
<rhineheart_m> so...what's your recommendation? postfix+dovecot?
<Nafallo> no. I don't recommend something special.
<Nafallo> I run postfix+dovecot+postgresql, but that has nothing to do with it.
<rhineheart_m> okay.. I am trying to figure out actually why php mail() function is delayed..
<rhineheart_m> what's the best client for php mail() function?
 * faulkes- grumbles at DBI
<MDK332211> Do I just sudo apt-get install vncserver to install a VNC server?
<soulc> I get this error in my log files .....
<soulc> http://paste.ubuntu-nl.org/57965/
<Nafallo> file a bug or something then? :-)
<soulc> any idea where I cna get help with fail2ban?
<soulc> when I start fail2ban I get this http://paste.ubuntu-nl.org/57966/
<soulc> nevermind pasting error
<soulc> doh!
<soulc> but I still have an error in the anti-virus/spam software
<rhineheart_m> IS antivirus needed for ubuntu server?
<Nafallo> depends
<rhineheart_m> what do you mean with depends?
<Nafallo> you don't need it for the sake of the server.
<rhineheart_m> okay..so I won't need it right?
<Nafallo> no idea.
<Nafallo> only you can answer that question since you are the one that knows your network environment.
<rhineheart_m> can you suggest enabling UPNP in a router?
<faulkes-> rhineheart: that is router specific and not really related to ubuntu
<faulkes-> check your vendor's manual
<faulkes-> hmm, guess I missed him
<soulc> I am using it to scan server side and trap spam as well
<soulc> I want to use my domain email and the amount of crap I was getting prevented that
<soulc> so does anyone know where I can get some help with clamav?
<soulc> I have to figure out where the socket file is and set the config file to to it
<sommer> hey all
<sommer> faulkes-: did you get a the virt section?  I sent it to just a few not to exclude anyone, but just for a quick yay or nay on if it's on the right track
<sommer> I'd be more than happy to send it to you
<faulkes-> sommer: actually, nijaba ninja'd it over to me ;)
<faulkes-> I gave it a bit of a read last night, it looked ok, but I'll go more in depth later today and take some notes
<faulkes-> lots on my plate though right now
<faulkes-> between course exams next week, coding and that actual making a living being paid at something thing I do ;)
<sommer> faulkes-: cool, I appreciate it
<faulkes-> np
<faulkes-> I've been on a roll though, released fixes for a bunch of the survey stuff, updated my forum stats code to use a database to store patterns
<sommer> party!
<sommer> I've always liked data in base form
<faulkes-> I figured if other teams/groups were going to use it, it would be best to have a common well understood medium like sql used for certain parts
<faulkes-> like, storing, retrieving data ;)
<faulkes-> but that's just me and the voices in my head talking to me ;)
<sommer> heh, I'm with ya... don't hear the voices though
<faulkes-> yes well, mostly they say "get another glass of scotch" and truth be told, it's kind of hard to argue that
<rjune> that's sound logic
<rjune> soulc: /etc/init.d/clamav-daemon should create it
<luckyone> does anyone in here know how to connect to a remote instance of mysql through ssh?
<Nafallo> login to the box and run mysql as usual
<kriel> Anyone know how to get a framebuffer to work on ubuntu-server?
<faulkes-> luckyone: ssh tunnel, see the ssh manpage regarding local and remote port forwarding
<faulkes-> I'm getting slow in my old age
<sommer> anyone else testing eBox?
<dantalizing> sommer: started to, but requires postgres... a bug, imo
<sommer> dantalizing: hehhehehe
<sommer> ya, I thought that was a little strange myself
<sommer> I'm finding the all round experience to be quite buggy... and was wondering what others were experiencing
<dantalizing> iirc, i also couldnt find a way to get rid of the bind dependency, but cant say i spent a lot of time on trying
<sommer> I don't think the new package installed bind, but I installed the DNS module :-)
<sommer> I have libvirt-bin installed which creates a vnet0 interface for vms and the eBox network modules borked
<dantalizing> ah that was another thing
<sommer> had the default gateway through the vnet0 interface even though the gateway in the web interface was configured through the actual nic
<dantalizing> nm...i have to reinstall and remember exactly what happened....but it didnt install properly under openvz either
<dantalizing> some piece was looking for eth0
<sommer> heh... I'm thinking for hardy it really shouldn't be hyped up very much
<jetole> hey guys, does anyone know if it is possible to have syslog-ng write data to two files simultaneously?
<sommer> jetole: sure is
<jetole> do you know how because I have googled it so far and havn't had much luck
<sommer> uh... not off the top of my head
<jetole> hmmm
<jetole> I will keep looking
<sommer> I think if you configure a filter for say email messages then setup destinations using the same filter it should work
<jetole> but you know for sure it works? I have just installed psad which wants all firewall data writen to a fifo and is no longer in /var/log/syslog
<dantalizing> sommer: i tried to install all the plugins, so i cant say which pieces worked and which didnt ... there may have been some of it that was fine ... but the kitchen sink install wasnt good for me
<sommer> I think if you configure a source in syslog-ng using the same fifo you can then configure a filter to use the source and a destination that uses a filter
<sommer> dantalizing: ya... my approach has been to test individual packages, then move on the the whole enchilada
<sommer> but dns depends on networking, objects, etc
<dantalizing> just tried to install ebox-all and got this:
<dantalizing> Setting up ebox-objects (0.9.3-0ubuntu4) ...
<dantalizing> objects is not a valid module name
<dantalizing> invoke-rc.d: initscript ebox, action "objects" failed.
<dantalizing> Setting up vlan (1.9-2build1) ...
<dantalizing> Setting up libnet-arp-perl (1.0-1) ...
<dantalizing> Setting up ebox-network (0.9.3-0ubuntu3) ...
<dantalizing> Can't call method "setIfaceStatic" on an undefined value at /usr/share/ebox-network/ebox-netcfg-import line 87, <FD> line 22.
<sommer> mmmMM... are you using zul's ppa?
<dantalizing> thought so
<dantalizing> ah..no
<sommer> the ebox package is at ppa2 and the others are ppa1
<sommer> ^^ versions
<dantalizing> i know i set it up..musta been on a different box
<sommer> ah... I sent zul a few of the errors I recieved when working with some of the modules, but I didn't want to flood his inbox :-)
<sommer> I think I'm going to try and work through some of the code and what not
<dantalizing> zul's stuff was hardy, no?
<dantalizing> havent set up a hardy system under openvz yet
<sommer> dantalizing: yep, hardy packages
<alstone> how is it going y'all?
<dantalizing> alstone i'm so bored i'm installing ebox
 * dantalizing should go outside
<dantalizing> wow the hardy packages installed with no fuss
<alstone> what is ebox?
<sommer> ebox!
<sommer> @ebox
 * sommer forgets how to use ubotu
<sommer> alstone: it's a web configuration framework for servers
<sommer> http://ebox-platform.com/
<alstone> thanks
<rjune> ebox doesn't seem to be so great though
<alstone> really
<rjune> GOsa looks to be better based on what I've seen
<alstone> I guess if I had a business server production environment Ithat would need to change as employees/business needs change then a configuration tool would be needed but once I get my server configured I won't have to change it...   |-)
<rjune> fair enough
<rjune> just based on what I've seen, gosa looks better then ebox.
<rjune> mostly it's just one more thing to look at
<alstone> true
<alstone> so now that I got you
<alstone> I installed anti-virus and anti-spam on my server
<alstone> I get an error message for clamav
<alstone> can't open file which is the socket file
<rjune> ok
<alstone> any clues on how to figure out how to have the file created or set it not to use it
<rjune> LocalSocket /var/run/clamav/clamd.ctl
<alstone> right
<rjune> I think mkfifo is what you want
<alstone> ok
<rjune> but I think the initscript should create it
<alstone> have sub on phone
<rjune> more fun to have sub in front of yo
<rjune> you
<alstone> yeah
<alstone> I work at time warner cable in the notheast
<alstone> sub=customer
<alstone> so the init script isn't creating it
<alstone> I keep getting the error in the log file that logwatch mails me
<rjune> ok, I think it's a fifo, but I don't remember
<alstone> any idea where I can go to read up on this?
<AtomicSpark> I am about to redo one of my servers with Ubuntu, it has 2 GB of ram. Is there any reason I would want the 64 bit version?
<ScottK> alstone: Did you get the clamav socket problem figured out?
<alstone> nope not yet....|-(
<ScottK> alstone: How are you integrating clamav?  Are you using amavisd-new with Postfix?
<zul> hey ScottK
<alstone> yeah I am
<alstone> not to knowledgable just followed instructions on ubuntu doc site
<ScottK> alstone: It's been a while since I set amavisd-new up, but IIRC you have to add the amavisd-new user (amavis I think) to the clamav group so it can read the socket.
<alstone> I am pretty sure I did that the problem is that the socket isn't there
<ScottK> OK
<ScottK> alstone: What's the output (pastebin please) of ps -AF|grep clam
<alstone> kk
<alstone> may I have the paste-bin url plz?
<ScottK> !pastebin
<ubotu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<alstone> http://paste.ubuntu-nl.org/58007/
<ScottK> Looking
<ScottK> alstone: Are you on Gutsy?
<alstone> yes
<ScottK> alstone: What happens if you try sudo /etc/init.d/clamav-daemon start
<alstone> nothing
<alstone> no errors or anything
<faulkes-> and the logs?
<alstone> ok
<Moe|Joe> hey
<Moe|Joe> i got a dedicated server running ubuntu server 7.10
<Moe|Joe> and im running a counter strike source server on it
<david> hmm.. I thought I was in here already
<alstone> I can't find the error about the socket everthing else is just reporting results
<Moe|Joe> just i want to know how i can set this as a service so if the box ever goes down, css starts up again
<ScottK> alstone: Clamav logs are in /var/log/clamav.  Did you find anything?
<Moe|Joe> anyone?
<ScottK> Moe|Joe: When you start it manually, how do you do it?
<Moe|Joe> i type this
<Moe|Joe> "./srcds_run -game cstrike -autoupdate +maxplayers 20 +map de_aztec > /dev/null 2>&1 &"
<alstone> well they stop Unix socket file /var/run/clamav/clamd.ctl
<ScottK> alstone: Please pastebin the log
<alstone> this is all the reference to that socket file
<alstone> ok
<Moe|Joe> ScottK: any ideas?
<ScottK> Moe|Joe: Write that into a one line init script and install it in /etc/rc*.d
<alstone> http://paste.ubuntu-nl.org/58019/
<carnegie> hey @ all, I've a configuration problem with my php version. for example if I'm on localhost and click on a php file, firefox asks me to download it but doesn't show it directly
<Moe|Joe> ScottK: how do i go about tht? ive never needed to tht before
<carnegie> Flannel from #ubuntu told me to ask here
<alstone> this is where I got the instructions
<alstone> https://help.ubuntu.com/community/PostfixAmavisNew
<ScottK> Moe|Joe: Here's the background.
<ScottK> alstone: I missed that you'd pasted the logs.  Lookging now.
<Moe|Joe> wheres the background?
<ScottK> Moe|Joe: http://www.debian.org/doc/debian-policy/ch-opersys.html#s-sysvinit is the link I meant to give you ...
<ScottK> Sorry
<Moe|Joe> cheers
<ScottK> alstone: From the logs it looks like something is stopping it.
<alstone> unforunatly the error is in the syslog email which I can't get to
<Moe|Joe> blah its to late for me to be lookin at this
<Moe|Joe> lol
<Moe|Joe> nothing is clicking
<ScottK> alstone: How about in /var/log/syslog?
<carnegie> good night @ all
<Moe|Joe> ScottK: u able to make me a script i can install?
<ScottK> Moe|Joe: I'm able, but don't have time currently.  I'm busy with $WORK today.
<Moe|Joe> ah ok
<david> damn this takes time :P
<david> migrating/mirroring between hdds over network
<david> 1TB
<david> including reorganising and manual versionchecks :B
<CharlieSu> What is the best way to see what program is eating up IO on a linux system?
<CharlieSu> I'm doing a vmstat and seeing my 'wa' variable really high
<alstone> http://paste.ubuntu-nl.org/58033/
<alstone> ScottK that is the error that is sent in logwatch
#ubuntu-server 2008-03-02
<ScottK> alstone: Those are amavisd-new complaining clamd isn't running.  So far there is no evidence about why it stops.
<ScottK> It doesn't appear to crash.  Something, I think, is telling it to stop.
<alstone> hmmmmm
<alstone> but it is running
<alstone> but that socket file isn't being created
<ScottK> alstone: Why do you think it's running.  The ps -AF|grep clam we did earlier didn't show a process for it.
<ScottK> alstone: The clamav logs show it running and then being stopped.
<ScottK> (which is when the pid and socket files go away).
<alstone> but it is there in ps
<alstone> oh your right is it freshclamav that is running
<alstone> er freshclam
<ScottK> Yes.  No clamd
<ScottK> What you want is something like:
<ScottK> clamav   12374     1  0 25781 84204   0 Feb13 ?        00:20:43 /usr/sbin/clamd
<alstone> right
<mohamed_> hi , i installed ubuntu server on old pc and adjust it well but when i reboot i get error message " kernel panic - not syncing : vfs : unable to mount root fs on unknown-block(0,0) " anyone can help me fix this ?
<faulkes-> use recovery mode if possible or use a rescue cd to repair
<mohamed_> yes, faulkes- , but how to repair it ?
<faulkes-> check to see where it is supposed to boot from, check the partition table, check grub
<faulkes-> repair the superblock if needed
<alapidas> Has anyone had any issues installing ubuntu server (jeos) gusty in vmware?
<faulkes-> if you are having specific issues, it is better to detail them rather than ask a general question
<soulc> how do I tell what this connect is doing?
<soulc> http://paste.ubuntu-nl.org/58065/
<soulc> be back later to check in
<ScottK> lamont: I've about got a backport for Postfix 2.5.1 all queued up.  I read yesterday on postfix-users about some poor soul having trouble compiling it from source on Feisty and so I decided to take pity...
<firecrotch> Quick question: by default, does Ubuntu Server start MySQL with the --log-bin option on?
<Nafallo> I can't tell for sure, but I think it's off.
<Nafallo> can't remember :-P
<firecrotch> Would the logs be in /var/log/mysql?
<Nafallo> check the conf
<firecrotch> Nafallo:  Thanks
<Nafallo> oh btw. it has to be compiled with it.
<Nafallo> cause you can enable it in the conf.
<Nafallo> just not on by default.
 * Nafallo is a bit tired after partying all night :-)
<firecrotch> Yeah. I saw that
<Nafallo> just got home :-)
<AtomicSpark> is anyone here from the actual server team?
<Nafallo> it's kind of an open team, so sure. not Canonical employee though.
<Nafallo> those lurk as well though.
<Nafallo> did you have a question?
<AtomicSpark> ah. had a suggestion for the install. :P
<lamont> ScottK: I thought we decided not to bother with backporting 2.5
<AtomicSpark> I just installed 6.06 and if there was an option during setup to use dhcp or static, that would of saved an hour or two lol.
<lamont> I can certainly do the uploads if that is what we want to do
<AtomicSpark> oh well. i learned things. :)
<Nafallo> AtomicSpark: ehrm. I've certainly get to choose in the server install.
<AtomicSpark> Nafallo: you did? using 6.06 cd? It never asked me :-\. Oh well. I learned how to write a interface file.
<Nafallo> maybe you actually had a dhcpd enabled on your network then :-P
<Nafallo> in that case you need to press cancel when it tries to reach the one.
<AtomicSpark> Yeah still had the router pushing out ips.
<Nafallo> that's why then :-)
<AtomicSpark> Won't happen next time since the server is doing it now. :)
<Nafallo> ehrm
<Nafallo> that means it will, don't it?
<AtomicSpark> no, not if i'm re-installing it. ha.
<Nafallo> ah
<AtomicSpark> i'm not a man who fancies upgrades. i always do fresh installs.
<Nafallo> I feel sorry for you then.
 * Nafallo has a server that started as 4.10
<AtomicSpark> how's that running?
<Nafallo> very very very well.
<Nafallo> I'm ircing from it :-P
<AtomicSpark> Wonderful. Not wonderful. Using servers as clients. Tisk tisk.
<Nafallo> changed hardware about 6-7 times as well :-)
<Nafallo> ehrm
<Nafallo> screen + irssi should be one a datacenter server to be honest.
<Nafallo> s/one/on/
<AtomicSpark> Well ubuntu doesn't un-activate if you change the hardware too much. ;)
<Nafallo> I know.
<Nafallo> and Windows didn't either last time I used it.
<Nafallo> which was around 2001 I think.
<AtomicSpark> Things change.
<Nafallo> yes.
<Nafallo> that does not mean I have to care about changes in operating systems I prefer not to use.
<AtomicSpark> Are you an Apple fan? Linux people tend to like Apple.
<Nafallo> no
<AtomicSpark> hmm.
<AtomicSpark> so anyways, i just set up my server tonight. all went well. haven't installed much, just LAMP and dhcp.
<Nafallo> k
<AtomicSpark> next comes openldap and dns. probably will break something there.
<AtomicSpark> do i need dns server to get clients to authenticate to the openldap server or is that just a windows thing?
<Nafallo> gnight
<Lartza_>  how could i run webhosting in ubuntu? people get ftp acc and limited quota and mysql and something like cpanel
<Lartza_> is webmin same thatn ispconfig?
<AtomicSpark> webmin is for web baised server config. not a good way to run virtual hosting. thats more a cpanel plesk thing.
<Lartza_> well what program do i need and it would be free?
<Lartza_> i think cpanel isnt
<AtomicSpark> cpanel and others are defiantly not free.
<AtomicSpark> webmin is the only free one i can think of off the top of my head but it also isn't the best for virtual hosting which is what you want to do.
<Lartza_> ispconfig?
<AtomicSpark> never head of that one.
<Lartza_> ispconfig.org
<Lartza_> features seem ok
<Lartza_> for my needs
<Lartza_> what is proftpd conf file?
<Lartza_> /etc/proftpd.conf is empty
<AtomicSpark> you're using ubuntu server?
<Lartza_> im now on ubuntu computer yes
<Lartza_> and server is ubuntu
<Lartza_> /etc/proftpd.conf doesn't exist
<AtomicSpark> hmm. i don't have a proftpd.conf. must of been added by something you installed. ftp server maybe?
<Lartza_> i dont have it
<AtomicSpark> is a guide telling you you need it?
<Lartza_> but i need it :)
<Lartza_> for proftpd configuration
<AtomicSpark> did you install proftpd?
<Lartza_> yes
<AtomicSpark> hmm.
<Lartza_> webmin can see it
<AtomicSpark> the conf file?
<Lartza_> yes
<AtomicSpark> hmm. maybe stored somewhere else.
<Lartza_> i think i can change the setting from webmin
<AtomicSpark> so do you want to sell virtual hosting spots or what are you trying to do?
<Lartza_> now im changing some settings and figuring in my head, yes, how to do what you expalined, maybe not sell and only for friensds and family
<Lartza_> is DefaultRoot config in proftpd same than Limit users to directories in webmin
<AtomicSpark> oh well webmin should be fine for that. :)
<Lartza_> now to the virtualhost problem
<Lartza_> i'm not brave enough to try ispconfig
<Lartza_> i think its same than webmin
<Lartza_> and someone messed his comp with it
<AtomicSpark> it happens. you have to be careful when installing apps on linux.
<Lartza_> well when he asked help on ubuntu channel somebody ssaid he shuold use webmin
<Lartza_> well does webmin work if i install usermin?
<Lartza_> i found!
<Lartza_> VHCS - Virtual Hosting Control System
<Lartza_> previously some free host where i got webspace used it
<Lartza_> hmph... only debian and suse packages?!
<Lartza_> and it said open source...
<AtomicSpark> debian packages or .deb is what ubuntu uses.
<Lartza_> but they are not 100% working
<Lartza_> Platform Support
<Lartza_> 	SuSE Linux 	7.x 8.x and 9.0 	
<Lartza_> 	RedHat Linux 	7.x and 9.0 	
<Lartza_> 	Debian Linux 	sid, woody and sarge 	
<Lartza_>   	Fedora 	Core1, Core2
<Lartza_> ???
<Lartza_> im not sure if my host used this
<AtomicSpark> yeah. most support is like that. linux is so vast that you wont find much support for it.
<AtomicSpark> most places just have redhat, centos, and ugh...
<AtomicSpark> damn. what's it called. the one apple is baised off of.
<AtomicSpark> oh bsd.
<Lartza_> they dont even have tar or windows and they said open source
<Kamping_Kaiser> !enter | Lartza_
<ubotu> Lartza_: Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<AtomicSpark> for the most part you should install software with apt-get and not by downloading it.
<Kamping_Kaiser> looking at those platforms, i'd say that software shouldnt be installed from packages
<AtomicSpark> but if you're just looking at support, not which file to download, there are really only 3 main distros, suse, debian, and redhat. everything else is based off of that.
<AtomicSpark> redhat = fedora, centos, redhat; debian = ubuntu, debian; suse = sles, opensuse; etc.
<AtomicSpark> most places wont list everything.
<Lartza_> i know
 * AtomicSpark hates fedora for some reason
<Kamping_Kaiser> mixing and matching packages is not recomended, anyware
<AtomicSpark> yes. like i said. best download it through apt-get or aptitude (using repos).
<Lartza_> ill try find tar for VHCS
<AtomicSpark> although 3rd party repos are required in other distros (if you know what you're doing), i would not recommend it for ubuntu.
<Lartza_> found source, i think ill use that
<Lartza_> there are not much options if you want free :)
<Lartza_> can i really send email from my comp if i have mailserver?
<Lartza_> and no domain, just ip
<AtomicSpark> i've only messed with exchange. should be the same way with the open source version. you should beable to send email.
<AtomicSpark> receiving email is a whole nother story. :P
<Lartza_> aww
<Kamping_Kaiser> Lartza_, yes you can, but you may get bounced by some servers
 * Kamping_Kaiser is starting to wonder what we're talking abouts
<Lartza_> would the sender be user@myip???
<AtomicSpark> yes.
<Kamping_Kaiser> yes, unless you enabled rewrite, so it looks like its coming from somewhere else
<AtomicSpark> Kamping_Kaiser: oh it keeps going from one subject to the next. he's trying to set up shared hosting for his friends and family.
<Lartza_> well could i use some free domain like no-ip for my mailserver?
<Kamping_Kaiser> AtomicSpark, ah right.
<Lartza_> maybe for freinds and family
<Lartza_> maybe others
<Kamping_Kaiser> i would have thought friends and family you'd go the simple option
<Lartza_> maybe noone :)
<Kamping_Kaiser> Lartza_, you could, but same as what i said applies - if your IP changes, you'll likely start getting blacklisted
<AtomicSpark> i didn't install openssh-client on my server... do i need it?
<Lartza_> if i use domain?
<Kamping_Kaiser> AtomicSpark, only if you want to ssh out of the server
<Lartza_> i get blaclisted... ;(
<Kamping_Kaiser> Lartza_, if you dont use a *valid* domain. eg, a domain with MX with static IP
<Lartza_> i would use dynamic dns
<Lartza_> ive found tut to automatically update my ip to the dynamic dns provider
 * AtomicSpark is documenting what he did today
<AtomicSpark> Lartza_: even if you used dynamic dns, unless you let your email server know of the dns, it will say your ip address.
<Lartza_> i wuold try somehow to get it send from my free domain
<Lartza_> i wont give up >:(
<AtomicSpark> i gave up on email awhile ago. use google aps for our business. :P
<Lartza_> got so far
 * Kamping_Kaiser uses his ISP as a rewritere
<Kamping_Kaiser> s/e$/$
<Lartza_> ???
 * AtomicSpark sees random characters from Kamping_Kaiser
<Kamping_Kaiser> then again, i'm using exim, so i dont know how easy it would be with postfix
<Kamping_Kaiser> AtomicSpark, which ones?
<AtomicSpark> (01:35:58 AM) Kamping_Kaiser: s/e$/$
<Lartza_> is it illegal to keep server on some isp's?
<Lartza_> :O
<Kamping_Kaiser> AtomicSpark, i'm just correcting myself - it (says roughly ) take the e from the end of the line and remove it
<Kamping_Kaiser> Lartza_, 'illegal' i dont know about, but some ISPs its against your contract to do so
<AtomicSpark> haha. jeez.
<Lartza_> nooen hasnt complained
<AtomicSpark> Lartza_: most isps state they don't allow servers in their contracts. most people don't listen.
<AtomicSpark> most isps are shitty and block ports though.
<Lartza_> can they stop it? weel shut down the connection, but any other way?
<Lartza_> ok
<Kamping_Kaiser> port blocking
 * AtomicSpark is glad he doesnt have comcast
<AtomicSpark> have any one of you set up NTP for your server/s?
<Lartza_> i have runned web and game and mail and ssh and ftp servers and nobody hasnt said anythind O:-)
<Kamping_Kaiser> AtomicSpark, yep.
<Lartza_> im sic of this for now
<Kamping_Kaiser> i run it almost everyware
<Lartza_> ill go play
<Lartza_> cya
<Kamping_Kaiser> later mate
<AtomicSpark> http://doc.ubuntu.com/ubuntu/serverguide/C/NTP.html
<AtomicSpark> from this guide, should i use ntpdate with cron.daily or using ntpd?
<AtomicSpark> *use
<Kamping_Kaiser> let me check the guide
<AtomicSpark> he seems to recommend ntpd.
<Kamping_Kaiser> AtomicSpark, you run one or the other
<Kamping_Kaiser> if its an *always on* machine, ntpd
<Kamping_Kaiser> that said, i use ntpd on everything
<AtomicSpark> if you had more then one server, you would install ntp-server and i guess all the other servers could point to a master?
<Kamping_Kaiser> if you have more then one, you set it up on all of them
<Kamping_Kaiser> then you set them all to 'peer'
<Kamping_Kaiser> *peer with each other, and optionally look to the internet
<AtomicSpark> hmm.
<AtomicSpark> don't have /etc/ntp.conf. oh well.
<Kamping_Kaiser> AtomicSpark, apt-get install ntp
<AtomicSpark> yeah i did that.
<Kamping_Kaiser> um.
<Kamping_Kaiser> did you do that without the trailing .?
<AtomicSpark> yup. the installer didn't create a conf file. just tried removing and reinstalling.
<Kamping_Kaiser> AtomicSpark, what system is this on?
<AtomicSpark> ubuntu server 6.06
<Kamping_Kaiser> AtomicSpark, then its in ntp-server
<AtomicSpark> ah. guide is wrong. scary.
<Kamping_Kaiser> let them know :)
<Kamping_Kaiser> or are you refering to the guide you linked above?
<AtomicSpark> yes that one.
<AtomicSpark> should be all about servers. :P
<Kamping_Kaiser> hm.
<Kamping_Kaiser> let #ubuntu-doc know, and r check for bug reports about it
<AtomicSpark> ntp-server seems to be better. i am sure you remember since you use it ;)
<Kamping_Kaiser> kgoetz@gatekeeper:~$ dpkg -S /etc/ntp.conf
<Kamping_Kaiser> ntp-server: /etc/ntp.conf
<Kamping_Kaiser> :)
<AtomicSpark> yup i have a conf file now.
<Kamping_Kaiser> cool
 * AtomicSpark is scared of trusting the openldap guide now
<AtomicSpark> basically what i am doing is replacing a windows smallbusiness server.
<AtomicSpark> didn't need all that fancy stuff. silly exchange using up all my resources.
<Kamping_Kaiser> openldap is complex, if the guide is perfect, your very lucky
<AtomicSpark> so i noticed.
<AtomicSpark> all i need is one domain, a few users and security groups. just to simplify logins on our network. i need to beable to change passwords etc.
 * AtomicSpark sighs
<AtomicSpark> maybe needs better employees
<Kamping_Kaiser> *grin*
<AtomicSpark> do you know the point of "option domain-name" for dns server?
<Kamping_Kaiser> s/dns/dhcp?
<AtomicSpark> you sir confuse me with your slashes
<Kamping_Kaiser> sorry: were you asking about dns or dhcp server?
<AtomicSpark> XD
<AtomicSpark> yeah i meant "option domain-name" for dhcp server. :P
<Kamping_Kaiser> :)
<Kamping_Kaiser> its your dns domain name
<AtomicSpark> good. god this file is complex.
<Kamping_Kaiser> dhcpd.conf? it gets easier when you've configured it a few dozen times ;p
<AtomicSpark> if i only have one dhcp server, should i enable the authoritative option? don't see why it would matter.
<Kamping_Kaiser> yes you should
<AtomicSpark> yes i should... good point. incase another dhcp server poped up.
<AtomicSpark> well i obviously failed.
<Kamping_Kaiser> *grin*
<Kamping_Kaiser> AtomicSpark, whats up?
<AtomicSpark> well i get this:
<AtomicSpark> Wrote 1 leases to leases file.
<AtomicSpark> No subnet declaration for start (0.0.0.0).
<AtomicSpark> ** Ignoring requests on start.  If this is not what
<AtomicSpark>    you want, please write a subnet declaration
<AtomicSpark>    in your dhcpd.conf file for the network segment
<AtomicSpark>    to which interface start is attached. **
<AtomicSpark> Not configured to listen on any interfaces!
 * AtomicSpark knows about pastebin
<AtomicSpark> but yeah i get that whenever i try stop/start/restarting the dhcp server.
<AtomicSpark> but i know it works, i got an address from it for my laptop.
<Kamping_Kaiser> AtomicSpark, " please write a subnet declaration"
<AtomicSpark> i have one. :-\
<Kamping_Kaiser> AtomicSpark, :o
<Kamping_Kaiser> AtomicSpark, pastebin it
<AtomicSpark> subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.100 192.168.0.149; option routers 192.168.0.1; }
<AtomicSpark> http://paste.ubuntu-nl.org/58075/
<AtomicSpark> that's my current config. i just uncommitted a few things and changed it to match my network.
<Kamping_Kaiser> hm.
<AtomicSpark> looks good to me.
<Kamping_Kaiser> me to.
<AtomicSpark> anything else you normally enable/change?
<Kamping_Kaiser> AtomicSpark, your not running ltsp or anything like that?
<AtomicSpark> i don't think so.
 * AtomicSpark googled
<AtomicSpark> no i'm not running terminal servers :P
<Kamping_Kaiser> :)
 * Kamping_Kaiser shrug
<AtomicSpark> when setting option domain-name-servers, is there a max of 2? or does it matter?
<AtomicSpark> I know windows had a 2 limit or something.
<Kamping_Kaiser> windows had a 2 limit
<Kamping_Kaiser> i'm not aware of another OS as deficent
<AtomicSpark> heh.
<AtomicSpark> oh does resolv.conf really get overwritten on server reboot? or is that only if your server gets ip from dhcp?
<Kamping_Kaiser> only if its dhcp
<AtomicSpark> good deal.
<Kamping_Kaiser> course :)
<AtomicSpark> !bug #197557
<ubotu> Launchpad bug 197557 in ubuntu-doc "Wrong Package for Server Guide: NTP" [Undecided,New] https://launchpad.net/bugs/197557
<AtomicSpark> :D
<AtomicSpark> my first bug. how nice.
<AtomicSpark> thanks for your help Kamping_Kaiser, i'm calling it quits for tonight.
<Kamping_Kaiser> hm. should have told him i was going afk
<nijaba> hello
<faulkes-> morning all
<rjune> ugh
<AlexC_> hey all,
<AlexC_> I needs some help setting up Postfix and Bind9 records. Basically the setup I would like is that email is sent (over SMTP) and recieved (by POP3(s) or IMAP(s)) via 'mail.example.com' *only*. Ie, I don't want 'mail.hosted-domain.com'
<AlexC_> I've not really got he best idea on how to set this up, and would really appreciate a little guidance
<AlexC_> Dovecot is also used if that is of any relevance to the configuration
<faulkes-> start with the official server guide https://help.ubuntu.com/7.10/server/C/ - see the postfix section, in regards to bind9, you want an MX record for domain.com to point to mail.domain.com
<faulkes-> domain.com IN MX 10 mail.domain.com (as an example)
<AlexC_> ok, thank you faulkes- I will read up on that. Do you also know of a good place I can read up on the dns records? As I really have no idea what that line does (part by part)
<faulkes-> I believe there is a DNS section in the server guide as well
<faulkes-> if not, there should be one at https://help.ubuntu.com/community/Servers
<AlexC_> great, thanks very much
<faulkes-> np
<faulkes-> once you have read through and set things up, if you are encountering problems, don't hesitate to ask here or on the official server platform forum at http://ubuntuforums.org/forumdisplay.php?f=7
<faulkes-> hello Bidou
<Bidou> hi
<AlexC_> ok, now I'm having issues with Postfix :P http://paste2.org/p/14848 - this is when doing 'telnet localhost 25'. Also I have no idea why it is picking up 'draco' from. The old hostname of this server used to be 'draco.tangohost.co.uk' however I have changed it all now so it's 'apoc.openzula.org' ... why is it still picking up Draco and how can I fix the issue?
<AlexC_> the pastebin is the logs from /var/log/mail.log ... when I do 'telnet localhost 25' it connects, but then get  Connection closed by foreign host.
<AlexC_> maybe this is a better paste: http://paste2.org/p/14850
<faulkes-> well, first it would seem you don't have dns setup for your domain
<faulkes-> however
<faulkes-> when you changed the hostname, how did you do that?
<AlexC_> faulkes-, it's a VPS, and with it I have HyperVM - there is an option within that to change hostname
<AlexC_> Bind9 is working fine for my domain, as well
<AlexC_> faulkes-, googling seems to show it's an issue with Dovecot
<faulkes-> there are a few issues happening
<faulkes-> your mail.domain.com doesn't exist
<faulkes-> can you pastebin your postfix configuration
<AlexC_> faulkes-, could you help me out on setting the MX record? https://help.ubuntu.com/community/BIND9ServerHowto does not explain it well
<AlexC_> faulkes-, sure,
<faulkes-> I'm not sure what the VPS you are using is doing with or how it is managing bind, so that could be difficult
<AlexC_> faulkes-, http://paste2.org/p/14851
<AlexC_> faulkes-, well it seems like it's completely up to me with the DNS - ie, they don't manage it at all
<faulkes-> however the first step would be to actually create a record for mail.domain.com that has the same ip address as domain.com
<AlexC_> I think I just found out how to do that =3
<faulkes-> what does /etc/mailname and /etc/hosts look like (pastebin)
<faulkes-> normally I manage bind by directly dealing with the zone files, so if the VPS has any sort of mgmt console (Plesk, cPanel, Ensim) I wouldn't be much help
<AlexC_> faulkes-, http://paste2.org/p/14852
<AlexC_> faulkes-, yes, it has nothing like that for managing them - so I am also directly dealing the zone files. The only thing you can really do with HyperVM regarding the config is the hostname change
<faulkes-> what does /etc/hostname look like (it's a single line file
<faulkes-> pastebin your zonefile then
<AlexC_> faulkes-, /etc/hostname is apoc.openzula.org
<AlexC_> faulkes-, alrite
<AlexC_> http://paste2.org/p/14853
<AlexC_> hum, in /var/log/syslog I get "dns_rdata_fromtext: pri.openzula.org:11: near 'mail.openzula.org.': not a valid number" ... seems I didn't do the MX record correctly
<AlexC_> err I missed the 10 out
<AlexC_> that's odd, in HyperVM it has my old hostname there O_o
<ScottK> lamont: That's what we talked about, but apparently people are doing it on their own, so we may as well give them a proper package.
<ScottK> lamont: I've done the uploads (I'm core now too ;-))
<faulkes-> http://paste2.org/p/14855
<AlexC_> faulkes-, how come you removed the MX part?
<AlexC_> oh I see it
 * faulkes- nods
<AlexC_> ok, that's all good I can ping that now
<faulkes-> ScottK: can you look at http://paste2.org/p/14851 (postfix config), in the mydestination= section, iirc he should be adding his root domain correct (to the list)
<faulkes-> ok, your MX record now shows properly
<ScottK> faulkes-: If mail to that domain should be delivered by Postfix, then that is absolutely correct.
<faulkes-> AlexC: per ScottK's confirmation, add your root domain.com to the mydestination= section of your postfix configuration
<AlexC_> ok
<faulkes-> once you've done that, restart postfix and we'll see what we get
<AlexC_> faulkes-, http://paste2.org/p/14856
<AlexC_> woops, ignore 'warning: No server certs available. TLS won't be enabled' ... I accidently commented something out in the main.cf file
<faulkes-> well, it appers to be complaining about sasl
<AlexC_> indeed, when doing a bit of Googling it seems to be Dovecot is the issue
<AlexC_> faulkes-, shall I just purge Dovecot and Postfix and follow this guide from the start?
<faulkes-> that may be an easier route, given you remember what we've done above
<AlexC_> indeed, I shall try it now. Thank you for all the help so far =)
<AlexC_> awesome, working faulkes- =) Thank you very much!
<AlexC_> food o'clock =)
<faulkes-> nijaba: another survey push this morning, committed fix, no rush
<faulkes-> and damn you ScottK, I've avoided learning postfix since it's release, now I'm starting to hate sendmail
<faulkes-> DAMNNN YOUUUU!
 * faulkes- whistles innocently
<stephan> i'm using a glassfish application server, at one point the servers stops acception connection with message connection refused, in #glassfish i was told that it is a "new connection / second" problem of the os.
<faulkes-> ummmm, ok
<faulkes-> I'm not aware of any rate limitinig / connection limiting we are doing by default
<faulkes-> I'm not familiar with glassfish so, however, do you have any idea how many nc's / second are actually happening?
<faulkes-> and is there anything in the logs which it creates (if it creates logs) when this situation arises?
<keescook> jdstrand: ah, we'll need to disable the new enforced profiles on the liveCD (bug 131976)
<ubotu> Launchpad bug 131976 in casper "fails to start: cannot apply additional memory protection after relocation - apparmor doesn't work on stacked file system (livecd)" [High,Fix released] https://launchpad.net/bugs/131976
 * faulkes- <mr burns finger churches>
<faulkes-> excellent
<Exfiltrate> I need some Help with Asterisk. Im unsure of what i want to accomplish. what i want to do to begin with is Setup a VoIP service and connect Through it With Asterisk. what service that is free is best compatible with asterisk and simple to setup
<faulkes-> another day or two of dev work and I should be able to put my code up on LP
<Exfiltrate> im attempting to use FWD right now but cant seem to get it to work
<faulkes-> we don't really get into who provides "free" services for voip here
<faulkes-> if you have a specific problem, we can probably offer help
<faulkes-> and afaik, any service which allows you to connect via sip or mgcp is compatible with asterisk
<lamont> ScottK: yeah - saw that
<lamont> faulkes-: I knew we'd convert you eventually... :-)
<lamont> faulkes-: if it helps any, Wietse got a Sendmail Developer's Award a year or two ago, for the postfix milter stuff
<Exfiltrate> faulkes-: its not a matter of free service, i just want to be able to make sure i can get it configured correctly before i commit to any service
<Exfiltrate> faulkies- : the bigger issure is that i cant seem to figure out why the trunk wont work
<faulkes-> Exfiltrate: iirc voip-jet offers free test services to help setup asterisk
<Exfiltrate> nice
<Exfiltrate> thanks
<AtomicSpark> hi
<AtomicSpark> has anyone attempted to configure smb to work with slapd to let windows clients authenticate?
<Nafallo> !weekend
<ubotu> It's a weekend.  Often on weekends, the paid developers, and a lot of the community, may not be around to answer your question.  Please be patient, wait longer than you normally would, or try again during the working week.
<MatBoy> hi all
<MatBoy> what version of asterisk is there in ubuntu-server at the moment ? I'm not able to see it using apt-cache
<AtomicSpark> what version of server? 6.06 or 7.10?
<MatBoy> 7.10
<MatBoy> Debian seems to have a outdated version :S
<MatBoy> (as usual)
<AtomicSpark> http://packages.ubuntu.com/search?keywords=asterisk&searchon=names&suite=gutsy&section=all
<AtomicSpark> looks like 1:1.4.10~dfsg-1?
<AtomicSpark> whatever all that is :)
<MatBoy> ah that is nice !
<MatBoy> thanks
<MatBoy> .18 is the latest version
<MatBoy> debian is on 1.2.3
<AtomicSpark> well remember that using the latest version in linux isn't always the best idea. :P
<AtomicSpark> unless it fixes something you need of course.
<MatBoy> AtomicSpark, nah on Asterisk, it solved a lot :)
<MatBoy> *solves
 * AtomicSpark wonders if installing smb before sldap causes problems.
<MatBoy> AtomicSpark, it shouldn't
<AtomicSpark> yeah i read into slapd. way too complicated. skipping it for now.
<AtomicSpark> just need like one or to shares for windows >:(
<MatBoy> AtomicSpark, just samba with a share in it
<MatBoy> use webmin if you are not able to config it
<gopp> hi
<gopp> I setup a ldap + samba domain controller
<gopp> but
<AtomicSpark> openldap?
<gopp> last step " logging into the Windows XP workstation (after selecting the domain from the drop down box I get an error
<gopp> yea
<gopp> http://paste.ubuntu-nl.org/58154/
<gopp> that the error
<gopp> and bind9
<AtomicSpark> well i am afraid that those who know more advanced stuff like ldap server are away for the weekend :P been trying to get some help myself.
<gopp> and I did smbldap-useradd -w client-winxp
<gopp> that smbldap-useradd gopmix
<gopp> with -w
<gopp> damn
<gopp> do you know what I did wrong AtomicSpark
<AtomicSpark> gopp: no idea. which guide did you follow to install openldap + samba?
<gopp> this onehttp://www.howtoforge.com/openldap-samba-domain-controller-ubuntu7.10-p3
<AtomicSpark> I've been following http://doc.ubuntu.com/ubuntu/serverguide/C/index.html for mine.
<AtomicSpark> one of the ubuntu members told me last night i would be lucky if i found a guide that was 100% on openldap. tis' a complicated thing.
<gopp> oh
<gopp> oh hmm
<AtomicSpark> yeah i'm skipping it for now. just using workgroup shares on smb. ill go back later after testing it out on a test server.
<gopp> yea I want one
<gopp> The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain gopunix.local:
<AtomicSpark> i think that guide you read skips the installing of open-ldap
<AtomicSpark> actully doesn't even mention it. :-\
<AtomicSpark> wait...
 * AtomicSpark sees other pages
<gopp> that the third page
<AtomicSpark> hmm. seems like a good guide. i think ill do that on my test machine.
 * AtomicSpark sees that he didnt change the FQDN for his server.
 * AtomicSpark realizes that he doesn't need that if his dns server is cache only.
<gopp> yea
<gopp> tell me if it works
<AtomicSpark> i'm actually running on 6.06. hopefully this guide isn't too different.
<AtomicSpark> maybe ill just use simple smb sharing for now then test out this guide on a 7.10 server somewhere. then when 8.06 comes out, i can upgrade the main server.
<AtomicSpark> yes. good plan!
<AtomicSpark> can webmin configure samba users/shares?
<ScottK> AtomicSpark: You're unlikely to get webmin support here.
<AtomicSpark> Don't likes the webmin?
<ScottK> The way it manages configuration files is fundamentally incompatible with the way Debian/Ubuntu package management works.
<ScottK> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<AtomicSpark> well thanks for the warning. :)
<gopp> did you get it
<gopp> ScottK I agee
<gopp> agree
<gopp> how do I ScottK fix an error in srv record.
<gopp> ?? thanks
<Munksgaar3> !ebox
<ubotu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See the plans for Hardy at https://wiki.ubuntu.com/EboxSpec
<ScottK> gopp: Sorry, I'm only marginally paying attention to what's going on in the channel.
<gopp> I am getting this whenI try to connect to my samba and open ldap
<gopp> The query was for the SRV record for _ldap._tcp.dc._msdcs.gopunix
<gopp> Common causes of this error include the following:
<gopp> - The DNS SRV record is not registered in DNS.
<ScottK> I'd look and see if I can see the srv record using dig.  If you can't you have a DNS problem.  If you can, you have an LDAP problem.
<gopp> k
<gopp> ;gopunix.local.                 IN      A
<gopp> ;; AUTHORITY SECTION:
<AtomicSpark> should i use the server guide for the version of the os i am on, or is using the latest one better?
<gopp> hey
<gopp> I am getting this
<gopp> rndc: connect failed: 127.0.0.1#953: connection refused
<gopp>                                                                          [fail
<keescook> soren: common ext3 /build speeds up builds by about the same amount as you were seeing with tar stuff
<AtomicSpark> okay. i really don't understand the difference between ntp-server and ntp-simple both packages install eachother. can someone shed some light on this?
<gopp> I am getting * Starting domain name service... bind                                  [fail]
<AtomicSpark> gopp: do you have any other dns server running? my dhcp service failed on ubuntu when i forgot to shut off the router's. :P
<gopp> oh
<gopp> nothing else
<gopp> how do I compeltely remove bind and start over
<AtomicSpark> sudo apt-get remove bind9
<AtomicSpark> then remove /etc/bind9 folder by cd /etc then sudo -rm -rf bind9
<AtomicSpark> careful with that rm -rf!
<AtomicSpark> no - before rm
<gopp> oh
<AtomicSpark> i wonder why they didn't release pdf versions of the guides for 7.10. that's kindof lame.
<gopp> yea
<AtomicSpark> hopefully for 8.04 since it's LTS.
<gopp> then apt-get install bind
<gopp> then apt-get install bind9
<AtomicSpark> yes
<AtomicSpark> *sudo
<AtomicSpark> hmm they didnt' have it for 7.04 either.
<gopp> still get it
<gopp> rndc: connect failed: 127.0.0.1#953: connection refused
<AtomicSpark> did you configure bind at all?
<gopp> yea
<gopp> like it said in that
<gopp> let me reboot ubuntu
<gopp> nothing
<nijaba> gopp: better method to completely remove a package apt-get
<gopp> nijaba how
<nijaba> apt-get purge package
<gopp> I tryed how atomic said
<gopp> dpkg - warning: while removing bind9, directory `/etc/bind' not empty so not removed.
<gopp> that makes sense
<nijaba> what is left are files that were not installed by the package
<gopp> then I reinstall
<gopp> sudo apt-get instal bind9
<gopp> worked
<gopp> let see if I can then   login
<gopp> AtomicSpark did you get it to work
<AtomicSpark> so i want to create a user but not let them log in. basically it's just a shared unix user for samba. what option would i use for that?
<Kamping_Kaiser> beh. i cant be bothered reading up this morning, sorry blokes ;)
<AtomicSpark> well hi mr.
<gopp> all I got know is
<gopp> The error was: "DNS name does not exist."
<gopp> (error code 0x0000232B RCODE_NAME_ERROR)
<gopp> The query was for the SRV record for _ldap._tcp.dc._msdcs.gopunix.local
<AtomicSpark> nvm. since i don't have that crappy selinux on ubuntu, ill just use the users home folder. :)
<Kamping_Kaiser> selinux is ok (even if i dont use it myself)
<Kamping_Kaiser> gopp, does gopunix.local exist?
<AtomicSpark> selinux kept yelling at me. :(
<Kamping_Kaiser> :\
<gopp> yea I createdit
<gopp> as master
<gopp> gopunix.local.                 IN      A
<Kamping_Kaiser> and `host gopunix.local` returns the result you want?
<gopp> yea
<gopp> in linux
<gopp> but not in windows
<gopp> I did nslookup  Can't find server name for address 192.168.1.5: Non-existent domain
<Kamping_Kaiser> you might nto have reverse dns
<gopp> oh
<gopp> rev.1.168.192.in-addr.arpa
<gopp> is that right
<Kamping_Kaiser> could be, depends how you set it up ;)
<Kamping_Kaiser> i'm going to work. back in ~1.5 hours
<Kamping_Kaiser> as kgoetz
<AtomicSpark> ha. i can connect to the samba share via windows but not ubuntu > connect to server > windows share
<gopp> what is the proper way
<AtomicSpark> it keeps showing mshome not the proper workgroup
<AtomicSpark> :P
<gopp> Kamping_Kaiser
<Kamping_Kaiser> gopp, proper way?
<Kamping_Kaiser> gopp, reverse dns can have one entry covering multiple IPs, unlike forward dns
<Kamping_Kaiser> gopp, so rev.1.etc covering the whole /24 would be fine
<Kamping_Kaiser> however, afk 1.5 like i said. GTG
<AtomicSpark> it works if you specify the domain (workgroup) while adding the share. oh well.
<gopp> hmm
<gopp> AtomicSpark do you know my error
<AtomicSpark> gopp: no sorry. haven't tried it yet.
#ubuntu-server 2009-02-23
<Bangers1> I have a Ubuntu Server inside VMWare ESX, I've increased the size of the VM Virtual Disk
<Bangers1> how do I let ubuntu see this space increase?
<orudie> can i find out what localhost resolves to ?
<orudie> like what would be the address that i would put in the web browser
<orudie> to access it
<viezerd> euh
<viezerd> http://localhost/
<orudie> it says
<orudie> no i'm in cpanel with this web hosting account
<fruchtix> orudie: use the support system of your hosting provider for this type of question, please
<orudie> how can i find out what the permission of a directory is set to
<Bangers1> anyone got a sec to take a look at my ubuntu server thread?
<Bangers1> http://ubuntuforums.org/showthread.php?p=6782472#post6782472
<Yagisan> Bangers1, http://www.howtoforge.com/linux_resizing_ext3_partitions
<Yagisan> Bangers1, disclaimer: I have not done this. I am not representing Ubuntu and/or Canaonical
<Yagisan> Bangers1, and before tying anything like that - back up important data
<Bangers1> well, luckily for me it;s vmware so i can easily drop it, clone the volume and do it
<Bangers1> Yagisan: my problem is though that  I  cannot move my swap to the end of the drive
<Bangers1> to resize
<Yagisan> swap on new vmware disk ??
 * Yagisan runs kvm systems here
<Yagisan> Bangers1, you could try shrinking the partition, put a new swap partition at the end of the disk, delete old swap, then try to extend - same disclaimer as before
<Bangers1> it's the same disk
<Bangers1> If you look at the screenshot, I think I need to move swap to the end of the disk
<Bangers1> then a simple growfs should work
<orudie> how can i give everyone permission to read some directory
<isuporkchop> i have never set up a server before, but i would like to give it a try.  ive got an old computer tower, and would like to set it up so all of my roommates could access and share files across the server, as well as use it as a file server.  is this a fairly straightforward thing to do?
<Kamping_Kaiser> depends. what do your roommates use on thier computers?
<Kamping_Kaiser> not sure what you mean by "share files across the server" either
<isuporkchop> like a 'shared folder'.  one person could put files in the folder, another person could get those files
<isuporkchop> 2 run xp, 1 vista, but im working on converting them to ubuntu :P
<Kamping_Kaiser> you'll probably need samba then.
<Kamping_Kaiser> not sure how you seperate the ideas of 'shared folder' and 'file server', but samba will probably manage both.
<Kamping_Kaiser> i avoid it myself (thank goodness for no doze boxes)
<Bangers1> I just cloned a ubuntu server in vmware
<Bangers1> ive changed its hostname and ip etc
<Bangers1> how do I now change it's ssh host key?
<orudie>  can anyone recommend a good free webhost that has php, mysql, perl, and ssl access
<Kamping_Kaiser> Bangers1, ssh-keygen for generating keys
<Yagisan> Kamping_Kaiser, actually samba works very nicely in an all *nix environment - it seems to be quicker than nfs
<Kamping_Kaiser> Yagisan, it may do, but i use nfs or ssh(scp,sftp)
<Kamping_Kaiser> Every time I work on samba it drives me nuts, I've decided not to hurt myself on it again :)
<Yagisan> :D should have a sticker on the side of the box - samba - some assembly required
<Kamping_Kaiser> hahaha.
<Kamping_Kaiser> :)
<Yagisan> anyone here notice any slowdown when using encrypted disk partitions ?
 * Yagisan wishes he had the money to run lvm, on encryption, on raid5 for his "server"
<Kamping_Kaiser> never tried encrypting at the fs level.not seen a good point yet
<Yagisan> depends on what is on the disk, and who you don't want to see it
 * Yagisan used to work in a trading firm - I'd have loved to encrypt the disks that the trading algorithms were on.
<orudie> can someone hook me up with a SSL user name on their box ?
<Kamping_Kaiser> ssl username?
<orudie>  Kamping_Kaiser yeah , a user name
<Kamping_Kaiser> your question doesnt make sense
<orudie> Kamping_Kaiser, i am looking for a free web host, but maybe somoene can set up with a user name, and a database on their box
<orudie> so that i would be able to ssh
<tsrk> My server stopped showing the System Information when I login.... why is that?
<Bangers1> on my local ubuntu repo mirror, I'm doing apt-get mirror and I'm getting a whole bunch of "Sources.gz  404 Not Found"
<Bangers1> and a "Packages.gz  Hash Sum mismatch"
<Bangers1> Does this mean my mirror is configured wrongly?  Or my sources.list is wrong?
<twb> Bangers1: it is often caused by a misconfigured caching web proxy.
<Bangers1> Everything used to work, but I think I rebooted the server and since then it's been doing this.  Even other clients in my network cannot 'apt-get update' against my mirror
<Bangers1> not running a proxy in my network
<twb> What happens is, Packages.gz is big, so is cached, but the Release file (which contains the checksum) is small, and so is not cached.
<twb> It may also be because the upstream mirror is in an inconsistent state, in which case re-running your mirror script should fix things.
<twb> Also be aware that some (retarded) ISPs will perform transparent caching proxying of port 80.
<twb> Finally, I *highly* recommend the "debmirror" package and strongly discourage use of the "partial" proxies apt-cacher and apt-proxy -- these are totally fucked and wasted far more of my time than they saved.
<Bangers1> yep I  get you.  My ISP definitely arent proxy caching or anything.  I reran 'apt-mirror' and the 'clean.sh' it told me to do
<twb> I'm not familiar with apt-mirror, sorry.
<Bangers1> twb: ok um not to sure what you mean about 'apt-proxy', it's an inherited server i recieved
<twb> apt-proxy is a package.
<twb> Since you're using apt-mirror, you can forget about that remark.
<Bangers1> so .. "apt-get update" .. does it try to download Sources.gz for each directory the client (sources.list) has configured?
<Kamping_Kaiser> never knew about that, i should see if its better or as good as debmirror.
<Bangers1> Because I just did find /mirror -name Sources.gz on my mirror serverm and it didnt find any file with that name
<twb> Bangers1: Sources.gz is fetched only for deb-src entries
<twb> Don't forget to find /mirror/ not /mirror, if /mirror is a symlink.
<Bangers1> naa, it's not a symlink
<Bangers1> hrmm, this is weird, i'm really stumped
<Bangers1> twb: ok I've removed the 'deb-src' ines from my sources.list and now it's only complaining about :  Packages.gz  Hash Sum mismatch
<Bangers1> how do i clear the hash md5 cache apt keeps?
<twb> apt doesn't keep one.
<twb> The checksum is stored in the Release file on the server.
<twb> The error occurs when Release and Packages.gz are not in sync.
<Bangers1> Oooh...how do I double check that?
<Bangers1> This thread looks identical to my problem: http://www.usenet-forums.com/linux-general/394063-apt-get-gpg-key-error-message.html
<Bangers1> 100% identical
<Bangers1> he seems to say "a cache purge" solved his problem
<Bangers1> whats that and how do I do that?
<rdw200169> twb, you mentioned transparent caching... i dealt with a *lot* of that when I ran a network off of the HughesNet Satellite systems
<rdw200169> twb, so, on top of satellite delay (which was measurable), I also had to deal with heavy caching, which i kept to a minimum using traffic shaping (keeping the bucket low)
<twb> Bangers1: he means purging the cache on the caching web server.
<rdw200169> twb, they called it 'Turbo' or something like that... it was a real pain
<twb> rdw200169: certainly the mere *presence* of caching won't break apt-get update; the problem is only if ONE of the two files is cached.
<rdw200169> twb, well, i was referring to transparent caching in general. regardless, for the apt part, I found that apt-cacher worked great for a local lan... the only problem is that keys don't work with that particular package
<twb> IIRC apt-cacher is the one that allows for injection of infected packages by any client using apt-get.
<twb> Because it assumes <package name>_<version>_<arch>.deb is identical on all upstream servers, and it's not.
<rdw200169> twb, for *this particular situation* we had a relatively small # of ubuntu users... it wasn't a big deal
<twb> This is particularly evil and wrong if *any* client has- right, ubuntu and debian
<rdw200169> twb, even though it was a large lan... i was aware of apt-cacher's drawbacks and went with it anyway
<rdw200169> twb, the benefits outweighed the drawbacks at the time
<twb> I now just advocate either a generic caching proxy, or a full deb mirror.
<twb> Where "full" means modulo the exclusions you can punch into debmirror(8).
<rdw200169> twb, i couldn't run a full mirror b/c we didn't have the bandwidth allocation for something like that
<twb> rdw200169: nod.
<twb> Although you could maybe use the "truck full of backup tapes" approach to syncing...
<rdw200169> twb, we were dealing w/80+ subscribers with a total of about 30GB / month (total download mass)
<twb> Most users won't give a shit about (non-security) updates being delayed by up to a month.
<twb> Anyways... >wander off<
<rdw200169> that, and apt-cacher required very little modification of users' apt configurations... a simple script to change the apt to a proxy
<Bangers1> twb: but im not running a cache web server anywhere.   no where on my network ...
<twb> rdw200169: personally I'd prefer a design that involves adding a proxy to /etc/apt/apt.conf instead of to every line in /etc/apt/sources.list.
<Bangers1> mine is just a simple apt-mirror, and apache2 serving it up over http.  Everything was working fine until recently, I don't knwo what has changes.
<twb> Bangers1: I've told you what I know.
<rdw200169> twb, that's what i'm talking about
<rdw200169> twb, i can't remember what line i modified in the apt conf, it was really simple though, and redirected all apt traffic to a proxy,
<twb> rdw200169: for an http proxy, yes.  apt-cache and apt-proxy need changes to sources.list
<twb> echo 'Acquire::http::Proxy "http://proxy:8080/";' >>/etc/apt/apt.conf
<Bangers1> Can anyone help me with this?: http://ubuntuforums.org/showthread.php?p=6782472#post6782472
<twb> Sorry, forums like that are laid out so amazingly badly that I'm not even gonna read it.
<tsrk> When I logged in it said I had a zombie process, is that normal?
<tsrk> (I know what a zombie process is, but is it normal to have them?)
<tsrk> all i have installed is a LAMP server and samba and proftpd
<tsrk> the zombie process disappeared after a while (before i could figure out what it was)
<tsrk> when I login, I get a bunch of system info, what's generation that?
<tsrk> what command can i run to get it?
<nobse> tsrk: uname -a?
<tsrk> no, like system load, memory usage, swap usage, usage of /, processes
<nobse> that's not the default behaviour
<tsrk> it appears to be...
<tsrk> i installed ubuntu server 8.10 on two machines today and both have it
<twb> Because I am paranoid about security, I recommend vsftpd over proftpd.
<twb> ...just FYI
<nobse> tsrk: I've never seen this on any of my 8.10 servers.
<tsrk> nobse, really?
<nobse> tsrk: Really.
<tsrk> i think i figured out why thought
<tsrk> there's this thing updating the motd every 10 mins
<tsrk> it's something related to landscape
<tsrk> but i don't use landscape...
<nobse> tsrk: aptitude purge landscape-common
<nobse> tsrk: The output is from landscape-sysinfo, which is part of landscape-common package.
<tsrk> nobse, i wasn't really wanting to get rid of it, i was wondering how to output that stuff using a shell script
<tsrk> ah
<tsrk> perfect, thanks
<lwizardl> Hi
<lwizardl> would this be the proper channel to get help with PXE server setup?
<lwizardl> anyone here ever configured a PXE server to do network OS installs?
<Yagisan> lwizardl, once a long time ago. it's very similar to setting up a standard network boot setup, like used by ltsp - so I'd go looking at their docs and the isc dhcp server manual if I where you
<domas> lwizardl: yes
<domas> in a way :)
<domas> I don't know what is "PXE server", I'd usually use DHCP+TFTP :)
<domas> lwizardl: http://p.defau.lt/?wwxyhf_F0dWD1HWSZs8rxw
<domas> you may also want to have this:
<lwizardl> ok I've never done this before
<domas> http://p.defau.lt/?1ADT0i6RVb5TaPx9yvHM6A
<lwizardl> I've only setup a few linux web servers , and about 30 desktops
<lwizardl> yeah loading the page now
<lwizardl> ok i don't understand that page
<kraut> moin
<domas> thats dhcp configuration
<lwizardl> is that the /etc/networking/interfaces
<domas> no, thats dhcpd.conf
<lwizardl> hmm
<lwizardl> ok my server doesn't seem to find it
<lwizardl> i'll be back in a few going to do a fresh server install
<domas> install dhcpd
<lwizardl> what pport does PXE/tftp use?
<hads> hads@sodium:~$ grep tftp /etc/services
<hads> tftp		69/udp
<lwizardl> k
<lwizardl> ok clean server installed
<lwizardl> ok i tried to do an apt-get install dhcpd and it failed
<lwizardl> E: Package dhcpd has no installation candidate
<domas> apt-cache search dhcp?
<Yagisan> lwizardl, sudo apt-get install dhcp3-server
<lwizardl> Yagisan, that worked thanks
<Yagisan> np
<lwizardl> ok just got an error after it installed and tried to start
<lwizardl> how do i check syslog again
<domas> ...
<uvirtbot> New bug: #333172 in apache2 (main) "package apache2.2-common None [modified: /var/lib/dpkg/info/apache2.2-common.list] failed to install/upgrade: error creating directory `./var/cache/apache2': Input/output error" [Undecided,Incomplete] https://launchpad.net/bugs/333172
<PC_Nerd> Hi,  I'm wondering what everyone uses to monitor their servers.  I'm wanting something extremely small and lightweight.... that only really monitors proccess/threads/memory usage (similar ot windows task manager), and network usage per proccess (packet sniffer sort of)... any suggestions?
<soren> Something that monitor network usage per process is unlikely to be lightweight.
<soren> PC_Nerd: What are you actually trying to achieve?
 * Yagisan er uses Virtual Machine Manager for somewhat obvious reasons
<PC_Nerd> Basically, nothign as complex a monitoring as nagios etc.....   mainly jsut monitoring/counting bandwidth - and being able to use monitoring to graph ram usage per proccess( so i can compare it to events in the server I'm building etc).
<PC_Nerd> if I know the proccess is chewing up RAM etc - then I can kill it or fix it.....  ultimately ill build it into a web based panel for myself - but I only want it minimal at the moment.
<soren> PC_Nerd: No, finish this sentence:
<soren> I want to do all this monitoring, so that I....
 * soren heads to lunch... be back in half an hour
<PC_Nerd> "I want to do all this monitoring, so that I can display it and analyse it ( graph it etc) on a web based interface, without having to install large systems like nagios.
<soren> PC_Nerd: If you're not going to *do* anything with it, what's the point?
<soren> PC_Nerd: Just showing it is pointless if you're never going to take any action based on it, and until you know what sort of action you might take on it, it's virtually impossible to perform the correct monitoring.
<fruchtix> well, you can also use data from forensics to learn more about your system
<fruchtix> and what nagios does is basically to combine certain functions and tools. for each and every aspect there is command line tools that provide the raw data
<PC_Nerd> eventually, the action ill be taking is restricting operations of the server based on the logging - such as RAM and networking.   I essentially want to replicated a web based  "windows task manager" for the server.
<fruchtix> when you feed the right keywords to sites like freshmeat.net you can find loads of useful tools
<fruchtix> PC_Nerd: sorry, but that does not make much sense what you just said
<fruchtix> are we talking about user limits?
<fruchtix> you plan to limit resources per user?
<fruchtix> if you dont know much about how certain system components work, then you might do better to use a framework like cpanel or similar
<PC_Nerd> I'm trying  to avoid bulky systems like cpanel or nagios..... ultimately- as i jsut said I want to create a web based task manager for my server...... with minimal features of displaying memory usage, network usage etc. - are there any tools that do this, or will I have to write my own?
<henkjan> PC_Nerd: phpmyinfo ?
<PC_Nerd> never heard of it - and google's not returning anything useful.... do you mean phpmyadmin ( which is the web based mysql system as im sure you know)
<fruchtix> either you use console tools or you go by frameworks
<fruchtix> anything graphical that is also web based wont fit in the category "slim and non bulky"
<fruchtix> any usability feature is adding extra layers which is adding lots of code which is adding complexicty
<PC_Nerd> ok, so the best method would be to write a small daemon that calls the console tools to find the data I want, and write it to a log - then get the web based Cgi or php script to read that log and display the results accordingly ?
<fruchtix> nagios is doing exactly that
<soren> *bzzzzzt*
<PC_Nerd> hm ok ( I just dont like it thats all)... ill look into doing that custom for myself.
<PC_Nerd> thanks
<fruchtix> good luck
<soren> PC_Nerd: Really... The best method would be to *really* find out what you need the data for and how you intend to use it.
<fruchtix> soren: i think the problem is that he does not have much of an overview yet
<soren> PC_Nerd: I honestly doubt that you'll be spending much time actually looking at the output of stuff like "free" and "df".
<soren> It's really not very useful.
<fruchtix> the situation is a bit like a young man who wants to build a house without knowing how to carry a stone
<PC_Nerd> ok
<fruchtix> and trust me, you need to carry lots of stones to build a house
<soren> PC_Nerd: It's hard to help and guide with such vague requirements. What I've gathered so far is that you want to "look at stuff" and "do stuff with it".
<soren> Oh, and it must be lightweight.
<PC_Nerd> basically - its sort of like a live control panel - i only have ssh access to the server (as in most cases I would assume) - thus instead of being able to simply view the system resources through a gui..... i want to be able to place that online....
<PC_Nerd> I guess I havent investigated nagios extremely closely... but my understanding is that it is fairly bulky?
<fruchtix> there is not much understanding, i can see that
<soren> "live control panel" is exactly "I want to look at stuff and do stuff with it".
<PC_Nerd> * the "do stuff with it" be external to the system, for example ill end up tailoring it to monitor speciic details about a given list of proccesses - and should they need shutting down i have to do that through a speperate control panel et.c
<soren> "specific details" is -- somewhat ironically -- really not specific at all.
<fruchtix> PC_Nerd: let me guess, somebody told you "using nagios is uncool because its bloated" and you depend on such statements a lot?
<Koon> PC_Nerd: well nagios adds something important, which is defining what abnormal behavior is. Which points us back to soren's question.
<Koon> if the final idea is to get alerts on abnormal behavior, then nagios is better than a web-based memory usage list
<PC_Nerd> im not trying to isolate and find abnormal behaviour - just monitor behavior full stop - so that I can decide what is abnormal and take action on it ( stop the proccess, restart apache, whatever)
<fruchtix> cpanel and similar
<soren> At this point, I don't even know if he wants qualitative or quantitative monitoring.
<PC_Nerd> whats the difference between the 2... ?
<soren> It's difference between answering either/or sort of questions vs. "how much" sort of questions.
<fruchtix> PC_Nerd: did you ever google for "ubuntu graphical system monitoring" and spend more than 30 minutes with the results?
<soren> E.g. "Am I close to being out of memory" vs. "how much memory do I have available?"
<fruchtix> that could be a good training for the monitoring job
<PC_Nerd> ok.....  im running 8.04 server, and I want to replicate a very basic implementation of the desktop's "System Monitor"... but as a web based control panel.....   I dont want it to make any decisions on what is normal behavior - or take any action.  its simply a web implementation of the desktop program.
 * fruchtix goes AFK for lunch
<soren> PC_Nerd: Is that "gnome-system-monitor"?
<PC_Nerd> yes
<PC_Nerd> i guess at the momen its easier to:
<PC_Nerd> write the daemon to get a constant flow of data - write to file, web interface to read form data and proccess into the page - which I can do myself fairly easily
<Egonis> I was hoping to deploy a Ubuntu Server w/ a GNOME Desktop environment for remote development -- is it possible to use something similar to Terminal Server for Ubuntu so that multiple users may have active remote logons from Windows PC's?
<Kamping_Kaiser> that probably counts as an #ubuntu question, but vnc is usually suggested
<soren> Egonis: GDM, X, VNC, GNOME and such are all off-topic for this channel. You want a desktop related help channel, or perhaps ltsp related.
<Egonis> soren: Thank you
<soren> Egonis: Any time :)
<soren> Oh.
<soren> He buggered off.
<kirkland> nijaba: ping
<Adri2000> anybody knows if mathiaz will be here today, later this week, or if he's away?
<zul> he probably will be on later today
<Adri2000> ok, thanks
<fruchtix> Adri2000: is he a famous admin? :)
<Adri2000> fruchtix: I just need him for an upload :)
<fruchtix> :P
<olavimmanuel> Hello. My web server cant be visited... it opens a popup asking for username and password
<olavimmanuel> apache
<soren> olavimmanuel: Then you must have configured it to do so. Knowingly. It's really not something you do by accident.
<olavimmanuel> well, how come i haven't modified my apache settings and it still asks?
<olavimmanuel> i added proftp and set it up with tls/ssl and edited hosts to my dns adress...
<AnRkey> olavimmanuel, u going through a proxy perhaps?
<olavimmanuel> the site works without any prompt for me... its others it asks...
<soren> ftp and apache have nothing to do with each other.
<olavimmanuel> no, no proxy
<AnRkey> i agree with soren on this one, proftp and apache dont even share the same directories for config files so it's not that
<soren> I'm guessing you're not all really accessing the same server.
<olavimmanuel> i know... thats why i dont understand what happend. permissions are drwxrwxr-x on all files
<AnRkey> was my next guess
<soren> Perhaps DNS's resolving differently, NATing..
<AnRkey> tracepath it and see
<olavimmanuel> ok, will try...
<AnRkey> ciao all, gotta go feed my son :)
<fruchtix> olavimmanuel: or did you install multiple services and tools in one row and one of these tools adds some sort of proxy layer or adds security measures?
<fruchtix> olavimmanuel: or is that a modified version of ubuntu that was pre-installed by a hosting provider?
<olavimmanuel> maybe... i did that trying to install tovid
<olavimmanuel> no
<fruchtix> olavimmanuel: have a look at the dpkg.log in /var/log and see if there is a package installed that restricts the access to the web server. a php framework could try to do that also
<olavimmanuel> ok, will do...
<olavimmanuel> running tracroute here and there now..
<fruchtix> olavimmanuel: i dont think you get much useful data from a traceroute. i would compare your apache configuration against the default configuration
<fruchtix> olavimmanuel: and browse your web root for files like ".htaccess" and such
<olavimmanuel> done that... nothing there
<fruchtix> and make sure you follow the sym links in the web root to its origin and check there too
<olavimmanuel> i have no symlinks yet
<fruchtix> then i would "xxdiff" all apache config files against the corresponding file from the original apache package to see what changed
<olavimmanuel> the other person uses a proxy to the ip the server has... maybe a localhost restriction..?
<fruchtix> that would not be default behaviour
<olavimmanuel> traceroute to xxx.gotdns.com (ip), 64 hops max, 40 byte packets
<olavimmanuel> 1  xxx.customer.lyse.net (same ip)  1.734 ms  1.272 ms  1.244 ms
<olavimmanuel> that was her traceroute... ill check with xxdiff now
<fruchtix> hang on, just to make sure
<fruchtix> the IP of the server's internet interface is matching the IP your friend gets from gotdns?
<olavimmanuel> jes
<olavimmanuel> *yes
<fruchtix> okay, not that you waste your time :)
<olavimmanuel> ?
<fruchtix> some people forget to update the dynamic name service or configure it wrong. so when the IP of the server changes the DNS entry points to the old IP
<fruchtix> i was guessing you were past that check when i jumped in the conversation
<olavimmanuel> ok :P no, i made sure that it would update every 10 and tested it :) still have access here :)
<olavimmanuel> =dyndns has the correct ip
<fruchtix> very good, so we take the next step and see who bad thing fiddled with your apache config without asking you first
<olavimmanuel> could you try the page? http://oib.gotdns.com/index.html
<olavimmanuel> if it works for you it has to be a localhost block. perhaps the router?
<fruchtix> works fine, shows the default page "Welcome"
<fruchtix> oh
<fruchtix> me silly forgot to ask for that, your friend is on the local network? :)
<olavimmanuel> mhm
<fruchtix> oh no
<olavimmanuel> ?? the router?
<fruchtix> i am sorry. should have asked that ages ago
<olavimmanuel> np
<fruchtix> your friend needs to use the lan IP not the internet IP in that case
<olavimmanuel> you suffered as much as i
<olavimmanuel> ok. will tell her :p Thanks a ton! :D
<fruchtix> otherwise you need post- and pre-routing setup in that way so the data packets can travel from the LAN to the Internet and back to the LAN. which is very unlikely to work with most hardware routers
<olavimmanuel> Ok. Great fruchtix. Thank you!
<fruchtix> olavimmanuel: welcome :)
<geekboxjockey> I have several Ubuntu 8.04.1 VMs running on 8.04.1. When I run xm shutdown (domain name) the console output shows a shutdown sequence and then halts without completely "turning off" and disappearing from the xm list listing. (it state is 's' indefinately unless i run xm destroy)
<geekboxjockey> How can I fix this so that xm shutdown completely shuts a  VM down and removes it from the listing?
<geekboxjockey> i tried adding the apm power_off=1 to /etc/modules as some sites list as a solution to this issue but it did not fix this issue.
<Fenix|work> Greetings...
<Fenix|work> ... a quick quesiton.  user accounts stored in /etc/passwd would be authenticated using a PAM module correct?
<nicetry> I'm going to create a virtual machine running 8.10 server with lamp, what are the minimum hd and ram allotments I can get away with?
<geekboxjockey> I'm running an apache2 vm and a mysql-server vm, each has about 512mb ram, db is 40gig, webserver is 20gig
<geekboxjockey> the hdds are only at about 10% use right now
<geekboxjockey> depends a lot on your application though
<geekboxjockey> how many users accessing it, etc
<nicetry> I'm bascially testing the waters, going to try running open-audit on it
<geekboxjockey> both vms are the minimal debootstrap-ed installs of 8.04 @ just under 500mb OS footprint
<geekboxjockey> i think for testing you could get away with less than 512mb of ram,
<jmedina> Fenix|work: actually not only a module, but yes, pam_unix.so is the one
<geekboxjockey> hdd size is really personal preference
<Fenix|work> jmedina, I was thinking about using PAM auth for Apache, and would require an Apache module... so that's where module comes from.  Thanks :)
<nicetry> both vms are the minimal debootstrap-ed installs of 8.04 @ just under 500mb OS footprint
<nicetry> sorry, didn't mean to paste that there, I was trying to google what you ment by deboostrapped
<geekboxjockey> its an installation method
<geekboxjockey> basically pulls a minimal command-line based system down from the ubuntu repositories
<geekboxjockey> on sec
<geekboxjockey> one*
<geekboxjockey> http://www.howtoforge.com/ubuntu-8.04-server-install-xen-from-ubuntu-repositories
<geekboxjockey> it should be similar for 8.10
<geekboxjockey> nicetry: thats where i figured out how to do the basic xen VM installs (its a lot less intimidating after you go through it once)
<geekboxjockey> also you might want to apt-get remove network-manager (it tries to assign a dhcp address to the network bridge 'device' xen creates) otherwise your vms may not get network connectivity
<nicetry> ah
<geekboxjockey> if you are using the bridge network xen config (default)
<nicetry> I've already setup vmware on the 8.10 server thats on the box
<nicetry> Now I'm attempting to create vms on vmware one of which will be another server
<geekboxjockey> ah ok, sorry, disregard that im in xen mode, lol
<geekboxjockey> hopping between here and ##xen, my bad
<nicetry> haha, its cool. I'm really just feeling out how small I can make ubuntu.  I found this http://www.howtoforge.com/minimal-ubuntu-8.04-server-install which is for 8.04 and uses a desktop cd to install a minimal server, which is interesting
<geekboxjockey> I did the same for my xen VM host (8.04.1). There are .seed files on the Ubuntu discs, not sure of the exact location, but you can search for them,
<geekboxjockey> they are referred to in the command you launch from the boot menu of the installation disc
<geekboxjockey> so you can change desktop.seed or whatever to cli.seed and that basically does the command line only installation
<geekboxjockey> I had to do it that way because for some reason there was not another visible method for doing a command line only install from the "alternate" cd
<uvirtbot> New bug: #333481 in dhcp3 (main) "dhcp client can't receive an ip address" [Undecided,New] https://launchpad.net/bugs/333481
<nicetry> I see, so you followed a similar path to one in that howtoforge link?
<geekboxjockey> yup for the vms, I'm just not sure how similar the process would be for vmware
<Deeps> 3 interfaces on my ubuntu router; atm0: usb adsl modem, eth0: lan, eth1: second lan connected to second adsl line with some generic soho adsl modem/router
<Deeps> both adsl lines are with the same isp
<Deeps> transfers from atm0 to the router get a full 600k/s, transfers from the second line via eth1 also get full speed to the router
<Deeps> transfers from atm0 to clients on eth0 tend to be slower, ~300k/s per thread max
<Deeps> transfers from the second line on eth1 to clients on eth0 dont have such issues
<Deeps> i take that back
<Deeps> transfers from the second line on eth1 to clients also seem to be limited around 300k/s per thread
<Deeps> suggests the issue may be on the router
<SerWou> Hi
<KillMeNow> Howdy
<SerWou> Got a problem : "unknown keyword "map_static=/etc/.."
<SerWou> I want to share NFS between my linux box and another one with different UID/GID
<KillMeNow> i assume you're using Ubuntu?
<SerWou> yep
<SerWou> ubuntu-server
<KillMeNow> http://letmegooglethatforyou.com/q=using+NFS+Ubuntu
<KillMeNow> sorry, that won't help you
<soren> SerWou: Which nfs server are you using?
<SerWou> nfs-kernel-server but I've tested nfs-user-server but it seems to not export anything at all
<KillMeNow> http://letmegooglethatforyou.com/?q=using+NFS+ubuntu
<soren> I don't think map_static works with the kernel one.
<KillMeNow> there that would work better
<SerWou> thanks KillMeNow : already googled
<KillMeNow> ahh...  k
<soren> How exactly to they address the specific problem of the nfs server not knowing map_static?
<soren> Err..
<KillMeNow> usually ppl who come in and say "How do i...." haven't googled
<SerWou> Well, is there another solution instead of map_static
<SerWou> remote uid/gid is : 501/20 and I want to map to 1001/1001
<soren> KillMeNow: If you're going to teach folks to google for solutions to their problem, you might want to actually include some search terms from their question.
<SerWou> missing "unknown keyword map_static" for example
<KillMeNow> sorry, having a rough and frosty day today...  probably shouldn't be taking it out on ppl in here
<soren> You can either use the up/down-call mapping mechanism from nfsv4 or go with the nfs-user-server, afaics.
<geekboxjockey> that site is golden btw, site of the day! (letmegooglethatforyou.com)
<SerWou> hold on, man export should say more about uid/gid mapping
<soren> It does.
<KillMeNow> http://www.scribd.com/doc/2329085/The-Linux-Network-Administrators-Guide
<KillMeNow> page 294
<KillMeNow> has some info about the exports file and UID's
<KillMeNow> not sure if it's a big help, but hopefully it does
<SerWou> ok, thanks, let me chec
<AnRkey> how many append lines can i have in my menu.list file?
<KillMeNow> you referring to GRUB?
<soren> AnRkey: Per boot entry? I'm going to guess just one.
<AnRkey> ok thanks
<AnRkey> i am going to throw this box through the wall
<SerWou> hehehe AnRkey
<AnRkey> fighting the good fight with a pxe and preseed.cfg  setup
<KillMeNow> ahh, sounds like too much fun AnR
<KillMeNow> i've only played with pxe on windows deployment stuff
<AnRkey> KillMeNow, i am the master in that department, my kungfu is strong in the RIS, ghost and sysprep department
<AnRkey> i have a problem.... i cant stop automating things :)
<KillMeNow> LOL
<KillMeNow> cool...  i've been wanting to grab an image of my windowsXP box
<KillMeNow> not much documentation out there - well good documentation that is - describing how to do it
<AnRkey> i know, i almost died on that project
<KillMeNow> and i thought MS now calls RIS - Windows Deployment Services after SP2
 * AnRkey remembers his fallen brothers in arms
<KillMeNow> LOL
<AnRkey> at least ubuntu/debian has loads of documentation
<KillMeNow> lots of stuff on "How to" for Vista - squat for WinXP
<KillMeNow> yub yub
<AnRkey> vista has some awesome imaging thingy that i read about a while ago
<KillMeNow> course i am not a fan of vista
<AnRkey> never tried it though
<AnRkey> vista is the reason i switched everything to ubuntu
<AnRkey> pluss i saved myself tons of cash when i set my business up
<AnRkey> pluss now all i do is linux work :)
<AnRkey> funny how things change
<KillMeNow> heh yep
<KillMeNow> it's too hard now to know both environments really well
<AnRkey> well that's what worried me, now i don't care because most of my work is going to be asterisk pbx work
<KillMeNow> LOL...  yep, that's alot of my work lately as well
<AnRkey> i'm tired of EUs
<KillMeNow> in fact i'm beating my head against the table right now to get a FOP panel to work on a separate server that will monitor 6 asterisk boxes
<AnRkey> sounds fun
<KillMeNow> got apache installed and working properly...  now it's just to figure out all the flash operator planel configs and such
<AnRkey> the guy i am doing this preseeding for is doing a 22 site asterisk rollout
<KillMeNow> asterisk roxxors my soxxors
<SerWou> I think rpc.ugidd should do the trick but still looking for an howto
<AnRkey> damn!!! looks like i am going to have to switch back do my working kickstart config instead for 2mrw, cant get this friggen preseed to work properly now
<AnRkey> bah
<methods> are some of the offensive fortunes like encrypted ???
<uvirtbot> New bug: #333575 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: subprocess pre-installation script killed by signal (Broken pipe) " [Undecided,New] https://launchpad.net/bugs/333575
<LH[> thank god I dont use mysql just yet :P
<domas> why? :)
<LH[> idk it says bug I guess its a bad thing
<domas> just the package... ;-)
<mark> it's a bug in ubuntu! so ubuntu must be a bad thing...
<LH[> so its not the end of the world just yet
<LH[> mark yes I just removed ubuntu
<LH[> thanks for your concern
<mark> :)
<domas> =)
<LH[> so fellas
<methods> does the forutne command have the ability to convert rot13?
<hads> fortune | rot13
<methods> i dont have a rot13 command
<hads> You should get one.
<methods> well i have one now
<fruchtix> awww, i just prepared a nice lecture on "what is a bug" for LH[
<methods> but still... won't that break non rotted fortunes
<domas> 'apt-get install bsdgames'
<domas> this reminds me, how much time I've spent in slackware's /usr/games back in '95ies
<domas> games floppies were most valuable asset
<fruchtix> domas: haha, you old fart :P
<fruchtix> did you also play the telnet based multi user dungeons?
<domas> thats what my boss did
<fruchtix> for a few months i only stopped playing to sleep, get food or buy smokes
<methods> yea but if I'm not in the offensive directory then 'fortune limerick' for instance says no fortunes found
<fruchtix> like the inventors of the game planned to create the perfect addiction
<oh_noes> hello, anyone got a second to help with a ubuntu mirror (apt-mirror) problem?
<methods> doesn't seem like i need top pipe it to rot13 after its installed
<oh_noes> when clients hit my mirror, most things work except repository fails with a GPG error
<oh_noes> W: GPG error: http://ubuntu.company.com hardy Release: The following signatures were invalid: BADSIG 409636EEF435D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<oh_noes> I have a thread here with full details if someone could be so kind to take a look:  http://forums.overclockers.com.au/showthread.php?t=758220
#ubuntu-server 2009-02-24
<jmarsden> oh_noes: Does   sudo apt-key list    # show that key as being trusted by apt?  Should it be trusted?  That doesn't seem to be a key output by    gpg --keyserver keyserver.ubuntu.com --search-keys ftpmaster@ubuntu.com
<oh_noes> jmarsden: hey thanks for the reply. No it doesnt list the key
<oh_noes> it's an internal mirror I'm trying to setup, so all my linux servers can sync to it (save bandwidth/downloads)
<oh_noes> it uses to work, and for the most part, an apt-get update works, excepts that line which fails
<jmarsden> So either there is a file in your repo that is corrupted, or else the key is good and you need to grab a copy of the key and add it using apt-key
<oh_noes> I think a file is corrupted, but how do I double check the key isnt the problem?
<KillMeNow> i think you can flush your cache repo and start over again
<oh_noes> my apache2 server on the mirror/local repo, isnt running https or anything ... just using apt-mirror and apache2/http
<jmarsden> Can you find that key on a trustworthy keyserver somewhere and obtain a copy and then import it using apt-key add ?  If that works, the key was the issue; if not, a corrupted file was probably the issue.
<jmarsden> I'm suspecting the second is closer to reality, since my    gpg --keyserver keyserver.ubuntu.com --search-keys ftpmaster@ubuntu.com    command does not show such a key.
<oh_noes> what do you mean by keyserver? My ''local mirror repo' is *just* inhouse, internally for my LAN.
<jmarsden> keyserver: Server with lots of GPG keys on it :)  Ubuntu packages are signed with keys whereever they are...
<jmarsden> The one I use for Ubuntu stuff is keyserver.ubuntu.com ... see command above
<jmarsden> See https://help.ubuntu.com/community/GnuPrivacyGuardHowto for creating a key and uploading it to a keyserver... not what you want here, but it may help you understand what a keyserver is :)
<twb> jmarsden: ftpmaster sounds like a Debianism... could it be that his mirroring software is trying to use the wrong key because it hasn't been ubuntuized properly?
<jmarsden> twb: No, there are keys that have the ftpmaster@ubuntu.com address, but none have the fingerprint he lists.
<twb> OK.
<jmarsden> Doing     gpg --keyserver keyserver.ubuntu.com --search-keys ftpmaster@ubuntu.com     shows what the "real" keys are, as far as I know.  I'm not a GPG expert though.
<oh_noes> thanks
<oh_noes> *reads quickly up on GPG keys*
<oh_noes> so let me ask this ... if you setup a local repository apt-mirror of "us.archive.ubuntu.com ... then you point a client to this local server
<oh_noes> the client still only needs the original default keys shipped with ubuntu right?
<oh_noes> It doesnt need to import any special keys from the local mirror, because the local mirror is only providing a copy of the software
<jmarsden> Right, you shouldn't need any new keys just because you are making a local mirror.
<oh_noes> jmarsden: thanks ... so back to my original question, the problem can't be key related..? Is that correct?
<jmarsden> I don't know.  If you are running Hardy and mirroring hardy software, then I think you are right... but if you are mirroring newer stuff (say for Jaunty) then maybe you need a newer key?
<jmarsden> It might be good just to verify the signatures of all your mirrored packages and see if any fail the check?
<fruchtix> cjwatson: how about you reply to my private message or do you try to force me to take it 1 level further to the irc council?
<fruchtix> privmsg: <cjwatson> I do not intend to reply further
<fruchtix> that means i am going to write a blog article about the whole situation
<fruchtix> and i will be happy to mention your person, your name and your role here on irc
<fruchtix> when some people think they can go and infect the ubuntu community with the poisoned spirit of the debian people its about time we do something against it
<oh_noes> jmarsden: yeah thats why I'm a tad confused.  Im running hardy, mirror hardy and supplying hardy updates to end users.  It's definitely something on my server end.
<oh_noes> jmarsden: right now I'm doing a apt-mirror against a new official mirror, incase the mirror itself is the problem.
<jmarsden> oh_noes: Then my guess is that you have a corrupted file somewhere.  Hmmm, OK. Maybe just mirror some small portion of it to start with?
<oh_noes> jmarsden: you mean, re-mirror the hardy-security 'multiverse' URL which seems to be failing?
<oh_noes> How do I do that?
<jmarsden> Edit /etc/apt/mirrors.list to only mirror that one repository?  Maybe delete everything in your local copy of that repo and then do that?
<oh_noes> Thanks I'll try your second suggestion
<oh_noes> jmarsden: one interesting thing I found about apt-mirror is that, if you configure it to use two or more official repos to mirror against
<oh_noes> I'm not sure, or it's not documented how to combine them into a single local mirror to share to my clients.
<oh_noes> Maybe my config is wrong, but apache2 is serving /mirror/mirror/isp1.mirror.com
<oh_noes> but if I add a second official repo, isp2.mirror2.com, it'll just create another dir, and another 30G or so at /mirror/mirror/isp2.mirror2.com *and* my apache is still serving from the first dir
<jmarsden> apt-mirror can't really be expected to know that the two repositories are "the same", can it?  So it does what you asked, it mirrors each of them, independently.  I think that's how it is supposed to work.  The /mirror/mirror/ thing feels odd, but that's probably just the way you chose to configure it.
<oh_noes> so it's not expected behaviour, for a local mirror to use 2 or more official repos to sync from?   Into a single mirror for a local LAN?
<jmarsden> I don't think so; pick the closest or most reliable one.  I'd have to read the apt-mirror docs and/or code to be sure, but I don't think that is common usage.
<jmarsden> I have an intrepid mirror here using apt-mirror, but I've never tried to have it pull from two different remote sources into one "consolidated" local copy.
<oh_noes> yeh I didnt think so either.
<oh_noes> which begs the question ... how does one 'guarantee' the status of the local mirror he/she is syncing from?
<oh_noes> What is a reliable local mirror is no longer any of the above
<jmarsden> You can't.  You can guarantee that all signed packages with valid md5sums and valid signatures are "official" and un-tamptered-with, but not how up to date they are.
<oh_noes> ie.  my case.  how does one confirm his mirror matches that of an official ubuntu mirror without downloading the entire 30G+ again
<oh_noes> jmarsden: yep that makes sense, and when you say it in that context it shows the importance of GPG signatues and keys
<jmarsden> download just the Release file and compare those?
<cjwatson> /dists/*/Release.gpg is signed, /dists/*/Release has checksums of Packages and Sources files, Packages and Sources files have checksums of pretty much everything else
<cjwatson> so you can trace everything from that
<oh_noes> Ok, I'm think I'm on the right track now
<oh_noes> so if a client doing apt-get update, gets this error: com/ubuntu/dists/hardy-updates/main/binary-i386/Packages.gz  Hash Sum mismatch
<oh_noes> I'm going to compare my Release file, agaisnt the actual Packages.gz file with md5
<cjwatson> right. sometimes this kind of thing can happen if you sync in the middle of an upstream mirror push (you have to get fairly unlucky, but it can happen, especially when transparent proxies are involved)
<cjwatson> turn off web proxies as far as possible (or get apt-mirror to send Pragma: no-cache etc., if that's possible) and force a resync
<oh_noes> cjwatson: thanks, by force a resync do you mean just run apt-mirror again?
<oh_noes> I've done that, it downloaded the new index files, then processed them, and said everything is fine.  0 to download, and 0 files to delete
<cjwatson> I'm afraid I'm not familiar with apt-mirror (I use debmirror myself) so I was just speaking in general terms
<oh_noes> (by delete, I mean 0 files that can be cleaned up by clean.sh)
<owh> Is anyone aware of an appliance or .iso that boots a PXE server, so I can boot a workstation and run the installer? I really don't want to install all manner of extra daemons on my workstation, nor do I want to build a server, install the pxe bits, and then finally after several hours actually install the workstation in question.
<KillMeNow> nope.
<KillMeNow> the workstation you have not accept PXE or CDRom?
<owh> Only accepts PXE, CDRom isn't playing, doesn't boot from USB, very borked.
<KillMeNow> ugg
<owh> The scary thing is that I built such a beast last year before I blew away my VMware crap - now I wish I hadn't :)
<KillMeNow> heh
<KillMeNow> pity you didn't save the VM on a DVD or CD
<owh> 't was nice too, JEOS server, all pretty, small etc.
<owh> I'm hunting through the archives, and it may still live on my backup media, but a download would take less time :|
<foomanshoe> Anyone using Simplifymedia server to share music to iphone?
<foomanshoe> http://www.simplifymedia.com/linux-server.html
<foomanshoe> I have an init.d script that simply just calls the startserver.sh, however for some reason the simplifymedia server will not start properly unless it starts under a user account. How do I execute a command via init.d using another user?
<oh_noes> is it possible to create an OVF with vmbuilder?
<meoblast001> hi
<meoblast001> how is everyone today
<foomanshoe> ok
<foomanshoe> wish i could figure out simplifymedia
<foomanshoe> you?
<meoblast001> foomanshoe: wish i could get inspircd to work
<meoblast001> foomanshoe: everyone who is trying to help me is blaming the ubuntu packagers
<meoblast001> saying it is buggy
<foomanshoe> lol, maybe it is buggy
<meoblast001> foomanshoe: idk maybe i need to shoot myserlf
<foomanshoe> servers make me feel that way too
<meoblast001> foomanshoe: this is a happy birthday present from hell
<jmarsden> help /connect
<jmarsden> meoblast001: inspircd "works" out of the .deb for me here (Ubuntu 8.10 64bit) -- as in I can edit /etc/default/inspircd and then start it and connect to it.  "Works" for a minimal definition of works...
<meoblast001> jmarsden: does it allow you to connect more than 1 user from 1 ip?
<meoblast001> jmarsden: i have reasons i need to do that
<meoblast001> bots and such
<jmarsden> I've not tried that.  You said "wish i could get inspircd to work"... I tested it, it works... I only have it on a local desktop machine here...
<jmarsden> let me check multiple local connections to it...
<meoblast001> jmarsden: ok thanks
<jmarsden> Yes, looks fine here... what symptoms are you seeing?  I just connected as jm1 and jm2 and they can each see the otehr one in a #junk channel...
<meoblast001> jmarsden: the bot won't connect at all... and i got 2 clients on my laptop to connect but the third was refused a connection
<jmarsden> Any errors in /var/log/inspircd.log ?  When the bot "won't connect" what is the actual error message you get back?
<meoblast001> jmarsden: a more complex (time and date and such) version of "Connection Refused"
<tsrk> What does ctrl-T do in the command line?
<jmarsden> tsrk: swaps last two typed cahracters, usually used after you typo something.
<jmarsden> meoblast001: I think you just need to configure inspircd to allow more users in the relevant class?
<meoblast001> yeah i did that
<meoblast001> uped it to 15
<meoblast001> does nothing
<tsrk> I typed "cp ..." and that command was running while I accidently hit ctrl-t
<tsrk> did it do anything?
<jmarsden> meoblast001: you restarted it after the change, right?  Hmmm.  well, I have to go AFK for a while, may be back later.
<jmarsden> tsrk: Almost certainly not.
<meoblast001> i'll run a full system restart just for s&g's
<tsrk> jmarsden, almost certainly?  any way to find out?  i can redo the copy if necessary, but it's really important files so i'm worried it did something
<tsrk> is it worth redoing the copy or should i be ok?
<jmarsden> tsrk: You'll be fine.
<tsrk> jmarsden, ok, good :)
<meoblast001> jmarsden: my server is now unconnectable :P
<meoblast001> :(
<meoblast001> jmarsden: would you like to help me?
<jmarsden> I can try... so if you do    /etc/init.d/inspircd start    #  What happens?  Does it start the ircd ?
<meoblast001> jmarsden: yes... it is started
<jmarsden> OK.  If you do   netstat -ntlp | grep 6667   # do you see it sitting there listening on port 6667 ?
<meoblast001> let me check
<meoblast001> jmarsden: although i'm connected to the server
<jmarsden> ? You just said it was unconnectable... ?
<meoblast001> jmarsden: that's the catch
<meoblast001> jmarsden: i have a bot and myself connected to it right now
<meoblast001> jmarsden: if anything else tries to connect on irc.mysticgalaxies.com, it won't permit it
<jmarsden> Are you seeing anything in its logs when that happens?  In /var/log/inspircd.log maybe?
<oh_noes> Slly questions, whats the difference between "deb http://mirror.internode.on.net/pub/ubuntu/ubuntu hardy main main/debian-installer restricted universe multiverse" and "deb http://mirror.internode.on.net/pub/ubuntu/ubuntu hardy main restricted universe multiverse"
<meoblast001> jmarsden: i'm not in debug mode.. should i go into it
<oh_noes> ie. what does main/debian-installer change in regards tp apt-mirror
<jmarsden> meoblast001: I'm not an inspircd expert, but you can try it and see if it gets you better info.  I think we;'ve already proved that inspircd does actually work, it just seems to need some configuration to work the way you want it to...
<jmarsden> oh_noes: why would you include main/debian-installer as well as main in the same list of parts of the repository??  One is (I think!) a subset of the other)
<oh_noes> jmarsden: I didnt, Im just cleaning up some sripts I inherited from an old sys admin :s
<oh_noes> I'm a Solaris guy, so learning ubuntu-server from scratch
<oh_noes> but thanks, I'll clean it up to just include main
<jmarsden> OK.  The definitions for deb lines are in man sources.lits I think, if you want to verify.
<oh_noes> thx, will do
<jmarsden> That should be   man sources.list
<jmarsden> meoblast001: Did you edit the globalmax and localmax parameters to the connect command in /etc/inspircd.conf ?  The defaults are 3 which seems rather low...
<meoblast001> jmarsden: on mine they are 15
<jmarsden> OK.
<jmarsden> And can you connect to the server with say 5 local irssi sessions:   irssi -c localhost -n somenick    ?
<meoblast001> jmarsden: one second... i'm rebooting hte machine so the boot order will turn everything back on correctly
<jmarsden> meoblast001: Why??  Linux is not windows... reboots are very very rarely needed...
<meoblast001> jmarsden: it's a faster, more error proof way to get the desireable results in this situation
<jmarsden> No, it is desirable to know what you are doing and avoid reboots... anyway... try it when you get the server back up :)
<meoblast001> its back up
<meoblast001> boots very fast cuz i have ubuntu
<meoblast001> jmarsden: since the bot connected at startup, Xchat can't connect
<meoblast001> i'll try irssi
<jmarsden> Xchat?  On a server??  Ubuntu server has no GUI in which to run xchat...
<meoblast001> oh no
<meoblast001> on my laptop
<meoblast001> jmarsden: on my loptop i get connection refused
<jmarsden> Test from the machine on which the ircd is running, the server ... get yourself some shells there and run irssi -c localhost -n somenick in each one... does it work?
<meoblast001> ok found the problem
<meoblast001> i can connect as many as i want on 192.168.1.100
<meoblast001> but irc.mysticgalaxies.com fails
<jmarsden> OK.  So is there a router between the server and the public Internet?
<meoblast001> jmarsden: yes.... and it is properly setup to forward
<meoblast001> or the bot wouldnt even get on
<jmarsden> And the router is capable of handling multiple simultaneous TCP connects to one port... you *know* this for sure?
<jmarsden> Sounds to me like you probably have a cheap home router and are blaming inspircd for its deficiencies...?
<meoblast001> jmarsden: it used to at least
<meoblast001> jmarsden: when i reinstalled my server after it's crash, it didnt buy me a new router as far as i know
<jmarsden> Can you get a second NIC into the server and use it to do routing/NAT for you and thereby bypass the hardware router?
<meoblast001> jmarsden: no
<jmarsden> OK, can you get a spare router to test with?  Or temporarily hook the server directly to your DSL modem and configure its one and only NIC appropriately??
<jmarsden> I don't think this issue is all that inspircd related at this point -- do you?
<meoblast001> jmarsden: no
<jmarsden> OK.  So that's progress in diagnosis, even if we have no quick easy fix... maybe you can grab a second NIC for the server tomorrow or something.
<meoblast001> jmarsden: what do you mean by second NIC?
<meoblast001> a second hardware network adapter?
<jmarsden> A second NIC, Network Interface Card.  Yes.
<meoblast001> jmarsden: i know where i can get a dial up one.... but i have no dial up subscription :P
<jmarsden> So you can route using Ubuntu instead of a SOHO router box.
<meoblast001> ahh ic
<meoblast001> jmarsden: i doubt it is the router
<meoblast001> jmarsden: it worked pre-crash
<meoblast001> my system went under a massive crash a few days ago
<meoblast001> a lot of data was lost due to me not backing up everything i need
<jmarsden> OK... then restore the inspircd config file from your backups and you should be all set.
<jmarsden> Ah...
<meoblast001> jmarsden: i prioritized a new backup system
<meoblast001> which i am about to update right now
<jmarsden> You can use free online disk storage for emergency backups, BTW... adrive or box.net or whatever...
<meoblast001> i made my own backup system
<meoblast001> jmarsden: it's pretty unique i think
<meoblast001> permits a maximum of 1 week of data loss in the event of super massive failure
<meoblast001> 1/2 a day in the event of normal to large failure
<meoblast001> it sends everything to a flash drive
<meoblast001> and i move it to my other systems once a week
<jmarsden> If your house burns down, how much will you lose??  Anyway... so last time you edited /etc/inspircd.conf, what else did you edit?
<meoblast001> jmarsden: if my house burns down... everything i REALLY need is on launchpad
<jmarsden> Except backups of /etc/inspircd.conf it would seem? :)
<meoblast001> jmarsden: well..... i wouldnt have a computer if the house burnt down
<jmarsden> You could get a virtual server elsewhere ... it's not a good backup scheme if it relies on a single physical location for all copies of data... anyway...
<jmarsden> do you have any idea what else you changed in /etc/inspircd/inspircd.conf ?
<meoblast001> jmarsden: my familyl is sort of poor... we have no other option
<meoblast001> jmarsden: i added the cgiirc plugin.. that's it
<jmarsden> Insurance money would get you the $15/month or whatever for a virtual server :)    But anyway... something does not add up... same hardware, same OS, used to work, does not work now... *something* is different.  Either the issue is the router or its configuration, or you have something strange going on in the Ubuntu box causing it to reject connections via the router... which seems rather unlikely...
<meoblast001> jmarsden: not exactly
<meoblast001> i used to use Ubuntu 8.04 Desktop (that i modded down to act like the server version)
<meoblast001> now i have 8.10 Server
<jmarsden> Shouldn't be an issue... you could test using netcat as a test server on some other port I suppose... nc -4l 192.168.1.100 6666  and set the router to forward that port too... then we can test connections from the outside to port 6666 ...
<jmarsden> Or you could stop the inspircd and do nc -4l 192.168.1.100 6667  so the test is on the same port...
<meoblast001> jmarsden: hmmm... i think i already tried that
<meoblast001> jmarsden: but i think i'm gonna take a break for the night.. i've been doing a lot on this
<meoblast001> thanks for the help though
<jmarsden> OK, no problem.
<uvirtbot> New bug: #333711 in dhcp3 (universe) "AppArmor profile for sbin.dhclient3 should handle connman" [Undecided,New] https://launchpad.net/bugs/333711
<Lokin> How do I add a python script to startup menu?
<Lokin> ?
<simplexio> wut is startup menu ?
<Lokin> if you mean to say "What is the Startup Menu"
<Lokin> Then the startup menu is a list of applications that load and launch on startup.
<PC_Nerd> um, trying to find a simple daemon to use to monitor and output network activity to a log file... at a specified time interval (I'm not 100% sure if I want it total per minute etc).... ill end up reading it into graphs &| a database.
<henkjan> PC_Nerd: have a look at cacti or maybe munin
<PC_Nerd> ty
<yann2> munin is nice but not very precise for network - just one point every five minutes, you may want something better than that
<yann2> depends on your needs though :)
<simplexio> PC_Nerd: vnstat does it
<PC_Nerd> yup, I'm mainly wanting to integrate this data into a custom control panel im writing - so ultimately i dont really want somethign like munin that uses a vhost on apache anyway.
<Deeps> mrtg / rrdtool
<simplexio> PC_Nerd: i recommend reading about /proc/ , there is tons of info from system if you know what to search
<PC_Nerd> ah - thanks will do
<simplexio> PC_Nerd: and /sys/  has info too, not sure where all stuff you need is in
<PC_Nerd> ok ty
<PC_Nerd> on the documentation page for vnstat  (on ubuntu.com) theres somethign about another program - which taks data from iptables.....
<PC_Nerd> um..... is ipac-ng still available for ubuntu 8.04 ? - its last listing in the repositories was for gutsy...?
<cjwatson> no, it was removed in Debian (at the maintainer's request; it wasn't being effectively maintained any more and had release-critical bugs), and we removed it for 8.04
<PC_Nerd> ok - so is there an equivilent replacement?   it seemed like the perfect tool for me
<cjwatson> that I don't know, I'm afraid
<Abracadabra> hi
<Abracadabra> quick, simple question
<kraut> moin
<Abracadabra> I need to install Ubuntu 8.04 LST server on a DELL PowerEdge R200
<Abracadabra> I have selected the download for 64bit version, but it downloads the amd64 CD image
<Abracadabra> Will this cause an issue on Xeon Processors ?
<Abracadabra> anyone ?
<simplexio> Abracadabra: im not sure..
<agentk> Abracadabra: Should be right from memory. You will get a failure message booting the kernel if it wrong though.
<simplexio> Abracadabra: try.. you dont loose anything, but i think that there is only i386 and amd64 (32bit for x86 and 64bit for x86_64
<agentk> Abracadabra: I'm running all my dell servers with amd64, but mine are all AMD Opterons.
<simplexio> Abracadabra: if xeaon are x86 compatible then amd64 is right choice
<Abracadabra> mine are Intel Xeon
<agentk> Abracadabra: How old is the machine?
<Abracadabra> I will try it anyway, I simply found it odd that it doesn't ask what processor type the download is for, and points to amd64
<Abracadabra> honestly, I do not know
<Abracadabra> it is a test machine I was given
<Abracadabra> I have not yet gone inside it
<_coredump_> Abracadabra, amd64 is for both intel and amd 64bit, except ia64 thats for itanium.
<Abracadabra> it is a quad-core though
<Abracadabra> ok
<Abracadabra> thanks guys
<yann2> mark > around?
<mark> yes
<yann2> I read wikimedia was deploying the new sun sans - wanted to know how well they were doing
<yann2> any feedback to provide? :)
<mark> sun sans?
<mark> we just have a few thumpers/thors
<mark> nothing fancy
<yann2> http://blogs.sun.com/jonathan/entry/open_storage_wins_at_wikipedia
<mark> bla bla ;)
<yann2> yeah? so you're not running any new SUN nas for databases and media?
<mark> we have 2 thumpers and 3 thors
<mark> they serve images over http/nfs, and (soon) article text storage in mysql
<yann2> sorry, what's a thumper? :/
<mark> a Sun X4500
<mark> Thor is the newer version
<yann2> x4500?
<yann2> k
<mark> a 4u box with 48 disks
<yann2> http://www.sun.com/storage/disk_systems/unified_storage/7210/  ?
<Deeps> http://www.sun.com/servers/x64/x4500/ at a guess
<yann2> Deeps > I was asking for thor :)
<yann2> mark > did you make your choice on the deal with sun or on performance?
<mark> both :)
<yann2> and - do they work well? did you get to compare with netapps?
<mark> we did not, and yeah they work well
<mark> we get nice performance out of them
<soren> Abracadabra: amd64 is for all x86_64 platforms.
<soren> Abracadabra: ...so both Intel and AMD.
<yann2> mark > so they are fine as sql servers as well... does the sysadmins of wikipedia have a blog? I am quite interested to read about technology deployment there
<mark> yann2: we have some personal blogs which are aggregated on http://en.planet.wikimedia.org
<mark> (amongst other crap ;)
<mark> but I don't think we've written about that at all
<yann2> mark > if at some point you're bored ;) we (other sysadmins) are more interested by on-site performance feedback than by the prose of sun's ceo :)
<mark> heh I know
<mark> domas writes a lot about that on his blog, http://dammit.lt
<mark> and some of our stuff is on highscalability.com
<mark> but we're rarely bored really, there's so much to do :)
<domas> HI!
<yann2> very interesting technical blog, thx for the link
<agentk> ditto
<domas> you are welcome!
<yann2> I got a question for you domas.. you write in your blog that zfs isn't ready to host innodb
<yann2> but a few lines earlier mark says you planned to use 7210 for the article database
<mark> not a 7210, a x4500
<yann2> although the 7210 is relying on zfs isnt it?
<mark> (which I think is the same hw)
<mark> but there only storage space, not performance is important
<domas> well, for text archival we don't really _need_ innodb
<mark> and it's myisam, yes
<domas> we could just store in filesystem, if we wanted
<domas> we don't even need SQL for article store :)
<mark> it's just convenient
<domas> replication and such
<mark> yann2: it's storage of old revisions of (e.g.) wikipedia articles
<yann2> ah, ok
<mark> those are almost never accessed anymore
<mark> so they're compressed in a smart way, and then stored for sporadic retrieval
<domas> mark: all revisions :)
<domas> just it doesn't matter much, as all new ones are cached at multiple layers
<mark> I know
<geekboxjockey> Quick Xen backup related question. I'm using .img files (a disk.img and swap.img per VM), I was wondering if copying the whole image file is the best route, (a 20gb virtual disk = 20gb backup file, regardless of space used).
<geekboxjockey> *I also plan on using rdiff or rsync on the file system for more frequent backups of critical files and directories
<dnperfors>  /quit
<Fenix|work> Greetings and Salutations
<ScottK> ivoks: I looked back in debian/changelog for Spamassassin and you had the very first Ubuntu entry way back in Dapper.  I was just able to file for a sync.
<ivoks> ScottK: hehe but amavis and clamav were bigger problems to integrate, so... kudos
<zim> hi all I am trying to get sound on one of my servers is there a howto on this?
<zim> I have installed alsa,alsa-tools and alsa-utils
<zim> also turned up the vol but still no sound any help would be great
<larswey> Could I have some help on this one? http://pastebin.ca/1345941
<zim> can apache read openssl/dh.h
<larswey> zim: got drivers for the soundcard?
<zim> larswey: alsamixer sees the card
<larswey> i dont know if apache can, i dont think that its what im trying to do
<larswey> ok
<Deeps> larswey: libssl-dev may be what you need
<larswey> as long as there is a speaker connected it should give sound
<larswey> thanks Deeps testing
<larswey> xml.h:9:19: error: expat.h: No such file or directory
<larswey> next error
<Deeps> larswey: http://packages.ubuntu.com/search?searchon=contents&keywords=dh.h&mode=exactfilename&suite=hardy&arch=any confirms libssl-dev
<Deeps> search contents of packages on packages.ubuntu.com to find what packages contain your missing files
<larswey> Okey, i'll try
<bguzzardi> zim: some soundcards have multiple mute settings, etc... make sure you're not muted in someplace sneaky (like headphone jack instead of speakers or similar)
<kirkland> yann2: ping
<kirkland> yann2: regarding your kvm networking issues
<yann2> hello kirkland
<kirkland> yann2: i have one possible fix for your networking problems
<kirkland> yann2: i have a test package for Hardy, and Jaunty
<kirkland> yann2: where can you easily reproduce this problem?
<kirkland> yann2: and test my test package?
<yann2> I was just thinking abuot moving my dev-server-host to jaunty :)
<kirkland> yann2: what is it now?
<yann2> hardy
<yann2> does your patch fix virtio or the default one?
<kirkland> yann2: it would affect both, i think
<yann2> I would be *very* interested if it fixed virtio - I am hoping of getting faster network performance by adding more cpus :)
<yann2> didnt manage to go over 150mbps at the moment
<yann2> but yeah, where is  your package?
<kirkland> yann2: https://launchpad.net/~kirkland/+archive/ppa
<yann2> thx will give it a try
<kirkland> yann2: kvm - 1:62+dfsg-0ubuntu9~ppa1
<yann2> is it a hardy+patches or a full new version of kvm?
<yann2> k
<kirkland> yann2: it's the hardy package, minus one patch
<kirkland> yann2: there's one networking patch in hardy's kvm that is quite clearly wrong
<yann2> ubuntu patch?
<kirkland> yann2: debian
<yann2> ok
<yann2> will test that now  :)
<yann2> does it shutdown all the vms if I upgrade kvm?
<soren> No.
<kirkland> yann2: it doesn't
<yann2> ok
<kirkland> yann2: however, you won't be testing the new one until you launch a new vm
<yann2> or restart one :)
<kirkland> yann2: or power down/up the one you want to test
<kirkland> right
<kirkland> yann2: i think you can't just reboot the vm
<kirkland> yann2: i think you'll need to shut it down, and launch it again
<yann2> assuming the guest supports rebooting ;)
<yann2> if you got windows xp/2000 guests to reboot that'd be interesting ;)
 * kirkland has absolutely no interest in xp/2000 :-)
<ivoks> bbl
<yann2> deb http://launchpad.net/~kirkland/+archive/ppa hardy-updates main  ?
<kirkland> deb http://ppa.launchpad.net/kirkland/ppa/ubuntu hardy main
<yann2> kvm_62+dfsg-0ubuntu7_i386.deb  is the one i am using atm
<yann2> W: Failed to fetch https://launchpad.net/~kirkland/+archive/ppa/ubuntu/dists/hardy/main/binary-i386/Packages.gz  The requested URL returned error: 40
<yann2> got this from your ppa
<kirkland> yann2: wget https://launchpad.net/%7Ekirkland/+archive/ppa/+files/kvm_62+dfsg-0ubuntu9~ppa1_i386.deb
<kirkland> yann2: then dpkg -i that
<yann2> riight
<yann2>  wget http://isos.thehumanjourney.net/solaris/sol-10-u4-ga-sparc-dvd.iso -O /dev/null
<yann2> 200mbits/sec on average
<yann2> better than before (the iso is also on a iscsi share given by the other vm, that may be limiting too)
<yann2> aaaaand it doesnt break, even with several cpus - that's the improvement I think
<Deeps> Resolving isos.thehumanjourney.net... failed: Name or service not known.
<yann2> kirkland > it may just be a small patch but it's actually *hugely* important
<yann2> Deeps > only local sorry ;)
<kirkland> yann2: are you confirming this kvm package is better?
<yann2> kirkland > I'll do some more tests but if it works flawlessly I'm a happy man. Always hard to spread kvm love when the network is broken :)
<kirkland> yann2: \o/
<yann2> kirkland > still testing....
<kirkland> yann2: please please please update the relevant bugs with your results
<yann2> will do
<kirkland> yann2: irc conversation is good fun, but it's gotta be in the bug or else my buffer overflows :-)
<yann2> np
<zim> bguzzardi: ty for the sound tip
<zim> it worked
<yann2> kirkland > how safe is it to put into prod?
<kirkland> yann2: there is literally one line of C difference between this kvm package and the one in Hardy
<kirkland> -    ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
<kirkland> +    ifr.ifr_flags = IFF_TAP | IFF_NO_PI | IFF_ONE_QUEUE;
<kirkland> yann2: that's the debian patch that was reverted
<yann2> quite safe then? :)
<kirkland> yann2: this flag,  IFF_ONE_QUEUE, we're quite confident is *wrong*
<kirkland> yann2: there's a chance that your execution path won't hit this, in which case we haven't solved your problem
<kirkland> yann2: and you're in no worse situation
<kirkland> yann2: on the other hand, if your execution path does hit this code, it's definitely doing the wrong thing
<kirkland> yann2: in which case this does solve a real problem (and perhaps *your* problem)
<yann2> kirkland > downloading a large file with virtio and several cpus usually killed a vm after a GB or so
<yann2> very randomly
<yann2> not sure if it hits smp only
<kirkland> yann2: and that has succeeded on the ~ppa1 kvm?
<yann2> just doing a loop to download 40GB
<yann2> with 3 cpus
<yann2> if it holds... ;)
<kirkland> yann2: k
<kirkland> yann2: i'll standby
<yann2> updated bug report and support ticket btw
<kirkland> yann2: if this succeeds, and you think it solves your problem, i'll start filing the SRU request to get this out to Hardy
<kirkland> yann2: which one?
<yann2> launchpad #332156 and support #3408
<uvirtbot> Launchpad bug 332156 in kvm "Network issues with hardy guests/hosts, using default nic and virtio" [Undecided,New] https://launchpad.net/bugs/332156
<yann2> I'll do more testing tomorrow with my bacula vm which was the "bad" one
<yann2> but so far it looks very good :)
<Izinucs> I just ssh's into my server and initiated a xinit -- :1 from TTY3.. then I did "startxfce4" to start the gui.. when it started it put the session on F10 and moved my current local gui session from F7 to F9.. Why did that happen?
<uvirtbot> New bug: #333977 in openldap (main) "package slapd 2.4.11-0ubuntu6.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/333977
<j0nr> hey all
<j0nr> i am trying to open graphical programs on my LCDTV plugged into my server ed.
<j0nr> where doo i start
<j0nr> ?
<ivoks> no Xorg on server
<j0nr> can i not add it? or am i just making it into a desktop install then?
<ivoks> right, then it's a desktop
<ivoks> and if you need desktop application, then you are asking on the wrong place :/
<ivoks> sudo apt-get install ubuntu-desktop
<ivoks> will get you ubuntu desktop, and you should try getting help at #ubuntu channel
<IcemanV9> i'm testing jaunty server in virtualbox. i cannot connect to the internet. i've been updating it via cdrom (20090223). i've been looking for the solution via google, ubuntuforums & launchpad. no luck so far.
<cemc> IcemanV9: how do you test if connected to the internet ?
<Adri2000> mathiaz: eta for samba upload? :)
<IcemanV9> aptitude update, ping -c3 <any website (google.com)>
<cemc> IcemanV9: if I remember correctly, ping doesn't work if the guest network is set up with NAT
<IcemanV9> cemc: /etc/resolv.conf  is there
<cemc> do you get an IP address (ifconfig eth0) ? default gateway? what's the host OS? firewall problem maybe?
 * ScottK waves to cemc.
 * cemc waves back to ScottK.
<cemc> ;)
<IcemanV9> cemc: it has finally worked. i just used full-upgrade command, then reboot. it seems the new kernel (2.6.28-8) did the trick. thanks for your help, though.
<cemc> not sure how that resolved it, but you're welcome :)
<IcemanV9> cemc: before the new kernel, i checked /etc/resolv.conf, ifconfig eth0, ufw (to be opened), different network card via virtualbox. no connection to the internet.
<IcemanV9> cemc: i've used -4, -6, -7 kernel. it seems -8 kernel fixed the internet connection. anyway, i can test it now.
<cemc> IcemanV9: http://www.virtualbox.org/ticket/181 you want to look at this too if you're using NAT
<IcemanV9> cemc: old bug ... so they won't fix it. alright. thanks.
<mathiaz> Adri2000: still on my todo list - I should get to the SRU soon
<KillMeNow> good afternoon eveyrone
<meoblast001> anyone here have inspircd? i'd hate to explain my problem if no one here does.... not too many people have it
<uvirtbot> New bug: #310913 in net-snmp (main) "net-snmp process hang on hardy" [Undecided,Incomplete] https://launchpad.net/bugs/310913
<jetsaredim> if I have a new ext3 filesystem created for some random data storage is there any reason to keep the reserved space (tune2fs -m)
<domas> jetsaredim: without reserved space "out of diskspace" will be way more random :)
<Deeps> jetsaredim: reserved diskspace is just to allow root processes to carry on writing
<JanC> jetsaredim: you can make it much smaller than the default if you want, but some reserved space is always advisable AFAIK
#ubuntu-server 2009-02-25
<oh_noes> If i suspect I have a corrupted local apt-mirror
<oh_noes> do I have to delete it and download he 26GB+ again?
<jetsaredim> JanC: any particular reason for this on a non-"/" drive?
<oh_noes> is there a command I can give to apt-mirror to do a crc/md5 against all files?
<jmarsden> oh_noes: Not to apt-mirror, but you can use find and xargs and md5sum to construct one yourself... but I'm headed out the door... back soon I hope...
<JanC> jetsaredim: I don't remember all the details (I read about it somewhere), but e.g. file system maintenance tasks (like fsck) might need that space
<jetsaredim> fair enough
<jetsaredim> seems a waste
<JanC> jetsaredim: and it helps prevent fragmentation too
<jetsaredim> 20G is a decent chunk
<oh_noes> jmarsden: yep .. already in the middle of a find | xargs md5 .. but doing 50G is slow :)
<oh_noes> I thought I'd ask while I wait.
<JanC> that's why I said to make it smaller  ã
<jetsaredim> JanC: you don't know of any "rules of thumb" for that do you?
<JanC> not really
<jetsaredim> fair enough
<techsupport> hi
<orudie> how to change the ip address in apache2 server ?
<orudie>  how do i change bound ip for apache2 in ubuntu 8.10 server
<orudie> by default, where does apache2 bind ip ?
<twb> orudie: probably somewhere in /etc/apache/
<tsrk> What's the "virtual machine host" option when installing ubuntu?
<twb> tsrk: ISTR kvm is the officially sanctioned way
<tsrk> ISTR?
<toxygen> hello, i would like to ask how is it with support of sparc64 in 8.04, should i upgrade from 6.06?
<toxygen> there is not much info on the web
<steelcityjim> is it possible to dial in remotely via ssh and view video files on your server
<Kamping_Kaiser> view video files located on the server? yes, theres a couple of ways you could try
<steelcityjim> is there a windows application available
<Kamping_Kaiser> no idea.
<steelcityjim> well im looking to be able to play movies from the server
<Kamping_Kaiser> we'll i'd mount it into my filesystem and play it like that ... but my OS supports sshfs ...
<steelcityjim> im able to log in remotely using filezilla and download files
<Yang1> has anyone heard of 2x application server?
<steelcityjim> but instead of downloading them i would prefer to view them from the server
<Yang1>  i am having some problems with parameters that im trying to pass and i was wondering if anyone would know
<steelcityjim> what does the Fs mean
<steelcityjim> file share?
<ScottK> vorian: http://xana.scru.org/xana2/ranticore/oldbdbsqueeze/ <-- Debian libdb maintainer.  Not the list and maybe there's hope.
<Myst> ok im having some problems with my IPtables... right now my server does not have internet access when i apply the rules... i am wondering if anyone knows what i need to set to ensure my server has internet
<Nytrix> anyone, how do i save a specific program that is already installed so i wont have to config everything all over again for another pc?
<Cyntek> Myst, hi!
<Myst> hey
<Cyntek> Im running ubu-server 8.10 and i have installed an additional NTFS HD as slave for extra-storage for my home-server, for File sharing accessibility. How can i get ubu-server to recognize the drive?
<Nytrix> why have it as ntfs?
<Cyntek> well, my family uses windows xp pro and they're going to be storing and file sharing.
<hads> If you're sharing it over the network it doesn't need/want to be NTFS
<Cyntek> im creating a Fiel Server for mainly Home Network for Media such as music and files.
<Cyntek> Really.
<Cyntek> i didn't know, just figured it would be so, since they are all running xp pro.
<Cyntek> so xp can recognize the network hard drive.
<Cyntek> So it does not have to an ntfs drive.
<Cyntek> what would be the best option ?
<Cyntek> format drive to ext3
<Nytrix> try http://www.cyberciti.biz/faq/mounting-windows-partition-onto-ubuntu-linux/
<Nytrix> hopefully that helps
<Nytrix> shows u how to do it through the terminal
<Cyntek> Alright, but is best to keep it as ntfs file system or convert it to ext3
<Nytrix> ext3
<Nytrix> then use samba to share between the windows machines
<Nytrix> or
<Nytrix> is everyone using the same machine?
<Nytrix> no right
<Nytrix> ?
<Cyntek> no.
<Nytrix> the workstations are xp right?
<Cyntek> each family members have there own computers.
<Nytrix> ok i guess it's best to format it to ext3 then use samba to share files
<Nytrix> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and http://help.ubuntu.com/ubuntu/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<Cyntek> alright, but is it best to keep it as ntfs or another file system, for this type of Server usage?
<Nytrix> well it is a linux server so use ext3
<Nytrix> since u cant seem to mount it, try to make it ext3
<twb> Don't forget to mount NTFS filesystems with -t ntfs3g, *not* -t ntfs.
<Cyntek> Nytrix, it is mounted.
<Cyntek> im able to view it.
<Cyntek> as ntfs
<Nytrix> great
<Nytrix> :)
<Cyntek> thanx
<Cyntek> when i run command: ls /dev/sdb5
<Nytrix> you will still need samba i think to be able to share over a network
<Cyntek> it shows up " yellow "
<Cyntek> Yes, i can do that.
<Cyntek> Nytrix, Thanks for the help
<Nytrix> i tried
<Nytrix> np
<twb> Cyntek: device files are coloured yellow by default, to distinguish them from files.
<twb> Cyntek: to look at the contents of the filesystem on /dev/sdb5, you need to call ls on the mountpoint (e.g. /media/data).
<Cyntek> hmm.
<Cyntek> Does this look right: http://rafb.net/p/sVC0Mq22.html
<llragsll> I have an ubuntu gateway hare through which all traffic goes. I need a way to monitor the data transferred through this machine. any suggestions?
<cemc> llragsll: ALL data?
<llragsll> yes...
<llragsll> I have been using munin to graph..ok..but it shows only the rate..
<llragsll> I want the total data going in and out...
<llragsll> any packages to do this?
<cemc> ah, you mean a byte count ?
<llragsll> yes
<llragsll> a byte count...say the amount of data transfered every day..with a global counter showing the entire amount of data transfered.
<llragsll> is there any packed doing this...I tht it would be something simple...l want the data tht is seen next to the n/w connection. data in/out
<Titan8990> phpsysinfo will do it I think
<Titan8990> let me check
<cemc> I found one called darkstat
<cemc> http://dmr.ath.cx/net/darkstat/
<Titan8990> llragsll, nope only total transfer from time up
<llragsll> hmm..ya..looks similar to munin
<llragsll> Titan8990, at least till time up is better...
<llragsll> but something persistent will be nice...there should be something definitely
<Titan8990> well, if you already have apache + php you can check out phpsysinfo
<Titan8990> if not, I would say its not worth setting up for that
<llragsll> ya I got lighttpd/php...it's setup for munin.
<llragsll> will bwm help
<llragsll> i am going thru it...
<cemc> if I recall correctly, bwm is some tiny monitoring software, like dstat, or iptraf
<llragsll> hey great...bwm-ng is the package...."It shows total of in and out as well as total of all Interfaces. Several different output methods are supported (curses, plain, csv and html). "
<llragsll> cemc,i guess iptraf will do to
<llragsll> thxl\ guys
<kraut> moin
<_ruben> which part is supposed to take care of starting md raid volumes? i created 2 raid volumes using mdadm, rebooted the box, dont show up
<cemc> _ruben: do you have a /etc/mdadm.conf file, or anything in it ?
<_ruben> nope
<_ruben> ah /etc/mdadm/mdadm.conf .. had missed it at first
<cemc> is there anything in it ?
<_ruben> http://paste.ubuntu.com/122751/
<cemc> and when you boot, there's nothing in /proc/mdstat?
<_ruben> nope .. doesnt even exist as no raid modules get loaded .. tried adding ARRAY lines to that config (based on a mdadm scan), doesnt help
<_ruben> hmm .. mdadm itself doesnt seem to autostart either .. strange
<cemc> what release are you trying this on ?
<_ruben> 8.10
<_ruben> the "funny" part is, i have 2 nearly identical boxes .. one works as it should, the other doesnt
<_ruben> hmm .. one difference, one's upgraded from 2.6.27-9-server kernel to -11 .. the working one was installed as -11 directly ..
 * _ruben senses a reinstall coming up
<cemc> ;)
<cemc> do you have autoraid on the partitions ?
<cemc> I mean the partition types
<_ruben> yes
<domas> holy crap, ubuntu just freaked me out
<domas> I was typing vgcr[tab] and it completed to 'vgcreate', I pressed [tab] once more, and it filled in existing volume group name, I pressed [tab] and it filled in device in it
<domas> this looked scary
<cemc> _ruben: the only thing I found is in /etc/udev/rules.d/85-mdadm.rules for starting up RAID
<cemc> domas: ubuntu iz smart :)
<domas> cemc: well, it was stupid
<_ruben> bashcompletion is kinda handy every now and then
<domas> cemc: I was creating VG, so reusing old name didn't work :)
<cemc> :))
<domas> and... it picked a device that was in VG already, while there was another unassigned one
<domas> but still
<_ruben> cemc: adding "raid10" to /etc/initramfs/modules did the trick
<cemc>  /etc/initramfs-tools/modules ?
<_ruben> which i had tried before, but the /boot partition seems to not be properly mounted always
<_ruben> uh, yeah
<_ruben> memory doesnt have autocomplete :P
<cemc> ;)
<cemc> you added raid10 so it loads the module when booting up
<_ruben> which isnt needed on the other node, there the mdadm hooks handled the inclusion of the raid10 module properly
<cemc> hm
<cemc> _ruben: maybe you should try adding the RAID device to /etc/fstab, remove the modules from the initramfs-tools/modules, and then update-initramfs, see what happens
<_ruben> cemc: it isnt listed on /etc/fstab on either boxes .. as the md's are exported over iscsi
<cemc> i see
<incorrect> I am setting up a local mirror,  i noticed that if i mirror from a 64bit server i only get 64bit debs,   I would like to get both 32 and 64
<soren> incorrect: How are you doing mirroring?
<incorrect> apt-mirror
<soren> Dunno then.
<oCean_> incorrect: think you have to add arch in sources.list
<incorrect> apt-mirror doesn't seem to use sources.list ?
<oCean_> incorrect: sorry. mirror.list
<oCean_> incorrect: hang on
<incorrect> set arch ?
<oCean_> like so I guess: http://www.howtoforge.com/local_debian_ubuntu_mirror#comment-3875
<incorrect> thanks!!
<subchee> hello all
<subchee> I'm trying to install a webradio on my Ubuntu Server 8.10
<soren> What's a "webradio"?
<subchee> web streaming radio
<subchee> I'd like to use Icecast2
<subchee> my problem is that with Ices2 it can only play .ogg files
<subchee> can somebody recommend something else instead of Ices2 to play .mp3 music?
<domas> you know mp3 patent situation? :)
<mac9416_2> Hello, gents. I want to set up a DNS server for my local network, but it occurred to me: why do DNs cost money if just anyone can set them up?
<subchee> yes domas, I know :)
<domas> subchee: so look for packages outside core repo
<oCean_> mac9416_2: there's the cost of hardware, hosting and maintenance of course
<domas> though according to package description, 'icecast2' package should stream mp3 properly :)
<cemc> mac9416_2: maybe because it costs money to admin the server, to upgrade it now and then, to run in 24/7, the bandwidth, etc ;)
<subchee> I've googled all the day to find a package instead of Ices2... but I couldn't :(
<subchee> I was thinking about to use Shoutcast (sc_server + sc_trans) but it doesn't want to start... (glibc6 is installed)
<mac9416_2> Hmmm. Yeah, now it doesn't seem so easy. OK, is there a really good instruction guide out ther efor setting up DNS? Any forum HowTo I find is very confusing.
<mac9416_2> I"ve looked at books I like, but I really need a quick/free howto
<oCean_> mac9416_2: seen this: http://ubuntuforums.org/showthread.php?t=236093. Basic setup. Hardly confusing
<domas> subchee: you can install compat libc
<domas> subchee: then shoutcast will work :)
<subchee> domas: you mean "libghc6-regex-compat-prof"?
<domas> nope
<subchee> sorry, "libc6" and "glibc-2.7-1" are installed... so what should I install? :)
<domas> which is failed dependancy?
<mac9416_2> Thanks oCean_
<subchee> there is no failed dependancy... if I want to start sc_serv there is an error msg: ./sc_serv: There is no such file or directory.
<subchee> the .log file and the .conf file is in the same directory and the user has the right to write into the .log file
<domas> anyway, there's nothing wrong with vorbis!! :)
<subchee> yeah, I know
<subchee> but all my music is mp3
<subchee> I don't want to spend days with converting them :)
<cemc> subchee: how do you start sc_serv exactly?
<subchee> just typing this: ./sc_serv
<domas> subchee: you can always recompile icecast to support mp3 :)
<subchee> domas: really? I didn't know about that... good news :)
<cemc> subchee: what is 'ls -la sc_serv' saying ?
<subchee> -rwxr-xr-x 1 14775 1687 137088 2007-02-28 21:17 sc_serv
<subchee> sorry, I didn't use pastebin :(
<cemc> np, one line won't kill anybody :)
<cemc> did you tried with ./sc_serv file.conf ?
<cemc> err... did you try*
<subchee> yes, and the result is the same
<domas> subchee: strange though, icecast2 package _should_ be able to play mp3
<subchee> thank you everybody, bye-bye (apt-get install libc6-i386 solved the shoutcast problem)
<cemc> subchee: have fun
<cemc> turns out he was on 64 bit ;)
<uvirtbot> New bug: #330138 in samba (main) "Ubuntu (8.10 with latest patches (patched on 16. Feb. 2009, 8.04.1 without patches) ignores filename cases on cifs-mount in an error-prone manner" [Undecided,Incomplete] https://launchpad.net/bugs/330138
<uvirtbot> New bug: #334346 in dhcp3 (main) "PATH problem in /lib/dhcp3-client/call-dhclient-script may lead to root compromise" [Undecided,New] https://launchpad.net/bugs/334346
<Cyntek> hello. i running ubuntu-server 8.10 and i have installed an additional ide hard drive as slave. I'm bit confused about how to add files or folders into that particular hard drive. How would i know if im moving files onto that hard drive and not the ubuntu-server hard drive?
<kinnaz> Cyntek, you mount the driver to specific location after making filesystem do it if it doesnot have one
<kinnaz> then you if you move files to that mountpoint
<kinnaz> they will be on that new drive
<Cyntek> kinnaz, when i run ls -l command it says this: lrwxrwxrwx 1 root root 10 2009-02-25 04:32 SeaGateBaracuda -> ../../sdb5
<Cyntek> if im understanding you correctly, that says its pointing to that hard drive and will store my files to that specific hard drive and not the ubuntu home?
<Cyntek> How can i view the files on that hard drive for verification ?
<dmacnutt> where did you mount it?
<dmacnutt> check there
<kinnaz> Cyntek, mount /dev/sdb5 /data
<kinnaz> cp /home/myuser/somedatadir/* /data
<kinnaz> ah mkdir /data
<kinnaz> at first
<Cyntek> all i did was installed it internally thats it.
<Cyntek> i figured ubuntu-server would recognize it and auto mount it.
<uvirtbot> New bug: #334374 in libnss-ldap (universe) "libnss-ldap should not depend on libpam-ldap" [Undecided,New] https://launchpad.net/bugs/334374
<Cyntek> http://rafb.net/p/yk3MFx29.html
<_ruben> ubuntu-server doesnt do auto-mounting of new harddisks
<Cyntek> oh.
<Cyntek> so i have define it in MTAB
<_ruben> no .. fstab .. but you'll need to partition and format it first before you can actually use it (as in: store data on it)
<orudie-work> hi, i need help changing hostname , name of the computer
<_ruben> only a handful of files in /etc/ hold the system's hostname .. edit those, reboot, done
<orudie-work> reboot what ?
<Cyntek> this hard drive will be for file sharing for window machines. what would be the best file system to use for Media files,
<orudie-work> i set hostname in /etc/hostname and ip hostname in /etc/hosts
<orudie-work> not sure what else
<ogra> reboot
<Cyntek> should there be swap space for an second hard drive?
<sadiq_> how can I enable tab completion in a server ...I connect with ssh and I lack the autocomplete
<cemc> Cyntek: you mean if you need to create a swap partition on the second drive? you don't
<Cyntek> k, thanks
<Cyntek> so i just need to create the file system and that's it.right.
<cemc> sadiq_: it should work. what do you try to autocomplete with tab? what shell do you use when logged in with ssh ?
<sadiq_> cemc I donno :(
<cemc> Cyntek: you can create one big partition if you like, and create the file system on it
<sadiq_> 8.04 ...should be bash right?
<Cyntek> it's a 300 GB hd.
<cemc> sadiq_: if you didn't change anything, then it should be bash, yea
<cemc> and TAB doesn't do anything at all?
<Cyntek> i want this hd to be accessible via windows machine's.
<sadiq_> it uses spaces
<sadiq_> like in normal text editors
<cemc> sadiq_: try this: echo $SHELL
<cemc> what does it say ?
<sadiq_> nothing...it prints a newline
<sadiq_> $ echo $shell
<sadiq_> $
<cemc> $SHELL, it's case sensitive
<sadiq_> oh...sry
<sadiq_> /bin/sh
<Cyntek> thanks for the help guys
<cemc> so you're using sh, and not bash. sh doesn't know autocomplete
<sadiq_> ok...so how do I change to bash??
<cemc> Cyntek: you can create one big partition, format it as ext3, and use samba
<Cyntek> cemc, if i format to ext3...windows will read it?
<Cyntek> and write to it.
<cemc> nope
<Cyntek> thats what i need.
<cemc> then why put it in an ubuntu server? :)
<Cyntek> this server is for home file server for sharing and accessing.
<kinnaz> Cyntek, over samba windows client can read/write do it
<cemc> you can format it as ext3, and then use samba to share it to other windows machines on the network
<Cyntek> thank you .
<cemc> sadiq_: try usermod -s /bin/bash <username>
<sadiq_> usermod: unable to lock password file
<sadiq_> sudo??
<cemc> yep, with sudo, sorry
<sadiq_> oh...the user is not in sudoers group
<sadiq_> su ??
<cemc> you need the root password for that i guess
<sadiq_> I have that :)
<cemc> then su -, and do the usermod as root
<sadiq_> that line worked as root...
<sadiq_> but still no autocompletion
<cemc> now log in on another console,
<cemc> and try it
<sadiq_> oh..ok...that works :)
<sadiq_> ty
<sadiq_> any side effects from using bash instead of sh??
<cemc> slightly more memory usage I guess
<cemc> but apart from that I don't think so
<ScottK> If you're logged in as a user that doesn't have sudo rights, su to the user that does and then sudo.
<sadiq_> is root user available(as in I can log as root) in the server install???
<ScottK> Not by default.  You can enable it, but you generally don't need to.
<sadiq_> ok
<Cyntek> i tried moving the files to the new hard drive in it's new directory i created but i got a error i think: andrew@Home:~$ cp /home/movies/* /dev/sdb1 /movies/* cp: omitting directory `/home/movies/action' cp: omitting directory `/home/movies/anime' cp: omitting directory `/home/movies/comedy' cp: omitting directory `/home/movies/drama' cp: omitting directory `/home/movies/horror' cp: omitting directory `/home/movies/Scifi' cp: can
<Cyntek> not stat `/movies/lost+found/sdb1': Permission denied
<Cyntek> what's the right way of doing it?
<smoser> Cyntek, probably you wanted something like: cp -a /home/movies/* /movies
<Cyntek> k, ill try that.
<Cyntek> nope, that did not work.
<Cyntek> im trying to move it from /dev/sda /home/movies to /dev/sdb1/movies.
<kinnaz> Cyntek, use mc for file managment
<Cyntek> what is mc?
<Cyntek> Midnight Commander
<kinnaz> yes
<cemc> mortal combat
<Cyntek> mortal combat....whoot
<Cyntek> sudo apt-get install midnight commander
<smoser> Cyntek, wherever you have /dev/sda mounted and /dev/sdb1 mounted is what you're interested in copying from and to
<smoser> maybe i missed something, but you almost certainly dont want to actually copy /dev/sdaX or /dev/sdbX
<Cyntek> http://rafb.net/p/1bNOzF81.html
<Cyntek> woot, i finally did it.
<Cyntek> man that took a while.
<Cyntek> banging my head against wall, trying to figure what i was doing wrong.
<Cyntek> forgot to set permission on the new Directory " /movies"
<Cyntek> kept getting permission denied.
<Cyntek> listen well learned.
<Cyntek> lol
<uvirtbot> New bug: #334470 in nut (universe) "FFE: Network UPS Tools 2.4.1-2" [Undecided,New] https://launchpad.net/bugs/334470
<zim> hi all what is the best tool to encrypt a folder from command line (using 8.04 server)
<cemc> archive-like encrypt or you want it to be usable ?
<zim> can you tell me about both pro/cons if you dont mind
<jmarsden> zim: https://help.ubuntu.com/community/FolderEncryption
<zim> ty
<jmarsden> No problem.
<drbobb> hello
<LHC> hey
<drbobb> i was kinda surprised today to find that there exist 2.8GHz Xeon CPU's that don't support 64bit mode
<LHC> did u weep
<drbobb> not quite, but i needed to burn a 32bit ubuntu server cd
<drbobb> btw which flag or whatever in /proc/cpuinfo tells you whether 64bit is supported or not?
<LHC> haha the thing now with cds, I burn so many for no reason, cause I have a stack of 100 and there are still about 70 on it
<LHC> not sure I come here to learn xD
<drbobb> well i have several broked cd/dvd burners
<drbobb> broken, even
<drbobb> they tend to die right after the warranty expires
<drbobb> especially those for laptops
<LHC> thats a bitch xD
<drbobb> oh and i had to abandon that old xeon box for the time being, i installed ubuntu but it turned out unbootable
<drbobb> it seems grub has a problem with hdd's hung on addon controller cards
<drbobb> btw has anyone tried grub2? is it ready to become the default any time soon?
<Titan8990> drbobb, I have had no problems
<Titan8990> drbobb, with my 3com RAID card
<Titan8990> drbobb, are you sure your card is supported by linux kernel?
<drbobb> Titan8990: i have no problems most of the time as well
<drbobb> Titan8990: pretty much sure, i found a redhat9 running on that machine when i was given it
<Titan8990> drbobb, what I did have a problem with, is drives not plugged into the discrete card would change drive letters, in the middle of doing something and it would cause massive i/o errors and crash the server
<drbobb> drive letters?
<Titan8990> drbobb, device names
<Titan8990> drbobb, /dev/sda1 would become /dev/sdb1 in the middle of copying something....
<Titan8990> drbobb, it may have been a problem with the board actually, because sometimes the BIOS didn't even read the extra hdds
<drbobb> the installer saw mine as /dev/sda and had no problem setting it up with lvm, partitions & filesystems
<drbobb> and it's the single hdd on the system
<drbobb> now boot hangs on grub loading, or whatever the message is
<drbobb> before any menu appears that is
<redbluefish> I have 2 servers running 8.10, the hardware is different.  Server 1 crashes with moderate access to a cifs mounted file system, while server 2 doesn't have the problem.  I'm new to linux administration and I'm not sure how to troubleshot this situation.  Any ideas for a noob?
<cemc> redbluefish: crashes like how? kernel panic, freeze, some error msg ?
<uvirtbot> New bug: #333813 in mysql-dfsg-5.0 (main) "MySQL daemon crashes daily on logrotate's flush-logs" [Undecided,Confirmed] https://launchpad.net/bugs/333813
<JanC> drbobb: I _think_ you could look for the 'LM' flag to check if a system is 64-bits, but I'm not sure...
<drbobb> JanC: thx that might be it
<drbobb> (btw there really ought to be a `man cpuinfo')
<Deeps> write it!
<drbobb> Deeps: i have no clue
<Deeps> :(
<Deeps> get clue and then writ it!
<Deeps> write*
<Deeps> (i would, but it always seemed fairly self-explanitory to me, the bits that mattered to me at least)
<mark> you know how much fun doing partitioning in the ubuntu installer is on a box with 48 disks, over a 9600bps serial connection?
<mark> :)
<Myst> Hey Everyone, i have just configured my server the way i want it and would like to back it up so that i do not have to redo any of the configurations if i have to upgrade the machine etc... is there a way of doing that without ghosting the hard drive?
<agentk> Myst: If you want to track changes to /etc too then etckeeper is probabbly your answer. IMHO it is better only to backup changes to /etc, which etckeeper can track for you
<goofey> Myst: that's a big question - what do you want to backup - files or the whole filesystem?
<agentk> Myst: I havnt tried etckeeper yet though
<agentk> Myst: I use backuppc for my server backups
<tangentcollision> I need help getting my shoutcast server running, whenever I start it, it gives me this http://pastebin.ca/1347290 crap and I can't keep the process running
<goofey> Myst: rsnapshot is also usefull for file backup
<goofey> Myst: dd is my favorite for filesystem (partition) backup
<Myst> basically i would like to be able to use the configuration file to configure the exact same server on different hardware should this hardware die...
<Myst> i dont think the /etc copier program would work because i have a samba server running with shares elsewhere...
<goofey> Myst: I think rsnapshot is what you want
<goofey> Myst: you can specify what files to copy and at what intervals
<goofey> Myst: and it keeps the directory structure intact on the files you do copy
<Myst> ok so if i setup another server i can use the rsnapshot to bring it to the current config of the other server?
<goofey> Myst: and it uses rsync and hard links on preserve space
<goofey> well, rsnapshot maeks the backup
<goofey> you restore the backup by hand i think
<goofey> but that's not hard using rysnc
<goofey> in this case, restoring to a differnet computer is all
<goofey> rather than the original
<Myst> sounds good ill take a look at it...
<goofey> Myst: hope it helps
<Myst> goofey, thx... if you have any websites that are good tutorials thatd help
<goofey> Myst: this is what I used: http://www.rsnapshot.org/howto/
<mgolisch> are there any crash dump features to be included in the comming release?
#ubuntu-server 2009-02-26
<oh_noes> Any idea why this sudoers file fails parsing?   http://pastebin.com/m219bba05
<dsmith-work> oh_noes: What's the error message?
<oh_noes> parsing error against line 15 (the hudson line)
<Deeps> the comma, at a guess
<Deeps> looks like you're trying to pass 2 distinct commands into a single alias
<dsmith-work> sudoers was always scary for me.
<Deeps> try a semi-colon or a double ampersand or double pipe (depending on desired behaviour) maybe?
<oh_noes> well ive copied this line before from a different OS sudoers
<oh_noes> ill try semi colon
<dsmith-work> The man page seems to indicate that ',' should be in there.
<Deeps> i'm probably wrong then
<oh_noes> the problem is on the chown Cmnd_Alias line ...
<oh_noes> if I comment it out, the sudoers works fine
<MianoSM> why wouldn't you put the alias in the users .bashrc ?
<MianoSM> It's not a `command` = `command` from the man page.
<dsmith-work> oh_noes: Change chown to /bin/chown
<dsmith-work> A commandname is a filename, a directory or a Cmnd_Alias
<MianoSM> Cmnd_Alias CHOWN = /bin/chown
<MianoSM> indeed
<dsmith-work> That's it?
<pilif12p> hi.
<pilif12p> can i ask a question here?
<dsmith-work> Sorry, only one question allowed, and you just asked it.
<dsmith-work> jk ;^)
<pilif12p> lol.
<pilif12p> If i install Server on a Win.98 computer, will the comptuer run as a server?
<MianoSM> Could you please clarify your question?
<pilif12p> anyone?
<MianoSM> You can have a windows98 computer act as a server if you so choose.
<pilif12p> Oh.
<Tastefull> ?question - Anyone have any experience with BOCHS? ;)
<pilif12p> So, i want to install Ubantu Server on my win98 computer. First, Will it run as a web server, and second, which version is compatable
<pilif12p> i had 8.8 i think, and it said the BIOS where too old.
<MianoSM> You had 8.8 what?
<pilif12p> desktop ubantu
<pilif12p> let me look
<MianoSM> No such thing.
<MianoSM> In any event. As long as your machine meets the minimum hardware specs it should be okay.
<MianoSM> I would advice installing a minimal server (8.10).
<pilif12p> i mean 8.04.1
<MianoSM> If you want a LAMP, maybe follow the "Perfect Install" minus the mail and ispconfig sections on howtoforge?
<pilif12p> and, that said the BIOS where too old/
<MianoSM> Is there a new bios available for you to flash?
<pilif12p> Not sure,
<pilif12p> I have no internet connection to it, now.
<MianoSM> is it a dell?
<pilif12p> No.
<pilif12p> Its a Gateway2000
<MianoSM> go to the manufacturers website and see if they support the machine still
<MianoSM> gateway.com
<MianoSM> downloads/support
<pilif12p> there is no such thing now.
<pilif12p> There are no BIOS flashes
<MianoSM> okay
<MianoSM> good luck to you?
<JanC> what CPU has that thing?
<pilif12p> I dont even know...
<pilif12p> Lets put it this way.
<MianoSM> if you were willing to attempt a desktop install, why aren't you willing to just go for the server install?
<pilif12p> at the time i tried to install desktop, i had no intrest in servers.
<pilif12p> Lets put it this way...
<pilif12p> I dont do OS stuff
<pilif12p> i do mozilla
<pilif12p> i know little about servers, etc.
<MianoSM> http://www.howtoforge.com/perfect-server-ubuntu8.04-lts
<MianoSM> There you go then. ;)
<MianoSM> I'd skip the e-mail portions, and ispconfig.
<MianoSM> Also I wouldn't assign a passwd to root.
<MianoSM> The requirements for the server is a CPU pushing 300mhz, you should be okay if it was win98
<MianoSM> and 64MB of RAM, and 500MB of hdd....
<JanC> isn't ISPConfig overkill (unless pilif12p wants to set up multiple websites for friends or such)?
<Tastefull> ?question - Anyone have any experience with BOCHS? ;)
<pilif12p> haha
<pilif12p> i think i have 32 MB of ram
<MianoSM> JanC: yes, that's why I said skip the e-mail, passwd to root, and ispconfig portions.
<MianoSM> win98 did have lower requirements, maybe 6.06 will fit that threshold
<JanC> Tastefull: yes, but that was somewhere last century  :P
<MianoSM> Absolute minimum requirements Intel 486 processor 32 MB of system memory (RAM) 300 MB of disk space
<JanC> well, I *have* run Ubuntu desktop (with GNOME) on a Pentium MMX 166 MHz laptop with 64 MiB...   ;)
<JanC> (and *LOTS* of swap)
<MianoSM> swap.avi ?
<MianoSM> gross!
<Tastefull> JanC: damn, just installed it on a Ubuntu Hardy IA64 edition.. and i have setup bios and vgabios, but it keep exitign with "quit_sim called with exit code 1", cant find any support anywhere :/
<JanC> Tastefull: why don't you use qemu or virtualbox or kvm or ...?
<JanC> oh, on an Itanium
<Tastefull> JanC: wont work on IA64 (Itanium processors)
<JanC> well, qemu should work on Itanium
<JanC> and it's a lot faster than bochs
<Tastefull> JanC: if you can point to where it does that i would be happy, cant find anything...
<JanC> hm, right, the qemu site says they are still working on it (or maybe not working on it)
<JanC> but qemu's architecture is such that it must be possible to get it working
<Tastefull> well i'm a little n00b to linux, can do conf make make install and those apt-get things but changing it anyway is way over my head
<JanC> you'd need to know more about IA64 architecture than about linux  ã
<Tastefull> and i dont :(
<JanC> anyway, bochs never worked properly
<Tastefull> JanC: i have ssh installed, want access to give it a try? :P
<JanC> you'd have more luck asking that to the qemu developer (if you keep your credit card handy)   ;)
<Tastefull> JanC: hehe yeah i'd proberly ;)
<JanC> on http://bellard.org/qemu/status.html you can see the implementation status for guest & host CPU
<twb> Tastefull: handing out ssh access to people on IRC is *really* stupid.
<MianoSM> what if you netcat /bin/bash with an open port?
<twb> MianoSM: haha
<MianoSM> that way you can watch at least /dunno
<Tastefull> twb: i know, but i can always turn off the box, it's right next to me and on it's own dmz zone and can reinstall it on 10 min ;)
<zim1> hi all anyone in here use encfs?
<JanC> zim1: yes?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<zim1> JanC: kewl can you use the unencryted mount with samba?
<JanC> I don't use samba
<zim1> ok ty
<JanC> but by default that can only work if you mount as the samba user
<zim1> I can see the folder when its not mounted bat as soon as I mount it bye bye
<JanC> fuse mounts can only be used by the user who mounted tham, unless you explicitly tell fuse to let others use them too--encfs has a mount-option for that
<JanC> s/tham/them/
<zim1> samba can see my files with the following permissions user:user 0700 but not mounted folders with the same :-$
<zim1> do i have top add usr to group samba?
<kirkland> apw: was away before, here now, what's up?
<apw> someone was asking about crashdump support on -server, suggested they ask here
<zim1> another q is it possible to send commands server to server vi ssh
<Kamping_Kaiser> yes.
<zim1> how
<Kamping_Kaiser> man ssh.
<zim1> I have am missing it
<Kamping_Kaiser> have you looked at the synopsis?
<zim1> ok will do
<zim1> is it -O
<zim1> got it user@host echo foo
<zim1> ty
<Kamping_Kaiser> wd
<racecar56> is it possible to trick ubuntu into using a fat16 /boot partition?
<racecar56> i need to do that for my server
<lukehasnoname> Any generic tips on getting a USB printer seen by my server without restarting or reinstalling?
<lukehasnoname> I'm trying to set it up as a print server
<oh_noes> In my sudoers, why does "Cmnd_Alias CHOWN = /bin/chown" work, BUT "Cmnd_Alias CHOWN = /bin/chown -R root:root /foo/bar" doesn't work?
<oh_noes> Says parsing error
<Cyntek> when manually mounting a directory is it possible to mount multiple directories with one command example: [sudo mount /dev/sdb1 /movies /photos/ /music /documents
<Cyntek> ] ?
<Cyntek> i tried, but did not work.
<Cyntek> "always fun to explorer"
<steelcityjim> is it possible to watch video from files on a remote server?
<twb> steelcityjim: yes.
<racecar56> please i really want ubuntu server on my server i dont like windows
<racecar56> does anyone know how to get ubuntu to use /boot as fat16?
<twb> racecar56: that may not be technically possible.
<twb> racecar56: probably it would involve recompiling the kernel to have FAT support built-in.
<twb> racecar56: you might also need to replace GRUB with a bootloader that supports FAT (syslinux?), but I think GRUB Legacy does actually support FAT.
<racecar56> :o
<racecar56> kay
<racecar56> is syslinux in repos?
<ajmitch> racecar56: just why does /boot need to be on fat16?
<twb> ajmitch: thanks, I wandered off before asking that :-)
<racecar56> because the bios reads what its gonna boot
<racecar56> i have to go to my laptop now and put the server's hd into the pc
<racecar56> in other words brb
 * ajmitch thinks there's some confusion there
<twb> ajmitch: I reckon he actually wants WUBI
<joejc> hi
<edson> hi guys!
<racecar56> hi
<racecar56> im back
<racecar56> sorry for the wait\
<joejc> how do i get my server on my network?
<racecar56> idk
<JanC> racecar56: what do you mean by "because the bios reads what its gonna boot"?
<racecar56> when the server boots it looks at the the drive it is about to start with
<JanC> so?
<racecar56> but scince that server did windows... it wants fat16 (fat32 might work also, but not tested)
<racecar56> i am following a blog post
<racecar56> http://samuel.thollander.net/projects/linux-on-hp-ex470/
<joejc> can anyone help me?
<goofey> joejc: that is an extremly vauge question
<goofey> joejc: you might try to be more specific
<JanC> racecar56: judging from the sources, grub supports FAT16, so it should be possible...
<racecar56> ok so what am i going to do to get it to install /boot into a fat16?
<JanC> it doesn't work if you format it to fat16 and then tell the installer that it should be mounted as /boot ?
<racecar56> i tried that and it blocked me from doing it but ill try that again
<racecar56> oh i mean yes
<racecar56> (sorry i thought you were asking if i did it/if i could do it)
<JanC> if it isn't possible in the installer, you can install normally, and then move the contents of /boot to the root of the FAT16 partition, fix the grub configuration files to point to the proper locations, install grub again and change fstab manually
<JanC> (and maybe I forgot something, it's after 5am here ;) )
<racecar56> ok...
<^law^> heloo
<^law^> anybody here?
<^law^> ?
<^law^> heloooo?
<goofey> nobody but us mice
<^law^> hi goofey
<^law^> nice 2 meet u
<^law^> i have some question
<^law^> can u help me?
<^law^> ?
<goofey> first rule of IRC - don;t ask to ask, just ask
<goofey> if someone knows the answer, they will respond
<^law^> ok
<^law^> i wan to install db2 udb v8 in my ubuntu server can anybody help me?
 * goofey doesn't even know what db2 udb v8 is
<ewook> search the repository.
<ewook> apt-cache search
 * ewook agrees with goofey 
<^law^> just tyoe apt-cache search db2?
<ewook> ya
<^law^> db2 is like sqlserver, mysql, postgresql but it is an ibm product
<ewook> oh... that one.. why in gods name do you want that?
<goofey> it may not be in apt
<ewook> doesn't look like it
<^law^> ya can't find it
<^law^> i already downloaded from ibm
<goofey> i bet ibm has install instructions
<^law^> but it is .rpm
<goofey> ahh, well, then the question is how to convert rpm to dpkg or tgz
<^law^> i can't find any instruction in ibm site
<goofey> well, converting rpm to dpkg or tgz isn't specific to ibm
<goofey> and it's a question that's a whole lot easier to answer
<^law^> my ubuntu server doesn't have gui
<^law^> i just wanna keep it like that
<^law^> then how to cnvert .rpm to dpkg or tgz?
<goofey> ok, looks like you can install rpm directly using "smart" or convert to .deb using "alien" per google
<^law^> oh ok
<^law^> thx guys
<goofey> hope that helps
<^law^> oh ya wat command that can show me  system summary ?
<goofey> that I do not know
<^law^> then  how  to know how many spaces is left on my harddisk
<twb> ^law^: df -h
<uvirtbot> twb: Error: "law^:" is not a valid command.
<goofey> yeah, df -h
<^law^> thx very much twb it works
<goofey> (the -h makes the size "human" readable)  no -h for blocks
<^law^> oh thx 4 the explanation goofey
<goofey> anytime
<goofey> gl
<^law^> i have installed tomcat java server from the beginning when installing ubuntu server, then i execute java -version it shows that is not sun jdk is used but it is openjdk
<^law^> how can i remove the openjdk n replace it wit sun jdk?
<racecar56> ok i have a /b00t partition that is fat16 and i moved stuff from /boot to /b00t, now i want to remove /boot and change /b00t's mountpoint to /boot
<racecar56> what do i do in fstab
<racecar56> oh great my grub died
 * racecar56 gets a bootdisk and attempts to fix it
<racecar56> anyone here?
<racecar56> hello?
<Chipzz> racecar56: why do you want /boot on fat16? bad idea
<racecar56> because my server requires ity
<racecar56> *it
<Chipzz> no it doesn't
<twb> racecar56: that seems unlikely.
<Chipzz> what makes you believe it does?
<twb> racecar56: why do you think your server requires /boot on FAT16?
<^law^> ur server requiers it?
<racecar56> yes
<Chipzz> no
<Chipzz> again: why do you think that?
<racecar56> http://samuel.thollander.net/projects/linux-on-hp-ex470/ is why
<racecar56> im following its advice
<twb> racecar56: that's a NAS?
<racecar56> ?
<Chipzz> I call bullshit
<racecar56> ...
<twb> network attached storage.  Basically a hard disk with a network card attached.  Since it runs Windows, I guess not.
<Chipzz> the BIOS doesn't boot a partition, it boots the MBR
<twb> Ah, the hardware specs are further down.
<racecar56> then waht the heck... is blog post wrong?
<twb> racecar56: I think it probably is.
<racecar56> hmmm
<twb> racecar56: it looks like a standard K8 motherboard from the lspci output.
<Chipzz> it seems very unlikely to be correct
<racecar56> then why the heck dosent my server seem to work (i ssh it and it no works)
<twb> Chipzz: the author puts grub in the MBR anyway
<Chipzz> twb: I was about to say the same thing
<Chipzz> racecar56: like twb says, the author mentions installing grub. Grub doesn't care what your partition is, and should be able to boot of /boot ext3 or others
<twb> racecar56: the most likely reason you can't ssh into it is because you're using the wrong network driver.
<racecar56> but it sayd bios looks at what its booting
<racecar56> *said
<Chipzz> racecar56: the BIOS can't even know about the grub configuration
<Chipzz> nor should it care
<racecar56> it dosent
<Chipzz> then how does the BIOS know what partition /boot is?
<racecar56> it boots whatever it finds first, but it looks at what its booting, it only likes fatxx
<Chipzz> you could very well have made sda2 /boot
<Chipzz> the BIOS shouldn't are
<Chipzz> *care
<racecar56> it checks the file system its about to boot
<racecar56> maybe i'll just try the basic install to whole drive thing
<Chipzz> like me and other ppl just said, that's just dead wrong
<Chipzz> racecar56: the BIOS doesn't boot *a filesystem*, the BIOS boots the MBR
<Chipzz> which should contain grub
<racecar56> currently im installing ubuntu on the whole drive now
 * racecar56 installs lamp, openssh, and samba server packs
 * racecar56 waits as the cd drive makes the most insane noises
<racecar56> install is done :>
<racecar56> ok its ready to do stuff
<Chipzz> the author of that article looks a bit illinformed, IMO
<racecar56> k
<racecar56> well how do we get started? i basically want apache to host my website for me and ability to ssh the server also
<racecar56> ...
<racecar56> is anyone here?
<twb> No
<racecar56> k
<twb> racecar56: do you have a more useful question?
<twb> s/useful/significant/
<racecar56> idk really but all i want to do now is get it to work on my server
<twb> I cannot help with vague questions like that.
<racecar56> ik
 * racecar56 is getting an ip scanner so i can find my server's ip address
<racecar56> cause i cant do ifconfig on server, as it has no keyboard
<hads> nmap
<racecar56> i use ipscan
<racecar56> but nmap pwns too
<racecar56> cool it works with acpi :>
<racecar56> no more force turnoffs
<racecar56> looks like it dosent have internet
<racecar56> it appears my network card on server is a SiS 191 gigabit ethernet
<Scix> I have two servers. One in production and one for testing. At the testing server BIND and DHCP works perfect. When a DHCP address is leased, the zone in bind gets updated. But at the production server, who is identical to the testingserver I'm getting this error from named: client 10.11.0.5#47428: found no private keys, unable to generate any signatures. And then from dhcpd: Unable to add forward map from lku130.skole.lk.local to 10.11.0.118: timed out
<Scix> anyone who has a idea about why?
<cemc> Scix: the two servers run with the same release? which one ?
<Scix> the production and testing server is one seperated networks? I don't quite get your question.
<cemc> which ubuntu release is installed on the servers?
<Scix> cemc: aa, sory! It's ubuntu 8.10 server
<cemc> and the configs are the same on both servers for bind and dhcp ?
<Scix> yes, the one thing that is different is the rndc key
<Scix> This is copy paste from the testing server: http://pastebin.com/d64afe621
<Scix> And some notes
<cemc> and the other one ?
<Scix> is identical, exept the keys
<cemc> and you're sure the keys you're using are correct on the prod. server?
<Scix> yes! Named says at the beginning of the lease: signer "rndc-key" approved
<Scix> but ise now that it also says "RRSIG/NSEC update failed: not found" < This just after "found no private keys, ..."
<Ethosser> how do I get crontab to run as root?
<Scix> Ethosser: sudo contab -e
<Ethosser> hmm, if I do that it doesn't seem to run
<Ethosser> It's fine to have multiple entries isnt it?
<Ethosser> 30 19 * * * /home/administrator/backup.sh
<Ethosser> 15 19 * * * mysqldump -u administrator -pxxx database > /var/www/html/db_backup/backup.sql
<Ethosser> that's what I currently have
<Scix> what does the logs say?
<Ethosser> Not sure where the log is for cron tbh
<Ethosser> ... ;(
<Ethosser> Let me try and set it for in a minute and i'll see what it does
<Ethosser> nothing.
<Scix> based in the commands i bet it's to syslog or something
<hads> You'll want a couple minutes
<Ethosser> hmm, where is the syslog file- sorry i've never had to use it before
<hads> /var/log/
<Scix> open another terminal and then run "sudo tail -f /vat/log/syslog" then the crone is suposed to run. then you will get a "live feed" from the syslog :)
<Ethosser> thanks
<Ethosser> :)
<^law^> guys u ever installed db2?
<Scix> *then = when and vat = var ;)
<hads> Not a log is logged to syslog from cron though, just the run
<Ethosser> heh
<Scix> Ethosser, me fixing my typos :p
<^law^> ibm db2 v8
<^law^> u guys ever installed it?
<cemc> Scix: I say it's a typo or something there, can you paste the actual .conf files from bind and dhcp on the prod. server?
<Ethosser> :D
<Ethosser> Ok- i've got
<Scix> cemc. Yes. Give me a few minutes :)
<Ethosser> Feb 26 08:16:01 intranet console-kit-daemon[1521]: CRITICAL: cannot initialize libpolkit
<Ethosser> That's straight after: Feb 26 08:16:01 intranet /USR/SBIN/CRON[1522]: (root) CMD (/home/administrator/backup.sh)
<cemc> Ethosser: that should mean crond ran that command
<cemc> did it run ?
<Ethosser> NOpe, didn't see too
<Ethosser> So it looks like it tried at 08:16 (the time I set it to run)
<Ethosser> Yeah, I get the error for libpolkit every time I've scheduled it this morning
<Ethosser> Infact I have that error for other cron errors as well like:
<Ethosser> ACtually, I won't spam the room :D
<cemc> can you try just a quick test script, that say does a cat in some random file in /tmp ?
<cemc> and set it to run 5 minutes from now
<cemc> and see what it does
<Ethosser> https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/275432
<uvirtbot> Launchpad bug 275432 in policykit "libpolkit requires files from policykit for polkit_context_init to work" [High,Confirmed]
<Ethosser> Apparently "apt-get install policy-kit" will fix it
<Scix> cemc, you can se the config from the production server at http://paste.ubuntu.com/123189/
<pteague> if eth0 is set up with 'iface eth0 inet dhcp' in /etc/network/interfaces does it need the line 'auto eth0' ?
<kraut> moin
<hads> yes
<pteague> before, after, or does it matter?
<hads> Whatever it was, man interfaces will tell you
<pteague> ah, there we go... seems the desktops are removing the iface & auto lines for eth0 (or not adding them?) so the gui network management stuff deals with them... but this seems to be bringing them up after the attempt to mount my nfs shares >_<
<Scix> pteagu, I had the same problem so i began to only use the interface file
<achilles>  is there a way to apply quota to a specific directory, I'm using samba to share a folder to a group of users, but I don't want it to exceed 10G
<simplexio> achilles: dunno. but you candefine 10G hard limit making 10G image of it, and then loop mount it under share
<achilles> simplexio, ah .. nice idea
<achilles> simplexio, thank you .. I'm googling
<simplexio> achilles: as bonus you can define default umask for that dir only, and add default groups owner for it
<simplexio> achilles: easy dd of=/dev/zero if=/some.img bs=4086 count 1000, or so (if and of could be wrong way), then make.ext3 some.img ( i think ), and then mount -o loop some.img /home/somegroups for an example
<achilles> simplexio, but how can I extend the size in future .. I'm wondering
<hads> Close :)
<simplexio> achilles: maybe. depends filesystem which you choose ( google for resizing partitions on ext3/4, xfs or similiar )
<achilles> simplexio, no I mean the dd image for a group directory
<simplexio> achilles: yes i think. it could be easy as cat somefile >> some.img , then use some fs resisze utility
<simplexio> achilles: i recall seeing that kind howto in somewhere, but i cant remember anymore specific data about it
<hads> http://kev.coolcavemen.com/2007/04/how-to-grow-any-qemu-system-image/
<hads> You're right
<achilles> simplexio, hads   thank you very much
<simplexio> achilles: just remeber be very carefull when extending image, one > left out makes damage
<achilles> simplexio, oh yeah .. thank you for reminding me
<Ethosser> guys can install apt-get install policy-kit cause any problems?
<Scix> Ethosse: Hope not. I just did it :P
<Ethosser> lol
<Ethosser> I'm running LAMP with a website running
<Ethosser> did it require a restart?
<achilles> simplexio, don't know why I'm afraid, it's a bit critical data, is it risky to mout dd image and make it file system ?
<simplexio> achilles: not really
<hads> Not really risky, not the most effecient way but
<Cyntek>  yikes, i did sudo -i  and i then created a new user account and deleted the andrew account, but now my new account is not in the sudoers file. How can i fix it?
<hads> Boot into single user
<Cyntek> from cdrom
<Cyntek> ?
<hads> From grub
<Ethosser> Scix, on ubuntu server 8.10?
<Cyntek> hads, okay but how do i get to grub?
<achilles> thank you guys
<simplexio> achilles: i find that easiest way to do, i have tryed get samba acl / nfs acls to works on my home box. it just a pain
<achilles> simplexio, ah .. I see, no it's okay I will go for loop mount
<Scix> Ethosse, jupp. No restart :)
<frippz> I'm looking for tools to check the uptime of websites
<Ethosser> So you've just run that on 8.10 server and didn't need a restart?
<Ethosser> interesting.
<simplexio> achilles: i think there are other options too for that image looping ( i mean other that mount -o loop, which may offer more options )
<frippz> Pingdom exists, but costs an arm and a leg, so I might as well set up something on a server locally
<achilles> oh yeah .. good idea .. let me check
<Ethosser> I still can't get crontab to run
<Ethosser> it says access denied even tho i've set it in sudo crontab -e
<Ethosser> any ideas?
<pteague> if you're running a script directly, does it have executable permissions?
<Ethosser> yes, I think so
<Ethosser> if I run the script sudo ./script.sh
<Ethosser> it works fine
<Ethosser> if I do ./script.sh it gets access denied halfway through the secipt
<r34l_r00t> hello everyone...
<pteague> then you should probably look at what point it's getting access denied & fix that part
<Ethosser> mount: only root can do that
<Ethosser> cp: cannot create regular file `/mnt/remotebackup/www.tgz`: Permission denied
<pteague> ah, 2 things to check...  check to see if `sudo crontab -e` modified your crontab or root's (i.e. try `crontab -e` & see if it's listed on your crontab, if it is it's running as you & not root)
<pteague> otherwise how are you mounting /mnt/remotebackup/ ? is it via nfs, samba, or something else?  if via samba, does the user for samba have write permissions to that remote directory
<pteague> if nfs the uid/gid of the user or group you're trying to write as needs to match on both boxes
<Ethosser> if I run sudo ./script.sh it works fine pteague
<Ethosser> it's roots that is modified, sudo crontab -e and crontab -e are different
<oCean_> pteague: any helpful clues in /var/log/cron.log ?
<Scix> cemc, have you found anything interresting?
<joejc> how do i share a folder and make it so anyone can read and write?
<r34l_r00t> joejc: read from ubuntu?
<joejc> ?
<joejc> using samba
<r34l_r00t> joejc: read and write from windows network (samba).?
<joejc> windows might need to see share but wouldnt need to write
<daniele> hello!
<joejc> hi
<daniele> I've a problem: ubuntu-server 8.10 don't see the external disk (usb connected)
<daniele> I've changed also the kernel with the -generic version
<daniele> I've also loaded usbcore, scsi_mod
<daniele> but... nothing
<daniele> dmesg doesn't display anything
<daniele> has somebody an idea?
<oCean_> daniele: do you know the hardware is ok? It shows up on another computer/os ?
<daniele> yes, it displays also an usb-webcam
<Scix> cemc, I deletet the K[zone].+[some_number]+[some_other_number].key/private from /etc/bind/ and then it woked :S
<simplexio> daniele: does dmesg tell that it found usb mass storage ?
<simplexio> daniele: it could be that those automatic scripts dont work/find it and you need to mount it by hand
<daniele> no, dmesg says only that usbstorage is loaded
<simplexio> daniele: no mention about your usb harddrive at all  ?
<daniele> doesn't display the classical messages that displays when an usb drive is plugged
<Deeps> tried a different usb port? tried a different usb drive?
<oCean_> daniele: is usb_storage loaded?
<daniele> yes
<daniele> sob
<oCean_> another related module (my final option) is sd_mod, but that's probably loaded already too?
<cemc> Scix: heh
<cemc> cool
<Scix> yeah. Wired, but cool
<daniele> sd_mod... now check it
<daniele> yes, sd_mod is loaded
<oCean_> daniele: ok, sorry - I'm out of options.
<daniele> :)
<daniele> oCean__: i don't have hal installed. is it requested?
<daniele> I'm trying to install it...
<oCean_> daniele: hm, not sure
<daniele> tnx to all!
<daniele> goodbye
<jwstolk> Is there a way to install gettext-dev on ubuntu-server?  (I need it to compile the Vuurmuur firewall for 64-bit)
<Yaron> Hey there guys! I need some help with classifying some bug
<Yaron> I ran into it while installing Dapper Drake server but it still happens I guess
<kaushal> hi
<achilles> Guys, I got bored applying quotas to all users , do anybody has a script or something
<jwstolk> (FIXED: should be gettext instead of gettex-dev)
<kaushal> is there a way to find out the files contained in not yet installed package in the system ?
<uvirtbot> New bug: #334410 in postfix (main) "Can't sudo due to postfix / sendmail error! WTF?" [Undecided,Incomplete] https://launchpad.net/bugs/334410
<lamont> sigh
<brettalton1> Hi everyone, does anyone know how to register a 'session' (e.g. have a program run on startup) using CLI/bash tools? I'm trying to install conky and parcellite and have them run on start up in one of my scripts. I'm thinking of a tool like 'gconftool-2' but for sessions. Thanks!
<thefish> if i add an lvm volume and format it, is there any way apart from restarting udevd, to get the links in /dev/disk/by-uuid made for it?
<thefish> i guess thats where lookups are done, so if i add a UUID= line to fstab, it will check there..
<Ethos> can install gksu mess anything up? lol
<uvirtbot> New bug: #334932 in nut (universe) "nut & nut-hid-drivers remove each other" [Undecided,New] https://launchpad.net/bugs/334932
<lamont> Ethos: it's more what you do after that that matters, I expect....
<Ethos> :D
<Ethos> in what way?
<uvirtbot> New bug: #334949 in samba (main) "[jaunty] unable to share folders using samba" [Undecided,New] https://launchpad.net/bugs/334949
<Imo> hello i have ubuntu server 8.10 and i want install eBox but then i tip sudo apt-get install ebox then i get this error
<Imo> libapache-authcookie-perl ist aber nicht installierbar
<licorna> Hi! followed instructions in https://help.ubuntu.com/8.04/serverguide/C/libvirt.html to install a jeos, but i had to install QEMU and I want to use KVM
<licorna> mi server has virtualization extensions (enabled in bios)
<zul> mathiaz: ping what do you think about cluster support for samba 3.3
<dexem> Imo, try also on #ebox
<Imo> thanks
<licorna> anyone with kvm experience?
<mgolisch> nope
<mgolisch> but whats the problem?
<mathiaz> zul: I haven't looked at it yet
<mathiaz> zul: and we're past FF anyway
<mathiaz> zul: so if it's not already enabled it won't be part of jaunty
<zul> well its already enabled in the samba-3.3 debian/rules we just have to write the MIR if we dont want it for ctdb
<licorna> want to use kvm, not sure if it is working, because I had to install qemu
<mgolisch> you had to install qemu?
<mathiaz> Adri2000: the samba SRU should be uploaded today - I've already built it locally and need to do some testing now
<dsmith-work> Doesn't kvm use qemu userland?
<Adri2000> mathiaz: ok, excellent, thanks
<licorna> yes, but in the docs it doesnt says that qemu is needed
<licorna> ok, I think I'm going to investigate a little bit more
<licorna> thanks
<mathiaz> kirkland: do you know if it's possible to loop mount a qcow2 file to modify some files in it?
<kirkland> mathiaz: it is!
<mathiaz> kirkland: ohh - how do you do that?
<kirkland> mathiaz: let me find the link
<kirkland> mathiaz: http://en.wikibooks.org/wiki/QEMU/Images
<kirkland> mathiaz: also, see: http://blog.dustinkirkland.com/2008/10/mounting-kvm-disk-image.html
<mathiaz> kirkland: hm - it seems all of these links refer to raw images
<LoveGuru> can i get ubuntu hardy 8.04 minimal installation ?
<LoveGuru> iso
<kirkland> mathiaz: try this http://blog.loftninjas.org/2008/10/27/mounting-kvm-qcow2-qemu-disk-images/
<mathiaz> kirkland: thanks
<kirkland> mathiaz: just using mount /path/to/image.img /mount/path -o loop,offset=32256 didn't work?
<LoveGuru> can i get ubuntu hardy 8.04 minimal installation ? need netinst iso?
<mathiaz> kirkland: hm - I didn't try that yet
<kirkland> LoveGuru: you can do a minimal ubuntu installation, yes
<mathiaz> kirkland: anyway - I'm not even sure I'd really need that - I think I'll stick with my lvm setup for now
<kirkland> LoveGuru: i use mini.iso usually when i want that
<kirkland> mathiaz: k
<kirkland> LoveGuru: there's also an option in the cd boot menu
<kirkland> LoveGuru: i don't remember what it is right off, but it's one of the F-keys
<LoveGuru> kirkland: but need the minimal install iso..
<LoveGuru> dont want to download whole 500+ mb is
<LoveGuru> *iso
<Deeps> LoveGuru: google ubuntu mini.iso
<kirkland> LoveGuru: https://help.ubuntu.com/community/Installation/MinimalCD
<kirkland> http://archive.ubuntu.com/ubuntu/dists/hardy-updates/main/installer-i386/current/images/netboot/mini.iso
<kirkland> http://archive.ubuntu.com/ubuntu/dists/hardy-updates/main/installer-amd64/current/images/netboot/mini.iso
<LoveGuru> Deeps: i forget about it totally  :< google is our friend :)
<kirkland> ~10 MB apiece
<kirkland> LoveGuru: http://people.ubuntu.com/~kirkland/search.html is even friendlier
<LoveGuru> alright
<LoveGuru> kirkland: thank you so much
<kirkland> yw
<_dbd_l12> would restoring an image of a ubuntu-server install made with partimage work on (slightly) different hardware? or is this a no-no. Other (non-raid) ways to have a quick imaging/backup system ready (for in case of hardware failure) ?
<jahor> hello anyone with storege performance testing skills ?
<jahor> i just want to consult my results. and if i get the feeling that i got it right i could make ubuntu related comparison of various storage possibilities in servers area
<jahor> http://temp.jhr.cz/ikiwiki/html/KnowHowKickstarters/storage-comparison-round1/
<maswan> jahor: ehm. wildly bogus bonnie results.
<maswan> jahor: but then, according to the description, you use half the ram for test size? normally you'd need at least twice ram, 10-20 times is probably better
<jahor> maswan: what i could say i understad are the dd results
<jahor> maswan: i know
<jahor> maswan: i thought that saying -r 4G means get rid of the ram, waste it and preform the test, but it does not ;(
<jahor> maswan: i already know that booting with ram=XX could be nice hack to have not much system memory
<maswan> jahor: Yeah, that works too.
<jahor> that drives me crazy to get all the data again ;o)
<maswan> script it and let it run overnight?
<maswan> also, for a basic dd test, you might want to try loading more and more parallel dd:s onto the same filesystem and graph aggregate throughput.
<maswan> both bure write, pure read, and a mix of reads and writes
<jahor> maswan: i must say that this is my real first test so i know it has its drawbacks
<maswan> at least one version of the arecas had this funny behaviour where when you loaded on readers, the throughput slowly dropped form 300 to 150 for the first 10 parallel ones, then suddenly dropped down to 15M/s for 12...
<jahor> i found something like fsload or so that could simulate operaions... i dont like write hackish dd test ;o)
<maswan> Ok, then I'll keep on the easy side, "remember to always test a working set that is big enough that you aren't measuring the cache speed"
<jahor> maswan: ooops not nice performance degradation
<maswan> jahor: yeah, that particular one they seem to have fixed in newer versions (even though they didn't care about us reporting weirdness at the time, so we bought 3wares then), but storage is strange and weird
<jahor> maswan: i know. big mistake from the beginning. it could be seen on the dd test where the 256M vs 2G cache is realy visible
<maswan> jahor: We've pretty much given up on "realistic" benchmarking, it just got too hard. We run the parallel dd stuff in different mixes and numbers, to get a "feel" for the system, and then assumes that real-world load will be "a bit" to "a lot" worse.
<maswan> Then figure out if that's acceptable.
<Cyntek> hi all, i am now trying to access my newly installed 300 gb hd and its directory on ubuntu-server 8.10. However, when i log in via windows xp i get an error: \\HOME\Public Folder Sharing is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have acces permissions. The network path was not found. how can i fix this?
<Cyntek> im able to see the Public Folder Sharing in the " My Network Places " but cant log into it?
<jahor> Cyntek: i just guess but have you enabled "window networking" or something in your network interface configuration (on windows)
<jahor> Cyntek: ah you see it... so maybe it needs to tune /etc/samba/smb.conf
<jahor> Cyntek: have you already had a working share ?
<Cyntek> yes, i can see the " Public Folder Sharing " but cant log into it.
<Cyntek> Yes.
<Cyntek> But what i did last night, was i added a new User acct and was trying to delete the old User acct. and now i cant log into the acct.
<Cyntek> I have set samba.conf. ill past the smb.conf.
<Cyntek> one sec
<jahor> maybe more interresing will be the user under which samba is running vs. the mountpoint prermissions
<Cyntek> okay.
<Cyntek> well for some reason the old user is still there able to log in.
<Cyntek> jahor, im using putty, what is the command to output the url past using wgetpaste?
<Cyntek> oh i think i know.
<Cyntek> how to fix this.
<jahor> Cyntek: ok then tell us the result.
<Cyntek> well, when i edited the smb.conf i think i input the " path = /dev/sdb1 ". when it should be " path = /photos" ?
<jahor> Cyntek: yeah that could be it... sdb1 is block device. and the path must be a path where the block device is mounted
<Cyntek> or mounted to....so i would have create a individual tags to share the specific directories.
<Cyntek> yep that was it.
<Cyntek> great
<Cyntek> however, i wanted to ask....am i not able to share just whole hard drive instead of the directories?
<jahor> Cyntek: depends on what does "whole drive" means ;) .... all the files on it or like a block device ?
<Cyntek> i mean the actual Hard drive it self.
<jahor> Cyntek: if you talk about win vs ubu then it looks like the files on it
<jahor> Cyntek: so like a block device ?
<Cyntek> yeah.
<jahor> Cyntek: to make a windows filesystem on it ?
<Cyntek> if i convert the filesystem from ext3 to hpfs/ntfs, right. then it would show up as a hard drive on windows xp. right.
<jahor> you could not convert it. you could backup it, reformat and then restore the data
<jahor> for block level sharing with windows on the client side you could try iscsi
<jahor> iscsi-target on the server and iscsi-intiator on the clinet (windows)
<Cyntek> well, for now i will just stick to this until i feel more experienced in going into that direction. for now this will do fine.
<jahor> i think so too ;o)
<Cyntek> what are the " lost + found " folders ?
<Cyntek> I see it in the "photos public folder sharing" .
<jahor> Cyntek: there could be files after filesystem check if there was some problem with the filesystem.
<Cyntek> im using Filezilla to upload from windows xp to the ubuntu-server, but the files i upload are not being saved.What am i doing wrong?
<Cyntek> [edited] I'im using Filezilla to upload from windows xp to the ubuntu-server, but the files i upload are not being saved to the directory i am saving them in. What am i doing wrong?
<Cyntek> explination why the files are not being saved to the directorys during the upload process via windows xp (Filezilla) to ubuntu-server (/photos) directory?
<Cyntek> why is that everytime i transfer or upload from Local site to Remote site ( windows to ubuntu-server ) and when i create other directorys such as documents, photos, music... When the upload starts and finishes it uploads the files to all directorys onto ubuntu server?
<Cyntek> all meaning directorys i have created on a separate 300 gb hard drive. ie: documents, music,photos,movies.
<Cyntek> once uploaded to a single directory, it will show up in others as well.
<Cyntek> wtf?
<Cyntek> anyone?
<Tastefull> ?question: i have installed Ubuntu Server and with the LAMP option. Now i need a FTPd witch is not relying on the users of the server, but has them seperately. I have tried vsftpd but cant seem to configure it to use a seperately file for users. The box should run as a Hosting solution and is there a web based tool to control the LAMP servers + FTPd (not plesk) out there?
<johnny5> I need to script a setup, but i'm using vmware. possible?
<johnny5> I want to deliver vmware images that upon first run ask for a hostname and username/password etc
<johnny5> is that just make believe stuff?
#ubuntu-server 2009-02-27
<kenny__> How do I install bugzilla under ubuntu(8.10)? I have installed bugzilla3 with all dependencies (including mysql and apache2), hope I set the right db_user and db_pass in localconfig, but there is no http://localhost/bugzilla site.
<kenny__> How do I tell the apache server to display the bugzilla pages under http://localhost/bugzilla?
<roy_hobbs> How much does installing openafs-fileserver do for me in terms of getting AFS up and running?
<Cyntek> im trying to upload photos,music,documents, and movies files onto a 300gb ext3 filesystem hard drive. Now i have created directories ie: /photos, /documents,....so forth. why is that when i transfer files to there parent directories they end up being in the other directories that were created?
<baz_> hey, I am trying to re-install ubuntu on a machine that had a software RAID (ubuntu too). When do I re-assemble the RAID? Before install, during install or after install?
<twb> baz_: IIRC it will recognize the existing md array during installation.
<baz_> twb, thanks i'll try it out... you're the only one who gave a suggestion in 6 channels :)
<twb> "try it and see" is usually a good first attempt.
<baz_> twb, to be honest i am re-installing the desktop and i tried with livecd and even re-assembled using mdadm, but i wasn't sure if it was recognizing it or not... now u gave me confidence the alternate cd wwill work...
<Cyntek> okay, i reformatted the second hard drive, i want to make it a file sharing for Windows machine, now I also would like to create directorys for individual file purposes, such as music to /music ...documents to /documents. get this working without each directory being a copy of one another.
<twb> Oops, he should know that the live CD doesn't support software RAID.
<twb> Cyntek: what I do is just make a filesystem and mount it on /srv, so that there is e.g. /srv/music and /srv/video
<Cyntek> lol.
<twb> Cyntek: if you want top-level directories (which I don't recommend, because it's messy), is either to create symlinks (sudo ln -s srv/video /) or to use -o bind to remount /srv/video also on /video.
<twb> You probably don't want bind mounts.
<Cyntek> twb, do you understand my problem?
<VK7HSE-1> :)
<llragsll> need to configure ubuntu gateway with one physical interface for two logical subnets
<llragsll> I knkow tht this can be done using virtual if
<llragsll> but how to route packets from one interface to other?
<llragsll> anyone
<llragsll> ??
<cemc> llragsll: you have to enable ip forwarding on the box
<cemc> try this:
<cemc> sysctl net.ipv4.ip_forward
<cemc> if it's 0 (zero), forwarding is not enabled
<llragsll> oh...k
<llragsll> let me explain
<llragsll> this box has an ipsec tunnel to some other  n/w's so i knoe tht fowarding is enabled
<cemc> i see
<llragsll> there are two n/w's .2 and .4
<llragsll> the .4 n/w is the LAn
<llragsll> while I have the .2 n/w for the modem and the gateway only
<llragsll> i hope you follow me..
<cemc> could you just copy-paste the ifconfig output?
<llragsll> ok..jus a sec
<mib_guvg4wqr> http://www.mibbit.com/url/99KWRT
<cemc> not found
<llragsll> grrrr
<llragsll> http://www.mibbit.com/pb/LsBSAD
<cemc> ok, I got it
<llragsll> great...
<cemc> go on
<llragsll> the routes have been set too
<cemc> (maybe copy-paste?)
<llragsll> eth0:1 is the virtual interfac
<llragsll> http://www.mibbit.com/pb/GVVqGe ..yes this is route
<llragsll> the machines on .32 n/w can't access .24 resources
<cemc> the machines on .32 need to know where .24 is
<llragsll> .24 only consists of the my modem, consequently I can't access internet
<cemc> they need to have 32.207 as gateway,
<cemc> or you need to route network .24 on every machine to .24
<llragsll> but sine ubuntu is the gateway
<llragsll> yes
<cemc> to .24.207 i mean
<llragsll> .207 is the gatewway
<llragsll> .32.207
<cemc> and for .24 machines .24.207 is ?
<llragsll> .24 only consis of my modem to the internaet
<cemc> because they need to know too where .32 is
<llragsll> .24 is only from the modem to the gateway
<llragsll> hmm...
<cemc> hm indeed :)
<cemc> what resources are we talking about then ? :)
<cemc> on .24
<llragsll> internet through the modem
<llragsll> .24.1 is the default gatway/modem/WAA
<llragsll> its like <.32>------<ubuntu gateway>-----<.24.1 modem>------<internet>
<llragsll> the gateway has one physical interface..eth0...so i put a virtual interface eth0:1 on .24 n/w
<llragsll> shouldn't the gatway route .24 packets to eth:0:1 interface?
<cemc> the route output is from the ubuntu gateway ?
<llragsll> yes
<cemc> shouldn't the default gateway (last line) be 192.168.24.1 ?
<cemc> instead of 32.1
<llragsll> well it is...or rather it was..I have reset the n/w now...
<llragsll> everything is flat now
<cemc> the ubuntu box's gateway should be 24.1
<llragsll> yes...got it..
<cemc> and all the machines gw in .32 should be 32.207 (the ubuntu box)
<llragsll> are the routes correct?
<cemc> well, there are no routes really, those are just the directly ocnnected stuff, because you have the IP addreses on eth0
<cemc> you do need one other thing tho
<cemc> the 24.1 router should know about .32 too
<llragsll> hmm...but how
<llragsll> and Y?
<llragsll> it will be getting the packets only from ubuntu
<cemc> suppose you ping www.yahoo.com from .32.5
<cemc> the packet goes to 32.207 (ubuntu),
<llragsll> k...
<cemc> then it goes to .24.1,
<cemc> then it goes out to yahoo, comes back (that if NAT is set up on the router :) ),
<cemc> then 24.1 should send it back to the ubuntu box,
<cemc> but it doesn't know that
<cemc> if you don't tell it
<llragsll> yes...NAT is setup..
<llragsll> oh...k..understood..
<cemc> there's one other thing
<llragsll> now..how to accomplish tht?
<cemc> well
<cemc> you have to configure the router, if it's smart enough :)
<llragsll> I hope it is...
<llragsll> wht should I configure?
<cemc> do you have ping from say .32.x to 24.1 ?
<llragsll> I din try tht....I just open some sites to check
<llragsll> but I can ping from the gateway
<cemc> first try a ping from .32.x to 24.1
<llragsll> ok..
<llragsll> wht setticgs do I need to do on the router?
<cemc> no idea, depends on the router... you have to add a static route, 192.168.32.0/24 -> 32.207
<cemc> ummm
<cemc> 192.168.32.0/24 -> 24.207
<cemc> but how do you do that, it's up to you to find out :)
<llragsll> ok...yes..I remeber seeing something like ttht
<llragsll> yes tht's kool
<llragsll> thx pal
<cemc> btw,
<cemc> .32 and .24 are on the same physical network, nright?
<llragsll> yes...same n/w
<cemc> why you need the ubuntu box ?
<llragsll> we need it for squid and ipsec tunnel.
<llragsll> I am segregating the iptraffic from LAN traffic
<llragsll> all traffic on the .24 n/w will be WAN while .32 will be LAN
<llragsll> The gateway is setup properly right. Is there anything on the gateway to be done??
<cemc> then you definitely want 2 NICs in that ubuntu boxc
<cemc> one connected to .32 and one to .24
<llragsll> yes...tht's wht I told my manager.
<cemc> what's one more NIC, like $1 ? :)
<llragsll> :(...but we have to make do with wht we have
<cemc> I would buy it myself ;)
<llragsll> haha....
<cemc> that's not really separation if they're on the same n/w
<cemc> I mean if I were you
<cemc> I would get one
<llragsll> ok..I'll run tht through my manager..
<llragsll> but this virtual interfaces...where are they useful then?
<cemc> because nothing would stop one from setting a .24 ip on one of the .32 machines
<cemc> and going directly through the router
<llragsll> hmm...yes..
<llragsll> thx a grand dude...
<cemc> so what you want is to really force the .32 machines to go through the ubuntu gateway
<cemc> if you want to set up proxy, firewall and stuff
<llragsll> yes...tht is the intent
<cemc> you can do it with 1 NIC too, with VLANs, if your switch supports it
<cemc> but that's a bit more complicated
<_ruben> damn .. was just about to mention that :)
<_ruben> the vlan thing ;)
<cemc> ;)
<_ruben> then again, if an extra nic is a problem, i doubt there's a switch in place that'd support vlans
<cemc> yep :) that's what i was gonna say
<llragsll> VLAN's..i'll have to look into tht
<_ruben> stranger things have happened in the world though :)
<cemc> llragsll: you want to look at your switch if it's with management (I mean ip address on it, interface to configure it, etc), and if it has VLAN support
<cemc> but that's really not an ubuntu-server kinda topic ;)
<llragsll> lemme chek if it has VLAN...
<llragsll> but does this move evrything on the router?
<cemc> and first you want to read up on all that so you know what you're doing ;)
<cemc> move = ?
<llragsll> i'll learn as I go...:P
<llragsll> Gatway..
<llragsll> gateway
<cemc> [10:45:29] <llragsll> but does this move evrything on the router? <- don't understand this question
<llragsll> I meant doe this mean I won't be able to use the ubuntu server as a gateway
<llragsll> since with a VLAN the n/w's will be configured at the router.
<cemc> nope, it means you will be able to use the ubuntu as gateway as intended, with one NIC
<cemc> but it really would be easier to get another NIC :)
<cemc> trust me
<llragsll> bad news is my router doesn't seem to have vlan support..but I can put in routes. :)
<llragsll> yes...sure..I will get another NIC..for now this is just an intellectual pursuit...:)
<cemc> the router doesn't need VLAN support
<cemc> only your switch in which you have the ubuntu and machines connected
<cemc> and of course ubuntu
<llragsll> ok...haha..I know you are going to flip now...the modem is th switch/router everything
<llragsll> all m/c's are physically connected to .32.1
<cemc> nice ;)
<cemc> and what kind of router is it ?
<cemc> name, model, something ?
<llragsll> UTStar com
<llragsll> its modem/router/switch
<llragsll> got stuff to read then...thx for the help
<llragsll> cheers
 * llragsll leaves
<cemc> have fun :)
<cemc> funny that it had like 1% to do with ubuntu ;)
<dayo> how do i upgrade a single package on the server, i.e. squid?
<_ruben> dayo: sudo apt-get update && sudo apt-get install quid
<_ruben> s/quid/squid/
<_ruben> (install performs an upgrade when already installed)
<dayo> _ruben: ok, trying that now.
<PecisDarbs> hi people, where I can get information about when OpenLDAP record was created?
<kraut> moin
<dayo> _ruben: well, it says i already have the latest squid installed. thanks anyway :-)
<dayo> kraut: moin moin
<dennda> rkhunter reports several files like useradd have been changed recently. I did an update yesterday. Does rkhunter not take into account changes due to updates?
<ivoks> no
<ivoks> you have to update its database
<dennda> how?
<dennda> i tried rkhunter --update but that didn't show any updates
<ivoks> that will update its database
<dennda> well, it didn't :-)
<ivoks> how do you know?
<dennda> it said "no updates" and in the check i'm currently running it's still complaining about those files
<ivoks> https://answers.launchpad.net/ubuntu/+question/34625
<ivoks> you did run it as root?
<dennda> yes
<dennda> --check-version reports there is an update available though... 1.3.0 -> 1.3.4
<ivoks> that's irrelevant
<dennda> ivoks: ok, understood; but I still didn't get how to update its database, since --update gives me "no updates found"
<dennda> i do have wget, of course
<ivoks> right... --update is something else
<ivoks> --propupd is the right swtich
<dennda> oh
<dennda> overlooked that
<dennda> silly switchname though
<dennda> so lemme do a check again
<dennda> ivoks: great that solved it. thanks
<dennda> ivoks: you don't happen to know by heart how to tell rkhunter that it's normal that some functionality just doesn't exist? (like QM_MODULES for the kernel or such. it's always complaining)
<ivoks> i never used it
<dennda> ok
<dennda> thanks
<incorrect> is it possible to use dpkg-reconfigure package and supply it will the answers to the questions?
<nomoa> hi, why is this in error : echo $((08%4)) ??
<nomoa> hmm, leading 0 indicates base 8
<salsa> hello. I cannot reboot the VM (ubuntu-server 8.04) on Xen (3.0.3) either shut it down using standard methods from console. Could you please comment.
<salsa> opercod@rocserv:~$ sudo reboot -n
<salsa> The system is going down for reboot NOW!
<salsa> that's all what I get
<_ruben> incorrect: use debconf-set-selections
<incorrect> thanks!
<Cyntek> is it possible to install an NTFS drive with data on it, and mount it on ubuntu-server ?
<cemc> Cyntek: should be easy enough
<_ruben> readonly is trivial .. read/write is still a bit tricky
<Cyntek> ntfs-3g is default installed with ubuntu-server, right.
<yann2> sure? ntfs-3g has been considered production ready for a while
<Cyntek> so it should detect the ntfs drive with data already installed.
<Cyntek> when i do sudo fdisk -l  i do see the drive, sdc1
<Cyntek> but it says its using the OnTrackDM6 under the System section ?
<Cyntek>    Device Boot      Start         End      Blocks   Id  System
<Cyntek> /dev/sdc1               1        1023     8217243   54  OnTrackDM6
<dsmith-work> Cyntek: It should be safe enough to try and mount it read-only.
<Cyntek> dsmith-work, k. but i just installed ntfs-config and it needs gtk+ gui, how do i remove it?
<dsmith-work> How do you remove a package? "aptitude remove|purge" or whatever you like.
<dsmith-work> s/remove|purge/{remove,purge}/
<Cyntek> i did sudo apt-get uninstall ntfs-config
<Cyntek> did not work
<dsmith-work> I think aptitude is a little smarter then apt-get about also removing dependencies.
<dsmith-work> Cyntek: apt-get --help
<Cyntek> i did it, sudo aptitude remove ntfs-config
<Cyntek> and it gave me the following packages will be removed:
<Cyntek> its removing it, now back to my issue.
<Cyntek> dsmith-work, here is what fdisk shows: http://rafb.net/p/TSFBAs96.html
<dsmith-work> So try something like     mount -r -t ntfs /dev/sdc1 {somemoutpoint}
<dsmith-work> and see if it complains
<dsmith-work> Cyntek: The -r is read-only
<Cyntek> k, i will try.
<Cyntek> dsmith-work, it complained: http://rafb.net/p/t9GZHP84.html
<dsmith-work> Ok.  Then you can't mount it.
<lorenzosu> Hi all. Anyone have experience about doing replicated installs of ubuntu desktop?
<Cyntek> dsmith-work, can i change the Filesystem to some other than ntfs to ext3 without loosing any data?
<_ruben> nope
<Cyntek> shux.
<oCean_> Cyntek: you might find something useful here: http://ubuntuforums.org/showthread.php?t=721937
<dsmith-work> Cyntek: googling for    turned up this:  http://ubuntuforums.org/showthread.php?t=385218&page=3
<Cyntek> i will take a look at it.
<Cyntek> okay so how do i get into the bootloader and the option:  sdc1=remap63
<Cyntek> dsmith-work, oCean_ how do i get into the bootloader to add the option?
<oCean_> Cyntek: I'm not sure if you see grub menu during startup, since you're on server, but I thinkg hitting 'esc' will get you in bootloader. I think it's option "e" to edit commandline arguments.
<Cyntek> im able to get into the grub.menulist
<Cyntek> http://rafb.net/p/UFVHQZ68.html
<Cyntek> where do i this option:  sdc1=remap63
<oCean_> Cyntek: search in menu.lst for line starting #kopt
<oCean_> hm.. line is not there? Seems to be a bit diff from my (current) install, which is not server version.
<oCean_> anyway, during boot you'll have to option to add cmdline arg.
<Cyntek> it boots straigt into login.
<oCean_> yeah, I think you have to press ESC immediately after startup, before it starts loading the kernel
<Cyntek> i held it down right before i did the reboot, nothing.
<Gargoyle> hello, everyone!
<Cyntek> oCean_, i got it.
<Cyntek> what part do i edit to add: sdc1=remap63
<oCean_> Cyntek: aha. Hope it also solves the actual mount problem?
<oCean_> err.. I'm not sure... you are in the bootloader atm?
<oCean_> there should be some options like 'e' to edit and 'a' to append I thinkg
<oCean_> *think
<axisys> how do net install an x2100 (sun hardware) ?
<JanC> axisys: there is a page about net installs on the wiki, or is something special about the x2100 ?
<axisys> JanC: i want to use PXE
<JanC> axisys: https://help.ubuntu.com/community/Installation#Server%20and%20network%20installations ?
<axisys> JanC: tnx
<nealmcb> is there a convenient way to convert the x11 clipboard from unicode text to a reasonable ascii version?  E.g. to copy/paste from a web page with smart quotes to an ascii-only terminal session or editor?
 * nealmcb figures server-folks will know more about this than #ubuntu folks....
 * nealmcb should have put "smart quotes" in quotes....
<sbeattie> nealmcb: xclip?
<nealmcb> sbeattie: thanks - I'll look at it
<JanC> hm, did anybody else have problems with filesystems on a linux software raid not being mounted during boot after an upgrade from intrepid to jaunty?
<nicetry> I'm trying to figure out which groups have which privlages, so I know which ones to join to new users I create. How do I go about finding out information about groups?
<JanC> nicetry: did you try searching the docs/wiki?
<nicetry> JanC: I did, I was having trouble finding the documentation for the default groups in ubuntu-server and what they were for, thats why I came here.
<JanC> I'm not sure they are documented in one place, but you're right they should be  ã
<nicetry> JanC: Right on, I wonder who should be informed about that.
<JanC> maybe the documentation team?
<nicetry> indeed
<JanC> in the users & groups GUI some of them have a nice description, that might be a good starting point
<axisys> how do I define a different interface eth0:1 instead of default eth0 for dhcp daemon ?
<uvirtbot> New bug: #324212 in tomcat6 (main) "Tomcat 6 does not respect CATALINA_BASE/lib" [Low,Fix released] https://launchpad.net/bugs/324212
<Vog-work> Bug:245532
<Vog-work> Has anyone found a work around for Bug 245532
<uvirtbot> Launchpad bug 245532 in lm-sensors "libsensors postinst fails on add/remove device entries" [Undecided,Confirmed] https://launchpad.net/bugs/245532
<giovani> although not ubuntu-specific, I was wondering if there's an accepted technique for finding the "path of dependency" for a package -- to find out why it's installed
<axisys> i am getting " tftp: client does not accept options" while trying to net install a linux box
<axisys> i followed this https://help.ubuntu.com/community/Installation/LocalNet#Basic: Hands-On Interactive Network Server Edition Install
<uvirtbot> New bug: #335581 in ubuntu "Ubuntu Server Install Fails with Dep Errors" [Undecided,New] https://launchpad.net/bugs/335581
<dsmith-work> giovani: Hmm. I don't know.  I guess you can look at the intersection of installed packages and packages that depend on a certain package.  That won't tell you what package pulled it in though.  I think aptitude keeps track of that information somewhere though.
<Ethos> http://ubuntuforums.org/showthread.php?t=986689&highlight=mssql
<Ethos> anyone played with that before?
<Ethos> will the first post work...
<poshvin> Did any one install Dlink DWA 520 (wifi) card on UBUNTU 8.04( Hurdy ...)
<giovani> dsmith-work: yeah, I was worried it might be that manual of a process -- I've got an ubuntu jaunty alpha 5 server install, and was wondering why x11-common was installed
<dsmith-work> giovani: Well, aptitude seems to know, so there may be a way of convincing it to tell.
<giovani> dsmith-work: indeed there is "aptitude why PACKAGENAME"
<giovani> although it doesn't do the entire chain
<giovani> just one level up
<giovani> x11-common is depended on by xauth ... but, xauth is not depended on by anything I have, just recommended by openssh-server, and I don't think I'd need xauth when there's no X :)
<giovani> odd indeed
<JanC> giovani: recommends are treated as dependencies by default?
<giovani> JanC: I was not aware of that ... thanks for the info -- mystery solved :0
<giovani> :)*
<ScottK> Reccommends are installed by default, not treated as recommends.
<ScottK> openssh-server recommending xauth seems overkill to me.
<giovani> is there a switch somewhere for apt-get to disable that behavior
<giovani> ?
<JanC> ScottK: yeah, that's what I mean
<ScottK> There is.  I don't recall the exact syntax.
<giovani> it's --no-install-recommends it appears -- too bad there isn't a shorter version
<Ethos> can install php5-dev mess up a current php install?
<JanC> giovani: there is a way to put it in an apt config file too
<drbobb> hello, i'm still having trouble with one of my servers, grub is refusing to boot from the hdd
<giovani> JanC: indeed APT::Install-Recommends "0" ;
<giovani>  does it
<giovani> whoops
<drbobb> the machine has a single hdd that is identified as /dev/sda
<drbobb> but under an old red hat it was seen as /dev/hde
<drbobb> until now i have managed to boot via a grub floppy
<drbobb> but when i try booting from hdd grub seems unable to locate stage1.5
<giovani> yeah, you'll need to edit /boot/grub/device.map I think
<drbobb> nope
<giovani> and set hd0 to the correct device
<JanC> and then install grub again
<drbobb> hd0 is /dev/sda
<drbobb> there is no other hard drive on the system
<giovani> then grub probably needs to be reinstalled, yea
<drbobb> i already did that
<drbobb> but nothing changed
<giovani> how did you reinstall grub?
<drbobb> grub-install hdo
<giovani> uh
<giovani> it needs to be grub-install /dev/sda
<dsmith-work> giovani: Cool. good to know about aptitude
<drbobb> but device.map says
<drbobb> (hdo) /dev/sda
<giovani> first of all, it's not supposed to be hdo
<giovani> it's supposed to be hd0
<giovani> (zero verus oh)
<drbobb> hd0
<giovani> second of all ... grub-install is reinstalling grub ... it's not reading device.map
<giovani> only grub reads device.map
<drbobb> did i write h-d-oh?
<drbobb> sorry
<giovani> yes, twice
<drbobb> my bad
<giovani> but, you need to install grub with grub-install /dev/sda
<drbobb> at the command line i didn't
<giovani> I assure you, you do not use hdX for grub-install
<drbobb> man grub-install thinks otherwise
<giovani> you're not booted inside of the OS
<giovani> you're booted off recovery media
<giovani> which doesn't have the device.map
<giovani> please run grub-install /dev/sda
<drbobb> wrong assumption
<drbobb> i was inside the os
<drbobb> but i'll try it anyway, although as per the docs it should make no difference
<drbobb> actually what i did was, i made a grub boot floppy
<drbobb> loaded the grub from there, and booted linux from the grub command line
<giovani> if it really doesn't work after that, maybe #grub can help
<drbobb> btw grub was originally installed on the hdd by the ubuntu-server installer
<drbobb> and i really wonder why didn't it work
<drbobb> with a single hard drive on  the system, it's hard to see what could go wrong
<giovani> sounds like either something was done incorrectly manually, or possibly the drive is corrupt
<giovani> you did say it had old redhat on it at one point, right? how old is the drive?
<drbobb> hmmm it's 200GB and SATA, so it can't be all that old
<simonp> there's no ubuntu kernel with vserver support, right?
<drbobb> model # is ST3200822AS in case that tells you anything
<MatBoy> does anyone know a good postfix/dovecot + mysql howto ? I can't get this working 100% under ubuntu
<giovani> simonp: an official one? not that I know of -- but there's a debian/ubuntu repository with a vserver kernel
<drbobb> the controller is identified as SiI 3112 [SATALink/SATARaid] Serial ATA Controller (by lshw)
<giovani> drbobb: ask in #grub ... it's unlikely it's a corrupted drive if it's that new
<cemc> drbobb: did you try reinstalling grub from the grub cli ?
<giovani> MatBoy: might be best asked in #postfix or #dovecot, no?
<cemc> grub> root (hd0,x)
<giovani> depending on how you're doing auth
<cemc> grub> setup (hd0)
<cemc> where hd0,x is the root partition-1
<drbobb> uh i believe you mean /boot partition rather than root partition
<giovani> MatBoy: but google's first hit was http://johnny.chadda.se/2007/04/15/mail-server-howto-postfix-and-dovecot-with-mysql-and-tlsssl-postgrey-and-dspam/ -- that might be helpful
<cemc> drbobb: umm... if you have /boot separat, then yeah
<MatBoy> giovani: I used that one... doesn't work quite well
<drbobb> yes i do, the rest of the drive is under LVM
<cemc> but who needs that nowadays? :)
<cemc> I see
<giovani> MatBoy: well, following something line-for-line is rarely going to work
<giovani> MatBoy: if you have specific problems, I'd ask where it's most relevant -- in #postfix or #dovecot
<drbobb> ok will try that
<giovani> cemc: umm, everyone?
<cemc> drbobb: try running 'grub', and installing it from there
<MatBoy> giovani: no, I mean... there are some issues with that setup that I have seen also with other docs and tut using the same kind of way
<giovani> MatBoy: ok ... but once again ... don't you think #postfix and #dovecot are most relevant to this?
<drbobb> btw seems not a bad machine altogether, though i was surprised that a 2.8GHz Xeon can lack 64bit mode
<MatBoy> giovani: yep... but not very helpfuill at the moment.. most of the time ubuntu users make good docs and tuts to ripp stuff out :)
<cemc> MatBoy: what's error message? :)
<cemc> what's the* error message rather
<giovani> MatBoy: well ... I think you're not going to get what you want here, so, good luck
<MatBoy> giovani: it's always good to try :)
<giovani> better to try in the right place
<MatBoy> the ubuntu community is very creative !
<MatBoy> yes, I'm there, worked last night on it with the guys
<giovani> just looking at the official documentation
<giovani> it's pretty straightforward
<giovani> I recommend you look at it
<cemc> MatBoy: still don't see the problem described ;)
<MatBoy> yep.. but last night taht was kinda difficult :P
<cemc> which part doesn't work ?
<giovani> cemc: because he doesn't appear to have a specific problem ... he wants something to hold his hand
<MatBoy> cemc: nah, it does not do what it supposed to when I install it normally... but I'm busy on it.. making some prgress :D
<MatBoy> giovani: what kind of weird thing is that ?
<MatBoy> giovani: did you had a bad day where you needed that hand yourself ?
<MatBoy> man... relax !
<giovani> I can't even follow what you're saying now
<MatBoy> giovani: indeed... that is your issue :)
<MatBoy> cemc: following a lot of docs, some stuff needs to be configured in several ways... but none work... and paths are most of teh time different too.. so I was looking for some reference !
 * giovani goes back to the wonderful world of grammatically correct sentences
<cemc> MatBoy: ok. which part doesn't work exactly? and what's your setup ?
<cemc> do you have some errors in the log ?
<cemc> anything useful?
 * MatBoy goes back to the real ubuntu world... don't nitpcik.. just help ;)
<cemc> hard to help without a real exact problem description
<cemc> khm..
<MatBoy> cemc: I didn't mean you :)
<MatBoy> cemc: I'm busy with some mods.. will let you know where I end up
<drbobb> hey while i'm here lemme ask a silly one
<cemc> MatBoy: ok
<drbobb> years ago i was using debian and spent some time dicking around with compiling the kernel with many different options
<drbobb> and one thing i discovered was that if i compiled in the framebuffer console, i could choose a console font that looked just like the one on sun sparc machines
<drbobb> is it still possible to do that?
<giovani> sure
<drbobb> can i have that on ubuntu without a kernel recompile?
<giovani> drbobb: I don't think that framebuffer support is built into the ubuntu server kernel; it is into the desktop kernel
<drbobb> and btw what is the kosher way to configure text console resolution & fonts on ubuntu?
<giovani> just passing kernel fb commands afaik
<giovani> although on the desktop install, you'd need to modify the usplash settings probably
<drbobb> CONFIG_FRAMEBUFFER_CONSOLE=m
<drbobb> found by grepping the config-2.6.24-23-server
<drbobb> but it seems the more fancy fonts were left out..
<drbobb> (# CONFIG_FONTS is not set)
<MatBoy> cemc: for sure is that my pipe between postfix and dovecot does not work ok for delivering
<simonp> what happened to u32.net?
<giovani> simonp: what was/is it?
<simonp> vserver repositories ; )
<giovani> ah, mystr be out of date
<giovani> must*
<ScottK> mathiaz: Some of the django stuff you promised in the blog FTBFS, so unless it's fixed, it won't actually be included.
<axisys> do I setup the server to install security updates automatically or should I setup apticron to get email alerts?
<axisys> whats the popular path people take?
<axisys> i guess i can revisit this question even after the server installation completes? if yes, how ?
<axisys> i just inserted a second disk .. do I need to reboot to see the seocnd disk?
<axisys> I am getting this http://pastebin.com/f42c0d114
<giovani> axisys: what do you mean "second disk"?
<giovani> and nobody in the right mind (imo) uses automatic updates on a server
<MrSillypants> Agreed about automatic updates
<giovani> s/the/their/
<JanC> giovani: unless you have your own repository with tested packages and a whole bunch of identical servers maybe
<giovani> JanC: I think that explanation is out of the scope of what axisys was asking :)
<giovani> but yes, that'd be an entirely different situation
<uvirtbot> New bug: #335556 in liferea (universe) "liferea-bin crashed with SIGSEGV in _nss_wins_gethostbyname_r() (dup-of: 286119)" [Undecided,New] https://launchpad.net/bugs/335556
<drbobb> ok so i figured out how to load the fbcon on top of the framebuffer driver for my card, how to set a resolution and how to load a font with consolechars
<drbobb> unfortunately there seems to be nothing similar to the sparc console font that can be used in this fashion
<drbobb> it needs to be compiled in, probably by setting config FONT_SUN12x22 in the kernel
<Brucey> how can i view the date of a backup file?
<Brucey> or when was the file created
<milligan_> I have a perl process dominating my cpu usage, but it's being executed by www-data. How can I figure out what file is being run?. Checking ps auxw, I find the process like this: www-data 17373 99.5  0.4   4696  2444 ?        R    Feb19 11872:44 /usr/sbin/apache/log <- That file doesn't exist though. Is this some kind of bug, or do I have a user trying to mess with the system ?
#ubuntu-server 2009-02-28
<giovani> milligan_: sure it's not cutoff?
<giovani> (the process name)
<milligan_> nope
<milligan_> How would I check that? :)(
<giovani> uh ... you'd go into /usr/sbin/apache and look if any of the utilities start with "log"?
<VK7HSE> I'm having some trouble with uscan, I have squid 2.7 (on server) and I'm attempting to use uscan to update a source for another application. here is the error... http://paste.ubuntu.com/124058/  any clues as I've yet to find an answer on google!
<milligan_> giovani, ah, like that .. I don't even have a /usb/sbin/apache .. I have a /usr/sbin/apache2/ though
<giovani> try using a process viewer like htop
<giovani> it allows you to scroll over
<giovani> ah
<giovani> well some googling has turned up that this might be a trojan
<giovani> http://apis.studio707.net.my/wp-content/log.txt
<giovani> not a good sign, my friend
<giovani> well, not a trojan, a worm of some kind
<milligan_> hmm
<giovani> pretty bad news
<giovani> that server should be quarantined immediately
<giovani> if you do a packet capture, I'm sure it's actively attacking
<milligan_> I killed off the process, so it's not doing anything at the moment
<giovani> it may respawn
<giovani> depending on how it started
<giovani> and there's probably other stuff installed already
<milligan_> question is .. how did the damn thing get in there.. All my users are jailed .. there are no accounts on there that I don't recognize ..
<giovani> this script seems to have an irc c&c server
<milligan_> guess there might be a roundcube bug or something
<giovani> well I'd be looking for this file
<milligan_> log.txt ?
<giovani> there was a roundcube vuln a month or so ago
<giovani> you patch that
<giovani> milligan_: no, I'd be doing text searches to find the contents of the file, search on something unique
<milligan_> Nope, don't think so
<milligan_> doing a search for index.php?pg= ...
<giovani> well don't run alpha code like roudcube
<giovani> I'd do a text search on /usr/sbin/apache/log
<giovani> because we KNOW that's in the file, the version on your server could be modified from the one I just found
<milligan_> searching for that as well
<JanC> giovani: it doesn't have to be there literally
<giovani> JanC: it is in the version we found, it's unlikely that that has been changed versus other parts of the file
<milligan_> I suppose the script could be included from a remote location...
<giovani> this is why netflow, mod_security, and full packet capture logging is helpful
<giovani> you also sifting through your access logs?
<milligan_> ah
<milligan_> there we go
<milligan_> phpshell in the roundcube logs dir.
<giovani> hah
<giovani> I'd highly recommend a more mature webmail platform
<giovani> roundcube has had a lot of problems
<Nafallo> what else is there that look as good to the end users?
<giovani> well, a) security in this case has to trump pretty uis
<giovani> but, there is atmail
<giovani> or some creative themes for horde imp
<Nafallo> any of them not written in php? :-)
<giovani> not that I know of -- although php has nothing to do with these security problems
<Nafallo> I've heard that before, and I do not agree.
<Nafallo> way to late for me to defend that statement though.
<giovani> these are not php vulns, these are pieces of shitty coding
<giovani> anyway ... you're the one with a requirement for a pretty ui
<giovani> hardly a security perspective
<Nafallo> no. my mum is.
<giovani> tell your "mum" to use gmail
<Nafallo> no way what so ever.
<giovani> haha
<Nafallo> mum actually got more mail accounts on my server than I do.
<Nafallo> o_O
<giovani> sounds like she should be using something more robust than webmail
<Nafallo> I totally win on aliases though :-)
<Nafallo> she is. I'm not hosting webmail at the moment :-)
<giovani> no problem then
<Nafallo> she has requested it, and I'm rolling it into my new system.
<milligan_> giovani, thanks for helping out mate .. I believe I found their way in, and I've patched it :)
<milligan_> giovani, http://www.milw0rm.com/exploits/7553 <- There's what they used.
<giovani> milligan_: yeah, that was patched at the end of december
<milligan_> not on my server,hehehe.
<giovani> milligan_: I'd sign up for their RSS feed if I were you
<giovani> 0.2 beta is also depricated now
<giovani> 0.2 final is out
<milligan_> yeah
<milligan_> I'm running stable
<giovani> the security vuln was fixed in stable iirc
<giovani> http://sourceforge.net/forum/forum.php?forum_id=898542
<axisys> when I insert my second sata disk in x2100 I get this message http://pastebin.com/f440500f0
<axisys> what is that mean? fdisk -l shows only one disk
<axisys> i have two disks in there now
<giovani> axisys: it means hotplugging may not be supporteD?
<axisys> here is my lshw report http://pastebin.com/f4ab4d135 .. i see only one disk
<axisys> giovani: so I need to reboot?
<axisys> giovani: is there any way to enable hotplug btw ?
<giovani> axisys: generically when you want to insert new hardware like a hard drive ... yes, you have to reboot
<giovani> axisys: that would require a special drive for your card, afaik, and the card would have to support it
<axisys> giovani: in solaris i just run devfsadm .. hoping somethin similar
<giovani> well solaris probably has a driver for your sun box
<giovani> google
<giovani> for your specific hardware
<axisys> giovani: ok .. thnx
<giovani> http://docs.sun.com/source/819-3722-19/index.html#21924
<giovani> your own company's docs say it's not even supported in solaris
<axisys> giovani: i dont work for sun
<giovani> anyway, this is a common practice
<giovani> yes, but this is #ubuntu-server, not #sun, so, I'd expect that you'd have looked at your hardware's docs first
<giovani> I didn't mean that you worked for sun, I meant, this is not an ubuntu-specific issue
<axisys> i usually get more help from ubuntu.. so decided to install that over solaris
<axisys> giovani: ofcourse it is not ubuntu specific.. just learning.. :-)
<JanC> IIRC there is a way to tell the kernel to rescan for disks
<giovani> ok, well in general, if something hardware-related doesn't work, go to the source first
<axisys> giovani: thnx
<axisys> JanC: that would be nice..
<JanC> but IIRC there is no guarantee that it works, or that it doesn't blow up your server...   :P
<axisys> hehe
<JanC> also, you should never use it while other disks are mounted, which makes it pretty useless in most cases
<axisys> JanC: i am wondering if i could have use hardware raid instead of jbod like i am doing now
<JanC> hardware raid?
<axisys> JanC: i think this box, x2100 has hardware raid available
<JanC> well, maybe Sun ships real hardware RAID, I don't know
<axisys> checking
<axisys> looking at the handbook
<axisys> http://sunsolve.sun.com/handbook_private/validateUser.do?target=Systems/SunFireX2100/SunFireX2100
<JanC> I don't have Sun server (meaning i can't read that page)
<bcurtiswx> Anyone, i installed an ubuntu mail server through the ubuntu guide.  Using dovecot, I seem to get the messages (as they are sitting in /var/mail/<my username>) but i can't retrieve them using a GUI (like squirrelmail or evolution).. can anyone help me find out why (i've searched the internet with no help, and logs don't show any errors).
<JanC> which guide?
<bcurtiswx> https://help.ubuntu.com/community/MailServer
<giovani> well did you configure dovecot?
<bcurtiswx> yes
<giovani> so it's running on imap/pop3 ports?
<bcurtiswx> yup
<giovani> and what happens when you try and log in?
<bcurtiswx> http://www.zoneedit.com/smtp.html
<bcurtiswx> that works great when i inser tinfo
<bcurtiswx> i can log on fine
<giovani> smtp != pop3/imap
<giovani> they're deivered by separate programs
<bcurtiswx> well that tests to see if mail servers working in the first place
<giovani> it says smtp.html -- I presume it's testing smtp
<giovani> not imap/pop
<bcurtiswx> yes, sorry for that being confusing
<bcurtiswx> that was more of a side note
<axisys> i rebooted the x2100 and now I see both disks .. and fdisk -l shows this  http://pastebin.com/d3b4626a9
<axisys> how do I mirror the second disk to the first?
<giovani> axisys: mirror? you want to do software raid?
<JanC> bcurtiswx: where does dovecot look for mails?
<JanC> is tha tthe same place as where your MDA delivers them?
<giovani> well first we need to see what happens when he tries to connect to dovecot
<giovani> we don't even know if it's running
<JanC> true
<giovani> since he's just talked about checking smtp
<axisys> giovani: yes please
<bcurtiswx> Feb 27 20:34:38 weather dovecot: imap-login: Login: user=<bcurtis>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS
<giovani> axisys: you'll obviously need to start fresh -- as software raid has to be done before installation on top of that medium, unless you're raiding two non-OS disks
<bcurtiswx> good enough proof its working??
<giovani> bcurtiswx: running, yes -- but clearly misconfigured if it's not giving you your mail
<axisys> giovani: interesting! on solaris I could just mirror the second and a reboot would activate the metadisk
<JanC> giovani: he can setup a degraded raid1 on the second disk, format it, copy everything over, fix fstab etc., then after rebooting and everthing works add the first disk to the raid too  ;)
<bcurtiswx> giovani: ok based on the guide listed above.. do i have to go in line by line of dovecot.conf to get it setup right..
<bcurtiswx> the guide doesn't go that in detail i guess is a more general question
<axisys> JanC: that would be ideal for me
<JanC> axisys: considering that your system is a new install, just start over again, it will be faster...
<axisys> JanC: if i start over how would I do the mirror ? build with LVM option?
<JanC> you don't need lvm
<axisys> JanC: when i was installing i did not see any other option for raid
<JanC> so do it manually from another virtual console than the installer runs on?
<JanC> and carefully read the mdadm manual
<axisys> JanC: would be nice if there is a guide somewhere..
<giovani> JanC: really? that sounds horribly messy
<giovani> axisys: there are raid options in the installer
<giovani> but JanC seems to know more about md than I do -- I stay away from software raid
<axisys> giovani: yeah lspci shows that too.. i guess that would be simpler... even though need a fresh install
<JanC> if that hardware raid is reliable (and a real hardware raid) it might be better to use that
<axisys> JanC: it is nvidia nvraid .. not sure how reliable that is
<axisys> 00:06.0 IDE interface: nVidia Corporation CK804 IDE (rev f2)
<axisys> 00:07.0 IDE interface: nVidia Corporation CK804 Serial ATA Controller (rev f3)
<axisys> 00:08.0 IDE interface: nVidia Corporation CK804 Serial ATA Controller (rev f3)
<bcurtiswx> giovani: yes i am an idiot... i missed 3 settings in dovecot.conf... thanks for the help.. sorry for being.. "that guy" lol.. cheers
<JanC> nvidia? that sounds like some sort of fakeraid, but I might be wrong   ;)
<JanC> are you sure that's the raid controller BTW?
<axisys> JanC: yes
<axisys> JanC: http://docs.sun.com/source/820-6350-10/chapter1.html#d0e1261
<axisys> JanC: http://docs.sun.com/source/820-6350-10/chapter1.html#d0e500
<JanC> I'm almost sure that's some sort of "fakeraid", so linux software raid (md) is probably the better choice
<giovani> yeah, I'm pretty sure nvidia raid is fake
<axisys> well then I should start looking for a software raid howto
<axisys> i am glad i asked about the nvraid or i almost took the wrong path :-)
<JanC> this might be useful reading: http://linux-raid.osdl.org/index.php/Linux_Raid
<axisys> JanC: thnx
<JanC_> there is some info on mdadm on the Ubuntu wiki too, but not really a howto AFAICS
<JanC_> or maybe there is
<JanC_> https://help.ubuntu.com/community/Installation/SoftwareRAID
<JanC> bah, crappy ADSL connection
<axisys> JanC: thnx a lot
<JanC> I learned most of what I use from the man pages though  ã
<JanC> well, man-pages + trial & error
<axisys> JanC: so u use mdadm ?
<JanC> yes, but I don't have a lot of experience with it really
<JanC> except that it saved me a some work once (one of the 2 brand-new disks in my raid1 failed after a couple of weeks, before I'd set up backups ;) )
<JanC> (this is on a desktop)
<JanC> well, s/desktop/low-end workstation/
<JanC> it has some cool features that you won't find on most desktop motherboard  ã
<axisys> JanC: ok .. still reading this http://tldp.org/HOWTO/Software-RAID-HOWTO-5.html
<axisys> JanC: pretty good writing.. then will read your two links
<JanC> axisys: remember that you need "mdadm", not what they say about "raidtools"; that HOWTO seems a bit outdated
<JanC> 'man mdadm' is probably more useful...
<axisys> JanC: i am just trying to get an understanding.. your first link claims to be more up-to-date..
<axisys> ok
<axisys> how can I tell from this X4100 's layout if I am using hardware raid or disk http://pastebin.com/d1df57f3c ?
<axisys> i guess according to smartctl i am using the hardware raid http://pastebin.com/f2eb79df7
<JanC> I might be wrong, but AFAIK LSI MegaRAID is fakeraid too
<jmarsden> MegaRAID is a whole range of devices, many of which are high end SCSI real RAID controllers.
<axisys> JanC: lol
<JanC> jmarsden: ah, okay
<JanC> jmarsden: I wish manufacturers would not re-ab-use marketing names like that  :-(
<jmarsden> Yep... you just have to go down a level and use model numbers... but then you get Linksys and the "WRT54G" model, which has changed completely about 5 or 6 times by now...!
<JanC> jmarsden: yeah, that's a really complicated case, because they also sell devices that are like older WRT54G revisions under a slightly other model number etc.   ;)
<axisys> JanC: this I can definitely follow http://kuparinen.org/martti/comp/ubuntu/en/raid.html :-)
<Mal3ko> are there tweaks for optimizing server connection?
<JanC> Mal3ko: what do you mean?
<Mal3ko> tuning and optimizing vpn server with high network load
<JanC> Mal3ko: sorry, no experience with that
<JanC> Mal3ko: there are some hardware-based solutions for that, or you could try some load balancing over multiple servers
<pjsturgeon> crontab is not running. any ideas?
<pjsturgeon> ps aux | grep cron shows cron is running
<pjsturgeon> and i am using a * * * * * * rule
<cemc> in which file ?
<cemc> pjsturgeon: in which file did you put that?
<cemc> and you only have five stars, not six
<pjsturgeon> crontab -e and that was off the top of my head to signify an all *'s rule
<pjsturgeon> it seems to be running but no output, so i guess its another problem.
<pjsturgeon> thanks anyhow :)
<rdw200169> no one mentioned the newline thing to pjsturgeon, i suppose... that's one has burned me *many* times...
<cemc> I have a machine with a P4 processor on it,
<cemc> how could I enable hyperthreading ?
<cemc> kernel param, or other kernel?
<cemc> smp kernel?
<cemc> it's an Ibex install
<micro-`> hello, im using ubuntu-server, i want to get the most updated packeges, how can i enter the "unstable" (debian like) apt tree?
<godsyn> please assist. using 2.6.27-11-server. I acquired an HP webcam (15b8:6002) that isn't detected. Dmesg shows a new HID ([HP HP WEBCAM])] on the bus, but seems to fail to use any drivers. To my understanding: they, as of intrepid, are in the kernal  Help?
<|HSO|SadiQ> I get a warning like this in my server's log:  Address 79.112.225.217 maps to 79-112-225-217.rdsnet.ro, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! ... that's my Ip ...should I worry???
<|HSO|SadiQ> nobody can tell me??
<Dan722> anyone here?
<kookaburra> Yep
<Dan722> hi, i need help setting up my ubuntu server box =/
<Dan722> and so i figured after google this is the next best place to go.
<kookaburra> What, exactly, do you need?
<Dan722> i amtrying to setup a host serve to hst adomain
<Dan722> host*
<Dan722> i bought a domain, i just need to setup the server part.
<kookaburra> OK, so you trying to host a single site on a your server?
<Dan722> yep
<kookaburra> OK, and what part are you having trouble with?
<Dan722> umm.... i tryed a tutorial but it wasnt very clear
<Dan722> so, like everything from installation of ubuntu server
<kookaburra> What part?
<kookaburra> This isn't like flipping a light switch, it's kind of a multi-part process...
<Dan722> getting the programs i need to host a server effectively
<kookaburra> OK, let's start with the easiest part first
<kookaburra> Do you have Apache installed?
<Dan722> we just started reinstalling ubuntu server 8.10
<Dan722> the tutorial i tried sorta screwed the first install up
<kookaburra> OK, let's go up a level then
<Dan722> :(
<kookaburra> Do you have a working copy of Uubntu?
<Dan722> yep
<kookaburra> OK, and now, do you have a copy of Apache running on the server?
<Dan722> we're installing the server on the box right now
<kookaburra> So then you don't have a working copy of Ubuntu?
<Dan722> well, we have the cd, thats what i thought you meant
<Dan722> but we're reinstalling right now
<kookaburra> OK, let's get that installed first
<kookaburra> What problems are you having with the install?
<Dan722> none, i just need to know programs i need to host a domain on it
<Dan722> after i install
<kookaburra> Well, that sort of depends on what you'e going to be doing with the domain...
<Dan722> getting a basic html/css website up
<kookaburra> ok, that helps
<Dan722> :)
<kookaburra> As far as programs I would use:
<kookaburra> Apache - For actually serving the site
<kookaburra> BIND9 - For DNS
<kookaburra> Technically that's all you need to host the site
<kookaburra> You'll probably want some additional features, so for reporting you might check out Webalizer
<Dan722> how about mail servers?
<Dan722> well. dan is now talking with his mother.
<Dan722> =P
<Dan722> so scratch the the mail part.
<kookaburra> I'd guess that you're going to want some sort of FTP on that rascal so I'd stick ProFTPD on there too
<Dan722> okay
<Dan722> *writing this down*
<kookaburra> As far as basic setup, getting those four on there will get you up and running.
<Dan722> alright. how do we actually get the domain to 'point' to our server
<kookaburra> I'd recommend using someone else's HOWTOs on them since I'm not going to re-write one here in the channel.
<kookaburra> DNS.
<Dan722> quite.
<kookaburra> http://ubuntuforums.org/showthread.php?t=236093
<Dan722> you rock.
<kookaburra> Now, I don't think anyone in here is averse to helping if you run into problems
<kookaburra> BUT
<kookaburra> rtfm applies.
<Dan722> averse?
<kookaburra> No one in here is against helping you.
<kookaburra> In short - don't ask for help on that's something clearly covered in a HOWTO
<Dan722> alright.
<kookaburra> But if you run into problems don't be a stranger.
<Dan722> so work with what i have until i really get stuck. then come running for help?
<kookaburra> Pretty much.
<kookaburra> Best way to learn is to get yourself unstuck.
<Dan722> alright. will do :P
<kookaburra> If you come back and say "Well on line x of tutorial Y it says to replace IP address z.z.z.z with my IP, what do I put in" you're not going to learn anything
<Dan722> yeah i follow.
<awell> I have installed ebox on my ubuntu server 8.04. What modules are the best to use?
<awell> I have intalled ebox to manage my ubunut server. What modules are best to use?
<Deeps> !serverguide | Dan722
<ubottu> Dan722: The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<Dan722> whenever i change my ip address settings to static, we lose internet connection
<Dan722> any suggestions?
<Dan722> ubottu?
<Dan722> =[
<giovani> Dan722: sounds like the settings you're using are wrong
<Dan722> i have no idea.
<giovani> if they were right, they'd work
<Dan722> i have no idea about any of this.
<Dan722> clearly.
<giovani> well, this is not a place where we can tell you what your IP settings should be
<giovani> you have to go to your ISP, or your Net Admin
<Dan722> yeah i know.
<giovani> or whomever gave you that information
<Dan722> *back to google*
<giovani> no
<Dan722> :P
<giovani> google cannot tell you what your IP settings are
<Dan722> hey google is a diety!
<giovani> it's either your ISP, or your Net Admin
<giovani> whomever runs your network
<Dan722> don't question it's ability.
<giovani> are you trolling?
<Dan722> i don't do drugs?
<NotToBeNamed> hi - what is easier to monitor and to extend (using lvm): a hardware-based raid5 or a software-based?
<ircmaxell> Anyone have much luck with IBM serveRaid controllers?  I can't get more than about 1MBps to a 1E0 6 drive array in anything but Centos/RHEL (I get about 80MBps on Centos)
<giovani> well ... you probably want to look into what driver centos/rhel is using
<giovani> clearly it's gonna be a driver issue
<ircmaxell> Fair enough, I was just shocked at such a big difference (FreeBSD couldn't exceed 128kbps)
<giovani> well did you even go to IBM to talk about linux drivers? did they supply one?
<ircmaxell> They don't supply drivers except a binary driver for RHEL
<giovani> some hardware out of the box will not play nicely with default drivers
<giovani> well then it sounds like you either need to use RHEL or you need to get better hardware that doesn't limit support that way
<ircmaxell> quite fair enough...  Too bad too, cause these boards are really nice...
<genii> If there is an rpm driver install file, conceivable to use alien to convert the package
<ircmaxell> I'll look into it...
<ircmaxell> Thanks for the direction...
<giovani> gets messy if the kernel is much different
<giovani> but yea
<storrgie> just configured a server, i was going to use webmin... but if i remember right there is something new that works right with ubuntu from the repos
<storrgie> anyone know what it is?
<JanC> ebox
<JanC> webmin is icky
<storrgie> is it FOSS?
<storrgie> its broken in 8.10?
<storrgie> how would I add the key through command line?
<axisys> i have two interfaces. so to avoid i turn off router option on dhcpclient.conf file .. now to add default gw I added this for one of the interface in interfaces file like this "post-up 'route add default gw 192.168.1.1 dev eth1'" but that did not add the gw.. is my syntax wrong?
<axisys> to avoid two default gw that is
<giovani> axisys: you don't put '' around the post-up command to run, afaik
<giovani> it's just "post-up commandlinehere"
<giovani> but read the manpage
<axisys> man interfaces dont have quotes either.. thnx .. let me retry
<axisys> cool! that worked.. thnx
<axisys> how do I make a virtual interface out of two physical interface ? so I get increase bandwidth and redundancy .. in solaris i just say dladm create-aggr -d eth0 -d eth1 1 and the aggr1 is the my interface
<giovani> it's called nic bonding
<giovani> google
<axisys> giovani: ok .. terminology is my first barrier :-)
<giovani> it's called that on most OSes :)
<giovani> bsd/linux/and I've seen it mentioned in solaris as well
<giovani> or nic teaming sometimes
<axisys> giovani: this looks really simple http://koo.fi/tech/2008/08/02/nic-bonding-with-ubuntu/
<giovani> yep, it's not complex
<giovani> but you should understand the different bonding modes
<axisys> so this is giving me redundancy only or increased bandwidth as well ?
<giovani> read above
<axisys> giovani: :-)
<giovani> http://www.kernel.org/pub/linux/kernel/people/marcelo/linux-2.4/Documentation/networking/bonding.txt
<giovani> good mini tutorial -- near the end it explains the different modes
<giovani> wtf is wrong with this table
<giovani> it randomly decides to not recognize the hard drive
<giovani> tablet*
<axisys> giovani: so ubuntu runs on tablet ?
<giovani> ubuntu is just a distribution
<giovani> a tablet is just a formfactor
<giovani> so ... the answer is yes, but why wouldn't it?
<axisys> giovani: i like that answer.. i am going to use that .. hehe
<giovani> ?
<giovani> the point being, other than a touchscreen, there's zero difference between a laptop and a tablet
<axisys> giovani: so touchscreen works?
<giovani> with some work, yes
<giovani> but once again, because ubuntu is just a distribution, driver availability isn't specific to ubuntu, so, it's more of a linux question
<axisys> giovani: did u need to install some specific driver after the initial install? hope my curiosity is not too annoying
<giovani> yeah, but, I don't remember, it was a few years ago, and most of my tablet time is now in Windows 7, because of much better support for handwriting, etc
<giovani> however, I'm sure ubuntu has been working on its tablet support with their MID/UMPC editio
<giovani> edition*
<axisys> giovani: hey i posted a question couple weeks ago on migrating my ubuntu on my laptop to a bigger disk .. https://lists.ubuntu.com/archives/ubuntu-users/2009-February/175206.html
<axisys> giovani: can u comment on any of the steps ?
<giovani> why not just image the drive?
<giovani> and resize the partition
<axisys> i received enough answers .. and so far i am going w/ original steps and may be archiving the /etc dir as well and restore from there..
<axisys> i have no space to save a 40gb disk image
<giovani> haha
<giovani> are you using 40GB?
<axisys> giovani: nah ... http://pastebin.com/f3552b9ff
<giovani> archiving the etc directory? oh boy, you just want to mess up your file structure
<axisys> giovani: not restoring .. but pick stuff from there..
<giovani> yeah, this just sounds like a mess, but ok
<axisys> giovani: :-( .. i guess i should then by a usb to ata cable and hang the new disk from my laptop ?
<axisys> s/by/buy/
<giovani> how would that help?
<axisys> giovani: that way push the whole disk content thru usb to new disk
<giovani> but that's not the issue
<axisys> new disk is 250gb
<giovani> do you not have other computers or something?
<axisys> giovani: i have another computer w/ about 25g avail
<axisys> running ubuntu server
<axisys> on same subnet w/ two network cards ;-)
<giovani> yeah, do this however you like
<giovani> this is why I keep a few TB available as a SAN all the time
<giovani> just dd an image off
<axisys> giovani: i have enough space at work.. i can dump the iso there
<maDChoPR> i have a question regarding bacula ... i'm wondering if it's possible to set up a backup system while my systems are getting dynamic addresses? (even the server gets a dynamic address... currently)
<giovani> maDChoPR: sounds like a question for #bacula
<maDChoPR> yea, i asked earlier and no response.
<maDChoPR> i'll rephrase it though
<maDChoPR> thanks giovani
<giovani> unlikely someone here will know more than there
<uvirtbot> New bug: #336008 in dnsmasq (universe) "dnsmasq postinst fails due to wrong update-rc.d command" [Undecided,New] https://launchpad.net/bugs/336008
<tsrk> How can I see what processes are using the most memory?
<hads> top
<giovani> or even better ... htop
#ubuntu-server 2009-03-01
<temperature> How to enable cpufreq on 8.10 server. "$cpufreq-info" gives " analyzing CPU 7:
<temperature>   no or unknown cpufreq driver is active on this CPU"
<MatBoy> mhh, ubuntu has an old clamav :S
<giovani> MatBoy: distributions don't release instant updates -- the scanner doesn't need to be new ... it's the signatures that do
 * Nafallo wonders how much he'll loose in speed to install a cgi php rather than a module.
<ScottK> MatBoy: What release are you on?
<Nafallo> hardy
<Nafallo> drupal box.
<ScottK> Current clamav is in hardy-backports
<Nafallo> oh
<Nafallo> that wasn't for me :-P
<ScottK> No, that's why I said MatBoy.
<ScottK> ;-)
<Nafallo> yea. just require me reading as well ;-)
 * Nafallo looks at the manually selected packages he have and frowns
<Nafallo> drupal5, php5-cgi, php5-pgsql, postgresql, postgresql-client-8.3
<Nafallo> I should probably check into suphp as well, no?
<Nafallo> god damn postfix... jesus.
<hads> Language
<temperature> anybody any idea why cpu temp raises 10Â° just from upgrading from 8.04 to 8.10 server?
<stainer> there is a bug about temps https://bugs.launchpad.net/ubuntu/+source/linux/+bug/67906
<uvirtbot> Launchpad bug 67906 in linux "CPU Temperature significantly higher in Edgy than in Dapper" [Undecided,Confirmed]
<giovani> Nafallo: what's wrong with postfix?
<lamont> Nafallo: it's called Reverse Polar Notation, not postfix. :-p
<Nafallo> giovani: drupal requires and MTA for whatever random reason ;-)
<Nafallo> lamont: ha! :-P
<giovani> why on earth would you use drupal?
<giovani> it's awful
<Nafallo> lamont: I wanted to ask you about something anyway!
<Nafallo> giovani: because my customer wants it.
<giovani> get better customers
<Nafallo> lamont: still around?
<giovani> or convince them not to use it
<Nafallo> giovani: *shrugs* do not care.
<temperature> anybody know how to get coufreq running on 64-bit xeons? Other than recompiling the kernel I find no answer through google.
<giovani> temperature: referencing https://bugs.launchpad.net/ubuntu/+bug/163398 ?
<uvirtbot> Launchpad bug 163398 in linux "CPU Frequency Throttling not working on Xeon EM64T" [Undecided,New]
<giovani> seems it's just passed down from the debian kernel -- since there's a debian bug for the same problem
<temperature> ....
<giovani> enough people have confirmed it that it's clearly just a bug ... either wait for it to get fixed, or, like you said, compile your own kernel
<ScottK> giovani: We don't get our kernel from Debian.
<giovani> ScottK: kernel patches aren't copied from debian at all?
<ScottK> It may be from time to time, but Ubuntu takes it's kernel from upstream directly.
<ScottK> We're generally on a newer version of the kernel than they are.
<giovani> newer than what's in sid?
<giovani> anyway, it's here in debian as well: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489058
<uvirtbot> Debian bug 489058 in linux-2.6 "2.6.25-2-amd64: acpi_cpufreq won't load on Xeon E5420" [Normal,Open]
<giovani> the official cpufreq site states xeon support from what I can tell -- so it seems odd the same bug would be present in both if it's not an upstream bug
<giovani> just what I could find, do with it what you will :)
<ScottK> Could be an upstream bug in common.
<lamont> Nafallo: sup?
<lamont> bouncing back and forth
<Nafallo> lamont: on the master dns server. I can use the same database file for multiple zones, right? :-)
<Nafallo> lamont: it's the same data in them anyway :-)
<lamont> same file?
<lamont> see named.conf.local in the deb. :-p
<Nafallo> lamont: same zone file :-)
<lamont> all rfc1918 zones share 'db.empty'
<Nafallo> ah. fair enough :-)
<temperature> well... I mean, it`s not like it`s some stupid GUI bug...
<Nafallo> haha
<Nafallo>  :-)
<Nafallo> I actually have to repoint .com for this customer to another zone file because .com doesn't love my ns1 under .net ;-)
<lamont> huh?
<Nafallo> the registrar didn't recognise ns1.magicalforest.net for some reason, so I named it ns1.magicalforest.se and everything got happy ;-)
<lamont> ah, that's simple: bitchslap the registrar
<Nafallo> :-P
<lamont> I mean, send them a nice request saying "my nameserver is ns1.magicalforest.net, please make that work. kthx"
<Nafallo> not even sure what upstream registrar fasthosts use :-/
<lamont> dead serious about the concept
<lamont> your registrar
<lamont> the one what you're paying money to.
<Nafallo> hehe. I'll tell my customer ;-)
<lamont> dig ns mmjgroup.com <-- I had to tell my registrar to make the .no host happy
<Nafallo> gaah. your damn domains just remind me I'm lacking IPv6 still :-P
 * Nafallo slapped a one-liner in terms of xhtml ;-)
<lamont> giggle
 * lamont goes back to the movie
<AJ247> is ther a minimalist DM for ubuntu running 640MB ram?
<hads> DM?
<giovani> hads: Desktop Manager, I presume
<giovani> AJ247: XFCE is widely chosen for being pretty lean, yet featureful, and not "ugly" like many people feel options like fluxbox are
<giovani> xubuntu packages XFCE automatically, of course you can install the packages on another install
<hads> screen :)
<AJ247> giovani: yes.
<giovani> AJ247: is something like XFCE what you're looking for?
<AJ247> Yes. XFCE will be fine.
<AJ247> how do i install on ubunut-server?
<giovani> AJ247: the easiest way would be to 'sudo apt-get install xubuntu-desktop'
<AJ247> Alrihght.
<giovani> which will essentially "convert" your minimalist server install to a full xubuntu install
<giovani> you can, however, install individual xfce packages manually if you want
<giovani> in the future, you can do a xubuntu install initially using this: http://www.xubuntu.org/
<AJ247> Well, i only have 640MB installed, so im looking for performance
<giovani> is this system to be used as a server, or as a desktop?
<AJ247> Server
<giovani> then why do you want a graphical interface?
<ScottK> But help with dealing with Xfce is OT here.
<giovani> there's no advantage on a server install
<AJ247> to easily manage via command line
<hads> huh?
<giovani> AJ247: I recommend you look at remotely managing your server via ssh from a desktop -- it'll give you the option of virtual terminals within a gui -- without bloating your server
<AJ247> i have, im using putty.
<giovani> then that's the best way to manage your server -- do not install a gui of any kind
<AJ247> well i was just thinking if it would be best to do so, thank you.
<giovani> ok, the answer is definitely not :)
<giovani> good luck
<AJ247> lol
<AJ247> ?question,
<AJ247> do you know how to clear mbr from a hard drive?
<giovani> be careful, but dd if=/dev/zero of=/dev/XXX bs=512 count=1
<giovani> replace XXX with your HD device
 * giovani &
<AJ247> k.
<mrUnagi> can anyone help me with info on vpns?
<twb> giovani: that will kill the partition table, too
<twb> giovani: you want bs=446 or so
<mrUnagi> =/
<JanC> twb: as the partition table is part of the MBR, that shouldn't be a surprise  ;)
<giovani> twb: yeah ... MBR = 512
<Deeps> a lot of people dont realise the partition table is part of the MBR
<Deeps> the kind of people that would ask in here, for example, may not realise that
<danny723> anyone home?
<giovani> danny723: plenty, as you can see
 * lamont has been home for about 2 hours
<danny723> hello
<twb> JanC: well sure, but I'd want the reader to be sure they wanted to blow away the partition table, and not just the bootloader.
<uvirtbot> New bug: #336153 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.67-0ubuntu6 failed to install/upgrade: il sottoprocesso pre-installation script ha restituito un codice di errore 1" [Undecided,New] https://launchpad.net/bugs/336153
<substr> hi, is ubuntu-9.04.2-server stable enough to use it in a soho environment?
<twb> substr: there's no simple answer to that question.
<twb> substr: by stability, do you mean "will it crash", or "will it receive feature updates (which tend to introduce bugs)", or "can I 'deploy and forget' in three-year cycles" or something else?
<twb> Are you comparing it to, say, Microsoft SBS, or Debian, or OpenBSD?
<twb> *I* wouldn't be too worried about an Ubuntu server, but the guy who sits next to me worries because (unlike RHEL) Ubuntu doesn't have a "proven track record" in the server space, and Canonical clearly places first priority on the desktop.
<twb> ...but then I have enough Debian experience to fix most issues I encounter.
<cemc> any good bittorrent tracker in ubuntu hardy?
<substr> twb: sorry, I was away when you answered..
<substr> well.. my first task is to set up a small fileserver. later on it might also get used as database server and whatever will be needed further on
<substr> thinking about which distibution to choose, my first ifea was gentoo because its very tiny.. but even hard to setup
<substr> next idea was kubuntu, because im using it on my workstation and its very fast and easy to setup... but due to the old hardware I actualy got its running very slow
<substr> (i tried with the live-cd)
<substr> so im looking for something thats not too hard to setup and even small enough to run on crappy hardware
<gkahla> anyone know if Alfresco's compatibility issues will be fixed with 9.04 server edition?
<gkahla> or, for that matter, what the exact compatibility issues are?
<gkahla> Alfresco won't work on 8.10
<danny723> hey guys
<sozob> help...I am new to server...I just installed ubuntu x64 and I really wanted gnome..just no games/gimp/openoffice/etc. Is there a good way to add gnome/synaptic/gpanel-goodies to the ubuntu server?  I am going to add virtualbox to the machine so I will need all that stuff.  I also want to add firefox..but that is about it....Thank you.
<giovani> sozob: you can install the individual packages
<giovani> but there's no easy metapackage that won't install the other utilities you'd like to avoid
<Deeps> and it's also off topic, GUI related stuff is best asked in #ubuntu
<sozob> darn...thanks...
<giovani> well, but the question is in reference to a server install, and adding packages to it?
<giovani> but ok
<sozob> thats why I tried here
<sozob> ;)
<ScottK> giovani: Once you talk about Gnome, you aren't talking about Server.
<ScottK> err sozob...
<sozob> theres lots of services that a server could be used for that would need a gui....
<giovani> sozob: not really
<sozob> websphere has a gui
<giovani> that's required?
<giovani> just because a product offers a gui doesn't mean that it's recommended
<sozob> all the installs I've done require it
<sozob> no matter the os
<giovani> and what graphics toolkit does it use?
<sozob> well it uses java, which uses....
<giovani> what a mess
<giovani> use rhel then
<giovani> they like guis on their servers
<sozob> no...I like ubuntu
<sozob> ;)
<sozob> no worries, I will get it going...I may be better off starting at desktop...yuck!!!!
<giovani> well you can install a gui on top of ubuntu server ... but nobody here recommends it
<sozob> i am sure you don't
<sozob> i don't either
<sozob> but there are occasions
<Deeps> recommended or not, GUIs are outside the scope of this channel, and you're better served asking in #ubuntu
<sozob> wonder if the server kernel will play nice with all that "desktop"ish stuff on it....any ideas
<danny723> sup
<slogger_> hi, I installed ubuntu server 8.10 yesterday, added bare minimum X to system so I could look stuff up on websites while configuring
<slogger_> The groups listed for my user by the id command are different depending on whether I'm logged in a VT or a gui.
<slogger_> Namely, under GUI, my membership in the group 'users' is not recognized
<slogger_> While it is from the VT terminals
<slogger_> http://ubuntuforums.org/showthread.php?t=1083539
<Deeps> slogger_: GUI related issues are off topic here, and are best served in #ubuntu
<slogger_> okay, I thought it might be related to using server version, but I'll check #ubuntu, though they usually just post links to stupid wiki pages I've already looked at.
<Noah0504> Should I take the time to upgrade my server box from 256MB of RAM to 512MB?
<giovani> Noah0504: if you want to, sure
<Noah0504> Well, I have the RAM, but don't really feel like pulling it out.  Ha.  I know last night it stopped responding to the network.  It's headless, so I don't really know what was happening.  I did have rTorrent running though.  I thought maybe it was a RAM issue and it wasn't liking life.
<giovani> sigh ... well, nobody here has a magic 8 ball
<giovani> so that's simply up to yo
<giovani> you*
<Noah0504> Ha.  Perhaps I was just looking for the motivation.
<Noah0504> :)
<cemc> Noah0504: run a memtest
<yann2> nijaba > thx for rabbitmq in jaunty, very good idea :)
<uvirtbot> New bug: #336368 in mysql-dfsg-5.0 (main) "E: /var/cache/apt/archives/mysql-server-5.0_5.0.67-0ubuntu6_amd64.deb: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/336368
<Derander> I've completely borked up my mysql install to the point where I want to start over completely.  Is there a way to get aptitude to reinstall the original test & mysql tables?
<MatBoy> what are you guys doing with dcc on intrepid ? it's not in there anymore ofcourse
<giovani> not using it
<giovani> although it is odd, unless there's a specific reason that it's disappeared
<giovani> oh, I see -- it's a security issue
<Davedan2> what are ppa packages and is it safe to use them? for example: https://launchpad.net/~onestone/+archive/ppa
<giovani> Davedan2: Personal Package Archie
<giovani> Archive*
<cemc> Davedan2: https://help.launchpad.net/Packaging/PPA
<giovani> they're totally unsupported by ubuntu, they're packages built by the user you see in the url, use them if you like, but, they're "unofficial"
<cemc> maybe not the best link...
<Davedan2> giovani: thanks. ubuntu packages are great but sometime take months to get updated... :(
<giovani> Davedan2: there are reasons behind those policies, newer software often introduces new, untested code, with a higher probability of security vulnerabilities in it
<giovani> it's a delicate balancing act -- you have to decide what risks you're comfortable with
<Davedan2> ok
<giovani> as a general rule of thumb, unless you need a feature/bugfix that's only present in the newer release, there's no good reason to be using a newer release
<Davedan2> giovani: I developed a module that works with the newer release but didn't know it'll take months to have a package
<giovani> Davedan2: most distributions use a policy of only fixing bugs once there's a release
<giovani> since there's a release every 6 months in Ubuntu (roughly) ... the software is usually pretty new
<Davedan2>  giovani: so maybe I can count on jaunty
<giovani> you can look up what upstream version is in use in jaunty
<giovani> what package is this?
<MatBoy> giovani: ok :)
<Davedan2> ejabberd
<Davedan2> on Jaunty it is the latest
<MatBoy> giovani: I thought it was a "closed source" issue
<giovani> MatBoy: ah, did the license change? I found reference via google that it was related to a bugfix that couldn't be backported
<giovani> (at least for debian)
<giovani> dantalizing: intrepid includes 2.0.1 -- seems quite new to me
<MatBoy> so it should also for ubuntu I guess in that case
<giovani> err, Davedan2
<MatBoy> intrepid also includes the new clamav... finally :)
<giovani> Davedan2: the newest release is 2.0.3 which jaunty does include, yes
<giovani> you wrote a module that will only work with 2.0.3 but not 2.0.1?
<Davedan2>  giovani: yes
<giovani> heh
<giovani> ok
<giovani> maybe you'd be better off running a source-based distro :)
<Davedan2>  giovani: I'll build it from source and use the package when Jaunty is up. probably take some months
<giovani> jaunty is up
<Davedan2>  giovani: thanks
<giovani> it's in alpha
<giovani> you can try to use the package -- but be ready for potential dependency messes
<Davedan2> giovani: from experience using alpha means alot of truble
<MatBoy> giovani: source based ?? man gentoo suck big time... perios
<MatBoy> *period
<giovani> MatBoy: not if you want the absolute newest versions of everything -- then it's quite ideal
<giovani> or desire a lot of fine-grained control
<MatBoy> hehe, fine-frainded ? we don't live in the 386 time anymore :)
<MatBoy> bleeding edge :S
<giovani> I know a number of enterprises using gentoo in large clusters
<giovani> they see benefit in it
<MatBoy> I also... hyves
<giovani> and their admins are not inexperienced in the least
<MatBoy> with 2200 servers :S
<Davedan2> but we live in the web 2.0 times...
<MatBoy> hehe
<giovani> Davedan2: ... what does web 2.0 have to do with anything?
<giovani> "bleeding-edge" is relative
<MatBoy> not with gentoo
<giovani> many upstreams do a lot of careful bug-checking before releases -- many do not
<MatBoy> whole gentoo is bleeding edge
<giovani> you can't generalize
<Davedan2> giovani: everything moves fast so you can't wait 6 months for a package when a new feature is already out
<giovani> it's all dependent on the upstream
<MatBoy> nah, not really
<giovani> yep
<giovani> for all of our security software (read: snort), we HAVE to have the latest, yesterday bug fix
<MatBoy> version issues between packages are not upstream dependent
<giovani> so, we make our own packages
<MatBoy> hehe, how relative is that ?
<MatBoy> making a deb is not difficult at all :D
<MatBoy> rpm the same
<giovani> how relative?
<giovani> who said it was difficult?
<giovani> maybe you're misunderstanding me
<MatBoy> yes, all people that say "we make our own packages" most of the time say this because they think everyone uses debs because they can't install a system
<giovani> all people that say?
<giovani> you need to learn to stop generalizing
<MatBoy> no reallyu
<MatBoy> not here in general;
<MatBoy> but centos is like it
<MatBoy> gentoo
<MatBoy> uhm
<MatBoy> the users there :)
<MatBoy> in #vmware we don't even support gentoo :)
<MatBoy> bbl.. need to fix an issue
<cemc> what's the correct way to change the editor crontab -e uses?
<cemc> the default is nano on my Hardy but I would like vi
<cemc> man says the $EDITOR or $VISUAL gets used, or if those aren't defined, /usr/bin/editor is used (which is a symlink to /etc/alternatives/editor -> nano)
<MatBoy> cemc: just edit crontab with vi ?
<cemc> I could do that, of course. but I would like to try the correct way :)
<cemc> with crontab -u <user> -e
<MatBoy> ah ok
<MatBoy> you need to do it for users
<MatBoy> mhh
<MatBoy> I like nano so much :)
<cemc> yep. not the main /etc/crontab
<MatBoy> aha, sounds logical
<cemc> ok, I've got it
<cemc> update-alternatives --config editor
<MatBoy> :)
<MatBoy> ah nice
<cemc> and you can select from the available installed editors
<MatBoy> aha :)
<MatBoy> hehe, I'm figuring out how to use amavis using mysql
<MatBoy> :S
<cemc> ;)
<cemc> maybe you wanna try maia mailguard
<cemc> = amavis + spamassasin + mysql + some web gui to manage it
<MatBoy> no, no maia !!
<MatBoy> ouch
<cemc> ;)
<MatBoy> webavis is nicer
<MatBoy> but, I can't find any docs how amavis pulls it's info from a db
<MatBoy> amavis already runs
<hads> If you want it system wide then update-alternatives, per user then use the VISUAL/EDITOR env vars
<twb> Of course, you don't need antivirus scanners in the first place unless you have Windows users...
<cemc> MatBoy: http://www.ijs.si/software/amavisd/README.sql.txt - maybe this will help ?
<MatBoy> cemc: that might do :)
<MatBoy> even google didn't came up with that !
<MatBoy> thanks !
<Davedan2> when building a software from source using ./configure, make, make install    do I need to be root and use sudo ?
<cemc> Davedan2: I think you only need to be root when doing 'make install', and only if you're installing somewhere a normal user does not have write access to
<ScottK> Davedan2: It generally works out better if you learn enough to package stuff for yourself so you can use the packaging system even for self done stuff.
<Davedan2>  cemc: is it better to create a package locally instead with sudo checkinstall -D make install
<Davedan2> sudo dpkg -i packagename.deb
<Davedan2>  ScottK: how do you package a source?
<ScottK> That's a whole discipline of it's own.
<ScottK> !packagingguide
<ubottu> The packaging guide is at http://wiki.ubuntu.com/PackagingGuide - See https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages for information on getting a package integrated into Ubuntu - Other developer resources are at https://wiki.ubuntu.com/UbuntuDevelopment - See also !backports
<ScottK> Has information on it.
<Davedan2> thanks
#ubuntu-server 2010-03-01
<Maletor> How could I set up Ubuntu as a SIP server (for VOIP phones)?
<persia> asterisk seems the popular solution these days.
<twb> There's that other one that isn't asterisk, too
<twb> I forget the name
 * persia also, perhaps indicating it's not as commonly used :)
<twb> It's allegedly less annoying to set up
<twb> I have a feeling it has "net" or "open" in its name
<persia> "ser" perhaps?
 * persia is just reading through the output of `apt-cache search sip`
<twb> persia: no debtags?
<persia> I don't tend to use debtags myself.
<persia> I suspect they would be useful for stuff like this :)
<twb> aptitude search ~Gvoip
<persia> sipwitch can be a server, but I think only a peer server.
<twb> None of the matches ring a bell
<persia> One might also ask in #ubuntu-voip, but I know they have a spec this cycle to make asterisk good, so the advice may not be very different.
<twb> Haha "what are the deliverables for this project?" "We want it to SUCK LESS." "Sigh."
<persia> twb: http://www.mutt.org/
<twb> persia: hmm?
<twb> Oh, their motto
<persia> Yes.  I suspect your quotes are a reference to that (either directly, or through cultural osmosis)
<twb> Actually I was quoting ok-cancel.com
<persia> And I believe that ok-cancel.com was (directly or indirectly) quoting mutt.org :)  It's a good meme, and 15 years is a long time.
<persia> Anyway, doesn't matter :)
<twb> Well, the joke -- which mutt didn't understand -- is that there's no rational metric for suckage, so you CAN'T make it a deliverable or a requirement.
<persia> rationality is overvalued :p
<twb> (Which isn't to say that I don't use and like mutt.)
<Maletor> How do I get my ubuntu box to run an SIP server so that I can use VOIP?
<twb> Maletor: did you hear any of the discussion before you timed out?
<Maletor> No.
<uvirtbot> New bug: #529785 in krb5 (main) "package libkrb5support0 1.7dfsg~beta3-1ubuntu0.3 failed to install/upgrade: la subprocezo dpkg-deb --control liveris eraran elir-staton 2" [Undecided,New] https://launchpad.net/bugs/529785
<zroysch>  /dev/md2: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
<zroysch> this is very bad?
<twb> zroysch: that would depend on what's inconsistent
<twb> zroysch: pastebin the lines above that
<zroysch> http://pastebin.ca/1816369
<zroysch> i think im not gonna have much if any data left after this is over
<twb> zroysch: that error alone isn't too serious -- I'd take it as meaning you might have lost on directory tree worth of stuff -- as long as it's not something like /etc/
<persia> And some of the stuff may well end up in lost+found after fsck -y
<MatBoy> not nice, my hylafax modem does not pickup
<zroysch> mine still do
<jeeves_Moss> are there any good alts for an on-line streaming media server other than Ampache?
<Sam-I-Am> icecast?
<jeeves_Moss> Sam-I-Am, any others?  I was reading along, and it looked like Ampache was the best choice, but the interface sucks, and it won't let me get the album art, etc
<jeeves_Moss> icecast does streaming?
<persia> Isn't that all it does?
<jeeves_Moss> yes, but it sucks.
<jeeves_Moss> I've got over 12,000 MP3s, and I want to be able to stream it to my work PC
<twb> There's that daemon that mimics an Apple thing, with all those security bugs
<Sam-I-Am> i used icecast long ago... it worked fine
<twb> mt-daapd?
<twb> I suspect that'd be more betterer
<jeeves_Moss> ok, as I said, my biggest things are a web interface with a web stream, and the ability to get the album art, etc
<twb> AIUI mt-daapd allows your client to see music stored on another machine, and then play it locally in any order
<twb> Whereas a true stream would require you to ssh into the other box in order to generate playlists and such
<jeeves_Moss> twb, I can't install ANYTHING on the work PCs though
<twb> I see.
<jeeves_Moss> twb, I'd like a true web interface for everything
<twb> If I were you, I'd just boot a live CD/key on your office machine.
<twb> And if that wasn't allowed, I'd bring my laptop.  And if THAT wasn't allowed, I'd go work somewhere else
<jeeves_Moss> twb, I would like to use it for testing on client systems
<persia> twb: There are options beyond those :)
<twb> hand waving
<jeeves_Moss> twb, lol, I'm the managed services manager, so I get free reign of the network, but......  I have to look like I'm playing "by the rules"
<twb> What, you allow PHBs into your office?
<jeeves_Moss> PHBs?
<twb> No bucket of whitewash balanced over the door?
<jeeves_Moss> lol,  no one dares to venture into my basement, and to even touch the "rack" is an unspoken rule
<Harrison_> im having some trouble setting up a mail server, I just did a fresh install, and installed the postfix-dovecot package. i can receive mail with my mail client, and send within the domain, just not to anything out of it...
<Roxyhart0>  i need to setting ip tables to use the port 25 just for emails, somebody know how to do that? because some viruses are using port 25
<jeeves_Moss> I'm getting "icecast2 daemon disabled - read /etc/default/icecast2." right now, any ideas?
<genii> jeeves_Moss: There's a line in the config file to comment out, it is disabled by default
<jeeves_Moss> genii, do you recall the line?
<genii> jeeves_Moss: ENABLE=true    is what it needs to be
<jeeves_Moss> genii, I think I did that already
<genii> jeeves_Moss: I don't currently have it installed here to double-check, etc. But I remember it was a pain to get going right off, the config file change was confusing. There may also be some xml file to mess with
<jeeves_Moss> genii, ok, thanks.
<genii> jeeves_Moss: Maybe check http://sudosys.be/?q=icescast2_ices2_audio_streaming_server
<jeeves_Moss> genii, thanks
<jeeves_Moss> genii, irony is that I'm looking @ that page already!  LOL
<genii> Heh!
<jiboumans> good morning
<hagedorn__>  hello, http://pastie.org/847460 ... have a configuration problem... i am a bit confused about the ports of dkimproxy exim etc,  please have a look: /usr/local/bin/dkimproxy.out: socket connect failure: Connection refused,   R=dkimproxy T=dkimproxy_smtp defer (-53): retry time not reached for any host
<hagedorn__> hallo, ich hab nen exim4 +  dkimproxy  problem und der exim channel hÃ¤lt ubuntu nicht  fÃ¼r nen betriebsystem :(  , http://pastie.org/847460 ... habe denke ich eine konfigurationsfehler ..  schaut mal hier bitte :) : /usr/local/bin/dkimproxy.out: socket connect failure: Connection refused,   R=dkimproxy T=dkimproxy_smtp defer (-53): retry time not reached for any host
<persia> !de
<ubottu> In den meisten ubuntu-KanÃ¤len wird nur Englisch gesprochen. FÃ¼r deutschsprachige Hilfe besuchen Sie bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Geben Sie einfach /join #ubuntu-de ein! Danke fÃ¼r Ihr VerstÃ¤ndnis.
<persia> But asking in English here may get more targeted server information, if you are able.
<hagedorn__> ups, sorry ... youre right :) maybe aim able...
<hagedorn__> but not able to configure exim4 + dkimproxy on LTS ... have a bit port confusion
<persia> hagedorn__: Everything at http://pastie.org/847460 looks sane to me, although I've never tried to configure that.  Maybe someone else has good ideas.
<swift> hi guys.. i wanna upgrade my ancient ubuntu6.10 edgy to LTS(8.04 hardy)
<swift> is there a way i can do this?
<twb> Via feisty and gutsy, I imagine
<swift> twb?.. feisty is a different version then LTS right?
<Jeeves_> Yes
<swift> ok got it... 3 steps
<swift> edgy-> feisty, feisty->gutsy, gutsy->hardy
<twb> swift: 6.04 was lts, but 6.10 isn't.  Thus, you can't upgrade in one go (lts to lts)
<persia> twb: 6.06
<persia> swift: You may find http://old-releases.ubuntu.com/ useful along the way
<twb> Yeah, sorry
<persia> No worries.  It was a while back, and would have been 6.04 if we had the experience we have now :)
<uvirtbot> New bug: #530000 in qemu-kvm (main) "mono assembly installation under qemu-arm-static hangs" [Undecided,New] https://launchpad.net/bugs/530000
<zul> morning
<pmatulis> morning
<coffeedude> fal
<Omahn> soren: Do you need any testing of lxc container builds in vmbuilder?
<lolovdb> hi all
<lolovdb> anyone know something about this error ?  "Panic: Early exception 0e rip 10:ffffffff818c8a32 error 0 ........" ? i try to install ubuntu server 9.10, i tried 10.04 alpha3 but same error
<Omahn> stgraber: Does a release of vmbuilder exist with lxc support? It doesn't appear to be listed under the supported hypervisor list in the release or copies on LP.
<Omahn> lolovdb: Is this a physical machine or virtual one?
<lolovdb> physical
<stgraber> Omahn: it's marked as supported by ubuntu-vm-builder on the spec
<Omahn> lolovdb: I would check the hardware first then before proceeding any further, try memtest86+
<Omahn> stgraber: Yeah I spotted that but I can't find any reference to it in the released version of the bzr repo.
<lolovdb> ok thanks i will try :) thx for answer
<lolovdb> i have some error during the memtest86+
<Omahn> lolovdb: That's your problem then :-)
<lolovdb> the memory is bad?
<Omahn> lolovdb: Correct. If you have more than one stick of RAM you could try systematically testing each stick until you find the dud.
<stgraber> soren: ^
<soren> stgraber: Right. Erm... "vmbuilder kvm ubuntu --only-chroot" would be a good start.
<lolovdb> thx a lot Omahn
<stgraber> Omahn: ^
<Omahn> lolovdb: No problem.
<Omahn> stgraber, soren: I'll give that a go now.
<zroysch> what does it mean when you fsck a partition, it finishes, it tells you its really messed up and you have to do it manually, so you do it manually, put a cd spindle on the enter key all night and it finishes, then you go to mount and it still says mount: wrong fs type, bad option, bad superblock on /dev/md2,
<hyperlinx> cannot install a the LAN driver "intel e1000e" on ubuntu 8.04 server edition
<zroysch> /dev/md2: clean, 121548/122101760 files, 298355433/488381248 blocks
<zroysch> when i try to fsck again
<zul> happy happy joy joy
<nucking> hey everyone, can anybody recommend a good gigabit lan nic that will definitely work with ubuntu and doesn't cost too much?
<stgraber> nucking: go with Intel e1000 based network cards though most gigabit network cards will work
<nucking> not the one i have =/
<nucking> can you name an intel e1000 based nic?
<nucking> oh, has to be pci
<uvirtbot> New bug: #529451 in thunderbird (main) "package postfix 2.6.5-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/529451
<Omahn> soren: Are you planning on vmbuilder generating an LXC config file?
<soren> Omahn: If you can show me what it looks like, I can probably add it quite easily.
<Omahn> soren: http://blog.bodhizazen.net/linux/lxc-configure-ubuntu-lucid-containers/
<Omahn> soren: Under the 'Generate a config file' entry
<soren> Omahn: Can you add a bug against vmbuilder (the upstream project) about this? I use that as a TODO list.
<Omahn> soren: np.
<kirkland> TeTeT: glad to have you on board ;-)
<TeTeT> kirkland: no problem, happy to help. just setting up bug 442598
<uvirtbot> Launchpad bug 442598 in qemu-kvm "'qemu-img snapshot' crashed, corrupting disk image" [Medium,Triaged] https://launchpad.net/bugs/442598
<kirkland> TeTeT: cool, thanks
<zroysch> what does it mean when you fsck a partition, it finishes, it tells you its really messed up and you have to do it manually, so you do it manually, put a cd spindle on the enter key all night and it finishes, then you go to mount and it still says mount: wrong fs type, bad option, bad superblock on /dev/md2,
<netrat> zroysch, what device are you trying to parition?
<zroysch> netrat: not trying to partition it
<zroysch> just trying to get the data
<zroysch> its a 3 drive raid5
<netrat> zroysch, what filesystem? ext3?
<zroysch> yes
<zroysch> though i think it got demoted to ext2
<netrat> zroysch, what is the output of mdadm -D /dev/md2
<zroysch> [79278.375224] ext3: No journal on filesystem on md2
<zroysch> http://pastebin.ca/1817312
<pmatulis> re tomcat6-mod_jk-apache2 with SSL, we use mod_ssl and this module is built-in with apache2?  any specific pitfalls to watch out for?
<zroysch> netrat: does that help?
<TeTeT> kirkland: looking for bug 450309 on second laptop
<uvirtbot> Launchpad bug 450309 in qemu-kvm "assertion failure when using i82551 network card emulation" [Medium,Triaged] https://launchpad.net/bugs/450309
<hggdh> soren: do you have the test configs you used for the automated server tests?
<TeTeT> kirkland: the -vga std option seems to be broken now completely
<alex88> if i have a vps with multiple ip on eth0 how can i set that program to use another ip when connecting somewhere?
<alex88> ok i've found...
<uvirtbot> New bug: #515723 in openssh (main) "package openssh-server (not installed) failed to install/upgrade (Erreur de segmentation)" [Low,Incomplete] https://launchpad.net/bugs/515723
<kirkland> TeTeT: yeah, agreed, i see that broken here too
<kirkland> TeTeT: i'll try to get aliguori's help on it tomorrow
<kirkland> TeTeT: do you have that bug # handy?
<TeTeT> kirkland: there are two bugs on -vga std, bug 513273 seems to be best match
<uvirtbot> Launchpad bug 513273 in qemu-kvm "kvm with -vga std give error and do not works" [Low,Confirmed] https://launchpad.net/bugs/513273
<TeTeT> kirkland: I'm calling it a day, as I will start my day during your night, if you want me to test anything, look into something, drop me an email.
<kirkland> TeTeT: great, thanks!
<kirkland> TeTeT: happy to have your help
<TeTeT> bye
<mathiaz> kirkland: hi!
<mathiaz> kirkland: how is the bug fest going?
<uvirtbot> New bug: #530107 in bind9 (main) "Please sync bind 9.7.0.dfsg-1 from debian" [Undecided,New] https://launchpad.net/bugs/530107
<kirkland> zul: hi
<zul> kirkland: hey
<kirkland> zul: https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/514883
<uvirtbot> Launchpad bug 514883 in qemu-kvm "dialog-based applications seem sluggish" [Low,Incomplete]
<kirkland> zul: any chance you can try what I suggested in comment #3?
<kirkland> zul: and post your results to that bug?
<zul> kirkland: sure when I get a chance
<kirkland> zul: thanks, dude
<kirkland> zul: btw, congrads on that hockey win yesterday ;-)
<zul> thanks
<mjeanson> kirkland: if you need help testing something, drop me a line
<kirkland> zul: i don't even like hockey, but i was excited with that goal with 24 secs left :-)
<zul> kirkland: i was more excited about the goal in overtime ;)
<kirkland> mjeanson: howdy!
<kirkland> mjeanson: can you look at https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm and test any bugs that you care about on an up-to-date Lucid system?  adding notes where you can and can't reproduce them?
<kirkland> zul: i'm sure you were :-)
<kirkland> zul: i told kim, "Boy, I bet Chuck is excited right now :-)"
<uvirtbot> New bug: #530223 in irqbalance (main) "package irqbalance 0.55+20091017-3ubuntu2 failed to install/upgrade: subprocess installed post-installation script killed by signal (Interrupt)" [Undecided,New] https://launchpad.net/bugs/530223
<mjeanson> kirkland: at least half the country was really excited ;)
<kirkland> mjeanson: heh!  was a really exciting game
<uvirtbot> New bug: #530235 in munin (main) "wrong start condition in upstart job" [Medium,Triaged] https://launchpad.net/bugs/530235
<jronnblom> lucid alpha3 seems to be missing a driver for the new DELL PERC card H200 and H700/H800
<jronnblom> should use the mpt2sas driver
<RoAkSoAx> kirkland,  bug 471765 in karmic still exists
<uvirtbot> Launchpad bug 471765 in qemu-kvm "Karmic: Desktop Host machine sound dies when guest is running sound" [Medium,Fix released] https://launchpad.net/bugs/471765
<nucking> hey everyone, i just installed a new nic in my little server and i wonder how i can update the drivers
<nucking> looks like eth1 is not being recognized
<jevidl> nucking: what kind of nic is it?
<nucking> some intel pro something
<nucking> gigabit lan
<nucking> when i do ifconfig the eth1 doesn't show up
<jevidl> nucking: that could just mean that it is unconfigured. What happens if you do 'ifconfig eth1'
<nucking> device not found
<jevidl> ok, can you run "sudo lspci | grep Intel" and paste the output into paste.ubuntu.com and then paste a link to the post here?
<nucking> ugh
<nucking> the problem is i can't access the internet other than from this cli
<nucking> and i'm not that good with "pasting" stuff in the cli *blush*
<jevidl> ok, well, does this machine have more than one nic in it?
<nucking> yup
<nucking> the inner one is the new one
<jevidl> are they both intel?
<nucking> i just did your command and 2 showed up
<nucking> but one is a controller
<nucking> i mean, one is an ethernet controller
<nucking> the other one is a network controller
<jevidl> ok, that's alright
<nucking> might both be the same
<nucking> i think the onboard one (outer one) is marvel something
<jevidl> is it something like 82540EM Gigabit Ethernet Controller
<nucking> 82541pi
<nucking> that's the ethernet controller
<jevidl> ok
<nucking> before we continue
<nucking> i wanna tell you what i did, i just removed the old asus nic (that caused troubles due to bad drivers)
<nucking> and replaced it with this new one
<nucking> i did not uninstall anything
<nucking> and i only booted the comp 1 time
<jevidl> that shouldn't be a huge thing
<nucking> should i just try rebooting?
<jevidl> It couldn't hurt, is this on a server or a desktop?
<nucking> or should it automatically work on the first boot?
<nucking> server
<jevidl> ok. You usually shouldn't need to reboot
<jevidl> let's see if you have the correct driver loading
<nucking> thanks a lot for your time btw
<jevidl> np. Can you run "lspci | grep em" and see if it returns any lines?
<nucking> a few
<nucking> the first 3 are ram controller
<nucking> or memory controllers
<nucking> and the 4th is an ethernet controller
<nucking> but for realtek
<nucking> i suppose that could be the onboard one and i mixed stuff up
<nucking> i suppose the desktop has that marvel one
<jevidl> ok
<tdn> I tried following this HOWTO: https://help.ubuntu.com/community/Upside-Down-TernetHowTo but when I test it from my other laptop, it cannot connect to any hosts via HTTP. I am guessing this must be a squid problem or something like that. How do I fix this?
<jevidl> nucking: try running sudo modprobe e1000
<kirkland> RoAkSoAx: what about in Lucid?
<nucking> jevidl: nothing happened
<jevidl> nucking: it just returned to a prompt? If so, that means it loaded that module correctly
<nucking> what module did it load?
<RoAkSoAx> kirkland, haven't tested yet, will do this week :)
<jevidl> nucking: try running ifconfig and let me know what interfaces it finds now. hopefully the eth0, lo, and eth1 adapters will show up now.
<RoAkSoAx> i haven't had the time to migrate to lucid just yet
<jevidl> nucking: the e1000 module - it provides support for many intel based nics
<nucking> nope still only eth0 and lo
<jevidl> nucking: sorry, you need to run "ifconfig -a", my mistake
<nucking> looks like i now have eth2
<nucking> =/
<nucking> i've got everything setup for eth0 and eth1
<nucking> =P
<tdn> There is nothing in the logs.
<jevidl> nucking: ok, you may want to reboot and try running ifconfig -a again. I forgot about the -a switch which tells ifconfig to show all adapters even if they are unconfigured. If you don't have an eth2 after rebooting you will need to run "sudo modprobe e1000" again to see if it shows up after that
<nucking> ok i'll try that
<nucking> brb
<nucking> jevidl: alright eth2 is in the list
<jevidl> nucking: without running the modprobe command?
<nucking> yup
<jevidl> ok, sorry for leading you on a bit of a run around. I forgot about ifconfig -a
<nucking> no worries
<jevidl> I am not sure why you get eth2, instead of eth1. I am pretty sure that it has to do with udev. give me  just a moment to see if I can find something
<kirkland> RoAkSoAx: thanks
<jevidl> nucking: take a look at /etc/udev/rules.d/70-persistent-net.rules
<jevidl> nucking: I am assuming you will see entries for eth1 and eth2 in there, in addition to eth0
<nucking> i remember having done something there before
<nucking> because i swapped the eths
<nucking> not sure if i swapped them back
<jevidl> nucking: if you remove the line with eth1, and rename eth2 to eth1 you should have it named properly
<jevidl> nucking: I would reboot to make sure it is persistent
<nucking> ok i'll check
<nucking> alright time for reboot
<nucking> jevidl, thank you so much =D
<nucking> now i hope this nic doesn't cause the same problems as the old one
<jevidl> nucking: no problem. I take it that straightened out the card order issues?
<nucking> i learned myself, asus may make good motherboards, but their nics are...
<jevidl> nucking: :)
<nucking> yeah
<nucking> i'm on irc with my desktop now, so it has to work
<nucking> now i gotta check if the samba works properly
<jevidl> nucking: good good. One other thing I noticed when looking up some stuff is that for at least some intel nics there's some hardware support for vlan tagging. If you're not using vlanning, don't sweat it.
<nucking> vlan tagging?
<nucking> what's that good for?
<jevidl> nucking: don't sweat it then :) if you want to know more, search for 802.1q vlans
<nucking> heh ok
<jevidl> nucking: it's generally used in very large networks to logically divide the network up based on switch ports, rather than needing separate physical hardware for each network.
<nucking> oh, well this is a very small home network
<nucking> just me, my desktop and a few wireless consoles
<jevidl> nucking: yeah, unless you want to become a network administrator someday, I wouldn't worry about it
<jevidl> nucking: your card can live happily at home without ever having that setting adjusted :)
<nucking> hehe
<nucking> i have yet to find a good book that introduces me to the usefull basics of linux, i've tried a few, none we're that usefull for me =/
<guntbert> !serverguide | nucking
<ubottu> nucking: The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<larsemil> What is this UEC? why would i want to use it?
<nucking> guntbert, thanks i'll give that a read, is there a print version avaialable? preferrably in german?
<guntbert> !tldp | nucking an of course
<ubottu> nucking an of course: documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<guntbert> nucking: search for linux, kofler  (a rather fat book)
<nucking> thanks
<nucking> 15 results at my library xD
<guntbert> gern geschehen :)
<jevidl> nucking: I also learned a great deal by picking something that I wanted to, like run a webpage, and then trying to do it following guides and what not. Helping out in the forums can also be a great way to learn things because you get to deal with a more varied number of problems than you would with just your own computers. Even if you don't know the answer to someones problem, doing some googling or reading the things people suggest can help you lear
<jevidl> :)
<nucking> well it's not so much running an apache or other things
<nucking> much more using linux itself, like i would have never known how to check for lspci
<nucking> i assume thats like ls for pci?
<jevidl> nucking: sure, that's just an example. The forums, as well as having your own issues, help with learning how to troubleshoot things.
<nucking> but what gave me real headaches was setting up a local dhcp, firewall and generally bringing my server to forward my internet connection to the desktop
<jevidl> nucking: yes, it's just like ls, but it lists the pci devices that the computer has installed instead of the files in the present working directory.
<jevidl> nucking: yep, I bet you learned a lot from it though, didn't you?
<nucking> oh well, yes
<nucking> but honestly
<nucking> i wouldn't wanna have to setup the firewall again
<nucking> haha
<nucking> i settled with shorewall
<nucking> but i'm also really helpless with very basic things, like copy paste on linux
<nucking> or opening a cli browser
<nucking> copying some text in/out
<nucking> i suppose i would have to | the text to some virtual device
<guntbert> nucking: the links I sent you are covering all that :-)
<nucking> guntbert, as i said, i'll give them a go, thanks again for your help and info guys
<jevidl> nucking: np, good luck
<nucking> if my connection dies now i'm gonna go mad
<nucking> hehe
<guntbert> nucking: ok - didn't want to sound impatient - have fun and happy reading
<uvirtbot> New bug: #530323 in postfix (main) "resolvconf update script should not produce error when main.cfg missing" [Undecided,New] https://launchpad.net/bugs/530323
<incorrect> rg
<kirkland> lool: ping
<kirkland> lool: i wanted to discuss one of your qemu-kvm changes, specifically the sound ones
<kirkland> lool: they seem to have regressed something that had just started working well here
<kirkland> lool: my last upload had --audio-drv-list="pa,sdl,alsa,oss", where I think you changed this to --audio-drv-list=alsa,oss,sdl,pa
<kirkland> lool: the order matters greatly here, in terms of what gets used by default
<kirkland> lool: and using pa (pulseaudio) here is what we want, i believe
<mathiaz> kirkland: hm - are you using the UEC test rig?
<kirkland> mathiaz: nope
<mathiaz> kirkland: great - because I've just nuked it
<mathiaz> kirkland: could you log off nickel as well?
<kirkland> mathiaz: sure
<mathiaz> kirkland: it seems that you're connected to all the serial consoles there
<kirkland> mathiaz: yup
<kirkland> mathiaz: can you just bump me?
<mathiaz> kirkland: why do you mean by bump?
<kirkland> mathiaz: dropped all
<mathiaz> kirkland: I cannot force you to drop the connections
<kirkland> mathiaz: oh, i was asking if you could just force me off
<mathiaz> cjwatson: hi - does d-i support vlans?
<mathiaz> cjwatson: ie can I set in the installer vlan network interfaces?
<cjwatson> I very much doubt it
<mathiaz> cjwatson: when is the early_command run?
<mathiaz> cjwatson: could I setup vlan interfaces from the early_command?
<cjwatson> cd or netboot?
<mathiaz> cjwatson: netboot
<mathiaz> cjwatson: (cd could also be an option)
<cjwatson> (doc/devel/menu-item-numbers.txt in the debian-installer source package, anyway)
<cjwatson> the answer differs, that's why I asked :)
<cjwatson> in the CD case, it's run immediately after detecting the CD; in the netboot case, it's run almost immediately after detecting the network
<cjwatson> note that in the CD case this means that it is *before* network detection
<cjwatson> it's run as early as the preseed file can be acquired, basically
<kirkland> cjwatson: do you have a pointer to the magic required to nudge that eucalyptus/cloud-address from the udeb/installer environment over to the chroot/installed environment?
<mathiaz> cjwatson: ok - thanks
<jronnblom> How can I add the driver for the mpt2sas to lucid? Have a new DELL R210 with the H200 driver which should use the mpt2sas driver
<mathiaz> jjohansen: ^^
<cjwatson> kirkland: look for $logfile in eucalyptus-udeb.postinst
<jjohansen> jronnblom: modprobe mpt2sas?
<mathiaz> jjohansen: is the mpt2sas built-in instead of being a module?
<jjohansen> checking
<jronnblom> it's not on the cd installer for server @ alpha3
<mathiaz> jronnblom: have you filed a bug in LP?
<jronnblom> nope, what is LP?
<mathiaz> jronnblom: LP = Launchpad - what is used to track bugs in Ubuntu
<mathiaz> jronnblom: https://help.ubuntu.com/community/ReportingBugs
<jjohansen> mathiaz, jronnblom: its a module
<mathiaz> jjohansen: hm - is it part of the kernel package?
<jjohansen> mathiaz: it should be
<mathiaz> jjohansen: mpt2sas isn't found anywhere on packages.ubuntu.com
<jjohansen> right, it wouldn't be in its own package
<jronnblom> yes and its in the server kernel but not in the generic one use on the cd-installer... atleast if I check the /lib/modules/2.6.32-14-server/kernel/drivers/scsi/mpt2sas
<jjohansen> it should be one of many modules that is part of the kernel
<mathiaz> jjohansen: right - I was also searching package *content*
<jjohansen> jronnblom: hrmm, perhaps they strip out some of the modules?  Because it is configured to build as part of generic
<mathiaz> jjohansen: jronnblom: seems like a bug to me
<mathiaz> jronnblom: could you report a bug against the linux package?
<mathiaz> jronnblom: see https://help.ubuntu.com/community/ReportingBugs
<jjohansen> yeah I would file it as a bug
<jronnblom> okay, i'll file a bug in launchpad against the linux package
<jjohansen> jronnblom: can you subscribe me, post the bug # here
<jronnblom> sure, i'll do that
<jronnblom> jjohansen: its bug id #530361
<jronnblom> i'll add more information tomorrow since the servers are at work and Im not :)
<uvirtbot> New bug: #529530 in autofs (main) "autofs hangs" [Medium,Incomplete] https://launchpad.net/bugs/529530
<mathiaz> cjwatson: how should install the vlan package in the early_command installation preseed?
<mathiaz> cjwatson: IIUC anna-install only understands udebs
<cjwatson> you can't, you'd have to construct a udeb out of it
<cjwatson> (well, you sort of can with udpkg and a bit of prayer, but you shouldn't)
<mathiaz> cjwatson: ok - so how do I build a udeb for the vlan package?
<cjwatson> add a vlan-udeb stanza to debian/control with 'XC-Package-Type: udeb', put the right files in it, iterate until it looks plausible
<mathiaz> cjwatson: great - thanks
<mathiaz> cjwatson: openssh-client-udeb is a good example?
<cjwatson> we don't have iproute in d-i, but we do have busybox which implements some of its functionality
<cjwatson> it may not have what you need in which case you'll need to extend busybox
<cjwatson> openssh is OK as an example, although note that it does a second build to avoid pulling in selinux and such.  this is not necessary with all packages
<cjwatson> libdebian-installer is relatively simple in this regard too
<cjwatson> mathiaz: oh, and sorry, I meant to say 'XB-Package-Type: udeb' not XC-
<cjwatson> hmm, apparently XC- is fine too
<cjwatson> I think XC-Package-Type is more correct and libdebian-installer is anomalous (d'oh)
<mathiaz> cjwatson: are the if-post-down.d/ if-pre-up.d/ and if-up.d/ scripts necessary in the installer?
<cjwatson> no, and they won't work
<cjwatson> no ifupdown
<mathiaz> cjwatson: I think this is why there is a dependency on iproute
<uvirtbot> New bug: #371475 in qemu-kvm (main) "Guest's built with Intrepid will not boot after upgrade to Jaunty" [Medium,Invalid] https://launchpad.net/bugs/371475
<mathiaz> cjwatson: what does "XB-Installer-Menu-Item: 99999" stand for in the openssh-client-udeb control stanza?
<cjwatson> mathiaz: have you read the documentation in doc/devel/ in debian-installer?
<mathiaz> cjwatson: hm I quickly glanced at it
<mathiaz> cjwatson: I guess I'll find the answer there.... :D
<cjwatson> specifically menu-item-numbers.txt
<uvirtbot> New bug: #258771 in qemu-kvm (main) "Using -usbdevice host: slows the guest OS down to a crawl" [Low,Fix released] https://launchpad.net/bugs/258771
<mrbucket> not sure if this is general or not.. but, i'm running into this https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/530353
<uvirtbot> Launchpad bug 530353 in linux-meta "Machine with 2+ interfaces will only respond to pings from same subnet" [Undecided,New]
<mrbucket> im using server on the machine in question... and didn't quite know what to search for in launchpad.
#ubuntu-server 2010-03-02
<kirkland> smoser: around?
<kirkland> smoser: can you please confirm https://bugs.edge.launchpad.net/ubuntu/+source/qemu-kvm/+bug/458201 on Lucid?
<uvirtbot> Launchpad bug 458201 in qemu-kvm "kernel stacktrace on volume detach in kvm guest" [Low,Confirmed]
<uvirtbot> New bug: #455411 in qemu-kvm (main) "Conffiles from kvm are left around on upgrade from Jaunty" [Low,Won't fix] https://launchpad.net/bugs/455411
<uvirtbot> New bug: #530402 in openvpn (main) "openvpn 'The VPN connection failed because the VPN service failed to start' error while connecting using nm-applet" [Undecided,New] https://launchpad.net/bugs/530402
<uvirtbot> New bug: #460542 in qemu-kvm "qemu-img complains about "Unknown option 'size'" when using host_device format" [Low,Triaged] https://launchpad.net/bugs/460542
<smoser> kirkland, i'll try reproduce tomorrow.
<kirkland> smoser: thanks
<www> hola
<www> alguien puede ayudarme en espanol?
<www> tengo una duda y necesito apoyo
<www> no ppl can't help me in spanish?
<KurtKraut> www, I think you will have more chances of getting help if you take the effort to explain your problem in english
<www> ok KurtKraut
<www> i like to shared the internet like that
<www> this is the server ( i configure to do that )
<www> i like this computer conect to the intertnet and shared to a router i have ( sisco wrt54g2
<www> to share to all network wlan and lan
<www> i have bad english sorry
<www> KurtKraut: you can understand me
<www> ?
<KurtKraut> www, thanks to my portuguese, yes, I can understand what you tried to say. You have a server with Ubuntu installed. This server has two ethernet cards: one plugged to a router that has access to the internet and other ethernet card that is pluged to a LAN. You want to the computers at LAN to access the internet. Right?
<www> wireless lan and cable lan with the router
<KurtKraut> www, can you make a drawing, an image of your topology?
<www> i think i can't because i don't install the xserver right now
<www> if y like think... i can explaint you the network
<KurtKraut> www, but explaining the network by text is quite difficult. Mainly because you cannot communicate well in english. Could you create a drawing like this? http://www.antamedia.com/manuals/hotspot/topology3.jpg
<KurtKraut> www, pudes crear una image como eso? http://www.antamedia.com/manuals/hotspot/topology3.jpg
<www> in lynx?
<www> let me see
<www> how i can copy paste in terminal?
<www> KurtKraut: sorry im new in linux
<www> im only need help to shared the internet with other computer in my network with my router
<KurtKraut> www. No, usted no entiendes. Quiero que usted crear un dibujo paraque yo y otros aquÃ­ entender cÃ³mo son las conexiones entre sus computadoras y equipos que tiene en su red. El tÃ©rmino tÃ©cnico para esto es "la topologÃ­a".
<www> KurtKraut: let me see
<bogeyd6> !english | KurtKraut
<ubottu> KurtKraut: The #ubuntu, #kubuntu and #xubuntu channels are English only. For a complete list of channels in other languages, please visit http://help.ubuntu.com/community/InternetRelayChat
<bogeyd6> !sp
<bogeyd6> !spanish | KurtKraut
<ubottu> KurtKraut: En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<KurtKraut> !spanish | www
<ubottu> www: En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<www> ok
<www> thnx
<persia> bogeyd6: "!es" works
<bogeyd6> yah i forgetted
<bogeyd6> just wanting to help people get to the right place for them
<persia> bogeyd6: Understood.  And it's tricky to get the right code.
<persia> e.g. !el is one that takes some thinking about for most English speakers.
<ruben23> how do i install openssh server  on my ubuntu server
<persia> `apt-get install openssh-server` ?
<ruben23> yep done thanks
<persia> ruben23: The parallel command likely works for everything else you want to install as well :)
<zul> persia: sudo apt-get install openssh-server
<persia> zul: I usually consider sudo to be an implementation detail, but yes, and I'll try to correct future statements.
<zul> persia: im just yanking your chain
 * persia should really invest in a good container in which to keep that coiled
<zul> lol
<uvirtbot> New bug: #427876 in qemu-kvm (main) "Unable to clean package without having all build-dep" [Wishlist,Fix released] https://launchpad.net/bugs/427876
<persia> That's not a bug.
<hink> Anyone looking for a full time Linux job in the Dallas area
<twb> hink: my arms aren't that long.
<hink> ha
<persia> twb: The Pacific isn't *that* big :p
<hink> twb: we can provide snorkel/scuba equipment
<hink> lol
<twb> I'm not licensed to use SCUBA gear.
<hink> twb: licensed? lol just a tank and some flippers.
<twb> Maybe out in the free west
<hink> I do have a question though. Is there a way to allow multiple users to SSH into a host and have sudo privileges without knowing the remote host password and without managing more than a single public key?
<hink> Sort of like a proxy or key manager
<twb> You can give them key-based entry coupled with passwordless sudo and/or ssh forced commands.
<twb> IMO it's inevitably wrong for two users to share an SSH keypair, though.
<hink> twb: that's fine, but say i have 5 admins. How do they auth with the same key without having the key on their system. There needs to be a jumbox of some sort. So the key is never stored on their system.
<twb> Why can't they have their own keys, on their own systems?
<hink> This way I can install a key on hundreds of systems and if a sysadmin leaves. I just remove their access to the proxy instead of going through hundreds of authorized_keys files
<twb> Incidentally, ssh-agent is the proxy you're talking about.
<twb> hink: it also means the "proxy" is a SPOF for all access to all hosts
<persia> hink: Just set up a system that manages the authorised keys remotely from one known good set.
<twb> It's not hard to iterate over hosts to remove a single key, though.  That would suffice to guard against post-facto malice, but not malice aforethought.
<persia> hink: So you use some server farm management tool to keep the file in sync with a central source.
<twb> persia: you mean like puppet?
<persia> Alternately, if you don't use a farm management tool, add a cron job that pulls, compares, and updates every (minute, hour, day, etc.) as needed.
<persia> twb: puppet is one of the tools that do what I describe, yes.
<twb> Nod.
<hink> persia: thats an idea
<twb> I babysit a lot of single-server SOHOs, so I'm a bit nervous to deploy a puppetmaster here and clients there, because of the relationship that implies.
<twb> But for a rack full of gear, it's fantastic.
<persia> hink: The important bit is that each admin has their *own* key, and each server has the list of keys.  Otherwise you have to both patch all the servers *and* redistribute keys every time, which is bound to end in operational failure.
<twb> Incidentally, how can I get opensshd to log WHICH key was used to gain entry?
<hink> twb, persia: The only issue with a single file with authorized keys is that the client may have keys of their own on a single server.
<twb> hink: with appropriate dancing, you can leave the client's part of the authorized_keys file alone.
<hink> i love to dance
<persia> hink: Easy way to work around that is to have different accounts for service provider and client as ssh targets, and use sudo from those accounts for elevated permissions.
<twb> That, too
<ruben23> hi during fresh install..with ubuntu- do i need to set something on the repo..?
<persia> ruben23: Could you restate the question?
<ruben23> i cant update and install
<twb> ruben23: insufficient data.
<ruben23> :-D
<hink> ruben23: You most likely need to sudy
<hink> *sudo
<ruben23> im at rrot
<hink> Sir, did you powercycle your modem?
<twb> Let's find out what the error message is, rather than guessing, eh?
<hink> twb: that never works
<persia> Lots of folk don't even have "modem"s as such :)
<ruben23> yeah.
<ruben23> wait
<twb> persia: ATM is still modulated and demodulated.
<twb> Oops, no it doesn't.
<persia> twb: I have ethernet to the national grid.  No modem.  It all depends on where you are.
<twb> Granted.  It'd be exceptional to get that in .au.
<persia> twb: Plus, folks with managed connections (building-wide, block-wide, etc.) often don't have any direct connection.
<persia> twb: Oh.  Yes.  In the land of wet strings, modems are more common :)
<twb> There are election promises of FTTH for 90% of the capita, but I'll believe that when I see it.
<pwnguin> you know what would be superb?
<twb> pwnguin: a rocket that shoots kippers.
<pwnguin> a smarter /etc merge on upgrade
<twb> Isn't that why you use git for /etc?
<pwnguin> well, upgrade presents one big patch
<pwnguin> it'd be nice to confirm / deny individual hunk
<pwnguin> s
<pwnguin> and maybe automate changes to spelling fixes in comments
<twb> That's what the "open a shell" option is for.
<persia> No, that's a limitation of etckeeper hooks.
<twb> Assuming you're talking about conffile conflict handling in dpkg
<persia> Ideally, etckeeper would be able to track each change as a potential commit, and let the admin deal with each individually.
<twb> persia: granted.
<pwnguin> persia has my general vision
<twb> If you want to get technical, etckeeper's darcs backend defaults to interactive.
<pwnguin> though it'd be handy to have heuristics to handle comments
<persia> pwnguin: Go implement it.  It mostly just needs smarter heuristics and per-file/per-upgrade tracking.
<twb> pwnguin: that would involve etckeeper knowing what format comments take in each kind of file
<pwnguin> twb: thats kinda what heuristics mean
<persia> Probably a small extension to dpkg and a larger extension to etckeeper to use multiple strands (how this is implemented depends on the VCS in use)
<twb> pwnguin: and THAT means you need to know what encoding the file is in.
<pwnguin> hmm. encoding might be tricky because ive got no clue how that works
<persia> twb: No.  You just need to know what set of files changed for each upgrade, and let the VCS and the user sort it.
<twb> pwnguin: I'm involved in Darcs' development, and I can tell you that what *looks* like a really trivial issue to the end user turns out to be... nontrivial to handle reliably.
<pwnguin> for the most part /etc comments should start with ; or #
<twb> pwnguin: except when they don't, of course...
<twb> e.g. if you have an XML config file (/etc/gconf.d/gconf.xml.mandatory/%gconf-tree.xml?), or inline comments.
<persia> Why do we care about the internal representation of the files?
<pwnguin> well, you can either use heuristics to improve user prompts or tune them to where false positives are rare.
<uvirtbot> New bug: #530468 in vlan (main) "[FFE] Build udeb for vlan" [Undecided,New] https://launchpad.net/bugs/530468
<twb> A conventional VCS needs to at least care if they're binary or text (split on \n) files.
<persia> Only for actually performing the merge.
<pwnguin> or displaying a diff
<persia> In terms of allowing the admin to sort through each merge separately, it doesn't matter.
<twb> A conventional VCS needs to know at commit time, because it stores commits as diffs.
<persia> Right, but the idea is to *not* commit during the dpkg run, but rather dump the admin into an interactive session to compare stuff after the dpkg run is complete.
<pwnguin> hmm
<pwnguin> here's a different idea
<pwnguin> ive really only made one change to php.ini, to increase from 16 to 32
<pwnguin> rather than try to merge the new maintainer into the old file
<persia> That's more advanced, and gets into the much more complicated mess twb is implying.
<twb> I think the crux of pwnguin immediate issue is that dpkg is doing a two-way merge between HEADs -- not even a three-way merge between HEADs and ancestor (let alone an n-way commuting merge).
<pwnguin> right, a 3 way merge
<persia> I think there are two issues.  1) etckeeper does a poor job of managing mass changes associated with a large upgrade and 2) dpkg merging is suboptimal
<twb> pwnguin: you can do that by dropping into a shell and comparing .dpkg-new/.dpkg-old against the etckeeper history.
<twb> persia: agreed.
<pwnguin> twb: unfortunately, for the moment all ive been doing is letting etc-keeper collect data
<pwnguin> at some point i should bother learning what it does
<pwnguin> well
<pwnguin> how to use it i mean
<persia> pwnguin: It just stores each state of config changes as a new revision in the VCS.  Handy for history, but not very granular.
<pwnguin> persia: right. i just haven't bothered working with it at all. poor writing on my part above
<twb> Our sysadmins are in the habit of using RCS for /etc/foorc
<twb> So I am trying to train them to instead call "etckeeper commit" after changing foorc
<twb> (Instead of ci -u or whatever it is.)
<pwnguin> heh, at work im lucky if anyone knows what RCS is
 * persia is glad not to have used RCS in over a decade
<pwnguin> i have a meeting tomorrow to integrate our RCS system for students with ldap
<pwnguin> woa
<pwnguin> you mean, THE rcs, and not A rcs?
<twb> pwnguin: um, RCS isn't a class of systems.
<twb> Yes, we mean "the" rcs.
<efleming969> does UFW support configuring port redirects? ie iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
<pwnguin> ive commonly seen RCS to mean 'revision control system'
<twb> efleming969: if you're prepared to write iptables-restore fragments by hand, it supports anything iptables-restore can do.
<twb> pwnguin: to disambiguate, I use "VCS">
<persia> pwnguin: "VCS" is typically used as a generic term to avoid semantic collision.
<efleming969> twb: ah, but not through the command interface?
<pwnguin> we have this legacy rhel 2 system
<twb> efleming969: AFAIK, no, but I don't do ufw much
<pwnguin> with a bunch of php and file copies for revision control
<twb> pwnguin: we have FC1 in our core network :-/
<pwnguin> tickets.php.ORIG1
<pwnguin> i haven't decided how to resolve that system
<efleming969> twb: i'm using server 9.10, where do you usually put your iptable rules (iptable-restore)?
<pwnguin> the braindamage is very deep with it so I'm inclined to drop as much custom stuff in favor of open source apps
<pwnguin> as possible
<twb> efleming969: I don't use non-LTS releases.
<twb> efleming969: but I recommend iptables-persistent.
<pwnguin> ive been called a poor sysadmin for this, but i really hate firewalls
<efleming969> twb: thanks, i'll look into it.
<uvirtbot> New bug: #524447 in qemu-kvm "virsh save is very slow" [Wishlist,Confirmed] https://launchpad.net/bugs/524447
<pwnguin> random question that's been bugging me for years: i've removed a package without --purge, how do i remove the conf files after the fact?
<twb> pwnguin: purge does that
<pwnguin> i understand that --purge removes the conf files, but if i try to remove a package thats already removed, --purge doesn't happen
<zroysch> reinstall then purge?
<twb> purge isn't remove
<persia> pwnguin: Just purge the removed package.
<persia> pwnguin: dpkg -P or aptitude purge or apt-get --purge remove or ...
<pwnguin> doesn't work that i can see
<persia> OK.  Give me a transscript of a session showing it not working.
<pwnguin> working on it
 * persia is doubtful this is possible.
<persia> Something like `dpkg -l ${PACKAGE}; dpkg -P ${PACKAGE}; dpkg -l ${PACKAGE}` should be sufficient to demonstrate that it works.
<pwnguin> http://paste.ubuntu.com/386749/
<twb> pwnguin: um, do you read what you paste?
<pwnguin> rc?
<pwnguin> hold on
<pwnguin> same thing with sudo
<persia> Well, try with aptitude purge or dpkg -P then.
<twb> # aptitude install -yR nvi &>/dev/null && aptitude search ~n^nvi$ && aptitude remove -yR nvi &>/dev/null && aptitude search ~n^nvi$ && aptitude -yR purge nvi &>/dev/null && aptitude search ~n^nvi$ | cat
<twb> i   nvi - 4.4BSD re-implementation of vi
<twb> c   nvi - 4.4BSD re-implementation of vi
<twb> p   nvi - 4.4BSD re-implementation of vi
<persia> I *thought* apt-get --purge remove worked, but I haven't tried that one in an immensely long time (perhaps before ever using Ubuntu)
<persia> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<pwnguin> twb: did YOU read what i pasted?
<resno> looking for resources on doing x11 forwarding using ssh
<twb> pwnguin: yes.  I saw that you failed to run as root.
<pwnguin> apologies for including both the failed and successful attempt
<pwnguin> but the successful version was there :P
<twb> Oh, mea culpa
<twb> Shrug.  Use aptitude.
<pwnguin> yea, looks like apt-get doesn't work but dpkg -P did
<pwnguin> persia: thanks for the tips
<uvirtbot> New bug: #530513 in eucalyptus (main) "openssh-client in lucid cannot connect to openssh-server in karmic" [Undecided,New] https://launchpad.net/bugs/530513
<larsemil> so my company want me to set up a service for VPS's, and i am going the ubuntu-server as host way. should i be looking into UEC or just going the familiar kvm way??
<twb> Seems to me UEC is kinda specialized
<persia> I think it depends on what one wants.  On-demand instances are fundamentally different than long-running instances.
<twb> I guess I read too much into his use of "VPS"
<persia> twb: One could implement a VPS in UEC, but it's different somehow :)
<larsemil> then i just go for the way i am used to. :)
<twb> I *still* can't get access to the VT-enabled hosts at work :-/
<twb> One is running a quickbooks vmware VM on 8.04, and modprobing kvm hard-locks the whole system.  The other is running... sigh... rp-pppoe.
<Daviey> UEC would be lots more exciting if there was a billing data source :)
<Pierreb> i got a problem trying to authenticate from AD to the ubuntu server
<Pierreb> We want to use the ubuntu server as a fpt server and users use their AD accounts to login to it
<persia> Daviey: How do you mean?  Is this not just accounting metrics on various types of usage?
<Pierreb> Problem is i cant get the ubuntu server to convert SID>UID
<Pierreb> any idea how to solve this?
<Daviey> persia: exactly that, but currently extraction would mean a dirty world of scripts, rather than an API.
<persia> Daviey: I think an API would just sit on top of a dirty world of scripts.  Maybe you'll write the scripts?
<Daviey> persia: well libvirt provides an API for the rest of the stack, but is more than a hacky bunch of scripts :)
<persia> Daviey: Ah, yes.  Hrm.  That makes it more of an integration effort :(
<merlijn-> hi, I am conducting some tests with UEC and trying to get Landscape to recognize the CLC as a Cloud
<twb> Pierreb: FPT?
<merlijn-> but it is giving me a fairly uninformative error: There was an error communicating with the cloud.
<Pierreb> twb: yes its running  vsfto
<Pierreb> vsftp
<twb> Oh, FTP.
<twb> Don't do that.
<twb> http://mywiki.wooledge.org/FtpMustDie
<Pierreb> twb: its the solution they want so...
<twb> Pierreb: it's your job to convince them not to want stupid things.
<Pierreb> nah its good and they want it
<twb> Like when you have kids, you put the detergent on the high shelf.  It is the same with customers.
<Pierreb> im just tired of this problem and want to solve it
<Pierreb> i dont really care if ftp/sftp/whatever is better
<twb> Pierreb: you should.
<Pierreb> that is not for me to decide
<lool> kirkland: Ah my bad, I didn't think the order would matter and I initially added esd to match the Debian package then removed it
<lool> kirkland: I see you fixed this already, thanks
<Omahn> Has anyone seen this message on upgrading 8.04 to 10.04?
<Omahn> mount: mounting none on /dev failed: No such device
<Omahn> Followed by:
<Omahn> udevd[857]: error getting socket: Invaild argument
<Omahn> Boot then bombs out with a segfault and drops to the initramfs.
<twb> Omahn: this is after upgrading *everything* ?
<Omahn> twb: Yep, 'do-release-upgrade -d' from 8.04 LTS
<Omahn> It's repeatable too, I've upgraded this server 3 times over the past 24 hours with the same result each time.
<twb> How can you upgrade more than once?
<Omahn> twb: It's a VM.
<twb> You mean you rolled back to a snapshot?
<Omahn> twb: I just take snapshots and roll back as required.
<twb> OK.
<Omahn> Just going to try again now to see if anything was pushed over night that makes a difference.
<twb> After do-r-u'ing, and before rebooting, confirm that sources.list points to lucid, then aptitude upgrade && aptitude -sy full-upgrade.  Does it offer to install/remove anything?
<Omahn> I'll try that now.
<twb> When I tried that Ubuntu d-r-u crap the other day, it fell over completely.
<twb> So I'm not convinced that it's actually doing its job.
<Omahn> twb: That's quite worrying. I hope it improves before release :-)
<twb> Anyway, that kind of failure you reported could be caused by booting the wrong kernel after upgrading udev, or possibly by building the initramfs with modules=dep instead of modules=most
<twb> Omahn: if you're going to report a bug, you should include the output of "dpkg --get-selections" both before and after the d-r-u.
<Omahn> twb: ta. I'll take a copy this time before I start the upgrade
<Omahn> twb: FYI - Following the upgrade the system is attempting to boot 2.6.24-27-server - that doesn't look right does it...
<twb> Omahn: I'd also like a pastebin of your menu.lst or grub.conf both before and after.
<Omahn> twb: Looks like grub is failing to install/update. The grub boot menu is only show 8.04.4 entries.
<twb> Omahn: lucid/i386 currently has 2.6.32-14-server
<twb> 8.04 ships .24?  Surely that's from -backports
<Omahn> twb: Any idea if the upgrade process should be installing grub 2 or leaving the old grub?
<twb> Omahn: last time I looked, it installed a chainload into the grub legacy menu
<twb> Omahn: that was on Debian -- Ubuntu might have played silly buggers with it
<Omahn> twb: Yes 8.04 has 2.6.24 as standard
<Omahn> Looks like 2.6.32 isn't getting installed at all.
<Omahn> No sign of it in /boot/
<johngilbrough> I've just installed 8.04 LAMP on a vps - looking good so far - and am now trying to get mail up and running with postfix & dovecot.  How do I get postfix to relay all mail for any dovecot user?
<johngilbrough> Aison - This is my first time here - is this a dead channel?
<twb> Omahn: you're right.  My 2.6.18 scars must be from RHEL or something
<Omahn> twb: Yep, rhel5 ships with 2.6.18
<Aison> johngilbrough, don't think so ;)  I allways idle here
<twb> Omahn: do you have a kernel metapackage installed?  You should by default, but maybe an admin removed it.
<Omahn> twb: I'll check in a moment, just updating vmware-tools.
<Omahn> twb: What the kernel metapackage names?
<Omahn> I'm back in 8.04 now.
<twb> aptitude search ~i~smetapackage
<iLLiZT> You shouldnt' bother with vmware-tools until you've finalized your kernel.
<Roxyhart0> My new users can not reach the profiles on the server, just create profiles in the local windows machine. however, the old users doesn't have any problem. somebody know what could be the reason?
<iLLiZT> Since any kernel version changes will make you have to reinstall vmware tools anyway.
<Omahn> iLLiZT: Not really true, we certainly want it running as often as possible to prevent VMware from swapping.
<twb> iLLiZT: even then, I found that vmware-tools was utterly useless for VMs running on a headless vmware-server host.  For ESX, maybe it is useful for hgfs or something...
<Omahn> twb: It prevents swapping when the ESX host comes under memory pressure if the tools are installed.
<Omahn> twb: I have linux-image-server metapackage installed.
<twb> I can't speak for ESX, only vmware-server.
<Omahn> I can't speak for vmware-server, only ESX. :-)
<iLLiZT> Well, both are sort of right.
<twb> Omahn: if you open the aptitude GUI, and sources.list contains lucid entries, and you've "aptitude update"d lately, it should say that metapackage can be upgraded to depend on a .32 kernel
<maxagaz> How to put this : "sudo ip addr add 10.100.102.233/24 dev eth0" in my /etc/network/interface (or somewhere else?) ?
<twb> Omahn: maybe this is related to the -server variant being removed from some architectures?
<Omahn> twb: Never used the aptitude GUI :-) I'll add the lucid entries to see what I get
<Omahn> twb: This box is amd64
<Omahn> (As are all our machines)
<Omahn> Just taking another snapshot, just in case...
<tdn> I have installed openldap and I am trying to add this ldif http://thomasdamgaard.dk/paste/P1494.html, using this command: ldapadd -h localhost -f sogo.ldif -x -w ********** -D cn=Manager,dc=sikkerhed,dc=org    I get the error: ldap_bind: Invalid credentials (49). If I do not specify password, I get this error: ldap_bind: Server is unwilling to perform (53) additional info: unauthenticated bind (DN with no password) disallowed. My slapd.conf is he
<tdn> This is what is written in the syslog, while trying to add sogo.ldiff using password: http://thomasdamgaard.dk/paste/P1495.html
<johngilbrough> Aison - when you responded, that line case across as red, making it stand out.  How did you do that?
<Roxyhart0> hi, My new users can not reach the profiles on the server, just create profiles in the local windows machine. however, the old users doesn't have any problem. somebody know what could be the reason?
<tdn> johngilbrough, probably because it started with your username?
<Omahn> twb: Aptitude is reporting that linux-image-server (2.6.24.27.29 => 2.6.32.14.15) will be done. I'm going to try the upgrade again and check over the logs.
<johngilbrough> tdn - makes sense - does one need to type in the other person's user name each time?
<johngilbrough> or is there some double-click trick?
<Aison> johngilbrough, if the line contains your name, this line is marked red in your irc client
<tdn> johngilbrough, check your irc client's doc.
<twb> johngilbrough: I don't even type the first letter of someone's name.  I just hit TAB and it completes most-recently-spake order.  If I REALLY need to disambiguate, I might type just the first letter.
<twb> johngilbrough: sticking "foo:" in front of a message is a convention to indicate you're speaking to a specific person, rather than just declaiming.
<johngilbrough> twb, there we go.  Alright.
<Omahn> twb: I suspect this is part of the problem: http://paste.ubuntu.com/386882/
<Omahn> twb: The upgrade carries on though, I would have expected it to abort at that point.
<twb> Omahn: that would assume the upgrade code wasn't written by idiots
 * twb rants
<twb> Note that I'm AT ALL annoyed by live-helper doing the same thing at me all day today.
<Omahn> :-) 613 open bugs on update-manager. ouch.
<Omahn> 'Upgrade complete' - The upgrade is completed but there were errors during the upgrade process.
<Omahn> Seems bit mild. Something more along the lines of, 'DONT REBOOT!! YOUR SYSTEM IS B0RKED' might be better. :-)
<a_ok> the ssh host-key  has changed on one of my servers. I get the message that i need to add this key to my .ssh/known_hosts file. I don't understand the syntax though. i know where to add the public key but that is it
<a_ok> can someone help me out with this?
<twb> Omahn: in this case it looks like the kernel package is at fault, not upgrade-mangler
<twb> a_ok: you need to delete the referenced line from (probably) ~/.ssh/known_hosts
<twb> a_ok: that's assuming that the host key change is legitimate -- if not, someone might be trying to trick you
<a_ok> twb: no its legid checked fingerprint. I just found out how to find hashed hosts
<Omahn> twb: Agreed, I'm just pruning some old kernels just to make sure disk space isn't an issue then I'll be repeating the upgrade.
<Omahn> Can anybody improve this one liner to remove all but current running kernel?
<Omahn>  dpkg --get-selections | grep linux-image-2.6 | grep -v `uname -r` | cut -f 1 | xargs apt-get remove
<twb> I'd never automate that
<twb> Maybe xargs aptitude --schedule-only purge, and then later manually call "aptitude install --visual-preview" to action it.
<twb> Omahn: how about this: aptitude --schedule-only purge ~i~nlinux-image && aptitude --schedule-only keep ~i~n`uname -r` && aptitude --visual-preview install
<Omahn> I'm not familiar with aptitude unfortunately. I should really look into it :-)
<twb> http://luv.asn.au/overheads/aptitude/aptitude-intro.html
 * persia idly notes that not all ubuntu upgrade paths are aggressively tested with aptitude, and aptitude fans may want to test against new releases and file bugs where there are resolver differences
<twb> persia: meaning that upgrade-mangler uses apt-get internally?
<Omahn> I'll be sticking with do-release-upgrade for major upgrades
<Omahn> twb: Yep.
<persia> twb: No, but apt-python, which uses libept (if I remember correctly), which is also used by apt-get.
<persia> (or maybe python-apt)
 * persia hasn't looked in a while
<twb> Wasn't libept introduced by aptitude?
<twb> I mean, I'm all for *trying* to use d-r-u, I just haven't seen it work yet.
<persia> twb: Hrm.  Seems to be python-apt -> libapt-*
<twb> Oh, lib*E*pt was a typo?
<twb> Whatever, it doesn't matter.
<persia> twb: No, a thinko :)
<persia> But aptitude doesn't appear to use libept either.
<twb> persia: it does on Debian
<persia> And also on Ubuntu.  I just got confused by line breaks :/
 * persia stops trying
<twb> $ aptitude -F%p search '?depends(libept0)' ==> aptitude aptitude-gtk debtags debtags-edit ept-cache goplay libept-dev packagesearch
 * Omahn gives in a files bug #530632
<uvirtbot> Launchpad bug 530632 in initramfs-tools "Upgrading from 8.04 to 10.04 fails on update-initramfs" [Undecided,New] https://launchpad.net/bugs/530632
<ahasenack> is there a guide somewhere specific for using ssl certificates with eucalyptus in ubuntu?
<twb> ahasenack: ubuntu-serverguide?
<twb> (Just guessing.)
<sommer> morning
<zul> morning
<zul> ttx: php 5.3 is just waiting for a binary new fyi
<ttx> zul: kewl
<zul> ill have to rebuild alot of the modules for php 5.3 in universe though
<AnAnt> Hello, is there a directory service package in Ubuntu ?
<uvirtbot> New bug: #530687 in postfix (main) "updates not installing properly" [Undecided,New] https://launchpad.net/bugs/530687
<henkjan> AnAnt: openldap is what you are looking for
<AnAnt> henkjan: I was told that there is something based on LDAP (probably that includes openldap) that is easier to configure
<AnAnt> but I dunno what it is called
<zul> ttx: for that samba gecos "bug" it should be fixed in git and i think it might be fixed in 3.4.6 which is in progress
<ttx> zul: that's one for you then :)
<AnAnt> anyways, where I can get help about configuring openldap for ubuntu ?
<AnAnt> ah, found it
<AnAnt> thanks
<kirkland> lool: sure thing, no problem ;-)
<smoser> ttx were you going to sponsor bug 475354/bug 519870 and bug 520734 ?
<uvirtbot> Launchpad bug 475354 in eucalyptus "Hostname not set correctly on UEC cloud due to IP address in local-hostname manifest data (DNS)" [Undecided,Fix committed] https://launchpad.net/bugs/475354
<uvirtbot> smoser: Bug 519870 on http://launchpad.net/bugs/519870 is private
<uvirtbot> Launchpad bug 520734 in ec2-init "error with ec2-init pkg when running apt-get upgrade" [Medium,Fix released] https://launchpad.net/bugs/520734
<ttx> smoser: it's done already
<ttx> (the karmic-proposed SRU)
<smoser> ah. i see. thanks.
<smoser> so why did it move from in progress to triaged?
<ttx> smoser: the SRU team uses status in a weird way
<ttx> smoser: i never completely understood it, but in most cases they don't want you near the fixcommitted/fixreleased states
<ttx> since they use it in their workflow
<uvirtbot> New bug: #517300 in likewise-open (main) "[armel] likewise-open needs porting to ARM" [High,In progress] https://launchpad.net/bugs/517300
<uvirtbot> New bug: #530714 in openssh (main) "Can't sftp to directories with brackets in the name." [Undecided,New] https://launchpad.net/bugs/530714
<AnAnt> Hello, I have several Ubuntu machines on the same network. The issue is when there are Ubuntu updates, they get downloaded several times (once for each machine), hence wasting the internet bandwidth, is there a way to make the machines get the updates from one of them ?
<persia> AnAnt: The formal way is to run a local (potentially partial) mirror, or a caching proxy for the network.
<persia> AnAnt: The desktopy way is http://castrojo.wordpress.com/2010/02/28/zeroconfing-squid-deb-proxy/
<AnAnt> persia: that desktopy seems sort of fast
<persia> But kinda not what you want to do if you have an SLA to meet.
<AnAnt> SLA ?
<AnAnt> I don't understand what you mean by this ?
<AnAnt> what Service Level Agreement ?
<AnAnt> are you talking about legal issues ?
<persia> Usually just tort if legal.
<persia> To put it another way: if you've 10 systems, jcastro's hints can help.  If you're managing 300, it's the wrong way to solve the problem.
<persia> Or: if you have a network that can have a dedicated mirror for a number of clients that are expected to update on some schedule and you'd like some control over the process, you want to manage a local archive or a local mirror (depending).
<AnAnt> ah, ok
<persia> If you just have your peronal machines, or maybe some from people who don't mind if it's not quite perfect, then you can use avahi.
<jcastro> http://packages.ubuntu.com/lucid/ubumirror
<AnAnt> nah, we're still small :)
<jcastro> ^^^ bunch of mirror scripts
<uvirtbot> jcastro: Error: "^^" is not a valid command.
 * persia likes ubumirror
<jcastro> me too
<zul> or you could install *cough* landscape *cough*
<AnAnt> zul: hmmm, you need Cataflam ?
<persia> zul: That's even heavier weight :)
<AnAnt> so does that squid-deb-proxy serve users from /var/cache/apt/archives/ or what ?
<uvirtbot> New bug: #530734 in krb5 (main) "ubuntu karmic update failed" [Undecided,New] https://launchpad.net/bugs/530734
<TeTeT> kirkland: anything you want me to check today? I have 50 minutes before a team meeting lfet
<bogeyd6> What is a command line way, without mounting, that I can copy a file from the linux machine to another linux machines network share?
<mathiaz> bogeyd6: scp is an option
<bogeyd6> mathiaz, ty
<AnAnt> how can an LDAP user change his password ?
<uvirtbot> New bug: #530752 in mysql-dfsg-5.1 (main) "Package mysql test suite" [Undecided,New] https://launchpad.net/bugs/530752
<uvirtbot> New bug: #522514 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Low,Incomplete] https://launchpad.net/bugs/522514
<uvirtbot> New bug: #530753 in eucalyptus (main) "Error trying to install images from store" [Undecided,New] https://launchpad.net/bugs/530753
<zul> mathiaz: ping are you going to package the mysql testsuite?
<zul> smoser: ping
<mathiaz> zul: well - If you could take a look at it, it would be great
<smoser> here
<mathiaz> zul: something similar to the puppet-testsuite package
<smoser> mathiaz, what state is DC UEC in
<zul> mathiaz: sure lemme work through the php5 transition stuff im working on
<mathiaz> smoser: I'm using it to add support for multi-network install
<zul> smoser: whats your ec2 php api package called?
<mathiaz> zul: cloudfusion
<smoser> cloudfusion
<smoser> yeah
<zul> mathiaz: thanks
<mathiaz> smoser: do you need a UEC operating now?
<smoser> no, it woudl be nice if it were operating at some point :)
<mathiaz> smoser: well - a UEC setup can be spanned in half an hour
<mathiaz> smoser: so if you really need it now you can take the rig for a few hours
<smoser> nah. just please either ping me when you leave it up, or ping me when your done.
<smoser> ideally done and in an operable state :)
<mathiaz> smoser: ok
<Omahn> Has anyone else come across bug #530632 when upgrading 8.04 to 10.04?
<uvirtbot> Launchpad bug 530632 in initramfs-tools "Upgrading from 8.04 to 10.04 fails on update-initramfs" [Undecided,New] https://launchpad.net/bugs/530632
<mathiaz> cjwatson: hi! I spent some time yesterday to setup vlan in the installer
<mathiaz> cjwatson: the first issue I ran into was the that vlan related kernel modules were not available in the installer
<mathiaz> cjwatson: bug 530459
<uvirtbot> Launchpad bug 530459 in linux "Include 8021q module in the installer for VLAN support" [Undecided,New] https://launchpad.net/bugs/530459
<mathiaz> cjwatson: what's required to get a kernel module to be included on the installer medias?
<cjwatson> mathiaz: talk to the kernel team, debian.master/d-i/ in the kernel tree controls a lot of this stuff
<mathiaz> cjwatson: ok - thanks.
<mathiaz> cjwatson: the next issue I ran into was creating a udeb - bug 530468
<uvirtbot> Launchpad bug 530468 in vlan "[FFE] Build udeb for vlan" [Undecided,New] https://launchpad.net/bugs/530468
<mathiaz> cjwatson: IIUC that would help in being able to install vlan-udeb in the installer
<cjwatson> mathiaz: yes, it would be easier.  with vlan-udeb in main, you could use anna/choose_modules=vlan-udeb rather than an early_command
<mathiaz> cjwatson: basically the following script run as an early command makes vlan working in the installer: http://paste.ubuntu.com/387099/
<mathiaz> cjwatson: the two bugs mentioned above would help getting rid of line 1 to 12
<cjwatson> mathiaz: any reason you didn't add "XB-Installer-Menu-Item: 99999" so that it's listed in anna?
<mathiaz> cjwatson: no reason - I was just trying to get something working
<mathiaz> cjwatson: to have a proof of concept
<mathiaz> cjwatson: I'll add XB-Installer-Menu-Item: 99999 to the vlan-udeb
<cjwatson> mathiaz: your udeb looks OK aside from that, though you might want to depend on whatever-modules (depending on where the kernel modules go)
<cjwatson> I don't know offhand which udeb would be appropriate for that
<mathiaz> cjwatson: now the question is how can I get rid of the networking commands (line 14 - 25 in http://paste.ubuntu.com/387099/)?
<cjwatson> (why is this coming up now after feature freeze? :-( )
<cjwatson> you would probably have to write an actual UI, give vlan-udeb a postinst, insert it into the menu in a sensible place, etc.
<cjwatson> I would recommend doing that for lucid+1 not lucid
<mathiaz> cjwatson: sure - that's part of automating the installation of UEC on multi networks
<mathiaz> cjwatson: I'm not aiming at having full support of vlan in the installer
<cjwatson> perhaps it would be appropriate to do it in eucalyptus-udeb then
<mathiaz> cjwatson: just enough so that I can automated the installation
<mathiaz> cjwatson: would it be possible to rerun the network configuration component in the early command?
<cjwatson> at this point, I don't think I understand the requirements in enough generality to make good recommendations; if it's specifically for UEC, though, eucalyptus-udeb seems like a more appropriate place than vlan-udeb
<cjwatson> no, it's not
<cjwatson> sorry, that's seriously complicated weird stuff you're getting into if you try
<mathiaz> cjwatson: yeah - I know
<Omahn> Speaking as a enterprise ubuntu user, vlan support in the installer would be very useful.
<cjwatson> Omahn: sure, but a month and a bit before release is not the time to try and design it in general
<Omahn> We currently have to fiddle with switch settings, do the preseeded build and then change the switch settings back.
<Omahn> cjwatson: Hell no :-) Support in Lucid+1 would be good though.
<cjwatson> perhaps somebody could put it on the UDS agenda, where we can design it properly
<Omahn> I would be more than happy to help testing.
<mathiaz> cjwatson: right - so it seems that what's reasonable for lucid is to get the vlan kernel modules and the vlan udeb?
<cjwatson> mathiaz: I'm not sure
<cjwatson> I don't have the cycles to think about this beyond the recommendations I've made so far
<mathiaz> cjwatson: once both are available I can tear up and down the network configuration in the early command script
<cjwatson> I can make sort of off-the-cuff "how do I do this" comments
<Omahn> mathiaz: Wouldn't it be better to go in 10.04.1 ?
<cjwatson> Omahn: no new features in point releases.
<mathiaz> Omahn: nope - it's a new feature
<cjwatson> but I can't do full-scale design
<Omahn> We've had new features in 8.04.x releases.
<cjwatson> Omahn: I'd veto this sort of installer change.  sorry
<Omahn> Like failed RAID boot support.
<Omahn> cjwatson: Ok :-)
<cjwatson> that was a bug fix for a previous attempt to make it work
<Omahn> Fair point
<cjwatson> actually maybe it was slightly more than that - but it was much simpler than this, anyway
<cjwatson> mathiaz: having just the kernel modules and vconfig should give you enough flexibility to do ad-hoc things elsewhere, I imagine, yes
<Omahn> Which channel would it be best to ask about my failing 8.04 -> 10.04 upgrades failing?
<mathiaz> cjwatson: yes - that's what I was thinking for lucid
<mathiaz> cjwatson: bug 530459 should cover the kernel modules
<uvirtbot> Launchpad bug 530459 in linux "[FFE] Include 8021q module in the installer for VLAN support" [Undecided,New] https://launchpad.net/bugs/530459
<mathiaz> cjwatson: and bug 530468 should cover config
<uvirtbot> Launchpad bug 530468 in vlan "[FFE] Build udeb for vlan" [Undecided,New] https://launchpad.net/bugs/530468
<mathiaz> cjwatson: that's enough to bootstrap vconfig with a custom early_command script
<mathiaz> cjwatson: integration in the installer would be discussed at the next UDS
<cjwatson> mathiaz: ok
<uvirtbot> New bug: #530814 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/530814
<uvirtbot> New bug: #530816 in euca2ools (main) "euca-run-instances help shows --keypair, should be --key" [Undecided,New] https://launchpad.net/bugs/530816
<\sh> anyone with a clue how to say vmbuilder to use VDE instead of bridged networks? or how can someone tweak it to do use it?
<\sh> oh man...my syntax style is bad
<mtx_init> why does nano open when I do visudo?
<uvirtbot> New bug: #530832 in vsftpd (main) "vsftpd 2.2.2-3ubuntu4 fails to upgrade because no ftp group" [Undecided,New] https://launchpad.net/bugs/530832
<MatBoy> oops, I did a remove --purge for a too new kernel... and now my menu.lst is gone
<persia> MatBoy: Install a replacement kernel before you reboot.
<persia> Or if it's too late, boot off something else, chroot into the target filesystem, and install a kernel, then reboot.
<uvirtbot> New bug: #530877 in php5 (main) "E:Unable to correct problems, you have held broken packages." [Undecided,New] https://launchpad.net/bugs/530877
<uvirtbot> New bug: #527275 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu7 failed to install/upgrade: subprocess installed post-installation script killed by signal (Interrupt)" [Low,Incomplete] https://launchpad.net/bugs/527275
<mathiaz> apw: hi!
<mathiaz> apw: how should I do to create a kernel-module udeb to for 8021q (vlan) modules?
<kirkland> cjwatson: the $logfile thing ... I'm not understanding that
<mathiaz> apw: see bug 530459
<uvirtbot> Launchpad bug 530459 in linux "[FFE] Include 8021q module in the installer for VLAN support" [Undecided,New] https://launchpad.net/bugs/530459
<mathiaz> apw: add a stanza to debian.master/d-i/package-list and create a file under debian.master/d-i/modules/ ?
<hink> How can i remove a script after running it without running a different command
<persia> hink: There's lots of ways, from simple to complex.  The name of the script is $0 which can help.
<persia> (note that this presumes POSIX shell scripts : other scripting languages have other conventions)
<hink> thanks persla.... i just got schooled in the ##linux channel. Apparently linux loads the script into mem before running so I can delete it from the script itself
<persia> I'd recommend adjusting your use case so you don't need to do that.  Given other context, probably something like running the script via ssh remotely from a known clean copy.
<apw> mathiaz, about right yes
<mathiaz> apw: yeah - I've got something working
<zul> ummm...cloudfront never made it in?
<mathiaz> apw: I'm just struggling with git to get this properly patched
<apw> mathiaz, ok ... get it to us soon, kernel freeze is imminent, and we close the tree before to get it ready in time
<Hawkey> hi.. need little help... with connectiong my usb WD BOOK to ubuntu server... could anyone tell me how to exactly do that?
<Hawkey> event there are some data on USB?
<Hawkey> *even
<hink> persia: its a setup script that sets up a newly deployed VM from a template
<uvirtbot> New bug: #475183 in bind9 (main) "host crashed with signal 7 in dst_lib_init()" [Medium,Incomplete] https://launchpad.net/bugs/475183
<Hawkey> some advice?
<uvirtbot> New bug: #530945 in keepalived (main) "Please backport keepalived 1.1.17-2 to Karmic from Lucid" [Low,In progress] https://launchpad.net/bugs/530945
<sherr> Hawkey: In shell, I would "tail -f /var/log/syslog", and watch for what device the disk gets.
<sherr> Hawkey: Then ..
<sherr> If I see it gets device /dev/sdd (and lists partitions sdd1 say), I ...
<cjwatson> kirkland: which bit are you having trouble with?
<bcurtiswx> Hi.  I just bought a domain and now I want people to be able to go to www.mydomain.com and have it reach my computer.  I have an account on afraid.org, and my IP blocks port 80.  Whats the best way to go about getting my website available to everyone outside
<uvirtbot> New bug: #530949 in samba (main) "mount.cifs yields garbled directory listing where smbclient works" [Undecided,New] https://launchpad.net/bugs/530949
<sherr> Hawkey: "mkdir /mnt/tmp" (say) and "mount /dev/sdd1 /mnt/tmp" and access files via /mnt/tmp
<sherr> Hawkey: If the disk is formatted NTFS (say), you will have to mount it using the "-t ntfs-3g" option etc.
<Hawkey> hmm looks like some error
<sherr> bcurtiswx: you need to set your domain up such that it points to the IP address (etc.) of the host your site resides on.
<bcurtiswx> sherr: done that (with afirad.org)
<bcurtiswx> afraid.org*
<cjwatson> you have to have a machine with port 80 accessible somewhere - there isn't much way around that
<bcurtiswx> sherr: since I can't use port 80 (incoming) due to my IP, what the most common way done to circumvent that?
<sherr> Put the site
<pmatulis> bcurtiswx: buy a url forwarding service
<pmatulis> http://www.dyndns.com/services/webredirect/ is one
<sherr> bcurtiswx: or put th site on port 8080 (say)
<cjwatson> (you can use an explicit port in the url, but nobody wants to do that)
<genii> When you chroot into a virtual machine from the host and run something there, what user owns the process?
<sherr> bcurtiswx: get a different ISP :-)
<cjwatson> the standard workaround is simply to host your site somewhere else
<bcurtiswx> sherr: it's either verizon (expensive) vs. Cox.net (less espensive) here and i have no other options
<bcurtiswx> cjwatson: yeah, i know.  I'd just rather not spend the $$
<cjwatson> genii: chroot requires root, so any process started by it starts out as root.  but you don't normally chroot into a vm ...
<Hawkey> sherr hmm Kernel logging (proc) stopped ... i don't like that
<cjwatson> bcurtiswx: website hosting alone is often cheaper than full isp access.  I don't know your region though
<bcurtiswx> cjwatson, pmatulis, sherr: ty
<Hawkey> sherr seems something is very very wrong...
<pmatulis> bcurtiswx: i had to do the same for a few years when i was with videotron.ca.  dyndns.org is pretty cheap ($30/yr IIRC)
<sherr> Hawkey: if there's an error somewhere, paste in pastebin and let's have a look
<Hawkey> looks like some kernel error
<Hawkey> sherr when i type tail -f /var/log/syslog
<Hawkey> i get few lines, pop3d, postfix, cron..
<Hawkey> and on the last kernel: Kernel logging (proc) stopped
<Hawkey> and everything is hanging .. waiting for something
<sherr> Hawkey: but your shell is working - and the system might be working : http://paste.ubuntu.com/
<Hawkey> yeah, but what could i past?
<Hawkey> that syslog has hmm 10 lines
<sherr> Hawkey: well, I don't know. Check logs - dmesg, syslog.* etc. Event history. What can I say?
<Hawkey> mmm interface setting is wrong
<Hawkey> but
<Hawkey> seems i cannot save file
<smoser> erichammond, ping
<smoser> so it looks like you've at least considered putting bucket name in 'name'
<smoser> 063491364108/alestic/ubuntu-9.04-karmic-scale8x-i386-20100220e
<uvirtbot> New bug: #527264 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: " [Medium,Incomplete] https://launchpad.net/bugs/527264
<lamont> I hate all those "postfix won't upgrade" bugs
<uvirtbot> New bug: #528936 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 523896)" [Undecided,New] https://launchpad.net/bugs/528936
<Bizzeh> hey, what is the recommended FTPD for quick, simple and easy setup?
<eekeek> I have a basic Xubuntu 9.10 server. I want to achieve case insensitive urls. I have mod_rewrite installed and working with a .htaccess file inside the /www folder. But I do not know how to configure the correct apache file(s). Can someone suggest a good step-by-step tutorial?
<Hawkey> sherr my linux FS seems to be read only.. cant do anything
<MatBoy> persia: yeah, was allsolved no issues :) thanks
<sherr> Hawkey: what makes you say that? wat are you doing?
<uvirtbot> New bug: #529004 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 upgrade fails - cannot stop mysqld" [Medium,Incomplete] https://launchpad.net/bugs/529004
<Hawkey> sherr i was testing isp config tool.. seems that my problem is cos of that
<Hawkey> hmmm
<Hawkey> looks like i screwed it up
<sherr> Hawkey: you are too vague for me to offer any advice or help. If you can be more specific, maybe I can offer advice.
<Hawkey> i would like to
<Hawkey> but don't know where to start
<Hawkey> seems partition is mounted for read only
<Hawkey> don't know how to switch it to rw
<sherr> Hawkey: what partition? what directory/folder are you trying to write to?
<Hawkey> to /dev/sda1
<Hawkey> primary disk
<sherr> Mounted on? What is output of "mount" (pastebin)
<Hawkey> mountpoint is / but i think about wrong options... errors=remount-ro
<Hawkey> but no i cant change it
<uvirtbot> New bug: #520277 in puppet (main) "no provider options in package type" [Wishlist,Incomplete] https://launchpad.net/bugs/520277
<sherr> Hawkey: Output of mount? I'm not sure I can help, sorry. Maybe a reboot - but if it is a failing disk, or disk/fs problems, I'd be cautious in case it fails to come back up. But I have no idea. Sorry.
<Hawkey> sherr ok.. lets try it different... is there a livecd which i could run read data from hdd but live cd could handle flash drive connection?
<sherr> Hawkey: I hear Ubuntu do LiveCD's. Try their web site.
<Hawkey> hmm some command to ignore fstab setting, i mean hot to ignore it's options .. need to remount drivi but without fstab specifics, is that possible?
<Hawkey> anyway how to ignore fstab when using mount command?
<Hawkey> i've wrong options there, but cant change them cos system is read-only
#ubuntu-server 2010-03-03
<Saw-Yer> !LAMP
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<uvirtbot> New bug: #531076 in eucalyptus "Remove workaround in euca-describe-images that requests all images even if an image id is specified" [Undecided,Fix committed] https://launchpad.net/bugs/531076
<uvirtbot> New bug: #373387 in vm-builder (universe) "runs chpasswd without -m prior to jaunty" [Undecided,Triaged] https://launchpad.net/bugs/373387
<twb> "Ext4 also adds support for date-created timestamps."
<twb> Suppose I'm using ext4.  Presumably it automatically sets creation timestamps without me needing to change anything.
<twb> Is there a way to inspect them (e.g. debugfs)?
<lfuser-687> Hello
<lfuser-687> any one?
<lfuser-491> hhhhhhhhheeeeeelllllllllloooooooooo
<uvirtbot> New bug: #531111 in euca2ools (main) "euca2ools generates an image that cannot be connected using ssh" [Undecided,New] https://launchpad.net/bugs/531111
<uvirtbot> New bug: #529411 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: alamprotsess installed post-installation script tagastas l?petamisel veakoodi 75" [Undecided,New] https://launchpad.net/bugs/529411
<uvirtbot> New bug: #531123 in tftp-hpa (main) "pxe boot with tftpd-hpa failed with error: Forbidden Directory" [Undecided,New] https://launchpad.net/bugs/531123
<uvirtbot> New bug: #530555 in clamav (main) "package clamav-freshclam 0.95.3+dfsg-1ubuntu0.09.10 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/530555
<pwnguin> planet or venus?
<twb> pwnguin: you what?
<pwnguin> ive decided my front page is terrible enough that i will replace it
<pwnguin> and im wondering whetheer anyone likes planet versus planet-venus
<pwnguin> the plan is to take up a bunch of RSS feeds related to me and aggregate them on my homepage
<pwnguin> currently im leaning towards venus to get some relevant practice with django templates
<twb> pwnguin: is this some kind of blogospeak?
<pwnguin> twb: its web 2.0 baby
<AnAnt> Hello, I need help with LDAP setup
<AnAnt> I followed the guide on https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<AnAnt> so, on the ldap server itself, things are working fine
<AnAnt> yet I attempted now to make another machine to access the LDAP server
<twb> pwnguin: if it were me, I'd go with something along the lines of ikiwiki/sphinx/gitit
<AnAnt> so I installed libnss-ldap & configured ldap-auth-config
<AnAnt> the problem is that it doesn't work, and I keep getting this in /var/log/auth.log: nss_ldap: failed to bind to LDAP server ldapi:///192.168.1.202:389: Can't contact LDAP server
<AnAnt> I can't figure out the reason, although I was able to do: telnet 192.168.1.202 389
<twb> Erm, isn't ldapi for sockets?
<twb> Use ldaps or ldap.
<AnAnt> twb: I tried ldap:// too, same thing
<twb> Use ldapsearch instead of nss_ldap during testing
<AnAnt> ok
<pwnguin> twb: im not really interested in CMS for this project. it's more like, I already do things on websites with good RSS feeds so it seems possible I could snag them all for content
<twb> Something like this: ldapsearch -x -D cn=admin,dc=example,dc=net -H ldap://127.0.0.1
<twb> pwnguin: those aren't CMSs
<pwnguin> ikiwiki isn't a wiki?
<twb> pwnguin: they're ways to take text and turn it into wankerriffic, but still static, HTML
<twb> So you don't need any of that bullshit "web app" crap
<pwnguin> meh
<pwnguin> sounds great for the antisocial
<twb> pwnguin: bingo
<AnAnt> twb: what does -xLLL mean ?
<twb> AnAnt: it means something like "actually work"
<pwnguin> but its really annoying when someone writes an ikiwiki page and leaves no decent way to contact the author
<twb> pwnguin: that's what email is for.
<pwnguin> assuming they publish one
<twb> If they don't, they're an ass.
<twb> It'll be in db.debian.org or keys.mit.edu or whatever anyway
<AnAnt> twb: ldapsearch -x -b "dc=example,dc=com" works
<AnAnt> but -D gives this:ldap_bind: Server is unwilling to perform (53) additional info: unauthenticated bind (DN with no password) disallowed
<twb> AnAnt: OK, we need to step back a bit.
<twb> AnAnt: do you want anonymous binds, or what?
<twb> Binding as the privileged LDAP account over a non-SSL connection is *really* bad juju.  You're trusting root on the client machine, AND the network between them.
<pwnguin> you could add a startTLS option
<twb> True.
<pwnguin> if you're worried about ssl overhead
<AnAnt> I see
<AnAnt> well, let it be anonymous then
<pwnguin> but you're probably only using ldap for passwording
<twb> For me, the overhead was "I don't want to waste time learning how to make valid certificates right now"
<pwnguin> heh
<pwnguin> its easy, you follow a nine step process and hand over money to thawte
<twb> pwnguin: if you're using RFC 2307 and no ppolicy overlay, you can't use passwd to reset your password on the client machine *unless* the client's root user has privileged access to the LDAP database.
<twb> pwnguin: I meant valid within a segregated network, not valid for Firefox users
<AnAnt> twb: ok, on the other machine, I run: ldapsearch -x -b dc=example,dc=com -H ldap://192.168.1.202, and that works
<twb> SSL's trust model is basically like GPGs, but with extra annoying complications I didn't want to deal with.
<pwnguin> twb: ah. then you start your own CA
<twb> pwnguin: right.
<pwnguin> you could probably do it with puppet
<AnAnt> twb: so why is LDAP authentication working on the server but not the other machine ?
<twb> The network in question *was* a trusted network, with very strong physical security, so I just gave up on SSL until I get some more budget.
<pwnguin> AnAnt: i know enough about ldap to get us all in trouble, but might there be a firewall?
<twb> AnAnt: probably because on the server, ldap.conf and ldap.secret (the client config) have a valid, privileged bind account details.
<pwnguin> s/i know/i only know/
<AnAnt> twb: I diffed between the ldap.conf on client and server, and only found this difference:
<twb> I know enough about LDAP to think of NIS fondly.
<kaushal> hi
<kaushal> I need help on Tomcat Client Deployer. Can someone guide me please ?
<pwnguin> the endgame at work appears to be activedirectory =(
<AnAnt> nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,couchdb,daemon,ebox,games,gdm,gnats,guest,haldaemon,hplip,irc,kernoops,....
<twb> pwnguin: acute dysentry is a whole extra layer of hurt
<twb> AnAnt: you can ignore that
<pwnguin> fortunately the local user group just gave a talk on tying PAM to AD
<AnAnt> so what's the problem then ?
<pwnguin> which i deftly recorded
<twb> AnAnt: I don't know.
<AnAnt> twb: what about this -D thing ?
<AnAnt> twb: ldapsearch -x -D "dc=example,dc=com", doesn't even work on the server, is that an issue ?
<twb> AnAnt: -D is the account to bind as
<twb> It takes the ldap equivalent of "root"
<AnAnt> ok
<uvirtbot> New bug: #531150 in php5 (main) "libapache2-mod-php5 is no longer working correctly on lucid" [Undecided,New] https://launchpad.net/bugs/531150
<uvirtbot> New bug: #531151 in php5 (main) "libapache2-mod-php5 is no longer working correctly on lucid (dup-of: 531150)" [Undecided,New] https://launchpad.net/bugs/531151
<AnAnt> twb: should a DNS server be installed on the LDAP server
<twb> AnAnt: it doesn't matter.
<twb> At least, it doesn't if you're using ldap://<IP> rather than ldap://<hostname>
<AnAnt> yup I am using ldap://<IP>
<twb> The data *in* the database, i.e. dc=example,dc=net, doesn't have any relation to your domain name, except by convention
<twb> You could just as easily call it dc=i,dc=like,dc=waffles
<twb> (Note: some exceedingly stupid scripts might ASSUME that your IP domain matches the LDAP domain, and most will default to that.)
<AnAnt> silly me !!!!!!!!!!!!
<AnAnt> ldap:///192.168.1.202 !!
<kaushal> checking in again for my query ?
<persia> kaushal: I answered your query in -java
<persia> kaushal: Also, please try one place at a time.
<kaushal> persia: ok
<AnAnt> twb: sorry for the bother !
<persia> AnAnt: This is also a support channel for server-specific stuff.  It's no bother: please ask again (and others learn from backscroll)
<AnAnt> persia: well, the thing is that I was blind: ldap:/// instead of ldap:// !
<twb> AnAnt: np
<twb> It's because ldapi:/// is the default
<twb> the last slash being the root directory
<AnAnt> ah !
<hyperlinx> irc://quakenet/
<uvirtbot> New bug: #531180 in ntp (main) "package ntp 1:4.2.4p8+dfsg-1ubuntu1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/531180
<hink> how do i pass each line of text out of this command to an command as an argument? find . -mmin -60 -type f -exec echo {} \;|cut -d/ -f2
<hink> find . -mmin -60 -type f -exec echo {} \;|cut -d/ -f2
<hink> its late... find . -mmin -60 -type f |cut -d/ -f2
<kaushal> checking in again for my query ?
<hink> found the answer for anyone who is interested!
<hink> find . -mmin -300 -type f -exec sh -c 'echo $1 |cut -d/ -f2|xargs <command>' {} {} \;
<acalvo> it seems that the packages dovecot-postfix does not do what it claims because there is no SASL backend working for SMTP (there is no 250-AUTH PLAIN LOGIN)
<acalvo> althought all the config files by default seem to be right
<lifeless> ttx: ping
<ttx> lifeless: pong
<lifeless> eucalyptus on one machine
<lifeless> I replied to the bug
<lifeless> but I thought real time might be more efficient
<ttx> lifeless: I didn't even know that was possible, tbh :)
<lifeless> in short, it works fine, upstream are wrong - don't understand iptables or something.
<ttx> lifeless: interesting, maybe we should keep your bug open, just at a lesser priority (we are busy fixing the recommended use cases right now)
<lifeless> I realise some scripts will need a little tweaking to distribute the keys properly etc in this layout, but I think its well worth the reward of making it work by default, rather than folk having to find my blog post, read my wiki edits and manually fix it up.
<lifeless> For my next trick I'm going to get it running on my networks DHCP & DNS server.
<lifeless> which I anticipate might be a little tricky.
<ttx> lifeless: ack, I'll un-invalidate your bug -- it's just a lesser priority for us to support that mode, so we cannot commit to fixing this for lucid
<lifeless> sure.
<lifeless> wishlist it
<ttx> lifeless: ok, and thanks for your testing, btw :)
<lifeless> de nada
<lifeless> I needed UEC to work for me so that I could develop the hudson UEC support.
<lifeless> which dx need.
<lifeless> and as I only had the one suitable machine :- I just assumed bugs and did it.
<AnAnt> I have a question about LDAP authentication. LDAP user "joe"  logged  on machine A. After some while,  machine A got disconnected from the network, hence "joe" cannot login to A, since A cannot fetch the login info, is there a workaround this issue ?
<acalvo> well, I was wrong. Package dovecot-postfix works and you get the AUTH LOGIN PLAIN if you use STARTTLS
<kaushal> hi
<kaushal> anyone using Tomcat Application Server ?
<kaushal> At the moment, I stop,kill tomcat and scp the war to webapps folder and start tomcat server. is there a better way to do it ?
<pts_> Anyone who can confirm that DRBD is broken with latest Lucid update (kernel 2.6.32-15)? FATAL: Error inserting drbd (/lib/modules/2.6.32-15-server/updates/dkms/drbd.ko): Unknown symbol in module, or unknown parameter (see dmesg)
<uvirtbot> New bug: #531216 in mysql-dfsg-5.1 (main) "Ubuntu 9.10 Server x86_64 - mysql crashes 'ERROR: The partition with /data/mysql is too full!' but there are at least 16 GB free on each partiton (boot and data)" [Undecided,New] https://launchpad.net/bugs/531216
<ivoks> pts_: drbd needs update in lucid
<ivoks> pts_: which version are you trying to load?
<ivoks> 8.3.3?
<ivoks> 8.3.7 is on the way...
<pts_> correct
<pts_> Guess I should use the one in Ubuntu-HA repo
<ivoks> bug 524594
<uvirtbot> Launchpad bug 524594 in drbd8 "[FFE] Please sync drbd8 from ubuntu-ha PPA - 8.3.7" [Undecided,Confirmed] https://launchpad.net/bugs/524594
<pts_> Is the lucid packages in Ubuntu-HA the ones that will be included in the final 10.04 release?
<ivoks> yes
<pts_> I was wrong, I'm using 8.3.7rc2 from the ubuntu-HA
<pts_> Was apt-cache show that fooled me
<pts_> I've figured it out; on the ClusterStack/LucidTesting page is says to use repo deb http://ppa.launchpad.net/ubuntu-ha/ppa/ubuntu lucid main , but then changing it to deb http://ppa.launchpad.net/ubuntu-ha/lucid-cluster/ubuntu lucid main I got an update and everything is working again. Should the wiki be updated?
<vmlintu> AnAnt: sssd or pam_ccreds might do what you want
<AnAnt> vmlintu: what are those ?
<vmlintu> AnAnt: pam/nss components that store user information locally so that you can still login even if connection to authentication server is broken
<hemanth_> how can i automate server to shutdown and startup everyday at a particular time i tired corn job with ACPI Wakeup is not happening
<alvin> hemanth_: I think you needs BIOS support for that kind of thing. It will not work with cron, except for the shutdown.
<alvin> hemanth_: You can also try WOL
<hemanth_> alvin, bios has that feature
<hemanth_> okies
<hemanth_> seeing WOL
<alvin> hemanth_: Then you need to set up the wakeup time in your BIOS. For WOL, you need a server to send the magic packet
<hemanth_> alvin, any wiki on the same? or any tool ?
<alvin> hemanth_: No idea. It's manufacturer related. The best place to look is in your server's manual
<hemanth_> alvin, you mean serverguide.pdf?
<alvin> No, the manual of your server/motherboard
<hemanth_> alvin, ok :)
<hemanth_> the issue is this manually i set the alarm it works, but not via cron!
<hemanth_> if i place the commands in /etc/rc.local will it do the required?
<alvin> hemanth_: No. Cron can't start jobs if the computer is not powered no
<hemanth_> alvin, http://pastie.org/private/zjfjevg29vfniaiqdyfarq is what i have done as of now
<alvin> Ah, I see what you're trying to do
<hemanth_> :)
<alvin> I have no experience with resuming from S3 or S5, but the shutdown command will shut you down completely (S6 I believe). So, no, this isn't working
<alvin> You have to put the computer to sleep or soft off instead (I don't know how from the command line)
<hemanth_> but manually it does, so if i put the script in startup?
<hemanth_> manually i set the alarm and then did a shutdown after the given time it started
<Omahn> echo 4 > /proc/acpi/sleep
<Omahn> Is how I've done it in the past.
<Omahn> Not sure if it still works or not.
<hemanth_> Omahn, 4 as in?
<Omahn> kirkland will almost certainly know the answer as he's written that tool (name escapes me) that adds power management to servers.
<Omahn> hemanth_: State 4, suspend to disk I think
<hemanth_> o kool, is he around?
<alvin> hemanth_: Maybe this Mythbuntu article will be of some use for you: http://www.mythtv.org/wiki/ACPI_Wakeup
<hemanth_> alvin, i did my script seeing the same!
<Omahn> hemanth_: http://acpi.sourceforge.net/documentation/sleep.html
<alvin> Certainly looks interesting. I think I'll mess a bit with my atom servers at home this weekend.
<hemanth_>  try automate few server
<hemanth_> *trying to
<hemanth_> Omahn, sleep is better than shutdown and power on u suggest ?
<hemanth_> Omahn, S5 - "Soft Off"?
<Omahn> hemanth_: Err, depends on your requirements. I personally wouldn't do either, but then we're a big enterprise shop.
<hemanth_> Omahn, i have collected a stat on the same, shall i send it over a PM?
<Omahn> hemanth_: Errm, you've lost me. What are you truing to do?
<Omahn> *trying
<hemanth_> Omahn, automate server to shutdown and start @ a particular time each day
<Omahn> hemanth_: Ok, in that case you will need either 1) Wake up time support in your systems BIOS or 2) Another machine on the network to send a magic packet, or wake on lan packet, to wake the machine back up. Do you have either of them?
<hemanth_> Omahn, yes i have first one, second one is not hard to configure i guess
<Omahn> hemanth_: In that case I would go with the BIOS wake up time option and just put a cron job entry in as root to do '/sbin/init 0' at whatever time you wish the machine to shutdown.
<hemanth_> Omahn,  http://pastie.org/private/zjfjevg29vfniaiqdyfarq is what i have done as of now, i have placed the same in cron.daily
<hemanth_> but  nothing is  happening
<Omahn> hemanth_: I would put those commands in the root crontab instead of your users, unless you have also updated sudoers those lines will require manual intervention in order to work as they will be requiring password entry.
<AnAnt> vmlintu: so I should add something to /etc/pam.d/* ?
<hemanth_> Omahn, o! ok will put them in roots cron :)
<Omahn> hemanth_: Cool. Hopefully that will sort it out.
<vmlintu> AnAnt: which ubuntu version are you using?
<hemanth_> Omahn,  there are in the root cron also! cos the user was under sudoers
<AnAnt> vmlintu: 9.10 (karmic)
<hemanth_> Omahn, have just removed all the sudo, lets see
<hemanth_> Omahn, if it works the machine must go down in 4 mins
<Omahn> hemanth_: Hmm, in that case sudo shouldn't have prevented it from working.
<Omahn> hemanth_: So it's the shutdown that isn't working?
<vmlintu> AnAnt: for pam-ccreds there's an how-to here: https://help.ubuntu.com/community/PamCcredsHowto
<Omahn> hemanth_: BTW - Is that your actual crontab? It doesn't have any times listed.
<vmlintu> AnAnt: I haven't tried that with karmic myself, though
<AnAnt> vmlintu: thanks
<vmlintu> AnAnt: for sssd you can install the sssd package from the repo, but I've used only the lucid version of it
<Omahn> hemanth_: If you have those commands in cron.daily then they will only be executed once per day. So the shutdown may not take affect until tomorrow when the crontab has been run.
<hemanth_> Omahn, yes, i have placed it in cron.daily, should i specify the time explicitly ?
<Omahn> hemanth_: Yes, and in roots crontab, not cron.daily
<Omahn> hemanth_: https://help.ubuntu.com/community/CronHowto
<vmlintu> AnAnt: sssd documents are here: https://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2
<hemanth_> Omahn, i did service restart cron
<vmlintu> AnAnt: I'm in the process of writing in my blog about sssd with lucid, but it isn't ready yet
<Omahn> hemanth_: On my system, cron.daily will only be read according to this:
<Omahn> 25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
<Omahn> So at 06:25, not on restart of cron.
<Omahn> hemanth_: Check out that wiki page, it's got a decent amount of info on it.
<Omahn> hemanth_: I'm signing off for 30 mins or so now, but I'll be back later.
<hemanth_> Omahn, had read that, have opened it again
<hemanth_> Omahn, okies see you tomo then :)
<hemanth_> Omahn, thanks for the inputs
<zul> morning
<zul> mdeslaur: ping how did you regenerate the cert for the mysql testsuite?
<mdeslaur> zul: I finally decided to use the upstream cert, I dropped my own test cert
<zul> mdeslaur: how did you do that then?
<mdeslaur> zul: http://bugs.mysql.com/bug.php?id=50642
<mdeslaur> zul: I have a patch that updates the certs in the mysql package
<zul> mdeslaur: ahhhh
<zul> i might as well go fix the package in universe
<mdeslaur> zul: oh, yeah, I wanted to do that, but for some reason couldn't get it to compile...but I haven't tried since
<zul> mdeslaur: k ill have a look at it
<mdeslaur> zul: oh! you did php-imap, sweet :)
<zul> mdeslaur: yep and mcrypt and interbase....ive been a busy boy ;)
<mdeslaur> hehe
<Italian_Plumber> If I had a choice, which is better, having a Windows server reading/writing ext3  filesystems, or having an Ubuntu server reading/writing ntfs/fat32 filesystems?
<jpds> Italian_Plumber: I would say the latter.
<uvirtbot> New bug: #530550 in vm-builder (universe) "ubuntu-vm-builder crashed with libvirtError in defineXML()" [Undecided,New] https://launchpad.net/bugs/530550
<zul> soren: ping the server-regression-test is taking whatever is in the archive right?
<soren> zul: Yes.
<zul> soren: sweet...im testing a fix for the ssl tests
<soren> zul: mdeslaur said he had a patch for it.
<zul> soren: yeah but he didnt apply it to mysql 5.0
<soren> zul: Right.
<zul> soren: im doing a local build before I upload it
<Jeeves_> Is there known breakage in Lucid with open-iscsi?
<Jeeves_> I get the following message:
<Jeeves_> iscsiadm: initiator reported error (5 - encountered iSCSI login failure)
<Jeeves_> And see no traffic towards the target
<ttx> sommer: around ?
<ttx> soren: would you take papercut bug 460398 ?
<uvirtbot> Launchpad bug 460398 in server-papercuts "/etc/timezone is not set correctly" [Medium,Confirmed] https://launchpad.net/bugs/460398
<ttx> or are you already overwhelmed ?
<ttx> it's a vmbuidler bug, supposedly
<ttx> not sure how much it still applies to the new release
<soren> ttx: I'm surprised it wasn't in my last release. I certainly looked at the code and fixed it up, but apparntly didn't merge it back in.
<sommer> ttx: a little bit
<soren> ttx: I'm happy to accept it as a papercut.
<ttx> sommer: was wondering about https://bugs.launchpad.net/server-papercuts/+bug/211915
<uvirtbot> Launchpad bug 211915 in amavisd-new "Insecure dependency when using sql for Log Reporting" [Undecided,Confirmed]
<ttx> sommer: should it be made a doc papercut, and if so, would you accept to be assigned to it ?
<ttx> soren: deal
<sommer> ttx: sure sounds good to me
<ttx> ok, deal
<Omahn> Anyone tried an 8.04 to 10.04 upgrade recently? All my upgrades have been failing for a few days now.
<Omahn> Due to this: https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/530632
<uvirtbot> Launchpad bug 530632 in initramfs-tools "Upgrading from 8.04 to 10.04 fails on update-initramfs" [Undecided,New]
<ttx> Omahn: not recently
<Omahn> I wasn't sure if it was something specific to our environment so this morning I spun up 8.04 with testdrive and did a default install followed by 'do-release-upgrade -d' and it fails.
<soren> ttx: Thanks for the poke. I'll target the 0.12.3 milestone for right before beta-1 freeze.
<ttx> Omahn: could you make sure mvo is aware of it ?
<Omahn> ttx: What's the best way of contacting mvo?
<ttx> (on #ubuntu-devel)
<Omahn> ta.
<ttx> Omahn: thank you !
<kirkland`> Omahn: powernap / powerwake
<Omahn> kirkland`: That's the one :-)
<Omahn> The user in question has disappeared now unfortunately. Hopefully (s)he will work it out.
<Jeeves_> Nobody here with issues in Lucid with iscsi?
<zul> i dont run iscsi so I cant coment about it, but you might want to raise a bug report in launchpad
<cbrowne> where should I ask hardware questions? (I know it's sort of a meta question, but I didn't want to just launch right into it only to be told "wrong room", y'know?)
<smoser> kirkland, ping
<smoser> 2 euca questions for you
<kirkland> smoser: hit me
<smoser> a.) how should i do an install now
<smoser> b.) in my 2 machine system, is it easy to --purge and install ? the install from usb key is a PITA
<kirkland> smoser: been a while since i tested package-based install, but theoretically it should work; and we need bugs filed if it doesn't work
<kirkland> smoser: https://help.ubuntu.com/community/UEC/PackageInstall
<kirkland> smoser: i did some work on purge earlier this cycle, around a2
<kirkland> smoser: it was clean and working when i last left it
<smoser> kirkland, ok. i might give that a run later today
<pmatulis> Jeeves_: what iscsi issue are you referring to?
<Omahn> pmatulis: No need to respond to my last comment on that support case, mvo has picked up the bug report on launchpad
<pmatulis> Omahn: roger
<pmatulis> Omahn: i'm currently attempting an lts upgrade
<pmatulis> Omahn: it worked
<Omahn> pmatulis: From 8.04 to 10.04?
<pmatulis> Omahn: yes, but interestingly, i used a minimal hardy install via vmbuilder
<Omahn> pmatulis: Ah, I've not tried it with vmbuilder. I'll give that a go now.
<pmatulis> Omahn: ok, and i'll update the bug
<Omahn> pmatulis: ta
<pmatulis> nijaba: vmbuilder wiki updated
<nijaba> pmatulis: \o/
<pmatulis> nijaba: what is the story/policy behind duplicating docs in server guide and on h.u.c?
<nijaba> pmatulis: no policy.  Doc teams decides what fits best, eventually discuss it with us
<nijaba> pmatulis: doc team for server generally == sommer
<pmatulis> nijaba: ok, but it's hard to keep same/similar docs in sync i imagine. like the recent vmbuilder page
<nijaba> pmatulis: lots of work, indeed
<StrangeCharm> what's the right support channel for the apache webserver?
<nijaba> StrangeCharm: if it is on Ubuntu, feel free to ask your question here
<StrangeCharm> how do i add subdomains to my server?
<nijaba> StrangeCharm: their is a section on this on https://help.ubuntu.com/9.10/serverguide/C/httpd.html
<ball> What is replacing drbd?
<StrangeCharm> thanks nijaba
<nijaba> ball: why do you want to replace it?
<ivoks> replacing drbd?
<ball> nijaba: I don't, especially.  Thought I read on the mailing list that it was being superceded by something else.
<nijaba> ball: no, it is removed from the kernel an is a dkms package now
<ivoks> no :)
<ivoks> and will be back in the kernel soon :D
<nijaba> ivoks: thanks mainstream ;)
<ivoks> cause drbd is becoming standard part of kernel
<ball> Ah, okay.  That's good to know.
<ball> I need to find out more about that.
<zul> ivoks: you might want to poke the release team wth respect to drbd though if you havent yet
<ivoks> zul: i'm tired of poking :)
<ball> ...starting to wish the servers had 10gbit network ports handy.
<ivoks> zul: i'll create my own 'super cluster extension for ubuntu' product
<ivoks> zul: and sell it for millions :)
<zul> ivoks: heh clububuntu?
<ivoks> hehe
<ball> ivoks: I only want to cluster two machines ;-)
<ivoks> ball: that will be only two millions :D
<ball> We're a non-profit, so that's not going to happen.
<ivoks> hehe
<RoAkSoAx> lol
<ball> I need some way to mirror a filesystem across two servers.
<ball> (for redundancy)
<ivoks> use drbd
<ivoks> there's a nice howto for lucid
<ball> ivoks: thanks.
<ivoks> https://wiki.ubuntu.com/ClusterStack/LucidTesting#Pacemaker,%20drbd8%20and%20OCFS2%20or%20GFS2
<ball> ...may have to hire a consultant to do that.
<ball> ...or something.
<ivoks> ? it's a copy-paste tutorial :)
<StrangeCharm> how do i make a new database on the default LAMP install?
<ball> Hmm... okay.
<Omahn> pmatulis: Upgrade works for me too in a VM created with vmbuilder.
<pmatulis> Omahn: ok
<Daviey> ball: if you draw your full requirements out; you may find that you don't need filesystem replication
<ball> Daviey: I'm not sure what else to do.
<ball> Daviey: We want to run two servers side by side and when one fails, the other picks up the load.  Does that sound practical with Ubuntu Server?
<Daviey> ball: make a list of the services and media that need replication :)
<Daviey> ball: yep
<ball> Daviey: the servers will be running a desktop and a few apps: OpenOffice.org, SeaMonkey, the GIMP etc.
<ball> (for a few "thin client" graphical terminals)
<ShadeS> hey
<ball> I need people to see the same filespace regardless of which host they get connected to.
<ShadeS> my system keeps hanging after i select install
<ShadeS> 550mhz not going to cut it?
<ball> ShadeS: it's probably not because of your CPU
<Daviey> ball: it is sounding like drbd is well suited.
<ShadeS> yeah
<ball> Daviey: thanks.
<ShadeS> I don't think it's the cpu either
<ShadeS> is there a slowseek option for the cdrom?
<Omahn> pmatulis: Was your build 32bit?
<pmatulis> Omahn: no
<alvin> ball: I think the latest LTSP has clustering capabilities, but I haven't tried it yet
<ball> alvin: I've heard rumours of those too.
<ball> alvin: Not sure whether or not to trust that though.
<alvin> ball: No idea. On day, I'll try it in a virtual machine
<ball> brb, phone
<ShadeS> anyone?
<ball> ShadeS: does it just hang?
<ShadeS> i see a flashing _
<ShadeS> no keyboard response
<ball> ShadeS: how long have you left it?
<ShadeS> more than reasonably long
<ball> ShadeS: Have you tried booting with ACPI disabled?
<ball> ShadeS: How much RAM do you have btw?
<ShadeS> 393216k
<ball> ShadeS: That's tight, but should enable you to boot at least (I've done it on a 256 Mbyte machine)
<ShadeS> it's just going to bea fileserver
<ShadeS> i don't need x on it
<ShadeS> ok
<ShadeS> well i tried noacpi
<ball> ShadeS: I usually give my fileservers 2Gbytes RAM
<ShadeS> i'll flip all those options on
<ShadeS> pardon me, I don't shit gold bricks ;p
<ShadeS> i wish i could drp that in here
<ShadeS> but ic an't ;(
<ShadeS> i'm going out for a smoke, if it doesn't oad by the time i'm back i'll consider it hung
<piotrekm> hello
<LimCore> hi, my LAMP crashes sometimes recently. Nothing in logs.. where one could start debugging?
<LimCore> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/531441
<uvirtbot> Launchpad bug 531441 in apache2 "[karmic] Apache crashes" [Undecided,New]
<ShadeS> still hanging
<piotrekm> anybody knows any example of tc script /tcng file that would limit outgoing traffic on certain ports?
<uvirtbot> New bug: #531441 in apache2 (main) "[karmic] Apache crashes" [Undecided,New] https://launchpad.net/bugs/531441
<[DS]> Hello, I am going to install Ubuntu Server for 1st time ever. I have a mobile broadband connection and need to know how to connect it  through CLI.
<ShadeS> yeah
<ShadeS> numlock/caps are nonresponsive immediatly after i choose to install
<mathiaz> kees: hi - so what should be done for bug 523354?
<uvirtbot> Launchpad bug 523354 in libpam-ccreds "[MIR] libpam-ccreds" [Wishlist,Incomplete] https://launchpad.net/bugs/523354
<mathiaz> kees: it seems that this is too late for lucid as adding pam-auth-update would be a new FF
<ShadeS> Any ideass?
<StrangeCharm> can i use a wildcard in a cname or dname dns record? for instance on the dns for foo.tld "* 10800 IN DNAME bar.com."
<GhostFreeman> Stupid question, but how can I set up user directories for apache2?
<maxagaz_> hi
<LimCore> GhostFreeman: in /etc/apache2/hosts-allowed
<maxagaz_> i have just installed squid, is there a way to forward all the coming traffic (from any interface)
<maxagaz_> to squid
<LimCore> GhostFreeman: look @ example there
<GhostFreeman> thanks LimCore
<maxagaz_> in order to follow it with squidview
<StrangeCharm> what's the best way to make an ssl certificate for my domain?
<maxagaz_> with some iptable...
<GhostFreeman> LimCore: I'm not seeing a file or directory here called hosts-allowed
<uvirtbot> New bug: #531453 in euca2ools "euca-describe-instances shows state "running ", not "running"" [Undecided,New] https://launchpad.net/bugs/531453
<uvirtbot> New bug: #531455 in qemu-kvm (main) "daily server ISO install fails with a kernel OOPS in KVM" [Undecided,New] https://launchpad.net/bugs/531455
<qman__> maxagaz, http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html
<qman__> maxagaz_, ^
<LimCore> erm
<LimCore>  /etc/apache2/sites-available/
<LimCore>  and sites-enabled
<LimCore> well they are symlinks to the later
<LimCore> GhostFreeman:
<GhostFreeman> Yes
<GhostFreeman> thanks again Limcore
<uvirtbot> New bug: #531454 in samba (main) "FFE for samba 3.4.6" [High,New] https://launchpad.net/bugs/531454
<mathiaz> zul: bug 74647 -> Should the bug be marked Fixed Released?
<uvirtbot> Launchpad bug 74647 in php5 "php5-gd not using bundled GD library" [Undecided,Confirmed] https://launchpad.net/bugs/74647
<zul> uvirtbot: it should
<uvirtbot> zul: Error: "it" is not a valid command.
<zul> mathiaz: it should
<mathiaz> zul: is it part of the changelog?
<zul> mathiaz: no it isnt, i was made aware after the fact
<StrangeCharm> i'm trying to add a vserver to my site, which runs on ubuntu 9.10. i've added a new file to /etc/apache2/sites-available, run a2ensite on it, and /etc/init.d/apache2 restart. however, going to subdomain.mydomain.tld gives me an error - cannot find server. the a record for mydomain.tld points to the server's IP, and going to mydomain.tld gives me the main server. what am i doing wrong / should I be doing?
<pmatulis> re dovecot, anyone using the 'auth_worker_max_request_count' parameter?  server is throwing an error when i use it
<AnAnt_> sorry, I got disconnected
<AnAnt_> I installed & setup libpam-ccreds as mentioned in https://help.ubuntu.com/community/PamCcredsHowto. So when the machine is disconnected from the network, sudo getent passwd does show LDAP users (which are cached by pam-ccreds), yet I cannot login as an LDAP user, and I get this error: User not known to the underlying authentication
<AnAnt_> what is causing this ? I am using karmic (9.10)
<maxagaz_> qman__, squid works fine when I'm configure my browser to use it, but not if I set iptables to force all the traffic: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
<maxagaz_> I don't understand why
<maxagaz_> Does someone have the answer ?
<cyphermox> maxagaz_, my understanding is that while it's essentially an HTTP request, there is some additional stuff that happens when a browser speaks to a proxy, so you'd still need to set your browser to be using a proxy, even if with these iptables settings you could point it to port 80.
<maxagaz_> cyphermox, okay but that's exactly what I don't want
<cyphermox> maxagaz_, you want to be able to use the internet through a proxy without having to set proxy settings, right?
<mathiaz> cjwatson: hi - does the d-i support static route in preseed? Or should I use a late_command to setup static routes?
<maxagaz_> cyphermox, yes, without having to set the proxy on every bowser
<cyphermox> maxagaz_, as I look at your iptables rule though  I can't see how the traffic gets redirected to the proxy *server* although it should get sent to the right port
<cjwatson> mathiaz: you can use static network configuration and preseed a default gateway and such, but use a late_command for more complicated cases of static routes
<mathiaz> cjwatson: great - thanks
<cyphermox> maxagaz_, shouldn't the iptables rule be -t nat  -A PREROUTING -p tcp --dport 80 -j DNAT --to ip.of.squid.server:3128 instead?
<jeeves_Moss> can anyone forward a good howto for setting up virtualmin e-mail?  I've got my domains moved over to Virtualmin, but I can't get the e-mail server to work
<maxagaz_> cyphermox, it doesn't work better
<maxagaz_> cyphermox, perhaps something is wrong in my squid's conf
<jeeves_Moss> can anyone forward a good howto for setting up virtualmin e-mail?  I've got my domains moved over to Virtualmin, but I can't get the e-mail server to work
<piotrekm> when i configure traffic shaping with htb.init, i can't get a second connection on a port, why is it so?
<AnAnt> vmlintu: can you help with my problem ?
<kees> mathiaz: right, adding the pam-auth-update would require a FFe, but it is an isolated change, so I'm pretty sure it would be accepted.
<jeeves_Moss> how can I totally purge postfix out of my system?  the package is broken, and I can't use apt or even manually delete it!!
<mathiaz> kirkland: hi
<mathiaz> kirkland: can the VNET_PRIVINTERFACE setting be preseeded?
<kirkland> mathiaz: hi, not that i know of
<kirkland> mathiaz: i've never tried
<mathiaz> kirkland: ok - thanks
<kirkland> mathiaz: i'm checking the code for you now
<kirkland>         db_get eucalyptus/private-interface
<kirkland>         private_interface="$RET"
<kirkland>         set_conf_var VNET_PRIVINTERFACE "$private_interface" || true
<mathiaz> kirkland: awesome thanks
<kirkland> mathiaz: hmm, well it's at least debconfified
<kirkland> mathiaz: there might need to be 2-3 lines needed to get preseed to work
<mathiaz> kirkland: hmm... seems like the code will be called only if there are at least 2 interfaces
<kirkland> mathiaz: hmm, really?
<lamont> jeeves_Moss: "broken" how?
<mathiaz> kirkland: eucalyptus-udeb.postinst
<kirkland> mathiaz: yop
<mathiaz> kirkland: in my use case, there will be only one interface at install time
<kirkland> mathiaz: looks to me like it's called on a cluster install
<mathiaz> kirkland: right - but db_get eucalyptus/private-interface is only called if there are more than two interfaces
<mathiaz> kirkland: my use case is a CC install with only one interface, but on reboot there will a second one coming up (a vlan interface)
<mathiaz> kirkland: I want to set the private interface to be the vlan one
<kirkland> mathiaz: right
<mathiaz> kirkland: I can always overwrite eucalyptus.conf as a late_command in the preseed
<jeeves_Moss> lamont, one sec, I'll pastbin it
<jeeves_Moss> lamont, http://pastebin.ca/1821641
<Italian_Plumber> can anyone suggest somewhere I might get more targeted exposure for this question? http://ubuntuforums.org/showthread.php?t=1410891
<lamont> jeeves_Moss: what on earth have you done?  that looks like you've manually removed files from the system?
<lamont> what does this do for us:  dpkg --purge --force-depends postfix
<lamont> the assumption being that you either don't care about any config files, or have a way to recover them
<jeeves_Moss> lamont, this is a box that I inheraerated from another junior sys admin.  was working on.  and apparently, in some "brain wave", he tried to compile from source (not using the package manager), and then once that failed, he tried from the package manager, and when that failed, I got called
<jeeves_Moss> lamont, thanks.  it looks like it killed the error.
<lamont> heh.
<lamont> if you remove files from the system dpkg assumes you want them to stay gone...
<mathiaz> cjwatson: is there a limit to the lenght of the early_command string?
<sherr> Italian_Plumber: I wuld (as was said) try a new SATA cable. If that doesn't help, another SATA card (I think they are very cheap).
<sherr> *would
<sherr> Cheap SATA - I mean the "StarTech" models ...
<Italian_Plumber> I should modify the post to mention that I ahve tried another SATA cable.
<Italian_Plumber> I've seen in several places that it's hard to find a "good" SATA cable -- any creedence to that?
<Italian_Plumber> Is there any thing specific I should look for in a new card?
<uvirtbot> New bug: #531555 in php5 (main) "php5-cli isn't compiled with SQLite support" [Undecided,New] https://launchpad.net/bugs/531555
<sherr> Italian_Plumber: I think I have a StarTech PCI in a server I have. Adding 2 internal SATA to an old machine for RAID1. It works fine - and was only Â£8 or something ($10 or so). Try another one perhaps?
<Italian_Plumber> another of the same model?
<Italian_Plumber> you don't see errors like this in your syslog?
<sherr> No. It isn't a "quality" card - I don't know the model but lspci says "ALi M5281"
<sherr> The server is not "critical" though - just a bit of backup (+Jabber)
<Italian_Plumber> well I don't keep critical data on this drive either.
<Italian_Plumber> something like this/ http://tinyurl.com/yfwrwwz
<Italian_Plumber> ?
<eekeek> I have a basic Xubuntu 9.10 server. I want to achieve case insensitive urls. I have mod_rewrite installed and working with a .htaccess file inside the /www folder. But I do not know how to configure the correct apache file. Can someone suggest a good step-by-step tutorial?
<cjwatson> mathiaz: it's passed to sh -c, so I think that would be the only limit; brief experimentation suggests that the limit is on the order of 128KB
<sherr> sherr: Looks OK (I have URL shorteners). I wanted mostly SATA ports inside, didn't care about "RAID capability" expense, I ma using MD RAID.
<hggdh> who usually deals with libc/locale bugs?
<zul> kirkland: which git branch should i be pulling from for the daily-vccs spec?
<zul> hggdh: someone on the foundations team
<kirkland> zul: for what? qemu-kvm?
<zul> kirkland: yep
<kirkland> zul: well, there's two of interest ...
<kirkland> git clone git://git.kernel.org/pub/scm/virt/kvm/qemu-kvm.git
<kirkland> git clone git://git.savannah.nongnu.org/qemu.git
<kirkland> zul: one is kvm, and the other is qemu
<kirkland> zul: the first is "more important" to us
<zul> erm ok
<Italian_Plumber> is there a command-line utility that can make an ISO from a CD/DVD?
<smoser> Italian_Plumber, readom
<uvirtbot> New bug: #531571 in eucalyptus "Metadata service not documented" [Undecided,New] https://launchpad.net/bugs/531571
<Italian_Plumber> smoser: Thanks!  I knew it had to be easy
<jeeves__> how can I get my virtualmin install to config my e-mail servers corectly?  I have Dovecot and Postfix, and I can't get the servers to set up properly for ANY e-mail boxes (the servers are running, but I can't log in)
<MTecknology> what's the default mail client to queue email for sendmail?
<MTecknology> for /usr/bin/mail
<Stargaze> using dynDNS, how can I reach the URL associated to the IP address?
<jeeves__> Stargaze, what are you trying to do?
<Stargaze> display index.html in /var/www
<Stargaze> over the internet, not LAN
<jeeves__> how is your network setup?  are you behind a router?
<Stargaze> yes
<Stargaze> I think the issue is port forwarding
<jeeves__> port 80 forwarded to the box?
<jeeves__> www.portforwarding.com
<Stargaze> it says: trigger port 80 - public port 80, both tcp
<jeeves__> first off, see if you can hit the box internally on port 90
<jeeves__> *80
<Stargaze> *80?
<Stargaze> ah on port 80
<jeeves__> just use "http://<box's internal IP>"
<jeeves__> do you see the web page you have hosted in /var/www ?
<Stargaze> ok
<Stargaze> moment
<Stargaze> yes
<jeeves__> ok, if you can see the webpage internally, give me the dDNS name and I'll look from here
<Deeps> Hi, I had a question regarding security of using samba over unsecured wan links
<Stargaze> it's gbachot.homelinux.com
<Deeps> ie, how (in)secure is it connecting to a samba server from a windows host?
<jeeves__> Stargaze, one sec.
<jeeves__> Stargaze, can you check your IP @ www.whatismyip.com please
<Stargaze> isn't that potentially dangerous?
<jeeves__> Stargaze, I want to see what the ddns is resolving to
<Stargaze> ok moment
<jeeves__> Stargaze, if you ping gbachot.homelinux.com, you'll get the IP.  I just want to make sure that the dDNS name resolves to your IP.  if it does, and you can hit the box internally, then you've got a problem with your router mappings
<Stargaze> its 81.247.191.178
<jeeves__> Stargaze, ok, same here.
<jeeves__> Stargaze, one sec.  I'll port scan you to see what's open
<Stargaze> what do you see?
<Stargaze> tnx
<jeeves__> Stargaze, you'll see a bit of data on your end
<Stargaze> where?
<jeeves__> Stargaze, on your WAN
<jeeves__> Stargaze, you're in holland, right?
<Stargaze> belgium
<jeeves__> Stargaze, ahhh.
<jeeves__> 178.191-247-81.adsl-dyn.isp.belgacom.be
<Stargaze> yes .be means belgium
<jeeves__> Stargaze, it looks like your port forwarding didn't work.  NOTHING is open on that IP
<Stargaze> that's what i thought
<jeeves__> Stargaze, we've got Belgium draft horses and flemish giant rabbits!
<Stargaze> is that so!!
<Stargaze> how very nice :)
<jeeves__> thanks.
<jeeves__> ok, model of router?
<Stargaze> it's a kind of  clone, one moment
<jeeves__> kk
<jevidl> Stargaze: jeeves__: While evesdropping on your conversation, it occurs to me that the ISP might be blocking port 80 as well. There are ways to work around it, but that also could be the problem beside incorrect port forwarding.
<jeeves__> jevidl, this is true.  I'm just checking to see what he has open first.  the port scan showed up with everything blocked, so if I could see one hole, I would suspect the same thing.
<Stargaze> it's a b-box, but it has the same interface as another router, i don't remember which
<jeeves__> star
<jeeves__> Stargaze, do you have ANY ports open on it?
<Stargaze> it's a philips
<Stargaze> i'm new to router configuration
<jeeves__> Stargaze, ok, if you know it's a clone, you'll have to double check the config on www.portforward.com.  once you've got that done, drop me a line, and I'll have a look @ it again.
<jeeves__> Stargaze, the problem is unless I know what make/model it is, and I can google it, I can't help you
<Stargaze> it's Philips SNA 6500
<jeeves__> Stargaze, www.portforward.com
<Stargaze> yes, i found it there
<jevidl> jeeves__: I need to get going, but a simple way to test the isp blocking theory would be to setup a mapping of 80 - 8080 (or something else high), for LAN port - Public port
<jeeves__> jevidl, yep.  That's what I'm trying to get him to test
<jevidl> assuming of course that port 80 doesn't start working :)
<jevidl> jeeves__: cool, good luck to you both :)
<Stargaze> this is what i find http://portforward.com/english/routers/port_forwarding/Philips/SNA6500-18/Http_File_Server-HFS.htm
<Stargaze> LAN port and public port are both 80, TCP and checked
<Stargaze> ubuntu network tool shows that port 80 as open
<stgraber> my guess would be that your ISP simply doesn't allow incoming traffic on port 80, it's surprisingly quite common
<Stargaze> damn isp
<Stargaze> thanks for the assistance :)
<cemc> is wiki.ubuntu.com down ?
<jeeves__> cemc, times out here
<cemc> same here
<Hypnoz> I have some nfs mounts in fstab that don't exist, and won't time out. anyone know how to make those processes die?
<Hypnoz> df hangs forever, lsof hangs forever, even ls in the folder the mount points are in hangs
<mathiaz> kirkland: does the default UEC configuration use VLANs?
<mathiaz> kirkland: I'm referring to the default network modem
<mathiaz> kirkland: *mode*
<mathiaz> kirkland: ok - found the answer: VNET_MODE="MANAGED-NOVLAN"
<mathiaz> jdstrand: hi!
<mathiaz> jdstrand: what's the iptables syntax to exclude a range of IP?
<mathiaz> jdstrand: I'd like to say: for all the destination ips *not* on the 10.55.55.0/24 network
<jdstrand> mathiaz: something like '-d ! 10.55.55.0/24' should do it
<mathiaz> jdstrand: awesome thanks
<mathiaz> jdstrand: and the new syntax is ! -d 10.55.55.0/24
<mathiaz> jdstrand: -d ! 10 ...
<mathiaz> jdstrand: ^^ is deprecated FYI
<jdstrand> mathiaz: cool, thanks
<kirkland> mathiaz: right, novlan is default
<kirkland> smoser: http://linux.slashdot.org/story/10/03/03/1947235/Ubuntu-Desktop-In-the-Cloud?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29
<kirkland> smoser: well done ;-)
<ShadeS> hey
<ShadeS> I select install ubuntu, and all i see is a flashing _
<ShadeS> any ideas?
<ivoks> kees: oh no, you burried libesmtp :)
<kees> ivoks: yeah, sorry about that.
<kees> but it's pretty busted.
<ivoks> yeah, it's unmaintained
<ivoks> i'm thinking on building pacemaker without support for it
<kees> works for me
<ivoks> and work on replacing libesmtp with something else for lucid+1
<ivoks> work with upstream on that
<ivoks> hopefully, we could include that in lucid as a SRU :)
#ubuntu-server 2010-03-04
<ShadeS> any idea
<majuk> Hey guys. Recently, my Samba server totally stopped enforcing file/folder permissions for my domain users. Permissions at the system level are working as intended. Help.
<majuk> http://paste.ubuntu.com/387947/ <-- smb.conf
<smoser> kirkland, yeah, i just saw that.
<ShadeS> any ideas on this issue?
<majuk> Ooooh, the 'force group' parameter is a sneaky little bugger
<uvirtbot> New bug: #531646 in vm-builder (universe) "vm build using --raw and LVM logical volume doesn't boot because of Grub install error" [Undecided,New] https://launchpad.net/bugs/531646
<glphvgacs> lookin for a oneliner, tried this: enabling Restricted proprietary drivers cli site:help.ubuntu.com
<Overand> Is there a 'sane' way to use libvirt / virt-manager to handle bridged networks, or is it a matter of configuring the machine's XML file to manually prod the "br0" (or whatever) interface?
<persia> Overand: I do nothing at all to configure bridged networks, and it just works for me.
<persia> (using virt-manager to define the guests)
<persia> Make sure you have a virbr0 interface reported in ifconfig -a
<Overand> persia: from what I can tell, the 'vibr0' interface is used for the NAT stuff
<Overand> But - this is admittedly a pre-release ubuntu-server 10.04 machine, managed from virt-manager on my arch-linux workstation for the moment =]
<persia> Ah.  My guests are on the same machine as my virt-manager.  I'm unsure how to help you with the remote model.
<Overand> persia: Based on what little I read here, a 'bridge' network seems to be handled differently than a standard 'network' http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
<Overand> persia: I'm not sure if that's the issue or not.
 * persia either
<Overand> It would make sense, though.
<Overand> hm
<Overand> I wonder if I could use some commandline apps rather than 'virt-manager' - and instead of editing the XML files
<Overand> virsh maybe
<Overand> persia: so you've got guests running - without NAT - on the same physical segment as the host?
<RoAkSoAx> zul, how do I test the apport hooks?
<zul> STAGING=1 ubuntu-bug <name of apport hook>
<Overand> I've got that sort of bridge working, but I had to manually stuff it into the XML file for the machine!
<RoAkSoAx> zul, by STAGING=1 you mean to set that environmen variable?
<zul> yep
<persia> Overand: No.  I have guests running with NAT.
<RoAkSoAx> zul, ok thanks
<Overand> persia: Oh.  That's why I specified 'bridged'
<Overand> bridged != NAT
<persia> Sorry.  My misunderstanding.
<RoAkSoAx> zul, and do I just test "ubuntu-bug package.apport" or should I install the package and do that?
<zul> i would install the package
<RoAkSoAx> zul, ok will do that way then, thanks ;)
<RoAkSoAx> zul, what if a package a binary package has 2 daemons. How will the hook change?
<zul> you can do it with the source package name
<RoAkSoAx> zul, yeah but each daemon has different conf file
<RoAkSoAx> i mean
<RoAkSoAx> net-snmp has two binaries, snmpd has 2 daemons, snmpd and snmptrapd
<RoAkSoAx> each with different conffiles
<zul> so do a source_net-snmp.py
<RoAkSoAx> zul, and then a add_info_snmpd function, then add_info_snmptrapd function and so on?
<zul> yep
<RoAkSoAx> cool I'll do that thanks
<maxagaz> how to set default runlevel for a service ?
<RoAkSoAx> zul, the apport hook must only be as root? Because in my tests says it cannot attach the conffile because of permissions
<noty> Hello!
<noty> Where can I find documents or ebooks about Ubuntu server?
<twb> noty: apt-get install ubuntu-serverguide
<noty> :)
<noty> Thank you!
<noty> I'll try now
<Error404NotFound> i have a bit general question regarding webserver behavior, anybody would mind if i ask it in here?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<Error404NotFound> twb, my question was a bit different of "anyone" though :P, okay here comes the questions.
<twb> How about: "Don't ask to ask unless you're prepared to ask to ask to ask"
<persia> That just encourages recursion and useless traffic :)
<persia> Anyone is always free to ask, and lots of folk read backscroll, so waiting can get an answer hours later sometimes.
<Error404NotFound> I am trying to setup a cookie-less domain to serve static content. Say i own abc.com and abc.net, both domain are defined in single vhost. If i use abc.net would it become cookie-less? or do i still need cname here?
<Error404NotFound> if i use abc.net to load css and images*
<persia> CNAME is only vaguely related to cookies in the sense that most browsers won't send a cookie to domains other than those from which they came.
<persia> s/most/many/
<Error404NotFound> yes, but all traffic on abc.com will use the cookie which is set to domain=abc.com or in worst case for subdomains as well, i think even though both domain use single vhost, due to tld difference it would be cookie-less.
<Error404NotFound> So my colcusion is using cname for a cookie-less domain is same as use "A" record, and adding the other domain as ServerAlias in vhost config.
<twb> I have also seen stuff like no-cookies.example.net being a cname for www.example.net
<persia> I think the important point is not how the DNS server is configured, but what URL the webserver reports back to the browser.
<twb> Yeah
<persia> That may depend on the DNS configuration, but whether it does or not depends on the webserver configuration.
 * persia does not happen to know the defaults
<jiboumans> morning
<uvirtbot> New bug: #531779 in samba (main) "package libwbclient0 2:3.4.0-3ubuntu5.4 failed to install/upgrade: il sottoprocesso dpkg-deb --control ha restituito lo stato di errore 2" [Undecided,New] https://launchpad.net/bugs/531779
<uvirtbot> New bug: #499389 in bacula (main) "karmic->lucid auto-ugprade test failure" [High,Triaged] https://launchpad.net/bugs/499389
<TeTeT> server live migration seems to work with libvirt on Lucid, yeah :)
<Jeeves_> TeTeT: I'm going to try that later on :)
<TeTeT> Jeeves_: worked fine with virsh on the command line and seems to work even with virt-manager
<Jeeves_> TeTeT: I just tested with karmic -> lucid, that didn't work
<Jeeves_> But than again, I've never seen it work :)
<TeTeT> Jeeves_: yep, I tested karmic last week and it wasn't working
<Jeeves_> Ah, ok.
<Jeeves_> That gives me hope :)
<jayvee> The netboot image doesn't seem to come with IPv6 support â is this intentional?
<jayvee> I just spent absolutely ages trying to add IPv4 support to my network because I finally figured out why my netboot ISO wouldn't install on my IPv6-only network.
<TeTeT> jayvee: bummer
<eekeek> Xubuntu 9.10 localhost server. One virtual host setup. Put a 'RewriteMap' as one of rules in the sites-enabled for the virtual host. Tried to reload apache which returned an error 'RewriteMap not allowed here'. Where can 'RewriteMap' go - httpd.conf?
<jayvee> TeTeT: indeed
<Jeeves_> jayvee: I wanted to create a bug for that!
<Jeeves_> I noticed it too, last week.
<Jeeves_> I don't think it intentional, just clueless :)
<jayvee> go knock yourself out :-)
<jayvee> launchpad is a-waiting
<Jeeves_> jayvee: i'm not really in the mood :)
<jayvee> I think all it needs is the ipv6 kernel module
<jayvee> everything else seems to be there
<persia> Probably an oversight, rather than cluelessness.  I'm sure there are folk who know *how* to do it.
<jayvee> ubuntu-vm-builder keeps crashing for me, and is buggy as hell. Is there a more rapid way to deploy VMs than the netboot image when vm-builder isn't an option?
<Jeeves_> persia: cluelessness as in 'ipv6 is nowhere in our prioritylist'
<Jeeves_> jayvee: How is it crashing?
<jayvee> bleh, I closed the terminal already
<jayvee> it was crashing in a grub step
<jayvee> so it got 99.999% of the way, and then bombed out and deleted the whole lot
<Jeeves_> Ah, are you trying to directly install onto an device?
<persia> Bah.  Just because one person doesn't make it a priority doesn't mean someone else can't.  Just about anything in Ubuntu is subject to fixing by anyone who wants to fix it.
<jayvee> Jeeves_: into a disk image
<Jeeves_> jayvee: Hmm.
<jayvee> to be placed into libvirt, but it didn't get to the libvirt stage
<jayvee> let me run it again
<Jeeves_> I've seen Grub having issues when I tried to install directly to an iscsi-disk, not to an image
<jayvee> running now: $ sudo ubuntu-vm-builder kvm lucid -m 512 --libvirt=qemu:///system -d /mnt/terror/jeremy/VM/lucid --hostname=lucid
<jayvee> I'll get back to you when it finished
<jayvee> the -d option doesn't work, btw
<jayvee> actually, tbh, haven't tested the -d option successfully in the lucid version of vm-builder, as I've not got a vm to build yet :)
<jayvee> actually, looks like it *is* caused by the libvirt component â my mistake
<jayvee> AttributeError: 'Libvirt' object has no attribute 'vm'
<jayvee> I'd hazard a guess a fix would be s/Libvirt/libvirt/, but not sure
<jayvee>   File "/usr/lib/python2.6/dist-packages/VMBuilder/plugins/libvirt/__init__.py", line 54, in preflight_check
<jayvee>     if hostname in self.all_domains() and not self.vm.overwrite:
<jayvee> doesn't like the "self.vm.overwrite". trying again with that bit deleted.
<jayvee> bleh heh heh
<jayvee> VMBuilder.exception.VMBuilderException: Process (['sed', '-ie', 's/^# kopt=root=\\([^ ]*\\)\\(.*\\)/# kopt=root=UUID=cdf0293f-032c-43ac-a4a2-da4a5775834f\n1.0\next4\nfilesystem\\2/g', '/tmp/tmp18YkH0/boot/grub/menu.lst']) returned 1. stdout: , stderr: sed: -e expression #1, char 84: unterminated `s' command
<jayvee> and now I get that
<jayvee> I don't call vm-builder buggy as hell for nothing
<ivoks> so, installing lamp-server doesn't restart apache2 after installation
<ivoks> it should, cause otherwise php5 module isn't loaded
<eekeek> Should mod_rewrite rules be inside a <IfModule mod_rewrite.c> container?
<Jeeves_> eekeek: Only if you want apache to start even though that module isn't loaded
<eekeek> i see. I'm having trouble with RewriteMap. Upon reloading apache I get "RewriteMap not allowed here"
<eekeek> I thought I might need a container, but I guess not.
<uvirtbot> New bug: #531854 in bind9 (main) "bind9 will not install on a clean system" [Undecided,New] https://launchpad.net/bugs/531854
<Stargaze> my Network Tools show that port 80 is open, I have local access to my second PC, but not over the internet
<Stargaze> hints & tips please?
<jayvee> Stargaze: what exactly is the problem?
<jayvee> do you want to know what process is opening port 80?
<jayvee> $ sudo fuser -v 80/tcp
<Stargaze> i want to display index.html in /var/www
<jayvee> so it works when you browse to http://localhost/ right?
<Stargaze> when i go to the local ip adress
<Stargaze> forgot to mention: i'm using DynDNS
<jayvee> okay, and you have port forwarded port 80 to that machine with your router?
<Stargaze> yes
<jayvee> can I try to browse to it?
<Stargaze> try 81.241.46.249
<Stargaze> that's my current IP address
<jayvee> Stargaze: I'm getting an error âICMP administratively filteredâ
<jayvee> so Iâd say that itâs a firewall problem
<Stargaze> i guess my ISP blocks all ports
<Stargaze> that's sh*
<Stargaze> brb
<jayvee> not necessarily
<persia> Um, ICMP should not affect other stuff.
<persia> There'S no reason why TCP/UDP/GRE/etc. shouldn't work just because ICMP is blocked.
<jayvee> nope, you misunderstand
<jayvee> I tried to access him via TCP port 80, and got an ICMP error in response
<persia> Oh.  heh.
<jayvee> Stargaze: my ISP by default blocks port 80 too, but they let me unblock it if I log onto the ISP control panel.
<jayvee> Maybe yours will let you too.
<jayvee> Stargaze: Iâm only getting the ICMP error when accessing on port 80. If I try ports 12000 or 81, I get RST packets, so itâs definitely a port-specific block.
<jayvee> persia: oops, I see where you misunderstand â my fault. I should have written âICMP: communication administratively filteredâ. I forgot the âcommunicationâ part. ;)
<persia> Yes.  THat would have made more sense :)
<persia> The first message usually means that a ping was blocked, the second indicatse that something else was blocked.
<persia> (although the first could also be a trapped response to a block on the second, etc.)
<Stargaze> jayvee: just contacted my IP, they do not allow setting up personal servers
<jayvee> ouch
<Stargaze> IP =ISP
<jayvee> Might want to look at somebody like Rollernet.
<Stargaze> i live in Belgium, Europe
<persia> Or use port 81
<Stargaze> ah, is that possible?
<jayvee> Iâd change ISP if I were you. :)
<jayvee> Stargaze: yes, edit /etc/apache2/ports.conf
<Stargaze> they provide my tv too :)
<jayvee> and /etc/apache2/sites-available/default, I think
<jayvee> and obviously edit the settings on your router. :)
<Stargaze> not better with port 81 :(
<merlijn-> Hi, I'm trying to get 10.04 alpha3 to work in a VMWare ESX setup, however after installationg it won't boot and grub complains of "error: no such disk"
<jayvee> did you run âservice apache2 restartâ?
<jayvee> Stargaze: did you run âservice apache2 restartâ?
<jayvee> merlijn-, does grub actually load?
<jayvee> like, do you see the kernel list, and so on?
<merlijn-> jayvee: nope, it just says Grub loading...
<merlijn-> then it gives me the error
<jayvee> merlijn-: have you tried changing the disk type? is it scsi or ide? lsi logic or buslogic?
<merlijn-> jayvee: it is a SCSI disk currently and VMWare bios is recognizing it
<jayvee> try changing to ide just temporarily
<jayvee> or doesn't ESX support ide disks?
<jayvee> I donât remember. The server in my garage running ESX hasnât been powered on since 2007 because it chewed too much power. :-)
<Stargaze> modified both files and the router to *81, but not better
<Stargaze> darn ISP
<jayvee> Stargaze, you restarted apache?
<jayvee> run sudo fuser -v 81/tcp
<Stargaze> oops :s
<Stargaze> ok, done
<Stargaze> not better
<jayvee> Stargaze, does fuser say anything is listening on port 81?
<Stargaze> I just type fuser to find out?
<jayvee> sudo fuser -v 81/tcp
<Stargaze> it did not say anything
<jayvee> then apache isn't configured correctly
<Stargaze> ah
<jayvee> did you edit the config files?
<Stargaze> i edited /etc/apache2/ports.conf and the default in sites-available
<merlijn-> jayvee: okay tried different controllers without luck, to switch to IDE disks I have to do a complete reinstall (can't transition a virtual disk from SCSI to IDE)
<jayvee> merlijn-: ouch
<jayvee> ubuntu must support the disk if it installed to it
<jayvee> maybe grub just doesn't
<jayvee> but grub only uses the bios
<merlijn-> yea, grub2 is a pain :(
<jayvee> grub doesn't care what disk type it is
<jayvee> oh, it's grub2!?
<jayvee> ouch
<jayvee> ouch ouch
<jayvee> you said it bro
<merlijn-> iirc 10.04 uses grub2 by default
<merlijn-> to boot from ext4 partitions
<jayvee> even the simplest things are so complicated in grub2
<jayvee> like moving Windows to the top of the list
<jayvee> you mv 40_os-prober to 0001_os-prober
<merlijn-> might be the right time to dust off LILO of GPXE :P
<merlijn-> or*
<jayvee> and pray that they don't update the grub-pc package, because /etc/grub.d/40_os-prober is owned by the grub-pc package
<jayvee> heh
<jayvee> or grub1
<jayvee> grub 0.97, that is
<merlijn-> grub1 will not boot ext4 unless you apply some patches
<jayvee> which ubuntu have done
<jayvee> thankfully
<jayvee> the grub1 in 9.04 and up support ext4
<merlijn-> I wouldn't really consider those patches stable :P
<Stargaze> merlijn-: http://kezhong.wordpress.com/2009/07/02/converting-ext2-filesystems-to-ext3ext4/
<Stargaze> (ik ben ook nederlandstalig)
<merlijn-> hmm, could have sworn that 9.10 boots off ext2 with root on ext4
<pts_> Any comments on what would be the best password backend for samba against AD Server 2008r2; idmap_ldap or idmap_ad, need it to give least possible user management in the long run.
<merlijn-> Stargaze: I have no intention to migrate my filesystem, thank you
<jayvee> merlijn-: nope, in fact my /boot is ext3 because I installed this system during the 9.04 alphas, before grub1 supported ext4
<jayvee> but subsequent systems I installed definitely used grub1 + ext4
<jayvee> including a few VMs on here
<merlijn-> hmm, http://news.softpedia.com/news/GRUB-2-The-New-Boot-Loader-in-Ubuntu-9-10-113671.shtml
<merlijn-> looks like 9.10 was already using grub2
<jayvee> it is
<jayvee> merlijn-: why not chroot in and install grub1 instead?
<merlijn-> funnily enough, 9.10 just boots right away with the same config on the vmware ESXi cluster
<jayvee> or maybe re-run grub-install
<merlijn-> jayvee: too much hassle for a release that's in alpha stage :)
<jayvee> oops, yeah, forgot
<merlijn-> anyway, time to grab some lunch - thanks for your help jayvee
<jayvee> time for me to grab some shuteye :-)
<jayvee> right after I've done testing these images, anyways
<merlijn-> good night then :)
<jayvee> :)
<Jeeves_> Is anyone else having issues with Lucid, server and X-forwarding?
<pmatulis> Jeeves_: you'll need to be more specific
<Jeeves_> pmatulis: I've got xauth and ssh installed
<jayvee> and doesnât Jeeves normally have the *answers*, not the questions? ;-)
<jayvee> *weâre* supposed to Ask Jeeves. ;-)
<Jeeves_> 'normally', if you login, you get a message like '.Xauthority created'
<Jeeves_> On Karmic, that's broken as you need to add '-4' to the sshd-options, otherwise X-forwarding doesn't work
<Jeeves_> On lucid, it doesn't seem to work at al;
<jayvee> are you referring to âssh -Xâ? because I use that all the time.
<Jeeves_> jayvee: Yes, that's what I'm referring to
<jayvee> admittedly not on lucid, but it works on karmic no trouble
<jayvee> I have no idea what -4 even does, let alone have to use it.
<jayvee> oh, right, forces IPv4
<Jeeves_> jayvee: Like I said, I've got the issue with lucid ..
<jayvee> of course
<jayvee> um
<jayvee> are you trying to connect via DNS name or IP address?
<Jeeves_> How would that matter?
<jayvee> because you could be suffering from the broken DNS forwarder problem
<jayvee> on Karmic, that is
<Jeeves_> 'broken DNS forwarder'?
<Jeeves_> (logging in on ip doesn't help, btw)
<jayvee> right
<jayvee> hmm, not really sure
<jayvee> I presume $DISPLAY is being set
<jayvee> from within the ssh -X session, type "echo $DISPLAY"
<jayvee> it should say localhost:10.0
<Jeeves_> No, it isn't
<Jeeves_> Also, xauth is being run
<jayvee> try export DISPLAY=localhost:10.0
<Jeeves_> Doesn't work\
<jayvee> tried it, I spose
<jayvee> hmm
<Jeeves_> I've been around long enough to try that stuff :)
<jayvee> well I'm about to fall off this chair
<jayvee> I need zzzz's :)
<jayvee> good luck with your problem
<Jeeves_> Failed to allocate internet-domain X11 display socket.
<Jeeves_> debug1: x11_create_display_inet failed.
<henkjan> Jeeves_: lucid ubuntu-desktop install x-forwarding works
<Jeeves_> Got it
<Jeeves_> henkjan: it's again the -4 switch, but somehow, /etc/init.d/ssh doesn't seem to pass that option to sshd
<zul> morning
<Jeeves_> Hi zul
<Rada> Hello!
<Rada> Has anyone ever tried bridging a bonded interface?
<Rada> I'm largely unsuccessful...
<Rada> when I try doing it through the interfaces conf file, my system crashes and starts coredumping to the point of being completely unusable (couldn't even log in, had to use the rescue cd)
<Rada> http://ubuntu.pastebin.com/qU0wdAvn
<Rada> ^ this got -server 9.10 to really fuck up
<uvirtbot> Rada: Error: "this" is not a valid command.
<Rada> sorry uvirtbot, I wasn't talking to you.
<Jeeves_> bridging a bonded interface?
<Jeeves_> Sounds yukkie :)
<Rada> :)
<Rada> I've had good luck doing this with vmware-server... but now I'm trying to convert to kvm
<Rada> and kvm won't let me "just use" my bonded interface
<Rada> Yay! Got it working.
<Jeeves_> ok, so ssh in Lucid is broken
<Jeeves_> cjwatson: Awake?
<Stargaze> about my DynDS issue, i need a Bussiness subscription for my personal webserver
<cjwatson> Jeeves_: mm?
<cjwatson> Jeeves_: broken how?  works for me
<cjwatson> actually, let me upgrade before saying that
<Jeeves_> :)
<cjwatson> I didn't change that much though
<cjwatson> not user-visibly anyway
<Jeeves_> cjwatson: I tried to restart sshd using /etc/init.d/ssh
<cjwatson> DDTT
<Jeeves_> Which seems to work, but actually doesn't
<cjwatson> why not use the upstart job?
<Jeeves_> Pick either one, but please don't use them both :)
<cjwatson> I have no option.  /etc/init.d/ssh is for the benefit of people running sshd in a chroot, since upstart doesn't work there
<cjwatson> use 'restart ssh' outside a chroot
<Jeeves_> Well, this is very weird, if you ask me
<cjwatson> and we need the upstart job for other things depending on it
<cjwatson> once upstart works in a chroot, it'll be de-weirdified
<Jeeves_> We're using /etc/init.d for years, we think of something new (which is fine by me), but than we finish it half, so we use two methods?
<cjwatson> not my fault
<cjwatson> feel free to file a bug on openssh saying that /etc/init.d/ssh should spot that you're using upstart and do the right thing
<Jeeves_> cjwatson: Where should I configure the defaults for ssh ?
<cjwatson> that would make sense, imo
<cjwatson> Jeeves_: /etc/init/ssh.conf
<cjwatson> or sshd_config of course
<Jeeves_> argh
<Jeeves_> So now we're back to editing configfiles that originate from packages?
<cjwatson> it's a design feature of upstart that jobs are simple enough that editing them directly isn't going to create the sort of hideous conflicts that editing /etc/init.d/ssh used to, so we shouldn't need the /etc/default/ssh indirection layer
<cjwatson> uh, that's nonsense
<cjwatson> /etc/default/ssh originated from a package too
<cjwatson> it was split out due to the complexity of editing /etc/init.d/ssh correctly
<cjwatson> not in order to avoid editing conffiles
<Jeeves_> But if I was to upgrade ssh now, would that end up in a message saying 'you changed a configfile' ?
<cjwatson> not if /etc/init/ssh.conf didn't change
<cjwatson> you'd have got such a message if I changed /etc/default/ssh in the package
<cjwatson> so this is something of a red herring
<Jeeves_> But it did (because ssh 'needs' the -4 switch to get X-forwarding to work)
<cjwatson> I mean if it didn't change in the package
<Jeeves_> ok. Well.
<Jeeves_> If I may give Canonical some feedback:
<cjwatson> you could also use 'AddressFamily inet' in /etc/ssh/sshd_config, and avoid having to edit /etc/init/ssh.conf or /etc/default/ssh at all
<Jeeves_> 1: Good work on upstart
<cjwatson> which is almost certainly easier
<Jeeves_> 2: Please don't mess up like you're doing now
<cjwatson> I don't think we're messing up; I respectfully disagree
<Jeeves_> You may.
<Jeeves_> Me, as a user, think you're messing up :)
<cjwatson> I have given you reasons, corrected your misunderstandings, and given you an alternative
<Jeeves_> I, as a user, that is :)
<cjwatson> I was also there when /etc/default/ was introduced in Debian, and I remember the reasons for it
<cjwatson> and I truly don't think they apply nearly as strongly as they did
<zul> ttx: are you busy tomorrow (ha ha)
<ttx> zul: ha ha... why
<zul> ttx: wanna schedule the samba bug zapping thing tomorrow?
<ttx> zul: no, I want to plug a bugday for triaging first
<zul> ttx: ok sounds good
<ttx> not sure when Pedro will be available for that
<cjwatson> Jeeves_: I think it would be an excellent idea to help out people who try to use /etc/init.d/ssh (or invoke-rc.d) without realising that it's switched to upstart, and I would definitely appreciate a bug report for that
<Jeeves_> cjwatson: So I will file it. But what's that issue with chrooting that still requires it?
<Jeeves_> En why isn't that just fixed?
<cjwatson> because it's extremely hard work in upstart
<Jeeves_> s/En/And
<Jeeves_> En == Dutch :)
<cjwatson> many people want to run sshd in a chroot, for one reason or another
<cjwatson> upstart can't yet manage services running in chroots
<Jeeves_> it might, but this creates a lot of fuzzyness
<cjwatson> so /etc/init.d/ssh is there so that people can start it the old-fashioned way
<Jeeves_> but you actually can't
<Jeeves_> Because it's allready running
<Jeeves_> And it's not complaining
<cjwatson> sure you can - just pick a different port
<cjwatson> this is not a terribly unusual configuration
<Jeeves_> It doesn't complain in any way.
<cjwatson> it probably does in auth.log
<cjwatson> but are you talking about running /etc/init.d/ssh *outside* a chroot?
<Jeeves_> I'm not doing anything fancy.
<cjwatson> could you just say yes or no :)
<Jeeves_> The default is outside a chroot? Than yes.
<cjwatson> right.  then that's just part of the bug I asked you to file
<cjwatson> there's no reason /etc/init.d/ssh couldn't spot that the service is being managed by upstart and pass requests through to it in that case, given that we have to dual-run for a while for other reasons
<cjwatson> I'd be happy to make that change, I just need a reminder of it since I'm doing some other things at the moment
<cjwatson> running inside a chroot is a more complicated case that we can't handle any other way at the moment, which is why we still need the init script - but we can make it less confusing
<Jeeves_> Thanks
<Jeeves_> bug 531912
<uvirtbot> Launchpad bug 531912 in openssh "[LUCID] /etc/init.d/ssh seems to work, but actually upstart is used." [Undecided,New] https://launchpad.net/bugs/531912
<Jeeves_> Also, do you have a clue why x-forwarding is broken, unless you disable ipv6?
<Jeeves_> It's not really an issue on this specific box, but we're using ipv6 in production here. :)
<cjwatson> I think there is a bug about that somewhere; I'll see if I can find time to deal with it before lucid
<cjwatson> if you could get me ssh -vvv output from an affected system, that wouldn't hurt
<Jeeves_> sure, got a bugnr where you want that in?
<cjwatson> it *might* be bug 434799, but perhaps better to just file a new one
<uvirtbot> Launchpad bug 434799 in openssh "X11 forwarding via SSH does not work after upgrade to karmic" [Low,Confirmed] https://launchpad.net/bugs/434799
<bogeyd6> ive been a member in launchpad since 2007, yet i have 0 karma points
<cjwatson> bogeyd6: karma is related to recent activity
<bogeyd6> yup
<bogeyd6> hence my depression
<cjwatson> bogeyd6: https://help.launchpad.net/YourAccount/Karma
<cjwatson> ah :)
<bogeyd6> when i got a new job and couldnt document anymore , but now its changed a bit
<cjwatson> also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422327
<uvirtbot> Debian bug 422327 in openssh-server "openssh-server: Fails to bind port for X11 forwarding, ipv4/ipv6 mess" [Normal,Open]
<bogeyd6> i confirmed a bug this morning!
<uvirtbot> New bug: #531912 in openssh (main) "[LUCID] /etc/init.d/ssh seems to work, but actually upstart is used." [Undecided,New] https://launchpad.net/bugs/531912
<cjwatson> also https://bugzilla.mindrot.org/show_bug.cgi?id=1457
<Jeeves_> cjwatson: I've added debug info to bug 434799
<uvirtbot> Launchpad bug 434799 in openssh "X11 forwarding via SSH does not work after upgrade to karmic" [Low,Confirmed] https://launchpad.net/bugs/434799
<uvirtbot> bugzilla.mindrot.org bug 1457 in sshd "X11 Forwarding doesn't work anymore on a solaris 10 host where ipv6 has not been enabled" [Major,New]
<cjwatson> there is a patch there, but I would have to sit and think very hard about it despite its shortness :-)
<Jeeves_> :)
<Jeeves_> 'disable ipv6'
<Jeeves_> is that it? :P
<cjwatson> we need to make ipv6 work, not disable it
<cjwatson> and no, that isn't the patch :)
<cjwatson> it sounds as if it happens on systems that have ipv6 sort of halfway configured
<Jeeves_> That's what Fabio would do! :)
<Jeeves_> cjwatson: I've got machines to debug, if needed :)
<cjwatson> I've reproduced it
<cjwatson> 'sudo ip addr del ::1 dev lo' is sufficient to reproduce the problem
<cjwatson> ('sudo ip addr add ::1 dev lo' to restore previous state on my machine)
<Jeeves_> Hmm
<Jeeves_> But why is that ::1 gone?
<cjwatson> well, my machine has ipv6 configured
<cjwatson> yours perhaps doesn't
<cjwatson> s/machine/network/ perhaps more relevantly
<Jeeves_> Mine too, but the server hasn't
<cjwatson> right, this is code that runs on the server
<Jeeves_> I know.
<cjwatson> the thing I'm worried about is that this problem arose from a security fix
<Jeeves_> But who removes the ::1 from lo?
<cjwatson> specifically CVE-2008-1483
<uvirtbot> cjwatson: OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483)
<cjwatson> Jeeves_: if you don't have IPv6 configured, it might simply not ever be added
<cjwatson>   * Patch from Red Hat / Fedora:
<cjwatson>     - CVE-2008-1483: Don't use X11 forwarding port which can't be bound on
<uvirtbot> cjwatson: OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483)
<cjwatson>       all address families, preventing hijacking of X11 forwarding by
<cjwatson>       unprivileged users when both IPv4 and IPv6 are configured (closes:
<cjwatson>       #463011).
<cjwatson> thanks, uvirtbot, you can stop now
<Jeeves_> :)
<Jeeves_> I don't get much non-ipv6 hosts nowadays :)
<cjwatson> I *think* that ignoring EADDRNOTAVAIL wouldn't reintroduce the security hole
<cjwatson> the security hole was that you could bind to a port using one address family and sshd wouldn't mind as long as it could bind using the other address family, and then you could capture X traffic
<Jeeves_> Hmm
<cjwatson> but that would've been EADDRINUSE or something
<cjwatson> Damien upstream has a point that it's sort of weird for getaddrinfo to give you addresses you can't bind to
<Jeeves_> Yeah
<Jeeves_> I'm sorry, but I'm not into development that much that I can make up my mind about that :)
<cjwatson> I'm thinking out loud
<Jeeves_> ok :)
<hagedorn> hey, witch version of ubuntu should i use for xen as dom0 ?
<cjwatson> https://bugzilla.mindrot.org/show_bug.cgi?id=1356 is a clearer and better-written upstream bug for the above
<uvirtbot> bugzilla.mindrot.org bug 1356 in sshd "X11 forwarding broken." [Normal,Reopened]
<Stargaze> using nmap, what doex it mean if port 80 is 'filtered'?
<cjwatson> there's a comment at the end about a race condition which is a bit worrying ...
<cjwatson> Stargaze: google for 'nmap filtered', and the first hit explains it
<cjwatson> (http://nmap.org/book/man.html)
<bogeyd6> ja herd
<Jeeves_> cjwatson: Ehm. That would be the case if a machine is booting and it allready has an ipv6-addres and not an ipv4 address?
<uvirtbot> New bug: #531929 in php5 (main) "PHP5 cannot find adodb.so" [Undecided,New] https://launchpad.net/bugs/531929
<cjwatson> er, something like that.  I'm going to follow up there next time I have my normal browser booted, though, as I'd have thought having getaddrinfo return only bindable addresses would have the same problem
<cjwatson> but back to kernel hacking for now
<bohne> hi, what's the role of "ubuntu enterprise cloud" when using amacons EC2?
<bohne> hm ok, this "Enterprise" is private cloud. EC2 is public cloud.
<smoser> bohne, "UEC" is software that allows you to manage your own hardware as a "cloud"
<smoser> it is API compatible with amazon's EC2
<smoser> this means that you can develop appliances on your internal cloud, and move to ec2
<bohne> smoser: ok, so i can use the same mgmt tools?
<smoser> or develop on ec2 and move internal
<smoser> rigth
<smoser> a tool that works against the amazon web service api can be used against the UEC by simply changing the "end point" that the tool talks to
<bohne> smoser: when installing an Enterprise Cloud (=private Cloud) , this is a machine which can host XEN based VM's ?
<smoser> :-( no.
<bohne> smoser: physical machines?
<smoser> UEC uses kvm for virtualization
<smoser> so if you've got a xen based machine, it will likely need some changes to run on UEC
<bohne> smoser: ah ok, i thought amazon is xen based
<smoser> the kernel/ramdisk is the big thing
<smoser> amazon is xen based
<bohne> smoser: but i read somewhere that it is possible to transfer an image vom ec2 to private cloud?
<smoser> bohne, yes, it is, "mostly".  there are some things that will have to change.
<smoser> i believe that nijaba has a list somewhere of what all needs to be changed.
<smoser> bohne, for the UEC images (the "ubuntu" images on ec2) we make an effort to have them "just work"
<smoser> the goal being if you started with one of those, your migrate step is minimal
<bohne> smoser: ahm that means, ubuntu server image i can transfer, debian image is more difficult?
<smoser> its not terribly difficult.
<smoser> but, yes. the very least you have to get a non-xen kernel and then get the modules installed into the image
<smoser> that make sense ?
<bohne> smoser: i think i understand it
<smoser> nijaba, ping. i think you had a list of these things ?
<nijaba> smoser: otp...
<nijaba> smoser: what list are yo talking about?
<smoser> checklist of things to do to migrate from ec2 to uec
<smoser> to do to the image
<bohne> i don't need it sorry, this is just an evaluation
<nijaba> smoser: I barely started investigation...  never completed
<smoser> hmm... fair. nurmi told me it was somewhere on eucalyptus.com but i cant find it.
<nijaba> smoser: afaik changes are only needed with pre 9.10 images
<smoser> nijaba, not just ubuntu, but "generic" images
<nijaba> smoser: in that case, I don't
<smoser> (why anyone would use such a thing, i can't understand why :)
<blackxored> d
<hggdh> kirkland: I re-opened bug 531445, it started to fail again
<uvirtbot> Launchpad bug 531445 in vmbuilder "VirtualBox MAC address setting fails" [Undecided,New] https://launchpad.net/bugs/531445
<hggdh> no, worng bug, sorry
<hggdh> bug 531455
<uvirtbot> Launchpad bug 531455 in qemu-kvm "daily server ISO install fails with a kernel OOPS in KVM" [Undecided,New] https://launchpad.net/bugs/531455
<Roxyhart0>  hi there i got a nat/router server and a emal server. I want any external ip that come from outside with to the address 203.x.x.x (external email address) that arrive to the NAt can forwarding to my email server to the internal IP. somebody know how to do that?
<bohne> smoser: when using ubuntu UEC, ist possible to use plain debian guest? or only ubuntu server? i'm not sure.
<smoser> bohne, absolutely
<smoser> or fedora, or ....
<bohne> smoser: ok thanks
<smoser> there is work torwards supporting windows guests
<hggdh> soren: can you give me upload rights to ~soren/autotest/*, or should I create my own branch?
<bohne> smoser: is it simple to use debian?
<cbrowne> Roxyhart0, iptables -t nat -A POSTROUTING --dest-address 203.x.x.x-203.y.y.y -j QUERY # I think? don't quote me on that one
<smoser> bohne, is that a rhetorical question ?
<smoser> :)
<cbrowne> Roxyhart0, familiarise yourself with iptables anyway
<smoser> bohne, if you have a working image, its no different
<smoser> you just need filesystem-image, kernel, ramdisk
<bohne> smoser: ok thanks
<bohne> smoser: i only use virtualbox on desktop so far;)
<bohne> bohne: and lots of root servers...
<soren> hggdh: Just create one of your own.
<Jeeves_> Is lucid supposed to try and mount nfs before starting statd? :)
<soren> hggdh: (by branching mine, for instance)
<Roxyhart0> thanks i was trying many thinks but doen't work
<hggdh> soren: will do, thanks
<zul> wow people are actually using the php5 apport hook ;)
<hggdh> soren: BTW, did you submit the step_file_generator.py to upstream? It is quite a cool idea...
<soren> hggdh: I did not, no.
<soren> hggdh: It's not up to my ready-for-upstream-submission-standards yet.
<hggdh> soren: ah, OK. I only made a small change there, from print > stderr to logging.info()
<hink> Anyone had experience with KSplice
<bohne> smoser: i have another question;) on amazon ec2, ist simple to port a vm image from weak "hardware", to a more powerfull?
<smoser> bohne, there is basically no difference
<smoser> well, architecture
<smoser> but other than that really not
<bohne> smoser: it's possible and simple on UEC and amazon?
<smoser> yeah... outside of arch.
<smoser> your i386 image will not run on x86_64 instance in amazon
<smoser> (i think that actually works in uec... but dont know)
<bohne> smoser: you ok, but apart from that its simple
<smoser> yeah, the differences other than that are really non-existant
<smoser> unless you were *trying* to fail
<Roxyhart0> hi cbrowne, that i want to do is any IP form external website to the addrees 203.4.3.2 go to the Ip 172.16.0.4. So i am getting this one but i dont know what is the rest. Do you know abut that?  iptables -A POSTROUTING --dest-address 203.x.x.x -j ??
<skrite> hey gents, having some trouble with mysql replication. i have slave io running yes, but slave sql running no
<RoAkSoAx> zul, do the hooks have to be with the copyright notice?? nto really right?
<zul> RoAkSoAx: they should imho
<RoAkSoAx> zul, ok i'll submit a hook for vsftpd in a bit for you to review, I'm just gonna test it first
<zul> RoAkSoAx: cool beans
<cbrowne> Roxyhart0, you want -t nat so it's in the network address translation table, and I think you want -j FORWARD or -j QUERY but use the iptables manpage for more information about iptables
<Roxyhart0> i im using nat but i am using another external Ip for email, it mean NAt use 203.x.x.3 and email use 203.x.x.9...i want any addrees that come to 203.x.x.9 will be forward to 172.19.0.3 for example
<tdn> I have a machine with two network adapters: an ethernet adapter and a wireless adapter. How can I turn the wireless adapter into an access point?
<uvirtbot> New bug: #531978 in vsftpd (main) "Apport hook for vsftpd" [Low,In progress] https://launchpad.net/bugs/531978
<cbrowne> Roxyhart0, yes, that's what iptables does
<cbrowne> Roxyhart0, "man iptables"
<RoAkSoAx> zul, btw.. by setting STAGING=1 or APPORT_STAGING=1 it still doesn't work with the staging server of lp
<Roxyhart0> i did i cant firure out this is because im asking here
<zul> RoAkSoAx: you should be able to use it without the STAGING=1 and go through the motions without submitting the apport report
<RoAkSoAx> zul, right but i would like to submit it and see what is actually attaching
<zul> RoAkSoAx: hmm...not sure then
<RoAkSoAx> zul, now im getting "This is not a genuine Ubuntu package"
<RoAkSoAx> any ideas why?
<zul> RoAkSoAx: can you paste your python script somewhere/
<RoAkSoAx> zul, http://pastebin.ubuntu.com/388362/
<Roxyhart0> HI , somebody can hel me... i need to forwarding emails coming to a external adrees forwadring it to internal address. somebody know hoe to do that?
<zul> RoAkSoAx: i put the script as source_vsftpd.py in /usr/share/apport/package-hooks and didnt have that problem
<RoAkSoAx> zul, it tells me apport-cli: error: /usr/share/apport/package-hooks/source_vsftpd.py does not belong to a package. and to avoid that i'm creating the deb, installing it, and trying the hook
<zul> well yeah you need the package to be installed
<skrite> hey all, need some help with a master slave replication config. Thought i had everything set up right, but still shows nothing in Slave_IO_State
<RoAkSoAx> zul, same thing
<zul> RoAkSoAx: can you put the package up somewhere?
<zul> or your bzr branch
<cbrowne> Roxyhart0, iptables -t nat -A POSTROUTING -d [remoteip] -j DNAT --to-destination [localip]
<cbrowne> Roxyhart0, I got that by READING THE MANPAGE like I told you to do earlier
<zul> RoAkSoAx: i have to go to the doctors can you email me the details?
<RoAkSoAx> zul, I will
<cbrowne> Roxyhart0, when I tell you to rtfm it isn't because I'm lazy, it's because spoon-feeding you the answer isn't going to help anybody
<goose> is it okay to put my server's real IP and FQDN in /etc/hosts ? All I have in there now is localhost
<ivoks> of course
<goose> just wanted to make sure it wouldn't set my server on fire :p
<goose> I think some sendmail errors might be stemming from that
<goose> thanks ivoks
<uvirtbot> New bug: #532024 in samba (main) "gvfsd-smb-brows uses 100% cpu after selecting Places-->Network" [Undecided,New] https://launchpad.net/bugs/532024
<Neoteric> so does anyone use amazon ec2? and or know how to create custom AMIs based off karmic?
<TeTeT> kirkland: just installing another lucid server on the new kernel, just to make sure it was not a one time thing
<kirkland> TeTeT: cool, thanks
<nxvl> kirkland: i just updated to lucid and noticed that there is an annoying @ everytime there is activity in a byobu 'tab' how do i disable it?
<ph8> hi all - is there a way for me to automount a USB drive plugged into the server?
<ph8> * into my server :p
<nxvl> kirkland: and, is there a way to only enable that for 1 tab?
<macno> hi I'm trying testdrive but when virtualbox starts, it gets 100% CPU and do nothing
<kirkland> nxvl: echo "defmonitor off" >> ~/.screenrc
<nxvl> kirkland: thnx
<Pupeno> is there a command that will output some info about certs, keys, public keys, etc of those for SSL?
<TeTeT> kirkland: second install went fine too\
<kirkland> TeTeT: okay; good data points, thanks
<sherr> Pupeno: openssl has a lot of sub-commands, some of which output certificate details etc. See man openssl (and man x509 etc.)
<BulleTh0> I have a subnet, 62.231.69.56/29, routed behind 86.122.121.252. On the server, I have 86.122.121.253 on eth0 and, on eth0:0 .252. How do I get internet from the server? I tried on a windows machine connected trough a switch with the server to put IP: 62.231.69.58 with netmask 255.255.255.248, gatway 62.231.69.56(server, eth0:1) Do I need an extra netcard to put .232 or it's just a software issue?
<bogeyd6> BulleTh0, it seems you have a routing issue
<bogeyd6> Unless your switch also acts a router what you are trying to do, at least on the top, is impossible
<BulleTh0> No.. the switch it's just a switch.
<bogeyd6> Your eth0 cant have two subnets working on it
<BulleTh0> The .253 it's doesen't have a subnet.
<bogeyd6> I.e. you cant be on 62.231.69.59/29 and trying to go to 86.122.121.252 without a router
<bogeyd6> BulleTh0, ^^
<BulleTh0> I've put as aliases ips from that subnet on the server and they work.
<BulleTh0> But when I put IPs on network computers they don't work.
<bogeyd6> BulleTh0, http://www.sangoma.com/support/tutorials/tcp_ip.html
<bogeyd6> alias ips
<majuk> BulleTh0, have you enabled ipforwarding and NATing on your server's eth0?
<bogeyd6> BulleTh0, if there is a way to make it work without routing I am unfamiliar with it
<BulleTh0> majuk, I don't know. How do I check ?
<majuk> BulleTh0, Then you haven't. You're going to have to for this kind of a setup. The eth on your server isn't going to just KNOW to route those packets forward from your user net.
<BulleTh0> Hmmm... things make sence.
<BulleTh0> So .. I have to make a router out of my box.
<majuk> BulleTh0, Precisely. But Linux already has router functions as a part of it's kernel. The toolset is called "IPTables"
<BulleTh0> And I can have static ip adresses on each network computer ?
<majuk> BulleTh0, Yes. What you're going to do, ultimately, is tell your server "I want this block of IP addresses NAT'd onto this WAN address" Then you can assign any IP address in that range to your hosts and they'll be NATd out to the internet.
<BulleTh0> So.. this is what I have to follow? http://linuxpoison.blogspot.com/2008/01/how-to-enable-ip-forwarding.html
<BulleTh0> Look kinda must have but not enogh :))
<majuk> Yes, that's the forwarding. But you also have to do NATing in iptable
<majuk> s
<majuk> http://tinyurl.com/rd57k
<majuk> Check out the 'Masquerading' section
<majuk> BulleTh0, ^^
<BulleTh0> Geez.... I'm lost.
<mdlueck> I have a 9.10 server that needed the -20 kernel update at a bad time... I was just getting it set up, then to shift the network number, etc... Applied it anyway, now the server does not boot to the login prompt. Purged off the packages I was working on setting up, still no login prompt. Suggestions short of a reload?
<bogeyd6> mdlueck, any log activity?
<mdlueck> bogeyd6: Logs end eerily quiet, no clue...
<bogeyd6> mdlueck, so really we have no idea what is going on?
<mdlueck> Correct
<mdlueck> tail of messages and syslog give no clues
<bogeyd6> mdlueck, cntrl alt + f1
<mdlueck> Thought perhaps since cups / samba / dhcpserver were not yet configured - just on the server - that perhaps one of those were stalling the boot process
<bogeyd6> we need the dmesg log
<mdlueck> ctrl-alt-f1 shows the boot console, c-a-f2 is how I logged in to purge back off cups / samba / dhcpserver, reboot, etc...
<BulleTh0> I have no ideea how to set up the server :)
<bogeyd6> mdlueck,  sudo nano /etc/default/bootlogd then change BOOTLOGD_ENABLE=No to YES
<mdlueck> OK, let me see if it comes up far enough to let me ssh to it.
<mdlueck> brb
<mdlueck> in via ssh from my desk, next what...
<mdlueck> I just enabled bootlogd, will IPL the box
<bogeyd6> mdlueck, looking for a reboot to see what is hanging up
<mdlueck> bogeyd6: where does npptlogd log to? I will check the server console. ps aux shows me I had started setting up djbdns as well, so that I forgot to purge back off.
<bogeyd6> sorry bub
<bogeyd6> you going all over the board for me to handle it
<mdlueck> bogeyd6: stall at the usual spot on the console
<bogeyd6> you should have enabled the boot log, restarted and checked /var/log/boot
<mdlueck> OK, will check /var/log/boot
<mdlueck> cat /var/log/boot
<mdlueck> (Nothing has been logged yet.)
<bogeyd6> hmm mdlueck
<mdlueck> bogeyd6: also purged djbdns which was installed and not yet configured
<bogeyd6> you enabled the bootlog and it didnt log anything mdlueck
<mdlueck> bogeyd6: Did not seem like it did anything. I copy/pasted the results.
<bogeyd6> mdlueck, well im stumped
<mdlueck> bogeyd6: I just noticed a service which is not completely starting.
<mdlueck> So I will also purge that package off.
<ubuntuNewBe> hi, anybody here to help with ubuntu servers?
<mdlueck> bogeyd6: That did it - login prompt at the server console! PTL!
<lucid_interval> what help do you need?
<ubuntuNewBe> I had a question regarding postfix + dovecot setup.  Would like to know if anybody here can help.
<mdlueck> ubuntuNewBe: Sure, my prob is solved, so what may I assist you with
<ubuntuNewBe> I am running server 9.10, and followed the guide on this page: https://help.ubuntu.com/community/MailServer
<ttx> kees: around ?
<ubuntuNewBe> to setup postfix + dovecot
<mdlueck> ubuntuNewBe: Sorry, never have touched those packages
<kees> ttx: hello!
<ttx> kees: hey ! Can I bribe you into a quick C advice ?
<lucid_interval> ubuntuNewBe: OK... go on..
<kees> ttx: sure thing, what's up?
<ttx> kees: on https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/531899
<uvirtbot> Launchpad bug 531899 in eucalyptus "uec-component-listener leaves defunct child processes in the process table" [Low,In progress]
 * kees reads
<ubuntuNewBe> so I setup postfix first without problem, then setup dovecot without problems
<ttx> I fixed it like this: http://bazaar.launchpad.net/~ttx/eucalyptus/defunct-fix/revision/940
<ttx> kees: which involved creating an avahi  timeout callback
<ubuntuNewBe> then went back to the postfix page and scrolled to the bottom where it says setup postfix+dovecot+sasl
<ubuntuNewBe> followed all instructions without problems
<ttx> kees: was wondering if there wasn't a simpler way out
<ttx> kees: the parent process doesn't care if/when the child processes end
<ubuntuNewBe> now when connecting to my server via thunderbird from a different machine, it finds the imap +smtp server with starttls without problems
<ubuntuNewBe> however when thunderbird asks me to verify unsigned certificates, I get weird certs
<ubuntuNewBe> not the ones that I generated during the postfix part of the tutorial?
<lucid_interval> ubuntuNewBe: what do you mean weird certs?
<bogeyd6> ubuntuNewBe, that does happen when you use self signed certs
<lucid_interval> ubuntuNewBe: did you link the same certs into Dovecot?
<kees> ttx: usually processes spawning asynchronous children will register a SIGCHLD handler and perform a loop until waitpid(-1, &status, WNOHANG) == 0
 * ttx just spotted an error on line 139
<ubuntuNewBe> when looking at the certs that thunderbird gives me, they are not the ones that I generated during the postfixt part of the tutorial as they do not have my name/location/email ect...
<lucid_interval> ubuntuNewBe: At which stage of using TB do you get these errors (checking mail or sending mail)?
<ttx> kees: hmm, any example of that somewhere ?
<kees> ttx: optionally, another way to handle this is to have the child-spawner do a double-fork with setsid to disassociate completely from the parent.
<ubuntuNewBe> well, the account setup is without problems, I get the first cert when i first try to check mail, and then I get the 2nd cert (smtp) when trying to send a mail
<ubuntuNewBe> infact the first cert when checking mail for the 1st time(imap) is correct, has my name/email/location ect....
<kees> ttx: which is probably the least code changes.
<ubuntuNewBe> however when i try to send mail for the 1st time (smtp)  I get blank cert wihtout my correct info
<ttx> kees: ack.
<kees> ttx: http://www-theorie.physik.unizh.ch/~dpotter/howto/daemonize
<ubuntuNewBe> I generated the certs 2 times to see just to make sure
<kees> ttx: oh, I guess it's not a double-fork, just a call to setsid().  even less code to change.  :)
<lucid_interval> ubuntuNewBe: did you do the steps to configure postfix to use the certs you generated?
<ubuntuNewBe> Yes, I did
<ttx> kees: too bad you're so far way TZ-wise, that would have spared me that avahi research :)
<ubuntuNewBe> I can try doing that part again making sure I generate the correct certs and put them in the correct locations
<kees> heh
<lucid_interval> ubuntuNewBe: In particular can you check the following lines in /etc/postfix/main.cf:
<ttx> kees: thx, will fix tomorrow.
<lucid_interval> ubuntu: NewBe: smtp_tls_note_starttls_offer = yes
<lucid_interval> smtpd_tls_key_file = /etc/ssl/private/smtpd.key
<lucid_interval> smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
<kees> ttx: cool; glad I could help :)
<lucid_interval> smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
<ttx> kees: I suck at C.
<lucid_interval> ubuntuNewBe: make sure the files referenced are the correct ones.
<eekeek> Xubuntu 9.10 server. mod_rewrite enabled and as far as I can tell it is working with a .htaccess file. I want to map to lowercase urls. Do I put the rewrite instructions in the httpd.conf file?
<ubuntuNewBe> lucid, I checked those lines and the lines seem correct, however, I will double check generating the certs and placing them in the right folders.
<uvirtbot> New bug: #532127 in puppet (main) "Unit test failure: test_file_rc(TestDebianServiceProvider" [Undecided,New] https://launchpad.net/bugs/532127
<lucid_interval> ubuntuNeBe: actually, all you need to do is edit /etc/postfix/main.cf to ensure the entries point at the files you have already generated
<kees> ttx: hehe.  I attribute my C skills to reading everything W. Richard Stevens ever wrote.
<ubuntuNewBe> my concern was, how does dovecot handle the certs?  do I need to specifiy the certs in dovecot.conf or do I just need to worry about the certs in main.cf?
<ttx> kees: life is too short.
<kees> :)
<ttx> kees: my knowledge stops at format string vulnerabilities, somehow
<lucid_interval> You need to specify the certs in dovecot.conf (also). But since the mail check is OK from Thunderbird, I am presuming the dovecot setup is OK. dovecot is an IMAP server; it's postfix that is the SMTP server used for sending mail
<ubuntuNewBe> okay, because I used https://help.ubuntu.com/community/PostfixDovecotSASL to setup postfix+dovecot sasl and now where on this page does it say to specify certs in dovecot?
<mdeslaur> kirkland: fyi, I just uploaded changes to virt-manager and virtinst that change the way keymaps are handled. Basically, now by default no keymap will get set when qemu is being used. If you hear of any problems, let me know.
<ubuntuNewBe> so the only time I am specifing certs is main.cf
<uvirtbot> New bug: #532129 in puppet (main) "Unit test failure: test_sysv_rc(TestDebianServiceProvider)" [Undecided,New] https://launchpad.net/bugs/532129
<uvirtbot> New bug: #532132 in puppet (main) "Unit test failure: test_autorequire_user(TestExec)" [Undecided,New] https://launchpad.net/bugs/532132
<uvirtbot> New bug: #532126 in puppet (main) "Unit test failure: test_uppercase_files_are_renamed_and_read" [Undecided,New] https://launchpad.net/bugs/532126
<uvirtbot> New bug: #532135 in puppet (main) "Unit test failure: test_write_validates_checksum(TestFile)" [Undecided,New] https://launchpad.net/bugs/532135
<uvirtbot> New bug: #532138 in puppet (main) "Unit test failure: test_aliasisproperty(TestHost)" [Undecided,New] https://launchpad.net/bugs/532138
<lucid_interval> ubuntuNewBe: you need to click through for the detailed instructions on Dovecot - see https://help.ubuntu.com/community/Dovecot . Search for SSL
<lucid_interval> ubuntuNewBe: if you didn't do (change) this in dovecot, I am not clear how your generated certificates are appearing when you CHECK mail
<ubuntuNewBe> lol, okay i knew it didn't make sense, thanks for the help.
<ubuntuNewBe> so for these lines which cert files do I use?
<ubuntuNewBe> ssl_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
<ubuntuNewBe> ssl_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
<ubuntuNewBe> ? is this different than the certs I setup for postfix?
<ubuntuNewBe> also, I messed up, I get the correct cert when sending mail (smtp) but I get a blank cert when I first receive mail.  I had that backwards
<cak054> can i install the server and cloud on one desktop
<lucid_interval> ubuntuNewBe: you should (can) specify the same certs for the dovecot config also.
<lucid_interval> ubuntuNewBe: you can generate separate certs, but I do not think there is any point
<lucid_interval> ubuntuNewBe: remember that a cert refers to the public part (only) and a key refers to the private part (only)
<ubuntuNewBe> lucid_interval, let me first thank-you for all your help.
<ubuntuNewBe> lucid_interval, so using the previous examples, would it be okay to use ssl-cert-snakeoile.pem --> cacert.pem (from postfix)
<ubuntuNewBe> and ssl-cert-snakeoil.key --> cakey.pem (also from postfix instructions) ?
<ubuntuNewBe> once again I generated cacert.pem and cakey.pem from https://help.ubuntu.com/community/Postfix
<lucid_interval> ubuntuNewBe: no... you never use the CA key - except to sign new CSRs or certificates.
<lucid_interval> ubuntuNewBe: you need to generate a CSR (Certificate Signing Request) and sign a certificate using your newly created CA for this server.
<lucid_interval> ubuntuNewBe: that server cert will have a public (cert) part and a private (key) part
<lucid_interval> ubuntuNewBe: the ssl_cert_file and ssl_key_file (in Dovecot) should refer to these files
<lucid_interval> ubuntuNewBe: similarly the smtpd_tls_key_file and smtpd_tls_cert_file in the postfix main.cf should refer to these two server cert / key files
<lucid_interval> ubuntuNewBe: ONLY the smtpd_tls_CAfile entry in the postfix main.cf file should refer to the PUBLIC part of the CA certificate
<lucid_interval> ubuntuNewBe: you can also refer this URL for more info on becoming a root CA and creating CSRs / certs: http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/
<lucid_interval> ubuntuNewBe: another useful URL (linked on the Dovecot details page): http://www.debian-administration.org/articles/284
<andriijas> is there a way to remove all packages that were installed after installation and purge all the settings for it?
<ubuntuNewBe> lucid_interval, thank you again for all your help.  I will read the links you provided and try setting up the dovecot cert properly
<hink> i uninstalled proftpd using apt-get autoremove proftpd
<hink> i ran a update-rc.d -f
<hink> on it
<hink> and delete the /etc/proftpd directory. Now when i reinstall using aptitude it doesnt put the scripts back in init.d
<hink> am i doing something wrong
<lucid_interval> hink: you didn't purge the config files for proftpd when you did the rmeove
<hink> i ran an apt-get purge proftpd.... does that not take care of it lucid_interval
<lucid_interval> hink: what you wanted was apt-get autoremove --purge proftpd
<hink> i see
<lucid_interval> hink: you can still do it (should automatically remove /etc/proftpd)
<lucid_interval> hink: then do a re-install - you should get the init scripts
<hink> lucid_interval: if I am installing proftpd as part of a script. Is there anyway to bypass this screen during install? http://grab.by/grabs/5dd50880e9ee19f003e91c40b2edd104.png
<uvirtbot> New bug: #532202 in puppet (main) "Unit test failure: test_multivalues(TestHost)" [Undecided,New] https://launchpad.net/bugs/532202
<hink> lucid_interval: im thinking it has something to do with debconf-set-selections
<hink> but i'm not sure
<uvirtbot> New bug: #532204 in puppet (main) "Unit test failure: test_basic_isomorphism(TestParsedHostProvider)" [Undecided,New] https://launchpad.net/bugs/532204
<uvirtbot> New bug: #532209 in puppet (main) "Unit test failure: test_hooks(TestParsedSSHKey)" [Undecided,New] https://launchpad.net/bugs/532209
<Znupi> Can someone help me properly install a mail server? I am able to install Postfix and send and receive emails (they get stored in ~/Maildir/), but that's about it
<soren> mathiaz: Do we have a plan for dealing with those? ^^
<Znupi> I'd like to be able to fetch my email over POP3 and send e-mails through SMTP from a client
<soren> Znupi: That's what a mail server does.. You need to be more specific if you want it to do more.
<Znupi> (say, Thunderbird)
<soren> Ah,
<Znupi> But I have no idea whether I need to install something extra for the POP3 or not, or how to configure Postfix to accept (authed) SMTP requests
<soren> Fetching mail over pop3 -> fetchmail.
<Znupi> is fetchmail a server?
<soren> Define server.
<Znupi> it sounds like it "fetches" mail
<soren> "I'd like to be able to fetch my email over POP3"
<soren> Oh.
<soren> I see what you mean.
<soren> Ok, for that, you want dovecot.
<ubuntuNewBe> Znupi https://help.ubuntu.com/community/MailServer worked for me
<Znupi> ubuntuNewBe: I was reading the official docs
<uvirtbot> New bug: #532215 in puppet (main) "Unit test failure: test_simplekey(TestParsedSSHKey)" [Undecided,New] https://launchpad.net/bugs/532215
<Znupi> thanks for the link though
<soren> Znupi: Actually, there's a package called dovecot-postfix that should set up postfix and dovecot to work together.
<soren> Znupi: Those are the official Ubuntu docs
<ubuntuNewBe> Znupi, I did postfix first and then dovecot
<soren> Znupi: (What ubuntuNewBe linked to, I mean)
<Znupi> I see that on the official docs, but they never explain how things actually work
<Znupi> I mean, for example, how do I configure thunderbird to work with my new server?
<ubuntuNewBe> Znupi do the tutorials first
<ubuntuNewBe> then thunderbird 3.0 will configure itself
<Znupi> I see
<Znupi> But I don't understand a few things. For example, they say "Configure Postfix to do SMTP AUTH using SASL", but they never explain WHY I'm supposed to do that
<ubuntuNewBe> if you need secure access to web server
<ubuntuNewBe> mail server*
<Znupi> basically, this will help authenticate my email client when *sending* messages, correct?
<Znupi> (sorry for newbishness)
<lucid_interval> Znupi: yes. saslauth is for authentication of client requests to SEND mail
<Znupi> ok, thanks
<lucid_interval> Znupi: this is useful for clients like Thunderbird
<lucid_interval> Znupi: if you want to accept authenticated relay requests from another server (never a good idea to allow open SMTP relay), you need to use a CLIENT certificate on the server requesting relaying. This does not use saslauth
<Znupi> ok, so, please bare with me, the process is like this: mail comes from outside, postfix puts it in ~/Maildir/, then Thunderbird connects via POP3 to dovecot which reads mail from Maildir/ and sends it back to thunderbird. When sending mail it gets directly through postfix, dovecot is not involved at all, am i right?
<Znupi> But if I need to send email from thunderbird I don't need a special certificate for it, right?
<Znupi> I will just need to enter the username/password on the server?
<soren> Znupi: Well... Dovecot it somewhat involved in sending e-mail.
<Znupi> How so?
<soren> Znupi: Postfix asks dovecot for authentication.
<Znupi> Why? Can't dovecot just run sendmail ?
<soren> Znupi: But the process of accepting the e-mail from thunderbird and sending it on is done by postfix. Dovecot never sees the actual e-mail.
<Znupi> sendmail doesn't require authentication, right?
<Znupi> Ah
<soren> Znupi: The authentication is to check that you are who you say you are.
<Znupi> Oooh, I see
<soren> If you're on a LAN, you may not need authentication at all.
<soren> It's common for SMTP servers on a company's LAN to act as a relay for clients on the LAN without authentication.
<soren> SMTP AUTH is most commonly used for road warriors.
<soren> At least that's how/why I've used it in the past.
<Znupi> yeah, well, i'm not setting up for lan
<soren> Ok.
<Znupi> But, on the docs, I can see that sasl / SMTP AUTH is set up before dovecot
<soren> In that case you want to get SMTP AUTH working properly. Otherwise random people will use your server to send out spam. ("will" being the operative word. Not "may")
<soren> Sorry, which docs are we talking about?
<Znupi> https://help.ubuntu.com/9.10/serverguide/C/postfix.html
<soren> I'm following a stack of different conversations right now, so I got lost somewhere.
<Znupi> oh, no, wait
<Znupi> bit confusing but i got it
<Znupi> so if you want sasl, you have to have dovecot?
<Znupi> pardon, if you want smtp auth*
<soren> Znupi: "have to have" is such a strong way to put it.
<soren> Znupi: It's really, really, really what you want to do.
<soren> Znupi: but no, you don't /have/ to have dovecot.
<soren> postfix supports other sasl backends as well.
<Znupi> ah, I understand now
<Znupi> wow, i feel enlightened, thanks a lot
<soren> sure thing.
<soren> lool: locale-gen has a --no-purge option... Convenient! :)
<smoser> erichammond, purely fyi, but if you wanted to sanity check, http://bazaar.launchpad.net/%7Eubuntu-on-ec2/ubuntu-on-ec2/ec2-publishing-scripts/annotate/head%3A/ec2-image2ebs  is largely based off http://alestic.com/2010/01/ec2-ebs-boot-ubuntu
<lool> soren: Yes, I hadseen the --no-purge option, but note that a) it still might create a locale on the host which is not desired and b) the actual implementation mightturn purging on again (but that's not vm-builder's problem)
<hink> anyone know how to perform an automated install of proftpd without having to slect inetd or standalone
<soren> lool: Yeah, I suppose.
<bogeyd6> argh i missed a job call back
<pwnguin> i have a question about deploying the planet rss aggregator
<pwnguin> (technically, venus)
<pwnguin> the package didnt create a directory structure for me; where should i put it?
<pwnguin> ive got to create a planet.in
<pwnguin> i
<pwnguin> a template dir, a cache dir, and the output dir
<pwnguin> output can co in /var/www, and the cache can go in /var/cache/planet, but what about the templates?
<mathiaz> soren: puppet unit tests: bugs have been filed with upstream
<mathiaz> soren: we'll see what's their answer
<|Mike|> hmz, the nickname soren sounds familair here.
<jpds> I hope so.
<jpds> soren: yo.
<uvirtbot> New bug: #532286 in samba (main) "Samba: remote Win XP and Mac OS X machines can no longer mount shares" [Undecided,New] https://launchpad.net/bugs/532286
<uvirtbot> New bug: #532291 in puppet (main) "Unit test failure: test_execution(TestPuppetModule)" [Undecided,New] https://launchpad.net/bugs/532291
<soren> jpds: Ahoy.
<soren> mathiaz: Are you meaning to run that test suite regularly?
<mathiaz> soren: regurlarly during the LTS cycle?
<mathiaz> soren: It mainly is for maintainance purpose and the security team
<soren> mathiaz: I think it may make sense to disable the tests we know are currently failing and keep running the test suite so that we can see if new things start failing.
<soren> mathiaz: Yes, regularly during this dev cycle.
<mathiaz> soren: right - that's another option
<mathiaz> soren: we could disable tests at the very end of the cycle
<uvirtbot> New bug: #532294 in puppet (main) "Unit test failure: test_existence(TestPuppetModule)" [Undecided,New] https://launchpad.net/bugs/532294
<uvirtbot> New bug: #532299 in puppet (main) "Unit test failure: test_check_is_called(TestResources)" [Undecided,New] https://launchpad.net/bugs/532299
<mathiaz> soren: but I'd rather focus on fixing as many tests as possible before release
<soren> mathiaz: Sure, sure.
<soren> mathiaz: My point is just that until the tests are fixed (which might be a while), it would be nice to know if /more/ tests start failing.
 * mathiaz nods
<soren> mathiaz: ..and that's easier to notice if the currently failing tests are ignored.
<uvirtbot> New bug: #532300 in puppet (main) "Unit test failure: test_purge(TestResources)" [Undecided,New] https://launchpad.net/bugs/532300
<uvirtbot> New bug: #532302 in puppet (main) "Unit test failure: test_aliasisproperty(TestSSHKey)" [Undecided,New] https://launchpad.net/bugs/532302
<erichammond> smoser: Took a quick glance at ec2-image2ebs. First thing I noticed was the use of "rsync -a" instead of "tar cS | tar x".  The rsync command is not going to do the right thing with hard links, sparse files, special files, devices (and I'm not sure if ACLs or extended attributes matter.)  I'm not sure about any other differences.  If you are stuck on rsync, there are options to enable these, but "tar -S" may be a simpler choice for 
<uvirtbot> New bug: #532307 in puppet (main) "Unit test failure: test_multivalues(TestSSHKey)" [Low,New] https://launchpad.net/bugs/532307
<erichammond> smoser: Though I've used tar and rsync extensively for decades, I'm not a complete guru, so it might be good to check with  one before making the decision.  The AWS folks and others I respect on the EC2 forum recommended "tar -S" so I just followed their example.
<soren> rsync -aHAS usually does the right thing.
<erichammond> --specials              preserve special files
#ubuntu-server 2010-03-05
<erichammond> -X preserve extended attributes
<erichammond> I'm a huge rsync fan, but there were enough special cases, that I start to wonder if I got them all.
<erichammond> A generic tool like this should do the right thing for all edge cases users are likely to come up with.
<mdlueck> Has anyone ever heard of start_daemon not backgrounding processes? Suddenly one program trying to use that to start its daemon find the script hanging at the call to start_daemon and the daemon is responsive.
<RoAkSoAx> zul, found why I couldn't run the hook and now I can, and it was something related to the apt cache, but now im doing something different to test the hooks and works including the staging
<zul> RoAkSoAx: sweet
<RoAkSoAx> anyways i'll work on it/test and then bother you for review :)
<zul> coolio
<sabgenton> what is the command to rebuild device.map
<jpds> soren: update-grub ?
<jpds> sabgenton: ^--.
<smoser> erichammond, i'm just familiar with rsync, and its one command, not 2. so i don't have to check both sides of the pipe
<smoser> but, regarding sparse, and acl, and hard links you're definitely right.
<erichammond> smoser: That's fine. Just make sure you pack in enough options to really duplicate the contents.
<smoser> yeah
<sabgenton> grub 2 is a pain it didn't make the autodected boot entrys right
<sabgenton> now I have grub entrys that are useless
<sabgenton> have to make one in /etc/grub.d/40_custom I guess
<sabgenton> oh wait I think it looks at fstab
<sabgenton> and it was wrong at the time
<sabgenton> will try again
<zoran119> hi
<zoran119> i have a ubuntu server (8.04 lts) running as a vm on hyper-v and almost every day the clock gets stuck in a 5 second loop...
<zoran119> any idea what could be causing the problem?
<cef> zoran119: are you running ntpdate or ntpd int hat vm? vm's usually don't need to sync their time, just the host
<cef> zoran119: it's the only thing that comes to mind at the moment
<maxagaz> how can I can kill such process: root     19294  0.0  0.0      0     0 ?        S    Feb28   0:00 [nfsv4-svc]
<twb> maxagaz: that's a kernel thread.
<maxagaz> knowing that kill -9 doesn't work
<twb> The square brackets mean "I'm the kernel"
<twb> (IIUC)
<maxagaz> twb, okay
<maxagaz> twb, what can I do then ?
<maxagaz> twb, it was set by someone else...
<twb> rmmod nfs or something, might get rid of it.
<twb> Why do you need to get rid of it?
<maxagaz> twb, I suspect it to be responsible of lags on the machine
<maxagaz> rmmod nfs
<maxagaz> ERROR: Module nfs is in use
<twb> maxagaz: why do you suspect that?
<maxagaz> actually, it seems better since I've unmounted to directory in /tmp
<twb> I have a network of 8.04 clients and an 8.04 server.  Users and groups (above 1000) are centralized in an OpenLDAP RFC 2307 database.
<twb> Now, I need all users to have access to floppies, i.e. to be in the floppy (25) group.
<twb> How do I do that?  The floppy group isn't in LDAP, it's in flat files on each host.
<persia> twb: Fiddle /etc/nsswitch.conf and stick it in LDAP?
<twb> Thinking laterally, I wonder if I could just use a udev rule to "chgrp users /dev/fd0".
<twb> Any old bodge will suffice, but for my own sanity I'd like it to be the least-worst bodge.
<persia> Well, of course.
<persia> udev rule either means manual management or a local package.  LDAP swich means manual management *and* LDAP config.  Which is less headache?
<twb> I should add that the client machines are all netboot from a single image
<axisys> i have two disks mirrored .. looking for procedure to upgrade to next release, for example lucid when it is available in apr, and failover back to older release..
<persia> twb: That's why "local package".  You deploy something that adds an entry in /etc/apt/sources.list.d/ and includes your rule (or split in two packages if you like), and then you can update all the machines by tweaking that package, rather than by changing all the netboot images.
<axisys> i solaris i break the mirror, while system is running, upgrade the in inactive disk - the detached one from mirror, and reboot from that ..
<axisys> s/i solaris/in solaris/
<axisys> if the upgrade breaks any os, i switch back to the orig disk
<axisys> so one reboot for each is the only outage
<axisys> is there something similar available w/ ubuntu server ?
<Roxyhart0>  hi there i am trying to install moodle, i just download the files .tgz but when i try to uncompress using the command tar -zxvf moodle-weekly-19.tgz i got error that the file is not format gzip. any idea?
<ivoks> file moodle-weekly-19.tgz
<Roxyhart0> yes, i just see i can do apt-get moodle, but i am not sure if it can work fine. anyone have experience installing moodle?
<ivoks> i don't see why it wouldn't work
<Roxyhart0> im trying now thanks
 * persia has recently seen a number of .tgz files that were actually uncompressed tarballs.
<ivoks> probably web server is doing decompressing
<twb> ivoks: if you mean when clicking in firefox, it'll be firefox, not the server sie
<twb> *side
<ivoks> you think?
<twb> ivoks: because of Accept-Encodings: gzip
<twb> Firefox thinks the file coming back is gzipped only because it said it supported gzip
<ivoks> hm... yeah
<twb> You won't see that fail with e.g. wget
<twb> ivoks: oh, and also because the server returns application/x-gzip or whatever for .tar.gz
<ivoks> true
<ivoks> lucid is looking macish
<persia> Actually, in at least one case, the decompression had happend prior to it being posted on the website (I spent some time investigating with the person posting the artifact).  Probably the same cause, but don't always blame your browser.
<twb> I was just commenting on server vs. browser
<ivoks> does w3m supports it?
<twb> w3m sends Accept-Encodings: gzip ..., but midori doesn't
<ivoks> probably, /lib/libz.so.1
<twb> I know this because occasionally my proxy (polipo) will feed the gzipped file to midori and I get garbage onscreen
<skrite> can someone reccomend an easy how to for getting postfix to allow a user to send via smtp from a computer not on our lan?
<skrite> having an awful time with it
<twb> skrite: you want SMTP/SSL on the submission port (587).
<twb> I don't know the details
<twb> That or become an open gateway and hope for the best until you get RBLd.
<skrite> twb, i think i need port 25
<skrite> RBLd?
<twb> blacklisted
<skrite> ah, ok
<skrite> then yes !
<twb> http://en.wikipedia.org/wiki/Message_submission_agent
<skrite> thanks
<skrite> this is insane
<skrite> i have gone through the examples on the ubuntu wiki about a half dozen times, and still not getting it to work
<skrite> just doesn't seem like this should be this difficult
<|Mike|> what
<|Mike|> struggling with sasl ? :D
<skrite> yeah, still struggling
<jiboumans> morning
<soren> o/
<skrite> hey
<skrite> do i need to have the full domain name as my host name?  like  machine.mydomain.com ?
<lucid_interval> skrite: do you mean for postfix?
<skrite> yes
<lucid_interval> skrite: you need to tell postfix which hostnames to "receive mail for" - i.e. consider as local machine
<lucid_interval> this can be one or more hostnames - can include your FQDN (machine.example.com)
<skrite> all the ones listed as mydestination?
<lucid_interval> skrite: what is mydestination?
<lucid_interval> skrite: yes. whatever is listed as mydestination
<lucid_interval> but your hostname is ONE of those values.
<skrite> ok
<lucid_interval> skrite: and you MIGHT list all of the values under mydestination in /etc/hosts
<lucid_interval> skrite: in the simplest of cases, your hostname = machine.example.com, mydestination will be just that
<skrite> ok. i am a little confused here.  The machine name with the prefix of the domain.   like our machine is  server.mydomain.com  so when i log in, my prompt looks like server #   however, the mail domain is mail.ourdomain.com
<skrite> the hostname of the machine is server
<lucid_interval> skrite: then your case is a little more involved. mydestination should include ALL the hostnames in the SMTP context that this postfix instance will consider local
<skrite> and the same with the /etc/hosts ?
<lucid_interval> skrite: strictly speaking it has NOTHING to do with /etc/hosts or DNS or hostname
<skrite> ok
<lucid_interval> skrite: if an incoming SMTP connection has a To/CC/BCC email address that is _NOT_
<lucid_interval> skrite: one of the values in mydestination, that is considered non-local and the
<lucid_interval> skrite: request is effectively a relay request. All email addresses that end in values in mydestination
<lucid_interval> skrite are considered "local" and therefore _NOT_ relay requests
<skrite> whoa, so i don't want to include them if i am trying to set up an account client that is not within the LAN?
<skrite> not on the local network or local machine, i mean.
<lucid_interval> skrite: don't understand what you're asking. I was referring to what is considered a relay
<skrite> the user has a username and password and a Maildir on the machine, but needs to connect from a mail client not on the same machine
<lucid_interval> skrite: request versus request for "local" delivery. There are separate constraints / checks
<lucid_interval> skrite: around whether relaying is ALLOWED or not - e.g. AUTH
<skrite> ok
<skrite> think i get it
<lucid_interval> skrite: I get your case now. User has a _LOCAL_ account. But connects with a mail client
<skrite> right
<lucid_interval> skrite: that will make SMTP requests from a remote network location
<skrite> yes
<lucid_interval> skrite: presumably some of those requests will be to send email to _OTHER_ users on this local
<skrite> actually, no.
<lucid_interval> skrite: mail domain (to be "locally" delivered) while other SMTP requests will be to relay emails
<lucid_interval> skrite: to other mail domains.
<skrite> the mail account is actually for a machine that will only need to send via relay. to other domains
<lucid_interval> skrite: the mydestination piece specifies what is considered "local" versus "foreign" (non-local)
<lucid_interval> skrite: ok. so case 1 may have ZERO requests. you still need to instruct postfix as to what is for "local"
<skrite> ok, so what it considers a relay or not
<lucid_interval> skrite: delivery versus "relay". If NOTHING is ever lcoally delivered to users on this box, you should
<lucid_interval> skrite: be setting up this postfix as a "smart relay" to relay all mail to the main SMTP host.
<lucid_interval> skrite: in that case, this client can also (probably should also) relay via _THAT_ main SMTP host
<skrite> ok testing
<skrite> what log can i look in to see why smtp is not happening right? mail.log does not show anything when i try to send via smtp
<sherr> skrite: what mail server?
<skrite> the smtp server
<lucid_interval_> skrite: did you finish testing?
<skrite> well, sort of, all i am getting from a client is that unable to send check with your network administrator, yadda yadda
<skrite> check with the network administrator? i AM the network administrator !
<lucid_interval_> can you try sending email _locally_ - to see postfix is accepting incoming mail for local delivery?
<skrite> yes, that is working
<lucid_interval_> then check from the remote client sending email that should be considered local - for local delivery on the postfix box
<lucid_interval_> the final part is selectively enabling relaying based on AUTH (since you don't want to be an open SMTP relay)
<skrite> ok
<skrite> you mean test from like user1@mydomain.com to user2@mydomain.com?
<lucid_interval_> skrite: from can be anything. to should be something like user2@mydomain.com - where mydomain.com is in the mydestination list
<lucid_interval_> in fct you should test all teh different values in the mydestination list
<skrite> no, i am getting a login failed
<lucid_interval_> skrite: so here is where the AUTH part comes in. Did you finish setting up the STARTTLS?
<skrite> yes, i think so.
<lucid_interval_> skrite: Are you planning on using saslauth directly with postfix or authenticate through dovecot?
<skrite> i am good with either, really, dovecot is our pop client and is working
<lucid_interval_> skrite: ok. when you do a 'telnet localhost 25' on the postfix box and then type 'ehlo localhost' at the SMTP prompt,
<lucid_interval_> skrite: do you see STARTTLS and AUTH?
<skrite> I see STARTTLS but  the lines with AUTH are   AUTH PLAIN LOGIN and AUTH=PLAIN LOGIN
<lucid_interval_> skrite: cool. that works.
<lucid_interval_> skrite: take a look atthis page to setup the sasl through dovecot:
<lucid_interval_> skrite: https://help.ubuntu.com/community/PostfixDovecotSASL
<skrite> ok
<skrite> thanks for all this, by the way
<lucid_interval_> skrite: cool. you're welcome. lots of ppl have helped me too - not least by writing all this awesome FOSS
<skrite> :)
<\sh> hmm....libjs-query as default install pkg on server flavour? did I miss something? ;)
<\sh> bah...python-apt recommends libjs-jquery..wth
<sabgenton> in grub2
<sabgenton> how does grub-mkconfig know what partion to assign to  root=bla
<sabgenton> ?
<soren> ttx: I don't know if I'm all alone in this, but I really don't care about eucalyptus bug mail. At all. Yet I get tons of it, because ubuntu-virt is subscribed to it.
<soren> ttx: How would you feel about a ubunt-uec team that is subscribed to all things UEC?
<soren> ttx: That team, in turn, could be a member of ubuntu-virt (and not the other way around).
<ttx> soren: makes sense, maybe send mail to ubuntu-virt members to propose the disassociation ?
<soren> ttx: The team consists of all Canonical folks and me and Rick.
<soren> ttx: I think it's a matter of jfdi.
<ttx> soren: I just don't want people (if any) relying on it to get euca bugmail to be surprised by the move
<soren> ttx: Ok, how about this:
<soren> ttx: You create ubuntu-uec..
<soren> ttx: ..subscribe that team to all the relevant packages (eucalyptus, euca2ools, axis2c, rampart, all the java stuff, etc.)..
<soren> ttx: ...I'll e-mail all the members of ubuntu-virt telling them that if they really do care about UEC bug mail, they should join that other team.
<soren> ttx: You may want to keep all the java stuff separate.
<ttx> soren: ubuntnu-server is already subscribed to those packages... so I don't really see the need for a ubuntu-uec team, tbh
<soren> ttx: Oh.
<soren> ttx: You are quite right.
<soren> Everyone in ubuntu-virt is already ubuntu-server members.
<soren> Oh, but they get that bug mail differently.
<ttx> soren: yes, that allows them to filter... that's why I prefer to warn about the move before doing it
<soren> I'm just fed up to the point where I was about to leave ubuntu-virt, but I really don't want to do that. I feel very close to that team :)
<ttx> soren: it all boils down to the purpose of that team
<ttx> soren: as the bug supervisor for a number of virt packages, that puts it outside the regular ubuntu-server processes as far as bug review is concerned
<ttx> so we discussed moving the virt packages into ubuntu-sever as well
<soren> It was meant to consist of people who cared about virtualisation in Ubuntu. It was never really decided whether this membership was supposed to come with special privileges (write access to bzr branches or whatnot), or if it was just a handy way to get more bug mail.
<ttx> soren: if everyone agrees the purpose of the team is about key virt packages and not their downstream application (UEC), then yes, your move makes sense
<ttx> uec packages are already taken care of in ubuntu-server, so they wouldn't get lost
<skrite> lucid_interval_, YOU ROCK !   successful test after setting up with dovecot auth, thanks !
<lucid_interval_> skrite: awesome :-)
<lucid_interval_> skrite: now if you want to know a LOT more about postfix - check out this presentation: http://www.arschkrebs.de/slides/Postfix_Configuration_and_Administration-handout.pdf
<skrite> cool, thanks. certainly will do.
<lucid_interval_> skrite: and if you ever want to setup a CLIENT postfix server that is allowed to relay based on a TLS certificate: check out this presentation: http://www.state-of-mind.de/assets/postfix_tls.pdf
<skrite> got it
<jayvee> so I'm running Ubuntu 9.10 here
<jayvee> what's the best way to get Xen working?
<jayvee> there isn't any xen-enabled kernel in the repo
<jayvee> is xen considered edwardian or something?
<soren> jayvee: Xen is not really supported in Ubuntu. Try KVM instead.
<jayvee> That's what I've been using, but I'm quite unimpressed with its performance.
<jayvee> This copy of Ubuntu has been installing for the past 30 minutes.
<soren> Then you're probably not using kvm.
<jayvee> module kvm_amd is loaded, and /usr/bin/kvm is running
<jayvee> -enable-kvm
<soren> jayvee: How are you running kvm? From a command line?
<jayvee> within libvirt
<soren> jayvee: Through libvirt?
<soren> jayvee: Ok.
<soren> jayvee: Put the output of "ps -ef | grep kvm" on pastebin
<jayvee> soren: http://pastebin.ca/1823647
<soren> jayvee: now "sudo ls -l /proc/26559/fd
<soren> "
<soren> (without the spurious newline, sorry)
<jayvee> This is a desktop install, btw. It's going to be a group of NoMachine servers.
<soren> A desktop install? With 512 MB of RAM?
<soren> That's going to be slow even on real hardware.
<|Mike|> soren: are you from sweden btw?
<soren> |Mike|: No.
<soren> |Mike|: Denmark
<jayvee> soren: http://pastebin.ca/1823649
<|Mike|> Close tho, your nick sounds pretty familair, as if i seen it before *somewhere*
<jayvee> I shut it down and started it, so the PID changed. :)
<soren> jayvee: Well, any further diagnostics is unnecessary: 512 MB of RAM desktop installs will always be slow.
<jayvee> hmm, runs perfectly fast in VirtualBox
<jayvee> I'd use ubuntu-vm-builder to deploy this stuff, except it keeps crashing.
<soren> jayvee: With 512 MB it runs fast in VirtualBox? Seriously?
<jayvee> yep
<ttx> |Mike|: soren is a famous golfer.
<iLLiZT> Nothing runs fast on 512 MB
<jayvee> heck, I even bump it down to 256 MB once it's finished installing
<iLLiZT> What's wrong with you?
 * soren smacks ttx around
<|Mike|> ttx: lol
<iLLiZT> :)
<ttx> |Mike|: it's true !
<soren> jayvee: Once it's done installing is a completely different story.
<jayvee> agreed
<jayvee> So you reckon it's a memory thing more than anything?
<soren> jayvee: At that point, you don't have a multi-GB disk image as a ramdisk.
<iLLiZT> KVM is quite awesome anyway
<ttx> Google says he is, it /must/ be true.
<iLLiZT> I'd rather go with KVM than Xen.
<soren> jayvee: Oh, yeah. Totally.
<iLLiZT> But Virtualbox is pretty nifty if you want hosted virtualization
<henkjan> jayvee: i'm running a Xen dom0 on debian lenny
<soren> iLLiZT: What is "hosted virtualisation"?
<henkjan> jayvee: with ubuntu domu's
<iLLiZT> soren: Virtualbox, VMware Workstation, etc.
<soren> iLLiZT: How is that different from Xen or KVM?
<|Mike|> eeuw.
<soren> iLLiZT: What about KVM is not "hosted virtualisation"?
<soren> I've never heard that term.
<iLLiZT> KVM is hosted virtualization as well.
<soren> What is /not/ hosted virtualisation, then?
<iLLiZT> It's mainly what VMware uses to describe what's not a bare-metal hypervisor.
<iLLiZT> VMware, Citrix, Microsoft etc.
<soren> What does that even mean?
<FireCrotch> soren: it's a VMWare buzz-word
<iLLiZT> A bare-metal hypervisor is virtualization without an underlying OS.
<FireCrotch> :)
<iLLiZT> Yeah
<soren> iLLiZT: ...which in and of itself is nonsense.
<iLLiZT> Well, naturally they have some sort of OS
<soren> There's always an OS.
<FireCrotch> since the hypervisor itself is the OS basically
<iLLiZT> But their OS is used only for virtualization.
<iLLiZT> And nothing else.
<soren> What difference does that make?
<FireCrotch> Like I said... buzzword :)
<iLLiZT> Less overhead, and like FireCrotch says; buzzword
<|Mike|> soren: go get em, rawwwwwwww!
<soren> bah
<jayvee> Are there any virtualisation solutions that don't use disk images?
<jayvee> chroots don't count ;)
<iLLiZT> jayvee: You could boot vms from iSCSI.
<soren> I'd exchange a bit of overhead for not having a /completely separate codebase/ to do virtually the exact same thing as a proper OS /any/ day.
<iLLiZT> I don't mind using a server for just virtualization.
<jayvee> iLLiZT: never touched iSCSI before
<soren> jayvee: What's the problem with disk images?
<jayvee> oh, nothing
<jayvee> just curious
<soren> What counts as a "disk image" in your book?
<jayvee> just cloning a disk image at the moment, and it crossed my mind
<blinkiz> Hello. Installed "redhat-cluster-suite" and now I can not boot my machine anymore. Last message at boot is "dlm: Using TCP for communications". Anyone know how to resolve this?
<soren> Maybe that's the right question to ask.
<jayvee> disk image = vmdk, vdi, img, etc.
<soren> jayvee: Sure. KVM can use other stuff.
<soren> jayvee: It can use a disk, partition, lv, whatever.
<FireCrotch> so can Virtualbox, I think
<jayvee> I'm thinking more folder on the hard drive without a filesystem
<blinkiz> I know how to make it go away. Just boot the server with USB stick and remove all deps of redhat-cluster-suite. But heay, I want cman, clvm, nfs and stuff
<iLLiZT> So, anyone install 3.1.4 yet?
<jayvee> but that would require NFS
<soren> jayvee: LXC.
<jayvee> bit like what some LTSP setups use, I spose
<iLLiZT> Default behaviours have changed a bit
<iLLiZT> Seems promising.
<jayvee> soren: interesting â not heard of that
<jayvee> and there's a libvirt driver
<soren> Yes.
<jayvee> speaking of which, I was trying to get libvirt to talk to virtualbox the other day
<jayvee> had some error
<jayvee> hang on
<jayvee> hmm, wow, it works
<jayvee> heh, never mind :)
<jayvee> hmm, not as good as I hoped though. doesn't support the libvirt chrome, and doesn't run headless.
<blinkiz> Currently setting up a new virtualization environment here. One storage server and two virtualization servers. Using iSCSI with cluster LVM. have it working! Pretty cool.
<jayvee> cool, lxc looks awesome
<jayvee> even less vm'ish than openvz
<jayvee> does it use UML?
<jayvee> actually, doesn't look like it uses separate kernels at all
<jayvee> similar to openvz, from what I recall
<blinkiz> jayvee, yeah, LXC is the future of openvz.
<jayvee> I presume my kernel already supports it.
<blinkiz> jayvee, yes. You have to ask someone else how mature LXC is. Ask soren
<uvirtbot> New bug: #532558 in eucalyptus (main) "When CC is separated from CLC, nodes keep on being registered" [Low,Confirmed] https://launchpad.net/bugs/532558
<soren> Well, people are using it in production. It's been around for a while. I believe I heard its security model leaves a bit to be desired, though, but that may not matter for your use case.
<jayvee> hmm, that was a bad idea
<jayvee> ran lxc-create --name=larry, then lxc-start --name=larry
<jayvee> and my whole system came to a grinding halt
<jayvee> my display went all pretty colours, and then got dumped back to a tty
<jayvee> I think I should have read the man page first. ;)
<twb> Manpages are for wimps
<garymc> Hi guys, anyone know where I look to see if bots are hitting my web server?
<garymc> and what i look for?
<oly> hi, can anyone tell me if there would be any issues with running openvz and kvm along side each other
<uvirtbot> New bug: #532587 in puppet (main) "removal of package does not stop daemon" [Undecided,New] https://launchpad.net/bugs/532587
<pecisk> Hi people, I can't boot upgraded server system, it is known bug/issue? It was pure Karmic server install and then do-release-upgrade -d
<pecisk> Hangs on kernel 'Checking 'hlt' instruction... OK.'
<pmatulis> pecisk: what kind of system is it?
<pecisk> well, I solved problem, sorry to bother :)
<twb> pecisk: rather, it probably hangs immediately AFTER that.
<pecisk> it was VirtualBox, needed acpi=off for some strange reason
<pmatulis> pecisk: right, it's a VB issue
<smoser> ttx, ping
<ttx> smoser: pong
<zul> morning
<smoser> ttx, pm
<kirkland> ttx: ping
<kirkland> ttx: i'm going to a cherry pick of the 4 commits at https://code.edge.launchpad.net/~eucalyptus-maintainers/eucalyptus/1.6.2
<kirkland> ttx: any objections?
<kirkland> ttx: i'll build/upgrade my local packages and sniff test before uploading
<ttx> kirkland: no objection
<ttx> Note that I uploaded a new release
<bogeyd6> mandriva instanton is a very neat concept
<ttx> a couple hours ago
<twb> Meh.
<twb> I'd rather get Debian booting faster than adopt Mandrivia.
<twb> http://en.wikipedia.org/wiki/Instant_on indicates almost all the vendors run Splashtop, a proprietary Linux distro.
<kirkland> ttx: okay
<kirkland> ttx: i'll get on it
<bogeyd6> twb, agreed
<twb> Seems to me that with live-helper you get pretty good boot times.
<twb> I'm using it to boot a 200MB-ish Lucid system that just runs surf and mplayer, and that comes up in... let's time it...
<twb> Not too good -- 32 seconds for a 1.5GHz Via C7
<twb> My laptop's around 15s for a 630MHz Celeron, but I don't start X.
<ttx> kirkland: saw my pm ?
<kirkland> ttx: no
<ttx> kirkland: and now ?
<kirkland> ttx: yup
<Jeeves_> Bah. Live migration still doens't work :(
<Daviey> zul: Have you seen that php 5.3.2 bug and "Security Enhancements" release has been made?
<zul> Daviey: yep I have
<Daviey> zul: what do you think about bumping to it?
<zul> Daviey: umm....maybe :)
<zul> Daviey: ill take a look at it this afternon
<Daviey> zul: neat
<Jeeves_> IRC-REVOKE. Live migration does work
<_ruben> Jeeves_: in what kind of environment? plain kvm? "free" live migration sure make me wanna play around with kvm (and possibly xen). as our current choice of virtualization product, vmware esxi, surely has a hefty pricetag on its live migration feature
<Jeeves_> _ruben: Libvirt, KVM, Ubuntu Lucid
<smoser> kirkland, ttx, bug 532682
<uvirtbot> Launchpad bug 532682 in eucalyptus "instance stays in pending for > 1 hour, then to terminated" [Undecided,New] https://launchpad.net/bugs/532682
<_ruben> Jeeves_: nice, nfs storage i guess?
<Jeeves_> _ruben: No, iscsi
<_ruben> Jeeves_: ah, interesting
<_ruben> Jeeves_: where do you handle the iscsi? in the vm or the host?
<Jeeves_> Sun Unified Storage
<_ruben> you and your suns ;)
<Jeeves_> :)
<ogra> arent they oracles nowadays ?
<Jeeves_> Yes
<Jeeves_> So we switched to Fujitsu servers
<ogra> so what do they predict ? :)
<Jeeves_> But the Sun storage kicks ass
<_ruben> Jeeves_: what fs do you for your shared storage?
<_ruben> +use
<henkjan> _ruben: shared storage to host the vms?
<henkjan> _ruben: eacht vm has its own iscsi lun
<Jeeves_> _ruben: What henkjan says
<_ruben> ah ok
<uvirtbot> New bug: #447251 in python-boto (main) "euca-register returns "'ResultSet' object has no attribute 'imageId'" with invalid manifest" [Low,Fix released] https://launchpad.net/bugs/447251
<uvirtbot> New bug: #532698 in clamav (main) "clamav on Hardy needs to be updated to 0.95, for pending EOL" [Undecided,Fix released] https://launchpad.net/bugs/532698
<uvirtbot> New bug: #532735 in dbconfig-common (main) "package dbconfig-common 1.8.41 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 349469)" [Undecided,Confirmed] https://launchpad.net/bugs/532735
<zul> ivoks: ping
<ttx> zul: he's not around
<zul> bah
<dvrcoder> hi. question: is there any kind of problem with .ssh/authorized_keys when /home/USERNAME is a symlink to /bla/home/USERNAME?
<jbroome> The tinyurl in the /topic is broken.
<Andy-at-home> guys, see to access my webmin on my vps, is that not just http://xxx.xxx.xxx.xxx:10000 to log into it?
<jbroome> IIRC, that's the default port for webmin
<jbroome> may be https, i don't remember
<_ruben> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Andy-at-home> still supported in 9.0.4 by any chance?
<fullstop> Has anyone seen a segfault generating grub.cfg when updating the linux-server-image?
<fullstop> http://www.pastebin.org/101841
<_ruben> Andy-at-home: no, iirc webmin was dropped years ago
<_ruben> <nitpick>and its 9.04, not 9.0.4</nitpick>
<fullstop> actually update-grub segfaults on 9.10 server.. odd.
<qman__> Andy-at-home, webmin was dropped before 8.04 LTS, and is not in any supported versions
<uvirtbot> New bug: #529466 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/529466
<zul> kirkland: ping what happens when qemu-kvm userland and kernel is mismatched?
<kirkland> zul: how mismatched?
<kirkland> zul: there are "recommended combinations", I'd say
<kirkland> zul: but modern qemu-kvm should work with most kvm's from the last, say year+ ?
<zul> so should the qemu-kvm use dkms?
<zul> kirkland: okies then
<kirkland> zul: oh, the dailies?
<kirkland> zul: that would be phenomenal for the dailies ...  is the kvm kernel source in the qemu-kvm tarball?  /me checks
<hink> How do i reprocess all messages in the mailq
<ivoks> postqueue -f
<zul> smoser: dude that was quick...the ebs stuff congrats
<zul> ivoks: or you could it the traditional way and telnet localhost 25 and do a ETRN ;0
<smoser> thanks zul.
<smoser> have a nice weekend all
<smoser> i'nm out now
<skettles> ciao a tutti
<skettles> chi mi aiuta?
<skettles> hi all anyone help me?
<skettles> c'Ã¨ qualcuno?
<guntbert> !it | skettles
<ubottu> skettles: Vai su #ubuntu-it se vuoi parlare in italiano, in questo canale usiamo solo l'inglese. Grazie! (click col tasto destro sul nome del canale per entrare)
<skettles> sorry me
<ivoks> !hr | ivoks
<ubottu> ivoks, please see my private message
<ivoks> lol, nice
<acalvo_> hi
<acalvo_> is there any way to monitor the memory usage and output it to a file or so?
<acalvo_> a server started crashing once a day for the last week
<acalvo_> and I want to know which process takes it down
<acalvo_> since it gets hung
<acalvo_> I'm trying to figure out how to detect the process that is eating all the memory
<ivoks> well, there's that thing called oom-killer
<acalvo_> yes, I've seen it
<ivoks> it randomly kills process when there's no memory
<acalvo_> but the server dies always
<ivoks> it dies in the sense you can't connect to it or it freezes?
<acalvo_> I can't connect to it
<acalvo_> but it respond to pings
<ivoks> so it kills ssh :)
<acalvo_> it's a VM
<acalvo_> and I can't log in neither
<ivoks> huh
<acalvo_> http://ubuntuforums.org/showthread.php?t=1421823
<acalvo_> I've posted a question
<acalvo_> and I'd like to know which process is killing it
<ivoks> top -b > logfile
<acalvo_> ok, fine!
<ivoks> funny name fot RealtimeKit user
<ivoks> rtkit
<ivoks> running rtkit-daemon
<ivoks> makes your heart skip a beat
<acalvo_> btw
<acalvo_> ivoks: I guess you're developers of ubuntu, aren't you?
<acalvo_> I've spend the last months around here asking (basic) questions
<acalvo_> and some of you are always here
<Andy-at-home> so webmin isnt going to work on version 9.04?
<Andy-at-home> im logged in and can view the navigation sidebar but no links seem to load
<ivoks> acalvo_: yes
<ivoks> Andy-at-home: webmin ins't something we care about
<ivoks> Andy-at-home: isn't
<acalvo_> working in cloud computing for ubuntu (eukalyptus) i guess
<ivoks> Andy-at-home: but i don't see how non-working web page is caused by OS
<jbroome> wow, the webmin thing is still going on
<Andy-at-home> what would you recommend?
<jbroome> ssh and the CLI like linus intended
<qman__>  /agree
<Andy-at-home> mmm
<_ruben> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ivoks> ebox is cool
<acalvo_> thanks!
<RoAkSoAx> ivoks, applying for UDS sponsorship i guess?
<ivoks> RoAkSoAx: maybe
<RoAkSoAx> ivoks, why not? not going?
<ivoks> i'm planing on moving to redhat
<james_w> hi. I'd like to try the cloud-init/puppet integration, but I can't see how to bootstrap it to tell it to do the puppet stuff. Is it done via user-data?
<RoAkSoAx> ivoks, lol
<ivoks> RoAkSoAx: :D
<RoAkSoAx> seriosly?
<ivoks> of course not :D
<RoAkSoAx> hahaha
<RoAkSoAx> lol
<RoAkSoAx> I will apply but prolly wont get it since I didn't contribute as I expected and as much as I did previous release cycle :(
<RoAkSoAx> cause of my surgeries :(
<ivoks> well, i don't know how they decide
<ivoks> but since it's close, i might even go on a road trip :)
<RoAkSoAx> yeah that's cool
<RoAkSoAx> if i don't get sponsorship i'll probably go back to peru for a few months
<ivoks> sounds like ultimatum :D
<RoAkSoAx> ivoks, yeah from my dad hahaha
<ivoks> 'sponsor me, or i'll go home'
<ivoks> :D
<RoAkSoAx> he doesn't want me to stay in the US through the summer
<ivoks> take care
<ruben23> hi i have lvextend a logical volume, but still i cant see its size what is the next step i should do..?
<ivoks> extend partition
<ivoks> is it ext3?
<ruben23> yes
<ivoks> bah, filesystem, not partition
<ruben23> belogn to vg
<ivoks> resize2fs
<ivoks> it can expand mounted filesystem
<ivoks> so, just fire it ;)
<ivoks> resize2fs /dev/vg/lv
<ruben23> online resizing now
<ivoks> ruben23: and remember, df shows size of filesystem, not a partition
<ivoks> your partition can be 1TB, but filesystem can be 1GB
<ruben23>  ivoks: yes thank you, you save me form doom..
<ivoks> good night everybody
<ruben23> my var LVM is 98 percent on usage-in minute it will be full
<ruben23> goodnight
<james_w> aha, doc/examples/cloud-config-puppet.txt, score
<Jeeves_Moss> are there any good open source managed services platforms that run on Ubuntu? I'm looking to manage Windows/Ubuntu/Mac systems, and I would love to keep it open source
<|Mike|> "huh"?
<Pirate_Hunter> does 8.04 come with lmv2 by default?
<uvirtbot> New bug: #532862 in mysql-dfsg-5.1 (main) "init.d script points to a program named force-reload, which does not exist" [Undecided,New] https://launchpad.net/bugs/532862
<Jeeves_Moss> |Mike| managed services.  google man
<|Mike|> Jeeves_Moss: then i still don't get your question. You're looking for *something* what offers Ubuntu virtual machines to run "services" on?
<Jeeves_Moss> |Mike| nope.  I'm looking for a managed services platform that the main server runs on a Ubuntu box.  Something like N-Able, keyesa, etc
<|Mike|> so basicly you're looking for a managed solution to deploy your (opensource, or licensed) application on?
<|Mike|> (which runs Ubuntu)
<uvirtbot> New bug: #532875 in samba (main) "package winbind 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/532875
<ruben23> hi deleting a directory with a very large size--> what is the best syntaxs should i have..?
<|Mike|> rm -rf bla
<|Mike|> how big is big? :)
<ruben23> |Mike|: hmmm strange i have run like that but the directory was not delete after i have check the next morning.. it 90 GB
<|Mike|> it does contain a lot of files ruben23 ?
<ruben23> yes large number of files, audio recordings
<ruben23> |Mike|: i would like to create a simple script for it to be move to a cifs windows shared directory..but unsuccesful.
<|Mike|> for i in `ls -l a*`; do rm -rf $1; done ?
<|Mike|> (what is a cifs windows share?)
<ruben23> yes
<ruben23> how do i create the script for it..? someone suggested before about Xargs
<|Mike|> they all have the same extension?
<ruben23> no, they have different..coz it an audio files
<ruben23> for every different person recorded
<ruben23> mike sorry for a late reply..
<ruben23> |Mike|:you there..?
<|Mike|> yep
<ruben23>  |Mike|:can i ask help on it, for a simple script
<|Mike|> sure
<|Mike|> pastebin it :)
<ruben23> |Mike|: what should i pastebin.?
<|Mike|> the script where you where working on?
<|Mike|> but what are you trying to achieve with the script? Just remove a directory which contains a shitload of data?
<Pirate_Hunter> wonders if he should be adventurers and use alpha3 for a live server, butterflies in my gut but my mind says yes
<ruben23> im planing to move it to a CIFS shared drive...so my directory would be empty
<ruben23> need script to make it automatic..that i would missed that might my server drive will get full
<|Mike|> (what is a CIFS share ?)
<ruben23> windows shared drive/directory to my ubuntu-server..
<RoAkSoAx> kirkland, is it possible to convert a vmware image into a kvm image?
<|Mike|> ruben23: is it like drag and drop or.. ?
<jbernard> kirkland: byobu_multi.svg seems to have not made it into the deb
<ruben23> yes...mapped to a windows drive directory
<histo> Alright I want to be able to use php's mail function just to send emails on a contact page.
<histo> So I guess I have to install postfix?
<histo> Or someone is suggesting to use the mail function to send thej mail with googles smtp
<histo> Anyone around?
<resno> question about running a mail server. whats involved in config, etc?
<histo> yes like I just need postfix to work withe mail fuction of php. I don't need it for anythign elese
<kirkland> jbernard: well, it's kinda big right now
<histo> Like users aren't going to be connecting etc... And I want it secure so that someone can't start sending spam with it.
<kirkland> jbernard: need to scale it way down
<kirkland> jbernard: takes up too much space
<zroysch> what steps should be taken to verify that a partitions data is completely unrecoverable
<zroysch> before starting over
<histo> I'm going to use ssmtp
<histo> Can you do a server install from the mini.iso?
<histo> man this channel is a hoping place.
<uvirtbot> New bug: #522396 in euca2ools "the version specified in euca2ools setup.py needs to be updated" [Low,In progress] https://launchpad.net/bugs/522396
<uvirtbot> New bug: #523332 in euca2ools "euca-bundle-vol does not check rsync return code" [Medium,In progress] https://launchpad.net/bugs/523332
<uvirtbot> New bug: #525137 in euca2ools "Euca2ools lib should not sys.exit" [Low,In progress] https://launchpad.net/bugs/525137
<james_w> anyone tried to boot the EBS-based AMIs that Scott posted? I'm apparently not authorized, so I wonder if they need to be made public or something?
<veebull> can someone explain how 'internal locked-down USB ports' work?
<veebull> i.e. how are they different from a regular USB port, and why would you use one?
<histo> veebull: internal locked-down usb port?
<AnRkey> I cant find any package for linux-headers-2.6.24-23-server in the 8.04 repos, am I missing something?
<AnRkey> i do sudo apt-get install linux-headers-`uname -r` and I get E: Package linux-headers-2.6.24-23-server has no installation candidate
<qman__> AnRkey, I only see linux-headers-lbm-2.6.24-23-server and linux-headers-lum-2.6.24-23-server
<qman__> though that's an old kernel, you probably want to update to the latest first
<AnRkey> i have been using apt-get upgrade so far
<qman__> upgrade doesn't update your kernel
<AnRkey> never had to install kernel myself
<qman__> you need to use dist-upgrade to do that
<AnRkey> oh ok
<AnRkey> shweet
<AnRkey> thanks, will give it a try quick
<AnRkey> yeah, there it goes
<AnRkey> thanks so much
<qman__> no problem
<AnRkey> i knew i was being stupid :)
<AnRkey> the mirrors are ultra fast at 2am :)
<qman__> I actually cache the packages in squid because I've got so many ubuntu machines here
<qman__> cut overall update time in half
<AnRkey> mine is going through my apt-proxy
<AnRkey> but have not done a 8.04 box in a year so it's got some stuff to get
<qman__> I'm about half and half, 8.04 and 9.10
<AnRkey> 8.04.4 is soooo stable now, i'm a happy camper :)
<AnRkey> 9.10 has been a bit crappy for me
<qman__> looking forward to lucid so I can get all back on one version again
<AnRkey> had to rebuild my mail server after the upgrade
<AnRkey> yeah, lucid is gonna be shweet
<AnRkey> gonna wait till 10.04.1 though
<qman__> yeah
#ubuntu-server 2010-03-06
<qman__> I update the desktops first week or two, wait a little longer for the servers
<AnRkey> 8.04.4 is still rocking for me here
<AnRkey> i ran into a brick wall with 9.10
<AnRkey> i need to be more patient
<AnRkey> waiting is best
<qman__> 9.10 was a bit bumpy for some, personally I didn't have any problems, but I know others who did
<AnRkey> my desktop was shweet
<qman__> I've been upgrading this desktop since 7.10 every cycle
<AnRkey> the thing that got me most upset though was that super+e key can not be bound to nautilus anymore
<qman__> my biggest nitpick is that I really don't like amarok 2, at all
<qman__> and now I can't get a music player I like
<qman__> hoping exaile will get progress soon
<AnRkey> i feel the same way about winamp
<AnRkey> now i dont like winamp either
<AnRkey> i'm on a winblows 7 desktop now
<AnRkey> brushing up on it a bit
<qman__> ah, my windows box runs XP
<AnRkey> 7 is quite nice
<AnRkey> MS got it right
<AnRkey> imho
<AnRkey> i miss 8.04 though
<AnRkey> that was my best
<AnRkey> everything just worked for me
<qman__> I don't like all the junk they added
<AnRkey> maybe was just luck
<qman__> to be perfectly honest, I'd be using windows 2000 if app compatibility wasn't so poor these days
<AnRkey> i removed all the desktop crap and so on
<AnRkey> hehe, i have 17 x 2000 boxes left
<qman__> I only use windows for games anyway, so it doesn't really matter
<AnRkey> i miss the shell
<qman__> yeah, bash is where it's at
<AnRkey> cant wait for lucid, cause then i'm going back
<AnRkey> should know 7 by then
<AnRkey> i often open up cmd prompt and start "bashing" only to realise where i am :(
<qman__> I do the same thing
<qman__> cmd is so useless
<AnRkey> well, with the gnu tools installed i sometimes manage
<AnRkey> it's not the same though :(
<AnRkey> woot
<AnRkey> box is rebooting
<AnRkey> can go sleep soon
<AnRkey> 2:07am here :(
<AnRkey> rolling a blunt before bed quick :D
<qman__> hah
<qman__> it's only 1900 here
<AnRkey> is it friday though ?
<AnRkey> it's sat morning here
<qman__> yes
<AnRkey> then u'r set man :)
<AnRkey> i'm going to shoot stuff with shotguns in the morning, my mates and i are going to a range
<qman__> nice
<AnRkey> hehe, i'm just a 30 year old kid
<AnRkey> winchester 1300 defender
<AnRkey> woot headers are installed
<AnRkey> dude, i owe u one ;)
<qman__> no problem, glad it works
<AnRkey> well make install is running now
<AnRkey> and app is built
<AnRkey> and the barcodes start printing :D
<AnRkey> shweet, now i can go sleep
<AnRkey> k, g'night
<RoAkSoAx> zul, for example, in vsftpd, what should the hook includes besides the conffile? I was putting the .log and that's pretty much it
<RoAkSoAx> is that enough?
<uvirtbot> New bug: #533079 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/533079
<uvirtbot> New bug: #533090 in qemu-kvm (main) "package qemu-kvm 0.12.3-0ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/533090
<herbero> Hi all, so I am reinstalling and re-partitioning my RAID setup after a dismal...dismal failure
<herbero> I wanted to run it by someone to make sure I am doing it right
<herbero> can someone lend me their ears?
<dns53> you can ask, i'm not an expert
<uvirtbot> New bug: #533119 in qemu-kvm (main) "package qemu-kvm 0.12.3-0ubuntu6 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/533119
<dns53> what i have done with my file server is have boot and the os on a separate non raid drive and use raid 10 and lvm on top of that
<herbero> dns53: interesting
<dns53> what you probably should do is have a 100mb boot partition on one of the drives at least, maybe on all of them and copy the data between them
<dns53> grub2  might help with booting problems
<herbero> dns53: so, how woudl that work in the partition editor? I was doing 2G across 2 drives as /boot and then mirroring it, and then RAID 5 across 3 drives so... /dev/md0 was sda1 and sdb1, and RAID 5 was sda2 adb2 sdc2 and sdd2
<herbero> but you are recommending putting /boot on an entirely non-RAID drive or just a non-raid partition?
<dns53> non raid partition at least, i think it is possible to have everything in raid but you could have problems with grub
<herbero> I did last time
<dns53> i bought a cheap hard disk for my os after messing things up before
<herbero> I think if RAID or hd crashes, I could at least salvage /boot from partition 1
<herbero> that is non-raid
<herbero> less to configure too
<dns53> i've heard that you could have a raid 1 /boot partition and have grub installed on both partitions so it is redundant but i have not tried it myself
<herbero> dns53: mine was that, lasted about a year and then MASSIVE grub failure when I lost a disk...I could get RAID 1 back but not /boot or my OS
<herbero> was forced to attempt recovery from livecd
<dns53> did you install grub on both disks?
<herbero> dns53: well, it was mirrored, but only sda1 was set to use /boot
<herbero> so
<herbero> it was on both disks, but really it was established on sda1
<dns53> you should be able to boot a live cd and mount your data
<ninjah> I just installed ubuntu 8.04 i386 and it won't boot on my laptop. It says "This kernel requires the following features not present on the CPU: 0:6"
<ninjah> Any ideas?
<dns53> what laptop? strange error, might be that you have an atom cpu or something
<ninjah> no
<ninjah> think pad
<ninjah> old one
<herbero> dns53: nah a disk failed, and when I resynced must have dones something screwy cuz I had tons of superblock errors and fs errors
<dns53> it was using software raid? and you failed a disk and rebuilt it?
<herbero> dns53: aye
<herbero> dns53: so how does this look for a RAID 5 setup? sda1 2G /boot sda2 500gb K RAID, sda3 498.2gb K RAID, sdb1 2G swap, sdb2 500gb k RAID, sdb3 498.2gb K RAID, sdc1 2G swap, sdc 2 500gb K RAID, sdc3 498.2 K RAID, sdd1 2G swap, sdd2 500g k RAID, sdd3 498.2g K RAID
<herbero> dns53: so /dev/md0 RAID 5 is sda2 sda3, sdb2, sdb3, sdc2, sdc3, sdd2 and sdd3
<dns53> so why sda3, sdb3  sdc3?
<herbero> dns53: I geuss you are right, but I was going to have separate /home / partitions o
<herbero> but I prolly don't need to do that
<dns53> i do that by putting lvm2 on top of md0, so i have a raid of /dev/sda /dev/sdb /dev/sdd /dev/sde in a raid 10, and then have lots of lvm2 partitions split into /home and several storage partitions
<dns53> that will hopefully allow me to buy another 4 disks, create another raid 10, add that to the existing lvm and then increasing the partitions
<herbero> dns53: not sure I can hack lvm on top of RAID, RAID gave me a lot of troubles alone. But I am told LVM makes it easier to switch out volumes as you grow the array and ass stuff gets freaky and weird
<herbero> dns53: is it feasible to just do sda2 sdb2 sdc2 and sdd2 as all mounted /
<herbero> ?
<herbero> I mean, without LVM?
<dns53> you need something to combine the disks, so either raid or lvm
<dns53> i'd prefer lvm but that does not support raid 5
<herbero> dns53: right, but if sda2 sdb2 sdc2 and sdd2 are all RAID, then it should sync everything ...and I will externally backup the rest on my sde1
<herbero> atleast whatever I can fit
<dns53> i think you create a /dev/md0 device, and you can then partition that into partitions
<sherr> ninjah: that error is either you booting a 64 bit kernel, or a PAE kernel (or something), on a machine that does not support it i.e. wrong kernel type.
<qman__> ninjah, how old? "Ubuntu i386" is actually i686, so if your CPU isn't at least an i686 it installs but fails on the next boot
<qman__> you need to install the linux-image-(version)-386 kernel for older than i686
<digitalfiz> i was wondering if anybody knew what setup i had to have to make it so php scripts run in apache would be run under a specified user like cpanel does
<kaushal> hi
<digitalfiz> i herd of suphp but theres baaaad talks about the performance hit you get from it. i dont have a cpanel server to inspect
<Anirban>  [Sat Mar 06 09:34:16 2010] [notice] caught SIGTERM, shutting down .... what does it mean ?
<sherr> Anirban: ? an application (or your machine) has been told it is "shutting down". Normal when you "shutdown" or "restart" (or "terminate" processes). See : man kill
<sivang> hi all
<sivang> mysql-server installation on my 8.04.3LTS box was left without priv tables and with no way to logging in a way that allows creating priv'd users?
<sivang> Anybody has an idea about this?
<sivang> How can I redo the configuration process of dpkg ?
<sivang> dpkg-reconfigure mysql-server does nothing....
<sivang> If this is the default , then this ia  a major critical bug and a show stopper to the LAMP task
<sivang> ah, okay
<sivang> diggin into the postinst revleas the secret
<sivang> thanks all
<sivang> bye
<sivang> back
<sivang> so postinst didn't help at all
<sivang> How can one re-do the root account password setup process ?
<sivang> in postgres packages this can be done with dpkg-reconfigure
 * sivang thinks of the windows way to remove and reinstall the server.
<sherr> sivang: try : dpkg-reconfigure mysql-server-5.0 (or whatever specific number)
<vegar_> Hi, I don't know if this is the right place to ask, but I am trying to find out if there is an UPNP/DLNA server for ubuntu which can stream LastFM radio to its clients?
<vegar_> My TV set supports DLNA and Mediatomb does an excellent job of sharing my videos. It would be plain awesome if I could also make mediatomb stream lastfm music to the tv
<vegar_> I know that mediatomb 0.12 supports scrobbling, but I suspect that's scrobbling/submission only, not streaming
<uvirtbot> New bug: #533352 in openssh (main) "[LUCID] We need "limit" Upstart-ed ssh respawning" [Undecided,New] https://launchpad.net/bugs/533352
<sivang> http://paste.ubuntu.com/389730/
<sivang> any idea nyone ?
<sivang> I purged -common, so conffiles should have reappeared no?
<pwnguin> sivang: did you read the /usr/share/doc/README.Debian.gz?
<sivang> pwnguin: yes
<pwnguin> (I haven't)
<sivang> pwnguin: good as wind cups toi a dead man
<sivang> pwnguin: also reading it would not help get debian-mant back
<pwnguin> ?
<sivang> pwnguin: read it and see
<pwnguin> i dont have mysql installed on any boxes
<sivang> do you know if ubunt's dpkg support --force-confmiss
<sivang> ?
<sivang> like debian does?
<sivang> never mind
<pwnguin> im not sure why it wouldn't
<sivang> well, it does not work :_)
<pwnguin> ebian `dpkg' package management program version 1.15.4ubuntu1 (i386)
<pwnguin> seems pretty new to me
<pwnguin> sivang: how did you do the purge?
<pwnguin> sivang: ive found that apt-get remove --purge won't work if the package is already removed =(
<uvirtbot> New bug: #522509 in tftp-hpa (main) "tftpd-hpa doesn't start on boot" [High,Confirmed] https://launchpad.net/bugs/522509
<knoxville_> how can I give SCP access, but not terminal access, I just want to allow users to transfer files and not commands?
<qman__> knoxville_, http://www.debian-administration.org/articles/94
<qman__> oh, whoops
<qman__> that's old
<qman__> thought that was the right one
<qman__> http://www.debian-administration.org/articles/590
<knoxville_> thanks qman_ I think that is what I needed
<ruben23> hi are there ways i can monitor, whos IP or client are using more bandwidth on my network.....its like a monitoring apps
<knoxville_> ruben23, did you see if any of these would work http://www.ubuntugeek.com/bandwidth-monitoring-tools-for-linux.html
<guntbert> ruben23: iptraf is good
<guntbert> ruben23: knoxville_ had a better idea :)
<ruben23> guntbert: is graphical..?
<guntbert> ruben23: no - not for server :)
<Andy-at-home> guys, i have just received my first VPS that is running v9.04, whats the best way to share desktops?
<Andy-at-home> VNC?
<ruben23> knoxville_: thanks i look on this
<knoxville_> np
<BulleTh0> Hi. I installed 2 internet extra cards a while ago, and it seems are not working properly. I configured them prperly in /etc/network/interfaces, restarted and ifconfig looked ok. If I unplug the first network card, i don't have ping on the ips. If I unplug any of the other 2, I still have ping on each of the 3 ips
<BulleTh0> 2 extra ethernet cards.
<Andy-at-home> guess i choose the wrong linux
<guntbert> Andy-at-home: why?
<Andy-at-home> support not very friendly
<guntbert> !attitude | Andy-at-home
<ubottu> Andy-at-home: The people here are volunteers, your attitude should reflect that. Answers are not always available. See http://wiki.ubuntu.com/IRC/Guidelines
<BulleTh0> So .. for my problem.. there is nobody ?
<Andy-at-home> exactly
<uvirtbot> New bug: #533423 in clamav (main) "package clamav 0.95.3 dfsg-1ubuntu0.09.04~hardy2.2 failed to install/upgrade: dependency problems - leaving unconfigured" [Undecided,New] https://launchpad.net/bugs/533423
<d4n1> hey, anyone active, how do i use UserDir?
<zroysch> what do i do after fscking a partition and it still doesnt mount
<RoAkSoAx> zul, Here is the patch. Could you please take a look at it? lp:~andreserl/ubuntu/lucid/vsftpd/vsftpd-apport-531978 if it is ok, I'll link it to the bug and then, do I need to request FFe
<RoAkSoAx> zul, Here is the patch. Could you please take a look at it? lp:~andreserl/ubuntu/lucid/vsftpd/vsftpd-apport-531978 if it is ok, I'll link it to the bug and then, do I need to request FFe?
<tonedevf> I've got a puzzling situation here... I have a machine running Jaunty server that refuses to work with more than 1 IP addresse at a time.  I've tried the usual methods for binding multiple IPs to one nic, installing multiple nics and binding one IP to each, and i've even tried installing Karmic but to no avail.  Whenever a second eth is brought up, at least one ip stops responding. any ideas?
<tonedevf> It is an older-ish HP server, but this problem occurs both with the original NICs as well as new Intel Pro/1000 nics.  I've got other ubuntu boxes connected to the same switch binding to multiple IP addresses just fine.
<tonedevf> Thanks in advance for any help : )
<sherr> zroysch: maybe try "testdisk" if you want to try data recovery
<zroysch> sherr so theres no way to mount it after fsck's run clean
<sherr> zroysch: no idea. it fails to mount?
<larsemil> anyone got any experience of volktek switchesP
<larsemil> ??
<sherr> if the filesystem corrupt, you either run fsck to fix, or try another recovery method
<eekeek> 'RewriteMap' can go in <Virtual host> tags, but not in <Directory> tags - right?
<sherr> eekeek: unless the apache docs are incorrect, right (http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html)
<eekeek> thanks sherr.
<rich> hello, does anyone have any experience with installing madwifi drivers?
<chocamo> I know basing a server over wireless is bad, but its for my gf just to stream crap. What the best way to setup wireless networking on ubuntu server?
<poningru> chocamo, wpa-supplicant if you are going security
<chocamo> ok thanks
<poningru> for ip stuff use iwconfig
<poningru> and add that to the if-up scripts
<poningru> err rather the essid stuff use iwconfig
<poningru> and for ip stuff use ifconfig like normal interface
<sinisa> hi all
<sinisa> Im trying to install ubunut server 9.10 32bit on my AMD computer and cant get further than startup screen
<sinisa> Ive clicked on a "install ubuntu server" it shows dialog "yinstall/vmlinuz" .. ive clicked "ok" and thats all
<sinisa> anyone?
#ubuntu-server 2010-03-07
<tauren> using ubuntu 9.10 server with KVM installed.  I can list VMs with "virsh list".  But is there a way to list the IP numbers used by the VMs?
<ruben23>  hi anyone setup any apps to monitor squid proxy..?
<jpds> Nagios?
<ruben23>  jpds: have you do it..? its running now..?
<uvirtbot> New bug: #420736 in rabbitmq-server (main) "rabbitmqctl wrapper only checks if being run by root" [Wishlist,Confirmed] https://launchpad.net/bugs/420736
<MTecknology> so, safe to upgrade servers to lucid? :P
<jpds> MTecknology: No.
<dasunsrule> Is it possible to bond two nic's over SSH?
<MTecknology> jpds: sorry, I wasn't serious. I am bumping my laptop up - now I nust need to deal with the other packages
<dasunsrule> of course, without dropping connection
<dasunsrule> ;-)
<dasunsrule> I was thinking this, let me know if you think it will work or not: create necessary config's in /etc/network/interfaces, bind ssh to virtual adapter: eth1:0 and then restart networking services
<MTecknology> oh hurray - so many packages to build :P
<dasunsrule> Anyone have any ideas? Thank you!
<zroysch> sherr: http://pastebin.ca/1826121
<xperia> hello to all. i have a strange problem with my ubuntu server. i have created a symlink in my document root directory that point to my image dir on the usb disk as follow
<xperia> lrwxrwxrwx  1 www-data      www-data           21 2010-02-24 23:54 images -> /media/usbdisk/images
<xperia> now whenever i try to call a image that is stored in that path
<stiv2k> hi, I exported my cups drivers to samba using cupsaddsmb, and it worked fine, but when I try to connect to the printer from windows, it says the server does not have the correct printer driver installed.  What gives?  It works fine if i try to print a test page from cups...
<uvirtbot> New bug: #533601 in bind9 (main) "Apport hook for bind9" [Low,In progress] https://launchpad.net/bugs/533601
<uvirtbot> New bug: #533603 in net-snmp (main) "Apport hook for net-snmp" [Low,In progress] https://launchpad.net/bugs/533603
<DasEi> dasunsrule: I don't think so, in the moment you relaod interfaces, ssh will get lost
<DasEi> btw . if you bind to an inactive bound
<dasunsrule> Ok, let me show you a config and tell me what you think
<dasunsrule> http://pastebin.com/m2FivQxv
<dasunsrule> Since I already have ssh bound to 192.168.56.2, in theory, it should pick up the new config, since it is listening on that address and not a specific adapter?
<dasunsrule> What do you think? I personally think it would be 50/50, but since I am still learning all the intrecacies of linux, I could be way off ;-P
<DasEi> dasunsrule: depends also on the config of ssh, but once, and if for a msecond, the auth get's lost, will need new auth, as the sessionkey get's lost, correct me, I'm no ssh-guru, too
<dasunsrule> at which point, I would have to restart the ssh service :p
<dasunsrule> Can't hurt to try, what it the worst that could happen? Lock my self out remotely? sigh
<dasunsrule> lol
<dasunsrule> :(
<dasunsrule> :p
<dasunsrule> thanks, gotta go
<axisys> how is it that when from my ubuntu laptop's terminal I ssh to one ubuntu server the terminal title changes to the remote server.. but from same ubuntu laptop when I ssh to this other ubuntu server the title of the terminal does not change to the remote server ? what do I have to change on the remote server to behave the same way ?
<axisys> got my answer
<axisys> from Dr_Willis in #ubuntu
<axisys> PROMPT_COMMAND='if [ $TERM = "vt100" ]; then printf "\033k${HOSTNAME%%.*}\033\\" ; fi' this
<Callum__> <axisys> PROMPT_COMMAND='if [ $TERM = "vt100" ]; then printf "\033k${HOSTNAME%%.*}\033\\" ; fi' this - That is a mess... PROMPT_COMMAND="`[ "$TERM" = "vt100" ] && printf "\033k${HOSTNAME%%.*}\033\\"`"
<dns53> does anyone know how to manually mount a dm_crypt partition or start without plymoth or a gui
<ShadeS> hey it seems to hang on 33% of the format part of the installation
<ShadeS> format of the harddisk which it picks up as scsi when it's clearly ide...
<ShadeS> and the caps lock and scroll lock keys keep flashing
<ball> hello chilicuil1
<chilicuil1> hi ball, good evening
<ShadeS> this is really getting irritating
<ShadeS> anyone?
<Khazar>  It is time to put those Haitian jigaboos in their place!  No matter how many times the civilized world donates money, opens schools, rebuilds their nation, and holds their little monkey paws, the damn niggers can never get it right.  They never will!  The same goes for New Orleans!  Cancun in Mexico suffered few fatalities after their major hurricane, and the rebuilding is already completed.  Wha
<Khazar>  t have the niggers in New Orleans done? If you are sick of this, join Chimpout Forum!  http://www.chimpout.com/forum  We welcome all races except for NIGGGGGGGERS!  We are not white supremacists, just negro inferiorists! http://www.chimpout.com/forum
<Callum__> ...
<uvirtbot> New bug: #533660 in samba (main) "package samba 2:3.4.0-3ubuntu5.4 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/533660
<Khazar>  It is time to put those Haitian jigaboos in their place!  No matter how many times the civilized world donates money, opens schools, rebuilds their nation, and holds their little monkey paws, the damn niggers can never get it right.  They never will!  The same goes for New Orleans!  Cancun in Mexico suffered few fatalities after their major hurricane, and the rebuilding is already completed.  Wha
<Khazar>  t have the niggers in New Orleans done? If you are sick of this, join Chimpout Forum!  http://www.chimpout.com/forum  We welcome all races except for NIGGGGGGGERS!  We are not white supremacists, just negro inferiorists! http://www.chimpout.com/forum
<stiv2k> hi, I exported my cups drivers to samba using cupsaddsmb, and it worked fine, but when I try to connect to the printer from windows, it says the server does not have the correct printer driver installed.  What gives?  It works fine if i try to print a test page from cups...
<persia> jussi01: Thank you.
<ubuntuNewBe> hey, i have a queston about ssl anybody here have experience with it?
<ubuntuNewBe> is everybody asleep?
<persia> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<ShadeS> sure does take a long time to login....
<sherr> zroysch: if /dev/md2 does not mount (even with "-t ext2") then I think it must be badly corrupt and the fsck did not fix it. You might get somewhere with something like "ddrescue" or "testdisk". If the data is very important, a data recovery service. Sorry I cannot help.
<quizme> my .bashrc file is not getting read, does anybody know why?
<quizme> i'm loggin in as ubuntu
<quizme> i mean the user "ubuntu"
<persia> quizme: At what time isn't it read?  That isn't supposed to be read at login, but only when bash starts.
<quizme> if i ssh into my server, none of my aliases are available for example
<quizme> persia
<persia> Dunno.  For ssh -> bash I'd expect both files to be read.  Are you running byobu by deafult and not closing your bash session?
<FireCrotch> quizme: is your .bash_profile there? is that being read? does that source your .bashrc?
<FireCrotch> er... actually it's just .profile
<beric> Hello. Can anyone help me install grub on a sata fake raid? I'm trying to install 9.10 and installation fails on boot loader.
<quizme> firecrotch i moved .bashrc to .profile and all is good now
<beric> I get the following error when trying grub-install manually: http://pastebin.com/7wECudUQ
<FireCrotch> quizme: yay :)
<quizme> firecrotch yes thanks.
<FireCrotch> quizme: you're welcome
<sherr> beric: maybe try "/dev/nvidia/chaiadab" device - although I've never installed grub to an LV before.
<beric> sherr: I don't have /dev/ncidia
<beric> nvidia...
<sherr> Ah, OK. I have misunderstood then. What is "/dev/mapper/nvidia-chaiadab"? Some sort of NV RAID?
<beric> yes, "fakeRaid"
<sherr> That might be the problem. I am not sure about current support for these "fake" RAID devs, especially booting (grub) off them, but they used to be problematic.
<beric> I had gentoo installed on it without any proble,
<beric> problem.
<sherr> OK - pass. I would avoid NV RAID on Linux and use Linux RAID (md).
<beric> I think it was grub1 an not grub2. I know I can use linux raid but i don't want to.
<beric> anyway how can I get grub "prompt"
<beric> simply "grub" ask me to apt-get grub
<beric> but I already have grub-pc installed
<beric> what should I do to get that shell like grub /
<sherr> beric: I am not very familiar with grub2, sorry. Personally, I am still not sure that the update to Grub2 has been good. This forums post covers the differences :
<sherr> http://ubuntuforums.org/showthread.php?t=1195275
<sherr> beric: It also discusses uninstall and install of Grub (legacy) - but I would suggest you do not do this unless you understand things i.e. you might end up unbootable.
<beric> It's already unbootable :) Thanks.
<sherr> beric: Besides, might not be anything to do with Grub2.
<n00b13h3r3> hi guyz ;;)
<n00b13h3r3> need help in configuring ltsp server, my concern is on how to setup a directory that can only be mounted by specific user
<n00b13h3r3> anybody here...
<sherr> n00b13h3r3: No idea on LTSP, but "mount" i.e. NFS?
<n00b13h3r3> @sherr, thank you
<sherr> n00b13h3r3: NFS is not the most secure protocol but you can set options in /etc/exports (man exports) on allowed hosts and security options
<n00b13h3r3> @sherr, thinclient users are will be required to connect to a webdav shared folder to their designated mount directory
<n00b13h3r3> been trying to google it for a week now, but haven't found any solution yet :(
<sherr> n00b13h3r3: Apache mod_dav? Has auth options :
<sherr> http://httpd.apache.org/docs/2.0/mod/mod_dav.html
<n00b13h3r3> @sherr, already configured the webdav server side. my concern is for the thinclient users mounting the webdav shared folder into their own designated directory
<n00b13h3r3> my question is this, do i have to modify the /opt/ltsp/i386/etc/fstab and create entry for each user or the main /etc/fstab?
<n00b13h3r3> the /opt/ltsp/i386/etc/fstab does not have any entry, if i'll create an entry on this file and subsequently update the image will it be reflected on the next booting of each thinclient user?
<sabgenton> hey all
<n00b13h3r3> hol sabgenton ;)
<sabgenton> what is the best way to add an address to /etc/resolve.conf
<sabgenton> :DDD
<sabgenton> should i just put echo   address >> /etc/resolve.conf  in a startup script?
<sabgenton> or is there a better way
<n00b13h3r3> @sabgenton you can modify it with sudo nano or sudo vim
<sabgenton> no it will disapear on computer restart
<n00b13h3r3> anybody here have any info to my queries, please
<sabgenton> n00b13h3r3: care to repeat them?
<sherr> sabgenton: then you must be using Networkmanager - go to the properties for the networkmanager connection and add the DNS servers there.
<sherr> n00b13h3r3: sorry - I don'tr know LTSP. maybe ask on the LTSP mailing list?
<sherr> n00b13h3r3: I don't know (don't think) you can add DAV mounts to /etc/fstab.
<sabgenton> sherr: no gui
<sabgenton> this is server
<sabgenton> sherr: basicly  I want to set localhost as a nameserver
<sabgenton> as I have bind
<sherr> sabgenton: a) does the resolv.conf contain any mention of "edited by" something else? and b) is networkmanager running or installed?
<sabgenton> but I want to have it apear all the time
<sabgenton> resolv.conf is overwriten all the time
<sabgenton> sherr: ppp puts entrys in resolve.conf
<sherr> sabgenton: do you need PPP?
<sabgenton> sherr: the easy thing i can think of is to add  echo nameserver <ip> >> /etc/resolve.conf
<sabgenton> sherr: yes
<sabgenton> sherr: given my resolv.conf gets overridden can u see a better way to add a permanent address?
<sherr> sabgenton: Well, appending the correct one only gets overwritten by PPP later. So best to stop PPP writing to the file in the first place.
<sherr> Check thye PPP configuration - maybe remove the option that gets DNS from the server, or writes the resolv.conf.
<sabgenton> hmm actally I only need it as a backup for if ppp doen't add it
<sabgenton> but I see your point
<sherr> pppd has a "usepeerdns" option - maybe you do not want this set.
<sabgenton> sherr: I spose I should incorperate ppp into  /etc/network/interfaces
<sabgenton> sherr: where do I set that?
<n00b13h3r3> @sherr, thanks
<sherr> sabgenton: check the man page for pppd. Tells you about all the options, and files you can set them in.
<sabgenton> ok found it
<sabgenton> in my ppp script
<sabgenton> sherr: does usepeerdns mean ask the ISP for its dns and use that?
<sabgenton> peer = ISP ?
<sherr> yes
<sabgenton> sherr: so if I turn that of  ppp won't edit and add nameservers to resolv.conf
<sabgenton> of=off
<sherr> sabgenton: I think so but it has been a long time since I used pppd. Lots of docs all over the web about it. Maybe check that /etc/resolv.conf isn't linked to /etc/ppp/resolv.conf etc. Anyway - try/test.
<sabgenton> k
<sabgenton> sherr: most helpfull thanks
<sabgenton> sherr: is there a way i can add this all to  /etc/network/interfaces so it writes  to /etc/resolve.conf allong with my additional address
<sabgenton> I'm guessing that would be the proper ubuntu way to do it
<sherr> sabgenton: yes, I think that's possible but I'd have to research it myself. As I said, not used PPP for years and never on Debian/Ubuntu. maybe check the Debian reference manual?
<sherr> http://www.debian.org/doc/manuals/debian-reference/ch05.en.html
<sabgenton> sherr: what distro?
<sabgenton> out of interest
<sherr> sabgenton: You mean when I used PPP? Maybe original Redhat - but this was 10 years ago.
<sherr> At that time, the secret with networking was - get it working and *don't touch it*!
<sabgenton> :)
<sherr> PPP can be a nightmare (chat scripts etc.). ...
<quizme> how do i make my id_rsa.pub file have a different username (cuz they all say ubuntu@localhost )
<sherr> quizme: I think that's who you are - logged in as "ubuntu" and no set hostname?
<sherr> Live CD?
<sherr> You can use the "-c" option to ssh-keygen I think - see : man ssh-keygen
<quizme> sherr i'm logged in as ubuntu and no set host name yes
<sherr> -c only for RSA1 keys. Else re-generate and use -C
<quizme> sherr thanks i'll try
<quizme> sherr that worked thanks
<royk> hi all. anyone that knows how I can configure automounts for usb devices and so on?
<sherr> royk: you mean automatically mount a USB when it is plugged in?
<royk> yeah
<sherr>             to=>$MAIL_TO,
<sherr>             cc=>'',
<sherr>             from=>$MAIL_FROM,
<sherr> oops
<sherr> royk: it can be hit or miss I think, depending on format, device etc.
<sherr> royk: maybe investigate using "auto" in fstab, alongside a UUID or LABEL on a USB device.
<sherr> royk: Maybe using udev to probe for identifiers on a plugged in disk
<royk> I mean, on an ubuntu desktop, things are automounted fine. is it gnome doing this?
<J-new-to-u> so... can someone who knows vpn systems in linux well please pm me
<J-new-to-u> i am really confused trying to cnnect to a symantec vpn i can get it to work through a vm xp but not in native linux...
<royk> J-new-to-u, ask a question, don't ask people for a chat
<Achab> I never understand the advantage of VPN on NFS
<royk> J-new-to-u, if trying to connect from an ubuntu desktop, ask again on #ubuntu, but again, ask a question, not merely help me
<royk> Achab, ?? vpn on nfs?
<J-new-to-u> i asked the same question in ubuntu and was told to ask here
<royk> I saw that
<sherr> royk: yes, I think the auto-mount magic is Gnome (or gvfs perhaps)
<royk> but you didn't ask for help, but merely for a chat
<J-new-to-u> i asked multile times in different ways
<royk> well
<J-new-to-u> but no one had an answer.
<sherr> Achab: NFS is very insecure, so a VPN might help secure it over an insecure network.
<royk> sherr, nfs with kerberos isn't very insecure
<J-new-to-u> i tried openswan strongswan cisco openvpn and even installed shrewsoft vpn connection manager nothing i do seems to work
<Achab> Is inscure?
<Achab> enter in my LAN
<J-new-to-u> but it works fine with the software from symantec from within a vm of x
<royk> J-new-to-u, if trying to connect from an ubuntu desktop, don't ask here. it's a server channel
<J-new-to-u> xp
<sherr> J-new-to-u: what technology *is* symantec vpn? No point installing random VPN tech and hoping ...
<royk> ipsec+l2tp or pp2p?
<royk> or ssl?
<J-new-to-u> ipsec
<royk> with l2tp
<J-new-to-u> yes
<royk> then just choose that technology on your desktop setup and you should get through quite easily
<royk> still, this is a server channel
<J-new-to-u> well sorry if i wasnt redirected here i wouldnt be inconveniencing you with my new to linux networking issue
<J-new-to-u> thanks for your time though
<sherr> J-new-to-u: ipsec can be painful - but you will need keys/certs from your admin. Try asking in the forums :
<J-new-to-u> i will thanks
<sherr> J-new-to-u: Include information on the actual Symantec VPN e.g. product info. Good luck.
<sherr> royk: re: NFS - I meant to say "NFS is *not* very secure" above ... ughh :-/
<persia> royk: The desktop stuff happens in nautilus.  There are tools that don't require a desktop, but most are written to target desktop environments.
<royk> persia, thanks. I'll look into that
<royk> persia, wrong channel, but do you know how I can have nautilus automount a nilfs partition? linux has no problems with it, but nautilus doesn't recognize it
<persia> royk: No idea.
<royk> k
<Stargaze> can somebody please do nmap gbachot.homelinux.com?
<sherr> Stargaze: http://pastebin.com/KjH403UX
<uvirtbot> New bug: #533781 in bind9 (main) "[bind9 packaging]  DNS no longer works after uninstall" [Undecided,New] https://launchpad.net/bugs/533781
<Belloto> hello, I am trying to configure Apache server access log; I am looking into /etc/apache2/apache2.conf and I do not find any "CustomLog " lines ... but for some reason my server is already logging into /var/log/apache2/ ... is this normal?  I understand it should not be logging by default
<Belloto>  how do I stop my Apache 2.2.8 server creating access.log files?
<qman__> Belloto, the log files are defined in the site configuration files, in /etc/apache2/sites-available/
<Belloto> thanks a lot!! ... shouldn't this be mentioned in http://httpd.apache.org/docs/2.2/logs.html#accesslog  ??
<guntbert> Belloto: have a look at https://help.ubuntu.com/8.04/serverguide/C/web-servers.html
<Belloto> by the way, I do have a line "ErrorLog /var/log/apache2/error.log" in both /etc/apache2/apache2.conf and /etc/apache2/sites-available/default ... why twice?
<Belloto> thanks I will check it out right now
<Belloto> very helpful info, thanks guntbert and qman__
<guntbert> Belloto: have fun
<willem-jan> hi
<willem-jan> is it possible to startx through ssh?
<willem-jan> it should run on the server itself, so I guess ssh -X does not apply
<MTeck> so.. I locked myself out of my server with ufw because I'm somewhere else (coffee shop). I established the connection to the router (pfsense) with OpenVPN but now I can't open the pfsense web ui or ssh into any of the internal servers which should just see me as a 192.168.3.x addy..  any connection to 192.168.x.x times out though :(
<MTeck> tun0   inet addr:192.168.3.6     wlan0  inet addr:10.0.0.216
<MTeck> GR!
<hans67521> hi everyone
<MTeck> hi
<hans67521> id like to create a custom install cd with ubuntu server with my own startup scripts and config
<hans67521> is this possible
<hans67521> id like to create an iso install image
<MTeck> it's possible, i never did it though
<MTeck> I think you normally want the alternate cd for that though, then you customize packages and such
<qman__> MTeck, looks like you didn't push the route in your openVPN config
<qman__> there's two ways to set up openvpn, one (routed) puts you on a private subnet with DHCP from the VPN server, the other just bridges you to the LAN the VPN server is on
<qman__> in either case, if you want to access networks besides the one you get an address from, you have to add them to the openvpn config
<qman__> you might be able to get to the other network if you manually add a route
<MTeck> qman__: it's been working before I moved to 10.04; but I haven't tried since the upgrade until now
<qman__> pastebin the output of route -n
<MTeck> I've never been outside the ssh allow range until now :P
<qman__> on the client
<MTeck> http://pastebin.com/CwqUs2yB
<qman__> yeah, it's not routing you
<MTeck> qman__: this is my openvpn config  http://pastebin.com/RSzGJwQD
<qman__> sudo route add 192.168.3.0/24 gw 10.0.0.1
<MTeck> it complained about the usage
<qman__> hmm
<MTeck> netmask 000000ff doesn't make sense with host route
<MTeck> qman__: sorry/....
<qman__> it's doing it here too, not sure what's wrong with it
<qman__> but that route needs to get pushed to the clients if you want access to the 192.168.3.0 network
<MTeck> I forgot I should have the connection open still when running route     http://pastebin.com/aKch83WY
<qman__> ah
<histo> What is the current server kernel? My server is installing both generic and generic-pae
<histo> but booting the pae kernel
<histo> I'm so confused by which kernel should be running and why its installing two for each update?
<qman__> histo, both of those kernels are current, just different versions
<qman__> one is pae and one is non-pae
<histo> What happened to the -server kernel?
<histo> and what is pae?
<qman__> physical address extension
<qman__> it's a memory management technique that allows 32-bit kernels to use more than 4GB of address space
<histo> I have linux-image-generic linux-image-generic-pae and linux-image-server installed by default.
<qman__> and more than ~3.5GB of RAM
<histo> qman__: Ah I don't have that much ram.
<qman__> MTeck, your routes look okay, the servers you're trying to access are on 192.168.1.0?
<histo> Isn't there a server kernel anymore?
<qman__> histo, the server kernel is going away, not sure if it's in karmic or not but it won't be in lucid
<MTeck> qman__: ya, 192.168.1.0 specifically
<histo> qman__: any idea why they still ahve a pae package then?
<MTeck> qman__: I also can't get to 192.168.1.1....
<histo> qman__: sorry i meant linux-image-server package
<qman__> histo, probably in order to not break setups that depend on it
<histo> qman__: So I should just run the generic kernel
<histo> qman__: also can I remove the kernel i'm currently booted in?
<MTeck> histo: just do update-grub
<histo> MTeck: for what?
<MTeck> histo: the kernel you're using is in ram now
<qman__> histo, you can, but it's not a good idea because if the new one you install doesn't work, you won't have anything to fall back on
<histo> qman__: I know the other one works
<qman__> histo, suggest removing all kernels except the one running, and installing the one you want
<MTeck> histo: if you rememove it; grub will still try to boot to that one
<histo> qman__: I just want ot get rid of the pae kernels
<histo> MTeck: grub-update runs after removing it.
<MTeck> oh
<MTeck> I'm too used to my own kernels :P
<qman__> histo, you should be able to remove all the -pae kernels without issue if you're not running one now
<histo> removing the pae kernels wants to remove the -server packages so i'm assuming thats goign to be the new -server kernels
<qman__> histo, probably, since servers are the most likely to need pae
<histo> qman__: well not anymore that ram is so cheep but.
<histo> to each his own. I'll jsut leave it the way it is
<qman__> histo, pae is only needed on 32-bit, modern systems are all 64-bit
<qman__> but there are plenty of older 32-bit servers capable of using more than 4GB of RAM via pae
<qman__> MTeck, I'm not sure exactly what's going wrong with it, the client end looks fine
<qman__> MTeck, a while back I had the same problem every time my VPN server installed updates for some odd reason, and a reboot fixed it
<qman__> but that hasn't happened in a while, so I guess they fixed that issue
<MTeck> qman__: I guess they're probably blocking the vpn traffic or something....
<qman__> MTeck, possibly, or they might have a routing issue on the other side
<MTeck> yay coffee shop wifi :P
<qman__> oh, not the coffee shop
<qman__> if you're connecting and staying connected the VPN is working
<qman__> the problem's either on the VPN server or on the network you're trying to access
<MTeck> I thought this was right - but still can't get in -_-       sudo ufw allow from 71.39.27.14 port 22 proto tcp to any
<qman__> for direct internet SSH, sure, but not over the VPN
<MTeck> right
<MTeck> I finally got the other admin on irc
<MTeck> I made him run that but I still can't get in
<qman__> well, I don't use ufw, so I'm not sure if that's correct
<qman__> but if it didn't throw an error I'm guessing it worked
<hans67521> is the ubuntu customization kit only for livecd?
<hans67521> can i not use i for a custom install cd
<hans67521> ?
<stiv2k> hi, I exported my cups drivers to samba using cupsaddsmb, and it worked fine, but when I try to connect to the printer from windows, it says the server does not have the correct printer driver installed.  What gives?  It works fine if i try to print a test page from cups...
<MTecknology> qman__: ufw disable; thanks :)
<qman__> stiv2k, windows gets its drivers from the magical print$ share, in a pretty bizarre format
<qman__> I've never actually gotten it to work myself
<stiv2k> qman__: yeah, and it works fine for my HP officejet, but this printer wont accept the driveres that were put in thee print$ share by cupsaddsmb
<stiv2k> in there*
<qman__> I spent weeks trying to get it to work, gave up and now all my printers are shared on an old win2k laptop
<stiv2k> this keyboard likes to type e twice a lot
<stiv2k> qman__: lol
<stiv2k> qman__: wtf man, why is printer sharing so hard >:(
<qman__> for linux clients, it isn't
<stiv2k> true
<stiv2k> it's super easy in fedora, the driver installs itself
<qman__> but even my old solution isn't going to work much longer
<qman__> windows 7 hates it
<qman__> and it doesn't support 64-bit windows drivers, I still have to point it to a copy I have on a regular share
<qman__> also, since it's a PII thinkpad that scales itself to 10MHz when it idles, it takes like five minutes to print
<qman__> so I'm going to need an upgrade
<stiv2k> qman__: so what's the new solution?
<stiv2k> qman__: sharing it on a windows 7 machine?
<qman__> probably a 2003 64-bit server
<qman__> or if I can get a good deal on a windows 7 netbook
<stiv2k> that's freakin ridiculous
<stiv2k> why should i have to get a whole new machine just to fully support windows printing
<qman__> not sure if 7 will let me add other driver versions though
<qman__> yeah, it is pretty ridiculous
<qman__> I've tried several times but I just can't get it to work
<qman__> also, I have to support one canon printer that doesn't have any linux drivers at all
<qman__> so I have to have a windows box sharing that anyway
<stiv2k> ah
<stiv2k> hmm
<stiv2k> i need to come up with some beteter solution
<stiv2k> qman__: i was thinking of putting the driveres for all OS's on a samba share and just having users go to "Have Disk" and select the file from the samba share to install the printere
<stiv2k> so i dont have to try to struggly with the automatic driver downloading that only works for some versions of windows
<stiv2k> struggle
<qman__> that's what I do now for the 64-bit windows, it works fine
<stiv2k> a year ago, all windows machines here were XP, now its mixed between XP/Vista/7
<stiv2k> and of course linux
<stiv2k> ;)
<qman__> 7 is super picky about the share security too
<qman__> I had to do some policy changes and registry hacks to get it to connect to my 2k server
<stiv2k> thats sketchy
<qman__> vista worked fine, though
<qman__> but yeah, don't buy canon printers
<qman__> no linux drivers
<qman__> I like brother printers myself, and HPs work pretty well too
<stiv2k> xerox seems to work good
<stiv2k> the automatic driver downloads USED to work for it but something happened along the way
<stiv2k> either in their drivers, in XP, or in cups/samba
<stiv2k> that made it stop working
<stiv2k> :
<stiv2k> i had to take the whole machine apart yesterday to remove a massive clump of paper that was lodged in the fuser unit
<stiv2k> but now it works
<uvirtbot> New bug: #533992 in postfix (main) "package mailx 1:20081101-2ubuntu1 failed to install/upgrade: problemas de dependencias - se deja sin configurar" [Undecided,Invalid] https://launchpad.net/bugs/533992
<lifeless> kirkland: https://help.ubuntu.com/community/UEC/PackageInstall#STEP%203:%20Install%20and%20Configure%20the%20Node%20Controller%28s%29
<lifeless> kirkland: I think that that ordering is bong.
<lifeless> kirkland: reread it with fresh eyes ;)
<quizme> hey guys i just installed a new linode 9.10 64 bit instance.  which sources should i add to my /etc/apt/sources.list
<quizme> multiverse or something like that ?
<uvirtbot> New bug: #341817 in dhcp3 (main) "dhcpd wont start due to rndc.key permissions" [Undecided,Triaged] https://launchpad.net/bugs/341817
<MTecknology> How can I make /etc/skel so when a new user is created no other user can browse any files in that users home directory?
<pwnguin> MTecknology: i was just wondering the other day about /etc/skel
<pwnguin> the most documentation on it i can find is useradd
<pwnguin> perhaps a trip through the source is in order
<Volkswagner> greetings
<pwnguin> MTecknology: any guess on how to create a public_html in /etc/skel such that www-data permissions are preserved?
<Volkswagner> Can someone advise:  9.10 Alternate CD fails to configure network, yet in console dhclient will aquire ip address from my router?
<Volkswagner> Cisco airo_cs and airo are both loading fine.  I tried two different downloads and cd burns, md5 check out
<pwnguin> i forget. how does one determine which package is owned by a binary like useradd?
<Volkswagner> Actually I should say fails to properly recognize the card, seems to crash in the "detect network hardware"
<MTecknology> pwnguin: it's been years since I touched /etc/skel...
<pwnguin> well, im digging through source as we speak
<pwnguin> adduser's anyways
<pwnguin> useradd is next
<Volkswagner> Yet after running dhclient in console, going back to installer, it tries to configure eth0, which is the correct interface
<pwnguin> MTecknology: which tool are you using to create accounts?
<MTecknology> pwnguin: useradd
<pwnguin> $tree =~ s:^/*(.*)/*$:$1:; # chop off leading & trailing slashes @path = split(/\//, $tree);
<MTecknology> pwnguin: I think you'd want to do mkdir /etc/skel/public_html; chmod o+rx /etc/skel/public_html
<pwnguin> thats from adduser =(
<pwnguin> MTecknology: well, that and chgrp www-data, and chmod g+s
<pwnguin> i wasn't sure if the tools would strip that out
<MTecknology> pwnguin: I think it only changes if it's set to root - best guess
<pwnguin> well, i think if you chmod g-x /etc/skel
<pwnguin> that should remove execute from skel
<pwnguin> do the same for world
<pwnguin> but, how would that work with ssh keys
<pwnguin> MTecknology: have you thought through the implications of your permission scheme?
<MTecknology> pwnguin: for o-rw ?
<MTecknology> pwnguin: ya... I don't know how ssh keys will continue to work. My guess is they won't. However, I don't intend to allow ssh to come in for those users anyway so I'm not worried about it. FTP only for those
<MTecknology> but then I'll have the fun task of making ftp work :(
<pwnguin> you could maybe restrict login shells to scp
<MTecknology> nah; I have to explicitly add them to a group allowed to ssh in before anyone has ssh access.
<MTecknology> I like that and ftp gives them a crap load of inability to do anything
<pwnguin> http://paste.ubuntu.com/390682/
<MTecknology> I'm debating letting them come in at all
<pwnguin> thats what adduser executes, im sure useradd does something simliar
<pwnguin> actually thats for copied files
 * Volkswagner was sent here from #ubuntu.... hoping someone can help, as I have tried several other releases, each with unique caveats!
<pwnguin> -d $done || mkdir($done, $default_dir_mode) || return 0;
<pwnguin> my $default_dir_mode = 0755;
<MTecknology> Volkswagner: that's ntoa server related
<pwnguin> cannot be done via adduser
<MTecknology> Volkswagner: that's ntoa server related question. I'm not sure why they sent you here..
#ubuntu-server 2011-02-28
<iggi> Anyone here good with libvirt (#virt on OFTC is dead) I am having some issues that seem to be permissions based, but cant figure out where I went wrong
<mcloy> i was in a veiw that macbooks would be better in battery time... but i dont know if they can run windows standalone?
<Pici> mcloy: What does that have to do with this channel?
<mcloy> users
<airtonix> and  ?
<airtonix> i'm sorry did i just walk into #apple-server ?
<mcloy> #apple
<lifeless> iggi: folk generally won't own up to knowing stuff
<lifeless> iggi: rather than asking if someone knows, ask the actual question
<twb> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<twb> Most of what I say is already in the bot :-P
<lenios> !details
<ubottu> Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<MadHaTTer_000> whos asking what?
<extra11> what is the file handle default set at? I want to run a server that can handle more than 10k connects and I heard the limit needs to be increase
<extra11> and set accordingly
<iggi> OK, I will ask the question: I have an iscsi storage server, which I mounted by means of fstab to /VM. I changed the default storage pool config to have /VM as my location for all my disk images, but when I try to do virsh pool-start default it gives me permission denied. This happens even when libvirt-qemu:kvm as the owner and 777 permissions, I don't get it. I tried setting the default
<iggi> location back to /var/lib/libvirt/images and it started without a problem. I further tested a symlink from /var/lib/libvirt/images to /VM (with 777 permissions set) and no dice. Also, as a note I am able to boot and run images located in /VM by means of searching for the image locally in virt-manager.
<nertil> i have 2 websites in my ubuntu runing with apache
<nertil> is there a way to monitor them
<nertil> ?
<twb> nertil: yes.
<folklore> nertil your best bet(if I understand you correctly)
<folklore> is use php,python etc...
<folklore> plenty of scripts out there
<folklore> that show stats or whatever you need
<nertil> okey
<folklore> nertil if you give more details maybe someone else will have an answer
<nertil> well i like something that monitor my two websites, so two in one if u understand
<nertil> to access them easy with one click or whatever
<nertil> the point is i dont want everytime i sit on my pc
<nertil> to write the address to access them
<nertil> i want something that will access easy and know everything about them
<nertil> monitoring at all
<nertil> every kind of help will be apreciated
<folklore> nertil directadmin maybe
<folklore> or cpanel should do everything you want
<nertil> let me read about them
<folklore> the latter is much more popular but costs $$
<folklore> the former I think is free
<nertil> directadmin is free?
<twb> cpanel is more for holistic administration than simple availability or performance monitoring.
<folklore> nertil think so, check out their site, www.directadmin.com I think
<nertil> no they are with money
<nertil> i use phpmyadmin
<nertil> but that is for databases
<hallyn> ok i'm getting cranky.  I keep getting 'max connection rate 2/60s' msgs from anvil/postfix, even though I set smtpd_client_message_rate_limit = 100 in main.cf.
<hallyn> how else am i supposed to get rid of the connection rate?
<hallyn> limit
<nertil> folklore
<nertil> 2 with money:)
<folklore> I guess directadmin removed their free version
<nertil> http://www.directadmin.com/pricing.html
<nertil> so any free one?
<twb> hallyn: dunno; try #postfix
<hallyn> doh
<hallyn> i think, maybe, it's telling me the statistical max, not the limit enforced :)
<hallyn> twb: good thought, thanks
<twb> NP
<hallyn> i coudln't tell if there's just a rare quiet spell on lkml, or if i'm having troubles
<MadHaTTer_000> anyone care to help me get unbanned from a server?
<MadHaTTer_000> or is that to off topic?
<folklore> Mad what kinda server
<MadHaTTer_000> irc
<MadHaTTer_000> i never been on it before and im already banned...???
<MadHaTTer_000> it says i match a spammer pattern
<twb> MadHaTTer_000: try #freenode
<twb> MadHaTTer_000: or wherever that channel's topic directs you.
<MadHaTTer_000> no its not a room its a server
<folklore> MadHatter they probably use efnets ban list or whatever, wish servers would stop doing that, nothing against efnet operators but they're not the type of people you trust with that kinda thing
<folklore> MadHatter all you can do is email someone from the network
<folklore> if you know the banlist you're on its possible you can manually remove yourself on the the site
<twb> Not spamming usually helps, too :P
<MadHaTTer_000> :P
<MadHaTTer_000> i dont spam as i said i never been to the server b4
<folklore> Mad does the kline message give a link?
<folklore> or an email address
<MadHaTTer_000> kline@axenet.org yes but with the kline emails on other servers it seems like their never checked
<nertil> how to fix this message
<nertil> apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.2.111 for ServerName
<membrex> does anyone can help me to reamstering ubuntu server 10.04 with GUI inside
<patdk-lap> what is a reamstering
<patdk-lap> and if you want gui, install desktop instead
<patdk-lap> nertil, fix your hosts file, or dns
<patdk-lap> but in almost all cases, you can just ignore it
<membrex> i mean remastering
<membrex> because i want to reamstering ubuntu server 10.04 GUI inside with minimal application
<nertil> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<nertil> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<gratidude> nertil: Ensure your FQDN is specified in your /etc/hosts file, e.g. "x.x.x.x hostname.abc.com hostname"
<nertil> ok
<twb> patdk-lap: I think he wants to roll a new ISO that contains GUI packages in the pool, and a preseed to install them by default.
<twb> I don't know *why* he'd want that, because you can just provide a separate preseed file, and pull down additional packages from the network.
<twb> Maybe he's shipping the ISO to people who don't have internet
<patdk-lap> ya, no idea what he wants :(
 * patdk-lap wonders exactly how you get a minimal gui though
<SpamapS> isn't that what live helper does?
<twb> membrex: investigate "jigdo", which is a tool to create install CDs.
<twb> SpamapS: that generates live CDs.  I assume he wants an install CD.
<twb> SpamapS: and it's called "live-build" now :-P
<membrex> soryy im newbie
<SpamapS> right
<membrex> but i have job to remastering ubuntu with minimal package incisde
<twb> SpamapS: last time I looked live-build wasn't tested on Ubuntu; do you have experience to the contrary?
<membrex> inside
<membrex> pckage that i want to include on new remastering distro is LAMP,firrefox, a lot off cms
<twb> membrex: why?
<SpamapS> twb: yes I have seen live-build used to great success just 2 days ago..
<twb> SpamapS: OK, cool.
<twb> SpamapS: oh, I bet it uses casper for ubuntu
<SpamapS> twb: kirkland built a maverick live cd that runs a nice little eucalyptus demo
<SpamapS> yes it uses casper
<membrex> because the finnaly result will be delivery for education purpose that dont have any internet connection (to be intranet school server )
<twb> Probably what I'm remembering is live-boot and live-config not working so well on Ubuntu
<SpamapS> dunno
<SpamapS> casper, last I checked, had a mountain of unfixed bugs
<twb> I don't think anyone is working on casper
<twb> Certainly live-boot kicks its ass on Debian
 * SpamapS does a little dance
<SpamapS> I finally got "disable touchpad while typing" working!!!
 * SpamapS has been fighting that for 6 months. :-/
<twb> SpamapS: synclient?
<twb> syndaemon -Rd
<twb> ...DTRT for me
<SpamapS> the issue was that I was using multitouch drivers
<SpamapS> which wouldn't listen to syndaemon
<twb> Ugh
<SpamapS> Apparently they do in the newest versions..
<twb> Are these in non-free or something?
<twb> I haven't seen em
<SpamapS> but I'm holding off upgrading any further in natty until I get back home.. I don't dare upgrade X while on the road. ;)
<SpamapS> no they've been in xorg for a long time
<SpamapS> since early maverick cycle
<twb> I hear you, man.  I'm still avoiding upgrading eeepc-acpi-scripts to the new acpi-scripts-based one
<twb> Oh, yeah, xserver-xorg-input-multitouch <none> 1.0~rc2-2
<twb> First added in November last year.
<SpamapS> yeah.. some things are kind of cool.. but not worth not being able to type without wanting to kill somebody when you click send with a message content of 'r'
<twb> The easiest fix would be to not use X except for banking
<twb> That way the touchpad is automatically disabled
<SpamapS> :)
<twb> (Unfortunately my stupid CU's online doodad doesn't work with edbrowse :-/ )
<SpamapS> I've oft considered going back to mutt + elinks ;)
<SpamapS> but.. these sliding windows are just so pretty
<MadHaTTer_000> whats tyhe command to change the dns servers im currently running off?
<jmarsden> MadHaTTer_000: edit the file /etc/resolv.conf as desired
<MadHaTTer_000> thanks agai9n
<jmarsden> MadHaTTer_000: You're welcome.
<MadHaTTer_000> hey that didnt work still dialing the wrong dns
<jmarsden> MadHaTTer_000: dialling?  running off != dialling ...
<jmarsden> You don't "dial" a DNS server, normally :)
<twb> jmarsden: it might be running radius and pppd as well :P
<jmarsden> twb: It might be runnig mgetty-voice, too :)
<twb> Ooh
<jmarsden> MadHaTTer_000: pastebin /etc/resolv.conf somewhere we can see it, please.
<twb> apt-file finds nothing called "mgetty-voice" on my system...
<uvirtbot> New bug: #726348 in squid (main) "squid's maintainer scripts call start/stop directly instead of using invoke-rc.d" [Undecided,New] https://launchpad.net/bugs/726348
<folklore> hows ubuntu server compare to freebsd
<folklore> any tried multiple, can give any insight
<jmarsden> folklore: They both work well.  Use the one you know better.  This channel is for Ubuntu server support.
<folklore> jmarsden do I need to change anything in ubuntu server righout the box to allow more than 10k connections?
<folklore> i'm not a huge linux person
<jmarsden> Then use BSD :)
<twb> folklore: 10k connections of what?
<folklore> twb concurrent, I wanna run some server software I wrote and it handle 10k if it needs too
<iggi> I can't imagine a connection limit at 10k, but I could be wrong
<folklore> I heard there was an artifical limit in terms of file handles or something that might block that
<SpamapS> c10k is old school... now its c1k, w/ 10 nodes in the cloud. ;)
<SpamapS> no
<SpamapS> there is no artificial limit
<SpamapS> linux's epoll in many ways has surpassed freebsd's kqueue .. the old stories you hear about linux concurrency issues were mostly just that.. stories.
<folklore> alrighty, i'll try and stress test it to see if I can get there, so thanks
<folklore> yeah my software uses epoll
<folklore> and glib thread poolin
<SpamapS> folklore: have seen a linux box w/ apache worker doing proxy for about 15,000 clients at once..
<folklore> doesnt apache spawn forks or something though?
<SpamapS> folklore: this isn't that hard to test though. :)
<SpamapS> no
<folklore> guess another story I read
<SpamapS> apache prefork does
<folklore> lol
<SpamapS> apache worker spawns processes that spawn threads
<folklore> oh
<SpamapS> and apache event spans only threads
<SpamapS> spawns
<SpamapS> still, apache isn't known for massive scale when compared to some other daemons.. but 15k conns w/ minimal tuning is possible
<folklore> I wanna scale it to the max
<folklore> hope ubuntu server can do that for me
<SpamapS> fire up amazon aws.. pay about $5 and you can test the crap out of linux w/o any hardware. :)
<SpamapS> or use rackspace cloud and pay $4 for the same thing ;)
<MadHaTTer_000> @spamaps doesnt tornado offer the same thing ur paying money for for free?
<iggi> When I try to start the storage pool with virsh pool-start I get permission deined, even with chmod 777 on the pool
<twb> And prefork is only necessary if you're daft enough to run PHP
<twb> iggi: is your user in the appropriate group?
<JanC> well, prefork has other advantages too  ;)
<twb> JanC: you mean like heating a room?
<JanC> on linux processes don't have that much overhead over threads, but offer a lot more separation
<MadHaTTer_000> iggi did u try chmod +x?
<twb> Hum
<MadHaTTer_000> and did u run chmod as root?
<twb> The fill up my precious process table, though
<MadHaTTer_000> ha
<MadHaTTer_000> my prescious
<twb> It's already huuuuge
<twb> http://paste.debian.net/109092/
<twb> Incidentally, anybody know how to suppress those kernel threads from top(1) listings?
<JanC> twb: both processes & threads are kernel tasks...  ;)
<JanC> are tasks in the kernel, I mean
<twb> JanC: yeah, but I mean I want to list only userspace procs, i.e. suppress that [jdb-213:8] stuff
<JanC> twb: in htop it's 'K'
<twb> Bah
<twb> I'm not a fan of htop, apart from it being able to show the tree (i.e. like ps f)
<JanC> I like it because it has built-in configuration & help if I forgot a key etc.  ;-)
<twb> JanC: so does top
<twb> Well, busybox top doesn't.
<twb> Coreutils top, or whatever Debian gives, does
<JanC> built-in help maybe, but not configuration AFAIK?
<twb> Well, top writes .toprc for you...
<twb> If you tell it to
<JanC> I mean like configuring what columns you want to see etc.
<twb> Yep
<twb> f, o, W
<twb> f toggles fields, o reorders them, W writes .toprc
<JanC> twb seems to have more features for that still, and top has no way to search for a process?
<twb> Define "search"
<JanC> find a process based on program name, e.g. to kill it or renice it?
<twb> Dunno
<twb> I normally just use < and > to change the sort column
<twb> To find pids I use pkill and pgrep
<twb> e.g. pkill -USR1 dd
<JanC> there are several ways to do things, I guess, and everybody uses what he/she prefers  âº
<twb> They should use what *I* prefer, duh
<twb> :-)
<MadHaTTer_000> this is annoying the heck out of me!!!!!!!!!
<folklore> breath friend
<twb> I ain't your breath friend.
<twb> I ain't any kind o' friend.
<folklore> sorry to hear that
<MadHaTTer_000> how do i disable Pid in pppd in wvdial?
<MadHaTTer_000> and how do i change the dns addresses used by wvdial?
<twb> MadHaTTer_000: this is for PPPoE, 56k modem, or what?
<MadHaTTer_000> my deamon keeps dying :(
<MadHaTTer_000> this is for a usb modem using ppp over a double dialup cellular band
<MadHaTTer_000> i remember some  crappy gui was where i edityed the dns addresses before kind of reminded me of the old win 3.1 or a manufactor gui but i dont remember how to get there
<MadHaTTer_000> i think it was a gkk or gkksudo that opened it before
<MadHaTTer_000> actually it was the gui that comes up when originally installing ubuntu server
<MadHaTTer_000> aNYONE KNOW WHAT IM TALKING ABOUT?
<MadHaTTer_000> i know for sure thats where i need to go to edit the dns addresses but i dont remember how to get there
<MadHaTTer_000> hey whats the command i need to enter to kill the pid in wvdial.conf?
<MadHaTTer_000> hey just looking for something simple how do i get a serial device to tell me its mac?
<iggi> MadHaTTer_000: I will try that, but I had done chmod 777 to the dir so it had everything to everyone (for testing only of course).
<iggi> twb: I made the owner of the DIR the user libvirt was running as
<iggi> .
<twb> iggi: that's not what I asked.
<MadHaTTer_000> hey does anyone know how to get the mac of a serial dev in terminal?
<MadHaTTer_000> anyone around?
<uvirtbot> New bug: #726386 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/726386
<uvirtbot> New bug: #726382 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726382
<tap-out> i get this error when i ping from windows 7 to my vm ubunut server
<tap-out> destination host unreachable
<tap-out> any suggestion or idea !!!
<MadHaTTer_000> Carrier detected.  Starting PPP immediately.
<MadHaTTer_000> --> Starting pppd at Sun Feb 27 23:17:30 2011
<MadHaTTer_000> --> Pid of pppd: 5369
<MadHaTTer_000> --> Disconnecting at Sun Feb 27 23:17:31 2011
<MadHaTTer_000> --> The PPP daemon has died: pppd options error (exit code = 2)
<MadHaTTer_000> --> man pppd explains pppd error codes in more detail.
<MadHaTTer_000> --> I guess that's it for now, exiting
<MadHaTTer_000> --> The PPP daemon has died. (exit code = 2)
<jussi> MadHaTTer_000: please use a pastebin :)
<MadHaTTer_000> sorry jussi
<tap-out> destination host unreachable   any thing about this error
<MadHaTTer_000> bad host ip or disconnected cord
<tap-out> !!!!!!!!!!!!!!!!   guys wake up  !!!!!!!!!!!!!!!!!
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<MadHaTTer_000> im awake tap
<tap-out> any sugg
<tap-out> i am using vmware
<MadHaTTer_000> check ur cords and then check your host ip
<Datz> tap-out: net working from VM?
<MadHaTTer_000> and ur route
<tap-out> madhatter_000, ,datz,no any network just my laptop  with win 7 and vmware with ubuntu server 10.0.4 installed
<MadHaTTer_000> ohh i feel like spewing
<Datz> lol
<tap-out> if i use dhcp the ping from my host to the vm work ,but when i use static ip not work
<Datz> tap-out: get you get internet from within ubuntu server VM?
<Datz> can you*
<tap-out> yes
<MadHaTTer_000> yes
<tap-out> i can ping from the server google
<Datz> how do you have networking set up? NAT, or bridged?
<Datz> I guess this is probably a VMware issue
<tap-out> NAt
<Datz> If you can, try to set up as bridged.. that's what I use without problems
<Datz> then restart VM I guess
<tap-out> datz, ok i try that , thanks
<MadHaTTer_000> my problem is as stated above does anyone know how to fix?
<MadHaTTer_000> actually nevermind i think i found it
<MadHaTTer_000> amazingly in english
<MadHaTTer_000> jeeze didnt work ;(
<MadHaTTer_000> what is it with pppd it just doesnt work for crap no matter what i try
<MadHaTTer_000> can anyone hel;p me with my pppd problem as previously specified?
<MadHaTTer_000> preferably without referring me to a forum that was just searched and ive probally already been to
<MadHaTTer_000> please someone help me with this http://pastebin.com/i2XHvN3Q
<MadHaTTer_000> i think the corn flakes have made me sick :(
<huats> morning
<MadHaTTer_000> night
<MadHaTTer_000> i just discovered peanut butter, corn flakes and rasins dont go very well togather
<MadHaTTer_000> who woulda thought
<folklore> mad ofcourse they do
<twb> MadHaTTer_000: you need to blend them first
<MadHaTTer_000> well they taste good togather but their making me wanna puke ive eaten alot
<twb> MadHaTTer_000: "--> Cannot get information for serial port." you need to tell it to use ttyUSB0 or whatever
<MadHaTTer_000> i did
<MadHaTTer_000> Modem = /dev/ttyUSB0
<MadHaTTer_000> in wvdial.conf
<MadHaTTer_000> heres what my wvdial.conf looks like http://pastebin.com/iMx4Z9UC
<MadHaTTer_000> any more ideas twb?
<twb> Nope, I only use pppd for PPPoA, PPPoE and (ugh!) pptp.
<twb> You would be looking in /etc/ppp/peers/<provider name>
<twb> I don't know anything about wvdial; I think it's just a wrapper that sets up /etc/ppp/ for you
<MadHaTTer_000> yeah i hear that alot no one uses wvdial for ages but unfortunetly im stuck with this inet connection
<twb> You can always just write /etc/ppp stuff yourself, by hand
<twb> The main hurdle is taht it's not very well documented
<MadHaTTer_000> yeah i already wrote resolv.conf what else?
<MadHaTTer_000> i mean i already made a link to the passwordfd.so in lib which was suppiosed to fix this problem but it didnt
<twb> Uh... resolv.conf isn't going to do anything unless you can actually raise a ppp0 interface.
<twb> I have no idea what you think "passwordfd.so" is supposed to do
<MadHaTTer_000> yeah i know but i finally got it to take the correct dns addresses
<twb> You should be reading the documentation in /usr/share/doc/pppd/
<twb> If your dialup provider does the right thing, resolv.conf will be rewritten automatically.
<MadHaTTer_000> this is y i made the link
<MadHaTTer_000> http://www.betavine.net/bvportal/resources/datacards/help
<MadHaTTer_000> closest thing i could find to a solution
<MadHaTTer_000> hmm
<MadHaTTer_000> this is what /var/log/messages says
<MadHaTTer_000> kernel: [11996.958601] npviewer.bin[6117]: segfault at 418 ip 00000000f60c7d16 sp 00000000ffcd1838 error 6 in libflashplayer.so[f5e5a000+b5f000]
<twb> 20:53 <twb> You should be reading the documentation in /usr/share/doc/pppd/
<twb> MadHaTTer_000: that log is saying that flash crashed, it's not related to pppd.
<MadHaTTer_000> ill take a look and see if ive already read it or not
<twb> MadHaTTer_000: you should be reading system documentation BEFORE resorting to "random blog I found"
<MadHaTTer_000> yeah that system doc ur talking about doesnt exist on my sys
<MadHaTTer_000> it goes from pppconfig to pppoeconf
<MadHaTTer_000> no pppd
<laen> Some quality Ubuntu support right here! ;)
<MadHaTTer_000> ?
<twb> MadHaTTer_000: then your system is buggered, because /usr/share/doc/ppp/ is full of documentation, provided by the ppp package, upon which pppoeconf depends.
<MadHaTTer_000> ha b4 u said /pppd/
<MadHaTTer_000> not ppp
<twb> MadHaTTer_000: sorry, typo
<MadHaTTer_000> so what should i be reading in here?
<twb> Probably start with README.Debian.gz if there is one
<MadHaTTer_000> k i read it didnt help at all though
<MadHaTTer_000> looks like the ps aux command might come in handy later
<laen> That is a strange thing to say.
<MadHaTTer_000> how so?
<laen> As if ps is a special command to solve your problem :)
<MadHaTTer_000> no haha but it will help with my problem which has to do with the pid
<uvirtbot> New bug: #726451 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726451
<laen> Or to use it with another tool, "That ls command might come in handy".
<laen> :)
<MadHaTTer_000> of courase i dont take that command as a solution just helpful for the info i will be needing later like dmesg or lshw would be for a dif problem
<kwork> hello, is there any good reason why not to instal postgres-8.3 from karmic to lucid?
<ikonia> kwork: yes, mixing repos breaks dependencies
<kwork> even if i setup the preferences file correctly?
<kwork> and assign low priority to karmic packages
<ikonia> kwork: your call, I wouldn't though
<kwork> what would be the "correct" way to install old-software to lucid then?
<ikonia> not to do it is the real way
<kwork> thats not an option at the moment
<ikonia> personally if you need an old package I'd have it built against the current dependencies of your distro
<ikonia> eg: say it uses libc v 1 in karmic, I'd have it built against libc v2 in lucid
<ikonia> but the same base version from karmic
<uvirtbot> New bug: #726461 in openssh (main) "sshd on lucid causes kernel panic" [Undecided,New] https://launchpad.net/bugs/726461
<laen> lol
<laen> Sshd, ew! Remove it!
<jpds> All the cool kids use telnet.
<kwork> ikonia,  okey thanks for your input
<ikonia> kwork: sorry it's not a "just do it" thing, but that's my opinion
<MadHaTTer_000> hey ikonia ive been waiting for you
<MadHaTTer_000> any chance your willing to unbann me from #ubuntu?
<jpds> MadHaTTer_000: #ubuntu-ops.
<aliverius> https://help.ubuntu.com/community/Drupal says there is drupal 7 but i cant find it in the repos
 * TheInfinity would not install drupal via apt-get
<aliverius> just copy the drupal files right?
<aliverius> i am new to drupal and web stuff
<zul> morning
<azizLIGHTS> how do i run php files on the lighttpd
<uvirtbot> New bug: #726502 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726502
<Aison> hello :)
<Aison> I search a movie web database software (eg. that synchronize with imdb or so)
<Aison> on my ubuntu server i've got over 1500 divx movies :P and maybe it would be funny to have got such kind of software
<zul_> jamespage: done
<jamespage> zul: thanks :-)
<zul> np
<zul> back to your regularily scheduled program
<jdstrand> ScottK: are you aware of another botched clamav db?
<guampa> is it ok to just discard all "bad header" mails with amavis?
<guampa> i'm getting rid of some nasty spams with that but i wonder if some legit mail will get discarded too
<MadHaTTer_000> i usually just make a few filters for certain words like special offer million billion nigeria and a few others
<guampa> hmm, that'd be good
<guampa> and i plug those filters to amavis?
<guampa> nm ill search for howtos
<guampa> anyway, the possibility to discard legit mail b/c bad headers persist right?
<guampa> that is what i want to find out
<pmatulis> guampa: i reject mail in that way but i've never had a false positive (4 yrs now)
<guampa> thats just great
<pmatulis> guampa: (i have a warning sent to my inbox still however; more out of interest)
<guampa> i'll leave that in place then
<Aison> i've got two amd64 x6 machines. I would play a littlebit with multicomputer multicore systems. Can I somehow make a master/slave system with this two machines, where I've got 2cpus with 6cores that look like one machine?
<Aison> connected over LAN
<jdstrand> ScottK: fyi, that would be a yes. 12790 fixes it
<guampa> Aison: perhaps with openSSI you could
<guampa> haven't used it yet, though
<Aison> well, I will take a look at it
<pmatulis> Aison: you want to run a single job across both your systems?
<Aison> pmatulis, yes
<Aison> pmatulis, the jobs are memory and cpu intensiv. but memory accesses between two threads are quite low. so memory localitiy is not a big problem
<pmatulis> Aison: this is often called a beowulf cluster, search for that
<RoAkSoAx> zul: howdy!! are you busy? can you sponsor bug #648202 ? :)
<uvirtbot> Launchpad bug 648202 in vsftpd "vsftpd started even if not in standalone mode" [Undecided,In progress] https://launchpad.net/bugs/648202
<zul> RoAkSoAx: sure gimme a few
<RoAkSoAx> zul: cool thank you!
<RoAkSoAx> I'm also preparing SRU's
<RoAkSoAx> but will bother you with that later today
<seicherlbob> hi there! I have set up a svn server on ubuntu lucid. I grant svn+ssh access to a changerooted environment. The user can log on and use local svn list, but not remotely. It seems the user is not authenticated when using svn+ssh.
<ScottK> jdstrand: I hadn't been.
<zul> RoAkSoAx: done
<RoAkSoAx> zul: thanks!!
<RoAkSoAx> q!
<RoAkSoAx> arrgh
<hallyn> you need better window focus mgt  :)
<RoAkSoAx> hallyn: indeed :P
<RoAkSoAx> zul: could you please take a look at bug #648202 again? I just uploaded 2 debdiffs for lucid and maverick SRU's that need sponsoring :)
<uvirtbot> Launchpad bug 648202 in vsftpd "vsftpd started even if not in standalone mode" [Medium,Confirmed] https://launchpad.net/bugs/648202
<zul> RoAkSoAx:yep right after lunch
<RoAkSoAx> zul: cool thanks ;)
<azizLIGHTS> does ubuntu server automatically update packages?
<patdk-wk> azizLIGHTS, only if you tell it to
<azizLIGHTS> because i notice it used to say 9 packages can be updated or something like that onlogin
<azizLIGHTS> now it doesnt say it anymore
<azizLIGHTS> how come
<patdk-wk> that isn't autoupdate
<patdk-wk> must be the nightly cron is failing that does apt-get update, or the login status printer doesn't work (or load is too high so it doesn't run)
<patdk-wk> none of mine print that info though, but I always install minimal
<patdk-wk> looks like you have to have landscape installed to get that info
<g0bl1n> What is the best way to be sure a document is printed and got no errors ?
<g0bl1n> our app needs to print 20.000 documents and if any is not printed, we have a problem (invoices)
<patdk-wk> compare the printed document to the origional?
<g0bl1n> I want the printing service to report upon error
<g0bl1n> where should I head? CUPS ?
<azizLIGHTS> patdk-wk: whats wrong with my systrem then? hows to fix it
<patdk-wk> azizLIGHTS, I dunno, and doesn't mean anything is wrong, I just listed like 5 different possibilities
<azizLIGHTS> how can nightly apt-get update fail? it knows i havent installed 9 packages uptodate, how can it "forget" even if next update failed
<azizLIGHTS> my load is not high at all
<azizLIGHTS> i used ec2 image  from aazon
<azizLIGHTS> *amazon
<patdk-wk> launchpad is installed and working?
<azizLIGHTS> ami-3e02f257
<azizLIGHTS> what is launchpad
<patdk-wk> what gives you that message your *missing*
<azizLIGHTS> how to check?
<patdk-wk> dunno, never used launchpad
<azizLIGHTS> $ dpkg -l launchpad
<azizLIGHTS> No packages found matching launchpad.
<azizLIGHTS> $ dpkg -l | grep "launchpad"
<azizLIGHTS> ii  python-launchpadlib               1.6.0-0ubuntu1                    Launchpad web services client library
<azizLIGHTS> hmm
<patdk-wk> landscape :)
<laen> Ewww.
<patdk-wk> it's landscape not launchpad
<azizLIGHTS> oh
<patdk-wk> I said that way above but oyu ignored it, then I confused myself
<laen> Landscape, so you can see what the weather is at the datacenter every login.
<azizLIGHTS> yes i see it
<azizLIGHTS> two packages: landscape-client and landscape-common
<laen> Have never seen anything that annoying and useless.
<patdk-wk> laen, only if the server at the datacenter knows where it's located :)
<azizLIGHTS> this came in the ami lol what to do
<patdk-wk> laen, ya I don't use it, based on my build systems apt-get ugrade, and the security maillist, don't see the point\
<laen> Such a bish to remove and fix it so the company MOTD is displayed correctly.
<laen> Indeed.
<azizLIGHTS> so basically landscape broke?
<azizLIGHTS> for me
<patdk-wk> that is easy, kill update-motd
<laen> Remove it, you don't need landscape.
<azizLIGHTS> patdk-wk: isthat command for me "kill update-motd"
<patdk-wk> that isn't a command
<azizLIGHTS> is it for me though?
<azizLIGHTS> to do
<azizLIGHTS> pseduo command
<azizLIGHTS> that will fix lanscape?
<Pici> !who
<ubottu> As you can see, this is a large channel. If you're speaking to someone in particular, please put their nickname in what you say (use !tab), or else messages get lost and it becomes confusing :)
<laen> apt-get install pseudo-command landscape-fixes
<azizLIGHTS> laen: .... what?
<RyanP> Does anyone have any experience creating LVM partitions using preseed and/or kickstart? I'm trying to build an automated server install and things aren't behaving as the documents seem to suggest they should.
<patdk-wk> azizLIGHTS, most likely update-motd or landscape isn't working
<azizLIGHTS> patdk-wk: i see
<patdk-wk> landscape-sysinfo
<laen> RyanP: wish i was at work, i could hand you the examples. Should be in the docs though.
<azizLIGHTS> patdk-wk: landscape-sysinfo shows correctly on login, its the part about how many package updates there are that is missing/disappear
<azizLIGHTS> maybe it is landscape-package-reporter, it is giving LOTS ERRORS
<RyanP> laen: I have been through the documents. What I could find for preseed was rather sparse. Were you using kickstart or preseed to create the partitions?
<laen> RyanP: preseed
<patdk-wk> azizLIGHTS, it does here too
<patdk-wk> but works
<uvirtbot> New bug: #726675 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726675
<laen> RyanP: you could as well try the debian documentation on preseed/kickstart and auto-install.
<patdk-wk> /usr/lib/update-notifier/update-motd-updates-available
<patdk-wk> so it's update-notifier
<patdk-wk> man, documention so annoying sometimes
<laen> RyanP: i just have a terminal in front of me, no graphical environment so i can't even help you search right now.
<pmatulis> laen: use a non-graphical browser
<pmatulis> :D
<laen> pmatulis: got it, but that's far from "quickly searching something" :)
<azizLIGHTS> patdk-wk: ok well i see. as long as its not updating automatically im ok
<RyanP> laen: Well, I'll try searching the Debian stuff. But, just to confirm you were able to use preseed to automatically create LVM partitions to your specifications?
<laen> RyanP: believe so yes
<RyanP> laen: Well that gives me some more hope. I was starting to wonder if this particular thing actually worked. Thanks.
<laen> RyanP: we're migrating away from LVM lately though so i'd have to dig it up wednesday, i'll check up with you if you still want the info.
<RyanP> laen: I'd be happy to see anything you wouldn't mind sharing..
<laen> RyanP: d-i partman-lvm
<RyanP> laen: Bah. googling "Debian preseed" comes up with a bunch of stuff I haven't seen. Yes, I was trying partman-lvm, but apparently not doing the right thing.
<laen> Glad you found more info :)
<dustg> If I just want to run walrus so that I can have a local S3 compatible interface for testing, is that possible? Or do I need to have the whole eucalyptus stack? Likewise, will have to create a storage cluster, or is it easy to just use a local folder to serve as storage space?
<zul> hallyn: ping so lxcguest if you arent in a container it shouldnt do anything right?
<zul> dustg: you might want to look at swift im not sure how s3 compatibly it is
<hallyn> zul: correct
<hallyn> it'll start up and check the boot arguments, and not find the lxc argument, so stop
<dustg> I was looking at swift, but I had the impression it pretty much required a cluster
<ranamalo> i'm trying to use yaml to setup puppet client instances in ec2 following this guide: http://ubuntumathiaz.wordpress.com/2010/03/24/using-puppet-in-uecec2-puppet-support-in-ubuntu-images/ it's not working.  Here is the yaml template: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/cloud-init/lucid/annotate/head%3A/doc/examples/cloud-config-puppet.txt.  When I paste that in the user-data field the instance boots up but doesn't con
<ranamalo> tact the puppetmaster and I then can't get into it via ssh.  Any ideas?
<azizLIGHTS> how do i restart lighttpd
<azizLIGHTS> service command?
<azizLIGHTS> what is it
<lynxman> azizLIGHTS: service lightttpd restart
<zul> RoAkSoAx: can you use bzr branches for the vsftpd SRU stuff
<uvirtbot> New bug: #726722 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726722
<lynxman> kirkland ping
<lynxman> hey zul o/
<kirkland> lynxman: pong
<zul> lynxman: hey
<dustg> out of curiousity, what's the reason things have moved to using 'service servicename command' instead of '/etc/init.d/servicename command'
<dustg> ?
<RoAkSoAx> zul: sure
<zul> dustg: its the same thing
<lynxman> kirkland: just a question for you, is there any way we can control in which order a metapackage installs files?
<kirkland> dustg: you can use either;  service is just nice in that it works with both upstart AND old fashion init scripts
<lynxman> kirkland: I'm finding this issue with mcollective-server metapackage were mcollectived starts before rabbitmq is in place
<kirkland> lynxman: no
<kirkland> lynxman: you would need to move some stuff into a separate package
<lynxman> so mcollective then feels silly about trying to connect to an mq server that is not there
<lynxman> hmm I see
<kirkland> lynxman: and then pre-depend on it (which is frowned upon, but can be done)
<lynxman> kirkland: hmm I see
<kirkland> lynxman: give me your desired order ...
<lynxman> kirkland: rabbitmq -> mcollective
<lynxman> otherwise mcollective will error
<kirkland> lynxman: right, so mcollective would need to pre-depend on rabbitmq
<kirkland> (which can happen)
<lynxman> kirkland: hmm... not really, since we just need one rabbitmq for all mcollective daemons
<kirkland> lynxman: honestly, this is what ensemble promises to solve ;-)
<lynxman> kirkland: hehe
<lynxman> kirkland: no need to sell me on that, I'm game :)
<mklappstuhl> hey
<mklappstuhl> can anyone point me to a guide that tells me how to setup ubuntu-server as a kvm guest? (not ubuntu as host)
<patdk-wk> hmm, you just install it?
<patdk-wk> the whole point of a kvm guest, is it's no different from a real computer
<mklappstuhl> patdk-wk: yeah, but i'd like to setup virtio for example
<mklappstuhl> so i need to add kernel modules
<patdk-wk> mklappstuhl, what version of ubuntu?
<mklappstuhl> 10.10
<patdk-wk> should be installed already
<mklappstuhl> i need to rebuild the initramfs with virtio included etc.
<mklappstuhl> patdk-wk: ah, okay o.O :D
<patdk-wk> you shouldn't have to
<patdk-wk> atleast my 10.04 has them all installed, in -generic they are modules, installer will put them into initramfs
<patdk-wk> and in -server they are mostly all compiled in
<zul> hallyn: ping
<hallyn> zul: (in mtg, but here)
<zul> hallyn: so i want to get lxcguest but i have to do a mir for lxcguest and lxc is that kosher with you?
<hallyn> sure.
<hallyn> i thought lxc was in main
<hallyn> hm, guess not
<hallyn> zul: not sure if we want to do something like not install lxc-cap...
<zul> ok ill get cracking on it
<sdudenhofer> is there a way to reset what i have changed to my openssl setup? to reset back to default?
<patdk-wk> openssl setup?
<patdk-wk> I think the only posible changes are opensl.cnf
<sdudenhofer> I followed this community documentation: https://help.ubuntu.com/community/OpenSSL would me changing file location from where it first asks to create the file to the one that is already included in /usr/lib/ssl screw something up?
<sdudenhofer> thats probably really confusing
<sdudenhofer> are there official docs for setting openssl up to generate a CSR is this what you should use? https://help.ubuntu.com/community/OpenSSL
<JasonMSP>  sdudenhofer: https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html
<JasonMSP> change the number to your system.  im 10.04 for instance.
<JasonMSP> https://help.ubuntu.com/10.04/serverguide/C/certificates-and-security.html
<sdudenhofer> thanks I'll give that a run through
<dustg> anyone have experience working around this bug:
<dustg> https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/615442
<uvirtbot> Launchpad bug 615442 in eucalyptus "euca-describe-users fails with ImportError: No module named euca_admin.users" [High,Confirmed]
<Gargoyle> Hello. Can I change the text that is show above the main console login prompt?
<zul> jamespage: i uploaded groovy
<david506> I did a debootstrap installation of my computer, but I am stuck because the grub boot loader won't install. I run dpkg-reconfigure grub-pc, it asks for "linux command line" which is blank, it than asks for default command line, "quiet splash", immediately followed by "Continue without installing GRUB?". On an existing machine, there is an extra page "GRUB install devices". Why do I not see this page when installing this maching ? TH
<david506> anks
<RoAkSoAx> zul: done lp:~andreserl/ubuntu/lucid/vsftpd/sru1 and lp:~andreserl/ubuntu/maverick/vsftpd/sru1
<jamespage> zul: thanks!
<SystemTyrant> I'm curious if any of you use ubuntu server for mission critical applications and whether or not you have a paid support agreement in place?
<Jeeves_> SystemTyrant: I know 100's of mission critical servers running ubuntu
<Jeeves_> without a support agreement
<Jeeves_> (Ow, and I use it myself too :))
<SystemTyrant> Jeeves_: Do you know what any  of them are used for? ie file server, database server, etc?
<Jeeves_> databases, webserver, ftp, online back-up, fileserver, virtualisation servers
<Jeeves_> Just about anything, really
<SystemTyrant> Thanks Jeeves.
<Jeeves_> SystemTyrant: I've got no clue how the Canonical support is
<Jeeves_> But I haven't heard any complaints about it either :)
<SystemTyrant> I'm about to embark on moving our document storage over to Nuxeo DM which will be on ubuntu lts servers and will have postgresql backends (also on ubuntu servers).
<Jeeves_> Sounds good
<SystemTyrant> I like ubuntu, but I've never really had the chance to talk to anybody actually running them in production or as mission critical. I figured people have to be somewhere. :)
<SystemTyrant> And of course pretty much all of it will be run without paid product support.
<bluefrog> without product support?
<bluefrog> would be irresponsible not to have support, how come you don't have any?
<bobsapp> anyone got any idea on how to remote monitor linux hosts with nagios?
<bobsapp> I've installed nagios, but using NRPE on a remote host
<andygraybeal> if you guys don't mind holding my hand, i have a newb question.  i want my girl to be able to change chown and chmod some files, but only in a certain directory and every directory under that (recursively) .. but i don't want her to be able to do this on any other files!  if that makes sense.
<andygraybeal> how do i go about doing that?
<david506> I want to have my text console at a resolution of 1280x1024, I read I need to add vga=794, but every time I boot with that in the kernel line, the monitor says "out of sync"
<lenios> andygraybeal, if you make her owner of this directory, it should work as expected
<andygraybeal> lenios, ah interesting, thank you; even if she isn't owner of the files inside of the directory?
<andygraybeal> what if she is part of the group that is owner of the directory?
<lenios> you must first give her owner
<lenios> you can chown -R
<andygraybeal> okay, thank you :)
<lenios> chown and chmod should only work for current user, not group
<warrenchild> hello everyone!!! I have a question!! I set up a PPTP VPN using unbuntu server and it works perfectly!! I was wondering though how many people can connect at one time?
<warrenchild> I have added more than one user and password, and they both work as well.
<andygraybeal> lenios, thank you!!  works
<dustg> ?
<warrenchild> hello everyone!!! I have a question!! I set up a PPTP VPN using unbuntu server and it works perfectly!! I was wondering though how many people can connect at one time?
<ENOSLEEP> warrenchild: that's going to depend on the amount of RAM, your CPU and your network connection.  You do realize that PPTP is not an encrypted connection, right?
<warrenchild> hmmm
<warrenchild> so I shoud use another?
<warrenchild> what one is just as easy to set up that is encrypted
<warrenchild> I though it was encrypted
<warrenchild> thought*
<warrenchild> enosleep: what do you sugest?
<dustg> easiest temporary thing is ssh proxy.
<warrenchild> well this will not be temp
<warrenchild> sstp?
<dustg> IPsec
<warrenchild> would  happen to know a good walk through to set that up?
<warrenchild> dustg: ^^^
<dustg> not off my head
<dustg> there are probably other options, too
<dustg> I'm not at home so my vpn bookmarks aren't around
<warrenchild> thank you dustg
<uvirtbot> New bug: #726856 in puppet (main) "package puppetmaster 2.6.4-2ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/726856
<warrenchild> abd enosleep
<ENOSLEEP> warrenchild: I would suggest OpenVPN.
#ubuntu-server 2011-03-01
<boxybrown> any idea why I would be able to login to gnome with a local user, but not an NIS authenticated user?
<twb> Does it work in login(8)
<boxybrown> twb: let me check
<boxybrown> twb: i'm not exactly sure how to test this..., keeps complaining about 'cannot possibly work without effective root'?
<twb> I don't know what that means or where you're seeing it.
<boxybrown> twb: i have an ssh session open on the machine.  I'm trying 'login username' and 'exec login username'.
<twb> Uh, are you root?
<twb> Also, it's "login", not "login username".
<twb> Otherwise you're not testing pam nis auth, are you?
<boxybrown> I'm not using pam nis, just nis
<twb> You *are* using PAM.
<boxybrown> haha, okay
<twb> Unless you're on Windows or OS X or something, in which case you can go ask another channel..
<boxybrown> well, i never messed with any of the pam configuration stuff. permissions and such is all set through the usual /etc/passwd, shadow, sudoers channels
<boxybrown> and nsswitch.conf
<boxybrown> I can't get a hold of the user who claimed they couldn't login.  However, with my login I have the following problem: I CAN login at the GUI as an nis authenticated user, but the xsession is all messed up.  The theme is wrong, the mouse works but mouse clicks do not.
<boxybrown> Logging in as a local admin user everything is fine.
<twb> That doesn't sound like a server issue.
<boxybrown> well, its on the ubuntu-server distro
<uvirtbot> New bug: #726901 in euca2ools "euca-run-instances gives stacktrace if user-data-file doesn't exist" [Low,Triaged] https://launchpad.net/bugs/726901
<boxybrown> I think I found the problem, via https://help.ubuntu.com/community/SettingUpNISHowTo
<uvirtbot> New bug: #726927 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726927
<boxybrown> maybe NIS users not being part of the video & DRI groups could cause the problem?
<twb> boxybrown: I don't know; that's a GUI issue.
<twb> If you can reproduce the problem on the tty, I can help.
<WirelssNot> Need help: my network hardware is turned off, internet not wokrking: http://paste.ubuntu.com/573758/
<twb> WirelssNot: rfkill list
<uvirtbot> New bug: #726938 in cloud-init (main) "config resizefs fails" [Undecided,New] https://launchpad.net/bugs/726938
<WirelssNot> twb, i am sorry for late response.
<WirelssNot> hold on please
<twb> Whatever
<WirelssNot> twb, just have hard time transfering terminal results from one computer to the next
<twb> Just look at it.
<twb> WirelssNot: is your wifi device there?  Is it blocked?
<twb> http://paste.debian.net/109206/  <-- example blocked
<WirelssNot> actually i have ubuntu-desktop.
<WirelssNot> but noone can help at #ubuntu.
<twb> It is not appropriate to ask -server just because #ubuntu is busy.
<banker247> whats a good / easy way to share photos with ubuntu? i notice it doesn't work too well with photobucket any other easy optoins?
<WirelssNot> 1: phy0: wireless LAN       soft blocked: yes    hard blocked :no
<twb> WirelssNot: ok, so "rfkill unblock phy0"
<WirelssNot> also  0:   hp-wifi: wireless land  soft blocked: yes   hard blocked :yes
<WirelssNot> when i do rfkill unblock phy0             bogus unblock argument 'phy0'
<WirelssNot> when i do wifi-hp         boguns unblock arument 'hp-wifi
<WirelssNot> bogus
<twb> WirelssNot: try "rfkill unblock wifi"
<WirelssNot> i tried it, it did not show any result.
<WirelssNot> meaning?
<twb> If a Unix program emits no output, that means it succeeded.
<WirelssNot> should i restart? because nothing changed. still "no network connection" when i hover over wireless icon with red exclamation mark
<twb> Uh, once you unblock the wifi you need to raise the interface.
<twb> Which would be "ip link set hp-wifi up" and "dhclient hp-wifi", or possibly wpasupplicant, but because you're in a GUI I don't know.  Probably NM plays silly buggers.
<hallyn> kim0: I haven't tested the latest build (and won't until after server mtg tomorrow), but spice and qemu+spice are built in ppa:serge-hallyn/spice
<uvirtbot> New bug: #726951 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/726951
<zimie> i need some help in setting up a transparent squid proxy server
<zimie> where should i start
<thesheff17> zimie:  I have used this site for a good reference.  I haven't done a ton with squid but do some testing: https://calomel.org/squid.html
<uvirtbot> New bug: #726973 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726973
<uvirtbot> New bug: #727000 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727000
<uvirtbot> New bug: #727015 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/727015
<Sheepherd> hey guys ive installed the ubuntu server 10.10 on my virtual vmware player machine but all my settings are lost on reboot.
<Sheepherd> is this a commen issue?
<Sheepherd> does $reboot do that by default or is there another reason?
<soren> Sheepherd: What settings?
<Sheepherd> keyboard layout or aliases as example
<Sheepherd> installed packages stay
<Sheepherd> keyboard layout was set with $dpkg-reconfigure console-data
<Sheepherd> oh well i just read that aliases are transient so nevermind that part
<Sheepherd> but the keyboard layout shouldnt
<Sheepherd> be*
<laxmi> ubuntu wired network problem
<laxmi> wireless works
<uvirtbot> New bug: #727026 in samba (main) "apt-get upgrade fails on samba-common if smb.conf is missing" [Undecided,New] https://launchpad.net/bugs/727026
<uvirtbot> New bug: #727028 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727028
<uvirtbot> New bug: #727029 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727029
<uvirtbot> New bug: #727034 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727034
<uvirtbot> New bug: #727038 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/727038
<Daviey> hallyn, Are you planning to chase a MIR on ebtables?
<Daviey> hallyn, it's a new recommends of libvirt by the looks of it.
<uvirtbot> New bug: #727061 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/727061
<tap-out> hi,  any i dea about this error " fatal : Module vmhgfs not found" , Module vmmemctl not found.
<fakhir> hello. my server (ubuntu server 10.10) has high load averages (1.69) but now CPU usage (0%). i gather this is likely an IO problem. how care i figure out what is going on?
<tap-out> hellooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
<joschi> tap-out: you need to install the vmware (or openvm) kernel modules
<joschi> tap-out: be more patient
<tap-out> ok
<tap-out> u mean this apt-get install openvm
<uvirtbot> New bug: #727079 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade:subprocess "installed post-installation" script returned exit status 1" [Undecided,New] https://launchpad.net/bugs/727079
<tap-out> joschi , i get this error after installing vm-open-tools is that different
<joschi> tap-out: you still haven't installed the kernel modules
<tap-out> ok i try to installed
<tap-out> joschi, thanks now it work
<smoser> hallyn, 'lxcguest' rocks, and i learned something new: mount bind a file.
<uvirtbot> New bug: #727091 in mysql-dfsg-5.1 (main) "Select on table with two colums cause empty result." [Undecided,New] https://launchpad.net/bugs/727091
<uvirtbot> New bug: #727092 in samba (main) "Samba is not built against CTDB" [Undecided,New] https://launchpad.net/bugs/727092
<smoser> i need someone to swap scribe for me
<uvirtbot> New bug: #727108 in mysql-dfsg-5.1 (main) "package clamav-base 0.96.5 dfsg-1ubuntu1.10.04.2 failed to install/upgrade: subprocesso instalado o programa post-installation retornou erro do status de saÃ­da 1" [Undecided,New] https://launchpad.net/bugs/727108
<aazert> hello there ?
<aazert> how to check what version on ftp server that i have on my server ?
<Daviey> smoser, regarding lxcguest... can you give a snippet that can be copy and pasted into the meeting?
<jkg> 'telnet <servername> 21' should give you a banner, which may well tell you the version (mine reports ProFTPD 1.3.2e)
<smoser> Daviey, https://wiki.ubuntu.com/ServerTeam/Meeting updated
<aazert> telnet myserverip 21
<aazert> connection refused
<Daviey> smoser, are you looking for someone to do it?  Or interest conceptually?
<uvirtbot> New bug: #727114 in nmap (main) "nmap only recognizes IPv6 resolvers by specifying "--system-dns"" [Undecided,New] https://launchpad.net/bugs/727114
<zul> i said i was going to do it :)
<Daviey> zul, ah - i missed that
<phsi> are there security.ubuntu.com mirrors?
<phsi> openjdk at 60kb/s is fun
<phsi> less even :P
<binBASH> phsi: I had 16 Kb/sec, so you're more lucky than me :D
<jamespage> zul: morning
<jamespage> zul: sponsor a bug fix for me?
<zul> jamespage: sure when i get back from dropping liam off at daycare
<jamespage> zul: thanks - I'll ping you with the link
<zul> i think Daviey also has core-dev access now as well
 * jamespage falls off his chair
<jamespage> when did that happen Daviey?
<Daviey> jamespage, oh, ages ago! :)
<jamespage> :-)
<jamespage> fancy a bit of sponsoring?
<Daviey> at least 16 hours ago.
<Daviey> jamespage, try me! :)
<jamespage> bug 687979 - merge proposal is here - https://code.launchpad.net/~james-page/ubuntu/natty/jug/fix-687979/+merge/51638
<uvirtbot> Launchpad bug 687979 in jug "[FTBFS] package 'jug' (2.0.0-1) failed to build on natty" [Medium,In progress] https://launchpad.net/bugs/687979
<jamespage> Daviey: also I have not been able to reproduce the FTBFS in libproxool-java - bug 687982
<uvirtbot> Launchpad bug 687982 in libproxool-java "[FTBFS] package 'libproxool-java' (0.9.1-4ubuntu1) failed to build on natty" [Undecided,New] https://launchpad.net/bugs/687982
<uvirtbot> New bug: #523211 in eucalyptus "[patch] another memory leak in node controller" [Low,Fix committed] https://launchpad.net/bugs/523211
<jamespage> what did you do to make it fail?
 * Daviey looks
<jamespage> Daviey: congrats on the core-dev membership BTW
<Daviey> jamespage, thanks :)
<Daviey> jamespage, libproxool-java marked fixed released :)
<jamespage> Daviey: great :-) love it when I work really hard on an issue to make it go away!
<Daviey> jamespage, You did *awesome* :)
<Daviey> jamespage, fancy doing the same with euca?
<jamespage> well I'm always up for a challenge.... ;-)
<hallyn> Daviey: oh, bother.  I guess I'll have to look into ebtables
<Daviey> hallyn, Do you have enough time?
<hallyn> Daviey: I have no idea what that takes.  I'm also not 100% sure how needed it is (it was pulled in by the Debian package)
<hallyn> Daviey: i can look at it after the server meeting.  it'll be educational.  (though if you have time right now, I won't be offended if you do it)
<hallyn> Daviey: thanks for pointing it out.  I hadn't thought of it
<Daviey> hallyn, Hmm.. if we don't /need/ it, we can move it from Recommends to Suggests meaning we don't need to to MIR it
<Daviey> zul or jdstrand, With your work on libvirt, have you seen a need for us to carry ebtables?
<hallyn> Daviey: right now I need to get kids ready - bbl
<Daviey> hallyn, no worries o/
<david506> Does vga= in the kernel parameters still work in Ubuntu 10.04 ?
<pmatulis> Daviey: try it and see
<zul> Daviey: what about ebtables?
 * zul is back
<pmatulis> Daviey: sorry, wrong nick
<Daviey> pmatulis, ah, no worries
<Daviey> zul, It's a new recommends of libvirt... Am i right in saying you don't need it for lxc on OpenStack?
<david506> Hey, I have a program running on tty1, how can I remove the login from tty1 ? ( ubuntu 10.04 lts )
<zul> Daviey: i wouldnt drop it
<Daviey> zul, We either need to MIR it, or drop it to Suggests.
<Daviey> zul, it's currently universe.
<Daviey> zul, If we don't /need/ it, we shouldn't MIR it IMO.
<zul> Daviey: gah
<Daviey> zul, being a recommends of libvirt in Debian suggests to me we probably don't need it.
<zul> right drop it to suggests for now when its needed again we will do the MIR
<Daviey> zul, i /suspect/ it will be needed next cycle
<zul> Daviey: oh i *know* it will be needed in the next cycle
<Daviey> zul, a universe package you care about explicitly Depends on it, so it'll get installed anyway.
<zul> Daviey: right
<zul> Daviey: well worry about it then...im in agreement
<Daviey> groovy.
<jdstrand> Daviey: aiui, ebtables should not be explicitly required, which is why it is Recommends. you can read about what it does here: http://libvirt.org/firewall.html
 * jdstrand should really look at that in more depth
<Daviey> jdstrand, oh aye, i read that page.. i just wondered if you knew of anyone that would scream if it was demoted to Suggests
<Daviey> jdstrand, as it's a new thing, i doubt it
<jdstrand> Daviey: no. I doubt anyone would really notice in terms of install images. curious why you want that delta?
<Daviey> jdstrand, ebtables is in Universe
<Daviey> jdstrand, Don't want to MIR it unless we /need/ it.
<Daviey> (This cycle at least, next cycle i think we will need it)
<jdstrand> Daviey: hmm, I guess I forgot the policy on Recommends vs Suggests wrt MIR
<soren> ebtables are in universe?
<jdstrand> ie, while a package in main has a Recommends will install it if universe is enabled, if universe is not enabled it won't
<Daviey> soren, yes
<soren> srsly? How the heck does Eucalyptus protect against arp/mac/ip spoofing?
<jdstrand> and it shouldn't, afaik, affect cd image buildability
<Daviey> jdstrand, Well.. yes.. it's like a soft depends i guess... should be renamed to 'flood-my-machine-with-stuff-i-don't-need:"
<zul> soren: magic! :)
<Daviey> jdstrand, lemme check with the release team
<soren> zul: I remember how Eucalyptus' magic works.
<soren> :)
<zul> soren: hehe
<soren> REcommends needs MIRs for sure.
<soren> ebtables in universe is silly. The filtering (i.e. the tricky bits) are in the kernel. ebtables is just a tool to adjust the stuff in the kernel.
<Daviey> soren, that is what i thought... but jdstrand raises a valid point.  Just checking from the release team
<phsi> I want to prefer same-version packages from a certain mirror, is this possible with pinning?
<Daviey> soren, For natty, it shouldn't matter - right?
<soren> Daviey: Whether ebtables is in main? Not that I know of...
<Daviey> soren, For -compute, it depends on it already.. so will still get pulled in.
<soren> Daviey: Certainly.
<soren> Daviey: But (again, this is just AFAIK) that's unrelated to its being-in-main-ness.
<jdstrand> Daviey: fwiw, I think a MIR on ebtables is long overdue, and would be easy to achieve
<Daviey> jdstrand, I totally agree... and natty+1 i think it will be one of the first things we chase i expect
<jdstrand> Daviey: there are no CVEs in the userspace tool: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ebtables
 * jdstrand would think it could happen this cycle if you wanted it
<RoAkSoAx> morning all
<Daviey> jdstrand, Are you trying to make me scream? :)  I /just/ uploaded the demotion. :/
<jdstrand> I am not
<jdstrand> I thought discussions were still ongoing
 * jdstrand shuts up then
<Daviey> jdstrand, Oh no.. i wasn't saying that..
<jdstrand> :)
 * jdstrand was just teasing
<soren> jdstrand: Are there ufw+ebtables plans?
<Daviey> jdstrand, You sir.. will get a slap!
<jdstrand> soren: I'd like to, but it isn't as high as some other ufw stuff, which unfortunately isn't as high as other work
<jdstrand> soren: it is on the raodmap though
<jdstrand> roadmap
<soren> jdstrand: Does this roadmap have a url?
<jdstrand> soren: https://wiki.ubuntu.com/SecurityTeam/Roadmap#Unscheduled%20Wishlist%20Items
<jdstrand> soren: some of what is in there was not added by me, but all is worth investigating at some point
<soren> jdstrand: Cool.
<azizLIGHTS> whats the point of the iso i downloaded when it wants to use the internet to retrieve files in setup
<joschi> azizLIGHTS: you have to boot something, don't you? there are also minimal CDs which only contain the boot files and the debian installer and everything else is being fetched from the net
<azizLIGHTS> but the iso is like 700mb, thats all botting?
<thesheff17_> azizLIGHTS: The full iso cd doesn't even require you to configure networking. so if anything is down with the internet is option during install.
<thesheff17_> azizLIGHTS: the iso contains tons of software....at the end you can select all types of extra packages that are contained on the cd.
<joschi> azizLIGHTS: I already wrote: there are also minimal ISOsâ¦
<uvirtbot> New bug: #727189 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/727189
<zul> hallyn/Daviey/smoser: MIR filed
<smoser> just for the lxcguest ?
<smoser> or all of lxc ?
<Daviey> zul, ^
<zul> all of lxc
<smoser> well thats a bit of a bigger deal
<smoser> bug number ?
<zul> 727200
<smoser> bug 727200
<uvirtbot> Launchpad bug 727200 in lxc "[MIR] lxcguest in main" [Undecided,New] https://launchpad.net/bugs/727200
<zul> smoser: you dont need all of lxc on the images just the lxcguest stuff
<smoser> right.
<smoser> but you've said you wanted to MIR it all
<smoser> i think you can (maybe i'm wrong) just MIR for the specific binary
<zul> you can ill talk to the MIR team when the review is going to happen
<smoser> so you want me to toss that into the builds ?
<ogra> you need to MIR the source package, but can opt in to only include certain binaries in the supported set then
<smoser> right. thank you.
<smoser> zul, ^^
<zul> smoser: right
<zul> thats what i meant :)
<smoser> no.
<smoser> do you want it to be added to the images "right now"
<zul> no i dont
<zul> since its still being reviewed by upstream
<smoser> you openstack patch is being reviewed, you mean
<zul> yeah i need more caffine
<smoser> so, if it were up to me, and hallyn and zul  had reasonable confidence that there would not be issues caused by this (i've sniffed it on an ec2 instance), then i would rather put it in prior to alpha3
<smoser> as we'll get more testing of it then.
<zul> fine with me
<andygraybeal> what do you guys recommend for the amount of space and memory for a mail server that will host the mail of around 20 people
<andygraybeal> i want to run the clamav, spamassasin, postfix, dovecot and have apache with roundcube
<Daviey> smoser, Are you around to talk about debian/patches/22-uec-multiboot-kvm.patch?
<smoser> sure
<Daviey> http://pb.daviey.com/qAeU/raw/ Does that make sense to you?
<Daviey> smoser, a patch on a patch :)
<smoser> you're adding '--basepath' ?
<smoser> oh, for natty.
<smoser> fyi, the MAX_PATH stuff is completely busted
<Daviey> smoser, Is that a bad change then?
<smoser> MAX_PATH=4096 (or whatever the max path is), but they append to it all over the place.
<Daviey>  /safe/ change?
<smoser> your change is probably ok.
<smoser> i'm just saying that they use that size but keep appending files to it
<smoser> so while 1 path is < MAX_PATH, they keep appending
<Daviey> lovely!
<Daviey> smoser, That patch was having me scratch my head for ages
<smoser> do you happen to have the 2 files ?
<smoser> that i can look at
<Daviey> smoser, two moments... i'll push it
<Daviey> urg... is LP readonly?
<smoser> the world is hosed right now
<zul> hmm...i wonder what happened
<Daviey> *sigh*
<Daviey> http://identi.ca/launchpadstatus
<smoser> its a good thing we're not trying to make a release this week.
<smoser> oh, and by the way, Daviey zul there is a release on thursday. so  you can't complain that you diddn't know you were supposed to be testing :)
<zul> :
<zul> :)
<zul> smoser: arse
<Daviey> smoser, :)
<smoser> Daviey, ok. re-reading that pathc
<smoser> you're chaning lines that i did not change
<smoser> right ?
<smoser> Daviey, so, yeah, this is what i was talking about
<Daviey> smoser, no... refreshing your patch against upstream
<smoser> they keep appending, but not shrinking the MAX and such
<smoser> there, i guess, upstream fixed that issue
<Daviey> smoser, cool
<smoser> that make sense ?
<Daviey> smoser, I won't test that change... if you are happy with it, and this build goes well - i'll upload it.
<smoser> oh yeah, no reason to test anything
<smoser> i surely dont make mistakes
<smoser> but that interdiff does look pretty straight forward
 * zul__ throws his laptop out of the window
<iggi> When I try to start a storage pool with libvirt I get a permission denied, even though the directory has rwx for everyone and the user libvirt is running as owns the directory, can anyone help?
<Italian_Plumber> anyone else experiencing lag on the update servers?
<patdk-wk> yep
<patdk-wk> been horrible this week
<binBASH> maybe update servers have been relocated to egypt
<patdk-wk> libra maybe?
<Italian_Plumber> argh.
<binBASH> Italian_Plumber: Sponsor bandwidth maybe?
<Italian_Plumber> good point
<jkg> what sort of available diskspace / monthly bw allowance would one need, in order to help out?
<jkg> (I suspect I have the latter in spades but not the former)
<iggi> Not sure about ubnutu, but for CentOS it was something like 1TB space and 5mbit commit on a 100mbit line
<jkg> yeah, I could easily do the latter but the former would be a problem. ho hum, it was a thought.
<iggi> You can't handle 1TB of space, but can handle 100mbit line?
<jkg> correct.
<iggi> What data center are you in lol, for 5 mbit I could buy a 1TB every month
 * binBASH needs to pay 19 Eur / GB :(
<Italian_Plumber> iggi, I officially envy you immensely. :)
<binBASH> sorry, TB :D
<Italian_Plumber> I have 1/2 mbit upload.
<iggi> I own a server hosting company, multi gigabit is what I have, but still costs me quite a bit.
<jkg> iggi: I'm with Hetzner, we get about 4TB/mo, which is 12.5ish Mbps average
<binBASH> Well 1 GBit Flat I was offered for 1,30 Eur / MBit
<jkg> but storage is far more expensive
<binBASH> hetzner = 6,90 Eur / TB :)
<iggi> Ahh yes, I am in the states. Detroit to be exact, our problem is less space and more bandwidth heh
<binBASH> iggi: what are mbit prices in us?
<binBASH> I heard us is quite expensive...
<iggi> The problem is more with the quality
<binBASH> iggi: Is there something equivalent to hetzner in US?
<iggi> I have a postcard from hurricane electric, they want to give me 1gbps for $1500 (0,80 euro iirc)
<\sh> binBASH: don't compare hetzner with a real datacenter provider with isp functionality like equinix ;)
<binBASH> \sh: yeah, equinix. Those are the most expensive I've seen yet.
<iggi> In large cities, i.e. NYC, Chicago, LA, DC its like $6/mbit @ 100mbit
<\sh> realiable bandwith and network costs more then server4you or hetzner or 1&1 can offer
<binBASH> \sh: I was hosted at Abovenet. Was quite stable
<binBASH> Hower that was in 2001 :P 1 MBit was like 185 Eur
<iggi> Where I am at your talking $15/mbit at 100mbit :( But we are primarily level3, savvis, global crossing with a best path routing
<uvirtbot> New bug: #727257 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727257
<\sh> binBASH: abovenet was MCI worldcom wasn't it?
<binBASH> \sh: No no, Metromedia.
<binBASH> \sh: You know they hosted UBS swiss bank at the same datacenter I was in.
<RoAkSoAx> zul: btw I already provided branches for vsftpd bugs I was pointing to you yesterday :) so they should be ready for sponsorship
<zul> RoAkSoAx: yeah i saw i just havent gotten a chance to do it yet
<binBASH> \sh: nowadays I host at www.interwerk.de. It's quite nice for the prices they have.
<RoAkSoAx> zul: no worries then :).
<binBASH> \sh: I will get into second datacenter in Summer I hope http://www.first-colo.net/DE/?site=rechenzentrum
<iggi> binBASH: How is pricing over there?
<binBASH> iggi: Where? First-Colo?
<binBASH> iggi: At my current datacenter 1 TB = 19 Eur incl. 19% taxes or 3,50 Eur / Mbit
<iggi> binBASH: We have been looking for a European location. London wanted $2500 for a ful lrack with 10mbit (I could get something like that with 100mbit for less than that here)
<RoyK> iggi: http://www.thordc.com/ is said to be quite decently priced
<RoyK> not in England, though, a bit further north
<iggi> RoyK: I will have to check who it was, but they were in downtown london
<RoyK> those icelanders (thordc.com) have very low power costs
<iggi> RoyK: Geothermal power is cheap there eh?
<RoyK> iggi: more important is that they can't export their power
<RoyK> power is theoretically cheap in Norway as well, but since it can be easily exported, prices balance with other European countries
<RoAkSoAx> Daviey: ping
<Daviey> RoAkSoAx, o/
<RoAkSoAx> Daviey: o/ could you please take a look to bug #726769
<uvirtbot> Launchpad bug 726769 in eucalyptus "package eucalyptus-common 2.0.1 bzr1255-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726769
<Daviey> RoAkSoAx, yeah.. i know about that one... sadly
<chrislabeard> Hey guys for some reason ehcp is not creating directories when i create a new domain any ideas?
<RoAkSoAx> Daviey: any ideas why?
<RoAkSoAx> Daviey: i would guess it might be related to new upstart upstream release?
<Daviey> RoAkSoAx, Seems to be related to the upstart job
<uvirtbot> New bug: #723871 in qemu "qemu-kvm-0.14.0 Aborts with -vga qxl" [Undecided,Confirmed] https://launchpad.net/bugs/723871
<Daviey> either the upstart job is buggy (it is scary), or it's related to euca having ld issues which should now be fixed
<RoAkSoAx> Daviey: I don't think might be about the ld issues. I just commented the "instance $IFACE" line in the upstart job, then dpkg --configure -a and configured correctly and everything is working nice
<RoAkSoAx> Daviey: what's the exact use of that line though?
<RoAkSoAx> jhunt: any ideas?? ^^
<Daviey> jhunt, This is the issue  i was pinging you about the other day
<Daviey> $IFACE hasn't been expanded at that time
<Daviey> I don't /exactly/ know the issue
<RoAkSoAx> Daviey: for what I can read in the documentation, maybe "instance $IFACE" is no longer
<Daviey> RoAkSoAx, does this help - http://upstart.ubuntu.com/wiki/States ?
 * RoAkSoAx reads
<bdmurray> zul: since you opened releases tasks for bug 725672 does that mean it isn't new anymore?
<uvirtbot> Launchpad bug 725672 in php5 "PHP 5.3.3-1ubuntu9.3 with Suhosin-Patch crashes (segfault) when using big SplFixedArray" [Undecided,New] https://launchpad.net/bugs/725672
<genii-around> Hm
 * genii-around checks his php version
<zul> bdmurray: ill update the bug i was working on it and my laptop powered off
<bdmurray> zul: that's exciting
<uvirtbot> New bug: #727293 in bind9 (main) "/usr/sbin/postconf: fatal: open /etc/postfix/main.cf: No such file or directory cp: `/etc/resolv.conf' and `/etc/resolv.conf' are the same file run-parts: /etc/resolvconf/update-libc.d/postfix exited with return code 1  * Reloading Squid HTTP Proxy 3.x configuration files    ...done. run-parts: /etc/resolvconf/update.d/libc exited with return code 1 invoke-rc.d: initscript bind9, action "restart" failed." [Undeci
<zul> bdmurray: P
<chrislabeard> What is used for firewall in ubuntu I forgot?
<thesheff17_> chrislabeard: iptables & ufw
<chrislabeard> ahh ufw
<RoAkSoAx> Daviey: i think it is an issue with upstart
<Daviey> RoAkSoAx, yeah.. just not sure /what/ issue yet
<RoAkSoAx> is it just me or the archives are slow today?
<Daviey> RoAkSoAx, yes...the whole internet seems slow today
<Aison> something wrong with security.ubuntu.com?
<Aison> here it's very slow
<jdstrand> Aison: known issue. bombarding with requests. it will be resolving in the coming hours
<jdstrand> s/bombarding/bombarded/
<jdstrand> (waiting on mirrors)
<Aison> ok, maybe I should stop requesting also :)
<photerran> is that re: slow updates today?
<Aison> well, i'm downloading with 35.7kB/s
<Aison> :P
<Disconnect> anyone familiar with netbooting/preseeding? trying to automatically partition a vm and it keeps kicking back to the guided-partitioning prompt. the partition script is https://gist.github.com/849593 and there are no errors on console 4.
<BlackZ> zul: ping
<zul> pong
<BlackZ> zul: do you mind if I try to fix the xen-3.3 FTBFS?
<zul> BlackZ: be my guest
<BlackZ> zul: ok :)
<Disconnect> thats exciting. when i hit manual it just cycles through 'no root partition defined'
<Disconnect> (/proc/partitions shows the unpartitioned device though)
<georgie_b> how to do port forwarding from a modem/router to a machine in local lan connected to modem
<georgie_b> how to do port forwarding from a modem/router to a machine in local lan connected to modem
<Pici> georgie_b: Thats not really something thats Ubuntu specific but....
<Pici> !portforward | georgie_b
<ubottu> georgie_b: For instructions on how to set up port-forwarding (for games, torrents, webservers) see http://portforward.com - also see !firewall
<georgie_b> portforward.com has info only abt few popular applications .. hav written my own java prog using sockets nd it works well within lan but gives error when connected over internet
<uvirtbot> New bug: #727356 in tftp-hpa (main) "tftp-hpa crashes on natty (buffer overflow) (dup-of: 727357)" [Undecided,New] https://launchpad.net/bugs/727356
<uvirtbot> New bug: #727357 in tftp-hpa (main) "tftp-hpa client crashes when fetching file" [Undecided,Confirmed] https://launchpad.net/bugs/727357
<georgie_b> @ubottu: i've disabled the firewall
<georgie_b> hello ne body there?
<georgie_b> ne special features in  ubuntu server regarding port forwarding?
<photerran> you can use iptables for that
<photerran> georgie_b: 'man iptables' read the part about the 'nat' table, the PREROUTING chain, and the DNAT target
<georgie_b> @photerran how exactly?
<Pici> There are no iptables rules by default, so if your application is listening on a port you should be able to connect to it.
<photerran> he's gone
<zul_> stgraber: ok fixed
<Pici> oh well
<aazert> hello
<aazert> i create several user for ftp access, those user can see every folder on my system from / to end,  my question how to specify a user to just allow on only one folder
<aazert> and not the rest on my system , what i have to do ?
<photerran> what ftp server are you using?
<aazert> vsftpd
<stgraber> zul: cool
<photerran> what you want to do is called "chroot" for the user's home dir
<aazert> ok i create an user, i just want to alow him on /var/www i don't event want that user see the rest of the folder
<photerran> see the man page for vsftpd.conf and check out the section called "chroot_local_user"
<aazert> what is the correct syntax for that ?
<lenios> !google vsftpd chroot
<ubottu> I have no google command, use http://www.google.com/
<lenios> ha
<aazert> ok i put chroot_local_user=yes on /etc/vsftpd.conf
<aazert> but still that user can see the rest of the folder
<photerran> you may need to restart the vsftpd service for it to read the new config
<RoyK> aazert: did you restart vsftpd?
<aazert> how to restart vsftpd ?
<aazert> service vsftpd restart this one not working
<aazert> it says unknown instance
<lenios> /etc/init.d/vsftpd restart?
<aazert> neither working
<Disconnect> still fighting this partitioning. selecting auto works, except it allocates 4 gigs (out of 4.5) for swap. (its not reading the script, I updated the max size to '200%' and its a 512M vm..) I'd really like partman to just do what I tell it. (swap 2x ram, rest to /)
<aazert> http://paste.ubuntu.com/574110/
<thesheff17> Disconnect: can you pastebin your script?
<Disconnect> https://gist.github.com/849593
<Disconnect> just added the first line, waiting to see what it does now..
<photerran> aazert: try 'ls /etc/init.d | grep ftp' to see what services have ftp in their name
<photerran> maybe it is called something else (vsftp?)
<Disconnect> might be running through inetd
<photerran> true
<thesheff17> Disconnect: here is my example: not sure if it will help.  Yes partman is very aggravating https://www.frackingtubes.com/wiki/index.php/Ubuntu_preseed.cfg_installs_off_PXE_Boot
<RyanP> Disconnect: Just so you know, I'm dealing with exactally the same thing at the moment.
<Disconnect> lol. yah. unless you use auto, its a complete disaster with missing docs (that weren't correct to begin with)
<Disconnect> hmm. method 'regular' is new, lets see what that does
<aazert> the service is runing as vsftpd
<aazert> but can't restart
<aazert> ok i reboot my syst
<aazert> just a sec
<Disconnect> that worked :)
<thesheff17> Disconnect: sweet :)
<david506> other than SIGINT ( CTRL+C ) and SIGQUIT ( CTRL+\ ), what signals can I send a program with my keyboard directly without the use of pkill, kill or any other command ?
<aazert> i just reboot my server photerran but chroot still don't work
<Disconnect> some ftp servers require a different binary for chroot support. is there an alternate package?
<fakhir> hello. my server (ubuntu server 10.10) has high load averages (1.69) but now CPU usage (0%). i gather this is likely an IO problem. how care i figure out what is going on?
<aazert> no alternate package Disconnect
<iggi> fakhir: have you tried to run an IO test to see if it is actually choked? I have had a bad CPU or memory do that to me before
<Disconnect> thesheff17: arguing with sizes but that seems to have put me on the right track. (the missing 'regular' type was my holdup) now if i could just get it to make a 768M swap and a 3.9g root (instead of the other way around..) i'd be good :)
<fakhir> iggi, no i have not. to you have a recommended io test application?
<photerran> fakhir: you can install the 'sysstat' package which provides the 'iostat' utility.  it will report on IO usage.
<iggi> fakhir: There is one built in, let me see
<iggi> photerran: Cant you use "sudo hdparm -t /dev/hda"
<thesheff17> Disconnect: yea if you look at my example I make a 2GB swap, 512mb boot, and then it will use the rest for ext4 for root.
<Disconnect> yah
<thesheff17> but yes getting it correct was very aggravating.
<photerran> iggi: iostat reports io subsystem usage, its not a benchmark as far as I know.
<photerran> i find it helpful in diagnosing a live system (where running a benchmark may not be practical or even possible)
<photerran> fakhir: also you might try the 'top' command, which does not require any additional packages
<fakhir> photerran, top does show much beyond what i included in my question. i will test some of the io applications out there. thanks.
<photerran> if top shows a large CPU Wait % then iostat may help track down the cause
<Disconnect> any app that is waiting for anything -could- be contributing to load. unless the system is sluggish or otherwise behaving badly, load itself isn't a bad thing.
<photerran> you might also check for network interface errors using ifconfig
<fakhir> ok
<uvirtbot> New bug: #727412 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727412
<RoAkSoAx> zul: could you also sponsor bug #727422 when you have the time please?
<uvirtbot> Launchpad bug 727422 in pacemaker "o2cb RA has a killproc command not existent in Ubuntu" [Wishlist,Confirmed] https://launchpad.net/bugs/727422
<uvirtbot> New bug: #727436 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727436
<eMgz>  hi, I'm trying to do a GRE over IPsec. both tunnels seem to be set correctly, but the GRE traffic is not going over ipsec. I'm using NETKEY, so I'd like to know how does NETKEY finds out what should go through ipsec?
<Daviey> RoAkSoAx, As zul doesn't seem to be around... I am happy to sponsor, but can you please add DEP3 headers
<RoAkSoAx> Daviey: you finally applied for core dev huh? Congrats!!
<Daviey> RoAkSoAx, :-)
<Daviey> Thanks
<RoAkSoAx> Daviey: i'm collecting all the bugs and stuff I've worked on to do the same soon
<Daviey> RoAkSoAx, awesome!  Keep us posted on your progress... I do have a script for finding all the uploads you've done... maybe that will help?
<RoAkSoAx> Daviey: cool, yes please!! I was looking into launchpadlib to do that myself, but since you already did it >P
<Daviey> RoAkSoAx, launchpadlib won't help :(
<RoAkSoAx> Daviey: yeah i found that out  >P
<Daviey> RoAkSoAx, In order to use the LP API for that, bug #372704 needs exposing
<uvirtbot> Launchpad bug 372704 in launchpad "expose Signed-by and Changed-by via API" [High,Fix released] https://launchpad.net/bugs/372704
<Daviey> Fix Released!!
<Daviey> crikey
<RoAkSoAx> lol
<RoAkSoAx> hahaha
<Daviey> RoAkSoAx, I am wrong then... you can use the API :)
<RoAkSoAx> indeed
<RoAkSoAx> Daviey: eitherway I'd also appreciuate your script
<Daviey> Fixed over a year ago... and I didn't know :)
<Daviey> RoAkSoAx, I'll pull out my lplib one... The one i used until now parses mbox files of $distro-changes :)
<Daviey> screenscraping mailman archive interface to pull in the mbox files
<Daviey> yuk.
<RoAkSoAx> Daviey: it's all goo I can use that one in the meantime >P
<Daviey> RoAkSoAx, give me a few mins
<Gray> hi
<RoAkSoAx> Daviey: ok done! added the DEP-3 headers. Note that I'm "updating" an existant patch. So you'll have to grab the source, then quilt pop -a to unapply the patches, then patch -p1 <../pacemaker.debdiff and you know >P
<Daviey> RoAkSoAx, Ever heard of bzr? :)
<RoAkSoAx> Daviey: yeah but my inet connection today is not so happy and takes for ever >P
<RoAkSoAx> and I find it much muchs faster to do it the old way >)
<Daviey> RoAkSoAx, i forgot how big it is
<aazert> hello there
<aazert> after an reboot i can't able to access to my server over ssh
<aazert> so i reboot it with a live cd
<chrislabeard> My all of the mail coming from my server is being marked as spam by gmail any ideas?
<aazert> so my question
<aazert> is it possible to reinstall ssh from livecd to my server ?
<aazert> i never faced this problem
<aazert> hello
<thesheff17> aazert: why would you have to boot the live cd... does the server still boot?
<aazert> i got conection refused during ssh authentification
<aazert> do you get ?
<thesheff17> aazert: sure but booting to the live cd means you are sitting in front of the server right?  Maybe I'm confused.
<aazert> no i m server is an remote one
<aazert> that's why i reboot from live cd
<thesheff17> aazert: you have to chroot into the installed file system and then just do apt-get install ssh...it is a little hard to do...if you haven't done a ton of configuration I would just re-install and make sure to select openssh during install.
<aazert> how to chroot into installed file system ?
<thesheff17> aazert: http://superuser.com/questions/111152/whats-the-proper-way-to-prepare-chroot-to-recover-a-broken-linux-installation don't copy anything around...just mount everything then use the chroot command.
<uvirtbot> New bug: #727478 in mysql-5.1 (main) "mysql upgrade hang at 'installing new version of config file /etc/init/mysql.conf' during upgrade from 10.10 to 11.04" [Medium,Confirmed] https://launchpad.net/bugs/727478
<MattPMc> Greetings, oh geniuses of the Ubu.
<MattPMc> Seriously, I've downloaded 10.10 server 64-bit and am having issues. I installed it on a Dell PowerEdge with RAID 5. All went well. After the reboot it brings me up to GRUB. Now, I don't know GRUB to save my bacon.
<aazert> thanks thesheff17
<aazert> i m on it
<tsrk> I have a daemon that takes about 20 seconds to stop. How can I make Ubuntu wait for it to exit cleanly before finishing the shutdown process?
<media> Hi... I've an ubuntu server 8.04 LTS on a server. It's some time I don't find update with apt-get alse if I found some security advice about this version. Must I change any  software source.. I can only update?
<twb> mquin: pastebin the output of "apt-cache policy"
<twb> Sorry, that was for someone that just left.
<kklimonda> tsrk: have you tried setting kill timeout in the upstart config file?
<tsrk> kklimonda: yes, it still kills it after 3 seconds or so though
<twb> tsrk: what was the issue/question?
<kklimonda> weird, that's afair how similar issue with mysql has been fixed
<tsrk> kwb: I have a daemon that takes about 20 seconds to stop. How can I make Ubuntu wait for it to exit cleanly before finishing the shutdown process?
<tsrk> twb: * I have a daemon that takes about 20 seconds to stop. How can I make Ubuntu wait for it to exit cleanly before finishing the shutdown process?
<twb> tsrk: ooh, good question.
<tsrk> twb: it'd be better if i could find the answer =P
<kklimonda> tsrk: are you sure it's being killed? upstart should send the TERM signal first, then wait X seconds (defined by kill timeout) before sending KILL
<twb> I would try a pre-stop script that kill -15'd the process, then spin-locked for up to 20 seconds
<twb> #upstart would know better
<twb> kklimonda: oh, upstart has a customizable timeout now.  Never mind me, then
<tsrk> twb, kklimonda: it's actually the pre-stop script that takes the time
<kklimonda> tsrk: aiui upstart waits for pre-stop script to finish.
<twb> Perhaps wrap the pre-stop script in a timeout(1), then
<twb> That's part of coreutils nowadays, so you can assume it's installed
<tsrk> kklimonda, twb: here's my upstart config: http://paste.ubuntu.com/574211/
<tsrk> (that's not my actual scripts of course, just trying to get that to work first)
<tsrk> i don't know much about upstart so i might be doing something horribly wrong
<twb> pre-stop exec timeout 20s sleep 30
<twb> AIUI the "kill timeout 60" means that it waits 60s after sending a HUP to the *script* pid (not pre-stop/start script), before giving up waiting and sending a TERM
<twb> Yeah init(5) confirms that interpretation
<twb> tsrk: in other words, "kill timeout" has no effect on your "sleep 30"
<kklimonda> it's actually TERM and then KILL
<tsrk> twb: ok, trying that, one sec
<twb> TERM is 15 isn't it?
<kklimonda> twb: yes
<tsrk> twb: i put the "sleep 30" in a script because the real stuff will be in a script in the config file. how can i apply a timeout to the whole script?
<twb> tsrk: timeout 30s sh -c 'your whole script'
<twb> tsrk: or timeout 30s /usr/share/foo/foo.sh
<tsrk> twb: i tried this: "pre-stop exec timeout 60s sleep 30", but it still reboots immediately
<twb> Define "reboots"
<twb> Are you issuing "initctl reload-configuration" after each edit?
<tsrk> twb: i've been using the "reboot" command to reboot the vm, and it comes back online within 10-15 seconds
<hallyn> kirkland: looking at bug 723871, would you agree that's worth pursuing a FFE ?
<uvirtbot> Launchpad bug 723871 in qemu-kvm "qemu-kvm-0.14.0 Aborts with -vga qxl" [Medium,In progress] https://launchpad.net/bugs/723871
<twb> reboot doesn't reread the config file IIRC
<hallyn> Daviey: ^
<tsrk> twb: no.... that might be one problem
<twb> You need to stop and then start
<Daviey> hallyn, looking
<juanito1> hola
<Daviey> hallyn, why would it need a FFe?
<tsrk> twb: even after reloading, it still reboots immediately
<juanito1> spanish ?
<twb> !es
<ubottu> En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<juanito1> si pero necesito informacion de servidores
<juanito1> :S
<hallyn> Daviey: cause we're in soft freeze?
<hallyn> Daviey: doesn't apply for bugfixes/
<RoAkSoAx> juanito1: en ese canal tambien puede ser que encuentres ayuda de servidores
<hallyn> Daviey: can you push that fix then?  :)  (I don't think my PPU rights are effective yet)
<juanito1> RoAkSoAx, gracias, dime que necesito para montar una web como taringa
#ubuntu-server 2011-03-02
<RoAkSoAx> juanito1: https://help.ubuntu.com/community/ApacheMySQLPHP
<twb> Como se dice "taringa" en ingles?
<RoAkSoAx> twb: that word doesn't even exist :)
<twb> RoAkSoAx: hence my confusion
<RoAkSoAx> twb: he meant taringa.com
<twb> Ah.
<juanito1> RoAkSoAx, je , si eh leere, y en cuanto al hardware que necesito ?
<kklimonda> tsrk: something like this works fine: http://pastebin.com/DVBRVRyh and http://pastebin.com/GaRpCnnu
<Daviey> hallyn, No.. you only need a FFe for new features
<Daviey> hallyn, Are you asking me to review it or just upload it?
<Daviey> hallyn, Considering you have access to that component, i shouldn't need to build test, right? :)
<RoAkSoAx> juanito1: www.linode.com :) No necesitas HW realmente. Puedes tener un VPS
<kklimonda> soft freeze also applies to bugfixes - if the package lands on the CD, it's good to make sure that the fix doesn't break anything else :)
<hallyn> Daviey: just to upload.  I can't yet push to the bzr tree :)
<RoAkSoAx> Daviey: Dave "the night" Walker >P
<hallyn> Daviey: given I was squeemish about asking for upload rights at all, I'd certainly not mind a quick review/test if you had the cycles.  Though I assume you wouldn't have the time tonight, it being...  late
<twb> RoAkSoAx: he also needs some web developers to write the site :-)
<RoAkSoAx> twb: indeed!
<juanito1> RoAkSoAx, gracias
<juanito1> thanks
<RoAkSoAx> juanito1: de nada ;)
<hallyn> kim0: tossed bug 723796 over to you :)
<uvirtbot> Launchpad bug 723796 in qemu-kvm "Enable spice in kvm" [Low,Confirmed] https://launchpad.net/bugs/723796
<juanito1> RoAkSoAx, y habra servidores virtuales gratuitos ?
<RoAkSoAx> juanito1: no no que yo conosca al menos
<juanito1> RoAkSoAx, como para practicar
<juanito1> vale
<tsrk> twb: thank you, what does the "trap" line of that do?
<Daviey> hallyn, looks good, built fine, uploaded
<aazert> hello
<aazert> during an install i have to write Yes to continue, how to avoid that ?
<aazert> i mean is there any option like :: apt-get install -Y package ?
<ahs3> aazert: use it cautiously -- apt-get install --force-yes foo
<Daviey> aazert, -y should be enough
<aazert> when it is in french ?
<aazert> i have to put O ?
<aazert> for OUI
<Daviey> aazert, I don't believe that is internationalised
<Daviey> hallyn, you pinged out... did you see:
<Daviey> <Daviey> hallyn, looks good, built fine, uploaded
<twb> tsrk: eh, what trap?
<twb> tsrk: oh, that was for kklimonda.  It evaluates the first argument when the shell receives the TERM signal.
<hallyn> Daviey: awesome, thanks!
<twb> tsrk: I think kklimonda is proposing that you move everything into the main "start script" stanza, and have a function cleanup() that you then run when the TERM signal is received.  That way, it'll start when upstart sends TERM, and if it takes too long, upstart will send a KILL to it
<twb> tsrk: I think kklimonda's approach is sound; you should try it
<aazert> command not working Daviey
<aazert> i need to remove a package
<aazert> but not working
<aazert> what i have done is : apt-get autoremove --force-yes konqueror
<aazert> it is still ask me for yes or not
<aazert> do you get what i mean ? Daviey
<hallyn> aazert: add '-y' as well ?
<juanito1> RoAkSoAx, encontre una web que te da servidores gratuitos 10gb de espacio
<aazert> thanks a lot working now hallyn
<juanito1> http://www.servidorvirtualgratis.com/        RoAkSoAx
<juanito1> con eso puedo practicar ?
<tsrk> twb: ok, i'll try that. stupid question: how do i run something from a bash script on the TERM signal?
<RoAkSoAx> juanito1: supongo que si siempre y cyuando no sea SCAMs
<RoAkSoAx> juanito1: yo te recomendaria que instales una maquina virtual y mpractiques ahi primero
<twb> tsrk: cleanup () { echo foo; echo bar; }; trap cleanup TERM
<twb> tsrk: i.e. you make it a function
<juanito1> RoAkSoAx, y que virtualizo, el windows sever 2008 r2 ?
<juanito1> y practico con la web que te pase es eso .
<juanito1> disculpa no se mucho :S
<tsrk> twb: oh, now i understand trap! thank you!
<aazert> when i try to restart my ssh service this is what i got : http://paste.ubuntu.com/
<aazert> what could be the problem ?
<aazert> this one : http://paste.ubuntu.com/574228/
<aazert> what  i have to do exactly ?
<linuxtech> Anyone have issues with the security issued kernel install?  linux-image-2.6.32-29-generic-pae appears to have some debconf/perl  issue. http://paste.ubuntu.com/574261/plain/
<uvirtbot> New bug: #727569 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727569
<boxybrown> is there a way to include a netgroup in an /etc/group entry?
<boxybrown> specifically I would like to add all members of a particular netgroup to a particular /etc/group, like wheel or admin or something
<twb> boxybrown: wow, you still use netgroups?
<twb> boxybrown: wait... do you mean NIS netgroups, i.e. nsswitch.conf's "netgroup: nis"?
<twb> boxybrown: or are you just using the term to mean "groups that come from the network"?
<boxybrown> twb: we are using netgroups, as in /etc/netgroups
<boxybrown> yes its messed up
<boxybrown> dont ask me why
<boxybrown> brb
<chrislabeard> how do i compile a program?
<chrislabeard> I'm trying to do ./configure
<chrislabeard> its not working
<TimyC> Good evening. I have looked just about everywhere but I cannot get mysql server to start up on ubuntu server. I have tried purging it and reinstalling, creating the debian-sys-maint user... and the service just will not seem to start up. Any help would be greatly appreciated.
<EvilPhoenix> chrislabeard, what program?
<chrislabeard> I sorta figured it out I'm trying to install zoneminder
<EvilPhoenix> TimyC, try "sudo /etc/init.d/mysql restart"
<chrislabeard> probly one of the harder installs I've done
<EvilPhoenix> were there installation instructions with it?
<EvilPhoenix> (there should be)
<EvilPhoenix> TimyC, try "sudo /etc/init.d/mysql start"  <--- that
<EvilPhoenix> i made a mistake :P
<TimyC> EvilPhoenix, That gave me an error, Start: job failed to start
<EvilPhoenix> TimyC, you're sure you installed mysql-server ?
<TimyC> (which is basically one of the few errors I keep getting every time)
<TimyC> Well I believe I did yes
<TimyC> sudo apt-get install mysql-server
<EvilPhoenix> that should've done it
<EvilPhoenix> hm
<TimyC> Infact when I type that now, it says I have the latest version
<EvilPhoenix> o.O
<EvilPhoenix> strange
<EvilPhoenix> then there must me some glitch in your install or something :/
<EvilPhoenix> something i'm not able to help you with, unfortunately
<EvilPhoenix> someone else might be along who could help though :/
<TimyC> I understand and appreciate your efforts :)
 * TimyC can't even seem to get it to purge at this point properly
<EvilPhoenix> o.O
<EvilPhoenix> sounds like you've  got a messed up install or something
<TimyC> On a managed server... it's a wonderful issue
<chrislabeard> anyone ever installed zoneminder
<chrislabeard> man webcams are confusing
<uvirtbot> New bug: #711534 in eucalyptus "euca-upload-bundle fails when connecting to Eucalyptus and a path in bucket is specified " [Undecided,Fix committed] https://launchpad.net/bugs/711534
<chrislabeard> I do not understand this motion thing its asking for a password and nowhere do I see anything about a password
<Sheepherd> hi guys im struggling to set up my apache2 web server. the manual says i need to change the RedirectMatch directive but i cant seem to find it
<twb> Sheepherd: what manual?
<Sheepherd> twb: http://goo.gl/wfDzA
<twb> Sheepherd: so, you're running 8.04?
<Sheepherd> twb: naw its 10.10 but shouldnt matter i guess since its about apache and not buntu. i was able to set up the website and get the message "It works!" when i visit my ip
<Sheepherd> only thing is that ive got no idea how i set up the webinterface of apache or better said enable it
<soren> The webinterface of Apache?
<Sheepherd> well ive only used apache with xampp up until now. that webinterface i get there isnt default by apache?
<twb> Sheepherd: change 8.04 to 10.10 in the URL, then
<Sheepherd> twb: why should that number be in the url? i just type in the ip of my machine
<twb> WTF is the X in "XAMPP"?
<twb> Sheepherd: sigh
<twb> Sheepherd: you linked to https://help.ubuntu.com/8.04/serverguide/C/httpd.html
<twb> Sheepherd: you should use https://help.ubuntu.com/10.10/serverguide/C/httpd.html
<Sheepherd> aaaaah... wow i failed pretty bad here
<twb> They are probably mostly the same, but maybe things are different in your version, so you should read the documentation for the version you're using.
<Sheepherd> didnt notice the version difference
<Sheepherd> and no idea what the x stands for ^^
<twb> "X (meaning cross-platform)"
<twb> Sheesh.
<twb> I wish these non-military types would get off my arpanet.
<zerozille> can someone help me with fully remove shorewall? on ubuntu server
<twb> aptitude purge shorewall?
<zerozille> twb il tried that
<zerozille> but still all my ports are closed
<zerozille> can annyone help me with removing shorewall?
<zerozille> after removing it its still block all ports
<zerozille> can annyone help me with removing shorewall?
<zerozille> can annyone help me with removing shorewall on ubuntu server
<zerozille> after remove and purge it still block ports
<zerozille> ?
<soren> Did you reboot?
<zerozille> yes
<zerozille> even put of the power manual
<zerozille> its afresh install from ubuntu server
<zerozille> evry thing worked before installing shorewall
<zerozille> so i removed it
<zerozille> but still samen problem all ports closed on server
<soren> zerozille: What exactly are the symptoms?
<uvirtbot> New bug: #727643 in php5 (main) "package php5-fpm 5.3.5-1ubuntu1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 255" [Undecided,New] https://launchpad.net/bugs/727643
<zerozille> well i can't ping to anny port
<zerozille> i only have shh port forward
<zerozille> this is since i intalled shorewall
<zerozille> installed
<zerozille> so i removed shorewall
<zerozille> and did the purch thing
<zerozille> but still is for example port 80 closed
<zerozille> so web is not available
<zerozille> i have put off utf
<zerozille> i rebooted
<zerozille> still same problem
<binBASH> moin \sh
<\sh> moins binBASH
<huats> morning
<uvirtbot> New bug: #727676 in antlr3 (main) "[BLOCKED] Sync antlr3 3.2-5 (main) from Debian testing (main)" [Wishlist,Incomplete] https://launchpad.net/bugs/727676
<izual> Hello, I am running the latest ubuntu server (32-bit) and I want to automount my USB hard drive. I have done so through /etc/fstab by adding a line but this does not allow write access. Any tip?
<Daviey> jamespage, Am i right in saying antlr3 sync is planned for o-series, not Natty?
<jamespage> Daviey: yep - just flagging things to myself for UDS as I find them - these are all blocked by maven-debian-helper not being in main.
<jamespage> should I target it for o-series?
<Daviey> jamespage, meh... that'll be fine i think
<Daviey> jamespage, i was just checking if you were planning on a last minute dash for m-d-h in main for Natty :)
 * jamespage falls off his seating from laughing to much....
<jamespage> have some work items for jenkins for alpha3 so having a jenkins day today
<jamespage> PS - if you want to see what is currently blocked by maven-debian-helper not being in main search with tag mdh-blocked
<jamespage> Still need to add at least 3 bugs to that list.
<Daviey> yeah, i noticed you added that tag... good thinking
<Daviey> jamespage, The remaining TODO's on https://launchpad.net/ubuntu/+spec/packageselection-server-n-hudson ... Is that planned to be done before /tomorrow/?
<Daviey> jamespage, Those are all PPA item's right?
<jamespage> All PPA items  - I will work on them up until the end of tomorrow and see how far I get
<jamespage> technically does not need to complete for alpha-3 (that was just the target robbiew and I agreed on)
<Daviey> jamespage, What chance do you think you'll have of getting them done before A3 is announced?
<Daviey> tricky question i know :(
 * jamespage thinks about it very hard
<Daviey> jamespage, Would it be better to re-target to Beta 1 for the remaining stuff?
<Daviey> Not that it really matters for the release process... but setting expectations and skewing the burn down chart.
<jamespage> I won't get them all done; I've just hit a minor new problem with one of the packages I've already done (something in dpkg has changed)
<Daviey> oh joy :)
<Daviey> What issue is that?
<jamespage> So pushing them back to Beta 1 (or a later date) would be OK with me - as its PPA work that I manage that should be OK from the release perspective as well.
<Daviey> jamespage, can you make it so? :)
<jamespage> dpkg error: http://paste.ubuntu.com/574400/
<jamespage> one of my packages upstream version number does not start with a digit - this was OK until this week
<jamespage> discovered this yesterday afternoon when I uploaded the first jenkins-plugin (bzr) to the testing PPA.
<jamespage> I've only just started looking at it TBH
<Daviey> jamespage, try setting the epoch of 0:build212-hudson-6-0ubuntu1~test1
<Daviey> technically 0: is implied.... but it might work
<jamespage> OK - I will give it a whizz - but something has changed....
<Daviey> jamespage, cjwatson is your man for that i think
<cjwatson> 0: should make no difference
<cjwatson>   * Do not allow versions starting with non-digit when doing strict parsing,
<cjwatson>     warn otherwise.
<cjwatson> dpkg now enforces what has been a policy restriction since forever
<cjwatson> you should fix your version number to conform to policy
<cjwatson> http://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-Version
<Daviey> I just read that at the same time :)
<jamespage> So: build212-hudson-6-0ubuntu1~test1 -> 212-hudson-6-0ubuntu1~test1
<jamespage> and munge my watch file to deal with this....
<Daviey> jamespage, is build212 the upstream release, or just a snapshot of a major version?
<Daviey> does hudson/jenkins /have/ major releases?
<jamespage> build212-hudson-6 is the upstream release
<jamespage> but that said this is a Jenkins managed branch of a further upstream project
<cjwatson> if there are upstream releases, you should ensure that the version falls in proper sequence between them
<jamespage> that project uses build numbers as releases - see http://svn.svnkit.com/repos/svnkit/tags/1.3.2/contrib/trilead/HISTORY.txt
<jamespage> so this is the Jenkins branch of the upstream build212 release
<jamespage> New upstream->upstream releases are unlikely as its not being actively developed.
<Daviey> jamespage, Kinda *good* that a CI tool considers each build a release :)
<Daviey> Sort of eating their own dogfood
<Daviey> jamespage, There is one non-development todo for https://launchpad.net/ubuntu/+spec/packageselection-server-n-java-library-housekeeping ... fancy re-targeting that for beta?
<jamespage> Yeah - OK
<Daviey> zul, https://launchpad.net/ubuntu/+spec/cloud-server-n-openstack-integration .. 3 WI's need something doing with them
<Daviey> zul, Have we missed a nova upload?
<zul> nope i just over estimated
<zul> and cant read
<jamespage> Daviey: done
<Daviey> zul, heh.. it boggled me aswell...
<Daviey> jamespage, awesome
<jamespage> just need to re-jig me jenkins WI's
<jamespage> see to have my London accent on today
<Daviey> jamespage, 'lright guv'nor
<Daviey> smoser, Around?
<Daviey> jamespage, Does [james-page] Automate EC2 testing and increase depth of image testing using unittest/subunit: INPROGRESS <-- need postponing?
<Daviey> (https://launchpad.net/ubuntu/+spec/cloud-server-n-automated-testing)
<jamespage> actually no; now I've pushed out all other work items to beta-1 and can work on that now.
<jamespage> Its coming on real nice :-)
<Daviey> jamespage, ro-cking
 * jamespage puts down jenkins until next week :-)
<Daviey> jamespage, Has smoser started his EC2 candidate testing for A3 yet?
<jamespage> he was having trouble yesterday - most of the archives in ec2 where not working - not sure how he got on.
<Daviey> SpamapS, Have you had a chance to review Upstart doc's
<Daviey> jamespage, yeah.. i heard there were some archive issues yesterday
<Daviey> jamespage, I wonder if your magic can be used in production to test A3 images :)
<Daviey> i'll stop distracting you now
<jamespage> TBH it would be a good test case
<Daviey> SpamapS, when you see this, i marked it as postponed and added it to the  general pool targeted towards beta.
<Daviey> (assuming you are busy this week)
<HackeMate> hello
<Daviey> jamespage, yeah... reporting issues!
<HackeMate> i have a dhcpd running in a ubuntu server, i modified some macs to be able to connect
<HackeMate> and the dhcpd.log declines them, no idea why
<HackeMate> Mar  2 13:06:58 OsiDHCP dhcpd: DHCPDECLINE of 192.168.140.234 from 10:9a:dd:4c:90:4a via eth0: not found
<soren> jamespage: Is the config for your Jenkins jobs available somewhere?
<HackeMate> they are mac os, and the OSX says that ip is assigned to other device
<soren> HackeMate: No way to help without your config.
<jamespage> soren: yes  - however they are not much more that a wrap around python that do all of the hard work.
<HackeMate> sorry, http://pastebin.com/ZP5dx02Q
<HackeMate> fail certainly host uib140234
<soren> jamespage: So where's the python thingamajig?
<jamespage> soren: here https://code.launchpad.net/~ubuntu-server-iso-testing-dev
<soren> jamespage: Oh, I thought this was for testing cloud stuff.
<Daviey> soren, Interested in contributing?
<jamespage> soren: so the ec2 testing and the ISO testing code branches are currently owned by this team
<soren> Is this different from the UEC tests?
<jamespage> the ec2 testing is a refactoring of the work smoser  - not sure whether this is the same thing or not
<HackeMate> now in tail -f dhcpd.log i see this: DHCPREQUEST for 192.168.140.234 from bc:ae:c5:21:ae:67 via eth0
<jamespage> /smoser/smoser did/
<HackeMate> looks like other mac has assigned that host, but isnot
<HackeMate> the server was restarted
<soren> The hudson link in the whiteboard of https://launchpad.net/ubuntu/+spec/cloud-server-n-automated-testing is broken for me.
<jamespage> soren: try this http://hudson.qa.ubuntu-uk.org/
<soren> Oh, that's the same thing?
<jamespage> yep - the URL in the spec was for a temporary instance we used during Maverick testing
<jamespage> its still in ec2 but has a nicer URL now
<soren> Gotcha.
<jamespage> there is no ec2 testing in that instance yet - still working on it locally
<jamespage> although you can use it standalone - writing some docs at the mo.
<soren> I swear I remember seeing a script that would exercise UEC.
<Daviey> soren: Want me to send you  7-minute-workout.avi ?
<soren> *stab*
<SpamapS> Daviey: saw that. Thanks. :)
<Daviey> SpamapS, cool
<Daviey> jamespage, you created a rather pretty bug.... nfi what caused it.. but i like it - http://erk.daviey.com/sync-antrl3.png
<uvirtbot> New bug: #727760 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.4 failed to install/upgrade: subprocesul script post-installation instalat returneazÄ starea de eroare la ieÈire 1" [Undecided,New] https://launchpad.net/bugs/727760
<HackeMate> hi, i discovered my dhcpd is giving an ip to an unauthorized mac address
<HackeMate> how can i kick out that bad address
<HackeMate> dhcpd.leases is empty
<korsakoff-> hi everybody
<smoser> soren, did you find what you were looking for ?
<smoser> lp:~uec-testing-scripts-dev/uec-testing-scripts/trunk/ i think is it
<korsakoff-> someone has a good how-to setup a svn private server (on u 10.04 lts)? I messed with wiki one but I would like to have an exhaustive one.
<rahman> Hi, I am trying to change default umask of apache2. I added "umask 002" to /etc/profile and /etc/apache2/envvars. Restarted the machine but still php uploaded files created with -rw-r--r-- I want to make them -rw-rw-r-- Is there any other tricks?
<soren> smoser: Yes, I think that's the one. thanks!
<Daviey> SpamapS, Can you retarget https://launchpad.net/ubuntu/+spec/packageselection-server-n-commandline-userfriendly miletone against beta-1 please?
<Daviey> Hey smoser !
<smoser> hey.
<Daviey> smoser, you have a few documentation WI's targeted towards A3... Is that something that should be bumped to beta?
<Daviey> https://launchpad.net/ubuntu/+spec/cloud-server-n-image-rebundle
<smoser> probably
<smoser> s/probably/yes/
<Daviey> smoser, https://launchpad.net/ubuntu/+spec/cloud-server-n-cloud-init
<smoser> yes. postponsed ro dropped.
<Daviey> smoser, Are you talking with jamespage about trying to automate the sniff testing of A3 cloud images?
<smoser> well, no.
<smoser> but there would be no point in doing  so
<smoser> they're completely DOA.
<Daviey> smoser, Oh?
<Daviey> smoser, will there be a A3 release of the cloud images, or will they be delayed?
<smoser> there will be images.
<smoser> the debconf changes seem to have bitten me.
<Disconnect> anyone know if the private-cloud stuff still routes everything through one nic? that was pretty bad..
<Daviey> smoser, Is this able to be fixed before A3 final?
<smoser> Daviey, there really isn't a choice.
<Daviey> smoser, anything the rest of us can do to help?
<smoser> well,. heres the problem
<smoser> sometime between 20110228 build and today's build, the code at http://bazaar.launchpad.net/%7Eubuntu-on-ec2/vmbuilder/automated-ec2-builds/annotate/head%3A/vmbuilder-uec-ec2-fixes in line 262-267 stopped functioning correctly.
<Daviey> Hmmm
<smoser> the end result is that in the images,
<smoser> /etc/cloud/cloud.cfg.d/90_dpkg.cfg
<smoser> has
<smoser> # to update this file, run dpkg-reconfigure cloud-init
<smoser> datasource_list: [ NoCloud, OVF ]
<smoser> it *should* have
<smoser> # to update this file, run dpkg-reconfigure cloud-init
<smoser> datasource_list: [ NoCloud, OVF, Ec2 ]
<smoser> its debconf multiarch fallout
<Daviey> smoser, the tail of that file DID work?
<smoser> tail ?
<Daviey> 262->267
<smoser> somewhere between 20110228 and today, those lines stopped doing what they're supposed to do.
<Daviey> smoser, Is this what Colin commented on about using an old debootstrap?
<smoser> where?
<Daviey> hmm
<smoser> (yes, i think this is related, but i dont really see how... this happens well after the image is created, and happens inside a chroot)
<smoser> i would have expected that the installed debconf would have made things work.
<Daviey> grepping mail
<patdk-wk> leave your poor email alone
<Daviey> [09:41:30] <cjwatson> smoser: I suspect the other thing that's happening is that you're using a sufficiently old debootstrap that it doesn't create the /var/lib/dpkg/info/ARCH -> . symlink
<RoAkSoAx> morning all
<Daviey> Afternoon RoAkSoAx
<cjwatson> debconf has nothing to do with anything
<cjwatson> or at least, if that debootstrap fixes it, debconf has nothing to do with anything
 * cjwatson reads more
<cjwatson> debconf multiarch fallout> please explain, this sounds confused
<smoser> i most definitely am using an old debootstrap.
<smoser> i probably am confused.
<cjwatson> dpkg is the thing that was multiarchified, not debconf
<smoser> i only suspected because what is failing to do what it used to do is:
<smoser>  chroot "${rootd}" dpkg-reconfigure --frontend=noninteractive cloud-init
<cjwatson> now, debconf might have ended up getting confused as a side-effect, if /var/lib/dpkg/info/ARCH ended up as a directory not a symlink
<smoser> sorry, then my bad for conrfusion.
<cjwatson> that's an easy thing to check
<cjwatson> if that's so, then some of the metadata will be in /var/lib/dpkg/info and some in /var/lib/dpkg/info/ARCH
<cjwatson> (where ARCH is $(dpkg --print-architecture))
<cjwatson> only the files in /var/lib/dpkg/info/ARCH will be noticed
<cjwatson> using the new debootstrap (it should be in lucid-backports now) will make sure that /var/lib/dpkg/info/ARCH is a symlink
<smoser> cjwatson, so this probably is what is going on. i just thought that the installed dpkg would have set that symlink up.
<smoser> this happens as basically the last thing done.
<cjwatson> smoser: it can't set it up for things that were debootstrap-extracted before dpkg
<cjwatson> or at least not safely
<smoser> cjwatson, so i gather your suggestion is to get the -backports version of debootstrap then
<smoser> cjwatson, so, in the image
<smoser> ls -l /var/lib/dpkg/info/
<smoser> total 76
<smoser> -rw-r--r-- 1 root root     0 Mar  2 07:12 dpkg.list
<smoser> drwxr-xr-x 2 root root 77824 Mar  2 07:21 i386
<smoser> which seems "right"
<smoser>  - /var/cache/debconf/config.dat has the seeded values
<smoser>   and is seen
<smoser> so it would appear to me that a symlink laid down by debootstrap would not fix the problem.
<cjwatson> smoser: no, that's wrong
<Daviey> smoser, I know you have your hands full at the moment, but is the lxc stuff likely to land in A3 images or later?
<cjwatson> smoser: dpkg-reconfigure isn't yet specifically aware of /var/lib/dpkg/info/i386 (there's a bug for that, patch under review)
<cjwatson> smoser: the -backports debootstrap should make this work by way of the symlin
<cjwatson> k
<smoser> ah. yeah.
<smoser> ok.
<smoser> i was reading the symlink wrong http://launchpadlibrarian.net/65373191/debootstrap_1.0.28_1.0.28ubuntu1.diff.gz
<smoser> hm... i' still confused.
<smoser> i'm fine to make the change in debootstrap.
<smoser> ah.. i see now.
<smoser> the debootstrap fix will get make /var/lib/dpkg/info actually get files in it.
<smoser> ok.
<hggdh> Daviey, is Euca ready for testing?
<smoser> adn the dpkg-reconfigure would work because it would just lay down files there. and the issue i was having was that dpkg-reconfigure doesn't thikn theres a config script for my package
<Daviey> hggdh, Still dhcpd woes... but testing as far as you can on two nodes appreciated
<Daviey> hggdh, There is a known postinst issue on euca'-common... the euca'-networking job doesn't finishing starting
<Daviey> At least you can start an instance now... just not contact it.... :)
<hggdh> Daviey, can I run with the ISO image, or should I use the current arch?
<Daviey> If you use the ISO from today, that should be good.
<Daviey> i *suspect* it will crap out due to the postinst
 * hggdh notes RoAkSoAx  is having an identity issue today
<RoAkSoAx> lol
<RoAkSoAx> hggdh, naah just changing to XChat for today's TestDrive session on the UDW instead of irssi :P
<RoAkSoAx> hggdh, btw.. the ISO's for testing are the same as the ones in cdimage.u.c right? (the same ISO's TestDrive downloads)
<Daviey> RoAkSoAx, Yes... I think it's safe to consider /current/ to be the candidate for A3 unless there is a re-roll.
<hggdh> indeed
<hggdh> whatever is the current
<RoAkSoAx> hggdh, ok cool thanks
<zul> how is the iso testing looking?
<izual> Hello, I am running the latest ubuntu server (32-bit) and I want to automount my USB hard drive. I have done so through /etc/fstab by adding a line but this does not allow write access. Any tip?
<pmatulis> !info usbmount | izul
<ubottu> izul: usbmount (source: usbmount): automatically mount and unmount USB mass storage devices. In component universe, is extra. Version 0.0.20ubuntu1 (maverick), package size 16 kB, installed size 120 kB
<lool> smoser: Oy!  Would you be tempted to update python-boto in natty?  There's a 2.0 version on the web site which adds feature I'd love to use  :-)  (in my case, IAM)
<smoser> mitch suggested no.
<Daviey> smoser, What did he say?
<smoser> (mitch, the upstream) suggested it was probably just too big a change.
<smoser> hold on, i will find it.
<uvirtbot> New bug: #727834 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727834
<smoser> https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/725170
<uvirtbot> Launchpad bug 725170 in euca2ools "euca-authorize requires source-subnet to function" [Undecided,Fix committed]
<smoser> hm.. although, i guess he was speaking there about his new (and not publically available euca2ools)
<smoser> lool, i would like IAM in natty also
<smoser> i haven't followed boto upstream closely enough to know of potential regression, woudl have to spend some time to look at it
<smoser> the big issue we've had in the past is boto causing problems with euca2ools
<lool> smoser: I wouldn't mind the IAM command-line tools, which I'm currently using from a downloaded .zip, but I was actually looking at using the boto python API instead; is this also a big change over 1.9b?
<lool> Ok
<lool> smoser: Thanks for the information
<smoser> iamcli is in natty, lool
<smoser> packaged
<lool> awesome, I obviously wasn't paying attention
<cap_00> anyone know of a good version backup system? like how documents on google docs backup every change, and osx time machine will save every version of a file that you update continuously?
<cap_00> looking for something to use on a smb share
<hallyn> cap_00: I've typically used git for that.  It's not automatic though.  Search for 'fuse version control', i bet there is something
<air^> cap_00: you can do something similar to time machine by using hard links and copying the whole content on intervals.
<hallyn> cap_00: look at http://sourceforge.net/apps/mediawiki/fuse/index.php?title=VersioningFileSystems
<hallyn> wayback is the one i was thinking of (which i saw presented somewhere or other)
<Disconnect> anyone know how to install sudo-ldap instead of sudo during an automated install? it expects SUDO_FORCE_REMOVE to be set (even though there is a root pw and sudo-ldap is being installed)
<uvirtbot> New bug: #727861 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727861
<Disconnect> ugh. apt-install doesn't work either cuz it disables removals and sudo conflicts. what a mess.
<jamespage> smoser, hggdh: quick start on using the ec2 testing stuff I've been working on http://tinyurl.com/68ja63x
<smoser> jamespage, cool.
<jamespage> I've got it working with Jenkins as well - just testing at the moment.
<smoser> we should see ami ids pop up at http://uec-images.ubuntu.com/server/natty/20110302.2/ in a few hours
<hggdh> jamespage, nice :-)
<jamespage> OK - I've not actually managed a successful natty test yet due to archive issues and it just not working this morning
<jamespage> run-ubuntu-ec2-multi-test has a option (-r) to pick a release date....
<geekbri> does anybody know if the bug that causes ubuntu-server to totally lock up when installing java in a 32bit t1.micro instance has been resolved yet
<geekbri> ?
<Daviey> jamespage, Have you documented how to setup hudson on natty?
<jamespage> Not yet
<jamespage> another blog post?
<Daviey> jamespage, blog post /and/ something on the wiki would be awesome
<jamespage> and that would be jenkins on natty - hudson is another project :-)
<Daviey> jamespage, Am i right in saying that the PPA will recieve /some/ support throughout the natty supported period of 18 months?
<Daviey> ie, semi-supported?
<jamespage> Daviey: we can push something out to the stable PPA when natty is release; maybe drip feed critical patches to it?
<Daviey> jamespage, yeah, good idea not to over promise - security/critical fixes only
<Daviey> jamespage, Are you able to document something soon?  Would like to mention it in the Overview.
<jamespage> Daviey: we discussed PPA's associated with Ubuntu Server at UDS-N - I thought there was a documentation task to make them more visible.
<Daviey> yeah... who was that assigned to?
<Daviey> I remember that discussion aswell.
<jamespage> Daviey: I'll blog something now and write some more docs later
<jamespage> it might have been sommer - SpamapS and ScottK where def in the session as well
<Daviey> jamespage, Don't want to distract you from what you are currently doing...  If i started a wiki page and put TO FOLLOW on the page,  are you able to fill it in when you have time
<Daviey> and/or redirect it
<jamespage> yes
<cap_00> thanks for the info hallyn and air^, (long phone call)
<geekbri> god damnit, can you not install any java in a 32bit micro instance with ubuntu-server 10.04 ?!
<sss> What's an easy way to prevent DoS attacks?
<Daviey> sss, Turn off the server.
<Daviey> sss, In what context, what service are you providing?
<sss> A website especially PHP
<azertyy>  hello
<azertyy> is there anyone there ?
<sss> azertyy, yes
<sss> azertyy, I think
<azertyy> i create several user for ftp access, user1, user2 etc ... where my system is based on ubuntu
<azertyy> my question what is the equivalent of the command  'w' which work with an ssh session for ftp session
<Daviey> RoAkSoAx, Can you retarget this blueprint to beta?  https://launchpad.net/ubuntu/+spec/packageselection-server-n-cluster-stack
<azertyy> to able to see what happen on my server
<azertyy> i mean the presence of ftp user on my server in real time
<lifeless> SpamapS: hi?
<Daviey> sss, What DoS are you receiving?
<sss> Daviey, I am not (yet?).
<Daviey> sss, Well often you need to be re-active to what happens.
<azertyy> lo there anyone understand my question ?
<Daviey> sss, Ie, if you spot a signature in the log files - you can add a fail2ban rule
<Daviey> azertyy, A) Do you /really/ want to use ftp... and B) What ftp server are you using?
<RoAkSoAx> Daviey: will do
<RoAkSoAx> btw do you have the script yet?
<azertyy> yes i /really/ want use to use ftp
<azertyy> i m used vsftpd
<azertyy> that help much more time for upload rather than ssh
<Daviey> RoAkSoAx, It's nasty code
<Daviey> RoAkSoAx, The LP API issue is still not fixed BTW
<RoAkSoAx> Daviey:yeah I know I tried it yesterday
<RoAkSoAx> lol
<jamespage> Daviey: blogged and tweeted - http://wp.me/p15nXE-1U - will update wiki as well this week.
<Daviey> jamespage, You are a MACHINE!
<jamespage> Daviey: np
<Daviey> jamespage, re-tweeted
<azertyy> any clue for my question ?
<azertyy> i use vsftpd
<jamespage> Daviey: I'm also putting together some docs for packaging plugins
<azertyy> how to check user presence on ubuntu  ?
<Daviey> azertyy, I don't know without trying, but perhaps near the bottom, http://www.experts-exchange.com/Software/Server_Software/File_Servers/FTP/Q_25345415.html
<Daviey> create an alias
<cap_00> anyone know if there is a default clamav log file for scan results? i can only scroll up so far on my ssh console window
<Disconnect> anyone get syslinux/pxelinux working with local booting under kvm? (still) working on automagic deployments but I can't get the reboot to succeed - pxelinux won't bail if it doesn't have a config, and setting 'localboot 0' (or -1 or 0x80) in the config just results in it saying "Booting from local disk" "Probing pci nic". (Hitting 'q'uit at the netboot/quit prompt -does- boot.)
<Daviey> jamespage, fancy reproducing your blog post on the server wiki?
<Daviey> Just thought, it won't show on planet ubuntu
<Daviey> jamespage, I can do that if you want... i'll link back to your blog
<uvirtbot> New bug: #727924 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/727924
<sss314> How can I measure my bandwidth usgae?
<sss314> *usage
<patdk-wk> bandwidth usage of what?
<patdk-wk> disks? memory? network? modem? video might be pointless, ...
<Disconnect> i'm gonna go out on a limb and say network, since, you know, thats the common usage. but your answer was good too, i'm sure...
<patdk-wk> :)
<patdk-wk> I normally care about disk and network :)
 * patdk-wk likes to use munin
<sss314> network bandwidth
<jpds> sss314: apt-cache show vnstat
<uvirtbot> New bug: #727933 in rabbitmq-server (main) "Shutdown halt if rabbitmq-server is running" [Undecided,New] https://launchpad.net/bugs/727933
<jibel> Hi guys, we are currently testing Natty Alpha 3, if you have some spare cycles join #ubuntu-testing and check the list of uncovered test cases at http://iso.qa.ubuntu.com/qatracker/build/all/notcompleted ,
<jibel> UEC, iSCSI and JeOS on ESX need testing
<jamespage> Daviey - that would be great - thanks
<zul> annnnd we are bac
<Daviey> jamespage, done
<jamespage> ta
<uvirtbot> New bug: #727973 in openldap (main) "Included debian patch can cause DB corruption" [Undecided,New] https://launchpad.net/bugs/727973
<SpamapS> lifeless: hey sup?
<lifeless> hi
<lifeless> wondering about the chances of a haproxy 1.4 build for lucid
<lifeless> SpamapS: ^
<uvirtbot> New bug: #728017 in openssh (main) "xwindows over ssh causes instability" [Undecided,New] https://launchpad.net/bugs/728017
<uvirtbot> New bug: #728029 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728029
<hallyn> zul: SpamapS: cjwatson: just to make sure, is anyone working on merging the upstream fix for bug 708493 ?
<uvirtbot> Launchpad bug 708493 in openssh "cannot login anymore: Read from socket failed: Connection reset by peer" [Critical,Confirmed] https://launchpad.net/bugs/708493
<hallyn> (if not I'll start)
<cjwatson> hallyn: I can do it
<cjwatson> hallyn: I want it in Debian too anyway, so if you merge it I'll just have to repeat the job :)
<cjwatson> hallyn: I just hadn't seen the upstream fix
<hallyn> cjwatson: cool, thanks
<cjwatson> hallyn: (tomorrow, though, I hope that's OK)
<hallyn> cjwatson: yup, no hurry for me.  plus there's a workaround for anyone bitten by it
<zul> SpamapS: around?
<uvirtbot> New bug: #728047 in samba (main) "smbd + ldap hangs at startup after update" [Undecided,New] https://launchpad.net/bugs/728047
<hallyn> kim0: around?
<hggdh> smoser, ping (ec2 tests)
<smoser> hggdh, yo
<smoser> i had a quesiton for you... was wondering about how hardy tests came along, we kind of faded on that.
<hggdh> smoser, first -- could you run the ec2 tests?
<hggdh> now: I do not really know, we ran and reported the results, but I did not hear back
<smoser> hggdh, i'm running them.
<hggdh> smoser, I am forever in your debt
<hggdh> of course, 'forever' is a flexible term...
<kim0> hallyn: yeah, sorry I didn't play with your ppa yet. I'm not sure which package to file the MIR for
<RoAkSoAx> zul: quick question. When doing SRU, should we use lucid-updates or lucid-proposed branch?
<hallyn> kim0: ok, just wanted to make sure you got my comment thta I"ve now tested them and they seem fine
<hallyn> kim0: MIR would be for the two source packages:  spice-protocol and spice
<kim0> hallyn: I've pushed the blog on virtio today , and will play with ppa tomorrow (cant wait actually) :)
<hallyn> virtio blog?
<kim0> hallyn: http://foss-boss.blogspot.com/2011/03/fast-win7-kvm-virtiodisk-net-install.html
<hallyn> cool will check it out :)
<hallyn> kim0: thanks, ttyl
<kim0> tyt
 * hallyn off to try a qa test now that he has cds
<zul> RoAkSoAx: depends on the package.
<zul> RoAkSoAx: if there is an an update start with the update package
<zul> RoAkSoAx: if there is an update and proposed merge them together
<B1naryTh1ef> Does anyone know of a good manual for Ubuntu 10.04 LAMP?
<lenios> B1naryTh1ef, see /topic
<B1naryTh1ef> Yeah, other then the default?
<lenios> what's the problem with the server guide?
<B1naryTh1ef> I'm just intrested to see others
<B1naryTh1ef> I like seeing a few different manuals
<B1naryTh1ef> to get an idea
<RoAkSoAx> zul: ok ;)
<RoAkSoAx> thanks
<Daviey> RoAkSoAx, "Technically" - using UDD, it should be -proposed as that is the location we would push to.......  but check it's the highest version using rmadison, as a scenario where -security upload has happend would cause it to not be the latest.
<RoAkSoAx> Daviey: yeah i noticed that already :) >P
<Daviey> (and base your branch on the one which is highest either $distro, -proposed or -updates
<RoAkSoAx> Daviey: indeed was just asking cause in the case of sambe for example, -proposed is different from -updates and -updates is the same as -security
<Daviey> Sadly, it would cause the merge proposal to be a bit ugly....
<RoAkSoAx> for lucid
<Daviey> RoAkSoAx, proposed is less than -updates|-security?
<RoAkSoAx> Daviey: as in debian/changelog it is
<RoAkSoAx> i mena changes and debian/changelog
<Daviey> http://pb.daviey.com/Cwo7/raw/
<zul> hallyn: how busy are you?
<RoAkSoAx> Daviey: indeed, so I'/m just using -updsates
<RoAkSoAx> -updates*
<Daviey> RoAkSoAx, so base your branch on -updates, and propose into -proposed
<RoAkSoAx> Daviey: that what I was indeed planning :)
<zul>  Daviey: depends if -updates and -proposed has diverged though
<Daviey> zul, I guess if an upload from -proposed never made it to -updates, yes
<zul> Daviey: thats what i meant back there
<Daviey> zul, but either case, for UDD the -proposed branch needs to be kept good.
<Daviey> zul, If RoAkSoAx bases his branch on -updates and it cleanly applies to -proposed... that is what should happen
<zul> Daviey: right
<zul> Daviey: right but also sometimes the security fixes has bug fixes in there (it shouldnt but it does happen)
<zul> basically all im saying is use common sense ;)
<Daviey> zul, Hmm.. what do  you mean?
<RoAkSoAx> isn't this documented somewhere? :)
<Daviey> -security should land on -updates
<zul> Daviey: i dont think im making any sense right now...its been a long day for me
<Daviey> zul, have a beer :)
<zul> Daviey: count on it
<jdstrand> I'm not sure that I should respond since zul said he isn't making sense, but...
<lenios> latest grub-pc updates for lucid are on -proposed, will it go back to lucid branch any day?
<jdstrand> "right but also sometimes the security fixes has bug fixes"
<jdstrand> that is extraordinarily rare, and of those rare cases, it has to do with build failures
<zul> right
<jdstrand> (by far)
<jdstrand> that said, we pull from -updates
<Daviey> jdstrand, no, what he was saying is... 'sometimes security uploads actually fixes bugs!' :P
<jdstrand> I can get onboard with that statement :)
<Daviey> heh
 * RoAkSoAx grabs some chips
<jdstrand> sounds tasty
 * jdstrand -> chip run
<RoAkSoAx> hehe
<Daviey> dammit, now i want some
<RoAkSoAx> lol
 * JFo is angry at you all <crunch> <crunch>
<JFo> :)
<jdstrand> hehe
<jdstrand> I *just* started crunch-crunching when you typed that! :)
<JFo> heh, I had too
 * Daviey walks to the kitchen in  hope of finding some.
 * JFo steals Daviey's crisps
<Daviey> no dice, there was just a note saying "I can haz your chips -- JFo"
 * JFo wins!
<JFo> :)
<Daviey> heh
<JFo> I will buy you crisps in Budapest Daviey
<JFo> and beer, I'm nice that way
<Daviey> w00t
<hallyn> zul: I"ve got a backload of some things I've not yet done but was supposed to quite awhiel ago by now (like checkpoint/restart recipes), so not shortage of things to do.  but whatcha need?
 * RoAkSoAx will try to take some pisco though probably nxvl will also do
<zul> hallyn: if you want i can do the lxc stuff
<zul> so you can offload it on to me
<hallyn> zul: cool, that'd be great, thanks!
<zul> ok ill do up a package for your perosal
<uvirtbot> New bug: #728088 in debian-installer (main) "iscsi root (amd64) with or without auth fails to boot" [High,New] https://launchpad.net/bugs/728088
<aazert> hello there
<aazert> i can't remote server, i m on the machine;  how to check my bandwith speed ?
<aazert> my host say that they provide 1 GB
<aazert> how to check that ?
<nimrod10> aazert, install vnstat
<nimrod10> aazert, I'm sorry that is not the right tool , to check your speed you can start downloading something with wget and see what speed you get
<nimrod10> aazert, you could also use ntop or  iptraf
<hggdh> Daviey, there?
<Daviey> hggdh, sort of
<aazert> are you sure this time ? nimrod10
<aazert> vnstat is for exactly ?
<hggdh> Daviey, any known issues on publishing an image on euca 2.01
<hggdh> ?
<nimrod10> aazert, vnstat will show you the bandwidth consumed up&down,  iptraf will show you the speed per network card
<aazert> that's what  i need thanks nimrod10
<aazert> let me check
<hggdh> darn, got disconnected. Daviey, you know of anything on it?
<Daviey> hggdh, uploading an image?
<Daviey> hggdh, I only tested uploading 10.04 images, and that worked fine
<Daviey> hggdh, did you install from ISO btw?
<hggdh> Daviey, uec-publish-tarball
<hggdh> Daviey, yes, from ISO
<Daviey> odd...
<hggdh> yep, all fail
<hggdh> from hardy onward
<aazert> iptraf working perfectly, it looks like it  simulating an activy to check the network card capacity nimrod10
<Daviey> hggdh, that worked for me :/
<Daviey> hggdh, did you get any problems installing?
<hggdh> Daviey, interestingly, absolutely no issues
<Daviey> :/
<Daviey> i /expected/ you to have an issue
<hggdh> not even bug 726769
<uvirtbot> Launchpad bug 726769 in eucalyptus "package eucalyptus-common 2.0.1 bzr1255-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Confirmed] https://launchpad.net/bugs/726769
<Daviey> hggdh, what server is this?
<hggdh> sapodilla
<Daviey> hggdh, interesting....
<hggdh> never a bit of boredom there...
<hggdh> ah well.
 * hggdh goes to open a bug
<Daviey> hggdh, odd
<Daviey> the SC failed to register
<hggdh> oh bummer
<Patrickdk> guess I should try i386 iscsi root
<hggdh> Daviey, di you register it now?
<hggdh> cuz I see two of them
<Daviey> hggdh, hmm scrub that
<Daviey> It's attempting to register the server i was using :)
<Daviey> which is still broadcasting
<hggdh> yeah
<hggdh> but this should *not* be an issue
<hggdh> well. I rephase: this is a different issue -- euca_conf states cluster1 is registered, but it should not, since we do not share certificates and ssh keys
<Daviey> hggdh, hmmmmmmmm..... i have a traceback
<hggdh> Daviey, from what/where/when/how?
<aazert> tx is for what nimrod10  and what is rx ?
<Daviey> hggdh, run byobu, see window #1
<aazert> what is rx and tx ?
<aazert> on vnstat
<Daviey> hggdh, hmmm
<Daviey> https://bugs.launchpad.net/eucalyptus/1.6/+bug/461464
<uvirtbot> Launchpad bug 461464 in eucalyptus/1.6 "ec2 api tools (ec2-api-tools-1.3-42584) not working against 1.6" [High,Fix committed]
<nimrod10> aazert, tx = transmitted ,   rx = received   , also     do     man  vnstat       it is all in the manual
<aazert> ok thank you very much help me very well your tool
<aazert> bye
<aazert> :)
<hggdh> Daviey, joy, oh joy
 * hggdh adds in a regression
 * RoAkSoAx is still waiting for hggdh to test PowerNap >P
<hggdh> yes.
<Daviey> hggdh, seems you've found a bug when (at least) sc fails to register,  it thinks it succeeded
<hggdh> yes. At least one
<hggdh> plust the regression on 461464
<Daviey> I bet it's trying to put the image in the sc it doesn't really know about
<hggdh> might be -- it marks it as a valid sc, and tries it
<hggdh> can you shut them down
<hggdh> ?
<Daviey> yeah
<Daviey> halt or reboot?
<Daviey> reboot will wipe them?
<hggdh> just sudo stop euca*
<hggdh> better safe
<Daviey> k
<hggdh> than... pissed
<jpds> Daviey: Hide the rum.
<Daviey> :)
#ubuntu-server 2011-03-03
<hggdh> heh. Either sense would work
<hggdh> Daviey, see byobu screen 2
<hggdh> Daviey, I deregistered cluster1 (just in case) and tried again to publish. Went splat as usual
<RoAkSoAx> who can post in Ubuntu Server Blog? WOuldn't it be nice to post about PowerNap too? :)
<Daviey> hmm
<Daviey> hggdh, what was 10.55.55.8?
<hggdh> Daviey, this was (I expect) your SC
<Daviey> RoAkSoAx, It's not entirely clear... Technically it should be someone from ~ubuntu-members, as i don't think we had an ack to add it
<Daviey> hggdh, interesting....
<Daviey> 19:06:16 DEBUG [ChannelUtil:New I/O client boss #2] java.net.NoRouteToHostException: No route to host
<Daviey> java.net.NoRouteToHostException: No route to host
<Daviey> (i just rebooted it)
<Daviey> So euca *IS* trying to play with it
<hggdh> even after I deregistered the beast?
<Daviey> seems so
<hggdh> OK. Is there anything kosher? The more we poke the worst it seems
<twb> Water probably is
<twb> Unless a pig died in it or something, I guess
<Daviey> hggdh, I think the whole rack should be flushed tbh
<Daviey> hggdh, at the moment, i don't care if multiple clouds on the same subnet causes it to go bang... :)
<Daviey> hggdh, It's late for me, and i need to step away from the computer before my eyes explode.
<Daviey> If you can't get me before you go, can you send me an email with a sitrep?
<hggdh> Daviey, certainly
<hggdh> I am going to restart from scratch
 * Patrickdk watchs everyones heads explode
 * hggdh was doing good until getting to test euca...
<Patrickdk> just working on the iscsi tests
<Patrickdk> attempting to figure out why the fail
 * hggdh grabs some popcorn and sits down to watch Patrickdk's head go the same route and Daviey's and self's
<Daviey> :(
<Patrickdk> heh, I have been able to solve many issues, but dhcp/pxe/iscsi root, is pretty complex, and not much room for diagnosing
<hggdh> Daviey, bug 728145 opened
<uvirtbot> Launchpad bug 728145 in eucalyptus "euca tries to register a SC, fails, but adds it in" [Undecided,New] https://launchpad.net/bugs/728145
<hggdh> now for a Brand New ISO Install...
<Daviey> hggdh, make sure you kill the two machines i was using
<hggdh> Daviey, hostnames, please
<SpamapS> Daviey: shouldn't you be in bed? :)
<hggdh> Daviey, never mind, I will shut them down, PXE is set to default on all except the two I am installing
<hggdh> SpamapS, a long time ago. I am always amazed on how he survives
<SpamapS> Probably safer to stay on the computer rathern than have to face the wrath of the wife who has been waiting all night for him. ;)
<SpamapS> I know I get that one. ;)
<Daviey> SpamapS, yeah...
<Daviey> hggdh, mabolo and marula
<Daviey> SpamapS, see comment on bug #711425
<uvirtbot> Launchpad bug 711425 in sysvinit "portmap does not stop during shutdown, causing possible root fs corruption" [High,In progress] https://launchpad.net/bugs/711425
<hggdh> SpamapS, it is just shy of 1900 here, and my wife is already unhappy...
<SpamapS> Daviey: I'd be willing to bet sysvinit is FTBFS then
<Daviey> yeah :)
<Daviey> SpamapS, did you test build before submitting the debdiff?
<SpamapS> Daviey: probably not given that I only changed shell scripts
<Daviey> fair enough :)
<Patrickdk> yay, I got login :)
<SpamapS> Daviey: might be something that was dropped in 2.6.38
<twb> Last time I looked, portmap was done in upstart as at 10.04...
<SpamapS> portmap is an upstart job yes
<SpamapS> but shutdown is not in upstart :(
<SpamapS> so sysvinit has to stop portmap
<twb> Er, don't you mean "portmap should have a `stop on' line"?
<SpamapS> it has that now
<twb> Hum, OK
<Patrickdk> one little fix, corrects 4 failed, but I doubt the *little* fix is proper :)
<SpamapS> stop on unmounted-remote-filesystems
<Patrickdk> #728088
<twb> I'm *so* sick of upstart, man
<SpamapS> twb: the issue is that portmap must not be killed until all NFS filesystems are unmounted
<SpamapS> twb: its not so much upstart as the half-completed migration to it that is frustrating
<twb> Yes, EXACTLY
<SpamapS> twb: basically the migration isn't really done until everything that isn't a traditional network service is upstartified.
<twb> After nearly four years and stuff still isn't migrated properly
<twb> Hell, halt(8) is called from rc0.d still
<SpamapS> I think there's been a lot of resistance and moaning about it but its not going anywhere so its time for us to just get'r'done
<Patrickdk> heh, you should see the postfix vs upstart thread on that maillist :)
<SpamapS> twb: Its likely that will be a topic of discussion for UDS-O
<Patrickdk> they are cursing upstart cause it must monitor something to tell it's active
<SpamapS> Patrickdk: I'm trying hard to stay out of that.
<twb> SpamapS: surely 12.04 will be running systemd?
<SpamapS> twb: that would be suicidal
<SpamapS> twb: maybe 12.10 and later..
<SpamapS> twb: but dropping systemd in now would be WORSE than when upstart was dropped in during Karmic
<twb> It'll be funny if Debian 7 releases with a complete systemd migration and 12.04 is still half-upstart, half-sysvinit
<SpamapS> I do hope that we have upstart 2 w/ the state based interface so we can drop the wait for state hacks before 12.04 ...
<SpamapS> twb: thats the point.. 11.10 should have a major push to complete the migration to upstart.
<twb> Has remnant said whether he'll continue developing upstart at google?
<SpamapS> He's just dropped upstart 1.0 yesterday
<SpamapS> as in.. published
<twb> That's not necesarily a "yes" :-)
<SpamapS> and he did that as a sort of hand off to us so he can focus on 2.0
<SpamapS> Upstart seems to be a key part of what he's doing there.
<SpamapS> but, he can neither confirm nor deny that
<twb> Flipping corporations :-/
<SpamapS> well either way... its arguably highly reckless to just go switching inits *now*
<Patrickdk> no one doing the raid1 tests?
<SpamapS> better the devil we know. if upstart 2 scks or never lands.. so be it.
<SpamapS> Patrickdk: I'd do them but my bandwidth is complete crap :-/
<SpamapS> hard enough just upgrading to the latests python 2.7 :-/
<SpamapS> twb: I have to agree that I'm tired of mopping up the upstart mess tho
<twb> Especially when I see pere's insserv work in Debian
<SpamapS> but I do see a clear path to it being finished
<twb> Since that made the boot time significantly less, and didn't impact me as a user at all
<hggdh> Daviey, you can go to bed... uec-publish-tarball now works :-)
<patdk-lap> I'll try, but dunno if I have any time
<Daviey> hggdh, pah
<SpamapS> twb: I have to wonder how much of that has been influenced by upstart itself.
<twb> I think it certainly precipitated interest, but I don't think the innserv methodology was in any way derived from upstart
<twb> I mean, it looks at LSB headers and computes an ordering -- it's more like make than upstart
<SpamapS> not derived, but certainly the existence of upstart and its perceived deficiencies has driven systemd development
<hggdh> Patrickdk, I was going to do the raid1, but got stuck with euca
<twb> Oh sorry, I thought you were talking about insserv, not systemd
<SpamapS> I imagine it has also encouraged insserv work to improve things so that they have a compelling argument against upstart
<hggdh> Patrickdk, if you can run them, I would be in your debt
 * hggdh is getting to owe a lot of people around
<SpamapS> twb: I was making a giant leap.. loop closed now ;)
<SpamapS> twb: the main point is just that any time an early leader falters, it encourages the new players who don't have to deal with all the mistakes of the first implementation
<patdk-lap> hggdh, don't worry, I will collect :)
<SpamapS> twb: upstart has found many of the really big potholes .. and systemd and insserv and others have been able to see it fall into those and can avoid them
<twb> Like fortran
<twb> Didn't insserv predate upstart?
<SpamapS> this is funny.. may laptop on my lap is behind a bunch of plants.. if I'm doing a download and hold it high up in the air.. it speeds up from 512kbit to 2Mbit
<twb> SpamapS: what would be funny is if you were using cat5 and that happened
<SpamapS> s/funny/scary/
<SpamapS> insserv wasntreally going where upstart was... but yes.. it was leading, and it was passed
<SpamapS> twb: I'm not exactly attached to upstart forever. I just think if it was going to be replaced in ubuntu, it needed to happen in 11.04
<twb> I totally admit that insserv's goals are conservative
<twb> But at least it met them without giving me stress :-P
<hggdh> RoAkSoAx, still there?
<RoAkSoAx> hggdh: yep
<RoAkSoAx> hggdh: what up :)?
<RoAkSoAx> what's*
<hggdh> RoAkSoAx, I am ready to test the change to powernap
<RoAkSoAx> hggdh: you wanna do it now or tomorrow?
<hggdh> RoAkSoAx, your call. I cannot test euca without it, though
<RoAkSoAx> hggdh: I guess we can do it now then if you like
<hggdh> RoAkSoAx, really, your call. I *know* it will fail no matter what, there is the DHCP issue still pending
<hggdh> so we can do it tomorrow morning
<RoAkSoAx> hggdh: ok then
<hggdh> say around 0700 CST?
<hggdh> 0800 EST
<RoAkSoAx> hggdh: bettwe yet we will both be fresh
<RoAkSoAx> hggdh: let';s make it 8.30
<RoAkSoAx> :)
<hggdh> heh
<RoAkSoAx> 7.30/8.30
<hggdh> my dogs wake up early, so I have no other option...
<hggdh> RoAkSoAx, deal
<RoAkSoAx> hggdh: alrighty!! have a good one them. I'm off now :P
<hggdh> RoAkSoAx, thank you
<RoAkSoAx> no worries :)_
<uvirtbot> New bug: #728167 in cloud-init (main) "failure on apt-get update should be warning" [Medium,Triaged] https://launchpad.net/bugs/728167
<emma_wall> Hi, im new to Linux! so i have a few silly question
<patdk-lap> hmm, raid1 tests failing for me
<patdk-lap> can't start raid in degraded mode
<patdk-lap> hopefully I'm just doing it wrong
<patdk-lap> mdadm: CREATE user root not found
<patdk-lap> mdadm: CREATE group disk not found
<SpamapS> lifeless: had any chance to try out the new cassandra packages?
<SpamapS> patdk-lap: wha?
<lifeless> SpamapS: yes, I commented in the bug
<SpamapS> lifeless: oh good :)
<lifeless> SpamapS: haproxy1.4 for lucid interest you?
<SpamapS> lifeless: as in, a backport?
<lifeless> yes
<lifeless> or a CAT build
<SpamapS> CAT build?
<lifeless> ha proxy 1.3 cannot do close-mode
<lifeless> canonical admin team
<patdk-lap> spamaps, I probably did something wrong
<patdk-lap> or, I hope I did :)
<lifeless> SpamapS: without close mode, persistent connections show up as single sessions regardless of requests sent over them
<lifeless> SpamapS: which breaks the concurrency limit
<lifeless> because connection != request
<lifeless> and haproxy explicitly says it doesn't see the requests beyond the first one (in 1.3)
<lifeless> SpamapS: this is hindering our load normalisation for launchpad
<patdk-lap> lifeless, adjust your keepalive settings?
<patdk-lap> if you have keepalive off, only one request per connection is allowed
<lifeless> I know this
<lifeless> patdk-lap: sorry, I don't mean to be negative
<lifeless> patdk-lap: its more complex than that - we have 4 tiers talking http
<patdk-lap> na
<patdk-lap> just wondering if it's something I'm missing :)
<lifeless> apache (load balanced) to squid (load balanced) to haproxy (load balanced) to 80 appserver threads
<patdk-lap> that seems like a mess
<lifeless> apache handles the SSL
<lifeless> squid does caching
<lifeless> haproxy does load limiting
<lifeless> but, 1.3 can't do it well enough to let us move to single threaded appservers. 1.4 can.
<lifeless> if we reconfigure things in front of haproxy we may make it work for a bit, but if someone makes a mistake, we'll have a horrible failure mode
<lifeless> I don't like horrible failure modes.
<lifeless> patdk-lap: why do you say a mess? we serve a fair few hits daily
<patdk-lap> I've never liked using apache proxy, or reverse squid cache
<patdk-lap> I keep removing them to speed things up
<lifeless> patdk-lap: do your sites run SSL ?
<patdk-lap> yep
<lifeless> how many application servers do you have?
<patdk-lap> 2
<lifeless> what do you use to syncronise your SSL session cache
<patdk-lap> nothing, I don't need to
<SpamapS> lifeless: re the 1.4 build.. that makes sense. since haproxy is in main .. it should be an easy sell for backport to lucid
<lifeless> then whenever a client switches application server, they will renegotiate. Thats up to 6 seconds from nz.
<lifeless> SpamapS: how do I go about making it happen
<patdk-lap> before they had some kind of apache squid apache thing, using 48 servers, 8 squid servers
<patdk-lap> lifeless, they don't switch application servers, unless their ip changes
<patdk-lap> since I have a limited amount of that, I just balance by ip instead of load
<SpamapS> lifeless: realistically I'd be shocked if the package from maverick didn't build w/o changes on lucid
<lifeless> patdk-lap: depends on the client, and if they have /any/ network interrupts.
<SpamapS> lifeless: so an upload to the PPA that you guys use would probably be the only thing necessary.
<patdk-lap> network interrupts shouldn't change their ip
<lifeless> patdk-lap: you're pinning clients by the *client* ip ?
<patdk-lap> sure
<lifeless> patdk-lap: in which case, roaming clients - e.g. folk at UDS - will suffer regular SSL renegotiation.
<lifeless> I mean, its your call how you do it. And I"m sure you solved problems you had.
<lifeless> doesn't mean there aren't more issues present :)
<patdk-lap> ya
<patdk-lap> the biggest issue I found we has
<patdk-lap> was duplication of caches between all the servers
<patdk-lap> limiting it to less servers, fixed that hugely
<lifeless> I would graph invalid ssl attempts - they will mostly be folk that have roamed trying wha they think is their existing session.
<lifeless> patdk-lap: we'd need stupid-big caches to cache our data set
<lifeless> patdk-lap: - its 300GB -
<patdk-lap> nothing wrong with that
<patdk-lap> but having the same stupid big cache on 40 servers
<lifeless> if you had no locality of reference, yeah it would be a waste
<lifeless> you'd get lots of cold-cache reads
<patdk-lap> ya
<patdk-lap> my issues was more, 500gig working set, 4gig ram, 48 servers
<patdk-lap> basically everything was a cold read
<lifeless> that would blow
<patdk-lap> and wasting ram for squid
<SpamapS> The working set that is entirely popular is quite rare.
<lifeless> its mythical :)
<patdk-lap> if there where no webcrawlers :)
<lifeless> as flickr say, their peak time lasts all week :)
<patdk-lap> hmm, this makes me wonder alittle
<patdk-lap> cause I didn't think about it too much
<patdk-lap> the 2 servers  I replaced that whole mess with have 18gigs ram each in them
<patdk-lap> but I run vm's on them, and the *webservers* only have 2gigs ram each
<patdk-lap> doing more with less
<patdk-lap> defently a cache issue
<patdk-lap> less nfs hits iwth less servers hitting it up
<SpamapS> patdk-lap: web crawlers are an easy case to handle. In a previous life we simply had our HTTP aware load balancer send all crawler user agents to a single server that we didn't mind going slow. ;)
<SpamapS> patdk-lap: and we also heavily focused on making If-Modified-Since function properly.
<patdk-lap> oh, I have never had an issue for my websites
<patdk-lap> it's hosting other peoples sites
<SpamapS> Never did convince anyone that we could make old pages hand out expires headers since they changed less frequently. :)
<patdk-lap> where you shouldn't be modifing their stuff, to fix that :)
<patdk-lap> hmm, I wonder how you would handle google these days though
<patdk-lap> since they rate you based on crawl speed also
<patdk-lap> or page load time
<SpamapS> If their stuff is crap, you shouldn't be modifying it.  you should be making money off it :)
<SpamapS> patdk-lap: most of the time giving google a dedicated server meant FASTER load times. :)
<patdk-lap> heh
<patdk-lap> I dunno, I seem to always get hit by google, msn, and yahoo at the same time :(
<SpamapS> patdk-lap: and since 90% of the pages would give back a 304 ... they wouldn't even consider the cold, unchanged reads. :)
<patdk-lap> doesn't really bother me
<lifeless> SpamapS: I wonder if I can impose on you to try a lucid rebuild
<SpamapS> Though I do have to admit.. we had nearly 100GB of memcached available..
<lifeless> SpamapS: while I know how, I'm primarily focused on driving timeouts down
<SpamapS> lifeless: sure, if it works I'll propose it as a lucid backport
<lifeless> SpamapS: \o/ thanks
<SpamapS> lifeless: as I'd expect.. latest haproxy builds fine on lucid.. can you give me the 2 line summary for why it is worth backporting to lucid so I can put it in the lucid-bacports request?
<lifeless> SpamapS: to get option http-server-close
<lifeless> http://haproxy.1wt.eu/download/1.4/doc/configuration.txt section 1.1
<patdk-lap> depressing, other than the usuals (navy.mil, freebsd.net, ntp.org), I have receive 1 email via ipv6, and it was spam
<patdk-lap> in the last month
<SpamapS> lifeless: oh.. I always sort of assumed haproxy worked that way ;)
<SpamapS> patdk-lap: good to know the spammers will follow us into the future of the internets
<lifeless> SpamapS: indeed, you can imagine our unpleasant surprise when we lowered the maxconn on edge 30 20 hours ago
<lifeless> s/30 //
<SpamapS> lifeless: bug #728204 has the backports request
<uvirtbot> Launchpad bug 728204 in lucid-backports "Please backport haproxy 1.4.8-1 to lucid (currently 1.3.22-1)" [Undecided,New] https://launchpad.net/bugs/728204
 * SpamapS ponders whether or not to try and get another 30 minutes of sleep before his body notices the sun has started creeping over the horizon..
 * patdk-lap makes spamaps work on the bug he found :)
<lifeless> SpamapS: I think you should sleep if you can
<dravekx> zzzz.... updates
<SpamapS> lifeless: I got 5 whole hours... who needs more than that?
 * SpamapS will pay dearly for that at around 3:00pm today.. ;)
<lifeless> SpamapS: indeed
<dravekx_> how can I tell the version of a program installed via command line?
<jmarsden> dravekx_: dpkg -l PACKAGENAME  # If you don't know the PACKAGENAME, try    dpkg -S `which PROGRAM`
<dravekx_> ok
<dravekx> anyone know of a good free online server security check?
<twb> Define "check"
<dravekx> twb, uhm...
<dravekx> check = "an online security scanner to see if there are any holes in your server security" ??
<twb> At layer 3, or 7?
<dravekx> 7
<twb> No idea, sorry.
<twb> For 3  I would run nmap or openvas from an endpoint outside your LAN
<twb> For 7 I simply forbid users from running PHP.
<dravekx> twp, that's a little ruff when msot of your users are wordpress and phpbb fanatics.
<dravekx> most*
<twb> Fuck em
<dravekx> lol
<twb> I would replace the former with something that generates static content (bloxsom?) and the latter with NNTP.
<twb> Yeah, "Blosxom can operate as a CGI script or produce static HTML files."
<twb> It's quite a lot harder to exploit bugs in sendfile(2) than in a PHP webapp
<twb> Anyway, if all you care about is wordpress and phpbb, you could look at MITRE CVEs to learn about vulnerabilities.  Combine that with whatever best current practices that upstream recommends, and you will be about as secure as you can get for those two
<dravekx> twb, openvas is what i was looking for. works perfect. thanks.
<twb> Well, I guess technically that's layer 7
<twb> But it'll test, say, apache2 rather than the apps running inside it
<tap-out> hi, i ryn this coomand
<tap-out> srry, quotacheck -avugm but it ask for quota force check ?
<tap-out> any thingggggggggggggggggggggggggggggggggg
<tap-out> i get this error wen i run quotacheck -avugm and it ask for quota force check
<twb> tap-out: what is the full error?
<tap-out> quotacheck -avugm , quotacheck: Quota for user is enabled on mountpoint / so might damage the file,please trun quota off or use -f to force checking
<tap-out> twb,
<twb> tap-out: it wants you to run "quotaoff /"
<twb> tap-out: preferably after kicking all the users off the root filesystem
<tap-out> twb, how i do that
<twb> tap-out: quotacheck can only operate if the filesystem's quota isn't actively being updated
<tap-out> u mean there is other user using it
<tap-out> i am just using terminal and no other one in the server may some service
<twb> tap-out: run "quotaoff /"
<tap-out> how can i make quota off
<twb> By fucking typing the command I just gave you
 * twb rails at the language barrier
<tap-out> u fck  command not work
<twb> tap-out: did it give an error?
<tap-out> quota -f , no file system specified
<tap-out> twb, quota -f , no file system specified
<twb> Sorry, you've exceeded my stupid threshold.  Please wait for someone more tolerant to help you.
<uvirtbot> New bug: #728299 in samba (main) "package samba 2:3.5.6~dfsg-5ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728299
<_ruben> wow .. how can someone turn "quotaoff /" into "quota -f" and still able to operate a computer .. *amazing*
<twb> _ruben: thrice, no less
<phretor> I've noticed that Ubuntu redirects MySQL's error log to syslog. Is it possible to change this behavior?
<twb> Probably
<twb> "If you use mysqld_safe to start mysqld, mysqld_safe arranges for mysqld to write error messages to a log file or (as of MySQL 5.1.20) to syslog:"
<twb> Looks like upstream changed the default: http://dev.mysql.com/doc/refman/5.1/en/error-log.html
<twb> I imagine you want to pass --skip-syslog somewhere.
<uvirtbot> New bug: #728328 in nagios-plugins (main) "nagios plugins depend on samba" [Undecided,New] https://launchpad.net/bugs/728328
<jibel> jamespage, Daviey  can you help to test "UEC install (minimal topology)" amd64/i386 on Natty Alpha3 ?
<Daviey> jibel, That is my plan :)
<Daviey> jibel, hggdh and me were testing the candidate last night
<jibel> Daviey, Awesome \o/
<uvirtbot> New bug: #728347 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728347
<jibel> Anyone to test Install (default + RAID1)  ? That's the last mandatory test for server on natty alpha3
<Daviey> jamespage, Are you snowed at the moment?
<jamespage> working on the ec2 testing stuff at the moment
<jamespage> Want me to pickup that test?
<uvirtbot> New bug: #728362 in eucalyptus (main) "instance-id meta-service url 10.04.2" [Undecided,New] https://launchpad.net/bugs/728362
<Daviey> jamespage, if you could, that would be awesome... I'm kinda tied up on awstrial atm, causing pain
<Daviey> smoser, When you are around - would you consider the upgrade delta warning for grub.conf, when upgrading grub a bug?
<smoser> yes.
<smoser> it forces a prompt ?
<smoser> please open a bug.
<Daviey> smoser, ack
<jamespage> Daviey: won't get to it for an hour or so - is that OK?
<Daviey> jamespage, Sounds good to me... jibel ?
 * Daviey ^5's jamespage  
<Daviey> jamespage, Actually, i could test it in VM.
<jamespage> I will be
<Daviey> jamespage, If i do amd64 now, can you do i386 in an hour or so?
<smoser> i would like people's input on bug 728167
<uvirtbot> Launchpad bug 728167 in cloud-init "failure on apt-get update should be warning" [Medium,Triaged] https://launchpad.net/bugs/728167
<smoser> mainly, should failure of 'apt-get update' result in not running 'apt-get install <packages here>' where the user specified packages to run.
<smoser> or should it just continue on, and warn that the update failed.
<Daviey> smoser, I don't fully understand the issue...
<Daviey> smoser, "the exception raised on failed 'apt-get upgrade' inside the cc_apt_update_"  Is that a typo? s/upgrade/update/g' ?
<smoser> yes
<smoser> typo
<Daviey> ahh
<smoser> and now fixed
<Daviey> So if it fails to update the cache, still try and install packages?
<smoser> thank you for reading
<Daviey> smoser, If that is so.. on the cloud images there is a pretty good chance the cache will be stale, compared to a traditional server install.
<Daviey> marking the packages for installation might be a better solution?
<m_tadeu_> I'm trying to run a command in a remote server and, dispite I'm sure the file is there, it says "no such file or directory". What is happening in this case?
<smoser> Daviey, the cache will be stale, but not invalid
<smoser> oh wait.. yeah i fthere is a package in -updates you might be giong ot fail that too
<Daviey> smoser, True, but what happens if the packages are not still in the pool?
<Daviey> smoser, I wonder if the cloud images initial apt cache should be based on the release pocket only?
<smoser> well, i was thinking that you'd get the one form the original release (not -updates)
<smoser> but you're right
<smoser> so what are you suggesting ?
<Daviey> If the shipped cache is of the release pocket, install should always work
<Daviey> If apt update works, great
<Daviey> else they'll get the option next time they do update
<Daviey> There is a risk they'll not get -security packages on first run though
<Daviey> m_tadeu_, need more information to help really
<Daviey> m_tadeu_, what command are you trying to run?
<m_tadeu_> Daviey: I'm accessing a remote server using ssh. I have a binary in /usr/local/fop2/fop2_server...when I "sudo /usr/local/fop2/fop2_server" it says file does not exist
<m_tadeu_> I even tryed to go to the dir and run it there....the file is there but bash says it doesn't exist
<smoser> Daviey, shipped cache is of release pocket + point in time snapshot of -updates and -security
<Daviey> m_tadeu_, ls -al /usr/local/fop2/fop2_server <--- that shows it?
<m_tadeu_> keep in mind that I'm even using tab for autocomplete
<m_tadeu_> Daviey: -rwxr-x--x  1 root root 6585775 2011-03-03 12:06 fop2_server
<Daviey> smoser, That is my point... release pocket packages will be there for the life of the image..   -updates and -security is variable
<smoser> right.
<smoser> but what happens if
<smoser>  *package in -release
<smoser>  * package in -update [in cache]
<Daviey> m_tadeu_, That is _odd_
<smoser>  * newer package in -update [not in cache], so referenced deb is now gone
<smoser>  * apt-get install package
<smoser> i think it fails because it sees that the version in its cache in -updates is newer than in -release
<Daviey> m_tadeu_, Are you sure that is the file that can't be found, or is that trying to execute another binary?
<smoser> and tries to get it
<Daviey> smoser, hmm
<dravekx> can someone explain to me how to create a cron job? I have one, but not sure how to make it run.
<hallyn> ivoks: bug 726461 sure sounds familiar :)  do you have anyone using ocfs on lucid who does not have instability?
<Daviey> smoser, Hang on..
<uvirtbot> Launchpad bug 726461 in openssh "sshd on lucid causes kernel panic" [High,Incomplete] https://launchpad.net/bugs/726461
<Daviey> smoser, If you shipped the apt cache of just the release pocket, the packages in the pool should be there for the life of the image.
<ivoks> hallyn: i have no problems
<m_tadeu_> Daviey: I have no idea, since it's a binary file, not a script. but I'm guessing if it would run another file it would be on the same dir....and now I'm on that dir
<ivoks> hallyn: let me see :)
<smoser> Daviey, right.
<hallyn> ivoks: really?
<smoser> but the apt-cache is just the apt-cache that the build was done on
<hallyn> ivoks: ok, then maybe i'm just unfairly prejudiced
<smoser> i *could* selectively clean it, yes.
<Daviey> smoser, Yeah... that is what i was thinking
<smoser> oh
<smoser> shoot
<smoser> heres why that doesn't work
<Daviey> smoser, so you attempt to update, but if that fails you then know you can still install packages that will succeed
<smoser> if you do that, and then run 'ubuntu-bug installed-package' where installed-package came from -updates
<smoser> it will say "not an ubuntu package"
<smoser> and you're confused
<ivoks> hallyn: lol... this does look familliar, but i wouldn't blame ocfs2 yet
<Daviey> m_tadeu_, Sorry, i have no experience with that binary.  The best i can direct you to is googleing for that binary name and the error message
<Daviey> m_tadeu_, hopefully that will help
<Daviey> smoser, hmm
<m_tadeu_> Daviey: tryed that before comming here :)
<Daviey> smoser, hmm
<ivoks> hallyn: i've had problems with iscsi, though
<Daviey> smoser, I guess this matters more for post release images, rather than natty final
<smoser> Daviey, so i actually had to do some work to make this all work the way it does... we rename the cache files so they match the mirror that we select on boot.
<Daviey> smoser, BUT, this is just to cater for failure when initial update fails
<smoser> yes.
<smoser> so maybe if update fails, just tag for isntallation and warn
<smoser> but what sucks about that is that in most cases, it *would work*. (most packages don't have updates in -updates)
<Daviey> smoser, yeah.. i don't know how to mark for installation in apt-get, but aptitude is easy to do that.
<ivoks> hallyn: otoh, do_filp_open is a function in fs/
<smoser> surely there is some way. i will just dig a bit.
<smoser> thanks.
<Daviey> smoser, Keep us posted on what you do.
<hallyn> ivoks: in the past that sort of oops signature wouldve convinced me aufs was to blame, but that seems not involved here
<smoser> oh yeah, i'm sure you're on the edge of your seat :)
<smoser> the real key is for the update to not fail
<zul> hmmmm?
<smoser> (and it shouldn't we've got local mirrors)
<smoser> but it could still fail in the case of user added repositories
<Daviey> smoser, Good point
<smoser> i'm thinking try and fail
<smoser> and warn
<zul> whats going on about?
<Daviey> smoser, easiest!
<Daviey> zul, see scrollback
<jibel> Daviey, jamespage sounds good to me too, thanks.
<ivoks> hallyn: yeah... but i don't believe it's ocfs; i refuse to believe :D
<jamespage> Daviey: ack
<hallyn> ivoks: well, the thing is, the idiom where putfile calls get_empty_filp() doesn't really seem like it fits anywhere but aufs
<ivoks> hallyn: maybe he uses aufs :)
<hallyn> oh no i was misreading
<uvirtbot> New bug: #728442 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728442
<ivoks> hallyn: well, if i understand correctly, he's not using ocfs2 on the box that crashes
<ivoks> hallyn: he's just doing lvm snapshot
<ivoks> oh, it does mount it, but after the snapshot is taken
<zul> uvirtbot: yes we know
<uvirtbot> zul: Error: "yes" is not a valid command.
<uvirtbot> New bug: #728444 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728444
<RoAkSoAx> morning all
<RoAkSoAx> hggdh: you ready?
<KurtKraut> How do I remove a package intentionally breaking its dependencies? I want to remove the most to date update version of libapache2-mod-wsgi without removing the packages  that depends on in and them manually install thru dpkg a .deb file of an old version of libapache2-mod-wsgi. How do I remove it?
<hggdh> RoAkSoAx, I am the readiest I can ever be ;-)
<hggdh> and good morning
<RoAkSoAx> hggdh: morning ;)
<RoAkSoAx> hggdh: alright fire everything up
<ivoks> KurtKraut: dpkr -r --ignore-depends=<package>,...
<ivoks> KurtKraut: dpkg, of course :)
<RoAkSoAx> hggdh: i'll prepare a config for you to  use. btw. Those servers support suspending right?
<ivoks> KurtKraut: or... dpkg -r --force-depends libapache2-mod-wsgi
<hggdh> RoAkSoAx, I believe they do, never had to try it before
<hggdh> RoAkSoAx, and, right now, they are all under powernap control and grasp
<KurtKraut> ivoks, it worked, thanks!
<RoAkSoAx> hggdh: what are we gonna do is change the config to how it was originally and see what happens
<Disconnect> anyone else running into an issue where you can't enable pxe at all on kvm vms? if pxelinux loads (even with localboot 0, localboot -1, localboot 0x80) it says "Booting from local hard drive" and then cycles immediately back to dhcp/netbooting.. I'm suspecting its cuz they use virtio but if I cancel netbooting before that ('n' to netboot, 'q' to quit) they boot fine..
<RoAkSoAx> hggdh: please change the config on the servers running powernap to http://pastebin.ubuntu.com/574975/
<RoAkSoAx> and sudo service powernap stop && sudo service powernap start again to make sure that the changes made effect
<RoAkSoAx> hggdh: and then tail -f /var/log/powernap.log
<RoAkSoAx> and let's let eucalyptus figure out what to do
<hggdh> ok
<hggdh> RoAkSoAx, interesting. The machines are up, but unresponsive
<RoAkSoAx> hggdh: what should happen though is that powernap will always detect /sbin/init and will never do any action by itself. So, since eucalyptus decides to poweroff and stuff, eucalyptus will just send a command to the NC's and they will suspend of poweroff
<RoAkSoAx> hggdh: any logs/ both eucalyptus/powernap?
<hggdh> RoAkSoAx, not right now, having to reboot the CLC
<hggdh> RoAkSoAx, the CLC is unresponsive
<RoAkSoAx> oki
<hggdh> RoAkSoAx, I am assuming that all other config options are good as they are now
<hggdh> and I have restarted powernap on the NC, waiting for the CLC to finish reboot
<RoAkSoAx> hggdh: ok ;)
<kriswalo> Hi, my ubuntu server "crashed"/froze/"disapered from the network" a couple of days ago so I had to physically reboot it to be able to reconnect to it. Now I got my connection back up, but I'm not able to run a python script I have that's supposed to run and manage transmission for me. I get 401: Unauthorized user. Can someone help me?
<hggdh> RoAkSoAx, OK. I have now to restart the NC, since whatever happened has already happened -- the CLC cannot see any regions available on the NC
<RoAkSoAx> hggdh: ok so I'm assuming that PowerNap itself has not suspeneded the NC's since the ProcessMonitor tracks the init daemon which will always be present in the process table.
<RoAkSoAx> hggdh: can you show me powernap logs from any NC aswell as eucalyptus logs where it shows what it is doing with powernap (if it is sending wakeup signals and stuff)
<hggdh> RoAkSoAx, I think it had done so _before_ I restarted it, and the euca tables got confused
<hggdh> RoAkSoAx, will do, as soon as system is back up
<RoAkSoAx> ok
<patdk-wk> still working on that?
<RoAkSoAx> patdk-wk: wer are just about to start
<hggdh> RoAkSoAx, well, guess what...
<hggdh> RoAkSoAx, now the CLC does not contact the NC
<hggdh> not even to start
<ivoks> hallyn: http://oss.oracle.com/pipermail/ocfs2-users/2010-September/004686.html
<RoAkSoAx> hggdh: can you ssh into the NC?
<hggdh> RoAkSoAx, yes. But Euca (on the NC) is reporting apache2: symbol lookup error: /etc/eucalyptus/axis2/services/EucalyptusNC/libEucalyptusNC.so: undefined symbol: rampart_print_security_processed_results_set
<RoAkSoAx> hggdh: ahh!1 that's the same error I was experiencing. But, wasn't that fixed already?
<hggdh> so we cannot really test -- we need the NC to register sanely at least once :-(
<RoAkSoAx> Daviey: ^^
<hggdh> RoAkSoAx, seems to be new, actually, I did not see it on A2
<hallyn> ivoks: (curse needless line wrapping) that one looks like memory got walked over
<hggdh> (new == new since A2)
<hggdh> GOOD MORNING Daviey
<ivoks> hallyn: yeah, it's not the same
<RoAkSoAx> hggdh: can you ssh into the NC?724470
<RoAkSoAx> argh
<RoAkSoAx>  bug
<RoAkSoAx>  bug #724470
<uvirtbot> RoAkSoAx: Error: Could not parse data returned by Launchpad: The read operation timed out
<hallyn> but how come it *always* has that do_filp_open -> get_empty_filp -> apparmor_alloc_file_security trace (-> kzalloc) trace?
<hggdh> RoAkSoAx, yes, I can ssh in
<RoAkSoAx> hggdh: the bit ius wrong: check https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/724470
<uvirtbot> Launchpad bug 724470 in eucalyptus "apache2: symbol lookup error: /etc/eucalyptus/axis2/services/EucalyptusNC/libEucalyptusNC.so: undefined symbol: rampart_print_security_processed_results_set" [High,Fix released]
<hallyn> ivoks: and have you ever seen this with 2.6.35?  of course people will use this in LTS which is .32, but I do wonder if it's been long fixed
<ivoks> hallyn: i haven't see it with .32 either
<hggdh> RoAkSoAx, yes, I am running rev1255, will update
<hallyn> ivoks: you mean you, personally, have not see it on .32, right?
<Daviey> morning hggdh
<Daviey> hggdh, that should be fixed!!
<hallyn> Daviey: do you have any idea (a) what's up with and (b) if anyone's looking at bugs 727342 and 727586 (and the several other similar ones)?
<uvirtbot> Launchpad bug 727342 in open-vm-tools "package open-vm-dkms 2010.06.16-268169-3ubuntu1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/727342
<uvirtbot> Launchpad bug 727586 in open-vm-tools "package open-vm-dkms 2010.06.16-268169-3ubuntu1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/727586
<hallyn> Daviey: or rather, does anyone look after open-vm-tools?
<Daviey> hallyn, I don't think anyone is looking at those atm
<hallyn> i think for starters I'll mark them all dups and confirmed...
<hggdh> Daviey, it probably is, but not on a3 (as yesterday' s image had it)
<ivoks> hallyn: right
<hggdh> Daviey, I am upgrading to rev1256
<Daviey> hggdh, Looks like it's been community maintained
<hallyn> ivoks: I supposed it's not unlike those weird bridging bugs - too dependent on environment to reproduce :(
<Daviey> hallyn, I just messaged the last uploader, and the person that sponsored it to see if they want to touch it
<ivoks> hallyn: we could try reproducing it, but i don't have hardware atm :)
<Daviey> hallyn, sadly, the person that last changed it is offline
<jibel> jamespage, Daviey , hggdh ,can one of you pickup the test "UEC install (minimal topology)"  ?
<hallyn> Daviey: oh, cool, thanks.  Though my guess is that it's not a regression from a bad upload, but just out of date kernel module code
<Daviey> hallyn, yeah
<Daviey> jibel, I think hggdh is already hammering that
<Daviey> hallyn, I haven't compared but it could be the same issue as bug #498677
<uvirtbot> Launchpad bug 498677 in open-vm-tools "open-vm-tools kernel modules don't build on lucid kernels" [Medium,Fix released] https://launchpad.net/bugs/498677
<Daviey> hallyn, which could mean, as you say  - it needs refreshing against the latest kernel
<hggdh> I had forgotten to update the status of the test, jibel
<hallyn> Daviey: pls ping me if you hear back from the uploader
<Daviey> hallyn, Which means an upstream fix (they fixed the last one).
<Daviey> hallyn, Have you compared upstream commits looking for a fix?
<hallyn> Daviey: no, i'm wasting my f'ing time marking 100 f'ing dupes
<Daviey> hallyn, :(... I think we need an LP API tool for that.
<hallyn> Daviey: well, we need a maintainer for that package so that the bugs don't stack up until my 'why do i see a new bug like this every day in my inbox' filter goes off :)
<Daviey> heh
<hggdh> Daviey, what is the issue on the upstart failing on euca?
<hggdh> just got ity
<Daviey> hggdh, It's eucalyptus-network upstart job blocking
<hggdh> Daviey, any bypass?
<Daviey> hggdh, not exactly sure yet... it's either a change in upstart or eucalyptus-networking job failing.
<Daviey> perhaps due to dhcpd
<Daviey> hggdh, the bypass is simple...
<Daviey> hggdh, What server is this on?
<hggdh> Daviey, sapodilla and soncoya
<Daviey> hallyn, I'm feeling the dupes on bug #717397
<uvirtbot> Daviey: Error: Could not parse data returned by Launchpad: The read operation timed out
<hallyn> Daviey: well while there are bugs for lucid, mav, and natty, i think each will need a different fix
<hallyn> not sure though.  almost ready to d/l the source :)
<hggdh> Daviey, bypassed, quite easy. It is a change in upstart
 * SpamapS perks up
<SpamapS> upstart?
<hallyn> oh no, we woke up SpamapS
<Daviey> hggdh,  http://pb.daviey.com/HiVP/raw/
<hallyn> SpamapS: no no, we were just talking about sysvinit and how it rocks
<SpamapS> hallyn: +1 ;)
<jkg> all this new-fangled upstart stuff, much like modern hardware/device management, and things like apparmor, make me feel like a bit of a luddite :-/
<hggdh> RoAkSoAx, now we are ready
<RoAkSoAx> hggdh: alrighty
<Daviey> hggdh, Pain that euca didn't make the Alpha cd.
<hggdh> RoAkSoAx, here's what I will do: I will start submitting instances; they all should fail (because of the DHCP issue)
<Daviey> Yeah
<RoAkSoAx> ok
<hggdh> Daviey, yeah :-)
<hggdh> RoAkSoAx, so we should have the NC doing the same thing as before
<Daviey> oh goody
<Daviey> hallyn, the person that sponsored it wasn't involved in fixing it
<RoAkSoAx> hggdh: so this time the NC should go to sleep and then when trying to fire up an instance it should come back up
<hggdh> yes. Let's hope it does get to the 'when trying to fire up an instance' -- which I am not really sure right now
<iggi> Question, is there anything like oVirt for an Ubuntu machine?
<Daviey> soren, Didn't you play with ovirt ages ago?
<iggi> Daviey: I did see something on the list, but it was circa 2008
<iggi> The main problem is that the only competitor I can find went closed source (enomolism?)
<soren> Daviey: No, I decided it wasn't interesting enough to sustain The Pain of A Million Ruby Gems[tm].
<soren> Daviey: Or thereabouts. I didn't actually count them.
<iggi> soren: heh, fair enough. I will have to live with virt-manager+x11 forwarding unless you know a better way
<hallyn> Daviey: (just curious) meaning he got back to you and said that, or that you thought I was casting random blame left and right?  :)
<soren> iggi: Why do X11 forwarding?
<hallyn> Daviey: I'm having some trouble with the build-depends being insufficient, tbh.
<hallyn> hm, or, no, something went wrong on thsi system.  feh.
<iggi> soren: virt-manager and connecting to nodes turned out to be a pain last I tried. I could only get it working via SSH and that required a password for every action. I supposed PSK, but never had that working right with virt-manager.
<iggi> suppose*
<soren> iggi: ssh forwarding is by far the easiest. It automatically tunnels vnc connections, too.
<soren> It's quite simple to set up, really. ssh-keygen, ssh-copy-id, done.
<RoAkSoAx> hggdh: anything?
<hggdh> RoAkSoAx, differently from the previous runs, it now *never* reports 0 resources
<hggdh> RoAkSoAx, so I canceled the test, and am now giving it a time for powernap to kick in
<RoAkSoAx> hggdh: ok, so that's good I pressume, since it will wakeup the NC whenever an instance is requested to run
<hggdh> RoAkSoAx, actually, I would have to restart the NC -- the instances are now stuck in shutting down
<hggdh> done. Now we wait for powernap to kick in (again)
 * kirkland high fives hggdh and RoAkSoAx 
<kirkland> powernaps to the people!
<RoAkSoAx> kirkland: hurray!!
<Daviey> hallyn, nah - seems to have been a drive by sponsor.
<iggi> Bah, cPanel does not support Ubuntu? :(
<hggdh> heh
<RoAkSoAx> hggdh: anything yet?
<b0gatyr> hi everyone
<hggdh> RoAkSoAx, it seems powernap never kicked in
<RoAkSoAx> hggdh: powernap by itself doesn't do anything afaik
<RoAkSoAx> kirkland: ping
<RoAkSoAx> hggdh: did it use to work out of the box before?
<hggdh> RoAkSoAx, this is similar to what I had before -- I never saw anything different
<RoAkSoAx> hggdh: for what I know the CC (or CLC) automatically decide what machine to powernap/wakeup
<RoAkSoAx> so powernap always runs
<RoAkSoAx> tracking sbin/init which will always be running
<RoAkSoAx> so powernap by itself will never perform an action
<RoAkSoAx> so when the cloud decices which NC to powernap, it sends a powernap-now command to the NC, which execs through the powernapd daemon, and performs the action (i.e. suspend)
<RoAkSoAx> and to wakeup it just sends a WoL
<RoAkSoAx> can I see your logs though?
<hggdh> RoAkSoAx, which logs you want?
<RoAkSoAx> hggdh: /var/log/powernap.log
<RoAkSoAx> hggdh: and I believe it is the NC log which shows when eucalyptus tris to wkaeup/powernap the NC's
<hggdh> RoAkSoAx, powernap.(err|log) are empty
<hggdh> RoAkSoAx, http://people.canonical.com/~cerdea/nc.log
<RoAkSoAx> hggdh: that's weird, did since DEBUG=3 in the powernap config
<hggdh> RoAkSoAx, duh, I had debug=1
<hggdh> restarted powenap now
<RoAkSoAx> hggdh: did you use the config settings I gave you?
<hggdh> RoAkSoAx, see above. All there, but debug was set to 1 by mistake
<RoAkSoAx> hggdh: ok the log by no means shows that any NC is idled
<RoAkSoAx> like it should at https://help.ubuntu.com/community/UEC/PowerManagement
<bobg> I am trying to get sudo-ldap installed in a preseed file. It fails because the prerm script of sudo pkg refuses because there is no root password (it does not know that sudo-ldap will replace it) I have tried preseeding a root password, I have tried setting "export SUDO_FORCE_REMOVE=yes in a preseed early_command.  How can I get sudo-ldap installed instead of sudo in a preseed installation?
<_wo_> hello
<_wo_> i dont hang out here
<_wo_> but im looking for info about running oprofile on amazon's ec2 platform
<_wo_> has anyone been able to do this?
<bobg> _wo_, its ok, noone wants to admit hanging out here. The first step is to admit you hae a problem
<_wo_> hehe
<_wo_> i always feel like a jerk for bursting into a chan and demanding answers to my questions
<hggdh> RoAkSoAx, even after resetting DEBUG to 3, and 'sudo restart powenap', the logs are still empty
<hggdh> RoAkSoAx, OK. When nothing else works, power it off, count to 10, power it on again.
<RoAkSoAx> hggdh: yeah you need to sudo service powernap stop / sudo service powernap start for the settings to make effect
<RoAkSoAx> I think that's a bug in upstart, isn't it SpamapS ?
<hggdh> RoAkSoAx, restarted
<Disconnect> anyone know why d-i isn't accepting the hostname? (dns resolution doesn't work, hoping thats not it..) its set in the preseed, but it still prompts. if i set it in the pxe config it works, but I need to preseed it.. (worst case, I can write it to /etc/hostname before rebooting and let puppet take care of fixing /etc/hosts, but thats a hack and a half..)
<RoAkSoAx> hggdh: man I now understand what you go through when testing Euca!! hehe
<bobg> Disconnect, what's the exact d-i line you are using?
<hggdh> RoAkSoAx, heh. Welcome to hell :-)
<thesheff17> Disconnect: d-i netcfg/get_hostname string hostname do you have this?
<Disconnect> d-i netcfg/get_hostname string test-host & d-i netcfg/get_domain string domain.com
<Disconnect> its popping up with 'ubuntu' as the default.
<Disconnect> (fyi if anyone else is having issues with pxelinux not accepting localboot on kvm vms, chain.c32 works fine.)
<RoAkSoAx> hggdh: brb gonna grab some chips and something to drink for today's long journey of testing euca+powernap :P
<bobg> Disconnect, looks fine to me -- I don't set the hostname in preseed
<Disconnect> the domain is set correctly in /etc/hosts (with no prompt) it just doesn't like the hostname :/
<Disconnect> once this build finishes i'll see what is in debconf. maybe there is something else related..
<bobg> Disconnect, do you install sudo-ldap in your preseed by any chance? (that's my problem -- I can't get that package to replace sudo in the preseed install)
<Disconnect> yah i do in fact :) have to hack it with a post-inst script though. hang on i'll pastebin something for you
<bobg> Disconnect, cool, you da' man (although I guess with the nickname Disconnect, I can't be sure :)
<Disconnect> http://pastebin.com/vs1vXwjL
<Disconnect> -might- be able to just "in-target env .."etc but I have a bunch of other post-run stuff
<bobg> thanks a bunch -- I am off to try it
<Disconnect> cool enjoy :)
<bobg> Disconnect, I just started an install to test. I also set the hostname in the preseed, but it still prompted me too
<Disconnect> awesome :/ at least i'm not alone :)
<georgie_b> can any one tell me a real time web traffic monitor software for xampp
<georgie_b> maybe also the cpu and memory usage load,performance monitors to0
<georgie_b> hello
<georgie_b> ne body there?
<PrickelPit> apachetop
<georgie_b> @PrickelPit : is apachetop a free software?
<Disconnect> damn. debconf-get-selections --installer | grep test-  just shows the same hostname. time to dig through the file by hand..
<RoyK> georgie_b: bsd license afaics
<RoAkSoAx> hggdh: im setting euca im my local machine
<hggdh> RoAkSoAx, I now have entries in powernap.log, but nothing seems to have happened. You want the log?
<RoAkSoAx> hggdh: sure. what intrigues me is why euca is not reporting anything
<hggdh> RoAkSoAx, indeed. No euca logs have entries matching 'wake' or 'power'
<hggdh> RoAkSoAx, http://people.canonical.com/~cerdea/powernap.log
<RoAkSoAx> hggdh: yeah as expected powernap is running and just waiting for a command from euca
<RoAkSoAx> which never comes
<hggdh> RoAkSoAx, we can try now with the old settings, and see what happens
<RoAkSoAx> ok
<Disconnect> bobg: fyi if you add "d-i netcfg/confirm_static boolean true
<Disconnect> then hostname preseeding works
<bobg> Disconnect, thanks for the tip
<bobg> Disconnect, btw, my install is getting close to the point where it fails to install the sudo-ldap pkg -- fingers crossed
<Disconnect> good luck :)
<Disconnect> oops maybe not. it worked once, then prompted. sigh. i'll keep arguing with it.
<hggdh> RoAkSoAx, with ACTION_METHOD=0 the system went into powersave (so it seems). But euca did not trigger anything visibly
<RoAkSoAx> hggdh: yeah so for euca the NC is still running
<hggdh> indeed
<bobg> Disconnect, my sudo-ldap pressed installed -- thanks
<RoAkSoAx> hggdh: change ACTION_METHOD=1 and let the machine suspend and we'll see what euca does
<hggdh> RoAkSoAx, ack
<RoAkSoAx> hggdh: better yet,m change it to 4
<RoAkSoAx> in case it does not support suspend it will poweroff
<hggdh> k
<dmesg> all  will be a
<RoAkSoAx> hggdh: btw.. is the scehduler policy Round Robin or PowerSave?
<hggdh> RoAkSoAx, roundrobin
<RoAkSoAx> hggdh: ok so then if we are in roundrobin then powernap should not do any action on the NC's because that should be managed by euca when on SCHEDPOLICY=POWERSAVE
<Disconnect> bobg: cool no problem. (that is the biggest most non-debian/ubuntu mess i've ever seen. we can't install it with puppet because of the environment var. can't preseed it, can't install it from apt..)
<hggdh> duh
<Disconnect> rather, from aptitude (or apt-dater or ..)
<RoAkSoAx> hggdh: so that means if running ROUNDROBIN then we should either disable powernap or configure it to monitor the Process "init"
<Disconnect> can't sudo install it unless you let them use 'env'..
<RoAkSoAx> hggdh: so that it will never send the machine to "sleep"
<hggdh> RoAkSoAx, let set it back to monitor init first
<hggdh> RoAkSoAx, with action-method=4
<RoAkSoAx> hggdh: yes having that would be how powernap default before natty
<RoAkSoAx> hggdh:
<RoAkSoAx> [ProcessMonitor]
<RoAkSoAx> #init = "^/sbin/init"
<RoAkSoAx> just uncomment that line
<RoAkSoAx> what will happen is that powernap will never go to sleep because it will always detect the init process
<hggdh> RoAkSoAx, powernap restarted as above
<RoAkSoAx> hggdh: ok so this way everything should be as original
<RoAkSoAx> i mean the beahviour as un previos releases should not change
<RoAkSoAx> hggdh: I'm gonna write a before/after doc explaining how it was working and how is working now that will help us understand the issues
<RoAkSoAx> hggdh: let me ask you on question though. If we are in ROUNDROBIN and you manually turn off an NC, will the CLC/CC try to wake it up or will just assume that the node is off/failed or not available
<bobg> hey Disconnect, are you providing your preseed over tftp?  Isn't it too late to provide the network configuration then?  Maybe its ignoring all of the netcfg preseeds because it already configured the network to access tftp
<Disconnect> it'll get it over http. in pxelinux append "url=http://(our foreman server):3000/unattended/preseed"
<hggdh> RoAkSoAx, on round-robin it would assume the NC off
<Disconnect> it says dhcp hostname will override the preseed if it is provided, but dhcp isn't providing a hostname.. (as evidenced by the fact that it takes domain from preseed and then prompts for the "missing" hostname..)
<bobg> Disconnect, what I am suggesting is that maybe the installer inspects all of the netcfg/ debconf vars (even the hostname) when its first initializing the network.  Then it loads your preseed from the network but it ignores the dbconf values that it has already queried
<Disconnect> what i suspect its doing is: read netcfg from commandline, feed hostname/etc into dhcp client. get response back (including same hostname if present), use hostname, get preseed. if that hostname isn't present on the commandline, it'll come back blank and - for whatever reason - that overrides the debconf entry anyway..
<jfluhmann> running into a situation similar to bug 29858 (https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/29858)
<jfluhmann> I have my root mounted on lvm that includes local drives and a Dell MD3000 storage array
<uvirtbot> jfluhmann: Error: Could not parse data returned by Launchpad: The read operation timed out
<uvirtbot> jfluhmann: Error: Could not parse data returned by Launchpad: The read operation timed out
<jfluhmann> worked fine when using just the local drives
<jfluhmann> system dropped to the busybox shell upon reboot after adding the MD3000 storage (which is similar to bug #29858)
<uvirtbot> Launchpad bug 29858 in initramfs-tools "root on lvm fails to boot." [High,Confirmed] https://launchpad.net/bugs/29858
<jfluhmann> I'm able to exit the shell and go to my normal login and things seem to work
<jfluhmann> any direction on where I can start looking?  Seems like there's a step in the boot process that needs to be moved.
<Bilge> How can it be that if I set the owner to root and the chmod to '0' for a file
<Bilge> i.e. nobody can read/write/execute it
<Bilge> That a program can set the owner to itself and give itself read and write permissions
<geekbri> any start-stop-daemon experts in here?  No process in pidfile '/var/run/stage2_loader/reporting_stage2_loader.pid' found running; none killed. i'm getting that error message but when i cat the pidfile it does indeed contain the proper pid for the daemon running
<patrickw> Is anyone running OpenAM (server + agent) on Lucid?  I can't seem to get it working...
<patrickw> Err, and by OpenAM I meant the fork of Sun's OpenSSO, not the answering machine or whatever else is called OpenAM.
<hggdh> RoAkSoAx, I do not see the symptoms I had on A2
<RoAkSoAx> hggdh: alrighty then so we can assume everything is working as expected. now the issue might appear when we use SCHEDPOLICY=POWERSAVE
<RoAkSoAx> hggdh: explanation here: http://pastebin.ubuntu.com/575114/
<hggdh> RoAkSoAx, agreed
<RoAkSoAx> hggdh: will email kirkland about it to decide default behavior and so that it remains compatible out of the box for eucalyptus
<jiboumans> smoser, around?
<jiboumans> i'm seeing this in my logs on a few machines; does this ring a bell to you? http://pastebin.com/BKHwHqDf
<patdk-wk> jiboumans, google it
<patdk-wk> that has been around forever
<jiboumans> patdk-wk: that's exactly why i ask
<jiboumans> there's tons of issues reported, and fixes as well
<jiboumans> i'm curious as to which may or may not have made it to 10.04.2
<Daviey> jiboumans, Wow, that is a throwback from the past.. I thought that was dealt with now, what release is that?
<jiboumans> 10.04.2, latest amis
<Daviey> crikey
<smoser> jiboumans, here.
<jiboumans> the pids its reporting are no longer running on the machine, and i have been experiencing xvfb crashes on those, hence i'm wondering if its' related
<smoser> jiboumans, 'import' like image magick?
<jiboumans> ah hmm
<jiboumans> smoser: yes, there's a cronjob that takes screenshots. i belive it uses image magick
<jiboumans> smoser: reckon this issue can be taking down xvfb?
<smoser> i suspect that binary is not built properly built. i havenot looked much at it
<smoser> there is comment to that effect in https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/427288
<smoser> which is where we fixed the majority of it
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: The read operation timed out
<smoser> https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/432718 has a suggestion about how you could "fix" that binary with chrpath
<uvirtbot> Launchpad bug 432718 in dbus "dbus programs will not use nosegneg libraries" [Undecided,Fix released]
<jiboumans> smoser: reading now
<SystemTyrant> This question has nothing to do with ubuntu, but does anybody know what the shortest cat 6 patch cable can be?
<smoser> hmm., but
<smoser> $ chrpath /usr/bin/import
<smoser> /usr/bin/import: no rpath or runpath tag found.
<smoser> oh wait. that is a natty instance
<orudie> how can i check which version of postfix server i'm using
<jiboumans> smoser: if i'm reading this correctly updating dbus should fix this problem, no? if so, i have a more recent version of dbus installed than the one needed to get this patch.
<smoser> no
<smoser> the dbus  programs were incorrectly built
<smoser> and were causing that message because they would not use the nosegneg libraries
<smoser> i suspect that imagemagick is similarly incorrectly built
<smoser> it doesn't look like it is import, but something there is cuasing it
<jiboumans> can i do somethign to help track this down
<_wo__> hey
<_wo__> hey everybody
<smoser> your imagemagick is from the archive? jiboumans ?
<_wo_> i was secretly _wo_ this whole time
<_wo_> and you thought i was _wo__
<_wo_> no need to applaud, my work speaks for itself
<smoser> a simple invocation of 'import' doesnlt do it for me, and chrpath and ldd seem to idnicate import is using the correct libraries.
<Daviey> We /used/ to ship a libc6-xen for this situation jiboumans ... dunno why it stopped.
<smoser> Daviey, its installed in the images
<Daviey> smoser, ah.. that i thought fix0rd it.
<jiboumans> smoser: ii  imagemagick 7:6.5.7.8-1ubuntu1.1 image manipulation programs, straight from ubuntu mirrors
<orudie> any idea why I get this error when I type php -version http://paste.ubuntu.com/575126/
<smoser> jiboumans, i can't seem to reproduce it
<jiboumans> smoser: my setup is xvfb-run firefox and then using import to take a screenshot of the firefox instance
<uvirtbot> New bug: #728633 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728633
<jiboumans> smoser: i'm not sure if that adds anything to the mix
<smoser> i just tired running vnc4server and then inside that using import
<smoser> and I dont see any messages.
<smoser> what is the import command line look like ?
<smoser> maybe i need to force it down a path
<jiboumans> smoser: you an do it from the cli
<jiboumans> let me show you
<jiboumans> smoser: http://pastebin.com/RgbP1K18
<jiboumans> that's the start & screenshot script
<jiboumans> you can use xvfb-run xeyes or sometthing else i'm sure
<jiboumans> smoser: this is the important part for the screenshot: DISPLAY=${PORT} import -window root ${FILE}
<jiboumans> default port is :99
<smoser> right. thats what i was missing
<smoser> you see the libsegneg warnings in dmesg, right ?
<jiboumans> yup
<smoser> jiboumans, ? i dont see them here.
<smoser> xvfb-run firefox http://slashdot.org
<smoser> then
<smoser>  DISPLAY=:99 import -window root my.png
<jiboumans> are you running this on a lucid 10.04.2 server ami ?
<smoser> yep.
<jiboumans> hum
<smoser> $ dpkg-query --show imagemagick xvfb
<smoser> imagemagick     7:6.5.7.8-1ubuntu1.1
<smoser> xvfb    2:1.7.6-2ubuntu7.5
<smoser> and i verified that my.png looks like a firefox screenshot
<jiboumans> smoser: it only shows up once in my dmsg
<jiboumans> pretty much towards the end of boot
<jiboumans> the cronjob fires every few minutes though
<smoser> on console ?
<smoser> or in 'dmesg' output
<jiboumans> 'dmesg'
<smoser> yeah. i dont see it
<smoser> (it probably goes to console too, just was verifying)
<jiboumans> smoser: shows up in kernel log: ./kern.log:Mar  1 00:32:42 emulator-a018 kernel: [  345.360127]   **          in /lib/tls glibc libraries. The emulation is
<jiboumans> that's the only time
<jiboumans> which is pretty much boot time for that host
<jiboumans> smoser: so we're not chasing something less important; if this is jsut slow performance, i dont really care, but my xvfb processes are crashing left and right without leaving any traces in logs, console etc
<jiboumans> and i'm trying to find the root cause. this error stood out as something to investigate, but i'm not sure if it's a red herring or not
<smoser> it really should just be slow performance
<smoser> and i'm not really sure how slow.
<jiboumans> bummer
<smoser> like if its 10% or 200%
<smoser> i think red herring for xvfb
<smoser> but if its easily reproducible, you might just try the same xvfb in a kvm guest
<smoser> and see if you can't get it to reproduce there.
<jiboumans> it's reproducable on all the ec2 machines; after a whlie they just fall over
<Daviey> smoser, AFAIK kvm has never had this issue... it was something xen was plagued with
<jiboumans> but the issue is no logs; i'm already running it inside screen with logging turned on
<smoser> Daviey, right.
<smoser> it wont.
<smoser> which is why i was suggesting cutting out that red herring
<jiboumans> well, i'll just turn off the screenshots
<jiboumans> it's a diagnostic tool i can live without
<smoser> how do they go belly up ?
<smoser> or fall over.
<jiboumans> my monitoring tool tells me that there's no xvfb process running anymore
<jiboumans> the screen.log shows firefox whinging its display went away and then crashing
<jiboumans> the xvfb log says nothing
<Daviey> jiboumans, What happens if you disable tls?
<Daviey> jiboumans, ie,  mv /lib/tls /lib/tls.disabled
<jiboumans> Daviey: if it's just the screenshots creating that message, i'll just turn those off
<jiboumans> i can find this out very shortly
<jiboumans> smoser: syslog, daemon.log, kern.log, etc, all quiet
<jiboumans> on oom killer
<jiboumans> all quiet on the western front =/
<schmichael> where is a 10.04 AMI with root store as instance (not ebs)?
<schmichael> these are all ebs: http://uec-images.ubuntu.com/releases/10.04/release/
<schmichael> ah, found ami-7000f019. that should work
<Jonny5^> hey guys, where can I find a .torrent for ubuntu server?
<Pici> !torrents
<ubottu> Maverick can be torrented from http://torrent.ubuntu.com/simple/maverick/desktop/ubuntu-10.10-desktop-i386.iso.torrent or http://torrent.ubuntu.com/simple/maverick/server/ubuntu-10.10-server-amd64.iso.torrent depending on your architecture. Other flavors can be found at http://torrent.ubuntu.com/
<Jonny5^> thank you kind sir!
<resno> setting up fetchmail and /etc/fetchmailrc is there. what should i do?
<resno> is not*
<Jonny5^> does ubuntu server include a gui for a stupid windows user like me?
<resno> you can install it
<resno> what are you looking to manage though?
<resno> there are web based tools
<Jonny5^> I need it mainly for file sharing and chat, but it would be neat if I could use it for webbrowsing and viewing images and documents occasionally.
<Jonny5^> oh and source control
<resno> surfing the web on a server?
<Jonny5^> you know, for new downloads, stuff etc
<resno> or through it?
<resno> im confused by your purpose
<Jonny5^> hmm. no. I actually thought of browsing. like open firefox and click stuff
<Jonny5^> as a "backup desktop"
<resno> you can do that if you want, most people wouldnt recommended that
<resno> you can use the desktop versino and just install the server tools you need
<Jonny5^> I know, I wouldnt recommend it myself
<Jonny5^> but that's just a minor reason. the main reason for having a gui is to be able to scroll through settings menus and stuff
<Jonny5^> you know, the way people manage windows servers
<Disconnect> you won't find a lot of them to scroll through
<Jonny5^> well, I did appreciate the network settings dialog on knoppix a lot.
<Jonny5^> that was way easier than finding the proper man page
<resno> you are looking for a tool like webmin then
<Jonny5^> does that come with the distro?
<resno> to actually manage the machine
<resno> no
<resno> thats silly
<Jonny5^> :/
<resno> youll have to nistall it
<Jonny5^> what does webmin do then? is there a pm to help me install it?
<resno> its not readily package with the installer
<resno> youll have to do it more manual, buts what you're looking for
<Jonny5^> fair enough
<Jonny5^> I hope I don't have to build it myself though
<resno> nah
<resno> google for it, its harmless isntall
<Jonny5^> alright then. thanks again :)
<Jonny5^> so, risking a flame war.. why would I choose debian over ubuntu?
<resno> personal preference
<resno> ubuntu is debain in many respects
<resno> beyond that someone else will answer
<Jonny5^> are the packages compatible?
<resno> somewhat
<Jonny5^> :/
<resno> theres going to be samll differences
<resno> ubuntu releases faster
<resno> debain has longer rlease patterns
<resno> think centos to fedora
<resno> if that helps
<Jonny5^> you lost me with that last reply ^^
<resno> then forget it
<Jonny5^> k
<RoAkSoAx> hggdh: ok so I'm tryting to reproduce this locally and I can't get it to work... I installed following https://help.ubuntu.com/community/UEC/CDInstall
<RoAkSoAx> and the NC is not detected
<RoAkSoAx> any ideas on how to resolve?
<RoAkSoAx> hggdh: however, when doing euca_conf --list-nodes it does actually show the NC IP
<hggdh> RoAkSoAx, look at /var/log/eucalyptus/registration.log
<RoAkSoAx> hggdh: registered
<RoAkSoAx> 2011-03-03 15:29:40-05:00 | 19622 -> Node 192.168.122.72 is already registered.
<RoAkSoAx> [Thu Mar  3 15:44:41 2011][026938][EUCADEBUG ] DEBUG: requested URI http://192.168.122.72:8775/axis2/services/EucalyptusNC
<RoAkSoAx> [Thu Mar  3 15:44:41 2011][026938][EUCADEBUG ] 	ncClientCall(ncDescribeResource): ppid=23816 client calling 'ncDescribeResource'
<RoAkSoAx> [Thu Mar  3 15:44:41 2011][026938][EUCAERROR ] ERROR: DescribeResource() could not be invoked (check NC host, port, and credentials)
<hggdh> RoAkSoAx, run 'euca-describe-availability-zones verbose', you should have a non-zero value for the limits
<hggdh> huh?
<RoAkSoAx> hggdh: http://pastebin.ubuntu.com/575175/
<RoAkSoAx> hggdh: this is in KVM btw
<hggdh> yeap, does not seem to be there
<RoAkSoAx> weird indeed
<RoAkSoAx> hggdh: ahhh apparently it didn't install the -walrus :S
<RoAkSoAx> package
<hggdh> heh
<RoAkSoAx> that might be it
<hggdh> it might. But I remember Dustin has to tweak something to run fully virtual
<RoAkSoAx> hggdh: yeah there's something to change from KVM to QEMU
<RoAkSoAx> i just don't remnember but, regarless, it should be able to report that the NC is up
<RoAkSoAx> and be able to connect to the URL
<hggdh> yes, you should be able to at least see a contact
<RoAkSoAx> hggdh: ill try to look little deeper to see what might be going wrong
<RoAkSoAx> hggdh: daaaaaaaaaah dumb me... same issue as you I think :):P Didn't update to the latest eucalyptus
<RoAkSoAx> lol
<RoAkSoAx> Daviey: have you found out anythen else about the IFACE problem in the upstart job?
<Daviey> RoAkSoAx, no
<RoAkSoAx> Daviey: k that's just weird though
<RoAkSoAx> Daviey: hggdh if a NC is off, should I expect to see any change sin euca-describe-availability-zones verbose ?
<Daviey> RoAkSoAx, open bug about that
<hggdh> RoAkSoAx, Daviey: the way I bypassed it was by taking out the instance $IFACE. The issue seem to be that this stanza is called without IFACE being set
<Daviey> It is an indication NOT a promise of accuracy
<Daviey> hggdh, hmm
<Daviey> guess previously that was allowed
<hggdh> RoAkSoAx, it should -- most of the times -- show you 0 availab ility
<hggdh> Daviey, yes, it was.
<RoAkSoAx> hggdh: "most" hehe the NC is off and the CLC still shows AVAILABILITYZONE|- m1.small0002 / 0002   1    192     2
<hggdh> RoAkSoAx, heh. It should update in a few, on the next contact
<RoAkSoAx> hggdh: nah i'm thinking might be because of the SCHEPOLICY=POWERSAVE
<hggdh> indeed
<RoAkSoAx> hggdh: ok just tested... on POWERSAVE and ACTION_METHOD=0, Euca assumes that node is off and skips its checking
<RoAkSoAx> hggdh: and the NC is running in PowerSave mode
<hggdh> RoAkSoAx, even when the NC is *not* yet in powersave?
<RoAkSoAx> hggdh: looking it simple, When the CC sends the command to Powernap, ti executes the action and goes to PowerSave... and CC assumes that node is sleeping, even tho it is not because the node is running in powersave. If something triggers any of the monitors in the NC and PowerNap detects it, it will wake up (example, if there's console activity in the NC). But the CC will have no clue of this has happened
<RoAkSoAx> hggdh: however, if the CC needs to run an instance, it will send a powerwake to the NC, which will in trun recover action
<hggdh> RoAkSoAx, so, even in a rather convolute way, it works
<RoAkSoAx> hggdh: this of course doesn't consider "What if PowerNap goes to sleep before the CC tells it to?". This however is easly fixable by just adding a ProcessMonitor to sbin/init
<RoAkSoAx> hggdh: in the perfect world, where powernap/eucalyptus timers are in sync, PowerSave works just fine, which I'm surprised but it is awesome
<hggdh> yeah. One more thing to check
<hggdh> RoAkSoAx, we should count our blessings...
<RoAkSoAx> hggdh: After I finish my review I'll post all the info in the bug and decide what to do (either recommend to tune up PowerNap config after installation, or ship defaults)
<RoAkSoAx> s/in the bug/in the bug report
<hggdh> RoAkSoAx, thanks. It might be a good idea to consider it for a release note, perhaps?
<RoAkSoAx> hggdh: yeah!! We need to consult this with kirkland as well
<hggdh> roj
<mray> is there a trick to using preseed.cfg files with a USB thumb drive? I just want it to pass the file to the installer and go
<mray> I've monkeyed around with the syslinux.cfg and no variation of file or preseed/file seems to work
<mray> I've read the installer guide section a few times, using the example as my preseed.cfg until I see that it's actually working
<mray> thumb drive just boots into the regular installer
<uvirtbot> New bug: #728752 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728752
<RoAkSoAx> mray: i think you are looking for something like this: http://testcases.qa.ubuntu.com/Install/ServerWhole#Preseeded%20Installation
<mray> RoAkSoAx: that's pretty close, I've seen that but I really want it to skip the first few steps as well
<mray> I want an unattended reinstall
<RoAkSoAx> mray: maybe cobbler?
<mray> I thought preseed was the preferred way to do Ubuntu installs :)
<RoAkSoAx> mray: my this? https://help.ubuntu.com/community/Installation/UnattendedCD
<RoAkSoAx> mray: or http://www.debuntu.org/how-to-unattended-ubuntu-network-install
<mray> I'd thought about going down that path, maybe instead of thumbdrives I'll go with PXE
<mray> yeah
<RoAkSoAx> mray: yeah that's probably your best option
<mray> thanks
<RoAkSoAx> mray: now that you are here, what's the status of zenoss. Have you guys go it working in natty?
<mray> RoAkSoAx: I'm no longer with Zenoss, I'm at Opscode
<mray> I'm working on Chef
<RoAkSoAx> poh idn't know that
<RoAkSoAx> sorry about that one :)
<mray> no worries, I was recruited away
<mray> and now I'm working on OpenStack :)
<mray> which tends to trash server installs when it goes awry :)
<lool> smoser: oy
<lool> smoser: Not sure how much you care about S3 and specifically S3 + FUSE
<RoAkSoAx> mray: that's cool!! and yeah I know what you mean on the awry side of things ;)
<mray> I've got 3 boxes that take about an hour to reimage whenever I hose the Openstack install
<lool> smoser: I had a look at the most popular implementation, s3fs, and I've sent the packaging to the Debian ITP; it worked for me albeit slowly, but I've hit a deadend: it is GPL and links to openssl with no easy way to build with gnutls   :-/
<mray> so I need to automate it
<lool> smoser: I've just finished packaging s3-simple-fuse, and that one is faster and much simpler to maintain (it uses boto)
<mray> RoAkSoAx: gotta run, TTYL
<RoAkSoAx> mray: have a good one
<lool> smoser: Would you have any interest in that?
<c0nv1ct> when would it be beneficial to mark a connection rather than a packet in regards to traffic shaping?
<lool> smoser: If you'd like to try it out, it just finished building in my PPA
<airtonix> I'm looking for a way to rename a screen in byobu without restarting the byobu session, is this possible?
#ubuntu-server 2011-03-04
<airtonix> nvm, noobisms strikes, man page reveals all
<Jonny5^> does /etc/apt/sources.list count for aptitude as well or just for apt-get?
<twb> Jonny5^: yes
<Jonny5^> that wasn't an absolute question
<Jonny5^> so, the config works for both managers?
<Jonny5^> I gather yes. sorry for the stupid question
<Jonny5^> mmmh, webmin works
<Jonny5^> thanks fellows. I guess I'll have a lot of fun with my new box ^^
<twb> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<smoser> lool, i don't use s3 a lot myself. really only for ec2.
<Jonny5^> urgs
<Jonny5^> but I can manage my cups with it, right?
<lool> smoser: Ok; I figured you'd be the one hearing what Ubuntu users care about in terms of packaged tools
<smoser> well, the server team has had a "package cloud utils" uds session for the last few
<smoser> and we've packaged some
<lool> smoser: I was mostly wondering whether there was desire for this in Ubuntu, not from you personally but in general
<lool> Ok
<nertil> i got update linux firmware ?
<nertil> what does this mean
<Jonny5^> what's the command to view my command line history?
<gratidude> Jonny5^: history
<Jonny5^> cool. can I select a specific entry from the history somehow?
<gratidude> Jonny5^: !<num>
<Jonny5^> thanks! I really love this command line stuff
<gratidude> Jonny5^: have fun! :)
<Jonny5^> unthinkable, the times when I used to admin windows machines with mouse clicks ^^
<Jonny5^> thx :)
<Jonny5^> now I've just gotta get this printer working
<mpn> Hello, any new about ubuntu clustering?
<nertil> is it possible to setup my username nertil to be logeed all the time in ubuntu server?
<zeknox> nertil: yes
<zeknox> nertil: explain the purpose please?
<nertil> zeknox
<zeknox> nertil: yes
<nertil> well i run pisg statistics
<nertil> every time i am loged in the ubuntu server pisg can update
<nertil> if im not pisg cannot update
<nertil> it says this
<nertil> a/home/nertil/pisg-0.72/pisg an error occured: Couldn't execute "/home/nertil/pisg-0.72/pisg": no such file or directory
<zeknox> nertil: how often do you reboot the server?
<zeknox> nertil: have you tried setting up a cron job?
<nertil> yes i can with cron but i loose the msg that bot displays in channel
<nertil> it worked just well this days
<zeknox> nertil: not sure man
<nertil> what about my username be loged in non stop?
<zeknox> I would just log it into the console and not reboot the server
<nertil> maybe this have to do with rights?
<nertil> i need to set some rights
<zeknox> nertil: why does it think the file or directory does not exist, does it exist and what user is trying to execute it, do they have permision to view and execute it?
<nertil> i dont know
<nertil> i added 777 to everything
<nertil> to execute or access
<nertil> when im loged in the box with nertil
<nertil> everything is okey
<nertil> if i logof
<nertil> the error shows
<zeknox> who is executing it?  what user?
<nertil> nertil
<nertil> how can i do everyone can execute it
<zeknox> 777
<nertil> -rwxrwxrwx 1 nertil nertil   5329 2008-02-13 21:40 pisg
<zeknox> nertil: what if you have a cronjob output to a file with redirector > so you can get the messages?
<nertil> well i dont like cron
<nertil> it was just okay
<nertil> dont know whats messed up
<nertil> <@donvito2> !stats
<nertil> <+VMStat> Stats Updated: http://pisg.nertil.info
<nertil> i was in box
<nertil> im out
<nertil> <@donvito2> !stats
<nertil> <+VMStat> /home/nertil/pisg-0.72/pisg an error occured: Couldn't execute "/home/nertil/pisg-0.72/pisg": no such file or directory
<nertil> weird right?
<nertil> :))
<zeknox> yeah not sure what to tell ya
<zeknox> not familiar with the program
<nertil> well i think that is because my
<nertil> home folder nertil
<nertil> is encrypted
<zeknox> now you tell us that
<zeknox> and it needs the authentication to unencrypt
<zeknox> move that script and shit to a folder that is unencrypted
<zeknox> you should never be running anything from your home dir best practices say
<zeknox> /etc/pisg/pisg-0.72
<zeknox> that is what I would do
<nertil> can u tell me how to move it to /etc/?
<zeknox> sure
<zeknox> lets start with a little 'mkdir /etc/nertil
<zeknox> '
<zeknox> wihtout quotes of course
<zeknox> mkdir /etc/nertile               <-- this will make the folder than we can move it in there
<nertil> yep
<nertil> wait
<nertil> i think i copied
 * zeknox is waiting......
<zeknox> nertil: you may need to sudo
<nertil> i fixed
<nertil> :))
<nertil> it works now
<nertil> i did folder /var/etc
<nertil> and copyed pisg there
<nertil> at last
<nertil> :))
<zeknox> we did it!!!
<zeknox> I knew exactly what the prob was when you said encryption
<nertil> thumbs UP!
<zeknox> pwnin' nubs!
<uvirtbot> New bug: #728879 in mailman (main) "check_perms -f broke mailman" [Undecided,New] https://launchpad.net/bugs/728879
<TomTom> good morning! i am booting from the 10.10 64bit server iso and missing the driver for the 3ware 9750. which is called 3w-sas, how to allow to load this module during installation?
<andreasf> TomTom: Have a look at /etc/modules :-)
<TomTom> andreasf: there is no /etc/modules when booting the installer
<TomTom> i also tried to use the expert mode to see if i could get somehow the "scsi-extra-modules". but there was no such option
<Corleone> hi, how do i get my ubuntu 10.04 server to connect to my router using WEP, when i disable WEP it works fine, but it doesn't connect when enabled, any ideas?
<andreasf> TomTom: Ah, sorry. I misread. I thought the module doesn't get loaded at boot *after* installation.
<TomTom> AAAAAAAAAAAAAHG! https://bugs.launchpad.net/ubuntu/+source/linux/+bug/707303
<uvirtbot> Launchpad bug 707303 in linux "3w-sas is missing in scsi-modules-2.6.35-22-virtual-di_2.6.35-22.33_amd64.udeb" [Undecided,Incomplete]
<TomTom> is it possible to use the installer of 11.xx but installing 10.10 ?
<ajith_kgs> I am having trouble with my UEC. When i try to run instances, it says "running" but I cannot connect to it though i have given permission for my default security group using euca-authorize. Further investigation lead me to the empty console.log in my nc. Please advice..
<ajith_kgs>  I am having trouble with my UEC. When i try to run instances, it says "running" but I cannot connect to it though i have given permission for my default security group using euca-authorize. Further investigation lead me to the empty console.log in my nc. Please advice..
<ajith_kgs> can anyone help me
<ajith_kgs>  I am having trouble with my UEC. When i try to run instances, it says "running" but I cannot connect to it though i have given permission for my default security group using euca-authorize. Further investigation lead me to the empty console.log in my nc. Please advice..
<TomTom> are you a bot? repeating does not increase the chance of help, it raises the level of ignorance
<ajith_kgs> sorry
<Corleone> hi, how do i get my ubuntu 10.04 server to connect to my router using WEP, when i disable WEP it works fine, but it doesn't connect when enabled, any ideas?
<SpamapS> jamespage: ping?
<uvirtbot> New bug: #728925 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728925
<jamespage> SpamapS: pong (but guess you might be in bed :-))
<TomTom> its really a major pain to install ubuntu using a 3ware 9570. 10.04-2 server is 2.6.32-28 which conflicts with the 3ware provided drivers for 2.6.32-24, and 10.10 normally should contain the drivers but it was "forgotten" to include them... where do i get the current 3w-sas.ko which is compatible with the kernel provided by the 10.10 ?
<SpamapS> jamespage: actually I'm in SAST (UTC+2) ... :)
<jamespage> SpamapS: sprinting?
<SpamapS> jamespage: so, zookeeper needs some love .. wondering if you've looked at it
<jamespage> lemme finish up some ec2 testing stuff and I'll take a look.
<jamespage> whats the current issue?
 * jamespage takes a look for SpamapS
<[diablo]> good morning all... I am looking to recruit an Ubuntu systems administrator for London.
<[diablo]> if anyone is interested please private message me
<RoyK> wouldn't advertising the regular way be better?
<[diablo]> RoyK, I can not find exactly what I require ... too many RHEL guys with no Ubuntu experience
<[diablo]> RoyK, hence mentioning it here .... also if at all possible I would like to place an announcement in the forums
<shauno> [diablo]: you may want to look into mailman.lug.org.uk/mailman/listinfo/linuxjobs
<[diablo]> hi shauno many thanks ! I will check that
<shauno> probably a better use of time than hoping a significant amount of the 280 people in here are anywhere near london
<[diablo]> shauno, I knew it would be a long shot, but still one I feel is worth trying, no harm
<SpamapS> jamespage: the issue is that the latest version isn't packaged, and zookeeper was removed from Debian squeeze .. we need to bug them to package the new one and maybe even provide a patch for that.
<jamespage> SpamapS: did a bit of digging - the reason it was removed from squeeze was that the maintainer was unable to continue working on it
<jamespage> see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602694
<uvirtbot> Debian bug 602694 in zookeeper "not yet good enough for stable" [Serious,Open]
<SpamapS> jamespage: good opportunity for you to join the debian java package maintainer team
<jamespage> and some other misc issues
<jamespage> SpamapS: so I did discuss this briefly with mathiaz
<jamespage> ages back
<SpamapS> jamespage: Its a key component of Ensemble so you'll probably be pinged again soon about it. :)
<jamespage> my understanding was that the zookeeper (and hadoop) packages are not great as they stand
<jamespage> he was working with upstream (cloudera)  to resolve this issue (but I suspect no longer)
<jamespage> i.e. align the best upstream to Ubuntu/Debian so build from source becomes easier
<SpamapS> Well the package works fine.. just needs to be well maintained
<jamespage> or maintained at all; I'll take a deeper look once I've got some of my immediate workload out of the way
<SpamapS> Yeah nothing immediate.. just an FYI really
<jamespage> I'm seriously lacking in zookeeper experience so I will try to swat up on that as well
<Daviey> jamespage, Can i jump on you about something else? :)   What is the process for getting a java applet signed?
 * jamespage looks for a good howto
<jamespage> Daviey: whats the context?
<Daviey> jamespage, getting NX java applet to not show a warning.
<jamespage> ah - that old chesnut
<Daviey> it is signed... but untrusted... so assume they didn't use a valid CA?
 * Daviey has NFI about signing java applets
<jamespage> So its really self-signed - i.e. there is no trust path to a good 3rd party
<Daviey> guess so!
<jamespage> Well the process is normally as you would for say a web server certificate.
<jamespage> Albeit a few jar specific bits and pieces.
<jamespage> Daviey: this might help http://download.oracle.com/javase/6/docs/technotes/guides/plugin/developer_guide/rsa_signing.html
<Daviey> jamespage, thanks!
<phoenixsampras> help, how to setup a email server with smtp and imap and webmail?
<oCean> !mta
<ubottu> A Mail Transfer Agent (MTA) is the server software that sends and queues mail. The default MTA (and !MDA) on Ubuntu is !postfix ("exim" is also officially supported). See also !MailServer and !MUA
<phoenixsampras> does postfix supports mailing lists?
<Daviey> SpamapS, re-basing your sysvinit patch.... again
<shauno> phoenixsampras: you can have multiple recipients for an alias, which sort of does the job, but you'll likely do better with dedicated mailman / majordomo type jobs
<Daviey> SpamapS, uploading http://pb.daviey.com/IoR5/raw/ ok?
<phoenixsampras> oh nice
<phoenixsampras> ok , ill setup a Ubuntu server now!
<phoenixsampras> im sick of centos
<laen> Heretic.
<RoAkSoAx> morning all
<uvirtbot> New bug: #729077 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729077
<jibel_> hggdh, jamespage , I pushed alternate iso testing to usit. Can you please review the packaging part ? thanks
<jamespage> jibel_: ack - will look in a bit
<jamespage> hggdh, smoser: around?
<smoser> here
<jamespage> smoser: cool; something to show you
<jamespage> http://ec2-174-129-162-244.compute-1.amazonaws.com:8080/
<jamespage> so this is a test Jenkins setup for executing the ec2 testing.
<jamespage> tests (read jobs in Jenkins) are aligned to the test cases as tracker in the ISO tracker.
<jamespage> it does *work* (i.e. it runs up charges on my aws account) so I've not splurged on running tests yet
<jamespage> but I have run 1 low cost one so you can see the type of output you get
<smoser> jamespage, dude, that absolutely RULES
<jamespage> smoser: it will run multi instance testing as well; tested but on lower than normal volumes
<jamespage> smoser: can you take a look at http://ec2-174-129-162-244.compute-1.amazonaws.com:8080/job/natty_ec2_us-east-1_cloud-config/lastSuccessfulBuild/artifact/us-east-1a/i386/m1.small/instance-store/i-0b050267/d91deda5-11c0-45c7-9c4f-64d528016a17-terminated.console.txt/*view*/
<smoser> volumes ?
<jamespage> so I ran it using t1.micros - 5 instances rather than 10
<jamespage> thats not setup in this config - I did that from the command line.
<smoser> you're seeing https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/728167
<uvirtbot> Launchpad bug 728167 in cloud-init "failure on apt-get update should be warning" [Medium,Triaged]
<smoser> and our archives being hosed in ec2 at the moment
<smoser> (although they should be getting fixed)
<jamespage> yeah - I has going to ask about archives
<smoser> the real problem is that archives are messed up, and so cloud-init failed the update and then did not install packages
<smoser> so i've changed that in trunk so that it will *try* to install the packages
<smoser> but thats not guaranteed to work
<jamespage> nice - I used cloud-init on natty to setup this test instance of jenkins - worked real sweet for me.
<jamespage> generation of jobs is also automated.
<jamespage> and when you submit a job (which you need to login todo) you can specify a build number (for candidate testing)
<jamespage> (its also the built from source for Ubuntu Jenkins BTW :-))
<jamespage> smoser: so next time we do a round of testing it would be good to try it here as well - I'll talk to robbiew about potential extra costs.
<smoser> jamespage, thank you very much for your work on this.
<smoser> its $50 or so to run the tests, not a huge deal
<smoser> i think its just $8 to run the i386 tests on all regions even.
<smoser> something like that
<eMgz> I want to opan a GRE over IPsec tunnel between two vpns, I can see my packets going from my subnet through the GRE tunnel interface, but they are not reaching the eth0 interface, what am I missing?
<jamespage> smoser: np - I've really enjoyed getting the exposure to boto and ec2/aws
<smoser> but anyway, i do want to look at the test suite you have going a bit more and help out with making it better.
<jamespage> thanks
<jamespage> I've tried to mimic what your scripts did as much as possible; going to put together some wiki pages to explain....
<jamespage> jibel_ : usit merge approved and uploaded to testing PPA
<jibel_> jamespage, great! thx
<jamespage> jibel_: np
<RoAkSoAx> hggdh: Morning!!
<RoAkSoAx> hggdh: so I think after the testing I did yesterday it would be safe to invalidate the powernap/euca bug
<RoAkSoAx> as you couldn't reproduce the error either
<hggdh> RoAkSoAx, I agree. I would say whatever the issue was, it got auto-resolved on the newer build(s)
<hggdh> jamespage, I am also here, sort of late answer to your ping
<jamespage> hggdh: read above and take a look at http://ec2-174-129-162-244.compute-1.amazonaws.com:8080/
<hggdh> jamespage, already there :-)
<hggdh> jamespage, *very* cool
 * jamespage reserves the right to run any jobs for the time being....
<hggdh> jamespage, oh, why?
<hggdh> :-)
<jamespage> :-) using my access keys....
<hggdh> jamespage, you might like to run one test on the super-extra-humongously-large type they now have, I hear it is less than $10k per hour...
<jamespage> hggdh: nice - guess that one won't be in the normal test cases then
<hggdh> jamespage, well, I can guarantee you it will not...
<orudie> how can I get my ubuntu server to resolve the right IPs of local machines that are located on the same LAN ?
<orudie> i figured out the hostnames that are static, by adding them in hosts file, but how about DHCP clients ?
<orudie> or DHCP hostnames
<air^> orudie: that's for your local dns to handle
<orudie> air^, do you mean I have to put a local DNS server in /etc/resolv.conf ?
<air^> orudie: I mean, if you want to resolve ip's, you need something to resolve them from.
<air^> orudie: so, what are you trying to do? :)
<orudie> air^, taking care of DNS on my LAN here
<compdoc> my firewall provides dns, and has a page where you define local hosts
<air^> if you have your own dns, then yes, that's what you should use.
<air^> orudie: and what is your dhcp server? a regular router?
<orudie> air^, the local DNS is handled by win 2008 DC , will that be compatible with ubuntu server ?
<orudie> DHCP server is dd-wrt
<air^> orudie: ok, so what are your dhcp clients and what are you trying to achieve?
<compdoc> the dns service in windows server works well
<compdoc> just dont use wins
<orudie> compdoc, i'm not using wins
<air^> orudie: what names is it you want to resolve?
<orudie> air^, achieve? nothing in particular, just want to make sure that my DNS is right.
<orudie> air^, DHCP names
<air^> orudie: DHCP gives out a free IP. what name would you like it to have?
<air^> orudie: are you talking about unique names dedicated to the machine, or a unique name locked to the IP?
<orudie> air^, like mike-pc
<air^> orudie: in that case, give the machines dedicated ip's instead of dhcp, and set it up in DNS?
<air^> orudie: or use dd-wrt's static dhcp mapping?
<air^> orudie: DNS is when you map a hostname to an ip. not when an ip automatically resolves an hostname from a random machine and maps itself to it.
<air^> +to
<orudie> air^, let me check what I have set up in DNS in ESXi host where this Ubuntu Server resides
<mgorak> Does anyone know if the --tmpfs option is still available with vm-builder on ubuntu 10.10
<mgorak> As I am running into errors while trying to execute a build with this option
<RoAkSoAx> Daviey-: I'm working on your script btw
<Daviey-> RoAkSoAx, Good... I'm  not proud of that code.
<RoAkSoAx> Daviey-: hahah now worries, as long as it works... :)
<Daviey-> :)
<Daviey-> RoAkSoAx, have you tried it?
<RoAkSoAx> Daviey-: yeah! I like it though I'm merging download/test together and adding the possibility to specify user and release
<RoAkSoAx> and then save to a file
<Daviey-> RoAkSoAx, cool
<Daviey-> RoAkSoAx, Gotta love the screen scraping?
<Daviey-> :)
<RoAkSoAx> hehe
<Daviey-> RoAkSoAx, The bug i quoted the other day was wrong, the bug that means you can use the API is bug #610491
<uvirtbot> Launchpad bug 610491 in launchpad "[API] Please expose getPublishedSources(package_creator,package_signer)" [Low,Triaged] https://launchpad.net/bugs/610491
<Daviey-> "not a priority" i was told
<RoAkSoAx> too bad
<RoAkSoAx> i don't think it is that hard either
<RoAkSoAx> we should probably provide a patch ourselves
<Corleone> hi, i cant get my ubuntu connect to my router using WEP, but it has no problem connecting when WEP is off, any ideas??
<ivoks> Corleone: server? or desktop?
<cerealkllr> smoser, ping
<Corleone> server
<ivoks> Corleone: you are using wpa_supplicant?
<Daviey-> cerealkllr, smoser is afk... can anyone else help?
<cerealkllr> Daviey-, I'm looking at https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/615442
<uvirtbot> Launchpad bug 615442 in eucalyptus "euca-describe-users fails with ImportError: No module named euca_admin.users" [High,Confirmed]
<cerealkllr> there seem to be two issues here. A messed up import and the fact that we dump the python admin tools in /usr/sbin/ along with the rest of the eucalyptus scripts
<Daviey-> cerealkllr, yeah... i'm familar with that bug
<Daviey-> cerealkllr, IIRC a python setup.py was sent to you chaps?
<Corleone> ivoks: what do u mean?
<Daviey-> cerealkllr, you know bug #717166 is causing the most pain atm?
<uvirtbot> Launchpad bug 717166 in eucalyptus "Broken with v4 isc-dhcp-server in Natty" [High,Triaged] https://launchpad.net/bugs/717166
<ivoks> Corleone: what tools do you use to connect server to wifi network?
<cerealkllr> Daviey-, yep, nurmi is looking into it
<Corleone> just iwconfig
<ivoks> Corleone: is packages 'wpasupplicant' installed?
<ivoks> package
<Corleone> how do i check?
<ivoks> dpkg -l | grep wpasupplicant
<ivoks> or, oh, just:
<ivoks> dpkg -l wpasupplicant
<Corleone> yes its installed
<RoAkSoAx> cerealkllr: Daviey- Correct me if I'm wrong but regardless of whether there's a setup.py or not, those files can be installed in usr/share/pyshared and the packaging should handle it by itself and install the files where they should or symlink to /usr/lib/python2.7/<...>
<laen> You're running a server and have no idea how (from the huge amount of ways to do that) to check if you have a package installed. Maybe you shouldn't run that server.
<Daviey-> RoAkSoAx, Oh aye, it was just a damn amount easier to run a dh rule
<Corleone> ivoks: wait, it displays it, but how do i know its installed, its a bit confusing
<ivoks> Corleone: are you passing the key is hex?
<Daviey-> RoAkSoAx, equally... running python-central or similar is a pain in the butt manually
<Daviey-> RoAkSoAx, last cycle ran out of time to fix it properly
<ivoks> Corleone: are you passing the key in hex?
<Corleone> ivoks: yes
<Daviey-> RoAkSoAx, Patches welcome :)
<RoAkSoAx> Daviey-: not really i can take a look at it though :)
<RoAkSoAx> will do
<ivoks> Corleone: try s:string
<Corleone> i did, didnt work
 * RoAkSoAx enjoys python pacging
<RoAkSoAx> packaging*
<Daviey-> RoAkSoAx, Awesome... merge proposal ready for Monday morning UTC? @:)
<Corleone> ivoks: how do i know its installed, wpasupplicant, it lists it, but the output is confusing
<RoAkSoAx> Daviey-: ehhe will start taking a look post launch... i'm off to launch :)
<ivoks> Corleone: it should start with ii
<Corleone> ohhh yes it does
<ivoks> but wpasupplicatn is just for wpa/wpa2 (i just realized that)
<Corleone> yep, i need WEP
<Daviey-> RoAkSoAx, it probably makes sense to split it out into a seperate  binary package of python-eucalyptus-admin or similar
<Daviey-> RoAkSoAx, lemme see if i can find the setup.py
<Corleone> ivoks: brb
<ivoks> Corleone: do you get an error when issuing iwconfig command?
<RoAkSoAx> Daviey-: oki, post it in the bug
 * RoAkSoAx will be back
<RoAkSoAx> later
<Daviey-> cerealkllr, found the mail - http://pb.daviey.com/ZcRO/raw/
<Daviey-> RoAkSoAx, ^^
<Daviey-> cerealkllr, Regarding the dhcpd bug, has nurmi started it?  I'm happy to help if he can push a scratch branch somewhere?
<Daviey-> cerealkllr, It's just that this bug is really blocking us.
<Corleone> ivoks: you there?
<ivoks> Corleone: yes
<ivoks> Corleone: but only for couple of minutes
<Corleone> oh ok
<ivoks> Corleone: did iwconfig return an error?
<Corleone> i got no error when i issue the iwconfig
<ivoks> Corleone: how about /var/log/syslog
<Corleone> how do i access it
<ivoks> less /var/log/syslog.2.gz
<cerealkllr> Daviey-, yeah I think nurmi is working on it
<ivoks> argh
<ivoks> less /var/log/syslog
<cerealkllr> Daviey-, I'll ping him for an update
<Daviey-> cerealkllr, super, thanks
<Corleone> ivoks: yeah, okay
<Corleone> done
<ivoks> well, look for errorss
<Corleone> ivoks: okay im rebooting
<uvirtbot> New bug: #729257 in xinetd (main) "enabling INETD_COMPAT in xinetd forces -inetd_ipv6" [Undecided,New] https://launchpad.net/bugs/729257
<ivoks> ?
<Corleone> the server
<ivoks> why?
<Corleone> cos i issued loads of commands in the mean time, too many errors lol
<Corleone> i got the iwconfig at bootup anyway
<ivoks> open one terminal and run 'tail -f /var/log/syslog'
<ivoks> and then issue commands in another terminal
<ivoks> note that logs have timestamps :)
<ivoks> anyway, i have to go now
<Corleone> okay
<knoxy> Hi all.. After I upgrade my ubuntu server 9.10 to ubuntu 10.04, I get this message: http://img820.imageshack.us/f/capturadetela2m.png/
<knoxy> Please, somebody help-me
<knoxy> my MySQL Server is down...
<ivoks> knoxy: system doesn't see your disk
<ivoks> knoxy: look if there's /dev/disk/by-label/c513c*
<ivoks> errr
<Corleone> ivoks: dhclient cant get an offer
<ivoks> knoxy: /dev/disk/by-uuid/c513c*
<Corleone> no DHCLIENTOFFERS received
<knoxy> ivoks, I'm trying do boot with live cd... and I can see this uuid
<ivoks> knoxy: no, not live cd, but the system
<ivoks> knoxy: when it fails, you are in busybox, from which you can do some debugging
<knoxy> ivoks, man, please, how can I do to fix it??
<ivoks> didn't i just tell you what to do?
<knoxy> the system has running normally since 8 am
<knoxy> 14:00pm the system crash..
<ivoks> did you boot the system into busybox?
<ivoks> it's 20PM over here, it's friday
<knoxy> ivoks, this debug is of the mysql machine
<ivoks> your time is ticking... i'm about to go out :)
<Corleone> lol
<ivoks> remove the live CD, boot the system
<knoxy> ivoks, ok..
<ivoks> wait for it to not boot and enter busybox
<ivoks> then look if there is /dev/disk/by-uuid/c513c*
<knoxy> hmmm
<ivoks> ppetraki: hi ;)
<knoxy> ivoks, how?
<ivoks> ls
<ppetraki> ivoks, miss me?
<ivoks> ls /dev/disk/by-uuid/c513c*
<ivoks> ppetraki: always :) got a new ...?
<knoxy> ivoks, http://img69.imageshack.us/f/capturadetela3w.png/
<ivoks> knoxy: try mount /dev/disk/by-uuid/c513... /root
<knoxy> ivoks, Invalid argument
<RoyK> erm ... mounting dev on /root/dev?
<RoyK> sounds like a rather bad idea to me
<ivoks> looks like your FS got screwed
<ivoks> RoyK: busybox
<RoyK> shouldn't busybox use /dev as well?
<ivoks> what's important here is that he cannot mount his root partition
<knoxy> RoyK, try to mount in /dev ?
<ivoks> his filesystem is broken probably
<knoxy> ivoks, so, I try to run the live cd to run fsck
<knoxy> because I think the FS is screwed
<ivoks> knoxy: that would be the next step, yes
<RoyK> knoxy: did you configure this busybox setup yourself?
<knoxy> RoyK, yes
<RoyK>  /root is just user root's homedir
<RoyK> dev should be mounted on /dev
<RoyK> same with proc and sys
<ivoks> RoyK: man
<ivoks> RoyK: it's busybox
<ivoks> RoyK: it mounts filesystems inside /root
<ivoks> RoyK: then does chroot or pivot_root
<RoyK> oh
<RoyK> ok
<ivoks> and then boots the system
<RoyK> didn't know that
<ivoks> it's initrd
<ivoks> anyway, i won't be here to wait for fsck results :)
<ivoks> i'm off to get some beer :)
<knoxy> ivoks, RoyK look the 'ls -l'
<knoxy> http://img848.imageshack.us/f/capturadetela4.png/
<RoyK> ivoks: I guess /etc/init.d/udevtrigger must be started first to create those /dev//disk/by-uuid entries
<knoxy> look the size
<RoyK> either that or use device names directly instead of uuids
<ivoks> RoyK: look at /etc/initramfs-tools/ ;)
<ivoks> knoxy: boot live cd and check the disk
<ivoks> maybe your disk died
<ivoks> in a strange way
<ivoks> stupid me
<ivoks> knoxy: those are links
<ivoks> knoxy: just fsck your filesystem
<knoxy> look man
<knoxy> when I try to run the fsck
<knoxy> http://img215.imageshack.us/f/capturadetela1l.png/
<knoxy> reiserfsck --rebuild-tree /dev/sda1
<knoxy> and all of parameters hehe
<ivoks> reiser?!
<ivoks> you were just looking for the trouble, weren't you? :)
<RoyK> wifekillerfs...
<soren> http://blog.calcifer.com.ar/uploads/2007/07/jitcrunch.jpg
<soren> Favourite reiserfs t-shirt.
<ivoks> knoxy: looks like a broken disk, run some S.M.A.R.T diagnostics
<soren> ivoks: From the looks of it, this is a virtual machine.
<ivoks> soren: :)
<soren> ivoks: They don't often do SMART.
<ivoks> soren: good catch :)
<knoxy> ivoks, SMART disgnostics?
<ivoks> knoxy: ignore
<ivoks> check your VM host
<ivoks> or at leat fdisk -l /dev/sda
<ivoks> least
<knoxy> in live cd?
<ivoks> errr
<ivoks> did you prepend sudo to reiserfsck?
<knoxy> yes
 * RoyK would /never/ use reiserfs for an embedded machine
<ivoks> does 'sudo fdisk -l /dev/sda' works?
<knoxy> RoyK, thanks]
<knoxy> ivoks, no
<ivoks> i would never use resierfs.
<knoxy> the same error
<knoxy> "exited by code 6"
<ivoks> knoxy: then your virtualization is broken
<RoyK> _LM_: cat /proc/partitions
<RoyK> erm
<RoyK> knoxy: that was for you (cat...)
<ivoks> maybe out of space or something
<ivoks> by the looks, that's windows
<ivoks> soren: so, how are you?
<knoxy> ivoks, in VM host: 145GB free
<ivoks> then something else broke... but your VM isn't passing the working disk to the virtualized guest
<ivoks> so, go figure :)
<ivoks> take care... beer time
<RoyK> whoever said beer time is incompatible with hacking :Ã¾
<Corleone> hi, i cant get my ubuntu connect to my router using WEP, but it has no problem connecting when WEP is off, any ideas??
<RoyK> Corleone: using ubuntu server with a wireless card?
<Corleone> yes
<Corleone> at least for now
<RoyK> dunno - I've done it with WPA/PSK
<RoyK> WEP isn't very good
<RoyK> 40bit WEP is cracked in seconds/minutes, 128bit WEP takes a little longer, but is still very insecure
<RoyK> WPA2/PSK is quite good
<RoyK> or old WPA/PSK
<Corleone> yep, i know, but i need to connect my server to my router
<knoxy> ivoks, RoyK I revert to my current snapshot...
<knoxy> and now, the machine is ok
<RoyK> k
<knoxy> but, it's a MySQL guest..
<knoxy> all data of the day has been lost
<RoyK> backup's for cowards
<RoyK> knoxy: if you're experimenting on a live server, keep backups updated
<knoxy> RoyK, yes.. this experience changes my mind :/
<knoxy> thanks for the support
<uvirtbot> New bug: #729288 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729288
<nertil> how to decrypt encrypted username folder on ubuntu?
<EvilPhoenix> you... cant?
<EvilPhoenix> at least i dont think you can
<nertil> okey
<EvilPhoenix> i'm probly wrong though
<RoyK> nertil: setup 100+ machines to bruteforce the password :D
<EvilPhoenix> so you should wait for the rest of the people :P
<EvilPhoenix> lol
<EvilPhoenix> what RoyK said
<nertil> RoyK
<nertil> im the owner of that userna
<nertil> im the owner of that username
<RoyK> sure, I'm just saying all you can do is to bruteforce it
<RoyK> it's safe
<RoyK> secure
<RoyK> etc
<nertil> so icant decrypt at all
<RoyK> if you buy a good iron safe and lose the key, well, you need to force it open
<nertil> okey than can u tell me how to copy/paste a folder to other unencrypted username?
<nertil> RoyK i can open
<nertil> i want to remove that decryption option
<RoyK> the encryption option, you mean?
<nertil> i dont want my username to be encrypted
<nertil> so i want to remove encryption
<nertil> i can open cause i know the password
<RoyK> if so, mount the filesystem, do a cp -a /path/to/encrypted/fs /new/path/on/unencrypted/storage
<RoyK> then remove the encrypted filesystem
<nertil> ok
<nertil> can u tell me how to copy/paste a folder from encrypted username to another?
<RoyK> man cp
<RoyK> it's like copying from anywhere else
<RoyK> so long as the encrypted filesystem is mounted, it's readable for all the system
<RoyK> or at least for whoever has access there
<soren> ivoks: Busy :(
<soren> ivoks: I'm preparing for a talk tomorrow. People are drinking beer, I'm stuck in my hotel room.
<soren> ivoks: And you?
<soren> ivoks: I never understand a thing of the stuff you write on Facebook. You could have been to the moon for all I know :)
<lool> Hmm I'm puzzled: this works python -c 'import boto; c=boto.connect_s3(); print c.get_all_buckets()'
<lool> but it doesn't work with ipython, or wihin bpython
<soren> How does it fail?
<soren> lool: ^
<lool> soren: http://paste.ubuntu.com/575678/
<lool> I get other weird failures with other functions
<Daviey> SpamapS, around?
<RoAkSoAx> Daviey: ok so I was looking at the packaging and wondering if there's a setup.py, i believe it should handle the installation of everything rather than just the installation of the python related stuff, so I think we'll have to adjust the packaging to install the python files themselves
<Daviey> RoAkSoAx, Did you not see my pastebin entry ^^ with a setup.py?
<Daviey> Also, you need to patch out the installing of the py's in the ant stuff
<lool> soren: the actual error is: <Error><Code>AccessDenied</Code><Message>AWS authentication requires a valid Date or x-amz-date header</Message><RequestId>D8F7C0AB815EECA6</RequestId><HostId>8ilWXTAmC7tnnkVXInKq9+WAs5ukE48F5PbA+Bil8/Cg+2v2WQsC6tpgYAUufVZB</HostId></Error>
<lool> but I still don't understand why it only happens with bpython/ipython
<lool> soren: Ah!  LC_ALL=C and it works
<lool> so it's some obscure locale related thing
<RoAkSoAx> Daviey: yeah I was just thinking in something else. Let me do it first and I'll show you
<Daviey> lool, Gah... can you report it?
<RoAkSoAx> Daviey: dude don't you go out to party or something??
<Daviey> RoAkSoAx, The rules file is somewhat complicated already, if we can use dh for this - i'd be happier
<Daviey> RoAkSoAx, I have children :)
<RoAkSoAx> Daviey: ohhh i guess I'll have to take lots of pisco to Budapest then :P
<RoAkSoAx> Daviey: and just let me do what I have in mind and you'll see. Btw... do you want to switch the packaging to dh7?
<Daviey> RoAkSoAx, That makes me do silly things..
<lool> Daviey: Yup, I'm actually looking at a replacement function right now
<lool> issue is in boto/auth.py; search for 'Date'
<Daviey> RoAkSoAx, If it's not too intrusive, go crazy!
<lool>             headers['Date'] = time.strftime("%a, %d %b %Y %H:%M:%S GMT",
<lool>                                             time.gmtime())
<lool> This outputs: ven., 04 mars 2011 20:52:41 GMT
<lool> in French
<lool> I guess what happens is that boto itself doesn't initializes locales, but bpython/ipython do
<Daviey> lool, Ah, that is probably  why smoser and me wouldn't have come across that.
 * Daviey needs to try bpython... is it better than ipython lool ?
<lool> email.Utils.formatdate() seems to be a good replacement
<lool> Daviey: I used bpython very little, because I never tried it much; it seems to be a bit nicer than ipython
<Daviey> echo "try bpython" >> ~/todo.list
<uvirtbot> New bug: #729335 in linux (main) "apache doesn't start on linux 2.6.38-5" [Undecided,New] https://launchpad.net/bugs/729335
<RoAkSoAx> Daviey: still around?
<Daviey> RoAkSoAx, pretty much
<RoAkSoAx> Daviey: does this look sane to you? http://pastebin.ubuntu.com/575725/
<RoAkSoAx> Daviey: and against what branch should I be proposing the merge and getting the source lp:ubuntu/natty/eucalyptus?
<RoAkSoAx> Daviey: and to raise a bug/concern to upstream euca where should I do it?
<Daviey> RoAkSoAx, no, not that branch
<Daviey> RoAkSoAx, lp:~ubuntu-virt/ubuntu/natty/eucalyptus/natty
<Daviey> RoAkSoAx, lp.net/eucalyptus for bug
<lool> Daviey: From playing with it, bpython has a very nice rewind feature which let's you go back in time, rewinding history
<lool> unfortunately, it doesn't seem to have support for searching previous commands in history, which is what I do most of the time in ipython
<RoAkSoAx> Daviey: oky. And well It's fixed now will be submitting the branch in a bit for you to merge it
<Daviey> lool, nice!
<Daviey> lool, it rolls back objects aswell?
<lool> I don't know
<lool> I don't like the default colors, but the UI is very nice in bpython
<lool> with intelligent sorting / hiding of functions, highlight of the function you're typing etc.
<lool> the theme seems easily customizable
 * Daviey looks forward to trying it
<Daviey> RoAkSoAx, NFI what that paste is showing me btw
<RoAkSoAx> Daviey: dpkg -c eucalyptus-common<etc/etc>.deb
<RoAkSoAx> ?
<Daviey> RoAkSoAx, yes, but why?
<RoAkSoAx> Daviey: that pastebin now shows that euca_admin has bin installed in usr/share/pyshared and symlinked to the correct python (/usr/lib/python2.7/dist-packages and /usr/lib/python2.6/dist-packages)
<RoAkSoAx> and that's handled by python-central
<Daviey> ahh i see
<RoAkSoAx> Daviey: there: https://code.launchpad.net/~andreserl/ubuntu/natty/eucalyptus/natty/+merge/52264
<spydmobile> Hi friends i need some advice before I break something, I have 3 servers: old32, old64 and new64, old32 = ProLiant DL360 G5 with a 2 drive raid for OS and a 6 drive (400GB)raid for data mounted as /HOME ruuning server 8.10, old64 is ProLiant DL360 G5 with a 2 drive raid for OS running server 9.10 64-bit and last is new64 = ProLiant DL360 G6 with a 2 drive raid for OS running server 10.10 64 bit. New64 is production and is li
<spydmobile> Would I be able to unplug the 6 raid drives from old32 and plug 3 in old64 and 3 in new64 and not have to reinstall ubu server 10.10 64? Thanks for any direction here....
<PatrickDK> spydmobile, that should work just fine
<Datz> Hi, if anyone familiar with using the virtual kernel images?
<Datz> -images
<spydmobile> PatrickDK: Thanks!
<Datz> I've done something like: aptitude install linux-image-2.6.32-27-virtual
<Datz> but it looks as though the virtual kernel relies on the -server kernel config or something, as if I "aptitude purge" the old -server kernel I get kernel panic
<Datz> so I remove and not purge, and all works
<Datz> but now when I: aptitude safe-upgrade it looks as though it's not trying to upgrade to the lastest -virtual kernel, but rather -server kernel
<Datz> does anyone have experience with the -virtual kernel that could help with figure out what's going?
<Datz> If I'm going to have to manually update to the latest -virtual kernel and use some -server kernel config I'm just going to stick with -server :P
<xnox> I've generate my own SSL CA & Site key/pem sertificates. I've updated the apache2 config and restarted. Yet Apache still presents the "old" snakeoil certificate!
<xnox> What did I not do to "replace" the servers ssl certificate?
<phoenixsampras> what is the best way to install ubuntu server remotely?
<xnox> phoenixsampras, define "remotely" =) you can do netboot or boot it with ssh server and run install from ssh
<xnox> phoenixsampras, you can use preseed, and hope it will install it self and come alive on the network.
<uvirtbot> New bug: #729408 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729408
#ubuntu-server 2011-03-05
<knoxy> ivoks: hi
<knoxy> ivoks: I've more problems with my mysql server ubuntu...
<knoxy> somebody help-me... look at http://img132.imageshack.us/f/capturarod.png/
<knoxy> the problem
<knoxy> the load average is very high now
<knoxy> and I dont know what is the problem..
<knoxy> what's kblockd ?
<DictatorZero> Hey, I was wondering if there was anyone on who wouldn't mind giving some advice on a ubuntu server install for a web server
<pw-toxic> hi, can someone please help me to configure my samba server, so I windows7 users can access my public drives without having to prompt a username and password. I have now wasted ~1 hour configuring and reading about samba ;(
<pw-toxic> I can already connect to ma shares with a certain user, but public shares dont work
<pocketman> anyone have any experience with dyndns and subdomains?
<pw-toxic> pocketman, i have a virtual host entry for each subdomain of my dyndns domain
<pocketman> nm, got it. Thanks anyway!
<Gadu> I changed out most of the hardware on my server machine and the new onboard LAN does not show up in 'ifconfig'. It does show up in lspci though.
<Gadu> I tried a different LAN card and that was a no go as well (also shows up in lspci)
<Gadu> interestingly enough, booting up a live CD with either of them plugged into a LAN cable results in it working
<Gadu> but if I boot the Live CD with one plugged in and switch the cable to the other, it doesn't not function
<Gadu> My assumption is that I need to change something on the currently installed OS but I'm not sure what
<NicholasRoge> Anyone mind giving me a hand?  I"m running a server, and using ubuntu server as the OS.  But for some reason, I can't access the sql server from outside localhost.  Anyone mind helping me figure out why?  (I've already made sure to forward port 3306)
<Gadu> nvm, the new cards are registered as eth2 and eth3 so I just changed /etc/network/interfaces and restarted networking =P
<Gadu> NicholasRoge: did you have apache and phpmyadmin?
<Gadu> that's probably the easiest way, and you'd just forward port 80 and not 3306
<Gadu> then access it via <serverip>/phpmyadmin
<Gadu> or the url if you have one
<NicholasRoge> Sorry, had to step away from teh computer.  And I have phpmyadmin, but I'd like to be able to user MySQL Query Browser.
<iggi> Himm, I keep getting this weird error. Whenever I install ubnutu 10.10 on a KVM guest it times out with the resolution of the repos, but continues just fine when I hit enter (which is supposed to cancel). Only happens on file 1 (looking up and retrieving) works fine for the others after I hit enter
<Gadu> did you comment out "bind-address" in /etc/mysql/my.cnf ?
<Gadu> make sure you set a root password for your mysql as well (if you haven't already)
<NicholasRoge> Let me check
<NicholasRoge> I need to comment out bind-address?
<Gadu> yes
<NicholasRoge> That would be the  problem.
<NicholasRoge> Thanks.
<Gadu> np ^_^ use sudo /etc/init.d/mysql restart after you comment it out
<NicholasRoge> Of course.  :3
<Gadu> XD
<Gadu> when I started out, I rebooted a linux server for everything until I learned of the init.d magic haha
<Gadu> so I like to include it just in case
<Datz> ]Hi, I was wondering if anyone was here earlier when I asked about -virtual kernel?
<Datz> my box had some issue.. and halted for about an hour..
<Datz> eh
<Datz> does anyone here use the -virtual kernel that could answer a few simple questions for me?
<Datz> 1. if I use the -virtual kernel, will kernel updates be possible with aptitude safe-upgrade?
<Gadu> Datz: I can't imagine a reason to prevent kernel updates through safe-upgrade with the -virtual kernel
<Gadu> as long as you got the -virtual kernel from a repository, you'll get updates for it
<Datz> Gadu: thanks, aptitude search shows a later -virtual kernel version than I have. and aptitude update/safe-upgrade both are up to date.. so to speak
<Datz> thinks may not be installed as they should be on the box though
<Gadu> install the later version via aptitude install for now
<Gadu> if it continues to go up in version without updating, something is wrong indeed
<Datz> the stange thing(or normal?) I noticed is if I purge the -server kernel package instead or "remove" it, I get kernel panic when the -virtual kernel is installed.
<Gadu> try purging -server and installing the newer -virtual at once
<Datz> ok, I can try that. Tried before and that's what gave me panic, but I'll create a snapshot and try again :)
<Gadu> sudo aptitude purge linux-image-<version>-server ; sudo aptitude install linux-image-<version>-virtual
<Gadu> doing it in 1 line will probably help
<Datz> humm, ok let me try
<Datz> so just leave the current -virtual installed?
<Gadu> yes, until the new version is installed and tested
<Datz> ok
<Gadu> if I don't reply in a reasonable amount of time, just say my name (playing minecraft =P)
<Datz> hehe, np thanks
<Datz> ok, that worked, now let me try removing the old -virtual kernel
<Datz> ok, purged the old virtual kernel too, everything is working
<Datz> I don't know why this worked now, perhaps purging -server and installing the newer -virtual at once like you said?
<Datz> anyway, thanks. :)
<Gadu> more than likely and anytime XD
<Gadu> if no1's around in here, try me in PM, might be on haha
<Gadu> for the furture
<uvirtbot> New bug: #729477 in openssh (main) "package openssh-client 1:5.3p1-3ubuntu5 failed to install/upgrade: ErrorMessage: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/729477
<Bilge> If I do `ufw deny from 74.115.0.0/24`
<Bilge> Why can 74.115.0.10 still connect
<jmarsden> Bilge: Is ufw enabled? :)
<Bilge> Of course
<Bilge> Is it possible that the allow rules are taking priority?
<Bilge> Like being allowed to connect to a service from anywhere is given priority of being denied everything from somewhere
<Bilge> It's definitely not working
<Bilge> :(
<Bilge> Someone is fucking hacking my shit and I can't ban them and it's quite frustrating
<Bilge> I can keep banning each IP address one at a time but I'll have to do it 255 times before I've plugged it entirely
<Bilge> Why is ufw being useless
<Bilge> Or 253 or something since 0 and 255 are special I believe
<Bilge> Some asshole owns an entire /24 subnet and I can't do anything about it immediately
<iggi> Bah, I'm running into some issues with bad/hard to understand documentation for UEC
<iggi> for the most part it is accurate, but it changes termonoligy it seems
<jmarsden> iggi: File bugs against the docs.
<Bilge> jmarsden: why might it not be working?
<Bilge> This guy is totally taking the piss and hacking one of my services using every possible IP
<Bilge> It's 4am and I am going to be up all night manually banning each IP
<jmarsden> Bilge: Hard to know without a lot more work... what does  sudo ufw status     output (pastebin it)
<Bilge> OK
<iggi> jmarsden: Will do, it's a small name switch between a node and controller, but threw me for a loop
<Bilge> /Noticed it
<Bilge> I'm running the latest LTS
<Bilge> ufw 0.30pre1-0ubuntu2
<Bilge> Can't tell you how much I want to go to sleep right now, I'm supposed to be moving house tomorrow :(
<jmarsden> BTW, to add 255 rules for all IPs in a Class C (which you should not need to do) would be a one line command: for i in $(seq 1 255) ; do sudo ufw deby 74.115.0.$i ; done   # or something close
<Bilge> In bash you can do something like 1..255 and it expands it also
<Bilge> But I don't have time to relearn all that
<Bilge> And I would do it into my service's IP ban file (which can only ban one IP at a time) since ufw clearly isn't working anyway
<jmarsden> Looks like the rule order may be the issue, to me.  ufw is working, you just don't understand it fully yet.
<Bilge> OK but I wasn't aware that I could specify the order
<Bilge> So to me that isn't working
<Bilge> It just keeps appending new rules to the end
<Bilge> Presumably giving earlier rules precendence; which is a weird system if that is how it is actually working
<jmarsden> Rules are numbered, use sudo ufw status numbered to see that... sounds like you have not yet read the ufw man page??
<jmarsden> "First rule that matches gets applied" is pretty common logic in firewall filters, isn't it?
<Bilge> I've inserted it at the top now
<jmarsden> OK, does it work better now?
<Bilge> Time will tell
<Bilge> Just banned about the 30th IP manually heh
<jmarsden> Remove all the single ip rules and see if the rule order was the issue; if it was, you can relax and get some sleep.
<Bilge> The single IP rules are in the service being attacked
<Bilge> I turned to ufw to cut his range off since this crappy app only lets me ban single addresses
<Bilge> Then was dismayed to realise it didn't work
<Bilge> RTFM is a bit late when you're already being attacked heh
<jmarsden> OK, so read your log files to see whether ufw (iptables) is now blocking the packets...
<Bilge> Is it possible to configure `ufw status` to always output the rule number? It seems like a convenient and short piece of information, especially for deleting rules if not inserting them in the right order as well
<Bilge> Which log file would tell me this?
<Bilge> Looks like it is working now because he hasn't shown up again since inserting at the top
<jmarsden> OK... you did do sudo ufw logging on, right?
<jmarsden> If you did, the log entries should be in /var/log/messages by default (I think... my setup here is ... a little modified)
<Bilge> I think logging is off
<Bilge> That file is just full of --MARK-- lines
<jmarsden> You are running a production server and "think" that logging is off? :)
<jmarsden> sudo ufw loggin on    # will be a start
<jmarsden> sudo ufw logging on    # will be a start  (with the g)
<Bilge> Well I did `ufw logging` and it wouldn't tell me whether it was on or not
<Bilge> So how am I supposed to check?
<jmarsden> Just turn it on :)
<Bilge> I've never had to mess about with ufw; I just use it to map services that I deploy
<Bilge> And for that purpose it has worked adequately up until now
<Bilge> I imagined that firewall logs would be verbose as hell
<Bilge> Just a waste of disk space
<Bilge> Anyway, is it possible to attach a note with rules so that I remember why I banned this subnet?
<jmarsden> No, ufw is simple and small and doesn't easily let you do that.
<Bilge> Shame
<jmarsden> You can just add a short note about firewall configuration (and the output of sudo ufw status numbered) to your system admin log (assuming you keep one) for that server.  I suspect you could add a comment to the /etc/ufw/ufw.conf file, but that assumesyou will remember where that file is next time around :)
<Bilge> lol yes
<Bilge> I can see loglevel=off in that file
<Bilge> What does it get set to if I just specify "on"
<Bilge> It seems to expect low medium or high
<jmarsden> low, I think.  try it :)
<Bilge> Yes
<Bilge> Don't see anything in /var/log/messages though
<Bilge> I would extend ufw to support comments
<Bilge> It would be useful for all rules
<jmarsden> Go for it, it is open source :)
<Bilge> Well I was looking to you obviously since even if I did modify the source it would only benefit me
<jmarsden> No, you could upload the changes to bzr on Launchpad and request a merge in the usual way.
<Bilge> And I think it makes sense to include the rule number in the status output by default and an option to enable or disable it by default instead of having separate command (parameters) for that
<Bilge> Reason being that it conveys the importance of rule precedence more intuitively and makes rule deletion easier
<Bilge> For your consideration; I'm going to sleep :)
<jmarsden> OK.  Ah, try /var/log/ufw.log   when you wake up :)
<Bilge> No such file
<jmarsden> OK.  There's one here, and a few older rotated and compress versions of it, but that might be a local change I made, I forget.
<atari2600a> hey
<atari2600a> what's up w/ vbox support
<atari2600a> When I realized the installer had a vm guest option, I tried it out & now I get dropped to initramfs
<atari2600a> *BusyBox
<atari2600a> whichever you prefer to call it
<jmarsden> atari2600a: I have a feeling that options is for KVM virtualization, not Virtualbox, but I am not sure.
<jmarsden> A normal Ubuntu server install should work fine inside virtualbox.
<atari2600a> the wiki said the option's for most popular VM's, so I would assume vbox would count as that
<atari2600a> & the Ubuntu-server as a guest OS entry, complete w/ vbox installation instructions is there too, including instructions to install as a VM guest from the bootloader
<knoxy> hi all.. How the more recommended version of kernel to ubuntu as virtual machine (VMware ESXi) ? 2.6.x.x-server or 2.6.x.x-virtual ?
<jmarsden> atari2600a: OK... I've just used the "regular" server install in virtualbox and had no issues... maybe wasting a little RAM, I suppose.
<patdk-lap> knoxy, doesn't really matter, -virtual if it exists, for lucid though, it will just use -server though
<knoxy> patdk-lap: Thanks
<atari2600a> wait, found the problem, appearantly the minimal VM kernel doesn't support SATA
<atari2600a> oops?
 * atari2600a reconfigures
<atari2600a> & I'm actually going for saving some RAM :P
<atari2600a> poor, stuck w/ 2GB of DDR2
<Datz> Gadu: thanks man, will do
<atari2600a> ffffuuuuuuuuuuuu
<atari2600a> why isn't nano installed by default
<atari2600a> not everyone has the patience to boot into Vi D:
<iggi> my server installs have nano by default and vi, but not vim. I cant use vi efficently, but vim, yes. First apt-get right there.
<iggi> Can anyone help me with a UEC ssh key problem?
<[biabia]> in unattended upgrades seems like it would be a good idea to automatically remove unused dependencies but the default is false.  also, by default it only dl's security updates, and doesnt reboot when needed unless enabled.  ok to change those 3?
<uvirtbot> New bug: #729513 in squid (main) "package squid (not installed) failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/729513
<uvirtbot> New bug: #729517 in squid (main) "Installation failed (Paketoperation fehlgeschlagen)" [Undecided,New] https://launchpad.net/bugs/729517
<uvirtbot> New bug: #729574 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/729574
<RoyK> The short story "When sysadmins ruled the earth" from http://craphound.com/overclocked/download/ is a must for all good sysadmins :)
<pw-toxic> hi,  i want my samba server to allow guest logins
<pw-toxic> can someone please help me?
<pw-toxic> i have wassted several h urs for this
<bau-> hi all, i have a problem: i'm trying to install ubuntu server, but i can't connect to the internet with my wifi board (dlink)... any suggestion?
<uvirtbot> New bug: #729694 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729694
<uvirtbot> New bug: #729709 in munin (main) "Low max_processes leads to hosts being skipped" [Undecided,New] https://launchpad.net/bugs/729709
<HalbergM> Hey everyone!
<HalbergM> I have a very quick question if anyone would be so kind to answer. How do I find the public IP address for my server?
<iggi> Anyone able to help me resolve a UEC key issue
<NicholasRoge> If I CHMOD a directory to 777, is it possible for someone outside my website to upload things to it?
<jmarsden> world-writeable directories are generally a bad idea from a security point of view.  You should not need to do that for a web directory.
<EvilPhoenix> ^
<thesheff17_> So I see this article w/ holes in the ubuntu kernel. http://www.zdnet.com.au/ubuntu-peppered-with-holes-339310663.htm  I patched my the server but the kernel version is  2.6.32-29-server...does this version patched for these problems?  The article recommends linux-image-2.6.35-25-server 2.6.35-25.44~lucid1.
<EvilPhoenix> thesheff17_:  which distro you running?
<EvilPhoenix> s/distro/version/
<thesheff17_> lucid
<thesheff17_> 10.04 LTS
<EvilPhoenix> uhm...
<iggi> If you need that kernel, 10.10 is on 2.6.35.25 if upgrading is plausable
<EvilPhoenix> ^
<EvilPhoenix> yeah, that kernel isnt on 10.04 LTS
<thesheff17_> I need to stick w/ LTS
<EvilPhoenix> or if it is, i dont see it in the list
<thesheff17_> I see linux-image-2.6.35-25-server in the packages...but wondering if I should hold back.
<EvilPhoenix> i'd say this: "Do you ABSOLUTELY NEED that kernel"?
<EvilPhoenix> if no, then dont worry about it
<RoyK> iggi: 2.6.35 is in Lucid
<thesheff17_> I did apt-get install landscape-common linux-headers-server linux-image-server linux-server this doesn't get that latest version?
<RoyK> seems linux-image-2.6.35-27-generic is the latest - couldn't find a -server package
<thesheff17_> ah ok
<RoyK> thesheff17_: apt-get update && apt-get dist-upgrade
<Datz> thesheff17_: have you had a look here? http://www.ubuntu.com/usn
<RoyK> the upgrade won't install 2.6.35, though
<Datz> that's odd.. looks like 10.04 is abandoning the 2.6.32 kernel, or at least not providing fixes for it? http://www.ubuntu.com/usn/usn-1083-1
<thesheff17_> So I just did apt-get install linux-image-2.6.35-25-server and uname -a uses Linux vm020 2.6.35-25-server any reason not to do this?   Is there a reason there is a miss match?
<RoyK> thesheff17_: if you're already in 2.6.35, never mind
<Datz> RoyK: does that mean that 10.04 users should upgrade to the 2.6.35 kernel?
<RoyK> Datz: AFAICS, yes
<Datz> ah, k thanks
<RoyK> Datz: and AFAICS the article at ubuntu.com says this is done automatically
<EvilPhoenix> RoyK, i wish, it hasnt been done yet to my servers running 10.04 :/
<Datz> ok, well I'll have to wait and see, as I haven't see that yet
<RoyK> EvilPhoenix: try an apt-get upgrade && apt-get dist-upgrade
<RoyK> the dist- part will take it to a new subversion, which may help
<EvilPhoenix> cant.  upstream issues from my current locatoin to my server cant let me ssh in
<EvilPhoenix> ah... i see...
<iggi> I'm trying to setup UEC, and I followed the documentation, but something seems to be wrong with the key setup. I get the error "INFO: We expect all nodes to have eucalyptus installed in //var/lib/eucalyptus/keys for key synchronization." followed by errors stating node-cert.pem, cluster-cert.pem, and node-pk.pem are missing. I looked and cannot find where in the documentation it mentions
<iggi> setting up any of these keys.
<Datz> RoyK: apt-get upgrade && apt-get dist-upgrade doesn't have any new updates for me. :|
<Datz> oh well :P
<Datz> I guess I could always install the 2.6.35 kernel manually :)
<uvirtbot> New bug: #729780 in bind9 (main) "bind9 fails to create pid file." [Undecided,New] https://launchpad.net/bugs/729780
<RoyK> Datz: try that
<Datz> will do, thanks
<thesheff17_> Datz: any reason that 2.6.35 isn't set to the latest kernel for lucid?
<thesheff17_> I also just tried ksplice...which seems nice but also reports 2.6.32-29.58-server is the latest version
<Datz> thesheff17_: I was wondering that myself actually
<pmatulis> Datz + thesheff17_: the 2.6.35 kernel is not a lucid kernel.  it's the maverick kernel that people have the *option* to install
<thesheff17_> pmatulis: This article recommends linux-image-2.6.35-25-server for lucid which is confusing... Does the latest kernel for lucid address these problems in this article? http://www.zdnet.com.au/ubuntu-peppered-with-holes-339310663.htm
<RoyK> thesheff17_: those are fixed in 2.6.35
<thesheff17_> RoyK which is only for maverick?
<pmatulis> thesheff17_: don't believe everything you read
<pmatulis> thesheff17_: just upgrade to the latest .32 kernel and you'll be fine
<thesheff17_> pmatulis: haha ok good :)
<pmatulis> thesheff17_: most of those things are even covered by the .31 kernel
<pmatulis> thesheff17_: see http://www.ubuntu.com/usn/usn-1074-2
<Datz> pmatulis: this seems to suggest to update to 2.6.35 http://www.ubuntu.com/usn/usn-1083-1
<Datz> or is that if you are already using 2.6.35...
<Datz> that might make sense :)
<uvirtbot> New bug: #729819 in dovecot (main) "Dovecot !include_try does not work with 'deliver' - mail delivery fails" [Undecided,New] https://launchpad.net/bugs/729819
<pmatulis> Datz: you have to actually read the page.  see what is affected
<Datz> well yea
<Datz> I'm still not 100% clear :P
<iggi> anyone know how to change the port eucalyptus uses for rsync/scp/ssh? I don't use a standard port and it is failing every time.
<thesheff17_> iggi: wish I just had hardware to test eucalyptus :-/
<iggi> thesheff17: 1 virtualization enabled computer. e.g.- $200 AMD Athlon X2. CC goeso n a vm inside node.
<thesheff17_> iggi: so the virtualization of the processor will carry over through the virtual machine?  Are you using virsh?
<iggi> thesheff17_: I have a correct setup, but you can test it by throwing down a machine with ubnutu+kvm-qemu+libvirtd then run the CC on a vm
<thesheff17_> iggi: did you have to do something special for it?  I just got This hardware does not support virtualizatoin acceleration.  This is on the virtual machine.
<thesheff17_> iggi: ah the install just continued on..cool
<uvirtbot> New bug: #729844 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/729844
<pmatulis> Datz: what's your question then?
<iggi> Anyone know why I would get a internal server error when I go to http://<cloud-ip-address>:8773/services/Eucalyptus on my UEC server? I get the error: "16:55:25 ERROR [NioServerHandler:New I/O server worker #1-10] Internal Error. com.eucalyptus.ws.server.NoAcceptingPipelineException"
<iggi> appears to bea similar bug here: https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/519062
<uvirtbot> Launchpad bug 519062 in eucalyptus "Unable to connect to Eucalyptus Service on port 8773" [Low,Expired]
<rnigam> hello
<rnigam> test 123
<guntbert> rnigam: don't test here please, there exists #test
<rnigam> Just installed ubuntu server on the latest Dell boxes with new AMD Opterons
<rnigam> Planning to create a virtualized environment.
<rnigam> Any suggestions on tools?
<iggi> kvm, libvirt, eucalyptus
<rnigam> what about virt-install?
<rnigam> I am not sure which package has it on the server version or if it is still supported
<rnigam> apt-get install python-virtinst returns nothing
<rnigam> oh yes i have decided to use KVM and already have kvm and libvirt
<rnigam> any word on  virt-inst package anyone?
<Datz> pmatulis: I was unsure after reading http://www.ubuntu.com/usn/usn-1083-1 whether or not I should upgrade to 2.6.35-* from 2.6.32-29
<Datz> or if 2.6.32-29 is patched and safe to use. That is all. ;)
<rnigam> iggi: what is the best tool to create kvm virtual machines?
<jmarsden> rnigam: https://help.ubuntu.com/community/KVM/CreateGuests
<rnigam> jmarsden: Thanks. That should get me going for now.
<jmarsden> rnigam: You're welcome.  It is part of a whole set of KVm related wiki pages, see the nav items under the main title on that page.
<uvirtbot> New bug: #729911 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729911
<iggi> rnigam: virt-manager?
<rnigam> jmarsden: Yes I see that. Thanks Again. The only problem is that While i was going through the KVM wiki I came across a tool called virt-install which turned out to be obsolete in this server version. I have decided to go by the last edited time on every page from hereon.
#ubuntu-server 2011-03-06
<atari2600a> right, so, I just realized why my VM wasn't hitting the internet
<atari2600a> it's not even getting out of my host machine
<atari2600a> is there some sort of port forwarding I need to enable on ubuntu-desktop?
<jmarsden> You need to set up the VM to bridge to a real LAN interface, I suspect, not just to an internal network for VMs.  What are you using to run VMs? kvm, or virtualbox, or something else?
<jmarsden> atari2600a: ^^
<atari2600a> virtualbox, but I already have port forwarding through NAT set up
<atari2600a> I can access the server from the host, just not within the LAN
<jmarsden> NAt will do outbound only... for inbound you need to set the virtualbox VM setting to bridged and select the relevant network device, usually eth0
<jmarsden> Shut down the VM, change that setting, and restart it.
<jmarsden> Incidentally, this is documented at https://help.ubuntu.com/community/VirtualBox/Networking if you read it carefully.
<atari2600a> ...but I have port forwarding
<atari2600a> I have already established it recieves inbound
<atari2600a> I SSH into it regularly
<jmarsden> Either try it my way, or read the docs, or... try some other way to make it work that you know about and I don't :)
<jmarsden> atari2600a: To quote the wiki page I pointed you to: "Connecting a virtual machine through NAT will allow the guest to connect to systems on the network (including the host or some website). A machine on the network will not be able to initiate a connection to the guest though."
<jmarsden> atari2600a: I have around 14 virtualbox VMs here, most of them are Debian or Ubuntu...
<atari2600a> okay so now I can't even SSH into it
<jmarsden> It's now in bridge mode?
<jmarsden> Or you still don't believe me and don't believe the help page either??
<atari2600a> it's in bridge, you provided sufficient evidence for it
<atari2600a> but the wiki page is out of date
<atari2600a> says to modprobe a vbox networknig module
<atari2600a> is that still needed?
<jmarsden> No, it shoudn't be.  The VM has a static IP that is part of the LAN IP range, right?
<jmarsden> As in, you edited  /etc/network/interfaces in the server running inside the VM and set it up with a static IP... correct?
<atari2600a> no, I kinda forgot :P
<atari2600a> I'll have to unload the host's now-unneeded static IP first I suppose
<atari2600a> but first, let's pkill vbox so I can get it running w/ a head this time...
<jmarsden> Well, as long as you assign a different static IP to the VM, what IP the host is on is somewhat irrelevant.
<atari2600a> it's the only static on the network so I prefer the end of the range
<atari2600a> AKA *.149
<jmarsden> Use whatever addressing scheme makes sense to you, just don't have two machines or devices (real or virtual) with the same IP :)
<atari2600a> see you on the other side
<jmarsden> atari2600a: welcome back :)
<rnigam> jmarsden: ubuntu-vm-builder is vmbuilder now
<rnigam> ?
<rnigam> from 10.10
<rnigam> most of the documentation on kvm has ubuntu-vm-builder mentioned still !
<jmarsden> rnigam: Well, vmbuilder is a sucessor to ubuntu-vm-builder.
<jmarsden> rnigam: Go ahead and update, but remember most people doing VM may use Ubuntu server, 10.04 LTS is still the norm for servers.
<rnigam> Do you think I should go back to 10.04 LTS? I only plan to do some kvm experiments for a month or so !
<jmarsden> atari2600a: So, does your VM work now?
<jmarsden> rnigam: No, use whatever Ubuntu server you already have installed.
<atari2600a> jmarsden, better, thanks to you
<jmarsden> atari2600a: Good :)
<atari2600a> I can access it from within the LAN, but I'm having a little trouble getting past the router
<jmarsden> That's port forwarding... make and model of router?
<atari2600a> also no more need for outragious ports (8080, 2222 :P)
<atari2600a> some shitty linksys wireless-n
<atari2600a> I already got port forwarding set up & disabled the firewall for shits & giggles
<atari2600a> still can't access it through a proxy
<atari2600a> (& yes I'm refreshing through the proxy, not the web browser :P)
<jmarsden> Don't leave yourself wide open!  OK... what is the IP and port you think you have port forwarded to the VM ?
<atari2600a> hold on
<atari2600a> & it was just the router firewall
<atari2600a> http://216.93.215.153/
<atari2600a> just tried that IP from within the network...DSL admin login
<atari2600a> I wonder if I can find the default user/pass for this make & model...
<jmarsden> You seem to have the ssh port forwarded but not port 80, to me.
<atari2600a> well I did use the router's built-in presets for HTTP, FTP...
<atari2600a> let's see...
<jmarsden> Um... "I already got port forwarding set up" -- and now you do not know the password??
<jmarsden> atari2600a: What LAN IP did you point them at, is the question that now needs asking...
<atari2600a> jmarsden, for the router, not the modem
<Guest5435> whats the ammount of bandwith does a social networking site have
<Guest5435> take i mnean
<atari2600a> Guest5435, wrong network, you're looking for irc,anonops.net
<jmarsden> atari2600a: Your port 22 is apparently connecting to some embedded linux not Ubuntu (unless you installed dropbear sshd on the Ubuntu server VM, which seems unlikely)
<atari2600a> & I'm sure somewhere close to the terabits
<atari2600a> jmarsden, yeah I think the modem has busybox or something
<jmarsden> atari2600a: But it shouldn't leave its ssh port open to the public Internet!
<Guest5435> can you please provide me the channel
<atari2600a> jmarsden, it's a small ISP :P
<jmarsden> BTW if it is a modem it wouldn't even have an IP address, so it must be a router :)
<atari2600a> Guest5435, if you can't even use a real IRC client you'll get either laughed out of the network, banned, or hacked to hell
<atari2600a> jmarsden, the HTTP login says 'DSL login' :P
<jmarsden> OK... on the Linksys that your Ubuntu host PC is connected to, what is the WAN IP set to?  216.93.215.153 , or something else?
<atari2600a> let me check the logs
<jmarsden> Or just log into the Linksys :)
<rnigam> 'vmbuilder' option to create kvm guest from iso ? Anyone?
<atari2600a> 10.202.46.2 ; different from what whatismyip reports apperantly
<atari2600a> jmarsden, which is where it's logged :P
<atari2600a> turns out it had it's own status page, though
<jmarsden> OK, so you have double hop NAT through two routers... ugh
<jmarsden> So you need to do port forwarding in BOTH of them.
<atari2600a> kinda figured, & I don't think my ISP allows users to dick around in the DSL modem
<jmarsden> Or put the upstream one into "bridge mode" if you can and if the ISP lets you.
<atari2600a> balls
<jmarsden> Then I'd say you are trying to run servers on a home DSL line and your Terms of Service prohibit that.
<atari2600a> I'm gonna go see if I can find the default user/pass on the modem
<rnigam> jmarsden: vmbuilder option to create kvm guests from iso?
<jmarsden> I don't think there is "one option" for that :)  man vmbuilder, and see the (possibly old) tutorial at https://help.ubuntu.com/community/JeOSVMBuilder
<jmarsden> rnigam: You might want to consider using virt-install instead, by the way.
<Jasonn> does anyone know of an eggdrop alternative?
<jmarsden> Jasonn: apt-cache search irc | grep bot     # should provide a few to try... :)
<Jasonn> thx
<atari2600a> well, some good news & some bad news
<atari2600a> good news is my ISP was durr enough to not change the default root password
<atari2600a> (12345)
<atari2600a> bad news is it's still not working
<jmarsden> atari2600a: I'm not going to help you break the AUP or TOS you agreed to... and I strongly suspect it says "no running servers" or words to that effect.
<atari2600a> well, it KINDA does
<jmarsden> Besides, this is not really a #ubuntu-server issue at this point.
<atari2600a> it says if you wanna run a shitload of up bandwidth you need a small business account, but home servers are okay
<atari2600a> this is for a business blog really, but nothing to shit bricks over :P
<atari2600a> anywho, the real solution is "bug father to get comcast because we're getting no more than 400KB down / 75KB up" :P
<atari2600a> thanks for all the help jmarsden
<atari2600a> leaving now
<jmarsden> You're welcome.
<highvoltage> kirkland: I read you're in Cape Town this weekend. having fun?
<dv310p3r> How do I enable SFTP?
<rnigam> Might be a dumb question but while using virt-install do we have to first create a disk image of certain size and then specify the iso file to be used for  installation?
<jmarsden> rnigam: Did you man virt-install?   --disk option, has lots of options...   basically you can create the image first, or let virt-install do it for you... read the docs :)
<thesheff17_> rnigam: virt install reads vmbuilder.partition from the local disk.  Here is an example of mine http://pastebin.com/X0CRvqWm
<dv310p3r> how is it that I can SSH into my server but I can't SFTP into it?
<EvilPhoenix> dv310p3r:  are you using SFTP right?
<EvilPhoenix> because sftp corresponds to your SSH login
<EvilPhoenix> and the ssh port too
<dv310p3r> sftp root@ipaddress
<EvilPhoenix> okay, lemme ask this a different way...
<dv310p3r> EvilPhoenix, sftp root@ipaddress
<EvilPhoenix> assuming i KNOW the command
<EvilPhoenix> did you configure a non-standard port for SSH into the box?
<EvilPhoenix> or did you leave it at 22
<dv310p3r> EvilPhoenix, I haven't changed it, so it should be 22.
<dv310p3r> EvilPhoenix, where can i check that
<EvilPhoenix> dv310p3r:  in your sshd_config file on your server box
<EvilPhoenix> dv310p3r:  if you didnt mess with the configs yourself, then you could assume its 22
<EvilPhoenix> in which case sftp SHOULD be defaulting to 22...
<dv310p3r> EvilPhoenix, I assume its 22 as I haven't changed it,
<dv310p3r> EvilPhoenix, where can i find the sshd_config file
<EvilPhoenix> okay, lets try this command: sftp -oPort=22 root@ipaddress
<EvilPhoenix> that should tell it to use port 22 (in case your sftp isnt already trying that port)
<EvilPhoenix> actually
<EvilPhoenix> lets try this intead
<EvilPhoenix> instead*
<EvilPhoenix> sftp -vv root@ipaddress
<EvilPhoenix> it'll spit out detailed issues
<EvilPhoenix> details*
<dv310p3r> I'm sorry for not being more detailed myself. It's a password issue.
<dv310p3r> Permission Denied.
<EvilPhoenix> oic
<dv310p3r> However using root I can ssh into the box just fine.
<EvilPhoenix> then your password might have been entered wrong
<EvilPhoenix> go into your box as root
<EvilPhoenix> and run: passwd
<EvilPhoenix> make sure you got the right password in the system
<EvilPhoenix> i've had those issues with sftp but not ssh once or twice
<EvilPhoenix> and i just redid passwd and it seems to have worked
<EvilPhoenix> so you are saying its denying your password?
<EvilPhoenix> even if thats the case do the sftp -vv
<EvilPhoenix> because that'll confirm if its your passcode
<EvilPhoenix> if its the pw, it'll say the password was rejected
<dv310p3r> It's crazy, still no dice
<EvilPhoenix> so, its still rejecting the passcode even thoug hyou changed it
<dv310p3r> -vv tells me a bunch of stuff, but near the bottom before it asks me for the password it says.
<dv310p3r> debug1: Authentications that can continue: publickey,password
<dv310p3r> debug1: Next authentication method: publickey
<dv310p3r> debug1: Offering public key: /home/andre/.ssh/id_rsa
<dv310p3r> debug2: we sent a publickey packet, wait for reply
<dv310p3r> debug1: Authentications that can continue: publickey,password
<dv310p3r> debug1: Trying private key: /home/andre/.ssh/id_dsa
<dv310p3r> debug2: we did not send a packet, disable method
<dv310p3r> debug1: Next authentication method: password
<dv310p3r> root@184.106.65.25's password:
<dv310p3r> debug2: we sent a password packet, wait for reply
<dv310p3r> debug1: Authentications that can continue: publickey,password
<dv310p3r> Permission denied, please try again.
<dv310p3r> root@ipaddress's password:
<dv310p3r> sorry for so much info. I tried to change some of it, but fuck it.
<dv310p3r> Anyhow if you look at the Offering public key, why's it trying to use my home dir public key
<EvilPhoenix> ooo
<EvilPhoenix> because that's the pubkey its supposed to be using
<dv310p3r> ok
<EvilPhoenix> because it tries to defaultly get your user's pubkey from your computer (and it isnt in authorized_keys on the server or this error wouldnt exist)
<EvilPhoenix> having said this
<EvilPhoenix> either the passkey data is messed up
<EvilPhoenix> or sftp on your system is messed
<dv310p3r> damnit.
<EvilPhoenix> if its passkey
<EvilPhoenix> that's fixable
<EvilPhoenix> if sftp is messed, that's tricky
<EvilPhoenix> so
<dv310p3r> I have no understanding of all that passkey and rsa stuff.
<EvilPhoenix> on the box after you ssh into root
<EvilPhoenix> passwd
<EvilPhoenix> run that
<EvilPhoenix> put the password in
<EvilPhoenix> it should then work correctly
<EvilPhoenix> otherwise, i can walk you through putting your public ssh key up to authorized_hosts (like i configure all my servers), so that it doesnt always require the password
<dv310p3r> Ok, so that didn't work.
<dv310p3r> but the other day I was with a friend who did something like what you described because we were setting up git
<dv310p3r> He said if we did that public ssh thing we wouldn't have to put in the password.
<EvilPhoenix> lolololololol
<dv310p3r> now whenever I connect via ssh I don't have to put in the pass
<EvilPhoenix> gitosis
<EvilPhoenix> right...
<dv310p3r> gitosis?
<EvilPhoenix> dv310p3r:  it should be working then, because sftp also looks at that too
<EvilPhoenix> yes, "setting up git"
<dv310p3r> right
<EvilPhoenix> were you setting up a git server?
<dv310p3r> yes
<EvilPhoenix> that explains a lot
<EvilPhoenix> its a pita to configure
<EvilPhoenix> and you can definitely fubar other things :P
<EvilPhoenix> i gave up on setting up gitosis, just am sticking with an upgraded git account with private repositories
<EvilPhoenix> which works surprisingly well
<EvilPhoenix> but that might have interfered in your ability to sftp
<EvilPhoenix> no clue how to fix it, though...
<dv310p3r> np thanks anyways
<rnigam> why do we get "open /dev/kvm: Permission denied" error while installing a kvm guest in ubuntu server 10.10 ? I did add the user to the kvm group.
<jmarsden> rnigam: Did you log out and back in again as that user after adding him to the group?
<rnigam> yes i did
<jmarsden> OK, does    id -rn -G USERNAME      show the user to be in the kvm group?
<rnigam> ok I logged out and logged in... and used the following command tocreate a kvm machine:     sudo virt-install --connect qemu:///system -n ubuntu-vm1 -r 204                                                                             8 --vcpus=4 -f /root/vmimages/kvm1.qcow2 -s 12 --cpuset=4,5,6,7 -c /root/vmimage
<rnigam> s/ubuntu-10.10-server-amd64.iso --os-type linux --network bridge=virbr0 --accele                                                                             rate --virt-type kvm --hvm --vnc --noautoconsole
<thesheff17_> rnigam: do you have the CPU virtualization enable in the BIOS? do kvm-ok
<rnigam> Now I get this error: ERROR    operation failed: failed to retrieve chardev info in qemu with 'info chardev'
<rnigam> rnigam@ubuntu:~$ kvm-ok
<rnigam> INFO: Your CPU supports KVM extensions
<rnigam> INFO: /dev/kvm exists
<rnigam> KVM acceleration can be used
<thesheff17_> rnigam: looks good
<rnigam> thesheff17: Any idea about the error? operation failed: failed to retrieve chardev info in qemu with 'info chardev'
<thesheff17_> rnigam: that /dev/kvm error is weird.. make sure you have all these packages apt-get install kvm libvirt-bin python-virtinst virt-manager virt-viewer kvm libvirt-bin ubuntu-vm-builder qemu bridge-utils
<rnigam> the /dev/kvm error no longer shows... I had to restart the server
<thesheff17_> ah ok
<rnigam> thesheff17: But this is the error I am getting now:  failed to retrieve chardev info in qemu with 'info chardev'
<thesheff17_> rnigam: I'm not sure...looked a little on google there was one bug where the server was too old to support virtualization...though your kvm-ok looks fine.  I also haven't used 10.10 for this.  10.04 seems fine for me right now.
<thesheff17_> rnigam: can you try virt-manager
<thesheff17_> wonder if it is a bug directly related to virt-install
<thesheff17_> rnigam: I would also check your BIOS and make sure all virtualization is enabled.
<rnigam> thesheff17: Server is the latest from Dell and has 6100 amd opterons on it. BIOS has the virtualization enabled
<thesheff17_> rnigam: try running it as root and not use sudo
<thesheff17_> rnigam: I see some people complaining about permission suff.
<thesheff17_> bug #702741 sounds just like your problem https://bugs.launchpad.net/nova/+bug/702741
<uvirtbot> Launchpad bug 702741 in nova "failed to retrieve chardev info with 'info chardev'" [Critical,Fix released] https://launchpad.net/bugs/702741
<uvirtbot> Launchpad bug 702741 in nova "failed to retrieve chardev info with 'info chardev'" [Critical,Fix released]
<rnigam> thesheff17: Did that but the same error
<rnigam> uvirtbot: what is the fix?
<uvirtbot> rnigam: Error: "what" is not a valid command.
<thesheff17_> rnigam: I'm not sure..user uvirtbot is just a computer that will explain the bug..not actually a human.
<rnigam> i am sorry I am new to IRC's
<rnigam> thanks for pointing that out.
<rnigam> so the bot says that fix is released, thesheff17 do you know how to find that fix?
<rnigam> I am going nowhere trying to look it on the launchpad
<thesheff17_> rnigam: yea I would try using virt-manager and see if that just installs a vm through an iso..if that works there may be a bug or something wrong with what you are passing to virt-install
<cavoo1101> i hope someone can help me. for the last few days, i cannot access internet on my ec2 instance. i can ping but wget, apt-get etc. time out. it was working perfectly fine last week. and i haven't made any changes in the last week.
<rnigam> thesheff17: I thought virt-manager is not for the server version ! Meaning doesnt it need a GUI?
<thesheff17_> rnigam: um yea virt-manager is a GUI app it can connect to a remote ubuntu server running libvirt & qemu
<thesheff17_> try a simple command like this: virt-install -n web_devel -r 256 -f web_devel.img -s 4 -c jeos.iso --accelerate --vnc --noautoconsole also try it withoutASDF
<thesheff17_> --accelerate
<thesheff17_> cavoo1101: sounds like a firewall security group issue.
<cavoo1101> thesheff17: how can i make sure? i haven't made any changes since the last time it worked.
<thesheff17_> cavoo1101: so you have ssh access?  Try running this script...it turns off all iptables rules: http://pastebin.com/MSaAsaaC
<cavoo1101> thesheff17: that didn't work.
<thesheff17_> cavoo1101: so wget http://www.google.com doesn't work but you can ping it?
<cavoo1101> yea
<rnigam> thesheff17: Will try that out thanks.
<thesheff17_> cavoo1101: that is very strange.... does wget http://74.125.225.18/ work? that is just google.com ip.
<cavoo1101> thesheff17: no
<cavoo1101> thesheff17: so far, only ping works.
<thesheff17_> cavoo1101: well ping is a different protocol than http....still sounds like something wrong with a local firewall.
<cavoo1101> thesheff17: i have already disabled the firewall
<quentusrex> Anyone familiar with ubuntu snmpd? I seem to be unable to query for an extend command. I'm trying "snmpwalk -c public -v 1 192.168.100.55 test1" with this line in the snmpd.conf file "extend    test1   /bin/echo  Hello, world!"
<thesheff17_> cavoo1101: I would check the security groups through the AWS management console.
<cavoo1101> thesheff17: here's the output from ec2-describe-group: http://pastebin.com/FjuUMfka
<thesheff17_> cavoo1101: yea that looks fine..it is very strange that http doesn't work & ssh/ping works.
<cavoo1101> thesheff17: the web server on the instance works fine too
<thesheff17_> cavoo1101: pastebin sudo iptables -L
<cavoo1101> thesheff17: http://pastebin.com/46eMHPys
<thesheff17_> cavoo1101: looks fine
<thesheff17_> cavoo1101: not sure why you couldn't use apt-get or wget.
<cavoo1101> thesheff17: it's driving me nuts
<thesheff17_> cavoo1101: yea I have never seen that before ever on EC2....maybe open a support ticket with amazon.
<thesheff17_> cavoo1101: try emailing the ec2 ubuntu group may also have some other suggestions.
<cavoo1101> thesheff17: yeah okay. i'll do that. thanks for your help.
<thesheff17_> cavoo1101: np...I would also do a full backup and try rebooting if you are using an EBS volume instance
<cavoo1101> thesheff17: yeah i'll do that if all else fails
<DigitalFlux> Hi
<DigitalFlux> Anybody knows of a way to "include" files from within /etc/networki/interfaces ?
<thesheff17_> DigitalFlux: I'm pretty sure I just used include before.  I can't find any docs on how I did it but I would do it for an iptables script I had.
<andol> thesheff17_: Sure the iptables script was an include, and not something like a pre-up script?
<Uhu> Hello I have an issue with Postfix and Submission. I enabled Submission-Port, but I can send only through port 25 - submission ends with Client host rejected. http://pastebin.com/pnd8U04t - Short Logs and Extract from config. Anyone an idea? (I know I should ask #postfix but they are quite for hours)
<mpathy> Hi there.. I forgot the upgrade on one server (shame on me) and now it is 9.04 there
<mpathy> What problems I could discover when upgrading now to the LTS Release?
<mpathy> If I understand it right, I have to do two upgrades, first on 9.10 and then on the LTS
<greppy> mpathy: that's going to depend on what packages you have installed, there should be info on the website as far as changes between releases.
<mpathy> You mean I could update directly to the LTS
<mpathy> and another question, will it work properly when I use screen while upgrading? Because I have no local access to the machine only SSH
<greppy> I'm not sure if you can go directly to LTS
<greppy> I generally only run LTS releases.
<mpathy> greppy: I also only, in future.. *sigh* :)
<mpathy> And the second question? Will it be a problem when I am using screen, and be in a screen while "do-release-upgrade"?
<greppy> mpathy: I've done upgrades from within screen before without problems.
<greppy> not saying you won't, but I haven't :)
<uvirtbot> New bug: #730041 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/730041
<mpathy> greppy: Okay because I want to continue work if lost connection and so I would use screen but I do not know what happens with update of screen then
<pehden> simple question what is needed for proftp conf to restrict users to home but allow certian user to not be restricted
<pehden> i know its like 6 lines or less
<pehden> well
<pehden> simple question what is needed for proftp conf to restrict users to home but allow certian user to not be restricted
<pehden> i know its like 6 lines or less
<Uhu> Whats the best option to implement IPSec on my Ubuntu-Server? Or should I stick with OpenVPN?
<Uhu> IPSec as server
<pehden> openvpn may be easier to set up
<greppy> Uhu: unless you have a need that is met with ipsec that isn't with openvpn I would stick with openvpn.
<Uhu> greppy Security and OpenVPN is quite slowfrom what Ive experienced.
<greppy> I haven't seen openvpn be slow at all.
<pehden> i never got ovpn to work completly myself
<greppy> i've been using it for a while, 10.04 LTS server with debian, ubuntu and windows clients.
<pehden> thats what i was trying to set it up on
<pehden> the clients would nevr connect
<pehden> or at least stay connected
<Uhu> Okay I will try to set up my OpenVPN again. I just want people to use the Servers-IP-Adress to connect to the internet.
<pehden> greppy: do you know how I can fix my issue
<pehden> wow am i hidden?
<lenios> no you're not
<pehden> ok
<pehden> just wondering cause i didnt get any responces at all to my question
<pehden> simple question what is needed for proftp conf to restrict users to home but allow certian user to not be restricted
<lenios> pehden, you're looking for chroot
<lenios> like, http://www.techrepublic.com/article/tech-tip-chroot-users-to-a-specific-directory-with-proftpd/5287480
<lenios> to chroot only group of users, http://forums.proftpd.org/smf/index.php?topic=3872.0
<pehden> lenios perfect
<pehden> lenios I think thats exactly what I found before
<pehden> lenios i want to do the chroot to 2 groups
<lenios> how many groups do you have?
<pehden> lenios but let a third not be under this
<pehden> 2 different ones 1 for virtual users another for real users and then mine
<pehden> lenios what would i need for 2 different groups
<pehden> lenios # Use this to jail all users in their homes
<pehden>  DefaultRoot		~		proftpddb
<pehden> lenois is the order in reverse for which one takes place
<pehden> lenios  thanks alot after reading the ubuntu forum page about 20 times I got it juat how i wanted it
<Uhu> Can somebody help me choose the right e-mail filter hardware? Is a dualcore AMD with 2 GB enough to run Spamassasin and Clamav for 77.000 messages (1.000 Real) / day
<lenios> Uhu, i'd say yes
<Uhu> How do I add IPset module to kernel? (Ubuntu 10.04 LTs) =/
<patdk-lap> xtables
<dthacker> I'm looking for a 32 bit Natty iso to test a bug on,  seems like I'm only finding UEC images.   Could I get a URL, please?
<dthacker> found beta3, thanks
<PeterJanku> Hi all, I have small special "problem". I have ubuntu server on my old notebook for testing and developing. And i need small feature, wicht can turn off comupter, when battery level goes down. Something like apcupsd but for internal battery. Some ide?
<PeterJanku> Please?
<rnigam> what is the best tool to create kvm-guests on ubuntu server 10.10
<rnigam> ?
<laen> kvm
<rnigam> laen: I don't understand you. I already have kvm and libvirt up and running... I already experimented around with virt-install and failed
 * Altimizer Is suing ISP for clinically dispossing minds across The United States of America.
 * Altimizer rnigam uses the letter tab feature.
<laen> rnigam: eh, run kvm or qemu-kvm or whatever it's called with some parameters on a -hda or -drive img?
<Altimizer> Anyone know of a good networking-troubleshooting channel?
<rnigam> anyone with kvm installation experience here?
<Doonz> right now i have one putty client running and it is connect through ssh to my home server. i have a tunnel created through that on port **. how can i open up another putty client and have it connect through that existing tunnel
<DrNick_> anyone else notice there seems to be a ridiculous amount of kernel updates lately?
<fluvvell> can I translate the setup for ppp0 that works well in NetworkManager into the required scripts for pppd ? I have a working mobile broadband (WAP) in NM but last time I sucessfully used pppd was with dial-up
<thesheff17> rnigam: still having problems?
<chrislabeard> How can i take a picture with my webcam?
<chrislabeard> using terminal
<DrNick_> ASCII art image from a webcam, that'd be interesting
<chrislabeard> yeah it would be sweet
<lenios> http://ascii.dyne.org/
<lenios> "HasciiCam makes it possible to have live ascii video on the web. It captures video from a tv card and renders it into ascii letters, formatting the output into an html page with a refresh tag, or in a live ascii window, or in a simple text file."
<DrNick_> neat, kinna pointless tho lol
<chrislabeard> what is video4linux
<lenios> video interface
<lenios> you can get webcam signal from video4linux
<chrislabeard> I just want to try and record some video from it and then save it somewhere.
<chrislabeard> All the programs I've tried have failed
<panfist> is it possible to add locations to index with locate/updatedb?
<fluvvell> chrislabeard, record some video is a little vague, the mythtv project has heaps of recording stuff - if its analogue video in, you may need a capture card ...
<chrislabeard> fluvvell: the streamer program seems to work pretty good
<fluvvell> chrislabeard: yes - good cmdline option. Of course most ppl looking for video have a gui to check it out, but if its straight record to file thats a good option.
<chrislabeard> k
<chrislabeard> how can I create a filename and append the date on it
<chrislabeard> do I have to run a script
<NicholasRoge> How do I get the php error to display on the page it's occuring at rather than having to go into the apache log to see it?
<air^> NicholasRoge: http://php.net/manual/en/function.error-reporting.php
<air^> NicholasRoge: just set error reporting to E_ALL in the script you are debugging.
<NicholasRoge> Okay, thanks.  :3
<NicholasRoge> It just keeps throwing a server error when the php has a problem
<RoyK> iirc display errors = yes in php.ini will do a lot
<NicholasRoge> Okay
<NicholasRoge> I'll check that out
<air^> should be about the same thing, but doing it in php.ini will be a global setting.
<thesheff17> NicholasRoge: also make sure to restart apache when you change your php.ini
<NicholasRoge> Right
<talcite> hey guys, I'm running into a dpkg issue on my lucid install. Whenever I try to upgrade or install a new package, I get a dpkg post-install error, with return code 10.
<talcite> I've traced the post install script, and I can get it running if I turn off the non-interactive mode (-e), but I'm not sure why that is. Plus it's not a good workaround since I'd need to do it for every package I install/upgrade
<NicholasRoge> Nope, that still didn't work.
<NicholasRoge> Still throwing a 500 error whenever I try to view the file.
<talcite> I've also traced it with the -x option, and it always seems to break right around when dpkg executes ucf (update configuration files)
<talcite> ah. I figured it out. The /var/lib/dpkg/info directory had a corrupted ucf template. I just backed up the directory and then deleted everything. It's all working now.
<uvirtbot`> New bug: #730336 in samba (main) "[NOT A BUG] Include a dependency in SAMBA package" [Undecided,New] https://launchpad.net/bugs/730336
<uvirtbot`> New bug: #730337 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/730337
#ubuntu-server 2012-02-27
<seicherlbob> hi there! I'm running a lucid server and i'm trying to install sun-java6 packages. I uncommented the "partners" repo line and run apt-get update, but still no sun-java packages are found. what am i doint wrong?
<kklimonda> seicherlbob: oracle no longer grants distributions a license to redistribute "sun" java packages. You'll have to download it from their site
<seicherlbob> thanks, i just read the "news"
<twb> Or use an open alternative
<inka> Hi, I wasn't sure what the best channel would be to ask this sort of question.
<twb> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<inka> I'm currently investigating several different cloud-computing solutions
<inka> I plan to develop a social mobile app that utilitizes Facebook for authentication
<inka> I've been looking primarily between Amazon EC2, Google App Engine as solutions that would allow me to scale-out nicely
<inka> I like that Google App Engine essentially scales automatically but I hear a lot of talk about being "Locked In" but I haven't really found too much that elaborates on this issue
<inka> I saw some stackoverflow questions on this but much of them were dated back to 08-09 so I'm not sure how relevant they still are
<jknight> Hi
<jknight> I have a question
<jknight> does anyone know why my cron job is not running if the user is not logged in?
<qman___> jknight, do you have encrypted home directory enabled for that user?
<jknight> yes I do
<jknight> I think that's the reason why it's not working
<jknight> but why is it behaving this way?
<linocisco> hi
<linocisco> hi all
<linocisco> Zentyal has failover feature with 2 ISP links . It is ubuntu based. why ubuntu server could not do like that?
<Q_Continuum> So.  Landscape.  I can't afford it for my home machines, but need that capability to keep using it.  Are there any Free self-hosted alternatives, or do I go over to CentOS for my Linux non-Desktop use?
<twb> Q_Continuum: landscape server side is not free software, and there is no compatible alternative.
<twb> Q_Continuum: if you replace both server and client side, you could deploy puppet or chef or cfengine
<twb> Q_Continuum: IMO these have enough grief that they aren't worth considering unless you have at least ten hosts on a LAN.
<Q_Continuum> So Canonical/Ubuntu has no alternative for those unwilling to fork out $100-$300/seat, or for those wanting to learn the system :-/  I would've hoped they'd come up with an alternative to putting Enterprise features out of reach of everyone, something they promised NOT to ever do.
<Q_Continuum> Guess I'll switch, since I heard puppet is a PITA to learn - but once you know it it rocks.  Only recently heard of chef, haven't looked at it, and no idea on cfengine.
<Q_Continuum> Presently I have 2 Ubuntu Server VMs, but will be adding more.  Personal home server, for various tasks and learning more stuff.  Wanted to play with enterprise-level capabilities, like I can with Windows via AD, but guess I don't get to, unless I have 5+ and want a 60-day trial that then ends :-(
<Q_Continuum> CentOS it is, I guess.
<twb> AFAICT chef has basically all the same faults as puppet
<Q_Continuum> Figures.
<andol> Q_Continuum: While Puppet sure has its limitation I wouldn't call it as PITA to learn. At least basic usage of Puppet, which still can be a big gain, is fairly trivial.
<Q_Continuum> I like the concept of a web-interface though.  Easy to do from anywhere, without needing a terminal
<andol> twb: By the way, I am happy running (a masterless) Puppet just for my personal computers, which are well below ten.
<Q_Continuum> I run Windows mostly, but Linux for a few things (Minecraft server, irc shell, webserver stuffs)
<Q_Continuum> but am looking to expand, hence the want for some easy managability
<twb> andol: I was unimpressed in particular by puppet because 1) the wire protocol isn't versioned, and the devs expect you to install the latest bleeding-edge version on all your hosts; 2) it requires ruby on the client side as well as the master; and 3) anything remotely complicated often ends up being done by poorly-tested Exec grep/sed lines, which IMO is no better than if you weren't using puppet in the first place.
<twb> e.g. for (3) I ran into it in about ten minutes when I wanted to manage sysctl.conf
<twb> And writing a parser for that, which should've been straightforward, was inhibited by my inexperience with Ruby and partly by there it not being having to first write puppet rules to distribute the new parser to all the puppet clients.
<twb> Bottom line is that the puppet people felt like fly-by-night cowboys rather than professionals
<koolhead17> twb: what would you suggest other than puppet then :)
<Q_Continuum> Yeah, I want stuff that is more polished and easy-to-use than that.
<andol> twb: Yepp, agree Puppet isn't the magical bullet, and it does have plenty of limitations. Still for me the gain for what I am using it is still a net gain.
<twb> Oh, I forgot to mention that the puppet file syntax is obtuse and unhelpful and silly
<twb> koolhead17: unfortunately there is no real competition except cfengine (which is differently bad) and chef, which AFAICT is not really any better
<koolhead17> andol: use bash :)
<RoyK> twb: I attended puppet training a few months back, and that helped a lot ;)
<twb> What I am actually doing in practice right now is to create a template container from a script, and then derive specific containers by copying the template and applying a second container-specific script.
<koolhead17> twb: am still surviving on bash, but planning to learn puppet soon
<twb> RoyK: I was working with Daniel Pittman, whom thingo Labs currently employs...
<RoyK> koolhead17: bash really isn't a replacement for puppet :Ã¾
<koolhead17> is there no python based config management
<twb> RoyK: I'm still having trouble with it.  Oh, also I read the whole Apress book
<twb> koolhead17: AFAIK no
<koolhead17> RoyK: :(
<twb> IMO "not really any better" applies for python->ruby too
 * RoyK prepares to go to work and not sitting around on irc all day
<RoyK> s/day/morning/
<koolhead17> twb: i wonder setting up a puppet server/config will be  a pain in itself
<twb> I would be a LOT more confident about puppet if it had a plain C client side (so it can fit on embedded hosts), and it had a purely declarative SANE file syntax, and a versioned wire protocol that was clearly documented.
<twb> I also seem to recall puppet's use of TLS was mainly self-signed certs, to avoid having to bootstrap the cert trust chain before you could run puppet
<twb> koolhead17: you can get up a trivial instance pretty quickly
<twb> koolhead17: being fancy takes more time
<koolhead17> i just hope learning puppet won`t turn into a new expedition 4 me :)
<andol> twb: Of those things you listed, I would probably rank versioned wire protocol the highest.
<twb> andol: 100% agree
<twb> koolhead17: IMO do it later
<koolhead17> twb: but i have to play with it :P
<andol> twb: And as a side note, for recention version of Debian/Ubuntu I would rather put my own changes under /etc/sysctl.d/ rather than modify /etc/sysctl.conf. Not that the initial assumption necessarily applies to your case.
<koolhead17> twb: so the who schema/way of writing changes every version of puppet?
<andol> koolhead17: It doesn't have to change, it is more that it can change.
<twb> andol: that is a good point; this was for an older system (8.04 IIRC)
<andol> koolhead17: You might very well be able to run separate Puppet versions along side each other, as long as you verify that being the case, that your recipies works for both versions, etc.
<koolhead17> andol: that is confusing :(
<andol> koolhead17: It is an imperfect world :)
<koolhead17> andol: :P
<randomDude> hey so i have this ubuntu server, and postgress seems to be borked... : $ sudo service postgresql restart; Error: /var/lib/postgresql/9.1/main is not accessible or does not exist
<randomDude> 11.10
<randomDude> i can't sudo apt-get install postgres --reinstall either
<lynxman> morning o/
<M0nt7> where is the rsync.conf file in ubuntu?
<M0nt7> anybody on this channel?
<andol> M0nt7: rsyncd will read /etc/rsyncd.conf by default, but you will have to create that file yourself.
<andol> M0nt7: See also /usr/share/doc/rsync/examples/rsyncd.conf
<M0nt7> andol:  what would be a basi configuration for rsyncd.conf?
<andol> M0nt7: Well, base or not, you will still have to provide explit shares. The rsyncd.conf(5) does provide some good examples for different situations.
<M0nt7> andol:  ryncd.conf (5) is the man page right?
<andol> yepp, search for EXAMPLES
<M0nt7> andol: I get no manual entry rsyncd.conf
<andol> ...and you have the rsync packages installed?
<M0nt7> andol: yes indeed
<andol> odd
<Amin0v> hello all
<Amin0v> how can I create a repository in my svn server and then ask client to checkout from a subdirectory in this repository
<Amin0v> let's say the repository is in /home/user
<Amin0v> and that people must check from /home/user/web
<Amin0v>  /s/check/checkout
<jMCg> wi Leseb
<Leseb> jMCg: ?
<jMCg> Leseb: missed the /
<Leseb> jMCg: what do you mean?
<jMCg> Leseb: /wi Leseb --> /whois Leseb
<Leseb> Oh ok, and why do you whois me?^^
<dnivra> hello. i just installed ubuntu-server 11.10 and installed selinux. After installation, I reboot and get "grub rescue>". what could I do to get grub back?
<dnivra> i booted a live cd and selected "Reinstall grub boot loader" in rescue mode and tried installing grub to all partitions but no luck.
<memoryleak> I've installed ubuntu server in a vm using paralells - but I can't mount CDROM drive. How I can list cdrom devices ?
<uvirtbot`> New bug: #941905 in keystone (universe) "keystone user should not have a primary group of nogroup" [Undecided,New] https://launchpad.net/bugs/941905
<uvirtbot`> New bug: #931893 in swift (main) "swift service scripts will not start unless /etc/swift/*-server/* exists" [Undecided,New] https://launchpad.net/bugs/931893
<zul> good morning
<rbasak> Daviey: what are the different mechanisms for chain loading on Intel? pxelinux.cfg localboot, what's the other chain loader you mentioned? And kexec of course. Anything else?
<rbasak> hey zul
<zul> ipxe
<Daviey> rbasak: chain.c32
<rbasak> Thanks!
<Daviey> ^^ post reliable and recommended soltuion on traditional arch
<uvirtbot`> Daviey: Error: "^" is not a valid command.
<roaksoax> morning
<smb> Daviey, Using do-release-upgrade is the preferred way to run an upgrade on server? If so, is there some preferred (and preferably simple) way to make it non-interactive. The wild world wisdom has some scary looking suggestions (including expect scripts)...
<Daviey> smb: expect scripts?!
<Daviey> crikey.
<Daviey> smb: I don't think i'd recommend doing it completely hands off tbh.
<smb> Daviey, Not sure any admin having to do a number higher that a few will agree. :) Hence those "work-arounds". Also it would be nice to have for an automated test. ;)
<Daviey> smb: yeah.. there ARE automated tests.. i suspect they just sed -i 's/oneiric/precise/g' /etc/apt/sources.list
<smb> Daviey, Right, and with that you can have some control over frontend and dpkg options when running apt-get dist-upgrade.
<smb> Just thought about having the propagated way doing the same. But it does not offer much options (not even the frontend choices are really explained).
<Daviey> smb: Yeah.. Sorry, not much assistance i can offer with that... Perhaps we need to discuss it at UDS. :)
<smb> Daviey, We surely can and should. For precise it will be too late now anyway. So I guess people will go with dist-upgrade or expect scripts. ;)
<Daviey> smb: sad. :(
<Jeeves_> plz click affects me: https://bugs.launchpad.net/ubuntu/+bug/939300
<uvirtbot`> Launchpad bug 939300 in ubuntu "precise 12.04: consider adding Apache 2.4 ?" [Wishlist,Confirmed]
<uvirtbot`> New bug: #941955 in cloud-init (main) "util.islxc() method is broken without is-lxc-container" [Undecided,New] https://launchpad.net/bugs/941955
<uvirtbot`> New bug: #941968 in lxc (universe) "lockfile-create hangs inside lxc containers" [Undecided,New] https://launchpad.net/bugs/941968
<uvirtbot`> New bug: #941983 in freeradius (main) "freeradius refuses to run on Ubuntu 11.10" [Undecided,New] https://launchpad.net/bugs/941983
<uvirtbot`> New bug: #941993 in php5 (main) "package libapache2-mod-php5 5.3.10-1ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/941993
<Amin0v> when I do an svn list like in this example :  http://pastebin.com/8Er4DNaT
<Amin0v>  I find my commited files
<Amin0v> when I ckeck the svn project I don't find this files
<uvirtbot`> New bug: #942061 in cloud-init (main) "need support for maas" [Undecided,New] https://launchpad.net/bugs/942061
<zul> smoser: http://paste.ubuntu.com/859404/ and the output http://paste.ubuntu.com/859407/
<smoser> hm..
<smoser> do you need the console=ttyS0 ?
<mdeslaur> SpamapS: FYI, I've uploaded my preliminary mysql updates here: https://launchpad.net/~ubuntu-security-proposed/+archive/ppa/+packages
<SpamapS> mdeslaur: great. Will poke a few people to test
<mdeslaur> SpamapS: awesome, thanks
<zul> smoser: yes otherwise it wont work
<smoser> zul, what does it do wht that ?
<smoser> ah...
<zul> smoser: i need to clean that patch up but it works
<smoser> ah, yeah, plymouth and upstart do some stuff baed on that on the kernel command line
<smoser> but... strange
<smoser> wait.
<smoser> i dont beleive you
<zul> smoser: fine try out the patch for yourself then
<smoser> the only place upstart would go looking for 'console=' parame would be in kernel cmdline
<smoser> i would  not hav thought it would look on its own command line
<zul> smoser: right but libvirt-lxc starts without cmdline
<smoser> zul, i'm confused.
<smoser> libvirt-lxc starts init without parameters
<zul> right
<smoser> but you added some parameter "console=ttyS0"
<zul> right
<smoser> which i can only assume means that its going to append that to /sbin/init
<smoser> which i dont think will do anything
<zul> http://libvirt.org/drvlxc.html
<zul> smoser: and from my log file: http://paste.ubuntu.com/859436/
<smoser> zul, so you're asserting that upstart reads that
<zul> smoser: it *does* work provided you have the console fix as well: http://libvirt.org/git/?p=libvirt.git;a=commit;h=9130396214975ba2251082f943c9717281039050
<zul> smoser: yes
<zul> smoser: i have 5 instances running all with a working euca-get-console-output
<smoser> hallyn, ^ stgraber ^ is that true
<smoser> $ grep -r "LXC_COMMANDLINE" . || echo NOT HERE
<smoser> NOT HERE
<smoser> oh. and that is in a checkout of lp:ubuntu/upstart
<zul> smoser: LIBVIRT_LXC_CMDLINE is a libvirt thing
<hallyn> is what true
<smoser> yes, but upstart is an upstart thing
<smoser> and upstart is what determines where console output goes
<smoser> (other than kernel messages)
<smoser> zul, i'm asserting that your "console=ttyS0" is doing nothing but causing confusion.
<hallyn> pretty sure upstart listens to console= kernel cmdline
<smoser> yes
<smoser> the kernel command line it does, hallyn (or rather at least reads it and it and plymouth decided on some stuff together based on it)
<smoser> but zul is suggesting that his patch at http://paste.ubuntu.com/859404/
<hallyn> dude i'm just trying to get reboot to work in $*)(&%$* libvirt-lxc...
<smoser> needs the "cmdline" tag
<smoser> s/tag/hunk/
<smoser> but i dont understand how that would do anything
<cwillu_at_work> not to jump in the middle of anything, but console= is interpreted by the kernel as well
<smoser> eys
<smoser> cwillu_at_work, right.
<hallyn> lxc doesn't run a kernel though :)
<smoser> i'm just trying to figure out why adding 'cmdline' in that patch there would do anyting.
<cwillu_at_work> ah, I see
<hallyn> which patch
 * cwillu_at_work decides to remain happily oblivious
<jhobbs>  /wg 9
<zul> hallyn: http://paste.ubuntu.com/859404/
<zul> smoser: its all doug henningish
<zul> smoser: any more comments?
<zul> hallyn: i have a libvirt-lxc patch for you after beta
<kirkland> smoser: hey, are you experiencing any unexpectedly high load in precise/byobu?  I just upgraded on Friday, and load seems way high
<kirkland> but I also started trying unity 3d for the first time in ~3 months, so that's probably it
<hallyn> zul: ok.  feel free to stash it in ubuntu:libvirt (preserving my delta), else i'll do it.
<zul> hallyn: ack
<hallyn> i just can't get reboot to work.  only thing i can figure is sigchld must be killing the parent before i get a chance to catch it
<fixxxermet> I'm using Oneiric and I am trying to determine if the orchestra package, which requires puppet, has any type of built-in integration
<fixxxermet> Does anyone know if there is any type of integration, or can they point me to any docs?
<sidnei> hallyn, hola, looks like lxc-create -t ubuntu -- -b <username> doesn't work anymore if <username> has uid/gid 1000, the ubuntu user created in the lxc has the same uid/gid
<hallyn> sidnei: gosh, good point.  could you open a bug on that?
<sidnei> hallyn, oki
<hallyn> stgraber: ^ i will make lxc not create the ubuntu user if -b is specified, and add the bound user to sudo/admin group instead.
<hallyn> stgraber: ^ lemme know if there's a reason that's a bad idea
<hallyn> jsidney: thanks
<hallyn> gah
<hallyn> sidnei: thanks
<sidnei> hallyn, np
<stgraber> hallyn: sounds good
<sidnei> bug #942144
<uvirtbot`> Launchpad bug 942144 in lxc "Using bindhome option of ubuntu template conflicts with ubuntu user" [Undecided,New] https://launchpad.net/bugs/942144
<sidnei> hallyn, ^^
<hallyn> thanks, sidnei.  Note we're in a freeze, so mar 3 is when the fix can go in for this (iirc)
<sidnei> hallyn, ok.
<uvirtbot`> New bug: #942144 in lxc (universe) "Using bindhome option of ubuntu template conflicts with ubuntu user" [High,Confirmed] https://launchpad.net/bugs/942144
<smoser> hallyn, ping
<zul> smoser: interesting http://paste.ubuntu.com/859574/
<hex20dec> Best free webmail client for my server?
<Pici> hex20dec: I've heard some good things about squirrelmail
<hex20dec> Pici, I've used it a while back.
<hex20dec> I hate it.
<hex20dec> No offense.
<smoser> whats interesting there zul?
<Pici> hex20dec: none taken. I don't use it myself.
<zul> smoser: it stripped out the "\" which i expected
<Myrtti> hex20dec: some places where I've used webmail in have usually had both squirrel and later on roundcube
<hex20dec> Myrtti, Yeah, I used them both on my old shared hosting.
<smoser> zul,  your shell stripped out the '\' i suppose
<zul> smoser: perhaps
<smoser> $ cat /tmp/my.sh
<smoser> #!/bin/sh
<smoser> for a in "$@"; do printf "%s\n" "$a"; done
<smoser> $ /tmp/my.sh foo \xasdf
<smoser> foo
<smoser> xasdf
<hex20dec> What do you guys use for mail client?
<Pici> gmail <.<
<hex20dec> Pici, you forward all your emails to Gmail?
<hallyn> smoser: .
<Pici> hex20dec: Actually, yes. But you could always use Google apps for domains, although I don't think its complete free (as in beer) anymore.
<smoser> hallyn, https://bugs.launchpad.net/cloud-init/+bug/941955
<uvirtbot`> Launchpad bug 941955 in cloud-init "util.islxc() method is broken without is-lxc-container" [Medium,Triaged]
<smoser> http://paste.ubuntu.com/859594/ is what my /proc/1/cgroup looks like
<smoser> given that there are 8 things in which i might be in the root group of, which should i look at for this
<jjohansen> hallyn: ping
<hallyn> stgraber: ^ did you change the lxc-is-container logic at all?  (i'm fetching the pkg)
<stgraber> hallyn: lxc-is-container no longer exists
<hallyn> smoser: i can't find any code that gives a rip about /proc/1/cgroup involved
<stgraber> hallyn: you need running-in-container
<hallyn> stgraber: yes, smoser says that still doesn't work
<stgraber> hallyn: which uses the container-detect upstart job
<hallyn> jjohansen: (i'm here :)
<smoser> stgraber, cloud-init code that you tol dme to write looks at that.
<smoser> hold on
<smoser> for link
<jjohansen> hallyn: okay, so apparmor clear FFe on friday, /me doesn't know when that means it will show up.  But I don't expect the kernel will have the patches in beta1, they hadn't been pulled in last I checked
<jjohansen> s/clear/cleared/
<jjohansen> hallyn: /me still has built kernels with the patches if you want
<hallyn> jjohansen: yes, i certainly hope i'l lhave time to experiment with the moutn rules before bet1 is released, so test kernels woudl be great, thanks
<smoser> hallyn, http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/util.py
<jjohansen> hallyn: http://people.canonical.com/~jj/linux-image-3.2.0-17-generic_3.2.0-17.26~aamount_amd64.deb
<smoser> see islxc there.
<hallyn> smoser: why not ditch taht first part?
<hallyn> the running-in-container is now (i *think*) intended to be a definitive test
<stgraber> smoser: right, call running-in-container, if return value is 0 you're in a container (it's also going to tell you want kind of container on stdout)
<stgraber> smoser: that's assumin this python script is running after upstart is started though
<hallyn> else yes, you'd have to do the equiv of 'head -1 /proc/1/cgroup | awk -F: '{ print $3}'' - as several lxc tools had to do
<stgraber> (running-in-container depends on /run/container_type that's generated by the container-check upstart job (start on starting and mounted MOUNTPOINT=/run)
<stgraber> )
<hallyn> stgraber: i wonder if lxc should ship a symlink from is-lxc-contaienr to running_in_container, since is_lxc-container was shipped in lxcguest
<stgraber> hallyn: having it ship in lxc wouldn't really solve the problem as we don't install lxc where we used to have lxcguest
<hallyn> stgraber: true
<stgraber> hallyn: and we should be able to catch and fix all cases by looking at lxcguest's rdepends (which AFAIK we did)
<hallyn> jjohansen: wget'ed that kernel.  if this laptop should die, i may end up having to ask you wehre it is again :)
<jjohansen> hallyn: np, just ping me if you need anything, /me should be around most of the day (just have to run an errand at lunch)
<smoser> stgraber, well, i was calling lxc-is-container before, and i really tihnk that you should fix that to be backwards compatibile
<smoser> i will change to (also) use running-in-container, but i need a path that works wen that command is not available also.
<stgraber> smoser: that command is part of upstart, so it should always be there
<stgraber> smoser: and it's in /bin so even with a separate /usr it's going to be available
<smoser> stgraber, yes, it will always be there on ubuntu >= 12.04
<smoser> but thats not good enough
<hallyn> jjohansen: libvirt is bogging me down today (i blame smoser), so i won't be bugging you today.  thanks again.  ttyl
<stgraber> smoser: hmm, ok, then check for either is-lxc-container or running-in-container or copy/paste the logic from container-detect.conf
<smoser> stgraber, well, copy and paste that wont work all the way
<smoser> as cloud-init is not init and is not privey to init's environment variable
<smoser> regarding LIBVIRT_LXC_UUID
<smoser> but i will use similar logic to that
<stgraber> smoser: you can grep /proc/1/environ though
<smoser> yeah. i guess i could do that.
<stgraber> or source init's environment but that's kind of ugly ;)
<pythonirc101> Any ideas how to  boot into single user mode on this ubuntu box.  There does not seem like a kernel line in my grub 1.99 "edit" view.
<arosales> jcastro: m_3: Travel safely  and kill it in Strata!
 * jcastro isn't going to strata
<jcastro> but mims is!
<arosales> jcastro: Sorry, https://juju.ubuntu.com/Events had you listed
 * jcastro fixes
<arosales> jcastro: thanks :-)
<wonderman> can someone help me diagnose server freezing please
<wonderman> i can reboot it remotely from my control panel with hosting provider
<wonderman> it stays up for 5 min then goes down
<guntbert> wonderman: what do the logs say?
<wonderman> i cant get in to see
<wonderman> in the 5 min i had, i checked syslog
<wonderman> and messages
<wonderman> only a few relating to NTPD
<guntbert> wonderman: logs survive a reboot
<wonderman> also this <>  Feb 27 15:00:29 server1 kernel: [   36.173580] possible SYN flooding on port 80. Sending cookies.
<wonderman> yes i know, but i got 5 min before maybe it happens again!
<wonderman> i will stop apache etc
<wonderman> as soon as it connects
<wonderman> ok im back in, how can i find mate?
<wonderman> i did 'cat /var/log/syslog | less'
<guntbert> wonderman: good, although less /var/log/syslog is better
<wonderman> ok, dates arent in order?
<wonderman> let me try your way
<guntbert> wonderman: and tailf /var/log/syslog will keep you informed until it crashes
<wonderman> yea i did that, but only had one window and changed !
<wonderman> lemme grab another open
<wonderman> Feb 27 15:30:28 server1 named[1181]: client 200.90.132.200#64938: query (cache) 'ns1.serv1mail.com/AAAA/IN' denied
<wonderman> dropping that
<wonderman> guntbert: why would syslog msgs not be in the correct order?
<wonderman> one minute its 11am, then 9pm, then 3pm
<guntbert> wonderman: your time setting - do you use ntp?
<wonderman> yes there are msgs relating to this
<wonderman> i dont remember installing it if its not default
<wonderman> maybe i did
<wonderman> this is it crashing?
<wonderman> Feb 27 15:21:59 server1 kernel: [ 1321.502878] Pid: 2604, comm: processes Not tainted 2.6.32-38-generic #83-Ubuntu
<wonderman> Feb 27 15:21:59 server1 kernel: [ 1321.502881] Call Trace:
<wonderman> shall i pastebin?
<guntbert> wonderman: try
<wonderman> try pastebin? sorry i am impatient, panicing a bit :P
<guntbert> wonderman: sorry, didn't want to upset you still more - I wanted to say: give it a try, maybe someone spots something
<adam_g> lifeless: ping
<wonderman> erm
<wonderman> !
<wonderman> guntbert: what was you saying about NTP?
<wonderman> should/can i remove it?
<guntbert> wonderman: no, it should be enabled, or else the system time would certainly drift away, but those big steps are weird, can you pastebin the syslog? use !pastebinit
<guntbert> !pastebinit | wonderman
<ubottu> wonderman: pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<wonderman> ok thanks man, sec
<wonderman> its yet to crash, with apache off
<lifeless> adam_g: hi
<wonderman> guntbert: how can i copy from 'less' ? or cant ?
<wonderman> i cant scroll in terminal and copy at the same time
<guntbert> wonderman: on the server:   apt-get install pastebinit       then      pastebinit  /var/log/syslog          it will tell you an URL
<wonderman> ok sorry
<adam_g> lifeless: hey, i was looking at Bug #924739, trying to come solution. wondering if you had any input, in terms of the features that are not yet ported to squid3
<uvirtbot`> Launchpad bug 924739 in squid3 "after upgrade from oneiric to precise, previous squid config unused, cannot be used when relocated" [Critical,Triaged] https://launchpad.net/bugs/924739
<guntbert> and wonderman: please use my nick when talking to me - else I might overlook your response :)
<wonderman> guntbert:  http://pastebin.com/686SyAzn
<wonderman> i had already started
<wonderman> guntbert: i copied a section to where i think it 'crashed' just before i rebooted which you can see from the paste too, and the time is totally different... the reboot time is UTC
<guntbert> wonderman: look at line 106: out of memory kills apache - some process hogs your memory and then the kernel decides to kill one (big) process
<wonderman> sedc
<wonderman> wtf
<wonderman> it swapped?
<wonderman> hmm
<wonderman> so this is a RAM causing the crash?
<wonderman> let me start apache again, and take a look
<guntbert> wonderman: no, the system has definitely not enough memory (probably some process eating it up) - please read up on OOM  - its the first one I have seen yet
<wonderman> OOM?
<wonderman> i have apache max clients set to 1024, but its been fine for many many days
<wonderman> i think maybe its 'awstats'
<wonderman> as there is a CRON running quite close to the crash?
<wonderman> i will start apache and monitor it quickly?
<guntbert> wonderman: OOM=out of memory
<wonderman> i am tailing syslog, and its trying to run a load of crons
<wonderman> because it cannot run them, it keeps trying
<wonderman> how can i stop this? because upon reboot it will try to run all crons at once...
<wonderman> think thats why its crashing
<wonderman> upon reboot, i cant see it using up 4GB of RAM in 5minutes
<guntbert> wonderman: I don't think so - the RAM usage goes quickly up to nearly 100% - thats ok, please search for    linuxatemyram  - a very instructive article
<wonderman> i will monitor it, as it hasnt happened for days, i dont know why it would be now
<wonderman> ill see what happens when i turn apache on
<wonderman> as atm its fine...
<guntbert> wonderman: Good luck :-) I'm off to bed
<wonderman> ok pal thanks
<randomDude> I need some advice on how to purge a broken postgres install : http://dpaste.com/708653/
<SpamapS> randomDude: interesting, can you try editing /var/lib/dpkg/info/postgresql-9.1.prerm and add '-x' to the #!/bin/sh line at the top? Then re-run.. it will give details as to what failed
<randomDude> SpamapS, as a caveat, /var/lib/postgres-9.1/main doesn't actually exist.
<SpamapS> randomDude: that shouldn't preclude you from being able to remove.
<randomDude> SpamapS, http://dpaste.com/708655/
<randomDude> http://dpaste.com/708656/
<randomDude> gah
<randomDude> http://dpaste.com/708657/
<wonderman> can anyone tell me why syslogs have different 'timestamps', ie they are not in order
<randomDude> uh ok, it's not pasting everything
<SpamapS> randomDude: consider using pastebinit ;)
<SpamapS> randomDude: sudo apt-get remove postgresql-9.1 2>&1 | pastebinit
<randomDude> essentially it says : /var/lib/postgresql/9.1/main is not accessible or does not exist
<SpamapS> randomDude: that sounds like a bit of a bug in the prerm or init script, as it shouldn't care about that.. but anyway, perhaps to make things simpler.. just 'sudo mkdir -p /var/lib/postgresql/9.1/main ?
<randomDude> ok
<randomDude> SpamapS, that may have fixed the issue
<randomDude> SpamapS, thank you
<SpamapS> randomDude: seems like its a worthwhile bug to report
<randomDude> yeah, one would assume that since that highly essential directory is missing that the server process is not actually running
<SpamapS> randomDude: I think the only bug is that it didn't explicitly tell you why it failed
<SpamapS> randomDude: because of the removal of an essential directory, things were in an inconsistent state.. I don't think it should ignore that, but I do think it should tell you.
<talntid> Gr. I'm getting my butt kicked by Apache2. I installed it, and it is looking for /etc/apache2/htdocs regardless of there being an entry in sites-enabled, pushing to /var/www
<jMCg> talntid: you're doing it wrong, then.
<jMCg> Well, jMCg that wasn't really helpful.
<jMCg> talntid: can you please pastebin your apache2.conf - and your vhost, also: apache2ctl -S
<talntid> jMCg, actually right now, I'm trying to purge the very existance of apache2, but it's fighting me.
<talntid> apache2.2-common : Depends: apache2-utils but it is not going to be installed
<talntid> E: Broken packages
<jMCg> talntid: aptitude purge apache2.2-common apache2-utils etc..
<jMCg> talntid: just get rid of the whole she-bang.
<jMCg> talntid: also, sfritsch and daemonkeeper promised me the 2.4 version of httpd will not suck stinky donkey balls in hell.
<jMCg> 00:44:25 <+fajita> Please read http://wiki.apache.org/httpd/DebianDeb0rkification
<jMCg> talntid: ^ a wiki page we have over at #httpd  for people comming with Debuntu specific problems.
<jMCg> most of this is already fixed.
<jMCg> I think.
<talntid> my issue is more...
<talntid> http://pastebin.com/gqDqMGbU
<hallyn> stgraber: do you think we should hack lxc-start to, for every contaienr that is running, keep a file open called '$rootfs.lock' (so long as [ ! -b $rootfs])?
<hallyn> stgraber: to keep the container from remounting the fs readonly on shutdown
<hallyn> bc there won't be a kernel fix for that, at least for precise (maybe ever)
<stgraber> hallyn: yeah, I guess we don't really have a choice
<hallyn> i guess i'll open a bug for it.  thx
<talntid> I took the Windows way out, since I wasn't very invested in the install.
<talntid> all who wish to throw rocks, go ahead.
<wonderman> qman___: can i holla?
<uvirtbot`> New bug: #942325 in lxc (universe) "keep container from marking shared rootfs readonly on shutdown" [Undecided,New] https://launchpad.net/bugs/942325
#ubuntu-server 2012-02-28
<wonderman> anyone around to help me with server crashing a few hours ago? related to apache i think
<hallyn> stgraber: one other thing: the default fssize with -B lvm is 500M, which isn't big enough for the GINOURMOUS ubuntu-cloud image
<hallyn> so i'll probably bump that to 1G :(
<wonderman> also i need to know why on restart ubuntu sets my apache modules based on some 'default'
<hallyn> i dunno, maybe i need to detect the templates and make it conditional.  but that's fugly
<hallyn> wonderman: if it crashed, it's probbably better to open a bug - so that there's a place to collect all the relevant info
<wonderman> hallyn what if its not a bug? but my configs
<hallyn> <shrug>  if it's not a bug, it may get marked invalid, but not until we've been able to help you
<stgraber> hallyn: 1G has been my default size for containers (vserver, vz, lxc) for years, so I'm fine with that ;)
<hallyn> stgraber: oh, ok, i'll do that then
<hallyn> wonderman: what sort of crash then?
<wonderman> let me pastebin some relavant
<wonderman> OOM
<wonderman> http://pastebin.com/XnirkVnd
<wonderman> Feb 27 15:21:59 server1 kernel: [ 1321.513390] Out of memory: kill process 1595 (apache2) score 1225215 or a child
<wonderman> it swapped :O
<uvirtbot`> New bug: #942338 in lxc (universe) "Make default lvm blockdev size 1G" [High,Confirmed] https://launchpad.net/bugs/942338
<hex20dec> Can someone help me? I've installed postfix, imap, etc. I can send and receive emails when doing it from terminal but I tried connecting through thunderbird and it won't let me.
<twb> That sounds like a problem for #thunderbird
<twb> Probably on irc.mozilla.org
<hex20dec> No it's actually my server.
<hex20dec> That's for sure.
<hex20dec> It's something with imap
<hex20dec> I installed roundcube and it spits out "problem connecting to imap server"
<twb> imap is a protocol, not a daemon.
<hex20dec> I realize that, I'm just telling you what is going on.
<hex20dec> Any idea what could cause such problem?
<twb> What imap daemon are you using?
<hex20dec> I'm new to this, I just did what the guide told me to do, so how would I find that out?
<twb> What guide?
<hex20dec> ubuntu guide
<hex20dec> https://help.ubuntu.com/community/PostfixBasicSetupHowto
<hex20dec> https://help.ubuntu.com/community/Roundcube
<twb> Don't follow that.  Couriour is old crap.
<twb> *Courier
<hex20dec> =[
<hex20dec> So what do I do?
<twb> There is an official guide which uses dovecot, it is linked from topic for 10.04 version
<twb> topic as in /topic
<hex20dec> Huh?
<hex20dec> Where is that guide?
<hallyn> wonderman: apache is the one that got killed, but it looks just as likely that cron executing /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/nul was what made you run out of mem
<hex20dec> twb, I'm sorry, I'm new to it all.
<hex20dec> https://help.ubuntu.com/10.10/serverguide/C/dovecot-server.html
<hex20dec> Nevermind, found it.
<hex20dec> twb, do I need to uninstall all the stuff I just installed?
<twb> If you are running 10.10 that is the right URL yes.
<twb> You should probably uninstall courier stuff, uninstalling postfix is probably not necessary
<wonderman> i disabled that cron, but that was the default one installed by ubuntu when i installed awstats, and there is no site in that location or anything, i have another that runs and that hasnt crashed in the past
<wonderman> o well, ill see how it goes
<twb> Isn't there something better than awstats by now?
<twb> Like maybe google analytics
<twb> IIRC when $boss wanted shiny graphs I said "go use analytics and stop bothering me"
<twb> Is there a channel for apcupsd?
<patdk-lap> man, the internet here is so bad :(
<patdk-lap> 300ms pings. and >50% packet loss
<stgraber> hallyn: I just saw Daniel's e-mail about LXC 0.8, do you know if there's any patch that we still need to forward upstream?
<hallyn> stgraber: there probably are.  well there are some which aren't in bc they rely on our lxcbr0.  i need to check what others i haven't pushed
<hallyn> bbl
<hallyn> stgraber: http://paste.ubuntu.com/860057/   i think that's the list of not yet applied patches
<hallyn> no, 0048-warn-if-container-started is there
<dindeman> hey guys, I have a RAID 1 question
<dindeman> I would like to know if my setup would allow hot swapping
<twb> SATA drives are always hot-swappable; bays are not.
<twb> mdadm should allow hot-swapping of a RAID1 node just fine, but you will need to ssh in and tell mdadm to fail/remove/add the node
<dindeman> twb: thanks, sorry I left the keyboard for a moment
<dindeman> sorry I asked the question here because I didn't really know where to ask but my question was more purely hardware related (not so much to Ubuntu server)
<dindeman> I'm indeed using SATA drives, it's a hardware RAID 1 on Intel Server Board S3420GP
<twb> Don't use ICH10R raid
<twb> It's a fakeraid
<twb> In fact, unless you paid at least $200 for your RAID card, and it has a BBU or equivalent, it is useless fakeraid and you should stick to mdadm
<linocisco> hi all
<hex20dec> It's been about 40 something hours that I'm awake trying fix this mail server and it keeps giving me problems, I need help desperately, is anyone willing to help set it up the right way? Please don't ask what is the problem, because I messed with so much settings that nothing is working now.
<dindeman> twb: thanks agaih, let me Google this ICH10R you mentioned
<twb> dindeman: ICH10R is your southbridge controller
<twb> dindeman: i.e. the thing on your motherboard that gives you raid
<dindeman> oh k
<dindeman> so sorry, what's the issue with this controller ?
<twb> it's fakeraid
<dindeman> so you're telling me I'd better off use software raid instead of that ?
<dindeman> twb: thanks for your tips anyway, since this will be a ESXi host I might pursue with VMware peepz to see what's their take on raid when it comes to ESXi
<humungulous> offhand i do not believe esxi support intel storage array
<humungulous> "intel storage matrix" sorry
<humungulous> yeah http://communities.vmware.com/message/1876032?tstart=0
<dindeman> the Matrix RAID from Intel ? (checking your link)
<humungulous> yeah the raid onboard the ICH chipset
<dindeman> there's actually two
<dindeman> ESRT2 and Matrix
<dindeman> your link sort of mentions Matrix, ESRT2 seems more recent
<dindeman> I can just try any, install ESXi and see whether there is some support about RAID from the vSphere client
<humungulous> you'll know if it wont work if the installer exits with an screen that says no supported storage adapter found
<humungulous> (to point out the obvious)
<dindeman> ah ok
<hex20dec> Any mail experts here?
<twb> If it's esxi you can't use mdadm
<dindeman> humungulous: what about hot swapping ?
<twb> I assumed since you were here, you were running ubuntu on it
<twb> esxi is its own crackhead linux distro
<hex20dec>  dindeman: He left the channel.
<dindeman> twb: sure, my mistake, I wanted to ask general questions about raid in fact and wasn't too sure where to ask
<twb> No problem
<dindeman> I will pop by #vmware and see what's peepz take on this over there
<twb> Either buy an expensive RAID card, use mdadm (you can't on ESXi), or use shit raid and deal with when it inevitably falls over and dies
<dindeman> twb: what about hot swapping tho ?
<linocisco> what is the meaning or purpose of "sudo pkill -9 squid"  ?
<twb> doubt ich10r supports it
<twb> linocisco: it sends a KILL to all processes named squid
<twb> linocisco: see man 7 signal
<linocisco> twb, when should I run this command , after stoping squid or starting squid?
<dindeman> twb: thanks tho for your input on this, bye
<twb> linocisco: never
<linocisco> dont understand
<twb> linocisco: who told you to run it
<linocisco> http://www.youtube.com/watch?v=LnBG_LEvvVw told me
<linocisco> twb, http://www.youtube.com/watch?v=LnBG_LEvvVw told me to run
<rickspencer3> good morning all, what's the word on the street about beta 1?
<humungulous> rickspencer3: https://launchpad.net/ubuntu/+milestone/ubuntu-12.04-beta-1
<rickspencer3> hi humungulous
<humungulous> rickspencer3: possibly you can find people discussing it in #ubuntu+1
<rickspencer3> thanks for the suggestion humungulous
<koolhead17> hi all
<linocisco> hi all, who have done setup for failover between two ISP links?
<SpamapS> linocisco: do you mean with BGP routing?
<SpamapS> linocisco: or something simpler?
<linocisco> SpamapS, there is no specific protocols. ISP is not sharing anything with us. THey allow us only port 8080,443 and NSlookup for DNS 53
<SpamapS> linocisco: doesn't sound like much of a "service provider"
<linocisco> SpamapS, I agree. They bought public IPs and they sells us private subnetted IPs
<linocisco> Hi
<linocisco> how to download squid package and how to install ?
<soren> Daviey: I'm curious.. How long time does it take to install a box using netinst these days?
<Daviey> soren: Honestly, i couldn't tell you from a wallclock perspective, but it's better than it was.
<Daviey> soren: We have some ideas to make it faster for 12.10..
<soren> Daviey: Is it more like 2 minutes than 10 minutes?
<Daviey> probably ~4
<soren> Daviey: Cool.
<Daviey> soren: It can be done in the time it takes me to make a cuppa.
<Daviey> soren: One idea we are thinking about for next cycle is using squashfs on the server :)
<Daviey> ie, like Desktop.
<soren> Daviey: I've come up with a little interesting hack that does it in ~30 seconds.
<soren> It's all cheating, of course.
<Daviey> soren: oh?
<soren> but it works.
<soren> I'm using the cloud images.
<soren> and qemu-img from initramfs.
<soren> Shoving the image onto the disk.
<soren> Fetching it over http.
<Daviey> heh, interesting concept... how big is your initramfs?
<soren> Good questino. Let me check.
<Daviey> soren: Couldn't you loopback mount the .img, and use that as the rootfs?
<Daviey> maybe pivot_root
<soren> Daviey: It costs ~3 MB in the initramfs.
<soren> Yes, but then I'd have to use raw images.
<soren> Right now, I'm using a qcow2.
<soren> ...which is loads faster on account of not having to transfer all the unused bits of the original disk.
<Daviey> right
<Daviey> soren: is it persistent ?
<soren> As in?
<Daviey> soren: save data across reboots?
<soren> Daviey: WEll, sure. It's for installing, not for "live CD"-ish sort of stuff.
<soren> I don't use the image after it's done installing.
<soren> It boots into the initramfs, fetches the image and writes it to disk, and reboots.
<Daviey> soren: so do you dd?  Gah, where is the script? :)
<soren> Done.
<soren> No, I use qemu-img.
<soren> qemu-img convert http:/blah -O host_device /dev/sda
<soren> -ish.
<Daviey> soren: I think i prefer the squashfs-in-di approach TBH.
<Daviey> soren: then you touch users and hostname?
<soren> I don't do any of that yet.
<Daviey> Hmm, that might be inappropriate
<soren> ...but I expect to try to rely on cloud-init for stuff like that.
<Daviey> soren: right
<Daviey> soren: There will be a UDS session purely about this.
<soren> Daviey: I'm not sure I understand you squashfs-in-di idea.
<Daviey> soren: Same as ubiquity on the desktop, but for alternate/di
<soren> Daviey: How would that work over the network?
<Daviey> so a satic image that gets unpacked to disk, and customised based on instaler options.
<Daviey> (ie users / hostna,e / network config)
<Daviey> soren: I imagine the netinstaler would have to wget the squashfs for mini.iso.
 * Daviey adds some extra l's
<soren> Where would it put it?
<soren> "I don't know" is a valid answer :)
<Daviey> I have an educatumacated guess, but i don't know
<Daviey> soren: Colin sees it as viable fwiw
<soren> I see it working for ISOs.
<soren> I just wonder how you'd do it over the network.
<Daviey> soren: I imagine the squashfs would be either on cdimage/releases or the same part of the archive which houses the mini.iso
<soren> Daviey: Perhaps I'm missing something.. You need to mount the squashfs somewhere and then copy it to a fresh filesystem... right?
<Daviey> soren: Hmm, well i don't want to speak for Colin... but the way i see it.
<Daviey> mini.iso gets you into d-i
<Daviey> wget http://squashfs
<Daviey> dd squashfs to /target
<soren> Storing it where?
<uvirtbot`> New bug: #942487 in openssh (main) "scp -f option not documented" [Undecided,New] https://launchpad.net/bugs/942487
<soren> Sorry, go on.
<Daviey> soren: You don't think we have enough ramfs these days?
<Daviey> customise /target based on preseed
<Daviey> soren: I suppose the other option is that the squashfs is exposed via iscsi|nfs .. OR part of the server-mini.iso (but that is no longer mini :)
<soren> My motivation is: I want to unify the way I provision cloud instances and metal. I.e. shove an image onto a disk and rely on cloud-init to do the customisation. I get annoyed having to deal with two completely separate systems for this stuff.
<soren> ...and I think we've got the whole shared-image-followed-by-first-boot-config solved pretty well with cloud-init.
<soren> So why not use it?
<soren> I'm having some networking problems I need to solve, but it's mostly functional.
<soren> And then I need to find a few to feed data to cloud-init.
<koolhead17> zul: essex-3 has some new python deps, http://paste.ubuntu.com/860317/  I am finally able to get it working from source :)
<Daviey> soren: right!
<koolhead17> i meant keystone essex-3 :P
<mandel> hello, does anyone know why the squid package on ubuntu was not compiled with the --enable-ssl flag? is there a reason, or should I just compile own with it? I want to be able to use the https_port directive in the configuration
<mandel> http://www1.it.squid-cache.org/Versions/v3/3.HEAD/cfgman/https_port.html
<lynxman> morning o/
<lynxman> mandel: the squid package comes straight from debian, I'd suggest building your own package in your PPA, filling a bug and attaching a patch to it
<mandel> lynxman, you could have said that too me yesterday, puto!! ;)
<lynxman> mandel: it was just too fun replying "lol" instead ;)
<lynxman> mandel: if you need any help let me know, I'll be glad to build the package for you
<mandel> lynxman, don't say it to loud or I'll delegate hehe
<lynxman> mandel: that's why I'm offering, I like being your helper ;)
<mandel> lynxman, if is not too much work for you, I'd really appreciate it
<lynxman> mandel: it's really not, let me fix it up fo ryou
<mandel> lynxman, I'll get you a beer whenever I go to london or barcelona :)
<mandel> lynxman, thx!
<linocisco> during an installation with apt-get install, and if I press Ctrl+C to cancel. what will be the effect in system?
<lynxman> linocisco: packages half installed, mayhem, dogs and cats living together
<lynxman> linocisco: but just issue "apt-get -f install" and it should just catch up
<linocisco> ok
<linocisco> thanks
<linocisco> can I clear traces of that cancel by using apt-get -f install ?
<lynxman> linocisco: most of the time it should yeah
<linocisco> lynxman, thanks
<maxagaz> hi
<maxagaz> I always get this error in my auth.log: Feb 28 11:23:49 catacombe sshd[18795]: Failed password for root from 207.183.255.142 port 38861 ssh2
<maxagaz> what does it mean ?
<maxagaz> some bot trying to log on my server ?
<greppy> maxagaz: most likely, yes.
<maxagaz> greppy, what can I do against that ?
<davepigott> Daviey: zul or adam_g: jamespage gave me your contacts because I'm having problems with my openstack implementation and he thought you might be able to help. I have four servers, one running all the nova, glance and swift services (which I'll refer to as the controller), the others just running nova-compute and nova-network. I've got two nics per server, using a vlan config. If my instance runs up on the
<davepigott> controller I can ssh to it and ping to it. If it ends up on any of the compute nodes, it's running but I can't connect to it. The console log shows it waiting for 120 seconds for a network connection, which it never gets. The logs are here: nova-compute.log: http://pastebin.ubuntu.com/860301/ nova-network.log: http://pastebin.ubuntu.com/860304/ Any clues?
<maxagaz> greppy: it's polluting my logs
<maxagaz> I have many things like "Invalid user manikswe from 204.57.82.8"
<greppy> maxagaz: you can do a couple of things, install fail2ban, block that IP using iptables, notify the owner of the IP of the attempted unauthorized access, move your ssh daemon to listen to a non-standard port, like 1422 instead of 22.
<maxagaz> with different nicks, but same ip
<maxagaz> greppy: great :-)
<maxagaz> greppy: fail2ban works like a charm, I forgot it :)
<maxagaz> I don't know why it's not installed by default on ubuntu server
<linocisco> hi
<linocisco> in nano, how could I see line no.?
<greppy> maxagaz: because where do you draw the line then?  what else should be installed by default? :)
<greppy> linocisco: have you read the man page for nano?
<maxagaz> greppy: hmm... fair enough
<linocisco> greppy, yes
<lynxman> davepigott: I'd say the nova-network configuration is borked somehow, could you please paste it somewhere?
<lynxman> davepigott: also it'd help pinging the #openstack channel
<davepigott> lynxman: Already pinged there but got nothing. Posted on the openstack forum as well. So far no response.
<davepigott> lynxman: Do you mean the nova.conf file?
<greppy> linocisco: use 'nano -c' to invoke nano.
<lynxman> davepigott: I'd say from my experience that there's something not right either in the vlan creation or the nova.conf
 * koolhead17 does whois lynxman to confirm if its really him!! :P
<davepigott> lynxman: OK. nova.conf on its way. One moment
<lynxman> davepigott: cool
<linocisco> greppy, no . not like that. like we can see line no. in gedit
<davepigott> lynxman: http://pastebin.ubuntu.com/860354/
<davepigott> lynxman: Same on all four servers
<greppy> linocisco: not possible.  use gedit then.
<greppy> linocisco: or use vi
<linocisco> greppy, ok thanks. vi is more difficult than nano
<linocisco> greppy, thanks anyway
<lynxman> davepigott: Have you looked at this? http://wiki.openstack.org/VlanNetworkSetup
<davepigott> lynxman: No. First I've seen of it. I'll read through. You think my db is out of sync with the config?
<lynxman> davepigott: if you didn't do it then yeah :)
<davepigott> lynxman: Fair enough. :)
<uvirtbot`> New bug: #942541 in nova (main) "Short descriptions mistakes" [Low,New] https://launchpad.net/bugs/942541
<soren> smoser: How easily could you be pursuaded to extend cloud-init to accept a url on the kernel command line where it should go and find its user-data and meta-data?
<lynxman> soren: if you offer him candy or a bug report I'm sure he'll be happy to have a look :)
<lynxman> soren: how're you doing btw, all good?
<davepigott> lynxman: OK. Database looks ok. I did do all that, based on the "Beginners guide" so it's fine. Or at least would seem to be.
<lynxman> davepigott: then I'd try to ping the openstack channel, I've never handled vlan connections on openstack myself :)
<wonderman> hey, can anyone tell me why this cron is running everyminute, for 1 hour, then stops  > * */16 * * * curl --silent
<lynxman> davepigott: always used flat network
<davepigott> lynxman: OK. Thanks. I probably should have used flat network but not sure how to switch it over.
<lynxman> wonderman: because it's programmed to do so at 4pm (16:00) for every minute of that hour
<lynxman> davepigott: hmm good luck :)
<wonderman> i see, how would i make it do it every 16hours?
<wonderman> this should do it every 24hours  >   0 0 * * * curl --silent
<wonderman> i also need one to run every 16hours
<lynxman> wonderman: 0 */16 * * * curl --silent
<jamespage> davepigott, how is the network switch configured?
<lynxman> wonderman: eitherway your mileage may vary, running something every 16 hours is a bit bizarre :)
<davepigott> jamespage: Pretty much as it came out of the box. Cisco switch.
<wonderman> hmm lol
<jamespage> davepigott, ah
<davepigott> jamespage: ah?
<wonderman> well, what its doing atm is totally wrong!
<jamespage> davepigott, one second
<davepigott> jamespage: sure
<jamespage> davepigott, I think that the switch needs some extra config
<davepigott> jamespage: To allow vlan?
<wonderman> i thought this is what i was doing   0 */16 * * *   what is the difference, apart from the obvious, what does setting 0 mean over setting * ?
<lynxman> wonderman: 0 is minute 0 whereas * is every possible option in the minute, so every single min
<jamespage> davepigott, yes - the ports to your servers need to be trunk ports that support the VLAN's that you have configured nova with
<wonderman> ah ok
<jamespage> davepigott, I've not done that on cisco for a while
 * jamespage tries to remember
<davepigott> jamespage: OK. Not over familiar with configuring cisco switches for that kind of thing.
<jamespage> davepigott, you might be better to not use VLAN mode and revert to one of the other networking types
<davepigott> jamespage: Ugh. How big a deal is that to undo it all and then re-do it?
<davepigott> jamespage: I have two switches. One on the main net, one on the private. Do they both need vlan config?
<lynxman> davepigott: I think this helps your config https://lists.launchpad.net/openstack/msg05531.html
<lynxman> davepigott: you'd need to configure every switch port that is configured in vlan mode this way
 * lynxman thankfully is good at Cisco so jamespage sparked his brain
<davepigott> lynxman: How do I get onto the switch? Over serial it's all menu driven
<lynxman> davepigott: oh my :)
<lynxman> davepigott: you need to telnet into it, have a user or a term password then the enable password
<lynxman> davepigott: you don't have anyone around that did actually configure those switches or are you on your own?
<jamespage> lynxman, that config looks good
<davepigott> lynxman: I'm trying to telnet but it's not responding
<davepigott> lynxman: On my own I'm afraid
<jamespage> davepigott, I think it only needs to be applied to the private network interfaces i.e. one of the switches
<davepigott> jamespage: OK. That's good at least. :)
<lynxman> davepigott: what james page says
<lynxman> davepigott: then try to access through serial cable, it shouldn't ask you for any password and just give you a prompt
<lynxman> davepigott: then just type "enable" and the default password should be Cisco
<lynxman> davepigott: do "sh run" to show your running configuration, write down the ports that you'll be using for your internal network
<lynxman> davepigott: then add that config to them using "config term"
<lynxman> davepigott: once you're done type exit and "write mem" to save your changes
 * jamespage bows to the awesomeness of lynxman's cisco knowledge
<lynxman> jamespage: I used to manage spanning tree vlans on Cisco, but I'm rusty at best
<davepigott> lynxman: It just gives me a menu. No shell
<jamespage> lynxman, I had todo some integration work between IBM/HP BladeCenters and Cisco switches but that was in 2007 :-)
<jamespage> davepigott, if you don't need it I would suggest that you don't use VLAN networking
<jamespage> davepigott, this was what I was looking for - http://unchainyourbrain.com/openstack/13-networking-in-nova
<davepigott> jamespage: If this solves it, I'll stick with vlan. If not I'll go back and reconfigure everything
<jamespage> this is what the juju charms for openstack do
<lynxman> davepigott: I do agree with jamespage, if you don't feel comfortable managing vlan switches it's better to go to plain basic flat network
<jamespage> davepigott, I don't think switching is that hard TBH
<jamespage> you already have the right bits installed - they just need reconfiguring!
<davepigott> lynxman: Why am I menu driven and not command line on the switch?
<lynxman> davepigott: it depends on your cisco switch model, all Catalysts should run Cisco IOS but maybe you have a SoHo one that doens't
<davepigott> lynxman: OK. There's a VLAN menu option. Has a VLAN ID of 1.
<lynxman> davepigott: that's the default vlan, the question is if the switch allows trunk config per port
<kahrn> Hi all
<davepigott> lynxman: OK. If it doesn't vlan is out, right?
<lynxman> davepigott: afraid so
<kahrn> I'm having some problems with my ubuntu server, would anyone be able to help?
<kahrn> I can't upgrade/use dpkg/apt.. specifically, I messed up Perl
<kahrn> and it keeps complaining about strict.pm being missing, so I tried to reinstall, but it still complains
<kahrn> it prevents me from using the package manager
<kahrn> which is annoying as I need to upgrade the server
<kahrn> http://ubuntuforums.org/showthread.php?p=11724946
<soren> lynxman: Good, thanks. Of course I'd be even better if cloud-init would do this for me :)
<davepigott> lynxman: OK. Looks like I can set up trunk config per port from the menu interface
<soren> smoser: Oh, hang on. It already does this somehow, doesn't it?
<Daviey> utlemming: hey, it looks like i won't be able to be at the weekly meeting.  Are you ok driving the development part?
<lynxman> soren: I'm sure it somehow does, cloud-init does the kitchen sink and everything
<ttx> smoser/utlemming: what's your take on including acpid in the cloud images in order to support KVM soft reboot ?
<ttx> References:
<ttx> http://wiki.libvirt.org/page/Tips#Debian.2FUbuntu_guests_under_KVM_don.27t_shut_down_properly
<ttx> https://bugs.launchpad.net/nova/+bug/939557
<uvirtbot`> Launchpad bug 939557 in nova "'nova reboot' under KVM always does a hard reboot" [High,Triaged]
<Daviey> ttx: I have never agreed that acpid should be absent.. iirc, soren had views on it.
<soren> Daviey: I certainly do.
<soren> Daviey: It should totally be included.
<soren> Daviey: That's my view.
<soren> Daviey: I also have views on how to get it included.
<Daviey> soren: Hmm.. i'm *sure* you said that it shouldn't be there.
<Daviey> Infact, i remember saying so.. and you saying just apt-get install it! :)
<soren> Daviey: When did you ever pay attention to what I say?
<soren> acpid is important. Include it. In -minimal or -standard or whatever. Don't backdoor it into the cloud images.
<Daviey> AHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
<Pici> gezundheit
<ttx> H.
<soren> Heck, or even in -server (which gets installed in cloud-init, iirc).
<Daviey> soren: You change your mind like the weather man!
<soren> Daviey: Maybe.
<soren> Daviey: I'd be happy to see quotes of me saying otherwise.
<soren> Daviey: I've talked many times about *relying* on its presence.
<Daviey> soren: UDS-Jaunty real life, and prior on irc. :)
<ttx> He was young then
<soren> Daviey: Where I've told people to just go and apt-get install it, because we can't travel back intime and add it to hardy or lucid or whatever.
 * jpds flips another coin.
<wonderman> man, can someone tell me what causes lots of 408s in apache?
<Daviey> soren: I'm going to add it to just server for now.
<soren> Daviey: I remember, for instance, a bug about rebooting kvm's from libvirt, where I spent way too much time explaining why you couldn't just rely on acpid for it to work.
<soren> Daviey: ...because even if acpid got added to the development release at the time, it still wouldn't work for older version of ubuntu.
<soren> Daviey: I can't imagine I'd be opposed to adding acpid by default.
<soren> Daviey: But, if I did, I'm sure I'd have excellent reasons :)
<Daviey> naturally
<kai> morning folks
 * soren hugs kexec
<Daviey> soren: seen pxe-kexec ?
<soren> Daviey: I did see it in the archive, yes. Didn't quite get it, though.
<soren> Daviey: Perhaps its name confuses me. Does it actually do PXE at all?
<Daviey> soren: well, depends what you define as PXE :).. it pulls via tftp the conifg and kernel, then kexec's it
<Daviey> so not quite PXE 'booting', but the same end resut.
<soren> Daviey: ...but I don't need a bootp server?
<soren> smoser: If I pass ds=nocloud on the kernel command line, isn't cloud-init supposed to not try to contact the EC2 metadata service?
<Daviey> soren: it tries to find that from dhcp (unreliable), normally you declare it on the command line
<soren> Daviey: Ah, I see.
<soren> Daviey: PXE invariably means something that involves DHCP in my head.
<Daviey> soren: Think outside the box (head).
<larsemil> question about iscsi and lvms...
<larsemil> i have a raid, and i divide it using lvm.
<Daviey> larsemil: Are you asking for us to ask you a question?
<larsemil> my initiators mount the different luns
<larsemil> can the server mounting the lun, use lvm (again) on the iscsi lun that is originally a logical volume
<larsemil> ?
<larsemil> Daviey: there it came, the question
<Daviey> larsemil: I can't see why not?
<Daviey> larsemil: All you are doing is nested lvm, right?
<larsemil> yes
<wonderman> someone please tell me how i can disable modules that apache load by default in ubuntu, there are too many, and once i disable, if i reboot server they all become enabeld again
<soren> wonderman: How are you disabling them?
<OZ8AAZ> wonderman: a2dismod is your friend
<OZ8AAZ> wonderman: ...and a2enmod to enable...
<wonderman> yes i use that
<wonderman> i disabled mod_reqtimeout
<wonderman> when i rebooted server it was back enabled
<soren> wonderman: So on reboot, /etc/apache2/mods-enabled/reqtimeout.load magically reappears?
<wonderman> yes
<zul> ivoks: ping
<wonderman> as well as other useless modules ubuntu seems to have enabled by default
<ivoks> zul: pong
<zul> ivoks: the nova bug you raised is with juju right?
<ivoks> zul: yes
<zul> ivoks: k
<ivoks> zul: why?
<zul> anywhere you can point me to get juju working with nova?
<OZ8AAZ> wonderman: can you see the module in $apache2root/modules-available/ ?
<zul> ivoks: starting to work on it
<ivoks> zul: sure
<wonderman> not now that i disabled it again
<wonderman> ..
<ivoks> zul: where do you wanna start?
<zul> ivoks: at the begging
<ivoks> zul: i didn't get it working 100%, but it's almost there...
<zul> k
<davepigott> jamespage: lynxman: I've now got instances I can ping, but unless its on cloud01 I can't ssh. Weird.
<zul> Daviey: im going to try to  get the console patch accepted again upstream
<soren> wonderman: Well, Ubuntu certainly isn't resurrecting files on the filesystem on its own. Is there anytihng special about this system?
<wonderman> what about init scripts?
<wonderman> are you 100% sure about that, because it is lol
<soren> wonderman: I'm sure we'd have heard about it before if it did.
<Daviey> zul: awesome
<soren> smoser: ping
<lynxman> soren: maybe it's a spin called Zombibuntu? Where your files come back to life
<soren> lynxman: Could be :)
<soren> lynxman: I don't see how ds=nocloud is ever supposed to work.
<soren> lynxman: Sorry, not you :)
<soren> smoser: I don't see how ds=nocloud is ever supposed to work.
<soren> smoser: cloudinit.DataSourceNoCloud.get_datasource_list calls list_from_depends with net and disk depends. list_from_depends returns only data sources whose dependencies match exactly the list of dependencies passed (rather than the data sources whose dependencies are fulfilled by the list of dependencies).
<soren> This matches the "docstring" for list_from_depends, but goes against my sanity as well as what you put in the commit message for r323.
<soren> The net effect is that the NoCloud ds isn't considered, because both net and disk is available already.
<jamespage> davepigott, thats a step forward at least!
<jamespage> have you configured security groups to allow SSH access?
<davepigott> jamespage: On the server? Yep.
<davepigott> jamespage: And just found that by default the switch blocks ssh. Changed that but still can't ssh. Hmm. Unless I need to restart networking across the cloud
<uvirtbot`> New bug: #942646 in nova (main) "No logrotate files for nova-manage and nova-dhcbridge" [Undecided,New] https://launchpad.net/bugs/942646
<jamespage> davepigott, I mean have you configured a security group and associated it with your instances?  If thats what "On the server" means then +1
<davepigott> jamespage: Hmmm. Well, I did an euca-authorize on tcp port 22, if that's what you mean?
<jamespage> davepigott, thats what I mean :-)
<davepigott> jamespage: Then yes. :)
<davepigott> jamespage: Going to restart the services on the cloud and see if they recognise the change on the switch
<smoser> soren, nocloud is run at 'cloud-init start-local'
<smoser> smb, ping
<soren> smoser: Err.. ok?
<smoser> soren, i'm fairlys ure it does work. i can test to make sure though.
<soren> smoser: Not sure what to make of that. All I can tell is that if I pass ds=nocloud on the kernel command line, the vm still spends a lot of time trying to contact the ec2 md service.
<smoser> cloud-init has 2 main "init/datasource" jobs
<smb> Potentially I currently have shared troubles with soren
<smoser> soren, ah.
<smoser> soren you're hoping to completely use the command line ? ie, no /var/lib/data/seed?
<smoser> yeah... that is potential, smb.
<smoser> i will check to make sure i didn't break that. hold on.
<soren> smoser: I haven't gotten that far yet. Right now I just want it to stop bothering with the ec2 md service.
 * smb is using /var/lib/cloud/seed though (without ds=nocloud but have checked with it)
<smoser> soren, right.
<smoser> easiest thing in precise is to attach an iso or vfat formated disk
<smoser> with 'user-data' and 'meta-data' files.
<wonderman> anyone help with diagnosing 408 errors?
<soren> For a VM, perhaps.
<smoser> soren, right.
<soren> I need to deal with metal, too.
<smoser> but if you're doing an install and just want to ditch it, easiest thing to do would be to seed and dpkg-reconfigure.
<smoser> oh..
<smoser> but you dont want to ditch.
<smoser> k.
<smoser> just a minute
<soren> Passing ds=nocloud-net works, too, but ds=nocloud should work.
<smoser> soren, yeah, clearly it should.
<smoser> smb, on bug 937352
<uvirtbot`> Launchpad bug 937352 in cloud-initramfs-tools "root partition may not be grown" [Undecided,In progress] https://launchpad.net/bugs/937352
<smoser> i woke up loast night night with an idea.
<smoser> which may not be valid, but wanted to run it past you
<soren> smoser: It'll pass.
<smb> smoser, Hm no wake up...
<smoser> slangasek pointed out that when you call sfdisk to resize, it calls the ioctl once at the beginning (to see if its busy) and then once again.
<smoser> his suspicion is that the first call (even though nothing has changed) is generating kernel events , spawning udev events...
<smb> Oops, that might be slightly fatal
<smoser> but if there is no change, there *should* be no events generated
<smoser> but my thought last night was this:
<smoser>  * kernel comes up, sees /dev/vda (and vda1), and gets CHS from disk/driver somehow
<smoser>  * udev runs
<smoser>  * partition scanning code runs, and notices that the partition table seems to have a CHS that does not match that of the disk/driver
<smoser>  * sfdisk runs with ioctl to say "re-read"
<smoser>  * kernel now says "oh my, its different than it was"
<smoser>  * udev gets event
<smoser>  * blkid ... BUSY
<smoser> does that seem possible ?
<smoser> it seemed strange tome that the kernel could potentially change its view of CHS for a disk, but maybe that udev somehow tried to "fix" it.
<smoser> smb, ^ is that remotely possible ?
<smoser> we've generally ruled out the mount/unmount yesterday as I saw there were still issues right before the first mount
<smb> smoser, I actually think there is not so much complicated code. You / sfdisk calls reread partition table, the kernel does it and generates events. No checking for whether this is the same as before
<smoser> smb, well, that is not what i see.
<smoser> very clearly, just calling blockdev --rereadpt does not generate udev events.
<smoser> that is easily demonstratable
<smb> smoser, Hm, it was what I saw when just using that blockdev --rereadpt command instead of sfdisk for testing...
<smoser> i thought we'd seen that too
<smoser> but i just tested it yesterday
<smb> smoser, So probably I go and look at the code. Then we should be sure. :)
<gsuess> hey everyone. any way to get apache kerberos auth working with a require group auth?
<gsuess> directive^
<smoser> ie, 'stop udevd' 'udevd --debug' 'blockdev --rereadpt /dev/vdb', nothing new on udev screen
<smoser> smb, ^
<smoser> ijust tested that now
<gsuess> i keep getting access to / failed, reason: require directives present and no Authoritative handler.
<gsuess> it works with require user ...
<gsuess> require valid-user doesn't work either.
<gsuess> same error.
<smb> smoser, I had been adding function trace points to blkdev_get and blkdev_put and saw them used by blkid and cdrom-id, at least when running rounds in a loop
<smoser> smb, so something is strange then
<gsuess> any ideas?
<smb> smoser, yes agree. Well give me a few minutes to check the code in the kernel. And try some modified tracing
<smb> smoser, In the mean time for clarification: to make cloud-init use the files in /var/lib/cloud/seed/nocloud, I need to put ds=nocloud on the grub command  line, too?
<smoser> smb, you do not.
<smb> smoser, Hm, ok. Still it does not seem to want to use the files I got there. Is there a way to make it more verbose?
<smoser> smb, soren, it seems lke precise might have regressed that :-(
<smb> Oh
<smoser> smb, soren precise is regressed for both of you :-(
<gsuess> what are the ./configure args used for ubuntus apache?
<smb> smoser, Good to know. At least I can now stop wondering what I did wrong. So for now I add precise to my decloudify list :)
<smoser> http://paste.ubuntu.com/860653/
<smoser> smoser, there is a fix
<smoser> and i just verified with that change that both populating /var/lib/cloud/seed/nocloud
<smoser> and
<smoser>  sudo DEBUG_PROC_CMDLINE="BOOT_IMAGE=/boot/vmlinuz-3.2.0-17-virtual root=LABEL=cloudimg-rootfs ro console=ttyS0 ds=nocloud;h=foo;i=i-abc" cloud-init start-local
<smoser> find the local data source
<smoser> soren, ^
<smb> smoser, Yes, it does seem to work now
<smoser> bug 942695
<uvirtbot`> Launchpad bug 942695 in cloud-init "cloud-init local data source broken" [Undecided,New] https://launchpad.net/bugs/942695
<uvirtbot`> New bug: #942695 in cloud-init (main) "cloud-init local data source broken" [Undecided,New] https://launchpad.net/bugs/942695
<Daviey> broken, smoken
<smb> smoser, I checked the code and did some experiments. Both does verify that there will be events for every rereadpt done. Basically this removes all partitions and creates fresh ones after scanning
<smb> smoser, So if sfdisk really does that ioctl twice when resizing there is really a good chance of failing because some events still may be running
<uvirtbot`> New bug: #928383 in glance (main) "python-glance package contains stuff about API and registry" [High,Invalid] https://launchpad.net/bugs/928383
<hallyn> stgraber: you're not touching ubuntu:lxc this week at all?  (wondering how frequently i should check for updates :)
<stgraber> hallyn: nope, busy fixing the installer this week :)
<hallyn> cool.  then lemme put on my irc blinders and get to work
<stgraber> :)
<smoser> smb, i dont understand how you could have seen that.
<smoser> what was wrong with my test ?
<smoser> very explicitly i saw no output of udev
<smb> smoser, You tried to start the udevd in the foreground with debug, right. Wonder whether that is really the same as logging the events in debug mode...
<smb> smoser, Have you tried with "udevadm control --log-priority=debug" and then looking in /var/log/syslog?
<smoser> i can try that really quick
<smoser> smb, nothing
<smoser> (i only see stuff in /var/log/udev, not /var/log/syslog though)
<smoser> this is precise
<smb> smoser, I am also looking at precise. A cloudimage running on my local xen
<smoser> smb, here, try my instance
<smoser> ubuntu@10.55.60.148
<smoser> smoser, tell me what i'm doing wrong
<smoser> i'm just running 'sudo blockdev --rereadpt /dev/vdb'
<smoser> and expecting to see output in /var/log/udev
<smoser> but there is none
<smb> smoser, There is something else broken. I do not even see any output from the rereadpt... Checking for a partition...
<smoser> smb, hm...
<smoser> well, what is wrong then?
<smb> smoser, not sure right now
<smb> but clearly /proc/partitions has not seen your vdb1
<smoser> smb, if you are correct, then sfdisk without --no-reread is generally broken
<smoser> hm..
<smoser> interesting
<smoser> i fdisk'ed it
<smoser> thats very interesting.
<smb> Normally there should be messages in dmesg like vdb: vdb1
<smoser> thats just a new instance, and then i ran 'fdisk' to put a partition table on it.
<smb> nothing there
<smoser> well, the partition table wasn't ther eon boot
<smb> just like the ioctl somewhere is ignored
<smoser> i added it
<smoser> smb, you can have that instance.
<smoser> i think that is something you should debug
<smoser> as it may be related here.
<smoser> and we should open a bug on sfdisk, as if you're correct, it is broken in its design.
<smoser> smb, in your xen guests, you have a different driver than in canonistack instance
<smb> smoser, hm, ok the ioctl returns 1 not 0 , just need to find out what that means again
<smoser> smb, k. i'll leave you at that for a minute and chase these other 2 cloud-init bugs
<smb> smoser, aye :)
<smoser> utlemming, jamespage Daviey i'm hoping that i'll be able to fix bug 941955 and bug 942695 before beta
<uvirtbot`> Launchpad bug 941955 in cloud-init "util.islxc() method is broken without is-lxc-container" [Medium,Triaged] https://launchpad.net/bugs/941955
<uvirtbot`> Launchpad bug 942695 in cloud-init "cloud-init local data source broken" [Undecided,New] https://launchpad.net/bugs/942695
<smoser> both should be straight forward enough.
<smb> smoser, Harrr! You had the device mounted. So rc 1 mean busy
<smoser> shoot.
<smoser> sorry, smb.
<smb> smoser, Now there are all the missing things :)
<smoser> so sfdisk is simply broken and almost guaranteed to cause races
<smoser> without --no-reread
<smoser> i'll open a bug, and will address in cloud-initramfs-tools
<smb> smoser, It seems so. At least since rereading the partition table actually causes events and lots of things to happen
<smb> Trying to use rereadpt to check for a busy disk is nearly guaranteed to have it busy in some way for some time after that
 * smb thinking whether that could be replaced by an open with O_EXCL
<smb> though that may required an open to all partitions, not only the main block device. But I am not sure
<kklimonda> smb: udevadm settle won't block until after rereadpt is done (and the disk isn't busy anymore)?
<smb> kklimonda, It just ensures that the outstanding requests from a previous rereadpt are finished. Either sfdisk does something like that internally or one would need to use --no-reread and do any initial check before
<smb> udevadm is not particularly related to the disk
<tyska> hi guys, someone already used ldap to auth users on ubuntu with the automount of home directories?
<tyska> i need some advice to do that
<kklimonda> smb: yeah, but it tends to block while it's processing events, and it did help me when sfdisk was complaining that the disk is in use ;)
<kklimonda> (but if sfdisk has a bug then it won't help obviously)
<smb> kklimonda, Yes it does. Just that we found out that sfdisk does the rereadpt twice internally
<smb> Once before doing anything to make sure the disk is not in use and once after changing the partition
<kklimonda> huh, and the second one bails with an error?
<smoser> smb, still around ?
<smb> smoser, yes
<smoser> so:
<smoser> printf "1,,L,*\n" | sudo sfdisk /dev/vdb
<smoser> that should basically guarantee failure at some point, right?
<smb> smoser, not sure I know sfdisk well enough to understand the instructions...
<smoser> well, that just says "add a linux partition the whole disk"
<adam_g> smoser: whats the bug no for that glace/nova AKI issue?
<smoser> and i verify that this does result in val
<smoser> adam_g, none at the moment.
<smoser> it is upgrade related
<smoser> but i am confused on its extent otherwise, as I don't know why my last uploads of lucid failed. but i'm re-trying.
<smoser> (it could have been luser error)
<smoser> smb, , so i see failure like:
<smoser>  for((i=0;i<100;i++)); do printf "1,,L,*\n" | sudo sfdisk /dev/vdb > out 2>&1 || { echo "FAILED: $i"; cat out; break; } ; echo -n .; udevadm settle; done
<smoser> you think that is basically a valid test case, right?
<smb> smoser, Assuming we do not start while something is going on yes
<smb> At least as long internally do_fdisk is called (which is doing the reread check)
<smoser> right.
<smoser> i was looking at code too, its clear it calls it twice
<smb> So yes, that should be a valid case. Now, there could be side-requirement in a way of udev getting reasonably delayed in processing
<smb> Also the blkid and cdrom_id lock the mutex only while the open and close system calls are processed
<smb> smoser, seems to work in failing in testing here
<smoser> work in failing
<smoser> :)
<smoser> nice
<smoser> bug 942788, smb
<uvirtbot`> Launchpad bug 942788 in util-linux "sfdisk without --no-reread is likely to cause race conditions" [Undecided,New] https://launchpad.net/bugs/942788
<smb> smoser, Oh well. :) It can sometimes take a while though. Just had a quite long run
<smoser> yeah, but its quite obviously wrong.
<smoser> thank you for your help, smb.
<smoser> i'm really quite amazed that we never saw this issue until now.
<smoser> that code has been in basically as it is since 10.10.
<smb> smoser, Yes, at least since there is som much dynamic and user-space involved in rereading the partitions. Maybe we just did not notice or shrugged it away as temporary oddity. Or there is slightly more things triggered by udev or the commands run a bit slower or...
<smoser> smb, when we upgraded to precise on canonistack, we upgraded kvm
<smoser> and that changed the timings of disk access in vms
<smoser> that is what made us start seeing it now.
<smb> Trouble with races is that they are racy... :)
<hallyn> can i have faster races in my kernel?
<smb> hallyn, Upgrade your CPU :)
<eagles0513875> hey guys where can one find the url's to the server so i can do a network installation
<SpamapS> eagles0513875: http://cdimage.ubuntu.com/netboot/
<arosales> SpamapS: could you give me the pointer to the release notes bug once more :-/
<eagles0513875> thanks SpamapS
<SpamapS> arosales: https://launchpad.net/ubuntu-release-notes/precise
<arosales> SpamapS: thanks
<SpamapS> one is glad to be of service
<smoser> smb, hallyn has looked for an upgrade, but it seems faster transmeta chips are hard to find.
<hallyn> zing
<smb> :)
<hallyn> keep this up i'll have to take that thing to uds
<Daviey> SpamapS / arosales: Traditionally, we don't start populating ubuntu-release-notes project until further into the cycle.
<tyska> i'm trying to automount home directories of users using this tutorial - https://help.ubuntu.com/community/AutofsLDAP, but i'm having some problems if someone could help me i will appreciate that
<arosales> Daviey: Following up on skaet looking to capture items for release notes as they land (ie per the release notes section in the template @ https://wiki.ubuntu.com/ReleaseTeam/Meeting/Agenda/TeamTemplate)
<Daviey> arosales: ok
<arosales> Daviey: noob question. What is the process to _collect_ release note information? Do we queue requests in the LP branch as we know of items, or is there more of a concerted effort towards release?
<SpamapS> Daviey: I had thought that beta1 was where we started filing those bugs.
<Daviey> SpamapS: Are there items you are sure will not be fixed for release at this stage?
<benji> hallyn: I have an LXC issue that is biting me hard.  Will you take a look at http://paste.ubuntu.com/860883/ for me?
<arosales> Daviey: SpamapS: I guess we should not of significant package updates / new packages that would be good candidates for the release notes at this time, or is that not correct material for release notes?
<hallyn> benji: that's probably bug 942144 ?
<uvirtbot`> Launchpad bug 942144 in lxc "Using bindhome option of ubuntu template conflicts with ubuntu user" [High,Fix committed] https://launchpad.net/bugs/942144
 * benji looks with anticipation.
<hallyn> benji: is buildbot uid 1000?
<hallyn> hm, no
<Daviey> arosales: Well, traditionally it's been in the ramp up to release, we can document stuff which wasn't fixed, that users should know about.
<benji> hallyn: it should be
<hallyn> prolly wouldn't cause a problem there yet
<benji> hallyn: hmm, nope 108
<hallyn> oh, ok.  (i never tested it myself, not 100% sure how it manifeswts)
<Daviey> If there are issues which meet this criteria already, we should be concerned IMO.
<hallyn> benji: that sucks, i dont' see any cause for the failure
<hallyn> benji: you have enough disk space?
<benji> hallyn: we do have an ubuntu user on the host which has uid 1000
<hallyn> yeah but you're not trying to bind that in so that's fine
<benji> Filesystem      Size  Used Avail Use% Mounted on
<benji> /dev/xvda1      8.0G  2.7G  4.9G  36% /
<hallyn> this is on uptodate precise?  wahts' full cmdline?
<arosales> Daviey: agreed, we still have time to fix bugs.  Your thoughts on collecting new package and updated package notes at this time, or better towards release?
<benji> hallyn: it's an EC2 AMI from the 25th or 26th, the full command line is on the first line of the paste
<Daviey> arosales: TechnicalOverview is a rolling document for this, no?
<benji> hallyn: I could try updating the host to see if it would help
<Daviey> arosales: https://wiki.ubuntu.com/PrecisePangolin/TechnicalOverview
<benji> The following packages will be upgraded:
<benji>   libxml2 manpages ubuntu-minimal ubuntu-standard whoopsie
<arosales> Daviey: ah ok, thanks.
 * arosales sees how it fits together now :-)
<benji> hallyn: same result after the upgrade: no discernable error in the output and then "failed to execute template 'ubuntu'"
<roaksoax> no g/me lunch
 * roaksoax lunch
<arosales> I think skaet's template update in the release notes also funnels into there (there = TechnicalOverview)
<adam_g> Daviey: do i subscribe MIR bugs as normal to get them to list on the MIR section of http://status.qa.ubuntu.com/reports/ubuntu-server/release-bugs.html ?
<hallyn> benji: and what is /etc/lxc/local.conf?
<Daviey> adam_g: no, that is based on tags :/
<hallyn> (trying with stock one)
<benji> hallyn: http://paste.ubuntu.com/860910/
<arosales> Daviey: I just need to get updates from folks to update the TechnicalOverview now ;-)
<benji> (yes, for some reason the first line is blank)
<Daviey> arosales: lol, the hard part.
<arosales> Daviey: thanks for the info, and piecing that together for me.
<adam_g> Daviey: ah, okay. well, we should probably add bug #941913 and bug #941916  however thats done
<uvirtbot`> Launchpad bug 941913 in python-babel "[MIR] python-babel" [Undecided,Incomplete] https://launchpad.net/bugs/941913
<uvirtbot`> Launchpad bug 941916 in python-tz "[MIR] python-tz" [Undecided,Incomplete] https://launchpad.net/bugs/941916
<hallyn> benji: try adding '-F' at end of that cmdline
<benji> hallyn: running...
<tyska> I'm trying to configure ldap + autofs to automount home directories of users in ubuntu (auth and mount home) - im trying to follow this tutorial https://help.ubuntu.com/community/AutofsLDAP - but i'm having problems - see this http://pastebin.com/raLeXikz
<tyska> could anyone help me?
<kirkland> hallyn: hey, I'm having some odd behavior within a kvm guest, since I upgraded my host to precise on Friday
<kirkland> hallyn: the load spirals out of control (up to ~40 or so) on a 4xCPU kvm guest
<kirkland> hallyn: i've been running same guest as my dev environment for months on 11.10, no problem
<kirkland> hallyn: problem showed up after i rebooted into precise 3.2 on the host
<kirkland> hallyn: then guest is 11.10
<kirkland> hallyn: ideas?
<hallyn> none
<hallyn> does a fresh oneiric iso run fine?
<hallyn> benji: it occurs to me that 'failed to execute ubuntu template' is a really really bad error msg
<ogra_> arosales, can you please release the lock on the manifest wikipage ?
<arosales> ogra_: just saved my updates
<benji> hallyn: you might be onto something there ;)
<arosales> ogra_:  its all yours
<ogra_> thx
<jacobw> kirkland: what's the current status of ecryptfs support for nss-pam-ldapd/getent?
<adam_g> zul: https://code.launchpad.net/~gandelman-a/nova/libvirt_patch_refresh/+merge/95024  please note comments
<kirkland> jacobw: hmm, none that I know of;  what's the bug number?
<hallyn> kirkland: can you open a bug with full cmdline and details on guest setup and host fs?  i'll try to reproduce.
<kirkland> hallyn: sure;  you havent seen anything like it?
<benji> hallyn: bad news, the -F didn't help; shall I pastebin the output?
<hallyn> i haven't
<hallyn> benji: sure.
<hallyn> benji: and then i'll probably have to ask you to edit lxc-create and lxc-ubuntu template to get more output aobut where it dies
<lifeless> hallyn: you could make that an option
<lifeless> --debug
<zul> adam_g: yeah merged
<jacobw> kirkland: there's bug #293433
<uvirtbot`> Launchpad bug 293433 in ecryptfs-utils "ecryptfs-utils does not work with LDAP/Kerberos users" [Medium,Fix released] https://launchpad.net/bugs/293433
<benji> hallyn: http://paste.ubuntu.com/860931/
<hallyn> lifeless: if it fails i'd like the output to e there regardless.  but yeah
<kirkland> jacobw: that one is fix-released;  is that the same issue you're having?
<jacobw> kirkland: i can see its fixed now :)
<kirkland> jacobw: alrighty :-)  does that help you out?
<jacobw> kirkland: yeah, all i'm trying to do is make ecryptfs volumes for users auth'd by pam_ldap.so
<kirkland> jacobw: hmm, i think that's more of a pam question, than an ecryptfs question
<kirkland> jacobw: pam_ecryptfs.so just has to be in your stack
<hallyn> benji: oh, wait.  this might be due to something i inadvertently fixed in the bzr tree
<kirkland> jacobw: and has to receive your login password to unwrap your wrapped-passphrase
<hallyn> benji: on line 636 of /usr/lib/lxc/templates/lxc-ubuntu,
<hallyn> there is
<hallyn> if [ ! -z $bindhome ]; then
<hallyn> benji: can you change that to "if [ -n "$bindhome" ]; then
<hallyn> (the quotes being hte important part)
<hallyn> of course, that shouldn't be a problem since you *did* specify it...
<benji> ah
<jacobw> kirkland: yeah, since that bug was fixed this is possible
<hallyn> benji: uh. what is the shell for that user?
<hallyn> and, does it have a shadow entry
<benji> hallyn: /bin/sh
<hallyn> i'm pretty sure do_bindhome is dying somehwere (bc it's set -e) where something funk ys going on with that user
<hallyn> does 'getent shadow (user)' return success?
<benji> hallyn: buildbot:*:15398:0:99999:7:::
<hallyn> hm
<hallyn> yo'ure just shooting down all my ideas
<benji> I try.
<benji> hallyn: I put set -x in the ubuntu template, we'll see if that illuminates the failure
<benji> hallyn: aha: http://paste.ubuntu.com/860953/
<hallyn> benji: awesome, thanks
<hallyn> guess 'set -x' would make a good debug mode
<benji> hallyn: I have no idea what would cause that though.  Thoughts?
<benji> I assume it's some thing along the lines of "the user's group is screwed up"
<hallyn> benji: i'm guessing the default grou pfor that user doesn't have an entry in /etc/group?
<benji> hallyn: unfortunately that's not it:
<benji> root@ip-10-72-61-240:/var/lib/juju/units/buildbot-slave-0/charm# grep buildbot /etc/passwd
<benji> buildbot:x:108:65534:BuildBot system user,,,:/var/lib/buildbot:/bin/sh
<benji> root@ip-10-72-61-240:/var/lib/juju/units/buildbot-slave-0/charm# grep 65534 /etc/group
<benji> nogroup:x:65534:
<hallyn> right -1 is 'nobody' for groups, so getent group probably is *supposed* to return error
<hallyn> not sure
<hallyn> anyway, from lxc's point of view, i'll just ignore and proceed in that case, so the container creation shoudl go fine
<benji> hallyn: well, we at least know it's the user that is to blame because I just reran it with "-b root" and it appears to have worked (no error at least)
<hallyn> benji: two lxc bugs should be scrolling by here in a few minutes.  if you want to work around this for now, you can either edit the template to ignore that failure (i can give you a patch), or you can add a buildbot group and set buildbot user's group to that
<benji> hallyn: I'll give hacking the script a shot
<benji> hallyn: your help is much appreciated!
<benji> hallyn: wait, I may be confused: are you saying that there's no need for the "Make sure the group exists in container" block at all?  I should just remove it?
<uvirtbot`> New bug: #942847 in lxc (universe) "add a debug option to lxc-ubuntu template" [Medium,Confirmed] https://launchpad.net/bugs/942847
<uvirtbot`> New bug: #942850 in lxc (universe) "lxc-ubuntu: don't fail if getent group returns error" [Medium,Confirmed] https://launchpad.net/bugs/942850
<hallyn> benji: yeah in your case you should be fine with that code removed
<hallyn> I should think nogroup is always defined in ubuntu systems
<benji> hallyn: thanks, I'll try that
<hallyn> (but, again, since i used 'getent group' and it apparently doesn't like nogroup...)
<benji> hallyn: it worked!
<benji> hallyn: thanks again
<hallyn> benji: np, thank you.  man the # of fixes going up after freeze is getting high :)
<benji> :)
<smoser> adam_g, i just opened bug 942865 with info about my image upload strangeness.
<uvirtbot`> Launchpad bug 942865 in nova "upgrade from diablo leaves existing images with kernel unbootable" [Undecided,New] https://launchpad.net/bugs/942865
<smoser> i think i'm going to try just uploading a new kernel/ramdisk and using the newly generated aki/ari
<soren> Daviey: Random crack of the day: https://code.launchpad.net/~soren/reincarnate/trunk/
<smoser> adam_g, that is some awesome bug.
<smoser> soren, you might enjoy reading that one also
<Daviey> soren: nice.. i'll try that at somepoint
<uvirtbot`> New bug: #942862 in lxc (universe) "lxc-create failure creating a lucid container in a precise host" [Undecided,New] https://launchpad.net/bugs/942862
<philpem> Hi all. I've just had a disc failure on a server, and am taking this opportunity to do a clean Ubuntu 11.10 Server install. Thing is, I need to decide between RAID-1 only, or RAID-1 plus LVM. Why would I want to use LVM and md RAID together? what are the benefits/disadvantages?
<greppy> philpem: depending on how you configure it, you can add disks of different sizes into the raid.  there are advantages to both RAID on LVM and LVM on RAID, it just depends on what you want to accomplish.
<philpem> greppy, well at the moment, the machine is rigged with a single '/' partition on software RAID1, and a swap partition.
<philpem> (also RAID1'd)
<philpem> I'm just wondering if there's any benefit to going LVM, or if I should just stick with the setup I have.
<greppy> philpem: I use LVM to be able to tweak partitions.
<greppy> I build the partitions based on what I think I will need, leaving a large amount of space unallocated.
<greppy> that way if needs change, I can add more space to /home, or to /var or to /usr without having to tear it all down and reinstall.
<RoyK> anyone here ever setup KVM with HA? I have central storage on NFS and want to use three nodes for KVM, moving the VMs when needed
<hallyn> benji: fwiw, it turns out my group handling was just wrong altogether
<benji> hallyn: I'm not good in group settings either.
<hallyn> benji: i was assuming 'getent group $user' would get the user's group entry, but it needs to be given the group's name or #
<RoyK> hallyn: groups user
<RoyK> hallyn: groups $user
<RoyK> dunno if that was what you wanted, though
<benji> hallyn: that's shure what it looks like it does (as long as the group really exists)
<benji> % getent group benji
<benji> benji:x:1000:
<Daviey> jdstrand: Have i missed you?
<jdstrand> Daviey: I am here
<Daviey> jdstrand: so... lynxman looked at ruby1.9 for puppet.
<Daviey> jdstrand: he was less than confident
<jdstrand> that is unfortunate
<Daviey> jdstrand: you got mail.
<roaksoax> zul: so i'm working on the cobbler-web separation and stuff... and I'm wondering if you have any idea of why postinst would not return when it restarts apache, and why would postrm fail because of it?
<jcorneli> Hello: I am having trouble after upgrading my Linode from 11.10 to 12.04
<jcorneli> "Your Linode appears to have stalled mid-boot at around the time that the start up process is handed off to init. It looks like the kernel handed off control to init, as it didn't panic, however it doesn't appear that any further services were started after that."
<jcorneli> "You'll want to contact the Ubuntu community for more information on known issues with 12.04 and virtualized environments."
<jcorneli> This is what the Linode support person told me.
<jcorneli> When I log in via LISH, I just see the log, I don't get a proper console.
<jcorneli> I copied the log here: http://pastebin.com/raw.php?i=4cMh5Gcr
<zul> roaksoax: no idea
<zul> roaksoax: cobbler was a former life :)
<roaksoax> zul: lol, you've never experienced similar issues?
<zul> roaksoax: no i havent
<SpamapS> roaksoax: perhaps apache is blocking on something weird like a fifo/socket ?
<roaksoax> zul: do you think you could take a quick look at it? ppa:andreserl/ppa --> just install cobbler
<SpamapS> roaksoax: since the apache init script doesn't daemonize until after logs are open, its at least feasible.
<zul> roaksoax: i can later probably..
<roaksoax> SpamapS: ah maybe... the weird thing is that it doesn't "fail" on the cobbler-web package
<roaksoax> uhmm interesting it now returned after a while waiting
<SpamapS> roaksoax: perhaps DNS issues
<SpamapS> roaksoax: I think if you configure apache in a certain way it will do a DNS lookup before daemonization too to lookup the servername
<roaksoax> SpamapS: it could mauybe be that
<Azelphur> Is there any way to get rebootless upgrades now ksplice is gone?
<roaksoax> SpamapS: when I manually restart apache2 (while it has hanged the psotinst), then the postinst resumes normally, so do you think it's either something being openned or a resolve?
<SpamapS> roaksoax: hard to say. *hrm*
<roaksoax> SpamapS: does this looks sane to you? http://paste.ubuntu.com/861133/
<smoser> stgraber, around ?
<stgraber> smoser: yep
<smoser> was looking at /etc/init/container-detect.conf
<smoser> and had a question that i thin i resolved
<smoser> you search for a line that tsarts with VxID
<smoser> but you could fail on
<smoser> VxIDABCDEFG
<smoser> and also, just as a fun poke
<smoser> http://uselessuseofcat.com/
<smoser> cat /proc/self/status | grep ^VxID | cut -f2)
<smoser> i think faster:
<smoser> if awk -F: '$1 == "VxID" { if ($2 > 1) x=0; }; END { exit(x); }' x=1 /proc/self/status;
<smoser>   container="vserver"
<smoser> fi
<stgraber> smoser: awk is in /usr, so can't use it
<smoser> well that sucks. :)
<smoser> so is cut, though
<smoser> so, touche!
<stgraber> oh, I didn't know that ... guess I'll have to fix a few scripts then
<smoser> sh -c 'IFS=": "; while read key val; do [ "$key" = "VxID" ] || continue; [ "$val" = "0" ] ; exit; done; exit 1' < /proc/self/status
<Daviey> $ /bin/busybox cut
<Daviey> cut: expected a list of bytes, characters, or fields
<Daviey> i suck.
<smoser> oh yes, you do.
<stgraber> smoser: line=$(grep ^VxID /proc/self/status) ; echo ${line##VxID: }
<Daviey> oh, no - it is a builtin of cut.
<Daviey> err, busybox
<smoser> stgraber, still, you need a :
<stgraber> smoser: indeed
<smoser> ut yeah.
<smoser> but yeah.
<smoser> that would be fine.
<kklimonda> jcorneli: hmm, it seems that initram script finishes, have you tried booting with init=/sbin/init --verbose? Do you use stock ubuntu kernel, or the one provided by linode?
<jcorneli> @kklimonda: I use ubuntu kernel (just upgraded from 11.10 via sudo do-release-upgrade -d )
<jcorneli> how would I set the init=/sbin/init --verbose option you indicated?
<jcorneli> I have access to the filesystem from Linode's "Rescue mode"
<jcorneli> just let me know what file to change and I can give it a whirl
<kklimonda> jcorneli: when I boot my linode from lish I get a full access to grub, I can configure it there
<kklimonda> but you can also edit /etc/default/grub
<jcorneli> @kklimonda: OK I will try that and post results
<jcorneli> @kklimonda: since I can't access the console, I can't run sudo update-grub
<jcorneli> I hope that won't be a problem...
<stgraber> smoser: http://paste.ubuntu.com/861186/ looks good?
<kklimonda> jcorneli: if you can access grub from lish you can change it there
<kklimonda> jcorneli: without update-grub changes you made to /etc/default/grub won't have any effect - you could try editing /boot/grub/grub.cfg directly
<jcorneli> OK
<jcorneli> there is no such file on my system tho
<kklimonda> jcorneli: hmm, right
<kklimonda> it's /boot/grub/menu.lst
<kklimonda> (so I guess my comment about /etc/default/grub also didn't make much sense - I've completely forgotten you end up with grub1 when enabling stock ubuntu kernels on linode vps)
<jcorneli> well, I don't have a /boot/grub/ directory
<Smozius> Hey guys, I'm setting up LVMs, where in the text install menu do I set the PE size for LVMs?
<Smozius> By default its only 4MB I would like it to be 16MB
<jcorneli> so maybe we need to look in a different place
<jcorneli> I can also ask the Linode support guys
<Smozius> It's not the reserve block thats 5% is it?
<kklimonda> jcorneli: huh, are you sure you are not running kernel provided by linode? Do you use pv-grub?
<jcorneli> Not sure - I would have assumed that after several updates, I would now have an Ubuntu kernel
<kklimonda> jcorneli: by default all linodes are deployed with a custom linode kernel that isn't even installed on the system
<kklimonda> jcorneli: when you edit your linode what kernel is set?
<Zermanno> hi, i'm trying to install ubuntu server 10.04.4 on a two-disk raid 1. The install fails to set up grub, any advice?
<Smozius> What do you mean fails to install grubs?
<Smozius> Does it attempt to boot?
<Zermanno> no, during installation procedure it fails to install grub
<Zermanno> after installing all packages
<Smozius> does it ask you where to install grubs?
<Zermanno> yes, it asks me if i want to install to the mbr, i say yes
<simonjj> I've got a problem with vm-builder, is anyone in here that knows this puppy fairly well
<simonjj> hope this isn't OT
<Smozius> Zermanno: After you say yes and it tries to boot, what does it do? Does it sit there with a flashing cursor?
<kklimonda> jcastro: if you don't have pv-grub set there, I'd at least try to change kernel to 3.2.1-linode40, which seems to be the most recent one.
<kklimonda> erm
<kklimonda> jcorneli_: ^
<jcorneli_> hi
<jcorneli_> sorry I was disconnected
<Zermanno> it does not try to boot, after i say yes the blue background become red and said Unable to install grub or something like that, i can't see the screen now
<uvirtbot`> New bug: #942934 in lxc (universe) "update apparmor profile to restrict mounts" [High,Confirmed] https://launchpad.net/bugs/942934
<Smozius> How are your drives hooked up?
<Smozius> Are you using 10.04?
<kklimonda> jcorneli_: check in your VM settings what kernel is set - if it's not pv-grub (I assume it's not) then you are running a kernel provided by linode, I'd try changing it to 3.2.0-linode40 to see if it helps - maybe the one your are booting currently is too old?
<kklimonda> it's a complete guess though
<Zermanno> two 1.5 TB hd, same partitioning scheme each. 1mb free starting, 1 34gb partition with /, 1 34gb swap, 1.4tb for /home
<Zermanno> both first parts are in md0
<Zermanno> both seconds in md1
<Zermanno> thirds in md2
<Smozius> Create an MD for /boot
<Zermanno> 10.04.4
<Smozius> 200-500MB
<jcorneli_> looks like 3.2.1-linode40 (to be precise!)
<smoser> stgraber, i'd tihnk so.
<jcorneli_> @kklimonda: changing to  that
<Smozius> I need to  head to class Zermanno, good luck.
<Zermanno> Smozius, tnx bye
<smoser> stgraber, im in an lxc container
<smoser> i run 'running-in-container'
<smoser> it exits 1
<smoser> hallyn, ^
<smoser> am i doing something wrong ?
<smoser> i just created container with 'lxc-create -c ubuntu'
<smoser> ok.
<smoser> never mind.
<smoser> user-error, except for one thing
<smoser> udo running-in-container
<smoser> lxc
<smoser> $ sudo running-in-container
<smoser> lxc
<smoser> $ running-in-container; echo $?
<smoser> 1
<smoser> so if i'm not root, it says i'm not in a container
<smoser> because i can't run 'status container-detect'
<smoser> bug 942961
<uvirtbot`> Launchpad bug 942961 in upstart "running-in-container exits 1 as non-root even inside a container" [Undecided,New] https://launchpad.net/bugs/942961
<hallyn> smoser: stgraber: ^ note, it works fine if you have dbus installed
<hallyn> besides, it's a security feature :)
<hallyn> maybe we should jsut go based on /run/container_type, no matter what?  run is never persistent...
<hallyn> that, or install dbus in all containers
<smoser> i dont know why not.
<hallyn> why not which?
<smoser> why not /run/container_type
<hallyn> i'll wait for stgraber to chime in though
<SpamapS> you're installing upstart in all containers, but not dbus?
<hallyn> bc i have to ask for it by hand
<hallyn> upstart gets installed automatically, why not dbus?
<jMCg> hallyn: upstart is init, pretty hard to go without init on Unix.
<hallyn> jMCg: agreed.  My point was if SpamapS' comment made sense then mine would as well :)
<hallyn> dbus is the preferred way to talk to upstart
<hallyn> (according to upstart)
<hallyn> and yeah, upstart says if you want non-root to talk to it, you need dbus...
<hallyn> so i just dont' know if anything needs to change
<hallyn> (re bug 942961)
<uvirtbot`> Launchpad bug 942961 in upstart "running-in-container exits 1 as non-root even inside a container" [Undecided,New] https://launchpad.net/bugs/942961
<hallyn> smoser: if you you want higher prio on that bug, pls feel free to raise it.  low was my view of it, but if it blocks something then that changes things
<hallyn> oh, but it should print out an error msg in any case
<smoser> hallyn, and exit somthing other than 1
<smoser> its not blocking anything for me
#ubuntu-server 2012-02-29
<simonjj> anyone here that knows vm-builder?
<adam_g> zul: when are you planning on doing the e4 upload? friday?
<hggdh> Daviey, roaksoax: bug 943000 is hitting the QA lab
<uvirtbot`> Launchpad bug 943000 in cobbler "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Undecided,New] https://launchpad.net/bugs/943000
<twb> Do they have white coats and stuff, or is it all inside a server in a rack
<hallyn> and mice in little cages
<zul> adam_g: yeah
<twb> huge bottle glasses
<jcorneli_> @kklimonda : I updated to the new kernel but the device still isn't booting properly
<adam_g> zul: ok, im close to finishing porting the charms to the new branch. hopefully have CI on that tomorrow, and we should be good to update keystone
<zul> kk
<Canadian1296> I want to set up a VPN server on my server, so I can have a secure tunnel into my network.
<Canadian1296> What package do I need?
<hallyn> smoser: would it be acceptable to you if by default you couldn't run lxc/libvirt inside a container, but some workaround (disabling or changing apparmor profile) would let you?
<hallyn> I'm trying to decide whether it's worth immediately doing separate profiles per container
<hallyn> i'd prefer to punt on per-container profiles to make sure we take the time to do it right...
<hallyn> anyway we can talk about it tomorrow.
<twb> lxc inside a container?  You mean like nested ones?
<hallyn> yeah
<hallyn> nothing stopping it right now, but i'd like to clamp down on cgroups inside containers by default
<twb> Why?
<twb> Just because it'd be confusing?
<hallyn> to stop changes to the devices cgroup setting
<twb> Oh, you can break out of it that way?
<hallyn> well you could give yourself the rights to /dev/sda and write to it
<hallyn> now it's not something that would accidentally happen, and i mainly for 12.04 want to prevent accidental abuse of the host by containers
<hallyn> but still, it's blatant enough...
<twb> Nod
<twb> That's why my containers lack sys_admin cap
<Smozius> Can someone here tell me how to set the PE size for LVMs in Ubuntu server 10.04?
<twb> Do you mean PV ?
<Smozius> No the physical extent size
<Smozius> so I can get LVMs above 256GB
<Smozius> By default its at 4MB
<Smozius> For some reason there is no option in the LVM set up to make it higher
<Canadian1296> I want to set up a VPN server on my server, so I can have a secure tunnel into my network. What package do I need?
<twb> Smozius: um, I have LVs >256G and I haven't touched the extent size
<Smozius> Oh.... well then maybe I don't have to worry about it lol
<twb> Smozius: and I thought the default extent size was *4kiB*
<Smozius> its 4MB on CentOS
<twb> The extent size really only matters if you're trying to avoid write amplification, which is a PITA to do
<Smozius> and 16MB I heard pushes it up to 1TB
<Smozius> ok
<twb> It doesn't hurt to crank it up though
<twb> I think you set it at PV creation time
<twb> Well, it would hurt if you set it to 1G and you then wanted a 128M LV
<Spanky> My LVM is 4mb extents and I have 3TB volume....
<twb> You can obviously only create LVs in exact multiples of the extent size
<twb> Bigger extents might also mean higher data:metadata ratio, I don't know
<Canadian1296> How would I set up an IRC server? Preferably with NickServ and ChanServ
<twb> apt-get install ircd-irc2
<twb> Dunno about nickserv/chanserv
<Canadian1296> twb: Alright
<twb> There are several ircds, irc2 is the simplest and easiest
<twb> I use it for my in-office IRC
<Canadian1296> twb: Okay, so without nickserv and chanserv, I'll get a basic irc that anyone can join and speak in? Can I configure channels and accounts and stuff without chan and nick serb?
<Canadian1296> **serv
<twb> NFI
<twb> basic irc you just join channels to create them
<twb> I never cared about anything fancier
<twb> #freenode can probably direct you to detailed irc server info
<onre> dunno about modern irc servers but even original ircd had users and passwords, if that's good enough
<Canadian1296> twb: Alright I'll ask there about nickserv. Thanks for your help :)
<Canadian1296> onre: All I need is a simple irc server, I just want to allow users to register their nicknames ( on here it's /msg NickServ etc etc, but idk how to do it without nickserv
<Smozius> Where is the binary file for apache2 installed at in ubuntu server? I cannot find it in /usr/sbin/....
<Smozius> Also did a find / -name httpd* and didn't come with any binary files
<twb> It'll be called apache not httpd
<twb> Since when apache httpd existed, it was the only *apache* product but not the only *httpd*
<Smozius> Ah okay, found it
<Smozius> i assume its /etc/init.d/apache2?
<twb> uh, that's not a binary
<twb> I guess you aren't familiar with System V
<Smozius> Nope
<Smozius> So then its /usr/sbin/apache2
<twb> Looks like it
<twb> Here is how you work it out: http://paste.debian.net/158008/
<uvirtbot`> New bug: #943088 in nagios3 (main) "package nagios3-cgi 3.2.3-1ubuntu1.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/943088
<Smozius> twb: Is /usr/sbin/httpd a deprecated apache2 version or a fork of apache?
<twb> NFI
<twb> It doesn't exist on my system.
<twb> In fact, it isn't provided by and package in Ubuntu.
<davepigott> jamespage: ping
<Daviey> a
<smb> b
<lynxman> c
<Daviey> harh
<lynxman> Daviey: ping
<Daviey> lynxman: pong
<lynxman> Daviey: early morning sir :)
<lynxman> Daviey: was wondering, I have puppet 2.7.11 packaged, would it be any help?
<Daviey> lynxman: i would think so! :)
<lynxman> Daviey: cool, let me make it pretty and presentable then and I'll submit a merge request this morning
<jamespage> davepigott, pong
<jamespage> morning all
<davepigott> jamespage: Hi. :)
<davepigott> jamespage: Just wondering. Do I need to enable vlan on the public network switch as well as the private?
<jamespage> davepigott, I don't think so
<davepigott> jamespage: OK. Well, as I said, I can now ping my instances (there's a phrase I never expected to say!) but when I try to ssh I get connection refused
<davepigott> jamespage: Unless it's on cloud01
<davepigott> jamespage: I opened ssh on the switch as well (it was off as well)
<jamespage> davepigott, where are you ssh'ing from? cloud01?
<davepigott> jamespage: No. From a client machine
<lynxman> jamespage: morning! I'll be introducing you today to your new disciple ;)
<jamespage> lynxman, w00t
<jamespage> davepigott, hmm
<davepigott> jamespage: Frustrating, isn't it.
<kai> hm, I don't get it.. lxc really is acting weird and unpredictable :/
<davepigott> jamespage: I've come this far, I'm 95% there. I really want to make the vlan solution work. I'm suspecting a switch config again, but I may be wrong
<jamespage> davepigott, you might be but if you are accessing the instance through its public IP address I don't think that should matter
<davepigott> jamespage: And it's obviously talking to the instance, because it's "connection refused" not "host unreachable" or something like that
<jamespage> davepigott, thats useful
<kai> davepigott: ssh is running and you're not blocked by a firewall config or denyhosts or something like that?
<jamespage> davepigott: can you grab the console output from one of the failing instances for me
<davepigott> kai - ssh is running, not sure about denyhosts, and we're all on the same lan, no firewall
<davepigott> jamespage: Will do. One moment
<davepigott> jamespage: First of all, here's an output from ssh -v -v -v: http://pastebin.ubuntu.com/861673/
<kai> davepigott: if you didn;t install denyhosts, you should be fine
<Daviey> davepigott: is this a cloud instance you are trying to connect to?
 * Daviey has missed context.
<davepigott> Daviey: Yep
<Daviey> davepigott: Well, it seems you are either: Using the wrong key, the instance has no key, or the key failed to get set
<jamespage> davepigott, it might be that the instance can grab stuff from nova-api (metadata) on anywhere other than cloud01
<jamespage> console should tell us
<Daviey> davepigott: can you euca-get-console-output i- ?
<davepigott> Daviey: I can connect to an instance running on the "controller" node - i.e. one running all nova/glance/swift - but not one running on a nova-compte/network node. Just getting outputâ¦.
<Daviey> O_o
<Daviey> lets see the console log..
<davepigott> Daviey: jamespage http://pastebin.ubuntu.com/861675/
<Daviey> ahhh
<davepigott> Ahhh? Please tell me it's simple. :)
<Daviey> davepigott: so, you are SURE you can ssh to it from the controller node?
<jamespage> davepigott, that looks to be the issue
<davepigott> Daviey: No, I ssh to an instance on the controller node from a client, but if I ssh onto an instance that's on another node I can't
<Daviey> ih
<Daviey> oh
<jamespage> davepigott, I suspect that if you grab the console log from one running on cloud01 it should be OK
<Daviey> davepigott: Well i'm guessing it's SNAT'd traffic.
<davepigott> jamespage: Yes, it is. I've done it.
<davepigott> SNAT'd?
<davepigott> Daviey: ^
<jamespage> davepigott, I suspect that your configuration for the nova-api server might be borked on the other nodes
<jamespage> davepigott, you are running nova-api on all nodes right?
<davepigott> jamespage: According to all the documentation I've read you only run nova-api on the controller, but yes, I am
<Daviey> davepigott: Can you comment what the  --ec2_dmz_host  on compute node is
<Daviey> ?
<davepigott> Daviey: Yeah, one moment
<davepigott> Daviey: In nova.conf?
<davepigott> Daviey: If so, it's not set
<Daviey> hmm
<davepigott> Hmmm. Nor is ec2_api
<davepigott> Daviey: My nova.conf file (same on all nodes) http://pastebin.ubuntu.com/861681/
<Daviey> davepigott: is ec2_host?
<davepigott> Daviey: nope
<Daviey> davepigott: try adding: --ec2_host=192.168.1.14
<Daviey> --ec2_dmz_host=192.168.1.14
<Daviey> --ec2_url=http://192.168.1.14:8773/services/Cloud
<davepigott> Daviey: OK. And then restart compute and network?
<jamespage> davepigott, yes
<davepigott> jamespage: Daviey: Are you sure nova-api should be running on *all* nodes? All the documentation says not
<jamespage> davepigott, I think you can OR you can run it in one location - but for the life of me I can't remember the rationale
<Daviey> davepigott: You can do either.  WE tend to recommend running it on each node because nova-api doesn't scale well.
<jamespage> I think that nova-api provides the metadata service - so having it on all nodes scales better
<jamespage> ah- like Daviey said :-)
<davepigott> But the nova.conf points at the one node as being nova-api
<davepigott> So are the others redundant?
<Daviey> davepigott: Hmm, lets just see if that setting works.. if it does, lets change it to point the the local ip address.
<davepigott> Daviey: ok
<jamespage> biab
<kai> right, too much magic...
 * kai just figured out part of his lxc trouble :)
<kai> now let's wait through the bootstrap
<davepigott> Daviey: jamespage: "ssh: connect to host 192.168.1.59 port 22: Connection refused" :(
<jamespage> davepigott, please check the console log again
<davepigott> jamespage: http://pastebin.ubuntu.com/861711/
<jamespage> davepigott, hmmm
 * jamespage scratches his head
<davepigott> jamespage: Join the club.
<kai> davepigott: tried a sniffer to see if the packets get to the server?
<davepigott> kai: No. Actually, the packets are obviously getting to the instance, because pings are working, and if I do an ssh -v -v -v I can see that the instance is responding, it's just refusing the connection
<davepigott> kai: And when the boot up happens, the instance doesn't appear to have a connection to the outside world.
<jamespage> davepigott, I'm pretty sure the issue is on startup - the instance does not initialise properly so you won't ever be able to get to it
<jamespage> its the link between nova-compute/nova-api for ec2 metadata thats causing the issue
<davepigott> jamespage: So why is it starting up badly on the compute nodes?
<jamespage> let me take a look in the test lab charms to see if anything is missing
<davepigott> jamespage: OK. Thanks
<Daviey> davepigott: you might need to put the bridge in promiscuous mode..
<davepigott> Daviey: Hmm. Uh, and how do I do that?
<Daviey> davepigott: sudo ip link set dev br100 promisc on
<davepigott> On all nodes?
<Daviey> davepigott: well, if it were me.. i'd be experimenting with one compute node to start with :)
<davepigott> Daviey: Ah. Good point. :)
<jamespage> davepigott, the only flag we set during testing is --ec2_dmz_host
<davepigott> jamespage: Which I have set
<jamespage> davepigott, whats in /var/log/nova/nova-api.log on the failing nodes?
<davepigott> jamespage: http://pastebin.ubuntu.com/861735/
<davepigott> jamespage: But since nothing references nova-api on the other nodes, it won't make a huge amount of difference
<jamespage> davepigott, OK - so I'll paste the config from our functional lab - it might help
<jamespage> Compute nodes - http://paste.ubuntu.com/861749/
<davepigott> jamespage: So compute nodes are different from the main one?
<davepigott> jamespage: In terms of nova.conf I mean
<jamespage> davepigott, and the cloud controller - http://paste.ubuntu.com/861752/
<jamespage> davepigott, yes they are
<davepigott> jamespage: OK. Let me do a little comparison work. Thanks!
<jamespage> please note that this config is for essex on precise so there will be quite alot different I suspect
<davepigott> jamespage: Yep. Noted
<linocisco> hi
<lynxman> jamespage: ping
<jamespage> lynxman, pong
<lynxman> jamespage: would like to introduce you to bbcmicrocomputer
<jamespage> lynxman, sure
<lynxman> bbcmicrocomputer: jamespage is our java expert (author of http://javacruft.wordpress.com/)
<lynxman> jamespage: feel introduced :)
<jamespage> lynxman, ta
<jamespage> hey bbcmicrocomputer
<bbcmicrocomputer> jamespage, Hi, nice to meet you
 * jamespage shakes hands
<jamespage> bbcmicrocomputer, so lynxman tells me that you have a strong Java background?
<Daviey> davepigott: so, on the other nodes.. did you set it to use ec2* from the compute ip address?
<davepigott> Daviey: No. ec2* looks to the main server
<Daviey> davepigott: make it = the compute node.. see how that works out
<Daviey> (providing you have nova-api running!)
<davepigott> Daviey: Yeah, I do. OK
<bbcmicrocomputer> jamespage, yeah, although I keep it silent
<davepigott> Daviey: Nope. Same deal. Can ping but not ssh
<Daviey> davepigott: it's the euca-console-log which is more useful tbh
<davepigott> Daviey: OK
<davepigott> Daviey: One moment
<davepigott> Daviey: http://pastebin.ubuntu.com/861801/
<Daviey> well that makes no sense
<Daviey> davepigott: on the compute node, can you $ echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
<davepigott> Daviey: Sorry - got a phone call. It gives me "1"
<uvirtbot`> New bug: #943208 in sysstat (main) "package sysstat 10.0.3-1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/943208
<eutheria> i want to setup remote logging for my applications, would rsyslogd be up to the task?
<TeTeT> eutheria: guess it depends what logging mechanism the applications use, but basically yes, rsyslogd can be used for remote logging
<TeTeT> eutheria: there's a whitepaper on rsyslog at http://www.canonical.com/about-canonical/resources/white-papers
<eutheria> i was going to use python's logging module
<iclebyte> what are you guys using to analyse your logs ?
<Daviey> davepigott: sorry, that enabled ip routing... see if that makes a difference.
<davepigott> Daviey: Oh! OK. One moment
<zul> morning
<lynxman> zul: morning!
<zul> hey lynxman
<tgardner> smoser, I'm researching bug #943119 which led me to your bug #903897. what is your use case for aufs ?
<uvirtbot`> Launchpad bug 943119 in linux "aufs.ko missing from the Precise kernels" [Undecided,Confirmed] https://launchpad.net/bugs/943119
<uvirtbot`> Launchpad bug 903897 in linux "-virtual kernel missing modules" [High,Fix released] https://launchpad.net/bugs/903897
<smoser> tgardner, i have no specific use case for aufs.
<tgardner> smoser, you complained that it would break scripts that expect aufs.
<smoser> i do think that Bogdan (opener of that bug) is probably not going to be alone
<smoser> of course it will break things that use aufs.
<smoser> it deleted a kernel function
<tgardner> do you why overlayfs is inadequate?
<tgardner> know why*
<smoser> i completely understand you not wanting to support something that is not in mainline especially when there is a solution that is .
<smoser> i suspect that its only inadequacy is that it has different interface to it.
<tgardner> smoser, overlayfs is not mainline either, though its more likely to get that way then aufs
<smoser> and things have been built (like this NAS that the guy mentioned) to use aufs.
<davepigott> Daviey: No. Didn't make a difference. :(
<smoser> tgardner, i suspect there will be more complains about it missing.
<smoser> but i completely understand your position
<smoser> and would probably make the same decision myself
<tgardner> smoser, well, it turns out overlayfs doesn't do inotify correctly. things like 'tail -f' don't work. which is why I'm reexamining aufs
<smoser> ah. well inotify is pretty important.
<tgardner> indeed
<smoser> tgardner, sorry i couldn't be more help.
<tgardner> smoser, however, I'd be better armed with information if I had some specific cases where overlayfs is insufficient, and for which aufs solves the problem. apw is likely to fix the inotify bug, but I'd like to know what else is missing.
<smoser> my guess is if you wait, others will tell you :)
<tgardner> smoser, well, by then its a bit late
<smoser> yeah.
<smoser> maybe ask on ubuntu-devel ?
<smoser> its at least a wider audience.
<smoser> but nothing compared to the onslaught that we'll see soon.
<tgardner> yeah, I guess thats a good place.
<smoser> tgardner, you could cross post to ubuntu-cloud
<smoser> or server
<smoser> cloud might expose some use cases specifically
<tgardner> smoser, I needed more email in my inbox
<smoser> exactly.
<hallyn> tgardner: gary_poster: ^ if tail -f doesn't work in overlayfs, that's gonna suck for the ephemeral containers whose rootfs is based on overlayfs
<hallyn> (i'm surprised it hasn't shown up more, in fact, if it's that blatant)
<tgardner> hallyn, it seems to be.. Andy is working on it, but he says the patches are pretty ugly.
<hallyn> overlayfs was *so* clean before it actually needed to do things like LSM an inotify
<tgardner> yeah.
<hallyn> maybe it's time to take yet another look at valerie's mount stuff
<tgardner> hallyn, unionfs is a ginormous patch set, and I don't think its fully coked yet
<tgardner> cooked*
<hallyn> it's been years since i looked at it
<hallyn> but i did understand why overlayfs was so seductive
<hallyn> (maybe still is - i
<hallyn> i'll have to look at apw's patchset :)
<tgardner> its much simpler. it at least works for the live CD use case
<hallyn> stgraber: jjohansen: i think i'm going to add a 'lxc.lsmdomain' or somesuch config variable to do simplest possible per-container apparmor policies for now
<hallyn> if not specified, it'll choose a default, ncie and tight one
<hallyn> ubuntu templatse well generate per-container ones to customize cgroup controls
<hallyn> (cgroups are the main reason i feel i need to do this)
<hallyn> (would love for someone to say i shouldn't worry about that :)
<gary_poster> hallyn, I don't have the scrollback; lemme see if I can find the online log, assuming there is one
<gary_poster> http://irclogs.ubuntu.com/2012/02/29/%23ubuntu-server.txt doesn't show this yet
<hallyn> gary_poster: sorry, just that overlayfs apparently doesn't support inotify, and tail -f doesn't work
<hallyn> gary_poster: tgardner was looking for aufs use cases
<hallyn> gary_poster: and I would have thought if tail -f didn't work in ephemeral containers, that would've bothered you by now :)
<tgardner> hallyn, Leann is gonna send out an information request on ubuntu-devel.
<hallyn> ok
<SockPants> hi all
<SockPants> i've attempted to install a gui on my server, but messed it up and i'd rather remove everything now. so, which packages do i remove to remove both gnome and unity completely?
<Daviey> lynxman: How is that puppet branch progressing?
<Daviey> :)
<lynxman> Daviey: just messaged you in another channel ;)
<lynxman> Daviey: all ready for review!
<lynxman> Daviey: https://code.launchpad.net/~lynxman/ubuntu/precise/puppet/newupstream/+merge/95185
<Daviey> lynxman: rocking
<lynxman> Daviey: tested it and its working (on my servers)
<lynxman> Daviey: did I tell you I'm running oneiric in prod? :)
<Daviey> lynxman: No.. :)
<Adri2000> zul: hi, what's the status of keystone for precise? I've seen MIR bugs and keystone light mentioned but no recent comments
<zul> Adri2000: should be uploaded this week
<Adri2000> keystone or keystone light? (actually I don't even know what's the status of this upstream). and it's going to main?
<zul> keystone light has already been merged into keystone so it really doesnt matter at this point :)
<gary_poster> hallyn, sorry, been having Precise issues on my desktop.  We only run our test command in overlayfs.  It is surprising that that limitation has not bitten us; it may be because we've been using a single subset of the tests to get everything else set up.  Maybe not wise.  We should hopefully have a full test run this week to examine.
<Adri2000> zul: ok, didn't know that, thanks :)
<gary_poster> maybe it would not bite us even in the entire test suite, but that does seem unlikely, given how much launchpad does and tests
<hallyn> yeah
<gary_poster> so, we know aufs works/worked
<gary_poster> certainly it would be nice to have that as an option.  Since the inotify issue is already slated to be addressed that's promising, but I'll plan to have full test run results to look at the overlayfs situation
<gary_poster> this week
<hallyn> i think enabling aufs is a lot more work than justified by "it would be nice"  :)
<hallyn> gary_poster: tgardner said an email will go to ubuntu-server asking for use cases
<tgardner> hallyn, actually, we've been keeping up with aufs updates, but haven't tested it much.
<hallyn> oh, ok, i figured it was a whole new porting effort
<hallyn> though i recall bad bugs even in maverick
<tgardner> hallyn, yep, bad bugs are my concern as well as soon as aufs sees any usage
<hallyn> gah.  laptop froze AGAIN.
<hallyn> i'm starting to think vim is causing it
<lynxman> hallyn: vim is evil ;)
<ogra_> yeah, better use oowriter !
 * benji performs the sign of vim and kisses his vim necklace.
<hallyn> vim is probably jsut too heavyweight.  back to ed
<hallyn> that's not a bad idea
<hallyn> rest of the day, i'm using ed!
<hallyn> unfortunately, unlike yesterday, the pic i took with my phone of my screen isn't as clear so it's hard to retype
<lynxman> hallyn: just use xxd like real men do
<hallyn> xxd?
<hallyn> oh
<lynxman> hallyn: :)
<zul> xxd = porn lite
<hallyn> lol
<hallyn> i'm just not sure i need hex for my emails...
<hallyn> or porn
<hallyn> my recipients might disagree i guess
<lynxman> hallyn: I'm sure they'll be glad to hex translate your emails
<hallyn> my content is worth it!
<hallyn> all right, back to it.  <squints at pic on phone>
<hallyn> (also playing some metal in case the laptop just got groggy adn fell asleep)
<zul> hallyn: ooh what metal?
<smoser> adam_g, i just updated bug https://bugs.launchpad.net/nova/+bug/942865
<uvirtbot`> Launchpad bug 942865 in nova "upgrade from diablo leaves existing images with kernel unbootable" [Undecided,New]
<smoser> it seems like generically, you can't make an ec2 published image public if it has a kernel and ramdisk.
<smoser> so, rbasak until we get that fixed, i can't make public lucid images.
<hallyn> zul: right now volbeat, for some lighter fare
<zul> hallyn: never heard of them
<hallyn> might have to switch tos omething heavier, laptop is dozing
<zul> lol
<zul> laptop or hallyn is dozing
<hallyn> zul: you don't care about non-libvirt lxc right?
<zul> hallyn: i dont
<hallyn> k
<Adri2000> zul: if you're going to upload python-keystoneclient, can I give you bug #934064 ?
<uvirtbot`> Launchpad bug 934064 in python-keystoneclient "Installing openstack-dashboard on Precise removes Keystone package" [High,Confirmed] https://launchpad.net/bugs/934064
<zul> Adri2000: yes that will be fixed when the new keystone is uploaded
<Adri2000> bug assigned :)
<diogo_79> hi guys
<diogo_79> what can i use for newsletter management in ubuntu server?
<rbasak> diogo_79: do you know about mailchimp et al? They're web services, not ubuntu server. But sending out email newsletters is a complicated fast moving game, due to kickback from spam filters and suchlike. It may be easiest to use such a service. For a simple mailing list manager, you could use mailman which is packaged on ubuntu server I believe
<jcastro> jamespage: scale of 1 to 10 how complete do you consider the hbase charm?
<jamespage> jcastro, hmm - about 7 ATM
<jamespage> working on it ATM
<jamespage> it currently broken :-(
<jcastro> don't need it now, just wondering if when people ask about our hbase story I can say "we're on it."
<jamespage> jcastro, quack quack oops - it would help if it was actually pointing at HDFS
 * jamespage faceplants
<jamespage> jcastro, we are definately on it
<hggdh> Daviey: ping
<smoser> jamespage, still around ?
<smoser> https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/precise-server-ec2/4/
<adam_g> zul: did you already merge the debian stuff into the CI packaging branches?
<smoser> the two red dots failed similarly. the instance failed to start.
<zul> adam_g: yeah did it this morning
<adam_g> zul: er
<adam_g> zul: [ERROR] Failed charm: nova-compute, state: install_error
<zul> adam_g:meaning....?
<smoser> the one thing i don't undertsand though is https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/precise-server-ec2/4/ARCH=i386,REGION=ap-northeast-1,STORAGE=ebs,TEST=all-types,label=ubuntu-server-ec2-testing/console
<smoser> that has 'failed to copy' for cloud-init-output.log
<hggdh> Daviey: bug 943000
<uvirtbot`> Launchpad bug 943000 in cobbler "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Confirmed] https://launchpad.net/bugs/943000
<Daviey> hggdh: hola
<Daviey> nicceee
<hggdh> Daviey: I hope you are doing good, sir, and sorry to dump yet another one on you
<adam_g> zul: meaning nova-compute had some problem installing. looking at logs now
<adam_g> zul: http://paste.ubuntu.com/862208/
<adam_g> zul: it looks like installing nova-compute-kvm didn't install nova-compute, and there was no upstart job
<zul> adam_g: k ill have another look
<adam_g> zul: installing nova-compute manually seems to have gotten it started, but i havent looked any closer
<zul> adam_g: http://paste.ubuntu.com/862214/
<zul> does the juju charms just go apt-get install nova-compute-kvm?
<hallyn> drat, hard kernel crash while doing nested kvm
<jamespage> smoser: thats OK - its the collect_data script trying to grab everything - but for that test cloud-init is not used I think
<jMCg>   * Starting Userspace bootsplash                                         [ OK ]
<jMCg> How do I get rid of that? I'm pretty and sure my servers won't need that.
<adam_g> zul: yes
<adam_g> zul: or potentially any of the other nova-compute-$flavor types
<zul> adam_g: ack
<smoser> jamespage, ah. yeah, i just noticed that
<jamespage> smoser: looks like it failed to reboot for some reason - where both failures the same?
<smoser> jamespage, are there logs available more verbose than console ?
<jamespage> smoser: the build artifacts for that job should have more info - but for some reason the terminated console has nothing in it
<jamespage> same with the other
<smoser> right.
<smoser> as in it dididn't start
<jamespage> the stopped log is OK
<jamespage> but it looks like those instances never started again
<zul> adam_g: what machine that nova-compute failed on?
<smoser> right.
<uvirtbot`> New bug: #941922 in puppet (main) "do-release-upgrade races puppet for file contents" [Undecided,New] https://launchpad.net/bugs/941922
<smoser> yeah, so it basically looks like they stopped but never started.
<smoser> but i can't see any thing more than that.
<smoser> ie, i dont knwo if test harness tried to start once, that call failed for some transient reason, and then it never tried again
<adam_g> zul: test-03
<smoser> although, i guess that the self.instance.connection.start_instances would have raised an error if it fialed for some reason
<zul> adam_g: i see alot of connection rejected from rabbitmq in nova-network
<smoser> so, jamespage i can only think that there is a failure in the test case, but i have very little information to go on.
<zul> adam_g: its not obvious to me what would go wrong
<adam_g> zul: it looks like none of the nova-compute-$flavors have a dependency on nova-compute any more
<zul> adam_g: thats what i thought
<zul> adam_g: ill fix that up tout suite
<adam_g> zul: which i imagine they actually need considering all of the dependencies of nova-compute (iscsi, kpartx, etc)
<zul> adam_g: do you want to fix that or do you want to fix it
<adam_g> zul: what is the solution, just add nova-compute as a Depends of all of the nova-compute-$flavors?
<zul> adam_g: yes
<adam_g> zul: whats the point of nova-compute-hypervisor? and shouldn't it (and nova-compute-kvm) be dropped from nova-compute Depends?
<zul> adam_g: im not sure i think its a meta-package type deal i think it can be dropped because no one uses it i think
<adam_g> mm
<savid> I'm curious, how does one typically avoid downtime due to automated disk checks?  eg, "/dev/sda1 has gone 345 days without being checked, check forced"   Do most sysadmins just see that as a "fact of life"?
<patdk-lap> savid, just don't use *ext?*
<savid> patdk-lap, heh, well I'm using cloud servers (rackspace), so I don't think I have much of a choice there.  besides, are there better alternatives to ext*?
<patdk-lap> heh, I've gone all vm's
<patdk-lap> but none of my *server* has more than 4gigs of disk formatted ext4
<patdk-lap> so check times are only a min or two
<patdk-lap> my last system, I'm moving over to zfs, has 58Million files in <300gigs of space
<patdk-lap> that took a day to fsck
<savid> what fs do you use for your vm's?
<adam_g> zul: i believe  e4 marks the opening of the folsom branch, so we'll need to adjust our scripts to pull from the essex branch instead of master? or we'll need to come up with a way of testing both
<patdk-lap> ext4
<savid> I see, so you just keep each instance small so that fsck's are short
<zul> adam_g: i havent thought that far yet do we care about the folsom branch right now? if we dont we can open up the bzr branches for folsom and then stick everything in a ppa and continue on with essex for now
<zul> right now i dont care about folsom imho
<adam_g> zul: since we dont need to mess with switching ubuntu releases between essex + folsom, i think it'd be easy enough to test post-commit, if we had seperate local dpkg repos for each release. we need to also remember to use the essex branch instead of master when doing the upload on friday
<adam_g> zul: at least i *think* the branches split today, i could be making that up
<zul> adam_g: agreed
<zul> ill have to find out from mtaylor how they are going to do the tarballs
<zul> and ask ttx some questions
<zul> adam_g: im thinking lp:~u-s-d/$proj/essex will branch lp:~u-s-d/$proj/folsom and any fixes in essex can be merged into folsom but im not sure how to handle the tarballs yet
<kwolf> Looking for some assistance with SOLR and NUTCH with 11.10...  Anyone with some experience?
<zul> (ie weekly snapshot)
<uvirtbot`> New bug: #943502 in whois (main) "whois doesn't properly query .hr/.sx/.pe TLDs and incorrect format for whois.arin.net" [Undecided,New] https://launchpad.net/bugs/943502
<adam_g> zul: ping
<zul> adam_g: yo
<adam_g> zul: all this xcp stuff needs to go
<adam_g> its all universe
<zul> adam_g: huh?
<zul> adam_g: yeah the binaries can go into universe
<zul> adam_g: dont worry about it
<esuave> anyone know of a good server monitoring tool to use with ubuntu? shows server load etc.. something besides top
<adam_g> zul: what do you mean?
<PrinceKapHot> Hi there ! I'm having trouble with postgresql, I can connect to 127.0.0.1 but not the local IP address of the server. I think postgresql is configured correctly for remote connections, but are there other things I need to configure in Ubuntu ?
<adam_g> zul: nova-compute-xcp depends on python-xapi. nova-compute-xcp goes into universe?
<esuave> PrinceKapHot: make sure you are listening for incoming connections on the outside
<zul> adam_g: source have to be in main but binaries can be either in main or universe
<zul> adam_g: correct
<adam_g> zul: oh, okay
<PrinceKapHot> esuave : I followed guides to configure postgresql so it does that, but is there a way to check it is listening correctly ? I don't know many commands in Ubuntu...
<esuave> PrinceKapHot: netstat -an |grep LISTEN.. look for the port its listening on.
<esuave> PrinceKapHot: port 5432 should be default.. you will see something like 0.0.0.0:5432
<PrinceKapHot> esuave : there is 127.0.0.1:5432, and ::1:5432, nothing else for this port. I guess it's not listening correctly on the right addresses then ?
<esuave> PrinceKapHot: right. its only listening locally
<PrinceKapHot> esuave: okay thanks. I'll check my postgresql configuration then (again !)
<esuave> PrinceKapHot: exactly. check in postgresql.conf there should be a listen_address somewhere in there
<PrinceKapHot> esuave: well, I already put that to '*', and restarted the server, but it doesn't seem to be working even though the documentation says it's an option
<PrinceKapHot> esuave : all right my mistake : after opening the file for the hundreth time I just noticed the line was commented out...
<esuave> PrinceKapHot: :P. nice!
<adam_g> zul: https://code.launchpad.net/~gandelman-a/nova/debian-merge/+merge/95253
<zul> adam_g: cool ill merge that into debian-merge and then merge into the essex branch
<PrinceKapHot> esuave: still not working... But now I'm getting the 0.0.0.0:5432 in netstat at least
<esuave> PrinceKapHot: do you have IP tables running?
<esuave> PrinceKapHot: sudo iptables -L
<PrinceKapHot> esuave: "command not found", I thought this might be the problem at first, so I installed it, added some rules, then removed the rules and removed it.
<esuave> PrinceKapHot: try to telnet to the machine on that port..: telnet <serverIP> <port>
<PrinceKapHot> esuave: I'm currently on windows, I have a bunch of videos to convert. I tried it with putty, but I'm getting "connexion refused", things like that. I'll reboot under Ubuntu, the command line sucks in Windows
<PrinceKapHot> esuave: so, I'm getting "Connection refused" from telnet
<esuave> PrinceKapHot: ok so theres something external from your server that is dropping the connection to that port
<esuave> PrinceKapHot: do you have any kind of firewall in front of it? or router?
<PrinceKapHot> esuave: The server is in a server room, and the administrators listed me the authorized connections, and postgres on 5432 was one of those
<esuave> PrinceKapHot: well tell them admins that your listening on port 5432.. but the connection is getting dropped before it hits the server.
<esuave> PrinceKapHot: otherwise if you do : netstat -an |grep 5432 and see it listening on 0.0.0.0:5432.. your set up to listen for external connections
<PrinceKapHot> esuave: right... But couldn't the server be dropping the connection because of some settings ?
<esuave> PrinceKapHot: well you said there were no iptables running.. do you have any other software firewall running on the server?
<PrinceKapHot> esuave: I don't think so... But there could be problems in the allowed connections in pg_hba.conf
<esuave> PrinceKapHot: that is also possible
<esuave> PrinceKapHot: but i would think you would still be able to telnet to that port if it were opened and listening
<PrinceKapHot> esuave: right, and get an error message or something. I'll ask the server room administrators tomorrow, thanks !
<esuave> PrinceKapHot: sure np!
<PrinceKapHot> esuave: and maybe ask on #postgresql too, they might have more information (even though you helped a lot already)
<esuave> PrinceKapHot: yes! that would be a good place to ask more :)
<RoyK> hi all. I'm testing a two-node setup with kvm on ubuntu lucid (10.04.4LTS-64) and it works well, migrating VMs between the nodes is easy and so on. But - a few things: Starting a VM on node #2 doesn't seem to work until the VM has been migrated there and out again, and even worse, there doesn't seem to be a check for if a VM is running somewhere else, meaning if I start VM xyz on node A and then on node B, it runs happily unaware of that it's sharing its 
<adam_g> zul: can you hit this one quick, it feel thru the cracks: https://code.launchpad.net/~gandelman-a/nova/py-iso8601/+merge/95255
<zul> adam_g: done
<zul> adam_g: thank you for your contribution to ubuntu ;)
<roaksoax> lol
<adam_g> zul: <3
<RoyK> am I doing something wrong here, or is the repo fscked?
<RoyK> root@xenamd10:~# add-apt-repository ppa:sanlock
<RoyK> Error: can't find signing_key_fingerprint at https://launchpad.net/api/1.0/~sanlock/+archive/ppa
<guntbert> RoyK: you are defintely doing something wrong - but that has no bearing on your key issue  ("root@xenamd10"  :-))
<soren> RoyK: Yes.
<RoyK> guntbert: what should be wrong about that?
<soren> RoyK: There's no such user.
<RoyK> erm. ok :P
<soren> RoyK: https://launchpad.net/~sanlock
<soren> see for yourself.
 * RoyK fetches the sanlock source
 * SpamapS would love to see some testing of the b1 candidate .. http://iso.qa.ubuntu.com/qatracker/milestones/208/builds/12749/testcases
<uvirtbot`> New bug: #943599 in tomcat6 (main) "[lucid] tomcat6 does not include tomcat-dbcp.jar" [Undecided,New] https://launchpad.net/bugs/943599
<nagyz> hi guys
<nagyz> I'm trying to build my own EC2 Oneiric images based on https://code.launchpad.net/~ubuntu-on-ec2/vmbuilder/automated-ec2-builds
<nagyz> could someone help me out there? the script here is not really in an easily digestible format
<SpamapS> nagyz: any reason you don't want to just rebundle the official images?
<nagyz> haven't found an up-to-date docs on how I could create my own snapshot of the snapshot used by the official ec2 images
<nagyz> but if you can give me pointers I'm fine with that method too
<alex-> Is it true that the Ubuntu kernel is modified for server usage?
<afernandez> Hello, I have a trouble with postfix logs, I configure the log rotation in logrotate.d folder then postfix is not saving nothin in mail.conf
<nagyz> SpamapS do you know of a guide describing the steps I should take to do that?
<SpamapS> nagyz: http://aws.amazon.com/ec2/faqs/#How_do_I_load_and_store_my_systems_with_Amazon_EC2
<nagyz> SpamapS I know about AMIs, and I've even managed to create my own S3 based one. I just specifically want to modify the ubuntu cloud images posted by canonical
<nagyz> there should be an easy way to do that
<nagyz> how can this be closed off as wontfix? https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/576501
<nagyz> gosh
<uvirtbot`> Launchpad bug 576501 in vm-builder "vmbuilder doesn't recognize --ec2 flag" [Wishlist,Won't fix]
<nagyz> it's listed in the official wiki as how it should be used, yet that doesn't work
<SpamapS> nagyz: I believe we use something different to create those cloud images now
<SpamapS> nagyz: "official wiki" ? can you share the link?
<SpamapS> utlemming: ^^ can you comment on how nagyz could get started building his own cloud images?
<nagyz> well, this is a description: https://wiki.edubuntu.org/EC2Vmbuilder
<nagyz> and I'm currently trying to set this one up: https://wiki.edubuntu.org/UbuntuCloud/Images/Publishing
<nagyz> but it's pretty, well, outdated it seems
<nagyz> (hardy, maverick...)
<SpamapS> nagyz: right, I believe the process has changed some
<Daviey> adam_g: is bug 942865 likely to me another migration issue?, where the rename isn't being cared for?
<uvirtbot`> Launchpad bug 942865 in nova "upgrade from diablo leaves existing images with kernel unbootable" [Undecided,New] https://launchpad.net/bugs/942865
<Daviey> (smoser ^)
<soren> smoser: Is there a simple way from the kernel command line to tell cloud-init to go fetch a cloud-config file from a url?
<onekenthomas> safe way for middle mouse button emulation on 11.10-- editing 50-synaptic.conf creates boot hangs?
<soren> onekenthomas: Wrong channel.
<onekenthomas> compared to?
<EvilResistance> onekenthomas, try #ubuntu
<onekenthomas> yeah right.
<EvilResistance> whats wrong with #ubuntu?
<EvilResistance> its the place for the GUI version of Ubuntu's questoins
<onekenthomas> #ubuntu is dominated by people who installed yesterday discussing whether they'll go back to Windows next week
<EvilResistance> well then you're SOL, because #ubuntu-server is for server-related questions
<onekenthomas> I've yet to find anyone who would have a clue about a question ...
<EvilResistance> not GUI-Ubuntu questions
<onekenthomas> I can't run a server with a GUI :) ?
<EvilResistance> then post on the forums or on AskUbuntu
<Canadian1296> onekenthomas: Ask again in #ubuntu. There are knowledgeable people there.
<EvilResistance> and have patience
<Canadian1296> onekenthomas: Of course you can run a server with a GUI, but if the question related the the server software ask here, of it relates to said GUI, ask in #ubuntu.
<onekenthomas> Canadian1296,  no offense,  I'll post in forums if I have to.  the current channel structure doesn't work.  GUI/non-GUI is an odd,  rather arbitrary differentiation.
<afernandez> umm I made a question about postfix in ubuntu, but nobody answer or interested about my question, but for say not ask it in this channel all people get alive
<Canadian1296> onekenthomas: Well both GUI and non-GUI, you should use #ubuntu. If it is server related ask here
<adam_g> Daviey: im not sure that it is, according to that report the bug is still there with a fresh devstack
<qman___> onekenthomas, that's the one of only a handful of differences between server and desktop
 * onekenthomas has his own channels to run
<qman___> and installing the GUI installs a bunch of extra things, like network maanger, which change everything
<Canadian1296> afernandez: try #postfix
<onekenthomas> which GUI :P ?
<qman___> installing a GUI on a server is also a not-recommended-thing, and should only be done in certain circumstances
<onekenthomas> da da da
<Daviey> adam_g: oh?  I misread the bug then.. i thought it was the aki id changed after upgrade, and the mapping got skewed?
<adam_g> Daviey: the original report sounds that way, but later scott reproduced the issue using essex/devstack with no upgrad
<Daviey> ah
<Daviey> crap.
<uvirtbot`> New bug: #943664 in openldap (main) "package slapd 2.4.21-0ubuntu5.7 failed to install/upgrade: ErrorMessage: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/943664
<Canadian1296> Im trying to set up a VPN server (l2tp through IPSec, using openswan and xl2tpd), and ran into a problem. Should I ask here, or is there a channel better suited to my question?
<SpamapS> Canadian1296: a lot of people prefer openvpn for its simplicity over ipsec/l2tp ... any reason you're choosing that?
<Canadian1296> SpamapS: Yes, I require l2tp over IPSec to connect from my iPhone.
<Canadian1296> I am testing the ipsec portion of it, and I should be getting connected in the servers logs, but im getting errors (cannot respond to ipsec sa request because no connection is known
#ubuntu-server 2012-03-01
<savid> Hi, I'm trying to re-install nagios.  I removed all traces of nagios from my server (including /etc/nagios3).   However, when re-installing nagios with apt-get,  it no longer creates the config files.  How can I make it cleanly install nagios?
<qman___> savid, you need to apt-get purge the packages
<savid> qman___,  yeah, I did that..  probably didn't do things in the right order though :-(
<qman___> if you manually removed files, you didn't purge the right package
<qman___> install all the packages you need, then find them with dpkg -l, and purge all of them
<qman___> then the next time you install them, it'll recreate the configs
<savid> qman___, I guess I'm not sure which are "all the packages I need".   I think it's just "nagios3"
<qman___> probably nagios-common or similar
<qman___> dpkg -l | grep nagios
<qman___> will show all currently installed and previously removed packages which contain 'nagios'
<savid> ahh, I see.
<qman___> if that still doesn't show your culprit package, check the dependencies on packages.ubuntu.com
<qman___> also, if you know which config files in specific are the problem, you can search what packages contain them
<qman___> forget the command for that, I think it's apt-file or something
<savid> damn.  shouldn't have manually removed the files. purge is failing for some packages.
<NginUS> I notice that there's no /etc/apt/apt.conf file in 10.04 LTS although I configured for automatic security updates at install. Can I still make one to define Install-Recommends & Install-Suggests?
<qman___> NginUS, check /etc/apt/apt.conf.d/
<NginUS> qman___: I see some files there, but none whose contents reflect what I expect to see in apt.conf. I'm confused & would love to see some docs but where?
<qman___> add one in there
<qman___> in the order you think it should be added
<qman___> it works like rc.d, combines the files low to high to create the config
<NginUS> qman___ : So the prefix numbers are what matters, not the filename in /etc/apt/apt.conf.d?
<qman___> yes
<skaet> arosales, Daviey - we may do a respin to pick up some ubiquity fixes ( https://launchpad.net/bugs/942560, and possibly https://launchpad.net/bugs/940908)  do you want to have the server images respun to pick it up?
<uvirtbot`> Launchpad bug 942560 in ubiquity "keyboard layout screen - Keyboard navigation broken" [High,Triaged]
<qman___> not having done it before, I'd create one called 49recommends
<NginUS> qman___ : Great to know, thanks
<NginUS> ok
<qman___> that may or may not be the optimal spot to put it, but that's my guess
<skaet> NCommander, smoser,  ^^  any opinion?
 * NCommander reviews
<NginUS> qman___ : Now that I'm looking at these files in /etc/apt/apt.conf.d with some understanding, it makes more sense of what I'm seeing, thanks again.
<NCommander> skaet: alternate images don't share the revelent code. Respin shouldn't be necessary
<skaet> Thanks NCommander.   :)
<NCommander> Not a problem
<NCommander> skaet: (we should respin all non-alternates though; thats a pretty delibating bug :-/)
<skaet> NCommander,  we'll be doing it for the Ubuntu Desktop - I've got a query out to the leads of the flavors if they have the testers able to cope or not - before doing the respins for them.
<adam_g> zul: https://code.launchpad.net/~gandelman-a/nova/libvirt_refresh_2/+merge/95295
<adam_g> zul: we should really try to get that patch upstream, its going to be a nightmare to maintain going forward
<zul> adam_g: i was thinking that this week
<adam_g> zul: gonna send a merge for keystone, too, with all the stuff ive done this week
<zul> adam_g: ack
<zul> adam_g: you are going to do keystone tonight?
<adam_g> zul: just pushed lp:~gandelman-a/keystone/ksl-packaging
<adam_g> zul: that gets a working service, with everything that has an sql backend configured to use it (added to the sql patch thats there)
<zul> adam_g: so if i turn on the regular jenkins job tomorrow morning then we should be ok right?
<adam_g> zul: no
<zul> adam_g: what still needs to be done?
<adam_g> zul: the charm isn't 100% yet, once its done (i think its pretty much done), we need to change some of the utility scripts we use in prep'ing the deployment for testing
<adam_g> zul: and the nova and glance charms need a small update as well
<zul> adam_g: ok
<zul> adam_g: i totally intend to upload the e4 keystone on friday though
<adam_g> zul: also, need to figure out whats become of the service token stuff im hoping that straightens itself out over night
<adam_g> zul: ya, we will
<adam_g> zul: about the packaging. theres stuff in keystone-manage for migrating older keystone databases, im not sure if we want to attempt to use that from postinst on upgrade (assuming it works)
<adam_g> zul: i probably wont be able to test any  of that before friday, so if you want to go for it
<zul> we dont do any user stuff in the postinst so i think we should put it in a readme
<zul> adam_g: i just added your changes
<adam_g> zul: well, i added the db_sync to postinst/configure like we do in nova
<zul> adam_g: i mean explicitly keystone users like administrator
<adam_g> zul: i guess the question is are we trying to support an upgrade path
<zul> ill ponder it
<zul> but its getting late for me
<adam_g> zul: from previous keystone version in the archive.. or, is it assumed that anyone using this stuff is going to be installing for the first time
<adam_g> yea. same, ttyl
<uvirtbot`> New bug: #943748 in glance (main) "Glance is missing dep on python-dateutil ( 2012.1~e4~20120224.1290-0ubuntu1)" [Undecided,New] https://launchpad.net/bugs/943748
<roaksoax> adam_g: still around?
<uvirtbot`> New bug: #943798 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/943798
<p7ank5te7> Curious, does anyone know if you can use a USB Serial adapter or Serial PCI Add-on card as a console port for a server?
<gdeeble> Curious, does anyone know if you can use a USB Serial adapter or Serial PCI Add-on card as a console port for a server? My on-board serial port just keeps dumping random letters like the settings are wrong but they match 100% the server and client machine.
<SpamapS> gdeeble: in theory it should work...
<znow> I have installed sendmail on my ubuntu server. Im using Webmin GUI for server overview. I got 2 domains for my server. When I create a new user, its email adress is for the domain I dont need, but I cant seem to change it? Ive updated virtuser and aliases in sendmail for the account, but still when i try to compose a email for the account, it uses the wrong domain, how can I change this?
<rbasak> !webmin | znow
<ubottu> znow: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<twb> znow: more info via Debian's bot http://paste.debian.net/158145/
<SpamapS> znow: check out zentyal
<SpamapS> but... sendmail.. wow
<twb> IMO all WHCPs are crap and they all cause more problems than they ever solved
<gdeeble> SpamapS Thank you. Maybe you can give me a little insite then, as It's not working right now. If I do the onboard, It gives me nothing but unlegible text(just random characters) like the client doesn't match the server but I've made sure it does. If I use the USB Serial Adapter, it works to show me the login but that's it. The Serial Card when booting causes the server to hang. It gets
<gdeeble> to the point of saying "ttySx: detected caps 00000700 should be 00000100" x being what ever com port it sets to depending on if my OB is off or on. Any suggestions?
<twb> You should learn the damn CLI
<twb> gdeeble: try a different serial card
<twb> SpamapS: what *would* be interesting is a WHCP-like UI on top of something like puppet...
<gdeeble> twb, It's only if the grub is directing to push console data out it. Otherwise it picks up fine. Still try another card?
<twb> gdeeble: oh, it's grub's fault *again*?  Sigh.
<twb> gdeeble: have you tried telling grub to talk to serial, and not to use framebuffer, and not to talk to video console?
<gdeeble> Not necessarily. I'm not exactly sure. I'm still new to all of this.
<gdeeble> twb, do you mean by changing grub_terminal from console to serial?
<twb> TBH I don't know, my response to "grub is at fault" is to replace grub with syslinux
<twb> You'd want to look at /etc/default/grub and fiddle-fart around with that and /etc/update-grub.d/NN-script.sh or whatever it is, and then run update-grub to have that "compile" the grub config file in /boot/grub/grub.cfg
<SpamapS> twb: Puppet is selling "puppet enterprise" for that. ;)
<gdeeble> Right, I have fiddled with the grub file in default, but didn't know about the script. I don't think it's grub but no idea how to tell. I followed the console serial how to, to get this far.
<gdeeble> @twb ^^^
<twb> SpamapS: haha
<twb> SpamapS: and that landscape whatever stuff from canonical that I'm not interested in paying for
<SpamapS> twb: Landscape is a little different really.
<SpamapS> twb: more about supporting users than configuring services.
<twb> SpamapS: all I know is the server side is closed source so that's automatic fail for me
<twb> SpamapS: supporting users as in desktops?
<SpamapS> twb: or remote servers
<SpamapS> twb: but the point being, its not so much for a novice user with no skills.. its for streamlining an IT workflow
<twb> Ah, I get you
<twb> The right way to solve novice users is something like a rubber mallet and an actuator, and it triggers when you try to install X on the server
<twb> bops the user over the head and says "no!  Bad user!"
<gdeeble> haha
<gdeeble> twb: So you're recommendation is if it isn't working replace it? Starting with the loader first?
<twb> gdeeble: I just hate grub; I'm a grub bigot
<twb> There are like twenty separate problems I regularly run into, like it deciding to install grub onto the USB key I'm running the installer off, not the HDD I just installed the OS to
<twb> Whereas extlinux I install and it just works forever
<gdeeble> twb: LOL, see this is my first linux project for home, but have an understanding of some of the command line and want to use the console so I can just plug the laptop in and reboot it and see everything verses dragging a monitor over to see the boot.
<twb> Wait, console as in tty or console as in serial?
<gdeeble> twb: tty over serial, if I'm not mistaking is what I'm trying to do.
<twb> Why don't you just use the laptop's screen?
<gdeeble> https://help.ubuntu.com/community/SerialConsoleHowto <- I followed this.
<gdeeble> twb: You can laugh and say anything you'd like if I'm explaining this wrong. LoL
<twb> serial console is the 9-pin port that you don't get on laptops anymore
<rbasak> gdeeble: hmm. That document doesn't appear to cover grub2
<twb> It looks a bit like a D-Sub (VGA) port except it has two rows of pins instead of three.
<gdeeble> twb: Right. I understand. I have a USB to Serial Adapter for my laptop
<gdeeble> rbasak: I followed the Karmic and Newer options.
<rbasak> gdeeble: which release of ubunu server are you using on your server?
<twb> gdeeble: well, OK, if you realyl want to do that.  Seems silly to me, compared to just using the onboard screen.
<gdeeble> rbasak: 10.04 as far as Im aware.
<twb> gdeeble: since the BIOS will not work over serial, and once the OS boots you can just use ssh
<rbasak> gdeeble: oh now, I'm wrong. The document does cover it and you're using the right sectoin
<twb> If you want to get the dmesg output for debugging prior to SSH being available, you can use netconsole to spew it as UDP to the network.
<gdeeble> twb: What do you mean? Just hooking a monitor up to it? Or am I missing something? Because I want it to be headless, but want to see the start up.
<twb> gdeeble: you said it was a laptop
<twb> gdeeble: oh sorry, I misread you
<gdeeble> twb: I want to use my laptop to view it.
<twb> OK, right.  That makes a lot more sense.
<rbasak> gdeeble: you've definitely got GRUB_TERMINAL and GRUB_SERIAL_COMMAND correct in /etc/default/grub, and you've run update-grub?
<gdeeble> twb: It's fine. I may have miss said it.
<twb> The best way to have serial as the default console is to do the install over serial
<twb> Then d-i will just set everything up correctly out of the box
<twb> In the installer, hit F6 and add console=ttyS0 *after* the "--" argument
<gdeeble> rbasak: Yes. I've enabled them. However, I am confused on the unit parameter, but I went with default like it showed. The main thing is the box hangs and doesn't show anything on the console when I have it going through the serial card.
<twb> If the server also is using a USB adapter you might be able to use console=ttyUSB0 or you might have to set it up post-install
<rbasak> gdeeble: unit corresponds to the port number I think
<rbasak> gdeeble: if you're using a serial card, that line may need to be a bit different
<gdeeble> twb: I have tried using the USB adapter on the server and got no errors nor any output but again it could be how I had it set up.
<rbasak> gdeeble: http://www.gnu.org/software/grub/manual/html_node/serial.html#serial - you may need to use the port switch instead of the unit switch if your serial card is using a non-standard port
<rbasak> gdeeble: I don't think that grub will work with a USB serial adapter
<twb> gdeeble: if you have done a non-console (i.e. VGA) install, then dmesg output does not go to the serial by default.
<rbasak> gdeeble: not sure about linux console output either. A login will work on it though
<twb> rbasak: AIUI his USB adapter is not in the server, it's in his laptop
<twb> rbasak: i.e. he has a normal 9-pin port on the back of his server, and is using a laptop and a USB adapter to talk to that
<rbasak> I see
<twb> ICBW though
<rbasak> What's the serial card on the server about?
<twb> NFI
<rbasak> gdeeble: do you have a normal serial port on the server, or is a serial card the only way of having one? And which port is the serial card set to emulate? COM1 or COM3?
<gdeeble> rbasak: What do you mean? Why is it there?
<rbasak> (or something else?)
<rbasak> gdeeble: yeah, why is it there? Is it that you don't have a built-in serial port, or something else?
<gdeeble> Rbasak: I have com1(ttyS0) on board which just gives me unlegible data, like I've set the client side wrong(which I've made it mirror), then the computer is puting the serial card as S1 and S2
<rbasak> gdeeble: you could try --unit=1 in /etc/default/grub then, which will try to use COM2 (the equivalent of /dev/ttyS1 perhaps)
<twb> "unlegible data" is probably because you had the baud rate wrong or something
<gdeeble> rbasak: To start, I didn't have the pigtail for the port as it only has the header for it. I got the serial card to replace that for the time being and finally got the header, but the header is kicking out just random characters like if the client side is set to different baud or something like that but I made sure it matched.
<gdeeble> twb: I've confirmed both the server and client were matched at the same baud 115200.
<twb> Instead of --unit=1 you could also try turning off the onboard serial port in the BIOS
<gdeeble> I've tried to drop it down as well.
<twb> gdeeble: fair enough
<rbasak> So what the serial board is doing at the point grub is running is the old DOS 16-bit thing. It'll listen on some fixed hardware port, and fire interrupts on some fixed number
<rbasak> (for each port)
<gdeeble> twb: Tried that as well. Killed the OB and let it boot that way, which gave me no data and will detect the card and hang from there.
<rbasak> COM1 corresponds to port 0x3f8. COM2 corresponds to port 0x2f8. I suspect that grub won't use serial interrupts so that won't matter.
<rbasak> If you specify --unit=0 then grub will look for the port at 0x3f8
<rbasak> If you specify --unit=1 then grub will look for the port at 0x2f8
<rbasak> Or you can use --port then you can override that
<gdeeble> I posted on a forum about this maybe if you look at the information posted there it can help? -> http://www.linuxforums.org/forum/ubuntu-linux/187114-console-via-pci-card-fails-boot.html
<rbasak> It isn't clear to me what address your serial board is using for which physical port.
<gdeeble> rbasak: ttyS0(OB) ->03f8 ttyS1(SC1) ->EC00 ttyS2(SC2) ->EC08
<rbasak> gdeeble: you got that from where? The kernel log output?
<gdeeble> The post might be a little off as I was playing with setserial during that time.
<gdeeble> rbasak: I ran -> setserial -ga /dev/ttyS?
<rbasak> gdeeble: that suggests to me that the board won't work with grub at all, since it has no PC serial port emulation
<rbasak> gdeeble: well I suppose ec00 might be a valid PC port number
<gdeeble> rbasak: So that is the breaker for that.
<rbasak> gdeeble: you could try --port=0xec00 instead of --unit=0 in /etc/default/grub
<rbasak> gdeeble: it doesn't look right to me though
<rbasak> gdeeble: I'm also not sure if --port=0xec00 or --port=ec00 is correct
<rbasak> gdeeble: do you know what UART your board uses?
<gdeeble> rbasak: so change unit to port?
<rbasak> gdeeble: yes, you might as well try it, though I'm not confident it'll work.
<gdeeble> rbasak: 16c950/954 is what the card detects in kernel.
<rbasak> Hmm. 16c950 is compatible apparently. So it's down to whether the board maps that to a standard I/O port or not
<gdeeble> I'm trying as we speak to see if it will break or work.
<rbasak> Try --port=0xec00 and --port=ec00
<rbasak> (instead of --unit)
<gdeeble> Trying ec00 first
<gdeeble> Let me make sure I have the letters lower case.
<gdeeble> It hung on boot so hopefully this will work though
<rbasak> The fact that they're uppercase in your output but 03f8 is lowercase suggests to me that they aren't actually I/O port numbers and so it won't work.
<gdeeble> No that was me just typing them. The show lower in the kernel log
<gdeeble> Sloppy typing on my part :-X
<znow> SpamapS: sendmail wow, why?....
<znow> twb: what would you suggest instead of webmin then?
<twb> Learning to use the damn CLI
<znow> twb: erhh okay, not what I asked dude
<znow> SpamapS: I have changed my hostname for my server, to the correct domain, but when I create an user account, it still maps to the other domain?
<SpamapS> znow: sendmail is a dinosaur in my mind. postfix, exim, and qmail are all better choices.
<rbasak> znow: I think few people have sendmail knowledge nowadays. It's not commonly used any more.
<znow> rbasak: oh damn... well im just using it for an application though... and I need to map an account to the right domain... so I just though sendmail would do it..
 * rbasak last used sendmail in around 1998.
<twb> SpamapS: qmail only looks good compared to sendmail
<rbasak> znow: it probably will do it, but if you need help then fewer people will be able to help you :)
<twb> It should be postfix unless you have to deal with Debian/Ubuntu weirdos that area already used to exim4
<SpamapS> twb: I said the same thing when it landed in my lap 7+ years ago.. but it was really impressive how stable it was, and how easy it was to configure.
<rbasak> znow: postfix and exim are common nowadays. I'd use postfix for a simple task, but I'd use whichever is more popular in the channels that you get help from, and I don't know which that is.
<gdeeble> rbasak: When it started it said error unrecognized number with ec00, with 0xce00 no error, but still hanging.
<rbasak> I like qmail, and used it heavily in the past. But it doesn't play well with others, and it gets really obtuse when dealing with modern issues such as spam and backscatter. So I shun it nowadays.
<SpamapS> rbasak: those issues are largely handled in some of the alternative distributions of it, since the license allows distributing patched versions.
<SpamapS> rbasak: but postfix is just more broadly known.. so I too shun qmail. :p
<rbasak> gdeeble: OK so 0xec00 (NOT 0xce00) is the right way to specify it to grub. I don't think this is a grub problem. Serial access in the 16-bit DOS world is really simple, and that's all that grub is using. It's whether your board supports this or not, and what port it maps the UART to. That's all there is to it, but I don't know the answer - sorry!
<twb> The djb dance alone is enough to fail qmail IMO
<rbasak> SpamapS: the last I knew about it, qmail specifically did not permit the distribution of patched versions. You had to distribute the pristine source and a patch. Has this changed? And I realise that patches have fixed a lot of the issues, but knowing which alternative to use really confuses the matter.
<rbasak> And at that stage, are we talking about qmail, or qmail-<insert-your-preferred-fork-here>?
<twb> NFI
<SpamapS> rbasak: yes the license was changed
<rbasak> SpamapS: ah. I think I left qmail for postfix before that happened. Haven't looked back since :-)
<gdeeble> rbasak: I really appreciate you helping with this. Maybe you can come up with a solution for the ob port. :-P
<rbasak> gdeeble: no problem
<gdeeble> rbasak: Do you have any tips on what to check why I keep getting garbage output from the OB port?
<rbasak> gdeeble: pinouts for motherboard serial connector pins vary. You might try and figure out which scheme your board is using and examine your pigtail carefully to verify.
<rbasak> gdeeble: usually the sheet that comes with the motherboard tells you the pinout, and you should be able to google a DB9 serial pinout
<znow> rbasak: SpamapS: okay - ill have a look at those, thanks.
<znow> but for now..
<znow> I just need the user to map to the correct domain
<rbasak> znow: I have absolutely no idea how to do that with sendmail. I have much more of an idea with postfix and exim. I suspect others are the same, but you're welcome to keep asking for sendmail-specific help :)
<znow> rbasak: well, maybe its not sendmail ... its just when I create a user, and I "read user mail", when I try to compose a mail it sets the sender to be the wrong domain?
<SpamapS> znow: these are all trivial to solve in postfix
<znow> SpamapS: trivial = easy?
<SpamapS> I'm sure its trivial in sendmail.. if you know sendmail
<SpamapS> znow: yes
<znow> SpamapS: lovely, can I have postfix installed with sendmail?
<znow> or do I need to get rid of sendmaiL?
<gdeeble> rbasak: I feel like an idiot and almost guarantee I have the wrong adapter.
<znow> SpamapS: ill just need to get some breakfast, then im back
<SpamapS> znow: you can only have one of them. Actually I need to get more *sleep* .. so I leave you in the capable hands of #ubuntu-server. ;)
 * SpamapS passes out
<hex20dec> Hi everyone, I've setup SPF record from this guide https://help.ubuntu.com/community/Postfix/SPF     and when I check the header in Gmail it's strill neutral. How do I get it to say "Pass"?
<znow> What is a prefered free Web GUI for Ubuntu server? other than webmin?
<Daviey> hey hey!
<Daviey> morning folks.
<hex20dec> znow: http://en.wikipedia.org/wiki/Comparison_of_web_hosting_control_panels
<Daviey> znow: the only real free option is zentyal.
<znow> hex20dec: cheers ill have a look
<znow> Daviey: okay, 2 sek
<Daviey> znow: TBH, i'd recommend NOT using a webui TBH
<znow> Daviey: not what i am seeking
<Daviey> znow: what are you looking for?
<znow> Daviey: yes, but CLI instead yeah? well...
<znow> Daviey: as I asked, looking for a webui similiar to webmin but better, and free
<Daviey> znow: the console is not as scary as people think...
<znow> Daviey: I know the console
<znow> I just want a webui to overview stuff
<hex20dec> Daviey: agree.
<linocisco> I have dual boot ubuntu and windows7. on laptop. I deleted my ubuntu partitions from windows7 and now it didn't boot ended with Grub error. my CD drive is also not working. how could I fix with which command to make windows7 boot
<hex20dec> znow: I hear you, it's good to have a webui regardless.
<hex20dec> znow: Imho.
<linocisco> I have dual boot ubuntu and windows7. on laptop. I deleted my ubuntu partitions from windows7 and now it didn't boot ended with Grub error. my CD drive is also not working. how could I fix with which command to make windows7 boot
<linocisco> ?
<hex20dec> linocisco: Get hiren's cd.
<bluefrog_> linocisco tough luck...
<linocisco> cd drive is not working
<hex20dec> Well, you can mount it on USB.
<bluefrog_> linocisco, sad
<hex20dec> You can fix it with ease with Hirens.
<hex20dec> Download it.
<linocisco> Hirens on USB ? how to?
<hex20dec> They have a tool to mount it to USB.
<hex20dec> I'll link you.
<hex20dec> One sec.
<hex20dec> http://thepiratebay.se/torrent/7018340/Hirens.Boot.DVD.15.1.Restored.Edition-PROTEUS
<hex20dec> Actually.
<hex20dec> Hold on.
<hex20dec> linocisco: You can try this as well, http://www.ultimatebootcd.com/
<hex20dec> linocisco: But the link I gave you before is not good, don't use it.
<linocisco> where could I download Hirens on USB ?ok
<hex20dec> http://www.hiren.info/pages/bootcd-on-usb-disk
<hex20dec> They have a special tool for it, as I stated before.
<hex20dec> Hi everyone, I've setup SPF record from this guide https://help.ubuntu.com/community/Postfix/SPF     and when I check the header in Gmail it's still neutral. How do I get it to say "Pass"?
<linocisco> hex20dec, there are so many tools under hirens. which tool and which command I should run?
<hex20dec> linocisco: That's the beauty of it, when you download it, you have so many tools for the long run in case your computer breaks down.
<hex20dec> Well, you go into partitions.
<hex20dec> And you will see a bunch of options.
<linocisco> hex20dec, yes. like Norton Partition magic. with which i can see partitions. and then what? I do not wanna lose my data
<linocisco> ok bro. let me try fixing mbr first.
<hex20dec> Yeah.
<hex20dec> Uhmm.. I actually tackled the same exact problem not long ago.
<hex20dec> I used easus partition manager.
<hex20dec> Fixed it.
<hex20dec> And by the way, if losing your data was an option I'd tell you to go the easy way and format, lol.
<hex20dec> So, don't worry.
<rbasak> hex20dec: does your SPF record end in "-all"?
<rbasak> hex20dec: actually never mind. That's probably not what you're asking.
<znow> hex20dec: sorry for the delay, yeah
<znow> hex20dec: what would you suggest mate?
<hex20dec> I use webmin, it does it all.
<hex20dec> But I use console more.
<hex20dec> Webmin is jsut there.
<znow> hex20dec: okay, but Im being told that webmin is outdated and not as good as others?
<hex20dec> znow, Don't take my word for these things, as I'm new to the scene as well. For me, it helped me with my stuff.
<znow> hex20dec: cool okay
<gdeeble> rbasak: Thanks again. I repinned the header and low and behold, Serial port on board working. Apparently, I grabbed 1 from my really old pile ;) and it pins 6-9 are even numbered wires on the adapter ;) haha
<rbasak> gdeeble: excellent!
<gdeeble> rbasak: I would have never thought to check that, as even with dealing with computers for as long as I have, never knew serial cables came with different pinouts hehehe. Problem resolved, this box can now go back to it's corner again :-P
<rbasak> gdeeble: headless servers FTW :-)
<gdeeble> Si. Now as my next project, convert the old WRT54G to a Serial 2 Network adapter that I can port forward to play with out of network hahaha
<onre> gdeeble, dunno if you're aware of these devices, which do roughly the same thing: http://tibbo.com/
<onre> damn
<onre> first time in all these years i almost had an opportunity to discuss serial-to-ethernet, but then he timed out :p
<p7ank5te7> onre: I'm still here.
<p7ank5te7> No I didn't know about that.
<jamespage> morning all
<koolhead17> hello jamespage
<lynxman> morning o/
<samba35> morning
<Tm_T> any recommendations for tools for reading database dumps? normal text editors are bit cloumsy
<OZ8AAZ> Tm_T: grep...
<OZ8AAZ> ...or perhaps you're looking for something like Percona Toolkit? (mysql, that is)
<Tm_T> OZ8AAZ: yeah, I've been grepping (:
<Tm_T> perhaps I'll do some sed magic too
<OZ8AAZ> Tm_T: and awk too? :)
<Tm_T> ye
<OZ8AAZ> :)
<Tm_T> looks like all db browser tools expect having running database server, which I've been trying to avoid
<OZ8AAZ> Tm_T: but u wanna inspect a dump, yes?
<Tm_T> OZ8AAZ: yeah, did find what I was looking for with grep (:
<Tm_T> -o switch saved the day
<OZ8AAZ> do tell... ;)
<Tm_T> I rarely have to care what kind of data db contains as long as it's working and uptodate so takes some time to find a way to work with these when I need to
<koolhead17> nijaba: just came to know your coming for ubuntucloud day!! :)
<jamespage> SpamapS, reviewing/testing your MP for iso-testing now
<koolhead17> in banglore, india :D
<TeTeT> how do I correctly specify a template for lxc-create on Precise? sudo lxc-create -t lxc-ubuntu and sudo lxc-create -t ubuntu both fail for me
<jamespage> TeTeT, don't you need a -n XXX as well?
<jamespage> the template name is def ubuntu tho
<jamespage> or ubuntu-cloud which uses the cloud tarball instead of debootstrap
<jamespage> SpamapS, we need to discuss next steps for putting reboot testing live
<TeTeT> jamespage: weird, works fine now: $ sudo lxc-create -n test -t ubuntu -f /etc/lxc/lxc.conf  - thanks
<uvirtbot`> New bug: #813400 in apt (main) "lxc-create -t ubuntu complains about /dev/pts" [Low,Confirmed] https://launchpad.net/bugs/813400
<Vivek> #linux-india
<Vivek> Sorry typo.
<hggdh> Daviey: I have proposed a fix for 943000, need a review and sponsorship (if applicable, of course0
<Daviey> bug 943000
<uvirtbot`> Launchpad bug 943000 in cobbler "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Confirmed] https://launchpad.net/bugs/943000
<Daviey> hggdh: why are you using images without a distro?
<Daviey> jamespage: How long would it take you to do the iscis test for beta?
<hggdh> Daviey: why not? it is a valid usage
<Daviey> hggdh: right, just wondered why..
<hggdh> and it is not so much that I am using images without distro...
<hggdh> the *code* itself makes a call to the method with distro=None
<Daviey> ah
<Daviey> hggdh: Were is the patch?
<hggdh> Daviey: proposed for merge in bug 943000
<uvirtbot`> Launchpad bug 943000 in cobbler "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Confirmed] https://launchpad.net/bugs/943000
<Daviey> hggdh: you don't need to delete MP's to make an amendment :)
<jamespage> Daviey: about 1 hour I think
<hggdh> Daviey: I did not think I needed, but this early in the morning I am not reliable to find solutions for dumb problems
<Daviey> hggdh: missing a bzr add ?
<Daviey> hggdh: heh
<Daviey> jamespage: is that something you could crack out today?
<smoser> good morning.
<hggdh> Daviey: heh
<Daviey> smoser: good afternoon
<smoser> silly time zone
<Daviey> smoser: we invented time, respect us for it.. kkthnx
<roaksoax> morning
<fommil> Hi all, I am using LTS and I just updated apache2 via aptitude. The 'deflate' module now breaks some of my hosted glassfish applications! Is this a known bug (workaround is to turn off deflate, but that hits my bandwidth)
<smoser> roaksoax, ping
<roaksoax> smoser: pong
<smoser> pm
<smoser>  /query
<lynxman> jamespage: ping
<zul> ivoks: ping you have a typo in your merge proposal
<jamespage> lynxman, ping - sorry was testing iscsi
<lynxman> jamespage: no worries, was just wondering if you could give me some tips in launchpad daily builds :)
<lynxman> jamespage: I see how I can create the recipe for it, I don't see how I can pull upstream each day and build a new version
<jamespage> lynxman, so the upstream needs to be in a bzr branch
<jamespage> you can do this even if they are not on launchpad
<jamespage> create the project on launchpad and add the upstream vcs source - it will then get imported regularly
<jamespage> see jenkins for an example
<jamespage> or hadoop or zookeeper
<jamespage> Daviey, lynxman: I see ipxe can iscsi boot - that might help with iscsi testing
<lynxman> jamespage: will have a look at any of those then, thank you very very much
<Daviey> jamespage: good thinking!  I didn't thnk the current framework could support two kvm instances tho?
<jamespage> Daviey, it does not need to
<Daviey> jamespage: I'm intrigued...
<jamespage> I don't do it with two kvm instances
<jamespage> I run tgt on my laptop and setup the targets so they can be seen on the libvirt network that the kvms are on
<Daviey> jamespage: right.. but for jenkins jobs?
<jamespage> Daviey: BTW just marked the JeOS on KVM test cases as passed - they get auto tested
<jamespage> Daviey, the server running the test cases can act as the iscsi target
<jamespage> in the same way my laptop does
<Daviey> jamespage: good thinking!
<jamespage> If I could inject iPXE DHCP boot options into the libvirt dnsmasq instances it would JUST work....
<jamespage> an be minimal effort to implement
 * jamespage scratches his chin...
<jamespage> do we have ipxe on oneiric?
<Daviey> jamespage: yes
<Daviey> jamespage: you could also use a ipxe rom, and declare it as a boot param.
<jamespage> I need to pass it options - just trying to figure out how!
<jamespage> oh - that actually works!
<jamespage> iscsi boot with no TFTP!
<Daviey> \o/
<jamespage> authenticated and unauthenticated!
<Daviey> jamespage: so can we test the initiator ?
<jamespage> Daviey, at the moment you have to go through this painful step of shuting down the KVM instance
<jamespage> mounting its target; grabbing the kernel + initrd (which has the target details in it)
<jamespage> and then restarting again
<jamespage> if we could get it to iscsi boot using iPXE that step is no longer require
<jamespage> ipxe just grub boots off the iscsi volume
<Daviey> jamespage: ok, sounds like you have it inhand
<Daviey> :)
<koolhead17> hallyn: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/769503
<uvirtbot`> Launchpad bug 769503 in linux "KVM network I/O degraded using virtio and freezes guest sometimes" [Medium,Fix committed]
<koolhead17> it says fix commited means its fixed and we are not going to face it in precise
<hallyn> koolhead17: fix is in kernel
<koolhead17> awesome cheers!1 :)
<hallyn> (i.e. pls ask on #ubuntu-kernel if there's a problem like it got dropped, i have no control over that)
<hallyn> agreed it looks like it's been sitting a long time
<hallyn> i suspect it snuck in through upstream since then?
<hallyn> but then, you're probably pinging me bc you ran into it?  :)
<koolhead17> its on maverick a friend
<hallyn> ah
<ruben23> hi guys is it possible two ubuntu server and sync a directory on the other server directory also, and whatever chnages on each other directory it will be the same for both
<hallyn> you mean something other than nfs/cifs/sshfs?
<ruben23>  hallyn:the easiest way to implement..? you cna suggest
<hallyn> it depends.  if it's just you, i'd say sshfs.  But probably i'd say nfs is easiest
<hallyn> just install nfs-kernel-server on the one, nfs-client on the other, edit /etc/exports on the first, mount on the second
<ruben23>  hallyn:hmm havent tried it do you have some how t link on it.>?
<hallyn> should be on the server guide
<hallyn> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<hallyn> (i dnt' have any other links offhand)
<SpamapS> jamespage: sure, our time zone skew messes with that quite a bit, so we should plan ahead. Are you available now?
<SpamapS> jamespage: (re next steps for getting reboot testing live)
<jamespage> SpamapS, sure
<new3432> I am setting up 10 computers in a lab to print to an IPP printer.  My question is this, if i don't care about restricting how/when people can print, what is the win of making the clients use a cups printer on ubuntu server (and having ubuntu submit the jobs) as opposed to simply attaching them to the IPP printer url directly?
<jamespage> SpamapS, so; now that the code changes are in the main project
<jamespage> I need a branch containing the reboot tests; I think that you already have this (I branched something from launchpad this morning todo some testing for the reboot bits)
<jamespage> but it would be good to get it tidied up
<SpamapS> jamespage: right, lp:~clint-fewbar/+junk/server-tests-reboot
<SpamapS> jamespage: and it definitely needs a bit of review
<jamespage> thats the one - I had to tweak the run_test script to make it work
<SpamapS> jamespage: I was able to use it as-is locally, but perhaps I was skipping steps.. ;)
<jamespage> hmm
<jamespage> my KVM instances struggled to talk with couchdb - the python kept borking
<jamespage> SpamapS, it was fairly minimal - http://paste.ubuntu.com/863660/
<dch4pm4n> Can someone suggest the latest Amazon Ubuntu AMI that support FUSE and mounting remote directories with SSHFS? I currently have ebs/ubuntu-images/ubuntu-maverick-10.10-amd64-server-20101007.1 (ami-548c783d) which does not have/support FUSE.
<SpamapS> jamespage: oi.. I had that problem too.. and I have almost the same diff here uncommitted.. *whoops*
<jamespage> SpamapS, lol
<SpamapS> plural confusion FTW
<SpamapS> jamespage: so ideally that can be merged into the precise tests, and then we'll keep doing things basically the same way, except on the lamp-reboot test, which will install lamp *after* installation, and then reboot, and verify that all services are still running
<jamespage> SpamapS, ah - so this is just an extra server test - thats fine.
<jamespage> makes sense
<jamespage> I which case can you raise a MP against: lp:~ubuntu-server-iso-testing-dev/+junk/server-tests-precise
<SpamapS> jamespage: well the run_test change is also necessary
<jamespage> SpamapS, yep - that sits in the branch as well
<jamespage> its specialised for each set of tests
<jamespage> desktop does different stuff
<SpamapS> jamespage: ahh ok
<SpamapS> dch4pm4n: hang on I'm checking ..
<jamespage> also means we can do different things with libvirt configuration etc...
<dch4pm4n> SpamapS: LOL please don't say 7.04
<SpamapS> dch4pm4n: HAH no I am checking my 11.10 EC2 instance to see if fuse works there
<SpamapS> CONFIG_FUSE_FS=y
<SpamapS> dch4pm4n: 10.10 support ends in < 2 months.. perhaps try 11.10 ?
<dch4pm4n> what config is that from?
<dch4pm4n> Yes. I will try 11.10
<SpamapS> dch4pm4n: thats from 11.10's kernel
<dch4pm4n> kk, that's what I thought, but didn't want to assume
<dch4pm4n> Thanks, SpamapS
<dch4pm4n> SpamapS: One more thing. What's your AMI ID? :-)
<SpamapS> dch4pm4n: you can get it using ubuntu-cloudimg-query on 11.10 or later, or if you don't have that utility, http://cloud-images.ubuntu.com
<dch4pm4n> well, nvm I'll just use the latest ones clound.ubuntu.com/ami... setting up east and west slave and master failover
<SpamapS> lol.. that defaults to 'maverick' ..
 * SpamapS opens an RT ticket to get that fixed
<dch4pm4n> What defaults to maverick?
<SpamapS> Ooo it has a launchpad project
<dch4pm4n> Ohhh
<SpamapS> dch4pm4n: the search on that page
<dch4pm4n> that link
<SpamapS> jamespage: ok, actually there were 12 revisions I hadn't pushed yet
<SpamapS> jamespage: and junk branches don't allow merge proposals
<SpamapS> jamespage: http://paste.ubuntu.com/863718/
<SpamapS> jamespage: http://chzb.gr/wXDqbe
<jamespage> SpamapS, lol - looking now
<jamespage> SpamapS, testing now for regressions....
 * jamespage is slightly worried by the fact that there are two people in the channel who's nick starts with Spanky 
<SpamapS> jamespage: Spanky99, and Spanky, son of Spanky99
 * SpamapS gets all emotional thinking that he'll get to see Timmet son of Timmet and Chagga wandering King's Landing in just a month when HBO starts running GoT again
<memoryleak> Hi. I'm using Paralells to install Ubuntu Server 11.10 and I can't get the install work with my DHCP Server. I've set up network to bridget and selected proper network interface. Any ideas?
<azertyu> hi
<azertyu> i just reboot my  server
<pmatulis> ok
<azertyu> i got this error
<azertyu> The disk drive for /tmp is not ready yet or not present.
<azertyu> is not ready /home /boot /bin /tmp is not yet ready
<bananapie> I installed a new driver on my server, it appears in /lib/modules/kernelversion/updates, trouble is the kernel is not loading the new driver when it boots. HOw can I check lsmod which module was loaded and how can I change which one it loads ?
<azertyu> everything is not yet ready
<azertyu> how i can troubleshoot this error ? *
<azertyu> anyone there ?
<SpamapS> azertyu: do you have all of those on separate disks from the root?
<SpamapS> azertyu: please be patient, it may take *hours* to get a good answer. Don't expect instant answers.
<azertyu> no
<azertyu> there is no separate disks from root
<azertyu> after googling i can see its an major using ubuntu on server
<azertyu> problem
<azertyu> hello
<azertyu> can't understand ?
<SpamapS> azertyu: *PATIENCE*
<SpamapS> azertyu: what version of Ubuntu Server?
<azertyu> lucid ?
<SpamapS> azertyu: ok, can you boot into a recovery console?
<smb> smoser, around?
<azertyu> reboot  recovery console in progress
<smoser> smb, here.
<smb> smoser, Just to get back about that stuck cpu you were pinging me yesterday. Has that happened more often?
<azertyu> what i have to do once after reboot from recovery mode ?
<smoser> smb, i only booted the thing once.
<smoser> i can launch another and let you poke at it if you'd like.
<smoser> that was a cc2.8xlarge
<smoser> wait. no, that happened on the cg1.4xlarge.
<smoser> the cc2.8xlarge came up fine.
<smoser> (only one boot, though, not  much for a sample)
<smoser> and thank you for following up, smb
<SpamapS> azertyu: you should check that your filesystems have the right UUID's by running 'blkid /dev/xxxx' and comparing to /etc/fstab
<smb> smoser, At least more vcpus than I usually see. I think we should see how that comes out with more boots. The strange thing I see is that vcpu#0 seems stuck in processing softirqs
<smb> smoser, The ip does not change, but the place it is is nothing that could get stuck really
<smoser> smb, i'll launch you an instance.
<smb> smoser, I am wondering whether this just was one weird case where one vcpu just was not getting cycles from the hv
<smoser> well, i suspect that a cg1.4xlarge is pretty much single occupant.
<smoser> at most it would be 2 occupant.
<smoser> it has 2 tesla graphics cards and 64G memory.
<smb> smoser, Depending on how many phyisical cores/hts there are it would be shared possibly only with dom0
<smb> smoser, It is strange though to be not progressing for about a minute
<gnome> anyone around?
<smb> smoser, Another case where I wished I could not only look at the guest... :/
<smoser> smb, you can poke. i'll aunch an instance.
<smoser> do you want me to ?
<gnome> so i can't figure out how to login to my nodes... :(
<smb> smoser, No, it is ok. I am not sure I will see much I fear... :( But let me know when this happens again in testing
<smoser> yeah.
<smoser> smb, well, to be honest, we don't launch those that often.
<smoser> or really any of the hvm.
<smoser> i just did it yesterday to test something ,a nd also to at least sniff the beta-1 candidate.
<azertyu> what key i have to hold to display the grub menu ?
<smb> smoser, It tends to get scary on the credit card bill :) Well I will in parallel try to set up my test box with a precise hvm using all available cores
<smb> azertyu, left shift (at the right time)
<smoser> smb, well, its $0.60 right now as a spot instance
<smoser> that is what i did yesterday
<smb> smoser, Ah ok, not as bad as huge memory ones then
<gnome> I can't ssh to my nodes... well pardon me, I can, but user pwd, and for some reason the master didn't setup login creds.  I can't login to nodes. not even from node directly. what am i doing wrong.
<smoser> well, in the spot instance prices, everything is reasonable.
<smoser> the cc2.8xlarge is $0.54
<azertyu> SpamapS:  i got the same error even choosing the recovery mode
<azertyu> press s to skip
<azertyu> m to manual recovey
<azertyu> what to do ?
<smb> smoser, Ok, so not really a price issue. Guess I will try a few boot attempts of my own then, tomorrow. And see to have a decent setup locally
<smoser> i keep dreaming that someday you'll have something even in that price range that is bare metal
<smoser> that woudl really rock.
<smb> smoser, We'd miss so many nice issues... :-P
<jamespage> SpamapS, that all looks good - but I'm going to let beta-1 out of the door before I push :-)
<jamespage> Daviey: I just discovered ipxe scripting.... anything is possible now!
<SpamapS> azertyu: m should let you do the same thing.. verify the uuids
<SpamapS> jamespage: sounds good. :)
<jamespage> SpamapS, it rocks - no more filename="pxelinux.0"
<azertyu> where would you like to very the uids ?
<azertyu> when everything not working proerly
<azertyu> i can't even access to /etc/fstab
<azertyu> it says file missing
<Daviey> jamespage: Hmm, it might now work in Oneiric...
<Daviey> jamespage: I encountered an issue before precise current
<SpamapS> azertyu: sounds like your system is having trouble even finding the root partition.
<Daviey> (which was why he had a new upstream version)
<Daviey> jamespage: The really neat thing is that you don't need to bundle the script into the binary.. that is quite new.
<adam_g> zul: still the same error with those changes
<zul> wtf
<zul> adam_g: ok doing another build now
<adam_g> zul: where are you installing the packages you build?
<zul> adam_g:locally
<zul> adam_g: should be fine now
<zul> adam_g: holy crap that takes its time
<adam_g> zul: what does?
<zul> the essex deploy-test
<adam_g> zul: 16 min not so long considering what its doing :)
<zul> true
<adam_g> zul: however, pointing my browser at the dashboard node gets a Internal Server Error
<zul> adam_g: grrr....gimme a sec
<zul> adam_g: once the horizon builds try that one please
<adam_g> zul: just fire off another deploy test and point your browser to wherever it got deployed (usually test-10/192.168.20.10)
<tyska> hi guys, i need to send a remote reboot command to one server, just one command like ssh user@host sudo reboot, but i'm not getting to do this - can u help me with that?
<ivoks> zul: yeah, i've noticed
<Owner> tyska ~# you cannot reboot without loggin in as root
<Owner> tyska ~# or having passwordless sudo or something for the user you login as
<Owner> tyska ~# or having the user you login as in the power or powerdev group...or some other important group
<Owner> uhhhgg why am i in ubuntu-server....i hate ubuntu
<gnome> ya no doubt
<gnome> been trying to use their new 11.10 with deploy clusters.
<gnome> and ya k, i seem to beable to do what they try to auto mate faster just by hand.
<gnome> and get lockouts , like zero answers to why i may not be authenticating properly with pxe booting, i guess I'll break down and do disk install on them once to see if it's just ub bugging out like normal.
<gnome> 3days i been looking for info / answer to what issue i am having and all you see is how to install this or that. and not really anything pertaining to finalization of server. perhaps these are odd questions. sry.
<mdeslaur> SpamapS: FYI, I've pushed the mysql security updates to -proposed, and have sent out a call for testing
<SpamapS> mdeslaur: thanks I'll echo your call for testing!
<mdeslaur> SpamapS: cool, thanks!
<mdeslaur> SpamapS: I patiently await the hate mail and the social network beatdown :)
<SpamapS> mdeslaur: I think we've done enough due dilligence at this point that we are rubber and Oracle is glue.
<mdeslaur> hehe
<lifeless> SpamapS: orabuntu?
<SpamapS> lifeless: Linux for Unbreakable Human Beings
<lifeless> SpamapS: thats a movie, right ?
<roaksoax> zul: ping
<zul> roaksoax: pong?
<roaksoax> zul: so quick question... I was looking into the horizon packaging you did, and I'm just wondering what should go on python-django-whatever and what in the whatever package?
<zul> roaksoax: python-django-whatever has the py stuff eveything else is in the whatever package
<SpamapS> jcastro: http://nerdapproved.com/wp-content/uploads/2011/09/winter-is-coming.jpg?cb5e28
<roaksoax> zul: right, but I see in the horizon source, that openstack-dashboard has py stuff too
<roaksoax> urls.py views.py etc
<zul> roaksoax: horizon is basically two apps
<zul> roaksoax: better example might be django-mumble
<roaksoax> zul: yeah looked at it and the same thing :)
<uvirtbot`> New bug: #829880 in juju "object store doesn't like key with '/' " [Medium,Fix released] https://launchpad.net/bugs/829880
<delinquentme> in order to ssh to a remote machine ... to copy files ... do I need to copy over .pem s first or should SCP/rsync work right out of the box?
 * delinquentme has a ec2 ubuntu instance hes trying to move local files up to
<gary_poster> hallyn, hi.  We found another overlayfs issue yesterday that means xvfb does not work.  The xvfb error comes down to the fact that, in an overlayfs, you can't hard link a file with a permission of 0444.  See line 17 of http://pastebin.ubuntu.com/864198/
<gary_poster> hallyn, (1) where did you say that aufs question was going to be sent? :-) I didn't see it
<hallyn> i think it went to ubuntu-devel
<gary_poster> (2) Do you happen to know anything about that error, or should I just file a bug and hope someone catches it?
<gary_poster> ubuntu-devel: ack.  Not subscribed/not a devel. :-/
<hallyn> jinkeys
<hallyn> gary_poster: ping apw on that, i think he's collecting bugs
<hallyn> (he emailed linux-kernel yesterday or so about it)
<gary_poster> hallyn, ack, thanks
<hallyn> gary_poster: np.  if you want to file it as a bug, i guess that'd be to pad.lv/u/linux
<hallyn> thanks, ttyl
<gary_poster> ack hallyn will do
<raubvogel> Trying to test my ldap restore procedure. After installing the databases to the barebones test box, I tried to start slapd and got this "Mar  1 16:20:06 fakekdc slapd[2326]: invalid directory /etc/ldap/slapd.d, error 13" message
<delinquentme> so im used to setting path vars within .bashrc .. where should I set them if I'm accessing the remote node over ssh .. and I want those vars to be available?
<SpamapS> delinquentme: environment variables are stripped out by SSH for various security reasons. You need to copy them over to the other side's .bashrc if you want them there too.
<delinquentme> SpamapS, so if i set it in the ~/.bashrc   and source that ... theyll b e available?
<SpamapS> delinquentme: yes
<Sabriina> hello
<lynxman> SpamapS: saw the rabbitmq update, we need to update the plugins as well (rabbitmq-stomp rabbitmq-erlang-client), I'll propose merges tomorrow morning
<SpamapS> lynxman: rabbitmq-stomp is included in 2.7.1
<lynxman> SpamapS: oh... great news then :)
<lynxman> SpamapS: then we need to change mcollective dependencies :o)
<SpamapS> lynxman: as is erlang client
<SpamapS> lynxman: well, the packages are still useful, in that they setup configuration for the plugins
<SpamapS> lynxman: we *should* deprecate the source packages, and move those configs/binary packages into the rabbitmq-server package
<lynxman> SpamapS: hmm whatever we do needs to be done fast then
<SpamapS> lynxman: nothing is "broken" right now
<SpamapS> lynxman: just "weird"
<SpamapS> lynxman: actually I suspect the plugins, on rebuild, may produce binary packages that conflict
<lynxman> SpamapS: I reckon they would
<SpamapS> lynxman: and agreed, we need to do that this week.
<lynxman> SpamapS: will get my hands onto it tomorrow morning then
<SpamapS> or rather
<SpamapS> in the next 7 days
<lynxman> SpamapS: just to get all the ducks in line
<SpamapS> lynxman: I leave it in your highly capable hands.. let me know if you need sponsorship.
<lynxman> SpamapS: thank you! highly appreciated :)
<SpamapS> lynxman: the main reason I rushed it in is that OpenStack upstream requested it be updated for some HA work they're starting to do.
<lynxman> SpamapS: yeah HA support in 2.7.1 is way better
<SpamapS> and I think they also wanted a few of the other plugins available
<lynxman> SpamapS: I've done a bunch of them but just had stomp and erlang-client in the archive
<SpamapS> lynxman: nice that they're all in the official rmq releases now
<lynxman> SpamapS: a welcome addition indeed
<lynxman> SpamapS: will check it all tom. morning and see how it fits together and what needs adding/removing
#ubuntu-server 2012-03-02
<jetole> Hey guys. Don't know if this is off-topic but alis couldn't help me find a more on topic room so I was hoping someone could help me with sudo-ldap. I have some rules that I tested on my server in the local sudoers file and one rule was giving members of the admin access to everything except a cmnd_alias for su and shells and I'm not sure how I should do that via sudo-ldap
<twb> jetole: alis questions go to #freenode
<twb> Oh, misread
<ruben23>  guys i ahve a folder/directory with many files on it- dir1 and dir2 are teh same in fromat but dir2 have some few added updates of file in it how do i copy dir2 to dir1 by just ovewriting existing but copy the file whihc dir dont have.>? any idea..?
<twb> I don't know what you mean by cmnd_alias
<twb> ``Cmnd_Aliases are not really required either since it is possible to have multiple users listed in a sudoRole.  Instead of defining a Cmnd_Alias that is referenced by multiple users, one can create a sudoRole that contains the commands and assign multiple users to it.''
<twb> That's what sudoers_ldap says
<twb> Er, sudoers.ldap(5)
<ruben23> guys i have a folder/directory with many files on it- dir1 and dir2 are the same in fromat but dir2 have some few added updates of file in it how do i copy dir2 to dir1 by just ovewriting existing but copy the file which dir dont have.>? any idea..?
<twb> jetole: Here are my sudo objects: http://paste.debian.net/158251/
<twb> ruben23: rsync -aui ?
<twb> ruben23: perhaps with --dry-run
<ruben23> twb:  rsync -aui /home/dir2 /var/dir1...?
<twb> ruben23: I expect you to use some initiative and investigate the meaning of those rsync options.
<jetole> twb: Thanks.
 * jetole looks
<Firebolt> I'm trying to install ubuntu server 10.04 lts on a laptop with a broken screen. However, past the menu which prompts me to choose a language/what action to perform, once I select "Install ubuntu server", it stops giving output via VGA
<Firebolt> I know that you can specify the vga kernel option, but I've forgotten how
<twb> Firebolt: do a network install instead
<twb> Firebolt: does the laptop have wired ethernet?
<Firebolt> twb, yes
<twb> Yeah just set it to boot from network, and load up the netboot installer.  Write a preseed script to get it to the point where you can SSH into the installer and finish the install
<Firebolt> no idea how to do that
<twb> It's documented in the installation-guide-i386 (or -amd64) package
<twb> Alternatively you could try fiddling with vga=false nomodeset and stuff at the start of the installer, where you hit F6 to add extra boot options
<Firebolt> ah
<Firebolt> what would I specify vga= as then?
<twb> I dunno
<twb> I don't know how your screen is buggered either
<Firebolt> The backlight doesn't work
<Firebolt> clumsy friend
<twb> If you can get video working enough, you can start SSH from the normal installer
<twb> You pick "expert install" (priority=low) and when prompted for udebs (modules) to install, you make sure to tick "network-console".
<twb> Passing theme=dark is also good for getting rid of that fugly magenta
<Firebolt> the minute the installer starts, I loose the vga
<Firebolt> I tried using vga=XXX, but it doesn't display correctly
<twb> Oh, wait, this is lucid?
<twb> Lucid installer has a bug where you *can't* stop it loading the framebuffer, no matter what, until the install is finished and you boot off the HDD
<Firebolt> awww
<twb> it drove me apeshit trying to do it until I RTFS and found it was not possible
<Firebolt> So I should use a newer version instead?
<twb> What's really stupid is it's hard-code to load vga16fb which only provides 80x30 instead of 80x25
<twb> For 5 damn lines they broke it for me (and you, I guess)
<twb> Firebolt: well AFAIK it's fixed in 10.10 and up, but I don't know if you want LTS or not
<Firebolt> I'd prefer lts, but anything will do at this point
<Firebolt> I guess i'll download 11.04 server
<Firebolt> er, 11.10
<Firebolt> 12.04 will be LTS yes?
<twb> Yes
<twb> Hang on, I'll find you the small ISO URL
<twb> http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/mini.iso
<Firebolt> no need
<twb> Well, OK
<Firebolt> already downloading the full
<twb> I just hate people downloading 700MB when 20MB will do
<Firebolt> I often work with computers with no internet connection at install time
<twb> Fair enough
<twb> Usually I install them *then* ship them out
<Firebolt> shipping, eh?
<Firebolt> I just help out friends who want to try linux
<twb> You poor poor bastard
<Firebolt> but normally i end up installing at school
<Firebolt> where we're locked from using the school wifi/ethernet
<Firebolt> figures, though, that the one installer I try is borked
<twb> Normally it would merely be annoying, not a show-stopper
<twb> If the screen goes completely blank that's probably because the screen is lying about its resolution over EDID or something
<Firebolt> there's a bit of random colours on the screen
<twb> Like snow?
<twb> I mean: like an out-of-tune telly?
<twb> Maybe you're too young to remember FM TV tuners...
<Firebolt> oh no
<Firebolt> I do
<Firebolt> I may be only 15, but I've seen my share of devices
<twb> I remember building one from a kit
<twb> back before the electonics hobby market died
<Furry> (Firebolt here, connecting from a spare laptop)
<Furry> I have too many of these
<Ptoenk> Evening .. I just did a fresh oneiric install , and am having the " dhclient: can't create /var/lib/dhcp3/dhclient.eth0.leases: No such file or directory" issue..
<Ptoenk> what is the good way to fix it?
<Ptoenk> mess with ifup
<Ptoenk> create a simlink ?
<Ptoenk> create a dir ?
<Ptoenk> y
<twb> Ptoenk: sounds like your system is damaged.
<Ptoenk> lol
<Ptoenk> no it's not
<Ptoenk> it's a well documented bug
<twb> Then fix it yourself, I guess.
<lifeless> whats the bug number ?
<lifeless> twb: now now
<Ptoenk> set me find it again , sec
<twb> Ptoenk: try ifdown --force eth0; ifup eth0
<Ptoenk> Bug #900234
<uvirtbot`> Launchpad bug 900234 in isc-dhcp "dhclient: can't create /var/lib/dhcp3/dhclient.eth0.leases in syslog again on Precise" [Undecided,Confirmed] https://launchpad.net/bugs/900234
<twb> Ptoenk: sudo ln -s dhcp /var/lib/dhcp3 as a workaround, according to that ticket
<Ptoenk> yes
<Ptoenk> i can also mess with ifup
<Ptoenk> i can do lots of things
 * twb grumbles, why is ifupdown 0.7 still using noweb
<Ptoenk> the question i have , if any , is there a set resolution , albeit temporaty
<Ptoenk> that will not give issues once a real fix is introdced
<twb> Ptoenk: all I know is what's on that bug ticket.
<Ptoenk> others might know
<Ptoenk> creating a link is a plaster on a wooden leg
<delinquentme> hey all OK I've got a ubuntu server up on EC2 .. with a web server running on it .. the web servers config is set to serve out at port 3000 ... however:    http://ec2-23-20-139-29.compute-1.amazonaws.com:3000/     is giving me nothing
<twb> delinquentme: on the server, can you connect to 127.0.0.1 3000 ?
<delinquentme> twb, how do I check that?? ping?
<twb> nc 127.0.0.1 3000
<twb> If it doesn't hang up, speak some HTTP to it
<uvirtbot`> New bug: #944546 in libcommons-cli-java (main) "StringIndexOutOfBoundsException in HelpFormatter.findWrapPos" [Undecided,New] https://launchpad.net/bugs/944546
<twb> If you can't speak HTTP, you should not be setting up a web server.
<delinquentme> Hmmm nc .. what kind of tool is this?
<delinquentme> nc 127.0.0.1 3000  <<< did nothing with this twb
<twb> Then clearly your httpd is not running, or not bound wherey you thought it was
<twb> cf. netstat -nlp
<delinquentme> https://gist.github.com/1955759  << output
<delinquentme> now this is also not an apache server
<SpamapS> delinquentme: perhaps you haven't configured EC2 to allow incoming traffic to port 3000? By default all incoming ports are closed on EC2.
<twb> SpamapS: should still allow it on lo, surely
<SpamapS> yeah, but nc would "do nothing" to the untrained eye
<twb> Oh I see what you mean.  Sigh.
<SpamapS> Also his netstat (btw people, use ss, not netstat) shows it listening.
<twb> ss does the wrong thing in a specific case, I forget which
<delinquentme> SpamapS, AH!
<SpamapS> twb: good, you can actually *fix* it
<SpamapS> twb: whereas netstat is basically dead
<twb> IIRC it wouldn't list UDP listening ports by default
<delinquentme> so what ss comand should i use to replace the netstat one?
<twb> Also its stupid huge padding is really annoying
<twb> So you always have to |cat to stop it
<SpamapS> twb: it just fills the available columns
<twb> SpamapS: yes but I have full-screen ttys so I end up with like 100 spaces between each column
<twb> Oh, and by default it puts -p on a second line
<SpamapS> twb: perhaps submit a bug report that it should stop at 120 ;)
<twb> IMO it should be more or less like column -t, where it puts about four space between each column
<delinquentme> ok so do I need to make both a rule for TCP and UDP?
<twb> delinquentme: no, HTTP runs over TCP
<twb> Which you should also already know.
<delinquentme> and then the source should be the internal IP of the web server
<SpamapS> twb: ultimately though, netstat is deprecated, so you should gripe about ss to the ss maintainers.. because.. it actually has maintainers. ;)
<delinquentme> twb, totally =]
<twb> http://paste.debian.net/158263/
<twb> Also ss was installed into sbin by default until recently
<twb> SpamapS: I complained to them directly a few years back
<twb> SpamapS: I was using ss for a while but that gotcha where it didn't list... whatever it was, fucked me over, so I have put off migrating to it for a while
<twb> I do use ip everywhere, though.
<DyeA> hello all, I updated my Ubuntu 10 server with webmin and it broke php. Files were downloading instead being appropriately handled. I then went to Troubleshooting PHP https://help.ubuntu.com/community/ApacheMySQLPHP#Troubleshooting_PHP_5 and ran sudo a2enmod php5 which returned "Enabling module php5." instead of returning module not found. However upon restarting apache I got an error "Syntax error on line 204 of
<DyeA> /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/php5.load: Cannot load /usr/lib/apache2/modules/libphp5.so into server: /usr/lib/apache2/modules/libphp5.so: cannot open shared object file: No such file or directory"
<delinquentme> you guys have any idea if I need to restart my EC2 servers for the security group changes to take effect?
<twb> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<DyeA> I removed php5-common with apt-get, re-installed, restarted apache and now I get a 500 server error instead of a download, however HTML renders fine
<twb> DyeA: this is why we don't support webmin, because it causes problems like this.
<DyeA> arghhh! it seemed like a good idea at the time
<twb> You were probably high
<DyeA> definite possibility
<twb> SpamapS: can't find my ss whinging in debbugs bts :-/
<delinquentme> twb, so what am i looking for in "netstat -nlp" to ensure that the connections I want are functional?
<DyeA> should I have done a purge instead of a remove of php?
<delinquentme> AWWW YEAHHH
<delinquentme> http://ec2-23-20-139-29.compute-1.amazonaws.com:3000/  <3 u guys
<twb> http://paste.debian.net/158264/
<twb> delinquentme: that shows a server with a listening apache on 80
<delinquentme> how can you tell this?
<delinquentme> also I didn't install apache on this .. are you sure thats not the routing server?
<twb> delinquentme: sorry, you've exceeded your stupidity allowance.  Please wait patiently for someone else to help you.
<DyeA> delinquentme: hey don't feel bad, I exceeded my stupidity allowance before even arriving here
<delinquentme> lol
<delinquentme> twb im learning :D
<delinquentme> its cool though
<DyeA> twb is drunk and watching glee right now but his knowledge still vastly exceeds ours even in his current state
<twb> Isn't glee about gays in a high school musical / drama?
<DyeA> twb: close enough
<Firebolt> twb, do you have any suggestions besides webmin?
<Firebolt> that are similar?
<delinquentme> LOL
<DyeA> delinquentme: whateve you don't install webmin
<delinquentme> twb i dont judge you
<twb> I'd rather rewatch the first two seasons of _Skins_
<delinquentme> DyeA, check.
<twb> Oh, sorry, this is #ubuntu-server not #emacs.  I'll get back on topic.
<DyeA> apt-get check?
<delinquentme> twb, have you ever used youtube>
<delinquentme> :D
<Firebolt> (I've only ever used webmin when forced)
<twb> Firebolt: we recommend learning to use the CLI like a proper sysadmin
<DyeA> yeah i felt vaguely dirty ever time i used it
<Firebolt> twb, but for my friends who are gifted with IQs of -4 or use Macs?
<twb> Firebolt: they do not get to be sysadmins
<twb> They can hire someone like me to babysit their VPS
<Firebolt> lol
<DyeA> they just get to randomly fire up slow loris and get jacked
<delinquentme> twb, dont sysadmins just play wow?
<Firebolt> no
<Firebolt> I don't play wow
<twb> The LAST thing a sysadmin wants to do when she goes home, is to babysit another computer
<delinquentme> http://lemonnier.se/erwan/talks/pix/BoredSysadmin.jpg
<delinquentme> lik dat?
<delinquentme> i tried to find a screenie of a WoW char named sysadmind
<Firebolt> I prefer to fool with others' servers by "sudo rm -rf /"
<delinquentme> http://www.reddit.com/r/networking/comments/qbi4f/help_me_explain_to_my_wife_that_our_network_isnt/
<twb> delinquentme: please take it to #overflow or whatever
<delinquentme> twb, trying to lighten your levels
<Firebolt> I need to get myself a better ISP
<Firebolt> rather, I need to get my parents to get me a better ISP
<delinquentme> soo whats up with the apache
<delinquentme> oh wait apache tomcat
<delinquentme> yeah idk trinidad is some interface between those
<bnemec> hello?
<SpamapS> bnemec: ahoy!
<bnemec> cool someone else in here.
<bnemec> I'm running 10.04 LTS on Dell PE2600
<bnemec> you?
<SpamapS> I run 11.10 in EC2 ;)
<SpamapS> and precise on my laptops. :)
<SpamapS> but then.. I'm a developer, so I find it helpful to run precise for testing. :)
<kirkland> SpamapS: howdy :-)
<SpamapS> kirkland: avast!
<kirkland> SpamapS: nice post today, btw
<kirkland> SpamapS: long live Eddard Stark!
<SpamapS> kirkland: not too long.. ;)
<kirkland> SpamapS: he dies???? :-)
<SpamapS> kirkland: I'm on book 4. Had to swear it off for a couple weeks tho.. tore through the first 3 books so fast.
<kirkland> SpamapS: I'm about 20% through book 5
<kirkland> SpamapS: book 3 was *great*
<SpamapS> kirkland: yeah I feel like book 4 is a result of him being tired of writing about Tyrion. ;)
<kirkland> SpamapS: heh, yeah
<kirkland> SpamapS: i missed most of my favorite characters in book 4
<kirkland> SpamapS: do you happen to have osx running anywhere any more?
<kirkland> SpamapS: I want to do some byobu verification/testing/development on osx
<kirkland> SpamapS: and I'm wondering if I need to just but a crappy mac mini or something
<kirkland> SpamapS: it's so weird not just being able to fire up the OS I need in EC2 and pay a few pennies :-)
<SpamapS> kirkland: you can run OS X in a VM on a Mac without buying another license. ;)
<SpamapS> kirkland: I don't hardly ever run it except to update the OS on my iphone anymore.
<gnome> so can anyone tell me why i can't login to my ec nodes?
<gnome> someone must be testing this also.
<SpamapS> kirkland: btw, speaking of byobu issues.. using it on precise right now and its flickering a lot..
<SpamapS> gnome: ec2 ?
<gnome> yup ec2
<gnome> sons up back in a few
<SpamapS> gnome: You most likely need to define a key pair and make sure a) you're specifying it when launching the instnaces, and b) you're using it when ssh'ing to the instances
<gnome> k
<gnome> but
<gnome> when I go to send key to instance.. I fail.
<gnome> so you are saying make the key then boot the instance?
<gnome> when i try to ssh to an instance i am met with a password
<gnome> i can't even login to the nodes if I am standing in front of them.
<gnome> i just don't get it. perfect pxe cobbler install 10 machines.
<gnome> and how did it not send my creds during that install?
<gnome> sorry for silly questions. :(
<gnome> i have done manual clusters with ease.
<SpamapS> gnome: you have to inform *amazon* of the key
<gnome> k..
<gnome> I 'HAVE' to inform them?
<SpamapS> gnome: *or* you have to store your key some other way such as through cloud-init metadata
<gnome> that amazon thing, like really i registerd my personal cloud. with them?
<SpamapS> gnome: you can use your own keys if you want. Its just not built into the EC2 api.. but it is built into Ubuntu.
<gnome> repeating a question answered... shows my inability to not understand why we have to register with them for our 'own' personal systems.
<gnome> so how will that make me able to login to the nodes?
<SpamapS> gnome: they have console access to your systems. Don't be naive. ;)
<gnome> behind a proxy alsO?
 * gnome me is being paranoid.
<SpamapS> gnome: anyway, if you want to SSH to the systems you have two options. Add a keypair using euca-add-keypair (or ec2-add-keypair if you prefer the original slower amazon tools) ...
<SpamapS> gnome: or you can learn to use cloud-init to put your keys on the systems.
<gnome> i have read the ub cloud info back to back many a times. there was nothing about cloud-init.
<SpamapS> gnome: ub cloud info ?
<gnome> it it just that 11.10 is lacking documation assuming we have run their soft before?
<gnome> spamaps ... ub clound info..?
<gnome> i not sure what you mean sir.
<SpamapS> gnome: you said "ub cloud info" .. I don't know what that means
<gnome> oh, the posted manual on the ubuntu site
<gnome> on covering install and setup
<gnome> so i went with ubuntu because of ... easability, well >.. :(
<gnome> it's not been so easy that's for sure
<SpamapS> gnome: "the ubuntu site" ?
<SpamapS> gnome: do you mean www.ubuntu.com , cloud.ubuntu.com, help.ubuntu.com, wiki.ubuntu.com, or somethingelse.ubuntu.com ?
<SpamapS> gnome: it would help me if you could point me to the same material you are reading so I can help get it fixed, or explain something that might not be clear.
<SpamapS> gnome: the cloud is not actually very easy.. we've been working on making it easier w/ juju (http://juju.ubuntu.com/)
<gnome> k ya i been playing with juju also
<gnome> it's nearly making me crazy at how nice it susposed to work
<gnome> but doesn't do as intended.
<gnome> i pxe booted all nodes to oneiric - arc - juju
<gnome> try to login with my primary user name from main server to any node.
<gnome> denied...
<gnome> now if this part was streamlined also.. i'd be a happy camper
<gnome> i could deploy mpi work i do in a ub environment over massive ammounts of pc's quickly
<gnome> instead it feels like my head going to explode.
<gnome> glances back over at the deb dvd's... :)
<gnome> help.ubuntu.com
<gnome> is side.
<gnome> site the server guide.
<SpamapS> gnome: pxe boot? so you tried the orchestra provider with juju?
<gnome> yup
<gnome> it works beautifull but no node access...
<SpamapS> gnome: that is a really, really specialized and frankly bad use case for juju right now. Its going to be *MUCH* better in 12.04
<gnome> like does the head node need a gui front end..
<gnome> oh it's fine spamaps i like to work with ... anything
<SpamapS> gnome: for EC2.. juju is *very* smooth
<gnome> my other cluster is a huge mixture of every distro.
<gnome> did it just cause :) lol but I want to do a solid system like what ub development is leaning at with 11.10
<SpamapS> gnome: give juju+EC2 a try
<SpamapS> gnome: I think you'll like it
<gnome> ya i installed ec2
<gnome> then juju
<gnome> and .. am lost why don't nodes get any info.
<gnome> only thing I can possibly think of is in cobbler interface i have user set as
<gnome> admin
<gnome> that's the conclusion i have come to after... oh 10 netboots of each machine.
<gnome> i actually installed the server front end 7 times to get it ...
<gnome> the way i wanted.
<SpamapS> gnome: *ec2* does not need cobbler
<gnome> but isn't cobbler the deploy for pxe?
<gnome> doesn't it setup the boot imgs?
<SpamapS> gnome: yes, but why would you PXE on a public cloud?
<gnome> ? public?
<gnome> k private and public clouds.. i just dont' under stand the terminology this way
<gnome> to me private would be something running at home behind multi firewalls.
<gnome> public would be like a High availability server running on a public ip.
<gnome> sorr if this sounds stupid
<SpamapS> gnome: public means another company hosts the hardware
<SpamapS> gnome: private means you host it and do not sell it to anyone else.
<gnome> I am running a private cloud
<gnome> then.
<SpamapS> gnome: eucalyptus? openstack?
<gnome> yup
<SpamapS> both?
<gnome> eucalyptus
<SpamapS> ah ok
<SpamapS> We've had some issues w/ juju + eucalyptus
<gnome> like when i get the main server running I install eucalyptus
<SpamapS> because of the way euca sets up their "S3"
<gnome> then after I login to cobbler
<gnome> add the nodes
<gnome> and boot them
<SpamapS> its fundamentally broken unfortunately.
<gnome> they install.
<gnome> @!%%%%%%%%%%%%%
<gnome> 5 days I been working with.. fundamentally broken..
<gnome> no wonder my head hurts
<SpamapS> gnome: you may have noticed, the buzz around euca has died down a lot... for a reason
<gnome> well if it would just deploy user creds with the pxe boot img properly
<SpamapS> gnome: openstack is a bit harder to deploy, but will scale quite a bit more.
<gnome> omg I'd be still installing systems to it.
<SpamapS> gnome: if you're using juju + orchestra, juju should be installing your key to let you login as the 'ubuntu' user with it.
<SpamapS> gnome: I'd recommend hanging out in #juju and asking there
<SpamapS> gnome: note though that one reason there's very little documentation on orchestra is that it is changing so rapidly in 12.04
<gnome> Unknown id: ubuntu
<gnome> :(
<gnome> if i could just get into my nodes... I'd be so happy..  short of login brute force then set keys after
<gnome> so do I wait for 12.04 or do i go back to 10.?
<SpamapS> gnome: if something went wrong during the install then you won't be able to login.. its one of the problems that needs solving. :)
<gnome> right but you can continue to re-image. then netboot the nodes till they work right
<gnome> only thing I can think of is i am using user name admin
<gnome> and i noticed in cobber logs it says user [?] on machine [ub1]
<SpamapS> gnome: the juju orchestra system profile creates a user named 'ubuntu' and puts your ssh key in for the 'ubuntu' user
<gnome> so it doesn't seem to know user for odd reason, i going to look into it further at this point it seems to me there must be a simple reason for why it failing .
<gnome> well i tried sudo su ubuntu
<gnome> on the master it said.. no user.
<gnome> however there is a eucalyptus user
<SpamapS> gnome: then you didn't use juju+orchestra to install that machine.
<gnome> and course the user name I set during server install
<gnome> odd.. because it was the latest and only 11.10 i could download
<SpamapS> gnome: wait, I keep forgetting that you're doing eucalyptus. So you created a eucalyptus cloud.. and you're trying to talk to it w/ juju?
<gnome> i am trying to figure out how to talk to it to send creds to the nodes so i can access them
<gnome> or was euc not intended to allow us to use the nodes directly?
<SpamapS> gnome: and by nodes, you mean the nodes *running* eucalyptus, or the VMs running *inside eucalyptus* ?
<gnome> node = terminals . pc's
<gnome> slaves!
<gnome> sry
<gnome> master and 9 slaves
<gnome> can't access or login to the slave machines what so ever
<SpamapS> gnome: ok, well if you just used cobbler and the default oneiric install profile, then you probably don't have a user. You need to add one to the kickstart/pre-seed
<SpamapS> gnome: and by slaves, you mean *physical* machines, not virtual machines?
<gnome> yup physical
<SpamapS> gnome: ok, so yeah, you just need to define a way to login to them in the pre-seed
<gnome> k so do that in cobbler web interface?
<SpamapS> gnome: did you try 'ubuntu/ubuntu' for user/pass ?
<gnome> or just console edit the kick?
<gnome> on a node?
<SpamapS> yeah
<SpamapS> try it
<gnome> k i got 4 flights of stairs
<gnome> going to take a minute
<gnome> brb
<SpamapS> wait no
<SpamapS> no no on
<SpamapS> no no
<gnome> k
<SpamapS> gnome: they're not running SSH?
<gnome> yup they are
<SpamapS> ssh ubuntu@thenode
<gnome> BAZINGA!
<gnome> now if that small instructino was added on the page.
<gnome> omgosh would that help like 1000 ppl have same question as me
<SpamapS> gnome: well its a security problem and is going to be removed actually. ;)
<gnome> is in shock 4 days..
<SpamapS> gnome: default passwords == bad
<gnome> yes they do
<gnome> but k so how do I tell it to just do it auto from pxe.. or should I just not do that? and behapp this way/
<SpamapS> gnome: But, alas, there's so much else that is changing. Glad we could move you forward. :)
<SpamapS> gnome: if you look in the pre-seed, there is a password value (a hash I think, so it look slike gibberish) set... you can change it.
<SpamapS> gnome: in cobbler pre-seeds are called kickstarts (because it came from redhat)
<SpamapS> anyway
<SpamapS> its after midnight, time for me to sleep
<SpamapS> gnome: good luck
<gnome> k ya i was affraid to changethat hash
<gnome> in fear of breaking the big picture
<RoyK> just updated this lucid machine to oneiric to get some more updated libvirt/kvm stuff, and now it hangs when I try to create a new volume :(
<RoyK> that is, virt-manager hangs when trying to deal with volumes
<RoyK> or actually the whole libvirt part (for this machine)
<lynxman> morning o/
<jamespage> SpamapS, Daviey: first reboot test now live (but failing testing :-() https://jenkins.qa.ubuntu.com/view/Precise%20ISO%20Testing%20Dashboard/view/Daily/
<uvirtbot`> New bug: #944684 in keystone (universe) "Error installing keystone selecting dbconfig-common and sqlite3 as the backend" [Undecided,New] https://launchpad.net/bugs/944684
<Daviey> rbasak: do you have capacity to work on bug 911812?
<uvirtbot`> Launchpad bug 911812 in facter "processor fact does not handle arm, others" [Undecided,New] https://launchpad.net/bugs/911812
<rbasak> Daviey: I think so, I'll look at it
<Daviey> rbasak: thanks, it's currently assigned to roaksoax.. but i can't see him having time to work o it in the short term.
<rbasak> Daviey: looks like bug 911812 has already been fixed upstream and we're carrying the fix in Precise. I can't confirm from the information in the bug though, so I've asked lamont in the bug.
<uvirtbot`> Launchpad bug 911812 in facter "processor fact does not handle arm, others" [Undecided,New] https://launchpad.net/bugs/911812
<Daviey> rbasak: does 'factor' work for you on panda?
<rbasak> Daviey: yes
<rbasak> Daviey: though I do get a couple of warnings about PCI not existing
<lamont> sounds like it's fixed then
<lamont> I should see if the diff matches though
<asac_> so ... I am looking for a cmdline tool that at best can kind of transparently execute commands in ec2 and makes it easy to auto provision servers and shut them down afterwards :)... does such a magic box exist :)?
<asac_> actually that is already to specific. We have jenkins running to basically just do cloud provisioning and execution of remote jobs (for building)... but we don't want to use that anymore. what are options?
<asac_> smoser: ^^
<asac_> :)
<asac_> hi!
<koolhead17> zul: awesome!! :)
<koolhead17> dashboard E4 has a blocker now https://bugs.launchpad.net/horizon/+bug/944763
<uvirtbot`> Launchpad bug 944763 in horizon "horizon-2012.1~e4.tar.gz is broken" [Undecided,New]
<koolhead17> :(
<jdstrand> Daviey, lynxman: hey, do you know if someone is working on the 2.7.11-1 puppet merge?
<lynxman> jdstrand: I did a package a couple days ago, 2.7.11-0, can do the merge this morning as well
<jdstrand> lynxman: that would be wonderful :) can you ping me when it is uploaded?
<lynxman> jdstrand: I don't have upload rights, I'll find someone to sponsor the merge
<RoyK> fdhsfdsgdsg: fix your internet connection!
<jdstrand> lynxman: if you can't, ping me
<lynxman> jdstrand: thanks :)
<smoser> asac_, ah.  i'm not aware of anything that exactly fits your needs.  from what i understand, you basically want something like "chroot" that chroots into an ec2 instance, right ?
<smoser> or i guess schroot that has the itnerface to start up a new thing and stop it.
<rbasak> lamont: so your patch doesn't apply to the latest source in Precise because the logic seems to have moved to a different file (under util/processor.rb now). But the arm logic in there appears to be the same as what your patch is applying - possibly derived from it?
<smoser> i think rbasak has some stuff that does similar things.
<rbasak> yeah I think my tool matches that description
<rbasak> It's geared at openstack at the moment; I need to check how to get it generic to ec2.
<rbasak> smoser: speaking of which, if it's useful I'd like to get it into cloud-utils or something like that eventually
<smoser> i would say yeah.
<smoser> and i think modelling after schroot's cmdline interface would be pretty good.
<smoser> or maybe even just extend schroot :)
<rbasak> hmm, that'd be interesting
<rbasak> I never thought of it as an schroot-alike before
<smoser> schroot has a reasonable interface.
<smoser>  start, enter, delete, list
<rbasak> yes, that is reasonable
<rbasak> The current interface is modelled after ssh with some stuff added
<smoser> so for +1, lets do that.
<rbasak> I think I'd like to support both
<smoser> well, schroot has a simple: start, run command, cleanup
<smoser> which is really all i think ssh would be different
<smoser> right?
<rbasak> for interactive use, I tend to think of it as a machine that I can ssh to that is created automatically the first time I mention it
<rbasak> I've embedded user-configurable specifications of what the machine should be like (which cloud, what image, etc) based on the machine name, which is in the user's standard ssh namespace. Then scp and rsync work too.
<rbasak> I need to show you it really.
<rbasak> I agree that an schroot-alike interface would work well too - especially to people used to that, as they won't need to learn anything
<spajderix> hi
<rbasak> I don't see any reason why I can't do both.
<lamont> rbasak: probably
<lamont> prolly based on it, that is
<rbasak> lamont: can I mark the bug Fix Released for precise, or would you like to check further first?
<lamont> 'tever - if it's returning good facts, I'm happy
<spajderix> I have some issues with mysql replication. I have master and a slave with backup. Problem is, from time to time when i do SLAVE STOP to do daily dbdump the query just hangs forever, and only killing the server helps to unfreeze it. I've located some bugs at mysql's buglist but fixes addres versions of mysql-server 5.4+. I wuld really appreciate a fix in ubuntu,so should I report a new bug or
<spajderix> request a backport of newer mysql to lucid?
<rbasak> spajderix: that sounds like a bug that would be a candidate for an SRU, and one that we'd want fixed in lucid
<rbasak> spajderix: https://wiki.ubuntu.com/StableReleaseUpdates
<rbasak> spajderix: although I'm not sure about mysql actually - upstream don't work in public so it may be awkward
<asac_> smoser: maybe :) ... something that brings the cloud transparently to your local machine... but also does some degree provisioning and pooling (can be manual operations i guess) of the instances
<smoser> pooling ?
<asac_> well
<asac_> management
<asac_> so this tool kind of keeps track of your instances
<asac_> and allows you to shut down etc.
<smoser> are you familiar with schroot ?
<asac_> important that the host gets to know when an operation is finished so it can pull the artifacts and shut down
<asac_> smoser: no :)
<asac_> smoser: oh i know schroot yes
<smoser> right.
<asac_> but not how to use that in the cloud... is there a great receipt how that can do what i want?
<smoser> oh, you can't.
<asac_> i want it to be a bit dynamic i guess
<smoser> but from an interface perspective, would that be enoug for you?
<asac_> e.g. just having static cloud servers running that i can schroot into would be a bit lame :)
<rbasak> So right now I can do stsh foo, and it detect that a machine called foo doesn't exist, start one in the cloud (called foo), and ssh into it. So it's as if I typed "ssh foo" and the machine existed already. My tool also sorts out known_hosts automatically and updates ~/.ssh/config so scp, rsync and vanilla ssh will work too.
<asac_> smoser: i guess...
<asac_> smoser: if i can see the running instances with schroot -l
<asac_> and have switches to start up
<smoser> ie, when i want a new schroot, i do schroot --run-session --chroot ...
<asac_> and turn off
<asac_> it could be good
<smoser> and then when i'm done, i kill it.
<rbasak> I have stsh --terminate foo and stsh --list which are easy enough to convert to schroot compatible flags
<smoser> that can be all done in one command in schroot too (new session, chroot in, exit when command temrinates)
<asac_> smoser: i think exiting the schroot shouldnt shut it down
<smoser> in schroot it does sometimes.
<smoser> but you can make it not
<asac_> smoser: so more like schroot ... goes into an existing chroot
<rbasak> asac_: you can do that with schroot, by requesting a persistent session when you create it
<smoser> right.
<asac_> interesting :)
<smoser> so basically i think the model works well.
<smoser> the schroot just happens to be somewher eacross the planet
<rbasak> I think the schroot model works, but is a bit wordy to use by hand interactively
<smoser> it is wordy, i agree.
<smoser> :)
<asac_> yeah. a convenient wrapper
<asac_> would be great
<asac_> like
<rbasak> OTOH, I think there's a lot of value in trying to match syntax with existing tools
<asac_> cloud-root --list
<asac_> cloud-root --start name
<asac_> cloud-root name CMD
<asac_> cloud-root --kill name
<asac_> still need to be able to download stuff
<asac_> like cloud-root get /path/to/file
<rbasak> So I'm thinking of keeping my mechanism but have an schroot-cloud wrapper that wraps it into schroot-compatible options
<smoser> asac_, well that is just:
<smoser>  cloud-root name cat /path/to/file > file
<smoser> or
<rbasak> or in my case, scp name:/path/to/file . :-)
<asac_> cloud-scp name:/path/...
<asac_> wow
<asac_> thats cool
<asac_> :)
<smoser>  cloud-root name tar cf - file1 file2 file3 > local.tar
<asac_> but ftp like behaviour would also be fun :)
<rbasak> sftp will work :)
<asac_> cloud-root name tar cf - file1 file2 file3 > local.tar
<asac_> thats interesting
<asac_> cool
<rbasak> that's just "ssh name tar cf - file1 file2 file3 > local.tar" :-)
<smoser> right.
<smoser> so, its settled.
<asac_> where can i download such tool :)?
<smoser> rbasak will write a tool and i tell him how i want it to look :)
<asac_> omg
<asac_> i would love it
<asac_> :)
 * rbasak has written the tool already; I just need to write the smoser-wrapper :-P
<smoser> can you have that done by monday rbasak ?
 * smoser ducks
<rbasak> Actually that's not even that far off feasible :)
<rbasak> smoser: I have a cloud-init feature request for this BTW
<smoser> rbasak, you should show asac_ what you have though
<smoser> rbasak, .... what is that ?
<smoser> rbasak, and you should point me to what you ahve also
<asac_> rbasak: i am a happy lead customer to try out and provide you feedback on how your command line interface is convenient and inspiring :)
<smoser> asac_, in bikeshed (kirkland) there is a too....
<smoser> let me find it
<rbasak> I was discussing this with utlemming back in January. The issue is how to get known_hosts updated securely.
<asac_> lol
<smoser> called cloud-sandbox
<rbasak> kirkland used what let's call a double-key mechanism
<smoser> yeah.
<rbasak> that works but is a bit ugly
<rbasak> I'm reading the console fingerprint from get_console_output and verifying that automatically, but the catch is that EC2 is really slow at updating it, so starting an instance is slow
<rbasak> But on openstack it's fine since get_console_output doesn't need updating and works immediately
<smoser> rbasak, so that is just motivation for using openstack
<smoser> :)
<rbasak> The third mechanism that utlemming came up with for EC2 was using SQS as a read-once key delivery mechanism
<smoser> that requires putting credentials to do that into the instance.
<rbasak> Create a queue, add one item that contains the key, put the credentials for that in user data, then cloud-init fetches the key out.
<smoser> right ?
<smoser> oh.
<smoser> the othe rway around.
<rbasak> Yes - but the credentials are useless once cloud-init has finished, since the key will no longer be available from the queue.
<smoser> here is the other thing i considered:
<smoser> http://openkeyval.org/
<smoser>  * using that...
<smoser>  * on creation, you come up with a long secret key
<smoser>  * use that to tell the instance to post its keys to that location in openkeyval
<smoser>  * wait for that key to appear
<smoser>  * use it
<smoser> you can also fortify it by having more htan just the key as the secret
<smoser> but adding a secret that you then calculate the sum of "content+secret" and append it to what is posted.
<smoser> then you know that only someone who knows that secret could have posted valid content there.
<rbasak> Isn't there a race there? Malicious code runs after the instance has booted and ran cloud-init and is doing its normal workload, and you haven't fetched the key yet
<rbasak> Unlikely I admit
<jMCg> EVERYTHING as a web service.
<smoser> rbasak, "malicious code runs after instance has booted"
<smoser> thats your problem
<smoser> you can't really fix that, now can you
<smoser> :)
<rbasak> smoser: in that case why don't we just supply the private host key in userdata? :)
<smoser> hm.. is that true. is this no btter?
<smoser> let me think
<rbasak> it is a lot better, but I think there an (unlikely) race, which the other methods avoid.
<smoser> rbasak, yeah, it is bettter
<smoser> hm.. i dont knwo.
<smoser> rbasak, so wouldn't hte SQS need creds in the instance?
<smoser> to read the message?
<smoser> i need to read more on sqs
<rbasak> smoser: yes. But it gets a bit hacky at this point. I think you can create a per-instance queue so you don't give the instance any more creds than for it's own queue, which will have only one message.
<rbasak> smoser: at this point I'm wondering if kirkland's hack is less of a hack than this one
<rbasak> (also kirkland's solution is genius even if it is a hack)
<smoser> yeah. it does work.
<smoser> and he had kees look at it to review it.
<kirkland> rbasak: what's kirkland's solution?
<rbasak> kirkland: your temporary key thing to securely get a private key to an instance and know its fingerprint
<kirkland> SpamapS: yeah, I'm seeing that in a few places (byobu in precise flickering;  something wrong with the status caching mechanism)
<kirkland> rbasak: why thank you :-)
<kirkland> rbasak: I do like that, very much
<kirkland> rbasak: though a much, much more forward thinking solution would be to use monkeysphere
<hallyn> zul: where is the patch you wanted me to add to libvirt?
<kirkland> rbasak: though I haven't gotten smoser to go for that one yet
<kirkland> rbasak: smoser: the *right* answer to this problem, in my opinion, is monkeysphere
<smoser> regarding momkeysphere, i'm just lazy
<zul> hallyn: damn that one totally fell off my list hold on
<smoser> patches welcome
<smoser> zul, you said theres a fix for bug 942865 in gerrit ?
<uvirtbot`> Launchpad bug 942865 in nova "upgrade from diablo leaves existing images with kernel unbootable" [High,Triaged] https://launchpad.net/bugs/942865
<smoser> there is no comment to such affect in the bug
<zul> smoser: yes
<zul> hallyn: its this commit: http://libvirt.org/git/?p=libvirt.git;a=commit;h=9130396214975ba2251082f943c9717281039050
<lamont> SpamapS: I heard a rumor you might know about 904834 - it'd be good to see that get into precise
<lamont> SpamapS: specifically wrt the MIR for librbd-dev
<zul> hallyn: sorry about that the past couple of days have been hilariously busy
<rbasak> kirkland: interesting!
<rbasak> kirkland, smoser: that's not really cloud-specific though, right? Wouldn't it make more sense to integrate monkeysphere into Ubuntu Server generally first?
<zul> Daviey: just uploaded a fix for he eventlet memory leak as well
<smoser> zul, you have a link ?
<zul> smoser: https://review.openstack.org/#change,4788
<smoser> i'm completely incapable with gerrit's ui
<zul> smoser: eh?
<smoser> booo to vishy
<smoser> for not even adding the bug neumbers
<zul> hehe
<smoser> * Adds name from manifest to glance on register
<smoser> woot!
<smoser> i had a review that did that
<smoser> but it was nacked waiting on test cases
<zul> smoser:  anyways ill backport it for e4 today
<smoser> plese
<Daviey> zul: nice
<zul> so i just uploaded glance e4, so any fixes that need to go in between now and the next snapshot i created a branch called lp:~ubuntu-server-dev/glance/essex.milestone.e4 so if there needs to be any fixes between now and next friday (the new snapshot) will go in here, since the packaging branches follows trunk
<lynxman> jamespage: ping
<lynxman> or actually Daviey or zul, does this look okay? http://pastebin.ubuntu.com/865160/
<Daviey> lynxman: it looks like a failure merging d/changelog?
<lynxman> Daviey: hmm yeah you're right, 1 sec
<lynxman> Daviey: I had 2.7.10-1 from debian twice by mistake
<lynxman> Daviey: when syncing straight from debian again the previous ubuntu changelog disappears? I mean... the 2.7.10-1ubuntu1 release
<zul> lynxman: why arent you using syncpackage?
<lynxman> zul: erm... *blushes* didn't know it existed :)
<zul> if you are synching straight from debian (no ubuntu changes)
<lynxman> zul: that's correct
<zul> lynxman: install ubuntu-dev-tools
<lynxman> zul: I have it there already
<zul> lynxman: http://manpages.ubuntu.com/manpages/oneiric/man1/syncpackage.1.html
<hallyn> zul: and you've tested with that patch?
<zul> hallyn: yep works fine
<hallyn> ok
<lynxman> zul: the thing is that I have no upload rights and I need to do a bzr merge, which is what I was doing
<zul> lynxman: oh yeah duh....carry on :)
<lynxman> zul: heh :)
<zul> lynxman: why not apply for ubuntu-serv-dev rights?
<lynxman> zul: you reckon I'm experienced enough?
<zul> lynxman: sure i guess
<Daviey> lynxman: this isn't a sync is it?
<lynxman> Daviey: not 100% due to the debian-changes patch being different from one version to the next
<lynxman> Daviey: but that's it
<hallyn> zul: is there a bug to reference for that?
<zul> hallyn: no
<hallyn> k
<hallyn> firing away
<Daviey> lynxman: unless it is a straight sync, always maintain the changelog as is.
<lynxman> Daviey: so just add the debian changelog entries on top of the ubuntu one (the ones that are newer I mean)
<lynxman> Daviey: http://pastebin.ubuntu.com/865188/
<smoser> rbasak, just one more thing to say regarding the ssh auth stuff.
<smoser> another option that requires s3 is to add an s3 expiring url and '#include' it.
<rbasak> smoser: yes, that would wowrk
<rbasak> work
<Daviey> lynxman: wait, why isn't this a sync?
<smoser> its not as good as a one time use, but, reasonable.
<rbasak> yeah
<smoser> cloudinit has '#include-once' explicitly for that purpose.
<smoser> monkeyspere or kirkland's solution use no additional AWS infrastructure (meaning they "just work" on openstack)
<rbasak> what would clean the S3 entry up?
<smoser> they have "expiring urls"
<rbasak> doesn't that correspond to a real URL?
<smoser> yes.
<smoser> but it goes away
<smoser> magically
<smoser> http://www.givp.org/blog/2011/08/01/amazon-s3-expiring-urls-with-boto/
<rbasak> Yeah but wouldn't we want to clean up the real URL?
<smoser> you mean delete the object in the bucket?
<smoser> i dont know what happens to i, if it automatically deletes or not
<smoser> i'll try
<rbasak> I think it stays
<lynxman> Daviey: that's what I'm saying, I think it's a sync, but I can't sync since I have no upload rights :)
<Daviey> lynxman: if it is a sync, that is - no ubuntu delta still required.. use the 'request-sync' tool
<rbasak> AIUI, it's a mechanism to give people temporary access. It's just the authorization that expires.
<Daviey> err, syncpackage
<lynxman> Daviey: alright! will do so
<rbasak> To make it secure, cloud-init would need to sleep for the expiry time
<lynxman> Daviey: with requestsync then rather than syncpackage
<Daviey> lynxman: err, yeah
<lynxman> Daviey: cool, doing right now
<Daviey> rocking
<lynxman> Daviey: bug #944866 filled
<uvirtbot`> Launchpad bug 944866 in puppet "Sync puppet 2.7.11-1 (main) from Debian sid (main)" [Undecided,New] https://launchpad.net/bugs/944866
<Daviey> lynxman: cool
<smoser> rbasak, yeah, you're right.
<smoser> it'd need cleanup
<uvirtbot`> New bug: #944866 in puppet (main) "Sync puppet 2.7.11-1 (main) from Debian sid (main)" [Undecided,New] https://launchpad.net/bugs/944866
<smb> smoser, Hi, today I brought up a cg1.4xlarge as spot instance and normally. Both show the exactly same stuck cpu#0 as you had. But I cannot get it to do the same locally (even giving it 16 vcpus (while I only got 8 physical cores))
<smoser> smb, hm..
<smoser> well, i guess we should open a bug, and maybe ping amazon via utlemming.
<smoser> smb, note, i'm not certain if natty had this issue or not.
<smoser> have you tried other kernels ?
<smb> smoser, Right, I am a bit clueless right now. No only tried the precise daily up to now
<smoser> does it happen every boot ?
<smoser> could you just install the natty kernel and reboot and test it htat way ?
<smb> smoser, From the two attempts it did both times, but I can do that natty (oneiric?) test
<smoser> smb, the number of times i think i've considered you "clueless" in regard to kernel is... let me count.... ZERO
<smoser> smb, well, you can surely bisect at the distro-kernel level to get more info there.
<smoser> we should open a bug.
<smb> smoser, Well, let me put it that way. It seems always cpu#0 and the instruction pointer we get printed always is the same place (xchg used as nop, after enabling interrupts). Its nothing normally getting a cpu stuck.
<smb> smoser, Agreed, I will open one
<jcastro> hey smoser
<jcastro> I thought we had gotten our AMIs in the amazon quickbrowser by now?
<smoser> jcastro, apparently not
<kirkland> jdstrand: howdy!  when you get a chance, could you respond to soren's questions on https://bugs.launchpad.net/ubuntu/+source/ssh-import-id/+bug/944367 ?
<uvirtbot`> Launchpad bug 944367 in ssh-import-id "Ignores $http_proxy setting" [Wishlist,Triaged]
<jdstrand> kirkland: hi! done
<kirkland> jdstrand: rockin, thanks
<kirkland> jdstrand: I'll specifically whitelist https_proxy
<jdstrand> kirkland: well, that isn't what I suggested in the comment
<kirkland> jdstrand: hmm, okay, so not just existence of the env var
<jdstrand> kirkland: *optionally* whitelisting https_proxy seems the safest move (via command line)
<kirkland> jdstrand: but you'd like the user to additionally tell ssh-import-id to use $https_proxy ?
<kirkland> jdstrand: i was thinking of just adding env -i https_proxy="$https_proxy" ...
<kirkland> jdstrand: but that's not acceptable to you?
<jdstrand> kirkland: it doesn't matter to me if the arg allows preserving what is already in https_proxy or the user explicitly setting it
<kirkland> jdstrand: but your point is that it has to be an additional non-default argument on the command line explicitly enabling that behavior?
<jdstrand> kirkland: imo opinion this is one of the variables we would want to filter
<jdstrand> kirkland: yes
<jdstrand> s/opinion//
<soren> jdstrand: Can you elaborate a bit on your rationale? I (sort of) understand it's a privileged operation, but what is cleaning the environment supposed to protect against?
<soren> Er...
<soren> s/privileged/sensitive/, of course.
<kirkland> jdstrand: under what situation would a user's https_proxy environment variable be potentially compromised, where they would also be running ssh-import-id?
<jdstrand> if https_proxy is set to connect to something else, you can import an id that you perhaps didn't intend
<jdstrand> it helps with mitm attacks
<soren> jdstrand: ...who would be able to set that?
<kirkland> (so the good news is that smoser helped add the optarg parsing to ssh-import-id, so this is technically doable...thanks, smoser)
<soren> jdstrand: If I can override a user's environment, I can probably add things to his authorized_keys, too?
<jdstrand> it isn't just that your environment is altered
<jdstrand> this could be in a script situation, etc
<jdstrand> (depth)
<jdstrand> but, that point aside
<jdstrand> say it is set to https_proxy=https://foo.bar
<jdstrand> if you are now in a cafe and foo.bar is redirected to an attacker's machine, the attacker could mitm you
<soren> How so? wget checks certificates?
<SpamapS> jamespage: thanks I'll take a look
<jdstrand> is it doing it correctly? does it do it by default? it is just a safty measure
<SpamapS> lamont: re librbd+kvm in precise.. waiting on MIR approval as right now kvm will FTBFS if we add support
<SpamapS> hallyn: ^^ would you agree with that being the reason?
<soren> jdstrand: I guess. Cleaning the environment here just seems kinda arbitrary.
<lamont> SpamapS: who do I prod about getting the MIR approved?
<jdstrand> well, that's how I roll :P
<jdstrand> I see wget has a --no-proxy arg. perhaps that is the easy toggle
<SpamapS> jdstrand: can we prod you for status on the CEPH MIR?
<SpamapS> jdstrand: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/932898
<uvirtbot`> Launchpad bug 932898 in ceph "[MIR] ceph" [Undecided,Confirmed]
<Daviey> Is that still going ahread?
<Daviey> ahead*?
<jdstrand> SpamapS: the status is nothing has happened yet. I've asked Daviey for a prioritized list of security MIR reviews and will be working through that
<SpamapS> Ah
<Daviey> jdstrand: Yep, that should have been with you already.. Waiting on some more data my side.
<philsf> I need some sanity check on my apache virtualhosts config. I'm setting apache to listen on the ip address for a virtualhost for testing purposes, before I set the DNS, but it seems to be looking into the index of the wrong vhost.
<zul> Daviey: i sure hope keystone and horizon are on that list
<Daviey> zul: naturally
<zul> Daviey: good
<SpamapS> lamont: ^^ there you go... I think the MIR team is a bit backed up this cycle. :-P
<jdstrand> Daviey: I am still going through email this morning...
<philsf> http://paste.ubuntu.com/865332/
<SpamapS> zul: re python-tz .. was there no possibility to use pythone-dateutil ?
<SpamapS> zul: I noticed nova or glance or something pulled it in
<zul> SpamapS: it was a dependency of python-babel which has been dropped
<lamont> SpamapS: clearly, we need to arrange a small corner to put the MIR team in so we can discuss priorities... :D
<jdstrand> Daviey: you sent that email? I dont see it. what is the subject?
<SpamapS> lamont: perhaps we should use...... _THE COMFY CHAIR_
<lynxman> SpamapS: noooo, not the comfy chair
<SpamapS> lynxman: ok then, just the soft cushion
<lynxman> SpamapS: that'll show 'em
<philsf> in the above pastebin are the headers of the two vhosts in question, where it's clear that they have different DocumentRoot's. When accessing the FARMACO vhost DocRoot, however, apache seems to read the index.html ICB vhost, which calls a CGI application that's obviously not there. To make things worse, if I try to access /index.html, it reads the correct one. I've grepped for redirects and found nothing suspicious. Can anyone see what am I doi
<philsf> ng wrong here?
<philsf> http://paste.ubuntu.com/865332/
<jdstrand> zul: the keystone mir is still incomplete awaiting a response from the server team
<Daviey> jdstrand: no, i'm still waiting on some more data..
<zul> jdstrand: and you will have your response on monday
<jdstrand> Daviey: oh, I see
<jdstrand> ok
<Daviey> jdstrand: sorry!
<jdstrand> no worries
<jdstrand> I already reviewed one keystone...
<Daviey> jdstrand: It's a full rewrite. :/
<Daviey> (joy)
<jdstrand> yeah
<jdstrand> that is pretty unfortunate as I reviewed the first one... :|
<jdstrand> oh well
<SpamapS> jdstrand: not so unfortunate if you gave it the same negative review as the team who decided to rewrite it ;)
<jdstrand> heh
<jdstrand> in terms of time, it was unfortunate. the code audit itself was not super deep
<jdstrand> (how can it be?)
 * jdstrand stops griping
<___MAX> Hi, ubuntu bootmgr is missing press ctrl+alt+del to restart
<smb> smoser, utlemming bug 944923 contains all I think to know so far
<uvirtbot`> Launchpad bug 944923 in linux "[EC2:cg1.4xlarge] CPU#0 stuck for 23s! [migration/0:6] __do_softirq+0x60/0x210" [Low,Triaged] https://launchpad.net/bugs/944923
<smb> smoser, It looks like an Oneiric 3.0 kernel does also lag at some point. Just a bit (ok, half as long) less and without softlockup triggering.
<hallyn> SpamapS: I don't see lamont's q.  but yes we're waiting on mir (see -devel)
<zul> main openstack projects have been upated to e4 + bugfixes quantum, swift, and melange will be uploaded this afternoon
<sixstringsg> If I'm running a make over SSH, what is the best way to make it continue if I disconnect SSH?
<rbasak> sixstringsg: run it in a screen
<sixstringsg> Yeah, but I hate trying to scroll back in screen...
<sixstringsg> In case it fails.
<sixstringsg> I guess I should just learn screen better, thanks.
<rbasak> Then you could do make >make.log 2>&1& and then tail -f make.log. Either with screen or without
<sixstringsg> Thanks!
<smb> or make 2>&1|tee log ...
<rbasak> Or make 2>&1 |tee make.log
<rbasak> smb: :)
<sixstringsg> So many options!
<rbasak> but that would die if the connection dies
<smb> rbasak, :) just about the same time
<rbasak> you could stick a & at the end I suppose
<rbasak> bit messy
<smb> Id just use it together with screen
<rbasak> sixstringsg: if you don't like screen, look at byobu. It wraps screen and makes it a bit more approachable.
<rbasak> Not sure what it does about the scrollback keybindings though
<sixstringsg> Thanks. Honestly, I just haven't taken the time to learn screen properly.
<rbasak> Yeah it isn't pleasant to learn.
<sixstringsg> Cannot open your terminal '/dev/pts/6' - please check.
<sixstringsg> I'm getting that with both.. THis is a new server I'm playing with, so I haven't used screen on it yet.
<sixstringsg> Nevermind, fixed.
<smb> smoser, Ok, so this hvm delay on vcpu#0 happens all the way back to Natty (at least)
<jamespage> kirkland, around? have a question about dotdee (might be a bug but not sure)
<savid> Using ufw, I want to delete rule NUM, but how do I know which NUM to use (they are not numbered in the status view)?
<savid> oh, nm.  I needed "status numbered"
<whoozdat> hello
<whoozdat> howdy ubuntu server users
<arthurjohnson> hola
<whoozdat> need help setting up bind9
<whoozdat> what is $TTL 3D
<whoozdat> in db.zonefile ?
<kirkland> jamespage: yo yo, what up?
<jamespage> kirkland, hey!
<jamespage> so I'm using dotdee in a couple of charms I'm working on
<kirkland> jamespage: hey man, hope you're doing well :-)
<jamespage> kirkland, sure am - hope that life is treating you well as well!
<kirkland> jamespage: yeah, things going well
<jamespage> good
<jamespage> question re dotdee - I should not have to be calling dotdee --update to get it to update a file under management should I?
<queso> So in lucid I installed open-vm-tools in a new virtual machine I just built and it installs the X server?  Something's wrong there.
<queso> There isn't a -nox version of open-vm-tools?
<patdk-lap_> yep
<patdk-lap_> oh wait, of open tools? no, of the offical vmware ones, yes
<queso> https://help.ubuntu.com/community/VMware/Tools According to this it's a bug and I should use --no-install-recommends.  Okay, that works :)
<guntbert> queso: thx for the heads-up
<queso> guntbert: yw
<genii-around> I wonder why server doesn't have APT::Install-Recommends set to 0 by default
<kirkland> jamespage: correct
<kirkland> jamespage: it should do that automatically, using inotify
<whoozdat> hello
<whoozdat> i tried to reinstall bind9 and it just gives me a subprocess error
<whoozdat> root@clientx1-lab:~# /etc/init.d/bind9 start
<whoozdat>  * Starting domain name service... bind9                                                                                                               [fail]
<whoozdat> root@clientx1-lab:~#
<SpamapS> whoozdat: check logs
<whoozdat> var/log/syslog?
<SpamapS> jamespage: any chance you're running on top of overlayfs ?
<SpamapS> jamespage: inotify no worky in overlayfs
<SpamapS> whoozdat: thats the best place to start yes
<whoozdat> you are right
<whoozdat> it iw starting now
<whoozdat> thakns SpamapS
<whoozdat> SpamapS, dude its working now
<whoozdat> thakns
<whoozdat> root@clientx1-lab:~# nslookup yahoo.com
<whoozdat> Server:         10.152.187.2
<whoozdat> Address:        10.152.187.2#53
<whoozdat> thank you so much bro
<whoozdat> damn the syslog even tells you what line in the named.conf.local has errors
<whoozdat> I just set up and dns
<whoozdat> yay!!!!
<SpamapS> whoozdat: woot!!
<koolhead17> zul: /o.0\
<whooz> one question
<whooz> when I installed 11.10 64-bit, I gave it a hostname, now I changed the hostname tosomething else and it will change and will show when I type hostname, but for some reason ,it changes back to the original one when I installed the OS, what am I missing here?
<kantlivelong> how can i setup a nic to be up on boot but unconfigured?
<whooz> edit /etc/network/interfaces and make it auto for the ethx and choose dhcp
<kantlivelong> whooz: im not even looking for dhcp.. just up. no IP
<whooz> just leave it blank then
<kantlivelong> whooz: would i just do "iface ethX inet manual"
<kantlivelong> ?
<whooz> on the ifave section
<whooz> iface
<whooz> don't put static or dynamic
<kantlivelong> just manual
<whooz> then choose static
<whooz> put 0.0.0.0
 * koolhead17 is happy
<kantlivelong> ah
<whooz> then you can change that @ a later time
<whooz> you can configure it later if you wish to
<kantlivelong> whooz: im bridging the iface w/ vbox and it needs to be up
<kantlivelong> thats all :P
<kantlivelong> danke :)
<kirkland> jamespage: are you still having trouble with it?
<kirkland> jdstrand: did you and soren come to any compromise on https_proxy and ssh-import-id?
<kirkland> jdstrand: i can absolutely confirm that wget does check and require valid certs by default
<kirkland> jdstrand: you can override that with wget --no-check-certificate
<kirkland> jdstrand: but, of course, i would never do that when importing an ssh public key
<kirkland> jdstrand: as for it doing it correctly, there's always a chance that wget could have security vulnerabilities, as well as problems with the root certs it uses in /etc/ssl
<kirkland> jdstrand: but that's a general problem, not specific to ssh-import-id
<jdstrand> well, the thing I am advocating is defensive coding since this is a sensitive file. part of defensive programming is scrubbing the environment. having a scrubbed environment seems like a sane default, and an option to explicitly whitelist/set https_proxy allows people the flexibility to use https_proxy when they need it
<jdstrand> I came up with 2 situations where there could be a potential problem. one could argue that they are marginal cases, but I'd rather err on the side of caution with a file of this nature rather than trying to enumerate all the problems and hoping we thought of them all
<Daviey> jdstrand: try to get LP to sign the +sshkeys :)
<SpamapS> So have signing on the socket, and the content?
<Daviey> no, sign the datasource.
<Daviey> oh, i se what yu mean
<Daviey> personally, i don't think socket is enough.
<hallyn> SpamapS: hm, is there any guarantee that udev is started before runlevel 2?
<hallyn> I thought there would be, but don't actually see it...
<hallyn> mountall (filesystem), yes.  udev, no
<hallyn> static-network-up could come close, except for failsafe.conf
<raubvogel> If I want a script to be run on monday and on friday, can't I have an /etc/cron.d file with something like * * * * 1,5     root    /usr/local/bin/do-something?
<SpamapS> hallyn: no no guarantee
<SpamapS> hallyn: if you need udev, you need to start on started udev
<hallyn> SpamapS: jinkeys.  Thanks :)
<SpamapS> hallyn: or if you're looking for a particular event...
<hallyn> no no, i was just reviewing an upstartification
<raubvogel> Oops! I forgot to fix time of the day, so it is sending once a week
<raubvogel> shame on me
<jamespage> kirkland, SpamapS: I'm seeing this in lxc containers managed by juju - does that user overlayfs?
<SpamapS> jamespage: no
<adam_g> zul: do you have a url to where ec2-fixes.patch came from?
<zul> adam_g: https://review.openstack.org/#change,4788
<adam_g> zul: thanks
<uvirtbot`> New bug: #945117 in samba (main) "can't edit files in my public guest allow rw folder" [Undecided,New] https://launchpad.net/bugs/945117
<kirkland> jdstrand: so what would the call look like, for example?  ssh-import-id -e https_proxy jdstrand soren kirkland ?
<kirkland> jdstrand: where -e says "enable this environment variable"
<kirkland> jdstrand: and https_proxy is the env variable to whitelist?
<jdstrand> kirkland: seems fine. alternatively you could always use wget with '--no-proxy' unless the user gives '-p' or '--use-proxy' to ssh-import-id
<kirkland> soren: what do you think?  would you use this if I went through the trouble to fix it?
<kirkland> soren: it would annoy me greatly as a user
<kirkland> soren: but thankfully I'm not behind such a firewall
<soren> kirkland: I think "-e https_proxy" is too awkward.
<kirkland> soren: i'd agree
<kirkland> soren: what about just -e
<soren> I mean, sure, I'd use it, because I need the functionality, but just a simple -p or whatever would be much preferred.
<kirkland> soren: which means "don't scrub my environment at all"?
<soren> Also, if this could get hooked up through cloud-init... Much appreciated.
<kirkland> soren: it already is
<kirkland> soren: well, ssh-import-id already is
<kirkland> soren: not the proxy bit
<soren> Right, that's what I mean.
<soren> I use it with cloud-init, but I'm screwed behind this proxy.
<kirkland> ssh_import_id: [$LAUNCHPAD_ID]
<kirkland> soren: ah
<kirkland> soren: ah, i see, you need the cloud-init support to work with this
<kirkland> jdstrand: how about just a "-e" option, which says "use my current environment, please don't scrub" ?
<soren> ssh_import_id: ['-e', 'soren'] <- ftw, I guess.
<jdstrand> kirkland: that seems overkill but if the default is scrub, I really don't care either way
<kirkland> jdstrand: okay, yeah, I agree;  default is scrub, if someone trusts and needs their environment, I'll give it to them
<kirkland> soren: ah, is that how cloud-init already parses that data?
<soren> kirkland: Not sure.
 * soren checks
<soren> kirkland: Yes.
<stgraber> hallyn: new kernel!!!
<hallyn> not built yet though is it?
<kirkland> soren: do you have a place you can test this?  http://paste.ubuntu.com/865752/
<hallyn> actually lxc was failing on my one laptop where i'd installed that kernel.  i've not had time to look into it
<hallyn> so i'm a little fjeered
<Canadian1296> I set up a mail server (postfix and dovecot). How do I actually use it? I tested with telnet and got a 250, but how do I actually send and receive mail?
<kirkland> soren: I've verified that it does flip the "env -i wget" and just "wget"
<stgraber> hallyn: built for amd64 but currently waiting for bin-newing (and still building on the other archs)
<stgraber> hallyn: they're bumping the ABI so they'll all new to go through NEW, then a new linux-meta needs to be uploaded and finally a new d-i, so it probably won't be installed by default until at least Monday
<hallyn> well i for one welcome our mount-refusing-apparmor overlords.  you know, whenever they show up in the archive...
<hallyn> stgraber: seems my cgroup patches messed up lxc when you have ns cgroup enabled.  gotta try and fix that on monday
<hallyn> (cause i'm out the rest of next week)
<whooz> hello
<hallyn> stgraber: i mention it bc 0.8.0 release presumably will be held up on that being fixed
<jdstrand> I'll look at the deNEW in a minute
<gary_poster> hallyn, hi.  we have another ephemeral tweak we need.  The ssh approach we are using to connect in lieu of lxc-attach is biting us a bit.  since our use is automated, we need to connect as the user that has a key that makes everything seamless.  therefore we added that and it does what we need.  The full file is http://paste.ubuntu.com/865763/, and the diff is http://paste.ubuntu.com/865767/.  We don't really love t
<gary_poster> his, and we could imagine you not liking it because it takes us farther away from the replaceable illusion that we are using lxc attach...but we need it.
<gary_poster> other suggestions welcome, of course
<gary_poster> on a somewhat related note, I've been suggesting to my team that we produce a version of lxc-start-ephemeral that uses aufs, and then try to track what you are doing.  Maybe a nicer approach would be to have a flag in the official version of the script that switches to aufs.  We would only use this if the problems that hurt us with overlayfs were unresolved in precise by the time we needed it, for whatever reason.
<gary_poster> (we'd be happy to produce that diff if you said it would be ok)
<hallyn> gary_poster: both ubuntu and ubuntu-cloud templates take '-A', so might be nice to keep it as -S for lxc-start-ephemeral
<hallyn> uh, s/-A/-S/ there
<hallyn> gary_poster: i saw the emails this morning and figured aufs support should be added back in as an option
<gary_poster> cool
<gary_poster> hallyn, cool, -S for auth key, can do.  Do you want me to...file a bug for this, maybe, with the changes?  Or something else?
<hallyn> gary_poster: i'm off most of next week, so if you can write the the patch tha'td cbe great
<kirkland> soren: poke me once you've tested and I'll commit
<kirkland> soren: and try to get a release team approval for precise
<hallyn> gary_poster: if you're writing the patch anyway, you can do it as a merge request against ubuntu:lxc
<gary_poster> hallyn, ok cool, will do
<gary_poster> hallyn, do you want bugs, or don't bother?
<hallyn> gary_poster: thanks much
<hallyn> well, bugs are good,
<hallyn> to reference in the changelog
<gary_poster> ok we'll file
<gary_poster> thanks hallyn .  have a nice weekend and time off
<hallyn> gary_poster: thanks
<hallyn> gary_poster: do you guys use '-b' in lxc-start-ephemeral at all?
<gary_poster> hallyn, yes, though I've wondered if we have to
<gary_poster> given default behavior
<hallyn> right i think in my mind i was thinking more like the binduser functionality.  but what the heck, let's not rock the boat right now.
<hallyn> ttyl :)
<gary_poster> :-) ok cool ttyl
<benji> hallyn: here's the MP: https://code.launchpad.net/~benji/ubuntu/precise/lxc/bug-945183/+merge/95678
<uvirtbot`> New bug: #945177 in nova (main) "not lintian clean" [Undecided,New] https://launchpad.net/bugs/945177
<hallyn> benji: can you add a changelog entry?  then i'll just accept it and push immediately.
<hallyn> benji: note i'm a *little* uncomfortable (but probably being pedantic) about LXC_KEY not being defined when not specified
<hallyn> prefer having it initalized to "" before the getopt
<uvirtbot`> New bug: #945183 in lxc (universe) "lxc-start-ephemeral is difficult to use with non-"ubuntu" accounts" [Undecided,New] https://launchpad.net/bugs/945183
<benji> hallyn: if you wan't I'll be glad to change it, since you don't use set -e, it won't be a problem to be undefined
 * benji adds a changelog entry
<hallyn> i worry about environment poisoning
<hallyn> won't be a problem when i rewrite it in go :)
<hallyn> (so that we can set filecaps - we can't do that with scripts)
<benji> hallyn: what are the leading numbers in these changelogs?  what should I use?
<hallyn> benji: use "dch -i" which will increment it for you to 0.7.5-3ubuntu32
<hallyn> benji: at the end of the description, add (LP: #945183)
<benji> hallyn: I mean the prefixes to each line, like "0050-clone-lvm-sizes:"
<benji> is that a branch name?
<hallyn> benji: oh.  sorry
<hallyn> I guess 0056 now
<benji> ok
<hallyn> no, wait
<hallyn> benji: you dont' need a patch, bc this is under debian/
<benji> ok, so just leave the colon and the bits before out, right?
<hallyn> benji: right, those are filenames under debian/patches
<benji> ah, gotcha
<benji> hallyn: ok, it's pushed, the diff at https://code.launchpad.net/~benji/ubuntu/precise/lxc/bug-945183/+merge/95678 has updated already
<hallyn> benji: thanks, i'll take a looka nd push.
<benji> hallyn: cool!
<hallyn> benji: no wait, did you mean to add 'user:,ssh-key:' to longoptions?
<hallyn> If not, ok.  IF so, I'll add it real quick
<wonderman> hi, ive asked many times i know, but can someone help me diagnose 408 HTTP error further if they have time ?
<jacobw> hi
<milkshake_> hi :)
<benji> hallyn: oops, you're right; I'd appreciate it if you could add them
<hallyn> will do, have a good day
<jacobw> milkshake_: do you install the package and did `a2enmod` ?
<milkshake_> jacobw yes
<milkshake_> and when I do apache2ctl -M
<milkshake_>  it lists the mods as enabled
<jacobw> and apache still doesn't execute perl?
<milkshake_> nope but I think I need to add a file to the mods-available DIR in apache
<wonderman> if i am rotating logs, using 'logrotate' and i want to rotate 4 apache logs, what should i do with my 'postrotate' which restarts apache gracefully, surely i dont want to do this 4 times?
<jdstrand> stgraber, hallyn: fyi, I have reviewed the amd64 for deNEW. I am going to wait on i386 to finish and deNEW them both
<jdstrand> stgraber, hallyn: I'm talking about the kernel of course
<jdstrand> (i386 should be done soon I hope)
<hallyn> jdstrand: I'm fuzzy on all that but assume that's good - thanks :)
<jdstrand> hallyn: just trying to let you know that I am getting you your kernel :)
<hallyn> aweseome :)
<neodypsis> Why does apt-get update need SU privileges to execute?
<neodypsis> Has someone successfully deployed Nginx (from deb http://nginx.org/packages/ubuntu/ lucid nginx) on a production server?
<tarvid> added a second nic to access a local LAN and now the default route is through the local LAN instead of the WAN interface
<tarvid> how should I change this?
<tarvid> since networking restart is deprecated, how are you supposed to restart networking?
<humungulous> tarvid: how about sudo ifdown eth0; sudo ifup eth0
<tarvid> very bad if you are remote
<humungulous> well, any bounce of the network interface has that property if you are remote
<tarvid> I'll try it
#ubuntu-server 2012-03-03
<humungulous> it'll disconnect you
<humungulous> that kind of thing you need to do over console, one way or another
<tarvid> curiously, I had no stanza other than lo in interfaces and things worked, I added  a second nic and it set the default route to the second nic instead of the first
<tarvid> how would I permanently set the default route to eth0?
<humungulous> using the route command
<humungulous> or the route directive in interfaces
<SpamapS> tarvwhat exactly did you think network restart did, otehr than 'ifdown -a ; ifup -a' ?
<SpamapS> oh he's gone
<uvirtbot`> New bug: #945264 in ntp (main) "NTP not receiving PPS signal" [Undecided,New] https://launchpad.net/bugs/945264
<milkshake_> how can I fix Options ExecCGI is off in this directory:  in the vhost?
<uvirtbot`> New bug: #945299 in keystone (universe) "keystone_2012.1~e4-0ubuntu1_all fails to install" [Undecided,New] https://launchpad.net/bugs/945299
<Canadian1296> I need some help with postfix. I tested it and it works, but then I changed postfix to use Maildir instead of mbox. When I restarted it, it created a file called Maildir in ~, but it is a file not a folder. Now I cannot check my mail.
<delinquentme> SSH is over what protocol?
<delinquentme> i've set securities on my ec2 instance and I need to include something so i can log in
<Canadian1296> delinquentme: Check to make sure you have openssh-server installed and port 22 open.
<delinquentme> Canadian1296, port 22 is open
<delinquentme> and I've been able to ssh in before
<Canadian1296> That's odd...
<delinquentme> the security setting might not have registered correctly
<delinquentme> its cool
<uvirtbot`> New bug: #945453 in etckeeper (main) "README has wrong VCS default (should be bzr, not git)" [Undecided,New] https://launchpad.net/bugs/945453
<armaan> hi folks
<armaan> does anybody know about login details for oneiric-server-cloudimg-amd64
<SpamapS> armaan: https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_Local_Hypervisor_Natty_onward
<armaan> Spamaps: dint work
<armaan> Spamaps: those login details did not work
<James_KL> hello , installing Ubuntu Server , gives that error x86_64 : http://bitsy.me/img4dy - WTF?
<pmatulis> funny bunny
<husien> hello guys.. :)
<husien> just finish install ubuntu server 11.10 into oracle VM virualbox
<husien> problem with ssh-server
<oCean> husien: we really need a bit more details :)
<husien> i try use putty to connect at my hostname server1.example.com but error
<husien> when i use my ip 196.168.x.x   is ok..
<oCean> husien: to connect using a hostname, usually a DNS servers exists in networks. But you can also edit your hosts file on the windows client
<husien2> ermm
<oCean> husien2:  to connect using a hostname, usually a DNS servers exists in networks. But you can also edit your hosts file on the windows client
<husien2> oCean, how?
<oCean> husien2: actually more of a ##windows question, but I think the hosts file is somewhere in Windows\system32\drivers\etc\
<husien2> ok
<husien2> oCean, thanks.. its working.. :)
<husien2> how about when i start my server i got this --- Stopping automatic crash report generation [fail]
<uvirtbot`> New bug: #693594 in libcgroup (universe) "cgroup-bin should not move kthreadd into a default cgroup" [High,Confirmed] https://launchpad.net/bugs/693594
<uvirtbot`> New bug: #945615 in php5 (main) "XDebug PHP version compatibility issue" [Undecided,New] https://launchpad.net/bugs/945615
<pdtpatr1ck> Question - can someone please give me a working ubuntu pressed file example and a Preseed PXE example file. For some reason mine does not see the pressed file and keys asking to choose a mirror of the ubuntu archive
<hggdh> pdtpatr1ck: just a sec
<hggdh> pdtpatr1ck: http://pastebin.ubuntu.com/867196/ (working preseed) this is used under PXE, but there are no PX details here. This is Orchestra/Cobbler
<pdtpatr1ck> Oh nice! thanks :)
<gnome> why can you not share a /home/user/ and then nfs them to all slaves and setup for passwordless ssh.? if they user dir isn't shared and mounted I can easily do passwordless.
<gnome> -- using mpic is why i am testing this. seems to me there is a way to make it functional with a shared home, but the NFS file share when generating keys seems to make a mess of what is suposed to happen, short of writing the file, then making it not writable by any clients, and restarting nfs again or rather unmounting then genkeys, then file permission lock on the .ssh folder, then
<gnome> remount.
<gnome> why does this process have to be so manual.... for shared home with .ssh
<gnome> i guess just dont' let it share subdir's.
<angelleye> I have a test server setup that was using mod_php.  I was having permissions issues with that, though, so I followed a guide to install SuPHP, which seems to have worked except that now my sites won't load PHP scripts.
<angelleye> I see two php.ini config files now, one for mod_php and the other for cgi
<angelleye> seems like maybe I need to make my sites use the cgi version..??
<uvirtbot`> New bug: #945941 in samba (main) "smbd crashed with SIGABRT in rep_strlcpy()" [Undecided,New] https://launchpad.net/bugs/945941
#ubuntu-server 2012-03-04
<Nicolas_Leonida2> hi
<Nicolas_Leonida2> I've installed samba
<Nicolas_Leonida2> this is my smb.conf : http://pastebin.com/ETH5yxLU
<Nicolas_Leonida2> the windows computer can not discover the ubuntu server, \\server doesn't work
<Nicolas_Leonida2> and ubuntu server can't ping the windows computer by name either
<Nicolas_Leonida2> what could be wrong?
<Skaag> what's a good web panel for the latest ubuntu server?
<taipres> cpanel the best known, most use centos with that though
<taipres> not sure if it's locked to that distro or not
<taipres> directadmin good
<taipres> plesk just got hacked so i'd avoid them
<taipres> webmin is free
<shauno> webmin has a pretty terrible record on debian-based distros too.  zentyal is the one I hear being thrown around most often
<shauno> (webmin doesn't always do things "the debian way", which causes issues when the distro does.  don't fight your distro.)
<Nicolas_Leonida2> Hey can someone help me with this? http://superuser.com/questions/396657/samba-share-can-not-be-discovered-from-windows-7-in-ubuntu
<JanC> Skaag: web panel to do what?
<Skaag> basically add apache sites, create/manage mysql databases, etc.
<Skaag> I'm trying out ehcp now
<Skaag> I use DirectAdmin on some systems, It's fine, but I prefer something that relies on the ubuntu packages of php and mysql
<Skaag> I never heard about Zentyal
<JanC> there is also SysCP, which was written for Debian-like systems
<Skaag> it is no longer supported
<JanC> and it's in the Ubuntu repositories
<Skaag> the owner said he posted it on github so others can perhaps fork it
<JanC> there is a fork of SysCP somewhere
<Skaag> yes, Froxlor
<JanC> hm, I used SysCP several years ago, worked well back then
<JanC> seems like Froxlor is still active?
<Skaag> yes it is
<Skaag> it even looks pretty good
<Skaag> you can see a demo here: http://demo.froxlor.org/
<JanC> well, sure looks a lot fancier than SysCP, but most important is whether it is working as well as SysCP
<Skaag> good question - I'm about to investigate
<JanC> and somebody should package it instead of SysCP probably  âº
<angelleye> So I had some virtual hosts configured in apache, but it was all default mod_php.  I was having permissions issues, so I installed SuPHP, but now my PHP pages won't load correctly on the server.  I've searched and searched and everything says I just need to make sure my directories are 755 and my files are 644.  They are.  I still can't get past this.  Would love some advice, please.
<Skaag> my suggestion is mod_ruid2
<angelleye> once i get a handle on getting the site(s) to use the handler I want, then I'd love to try something else.  But is there anything you can tell me about how to at least make it work with suphp right now?
<rax_> hi
<rax_> any web server admins here
<rax_> pref who run wwordpress
<angelleye> on my live servers I have WHM/Cpanel or Plesk, and in each there's a simple drop down where I can change the site's PHP handler
<rax_> cpane/whm only runs on centos
<twb> rax_: maybe try #wordpress first?
<rax_> yeah but I want ubuntu web admins
<rax_> :)
<angelleye> well, whatever it's doing on centos seems to work
<angelleye> i need to do the same here
<angelleye> i can see two different php.ini files in my server.  one for mod_php and one for cgi
<rax_> I'm trying to migrate a site now
<angelleye> so it seems like maybe my sites are just seeing the wrong one..??
<rax_> causing me problems
<twb> angelleye: so edit one and see if it affects those sites.
<angelleye> how would I see?  i can't get PHP to load at all right now.
<rax_> anyone use ebox
<rax_> here
<twb> !anyone > rax_
<ubottu> rax_, please see my private message
<rax_> thanks
<angelleye> the only one that was there originally was /etc/php5/apache2/php.ini, and everything was working fine except for my permissions issues.  Then I just installed suphp following a guide online which matched the same steps I see pretty much everywhere, and everything followed the screenshots accordingly, but now none of my sites load and the guides all act like there's nothing else to it.
<rax_> webmin isn't supported officially on  ubuntu
<rax_> im trying to use ebox to administer a wordpress blog, and its not able to let me in
<twb> Sorry, I do not provide support for any WHCP.
<rax_> keep getting my connection refused
<rax_> dont' know what a whcp
<rax_> its ok
<rax_> thanks anyway
<rax_> ill keep tinkering away
<rax_> ebox is just what is featured here https://help.ubuntu.com/10.04/serverguide/C/ebox.html
<twb> Web Hosting Control Panel -- cpanel, plesk, ebox, webmin, etc.
<rax_> twb are you a website host
<rax_> how do you manage your sites
<rax_> just SSH in ?
<twb> Yes.
<rax_> what about monitoring
<twb> nagios and collectd
<rax_> you're right
<twb> But because I will not allow PHP on my systems, blog.cyber.com.au is actually managed by wordpress.com, not by me
<rax_> ill uninstall ebox
<rax_> why no php
<twb> Because PHP is responsible for over one quarter of all security issues every year
<rax_> but
<rax_> any serious website needs php
<angelleye> in WHM on my live server there's a section called "Configure PHP and SuExec" and in there is a drop down that allows me to change the PHP 5 Handler from suphp, dso, fcgi, and cgi.  so that must issue some sort of command when I submit a change here, right?  Any idea what the equivelant is in Ubuntu?
<rax_> no clue... :(
<twb> rax_: if by "website" you mean an application, there are non-negligible alternatives to PHP for server-side scripts; from the venerable perl, to python, to new-shiny-js (nodejs), to edge cases like seaside (smalltalk), C, and haskell.
<twb> And of course tomcat, but I am not a fan of Java either.
<rax_> you're right
<rax_> but theres a lot of cms out there
<rax_> like wordpress
<rax_> drupal
<rax_> joomla
<rax_> that rely on mysql and php
<rax_> facebook usesp hp
<rax_> php**
<rax_> you're inferring php is a bad programming language
<twb> rax_: that's because CMSs are built by and for idiots.
<rax_> :(
<twb> I'm not *inferring* anything.  PHP is an obsenely poor programming language.
<twb> *obscenely
<rax_> how come
<rax_> due to security flaws?
<angelleye> he'd just rather waste his time building everything from scratch cuz it makes him feel cool.
<twb> The abysmal security record from PHP is a side effect of its poor (or absent) design, and its large community of undereducated users
<angelleye> underedcuated users...that's the problem
<angelleye> php isn't the problem
<rax_> perhaps
<rax_> all good points though.
<rax_> there isn't any absolute answer here though
<twb> angelleye: actually the PHP core has significant issues, too.
<rax_> in reality developers and users exist within their realms, and a significant portion of companies and devs use PHP
<twb> angelleye: e.g. the recent hash fix that introduced a remote execution vulnerability.
<rax_> id rather work with Ubuntu
<rax_> then debian
<rax_> or centos
<rax_> i have some cpanel/whm servers too
<rax_> im trying to move away for my Vps customers
<twb> rax_: obviously if your $boss says you have to use PHP, then you have to either suck it up and use it, convince him otherwise, or get a better job
<rax_> what about ASP.NET?
<twb> I know nothing of that because it's proprietary and/or platform-specific.
<rax_> a lot of websites rely on Windows
<masumotok> hello, I am trying to install ubuntu-orchestra. when I login to http://localhost/cobbler_web/ and click any menu like "distros", I enforcely am taken back to login screen. it only happens when I use chrome( IE, firefox, no problem). does anyone know what kind of settings are necessary to chrome?
<rax_> never used orchestra
<rax_> what is it
<masumotok> rax_: http://cloud.ubuntu.com/2011/10/getting-started-with-ubuntu-orchestra-servers-in-concert/
<twb> rax_: some kind of change management / provisioning / cloud thing
<rax_> ah cool
<rax_> for some reason vsftpd isn't retrieving a directory
<rax_> anyone have any ideas?
<rax_> im logging in as a user who's a sudo
<ch33z____> who cares
<ch33z____> read the manual
<gnome> cd i have
<gnome> like 9 times
<gnome> every one of them
<gnome> and they don't say at the end of them..
<gnome> 'this fundamentally doesn't work'
<gnome> er ch33z
<gnome> i am using orc to deply to a 10 machines cluster for mpi research
<gnome> i encounter all kinds of bs. :0
<twb> http://mywiki.wooledge.org/FtpMustDie
<qman___> yep, FTP was never a good idea, and now that SFTP is so laughably easy to set up and use, there's no excuse for it
<twb> qman___: it was probably a good idea when the incumbent was UUCP
<twb> Back when there were nearly 100 computers in the world
<rax_> lol
<rax_> wghats this
<rax_> thats funny
<rax_> sftp huh
<rax_> I'm stuck with FTP
<rax_> i take it  you don't use vstpd
<qman___> there's no reason to use FTP at all
<qman___> every FTP client worth its salt now supports SFTP
<rax_> alright forget it
<rax_> im just installing webmin
<rax_> this commadn line business is taking too long
<twb> Plonk.
<qman___> well, good luck with that, but be aware that once you do that, we can't help you
<qman___> webmin breaks things in weird ways and is akin to voiding the warranty
<twb> s/wierd/stupid/
<rax_> what does it break
<rax_> webmin is awesome.
<rax_> i coldn't get FTP going
<rax_> I'm using the file manager in webmin
<rax_> to do this
<qman___> rax_, the things that webmin breaks are too varied and unpredictable to list or predict, that's why it's not supported
<rax_> just a few libraries that aren't.
<rax_> debian supports it
<rax_> theres no webmin equivalent
<rax_> http://www.webmin.com/deb.html
<qman___> that's not correct
<qman___> debian is supported by webmin, but webmin is not supported by debian
<rax_> right
<rax_> sorry
<rax_> how about this
<rax_> installing webmin
<rax_> doing all the intiial configuration work
<rax_> using their built in tools
<qman___> not supported
<rax_> then uninstalling, through apt-get remove
<rax_> i installed it from binaries
<rax_> usnig dpkg
<rax_> in that guide
<qman___> installing and using is what does the damage
<qman___> and that damage is not undone by removing
<rax_> what damage does it do
<qman___> breaks config files
<qman___> doesn't follow the debian way
<twb> webmin's .deb is just a tarball converted to a deb
<rax_> oh
<twb> webmin will update itself in-place, breaking checksums against its own deb
<rax_> I don't understand all the hate for this great applicatin
<rax_> what about virtualmin
<twb> Last time I checked, there were at least three critical errors and over a hundred non-critical errors in webmin's .deb
<rax_> but it works so great.
<rax_> :(
<qman___> if you consider breaking package management great, ok
<qman___> but we can't support that, and we can't support your broken system after webmin breaks it
<rax_> im not asking for any support - its not like im paying for this OS to begin with
<rax_> i appreciate your feedback on the matter though
<rax_> i still don't understand why webmin "breaks" anything
<qman___> it is well known to break package management and cause other software to not work as expected
<qman___> because of that we cannot support or recommend it
<qman___> if it works for you, that's your prerogative
<rax_> well
<rax_> my original problem was managing a website
<rax_> im looking for some remote tools to make this easier
<rax_> webmin has a lot of built in tools
<rax_> like the file manager
<rax_> along with the mysql manager too
<rax_> qman what do you suggset
<rax_> for remote tools
<qman___> I don't know exactly what you're getting at
<qman___> SFTP works great for file management
<rax_> I don't think wordpress supports sftp
<rax_> ftps is another story
<qman___> I don't know anything about wordpress, but if it's running on ubuntu, you can use sftp
<qman___> that is, I don't know anything about using wordpress
<qman___> I know plenty about sites that use wordpress getting spammed and hacked
<rax_> yeah i manage about 30
<rax_> all on cpanel hosts
<rax_> they do fine.
<rax_> im trying to get away from cpanel though
<rax_> licensing fees and processing overhead
<rax_> is killing me
<rax_> all websites hosted on dedicated or vps's
<rax_> running centos
<qman___> well, if I was going to run a wordpress site, I'd start with 'apt-get install wordpress'
<rax_> apt-get install wordpress
<rax_> i have no idea what that command does
<rax_> i need to be able to configure virtual hosts
<rax_> name based
<rax_> that command overrides a whole bunch of stuff
<qman___> name based virtual hosts are easy
<qman___> well-covered in the server guide
<rax_> yeah but
<rax_> well
<rax_> to be honest
<rax_> im looking at a way to use kvm
<rax_> to virtualize environments
<rax_> theres an appliance from turnkey linux
<rax_> a wordpress appliance
<rax_> I want to run the Xen image
<rax_> but I have no idea how to configur ekvm
<rax_> configure**
<qman___> Xen and KVM are two completely different softwares
<qman___> you can't use a Xen image on KVM or the opposite
<rax_> shows you how much I know about virtualizing on ubuntu
<qman___> but you don't need some prepackaged image either
<qman___> if all you want is a wordpress server image, just create one
<qman___> install blank ubuntu server, apt-get install wordpress, configure basics, and save it
<qman___> there's your wordpress appliance
<rax_> apt-get install wordpress isn't enough though. I'm trying to migrate a wordpress site over.
<rax_> that'd be great if i was just starting a site.
<qman___> the turnkey appliance is going to be the same deal
<qman___> I don't know wordpress, but importing data is most likely going to be just importing the database and ensuring the right packages are installed
<qman___> and maybe a config.php
<rax_> yep
<rax_> essentially
<rax_> then changing the config
<rax_> and created a mysql database user
<rax_> etc..etc..
<rax_> ill look into apt-get install wordpress
<rax_> aalthough i know its not fo rme, ive tried it.
<qman___> well, having not used it before, that's where I'd start
<qman___> but if you want to get more custom, just install LAMP and work from there
<qman___> use the dependencies listed for the wordpress package to know what's required
<rax_> yeah dude
<rax_> im on it
<rax_> just using webmin
<rax_> to manage it all
<rax_> got htop open in another window
<rax_> watching all the files move around
<rax_> i really love webmin <3
<rax_> great software.
<rax_> completely free to boot.
<rax_> damnit
<rax_> mysql
<rax_> so tricky
<twb> Kids these days...
<eagles0513875> hey guys
<eagles0513875> i have a question what is the URL that i need to use when trying to do a network install of ubuntu 10.04. when its at the part where it has to look for a release file on a particular mirror it seems like its unable to find the release file regardless of what mirror i give it
<uvirtbot`> New bug: #946137 in exim4 (main) "4.76.3-3ubuntu3 : update-exim4.conf crashed with SIGSEGV in __libc_start_main()" [Undecided,New] https://launchpad.net/bugs/946137
<RoyK> anyone here tried sanlock?
<RoyK> anyone that knows what might be starting dnsmasq on this machine? it's running kvm on 11.10
<JanC> libvirt?
<JanC> RoyK: ^^^
<wonderman> someone please for the love of god help me diagnose this
<wonderman> http://pastebin.com/ByFDFWMB
<SpamapS> wonderman: can I do it just for the love of belgian waffles?
<wonderman> sure...
<wonderman> ive looked into everything i can think of
<SpamapS> wonderman: is it ongoing or a one time thing?
<wonderman> ongoing
<SpamapS> wonderman: perhaps your log format is just wrong?
<wonderman> like how?
<SpamapS> wonderman: in your config files there's a default LogFormat (assuming thats an apache log?)
<wonderman> thats not all my log, i grepped it for "408"
<SpamapS> wonderman: ah ok
<SpamapS> wonderman: apache right?
<wonderman> yes
<SpamapS> wonderman: ah, thats a DoS then
<SpamapS> wonderman: 408, request timeout
<SpamapS> wonderman: means the other side is trying to exhaust your connections
<wonderman> its not a dos
<wonderman> its normal traffic, for the most part
<wonderman> same ip rarely comes up
<SpamapS> wonderman: well why else would you have many IPs failing to submit requests?
<wonderman> thats why i am here?
<SpamapS> wonderman: unless this server is behind a reverse proxy, and you're logging the Forwarded-For addresess.
<wonderman> how can i tell that?, ive not touched any settings with ym hosting provider
<wonderman> it could be DNS issue?
<SpamapS> wonderman: DNS, no.
<wonderman> well, no proxying here
<SpamapS> wonderman: 408 is issued by apache to a client when it takes too long to make a request
<wonderman> i know..
<wonderman> they have to have made an original request, to get the connection in the first place
<SpamapS> wonderman: the default "Timeout" is 300 seconds http://httpd.apache.org/docs/2.2/mod/core.html#timeout
<wonderman> correct
<wonderman> :S
<wonderman> ive been trying to diagnose this for a week now
<wonderman> prob is the 408 gives me nothing to go by...
<SpamapS> wonderman: is it causing an actual problem or just the logs?
<wonderman> just logs, but i cannot tell what these 1000s of clients is experiencing
<SpamapS> wonderman: they're not experiencing anything.. they've connected and failed to do anything with the connection in 300s ..
<SpamapS> wonderman: I have about 0.01% 408's in my server logs
<wonderman> could my content cause that?
<wonderman> no idea how many for me, but easily 5%
<SpamapS> I don't think content would cause it..
<wonderman> it cant be clients, how could so many people brow a website, and not request anything?
<wonderman> kind of impossible if you ask me
<wonderman> via a browser
<SpamapS> ar/$
<SpamapS> doh
<SpamapS> wonderman: because they're broken
<wonderman> doesnt make sense
<wonderman> :)
<SpamapS> wonderman: could be a spider.. some botnet looking for more to compromise
<wonderman> i checked 50 ips
<wonderman> they are general traffic
<SpamapS> wonderman: ahh.. any possibility they're getting firewalled somehow?
<wonderman> i dont have any firewall whatesoever currently, not sure about hardware FW, but i doubt it as i have to pay for that :)
<Kiall> Anyone else seeing connection failures to us-east-1.ec2.archive.ubuntu.com?
<donal> hi all
<donal> I'm trying to run an application on ubuntu
<donal> the app needs to send email
<donal> I've looked at the instructions for installing postfix https://help.ubuntu.com/11.04/serverguide/C/postfix.html
<donal> they seem scary
<donal> and there's lots of different choices presented, most of which I don't understand
<donal> all I want to use the SMTP server for is sending email from my application
<donal> apart from installing the server itself, what do I need to do in terms of configuration?
<viezerd> donal: see if this helps http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client
<donal> thanks viezerd
<viezerd> yw
<donal> am I right in assuming that postfix can only send mail, i.e. it can't receive mail too ?
<viezerd> donal: postfix can also receive mail, from other mailservers, and then for example pass it to an IMAP or POP server
<RoyK> JanC: yep
<ch33z> I TELL YOU!!
<philipballew> If I want to have two ssh servers on a network. Should I only open a port for one and allow the other's to just be accsessed via the computer connected to the outside server or open ports for all of them?
<JanC> philipballew: depends on your use case really, but having only one accessible from outside might be better; just don't relax the security on those who aren't accessible from outside because you think they are safe...
<philipballew> true, I need to set up rsa keys on them  and also today I am setting up a vpn server on one. Is there anything security wise a vpn needs I might not have thought of that i would do normally for ssh?
<qman___> philipballew, having more than one at the same IP on different ports causes key errors if you try to access both from the same host
<qman___> SSH key verification doesn't treat different ports as different servers, only IPs
<qman___> so, unless you've got a very specific set of circumstances, it's best to have a 'gateway' SSH server to access the rest
<qman___> or use a VPN
<philipballew> yeah. one is .200 and one is 201. the 200 is my ssh and vpn server. the other monitors and logs the network. make sure our neighbors we let share dont look at porn and such
<philipballew> i like to use vpn to connect to and surf the web. but ssh to connect and play with the shell
<stgraber> hallyn: http://www.stgraber.org/2012/03/04/booting-an-ubuntu-12-04-virtual-machine-in-an-lxc-container/
<Canadian1296> I'm having some problems with postfix acessing my mysql database. I'm getting `Mar  4 14:37:07 server postfix/trivial-rewrite[18415]: warning: connect to mysql server localhost: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)` in mail.log
<ikonia> Canadian1296: sounds like mysql isnt running
<Canadian1296> ikonia: It is, I just checked
<ikonia> Canadian1296: how did you check
<Canadian1296> ikonia: sudo service mysql status
<ikonia> Canadian1296: that is not valid
<ikonia> Canadian1296: try to connect to the database with the mysql client
<Canadian1296> Alright
<Canadian1296> `mysql -u mail -p` (type password). I get a mysql prompt.
<Canadian1296> ikonia: ^^
<lamont> the socket isn't linked inside the chroot and the daemon in question is running chrooted
<Canadian1296> lamont: How do I fix it?
<lamont> that'd be my guess
<ikonia> who says he's chrooting ?
<ikonia> it' wrong
<ikonia> (mysql doesn't chroot by default)
<lamont> that or the daemon doesn't have access to /var/run/mysqld/mysqld.sock
<Canadian1296> And i didnt tell it to, so it''s not.
<lamont> postfix
<Canadian1296> How do I check if it does?
<ikonia> check if the socket file exists  /var/run/mysqld/mysqld.sock
<ikonia> then check the permissions
<ikonia> (it should exist if you have connected)
<ikonia> Canadian1296: mysql -u mail -D $database -p
<Canadian1296> ikonia: It exists and is owned my mysql:mysql. Permissions 777
<Canadian1296> ikonia: and I can connect with that command
<lamont> trivial-rewrite defaults to chrooted...  if this fixes it, then that's the issue.  note that the fix is wrong in all kinds of ways I don't have time to go into:
<lamont> mkdir -p /var/spool/postfix/var/run/mysqld/; mount -o bind /var/run/mysqld/mysqld.sock /var/spool/postfix/var/run/mysqld/mysqld.sock
<ikonia> lamont: what are you doing ?
<Canadian1296> ikonia: Should I run what he just said?
<lamont> ikonia: making the mysql socket available inside the postfix chroot
<ikonia> lamont: ooh, you mean postfix is chrooted
<lamont> ikonia: verily
<ikonia> lamont: sorry, I thought you where saying mysql was running chrooted
<Canadian1296> How do I tell?
<ikonia> Canadian1296: well, it seems a sensible approach if you are running postfix chrooted
<ikonia> Canadian1296: look in the config file
<lamont> anyway, I'll let you two work through it, I'm supposed to be across town
<lamont> Canadian1296: if you didn't change master.cf, postfix trivial-rewrite is running chrooted
<lamont> and I know for a fact that postfix-mysql maps package does nothing about dealing with the socket
<Canadian1296> I didnt change master.cf
<lamont> so your issue would (1) make sense, and (2) be a bug that I'd love someone to suggest a proper answer for
 * lamont really flees
<ikonia> I dont think postfix should create mysql sockets in chroot by default
<ikonia> that's part of understanding what you are doing
<Canadian1296> ikonia: Either way, how do I fix it?
<ikonia> follow lamont about creating a socket in your postfix chroot
<Canadian1296> ikonia: Didn't work. I'm just going to start over :/
<ikonia> ok
<nmittal> is there a GUI to setup RAID 1 on my machine
<philipballew> How would someone recommend transferring flies over ssh? I know there are so many options and one is better then others
<patdk-lap> scp
<patdk-lap> rsync
<philipballew> patdk-lap, thank you. I have used rsync before. Maybe today ill try scp
#ubuntu-server 2013-02-25
<Oblivion1500> anyone?
<_KaszpiR_> change ownershit of the directory to that group
<rbasak> jamespage: morning! How important is bug 1132302 for us? drbd8 is in main. rls-r-incoming?
<uvirtbot> Launchpad bug 1132302 in drbd8 "drbd8-utils are not compatible with kernel 3.8" [Undecided,New] https://launchpad.net/bugs/1132302
<rbasak> Debian is on 2:8.3.13-2. We could jump ahead if it's important I suppose?
<jamespage> rbasak, good morning!
<jamespage> rbasak, yes - I'll do the required now
<jamespage> rbasak, fancy doing the work on that? I'll sponsor it for you
<rbasak> jamespage: sure
<jamespage> rbasak, ta
<rbasak> jamespage: the upstream website doesn't refer to drbd 8.4, only 8.3. Although 8.4 sources are available. From the changelog, it looks like some kernel build fixes (for 3.7) were done in 8.3.15, and also in 8.4.3, and no mention of 3.8 in the 8.4 series changelog. Debian is on 8.3.13-2. So I think there's a good chance that updating to 8.3.15 will suffice, and then our delta against Debian will be smaller. If it works I can send that to Debian too.
<rbasak>  So I want to aim for 8.3.15 only, not 8.4.3. How does this sound to you?
<jamespage> rbasak, my experience is that 3.7/3.8 are pretty closely aligned so thats probably OK
<rbasak> OK I'll see how it goes
<jamespage> rbasak, I'd probably stuff it somewhere and ask the bug reporter to try testing with your proposed package
<rbasak> Good idea, thanks
<alex88> hello guys, I've a server that increases load every hour due processes remaining in D state.. someone else had the issue?
<[HUN]Bitvilag> hi everyone
<[HUN]Bitvilag> i have a question about ideal motherboard?! for ubuntu server
<[HUN]Bitvilag> is anyone here?
<Bitvilag> hi anyone here?
<Bitvilag> i have a question about intel q67 did anyone use that motherboard?
<vezq> Bitvilag: what is you question
<vezq> your*
<Bitvilag> heey
<Bitvilag> got answer on a dif channel
<Bitvilag> but thanks though
<Bitvilag> wasnt sure about intel q67 chipset
<alechk02> hey guys, is it safe to swapon -a && swapoff -a on a running production server? or is it better to make a scheduled reboot?
<histo> alechk02: is swap being used?
<alechk02> yup, ~170MB
<histo> alechk02: is ram being used in full?
<alechk02> nope, 40%: 800 out of 2000
<histo> alechk02: I believe it's safe perhaps someone else can answer. I'm not sure if information stored in swap is moved to RAM on swapoff. I would assume this would be the default behavior.
<alechk02> mmm, can't find decent answer anywhere...
<alechk02> guess it'll be safer to wait until scheduled reboot
<histo> alechk02: Is there a reason you want to take swap down and then back up?
<Haris> Hello
<Haris> Hello all
<Haris> how can I setup 12.04 LTS on pxe + cobbler such that the network booted installer doesn't ask me for CD-ROM during install. It gets all the files from network mirror/archive ?
<Haris> I have it setup on pxe, but the installer complains about non-existence of cd-rom during install
<zul> jamespage: https://code.launchpad.net/~zulcss/nova/nova-precise-g3/+merge/150317
<vezq> Haris: no experince with cobbler, using this successfully: http://fai-project.org/
<wwww> anyone know if this site is running on a linux server? riskcouture.com
<thekeeper> I would hope so.
<wwww> or what CMS is running on? www.riskcouture.com
<Pici> not really an Ubuntu question...
<thekeeper> looks custom to me.
<wwww> thats what i thought
<zul> jamespage:  https://code.launchpad.net/~zulcss/quantum/quantum-precise-g3/+merge/150325
<wwww> custom php job
<thekeeper> yup
<thekeeper> and british company and hosting
<zul> Daviey: hey can you look at python-wsme please?
<Haris> vezq: found part of the answer. No worries. Thank you!
<sonOfRa> When installing PHP on a 12.10 machine, is it PCRE compiled with unicode by default?
<sonOfRa> I'm getting this error:
<sonOfRa> Compilation failed: unknown property name after \P or \p
<sonOfRa> on preg_replace(). I assume it is due to lacking unicode support. Is there a way to check, or to install it properly with unicode support?
<Haris> Hello all
<Haris> where's the pxe/netboot kernel, initrd images for 12.04lts on the ISO ?
<Haris> or where can I find them
<Haris> are they in the mini iso ?
<Haris> http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/netboot.tar.gz
<Haris> http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/
<Haris> is this 12.04lts 64 bit images that I need ?
<Jeeves_> wget -q -O ${BASEDIR}/netboot.tar.gz http://nl.archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/netboot.tar.gz
<Jeeves_> tar zxf netboot.tar.gz
<Jeeves_> That's what I do
<Jeeves_> To fix pxe
<zul> jamespage:  http://people.canonical.com/~chucks/ca/ (precise-g3)
<psivaa> hallyn: Would like to know how the fix for bug 1130029 goes :)
<uvirtbot> Launchpad bug 1130029 in ubuntu-test-cases "testcase: test_lxc_api returns error in raring lxc server smoke tests" [High,Confirmed] https://launchpad.net/bugs/1130029
<hallyn> psivaa: i've sent another merge proposal last week.  should be fixed
<CallingPanther> ok new install of ubuntu 8.04 server and running irssi....What to do next...Hmmm?
<hallyn> psivaa: oh, the other failure, that's lxc-execute on precise failing.  i'd just comment that out, but as it'sa different bug i didn't want to pollute the openone
<hallyn> i'd like the first fix to be accepted separately, then i can propose a fix for the other - bc if the other ends up being easier to fix in lucid, then i want to uncomment the test case
<hallyn> in anyc ase this is low prio for me, so if it needs to be bumped up then let me know
<zul> hallyn:  you see that libvirt 1.0.3 is getting cut?
<hallyn> psivaa: ideally i'd have about 2 hours to dedicate to properly fixing that so we don't have to comment out hte test case
<hallyn> zul: no
<zul> hallyn:  ill have a look at it this week
<jamespage> zul, cinder and quantum both have typos in the changelog
<zul> jamespage: ergh...ill fix it gimme a sec
<zul> jamespage: *sigh* i shouldnt wirte changelogs before i had my morning beverage
<jamespage> zul, no
<zul> jamespage: fixed
<jamespage> infact I think I might ask Mrs zul to chain your office shut until that has happened!
<zul> jamespage: heh
<hallyn> psivaa: i will look at it this afternoon
<CallingPanther> Hello again
<psivaa> hallyn: ok, thanks for that. I understand that its a test code issue but since it is a smoke test failure, the visibility is high on that
<hallyn> psivaa: yes, but in the future please keep in mind what i said about differnet bugs for different failures
<hallyn> psivaa: that will make it easier to undo things
<hallyn> psivaa: (and especially merge proposals)
<psivaa> hallyn: ack, will do, and wont test it until the MP gets approved and merged :)
<hallyn> psivaa: my preference would be for the bug (which is about the lxc api test) to be called fixed, and the mp to be accepted :)  The other failure you see I'm hoping to fixin the lp:~serge-hallyn/+junk/lxc-test tree
<hallyn> but whatever, off to finish qemu hopefully :)
<psivaa> hallyn: ack, will follow that flow in the future :)
<jamespage> zul, http://people.canonical.com/~jamespage/ca-updates/ for review
<jamespage> zul, just testing your packages now
<zul> jamespage:  looks good to me
<Daviey> zul: sure (sorry missed the msg))
<zul> Daviey: no worries
<jamespage> zul, cinder and glance: +1
<zul> jamespage:  and the rest? :)
<jamespage> zul, give my laptop a chance!
<zul> jamespage: noooo! :)
<jamespage> zul, horizon: +1
<jamespage> zul, keystone +1
<hallyn> zul: when i do http://people.canonical.com/~serge//kvm-p-to-r-script, apt-get install -f at the end gives me:
<hallyn> E: Internal Error, No file name for libssl1.0.0
<hallyn> if i manually copy that file into /var/cache/apt/archives, it next complains about libblkid, and so on.
<hallyn> zul: do youmind taking a quick look and seeing if i'm diong something wrong with ftp-archive  that would amke this happen?
<jamespage> zul, did you fixup https://code.launchpad.net/~zulcss/cinder/cinder-ftbfs-again/+merge/150239
<zul> hallyn: you might want to look at reprepro
<jamespage> can't see it anywhere?
<zul> jamespage:  not yet its on my todo list
<jamespage> zul, ack
<hallyn> looking
<jamespage> zul, nova +1
<zul> jamespage:  so we should be good yes/
<jamespage> zul, almost
<zul> jamespage:  ill wait then :)
<jamespage> zul, quantum +1
<zul> jamespage:  cool ill start uploading
<davlaps> hi folks!
<katronix> Hi all, yesterday someone was telling me that referring to eth0:X was not the 'current way' of adding multiple IPs to your box. Could you please remind me the proper way of doing it now?
<davlaps> can anyone tell me which of the current dell rackservers are compatible with 12.0.4.2 LTS?
<davlaps> (e.g. R620, R720, etc. 12th gen).
<davlaps> i've looked at the ubuntu compat pages, but the models are out of date there..
<zul> jamespage:  uploaded
<jamespage> zul, ack
<jamespage> zul, looking at http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/grizzly_versions.html
<jamespage> there are a few other packages in CA that are a bit out of date
<jamespage> any of them important and worth and upload?
<zul> jamespage:  looking
<tedski> davlaps: i have 12.04 running on R620s right now
<zul> jamespage:  greenlet and cliff yes not sure about the others
<jamespage> zul, if you prepare the uploads I can ack
<davlaps> tedski: that is great! did you have to do anything special? i heard in september last year R720's were crashing..
<jamespage> zul, what about swiftclient?
<zul> jamespage:  sure
<zul> jamespage:  ah yes swiftclient as well
<hallyn> zul: i get the same behavior with reprepro
<zul> hallyn: ill check this afternoon
<hallyn> zul: thanks.
<tedski> davlaps: we had some specific bios settings
<hallyn> i can't tell ifi t's something due to doing dist-upgrade from precise to raring, or something in my packages
<tedski> davlaps: i'm diggin up my notes...
<tedski> standby and i'll share
<davlaps> tedski: that's awesome, thanks!
<tedski> davlaps: the first batch of r620s we got didn't come with the bios in performance mode... but i see that's now in the updated bios releases
<tedski> davlaps: that's all we had to do... without that, we had some system freezes
<davlaps> tedski: great. so just set "performance mode" in the bios..
<davlaps> did you use raid at all on your hdd?
<tedski> davlaps: yup.. bios -> system bios -> system settings
<davlaps> cool.
<tedski> davlaps: we have the H310s and we're running hw raid on some, some are just passthrough
<davlaps> i need 2 TB of storage..
<davlaps> ok. thanks!
<tedski> the package srvadmin-storageservices will let you configure/monitor the raid
<tedski> that works well with nagios' check_openmanage
<tedski> davlaps: if you run into any troubles, feel free to ping me... i don't always watch this window, so privmsg might be best
<zul> jamespage: http://people.canonical.com/~chucks/ca/
<jamespage> zul, looks like missing changelog history for python-cliff
<zul> jamespage: hold on
<jamespage> zul, ditto greenlet
<jamespage> zul, swiftclient looks OK
<zul> jamespage: try now
<tedski> davlaps: i'm trying to figure out a way to manage the raid controller without having an os on the machine...
<tedski> davlaps: of course everything dell has is windows-centric
<katronix> can anyone help? , yesterday someone was telling me that referring to eth0:X was not the 'current way' of adding multiple IPs to your box. Could you please remind me the proper way of doing it now?
<davlaps> tedski: ok. thanks again for your help. much appreciated!
<tedski> katronix: to the best of my knowledge, that's the way to do it
<jamespage> zul, OK - they look good now
<zul> cool thanks
<jamespage> zul, looks like its going to take a few hours to build - I'll sweep everything through tomorrow AM
<zul> jamespage:  uploaded
<zul> jamespage:  cool ill tweet it tomorrow then
<saba> Is the Gamin daemon included in 12.04 by default?
<katronix> tedski, sorry which way? the eth0:X?
<tedski> katronix: yes
<tangomike> I have a cluster of ubuntu 10.04 apache servers.  They share config files via a read only NFS mount.  I would like to upgrade apache, but apt complains. Unpacking replacement apache2.2-common ... dpkg: error processing /var/cache/apt/archives/apache2.2-common_2.2.14-5ubuntu8.10_i386.deb (--unpack):  unable to securely remove '/etc/apache2/sites-available.dpkg-new': Read-only file system.  Is it possible to get around this error? can I tell apt to ign
<sarnold> tangomike: you were cut off at "apt to ign"
<tangomike> can I tell apt to ignore the configuration directory and only install the binaries?
<zul> jamespage: https://code.launchpad.net/~zulcss/cinder/cinder-ftbfs-again/+merge/150384
<Drag0nflamez> I turned on byobu via SSH and it looks all weird
<Drag0nflamez> Like this http://i.imgur.com/Cx6Qftl.png
<sarnold> Drag0nflamez: when things get that far wrong, it is often a mismatched TERM environment variable vs the terminal emulator you're actually using
<Drag0nflamez> sarnold, hmm.
<Drag0nflamez> echo $TERM gives me screen
<Drag0nflamez> not sure what SSH uses anyway
<sarnold> how about before you started screen?
<sarnold> ssh is just a transport.
<Drag0nflamez> true
<Drag0nflamez> itÂ´s a fresh install, actually
<Drag0nflamez> so screen already loaded when it booted.
<zul> yolanda: https://code.launchpad.net/~zulcss/python-novaclient/novaclient-2.11.1/+merge/150391
<yolanda> ok
<yolanda> done
<yolanda> zul, i think we should be packaging python-ceilometerclient, don't you think? i'm using that for my openerp integration
<zul> yolanda:  should already be in the archive ill update it today
<yolanda> oh great
<pythonirc1011> I need to install ubuntu on 10 bare metal machines. RAID 10. Whats the easiest way to automate this?
<pythonirc1011> mdadm raid
<xnox> use a preseed file with partman-auto-raid stanzas
<xnox> that will work, unless you require LUKS on top of raid10.
<xnox> google for partman-auto-raid to find samples from the internet/guides/documentation/help/mailing-lists etc.
<mikeey> I have installed dnsmasq and added the pointers I want in /etc/hosts, however I have to type for example "http://www." (notice the dot) to go to the internal webserver, I want to be able to just type "http://www" and go to it, is it possible?
<tok0loshi> hey guys looking for some assistance with a Broadcom NetExtreme II issue
<Drag0nflamez> ah, fixed.
<zul> adam_g: http://people.canonical.com/~chucks/ca/
<zul> adam_g: ping
<adam_g> zul: hey
<zul> adam_g: https://code.launchpad.net/~zulcss/cinder/cinder-ftbfs-again/+merge/150384
<adam_g> zul: k. lookin at the CA packages now
<zul> adam_g:  no need jamespage did it this morning they got uploaded this morning
<roaksoax> smoser: are we rolling raring?
<smoser> rolling
<smoser> ?
<roaksoax> smoser: rolling release
<smoser> as in ephemeral iamges  ?
<roaksoax> smoser: both
<smoser> afaik there will be a 13.04 release.
<roaksoax> smoser: ok.. so we will start doing rolling releases after that then
<smoser> i dont actually know the official-ness of that
<roaksoax> ok thanks :)
<adam_g> zul: about that cinder branch, what does the OLSO_PACKAGE_VERSION get used for?
<zul> adam_g: brb need to go pick up the little one and then ill answer your questsion
<Mip5> Hi - I'm running 12.04.1 w/plenty of hardware, and recently have begun getting *very* slow progress on "Reading package lists..." from apt-get update. I've checked my raid1 with mdadm, and found no errors. Any ideas as to what I should check next?
<jpds> Mip5: strace the process and see what it's done?
<Mip5> thanks - I'm reading up on strace now - have never used it...
<Mip5> md0_raid1 is showing up in "top" and it is where my root is mounted. The load isn't typically high, but it's showing up consistently in the top 3 or 4 entries in "top"
<zul> adam_g:  its a workaround for oslo bug in cinder thats not reporting the right version in the testsuite
<hallyn> psivaa: hi, i *think* i've gotten it to where it should run.  Could you do another utah ubuntu-test-cases lxc run?
<hallyn> psivaa: (i've been testing by hand, want tomake sure  nothing else goes wrongn for you)
<hallyn> psivaa: actually, i just realized the utah testcase copies some of the code instead of bzr checkout-ing it.  setting up a new merge proposal
<alllex> Hi who can I find out which charset was used for the name of a folder?
<sarnold> alllex: render the name in every charset in turn until you get one that looks right?
<alllex> sarnold: exactly,  but how can do this?
<alllex> sarnold: exactly,  but how can I do this?
<sarnold> alllex: maybe something like this (untested): for l in `locale -a` ; do LC_ALL=$l xterm -e "ls -l /path/to/directory ; sleep 2" ; done ...
<azbyin> hi all.. how would I set the current timezone without running dpkg-reconfigure tzdata? i ask because this command is interactive
<sarnold> azbyin: iirc, a new symlink, hardlink, or copy, from the zoneinfo you want into /etc/timezone
<sarnold> azbyin: see if dpkg-reconfigure -f readline tzdata might save you the hassle
<azbyin> right, and and do i need to restart a service (or similar) to update the current time
<sarnold> azbyin: ooooh. that's some mighty old neurons there. I _think_ most applications just get the new data automatically but a handful cache the old information...
<azbyin> sarnold, thanks for the info on symlink localtime, but your second method is interactive too!
<sarnold> azbyin: so it is really the interactive bit that bites, eh? :)
<azbyin> yes :)
<sarnold> azbyin: there's also a noninteractive frontend, but I don't know what it'd do :) haha
<azbyin> i want no frontend, heh
#ubuntu-server 2013-02-26
<azbyin> sarnold, what is /etc/timezone used for? it contains the textual zone info on a single line.
<azbyin> copying over /etc/localtime worked fine and every new process gets the correct time, but this file still has the old zone mentioned. will this need to be overwritten as well?
<alllex> sarnold: unfortunetly I do not have xterm on my working server install; I tried iconv " for i in 'iconv -l | less | sed 's/.\{2\}$//' | less'; do iconv -c -f $i -t utf8 /FILEPATH/"  unfortunetly my bash skills are poor; could you help me to write a valid expression?
<sarnold> alllex: oh! silly me. I'd not noticed that /etc/timezone no longer has the zone data from /usr/share/zoneinfo/ itself.
<sarnold> alllex: I'm sorry I gave you bad advice.
<azbyin> sarnold, nevermind. i peeked into /var/lib/dpkg/info/tzdata.postinst
<sarnold> alllex: the zoneinfo files have a compiled description of offset from UTC, and at specific times what to change the offset to...
<azbyin> it is simply echoing the zoneinfo into /etc/timezone
<azbyin> sarnold, was that ^^ for me? if yes, i know what the zoneinfo files are :)
<sarnold> azbyin,alllex: *sigh* nickcollides in my brain :) sorry both.
<azbyin> haha
<alllex> nevermind, :-)
<sarnold> alllex: got it?
<azbyin> also, the recommendation is to copy over /etc/localtime instead of a symlink as some progs apparently *may* try to modify /etc/localtime and they will end up modifying the olson tzdata
<sarnold> azbyin: yikes :)
<alllex> :-)
<azbyin> indeed! anyway, the default is always to have that as a regular file. also noticed that the postinst actually creates a copy /etc/localtime.dpkg-new and then mv's the file to /etc/localtime
<azbyin> probably to ensure the tzdata file actually exists before making a symlink to a non-existent file
<sarnold> azbyin: probably also to avoid funny problems with filesystem races and loss-of-power.. a mv ought to be atomic, but opening, truncating, re-writing, and closing a file isn't atomic...
<Nicolas_Leonidas> hi, after changing the modem eth0 doesn't come up
<Nicolas_Leonidas> I looked at /etc/netwrork/interfaces, it's all normal eth0 is set to auto and dhcp
<Nicolas_Leonidas> right after ubuntu starts to run the port on modem stops blinking as if this cable is disconnected
<Nicolas_Leonidas> when I do ifconfig I don't get an IP, any ideas?
<Nicolas_Leonidas> I asked my question here anybody care to answer? http://askubuntu.com/questions/261332/no-network-on-ubuntu-server-after-changing-the-modem
<Alysum> hello - I cannot seem to be able to receive the 40976EAF437D05B5 apt key from any server - can someone point one that works pls?
<histo> Alysum: What archive/repo are you tyring to verify?
<Alysum> the official ubuntu one
<Alysum> basically when I run sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key 40976EAF437D05B5
<Alysum> it just hangs
<histo> Why are you trying to add a key for the official repo?
<Alysum> because I got a BADSIG and I deleted the key - need to readd it
<Alysum> I tried all the tips from google and Im stuck on receiving the key
<histo> Alysum: what did you delete exactly
<Alysum> histo: apt-kety del 437D05B5
<Alysum> which is Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<Pici> !gpgerr | this may help
<ubottu> this may help: Getting GPG errors after adding custom repositories? Find the GPG keyword for the repository (it's 437D05B5 for the standard ones) and run Â« sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com <key> Â»
<Alysum> that's exactly what isn't working....
<Nicolas_Leonidas> now that you guys are all here do you mind taking a look at my Q? should I re-say it?
<histo> Alysum: No your command was different you are not using the keyword
<histo> Nicolas_Leonidas: what does your /etc/network/interfaces  look like?
<Alysum> apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 40976EAF437D05B5
<Nicolas_Leonidas> histo: It looks like it's the default,  I pasted it here http://askubuntu.com/questions/261332/no-network-on-ubuntu-server-after-changing-the-modem
<Alysum> it just hangs
<histo> Alysum: try the command right from ubottu notice the keyword is 437D05B5
<histo> Nicolas_Leonidas: is your router set to dhcp?
<Nicolas_Leonidas> histo: It is
<Alysum> still hangs - could it  be because I deleted it so it has nothing to compare it with ?
<histo> Nicolas_Leonidas: Does ifconfig show a link?
<Nicolas_Leonidas> histo: it shows eth0 and Local Loopback, eth0 has HWaddr, but no inet addr, no mask, , it says UP BROADCAST MULTICAST MTU:1500
<Nicolas_Leonidas> I wish I could copy and paste but that server is not connected to network so I can't ssh
<histo> Nicolas_Leonidas: if you run dhclient  does it obtain an ip or error?
<Nicolas_Leonidas> let me try that
<histo> Nicolas_Leonidas: also what if you statically assign an ip within the routers network range and proper gateway etc... does it work?
<sarnold> Alysum: hrm. I was able to re-install the key in ~one second...
<sarnold> Alysum: 'host keyserver.ubuntu.com' shows two IPs.. I wonder if one or the other of them times out for you?
<sarnold> Alysum: can you ping keyserver.ubuntu.com ?
<Alysum> ok I need to find somewhere where I can download the 437D05B5 key then add it manually
<Alysum> sarnold: I can telnet  keyserver.ubuntu.com 80
<Nicolas_Leonidas> histo: dhclient eth0 is still running no output yet,I haven't tried the static IP address, I will try it
<sarnold> Alysum: and when you try to interact with the server there, you get the results you expect? or errors? or _sometihng_ to show you've connected at least? :)
<histo> Nicolas_Leonidas: Did you change the cable when you changed the modem? Does the modem show a link light and the nic card show a link light?
<Nicolas_Leonidas> histo: I did not change the modem, the link light goes dead after ubuntu starts and tries to configure virtual network devices
<Nicolas_Leonidas> both on modem and server
<Nicolas_Leonidas> I see an option to flush dhcp cache, maybe I should try that?
<Nicolas_Leonidas> dhclient eth0 still running, is this normal?
<histo> Nicolas_Leonidas: With no output whatso ever?
<Nicolas_Leonidas> histo: correct, no output
<Alysum> can I find the key online somewhere ?
<sarnold> Alysum: http://paste.ubuntu.com/5566546/
<histo> Nicolas_Leonidas: No that is not normal
<histo> Nicolas_Leonidas: When you say you upgraded your internet connection what exactly does that mean?
<histo> Nicolas_Leonidas: You said you changed the modem also???
<Nicolas_Leonidas> histo: that means they took my modem, gave me a new one, and my connection is faster now, 50MBPS Down 10MBPS up baby
<sarnold> MBps and not Mbps? :)
<Alysum> sarnold: thanks - turns out it was a firewall issue....I thought I only needed port 80 open but hkp uses something else!
<sarnold> Alysum: aha! :D
<Nicolas_Leonidas> sarnold: yes, THAT!
<sarnold> Nicolas_Leonidas: _drool_ :D
<histo> Nicolas_Leonidas: Do any other ports ont he modem work with other PCs?
<Nicolas_Leonidas> histo: they do, PC works, Play Station works too
<Nicolas_Leonidas> iphone and printers use the wifi as well
<Nicolas_Leonidas> dhclient eth0  stopped with no output
<Nicolas_Leonidas> histo: so see when I Restart the machine, lights start blinking then ubuntu starts and they both die
<Nicolas_Leonidas> I'm looking at modem logs, it doesn't seem like that server has reached the modem for requesting a dhcp lease
<histo> Nicolas_Leonidas: try one of the cables and ports that is known working on the ubuntu machine
<Alysum> anyway thanks!
<histo> Nicolas_Leonidas: sounds like a bad cable to me.
<Nicolas_Leonidas> histo: did that, just to make sure the cable is working, it was working with PS, now Ubuntu is using that cable, and PS is running fine with what Ubuntu was using
<histo> Nicolas_Leonidas: did you switch ports on the modem?
<Nicolas_Leonidas> histo: yeah, it sounds kinda hardcore, I didn't even know you can turn off a light on a modem with software :)
<Nicolas_Leonidas> histo: hmmm no, let me try that, I might have accidentally though
<histo> Nicolas_Leonidas: Was ubuntu working prior to this modem switch?
<Nicolas_Leonidas> histo: it was
<histo> Okay well it has to be hardware then
<histo> If the software didn't change the only thing you changed was hardware
<genii-around> Nicolas_Leonidas: Are  the TX and RX fields of ifconfig showing any traffic at all?
<Nicolas_Leonidas> he took the old modem/routher away otherwise I would have used the same modem to see
<histo> genii-around: He has no link period
<histo> Nicolas_Leonidas: did you see if the port is dead on the modem?
<Nicolas_Leonidas> genii-around: 0 for eth0, some for loopback
<Nicolas_Leonidas> histo: changed the port, changed to a port that was just working no difference
<genii-around> Nicolas_Leonidas: Does sudo ifconfig -a show an eth1 or eth2 that maybe it was plugged before?
<Nicolas_Leonidas> genii-around: no just eth0 and lo
<genii-around> Hm.
<Nicolas_Leonidas> is loopback a normal thing for an OS to make? windows does that too probably right?
<Nicolas_Leonidas> that just makes localhost and 127.0.0.1 and such work correct?
<genii-around> Have you tried a crossover cable?
<Nicolas_Leonidas> genii-around: no why would I try that? the cable is working I switched it with another computer
<genii-around> Nicolas_Leonidas: Because some older adapters can't automatically tell how the cable is wired
<genii-around> I had this issue before with many Ovislink modems
<Nicolas_Leonidas> I'll try that after everything else fails because I'll have to move the server closer to the modem
<sarnold> Nicolas_Leonidas: does any other device plugged in at the server show a linklight?
<genii-around> ( eg: straight-through 568B - no go, x-over 568B - worked )
<Nicolas_Leonidas> sarnold: any device plugged in the server or router?
<sarnold> Nicolas_Leonidas: plugged into the router, but at the server..
<sarnold> (does that entire run of cable and port on the router _work_)
<Nicolas_Leonidas> sarnold: I'm sorry I don't understand the router has 4 ports, 2 of which are connected they have linklights blinking, this ubuntu server is also connected but not blinking
<Nicolas_Leonidas> it stops blinking at boot
<sarnold> Nicolas_Leonidas: if you unplug the server and plug in a laptop, does the laptop work?
<Nicolas_Leonidas> sarnold: I did that and it worked, but let me try again one more time
<sarnold> hunh.
<histo> I'm guessing bad connection on a cable end
<histo> Has to be
<genii-around> Is the modem bridged and using PPPOE login on each client? Bell for instance allows 3 MAC only this way, 4th fails.
<histo> Ubuntu didn't change the modem did
<histo> possibly the cable got bad from being moved etc...
<histo> it has a bad end most likely
<jetole> hey guys. does anyone know what kind of hardware / driver issue would cause a permenant uninterruptible state on a process where, according to ps wchan, the process is in the syscall lock() ?
<jetole> er I mean fork()
<Nicolas_Leonidas> sad to report that it does in fact work with laptop
<sarnold> Nicolas_Leonidas: woo. that's a help. can you throw a crossover between the laptop and the server?
<genii-around> Nicolas_Leonidas: What are the IPs of the other boxes attached? eg: LAN type IP or outward facing type IP?
<genii-around> ( if outward facing types, likely the bridged situation and the servers MAC is not allowed because too many concurrent logins )
<Nicolas_Leonidas> genii-around: LAN type, 192.168.2.24 on this windows
<genii-around> Nicolas_Leonidas: OK.
<Nicolas_Leonidas> sarnold: good idea let me see if I have one
<sarnold> Nicolas_Leonidas: (gigabit cards won't require crossover, they do that automatically..)
<Nicolas_Leonidas> sarnold: wow that's cool
<jetole> sarnold: I don't think that's a spec of gigabit cards, though most do, but I think what you're referring to is MDI/MDI-X
<sarnold> jetole: no kidding? I thought it was part of the spec of gigabit..
<jetole> sarnold: I said I don't think so I'm not sure but MDI/MDI-X is the term for auto detect and adjust for crossover
<Nicolas_Leonidas> ok so laptop connected to server worked, they both get IPS, there is traffic in TX and RX
<Nicolas_Leonidas> can we conclude it's not the cable, nor the NIC of the server?
<lifeless> jetole: gigabit uses all pairs in all directions I believe
<lifeless> jetole: http://en.wikipedia.org/wiki/1000BASE%E2%80%91T#1000BASE-T
<sarnold> Nicolas_Leonidas: do you get the 169 auto-config addresses? or is one host handing out dhcp? or ..
<lifeless> jetole: so MDI/MDI-X doesn't make any sense at all, thats 100Mbit and below.
<jetole> lifeless and sarnold: it's a sad day when you don't learn something new. cool
<sarnold> jetole: indeed, and today I learned two new things :) gigabit does, but in a different way than 100. haha. :D
<jetole> now we just need to apply this to USB micro so I can stick my android foot up the !@# of all my iPhone co-workers
<Nicolas_Leonidas> sarnold: not quire sure what's happening one is a mac laptop, it says using DHCP, IP 169.254.178.29 the server has an ipv6 ip no ipv4 apparantly
<jetole> Nicolas_Leonidas: 169.254 is a anycast
<jetole> I think for bonjour
<jetole> mDNS
<jetole> er... not anycast
<jetole> ... well maybe. don't know but yeah, it' for bonjour
<genii-around> It's fallback when no dhcp server
<Nicolas_Leonidas> why didn't occur to me to restart the modem at all?
<lifeless> jetole: 169.254 is zeroconf, for DHCPless networks.
<sarnold> Nicolas_Leonidas: ok. I was worried that perhaps one of them was _also_ doing dhcp and making a royal mess.
<lifeless> jetole: http://en.wikipedia.org/wiki/Zero_configuration_networking#Address_selection
<Nicolas_Leonidas> I have done some relatively advanced things such as bind9 on this ubuntu server, I wonder if there is another file like /etc/network/interface to look at to see if I have changed anything
<jetole> lifeless: I'll take your word for it. I don't know the specifics or care though... isn't bonjour zeroconf? anyways. I know it's useful on those nets where they use some protocol for people who can't get a IP and don't know how to use packet capture
<jetole> Nicolas_Leonidas: I don't work on those nets
<Nicolas_Leonidas> the problem starts in boot with "starting configure virtual network devices" I can see the linklight going dead right then
<Nicolas_Leonidas> what is a virtual network device do I need one?
<jetole> Nicolas_Leonidas: ip -o link ls
<jetole> what do you see?
<Nicolas_Leonidas> 1: lo: <LOOPBACK, UP, LOWER_UP>
<Nicolas_Leonidas> 2:eth0: <NO-CARRIER, BROADCAST, MULTICAST, UP>
<jetole> huh @ NO-CARRIER
<sarnold> curious :) and yet it link lights with the laptop..
<jetole> I missed your original question but with a up state and no carrier on eth0 it means one of a few small issues, cable unplugged, module not loaded... actually the nic shouldn't appear without the module so not that, broken module or broken hardware
<jetole> Nicolas_Leonidas: sorry, what is the problem you're having?
<Nicolas_Leonidas> jetole: I posted with more details here  http://askubuntu.com/questions/261332/no-network-on-ubuntu-server-after-changing-the-modem 	Alysum	it just hangs
<jetole> btw, I know re-posting isn't the best etiquette but no reply on my original question yet. what can cause a D state on a process where it's the fork() syscall ?
<jetole> Nicolas_Leonidas: let me look
<Nicolas_Leonidas> I basically got a new modem today, and ubuntu server doesn't connect to the network, cables are all fine, the router's linklight turns off for the ubuntu server on boot
<jetole> have you tried with another computer? The model connects via ethernet. Right?
<Nicolas_Leonidas> jetole: tried the same cable with a laptop it worked
<Nicolas_Leonidas> it does connect via ethernet right
<jetole> and the computer connects fine to other systems that aren't the modem?
<Nicolas_Leonidas> you mean like one computer to another computer on LAN?
<jetole> yeah
<jetole> well... stop
<jetole> you're connecting eth0 directly to the modem. right?
<Nicolas_Leonidas> jetole: I am right
<jetole> ok. so eth0 works fine with other devices?
<jetole> connected to a switch or cross connected to another system, etc?
<Nicolas_Leonidas> jetole: correct
<Nicolas_Leonidas> when I cross connected it worked fine
<jetole> connect the system to the modem via Ethernet, unplug the power from the modem, count from 1 mississippi - 10 mississippi and when the modem is done booting run: ip link ls dev eth0
<jetole> and look for no-carrier
<jetole> oh... after 10, plug the modem back in. I forgot that part but should be obvious
<Nicolas_Leonidas> ok so I will be disconnected from here, see you guys in a bit
<jetole> Nicolas_Leonidas:
<jetole> if you don't come back I'll assume everything worked well :-)
<jetole> good luck
<Nicolas_Leonidas> By the way one time an ISP gave me a modem with 4 ports, that had a hard coded limit of one
<sarnold> heh
<jetole> Nicolas_Leonidas: could have had the option to have more enabled via the ISP's end
<jetole> customers who buy extra IP's, may have been limited to business class
<hallyn> psivaa: GAH.  i've wasted a lot of time tonight forgetting that the lxc.run file points utah to a lp: even though i thought i was running from local :)
<hallyn> psivaa: https://code.launchpad.net/~serge-hallyn/ubuntu-test-cases/server-lxc2/+merge/150491   should hopefully fix it all
<mah454> Hello
<mah454> Please view this :
<mah454> http://paste.ubuntu.com/5566834/
<mah454> Why user can not connect to OpenVPN server ?
<ketan985> hello any best monitering server ????
<histo> what?
<trevorj> Sup guys, how do I get Quantal to see OpenStack charms for Quantal?
<trevorj> I see some in the ~openstack-ubuntu-testing area but I can't seem to find documention on the 'openstack-origin' option
<trevorj> For instance, keystone is not in the main charm store repo for Quantal
<trevorj> got it
<trevorj> I used cs:~openstack-ubuntu-testing/keystone
<trevorj> Is there documentation for this anywhere? As far as where the official quantal openstack charms are?
<trevorj> Just want to make sure I'm not using some random outdated set of charms, etc
<trevorj> Hmm, seems rabbitmq-server from that repo for quantal actually just throws me a pleasant assertionerror with no string attached
<jamespage> Daviey, zul: review appreciated - horizon is broken in raring right now - https://code.launchpad.net/~james-page/horizon/g3-compress/+merge/150502
<jamespage> trevorj, you can just use the charms for precise with quantal
<jamespage> trevorj, OR you can use the openstack-origin to select the folsom cloud archive and deploy openstack folsom on 12.04
<jamespage> trevorj, there are some docs somewhere
<jamespage> trevorj, https://help.ubuntu.com/community/UbuntuCloudInfrastructure
<trevorj> jamespage: Yeah, I've seen those docs
<trevorj> jamespage: I meant ones specifying how to say, get it working on quantal
<trevorj> jamespage: cs:quantal/keystone does not exist
<trevorj> jamespage: same with mysql and others
<jamespage> trevorj, I'd branch the precise charms locally and the deploy them to quantal
<jamespage> trevorj, but you are quite right - that does need fixing up in the charm store as well
 * jamespage makes a note to sort that out
<trevorj> jamespage: ty, I figured the precise charms wouldn't run on quantal, but that's fantastic to hear
<jamespage> trevorj, they have to because of the cloud-archive
<jamespage> which allows Folsom (and soon Grizzly) to be deployed in 12.04
<trevorj> Wonderful
<trevorj> I would just use precise but the screen output on my blades is all black (radeondrmfb)
<trevorj> I can fix it manually with nomodeset or an updated kernel, but that's a pain for many servers. I'm just now getting into Juju and MaaS, so additional configuraton is one hurdle I need to handle after I get this dev stack up and running.
<jamespage> trevorj, please raise a bug for that - I've heard a few murmurings about the server boot experience and I feel it needs some attention -  feel free to subscribe me to the bug (james-page in LP)
<trevorj> jamespage: will do; I'll put it in tomorrow.
<trevorj> Tis 3am here ;)
<trevorj> Something else to note, I had to disable avahi-daemon in the generic preseed for MaaS because my DNS domain is 'lan0.beast2.locsol.local', ie it ends in .local
<trevorj> I see a few bugs have been opened for this already, I'm just not sure if there's a better way I'm missing?
<trevorj> The problem is all nodes but the initial juju zk node cannot resolve the initial zk node's fqdn
<trevorj> I know I can remove [NOTFOUND=return] in nsswitch.conf, or use say 'files dns mdns4' in place, but as I said I still need to figure out a good way of doing additional configuration per node with MaaS+Juju
<jamespage> trevorj, hmm
<jamespage> trevorj, lemme think about that - I'll post something back in channel here (have to duck out for a bit)
<trevorj> jamespage: no prob, I'll check back. Thanks!
<trevorj> I was thinking of patching avahi-daemon to have a blacklist-domain option
<trevorj> where I specify a root domain (in my case, locsol.local) and any subdomains of that domain will not be handled by avahi
<trevorj> (subdomains and that domain I mean)
<trevorj> That way standard .local mDNS still works
<TheLordOfTime> can anyone suggest an easy-to-setup-and-deploy DNS server solution, one which I can configure via a GUI or web interface?
<trevorj> TheLordOfTime: powerdns
<TheLordOfTime> trevorj, part of the repos?
<trevorj> TheLordOfTime: no, http://www.powerdns.com/content/downloads.html
<trevorj> TheLordOfTime: it really just uses a mysql backend
<trevorj> TheLordOfTime: really nice for more 'dynamic' dns installs
<trevorj> TheLordOfTime: I haven't used it for years, but it had a nice web interface ~5 years ago
<TheLordOfTime> ideally, ease-of-configuration is what i really need...
<TheLordOfTime> whether CLI or gui/web based
<trevorj> TheLordOfTime: so, not bind? ;)
<TheLordOfTime> :P
<trevorj> TheLordOfTime: if it's a real small install, I use dnsmasq
<trevorj> TheLordOfTime: just depends if you just need to host a few A records or need something more elaborate
<Daviey> jamespage: looking
<TheLordOfTime> multi-zone A, CNAME, etc.
<TheLordOfTime> trevorj, ^
<trevorj> then check out powerdns ;)
<trevorj> they've got a deb on the download page
<trevorj> Wow, folsom is much nicer than essex. Wow.
<trevorj> I still have to catch up on using quantum/cinder, lots of work ahead
<jamespage> trevorj, quantum is supported in the charms from folsom onwards
<jamespage> trevorj, quantum-gateway is the extra bit
<trevorj> jamespage: awesome, ty
<trevorj> jamespage: lots to learn, last I played with openstack was when cinder and quantum were broken git repos heavy in development
<trevorj> This is also my first ceph install, I hope to get all of this playing happily with each other eventually
<trevorj> first worthwhile ceph install that is
<ruben231> hi guys when i boot my Ubuntu Server 12.04 it freeze and stock on the midlle of both becasue of soem NFS share error, any workaround to skip this.?
<_KaszpiR_> boot into single user mode
<ruben231> _KaszpiR_: how..?
<_KaszpiR_> whe your system reboots, you got for a brief moment a grub menu, to choose kernels
<_KaszpiR_> etc
<_KaszpiR_> adn there is afair single user mode/recovery
<_KaszpiR_> that needs physical access to server, or any other solution like ILO
<ruben231> _KaszpiR_ do i need to repss escapre or press e..?
<_KaszpiR_> it should show either way
<_KaszpiR_> by default menu is there for 5 seconds
<_KaszpiR_> pressing any arrow stops the timer
<_KaszpiR_> your screen can get blank during restart and it may be just too slow to show that menu
<psivaa> hallyn: thanks for that
<ruben231> _KaszpiR_ still there..?
<_KaszpiR_> no
<_KaszpiR_> you're talking with the robot
<ruben231> _KaszpiR_: i see recovery mode  , should i select this..?
<ruben231> Ubuntu, with linux 2.6.32-40-server ( recovery mode)
<trevorj> ruben231: yes
<ruben231> still the same freezed during boot when i select recovery mode
<ruben231> trevorj:  still freezed during boot up with recovery mode
<trevorj> What's the exist output
<trevorj> exact*
<ruben231> the NFS share error during boot and its mamped storage..
<trevorj> Are you booting from NFS?
<trevorj> I doubt you are, ignore that
<trevorj> Can you take a picture?
<ruben231> wait taking picture now
<trevorj> ruben231: When it's locked up
<trevorj> ruben231: Does your caps lock key work?
<trevorj> ruben231: If you type text, does it appear on the screen?
<trevorj> ruben231: If it does not, try adding 'nomodeset' to the boot args in grub by pressing 'e' in grub on a boot option, go to the line that starts with 'linux', and add ' nomodeset' without quotes to the end of that line
<_KaszpiR_> I'd rhater try boot from another device (usb/cd/dvd) and chroot to system  and check out what's going on
<histo> !nomodeset
<ubottu> A common kernel (boot)parameter is nomodeset, which is needed for some graphic cards that otherwise boot into a black screen or show corrupted splash screen. See http://ubuntuforums.org/showthread.php?t=1613132 on how to use this parameter
<trapniii> Why is "mailutils" package depending on Postfix? I just want /bin/mail to forward outgoing mails to the real mail server and not install postfix locally.
<trapniii> any ideas ?
<maxb> trapniii: it's not, it's depending on any MTA
<rbasak> trapniii: you can use nullmailer for delivery to a smarthost with a queue, or msmtp for immediate blocking delivery to a smarthost without a queue. If you install one of them at the same time as instlaling mailutils, then postfix won't be required as they both provide "mail-transport-agent" as maxb explained
<maxb> Although I've had problems with nullmailer in the past (possibly fixed in current versions, not sure). I wonder if a minimal postfix isn't the better option.
<Daviey> rbasak: Have you looked at http://www.monkey-project.com/ ?
 * rbasak looks
<Daviey> rbasak: i wondered if it had hyperscale value over apache2 or nginx
<rbasak> Interesting
<rbasak> I'm wondering what it gives over nginx
<rbasak> It says it's optimised for Linux, which I suppose is something
<rbasak> It's certainly interesting, but I don't feel that their website gives me anything compelling. I don't know of anyone feeling nginx pain, so not sure what they resolve.
<Daviey> rbasak: yeah, that sound accurate
<rbasak> I do appreciate the existence of multiple options though. I dislike monocultures. So good for them, and I hope they are around if/when we do feel nginx pain
<rbasak> Then again, even a small performance improvement would make a big difference at hyperscale. But I don't think we're at a point where that would make a difference quite yet.
<rbasak> It might be interesting for some of our hyperscale performance guys
<rbasak> dannf, mahmoh, cmagina: ^^
<bilou23> instead of adding myself to a group, I've removed myself from all the groups, now I'm only in 1 group, I don't have any other user (apart root), I don't know root password (apparently it's an auto-generated hash), is there a way to sort this out?
<alphAEcho> i am trying to configure a PXE server so i can install two other servers with that
<alphAEcho> but i am having a PXE-E11: ARP timeout
<_KaszpiR_> bilou23 haha
<alphAEcho> and PXE-E32: TFTP cannot open connection
<_KaszpiR_> bilou23 try sudo su -
<_KaszpiR_> but i doubh it's gonna work
<alphAEcho> the PXE server is giving IP to the other servers and i was going through this tutorial https://help.ubuntu.com/community/PXEInstallMultiDistro#Getting_Started to configure it
<_KaszpiR_> I suggest rebooting machine, boot from the removable media, mount the system/chroot, add yourself to sudoers
<woozly> guys, how to decrease Ubuntu Server boot time?
<bilou23> _KaszpiR_: it says I'm not in the sudoers file
<_KaszpiR_> boot in recovery or boot from live distro
<_KaszpiR_> the only option
<bilou23> _KaszpiR_: ok thx
<alphAEcho> anyone knows about PXE server?
<histo> !pxe
<fr0st> !ipsec
<mae_tae> subnet 192.168.5.0 netmask 255.255.255.0 { range 192.0.0.10 192.0.0.20 } <--- is this possible to implement in ubuntu? meaning i had different range of ip's from its subnet
<maxb> mae_tae: Your question needs more context
<mae_tae> maxb: subnet 192.168.5.0 netmask 255.255.255.0 { range 192.0.0.10 192.0.0.20 } <--- i know that this doesnt work because of the subnet 192.168.5.0 but is this possible to implement in ubuntu?
<maxb> mae_tae: You've given us a fragment of some sort of configuration file, but not explained what kind of thing you're trying to configure
<rbasak> mae_tae: I believe so. But not that it's not really a question of Ubuntu. All Linux-based systems will have the same capabilities here
<rbasak> I'm assuming you're talking about a DHCP server here
<mae_tae> rbasak: yes you're right, i really wanted to give a range of ip different from its network
<mae_tae> if that is possible in linux
<rbasak> I'm sure Linux can do it if it's possible. But I wonder how DHCP renewals would work. It might violate the DHCP protocol itself.
<maxb> If the machines are able to broadcast DHCP discovery packets and have the server hear and respond to them, why not just keep things simple and give the DHCP server an IP in the appropriate subnet?
<mae_tae> subnet 192.168.5.0 netmask 255.255.255.0 { range 192.168.5.10 192.168.5.20 } <---- i know this works because those ranges belong to 192.168.5.0 network, but would it possible to assign range of ip's different from its network, if not how can i implement like that, because in pfsense this is really possible
<donza> if there is request for address which doesn't have subnet defined in ISC DHCPD server I believe server wont offer anything
<donza> e.g. there is client that wants to renew or extend lease for address 192.0.0.11, and there is not subnet defined for 192.0.0.0/24, DHCP server wont offer anything
<donza> DHCP server is authoritative only for subnets you have explicitly defined in DHCPD server's config
<Daviey> ugh. https://bugs.launchpad.net/nova/+bug/1125378
<uvirtbot> Launchpad bug 1125378 in nova/folsom "VNC proxy can be made to connect to wrong VM" [High,In progress]
<zul> jamespage:  *sigh* ill fix quantum and cinder
<jamespage> zul, ftbfs again?
<zul> jamespage:  new binary
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/cinder-backup-service/+merge/150568
<yolanda> zul, looking at it
<yolanda> they created a new service?
<zul> yolanda: yep
<yolanda> why are tests like that? PYTHONPATH=$(CURDIR) bash run_tests.sh -N
<dannf> Daviey, rbasak thx: will keep an eye on monkey; esp. once they've some benchmarks to share though for hyperscale, low mem is becoming less of a constraint. i wonder if optimized for linux == uses epoll?
<yolanda> zul, why are test run like that? PYTHONPATH=$(CURDIR) bash run_tests.sh -N
<zul> yolanda: because cinder requires it to be installed in order for the tests to be run...i didnt get a chance to fix it properly for g3
<Daviey> dannf: pass :)
<CallingPanther> Good morning people.
<CallingPanther> but not good morning to the bots...lol
<rbasak> dannf, Daviey: $ grep -r epoll .|wc -l
<rbasak> 180
<rbasak> I'll take that as a yes :)
<dannf> rbasak: *nod* - then might be interesting to see if apache's event mpm gives the same improvements
<zul> jamespage/yolanda: last one i swear https://code.launchpad.net/~zulcss/quantum/quantum-config-refresh/+merge/150570
<Nero_pr> good morning people
<hallyn> zul: d'oh, think i finally figured out what my precise->raring upgrade problem was.  will keep you updated if im' right :)
<zul> how?
<hallyn> i had dropped a breaks/replaces from qemu-system-common -> qemu-common
<hallyn> but it showed itself in very weird ways
<hallyn> i dunno, we'll see if it re-adding it fixes it
<jamespage> zul, what are we going todo about versioning in the lab?  quite a few projects are being rejected from the PPA's now due to <= current version checking
<zul> jamespage:  im not sure add an epoch?
<zul> jamespage:  have you had any ideas?
<jamespage> zul, thats not a solution
<jamespage> zul, how does the version numbering bit work now?
<jamespage> 2013.1.a11.g59514bf+git201302260501~precise-0ubuntu1
<jamespage> 2013.1.a11.g59514bf comes from upstream right?
<zul> yeah
<jamespage> and what does .a11 mean? I see the last is the commit
<Daviey> err, derived from the git commit - upstream hasn;t standardised on that
<zul> jamespage:  im not sure about the .al1
<zul> er.. .a11
<zul> jamespage:  i know why its changing but the a11 means nothing to me
<jamespage> zul, why does it change?
<zul> jamespage:  because the projects are standardizing on oslo changes
<zul> jamespage:  if i do a `git describe` in the tree for quantum i get the following: 2013.1.g3-38-g511ac76
<zul> jamespage:  so when we run python setup.py sdist the version is grabbed from the git it
<zul> jamespage: however if we set the OSLO_VERSION before running python setup.py sdist we should be able to get a sane version number
<jamespage> zul, OSLO_PACKAGE_VERSION might work
<zul> jamespage: checking
<jamespage> it overrides everything else in setup.get_version
<zul> jamespage:  yeah that works
<jamespage> zul, I think that way we can move back to the 2013.1+gitXXXXXX approach
<zul> jamespage:  looks good to me
<jamespage> zul, lemme take a look at o-u-t
<zul> jamespage:  do you want to add it to the or did...nm
<jamespage> zul, or we could just move to using git archive to create the tarballs....
<jamespage> adam_g, any opinions on the above
<jamespage> ?
<zul> jamespage:  i think it would be easier just to export OSLO_PACKAGE_VERSION wouldnt it?
<jamespage> zul, well it would if the sdist was not run a schroot
<zul> jamespage:  good point
<jamespage> zul, what differences do you get between sdist and git archive?
<zul> jamespage:  the shouldnt be any differences lemme check
<jamespage> zul, egg stuff, AUTHORS Changelog
<jamespage> nothing that looks like a problem
<jamespage> zul, if the upstream version number includes the previous commit reference this would all go away
<jamespage> 2013.1.a38.g511ac76
<jamespage> -> 2013.1.g3.a38.g511ac76
<jamespage> as the a38 is the # of revs since last tag
<zul> agreed lemme poke around
<mahmoh> rbasak: thx, looks interesting + like the name
<jamespage> zul, OK _ lemme know - we can always switch to git archive if need be
<mahmoh> rbasak: I might even test it out this week and let you know how it performs
<rbasak> mahmoh: cool!
<zul> jamespage:  so if use git archvie you dont get the egg info
<jamespage> zul, which means?
<zul> which means its not complete :(
<zul> jamespage:  however when you run python setup.py sdist it does do a git describe --exact-match but replaces the '-' with '.'
<jamespage> zul, and drops a few bits
<zul> right
<jamespage> zul, might wanna check those syncs as well
<zul> jamespage:  for warlock?
<jamespage> zul, and deps - some ftbfs
<zul> jamespage:  ack
<zul> jamespage:  lovely
<jamespage> zul, thats a bug in openstack-pkg-tools
<zul> jamespage: can you pastebin the ftbfs
<jamespage> zul, https://launchpad.net/ubuntu/+source/python-json-pointer/0.6-1/+build/4327765
<jamespage> https://launchpad.net/ubuntu/+source/python-json-patch/0.12-1/+build/4327764
<zul> jamespage:  *sigh* there is absolutely no point to have that as a dependency
<jamespage> zul, agreed :-)
<zul> so we should have upload to ubuntu1 yes?
<jamespage> zul, yes
<zul> jamespage:  do you want me to fix it? :)
<jamespage> zul, I can do it right now
<zul> jamespage:  k ill just finish off this bug report
<thegoat> i'm new to ubuntu, if i install syslog-ng with apt-get will it replace the current syslog stuff?
<jamespage> zul, done
<zul> cool thanks
<zul> ill do the MIR this afternoon
<jamespage> zul, lemme talk to zigo first - might be able to persuade him to drop that (if I offer todo the work)
<zul> ack
<zul> jamespage: https://bugs.launchpad.net/oslo/+bug/1133433
<uvirtbot> Launchpad bug 1133433 in oslo "Running python setup.py sdist for quantum creates the wrong version." [Undecided,New]
<thegoat> since i am new to ubuntu, i just laid out 12.04 LTS.  is there any reason not to upgrade it to 12.10, is there a big difference between them?
<holstein> thegoat: 5 years of support for 12.04.. 18 months for 12.10.. thats the biggest reason not to
<thegoat> holstein:  is there a way to tell it up grade just the packages for the 12.04 train, when i did the apt-get upgrade it sends it to 12.10
<holstein> thegoat: try again.. i didnt get that
<thegoat> so when i did an apt-get upgrade, it upgraded it to 12.10, is there a way to update the packages leaving the release at 12.04
<holstein> oh. you just want to upgrade 12.04 and not go to 12.10... 'sudo apt-get update' 'sudo apt-get dist-upgrade'
<thegoat> yeah ;-)
<holstein> thegoat: if you upgraded to 12.10, then you are on 12.10
<thegoat> my bad.
<thegoat> i am just experimenting with it right now.  looking to switch distributions, centos has been making me mad lately
<jamespage> zul, that fix is uploaded to deb exp as well - I'll sync over when LP notices
<thegoat> holstein: thanks for the info
<RoyK> thegoat: there are several reasons not to like rhel-based distros, but there are some reasons to like it as well ;)
<RoyK> thegoat: but you must have done a do-release-upgrade to upgrade 12.04 to 12.10, and even edited /etc/update-manager/release-upgrades and changed Prompt from lts to normal before doing so...
<thegoat> all i did was apt-get upgrade
<RoyK> that won't upgrade to 12.10
<RoyK> apt-get (dist-)upgrade won't update the distro, just the packages for your current distro
<thegoat> i did it as root, could that have caused it?
<RoyK> no
<RoyK> do-release-upgrade updates the distro
<RoyK> but with LTS releases, only to next LTS release unless the file I mentioned is changed
<Pici> Did you modify your sources.list file with the new release name?
<RoyK> so I guess you installed 12.10 in the first place :)
<RoyK> Pici: heh - that's the debian hack ;)
<thegoat> could have sworn it was 12.04 rolling out another vm now to verify
<Pici> RoyK: Yeah, seen it way too often in Ubuntu though. :/
<Daviey> hallyn: did you send to ubuntu-server froma  different email address?
 * RoyK confesses he may have used that method some years back as well when he first started using ubuntu
<hallyn> Daviey: ?
<Daviey> hallyn: your mail was held for moderation
<hallyn> Daviey: i used @ubuntu.com.  i think my default used to be @canonical.com (not as good for community work)
<Daviey> hallyn: oh, ok.. approved
<hallyn> Daviey: thanks.
<thegoat> oh !@#$ i did dl 12.10..my bad..sorry all
<RoyK> hehe
<hallyn> stgraber: you probably haven't done much with utah :)  but a merge proposal to fix the lxc testcases there was sent your way.
<hallyn> fwiw, all tests passed locally under utah for me, i just figured you could find anything i was doing stupid lxc-wise
<hallyn> psivaa: ^ https://code.launchpad.net/~serge-hallyn/ubuntu-test-cases/server-lxc2/+merge/150491   lets lxc testsuite pass under utah for me, 100% fixed here.
<stgraber> hallyn: ok :)
<hallyn> thx
<psivaa> hallyn: ok thank you. hope that gets run in tomorrows set :)
<CallingPanther> ok, wish me luck.....getting stupid with fresh installs
<RoyK> CallingPanther: what up?
<CallingPanther> going to go fresh installs onall machines and attenpt to set up some kind of LDAP+NFS situation
<thegoat> RoyK: ok, how i have a 12.04 install :-D
<CallingPanther> trying to make it where no matter which machine I login to I have access to same files and browser bookmarks
<RoyK> thegoat: goodie
<CallingPanther> tired of having to remember which machine has what
<CallingPanther> going 12.10 across the board
<CallingPanther> this old laptop I am on now will be the only exception since it can only run 8.04 servwer
<RoyK> CallingPanther: for servers, I'd recommend LTS releases
<RoyK> 12.04 being the latest
<RoyK> CallingPanther: since if you install a bunch of machines on 12.10 now, they'll need an upgrade in a year or so, and servers should be left to do their work for years without upgrades needed all the time...
<RoyK> in "upgrade" I mean "dist-upgrade"
<RoyK> or "do-release-upgrade", really
<RoyK> which may have a few impacts
<SynSynWork> I'm having an issue with the Ubuntu Server 12.04.2 installation on a Supermicro X9SCi-LN4-B motherboard.  I cannot get video/output past Grub - I've tried various VGA settings, etc, to no avail - any suggestions?
<holstein> SynSynWork: oh, i didnt notice you had posted this in #ubuntu ..you can repond here
<SynSynWork> Awesome.
<holstein> SynSynWork: you dont see the text installer?
<SynSynWork> Its a 1U server, I could try, but I don't have a card that would work in it on hand.
<SynSynWork> Nope.
<Daviey> http://fridge.ubuntu.com/2013/02/26/ubuntu-developer-summits-now-online-and-every-three-months/
<holstein> SynSynWork: nomodeset is what i would try
<SynSynWork> Grub comes up, but nothing after that.
<SynSynWork> Tried it.
<SynSynWork> Didn't work either.
<holstein> SynSynWork: do you have an installation?
<RoyK> vga=vga16fb ?
<SynSynWork> holstein, No, this is during the installation.
<holstein> SynSynWork: you can always take the hard drive to another machine, install, and setup ssh
<SynSynWork> RoyK, Just tried it, not working either.
<sarnold> SynSynWork: if you're grasping at straws, maybe try 12.04.1 -- it's got a different kernel and Xorg stack. (I'm not very optimistic. But it _is_ different..)
<RoyK> vga16fb.modeset=0
<RoyK> try that
<SynSynWork> sarnold, Decent idea, I'll start that download now.
<SynSynWork> RoyK, standby
<SynSynWork> RoyK, no go.
<RoyK> I used that with some hyper-v setups that were dead slow with fb
<hallyn> stgraber: lxc.postinst, you restart dnsmasq so long as /etc/dnsmasq.d-available/lxc exists, should that only be done if the symlink gets created into /etc/dnsmasq.d?
<hallyn> low prio, but...
<stgraber> hallyn: no, we also want to restart dnsmasq if we change /etc/dnsmasq.d-available
<stgraber> hallyn: it's certainly useless if the symlink doesn't exist, but we shouldn't only do it when we first create the symlink
<SynSynWork> Man this sucks.  Pulling the drive is an option, but the drives are on a raid card - I'd have to set that up on a working system.
<hallyn> stgraber: ok, there's no downside to restarting right?
<RoyK> SynSynWork: what raid card?
<stgraber> hallyn: right
<jamespage> zul, just figured out the cinder scheduler problem with jgriffith
<SynSynWork> MFI MegaRAID - Don't know the exact model
<zul> jamespage:  oh?
<hallyn> stgraber: kthx (pushing analogous fix for libvirt)
<RoyK> SynSynWork: I just use software raid ;)
<jamespage> zul,  yeah - it seems that if any of the requires for cinder are missing/broken, the stevedore extension manager can't load the endpoints for the filters/weights correctly
<RoyK> easier to handle if something goes bad
<jamespage> zul, python-babel was required
<SynSynWork> RoyK, I hear you.  This is a custom 1U server though, so I don't have much say ;-)
<RoyK> s/if/when/
<zul> jamespage:  o...k
<SynSynWork> RoyK, Plus, I'm not even to the disk section yet
<CallingPanther> ok first machine is installed now for next one
<jamespage> zul, plus rtslib has no PKG-INFO or egg-info so pkg_resources can't tell which version it is!
<zul> jamespage:  awesome
<RoyK> SynSynWork: megaraid sounds like LSI
<jamespage> zul, the package is based on upstream git not released tarballs so is a bit broken
<zul> jamespage:  heh..
<SynSynWork> RoyK, Yeah, typo/brainfsck - LFI MegaRAID
<zul> jamespage:  wanna me have a look at it?
<jamespage> zul, yes please - https://pypi.python.org/pypi/rtslib/ should be the canonical source
<RoyK> SynSynWork: yes, LSI ;)
<jamespage> there is a new version - maybe pick that up and make the switch over.
 * SynSynWork bangs head on keyboardmore
<SynSynWork> RoyK, yeah =/ lol
<SynSynWork> RoyK, Alright, according to MB docs, the board has a MatroxÂ® G200eW for integrated video.
<RoyK> SynSynWork: https://help.ubuntu.com/8.04/installation-guide/sparc/boot-parms.html
<RoyK> look for framebuffer in there
<RoyK> 8.04 is a bit old, but it might work
<jamespage> zul, I added detail to bug 1126378
<uvirtbot> Launchpad bug 1126378 in rtslib "SchedulerHostFilterNotFound: Scheduler Host Filter AvailabilityZoneFilter, CapacityFilter, CapabilitiesFilter could not be found." [Undecided,New] https://launchpad.net/bugs/1126378
<jamespage> zul, we should aim to fix this for what we have in g3
<zul> jamespage:  agreed
<jamespage> zul, OK _ I'll leave it in you hands!
<jamespage> ttfn
<zul> toodles
<SynSynWork> RoyK, Yeah, was just over talking to an co-worker about going back to 9.04 and upgrading up.
<SynSynWork> I'd prefer not doing that though.
<RoyK> SynSynWork: if so, start with 8.04
<SynSynWork> Alright.
<RoyK> direct upgrade path to 10.04 and then to 12.04
<SynSynWork> Let me see if I can get a 08.04 installer to load, I should have a CD around here...
<RoyK> or try 10.04 first
<CallingPanther> i am runnin 8.04 server on this laptop
 * RoyK has a vm on hardy running zimbra
<RoyK> too bad support for that goes out in a month or so
<CallingPanther> my laptop is so old it won't runn any thin newer and can't runwith gui
<SynSynWork> Ha.
<CallingPanther> so CLI only
<SynSynWork> Yeah, my laptops only 11.10 but I waited a long time to upgrade that.
<CallingPanther> 40Gb hdd and 256Mb Ram
<SynSynWork> I have a 333MHz running Gentoo, still.
<SynSynWork> I can't remember how much memory it has, but it took weeks to compile everything.  Those were the times.
<CallingPanther> i forgot what this cpu is.... think like 266
<SynSynWork> Nice
<RoyK> goodie ;)
<CallingPanther> old toshiba was given to me with winblows 2k
<RoyK> a raspberry pi will kick that out
<SynSynWork> Yeah, it's crazy.  My phone is quad-core (1GHz), server is 333MHz.
<CallingPanther> quickly found new use for it...lol and new OS.....windows free home
 * RoyK has a quad-core 1,4GHz in his phone
<SynSynWork> I have one Windblows box for testing, everything else is *nix
<CallingPanther> I ran a webserver for a bit but could only handle 2 connections or it crashed
<RoyK> wintendo is nice for certain things
<CallingPanther> I do miss games but hey thats the price you pay for security
<CallingPanther> OpenArena will do in a pinch...lol
<SynSynWork> RoyK, I have the Nexus 4, so it's actually 1.5GHz Quad.
 * RoyK only has the S3
<SynSynWork> I'll admit I play games on the windblown box from time to time, but with Steam's official port to Linux, no more fscking with Wineâ¦I'm happy.
<CallingPanther> my internet is not good enough for Steam
<SynSynWork> lol
<CallingPanther> out in tha boonies
<SynSynWork> Then you don't want to hear about my 105Mbps connection.
 * SynSynWork laughs
<CallingPanther> no offence..... but bite me
<SynSynWork> lmfao
<SynSynWork> I have a friend who lives in the sticks, he had dial up until only a few years ago.
<CallingPanther> my mother has 25mbps she is in town... only 45 minutes away
<SynSynWork> His only other option the entire time was Sat.  Sat for down, and still dial-up for up.  Or ISDN (which just isn't worth the price).
<CallingPanther> I remember ISDN days.....
<CallingPanther> then T1s and T3s
<CallingPanther> Thought we were the bees knees back then
<SynSynWork> lol
<CallingPanther> now everyone and their mother is faster than me
<SynSynWork> DSL does suck.
<SynSynWork> All around, its just bad news.
<CallingPanther> on DSL but speed test shows .08/.05
<SynSynWork> Yup.
<CallingPanther> almost dialup
<SynSynWork> Damn, do you have the 3.0 or 1.5M plan?
<SynSynWork> I _paid_ half of that (~$30) for 25M.  Now I pay $70 for 105M
<CallingPanther> 1.5 not paying 3 times moe when they can't even give me what I am paying for
<SynSynWork> Do you know how far you are from the CO?
<CallingPanther> ummm by their reaction.....lightyears.....lol
<SynSynWork> lol
<SynSynWork> Further you are, the worse service/signal you'll get.
<CallingPanther> I thihnk it is in town 3 miles away
<CallingPanther> my nid to their box is 200yards
<SynSynWork> 3 miles is generally considered the upper limit for acceptable service.
<SynSynWork> Sounds like your on the edge there
<CallingPanther> yeah I know
<SynSynWork> Which wold explain part of the problme
<CallingPanther> I used to do tech support for a DSL company
<CallingPanther> does not help that I am shooting wireless 100 ft from where the router is
<CallingPanther> I have a jacked up setup
<CallingPanther> phone to modem to wireless PC that passes it off to another router in here for the other PCs
<CallingPanther> and here I was thinking of adding another router to the mix....lol
<CallingPanther> for a webserver and email server
<CallingPanther> when you have machines with no purpose you think .....what else can i do here
<SynSynWork> RoyK, All of our CDs were desktop (and i386) so downloading now...
<CallingPanther> will return when all OSs are installed and updated......cya then
<RoyK> using 32bit installs for a server isn't exactly recommended
<RoyK> (nor are desktop installs)
<SynSynWork> RoyK, Got it workingâ¦ vga=711 nomodeset (which I tried earlier).  The difference this time?  I switched out the monitor, as a last ditch effort.
<SynSynWork> Yeah those desktop CDs were for other various projects.
<RoyK> SynSynWork: working with 12.04?
<SynSynWork> 12.04.2
<RoyK> ok
<SynSynWork> RoyK, Same option I had tried earlier.  Just swapped the monitor out.
<SynSynWork> So clearly it was an issue with the monitor - go figure.
<RoyK> seems monitor handshake in fb is somewhat dodgy
<RoyK> I've seen that earlier
<RoyK> there should be a "use text mode!" setting
<SynSynWork> No kidding
<RoyK> especially if you're through a kvm switch with oldish monitors
<RoyK> ubuntu can't read from the monitor what to do
<SynSynWork> Was a standard new-ish Dell monitor, nothing fancy or special.
<SynSynWork> I'm not using a cheap, old ass 13incher
<RoyK> imho using framebuffer on a server doesn't make sense
<RoyK> what would you need it for?
<SynSynWork> Agreed
<SynSynWork> Serial Console or GTFO
<RoyK> can you file I bug?
<RoyK> "enable text mode by default, please"
<RoyK> it shouldn't be very hard
<zul> jamespage:  sigh the python-rtslib debian package is not shipping any egginfo
<jamespage> zul, indeed
<zul> jamespage:  i have it fixed locally but its minor surgery
<jamespage> zul, hmm - why not just switch the upstream source and fix it properly
<zul> jamespage:  because that is using the upstream source (ie from pypi)
<jamespage> zul, hmm - I see
<jamespage> zul, debian/rules is doing to much IMHO
<zul> jamespage: agreed
<zul> jamespage:  ive simplified it locally
<zul> jamespage: babel was in pydist-overrides for cinder as well fyi
<zul> jamespage:  http://paste.ubuntu.com/5568534/
<nwilson5> anyone know a channel where people might be able to answer something about webmaster tools for different search engines
<Pici> #web ?
<nwilson5> k I'll try it, thanks
<zul> jamespage:  can you try https://launchpad.net/~zulcss/+archive/rtslib/+packages please
<jamespage> zul, so babel should be in the deps right?
<zul> jamespage:  yeah its not explicitly there though
<jamespage> zul,  "  * debian/control: Drop python-babel." in quantal?
<zul> jamespage:  right in quantal but im looking in tools/pip-requres its not there anymore
<jamespage> zul, tis - Babel>=0.9.6
<zul> jamespage: *sigh*
<jamespage> zul, maybe it should not be?
<zul> no i think it is but its for internantilizing string
<zul> translating strings
<jamespage> zul, translations etc.
<zul> jamespage:  right
<br0xen> Is this an appropriate place to ask a question about SMTP servers in Ubuntu?
<blkperl> br0xen: sure, whats the question
<br0xen> Ok, and please excuse my ignorance, I just haven't done much with email servers... I built a website for a company that was previously relaying email through their exchange server, everything worked fine that way, but then they upped their security and are now demanding that I run my own email server using a subdomain of their main domain as the 'from' address...
<br0xen> So, previously we would send email from something like "payments@domain.com", now they say they want me to switch it to "payments@my.domain.com", and they claim that I should be able to authenticate everything correctly... My thought is that since I'm not relaying through the 'official' domain.com, this email will be caught in more spam filters and stuff.
<br0xen> Just trying to find anyone that might have experience with something like this... If not, I'll keep searching. :-)
<blkperl> br0xen: I don't think you need to worry about that, relaying though the "official" domain doesn't make it less likely to get blocked by spam :)
<blkperl> filters
<br0xen> Heh, ok.
<br0xen> So, I suppose my next question would be, what route is recommended for setting up an email server, piggy-backed on a web server? It would only need to send email (in fact, preventing incoming email would be a plus, that way we wouldn't need to worry about mailboxes filling up.)
<blkperl> I think people recommend Postfix https://help.ubuntu.com/community/Postfix
<br0xen> I've looked into postfix and exim a little bit.
<br0xen> Yeah, that's what I was thinking.
<lamont> I tend to do everything with postfix, but then, I'm heavily biased.
 * blkperl is stuck with sendmail :(
<trevorj> lamont: me too
<trevorj> I cannot stand exim's config syntax
<trevorj> Reminds me of m4 macros
<lamont> blkperl: I remember when I accidentally switched a production mailing list from sendmail to postfix... 2 weeks later someone noticed.
<sarnold> sendmail? in the year 2000? wow.
<lamont> the "melissa virus" was my postfix win at HP, back when
<blkperl> configs were written in the 90s not going to touch them :)
<sarnold> ah :)
<trevorj> jamespage: I filed that bug report, lp:1133683 about radeondrmfb booting to a black screen on my blades on precise kernel
<trevorj> jamespage: Added you to it, not sure if I selected the right package though I must say, I just entered the full linux-image including version
<trevorj> postfix is fantastic with multiple instances for large chunks of mail
<joel___> Hola. I'm looking for some advice on setting up my web server - I've ran into an odd issue. Is this the righ place?
<trevorj> yup
<joel___> :)
<trevorj> What's your question, sir?
<joel___> So, I've created a virtual host for a site, installed the software (Lamp stack) on Ubuntu 12.04 LTS, moved site files over, and when I navigate to to the domain.com/install.php page it's blank. However, a file with the SAME ownership, grouping, and permissions containing a simple <?php phpinfo(); ?> works fineâ¦ Any thoughts?
<trevorj> joel___: you're prolly missing a php module
<joel___> I was thinking my vhosts file is bad, but not sure why one file would show up fine and others notâ¦ (seems to be some PHP files, as .txt files show up fine)
<joel___> Mmm....
<trevorj> joel___: enable php startup logging
<trevorj> joel___: in /etc/php5/apache2/php.ini enable error_log = syslog
<trevorj> joel___: also enable showing of errors and startup errors
<trevorj> joel___: restart apache2, then try it
<joel___> error_log = syslog is already set.
<trevorj> joel___: you can also try tail -f /var/log/apache2/error.log or whatever error log you set your vhost to use
<trevorj> joel___: great
<trevorj> joel___: install ccze
<trevorj> joel___: tail -qF /var/log/syslog | ccze -A
<trevorj> joel___: tail -qF /var/log/syslog /var/log/apache/*.log /whatever/other/vhost/logs/you/got | ccze -A
<trevorj> joel___: I mean that ^
<trevorj> joel___: then go to it, see if you see anything interesting
<joel___> lol. Right. Ok.
<sarnold> ccze?
<trevorj> sarnold: makes logs readable, colorizes ;)
<sarnold> ah :)
<trevorj> sarnold: it's got a memleak though so you can't run it for months (tried that)
<sarnold> trevorj: hahahaha
<trevorj> Was great when production servers went down due to my own colorized log viewing
<trevorj> lol
<joel___> So, hitting my domain.com/butt gives me a not found in my error log (awesome), but it doesn't throw any error when tailing the syslog and navigating to a file that IS in existence (domain.com/install.php)
<joel___> lol @ CoLoRz
<trevorj> joel___: kinda nice isn't it?
<joel___> Totally
<joel___> :)
<trevorj> joel___: enable showing of startup errors and showing errors
<trevorj> joel___: that way it'll actually output something to your browser as well
<joel___> Mmm.
<trevorj> joel___: display_errors and display_startup_errors
<trevorj> joel___: they're both off by default in the config
<tyson_> Hi there, I have an issue with updating my 12.10 ubuntu server with fetching error, can anyone help?
<joel___> Sure enough, startup_errors was Off (displaying I turned on already). I'll restart.
<trevorj> tyson_: what do you mean fetching error?
<trevorj> tyson_: like with apt-get ?
<tyson_> trevorj: yes, sorry
<trevorj> tyson_: pastebin the error
<trevorj> tyson_: er, full output I mean
<tyson_> trevorj: ok
<tyson_> trovrj: http://imagebin.org/248250
<trevorj> tyson_: sounds like your dns isn't working
<trevorj> tyson_: can you 'dig google.com'
<trevorj> tyson_: er, dig +short google.com
<trevorj> tyson_: cat /etc/resolv.conf
<trevorj> tyson_: do you see any nameserver entries?
<tyson_> trevorj: I haven't tried as I installed it as a server (black and white)
<trevorj> tyson_: are they correct?
<tyson_> trevorj: let me try
<trevorj> tyson_: hey, it's got colors too ;)
<joel___> So, apache2 error.log is showing 'caught SIGTERM, shutting down'. It's crashing, then? I'm a bit confused as text files and a phpinfo(); is running fine, but no other *.php files are working.
<tyson_> trevorj: lol... i meant, I only have the shell sript and I only access it remotly, anyway, I think it's empty
<trevorj> tyson_: are you using DHCP or static IP
<tyson_> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
<tyson_> #     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<sarnold> tyson_: two lines?
<trevorj> tyson_: are you specifying network config via /etc/network/interfaces or via network-manager
<tyson_> trevorj: good question... I was on DHCP but messed about with it the other day to get a static IP, so it is now on static
<trevorj> tyson_: rm -f /etc/resolv.conf; echo -e 'nameserver 8.8.8.8\nnameserver 8.8.4.4' > /etc/resolv.conf
<trevorj> tyson_: try that ;)
<tyson_> trevorj: knowledge is power.... UP and running, thank you... what was the problem?
<trevorj> tyson_: you were missing DNS servers as you were originally setup DHCP
<trevorj> tyson_: when you switched to static you didn't specify any nameservers so after you rebooted you lost your generated dns server list
<trevorj> tyson_: I asked you to rm the existing copy as if you don't it will auto generate it via resolvconf
<trevorj> tyson_: it's originally a symlink to a tmpfs file
<tyson_> trevorj: thank you very much
<trevorj> tyson_: you can also specify them in /etc/network/interfaces but I always forget if the syntax is plural or not so I just do it the old way
<trevorj> tyson_: anytime, sir
<tyson_> trevorj: that is the file I edited to give it a static Ip in the first place
<trevorj> tyson_: yes it is
<trevorj> tyson_: you can use dns-nameserver or dns-nameservers in there under the iface if you don't remove the symlink as I asked you to do
<trevorj> tyson_: I just never remember which of those two it is
<trevorj> tyson_: so I do it this way
<trevorj> tyson_: tis all preference
<tyson_> trevorj: thank you for sorting the problem out but most of all for the explanation.... VALUABLE
<trevorj> joel___: sorry, I missed your message
<joel___> NO, you're good. :)
<trevorj> joel___: thats just from you restarting apache2
<trevorj> joel___: it's also possible your app is die()'ing
<trevorj> joel___: you may be in for some php troubleshooting
<joel___> (how do you guys keep addressing people like trevorj__: ? Typing that manually?)
<trevorj> joel___: tab complete ;)
<joel___> trevorj: BAm
<trevorj> yeah, IRC is awesome.
<joel___> trevorj: Yeah, I'm able to drop some PHP in a test file (http://dev2.concrete.ly/test2.php)
<joel___> But the install.php is just blankâ¦
<trevorj> joel___: what app is this?
<joel___> ClientExec
<trevorj> ah, paid app
<trevorj> does it use some nasty obscurity methods?
<joel___> Could you tell me if my permissions are correct?
<joel___> Ohâ¦ maybe?
<trevorj> most paid apps do
<joel___> thought it was a free download
<trevorj> they usually use something like, crap I forget the name
<joel___> Aaaah. Interesting.
<trevorj> joel___: ioncube is the one most widely used
<trevorj> joel___: If you're just looking for helpdesk software and you're just testing one out, I like OTRS
<trevorj> joel___: in access.log when you go to the install.php link
<joel___> trevorj: Figured Ioncube was installed already. Like some sort of 'encryption', but not? Also, I'll check that out. It's more for the billing and server integration aspect
<joel___> trevorj: Nothing. doesn't show a thing, as the file is there. It's just blank...
<trevorj> joel___: can you paste the single line that outputs in access.log?
<trevorj> joel___: access.log has to output something, it always does upon http connection
<joel___> Mmm. One sec (was thinking error.log)
<joel___> trevorj: 76.27.233.224 - - [26/Feb/2013:23:22:16 +0000] "GET /install.php HTTP/1.1" 200 293 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/536.26.17 (KHTML, like Gecko) Version/6.0.2 Safari/536.26.17"
<trevorj> oh wow, it's a 200!
<trevorj> your script is not dying with an error
<trevorj> your script is showing you nothing with a success code
<trevorj> this is an application problem
<trevorj> joel___: yes, it requires ioncube
<trevorj> joel___: https://www.clientexec.com/members/index.php?fuse=files&view=FileList it says _ioncube.zip
<joel___> trevorj: Awesome! That's really helpful trevor. I assumed I botched something in the vhost setup. I'll pay more attention to access log.
<joel___> trevorj: aaah. K. I thought I had that enabled, but I'll double check.
<trevorj> joel___: make sure you enable it in the right place in /etc/php/, cli and apache2 have separate configs
<joel___> trevorj: Mmm
<trevorj> joel___: ioncube comes with a php file to test it out
<trevorj> joel___: toss that in your webroot and try going to that
<trevorj> joel___: also, keep in mind you're running untrusted non open source code ;)
<trevorj> joel___: it may require a license, they seem to on their site, but who knows
<joel___> trevorj: This is making sense. Yeah, they gave me a trial code. So there is some encrypted 'ion cube' stuff i with the php files.
<joel___> trevorj: Yup - there it is. Ok.
<trevorj> joel___: yeah, ioncube instantly makes code undebuggable
<trevorj> Anyone know where the most up to date cinder charms are for precise-folsom?
<trevorj> oh weird, it found it this time, nevermind
<adam_g> trevorj, lp:charms/cinder should be.
<trevorj> adam_g: yeah, it gave me a 404 the first time, my fault, thanks ;)
<adam_g> ah
<trevorj> oh, nevermind, I was in the wrong terminal
<trevorj> sigh
<trevorj> How does everyone here handle post-install configuration when using MaaS+Juju? I used to use scripts specified in the preseed, but is there any better way these days?
<trevorj> I wrote some scripts to handle iLO configuration like setting server name to hostname, setting network in boot order, setting up standard user accounts, things like that
<trevorj> If there's a nice place to put such things in MaaS I'd be happy to submit it in
<trevorj> I see commissioning-user-data would be a great place for alot of this, besides setting the server name to hostname
<sarnold> do you really care about servernames in the maas+juju lifestyle?
<trevorj> yes, these are iLO server names
<trevorj> otherwise it's a freaking guess as to which blade is which
<sarnold> hehe
<trevorj> I have to look it up by mac address
<trevorj> there's more post install stuff I want to do as well, and I'm assuming the best place for that would be in the preseed
<trevorj> I've been using salt for deployments in the past
<adam_g> trevorj, you can modify the base preseed that is used for all machines. not sure if there is a better way to do it
<trevorj> adam_g: yeah, I've already done that, it's a tad finicky for my taste though ;)
<adam_g> trevorj, by post-install stuff, do you mean things that can be done post-first boot? or during initial provisioning?
<trevorj> during post-first boot
<trevorj> er after
<trevorj> Is cloud-init a good place for such things?
<sarnold> trevorj: you may wish to also ask in #juju or #maas -- both are a bit more dedicated to the tools at hand
<trevorj> great, ty
<trevorj> sarnold: I didn't know such channels existed
<trevorj> sarnold: much appreciated
<sarnold> trevorj: woot :)
<adam_g> trevorj, cloud-init would be, but when using juju you have no ability to modify cloud-config that is sent to new nodes
<trevorj> adam_g: right!
<trevorj> adam_g: what I'd love to do is setup a salt minion upon first boot
<trevorj> adam_g: as it seems juju is more meant for services and not deploying configurations
<trevorj> adam_g: it just sems as if there may be (or should be) a better way to modify the cloud-config that juju sends
<adam_g> trevorj, is setting that up something that could be contained in a juju charm? i'm not familiar with the salt architecture.
<trevorj> adam_g: you know, it could.
<trevorj> adam_g: and that is what I was looking for, the revelation
<adam_g> trevorj, you may want to look at subordinate charms. you may be able to put together a subordinate charm that is deployed alongside the rest of your serivces, that takes care of hooking it up into your salt stack, and have it take care of the lower-level config bits that the principle service probably doesn't care about
<trevorj> adam_g: wonderful
<adam_g> trevorj, theres been discussion about doing similar with subordinates that relate services to existing puppet or chef servers.
<tyson_> trevorj: a quick question for you... what do I need to access my server from outside my "home" network?
<trevorj> adam_g: I suppose I should start looking into how juju really works then!
<trevorj> adam_g: thank you
<trevorj> tyson_: port forward for ssh
<adam_g> trevorj, np
<trevorj> adam_g: since you seem to know some intricate details on things like this, maybe you'll know an answer to this as well
<tyson_> trevorj: do I have to do that on my router and modem?
<trevorj> tyson_: router only probably, unless you are doing some nasty double natting
<trevorj> adam_g: I had to disable avahi-daemon in my preseed because my internal domains are subdomains of locsol.local
<trevorj> adam_g: ie, it ends in .local
<trevorj> adam_g: since my dns domain is lan0.beast2.locsol.local, avahi takes it that it owns the entire .local root domain and returns NOTFOUND
<tyson_> trevorj: nothing dodgy. I have fiber and it seem weird but I have a modem from BT on the wal connected to a router from Talk talk on it...
<trevorj> adam_g: is there an existing way to get avahi to not manage subdomains of .local? I was thinking of patching avahi-daemon to have a blacklist-domain option for anything below a certain domain
<trevorj> adam_g: that way .local would still be handled, just not anything below the blacklisted domain (in my case locsol.local)
#ubuntu-server 2013-02-27
<trevorj> adam_g: it also works fine if I just use hosts: files dns mdns4 in nsswitch.conf
<trevorj> adam_g: but that would break some people's ability to use mdns as some nasty ISPs have a .local domain in their DNS zones
<adam_g> trevorj, i think the MAAS domain name is configurable?
<trevorj> adam_g: I configured it, the DNS part works fine
<trevorj> adam_g: the problem is in nsswitch.conf you have this by default: hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
<trevorj> adam_g: since the [NOTFOUND=return] is there, it never checks anything below .local if avahi can't resolve it
<trevorj> adam_g: which it cannot since it's a subdomain of .local and not just avahi's default of .local
<trevorj> adam_g: would it be best if I change avahi-daemon's domain to my real subdomain of .local? But then what if I want a DNS address for that to be resolvable that's not avahi published?
<sarnold> I think everyone just gave up fighting .local and switched to .priv or .intern or something else :(
<trevorj> lol
<trevorj> kind of hard for me to switch at this point =(
<trevorj> Do people really use multiple avahi domains?
<patdk-lap> people really use avahi?
<trevorj> lol, right
<sarnold> heh, yeah, to my knowledge, no one _uses_ it.
<patdk-lap> the only thing I ever see using it is, airprint
<sarnold> but perhaps living the Apple Lifestyle or sometihng it'd be handy?
<trevorj> I guess I really don't mind disabling it I just don't want some package to pull in avahi-daemon and much up my resolves one day
<sarnold> that sounds like a healthy fear :)
<trevorj> I should really just fix nsswitch.conf, which is why I have the post-install config question to begin with ;)
<tyson_> trevorj: Now that I have done it what should the address be? my dns:ip:port??
<trevorj> tyson_: to access it externally?
<tyson_> trevorj: yes
<trevorj> tyson_: your external IP:port
<trevorj> tyson_: unless you use ddns or something
<trevorj> tyson_: ssh is -p for port
<trevorj> tyson_: 22 is default
<tyson_> trevorj: I usualy do it indoors with ssh -l user ip or ssh user@ip
<trevorj> tyson_: I recommend to setup ssh key auth if you're making this externally accessible
<tyson_> trevorj: ok, thank you.
<trevorj> tyson_: you also may be interested in fail2ban to block all those chinese ssh attackers
<genii-around> Alternately move ssh to some other high numbered obscure port
<tyson_> trevorj: lol... really ??? i'm gonna be honest... there is nothing on that server other then movies and photos.... are Chinese really into ssh? how does that fail2ban work?
<trevorj> tyson_: they just try random IPs by brute forcing passwords
<tyson_> genii-around: I did think about that]
<trevorj> tyson_: I had a box get cracked with a 32 char random password once
<trevorj> tyson_: took 5 years of brute forcing but they got in
<tyson_> damn
<trevorj> tyson_: nah wait, it was probably 16 chars, I think thats when I convinced my boss to move to ssh key auth for everything and 32 chars
<trevorj> tyson_: but still
<tyson_> trevorj: so, if i got it right, the fail2ban puts the ip on a ban list after a certain amount of attemps, right?
<genii-around> tyson_: fail2ban will put their ip temporarily into hosts.deny after a certain amount of failed login attempts.
<trevorj> It will add a reject iptables rule
<tyson_> genii-around: lol... that happened to me with my website server.... very nice.... couldn't access it through the weekend
<trevorj> tyson_: I access them from a different IP when that happens
<trevorj> tyson_: hell, hop on tor even ;)
<tyson_> trevorj: I had to, from my ipad 3G
<trevorj> tyson_: sounds fun, I love tablet ssh
<trevorj> tyson_: really like the keyboard </sarcasm>
<trevorj> tyson_: very handy though
<tyson_> trevorj: it helps with the kids... when I tell them to turn them off and they don't... I DO IT MYSELF
<trevorj> ahaha
<tyson_> trevorj: but sometimes I get the karma, just like now.... I am trying to do what you gays told me, reboot the server and can not access it now...
<trevorj> wonderful typo
<tyson_> trevorj: oh well, gotta plug in the mouse and keyboard nd get on with it
<trevorj> tyson_: what did you do on it?
<trevorj> tyson_: ssh key auth and/or fail2ban?
<trevorj> tyson_: or high port, etc etc
<tyson_> trevorj: the update, upgrade, then the nameserver change
<trevorj> ah
<trevorj> fun stuff
<tyson_> trevorj: then started with ports and allowences
<trevorj> tyson_: I always hate that moment, when you realize you need a keyboard
<tyson_> trevorj: then went on to the router and port forward.... now STUCK
<tyson_> trevorj: hahahaha
<tyson_> trevorj: I am very lucky that the machine is right here in front of me... but hey it is 1:10 in the morning so i will give it a miss for now and come back to it tomorrow
<trevorj> tyson_: you got it, sorry for the troubles, hope all goes well
<tyson_> trevorj: sorry about the typo. I never get it right, honestly....
<trevorj> tyson_: lol, I found it funny, no worries
<tyson_> trevorj: it took me years to get the HE and SHE right.... nevermind the gay and guy... its just the way English people read, drives me mad
<trevorj> tyson_: is english not your first language?
<trevorj> tyson_: you speak it very well if not, could of fooled me
<tyson_> trevorj: I am Portuguese by the way
<tyson_> trevorj: it is now a days, I have an all english family, such as wife and kids. Live in England as well but I come from Portugal dough
<tyson_> trevorj: and you are English, right???
<trevorj> tyson_: I'm a nasty American
<trevorj> tyson_: ;)
<tyson_> trevorj: Really??? please, don't take this the wrong way.... I thought you were English as you made a mistake very common with the English could of instead of could have... but hey.... with my gay ang guy who am I to say anything
<tyson_> trevorj: lol
<trevorj> tyson_: lol, yeah I'm by no means perfect, thanks for noticing though, now I'll look for it
<tyson_> trevorj: thank you for your help today... you were very helpful indeed... now off to bed. Hope to type to you soon to increase my knowledge
<trevorj> tyson_: have a good night
<GTAXL> How can I implement 2.4.x Apache repos into Ubuntu server?
<katronix> Hi all, would this be a good place to ask about suPHP issues? or can you point me to the right channel if not?
<sarnold> katronix: can't hurt to ask anyhow though maybe ##php would be better, if it more about php..
<katronix> [Tue Feb 26 20:37:56 2013] [error] [client 107.201.252.193] SoftException in Application.cpp:299: Script "/home/chris/sites/chrisamoody.com/public_html/test.php" resolving to "/home/chris/sites/chrisamoody.com/public_html/test.php" not within configured docroot
<katronix> trying to identify what to do with this error to fix it
<sarnold> katronix: this page here mentions a suphp.conf file, with a [global] config option 'docroot': http://www.suphp.org/DocumentationView.html?file=CONFIG
<sarnold> katronix: how is your suphp.conf docroot set?
<katronix> sarnold, let me check
<katronix> ah there is the issue lol
<azbyin> hi all
<azbyin> is there a way to change the uid/gid of the default "ubuntu" user ?
<patdk-lap> just edit it
<azbyin> is there a user with uid 999 ?
<azbyin> i mean a usual one for some service
<qman__> don't think so
<qman__> be aware that doing this will cause all the user's files to no longer belong to the user
<qman__> you need to chown afterward
<azbyin> yeah, i know
<azbyin> i was wondering if it might conflict with some packages in the future where they generate a new user with uid 999
<qman__> I don't know of any packages that create a user, which are not in the 100-range, or 1000+
<qman__> which is not to say they don't exist, I just haven't seen any
<azbyin> looks like x2go uses uid 999
<son_> hey
<son_> I think there something wrong with my MX record
<histo> son_: probably
<son_> when I use dig A mail.domain.com there is no IP
<histo> son_: what's your domain?
<son_> in A record
<histo> son_: there shoudn't be an ip for the mx record
<son_> hmd-c.com
<histo> son_: let me check
<son_> ok thanks
<histo> son_: Your mx is set to mail.hmd-c.com.
<son_> yes
<son_> thats my server name
<histo> ip is 173.201.193.199 for mail.hmd-c.com
<son_> I think thats the ptr record right?
<histo> son_: that's what mail.hmd-c.com resolves as
<son_> so what do you think is the problem?
<son_> I can send and receive emails internally
<son_> but externally I can only send but not receive
<histo> son_: Is that the IP of the server?
<son_> no
<histo> son_: then that's the problem
<son_> yeah
<histo> son_: you need to point mail.hmd-c.com to your mail server
<son_> how can I point that?
<histo> son_: in your a name records
<son_> i've bought that domain in godaddy.com
<histo> son_: go to godaddy's total dns control and create an A record pointing mail  at your IP of your mailserver
<son_> sorry im a newbie here in DNS and mail server stuff
<histo> son_: me too i've never done it but I understand what's wrong.
<son_> I already did that
<histo> son_: did you install av and anti spam stuff?
<son_> yeah
<son_> there is no log in mail.log
<son_> when I send from yahoo or google to my server
<histo> son_: mail.hmd-c.com is not resolving to the right ip righ?
<son_> yes
<histo> that's the issue how the hell wwould mail get to your server if mail.hmd-c.com isn't pointing tot he right place. YOu need to double check your dns records on godaddy
<son_> ok wait
<histo> son_: outside email servers are going where is mail.hmd-c.com and they see 72.167.82.11
<histo> son_: is that the right one?
<son_> my IP here in my server is 112.202.181.190
<histo> son_: Your dns is jacked up
<son_> my MX record already pointed to mail.hmd-c.com
<son_> i know lol
<histo> son_: The ip for mail.hmd-c.com is changing
<histo> son_: everytime I ping it
<son_> yeah
<son_> I think thats because of godaddy
<histo> son_: You need to fix your dns settings with godaddy. Your A names what are they set  to?
<son_> my A record points to my IP address
<histo> son_: What is it set as?
<son_> 112.202.181.190 this IP
<son_> @
<histo> no @ www mail????
<histo> son_: okay add another one
<histo> add mail and point it at your IP
<son_> in A record?
<son_> done
<son_> host = mail, points to = 112.202.181.190
<son_> is that right?
<histo> son_: yes
<histo> assuming that 112.202.181.190 is your ip
<son_> yeah its my public IP
<histo> son_: still hasn't propagated yet
<son_> it will take some time I guess
<histo> son_: give it a few minutes
<son_> yea sure
<son_> I've been stuck here for a couple of days
<histo> son_: what'd you have mail set as before cname?
<histo> or just not set?
<son_> not set
<histo> son_: are you sure you didn't just create a cname? it looks like you did from dig
<son_> yea godaddy provided that
<histo> son_: there are 2 A records for some reason of both just hmd-c.com pointed at two different ips
<son_> the other IP was provided by godaddy
<son_> I just didn't erase that
<histo> son_: well it should be workign now. It resolves properly now
<son_> really?
<histo> son_: A records are for IPs  cnames are for hostname forwarding
<histo> son_: yes mail.hmd-c.ocm resolves to 112.202.181.190
<histo> which is what your mx record is set to.
<histo> Looks good now
<son_> i'll give it a try
<histo> son_: Which howto did you follow?
<son_> flurdy
<histo> ?
<histo> linkage
<son_> http://flurdy.com/docs/postfix/
<son_> still no log :(
<histo> son_: It should be working. People should be hitting imap assuming the port is open
<histo> son_: let me check
<son_> yea sure
<son_> i've tried sending mails to yahoo and it was there but when I reply to my server nothing happens
<histo> son_: what is it port 143?
<son_> I think thats the imap
<histo> dns just went wonky agai
<histo> again
<son_> what?
<histo> It's not pointed at your ip anymore
<histo> son_: Alright what do you have in your DNS records?
<son_> cname?
<histo> son_: pastebin a screenshot
<histo> !paste | son_
<ubottu> son_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<histo> son_: also your ip is refusing connections on port 143 and port 220 so no IMAP.
<histo> son_: is it maybe imaps?
<son_> hmm
<histo> son_: did you set your router to forward the ports
<son_> I dont know really
<son_> yeah
<son_> my ISP block port 25
<histo> So what'd you do to resolve that?
<son_> http://paste.ubuntu.com/5569813/ heres the link
<son_> relay host to my ISP
<son_> I connect via port 587
<son_> and use their smtp server
<histo> son_: Where'd you get that info from your isp?
<son_> i've called my ISP and thats the only thing they gave me
<histo> son_: Are you using any of the other services provided by godaddy for the secureserver stuff?
<son_> nope, it was there when I bought it
<son_> this is my /etc/postfix/main.cf http://paste.ubuntu.com/5569816/
<histo> son_: get rid of all those cnames then and create antoerh aname with @ as the host and point it at your ip
<histo> son_: postfix is not the issue
<histo> son_: one is your DNS the other issue is your ports being blocked
<histo> son_: so lets fix the dns first then the ports
<son_> ok sure
<histo> son_: So the only thing you should have is two anames one for @ and one for mail  both pointed at your ip and an MX record pointed at mail.hmd-c.com
<son_> ive already deleted all cnames
<histo> son_: Okay then fix the anames
<son_> error
<histo> son_: ?
<histo> What's the error?
<son_> A record of a different type exists for the hostname @, could not create CNAME
<son_> thats the log
<histo> Why are you creating cnames?
<histo> NO CNAMES
<son_> what will I create?
<histo> two A's one for mail and one for @ both pointed at your IP
<histo> or atleast one for mail
<son_> its ok now
<son_> ill try to send to yahoo
<son_> using telnet
<histo> son_: it's still not updated here
<son_> it sends
<son_> but lets wait for a while
<histo> son_: as we've already figured out sending is not the issue. Not quite sure why you keep checking that. Has nothing to do with receiving
<son_> right
<son_> im just testing sorry
<son_> do you think its ok now?
<son_> ive tried sending from yahoo and I still dont get any logs :(
<histo> son_: let me check
<son_> sure
<histo> son_: there is still a goofy aname record of 50.63.202.52
<histo> son_: and pinging mail.hmd-c.com is not resolving to your IP so no it's not working still
<son_> lest wait for a while
<son_> ive already remove that address
<histo> son_: Why not look at your router and make sure that your ports are forwarded to your server
<histo> while we wait
<son_> im using dlink 600
<histo> son_: Okay log in and forward port 143 to the internal IP of your server
<son_> its done
<histo> okay well it's not answering
<son_> do you think its an ssl issue?
<histo> son_: did you only enable imaps  or imap ?
<histo> son_: it's not even listening on port 143
<son_> yeah
<histo> son_: let me look at the silly howto you are following hold on?
<son_> yea sure
<son_> thanks for the time
<histo> son_: did you install shorewall?
<son_> not yet
<son_> im planning to set this up first before I install that
<histo> Okay
<histo> You installed courier right?
<son_> yeah
<histo> son_: On that machine can you telnet localhost 143
<son_> yeah I can
<histo> son_: And it answers with?
<son_> Connected to localhost.localdomain. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2011 Double Precision, Inc.  See COPYING for distribution information.
<histo> son_: okay now make sure your forwarded both tcp and udp port 143 on your router to internal ip of your server
<son_> its already forwarded
<histo> son_: You said you have  a dlink dir600?
<son_> yes
<histo> son_: http://portforward.com/english/routers/port_forwarding/Dlink/DIR-600/Imap.htm
<histo> Do you have a DSL modem also?
<histo> or calbe or whatever
<histo> like Cable modem > dlink > server ????
<histo> or just dlink > server???
<son_> dsl > router > server
<histo> son_: So a seperate dsl modem right?
<histo> on top of the dlink?
<son_> yes
<son_> running my server behind a router
<histo> Ahh you have a double nat issue
<histo> dsl modem is seeing the request for port 143 and doesn't know what to do with it.  The request never even gets to your home router
<histo> So you have a couple of options to fix this.
<son_> how?
<histo> You can configure your dsl modem to be a bridge device and let the dlink handle your dsl connection. Or you can edit the config of your dsl modem and put your routers IP int he DMZ
<histo> son_: in your routers config you can probably see what IP your dsl modem is giving your router. Then you should be able to connect to your dsl modems config page and change settings there.
<histo> brb
<son_> im not sure I think Im not authorized to do configuration
<histo> son_: http://www.practicallynetworked.com/networking/fixing_double_nat.htm  here is an explaination. YOu can configure your dsl modem. You had to to enter a username and password for your dsl connection.
<histo> Read up on that for an explanation you will understand what's going on. I have to go for a bit.
<son_> ive already enabled dmz in my router
<histo> son_: You need to put your router in the dmz on the dsl mdoem
<son_> i think bridge mode is disabled in my dsl
<son_> when I login in the browser it only display the information about the dsl
<histo> son_: Yes if your dslmodem is in bridge mode you can't even login to it. You put your dsl login settings in your dlink.
<son_> how?
<histo> son_: The easiest way is for you to login to your dsl modem and disable any firewalls and put your router's WAN IP in the DMZ
<histo> son_: if not what kind of dsl modem is it?
<son_> P-660HN-T1A
<son_> ive already enable dmz points to my server
<son_> in my router
<histo> son_: let me see
<son_> how?
<histo> nope still not working
<histo> I'm trying to telnet 112.202.181.190 143   and it's not responding
<histo> So the port isn't being forwarded still
<son_> aww :(
<histo> On the dsl modem put the routers WAN IP in the DMZ and be done
<histo> the servers ip is probably on a different class and the dsl modem doesn't know what to do with the request
<son_> how can I put WAN IP on the dsl modem
<son_> the dsl modem gives me nothing
<son_> only status and information
<son_> I get it!
<histo> ?
<son_> ive already log in into the admin account
<histo> The cable that runs from the dsl modem to the router is plugged into the WAN port on the router. The router gets an IP from the dsl modem. The router also has an IP and subnet that it hands to inside machines. The WAN port's IP needs to be placed in the DMZ on the DSL Modem. I don't know how else to explain this.
<histo> Once you accomplish this rejoice and be done with all your issues
<son_> ive already open ports in dsl modem
<son_> ive open port 143
<son_> can you telnet my ip again?
<son_> hey what encapsulation will I choose?
<son_> in bridge mode
<histo> Trying right now. It's just sitting there now
<histo> It's not answering but it's not denying the request either
<histo> Not sure what you have setup now.
<histo> and your IP isn't responding to pings anymoe
<histo> son_: anymore
<son_> still there?
<son_> I lost my internet connection
<son_> histo are you still there? can you telnet my ip again?
<son_> histo
<histo> Yeah I'm back
<histo> son_: doesn't answer and doesn't deny it's just sitting there blinking termianl not sure what is going on
<son_> after I enabled bridge mode I lost my connection probably because of NAT
<histo> son_: No you need to set your connection up in your dlink after you brdige mode the dsl modem
<son_> where here?
<histo> I don't have a dlink so I don't know usually on the setup page the first screen you come to on the router.
<histo> Let me see if I can find some directions
<histo> You'll also need your dsl login name and password for this
<son_> yeah sure
<histo> son_: Alright on the setup page
<histo> son_: There is a internet connection wizard should walk you through it after you put your dsl modem in bridge mode again.  If not you can do manual setup.
<histo> son_: http://screenshots.portforward.com/routers/Dlink/DIR-600/Internet_Setup.htm  This page
<son_> do I enable access point mode?
<histo> son_: I would look for something that says pppoe
<son_> o yeah i saw that
<histo> I can't find pictures of the internet connection wiziard settings
<son_> dynamic or static ip?
<histo> son_: I don't know what you ISP gives you.
<histo> son_: most are dynamic
<son_> static it is lol
<son_> this is my public ip right?
<son_> 112.202.181.190
<son_> this?
<histo> son_: Your ip should be assigned after you sign in
<histo> son_: You shouldn't ahve to put all this in. Are you doing the wizard or the manual?
<son_> manual
<histo> son_: doe the wizard please
<histo> use the wizard
<son_> ok
<histo> son_: are you still ont he same network?
<histo> son_: like with this chat?
<histo> If so your IP changed
<son_> got dc again
<son_> hey can we do this tomorrow?
<son_> im at work and its almost time to go
<son_> histo
<histo> yea im sure someone can help
<son_> but I want you to teach me
<son_> lol
<son_> you have facebook account?
<histo> Nope
<histo> son_: YOu need to find out if you isp is giving a dynamic IP. you will have issues
<son_> yeah I'll just contact them tomorrow
<son_> will you still be here tomorrow?
<son_> same time?
<son_> lol
<son_> please I really need this to be done, or else my boss will fire me :(
<histo> I will not be here. Others can help. You understand that you have a doublenat like described above on that page. Others can help you fix it.
<son_> one last
<son_> I get this error everytime I try to send to my server from google
<histo> What's that?
<son_> http://paste.ubuntu.com/5569972/
<son_> here
<son_> you have any idea?
<histo> son_: Yeah you need to open open serveral ports
<histo> son_: let me find you a howto that expalins everythign give me a sec
<son_> yea sure
<histo> son_: Still looking for the guide I had it was great and would be perfect for you. I'll ahve to search through browser history bare with me
<son_> ok
<son_> still have 5 mins left lol
<son_> thank you for your time mate
<son_> you've helped me a lot
<histo> son_: http://workaround.org/ispmail/squeeze   This explains everything.  Atleast you will understand all the components
<histo> son_: everything will be clear after readin ghtat
<son_> I already visited that site but didn't stay there
<son_> hey can you telnet me again for one last time?
<joel___> Good evening. MySQL isn't 'working' quite right with my new web server. However, it's installed and accessible via command-line. Any idea what it is I need to add to my php.ini file in order to load the php-mysql module?
<joel___> NM - the 'module' wasn't installed. apt-get install php5-mysql
<joel___> lolz. Ty anyway.
<jamespage> zul, your rtslib package FTBFS; I fixed it up and a load of other issues with the packaging and uploaded to raring.
<jamespage> zul, https://launchpad.net/ubuntu/raring/+source/rtslib/2.1.fb27-0ubuntu2
<rbasak> jamespage: hey. Please could you review/sponsor bug 1132302? The version in my PPA is fine to upload as-is; just knock off the ~ppa2 suffix. https://launchpad.net/~racb/+archive/experimental/+files/drbd8_8.4.3-0ubuntu1%7Eppa2.dsc diff against 2:8.3.13-2 (debian/ dir only): http://paste.ubuntu.com/5570163/
<uvirtbot> Launchpad bug 1132302 in drbd8 "drbd8-utils are not compatible with kernel 3.8" [High,Triaged] https://launchpad.net/bugs/1132302
<jamespage> rbasak, sure
<jamespage> rbasak, +1 uploaded thanks for doing that work
<rbasak> jamespage: no problem. Thank you for sponsoring!
<jamespage> Daviey, wondered why mongodb took so long to build - it also builds all is dependencies and static links them
<jamespage> lol
<Daviey> fml
 * RoyK sticks to postgresql
<Sander^work> Do anyone have some experience with canonical support? Wondring if I should go for service spesific support, like for eg. mysql.. Or for ubuntu support as it  covers more services.. Do anyone in here have any support agreements?
<vezq> Sander^work: what kind of support you are looking for?
<Daviey> Sander^work: I think Canonical support is brilliant.. but some might argue i am biased.
<Sander^work> vezq, basicly mainly for mysql and apache.. We have virtualization platforms as vmware and xen.
<Sander^work> Daviey, Do you know if canonical have deep mysql experience?
<Daviey> Sander^work: depends what aspect of deep you mean.. :).. If it's optimisation of database schema for mysql, then no.. if it's.. "How do i do foo?" .. "Or foo doesn't seem to be working?".. then likely yes
<Sander^work> Daviey, Are they eg. able to assist in recovering from a system failure with corrupt mysql data? In the current case the fix was to set innodb_file_per_table=1 and export all tables invidually and reimport them. Is this a typical case they could have found out about?
<Daviey> Sander^work: I would hope so.. but probably best to speak to them :)
<ivoks> jamespage or adam_g anyone around?
<jamespage> ivoks, yes
<david_> any one remember the command that repeatedly executes a command. So I can give it a command like ps ax and it reacts like top ?
<david_> watch
<david_> I found it
<nilli> I'm on an Ubuntu 8.04.4 LTS server and I've run into issues with ports. My PHP script needs to do a SoapClient() call for an address specifying port 2443, but my server doesn't seem to respond on that port. I used instructions on http://portquiz.positon.org:2443/ and got no response on this Ubuntu server, while doing the same thing on a different server did give me a response.. so how do I make my Ubuntu server allow this port?
<ikonia> nilli: what is listening on that port ?
<nilli> sudo netstat -anpc | grep 2443
<nilli> tcp        0      1 myip:51624        theirip:2443     SYN_SENT    19378/apache2
<ikonia> nilli: , I asked what was listening on that port
<nilli> how do I check that?
<ikonia> nilli: is the port 2443 on a server you manage ? or someone elses
<nilli> someone else's, but when I try to connect I only get "connection timed out", which is the same symptom I get when testing the wget command from portquiz
<ikonia> nilli: just do a basic telnet test
<ikonia> nilli: confirm the port is open and listening
<nilli> "telnet portquiz.positon.org 2443" gets stuck at "Trying..."
<ikonia> nilli: ok, so that sounds like the remote server is not responding
<nilli> but if I go to the address with :2443 in my browser, I have no issues
<nilli> https://payment.raddabarnen.se:2443
<ikonia> nilli: I get a connection
<ikonia> nilli: if I telnet to payment.raddabarnen.se 2443
<nilli> telnet: Unable to connect to remote host: Connection timed out
<nilli> so my server is the issue
<ikonia> nilli: are you running a firewall ?
<nilli> I have no idea
<nilli> I started working at this company just recently and I had to instruct my host how to give me root access because he didn't know how
<ikonia> nilli: ok, so it's doubtful it's a software firewall, but it's worth checking
<ikonia> nilli: more probable it's a network firewall
<ikonia> both could be right though
<nilli> I hope it's a setting on this machine, we'll have unusable websites in 2 weeks unless I can fix this :S
<ikonia> nilli: check ufw service, try turning it off if you can
<ikonia> nilli: that will remove the ubuntu default firewall
<nilli> ufw: command not found
<ikonia> (disable it)
<ikonia> it's a service, not a command
<nilli> in init_d then?
<jpds> It is a command.
<ikonia> jpds: can you just run ufw ?
<jpds> ikonia: Yes.
<ikonia> there you go then
<jpds> ikonia: How else would you configure it?
<ikonia> jpds: I meant to stop and start, I thought it was just a wrapper around iptables
<nilli> sudo ufw disable
<nilli> sudo: ufw: command not found
<ikonia> nilli: iptables -L will show if you have any rules
<nilli> one screen of lines, they all seem to go from "source anywhere" to "destination anywhere"
<ikonia> so looks pretty open
<nilli> with one line for source localhost and another for destination localhost
<nilli> ah, and they all say ACCEPT
<nilli> hm, I see that they specify things like :ftp and :ssh and :www
<nilli> if I add one for :apache2 do you think my issue could be solved?
<ikonia> no apache2 is wwww
<nilli> ah ok
<ikonia> nilli: do a sudo iptables -F and flush thenm
<ikonia> them
<ikonia> or jpds maybe able to do it better with ufw
<ikonia> I don't know the ufw syntax
<jpds> ikonia: sudo ufw status verbose
<ikonia> thanks jpds
<ikonia> there you go nilli
<ikonia> saves me reading the man page
<nilli> except I don't have ufw
<jpds> ikonia: Which you should do anyway.
<ikonia> jpds: if I needed it I'd be happy to
<ikonia> jpds: is ufw default in 8.04 ?
<jpds> ikonia: I think so.
<jdstrand> it is
<ikonia> nilli: actually.......can you show me the output of uname -a on your server
<ikonia> I wonder if this is one of those vps ones that have bits missing
<nilli> Linux nilli 2.6.32-042stab055.10 #1 SMP Thu May 10 15:38:32 MSD 2012 i686 GNU/Linux
<jpds> Nice.
<ikonia> there we go
<ikonia> it's one of those dodgy vp's
<ikonia> vps
<nilli> how do you see that?
<ikonia> the kernel
<nilli> the bits behind 2.6.32 ?
<ikonia> yes
<nilli> mkay
<jpds> nilli: An Ubuntu kernel would never require someone getting stab'ed.
<ikonia> let alone 55 times
<nilli> haha
<jpds> ikonia: 'tis but a flesh wound.
<ikonia> nilli: in seriousness you can either mess around with iptables, or contact your host and ask them if they are firewalling you locally or external to the guest
<ikonia> nilli: experience says the install will be an "odd one"
<nilli> it doesn't make sense that port 2443 would be blocked if my iptables say ACCEPT source anywhere destination anywhere
<ikonia> nilli: depending on your rules, it could be accept on established, or anything,
<ikonia> flushing the rules will be a good test
<ikonia> but you may also be firewalled at the host, not guest
<nilli> but flushing them sounds scary, what if some of it was added on purpose
<nilli> can I pastebin the file to you?
<ikonia> best to talk to your host
<nilli> the output*
<nilli> he doesn't know anything :S
<ikonia> best to pick a host that does
<nilli> hehe
<nilli> http://pastebin.com/GY8VRApy
<daniel_-> eebsd
<ikonia> that looks like it's dropping ports
<ikonia> nilli: I'd drop those rules and test
<nilli> so -F ?
<nilli> is there a way for me to backup this first?
<ikonia> iptables-save
<nilli> "Use I/O-redirection provided by your shell to write to a file."
<nilli> iptables-save > file.txt
<nilli> sounds good?
<ikonia> yes
<nilli> nice, ok, that looks good
<nilli> -F seems to take a while
<nilli> is it supposed to? it's not done yet
<nilli> $ sudo iptables -F
<ikonia> that should flush the rules
<nilli> I haven't had any output at all yet, so it seems it's still working
<nilli> oh damn.. I can't ssh into it anymore
<ikonia> it's possible this is set from the host
<nilli> oh god, the websites aren't responding
<nilli> >_<
<nilli> need to cal lmy boss
<nilli> did I mention I just started working here?
<ikonia> you need to call your host
<br0xen> blkperl: I got pulled away from my desk yesterday, thanks for the help re: postfix.
<nilli> hah, managed to find the host (tracing ip ftw) and he was kind enough to change the drop policies to accept
<nilli> but "iptables-restore < iptables.txt" doesn't work
<nilli> Error occurred at line: 2
<nilli> line 2 is "*mangle"
<nilli> iptables-restore v1.3.8: iptables-restore: unable to initialize table 'mangle'
<nilli> and that seems to be a kernel issue
<nilli> no it wasn't, I just forgot sudo
<zul> jamespage: fixing quantum wheee
<jamespage> zul,well I'm fixing mongodb on ARM
<jamespage> fun and slow at the same time....
<zul> jamespage:  ouch good luck on that...whats wrong?
<jamespage> zul, 2.2.x introduced a whole load of new ASM code
<jamespage> which works on x86 - but not arm
 * zul runs away
<jamespage> zul, stealing a patch from fedora
<zul> jamespage:  well thats not too bad then
<zul> jamespage: hey can you upload rtslib to staging as well? (when you get a chance)
<jamespage> zul, please review - http://people.canonical.com/~jamespage/ca-updates/
<zul> jamespage: +1
<jamespage> zul, uploaded
<zul> jamespage:  cool
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-ftbfs-2/+merge/150824
<Pupeno_w> Does anybody know how to change the file system type from ext3 to ext4 so running mount /dev/blah /mnt will mount it as ext4 instead of ext3?
<crass> I've gotten myself into a strange situation. Somehow the ondisk partitions are out of sync with what the kernel thinks they are
<crass> specifically, a partition has been deleted, but the kernel still sees it and the filesystem on it is mounted.  Is there a way to get the starting sector of the partition from the kernel?
<crass> just found it in /sys/block/sdX/sdXY/start
<ardian> Hi I just installed apache on amazon ec2 which I also just created but when I try to access the public dns nothing comes up do I have to wait for the dns to be updated or anything like that or is there a firewall problem that I have to work on ?
<JanC> what do you mean with "access the public dns"?  using a host name to browse to your virtual server?
<ardian> JanC: giving my address to the web browser
<ardian> it doesn't give anything back
<JanC> what do you mean by "address"?  IP address or the domain name?
<ardian> JanC: yes
<JanC> ...
<JanC> ardian: which of the two?
<ardian> JanC: domain is pointed to the ip so its the same
<ardian> JanC: when I visit the site it is like the server down, even that though I am connecting to it via ssh
<JanC> you ssh to the domain name?
<ardian> yes
<ardian> ec2-54-235-8-102.compute-1.amazonaws.com
<ardian> JanC: to this one, do I have to enable the ports on the Control Panel of it
<JanC> I've never used EC2, but if there is a control panel where you have to open ports, then I assume there is a firewall  âº
<JanC> I can't even ping to ec2-54-235-8-102.compute-1.amazonaws.com, so it seems like they firewall even useful things...
<ardian> I see
<Haris> Hello all
<Haris> I have to setup ubuntu (via cobbler) on a centos based pxe for network installs of 12.04lts. I have a cobbler distro/profile set. I have the netboot iso/image for 12.04lts. How do I setup cobbler/pxe for installs ? So far, from the setup that I'v done thus far, whenever the install starts, it asks me for the missing cd-rom
<zul> hallyn:  i have libvirt-1.0.3-rc2 packaged
<hallyn> zul: how's it testing?
<zul> hallyn: just building it now
<hallyn> cool
<Haris> when I run cobbler import from the mini iso for 12.04lts, does it import the initrd.gz and kernel that work up network installs or does it import the images which look for a local cd/dvd-rom ?
<Haris> I'v tried from the main CD image for precise. Its not doing the network part
<garbagegod> I have a linode in which apache2 is failing silently
<garbagegod> Is there a verbose option to /etc/init.d/apache2 or anything?
<Pici> garbagegod: failing as in it wont start?
<garbagegod> correct, but no errors
<garbagegod> same with apache2 -k
<tyson_> trevorj: HI there
<garbagegod> anyone
<Haris> does the http://releases.ubuntu.com/precise/ubuntu-12.04.2-server-amd64.iso image contain the files from netboot ?
<tyson_> trevorj: it seems that the experiments of last night didn't go down that well. The errors start on the booting fd0 error then /dev/mapping/swap-1 unable to find drive to mount and then waiting for network configuration and waiting another 60 sec.
<tyson_> Hi, I am having trouble with the swap drive when booting, can anyone help?
<Haris> got it working
<zul> hallyn:  https://launchpad.net/~zulcss/+archive/libvirt-testing
<hallyn> zul: ack
<hallyn> (i'm trying to build a cross-gdb armhf->amd64...  crosstools from linaro not treating me right)
<hallyn> maybe i should ping plars
<hallyn> stgraber: any preference for the name for ppa i create for userns kernel for ubuntu-lxc?
<hallyn> should we just name it generically ppa:ubuntu-lxc/kernel, and re-use for any future lxc kernel extensions?
<stgraber> hallyn: I think kernel makes sense
<hallyn> k
<_KaszpiR_> yawn
<_KaszpiR_> ubuntu server, any vnc advised?
<dedalus> are the raring server daily iso builds functional?
<dedalus> they're really tiny, and when i tried to boot a VM off one it said no kernel modules found
<three18ti> hey guys.  I need to find an image on the file system but I don't know the name of it.  I have a copy that I can match against.
<three18ti> I thought about taking the md5 sum but that seems like there would be a lot of overhead on a production server...
<three18ti> I see imagemagick has "identify" but I'm not sure how to leverage that to find the image.
<sarnold> three18ti: if you limit it to just files with the same size..
<three18ti> ok, that might help.
<three18ti> that way I'm only md5ing a few files.
<sarnold> three18ti: yeah; something like: find /path -size 2220c   (for chars! go figure)
<three18ti> or maybe find /path -size 9.93KB
<three18ti> or I guess just K
<sarnold> three18ti: I'd be leery of trusting that. Call me crazy but I know where I stand with exact numbers of bytes. :)
<three18ti> ok, that makes sense.
<three18ti> also seems that find doesn't like the decimal.
<three18ti> thanks sarnold.
<adam_g> jamespage, just updated that glance charm MP with an alternative fix
<streulma> hello, what's more stable, use Ubuntu Server of Debian as server ?
<ScottK> It depends
<ogra> ... on how you bolt it to the ground ...
<ScottK> And if the stuff in Debian stable is new enough to have the features you need.
<streulma> hmm, yes, but htop, I can't do htop -C
<ogra> well, so you already have your answer :)
<thegoat> ok, so i have sendmail up and running, and it says mail was delivered to my mailbox successfully, but i fire up alpine, or even just mail and they say i have no mail
<thegoat> any idea where it's keeping it?
<sarnold> thegoat: first place to look is /var/spool/mail/username
<thegoat> found it....there was an id10t error on my part
<sarnold> thegoat: hehe, nice :D
<sh_t> hi everyone. im trying to get ufw working with nat masquerading but i'm getting an error "ERROR: problem running ufw-init" after following the simple instructions here https://help.ubuntu.com/12.04/serverguide/firewall.html about adding a few entries to before.rules. can anyone suggest how to go about fixing this?
<sh_t> if I remove the entries for the nat masquerading the error is gone
<jdstrand> sh_t: can you paste your before.rules files at paste.ubuntu.com (or similar)?
<sh_t> it's a stock config with those exact lines from the docs there.
<TheLordOfTime> paste them anyways?
<TheLordOfTime> s/paste/pastebin/
<jdstrand> sh_t: if you could past them, it would help
<jdstrand> s/past/paste/
<sh_t> http://paste.ubuntu.com/5571958/
<jdstrand> sh_t: you forgot to add COMMIT after the POSTROUTING rule
<sh_t> ah. the instructions didnt seem clear about that. i thought it was just saying "dont delete it from the end of the file"
<jdstrand> sh_t: you need a COMMIT for each table. in your case, *nat and *filter
<sh_t> right, i understand
<sh_t> thanks :]
 * jdstrand nods
<sh_t> interesting though thats it not underneath the *filter
<sh_t> although i guess thats at the end of the file, nvm
<tedski> sh_t: quick question... is this host on a static or dynamic ip?
<sh_t> tedski: issue is resolved
<tedski> i know
<tedski> but, i was just curious
<sh_t> it's on a static ip
<tedski> was going to offer some input unrelated to your issue
<sh_t> just rigging up an openvpn gateway
<tedski> i prefer to use SNAT over MASQUERADING for static IP hosts
<tedski> -A POSTROUTING -s 172.16.253.0/24 -o eth0 -j SNAT --to-source xx.xx.xx.xx
<tedski> where xx.xx.xx.xx is your static ip
<tedski> that's just a best-practices type thing... not related to any issue
<sh_t> ok, thanks
<tedski> np
<sliddjur> i updated /etc/pam.d/common-password:password        requisite       pam_cracklib.so retry=3 minlen=8 difok=3 dcredit=1 ucredit=1 lcredit=1 ocredit=1
<sliddjur> why doesnt new password rules work?
<sliddjur> do i need to restart some service?
<sarnold> sliddjur: I believe pam changes take effect immediately
<sliddjur> sarnold: and cracklib-check are supposed to look for the values set in common-password?
<sarnold> sliddjur: I don't know about cracklick-check -- does it have an /etc/pam.d/cracklib-check or similar entry?
<sarnold> sliddjur: .. or is just an application?
<sliddjur> sarnold: an application
<sliddjur> anyways, when setting new password for my user it doesnt seem to use my values set (minlen=8)
<sarnold> sliddjur: hrm, the pam_cracklib(8) manpage has 'required' instead of 'requisite'
<sliddjur> sarnold: doesnt seem to change behaviour
<sarnold> sliddjur: harumph :) sorry, no more ideas...
<sliddjur> sarnold: ok. thanks anyways. got to sleep :)
<sarnold> sliddjur: woo :)
<tyson_> Hi, in which machine do I have to set the ssh key??? main machine or the one i am accessing remotly?
<sarnold> tyson_: private portion on the local machine, public portion into the ~/.ssh/authorized_keys of the remote machine
<tyson_> sarnold: thank you
<bastidrazor> if i were to want nm-applet to manage my etho, would i remove 'auto etho' from /etc/interfaces?
<roaksoax> zul: how do you fix stuff like this? :) https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1134036
<uvirtbot> Launchpad bug 1134036 in maas "Package install hangs if LC_ALL is not set" [Undecided,New]
<bigjools> why would LC_ALL not be set anyway?
<roaksoax> bigjools: yeah that's why I was asking him since I never came across such thing
<bigjools> it seems to happen on a few of my server installations
<roaksoax> i do remember smoser dealing with similar bugs
<roaksoax> smoser: around?
<bigjools> oh and to fix this particular instance, LC_ALL=C didn't help, I had to set it to C.UTF-8
<bigjools> wtf!
#ubuntu-server 2013-02-28
<tyson_> Hi, how do I change the scp port??
<sarnold> tyson_: see ListenAddress in sshd_config(5) for full details
<tyson_> sarnold: thank you
<tyson_> sarnold: still failing
<sarnold> tyson_: did you restart sshd?
<sarnold> tyson_: do you need to modify firewall rules to open that other port?
<tyson_> sarnold: scp still says: por 22. connecion refused
<tyson_> sarnold: yap
<sarnold> tyson_: if your sshd is no longer listening on port 22, you'll have to tell your client what port to use to
<sarnold> too
<BTC2510> hello guys
<tyson_> sarnold: What should I have done on the config file? set the port to the one I wanted, right?
<tyson_> sarnold: scp is still doing its thing on port 22
<bastidrazor> tyson_: you need to tell scp to use a different port
<sarnold> tyson_: did you tell your scp client to use the different port?
<tyson_> sarnold: no, I do not know how to do that
<shauno> if you're going to mess with the ports, add an entry to ~/.ssh/config.  your sanity will thank you (and scp will honor it)
<tyson_> shauno: I have...
<tyson_> but somehow I still get the same error
<sarnold> tyson_: it'd be scp -P portnum user@host:/path/to/file /path/to/local/dest
<sarnold> tyson_: or, as shauno suggests, adding the funny port to your your ~/.ssh/config for that host, so you don't go nuts. :)
<tyson_> sarnold: believe it or not I was trying that for the last 10 mins... do you know what was wrong -p instead of -P...... this Case sensitive thing will surely drive me mad
<tyson_> sarnold: do you actualy know the difference and why?
<bastidrazor> tyson_: the easiest way to learn about most commands is to read the manpage for them. 'man scp'
<sarnold> tyson_: -p preserves mtimes and atimes in the copy (just like cp -p)
<tyson_> sarnold: thank you....
<tyson_> bastidrazor: thank you.....
<roaksoax> run people run...
<roaksoax> zul: is back :)
<smoser> roaksoax, i'ave seen busted lang (or even unset) cause problems other places too. maybe on postgress
<roaksoax> bigjools: ^^
<zul> roaksoax:  havent seent that before unless debootstrap wasnt setup properly
<BTC2510> was thinking,iv been a linux user a long long time ago,and i gave it up for win,soo now im planing too start ubuntu.
<BTC2510> let me hear something
<BTC2510> still as fun,as back thenÂ¨
<sarnold> BTC2510: I have more fun with Linux now than I did ~19 years ago -- the simple things are no longer baffling, and the complicated things are more .. beautiful.
<tsaavik> Without knowing what you want to do with it, and why you 'gave it up' its hard to answer your question.
<AnRkey> good day, I'm trying to set static routes to go out of a ppp0 interface. Any way to do this automatically without specifying the gw or dev options in /etc/network/interfaces ?
<jacobw> I upgraded to the version of byobu from the PPA and found that Alt+Left and Alt+Right now scroll through screens, I used to use these for Weechat and irssi, can I disable these bindings?
<Guest7673> good day, I'm trying to set static routes to go out of a ppp0 interface. Is there any way to do this automatically without specifying the gw or dev options in /etc/network/interfaces? I don't have the remote address (dynamic) to set as the gw
<Haris> Hello all
<cusion> hi, there! could any one tell me what is login passphrase?
<jpds> cusion: Log in passphrase?
<cusion> yeah
<cusion> i run ecryptfs-mount-private, it requires me to enter login passphrase
<Sander^work> http://shop.canonical.com/product_info.php?products_id=658 <-- Do anyone know if I can buy one advantage and one cloud add-on to support all guest in a virtual enviroment?
<jpds> Sander^work: I think cloud is more for openstack, etc.
<jpds> Sander^work: Have you tried contacting sales?
<Sander^work> jpds, My manager did.. But the webpage was not clear about it.. so I just wanted to double check.
<Sander^work> jpds, question is if I need the advantage support for each vm.
<Sander^work> When it comes to mysql support.. then they only count physical machines.
<qman__> Sander^work, "The add-on provides support per physical machine and for an unlimited number of virtual instances on each physical machine." - sounds pretty clear to me
<Sander^work> qman__, that was not what my manager said.
<Sander^work> qman__, after talking to sales on the phone.
<qman__> I'm not associated with canonical at all, so I can't say authoritatively, but that language pretty concisely says that it's per physical machine with unlimited instances
<Sander^work> qman__, he said I needed one support agreement for each guest.
<qman__> but I'm sure that only applies to cloud, not standard VMs
<Sander^work> qman__, ah, OK. I guess.
<qman__> big difference between the two
<hallyn> Daviey: hey - next server team conflicts with the vUDS.  should we cancel?
<ScottK> hallyn: Clearly server team is planning too far ahead.
<hallyn> ?
<ScottK> If you didn't plan meetings in advance, there'd be no conflict with pop up UDS's a week away.
<hallyn> gotcha :)
<Daviey> hallyn: yep!  good catch
<ScottK> And since the Canonical messaging on this UDS mess is that it's quite reasonable and why is everyone upset, you _must_ be wrong.
<ScottK> ;-)
<Daviey> ScottK: Great to see you embracing this.
<hallyn> roaksoax: as you're scheduled to run the next meeting, do you mind sending an email to ubuntu-server about the cancelation?
<ScottK> Embracing isn't the word I would have used.
<jpds> ScottK: Working at Canonical is like UDS every day. ;-)
<Daviey> as of late, my liver would agree with you.
<zul> oooh....thats qutoable
<ScottK> Well many of us who work for !canonical can't just drop everything.
<roaksoax> hallyn: has it been cancelled? wasnt aware of that
<roaksoax> but sure
<hallyn> roaksoax: see above :)
<ScottK> roaksoax: It wasn't before 5 minutes ago.
<Daviey> ScottK: you probably know more about the vUDS, than the majority of canonical ubuntu engineers
<ScottK> I only know what I read on the fridge.
<Daviey> ScottK: Really, next week for server is going to be more of a checkpoint discussion
<Daviey> which we have never really done well previously
<Daviey> This really does add more transparency.
<ScottK> Right.  It's still not clear what the sudden driver for a "UDS" mid cycle is.
<Daviey> ScottK: I think the real driver for it, was having open discussion and planning around the phone.
<Daviey> It wasn't driven by server :)
<hallyn> that was my impression,
<hallyn> i wasn't planning on spending the two full days on google+
<hallyn> until the next one
<Daviey> ScottK: But i am really trying to allow us to use this opportunity to give us a platform to be more open
<ScottK> I think for Kubuntu we're likely to drop specs/burndown charts completely and just use something like Trello.
<Daviey> ScottK: you must know that canonical used to have a middpoint platform rally?
<ScottK> Yes.
<zul> Daviey/jamespage: when you get a chance http://paste.ubuntu.com/5573476/
<hallyn> Trello?
<Daviey> ScottK: So think of this one for us, ike an open rally.
<Daviey> That is how i want to use it, anyway.
<ScottK> But if we're doing something different than what a UDS is for, it would be clearly to call it something different.
<hallyn> Daviey: is there going to be a schedule posted for the server bits?
<ScottK> clearly/clearer
<Daviey> hallyn: Yes. Have you not filed your sessions yet? :)
<Daviey> ScottK: I am not saying that it's what it is generally for.. It is what i am hoping WE can use it for. :)
<hallyn> cheeky
<ScottK> Right, sounds good.
<hallyn> all right, back to this build over here
<ScottK> Not that I'm available for this one, but the answer I got to my question about "How does one give a plenary talk" was highly discouraging.  It involved a bunch of Google services I've never used.  I'm not 100% I even know what they all are.
<Daviey> ScottK: Not surprisingly, i am a fan of Free software.. But i am also a pragmatist.  Google hangouts are without a doubt the best no-cost solution to this.
<Daviey> Unless a group of people want to get together to make a comparable open source suite?
<ScottK> To the extent that one is comfortable with data being shared among an unpublished list of ALL Google's services, I don't doubt it.
<Daviey> and uploading an ogv to the internet isn't sharing it with google?
<Daviey> Anyway, this discussion isn't helpful.  Unless you are volunteering to drive a comparable video conference stack.
<ScottK> That doesn't grant them any special rights with the data.
<ScottK> I've participated remotely at UDS before and it's just not that hard.
<ScottK> I think making it suck equally for everyone in the name of transparency doesn't make any sense.  I'm sure it's cheaper and that may be the real driver, but let's say that then.
<Daviey> I have aswell, it was an awful experience
<Daviey> ScottK: If it helps.. I believe we will be able to telephone people in.
<ScottK> The harder part about being remote was carving out the time when I wasn't travelling/dedicated to doing UDS.
<ScottK> So for me the technology is the least of the problem.
<Daviey> Well, last time i was remote.. i attended sessions in the bath.. Which was (thankfully) voice only.. With the addition of video.. this makes it more of a challenge.
<rbasak> If everything that happens at UDS is public anyway, what's the problem with also giving Google a copy?
<hallyn> bow chicka bow wow, Daviey
<rbasak> "Why ARM in Servers?" panel discussion live now: https://plus.google.com/102031805064483509929/posts
<zul> Daviey:  * shudder *
<alphAEcho1> ldap_bind: Invalid credentials (49)
<alphAEcho1> what does that error mean?
<alphAEcho1> i am using ldapadd -x -D cn=admin,dc=something,dc=com -W -f add_content.ldif
<alphAEcho1> and the file add_content.ldif i created myself reading https://help.ubuntu.com/12.10/serverguide/openldap-server.html
<alphAEcho1> section Modifying/Populating your Database
<alphAEcho1> anyone that knows anything?
<detrix42> Hello everyone who are at their keyboard.  I just set up ubuntu server a few days ago.  Now setting up email server.  I went with postfix and alpine, but I need to know how to create/set the tls certificate.  Thanks for any help.
<jcastro> hey ScottK, lmk if you guys switch to Trello
<jcastro> I'm like, loving every minute of it.
<jcastro> I use it as my day to day burndown chart
<ScottK> We're looking into it.
<gucki> any quagga guru here? :()
<bkotewall> I have an ubuntu openstack question...  Authentication for swift seems to work sometimes, and sometimes it doesn't work, when I turn on memcache auth token caching on the swift proxy processes.  When I turn off memcache in swift proxy for the auth tokens, it works everytime
<rbasak> !anyone | gucki
<ubottu> gucki: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<bkotewall> has anyone else encountered this issue before?  I'm also looking around on google
<gucki> rbasak: sorry, dont get the point of this text ;)
<gucki> i try to add an vlan interface using vtysh. configure works fine, and i can see the config using "sh run", but it's actually not active on the host? :(
<saki`> sooooo...
<saki`> i want to setup icecast on a server
<saki`> for web radio
<saki`> anyone have any experience with that?
<kuups> Hey everybody, this may be a bit of a stupid question, but I can't seem to get the sources for the 2.6.32-042stab064.3 kernel installed.
<ikonia> kuups: it's a kernel your VPS provider has made
<ikonia> kuups: thats because it's not an ubuntu kernel
<resno> iptables or csf?
<ikonia> kuups: your ubuntu install is not a complete ubuntu install, it's a bastardized version your VPS provider has made
<kuups> so I should take it up with my VPS provider?
<ikonia> yes
<resno> kuups: what kinda vps?
<kuups> resno: what do you mean what kind?
<resno> openvz or xen?
<resno> if its openvz, you can install another kernel.
<resno> cant*
<resno> its a limitation on how openvz runs.
<kuups> I think it's openvz, but it's not exactly specified
<ikonia> kuups: just talk to your hosting provider
<resno> but yall talk to them
<ikonia> kuups: you'll find that a more practical approach
<resno> then heresay
<resno> how goes it ikonia
<ikonia> fine
<zul> yolanda/jamespage: https://code.launchpad.net/~zulcss/nova/nova-cleanup/+merge/151057
<yolanda> zul, do you think that we could backport "officially" wsme, webob and pecan to precise?
<zul> yolanda: yeah i can do it this afternoon
<zul> wsme is not in the archvie though
<zul> Daviey:  ^^^
<yolanda> is that still on my branch?
<zul> yolanda:  uploaded but still stuck in binary new
<yolanda> zul, i found some new deps for wsme and i had to comment tests in order to build that for precise
<yolanda> not sure if it's giving that problems on raring
<zul> yolanda: ok well one step at a time
<yolanda> zul, installing ceilometer on precise gives that error:
<yolanda> Unpacking python-ceilometer (from .../python-ceilometer_2013.1.a336.g9335d81+git201302212101~precise-0ubuntu1_all.deb) ...
<yolanda> dpkg: error processing /var/cache/apt/archives/python-ceilometer_2013.1.a336.g9335d81+git201302212101~precise-0ubuntu1_all.deb (--unpack):
<yolanda>  trying to overwrite '/usr/share/pyshared/tests/__init__.py', which is also in package python-boto 2.2.2-0ubuntu2
<yolanda> any idea about that?
<zul> yolanda:  not yet ill have a look this afternoon
<yolanda> oh https://bugs.launchpad.net/ceilometer/+bug/1102110
<uvirtbot> Launchpad bug 1102110 in ceilometer "Grizzly testing packages : python-ceilometer installation fails" [Undecided,In progress]
<Goranek_> hi guys, whats the pythonic way of naming exceptions?
<Goranek_> an example, my module is named "Life"
<Goranek_> Exception LifeUserUnknown or just UserUnknown
<Goranek_> ?
<Goranek_> or Life_UserUnknown or User_Unknown
<hallyn> Daviey: discussions on the list, and ScottK's comments earlier, do make me wonder - hwo will rolling release affect blueprints?
<hallyn> not asking for an answer, but just wondering - has it been discussed?
<hallyn> i'd be happy with getting per-LTS blueprints (for things like 'user namespace support inlxc') with per-monthly lower-overhead-not-quite-buleprints bits for short work items
<Daviey> hallyn: I don't think it impacts blueprints too much, really
<Daviey> we have set the goal for 13.04 release.. right?
<hallyn> Daviey: dunno what that means.  i just don't want to do allthe bluepritn overhead every month
<Daviey> Oh!
<Daviey> hallyn: How do you feel about rolling blueprints? :)
<Daviey> one blueprint to handle namespacing, that spans multiple months?
<hallyn> Daviey: right, that's what i was hoping for (and meant with lts blueprints)
<Koheleth> any problems with this postfix update?
<Koheleth> let me rephrase, has anyone recently updated the recent postfix update on ubuntu server and had any problems
<sarnold> Koheleth: are you _seeing_ problems?
<Koheleth> sarnold its just that the last time I found that mail could not be sent and postfix where as helpful as a bag of nails
<Koheleth> just thyought someone on here must have taken the plunge
<Koheleth> does anyone run a ubuntu server here ;)
<holstein> Koheleth: its all ubuntu, and i run a few.. i just dont have any comments on what you are asking
<Koheleth> you not use postfix
<holstein> Koheleth: correct.. i do not use postfix
<Koheleth> thanks
<holstein> Koheleth: i do run ubuntuserver
<Koheleth> ok, but my first question sort of gives it away, thanks, narrowed 1 user down :)
<holstein> Koheleth: sure, and thats why i didnt comment... but if you are wondering why, since you are not getting answers, if the channel/community is dead, its not.. you can ask in #ubuntu as well,, or the forum/mailing lists
<Koheleth> sure, thanks
<Koheleth> different time zones and planets as well
<zul> adam_g: https://code.launchpad.net/~zulcss/glance/deps-refresh/+merge/151072
<zul> adam_g: https://code.launchpad.net/~zulcss/ceilometer/deps-refresh/+merge/151073
<SynSynWork> Anyone have any experience using TPM to handle full-disk-encryption (and boot security) on Ubuntu Server?  I'd like to tie the decryption key to the specific hardware as well as decrypt using the key stored in TPM.
<SynSynWork> No TPM suggestions?
<holstein> SynSynWork: apparently not from any of the volunteers right now.. try #ubuntu or the mailing list or the forum.. cheers!
<sarnold> SynSynWork: I recall reading recently that e.g. Lenovo uses a key in TPM for ata storage locking...
<sarnold> SynSynWork: .. I've not read of OS-level uses, but try googling "trousers" if you're at a complete loss of how to get there. (I don't know for certain that they're involved, but .. maybe they are? :)
<SynSynWork> holstein, Yeah, I tossed the same message out in #ubuntu
<SynSynWork> sarnold, Yeah, I've been looking into Trousers specifically.
<SynSynWork> sarnold, I have a TPM board and Trousers supposedly can handle the key writing, etc.
<SynSynWork> sarnold, But that doesn't really help get the OS installed in a manner that will attempt to read said key from TPM.
<SynSynWork> So, I'm assuming there is an additional step.
<sarnold> SynSynWork: darn, then I'm not saying anything new for you :)
<sarnold> SynSynWork: please do report back what you discover, if you've got the time/inclination.
<SynSynWork> sarnold, Sure thing.  And yeah, I was seeing some rumors of DM-Crypt and LuKS supporting TPM, so I was hoping there was some magic easy button.
<SynSynWork> sarnold, The _good_ news is Trousers supposedly can handle key storage, de/encryption with key, and data-sealing (which can be used to make it hardware specific.  But like I said, there is still the matter of getting the boot process to read and use that key.  I saw some vague references to building a new initrd - so that might be the solution.  But there is just so little information.
<sarnold> SynSynWork: i recall last time I looked into it being a bit dissapointed at how fragmented it all felt
<sarnold> SynSynWork: trousers people got the chip going, LUKS people had a nice key storage format thingy, dm had good layering of block-level encryption, and all groups felt their work was done. hehe.
<SynSynWork> sarnold, Agreed, too many camps working on their own projects in their on their own little islands.
<Praxi> so I have an adaptec controller thats just software raid.  I have 4 1TB drives that I would like to combine space on and maybe have some redundancy fault tolerance.  Ubuntu server 12.04 doesn't pick up the drives as a raid, but does see them all individually.  I dont have the option of buying any more hardware.  Should I be looking at ubuntu servers software raid?
<Praxi> https://help.ubuntu.com/12.04/serverguide/advanced-installation.html  <--specifically I'm reading that.
<sarnold> Praxi: many people prefer software raid setups, because a dead controller card doesn't take the array with it -- it can be rebuilt on other systems
<Praxi> ! ok then hehe.  Figured I would get a bunch of flack for it
<ubottu> Praxi: I am only a bot, please don't think I'm intelligent :)
<Praxi> lol oops
<sarnold> haha, silly bot.
<Praxi> the ubuntu server is already built and running, just nothing done with the extra drives.  Should I just be rerunning the partition manager and building a raid in there?
<Praxi> when looking at that previous link I posted, it doesn't say where to start, I assume parted?
<SynSynWork> sarnold, Going back through my notes, when I researched this last time, I came across this (had forgotten about it, glad I took notes) - https://www.tpmcrypt.org/trac Figured you'd might find it interesting.
<sarnold> SynSynWork: thanks :D
<SynSynWork> sarnold, No problem.  Only downfall is the last update was 14m ago, and its only Alpha.  I'm assuming it is dead in the water.
<sarnold> SynSynWork: oh :/ that seems like a plausible conclusion :(
<SynSynWork> sarnold, But it does go through the whole process, cryptsetup+trousers, etc.  https://www.tpmcrypt.org/trac/wiki/TpmCryptInstall  So might be worth a test or two.
<sarnold> hehe, "revision 44", not a good sign :) https://www.tpmcrypt.org/svn/tpmcrypt/
<sarnold> SynSynWork: hum. Those directions look significantly better than the state of their svn might suggest. It might be further along than I suspected. :)
<SynSynWork> sarnold, Yeah, it looks like _parts_ of it work.  And it might just be the parts we need/want.
<lwizardl> hello
<lwizardl> I was wondering if there was a way to have emails sent everytime a user logons to the system?
<tsaavik> lwizardl: yes, but you probably want to look into setting up a centralized syslog server instead
<lwizardl> tsaavik, yeah I was looking into that on linux journal. but I was looking at that as an option.
<tsaavik> You could fool around with /etc/profile.d but really, your just going to run into issues, and you have the annoyance or worrying about wheter the server is configured for mail properly
<lwizardl> tsaavik, true. I was just looking for more options that I could use.
<sliddjur> I need some help using cracklib. i installed libpam-cracklib. now my /etc/pam.d/common-password updated and I can see the cracklib module. but its not using my new password rules.
<Fra_ButBut_> Hello all
<Fra_ButBut_> Is there nobody ?
<holstein> Fra_ButBut_: sure.. just ask
<sliddjur> he just wanted to ask why my cracklib isnt working
<Fra_ButBut_> Ah fine, i am french sorry for my english  i work for ameliorate her by irc
<Fra_ButBut_> I am in my mobile for write Is not easy
<holstein> !fr
<ubottu> Nous sommes dÃ©solÃ©s, mais ce canal est en anglais uniquement. Si vous avez besoin d'aide ou voulez discuter en franÃ§ais, veuillez taper /join #ubuntu-fr ou /join #ubuntu-qc. Merci.
<Fra_ButBut_> Re in my mobile irc buh
<Fra_ButBut_> Bug
<Fra_ButBut_> Olala
<holstein> !fr | Fra_ButBut_ try the french channel
<ubottu> Fra_ButBut_ try the french channel: Nous sommes dÃ©solÃ©s, mais ce canal est en anglais uniquement. Si vous avez besoin d'aide ou voulez discuter en franÃ§ais, veuillez taper /join #ubuntu-fr ou /join #ubuntu-qc. Merci.
<Fra_ButBut_> Thanks but Is for work my english
<holstein> !ot | Fra_ButBut_ then try this for chat
<ubottu> Fra_ButBut_ then try this for chat: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<Fra_ButBut_> OK Thanks, Goodbye ;)
<jcastro> smoser: I think achiang's response on -devel can handle the use case you were talking about during lunch
<med_> best ircd?
<med_> I don't see one in the charm store.
<med_> (lots of irc clients)
#ubuntu-server 2013-03-01
<roasted> hello friends
<eltigre> hey, I am having big trouble with postgres on a remote ubuntu 10.04 vm
<eltigre> basically postgres doesn't start no matter what I do
<someguy> Anyone have experience with rails and ubuntu production servers here?
<someguy> I'm trying to figure out how to get into my rails console
<someguy> #rubyonrails
<amarcolino> Hi I am trying to create a minimal server install, however, I am in doubt because I've looked at the mini.iso install and while it is small in size apparently it will be the same as installing from the server iso on it pulls the applications online. Just wondering if this is true, I would like to build the server myself and only have the bare requirements to run the system as well as setup lvm on install.
<melmoth> i think you are right, the mini iso is just enough to start the install, then the installer fetch what it needs from remote repo
<rbasak> amarcolino: use whichever installer you prefer. Just don't select any tasks. That will give you a minimal install. There's an option (a function key) in the boot menu that'll make this the default IIRC.
<rbasak> The difference between mini and normal is just in what's already on the media rather than needing to be downloaded. You still choose what you want installed in the installer itself in both cases.
<amarcolino> melmoth, rbasak, thanks if that is the case I will use the sever iso, I would have thought the mini iso would've been slower considering it pulls the applications online compared to the server iso, hmmm...
<rbasak> amarcolino: yes that makes sense. Optical media seeks are slow though. Depends on your connection :)
<amarcolino> rbasak, Ok, I get it, thanks for the info going to continue figuring out how I am going to setup the whole thing before I install it
<rbasak> Technically there are three "tasks" - minimal, standard and server. I can't remember which combination the installer lets you pick. I think minimal and standard are always installed. But you'll want standard - minimal is only good for installing other things and is pretty useless on its own
<amarcolino> huh?
<amarcolino> I havent checked yet but will, this is going to be a basic server for storage, web development and virtualization using headless vbox. There are still a lot of things I need to think about, what I want is a clean system that I can slowly build upon
<amarcolino> The hardware is quite old, maybe eight years old, 4GB ram, 1TB HD x2, but still works so I thought no point having it in a corner not doing anything
<rbasak> Tasks are sets of packages you can pick from the installer (and later) to be installed. Packages are the basic component of what is picked to be installed. The system is unusable without the minimal task. The minimal task is only really good for installing other packages. The standard task is the set of packages which give you a normally functioning Unix. The server task gives you additional packages which you'd expect to have on a server. You're
<rbasak> probably best off starting by asking the installer for a "Basic Ubuntu server" which gives you those three, and starting from there.
<amarcolino> Awww, okidoki, will do that when the time comes
<zul> jamespage: just about to upload oslo-config_2013.1~b4
<jamespage> zul, not renaming right?
<zul> nope
<zul> jamespage: http://pastebin.ubuntu.com/5576333/
<jamespage> okies
<caribou> zul: If I need to get a folsom pkg in the cloud archive fixed, what is the process ? where do I get the source pkg ?
<caribou> zul: as I understand it, there is no SRU for cloud-archive packages
<zul> caribou:  you submit a merge proposal for lp:~openstack-ubuntu-testing/nova/grizzly
<caribou> zul: very minor fix : a dependancy issue
<caribou> zul: I think it's already fixed in grizzly, lemme check
<zul> caribou: if you are talking about novnc it probably is
<caribou> zul: yep, that's the one
<zul> caribou:  i think its already fixed in grizzly give it a shot
<caribou> zul: just need the Suggests:novnc to be made a Depends:
<caribou> zul: then if it's fixed in grizzly, is there a process to get it retrofitted in Folsom ?
<wilmaaaah> hi, i can't make use of acpi on my 12.04 server. do i need to comple my own kernel? or can that be done by adding a module?
<zul> caribou:  which bug is this again?
<histo> wilmaaaah: power management is built into kernel now.
<wilmaaaah> my main problem seems to be that i can't get the cpu temperature
<wilmaaaah> can't find it under /proc
<jamespage> zul, tarballs.openstack.org is obsolete right?
<caribou> zul: https://bugs.launchpad.net/nova/+bug/1066845
<uvirtbot> Launchpad bug 1066845 in nova "nova-novncproxy is not running; Suggest: novnc should be Depends" [Low,Fix released]
<zul> jamespage:  for most opentack projects it is
<zul> caribou: ill see what i can do
<caribou> zul: thanks
<wilmaaaah> oh, i found lm-sensors. will try that
<caribou> zul: when installing with --install-suggests, it works fine btw
<zul> caribou: goody :)
<jamespage> zul, when you get a chance please can you review the fix-watch-file MP's for all core projects at https://code.launchpad.net/~openstack-ubuntu-testing/+activereviews
<zul> jamespage:  done
<jamespage> zul: ta
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-fix-pep8/+merge/151265
<yolanda> zul, why is that patch in ChanceScheduler?
<zul> yolanda:  because pep8 tests are failing
<jamespage> zul, +1
<zul> jamespage:  k thanks
<zul> jamespage:  i sent that upstream so we can drop this patch once it gets accepted
<zul> yolanda: is there a bug for the boto and ceilometer conflict?
<yolanda> zul, i saw that bug yesterday, let me check
<yolanda> https://bugs.launchpad.net/ceilometer/+bug/1102110
<uvirtbot> Launchpad bug 1102110 in ceilometer "Grizzly testing packages : python-ceilometer installation fails" [Undecided,In progress]
<plars> hallyn: hi
<plars> hallyn: regarding https://code.launchpad.net/~serge-hallyn/ubuntu-test-cases/server-lxc2/+merge/150491
<plars> hallyn: I was hoping that someone else from the server team would be reviewing it, but I'm sort of inclined to just accept it now that it's in the ubuntu-test-cases branch
<plars> hallyn: hallyn unless you see a problem with it, the test is broken today, so at least this would allow us to easily see if it gets us past the existing problem
<pr3d4t0r> Greetings./
<pr3d4t0r> Q. When logging on to Ubuntu Server we're getting the "*** System restart required ***" message -- is there a log that shows why, or which .deb component required the restart?  It's getting pretty annoying how often this comes up.  These are production servers -- we don't want to bounce them so often without a good reason.  Thanks in advance.
<Jare> pr3d4t0r: cat /var/run/reboot-required.pkgs
<pr3d4t0r> Jare: Heh - thanks.  I found it at the same time that you replied, thanks.
<pr3d4t0r> Jare: I see the package -- is there (in the system) a log of the reason why that package requires the restart?
<pr3d4t0r> Jare: I can probably look at the commit or publication log for the package in Debian or Ubuntu's web sites.  Just curious to see if that change log can be viewed in the system (since this affects multiple boxes on the EC2 cloud and Chef handles provisioning/updates).
<hallyn> plars: I agree, as I've told psivaa before
<hallyn> plars: i coudl see value in stgraber reviewing it, but for anyone on server team it would be a waste of their time imo
<hallyn> plars: please just merge it and we'll proceed from there
<hallyn> plars: hm, i guess the one person who wouldn't be wasting their time might be jamespage
<stgraber> hallyn: looking
<hallyn> stgraber: thanks
<stgraber> hallyn: ah, I should be able to save you a few minutes in those tests
<stgraber> hallyn: I just noticed that the API test script doesn't need to be a .in anymore
<hallyn> stgraber: oh since when?  it ws only a week or two ago it definately ahd to be :)
<hallyn> stgraber: but, cool
<stgraber> hallyn: not in staging yet, finishing the change here ;)
<hallyn> stgraber: cool
<Jare> pr3d4t0r: iirc the reboot-required is just an on/off switch, but you might get some info by viewing the pkg changelog "apt-get changelog pkg-name"
<zastern> Is there a way to tell if a process is bumping up against its open file handles limit?
<RoyK> why would libssl require a reboot?
<stgraber> hallyn: sent the change upstream and commented in the MP
<stgraber> RoyK: libssl itself doesn't, but it's the safest way to ensure that everything which uses it has been restarted
<pr3d4t0r> Jare: Coolio - thanks!
<RoyK> stgraber: that's what I mean - all I'd need to do is restart apache (if using ssl), mysql (if using ssl), postgresql (if using ssl) and ssh
<stgraber> RoyK: yes
<RoyK> but then, there's a new kernel waiting, so I guess it won't hurt ;)
<hallyn> stgraber: sigh, i would have preferred the MP not hang on that, but thanks.
<stgraber> hallyn: the lxc change should be quite easy to review (unless git has been stupid and shows a silly long diff, not sure) so we can have that in staging in the next few minutes
<hallyn> plars: as you say the tests are broken, so ideally i'd like you to take the MP as is, and open a new bug with stgraber's comments, which are all good but none urgent
<hallyn> plars: (and assign the new bug to me)
<hallyn> stgraber: looking
<stgraber> hallyn: the policy-rc.d/lxc init job stuff is trivial to fix so I guess you can do that in a minute or so (just dump 'echo manual > /etc/init/lxc.conf' and drop most of the code ;)). pep8/pyflakes may take longer and is fine to postpone
<stgraber> hallyn: however I'm really good at doing pep8/pyflakes fixes, so I can do it for you ;)
<hallyn> stgraber: i'd prefer to test before pushing though :)
<hallyn> and that takes awhile in utah
<hallyn> what i have now works
<hallyn> don't see your email yet, hmm
<hallyn> oh, but i see you fixed the manpage?  cool :)
<stgraber> hallyn: the manpage looks good on my machine, so I guess someone fixed it upstream
<stgraber> hallyn: oh wow, 946 pep8 warnings in the server test branch ;) I'll send a MP to fix those in a few minutes but that'll be unrelated to your own MP
<hallyn> stgraber: lol, i of course would prefer it to be not unrelated to but on top of my MP :)
<stgraber> hallyn: well, most of the fixes will be for scripts outside of the lxc ones (I scanned the whole server branch)
 * hallyn finishes lxc-attach first, rather than allowing high prio test breaks to turn low prio cleanup sinto high prio blockers
<hallyn> stgraber: just run 'dep8' ?
<hallyn> never used it, will play with it
<stgraber> hallyn: yep
<stgraber> hallyn: *pep8
<stgraber> hallyn: PEP-8 is the Python Enhancement Proposal 8 which barry and a few others worked on. It's the python coding guidelines and the command line tool will complain for anything that doesn't match the upstream guidelines
<hallyn> right, mistyped :)
<hallyn> jjohansen: is there a max length on apparmor profile names?
<zul> yolanda:  patch coming for the tests stuff
<yolanda> zul , submitted to openstack, or patched in the package?
<zul> yolanda: both
<yolanda> good news!
<yolanda> about ceilometer, it's still giving some troubles with tests, and with the requests<1.0 issue
<yolanda> they patched the test of components but still ceilometer is pointing to <1.0
<hallyn> nm, i'll read it the long way
<jjohansen> hallyn: hrmmm, I think the compiler uses a fixed sized buffer of PATH_MAX
<zul> yolanda:   http://paste.ubuntu.com/5576734/
<hallyn> jjohansen: but that's not enforced int he kernel, but the userspace tools?
<jjohansen> hallyn: yes
<jjohansen> hallyn: kernel side, there is a max path lookup buffer control
<yolanda> zul, great
<hallyn> jjohansen: ok, thanks - i was trying to decide whether https://github.com/hallyn/lxc/commit/cceb4f2fecb423ddeda8f3592bad17ce59b74f1b was worth it
<jjohansen> hallyn: /sys/module/apparmor/parameters/path_max
<yolanda> but the right way should be that tests directory is correcty set?
<hallyn> jjohansen: oh, cool.
<hallyn> well, that's big enough that it's prolly worht it.  (btw don't look too closely, i just typed it out, haven't doublechecked for idiotic mistakes :)
<hallyn> jjohansen: thanks, ttyl
<jjohansen> hallyn: oh hrmm, the library might have a max too, and I am pretty sure that getprocattr is limited to an entry of 1 PAGE
<jjohansen> I'd have to double check
<hallyn> jjohansen: it's ok, i'll just leave it like this, future proof too
<zul> yolanda: there is a bunch of fixes needed for the ceilometer package wants we get the fixes in then ill start uploading it to raring and the CA
<yolanda> zul, fixes in the package?
<yolanda> or in the code?
<zul> both
<yolanda> do you want me to make some fixes in the package? what problems are we having?
<stgraber> hallyn: wow, that branch contains a lot of copy/paste stuff, I ended up mostly doing recursive sed to fix those ;)
<yolanda> normally i find the problems with dependencies, the requests one, and that i have to skip the tests in order to build it
<stgraber> hallyn: down to just 276 warnings to fix now
<hallyn> i'm pretty sure all those tests were converted from other suites over to utah, so yeah, i'd expect cut/paste in that process
<hallyn> stgraber: uh, still not seeing your commit on lxc-devel
<stgraber> hallyn: forwarded
<hallyn> stgraber: thanks.  acked.  imap has been treating me badly since last night, so not sure if it got deleted there, or if it got held up at the list.
<paco1> hello masters!
<paco1> how to see the options in a package?
<paco1> thanks very much
<sarnold> paco1: "options in a package"?
<stgraber> hallyn: https://code.launchpad.net/~stgraber/ubuntu-test-cases/fix-pep8-pyflakes/+merge/151300
<stgraber> hallyn: who should I subscribe to have this reviewed/merged? Ideally it should be done ASAP before the scripts I fixed start changing.
<paco1> yes, for example, openldap come with a full of options if i install it by source
<hallyn> stgraber: either jamespage or plars i think
<paco1> how to know the options come with the package installation?
<hallyn> stgraber: jamespage did most of the original work
<hallyn> so he should be able to review quickly
<plars> stgraber: does it conflict with hallyn's earlier one, or depend on it?
<hallyn> this attach apparmor profile change thing is turning into a disaster
<plars> hallyn: also, if you could delete https://code.launchpad.net/~serge-hallyn/ubuntu-test-cases/server-lxc-fixapi whenever you get a moment, I think it's superceded by the other right?
<hallyn> plars: yes it is
<hallyn> deleted
<plars> stgraber, hallyn: they appear to conflict a bit in 2 files
<stgraber> plars: yeah, I'd expect them to conflict slightly on the two lxc python files
<stgraber> plars: did you already merge hallyn's branch? if so, I'll re-submit based on the updated master branch
<plars> stgraber: I was about to
<plars> stgraber: do you mind if I push it and have you rebase it on that?
<stgraber> plars: nope, go ahead.
<plars> oh
<plars> I can't push
<zul> yolanda:  still around?
<plars> hallyn: I think you're going to have to push it
<plars> hallyn: or someone from ubuntu-server-developers team
<hallyn> plars: I'm not allowed to push to that ...
<hallyn> wait waht?
<hallyn> i am!  sorry!
<hallyn> pushed
<plars> :)
<hallyn> sorry for wasting your time
<zul> adam_g:  https://code.launchpad.net/~zulcss/ceilometer/deps-refresh/+merge/151073 and https://code.launchpad.net/~zulcss/ceilometer/boto-conflict/+merge/151304
 * hallyn out - biab
<hallyn> woohoo, figured out my thinko, attach with apparmor working.  now to clean that up
<hallyn> stgraber: shout when it's ported and i'll push?
<hallyn> (lp:~stgraber/ubuntu-test-cases/fix-pep8-pyflakes)
<hallyn> (now, biab)
<yolanda> zul, here
<zul> yolanda: https://code.launchpad.net/~zulcss/ceilometer/boto-conflict/+merge/151304
<yolanda> done
<stgraber> hallyn, plars: https://code.launchpad.net/~stgraber/ubuntu-test-cases/fix-pep8-pyflakes/+merge/151300 updated
<plars> stgraber: thanks
<hallyn> stgraber: pushed, thanks
<becom33> I'm having error installing couple of libs http://pastebin.com/rGfEjL69 help please
 * becom33 anyone ?
<sarnold> becom33: hunh, that's odd, where is 2.7.5.dfsg-1ubuntu1 coming from?
<becom33> I have no idea
<becom33> I installed ubuntu server and did a apt-get update
<becom33> after thats I started to get that error
<sarnold> 2.6.31.dfsg-2ubuntu1.11 at least makes some sense, that is the newest version in 8.04 lts..
<becom33> :/ what am i suppose to do now ?
<sarnold> becom33: check your APT sources lists to see if you've got inconsistent deb lines -- say, updates or security from a different release
<becom33> I'm not suer
<becom33> sure *
<becom33> :/ Im just gonna install again and see
<sarnold> becom33: re-run "apt-get update" and then try again..
<zul> adam_g: ceilometer doesnt use python-setuptools-git
<adam_g> zul, then it should be dropped from d/control all together?
<zul> adam_g: yep
<becom33> sarnold, now I'm having this error http://pastebin.com/8CYjhuzY
<becom33> I did a apt-get update
<sarnold> becom33: o_O that .. is confusing.
<becom33> maybe my source is outdated ?
<zul> adam_g: https://code.launchpad.net/~zulcss/ceilometer/deps-refresh/+merge/151309
<becom33> sarnold,
<sarnold> becom33: sorry, that one doesn't make any sense to me :)
<hallyn> stgraber: jjohansen: so when you lxc-start a container, it joines a restricted apparmor profile.  when you lxc-attach it, by efault, we want to join that same profile.  my question,
<hallyn> if we say 'lxc-attach -e' (meaning 'dont' drop privileges), do we want to nto switch apparmor profiles?
<hallyn> i think we do anyway,
<hallyn> since otherwise we're subjecting the host to things running in the container, but the smae could be argued for -e in general
<hallyn> i'm going to for nwo have it always switch profiles, and if someone complains we can maybe add a new option, with even bigger warning
<jjohansen> hallyn: hrmmm, thats tough I guess I would error towards the more restrictive (so switch profiles), because if you decide your wrong its easier to loosen than tighten
<hallyn> jjohansen: yeah, agreed, thanks.  mind you as it is -e will also avoid c group restrictions,w hich is also a big deal...  but we can add it later
<adam_g> zul, python-sqlachemy  (<= 0.7.9) | python-sqlalchemy (<< 0.6.3-2), ?
<zul> adam_g: doh ill fix that
<zul> adam_g: http://paste.ubuntu.com/5577222/
<adam_g> zul, also, why are python-{glance, swift, nova} needed? requiring those installs the entire codebase for each
<stgraber> hallyn: always switch sounds good
<zul> adam_g: because thats the way that ceilometer works afaik
<adam_g> oh, ok
<stgraber> hallyn: I suppose we could extend -e to take arguments in the future, so you can do -e cgroup,apparmor to have it only drop capabilities but keep the new processes out of cgroup and apparmor restrictions
<zul> adam_g: actually it should be ok with python-glanceclient now
<zul> so ill remove those as well
<zul> adam_g: can you check one more time?
<hallyn> stgraber: sounds good.  won't even mention it until someone asks for it.
<hallyn> :)
<adam_g> zul, the MP is gone?
<zul> adam_g: deleted it and started over
<zul> hold on
<zul> adam_g: https://code.launchpad.net/~zulcss/ceilometer/deps-refresh/+merge/151309
<stgraber> hallyn: we'll just need to keep it in minde when implementing attach() in the API so that at least the API call does it right, then it'll just be a matter of rebasing lxc_attach.c on the API
<adam_g> zul, is python-{nova, glance, swift, etc} needed or just the clients? im grepping thru the ceilometer src now and it looks like it needs the actual server code
<zul> adam_g: tools/pip-requires says it needs the clients
<adam_g> zul, hmm
<zul> adam_g:  im going to wait til monday for this
<adam_g> k
<hallyn> stgraber: did you have any pending patches for raring's lxc package?
<hallyn> i'd like to push the attach-apparmor patch on monday (pending/addressing feedback from the list)
<stgraber> hallyn: hmm, let me see what we pushed to staging since 0.9~alpha3 that I would like to see in Ubuntu before rc1 is released (in less than two weeks)
<stgraber> hallyn: nah, I can wait two weeks to get the rest in ;) It's not like I actually use the packages in raring anyway.
<hallyn> stgraber: is there a feature freeze to worry about after that rc1?
<stgraber> hallyn: yep, rc1 is the last milestone before 0.9 is out, so while I don't think we'll freeze entirely, I certainly plan for rc1 to be as close to final as possible and release 0.9 2-3 weeks after rc1 is out
<stgraber> hallyn: saw my "On the road to rc1" e-mail?
<hallyn> stgraber: i meant 13.04 ff
<stgraber> hallyn: ah, that, well, it depends on whether we'll have a 13.04 release ;)
<hallyn> i feel 0 urgency regarding staging tree :)
<hallyn> right...
<hallyn> limbo
<hallyn> all right i'll just carry on
<stgraber> hallyn: in any case, I'm perfectly happy to put my release team hat on and give a FFe for 0.9 final
<hallyn> stgraber: ok then i'll aim my patches at staging and not package for now :)
<stgraber> hallyn: if we end up releasing 13.04, I'd like to see us release with a stable version of lxc ;)
<stgraber> and ideally not have hundreds of patches on top of it this time around :P
<hallyn> part of that is saying no to features :)
<hallyn> but, agreed
<hallyn> haha, that one is fixed upstream (an dnow in pkg) too.  nice.  thanks Dwight
<hallyn> which means i can look at cgroups patch.  nice
<hallyn> stgraber: your patch JUST made it through lxc-devel
<hallyn> list seems tob e way behind.  not good
<stgraber> hallyn: ok, that explains why I haven't seen yours yet...
<hallyn> stgraber: ok - i intend to send a new, complete cgroup patch late tonight.  (gonna go enjoy sunshine for a few mins right now and get back to it later)
<stgraber> hallyn: sunshine? what's that? (been grey here for the past few weeks) :)
<elementz> hi, i am in the process of installing an ubuntu image to a VPS host system, which comes with a single core, and 512 mb of ram. Now I have the option to install ubuntu 12.10 either in the 32 or 64 bit version. i understand that the 64 bit version would give me an advantage when using a multicore cpu, but what about my special use case? would i gain any advantage when installing a 64bit os?
<hallyn> stgraber: lxc-ls, in python, going through c api, is a bear to debug :)
<stgraber> hallyn: ;) what's the bug you're looking at?
<hallyn> stgraber: one i seem to have introduced with my cgroup stuff.  lxc-ls hangs on Container.__init__
<hallyn> i've got a hunch what it is, just not sure where.  (i think i'm calling to the monitor from the monitor itself, or somesuch)
<hallyn> hm, maybe i can remote gdb attach once it's running
<stgraber> hallyn: gdb -p should work but won't necessarily be that useful
<hallyn> it only does it wwith --fancy
<stgraber> hallyn: right, without --fancy it doesn't create Container objects
<hallyn> oooh.  no, it's simpler.  i'm not dropping a semlock
<DawLi> Hi, We are a small team developing a web designer software [open source], and we would like to know more about how to get funding for the project within the open source community.
<hallyn> right, i didn't think it woudl be very helpful :)
<hallyn> but it does confirm i'm in sem_wait.  boggle.
<stgraber> hallyn: FWIW, if it hangs in Container.__init__ it's either because of lxc_container_new or get_keys as those are the only two C API calls done by it
<hallyn> stgraber: yeah pdb had pointed me at that.  seems to be at ContainerNetworkNew().
<stgraber> right, ContainerNetworkNew parses get_keys to create the network objects
<hallyn> but pdb really didn't seem helpful for stepping/pinpointing/getting stacktrace
<hallyn> well no, the weird thing was it tended to show
<hallyn>         self.network = ContainerNetworkList(self)
<hallyn> but that __init_ doesn't actually walk the keys
<hallyn> 'what have i done'
<hallyn> drat.  thought i had a unity bug, but i guess i'ts really just another effing nvidia bug
<stgraber> hallyn: hmm, yeah, pdb isn't terribly useful when half the calls are done through a C binding ;)
<hallyn> aaaand, laptop shut off.  hal^Wunity trying to stop me reporting a bug against it, no doubt
<stgraber> hallyn: your apparmor patch just made it to the list ;) reviewing now
<hallyn> woot
<stgraber> yeah, that took a while ;)
<stgraber> hallyn: apparmor patch pushed to staging (sourceforge will tell you that in a day or so I guess ;))
<hallyn> stgraber: great, thanks
<hallyn> stgraber: haha, see, ubuntu is too quiet.  it wasn't telling me that lxc-ls was ending ina  segfault the first tim ei run it (leaving semaphores locked) until i deleted the semaphores and ran under strace.
<stgraber> hallyn: is it just me or sourceforge was actually fast this time around? I just got a copy of the e-mail I sent your 10min ago.
<hallyn> stgraber: let's hope they'v efixed their issue
<hallyn> stgraber: interesting - c.get_ips() works fine until i do c.state(), then c.get_ips() segfaults.
<stgraber> hallyn: get_ips() segfaults?? that's weird because it's not supposed to do any C call
<stgraber> hallyn: only C calls get_ips() does is check access the container name and running properties
<hallyn> anyway stgraber and - it's on container which arenot running
<stgraber> hallyn: however, it's calling lxc-attach to grab the IP information, so maybe there's something going quite wrong when using the API + calling lxc-attach?
<stgraber> oh, well, if the container isn't running, then the only thing it does is access the running property
<stgraber> hallyn: that's calling ->is_running(c)
<hallyn> stgraber: note this is with my cgroup patch...
<hallyn> (not with the attach patch only)
<hallyn> all right, gonna have dinner and worry abou this later - gnight
#ubuntu-server 2013-03-02
<Katronix> Hi all, if you want to enable quota is it common to have to recompile the kernel?
<sarnold> Katronix: you shouldn't have to; at least my config-3.5.0-25-generic shows CONFIG_QUOTA=y
<Katronix>  quotatool -u braitostees -bq 200M -l '250 Mb' /home
<Katronix> quotatool: Error while detecting kernel quota version: No such process
<Katronix> would that indicate I have to?
<Katronix> Or do I just need to enable something in the background?
<sarnold> Katronix: hrm, /usr/share/doc/quota/README.Debian suggests you need a new mount option in /etc/fstab
<sarnold> Katronix: have you added usrquota or grpquota options yet?
<Katronix> yes looks like I needed to start the quota service
<sarnold> cool :)
<slide> I'm trying to install 12.04 with a usb disk, but after I select to install ubuntu, it just sits at a black screen forever. I'm not sure what else to do
<slide> i followed this guide to make the usb bootdisk, http://www.ubuntu.com/download/help/create-a-usb-stick-on-windows
<histo> !nomodeset | slide
<ubottu> slide: A common kernel (boot)parameter is nomodeset, which is needed for some graphic cards that otherwise boot into a black screen or show corrupted splash screen. See http://ubuntuforums.org/showthread.php?t=1613132 on how to use this parameter
<slide> i tried that too
<histo> slide: did you check the iso that you downloaded for errors?
<slide> histo lemmy run a md5sum
<slide> yup md5 matches
<histo> Can you boot the thumbdrive in another machine slide ?
<slide> ive tried 2, with 1 it just goes to a black screen, in the second it goes to the next step, but i cant move the selection at all
<histo> slide: Are both machines the same?
<histo> slide: I would think you need to recreate the thumb drive or it's bad
<slide> nope, different machines
<slide> i recreated it again, and used a different usb boot creator =\
<Nite_shades> i want to access my ubuntu server from outside my lan
<Nite_shades> are there certain configs i have to make on the server in order for this to happen
<histo> slide: still not working?
<histo> Nite_shades: access it how via ssh?
<Nite_shades> ssh
<slide> nope :(
<roasted> forward port 22
<Nite_shades> on my router
<roasted> and/or change the ssh port and forward that
<roasted> if your name is frank, and your domain is google.com, you would ssh via "ssh frank@google.com"
<roasted> pending 22 (or whateve rssh port you changed to) is forwarded
<Nite_shades> forward port on my router or on ubuntu-server if possible
<roasted> on your router
<Nite_shades> oh yeah and the server im running is a virtual server running on my ubuntu host
<roasted> in my router I set the IP of the box and the port I want to forward
<roasted> my server has a static ip of 192.168.1.20
<roasted> so my router has 22 forwarded to 192.168.1.20
<roasted> so if I'm running DDNS, and my domain is google.com, ssh frank@google.com hits my router, router passes off to server, server allows SSH magic to happen.
<Nite_shades> ok it said that connection failed
<slide> ok so now im trying to do it on my laptop, and im getting "There was a problem reading data from the CD-ROM. Please make sure it is in the drive. If retrying does not work, you should check the integrity of your CD-ROM."
<slide> even though im using a usb drive
<dsmythies> leave
<holstein> slide: i have had that before as well..
<slide> one thing i read was that some file names are truncated
<slide> and ive found a few
<holstein> The basic steps to install Ubuntu Server Edition from CD or USB stick are the same for installing any operating system is what the site says
<slide> lies
<holstein> slide: i usually just make a CD... you can try minimal and add what you need
<slide> if i only had any cds =\
<slide> ok fixed all the truncated filenames i think
<holstein> http://ubuntuforums.org/showthread.php?t=2052939 is relevant
<slide> thanks
<holstein> i would try dd'ing the iso.. are you using unetbooing?
<holstein> unetbootin*
<histo> slide: how are you getting truncated file names?
<histo> slide: how are you creating the thumb drive?
<slide> http://www.ubuntu.com/download/help/create-a-usb-stick-on-windows
<histo> or the cd or whatever
<histo> slide: that will not truncate filenames
<slide> http://ubuntuforums.org/showthread.php?t=1692104
<slide> had the same problem
<slide> though my files are different
<histo> slide: http://unetbootin.net/  use this
<slide> yea trying that now :D
<slide> still makes bad names =\
<slide> http://pastebin.com/KJkD948s
<slide> and that one doesnt even boot up =\
<histo> why do you thihnk those are bad?
<histo> and how is the thumb drive being formated?
<slide> because the only other files are .deb and .udeb
<slide> ive tried fat32 and exfat
<histo> slide: doesn't unetbootin have hte option to format it?
<slide> used it
<slide> f it, ill go get some cds in the morning
<histo> slide: Not sure what is going on. This isn't that difficult
<slide> you would think heh
<Techdude1011> <domainname>/AXFR/IN' denied using dig on localhost
<andol> Techdude1011: allow-transfer would be the option you want to tune.
<andol> (assuming Bind, that is)
<Techdude1011> andol:sorted - was missing ip of server in allow-transfer {}. I had the ip addresses of other pc's that I want to allow.
<Techdude1011> thanks
<vedic> Hi I have taken static ip from my ISP which is connected to my remote pc via DLink Router. How can I configure to access server running on my remote PC?
<histo> vedic: what kind of access ssh?
<vedic> histo: Remote Desktop
<vedic> I have required service running on Remote Server. I need to access that from my PC via Remote Desktop. My ISP says configure your router to do that.
<histo> vedic: What version of ubuntu?
<vedic> 10.04
<histo> vedic: yeah you need to port forward
<histo> What service are you running on the remote pc ?
<vedic> Its monitoring software (remote cameras etc)
<vedic> histo: I don't have port forwaring on Dlink router. But I do have routing option -> Static, Policy routing
<histo> Why kind of dlink router?
<vedic> Dlink 2750U
<histo> http://screenshots.portforward.com/Dlink/DSL-2750U/Port_Forwarding.htm  yes you do
<histo> Are you even running a desktop environment?
<histo> You realize you are in the #ubuntu-server channel right?
<vedic> histo: Well I realize server should not have GUI but it is just for testing. I shall remove it later
<histo> Well first you need something serve your desktop over the network. Something like xrdp or vnc
<lifeless> spice ftw
<Techdude1011> Is it possible to use a web interface for remote monitoring?
<histo> vedic: then you just need to forward whatever port that service uses to your internal ip of your sever
<andol> Techdude1011: Well, the web interface might not neccesarily do the remote monitoring, but I think most monitoring solutions has some kind of web gui, Nagios being the classic example. I guess the main distinction being whatever you configure the monitoring using the web interface or not.
<histo> Techdude1011: yes
<histo> !zentyl
<histo> what is the name of that stupid app
<histo> !zentyal
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<histo> Techdude1011: ^^^^^^^^^^
<crass_> shit! the kernel's disk cache has become out of sync with the disk, how can I tell it to clear the cache and _not_ write to the disk anything from the cache?
<maswan> pull the disk then power off
<crass_> maswan: is that an informed answer, or are you being facetious?
<cfhowlett> :0
<RoyK> crass_: cache disk?
<RoyK> OH, DISK CACH
<RoyK> oops
<RoyK> oh, disk cache...
<RoyK> how can that happen?
<maswan> crass_: It's the only obvious way i can think of, yes. Hitting the power hard might or might not be enough, depending on if it gets a signal to shutdown before the power gets pulled out from underneath the kernel
<crass_> is there a tool for getting the contents of the cache? I'd like to see what blocks might be modified
<maswan> At least if the blocks are dirty. But then they're probably going to be written back within seconds to minutes anyway.
<maswan> Oh, if they aren't dirty, you can just drop caches
<crass_> yeah, I found vm/drop_caches
<crass_> I need to figure out if anything is dirty
<RoyK> crass_: really, the disk cache contents are never "out of sync", that is, some parts may be dirty blocks (not written yet), but that's it
<RoyK> crass_: linux handles the cache far better if you don't meddle with it
<crass_> RoyK: never say never, I bet I could create a reproducible test for you
<RoyK> crass_: what really happens?
<maswan> crass_: well, if they are dirty, /proc/sys/vm/dirty_writeback_centisecs tells you how long you have before they'd get flushed to disk. Shorter than this conversation certainly.
<crass_> ok, actually, I'm not sure if its an inconsistency with the kernel cache or perhaps a volatile cache on the disk
<crass_> maswan: well that's extremely reassuring
<RoyK> ssd or spinning rust?
<crass_> the latter, using scsi writes with the ddisable page out bit set
<maswan> dirty pages aren't meant to stay dirty for that long, since then you'd lose state in case of a power outage.
<crass_> yeah, I should hope so, but I'm still afraid of drop caches. I'd like to see if I can figure a way to get the cache and verify there's nothing dirty in there
<crass_> whew, it seems to be good now. The number of dirty pages is indeed small, as seen in /proc/meminfo. This resolved apparently after echo "1" > /proc/sys/vm/drop_caches, but taht might have been a coincidence
<crass_> In order to see the real data, I had to bypass the volatile cache on the disk, so that might have been the problem all along
<amarcolino> Hi, now that resolv.cof is set automatically by resolvconf package how do I go about making my changes permanent?
<Daviey> amarcolino: normally /etc/network/interfaces for server
<Daviey> amarcolino: http://askubuntu.com/questions/157154/how-do-i-add-changes-to-resolv-conf-without-them-getting-overwritten-on-reboot ?
<amarcolino> Daviey, will check it out thanks, I wonder if the use of resolv.conf.d directory actually makes it more flexible to manage resolvconf
<Daviey> amarcolino: i tend to favour /etc/network/interfaces.. but doesn't atter
<amarcolino> Daviey, weird all those config and interface does the job even after restart and sets up nameservers
<amarcolino> Daviey, thanks for the help
<histo> amarcolino: you can add nameservers to resolv.conf.d/head file also
<blair> is anybody running raring in OpenStack or EC2?  the new isc-dhcp's log messages are not being filtered out by logcheck: https://bugs.launchpad.net/ubuntu/+source/logcheck/+bug/1134592
<uvirtbot> Launchpad bug 1134592 in logcheck "isc-dhcp 4.2.4-5's DHCPREQUEST messages no longer match ignore regex" [Undecided,New]
<amarcolino> histo, I can but what is the point when interface does it all and it is easier considering that I am not aware of the new file types in resolv.conf.d directory
<amarcolino> hi, not exactly an ubuntut server question but does anyone know to install a headless virtualbox without the x11 dependencies?
<tedski> amarcolino: http://www.howtoforge.com/vboxheadless-running-virtual-machines-with-virtualbox-4.1-on-a-headless-ubuntu-11.10-server
<tedski> google turns that up for me
<amarcolino> thanks tedski  but I want to install to safely install vbox while ignoring  the x11 dependecies
<tedski> i'm sorry, did that link include the x11 deps?
<tedski> i must have overlooked that
<tedski> amarcolino: https://answers.launchpad.net/ubuntu/+source/virtualbox-ose/+question/144567
<tedski> see there
<tedski> post #3
<becom33> I followed this tutorial to install mod_security http://www.thefanclub.co.za/how-to/how-install-apache2-modsecurity-and-modevasive-ubuntu-1204-lts-server but I'm getting a forbidden error on a web page
<tedski> becom33: the most common cause of 403 errors are file permissions
<becom33> tedski, could u help me ?
<tedski> i have no experience with mod_security
<amarcolino> tedski, wil check that out didn't know x11-commons didn't pull all the x11 libraries
 * becom33 anyone ?
<tedski> becom33: feel free to post more information, i might be able to help somewhere
<tedski> relevant logs... were you able to access this file before you setup mod_security, etc.
<Nite_shades> i want to access my server outside my lan, I already forwarded my routers ports to 22 but still to no avail
<Nite_shades> any suggestions
<RoyK> if 22/tcp is indeed forwarded and no firewall is in the way (like one at the ISP), it should work
<amarcolino> becom33, google got me this with the search criteria [mod_security 403], this links seems relevant if you have access to your logs http://www.webhostingtalk.com/showthread.php?t=1081070
<histo> Nite_shades: can you ssh while on your lan to server?
<Nite_shades> everything on my lan interconnects fine
<tedski> Nite_shades: do you have access to an outside host?
<Nite_shades> yes, im using connectbot on android to ssh
<tedski> Nite_shades: if you provide your external ip, i can do a short portscan to tell you if it's open
<tedski> Nite_shades: it is possible that your isp is blocking 22... you could try to forward 2222 to 22
<RoyK> or, if the router doesn't support that, run sshd -p 2222
<Nite_shades> yeah my isp is most likely the culprit
<Nite_shades> Even though im running my server on a virtualbox does it still matter
<tedski> it does
<tedski> if you're using nat'd networking
<tedski> make sure you're bridging
<Nite_shades> ok i have it on bridged adapter
<tedski> so, it's int he same subnet as the router
<Nite_shades> yes
<tedski> good
<RoyK> Nite_shades: try another, high port (> 1024)
<Nite_shades> ok im baffled on the start port and end port on port forwarding
<RoyK> in the router?
<Nite_shades> yeah
<RoyK> it's probably a port range
<Nite_shades> i think so
<Nite_shades> any suggestions
<RoyK> just try to forward 2222 and start sshd -p 2222
<Nite_shades> yeah my isp is blocking from forwarding port 22
<Nite_shades> is there anyway around this
<tedski> nope
<tedski> just use a high port
<tedski> many recommend listening on a port other than 22, anyway
<tedski> security by obscurity thing if you ask me
<Nite_shades> why would my isp block this port as its a secure one
<Nite_shades> is it for security on their part or what
<tedski> answers we'll never truly know
<tedski> but, they probably have some idiot infosec twit saying that if you're listening on 22, you're hosting a server!
<tedski> and then you need business class services
<Nite_shades> ok finally got connected
<Nite_shades> The problem i had was i was using the router  ip address instead of the external isp provided ip address
<Nite_shades> which got me connected quickly
<chronossc> I own a ME580J dual 3.5" hdd enclosure. It has chip JMB352 and while using as usb device I can recognize two disks I have in enclosure. With e-sata, I can regonize only first one. Did guys have idea what I can do?
<RoyK> chronossc: what does /proc/partitions have to say while on esata?
<RoyK> sata expanders may be a problem
<RoyK> or port multipliers
<RoyK> why don't you just use plain sata?
<chronossc> RoyK: it shows only sdb1
<chronossc> I'm using e-sata cuz I need to copy a large amount of data and my wifi isnt doing good with it
<chronossc> this ME580J normally is connect to my Zbox running Ubuntu Server
<chronossc> and my notebook is losting wifi from time to time, so I plugged e-sata on my note, and e-sata also not works on Zbox
#ubuntu-server 2013-03-03
<RoyK>  
<Titanium|2> Hi
<Syria> Hi, Please tell me how to install apache , mysql  and phpmyadmin on ubuntu server.
<Plizzo> Hello! I'm thinking of setting up a local BIND9 DNS within my network, but I don't want to use a specific domain. I'd rather just be able to type "lumen.local" instead of "lumen.domain.local" or similar. What do I type instead of "domain.local" as my domain in the config in order to achieve this?
<Plizzo> Do I just use local as the domain name?
<RoyK> Plizzo: you can setup your resolver (client, that is) to automatically search for hosts in a certain domain, as in ping adsf instead of asdf.my.tld
<RoyK> but that's a resolver thing, not related to the nameserver
<Plizzo> RoyK: Alright, thanks but I don't think that's what I need. I have a server with the hostname "lumen" and within my network I normally call it using "lumen.local". Although, over VPN I cannot do this because I have no DNS to help resolve the hostname. So I'm thinking of setting up a BIND9 DNS and I want it to search .local as well, and not lumen.domain.topdomain
<Plizzo> Basically, could I just set up a local zone with routings in BIND9?
<RoyK> then add .local to searchpath
<RoyK> and setup a 'local' zone in bind
<Plizzo> Here is the guide I'm going to use (it's for RPi but shouldn't matter - Debian)
<Plizzo> http://www.myguitars.mine.nu/images/rpi_raspbianwheezy_dns_server.pdf
<Plizzo> RoyK: You see, on step 4 he configures the resolv.conf and sets "search domain.local".
<Plizzo> RoyK: Could I just type "search .local"
<Plizzo> ?
<Plizzo> Or should it just be "search local"
<RoyK> the latter
 * ogra_ would just install avahi if its just .local you want
<Plizzo> RoyK: Alright, thanks :)
<Plizzo> ogra_: I have avahi installed, but over VPN no DNS related services are working
<ogra_> ah, yeah, you need to get the mdns broadcasts across the network for it indeed
<Plizzo> ogra_: Yeah :)
<Plizzo> ogra_: But setting up a local DNS should help with that, don't you think?
<ogra_> sure
<RoyK> erm... running fio on this 6-drive raid-6, standard desktop drives, 7k2, iostat reports ~3200tps on that raid - this seems far higher than I thought possible. Or is tps != iops? http://paste.ubuntu.com/5582309/
<RoyK> anyone that knows an open solution for something like "google drive" or similar?
<histo> RoyK: what like cloud storage?
<RoyK> yeah
<axtran> What do you mean by open?
<histo> RoyK: ther eis sparkleshare and I can't remember the other one right now
<RoyK> as in doable with open source
<axtran> Oh like you want to host your own?
<RoyK> yes, I have a home server with ~7TiB disk
<RoyK> and I have a couple of laptops for different use
<histo> RoyK: I'll try and think of it. I was just reading about them.
<patdk-lap> I like the idea of sparkshare, but in use it's not been good, it keeps going nuts
<slide> are sata drives hot swappable?
<cloakable> yes
<patdk-lap> assuming the sata controller supports it
<RoyK> and assuming the driver has implemented it
<lickalott> gents, trying to install server on a rig that doesn't currently have an OS.  When i download it from my computer it automatically gives me the AMD64.iso version.  The machine I'm putting it on is a 32bit architecture.  Will the install auto detect the bit type to use?
<marahin> lickalott, Are you sure that the machine does not support 64 bit architecture?
<marahin> and I'd suggest just downloading i386 version of UbuntuS.
<lickalott> yes sir
<lickalott> i just found the link to get "other" releases
<lickalott> thanks!
<RoyK> lickalott: 32bit? what sort of hardware?
<TheLordOfTime> Can people please give me suggestions for methods to create a closed / authentication-needed HTTP/HTTPS proxy on one of my servers that I can proxy any of my other systems' traffic through?
<TheLordOfTime> as well as a setup/configuration walkthrough or guide if possible.
#ubuntu-server 2014-02-24
<miceiken> Hey guys
<miceiken> when I try to telnet localhost 25 to test postfix i get this error after the "."
<miceiken> 421 4.3.0 collect: Cannot write ./dfs1O0umsx031011 (bfcommit, uid=0, gid=110): No such file or directory
<Nautilus> I have a 12.04LTS VPS, the fs was in read-only mode so I rebooted. When it was coming back up it detected fs problem(s). I hit the "F" to fix them. Is there a way for me to tell if something is messed up now?
<Nautilus> anyone awake that can helkp me with making certs? Per https://help.ubuntu.com/lts/serverguide/certificates-and-security.html#generating-a-csr I've made a self-signed root cert, made a key with a passphrase and am trying to make a key w/o a passphrase for daemons. The message I'm getting is that it must be 4 to 8191 characters.
<Nautilus> oh wait, nm, it's asking me the passphrase for the root cert
<Nautilus> sorry. that worked of course
<cornernote> hi, i have an ubuntu server and it doesnt send cron output to an external email account
<cornernote> in "crontab -e" MAILTO=me@my.com
<cornernote> but it gets sent to root, not me@my.com
<Diceroll> hi... i ve got a problem since the last update on 13.10 : vsftpd won't start anymore... when i launch it manually it said : 500 OOPS: munmap
<Diceroll> any clue ?
<Diceroll> nothing in /var/log/vsftpd.log
<twb> Diceroll: does it say anything interesting before that?
<twb> munmap is the opposite of mmap(2) -- a syscall that lets a program slurp a file into memory
<Diceroll> nope... at least not where i looked
<Diceroll> how can i safely remove the current linux-image and revert to the previous one (i ve only ssh access to the box)
<Diceroll> is it ok if i remove with : apt-get purge and then just restart ? i mean is it safe to do that (cause it sounds pretty ugly) ?
<twb> Diceroll: if you're using grub, I vaguely remember there is a command like "on the next boot, default to <this>"
<twb> You can just purge the current kernel, but make triple sure that grub.cfg ends up with the default you expect
<twb> Oh, wait, if you're *running* the kernel at the time, don't remove it.
<Diceroll> i do indeed
<twb> If you can't find the grub thing, you could also try kexec-tools
<Diceroll> ok i'll try the grub thing
<twb> (Although lately vendors have been disabling kexec by default -- I don't know if ubuntu has yet.)
<jamespage> zul, couple of swift bugfixes - https://code.launchpad.net/~james-page/swift/add-object-expirer/+merge/207883
<jamespage> zul, https://code.launchpad.net/~james-page/cinder/hpclients-fixup/+merge/207910
<robot_38> test
<rabbel> hey guys ... i want to do a preseed install of ubuntu server precise. I would like to do it via USB install. So I'll have to make my own customized iso, right?
<rabbel> Any suggestions?
<zul> jamespage:  oh you already backported nose-test-config
<jamespage> zul, yes - lefthandclient should backport now
<zul> jamespage:  k
<jamespage> was just waiting for that to build in the ppa
<jamespage> zul, you kicked off neutron?
<zul> jamespage:  yeah
 * jamespage waits for the box to explode
<zul> jamespage:  doh
<jamespage> load averages at about 18 when running the test suite now
<zul> *sigh*
<esde> how can i enable rdrand (or check to see if it is enabled) in 12.04? system has i7 3770k processor that shows rdrand flag in /proc/cpuinfo
<robot_38> Anyone ever tried Opendedup?
<smoser> med_, in general ".X" things are pointless.
<smoser> you shoudl just ignore them.
<smoser> so i'm not terribly concerned about inconsistencies like that.
<hallyn> smb: hi
<smb> hallyn, re-hi
<hallyn> smb: i did some testing with nested qemu.  My findings:  http://paste.ubuntu.com/6987525/
<hallyn> smb: is there an existing kernel bug you have open to track this?
<hallyn> maybe I should use https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1278531
<smb> or potentially bug 1208455
<hallyn> smb: I consider this one very important.  nested kvm worked will in precise.  I'ts been on the decline, and doesn't work in trusty.  Do you have time to look into it, or is this a spare-time thing?  (If you dont' then I"ll dig into kernel causes)
<jamespage> coreycb, afternoon
<jamespage> re you merge for neutron
<hallyn> smb: no, that one seems different,
<jamespage> looks generally good - however you needed to target the branch you checked out for the MP
<jamespage> lp:~ubuntu-server-dev/neutron/icehouse
<hallyn> it may be same root cause in the end, but it's i386-only
<jamespage> I resubmitted against the right one for you
<hallyn> I'm not saying jodh is less important :)
<smb> hallyn, Yeah, you say it hangs
<smb> hallyn, Oh wait
<coreycb> jamespage, ok thanks I'll take a look
<jamespage> coreycb, zul provided a bit of feedback as well re bug tracking
<smb> hallyn, 32bit kvm in Trusty kernel has some issue even without second level
<smb> hallyn,  bug 1278531
<smb> hallyn, too many tabs... I meant 1268906
<hallyn> smb: right
<hallyn> smb:  I could be wrong, but am claiming that is less important
<smb> hallyn, But that would be a host on T issue... So S host
<hallyn> smb: all of my testing has been 64-bit only
<coreycb> jamespage, ok I'm adding the bug# to the changelog.  thanks for reviewing!
<jamespage> coreycb, np
<smb> hallyn, Ok, I think you add a new class maybe
<zul> hallyn:  so libvirt 1.2.2...its suppose to be out the next week right?
<zul> hallyn:  oh wait im not on holiday next week never mind :)
<smb> hallyn, Ok, and bug 1278531 was actually for that.
<hallyn> smb: eh, it's worse than that
<hallyn> zul: lucky you :)
<hallyn> smb: so it's actually only qcow2 that has a problem (maybe).  But ubuntu release is irrelevant
<hallyn> smb: it's purely to do with kernel version
<hallyn> precise host with saucy kernel hangs with 100% cpu just like a saucy host does;  precise host with trusty kernel fails to boot qcow2 just like trusty does
<smb> hallyn, Well I would think anything with qcow2 would be in the qemu code...
<hallyn> smb: well it may be differnet root cause, but yeah.  ok so i'll track it there.
<hallyn> smb: i'll spend some time this week digging.  if you have time to look into it pls keep me uptodate
<smb> hallyn, Let us use you bug to put info in
<smb> hallyn, *your I meant
<smb> hallyn, what kind of system are you using for your tests? amd of intel cpu?
<hallyn> smb: intel cpu (vostro laptop).  i originally ran into it on my intel cpu server (precise userspace with trusty kernel)
<hallyn> smb: i'll add the info to that bug in a few mins - thx
<smb> hallyn, ok.
<smb> hallyn, thanks, will then follow up on that
<hallyn> smb: noh it's not just qcow2
<hallyn> just a few more tests then i'll comment
<smb> hallyn, ack
<Meatplow> Morning.    Curious how 13.04 is on older power edge 2950
<RoyK> Meatplow: better use LTS for servers
<RoyK> Meatplow: IIRC precise (12.04) works well on an old 2950
<Meatplow> pangolin 12.04 ?
<Meatplow> Thanks RoyK
<RoyK> Meatplow: that is - don't think I've tried it on 12.04, but running older RHEL/CentOS on similar hardware, so 12.04 should work well
<Meatplow> RoyK:  -   that seems to be what I've skimmed in a couple support links. as well
<RoyK> Meatplow: I've tried 10.04 on an r300, and it worked well
<RoyK> a little newer hardware
<RoyK> old hardware is very rarely a problem
<RoyK> erm
<RoyK> 12.04, not 10.04
<Meatplow> cool.   I'm starting install in a few.      I expect it to be straight.
<robot_38> Anyone ever tried Opendedup? Is it stable enough for production server?
<Lcawte> Hi, I'm having a bit of a problem with my Ubuntu Server install (13.10)... it's connected to my router via ethernet, but when I boot it gets to "waiting for network connection..." and doesn't manage to pick anything up. I haven't changed any settings just rebooted to a newer kernel version (tried the older versions which appear to have the same problem) ... it doesn't to pick up the eth interface
<pmatulis_> Lcawte: troubleshoot manually (once booted).  and did you check your cables?
<Lcawte> pmatulis_: I've tried switching the cables and ports on the router, all of which work on my laptop running Ubuntu Desktop...
<Lcawte> lshw shows the network device correctly, what else can I do to try and debug this?
<Tempeszt> Hi folks.  I've got a 12.04LTS server that I'm running Minecraft server on, and I used "at" to start the server, which is normally rather interactive on the console.  now, however, it's running, but it doesn't have a pts associated with it, and I'd like to be able to control it.  any thoughts or advice?
<smoser> Tempeszt, i'd suggest maybe running it via screen
<Tempeszt> that's what I normally do, and I didn't know that "at" wouldn't start it interactively within the screen where I set it up.
<smoser> at wouldn't do that, no
<smoser> https://gist.github.com/smoser/1019125
<smoser> thats something i wrote some time ago to have jobs (cron, but should work for at) start in a screen
<smoser> i think the idea is/was that you could do:
<smoser> inscreen --new-if-needed mincraft-screen-session minecraftd whatever-args-here
<smoser> Tempeszt, http://askubuntu.com/questions/15244/how-can-i-create-a-cron-command-that-will-execute-a-command-inside-a-detached-sc
<Tempeszt> that's neat. I may have to use that in the future and just kill it for now.
<pmatulis_> Lcawte: maybe pastebin your interfaces file
<marcoceppi_> hey jamespage, how likely is glusterfs MIR to make it for 14.04?
<Lcawte> pmatulis_: I think I may have worked it out (did some googling, found out about ethtool and tried a couple of different eth<insert number> interfaces, looks like for some reason it decided to change interface) doing some tests now
<smb> hallyn, I updated the bug as well, could you have a look and sanity check whether I understood the setups correctly. I would go and look into those in more detail tomorrow
<hallyn> smb: will look, thanks
<jamespage> marcoceppi_, that depends entirely on the resourcing in the MIR team
<pmatulis_> Lcawte: good stuff
<marcoceppi_> jamespage: last the bug said, it needed a security review, so I'm not sure who to ping for status on that
<jamespage> jdstrand, do you have a likely timeframe around reviewing MIR bug 1274247?
<jamespage> bug 1274247
<jamespage> bot?
<jamespage> grrrrr
<jamespage> https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1274247
<jdstrand> oh, I missed that assignment
<jdstrand> I'm going to assign to sarnold for the time being-- he is busy finishing up an apparmor upload and then I think he can get back to code reviews
<jdstrand> sarnold: let me know if that's not the case
<jdstrand> sarnold: ^
<sarnold> I do'nt think I'll get to glusterfs this week.. there's already four (I think? :) MIRs ahead in line..
<hallyn> jstrand: bug 1278531, I'm hoping (but not confident) that will also solve your qemu problem
<sarnold> and I'm skeptical of glusterfs, the handful of folks I've known who've given it a shot tended to give up and headed towards lustre, last I knew..
<jamespage> sarnold, quite likely
<semiosis> sarnold: this gives me confidence
<semiosis> ...not
<jamespage> jdstrand, sarnold: hopefully one of you has juju-core + deps on your list as well
<sarnold> yikes :)
<jamespage> https://bugs.launchpad.net/ubuntu/+source/juju-core/+bug/1267393
<jamespage> sarnold, that includes some mongodb fun as well
<semiosis> sarnold: please keep an open mind toward gluster.  it's come a long long way in the last couple years and plenty of people are using it on ubuntu
<semiosis> sarnold: i'm the upstream deb packager btw, so if i can be of any help please ping me
<sarnold> semiosis: cool, thanks! :)
<semiosis> my pleasure
<zul> jamespage:  mir filed for python-hplefthandclient and python-nose-testconfig
<jamespage> zul, +1 thanks
<hazmat> anyone played with http://www.ktap.org/?
<hallyn> cyphermox: stgraber: bug 1205086, does removing --strict-order seem like the right thing to do?
<cyphermox> hallyn: well, it will likely fix the problem for the reporter
<cyphermox> hallyn: not sure if there is an actual reason why --strict-order is set there
<hallyn> will it cause problems for anyone else
<hallyn> i'm nto sure either
<cyphermox> assuming stgraber is the one who set this up the way it is, I'd wait for his answer :)
<stgraber> from what I remember, strict-order makes dnsmasq query the first server, on failure (NXDOMAIN isn't a failure), it'll then fallback to the next, etc...
<stgraber> removing strict-order, makes dnsmasq query all servers
<stgraber> which for most people would mean doubling or tripling the DNS traffic
<hallyn> really i just don't understand why there isn't a "ping the other servers if first doesn't have an entry for this" option
<hallyn> removing strict-orer makes it random order right?
<hallyn> not query-all
<stgraber> it makes it query all
<stgraber> unless that changed, dnsmasq changed quite a bit since we dealt with that stuff in 12.04
<hallyn> In comment #2 (point 2) in that bug, i was going based on documentation i think.
<cyphermox> my bofh brain says the right fix is for that VPN dns to become recursive...
<stgraber> right, reading current dnsmasq manpage, dropping strict-order should be fine, however this wouldn't solve this bug
<stgraber> it'd just make it random instead of reliably wrong
<hallyn> well i did think comment #4 was "the right fix"
<hallyn> right
<hallyn> though he claims it did fix it for him.  <shrug>
<stgraber> strict-order guarantees the dns servers are processed the same way the libc would, without it, the servers are taken in random order, but if the first queries server returns NXDOMAIN the request will still fail
<stgraber> well, it could be that the libc resolver attempt the request twice or something along those lines
<stgraber> and by chance the order is sufficiently random that trying twice is enough?
<hallyn> which is NOT sufficient to make that change to the package :)
<stgraber> right. If the reporter is using a desktop machine, the real fix is to use NetworkManager which will properly setup dnsmasq to only use the VPN dns server for requests relevant to it
<stgraber> hallyn: ok, so just did some tests. The problem there is clearly that the remote dns server is misconfigured. Trying with mine, I get NXDOMAIN for an invalid domain from a recursive server (as I should) but SERVFAIL for a domain outside the scope of a non-recursive server.
<stgraber> SERVFAIL causes dnsmasq to query the next server, NXDOMAIN doesn't.
<stgraber> SERVFAIL is nsd's response when non-recursive. REFUSED is bind's response when non-recursive. Both work with dnsmasq.
<hallyn> so he has a non-recursive dnsd responding as though it was recursive?
<stgraber> if he's getting NXDOMAIN, yes
<stgraber> it looks like there's no way of properly turning off recursion in dnsmasq, no-resolv only prevents it from getting upstream servers (so it'll rightfully return NXDOMAIN) and dns-forward-max is meant as a tweak for long resolving chains, not as a way to block recursion
<stgraber> so my suggestion there is, don't use dnsmasq
#ubuntu-server 2014-02-25
<MavKen> how can I get each domain on my vps to sendout mail from its domain and not show up in gmail as "sent from domain1.com via domain.com" ?
<sarnold> MavKen: do you have IPs for each of these domains?
<MavKen> no
<MavKen> im on vps at digitalocean..cant get more than 1 ip
<MavKen> i used trial version of cpanel and it worked great... just didnt want to pay $200
<sarnold> cpanel costs $200???
<sarnold> it'd be cheaper and more reliable to just put your ssh root key on your webserver and ask people to help admin your machine :) hehe
<sheptard> lol
<rostam> HI I am running ubuntu 12.04, how could I check whether firewall is running and disable it? thx
<BiteMe> rostam: http://www.cyberciti.biz/tips/linux-iptables-how-to-flush-all-rules.html
<BiteMe> Google is your friend
<cfhowlett> !ufw|rostam
<ubottu> rostam: Ubuntu, like any other Linux distribution, has built-in firewall capabilities. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | GUI frontends such as Gufw also exist. | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo
<cfhowlett> rostam, note that firewall is disabled by default
<MavKen> are there any user provisioning scripts out there to make it easier to add a new user and virtual host on apache?  trying to avoid getting a control panel
<cfhowlett> MavKen, might want to ask the apache channel for something that specific
<MavKen> ok thanks
<MavKen> I have a VPS, if I use tasksel to install mail server does it take care of all configuration?
<MavKen> I want php scripts in each of my virtual domains to be able to send out mail and it be from the specific demand.  I tried exim4 but only primary domain worked correctly, the others would show up "from domain1.com via domain.com" - is there a better option than exim4?  i dont need a full blown mail server
<MattTheRat> MavKen: sendmail is pretty default or postfix
<MavKen> ok
<ScottK> postfix is the standard MTA in Ubuntu.
<psivaa> https://code.launchpad.net/~psivaa/ubuntu-test-cases/mod_php-fix/+merge/204273
<psivaa> https://code.launchpad.net/~psivaa/ubuntu-test-cases/bloat-min-install-amd64/+merge/208025
<psivaa> https://code.launchpad.net/~psivaa/ubuntu-test-cases/entropy-for-tomcat-daemon/+merge/208036
<psivaa> rbasak: jamespage: would you mind doing ACK/NACK the above MP's for smoke test failures please?
<rbasak> psivaa: I don't understand https://code.launchpad.net/~psivaa/ubuntu-test-cases/bloat-min-install-amd64/+merge/208025 and I have to run right now, sorry. Maybe jamespage can look at that one when he's back?
<psivaa> rbasak: ack, thanks for the other reviews. they all need manual merging from the server developers as well
<rbasak> psivaa: OK. I have to run right now, but I'll try and merge them for you too. I assume I just need to push the merged branch?
<psivaa> rbasak: yes. that's all you need to do
<rbasak> psivaa: I have to run. I managed to push merge one proposal. The other seems to want me to fix something up (diverged branches or merge conflict?) and my bzr-fu is weak so I'll try again this afternoon if somebody doesn't beat me to it.
<rbasak> psivaa: thank you for sorting these out!
<psivaa> rbasak: ack, thank you
<hackeron> hey, I'm trying to run /usr/sbin/debootstrap --verbose --arch amd64 saucy target -- but I'm getting: E: Couldn't download dists/saucy/main/binary-amd64/Packages -- any ideas?
<hackeron> looking at http://archive.ubuntu.com/ubuntu/dists/saucy/main/binary-amd64/ - I see Packages.bz2 but no file that is just Packages - maybe this is why?
<jamespage> zul, dashboard is functional again - ish
<jamespage> need to sort out the links in the openstack-dashboard package
<zul> jamespage:  what was wrong?
<jamespage> zul, django 1.6 compat in openstack-auth
<zul> jamespage:  ah
<jamespage> cherry picked some fixes
<jamespage> zul, I looked a zigo's debian package which contains the same patches but it looks like its missing a load of files
<jamespage> locale data?
<zul> possibly
<jamespage> psivaa, merged - thanks!
<psivaa> jamespage: ack, thank you
<adac> What is the default document root in nginx?
<ikonia> should be set in the config
<ikonia> have a look in the config,
<adac> ikonia, I cannot find a value in nginx.conf
<ikonia> adac: really ? there is nothing showing the default content location ?
<adac> ikonia, it is set in the default vhost
<ikonia> so if it's set...then it's set there isn't it ?
<ikonia> as in if you've set it for the default vhost, then thats where it is
<ikonia> or am I missunderstanding what you're asking
<adac> ikonia, I thought it was set within nginx.conf but instead it was set within default vhost
<adac> yes set is set :)
<zul> jamespage:  libvirt 1.2.2 is on my todo list :)
<pmatulis_> hallyn: hi.  anything special about creating a Lucid LXC container on Saucy?  it doesn't work.  although a Precise container does.  -- http://paste.ubuntu.com/6994531/
<jamespage> zul, lovely - thought it might be
<jamespage> zul, any thoughts on wido's other patch?
<zul> jamespage:  hold on...i dont have a problem with it
<zul> looks like its going to be in 1.2.2 anyways
<jamespage> zul, a review on https://code.launchpad.net/~james-page/swift/add-object-expirer/+merge/207883 would be great if you have time
<jamespage> have another one for horizon in test atm
<zul> jamespage:  can you remove the python-swiftclient dependency at the same time please?
<jamespage> zul, from horizon?
<zul> no from swift
<jamespage> zul, ok
<zul> jamespage:  it was removed 19 days agao
<zul> 1.13.0 should be out soon as well
<jamespage> zul, of swift?
<zul> jamespage:  yes
<mc_bluebeard> I have a server that will regularly lose power. Is there anything I can do minimize the probability of the filesystem becoming corrupted?
<jamespage> zul, https://code.launchpad.net/~james-page/horizon/icehouse-tidy-and-fix/+merge/208145
<zul> jamespage:  commented
<jamespage> zul, updated
<zul> jamespage:  +1
<jamespage> ta
<jamespage> zul, OK - I think that's horizon functional again
<jamespage> it was a bit busted
<zul> heh ok
<zul> can you upload it to trusty and the the ca if you havent already done so
<zul> never mind i should just check my email more ofent :)
<hallyn> pmatulis: I'm not sure.  On trusty I can certainly create a lucid container using the download template
<hallyn> installing a saucy vm to test...
<caribou_> jamespage: who's looking at the Neutron's charm these days ?
<jamespage> caribou, numerous different people
<caribou> jamespage: ah, ok. looking to see if adding a functionality to set sysctl values would be easy
<caribou> jamespage: i.e. having the charm set sysctl kernel values upon startup
<hallyn> smb oh - 3.12 working for nested qemu, that's awesome news, easier to bisect than having to go across a differently-buggy 3.11 :)
<smb> hallyn, Yeah, though as always things break with 3.13-rc1 which is the "most things changed" step
<hallyn> yeah
<rbasak> jamespage: ah, you've merged the other branches. Thanks!
<jamespage> rbasak, np
<zul> jamespage:  when you get a chance http://pastebin.ubuntu.com/6994919/
<jamespage> zul, havana not grizzly dude
<jamespage> zul, sorting now
<jamespage> zul, odd - each MP appears to drop some of adam's previous changelog entry
<jamespage> that does not sound right
<zul> it doesnt
<hallyn> pmatulis: I don't know,  it works for me in a saucy instance.
<zul> jamespage:  please hold on reviewing them
<zul> i think we are going to have an issue with nova
<jamespage> zul, ok - holding off
<smoser> rbasak, ping
<smoser> https://code.launchpad.net/~smoser/cloud-init/run-status/+merge/208056
<smoser> you can't atomically rename over an existing file, can you?
<smoser> ie, i didn't think this was atomic: http://paste.ubuntu.com/6995003/
<smoser> hm.. seems i'm wrong: http://stackoverflow.com/questions/2333872/atomic-writing-to-file-with-python
<rbasak> smoser: pong. Yes, AIUI you can. Sorted now?
<smoser> yeah. i had just not bothered with rename because i thought there was a different potential race condition
<smoser> due to the deletion of the file. but yeah, i'll use that.
<tash> can you add static routes via preseed? I can't find anything useful saying so, but have the need.
<smoser> hallyn, is lxc in trusty supposed to function without cgroup-lite or cgroups ?
<smoser> (it is only Recommends right now)
<hallyn> smoser: not until cgmanager hits main, I'm afraid.  but when released yes
<smoser> ok. thats kind of whta i thought.
<smoser> tych0, ^.
<tych0> smoser: yep
<hallyn> ubuntu installs recommends by default yes?
<smoser> so i thikn probably just remove the explicit depends. whatever is doing 'apt-get' should by default get the Recommends also.
<smoser> yeah.
<tych0> oh
<tych0> we didn't get it in gdebi, i guess
<hallyn> of course you can just mount /cgroup by hand or something.  you don't *depend* on cgroup-lite
<smoser> gdebi, for serious.
<tych0> for serious
<tych0> is there something better?
<smoser> you're not using it other than by hand, right?
<tych0> right
<smoser> to have it resolve your dependencies (and apparently not recommends)
<tych0> just for package development
<tych0> yeah
<smoser> yeah. i dont know how i'd do that.
<tych0> dpkg -i and apt-get install -f
<tych0> seems like a ridiculous way to develop packages :-)
<smoser> i think ihave to agree with that. but i would have expected gdebi to invoke apt, which would have had the default '--install-recommends'
<smoser> hm..
<smoser> oh well.
<smoser> rcj, https://bugs.launchpad.net/bugs/1052089 . you understand the issue there ?
<rcj> smoser, yes on second look I do. There was some confusion this morning while discussing it.  Sorry for the hassle.
<jamespage> zul, generally the changelog's need some work
<jamespage> I'd probably drop the entries dealing with bumping version numbers as well
<zul> ack thanks for looking
<zul> jamespage:  cinder updated
<zul> jamespage:  glance updated
<jamespage> zul, can you check then through in the MP's - I'll review tomorrow AM
<zul> jamespage:  ack
<hallyn> zul: any good reason not to put 2.0 qemu candidates into the ubuntu-virt/ppa?  Should I create a custom ppa for it?
<zul> hallyn:  do it
<hallyn> k
<RoyK> what's new with qemu2? doesn't look like it's released
<Daviey> hallyn: Did you see the latest comment on the FFe request?
<hallyn> no
<Daviey> RoyK: It's a RC, intent for 2.0 in final trusty.
<Daviey> hallyn: Oh, you responded! :)
<hallyn> then yes :)
<hallyn> RoyK: biggest advantage would be that we wouldn't have 200 patches for aarch64 linux-user.  cleaner tree.
<hallyn> that's why i'll do it in ppa for first rc's - i don't want to commit to it yet, but it would be nice if it works out
<RoyK> hallyn: anything really new in the amd64 way?
<hallyn> RoyK: I don't think so.
<hallyn> now, I may drop the linaro omap3 patches
<hallyn> if this bothers anyone, please shout
<hallyn> (i'll probably blog that in the hopes of letting anyone who wants to complain)
<Daviey> hallyn: If you are in doubt, make a qemu-next PPA under ~ubuntu-virt ?
<hallyn> Daviey: yeah i might do that.  The main reason would be the same reason that I'm  not using the archive immediately -
<hallyn> sometime two years down the road we might want a qemu 1.7 version in that ppa
<hallyn> Daviey: eh, there are already a 'candidate' ppa and a 'daily-build' ppa, both of which would work for this.  I'll use the candidate ppa.
<arosales> hbaum: hello
<Daviey> hallyn: good thinking.
<Proto_X> hello
<Proto_X> i was wondering before i download server iso
<Proto_X> is it complicated to make a bootable pxe host off it, so just nic boot and its in linux
<Proto_X> i think that would be pretty awesome just pxe-boot and got xbmc mediaplayer going windows free better then dual boot hdd use
<Proto_X> i know with windows 2008 server pxe just put it in windows pe mode to image install
<sarnold> Proto_X: this looks sane enough: https://help.ubuntu.com/community/DisklessUbuntuHowto
<Proto_X> is that the client or the server
<sarnold> likely both?
<Proto_X> input that many commands on client all time pain in ballz
<Proto_X> looks like pxe has awesome potential but got tossed over shoulder faster then xbox orgional
<sarnold> Proto_X: hah, far from it, pxe is used all the time
<Proto_X> word :D
<sarnold> Proto_X: the maas project for example makes it easy to have a room of a few thousand machines, IPMI to turn a machine one, PXE boot the thing, and then juju can assign it a task. once it's not needed any more, IPMI turn the thing off.
<Proto_X> no it doesnt seem too bad the page isnt 1000 pages
<Proto_X> i want pxe to do more then install tho
<sarnold> yeah, that should be doable
<Proto_X> must be still emulating floppys to start
<Proto_X> 1.44mb limit sux on ancient pxe
<Proto_X> maybe ubuntu is cooler :)
<sarnold> depends upon your NIC
<Proto_X> windows is always pain in balls
<sarnold> Proto_X: maybe if your NIC is annoying you can use ipxe: http://ipxe.org/ (I haven't tried re[placing ROM, just using ipxe in emulators..)
<Proto_X> mostly microsoft just makes icons bigger and bigger hiding the real commands
<Proto_X> my nic's support it better then vmware
<Proto_X> if it works in vmware then its already mint
<Proto_X> lol
<Proto_X> alright you guys rock :)
<Proto_X> setting up pxe in windows server pages went on and on forever, ubuntu was like 3 pages must be better built for it
<Proto_X> i might be able make cool stuffz do stuffz :D
<Proto_X> thats so awesome
<sarnold> modular pieces that you can connect together as you wish is pretty awesome design :)
<Proto_X> does all ubuntu versions do it or is server best built for it
<Proto_X> the hosting part
<Proto_X> i need more frames per second, all microsoft does is make spinny smiley face icons use 100% cpu 100cores
<Proto_X> the icons that deleted xbox live server lol
<Proto_X> ea games too no more multiplayer
<Proto_X> unless your like madden 2014!!! all day fanboy
<Proto_X> bad ass performance and can do stuff ubuntu i like it :D
<Proto_X> alright ill check it out thank you for infoz
<sarnold> Proto_X: ubuntu server and desktop are nearly identical
<Daviey> sarnold: it's common to chainload iPXE from on-nic PXE client, rather than burning it into the nic.
<sarnold> Daviey: oh! nice.
<sarnold> Daviey: I suspect that'll get most of the benefits of using ipxe without the risk of shredding your nic's warranty :)
<Daviey> sarnold: Yeah, I murmured about doing the burning on my old thinkpad.. didn't.. then it died.  One day i'll be main enough to do it on a prod box. :)
<sarnold> Daviey: haha :)
<rushed> preparing to upgrade a 1u db server with low write volume & moderate read volume, any links or recommended reading on ssd options? was hoping to make the jump this round, but the poweredge options seem higher then I would have guessed
#ubuntu-server 2014-02-26
<rushed> rs
<justizin> anyone have an auto-install image with sane defaults? i have a headless machine that's dead and needs a reinstall, and no effing keyboard around (personal machine ;d)
<justizin> i guess i've been ssh-ing to this thing for like 3 years and i gave away all my keyboards
<justizin> tried a trusty upgrade and i think it power failed installing glibc and it just keeps hanging trying to recover from a failed upgrade
<MavKen> what is the easiest thing to install/setup for my php scripts to send out mail?  I dont need a full blown mail server
<mwhudson> hm
<mwhudson> i'm trying to run the latest trusty cloud image under kvm but i can't log in
<mwhudson> neither taking the 'ubuntu with random password' or ubuntu:ubuntu options in grub work
<mwhudson> is this known?
<Amarino_Mallo_da> hi all
<jamespage> Daviey, all of the 2013.2.2 updates are now in the saucy-proposed queue
<Daviey> jamespage: ok, will process within the hour.
<jamespage> Daviey, thanks
<martin__> Hi, I'm trying to install php5-xsl in Ubuntu 12.04 but keep getting this error "E: Unable to locate package php5-xslâ"
<smoser> jamespage, is package list at http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/cloud-tools-next_versions.html still relevant ?
<smoser> particularly i'm asking about mongodb and libv8-3.14
<jamespage> smoser, right now yes
<jamespage> I'm still waiting for upstream to switch over the juju-mongodb
<smoser> ok.
<smoser> rbasak, hooray, uvtool in cloud-tools-next: https://launchpad.net/~ubuntu-cloud-archive/+archive/cloud-tools-next/+build/5640087
<rbasak> smoser: \o/
<rbasak> smoser: thank you!
<Daviey> hallyn: libvirt SRU candidate 1.1-0ubuntu8.6 seems to include many many more fixes than bug 1228977.
<hallyn> Daviey: this is the saucy libvirtd?
<Daviey> yah
<Daviey> hallyn: i'd be happier if libvirt had an MRE, tracking the maint tree
<hallyn> Daviey: yeah, if saucy was longer-lived I'd do that
<hallyn> if 1.2.2 gets a -maint tree, we should request an MRE for trusty
<hallyn> the problem is the -maint trees are rather randomly started after-the-fact.  Of course perhaps zul and I should always maintain one if nooen else does
<hallyn> (I did start one for the precise tree;  noone uses it but me of course :)
<zul> hallyn:  totally
<hallyn> Daviey: anyway, I didn't feel comfortable that cherrypicking only the patches in comment #32 would suffice
<hallyn> Daviey: but if you want to reject the upload I understand.
<Daviey> hallyn: ah, i assumed there was a maint tree for all.
<hallyn> nope :(
<hallyn> I also need to look at bug 1264465 for saucy libvirt, once that SRU is either completed or rejected
<zul> Daviey:  that would be too easy
<Daviey> hallyn: no planned point release for 1.2.2?
<Daviey> or point, point
<hallyn> Daviey: that doesn't get announced in advance I don't think
<hallyn> zul: qemu 2.0 candidate (misnamed) built fine in ppa:ubuntu-virt/canidate;  woohoo
<zul> hallyn:  sweet..send out the info
<hallyn> coffee
<hallyn> Daviey caught me caffeine-less
<caribou> jamespage: I Need your opinion on bug 1188126
<caribou> https://bugs.launchpad.net/juju/+bug/1188126
<caribou> Juju unable to interact consistently with an openstack deployment where tenant has multiple networks configured
<eutheria> hi, is there a package i can install that will email notifications for package updates?
<genii> eutheria: Instead, probably just to sign up for the mailing list of changes for the distribution you're running
<eutheria> genii: i just want to know to install packages, i don't want to manually check a list
<thedeeno> I'd like to use docker on some of my servers. Docker says I need at least version 3.8 of the kernel to use it.
<thedeeno> What should I do with my 12.04 machines? Upgrade the kernel
<thedeeno> or upgrade the whole system
<thedeeno> to like 13.04 or something
<thedeeno> ? I'm unsure of the pros and cons of each
<eutheria> i wonder what docker is
<caribou> thedeeno: you can install backported lts kernels on 12.04
<caribou> thedeeno: either you use apt-get dist-upgrade but that will touch more than just the kernel, or look for linux-image-3.*lts* in the package list & install only the one you want
<thedeeno> caribou: I'm new to this ecosystem. What are those? Are these the 12.04.X releases? They include new kernels?
<caribou> thedeeno: since 12.04 is an Long Term Support (lts) release, newer kernels have been backported to 12.04
<thedeeno> nice, that is my primary concern, keeping that long term release support
<caribou> thedeeno: you can use "sudo apt-cache search linux-image | grep lts" to find them out
<thedeeno> caribou: what do these packages look like? Is this one? `linux-generic-lts-raring`
<thedeeno> caribou: great! I'll try that out
<caribou> thedeeno: apt-cache show linux-generic-lts-raring | grep Version will tell you
<caribou> thedeeno: for instance, the saucy-lts one is kernel 3.11-*
<thedeeno> caribou: so these kernels are all considered safe then, because they're backported? I was nervous that I'd hit some serious bugs but just
<thedeeno> replacing the kernel from underneath 12.04's feet
<thedeeno> s/but/by/
<caribou> thedeeno: safe & suported
<patdk-wk> the only issue you should have, is if you need dkms modules
<patdk-wk> they won't work
<thedeeno> wow, excellent
<caribou> thedeeno: patdk-wk don't the dkms mods get rebuilt ? hmm, maybe not on precise
<patdk-wk> yes
<patdk-wk> but no one backported the dkms module to support the new kernel
<patdk-wk> so if it works, good, if it doesn't due to kernel changes, crash and burn
<patdk-wk> xtables/open-vm-tools won't work
<caribou> hmm, true
<caribou> so thedeeno ^^^
<patdk-wk> now, I have those two dkms modules built by me to work, on all except the newest one
<patdk-wk> I opted to drop support and wait for 14.04 :)
<patdk-wk> and I descided it was just too much of a pain, and only have one machine using them
<thedeeno> yeah it sucks that I'm 2 months early, but i need to deploy these servers this week :(
<thedeeno> i don't think I have any dependencies on dkms tho
 * thedeeno crosses fingers
<thedeeno> caribou: patdk-wk: ty ty
<thedeeno> OH, one more thing, how does installing a new kernel effect my current packages.
<thedeeno> ?
<patdk-wk> it doesn't
<thedeeno> sweet
<thedeeno> Is there a way to get the actual kernel version from these packages without installing them? I'd like to do some automation and need
<thedeeno> to work with the version number before reboot
<patdk-wk> grub?
<thedeeno> I'm installing this kernel on a rackspace node, and I need to edit the grub entry before reboot because rackspace apparently doesn't
<thedeeno> like what grub-update is giving it
<thedeeno> and I'd like to do it in an automated way using sed
<thedeeno> but I'm not sure where to find the actual kernel version (formatted like 3.8.0-19-generic)
<thedeeno> basically i'd like to, given one of these lts packages, figure out what the `uname -r` would report after installing it
<patdk-wk> the only way is by parsing the grub file
<patdk-wk> but if grub isn't there
<patdk-wk> guess you just have to search /boot/
<patdk-wk> ls /boot/vmlinuz-* | sort -r
<hallyn> oh  noes - qemu upstream needs a seabios update
<hallyn> ah no, only need a new symlink
<shodan45> I'm running openvpn client on 12.04 & having problems when it loses connection to the VPN server - it tries to reconnect, but can't because it can't resolve the host name
<shodan45> and it can't resolve because the routing is still set to use the VPN....
<shodan45> anyone know a fix for that, aside from manually restarting things?
<sarnold> I'm surprised it falls back to looking up an ip address when a connection drops rather than just try to re-handshake with the IP it already knew..
<shodan45> sarnold: even if it did, because the routing table is still set to use the (now broken) VPN connection, it wouldn't be able to connect
<shodan45> I have to manually stop & start openvpn to get it to work again
<sarnold> shodan45: really? shouldn't the 'external' ip of the headend be routable over the internet? otherwise how do the vpn packets make it to the gateway?
<shodan45> sarnold: I don'
<shodan45> oops :)
<shodan45> sarnold: I don't follow 100%.... the client is behind a NAT on my home cable internet
<shodan45> it connects to the openvpn server just fine, but if my cable connection goes down, when it comes back up, I have to manually restart openvpn
<sarnold> shodan45: hrm, this would be easier with a whiteboard or piece of paper, heh
<sarnold> shodan45: so, when you initiate a ocnnection to your openvpn gateway, the first packet there has to travel on the open internet.. eventually a connection is established and new routing entries are installed ..
<shodan45> for whatever reason, openvpn doesn't reset the changes it made to routing (etc.) when the connection to the remote VPN server drops
<sarnold> shodan45: but all the data you send is still being sent to the globally routable ip address of the gateway, right? it can't migrate to an 'internal' ip, inside the tunnel, because the tunnel still needs to get packets to the remote host.
<sarnold> that sounds annoying :) but perhaps they expected to be able to rebuild the connection transparently..
<shodan45> I have 2 "gateways": my home router, and my VPN service's
<sarnold> actually, I wonder if the problem is your NAT router..
<shodan45> the only problem I have is when my home cable internet connection goes down (maybe once/week)
<sarnold> if it is stateful (most are) it might tear down the connection when your connection drops; openvpv might assume it can just keep trying and it'll eventually work..
<shodan45> sarnold: no... the problem is almost certainly with openvpn or its configuration
<sarnold> ouch, weekly crashes? how is it so bad? o_O
<shodan45> ok, let me try changing the scenario :)
<shodan45> suppose I'm on a laptop with wifi & connect to a VPN
<shodan45> then I go out of range of the wifi, and connect to a different network
<shodan45> the problem is that openvpn needs to put all the changes (notably routing) back the way they were if it loses its connection to the VPN server
<sarnold> shodan45: it may not have a good view of when it loses connectivity -- it may not know 'it's gone forever' from 'it's down for ten seconds'...
<sarnold> shodan45: there may be a configuration knob to tweak to get it to tear down vpns that don't work, but they might have chosen to remain broken to make it clear that e.g. your connection to google or gmail would go over unsafe local networking
<sarnold> shodan45: I suspect "require local teardown" is the more obvious and informative design decision, but when the local networking dies every week, that -would- get very old..
<shodan45> sarnold: right... I'm investigating along those lines now
<shodan45> sarnold: and it isn't "local networking", just the internet connection - and I suspect that's the real problem
<sarnold> shodan45: to my mind that's local :)
<shodan45> I think if I yanked the cat6 out of the box, I wouldn't have this problem :)
<shodan45> (assuming I plugged it back in...)
<sarnold> shodan45: probably, depends upon how quickly you replaced it :) hehe
<sarnold> shodan45: off to lunch, have fun, and if you find something I'd be curious to know what your solution is
<shodan45> #openvpn suggested a shell script to watch the connection.... :/
<pmatulis_> jamespage: do we know what's going on here? --> http://tracker.ceph.com/issues/6726
<jamespage> pmatulis_, refers to the upstream ceph repositories
<pmatulis_> jamespage: i realize that.  i thought you might know why upstream is not making recent ceph releases available to recent ubuntu releases
<ekosuhartonocom> Hay mwhudson .... welcome to this channel, more detail visit www.ekosuhartono.com
<ekosuhartonocom> Hay axisys .... welcome to this channel, more detail visit www.ekosuhartono.com
<ekosuhartonocom> Hay AndroidLoverInSF .... welcome to this channel, more detail visit www.ekosuhartono.com
<ekosuhartonocom> Hay bogeyd6 .... welcome to this channel, more detail visit www.ekosuhartono.com
<ekosuhartonocom> Hay jak2013 .... welcome to this channel, more detail visit www.ekosuhartono.com
<ekosuhartonocom> Hay mgw .... welcome to this channel, more detail visit www.ekosuhartono.com
<shauno> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis
<shauno> (sorry, but that's annoying)
<Pici> indeed it is.
<IdleOne> done
<shauno> thanks
<soren> shauno: Oh, thank *you*.
<shauno> aw I feel special now :)  I don't like waking everyone up, but .. yeah
<mgw> any suggestions on how to recover from a bad upstart script leaving the service in this state: start/killed, process 28539
<mgw> I've manually killed the procs
<mgw> but can't start the service (it hangs)
<sheptard> lol what a twit
#ubuntu-server 2014-02-27
<MavKen> is it ok to regularly run apt-get dist-upgrade?
<sarnold> MavKen: see the unattended-upgrades package   :)
<MavKen> ok
<Bilge> Why, when installing a package for which configuration conflicts with a file already existing on the system, do you only get prompted to explore the differences the first time the package is installed? Subsequent remove/installs do not prompt for conflicting configurations
<sarnold> Bilge: it depends if the packaged configuration file changes
<sarnold> Bilge: if the file doesn't change on a package upgrade, it's left alone. and since we all dislike those prompts, most packages try to avoid changing those files on a whim :)
<Bilge> Right, but I just installed a package and got the prompt
<Bilge> Then I removed it and installed it again
<Bilge> No prompt
<Bilge> Why?
<Bilge> I want to get the prompt back
<sarnold> Bilge: try this: echo >> /path/to/config/file   -- changing your local copy of it (hopefully appending a newline doesn't change the meaning of the file) might bring the prompt back
<sarnold> it might only prompt again if the upstream version changes though. I can't recall the details.
<Bilge> touch isn't enough?>
<sarnold> that won't change a cryptographic hash of the file
<Bilge> It didn't do anything anyway
<Bilge> Normally it is only when the upstream changes but there MUST BE a setting locally that flags whether the prompt has been shown
<sarnold> Bilge: try reinstalling the package with --force-confask -- see the dpkg(1) manpage for details. I'm not convinced it'll do the job but it's worth a try
<Bilge> I install the package with apt-get, and it does not understand that switch
<Bilge> I don't know how to install with dpkg
<Bilge> It wouldn't help anyway since I want to reset the prompt for another "user" (a robot), not for my use
<sarnold> Bilge: there'll be a package in /var/cache/apt/archives/ for the package you're installing; you can use dpkg -o on that
<sarnold> Bilge: hrm, how about make a copy of the file; install the package; apt-get purge the package; move the backup back in place; try the install again
<Bilge> Purge did the trick :)
<sarnold> yay!
<sarnold> I'm sorry I didn't think of it earlier. sigh.
<sarnold> give me an hour, I'll eventually come around to the right answer. sheesh. :)
<Bilge> I appreciate the help
<Bilge> Can't beleive I didn't know about the purge command either
<Voidal> hey guys, odd question but is it possible for apache to cache files on the server? (Sorry I'm a bit new)
<Voidal> my university assignment would display data from hours ago at random
<sarnold> there's a lot to modern web contraptions... it's common to run a caching proxy in front of web servers to spread the load across more machines..
<TJ-> Voidal: Depends on what the Expires header says
<TJ-> Voidal: See mod_expires
<Voidal> I'm not sure we students have access to that, my lecturer said the MIME type on their server might be not expiring
<Voidal> It's all submitted and working now, it's just been bugging me
<Voidal> sarnold: that might be it, it's a large university with a ton of computers
<sarnold> if the mime types had something to do with it, I'd suspect a broken proxy -- caching decisions should be made on the basis of more concrete things than what "usually" works for a given mime type..
<sarnold> and who knows how the web server gets the files it serves; if they are loaded over nfs, and it caches nfs aggressively (against spec but common because nfs would otherwise be slow :) -- it might be working fine but a lower level might not have been working quite right
<TJ-> Yeah, if the user-agent does a HEAD and the there is no Expires itwon't bother fetching the document, it'll use the one in its local cache
<TJ-> You can usually force the browser to do an explicit refresh (GET) in that case, I seem to recall Ctrl+F5 on some browsers would do it
<Voidal> Well shit, I wish I knew about ctrl+f5 yesterday
<Voidal> I enjoy php programming a bunch but my experience with servers is only basic
<Voidal> so this is all pretty new :)
<TJ-> For dynamically generated content (e.g. PHP scripts), if the result is being cached then generally the server is mis-configured
<sarnold> well...
<sarnold> generating generated content is also pretty slow
<sarnold> there's a lot of opportunities for caching content there, as well, and most frameworks will have mechansisms to make that happen
<Voidal> the assignment generated response data (in xml and json) by pulling data from a source XML file
<sarnold> fragment caching, full-page caching, etc. knowing when to expire that cached content can be a huge part of keeping such a system afloat and functional
<sarnold> Voidal: for more than you'll want to know :) check out section 14.9 here: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
<sarnold> time for bed, have fun Voidal and TJ- :)
<Voidal> thanks for the help
<MangledBlue> Can anybody help??? simple install - my MD5 checks out in ISO-  c7f439e864d28d9e5ca2aa885c4ec4cb *ubuntu-12.04.4-desktop-amd64.iso - but I cannot get it to work - any thoughts?
<rcsheets> I'd like to start testing PXE auto install for 14.04, but it appears that none of those bits are present on the current daily build CD images. Does anyone know when that might be expected to change?
<Lord_Set> rcsheets, why not use MAAS?
<Lord_Set> Any developers here that deal with network drivers?
<Lord_Set> I have a question regarding a specific 10g NIC/HBA/CNA
<rcsheets> Lord_Set: I have not investigated MAAS, because the name makes me think it is for deploying physical systems. I am currently focused on deploying VMs.
<Lord_Set> Ahh ok. MAAS will work for deploying VMs as well as far as I know.
<rcsheets> Lord_Set: I would prefer to tweak my existing, working VM deployment workflow so that it works with 14.04, rather than switching to something entirely new. But I can change if support for PXE/casper has been dropped.
<Lord_Set> MAAS/Juju should be able to deploy everything you need...
<rcsheets> alright well if I have to set up entirely new stuff, then I guess I'll give up for now and wait till I have more time.
<TJ-> rcj: what bits seem to be missing?
<rcsheets> TJ-: was that for me?
<TJ-> rcsheets: oops! bad tab-completion! what bits seem to be missing?
<rcsheets> TJ-: /install/netboot doesn't exist. that's where i normally find a kernel and initrd suitable for PXE-booting the install environment
<TJ-> Hmmm, I have a script the breaks out a standard installer ISO for PXE, not noticed any issues with Trusty ... let me look
<rcsheets> TJ-: maybe I'm just not seeing where to get the alternate install iso? all i can find is desktop.
<TJ-> There is no alternate any longer
<rcsheets> server and alternate are the only ones i've seen pxe bits on, and i don't see daily isos for either of them
<rcsheets> oh! trusty server is at http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<rcsheets> well then, i got the wrong iso. silly me
 * rcsheets looks embarrassed
<rcsheets> yep, on the proper iso everything is as i expected it to be
<rcsheets> sigh
<nitin> hello
<nitin> hello .. guys is it worth to configure a vps running ubuntu server where apache is actually running and a website is being hosted to be configured as a VPN server as well..?
<leitmedium> nitin: what do you mean by "is it worth"? technically it is possible, of course. A simple well-documented OpenVPN setup is enough.
<leitmedium> nitin: if you want to use the server encrypted, you can go with ssh and https, too.
<hello123> hello
<hello123> i wanted help in software raid
<hello123> any 1?
<hello123> ?
<leitmedium> hello123: it's better to just type your question.
<hello123> ok
<hello123> i have 6 x 4tb drives
<hello123> but in/home 4 tb is showed
<leitmedium> what das "cat /proc/mdstat" say?
<leitmedium> please paste to paste service :)
<hello123> http://pastebin.com/Mb0CLYQp
<hello123> :)
<leitmedium> is it possible you setup a raid1?
<leitmedium> just mirrored?
<hello123> i didnt setuped
<hello123> while installin os it automatically came
<hello123> i need 24tb @ /home
<hello123> :(
<leitmedium> hello123: check: "dmesg | grep md2" and "dmesg | grep md3"
<leitmedium> there you shoud see somethink like
<leitmedium> "md/raid1:md2: active with 2 out of 2 mirrors"
<hello123> letitmediuim i messed with partition and now reinstalling os
<leitmedium> this gives you a hint, which type of raid you have
<hello123> just in less than half an hour it will be back
<hello123> its 3 rd time reinstallinjg
<ikonia> /proc/mdstat will show you each arrays status
<ikonia> as will mdadm exaine
<ikonia> examine
<leitmedium> ikonia: but not the type, right?
<ikonia> the type ?
<ikonia> that will show you the raid level
<ikonia> or should do
<hello123> i have sent it
<hello123> check in pastebin
<ikonia> which one ?
<ikonia> md5 : active raid1 sda7[0] sdb7[1]
<ikonia> (as an example
<hello123> http://pastebin.com/Mb0CLYQp
<ikonia> shows my md5 is a raid 1 mirror made up of 2 disks on partition 7
<leitmedium> ikonia: of course, just overlooked it
<leitmedium> ikonia: you are right
<hello123> first pic
<ikonia> hello123: yours are both mirrors
<ikonia> they are all raid 1
<leitmedium> hello123: you have a raid1. so every bit of data is replicated throughout all disks
<hello123> @leitmedium yahoo or skype?
<hello123> yeah
<hello123> i want it raid 5
<leitmedium> hello123: at least this is very fault tolerant
<leitmedium> :)
<hello123> and full 24tb @ /home
<leitmedium> hello123: then you have to resetup the array
<hello123> i dont know thats the problem new to linux :(
<hello123> tried and it has been almost a month
<hello123> :'(
<hello123> ikonia you know to setup raid 5?
<hello123> leitmedium?
<ikonia> hello123: you need raid 5 ror raid 6
<ikonia> hello123: you need something that creates a raid array spanning your disks, rather than mirroring them
<ikonia> I'd strongly advise against raid 0 for something that big though
<hello123> raid 5
<hello123> raid 0 if 1 disk fails all gone
<hello123> thats also a problem
<ikonia> exactly
<ikonia> so you want raid 5 or 6
<hello123> raid 5
<hello123> ikonia can you setup raid 5?
<xnox> hello123: raid installation instructions are here: https://help.ubuntu.com/12.04/serverguide/advanced-installation.html#software-raid
<leitmedium> hello123: have you seen https://help.ubuntu.com/12.04/serverguide/advanced-installation.html =
<leitmedium> hehe
<xnox> snap! =)
<hello123> :p i just dont want to take risk as i am new to linux :(
<hello123> and even that how to delete
<hello123> the raid 1 array
<hello123> and make raid 5
<xnox> hello123: in the menus explained in that guide, you can add/delete raid arrays and choose any raid level (if you have enough drives)
<hello123> The mdadm utility can be used to view the status of an array, add disks to an array, remove disks, etc:
<hello123> not removal of array :(
<hello123> any1?
<leitmedium> you have to "disassemble" it.
<leitmedium> mdadm --stop /dev/md2
<hello123> yeah thats good and ahead?
<leitmedium> then follow the guide
<hello123> leit when i tried previous time it said sd1 device busy or unavaialble
<hello123> :(
<hello123> ?
<leitmedium> hello123: is it still mounted?
<hello123> when i try to unmount /sda1
<hello123> it says not mounted anywhere lol :p
<bgardner> hello123: Did you actually try to umount '/sda1' or was it /dev/sda1?
<hello123>  it was /dev/sda1
<bgardner> hello123: You should pastebin the output of mdadm --stop /dev/md2
<hello123> @bgardner ok
<bgardner> hello123: Let's keep the conversation here so others can weigh in and assist.
<hello123> yeah sure
<merlijn|> hi, I was wondering if anybody is able to tell me what happened to the virtual kernel images in 14.04 - it appears you can only use generic kernels for this?
<hello123> how to change password of root from rescue mode?
<ikonia> you shoudln't
<bekks> root has no password to be changed.
<ikonia> the root password shouldn't be set
<hello123> i cant login into server
<hello123> bt i can go into rescue
<bekks> you cannot log in as root by default because root has no valid password set.
<bekks> !root | hello123
<ubottu> hello123: Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<hello123> psswd make a root passwrd right?
<xnox> jamespage: will icehouse be available for 12.04 via cloud archive?
<bekks> hello123: Please read the article linked by ubottu.
<hello123> ok
<memoryleak> Hi
<makara> when chrooting, why do we always mount /dev and /dev/pts separately?
<sixBB> Hello.  I have a question about mounting a thumbdrive.  I type "sudo mount /dev/sde1 ~/thumbdrive" but when I do this, all the files are owned by root.  Is there a way to avoid that?
<DarkStompy> Is there any wany for me to reset a user password (as user, I am not an admin). I am unable to log in to the server.
<sixBB> you can reset your own
<sixBB> but if you're not an admin, you can't reset others'
<sixBB> to reset your own, type "passwd"
<DarkStompy> sixBB: Thanks.
<sixBB> np
<shredding> But you have to be logged in to change it ...
<sixBB> yes.  You have to know the old password even if you're already logged in.
<sixBB> only an admin can change your password without knowing it
<sixBB> but the user said that he was unable to login, not that he forgot his password. :D
<kirkland> jamespage: SpamapS_: rbasak: nice work ;-)  http://mysqlrelease.com/2014/02/repos-and-distros-upstream-and-downstream/
<hello123> hii
<hello123> bgardner there?
<bgardner> hello123: Yes?
<hello123> yeah i got the server back what to check now?
<bgardner> hello123: What is your question?
<hello123> make raid 5 all my 6 hdd
<hello123> 6 x 4tbhdd
<bekks> Do you have a hardware raid controller?
<hello123> no softraid
<jamespage> kirkland, ta
<hello123> hello?
<webfox_> HI, could someone help me to test and make it work my server network please?
<webfox_> I am trying to set a static ip address to it but still not being sucessful.
<rbasak> kirkland: thanks! I love reading posts like that :)
<kirkland> rbasak: ;-)
<SpamapS> wait what
<SpamapS> 5.6 in trusty?
<SpamapS> that is..
<SpamapS> aggressive
<SpamapS> kirkland: All I did was pawn all the work off on jamespage .. ;)
<SpamapS> ok I see, 5.6 in universe still
<SpamapS> not a good idea IMO
<SpamapS> but hey, nobody asks me. :)
<henkjan> 5.6 in trusty. cool!
<hazmat> hallyn, i've noticed some oddity around lxc-clone destroying my container (btrfs snapshot) if its interuppted (13.10) leaving just a rootfs.hold and a missing rootfs directory...
<hazmat> ie. its destroying the clone source if interuppted
<hazmat> just curious if that sounds familiar.
<hallyn> hazmat: no, please file a bug.  we probably need to change the new container's rootfs in config earlier
<hazmat> hallyn, sure.. github preferred for the bug?
<hallyn> hazmat: lp would be good
<thumper> stgraber, hallyn: at what process during boot do the lxc containers try to autostart?
<thumper> is there any way I can make sure an upstart job happens before it tries?
<hallyn> thumper: well you could do "start on starting lxc"
<hallyn> autostart is done by /etc/init/lxc.conf which starts on runlevel 2345
<thumper> hallyn: so here is what we are planning... could be considered crazy
<thumper> for fast lxc and the juju local provider we are wanting to have /var/lib/lxc be btrfs
<thumper> we look, and if it isn't, we create a loopback device for it, and mount a btrfs in /var/lib/lxc
<thumper> however if there are existing containers, we bail
<thumper> and ask the user to either remove them or specify a directory override as a mount point
<thumper> we'll have a process watch the free space and add extra space as necessary
<thumper> FSVO magic
<thumper> this way we can use the faster clone, and create juju template containers to clone from
<thumper> also, we are making the juju autostart containers for the local provider to be an envron config option
<thumper> but we need to support the case where the user has autostarting containers, but they are in the btrfs loopback magic fs
<thumper> so I want to make sure we appropriately setup the loopback devices, and mount the btrfs in the right place before lxc tries to do the restart
<hallyn> what about just mounting the btrfs elsewhere?  I keep mine under /opt/lxc...
<hallyn> they woulnd't autostart without a change, but you're making a change anyway
<hallyn> (i suggest it bc then the user's existing containers under /var/lib/lxc wouldnt' matter)
<thumper> hmm... we were considering that option
<hallyn> i assume you've measured hwo btrfs on loopback performs?  what about apt-get/dpkg on btrfs?
<thumper> I'll be testing it
<thumper> also
<thumper> if we have a different directory for the containers
<thumper> then we have to make sure that the user always specifies this dir when using the CLI tools
<thumper> were hoping to avoid that...
<thumper> but perhaps that is too much
<thumper> hallyn: it seems that we can't pass a different root dir to lxc-autostart
<thumper> in order to list the autostart containers
<thumper> if we put them elsewhere
<hallyn> thumper: lxc-autostart -P works
<hallyn> should work
<hallyn> thumper: anyway what you're suggesting sounds reasonable to me
<thumper> oh, missing from the man page
<hallyn> thumper: I assume you've considered lvm?
<hallyn> yeah.  stgraber: ^ autostart manpage needs to include the common opts page :)
<thumper> hallyn: I'm taking what hazmat has and putting it into core
<thumper> hallyn: he has good reasons AFAICT for btrfs
<thumper> I really don't want to make it too complicated
<thumper> hallyn: is lvm likely to be more efficient that btrfs on a loopback device?
<thumper> I don't understand lvm
<hallyn> thumper: yeah, it's only that on older kernels apt-get is *really* slow on btrfs
<thumper> not looked at it at all
<hallyn> thumper: no ths is not about the loopback device
<thumper> hallyn: we are doing this for trusty + only
<smoser> utlemming,
<smoser> hey.
<hallyn> oh.  ok.  there it's much better
<smoser> cloud images have 'perl-modules'
<thumper> o/ smoser
<thumper> hallyn: yeah, I had concerns with older versions too
<thumper> so I'm saying this is just a trusty feature
<thumper> for the local provider
<hallyn> thumper: so to be clear, you're goin to use an upstart job that starts on startling lxc andn does the logic you mentioned above right?
<thumper> if I have a job that starts on start of lxc, will that happen before lxc runs?
<xnox> thumper: btrfs on a loopback device, gains you none of the btrfs benefits. Neither does lvm on loopback device, much. Either reinstall, make your host be on top of lvm/btrfs. Or don't bother with lvm/btrfs.
<smoser> utlemming, we have 'perl-modules', but perl-modules recommends each of
<smoser>   libarchive-extract-perl libmodule-pluggable-perl libpod-latex-perl libterm-ui-perl libtext-soundex-perl
<smoser> but those are *not* in the image.
<smoser> :-(
<hallyn> thumper: yes.  lxc wont' start until anything which starts on starting lxc completes
<utlemming> smoser: hrm, interesting...I thought the recommends are installed.
<utlemming> smoser: which release?
<thumper> xnox: I have been told otherwise, and the only way to confirm is to test and measure
 * thumper shrugs
<thumper> hallyn: how does clone work if not on lvm or btrfs?
<thumper> hallyn: does it still work but slower?
<hallyn> thumper: it either copies the whole directory, or uses overlayfs or aufs for snapshot
<smoser> trusty.
<hallyn> xnox: untrue though :)
<xnox> thumper: you loopback file is stored on another filesystem, which is not checksummed nor snapshotable, while it appears that you have snapshots and checksuming, in fact you don't get that.
<hallyn> xnox: a btrfs subvolume snapshot will still be much faster
<smoser> utlemming, heres my list of "i don't understand"
<smoser> http://paste.ubuntu.com/7007244/
<xnox> thumper: hallyn: if you want to snapshot loopback devices, convert them to be qemu-image based files which support efficient snapshots.
<hallyn> no, subvolume snapshot is done at metadata level.  it'
<thumper> hallyn: ok, so worst case, lxc-clone on ext4 will just copy the root fs?
<xnox> thumper: any host filesystem corruption, will propagate into all volumes snapshots in the loopback device.
<hallyn> thumper: correct
<thumper> hallyn: ok, ta
<thumper> xnox: I appreciate that, and this is not what we are trying to use btrfs for
<hallyn> thumper: so fallback to that is probably ok.  it's a tradeoff
<thumper> this is a dev tool
<hallyn> if most of what you'll be doing is creating the container clones, then btrfs-on-lo will be good
<thumper> hallyn: ok, I can test the speed behaviour of using clone independently of dealing with btrfs loopback
<hallyn> if you'll be doing a lot of work on top of there, then not
<thumper> so I can at least get some timing from that
<hallyn> ok - ttyl
<thumper> kk
<hallyn> xnox: the main goal would be to avoid copying 300-700M of data on each container clone
<smoser> hallyn, oh comon. IO is fun.
<utlemming> smoser: I'll look into that shortly, I think this might be a live build issue
 * hallyn hugs eatmydata
<smoser> utlemming, the only other thing in that list is python
<smoser> i dont know where python3.3 is coming from in th eimages.
<xnox> hallyn: dedup with hardlinks?! *har* *har*
<hallyn> xnox: that sounds like the old vserver method
<hallyn> which worked quite well
<hazmat> thumper, actually aufs will be better
<smoser> and yuck, looks like we have python3.3 and python3.4 in there!
<thumper> hazmat: geez man, make up your mind
<hazmat> thumper, its lxc 1.0 on trusty.. i'm giving it a whirl now..
<hazmat> thumper, well originally when we talked overlayfs several months ago.. i said i'd prefer aufs.. it just wasn't supported in lxc for this usage.
<hallyn> hazmat: yeah i think stgraber can point you to any issues you'll run into with aufs.
<hallyn> of course, there's the issue of potential regresions as aufs is afaik unsupported
<hazmat> thumper, aufs vs overlayfs thread from last august fwiw
<thumper> hazmat: ok, I'll defer working on any of the btrfs loopback bits
<thumper> hazmat: and just move forwards with the template images and clone
<thumper> hazmat: and we can measure differences from that
<hazmat> thumper, cool. by big concern with btrfs.. is well dealing with size management is a pain on the loops as usage grows...
<thumper> kk
<hazmat> s/by/my
<xnox> thumper: i'd be very surprised if you hit any bottlenecks.
<thumper> getting templates, clone and a method to update templates will take me a while I guess
<thumper> we can look at speeding up clone once those are in place
<thumper> measure often
<thumper> hazmat: sound reasonable?
<hazmat> thumper, sounds good.. also we should talk auto apt-proxies  at some point.. we had some for local in pyjuju days.. saved much bandwidth.. i didn't see it in core.
<thumper> hazmat: it's there :-)
<thumper> all that proxy work I did
<hazmat> thumper, that's if you explicilty set one on the env.. but it doesn't set one up for you..
<hazmat> ?
<thumper> FSVO of auot
<thumper> local does
<thumper> it looks to see what you have
<thumper> and uses that
<thumper> although it probably needs a tweak or two
<hazmat> what you have on the host?.. but that means effectively its not being used..
<hazmat> ie. pyjuju installed apt-cacher-ng on host and configured containers for it..
<smoser> hazmat, you can't really do loopback devices.
<hazmat> smoser, cause?
<smoser> or at least if you're suggesting that you need to be aware that fsync doesn't work through them.
<thumper> ok, perhaps I don't understand what you are after, or you aren't aware of what's happening, either way, can we shelve this for another time?
<smoser> sometimes people care about fsync.
<hazmat> smoser, hmm.. noted.. aufs is the preferred choice.. and thanks to stgraber is viable with lxc
<hazmat> thumper, sure
<thumper> hazmat: if we use aufs, how is that going to work if we update the base container from which it was cloned?
<thumper> is there something we need to care about here?
<thumper> o/ njpatel
<hazmat> hmm.. its not going to like that..
<hazmat> thumper, tbd
<thumper> hazmat: but we were wanting to keep the base template updated no?
<hazmat> thumper, we may have to create new layers for updates
<njpatel> 'ello there thumper
<thumper> njpatel: what's up in SFO?
<njpatel> stuff and things :)
<njpatel> How's the cloud world?
<mgw> Is there an option for apt to prevent it from trying to install a half-installed package "A" when I tell it to install package "B"?
<sarnold> mgw: I think I've had to tell apt to uninstall A before trying to install B when I've faced that in the past
<mgw> sarnold: thanks, not what I was hoping for
<mgw> I'm working on the SaltStack aptpkg module, and it sort of blows up in that situation.
<mgw> Was hoping there was an option that could just ignore those
<sarnold> mgw: hrm. :/ maybe there's a dpkg --force- option that would work. I've tried to avoid those..
<mgw> sorryâ¦ I'm actually trying to remove package B
<mgw> in this case
<mgw> but I think an install would fail too
<mgw> fail in the sense that apt-get would return non-zero
<mgw> when it failed to configure package A
<sarnold> mgw: oh, I wonder, can you just call dpkg --purge on B directly?
<mgw> sarnold: no, it complains about dependencies
<mgw> btw, in my test case it's Java related, so go figure
<mfisch> zul: do you know if ceilometer-alarm-notifier is packaged for havana?
 * mfisch will be back later to see the answer, commuting
<sarnold> mgw: hrm, is this related? https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/1273601
<mgw> sarnold: i don't think so
<mgw> the underlying issue is with oracle-java7-installer
<mgw> which fails to fully install
<mgw> then when you try to install/remove other packages, it keeps trying to fix oracle
<mgw> It's not that big a deal for me, I was just hoping there was an option I could add to the salt module to ignore that
<sarnold> mgw: bugger. it was a stab in the dark anyway..
<mgw> sarnold: thanks
<TJ-> mgw: There's a kludge I've used in the past, hacky but saved my sanity: edit /var/lib/dpkg/status, locate the "Package: " stanza, and change "Status:" to "install ok installed" temporarily
<sarnold> TJ-: ha! nice.
<TJ-> mgw: That example extracts the single package; to make it generate the entire new status file, you'd remove the final "M==1" conditional so it is just "{print $0}"
#ubuntu-server 2014-02-28
<mgw> TJ- thanks!
<treesloth> What's the proper way to write an upstart script for a server program that forks 6 times,  I can track the pids
<cocoa117> can tcpdump been used to listen for traffic is not intented for the host it sitting on?
<andol> cocoa117: Yepp, tcpdump puts the network device in "promiscuous mode". Of course, you still need to get the traffic somehow, like using a hub or a smart switch with port mirroring.
<tomixxx3> hi, i'am installing ubuntu 12.04.04 in order to deploy openstack on it.
<tomixxx3> which software packets should i select to install in the console installation procedure?
<cfhowlett> !openstack
<tomixxx3> kk ty
<cfhowlett> !cloud
<ubottu> Ubuntu Cloud Infrastructure is a ready to deploy Infrastructure-as-a-Service (IaaS) based on OpenStack. See https://help.ubuntu.com/community/UbuntuCloudInfrastructure for further details.
<cfhowlett> tomixxx3, see the download page: http://www.ubuntu.org.cn/download/cloud
<tomixxx3> cfhowlett: do you mean NOT openstack and NOT cloud?
<cfhowlett> tomixxx3, i'm not the expert ... sorry but I can't provide more practical advice.
<tomixxx3> kk, no problem. just wanted to know if your "!" is meant as "NOT"
<cfhowlett> no that's the invocation for ubottu's factoids
<cfhowlett> !ubuntu
<ubottu> Ubuntu is a complete Linux-based operating system, freely available with both community and professional support. It is developed by a large community and we invite you to participate too! - Also see http://www.ubuntu.com
<cfhowlett> see what I did there?
<tomixxx3> oh ok, ty :-)
<makara> hi. One of my servers has changed IP address
<makara> I tried ping broadcast `ping -b 192.168.4.0` but it gets hung up with three address
<makara> es
<makara> and there should be about 80 hosts on the network
<makara> i see, most hosts ignore broadcast pings
<shorts> Hey, I'm new to Ubuntu server and I'm in the process of setting it up. For the hostname, should I enter the FQDN for a server connected to the net? TIA.
<makara> shorts, no just a name
<shredding> what's the "*.d" in /etc/*.d directories short for?
<shorts> so for example its my first server so I could just use server1 right?
<makara> shorts, yeah
<shorts> cool. thanks guys...
<makara> shredding, sometimes there's a single config file, and sometimes its easier to split them up into separate files
<makara> shredding, so .d means directory
<shredding> ah, interesting.
<shredding> i thought it was daemon.
<shredding> thanks
<shorts> shredding: thanks for the info. will check that out later
<shredding> shorts? Which one?
<shorts> Oh... sorry.. you may have been replying to somebody else...
<shorts> My second question is... I'm obviously in experimental stage but I'm being asked for partitioning method. I'm using Virtual Box to set this server up for possible production deployment. Should I choose "Guided - use entire disk" or Guided - Use entire disk and VVM and does either choice hinder my possibility making an image for deployment?
<shorts> After reading about LVM, I'm thinking that using the entire disk would be the safest as my virtual disk is dynamic? Am I doing this wrong?
<mardraum> yes, using virtualbox in production is doing it wrong.
<mardraum> and if you are experiementing like you say - experiment!
<mardraum> experimenting*
<shorts> mardraum: So is there a good way to experiment and get it right and then deploy?
<mardraum> testing, validation, documentation?
<shorts> OK... I'm just going to use entire disk. Seems stupid to use dynamic partitioning within dynamic partitioning
<shorts> mardraum: Thanks
<mardraum> the default using lvm is generally considered safe.
<shorts> mardraum: would that have been detected based on the fact that I am using a virtual machine?
<mardraum> no
<shorts> OK thanks
<mardraum> lvm has nothing to do with virtual machines
<shorts> I guess I will continue with my experiment and learn from my mistakes
<mardraum> reading is good too :p
<shorts> :) Thanks
<hyp3rkyd> hi all, I am trying to use a folder in /media which contains a shared folder (this is an ubuntu guest server 12.04 inside a MAC OS host) and I do not have the appropriate permissions. Only root can access the folder and I have tried to chown the folder or change permissions chmod -R 777 but the access remains the same. any ideas ?
<hello123> hey fellas
<hello123> i succeeded :D
<hello123> now enjoying 20tb
<hello123> hdd
<osso> good morning
<osso> can someone help me? downloaded the ubuntu server 12.04.3, and am trying to install an "IBM x3200 m2", but the following message appears: graphics initialization failed / error setting up gfxboot
<osso> someone?
<osso> alguÃ©m pode me ajudar? baixei o servidor ubuntu 12.04.3, e estou tentando instalar um "IBM x3200 m2", mas aparece a seguinte mensagem: InicializaÃ§Ã£o grÃ¡ficos falhou / error criaÃ§Ã£o gfxboot
<osso> problem solved "<osso> can someone help me? downloaded the ubuntu server 12.04.3, and am trying to install an "IBM x3200 m2", but the following message appears: graphics initialization failed / error setting up gfxboot", type "help" and enter - there only continue installation and be happy ^ ^!
<osso> someone has a tuturial how to configure the "ubuntu server 12.04.3" to spend?
<ikonia> to spend ?
<osso> ikonia: to pass me *
<patdk-wk> hmm?
<ikonia> spend to pass you ?
<osso> someone has a tuturial how to configure the "ubuntu server 12.04.3" to pass me?
<patdk-wk> my wife handles all that kind of stuff
<ikonia> osso: what is it you want to do ?
<ikonia> to pass you, I'm sorry I don't understand what you want
<ikonia> what is it you are trying to make it do ?
<osso> ikonia 'm installing ubuntu as a proxy / firewall and I need a tutorial
<ikonia> ahh ok, so you want a http proxy ?
<osso> yes
<ikonia> have a search for squid3 proxy - there are tutorials on the squid website
<osso> the configuration is too complicated?
<ikonia> it shouldn't be, but you'll need to have a look at the examples to see if it is too complicated fro you
<ikonia> for you
<osso> ikonia thanks, i'll take a look, just a doubt: is gaphical mode or not?
<ikonia> no, there are no graphical utilities for it
<osso> ikonia ok
<osso> thanks
<Atw> Is it critical to update openssl on the server to 1.0.1f ? 12.04 LTS came running 1.0.1
<mdeslaur> Atw: all security issues were fixed in the 1.0.1 in 12.04 LTS
<mdeslaur> Atw: so no, not critical at all
<hallyn> zul: are you touching libvirt today?
<zul> hallyn:  no
<hallyn> zul: ok, i may push the fix for bug 1285995
<hallyn> jdstrand: do you see any problems in the patch attached to bug 1285995?
<zul> hallyn:  ok cool im still waiting for 1.2.2 :)
<hallyn> where is our bot?
<jdstrand> hallyn: is this not the same as the patchset that debfx sent up for 'Allow access to filesystem mounts' (that was accepted)?
<hallyn> jdstrand: where was that?
<jdstrand> the libvirt list
<hallyn> I don't see it in git
<jdstrand> from debfx on Jan 26th
<jdstrand> hmmm, it was ACKd, maybe they didn't commit it
<jdstrand> I have to step into a meeting now
<hallyn> ok, thx
<hallyn> no that patch is longer
<jdstrand> hallyn: it is longer, but it seems like it would fix this issue no? debfx sent that patch up so Debian could have it, and iirc got others from upstream to look at it
<jdstrand> hallyn: oh, I see-- I gave a conditional ack based on other upstream comments
<jdstrand> and those didn't come
<jdstrand> so someone should maybe poke upstream about it
<hallyn> jdstrand: i've poked
<hallyn> jdstrand: ok, running qrt against the patch from the mailing list
<zul> Daviey:  i need to bug you when you are available
<xpistos> Hello All. I have a NFS share that was not mounted and something got copied to a local version of the folder. I have remounted the folder so the NFS is back in place, but I need to get the files that are on the local version of the folder. How can I do that?
<xpistos> Thanks in advance
<Daviey> zul: hey
<mgw> can the new lxc userspace tools be used on precise?
<sarnold> mgw: I believe they should work, see the mention of "daily ppa" here: https://www.stgraber.org/2013/12/20/lxc-1-0-your-first-ubuntu-container/
<hallyn> jdstrand: i'm sorry to bother you, but tbh i just can't decide which patch to take for 9pfs.  between
<hallyn> http://paste.ubuntu.com/7012246/ and http://paste.ubuntu.com/7012248/.
<mgw> sarnold: thanks! that's fantastic
<sarnold> mgw: I really enjoyed reading the whole blog series, if you've got a spare hour it would probably be worth reading them :)
<hallyn> i guess i'll go with the second.
<stgraber> mgw: we also have a ppa:ubuntu-lxc/stable with more stable 1.0 builds for precise
<hallyn> (which is the one from the list)
<stgraber> note that some features won't work on precise because of the 3.2 kernel (attach and unprivileged containers), however you can use one of the recent backport kernels (3.8 or 3.11) to get lxc-attach working and there's a 3.13 kernel in the kernel team PPA which will even give you working unprivileged containers on precise (I use that on a dozen of servers)
<stgraber> sarnold: hey, since you're here, any progress on the cgmanager MIR?
<hallyn> I like that the first one sanity checks ctl->def->fss[i]->fsdriver and ctl->def->fss[i]->src
<sarnold> stgraber: no, sorry, I've been doing apparmor packaging work that will need an ffe...
<psyferre> Hey folks.  So... I did a git reset without remembering an important file I was working on.  Planning to try ext3grep on the offchance I can retrieve the earlier version of the file.  I gather that I need to boot from a livecd so I can get at the umounted root partition.  Is this the best (only?) course of action?
<jdstrand> hallyn: I think the 2nd is more futre-proof
<sarnold> psyferre: you may also be able to use sysrq "emergency umount" to force it read-only.. but man that's iffy.
<hallyn> jdstrand do you see any  point in adding the ->type and ->fsdrive and ->src checks that the first patch does, tothe second test/
<psyferre> sarnold: hadn't heard of that... how risky we talkin'?
<sarnold> psyferre: files currently open for writing may not be synced, throwing away their contents..
<sarnold> psyferre: you coul also do a sync irst, or sysrq sync, but that's also iffy -- it's an advisory thing for the kernel, it may or mayu not get aroud to it.
<jdstrand> hallyn: well, that was precisely why I wanted upstream comments. I've not looked at these particular shared files before and how libvirt treats them
<jdstrand> hallyn: but, there seems no reason why we can combine them until we get upstream review
<hallyn> jdstrand: ok.  I'll combine them and push.  thanks
<jdstrand> np
<psyferre> sarnold: okay, I'll do a bit of research before I try anything, but the important bits of this machine are all on git - I'm just trying to recover my uncommitted work on a single file.   So, I could do sysrq sync first to minimize corruption of files open for writing, then do an emergency umount of root so I can run ext3grep.  Am I following correctly?
<sarnold> psyferre: yeah, I think that's about how I'd try it. keep the livecd idea in mind if ext3grep doesn't get there, perhaps autopsy can help out, but you wouldn't want to install a package that large on the filesystem you're trying to recover from .. so livecd is nice fallback
<psyferre> sarnold: Awesome.  Thank you!  You may have saved me a LOT of work. :)
<sarnold> psyferre: I sure hope so :)
<mgw> stgraber: i'm having all sorts of issues with python3 installing lxc from the stable ppa
<pmatulis2> why does trusty have packages samba (4.1.3) and samba4 (4.0.3) ?
<kpettit> I just installed ubuntu 13.10 and my NIC's have weird names like p1p1 and p3p1 instead of eth0 and eth1.  Any idea why?
#ubuntu-server 2014-03-01
<webfox> Hello folks!
<webfox> When I try to check for ruby at my server the following error message happens : https://gist.github.com/anonymous/9283668, what can I do?
<sarnold> webfox: interesting
<webfox> sarnold: yes
<sarnold> webfox: command-not-found is a little helper program that will tell you if a command that isn't found is a small typo or if there is a specific package that you should install
<sarnold> webfox: please do file the bug report that it suggests -- but the short answer is you do'nt currently have ruby installed
<webfox> yes, I already restarted the machine and the error still there.
<webfox> sarnold: how can I check which is the latest ruby package available at apt-get repository?
<sarnold> webfox: apt-cache search ruby | grep ^ruby
<sarnold> webfox: (the grep is just to make the list more manageble :)
<webfox> sarnold: \o/ thank you!
<webfox> sarnold: man, it shows several versions. Do you use Ruby by any chance?
<sarnold> webfox: not much these days..
<sarnold> webfox: which release are you on? we've changed which version is in main over time.. 1.9.3 is in main in precise, quantal, saucy, and trusty (maybe we'll drop trusty before release?) -- and ruby2.0 is in main in trusty
<webfox> Not sure what version is running at this server.
<sarnold> lsb_release -a  should say
<webfox> I think those errors are Python related, gem -v command generates the same error.
<sarnold> (that should say something useful on any linux system)
<sarnold> webfox: chances are, you've got a locale set on your local machine that doesn't exist on the remote machine. but that's just me guessing..
<webfox> sarnold: that error is happening in this case as well.
<webfox> Perhaps I should do a downgrade on Python..
<webfox> Currently running version 3.3.2
<sarnold> webfox: that is unlikely to fix it; probably you can install a langpack or something similar to build your missing locale information
<webfox> sarnold: do you mean for Python or the OS?
<sarnold> webfox: the os
<webfox> how do I do that?
<sarnold> webfox: check out apt-cache search language-pack
<webfox> langpack is not a known package
<webfox> apt-cache or apt-get?
<sarnold> apt-cache
<sarnold> apt-cache helps you search your computer's local versions of the lists
<sarnold> 'apt-cache search' is easily 50% of why I switched to debian back in 1998 or 99..
<webfox> Oh, ok, there are tons of packages, I should filter this result somehow.
<sarnold> webfox: probably you want language-pack-pt  -- you might also want language-pack-gnome-pt or language-pack-kde-pt if you use one or the other of those environments
<sarnold> (just guessing based on your hostname :)
<webfox> sarnold: I don't use any UI, is it necessary to install kde or gnome?
<sarnold> webfox: no. skip those. :)
<webfox> sarnold: how about if I install language-pack-us?
<sarnold> webfox: what LANG= do you have on that machine and your local machine?
<webfox> sarnold: probably us-base. Is there acommand to verify that?
<sarnold> webfox: echo $LANG
<webfox> en_US.UTF-8
<webfox> yeah this is the latest us-base language package.
<sarnold> oh wow, I hadn't expected that.
<webfox> sarnold: yeah, I prefer english.
<sarnold> webfox: it seems most better admins do :) I had assumed pt_BR had leaked through from a client somewhere. sigh. :)
<webfox> :)
<webfox> sarnold: so, am I dead then?
<sarnold> webfox: nah, just some error messages will be extremely annoying
<sarnold> webfox: i'm out of ideas on making them go away -- follow the intructions there to file a bug report, hopefully someone else will know what to do to make those annoyances go away :)
<webfox> sarnold: all right. Thank you for your help!
<sarnold> webfox: have fun :)
<MavKen> any reason to use 64bit OS if on a 2GB ram VPS?
<sarnold> MavKen: more registers, longer registers, better nx support in the page tables, and you can standardize on 64bit isos and tools and so forth
<MavKen> ok
<hawa> can anybody tell me how to find the original mac address of cloned mac???
<MavKen> what is the most lightweight thing to install so that php scripts can send out mail?  I have 12 different domains on a vps and want the scripts to be sent from their domain.  I tried exim4 but all domains were appearing as from "domain2.com via domain1.com"  only the primary domain would appear correctly
<jak2000> hia ll
<jak2000> why when i run this command: sudo a2ensite itsol.mx i get an error: ERROR: Site itsol.mx does not exist!  the file exists: in /etc/apache2/sites-available   itsol.mx  thanks in ubuntu 12.40 worked, but in ubuntu 13.10 not any advice?
<sarnold> jak2000: no idea; can you run strace a2ensite itsol.mx and look through the output to see what it's doing?
<jak2000> sarnold: http://pastebin.com/SidFav4p
<sarnold> jak2000: cool! check out lines 1141 through 1145
<sarnold> jak2000: I think you just need to rename the file to itsol.mx.conf
<jak2000> ok done and work
<sarnold> great :)
<jak2000> but its correct: in sites-enabled i see now a file: itsol.mx.enabled (in color cyan, the letters)
<jak2000> sarnold?
<sarnold> jak2000: yes?
<jak2000> when restart apache i get this error: AH00526: Syntax error on line 30 of /etc/apache2/sites-enabled/000-default.conf: AllowOverride not allowed here
<sarnold> jak2000: hrm, in apache 2.4 the rules may have changes
<sarnold> s/changes/changed/
<jak2000> yes
<jak2000> :(
<sarnold> jak2000: looks like it can only be used in a <directory> block http://httpd.apache.org/docs/current/mod/core.html#allowoverride
<jak2000> comment the line 30 reload the apache and work
<jak2000> continue working
<jak2000> thanks sarnold
<sarnold> jak2000: cool; it would be worth making sure things are still correct..
<jak2000> sarnold mmm bether uninstall 13.10 and install 12.04
<sarnold> jak2000: uhoh, more problems?
<jak2000> yes
<jak2000> and reading reading
<jak2000> the 13.10 is unestable right?
<sarnold> jak2000: it'd be worth doing the reading eventually, because 14.04 will also have apache 2.4
<sarnold> jak2000: but 13.10 will only be supported until july -- 12.04 will be supported for a while, you can make the transition on your own schedule if you use 12.04
<sarnold> 13.10 should be stable, but 12.04 has been deployed a lot longer and has received more testing work
<jak2000> yes
<love> i am using  MRTG in ubuntu server  i have already installed mrtg  but when i try  cfgmaker --global 'WorkDir: /home/http/mrtg' --output /etc/mrtg/mrtg.cfg public@ localhost to test there is an error is there any help please?
<streulma> hi what's the simplest way to do an upgrade? from Ubuntu server in April, do-release-upgrade?
<alaing> hi ppl
<alaing> I want to change a permissions for a folder am I right in thinkink that this is what I need to run from cmd line. sudo chmod 0755 myFolder
<alaing> also is 0755 and 755 the same? I've only ever seen 3 digits
<MavKen> I just installed ubuntu on a new VPS.  I am moving over 12 domains that have been on shared hosting.  What can I install so that each domain can send out mail via their php scripts and it appear as coming from that domain?  I tried yesterday and each virtual site was sending from the primary domain on the vps.  Starting over today.
<kyle__> Trying to fix an old sad 10.10 server.  It keeps hanging after it claims to be done with init, after it's remounted it's drives.
<kyle__> Any ideas?  Even single user mode doesn't seem to work
<RoyK> kyle__: could you reinstall it with 12.04 or something?
<RoyK> that is - do you have its data on a separate partition?
<kyle__> RoyK: A not my server, B There's tons of (what looks to be) very bad custom code on here, and the person who wrote and maintained it has been gone for two years.
<kyle__> Most of the data is in /var, which is on a separate drive now.
<RoyK> vm or physical?
<RoyK> perhaps booting on a memory stick and doing an fsck on the thing would be a start
<kyle__> RoyK: VM.  And I thought the same thing, so I booted from an iso image and fscked both drives.  No issues with either (but it claims to have gone over 2k days without a check).
<RoyK> fsck -f ?
<RoyK> without -f it won't do much if the fs is flagged as ok
<kyle__> Hum.  You know, I didn't do the -f.  Will try again
<shauno> MavKen: you can override php's From: address in your virtualhost configs, see http://serverfault.com/questions/165499/
<MavKen> thanks
<MavKen> I have 12 sites that I am moving from a shared host to my new VPS... should I just create a user for each and then add public_html dir in each /home/user/ ?
<kyle__> That didn't do it.   Is it possible the remount of / is masking /var?
<RoyK> any idea how to install 1204 on non-pae hardware?
<OliPicard> Hi Guys, i am editing the sshconfig, Changed the port number etc on Ubuntu 14.10, Tried to disable the Root Login via SSH and keep getting an error message.
<RoyK> OliPicard: can I borrow your time machine? ;)
<OliPicard> XD Why Roy? Is it on Automatically?
<RoyK> was just thinking about 14.10 );
<RoyK> (;
<OliPicard> ah ops 13.10 my bad
<OliPicard> was thinking about 14.10 as well!
<RoyK> I've disabled root login on most of my boxes
<RoyK> works well
<OliPicard> PermitRootLogin no < thats what ive set it to on my box but when i SSHD into the box it provides an error about a bad config.
<RoyK> PermitRootLogin no <-- that's from my sshd_config
<RoyK> perhaps you have some special characters there?
<OliPicard> http://paste.reynir.dk/8 < thats my config :)
<RoyK> try to type the line in by hand - might be special characters around
<RoyK> also - why do you disable key auth?
<RoyK> and perhaps it wants its ciphers
<OliPicard> thats what it came with when i got the server :)
<OliPicard> Using a Digital Ocean Image :)
<RoyK> ok
<shauno> just a hunch, I think PermitRootLogin goes in sshd_config, not ssh_config?  ( you have the client config, rootlogin is a server option)
<shauno> (per the first two lines of the comments/file)
<OliPicard> shuno: Ah Yes Doh on my side thanks :D
<OliPicard> sorry shauno
<shauno> You really want to listen to RoyK about keys though.  they're 'best practice' for very good reasons
<OliPicard> How do you set the SSHD keys up?
<OliPicard> Yup i agree, i normally wont be using SSH anyway :) i prefer to use a VNC
<RoyK> vnc to a server?!?
<RoyK> OliPicard: ssh-keygen & ssh-copy-id user@host
<bekks> OliPicard: VNX, unencrypted, totally insecure, over the internet?
<bekks> *VNC even
<RoyK> bekks: exactly - insanity
<bekks> You dont need any security precautions then at all - that server will be taken over withing minutes.
<OliPicard> Im double checking with the host
<bekks> You should use ssh, honestly.
<OliPicard> I will once i can get a stable connection thats the problem right now
<OliPicard> i used to use PuTTY but my ADSL connection has been so bad recently.
<OliPicard> Ok doing some research on the system it seems the VNC is on the HyperVisor its self.
<bekks> What? No :)
<bekks> Which hypervisor is that? :)
<OliPicard> KVM
<bekks> You can configure KVM to run VNC on localhost only, and NOT expose it to the internet.
<OliPicard> hmm not herd anything back from the host,
<RoyK> any idea how to install ubuntu on non-pae?
<OliPicard> one more question :D im editing the etc/sysctl.conf i noticed that some of the redefined items such as net.ipv4.tcp_max_sync_backlog=2080 have a gap after the = and some don't just wondering should i include the gap so for example  backlog = 2080
<bekks> OliPicard: The gap doesnt matter, actually.
<OliPicard> Awesome thanks bekks
<kyle__> I got it fixed. It was ureadahead.  It caused everythign to choke up with /var on a separate partition than /.  Ugh.  And no (obvious) clean way of disabling it either.
<ancaster> hi. I manage the workstations and NFS server of a small university lab. Having /home shared is great because people can move around, but the desktops freeze if the NFS server goes down.
<kyle__> ancaster: That's kindof expected if the NFS server goes down.  With their files & drive disappearing and all.
<kyle__> ancaster: Generally, you try and keep servers that are in use from going down....
<ancaster> kyle__: Yeah... :-) I get that bit. Is there any way of making a fallback NFS server?
<ancaster> or another solution that doesn't use NFS at all?
<kyle__> Humm.  I've never seen a way of doing a failback NFS server, but that's not to say it's impossible....
<ancaster> hmm, okay.
<kyle__> Are you thinking of something like how windows does portable homes, so it syncs the users files on login locally, then syncs them back to the server on logout?  That I haven't seen, but I suppose it's quite possible.
<ancaster> It's just not fun for anyone when the entire lab has to stop working whilst I sort out some problem.
<ancaster> Yeah, something like that could work. I was thinking of doing some rsync on logging in and out...
<ancaster> Or perhaps using gluster... but my experience with it hasn't be positive.
<kyle__> gluster is great in a few use cases, but outside of those, even when it __should__ work, it's painful or broken.
<ancaster> Heh. Good to know.
<ancaster> alrighty, so I'm not missing some bit of technology that everyone else knows about. :-)
<kyle__> I know you can use libpam-mount to mount a user's directory at the time they login... I wonder if it's possible to use that, or some other part of pam, to sync their directory...
<kyle__> Nope :)
<soren> You can have a backup nfs server that just takes over the IP of the broken one.
<soren> There's nothing identifying the server other than its IP.
<ancaster> Is it common to have the entire user's home directory mounted? We find there is constant traffic from gnome (just moving a window around even).
<soren> It's usually the whole home dir, yes.
<ancaster> soren: interesting. is there software you recommend that does this (IP failover)?
<soren> ancaster: Well, the plan only really works if you have the data synchronized between the two servers. Do you?
<soren> Otherwise, I imagine things will get.. interesting.
<shauno> you should be able to knock something together with drbd (keep two nfs servers in sync) and heartbeat (for failover)?
<ancaster> soren: :-) true. well, I don't have anything in place to do this at the moment.
<soren> ancaster: Do that first. :)
<ancaster> soren: shauno. :-) okay.
<kyle__> It looks like you can use the pam_script module to run login and logout hooks per user.  May be able to play with that.
<ancaster> kyle__: oh cool. thanks. something about this idea seems less complicated maybe.
<ancaster> thanks all.  I have some ideas to play with now.
<OliPicard> HI Guys, does anyone here have experince compiling sqlite for ubnutu?
<OliPicard> on node.js
<alaing> try #Node.js
<psyferre> Hey folks, I made a git noob error and overwrote a working copy.  I've tried rebooting into a livecd and running extundelete (ext4 on an lvm), but no dice with --restore-all --after [date].  I tried debugfs -w and lsdel says there are no deleted Inodes in that directory.  Am I SOL?  Is there something I haven't tried or am missing?
<xnox> psyferre: you need old commit from git?
<psyferre> xnox: nope - wasn't that smart.  I didn't have my working copy committed.
<xnox> psyferre: did you atleast $ git add ? files you wanted?
<psyferre> I was trying to resolve a merge problem and reset back to HEAD, forgetting that I had uncommitted changes on one file that I really wanted to keep.
<psyferre> I'm rather new to git (always used subversion) and just forgot about the uncommitted file.
<psyferre> So it was overwritten by what was in the repo and I lost a large amount of work.  Any other way I'm missing to get at the old contents?
<kyle__> psyferre: Git doesn't do magic.  It downloads and writes files, and it uploads files.  It doesn't hide your old files someplace else.  There may be some sort of undelete utility that could work, but that's a stretch.
<psyferre> kyle__: right - the undelete utilty is what I'm looking for.  After doing some research I used sysrq to do an emergency sync, then umount/remount read-only.  After some more research, I booted to a live CD and used extundelete, which only managed to undelete .git in that directory.  I also tried running debugfs, but lsdel says there are no deleted inodes in that directory.
<psyferre> I'm casting about for anything that I could try that I don't yet know about.
<kyle__> psyferre: This one may help, again it's a stretch. http://www.cgsecurity.org/wiki/PhotoRec
<kyle__> There's one more I'm wracking my brain for, I'll let you know when I remember it's name.
<psyferre> kyle__: Awesome, thanks!  I'll give it a try.
<kyle__> Hu... There is also an extundelete, and it's even in the ubuntu repos...
<kyle__> Haven't tried that one.
<psyferre> Yup, tried extundelete first - no dice, unless I've used it incorrectly
<kyle__> You probably didn't :/  Most of these are designed for the situation where you accidently delete or format a file you need.  Not the situation where you wrote over it.  If it's made as a new file, there's a chance the file overwritten will still exist, but it's not a terribly great chance.
<psyferre> Yeah... I figure it's a longshot.  If I got lucky it'd save me several days worth of work, though.  =-/
<kyle__> Ouch.  Sorry man.  If you have a separate machine with a buch of space on it, there are things you can do to prevent this sort of problem in the future.  HOldon, finding article...
<kyle__>  Not the exact one I was thinking of, but this may help for the future.  http://blog.interlinked.org/tutorials/rsync_time_machine.html
<kyle__> This is the one I was thinking of.  It does essentially the same thing, but explains every working part in detail, so it's worth a read even if you don't want to do it.  http://www.mikerubel.org/computers/rsync_snapshots/
<psyferre> Thanks, kyle__.  Most of my other servers have amanda backing up everything important every night.  This was a new machine for a project that hasn't gotten to staging yet, so I hadn't set that up yet.  Live and learn, I suppose.
<kyle__> psyferre: That second link is what I've done when I had several, shall we say, bad users, who would accidently delete things when they were panicked.
<kyle__> I had it take hourly snapshots which it kept for 7 days, Saturday through Thursday.  And on Friday, since it was the day they screwed up the most, I had it do them every 15 minutes.
<psyferre> lol
<psyferre> That's fantastic.
<kyle__> Big samba server, used by everyone in the company.  Saved their hides more times than I can count, and saved me a ton of trouble.
<kyle__> night
<matt2000> Hi! Various utils on my Ubuntu 12.04 server cant fetch things via HTTPS. `npm` and  `docker pull` are examples. curl works fine, and HTTP urls work fine. Any ideas?
<wam> matt2000: http://i.imgur.com/3ezM6.jpg
<wam> more like http://codeworkx.de/wordpress/wp-content/uploads/2011/12/jacoj.jpg
<wam> sry
<wam> google images fuzzed me
#ubuntu-server 2014-03-02
<basil> Hi I've just installed 12.04 Server - and, now the Internet won't work from the Server. Web server seems to be working OK, but I can't use Firefox from my server - it produces an unable to connect error. Any chance of some help please?
<Lord_Set> Anyone know if there is a fix for the Samba memory leak in trusty yet?
<RoyK> basil: figured it out?
<basil> Hi looked for solution on Google...but no!
<RoyK> using dhcp?
<basil> I have a fixed IP...
<basil> I told my router that, but not sure I told Ubuntu
<RoyK> pastebin  /etc/network/interfaces, ifconfig and ip addr list
<basil> mmm. how do I get that into pastebin without internet...just transcribe to this computer?
<RoyK> is it a vm?
<basil> no...
<basil> I have screens on both...bit of a linux noob..but you knew that
<RoyK> it's a wee bit late here
<RoyK> so nite
<basil> thanks anyway
<thedeeno> I'm installing linux-generic-lts-saucy on my 12.04 box
<thedeeno> i'm trying to do this via a script, but I'm getting prompted about modifying grub's menu.lst
<thedeeno> how do I disable this?
<thedeeno> Getting prompted because my menu.lst has been locally modified (by rackspace)
<Nothing_Much> Hi I have an Ubuntu 12.04 server and would like to know how to actually get the VPS's server up and running with the latest kernel in 12.04. I recently just upgraded from 10.04 and would want to use a more recent kernel.
<thedeeno> apt-cache search linux-generic-lts
<thedeeno> Nothing_Much: is a list of kernel backports
<thedeeno> you can install one of those packages
<Nothing_Much> Thanks
<Nothing_Much> I'll reboot and let you know whether it works or not
<Nothing_Much> thedeeno: It says it's still using 2.6.32
<Nothing_Much> Also this is a VPS and I don't think installing grub would be good..
<thedeeno> well, i'm doing the same thing on rackspace atm fwiw. It appears to be working for me, though I have to manually adjust the menu.lst
<thedeeno> 12.04 -> saucy
<Nothing_Much> Where would the menu.lst be?
<thedeeno> mine's in /boot/grub/menu.lst
<Nothing_Much> doesn't look like there's a menu.lst
<Nothing_Much> and if I run update-grub2 it gives me a warning
<Nothing_Much> hang on a sec
<Nothing_Much> /usr/sbin/grub-probe: error: cannot find a device for / (is /dev mounted?)
<thedeeno> I can't help much more, learning myself. It seems like your host acts quite different than mine
<Nothing_Much> oh darn
<Nothing_Much> well anybody else have any tips?
<jak2000> wich package recommend me install ofr send email? wich MTA? a easy to configure, thanks
<Patrickdk> is that all you want?
<Patrickdk> use a nullmailer
<Nothing_Much> /usr/sbin/grub-probe: error: cannot find a device for / (is /dev mounted?) Anybody know a fix to this?
<Nothing_Much> Ubuntu 12.04 with the 2.32 kernel
<jak2000> Patrickdk wich is the diference into null mailer and sendmail?
<Patrickdk> that depends on your definition of sendmail
<jak2000> sendmail is a mtaright?
<jak2000> mta right?
<Patrickdk> as I said, that depends on *what* you mean by sendmail
<Patrickdk> sendmail is an mta, sendmail is also an msa
<Patrickdk> but what one you want, I dunno
<Nothing_Much> /usr/sbin/grub-probe: error: cannot find a device for / (is /dev mounted?) Anybody know a fix to this?
<basil> Hi
<basil> my new Ubuntu 12.04 Server no longer connects to the internet. I've put some info in a pastebin...http://pastebin.com/8d6egUY2
<basil> Any chance of some advice please?
<karra> bluetooth ftp problem is solved in trusty ?
<cfhowlett> !trustykarra,
<cfhowlett> !trusty
<ubottu> Ubuntu 14.04 (Trusty Tahr) will be the 20th release of Ubuntu.  See the announcement at http://www.markshuttleworth.com/archives/1295 for more info. support in #ubuntu+1
<cfhowlett> karra, best to ask in the #ubuntu+1 channel
<sheptard> ubuntu +1?
<cfhowlett> #ubuntu+1
<sheptard> wtf is ubuntu+1
<cfhowlett> !language|sheptard,
<ubottu> sheptard,: Please watch your language and topic to help keep this channel family-friendly, polite, and professional.
<sheptard> hahahahahahahahah
<sheptard> chicken fajitas.
<cfhowlett> sheptard, if you have an ubuntu support question, please ask it.  otherwise, please use #ubuntu-offtopic
<sheptard> cfhowlett: cry more
<sheptard> I was just wondering the purpose of the #ubuntu+1 channel
<cfhowlett> sheptard, 1.  fingers on keyboard 2. type /join #ubuntu+1 3. see for yourself
<karra> thank u :)
<Hianhif> Hi, my new Ubuntu 13.04 VPS have some language problems. The problem appeared when ever i try too install a new package with apt-get. when i try "locale" it say's cannot set  LC_CTYPE, LC_MESSAGES LC_ALL, No such file or directory. respectively. Also, auto-complete does not work. Suggestions? :)
<bekks> Hianhif: 13.04 is EOL.
<bekks> !eolupgrade | Hianhif
<ubottu> Hianhif: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<cheval> Hey guys i have a question about ubuntu server installation. Anyone there?
<Hianhif> bekks, ty
<Hianhif> cheval, In my experience. Just ask your question with as complete information as you can. And then wait between 5 mins too 12 hours. :)
<cheval> Hianhif: Thanks for tip
<cheval> Goal: Create an Ubuntu Server with "Guided - use entire disk and set up encrypted LVM". Problem: It fails on Grub installation on sda or boot section. Remark 1: I done this before with Crunchbang and it worked. Remark 2: I dont have knowlendge on manual install. I can learn, but i am asking: Why the Guided install fails? I mean isn't supposed to be reliable? Remark 3: I tried on both Ubuntu 12.04 and 13.10 Server x86. Thanks you!
<huttan> -exit
<jak2000> Patrickdk hi friend are you there?
<jak2000> how to check if a port is opened (or blocked) ? i am interested in port 2121
<raj_> I wasn't getting any logs written to log files under /var/log on my fresh 12.04 install & figured out that rsyslog was not installed .. after install.. logs are getting written.. does this mean that I need to manually install rsyslog inorder to get the logs written ??
<RoyK> raj_: rsyslog has always been installed by default on my installs
<raj_> RoyK: dont know why it was not there on 12.04 server that I got from my host.. i did manually install it via apt-get .. would that be fine ? previously i wasn't getting any logs nor anything asked me to configure that..
<raj_> " kernel: Cannot read proc file system: 1 - Operation not permitted. " getting these messages repeated, unstoppingly million times every minute in my syslog, anyone has any idea please ???
<Patrickdk> sounds like your not running your own system, but using some vps thing
<raj_> Patrickdk: yes that is a openvz vps
<raj_> Patrickdk: is that something to do with my openvz vps ??
<Patrickdk> likely
<raj_> Patrickdk: but I can access anything inside of /proc though .. then what ?
<thumper> stgraber, hallyn: how do I pass new userdata to lxc-clone now?
<Patrickdk> it's a shared kernel, it might be an error message from another system
<Patrickdk> don't really know how these openvz's work
<Patrickdk> likely why they purposely didn't isntall rsyslog
<raj_> yeah exactly rsyslog was also not installed for me..
<raj_> Patrickdk:  "shared kernel" so that would mean that not all logs in kern.log are related to my VPS ?? but infact I noticied that it was consuming enourmous CPU due to this .. so it must be from mine I guess..
<thumper> stgraber, hallyn: nm, found smoser's blog post
<m1sf1t> hi, i have a problem. I recently installed ubuntu server (the latest LTS, I think it's 12.04). I also have the LXDE environment installed for browsing. Firefox, ping and nslookup were working fine. Now they don't. What's strange is that apache2, samba, and SSH are all still up. Any thoughts?
#ubuntu-server 2015-02-23
<baako> hi guys why am i getting http://kopy.io/OTo8V when i try to install sudo apt-get install nginx
<spm_draget> In my log I gett apparmor messing with cups: kernel: [476909.591863] type=1400 audit(1424677626.641:8866): apparmor="DENIED" operation="connect" profile="/usr/sbin/cupsd" name="/run/s pid=30683 comm="cupsd" requested_mask="w" denied_mask="w" fsuid=0 ouid=0
<spm_draget> Can anyone help me fixing this?
<lordievader> Good morning.
<jamespage> coreycb, promoting the juno updates to the proposed PPA - I think they are all ready right?
<coreycb> jamespage, they're all set to upload
<coreycb> jamespage, I'll get it if you haen't
<jamespage> zul, coreycb: hey eventlet just release 0.17
<jamespage> including ipv6 support - we might want to ffe that
<jamespage> its pretty important IMHO
<zul> jamespage: good idea
<coreycb> zul, you're all over that right? :)
<zul> coreycb:  sure
<coreycb> zul, thanks
<zul> jamespage/coreycb: FFE filed, packaged and built
<jamespage> bug ref?
<jamespage> can we link it to the blueprint please
<zul> https://bugs.launchpad.net/ubuntu/+source/python-eventlet/+bug/1424639
<danwest>  /join #ubuntu-devel
<zul> jamespage:  done
<zul> heh
<sneezewort> Is there a way to see the changes that are made to my system in regards to networking when I run "apt-get install linux-generic-lts-trusty linux-image-generic-lts-trusty"?
<bekks> sneezewort: That will install a new kernel.
<sneezewort> Right. But can I see the changes in the kernel in regards to networking?
<teward> sneezewort: you might want to look at the changelogs for the packages those install
<bekks> sneezewort: You'd have to investigate the kernel changelog then. But whats the actual issue behind your questions?
<rberg_> sneezewort: for the high level you could look at kernel newbies changelog digest, for the details look at the changelogs on kernel.org..
<sneezewort> I posted in here last week. I am on a University campus. Using VMWare ESXi when I install Ubuntu 12.04 I can download large files no problem. When upgrade with the above command and change nothing else, large files stall and become very slow.
<sneezewort> On campus network is still fast.
<sneezewort> I am trying to figure out what is happening so I can ask campus networks to help.
<pmatulis> sneezewort: what command?
<sneezewort> "apt-get install linux-generic-lts-trusty linux-image-generic-lts-trusty"
<sneezewort> Or do-release-upgrade. basically anything greater than the initial install of 12.04.
<pmatulis> sneezewort: what mirror are you using?
<sneezewort> http://us.archive.ubuntu.com/ubuntu/
<pmatulis> sneezewort: see if esx can emulate a different network adapter
<sneezewort> It can I have tried all 3. No dice. I have tried several different versions of VMWare tools. Thats what make this so hard to track down. It is a combination of VMWare Ubuntu and my campus network that is the problem. I am just trying to get a grasp on what is happening.
<pmatulis> sneezewort: try using iperf to see if it's systematic or not.  also: http://goo.gl/qadgoJ
<smoser> arges, http://paste.ubuntu.com/10374983/
<smoser> is that related to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1329434
<smoser> $ uname -r
<smoser> 3.13.0-43-generic
<smoser> ie, see it in a guest running that kernel, but no way o fkonwing what the host is running.
<smoser> this is on digital ocean
<smoser> does the host have to possibly update their kernel ?
<smoser> smb, so above.. woudlthe host kernel have to have been updated also ?
<smb> smoser, I remember it only vaguely but if its the same issue then it might require an update on the host (if that is 3.13 based)
<smoser> cool. thanks.
<sneezewort> Just FYI gang, I tried the newest Debain using 3.2.0-4-amd64 kernel and the problem does not occur.
<pmatulis> sneezewort: would be good to know if issue was observed with Ubuntu 14.04
<sneezewort> pmatulis, yep fresh install of 14.04, same behavior.
<pmatulis> sneezewort: does vmware web site show 12.04 and 14.04 as supported for your version of esx?
<sarnold> sneezewort: is your campus doing any goofy transparent proxy things to your network traffic?
<pmatulis> http://www.vmware.com/resources/compatibility/search.php?action=base&deviceCategory=software <= sneezewort
<sarnold> (Ubuntu is pages 5-... under "Canonical", heh)
<sneezewort> sarnold, probably. I only have control of the network in our server room. Outside of that I have no idea.
<sneezewort> pmatulis, It looks like 14.04 is not supported, but 12.04 is.
<anubhav> Hi, I had some question regarding deployment and if ubuntuserver + openstack fits my needs, is someone familiar with all this?
<sarnold> anubhav: welcome; irc tends to work best if you can ask specific questions..
<SchrodingersScat> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<anubhav> okay thanks... here is my question.... I have a few systems(4-5) in my institute and that have 16cpu and 32gb ram each, we are planning to organize the architecture to be used as a super computer and i am looking into the open source solutions. Rocs cluster is one option but i think ubuntu cloud would be better. So how does it work. Will using IaaS allow better queuing technique? By this i mean that in rocks cluster, you submit a job and it schedu
<anubhav> les it to one of the compute node. Instead can the cloud check on the fly how many resources are available and use them effectively?
<anubhav> So will it essentially become a single system with (4*16) cores and 4*32 gb ram?
<anubhav> Also i guess adding new nodes will be easier in such a system
<sarnold> anubhav: you'll have to figure out how you really want to use your cluster; if you want to use it like AWS, where it's cheap and easy to make virtual machines for individual users, then openstack is a fine approach
<sarnold> anubhav: if you want to run large, involved simulations that require the combined resources of all the machines to complete, that requires a different kind of option, something more like beowulf or gridengine or torque or similar..
<anubhav> sarnold, mostly it is going to be used for academic purpose only, running simulations etc. So will it incur a performance hit if I use openstack
<sarnold> anubhav: openstack involves virtualization, which tends to introduce some overhead; how much overhead depends upon workload, etc., you'd have to measure it to see if you care..
<anubhav> okay, the reason i am considering this is because if i have it virtualized, then I can allocate a smaller instance as well to someone who needs only decent power. There can be one large instance reserved for simulations and other tasks to be run
<anubhav> is the performance difference between a beowulf cluster and a virtualized cluster with same specs significant, assuming that at a given moment only a few users are online and submitting jobs
<sarnold> anubhav: you'd probably be writing custom code to use the features of a beowulf cluster; is your team writing MPI-based calculations? that might help..
<anubhav> sarnold, not my team. but there is another and they are using libraries that i am pretty sure have good mpi implementation
<anubhav> sarnold, I am involved in managing the cluster and figuring out which might be the best path
<sarnold> anubhav: then you might want something more like beowulf rather than openstack. of course, if you've got mixed loads, openstack might still be useful, you could probably build a beowulf out of virtualized systems... but .. I'm scared to suggest it. :)
<anubhav> sarnold, I understand. I was also sceptical is virtualizing would be a good thing
<sarnold> anubhav :)
<anubhav> sarnold, thanks for the suggestions. I will look deeper into beowulf
<sarnold> anubhav: have fun :)
<nch> hello can someone help me with, grub, mdadm (raid 5 with 8x2tb) and a boot error: "device with uuid not found"?
<Prezident> did you try boot grub without uid ?
<nch> how can I do that?
<Prezident> In your grub file
<Prezident> GRUB_DISABLE_LINUX_UUID=true
<Prezident> Have you installed/loaded kernel to /boot?
<Prezident> This is three errors i see, this is for the boot error.
<nch> yep all worked well put I reconneted some harddrives to other sata ports and then I got this error
<nch> you sure that I can disable the uuids, because all drives in the grub config file are defined by uuids
<Prezident> Aha, so this happend after you installed some drives?
<nch> no the drives are all the same as before I only changed some cables and I think I reconnected some drives to other sata ports
<Prezident> Aha, bios can see them all?
<nch> I read that the uuids wont affect the raid because the raid information is stored directly on the drives, am I right?
<nch> yes all drives are available in bios
<nch> http://sourceforge.net/projects/boot-repair-cd/
<nch> is this compatible with raid and gpt?
<nch> well boot repair tells me to create a partition with the bios_grub flag, but one of my drives have it -.-
#ubuntu-server 2015-02-24
<axisys> is there a way to test install/upgrade a pkg in a way to revert should there an issue? I guess installing in a VM would work somewhat.. but would not be exact work load as production system... I guess ubuntu snappy or solaris 11 bootadm offer complere OS snapshot.. but is there something like that for ubuntu server people do?
<rbasak> axisys: a fundamental issue with that is that an upgrade might change stored state (eg. a database) in a way that a downgrade wouldn't take it exactly back.
<rbasak> Since you're generally expected to handle your own persistent state, it's not really possible for package management to make it work automatically. Not even Snappy, since your stored state would not roll back.
<rbasak> So disk or btrfs snapshots are really the only way to do it. A VM can help with that but isn't necessary (eg. LVM).
<rbasak> But I don't think anyone really does that for testing. Instead relying on backups.
<rbasak> Or reverting manually.
<rbasak> Or testing a parallel system with a duplicate dataset or something.
<axisys> rbasak: wonder what PCI team expecting from us
<rbasak> No idea.
<axisys> rbasak: asking how you make sure to revert if application breaks something.. do we have a test environment.. no likey pci
<rbasak> Presumably you want a rollback plan anyway, PCI or not.
<axisys> well, what would be a rollback plan, besides fixing it.. we have multiple systems.. so usually dont care much..
<rbasak> Database backup + transaction log?
<axisys> so we usually apply upgrade on few and then apply to rest
<rbasak> Separate database from everything else so you can roll one back without messing with the other.
<rbasak> Automated tests on dedicated test system.
<rbasak> (running from a DB clone)
<rbasak> For the database, transaction logs so you can replay
<axisys> rbasak: yes, database being backed up
<axisys> and have replication setup too
<axisys> but most of our systems (ubuntu) do not have any database presence
<axisys> present*
<rbasak> Then make their deployments scripted.
<rbasak> Easy to roll back then. Do it at entire machine level.
<axisys> rbasak: we use puppet, but doing it with puppet will be lot of work
<axisys> rbasak: we do build VMs with foreman/puppet.. but these physical boxes are not built that way
<axisys> rbasak: so build a deployment script from scratch would be fun, unless there is tool that can do that
<elmargol> Hi is there a decent webinterface to manage kvm on ubuntu? Something similar to http://virt-manager.org/
<henkjan> elmargol: https://www.webvirtmgr.net/ ?
<elmargol> henkjan, are you using this?
<henkjan> elmargol: no, just did the googling bit for you :)
<elmargol> well it looks fishy
<lordievader> Good morning.
<jamespage> zul, coreycb: compute needs a blkid filter ...
<jamespage> can't boot no instances....
 * jamespage sighs
<zul> jamespage:  we should go through all of them to make sure they are kosher
<jamespage> zul, its in the baremetal filters
<jamespage> but not compute
<zul> jamespage:  lovely...ill propose something
<jamespage> to late - https://bugs.launchpad.net/nova/+bug/1424054
<jamespage> arges is already on it
<zul> doh
<coreycb> thanks arges
<jamespage> coreycb, zul: picked and uploaded to vivid
<jamespage> blocking my zeromq testing - hrump
<coreycb> ok thanks jamespage
<zul> jamespage:  coolio
<ppetraki> strikov, sup
<YamakasY> hi guys! I have a startstop script which calls another bash script. The issue is that the called bash is running on a different PID as there is written by my startstop script... how can I match them ?
<bekks> YamakasY: You cannot have two processes with the same PID.
<YamakasY> bekks: not the same PID, I need to update my created one by my start-stop with the running one
<YamakasY> so my pidfile differs from the running one
<YamakasY> the running proces is 2 higher
<lordievader> YamakasY: Embed your script in the upstart script?
<YamakasY> lordievader: so place my second .sh in my start-stop ?
<lordievader> YamakasY: The code, yes.
<YamakasY> lordievader: okay, I thought it was dirty again :D
<lordievader> YamakasY: Trying to get the same PID is even more strange, let alone impossible.
<YamakasY> lordievader: yes I thought so
<YamakasY> lordievader: but where can I do a en export for JVM in my start-stop ?
<lordievader> What do you mean?
<lordievader> Why do you need them to have the same PID anyways?
<YamakasY> I need to run some export JVM_OPTS="..."
<YamakasY> no not the same pid, just one
<lordievader> Two processes with one pid == same pid...
<rberg_> cant you do a "echo $$" to print the pid of the script?
<lordievader> JVM sounds like Java, I don't know Java.
<YamakasY> rberg_: how do you mean ?
<YamakasY> rberg_: and place it inthe pid file ?
<YamakasY> or start the process with that pid?
<YamakasY> I have only one pid but the running process has 2 digits higher than in my pidfile
<rberg_> yeah maybe you can write the second scripts pid to a pidfile
<lordievader> I have no idea what you are trying to achieve, but it sounds very nasty.
<rberg_> but it sounds like you should convert the script into a upstart job
<rberg_> and not do a fork and exit type thing
<lordievader> That would be better, indeed.
<YamakasY> no, I call from my upstart script an shell script that first exports my Java opts and than runs my default sh script.
<YamakasY> so the upstart p ID is lower than the running proces
<YamakasY> so I cannot kill it
<rberg_> so you need the 'stop' command to work?
<YamakasY> yes
<YamakasY> but I actually would like to have the pid ID in my pid file matched to the running process
<YamakasY> that would be nicer
<rberg_> since you cant change the PID of a process you will need to overwrite the pid file I would think
<YamakasY> rberg_: yap
<rberg_> do you know where the pid file is?
<YamakasY> but can I ?
<YamakasY> yes
<rberg_> yes
<YamakasY>  /var/run
<lordievader> Doesn't make it nicer.
<rberg_> in the second script try adding "echo ?? >/var/run/pidfile"
<rberg_> replace pidfile with the real name of the file
<YamakasY> in my second bash I actually do a exec....
<YamakasY> ok
<YamakasY> and ?? would be the pid ID ?
<rberg_> yes
<YamakasY> but the bash will handle that ?
<rberg_> yes
<YamakasY> ok
<YamakasY> testing
<YamakasY> in front of after my exec ?
<rberg_> wait are you trying to get the pid of the second shell script of the java it calls at the end?
<rberg_> sorry .. or the java process
<rberg_> if you need the pid of the java process it might be as easy as "pidof java >/var/run/pidfile" after the exec
<YamakasY> ok
<YamakasY> the reason why is because I need to set options otherwise in my start/stop script... I don't like that
<rberg_> the usual Debian/Ubuntu way is to source a /etc/defaults/ file
<YamakasY> rberg_: mhh nope, pid doesn't get updated
<YamakasY> mhh always 2 higher
<YamakasY> rberg_: kinda odd :S
<YamakasY> I see, it happens because of the second sh
<RoyK> rberg_: $! is the pid of last process
<rberg_> yeah I didnt think we wanted the pid of the last process I though we wanted the pid of the script called by the init script.
<RoyK> rberg_: yes, that's the same thing. inside the init script, check $!, something like echo $! > /var/run/mypidfile
<masarsakr> Hi Charmers, I have a subordinate charm that connects to a principal charm (and ofcourse its master). I was wondering if there is any way to make it so that when the subordinate charm baeaks the regular relation, it can then call the broken hook of the master charm. I tried using hooks.execute(<relationbrokenname>) to no avail
<masarsakr> Any help would be appreciated thanks
<jamespage> smb, another one for you - this time with 3.16 - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1425288
#ubuntu-server 2015-02-25
<lordievader> Good morning.
<Prezident> Morning
<haithar> Hi all! I'm a ~beginner sysadmin and currently working on moving 10+ reverse proxies (on old Fedura, CentOS etc.) to Ubuntu LTS. I've installed Ubuntu 14.04.1 LTS and its Squid (3.3.8) has a serious bug ( http://bugs.squid-cache.org/show_bug.cgi?id=3806 ) that basically means Squid won't cache much in real life. (It doesn't cache any item with a Va
<haithar> ry HTTP header - and that's often used on HTML, CSS and JS files.) What do you think I should/could do? Use Ubuntu 12 LTS? Or maybe that non-security patch could be included in 14 LTS? (Well it is indeed hardening existing functionality.)
<jpds> haithar: That bug is fixed on 3.3 ?
<haithar> jpds: will check now
<jpds> haithar: At least, that's what hte bug report says.
<jpds> haithar: My squid proxies are caching things just fine.
<haithar> jpds: yeah, http://bugs.squid-cache.org/show_bug.cgi?id=3806#c11 says it's in 3.3
<jpds> haithar: OK, are you saying that there's a regression?
<haithar> jpds: as far as I understand the problem, yes, eg. if you upgrade 12 LTS to 14 LTS and Squid is upgraded, most objects* won't be cached anymore. (*: For a generic website serving images and HTML-JS-CSS files.)
<jpds> haithar: Have you reported a bug about about this regression?
<haithar> jpds: it caches images, favicon.ico, ZIP etc. just fine, only MISSes files with a Vary header.
<haithar> jpds: no. I'm all new to Ubuntu server support. I don't even know where to report it. I wasn't even aware of the fact that this is indeed a regression :)
<jpds> haithar: Well, what I'm saying is: that bug was reported against squid 3.2, and the squid guys say that it's fixed in 3.3.
<jpds> haithar: So you shouldn't be seeing the issue on 3.8 in Ubuntu.
<haithar> it's 3.3.8
<jpds> Sorry, same thing.
<Odd_Bloke> jpds: It was applied to the 3.3 branch, not released in 3.3.
<Odd_Bloke> Looking at dates on http://www.squid-cache.org/Versions/v3/3.3/, it was probably released in 3.3.12.
<jpds> Hmm.
<haithar> got that, indeed it was fixed in 3.3.12
<jpds> I see.
<lordievader> !info squid3 utopic
<ubottu> squid3 (source: squid3): Full featured Web Proxy cache (HTTP proxy). In component main, is optional. Version 3.3.8-1ubuntu8.1 (utopic), package size 1797 kB, installed size 6408 kB
<Odd_Bloke> This looks like https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1336742
<lordievader> !info squid3 vivid
<ubottu> squid3 (source: squid3): Full featured Web Proxy cache (HTTP proxy). In component main, is optional. Version 3.3.8-1ubuntu9 (vivid), package size 1810 kB, installed size 6419 kB
<Odd_Bloke> s/looks like/is/
<jpds> haithar: Best to file a bug at: https://bugs.launchpad.net/ubuntu/+source/squid3/
<Odd_Bloke> jpds: haithar: It's already filed as bug 1336742.
<haithar> Odd_Bloke: yep, that's that
<haithar> I belive I downloaded and installed all patches after installing Ubuntu 14.04.1 LTS; should I have this fix already?
<Odd_Bloke> haithar: It hasn't been fixed in Ubuntu.
<haithar> Ah I see. I looked up the status triaged, so I guess 14 LTS will eventually get this patch - great stuff! Knowing the ins and outs of the Ubuntu Server fixes-patches workflow, do you think you can guess when/if this gets shipped?
<Odd_Bloke> haithar: So, generally, the fix lands in the development release and is backported.
<Odd_Bloke> But vivid is feature frozen at the moment, so someone would need to get a feature freeze exception before that could happen.
<haithar> oh sugar now I see it enters beta freeze just tomorrow
<haithar> We're doing core app server upgrades (from 10 LTS) that looks a lengthy process, and have to install good proxies before we touch the core. Even if this fix made it into vivid, when do you think would it realistically available as a patch autoinstalled?
<haithar> (Weeks? Months? I'm not even sure about the order of magnitude :) )
<Odd_Bloke> haithar: It's difficult to know; it depends on someone deciding that they care about it enough to do it. :p
<haithar> Is there a way to sponsor merges?
<Odd_Bloke> haithar: Not 100% sure what you're asking. :)
<haithar> To offer some cash or reward if someone would be so kind to push this through vivid and trusty. (Do the merges, raise the exception etc. For the person or for the Ubuntu project, or to a charity etc.)
<haithar> I'd do it myself but I'm not a C programmer and I know nothing about the Ubuntu bugfixing/merging/release mechanism.
<nobody44> we use Ubuntu LTS 14.04 on our servers + tomcat 7 and java 7. What happens to the openjdk package when oracle stop supporting Java 7? Or does this only concern the Oracle JDK / JRE 7 package users?
<Odd_Bloke> haithar: Not really that I know of; I've pinged the people looking at that bug, and they aren't likely to get to it.
<Odd_Bloke> haithar: (I also had a quick look myself, and I'm out of my depth)
<haithar> Odd_Bloke: so is my understanding right that if I need to set proxies up in about 2-4 weeks, maybe I shouldn't wait for this fix to appear in trusty?
<haithar> What'd you recommend, going for 12 LTS or installing the latest stable Squid on 14 LTS and manually monitor+upgrade it every time? Or is there another way?
<rbasak> haithar: thank you for bringing this up. I've only just caught up with this discussion. It'd be improper for me to take your money, since I'm already paid by Canonical. But it's fine if you can find an independent Ubuntu developer to pay to prioritise this for you, or you can pay Canonical for support to fix this for you. They'll be able to tell you if 2-4 weeks is realistic.
<rbasak> Alternatively this sounds like something that someone will get round to fixing eventually, but 2-4 weeks seems unrealistic to me.
<rbasak> I might get to it in 2-4 weeks, but I get pulled away in all sorts of directions all the time.
<rbasak> You could try and submit a fix yourself for sponsorship (not money - just review and upload to Ubuntu), but I guess you've ruled that out because of your skillset?
<haithar> Yes, I wouldn't dare to touch C code after not coding in that for 10+ years, and I'm sure I can't code a proper regression test within a reasonable time.
<haithar> rbasak: Do you know a ballpark number for the Canonical support needed to push this right down to trusty? (Again, I'm not even sure about the order of magnitude, whether it's in the 100+ EUR or in the 1000+ EUR range.)
<haithar> rbasak: and thanks for looking into this!
<rbasak> haithar: I'm not really sure, sorry - it's a different department here. I think you might need an Ubuntu Advantage contract - details are on the website. Maybe someone like pmatulis knows more? ^^
<rbasak> (or to whom to pass this to?)
<nobody44> I just saw an update for OpenJDK 6... oracle dropped support a long time ago. Is canonical supporting this OpenJDK 6 (and in the future 7) package?
<nobody44> I just don't understand how those LTS releases "work"... who fixes the security issues in those OpenJDK releases?
<rbasak> nobody44: depends on whether it is in main or universe on the release you're using. If in main, Canonical commits to supporting it. If the vendor drops support they'll still do what they can.
<rbasak> Looks like OpenJDK 6 was in main until 12.04 LTS. Since 14.04 LTS it's OpenJDK 7 that's in main.
<rbasak> However, it looks like OpenJDK 6 in universe in 14.04 has had a security update. These still happen in universe if somebody in the community puts the correctly backported fix forward.
<nobody44> rbasak: so Canonical "guarantees" support for OpenJDK 7 in Ubuntu 14.04 LTS
<nobody44> rbanffy: even if Oracle drops support for Oracle JDK 7...
<rbanffy> rbasak, we need to talk about these namespace collisions...
<RoyK> :P
<rbasak> Both "guarantee" and "support" are weasel words that have no strict meaning in English, but essentially yes - they'll continue backporting fixes as possible even if upstream drops support. But if nobody knows of a vulnerability then it won't get fixed, just the same as any other package.
<Odd_Bloke> from canonical.maas import rbanffy
<rbasak> rbanffy: :-/
<rbasak> (vendor support or no)
<nobody44> rbasak: ok, thank you for your help
<haithar> If supporting this Squid fix doesn't work out, what'd you recommend, going for 12 LTS or installing the latest stable Squid on 14 LTS and manually monitor+upgrade it every time? Or is there another way?
<pmatulis> haithar: how many servers are you talking about?
<haithar> 10+
<pmatulis> haithar: i would just install 12.04 LTS
<rbasak> pmatulis: can haithar buy UA and have Canonical sort this out for him? I wasn't really sure.
<rbasak> (he was asking about how he could spend money to fix this)
<pmatulis> UA should not be seen as a bug-fixing service.  things can get escalated to an engineering team and get fixed, sometimes via PPA until the fix is in the archive, but they can also be rejected
<haithar> please define:PPA (Pay Per Annum?)
<RoyK> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<haithar> wow ok:)
<haithar> Thanks for the info. Indeed UA looks more like a subscription for general support and I also haven't found something there that'd suggest it's a way to push a regression through. Thanks for the confirmation.
<pmatulis> but a UA PPA can be supported, or unsupported
<rbasak> pmatulis: OK, thanks. I didn't really understand before. So we don't really have a solution for users with valid bugs who want to pay for them to be fixed?
<rbasak> I wish we did have a good answer for that.
<pmatulis> rbasak: again, we fix bugs, but there is no guarantee.  UA is not a mercenary/bounty service.  it is an enterprise-level support service
<Odd_Bloke> rbasak: There are certainly consultancies which will do that.
<Quoexl> EHLO
<haithar> Any idea how can I find someone to do that? (Apart from googling of course.) Any directories, wiki pages listing people/companies open to do paid support?
<Quoexl> I'm sorry I missed what you are trying to do
<haithar> Ah sorry. It's about finding someone who could push https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1336742 this though to trusty.
<haithar> s/though/trough/
<Quoexl> I'm terribly sorry but squid and me have had problems since dapper
<Quoexl> know anything about videowhisper conference?
<fidothe> hey there. We're booting Ubuntu instances in EC2, from the Ubuntu Cloud AMI. cloud-init sets the main APT repos to be S3 mirrors for the region / zone (i.e. eu-central-1a), but leaves security at security.ubuntu.com. Is there any problem with using the S3 mirror for this too? (we've been seeing DL speed from security.ubuntu.com < 400kbps all day, which is
<fidothe> adding minutes to boot-and-bootstrap times...)
<rbasak> fidothe: using security.ubuntu.com minimises delays
<rbasak> Otherwise you might be waiting a while until your mirror picks up the most recent security updates.
<rbasak> However, I believe that every security update is pushed to -updates too, although it's probably worth checking with a security team member on that in #ubuntu-hardened.
<fidothe> rbasak: yeah, but these are Canonical-run mirrors, so presumably more reliably synced?
<rbasak> Presumably. Do they mirror the security pocket?
<rbasak> For security issues though, it might be better to not assume anything, and go straight to the source.
<fidothe> rbasak: AFAICT (i.e. I can get the Release file just fine)
<fidothe> rbasak: apt-get update was taking > 10 minutes
<rbasak> So it sounds like it'll work. But unless someone says otherwise I wouldn't recommend it.
<fidothe> which is long enough for booting instances to be culled by health checks...
<rbasak> Maybe check out and fix why security.ubuntu.com is being slow? (Not necessarily your end, but it should be fixed)
<rbasak> Rather than a workaround which gives you worse security (or at the risk of a mirror issue giving you a security issue)
<Daviey> Security updates hit -updates aswell, but there is a window between when it hits s.u.c to the mirror you are using.  Your primary mirror should be ordered first, so if the update is there - you should get the prioritized full speed mirror
<Daviey> Check what is causing the delay, is it just downloading the indexes (apt-get update) or are you pulling down kernels or similar from s.u.c
<fidothe> Daviey / rbasak: it was just pulling down the indexes
<fidothe> And the #ubuntu-hardened tip is a good one, thanks
<mgagne> I would like to know when Ubuntu switched from qemu-kvm source tree to qemu. I found conflicting info
<mgagne> in README.Debian, it's since 14.04: http://launchpadlibrarian.net/186695491/qemu_2.0.0%2Bdfsg-2ubuntu1.5_2.0.0%2Bdfsg-2ubuntu1.6.diff.gz
<mgagne> According to wiki, it's since 12.10: https://wiki.ubuntu.com/QemuPTMigration
<RoyK> out of curiosity, what's the big difference?
<mgagne> one is that machine types from qemu-kvm are not compatible with the ones found in qemu. And it matters a lot if you perform a live migration.
<rbasak> hallyn might be able to help ^^
<RoyK> mgagne: qemu is the better?
<mgagne> RoyK: it's the new source. previous one looks to be a fork or something. but tbh, I don't care that much as long as I can perform my live migration =)
<hallyn> rbasak: https://wiki.ubuntu.com/QemuPTMigration
<RoyK> mgagne: do you have something setup to autostart VMs if a host in the cluster goes down?
<RoyK> mgagne: and btw, what sort of clustering/storage do you use for this?
<mgagne> RoyK: we are using openstack
<RoyK> ok
<mgagne> RoyK: the original issue is: I can't live migrate instances from QEMU 1.5 to QEMU 2.0.
<RoyK> ok
<mgagne> hallyn: which info source is right? the wiki or README.Debian?
 * RoyK guesses README.Debian
<mgagne> because the wiki mentions the "incoming_assume_qemukvm" config which in fact got renamed before packaging for "allow_incoming_qemukvm"
<mgagne> I opened a bug: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1425619
<Zeelot3k> good morning! this seems like a more accurate place for my server questions :)
<Zeelot3k> can anyone here tell me (in an upstart script) when I should be using `start-stop-daemon`? I don't see what it provides over a simple `exec`. doesn't upstart already monitor and manage my process for me? so what does start-stop-daemon do on top of that?
<sarnold> Zeelot3k: I suspect you don't need start-stop-daemon in upstart configurations; if you see it used, it might have just been because it was easier to copy-and-paste it from an old init script that used it..
<Zeelot3k> sarnold: I see. The only reason I can find so far is if I need to run different parts of the init script as root while changing user for the main process. And I also need to be able to generate a pid file which upstart does not do for me (from what I can tell)
<Zeelot3k> so if I need those two thingsâ¦ valid to use `start-stop-daemon`?
<teward> sarnold: is there documentation on creating systemd init scripts and such?  Like, what the structure is, etc.
<sarnold> Zeelot3k: do you strictly need the pid file? iirc upstart doesn't care about one, and most tools that relied upon them are slightly racy anyway...
<sarnold> teward: I think pitti put most of the work into this: https://wiki.ubuntu.com/SystemdForUpstartUsers
<Zeelot3k> sarnold: I'm using Monit and I don't see a way to tell it to ask Upstart for the pid :(
<sarnold> teward: 90% of what I know about systemd came from skimming that file :)
<sarnold> Zeelot3k: ahhhhh
<teward> sarnold: mmm, see, I mean from scratch - I mean, I could dig into, say, the nginx or apache or any other systemd init script but i'm lazy :P
<Zeelot3k> any suggestions? I was a little disappointed by the Monit capabilities
<Zeelot3k> sarnold: inspeqtor seems to support Upstart specifically: https://github.com/mperham/inspeqtor/wiki/INQ-Configuration
<sarnold> Zeelot3k: there are some uses of $$ in the upstart cookbook, you might be able to printf $$ > /path/to/pidfile  or something similar: http://upstart.ubuntu.com/cookbook/
<Zeelot3k> thanks will take a look
<Zeelot3k> cookbook site isn't loading heh but I'll check back later
<sarnold> Zeelot3k: dang, I waited until it loaded for me before pasting the url. (it was being rebooted when I first wanted it, heh)
<Zeelot3k> hehe it finally came back
<Zeelot3k> I think I want to fix the monitoring tool before hacking things into my init scripts
<Zeelot3k> upstart already knows the pid so there isn't a real reason for me to write pid files
<mamuskus> Hi
<pmatulis> hi
<thunder1> hello
<teward> hello
<thunder1> teward: what is the expected operation of the known_hosts file?
<thunder1> is it similar to a hash file where it gives the url then the hash? I see no url in the file.
<teward> thunder1: you mean known_hosts inside the .ssh folder in a home dir?
<teward> thunder1: the answer on http://security.stackexchange.com/questions/20706/what-is-the-difference-between-authorized-key-and-known-host-file-for-ssh gives a nice description of what known_hosts does (see Server Authentication section of the answer)
<teward> the accepted answer there*
<teward> somewhat in depth, but a decent one
<thunder1> teward: known_hosts inside the .ssh folder in a home dir
<teward> thunder1: that's explained in the link i just posted
<teward> the accepted answer on there, anyways
<thunder1> Not big on stackexchange
<teward> thunder1: well then you're out of luck - those explanations are accurate - to summarize, known_hosts stores the public key fingerprints of the remote SSH servers
<teward> ideally you'd check the one you see against known ones, but...
<teward> if you don't know, then if the remote fingerprint changes at any time it'll deny the connection and throw a huge warning
<teward> about checking the remote SSH host legitimacy
<thunder1> teward: yes I get the usage of it but when looking at it why doesn't it have a hostname/url in the file?
<squisher> thunder1, it is hashed for privacy reasons
<teward> ^ that
<thunder1> squisher: that sounds like an addition the usual ssh shows the host
<thunder1> squisher: it is an answer to what I've asked, very well squisher
<thunder1> Is ubuntu14 backwards compatible?
<Prezident> yes but not recommend it
<Prezident> So i would say no
<Prezident> Why btw?
<thunder1> Is there any plans on using 14 as the distribution server?
<Prezident> Rather play with kernel then if something is missed
<thunder1> If the distribution server runs say ubuntu 6, 9 or 10 why is 14 reccomended for others?
<thunder1> Something looks fishy there.
<thunder1> If it were really so important for security the distribution server could also need that security.
<thunder1> milsim
<thunder1> put your hand on the glass
<thunder1> What is bug #1?
<thunder1> Feel free to give hypothetical answers for that.
<thunder1> The recommending 14 question.
<thunder1> Simulate a best case for that recommending 14.
<thunder1> Prepend it with a disclaimer so you don't have to accept fault.
<thunder1> go on
<thunder1> You don't have to ascribe to being one with the author of that nonsense.
<thunder1> If 14 is really so much better I want to see the distribution server running 14.
<thunder1> ok?
<thunder1> How does that work saying don't use 12 it is insecure unsupported , download 14 from ubuntu 8.
<Valduare> hey guysâ¦ got something odd here.. one of my servers wont update   keeps trying to use ipv6 addresses it seems...
<rbasak> Is your server using ipv6 addresses that actually don't route?
#ubuntu-server 2015-02-26
<thatguyisjames> do we have any users that use/ have used docker?
<honey21> i have installed cacti in my  ubuntu  but  i have get aproblem with snmp information error any help please?
<honey21> i have installed cacti in my  ubuntu  but  i have get aproblem with snmp information error any help please?
<lordievader> Good morning.
<hackeron> hey there, is changelogs.ubuntu.com down at the moment? - I'm not able to do do-release-upgrade :(
<hackeron> seems it is down :( - any ideas when http://changelogs.ubuntu.com/meta-release will be back?
<haithar> Hi! I'm a ~noob sysadmin, managing 10+ squid proxies on VPSes. Right now it's a mixed set of different distributions and versions, about half of them is Ubuntu 10 LTS, and everything is managed manually over SSH. :( Can you recommend a remote system configuration management that can read (!) and write config files, restart services and show their s
<haithar> tatus, install packages, playing well with existing machines? (For me Juju seems to be designed for something different. Also, I've found http://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software alright, but most of them don't care about existing installations etc. and their limitations are hm not really advertised.)
<lordievader> haithar: Puppet, chef?
<henkjan> haithar: ansible
<haithar> lordievader: these don't seem to pick up existing configs, also seem to be exposing just the most important config variables. I've checked the squid plugin only TBH, because that's what I'd be using.
<haithar> I've checked Chef-Puppet-Ansible-Salt, all of them are cool, they just not seem to be written for this kind of use.
<lordievader> haithar: They can.
<lordievader> Puppet can make sure stuff is present in config files.
<haithar> lordievader: I've checked out the plugin and googled; it seems that puppet works with profiles imported or created. For all my different machines, squid versions and squid configs I'd have to create all these different profiles manually, which is an overkill. It'd be great if my machines were running the same versions, but they're not, and moving t
<haithar> o a unified state will be a long process now. Hence for this use case I'm looking for something that can actually read and show me the config files themselves in their whole, without an abstraction layer.
<haithar> Ie. my understanding is that Puppet is great if I wanted to create a Squid proxy server profile and apply it everywhere - but that's not what I'm looking for right now.
<lordievader> The power of Puppet is that you write one config file, and it takes care of the OS particularities.
<Odd_Bloke> haithar: If you know Python, http://www.fabfile.org/ might suit you.
<Odd_Bloke> haithar: It doesn't do any squid-specific hand-holding, but it does ease automation.
<haithar> Thanks for the tips!
<ronator> anoyone ever had a problem with iptables on ubuntu 14 LTS? I have a VM which is notoriously loading "old iptables rules" which are no longer persistent on that system. I have no clue how this can happen. Found nothing certain in the logs. Anyone any idea?
<haithar> iptables-persistent installed and kicking in? conflict with ufw?
<haithar> (at least that's what I had issues with)
<ronator> ufw is not installed, neither is iptables-persistent. doing it the oldschool way with iptables-save and iptables-restore in /etc/network/interfaces with pre-up ...
<ronator> @haithar
<ronator> I am now searching in /etc/rc?.d/* and everything under /etc/network/ - this is totally strange
<ronator> I found the guilty one!
<ronator> someone wrote the old rules to this: /etc/network/if-up.d/iptables
<ronator> @haithar problem solved thx!
<rbasak> jamespage: please could you subscribe ~ubuntu-server to awscli bugs? It's in universe but we should probably keep an eye on it.
<jamespage> rbasak: done
<rbasak> Thanks!
<aryklein>  I am deploying an openstack cloud (one controller/network node with 4 compute nodes) in Ubuntu 14.04 LTS. It's a critical/production environment and I am not an Openstack guru. Rather I'm very new in Openstack. So I need a long term support Openstack version. According to https://wiki.ubuntu.com/ServerTeam/CloudArchive and my needs, is it correct to choose Icehouse instead of Juno?
<aryklein> I don't understand what kind of support Ubuntu gives to Icehouse. I mean, what is the difference between Ubuntu support and Openstack support
<rbasak> aryklein: during the Ubuntu supported period, security issues are pushed into the Ubuntu packages by Canonical's security team.
<rbasak> Well, fixes to issues. Not issues :)
<rbasak> You probably don't want to run Openstack without keeping it up to date with security fixes.
<aryklein> rbasak: but if I decided to use Juno in a 14.04LTS what happen when Ubuntu stop maintaining Juno and I keep upgrading my 14.04?
<aryklein> rbasak: new updetes could broke my openstack?
<rbasak> aryklein: AIUI, you'll need to update to Kilo if you want to continue having a supported deployment.
<rbasak> jamespage: ^^ are my statements accurate?
<jamespage> aryklein, icehouse is supported for the full five years of the 14.04 release
<jamespage> aryklein, juno only gets 18 months
<aryklein> jamespage: but it is supported by Ubuntu, not by Openstack team
<jamespage> so after that period no updates for juno
<jamespage> aryklein, well its a bit of both - the first 15 months are supported upstream, the remaining time is done in Ubuntu only
<jamespage> I think 15 months is right
<jamespage> aryklein, if you choose the cloud-archive route, you'll have to upgrade to continue to get support
<aryklein> jamespage: and if I decide to keep Juno (without support), can I continuing updating my Ubuntu 14.04 without breaking my Juno?
<jamespage> aryklein, yes
<jamespage> aryklein, well it should not break, but if it did you would be on your own....
<jamespage> aryklein, the risk of a break increases post EOL Of the Juno cloud-archive as it won't be tested any longer
<jamespage> we do alot of testing....
<jamespage> but only of supported releases
<aryklein> jamespage: My fear is that I am not a Openstack guru and I don't know how difficult is to migrate a running cloud from one openstack release to another
<jamespage> aryklein, well.....
<jamespage> aryklein, have you taken a look at the Ubuntu deployment offerings for OpenStack?
<jamespage> aryklein, the openstack charms we have for deploying openstack with juju on ubuntu can deal with upgrade...
<jamespage> aryklein, but we have other tooling ontop of that - see http://www.ubuntu.com/cloud for all the options
<ivoks> rbasak: here's an easy one :)
<ivoks> rbasak: https://bugs.launchpad.net/ubuntu/+source/squirrelmail/+bug/1425994
<ivoks> oh, it's universe
<aryklein> jamespage: thanks!
<rbasak> ivoks: sounds like we should SRU that. Are you aware of https://wiki.ubuntu.com/StableReleaseUpdates#Procedure?
<ivoks> rbasak: i've reported the bug as a user, not as a dev ;)
<ivoks> rbasak: which means, i'll create sru procedure once i find some free time :)
<rbasak> ivoks: OK no problem - as a user, thank you for caring :)
<lhorace_> Hell, I am running Ubuntu 14.04.2LTS and it seems there is a new kernel update every week? Weekly reboot
<sarnold> really? I thought they were done on roughly three-week cycles.
<andol> lhorace_: Well, you can always read the USN security announcement, and decide whatever you need the reboot or not.
<lhorace_> There was update on 2/17, 2/26
<lhorace_> I like to keep my kernel as updated as possible but wouldn't it be nice to roll all updates in X period :|
<pmatulis> lhorace_: yes, there is always a good reason for a kernel update but like andol said read up on what they are about and decide whether it is worth your while
<pmatulis> lhorace_: all rolled up means keeping a possible vulnerability exposed
<andol> lhorace_: When there are no urgent enough security issues the kernel upgrades are usually bundled like once a month, or something like that.
<rberg_> I cant wait for the hot kernel patching that redhat an suse are working on.. ksplice was really nice until oracle bought it and took it away forom the rest of us :)
<andol> lhorace_: Of course, not everything is an urgent security issue for everyone. For example a KVM weakness might either be really bad for you, or not matter at all.
<lhorace_> Thats alternative it's just awful lot of work when not all your servers are running Ubuntu
<coreycb> zul, should this get merged to revert revno 25?  https://code.launchpad.net/~corey.bryant/ubuntu/utopic/python-eventlet/0.13.0-1ubuntu3/+merge/250452
<andol> lhorace_: What alternative, reading the security announcements and doing a decision based on them?
<pmatulis> maybe he's not subscribed to ubuntu-security-announce
<lhorace_> One, I would find if there's some RSS or Mailing list, second out 1000s of other security mail I get. I have sit and review Kernel Security stuff on top of it.... Anyway... I can figure something out..... Doh, I am assuming, whatever Kernel update Ubuntu LTS desktop users get. Is the same Ubuntu Server get
<rberg_> you could also keep an eye on the oss security mailing list, those will apply to more distros.
<zul> coreycb:  launchpad should be able to sync it
<coreycb> zul, ok
<andol> lhorace_: Well, you really do need to keep a close eye on your distribution's security announcementments anyway, to decide whatever an upgrade is something you need to patch for Right Away, or if it can be done later on in a more orderly fashion.
<lhorace_> I guess it's a good thing that Ubuntu Security is keeping top on things..... just feels a bit excessive... I was thinking of writing some scriipt to do the job for me... As reboot only takes a 1 minute or so
<sarnold> lhorace_: the easier thing to do is apt-get install unattended-upgrades and schedule a reboot every time you see "linux security" issues on the news :)
<lhorace_> sarnold: another good idea :)
<ayr-ton> Someone has worked with pptp? http://askubuntu.com/questions/269399/pptp-vpn-cant-connect
<sarnold> ayr-ton: yikes, you should defnitely upgrade off of 12.10, that hasn't been supported for many months
<ayr-ton> oops, wrong link, just a sec
<ayr-ton> sarnold: http://askubuntu.com/questions/590114/pptp-client-doesnt-connect-by-command-line
<ayr-ton> That is the right one. Sorry. Ahaha
<sarnold> ahhh, much better :)
<ayr-ton> ahaha
<PXE-Guy> has any here ever done a PXE based install for Ubuntu Desktop? how do i tell it to install desktop instead of server? or get it to be in advanced mode?
<ayr-ton> PXE-Guy: For desktop installs, I like this solution: https://help.ubuntu.com/community/PXEInstallMultiDistro
<ayr-ton> PXE-Guy: If you want to make server based installs, I would recommend MASS.
<sarnold> "maas"  :)
<ayr-ton> PXE-Guy: I think you can provide desktop images on MASS too, but I never tried it.
<ayr-ton> MAAS*
<ayr-ton> I only tried for server based installs
<haithar> Re all! (Disclaimer: I'm a noob.) I'm still after bug https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1336742 after I've checked out a bit older proxy of us and it seems that squid works well there! The proxy is 14.04 LTS, ie. the older 14 LTS.
<haithar> 1) Can this bug be a regression between 14.04 (squid3 3.3.8-1ubuntu6) and 14.04.1 (squid3 3.3.8-1ubuntu6.2), affecting everyone upgrading their proxy OS?
<haithar> 2) Do you think I can downgrade my squid3 on the newer machine to squid3 3.3.8-1ubuntu6? (Tried apt-install going for that version, seemed to do no actual downgrade.)
<PXE-Guy> ayr-ton: i followed that guide but it doesnt say how to force the install of the desktop gui
<haithar> 3) Even if that downgrade succeeded, is my understanding right that that version won't be supported and I'd have to wait until that bug gets fixed in 15 and then in 14?
<PXE-Guy> it also fails installing software packages so it only gives me the base install
<sarthor> HI, i have ubuntu-server 14.04 running how to install python-bibi on that?
<sarthor> closing office.. later In Sha Allah.
<coetry> Hello all, I have a ubuntu-server 14.04 running on a VPS and have a rails app serving on port 3000, but when i try to access the serverip:3000, I can't get anything
<coetry> curl is also saying connections are refused, so is that port closed or something? I can't seem to get it working on anyport
<lhorace_> coetry: What does 'netstat --tcp --lnp' say?
 * lhorace_ assumed it was TCP
<coetry> lhorace_ unrecognized option '--lnp'
<coetry> :)
<lhorace_> sorry
<lhorace_> It's one '-'
<lhorace_> 'netstat --tcp -lnp'
<coetry> http://pastie.org/9985705
<lhorace_> coetry: Run as root to see what PID/Program. Doh so far, nothing is listening on 3000 :)
<coetry> lhorace_ but how can I open up a port thats closed? http://pastie.org/9985714
<coetry> so far it seems only ssh, ftp, and my local mongodb is running
<lhorace_> It's not that a port is closed, there are NO programs listening on port 3000 on the first post
<lhorace_> You would see something like this, 'tcp        0      0 0.0.0.0:3000              0.0.0.0:*               LISTEN      531/<ruby program>', is the program running?
<lhorace_> ps aux
<lhorace_>  ps aux | grep <ruby program>. Just an example
<coetry> tcp        0      0 127.0.0.1:3000          0.0.0.0:*               LISTEN      25409/ruby
<coetry> got it
<lhorace_> It's listening on a local interface
<lhorace_> :)
<coetry> ahh, so i just have to serve it publicly
<coetry> my goal is 0.0.0.0:3000
<coetry> or 0.0.0.0:*
<lhorace_> No, 0.0.0.0:3000 or <public ip>:3000
<lhorace_> However, is the program safe to be served to public interface?
<coetry> lhorace, its in beta, but nothing sensitive on the hard drive just yet
<coetry> There are no forms that leave room for arbitrary code exec though
<coetry> so it should be cool
<coetry> ok one last question, if I wanted to run a script that I wrote without having that script stop (its making network requests and storing stuff in a db), when i end my ssh session
<coetry> how can i do that? So having a script take on the background proessing characteristics of a daemon
<lhorace_> Umm, script and add '&' to become a background job. If you want to detach it from the console. '& disown'
<coetry> lhorace_ im so sorry for my ignorance bro, so like this? rake db:seed &
<sarnold> coetry: two more options (a) use nohup rake db:seed & -- so the output goes to nohup.out (b) use tmux or screen and attach / detach
<lhorace_> screen is another option (uses tmux instead here)
<coetry> i like the tmux option, but ive only used it to split windows and open new ones
<coetry> if i run it in a tmux window, how can I reattach to it later to see the output?
<sarnold> coetry: "tmux attach"
<coetry> ohhh, let me try it now
<lhorace_> You can name sessions too
<coetry> ok so now my question is, ive run the script in a tmux window, but even if the session doesn't time out
<coetry> and i wanna close my terminal, or shtudown my laptop, will that kill the tmux process?
<sarnold> tmux should survive all those events
<coetry> sarnold :)
<sarnold> coetry: 'mosh' is a pretty excellent thing to mix in with tmux and ssh to remote hosts; if you're usually connected to a remote host, look into 'mosh'. it'll just keep working across shutting your laptop :)
#ubuntu-server 2015-02-27
<sarthor> HI, Can we install python_bidi on ubuntu-server 14.04? is there any howto, if Yes.
<Fieldy> hello, how do I stop a process (in this case nginx) from starting at boot?
<sarnold> Fieldy: if it has an upstart configuration file in /etc/init/nginx, echo manual > /etc/init/nginx.override
<sarnold> Fieldy: details here: http://upstart.ubuntu.com/cookbook/#override-files
<Fieldy> sarnold: unfortunately it doesn't
<sarnold> Fieldy: sysvinit scripts?
<Fieldy> sarnold: it has a file in /etc/init.d/
<sarnold> Fieldy: there's some friendly little utility to manage those symlinks but I can never remember the name of the thing. I think if you delete all the /etc/init.d/rc*.d/S*nginx  scripts it ought to do it.. sigh. it's been long enough I've forgotten details :)
<Fieldy> might have been update-rcsomething
<Fieldy> sketchy memory here
<sarnold> update-rc.d sounds familiar, but maybe that was only for postinst script use. :/
<Fieldy> hm
<sarnold> I thoght it was like chkconfig .. but I don't see that on my system. heh. :)
<Fieldy> update-rc.d nginx disable
<Fieldy> insserv: warning: current start runlevel(s) (empty) of script `nginx' overrides LSB defaults (2 3 4 5).
<Fieldy> insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `nginx' overrides LSB defaults (0 1 6).
<Fieldy> i'll be honest, that means nothing to me ;/
<lhorace_> Looking for update-rc.d?
<lhorace_> nvm
<sarnold> Fieldy: that's fine, just warnings. it shouldn't start now :) hehe
<Fieldy> alright i'll reboot it
<lhorace_> "stop runlevel(s) (0 1 2 3 4 5 6)"? wha
<Fieldy> heh yeah i know
<sarnold> lhorace_: that means sysvinit would stop nginx when entering any of the runlevels 0 1 2 3 4 5 6 if it was running in the old runlevel
<Fieldy> it's no longer running on boot
<Fieldy> so that was it, thanks for the pointer
<lhorace_> I know what it means
<lhorace_> Did you set that up manually?
<lhorace_> Or the script was shipped like that by default
<Fieldy> came like that by default
<sarnold> debian's policy says daemons should be started by default once they are installed
<lhorace_> Well, it's not a bug persay, but whoever wrote the LSB default line... Didn't know what he typed
<sarnold> in what way?
<lhorace_> It's saying that the services should be stopped on runlevel 0 1 2 3 4 5 and 6
<lhorace_> with no default start levels
<lhorace_> If a program was obey it, how would the service start ?
<sarnold> lhorace_: I think you misread; the LSB defaults come _afterwards_: "insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `nginx' overrides LSB defaults (0 1 6)."
<lhorace_> Oh my
<lhorace_> I think you misreading me
<lhorace_> It says that in the /script/, the current stop levels are 0 1 2 3 4 5 6
<lhorace_> That's why inserv complained
<sarnold> lhorace_: heh, the current stop levels are set that way because Fieldy ran "update-rc.d nginx disable"
<lhorace_> Oh okay, makes sense
<lhorace_> I've worked with sysvinit scripts before
<lhorace_> In openSUSE, the symlinks would just be remove, that's it.
<sarnold> yes, that's likely what it did here, too; either remove them or rename them from Snn.. to snn... I forget the details.
<lhorace_> Well, it looks like, it also modified the INIT script
<lhorace_> LSB default line
<sarnold> if it did that, then the script would never be updated on package upgrades
<sarnold> there'd be no reason for it to modify the init script, and doing so would be a serious inconvenience
<lhorace_> So, update.rc-d dosn't modify the init script when it disable it ?
<sarnold> no, just the symlinks
<lhorace_> Okay, so the script is shipped with LSB default stop runlevel as 0 1 2 3 4 5 6
<sarnold> no.
<lhorace_> innserv is saying that's what nginx init script has
<sarnold> lhorace_: http://sources.debian.net/src/nginx/1.6.2-5/debian/nginx-common.nginx.init/
<sarnold> # Default-Start:     2 3 4 5
<lhorace_> Is that is Ubuntu repo? Because I asked Fieldy and I think he/she said it was shipped like that
<sarnold> lhorace_: there's no similar corresponding service for ubuntu's packages, but it's unlikely to be changed between them
<sarnold> lhorace_: apt-get source nginx if you want to compare with what your system would install
<lhorace_> I use NGINX on arch
<lhorace_> Fieldy: What Ubuntu version are you running ?
<lhorace_> That of Default line like that ?
<lhorace_> s/of/have/
<lordievader> Good morning.
<haithar> Re all! (Disclaimer: I'm a noob.) Repost: I'm still after bug https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1336742 (14.04.1 LTS has a broken squid) after I've checked out a bit older proxy of us (14.04.0 LTS) and it seems that squid works well there!
<haithar> 1) Can this bug be a regression between 14.04.0 (squid3 3.3.8-1ubuntu6) and 14.04.1 (squid3 3.3.8-1ubuntu6.2), affecting everyone upgrading their proxy OS from 12 or from 14.04.0?
<haithar> 2) Do you think I can downgrade my squid3 on the newer machine to squid3 3.3.8-1ubuntu6? (Tried apt-install going for that version, seemed to do no actual downgrade.)
<haithar> 3) Even if that downgrade succeeded, is my understanding right that that forced version squid3 3.3.8-1ubuntu6 won't be supported and I'd have to wait until that bug gets fixed in 15 and then in 14?
<Walex2> haithar: you trade the lack of an optimization with no security updates. Not so sure it is a good trade.
<Walex2> haithar: also this seems a very long standing bug. one of the links points at this mailing list message: http://www.squid-cache.org/mail-archive/squid-dev/201207/0100.html where that bug happens with 3.2.0.16
<haithar> Walex2: thank you. I'm contemplating what to do; since 14.04.0 LTS is not widely available at VPS companies, and can't really say when the patch gets into vivid and trusty, I'm leaning to roll out 12 LTS for our proxies.
<igno818> hello, any feedback using LEMP vs LAMP?
<dave65> when are the security updates and reboots going to slow down guys?
<dave65> flipping nusiance
<dave65> also when is ubuntu going to address the headless server timeout -1 issue
<dave65> vent vent :)
<dave65> scared to boot my servers these days before checking grub, and reboots are frequent and getting more so
<rbasak> dave65: about security update frequency, don't shoot the messenger maybe? Vulnerabilities typically come from upstreams.
<rbasak> dave65: for your headless server timeout -1 issue, what's the bug number please?
<dave65> yeah, pain tho
<rbasak> You don't have to take the security update. You also don't have to reboot :)
<dave65> 797544
<rbasak> I use unattended-upgrades and don't notice.
<dave65> rbasak:  not updating a server with regards to security is foolish
<dave65> rbasak:  I saw that update this morning
<dave65> not used it before is it new?
<dave65> I like to test updates first tho
<rbasak> dave65: indeed not doing security updates is foolish :)
<rbasak> unattended-upgrades has been around for years
<dave65> virtualmin which I use has an auto update feature but it worries me :)
<rbasak> There's always a risk. But I can't remember a security update which in hindsight I wish I hadn't applied.
<dave65> might wake up one morning and a load of servers broke, sod that
<dave65> hast a postfix problem once but that was a longtime ago
<rbasak> Occasionally there is a regression (often in the upstream fix) but the vulnerability was always real and the choice is generally only to leave the hole there.
<dave65> I know they are complicated vulnerability but I like to keep everything upto date anyway
<rbasak> bug 797544 is marked fix released, with no additional bug tasks open.
<rbasak> You shouldn't expect any further work on that bug.
<dave65> it aint fixed I think
<rbasak> Comment #11 might be relevant.
<dave65> mind you check grub everytime now out have habit and always change the timeout to 10
<dave65> yeah but the comments go on
<dave65> I lost confidence
<dave65> I have 2 test servers with 12.04 and 14.04 next time I will just boot without looking at grub
<dave65> easy fix just booting to rescue mounting and edit and reboot, but is a pain
<dave65> setting grub timeout error warning to less than zero, why does it still show?
<bekks> Why do you set it to less than zero?
<dave65> Ubuntu does it
<dave65> on upgrade of kernel
<bekks> Which parameter exactly, and where exactly?
<dave65> terminal_output gfxterm if [ "${recordfail}" = 1 ] ; then set timeout=-1 grub.cfg
<dave65> its the -1
<bekks> And why is that line actually concerning you?
<dave65> because if you dont change -1 the server can wait for a keystroke on reboot
<bekks> That entry is exactly doing what it should - it stops on that boot entry, when booting fails.
<dave65> but servers can hang
<dave65> well not hang
<bekks> Thats intended when using recordfail.
<dave65> it just waits for a keystroke
<dave65> on a remote headless what do you do?
<bekks> I use a remote console.
<dave65> no magic wand here
<dave65> I have too but a reboot from console and no joy
<bekks> You can take a look here, too: http://wiki.hetzner.de/index.php/Grub2_recordfail/en
<dave65> ty, will take a look, have a few with hetz
<bekks> That article is not dependant on that ISP.
<rbasak> utlemming: looking at bug 797544. Shouldn't GRUB_RECORDFAIL_TIMEOUT be some positive number on all servers?
<rbasak> (by default)
<dave65> but why would a commanede reboot fail?
<dave65> commanded
<bekks> Because you installed a messed up kernel and you are trying to boot it, e.g.
<bekks> Like a selfcompiled kernel with missing hdd controller drivers, etc.
<dave65> hrmm
<utlemming> rbasak: incidently was later fixed in grub with that exact solution
 * utlemming goes looking for the fix
<rbasak> utlemming: ah
<rbasak> utlemming: I found /etc/default/grub.d/ I looked only in /etc/default/grub before
<rbasak> I see 50-cloudimg-settings.cfg that sets it
<rbasak> utlemming: but this doesn't come from a package. What about the server ISO install?
<dave65> yep
<dave65> I thought that
<dave65> not an expert here
<utlemming> rbasak: i did worked to enable the 50-cloudimg-settings.cfg in the cloud images, but also I had a patch for grub to support it.
<utlemming> rbasak: I'm looking for the bug that captures that whole conversation
<dave65> yeah sorry I have this habit apparently
<dave65> absorbing
<rbasak> utlemming: bug 669481 maybe?
<utlemming> rbasak: yeah, this look like the one...I didn't think it was done that long ago
<rbasak> utlemming: so am I right in thinking that the default is still -1 if installed from a server ISO?
<rbasak> If so that seems unacceptable to me.
<rbasak> Servers are expected to be headless, and so booting should always be attempted by default IMHO.
<utlemming> rbasak: I thought that that conversation was captured in the bug...but there was some concern about the desktop
<utlemming> rbasak: I'm +1 on that...it should be a default that is set in the postinst
<rbasak> Maybe we need to drop in a file supplied only by the server seed?
<rbasak> Have a package called "headless" or something if necessary.
<dave65> :)
<rbasak> utlemming: do you remember who was concerned about the desktop?
<utlemming> rbasak: rbasak: the problem right now is that /etc/default/grub.d only supports a single file
<utlemming> rbasak: cjwatson
<dave65> more like handless as it needs a finger, at the moment its the middle one :)
<rbasak> utlemming: OK I'll ask cjwatson in #ubuntu-devel
<rbasak> utlemming: my reading of /usr/sbin/grub-mkconfig suggests that /etc/default/grub.d should work with multiple files. At least in Trusty.
<mgagne> hallyn: ping
<pmatulis> anyone having mirror problems?
<SchrodingersScat> nope
<genii> No, but I'm using the local one cor Canada
<SchrodingersScat> I'm using US
<hallyn> mgagne: not in today
<mgagne> hallyn: ok, will follow up on monday. I managed to fix the migration issue from QEMU 1.5 to QEMU 2.0. I'm looking for help to get this fixed upstream.
<hallyn> mgagne: awesome, thank you
#ubuntu-server 2015-02-28
<votlon> hello all!
<votlon> hey guys i installed openvpn on ubuntu 14.04 on a virtual machine, and im not able to connect to it to test it. Would i not be able to access it from the host machine?
<votlon> dat double hello<3
<votlon> The server.conf for open vpn is kinda empty. http://pastebin.com/zygUTR0u Leads me to assume that maybe my configuration is wrong?
<votlon> If anyone knows anything bout openvpn here ^.^
<fuki> could anyone help me figuring out an issue with a new ubuntu-server installion hanging while regenerating the grub configuration file?
<zotta> Is there a limit to how many files can be stored on a disk? (assuming it has enough free space)
<bekks> zotta: The number of inodes on the filesystem is the upper limit.
<bekks> Additionally, you can use quotas.
<zotta> I just want to write a script and using the file system would be easyer and faster for me than an actual database. But it would create at least 100k temp files at once.
<bekks> 100k temp files? o.O
<zotta> just wondering is that would work, because less effot for me
<zotta> *if
<bekks> IF you have enough free space and enough unused inodes, it will work.
<zotta> at 2kb per file that would be ~200mb
<bekks> What does your script do? :)
<zotta> it's a step for building a new acoustic model for the german language
<bekks> That sounds interesting. :)
<zotta> only if you don't look too closely
<zotta> anyway: how do i set that inode thing?
<bekks> It is an entity of the filesystem, you cannot change it after creating the filesystem.
<bekks> For ext2/3/4, you can use tune2fs for displaying all entities.
<zotta> bekks: ok found it, got 2M free :)
<bekks> That should suffice for a few tests :)
<sudormrf> hey guys.  having an issue with MDADM.  I build the array, everything is good.  I create a file system, that all goes good.  I mount it, everything good there.  update-initramfs, everything good.  reboot and the array no longer exists :S.
<sudormrf> found this thread: http://superuser.com/questions/746112/ubuntu-server-14-04-raid5-created-with-mdadm-disappears-after-reboot
<sudormrf> that guy is using raid 5, I am using raid10, but he was having the exact same issue.
<sudormrf> I am trying to figure out what I did wrong.  starting over means I will have to wait another 10 hours or so while the array builds itself
<Sling> sudormrf: how/when did you build the array, in the installer?
<sudormrf> Sling, tried to build it yesterday, rebooted (from work) and it failed to boot because the array disappeared.  tweaked my fstab and added "nobootwait" and "nofail" so it wouldn't completely fail to boot up if the array were not showing
<sudormrf> rebuilt it last night
<sudormrf> just woke up and tried all the steps over again
<sudormrf> restarted
<sudormrf> poof, gone.
<sudormrf> then came in here :)
<Sling> and this raid5 array is some storage besides your main partition scheme?
<sudormrf> raid 10
<Sling> raid10*
<sudormrf> my main drive is separate from this array
<sudormrf> this box has 5 drives, 4 of which are to be used in the raid 10 array, one drive is the boot drive
<Sling> and the disks are still there in fdisk -l ?
<Sling> what does cat /proc/mdstat show?
<sudormrf> fdisk -l shows all drives
<sudormrf> http://paste.ubuntu.com/10471304/
<sudormrf> shows that there is no array
<Sling> the mdadm superblocks should still be there on the disks I suppose
<sudormrf> any way for me to check that?
<Sling> mdadm --assemble --scan
<Sling> or mdadm --examine /dev/sd* (or whatever disks they are)
<sudormrf> tried mdadm --assemble --scan earlier
<sudormrf> let me try it again
<sudormrf> just did it, then did cat /proc/mdstat and nothing is happening
<sudormrf> there was no output from the assemble scan command either
<Sling> do you have your raidset defined in mdadm.conf ?
<sudormrf> http://paste.ubuntu.com/10471367/
<sudormrf> that is the conf
<sudormrf> does that look correct to you?
<sudormrf> I obfuscated the email address
<Sling> yea the 4 member disks are there and the array is defined as /dev/md0
<Sling> what does mdadm --examine /dev/sd[bcde] show?
<sudormrf> http://paste.ubuntu.com/10471380/
<sudormrf> not sure what to make of that, btw.
<Sling> try starting it again with mdadm --assemble /dev/md0 /dev/sdb /dev/sdc /dev/sdd /dev/sde
<sudormrf> ok, sec
<sudormrf> mdadm: Cannot assemble mbr metadata on /dev/sdb
<sudormrf> mdadm: /dev/sdb has no superblock - assembly aborted
<Sling> hm
<Sling> the 'ee' type is "Indication that this legacy MBR is followed by an EFI header"
<Sling> not sure how that works in combination with mdadm
<Sling> (@ the 4 disks, they all seem to contain 1 partition)
<Sling> i'd recreate empty partition tables there with a 'fd' type partition on each disk
<Sling> thats the normal partition type for mdadm/raid containing the superblocks etc
<sudormrf> sorry, how do I do that? I used gparted to do the formatting/partitioning of the drives initially.  still not *that* used to doing disk formatting/partitioning from the CLI.
<sudormrf> cfdisk?
<sudormrf> sfdisk
<Sling> fdisk /dev/sdb
<Sling> then 'p' to print the partition table
<Sling> with 'd' you can delete any existing partitions, and 'n' creates a new one
<sudormrf> ok
<sudormrf> then p
<sudormrf> or e?
<sudormrf> p
<Sling> primary
<Sling> then with 't' you can set the type I think
<Sling> select 1st partition, set type to 'fd'
<Sling> then 'w' to write the new partition table
<ikonia> m/win 26
<ikonia> oops
<sudormrf> hmm. not seeing fd in the list
<Sling> its just a hex code, try entering it
<sudormrf> ooohhh
<sudormrf> lol
<sudormrf> linux raid auto
<sudormrf> see it now
<Sling> yup
<sudormrf> ok.  going back through and doing this for all of them.  sec
<sudormrf> http://paste.ubuntu.com/10471562/
<sudormrf> reflecting the change
<Sling> ok
<sudormrf> now I have to rebuild the array, correct?
<Sling> now: mdadm --create /dev/md0 --run --level=10 --raid-devices=4 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1
<sudormrf> hmm.  any reason to use sdb1 vs just sdb?
<sudormrf> I was using sdb only
<Sling> that way you use the partition
<Sling> and not the raw disk
<sudormrf> ok
<sudormrf> perhaps that could have been causing me the problems
<Sling> once the disk is back in /proc/mdadm you can do: mdadm --detail --scan >> /etc/mdadm/mdadm.conf
<Sling> that way it should be available again at boot
<sudormrf> ok
<Sling> also add it to a mountpoint in /etc/fstab etc ofc
<sudormrf> well this is going to take a while :D
<Sling> :)
<sudormrf> 343 minutes
<sudormrf> the time is decreasing lol
<sudormrf> first time I ran it it took 8xx min.  last night was 6xx min
<Sling> you can speed it up
<sudormrf> now 3xx min
<sudormrf> oh?
<Sling> cat /proc/sys/dev/raid/speed_limit_min
<Sling> what does that show?
<sudormrf> 1000
<sarthor> HI, Can some one help, how to install this http://mpcabd.igeex.biz/python-arabic-text-reshaper/
<Sling> try setting like echo 100000 > /proc/sys/dev/raid/speed_limit_min
<Sling> (system load will increase)
<sudormrf> system load increasing is fine :D
<Sling> there is also /proc/sys/dev/raid/speed_limit_max but that shouldnt have to be increased
<Sling> est.time better now?
<sudormrf> let me check
<sudormrf> it's dropping, but not by much
<Sling> hm, might be moving average
<Sling> oh well, patience :)
<sudormrf> yeah.  thanks.  after the array is done building I will run through the steps again and before rebooting come back by :D.  thanks again, Sling
<Sling> np, hope this fixes it :)
<sarthor> sarthor: .
<sarthor> HI, Can some one help, how to install this http://mpcabd.igeex.biz/python-arabic-text-reshaper/
<Sling> sarthor: what do you mean with 'install' ? do you want to use it in a python project?
<sarthor> Sling: my computer shows my strange arabic, there is the solution but I do not know how to get benefit from that link. there is not "howto" with that link.
<sarthor> Sling: actually how to use that scrip or files. where to put them. how to import that.
<Sling> sarthor: define 'strange arabic', in reverse, misaligned, ?
<Sling> what you linked is a python library, for developers
<Sling> maybe you are looking for the xfonts-intl-arabic package to correctly display arabic fonts, try 'apt-get install xfonts-intl-arabic'
<sarthor> Arbic is from right to left, while Now it is showing from left to right. alphabets in word is showing from left to right. while it should be right to left.
<Walex> sarthor: please describe the final result you want to achieve... not what you think is the way to achieve it...
<Sling> xy problems ftw :)
<sarthor> Sling: I am using openerp on ubuntu-server, When openerp export some report of invoice to pdf it show wrong arabic fonts. I am giving you like of that pdf file. and then you can see and understand.
<Walex> sarthor: wrong arabic fonts or wrong glyph writing order?
<sarthor> wrong glyph writing order?
<sarthor> wrong glyph writing order!
<sarthor> Sorry
<ogra_> sarthor, did you consider checking http://openerparabia.org/ ?
<Walex> sarthor: https://www.google.com/search?as_q=openerp+left-to-right might help
<ogra_> (i bet you are not the first one t have that prob)
<sarthor> ogra_: yes I checked there, they are not saying anything about this.
<Walex> sarthor: https://www.linkedin.com/groups/RighttoLeft-reports-OpenERP-SOLVED-165657.S.111824564
<sarthor> Sling: here is pdf file  http://nhksa.com:81/pdf/
<sarthor> https://www.linkedin.com/groups/RighttoLeft-reports-OpenERP-SOLVED-165657.S.111824564 Walex there is link which is not opening. rest i can not see anything that give solution.
<sarthor> Sling: did you get that file, or you gotten busy?
<Sling> sarthor: sorry bit busy, check Walex's links
<sarthor> Walex: linked link have nothing, also I am using OpenERP 7.
<sudormrf> Sling, you still around?
<sudormrf> !ping
<ubottu> pong!
<sudormrf> hmm.  this is odd.
<sudormrf> so I recreated the RAID array and now it mounts on boot, but it is only using half of the drive capacity.  IE, 2TB instead of 4.
<sudormrf> is there a way that I can correct that without having to start the entire process over again?
<sudormrf> I think I see what happened
<sudormrf> restarting with gdisk instead of fdisk.
<sudormrf> may be a better way to do this, but oh well
#ubuntu-server 2015-03-01
<scott2> HI GUys
<Barneyy> Hi, I don't have internet traffic in Ubuntu Server, but my apache is running !
<Barneyy> I can access my web server by enter IP Address in internet browser. but in ssh I don't have ping
<bigbrovar> hi guys.. am trying to setup ACL for my openldap installation but am having some problems ..  I would like some ldap users to be have write entries on everything under a specified ou however when I try to make modification as said user in this case dhcpuser and pykotaadmin  I get an error saying insufficient access to parent
<bigbrovar> here is my olcAccess.ldiff http://paste.ubuntu.com/10484117/  (ubuntu 14.04 server)
<lordievader> Good morning.
<teward> is it possible to set up a repository server for debian packages on Ubuntu that actually serves Debian distros?  (NOT a mirror, a personal packages repository)
<rbasak> teward: yes. apt-ftparchive will do a basic one, or reprepro for a more complex one. Just build using Debian chroots.
<teward> rbasak: can apt-ftparchive also handle Ubuntu packages alongside Debian packages?  (I would still build locally via sbuild schroots for Debian or Ubuntu
<rbasak> teward: alongside? You'd want to have a separate repo probably to avoid confusing them. But the repository format is the same, so maybe I don't understand your question. Why wouldn't it just work?
<teward> rbasak: i'm trying to run my own repository server - specifically to publish packages built by me and available to users.  Trouble is, no idea how to begin with that
<teward> s/users/systems I have/
<rbasak> teward: OK, so the quickest way:
<teward> and I need to provide both ubuntu and debian packages
<rbasak> Dump all the debs in a directory
<teward> (but the server itself is Ubuntu)
<rbasak> apt-ftparchive packages .|tee Packages|gzip>Packages.gz
<rbasak> apt-ftparchive release . > Release
<rbasak> gpg --yes -o Release.gpg -ab Release
<rbasak> That's it. Host that directory somewhere, and it'll work.
<rbasak> The sources.list line looks a bit odd though
<rbasak> deb http://wherever/directory /
<rbasak> (I use file:// but I presume http:// will work the same)
<rbasak> But this doesn't let you differentiate between releases easily, and doesn't work with the sources.list line most consumers expect.
<teward> to do that i'd have to set up reprepro no?
<rbasak> No you can do that without reprepro. Just apt-ftparchvie and serving flat files
<rbasak> Oh, depends on what exactly you mean by "that" :)
<rbasak> To do more advanced - yes, reprepro is probably the easiest, although I find it tedious to set up and maintain
<rbasak> There's a really old Launchpad bug on supporting Debian in PPAs. It just needs someone to do the work, if you want to volunteer :-)
<teward> rbasak: i used reprepro for this - it's not like I"m putting a billion packages there :P
<teward> just some
<teward> rbasak: and that Debian in PPAs bug, I don't even know how to begin with that, so meh.
<Thms> I have an ubuntu-server instance running on a Hyper-V server. So far everything works. I resize the VHD from 10 to 30Gb, but df -h still shows 10Gb.
<Thms> Anyone, please ?
<PryMar56>  Thms if ext4, then resize2fs
<bekks> Thms: are you using LVM?
<Thms> bekks, yes using LVM
<bekks> Then you have to resize the partition conating the PV first, then resize the PV, then resize the VG, then resize the LV, then resize the filesystem.
<bekks> *containing
<Thms> wow.
<Thms> then pvresize, vgresize, lvresize and resize2fs ?
<bekks> Yes.
<Patrickdk> generally you have to reboot or use partprobe after you adjust the partition table
<Thms> isnt there a quick way to do this ?
<Thms> or a one liner ?
<Patrickdk> don't use lvm?
<bekks> That IS the quick way...
<Thms> I mean I just resized my VM HDD size what"s so wrong
<bekks> There is no oneliner.
<Patrickdk> you have so many layers
<Patrickdk> you have to resize each layer
<bekks> Nothing is wrong. But you have to resize the partition, the PV, the VG, the LV, the FS as well.
<Patrickdk> vm disk -> partition -> lvm parition -> lv -> filesystem
<Patrickdk> you dont' have to vgresize, neverh eard of that
<Patrickdk> the vg will resize automatically with the pvresize change
<bekks> Patrickdk: Depending on how many disks, layout of the VG, etc. he might have to extend the VG, so he just has to check that.
<Patrickdk> vgextend you mean?
<Thms> so I start with pvresize ?
<bekks> Yes.
<Patrickdk> na
<Patrickdk> that won't do it
<bekks> Thms: you start with resizing the partition.
<Patrickdk> it should be automatic
<Thms> I did it.
<Thms> I booted the server, df -h, 8Gb.
<bekks> Thats not resizing the partition.
<bekks> df displays free space of the filesystem.
<Patrickdk> come on, you even have to do all these steps in windows
<Patrickdk> and every other os :)
<Thms> I resized the partition under Hyper-V
<bekks> Thms: No. You resized the DISK.
<Thms> how is that not resisizing the partition ?
<bekks> Thms: Not the partition.
<Thms> Mh... I think I'm starting to understand
<Thms> so what tool do I need to resize the partiton then ?
<Thms> And how come fhe partition can be larger than the disk ?
<bekks> The partition obviously cant be larger than the disk.
<Patrickdk> that would be a nice trick
<bekks> Yay! RAMdoubler finally ported to HDDdoubler! :P
<Thms> So how do I resize my partition please guys
<bekks> Thms: Use gparted from a livecd.
<teward> Thms: you resized the virtual disk to have more space
<Patrickdk> depends on what type of partition your using
<teward> Thms: you actually have to expand the partitions
<Thms> ok
<Patrickdk> parted, gparted, ...
<Thms> so i start with pvresize ?
<Patrickdk> if your using mbr, fdisk works
<bekks> No.
<bekks> Thms: You start with resizing your partition, not with resizing the PV.
<Thms> Ho sorry ok.
<bigbrovar> hi guys.. am trying to setup ACL for my openldap installation but am having some problems ..  I would like some ldap users to be have write entries on everything under a specified ou however when I try to make modification as said user in this case dhcpuser and pykotaadmin  I get an error saying insufficient access to parent
<bigbrovar> here is my olcAccess.ldiff http://paste.ubuntu.com/10484117/  (ubuntu 14.04 server)
<teward> does anyone know how apache2-utils' htpasswd when running with `-cBC 12` arguments actually does the bcrypt hashing?  DOes it rely on system crypt() libraries or its own?
#ubuntu-server 2016-02-29
<Billy21> I am getting errors like crazy
<Billy21> ata3.00: status: { DRDY ERR }
<Billy21> is there a log somewhere with error's  in it?
<Billy21> damn
<Billy21> i just bought those
<Billy21> i wonder is spinrite will work
<bekks> Billy21: Look at "dmesg".
<bekks> And whatever "spinrite" might be.
<Billy21> https://www.grc.com/sr/spinrite.htm
<sarnold> probably time to buy a new drive
<sarnold> spinrite only barely worked fifteen years ago
<sarnold> i'd be surprised if it can do anything useful on modern systems
<Billy21> ahahaha
<Billy21> alright
<Billy21> ill take them back
<pirx_> hello! i have a Ubuntu server with 2 NICs. one in 10.10.0.0/24 (eth0) and one in 10.10.1.0/24 (eth1). i can connect to port 80 on from respective LAN, but i cant connect to 10.10.0.43 (its IP on eth0) from the 10.10.1.0/24 LAN, and vice versa
<pirx_> http://pastebin.com/yajee6JJ   and forwarding is off. Any ideas?
<pirx_> (also if i turn ip-forwarding on, no replies are sent)
<mybalzitch> no it'd be up to your router to forward those packets betwee nthe lans
<mybalzitch> s/lans/subnets/
<shauno> that does sound like the expected behaviour to me
<pirx_> mybalzitch: yes, the router does forward the Syn packet, and it reaches the server, but the server sends no reply, so there is nothing more to forward...
<pirx_> shauno: it does? shouldnt the server reply?
<shauno> well, I offered that but any mention of the router doing anything about it :)
<shauno> but I think if I was stuck there, I'd be using tcpdump to see where the reply is actually going.  whether it's going out the correct interface, whether it's going at all, etc
<pirx_> shauno: yes, there is output from "tcpdump -i any port 80" in the pastebin, and it shows (like i said above) that no reply is sent
<pirx_> and i would expect some reply, at some interface
<pirx_> thats why i am stuck:)
<shauno> I'm not sure if it's relevant, but I notice in 'route -n' there's no gateway for 10.10.1.0/24 ?
<pirx_> shouldnt there be just one default gw? and it shouldnt need to know about any gw on eth1, since the default route is to eth0
<shauno> I think it should have one for each subnet, but only one will be the default
<shauno> without it, a reply leaving eth1 addressed outside that subnet has no route
<shauno> which won't impact things originating at this host, as they'll use the other interface.  but might affect replies because they'll leave the interface they arrived on.  I think.
<pirx_> and i think that replies will go out on whatever interface is matched by the routes. i think:) anyhow, the annoying thing is that _no_ reply at all is sent
<pirx_> the setup is very simple. installed a server with a static IP. and then added an interface with dhcp in /etc/network/interfaces and did ifup
<pirx_> baffles me why no reply is sent
<shauno> hm, looks like I might be wrong about returning on the same interface.  that's all that jumped out at me, I'm afraid
<lordievader> Good morning.
<pirx_> read this: http://jensd.be/468/linux/two-network-cards-rp_filter  and tried the "quick and dirty solution", which seems to work for me! :)  ->  sudo sysctl net.ipv4.conf.all.rp_filter=2
<jamespage> hallyn, I'm getting a pass with a later xen version for libvirt on 14.04
 * jamespage ponders whether to include xen as well
 * smb wonders whether he should worry about that
<doublef91> hi
<jamespage> coreycb, I'd like to add dh-python to mitaka-staging for a bit to see if it backports ok - my initial ppa testing as good
<doublef91> i have i gma500 with xubuntu 15.10 but this card(gma) has the problem
<jamespage> well it backports ok - just want to ensure everything else does as well!
<coreycb>  jamespage ok yeah I saw something needed a new version of it
<jamespage> python-cffi wants it and really does need it...
<coreycb> jamespage, sounds good
<doublef91> who help me with gma500?
<EmilienM> jamespage: I think keystoneauth1 is not updated enough in b2
<EmilienM> we're having issues in our CI for some tests
<jamespage> EmilienM, ack - let me take a peek
<EmilienM> jamespage: also, heat is still failing but I guess it's because you did not update it yet
<jamespage> EmilienM, fixed the first problem, hitting a different one now
<jamespage> EmilienM, its rebuilding atm - I'll let you know shortly
<EmilienM> cool
<EmilienM> jamespage: jobs are non voting for us
<EmilienM> jamespage: except 2 scenario, that work
<jamespage> ack
<jamespage> EmilienM, you should get aodh and libvirt updates in the next few hours as well
<EmilienM> cool
<jamespage> been fixing up some backport failures...
<EmilienM> and ironic is still failing for us
<EmilienM> I PM'ed you last night
<jamespage> yeah
<jamespage> heat is still ftbfs
<EmilienM> jamespage: ironic, not heat
<jamespage> I know
<jamespage> but I was looking at heat first
<EmilienM> ok thanks
<jamespage> EmilienM, struggling with the ironic one:
<jamespage> http://logs.openstack.org/65/262965/14/check/gate-puppet-openstack-integration-scenario001-tempest-dsvm-trusty/af0c0ef/logs/ironic/ironic-conductor.txt.gz#_2016-01-04_01_20_18_979
<jamespage> looks like its loading the fake driver....
<jamespage> and there are no errors in the ironic log....
<EmilienM> https://bugs.launchpad.net/cloud-archive/+bug/1530869
<ubottu> Launchpad bug 1530869 in Ubuntu Cloud Archive "ironic-conductor does not load fake driver" [Undecided,New]
<jamespage> yes that's what I'm looking at
<EmilienM> let me find again the logs
<EmilienM> in conductor somewhere
<EmilienM> http://logs.openstack.org/65/262965/14/check/gate-puppet-openstack-integration-scenario001-tempest-dsvm-trusty/af0c0ef/logs/ironic/ironic-api.txt.gz#_2016-01-04_01_29_30_062
<EmilienM> Client-side error: No valid host was found. Reason: No conductor service registered which supports driver fake.
<jamespage> I see that in the console log, but I have no idea why that happens - the backend looks to be configured with fake
<coreycb> zul, can you add a bug subscriber for python-sphinx-argparse?
<zul> coreycb: url?
<coreycb> zul, http://launchpad.net/ubuntu/+source/sphinx-argparse
<hallyn> jamespage: yeah, that was my hunch
<hallyn> jamespage: suppose you could ask smb for sure, but ...
<jamespage> hallyn, its ok - backported xen as well
<jamespage> we have precident for that
<smb> jamespage, I am not sure which version to where (guessing Xenial to Trusty cloud-archive). Only problematic twiddle might be to work around the Trusty environment to inject the wrong LD/CCFLAGS
<jamespage> smb, yes
<zzxc> How is zfs support for 14.04
<maswan> just add ppa and it works, in my experience
<maswan> the *support* situation I'm less clear on
<teward> https://wiki.ubuntu.com/ZFS
<zzxc> Alright cool thanks
<teward> zzxc: I'm making a random guess that it's 'available' but like all PPAs not 'officially supported' in 14.04
<teward> given that 15.10+ appears to have ZFS available in the repos based on that wiki page
<teward> that page was edited recently so...
<zzxc> Yeah. As long as it's fairly stable it should work.
<teward> which i don't think i can attest to
<maswan> I've been running it on several servers for a few years
 * teward still uses ext4 for everything heh
<maswan> well, 14.04 + zfs is a little bit newer, but still fairly fresh
<maswan> ehm, a year or so
<bc2946088> Is there a default login created with ubuntu autopilot for the openstack dashboard?  The account created during installation only allows me to administer a project, not the actual system.
<urthmover> oddly some of the servers that I deploy from a template show the motd with the ip address and other servers from the same template do not show the ip address in the motd.  I have re-run /etc/update-motd.d/50-landscape-sysinfo on all the servers and the IP address is present in all cases.  Oddly though, two of the machines still will not show the ip address in the motd after a reboot.  Does anyone have a suggetion?
<urthmover> update-motd
<ddellav> coreycb oslo.utils is ready for review & upload
<coreycb> ddellav, thanks I'll take a look
<coreycb> ddellav, can you rebase your changes on the current oslo.utils?  also there's a 3.7.0 you may want to pick that up instead.
<ddellav> coreycb will do, i did that update awhile ago.
<coreycb> ddellav, yeah looks like a change snuck in since then
<jamespage> coreycb, was the plan to update to eventlet 1.18.4?
<coreycb> jamespage,  we need to but I haven't looked into the test failures
<jamespage> coreycb, want me to peek?
<coreycb> jamespage, sure!
<jamespage> coreycb, working ftbfs for uca
<jamespage> coreycb, heat is failing in proposed
<jamespage> and ceilometer never event gets to staging
<jamespage> and libvirt is busted in staging...
 * jamespage sighs
<coreycb> jamespage, ok I can take some of those from you if you want
<jamespage> hallyn, hey - do you have an adversion to me doing a libvirt upload with a fixed virtlockd init script? its busted for trusty right now and not used on xenial...
<jamespage> coreycb, gee  - python$i setup.py test || true
<coreycb> jamespage, yeah that's useful!
<coreycb> ddellav, python-positional sync'd, we'll need an MIR for that eventually
<jamespage> coreycb,  Servname not supported for ai_socktype
<jamespage> is due to missing /etc/services in the build env
<jamespage> zmq we'll disable anyway
<coreycb> jamespage, I think we hit that before
<coreycb> jamespage, needs netbase package as a dep?
<jamespage> coreycb, yes - sorting that now
<jamespage> coreycb, https://launchpadlibrarian.net/244270611/buildlog_ubuntu-xenial-amd64.python-eventlet_0.18.4-1ubuntu1~ubuntu16.04.1~ppa201602292210_BUILDING.txt.gz
<jamespage> better
<jamespage> coreycb, I'll upload that now
<hallyn> jamespage: no;  i can't recall whether i'd asked smb to upload something or not...
<jamespage> hallyn, I basically modelled it on the libvirt-bin and virtlogd init scripts - appears to work ok
<hallyn> jamespage: cool - thanks
<jamespage> hallyn, I'll sneak one in then ;-)
<jamespage> coreycb, that should be libvirt fixed...
<jamespage> coreycb, EmilienM reported some problems with ironic as well, but I'm not familiar with that at-all
<jamespage> coreycb, that eventlet upload should unblock some of your oslo bits
<jamespage> coreycb, (mr core dev ;))
<Billy21> ok... since I messed up and build a RAID out of shitty drives... is there a command to break the RAID array and then salvage the data on the off the drives?
<bekks> Billy21: which raid level?
<Billy21> the mirror one
<Billy21> 0
<Billy21> i think
<bekks> mirror is 1, stripe is 0.
<Billy21> yeah 1
<Billy21> i know in M$ i can just see the files when the raid is broken on a drive
<Billy21> i think that is because of ntfs
<Billy21> but I am not sure if the raid is broken if the linux file structure can be read
<bekks> Billy21: On a raid1, yes, you can access the disk without issues.
<NwS> Heya guys, again a quick question. I've fixed logrotate and it seems to work fine, but the HDD seems to fill instead of clearing. For example there was a 1GB log file, it got compressed into 50MB but instead of giving me back 1GB I've lost 50MB :/ any ideas what's going on?
#ubuntu-server 2016-03-01
<sarnold> NwS: was the log file in question even closed by the program that's writing it?
<NwS> sarnold, no idea.. I thought logrotate would deal with it
<sarnold> NwS: many programs will close their log file and re-open if you send them a SIGHUP or SIGUSR1 or something; check the manpage for the program that writes the file
<NwS> sarnold, okie mate I'll check it out tyvm
<NwS> sarnold, seems like apache is the program
<NwS> stopping it didn't help :P
<sarnold> NwS: check lsof output for " (deleted)" files
<NwS> sarnold, I can see the log files there hmm
<NwS> the PID is apache under www-data user
<Billy21> ok
<Billy21> so which files system is the way to go?
<sarnold> for which purpose?
<Billy21> server os one hdd
<Billy21> storage the other
<sarnold> ext4 is probably a reasonable choice if you've just got one drive and don't care about bitrot
<Billy21> thanks
<Billy21> APCI PCC probe failed?
<Billy21> what does that mean
<sarnold> Billy21: heh https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1524930
<ubottu> Launchpad bug 1524930 in linux (Ubuntu Vivid) ""ACPI PCC probe failed" message is an error message when it should be debug" [Low,Fix released]
<hxcjoshuahxc> anyone know a good network scanning utility? ive recently switched isp's and bought a new modem. since then ive experienced frequent "broken pipes" while trying to ssh into my ubuntu 14.04 server. this wouldnt be a huge problem thanks to gnu screen and the like, but one of the main functions of the server is its samba shares which disapear on any of my smb clients nix or windows, when i get these... blips... any help would be apreciated!
<hxcjoshuahxc> after a bit of googling ive turned up nmap. trying it as we speak.
<sarnold> nmap's great for mapping, not as great for determining quality-of-service
<hxcjoshuahxc> i really need a way to test the only real changes to my network modem/isp because it was working flawlessly before.
<sarnold> I've used netalyzr on my phone before; apparently they have a desktop version too but step one is "run this java application" and i've never gotten that far.
<sarnold> netalyzr can find some pretty impressive things though, even on the phone
<sarnold> something like smokeping or mtr --report may be useful to try to diagnose packet loss problems
<sarnold> broken PMTU discovery can also lead to problems, I'm not sure the best way to test for that, but it'd be worth investigating
<hxcjoshuahxc> nice thanks for the info, looking into it now.
<sarnold> of course these guys give a great first-stop is-it-anywhere-near-sane kind of test http://www.speedtest.net/?a=1
<hxcjoshuahxc> ahh good ol' okala, nah their test works great this is something more suble im sure. it happens about once every 5-15 mins like clockwork.
<Fudge> anyone broken dhcp on xenial
<sarnold> Fudge: heh those bugs are all over the place; mixing dhcpd with dhcpcd and dhclient and _bind_(!?) and so on..
<sarnold> Fudge: if none of the bugs that you've seen or commented on are exactly the one issue that you've got, it might be best to open a new bug, and be specific in the bug description whether it's the client or the server or whatever, with error messages as you can find them, to help prevent the bug from being hijacked by unrelated errors
<hxcjoshuahxc> so netalyzr is pretty neat it actually turned up some interesting stuff regarding my isp's dns resolver.
<Fudge> sarnold:  hi, thanks for your reply mate. I have created a new bug and commented on two others which describe my problem exactly, this bug seems to keep raising its ugly hed each cycle. But no one has replied and poking the dev hasn't helped either. i'm a bit frustrated tbh, a friend with the same setup is also having the same issues so it does not appear to be something local to my environment.
<sarnold> Fudge: *nod* that makes sense.. there's too much to do and not enough time to do it :(
<Fudge> sarnold:  I do appreciate that for sure, maybe moving apparmor out of the way will help, I would hate to have to roll back to my Trusty though.
<Fudge> i guess it doesnt help that my times dont align with jdstrand  very much. he is on UK time i tseems whilst I am on Australian time
<sarnold> Fudge: hah, he's texas time :)
<sarnold> Fudge: if apparmor's in the way, grab those DENIED lines. everything revolves around those.
<Fudge> roger D
<Fudge> sarnold:  this is wirird,  this is from journalctl grep -i dhclient. its not a big pastebin maybe 20 lines. http://paste.ubuntu.com/15249415/
<Fudge> one error says couldnt reach network make sure the broadcast address is correct, but my interfaces file is basically iface eth0 dhcp
<Fudge> this is how I am keeping my connection alive
<Fudge> Mar 01 07:00:01 dominion CRON[9962]: (root) CMD (/sbin/dhclient eth0 >/dev/null 2>&1)
<Fudge> every 20 minutes
<sarnold> Fudge: is there anything in dmesg that may explain the interface dissapearing/
<Fudge> [    4.093635] e1000 0000:06:07.0 enp6s7: renamed from eth0
<Fudge> cat /etc/udev/rules.d/10-network.rules  | pastebinit
<Fudge> http://paste.ubuntu.com/15249443/
<sarnold> hmm. that should run a few seconds later..
<Fudge> I thought that once they were renamed it was static
<Fudge> should i revert the interface names and see if it is still happening?
<sarnold> I wonder if there's some unfortunate interactions between the rename command and the dhclient startup unit
<Fudge> do you think I should go find some dhcp folk ?
<sarnold> I like your idea of trying to use the en6p7 or whatever name..
<Fudge> ok, it sucks because i cant remember their names, actually let me just check my bash history fir dhclient requests
<Fudge> dhclient enp6s7
<Fudge> dhclient enp6s7
<Fudge> plus lots more of times ive just requested an ip to get back online,m can try reverting but seems i already had the problem before i changed
<Fudge> only 16 peeps in #isc-dhcp but im asking
<Fudge> sarnold:  do you understand ip routing much, this is my output
<Fudge> unicast default via 203.206.58.255 dev eth0  proto boot  scope global
<Fudge> unicast 10.10.10.0/24 dev eth1  proto kernel  scope link  src 10.10.10.254
<Fudge> unicast 203.206.56.0/21 dev eth0  proto kernel  scope link  src 203.206.58.81
<sarnold> seems sane
<sarnold> I didn't do the /21 math, that's hard to do when it isn't a multiple of 8 :)
<Fudge> :D
<Fudge> sarnold:  you work at Cannonical?
<sarnold> Fudge: yeah
<Fudge> pressure must have eased off abit with minor releases not being support as long hopefully
<sarnold> slightly; the hardest backports were usually for the oldest LTS releases, and that hasn't changed
<sarnold> it is nice to have e.g. only four or five supported releases to test updates on vs five or six, though, that part has been nice. :)
<Fudge> oh im not very goodd with packaging but tried a couple of times to backport to precise some of the accessibility stack during a python3 transition and failed after about the 20th dependency package
<Fudge> being a text to speech user
<sarnold> python feels actively mean about those things
<sarnold> but that's a rant for another day :)
<Fudge> I hear ya bud
<Fudge> seeing if AVAHI_DAEMON_DETECT_LOCAL=1
<Fudge>  in default/avahi-daemon will help as it was set to 0 and logs are showing that it messes with the interface after the ip address gets handed back to isp
<FarhaadN> hi every one,i have a question , my server was 12.04 with kernel 3.2.0.80-lowlatency ,i do upgrade to version 14.04 and when reboot system,kernel update to version 3.13.0.79-generic , i need to update with apt-get to last version,can i update to version 4 of kernel?
<FarhaadN> no answer?
<Fudge> dont see why you cant
<Fudge> keep the old one around in case it breaks
<axscode> Hi Guys, wanted to ask, our server has RAID, then suddenly reboot but unable to boot, which leads to reinstallation of GRUB. it's booting now but there's a huge files missing from our files archive is there a way to retrieve it?
<_ruben> FarhaadN: installing linux-generic-lts-wily will give you wily's kernel, which is based off 4.2.0
<FarhaadN> _ruben: i want to install low-latancy version of 4 , now kernel is 3.13 general ,no problem?
<_ruben> FarhaadN: then install linux-lowlatency-lts-wily instead
<FarhaadN> _ruben: thx ,can u tell me step by step by command? plz
<FarhaadN> or link
<lordievader> Good morning.
<_ruben> FarhaadN: sudo apt-get install linux-lowlatency-lts-wily
<_ruben> done
<_ruben> ;)
<Fudge> lordievader:  my new happiness today is from 'journalct -f -o cat'
<Fudge> now just how to pipe that into tty12 and ill be going great
<lordievader> But timestamps are usefull!
<lordievader> Well, can be.
<lordievader> Piping it the the input of tty12 is probably not what you want?
<Fudge> i agree but since i am a text to speech user it is really annoying
<Fudge> since i listen to the timestamp first
<lordievader> Ah, I see.
<lordievader> Can't you then pipe it to your tts application?
<fishcooker> how to enable ubuntu enable memtest86+ i've already install the package but update-grub doesn't detect the memtest option
<FarhaadN> _ruben: :D i think many procces to done,tnxx
<Fudge> yep I can, but i dont want to hear it all of the time, just when i want to look over recent events like WTF is going on lol
<Fudge> fishcooker: isnt it in /etc/grub.d/?
<Fudge> WTF=what the fudge
<fishcooker> https://bugs.launchpad.net/ubuntu/+source/memtest86+/+bug/883017
<ubottu> Launchpad bug 883017 in memtest86+ (Ubuntu) "memtest86+ fails on efi systems" [Medium,Triaged]
<fishcooker> Fudge: memtest doesn't support on efi system
<Fudge> oh i didnt realise, sorry mate
<adun153> How do I check the ports/interfaces of a Linux Bridge?
<mybalzitch> brctl
<mybalzitch> i thin/k
<lordievader> Yes, brctl. brctl show, to be precise.
<linuxlove> hello
<linuxlove> i am going to grant permission to my friend to get access to my ubuntu server through ftp what should i do?
<Sling> linuxlove: why ftp?
<Sling> what are you trying to do :)
<linuxlove> my friend and me are creating a website and he needs to get access to server
<linuxlove> i am on ubuntu 15.10
<Sling> create a useraccount on the system using adduser
<Sling> and let him use SCP
<linuxlove> what is SCP?
<Sling> then he can securely upload files into his homedirectory and any other locations you give the user access to
<Sling> secure copy, which uses ssh
<Sling> on what OS is hie?
<Sling> he*
<linuxlove> he is on debian
<Sling> alright he can just use scp /local/path user@yourhost:/remote/path then
<Sling> ftp is insecure
<linuxlove> in terminal?
<_ruben> i'd suggest rsync in that case
<Sling> yeah could use rsync as well, that will still need a useraccount thouh
<linuxlove> what should i do now?
<linuxlove> just create a user
<Sling> linuxlove: adduser
<linuxlove> with adduser
<Sling> then he will be able to put files in /home/<username>/
<linuxlove> and shoud i need to open any port ?
<Sling> if you want him to be able to put files somewhere else, give him permissions with chown/chmod
<Sling> yes, TCP 22 (SSH) should be available for him
<Sling> either open it to the internet, or preferably just for his remote IP, if it's fixed
<linuxlove> how can open port in terminal?
<linuxlove> for tcp
<Sling> why are you administering this server exactly? :)
<Sling> I would not recommend hosting a multi-user system on the internet if you don't have these basic skills
<linuxlove> it is my home system
<linuxlove> it is my first project
<linuxlove> i am learning yet
<Sling> linuxlove: okay, just don't store anything of importance on that server :)
<linuxlove> Sling, i do it
<Sling> linuxlove: you might want to use ufw for simplified firewall management
<Sling> i don't have experience with ufw though, I only use iptables
<linuxlove> Sling, i am going to get a full access to my friend
<Sling> if you trust him..
<linuxlove> just with a user name and password
<linuxlove> yes i trust him we are friend for 15 years
<Sling> you can give him rootaccess by adding him to the sudo group
<Sling> usermod -aG sudo username
<linuxlove> after adduser ?
<Sling> yes, the user will first need to be created
<Sling> also try out https://www.codecademy.com/learn/learn-the-command-line
<linuxlove> Sling, and how can i monitoring his action?
<Sling> linuxlove: if you give him full access, you can't really
<linuxlove> please listen Sling
<Sling> I already was..
<linuxlove> he needs to just upload on /var/www/html directory
<linuxlove> please say me what should i do exactly after add user
<linuxlove> excuse me
<Sling> groupadd web-content
<Sling> usermod -G web-content yournewusername
<Sling> usermod -G web-content www-data
<Sling> chown -R yournewusername:web-content /var/www/html
<Sling> find /var/www/html -type f -exec chmod 640 {} \; find /var/www/html -type d -exec chmod 750 {} \;
<maswan> Speaking of competence, anyone with drbd clues on why I can't get the resync rate up beyond 40MiB/s no matter what I tune things to?
<Sling> if you do those steps, the content will be owned by the new user, and apache will only be able to read all the files there
<Sling> if you want multiple owners of these files, you will need ACL
<Sling> maswan: did you tune your drbd settings?
<linuxlove> and about open port ?
<maswan> Sling: yeah. and "drbdsetup show" reflects the changed settings
<linuxlove> please say me configurqtion in terminqal
<maswan> Sling: Both various c-* parameters, or old-style resync-rate
<Sling> maswan: have you identified what the bottleneck is? 'glances' or 'atop' might show
<Sling> could be various things
<maswan> Sling: System idle, no iowait, network iperfs to 1120:ish MiB/s
<maswan> well, systems
<Sling> linuxlove: iptables -I INPUT -j ACCEPT -p tcp -m tcp --dport 22 -s 1.2.3.4/32
<Sling> where 1.2.3.4 is your friends' IP
<maswan> writing to the drbd after sync gives 300:ish MiB/s
<Sling> sudo apt-get install iptables-persistent
<Sling> and save ipv4 rules when prompted
<maswan> of network traffic to the slave
<Sling> that way you won't loose the firewall config after reboot
<Sling> now I'm done spoonfeeding
<Sling> learn how to use your system :)
<maswan> With some c-* settings I can make it go a bit slower, and crawling up to the ceiling of 40+-2MiB/s
<Sling> maswan: what is on the storage layer? is it a plain disk, or swraid/hwraid, or.. ?
<maswan> Sling: hw-raid6 on 12 drives, write-back cache
<linuxlove> Sling, what is 1.2.3.4/32?
<maswan> Sling: But since neither side shows a single % iowait, I'm not really suspecting that
<Sling> maybe with ethtool you can check if there are network errors
<Sling> faulty link, settings, etc
<Sling> linuxlove: 14:05:12 < Sling> where 1.2.3.4 is your friends' IP
<maswan> hm. yeah, I'd expect iperf to be as sensitive to that though
<maswan> Sling: For something like c-fill-target you set a target for bytes "in flight", do you know if there is a good way of seeing what that number is right now? I don't seem to find a good match in /proc/drbd
<linuxlove> Sling, i dunno my friends ip
<linuxlove> Sling, how can i configure while i dunno mi friendsip
<maswan> linuxlove: If you don't know your friends IP, you have to open it to the whole internet
<linuxlove> and i need to multiple access to webcontent
<maswan> Or learn your friend's IP
<linuxlove> okay
<linuxlove> Sling, about multiple access to web content?
<linuxlove> Sling, you will need ACL
<linuxlove> maswan,  iptables -I INPUT -j ACCEPT -p tcp -m tcp --dport 22 is okay for whole internet?
<maswan> I tihnk so, I'm not very fluent in iptables personally though
<maswan> I found ufw a blessing to deal with them. :)
<linuxlove> Sling, are you response ?
<linuxlove> Sling, ?
<Walex> maswan: I usually recommend 'ferm' for building firewall rules
<linuxlove> hello
<linuxlove> ssh localhost works for me but ssh my ip server doesnt work for me what should i do?
<hateball> is this on your LAN?
<linuxlove> hateball, no
<linuxlove> i am on a server
<linuxlove> on ubuntu 15.10
<lordievader> linuxlove: Is sshd listening to your server ip and does the firewall allow connections to that ip?
<linuxlove> lordievader, i am on server now and ftp://localhost and ssh localhost both works for me but when i use ftp://ip of server in internet i cant connect
<linuxlove> and i ran sudo service vsftpd start
<linuxlove> i have configured my modem and when i enter my ip in the internet o connect to my apache
<linuxlove> i see my welcome page in appache
<lordievader> linuxlove: Can you answer my question?
<linuxlove> lordievader, how can i know sshd is listening to my server ip?
<lordievader> linuxlove: Check the config or run 'sudo netstat -tulpn|grep sshd'.
<linuxlove> tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      6989/sshd
<linuxlove> tcp6       0      0 :::22                   :::*                    LISTEN      6989/sshd
<linuxlove> i think it is not listening to my ip server
<linuxlove> how can i configure that?
<linuxlove>  /etc/sshd/ssh-config file?
<lordievader> It is, it is listening to any ipv4 and ipv6 address.
<lordievader> So it is probably your firewall.
<lordievader> Could you pastebin the output of 'sudo iptables -vnL'?
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<linuxlove> lordievader, http://pastebin.com/x6Y0Q1kN
<lordievader> Hmm, it ain't the firewall.
<linuxlove> i am confuse what is problem
<lordievader> Ssh'ing to your server should work, at least from within your lan.
<lordievader> You do have a working network connection from the server?
<linuxlove> lordievader, what do you mean?
<linuxlove> lordievader, when i enter my ip server on browser i connect to appache
<lordievader> Can you ping google for example.
<linuxlove> yes
<lordievader> Then I do not really see why it shouldn't work. The test box is within your LAN?
<linuxlove> lordievader, no
<linuxlove> lordievader, please listen
<linuxlove> i have configured my modem to use my ubuntu 15.10 as server through internet
<linuxlove> my friend and me are creating a website
<linuxlove> he needs to access to my /var/www/html
<linuxlove> to upload his files for me
<linuxlove> i need to give him  a way to get access to web content
<lordievader> Ah, have you setup port forwarding on your router?
<linuxlove> lordievader, yes
<lordievader> linuxlove: Okay, test your server within your LAN.
<lordievader> Does that work?
<linuxlove> let me try
<linuxlove> lordievader, i tested
<lordievader> linuxlove: So, what is the outcome?
<linuxlove> i get this message welcome to ubuntu 15.10 when i try on my l
<linuxlove> my lan
<linuxlove> but i see this last login from 127.0.0.1
<lordievader> So it works ;) Seems like your portforwarding is incorrectly setup.
<linuxlove> do you know about configuration of that?
<linuxlove> when i connect from redhat to my ubuntu through lan every thing is okay
<linuxlove> but through internet i cant connect to my server i think it is because of just port 80 is active in portforwarding
<linuxlove> lordievader, what should i do?
<lordievader> Add port 22 to the forwarding?
<linuxlove> how can i add 2 port there?
<linuxlove> i see service port=80
<linuxlove> and protocol =tcp
<linuxlove> protocol is include tcp and all and udp
<linuxlove> my protocol is tcp at moment
<linuxlove> and port is 80
<linuxlove> lordievader, are you there?
<linuxlove> XX-XX or XX is format at front of service port
<linuxlove> i dunno how can i enter 2 port there
<coreycb> ddellav, oslo.utils and oslo.concurrency uploaded
<ddellav> coreycb ok, you went back over and grabbed the new releases?
<coreycb> ddellav, yes they're at the latest releases now
<Verac> Anyone know if it is possible to push patching configurations from one landscape server to another?
<rattking> hello I dont see CVE-2016-0800 listed in usn-2914-1 -- any work on when that will be patched? if not already.. that CVE is listed as 'High severity' but there are no details in the link from openssl
<maswan> rattking: Can you find a single supported version of ubuntu with SSLv2 enabled?
<mdeslaur> rattking: ubuntu disabled sslv2 in openssl a long time ago, so we're not vulnerabe to CVE-2016-0800
<mdeslaur> rattking: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0800.html
<rattking> awesome.. thanks for the info
<cyphermox> rharper: are you planning a multipath-tools update, or do you know what commits need to be backported to fix zfcp?
<cyphermox> (I'm asking because I have another upload to do, trying to see if all of it should be together or what)
<jamespage> smb, apologies for stamping ahead on that libvirt upload - I was unblocking some testing I was doing
<smb> jamespage, Partly I was cursing myself for having waited to long. :)
<smb> too
<jamespage> smb, hehe
<rharper> cyphermox: not yet;  I have an idea of which ones and a test multipath package with just a few patches, but I've mostly been waiting to have a setup so I can recreate rather than tossing packages at ibm
<cyphermox> rharper: ok
<cyphermox> can I help?
<cyphermox> do you need any special hardware to do this or can we reproduce on qemu?
<rharper> probably hardware
<cyphermox> fwiw, I did the upload earlier
<rharper> I can't reproduce on qemu but it requires a host-side drop of the device
<rharper> I'm getting access to a s390x instance with FCP devices to reproduce
<rharper> we have that, but getting access to "re-enable" them is a challenge since it requires special privs
<rharper> I also have an RT open for an internal system where we'd have the privs to do the reneable
<rharper> that said, two paths:  I'm looking at multpathd patches from upstream: 646e754853b123a075b4cede7d9ccf540e8c9b0c 7e00a100ed566f709a0e93a762101ad51dee1498 72ceb736edebfe4720ead34caa95be7d88e65dfa
<rharper> which are around udev path discovery and timeouts
<cyphermox> ok
<rharper> which are present in the debian version where ibm doesn't see the issue
<cyphermox> I already backported a whole lot of such paths
<cyphermox> *patches
<rharper> nice
<rharper> lemme look at ubuntu15 then
 * cyphermox looks
<rharper> and see what you picked up versus what's in debian
<cyphermox> don't bother, I was talking in general
<rharper> ok
<cyphermox> what I mean though is perhaps we should not worry too much about reproducing and just merge with Debian
<rharper> cyphermox: +1 on that
<rharper> the number of fixes since 0.5.0 is signficant; and while we have a lot of stuff we know the debian version is fully working for ibm on Z with FCP devices
<cyphermox> ok
<cyphermox> wanna try your hand at that merge?
<rharper> yeah, I can do that
<cyphermox> oh, perhaps we should do the FFE first though
<cyphermox> rharper: if you want to prepare the FFE for the merge, I'll share here scripts I have to help with that: http://paste.ubuntu.com/15261563/
<cyphermox> so; ~/bin/git_log_changelog.sh 0.5.0.. yields http://paste.ubuntu.com/15261569/
<cyphermox> from which we may be able to further remove stuff that is obviously bugfix, like most entries that start with "fix XYZ"
<rharper> cyphermox: cool, I'll start pulling something together
<coreycb> ddellav, I uploaded openstackclient to xenial
<ddellav> coreycb ok
<coreycb> ddellav, want a hand with oslo.messaging?
<ddellav> coreycb it's done. I forgot to update the spreadsheet, doing it now.
<coreycb> ddellav, ok
<coreycb> ddellav, got a link?
<coreycb> jamespage, I just uploaded a new heat version to xenial.  we were hitting this: https://bugs.launchpad.net/heat/+bug/1547612
<ubottu> Launchpad bug 1547612 in Ceilometer "AttributeError: 'NoneType' object has no attribute '_config_dirs'" [Medium,Triaged]
<jamespage> coreycb, yeah - thats what I was seeing in mitaka proposed
<ddellav> coreycb lp:~ddellav/ubuntu/+source/python-oslo.messaging
<jamespage> coreycb, https://launchpadlibrarian.net/244632281/buildlog_ubuntu-trusty-i386.python-oslo.concurrency_3.6.0-0ubuntu1~cloud0_BUILDING.txt.gz
<jamespage> some 32 vs 64 bit issues...
<coreycb> jamespage, ok I'll look
<coreycb> ddellav, oslo.messaging mostly looks good.  can you piece together the new changelog like the old merged changelog? (diff the debian/ubuntu 3.0.0 versions to see what I mean). and can you base the merge on the debian version at tag debian/4.0.0-1?
<velusunivers-sys> hello is there any way to partition and resize a disk in commandline
<arlen> yes https://help.ubuntu.com/community/InstallingANewHardDrive
<Sling> velusunivers-sys: sure, resizing will depend on what kind of disk though
<Sling> you might want to use LVM
<velusunivers-sys> its a virtual disk and its alread in the system
<qman__> velusunivers-sys: expand the disk file itself externally, fdisk/gdisk/parted to add or recreate the partition(s), then resize2fs assuming ext2/3/4
<velusunivers-sys> im sending a shutdown +0 -k and it wont shutdown
<velusunivers-sys> what do i do
<qman__> sudo poweroff
#ubuntu-server 2016-03-02
<velusunivers-sys> when the ubuntu server installed it asked for a use, im needing to root into it ow do i get the root password
<bekks> !root | velusunivers-sys
<ubottu> velusunivers-sys: Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<velusunivers-sys> i dont want to be using sudo i want ot be able to use root
<bekks> velusunivers-sys: Againm read what ubottu just told you.
<genii> velusunivers-sys: Use sudo -i
<genii> velusunivers-sys: Then: exit   ...when done doing root-things
<lordievader> Good morning.
<a_ok> What is the recommended way to limit resources of a process in Ubuntu 14.04?
<rbasak> a_ok: ulimit? Or cgroups?
<a_ok> rbasak: I think cgroups. I don't really care what method is used as long as I can limit the memory usage of varnish (it mmaps everything untill other processes crash).
<rbasak> a_ok: "ulimit -v" might be enough for that. I'm not as familiar as I'd like with cgroups, but they're more complex.
<rbasak> systemd makes things easier to apply resource limits but not in 14.04.
<a_ok> rbasak: I know that I can use ulimit -v. I just get tired of finding out where and how to make this happen.
<rbasak> a_ok: looks like upstart has a "limit" keyword
<a_ok> I know there is limits.conf. that requires a lot of messing with pam files to get it to work on services. If at all possible I do not want to hack upstart scripts
<rbasak> http://upstart.ubuntu.com/cookbook/#limit
<a_ok> rbasak: ok that looks like the most elegant solution untill an upgrade comes along
<rbasak> Well, a service startup script would be the right place to configure this kind of thing if a daemon itself cannot do it.
<rbasak> With systemd, it's essentially in the same place, just a different syntax.
<rbasak> (and a different override mechanism)
<rbasak> a_ok: http://upstart.ubuntu.com/cookbook/#override-files
<a_ok> rbasak: thanks that will help (a lot actually)
<a_ok> rbasak: that was the whole reason I was looking into cgroups. there seems to be a cgred deamon that should be able to place my processes in cgroups on the fly but it feels like swatting at mosquito with a boulder.
<Deeps> hi guys, just installed ubuntu server 14.04 lts, during the install it asked me if i wanted to encrypt my homedir, which i dutifully agreed too, and then after that got an option for partitioning disks and setting up an encrypted lvm. if this is a single user system (me), is there any benefit to having an encrypted homedir if the rest of the system partition is also encrypted?
<lukesoft> Guys i just installed ubuntu server, and at some point during installation is asked me what i would like to install, and there was like 6 options including DNS server, Samba etcâ¦â¦.without knowledge i installed just the first oneâ¦â¦and i am not sure if its exactly what i need, how do i go back to that option
<rbasak> Deeps: one benefit is that nobody can access the data in the encrypted homedir when it is not unlocked, for example if nobody is logged in. Probably makes no difference for a server. I don't do it, relying on full disk encryption only, on both desktops and servers.
<Deeps> rbasak: cool thakns, thats what i thought, and was already reinstalling it without encrypted homedir :>
<rbasak> lukesoft: I think the program you want is called "tasksel". But it's just a set of preselected packages. You can just install what you need without that.
<rbasak> kirkland: ^^ I wonder if we can avoid prompting for encrypted homedir on the server ISO? Seems misleading to me.
<rbasak> Not sure how we'd achieve that technically mind.
<lukesoft> rbasak: Thanks, I thot i did something wrong
<Deeps> fresh install of ubuntu server from 14.04.4 iso, on first boot: updates are available to install
<Deeps> feels a bit like windows
<Deeps> would be cool if it had an option to install newest packages from net during install time
<Walex> Deeps: updates happen pretty frequently....
<Deeps> Walex: yep, not saying that the iso should be updated every time, but that it could fetch updated packages during install time
<Walex> Deeps: and some people for whatever odd reasons of their insist on being on an *exact* point release, even if it is largely meaningless
<Deeps> Walex: those people dont care about kernel vuln updates? openssl updates?
<Deeps> Walex: also note, 'option', covers those people
<Deeps> fwiw i'm coming from using debian netinst as standard, so i'm used to installing and having an up to date system immediately
<Deeps> just an idea
<Walex> Deeps: the updates happen IIRC if you do a network install rather than from-ISO
<Deeps> gotcha
<Deeps> so i used the wrong installer
 * Deeps finds the right one
<rbasak> Deeps: I agree, it would be nice if the even the main ISO installer did what you said when network connected. I'm not sure why it doesn't.
<lukesoft_> I have ubuntu 15 desktop, and a wireless router (TP-LINK WR740N)...I am need to redirect everyone who connects to the wireless access point to my custom php page running on my apache webserver on the ubuntu box......Where do i start?
<lukesoft_> <lukesoft_> I do not need to authenticate people or anything like that
<lukesoft_> I have ubuntu 15 desktop, and a wireless router (TP-LINK WR740N)...I need to redirect everyone who connects to the wireless access point to my custom php page running on my apache webserver on the ubuntu box......Where do i start?
<lukesoft_>  I do not need to authenticate people or anything like that
<trippeh> I had to mask 99-default.link to get /etc/systemd/networkd/*.link to work, that doesnt seem right
<trippeh> (16.04)
<trippeh> err, /etc/systemd/network
<trippeh> ah, hum, ordering..
<velusunivers-sys> what would glibc be under in ubntu in the aptget
<Pici> velusunivers-sys: the source package?
<Pici> velusunivers-sys: the source pacakge is eglibc on 12.04 and 14.04, glibc on other supported releases.  libc6 itself is installed by default.
<kirkland> rbasak: that's fine
<kirkland> rbasak: you're welcome to patch that out
<velusunivers-sys> brain fart here, how do i use tar to untar a file?
<velusunivers-sys> a tar.bz
<qman__> tar xjf archive.tar.bz2
<velusunivers-sys> can i do a wildcard for it i.e tar xjf *.tar.bz2
<velusunivers-sys> and same for .gz and such
<lordievader> I would do that in a loop, your shell expands the *, not tar.
<ddellav> coreycb oslo-messaging has been fixed. My changes are in the ubuntu/mitaka branch
<rbasak> echo *.tar.bz2|xargs -n1 tar xjf
<rbasak> xargs will call "tar xjf <file>" for each thing that is piped in.
<rbasak> I hear that newer tar doesn't require the decompression specifier any more as it autodetects. Not tried it though and don't know when it happened.
<sdeziel> indeed, tar xf will figure it out
<coreycb> ddellav, thanks I"ll take a look shortly
<velusunivers-sys> so how would i do that then?
<ddellav> yea, it's nice. tar xf will auto detect. Not sure if it's based on the file extension or not.
<rbasak> echo *.tar.{bz2,gz}|xargs -n1 tar xf
<velusunivers-sys> ok just done echo *.tar.bz2|xargs -n1 tar xjf and im waiting to see if it works now
<velusunivers-sys> what about xz
<rbasak> echo *.tar.{bz2,gz,xz}|xargs -n1 tar xf
<rbasak> Also .tgz is a common extension
<rbasak> echo *.{tar.{bz2,gz,xz},tgz}|xargs -n1 tar xf
<rbasak> You get the idea ;)
<velusunivers-sys> and what about .patch?
<rbasak> Patch files can't be unpacked, only applied.
<velusunivers-sys> ok
<velusunivers-sys> and if i wanted to rmoves all tars and not the actual folders i.e archive.tar.gz archive2.tar.xz .... but keep /archive /archive2 ... how would i remove it
<rbasak> Use rm. Spend some time understanding how the commands above work and you should be able to figure it out.
<lordievader> velusunivers-sys: Also read up on regular expressions.
<velusunivers-sys> would i do something like echo *.tar.{bz2,gz}|xargs -nl rm ?
<lordievader> velusunivers-sys: 'rm *.{tar.{bz2,gz},tgz}' would do the trick.
<coreycb> ddellav, all the clients are at the latest release for mitaka, just need the python-positional MIR
<velusunivers-sys> ok
<velusunivers-sys> i did as above what i said and that worked
<coreycb> ddellav, I skipped that test for ceilometer and opened a bug upstream
<ddellav>  ok, im running through all the checklists so i dont miss anything.
<ddellav> coreycb ah ok, good to know
<dannymichel> what error logs can i look at to troubleshoot 502 bad gateway? nginx error log is  giving me nothing
<teward> dannymichel: there's any of a billion potential causes of the error
<teward> dannymichel: what's your backend that you're trying to reach to?  PHP?  Passenger?  Another web service on an internally-listening-only port?
<dannymichel> it happened after The following NEW packages will be installed: php-apc php5-apcu php5-common php5-json
<teward> dannymichel: what OS?
<teward> or rather what version of Ubuntu
<dannymichel> just ried installing apc using apt-get
<dannymichel> 14
<teward> dannymichel: check the PHP configuration then - determine where it's set up to listen on, then point NGINX to that for the proxy_pass or however you reach out to PHP
<dannymichel> ok
<teward> also without your configs I can't tell if you disable error logging or not for that site;
<teward> or whether your errors go to other logs, etc.
<teward> but start by checking if the following are true:
<teward> (1) php is listening
<teward> (2) php is listening where nginx is trying to send to it
<teward> (3) nginx is configured to use the correct listening location for wherever PHP is listening (could be a local UNIX socket, could be a local TCP socket)
<dannymichel> ok thanks
<teward> i.e. if your proxy_pass goes to 127.0.0.1:9987 then you need to make sure the php backend process is listening there :)
<teward> you're welcome
<dannymichel> ok thanks again
<maswan> Sling: btw, my drbd stuff, it turns out it was the network buffers I needed to bump, like in http://lists.linbit.com/pipermail/drbd-user/2016-January/022611.html
<maswan> but it took a while to figure out that the way to do this in order to take for my deployment was: drbd:net-custom="--max-buffers 36k --sndbuf-size 1024k --rcvbuf-size 2048k
<maswan> and that changing it with drbdsetup during a resync doesn't affect that resync either
<linuxlove> hello
<linuxlove> i am going to grant permission to a user for upload files on /var/www/html how can i do that?
<Siilwyn__> Hi there folks. I made a new SSH key, added it to my server then deleted the 'old' ssh key by editing the 'authorized_keys' file. But I'm still able to login to my server with the old SSH key, how is that possible?
<linuxlove> i am going to grant permission to a user for upload files on /var/www/html how can i do that?
<linuxlove> how can i just access to one directory /var/www/html ?
<Siilwyn__> linuxlove, add a new user on your system. Then make that user the owner (or add the user to a certain group) of the directory with `chown`. Then change user permissions to be able to write with `chmod`.
<Norbin> unattended ubuntu 14.04.4 installation just hangs. any debugging that can be done somehow to understand where it's stuck?
<Norbin> did some minor changes, followed instructions as on the official guide / forums
<linuxlove> Siilwyn__, do i create group named webcontent?
<linuxlove> i have created a user
<linuxlove> Siilwyn__, groupadd webcontent
<linuxlove> ?
<linuxlove> Siilwyn__, then how can i assign that directory to this group could you say please?
<linuxlove> i have created a group named webcontent how can i assign accessing to /var/www/html to members of this group ?
<linuxlove> omg
<linuxlove> it seems this channel is empty
<Siilwyn__> patience is a virtue
<Siilwyn__> don't expect people to respond right away at an IRC channel, people are helping others here out of goodwill
<Siilwyn__> anyway linuxlove checkout `man chown`
<Siilwyn__> you can assign a group with that command
<linuxlove> Siilwyn__, if i assign user to web-data group can he write on /var/www/html?
<Siilwyn__> linuxlove, if the directory has that group as an owner and the group permissions have write. then yes
 * Siilwyn__ brb. going to eat
<BillAtChem402> Hi.  I've got a 'trusty' ubu-server installed.  I'm looking for the latest openssl updates in response to the 'DROWN' vulnerability.  an apt-get update finds nothing afaict.  What repo do I need in sources.list to get the update?
<Pici> /50/50
<linuxlove> Siilwyn__, are you there
<linuxlove> Siilwyn__, i used  usermod -aG www-data user but user cant write to var/www/html what should i do?
<nacc_> BillAtChem402: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0800.html ?
<nacc_> BillAtChem402: if i understand, correctly
<linuxlove> Siilwyn__, when i use sudo chmod 640 user i  get this error that user is not  in sudo file
<Siilwyn__> BillAtChem402, you don't need to update your openssl. All you need to do is configure your ssl to not fallback to old versions.
<Deeps> BillAtChem402: you may find you've got automatic security updates enabled, and thus, the latest package has already been supplied
<linuxlove> how can i grant write permission to that user ?
<Siilwyn__> linuxlove, what does ls -A tell you about the permissions?
<BillAtChem402> nacc_: Yep, that looks like the one.  Siilwyn__ Interesting.  How do I prevent fallback?  Deeps 'automatic' is more than just having security repos in source.list?
<linuxlove> ls -A?
<Deeps> BillAtChem402: yeah, ubuntu has an automatic security updates option which you can enable at install time (and toggle some how later on i assume). either way, ubuntu like debian wasn't affected by DROWN, as debian compiles openssl without sslv2 support
<linuxlove> Siilwyn__, ls -A /var/www/html?
<Deeps> BillAtChem402: https://help.ubuntu.com/lts/serverguide/automatic-updates.html
<BillAtChem402> Deeps: yep, just found it ... already there. thx.
<Siilwyn__> linuxlove, no just `ls -A` in the parent directory
<Siilwyn__> BillAtChem402, that depends on what you're using SSL for. I'm guessing HTTPS?
<linuxlove> Siilwyn__, i just see my files in output of ls -A in terminal and i see no thing for permissions
<Siilwyn__> oh snap
<BillAtChem402> Siilwyn__: Mail server , VPN & web/https .  Are you talking about preventing the fallbacks is those apps' configs?  If so, that's already taken care of.
<linuxlove> Siilwyn__, ls -l say about permissions
<Siilwyn__> linuxlove, I meant `ls -l`
<Siilwyn__> indeed
<linuxlove> Siilwyn__, how can i add my user to sudoers?
<Siilwyn__> BillAtChem402, that's what I was talking about. That's all you gotta do, as long as your services don't fallback to the old SSL there is nothing wrong.
<BillAtChem402> Siilwyn__: Ok. I thought that I also had to do something ubu-server-wide , too.  Sounds likes I'm set.  And I do have auto-updates on for security ....
<linuxlove> Siilwyn__, i get this error cp /home/mohsen/web.xml /var/www/html/
<linuxlove> cp: cannot create regular file â/var/www/html/web.xmlâ: Permission denied
<Siilwyn__> linuxlove, that is something wildly different
<Siilwyn__> I take that back, ;d
<linuxlove> Siilwyn__, how can i assigh him write permission to just /var/www/html while he is not in sudoers
<Siilwyn__> could you `ls -l` and send the line of results for that directory here?
<BillAtChem402> Thx!
 * Siilwyn__ for example: drwx------ 2 pancake pancake  4096 Aug 25  2015 .docker
<ogra_> damn ... i knew i shouldnt have clicked on this channel ... hungry now
 * ogra_ goes to find some pancake
<Siilwyn__> ^^
<linuxlove>  ls -l /var/www/html/
<linuxlove> total 32
<linuxlove> -rw-r--r-- 1 root root    21 Jan 24 07:50 a.html
<linuxlove> -rw-r--r-- 1 root root    84 Feb 29 08:45 index.html
<linuxlove> -rw-r--r-- 1 root root    81 Feb 29 08:41 index.html~
<linuxlove> drwxr-xr-x 3 root root  4096 Feb 29 15:51 PhpProject1
<linuxlove> -rw-r--r-- 1 root root 12840 Feb 25 13:15 README.FIRST
<nacc_> linuxlove: please use pastebin
<Siilwyn__> linuxlove, now I would like to know that but only for the html directory
<Siilwyn__> nacc_, he only needed to send one line though. ;P
<nacc_> Siilwyn__: fair enough ... they are also asking the same question on #ubuntu, fwiw
<linuxlove> Siilwyn__, are you there?
<linuxlove> nacc_, it doesnt make sence
<Siilwyn__> nacc_, yeah linuxlove is also pm'ing me for no reason.
<linuxlove> nacc_, we are here to help
<linuxlove> Siilwyn__, it is for no reason?
<sarnold> mm pancakes
<linuxlove> Siilwyn__, how can i know that for just one directory?
<Siilwyn__> by reading what I ask you. -_-
<nacc_> linuxlove: ls -l /var/www/html
<nacc_> no trailing /
<Siilwyn__> > "send the line"
<sarnold> nacc_: itym ls -ld
<nacc_> sarnold: i was just quoting Siilwyn__ :)
<nacc_> sarnold: i think you're right, though
<linuxlove> -ld /var/www/html/
<linuxlove> drwxr-xr-x 3 root root 4096 Feb 29 08:45 /var/www/html/
<linuxlove> nacc_, you are just need to learn more i think instead of look for my questions in ubuntu also
<linuxlove> Siilwyn__, if your purpose is help just tell me what should i do ?
<linuxlove> and i am Pm`ing you with no reason say me to leave here
<nacc_> linuxlove: i don't know what you're saying, but I think Siilwyn__ is helping you
<linuxlove> i am not here with no reason
 * genii makes more coffee
<nacc_> linuxlove: it's considered bad etiquette to PM someone if you are already asking questions publicly. That's like spamming.
<linuxlove> it is hard for members from ubuntu-server to help me to grant write permission to a special directory
<hallyn> smb: if you're looking at another libvirt merge, also consider bug 1552241
<ubottu> bug 1552241 in libvirt (Ubuntu) "libvirt-bin apparmor settings for usb host device" [Undecided,Incomplete] https://launchpad.net/bugs/1552241
<linuxlove> Siilwyn__, excuse me for calling you
<linuxlove> have a good time
<genii> I think I'd probably do userdirs on apache instead of mucking with permissions/ownership stuff directly under /var/www
<nacc_> linuxlove: i think you have a few options (if you can't decide which is best, then I think you need to take a step back and consider googling around): 1) allow everyone to write to that directory (chmod o+w); create a special group, add users to that group as needed, and chgrp a directory; or use userdirs as they are intended by apache
<linuxlove> my friend is going to upload files to /var/www/html with rsync command from his terminal
<coreycb> ddellav, oslo.messaging uploaded, thanks for the merge!
<ddellav> coreycb yay finally :)
<linuxlove> i created user named mohsen for him
<linuxlove> and i assigned him to www-data group
<linuxlove> please tell me what i the best solution for me at moment
<Siilwyn__> nacc_, may I bother you with a question? nobody at #linux seems to know the answer... I made a new SSH key, added it to my server then deleted the 'old' ssh key by editing the 'authorized_keys' file. But I'm still able to login to my server with the old SSH key, how is that possible? I already restarted the ssh service.
<sarnold> Siilwyn__: o_O that's very odd
<linuxlove> in this output ls -ld /var/www/html/
<linuxlove> drwxr-xr-x 3 root root 4096 Feb 29 08:45 /var/www/html/
<nacc_> is it possible there is an ssh agent caching something?
<Siilwyn__> sarnold, yeah I know right. I'm pretty worried atm. about what could be wrong
<linuxlove> how can i add mohsen beside root also
<sarnold> Siilwyn__: is this machine online atm? I wonder if it's allowing -any- key or something similar
<nacc_> Siilwyn__: ssh -vvv might tell you more, too, not positive
<linuxlove> thanks friend it seems nobody want to help me
<linuxlove> i got a new concept of help
<sarnold> linuxlove: I don't think you're asking questions that have answers. try this: http://www.catb.org/esr/faqs/smart-questions.html
<nacc_> linuxlove: and you were given 2 answers already ...
<linuxlove> nacc_, i am new to linux
<Siilwyn__> nacc_, what is `ssh -vvv` supposed to do? For me it just displays the help text.
<linuxlove> nacc_, you cant tell me what should i do in terminal?
<nacc_> Siilwyn__: sorry, as part of the command ... e.g. ssh -vvv remote_server
<Siilwyn__> nacc_, sarnold just tried it with a newly generated ssh key and that worked too 0.0  maybe it is indeed my ssh agent doing weird things
<sarnold> Siilwyn__: I wouldn't expect your agent to be involved -- that was my initial fear, too..
<linuxlove> a guy yesterday was here and he could understand what does it mean new to linux
<nacc_> linuxlove: i don't think it's a good idea to just tell you what to do, as you're liable to make your server vulnerable to security issues. I think you should educate yourself on users, groups, and permissions. And then you can decide what makes the most sense for your setup.
<linuxlove> nacc_, i put mohsen in sudoers file
<nacc_> linuxlove: why would you do that?
<linuxlove> nacc_, i couldnt get a good help from here
<linuxlove> nacc_, i do that because my friend is waiting for uploading
<Siilwyn__> linuxlove, add a new user on your system. Then make that user the owner (or add the user to a certain group) of the directory with `chown`. Then change user permissions to be able to write with `chmod`.
<Siilwyn__> ^ I told you this before, do this for the /var/www/html directory
<nacc_> linuxlove: also, in any case, this has little to nothing to do with server itself; you did ask on #ubuntu, I believe, and were being helped, but you didn't like their answers either (that's my reading of what happened, at least).
<linuxlove> i created user and i assigned him to www-data wasnt it useful for me?
<nacc_> linuxlove: does that group have permissions for the directory in question?
<Siilwyn__> nacc_, no it doesn't. it it owned by root:root
<Siilwyn__> already told him
<nacc_> Siilwyn__: I know, I want linuxlove to understand this
<linuxlove> Siilwyn__, i created a webcontent group
<Siilwyn__> whoops, okay. Got a bit to fast in my response
<linuxlove> hey guys
<Siilwyn__> nacc_, anything particular I should look for in the output of `ssh -vvv`?
<linuxlove> excuse me for my less knowledge
<linuxlove> please be patient about me
<nacc_> Siilwyn__: i'm just curious what it says for how it authenticated, which key it chose to use
<nacc_> sarnold may be more helpful debugging it, tbh, but you can pastebin the output if you'd like
<sarnold> Siilwyn__: it's hard to describe; can you ssh to another server that will reject you? (sarnold.org ought to reject you..)
<linuxlove> i created a webcontent group which command in terminal will help me to put this group owner of /var/www/html ?
<sarnold> Siilwyn__: comparing the two outputs may help you spot the issue if you don't want to pastebin the output
<nacc_> sarnold: good point
<nacc_> linuxlove: chgrp
<nacc_> linuxlove: or chown
<nacc_> linuxlove: as Siilwyn__ told you earlier
<linuxlove> nacc_, chgrp webcontent /var/www/html?
<Siilwyn__> sarnold, it's asking for your user's password. (maybe you know that already) but I would disable password-based auth if I were you
<linuxlove> i need to do that step by step
<nacc_> linuxlove: that will make group webcontent the group owner of /var/www/html, yes
<sarnold> Siilwyn__: hah, I hadn't realized. it's a hosted instance, I've got no actual administrative control over it.. doing something better has been on my todo list for ages :)
<sarnold> Siilwyn__: thanks :D
<Siilwyn__> :D no problem, I was hoping that was the case for you
<linuxlove> i did that
<Siilwyn__> sarnold, found this in the `ssh -vvv` response: "Could not load "/home/siilwyn/.ssh/randomnewkey.pub" as a RSA1 public key"
<linuxlove> hello
<linuxlove> ls -ld /var/www/html/
<linuxlove> drwxr-xr-x 3 root webcontent 4096 Feb 29 08:45 /var/www/html/
<sarnold> linuxlove: nice; now chmod 02775 /var/www/html  -- that will enable the setgid bit on the directory, which will cause all new files and directories created there to inherit the group
<Siilwyn__> sarnold, nacc_ I really don't know what I should look for, not even sure which key it is using would you mind looking into the log: https://gist.github.com/Siilwyn/114e18c70cd19d50dc26
<Siilwyn__> sarnold, props for the setgid bit!
<sarnold> Siilwyn__: jeezae you had me terrified when I saw this: debug1: Server host key: ECDSA 01:02:03:04:05
<sarnold> Siilwyn__: .. but then I noticed the IPs also looked funny. hah. ;)
<Siilwyn__> ;D yeah not sure if that was needed but I thought posting my ports and fingerprints on internet might not be very smart
<linuxlove> hey guys
<linuxlove> i did that
<linuxlove> excuse me that i bothered you
<linuxlove> you are great guys
<sarnold> linuxlove: does creating a new file in that directory show the correct user:group?
<linuxlove> my friend is uploading with rsync now
<sarnold> Siilwyn__: I _think_ the trustytitan key was accepted; check again the ~/.ssh/authorized_keys?
 * Siilwyn__ loves happy endings, *sniff* what an happy ending.
<sarnold> Siilwyn__: hehe
<sarnold> Siilwyn__: (and just to make sure.. you're checking and changing onthe -server- side, right? please don't hit me..)
<linuxlove> sarnold, ls -ld /var/www/html/web.xml
<linuxlove> -rw-r--r-- 1 mohsen webcontent 1230 Mar  2 14:12 /var/www/html/web.xml
<Siilwyn__> haha yeah serverside ;p otherwise that would be the ultimate fail
<linuxlove> Siilwyn__, thanks
<sarnold> linuxlove: nice. he may want to change umask setting to 0200 instead of 0220 but it otherwise looks promising
<sarnold> Siilwyn__: okay, sorry, just have to check .. :)
<Siilwyn__> no problem, it's always good to check the most basic things first.
<Siilwyn__> sarnold, authorized_keys still only showing one key
<linuxlove> sarnold, you exactly understand what does it mean new to linux
<sarnold> Siilwyn__: time to grab server logs :/ does anything show up?
<linuxlove> hey guys
<sarnold> Siilwyn__: it is slightly reassuring that it didhn't just accept you o nthe first one..
<linuxlove> good nigh
<linuxlove> thanks for help
<sarnold> linuxlove: yeah, I _loved_ being new to linux.. so much to learn, so much to read :)
<sarnold> linuxlove: it's grown a bit since then of course..
<sarnold> linuxlove: have fun
<linuxlove> nacc_, really thnks for step by step helping
<Siilwyn__> g'night!
<linuxlove> sarnold, you are great
<sarnold> linuxlove: my hint for the day: read those manpages. they are worth their weight in gold :)
<linuxlove> Siilwyn__, good night really thanks
<linuxlove> sarnold, you are right
<Siilwyn__> sarnold, all auths in the sshd (with the old and new key) have the same RSA.
<linuxlove> but i am weak at english
<linuxlove> i love you alll
<Siilwyn__> <3
<linuxlove> if someone can introduce me a book for website administrator please tell me
<linuxlove> i am on a ubuntu15.10
<Siilwyn__> in the sshd log it first shows a 'postponed publickey ... ssh2 [preauth]' then 'accepted publickey ... RSA <same fingerprint for all requests>' pretty nothing else going on in the log
<genii> linuxlove: https://help.ubuntu.com/lts/serverguide/ is the most current guide for Ubuntu Server
<linuxlove> genii, thanks
<Siilwyn__> sarnold, shall I pm you my server info so you can try to login? I'm afraid it accepts every ssh key atm...
<sarnold> Siilwyn__: sure
<Siilwyn__> wait a sec.
<Siilwyn__> just discovered that if I change the user it rejects me
<sarnold> pfew, mine's rejected :)
<Siilwyn__> okay I think I have been stupid, seems like the ssh process on my laptop has been running all this time. can't kill it though
<Siilwyn__> :|
<Siilwyn__> I guess I'll look into it further tomorrow, have been trying for the last 4 hours. Driving me insane
<sarnold> Siilwyn__: ugh; good luck, please do let me know if you remember when you sort it out :)
<Siilwyn__> sarnold, I will! thank you for reassuring me the server isn't open to everybody.
<sarnold> yeah, that's very reassuring :) from crisis to curiosity...
<Siilwyn__> haha that was it felt like yes
<coreycb> ddellav, oslo.versionedobjects uploaded.  we should be ok on all the clients and oslos now for B3.
<beisner> coreycb, promoted aodh 2.0.0~b2-2ubuntu2~cloud0 from staging to proposed for the mitaka cloud archive
<coreycb> beisner, thanks!
<beisner> coreycb, yw
<dasjoe> May libvirt 1.3.2 make it into xenial?
<nacc_> dasjoe: not sure, but it seems unlikely, as a 1.3.1-1ubuntu4 was just put out yesterday and we're in FF. When did 1.3.2 release?
<dasjoe> nacc_: yesterday
<nacc_> dasjoe: then ... no
<nacc_> dasjoe: i'd think
<nacc_> debian hasn't packaged it yet,either (even in experimental)
<dasjoe> nacc_: it'd be nice, as ZFS became a first-class filesystem and libvirt 1.3.2 brings ZFS support
<dasjoe> (libvirt had ZFS support for a while, 1.3.2 just enabled it on Linux)
<dasjoe> Here's the relevant diff: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=82f17fbe68d3204932e72296fe07fd416aa8f9fc;hp=c94f6d4dff41b97f603738b6e749900eb83d19b2
<sarnold> dasjoe: oh is libvirt already patched up to zfs on linux?
<sarnold> dasjoe: man that'd be wonderful to not hot-patch :)
<BrandonG777> so i'm trying to setup the apache pwauth module and everything seems to work fine except it's throwing failed to open /var/lib/samba/private/secrets.tdb. even after giving read access to everyone and restarting apache it's still throwing that error
<sarnold> what error message do you get? do you get better error messages elsewhere in logs?
<BrandonG777> all i get is Failed to open /var/lib/samba/private/secrets.tdb from /var/log/apache/error.log
<sarnold> I hate stupid programs that don't include the actual error message.
<sarnold> BrandonG777: check dmesg or auditd logs for DENIED entries from apparmor perhaps?
<BrandonG777> dmesg is doesn't have any mention of pwauth or apache or anything else related. i believe i disabled apparmor
<BrandonG777> or not, shows installed :/
<BrandonG777> is there a log or anything for apparmor?
<sarnold> BrandonG777: /var/log/syslog or /var/log/audit/audit.log (if you installed auditd)
<BrandonG777> found it...
<BrandonG777> from auth.log
<BrandonG777> Mar  2 15:42:17 Veyron pwauth: pam_smbpass(pwauth:auth): Cannot access samba password database, not running as root.
<BrandonG777> now i'm even more confused, i thought apache ran as root but maybe it's not spawning as the apache user?
<sarnold> apache keeps a scoreboard process as root but all the workers that handle web traffic run as www-data or something similar
<BrandonG777> yeah i even chgrp the secrets.tdb to www-data and gave appropriate permissions but still no love
<sarnold> that's not an OS-provided error message, I suspect they don't even try
<sarnold> there's probably a stupid if (geteuid() != 0) error(hurr durr not root!) check in the code
<BrandonG777> that's from pwauth correct? not pam?
<sarnold> probably
<BrandonG777> i would think chgrp www-data secrets.tdb and chmod g+r would fix this...
<BrandonG777> i wish i could just turn off the samba portion i dont even need it :/
<sarnold> hah there it is http://sources.debian.net/src/samba/2:4.3.3%2Bdfsg-2/source3/pam_smbpass/pam_smb_auth.c/#L116
<BrandonG777> yeah i was looking at pam but i dont want to turn it off because i want the samba and system passwords to sync
<sarnold> how is this thing being kicked off by apache?
<tarpman> if you have the initial migration finished already (everyone's passwords have been synced once), you could remove smbpass from the auth stack, and just leave it in the passwd stack for future password changes
<BrandonG777> it's just a auth_module
<sarnold> tarpman: ooo
<tarpman> no idea what pam-auth-update would think of that
<BrandonG777> anyone know of an easier way to authenticate apache logins with system users?
<BrandonG777> AddExternalAuth pwauth /usr/sbin/pwauth
<BrandonG777> SetExternalAuthMethod pwauth pipe
<BrandonG777> that's how i'm calling it from my apache config
<tarpman> huh, I thought there was a mod_pam_auth or such for apache? of course it would have the same problem
<BrandonG777> discontinued in favor of this turd i think
<sarnold> but they may not hardcode a geteuid() != 0 check
<BrandonG777> gotta run and pick up my kiddo but i'll be availabe via my bouncer if anyone has any ideas, just mention my nick
<tarpman> sarnold: same problem -> if the check in question is inside pam_smbpass, which it sounds like it is
#ubuntu-server 2016-03-03
<fishcooker> no worries Fudge
<Fudge> ty
<karstensrage> how do i find the multiarch directory
<karstensrage> like i386-linux-gnu/
<karstensrage> programmatically?
<marlinc> I want to set up automated updates on servers because the amount of server that I have to update now is getting quite out of hand
<marlinc> I've been thinking of using unattended-upgrades to automatically install updates except for packages that are important for the functioning of the system
<marlinc> Like for example mysql-server on a MySQL server, I was thinking of setting those on 'hold'
<marlinc> Any thoughts on doing it that way, is there a different route I should look at?
<Fudge> marlinc:  just do security so ssl kerns etc are done when they need doing
<sivir> how many servers?
<marlinc> About 20-30 I'd say
<marlinc> Its not that much but its quite a  lot to manually update every time I get a notification from our monitoring system
<marlinc> Although in general its only security updates which I could put on auto update safely right?
<smb> hallyn_, I wasn't doing a "merge" after FF but I'll keep an eye on the bug report. Jamie did already reply, so right now its waiting for more info.
<sivir> isn't landscape free till 20 servers
<sivir> and like 300 dollars per year starting
<sivir> for more
<sivir> https://landscape.canonical.com/
<sivir> https://www.youtube.com/watch?v=yaFE4g8EcvI
<sivir> I'd say the video is quite comprehensive of it's features
<sivir> I'd say it's a huge timesaver, you can do it yourself but still why invent the wheel again (especially if it saves time = money)
<BlackDex> Hello there. I have a problem with upstart. There is a process which has been defuncted/zombied. And upstart won't clear it so that i can start a new process
<marlinc> The current issue with using Launchpad is mainly that we're a small company (a few students) doing this in our spare time. We don't have huge amounts of money to spend on managed systems like that
<BlackDex> The process is linked to init/pid 1, so i can't kill it's parent, and i prefere not to reboot
<sivir> well then I'd start by dividing the servers in separate groups
<sivir> and start listing what each group has to do and what are critical to which functions for each one
<sivir> makes it way easier to plan so you can create different timetables and routines what to update and when
<hallyn_> smb: obviously :) (not a merge)
<hallyn_> gnight
<smb> hallyn_, :) night
<marlinc> Okay sivir, I'll look into doing that. Thoughts on doing automated updates for only security updates?
<marlinc> Our monitoring system will still notify about any regular updates which we can do manually
<sivir> yes, if it's maintained it's all good
<sivir> sometimes people leave the automated updates for only security updates but other software gets unattended
<lordievader> Good morning.
<Siilwyn__> Good morning
<Siilwyn__> sarnold, I guess I just found out what happened yesterday, though I have no idea why it behaves like that. Just tried to ssh with my old key and I got a prompt to unlock the new key... So apparently even if I explicitly pass the old one it uses the new one.
<Siilwyn__> *with unlock I mean that I have to enter a password since my keys are also password protected.
<Walex2> Siilwyn__: depends on the order in which they are listed I think. SSH client will try all keys it has available until it finds one accepted by the SSH server, and will reuse the encryption password if it can
<Siilwyn__> Walex2, oh wow I didn't know that! That explains what was happening yesterday.
<Siilwyn__> It even does that when I pass a key with the `i` flag?
<skylite> is it possible to stop a shellscript with start-stop daemon? I can start it fine but when trying to stop it says: No myscript.sh found running; none killed.
<jelly-home> skylite: sure.  It's probably easier if your script creates a pid file.
<linuxlove> hello
<linuxlove> i am going to install EHCP  on my ubuntu server
<linuxlove> my friend use this panel for accessing to server how can i determine a username and password for him on this panel?
<pmatulis> linuxlove: i don't see any panel
<nacc> rbasak: so, we've updated twig (in xenial) to 1.23.1-ubuntu4, which builds and passes all tests (with a short-term workaround). But it's still in excuses because there was an old binary package (php5-twig) which we no longer generate. Do I need someone to manually intervene and delete the old binary package?
<rbasak> nacc: yes, please ask in #ubuntu-release.
<nacc> rbasak: ok, thanks
<nacc> rbasak: if you have a moment, i've hit a rather tricky issue with php-imagick
<rbasak> nacc: go ahead.
<nacc> rbasak: as one would expect, there's some dependency on imagemagick from that extension. imagemagick has some "known" issues with openmp & threads. In particular segfaults (per google, not per imagemagick themselves). At some point Debian started experiencing test segfaults (https://ci.debian.net/packages/p/php-imagick/unstable/amd64/ between 12/17 and 12/21). We see those on Ubuntu too with the latest
<nacc>  builds. To test, I rebuilt imagemagick without openmp support and the tests stop segfaulting. There is an environment variable for imagemagick to only use one thread (MAGICK_THREAD_LIMIT=1), but it seems to not help and I still see threads in the test (and one of the threads is the one that is segfaulting). So far, the only "workaround" I've found is disabling openmp in imagemagick.
<nacc> rbasak: i'm going to see if maybe the latest imagemagick fixes anything (but need to rebuild php-imagick against it). In which case maybe it's a matter of backporting
<nacc> but as I was explaining to jgrimm the other day, backporting with imagemagick is a "bad idea" -- there is an exported version string in the imagemagick headers, which php-imagick uses for various version checks (functionality existing or not, etc.) But when we/Debian backport, we don't bump the version, so it loses its meaning.
<rbasak> Backporting what exactly? A bugfix for the segfault, or more stuff?
<rbasak> How reproducible are the segfaults in Ubuntu?
<nacc> 100%
<nacc> :/
<nacc> but only in the tests
<nacc> which is where it matters, of course
<nacc> and 100% reproducible in Debian, for that matter
<nacc> gdb is useless, sadly (doesn't show the segfault)
<nacc> and valgrind just points to a trashed address
<nacc> in theory, it'd be backporting just the fix, but that presumes I can find the fix :)
<nacc> my concern is, though, what that in turn breaks
<rbasak> How sure are you that the bug is in imagemagick and not in the PHP bits?
<nacc> i (and the upstream php-imagick maintainer) are fairly sure it's not in php -- the stack isn't deep enough :)
<nacc> and like i mentioned, disabling just imagemagick's openmp support makes it work
<rbasak> How long have you spent on this so far?
<nacc> rbasak: far too long :/
<rbasak> :-/
<nacc> rbasak: but it's what's holding up php7.0 migration
<nacc> in excuses
<nacc> because php-imagick is failing its tests
<nacc> and that's considerd a regression
<rbasak> Would it be difficult to do a bisection if it is fixed upstream?
<nacc> since the old version (which had far fewer tests) passed
<nacc> rbasak: of imagemagick? probably not, as it's in git. That's what I'm hoping I can get to next
<nacc> rbasak: but if it's a race, i have to run the tests a few times to see it happen
<rbasak> How far behind is our packaging of imagemagick?
<rbasak> (behind upstream's latest release that is)
<rbasak> Sorry, many questions :)
<rbasak> I think that ideally we'd find the cause and fix it. Failing that, if it's not fixed upstream, then file a bug there, and file a bug in Ubuntu regardless with instructions on how to reproduce.
<nacc> 6.8.9.9-7ubuntu1 is what we have in xenial; debian exp is at 6.9.2.10+dfsg-2; upstream is 6.9.3-6
<rbasak> If we really can't fix it, I think it might be reasonable to build imagemagick in the archive with threading disabled.
<nacc> rbasak: oh, the other issue in all of this, the upstream php-imagick maintainer doesn't think we are doing the right thing in debian/ubuntu and doesnt' support us in any way :)
<nacc> so he's helping for now out of his generosity
<rbasak> What does he think we should be doing instead?
<nacc> rbasak: we should never be backporting
<nacc> rbasak: as it breaks assumptions
<nacc> and means you can't reliably know what is in a version of imagemagick, across all bases
<rbasak> In what way are we backporting? He means we shouldn't be backporting a bugfix?
<nacc> rbasak: yeah, so we are on 6.8.9 base with patches
<nacc> well, we/debian
<nacc> when we/debian patch, we just backport the fix
<nacc> we don't bump th eversion string
<nacc> so if some code in, say, php-imagick is conditional on the version to do one thing or another
<nacc> it stops doing the expected thing, potentially
<rbasak> I see. Well, that's what all distros must do after feature freeze, unless he maintains a stable (no features) branch of the version we have at feature freeze time.
<nacc> rbasak: we could alter the version string; or we should alter php-imagick in coordination
<nacc> rbasak: in that the API dependencies are being forcibly chagned by the backports
<rbasak> php-imagick should not be doing anything conditional based on bugfixes.
<nacc> so let's say imagemagick X has an API that looks one way, or behaves one way
<nacc> and imagemagick Y does it differently
<nacc> php-imagick checks for X vs. Y and does the right thing
<nacc> it sort of has to
<rbasak> That's fine, assuming that X and Y are different feature releases.
<nacc> but the values of X and Y don't mean the same thing in the ubuntu versions as they do upstream
<nacc> and that's what's broken
<rbasak> Debian is backporting features?
<nacc> fixes
<rbasak> (or feature changes?)
<nacc> which might change functionality, in some sense?
<nacc> i may not be explaining this very well
<rbasak> I think I follow.
<rbasak> If distros patch, it's their responsibility to get it right.
<nacc> basically, php-imagick (from git) is *only* supported on upstream imagemagick
<nacc> so once we patch one or the other, we have to patch them both :)
<rbasak> But we also have the power to fix php-imagick, or express versioned dependencies on imagemagick.
<Aleksandar86> How can i set default root on ftpd, i have apache installed and I wanna upload file via ftp on /var/www/
<Aleksandar86> ?
<rbasak> Ideally, distros wouldn't have to patch, because upstreams would maintain stable branches.
<nacc> rbasak: yeah, the issue is I don't know what to fix and where yet :) and it means we carry more delta (which is appropriate in this case) -- but this is really broken on debian and we're just inheriting it
<rbasak> If they're not maintaining stable branches, then we have no choice _but_ to patch.
<nacc> rbasak: right
<nacc> rbasak: i'm not saying we shouldn't backport fixes
<nacc> rbasak: i'm saying that in this case, it breaks assumptoisn in the code
<rbasak> You think these assumptions are causing segfaults? Or unrelated behavioural changes?
<rbasak> I need to run in five minutes.
<nacc> i'm not 100%. I think they could be leading to segfaults (and note that I found an actual bug in the debian backport that was missing 3 upstream commits ... so not sure how much i trust the backports to begin with at this point :(
<nacc> but it also just puts us in this gray area that is harder to figure out :)
<nacc> i might try to just build imagemagick from source at the latest git and see if it goes away
<nacc> and then that might be my best indicator of where the issue is
<rbasak> That's a good idea.
<nacc> ok, i'll do that next, just to levelset
<nacc> rbasak: really, the issue isn't so much all this background, it's that the error is nonsensical :) and i don't know how to debug it at this point
<rbasak> If it does go away, then try bisecting if it's not too much effort.
<nacc> yep
<rbasak> Let me know how it goes!
<nacc> rbasak: thanks
<linuxlove>             Errors were encountered while processing:
<linuxlove>  nginx-core
<linuxlove>  nginx
<linuxlove> E: Sub-process /usr/bin/dpkg returned an error code (1)
<linuxlove> i get this error from sudo apt-get autoremove what should i do?
<linuxlove> i get this error W: Failed to fetch cdrom://Ubuntu 15.10 _Wily Werewolf_ - Release amd64 (20151021)/dists/wily/main/binary-amd64/Packages  Please use apt-cdrom to make this CD-ROM recognized by APT. apt-get update cannot be used to add new CD-ROMs after updating what shou;d i do?
<nacc> linuxlove: for the first one, i'd try a `apt-get -f install` to let dpkg get to a good state
<nacc> not sure how/why you got to that state, with what you pasted, though (and please use pastebin rather than in the channel)O
<nacc> linuxlove: for the second, why is there a cdrom line in your apt config? did you try to add it back after installing?
<linuxlove> nacc, i just tried to install ehcp on my ubuntu and i get this errors after apt-get update
<linuxlove> nacc, what should i do now?
<nacc> linuxlove: i don't know what ehcp is and i don't see it in the ubuntu archives
<linuxlove> nacc, http://pastebin.com/8pKY43Sq
<linuxlove> nacc, i tried to install that from a external source
<nacc> linuxlove: we can't help you with random external sources, sorry
<linuxlove> it was from ubuntu comunity
<linuxlove> please help me to fix
<nacc> linuxlove: as to the apt config, it seems like your /etc/apt/sources.list or a file under sources.list.d references the cdrom, comment them out, presuming you're on the network and have well-defined sources
<nacc> linuxlove: i don't know what that means
<nacc> "from ubuntu community"?
<linuxlove> did you see nacc yes
<nacc> linuxlove: did i see what?
<nacc> linuxlove: what do you mean "from ubuntu community"
<linuxlove> i said about pastbin that i sent
<nacc> linuxlove: i've answered that already
<nacc> linuxlove: please read above
<linuxlove> i did what you said
<linuxlove> but i get new error
<linuxlove> W: Duplicate sources.list
<nacc> that's a warning not an error (hence W: prefix)
<nacc> and it's pretty clear
<nacc> you have two entries in sources.list that are identical
<linuxlove> nacc, http://pastebin.com/4VaxbFQ1
<nacc> linuxlove: yes?
<nacc> linuxlove: read it, think about what it says and fix it ... remove the duplicate line
<linuxlove> do i remove i386?
<nacc> what?
<linuxlove> var/lib/apt/lists/archive.canonical.com_ubuntu_dists_wily_partner_binary-i386_Packages)
<nacc> linuxlove: can you pastebin your source.list file?
<linuxlove> i am un ubuntu 64 bit
<linuxlove> nacc, okay
<linuxlove> nacc, http://pastebin.com/SU4brQSW
<linuxlove> nacc, did you get it?
<nacc> linuxlove: do you have anything under /etc/apt/sources.list.d ?
<linuxlove> nacc, are you there
<linuxlove> nacc, what do you mean
<nacc> linuxlove: are there any files in /etc/apt/sources.list.d/ ?
<genii> linuxlove: When you add external repositories, they make a file in the directory /etc/apt/sources.list.d/
<linuxlove> nacc, http://pastebin.com/JubnAJMb
<nacc> linuxlove: that doesn't help, is there anything *in* sources.list.d ?
<linuxlove> nacc, http://pastebin.com/HdTKZEUm
<genii> linuxlove: ls /etc/apt/sources.list.d/* | pastebinit
<linuxlove> genii, http://pastebin.com/HdTKZEUm
<nacc> linuxlove: the duplicate messages are what you get when you run apt-get update?
<linuxlove> nacc, yes
<nacc> grep partner /etc/apt/sources.list.d/* ? not sure i see the duplicate otherwise
<linuxlove> what should i do?
<nacc> `grep partner /etc/apt/sources.list.d/*`
<nacc> in any case, it's just a warning, it doesn't mean anything is fundamentally broken
<linuxlove> nacc, http://pastebin.com/BFgKPwDr
<nacc> linuxlove: and there are the duplicates
<nacc> see how your sources.list and skype.list have the same lines?
<linuxlove> i dunno
<linuxlove> i am confused
<linuxlove> please help to fix
<linuxlove> i have not installed skype
<linuxlove> my apt-get update was working without warning before installing ehcp
<nacc> linuxlove: you clearly added skype as a repository
<linuxlove> yes
<nacc> linuxlove: did you append the partner repositories in sources.list as part of that process?
<linuxlove> i added it
<linuxlove> no
<linuxlove> it was a ./install.sh script
<linuxlove> and it did everything itself
<linuxlove> what is solution now?
<linuxlove> i installed skype but i removed it
<linuxlove> because it was hang on my 64 bit ubuntu
<nacc> linuxlove: so .... "i have not installed skype" wasn't true. And you added a duplicate entry to sources.list and are wondering why apt complains about duplicate entries?
<linuxlove> yes
<nacc> and an 'install.sh' script means you've altered your system to not be ubuntu any longer
<linuxlove> i meant i have not skype now
<linuxlove> i was wrong about external source installation
<nacc> linuxlove: you shouldn't do stuff as root if you don't know what they are doing. and you don't seem to understand the package management side of things in this case. if you do not need skype, you could delete / rename the skype repositories and it should stop complaining.
<linuxlove> yes you are right
<linuxlove> nacc, excuse me for getting time
<linuxlove> What server control panels are available for Ubuntu Server?
<linuxlove> i want one
<teward> define "server control panels"
<linuxlove> i dont want external sources
<linuxlove> teward, what do you mean?
<teward> linuxlove: what do you mean by "server control panels"?
<linuxlove> i mean one with sudo apt-get install
<teward> what do you expect it to do?  What do you expect to see? etc.
<linuxlove> teward, i want some controling on server
<linuxlove> teward, my friend needs to access to my ubuntu server from him phone and he want accessing to web contents and phpmyadmin
<linuxlove> i found one named ehcp
<sarnold> linuxlove: skip those; they're universally terrible, they're reponsible for something like 50% of the reason why machines get hacked, and they prevent you from learning how to do things yourself
<teward> i agree with sarnold
<linuxlove> i said to my friend this
<teward> sarnold: btw, i have something to poke you on, unless you tell me I should got to -hardened and poke there, for an old php5-fpm bug in Precise
<teward> (one I poked a patch onto, but wanted Sec Team review first)
<linuxlove> but he is not familiar with ssh and terminal commands
<sarnold> teward: hmm got a bugnumber handy?
<teward> sarnold: standby
<nacc> teward: we were just talking about that bug on today's triage :)
<teward> nacc: heheh
<teward> nacc: you mean 1352617 ?
<linuxlove> he wants a panel but you are right
<nacc> teward: yep
<linuxlove> i said to him that i cant provide a panel for him
<nacc> rbasak decided you had a handle on it :)
<teward> sarnold: 1352617 is the bug in question, the patch I wrote back then would 'work' but i wanted sec team review before, in case it introduces poor changes
<teward> nacc: "had a handle on it" as in "wanted sec team review"
<teward> now I get to actually req. it :)
<nacc> teward: yeah :)
<teward> nacc: the big problem being a sec update was the cause of that regression, though I need to test it now
<nacc> yep
<teward> make sure it still exists
<nacc> teward: Son_Goku may be able/willing to help test too
<teward> nacc: oh good, 'cause i don't have a Precise machine to test with until i rebuild that VM on my hypervisor xD
<nacc> teward: not sure if they do either, but wouldn't hurt to ask
<teward> indeed
<nacc> linuxlove: sorry, i don't think we want to help you make your computer less secure. I still don't fully understand what you mean by "panel" but it's quite clear that ehcp is not something pacakged by ubuntu and thus would not be supported here.
<nacc> linuxlove: finding random things on the internet and installing them is not a good idea
<sarnold> teward: oh man I rememer this from ages ago :) heh
<teward> sarnold: i wasn't kidding about 'old" either :)
<teward> came up during a recent php7.0 discussion in -devel :)
<sarnold> :)
<teward> sarnold: basically, i wanted the sec team to review the approach and determine if that was acceptable as a response to the regression.  at the time i never looked into how the security update related to it was ever "fixed" to fix the regression of "too tight permissions"
<teward> nacc: it did drop off my radar since I updated everything to Trusty+ shortly after that
<teward> unfortunately
<teward> now it's on it with php7 and such on the radars
<nacc> yep
<sarnold> honestly if it affects -only- precise it's probably not worth spending time on. we wouldn't want to issue an update that might break installed systems that are only one year away from retirement :)
<sarnold> what's the deal with php7?
<teward> sarnold: php7.0 i thin was going to get a MIR?  nacc might know more than I
 * teward only tracks it in-so-much-that nginx defaults point to php-fpm locations in the default configs' comments
<sarnold> I think php7 is just going in without review on the condition that php5 come out :) heh
<nacc> sarnold: it's migrated to main, now, we're help up in excuses due to imagemagick
<nacc> i hope to have that fixed today
<nacc> and then we need to proceed with rebuilding th eworld :)
<sarnold> nacc: oh congratulations :)
<sarnold> nacc: they threw you right into the deep end when you joined, hehe
<nacc> yeah, it's been a bit hairy :)
<nacc> learning a lot (too much, sometimes? :)
<linuxlove> nacc, you are right
<linuxlove> it was my friend suggestion
<linuxlove> i say that i cant do this for him
<teward> sarnold: with regards to precise, it *did* affect trusty and others
<teward> Security team overlooked
<teward> sarnold: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1334337 was the one where it was fixed Saucy, Trusty, Utopic +
<ubottu> Launchpad bug 1334337 in php5 (Ubuntu Utopic) "Regression: php5-fpm's socket should be accessible by www-data by default" [Undecided,Fix released]
<teward> and Marc handled htat one
<teward> the regression was never addressed in Precise
<teward> i hear you that it might not be worth the time spent on it
<teward> but, it was fixed by the Sec team in later ones
<teward> and Precise was never looked at
<sarnold> teward: ahhh
<teward> (at the time I had precise servers)
<teward> not why the bug dropped off my radar, but why i'm poking now
<teward> if it were a month to PRecise going EOL i'd not care
<teward> but that's not the case, so...
<teward> no idea who still uses Precise *shrugs*
 * teward tasks his "sbuilder" VM on his hypervisor to build all the tools necessary for sbuild and schroots
<sarnold> teward: i'll kick it along to marc; we're feeling more than a bit overwhelmed lately so I can't promise anything but he doesn't like breaking old releases :)
<teward> indeed
<teward> sarnold: thanks, i don't expect any heavy movement
<teward> but that's an old regression
<teward> sarnold: i'm not sure if subsequent updates addressed or not though
<teward> i was going to test
 * teward is downlading the latest 12.04 server ISO now to his hypervisor
<sarnold> teward: are you sure this is an issue? in a blank precise vm, apt-get install php5-fpm, sudo lsof | grep www | grep -v REG -> http://paste.ubuntu.com/15276027/
<teward> sarnold: as i said, when i filed it it was an issue
<teward> it may be resolved since then
<teward> hence my needing a blank Precise to test
 * teward doesn't keep one around
<teward> ah, wait
<teward> right, i have a non-standard setup
<teward> sarnold: there were documents around the time which configured FPM to use a UNIX socket
<teward> the issue exists when FPM is configured to use a UNIX socket
<teward> so, still a regression, but not a regression of the defaults
<teward> (yet)
<teward> SINCE Precise, it was a big one since in Debian they switched FPM to unix sockets by default
<sarnold> teward: aha, that makes more sense
<patdk-lap> heh, any idea how I can troubleshoot shutdown?
<patdk-lap> so far I just get kicked off the network and console, so I cannot see what is stuck
<coreycb> beisner, when you get a chance, 1:5.0.2-0ubuntu1~cloud0 and 2:7.0.3-0ubuntu1~cloud0 are ready to promote to trusty-liberty-updates
<coreycb> beisner, and 1:2014.1.5-0ubuntu3~cloud0 is ready to promote to precise-icehouse-updates
<beisner> coreycb, ceilometer + neutron for liberty;  neutron for icehouse?
<coreycb> beisner, yep
<EmilienM> coreycb: just tested ceilometer and aodh, alarms do not work for me (mitaka)
<beisner> coreycb, ok, pushed neutron+ceilometer proposed-->updates for liberty, and neutron proposed-->updates for icehouse
<coreycb> beisner, thanks
<coreycb> EmilienM, ok if you have a bug please point me to it and we'll look into it
<rattking> Hello, where can I find the logs for tftpd? i am not seeing anythign in the usual places like syslog
<rattking> I am trying to debug a pxe boot problem. its getting a dhcp addr but not connecting to the tftp server on the same machine
<EmilienM> coreycb: so the tests failures: http://logs.openstack.org/02/288102/1/check/gate-puppet-openstack-integration-scenario001-tempest-dsvm-trusty/9fdafe4/console.html#_2016-03-03_20_46_38_634
<EmilienM> all logs/config are here: http://logs.openstack.org/02/288102/1/check/gate-puppet-openstack-integration-scenario001-tempest-dsvm-trusty/9fdafe4/logs/
<avid_fan> rattking: You could try to start the tftpd daemon manually and not fork into the background for more clues.
<rattking> avid_fan good idea! I figured it out.. firewall, its always the firewall :) but now who changed it
<Aleksandar86> I want migrate website with mysql from old Ubuntu 7 to new ubuntu-14.04.4 server. I had Installed, latest apache mysql with phpmyadmin and proFTPD. With PhpMyAdmin I Imported backuped mysql on new Ubuntu, i copy files to new root apach dir....
<Aleksandar86> i need small help
<Aleksandar86> I don't understund how DOMAIN work... My old Ubuntu server had folder of domain name /var/www/www.domain.com
<Aleksandar86> but my new have /var/www/
<Aleksandar86> with local IP I can open website on new server
<patdk-lap> got my team interface fixed up
<Aleksandar86> if i have domain www.domain.co.uk, i must have /var/www/www.domain.co.uk    ????
<Aleksandar86> on apach my default root is /var/www/
<Aleksandar86> please help me
<avid_fan> rattking: Ha! It wasn't me.
<mahmoh> hi, I'm seeing a hang with upstart, I tried init=/sbin/init --verbose on the kernel command line with 14.04 to get additional info but that's not working, any ideas?
<Executioner> hi
<Executioner> I can't seem to be able to install htop-2.0 and apache-2.5 with apt-get, it can't find it within the repositories. Aren't they released now?
<nacc> rbasak: sigh, thanks for your help, it does appear imagemagick 6.9.3 fixes the segfault. will see if i can find & backport the fix easily
<nacc> rbasak: only 10 bisection steps, so hopefully won't be too bad
<patdk-lap> Executioner, 2.5 doesn't exist, so, unlikely to happen
#ubuntu-server 2016-03-04
<Kimse> I'm trying to mount a remote directory on  Ubuntu server on my local Linux Mint machine. But i'm having some trouble getting user mapping to work
<Kimse> my username on the local machine and the remote server matches, but not the uid
<Kimse> I figured i need to configure http://linux.die.net/man/5/idmapd.conf but I'm not quite sure how to
<Kimse> Oh and btw - I'm ofc using NFS, sorry about that ;-)
<Kimse> And I am able to mount the directory, but I cannot write to a directory on the server which my local user at the server owns (uid mismatch)
<linuxlove> hello
<linuxlove> my system has crashed after installing a script
<linuxlove> what should i do to fix?
<linuxlove> it is that script http://pastebin.com/EGxs2auF
<jamespage> ddellav, coreycb: just checking that you know about 'check-mir' in ubuntu-dev-tools right?
<ddellav> jamespage i did not.
<ddellav> oh god, so helpful
<jamespage> ddellav, sorry - assumption on my part
<jamespage> ddellav, grep-merges is quite useful as well...
<jamespage> so long as zigo is uploading to unstable...
<jamespage> ddellav, blimey you're up late...
<ddellav> jamespage yea i have a upper respiratory infection, it's making it difficult to sleep so i figured i'd jump on and get some work done heh
<jamespage> ddellav, do we need a sync of python-pika-pool from unstable?
<ddellav> jamespage yes, there's an FFE open and i'll be creating the MIR soon if i coreycb hasn't already
<jamespage> ddellav, okay
<ddellav> jamespage https://bugs.launchpad.net/ubuntu/+bug/1552827
<ubottu> Launchpad bug 1552827 in Ubuntu "[FFE] Please sync python-pika-pool (0.1.3-1) from Debian (unstable)" [Undecided,New]
<jamespage> just looking at backport failures
<lordievader> Good morning.
<linuxlove> hello
<lordievader> o/
<linuxlove> how to delete packages in terminal?
<linuxlove> for example python-pycurl:amd64 <none> 7.19.5.1-1ubuntu2
<lordievader> linuxlove: sudo apt-get remove|purge <package-name>; also read the man page of apt-get.
<linuxlove> lordievader, i get error when i run sudo apt-get remove python-pycurl:amd64 <none> 7.19.5.1-1ubuntu2
<linuxlove> why?
<lordievader> linuxlove: Because that ain't a package name? 'python-pycurl' is the package name.
<linuxlove> oh yes
<linuxlove> what is difference between purge and remove?
<mybalzitch> purge removes configuration files afaik
<lordievader> ^ that. Like I said read the man page.
<lordievader> Everything is explained in the man page.
<linuxlove> you mean purge uninstall and delete configuration files?
<lordievader> apt-get remove doesn't remove configuration files, apt-get purge does.
<Deeps> anyone here using duo security 2 factor auth with their ubuntu server 14.04?
<henkjan> Deeps: I do
<Deeps> henkjan: could you share what config you're using? i'm trying to get ssh access authenticated with duo, but my auth log just shows Aborted Duo login for 'user' from host: Error gathering user response
<Deeps> if i set the user to 'bypass' in the duo control panel, auth succeed. the moment i require 2fa, it just throws that error all the time
<Deeps> duo logs show successful login when it's set to bypass, so i guess the problem is local to my host / sshd, rather than between my server and duo api integration
<Deeps> and yeah, actually, it's almost definitely that. i dont think /etc/init.d/ssh restart is actually working
<henkjan> Deeps: can you try the command login_duo in your shell
<henkjan> try stop ssh; start ssh
<Deeps> oh god, systemd isnt it
 * Deeps has to learn new things
<henkjan> weird mixup of upstart and sysv init in 14.04
<henkjan> restarting ssh the old way doesnt work
<Deeps> root@ubuntuvm:~# start ssh
<Deeps> start: Job is already running: ssh
<Deeps> but no sshd actaully running
<Deeps> blah being summoned to do other things, thanks for the pointers, looks like i've found where half the problem is at least
<koolhead17> hi all
<Razva> folks I need somebody to clear some things for me. SO. I have a single CPU, 8 physical core, 16 threads server. I would like to create a VM (esxi) and I'm asked how many virtual sockets I would like to allocate, and how many cores per virtual socket. now, is a virtual socket the same as a physical CPU, OR as a physical core?
<jamespage> ddellav, coreycb: there was also a niggle with the sbuild process in b-o-m - had to ensure that a dist-upgrade gets done before package build to pickup newer dh-python...
<jamespage> anyway fixed now
<koolhead17> howdy jamespage
<jamespage> hey koolhead17
<koolhead17> jamespage: i feel like n00b here
<koolhead17> either a lot new faces are here or lot oldies have left :D
<jamespage> koolhead17, no way you're old skool
<koolhead17> jamespage: how is everything going
<jamespage> koolhead17, always welcome :-)
<jamespage> koolhead17, nicely ta - how about you?
<koolhead17> jamespage: am doing good, joined new gig
<jamespage> koolhead17, ? who with?
<koolhead17> www.minio.io
<koolhead17> @jamespage Object Storage with AWS S3 API compatibility in Golang. :D
<jamespage> koolhead17, object storage in golang? that rings a bell :-)
<jamespage> well maybe some rings anyway
<koolhead17> :D
<koolhead17> adam_g: supp
<jamespage> koolhead17, plans for swift compat and keystone integration maybe?
<koolhead17> jamespage: we are small team & at this point focusing on S3 specific compatible API, hence i would doubt
<koolhead17> always up for more community contribution though. :)
<jamespage> ack
<coreycb> jamespage, thanks for the tip on check-mir, that's useful
<Kimse> I'm trying to mount a remote directory shared via NFS from an Ubuntu server on my local Linux Mint machine. But i'm having some trouble getting user mapping to work
<Kimse> my username on the local machine and the remote server matches, but not the uid
<Kimse> I figured i need to configure http://linux.die.net/man/5/idmapd.conf but I'm not quite sure how to
<jamespage> coreycb, b3 early next week? happy to sprint on that with you and ddellav to get that out of the door...
<jamespage> coreycb, I think b2 is now all in proposed - I'll smoke early on monday and promote if it all passes...
<coreycb> jamespage, sounds good
<Deeps> henkjan: yep, turned out to just be ssh failing to restart through the init script. got it working now. thanks!
<Deeps> henkjan: that said, it looks like it does 2fa if i use password auth, but not if i have an ssh key defined, need to learn pam i guess
<dannf> hey mdeslaur: i'm testing out LP: #1552939 on a couple platforms - if it fixes the issue are you cool w/ me uploading it or would you want to review first?
<ubottu> Launchpad bug 1552939 in openssl (Ubuntu) "arm64 build doesn't use asm and is 4x-16x slower than it could be" [Undecided,Confirmed] https://launchpad.net/bugs/1552939
<mdeslaur> dannf: you can upload it, just make sure you do it over 1.0.2g that's stuck in xenial-proposed
<dannf> mdeslaur: ack
<mdeslaur> dannf: thanks!
<Aleksandar86> Is posible update Ubuntu server 7 to Ubuntu 14.0... I have apache and mysql installed on old server and I want update without losing data?
<genii> You haven't upgraded your server in 7 years??
<patdk-lap> 7? you mean 9
<Aleksandar86> genii no :(
<patdk-lap> the only way to upgrade it correctly, is to upgrade to 7.10 -> 8.04 -> 10.04 -> 12.04 -> 14.04
<patdk-lap> you are vaunerable to some pretty big security issues
<hallyn_> smb: bug 1553023 :)
<ubottu> bug 1553023 in libvirt (Ubuntu) "[FFe] libvirt v1.3.2 -- zfs support" [Undecided,New] https://launchpad.net/bugs/1553023
<smb> hallyn_, well if sarnold absolutely volunteers to go through all the paperwork... maybe... surely not this week :-P
<smb> hallyn_, plus this would not be a merge from Debian... not as of now at least
<hallyn_> agreed, not this week :)
<hallyn_> i'd like to find some time to give libvirt some luvin' in the next few weeks
<Aleksandar86> On server Ubuntu I have login access with root and pass but when I try login with ssh I always get ACCESS DENIE. I changed config PermitRootLogin no but again same problem....
<nacc> Aleksandar86: did you restart ssh after changing the config?
<Aleksandar86> I set PermitRootLogin on Yes and I get access with root via SSH :)
#ubuntu-server 2016-03-05
<Kimse> I'm trying to mount a remote directory shared via NFS from an Ubuntu server on my local Linux Mint machine. But i'm having some trouble getting user mapping to work
<Kimse> I figured i need to configure http://linux.die.net/man/5/idmapd.conf but I'm not quite sure how to
<Kimse> my username on the local machine and the remote server matches, but not the uid
<tarpman> Kimse: AFAIK if you want mapping by username instead of uid, you need to be using kerberos (or maybe some other GSSAPI mechanism), see e.g. http://dfusion.com.au/wiki/tiki-index.php?page=Why+NFSv4+UID+mapping+breaks+with+AUTH_UNIX
<bekks> !mint | Kimse
<ubottu> Kimse: Linux Mint is not a supported derivative of Ubuntu. Please seek support in #linuxmint-help on irc.spotchat.org
<Kimse> bekks: relax mr. police officer...
<bekks> Kimse: I'm no officer - I just told you that Mint isnt supported in here.
<Kimse> Don't you think I know that, if this was a Mint-only issue, I would ask @ Mint.
<bekks> Kimse: You are using Mint, it isnt an Ubuntu issue.
<Kimse> AND I'm using Ubuntu server
<Kimse> And it is an Ubuntu issue: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/966734
<ubottu> Launchpad bug 966734 in nfs-utils (Ubuntu) "nfs4+idmap does not map uids correctly when using AUTH_SYS" [Medium,Triaged]
<Kimse> tarpman: thanks for the answer btw.
<King> Who's here?
<arooni> any suggestions on a basic; free downtime notifier service?  also looking for something i can install on ubuntu 14.04 LTS that would notify me of say disk space running out, or other stuff thats not as critical as downtime but 'stuff you'd wanna know'
<lordievader> Good morning.
<wizard_A> i am getting a failed packer build when i try building a virtual box iso using ubuntu 14.04 server-amd64.. it always stops at the select and install software part... which line of code in preseed file do i need to tweek in order to solve this??
<Deeps> hmmm, when installing ubuntu server 14.04 lts from the netboot mini.iso, it attempts ipv6 autoconf (successful), ipv4 dhcp (fails), and then doesn't let me manually configure an ipv4 address
<Deeps> which then makes it fun to type in a ipv6 dns server to be able to proceed further
<mintux> Hi im looking for solution to backup whole system or clone or take snapshot or whatever you call it and then can restore for example i update something on my ubnutu server or install anything then i can rolleback it
<rsx> mintux: For full backup I use clonezilla
<mintux> i installed it but it said [root] You should run this program /usr/sbin/dcs in DRBL server, NOT in DRBL client or other machine.
<mintux> rsx: ^^^
<lordievader> I use dirvish for my backups.
<rsx> mintux: In my case I prefer most of the time to shutdown the system, boot Clonezilla and do full backup
<mintux> rsx: so if reboot then i can see it in boot menu?
<rsx> mintux: do think so. I use a cd or ISO to boot from. And then their boot menu is shown
<rsx> mintux: to see it in your boot menu from the local disk und need to install something. A good choice for that is grml-rescueboot
<mintux> rsx: but it on my ubuntu server that is in datacenter very far from me. and i have ssh access also vnc access to see boot menu
<rsx> mintux: yes, then grml-rescueboot is a good choice.
<mintux> so grml-rescueboot make a iso in boot grub menu then i can log into ?
<rsx> mintux: no, apt install grml-rescueboot. this will add a menu entry for every grml iso in /boot/grml. that means you need to download a grml ISO to that directory
<mintux> rsx: does Clonezilla has grml ISO type?
<rsx> mintux: grml is a live system having clonezilla on board. However, you could do this with clonezilla's ISO directly. But in this case you need to add the menu entries yourself.
<Testtube> Morning, Any suggestion for a terminal that will allow you to setup multiple hosts to connect to?
<Testtube> as in to save in a profile for quick connections to said servers
<halvors> Hmm. Somehow the static IPv6 configuration in /etc/network/interfaces
<halvors> Will not add the gateway i specified there to my routing table.
<halvors> Is this a known bug?
<Hovercross> Can anyone give me a quick hand? I have a VPS running Ubuntu 15.10 that I am using as as web server. I am trying to give sites their own IPv6 addresses, which Iâve done using an up ip -6 addr add entry in /etc/network/interfaces (to give the server the additional IP addresses). The problem is, NGINX is trying to come online before the additional IPv6 address is added and therefore fails. Relevant errors and configs at
<Hovercross> http://pastebin.com/tsrkVAQk
<Hovercross> How can I either add the IP to the system better or delay NGINXâs start until after the additional addresses have come online?
<Hovercross> I originally tired just adding another ifact eth0 inet6 static section in /etc/network/interfaces, but that seemed to break my DNS configuration afterward
<Hovercross> To confirm that itâs a timing issue, NGINX starts without question if I start it manually after the server has been up for a couple of seconds
<bekks> Hovercross: So why do you restart your VPS that often? :)
<Hovercross> Bekks: Lol - my primary concern is if for any unexpected reboots. Itâs a production server, so Iâd rather not have to SSH into it if my provider has a hiccup
<bekks> So deny the automatic start of nginx, and put all your manual actions into /etc/rc.local
<Hovercross> I guess I can do thatâ¦ it seems a little hackey though
<logikos> I need help with user and group permissions (i think) i have a symlink in /var/www to ~/public_html and i can execute ~/public_html/index.php  from browser just fine.  however php can not edit files in ~/public_html even though i set umask to 0002 (both in system and via php), all files and folders in ~/public_html/ have write bit for group on, and i did sudo usermod -a -G logikos www-data...
<logikos> ...AND sudo usermod -a -G www-data logikos
<logikos> if from php i try to do touch('test'); i get a permission error .. so www-data can not create the file....
<logikos> if from php i do echo exec('whoami') i get www-data
<logikos> i'm not sure how to troubleshoot this from here....
<Deeps> inb4ydiw, but i have multiple hosts that have the same short name, but different fqdns - is it possible to get the console to display the fqdn instead of the short name?
<mintux> i installed grml-rescueboot and add an iso and it shows in grub menu but when i try to enter it back to boot grub menu: http://storage5.static.itmages.com/i/16/0305/h_1457202765_1317328_4f6bd71496.jpeg
<mintux> any solution ?
<halvors1> I have some problems with IPv6. Even when a gateway is set in /etc/network/interfaces ubuntu does not add it to the routing table. Why is that?
#ubuntu-server 2016-03-06
<jancoow> Hi. Is it possible to port only 1 application over a vpn, but the rest of the connections (apache, normal ethernet) just trough the normal connection ?
<bekks> Most likely not, no.
<mybalzitch> https://schnouki.net/posts/2014/12/12/openvpn-for-a-single-application-on-linux/
<bekks> mybalzitch: And which application is using that vpn?
<mybalzitch> popcorntime in this case
<jancoow> i want to do it with transmission
<jancoow> but naice, it's possible
<jancoow> do i need a extra nic for this ?
<halvors1> I have some problems with IPv6. Even when a gateway is set in /etc/network/interfaces ubuntu does not add it to the routing table. Why is that?
<mybalzitch> halvors1: what does your interfaces file look like
<mybalzitch> also, why not just use dhcp6
<bearface> mybalzitch: you're everywhere!
<mybalzitch> bearface: :(
<qwebirc88531> Hi, I just connected a SAS hard-disk to my server machine, and i'm getting the following message in dmesg:  "Unsupported sector size 520."   What does this mean, and how to do I fix it so that I can use check the disk using badblocks (and then mke2fs to create FS) because right now badblocks is giving me the error message: "invalid starting block" "must be less than 0", which I suspect has to do with the former "Unsupporte
<mybalzitch> qwebirc88531: 2 seconds of googling your error message gives me http://pissedoffadmins.com/general/unsupported-sector-size-520.html
<qwebirc88531> mybalzitch:  I read that already.   I do not want to ruin a disk before understanding what exactly thosese commands do
<qwebirc88531> is 520 a standard sector size for SAS disks and if so, why does the linux kernel not support it?
<mybalzitch> no 520 is not a standard sector size.
<qwebirc88531> these are seagate constellation disks.  if that a standard sector size for seagate constellation disks then?
<mybalzitch> none that I've ever seen
<qwebirc88531> i'm trying to understand how the sector size of 520 was set to begin with.  these are used disks I bought off of ebay
<mybalzitch> they may have been used in some proprietary raid enclosure that decided 520 byte sectors is the way to go
<qwebirc88531> now that you mention that, could it be the case that my SAS controller (hardware/firmware) on my server machine only supports sector size of 520, and how could I verify this...
<mybalzitch> what kind of sas controller are you using
<mybalzitch> also, I've never heard of a sas controller reporting drives as being 520 bytes.
<mybalzitch> but what I don't know could fill a book
<mybalzitch> or three
<qwebirc88531> whatever comes presinstalled by default on my Lenovo ThinkServer, model# 70B5001TUX .  It has 4 SAS ports on the card.
<mybalzitch> lspci|pastebinit
<qwebirc88531> and I have only connected 1 SAS disk to this controller (other 3 ports are unconnected).
<qwebirc88531> that server machine does not  have network access, so i would be able to do lspci, but not paste anywehre...
<mybalzitch> ahhh
<mybalzitch> but think about it logically for a second
<mybalzitch> *everything* expects 512/4k sector sizes, and it's been this way since the age of modern hard drives. Why would they put out a sas card that only identifies drives as having 520 byte sectors, which breaks compatability with everything
<qwebirc88531> right, that makes sense... but then again, keep in mind I'm a complete NOOB to this - this is my first ever SAS disk, and even SCSI is new to me, i've only deal with SATA thus far...
<mybalzitch> quoting some random internet post: I read online the reason that these drive are formatted that way is due to some proprietary software that these vendor uses needs the additional sector size for some fancy parity stuff.
<qwebirc88531> the previous owner/seller seems to have used SeaTools (SeaGate proprietery disk checking software) to check these disks, and AFAIK used these disks under Windows...
<mybalzitch> nope
<qwebirc88531> nope... ?
<mybalzitch> they weren't used under windows, not with 520 byte sector sizes
<qwebirc88531> AFAIK, SeaTools only works under Windows, or maybe it was a BIOS/speacial-OS utility
<qwebirc88531> https://en.wikipedia.org/wiki/SeaTools
<qwebirc88531> Now, to the issue of making the disk usuable:  http://pissedoffadmins.com/general/unsupported-sector-size-520.html  says I have to download 'setblocksize'    ,    but https://bjartolini.wordpress.com/2014/11/06/108/  says I have to just run:  sg_format âformat âsize=512 /dev/sd...
<qwebirc88531> again, i do not want to ruin these disks by running some command that makes them permanently inacessible (if that is even possible), and so is running:  "sg_format âformat âsize=512 /dev/sd..."  safe to do? (I'll be replacing "..." with the drive letter).
<Razva> guys I *really* need an advice with this one. check this out: http://screencast.com/t/cu6FhNFpiCf < what is ks? the source (cd/dvd) or the target?
<mybalzitch> qwebirc88531: do it via sg_format and it's not like the disk works for you currently, so it's not going to get any worse.
<halvors1> mybalzitch: It doesn't work with DHCPv6 either.
<halvors1> mybalzitch: I don't know why it's not working. I've tried with dhcp as well.
<qwebirc88531> interesting that the sg_format manual actually shows examples of using with a block s
<qwebirc88531> size of 520
<qwebirc88531> so 520 maynot be so unusual...
<Razva> ok I'm officialy lost. can you please give me a hand with this: http://screencast.com/t/xWAygdZVzu I have no idea what the heck is going on.
<mybalzitch> Razva: are you sure you mean to be asking in #ubuntu-server ?
<Razva> mybalzitch well I have no idea where to ask... I'm just stuck at that darn issue
<qwebirc88531> mybalzitch:  about how long is the 'sg_format âformat âsize=512 /dev/sd...'  format operation supposed to take on a 3TB disk?
<mybalzitch> qwebirc88531: considering it has to rewrite every sector on the disk, 10 Hours at 80MB/s
<mybalzitch> so any time between now and then likely
<qwebirc88531> was not expecting that.... I thought it was an O(1) operation, not an O(n) operation... wish I had known about this block size issue earlier.... I would have started that process off, in advance... i'm running out of disk space and need that disk to be accessible fast ;-(
<qwebirc88531> mybalzitch:  and does it matter if I used /dev/sg2 in the command line, rather than /dev/sda (since they both refer to the same device)?
<mybalzitch> qwebirc88531: I'm not sure
<qwebirc88531> sg_scan revealed /dev/sg2 as that disk device... so, I figured I'd stick with that , and running sg_format without any options on that device shows the appropriate diagnostic output of 520-block-size disk , etc.
<mybalzitch> sure
<qwebirc88531> correct me if i'm wrong but /dev/sg* are character devices and, /dev/sd* are block devices.  So, does this make the sg_format operation any slower when accessing the disk as a character device as opposed to a block device?
<jayjo> i have a dead.letter that file that was outputting cron job outputs that I need to find an error message in, and it's now about 19.8 MB large. What are some tools I can use to search? I don't even mind scrolling, but I think cat is limiting the number of lines it prints
<jayjo> I frustratingly caputured an ouput of the time a script took that ran often, so a lot if is meaningless lenghts of time (eg "completed 9.384 seconds\n")
<jayjo> I do know that the error would first print the directory it was in, so I could eliminate a lot by just checking lines starting with "/home/jayjo/" knowing that it would have originated there, that would eliminate around 95% of lines. Can I do this with grep and piping or do I need some other tool?
<lordievader> Good morning.
<Tangurin> Hi! Do anyone here know how to install imagick for PHP 7.0?
<halvors> How can i request a prefix with DHCPv6-PD with dhclient using configuration in /etc/network/interfaces?
<Razva> for reasons I cannot really understand MAAS doesn't recognizes one of my server's NICs
<Razva> it has two integrated (Dell) and one PCI with two ports
#ubuntu-server 2017-02-27
<dureya> hello, I am setting up an ubuntu server for the first time and am fairly new to this. Currently I think I have downloaded it right, but when I do "sudo apt update && sudo apt dist-upgrade" it throws a few errors, 1: xenial-security inRelease temp failure resolving 'security.ubuntu.com', 2: xenial inRelease along with the same temp failure msg, 3: xenial-updates inRelease, 4: xenial-backports inRelease
<dureya> this laptop has a working wifi card
<dureya> but when I connect via ethernet, it still wont connect to the net :(
<dureya> hello?
<JanC> DNS issues?
<dureya> when I installed the os onto the dell it couldn't configure the DHCP.
<dureya> would that cause it?
<dureya> in ifconfig i got lo, and virbr0
<JanC> if you didn't set manual DNS servers and you don't get them from DHCP, yes
<JanC> sounds like you get no network at all then
<dureya> well, I am currently on the cmd now, is there any guide that I could use to get up the DHCP and the DNS server?
<JanC> dureya: I mean it seems like there are no (supported) network devices
<dureya> so does this mean I cannot join the network?
<dureya> sorry if I sound dumb, but I do have a wireless card in the laptop aswell as an ethernet port, but neither work. Do I need to turn any services on? Is there a way to set up a dhcp without internet? Do I have to reinstall the server?
<JanC> not before you find out why it doesn't see the network devices, e.g.: are they enabled in the UEFI firmware, do they need a firmware (some WiFi need that), do they need a driver that is not included, ...
<dureya> everything seems to be 'DOWN' when i do ip a
<OerHeks> dureya, type 'ifconfig' and see if you got an IP ??
<JanC> with only lo & virbr0 you can't get any useful IP address
<dureya> I ran 'lspci -nnk | grep 0200 -A2' and I have a 03:00.0 Ethernet controller[0200]: Realtek Semiconductor Co., Ltd. RTL8101/2/6E PCI Express Fast/Gigabit Ethernet controller [10ec:8136] (rev 05) kernal driver in use: r8169
<limbera> hello, what are the essential upgrades/packages that you would recommend any 16.04 app server have installed
<limbera> (or even removed from stock)
<dureya> inet addr: 192.168.122.1
<dureya> Bcast:192.168.122.255
<JanC> dureya: that's virbr0, I assume?
<dureya> yes sir
<dureya> lo and virbr0 both are showing that they're UP
<JanC> virbr0 is for communication with virtual guests (if you have any)
<dureya> I do not.
<dureya> Does this mean that the os is not reading my network adapter card or the wifi card?
<JanC> it means there is an issue with the drivers, I guess
<dureya> Any solutions? Im very lost right now.
<JanC> not any easy solutions
<JanC> except maybe testing a more recent kernel version to see if that helps
<dureya> would this happen to any server os I dl?
<JanC> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/141343 seems to be a similar issue
<ubottu> Launchpad bug 141343 in linux (Ubuntu Hardy) "r8169 driver does not work with Realtek "PCI-E" 8111B integrated network controller" [Medium,Fix released]
<dureya> thank you, I'll read it and see if I can fix it.
<JanC> it's for another network adapter though, but it also tries to use the same included driver which doesn't work
<dureya> oh...
<JanC> I suppose it's an unsupported variation of the same family of network chips
<JanC> dureya: how old is that hardware and what version of Ubuntu did you try?
<dureya> I am not sure how old it is. I got it from my uncle today and it is running on an intel core i3. Its a dell inspiron; ubuntu version is the recent ubuntu server release
<JanC> I was thinking a ballpark figure (and it should have a date somewhere at the bottom)
<dureya> 2011-2012ish
<dureya> JanC^
<JanC> so fairly long before the last Ubuntu was released
<dureya> yeah, it doesn't seem that long ago. Should I use an old ubuntu release?
<dureya> Or, any other server os you recomment? I am trying to setup a dedicated gaming server
<JanC> you could try installing r8168-dkms + its dependencies using an USB stick
<dureya> can i use a dvd instead?
<JanC> whatever you want, as long as everything you need is on it
<dureya> also, how can I run it once I put it in?
<JanC> https://help.ubuntu.com/community/AptGet/Offline might be useful
<JanC> and installing everything (r8168-dkms + all its dependencies) should in theory be enough
<JanC> another option is to use an USB WiFi or USB ethernet that you already know works well
<dureya> ok,I am going to try this out, thank you. Also, this is making my head spin
<dureya> so I got the dependencies and r8168-dkms on my usb with aptmedium, but I cannot install it :/
<dureya> JanC ^^
<zioproto> coreycb, jamespage I am preparing the Mitaka to Newton upgrade and I am hitting this bug https://bugs.launchpad.net/nova/+bug/1630732 The patch is in stable/mitaka but no included in the latest tag. I guess mitaka is already old and there will not be new tag releases right ?
<ubottu> Launchpad bug 1630732 in OpenStack Compute (nova) newton "online_data_migrations does not ignore deleted services" [High,Fix committed]
<jancoow> Hi.
<jancoow> I've mounted some samba shares and I want to share them with NFS
<jancoow> When I try to do this, I get an error exportfs: /mnt/samba/Films does not support NFS export
<mcnesium> I am on a pretty much default fresh installed ubuntu server. running byobu gives me a pretty weird looking bash prompt which I cant figure out where it is configured. https://fluse.elektrat.de/m/tmp/oqw2lde8.png
<mcnesium> any hints where this comes from?
<mcnesium> when not within byobu, the PS1 set in .bashrc is being used
<mcnesium> also there is some kind of error code being shown. any explanation on this would be interesting
<Village> Hello, what package are MySQL devel?
<cpaelzer> Village: libmysqld-dev / libmysqlclient-dev ?
<Village> Can check here does exist this packages?
<cpaelzer> Village: yep, see https://launchpad.net/ubuntu/+source/mysql-5.7
<cpaelzer> Valfor: and similar for other releases
<Village> first are, thank you, second be see
<Village> What command at channel shows info about existings packages?
<zul> coreycb: there are new point releases for oslo.messaging and oslo.log probably doesnt hurt to get them as well
<zul> (ocata)
<Village> cpaelzer, secound installed but exist, Thank You
<coreycb> zul, yeah
<coreycb> zul, zioproto had a question above
<zul> zioproto: ill include it in the list
<zioproto> zul, thanks. I asked nova upstream to come out with a new tag for the stable/mitaka branch
<zioproto> before they put this end of life
<rkn> hi all!
<cpaelzer> ho rkn
<rkn> i'm rtying to set pcre.recursion_limit for apache2 on ubuntu server xenial
<rossano> hi all!
<rossano> i'm rtying to set pcre.recursion_limit for apache2 on ubuntu server xenial
<rossano> any human here? :-)
<rossano> anybody can me expain how i can do that?
<sonu_nk> hi i would like to get help from all you best admin.. i have a ubuntu 16 server.. i want to install mail server on that.. and i want to install roundcube there..
<sonu_nk> please guide me step by step/ so i can learn and setup mail server..
<sonu_nk> Thankyuou
<ikonia> it's not that simple
<sonu_nk> i know.. ikonia i read .. thats why i am here with you all expert..
<sonu_nk> how can i proceed ? and how should i proceed ?
<ikonia> learn and understand how an internet email server works
<ikonia> plan for it and the technologies/setup you want to use
<ikonia> then ask specific questions
<sonu_nk> i want to use postfix
<ikonia> ok,
<ikonia> so learn how to use postfix
<ikonia> then ask specific questions for things you don't understand
<ikonia> in line with your requirements
<OerHeks> sonu_nk, the serverguide is a good start https://help.ubuntu.com/lts/serverguide/postfix.html
<sonu_nk> OerHeks: hi. i installed the postfix till the " sudo postconf -e 'home_mailbox = Maildir/'" command
<sonu_nk> i want to install roundcude...
<sonu_nk> so https://help.ubuntu.com/lts/serverguide/postfix.html here next step SMTP Authentication . is this i need to do ?
<sonu_nk> OerHeks:
<OerHeks> sonu_nk, without you send plain text mails.
<sonu_nk> OerHeks: ???
<sonu_nk> i only installed postfix.. now what is the next step ?
<hydoskee> was there a change networking between 16.04 and 16.10?  I'm trying to set up my static IP at /etc/network/interfaces and it's not taking properly
<compdoc> should be the same, if youre modifying interfaces
<rellis> Hello all. I'm trying to use the linux-aws package provided by the Ubuntu kernel team to get a newer version of the ixgbevf driver. However after I install the package I'm still seeing the old 2.12.1-k driver version. Any ideas what I'm doing wrong? or am I misunderstanding the release notes talking about a newer version of this driver?
<compdoc> maybe you need the interface name? its not likely to be eth0 anymore
<rellis> compdoc: I mean modinfo ixgbevf still shows 2.12.1-k
<nacc> rellis: compdoc was talking to hydoskee afaict
<rellis> oh sorry
<hydoskee> @compdoc - I made a modification for that :(
<hydoskee> that was the assumption since eth0 wasn't in ifconfig anymore
<compdoc> hydoskee, pastebin your interfaces file
<hydoskee> @compdoc - it's a little sensitive?
<hydoskee> I get that you can't triage without it, thanks for your help
<compdoc> what does this show you:    ip link show
<compdoc> dont know why it would be sensitive, unless youre using external ip addesses
<zioproto> zul, coreycb have an eye on this bug https://bugs.launchpad.net/nova/+bug/1668310 there is already a proposed fix for master. Is must be backported back to Mitaka or people will not be able to run the database migrations to upgrade di Newton
<ubottu> Launchpad bug 1668310 in OpenStack Compute (nova) "PCI device migration cannot continue with old deleted service records" [High,In progress]
<zioproto> zul, coreycb I would say that is a must have if you make a refresh of the nova package
<rellis> Anyone know what a commit message like this would imply? Revert "UBUNTU: [config] enable IXGBEVF_2_14_2=m instead of IXGBEVF"
<rellis> is that some flag I need to set to get the 2.14.2 revision?
<nacc> rellis: it means that they undid a chnage that turn IXGBEVF_2_14_2 on as a module in the kernel .config
<rellis> nacc: Is there an easy way for me to flip it back? so I can get 2.14.2?
<rellis> grub boot flag or?
<nacc> rellis: no, it's a compilation flag
<nacc> rellis: and probably there is a good reason it was reverted :)
<rellis> ugh, alright... so irritating ubuntu ships with an unusable version of that driver
<rellis> and the same garbage version from 14.04 no less
<nacc> rellis: afaict, that's an out of tree driver?
<nacc> rellis: don't see such a config option upstream, at least
<nacc> rellis: i'd ask in #ubuntu-kernel
<rellis> nacc: by out of tree you mean it's not part of the mainline kernel?
<nacc> rellis: yeah
<rellis> ya i think that may be true
<rellis> nacc: Do you have any insight into this post? or is it just false? https://ubuntuforums.org/showthread.php?t=2348532
<rellis> im guessing it's just false since i'm on 16.04.2 already
<nacc> rellis: looking
<nacc> rellis: were you on 16.04 and upgraded? or fresh install?
<rellis> fresh install
<rellis> on ec2 using ubuntu "cloud image"
<nacc> rellis: but you're on the 4.4 kernel
<nacc> rellis: the hwe stack is 4.8
<rellis> oh ya?
<rellis> hmmm..
<nacc> !hwe | rellis
<ubottu> rellis: The Ubuntu LTS enablement stacks provide newer kernel and X support for existing LTS releases, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<rellis> i wonder how i managed to get on an old kernel
<nacc> rellis: i'm not sure how the cloud images work in this regard
<nacc> rellis: as in, if there are two cloud images (one with the opted-in hwe kernel, one without)
<nacc> Odd_Bloke: --^ ?
<rellis> nacc: okay i think i get you, i've never really heard of that, i will give it a shot
<rellis> see if i get my fancy new driver..
<rellis> nacc: Thank you so much for the guidance. I got the new driver version!
<nacc> rellis: nice, np
<jge2> hey all good afternoon, anyone here ever used rsnapshot? I have a daily retention policy of 1 year. I would like to change this to be 6 months and purge the rest (trying to recover hd space here).. would it be just a matter of changing the daily retention to what I need inside rsnapshot.conf?
<sarnold> you may need to manually rm -rf the others
<jge2> hmm ok, yeah found a similar question here: https://sourceforge.net/p/rsnapshot/mailman/message/21937284/
<jge2> looks like they need to be manually deleted
<jge2> thanks sarnold
<dureya> guys
<dureya>  so I got the dependencies and r8168-dkms on my usb with aptmedium, but I cannot install it :/
<nacc> dureya: what happens when you try?
<dureya> it says file or directory not found
<dureya> does anyone have a aptmedium tutorial?
<nacc> dureya: https://wiki.debian.org/AptMedium ?
<sarnold> what's aptmedium? I don't see it via man -k or apt-cache search
<nacc> sarnold: it's a tarball from debian?
<nacc> sarnold: unclear :)
<nacc> also not sure why it's necessary, but whatever
<nacc> i guess if you have a bunch of equivalently offline machines, it's helpful
<dureya> i don
<dureya> oops i don't have a way to get onto the network because my ethernet port isn't supported by ubuntu
<dureya> its an old 10+ year bug
<dureya> still unfixed :/
<jerichowasahoax> What's the recommended way of configuring a static IPv6 address? The guide my VPS provider has given me uses /sbin/ip and /etc/network/interfaces but it doesn't seem to want to take
<rbasak> jerichowasahoax: /etc/network/interfaces
<jerichowasahoax> just making sure i'm tinkering with the right files, thank you
<EdwardIII> hey. is there a better way of quickly setting up a similar type of environment to this now? https://www.howtoforge.com/how-to-set-up-apache2-with-mod_fcgid-and-php5-on-ubuntu-10.04
<EdwardIII> just want to get rapidly up and running with support for multi-user where the web files are stored in the user's dir with sane perms when things like wordpress run
<EdwardIII> for webapps i'd use nginx/php-fpm but that seems a bit overkill here. mod_php seems to be a pretty popular option but then i don't think i can get perms how i want them
<sarnold> feel free to skip any guides written seven years ago :)
<sarnold> I don't think you want to use mod_php with multiple users
<EdwardIII> right
<EdwardIII> that guide contains lots of PITA stuff like creating suexec wrappers and so forth
<EdwardIII> is mod_fcgid still a good way of doing this?
<EdwardIII> i tried searching the wiki for mod_fcgid but got no results back
<EdwardIII> should i just shut up and use php-fpm?
<sarnold> no idea on the fcigd, I just know that you absolutely do not want your users to have shared php interpreters
<jerichowasahoax> EdwardIII: I don't speak nginx but if you can get php-fpm to do what you want, I would say go for it
<EdwardIII> i decided to give nginx a quick run through, got it up and running with php in about 20 mins which is pretty good :)
<jerichowasahoax> i'm not hosting for anyone but myself so i have the distinct advantage of being able to avoid php entirely ;-)
<peterd> I have recently set up an ubuntu server, 16.04 (LAMP, utils, OpenSSH, Samba, no DE). My expertise with server setup is 'beginner' (and with Linux I'm 'advanced beginner').  Today I signed into the server and attempted to load the lm-sensors and got the error "E: You don't have enough free space in /var/cache/apt/archives/"   .  Invoking df -h I see that the 23G I allocated for / has used 22G. (I've dedicated an older 250G sata for
<peterd> / and /home).  The only modifications since the install: I added ssh and added some security (ufw, and added tmpfs to fstab).  I also assigned 192.168.1.100 as the server ip address by modifying /etc/networks/interfaces adding dns-nameservers 8.8.8.8 8.8.4.4 as well as setting the .100 as reserved in my router (nighthawk).   I've run sudo apt-get auto clean, sudo apt-get clean and / is still 100% used.  Thoughts on what to try next?
<nacc> peterd: du -h --max-depth=1 / might help
<nacc> peterd: i'm guessing you've got an out of control log
<peterd> I'll try now, thanks...
<peterd> the response to du -h --max-depth=1 is
<peterd> I have recently set up an ubuntu server, 16.04
<peterd> My expertise with server setup is 'beginner' (and at Linux I'm 'advanced beginner').  Today I signed into the server and attempted to load the lm-sensors and got the error "E: You don't have enough free space in /var/cache/apt/archives/   .  Invoking df -h I see that the 23G I allocated for / has used 22G. (I've dedicated an older 250G sata for / and /home).
<peterd> Yesterday evening I added ssh and added some security (ufw, and added tmpfs to fstab).  I also assigned 192.168.1.100 as the ip address by modifying /etc/networks/interfaces adding dns-nameservers 8.8.8.8 8.8.4.4 as well as setting the .100 as reserved in my router (nighthawk).
<peterd> I've run sudo apt-get auto clean, sudo apt-get clean and / is still 100% used.
<peterd> Thoughts on what to try next?
<peterd>   
<peterd> oops
<peterd> 4 ./.nano
<peterd> 4 ./ .cache
<peterd> 28
<genii> ...
<sarnold> try that from your root directory instead :) and please use a pastebin for the output (the pastebinit tool can make that easy)
<nacc> peterd: note that i gave you a specific directory to run it in
<nacc> peterd: ( / being that directory )
<rbasak> peterd: baobab is nice to analyse what uses space (unless it's deleted files)
<peterd> I'll try again
<rbasak> You can run it from a desktop machine and it'll talk to the server over ssh.
<peterd> let's see if I did this correctly ... the output from the du command is at pastebin, http://pastebin.com/8pSkyqGR
<nacc> peterd: right, so as i suspected your /var si quite full
<nacc> peterd: note i suggested -h because it's quite a bit eaiser to ready
<nacc> peterd: so you can recurse and run it in /var instead of /
<peterd> will do, thanks
<peterd> the problem seems to be in ./log
<peterd> and within ./log, the kern.log and syslog are huge
<peterd> I must have set a flag to log everything.
<sarnold> delete some of the .2.gz kind of logs there
<sarnold> and look at some of the entries to see what's going on
<nacc> peterd: --^ what sarnold said
<nacc> GBs of logs typically indicate something is misconfigured or there is a serious issue (e.g., kernel-level errors)
<peterd> Agreed.  I'm trying to interpret the output.  tail of syslog gives me an ACPI error
<peterd> Same errors in Kern.log  --- errors started minutes after the install on 2/25.
<genii> Anything from dmesg|tail, like I/O errors?
<peterd> similar ACPI error   AE_NOT FOUND, while evaluating GPE method
<peterd> (after running dmesg|tail)
<peterd> I see that someone else had this error with the same type of Asrock mobo... maybe the error is there
<tarpman> peterd: check you're running the latest firmware/BIOS, sometimes bugs get fixed
<peterd> I'll contact Asrock and see if there is a bios update.  Many thanks for the help.  In the mean time, the workaround seems to be adding "disable>/sys/firmware/acpi/interrupts/gpe6F   (I wonder if this is related to the CPU heating problem I've noticed, that this mobo+i5 runs at 40C while my win10 box and linux box run at 27C)
<peterd> again, Thanks to Everyone for the help
#ubuntu-server 2017-02-28
<teward> so, stupid question but where are the autopkgtests stored
<Alessandro_> Hello. I'm having some issues using MariaDB on Ubuntu 16.04. I install it with "apt-get install mariadb-server mariadb-client". When I run "mysql -uroot", however, I get "Access denied for user 'root'@'localhost'". I then run mysql_safe_installation and set a password for the root user, and I still get the same error over and over again when logging in with "mysql -uroot -p" and typing the correct password. any hint?
<nacc> teward: how do you mean?
<teward> nacc: well, trying to ID what's going on with nginx
<nacc> teward: the tests themselves are in d/t/control
<teward> there's two regressions in diaspora-installer but that's something on their side not nginx
<teward> ah OK
<teward> nacc: looks like i never had to touch them before :p
<teward> i see some nginx fails today, gotta see what that's about :P
<teward> oh hm, ssl curves
<teward> *checks Zesty*
<teward> nacc: any idea how to check what ECDH curves are supported on Zesty?
<nacc> teward: i have no idea what that acronym is :)
<teward> i'll ask OpenSSL then
<Alessandro_> teward: try "openssl -v" IIRC
<trippeh_> for curves, openssl ecparam -list_curves
<teward> well I know what I have to do.  I have to drop a curve...
<teward> who do i prod to change what is acceptable or not for a given test?
<teward> autopkgtest* on the migration tracking system?
<nacc> teward: you update the test
<nacc> teward: wait, what do you mean 'acceptable'? all tests have to pass
<teward> nacc:  I.E. "always failed" or 'Ignored once"
<nacc> teward: that's the release team, i believe
<teward> OK
<teward> i'm going to have to drop a test since we don't support the curve... or mark "always failed"... might be easier to drop that curve from the test.
<nacc> teward: always failed is typically not set -- it's something autopkgtest runner recognizes
<teward> mmm
<nacc> teward: 'failure ignored' is what gets set
<teward> nacc: That's probably what's going to have to be set to get nginx out of proposed, but for more than just nginx.  I need to check with Debian in the interim
<nacc> teward: so this is a nginx test?
<teward> because i think they added a curve we don't support that got in from Experimental
<teward> nacc: well...
<teward> nacc: two problems:
<teward> (1) NGINX tests fail with Regression, I think it's because there's a curve added to the tests
<nacc> teward: it might be apporpirate to add delta is some test depends ona  feature we odn't support
<teward> (2) a *different* autopkgtest errors out
<teward> but *not* because of nginx
<nacc> teward: let me look
<teward> nacc: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#nginx
<teward> diaspora-installer is the only other one I am not looking into but those errors look like it's a repository problem *not* related ot nginx
<nacc> teward: ack, so you're saying we should skip the ec-x25519 test on ubuntu?
<teward> nacc: i'm saying "probably", but I need to figure out its origin
<teward> first
<nacc> teward: that should be done via a delta to the src package that either comments out (i prefer this but it's up to you, i think) or deletes it from d/t/control
<teward> nacc: I want to figure out if it's from Debian Exp. or not first
<nacc> teward: ack
<teward> that said I need a Debian image too to test
<nacc> teward: i'm looking at the other one
<nacc> teward: lxc launch images:debian/sid/amd64
<teward> if it works in Debian but not Ubuntu, then it's a delta that we can comment out for the test
<teward> nacc:  already ahead of you
<nacc> teward: and/or check ci.debian.net
<teward> but i'm installing the ubuntu-server image in an lxc container.
<teward> or rather, installing that metapackage
<teward> so i have a 'standard' set of crap lol
<nacc> https://ci.debian.net/packages/n/nginx/unstable/amd64/
<nacc> seems rather green
<teward> nacc:  yeah but i want to make sure that this test is 'new'
<teward> and if it's not 'new' then poke the Security team for a check on OpenSSL in Ubuntu to see if they dropped the curve or something
<teward> being thorough
<nacc> teward: http://autopkgtest.ubuntu.com/packages/nginx/zesty/amd64 fwiw as well
<nacc> teward: that test wasn't present in the last upload to z-p, it seems
<nacc> teward: it is present in debian
<teward> nacc: the 'last upload' to z-p was a half-merge
<teward> it was HTTP/2 fixes ahead of the actual merge from Debian
<teward> the 'latest' that got run had to wait for Perl to get out first
<teward> then it ran the autopkgtsts
<nacc> ack
<teward> so these are "new" tests that are originated from Debian since.. what, 1.10.0, so the Xenial cycle?
<teward> yeah I dont' see that curve in the OpenSSL curve lists
<teward> for Ubuntu anyways
<teward> gonna check that list vs. Debian and if the list is different then ignroe the check here in ubuntu by commenting out as part of the Delta
<trippeh_> our openssl is too old :)
<teward> :P
<teward> i'm almost certain it is
<teward> yay Debain container time to update you :p
<teward> s/Debain/Debian/
<teward> *notes to update his autocorrect*
<nacc> teward: i retriggered those two diaspora failures, i think they are going further, but we'll see
<teward> OK
<teward> nacc: thanks.
<teward> huh interesting I don't see that SSL curve in Unstable either o.O
<teward> ECDH*
<teward> confirmed the core issue
<teward> # nginx -T
<teward> nginx: [emerg] Unknown curve name "X25519" (SSL:)
<teward> nginx: configuration file /etc/nginx/nginx.conf test failed
<teward> in Zesty
<teward> but works fine in Unstable
<teward> so that's just a curve we don't accept.
<teward> s/accept/have/
<trippeh_> maybe it doesnt list these newfangled non-ECDH curves in ecparam
<teward> trippeh_: it might not
<trippeh_> it is new in openssl 1.1 fwiw
<teward> ah, that would explain that
<nacc> teward: yeah, i think those two diaspora failures will clear on their own now
<teward> we don't roll 1.1 yet I don't think
<teward> nacc: OK.  I'm going to go and say "We don't support this curve, because OpenSSL is older than 1.1.0"; how did you suggest I go about 'dropping' the test?
<nacc> teward: no, 1.0.2g on zesty
<nacc> teward: add a delta, each test is a stanza in d/t/control
<teward> yes but define "delta" as in drop the test or comment out the entire test?
<nacc> teward: and then i'd say in the changelog entry (so we know for merges) that once we are at openssl 1.1.0 we can drop it
<nacc> teward: totally up to you
<nacc> teward: if we did everything with an SCM, then i'd say delete it, but it's a little more self-documenting if commented out
<teward> nacc: I actually have a copy of the packaging in a GitLab instance of my own, so it's sorta version controlled.
<nacc> teward: and since you are the maintainer, i think that's ok then to just drop it and you'd know
<teward> nacc: yep, well I'm just going to remove it from d/t/control but leave the test "in there"
<nacc> teward: if someone were to come along and do teh team workflow to re-merge it, it'd also be obvious what corresponds to what, i think
<teward> and comment accordingly.
<nacc> teward: yeah exactly
<teward> nacc: indeed.  Though the team tends to poke me for testing first lol
<nacc> teward: :)
<trippeh_> "Unknown error executing apt-key" - thanks, apt-get
<nacc> heh
<teward> oops i forgot to put bugfix-only in the changelog fff
<teward> 'accepted' oh cool.
<teward> nacc: I could probably alter the test to try and test the OpenSSL version first.  But I'm lazy :P
<teward> I'll just yell at Debian for making me increase the delta :P
<teward> again.
<teward> nacc: looks like the diaspora-installer tests didn't blow up this time heh
<teward> since now it's not erroring on the gems xD
<teward> nacc: what do I need to do if I want to set up autopkgtests for a PPA build before I upload something, say on a local test instance?
<teward> if you know :)
<trippeh_> ah lol, since I was chrooting from a EL7 install, PATH lacked /bin ...
<trippeh_> "wait! no grep!??"
<nacc> teward: you can run an autopkgtest against a specific PPA build, one sec
<nacc> teward: https://wiki.ubuntu.com/ProposedMigration "Testing aginsta a PPA"
<teward> nacc: yeah, trying to see where it reports that
<teward> nacc: apparently I'm "not authorized" to see the report.  or it hasn't run yet, I don't see it queued either.
<nacc> teward: i can run it for you probably
<nacc> teward: if you have the ppa set up
<nacc> teward: and diaspora passed now (excuses is still pending an update)
<teward> nacc:  it'll likely rerun and/or explode
<teward> nacc: i was able to *request* the build against the nginx stable PPA.  I can't see if it's pending or not
<teward> that's all.
<teward> It didn't say I didn't have privs. to request.
<teward> probably since i'm the admin for that 'group' PPA :P
<nacc> teward: oh you'd see it running in the autopkgtest running page
<nacc> https://autopkgtest.ubuntu.com/running
<nacc> teward: so you uploaded a new version, anyways, right?
<nacc> as i see tests running for ubuntu3
<teward> nacc: yes.
<teward> nacc: -1ubuntu3 has a fix for the autopkgtests.
<teward> and was already accepted somehow.
<teward> it'll probably *still* need pushed by the release team
<teward> nacc: can you check if there's nginx tests against 1.10.3-1+zesty0 or similar in a PPA?
<teward> being run now
<teward> I expect that to blow up actually lol
<teward> (in a PPA)
<teward> 1.10.3-0+zesty0 actually heh
<teward> blah i'm tired
<nacc> teward: no, there's only feature freeze on, so it shouldn't need any help in this case
<teward> OK
<nacc> teward: and yes, i now see the zesty0 running
<nacc> against your ppa
<nacc> http://autopkgtest.ubuntu.com/running#pkg-nginx
<teward> cool.
<teward> nacc: yep i see it working thanks
<nacc> teward: the only annoyance is you can't see the logs fully until the test finishes and copies over
<nacc> teward: which is quite a bit slower than the normal autopkgtests i've found
<teward> nacc: Indeed, though my PPA update workflows are not ones I regularly need to poke so :P
<teward> (nor do I need rapid testing)
<teward> nacc: looks like commenting out that autopkgtest solved the failures for nginx, let's just hope diaspora doesn't blow up in our face again :P
<teward> wth 'nova' regression
<teward> nacc: can you see https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty/zesty/armhf/n/nova/20170228_013617_86af9@/log.gz and tell me what's dead here?
<teward> it *looks* to me like it's an openscsi / erlang issue
<teward> not even sure *why* nova is triggered by the nginx test though
<nacc> teward: i'd guess not your issue
<nacc> teward: i'll retry it
<nacc> teward: although i agree, i don't know why nova ran
<nacc> teward: in fact, i don't see anything installed from -proposed at all except
<teward> nacc: I think you trailed off...
<teward> [2017-02-27 21:46:23] <nacc> teward: in fact, i don't see anything installed from -proposed at all except ...
<teward> nacc: ^.^ nginx has finally left -proposed and landed in Zesty
<teward> I can rest easy!
<teward> Server Team: I can safely say that the NGINX merge has been completed.  Starting with Zesty, we now have ***dynamic module support***
<teward> future merges should not be as hellish anymore :)
<teward> (cc rbasak, jgrimm, sarnold because reasons, anyone else who cares) ^
<sarnold> teward: nice :D now to relax! :D
<teward> sarnold: truth!
<frickler> jamespage: did you take a look at building kraken yet? (ceph-11.2.0) would it still seem feasible to get it into zesty?
<jamespage> frickler: I did take a peek but then discussed with sage; we don't normally drop the interim releases into Ubuntu
<jamespage> frickler: so next drop with be luminous in the spring - probably for 17.10
<frickler> jamespage: o.k., thx for the info
<DK2> after installing a server with 2 TB disks i get "cannot get disk parameters" when booting the hard drive
<DK2> the installation seems to be fine when checking via a live cd
<DK2> what could be the cause for it?
<DK2> does the server does not see the drives?
<DK2> figured it out, the bootvolume was not set
<sarnold> where did you set it?
<zioproto> hello there. I would like to make a refresh of the nova package
<zioproto> this is different from when I just add a patch in debian/patches
<zioproto> there is a standard procedure to refresh the upstream version ?
<lordievader> Good morning.
<sarnold> zioproto: usually along the lines of: download the new tarball, verify sigs; unpack tarball; rm -rf newtarball/debian/; cp -a oldtarball/debian/ newtarball/debian/ ; rename the tarball to have the .orig.tar.gz name; edit the newtarball/debian/changelog file, add a new entry with new version number, description of what patches remain; fiddle quilt patches from debian/patches/ as needed
<zioproto> sarnold, ok, so I have to wait the nova folks to create the tarball. I though I could import a git commit from the nova repo
<sarnold> zioproto: well there's a whole 'git build package' thing going with some way to treat upstream gits as tarballs without the tarballs.. all I know is the ancient stuff :)
<rbasak> teward: thank you!
<maswan> Hm. Upgrading our storage servers to xenial we saw a large performance degradation on our hp hw raids (hpsa), anyone else with similar observations? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1668557
<ubottu> Launchpad bug 1668557 in linux (Ubuntu) "Write performance regression severely affecting hpsa controllers" [Undecided,Confirmed]
<cpaelzer> maswan: from 3.18.18 to 3.18.21 is already a good narrow diff to look for
<cpaelzer> maswan: you said simple dd test is driving this
<maswan> yup
<maswan> or, well, my collegue across the corridor
<cpaelzer> maswan: could you provide the exact command and (to start) an output of "iostat -xtdk 5" that was running over the time
<maswan> sure
<maswan> ok if I limit iostat to just the relevant device?
<cpaelzer> maswan: sure
<maswan> (lvm for OS stuff, so lots of dm-*)
<cpaelzer> it is just a start to get a feeling where we should go to
<cpaelzer> if you write only to a single device, just that
<cpaelzer> if you write to an LVM or such just the related devices to your workload
<cpaelzer> like top lvm, and the PVs that matter
<maswan> no, we write to xfs on /dev/sdb
<maswan> for data
<maswan> lvm for OS on /dev/sda (different slice, hpssacli output is already attached)
<cpaelzer> I'm still reading through the attachments
 * maswan nods
<maswan> soon you'll get another. :)
<cpaelzer> perfect would be to get the iostat for just the two god/bad kernels that are close
<maswan> bad case is in, rebooting for good old kernel. :)
<maswan> hm. one case we haven't tried so far in pinning the blame is dd:ing directly to the block device.
<cpaelzer> maswan: raw access and/or an alternative fs (like ext4) can be worth a shot for sure
<maswan> let me get iostat for the fast case first though
<cpaelzer> absolutely
<maswan> hm. do you want iostat for the first-good mainline kernel too?
<cpaelzer> as I read the bug I thought that comparing 3.18.21-031821.201509020527 vs 3.18.22-031822.201510031227 should be best right?
<maswan> yes
<cpaelzer> that is minimal delta in terms of patches
<maswan> Will do that, just ran it on whatever it was booted on first.
<cpaelzer> so I'd compare those until we have a reason to look further
<maswan> and then thought harder of what would be best for comparison. :)
<cpaelzer> to pick those two will avoid us seeing a lot of "other" noise in logs
<maswan> ho hum
<maswan> hp servers are slow to boot
<patdk-lap> slow is an understatement
<maswan> I heard quite a bit of grumbling yesterday when Nikke was bisecting kernel versions and had to wait for a reboot between each test
<maswan> There, iostat and command line output from the last fast and first slow 3.18.2* kernels
 * cpaelzer reading
<maswan> and on the slow kernel, pretty much identical performance for dd if=/dev/zero of=/dev/sdb bs=256k, possibly slightly slower
<cpaelzer> it seems it no more recognized this as a raid
<cpaelzer> so the block device layer is holding back requests to merge them
<cpaelzer> maswan: you see write reqeust merges per sec ~500
<cpaelzer> maswan: and due to that ~8x bigger write requests
<cpaelzer> maswan: which in your case sucks, as the raid below will split it along its stripe size again
<cpaelzer> or would have handled all of them in cache already
<maswan> cpaelzer: that could indeed explain the suckage
<cpaelzer> maswan: you also see that while rq-size is x8 the write await is x60
<cpaelzer> so you can be happy that it is "only" 1/2 instead of 1/7.5 speed
<cpaelzer> now lets start to look for changes
 * cpaelzer reading diffs
<maswan> thanks
<cpaelzer> maswan: IIRC somewhere in /sys there were attrivutes for the devices that flag such things (spinning, cached, ...)
<cpaelzer> maswan: while I look for code if you could look in ...
 * cpaelzer is searching
<cpaelzer> maswan: get that for both kernels booted on your device (sdb?)
<cpaelzer> $ for i in /sys/class/block/sda/queue/iosched/* /sys/class/block/sda/queue/*; do echo $i $(cat $i); done
<cpaelzer> there should be no diff between stable kernels, if there is that is another indicator where to look
<maswan> yup, working on it
<maswan> aka waiting for reboot
<cpaelzer> maswan: also you go through page cache with your test (intentionally?) - once time permits you could try if all is the same with oflag=direct
<cpaelzer> yet the request merging is a hotter lead which should be pursued first
<cpaelzer> OTOH the reboots seems to be what slows you down, so we might collect what we can do each cycle
<maswan> well, the first test of dd into a file on xfs is very close to the production case
<maswan> which is taking large files from network onto disk (and then spooling them to tape, or the other way around)
<maswan> before ingest rate it could handle was line speed 10GE
<cpaelzer> ok, if close to the real cae lets stick to that for now
<maswan> well, single file all zeros is already a simplifcation of it. but sure, I can try some oflag=direct while I'm booted anyway. :)
<maswan> only diff is max_sectors_kb, 4096->512
<maswan> attaching fastmode output to the bug now
<cpaelzer> but well that is it maswan
<cpaelzer> that is the critical value
 * maswan nods
<cpaelzer> and the size close to 8k is in 512b sectors to 4096 (kb) matches the 8*512
<maswan> so probably no need for more narrow dd test cases
<cpaelzer> maswan: exactly
<cpaelzer> maswan: I still struggle to see the patch that causes it, but there is a workaround for you to test
<cpaelzer> maswan: boot the slow kernel and set 512 into that calue
<cpaelzer> hmm
<cpaelzer> was that a writable one
<cpaelzer> uh it might not be
<maswan> seems to be writeable
<maswan> lets see
<cpaelzer> maswan: if you are tuning later for raids you might also consider setting /sys/class/block/sdb/queue/rotational to 0
<cpaelzer> locality with so many disks is kind of inexistant
<cpaelzer> but one change at a time
<cpaelzer> let me know if setting the smaller max_sectors_kb helped
<cpaelzer> maswan: I think I found the change http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=20d74bf29cfae86649bf1ec75038c79a9bc5010f
<cpaelzer> it is correct to "fix" it, yet in your case with the drives very likely not having 4k formatting and the strip-size/offset being different it comes to the need of tuning that now
<cpaelzer> maswan: let me know how setting 512 worked for you
<maswan> cpaelzer: yup, that does indeed make stuff fast on the newer kernel
<cpaelzer> yeah
<cpaelzer> maswan: for more tuning, have you tried the rotational=0 as well?
<cpaelzer> maswan: TL;DR IMHO the controller always announces 4k, instead of being smart and on a certain raid setup drop to the stripe or sector size
<cpaelzer> maswan: newer linux "fixes" now pick these values up correctly which makes it slower for you :-/
<cpaelzer> maswan: interested in the rotational flag
<maswan> rotational=0 makes very little difference
<cpaelzer> it should save cpu time
<maswan> maybe 5-10% for kb=512
<cpaelzer> I come from mainframes, every cycle is expensive :-)
<cpaelzer> Or make it green, save energy :-)
<cpaelzer> maswan: there are other cases where reverting that fix is no option, are you good setting that value as a tuning in your setup?
<cpaelzer> maswan: if so I'd close the bug report with that stated
<maswan> We're good with setting that in our setup, maybe hpsa authors should be prodded that they shouldn't advertise larger blocks to the kernel than they can (reasonably) handle?
<cpaelzer> maswan: as I said they correctly say what they "can" handle, but an option to "advertise what is smart instead of what we can"might be worth
<cpaelzer> maswan: if you have contacts at least ask them
<maswan> not really
<maswan> hm. I guess they might be reading linux-raid though, I'm a long time lurker in there
<maswan> Please close it with as much info you can think of on the causes etc
<cpaelzer> maswan: done
<cpaelzer> maswan: you might use the bug as link in your post
<maswan> Yeah, that was my intention
<cpaelzer> maswan: I'd be pleased if you could set my user to cc, email is in the launchpad account I posted to the bug
<maswan> Sure!
 * cpaelzer is happy that his 12 year old thesis knowledge still applies to todays real world cases :-)
<zioproto> zul, hello there, are you refreshing some nova stuff today ?
<maswan> hm. cc:ing a googled-up hpsa driver contact address too
<zioproto> guys, looking at the repo git://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/nova how do you do a commit like 8de3da59a8a8c68f76cea78e5319ad18cf8c2531 ? Do you use a tool like git-dsc-commit ?
<zioproto> when I refresh the nova tag
<zioproto> should I git checkout in detached head the current latest tag, then make a new commit, and tag it ?
<zioproto> then I can merge that new tag into stable/mitaka
<zioproto> is that the idea ?
<zioproto> I think basak told me this in the past, where are the logs of this IRC channel ?
<Slashman> hello, I have "/usr/lib/accountsservice/accounts-daemon" at 100% CPU (on one thread), anyway to understand why? (ubuntu xenial)
<cpaelzer> Slashman: you might start it with --debug --replace to get a log what it is doing - although I don't know how disruptive that might be
<cpaelzer> Slashman: eventually it is supposed to implement a dbus service, so maybe some dbus monotoring might do it as well
<cpaelzer> Slashman: but my dbus-foo isn't good enough to guide you n that
<Slashman> cpaelzer: this server has only one main service : proftpd, I guess that is somewhat related
<jamespage> zioproto: the tool you are looking for is gbp import-orig
<jamespage> that allows you to import a new upstream release
<zioproto> I managed to do it with git
<zioproto> I just added the git remote of the upstream
<zioproto> and I did
<zioproto> git checkout tagname -- .
<zioproto> then I had to commit manually
<zioproto> when you do the merge of the new tag into the stable/mitaka ... I should just discard the changes to the .gitignore and to the .gitreview, right ?
<zioproto> Basically I am trying to create a commit like this one 6de2684e69b8945042c32d185307f10fcf50b24e
<maswan> cpaelzer: Btw, Nikke is not quite agreeing that this isn't a hpsa driver bug, giving crappy performance by default.
<maswan> but I guess that's more useful in a discussion with upstreams
<zioproto> coreycb, is there already a LP bug for the new nova release ? https://review.openstack.org/#/c/438570/
<coreycb> zioproto, hello I would guess so. zul is working on stable point releases this week, so he would know better than me.
<zioproto> zul, we have a race between ubuntu making the SRU packages and nova pushing his 13.1.3 tag :)
<zioproto> please make sure ubuntu packages will be at 13.1.3
<zioproto> uhm, I am not sure how to update the pristine-tar branch
<FrEaKmAn_> hi all.. I have a simple webpage in folder owned by root:www-data... I created new user test and added this user to www-data group
<FrEaKmAn_> but that user still cannot write to that folder... any ideas?
<FrEaKmAn_> I logged out, restarted everything...
<zioproto> ok I did something like pristine-tar commit ../nova_13.1.3.orig.tar.gz 13.1.3
<zioproto> ahhhhh
<zioproto> I restarted from scratch
<zioproto> gbp import-orig --upstream-version=13.1.3 --debian-branch=stable/mitaka --merge --pristine-tar ../nova_13.1.3.orig.tar.gz
<Slashman> cpaelzer: looks like my issue is the same as https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/1316830
<ubottu> Launchpad bug 1316830 in accountsservice (Ubuntu) "/usr/lib/accountsservice/accounts-daemon :: memory and CPU time leak" [High,Confirmed]
<zioproto> guys is this something valid in Xenial ? 'add-apt-repository -s ppa:ubuntu-cloud-archive/tools'
<zioproto> I dont see any xenial here: http://ppa.launchpad.net/ubuntu-cloud-archive/mitaka-staging/ubuntu/dists/
<SmOkE_RU> ÃÃ±Ã¥Ã¬ Ã¯Ã°Ã¢Ã¨Ã¥Ã², ÃªÃ²Ã® Ã¬Ã®Ã¦Ã¥Ã² Ã¯Ã®Ã¬Ã®Ã·Ã¼ Ã± Ã¯Ã®Ã±Ã²Ã´Ã¨ÃªÃ±Ã®Ã¬?
<zioproto> jamespage, http://paste.openstack.org/show/600790/ ?
<SmOkE_RU> ÐÑÐ¾-ÑÐ¾ Ñ Ð¿Ð¾ÑÑÑÐ¸ÐºÑÐ¾Ð¼ Ð¼Ð¾Ð¶ÐµÑ Ð¿Ð¾Ð¼Ð¾ÑÑ?
<zioproto> SmOkE_RU, ÐµÑÐ»Ð¸ Ð²Ñ Ð¼Ð¾Ð¶ÐµÑÐµ Ð³Ð¾Ð²Ð¾ÑÐ¸ÑÑ Ð¿Ð¾-Ð°Ð½Ð³Ð»Ð¸Ð¹ÑÐºÐ¸, Ñ Ð¼Ð¾Ð³Ñ Ð¿Ð¾Ð¼Ð¾ÑÑ Ð²Ð°Ð¼ Ñ Ð¿Ð¾ÑÑÑÐ¸ÐºÑÐµ
<zioproto> (google translate)
<SmOkE_RU> zioproto i think i can)
<zioproto> so just ask your question in English, it will be easier to get an answer :)
<SmOkE_RU> zioproto i am install postfix for forum phpBB, and cant send emails, in terminal postfix sends mails
<zioproto> are you sure phpBB is using postfix to send the mails ?
<zioproto> sometimes php programs call their out php mta functions
<SmOkE_RU> zioproto yes, phpbb use postfix, i see it in logs
<zioproto> what do you see in the postfix logs ?
<zioproto> if you do 'mailq' you see messages in the queue ?
<SmOkE_RU> can we go private?
<zioproto> better here
<zioproto> so it is a easy problem
<zioproto> postfix is running with SSL
<zioproto> and probably the phpBB is not
<zioproto> do you need encryption between phpBB and postfix ?
<zioproto> just configure postfix to work without SSL if they are talking on localhost on the same serer
<zioproto> server
<SmOkE_RU> hm
<SmOkE_RU> zioproto in main.cf i need disable ssl, right?
<zioproto> yes, I dont know the extact line to change, but should be easy
<zioproto> anyone that had built a openstack cloud archive package for xenial can look at this build log ? https://www.dropbox.com/s/40ps3wf849z3b2d/nova_13.1.2-0ubuntu2_amd64-20170228-1528.build?dl=0
<SmOkE_RU> zioproto, ok i disable ssl, now phpbb in error says: SMTP-server not supported auth
<zioproto> ok, there is an authentication problem
<zioproto> just tell postfix to accept mail from localhost
<zioproto> I think it is in main.cf write mynetworks = 127.0.0.0/8
<SmOkE_RU> zioproto mydestination = localhost - already set
<zioproto> what about mynetworks ?
<SmOkE_RU> zioproto, mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
<zioproto> from the log do you see what is the address that phpBB uses to connect to postfix ?
<SmOkE_RU> zioproto, Feb 28 18:39:12 truecm postfix/smtpd[8037]: lost connection after EHLO from localhost[127.0.0.1]
<zioproto> I think phpBB is trying to use a name and password even if it is not needed
<zioproto> check the config
<zioproto> make sure is not trying to use a name and passwd
<SmOkE_RU> zioproto method of auth PLAIN or LOGIN? for phpbb
<zioproto> I have no idea
<SmOkE_RU> :LD
<zioproto> you need to read the docs for phpbb
<SmOkE_RU> zioproto i dont know how, but it works :D
<SmOkE_RU> zioproto in phpbb i see error, but i recerve test email :D
<zioproto> great
<nacc> teward: err, sorry about that :) -- should have ^W one more time :)
<SmOkE_RU> zioproto thanks for help :)
<zioproto> no problem !
<zioproto> I have no idea when I try to build nova, the build process tries to do 'add-apt-repository -y ppa:ubuntu-cloud-archive/mitaka-staging'
<zioproto> coreycb, jamespage I found a problem with sbuild-mitaka
<zioproto> when buidling from xenial
<zioproto> --chroot-setup-commands="add-apt-repository -y ppa:ubuntu-cloud-archive/${release}-staging"
<zioproto> this repo does not work for mitaka
<frickler> zul: two more bugs we noticed when upgrading from Mitaka to Newton: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1668676 https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1668578, hope you can integrate that into https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1664306
<ubottu> Launchpad bug 1668676 in nova (Ubuntu) "Newton package needs to bump dependency on python-rfc3986" [Undecided,New]
<ubottu> Launchpad bug 1668578 in neutron (Ubuntu) "Newton package needs to bump dependency on python-pecan" [Undecided,New]
<ubottu> Launchpad bug 1664306 in nova (Ubuntu Yakkety) "newton stable SRU releases" [Undecided,New]
<zioproto> coreycb, I dont get how to build mitaka packages for Xenial. Looking at http://ppa.launchpad.net/ubuntu-cloud-archive/mitaka-staging/ubuntu/dists/ and http://ppa.launchpad.net/ubuntu-cloud-archive/newton-staging/ubuntu/dists/ looks like there is not a Openstack release supporting both trusty and xenial. This breaks the logic in the scripts sbuild-mitaka
<coreycb> zioproto, for mitaka you sould just use plain old sbuild
<coreycb> zioproto, for xenial-mitaka, that is
<zioproto> coreycb, how I complete this string ? add-apt-repository -y ppa:ubuntu-cloud-archive/${release}-staging"
<zioproto> what ppa works for xenial mitaka ?
<zioproto> If I remove it completely I get other build errors
<zioproto> just give me please a sbuild command string that is known to work to build xenial mitaka, so I can build nova and then go on and test the nova release refresh :)
<coreycb> zioproto, https://wiki.ubuntu.com/OpenStack/CorePackages
<coreycb> zioproto, try using gbp
<coreycb> zioproto, are you using our git repo for nova?
<zioproto> debcheckout --git-track='*' nova
<zioproto> clones git://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/nova
<zioproto> cd nova ; git checkout stable/mitaka
<zioproto> gbp buildpackage -S -us -uc
<zioproto> I miss the right sbuild command to point to my dsc file
<coreycb> zioproto, and what sbuild commands?
<zioproto> that is in ../build-area
<zioproto> if I remove adding the ppa
<zioproto> the build fails
<zioproto> wanna see the log ?
<coreycb> zioproto, sure but let me see the sbuild commands first please
<coreycb> zioproto, you don't need to do anything to the sbuild chroot
<coreycb> zioproto, so you shouldn't be using a ppa or anything
<zioproto> so usually I use the sbuild-mitaka
<zioproto> http://paste.openstack.org/show/600803/
<zioproto> I tried removing line 28
<coreycb> zioproto, sbuild-mitaka is only for trusty
<coreycb> zioproto, all you need for xenial is 'sbuild -A -d xenial-amd64 ../build-area/nova*.dsc'
<zioproto> sbuild -d xenial-amd64 -A ../build-area/nova_13.1.2-0ubuntu2.dsc
<zioproto> ok I am trying this one
<teward> nacc: it happens :)
<teward> nacc: GOOD news is it's out of proposed and into Zesty now so yay.  so i can rest nwo xD
<teward> now*
<nacc> teward: nice :)
<zioproto> ok it looks like it is working
<zioproto> coreycb, thanks !
<teward> nacc: turns out that we were right to disable the test - Debian did the same for backports this time round.
<coreycb> zioproto, yay :)
<nacc> teward: awesome, that's good
<teward> nacc: oh how I love the evils of 'merging from scratch' :P
<teward> though it was necessary due to the severity of how out of sync we were :P
<zioproto> bye everyone, see you tomorrow !
<rbasak> nacc: ping
<nacc> rbasak: pong
<rbasak> nacc: IRC? Hangout?
<nacc> rbasak: IRC is fine
<rbasak> I'm not sure I understood the context.
<nacc> rbasak: so for the importer -- i did a quick check
<nacc> rbasak: of the ones that failed to import, about 3 or 4 do work now, so it could be network issues, etc.
<nacc> rbasak: not 100% on those (yet)
<nacc> rbasak: but for the rest that still fail, it's all the FF issue for the -devel branches
<rbasak> OK
<nacc> rbasak: are you ok with me implementing the merge idea?
<nacc> rbasak: that is, the -devel branches stay FF by merging the new commit and the old head?
<rbasak> Yes, but I think we need to be consistent. So we should bump the -devel branch on every version, not just at the end.
<rbasak> I don't know if that'd be quite a big refactoring?
<rbasak> But otherwise the data structure obtained would be dependent on timing of imports, which I think would be bad.
<nacc> so the -devel branch would become quite a bit 'noisier', but would be be correct
<nacc> it will also slow it down a bit, if it has to do the check for every pocket on every import
<rbasak> Yeah
<rbasak> If refactoring, please take my refactoring branch first.
<rbasak> nacc: it's just a local and inexpensive check though, no?
<nacc> it's not entirely inexpensive, it has to look at each head in a given series and decide which is 'latest'
<nacc> refactored, i might be able to restrict it to the affected series, so it might not be a big deal
<rbasak> OK
<nacc> rbasak: the only other concenr is the abvoe chagne means existing imports are 'incorrect' or would differ from from-scratch imports
<nacc> rbasak: i think that's unavoidable for now, though
<rbasak> Agreed on both.
<nacc> rbasak: ack, thanks!
<rbasak> Incidentally, I had a thought related to this.
<nacc> sure
<rbasak> Adopting upload tags (or not) also mutates the commit hashes.
<rbasak> And upload tags may arrive late, in which case they won't be adopted.
<rbasak> So perhaps we could use "git notes" to add a note to tell us whether a particular upload tag has been seen or not, and whether it was adopted or not.
<nacc> yes, i think we discussed this at the sprint
<nacc> sure
<rbasak> Then the importer could run in a mode where it only adopts upload tags that were previously adopted.
<rbasak> And then third parties have the option of not mutating things.
<nacc> we also discusssed *always* taking the upload tag, but there might be a diff between it an and the import tag (as opposed to ignoring them now)
<nacc> true
<teward> rbasak: not sure if you saw my highlight from last night, nginx merge is completed, and now out of zesty-proposed and in zesty proper.
<teward> after fixing one of the autopkgtests heh
<rbasak> teward: I did. I thought I replied. But if not, thank you!
<nacc> rbasak: let's hold off on that for now, if taht's ok with you? we can talk about it next week. I'll file it as a bug if it's not already
<rbasak> nacc: sure. Not suggesting we have to do that now.
<teward> rbasak: you may have but it gets buried under the cruft i see here - limited RAM on my system running my boucer
<rbasak> Just thought I'd mention it while we were talking about mutations.
<teward> < 128MB, so I have very low scrollback limits :)
<nacc> rbasak: ack
<teward> rbasak: I'll update the package page I created for the triage stuff to indicate "New Features as of Zesty:" section.  And some "Runtime Notes" about the fPIE/fPIC impact on 32bit systems
<teward> which is noticeable but not insane
<nacc> teward: do we want 'new features' in the release notes?
<teward> nacc: We're going to have a good sized blurb for Zesty about the release notes
<teward> because we have dynamic module support now
<teward> and a reorg of the packages because of binary changes, etc.
<teward> as for "new" features, the big one's dynamic module support, but we can have "More Details" on the ServerTeam/Nginx page.
<teward> since that's now a thing :P
<teward> the big one's going to be fPIE/fPIC and "Performance Notes"
<nacc> teward: sounds good :)
<teward> because with just fPIE there's not a huge performance hit, with fPIE+fPIC which is needed this time around, we have a higher impact this time around
<teward> (though we've been rolling fPIE since Trusty I think, so that impact is already known.  No, I don't have exact benchmarks unfortunately.)
<teward> rbasak: nacc: https://wiki.ubuntu.com/ServerTeam/NGINX/ZestyZapus - Thoughts?
<fullstop> Hi all.  Is there something different with 16.04 where it fills up /boot with kernels automatically?  I don't have unattended upgrades enabled, but it seems to be doing it anyway.
<fullstop> it appears that unattended upgrades for security related things was somehow enabled.
<scottjl> fullstop: look at /etc/apt/apt.conf.d/50unattended-upgrades and see what's been uncommented
<scottjl> by default kernels aren't upgraded though
<fullstop> yes, I see why it's doing it..
<fullstop> but I have no idea how this was set.
<scottjl> someone/something changed it.
<fullstop> and it's enabled on all the 16.04 servers we have here.
<scottjl> puppet?
<scottjl> salt?
<fullstop> but none of the 14.04 or 12.04 (which are slated for retirement)
<fullstop> salt
<fullstop> but the same states are used on all.
<scottjl> none of my 16.04 servers are like that in a fresh setup
<scottjl> check your salt config then?
<scottjl> that's not standard 16.04 behavior
<fullstop> let me find some non-salt ones.
<sarnold> I thought we made that the default for 16.04?
<scottjl> kernel upgrades? not automatic. unless it's new with 16.04.02?
<scottjl> well at least. mine aren't doing it (thank god)
<fullstop> all of mine are
<fullstop> even non-salt
<fullstop> this kind of sucks because /boot has run out of space on many of them.
<rbasak> unattended-upgrades is enabled by default since 16.04 I think.
<rbasak> But if it causes /boot to fill up, that's bad and we need to fix that.
<rbasak> teward: looks good!
<fullstop>  /boot is pretty small with the default settings.  It can hold just a few kernels before getting plugged up, which prevents apt from really working at all until you manually get involved and clean it up.
<fullstop> If the server were restarted before it filled, I'm still not certain that old kernels would be purged.
<teward> rbasak: thanks, feel free to improve :)
<scottjl> i gave up making /boot a separate partition years ago. it's just part of /
<sarnold> /etc/apt/apt.conf.d/01autoremove-kernels and /etc/kernel/postinst.d/apt-auto-removal comments claim it can save upwards of four kernels
<sarnold> funny enough my laptop appears to have six kernels, ~300 megs of /boot and my server seven, for ~385 megs of /boot
<fullstop> sarnold: surely your laptop has been rebooted recently.  When are the old ones to be removed?
<sarnold> fullstop: you're right, rebooted 46 days ago
<fullstop> I'm only at 40. ;-)
<fullstop> but, shhh, the laptop is arch.
<nacc> teward: +1 looks good
<teward> :)
<sarnold> man I can't figure out when APT::NeverAutoRemove actually works :/
<sarnold> C++ is just so alien tome
<teward> heh
<fullstop> that makes sense if it's "alien tome" or "alien to me"
<sarnold> hehe so it does :)
<ZoomZoomZoom> Hi! Is anyone running qbittorrent-nox behind reverse proxy? I can't get it to work with lighttpd 1.4.35
<compdoc> when I ssh into my servers, they have often say they need a restart. do you think its sets to auto install security updates? how would I disable that?
<compdoc> -have
<sarnold> why?
<sarnold> I think the way to disable it is via editing /etc/apt/apt.conf.d/50unattended-upgrades
<rbasak> Or remove the unattended-upgrades package.
<sarnold> there's too many intersecting and interacting pieces :)
<compdoc> when I log in and see it in that state, it makes me wonder if I forgot to restart it the last upgrade. I upgrade them on a regular basis and just dont like seeing it in that state. and dont like stuff installed until I am there to make sure it goes well
<sarnold> you can always check uptime output to see how long it's been since the last reboot
<compdoc> too late
#ubuntu-server 2017-03-01
<PryMar56> is there dh* suite tool for grub2 updates?
<PryMar56> maybe dh_autoconf?
<PryMar56> to save the trouble of scripting it myself and crafting a package.postinstall thing
<yoink> is there a method to redirect logs collected and managed by upstart to rsyslog?
<sarnold> I didn't think upstart 'managed' logs.. do you have an example?
<yoink> sorry - rather the logs that find themselves in /var/log/upstart/
<sarnold> yoink: aha. hrm. upstart doesn't look very configurable there http://upstart.ubuntu.com/cookbook/#console-log
<yoink> sarnold: thank you. My research led me to the same cookbook recipe. :/ Time to start building our packages for 16.04 I guess! :)
<sarnold> yoink: yeah, there's more options there
<fn-2> I was wondering if anyone knows of a way to have an encrypted folder/partition/container on an openvz vps?
<sarnold> what's the goal?
<fn-2> I want to have a folder with private data that requires user input to decrypt the data if it is either unmounted or the vps/host is restarted.
<sarnold> it's just that if the domain or the kernel is cracked, it's not _really_ safe.. perhaps it'd be overlooked by hasty automated data scrapers or something, but the machine's owner really _owns_ it..
<sarnold> can you use ecryptfs from within openvz?
<sarnold> if not, how about truncating a huge file and doing LUKS on a loopback mount? is that allowed?
<temhaa> Hello
<temhaa> I decided to use lxc for virtualization at least to has contaninerized server.
<temhaa> My host machine has like 192.168.1.150 local ip. and netmask 255.255.255.0 . I think I am able to give ip from same network of host to guest.
<temhaa> Am I right
<temhaa> for example. can I assign 192.168.1.200 local ip to guest
<temhaa> And should I start from where? should I search "lxc bridge network"
<sarnold> temhaa: hopefully useful https://insights.ubuntu.com/2016/04/07/lxd-networking-lxdbr0-explained/
<temhaa> sarnold: thanks for replying. so lxc, lxd which one of them should I use?
<sarnold> temhaa: probably lxd; I think its simplified a lot of what was learned via lxc to work well vs not work well
<temhaa> sarnold: I got it
<cpaelzer> jamespage: hi, in the past to fix up bug 1495895 qemu-block-extra was added as dependency
<ubottu> bug 1495895 in qemu (Ubuntu) "Unable to attach rados block device to instances" [High,Fix released] https://launchpad.net/bugs/1495895
<cpaelzer> jamespage: I wonder if we could drop that to a recommends
<cpaelzer> jamespage: it really is not a depends and it has an -extra in its name for a reason
<cpaelzer> jamespage: Debian would go the "recommends" with me and we could drop some delta
<cpaelzer> jamespage: IMHO this should still solve all issues we had
<cpaelzer> jamespage: but at the same time allow users to install qemu without (if they want)
<cpaelzer> jamespage: since we default to install recommends we should be fine right
<cpaelzer> jamespage: Debian is integrating the recommend right now, and I want to use that next re-merge in a few days
<cpaelzer> jamespage: but an ack from you as the original reporter would be nice, to ensure there was no hidden context I don't see
<cpaelzer> jamespage: might be traveling so also highlighting coreycb and rharper who worked on that^^
<jamespage> cpaelzer: that sounds OK to me
<freakynl> Hi, (automatic) upgrades is killing my server during kernel upgrades (more specifically recreating the initramfs images) with OOM messages. Server only has 256M. Odd thing is, it also has 1G of swap and it only uses 4M of that ever. Any ideas?
<zioproto> jamespage, cpaelzer good morning
<zioproto> jamespage, we officially have a new 13.1.3 tag in the git repo for Nova
<zioproto> jamespage, I have a question, when I do `gbp import-orig` where is exactly that you download the tarball from on the openstack website ? or do you generate the tarball using the git repository of nova at the given tag ?
<jamespage> zioproto: tarballs.openstack.org is normally used as that is where all of the release tarballs endup
<zioproto> jamespage, https://tarballs.openstack.org/nova/nova-13.1.3.tar.gz
<zioproto> great
<jamespage> zioproto: the git packaging repo and the project repo are distinct
<zioproto> yes sure, the packaging repo is in launchpad
<zioproto> ok I try to do some work refreshing this nova package
<cpaelzer> thanks for the ack jamespage
<cpaelzer> freakynl: depends what your applications do with the memory
<cpaelzer> freakynl: are you interested (independent of your upgrade issue) to test to get it swapping more?
<cpaelzer> freakynl: stress-ng --vm 2 --vm-populate should give you ~512MB pressure that is swappable - in a second console you can check if it does indeed swap while these are running
<freakynl> cpaelzer: Actually have 2 of these VM's. They run powerdns and mysql which usually leaves enough room in memory. The difference is, one is running under vmware the other under hyper-v. The one under hyper-v uses much more swap and gets through the kernel upgrades just fine. Both have 256M RAM. The vmware one has 1G of swap, the hyper-v one only 512M. Both are running ubuntu 14.04.5 LTS server and
<freakynl> have little differences besides open-vm-tools on one and the hyper-v tools on the other
<freakynl> Don't get why one uses the swap for recreating the initramfs images and the other doesn't however :)
<cpaelzer> freakynl: some sort of memory balooning maybe
<cpaelzer> freakynl: it is common in virt environments to try to adapt guest sizes instead of swapping
<cpaelzer> freakynl: maybe something like that prevents it from behaving as expecte?
<cpaelzer> +d
<freakynl> cpaelzer: could very well be. Can't even run dpkg --configure -a, it will kill my SSH session and nearly every other proces on the server
<cpaelzer> freakynl: can you cat /proc/meminfo to see roughtly where mem is?
<cpaelzer> pastebinit maybe
<freakynl> cpaelzer: might be something with the open-vm-tools and the kernel, I updated the kernel to xenial on the 14.04 instances
<freakynl> Not sure what that does with the open-vm-tools
<freakynl> cpaelzer: Hmm was getting those results but had to reboot it first for fresh values, 3rd time I rebooted it, completed the upgrades now. Only 2.6M in swap now
<cpaelzer> freakynl: I read a bit, it really could be the ballooning which has issues with your too constrained system
<cpaelzer> freakynl: usually you'd rather slighly oversize a guest and balloon it down (+swap in the host if ever needed) instead of swapping in the guest
<cpaelzer> freakynl: there can be weird cases of double faults if the guest swaps in itself - onto a page that is swapped out by the host, to be swapped in by the host , ...
<cpaelzer> freakynl: so I can't blame anybody to try to avoid, but I'd think in your super small system that might cause problems
<cpaelzer> freakynl: I'm happy you could pass the update
<freakynl> cpaelzer: system runs fine when not updating :). Really doesn't do that much. 18MB mysql database + powerdns. Normally doesn't hit swap, but needs some more ram during initramfs creation. It's not swapping in the hypervisor at all
<cpaelzer> freakynl: but you might try the workload I sent and disable ballooning to see if your system could swap fine then
<cpaelzer> freakynl: depending on that insight you can then either keep it balooning but increase size or disable it or ... (whatever you choose)
<freakynl> cpaelzer: Yea I'll disable ballooning, the host has plenty of memory anyways, vmware charges for RAM assigned to VM under VSPP though :)
<cpaelzer> freakynl: I'd hope they do not charge for what is ballooned down
<cpaelzer> freakynl: I like the business case - you have to pay in your supermarket for a full cart, no matter how full you make it :-)
<cpaelzer> because you could fill it up
<freakynl> cpaelzer: well under VSPP you get charged by the memory assigned to a VM. Or more accurately the *reserved* RAM for an instance, but if nothing is reserved they'll count a minimum of 50% of the RAM. Billing is capped at 24G, so a VM with 128G of RAM would still only cost 24G of RAM. But that's the only thing you pay, no CPU's, storage, etc. They have to base it on something I guess. Flat fee per
<freakynl> instance wouldn't be doable either
<cpaelzer> yep, with that details it sounds ok
<ren0v0> hi, i just ran some updates and now mysql won't start..  systemctl just shows this   >  Failed to start MySQL Community Server.
<ren0v0> https://paste.ubuntu.com/24089202/
<ren0v0> i can't take a dump and do anything else without it
<freakynl> ren0v0: databases are under /var/mysql usually, you could take copies of those, but it's binary form. Try starting mysqld manually
<freakynl> ren0v0: might be /var/lib/mysql btw
<ren0v0> freakynl, how to start it manually ?
<freakynl> ren0v0: run mysqld as root (sudo mysqld OR sudo -i <enter> mysqld)
<lordievader> Good morning
<ren0v0> doesn't do anything
<freakynl> ren0v0: no output at all?
<ren0v0> freakynl, the only mysql process i have is  >    root      2907  0.0  0.0   9596  2604 ?        Ss   10:02   0:00 /bin/bash /usr/share/mysql/mysql-systemd-start post
<ren0v0> nope, no output at all
<ren0v0> if i kill this process above it just comes back, clearly this is some major issue with systemd
<freakynl> ren0v0: not really, systemd is supposed to watch services and restart them when they die unexpectedly which is pretty much what happens if you kill it
<ren0v0> not that specifically, the fact my whole mysql server broke when i ran updates (which i think included new systemd units)
<freakynl> ren0v0: should go away if you run: systemctl stop mysql (not sure what the service name is)
<ren0v0> yea just did that ^
<ren0v0> so, trying to find out how to run it manually,  i tried  "sudo /usr/bin/mysql" but think thats client
<freakynl> ren0v0: yes the daemon is mysqld
<ren0v0> ah  >  /usr/sbin/mysqld
<ren0v0> doens't do anything when i run it like that
<freakynl> ren0v0: should normally be in the $PATH
<freakynl> ren0v0: try backing up /var/lib/mysql and removing and reinstall mysql-server after that
<ren0v0> freakynl, would much rather get it running and take a proper dump, thats a last resort really
<freakynl> ren0v0: yes the main goal of that would be to get it running, the back-up is just in case, afaik removing mysql-server doesn't remove the databases
<freakynl> ren0v0: just a safety precaution
<ren0v0> i see ok
<ren0v0> here are some logs from syslog   https://paste.ubuntu.com/24089229/
<freakynl> ren0v0: hmm seems to have issues with the container. Did you reboot the machine after the updates?
<ren0v0> yea, i'll try it again now
<ren0v0> mysql5.7 is kept back
<ren0v0> not sure if thats related
<freakynl> ren0v0: I'd personally migrate to mariadb, usually drop-in replacement
<ren0v0> thats what i'm trying to do!
<ren0v0> but i need my DB backups first
<ren0v0> this is for zoneminder
<freakynl> ren0v0: they're binary compatible
<ren0v0> freakynl, i took a snapshot of this container luckily, when i upgraded my ZM database was gone.
<ren0v0> freakynl, ok backed up, force installed 5.7 and it works
<freakynl> mariadb or mysql?
<ren0v0> mysql
<ren0v0> now i can move onto install mariadb
<ren0v0> thanks for the help
<freakynl> ren0v0: last time I did it it was just removing mysql-server and installing mariadb-server
<temhaa> hello. I need your helps
<temhaa> I installed lxd . I started container from ubuntu
<temhaa> I want to access network of host to container. I tried bridge network but I couldnt success it
<cpaelzer> coreycb: ok, over the unrelated image issues now - verification done and bug update
<cpaelzer> +d
<cpaelzer> it seems I loose a lot of trailing "d" today :-/
<zioproto> jamespage, coreycb I was able to compile the nova package versione 13.1.3 I pushed stable/mitaka and pristine-tar branches to https://code.launchpad.net/~zioproto/ubuntu/+source/nova/+git/nova    How does it work for the merge request on launchpad ? I have to do 1 MR for each branch ? I will be testing the new package on our staging cluster. I will do the merge request when I am sure it is okay.
<jamespage> zioproto: yeah its one merge for each branch - so rather than do that I'd suggest that you just propose the review for the stable/mitaka branch, and note on the review that the upstream and pristine-tar branches will also need a review
<zioproto> great, the gbp import magic also updated the upstream branch ad added a tag, you are right
<zioproto> I am trying to setup a new machine for building and I have a problem with debcheckout
<zioproto> W: Unable to locate package nova
<zioproto> I was pretty sure I never did anything special
<zioproto> to have debcheckout download sources
<zioproto> ops, I think I am missing a lot of deb-src stuff in my list files ...
<zioproto> anyone ever had a problem like
<zioproto> gbp:error: Couldn't commit to 'pristine-tar' with upstream 'upstream':
<cpaelzer> zioproto: if the branch called upstream is not there or has a different name
<zioproto> cpaelzer, it is there
<zioproto> it is called upstream
<zioproto> that is why I dont get it
<zioproto> it gets also updated
<zioproto> but the pristine-tar does not
<zioproto> cpaelzer, I found the problem, I was missing a package calles pristine-tar
<zioproto> apt-get install pristine-tar
<zioproto> but I have no idea why this was not installed automatically
<zioproto> I had it already in another xenial system
<zioproto> coreycb, jamespage for Nova Newton the ubuntu packages are updated at nova_14.0.2 but there is already a 14.0.4 release. In this case I just import the 14.0.4 tarball and I ignore the missing 14.0.3 release ?
<zioproto> zul, ?
<coreycb> zioproto, yes that should be fine
<jamespage> zioproto: yes skipping a release is OK
<zioproto> ok great, so I will refresh and newton now
<zul> yes
<zioproto> I guess most of the work is to figure out what to drop in debian/patches
<jamespage> zioproto: headers on patches may help there
<jamespage> hopefully the answer is 'all of them' but its depends
<zioproto> :)
<zioproto> for the mitaka refresh I could not drop anything
<zioproto> diff origin/stable/mitaka stable/mitaka shows that really a small portion of the code changes
<nea1> hi, is there lately a error known with lxc + systemd (host, and container ubuntu server 16.04) - I'm getting the error 'Unexpected status from systemd "Failed to connect to bus: No such file or directory\n"' if trying to start the service I want to run in the container
<zioproto> coreycb, I sent merge requests and I assigned them to you, or is it zul working on it ?
<zioproto> Mitaka https://code.launchpad.net/~zioproto/ubuntu/+source/nova/+git/nova/+merge/318630
<zioproto> Newton: https://code.launchpad.net/~zioproto/ubuntu/+source/nova/+git/nova/+merge/318628
<zul> zioproto: im just about to upload it thanks though
<zioproto> zul, what are you uploading ? :)
<zul> zioproto; nova 14.0.4/13.1.3
<zioproto> great, so we were working on the same thing ? :D
<zioproto> well you I tested my branch on our cluster. Can you confirm you did not drop any debian/patches in this refresh ?
<zioproto> zul, it might be worth to look at MR anyways, just tell me if I am doing the thing right, I can help out with future releases
<zul> zioproto: sure
<zioproto> I am doing this upgrade Mitaka to newton, if nova works fine next week I have to upgrade cinder and neutron. I might send more patches
<zul> zioproto:yeah looks good..in the future you would need to include the bug number
<zioproto> How do I find it ? You open a LP bug when the new release is out ?
<coreycb> zioproto, for any stable update we need to add the bug number to the d/changelog according to the SRU process
<coreycb> zioproto, you can find more reading about the process here: https://wiki.ubuntu.com/StableReleaseUpdates
<zioproto> zul, I have a comment about nova 14.0.4
<zul> zioproto: basically https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1668313 and https://bugs.launchpad.net/ubuntu/+source/ceilometer/+bug/1664306
<ubottu> Launchpad bug 1668313 in nova (Ubuntu) "[SRU] mitaka point release" [Undecided,Confirmed]
<ubottu> Launchpad bug 1664306 in swift (Ubuntu Yakkety) "newton stable SRU releases" [Undecided,New]
<zul> zioproto:  is it about the certificate warning?
<zioproto> zul, no it is about commit 1ad5c7305c37079ced24bf623810e63d5eac2661
<zioproto> it is 1 commit on top of release in the nova upstream
<zioproto> I had to workaround my nova database
<zioproto> so I am not sure if you are safe with bug #1668310 with the current 14.0.4. You might want to cherry-pick this in debian/patches
<ubottu> bug 1668310 in OpenStack Compute (nova) ocata "PCI device migration cannot continue with old deleted service records" [High,Fix committed] https://launchpad.net/bugs/1668310
<zul> zioproto: loking
<zioproto> I managed to have that commit in the release for stable/mitaka, but there was not a release for stable/newton
<zioproto> I would check with Dan Smith if it is safe to run without that patch
<zul> zioproto: should already be in the 13.1.3
<zioproto> yes it is, but it is not in 14.0.4
<zul> ok ill have a look
<zioproto> basically after you upgrade from 13.1.3 to 14.0.4 you have a regression on
<zioproto> 1668310
<zul> coreycb/jamespage/zioproto/anyone else: mitaka uploaded pending ubuntu-sru
<zioproto> zul, LGTM
<frickler> zul: as you didn't respond earlier, can you confirm that you saw my two issues regarding new Newton pkgs? https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1668676 https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1668578
<ubottu> Launchpad bug 1668676 in nova (Ubuntu) "Newton package needs to bump dependency on python-rfc3986" [Undecided,New]
<ubottu> Launchpad bug 1668578 in neutron (Ubuntu) "Newton package needs to bump dependency on python-pecan" [Undecided,New]
<zul> frickler: sorry  i had the day off yesterday
<frickler> zul: np, thats why I'm bringing it up again ;) just wanting to avoid you having to make double releases
<jayjo> I'm trying to start a service (systemd unit file) so I can have jupyterhub - an ipython tool - to run a server constantly. I followed these steps https://github.com/jupyterhub/jupyterhub/wiki/Run-jupyterhub-as-a-system-service but when I do sudo service jupyterhub start - i get no error or output whatsoever, but the server is not running. How do I investigate this further?
<jayjo> How can I check if a service is running properly?
<madwizard> systemctl status service.name
<madwizard> Â£
<madwizard> I would try that
<jayjo> madwizard: service.jupyterhub.service, Loaded: not-found (Reason: No such file or directory),    Active: inactive (dead)
<madwizard> jayjo: try systemctl alone and search for jupyterhub
<madwizard> Maybe the name is different
<madwizard> I epect its jupyterhub.service rather that service.jupyterhub.service
<axisys> server is stuck at here http://dpaste.com/0AK3DZD while rebooting from console. Is there a way to break this from console?
<axisys> it rebooted almost all the way and all other services seems started.. but no network yet.. so cannot ssh to it either
<patdk-wk> axisys, have to know what is starting up after that
<patdk-wk> sounds like some service is stuck on wanting networking, but didn't specify so it was started before
#ubuntu-server 2017-03-02
<DammitJim> is heartbeat still pretty popular to set up a high available load balancer like nginx or haproxy?
<JMichaelX> just upgraded server from trusty to xenial tonight, and mpd seems to no longer be working... at least it is not outputting sound. has anyone else here experienced this?
<ball> Does Ubuntu Server support running from a software RAID mirror?
<ball> (will it let me create one for the installation?)
<jayjo> if I'm trying to get a service to start and run on reboot (a systemd until file), and I've put the file in /etc/init.d/ - what are the remaining "steps"?
<sarnold> jayjo: I think you need to make multiuser.target or something "want" the file too
<sarnold> jayjo: search for multi-user.target on https://wiki.ubuntu.com/SystemdForUpstartUsers for the short version
<lordievader> Good morning.
<sileht> </1
<leeyaa> hello
<leeyaa> I have one Ubuntu Dapper server that I really need to upgrade to a non EOL release. (I need to keep it the way it is as I can't convert it or migrate it). is it still possible somehow to upgrade from dapper, to hardy, to precise and so on ?
<leeyaa> I remember last year I did it for another server, but it is no longer working this way
<DammitJim> I am so confused... for Ubuntu 16, do I need to be using systemd, upstart or else?
<ogra_> DammitJim, systemd
<DammitJim> thanks ogra_
<DammitJim> man, what a mess... one upgrades one thing and all of a sudden, the project is huge!
<DammitJim> it's my mess, though... not Ubuntus
<coreycb> jamespage, beisner: newton-proposed is ready to promote to newton-updates when you get a chance please
<beisner> coreycb, jamespage - have we run the default.yaml against newton-proposed?
<coreycb> beisner, no, just next.yaml
<beisner> coreycb, we need to run against the stable bundle for -updates moves
<coreycb> beisner, sure i can do that.  fwiw with release last week the charms hould be basically the same right now.
<beisner> coreycb, true enough.  but i think we need to see stable bundle tests for stable package updates as a matter of course.
<coreycb> beisner, yep agreed
<coreycb> beisner, i'll holler back
<coreycb> zul, can you look into sponsoring Frode's patches in the mitaka stable release of horizon? bug 1666827
<ubottu> bug 1666827 in horizon (Ubuntu Xenial) "Backport fixes for Rename Network return 403 Error" [High,Triaged] https://launchpad.net/bugs/1666827
<zul> coreycb: yep
<coreycb> zul, thanks, i updated the bug a bit.  one of the patches is included in the latest stable release.
<drab> eeer, why is lxd depending on dnsmasq?
<drab> anybody around here managing the packaging of lxd?
<jgrimm> stgraber, ^^
<sarnold> wild guess, so there's something around on the bridge to do dhcp
<stgraber> yup, lxd uses dnsmasq for dhcp and dns on its networks
<drab> yeah, that's the intention, and maybe I'm missing something
<nacc> drab: yes, in the default configuration, dnsmasq is spawned
<drab> but I already have dnsmasq runnign elsewhere and want that to provide ips for containers
<nacc> drab: then you need to configure lxd for that (aiui)
<drab> yeah, I will, the thing is, I wanted to get rid of dnsmasq on that host, don't like keeping stuff around I don't need
<drab> but I can't because lxd depends on it
<drab> guess I can just /etc/default disable it
<drab> and prevent it from starting
<stgraber> LXD depends on dnsmasq-base not dnsmasq
<stgraber> dnsmasq-base doesn't have an init script so won't start the system service if you configure LXD to use another bridge
<drab> oooh, I had missed that, thank you very much for clarifying, appreciate the help
<sarnold> drab: btw there's an 'equivs' package that can fake up packages for the cases when you absolutely don't want a dependency. All the usual warnings about 'you get to keep both pieces' apply of course :)
<stgraber> sarnold: yeah, not going to work so well with LXD as the daemon does dependency checking on startup and will just fail to start :)
<sarnold> stgraber: hehee :D
<sarnold> apparently you've met people like me before..
<stgraber> yeah, we don't like surprises :)
<jgrimm> sarnold, neat; i didn't know about that. thanks
<drab> sarnold: thanks, will keep that in mind
<drab> I'm getting pretty confused here and #linuxcontainer doesn't seem to be up...
<drab> I've installed lxd
<drab> various guides ref /etc/default/lxd-bridge, which no longer exists
<drab> there's instead a /etc/default/lxd-bridge.upgraded , which I guess is ok. that file references a bridge called lxdbr0
<drab> notice the d
<drab> however after installing from pkgs lx*D*
<sarnold> drab: hopefully helpful https://insights.ubuntu.com/2016/04/07/lxd-networking-lxdbr0-explained/
<drab> I've ended up with a bridge called lx*c*br0
<drab> so that seems inconsistent or maybe I'm missing something
<nacc> drab: i think that's because the new package doesn't setup the bridge there anymore?
<drab> the bridge is up
<nacc> drab: the .upgraded is a debconf/dpkg thing
<nacc> drab: lxcbr0 is for lxc1
<nacc> drab: what ubuntu are you on?
<drab> by default after installing the pkgs I end up with a bridge, altho that's not associated with any interface as far as brctl is concerned
<drab> xenial
<drab> I installed lxd from the stable ppa, running 2.10
<drab> maybe I had left over lxc's stuff from the default install?
<drab> which would also explain why it seems lxd provices a sinble lxc binary but I still have an awful lot of lxc-something bins around
<nacc> lxc- is for lxc1
<drab> k
<drab> so yeah, guess I have leftovers to clean up
<drab> or not, lxd depends on lxc1
<nacc> it depens on liblxc1 afaik
<nacc> and lxd-client (which provides `lxc`)
<drab> oh you'r right, I was apt-get remov'ing too much and catching liblxc1
<drab> oh, that lxc bridge is gone
<drab> ok now it's a lot clearer, thank you, I couldn't tell what belonged to what anymore
<drab> guess I should bootstrap from mini
<drab> ok, one more questions, I went through the init which configured the bridge and that's great
<drab> I assumed, I geuss incorrectly, that those values would be saved in /etc/default/lxd-bridge.upgraded
<nacc> drab: /etc/default/lxd-bridge.upgraded is just a backup of what was in /etc/default/lxd-bridge on the update
<nacc> see /usr/lib/lxd/upgrade-bridge
<drab> ok, somehow I don't have /etc/default/lxd-bridge
<nacc> drab: it uses 'lxc network' now
<nacc> drab: right, you shouldn't with 2.10
<drab> ah, ok
<drab> so where's all the config stuff stored? I couldn't find it in /var/lib/lxd
<drab> and there doesn't seem to be any /etc/lxd/
<drab> I'm assuming lxd init wrote that stuff somewhere
<nacc> drab: i think it's the lxd database now, but i'm not sure
<drab> k
<drab> thanks
<nacc>  /var/lib/lxd/lxd.db
<nacc> stgraber: --^ ?
<drab> yeah, sqlite, looks like it
<skylite> will my disk I/O will be faster if I use ex. 6 disks in raid0? How much faster it would be?
<nacc> skylite: using raid doesn't change the speed at which your disks read or write. I think you want to rephrase your question to be more specific. Also "faster" is sort of vague. Do you mean read IOPS? write IOPS? throughput? latency? etc.
<skylite> nacc: im trying to run 10 vm's in a dell server for my students but the vms are too slow.  I think the bottleneck is disk speed
<skylite> since the whole thing is runing under 2 hard disks and its not in raid
<skylite> I think if I put more disks and put them in raid It would be faster. not super fast but not painfully slow
<nacc> skylite: reads will get faster with raid0 (depends on the benchmark as to how much) but i believe writes will get slower
<nacc> skylite: aiui, if your concern is speed, then raid is not exactly the solution -- get better disks :)
<nacc> skylite: but RAID0 implies risking your data as well, on single disk faliure
<nacc> *failure
<nacc> skylite: err, taking back that write comment, it should speedup writes too
<nacc> skylite: how are you determining the IO speed is the bottleneck?
<skylite> nacc: I just know :D just imagine 10 vm runing on the same disk
<skylite> I got 20 gigs of ram and 2xIntel(R) Xeon(R) CPU           E5410  @ 2.33GHz
<drab> raid0 will improve reads and writes, but yeah, you're playing russian roulette with your data
<drab> if you cannot get better disks there's a couple of choices
<beisner> coreycb, belated ack & thanks :)
<drab> one way would be to create a ramdisk, if you have enough ram, and load the OS to ram adding some partition on the disk for persistance
<drab> I've tried this in the past and ime it's really convoluted, but that's fundamentally what they do with squashfs for liveISOs, so it's doable
<skylite> aah no I need the ram for the vms its barely enough
<nacc> skylite: also, your IO controller may start to factor in at the scale you want
<skylite> but data loss is absolutely no problem
<drab> the other option would still require buying new hw, but cheaper maybe, by using a cache disk
<nacc> skylite: as in, yes, you'll get data striping, but you're not guaranteed to get the striping you want, afaik
<drab> this is what I do for my nas with zfs and it works pretty well
<drab> but you can also use dm-cache
<nacc> skylite: so it's still possible (albeit perhaps unlikely) to get VMs on the same stripe, so still IO bound on that disk
<nacc> *VM data
 * nacc hasn't setup a RAID in a while, so maybe talking out his you know what
<drab> what you might do if yuo know your number of VMs before hand is to partition the disk, one part for VM, and stripe those and tehn assign the md to the VM
<drab> not very flexible but shuold solve the problem nacc is mentioning, which is possible altho not necessarily an issue
<skylite> Im thinkig about using dell raid so I can save cpu time from the host and the VMs
<drab> since it doesn't really matter where the VMs are, what really bites you on spinning drive is seek time
<nacc> drab: good point, seek time is not helped by RAID0 (afaict)
<drab> nope, that's just hw, nothing to do there
<nacc> skylite: dell raid being BIOS raid or a dedicated controller?
<skylite> bios raid I think
<nacc> skylite: generally, fake RAID is not worth it, and you either should jsut use swraid via mdadm or a dedicated controller
<drab> so that's fake raid
<nacc> i don't know the specifics for that controller
<skylite> usually i would also use swraid but I think it would save cpu time if I used hwraid
<skylite> its a dell pe2900 btw
<drab> is your time worth money to the school? because they are going to spend less by financing a $40 SSD tahn paying your for all the hrs to try to make this faster when it really has little chances to
<drab> I mean it's just to learn stuff, an ubuntu VM won't need to be more than 15GBs even with lots of goodies on it
<skylite> drab: the server is mine I just offered it to the school so we can play with it
<drab> 10 VMs is 150GB, plus host, a 250GB SSD will do
<drab> and that's maybe $80
<skylite> hm yea
<drab> got it, up to you, I've learned the hard way to spend less on aspirins than hw :P
<drab> altho these days I'm primarily volunteering for NGOs and it's all about $0 budget
<skylite> but I would try with the raid0+old 1TB HDDs first
<drab> sounds good
<drab> if data loss isn't a problem you may even toy with the sync timings
<drab> so that data is flushed to disk less often, that might give you a boost
<axisys> server gets no network but when boot using a live CD network works
<axisys> so may be something wrong with network driver?
<axisys> is there a way to fix network driver on OS while on live CD?
<drab> what hw is it? quite unusual for drivers to be missing
<drab> you can get a shell and check tho
<axisys> drab: I am on live CD and have a shell
<drab> ok, what does lspci say? or lshw -C Network if it's installed
<drab> can you see the card?
<axisys> drab: http://dpaste.com/3W0QZEA
<drab> ok that broadcom card, so the system sees it
<drab> what's the output of ifconfig -a ?
<axisys> http://dpaste.com/0N5M7GN (sanitized)
<drab> especially the intels nic should work out of the box with the e1000 module
<drab> no reason not to, and they are listed as compatible in that module
<drab> ok, so they are all there
<drab> and enp0s10 even has an ip
<drab> why are you saying you have no network?
<axisys> hardware works.. I am on the network
<axisys> drab: when boot from OS
<axisys> drab: when boot from OS, it does not get netowkr
<drab> oh, I see. likely not a driver problem, probably an /etc/network/interfaces problem
<drab> wrong nic set to auto, and the others aren't brought up or something
<drab> if you boot from the OS and run ifconfig -a do you see  diff output?
<drab> I'd boot from OS and repeat those two commands
<drab> if you see the itnerfaces as in this case you hve no driver problem
<axisys> ok.. let me do that..
<drab> and just a config problem, likely like I said /etc/network/interfaces pointing to the wrong one
<axisys> what is the command to eject the cd and reboot?
<axisys> eject; reboot ?
<axisys> it might suck the cd back in
<axisys> I can go to the lab and take the cd out otherwise
<genii> eject -T
<axisys> http://dpaste.com/0S5NN5G
<axisys> did not work
<genii> But yes, if the tray is out when it restarts, usually it sucks it back in during bootup
<axisys> I will just do it from the lab..
<axisys> give me a sec..
<drab> https://github.com/lxc/lxd/blob/master/doc/storage-backends.md
<drab> this page says "Restore from older snapshots (not latest)" on ZFS is no
<axisys> Please remove the installation medium, then press ENTER:
<drab> am I understanding that right that I cannot restart from any arbitrary snapshots on zfs?
<drab> less concerned about no nesting, but no arbitrary snaps is kind of a prob
<axisys> drab: mac address changed on me after last kernel update
<axisys> needed to chage it to eth3 and it is working now
<axisys> I wish I could call it eth0
<drab> you can, just create /etc/udev/rules.d/70-my-net-names.rules
<drab> and put SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:xx:xx:x...", NAME="whatever_you_wanna_call_it" in it
<drab> and it'll match the mac to the name and call it like that
<drab> you probably have alreadya  bunch of lines in it, which is why it's picking eth3
<drab> so in theory you could also just remove the old/other mappins and it'll pick up eth0 next reboot
<drab> axisys: ^^^
<axisys> drab: oh you mean by removing that file? gotcha
<axisys> drab: thanks a lot!
<drab> axisys: not removing the file, editing
<axisys> drab: gotcha
<drab> you will likely have entries in it that aren't being used or something, I can't tell, prolly because you have 3 interfaces
<drab> so likely eth0 and 1 or whatever have been assigned to those
<drab> or you had other cards in it and maps were left over
<ruben23> guys any help i have installed ubuntu server 12.04.5 LTS 64 bit but when i do this command ------> apt-get update && apt-get upgrade && apt-get install linux-headers-server <----------------- getting this error --> http://pastebin.com/rTCVncYb
<ruben23> any idea guys
<nacc> ruben23: the errors are pretty clear
<nacc> ruben23: it can't find the repository you've configured
<ruben23> nacc:: how  do i reslved this somehow or workaround please
<ruben23> please help
<nacc> ruben23: why did you configure your system to use that repository?
<nacc> ruben23: you can presumably use the default repositories instead, if you want
<ruben23>  nacc: how to usd the default repo..?
<ruben23> i want to used the default somehow
<ruben23> nacc:: please help, any idea
<sarnold> ruben23: deb http://archive.ubuntu.com/ubuntu/ precise main universe  \n deb http://archive.ubuntu.com/ubuntu/ precise-security main universe \n deb http://archive.ubuntu.com/ubuntu/ precise-updates main universe
<drab> urm, ok, I finally got to start the first container, and its fs is not created in the zfs pool.. mighty confused
<drab> I did lxd init and picked zfs and it says it has it
<drab> lxc storage list shows the correct thing
<drab> (tank0/lxd)
<drab> and the default profile shows "default" as "pool", which is what the zfs name is
<drab> so everything matches
<drab> but when starting an new instance there's nothing in tank0/lxd and files appear in /var/lib/lxd/containers
<drab> am I missing something?
<sarnold> check both the global template and the configuration for that specific container
<drab> urm, I ran mount just on a hunch and...
<drab> tank0/lxd/containers/x1  899G  752M  899G   1% /var/lib/lxd/storage-pools/default/containers/x1
<drab> tank0/lxd/containers/x1 doesn't even exist...
<drab> there's nothing under tank0/lxd, it's an empty dir
<drab> oh, urm
<drab> I guess I thought I wasn't giving a path when I did lxd init, but it sounds like I should had...
<drab> the storage profile source is tank0/lxd
<drab> could it be that should have been /tank0/lxd ?
<drab> like mount point
<sarnold> good question. I'd expect if it knew you were configuring zfs to use a dataset path rather than a directory path
<drab> yeah, that was my guess, but as output of mount tank0/lxd makes not sense, ie a rel path
<drab> urm maybe there's something else I don't get about zfs
<drab> I have these too in mount tank0 on /tank0 type zfs (rw,relatime,xattr,noacl)
<drab> so tank0 I guess is valid
<drab> tank0/lxd on /tank0/lxd type zfs (rw,relatime,xattr,noacl)
<drab> or maybe that's screwed too
<stgraber> drab: zfs list -t all
<stgraber> drab: LXD will create filesystems under the dataset you told it about, but it will ALWAYS mount them under /var/lib/lxd/storage-pools/NAME/...
<stgraber> drab: so if you see lxd/* entries in "zfs list -t all", then LXD is using your zpool just fine, it's just not using your zpool's default mountpoint for its filesystems
<drab> that actually looks ok (output of zfs list): http://dpaste.com/05SNTDW
<stgraber> (and in fact, only mounts just the bits it needs, keeping the rest unmounted to avoid stressing the kernel needlessly)
<drab> thank you for explaining, very useful
#ubuntu-server 2017-03-03
<WebDevB> Could anyone help with this? http://stackoverflow.com/questions/42568194/fresh-lamp-setup-old-cakephp
<drab> lol, spent the entire day on it without making the connection...
<drab> stgraber: thank you so much for writing that series of posts, they have been basically the best ref for lxd so far
<drab> on that page I linked earlier it says that nesting is not supported on ZFS, but to run Docker inside a container it says it needs nesting. Does it mean no docker in lxc on zfs?
<sarnold> what storage engines does docker do these days? can you do "plain old dumb directory" thing? that might work
<sarnold> or does it only have fancier things like zfs and overlay?
<drab> the problem isn't docker tho, the rpoblem seems to be my requirement to use ZFS as a backend and that backend not supporting nesting
<drab> altho I guess I could carve out an exception, ie a partition on the disk, and convert that to lvm or something and start the container for docker stuff there, but it's not very practical
<sarnold> I really hope we get zfs delegated authority sometime soon. that'd be so much omre convenient..
<drab> in any case, this lxc stuff is pure gold, I wish I had got on it a while back, would have saved me a lot of time over virtualbox, altho tbh it hasn't been that bad with snapshots
<drab> sarnold: it'd be good to also get the ability to restore to any wanted snap, that seems also not possible according to that page
<drab> ie can only restore from last snap, which I don't get why, but maybe I shoud just try it :)
<drab> the other thing I haven't figure out is this macvlan business
<drab> it works, but I can't ping the host, which is expected. I read you can also put the host on a macvlan, but haven't figured out how
<drab> and some macvlan tutorials talk about creating a macvlan interface on the host as if it was a bridge, but lxc works already with it and no such interface was created
<sarnold> drab: that's a surprising limitation of zfs -- you have to destroy the other snaps in order to get to the older one... I've never tried, but it might work, to clone the older snap and use that instead.
<drab> yeah, I'll test, I'm still new to both things
<drab> it just seemde to be the right tech to invest on to rebuild this VM host / NAS
<drab> and so far I'm hella pleased with the results
<drab> these are really just minor inconveniences that can be worked around
<drab> mainly need to figure out the macvlan stuff and backups, apparently sending zfs snapshots won't work
<drab> but not too sure, haven't read/experimented with that part yet, just seen some blog posts floating around about it
<drab> bbl
<sarnold> drab: have you seen this yet? https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/
<Genk1> Hello
<Genk1> Is it normal to have one root password for each server ?
<Genk1> I want to manage my servers via software provisioning system but they seems to only  adhere to the idea of 1 password for all servers
<ronator> hi. how come systemd has different proc names then 'ps'? I was looking for php-fpm, but only systemctl told true proc name php-fpm7.1 - 'ps -aux' shows different names? is that supposed to be normal? what's the replacement to 'ps' though since I cant rely on the names it outputs ...
<ronator> ps aux | grep php-fpm -> "php-fpm: pool www"
<ronator> but with sysctl ->  Main PID: 828 (php-fpm7.1)
<ronator> systemctl sry
<zioproto> zul: are you here ?
<jamespage> zioproto: you're a bit early for him right now - he's based in canada
<zioproto> :)
<zul> zioproto: here now
<zioproto> hello zul
<zul> zioproto: whats up
<zioproto> the nova xenial packages
<zioproto> 13.1.3
<zioproto> are out ?
<zul> nope not yet....they still need to be accepted by the SRU team
<zioproto> ok
<zioproto> there is a queue in launchpad to monitor ?
<zul> zioproto: not that i know of
<frickler> zioproto: zul: https://launchpad.net/ubuntu/xenial/+queue?queue_state=1&queue_text=
<zul> frickler: thanks
<zul> coreycb: huh? https://bugs.launchpad.net/bugs/1669766
<ubottu> Launchpad bug 1669766 in Ubuntu Cloud Archive "Keystone version package for Ocata" [Undecided,Incomplete]
<coreycb> i assume he's missing an apt update
<mandrake> buona sera
<mandrake> !list
<ubottu> mandrake: No warez here! This is not a file sharing channel (or network); read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â». If you're looking for a channel, see Â« /msg ubottu !alis Â».
<iGeni> how do i auto start /usr/local/bin/supervisord -n -c /etc/supervisord.conf  with ubuntu 16.
<iGeni> i made a file in /lib/systemd/system named systemd-supervisord.service  with content https://dpaste.de/Ji9X
<iGeni> but that aint working
<coreycb> beisner, pyeclib and liberasurecode1 are ready to promote from newton-proposed -> newton-updates
<iGeni> also tried as supervisord.service
<sonu_nk>  hi i am facing issue with roundcube. https://paste.ubuntu.com/24102633/
<sonu_nk> dpkg: error processing package roundcube (--configure):
<sonu_nk> hi i want to install mail server on my ubutnu 16
<sonu_nk> and need you help
<compdoc> an entire mail server? or do you just need to send some notices?
<sonu_nk> compdoc: entire email server...
<sonu_nk> compdoc: can you help me in this insallation?
<compdoc> I use a distro thats ready made, and run it as a kvm guest. You probably want sendmail to install on ubuntu
<sonu_nk> first i need to install postfix...
<sonu_nk> right
<compdoc> err, postfix - yess
<frickler> zul: can you also add horizon to https://bugs.launchpad.net/ubuntu/+source/ceilometer/+bug/1664306 for completeness? I saw that you created a new build and pushed to yakkety already
<ubottu> Launchpad bug 1664306 in swift (Ubuntu Yakkety) "newton stable SRU releases" [Undecided,New]
<zul> frickler:done
<drab> sarnold: yep, thanks, that was pretty much my intro to zfs
<drab> one of the best guides I found
<drab> sarnold: the other one that's really good, as an intro, is from freenas: https://forums.freenas.org/index.php?threads/slideshow-explaining-vdev-zpool-zil-and-l2arc-for-noobs.7775/
<drab> it has *a lot* of good stuff in it, and not just theory, lots of practical stuff from direct experience
<drab> unfortnuately in neither I see an answer to my questions ;)
#ubuntu-server 2017-03-04
<drab> bah, still stuck on this macvlan thing. I've read all the links I could find, including stgraber's comments but still not joy, unclear what I'm doing wrong: https://github.com/lxc/lxd/issues/1343
<drab> https://lists.linuxcontainers.org/pipermail/lxc-users/2010-July/000557.html
<drab> that in theory seems pretty clear...
<drab> basically add a macvlan interface on the host and have the containers use that as parent with a macvlan bridge type
<drab> makes perfect sense, but then no joy
<drab> only thing I know that looks fishy is that lxc network show doesn't show mvlan0
<drab> even tho my container is using it and it works (can get an ip, ping etc)
<sarnold> drab: pastebin your /etc/network/interfaces and lxd configs and maybe someone can spot it?
<stgraber> drab: what are you trying to do? use macvlan for your containers and still allow them to talk to the host?
<drab> http://dpaste.com/0G594NT
<drab> stgraber: yes
<drab> which yuo commented on in that github issue and on the ML
<drab> and I think I'm doing what you saif, but I can't get it to work
<drab> the only thing that seems suspicious is the fact that lxc network list does not show mvlan0
<drab> only eth0
<drab> and if I try to do lxc network create mvlan0 I get an error that it already exists
<stgraber> drab: your setup looks wrong
<stgraber> you should have:
<drab> ok, great
<stgraber>  - eth0: unconfigured (which seems fine)
<stgraber>  - mvlan0: macvlan on top of eth0, configured with your host's IP (which seems fine)
<stgraber>  - containers: macvlan on top of eth0 (that's wrong in your setup)
<stgraber> so set parent to eth0 for your containers and that "should" fix the problem
<drab> ah
<stgraber> macvlan devices can never talk to their parent, they can only talk to the outside and to their siblings
<drab> right, which is why I set the parent to mvlan, I was hoping to be able to ping eth0 of the host
<drab> but that didn't work
<stgraber> oh, I missed that, your eth0 is also wrong indeed
<drab> since the eth0 of the host is what is in dns and nodes will try to raech
<stgraber> your eth0 should be completely unconfigured. What used to be on eth0 should be moved to mvlan0. And then all containers should set parent=eth0
<drab> oh, so that's basically the same thing you'd do with a bridge then
<stgraber> yep
<drab> I thought the point of mvlan was that I didn't need to touch eth0, but guess that's true only if I don't care about host/guest ping
<drab> well, point, easier to setup, fewer things to muck with
<stgraber> right, you don't need to touch eth0 so long as you don't need to talk to it
<stgraber> which is the case for a lot of people
<drab> is there still a point in macvlan then? just the supposed better perf from container to container?
<drab> assuming you wanna talk to the host
<drab> that is
<stgraber> there should be a bit more hardware based optimization for macvlan than for standard bridges but bridge+veth is also a much more tested setups so unless you need to squeeze every bit of performance, I'd recommend bridging
<spat> Can someone tell me how it is possible to have a disk that is 54% full and complain there is no free space?
<alkisg> what's the output of df -h, and the exact message of disk full?
<cncr04s> your inode space could be full
<tsimonq2> spat: What FS are you using?
<spat> ext4
<spat> cncr04s: how can I check that?
<cncr04s> df -i ?
<cncr04s> yep
<spat>  df -i
<spat> Filesystem     Inodes  IUsed  IFree IUse% Mounted on
<spat> devtmpfs       505187    378 504809    1% /dev
<spat> tmpfs          505610      1 505609    1% /dev/shm
<spat> tmpfs          505610    499 505111    1% /run
<spat> tmpfs          505610      3 505607    1% /run/lock
<spat> tmpfs          505610     16 505594    1% /sys/fs/cgroup
<spat> tmpfs          505615      4 505611    1% /run/user/5701
<spat> sorry should have pastebinned that
<cncr04s> you only appear to have tmpfs and no actual /
<spat>  /dev/root      655360 655172    188  100% /
<cncr04s> ah, yep thats all i needed
<cncr04s> your at 100%
<spat> didnÂ´t print because of the /
<spat> yep noticed that as well
<spat> how can I see where they are used?
<cncr04s> your using 655,000 files somewhere
<cncr04s> du -hc /
<genii> Almost always it's /var/log or /var/spool
<tpw_rules> on my 16.04LTS server openvpn doesn't start correctly on boot. its service is enabled with my config and it starts great when i do systemctl start after boot has finished. here are the logs: http://pastebin.com/tDHKnUS7 top is after boot, bottom is after running "systemctl start openvpn@server-tcp"
<tpw_rules>  /join #openvpn
<patdk-lp> did you, systemctl enable openvpn, and systemctl enable openvpn@server-tcp.service, assuming your config is called for openvpn /etc/openvpn/server-tcp.ovpn or /etc/openvpn/server-tcp.conf
<tpw_rules> patdk-lp: yes
<tpw_rules> which is how i get the first part of the log i pasted
<drab> stgraber: can you comment on the nested container issue and zfs? am I understanding correctly that the combination won't work?
<drab> https://github.com/lxc/lxd/blob/master/doc/storage-backends.md
<drab> that page suggests that nesting is not supported with ZFS backend
<drab> and I need directory storage or btrfs
<drab> but maybe I'm missing something
<DK2> what could a soft lock up cpu stuck indicate to?
<DK2> im getting kernelpanics with this error
<ikonia> hardware error
#ubuntu-server 2017-03-05
<patdk-lp> dk2, you have issues, or if it's a vm, heh, something isn't right
<hhee> good time. how can i set bash to show full hostname in prompt? right now i have, for example - name@ubuntu:~$  --but i need name@ubuntu.zone - in /etc/hosts and /etc/hostname - already ubuntu.zone
<Killerup> hello
<pmatulis> hello
<Troupal> hello!
<Troupal> Someone know what distro I can use for a serveur web + media/dlna + nas ? And if I can make a server with the 2 part (nas/media/dlna + web/mail/irc) separated (nas on private network, not on Internet) ?
<Troupal> Sorry for my English ^^
<Troupal> There is nobody here?
<odc> weekends are always quiet
<odc> Troupal: you can do that with any linux distribution
<odc> you just need to learn how to do it ;)
<Troupal> odc: exactly!
<Troupal> But I hope I can do that with a respecable level of security.
<odc> ubuntu would be a good fit for a NAS because it now supports ZFS
<odc> will you run php on your web server ?
<Troupal> And you know if it's easy to do nas and web server with the nas totaly broken of Internet?
<Troupal> Maybe not, Ruby.
<odc> good
<odc> i suppose your server is behind a router?
<odc> like a freebox?
<Troupal> Yes, orange.
<odc> je vois
<Troupal> Tu es franÃ§ais?
<odc> so no problem, your box will protect your server
<odc> it's like a firewall
<Troupal> With the redirection of port or juste firewall ?
<odc> you don't need to make "2 parts"
<Troupal> *just
<odc> yes
<Troupal> Ok, so, it's perfect! =)
<odc> if you want more protection, put your we suff in a VM or a (well configured) container
<odc> web*
<Troupal> And I'm on Manjaro, I think a rolling release is better for nas and version of the software, but for the security, what is better?
<odc> hm
<odc> i should be equivalent since Ubuntu backports security updates
<odc> you can keep manjaro if you think it will be easy to maintain over several years
<Doow> I have a dedicated server for a game that I'd like to keep running all the time. Does it make sense to write a systemd service wrapper for it, or should I follow some other path? (at least one tutorial suggests using screen). The game is not mine, and I don't have access to the source.
<sarnold> Doow: screen makes sense if you ever need to interact with it
<sarnold> Doow: otherwise I'd write a systemd service file for it
<Doow> sarnold: thanks =)
#ubuntu-server 2018-02-26
<lordievader> Good morning
<Jeffrey4l> where is the packaging source code for ubuntu cloud archive repo?
<ktosiek> Is there any tool for managing upgrades for multiple servers other than Landscape and apt-dater?
<ktosiek> I'd love to have a workflow where I can see upgrades per package, and then apply them to specific groups of servers
<yeats> ktosiek: puppet? ansible? (totally different approaches, each requiring forethought and up-front configuration setup)
<ktosiek> I'm using Ansible for some hosts, but I could use a nice package-oriented dashboard :-)
<patdk-lap> ya, ansible and puppet/chef are backwards on how they think
<rbasak> patdk-lap: how do you think they should think?
<patdk-lap> I don't understand how that has to do with anything
<patdk-lap> that is like asking me, how linux and windows should work
<patdk-lap> they are two totally different things designed for different purposes
<rbasak> I thought you were making a general statement.
<patdk-lap> I did
<patdk-lap> puppet/chef conforms a system to a model you define
<patdk-lap> ansible conforms the app to the system
<rbasak> Oh
<patdk-lap> they work backwards
<rbasak> "ya, (ansible) and (puppet/chef are backwards on how they think
<rbasak> Uh
<rbasak> "ya, ((ansible) and (puppet/chef)) are (backwards on how they think)
<rbasak> Is what you meant.
<rbasak> "ya, (ansible and puppet/chef) are (backwards on how they think)
<rbasak> "
<rbasak> Is what I thought you meant.
<rbasak> I follow now :)
<xnox> rbasak, hey, php7.1->7.2 transition is done, however php7.1 cannot yet be removed because there are packages that depend on the removed php-mcrypt (no longer provided by php7.2)
<xnox> rbasak, do you know if anybody knows how php packaging works, to potentially package this https://pecl.php.net/package/mcrypt standalone php mcrypt library?
<rbasak> xnox: nacc was talking about that on Friday
<xnox> rbasak, ah, cool. Is he going to do it?
<rbasak> He had some options in mind I think.
<rbasak> I'd rather wait for him than relay his opinions badly :)
<xnox> ok
<xnox> i'll try to catch up with him.
<cpaelzer> smoser: hi on your open-vm-tools question
<cpaelzer> smoser: is that because you still assume that privateTmp is not what triggers the bug?
<cpaelzer> and you'd be interested to see what actually fails (via the strace) ?
<smoser> cpaelzer: yeah, i was going to see strace.
<smoser> i'd rather actually know what is the problem.
<smoser> if it is privatetmp, then we need to file a bug on systemd
<smoser> but i suspect it is not
<smoser> so i'd like actual reason for failure.
<cpaelzer> smoser: ok, so my assumption what you were after was correct at least
<cpaelzer> trying to get some data on it
<cpaelzer> ...
<cpaelzer> smoser: it is a systemd issue
<cpaelzer> smoser: I updated the bug with some more details that would flood the chan
<smoser> cpaelzer: local-fs.target is no where near the same thing as a dependency on private tmp
<smoser> local-fs.target means a dependency on /opt/some/path if /opt/some/path is in /etc/fstab.
<xnox> smoser, note that PrivateTmp= generates implicit dependencies already - Similar, units with PrivateTmp= enabled automatically get mount unit dependencies for all mounts required to access /tmp and /var/tmp
<xnox> https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Implicit%20Dependencies
<xnox> one more obscure "helpful" systemd feature.
<nacc> heh
<smoser> xnox: yes.
<smoser> as figured out https://bugs.launchpad.net/ubuntu/+source/open-vm-tools/+bug/1750780
<ubottu> Launchpad bug 1750780 in open-vm-tools (Ubuntu Xenial) "Race with local file systems can make open-vm-tools fail to start" [Undecided,Triaged]
<xnox> nacc, hi!
<nacc> xnox: hiya
<smoser> but it doesnt do that in xenial
<smoser> but that said, a mount of /tmp and /var/tmp != local-fs.target
<nacc> rbasak: did you want to sync on git-ubuntu today? (mini-sprint to get phasing going this week?)
<smoser> where local-fs.target is all mounts in /etc/fstab
<xnox> nacc, what's up with packaging php-mcrypt from https://pecl.php.net/package/mcrypt ?
<smoser> including /opt/some/random/path
<nacc> xnox: i pinged ondrej on it and he said he would not do it in debian
<xnox> nacc, i think that's the easiest way forward, to remove php7.1
<nacc> xnox: i have a bug filed
<nacc> xnox: we just need to remove two more source packages
<xnox> nacc, sure, but i think we should, until it's done in debian.
<nacc> one of which i've talked to upstream about and they don't want it pacakged in ubuntu :)
<xnox> nacc, hm, ok. Do you have bug number?
<nacc> xnox: yeah, sorry was looking it up https://bugs.launchpad.net/bugs/1749745
<ubottu> Launchpad bug 1749745 in zoneminder (Ubuntu) "php7.2 has removed the mcrypt module" [Undecided,New]
<xnox> nacc, from http://people.canonical.com/~ubuntu-archive/nbs.html it's 6, no?
<xnox> ah
<nacc> xnox: iirc, tsome of those are reverse-recommends, but let me check
<xnox> ah, could be.
<nacc> xnox: yeah the last 3 are recomends
<xnox> i think we can upload dropping reverse-recommends.
<nacc> xnox: yeah, i can do that today
<nacc> and then we'd remove cakephp{,-scripts} and gosa
<nacc> i think gosa will come back in, as i've talked to upstream abou tit
<nacc> but i'd rather we sync it from debian then try to diverge right now
<xnox> yeah =/
<nacc> xnox: i'll work with the AAs on the removals today
<xnox> cool
<smoser> xnox: could you take a *quick* look at  my scary systemd-resolve bug ?
<smoser> i can't understand why anyone using network manager on bionic would not be affected.
<rbasak> nacc: yep. Five minutes?
<Sircle> Hi
<Sircle>  How to make sure that .php script of one site cannot access data of any other site?
<xnox> smoser, something is very odd
<xnox> smoser, so  DNS Domain: ~mosers.us does not look right.
<Sircle>  I am having hard times in blocking access to the directory ".git" and any files under its tree. This directory is in every of my 70 websites. What should I do ? I have referred http://httpd.apache.org/docs/current/mod/mod_authz_core.html#require    but cannot make up syntax
<xnox> smoser, i think you may be able to fix it by sending the right domain to resolved via d-feet.
<xnox> smoser, i believe it is set to "route-only" ~mosers.us => meaning, only use this network for mosers.us and nothing else.
<xnox> i think, it should be "mosers.us" there instead.
<nacc> rbasak: ack
<xnox> smoser,           DNS Domain: ~mosers.us
<xnox> is the odd bit, because for me, it is
<xnox> smoser,           DNS Domain: surgut.co.uk
<nacc> Sircle: ok, cross-posting *three* times does not help
<xnox> Sircle, hm, you should not store .git in public directories.... if you deploy from git, you should export a tree from git, not clone a git repository....
<sdeziel> Sircle: you can have the .git reside outside of the documentroot and then you can set permissions on it to prevent the www-data user from accessing it
<xnox> Sircle, or are you trying to serve naked git dir / as in host git repositories over http? then it should not be /.git/ subdir, but a full top level one, like myrepo.git/
<xnox> smoser, are you using, something like "use this connection only for things on behind this connection" in network manager?
<smoser> xnox: have you rebooted ?
<nacc> rbasak: i'm in the standup HO
<rbasak> omw
<xnox> smoser, not recently no, maybe i should.
<smoser> i do not have 'use this connection fo resources ...'
<xnox> smoser, i am close to end of day, and will reboot and debug this stuff. I do think we may need changes to make sure it sends domains as "search & route", not "route-only".
<Sircle> xnox,  let me know the syntax?
<xnox> smoser, as looking at resolved dns plugin inside network manager, it did look wrong to me before.
<xnox> Sircle, sorry, i do not provide support at that level. And i'm not sysadmin myself.
<cpaelzer> xnox: smoser: don't focus on local-fs.target != "dependency on private tmp" that is the easy to resolve path in bionic
<cpaelzer> focus on the trivial unit that I added to the bug that fails in Xenial by NOT having those implicit dependencies
<smoser> cpaelzer: i'm not able to reproduce your failure
<Sircle> xnox,  nacc sdeziel I need www-data to access .git to take pulls
<smoser> yeah. i dont understand it.
<smoser> unless /tmp and /var/tmp are on a different filesystem then / then i am missing something
<sdeziel> Sircle: if you need www-data to access the .git dir but not PHP, I think you can use PHP-FPM and run it with a non www-data user
<Sircle> sdeziel,  there are many httpd rules like I mentioned above to deny access.
<sdeziel> Sircle: deny rules affect clients access, not what apache/mod_php can do
<Sircle> sdeziel,  I want to deny client acccess. yes.
<nacc> powersj: ping
<powersj> nacc: sup
<nacc> powersj: wanted to sync on the git-ubuntu CI. i'm about to land the changes in master that will make us need to switch to the new CI jobs
<nacc> powersj: we had chatted last week about making there be 3 stages or so? snap build, snap self-test, integration test ?
<powersj> nacc: yeah I am finishing 16.04.4 testing now, then I can work on the workflow
<nacc> powersj: ack, thanks
<nacc> powersj: do you want me to hold off on landing in master? or can you run against master to show the potential output?
<powersj> nacc: I'd actually prefer it be in master, so I can use it to test the workflow
<nacc> powersj: ack, landing them now then
<ahasenack> mdeslaur: that clamav 0.99.3 update somehow reverted the NEWS file to talk about 0.99.1, did you notice that?
 * mdeslaur looks
<mdeslaur> ahasenack: what news file are you referring to? the one I see mentions 0.97.5
<ahasenack> mdeslaur: "NEWS" at the root
<ahasenack> mentions 0.99.1
<Sircle> sdeziel,   I have 70 directories under /var/www/html/   Do I need to put <Directory for each of 70  or just something like <DirectoryMatch /var/www/html/*/.git/*> ?
<ahasenack> in the 0.99.3+addedllvm-0ubuntu1 package, and also in upstream's 0.99.3 tarball
<mdeslaur> ahasenack: yes, that's normal...upstream's 0.99.3 tree actually got renamed to 0.100 when they decided 0.99.3 should be a minor update to 0.99.2
<mdeslaur> ahasenack: so the 0.99.3 betas have nothing in common with the actual 0.99.3 release
<ahasenack> hmm
<ahasenack> so we got a downgrade?
<ahasenack> there was no fix for the 0.99.3 betas (or 0.100)?
<mdeslaur> yes, we downgraded to the stable release
<mdeslaur> there's no release for 0.100, it's a work in progress
<ahasenack> since we were using a beta already, couldn't we have upgraded to 0.100?
<ahasenack> wouldn't the code diff be smaller?
<mdeslaur> you want to ship an unfinished work in progress with no release date and possibly no proper signatures in our LTS release?
<ahasenack> wasn't it like that already with 0.99.2~beta?
<ahasenack> or rather, 0.99.3~beta
<mdeslaur> yes, and we should have never synced that
<ahasenack> ah
<Sircle> I had files in /var/www/html/site1.com   /var/www/html/site2.com and so on. One of my sites got compromised and script in it copied many files inside other website directories. How can I restrict this so php cannot access files outside the parent directory or vhost path?
<Sircle> nacc,  xnox sdeziel
<nacc> Sircle: don't use php? :)
<nacc> Sircle: please don't ping users with random questions
<Sircle> k
<sarnold> do not let the user that runs the php code have write access to anything except log files, database sockets, and an uploads directory if you absolutely must have one
<sarnold> you can use both unix access control mechanisms and AppArmor for this task
<Sircle> No way to isolate each site?
<Sircle> sarnold, For access rights, it varies so much. For every site its different upload folder or pluging folder (wordpress). Very difficult to keep track of
<sarnold> Sircle: Probably you could run each site under a different user account via as many FPM things as needed..
<Sircle> hm sarnold thats the only way?
<sarnold> Sircle: you could also use different VMs or LXD containers per site ..
<Sircle_> sarnold,  don't I just need this? https://stackoverflow.com/a/1649731
<sarnold> Sircle_: open_basedir is not a security tool
<sarnold> Sircle_: even if it were, it only influences filesystem operations that go through php; ptrace, IPC, or filesystem operations that don't go through PHP aren't handled at all.
<Sircle_> will that not limit .php files to limit to the vhost files only? <- thats what I want
<sarnold> it will not. it's about the same as asking drivers to politely not get into accidents.
<powersj> nacc https://jenkins.ubuntu.com/server/view/git-ubuntu/job/git-ubuntu-ci-nightly/
<powersj> currently running the nightly job against master
<powersj> will watch status
<powersj> then will run a CI job if that passes
<nacc> powersj: ack, thanks
<nacc> rbasak: code looks good to me; you ahve one TBC in gitubuntu/apt_repo_test/README
<rbasak> nacc: ah yes. I just need to look up the command, thanks.
<nacc> rbasak: np
<nacc> rbasak: and you also need a rebase :)
<nacc> powersj: did you see the failure just now? https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/303/console
<powersj> nacc: yeah I kicked that after the nightly passed
<powersj> I think there was a race with the nightly script also doing a vm launch
<nacc> cpaelzer: do you think you could pick up the merge of kopanocore? i think you have more context on your delta (and if it's all been picked up by debian). I think we would normally sync, excpet we need to transition php7.1-mapi -> php-mapi
#ubuntu-server 2018-02-27
<powersj> nacc: sorry for the failure emails; I eventually realized I was using the wrong type of quotes *sigh*
<powersj> I need to get the VM to recognize lp: git addresses now and should be set
<nacc> powersj: cool
<powersj> nacc: ok.. that took longer than expected :\ https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/326/console
<powersj> I'll check on it later tonight, but it is running now
<cpaelzer> smoser: thanks for the cross check, very interesting that you can not reproduce this
<cpaelzer> smoser: that lures me deeper into this rabbit hole
<cpaelzer> save me if I don't get out :-)
<cpaelzer> nacc: "more context" is a vast exaggeration, I just made it migrate back then with the changes :-)
<cpaelzer> nacc: but I surely can take a look and hopefully propose something that you can check when you are back online
<cpaelzer> good morning server chan btw
<cpaelzer> smoser: I'm further throu my mails - so you finally could reproduce
<cpaelzer> I'll do the open-vm-tools portion and we can leave bug 1750780 for a thought by xnox (for systemd on xenial) then
<ubottu> bug 1750780 in open-vm-tools (Ubuntu Xenial) "Race with local file systems can make open-vm-tools fail to start" [Undecided,Triaged] https://launchpad.net/bugs/1750780
<lordievader> Good morning
<cpaelzer> hi lordievader, how are you?
<lordievader> Doing allright here, how are you?
<cpaelzer> fine as well today
<lordievader> ð
<tobasco> jamespage: thanks for the help with gnocchi, i'm working on it now, but i noticed another issue when fixing this the panko-common package in queens no longer supplies /usr/share/panko-common/app.wsgi i can only find /usr/lib/python2.7/dist-packages/panko/api/app.wsgi is this intentional?
<tobasco> i.e apache2 won't start because /usr/share/panko-common/app.wsgi is not present anymore
<cpaelzer> nacc: is https://code.launchpad.net/~nacc/ubuntu/+source/kopanocore/+git/kopanocore/+merge/337021 to be considered dead then?
<cpaelzer> nacc: I have two different approaches to the kopanocore merge in build atm
<cpaelzer> once that works I'll go on to some tests
<cpaelzer> at least later today you should have a MP if not showstoppers come along
<cpaelzer> I'm iterating on some minor cleanups while build/test goes on
<cpaelzer> so don't take the ppa content as final
<smoser> cpaelzer: maybe i didnt respond. I *did* reproduce it.
<smoser> it was just really really wierd to me that I didn't see any output from the shell "can't open file" or something.
<cpaelzer> smoser: all fine
<cpaelzer> smoser: I later found your latter update in the bug
<smoser> good deal.
<smoser> it seems to me that in bionic systemd is a bit overzealous
<smoser> in PrivateTmp then means local-fs.target
<cpaelzer> at least it adds some dependencies
<smoser> when, clearly having /tmp and /var/tmp is much different than all filesystems.
<cpaelzer> instead of failing on it's own features
<smoser> yes
<smoser> better
<cpaelzer> I don't even think it adds full local-fs.target btw
<cpaelzer> not tested, but what I saw in the dep chain was no full local-fs
<smoser> oh. i thought it did. your critical-chain i thoguht showed them.
<smoser> ah.
<cpaelzer> some -tmp target
<smoser> ok.
<cpaelzer> smoser: systemd-tmpfiles-setup.service
<cpaelzer> not sure if that is better, but it is different :-)
<smoser> right. systemd-tmpfiles-setup.service
<smoser> but *that* does wait for local-fs.target
<smoser>  http://paste.ubuntu.com/p/Gz2rnyqNxT/
<cpaelzer> hehe
<cpaelzer> well
<cpaelzer> that is how it is
<cpaelzer> for now
<cpaelzer> I don't see a much better thing to wait on for it
<smoser> cpaelzer: thanks for working on this.
<cpaelzer> and I like the waiting more than the racy fail
<smoser> for sure.
<cpaelzer> smoser: I thank you for check/comments having helped to understand it way better
<cpaelzer> nacc: I need to bsiect on kopano
<cpaelzer> nacc: it is not a clean sync
<cpaelzer> I have 5 changes Debian didn't pick and I confirmed we need some of them
<cpaelzer> I need to iterate on the tests which ones we could drop and which we need as a hard requirement
<cpaelzer> nacc: people run into "fun" with the default depends being mariadb-client | default-mysql-client | virtual-mysql-client
<cpaelzer> nacc: do you think we should change the order so that by default mysql is installed by the dependency
<cpaelzer> ?
<cpaelzer> actually, this isn't seeded/main right
<rbasak> nacc: one issue with my most recent fixes is that they need the Bionic version of gnupg2 (the Artful version won't do). Will this affect the snap at all? Eg. do we need to add a gnupg part?
<GoopAway> So, at my school, they have Windows 7 (and probably some Microsoft server somewhere), and they've allowed me to log in to 1 computer with special credentials, and log into another computer in the area with the same credentials. I know none of these are zero clients, and its weird (IIRC) they have physical accounts and accounts that only work if the server and computer connect. How would I do the same thing for Ubuntu?
<dpb1> GoopAway: sounds like roaming profiles in Microsoft.  I'd start here: https://askubuntu.com/questions/198158/how-do-i-set-up-a-roaming-profile -- warning, it's not a checkbox or anything.  It takes pretty good sysadmin knowledge to get going.
<GoopAway> Is it possible to have Windows machines connect to a network that spoofs the LDAP server they're looking for?
<TJ-> GoopAway: no; Windows Active Directory uses Kerberos and authenticates in both directions
<jdr> you would have to forge kerberos tickets
<rbasak> nacc: my MP CI failure: looks like the snap isn't bundling the test files?
<arunpyasi> Hi everyone, how fine is it to upgrade the distro from 14.04 to 16.04 ?
<arunpyasi> sory
<arunpyasi> 10.10 to 16.04
<arunpyasi> *10.04 to 16.04
<Ussat> thats a big jump
<Ussat> I would not personally
<sarnold> arunpyasi: the supported upgrade path is through 12.04 LTS, 14.04 LTS, then 16.04 LTS. A fresh install might be more reliable
<jdr> thats a huge jump.
<dpb1> arunpyasi: https://help.ubuntu.com/community/EOLUpgrades
<sarnold> hopefully there's enough 12.04 LTS left on the mirror network due to the 12.04 ESM support offering still live
<TJ-> it's all on old-releases
<dpb1> sarnold: and it's still in the real archive
<dpb1> fwiw
<sarnold> yay
<sarnold> then this path stands a chance of working ;)
<dpb1> ya, would be a fun experiment. :)
<arunpyasi> :)
<arunpyasi> Thanks for your support. I guess I shall go with the fresh and migration
<jdr> Anyone run a ubuntu server distro on digital ocean, and can run a user compiled kernel?
<dpb1> jdr: 1) yes, 2) never done it
<jdr> I can get it to compile, modules installed, go to reboot and kernel panic.
<jdr> I have reached out to DO, and have read a few articles saying you cant install, and a few that say you can
<TJ-> jdr: in the config have you choosen the "DigitalOcean GrubLoader" ?
<jdr> no i did not
<nacc> rbasak: you didn't add them to the MANIFEST.in
<pmatulis> why is there no 16.04.4 download here: https://www.ubuntu.com/download/server ?
<sarnold> pmatulis: I don't think we've released one yet, no one's amended https://wiki.ubuntu.com/Releases to show one
<Ussat> pmatulis, I would not be concerned, get .3, use that, update as needed
<sbeattie> pmatulis, sarnold: indeed, 16.04.4 iso testing is underway, it's not been released yet.
<sarnold> cool :)
<rbasak> nacc: I thought you said I didn't need to? I'll do that :)
<nacc> rbasak: sorry, I thought I said you *did* need to :)
<rbasak> nacc: I went away with the impression that everything in gitubuntu got included by virtue of it already being picked up as a Python package. Anyway no big deal :)
<nacc> rbasak: right, all *.py does
<nacc> rbasak: but not non-python files
<nacc> rbasak: you have to expliclitly make them package data via either package_data in setuptools or the MANIFEST.in
<rbasak> Ah, OK.
<rbasak> I've added it to MANIFEST.in and pushed
<rbasak> We can squash that before merging if it passes perhaps?
<rbasak> I don't mind either way.
<nacc> rbasak: yeah i can do that if it passes
<nacc> rbasak: if it does, i'll land it, feel free to eod
<rbasak> Thanks
<pmatulis> sarnold, sbeattie: thanks for the info
<nacc> rbasak: err, are you depending on gpgv behavior from the bionic version?
<nacc> rbasak: http://manpages.ubuntu.com/manpages/xenial/man1/gpgv.1.html no such option in xenial :)
<rbasak> nacc: yeah, that's what I meant
<rbasak> nacc: Bionic only
<nacc> rbasak: well, we are on xenial
<nacc> rbasak: and i was advised to *not* build gpg from source
<rbasak> Oh
<rbasak> What do you think we should do about this?
<nacc> rbasak: (that is, we call to the system gpg for stuff)
<rbasak> gpgv didn't gain --output until Bionic.
<nacc> rbasak: i don't know
<nacc> rbasak: we could *just* build gpgv in our snap
<rbasak> However, bare gpg does have --output defined in the manpage. It just doesn't work until Bionic.
<nacc> and then make sure to call the snapped binary via run
<rbasak> In terms of making sure, it's fine if we just rely on PATH I think. If the wrong one is called, the code is designed to fail safe (fail verification), and that's tested.
<rbasak> nacc: what was the basis of the advice not to build gpg from source?
<nacc> rbasak: because e.g., gpg vs. gpg2
<nacc> and we'd end upa ffecting the user's ~/.gnupg directory
<rbasak> I see
<nacc> rbasak: (iirc)
<nacc> rbasak: 3294bc6d6c93c8c76f953266f9665ede78c5937d
<nacc> rbasak: so we could build just gpgv into the snap (it will require some carefully snapping)
<rbasak> OK
<rbasak> Another way (not sure it's the least worst) might be to mark the tests that need a newer gppv, skip them from the self test, but do run then in some other manner in CI.
<nacc> rbasak: so we don't call gpgv in the actual code? only in the tests?
<rbasak> Oh. Good point.
<rbasak> So that won't work. We do call gpgv in the actual code.
<rbasak> --output is needed in the case of cleartext (InRelease) signatures, which is the common case for us.
<nacc> rbasak: right
<nacc> so i think we do need gpgv in the snap no matter what
<nacc> so it's good the self-test caught it :)
#ubuntu-server 2018-02-28
<arooni> about to upgrade ubuntu 14.04 => 16.04 server via command line; anything i need to keep in mind?
<arooni> about to upgrade ubuntu 14.04 => 16.04 server via command line; anything i need to keep in minabout to upgrade ubuntu 14.04 => 16.04 server via command line; anything i need to keep in mind?d?
<arooni> oops sorry for the repost
<arooni> (twice :( )
<sarnold> if you've got apache installed I think 16.04 changed the authentication and authorization stuff
<sarnold> and php7 doesn't handle everything php5 did. or something like that.
<rbasak> arooni: take a full system backup before you begin :)
<arooni> is doing the upgrade not recommended
<arooni> i.e. as opposed to transferring to a clean install
<sarnold> no, upgrade should work, please file bugs if you run into trouble. but backups are always a good idea. :)
<arooni> running a snapshot backup first
<arooni> i wasnt really paying attention; was running sudo apt-get dist-upgrade wrong
<sarnold> do-release-upgrade is the supported way to move from one release to the next
<arooni> sarnold: ok so a bit of dist-upgrade already ran before i control c'd it
<arooni> does that mean i really screwed up
<sarnold> maybe
<arooni> and need to restore from the backup before trying again
<sarnold> did it start unpacking packages yet?
<sarnold> or was it still downloading?
<arooni> ummm i think it was setting up packages :(
<arooni> got to this https://gist.github.com/5b17ced2bbdde3cae2cc806cdba9bae8
<sarnold> *probably* if you set the apt sources back the way they were, and run do-release-upgrade, it'll sort out a path forward
<sarnold> arooni: those numbers seem sane. might as well let it go :)
<arooni> well i have a backup in case i kaboshed it
<arooni> may as well see
<sdeziel> arooni: if you have apache2, sites-enabled needs to contain files ending with .conf
<rbasak> nacc_: do you want me to work on getting gpgv in the snap tomorrow? Or are you looking at it already?
<arooni> sdeziel: i'm using nginx
<arooni> if there are any gotchas there
<sdeziel> arooni: not that I remember
<sdeziel> arooni: only good things ahead (http2) :)
<nacc_> rbasak: i can work on it now, and i'll send an mp off yours?
<nacc_> it should end up passing ci as a means to check it
<arooni> goodbye php 5.6
<arooni> hello php 7
<nacc_> arooni: 14.04 -> 16.04?
<arooni> howd you guess lol
<rbasak> nacc_: sure, thanks
<nacc_> arooni: :)
<arooni> should i keep the unattended upgrades config file i created
<arooni> diff doesnt appear to have anything about a specificrelease
<sdeziel> arooni: trusty ships with php 5.5.9, do you have any PPAs?
<arooni> i think i did
<arooni> probably   should have blown them away      prior to upgrade
<nacc_> do-release-upgrade does automatically disable them, but you still need to purge them, iirc
<arooni> well it booted up successfully as 16.0.4
<arooni> 16.04.4
<nacc_> arooni: well, that's not released yet, so hopefully not :)
<sdeziel> nacc_: the base-files update was pushed already
<nacc_> sdeziel: really?
<nacc_> sdeziel: that's surprising, but i guess doesn't hurt
<sdeziel> grep VERSION= /etc/os-release
<sdeziel> all of my systems are reporting 16.04.4
<arooni> so ;;; if there are things listed in my sources.list.d directory that reference trusty
<nacc_> sdeziel: interesting, i thought that would be coordinated with the official release, but maybe that's only for the iso
<arooni> do i need to delete/remove them
<arooni> or will they not be used as its not the xenial release
<sdeziel> nacc_: the ISO always seems to lag from a couple days
<sdeziel> arooni: you need to delete/update them
<nacc_> sdeziel: well, the iso isn't supposed to release until mar 1
<sdeziel> arooni: well, only the files with names ending with .list
<arooni> what are the other files there for
<sdeziel> leftovers from the release upgrade mostly
<nacc_> rbasak: i'm testing the trivial revert now, and then i'll need to narrow it done
<nacc_> i should be able to work on it more tmrw
<nacc_> rbasak: sigh, you're calling gpg too in the tests :)
<nacc_> rbasak: i think we can snap all of gpg again, but not use it in our code
<nacc_> beyond the tests
<nacc_> i'll need to verify that's actually the case, though
<chamar> Hi folks, anyone using LXC/LXD?
<sdeziel> chamar: yes
<chamar> sdeziel, Are you using the apt-get package or snap?!  Having package at both place is kind of confusing
<sdeziel> chamar: I'm using the apt-get package because I set this up before the snap came in. That said, upstream recommends using the snap now
<chamar> Thanks, I'll go with snap then. Appreciate.
<sdeziel> np
<Goop> is it possible to enable/disable a graphical desktop environment on-demand?
<sarnold> you can certainly apt-get install unity or fvwm2 or whatever you want .. and then apt-get purge it again later
<sdeziel> Goop: on a 16.04 desktop, you could set the lightdm service to not autostart (systemctl disable lightdm) and manually start it when you want a graphical session
<mason> Goop: you don't mean "systemctl set-default" do you?
<mason> ...because if youre going to have a generic system-wide default on Unixlike systems, of course it should really mean "is this my laptop or not". :P
<mason> s/default/& setting/
<chamar> urgl.. what is that netplan thing?! :/
<mason> chamar: You should still be able to install/usr ifupdown.
<chamar> yeah.. ho.. that seems to be tied with systemd.. hum
<cpaelzer> good morning
<rbasak> nacc_: oh. To import the keys into keyrings, yeah, sorry. Any version fo gpg will do for that though.
<soshiant> i want to install snmpd
<soshiant> apt-get install snmpd
<soshiant> errror is : libsnmp30 depends libsensores
<soshiant>  i use ubuntu server repository
<soshiant> trusty distribution
<soshiant> snmpd depends libmysqlclient18
<hateball> soshiant: can you !paste the full output?
<hateball> soshiant: also run an "sudo apt-get update" first
<soshiant> <hateball> libsnmp30 depends libsensores4 but it is not installed
<soshiant> <hateball> snmpd depends libmysqlclient18 but it is not installed
<hateball> soshiant: can you paste what "apt-cache policy libsnmp30" says?
<hateball> !paste | soshiant
<ubottu> soshiant: For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<soshiant> i use ubuntu server repository
<soshiant> i can't past
<Ussat> When 18.04LTS goes live, what ver of php will it have ? 7 ?
<soshiant> https://paste.ubuntu.com/p/7DrW4n74r5/
<frickler> jamespage: you might want to fix your ceph-volume patch to avoid overlap with debian/python-cephfs.install:usr/lib/python2*/dist-packages/ceph_volume_client.py*, see https://git.launchpad.net/~j-harbott/ubuntu/+source/ceph/commit/?id=a874f13042b58073906b9a4465c3498d99301d3c
<jamespage> frickler: thanks
<soshiantt> .
<boxrick> Good afternoon folks, just dabbling with Ubuntu 18 and I would like to drop netplan and use the stock systemd-networkd. Is there any caveats or things to be aware of in this?
<boxrick> And a simple way of disabling netplna
<boxrick> Netplan
<rbasak> boxrick: https://wiki.ubuntu.com/Netplan#I_really_do_need_ifupdown.2C_can_I_still_use_it.3F
<rbasak> Oh I'm sorry.
<rbasak> That's not exactly what you asked.
<rbasak> But I suppose if you used ifupdown in the way described, it's easy enough to configure it to do nothing.
<rbasak> I suspect exactly the same applies with netplan - if not given a plan, it will do nothing.
<rbasak> cyphermox: ^
<boxrick> So lets assume I remove the netplan config then insert the systemd networkd config and restart networkig
<boxrick> networking*
<rbasak> What does "restart networking" mean? :)
<boxrick> Good point, since that doesn't work in Ubuntu 18
<rbasak> The term has no meaning.
<rbasak> Way back when (before upstart) it might have meant "run the restart action on the networking init.d script)
<rbasak> Nowadays with more complex networking setups, and hotplug and so on, it has little meaning.
<cyphermox> boxrick: have you filed bugs about whatever doesn't work for you?
<cyphermox> and yeah, if you just remove the config, it will do nothing
<boxrick> There is no bugs
<boxrick> Just rather first testing
<boxrick> I need a multi OS networking config, so netplan isn't suitable
<boxrick> Configuring systemd-networkd directly is ideal.
<boxrick> So as a brief example, if I have eth0 configured by netplan on DHCP. If I remove the config, recreate in systemd-networkd and do a service systemd-networkd restart. Will it spring to life ?
<boxrick> Is there any way to confirm netplan is not doing the config to make sure its working.
<cyphermox> if there is nothing in /etc/netplan, netplan will do absolutely nothing
<cyphermox> but yes, you can use netplan to generate a configuration, then edit it as a starting point for using systemd-network directly -- so once you have config for systemd-networkd in /etc/systemd/network, you can restart systemd-networkd and the network should be managed correctly.
<rbasak> nacc_: would you mind avoiding prefixing your branch names with lp references please? It stops me being able to tab complete anything :-/
<rbasak> A suffix would be fine.
<jamespage> frickler: thanks for that - I've pushed ready for next week when I'll upload
<frickler> jamespage: nice, maybe you can also consider https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1752308
<ubottu> Launchpad bug 1752308 in ceph (Ubuntu) "ceph-mgr needs python-jinja2 for dashboard plugin" [Undecided,New]
<nacc_> rbasak: why does it stop you?
<rbasak> nacc: because autocomplete stops after nacc/lp173 and after that I basically have to look up the number every time. From my POV your branches might as well be numbered instead of being named.
<nacc> rbasak: right, but for me it's handy to know which branch i need to checkout based upon which bug i'm working on
<nacc> rbasak: if it's a suffix, i need to know the <string topic> i chose in order to find it
<rbasak> I didn't think you'd find it less convenient. It's your choice I guess :)
<rbasak> Personally I can remember the names of a few different things more easily than I can remember the numbers of a few different things :)
<nacc> rbasak: i'm the opposite :)
<rbasak> (and the numbers are typically all alike)
<rbasak> nacc: if you're available, would you like to sync before the standup?
<nacc> rbasak: ack
<nacc> rbasak: i can join now
<rbasak> omw
<coreycb> jamespage: down to 3 failures with tempest on queens
<coreycb> jamespage: i'm planning to get the final releases uploaded and then work through those last 3 failures
<jamespage> coreycb: +1
<jamespage> sounds good - do you need a hand?
<jamespage> happy for you to take all of the release glory but if you want to spread the load I have some 'waiting for functional tests to complete' time
<coreycb> jamespage: either way is fine with me
<coreycb> jamespage: should be relatively light-weight at this point
<jamespage> coreycb: ok shall I take the neutron* and networking* bits then?
<jamespage> and you can work the rest
<coreycb> jamespage: sure, sounds good
<nacc> rbasak: do you have a few minutes? just wanted to check something with you
<rbasak> nacc: sure. Which HO?
<nacc> rbasak: standup is fine
<rbasak> omw
<arunpyasi> Hi everyone, I need to have a secondary mail server which can be used to receive and send emails when primary server is down and the emails should be sync with one another. How do I achieve that ? A good tutorial/manual/tool/link would be appreciated. Thanks !
<TJ-> arunpyasi: if using postfix a smarthost config on 1 of them
<arunpyasi> TJ-,doing that will sync the emails on both the sides ?
<TJ-> arunpyasi: the idea is the SmartHost receives them and passes them on to the primary server when it can
<arunpyasi> TJ-, ok, I went through this soln but the thing is, I need each other to be synced and server2 be available for pop/imap/smtp when server1 is down
<TJ-> arunpyasi: then you'd need file-system level syncing between them of the mailbox directory/ies so POP/IMAP clients can see the emails
<arunpyasi> TJ-, ok so this goes to the filesystem sync ? can it be rsync or GlusterFS ?
<Ussat> You need 2 servers that share the same FS, and the config on the servers should reflect that
<TJ-> arunpyasi: take your pick of options :) I think I'd want a distributed file-system of some sort to make the sync transparent, but then you hit the problem of, at some times, needing it to switch masters
<Ussat> also you need a smart way to determine when one is down and automatically fail to the live server
<TJ-> arunpyasi: might be worth looking at how high-available servers are configured for jsut this kind of thing
<Ussat> you could use a VIP that then goes to one or the other servers, the VIP could live on something like a F5
<Ussat> which would switch from one to the other based on which is live
<arunpyasi> Ussat, what is VIP ? AFAIK is Very Important Person
<Ussat> Virtual IP
<Ussat> So.....in the case of your scenario, the IP would reside on the F5 or similar, and the F5 would forward requests to one or the other server
<Ussat> AKA Poor Mans HA
<Ussat> Its perfectly viable though and works quite well
<Ussat> Hard to explain over text
<jamespage> coreycb: ok have neutron* and networking* built - about to publish to bionic once everything is differed
<coreycb> jamespage: awesome
<jamespage> coreycb: publishing now - I'll need to eod shortly
<coreycb> jamespage: ok thanks. i should be able to get the rest today. work is underway on my end.
<dpb1> _bladernr_: the bug looks fine.  Thanks.  nacc is working on it now, we'll let you know where there is something to test.
<nacc> dpb1: thanks
<_bladernr_> dpb1, thanks!
<nacc> rbasak: to be sure, you're planning on acking my branch (fixes) before you EOW?
<nacc> rbasak: and/or reviewing i guess
<dpb1> nacc: good thing you pinged him here. :)
<nacc> dpb1: well, it's what we had talked about earlier, but i wanted to be sure -- needed before we can ramp up phasing
<dpb1> nacc: understood
<rbasak> nacc: yeah I am. I deferred finishing work to do some chores that needed setting off earlier (like laundry). Now back to finish work and OW :)
<rbasak> EOW
<nacc> rbasak: np, i'll need to reboot in a sec, but i think this snap test should pass now (turns out gpg is senstivie to the order of its options :)
<nacc> rbasak: ok, got self-test working with yoru branch
<nacc> i'll update mine
<nacc> rbasak: fyi, tests pass with my branch, i think i'm ok to land (i could wait for the integration tests, but it's a noop there, afaict)
<nacc> powersj: hrm, do you know if the jenkins is perhaps not retriggering right now on branch changes?
<nacc> powersj: i just updated ~nacc/lp1734905-script-fixes and i'm not seeing the CI job yet
<powersj> nacc: https://jenkins.ubuntu.com/server/job/git-ubuntu-ci-trigger/17270/console that's the latest job
<nacc> usually it's pretty immediate
<powersj> it runs every 15mins
<nacc> oh ok
<nacc> maybe i always just got caught it before :)
<coreycb> jamespage: everything for queens should be uploaded at this point. will cross-check the report later. still have 3 tempest failures.
<driftmonk> hey guys. Iâm trying to set e-tag and last-modified headers on my .htaccess but it only seems to work for requests to my subdomains. any ideas? (Wordpress on Ubuntu)
<sarnold> driftmonk: iirc the main config delegates to the htaccess files which settings can be modified; perhaps your vhost configs delegate those things, but the "main" configs do not?
<driftmonk> sarnold: are you talking about the httpd.conf file?
<driftmonk> sorry i haven't touched web servers in a while
<sarnold> driftmonk: yeah, and all the files that it includes
<driftmonk> mm yes perhaps. Iâm just using digital ocean with a Wordpress on Ubuntu platform. where on the machine can I find the configs?
<sarnold> /etc/apache* I think
<driftmonk> ahh! right! thanks sarnold. will have a look! cheers :)
<pmatulis> how can i discover whether a certain package is installed by default on an ISO? for instance, how to discover whether 'lxd' is installed on Artful Server or Artful Desktop?
<nacc> pmatulis: seeded-in-ubuntu command
<nacc> pmatulis: and 'preinstalled' in the output for server or destkop as appropriate
<patdk-lap> never installed for me
<patdk-lap> but that is cause I only install jeos
<pmatulis> nacc, sweet! but this covers only the running release right?
<pmatulis> also, for 'snapd', i see 'ubuntu-server: daily, daily-live, daily-preinstalled'
<pmatulis> what about the official ISO? and there are live ISO's for server?
<nacc> pmatulis: i'm actually not sure, i think it reflects the current seeds (e.g., for bionic), but i really don't know
<nacc> pmatulis: there is a new installer iso now (subiquity)
<nacc> pmatulis: i wonder if that is waht the daily-live is
<nacc> powersj: --^ maybe you can answer better?
<mwhudson> er i don't think so
<mwhudson> the live-server is just the server seed + sprinkles
<nacc> oh ok
<mwhudson> i think, anyway :)
<mwhudson> or is it the cloud-image seed?
<mwhudson> minimal, standard, server and cloud-image _tasks_ it seems
<nacc> mwhudson: ah
#ubuntu-server 2018-03-01
<driftmonk> Why does my wordpress images send so many request header cookies? Requesting one .png has like 16 cookies with it. whyyy
<docmur> Hey guys, I'm running Ubuntu on 16.04.1 and I have mod-security enabled.  I'm trying to send a GET / POST request without a User Agent attached, but I can't, it causes a 403, this is the security notice: [msg "Request Missing a User Agent Header"] [severity "NOTICE"], is it possible to turn User Agent filtering off but leave the rest intact?
<sarnold> if this is documenting the same mod_security, there's a dozen instances of User-Agent on this page https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#REQUEST_HEADERS
<jvwjgames> has anyone used maas
<dpb1> jvwjgames: yes
<OpenTokix> Hello all, I am doing a preseeded installation of ubuntu 16.04.3 from a custom iso. - But the installer is failing on "apt-install or in-target is already running..." messages appear in syslog. - I have found a bug on lunchpad (1450597) however it seems to reference booting from usb stick. Bug is from 2013. The installation is made on a virtualization platform.
<OpenTokix> The preseed file itself works pxe-booted.
<OpenTokix>     KERNEL /casper/vmlinuz.efi
<OpenTokix> ups
<OpenTokix> https://pastebin.com/7sJL846u <-- this is the append to kernel boot I am using.  - That paste is from another isolinux.cfg I am working on parallell I am aware it is desktop when its casper.
<cpaelzer> version niceness - on update just "Unpacking python-html5lib (0.999999999-1)" passed by - really :-) ?
<cpaelzer> rmadison on that looks funny http://paste.ubuntu.com/p/V3rcYm77DK/
<cpaelzer> seems to try to become a check for the max length of a version
 * cpaelzer stops having fun now :-)
<coreycb> jamespage: woo, zero fails on queens-proposed
<jamespage> coreycb: awesome!
<coreycb> jamespage: want to promote to -updates and get an announcement out?
<jamespage> coreycb: I've been pushing everything through to updates :-)
<jamespage> cinder just went
<coreycb> jamespage: they are mostly no-ops at this point so i think that's fine
<jamespage> last bit I think
<jamespage> yeah that was my take
<coreycb> jamespage: i'll start a doc
<coreycb> jamespage: oh nova-lxd is still at rc1
<jamespage> coreycb: hmmm
<jamespage> tinwood: do we have a release for nova-lxd yet?
<coreycb> jamespage: just giving a final look at horizon
<jamespage> coreycb: always a good idea
<coreycb> jamespage: seeing 2 issues with launching an instance. network doesn't show up as a selection and admin doesn't have a Launch Instance button.
<coreycb> jamespage: on horizon, cli is fine
<frickler> coreycb: jamespage: do you happen to have a sample for a git-build-recipe that builds for xenial based on UCA? would be great to have launchpad take over my builds ;)
<jamespage> frickler: hmm
<jamespage> frickler: not per say
<jamespage> coreycb: ^^ ?
<coreycb> frickler: i don't, sorry
<mordof> when a process uses too much RAM, and the os/kernel/whatever kills it - does anyone know what signal it uses to kill that process? (is it something i could catch)?
<jdr> oom killer?
<jdr> i am sure its SIGKILL.
<sdeziel> yeah, it's SIGKILL
<mordof> :/  of course it is, heh
<mordof> trying to write a script to handle some rather cpu/memory intensive stuff and distribute it across a bunch of machines, but i'm worried the memory use will mark it for death from the oom killer
<mordof> and not sure how to handle that situation
<mordof> i don't want the handler at the end which brings all the results together to wait forever
<sdeziel> you can tune the oom_score for a given process
<mordof> sdeziel: it's a type of process where - if left alone without a time limit - *will* run out of memory
<sdeziel> mordof: I'm not sure about the "wait forever" part? Are you saying the handler would wait for a dead process?
<mordof> so changing score will just change the time frame it'll take before it dies
<mordof> i've got a central process which dispatches each of the tasks - and then waits for the results through redis or some other medium
<mordof> i could kill it after several hours if nothing came through.. but.. that's not very nice
<sdeziel> could the workers send a heart beat every so often?
<sdeziel> if a worker doesn't report inside 3 heart beat time, you conclude it's dead
<mordof> sdeziel: sometimes i wonder why my brain just doesn't come up with these things... i've done that in the past, why that didn't occur to me... lol
<sdeziel> or even something simpler: just note the PID of the worker and when that PID is gone, conclude the process was reaped by OOM
<mordof> true
<mordof> sdeziel: heartbeat will be a bit easier to implement here i think - gonna go that route, and then tune parameters for performance as needed. thanks
<sdeziel> mordof: glad I could help
<nacc> dpb1: powersj: rbasak: fyi, it looks like there might be some significant chnages in snapcraft that will let us trim our snap back down
<nacc> not an immediate priority, but eventually
<powersj> sweet
<dpb1> can also bundle the .pyc files
<nacc> dpb1: yeah, i think we can actually trim a lot out, but i haven't had the cycles to figure out what yet
<dpb1> backlog
<dpb1> ya
<nacc> our CI will help us make sure we don't break things in general, i hope
<coreycb> jamespage: queens release announcement sent!
<dpb1> coreycb: nice
<dpb1> :)
#ubuntu-server 2018-03-02
<m15k> Hi guys. Should ufw dhcp-pd work out of the box?
<Sircle> https://pastebin.mozilla.org/9078945
<Sircle> Is there anything wrong with this syntax. I am trying to allow one ip and block all but its blocking all ips (including the one I whitelisted) https://pastebin.mozilla.org/9078945
<zul> coreycb:  ping neutron-vpnaas could use a rebuild in the cloud-archive https://pastebin.com/hL9b25q7
<jamespage> zul: neutron-vpn-agent has gone
<jamespage> as in the vpn bits run as an extension to the neutron-l3-agent in queens
<zul> argh...ok
<sdeziel> I have a bunch of QEMU VMs with small RAM allocations (256M or less) but the VM's kernel seems to be missing ~20M leading to only ~236M visible/usable. Any way to find where the rest is gone?
<sdeziel> "journalctl -kocat | grep Memory" gives me: Memory: 227764K/261624K available (8530K kernel code, 1309K rwdata, 3992K rodata, 1508K init, 1316K bss, 33860K reserved, 0K cma-reserved)
<sdeziel> 261624K is pretty close to what the VM is given 262144K
<nacc> sdeziel: says 33M reserved?
<sdeziel> nacc: yeah, any way to influence this? Or learn what it's for?
<sdeziel> is that a safety stash to be used only when under memory pressure?
<nacc> sdeziel: can you `cat /proc/meminfo` to a pastebin?
<sdeziel> https://paste.ubuntu.com/p/7mPvT9hf96/
<nacc> lol which give sa different number :)
<sdeziel> my 236M visible from "free -m" is exactly the MemTotal
<nacc> sdeziel: you've got about 20 M of reclaimable slab memory
<sdeziel> I know that long ago there was a thing like reserved memory for DMA/ISA
<nacc> which is relatively high for a small footprint system
<sdeziel> SReclaimable >
<nacc> sdeziel: yeah
<nacc> i believe you can force that to reclaim by drop_caches
 * sdeziel wonders how to reclaim
<nacc> sdeziel: try echo 3 > /proc/sys/vm/drop_caches
<sdeziel> brought it down to ~8M
<sdeziel> the that is poking at something that's not MemTotal AFAICT
<nacc> sdeziel: err, duh, you're right
<nacc> sdeziel: can you pastebin the full dmesg?
<sdeziel> I experimented with an even smaller VM (192M assigned) and was also missing 20M
<sdeziel> https://paste.ubuntu.com/p/8ysM3kGX4t/
<nacc> sdeziel: i used to know this really well, but i'm a few years rusty now :/
<nacc> sdeziel: trying to remember
<sdeziel> nacc: hehe, nothing urgent, I'm only trying to reclaim as much as I can to keep my super old VM server from running out of RAM
<nacc> sdeziel: iirc, that memory is kernel pages
<nacc> sdeziel: and i think that means you used something like 20M of bootmem or so
<nacc> whcih can't be freed normally
<sdeziel> I wonder what that means: e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
<sdeziel> hmm, bootmem you say
<nacc> sdeziel: that's my recollection, the kernel's bootsrap memory
<nacc> sdeziel: that's referring to the e820 map in firmware
<nacc> your bios tells the kerenl physically what addresses are allowed, etc
<sdeziel> OK
<TJ-> sdeziel: the kernel protects the first 64KB of memory from use, and actively scans it for corruption (to detect writes to the NULL page
<sdeziel> TJ-: vm.mmap_min_addr right ?
<sdeziel> TJ-: I tried shrinking it from 65536 -> 2048 and didn't get anything back
<sdeziel> I also booted the linux-image-kvm flavor and got much less RAM taken away from me
<TJ-> sdeziel: I don't think so, no, the e820 0-0xFFF is reserving the first 4096 byte page for safety
<sdeziel> the problem with the kvm flavor is that it's a wildly different beast
<nacc> TJ-: oh you're right, i didn't read which message that was properly
<sdeziel> TJ-: OK but if it's for safety purposes, shouldn't the kernel see it (and count it in MemTotal)?
<sdeziel> "dmesg | grep BIOS-e820" shows 5 ranges as reserved
<nacc> sdeziel: right those are bios reserved, and then the kernel removes a bit more
<TJ-> sdeziel: no, because those reserved areas are often 'ROM' - e.g. system BIOS and option ROMs, or PCI device mappings
<sdeziel> hmm
<TJ-> sdeziel: see e.g. "sudo less /proc/iomem"
<sdeziel> "000c0000-000c0dff : Video ROM" => the VM only has a serial console
<TJ-> sdeziel: but the VM seabios presumably has a default e820 reservation for a standard VGA framebuffer
<sdeziel> TJ-: I don't know that area at all but I would think that such mapping wouldn't remove RAM visible for the kernel
<TJ-> In the dmesg Memory line you referenced, the 'reserved' is:  (physpages - totalram_pages - totalcma_pages) << (PAGE_SHIFT - 10),
<sdeziel> not sure where totalram_pages comes from though
<sdeziel> I'm just lacking too much basic knowledge I guess I should start reading https://www.kernel.org/doc/Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
<sdeziel> huh, this ^ not related at all
<TJ-> no, that's about device-tree bindings
<sdeziel> TJ-: yeah, I noticed. While I look around for documentation of the e820 memory mapping hints, do you know how I could minimize the amount of reserved memory?
<sdeziel> TJ-: something to tweak with QEMU/seabios?
<TJ-> sdeziel: did you pastebin the entire dmesg ?
<sdeziel> TJ-: https://paste.ubuntu.com/p/8ysM3kGX4t/
<TJ-> sdeziel: and what's in /proc/iomem
<sdeziel> qemu as invoked by libvirt: https://paste.ubuntu.com/p/FX8RtzN5wK/
<sdeziel> TJ-: iomem: https://paste.ubuntu.com/p/NV45Nk9bjm/
<hehehe> hehe
<hehehe> any new exciting news?
<dpb1> yes
<hehehe> cool
<sdeziel> TJ-: nacc: thanks for the useful information
<nacc> sdeziel: yw, hopefully you were able to figure stuff out?
<sdeziel> nacc: not yet but I have some pointers now at least
#ubuntu-server 2018-03-03
<Checkmate> Hey i want make a backup of a folder
<Checkmate> i want compress all folder with small size i dont know how to do it with 7zip
<dpb1> 7z a filename.7z directory/path
<eraserpencil> Hey guys
<eraserpencil> Could someone share with me why an Nginx reverse proxy server coupled with an Apache web server is more popular than the vice versa?
<halvors> Is there an recommended Web UI interface for LXD?
<nacc> halvors: not afaik
<halvors> Also when i create an LXD container in Ubuntu, i have to choose an image. Does the whole OS get runned inside like a VM?
<nacc> halvors: no, there's no kernel
<nacc> halvors: you may want to read the LXD documentation and/or the difference between containers and VMs
<halvors> nacc: Thanks did that. But i wounder how i can run Ubuntu 16.04 inside the LXD container on the ubuntu 18.04 daily-build.
<halvors> Do all the libraries etc exist on both the host and on the container?
<halvors> I get that kernel is only on host.
<nacc> halvors: you are runing a 16.04 userspace basically
<nacc> (in the container)
<chamar> playing with LXD too... fun so far.
<halvors> nacc: Is there a way to only export the diff i'vem made to a container? So basically just files that i've changed?
<chamar> I think there's a snapshot feature in LXD
<jdr> is LXD a bare metal dilly?
<jdr> or like vagrant?
<nacc> jdr: LXD is a container hypervisor
<halvors> chamar: That can be used to export only the diff?
<chamar> halvors, My understand is that it will take a "snapshot" (an image at that point in time) to which you could revert back to.
<halvors> chamar: Yeah, but what i was interested in was to get the diff from the initial image, to easily export my configuration.
<chamar> halvors, gotcha.. no idea if such feature exists.. still having a first look at it too
<halvors> :)
<chamar> Reason being, my lab runs out of mem with standard VM :/
<halvors> I see.
<jdr> mind......blown
<jdr> just watched a youtube vid on it
<chamar> and what blown your mind?
<jdr> they were doing simple creating of the vm's
<jdr> I am use to hardware based vm's
<jdr> not software
<jdr> what is shared with the root container?
<chamar> ressources for sure
<chamar> you can limit the usage of your LXD container, but you don't have to assign how much memory you need for example
<jdr> I would want to set a limit of how much the vm's could use....not so much on a per vm, but as a pool
<chamar> I quote: We donât support resource limits pooling where a limit would be shared by a group of containers, there is simply no good way to implement something like that with the existing kernel APIs.
<chamar> Link: https://stgraber.org/2016/03/26/lxd-2-0-resource-control-412/
<halvors> How can i upgrade a container from ubuntu 14.04 to 16.04. Is there an elegant way to do that?
<chamar> Never did it, but probably do-release-upgrade would works
<chamar> (same as a standard VM / bare metal install)
<halvors> chamar: Yeah, but what about the metadata then?
<chamar> metadata?
<chamar> halvors, https://github.com/lxc/lxd/issues/3874
<halvors> Anyone knows why sudo "snap install conjure-up --classic" is not working? cannot run the command afterwards.
<chamar> try to logout / login maybe?
<chamar> (had mixed result with conjure-up so didn't had a deep look into it)
<halvors> chamar: Thanks.
<chamar> np
<chamar> btw, I just updated a LXD container with `do-release-update` and it seems to work fine.
<halvors> chamar: But what about the metadata, does it update automagically?
<chamar> halvors, What do you mean by metadata?
<halvors> chamar: do "lxc info "containername"
<halvors> or config
<halvors> dont remember.
<halvors> But it says what version of ubuntu it is.
<chamar> let me see
<chamar> lxc info doesn't give anything related to the image / version
<halvors> You may be right, i cannot se the version.
<halvors> Yeah.
<halvors> Thanks, so basically just like any other vm then :)
<chamar> not sure if it keeps tracks of it .. but I get what you mean by metadata now ;)
<chamar> hum. I think it will only how the "BASE IMAGE", which is the initial image..
<chamar> I'm out.  good night all.
<halvors> good night :)
<tekk> are ubuntu dev's aware that when unattended upgrades is turned on /boot can become full pretty quickly and you get into a terrible apt cycle of not being able to resolve the issue without manual intervention?
<ikonia> boot can become full if you dont size it appropriately
<ikonia> it's up to you to either a.) size your file system in line with your needs b.) put house keeping in place
<tekk> i'm aware
<tekk> but
<tekk> i'm assuming unattended upgrades is popular with people who want no fuss and go with default partitioning schema etc
<tekk> in which case they'll be upside down
<andol> Was a while since I ran the server iso installer, but isn't the recommended choice (if you want no fuss) to just go with one big partition?
<ikonia> I'm not aware of the default partition table having a seperate /boot
<tomreyn> ikonia: i think it does when you choose automatic partitioning with lvm, or with lvm and dmcrypt-luks
<ikonia> it has to if you chose crypt
<ikonia> or it can't boot
<ikonia> but....if you chose cyrpt you should have a basic enough understanding to be able to manage your box in the event of automated upgrades
<phormulate> hey all, using xenial, and it has this tendancy to overwrite my /etc/network/interfaces... I have no network manager installed and it is driving me nuts trying to find the application modifying it, any ideas?
<TJ-> phormulate: when does the file get written to, and what gets written into it?
<phormulate> at boot, just a standard dhcp of interfaces/alias
<TJ-> phormulate: are you sure it's not the other way around, as in it's returning to a default file because any changes you made weren't permanently written to the underlying device?
<TJ-> phormulate: is it Bare Metal or a Virtual Machine ?
<phormulate> vps, rolled it using debootstrap
<phormulate> rw root
<phormulate> I'm not used to ubuntu's general conventions, but hell, I needed an easier route to lxd than debian offered at the time
<TJ-> what kind of VPS? KVM with full disk boot process (boots  raw disk image containing a boot loader) ?
<ikonia> nothing will touch /etc/network/interface file
<TJ-> phormulate: LXD? so this is a container not a VM then
<phormulate> the ubuntu is on the vps "metal" mentioning lxd isn't helpful, let
<phormulate> 's forget I said lxd
<ikonia> it does matter though
<TJ-> phormulate: I matters very much; is this an LXD container ?
<phormulate> xenial running on vps as host to a few lxd containers... lxd does nothing to alter my /etc/networking/interfaces
<phormulate> yes, kvm
<ikonia> nothing "should" touch that file, however a container, with an isolated file system being fed from the hosts services it does matter
<phormulate> ubuntu is not running within a container, it is running under kvm
<ikonia> so you're running a VM guest, thats running containers under it
<phormulate> yes
<phormulate> it is very odd, because it doesn't always get wiped on reboot
<TJ-> phormulate: check it's persistent; look at the "ephemeral:" value with "lxc config show <name>"
<phormulate> tj, lxc/d has no part of modifying my ubuntu setup
<tomreyn> ikonia: responding to your statement that you cannot have FDE without /boot: well you could do this https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Encrypted_boot_partition_.28GRUB.29 (and then /boot can just reside on / if you don't need LVM)
<tomreyn> (you'd still need a plain ESP / biosboot)
<ikonia> tomreyn: that's not supported on ubuntu's installer though
<TJ-> You can have  /boot/ as LUKS+LVM, or LVM+LUKS
<tomreyn> right ikonia
<phormulate> another wonderful gem I ran in to, systemd "Error on shutdown: Failed deactivating swap"
<rh10> guys, what's the best way to install php 7.1 to 16.04 LTS?
<ikonia> 7.1 isn't in the repos is it ?
<ikonia> I thought it was 7.0
<TJ-> rh10: I'd suggest creating a 17.10 container (using LXD) where you can easily install it
<rh10> ikonia, yep, there is 7.0 in the repo
<rh10> ikonia, there is no 7.1 in official repo
<rh10> TJ-, got it. can i work with it as a localhost? i mean - files will be in my local system
<rh10> ?
<TJ-> rh10: LXD is treated like an /almost/ virtual machine (but shares kernel with host), so you could install a web server and edit a site /inside/ the container and connect to it's HTTP server on port 80 - the container will have an IP address
<rh10> TJ-, got it, thanks!
<TJ-> rh10: so you can do "lxc launch ubuntu:17.10 mycontainername"
<TJ-> rh10: then "lxc start mycontainername" then to get a shell inside it "lxc exec mycontainername /bin/bash"
<TJ-> rh10: at whch point you use all the regular package management commands, e.g. "apt install php7.1 apache2 ..."
<rh10> TJ-, quite cool! thx!
<TJ-> rh10: and if you want to you can map a host file-system directory into the container to make editing the files on the host transparent to there being a container
<TJ-> rh10: this next step is not quite correct for sharing but gives you a clue what to research: 'lxc config device add mycontainername sharedtmp disk path=/path/to/share/in/guest source=/path/to/share/from/host'
<TJ-> rh10: there's some permissions issues to deal with for the above share command to work correctly (with unprivileged containers)
<rh10> TJ-, awesome!
<rh10> TJ-, another question here. which way better to deploy code from such kind of container to external webserver into the internet?
<rh10> how to handle it correctly?
<TJ-> rh10: well, if you're sharing a host directory which you're mapping into the container web-server's document root, then you'd just copy the host's directory heirachy to the other server
<TJ-> rh10: e.g. if you're mapping $HOME/public_html to container's /var/www/  then you'd just rsync/zip $HOME/public_html
<rh10> TJ-, got it. but can i use git in container? or how can i add git repo in that scheme?
<TJ-> rh10:  or if using git for version control, you can set up your external server as a git remote and use 'git push external'
<rh10> TJ-, thanks a lot for support!
<TJ-> rh10: in my example $HOME/public_html would be your git base dir
<phibs> got an issue where i'm creating an ubuntu 18 initrd with debirf and when it does unxz | cpio -i, cpio is NOT extracting /sbin/init even though it is in the archive.  Anyone seen anything like this ?
#ubuntu-server 2018-03-04
<jdr> Got around to finally playing with lxd
<jdr> I have a ubuntu server running inside of virtual box, and then 4 lxd containers inside of it.
<jdr> from a container I can ping all the other containers,the virtualbox host, anything on lan, and anything on internet
<jdr> I however cannot ping or access the containers outside of the virtualbox host
<kkremitzki> jdr: it sounds like you might want to do bridged networking
<jdr> On the virtualbox host? Thats what its on.
<kkremitzki> The virtualbox host may be set up to be bridged but LXD would need to as well
<jdr> LXD is using a bridge also
<jdr> And the containers are getting an ip address from my dhcp server/gateway
<kkremitzki> Hmm, might need to hope someone else can chime in then, I've only begun experimenting with LXD myself
<kkremitzki> It's especially weird then if DHCP is working
<jdr> It maybe a limitation of virtualbox? Mulitple MAC addresses spewing out of one hosts
<kkremitzki> That's possible, I usually use libvirt + qemu + virt-manager so I wouldn't be able to say
#ubuntu-server 2019-02-25
<rawco> hi all, i starte âdo-release-upgradeâ and i told me about the additional ssh at a different port. i continued. pressed enter and âResurrectedâ the window. now itâs asking me again if I want to continue
<rawco> https://pastebin.com/2heqMQkq
<rawco> should I continue or not?
<rawco> nvm, itâs working now
<rawco> needed to open port
<rawco> :D
<lordievader> Good morning
<Ouyes_>  Permission denied, I follow the instructions on internet and delete /dev/null and recreate it by command mknod /dev/null c 3 2 and chmod 666 /dev/null, then it is working, but the same error pop up when reboot the server, do you know why it is doing this?
<Ouyes_> sorry, I type something uncomplete
<Ouyes_> hey guys, I am keeping have this problem , when login into my server via ssh, the error is -bash: /dev/null: Permission denied, I follow the instructions on internet and delete /dev/null and recreate it by command mknod /dev/null c 3 2 and chmod 666 /dev/null, then it is working, but the same error pop up after rebooting the server, do you know why it is doing this?
<frickler> freyes: I added some information to this bug, would be great if you could take a look and let me know what further steps to take https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1783203
<ubottu> Launchpad bug 1783203 in rabbitmq-server (Ubuntu) "Upgrade to RabbitMQ 3.6.10 causes beam lockup in clustered deployment" [Undecided,Confirmed]
<frickler> jamespage: ^^ you seem to have had a look at this one, too
<lordievader> Ouyes_:  What are the permissions on `/dev/null` after you've rebooted?
<muhaha> From which package comes /etc/xdg/autostart ?
<tomreyn> muhaha: does "dpkg -S /etc/xdg/autostart" tell?
<muhaha> I have no Desktop Environment here.. Can not test :X I am using lightdm + xsession and seems that /etc/xdg/autostart is not handled by xsession. openbox package will create this path(probably other DE too)
<lordcirth_> muhaha, from what I can tell, there is no one package that creates it. There are many packages that create files inside it, and presumably create the directory if needed.
<muhaha> There is by default pulseaudio start in /etc/xdg/autostart
<muhaha> Exec=start-pulseaudio-x11
<muhaha> I want to add it somehow to xsession, but dont know if is there better solution
#ubuntu-server 2019-02-26
<cpaelzer> good morning ubuntu server
<technoob> Guys
<lordievader> Good morning
<technoob> If say i had numerous failed login attempt caused by none other than me does ubuntu ban my pcs ip?
<technoob> I tried to ssh using my mobile and it works
<technoob> But if i ssh using my pc it times out
<technoob> Help pls
<lordievader> Do you have fail2ban running or something?
<technoob> Dunno
<technoob> How do i check
<lotuspsychje> technoob: you are the owner of your system, you cant recall?
<technoob> Im new. I just install new server a few days ago
<technoob> I havent been installing much
<lordievader> If you didn't install it it ain't there.
<lordievader> Per default there is no mechanism which blocks a client after X login attempts.
<technoob> Ok ill shutdown and reconnect
<technoob> Hope for the best
<technoob> Ok it wotked
<CarlFK> anyone know why disco is smaller?
<CarlFK> http://cdimage.ubuntu.com/ubuntu/releases/18.04/release/ubuntu-18.04.2-server-amd64.iso 883M
<CarlFK> http://cdimage.ubuntu.com/ubuntu-server/daily/pending/disco-server-amd64.iso  752M
<rbasak> cpaelzer: no git ubuntu repo for python-libnacl? Do we need to add that?
<cpaelzer> rbasak: we can add that, we know that sooner or later it will be in main anyway
<cpaelzer> at least in X/T
<cpaelzer> rbasak: I have added it to the whitelist already, just not done the (re)imports of all those
<cpaelzer> rbasak: a8340557e shows the interesting list of packages - you wanted to run thos eon the bastion you said
<rbasak> cpaelzer: ah. Shall I manually run the imports?
<rbasak> OK
<cpaelzer> but all but +python-libnacl are already imported as they are in main in latter Ubuntu releases
<cpaelzer> so it comes down to just the import of that
<rbasak> Just running that one now then. Thanks!
<cpaelzer> or accepting thins in proposed which will trigger a publishing event which since it is in the whitelist get it imported :-)
<rbasak> :)
<rbasak> I haven't published a new snap with latest whitelist entries included though
<cpaelzer> I see
<rbasak> It can be specified manually on CLI invocation FWIW
<rbasak> I've just never done that for fear of it getting confusing and out of sync etc
<rbasak> We could figure out a better way but probably not worth it
<rbasak> Ah
<rbasak> Import fails - DPMT.
<cpaelzer> ah right there was a blocker with those
<rbasak> Worked around for now
<rbasak> cpaelzer: there's an outstanding pymacaroons SRU in xenial-proposed and I see the backport is against the version in xenial-updates. Is this relevant, or if not, do we need to explain?
<cpaelzer> rbasak: last two updates in https://bugs.launchpad.net/ubuntu/+source/httmock/+bug/1735160
<ubottu> Launchpad bug 1735160 in py-macaroon-bakery (Ubuntu Artful) "[SRU] Please backport python3-macaroonbakery 0.0.6-1 [universe] from bionic" [Undecided,In progress]
<cpaelzer> this will soon be cleared from proposed
<rbasak> cpaelzer: ah, sorry. I didn't read far enough down the bug. Thanks!
<rbasak> cpaelzer: any action needed on bug 1811554? It came up on my weekend triage. It's not in the backlog or anything, but I'm the third triager to touch it now.
<ubottu> bug 1811554 in bind9 (Ubuntu) "bind9 slow response after netplan apply" [Undecided,Incomplete] https://launchpad.net/bugs/1811554
<rbasak> cpaelzer: noticed you're subscribed to bug 1814124. Was my triaging accurate?
<ubottu> bug 1814124 in openssh (Ubuntu) "sshd does not start after update on non-Ubuntu kernels where fchownat() is broken" [Undecided,Invalid] https://launchpad.net/bugs/1814124
<pagios>  question, if i have an nfs mount on my server, and i am writing directly to this network location, am i using the disk io of my server? or directly writing to the network?
<rbasak> pagios: yes to both
<cpaelzer> rbasak: yes to ..124
<cpaelzer> rbasak: it is unfortunate that they are hit by it, but vor these BZ hosting we can't really do anything about the host kernel
<cpaelzer> and that seems to be the root cause there :-/
<cpaelzer> rbasak: for ...554 I didn't see anything we can action, that is why I added a netplan task to get it to the eyes of cyphermox
<cpaelzer> as I hope he knows all the steps that happen at "apply" to maybe identify what is going on
<rbasak> So cpaelzer so backlog for 554?
<rbasak> cpaelzer: I'm not sure how to re-triage bug 1817027 - he's come back with more information, but not steps to reproduce.
<ubottu> bug 1817027 in samba (Ubuntu) "samba crashes when uploading files" [Undecided,New] https://launchpad.net/bugs/1817027
<rbasak> So IMHO it's still a support request but I don't know how to tell him that and stop answering politely.
<rbasak> cpaelzer: and thank you for reviewing 124. I'll consider that one done then.
<frickler> jamespage: freyes: pinging once more regarding this bug in case you missed it yesterday https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1783203
<ubottu> Launchpad bug 1783203 in rabbitmq-server (Ubuntu) "Upgrade to RabbitMQ 3.6.10 causes beam lockup in clustered deployment" [Undecided,Confirmed]
<frickler> coreycb: any specific reason why you did 17.0.7-2 for nova in queens instead of bumping to latest upstream at 17.0.9? I'm still waiting for the fix for https://launchpad.net/bugs/1801702 to get in
<ubottu> Launchpad bug 1801702 in OpenStack Compute (nova) ocata "Spawn may fail when cache=none on block device with logical block size > 512" [Medium,In progress]
<coreycb> frickler: 17.0.9 must not have been available the last time we did point releases
<coreycb> frickler: we're due so i'll get point releases out soon
<frickler> coreycb: o.k., great, thx
<ahasenack> rbasak: hi, should I remove the "removal-candidate" tag when I complete the sru verification? https://bugs.launchpad.net/ubuntu/+source/backuppc/+bug/1576187/comments/24
<ubottu> Launchpad bug 1576187 in backuppc (Ubuntu Xenial) "backuppc/smb: BackupPC failes to backup SMB shares after smbclient update" [Undecided,Fix committed]
<Odd_Bloke> rbasak: What does DPMT mean in the context of that git-ubuntu failure?
<rbasak> Odd_Bloke: I mean it's an instance of bug 1764814
<ubottu> bug 1764814 in usd-importer "awscli import fails: package_creator.display_name results in HTTP error 410: Gone" [Undecided,New] https://launchpad.net/bugs/1764814
<rbasak> The catch is that I want to properly specify what string *should* be used, given that we can't rely on the real name
<rbasak> And a workaround for now will cause a second "hash-abi-break" (though we are still experimental)
<rbasak> ahasenack: removal-candidate> sure. I don't see why anyone would object to that. AIUI the bug would still be checked manually before actual removal but removing the tag would make it clearer.
<kstenerud> Are special build commands necessary to build php 7.2.11 in cosmic? I've tried dpkg-buildpackage, but it fails partway through due to a permission error
<Odd_Bloke> rbasak: Thanks for the info. :)
<kstenerud> I basically did git ubuntu clone php7.2, copied it to a builder, and dpkg-buildpackage
<cpaelzer> kstenerud: importer/import/7.2.15-0ubuntu0.18.10.1 built for me - let me try the 7.2.11 as well
<cpaelzer> kstenerud: works just fine on 7.2.11-3build2 as well
<cpaelzer> as it comes out of git ubutnu clone
<cpaelzer> I run git ubuntu export-orig to get the tarball
<cpaelzer> and then dpkg-buildpkg works
<kstenerud> hmm can't figure out what I'm doing wrong...
<cpaelzer> kstenerud: are you breaking on dpkg-buildpackage or later on once you build the .dsc/.changes that got generated?
<kstenerud> Literally all I do is git ubuntu clone, put orig in the parent dir, run dpkg-buildpackage
<cpaelzer> kstenerud: if you want join the standup call
<cpaelzer> kstenerud: you can share your console and we can check step by step if you want
<kstenerud> sure sec
<kstenerud> cpaelzer: After sbuild fails, can I restart the build using dpkg-buildpackage, or is it a different command?
<nacc_> kstenerud: what's the exact error?
<johnfg> hi guys
<johnfg> yesterday, I was going to install ubuntu-server-18.04.  I wanted to use an existing vg and lv's.
<johnfg> However, the installer didn't recognize or show them.
<johnfg> from ubuntuforums, they suggest to boot from the livecd to try without installing; install lvm2, then start the installation.
<johnfg> Is there any other way to get the installer to recognize existing vgs and lvs?
<lordcirth_> johnfg, I thought lvm2 was already on the installer? But if it isn't, yeah, you'd need to install it.
<lordcirth_> But probably you just need to scan as mentioned in #ubuntu
<johnfg> All I know, is that unlike other distros, which see the volume groups and logical volumes, going right to install from the livecd, they aren't present.
<tomreyn> johnfg: you need to use the alternative installer
<tomreyn> the default installer doesn't allow you to work with existing structures.
<johnfg> tomreyn: I'll have to boot it to choose it.  Can't try while in here.  This is my dual-booting machine (actually 3, fwiw).
<tomreyn> johnfg: you can also do a chroot / debootstrap installation from the live / desktop installer
<tomreyn> ubuntu-server-18.04 actually sounds like you were using the ("debian-installer" based) alternative/classic installer. the current default one contains "live" in the ISO file name.
<tomreyn> oh gone
<johnfg> Back after a try...lvm2 is installed on the installer; lvscan --all recognized the volumes.
<compdoc> \o/
<johnfg> However, I couldn't install, as this is *not* the live iso, but just the server, so there wasn't any alternative installer.  and the volumes weren't shown and available.
<johnfg> I just downloaded, and will burn the live server iso.  Think that's the problem?
<tomreyn> johnfg: can you tell s which iso you're working with?
<tomreyn> like, so far? getting the live server iso won't improve detection of existing storage structures.
<johnfg> Ubuntu-Server 18.04.2 LTS amd64 is what I have now.
<tomreyn> that's not an iso name.
<tomreyn> i mean a file name
<johnfg> ubuntu-18.04.2-live-server-amd64.iso is what I was going to burn.
<johnfg> tomreyn: Ok, I'll get you the other.
<tomreyn> so live-server is not what you want for this use case
<tomreyn> alternative server may work, not sure whether it detects existing lvms fine, you may need to help it a little there.
<tomreyn> or you go with the live/desktop installer and a manual installation via debootstrap.
<johnfg> tomreyn: what alternative server are you talking about?
<tomreyn> the installer that is also known as debian-installer, and that used to be the default server installer until and including ubuntu 16.04 LTS
<johnfg> Do you think that this will work: ubuntu-18.04.2-server-amd64.iso?  That's from the alternatives (which I didn't notice before), if needing, e.g., lvm, on the server web page.
<johnfg> tomreyn: What do you think of that last image I wrote?
<Odd_Bloke> johnfg: That's the one Tom was directing you towards, so I think it's worth a try.
<johnfg> Odd_Bloke: I agree.  Will burn and proceed and report back.  Thanks all!
<tomreyn> right. you may need to lvmscan from tty2 to convince the installer' partitioner to use the existing ones. not sure. try normally first.
<johnfg> yeah, if it sees them then no problem.
<cpaelzer> kstenerud: you just issue the sbuild again
<cpaelzer> kstenerud: no need to re-build the .dsc/.changes
<runelind_q> is Landscape On Prem 19.01 not available via dist-upgrade yet?
#ubuntu-server 2019-02-27
<runelind_q> I have the 19.01 ppa imported.
<tomreyn> runelind_q: https://docs.ubuntu.com/landscape/en/ReleaseNotes19.01#upgrade-notes
<cpaelzer> good morning
<wyseguy> hey
<lordievader> Good morning
<zetheroo> trying to install Ubuntu 18.04 server on md0 ... what am I doing wrong? http://tinypic.com/r/5b5w2c/9
<Falc> Hello, I'm trying to do an expert install (priority=low), using the ubuntu-18.04.02-server.iso, using UEFI.
<Falc> at boot I have a black screen to select what install I want and I do know I need to hit 'e' to edit the boot command, but it's not clear where in that command I need to put the 'priority=low'...
<ahasenack> good morning
<ahasenack> zetheroo: hi, I'm not sure, can you switch to a console and grab the installer logs and open a bug about it?
<ahasenack> for some reason it was trying to do stuff to sdb2, but you said md0
<zetheroo> ahasenack: trying now not as UEFI
<zetheroo> I'm just wondering my this is not a lot more automated ... as in ... 1. select two disks for Raid 1 ... 2. Create md0 ... 3. Install Ubuntu server to md0 and all needed partitions are automatically created ...
<ahasenack> well, it is
<ahasenack> did you try to put /boot in md0?
<ahasenack> there is bug #1785332, but that's not a crash, so yours might be still different
<ubottu> bug 1785332 in subiquity "18.04.1 can't put /boot on SW RAID or LVM" [High,Triaged] https://launchpad.net/bugs/1785332
<zetheroo> I am going to try to follow this doc https://help.ubuntu.com/lts/serverguide/advanced-installation.html.en
<zetheroo> this ^ documentation seems outdated
<zetheroo> from step 2 "Select the first hard drive, and agree toÂ "Create a new empty partition table on this device?"."
<zetheroo> that doesn't happen
<ahasenack> I suspect that is for the other installer
<zetheroo> seems to have been written with the older installer in mind
<ahasenack> the old d-i one
<ahasenack> yes
<zetheroo> it's pretty normal to want a raid install ... pity it's such a hassle with Ubuntu :/
<ahasenack> zetheroo: you shouldn't be seeing a crash, which iso have you used?
<zetheroo> the latest
<zetheroo> http://releases.ubuntu.com/18.04/ubuntu-18.04.2-live-server-amd64.iso
<ahasenack> http://releases.ubuntu.com/18.04.2/ubuntu-18.04.2-live-server-amd64.iso?_ga=2.113316356.269976443.1551182643-138997716.1541676447 is the latest
<ahasenack> without ga :)
<ahasenack> right, so two disks, uefi?
<zetheroo> 2 disks  - uefi  - but now trying legacy
<zetheroo> boot and swap are normally outside the raid ... no?
<ahasenack> I'm just trying that with a vm now, uefi mode
<zetheroo> ok
<zetheroo> I can't make heads or tails from the Manual partitioner ... :/
<ahasenack> the classic one, or from this live-server iso we just linked to?
<zetheroo> http://releases.ubuntu.com/18.04/ubuntu-18.04.2-live-server-amd64.iso
<zetheroo> live-server
<ahasenack> I also just got a crash, but different than yours
<ahasenack> I think I used incorrect partition sizes, even though I typed in the exact number that was given as a max
<ahasenack> bottom line, you need to create partitions on the disk, unformatted, with which you will create the md0 array later
<zetheroo> yeah, but what about the boot partition and swap?
<ahasenack> so I was trying first /boot, outside the array, then used the rest for an unformatted one
<zetheroo> do they get created outside the md?
<ahasenack> I wasn't creating swap
<ahasenack> you could create it outside the array, or use two extra unformatted partitions for a raid0 md1 perhaps
<ahasenack> and there create swap later (md1)
<ahasenack> the installer will automatically create /boot/efi after you created /boot
<zetheroo> ah
<ahasenack> but, and I think this is an open bug, this won't help you booting your system if the disk with /boot fails, afaik you can't raid /boot with uefi
<zetheroo> right
<zetheroo> and you cannot select "Make bootable" on the md0
<ahasenack> zetheroo: http://i63.tinypic.com/qnjin4.png is my layout
<zetheroo> 1. create unformatted partition on both disks spanning the entire disk space. 2. Create raid1 with both disks and unformated partitions. 3. ??
<zetheroo> Do I make a 512MB ext4 /boot partition on the md0? I don't think that will work with uefi ... or?
<ahasenack> no, create /boot outside the raid
<ahasenack> so create one partition for /boot on one disk
<ahasenack> on the other, I would create a partition of the same size, but leave it unformatted, just to keep the disks equal
<ahasenack> then create, again on both disks, an unformatted partition that will be md0
<ahasenack> and, if you want, another one for md1 or swap
<ahasenack> then create the md0 raid, using the big unformatted partition from both disks
<ahasenack> and in md0, create /
<zetheroo> ok, pretty sure that's what I have been doing all along
<zetheroo> will try again
<ahasenack> be conservative in the sizes
<ahasenack> if the installer says something like "max size is 18.9823G"
<ahasenack> don't use that exact value, I think there are rounding errors
<ahasenack> use 17G, for this example
<zetheroo> Make bootable device creates /boot/efi
<zetheroo> and then installer doesn't like this ... it wants /boot
<zetheroo> but won't uefi want /boot/efi?
<ahasenack> I wouldn't worry about that, I think the installer handles those kinds of details
<ahasenack> and I don't think a bootable partition matters with uefi
<ahasenack> but I could be wrong
<ahasenack> I just don't remember worrying about marking a partition as bootable
<zetheroo> then why is there an option to make a disk bootable?
<ahasenack> don't know
<zetheroo> it creates /boot/efi as fat32
<ahasenack> maybe a leftover from mbr
<ahasenack> yeah, the efi part is [v]fat[32]
<zetheroo> so /boot as ext4  ... how is that supposed to work?
<zetheroo> did this work for you?
<ahasenack> I usually use ext2 for /boot, but ext4 works too. I don't think there is even an ext2 option in there
<zetheroo> nah, same error every time
<zetheroo> failed to remove holders from ..
<ahasenack> then please file a bug here https://bugs.launchpad.net/subiquity/+filebug
<ahasenack> attaching the files from /var/log/installer/
<zetheroo> going to try out with Legacy
<ahasenack> zetheroo: this layout worked for me now, I was a bit more conservative with the sizes: http://i67.tinypic.com/1zcj1ip.png
<zetheroo> legacy also failed
<zetheroo> ahasenack: so you think it's an issue with overbooking the disk space?
<zetheroo> tjay
<zetheroo> that would be really wierd
<ahasenack> the fact that legacy also failed might indicate something else is going on
<ahasenack> we can only help more if you file a bug with the logs, and exactly how you are partitioning the disk
<ahasenack> disks*
<zetheroo> http://tinypic.com/r/iw29s7/9
<ahasenack> that does look like the size you picked was too much
<ahasenack> that ending number, after the 2048 one
<zetheroo> I didn't pick a size ... I let the partitioner take as much as was available
<ahasenack> you didn't type in a value?
<zetheroo> in the Size field?
<ahasenack> yes, when creating the partition
<ahasenack> where it says what's the max available size you can use
<zetheroo> no ... I leave it black and it automatically takes the max there is unused
<ahasenack> you have to input a value, or does it accept an empty value?
<zetheroo> blank*
<ahasenack> I see
<ahasenack> can you try inputting a value, just 1Gb below the max advertised size, to test?
<zetheroo> ok
<zetheroo> at which point though ... before making the md0 or after when making the ext4 ?
<zetheroo> ext4 at / that is
<ahasenack> zetheroo: I get the same when I don't pick sizes
<ahasenack> zetheroo: in all points, although I think the first one (creating the partition that will hold the md0) is more important
<zetheroo> here is the partitioning layout and the error https://ibb.co/5WP9fkx
<zetheroo> https://ibb.co/hFdGgvP
<zetheroo> and this was with being conservative with the partitioning of the unformatted partitions for the raid
<ahasenack> zetheroo: I filed https://bugs.launchpad.net/subiquity/+bug/1817904
<ubottu> Launchpad bug 1817904 in subiquity "crash when not selecting partition sizes" [Undecided,New]
<zetheroo> Ok
<zetheroo> So for now I guess installing Ubuntu server on md raid is a no-go ...
<ahasenack> do you have a launchpad account, and could you attach your screenshots to that bug?
<zetheroo> doing it now
<ahasenack> thx
<zetheroo> done
<ruben23> https://pastebin.com/y2saS4uw  <------ hi guys i have a weird problem, i install ubuntu server with USB it went through and finished the install but when i boot with HDD drive the ubuntu server wont load but if i plug the USB it will load and i get this  on the storage is my USB used as the system for ubuntu or the HDD Drive - any help guys Thanks
<ahasenack> ruben23: when you say it won't boot with the hdd drive, what exactly happens? If you plug the usb back in, and it boots from there, don't you just get the installer again?
<ruben23> ahasenack: after the install so i removed the USB drive, then boot with C: drive, nothing happens just booting process but when i plug sa usb installer it boots on the newly installed ubuntu server i can login with credentials already
<ahasenack> what do you mean "nothing happens just booting process"
<ruben23> its pretty weird i tested it reboot with USb works perfectly then without wont load at all, any help please, based on the df -h storage display does the usb drive plays role on the bootable part or does the system detects it.? ahasenack:
<ahasenack> is your bios configured to even try to boot from the disk?
<ruben23> yes its already booting from Drive C: as first boot
<ahasenack> well, unless you have a 1.8Tb usb disk, that df output shows your hard drive
<ahasenack> what is the 1.8Tb disk?
<ruben23> yes thats my drive
<ruben23> my usb is 16GB only
<ruben23> https://pastebin.com/y2saS4uw
<ahasenack> one of the options when booting the installer is to boot from the "first hard disk", you might be using that to boot into your installed system
<ahasenack> or, it might be detecting that's the case, and auto-selecting that option for you
<ahasenack> that being said, it should definitely boot from your hard disk on its own
<ahasenack> if it's not doing that, sounds like the grub installation step failed
<zetheroo> ahasenack: is there a non-live installer for Ubuntu server 18.04?
<ahasenack> zetheroo: yes
<ahasenack> didn't you try it already? When you said you tried the legacy installer?
<ruben23> ahasenack: but during the install of grub no error appears at all it completes the install process, so i cant boot my server without USB being plug now :'(
<ahasenack> https://www.ubuntu.com/#download "use the traditional installer"
<ahasenack> which eventually links to http://cdimage.ubuntu.com/releases/18.04.2/release/ubuntu-18.04.2-server-amd64.iso
<ahasenack> zetheroo: ^
<zetheroo> ok
<ahasenack> ruben23: i would do whatever it takes to boot, then run grub-install giving it the correct device
<ahasenack> ruben23: I refrain from giving you an exact command line because dealing with disks, grub, and partitioning, can lead to loss of data if done incorrectly
<ahasenack> but that's the gist of it
<ruben23> ahasenack: the server is brandnew no data at all yet please help me
<zetheroo> ahasenack: every way I try I get the live download
<zetheroo> or should I be using the Alternative Ubuntu Server installer ?
<ahasenack> zetheroo: I gave you an exact link
<ahasenack> ruben23: try "grub-install /dev/sda" after you booted into your installation via the usb disk then
<ruben23> Installation finished. No error reported.
<ruben23> should i reboot now with no usb.?
<zetheroo> ahasenack: oh doh .. sorry
<ahasenack> ruben23: yeah
<ruben23> should i pull usb now before reboot.?
<ahasenack> no
<ahasenack> pull it at the bios screen
<ruben23> oh ok
<ruben23> doing now
<ruben23> woooooh it works...simply wow
<ahasenack> maybe grub was installed in /dev/sda1 before, instead of /dev/sda
<ruben23> ahasenack: Thank you so much for this help, anything i should need to do and adjust to the server.?
<ahasenack> regarding boot, if it worked, I guess not
<ruben23> ahasenack: Thanks you so much i thought i was doomed :) really thank you
<ahasenack> good luck :)
<rbasak> ahasenack: in https://code.launchpad.net/~ahasenack/ubuntu/+source/squid/+git/squid/+merge/363726, does debhelper definitely install debian/squid.tmpfile correctly?
<ahasenack> rbasak: yes, it ends up in /usr/lib/tmpfile.d
<ahasenack> I didn't know about that feature
<ahasenack> and there are many files in there already
<ahasenack> look in dh_systemd_enable(1) for example
<ahasenack>        debian/package.tmpfile
<ahasenack>            If this exists, it is installed into usr/lib/tmpfiles.d/package.conf in the package build directory. (The tmpfiles.d mechanism is currently only used by systemd.)
<ahasenack> also handled by dh_installinit
<rbasak> +1, thanks
<ahasenack> thanks
<ahasenack> rbasak: cpaelzer: any suggestion on how to make this line in <pkg>.install  multi-arch friendly?
<ahasenack> usr/lib/*/libpytalloc-util.cpython-37m-x86-64-linux-gnu.so.*
<ahasenack> I tried dh-exec, and ${DEB_HOST_MULTIARCH}
<ahasenack> but that variable expands to (on amd64) x86-64, and not x86_64
<ahasenack> (or the other way around, anyway, the difference is "-" vs "_")
<ahasenack> I could always use * instead of the arch bit, but I fear that might match too many things. Not at the moment, though, but in the future
<ahasenack> or maybe use some ${} expansion tricks
<rbasak> ahasenack: I don't know, but I'm  curious to know the answer. I've hit that before :-/
<ahasenack> rbasak: I checked ${} expansion rules in dash, nothing like sed to replace _ with -
<ahasenack> rbasak: I'm going with a simple globbing for now :(
<ahasenack> https://wiki.debian.org/Multiarch/Implementation also didn't have hints
<ahasenack> rbasak: I'll email ubuntu-devel@
<rbasak> ahasenack: does http://paste.ubuntu.com/p/64Rj2Td3nN/ seem reasonable to you as a pin file for the certbot SRU?
<rbasak> It seems to work.
<ahasenack> rbasak: hm, my pinning know-how is not in my warm cache
<ahasenack> rbasak: checking https://wiki.ubuntu.com/Testing/EnableProposed
<ahasenack> rbasak: what's the regular xenial-proposed prio number?
<ahasenack> don't you need something to "downgrade" the other proposed packages?
<teward> i thought downgrades weren't automatic :P
<ahasenack> I meant a downgrade in the pin-priority, aka, smaller number
<teward> ah
<blackflow> rbasak: why is certbot in Ubuntu "useless" because of TLS-SNI-01? Reading your mailing list announcement. Does it not already support http-01 and/or dns-01 ?
<sdeziel> blackflow: I don't know for sure but I believe that TLS-SNI-01 was the default validation method back then
<rbasak> blackflow: in _16.04_, no other mechanisms were supported at release time.
<rbasak> So it'll become useless when TLS-SNI-01 is completely retired.
<blackflow> rbasak: I see. I thought http-01 was the default and present in all acme clients, certbot included. I don't use it, that's why I don't know, I prefer the simplicity of dehydrated. but quite surprising if certbot didn't support http-01.
#ubuntu-server 2019-02-28
<Uleepera> I did some googling and it seems NTFS should be supported on server 16+.  I recently did an install of 18.04 lts server and added an NTFS formatted drive to the system.  I'm attempting to setup a samba network share on the drive but when I attempt to mod the permissions I received a message saying "chmod: changing permissions of '/media/username/drivename': Read-only file system" Did I miss somethign where I needed to install 
<lordievader> Good morning
<cpaelzer> ahasenack: this is what I'd use http://paste.ubuntu.com/p/dDsSBnRDrz/
<cpaelzer> I wonder why this expands to the wrong string fr you
<cpaelzer> I checked the packages I have found with it and their paths seem fine
<ruben23> hi there guys anyone can help regarding generating key for login on ssh i always get ---> Server refused our key, even i copy corectly the publick key anyone have idea
<ruben23> im using puttygen
<blackflow> ruben23: one non-obvious problem is the need to unlock your account with `passwd -u <account>`
<ruben23>  blackflow: i cna login with user/pass just trying to set with key thats the one refusingthe login process
<blackflow> ruben23: you'll have to consult the ssh server logs to see why exactly it was refused
<ruben23>  blackflow:  it works now it was just the ownership problem is the issue
<blackflow> cool
<ruben23> guys another thing i have a user dixsyadmin on my ubuntu is it possible i dont need to password when i try to switch to root is it possible, i added this user on visudo same level with root, any idea.?
<ruben23> coz everyday time i login with i switch to root it as me for password for the user again like ---> sudo -i
<blackflow> ruben23: your question is not clear, can you rephrase?
<paride> rbasak, testing certbot. Everything looks good but it seems that python-certbot-nginx is not getting updated (and won't be functional).
<paride> Is this somehow intentional?
<paride> rbasak, the nginx plugin was not available in xenial. Wouldn't it be better to leave it out from the SRU?
<RoyK> paride: you might want to try certbot from git and not the one in the distro - certbot is still under heavy development and nginx wasn't the top priority
<ahasenack> cpaelzer: the path component is fine, it's the bit in the filename that doesn't match
<paride> RoyK, I'm specifically testing the certbot Xenial SRU, see https://bugs.launchpad.net/ubuntu/xenial/+source/python-letsencrypt/+bug/1640978/comments/124 , but thanks :)
<ubottu> Launchpad bug 1640978 in python-certbot-nginx (Ubuntu Xenial) "[SRU] Backport letsencrypt from bionic" [High,In progress]
<RoyK> paride: I see
<RoyK> paride: anyway - check the changelog in git - perhaps they have fixed some nginx things there - something that can be backported
<cpaelzer> ahasenack: I'd ...*... on that latter file component then
<ahasenack> it's what I ended up doing
<cpaelzer> good
<rbasak> paride: it's intentional - we'll be dropping it from xenial-proposed, and it's n ot a regression
<rbasak> paride: thank you for testing!
<paride> rbasak, the other tests I've done all went smoothly, I'll follow up to the LP bug with a brief report
<FedoraUser> hi friends
<FedoraUser> I can't seem to find a way to delete partition from ubuntu server installer (not live)
<FedoraUser> is it possible to do so?
<ahasenack> rbasak: mysql: do you know what is going on at this stage:
<ahasenack> "This installation of MySQL is already upgraded to 5.7.25, use --force if you still need to run mysql_upgrade
<ahasenack> At this point the process hangs in the terminal until I stop it manually"
<ahasenack> it says that "This installation ..." in the terminal, and the user says it then blocks
<rbasak> ahasenack: I'm not sure. I'd have to examine the postinst.
<rbasak> IIRC though the postinst always tries to upgrade, so that message is possibly normal even when not upgrading.
<rbasak> I suspect the hang might be after.
<ahasenack> sometimes I think this package is trying to be too smart
<ahasenack> ok, done with triage
<rbasak> It has to do a schema upgrade for the release upgrade case
<rbasak> Otherwise it would be wrong to restart the daemon
<rbasak> And wrong not to restart it :-/
<ahasenack> this was a "normal" unattended upgrade run, bionic
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1817374 if curious, I set it to incomplete
<ubottu> Launchpad bug 1817374 in mysql-5.7 (Ubuntu) "mysql-server-5.7 5.7.25 upgrade did not complete properly" [Undecided,Incomplete]
<ahasenack> I suggested he might have another mysqld running, a stale/rogue one
<rbasak> I agree that seems likely
<ahasenack> rbasak: do you think you can review some of christian's branches?
<lordcirth> FedoraUser, Using the debian installer? You should be able to delete partitions by selecting them and choosing Delete
<FedoraUser> lordcirth, no, doesn't work
<RoyK> FedoraUser: you can remove any partition with fdisk or similar tools, but to umount the filesystem on the partition, it can't have open files - check lsof
<FedoraUser> RoyK, how would I access fdisk during installation?
<sarnold> there's often another console on alt f2, f3, etc
<sarnold> and it might be named cfdisk or something else
<RoyK> FedoraUser: the normal installer should do the job - otherwise ctrl+alt+f2 or similar to get to the prompt
<RoyK> sarnold: you might need ctrl+alt+fX if the installer is running in X
<FedoraUser> ok, thanks people
<FedoraUser> I appreciate your help
<RoyK> FedoraUser: good luck :)
<sarnold> RoyK: heh, good point, I forgot that was a possibility. can I go back to bed? :)
<RoyK> soren_: obviously :)
<RoyK> sarnold: ^^
<sarnold> :D
<rbasak> ahasenack: starting to look at them now
<ahasenack> \o/
<Ussat> Ubuntu on Power.......hmmm
<mdeslaur> what's the plan with php7.2 vs 7.3, are we still aiming for 7.3 in disco?
<nacc> kstenerud: rbasak --^ ?
<sarnold> hehe, hey nacc :)
<nacc> sarnold: hiya :)
<nacc> mdeslaur: i think it was still php7.2
<nacc> LP: #1813317
<ubottu> Launchpad bug 1813317 in php7.3 (Ubuntu) "Please remove src:php7.3 from disco" [Undecided,New] https://launchpad.net/bugs/1813317
<mdeslaur> nacc: oh, hrm, so I guess we need to upload a newer php7.2 then
<nacc> mdeslaur: yeah, to match the security fixes?
<mdeslaur> we updated the stable releases to 7.2.15
<nacc> (a la LP: #1815464, which i just updated the state of)
<ubottu> Launchpad bug 1815464 in php7.2 (Ubuntu) "Update Package to 7.2.14 or 15" [Undecided,New] https://launchpad.net/bugs/1815464
<mdeslaur> nacc: cool
<mdeslaur> nacc: thanks!
<nacc> mdeslaur: yep, sorry it's been a bit of a mess! I think we can figure something out for 7.3 next cycle, since the pcre issue got resolved
<nacc> we being rbasak and kstenerud really :)
<mdeslaur> that's fine, I was just wondering about updating 7.2
<nacc> ack
<rbasak> kstenerud is working on the update to 7.2 in Disco
<rbasak> I'll assign him the bug.
<nacc> rbasak: thanks
<ahasenack> hm, so I have these versions:
<ahasenack> cosmic: 1.8.18-6
<ahasenack> disco: 1.8.18-6build1
<ahasenack> I need to update them
<ahasenack> I think this works:
<ahasenack> cosmic: 1.8.18-6ubuntu0.1
<ahasenack> disco: 1.8.16-6ubuntu1
<ahasenack> er
<ahasenack> disco: 1.8.18-6ubuntu1
<ahasenack> looks good?
<ahasenack> following https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
<ahasenack> and cosmic to distro upgrade works
<ahasenack> < cosmic has another version, so no issue there
<rbasak> ahasenack: I reviewed cpaelzer's numactl MPs but am EOD so leaving the postgres MRE one for tomorrow.
<ahasenack> cool
<rbasak> ahasenack: [versions] +1
<ahasenack> thx
#ubuntu-server 2019-03-01
<lordievader> Good morning
<coreycb> jamespage: 5 smoke failures on bionic-stein-updates. trying proposed now.
<omlet> Hi
<omlet> I installed a 18.04 server with automatic lvm partition layout
<omlet> with 240Go disk, the ubuntu-lv is only 4go
<omlet> and now full...
<omlet> I tried to extend and it's ok
<lordievader> 4Gb is quite small for a root-fs....
<omlet> yes :/
<omlet> when I boot now it showing no space...
<lordievader> Did you forget to extend the fs?
<omlet> I tried resize2fs but it can't find valid filesystem block
<omlet> I tried: resize2fs /dev/ubuntu-vg/ubuntu-lv
<lordievader> Could you pastebin the output of `sudo pvs`, `sudo vgs` and `sudo lvs`?
<omlet> "Filesystem has unsupported read-only features"
<omlet> I'm in live cd right now :p
<omlet> Trying to paste that
<omlet> https://pastebin.com/GDa69fXa
<omlet> looks good to me :/
<lordievader> You forgot the `sudo lvs` ð
<omlet> lordievader: sorry https://pastebin.com/4r3mR9c1
<lordievader> Yes, that looks good. `sudo resize2fs /dev/ubuntu-vg/ubuntu-lv` gave an error?
<omlet> I'm on 16.04 live
<lordievader> Also, why are you using LVM if you only have a single paritition claming all the space?
<omlet> it says e2fsck get a newer version
<omlet> that was auto during installing
<omlet> my bad :/
<omlet> will try from 18.04 livecd
<omlet> resize2fs ok via 18.04 livecd....
<omlet> thanks lordievader
<jamespage> coreycb: +1 great!
<coreycb> jamespage: well, up to 13 on proposed but getting there and it might just be limited to nova api
<jamespage> coreycb: ok
<jamespage> I'll take a peek as well
<kstenerud> Does anyone know what this lintian error means, or how to fix it?
<kstenerud> E: libphp7.2-embed: package-must-activate-ldconfig-trigger usr/lib/libphp7.2.so
<kstenerud> cpaelzer rbasak Do you guys know?
<rbasak> kstenerud: I do, but the full detail is a bit complex to explain. Have you done any Googling on this?
<rbasak> kstenerud: start by trying to understand what ldconfig does
<kstenerud> yes. All I get for any lintian errors is a list of lintian reports
<rbasak> kstenerud: and then what dpkg triggers do.
<kstenerud> but nothing about an explanation of what the error codes mean
<kstenerud> The actual meaning of the lintian errors seems to have been lost in time, not documented anywhere
<rbasak> First hit: https://lintian.debian.org/tags/package-must-activate-ldconfig-trigger.html
<rbasak> Does the extended description at the top there not explain it?
<kstenerud> oh hang on yeah just saw that. I didn't notice the yellow bit at the top, only the list of failing packages
<kstenerud> rbasak: But one other question: The error only shows up in an sbuild, not when I run lintian manually. What does sbuild do differently to get the different error list?
<rbasak> kstenerud: sbuild runs the version of lintian that's in the target release. That might be different perhaps?
<rbasak> Besides that, lintian has a bunch of severity and reportingg options that might be affecting the output. Also, finally, lintian runs some checks on the sources and others on the built binaries. When you run locally are you doing both?
<kstenerud> I'm just running it on the dsc file
<kstenerud> so I'd need to run it against the deb file then?
<rbasak> All the generated deb files, yes.
<kstenerud> ok thanks
<jamespage> coreycb: hmm ImagePropertiesFilter is removing all hosts
<coreycb> jamespage: ah yeah that's interesting
<rbasak> Happy mailman day everyone!
<nacc> kstenerud: is that a lintian error not present in debian?
<kstenerud> nacc: I'm not sure. I'm trying to port over php 7.2.15 from upstream
<kstenerud> I'm trying adding libphp-embed.triggers to see if that helps
<nacc> kstenerud: well, i mean, it's already in bionic and cosmic
<kstenerud> yeah, but they were upgraded from 7.2.10, whereas devel is at 7.2.11
<nacc> kstenerud: is that error present in the pkg currently in dd ?
<kstenerud> how would I check?
<nacc> kstenerud: you can run lintian on those src and debs, no?
<nacc> on 7.2.11-3build2, that is
<kstenerud> oh
<kstenerud> tested 7.2.15 on bionic, passes with no warnings/errors
<kstenerud> let's see about disco
<kstenerud> 7.2.11 also passes
<nacc> interesting, so it could be a lintian change in coordination with a srcpkg change?
<kstenerud> I don't really know how this all works tbh
<nacc> you only get the error from the binary debs? or from the srcpkg?
<kstenerud> I get it when I try to sbuild
<kstenerud> not from the source
<nacc> oh
<kstenerud> I've been chasing down how to do triggers because that's what the docs say to add
<nacc> well, i mean sbuild is building the src :)
<kstenerud> but adding debian/triggers didn't help, so now I'm trying debian/libphp-embed.triggers
<nacc> https://lintian.debian.org/full/team+pkg-php@tracker.debian.org.html#php7.3_7.3.1-1
<nacc> so it's a bug in the debian package too
<kstenerud> hmm weird I wonder why I'm not triggering it when I run it on the deb myself?
<nacc> kstenerud: so sanity check, build the exact same sourc pacakge in a bionic sbuild
<nacc> kstenerud: if it doesn't error, it's a behavior change in lintian, which seems themost likely
<kstenerud> ok
<kstenerud> but regardless, isn't the error going to cause it to be rejected in lp?
<nacc> kstenerud: the build fails?
<kstenerud> the build ends with status successful, and lintian fail
<nacc> kstenerud: well, 7.3.2-3 built on disco
<nacc> https://launchpad.net/ubuntu/+source/php7.3/7.3.2-3
<nacc> kstenerud: does the srcpkg invoke dh_makeshlibs?
<kstenerud> actually since it's the same behavior in debian, we don't want to harden it more than them
<nacc> kstenerud: yeah
<nacc> kstenerud: my point above was that you're just doing an upstream update, which doens't change any packaging, which means it's not a regression, afaict from what is already in DD
<Elagost> anyone have any experience running a local apt mirror?
<lordcirth> Elagost, what's your actual question?
<Elagost> I'm trying to run do-release-upgrade on a server behind a local apt mirror. There are some files 404's on beause they're not in my pool, but I thought I had everything appropriately mirrored.
<Elagost> Is there a way to ensure I have a complete set of packages a server's going to need for an upgrade in mirror/ubuntu/pool/ ?
<Elagost> Is there, somewhere, an example /etc/apt/mirror.list that I can look at?
<Elagost> Trying to migrate our 14.04 servers to at least 16.04.
<Elagost> This guide was pretty helpful with getting the meta-release files, etc. http://blog.ef.net/2012/10/26/unbutu-release-upgrade-with-local-apt-mirror.html
<Elagost> but when i actually do-release-upgrade on the client machine, it 404's on DLing a bunch of packages that were not in its list of packages it was going to upgrade in the first place.
<JanC> dependencies?
<Elagost> Likely. it's upgrading most of the packages on the system anyway.
<Elagost> but they ideally should be mirrored already; I'm pretty sure there's something in the mirror that I just don't have.
<sarnold> how did you populate your mirror?
<Elagost> using apt-mirror.
<sarnold> are you sure the 404s are packages and not something hosted outside the archive? (I have to admit I'm shockingly unaware of how do-release-upgrade works..)
<JanC> it's the commandline version of update-manager, so it should disable all non-standard repositories
<Elagost> they're 404ing on something with the repo IP in it, but in pool/main/...etc...
<sdeziel> Elagost: maybe you could paste the output you are seeing?
<JanC> is it giving the 404s as errors or as info/warnings?
<Elagost> I'm not running the upgrades from this machine; it's a totally network isolated environment on a separate machine. I'll get output soon as I can.
<Elagost> the apt-mirror server is the only one with internet access.
<Elagost> And it's aborting the upgrade because of the 404s, so pretty confident they're errors.
<sdeziel> Elagost: could you tell some of the package names that got 404?
<Elagost> 'zerofre' is one of them. It's looking for 1.0.3, and my apt mirror is hosting 1.0.2. It has the targz files and dsc files for 1.0.3, and the upgrade is requesting 1.0.3, but for some reason my mirror doesn't have the .deb for it.
<Elagost> I think there's something wrong with my apt-mirror.
<Elagost> But not sure what sort of stuff I should have in my /etc/apt/mirror.list. Just spitballing at this point, then re running apt-mirror and waiting for it to finish another 30GB at this point.
<sdeziel> Elagost: OK, zerofree was not updated recently so that rules out the hypothesis that maybe the release file was pointing to an update published after your mirror sync'ed.
<Elagost> yeah, I've repeatedly run apt-mirror today after adding new repos. Not sure what all is the recommended default.
<Elagost> can't find documentation on it.
<sarnold> I think most mirrors are using the double-rsync method
<Elagost> apt-mirror's man page: "* It never produces an inconsistend mirror including while mirroring" :)
<Elagost> Well, now I'm mirroring security.ubuntu.com as well as us.archive.ubuntu.com. That should help in some way at least.
<lordcirth> Elagost, are you sure you need a mirror? Most people who want a mirror would be better off with a caching proxy
<Elagost> lordcirth: That might be better. It was set up this way before I got here though :)
<sarnold> definitely caching proxy would be way less bandwidth
<Elagost> exactly; there are a lot of packages here that I don't need. but it's a drop in the bucket compared to some of our other servers!
<sarnold> nod, a lot of laptops could host a full archive mirror :)
<sarnold> rpi with a usb enclosure..
<Elagost> that would be awful!
 * keithzg[m] swears by apt-cacher-ng
#ubuntu-server 2019-03-02
<Deihmos> isn't there an expert install for the server?
<mason> Deihmos: You can get the alternative installer, and that's the Debian text interface.
<Deihmos> i wonder why there is a channel for server and ubuntu when they are both the same
<mason> Hang out in both for a while and the differences will emerge.
<Deihmos> the standard installer comes packed at over 3GB
<ruben23> hi there guys need help, i have a local web server and my local page URL http://1.0.2.2.0/website  --> is there a way i can access this URL by name like http://website.local like that please help
<blackflow> ruben23: you can put  "1.0.2.2   website.local"   (without parentheses) into your /etc/hosts file (and I'm assuming you typo'd the last 0)
<blackflow> ruben23: so that's /etc/hosts on your computer FROM which you want to access that hostname. alternatively you'll need a DNS server in your network configured to serve the "website.local" zone
<ruben23> blackflow: so i need local DNS server also
<blackflow> ruben23: only if you don't want to set up /etc/hosts on every computer you want to access that IP from.
<ruben23> blackflow: this host will be access by all 20 local pc they belong on the same LAN
<blackflow> Deihmos: "expert installe for the server" -- yes, use debootstrap for most expert flexibility and control.
<blackflow> ruben23: then you'll need a DNS server, and maybe you can teach your LAN resolver already, to serve that zone
<ruben23> blackflow: help me how to set this up please
<blackflow> ruben23: what exactly? several possibilities are offered
<blackflow> I'm assuming the most simplest is that you already have a LAN resolver (the gateway itself, perhaps? the router?)?
<ruben23> i have a 45 PC access a web server , with a local site, but to access it they used ipaddress of the webserver, can it be accessible by hostname only, so i need to setup a local DNS server, im not sure how to setup a local DNS server
<ruben23> yes i have a router from a Internet Provider
<blackflow> ruben23: the consult the manual of the router from your internet provider and see if you can add a zone to its DNS settings. how to do that, depends on your router and is out of the scope of this channel
<blackflow> ruben23: if it can't to that, then see if it can specify the DNS settings for the DHCP service it provider. in there you'd have to supply the IP address of the DNS server taht you'll have to set up. this DNS server will have to be both authoritative for "website.local" and a recursive resolver for all the rest.
<blackflow> I'm trying to remember if there's a simpler way, perhaps something based on avahi and no need for a central DNS...
<ruben23> blackflow: do i need a server for this DNS server.? somehow
<ruben23> i cna only see on the router is this function --> Static DNS Configuration , DDNS Configuration
<blackflow> ruben23: yes you do. but wait, I think you don't need a central DNS for  .local  and something like the avahi service
<blackflow> ruben23: okay, I had to look that up and I found some articles but for Fedora, I suppose it's possible to do this with avahi and mdns, but I've never done it and could'nt help you with that. But you have the keywords now to look up something on google yourself.
<blackflow> ruben23: another simple solution is not to use .local at all, but some real domain in your control, and just set something like  "dev.example.com"  (where example.com is the domain you own)  to point at 10.0.2.2  or whatever the LAN ip it really is, at your domain registrar or where the NS is.
<blackflow> though with mdns approach, all your PCs will have to support it as well, which shouldn't be a problem to set up, I guess
<blackflow> ruben23: ah, https://help.ubuntu.com/community/HowToZeroconf
<ruben23> Thanks a lot i will loo into tat now
<blackflow> ruben23: yeah .local is special and usable for mDNS like that.
<ruben23>  blackflow: but all the pc access that local URl are windows
<blackflow> ruben23: windows should support mdns afaik
<blackflow> ruben23: you need avahi only on the machine that hosts your website. avahi then broadcasts its mdns hostname website.local, and all the mdsn clients (of which I assume windows too) will pick that up and know where in the LAN website.local is.
<blackflow> mDNS as protocol (multicast DNS), should be supported by windows, macs and linuxes
<Delvien> runing an ubuntu-server 18.04 in a vm.. new install and getting weird network interfaces which I cant bring up (with netplan) 3 network interfaces named veth######, I only have one network device attached, how cna i get rid of these and get networking up?
<tomreyn> Delvien: "ip l" may provide more info on these virtual nics
<tomreyn> http://manpages.ubuntu.com/manpages/bionic/en/man4/veth.4.html
<Deihmos> i installing the server does not install tyhe video drivers
<Deihmos> how do i determine the driver that i need?
<blackflow> Deihmos: all the gpu drivers are probably already in the kernel. anything else are optional, out of tree drivers for nvidia and amd
<Deihmos> i don't get hw transcoding on plex when there is no desktop
<Deihmos> someone told me without the desktop, there was no dependency to install the i965-va-driver
<blackflow> Deihmos: that's VAAPI acceleration driver for intel, you can always install it if you need it
<Deihmos> how do i determine the version that i need
<blackflow> Deihmos: you probably don't need a specific version, or else you'd know already :)  just use the package provided by the distro
<Deihmos> ok
<Deihmos> blackflow: did not work. still no vaapi acceleration on the server
<Deihmos> i did apt install i965-va-driver
<kinghat> so i have my server mounted via smb share on my nix desktop. is it ok to delete files from the server through the mounted share?
<kinghat> like those deleted server files end up in my desktop trash, is that normal?
<tomreyn> how your desktop handles your delete requests depends on your desktop
<tomreyn> which i understand does not run ubuntu
<kinghat> what do you mean does not run ubuntu?
<tomreyn> you said "on my nix desktop"
<tomreyn> "nix" does not sound like "Ubuntu"
<kinghat> sorry, its ubuntu. both server and desktop.
<tomreyn> ubuntu desktop support would be in #ubuntu normally, but let's take a shortcut here: ubuntu's default file browser "naultilus" will move files to trash when deleted unless you hold down shift while doing so.
<tomreyn> and it is not generally a misguided approach to delete files off a network share. unless you still need those.
<kinghat> just seems add they end up in a different computers trash.
<kinghat> does server even have a trash?
<tomreyn> unless it runs a graphical desktop, probably not,
<tomreyn> and i don't think the file is really moved to your local computer
<tomreyn> usually what happens is that your client moves the file to a hidden /.Trash-$UID directory on the share, and adds references to that to its local trash.
<tomreyn> which then makes it look as if the file was stored in your local trash.
<tomreyn> this gives you the (crazy, IMO) user experience users may be used to from windows, but personally I find this undesirable which is why i disable this feature if i ever have to use a graphical file browser, and use it on network shares. or just hold down shift while deleting.
<kinghat> and then emptying local(desktop) trash sends signal to remove it on the share?
<tomreyn> yes
<tomreyn> that's if the network connection still works then ;-)
<kinghat> and that hidden .Trash is in root on share?
<tomreyn> i think so
<kinghat> easiest way to install new ubuntu server OS over the network?
<kinghat> probably easier as the board has IPMI.
<tomreyn> if its just a single server, the easiest approach may be to use the ipmi with remote virtual media, yes
<kinghat> how does the remote virtual media work?
<tomreyn> that's outside the scope of ubuntu support
<kinghat> kk
<kinghat> if i want static ip on the server during setup do i need to set it to manual?
<kinghat> https://irc.kinghat.info/uploads/c401cfdf4ff2f2d6/Screenshot--03-02-2019--14-03-08.png
<tomreyn> if by "static" you mean "not assigned by a local dhcp server", then yes, you will need to enter it manually.
<tomreyn> (that's unless you do a (partially or) fully automated installation, that is.
<tomreyn> i consider this installer to create broken installations, so personally i prefer the "alternative server" installer (based on debian's)
<kinghat> broken installations is no good.
<kinghat> also this is the 18.10 installer.
<tomreyn> i also don't run servers on non LTS releases
<kinghat> this is a play server so no harm.
<kinghat> thanks for the help tomreyn!
<tomreyn> you're welcome.
<kinghat> has it always been the case that you cant have uppercase characters in the server name?
<tomreyn> according to RFC 952 "No distinction is made between upper and lower case."
<tomreyn> if the installer does, it's either the result of an ubuntu / debian policy or a bug.
<tomreyn> i don't know whether it has always been this way.
<kinghat> that must be the case.
<kinghat> so what is going on here? https://irc.kinghat.info/uploads/248bc3804d712991/Screenshot--03-02-2019--14-40-00.png
<kinghat> like some cloud-init process that is just constantly running? it just started up on login.
<tomreyn> cloud-init is installed by default on ubuntu-server
<tomreyn> i also don't like how it spills all over the login screen, but can imagine that there are scenarios where this can be useful.
<tomreyn> s/login screen/login (text) prompt/
<tomreyn> it could also be a bug, not sure.
<kinghat> do i just `ctrl+c` it?
<tomreyn> dont's you have a login prompt then?
<tomreyn> you may have one but it may have scrolled off the screen. maybe try pressing enter first of all
<kinghat> if i ctrl+c it?
<tomreyn> see if that gives you a password rompt
<tomreyn> *prompt
<kinghat> i logged in and it started all that
<kinghat> ya enter gave me the user input
<tomreyn> then pressing enter probably gives you a shell prompt
<kinghat> ya it did
<tomreyn> IMO services shouldnt mess with your shell or login prompt like this, but ... oh well, you got what you paid for. you can always uninstall cloud-init, though.
<kinghat> i think i may have on the previous install. i logged out and back in and it didnt do it the second time so ð¤·ââï¸
<tomreyn> this massive output is only on the first run either way, i think.
<kinghat> probably the case
<tomreyn> the idea there is to enable you to securely login to a server via ssh
<tomreyn> not having to trust on first use
<kinghat> ya i didnt set the ssh keys during install when it asked.
#ubuntu-server 2019-03-03
<Deihmos> when you install ubuntu server the user is not added to the video group automatically but it happens if you install desktop environment
<Deihmos> that's weird
<blackflow> nothing weird about that. mostly servers are of no use for a video group. and it's handled by the display manager, also uncommon on servers.
<Deihmos> had a hard time figuring out why hardware accelerated transcoding with plex was not working
<Deihmos> since it worked fine on debian without me doing anything
<OliPicard> Howdy All.  I have a ubuntu 18.04LTS server and I've been having issues with the server displaying the following message. "Failed to connect to https://changelogs.ubuntu.com/meta-release-lts, Check you internet connection or proxy settings" I am able to curl the url from the server without any issues. Previously I had to reload my VPS with an old backup to get this message to stop.
<jelly> OliPicard: which commamd shows that message?
<OliPicard> jelly: It is triggered when logging into the server so /etc/update-motd.d/91-release-upgrade
<OliPicard> jelly: Just confirmed that this script is the one that causes the error when logging into the shell however I'm able to curl the site without issues.
<OliPicard> Ok. I've fixed it! If anyone is curious I'm happy to provide the steps. so 1. delete /var/lib/ubuntu-release-upgrader/release-upgrade-available. 2. run /etc/update-motd.d/91-release-upgrade
#ubuntu-server 2020-02-24
<lordievader> Good morning
<hwpplayer1> lordievader : Good morning
<lordievader> waveform:
<lordievader> Whoops, I meant ð
<Repox> Hello. I'm having some issues with Ubuntu 18.04 and netplan (apparently). After doing some package updates on my server, network is now unreachable. I don't have much experience with netplan and now my hosting provider stopped responding as they "don't provide software support". I've been down for the past three hours, sadly.
<lordievader> If you don't have experience with netplan you can ditch it for something you do know.
<Repox> I wasn't aware. Can I just disable it? ifupdown isn't installed currently, and because I can't get online I can't install that package.
<kiokoman> Repox: you can still create/modify /etc/network/interfaces and reboot/restart networkmanager
<Repox> kiokoman I tried adding /etc/network/interfaces and wrote a manual config and did systemctl restart systemd-networkd, but I still can't reach the network?
<weedmic> i wrote a user creation programme that prompts the details for netplan
<kiokoman> Repox: check with -> ip address <- if it's configured
<kiokoman> or try ro reboot
<deadrom> hi
<deadrom> in 18.04, what's the preferred method to create regular full backups for bare metal restore to a network storage?
<deadrom> ...of the OS
<qman__> deadrom: rsync
<lordievader> Or a frontend of rsync: dirvish
<rbasak> ahasenack: how's the MySQL my_bool change looking? Do you have any remaining packages that need fixing?
<ahasenack> rbasak: I'm https://bugs.launchpad.net/ubuntu/+source/zoneminder/+bug/1859295working on the zoneminder runtime issues now,
<ubottu> Launchpad bug 1859295 in zoneminder (Ubuntu) "zoneminder 1.32.3-2build1 does not work with MySQL 8" [Undecided,New]
<ahasenack> rbasak: maybe take a look at clickhouse?
<ahasenack> these are the two remaining ones (clickhouse and zonemindeR)
<ahasenack> rbasak: for clickhouse, I have these notes: "clickhouse: my_bool typedef wasn't enough, it failed elsewhere now. Check LP #1840938"
<ubottu> Launchpad bug 1840938 in clickhouse (Ubuntu) "Please remove clickhouse from the release pocket" [Undecided,Fix released] https://launchpad.net/bugs/1840938
<rbasak> ahasenack: OK, I'll loock at clickhouse
<ahasenack> rbasak: my build attempt from the ppa: https://launchpad.net/~ahasenack/+archive/ubuntu/mysql8-my-bool-removal/+packages?field.name_filter=clickhouse&field.status_filter=published&field.series_filter=
<cgi> anyone here who has setup a mongodb cluster recently?
<cgi> When I do IP whitelisting - how secure is that to outside attacks? I am trying to run a dabase with 3 local machines, only accessible to 192.168.*
<Ussat> How positive are you that no bad actor will ever have one of those ip's ?
<tomreyn> cgi: i would not want to run mongodb or any database on a system with an internet connected network interface without a firewall. but YMMV, in the end it all comes down to "how sensitive is this data", and what's your effort / benefit evaluation?
<rbasak> I would say that it's not just your data at risk, but your entire system.
<rbasak> Plus your hosting/connection if a system is compromised and use for abuse
<rbasak> used for abuse
<rbasak> eg. spam
<tomreyn> good point
<cgi> tomreyn, if the port is closed for outside IPs - how does one attack it?
<tomreyn> cgi: in the scenario you described, the port would not be closed to ingress traffic from the internet (unless there would be an additional firewall between the host and the internet)
<tomreyn> cgi: should vulnerabilities become known which allow for circumventing source IP address based ACLs, or should software lack such in the first place (mongodb is well known for having had this specific issue), then (or should i say in general) you'll better have network segemntation in place.
<alfatau> hi everybody. I'm planning to install a new ubuntu 18.04 server edition. Actually I'm running an old 12.04 that has been out of support since 2017. Can you advise me some free very-concise-and-practical documentation to basically learn the main differences and advantages between "legacy" administrative tools and newest one (e.g. ifconfig vs
<alfatau> netplan, apt-get vs snap, ...). My target is to have an overview of what's new and why some tools have been replaced. Then I'll deepen each new tool when needed. thank you in advance
<tomreyn> cgi: scenarios where you rely just on ACLs (but network connectivity is enabled FROM ANY) can also still be subject to traffic amplification attacks, potentially brute force attacks.
<teward> rbasak: re: your reply on 1743592 today - I think it's too late in the cycle to consider that change - if only because there may be automated log parsers that are not configured properly for this (fail2ban for instance) which will detect a v6 IP and use ip6tables which might not catch the v4 traffic properly.
<teward> I think any major fundamental change to the nginx logging mechanism in the default setup like this needs to happen way earlier in the cycle.
<teward> and not 3 days before FF
<teward> (my two cents as the nginx maintainer)
<teward> which is why I had said in the bug that we should consider that as a 20.10 change
<teward> i don't want to have to go fixing fail2ban, etc. this late in the cycle
<teward> i don't disagree it's a 'good solution' but this close to FF and this late in the cycle I think it's too late to contemplate changing default logging format for IPs.
<rbasak> teward: fail2abn is a good shout
<rbasak> Though I would argue that this is what feature freeze is for - to stop changing things like default log formats, so other tooling can have bugs in their parsing fixed, etc
<rbasak> I don't disagree with you though - it's an important consideration. I remain on the fence
<teward> good point, I don't disagree, but i'm still hesitant making this the default 3 days before FF, and because I use F2B in many environments where nginx runs, I'm reallllllll hesitant to make this change until I do heavy-duty testing in a dev environment
<teward> so I think for 20.04 I'm going to say "Let's defer the discussion of this change to 20.10, until we do more in-depth testing on how this will affect f2b and others we're aware of that parse logs for security purposes"
<teward> because I'm realllllllllllllll hesitant changing that this late in the cycle (even though it's not FF< that's still 3 days away...)
<teward> not opposed ot the discussion for 20.10 and beyond, but fully opposed to making that change for 20.04 at the moment
<teward> 'cause I want to see what F2B does with that change in place from a logging perspective - it might "just work" or it might barf hard, but I want to make sure stuff "works" for the LTS :P
<teward> rather than introduce a change and scrable to fix F2B and other Universe items (though I don't think their autopkgtests will catch it)
<rbasak> I understand
<teward> granted, I have no true say in it, but I'm thinking it's better to err on the side of caution :p
<rbasak> You absolutely do have a say
<rbasak> It'll be a collective decision
<teward> forgive E:FailToMakeSense, I'm not caffeinated yet.
<rbasak> But your opinion does weigh in
<teward> E:BusyMorning
<teward> glad to know it does :)
<cgi> is there a good place to install redis 5 for ubuntu 18.04LTS?
<pragmaticenigma> can you be more specific in your question cgi?
<pragmaticenigma> define "good place" for us
<cgi> pragmaticenigma, I can install from source. Is there a better way to get redis 5?
<pragmaticenigma> !info redis
<ubottu> redis (source: redis): Persistent key-value database with network interface (metapackage). In component universe, is optional. Version 5:4.0.9-1ubuntu0.2 (bionic), package size 3 kB, installed size 70 kB
<pragmaticenigma> cgi, redis v5 is already available in the repositories... no need to install from source
<pragmaticenigma> cgi, "sudo apt-get install redis-server" should get you up and running
<cgi> pragmaticenigma, 5:4.0.9-1ubuntu0.2 - which version is that 4.0.9? or 5.x?
<tomreyn> upstream 4.0.9
<cgi> tomreyn, is there a place I can get 5.x redis for ubuntu 18.04LTS?
<tomreyn> cgi: possibly, but not in ubuntu
<tomreyn> i believe in your ability to run a web search
<pragmaticenigma> cgi, Also, you can wait a couple months as redis 5 will be available in Ubuntu 20.04
<cgi> pragmaticenigma, is 20.04 an LTS coming out in april?
<teward> cgi: yes
<pragmaticenigma> !YY.MM | cgi
<ubottu> cgi: Ubuntu version numbers are: YY.MM (YY=release year,MM=release month). Each year sees two releases, so just specifying YY is imprecise. See also https://www.ubuntu.com/about/release-cycle
#ubuntu-server 2020-02-25
<smoser> powersj: https://bugs.launchpad.net/cloud-init/+bug/1834875/comments/88 could use someone on your team to help
<ubottu> Launchpad bug 1834875 in cloud-utils (Ubuntu) "cloud-init growpart race with udev" [Undecided,Confirmed]
 * smoser away
<cgi> Is this a good source to install redis from: https://chilts.org/installing-redis-from-chris-leas-ppa/ ?
<sarnold> if you trust chris with root on your computer, sure
<cgi> anyone here running pg inside docker on ubuntu server? preferably multiple copies in HA?
<lordievader> Good morning
<Forza> Hi. Is it possible to create a bond-interface that has both dhcp and fixed IP addresses? At the moment I am trying with Netplan and systemd-networkd, and I can't get it to work. If I specify a fixed IP together with dhcp, then only the fixed ip is used and no dhcp is attempted. if I only use dhcp4, then it works. The same if I only use fixed IP.
<lordievader> Forza: And if you set it to dhcp and manually add the fixed IP? (Not sure if networkd removes "unkown" ip addresses)
<Forza> That works
<Forza> how I did it for now. I just tested in a VM  and it works fine here. Must be something with the order I put the address in the yaml file.
<Forza> http://paste.ubuntu.com/p/TxNJYCBTn6/ this config works on test vm
<Forza> Ill try again tomorrow when back at work. thanks
<coreycb> jamespage: ovs doesn't seem happy on focal
<jamespage> coreycb: reference? whatsup
<coreycb> jamespage: openvswitch-switch fails on install. just ran into it with the ovn metadata package.
<jamespage> hmm
<teward> rbasak: powersj: thanks for working with my opinion and siding on leaving things alone for Focal for the nginx issue.  When I get time this weekend I'm going to do some testing with the default fail2ban and add the nginx enabled stanzas, and then see if it barfs on the v6-style logging
<jamespage> coreycb: odd its not starting the sub-units
<coreycb> jamespage: well ok I just tried again (hit an issue yesterday) and not seeing any problems. ignore me.
<coreycb> jamespage: neutron 2:16.0.0~b2~git2020020712.d5b33ffc77-0ubuntu2 has the ovn metadata agent and ovn-octavia-provider is in the new queue. suppose that should get seeded and MIR'd.
<jamespage> coreycb: yep
<coreycb> jamespage: I'll get the seed/MIRs going
<jamespage> coreycb: OK
<coreycb> fnordahl: ^
<jamespage> coreycb: I've seeded the require masakari packages as the MIR is almost done
<coreycb> jamespage: great, thanks
<powersj> teward, sounds good
<jamespage> cpaelzer: apologies for missing the MIR meeting - I was double booked...
<coreycb> fnordahl: you can grab python3-ovn-octavia-provider from ppa:corey.bryant/bionic-ussuri-2 and ppa:corey.bryant/focal-ussuri for now until it gets accepted into focal
<cpaelzer> jamespage: np
<fnordahl> coreycb: perfect, will take it for a spin asap
<powersj> smoser, I responded on the bug, but some help would be appreciated
<smoser> powersj: thanks. responded and hopefully clarified things.
<smoser> i think i sent you a document or some doc before I left about cloud-initrmfs-tools
<smoser> i doubt i forgot it entirely, but I dont remember the doc or where i'd find it.
<powersj> smoser, thanks for the update that helps! I figured I was missing something :)
<powersj> Since these have bugs I won't rush to get them in before FF, and can have some folks on the team look at them
<smoser> rharper: around ?
<rharper> smoser: here
<rharper> smoser: I forgot to check branch -r on cloud-utils; so I didn't see the ubuntu/devel branch there;  I can rerun the process and send a new MR/source tarball
<mwhudson> rharper, smoser: for https://bugs.launchpad.net/cloud-init/+bug/1834875 are you looking for sponsorship?
<ubottu> Launchpad bug 1834875 in cloud-utils (Ubuntu) "cloud-init growpart race with udev" [Undecided,Confirmed]
<mwhudson> rharper, smoser: i guess if one of you pushes to ubuntu/devel in the upstream repo i can upload that
<mwhudson> rharper, smoser: or i can just apply ryan's debdiff
<rharper> mwhudson: smoser can commit and upload; but he wanted server team to handle the update;  if he commits the branch; then I'll just need a sponsor to upload of smoser doesn't also upload
<mwhudson> ok
<powersj> smoser, if you are still around can you re-review https://code.launchpad.net/~waveform/ssh-import-id/+git/ssh-import-id/+merge/379351
<smoser> i dont mind uploading...
<smoser> and i can.
<smoser> i was really just looking to make sure someone else *could* do it.
<funabash1> Hi regarding ubuntu and certifications, what the most well known certification you can take ?
<tomreyn> Ubuntu Certified hardware, but you'd need to be hardware for that.
<tomreyn> for a serious answer, probably comptia and lpic
#ubuntu-server 2020-02-26
<deadevilboy> hi there guys
<deadevilboy> I am using ubuntu server on raspberry
<deadevilboy> but when I was upgrading kernel
<deadevilboy> an error occurred.. now I can't install or remove anything using apt
<sarnold> can you pastebin the terminal output of the error?
<deadevilboy> yes
<deadevilboy> ubuntu@ubuntu:/boot$ sudo apt autoremove
<deadevilboy> freed.
<deadevilboy> (--remove):
<tomreyn> !pastebin
<ubottu> For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<deadevilboy> sorry guys
<deadevilboy> I was using webchat freenode
<deadevilboy> I forgot u may be using mIRC
<deadevilboy> sarnold https://paste.ubuntu.com/p/4nvdKGcsBT/
<sarnold> wow, I don't think I've ever seen that one before
 * TJ- puts hand up ... I have!
<sarnold> EUCLEAN 117 Structure needs cleaning
<deadevilboy> I tried to remove old kernels
<deadevilboy> but the error is always the same
<sarnold> well whattayaknow...
<sarnold> TJ-: hopefully in the context of this error? :)
<TJ-> If I recall correctly its due to the 'newish' creation of the symlinks in /boot/{vmlinux,initrd.img}{,.old}
<sarnold> deadevilboy: is there anything in your dmesg about your storage? somehow I think of arms as always using sdcards and those usually seem to turn to garbage pretty quick
<sarnold>     if (!rename("$dest.$rand", $dest)) {
<sarnold> that's the syscall that failed
<deadevilboy> maybe this:  EXT4-fs error (device mmcblk0p2): ext4_lookup:1702: inode #13: comm linux-update-sy: deleted inode referenced: 2878
<deadevilboy> ?
<TJ-> deadevilboy: can you show us "pastebinit <( ls -latr /boot/ )"
<sarnold> deadevilboy: yeah that looks like it. maybe that just needs a fsck after a reboot to set everything straight; maybe it's failing media.. are there other lines in the logs that look like block storage problems?
<TJ-> deadevilboy: actually, add in the inode flag: can you show us "pastebinit <( ls -ilatr /boot/ )"
<deadevilboy> https://paste.ubuntu.com/p/FSXKjRgKB6/
<sarnold> oww
<TJ-> there's the issue, a hanging symlink from vmlinuz and no updated kernel version
<deadevilboy> https://paste.ubuntu.com/p/NBMrBZWTwR/
<deadevilboy> I guess with -i won't change the result
<deadevilboy> yes, I ran sudo apt upgrade
<deadevilboy> and was upgrading from version 1017 to 1018
<deadevilboy> then it stopped
<TJ-> deadevilboy: you'll need to run an fsck -f on that file-system
<deadevilboy> I can't remember the error
<sarnold> all those ??? bits means there's something pretty wrong
<sarnold> I don't know how to get the machine to fsck itself, maybe it'll do that when booting; if not it might be worth pulling to storage and fscking from another machine
<deadevilboy> this is a problem when using sd cards I guess
<deadevilboy> everytime the power goes off
<deadevilboy> something gets f*
<TJ-> deadevilboy: what does "mount | grep boot" report? a 'vfat' file system?
<sarnold> yeah they seem really brittle
<deadevilboy> I will have to try an M.2
<deadevilboy> or an ssd
<deadevilboy> yep, I can't fsck from here
<deadevilboy> I am connected through ssh at the moment
<deadevilboy> away from home
<deadevilboy> I will try to do it later on then
<deadevilboy> and I will give u my feedback
<TJ-> deadevilboy: you can "sudo umount /boot" then "sudo fsck -f /dev/mmcblk0p2" then "sudo mount -a"
<deadevilboy> umount: /boot: not mounted.
<tomreyn> and maybe replace some of the zeroes in the fstab pass_no column, too
<TJ-> deadevilboy: ok, so /boot/ isn't a separate FS?
<deadevilboy> I guess not
<TJ-> deadevilboy: I stick with the Raspbian distro for a reason when it comes to the Pis ... I found the Ubuntu install brittle and half-baked and hard to reason about its layout
<deadevilboy> TJ- maybe u are right
<deadevilboy> when there is a new update
<deadevilboy> something may get broken
<deadevilboy> using raspbian, everything is tested for raspberry
<TJ-> The whole Ubuntu-core vs regular Ubuntu confused me for some reason, and that is HARD to do :P
<TJ-> We're deploying lots of Pis as office automation controllers, with ZigBee etc., and Raspbian is much more stable and predictable
<deadevilboy> I will follow TJ- advice
<deadevilboy> thks guys
<deadevilboy> for everything
<sarnold> bye deadevilboy :)
<deadevilboy> sarnold ;)  thank u
<lordievader> Good morning
<ferrus> Hi.  Is anyone online with experience installing Ubuntu to multipath volumes?
<ferrus> Was referred here from the main #ubuntu channel
<ferrus> I'm trying to install Ubuntu onto a diskless Cisco UCS blade, with a multipath FC SAN boot volume presented to it.  This has worked fine for RHEL/CentOS many times - but the Ubuntu installer doesn't appear to natively detect multipath.
<mwhudson> ferrus: which version?
<ferrus> 18.04.4.  Veeam (Enterprise backup product) have started supporting XFS with fast clones, and they're only recommending Ubuntu for it - not RHEL/CentOS, because of the release schedules.
<ferrus> I've installed Ubuntu a thousand time at home and on work VMs, and RHEL/CentOS a lot at work - but this is my first Ubuntu Bare-Metal install.
<mwhudson> ferrus: hm well it ought to work but it's very late for me :/
<mwhudson> ferrus: could you try the latest focal daily from http://cdimage.ubuntu.com/ubuntu-server/daily-live/pending/?
<mwhudson> ferrus: not necessarily to install but to see if the disks show up at least
<mwhudson> ferrus: oh wait, don't think multipath-tools is installed by default in bionic
<mwhudson> ferrus: open a shell and "sudo apt install multipath-tools; sudo systemctl restart snap.subiquity.subiquity-service.service" and see if that helps?
<ferrus> Sorry - got disconnected.  Back online.
<lordievader> Last time I tried the server install (long time back, mind you) the alternate version had much more tools along this line. As in LVM wasn't supported by the regular installed, in the alternate version it was supported.
<ferrus> Yeah - I've already dropped down from the desktop installer because of LVM.  I could understand the lack of multipath on a desktop home installer (though not necessarily manual LVM config) - but it's a suprising ommision on an installer sepcifically marked as 'server'.
<ferrus> I followed the - brief, instruction here - https://ubuntu.com/server/docs/device-mapper-multipathing-setup, and put 'install disk-detect/multipath/enable=true' in the boot options, but it doesn't appear to make any difference.  There's no /dev/mapper/mpath volumes presented, they still appear as four distinct devices.
<ferrus> I've not much experience with editing the boot options though - so I'm not sure of I've got the syntax/placement correct.
<lordievader> <ferrus "Yeah - I've already dropped down"> Are you now using the 'live-server' image or the 'server' image? (http://cdimage.ubuntu.com/releases/19.10/release/)
<ferrus> Good point - let me check ...
<ferrus> Aha - just checking the differences between the two ISO's, and this is in the release notes - "N.B., If you require multipath you will want to continue to use the alternate installer"
<ferrus> Good find - thanks!
<lordievader> Hey, there you go ð
<unrecovered> heya! i have an odd problem. i'm trying to set up an ubuntu 16.04 on a virtual machine. host is fedora, networking is done via bridge. so my problem is that ubuntu cannot get an IP. i have several CentOS7 vms on this host and they work fine, so i kind of puzzled what the issue could be
<unrecovered> VM is qemu
<cpaelzer> unrecovered: if you log into the guest console and explicitly refresh dhcp like "sudo dhclient -r" what does it get/report?
<cpaelzer> also if you happen to have control about your dhcp server it is often useful to trace the log there - e.g. check if the dhcp request is coming in and if it is answered
<unrecovered> cpaelzer i tried manually start dhclient and result is the same - it cannot get address
<unrecovered> though if i manually assign address it seem to work somehow
<cpaelzer> unrecovered: so do you have control (or know the admin who does) of the dhcp server and check if the request arrives there?
<unrecovered> i have control over dhcp but i highly doubt any request ever reached it... never hurt to check though
<unrecovered> ...no, nothing
<cpaelzer> ok so nothing reaches dhcp, does the guest say it has a link (throw 'ip link' and 'ip addr' to a pastebin maybe)?
<unrecovered> can i throw a screenshot? no network on it (:
<cpaelzer> sure
<cpaelzer> I mean we just compar the common things one by oen -  a screenshot will do as well
<unrecovered> https://ibb.co/54fpkB8 this one is from ifup
<unrecovered> cpaelzer https://ibb.co/qMSJxzm ip addr
<unrecovered> cpaelzer https://ibb.co/RpMvsYB ip link
<unrecovered> i'm not fully familiar with ubuntu networking - i'm more of a rhel guy :D  can something block those requests? or can there be some default routes or something?
<cpaelzer> not in a default install
<cpaelzer> and nothing on your screenshots looks suspicious yet
<unrecovered> problem seem really odd, since i can manually add an address and it kind of works
<cpaelzer> and I assume on the host/bridge side it is bridged "the same" as the other guests?
<unrecovered> of course
<cpaelzer> lbivirt can add iptables rules to things, but I don't see why it would do so different for this particular guest
<unrecovered> no iptables rules on a guest...
<cpaelzer> the ones by libvirt woudl be on the host
<cpaelzer> I'd not expect any on the guest
<unrecovered> hum
<unrecovered> let's see
<unrecovered> damn that firewalld makes iptables unreadable :D
<cpaelzer> I'm on the run soon, but the next step in debugging would be to assign it to libvirts default network instead of the bridge
<cpaelzer> in case it works there you can ignore the guest portion and focus on the host (at least)
<unrecovered> ah
<unrecovered> cpaelzer damn, dns also won't work... =\
<unrecovered> something's fishy
<coreycb> jamespage: thoughts on adding libvirt-qemu to the nova group?
<coreycb> jamespage: that would allow libvirt to access /var/lib/nova/instances and we can keep the umask tight
<coreycb> might be brittle with other hypervisors though
<jamespage> coreycb: in principle I think that's fine
<jamespage> would we add that from nova-compute-libvirt?
<jamespage> might be tricky as I think the libvirt daemon runs as a specific group
<jamespage> but probably do-able still
<coreycb> jamespage: I think we could do it in nova-compute-libvirt.postinst
<jamespage> +1
<teward> rbasak: powersj: fail2ban doesn't have any default nginx logging enabled, but it has some patterns in there that should "just work" given that <HOST> still works.  I have not tested IPv6 *but* the system seems like it was able to convert ::ffff:1.2.3.4 into 1.2.3.4 for the banlist and properly added it to `iptables` directly (not `ip6tables`).  Forgot that I don't have v6 enabled on my containers in testing so I'm going ...
<teward> ... to set up a test subnet with IPv6 on my system here to actually *test* if it works right for v6
<teward> rbasak: powersj: this is *with* sdeziel's suggestion in place
<teward> so specifically wrt f2b this 'should work' sdeziel's suggestion
<teward> not making any suggestions to change 20.04 just giving you research results so far
<powersj> teward, nice - thanks for the update
<teward> PITA to get configured right
<teward> but otherwise... :P
<rbasak> Thanks!
<sdeziel> yeah, thanks, might worth adding to the LP
<teward> sdeziel: currently digging into my email gateway so can't check atm
<teward> or add to it
<teward> (E:EmailDead)
<sdeziel> I just checked and logcheck doesn't have rules for nginx so it wouldn't cause any spam due to those embedded v4 in v6 ;)
<shubjero> Anyone know how to roll back a package update in Ubuntu 18.04? For example I upgraded to neutron-common 14.0.4-0ubuntu1~cloud1 from 14.0.2-0ubuntu1~cloud0 and would like to go back. This was just a testing system. I tried "apt-get install neutron-plugin-ml2=14.0.2-0ubuntu1~cloud0" but that doesnt seem to work.
<shubjero> Maybe you know coreycb ? :)
<shubjero> I came across this bug which has coreycb's name all over it: https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1859649
<ubottu> Launchpad bug 1859649 in Ubuntu Cloud Archive "networking disruption on upgrade from 14.0.0 to 14.0.3" [Undecided,Confirmed]
<shubjero> The jist of it is the control plane must not be running an older minor version of neutron.
<coreycb> shubjero: that should work, what you tried
<shubjero> I get "E: Version '14.0.2-0ubuntu1~cloud0' for 'neutron-plugin-ml2' was not found"
<coreycb> shubjero: for the bug I think server-side just needs to get upgraded before client-side
<shubjero> coreycb: yeah I was just trying to proactively test some updates im applying to the whole cluster tomorrow.. i like to test on a vacant/test compute node beforehand..
<coreycb> shubjero: ah right because 14.0.2 isn't available anymore once you update your cache
<shubjero> yeah, shit out of luck
<shubjero> repo's dont keep that version at all?
<shubjero> I should rethink my package management strategy, haha
<coreycb> shubjero: not ideal at all but if you really needed to you could get debs from the staging PPA https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/stein-staging/+packages?field.name_filter=neutron&field.status_filter=superseded&field.series_filter=
<shubjero> that could come in handy here, thanks coreycb
<sarnold> shubjero: if the archives have removed the version you were using, check /var/cache/apt/archives -- you may still have the old version laying around
<theborger> hello guys need help. trying to add a second nic card to 18.04 and setup bonding. but i cant get the 2nd nic card to show up in ifconfig. all the googling says to issue auto "InterfaceName" that does not work
<sarnold> that sounds a bit like an /etc/network/interfaces directive, but 18.04 LTS uses netplan to render systemd-networkd configuration by default, no? did you disable that?
<theborger> i have not done anything. like i said all the sites say to issue auto "InterfaceName"
<genii> !netplan
<ubottu> Netplan is a network configuration abstraction renderer which uses YAML descriptions of a network to work with either a NetworkManager or Systemd-networkd "renderer". More information at https://netplan.io/
<oerheks> https://netplan.io/examples#configuring-interface-bonding ~~~ https://www.snel.com/support/how-to-set-up-lacp-bonding-on-ubuntu-18-04-with-netplan/
<theborger> oerheks: that first link is what i am using for the bonding. but when i issues the clear && echo command only one interface shows up
<theborger> enp0s25
<theborger> lotec25@hellgate_dell:~$
<sarnold> you may need to use ip l to see the other nic
<theborger> that is what i get with the command
<sarnold> what does ip l say?
<theborger> so i just add the 2 interfaces enp0s25 and enp2s0 ?
<oerheks> does lspci give a clue?
<sarnold> heh, that guide assumes there are exactly two NICs on the machine. not a great guide.
<theborger> https://pastebin.com/GgjkUWhg
<theborger> so i just set it up with those 2 interfaces? right?
<oerheks> the interface is just down.
<theborger> oerheks: how can i bring it up?
<theborger> that is what i was trying to do
<theborger> it all has to be through netplan?
<sarnold> if you choose to write systemd-networkd configs yourself, or use ifupdown, you'll have to make sure netplan doesn't overwrite your configs; and there's a handful of packages that don't work with ifupdown
<theborger> ok ill follow this guide see if i can get it working
<theborger> one ?
<theborger> do i need to set the card up first before doing the bonding?
<sarnold> I don't have enough network equipment to do bonding myself, but I think you don't set up the individual nics, just set up the bond
<theborger> ok
#ubuntu-server 2020-02-27
<theborger> so there is already a .yaml file in /etc/netplan do i leave that or just make a new and ignore the old? or removed the one there and create myown?
<kaleido> theborger: you can either make a new one with the additional markup or you can make a new one and remove the old.
<theborger> ok bonding is working took a bit
<theborger> thanks for the help guys
<sarnold> theborger: yay :)
 * genii breaks out the coffee and cookies
<theborger> i had to get naked cut off chicken heads and dance around a fire shouting love to the Linux Gods but its done
<theborger> :D
 * sarnold has images of chickens wearing clothes
<theborger> i reworded an old Dell D755 i had. added a raid card and new drives.  Now i got 5.2tb of extra storage
<theborger> waiting on memory still. she is running like a champ now
<cgi> My nginx server just died. The error log says: https://paste.ubuntu.com/p/fQSdcs4h5Q/ - any ideas on how to debug this. My certbot cretificates just renewed today it seems. (89 days to expiry)
<sarnold> did you happen to change anything on the nginx or the upstream server recently?
<cgi> sarnold, nope
<cgi> sarnold, the certbot renewed the cretificate today - that i noticed. But they are valid
<sarnold> cgi: how about logs in the upstream server?
<lordievader> Good morning
<Ussat> anyone here running their ansible master on Ubuntu ? have you updated to the latest ansible ? I have not been able to get it with the PPA, but on my mac with pip it updated fine, just wondering if there is an issue with the PPA ?
<oerheks>  rfkill list/clear
<ChmEarl> anyone tried the xen-4.11 build in 20.04? is the hypervisor still broken in legacy boot?
<pragmaticenigma> ChmEarl: 20.04 isn't released yet... support and bugs should be done in #ubuntu+1
<ChmEarl> pragmaticenigma, yes, thanks ... I noticed some of the xen package team here in channel
<rharper> smoser: around?  were you going to upload cloud-utils 0.31-7 with the flock fix to focal ?
<smoser> rharper: yeah, i can do that
<rharper> smoser: thanks !
<smoser> done.
<powersj> smoser, thanks for the help this week
<osmanlicilegi> any sponsor around?
<lotuspsychje> osmanlicilegi: the scope of this channel is ubuntu server support
#ubuntu-server 2020-02-28
<theborger> anyone around that could give me a bit of help again please?
<theborger> setting up ssh config file. and want to make it so i dont have to type out the whole line to do X over ssh not sure how to do it
<lordievader> Good morning
 * lordievader sent a long message:  < https://matrix.org/_matrix/media/r0/download/matrix.org/cEqKYXdXGuvITQcspHqlRZPe >
<Forza> Hi. :)
<Forza> I have set up lio iscsi with fileio. Seems to work good so far. One client rebooted, but the iscsi session seems to remain open. Is there a way to kill a stale client from LIO target side?
<mcclurken> Greetings All, I am evaluating if we should continue to use the default swap file versus a logical swap volume. Ubuntu is new in our environment and the swap file us unusual relative to the other Linux servers. Before I abandon the file implementation I am wondering if there's a good reason for using a swap file instead of a partition or LV? Canonical must've had a reason for it?
<sdeziel> mcclurken: flexibility and ease of use are the main reason I guess (I'm not working for Canonical)
<rbasak> I'm not sure I know the underlying reason, but a file is far more flexible. Snap :)
<rbasak> eg. changing the size of the swap later is easy
<mcclurken> Okay, I kind of guessed that but wasn't sure. I'm trying to not change too much of the default so I'm continuing with the file. So far the biggest issue is with training of the lower level teams. Thanks for the responses.
<rangergord> What tool do you guys recommend for recording information about a Linux system, like CPU and memory usage, network and disk I/O, ideally per-process? Something relatively lightweight, this is for a low-power server. I've found a few by googling but I'm asking for recommendations. It's meant for logging on an embedded server, so interactive tools like top don't help. The goal is that if I need to do some
<rangergord> troubleshooting or post-mortem one day, I have as much information as possible available. Like I'm told "it behaved weirdly Saturday at 2AM", then I can use these metrics to assist me in my analysis. For example I could see that some faulty process was pegging the CPU.
<tds> atop maybe?
<rangergord> tds: it's really for logging for post-mortem analysis of an embedded system, not interactive tools
<rangergord> parsing the output of various Linux commands is how I did it before, but surely that's not how real sysadmins do it?
<rangergord> There's stuff like collectd...but I'm asking for recommendations
<tds> atop keeps its own records, so you can step back through what happened at various times, etc
<rangergord> ah, ok, let me try
<rangergord> tds: that does seem nice! I can open a past history file and navigate through it. I wish the file output format was something that could be graphed without an atop-specific parse script, but this is great
<rangergord> tds: seriously you made my day. I thought atop was just another one of those redundant interactive tools
<rangergord> found the parseable flag. it's no JSON but it'll do
<supayoshi> Cannot run samba 4.11+ on Ubuntu 18.04?
<supayoshi> Unless dockerized?
<oerheks> indeed, bionic gives 4.7 https://launchpad.net/samba/+packages
<oerheks> samba team ppa is not active https://launchpad.net/~samba-team/+archive/ubuntu/ppa
<supayoshi> any real advantages over samba 4.7 to 4.11?
<oerheks> security fixes should be backported
<oerheks> so no, not newer features i guess
<supayoshi> thnx
<lordcirth> Having a bizarre problem. We have a script that creates daily log directories. It runs from the crontab of 'www-logs'. If I run it as www-logs manually, it works. If I set it to run from cron every minute, it works. But if it runs every day, or every hour, it doesn't do anything.
<lordcirth> I was sure it was a cron env thing, until I set it to all '*' and it ran.
<mcclurken> The newer samba has some new features like Apple time capsule support. I was using it on Fedora before I switched to Ubuntu. I looked at putting all the samba bits in docker but decided I didn't care about the Mac backups that much. The good news is I checked the 20.04 nightlies and a new enough version to have the time capsule stuff is in there. So it is close.
<ahasenack> mcclurken: 20.04 has the latest stable version at this time, 4.11.6
<mcclurken> ahasenack, yes and that is just one reason I'm excited for 20.04 around the corner. I think the version I need is 4.8x but I do not recall exactly. 4.11.6 is even better.
<ahasenack> 4.12 won't make it, unless there is a compelling reason. Feature freeze was yesterday, and I barely got 4.11.6 in
#ubuntu-server 2020-02-29
<okdana> hello, i'm getting a subiquity crash every time i try to install 18.04.4
<okdana> i've reported it here: https://bugs.launchpad.net/subiquity/+bug/1844118/comments/3
<ubottu> Launchpad bug 1844118 in subiquity "crash on edit logical partition" [Undecided,Expired]
<okdana> but i was hoping someone might have some work-around ideas...?
<mwhudson> okdana: ugggh can MBR please die
<mwhudson> okdana: looks like a bug, hopefully a simple fix
<mwhudson> okdana: commented on the bug but could you try a focal daily from http://cdimage.ubuntu.com/ubuntu-server/daily-live/pending/? it will probably fail to but the crash file should be saved to the usb stick you are installing from with focal
<okdana> oh, sorry, i was experimenting with it
<okdana> i've been using a dvd, but i'll find a usb stick somewhere
<mwhudson> okdana: oh wow you actually wrote the iso to optical media?
<mwhudson> okdana: i've been assuming noone does that any more, good to know that's not true i guess
<okdana> yes, i have been reliving the bad old days trying to get this set up to triple-boot with xp
<okdana> it's been an ordeal
<mwhudson> okdana: did you try the desktop installer?
<mwhudson> not sure if that's going to be better for this, different at least
<okdana> yes, but the desk-top installer's partitioning thing uses base-10
<okdana> so when i try to edit the partitions, it thinks i'm trying to resize them, because they're not exactly the same
<okdana> or at least that's how it seems
<okdana> now that i finally have my two windows partitions installed correctly, all of the alignment is right, &c., i don't really want to say yes to the scary warning it gives me about resizing them to find out if it's actually trying to do that or if it just says that
<mwhudson> ah
<mwhudson> yeah that doesn't sound fun
<mwhudson> okdana: alternative approach, switch to a shell and run sudo probert | pastebinit
<okdana> had to apt install probert
<okdana> then when i run it it crashes
<okdana> 'NetworkInfo' object has no attribute 'ip'
<mwhudson> oh sorry subiquity.probert
<mwhudson> hm no
<mwhudson> probert should work in a live session
<okdana> subiquity.probert works but i don't see any of the crash information
<okdana> is that expected
<mwhudson> no
<mwhudson> but i see the same and i don't quite know what's going on
<mwhudson> probert is installed (and working) in the focal iso though
<okdana> k
<okdana> almost done with that
<mwhudson> anyway, i've read the code now and i think https://github.com/CanonicalLtd/subiquity/pull/640 is the fix
<okdana> that does seem promising
<okdana> i also noticed in the filesystem model that it unconditionally subtracts GPT_OVERHEAD
<okdana> idk if that's an issue
<okdana> https://github.com/CanonicalLtd/subiquity/blob/master/subiquity/models/filesystem.py#L616
<okdana> it's only 2 MiB or whatever so maybe it doesn't matter
<okdana> is there any way i can apply your patch to a running system? i was trying to figure out how to overlay-mount over the snap thing but i didn't have any luck
<mwhudson> oh yeah i guess that's possibly an issue
<mwhudson> you can bind mount things over /snap/subiquity or whatever but it's very tedious
<mwhudson> okdana: i'm building a snap, i'll publish it to a branch and you can refresh to it, will take a couple minutes
<okdana> cool, ty
<mwhudson> okdana: snap refresh --channel edge/lp1844118 subiquity
<okdana> i should do that on the focal one?
<mwhudson> either
<okdana> it doesn't crash any more
<okdana> i had already deleted my final 'remainder' partition to see if that'd clear the issue
<okdana> so i don't think that confirms anything about GPT_OVERHEAD
<okdana> i think it's good with the way i had it though, it's taking me through all of the package settings and stuff
<mwhudson> okdana: yeah i guess the mbr overhead is lower, should probably account for that too
<mwhudson> (this is all a bit stupid because we don't allow editing the size of the partitions or even adding more partitions to an existing one)
<mwhudson> anyway sounds like this PR helps (and it makes sense too)
<okdana> yeah i have to say it's been a bit frustrating with the base-10 thing and having to set it up separately with parted and stuff
<okdana> normally when i install ubuntu i use up the whole disk so i haven't had to deal with it before
<okdana> i agree that it helps though
<okdana> thank you very much for helping me so quickly
<mwhudson> okdana: thanks for testing the fix!
<okdana> for sure
 * mwhudson afk for a while
<sanekmin> pls, help!
<sanekmin> I need disable apt-get because he autostarting and use cpu
<sanekmin> i starting webmin and webmin starting apt-get -_-
<IsntFunny> Hey everyone! What's the goto way to set a dns server in ubuntu 19.10?  resolv.conf -> ../run/systemd/resolve/stub-resolv.conf and nmcli says all connections are unmanaged
#ubuntu-server 2020-03-01
<ncuxo> Hey guys what software would you suggest for a full system host backup with VMs and everything (everything should be backed up on another device thru the LAN)
<ncuxo> I want to have something like a snapshots
<ncuxo> of different state of the system with a backlog of 1 month
<Havenstance> so, I'm well aware what I'm about to ask may not be the best practice in the world, but I want to setup an RPI for playing around with, and rather than have to flash that SD card all the time, is there any way to have the PC mount /boot and / from a samba share? I'm asking here because I may transition my Ubuntu Laptops to this same setup
<kiokoman> you can Network boot your Raspberry Pi but idk, it's not exactly ubuntu-server related
<kiokoman> Havenstance: https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md
<Havenstance> kiokoman, yeah I was looking for something I could eventually apply to my ubuntu automation server
<Havenstance> that way should something break, I can open the directories in realtime and view what's happening with the logs. I have like 10tb of storage space, but that particular server doesn't have much HDD space and i'm finding logs are filling drives quick
